Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

[SOLVED] Fedora Shim (Secure Boot) and Grub on Gentoo
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo
View previous topic :: View next topic  
Author Message
dl200010
n00b
n00b


Joined: 25 Oct 2005
Posts: 37
PostPosted: Mon Mar 04, 2019 9:07 pm    Post subject: [SOLVED] Fedora Shim (Secure Boot) and Grub on Gentoo Reply with quote
I have been trying to get Secure Boot to work on Gentoo for the past week. I am unable to do anything with the keys in my EFI system. Razer locked away the key management. I have a case open with them to unlock it, but I am not holding my breath getting it done. They tried to tell me installing Linux will void their warranty. Even pointing be to their warranty, which said all software was not part of the warranty and that is it. I have a Razer Blade 15 2018 Advance. Intel 8th Gen i7 6-core. nVidia GTX 1070 Max-Q 8GB. 144 Hz 1080p screen. 16 GB DDR4 ram. Gentoo on SSD in external USB enclosure. It runs perfectly fine, with Secure Boot off. It boots just fine in EFI. I have the wifi working and all. I just have not installed any GUI yet. I wanted to get this Secure Boot fixed first. I cannot access the EFI certs in the EFI because I cannot clear the PK key to touch it. It is using a key that says it is for testing only ("DO NOT TRUST - AMI Test PK") as PK. (I would follow this, but don't want to risk bricking my laptop. This will just show you what I am missing. https://lukegb.com/posts/2016-11-11-secure-boot-shenanigans/) I saw that Fedora's Shim was in portage. I emerged it and copied it to /boot/EFI/BOOT/. I have the grub efi in there with it. I can boot from it just fine. I turn on Secure Boot and added my cert to it. Upon reboot it loads up Grub2. Grub2 tries to load the kernel and errors out. ("Bootloader has not verified loaded image. System is compromised. Halting.") I even tried removing the grub efi file and putting the kernel there under the same name. Boorts just fine with Secure Boot off, but not with it on. No documentation on how to use the Fedora Shim in portage that I can find. Anyone have any idea? I have been searching far and wide for a week. Hours a day.

Last edited by dl200010 on Wed Mar 13, 2019 6:22 pm; edited 1 time in total
Back to top
View user's profile Send private message
dl200010
n00b
n00b


Joined: 25 Oct 2005
Posts: 37
PostPosted: Wed Mar 13, 2019 6:21 pm    Post subject: Reply with quote
https://github.com/rhboot/shim/issues/172

This was fixed here. Turns to be I needed to patch Grub2.
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Other Things Gentoo All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2024 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy