[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] How do I sign the results of grub2-mkinstall on efi system?

On Thursday, 7 July 2016, 11:56:42 EDT, jim burns wrote:

> On Thursday, 7 July 2016, 10:52:24 EDT, jim burns wrote:

> > Pls cc: me as I am not on the list.

> >

> > I reinstalled my boot loader twice because I was tired of getting

> > "multiboot module not found", and having to edit /etc/grub.d/20_linux_xen

> > to insmod it. (The 2nd time was because apparently you not only have to

> > use the --efi- directory option, but also the --boot-directory option to

> > get all the modules on the ESP partition.)

> >

> > This is a fresh install of Fedora 24. First minor problem, that I will

> > live

> > with, is originally grub2 looked for modules in EFI/fedora/x86_64 on the

> > ESP. After the reinstall tho', the --boot-directory=[dir] uses the

> > specified dir to install a grub2 subdir, making the modules in

> > EFI/grub2/x86_64. It works, but I'd love to know how Fedora got the subdir

> > name overriden.

> >

> > The real problem is that I can't boot into anything, even the grub2 menu,

> > with Secure Boot on, so something is not being signed. Any body have any

> > ideas?

> >

> > Thx.


> BTW, despite saying it in my thread title, I used grub2-install.


> I did notice the grub2-mkimage command has a --pubkey=FILE option, but no

> idea what FILE could be. Also don't know what to specify for --config=FILE

> or -- memdisk=FILE. At least it's --prefix option is more flexible.





The above link explains most of the options to grub2-mkimage, since that command is used to create a pvgrub2 bootloader / kernel. I still need to know what to specify for --pubkey=FILE, so I can go back to Secure Boot on.


Xen-users mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.