[sf-lug] Fedora dealing with UEFI

Bobbie Sellers bliss-sf4ever at dslextreme.com
Sun Jun 3 14:15:00 PDT 2012

On 06/02/2012 02:15 PM, Rick Moen wrote:
> Quoting Bobbie Sellers (bliss-sf4ever at dslextreme.com):
>> Fedora Linux capitulates to Microsoft boot certificate
>                 ^^^^^^^^^^^
> No.  That's simply wrong.
     Thanks for your explication of the matter but I did not write that
nor did the man whose work I copied write it but it is a headline
on a Google reference when searching on the terms, UEFI - Linux.
You discarded my reference to having gotten it from the Usenet.
That line of reference and my name at the bottom were the only
contributions I made to the post which I only checked to make sure
it was about Linux and had somewhat to do with the matter.

     I think it is important that various Linux distributions are
attempting to accommodative the UEFI and Secure Boot in various ways.

>     A system in custom mode should allow you to delete all existing keys
>     and replace them with your own. After that it's just a matter of
>     re-signing the Fedora bootloader (like I said, we'll be providing
>     tools and documentation for that) and you'll have a computer that will
>     boot Fedora but which will refuse to boot any Microsoft code.
> http://mjg59.dreamwidth.org/12368.html
> (You provided that link, but I'm guessing you didn't stop to read it.)
> A machine with UEFI Secure Boot[1] enforced in the boot firmware is no
> longer a general-purpose computer, and so you shouldn't purchase one
> unless you're prepared to either deal with its enforcement mechanisms or
> reflash your BIOS with something more tractible (such as Coreboot,
> http://www.coreboot.org/).  'Dealing with its enforcement mechanisms'
> can mean putting the BIOS into custom mode and loading it with your
> _own_ code signatures, as Matthew Garrett mentions above.
> [1] Your subject header notwithstanding, the problem is not UEFI itself,
> but rather UEFI Secure Boot.
     Bobbie Sellers

More information about the sf-lug mailing list