Most systems these days use the Unified Extensible Firmware Interface (UEFI). This is an interface between the hardware on a PC and the Operating System (OS). When the hardware begins, there is firmware that is loaded and starts initializing the hardware. Once the UEFI has initialized the hardware, it then loads the boot manager, and then loads the OS through the boot manager.
Examples of Boot Managers are GRUB, rEFInd, Limine and others. The Boot Manager is the same as a Bootloader. There are many Bootloaders available for Linux.
It is possible to have multiple Bootloaders on a single system. You can also boot multiple Operating Systems from the Bootloader, if there is more than one installed.
Boot Process
When the system powers on, it initializes the hardware, such as the CPU, memory, etc. The system verifies the hardware to be operational. This is like the Power-On Self-Test (POST) of the older Basic Input output System (BIOS).
If a hardware error occurs, the system halts the boot process and gives an error message. This allows the user to fix the problem.
Boot Manager
Once the hardware is functioning, the UEFI will then check the boot order in the system settings.
Once it has determined which storage unit (hard disk, NVMe, etc.), network device, USB device, CD/DVD and EFI systems.
Most times, the boot device will be an EFI system. This is a storage unit that contains an EFI directory. On some systems, this could be '/boot/EFI' or '/boot/efi/EFI' folder. The folder is the EFI System Partition (ESP) which should be FAT (FAT12, FAT16 or FAT32).
NOTE: Secure Boot is used to keep a digital signature of the Bootloader in the ESP and verify that nothing has changed. This can help prevent malicious attacks on a system. Anytime you add a new OS, change the Bootloader, or update it, you will get a security alert.
The system passes control to the Bootloader that is listed in the non-volatile RAM (NVRAM) of the UEFI firmware. For those familiar with older systems, this is like the Complimentary Metal-Oxide-Semiconductor (CMOS). Whereas the CMOS is on a volatile storage with a battery backup, the UEFI NVRAM is on something similar to flash drive storage, so no battery is required.
There is a listed Boot Order as well. If the first Bootloader is unavailable, then the system tries the next Bootloader or device from the list.
Bootloader
Within the ESP are folders that contain EFI files. Grub, for example, will be 'grubx64.efi'. If you have multiple Bootloaders, then other EFI files exist. The EFI file is used to load the Bootloader. If the EFI file is corrupt or the incorrect file, the Bootloader will not load.
We assume it finds a Bootloader, such as GRUB. The Bootloader displays a menu and lets the user select the OS they wish to load, or it simply times out and loads the default.
Now, this may be more than simply an OS to choose from the list; there could be a listing of all the kernels for a Linux system.
If one kernel gives problems, such as someone built their own kernel and left out specific drivers that are needed, the system may not boot properly or work properly. The user can choose an older kernel version that worked properly and then they can re-compile a new kernel.
Operating System (OS)
Once the user makes a selection, or the Bootloader times out and selects a default, the control passes to the specified kernel.
The kernel has control of the system and loads all necessary drivers. The OS starts, and the user has a Graphical User Interface (GUI) or Command-Line Interface (CLI), whichever is installed.
Now that you know the process to boot the system, we can look at the 'efibootmgr' that is used to control the entries in the UEFI NVRAM to control the Bootloader or device to boot from during the boot process.
EFIBootMGR
Usually, 'efibootmgr' is present on most systems. If you open a terminal, run 'efibootmgr' and get an error that the system cannot find ‘efibootmgr’, then you will need to install it.
For Ubuntu:
For Fedora or CentOS:
For Arch Linux:
Now, you should have 'efibootmgr' installed. If you run 'efibootmgr -V', you’ll get the version of the installed program.
Let's look at the output of just running 'efibootmgr' to get the current settings and boot entries in Figure 1. Keep in mind that I’m using an Ubuntu system, but they should all look similar.
FIGURE 1
Let's look at this output and see what we are dealing with.
The 'BootCurrent' is the entry that was booted from during the last boot process. Here, it is entry '0001'.
'Timeout' is the time that passes before the Bootloader chooses the default entry. Keep in mind that you can also set this value in the Bootloaders.
Next, we can see the 'BootOrder' which is the list of the entries of Bootloaders or devices in the order that it checks the entries. If the first entry exists, then it boots the system from the entry. If the entry does not exist, then it checks the next entry in the list. For example, if the first entry is a DVD that is used to boot live systems, but no disk is in the DVD drive, then it checks the next entry in the list, and so on until an entry boots the system, or all entries fail.
The rest of the output are the entries of Bootloaders or devices.
If you look at the 'BootOrder', Entry 1 is the default. Looking further into Entry 1, you see the EFI that control is being passed to is 'shimx64.efi'. GRUB uses either 'grubx64.efi' or 'shimx64.efi'. So, this entry is for loading GRUB.
NOTE: You may have noticed that I am running this in VirtualBox since the entry in 'Boot0002' shows a VBOX Disk. It still works the same as on a physical system.
