×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

GRUB 2.00 Bootloader Officially Released

samzenpus posted about 2 years ago | from the hot-off-the-griddle dept.

GNU is Not Unix 163

An anonymous reader writes "After being in development for more than a decade, GRUB2 was released today as stable. The mailing list announcement covers new features including a standard theme, support for new file-systems, ports to new CPU architectures, new driver coverage, better EFI support, and many other new features that have materialized over the years of development to succeed GRUB Legacy."

cancel ×
This is a preview of your comment

No Comment Title Entered

Anonymous Coward 1 minute ago

No Comment Entered

163 comments

Pfttt (5, Insightful)

Severus Snape (2376318) | about 2 years ago | (#40484255)

They should have declared it stable long ago, when all the major distros have adopted it for release after release it's time to move on. Sure, there must have still been bugs but that's where point releases come in handy.

Re:Pfttt (5, Insightful)

Anonymous Coward | about 2 years ago | (#40484905)

See "stable" shouldn't even mean bug free when you're talking about releases. It's not like you can really guarantee that your software has zero (or even very few) bugs.

"Stable" should mean "We're neither going to add new features nor remove existing ones"... meaning you don't have to worry about compatibility issues... so exactly, yes, point releases. The ones you can feel safe they're not going to break anything that used to work.

This is it. (1)

DeTech (2589785) | about 2 years ago | (#40484277)

Too bad though Ubuntu won't be using GRUB2

Re:This is it. (3, Informative)

Anonymous Coward | about 2 years ago | (#40484393)

Ubuntu is using grub2 as default since 9.10. https://help.ubuntu.com/community/Grub2 [ubuntu.com]

Re:This is it. (5, Insightful)

Severus Snape (2376318) | about 2 years ago | (#40484515)

What Ubuntu has been referring to as Grub2 was Grub1.9x, a pre-release of Grub2. What the OP means is their dropping it because of legal issues around GPLv3, on Windows 8 approved hardware they won't be able to keep the private signing key, private which would result in their certificates being revoked. http://www.extremetech.com/computing/131628-canonical-explains-decision-to-ditch-grub-2-on-uefi-systems [extremetech.com]

Re:This is it. (0, Insightful)

Anonymous Coward | about 2 years ago | (#40484919)

THEY ARE.
Kill yourself.

Re:This is it. (0)

Anonymous Coward | about 2 years ago | (#40485013)

His sentence still makes sense as "their", though it's a bit more colloquial in phrasing since it leaves out "of"; it makes sense as "their dropping of it because"...
You first.

Re:This is it. (1)

Anonymous Coward | about 2 years ago | (#40485255)

That's what makes it doubly annoying. I started reading it that way and then it stopped making sense right after the next comma.

Re:This is it. (1, Informative)

dgatwood (11270) | about 2 years ago | (#40485763)

Either way, it stops making sense after the next comma (splice). It should be a semicolon. And the comma after that one shouldn't be there at all.

Sincerely,
The Helpful Grammarian

Citation needed (1)

k(wi)r(kipedia) (2648849) | about 2 years ago | (#40488469)

Either way, it stops making sense after the next comma (splice). It should be a semicolon. And the comma after that one shouldn't be there at all.

Sincerely,

The Helpful Grammarian

It would be (even) more helpful if you quoted the part where the (supposed) grammatical error occured.

Re:This is it. (2)

Darinbob (1142669) | about 2 years ago | (#40484991)

Presumably if we want to use other operating systems we have to change the bios (or whatever they're calling the DRM module) to allow Grub anyway. Or am I missing something that Linux except for Red Hat will now be forbidden? If Grub is not allowed to be a bootloader for this reason than it seems that no general bootloader will ever be allowed.

Re:This is it. (4, Informative)

KiloByte (825081) | about 2 years ago | (#40485073)

Yes, UEFI Secure Boot means precisely that: you can't use any Linux but Red Hat and Ubuntu, official kernels only. Microsoft agreed to sign their official kernels to have more ammunition in the inevitable antitrust suit. A pox on Ubuntu for cooperating here!

GPL3 on Grub works as designed here: it stops any DRM, disallowing unmodifiable bootloaders and kernels.

Re:This is it. (-1)

Anonymous Coward | about 2 years ago | (#40485277)

Red Hat is commercial, it's success is on servers. Ubuntu is just kids playing with "leenoox". Despite it's claimed impressive install numbers, no professional people use it, other than those linked with the company. So RH doesn't really matter as MS keys aren't really relevant to real servers (for a while), and nothing is lost if Ubuntu disappeared tonight.

Re:This is it. (1)

Microlith (54737) | about 2 years ago | (#40485581)

Despite it's claimed impressive install numbers, no professional people use it

I know you're an AC, but your claim is completely unprovable. It can be readily disproven, though.

I Use Ubuntu Professionally (1)

Anonymous Coward | about 2 years ago | (#40486735)

You can put me amongst the professional users of Ubuntu servers.

I use CentOS, Red Hat and SuSE Enterprise Linux(SLES) and FreeBSD as well. However, I find Ubuntu is the easiest to manage.

But, Ubuntu is not without its problems either. The LTS releases that I use, these are servers, are slow to fix bugs that are not security related. Some are never fixed which is insanely frustrating.

Also, Debian/Ubuntu seem to feel that they should rearrange packages which makes working with an application a bit different on Ubuntu than on any other distribution. This makes finding some files cumbersome and breaks my scripts.

Despite these issues, I would have been willing to use Ubuntu exclusively for professional use. However, I'm no longer sure about that thought. There seems to be a lot of change coming in the next LTS version. Change that doesn't seem to offer my servers much, if any, value.

Re:This is it. (1)

hobarrera (2008506) | about 2 years ago | (#40487445)

At my job, about 50% use OS X, and 50% use Ubuntu on their work PCs. With myself being the only exception to those OS. So I think it's quite safe to say Ubuntu is used in professional enviroments.

Re:This is it. (1)

Darinbob (1142669) | about 2 years ago | (#40485849)

But won't most Linux users be disabling the secure boot feature anyway? This will just discourage more people from using Linux or BSD which is not good but those existing users will presumably figure out quickly what to do.

Re:This is it. (4, Interesting)

dgatwood (11270) | about 2 years ago | (#40485957)

GPL3 on Grub works as designed here: it stops any DRM, disallowing unmodifiable bootloaders and kernels.

No, not really. As designed, it was intended to prevent hardware vendors from designing hardware with locked-down Linux installations. In this case, it is trying (unsuccessfully) to prevent enthusiasts from being able to install locked-down Linux on off-the-shelf ARM hardware without breaking their ability to switch back to Windows. The fact that you also won't be able to install non-locked-down Linux on that hardware is a secondary issue. It's a clear case of the GPLv3 acting against the right to tinker solely for reasons of ideological purity—the right to change everything or the right to change nothing.... That's truly backwards in my book.

The fact of the matter is that not enough people care about running Linux to convince manufacturers to push back on Microsoft over the ARM UEFI Secure Boot mandate. There is exactly one way to guarantee the right to tinker, and that is to get people from the geek community elected to governing bodies so that they can propose and pass legislation that mandates that right. Any other strategies are doomed to failure. It doesn't even have to be federal law. If the State of California passed a law saying that all electronic devices purchased using California tax dollars must provide a way for the user to install alternative operating systems without removing the user's ability to run the OS that came with it, Microsoft's attempts at mandating non-disableable UEFI Secure Boot on ARM would go down like a lead balloon even if no other legislature adopted such a provision.

Re:This is it. (1)

tuppe666 (904118) | about 2 years ago | (#40486509)

"The fact of the matter is that not enough people care about running Linux to convince manufacturers to push back on Microsoft over the ARM UEFI Secure Boot mandate."

Then these manufactures deserve to die. I have no idea what happens in Dell of this world, but Plan A riding the Microsoft monopoly coattails was over, when Microsoft surprised them surface. Stating we are an "electronics company not a software company" keeping all the high margin early adopter money, with a you can keep the scraps...and pay us a premium for our software which we want more control over.

The Accounts need to be sacked if they think alienating even a small portion of their customers for no financial gain is a good move.

The Management need to be sacked for being getting in so deep with Microsoft...and kicked on there way out for making the same mistake post Surface.

These companies need to make a plan and that needs to involve Android, Tizen, Debian, WebOS or their own software stack.

They need to commit to breaking the monopoly they have propped up, because they are not going to be part of the next part of that fight.

Re:This is it. (1)

richlv (778496) | about 2 years ago | (#40487139)

waitwaitwait.
gplv3 requires no lockdown, so user is in charge. an "unnamed" vendor pushes for a partial lockdown, which gplv3 "detects" and refuses to "operate on".

how could you claim that it's acting against the right to tinker ?
you could claim that it's rejecting right to tinker in a sandbox - which seems to be a goal, not an oversight.

Re:This is it. (3, Interesting)

dgatwood (11270) | about 2 years ago | (#40488305)

GPLv3 requires unlocked hardware, mandating that if the user is in not in charge, the user is not allowed to use the software. Another software company mandates that all hardware vendors require bootstrap loaders in order to be qualified to run their OS. Now, suddenly there's a whole host of hardware vendors that have to choose whether to take the safe bet and ship a Windows-based OS or completely and probably permanently sever their ties with Microsoft.

When it comes to stomping Linux into the ground, the GPLv3 is Microsoft's wet dream.

you could claim that it's rejecting right to tinker in a sandbox - which seems to be a goal, not an oversight

The problem is that more and more hardware is moving towards signed firmware. This transition is inevitable because the level of malware in computing today is just too high, and the only way to reliably prevent malware is to know with some degree of certainty who wrote a particular piece of code. Within 5-10 years, you will likely be unable to buy commodity hardware that can run unsigned code (except maybe for specialized server boxes). This is inevitable, and isn't something you can change by whining about it.

