Systemd-boot: Difference between revisions
(→Installation using XBOOTLDR: that's a partition type GUID, not a partition GUID) |
(→Manual entry using efibootmgr: use long form and add '--verbose'; the short form is too cryptic and without verbose, the loader path cannot be verified) |
||
(7 intermediate revisions by 4 users not shown) | |||
Line 295: | Line 295: | ||
If the {{ic|bootctl install}} command failed, you can create a EFI boot entry manually using {{Pkg|efibootmgr}}: | If the {{ic|bootctl install}} command failed, you can create a EFI boot entry manually using {{Pkg|efibootmgr}}: | ||
# efibootmgr - | # efibootmgr --create --disk /dev/sd''X'' --part ''Y'' --loader "\EFI\systemd\systemd-bootx64.efi" --label "Linux Boot Manager" --verbose | ||
where {{ic|/dev/ | where {{ic|/dev/sd''XY''}} is the [[EFI system partition]]. | ||
{{Note|The path to the EFI image must use the backslash ({{ic|\}}) as the separator}} | {{Note|The path to the EFI image must use the backslash ({{ic|\}}) as the separator}} | ||
Line 318: | Line 318: | ||
== See also == | == See also == | ||
* | * https://www.freedesktop.org/wiki/Software/systemd/systemd-boot/ | ||
* https://github.com/systemd/systemd/tree/master/src/boot/efi | * https://github.com/systemd/systemd/tree/master/src/boot/efi | ||
* https://bbs.archlinux.org/viewtopic.php?id=254374 | * https://bbs.archlinux.org/viewtopic.php?id=254374 | ||
* https://systemd.io/BOOT_LOADER_SPECIFICATION/ | * https://systemd.io/BOOT_LOADER_SPECIFICATION/ |
Revision as of 11:15, 16 August 2020
systemd-boot, previously called gummiboot (German for: 'rubber dinghy'), is a simple UEFI boot manager which executes configured EFI images. The default entry is selected by a configured pattern (glob) or an on-screen menu to be navigated via arrow-keys. It is included with systemd, which is installed on an Arch system by default.
It is simple to configure but it can only start EFI executables such as the Linux kernel EFISTUB, UEFI Shell, GRUB, or the Windows Boot Manager.
Installation
Installing the EFI boot manager
To install the systemd-boot EFI boot manager, first make sure the system has booted in UEFI mode and that UEFI variables are accessible. This can be checked by running the command efivar --list
or, if efivar is not installed, by doing ls /sys/firmware/efi/efivars
(if the directory exists, the system is booted in UEFI mode).
esp
will be used throughout this page to denote the ESP mountpoint, e.g. /boot
, or /boot/efi
, or /efi
. This assumes that you have chroot
ed to your system's mount point.
With the ESP mounted to esp
, use bootctl to install systemd-boot into the EFI system partition by running:
# bootctl install
This will copy the systemd-boot boot loader to the EFI partition: on a x64 architecture system the two identical binaries esp/EFI/systemd/systemd-bootx64.efi
and esp/EFI/BOOT/BOOTX64.EFI
will be transferred to the ESP. It will then set systemd-boot as the default EFI application (default boot entry) loaded by the EFI Boot Manager.
To conclude the installation, configure systemd-boot.
Installation using XBOOTLDR
As of version 242 of systemd, a separate boot
partition can be created and used during boot. This will keep your kernel and initramfs seperate from the esp
partition.
Create an esp
as normal and then create another partition for boot
on the same physical drive. The size of boot
should be enough to accommodate all of the kernels you are going to install.
boot
must have a partition type GUID of "bc13c2ff-59e6-4262-a352-b275fd6f7172"
, i.e. "Linux extended boot"
.
During install mount esp
to /mnt/efi
and boot
to /mnt/boot
.
Once in chroot use the command:
# bootctl --esp-path=/efi --boot-path=/boot install
To conclude the installation, configure systemd-boot.
