From c736354d50d3931edfef61f8bf3131fbd8d6772b Mon Sep 17 00:00:00 2001 From: Lukas Ruzicka Date: Tue, 12 Dec 2017 15:26:25 +0100 Subject: [PATCH 1/5] Create directory for modularity --- en-US/modules/test | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 en-US/modules/test diff --git a/en-US/modules/test b/en-US/modules/test new file mode 100644 index 0000000..e69de29 From a994a311dc6a7d810136da39d4d51a3fce854925 Mon Sep 17 00:00:00 2001 From: Lukas Ruzicka Date: Tue, 12 Dec 2017 17:56:25 +0100 Subject: [PATCH 2/5] Partly modularize content --- en-US/installing-grub2.adoc | 27 + en-US/installing-grub2.html | 789 ++++++++++++++++++ ..._adding-other-operating-systems-grub2.adoc | 30 + ...ing-menu-entries-with-uefi-bootloader.adoc | 38 + .../proc_installing-grub2-on-bios-system.adoc | 54 ++ .../proc_installing-grub2-on-efi-system.adoc | 89 ++ en-US/pool.adoc | 51 ++ 7 files changed, 1078 insertions(+) create mode 100644 en-US/installing-grub2.adoc create mode 100644 en-US/installing-grub2.html create mode 100644 en-US/modules/proc_adding-other-operating-systems-grub2.adoc create mode 100644 en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc create mode 100644 en-US/modules/proc_installing-grub2-on-bios-system.adoc create mode 100644 en-US/modules/proc_installing-grub2-on-efi-system.adoc create mode 100644 en-US/pool.adoc diff --git a/en-US/installing-grub2.adoc b/en-US/installing-grub2.adoc new file mode 100644 index 0000000..58485f0 --- /dev/null +++ b/en-US/installing-grub2.adoc @@ -0,0 +1,27 @@ +:md: ./modules + + += Installing *GRUB2* +[[installing-grub2]] + +*GRUB2* is the latest version of *GNU GRUB*, the _GRand Unified Bootloader_. +A bootloader is the first software program that runs when a computer +starts. It is responsible for loading and transferring control to the +operating system kernel. In Fedora, the kernel is Linux. The kernel then initializes +the rest of the operating system. + +*GRUB2* is the follower of the previous version *GRUB* (version 0.9x). The original version is available under the name *GRUB Legacy*. + +Since Fedora 16, *GRUB2* has been the default bootloader on x86 BIOS +systems. For upgrades of BIOS systems, the default is also to install +*GRUB2*, but you can opt to skip bootloader configuration entirely. + +include::{md}/proc_installing-grub2-on-bios-system.adoc[leveloffset=+1] + +include::{md}/proc_installing-grub2-on-efi-system.adoc[leveloffset=+1] + +include::{md}/proc_creating-menu-entries-with-uefi-bootloader.adoc[leveloffset=+1] + +include::{md}/proc_adding-other-operating-systems-grub2.adoc[leveloffset=+1] + + diff --git a/en-US/installing-grub2.html b/en-US/installing-grub2.html new file mode 100644 index 0000000..dcd5896 --- /dev/null +++ b/en-US/installing-grub2.html @@ -0,0 +1,789 @@ + + + + + + + + +Installing GRUB2 + + + + + +
+
+
+
+

GRUB2 is the latest version of GNU GRUB, the GRand Unified Bootloader. +A bootloader is the first software program that runs when a computer +starts. It is responsible for loading and transferring control to the +operating system kernel. In Fedora, the kernel is Linux. The kernel then initializes +the rest of the operating system.

+
+
+

GRUB2 is the follower of the previous version GRUB (version 0.9x). The original version is available under the name GRUB Legacy.

+
+
+

Since Fedora 16, GRUB2 has been the default bootloader on x86 BIOS +systems. For upgrades of BIOS systems, the default is also to install +GRUB2, but you can opt to skip bootloader configuration entirely.

+
+
+
+
+

Installing GRUB2 on a BIOS system

+
+
+

Normally, GRUB2 will be installed and set up by the installer, Anaconda, during the installation process. You will probably never have to deal with manual installation of GRUB2. However, in certain situations , you will want to install GRUB2 manually, especially if you need to repair the existing GRUB2 installation or you want to change its configuration.

+
+
+

This procedure shows the steps to install GRUB2 on your Master Boot Record (MBR) of your primary hard disk.

+
+
+

Before you start:

+
+
+
Before you start
+
    +
  • +

    Make sure you have the the GRUB2 packages and the os-prober package installed in your system:

    +
    +
    +
    $ dnf list installed | grep grub
    +
    +
    +
  • +
  • +

    To automatically collect information about your disks and operating systems installed on them, the os-prober package needs to be installed on your system.

    +
  • +
+
+
+
Procedure
+
    +
  1. +

    List block devices available on the system.

    +
    +
    +
    $ lsblk
    +
    +
    +
  2. +
  3. +

    Identify the primary hard disk. Usually, it is the sda device.

    +
  4. +
  5. +

    Install GRUB2 in the MBR of the primary hard disk.

    +
    +
    +
    $ sudo grub2-install /dev/sda
    +
    +
    +
  6. +
  7. +

    Create a configuration file for GRUB2.

    +
    +
    +
    $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    +
    +
    +
  8. +
  9. +

    Reboot your computer to boot with the newly installed bootloader.

    +
  10. +
+
+
+
More information
+
    +
  • +

    The grub2-mkconfig command creates a new configuration based on the currently +running system. It collects information from the /boot partition (or directory), from the /etc/default/grub file, and the customizable scripts in /etc/grub.d/.

    +
  • +
  • +

    The configuration format is changing with time, and a new configuration +file can become slightly incompatible with the older versions of the bootloader. Always run grub2-install before you create the configuration file with grub2-mkconfig.

    +
  • +
  • +

    In Fedora, it is generally safe to edit /boot/grub2/grub.cfg manually. Grubby in Fedora patches the configuration when a kernel update is performed and will try to not make any other changes than what is necessary. Manual changes can be overwritten with grub2-mkconfig when the system gets upgraded with +Anaconda. Customizations placed in /etc/grub.d/40_custom or +/boot/grub2/custom.cfg files will survive running the grub2-mkconfig command.

    +
  • +
+
+
+
+
+

Installing GRUB2 on a UEFI system

+
+
+

Normally, GRUB2 will be installed and set up by the installer, Anaconda, during the installation process. You will probably never have to deal with manual installation of GRUB2. However, in certain situations , you will want to install GRUB2 manually, especially if you need to repair the existing GRUB2 installation or you want to change its configuration.

+
+
+

This procedure shows the steps to install GRUB2 on a UEFI system on Fedora 18 or newer. The procedure consists of three parts.

+
+
+

Creating an EFI System Partition

+
+

The UEFI firmware requires to boot from an EFI System Partition on +a disk with a GPT label. To create such a partition:

+
+
+
    +
  1. +

    List available block devices to find a place to create your ESP.

    +
    +
    +
    $ lsblk
    +
    +
    +
  2. +
  3. +

    Create at least a 128 MiB disk partition using a GPT label on the primary hard disk.

    +
    +
    +
    $ sudo gdisk /dev/sda
    +
    +
    +
    +

    For the sake of this procedure, we assume that the created partition is recognized as /dev/sda1.

    +
    +
  4. +
  5. +

    Format the partition with the FAT32 file system.

    +
    +
    +
    $ sudo mkfs.vfat /dev/sda1
    +
    +
    +
  6. +
  7. +

    Create the /boot/efi directory as a mount point for the new partition.

    +
    +
    +
    $ sudo mkdir /boot/efi
    +
    +
    +
  8. +
  9. +

    Mount the partition to the /boot/efi mount point.

    +
    +
    +
    $ sudo mount /dev/sda1 /boot/efi
    +
    +
    +
  10. +
  11. +

    Proceed to the next part.

    +
  12. +
+
+
+
+

Install the bootloader files

+
+

In order to use GRUB2 with on the UEFI systems, you need to install or re-install appropriate packages:

+
+
+
    +
  1. +

    Re-install the necessary packages.

    +
    +
    +
    dnf reinstall grub2-efi grub2-efi-modules shim
    +
    +
    +
  2. +
  3. +

    If the above command ends with an error, install the packages.

    +
    +
    +
    dnf install grub2-efi grub2-efi-modules shim
    +
    +
    +
  4. +
+
+
+
More information
+
    +
  • +

    This installs the signed shim and the GRUB2 binary.

    +
  • +
+
+
+
+

Create a GRUB2 configuration

+
+

If you already have a working GRUB2 EFI configuration file, you do not need to do anything else.

+
+
+

Otherwise, create the configuration file using the grub2-mkconfig command.

+
+
+
+
$ sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
+
+
+
+
More information
+
    +
  • +

    Under EFI, GRUB2 looks for its configuration in +/boot/efi/EFI/fedora/grub.cfg.

    +
  • +
  • +

    For newly installed kernels to work, +grubby expects /etc/grub2-efi.cfg to be a symlink to the real +grub.cfg (for example /boot/efi/EFI/fedora/grub.cfg).

    +
  • +
+
+
+
+
+
+

Creating the boot menu entries with UEFI bootloader

+
+
+

When you power on your system, your firmware will look for EFI variables that tell it how to boot. On running systems, which have booted into the EFI mode and their EFI runtime services are working correctly, you can configure your boot menu with efibootmgr.

+
+
+

If not, shim can help you bootstrap. The EFI program +/boot/efi/EFI/BOOT/fallback.efi will look for files called BOOT.CSV +in your ESP and will add boot entries corresponding to them. The shim command +provides its own BOOT.CSV file that will add an entry for grub2-efi.

+
+
+

During the boot process, you can use the EFI Shell to invoke the fallback.efi profile to boot the system:

+
+
+
    +
  1. +

    Enter the boot partition.

    +
    +
    +
    > fs0:
    +
    +
    +
  2. +
  3. +

    Navigate into the EFI\BOOT directory.