So your choices are pretty much either to accept that the world is changing and adapt or continue pissing into the wind. Either way, the result will be the same. If you want freedom to tinker, you're going to have to provide an alternative. This means either passing laws to mandate that vendors provide an alternative or coming up with a standard scheme for single-device-specific signing certificates (and shared infrastructure to provide such certificates) that the hardware vendors can all agree to support. Either way, there are several prerequisites:

  1. All the Linux vendors must accept that code signing is inevitable.
  2. All the Linux vendors must start moving towards adding code signing and verifying capabilities to the standard Linux distributions (assuming they aren't there already—I haven't looked in a while).
  3. All the Linux vendors must work together to come up with shared infrastructure to support per-device signatures.

Anything short of that pretty much spells the end of Linux except as an embedded OS and/or specialized server OS on specialized hardware. Whether it happens now or ten years from now is unimportant. That's the direction things are going. Ubuntu et al took the first step in that list, but that step is incompatible with GPLv3 unless and until the remaining two steps are taken.

Re:This is it. (0)

Anonymous Coward | about 2 years ago | (#40486667)

No, the GPLv3 doesn't stop DRM. What it does is prevent people from using the software licensed under the GPLv3 when people need to deal with DRM. In a world with secure boot GRUB2 (under the GPLv3) becomes virtually useless.

Re:This is it. (0)

Anonymous Coward | about 2 years ago | (#40488949)

Microsoft agreed to sign their official kernels to have more ammunition in the inevitable antitrust suit. A pox on Ubuntu for cooperating here!

Wait, why would MS get sued for doing something Apple has been doing for decades?

Re:This is it. (1)

cpu6502 (1960974) | about 2 years ago | (#40485181)

Why on earth does a PC need a "SecureBoot" anyway? It should be able to run anything you desire.

Re:This is it. (1)

AvitarX (172628) | about 2 years ago | (#40485667)

I'm pretty sure that I read at least in x86 MS will force vendors to allow secure-boot to be turned off (but then not boot Windows? killing dual boot?).

I don't mind secure boot, I do wish that they would let me install my own keys, protected with a physical switch on the MB, so that i could sign whatever I wanted, and have the protection offered by secure boot.

To prevent boot-time rootkit installation (1)

tepples (727027) | about 2 years ago | (#40485679)

UEFI Secure Boot is designed to prevent a boot-time rootkit from executing. This can be one whose installer an inexperienced desktop PC administrator has unwittingly run, or one whose installer a compromised server process running with administrative privileges has run.

Re:To prevent boot-time rootkit installation (5, Insightful)

raap (675041) | about 2 years ago | (#40485855)

No. It is designed to generate a chain of trust from the BIOS (UEFI) up to the operating system including drivers. So if you change anything in this chain, DRM-plagued media will refuse to play! It's all about the ability to play content withot the user being able to grab that content or do anything else with it. If it would be about preventing root kits, then the master keys could be in the hand of the user.

Custom mode (2)

tepples (727027) | about 2 years ago | (#40486313)

If it would be about preventing root kits, then the master keys could be in the hand of the user.

"Custom mode" on x86 puts the keys firmly in the user's hands. So on x86 at least, it is about rootkits.

Re:Custom mode (2)

raap (675041) | about 2 years ago | (#40487537)

This might be true for the KEKs (key exchange keys). But the PK (platform key) will be already set up (and controlled) by the hardware manufacturer if I understand the system correctly. With UEFI you do not own your hardware anymore.

Re:To prevent boot-time rootkit installation (1)

Swave An deBwoner (907414) | about 2 years ago | (#40486571)

Welcome to RootKit 3.14159265 !

At the prompt, please securely
sign this code so that your
installation may proceed without
problems.

There ya go!

Re:This is it. (0)

Anonymous Coward | about 2 years ago | (#40485761)

Why on earth does a PC need a "SecureBoot" anyway? It should be able to run anything you desire.

To more easily prevent it from running things I don't desire.

OK, so me, personally I'm only tangentially worried, but this just isn't about me.

Win8 Hardware support? (0)

Anonymous Coward | about 2 years ago | (#40484297)

But, can it boot on Windows 8 approved hardware?

GPLv3 violation (4, Informative)

DrYak (748999) | about 2 years ago | (#40485215)

To boot in non secure mode:
- yup, GRUB2 does support EFI.

To boot in secure-mode:
- technically yes, practically not so easy.
To boot in secure-mode, GRUB2 need to be signed.
As per GPLv3, GRUB2 needs to publish the private key, so any one could rebuilt his/her very own version of GRUB2, sign it, and replace the previous one.
But due to the way microsoft license its keys and signing, GRUB won't be allowed to publish said key, thus can't abid GPLv3. Thus no version of GRUB2 signed with microsoft key.

