Difference between revisions of "Systemd-boot"

From ArchWiki
Jump to: navigation, search
m (Configuring - spelling)
m (Encrypted Root Installations)
 
(192 intermediate revisions by 61 users not shown)
Line 1: Line 1:
 +
{{lowercase title}}
 
[[Category:Boot loaders]]
 
[[Category:Boot loaders]]
[http://freedesktop.org/wiki/Software/gummiboot Gummiboot] is a UEFI boot manager written by Kay Sievers and Harald Hoyer. It is simple to configure, but can only start EFI executables, the Linux kernel (with CONFIG_EFI_STUB enabled), grub.efi, and such.
+
[[de:Gummiboot]]
 +
[[es:Gummiboot]]
 +
[[ja:Systemd-boot]]
 +
[[ru:Systemd-boot]]
 +
[[zh-cn:Systemd-boot]]
 +
{{Related articles start}}
 +
{{Related|Arch boot process}}
 +
{{Related|Boot loaders}}
 +
{{Related|Unified Extensible Firmware Interface}}
 +
{{Related articles end}}
  
{{Note|
+
'''systemd-boot''', previously called '''gummiboot''', is a simple UEFI boot manager which executes configured EFI images. The default entry is selected by a configured pattern (glob) or an on-screen menu. It is included with the {{pkg|systemd}}, which is installed on an Arch system by default.
In the following steps replace {{ic|$esp}} with path to your [[UEFI#Create_an_UEFI_System_Partition_in_Linux|EFI System Partition]], which is normally mounted on {{ic|/boot/efi}} (although some users have it on {{ic|/boot}} directly).
+
}}
+
  
== Installing ==
+
It is simple to configure, but can only start EFI executables, such as the Linux kernel [[EFISTUB]], UEFI Shell, GRUB, the Windows Boot Manager, and such.
  
Install {{Pkg|gummiboot-efi}} from [extra] and copy the bootloader to the EFI partition:
+
{{Warning|''systemd-boot'' simply provides a boot menu for EFISTUB kernels. In case you have issues booting EFISTUB kernels like in {{Bug|33745}}, you should use a boot loader which does not use EFISTUB, like [[GRUB]], [[Syslinux]] or [[Boot loaders#ELILO|ELILO]].}}
  
If you are on a 64-bit UEFI system:
+
== Installation ==
# cp /usr/lib/gummiboot/gummibootx64.efi $esp/EFI/gummiboot/gummiboot.efi
+
  
If you are on a 32-bit UEFI system:
+
=== EFI boot ===
  
# cp /usr/lib/gummiboot/gummibootia32.efi $esp/EFI/gummiboot/gummiboot.efi
+
# Make sure you are booted in UEFI mode.
 +
# Verify [[Unified_Extensible_Firmware_Interface#Requirements_for_UEFI_variable_support|your EFI variables are accessible]].
 +
# Mount your [[EFI System Partition]](ESP) properly. {{ic|''esp''}} is used to denote the mountpoint in this article. {{Note|''systemd-boot'' cannot load EFI binaries from other partitions. It is therefore recommended to mount your ESP to {{ic|/boot}}. See [[#Updating]] for more information and work-around, in case you want to separate {{ic|/boot}} from the ESP.}}
 +
# Copy your kernel and initramfs onto that ESP. {{Note|For a way to automatically keep the kernel updated on the ESP, have a look at the [[EFISTUB#Using_systemd|EFISTUB article]] for some systemd units that can be adapted. If your efi partition is using automount, you may need to add {{ic|vfat}} to a file in {{ic|/etc/modules-load.d/}} to ensure the current running kernel has the {{ic|vfat}} module loaded at boot, before any kernel update happens that could replace the module for the currently running version making the mounting of {{ic|/boot/efi}} impossible until reboot.}}
 +
# Finally, Type the following command to install ''systemd-boot'': {{bc|1=# bootctl --path=''esp'' install}} It will copy the ''systemd-boot'' binary to your EFI System Partition ({{ic|''esp''/EFI/systemd/systemd-bootx64.efi}} and {{ic|''esp''/EFI/Boot/BOOTX64.EFI}} - both of which are identical - on x64 systems) and add ''systemd-boot'' itself as the default EFI application (default boot entry) loaded by the EFI Boot Manager.
  
