hello,
I don’t know if this is the right place to ask this question but could someone explain me how a UEFI system boots, I couldn’t find a guide online. I want to know because I don’t understand certain GRUB commands and how it get installed.
I just copy paste commands from Arch wiki and it just magically works without me knowing anything about it.
all the different distros use different grub command parameter and it’s so confusing. eg, Arch and Gentoo.
Arch command: grub-install --target=x86_64-efi --efi-directory=esp --bootloader-id=GRUB Gentoo command: grub-install --efi-directory=/efi
why both command is different? exactly where does grub gets installed?
sorry if this is a naive question but i really don’t understnad GRUB.
I agree, Grub is horrendous and one of the most complex systems in linux. Grub2 is even worse, and searching the web for help is difficult as the two are named interchangeably, despite being hugely different in design.
Random files spread over the filesystem. Some you edit, some are done automatically, some are done by kernel upgrades, some you need to run yet more commands for them to work - and it all differs from distro to distro. The sooner more distros move away from this, the better.
Since you use UEFI, you don’t have to use GRUB. It basically consists 90% of cruft left over that was needed for BIOS boot, and has a lot of moving parts and bad design (such as a single config file which has to be shared between OSes, which is so complex it needs a generator for it).
Try systemd-boot, it’s lightweight and well designed.
Anyway, looks like the target parameter is default now, the “esp” in the arch command is supposed to be substituted for the ESP path, for example /efi, so the only difference is bootloader-id. Which looks like that’s the label that show up in your UEFI setup for the boot entry.
Yeah I know everyone likes to hate on systemd, but I like systemd-boot way more than GRUB. It just does its job and stays out of the way, I never have to fart about with it at all.
GRUB is still the standard bootloader in physical deployments because it is the most likely to work and supports most of the features you might want in a bootloader.
UKI based booting is interesting since it seems like it might support even more features. But the last time I tried to test it, there wasn’t a ton of documentation on it and the software still seemed a bit green and inflexible.
For example, my main computer right now has a completely redundant boot process. I have 2 disks which each have an efi system partition. And the root file system is btrfs raid1 across 4 disks. This was very easy to set up and completely supported by grub with no custom configuration needed. The only slightly tricky thing I had to do to install the second efi was to use an extra flag.
GRUB is still the standard bootloader in physical deployments because it is the most likely to work
The countless issues you can find online about being stuck at the GRUB prompt say otherwise. I’ve personally recently experienced GRUB on a computer seemingly randomly losing information about where the config file was stored, or at least not automatically loading it. God knows where that was supposed to be stored, running grub-install fixed it in any case.
More likely it’s used by the big non-DIY distros because it’s less effort to maintain a single bootloader than one for UEFI and one for BIOS boot, because the latter you still need anyway.
and supports most of the features you might want in a bootloader.
That’s the understatement of the century. It’s basically a decently sized operating system at this point, with seemingly everything tacked on that you can think of such as support for what looks like a grand total of 11 partition table schemes, “The Bee File System”, disk driver for classic Macintosh, and a JSON parser.
While some of what it has may have been needed for BIOS boot, the essential functionality is now provided by EFI APIs, and you do not need 337979 lines of C code anymore to implement a suitable bootloader for a contemporary system.
And I probably wouldn’t even say anything if it was well written or maintained code. There’s clearly something very wrong with it if distributions feel the need to apply hundreds of patches to it, Fedora has 283 right now. I’ve also had a terrible experience trying to script some of its commands.
I have 2 disks which each have an efi system partition. And the root file system is btrfs raid1 across 4 disks. This was very easy to set up and completely supported by grub with no custom configuration needed.
This is of course also supported by any other bootloader, since which of the two ESPs to load from is determined by the UEFI, and mounting the rootfs is done by the kernel. You just need to sync the two ESPs. systemd-boot’s kernel-install admittedly can’t do this out of the box, but you can make it work with hooks.
Boot issues on Linux are like most of the other problems Linux has, there is no standard way to do things, so people invent their own ways, and it results in the problems we see today. This doesn’t just apply to booting, it also particularly includes dns and network management. Combined with the fact that its a low level thing people don’t want to deal with, it gets left to rot. Few understand it leading it frustration.
Grub isn’t a simple tool because it’s not solving only simple problems. A simple situation would be booting a VM, where something like systemd-boot is probably preferred over grub since the heavy lifting should already be done by the host OS at that point.
Also, it’s not grub that is usually broken (grub did load after all…), it’s something else like a bad or botched update or something similar that breaks support for some hardware or the initramfs got messed up. I frequently encounter servers that suddenly stop booting and get stuck in either the initramfs or at grub, and selecting an older option usually gets me back into the os proper. Also, I have noticed it’s most often ubuntu that gets messed up while rhel and friends are much less likely to break. Breakage on arch is usually the result of specific user error, or some incompatibility was introduced.
In your case, the issue could have been (just guessing) a new kernel was installed, but the config tool might not have been run to create the new references. It’s not exactly grubs fault if the thing it was suppose to point to no longer exists. Simpler systems like arch do not have this problem at all since the kernel is always overwritten in-place, so the references are unlikely to ever get broken, but this is not without pretty annoying tradeoffs.
I didn’t think to check the number of patches, but as you can see, a lot of those patches have nothing to do with x86 specifically, and some relate to the scripts to implement or change behavior for their distro. If you check Arch, it has not nearly as many patches and still works fine. https://gitlab.archlinux.org/archlinux/packaging/packages/grub
You are correct that grub probably is the better part of an OS, but so are most other bootloaders that actually implement useful features (UKI IS linux, for example). systemd-boot implements few extra features like filesystems and lvm. On Linux, it’s not the end of the world since you can pack in much more stuff in the initramfs to support more filesystems and other interesting behaviors.
I can definitely agree that grub is not very actively maintained, and there are even some outstanding bugs and fairly important and reasonable feature requests that are sitting with ready to apply patches. But grub is also a mostly complete project. Most things boot fine with it as is, and it’s not like the EFI spec is constantly changing requiring regular updates. It’s also probably fair to say that working on grub probably isn’t a walk in the park due to how low level it is.
To be more clear on how I implemented my little scheme, neither grub or a script actually sync anything. I have two completely independent ESPs that are not synchronized automatically in any way. But because the grub EFI binary supports btrfs, it can just point to /boot in whatever btrfs filesystem which is where most of the configuration actually is. In this way, the dual ESPs are generated once and occasionally updated whenever I feel like, and /boot can continue to be managed by mainline scripts without any customization, such as mkconfig whatever initramfs build tool since the mirroring is completely transparent.
It simply is not possible to replicate this without grub since no other bootloader (to my knowledge) supports btrfs, or any other raid capable abstraction. You could get close by including additional scripts to ensure the appropriate configs and images are synced, but that is another point of failure.
Which bootloader would you suggest for UEFI system?
Thanks for the reply
Try systemd-boot, it’s lightweight and well designed.
They specifically called out a suggestion which was even formatted so you couldn’t miss it even if you weren’t reading closely.
Systemd-boot is the simplest, it just works.
I just copy paste commands from Arch wiki and it just magically works without me knowing anything about it.
Join the club.
When I’m confused about commands, I find checking the man page for the command a good start to understand what the flags do. Once you’ve got man-pages installed on your Linux system, you can do “man grub-install” (or any other command) from a terminal to see information about that command and it’s flags.
I’m not sure if it says it in the Arch wiki, I think it might, but “esp” is often shorthand for whatever directory you’re using as an EFI boot directory, I don’t think it’s a literal directory. On my Arch system, my esp is “/boot/EFI” I’m pretty sure.
As for why Gentoo doesn’t include the --target flag, it could be that “x86_64-efi” is either the default on gentoo’s version of grub, or just the default for every version of grub, meaning if the latter is the case, that flag could be safely omitted for your arch installation.
I’m pretty sure the --bootloader-id flag is just a friendly name for the bootloader that you can see from the terminal when booted into a Linux system and probably also from the bios menu. I’m not 100% though, a check through the man page would tell you more about that specific flag. Gentoo may omit it, leaving it either blank, or as some sort of default.
To answer your original question, the system boots up, does some basic checking of hardware to make sure everything can run okay and that there are no obvious faults or incompatibilities, then tries to load a program called a “bootloader” (such as grub), which will then hand off execution to whichever operating system you select. If you’re not fond of grub, good news! There are plenty of other good bootloaders available. I’m a big fan of rEFInd (UEFI only) or systemd-boot.
I don’t know grub SUPER well, but I’m pretty sure it gets installed in that --efi-directory location that you provide when you run the command. It might be nested a few directories down though, not sure.
Remember that the system documentation can be different for different operating systems. For example, it’s notorious that the documentation for
sed
differs between GNU and macOS, particularly regarding the-i
option: https://stackoverflow.com/questions/4247068/sed-command-with-i-option-failing-on-mac-but-works-on-linuxIn order to avoid surprises related to this, “POSIX.1-2024 defines a standard operating system interface and environment, including a command interpreter (or “shell”), and common utility programs to support applications portability at the source code level.” https://pubs.opengroup.org/onlinepubs/9799919799/ https://pubs.opengroup.org/onlinepubs/9799919799/utilities/sed.html
https://wiki.archlinux.org/title/EFI_system_partition#Typical_mount_points
(Efi System Partition)Thank you so much for the link. It was a good read :)
If GRUB is too confusing, just uninstall it? You said you have a UEFI system, you don’t need a bootloader. You can just put the vmlinuz and initramfs onto the ESP and boot into it directly. You can use
efibootmgr
to create the boot entry, something like this:efibootmgr \ --create \ --disk /dev/sda \ --part 1 \ --index 0 \ --label "Void linux" \ --loader /vmlinuz-6.6.52_1 \ --unicode " \ root=PARTLABEL=VOID_ROOT \ rw \ initrd=\\initramfs-6.6.52_1.img \ loglevel=4 \ net.ifnames=0 \ biosdevname=0 \ nowatchdog \ iomem=relaxed \ "
--disk /dev/sda
: What disk is the esp on?--part 1
What partition number (counting from 1) is the esp on?--index 0
At what index in the boot menu should the boot entry appear?--loader
Path to thevmlinuz
file. These are normally in /boot, you have to move it to the esp yourselfroot=PARTLABEL=VOID_ROOT
this is the linux root partiion. I’m using PARTLABEL to identify mine, but you can use pretty much anything that /etc/fstab supportsinitrd=\\initramfs-6.6.52_1.img
Again, you have to move the initramfs file from /boot into the esp. For some reason this uses backslashes, not forward slashes as path separator (double backslashes in this case are to prevent the shell from interpreting it as an escape sequence)- The rest of the arguments are just misc kernel parameters that I use
Just search for
EFISTUB
for more info.What’s confusing, when x86 initializes it preloads specific address in IP motherboard manufacturer has BIOS there that sets up first 512 bytes. and IP jumps to the new address then it sets up rest of /boot and switches your CPU to real mode up until that point it was in 8bit mode now it is in 16 bit. then jumps to that, now it switches to protected mode I.e. 32bit and loads kernel and initramfs (to solve chicken and egg problem) and then your os boots.
Throw in cryptsetup and shim and switching to 64 bit somewhere there.
Yes, x86 legacy is really confusing. Especially if you are going to write your own kernel or bootloader.
GRUB gets installed on your harddisk in your root partition, it’s configuration file on the boot partition and finally into your boot sector if I’m correct. UEFI is a standard for your firmware located outside your harddisk. You go from firmware -> partition layout -> bootloader (grub) -> kernel.
The firmware is closed source under BIOS or UEFI or if you’re hardcore open source, libreboot/coreboot/‘other options’ and is located somewhere on your motherboard on some chip.
Then there’s the partition layout and bootloader that are located inside/dev/sda
I believe, so inside the device itself, which can be read if you want to take a peek at it.Now the bootloader located in the boot sector
/dev/sda
loaded by the firmware located in some chip in the motherboard, has access to the boot partition, where it loads the bootloader’s configuration file usually located at/boot/grub/grub.cfg
for GRUB. I remember UEFI having some kind of standard bootloader by itself, so it doesn’t even need a bootloader if I can remember correctly.This what I recall as it was quite complicated for me too. Especially with software being called firmware and not being called motherbootware or pre-bootware or anything that indicates that this piece of software is the very first thing that starts running during boot.
But you look at
/boot
and what you can find there. There will be at least two files there called initramfs and vmlinuz, which were also part of the boot process, but I forgot what role those two played.Short answer to your last paragraph:
vmlinuz is the kernel. It ends with z instead of x, because it’s z-compressed to save space. (I’ve heard that it’s possible to use an uncompressed kernel for that 1ms faster boot time)
Initramfs (not intramuscular, which my autocorrect thinks is appropriate) is a small filesystem blob, “initial ram filesystem”, meant to be loaded directly into ram to allow the kernel to talk to your hardware via drivers. It also has a lot of binaries needed to perform other tasks that need to run before the root filesystem is mounted.Oh wait, I see that vmlinuz file has a version to it. I couldn’t remember if vmlinuz was the kernel or not, because I used to have multiples of them, but these days I only have one.
You have one per installed kernel. Not sure what (if any) automagic is common for removing old kernels, I guess this varies between distros, but at least on my computers, old kernel remain. At least the previous one, maybe more. It comes in handy in case a kernel upgrade breaks something, which it actually did recently on one of my laptops - makes it easier to boot from old kernel and revert.
EDIT: I just checked. I have just one on my daily driver. It’s quite new, and I don’t think I’ve had a kernel upgrade on that one, so it makes sense.
On my work laptop (the one with borked kernel upgrade) I have two.
So what you most likely have is one or more vmlinuz-version-numbers, and then simply a symlink named just vmlinuz to the version you boot from.
I’m pretty sure UEFI systems don’t make use of a boot sector anymore. They look for the bootloader in the form of an .efi file in the ESP or EFI System Partition, of each sata drive (maybe other block devices too).
also, the disk it uses is not necessarily “/dev/sda”. first because it can be on any of the disks, second because that’s not a persistent ID but something that depends on detection order
Especially with software being called firmware and not being called motherbootware or pre-bootware or anything that indicates that this piece of software is the very first thing that starts running during boot.
firmware is a pretty common term for things like this (code on chip that manages low level startup)
Pretty sure the main difference is that one puts stuff in a directory called esp (which I assume is a placeholder for the actual directory?), and the other one is put in /efi. That needs to be the path to your efi partition, because that’s where the UEFI expects to find things it can boot. The target is probably redundant, i.e. it defaults to x84_64-efi on Gentoo (maybe not on Arch?) and the id is just a name, you can put whatever there. See
man grub-install
.