Then two other possibilities remain:
- Canonical will get efilinux signed with microsoft keys. So GRUB2 has to be made bootable from efillinux (efilinux is rather primitive, it just loads a kernel from a set collection of blocks from the device and run it. It shouldn't be too much difficult to have efilinux load and execute a GRUB2's "stage 1.5" or "stage 2").
Thus efilinux is the part that needs to be signed with microsoft's key (and efilinux's license makes it possible. Although that also means that you won't be able to hack it).

- Canonical is trying to setup its own scheme of signing, a much more open-source friendly way. And trying to get motherboard manufacturer to include canonical's signing keys into the mobo's secure boot.
On motherboards that feature also Canonical's key, one could use a GRUB2 binary signed with canonical's key. As per GPLv3: canonical needs to provide some way so an end user can sign his/her new custom version of GRUB2 to replace the original own.

Now the funny part:
- GRUB2 can load coreboot (an opensource firmware) payloads, so it could also load SeaBIOS (a legacy BIOS implementation as a coreboot payload).
- GRUB2 can also load windows XP's boot loader.
So if any of the above is possible (either chainloading efilinux to grub2, or signing grub2 in a gplv3 compatible way). That means that grub2 could be used to boot windows XP on secure-boot hardware. (with seabios providing the legacy bios compatibility, and windows XP's ntldfr being loaded from grub2).

Re:GPLv3 violation (1)

Talisein (65839) | about 2 years ago | (#40485745)

As per GPLv3, GRUB2 needs to publish the private key

I'm pretty sure you're wrong about this.

IIRC GPLv3 requires (if you are 'secure booting') you to be able to load in your own certificate that subsequent signatures can be checked against. That doesn't mean Microsoft has to publish their private key in order for computers to be distributed with a GPLv3 licensed GRUB2. Microsoft is (for now) requiring that PC manufacturers that ship Windows allow secure boot to be disable AND that there is some (though probably obscure and poorly documented) way to load in your own certificate that booting kernels need to be verified against.

Re:GPLv3 violation (1)

bill_mcgonigle (4333) | about 2 years ago | (#40486407)

As per GPLv3: canonical needs to provide some way so an end user can sign his/her new custom version of GRUB2 to replace the original own.

Well, this makes the most sense. Boot once with a GPLv2 bootloader, to (bootstrap the bootstrapping?) and then sign and install with the user's keys. This will be the most trustworthy approach, as long as the user keeps his system secure (imagining the rootkit that finds the user keys, suckers the passphrase out of the user, and installs its own bootloader - remote but possible).

People who don't care at all about that could continue to use the GPLv2 bootloader.

Re:GPLv3 violation (1)

cryptizard (2629853) | about 2 years ago | (#40487591)

Either you would have to have your own custom grub that runs on top of a standard, signed grub or you are completely circumventing secure boot which would ruin the whole thing for everybody.

Re:GPLv3 violation (1)

cryptizard (2629853) | about 2 years ago | (#40487649)

That seems like a horrible solution. As soon as Canonical starts signing things for people, they take on a tremendous amount of responsibility. All it takes is them signing ONE potentially malicious boot loader (doesn't even have to be that malicious, just something that silently boots unsigned kernels) and the whole secure boot thing is ruined for everyone everywhere. It is crazy how narrow a precipice this all rests on. As much as I hate to say it, I don't see an easy way out of this situation besides Microsoft highly restricting signing (like they are doing) and letting people install their own root certificates (which would be a headache, even for moderately technical people).

Re:GPLv3 violation (1)

bws111 (1216812) | about 2 years ago | (#40488919)

No, that is not true. An analogy would be a notary public. You take a document to the notary, with some ID, and sign the document in front of them. They put their seal on it and say certify that it was you who signed the document. They don't care at all about what the document says, and they don't state in any way that the contents of the document are true, just that you signed it.

If you were to send a boot loader to Canonical for signing, all they are doing is saying 'Canonical says this bootloader is from cryptlizard'. Nothing says anyone else has to trust cryptlizard.

So, let's say I get Canonical to sign my malicious boot loader, and it gets installed on your machine. The first thing that ought to happen is that UEFI notices that the signature and/or signer of the bootloader is not that same as the last time it booted, and puts up a screen saying "The last time you booted 'Windows 8 from Microsoft (according to Microsoft)', was what you were running. Now, you are running 'GRUB2 from bws111 (according to Canonical).' Is this an intentional change?" That should stop a lot of malware sneaking in as a bootloader.

But what if you intentionally installed a bootloader that loads unsigned kernels so you can hack the system to remove DRM checks, etc? In that case, any upstream processes (kernel, drivers, apps, remote services) can find out that your bootloader was from cryptlizard, and assign as much (or as little) trust to that as they want.

LILO (4, Insightful)

manoweb (1993306) | about 2 years ago | (#40484361)

I still like LILO better.