Then add it to the boot configuration: (only needs to be done once; skip this when upgrading)
+
=== Legacy boot ===
  
# efibootmgr -c -d /dev/sd''X'' -p ''Y'' -w -L "Gummiboot" -l '\EFI\gummiboot\gummiboot.efi'
+
{{Warning|This is not the recommended process.}}
 +
You can also successfully install ''systemd-boot'' if booted with a legacy OS. However, this requires that you later on tell your firmware to launch ''systemd-boot'''s EFI file on boot:
 +
* you either have a working EFI shell somewhere;
 +
* or your firmware interface provides you with a way of properly setting the EFI file that will be loaded at boot time.
 +
{{Note|E.g. on Dell's Latitude series, the firmware interface provides everything you need to setup EFI boot, and the EFI Shell won't be able to write to the computer's ROM.}}
 +
If you can do so, the installation is easier: go into your EFI shell or your firmware configuration interface, and change your machine's default EFI file to {{ic|''esp''/EFI/systemd/systemd-bootx64.efi}} ({{ic|systemd-bootia32.efi}} on i686 systems).
  
where /dev/sd''X'' is the drive and ''Y'' is the partition number of your UEFISYS partition.
+
=== Updating ===
  
{{note|{{ic|efibootmgr}} can be used only when already booted in UEFI mode. If you do not have another UEFI bootloader set up, you can either run {{ic|gummiboot.efi}} from the UEFI Shell, or copy it to the "default" location {{ic|$esp/EFI/boot/bootx64.efi}} for x86_64 systems.}}
+
''systemd-boot'' ({{ic|man bootctl}}, {{ic|man systemd-efi-boot-generator}}) assumes that your EFI System Partition is mounted on {{ic|/boot}}. Unlike the previous separate ''gummiboot'' package, which updated automatically on a new package release with a {{ic|post_install}} script, updates of new ''systemd-boot'' versions are now handled manually by the user:
  
== Configuring ==
+
# bootctl update
  
The basic configuration is kept in {{ic|$esp/loader/loader.conf}}, with just two possible configuration options:
+
If the ESP is not mounted on {{ic|/boot}}, the {{ic|1=--path=}} option can pass it. For example:
 +
 
 +
# bootctl --path=''esp'' update
 +
 
 +
{{Note|This is also the command to use when migrating from ''gummiboot'', before removing that package. If that package has already been removed, however, run {{ic|1=bootctl --path=''esp'' install}}.}}
 +
 
 +
== Configuration ==
 +
 
 +
=== Basic configuration ===
 +
 
 +
The basic configuration is kept in {{ic|''esp''/loader/loader.conf}}, with three possible configuration options:
  
 
* {{ic|default}} – default entry to select (without the {{ic|.conf}} suffix); can be a wildcard like {{ic|arch-*}}
 
* {{ic|default}} – default entry to select (without the {{ic|.conf}} suffix); can be a wildcard like {{ic|arch-*}}
  
 
* {{ic|timeout}} – menu timeout in seconds. If this is not set, the menu will only be shown when you hold the space key while booting.
 
* {{ic|timeout}} – menu timeout in seconds. If this is not set, the menu will only be shown when you hold the space key while booting.
 +
 +
* {{ic|editor}} - whether to enable the kernel parameters editor or not. {{ic|1}} (default) is to enable, {{ic|0}} is to disable. Since the user can add {{ic|1=init=/bin/bash}} to bypass root password and gain root access, it's strongly recommended to set this option to {{ic|0}}.
  
 
Example:
 
Example:
  
{{hc|$esp/loader/loader.conf|
+
{{hc|''esp''/loader/loader.conf|
 
default  arch
 
default  arch
 
timeout  4
 
timeout  4
 +
editor  0
 
}}
 
}}
  
Note that both options can be changed in the boot menu itself, which will store them as EFI variables.
+
{{Note|The first 2 options can be changed in the boot menu itself, which will store them as EFI variables.}}
  
== Adding boot entries ==
+
=== Adding boot entries ===
  
{{note|
+
{{Note|''bootctl'' will automatically check for "'''Windows Boot Manager'''" ({{ic|\EFI\Microsoft\Boot\Bootmgfw.efi}}), "'''EFI Shell'''" ({{ic|\shellx64.efi}}) and "'''EFI Default Loader'''" ({{ic|\EFI\Boot\bootx64.efi}}). Where detected, entries will also automatically be generated for them as well. However, it does not auto-detect other EFI applications (unlike [[rEFInd]]), so for booting the kernel, manual configuration entries must be created.
If you have separate partitions for {{ic|/boot}} and {{ic|/boot/efi}}, you '''must''' copy the kernel and initramfs to the EFI partition. Gummiboot does not support loading kernels from other partitions than itself. See the section below on how to automate this.
+
If you dual-boot Windows, it is strongly recommended to disable its default [[Dual boot with Windows#Fast_Start-Up|Fast Start-Up]] option.}}
}}
+
  
