systemd-boot, previously called gummiboot (German for: 'rubber dinghy'), is a simple UEFI boot manager which executes configured EFI images. The default entry is selected by a configured pattern (glob) or an on-screen menu to be navigated via arrow-keys. It is included with , which is installed on an Arch system by default.
It is simple to configure but it can only start EFI executables such as the Linux kernel EFISTUB, UEFI Shell, GRUB, or the Windows Boot Manager.
- 1 Installation
- 2 Configuration
- 3 Keys inside the boot menu
- 4 Tips and tricks
- 5 Troubleshooting
- 6 See also
Installing the EFI boot manager
To install the systemd-boot EFI boot manager, first make sure the system has booted in UEFI mode and that UEFI variables are accessible. This can be checked by running the command
It should be noted that systemd-boot is only able to load the EFISTUB kernel from the EFI system partition (ESP). To keep the kernel updated, it is simpler and therefore recommended to mount the ESP to
/boot. If the ESP is not mounted to
/boot, the kernel and initramfs files must be copied onto that ESP. See EFI system partition#Alternative mount points for details.
esp will be used throughout this page to denote the ESP mountpoint, e.g.
With the ESP mounted to
esp, use to install systemd-boot into the EFI system partition by running:
# bootctl --path=esp install
This will copy the systemd-boot boot loader to the EFI partition: on a x64 architecture system the two identical binaries
esp/EFI/BOOT/BOOTX64.EFI will be transferred to the ESP. It will then set systemd-boot as the default EFI application (default boot entry) loaded by the EFI Boot Manager.
To conclude the installation, configure systemd-boot.
Updating the EFI boot manager
Whenever there is a new version of systemd-boot, the boot manager must be updated by the user. This can be performed manually or the update can be automatically triggered using pacman hooks. The two approaches are described thereafter.
bootctl must be used to update systemd-boot. If the
path parameter is not specified,
/boot/efi are checked in turn.
# bootctl update
If the ESP is mounted on a different location, the
path option can be passed as follows:
# bootctl --path=esp update
bootctl --path=esp install.
The package Pacman hook to automate the update process. Installing the package will add a hook which will be executed every time the package is upgraded.
Alternatively, to replicate what the systemd-boot-pacman-hook package does without installing it, place the following pacman hook in the
[Trigger] Type = Package Operation = Upgrade Target = systemd [Action] Description = Updating systemd-boot When = PostTransaction Exec = /usr/bin/bootctl update
The loader configuration is stored in the file
esp/loader/loader.conf. The following settings can be specified:
default– default entry to select as defined in #Adding loaders; it is given without the .conf suffix and it can be a wildcard like
timeout– menu timeout in seconds before the default entry is booted. If this is not set, the menu will only be shown on
Spacekey (or most other keys actually work too) press during boot.
editor– whether to enable the kernel parameters editor or not.
yes(default) is enabled,
nois disabled; since the user can add
init=/bin/bashto bypass root password and gain root access, it is strongly recommended to set this option to
noif the machine can be accessed by unauthorized persons.
auto-entries– shows automatic entries for Windows, EFI Shell, and Default Loader if set to
auto-firmware– shows entry for rebooting into UEFI firmware settings if set to
console-mode– changes UEFI console mode:
2and above for non-standard modes provided by the device firmware, if any,
autopicks a suitable mode automatically,
maxfor highest available mode,
keep(default) for the firmware selected mode.
random-seed-mode- controls whether to read the random seed from the file
esp/loader/random-seed. If set to
with-system-token(default), it loads the seed from file only if the EFI variable
LoaderSystemTokenis set; if set to
always, it loads the seed from file even if the EFI variable is unset; and if set to
off, the file is ignored.
For a detailed explanation of the available settings and their corresponding arguments see themanual. A loader configuration example is provided below:
default arch timeout 4 console-mode max editor no
timeoutcan be changed in the boot menu itself and changes will be stored as EFI variables, overriding these options.
bootctl set-default ""can be used to clear the EFI variable overriding the
- A basic loader configuration file is located at
bootctl searches for boot menu items in
esp/loader/entries/*.conf – each file found must contain exactly one loader. The possible options are:
title– operating system name. Required.
version– kernel version, shown only when multiple entries with same title exist. Optional.
machine-id– machine identifier from
/etc/machine-id, shown only when multiple entries with same title and version exist. Optional.
efi– EFI program to start, relative to your ESP (
/vmlinuz-linux. Either this parameter or
linux(see below) is required.
options– command line options to pass to the EFI program or kernel parameters. Optional, but you will need at least
root=devif booting Linux. This parameter can be omitted if the root partition is assigned the correct Root Partition Type GUID as defined in Discoverable Partitions Specification, in which case it will be automatically selected.
For Linux boot, you can also use
linux instead of
initrd in addition to
options. The syntax is:
initrdfollowed by the relative path of the corresponding files in the ESP; e.g.
/vmlinuz-linux; this will be automatically translated into
options initrd=path– this syntax is only supported for convenience and has no differences in function.
optionsis present in a boot entry and Secure Boot is disabled, the value of
optionswill override any
.cmdlinestring embedded in the EFI image that is specified by
linux(see #Preparing kernels for /EFI/Linux). With Secure Boot, however,
options(and any edits made to the kernel command line in the bootloader UI) will be ignored, and only the embedded
.cmdlinewill be used.
