[nSLUG] uefi and gpt

George N. White III gnwiii at gmail.com
Wed Jan 22 18:43:54 AST 2014

I've learned (from sad experience) to be very careful with bundled
utilities as they are often outdated.   The NTI website lists system
requirements for Echo as Win7, Vista, or XP.

A useful UEFI resource is Rod Smith's rodsbooks.com:

"In late 2012, Secure Boot is a modest-to-major hassle for Linux users.
Although it has the potential to improve security, Linux has historically
not been plagued by viruses, so it's unclear that Secure Boot will be a
benefit for Linux-only computers. If you dual-boot with Windows, though,
you may want to keep Secure Boot enabled. In the medium and long term,
using the Fedora shim program looks like the best way to do this; but as of
early January 2013, the rarity of pre-signed follow-on binaries makes shim
awkward to install and use. In the meantime, disabling Secure Boot is the
easiest way to deal with it. Signing your own boot loaders to use the
native Secure Boot mechanism and your own key set is another alternative,
and one that provides you with the greatest security and flexibility; but
this approach is the hardest one to implement.

In other words: It's a mess right now, but Linux developers are working to
clean it up."
http://www.rodsbooks.com/efi-bootloaders/index.html, with
http://www.rodsbooks.com/efi-bootloaders/secureboot.html  and
http://www.rodsbooks.com/refind/.  rEFInd is Rod's fork of rEFIt which I've
been using to boot RH linux on Apple's (EFI) systems.
Fedora does have support for Apple EFI -- I don't know how well current
versions deal with Windows 8.

On Wed, Jan 22, 2014 at 1:52 PM, Robin Murray <nibor.yarrum at gmail.com>wrote:

> I just wanted to give everyone a heads up on newer system you might want
> to install linux on. This may be old news to many, but where I don't work
> on new systems that often, it blind sided me.
> There are two new features added to newer systems (pretty much anything
> with windows 8+ now, and a few older ones with 7 as well). One is a secure
> boot feature called uefi that replaces the bios and enhances the boot
> process to make it more secure, the other is gpt partitioning which changes
> how disks are partitioned. There are lots of hits on google if you want the
> gory details.
> The problem that I ran in to is that we are currently in the worst
> possible spot in supporting these new features in our tooling (both linux
> and windows thrid party). When new stuff is introduced, no one supports it
> and you are relatively safe. After new stuff has become old hat, everything
> is supported nicely and no one give it a second thought. Between those
> extremes you get spotty and unreliable support, and that's when major
> problems can rear their ugly heads. You believe you are using proper
> tooling, and they betray you.
> My horror story: I purchased a new dell laptop with win8 installed. I also
> purchased an ssd to replace the 1Tb hard drive since I'm more interested in
> speed than space. The toshiba ssd came with some cloning software called
> ntiecho. I plunked this cd in and it asked me to install it, which I did,
> and it immediately made my source hdd drive unbootable because it didn't
> properly support uefi. It installed a grub menu with two options, one to
> start the cloning process, the other to restore back to windows boot,
> neither one of which worked. Not an auspicious start. (On a side note, it
> really sticks in my craw that cloning software would screw around with the
> boot areas on a source drive at all, let alone without any warning.
> Unbelievable!)
> From there I disappeared down a rabbit hole for four days in my spare time
> trying to get the system bootable from the ssd. Used clonezilla, windows
> recovery, kubuntu live and lots of other tools, and was lead down one
> branch of the maze after another.
> One of the major problems is that dell, in its infinite wisdom, doesn't
> provide a windows disk, just a paritition on the hdd, to recover the
> system. I was able to get this recovery partition onto a live usb stick and
> boot to it, but again, in dell's infinite wisdom, the recovery software is
> a dell version, not the windows version, and it's useless, it just tries a
> few things behind the scenes to try to fix the problem, and if it can't
> find anything wrong, gives up and tries to factory restore. No access to
> diskpart or bcdedit or any other recovery tools, just a brain dead single
> window with no options. And factory restore does NOT fix the boot
> partitions. So if you screw up your boot partitions, you are done as far as
> dell recovery goes.
> Other things of note:
> * kparted on kubuntu 12.04.3 says it supports gpt, but doesn't, it screws
> things up. gparted does work, however.
> * gdisk can be used to work with gpt partitions, and seems to work well
> (you can even sort you partitions in the order they appear on the drive,
> which is nice).
> * when you install linux, create a small (1Mb) 'grub-boot' partition, that
> seems to be where the grub menuing system is now stored. If you don't do
> that, you only get options in the efi menu for the current linux install.
> * If installing from scratch, also create a small (100-500Mb) efi
> partition where the efi boot process is stored. This is a shared partition
> between os's, so you will see windows boot stuff there too if you have
> windows. If windows efi is pre-installed, just point the linux install to
> it so it will insert its own stuff.
> * If you want to clone a windows setiup, for now (until all the tools are
> properly enhanced), do the clone first and put all the windows partitions
> at the front of the drive, in the same order as they were on the source
> drive, then install linux on subsequent partitions. Otherwise you will be
> faced with drive letter problems on windows, and possibly get hauled in to
> fixing bool stuff with borked tools.
> * If you want to resize the windows ntfs partitions before the clone,
> resize them first within windows rather than using an external tool that
> may not properly support gpt.
> * If windows tells you that you can't shrink your os partition down to the
> size you want, even though you haven't used all the space, you have to
> figure out what unmovable files are in the way. I had to temporarily turn
> off swap file and system recovery before I could shrink it to fit my ssd.
> * Before you start, try to get hold of a full windows install disk you can
> use to recover from, or barring that, at least a full system image of your
> new system so you can blast everything back and start from scratch. Dell
> offers a cd and usb stick, but you have to order them separately. I now
> have a usb stick coming to me so I can reset my borked source drive.
> * Read up on uefi, efi boot partitions, grub-boot partitions, gpt, gdisk,
> bcdedit, bootrec, secure boot and anything else you can get hold of before
> diving in. Otherwise be ready for the guys in the white suits to yank you
> away.
> Hopefully these tips will be of some use to people here and save your
> sanity.
> Good luck and godspeed.
> --
> Robin Murray
> Hatchet Lake,
> Nova Scotia
> Canada
> _______________________________________________
> nSLUG mailing list
> nSLUG at nslug.ns.ca
> http://nslug.ns.ca/mailman/listinfo/nslug

George N. White III <aa056 at chebucto.ns.ca>
Head of St. Margarets Bay, Nova Scotia
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nslug.ns.ca/pipermail/nslug/attachments/20140122/f63a62ea/attachment-0001.html>

More information about the nSLUG mailing list