    +
    +
    +
    > cd EFI\BOOT
    +
    +
    +
  4. +
  5. +

    Invoke the fallback.efi profile.

    +
    +
    +
    > fallback.efi
    +
    +
    +
  6. +
+
+
+
More information
+
    +
  • +

    If you have no boot entries at all, then just booting off your disk in +UEFI mode should automatically invoke /boot/efi/EFI/BOOT/BOOTX64.EFI, +which will, in turn, invoke fallback.efi.

    +
  • +
  • +

    If you already have incorrect boot entries, you’ll either need to delete +them or to modify BOOT.CSV to create new entries with different names.

    +
  • +
+
+
+
+
+

Adding other operating systems to the GRUB2 menu

+
+
+

Normally, GRUB2 is preset to boot multiple operating systems during the Fedora installation process. If you can, it is advisable to install non-Linux operating systems first. Then, during the installation process, all those operating systems and their locations will be discovered and properly set.

+
+
+

Sometimes, however, you cannot use this approach and you will have to create the bootloader configuration file again to enable it to boot more operating systems.

+
+
+
Before you start
+
    +
  • +

    Make sure that the operating systems are on disks, connected to the system.

    +
  • +
  • +

    You have the os-prober package installed.

    +
  • +
+
+
+
Procedure
+
    +
  1. +

    Install GRUB2 into the MBR of your primary hard disk.

    +
    +
    +
    $ sudo grub2-install /dev/sda
    +
    +
    +
  2. +
  3. +

    Recreate the GRUB2 configuration file.

    +
    +
    +
    $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    +
    +
    +
  4. +
+
+
+
More information
+
    +
  • +

    The grub2-mkconfig command will add entries for all operating systems it can find.

    +
  • +
  • +

    When problems appear, see the GRUB manual to solve issues with booting secondary operating systems.

    +
  • +
+
+
+
+
+ + + \ No newline at end of file diff --git a/en-US/modules/proc_adding-other-operating-systems-grub2.adoc b/en-US/modules/proc_adding-other-operating-systems-grub2.adoc new file mode 100644 index 0000000..dd918d3 --- /dev/null +++ b/en-US/modules/proc_adding-other-operating-systems-grub2.adoc @@ -0,0 +1,30 @@ += Adding other operating systems to the *GRUB2* menu +[[adding-other-operating-systems-to-the-grub-2-menu]] + +Normally, *GRUB2* is preset to boot multiple operating systems during the Fedora installation process. If you can, it is advisable to install non-Linux operating systems first. Then, during the installation process, all those operating systems and their locations will be discovered and properly set. + +Sometimes, however, you cannot use this approach and you will have to create the bootloader configuration file again to enable it to boot more operating systems. + +.Before you start + +* Make sure that the operating systems are on disks, connected to the system. +* You have the `os-prober` package installed. + +.Procedure + +. Install *GRUB2* into the MBR of your primary hard disk. ++ +---- +$ sudo grub2-install /dev/sda +---- + +. Recreate the *GRUB2* configuration file. ++ +---- +$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg +---- + +.More information +* The `grub2-mkconfig` command will add entries for all operating systems it can find. +* When problems appear, see the link:http://www.gnu.org/software/grub/manual/grub.html#Multi_002dboot-manual-config[GRUB manual] to solve issues with booting secondary operating systems. + diff --git a/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc b/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc new file mode 100644 index 0000000..e76cde1 --- /dev/null +++ b/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc @@ -0,0 +1,38 @@ += Creating the boot menu entries with UEFI bootloader +[[creating-the-boot-menu-entries-with-uefi-bootloader]] + +When you power on your system, your firmware will look for EFI variables that tell it how to boot. On running systems, which have booted into the EFI mode and their EFI runtime services are working correctly, you can configure your boot menu with `efibootmgr`. + +If not, `shim` can help you bootstrap. The EFI program +`/boot/efi/EFI/BOOT/fallback.efi` will look for files called `BOOT.CSV` +in your ESP and will add boot entries corresponding to them. The `shim` command +provides its own `BOOT.CSV` file that will add an entry for `grub2-efi`. + +During the boot process, you can use the *EFI Shell* to invoke the `fallback.efi` profile to boot the system: + +. Enter the boot partition. ++ +---- +> fs0: +---- + +. Navigate into the `EFI\BOOT` directory. ++ +---- +> cd EFI\BOOT +---- + +. Invoke the `fallback.efi` profile. ++ +---- +> fallback.efi +---- + +.More information +* If you have no boot entries at all, then just booting off your disk in +UEFI mode should automatically invoke `/boot/efi/EFI/BOOT/BOOTX64.EFI`, +which will, in turn, invoke `fallback.efi`. +* If you already have incorrect boot entries, you'll either need to delete +them or to modify `BOOT.CSV` to create new entries with different names. + + diff --git a/en-US/modules/proc_installing-grub2-on-bios-system.adoc b/en-US/modules/proc_installing-grub2-on-bios-system.adoc new file mode 100644 index 0000000..1d2c948 --- /dev/null +++ b/en-US/modules/proc_installing-grub2-on-bios-system.adoc @@ -0,0 +1,54 @@ += Installing GRUB2 on a BIOS system +[[installing-grub-2-on-a-bios-system]] + +Normally, *GRUB2* will be installed and set up by the installer, *Anaconda*, during the installation process. You will probably never have to deal with manual installation of *GRUB2*. However, in certain situations , you will want to install *GRUB2* manually, especially if you need to repair the existing *GRUB2* installation or you want to change its configuration. + +This procedure shows the steps to install *GRUB2* on your _Master Boot Record_ (MBR) of your primary hard disk. + +Before you start: + + +.Before you start + +* Make sure you have the the *GRUB2* packages and the `os-prober` package installed in your system: ++ +---- +$ dnf list installed | grep grub +---- + +* To automatically collect information about your disks and operating systems installed on them, the `os-prober` package needs to be installed on your system. + +.Procedure + +. List block devices available on the system. ++ +---- +$ lsblk +---- + +. Identify the primary hard disk. Usually, it is the `sda` device. + +. Install *GRUB2* in the MBR of the primary hard disk. ++ +---- +$ sudo grub2-install /dev/sda +---- + +. Create a configuration file for *GRUB2*. ++ +---- +$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg +---- + +. Reboot your computer to boot with the newly installed bootloader. + +.More information + +* The `grub2-mkconfig` command creates a new configuration based on the currently +running system. It collects information from the `/boot` partition (or directory), from the `/etc/default/grub` file, and the customizable scripts in `/etc/grub.d/`. +* The configuration format is changing with time, and a new configuration +file can become slightly incompatible with the older versions of the bootloader. Always run `grub2-install` before you create the configuration file with `grub2-mkconfig`. +* In Fedora, it is generally safe to edit `/boot/grub2/grub.cfg` manually. *Grubby* in Fedora patches the configuration when a kernel update is performed and will try to not make any other changes than what is necessary. Manual changes can be overwritten with `grub2-mkconfig` when the system gets upgraded with +*Anaconda*. Customizations placed in `/etc/grub.d/40_custom` or +`/boot/grub2/custom.cfg` files will survive running the `grub2-mkconfig` command. + diff --git a/en-US/modules/proc_installing-grub2-on-efi-system.adoc b/en-US/modules/proc_installing-grub2-on-efi-system.adoc new file mode 100644 index 0000000..a02b345 --- /dev/null +++ b/en-US/modules/proc_installing-grub2-on-efi-system.adoc @@ -0,0 +1,89 @@ += Installing GRUB2 on a UEFI system +[[installing-grub-2-configuration-on-uefi-system]] + +Normally, *GRUB2* will be installed and set up by the installer, *Anaconda*, during the installation process. You will probably never have to deal with manual installation of *GRUB2*. However, in certain situations , you will want to install *GRUB2* manually, especially if you need to repair the existing *GRUB2* installation or you want to change its configuration. + +This procedure shows the steps to install *GRUB2* on a UEFI system on Fedora 18 or newer. The procedure consists of three parts. + +== Creating an EFI System Partition +[[create-an-esp]] + +The UEFI firmware requires to boot from an _EFI System Partition_ on +a disk with a GPT label. To create such a partition: + +. List available block devices to find a place to create your ESP. ++ +---- +$ lsblk +---- + +. Create at least a 128 MiB disk partition using a GPT label on the primary hard disk. ++ +---- +$ sudo gdisk /dev/sda +---- ++ +For the sake of this procedure, we assume that the created partition is recognized as `/dev/sda1`. + +. Format the partition with the _FAT32_ file system. ++ +---- +$ sudo mkfs.vfat /dev/sda1 +---- + +. Create the `/boot/efi` directory as a mount point for the new partition. ++ +---- +$ sudo mkdir /boot/efi +---- + +. Mount the partition to the `/boot/efi` mount point. ++ +---- +$ sudo mount /dev/sda1 /boot/efi +---- + +. Proceed to the next part. + + +== Install the bootloader files +[[install-the-bootloader-files]] + +In order to use *GRUB2* with on the UEFI systems, you need to install or re-install appropriate packages: + + +. Re-install the necessary packages. ++ +---- +dnf reinstall grub2-efi grub2-efi-modules shim +---- + +. If the above command ends with an error, install the packages. ++ +---- +dnf install grub2-efi grub2-efi-modules shim +---- + +.More information + +* This installs the signed *shim* and the *GRUB2* binary. + +== Create a GRUB2 configuration +[[create-a-grub-2-configuration]] + + +If you already have a working *GRUB2* EFI configuration file, you do not need to do anything else. + +Otherwise, create the configuration file using the `grub2-mkconfig` command. + +---- +$ sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg +---- + +.More information +* Under EFI, *GRUB2* looks for its configuration in +`/boot/efi/EFI/fedora/grub.cfg`. +* For newly installed kernels to work, +`grubby` expects `/etc/grub2-efi.cfg` to be a symlink to the real +grub.cfg (for example `/boot/efi/EFI/fedora/grub.cfg`). + diff --git a/en-US/pool.adoc b/en-US/pool.adoc new file mode 100644 index 0000000..c679903 --- /dev/null +++ b/en-US/pool.adoc @@ -0,0 +1,51 @@ + +[[setting-default-entry]] +== Setting default entry + +Due to `grub2-mkconfig` (and *os-prober*) we cannot predict the order of +the entries in `/boot/grub2/grub.cfg`, so we set the default by +name/title instead. + +.Before you start + +. Open `/etc/default/grub` and make sure these lines exist in the file. ++ +---- +GRUB_DEFAULT=saved +GRUB_SAVEDEFAULT=false +---- + +. Apply the changes to `grub.cfg` by running. ++ +---- +$sudo grub2-mkconfig -o /boot/grub2/grub.cfg +---- + +.Procedure + +. List all possible menu entries. ++ +---- +$sudo grep -P "submenu|^menuentry" /boot/grub2/grub.cfg | cut -d "'" -f2 +---- + +. Set the desired default menu entry ++ +---- +$sudo grub2-set-default "" +---- + +. Verify the default menu entry ++ +---- +$sudo grub2-editenv list +---- + +.More information +If you understand the risks involved, you can manually modify the +`/boot/grub2/grub.cfg` file. In that case, set the number of the default operating system using the `set default` variable. + +For example: +---- +set default="5" +---- From 886b12ffd245ae7c1d16d6f6ba22f8a57f418e37 Mon Sep 17 00:00:00 2001 From: Lukas Ruzicka Date: Wed, 13 Dec 2017 12:45:40 +0100 Subject: [PATCH 3/5] Update grub2.adoc * Edit original content * Add new content * Fix asciidoc markup * Modularize --- en-US/assemblies/test | 0 en-US/bootloading-with-grub2.adoc | 49 + en-US/bootloading-with-grub2.html | 1280 +++++++++++++++++ en-US/concepts/test | 0 en-US/installing-grub2.adoc | 4 +- ..._adding-other-operating-systems-grub2.adoc | 17 +- ...ith-configfile-on-different-partition.adoc | 32 + ...ing-menu-entries-with-uefi-bootloader.adoc | 38 - .../proc_enabling-serial-console-grub.adoc | 19 + .../proc_installing-grub2-on-bios-system.adoc | 12 +- .../proc_installing-grub2-on-efi-system.adoc | 39 +- ..._restoring-bootloader-using-live-disk.adoc | 72 + .../proc_setting-default-entry-for-grub2.adoc | 61 + ...ng-password-for-interactive-edit-mode.adoc | 36 + en-US/modules/proc_solving-absent-floppy.adoc | 12 + en-US/modules/proc_using-grub2-prompt.adoc | 69 + .../proc_using-old-graphics-modes.adoc | 23 + en-US/modules/test | 0 en-US/pool.adoc | 43 +- en-US/procedures/test | 0 en-US/references/test | 0 21 files changed, 1709 insertions(+), 97 deletions(-) delete mode 100644 en-US/assemblies/test create mode 100644 en-US/bootloading-with-grub2.adoc create mode 100644 en-US/bootloading-with-grub2.html delete mode 100644 en-US/concepts/test create mode 100644 en-US/modules/proc_booting-with-configfile-on-different-partition.adoc delete mode 100644 en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc create mode 100644 en-US/modules/proc_enabling-serial-console-grub.adoc create mode 100644 en-US/modules/proc_restoring-bootloader-using-live-disk.adoc create mode 100644 en-US/modules/proc_setting-default-entry-for-grub2.adoc create mode 100644 en-US/modules/proc_setting-password-for-interactive-edit-mode.adoc create mode 100644 en-US/modules/proc_solving-absent-floppy.adoc create mode 100644 en-US/modules/proc_using-grub2-prompt.adoc create mode 100644 en-US/modules/proc_using-old-graphics-modes.adoc delete mode 100644 en-US/modules/test delete mode 100644 en-US/procedures/test delete mode 100644 en-US/references/test diff --git a/en-US/assemblies/test b/en-US/assemblies/test deleted file mode 100644 index e69de29..0000000 diff --git a/en-US/bootloading-with-grub2.adoc b/en-US/bootloading-with-grub2.adoc new file mode 100644 index 0000000..b2b5a7c --- /dev/null +++ b/en-US/bootloading-with-grub2.adoc @@ -0,0 +1,49 @@ +:md: ./modules + + += Bootloading with *GRUB2* +[[bootloading-with-grub2]] + +*GRUB2* is the latest version of *GNU GRUB*, the _GRand Unified Bootloader_. +A bootloader is the first software program that runs when a computer +starts. It is responsible for loading and transferring control to the +operating system kernel. In Fedora, the kernel is Linux. The kernel then initializes +the rest of the operating system. + +*GRUB2* is the follower of the previous version *GRUB* (version 0.9x). The original version is available under the name *GRUB Legacy*. + +Since Fedora 16, *GRUB2* has been the default bootloader on x86 BIOS +systems. For upgrades of BIOS systems, the default is also to install +*GRUB2*, but you can opt to skip bootloader configuration entirely. + +include::{md}/proc_installing-grub2-on-bios-system.adoc[leveloffset=+1] + +include::{md}/proc_installing-grub2-on-efi-system.adoc[leveloffset=+1] + +include::{md}/proc_adding-other-operating-systems-grub2.adoc[leveloffset=+1] + +include::{md}/proc_setting-default-entry-for-grub2.adoc[leveloffset=+1] + +include::{md}/proc_restoring-bootloader-using-live-disk.adoc[leveloffset=+1] + +include::{md}/proc_using-grub2-prompt.adoc[leveloffset=+1] + +include::{md}/proc_booting-with-configfile-on-different-partition.adoc[leveloffset=+1] + +include::{md}/proc_setting-password-for-interactive-edit-mode.adoc[leveloffset=+1] + +include::{md}/proc_solving-absent-floppy.adoc[leveloffset=+1] + +include::{md}/proc_using-old-graphics-modes.adoc[leveloffset=+1] + +include::{md}/proc_enabling-serial-console-grub.adoc[leveloffset=+1] + +[[further-reading]] +== Further Reading + +* http://www.gnu.org/software/grub/manual/grub.html + +See a typo, something missing or out of date, or anything else which can be +improved? Edit this document at https://pagure.io/fedora-docs/quick-docs. + + diff --git a/en-US/bootloading-with-grub2.html b/en-US/bootloading-with-grub2.html new file mode 100644 index 0000000..b0dafde --- /dev/null +++ b/en-US/bootloading-with-grub2.html @@ -0,0 +1,1280 @@ + + + + + + + + +Bootloading with GRUB2 + + + + + +
+
+
+
+