Re:LILO (4, Informative)

GNULinuxGuy (2483278) | about 2 years ago | (#40484429)

I might agree with you had GRUB ever failed me. :)

Re:LILO (0)

Anonymous Coward | about 2 years ago | (#40485097)

Back when SCSI was a thing, I never saw GRUB work properly on a mixed system. Supposedly it was designed for 'broken' BIOSs, and would second-guess the boot order presented by working ones. Some vendors even had a "Linux" option in their BIOS which existed solely to fake-out GRUB. I used to curse the "grub shell", but haven't needed that type of hardware for a long while now.

Yes (2, Insightful)

Anonymous Coward | about 2 years ago | (#40484759)

I too love to have no functionality in my bootloader, and no recourse but to pull out a recovery drive/disc/etc if even the slightest thing goes wrong with boot configuration. Let's all boot like it was 1985! MS-DOS was advanced enough for anyone.

Re:LILO (3, Informative)

evilviper (135110) | about 2 years ago | (#40484981)

I still like LILO better.

I agree. LILO has a simplicity that GRUB lack, and LILO beat-out GRUB for GPT partition table support for a long, long, long, long time... ie. GRUB v1 doesn't officially have GPT support (it's always 3rd party patches) and GRUB2 is just NOW becoming stable!

But LILO hasn't seen much development or interest. If something is going to take over for GRUB, I'd expect it would be extlinux: http://www.syslinux.org/wiki/index.php/EXTLINUX [syslinux.org]

Besides getting active development, it's also about as flexible as grub, and completely syntax-compatible with syslinux / isolinux / pxelinux, and all the other bootloaders any pros are going to need to figure out how to configure at some point in their careers... Replacing GRUB with extlinux gets all our bootloaders the same config syntax, without sacrificing anything but GRUB's eccentricities.

Re:LILO (1)

Anonymous Coward | about 2 years ago | (#40485443)

"But LILO hasn't seen much development or interest."

Debian has assumed the maintenance for LILO:

http://lilo.alioth.debian.org/

Re:LILO (5, Funny)

omnichad (1198475) | about 2 years ago | (#40485537)

Ah, yes - LILO. The friendly bootloader with helpful error messages like L or LI.

Re:LILO (0)

Anonymous Coward | about 2 years ago | (#40485771)

You forgot LIL.

It's pretty obvious that these aren't error messages at all, it simply prints LILO character-by-character every step of the way. When there's an error it just stops so you can see (approximately) where.

Re:LILO (5, Funny)

Anonymous Coward | about 2 years ago | (#40486521)

yeah because grub's error reporting is awesome

OH GOD WHAT HAPPENED HERE IS A SHELL
type help for more
> help

boot dontboot squeak ripple clown jump error what no boot-alt boot-queue list-devices list-devices-differently help

>

finally! (5, Funny)

manicpop (1342057) | about 2 years ago | (#40484391)

I'm glad GRUB2 is finally finished! Now we can finally move on to scrapping the entire thing and spending years on GRUB3.

The Hurd comes next? (1)

k(wi)r(kipedia) (2648849) | about 2 years ago | (#40488589)

Or we could be waiting for the Hurd to be officially released, since the GNU folks appear to have finished all the other pieces that would make for a pure GNU sans (rather than slash) Linux OS.

Does it RAID? (3, Informative)

physburn (1095481) | about 2 years ago | (#40484499)

Does it install correctly on /dev/mapper RAID drives?

Re:Does it RAID? (1)

phorm (591458) | about 2 years ago | (#40484699)

I've used it on machines with RAID-1 (software)+LVM and not had any issues.

Re:Does it RAID? (1)

robmv (855035) | about 2 years ago | (#40485059)

Me too, but that worked because RAID 1 is just a mirror without stripping and /boot partition is only used for read. I don't know if you can use grub now for example on a small server using RAID 5 without the need to put /boot on RAID 1

Re:Does it RAID? (1)

phorm (591458) | about 2 years ago | (#40487303)

Good question. I've never really had a reason to put /boot on the RAID-5, so as you've said I always made it RAID-1.
Since it doesn't get written (or even read, really) that often that should work for most people though.

Just in time to say good-bye (5, Interesting)

Anonymous Coward | about 2 years ago | (#40484561)

The amusing thing about this is, with secure boot coming out GRUB2 will probably be tossed out in favour of a boot loader with a more liberal license. Ubuntu has already stated they are dropping GRUB2, I imagine other distros will follow in the next few years.

Re:Just in time to say good-bye (2, Insightful)

Anonymous Coward | about 2 years ago | (#40485891)

Not much of a loss as far as I'm concerned. I could never get used to Grub2. It has plenty of nifty new features I'm sure but is a pain to work with compared to the previous version. I don't have a single system using it.

Re:Just in time to say good-bye (0)

Anonymous Coward | about 2 years ago | (#40489271)

lilo forever narf

Re:Just in time to say good-bye (5, Insightful)

10101001 10101001 (732688) | about 2 years ago | (#40486473)

The amusing thing about this is, with secure boot coming out GRUB2 will probably be tossed out in favour of a boot loader with a more liberal license.