Gummiboot searches for boot menu items in {{ic|$esp/loader/entries/*.conf}} – each file found must contain exactly one boot entry. The possible options are:
+
{{Tip|You can find the {{ic|PARTUUID}} for your root partition with the command {{ic|1=blkid -s PARTUUID -o value /dev/sd''xY''}}, where {{ic|''x''}} is the device letter and {{ic|''Y''}} is the partition number. This is required only for your root partition, not {{ic|''esp''}}.}}
 +
 
 +
''bootctl'' searches for boot menu items in {{ic|''esp''/loader/entries/*.conf}} – each file found must contain exactly one boot entry. The possible options are:
  
 
* {{ic|title}} – operating system name. '''Required.'''
 
* {{ic|title}} – operating system name. '''Required.'''
  
* {{ic|title-version}} – kernel version, shown only when multiple entries with same title exist. Optional.
+
* {{ic|version}} – kernel version, shown only when multiple entries with same title exist. Optional.
  
* {{ic|title-machine}} – machine identifier (usually first few letters from {{ic|/etc/machine-id}}, shown only when multiple entries with same title+version exist. Optional.
+
* {{ic|machine-id}} – machine identifier from {{ic|/etc/machine-id}}, shown only when multiple entries with same title and version exist. Optional.
  
* {{ic|efi}} – EFI program to start; e.g. {{ic|\EFI\arch\vmlinuz-linux.efi}}. '''Required.'''
+
* {{ic|efi}} – EFI program to start, relative to your ESP ({{ic|''esp''}}); e.g. {{ic|/vmlinuz-linux}}. Either this or {{ic|linux}} (see below) is '''required.'''
  
* {{ic|options}} – Command-line options to pass to the EFI program. Optional, but you will need at least {{ic|1=initrd=''efipath''}} and {{ic|1=root=''dev''}} if booting Linux.
+
* {{ic|options}} – command line options to pass to the EFI program or kernel boot parameters. Optional, but you will need at least {{ic|1=initrd=''efipath''}} and {{ic|1=root=''dev''}} if booting Linux.
  
An example entry for Arch Linux:
+
For Linux, you can specify {{ic|linux ''path-to-vmlinuz''}} and {{ic|initrd ''path-to-initramfs''}}; this will be automatically translated to {{ic|efi ''path''}} and {{ic|1=options initrd=''path''}} – this syntax is only supported for convenience and has no differences in function.
  
{{hc|$esp/loader/entries/arch.conf|2=
+
==== Standard root installations ====
 +
 
 +
Here is an example entry for a root partition without LVM or LUKS:
 +
 
 +
{{hc|''esp''/loader/entries/arch.conf|2=
 
title          Arch Linux
 
title          Arch Linux
linux          /vmlinuz-linux.efi
+
linux          /vmlinuz-linux
 
initrd        /initramfs-linux.img
 
initrd        /initramfs-linux.img
options        root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 ro
+
options        root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw
 
}}
 
}}
  
For Linux, you can specify {{ic|linux ''path-to-vmlinuz''}} and {{ic|initrd ''path-to-initramfs''}}; this will be automatically translated to {{ic|efi ''path''}} and {{ic|1=options initrd=''path''}} – this syntax is only supported for convenience and has no differences in function.
+
Please note in the example above that {{ic|PARTUUID}}/{{ic|PARTLABEL}} identifies a GPT partition, and differs from {{ic|UUID}}/{{ic|LABEL}}, which identifies a filesystem. Using the {{ic|PARTUUID}}/{{ic|PARTLABEL}} is advantageous because it is invariant (i.e. unchanging) if you reformat the partition with another filesystem, or if the {{ic|/dev/sd* }}mapping changed for some reason. It is also useful if you do not have a filesystem on the partition (or use LUKS, which does not support {{ic|LABEL}}s).
  
You can also add other EFI programs such as {{ic|\EFI\arch\grub.efi}} or {{ic|\EFI\Microsoft\Boot\Bootmgfw.efi}} (the Windows 7 boot manager). The EFI Shell, if installed, will be shown automatically.
+
==== LVM root installations ====
  
{{hc|$esp/loader/entries/shell.conf|2=
+
{{Warning|''systemd-boot'' cannot be used without a separate {{ic|/boot}} filesystem outside of LVM.}}
title          UEFI Shell
+
 
efi            /shellx64.efi
+
Here is an example for a root partition using [[LVM|Logical Volume Management]]:
 +
 
 +
{{hc|''esp''/loader/entries/arch-lvm.conf|2=
 +
title          Arch Linux (LVM)
 +
linux          /vmlinuz-linux
 +
initrd        /initramfs-linux.img
 +
options        root=/dev/mapper/<VolumeGroup-LogicalVolume> rw
 
}}
 
}}
  
== Automatic copy on update ==
+
Replace {{ic|<VolumeGroup-LogicalVolume>}} with the actual VG and LV names (e.g. {{ic|1=root=/dev/mapper/volgroup00-lvolroot}}). Alternatively, it is also possible to use a UUID instead:
 +
....
 +
options  root=UUID=<UUID identifier> rw
 +
 
 +
Note that {{ic|1=root='''UUID'''=}} is used instead of {{ic|1=root='''PARTUUID'''=}}, which is used for Root partitions without LVM or LUKS.
 +
 
 +
==== Encrypted Root Installations ====
 +
 
 +
Here is an example configuration file for an encrypted root partition ([[Dm-crypt|DM-Crypt / LUKS]]):
 +
 
 +
{{hc|''esp''/loader/entries/arch-encrypted.conf|2=
 +
title Arch Linux Encrypted
 +
linux /vmlinuz-linux
 +
initrd /initramfs-linux.img
 +
options cryptdevice=UUID=<UUID>:<mapped-name> root=/dev/mapper/<mapped-name> quiet rw
 +
}}
 +
 
 +
UUID is used in this example; {{ic|PARTUUID}} should be able to replace the UUID, if so desired. You may also replace the {{ic|/dev}} path with a regular UUID. {{ic|mapped-name}} is whatever you want it to be called. See [[Dm-crypt/System configuration#Boot loader]].
 +
 
 +
If you are using LVM, your cryptdevice line will look like this:
 +
 
 +
{{hc|''esp''/loader/entries/arch-encrypted-lvm.conf|2=
 +
title Arch Linux Encrypted LVM
 +
linux /vmlinuz-linux
 +
initrd /initramfs-linux.img
 +
options cryptdevice=UUID=<UUID>:MyVolGroup root=/dev/mapper/MyVolGroup-MyVolRoot quiet rw
 +
}}
 +
 
 +
You can also add other EFI programs such as {{ic|\EFI\arch\grub.efi}}.
 +
 
 +
==== btrfs subvolume root installations ====
 +
 
 +
If booting a [[btrfs]] subvolume as root, amend the {{ic|options}} line with {{ic|rootflags<nowiki>=</nowiki>subvol<nowiki>=</nowiki><root subvolume>}}. In the example below, root has been mounted as a btrfs subvolume called 'ROOT' (e.g. {{ic|mount -o subvol<nowiki>=</nowiki>ROOT /dev/sdxY /mnt}}):
 +
 
 +
{{hc|''esp''/loader/entries/arch-btrfs-subvol.conf|2=
 +
title          Arch Linux
 +
linux          /vmlinuz-linux
 +
initrd        /initramfs-linux.img
 +
options        root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw rootflags<nowiki>=</nowiki>subvol<nowiki>=</nowiki>ROOT
 +
}}
 +
 
 +
A failure to do so will otherwise result in the following error message: {{ic|ERROR: Root device mounted successfully, but /sbin/init does not exist.}}
 +
 
 +
==== EFI Shells or other EFI apps ====
 +
 
 +
In case you installed EFI shells and other EFI application into the ESP, you can use the following snippets:
 +
 
 +
{{hc|''esp''/loader/entries/uefi-shell-v1-x86_64.conf|2=
 +
title  UEFI Shell x86_64 v1
 +
efi    /EFI/shellx64_v1.efi
 +
}}
 +
 
 +
{{hc|''esp''/loader/entries/uefi-shell-v2-x86_64.conf|2=
 +
title  UEFI Shell x86_64 v2
 +
efi    /EFI/shellx64_v2.efi
 +
}}
 +
 
 +
{{Expansion|Add example on how to boot into EFI firmware setup.}}
 +
 
 +
=== Support hibernation ===
 +
 
 +
See [[Suspend and hibernate]].
 +
 
 +
== Keys inside the boot menu ==
 +
 
 +
The following keys are used inside the menu:
 +
* {{ic|Up/Down}} - select entry
 +
* {{ic|Enter}} - boot the selected entry
 +
* {{ic|d}} - select the default entry to boot (stored in a non-volatile EFI variable)
 +
* {{ic|-/T}} - decrease the timeout (stored in a non-volatile EFI variable)
 +
* {{ic|+/t}} - increase the timeout (stored in a non-volatile EFI variable)
 +
* {{ic|e}} - edit the kernel command line. It has no effect if the {{ic|editor}} config option is set to {{ic|0}}.
 +
* {{ic|v}} - show the gummiboot and UEFI version
 +
* {{ic|Q}} - quit
 +
* {{ic|P}} - print the current configuration
 +
* {{ic|h/?}} - help
 +
 
 +
These hotkeys will, when pressed inside the menu or during bootup, directly boot
 +
a specific entry:
  
The copying of the {{ic|/usr/lib/gummiboot/gummiboot*.efi}} to the EFI System partition can be automated with systemd (as can eg. be done for the [[UEFI_Bootloaders#Sync_EFISTUB_Kernel_in_UEFISYS_partition_using_Systemd|EFISTUB kernel]]):
+
* {{ic|l}} - Linux
 +
* {{ic|w}} - Windows
 +
* {{ic|a}} - OS X
 +
* {{ic|s}} - EFI Shell
 +
* {{ic|1-9}} - number of entry
  
{{hc|/etc/systemd/system/gummiboot_copy.path|<nowiki>
+
== Troubleshooting ==
[Unit]
+
Description=Copy new version of Gummiboot to UEFISYS Partition
+
  
[Path]
+
=== Manual entry using efibootmgr ===
PathChanged=/usr/lib/gummiboot/gummibootx64.efi
+
Unit=gummiboot_copy.service
+
  
[Install]
+
If {{ic|bootctl install}} command failed, you can create a EFI boot entry manually using {{Pkg|efibootmgr}}:
WantedBy=multi-user.target</nowiki>}}
+
  
{{hc|/etc/systemd/system/gummiboot_copy.service|<nowiki>
+
# efibootmgr -c -d /dev/sdX -p Y -l /EFI/systemd/systemd-bootx64.efi -L "Linux Boot Manager"
[Unit]
+
Description=Copy new version of Gummiboot to UEFISYS Partition
+
  
[Service]
+
where {{ic|/dev/sdXY}} is the [[UEFI#EFI System Partition|EFI System Partition]].
Type=oneshot
+
ExecStart=/bin/cp -f /usr/lib/gummiboot/gummibootx64.efi /boot/efi/EFI/gummiboot/gummiboot.efi
+
</nowiki>}}
+
  
Change {{ic|gummibootx64.efi}} to {{ic|gummibootia32.efi}} for a 32-bit UEFI system.
+
=== Menu does not appear after Windows upgrade ===
  
After creating the files run:
+
For example, if you upgraded from Windows 8 to Windows 8.1, and you no longer see a boot menu after the upgrade (i.e., Windows boots immediately):
  
# systemctl enable gummiboot_copy.path
+
* Make sure Secure Boot (UEFI setting) and [[Dual boot with Windows#Fast_Start-Up|Fast Startup]] (Windows power option setting) are both disabled.
# systemctl start gummiboot_copy.path
+
* Make sure your UEFI prefers Linux Boot Manager over Windows Boot Manager (UEFI setting like Hard Drive Disk Priority).
  
== Separate boot and EFI partitions ==
+
{{Note|Windows 8.x+, including Windows 10, will overwrite any UEFI choices you make and install itself as the priority boot choice after every boot. Changing the boot order in the UEFI firmware will only last until the next Windows 10 boot. Know what the ''Change Boot Option'' key is for your motherboard.}}
  
TODO: link my kernel-post-upgrade stuff, https://github.com/grawity/code/tree/master/os/arch
+
To make Windows 8.X and above respect your boot order, you must enter a Windows group policy and have it execute a batch (''.bat'') file on startup. In Windows:
  
== Inside the boot menu ==
+
# Open a command prompt with admin privlages. Type in {{ic|bcdedit /enum firmware}}
 +
# Find the Firmware Application that has "Linux" in the description, e.g. "Linux Boot Manager"
 +
# Copy the Identifier, including the brackets, e.g. {{ic|<nowiki>{31d0d5f4-22ad-11e5-b30b-806e6f6e6963}</nowiki>}}
 +
# Create a batch file (e.g. {{ic|bootorder.bat}}) somewhere on your system with the following contents: {{ic|bcdedit /set {fwbootmgr} DEFAULT {''identifier_copied_in_step_3''<nowiki>}</nowiki>}} (e.g. {{ic|<nowiki>bcdedit /set {fwbootmgr} DEFAULT {31d0d5f4-22ad-11e5-b30b-806e6f6e6963}</nowiki>}}).
 +
# Open ''gpedit'' and under ''Local Computer Policy > Computer Configuration > Windows Settings > Scripts(Startup/Shutdown)'', choose ''Startup''. That should open a window named ''Startup Properties''.
 +
# Under the ''Scripts'' tab, choose the ''Add'' button
 +
# Click ''Browse'' and select the batch file you created in step 4.
  
