Ubuntu
grub-installer package

grub-install installs wrong bootloader when --removable and --uefi-secure-boot are used.

Bug #1453980 reported by Ubfan
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
grub-installer (Ubuntu)
New
Undecided
Unassigned

Bug Description

Ubuntu 15.04
With the --removable switch, grub-install will now correctly install grubx64.efi as the default bootloader
in the EFI partition's /EFI/Boot/bootx64.efi file, but with the addition of --uefi-secure-boot, it still
uses grubx64.efi as bootx64.efi instead of shimx64.efi. The use of both --removable and --uefi-secure-boot
should result in shimx64.efi copied to the /EFI/Boot/bootx64.efi file, and grubx64.efi just copied to the
/EFI/Boot directory.
  Since the shimx64 as bootx64.efi will work with secure boot enabled or disabled, the easiest solution would be to just use it every time the --removable is used.
  grubx64.efi will not successfully boot a UEFI machine with secure boot enabled.

Ubfan (ubfan1)
tags: added: 15.04 grub-installer
Revision history for this message
Ubfan (ubfan1) wrote :

On Ubuntu 16.04, uefi secure boot enabled, grub-efi package 2.02~beta2-36ubuntu3.15, the original problem has been fixed, like the suggestion in the original posting (just use shim) , but now the --no-uefi-secure-boot switch on grub-install does not cause grubx64.efi to be used as .../EFI/Boot/bootx64.efi, instead the legacy core.img is used. There is apparently no way to install grub to a removable disk for use on a non-secure boot UEFI system from a 16.04 secure boot system.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.