Yes, the "amusing thing"* that people would want to have as much possible information about their boot system, which is precisely where things like MBR trojans or what will possible be the new "secure boot" versions. And that more "liberal license" than the GPLv3 is only more "liberal" for the OEMs/MS/Vendors in that it gives them more freedom to say while being less liberal in what a user can do.

Ubuntu has already stated they are dropping GRUB2, I imagine other distros will follow in the next few years.

I really hope they don't. I hope they are as vocal and as loud as possible. You know why? Because I can only see "Secure Boot" having flaws in it and being used by malware. I can only see "Secure Boot" turning into "Secure ID" or some other BS and people becoming angry when it backfires. I really hope some distros stick to their guns even if they appear to be Richard Stallman-like crazy because the truth is, they're the only sane ones and the only way to prove that in the long-term is keep arguing for sanity, not kowtow to the craziness just because it'll point out you're different and make people realize the absurdity of the "Secure Boot" option. Yes, if even after all that, computers still keep coming out with TPM and it becomes as far as mandated for internet access, I can see even the die-hards buying a TPM machine. They'll just tunnel through it with their own VPN and try to continue to use their uninfected machines. In the end, I just hope TPM as a whole dies. The technology could be used for so many good things. But, the two powers involved who keep pushing TPM--government (legislative and executive branches, actually) and corpratists--are hardly the groups I'd put any long-term faith in, let alone short-term faith, when it comes to considerations of freedom or liberty at the individual level.

*Yet again, another one of Richard Stallman's speculations holds out as coming true with TPM and is precisely one of the reasons why the GPLv3 software requires the encryption keys used for execution. The fact that some distributions are so quick to brush aside the clear implications of having to avoid GPLv3 code over precisely that issue and to just consider some of Stallman's speculations on the outcome...is just stupid. And this comes with the point that TPM isn't inherently bad; it's just that by nearly every implementation, it doesn't work to foremost given the actual user the keys and the control but instead the hardware/software producers the keys and the control.

Just Buy Non MS Hardware (1)

Anonymous Coward | about 2 years ago | (#40487271)

Can't we all just boycott UEFI???

I mean really ... why not???

Re:Just Buy Non MS Hardware (1)

Malvineous (1459757) | about 2 years ago | (#40487861)

The problem is that a huge amount of people are Windows users and won't boycott, so the tiny drop in business probably wouldn't be noticeable.

But it would be nice if lots of people bought from companies like Dell who offer a good return policy, then return them based on the inability to boot a custom Linux kernel. That might actually affect their bottom line enough that they put in a DIP switch on the motherboard that disables secure boot - assuming they aren't going to do that already, Dell aren't exactly opposed to Linux.

I can just imagine the tech support calls from "Microsoft" that home users get, explaining how the evil computer company disabled the turbo function on their PC, and to speed up their computer they have to flick this little switch inside the box...

GRUB2many troubles (3, Insightful)

sl4shd0rk (755837) | about 2 years ago | (#40484723)

Quite frankly, I've had enough problems on the past few versions of Ubuntu 11-12 that I cringe every time there is a GRUB2 update. I've had software RAID systems refuse to boot (with GPT partitions), and systems with slash on LVM refuse to boot after GRUB2 updates.

The necessity for GRUB2, from what I understand, grew out of the "want" for a VGA video mode at boot so we could have an image on the boot menu (and other fancy things). The trouble I've gone through trying to keep it working though just isn't worth the eye candy IMO.

Re:GRUB2many troubles (1)

AvitarX (172628) | about 2 years ago | (#40485991)

I remember kernel upgrades requiring updating Lilo also.

Of course, that's all automated now (the Debian make a kernel a deb thingy), that i doubt the accidental death is not so likely anymore.

Re:GRUB2many troubles (2, Interesting)

Anonymous Coward | about 2 years ago | (#40486443)

Kernel upgrades required updating the MBR with Lilo, which required running Lilo to perform the update (as root/sudo) (not that much of a burden, as you'd have to be root to update the kernel too. It was just inelegant.). Grub 1 ("legacy") did not require running a command, but rather could be updated by updating the /boot/menu.lst file, which is a more elegant/unixy and generally easier to understand.
 
  Grub 2 however, breaks this feature, and requires a command to be executed after updating the kernel (to convert the updated kernel list in /etc/grub/ into the required /boot/menu.lst file). This removes one of Grubs features that they used be so excited about.
 
  Personally, I don't use Grub 2 because 1) it didn't detect my triple boot properly (it would detect Ubuntu, but not Fedora or Windows) and 2) when I tried to fix it by hand (I'd already been fixing the configuration for Fedora by hand for some time) the syntax and files had changed so much, NOTHING I had learned previously seemed to be applicable. Near as I could tell, I was supposed to write some shell script which would produce the proper syntax, so that the auto detect would work. I switched to Lilo, which has since worked very well, since I can write a configuration file, run a command, and know that my computer will provide a menu to select my operating system. (although I've found the release of EXTLINUX intriguing, and may switch again in the near future.)