TODO: document keybindings from http://freedesktop.org/wiki/Software/gummiboot
+
Alternatively, you can make the default Windows boot loader load ''systemd-boot'' instead. In an administrator command prompt in Windows, one can change this entry as follows:
  
==Troubleshooting==
+
  # bcdedit /set {bootmgr} path \EFI\systemd\systemd-bootx64.efi
====Transferring to new HDD causes breakage====
+
Twice now I have transferred my installation from one disk to another, ESP included, and both times this broke my gummiboot setup. With a lot of trial and error, I have discovered that gummiboot does not like configuration files that have been tranfserred from one disk to another (I used rsync).  
+
  
To solve this, delete the $ESP/loader directory and all of its contents, and recreate the necessary configuration files.
+
== See also ==
  
Though it has no additional info, here is my [https://bbs.archlinux.org/viewtopic.php?pid=1193147#p1193147 relevent forum thread].
+
* http://www.freedesktop.org/wiki/Software/systemd/systemd-boot/

Latest revision as of 21:27, 19 June 2016

systemd-boot, previously called gummiboot, is a simple UEFI boot manager which executes configured EFI images. The default entry is selected by a configured pattern (glob) or an on-screen menu. It is included with the systemd, which is installed on an Arch system by default.

It is simple to configure, but can only start EFI executables, such as the Linux kernel EFISTUB, UEFI Shell, GRUB, the Windows Boot Manager, and such.

Warning: systemd-boot simply provides a boot menu for EFISTUB kernels. In case you have issues booting EFISTUB kernels like in FS#33745, you should use a boot loader which does not use EFISTUB, like GRUB, Syslinux or ELILO.

Installation

EFI boot

  1. Make sure you are booted in UEFI mode.
  2. Verify your EFI variables are accessible.
  3. Mount your EFI System Partition(ESP) properly. esp is used to denote the mountpoint in this article.
    Note: systemd-boot cannot load EFI binaries from other partitions. It is therefore recommended to mount your ESP to /boot. See #Updating for more information and work-around, in case you want to separate /boot from the ESP.
  4. Copy your kernel and initramfs onto that ESP.
    Note: For a way to automatically keep the kernel updated on the ESP, have a look at the EFISTUB article for some systemd units that can be adapted. If your efi partition is using automount, you may need to add vfat to a file in /etc/modules-load.d/ to ensure the current running kernel has the vfat module loaded at boot, before any kernel update happens that could replace the module for the currently running version making the mounting of /boot/efi impossible until reboot.
  5. Finally, Type the following command to install systemd-boot:
    # bootctl --path=esp install
    It will copy the systemd-boot binary to your EFI System Partition (esp/EFI/systemd/systemd-bootx64.efi and esp/EFI/Boot/BOOTX64.EFI - both of which are identical - on x64 systems) and add systemd-boot itself as the default EFI application (default boot entry) loaded by the EFI Boot Manager.

Legacy boot

Warning: This is not the recommended process.

You can also successfully install systemd-boot if booted with a legacy OS. However, this requires that you later on tell your firmware to launch systemd-boot's EFI file on boot:

  • you either have a working EFI shell somewhere;
  • or your firmware interface provides you with a way of properly setting the EFI file that will be loaded at boot time.
Note: E.g. on Dell's Latitude series, the firmware interface provides everything you need to setup EFI boot, and the EFI Shell won't be able to write to the computer's ROM.

If you can do so, the installation is easier: go into your EFI shell or your firmware configuration interface, and change your machine's default EFI file to esp/EFI/systemd/systemd-bootx64.efi (systemd-bootia32.efi on i686 systems).

Updating

systemd-boot (man bootctl, man systemd-efi-boot-generator) assumes that your EFI System Partition is mounted on /boot. Unlike the previous separate gummiboot package, which updated automatically on a new package release with a post_install script, updates of new systemd-boot versions are now handled manually by the user:

# bootctl update

If the ESP is not mounted on /boot, the --path= option can pass it. For example:

# bootctl --path=esp update
Note: This is also the command to use when migrating from gummiboot, before removing that package. If that package has already been removed, however, run bootctl --path=esp install.