GRUB2 is the latest version of GNU GRUB, the GRand Unified Bootloader. +A bootloader is the first software program that runs when a computer +starts. It is responsible for loading and transferring control to the +operating system kernel. In Fedora, the kernel is Linux. The kernel then initializes +the rest of the operating system.

+
+
+

GRUB2 is the follower of the previous version GRUB (version 0.9x). The original version is available under the name GRUB Legacy.

+
+
+

Since Fedora 16, GRUB2 has been the default bootloader on x86 BIOS +systems. For upgrades of BIOS systems, the default is also to install +GRUB2, but you can opt to skip bootloader configuration entirely.

+
+
+
+
+

Installing GRUB2 on a BIOS system

+
+
+

Normally, GRUB2 will be installed and set up by the installer, Anaconda, during the installation process. You will probably never have to deal with manual installation of GRUB2. However, in certain situations , you will want to install GRUB2 manually, especially if you need to repair the existing GRUB2 installation or you want to change its configuration.

+
+
+

This procedure shows the steps to install GRUB2 on your Master Boot Record (MBR) of your primary hard disk.

+
+
+

Before you start:

+
+
+
Before you start
+
    +
  • +

    Make sure you have the the GRUB2 packages and the os-prober package installed in your system:

    +
    +
    +
    $ dnf list installed | grep grub
    +
    +
    +
  • +
  • +

    To automatically collect information about your disks and operating systems installed on them, the os-prober package needs to be installed on your system.

    +
  • +
+
+
+
Procedure
+
    +
  1. +

    Create a configuration file for GRUB2.

    +
    +
    +
    $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    +
    +
    +
  2. +
  3. +

    List block devices available on the system.

    +
    +
    +
    $ lsblk
    +
    +
    +
  4. +
  5. +

    Identify the primary hard disk. Usually, it is the sda device.

    +
  6. +
  7. +

    Install GRUB2 in the MBR of the primary hard disk.

    +
    +
    +
    $ sudo grub2-install /dev/sda
    +
    +
    +
  8. +
  9. +

    Reboot your computer to boot with the newly installed bootloader.

    +
  10. +
+
+
+
More information
+
    +
  • +

    The grub2-mkconfig command creates a new configuration based on the currently +running system. It collects information from the /boot partition (or directory), from the /etc/default/grub file, and the customizable scripts in /etc/grub.d/.

    +
  • +
  • +

    The configuration format is changing with time, and a new configuration +file can become slightly incompatible with the older versions of the bootloader. Always run grub2-install before you create the configuration file with grub2-mkconfig.

    +
  • +
  • +

    In Fedora, it is generally safe to edit /boot/grub2/grub.cfg manually. Grubby in Fedora patches the configuration when a kernel update is performed and will try to not make any other changes than what is necessary. Manual changes can be overwritten with grub2-mkconfig when the system gets upgraded with +Anaconda. Customizations placed in /etc/grub.d/40_custom or +/boot/grub2/custom.cfg files will survive running the grub2-mkconfig command.

    +
  • +
+
+
+
+
+

Installing GRUB2 on a UEFI system

+
+
+

Normally, GRUB2 will be installed and set up by the installer, Anaconda, during the installation process. You will probably never have to deal with manual installation of GRUB2. However, in certain situations , you will want to install GRUB2 manually, especially if you need to repair the existing GRUB2 installation or you want to change its configuration.

+
+
+

This procedure shows the steps to install GRUB2 on a UEFI system on Fedora 18 or newer. The procedure consists of four parts.

+
+
+

Creating an EFI System Partition

+
+

The UEFI firmware requires to boot from an EFI System Partition on +a disk with a GPT label. To create such a partition:

+
+
+
    +
  1. +

    List available block devices to find a place to create your ESP.

    +
    +
    +
    $ lsblk
    +
    +
    +
  2. +
  3. +

    Create at least a 128 MiB disk partition using a GPT label on the primary hard disk.

    +
    +
    +
    $ sudo gdisk /dev/sda
    +
    +
    +
    +

    For the sake of this procedure, we assume that the created partition is recognized as /dev/sda1.

    +
    +
  4. +
  5. +

    Format the partition with the FAT32 file system.

    +
    +
    +
    $ sudo mkfs.vfat /dev/sda1
    +
    +
    +
  6. +
  7. +

    Create the /boot/efi directory as a mount point for the new partition.

    +
    +
    +
    $ sudo mkdir /boot/efi
    +
    +
    +
  8. +
  9. +

    Mount the partition to the /boot/efi mount point.

    +
    +
    +
    $ sudo mount /dev/sda1 /boot/efi
    +
    +
    +
  10. +
  11. +

    Proceed to the next part.

    +
  12. +
+
+
+
+

Install the bootloader files

+
+

In order to use GRUB2 with on the UEFI systems, you need to install or re-install appropriate packages:

+
+
+
    +
  1. +

    Re-install the necessary packages.

    +
    +
    +
    dnf reinstall grub2-efi grub2-efi-modules shim
    +
    +
    +
  2. +
  3. +

    If the above command ends with an error, install the packages.

    +
    +
    +
    dnf install grub2-efi grub2-efi-modules shim
    +
    +
    +
  4. +
+
+
+
More information
+
    +
  • +

    This installs the signed shim and the GRUB2 binary.

    +
  • +
+
+
+
+

Create a GRUB2 configuration

+
+

If you already have a working GRUB2 EFI configuration file, you do not need to do anything else.

+
+
+

Otherwise, create the configuration file using the grub2-mkconfig command.

+
+
+
+
$ sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg
+
+
+
+
More information
+
    +
  • +

    Under EFI, GRUB2 looks for its configuration in +/boot/efi/EFI/fedora/grub.cfg.

    +
  • +
  • +

    For newly installed kernels to work, +grubby expects /etc/grub2-efi.cfg to be a symlink to the real +grub.cfg (for example /boot/efi/EFI/fedora/grub.cfg).

    +
  • +
+
+
+
+

Solving problems with UEFI bootloader

+
+

When you power on your system, your firmware will look for EFI variables that tell it how to boot. On running systems, which have booted into the EFI mode and their EFI runtime services are working correctly, you can configure your boot menu with efibootmgr.

+
+
+

If not, shim can help you bootstrap. The EFI program +/boot/efi/EFI/BOOT/fallback.efi will look for files called BOOT.CSV +in your ESP and will add boot entries corresponding to them. The shim command +provides its own BOOT.CSV file that will add an entry for grub2-efi.

+
+
+

During the boot process, you can use the EFI Shell to invoke the fallback.efi profile to boot the system:

+
+
+
    +
  1. +

    Enter the boot partition.

    +
    +
    +
    > fs0:
    +
    +
    +
  2. +
  3. +

    Navigate into the EFI\BOOT directory.

    +
    +
    +
    > cd EFI\BOOT
    +
    +
    +
  4. +
  5. +

    Invoke the fallback.efi profile.

    +
    +
    +
    > fallback.efi
    +
    +
    +
  6. +
+
+
+
More information
+
    +
  • +

    If you have no boot entries at all, then just booting off your disk in +UEFI mode should automatically invoke /boot/efi/EFI/BOOT/BOOTX64.EFI, +which will, in turn, invoke fallback.efi.

    +
  • +
  • +

    If you already have incorrect boot entries, you’ll either need to delete +them or to modify BOOT.CSV to create new entries with different names.

    +
  • +
+
+
+
+
+
+

Adding other operating systems to the GRUB2 menu

+
+
+

Normally, GRUB2 is preset to boot multiple operating systems during the Fedora installation process. If you can, it is advisable to install non-Linux operating systems first. Then, during the installation process, all those operating systems and their locations will be discovered and properly set.

+
+
+

Adding other records into the GRUB2 menu only means to run grub2-mkconfig command to regenerate the configuration files. During this process, all operating systems known to the system will be added into the configuration. By reinstalling GRUB2 into the MBR, this configuration will be used for further boots.

+
+
+
Before you start
+
    +
  • +

    Make sure that the operating systems are on disks, connected to the system.

    +
  • +
  • +

    You have the os-prober package installed.

    +
  • +
+
+
+
Procedure
+
    +
  1. +

    Recreate the GRUB2 configuration file.

    +
    +
    +
    $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    +
    +
    +
  2. +
  3. +

    Install GRUB2 into the MBR of your primary hard disk.

    +
    +
    +
    $ sudo grub2-install /dev/sda
    +
    +
    +
  4. +
+
+
+
More information
+
    +
  • +

    The grub2-mkconfig command will add entries for all operating systems it can find.

    +
  • +
  • +

    When problems appear, see the GRUB manual to solve issues with booting secondary operating systems.

    +
  • +
+
+
+
+
+

Setting default entry for GRUB2

+
+
+

Since grub2-mkconfig (and os-prober) cannot estimate which operating system, of those it finds, is to be marked as default, we usually are unable to predict the order of +the entries in /boot/grub2/grub.cfg. To change the default layout, we need to set the default based on the name or title.

+
+
+
Before you start
+
    +
  1. +

    Open /etc/default/grub and make sure these lines exist in the file.

    +
    +
    +
    GRUB_DEFAULT=saved
    +GRUB_SAVEDEFAULT=false
    +
    +
    +
  2. +
  3. +

    If you needed to change the content of the /etc/default/grub, apply the changes to grub.cfg.

    +
    +
    +
    $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg
    +
    +
    +
  4. +
+
+
+
Procedure
+
    +
  1. +

    List all possible menu entries.

    +
    +
    +
    $ sudo grep -P "^menuentry" /boot/grub2/grub.cfg | cut -d "'" -f2
    +
    +
    +
  2. +
  3. +

    Select one of the displayed options and use it as an argument to set the default menu entry.

    +
    +
    +
    $ sudo grub2-set-default <menuentry>
    +
    +
    +
  4. +
  5. +

    Verify the default menu entry

    +
    +
    +
    $ sudo grub2-editenv list
    +
    +
    +
  6. +
  7. +

    Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  8. +
+
+
+
More information
+

If you understand the risks involved, you can manually modify the +/boot/grub2/grub.cfg file. In that case, set the number of the default operating system using the set default variable.

+
+
+

For example:

+
+
+
+
set default="5"
+
+
+
+ + + + + +
+
Note
+
+
+

If you edit the configuration file manually, the settings will be overwritten each time the grub2-mkconfig command runs.

+
+
+
+
+
+
+

Restoring the bootloader using the Live disk.

+
+
+

Sometimes, especially after a secondary operating systems has been installed, the master boot record gets damaged which then prevents the original Linux system from booting.

+
+
+

If this happens, it is necessary to reinstall GRUB2 to recreate the original settings. The process not only discovers all installed operating systems, but usually adds them to the GRUB2 configuration files, so they will all become bootable by GRUB2.

+
+
+
Before you start
+
    +
  • +

    Get the Fedora Live ISO from getfedora.org.

    +
  • +
  • +

    Prepare a bootable device using the downloaded ISO, either a CD or a USB.

    +
  • +
+
+
+
Procedure
+
    +
  1. +

    Boot the Fedora live system from the bootable device you have created.

    +
  2. +
  3. +

    Open the terminal.

    +
  4. +
  5. +

    Examine the partition layout and identify the boot and the root partition.

    +
    +
    +
    $ sudo fdisk -l
    +
    +
    +
    +

    If you are using the default Fedora layout, there will be one /dev/sda1 partition that holds the /boot directory and one /dev/mapper/fedora-root that holds the root file system.

    +
    +
  6. +
  7. +

    Create the mount point for the root partition.

    +
    +
    +
    $ sudo mkdir -p /mnt/root
    +
    +
    +
  8. +
  9. +

    Mount the root partition on the mount point.

    +
    +
    +
    $ sudo mount /dev/mapper/fedora-root /mnt/root
    +
    +
    +
  10. +
  11. +

    Mount the boot partition in the boot directory of the filesystem that you have mounted in the previous step.

    +
    +
    +
    $ sudo mount /dev/sda1 /mnt/root/boot/
    +
    +
    +
  12. +
  13. +

    Mount system processes and devices into the root filesystem in /mnt/root.

    +
    +
    +
    $ sudo mount -o bind /dev /mnt/root/dev
    +$ sudo mount -o bind /proc /mnt/root/proc
    +$ sudo mount -o bind /sys /mnt/root/sys
    +$ sudo mount -o bind /run /mnt/root/run
    +
    +
    +
  14. +
  15. +

    Change your filesystem into the one mounted under /mnt/root.

    +
    +
    +
    $ sudo chroot /mnt/root
    +
    +
    +
  16. +
  17. +

    Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  18. +
  19. +

    Exit this temporary root filesystem.

    +
    +
    +
    $ exit
    +
    +
    +
  20. +
  21. +

    Your bootloader should be now restored. Reboot your computer to boot into your normal system.