An example of a loader file to launch Arch from a partition with the label arch_os and loading the Intel CPU microcode is:
title Arch Linux linux /vmlinuz-linux initrd /intel-ucode.img initrd /initramfs-linux.img options root=LABEL=arch_os rw
bootctl will automatically check at boot time for Windows Boot Manager at the location
/EFI/Microsoft/Boot/Bootmgfw.efi, EFI Shell
/shellx64.efi and EFI Default Loader
/EFI/BOOT/bootx64.efi, as well as specially prepared kernel files found in
/EFI/Linux. When detected, corresponding entries with titles
auto-efi-default, respectively, will be generated. These entries do not require manual loader configuration. However, it does not auto-detect other EFI applications (unlike rEFInd), so for booting the Linux kernel, manual configuration entries must be created.
- If you dual-boot Windows, it is strongly recommended to disable its default Fast Start-Up option.
- If you have an Intel or AMD CPU, load the microcode with
initrdbefore other images, an example is provided in Microcode#systemd-boot.
- The root partition can be identified with its
UUID(see Persistent block device naming). This is required only to identify the root partition, not the
EFI Shells or other EFI apps
efiline is relative to your esp mount point. If you are mounted on
/bootand your EFI binaries reside at
/boot/yy.efi, then you would specify the parameters as
Examples of loading custom UEFI Shell loaders:
title UEFI Shell x86_64 v1 efi /EFI/shellx64_v1.efi
title UEFI Shell x86_64 v2 efi /EFI/shellx64_v2.efi
Booting into EFI Firmware Setup
Most system firmware configured for EFI booting will add its own efibootmgr entries to boot into UEFI Firmware Setup.
Preparing kernels for /EFI/Linux
/EFI/Linux is searched for specially prepared kernel files, which bundle the kernel, the init RAM disk (initrd), the kernel command line and
/etc/os-release into one single file. This file can be easily signed for secure boot.
systemd-bootrequires that the
os-releasefile contain either
BUILD_IDto generate an ID and automatically add the entry, which the Arch
os-releasedoes not. Either maintain your own copy with one of them, or make your bundling script generate it automatically.
Put the kernel command line you want to use in a file, and create the bundle file like this:
Kernel packaging command:
objcopy \ --add-section .osrel="/usr/lib/os-release" --change-section-vma .osrel=0x20000 \ --add-section .cmdline="kernel-command-line.txt" --change-section-vma .cmdline=0x30000 \ --add-section .linux="vmlinuz-file" --change-section-vma .linux=0x40000 \ --add-section .initrd="initrd-file" --change-section-vma .initrd=0x3000000 \ "/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "linux.efi"
Optionally sign the
linux.efi file produced above.
Kernel parameters editor with password protection
Alternatively you can install
password basic configuration option. Use
sbpctl generate to generate a value for this option.
Install systemd-boot-password with the following command:
# sbpctl install esp
With enabled editor you will be prompted for your password before you can edit kernel parameters.
The following keys are used inside the menu:
Up/Down- select entry
Enter- boot the selected entry
d- select the default entry to boot (stored in a non-volatile EFI variable)
-/T- decrease the timeout (stored in a non-volatile EFI variable)
+/t- increase the timeout (stored in a non-volatile EFI variable)
e- edit the kernel command line. It has no effect if the
editorconfig option is set to
v- show the systemd-boot and UEFI version
P- print the current configuration
These hotkeys will, when pressed inside the menu or during bootup, directly boot a specific entry:
a- OS X
s- EFI Shell
1-9- number of entry
Tips and tricks
Grml on ESP
Grml is a small live system with a collection of software for system administration and rescue.
In order to install Grml on the ESP, we only need to copy the kernel
vmlinuz, the initramfs
initrd.img, and the squashed image
grml64-small.squashfs from the iso file to the ESP. To do so, first download grml64-small.iso and mount the file (the mountpoint is henceforth denoted mnt); the kernel and initramfs are located in
mnt/boot/grml64small/, and the squashed image resides in
Next, create a directory for Grml in your ESP,
# mkdir -p esp/grml
and copy the above-mentioned files in there:
# cp mnt/boot/grml64small/vmlinuz esp/grml # cp mnt/boot/grml64small/initrd.img esp/grml # cp mnt/live/grml64-small/grml64-small.squashfs esp/grml
In the last step, create an entry for the systemd-boot loader: In
esp/loader/entries create a
grml.conf file with the following content:
title Grml Live Linux linux /grml/vmlinuz initrd /grml/initrd.img options apm=power-off boot=live live-media-path=/grml/ nomce net.ifnames=0
For an overview of the avialable boot options, consult the cheatcode for Grml.
Installing after booting in BIOS mode
If booted in BIOS mode, you can still install systemd-boot, however this process requires you to tell firmware to launch systemd-boot's EFI file at boot, usually via two ways:
- you have a working EFI Shell somewhere else.
- your firmware interface provides a way of properly setting the EFI file that needs to be loaded at boot time.
If you can do it, the installation is easier: go into your EFI Shell or your firmware configuration interface and change your machine's default EFI file to
systemd-bootia32.efi depending if your system firmware is 32 bit).
Manual entry using efibootmgr
bootctl install command failed, you can create a EFI boot entry manually using :
# efibootmgr -c -d /dev/sdX -p Y -l "\EFI\systemd\systemd-bootx64.efi" -L "Linux Boot Manager"
/dev/sdXY is the EFI system partition.
\) as the separator