Re:GRUB2many troubles (1)

Exrio (2646817) | about 2 years ago | (#40486831)

No offense but, did you check that os-prober was actually installed? That one got me once in Debian. I've never seen autodetection fail other than that time os-prober was somehow not installed.

Re:GRUB2many troubles (0)

Anonymous Coward | about 2 years ago | (#40486075)

LILO could do everything GRUB could do, except for change configurations at runtime, rather than having to change a config file.

Re:GRUB2many troubles (2)

sylvandb (308927) | about 2 years ago | (#40488521)

LILO never gave me a commandline when it could not find the next stage. Grub and Grub2 both give me a commandline and let me fix the problem without a recovery disk.

Does LILO load disk images into a ramdisk and simulate a drive? Grub2 does.

Does LILO boot ISO files discovered at boot time by scanning a directory? Grub2 does.

I resisted grub2 for a few years. but I've been using a pre-release version for a few years now and it works fine. You just need to update your skills a decade or so.

Isn't Ubuntu leaving grub behind? (1)

phayes (202222) | about 2 years ago | (#40484753)

ISTR that Ubunto has decided to abandon Grub to be able to run on new Win8 EFI PCs that will only boot from MS signed bootloaders. Does this announcement change any of that or is Grub2 to be a tool for those not using Win8 compatible PCs?

Re:Isn't Ubuntu leaving grub behind? (1)

Microlith (54737) | about 2 years ago | (#40485609)

For non-EFI PCs, PCs with EFI that don't support secure boot, or PCs with secure boot turned off.

BURG (0)

Anonymous Coward | about 2 years ago | (#40484803)

I prefer BURG. It blows GRUB's theming capabilities out of the water. With GRUB 2, the best I could do was get the tiny text normally bunched together in the top left corner of the screen to be not tiny, at least until the next kernel update, after messing around in text files for who knows how long. BURG is something else. It's got actual themes that actually looks great, and it's dead easy to configure too.

Supports the thing where MS took over the HW? (0)

Anonymous Coward | about 2 years ago | (#40485233)

Does it support this UEFI thing where Microsoft took control over the hardware market preventing open source OSes by requiring every OS to pay MS for a key to be able to boot it?

Slightly OT, anyone still dual-booting? (2)

GodfatherofSoul (174979) | about 2 years ago | (#40485397)

And why? I started using VMWare for Linux installs and I haven't encountered an instance where I needed dual-booting. Not implying that that's the only use for a boot loader.

Re:Slightly OT, anyone still dual-booting? (1)

Microlith (54737) | about 2 years ago | (#40485623)

Indeed, I have never dual booted. But instead, I give Linux full hardware instead of suggesting that "put Linux in a VM, run Windows" is a solution.

Re:Slightly OT, anyone still dual-booting? (1)

WasteOfAmmo (526018) | about 2 years ago | (#40485831)

Yes, about 150 PCs running in Computer Science Labs. We have looked at running hyper visors with VMs but there simply is not a good solution available for a lab environment. To many issues with switching between OSs, ensuring both VMs are logged out when the user walks away, etc.

At one point I was seriously looking forward to GRUB2 being adopted by more distros as it supports retrieving the boot configuration over the network. This would easily allow simply remote configuration of which OS the machines would boot into. Although still useful now we have developed other ways to remote manage OS selection and reboots.

Re:Slightly OT, anyone still dual-booting? (0)

Anonymous Coward | about 2 years ago | (#40485885)

All my laptops for the last 11 years have been dual Windows/Linux. I don't see that changing for the foreseeable future.

Re:Slightly OT, anyone still dual-booting? (0)

Anonymous Coward | about 2 years ago | (#40486053)

Do PC games run well under virtualization? Seriously, I'm asking. That's the only reason I dual boot my Linux machine into Windows.

How Bout No. (-1)

Anonymous Coward | about 2 years ago | (#40486943)

No, games run rather poorly under virtualization, but not for why you might think. If your VM is on a beefy server and you are accessing it via something like RDP, then gaming will be fine.

But, when running the VM on a local machine, like a desktop, and feeding the console to the local monitor(I don't even know how to do this with VMWare) the graphics processing is a major issue. Even if you are running Virtual Box on your Linux machine to then run a Windows guest VM, feeding the graphics to the local console will be problematic at gaming resolutions and frame rates.

Last I checked, graphics were pretty important parts of even casual gaming.

I'd love for someone to prove me wrong and clearly explain how to do it. Otherwise I think dual booting will remain the better choice.

Re:Slightly OT, anyone still dual-booting? (1)

hobarrera (2008506) | about 2 years ago | (#40488651)

wine [winehq.org] works fine with most games. I've played several high-demanding 2012 games with no issues, including Mass Effect 3, the day it was release. Haven't booted windows in years and that hasn't kept me from gaming. I can even play some really old games I hear don't work in new windows versions (like Max Payne).