    +
    +
    +
    $ sudo systemctl reboot
    +
    +
    +
  22. +
+
+
+
+
+

Using the GRUB2 boot prompt

+
+
+

If improperly configured, GRUB2 may fail to load and subsequently drop +to a boot prompt. To boot into the system, proceed as follows:

+
+
+
    +
  1. +

    Load the XFS and LVM modules

    +
    +
    +
    insmod xfs
    +insmod lvm
    +
    +
    +
  2. +
  3. +

    List the drives which GRUB2 sees:

    +
    +
    +
    grub2> ls
    +
    +
    +
  4. +
  5. +

    Study the output for the partition table of the /dev/sda device. It may look similar to the following example on a dos partition table with three partitons. +will look something like this:

    +
    +
    +
    (hd0) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1)
    +
    +
    +
    +

    or similar to this output on a gpt partition table of the /dev/sda device with four +partitions.

    +
    +
    +
    +
    (hd0) (hd0,gpt4) (hd0,gpt3)  (hd0,gpt2) (hd0,gpt1)
    +
    +
    +
  6. +
  7. +

    Probe each partition of the drive and locate your vmlinuz and initramfs files.

    +
    +
    +
    ls (hd0,1)/
    +
    +
    +
    +

    The outcome of the previous command will list the files on /dev/sda1. If this partition contains the /boot directory, it will show the full name of vmlinuz and initramfs.

    +
    +
  8. +
  9. +

    Set the root partition.

    +
    +
    +
    grub> set root=(hd0,3)
    +
    +
    +
  10. +
  11. +

    Set the desired kernel.

    +
    +
    +
    grub> linux (hd0,1)/vmlinuz-3.0.0-1.fc16.i686 root=/dev/sda3 rhgb quiet selinux=0
    +# NOTE : add other kernel args if you need them
    +# NOTE : change the numbers to match your system
    +
    +
    +
  12. +
  13. +

    Set the desired initrd.

    +
    +
    +
    grub> initrd (hd0,1)/initramfs-3.0.0-1.fc16.i686.img
    +# NOTE : change the numbers to match your system
    +
    +
    +
  14. +
  15. +

    Boot with the selected settings.

    +
    +
    +
    grub> boot
    +
    +
    +
  16. +
  17. +

    To restore the bootloader’s functionality, regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  18. +
+
+
+
+
+

Booting the system using a configuration file on a different partition.

+
+
+

If you end up in GRUB2 boot prompt, it is also possible to boot using a configfile that’s located on another +partition, as is often the case with multi-boot systems containing Ubuntu and Fedora. To boot the system using a configuration files on a different partition:

+
+
+
Procedure
+
    +
  1. +

    Load necessary modules to read the partitions.

    +
    +
    +
    insmod part_msdos
    +insmod xfs
    +insmod lvm
    +
    +
    +
  2. +
  3. +

    Set the root partition.

    +
    +
    +
    set root='hd0,msdos1'
    +
    +
    +
  4. +
  5. +

    Set the path to the configuration file.

    +
    +
    +
    configfile /grub2/grub.cfg
    +
    +
    +
  6. +
+
+
+
More information
+
    +
  • +

    The hd0,msdos1 line shows the pertinent boot partition, which holds the +grub.cfg file. The setting may be different on your system. See also Using the GRUB2 boot prompt for more information.

    +
  • +
+
+
+
+
+

Setting a password for interactive edit mode

+
+
+

If you wish to protect the GRUB2 interactive edit mode with a password, but allow ordinary users to boot the computer, you have to create a definition file where you set up this functionality:

+
+
+
Procedure
+
    +
  1. +

    Create the /etc/grub.d/01_users file and write the following lines into the file.

    +
    +
    +
    set superusers="root"
    +export superusers
    +password root <password>
    +
    +
    +
  2. +
  3. +

    Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  4. +
+
+
+
More information
+

You can encrypt the password by using pbkdf2. Use grub2-mkpasswd-pbkdf2 +to encrypt the password, then replace the password line with:

+
+
+
+
password_pbkdf2 root grub.pbkdf2.sha512.10000.1B4BD9B60DE889A4C50AA9458C4044CBE129C9607B6231783F7E4E7191D8254C0732F4255178E2677BBE27D03186E44815EEFBAD82737D81C87F5D24313DDDE7.E9AEB53A46A16F30735E2558100D8340049A719474AEEE7E3F44C9C5201E2CA82221DCF2A12C39112A701292BF4AA071EB13E5EC8C8C84CC4B1A83304EA10F74
+
+
+
+

More details can be found at +Ubuntu Help: GRUB2 +Passwords.

+
+
+ + + + + +
+
Note
+
+
+

Starting from Fedora 21, the --md5pass kickstart option must be used when using the grub2-mkpasswd-pbkdf2 command.

+
+
+
+
+
+
+

Dealing with the "Absent Floppy Disk" Error

+
+
+

It has been reported by some users that GRUB2 may fail to install on a partition’s boot sector if the computer’s floppy controller is activated in BIOS without an actual floppy disk +drive being present. Such situations resulted in an Absent Floppy Disk error.

+
+
+

To workaround this issue, go into the rescue mode and follow the procedure in Installing GRUB2 on a BIOS system GRUB2, but use the --no-floppy option with the grub2-install command.

+
+
+
+
grub2-install <target device> --no-floppy
+
+
+
+
+
+

Using old graphics modes in bootloader

+
+
+

The terminal device is chosen with GRUB_TERMINAL. For more information, see the Grub manual.

+
+
+

Valid terminal output names depend on the platform, but may include +console (PC BIOS and EFI consoles), serial (serial terminal), +gfxterm (graphics-mode output), ofconsole (Open Firmware console), +or vga_text (VGA text output, mainly useful with Coreboot).

+
+
+

The default is to use the platform’s native terminal output.

+
+
+

In Fedora, gfxterm is the default options. To get the legacy graphics modes:

+
+
+
Procedure
+
    +
  1. +

    Edit the /etc/default/grub file.

    +
  2. +
  3. +

    Set the GRUB_TERMINAL variable to one of the above mentioned options.

    +
  4. +
  5. +

    Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  6. +
+
+
+
+
+

Enabling Serial Console in GRUB2

+
+
+

To enable Serial console in grub:

+
+
+
Procedure
+
    +
  1. +

    Edit the /etc/default/grub file.

    +
  2. +
  3. +

    Adjust baudrate, parity, bits, and flow controls to fit your environment and cables, see the example.

    +
    +
    +
    GRUB_CMDLINE_LINUX='console=tty0 console=ttyS0,115200n8'
    +GRUB_TERMINAL=serial
    +GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1"
    +
    +
    +
  4. +
  5. +

    Regenerate the GRUB2 configuration file and reinstall the bootloader into the MBR, as described in Adding other operating systems to the GRUB2 menu.

    +
  6. +
+
+
+
+
+

Further Reading

+
+ +
+

See a typo, something missing or out of date, or anything else which can be +improved? Edit this document at https://pagure.io/fedora-docs/quick-docs.