Updating the EFI boot manager
Whenever there is a new version of systemd-boot, the boot manager can be optionally reinstalled by the user. This can be performed manually or the update can be automatically triggered using pacman hooks. The two approaches are described thereafter.
Manual update
bootctl must be used to update systemd-boot.
# bootctl update
If the ESP is mounted on a different location, check the man page for the options --esp-path=
and --boot-path=
.
bootctl --esp-path=esp install
.Automatic update
The package systemd-boot-pacman-hookAUR provides a Pacman hook to automate the update process. Installing the package will add a hook which will be executed every time the systemd package is upgraded.
Alternatively, to replicate what the systemd-boot-pacman-hook package does without installing it, place the following pacman hook in the /etc/pacman.d/hooks/
directory:
/etc/pacman.d/hooks/100-systemd-boot.hook
[Trigger] Type = Package Operation = Upgrade Target = systemd [Action] Description = Updating systemd-boot When = PostTransaction Exec = /usr/bin/bootctl update
Configuration
Loader configuration
The loader configuration is stored in the file esp/loader/loader.conf
. The following settings can be specified:
default
– default entry to select as defined in #Adding loaders; it can be a wildcard likearch-*.conf
.timeout
– menu timeout in seconds before the default entry is booted. If this is not set, the menu will only be shown onSpace
key (or most other keys actually work too) press during boot.editor
– whether to enable the kernel parameters editor or not.yes
(default) is enabled,no
is disabled; since the user can addinit=/bin/bash
to bypass root password and gain root access, it is strongly recommended to set this option tono
if the machine can be accessed by unauthorized persons.auto-entries
– shows automatic entries for Windows, EFI Shell, and Default Loader if set to1
(default),0
to hide;auto-firmware
– shows entry for rebooting into UEFI firmware settings if set to1
(default),0
to hide;console-mode
– changes UEFI console mode:0
for 80x25;1
for 80x50;2
and above for non-standard modes provided by the device firmware, if any;auto
picks a suitable mode automatically;max
for highest available mode;keep
(default) for the firmware selected mode.
random-seed-mode
- controls whether to read the random seed from the fileesp/loader/random-seed
. If set towith-system-token
(default), it loads the seed from file only if the EFI variableLoaderSystemToken
is set; if set toalways
, it loads the seed from file even if the EFI variable is unset; and if set tooff
, the file is ignored.
For a detailed explanation of the available settings and their corresponding arguments see the loader.conf(5) manual. A loader configuration example is provided below:
esp/loader/loader.conf
default arch.conf timeout 4 console-mode max editor no
default
andtimeout
can be changed in the boot menu itself and changes will be stored as EFI variablesLoaderEntryDefault
andLoaderConfigTimeout
, overriding these options.bootctl set-default ""
can be used to clear the EFI variable overriding thedefault
option.- A basic loader configuration file is located at
/usr/share/systemd/bootctl/loader.conf
.
Adding loaders
systemd-boot will search for boot menu items in esp/loader/entries/*.conf
and additionally in boot/loader/entries/*.conf
if using XBOOTLDR.
The possible options are:
title
– operating system name. Required.version
– kernel version, shown only when multiple entries with same title exist. Optional.machine-id
– machine identifier from/etc/machine-id
, shown only when multiple entries with same title and version exist. Optional.efi
– EFI program to start, relative to your ESP (esp
); e.g./vmlinuz-linux
. Either this parameter orlinux
(see below) is required.options
– command line options to pass to the EFI program or kernel parameters. Optional, but you will need at leastroot=dev
if booting Linux. This parameter can be omitted if the root partition is assigned the correct Root Partition Type GUID as defined in Discoverable Partitions Specification and if thesystemd
mkinitcpio hook is present.