Supports FreeDOS (and Windows, Mac) (3, Informative)

Jim Hall (2985) | about 2 years ago | (#40485435)

In the announcement [gnu.org] they said GRUB 2.00 supports FreeDOS [freedos.org] as a boot protocol. I'll have to test that out to see what they mean - it's not that hard to boot DOS. But I am thrilled that the GRUB developers recognized us with explicit support. And of course, all the extra technical details they've added in the 2.00 release. Thanks!

Also, I saw that GRUB 2.00 supports a few other "alternative" operating systems, including Ntldr/bootmgr (to load Windows bootloader) and Darwin 11 (Mac OS X Lion.)

Re:Supports FreeDOS (and Windows, Mac) (0)

Anonymous Coward | about 2 years ago | (#40486375)

The Darwin support is the shit. Before I hosed an OSX partition a while back on a Hackintosh I'd decided to try out (Hey, it was a legit family upgrade DVD, and I duct-taped the broken monitor from my G4 iBook that failed to it, so it was technically legit!) I had it running with one of the hackintosh oriented bootloaders. At some point XP overwrote it, at which point I got around to installing grub1.99 under ubuntu to test it out. Long story short it detected every OS on the system, including MacOS, and direct-booted into OSX from grub with no intermediary steps. Blew me away. Sadly getting it to autodetect as nicely on other linuxes (notably gentoo) just hasn't happened.

Original Grub is still better (4, Interesting)

Anonymous Coward | about 2 years ago | (#40485567)

Rarely have I seen a bigger pile of shit than the configuration for grub 2. The config for grub 1 was so simple... and it *almost* made sense. They should have dropped the hurd device naming, but kept the grub.conf format we all know and love. This was another bit of software someone just had to rewrite. Now you have to generate a new configuration after any change.

Only thing I hate worse is systemd.

Re:Original Grub is still better (0)

Anonymous Coward | about 2 years ago | (#40487093)

Same as menu.lst grub.cfg is 'cut and paste a known good entry, modify to fit new kernel'. Or at least that's how I handle it. You definitely can try and use grub(2)-mkconfig, but depending on your OS it may or may not autodetect every available partition/entry type (memtest86(+) on gentoo is a failure example).

Re:Original Grub is still better (1)

Drinking Bleach (975757) | about 2 years ago | (#40488535)

One of GRUB 2.00's features over the previous 1.99 release is support for GRUB Legacy configuration files. It's recommended that you upgrade to the newer format, but you don't absolutely need to.

Can it boot from named partition vs Nth partition? (1)

Anonymous Coward | about 2 years ago | (#40486525)

I often change plug and unplug internal drives and maybe connect them in a different order than originally or maybe one less drive is attached than before. Booting then doesn't work because the drive that used to be "SDA" is now "SDB". I want to be able to list my boot partition using its name no matter what order it is in a list. Can the latest GRUB do this?

ISO loopback mounting (4, Informative)

xororand (860319) | about 2 years ago | (#40486581)

GRUB2 is cabable of mounting ISO images and loading contained kernels.

That means you can save unmodified liveCD ISO images on a boot partition with GRUB2 and load them directly.
This is not a CD or DVD emulator but simply loopback access, as if you'd mount it in Linux with mount -o loop foo.iso /bar.

If you want to retain the individual boot menus of your liveCDs, you need to recreate them with GRUB2 syntax.

Fortunately some, albeit very few, live CDs ship with a loopback.cfg for this purpose nowadays.
Off the top of my head, new Ubuntu releases and GRML do so. GRML was one of the first.

http://michael-prokop.at/blog/2011/01/07/booting-iso-images-from-within-grub2/ [michael-prokop.at]
http://www.supergrubdisk.org/wiki/Loopback.cfg [supergrubdisk.org]
http://grml.org/ [grml.org]

I'm glad I got away from it. (1)

schmatzler (2672763) | about 2 years ago | (#40487357)

I've had always problems with Grub. Using Ubuntu, I often had to alter the config after every new version, to be able to boot a Windows partition. A lot of difficult, not self-explaining commands using grub-config or the fact, that the device names not always match the corresponding order in Grub let me truly hate this "software". After I switched to Slackware, I got LILO working out of the box and always doing what it should do: Booting my machine. Sometimes the old, established things are the best.

Unless i need to boot iso images... (0)

Anonymous Coward | about 2 years ago | (#40487487)

Why would i want to switch to that bloated piece of crap?
grub2 wont be the solution to secure boot anyway, so i will stay with grub 0.9 till i need to buy new hardware and to get past the secure boot crap...

Is it usable yet? (2)

Trogre (513942) | about 2 years ago | (#40489141)

GRUB2 has a very nice feature set, but they have made a complete and total dogs breakfast of the configuration system. Now one needs to edit poorly-documented shell scripts and run an update script to 'compile' a new GRUB configuration file, or have it hosed at the next kernel update.

Of the three bootloaders I have spent significant time with, LILO, GRUB 1 (0.99 or whatever) and GRUB2, the latter is without doubt by far the worst to configure if you want anything other than the defaults.

Load More Comments
Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...