+
+
+
+
+ + + \ No newline at end of file diff --git a/en-US/concepts/test b/en-US/concepts/test deleted file mode 100644 index e69de29..0000000 diff --git a/en-US/installing-grub2.adoc b/en-US/installing-grub2.adoc index 58485f0..200ca0a 100644 --- a/en-US/installing-grub2.adoc +++ b/en-US/installing-grub2.adoc @@ -1,8 +1,8 @@ :md: ./modules -= Installing *GRUB2* -[[installing-grub2]] += Bootloading with *GRUB2* +[[bootloading-with-grub2]] *GRUB2* is the latest version of *GNU GRUB*, the _GRand Unified Bootloader_. A bootloader is the first software program that runs when a computer diff --git a/en-US/modules/proc_adding-other-operating-systems-grub2.adoc b/en-US/modules/proc_adding-other-operating-systems-grub2.adoc index dd918d3..27a0d9d 100644 --- a/en-US/modules/proc_adding-other-operating-systems-grub2.adoc +++ b/en-US/modules/proc_adding-other-operating-systems-grub2.adoc @@ -1,9 +1,9 @@ = Adding other operating systems to the *GRUB2* menu -[[adding-other-operating-systems-to-the-grub-2-menu]] +[[adding-other-operating-systems-grub2]] Normally, *GRUB2* is preset to boot multiple operating systems during the Fedora installation process. If you can, it is advisable to install non-Linux operating systems first. Then, during the installation process, all those operating systems and their locations will be discovered and properly set. -Sometimes, however, you cannot use this approach and you will have to create the bootloader configuration file again to enable it to boot more operating systems. +Adding other records into the *GRUB2* menu only means to run `grub2-mkconfig` command to regenerate the configuration files. During this process, all operating systems known to the system will be added into the configuration. By reinstalling *GRUB2* into the MBR, this configuration will be used for further boots. .Before you start @@ -12,18 +12,19 @@ Sometimes, however, you cannot use this approach and you will have to create the .Procedure -. Install *GRUB2* into the MBR of your primary hard disk. -+ ----- -$ sudo grub2-install /dev/sda ----- - . Recreate the *GRUB2* configuration file. + ---- $ sudo grub2-mkconfig -o /boot/grub2/grub.cfg ---- +. Install *GRUB2* into the MBR of your primary hard disk. ++ +---- +$ sudo grub2-install /dev/sda +---- + + .More information * The `grub2-mkconfig` command will add entries for all operating systems it can find. * When problems appear, see the link:http://www.gnu.org/software/grub/manual/grub.html#Multi_002dboot-manual-config[GRUB manual] to solve issues with booting secondary operating systems. diff --git a/en-US/modules/proc_booting-with-configfile-on-different-partition.adoc b/en-US/modules/proc_booting-with-configfile-on-different-partition.adoc new file mode 100644 index 0000000..c73ee05 --- /dev/null +++ b/en-US/modules/proc_booting-with-configfile-on-different-partition.adoc @@ -0,0 +1,32 @@ += Booting the system using a configuration file on a different partition. +[[booting-with-configfile-on-different-partition]] + +If you end up in *GRUB2* boot prompt, it is also possible to boot using a _configfile_ that's located on another +partition, as is often the case with multi-boot systems containing Ubuntu and Fedora. To boot the system using a configuration files on a different partition: + +.Procedure + +. Load necessary modules to read the partitions. ++ +---- +insmod part_msdos +insmod xfs +insmod lvm +---- + +. Set the root partition. ++ +---- +set root='hd0,msdos1' +---- + +. Set the path to the configuration file. ++ +---- +configfile /grub2/grub.cfg +---- + +.More information +* The *hd0,msdos1* line shows the pertinent _boot_ partition, which holds the +`grub.cfg` file. The setting may be different on your system. See also xref:using-grub2-prompt[Using the GRUB2 boot prompt] for more information. + diff --git a/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc b/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc deleted file mode 100644 index e76cde1..0000000 --- a/en-US/modules/proc_creating-menu-entries-with-uefi-bootloader.adoc +++ /dev/null @@ -1,38 +0,0 @@ -= Creating the boot menu entries with UEFI bootloader -[[creating-the-boot-menu-entries-with-uefi-bootloader]] - -When you power on your system, your firmware will look for EFI variables that tell it how to boot. On running systems, which have booted into the EFI mode and their EFI runtime services are working correctly, you can configure your boot menu with `efibootmgr`. - -If not, `shim` can help you bootstrap. The EFI program -`/boot/efi/EFI/BOOT/fallback.efi` will look for files called `BOOT.CSV` -in your ESP and will add boot entries corresponding to them. The `shim` command -provides its own `BOOT.CSV` file that will add an entry for `grub2-efi`. - -During the boot process, you can use the *EFI Shell* to invoke the `fallback.efi` profile to boot the system: - -. Enter the boot partition. -+ ----- -> fs0: ----- - -. Navigate into the `EFI\BOOT` directory. -+ ----- -> cd EFI\BOOT ----- - -. Invoke the `fallback.efi` profile. -+ ----- -> fallback.efi ----- - -.More information -* If you have no boot entries at all, then just booting off your disk in -UEFI mode should automatically invoke `/boot/efi/EFI/BOOT/BOOTX64.EFI`, -which will, in turn, invoke `fallback.efi`. -* If you already have incorrect boot entries, you'll either need to delete -them or to modify `BOOT.CSV` to create new entries with different names. - - diff --git a/en-US/modules/proc_enabling-serial-console-grub.adoc b/en-US/modules/proc_enabling-serial-console-grub.adoc new file mode 100644 index 0000000..12948a9 --- /dev/null +++ b/en-US/modules/proc_enabling-serial-console-grub.adoc @@ -0,0 +1,19 @@ += Enabling Serial Console in GRUB2 +[[enabling-serial-console-grub]] + +To enable Serial console in grub: + +.Procedure + +. Edit the `/etc/default/grub` file. + +. Adjust `baudrate`, `parity`, `bits`, and `flow` controls to fit your environment and cables, see the example. ++ +---- +GRUB_CMDLINE_LINUX='console=tty0 console=ttyS0,115200n8' +GRUB_TERMINAL=serial +GRUB_SERIAL_COMMAND="serial --speed=115200 --unit=0 --word=8 --parity=no --stop=1" +---- + +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. + diff --git a/en-US/modules/proc_installing-grub2-on-bios-system.adoc b/en-US/modules/proc_installing-grub2-on-bios-system.adoc index 1d2c948..7ca50ed 100644 --- a/en-US/modules/proc_installing-grub2-on-bios-system.adoc +++ b/en-US/modules/proc_installing-grub2-on-bios-system.adoc @@ -20,6 +20,12 @@ $ dnf list installed | grep grub .Procedure +. Create a configuration file for *GRUB2*. ++ +---- +$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg +---- + . List block devices available on the system. + ---- @@ -34,12 +40,6 @@ $ lsblk $ sudo grub2-install /dev/sda ---- -. Create a configuration file for *GRUB2*. -+ ----- -$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg ----- - . Reboot your computer to boot with the newly installed bootloader. .More information diff --git a/en-US/modules/proc_installing-grub2-on-efi-system.adoc b/en-US/modules/proc_installing-grub2-on-efi-system.adoc index a02b345..3a5fec6 100644 --- a/en-US/modules/proc_installing-grub2-on-efi-system.adoc +++ b/en-US/modules/proc_installing-grub2-on-efi-system.adoc @@ -3,7 +3,7 @@ Normally, *GRUB2* will be installed and set up by the installer, *Anaconda*, during the installation process. You will probably never have to deal with manual installation of *GRUB2*. However, in certain situations , you will want to install *GRUB2* manually, especially if you need to repair the existing *GRUB2* installation or you want to change its configuration. -This procedure shows the steps to install *GRUB2* on a UEFI system on Fedora 18 or newer. The procedure consists of three parts. +This procedure shows the steps to install *GRUB2* on a UEFI system on Fedora 18 or newer. The procedure consists of four parts. == Creating an EFI System Partition [[create-an-esp]] @@ -87,3 +87,40 @@ $ sudo grub2-mkconfig -o /boot/efi/EFI/fedora/grub.cfg `grubby` expects `/etc/grub2-efi.cfg` to be a symlink to the real grub.cfg (for example `/boot/efi/EFI/fedora/grub.cfg`). +== Solving problems with UEFI bootloader +[[solving-problems-with-uefi-bootloader]] + +When you power on your system, your firmware will look for EFI variables that tell it how to boot. On running systems, which have booted into the EFI mode and their EFI runtime services are working correctly, you can configure your boot menu with `efibootmgr`. + +If not, `shim` can help you bootstrap. The EFI program +`/boot/efi/EFI/BOOT/fallback.efi` will look for files called `BOOT.CSV` +in your ESP and will add boot entries corresponding to them. The `shim` command +provides its own `BOOT.CSV` file that will add an entry for `grub2-efi`. + +During the boot process, you can use the *EFI Shell* to invoke the `fallback.efi` profile to boot the system: + +. Enter the boot partition. ++ +---- +> fs0: +---- + +. Navigate into the `EFI\BOOT` directory. ++ +---- +> cd EFI\BOOT +---- + +. Invoke the `fallback.efi` profile. ++ +---- +> fallback.efi +---- + +.More information +* If you have no boot entries at all, then just booting off your disk in +UEFI mode should automatically invoke `/boot/efi/EFI/BOOT/BOOTX64.EFI`, +which will, in turn, invoke `fallback.efi`. +* If you already have incorrect boot entries, you'll either need to delete +them or to modify `BOOT.CSV` to create new entries with different names. + diff --git a/en-US/modules/proc_restoring-bootloader-using-live-disk.adoc b/en-US/modules/proc_restoring-bootloader-using-live-disk.adoc new file mode 100644 index 0000000..689f02d --- /dev/null +++ b/en-US/modules/proc_restoring-bootloader-using-live-disk.adoc @@ -0,0 +1,72 @@ += Restoring the bootloader using the Live disk. +[[restoring-bootloader-using-live-disk]] + +Sometimes, especially after a secondary operating systems has been installed, the master boot record gets damaged which then prevents the original Linux system from booting. + +If this happens, it is necessary to reinstall *GRUB2* to recreate the original settings. The process not only discovers all installed operating systems, but usually adds them to the *GRUB2* configuration files, so they will all become bootable by *GRUB2*. + +.Before you start + +* Get the Fedora Live ISO from link:https://download.fedoraproject.org/pub/fedora/linux/releases/27/Workstation/x86_64/iso/Fedora-Workstation-Live-x86_64-27-1.6.iso[getfedora.org]. +* Prepare a bootable device using the downloaded ISO, either a CD or a USB. + +.Procedure + +. Boot the Fedora live system from the bootable device you have created. + +. Open the terminal. + +. Examine the partition layout and identify the `boot` and the `root` partition. ++ +---- +$ sudo fdisk -l +---- ++ +If you are using the default Fedora layout, there will be one `/dev/sda1` partition that holds the `/boot` directory and one `/dev/mapper/fedora-root` that holds the root file system. + +. Create the mount point for the root partition. ++ +---- +$ sudo mkdir -p /mnt/root +---- + +. Mount the root partition on the mount point. ++ +---- +$ sudo mount /dev/mapper/fedora-root /mnt/root +---- + +. Mount the boot partition in the `boot` directory of the filesystem that you have mounted in the previous step. ++ +---- +$ sudo mount /dev/sda1 /mnt/root/boot/ +---- + +. Mount system processes and devices into the root filesystem in `/mnt/root`. ++ +---- +$ sudo mount -o bind /dev /mnt/root/dev +$ sudo mount -o bind /proc /mnt/root/proc +$ sudo mount -o bind /sys /mnt/root/sys +$ sudo mount -o bind /run /mnt/root/run +---- + +. Change your filesystem into the one mounted under `/mnt/root`. ++ +---- +$ sudo chroot /mnt/root +---- + +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. + +. Exit this temporary root filesystem. ++ +---- +$ exit +---- + +. Your bootloader should be now restored. Reboot your computer to boot into your normal system. ++ +---- +$ sudo systemctl reboot +---- diff --git a/en-US/modules/proc_setting-default-entry-for-grub2.adoc b/en-US/modules/proc_setting-default-entry-for-grub2.adoc new file mode 100644 index 0000000..f5e9c83 --- /dev/null +++ b/en-US/modules/proc_setting-default-entry-for-grub2.adoc @@ -0,0 +1,61 @@ += Setting default entry for *GRUB2* +[[setting-default-entry]] + +Since `grub2-mkconfig` (and *os-prober*) cannot estimate which operating system, of those it finds, is to be marked as default, we usually are unable to predict the order of +the entries in `/boot/grub2/grub.cfg`. To change the default layout, we need to set the default based on the `name` or `title`. + +.Before you start + +. Open `/etc/default/grub` and make sure these lines exist in the file. ++ +---- +GRUB_DEFAULT=saved +GRUB_SAVEDEFAULT=false +---- + +. If you needed to change the content of the `/etc/default/grub`, apply the changes to `grub.cfg`. ++ +---- +$ sudo grub2-mkconfig -o /boot/grub2/grub.cfg +---- + +.Procedure + +. List all possible menu entries. ++ +---- +$ sudo grep -P "^menuentry" /boot/grub2/grub.cfg | cut -d "'" -f2 +---- + +. Select one of the displayed options and use it as an argument to set the default menu entry. ++ +---- +$ sudo grub2-set-default +---- + +. Verify the default menu entry ++ +---- +$ sudo grub2-editenv list +---- + +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. + + + +.More information + +If you understand the risks involved, you can manually modify the +`/boot/grub2/grub.cfg` file. In that case, set the number of the default operating system using the `set default` variable. + +For example: +---- +set default="5" +---- + +[NOTE] +==== +If you edit the configuration file manually, the settings will be overwritten each time the `grub2-mkconfig` command runs. +==== + + diff --git a/en-US/modules/proc_setting-password-for-interactive-edit-mode.adoc b/en-US/modules/proc_setting-password-for-interactive-edit-mode.adoc new file mode 100644 index 0000000..8de6604 --- /dev/null +++ b/en-US/modules/proc_setting-password-for-interactive-edit-mode.adoc @@ -0,0 +1,36 @@ += Setting a password for interactive edit mode +[[setting-password-for-interactive-edit-mode]] + +If you wish to protect the *GRUB2* interactive edit mode with a password, but allow ordinary users to boot the computer, you have to create a definition file where you set up this functionality: + +.Procedure + +. Create the `/etc/grub.d/01_users` file and write the following lines into the file. ++ +---- +set superusers="root" +export superusers +password root +---- + +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. + + +.More information + +You can encrypt the password by using *pbkdf2*. Use `grub2-mkpasswd-pbkdf2` +to encrypt the password, then replace the password line with: + +---- +password_pbkdf2 root grub.pbkdf2.sha512.10000.1B4BD9B60DE889A4C50AA9458C4044CBE129C9607B6231783F7E4E7191D8254C0732F4255178E2677BBE27D03186E44815EEFBAD82737D81C87F5D24313DDDE7.E9AEB53A46A16F30735E2558100D8340049A719474AEEE7E3F44C9C5201E2CA82221DCF2A12C39112A701292BF4AA071EB13E5EC8C8C84CC4B1A83304EA10F74 +---- + +More details can be found at +https://help.ubuntu.com/community/Grub2/Passwords[Ubuntu Help: GRUB2 +Passwords]. + +[NOTE] +==== +Starting from Fedora 21, the `--md5pass` kickstart option must be used when using the `grub2-mkpasswd-pbkdf2` command. +==== + diff --git a/en-US/modules/proc_solving-absent-floppy.adoc b/en-US/modules/proc_solving-absent-floppy.adoc new file mode 100644 index 0000000..b2ba4f5 --- /dev/null +++ b/en-US/modules/proc_solving-absent-floppy.adoc @@ -0,0 +1,12 @@ +[[solving-absent-floppy]] += Dealing with the "Absent Floppy Disk" Error + +It has been reported by some users that *GRUB2* may fail to install on a partition's boot sector if the computer's floppy controller is activated in BIOS without an actual floppy disk +drive being present. Such situations resulted in an _Absent Floppy Disk_ error. + +To workaround this issue, go into the rescue mode and follow the procedure in xref:installing-grub-2-on-a-bios-system[Installing GRUB2 on a BIOS system] *GRUB2*, but use the `--no-floppy` option with the `grub2-install` command. + +---- +grub2-install --no-floppy +---- + diff --git a/en-US/modules/proc_using-grub2-prompt.adoc b/en-US/modules/proc_using-grub2-prompt.adoc new file mode 100644 index 0000000..16ba9c0 --- /dev/null +++ b/en-US/modules/proc_using-grub2-prompt.adoc @@ -0,0 +1,69 @@ += Using the GRUB2 boot prompt +[[using-the-grub-2-boot-prompt]] + +If improperly configured, *GRUB2* may fail to load and subsequently drop +to a boot prompt. To boot into the system, proceed as follows: + +. Load the XFS and LVM modules ++ +---- +insmod xfs +insmod lvm +---- + +. List the drives which *GRUB2* sees: ++ +---- +grub2> ls +---- + +. Study the output for the partition table of the `/dev/sda` device. It may look similar to the following example on a dos partition table with three partitons. +will look something like this: ++ +---- +(hd0) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1) +---- ++ +or similar to this output on a gpt partition table of the `/dev/sda` device with four +partitions. ++ +---- +(hd0) (hd0,gpt4) (hd0,gpt3) (hd0,gpt2) (hd0,gpt1) +---- + +. Probe each partition of the drive and locate your `vmlinuz` and `initramfs` files. ++ +---- +ls (hd0,1)/ +---- ++ +The outcome of the previous command will list the files on `/dev/sda1`. If this partition contains the `/boot` directory, it will show the full name of `vmlinuz` and `initramfs`. + +. Set the root partition. ++ +---- +grub> set root=(hd0,3) +---- + +. Set the desired kernel. ++ +---- +grub> linux (hd0,1)/vmlinuz-3.0.0-1.fc16.i686 root=/dev/sda3 rhgb quiet selinux=0 +# NOTE : add other kernel args if you need them +# NOTE : change the numbers to match your system +---- + +. Set the desired `initrd`. ++ +---- +grub> initrd (hd0,1)/initramfs-3.0.0-1.fc16.i686.img +# NOTE : change the numbers to match your system +---- + +. Boot with the selected settings. ++ +---- +grub> boot +---- + +. To restore the bootloader's functionality, regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. diff --git a/en-US/modules/proc_using-old-graphics-modes.adoc b/en-US/modules/proc_using-old-graphics-modes.adoc new file mode 100644 index 0000000..168bd88 --- /dev/null +++ b/en-US/modules/proc_using-old-graphics-modes.adoc @@ -0,0 +1,23 @@ += Using old graphics modes in bootloader +[[using-old-graphics-modes]] + +The terminal device is chosen with GRUB_TERMINAL. For more information, see the link:http://www.gnu.org/software/grub/manual/grub.html#Simple-configuration[Grub manual]. + +Valid terminal output names depend on the platform, but may include +`console` (PC BIOS and EFI consoles), `serial` (serial terminal), +`gfxterm` (graphics-mode output), `ofconsole` (Open Firmware console), +or `vga_text` (VGA text output, mainly useful with Coreboot). + +The default is to use the platform's native terminal output. + +In Fedora, `gfxterm` is the default options. To get the legacy graphics modes: + +.Procedure + +. Edit the `/etc/default/grub` file. + +. Set the `GRUB_TERMINAL` variable to one of the above mentioned options. + +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. + + diff --git a/en-US/modules/test b/en-US/modules/test deleted file mode 100644 index e69de29..0000000 diff --git a/en-US/pool.adoc b/en-US/pool.adoc index c679903..239f6b2 100644 --- a/en-US/pool.adoc +++ b/en-US/pool.adoc @@ -1,51 +1,10 @@ -[[setting-default-entry]] -== Setting default entry +. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. -Due to `grub2-mkconfig` (and *os-prober*) we cannot predict the order of -the entries in `/boot/grub2/grub.cfg`, so we set the default by -name/title instead. -.Before you start -. Open `/etc/default/grub` and make sure these lines exist in the file. -+ ----- -GRUB_DEFAULT=saved -GRUB_SAVEDEFAULT=false ----- -. Apply the changes to `grub.cfg` by running. -+ ----- -$sudo grub2-mkconfig -o /boot/grub2/grub.cfg ----- -.Procedure -. List all possible menu entries. -+ ----- -$sudo grep -P "submenu|^menuentry" /boot/grub2/grub.cfg | cut -d "'" -f2 ----- -. Set the desired default menu entry -+ ----- -$sudo grub2-set-default "" ----- -. Verify the default menu entry -+ ----- -$sudo grub2-editenv list ----- - -.More information -If you understand the risks involved, you can manually modify the -`/boot/grub2/grub.cfg` file. In that case, set the number of the default operating system using the `set default` variable. - -For example: ----- -set default="5" ----- diff --git a/en-US/procedures/test b/en-US/procedures/test deleted file mode 100644 index e69de29..0000000 diff --git a/en-US/references/test b/en-US/references/test deleted file mode 100644 index e69de29..0000000 From c4630d42dbc2c6c0745ae8efb36668ded34dbf54 Mon Sep 17 00:00:00 2001 From: Lukas Ruzicka Date: Wed, 13 Dec 2017 14:33:56 +0100 Subject: [PATCH 4/5] Edit typos --- en-US/modules/proc_using-grub2-prompt.adoc | 10 +++++----- en-US/pool.adoc | 10 ---------- 2 files changed, 5 insertions(+), 15 deletions(-) delete mode 100644 en-US/pool.adoc diff --git a/en-US/modules/proc_using-grub2-prompt.adoc b/en-US/modules/proc_using-grub2-prompt.adoc index 16ba9c0..3933949 100644 --- a/en-US/modules/proc_using-grub2-prompt.adoc +++ b/en-US/modules/proc_using-grub2-prompt.adoc @@ -17,15 +17,13 @@ insmod lvm grub2> ls ---- -. Study the output for the partition table of the `/dev/sda` device. It may look similar to the following example on a dos partition table with three partitons. -will look something like this: +. Examine the output to understand the partition table of the `/dev/sda` device. The following example shows a DOS partition table with three partitions: + ---- (hd0) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1) ---- + -or similar to this output on a gpt partition table of the `/dev/sda` device with four -partitions. +A GPT partition table of the `/dev/sda` device with four partitions could look like this: + ---- (hd0) (hd0,gpt4) (hd0,gpt3) (hd0,gpt2) (hd0,gpt1) @@ -37,13 +35,15 @@ partitions. ls (hd0,1)/ ---- + -The outcome of the previous command will list the files on `/dev/sda1`. If this partition contains the `/boot` directory, it will show the full name of `vmlinuz` and `initramfs`. +The outcome of the previous command will list the files on `/dev/sda1`. The partition that contains the `/boot` directory is the correct one. There you will search for the full names of the `vmlinuz` and `initramfs` files. . Set the root partition. + ---- grub> set root=(hd0,3) ---- ++ +This command tells the bootloader, that the root partition is the third partition on the first drive. This would correspond to the `/dev/sda3` device. . Set the desired kernel. + diff --git a/en-US/pool.adoc b/en-US/pool.adoc deleted file mode 100644 index 239f6b2..0000000 --- a/en-US/pool.adoc +++ /dev/null @@ -1,10 +0,0 @@ - -. Regenerate the *GRUB2* configuration file and reinstall the bootloader into the MBR, as described in xref:adding-other-operating-systems-grub2[Adding other operating systems to the *GRUB2* menu]. - - - - - - - - From 5579430c57ed365ec5c2624f064bff03d1c0069b Mon Sep 17 00:00:00 2001 From: Mirek Jahoda Date: Thu, 14 Dec 2017 11:38:29 +0100 Subject: [PATCH 5/5] Shared System Certificates added --- en-US/bootloading-with-grub2.html | 13 +-- ...ept_using-the-system-wide-trust-store.adoc | 14 +++ .../modules/proc_adding-new-certificates.adoc | 28 ++++++ ..._managing-trusted-system-certificates.adoc | 86 +++++++++++++++++++ en-US/using-shared-system-certificates.adoc | 21 +++++ 5 files changed, 156 insertions(+), 6 deletions(-) create mode 100644 en-US/modules/concept_using-the-system-wide-trust-store.adoc create mode 100644 en-US/modules/proc_adding-new-certificates.adoc create mode 100644 en-US/modules/proc_managing-trusted-system-certificates.adoc create mode 100644 en-US/using-shared-system-certificates.adoc diff --git a/en-US/bootloading-with-grub2.html b/en-US/bootloading-with-grub2.html index b0dafde..b2a25b1 100644 --- a/en-US/bootloading-with-grub2.html +++ b/en-US/bootloading-with-grub2.html @@ -1000,16 +1000,14 @@ insmod lvm
  • -