Configuration

Basic configuration

The basic configuration is kept in esp/loader/loader.conf, with three possible configuration options:

  • default – default entry to select (without the .conf suffix); can be a wildcard like arch-*
  • timeout – menu timeout in seconds. If this is not set, the menu will only be shown when you hold the space key while booting.
  • editor - whether to enable the kernel parameters editor or not. 1 (default) is to enable, 0 is to disable. Since the user can add init=/bin/bash to bypass root password and gain root access, it's strongly recommended to set this option to 0.

Example:

esp/loader/loader.conf
default  arch
timeout  4
editor   0
Note: The first 2 options can be changed in the boot menu itself, which will store them as EFI variables.

Adding boot entries

Note: bootctl will automatically check for "Windows Boot Manager" (\EFI\Microsoft\Boot\Bootmgfw.efi), "EFI Shell" (\shellx64.efi) and "EFI Default Loader" (\EFI\Boot\bootx64.efi). Where detected, entries will also automatically be generated for them as well. However, it does not auto-detect other EFI applications (unlike rEFInd), so for booting the kernel, manual configuration entries must be created. If you dual-boot Windows, it is strongly recommended to disable its default Fast Start-Up option.
Tip: You can find the PARTUUID for your root partition with the command blkid -s PARTUUID -o value /dev/sdxY, where x is the device letter and Y is the partition number. This is required only for your root partition, not esp.

bootctl searches for boot menu items in esp/loader/entries/*.conf – each file found must contain exactly one boot entry. The possible options are:

  • title – operating system name. Required.
  • version – kernel version, shown only when multiple entries with same title exist. Optional.
  • machine-id – machine identifier from /etc/machine-id, shown only when multiple entries with same title and version exist. Optional.
  • efi – EFI program to start, relative to your ESP (esp); e.g. /vmlinuz-linux. Either this or linux (see below) is required.
  • options – command line options to pass to the EFI program or kernel boot parameters. Optional, but you will need at least initrd=efipath and root=dev if booting Linux.

For Linux, you can specify linux path-to-vmlinuz and initrd path-to-initramfs; this will be automatically translated to efi path and options initrd=path – this syntax is only supported for convenience and has no differences in function.

Standard root installations

Here is an example entry for a root partition without LVM or LUKS:

esp/loader/entries/arch.conf
title          Arch Linux
linux          /vmlinuz-linux
initrd         /initramfs-linux.img
options        root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw

Please note in the example above that PARTUUID/PARTLABEL identifies a GPT partition, and differs from UUID/LABEL, which identifies a filesystem. Using the PARTUUID/PARTLABEL is advantageous because it is invariant (i.e. unchanging) if you reformat the partition with another filesystem, or if the /dev/sd* mapping changed for some reason. It is also useful if you do not have a filesystem on the partition (or use LUKS, which does not support LABELs).

LVM root installations

Warning: systemd-boot cannot be used without a separate /boot filesystem outside of LVM.

Here is an example for a root partition using Logical Volume Management:

esp/loader/entries/arch-lvm.conf
title          Arch Linux (LVM)
linux          /vmlinuz-linux
initrd         /initramfs-linux.img
options        root=/dev/mapper/<VolumeGroup-LogicalVolume> rw

Replace <VolumeGroup-LogicalVolume> with the actual VG and LV names (e.g. root=/dev/mapper/volgroup00-lvolroot). Alternatively, it is also possible to use a UUID instead:

....
options  root=UUID=<UUID identifier> rw

Note that root=UUID= is used instead of root=PARTUUID=, which is used for Root partitions without LVM or LUKS.

Encrypted Root Installations

Here is an example configuration file for an encrypted root partition (DM-Crypt / LUKS):

esp/loader/entries/arch-encrypted.conf
title Arch Linux Encrypted
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=<UUID>:<mapped-name> root=/dev/mapper/<mapped-name> quiet rw

UUID is used in this example; PARTUUID should be able to replace the UUID, if so desired. You may also replace the /dev path with a regular UUID. mapped-name is whatever you want it to be called. See Dm-crypt/System configuration#Boot loader.