For Linux boot, you can also use linux
instead of efi
. Or initrd
in addition to options
. The syntax is:
linux
andinitrd
followed by the relative path of the corresponding files in the ESP; e.g./vmlinuz-linux
; this will be automatically translated intoefi path
andoptions initrd=path
– this syntax is only supported for convenience and has no differences in function.
options
is present in a boot entry and Secure Boot is disabled, the value of options
will override any .cmdline
string embedded in the EFI image that is specified by efi
or linux
(see #Preparing a unified kernel image). With Secure Boot, however, options
(and any edits made to the kernel command line in the bootloader UI) will be ignored, and only the embedded .cmdline
will be used. An example of a loader file to launch Arch from a partition with the label arch_os and loading the Intel CPU microcode is:
esp/loader/entries/arch.conf
title Arch Linux linux /vmlinuz-linux initrd /intel-ucode.img initrd /initramfs-linux.img options root="LABEL=arch_os" rw
systemd-boot will automatically check at boot time for Windows Boot Manager at the location /EFI/Microsoft/Boot/Bootmgfw.efi
, EFI Shell /shellx64.efi
and EFI Default Loader /EFI/BOOT/bootx64.efi
, as well as specially prepared kernel files found in /EFI/Linux/
. When detected, corresponding entries with titles auto-windows
, auto-efi-shell
and auto-efi-default
, respectively, will be generated. These entries do not require manual loader configuration. However, it does not auto-detect other EFI applications (unlike rEFInd), so for booting the Linux kernel, manual configuration entries must be created.
- If you dual-boot Windows, it is strongly recommended to disable its default Fast Startup option.
- If you have an Intel or AMD CPU, load the microcode with
initrd
before other images, an example is provided in Microcode#systemd-boot. - The root partition can be identified with its
LABEL
,PARTUUID
orUUID
(see Persistent block device naming). This is required only to identify the root partition, not theesp
.
- The available boot entries which have been configured can be listed with the command
bootctl list
. - An example entry file is located at
/usr/share/systemd/bootctl/arch.conf
. - The kernel parameters for scenarios such as LVM, LUKS or dm-crypt can be found on the relevant pages.
EFI Shells or other EFI apps
In case you installed EFI shells and other EFI application into the ESP, you can use the following snippets.
efi
line is relative to your esp mount point. If you are mounted on /boot
and your EFI binaries reside at /boot/EFI/xx.efi
and /boot/yy.efi
, then you would specify the parameters as efi /EFI/xx.efi
and efi /yy.efi
respectively.Examples of loading custom UEFI Shell loaders:
esp/loader/entries/uefi-shell-v1-x86_64.conf
title UEFI Shell x86_64 v1 efi /EFI/shellx64_v1.efi
esp/loader/entries/uefi-shell-v2-x86_64.conf
title UEFI Shell x86_64 v2 efi /EFI/shellx64_v2.efi
Booting into EFI Firmware Setup
Most system firmware configured for EFI booting will add its own efibootmgr entries to boot into UEFI Firmware Setup.
Support hibernation
Kernel parameters editor with password protection
Alternatively you can install systemd-boot-passwordAUR which supports password
basic configuration option. Use sbpctl generate
to generate a value for this option.
Install systemd-boot-password with the following command:
# sbpctl install esp
With enabled editor you will be prompted for your password before you can edit kernel parameters.
The following keys are used inside the menu:
Up/Down
- select entryEnter
- boot the selected entryd
- select the default entry to boot (stored in a non-volatile EFI variable)-/T
- decrease the timeout (stored in a non-volatile EFI variable)+/t
- increase the timeout (stored in a non-volatile EFI variable)e
- edit the kernel command line. It has no effect if theeditor
config option is set to0
.v
- show the systemd-boot and UEFI versionQ
- quitP
- print the current configurationh/?
- help
These hotkeys will, when pressed inside the menu or during bootup, directly boot a specific entry:
l
- Linuxw
- Windowsa
- OS Xs
- EFI Shell1-9
- number of entry
Tips and tricks
Choosing next boot
The boot manager is integrated with the systemctl command, allowing you to choose what option you want to boot after a reboot. For example, suppose you have built a custom kernel and created an entry file esp/loader/entries/arch-custom.conf
to boot into it, you can just launch
$ systemctl reboot --boot-loader-entry=arch-custom
and your system will reboot into that entry maintaining the default option intact for subsequent boots. To see a list of possible entries pass the --help
option.