    Study the output for the partition table of the /dev/sda device. It may look similar to the following example on a dos partition table with three partitons. -will look something like this:

    +

    Examine the output to understand the partition table of the /dev/sda device. The following example shows a DOS partition table with three partitions:

    (hd0) (hd0,msdos3) (hd0,msdos2) (hd0,msdos1)
    -

    or similar to this output on a gpt partition table of the /dev/sda device with four -partitions.

    +

    A GPT partition table of the /dev/sda device with four partitions could look like this:

    @@ -1025,7 +1023,7 @@ partitions.

    -

    The outcome of the previous command will list the files on /dev/sda1. If this partition contains the /boot directory, it will show the full name of vmlinuz and initramfs.

    +

    The outcome of the previous command will list the files on /dev/sda1. The partition that contains the /boot directory is the correct one. There you will search for the full names of the vmlinuz and initramfs files.

  • @@ -1035,6 +1033,9 @@ partitions.

    grub> set root=(hd0,3)
    +
    +

    This command tells the bootloader, that the root partition is the third partition on the first drive. This would correspond to the /dev/sda3 device.

    +
  • Set the desired kernel.

    @@ -1273,7 +1274,7 @@ improved? Edit this document at diff --git a/en-US/modules/concept_using-the-system-wide-trust-store.adoc b/en-US/modules/concept_using-the-system-wide-trust-store.adoc new file mode 100644 index 0000000..e796872 --- /dev/null +++ b/en-US/modules/concept_using-the-system-wide-trust-store.adoc @@ -0,0 +1,14 @@ +[[using-the-system-wide-trust-store]] += Using the System-wide Trust Store + +In Fedora, the consolidated system-wide trust store is located in the `/etc/pki/ca-trust/` and `/usr/share/pki/ca-trust-source/` directories. The trust settings in `/usr/share/pki/ca-trust-source/` are processed with lower priority than settings in `/etc/pki/ca-trust/`. + +Certificate files are treated depending on the subdirectory they are installed to: + +* `/usr/share/pki/ca-trust-source/anchors/` or `/etc/pki/ca-trust/source/anchors/` - for trust anchors. + +* `/usr/share/pki/ca-trust-source/blacklist/` or `/etc/pki/ca-trust/source/blacklist/` - for distrusted certificates. + +* `/usr/share/pki/ca-trust-source/` or `/etc/pki/ca-trust/source/` - for certificates in the extended BEGIN TRUSTED file format. + +NOTE: In a hierarchical cryptographic system, a trust anchor is an authoritative entity which is assumed to be trustworthy. For example, in X.509 architecture, a root certificate is a trust anchor from which a chain of trust is derived. The trust anchor must be put in the possession of the trusting party beforehand to make path validation possible. diff --git a/en-US/modules/proc_adding-new-certificates.adoc b/en-US/modules/proc_adding-new-certificates.adoc new file mode 100644 index 0000000..b3b2533 --- /dev/null +++ b/en-US/modules/proc_adding-new-certificates.adoc @@ -0,0 +1,28 @@ +[[sec-Adding-New-Certificates]] += Adding New Certificates + +.Before you start + +.Procedure + +To add a certificate in the simple PEM or DER file formats to the list of CAs trusted on the system, copy the certificate file to the `/usr/share/pki/ca-trust-source/anchors/` or `/etc/pki/ca-trust/source/anchors/` directory, for example: + +[subs="macros"] +---- +# cp pass:quotes[_~/certificate-trust-examples/Cert-trust-test-ca.pem_] pass:quotes[_/usr/share/pki/ca-trust-source/anchors/_] +---- + +To update system-wide trust store configuration, use the [command]`update-ca-trust` command: + +---- +# update-ca-trust +---- + +[NOTE] +==== + +While the Firefox browser is able to use an added certificate without executing [command]`update-ca-trust`, it is recommended to run [command]`update-ca-trust` after a CA change. Also note that browsers, such as Firefox, Epiphany, or Chromium, cache files, and you might need to clear browser's cache or restart your browser to load current system certificates configuration. + +==== + +.More information diff --git a/en-US/modules/proc_managing-trusted-system-certificates.adoc b/en-US/modules/proc_managing-trusted-system-certificates.adoc new file mode 100644 index 0000000..fb9f5cc --- /dev/null +++ b/en-US/modules/proc_managing-trusted-system-certificates.adoc @@ -0,0 +1,86 @@ +[[sec-Managing-Trusted-System-Certificates]] += Managing Trusted System Certificates + +.Before you start + + + +.Procedure + +To list, extract, add, remove, or change trust anchors, use the [command]`trust` command. To see the built-in help for this command, enter it without any argument or with the [option]`--help` directive: + +[subs="quotes, macros"] +---- +$ [command]`trust` +usage: trust command <args>... + +Common trust commands are: + list List trust or certificates + extract Extract certificates and trust + extract-compat Extract trust compatibility bundles + anchor Add, remove, change trust anchors + dump Dump trust objects in internal format + +See 'trust <command> --help' for more information +---- + +To list all system trust anchors and certificates, use the [command]`trust list` command: + +[subs="quotes, macros"] +---- +$ [command]`trust list` +pkcs11:id=%d2%87%b4%e3%df%37%27%93%55%f6%56%ea%81%e5%36%cc%8c%1e%3f%bd;type=cert + type: certificate + label: ACCVRAIZ1 + trust: anchor + category: authority + +pkcs11:id=%a6%b3%e1%2b%2b%49%b6%d7%73%a1%aa%94%f5%01%e7%73%65%4c%ac%50;type=cert + type: certificate + label: ACEDICOM Root + trust: anchor + category: authority +... +[output has been truncated] +---- + + + +To store a trust anchor into the system-wide trust store, use the [command]`trust anchor` sub-command and specify a _path.to_ a certificate, for example: + +[subs="macros"] +---- +# trust anchor pass:quotes[_path.to/certificate.crt_] +---- + +To remove a certificate, use either a _path.to_ a certificate or an ID of a certificate: + +[subs="macros"] +---- +# trust anchor --remove pass:quotes[_path.to/certificate.crt_] +# trust anchor --remove pass:quotes[_"pkcs11:id=%AA%BB%CC%DD%EE;type=cert"_] +---- + +.More information + +All sub-commands of the [command]`trust` commands offer a detailed built-in help, for example: + +---- +$ trust list --help +usage: trust list --filter= + + --filter= filter of what to export + ca-anchors certificate anchors + blacklist blacklisted certificates + trust-policy anchors and blacklist (default) + certificates all certificates + pkcs11:object=xx a PKCS#11 URI + --purpose= limit to certificates usable for the purpose + server-auth for authenticating servers + client-auth for authenticating clients + email for email protection + code-signing for authenticating signed code + 1.2.3.4.5... an arbitrary object id + -v, --verbose show verbose debug output + -q, --quiet suppress command output +---- diff --git a/en-US/using-shared-system-certificates.adoc b/en-US/using-shared-system-certificates.adoc new file mode 100644 index 0000000..1cdd634 --- /dev/null +++ b/en-US/using-shared-system-certificates.adoc @@ -0,0 +1,21 @@ +:md: ./modules + +[[using-shared-system-certificates]] += Using Shared System Certificates + +The Shared System Certificates storage enables NSS, GnuTLS, OpenSSL, and Java to share a default source for retrieving system certificate anchors and black list information. By default, the trust store contains the Mozilla CA list, including positive and negative trust. The system allows updating of the core Mozilla CA list or choosing another certificate list. + +include::{md}/concept_using-the-system-wide-trust-store.adoc[leveloffset=+1] + +include::{md}/proc_adding-new-certificates.adoc[leveloffset=+1] + +include::{md}/proc_managing-trusted-system-certificates.adoc[leveloffset=+1] + +[[shared-system-certificates-additional-resources]] +== Additional Resources + +For more information, see the following man pages: + +* `update-ca-trust(8)` + +* `trust(1)`