If you are using LVM, your cryptdevice line will look like this:

esp/loader/entries/arch-encrypted-lvm.conf
title Arch Linux Encrypted LVM
linux /vmlinuz-linux
initrd /initramfs-linux.img
options cryptdevice=UUID=<UUID>:MyVolGroup root=/dev/mapper/MyVolGroup-MyVolRoot quiet rw

You can also add other EFI programs such as \EFI\arch\grub.efi.

btrfs subvolume root installations

If booting a btrfs subvolume as root, amend the options line with rootflags=subvol=<root subvolume>. In the example below, root has been mounted as a btrfs subvolume called 'ROOT' (e.g. mount -o subvol=ROOT /dev/sdxY /mnt):

esp/loader/entries/arch-btrfs-subvol.conf
title          Arch Linux
linux          /vmlinuz-linux
initrd         /initramfs-linux.img
options        root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw rootflags=subvol=ROOT

A failure to do so will otherwise result in the following error message: ERROR: Root device mounted successfully, but /sbin/init does not exist.

EFI Shells or other EFI apps

In case you installed EFI shells and other EFI application into the ESP, you can use the following snippets:

esp/loader/entries/uefi-shell-v1-x86_64.conf
title  UEFI Shell x86_64 v1
efi    /EFI/shellx64_v1.efi
esp/loader/entries/uefi-shell-v2-x86_64.conf
title  UEFI Shell x86_64 v2
efi    /EFI/shellx64_v2.efi

Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: Add example on how to boot into EFI firmware setup. (Discuss in Talk:Systemd-boot#)

Support hibernation

See Suspend and hibernate.

Keys inside the boot menu

The following keys are used inside the menu:

  • Up/Down - select entry
  • Enter - boot the selected entry
  • d - select the default entry to boot (stored in a non-volatile EFI variable)
  • -/T - decrease the timeout (stored in a non-volatile EFI variable)
  • +/t - increase the timeout (stored in a non-volatile EFI variable)
  • e - edit the kernel command line. It has no effect if the editor config option is set to 0.
  • v - show the gummiboot and UEFI version
  • Q - quit
  • P - print the current configuration
  • h/? - help

These hotkeys will, when pressed inside the menu or during bootup, directly boot a specific entry:

  • l - Linux
  • w - Windows
  • a - OS X
  • s - EFI Shell
  • 1-9 - number of entry

Troubleshooting

Manual entry using efibootmgr

If bootctl install command failed, you can create a EFI boot entry manually using efibootmgr:

# efibootmgr -c -d /dev/sdX -p Y -l /EFI/systemd/systemd-bootx64.efi -L "Linux Boot Manager"

where /dev/sdXY is the EFI System Partition.

Menu does not appear after Windows upgrade

For example, if you upgraded from Windows 8 to Windows 8.1, and you no longer see a boot menu after the upgrade (i.e., Windows boots immediately):

  • Make sure Secure Boot (UEFI setting) and Fast Startup (Windows power option setting) are both disabled.
  • Make sure your UEFI prefers Linux Boot Manager over Windows Boot Manager (UEFI setting like Hard Drive Disk Priority).
Note: Windows 8.x+, including Windows 10, will overwrite any UEFI choices you make and install itself as the priority boot choice after every boot. Changing the boot order in the UEFI firmware will only last until the next Windows 10 boot. Know what the Change Boot Option key is for your motherboard.

To make Windows 8.X and above respect your boot order, you must enter a Windows group policy and have it execute a batch (.bat) file on startup. In Windows:

  1. Open a command prompt with admin privlages. Type in bcdedit /enum firmware
  2. Find the Firmware Application that has "Linux" in the description, e.g. "Linux Boot Manager"
  3. Copy the Identifier, including the brackets, e.g. {31d0d5f4-22ad-11e5-b30b-806e6f6e6963}
  4. Create a batch file (e.g. bootorder.bat) somewhere on your system with the following contents: bcdedit /set {fwbootmgr} DEFAULT {identifier_copied_in_step_3} (e.g. bcdedit /set {fwbootmgr} DEFAULT {31d0d5f4-22ad-11e5-b30b-806e6f6e6963}).
  5. Open gpedit and under Local Computer Policy > Computer Configuration > Windows Settings > Scripts(Startup/Shutdown), choose Startup. That should open a window named Startup Properties.
  6. Under the Scripts tab, choose the Add button
  7. Click Browse and select the batch file you created in step 4.

Alternatively, you can make the default Windows boot loader load systemd-boot instead. In an administrator command prompt in Windows, one can change this entry as follows:

# bcdedit /set {bootmgr} path \EFI\systemd\systemd-bootx64.efi

See also