If you want to boot into the firmware of your motherboard directly, then you can use this command:
$ systemctl reboot --firmware-setup
Preparing a unified kernel image
systemd-boot searches in esp/EFI/Linux/
for unified kernel images, which bundle the kernel, the init RAM disk (initrd), the kernel command line, /etc/os-release
, and a splash image into one single file. This file can be easily signed for Secure Boot.
Put the kernel command line you want to use in a file, and create the bundle file like this:
$ objcopy \ --add-section .osrel="/usr/lib/os-release" --change-section-vma .osrel=0x20000 \ --add-section .cmdline="kernel-command-line.txt" --change-section-vma .cmdline=0x30000 \ --add-section .splash="/usr/share/systemd/bootctl/splash-arch.bmp" --change-section-vma .splash=0x40000 \ --add-section .linux="vmlinuz-file" --change-section-vma .linux=0x2000000 \ --add-section .initrd="initrd-file" --change-section-vma .initrd=0x3000000 \ "/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "linux.efi"
Optionally sign the linux.efi
file produced above.
Copy linux.efi
into esp/EFI/Linux/
.
Grml on ESP
Grml is a small live system with a collection of software for system administration and rescue.
In order to install Grml on the ESP, we only need to copy the kernel vmlinuz
, the initramfs initrd.img
, and the squashed image grml64-small.squashfs
from the iso file to the ESP. To do so, first download grml64-small.iso and mount the file (the mountpoint is henceforth denoted mnt); the kernel and initramfs are located in mnt/boot/grml64small/
, and the squashed image resides in mnt/live/grml64-small/
.
Next, create a directory for Grml in your ESP,
# mkdir -p esp/grml
and copy the above-mentioned files in there:
# cp mnt/boot/grml64small/vmlinuz esp/grml # cp mnt/boot/grml64small/initrd.img esp/grml # cp mnt/live/grml64-small/grml64-small.squashfs esp/grml
In the last step, create an entry for the systemd-boot loader: In esp/loader/entries
create a grml.conf
file with the following content:
esp/loader/entries/grml.conf
title Grml Live Linux linux /grml/vmlinuz initrd /grml/initrd.img options apm=power-off boot=live live-media-path=/grml/ nomce net.ifnames=0
For an overview of the avialable boot options, consult the cheatcode for Grml.
systemd-boot on BIOS systems
If you need a bootloader for BIOS systems that follows The Boot Loader Specification, then systemd-boot can be pressed into service on BIOS systems. The Clover boot loader supports booting from BIOS systems and provides a simulated EFI environment.
Troubleshooting
Installing after booting in BIOS mode
If booted in BIOS mode, you can still install systemd-boot, however this process requires you to tell firmware to launch systemd-boot's EFI file at boot, usually via two ways:
- you have a working EFI Shell somewhere else.
- your firmware interface provides a way of properly setting the EFI file that needs to be loaded at boot time.
If you can do it, the installation is easier: go into your EFI Shell or your firmware configuration interface and change your machine's default EFI file to esp/EFI/systemd/systemd-bootx64.efi
(or systemd-bootia32.efi
depending if your system firmware is 32 bit).
Manual entry using efibootmgr
If the bootctl install
command failed, you can create a EFI boot entry manually using efibootmgr:
# efibootmgr --create --disk /dev/sdX --part Y --loader "\EFI\systemd\systemd-bootx64.efi" --label "Linux Boot Manager" --verbose
where /dev/sdXY
is the EFI system partition.
\
) as the separatorManual entry using bcdedit from Windows
If for any reason you need to create an EFI boot entry from Windows, you can use the following commands from an Administrator prompt:
# bcdedit /copy {bootmgr} /d "Linux Boot Manager" # bcdedit /set {guid} path \EFI\systemd\systemd-bootx64.efi
Replace {guid}
with the id returned by the first command. You can also set it as the default entry using
# bcdedit /default {guid}
Menu does not appear after Windows upgrade
See UEFI#Windows changes boot order.