On Tue, 24 Sep 2013, Yasha Karant wrote:
> This thread started because my colleague is using SuSE and tried Ubuntu
> -- and both failed to secure boot properly from the generic hardware to
> which he upgraded. This failure prompted a question about SL (as a
> no-fee option for a TUV enterprise, commercial, supported, production
> Linux base).
>
> Evidently, the current answer for SL is that it is not UEFI Secure Boot
> enabled, and SL 6x cannot reliably be installed upon such systems --
> depending upon the quirks (or proprietary generosity) of the actual BIOS
> supplier.
OpenSuSE supports "secure boot" not SuSE as I stated earlier.
I am sure it is only "recent" versions of OpenSuSE, Fedora and Ubuntu that
support 'secure boot".
See the following for more info. In particular pages 12 and 17. There
are references to youtube videos on page 18 showing Windows 8 dual booting
with Ubuntu 12.10 .
http://events.linuxfoundation.org/sites/events/files/slides/LinuxConUEFIandLinuxBresniker.pdf
It is efi compliant. If the bios vendor does not allow "secure boot" to
be turned off then one should "converse" with said vendor.
-connie sieh
>
> Yasha Karant
>
> On 09/24/2013 09:04 AM, Connie Sieh wrote:
>> On Tue, 24 Sep 2013, Yasha Karant wrote:
>>
>>> Secure boot is enabled. Evidently, the only means to disable secure
>>> boot requires that a secure boot loader/configuration program be running
>>> -- e.g., the MS proprietary boot loader (typically, supplied as part of
>>> MS Windows 8) must be used to disable secure boat if the UEFI actually
>>> permits this to be disabled (I have heard of some UEFI implementations
>>> that do not permit secure boot truly to be disabled).
>>
>> If the system is Windows 8 logo compatible and is x86_4 then a way to
>> disable "secure boot" must be provided by the hardware vendor. This is
>> commonly done via a option in the "bios". This requirement is part of
>> the "microsoft windows 8 logo requirements". Note the method of
>> disabling is not defined by the UEFI spec. So each vendor may do it
>> differently.
>>
>> The only hardware that does not permit "secure boot" to be disabled is
>> arm based Windows. The Windows logo requirements at at work here.
>>
>> >
>>> If Linux cannot handle this issue, then Linux is finished on all generic
>>> (e.g., not Apple that supplies both the hardware and operating
>>> environment software under a restrictive proprietary for-profit
>>> intellectual property license) X86-64 hardware, as (almost?) all current
>>> such hardware is MS 8 (UEFI secure boot) compliant.
>>>
>>
>> At the moment Fedora, SuSE , Ubuntu all can handle "secure boot". It is
>> expected that RHEL 7 will also handle it. It is also possible to "sign"
>> your own kernel and place your keys in the "bios".
>>
>> -connie
>>
>>> Yasha Karant
>>>
>>> On 09/23/2013 10:29 PM, Connie Sieh wrote:
>>>> On Mon, 23 Sep 2013, Yasha Karant wrote:
>>>>
>>>>> A colleague who uses SuSE non-enterprise for his professional
>>>>> (enterprise) workstations has now attempted to load the latest SuSE
>>>>> on a
>>>>> machine with a new generic (aftermarket) "gamer" UEFI X86-64
>>>>> motherboard. It does not properly boot. I do not have any UEFI
>>>>> motherboards, and thus no experience with SL6x on such motherboards.
>>>>
>>>> Is "secure boot" enabled in the UEFI ?
>>>>
>>>>>
>>>>> Does anyone? Does SL6x boot correctly (and easily) on a UEFI
>>>>> motherboard? If so, he may switch to SL.
>>>>
>>>> Yes as long as "secure boot" is disabled .
>>>>
>>>>>
>>>>> Yasha Karant
>>>>>
>>>>
>>>> -connie sieh
>>>
>
|