Some of these entries are a little easier to see on VirtualBox, since if you enable the EFI option to use UEFI, the storage boot order is all grayed out, as shown in Figure 2.
FIGURE 2
You cannot control the Boot Order here, since UEFI manages it.
So, even if I add a bootable DVD image, it adds the DVD entry to the UEFI Boot Entries, as shown in Figure 3.
FIGURE 3
The asterisks (*) after each entry name, such as 'Boot0001', show that the entry is active and the user can boot from it if it is in the order and everything before it times out.
Later, we will cover how to deactivate an entry so that it is not even checked or used.
If you look back at Figure 1, you can see the GRUB entry has the listing of the location of the 'shimx64' file. Right before the location is '/File', which means it is in BIOS mode. Any entry with '/File' is a BIOS loader. The reason for this is that UEFI is backwards compatible to still load BIOS boot devices. If you look at Figure 3 for the GRUB Entry, it is Boot0003. This is an example of GRUB installed in UEFI mode.
Let's look at the command-line abilities of 'efibootmgr'.
Command-Line Parameters
As with most command-line programs, there are parameters you can pass to the program to accomplish specific tasks.
The parameters for 'efibootmgr' when you issue the '--help' option are:
If you need to delete an entry, then use '-B' to delete the entry specified with '-b'.
So, when you want to create a new entry, using '-c' or '-C', which the difference is that '-c' will add the new entry to the Boot Order, but '-C' will not add it to the Boot Order. There are other parameters that you can use with '-c' or '-C'.
We need to specify the disk drive, '-d', to use for the entry. Once you list the drive, you need to designate the partition, '-p' such as partition 1, which would be '-p 1'. You can give a friendly for the entry '-L', which we can call an entry 'GRUB' and use the parameter '-L GRUB'. Finally, we must specify the Bootloader using '-l', such as '-l /EFI/grub2/grubx64.efi'. If you were to use the ‘-C’ option, the other parameters would be required.
Sometimes, you can have duplicate entries, so by specifying the '-D' option, you can have it remove duplicates from the entries, if any exist.
The NVRAM has two different ways to store information: EDD 1.0 and EDD 3.0. The version 1 system allows for number devices, which EDD 3 will have a full path name. If you create an entry and it does not save properly, then you need to add the '-e 3' parameter since your system is most likely using EDD 3 and not EDD 1.
The '-E' device number is '0x80' for EDD 1.
You can use '--full-dev-path' when specifying a device path.
It is possible to use '--file-dev-path'. This may not be as reliable, but an example is 'HD(1,GPT,092024c6-8470-464a-b24e-d1429d4f7066,0x800,0x219800)'. This is the first hard disk, which is GPT and has a PARTUUID listed. The 0x800 is the beginning of the partition (2048) and ends at 2,201,600. Know that the hex number '0x219800' is equal to the decimal value of '2,201,600', which is the size of my sample partition. You can find the value with 'blockdev --getsize /dev/sda1'. Change your device name as needed.
You can download EFI drivers from the manufacturer of your Ethernet or Wireless device and set it up as an entry, but you need to specify the '-f' parameter to load the new driver and initialize the device. If you do not want a reconnect, use the '-F' parameter.
You can force a disk to be seen as a GPT disk with the parameter '-g'
If you create a NetBoot entry, you can use '-i' to create the entry name with the '-i <name>'.
Perhaps you want to insert a new entry into a specific position in the list. Use the '-I #' to specify the position, but the default is '0' if you use the parameter '-I', but specify no number. Without the '-I', it places entries into the next available spot starting from '0000'.
When using the option '-n', you can specify at the next boot to boot from the specified entry. Once rebooted, the Boot Order goes back to normal. For example, if you add a new entry, 'Boot0005', you can test it at the next boot by issuing the command 'efibootmgr -n 0005'.
If you change the next boot to be a specific entry, but then decide not to boot from it, you can issue the command 'efibootmgr -N', which will clear the entry and the boot order is normal again.
You can change the Boot Order as you need, which will be permanent , until you change it again. This is not an issue of its occurring during one boot, like with '-n'. To do this, list the current Boot Order by issuing 'efibootmgr', then use the command 'efibootmgr -o XXXX, YYYY,ZZZZ'. Separate the entries with commas. You can verify the change by issuing the command 'efibootmgr' and getting a listing again.
Using the option '-O- will delete the Boot Order as it is, unless it is still the default, and change it back to the default as set by the firmware.
If you do not want to see output from any of the commands, you can use '-q' to minimize the output from the command.
If you are going to set up a driver entry, such as for an ethernet or wireless device, you can use '-r' to set driver settings and not regular boot settings.
You can set the timeout timer in the Bootloader, or in the UEFI NVRAM with the parameter '-t #' where you set the number of seconds before it uses the default entry.
If you do not want a timeout, you can delete it with the option '-T'.
Use '-v' to get verbose output when running a command.
If you need the version of 'efibootmgr', use the parameter '-V'.
On an older system, or using a disk with MBR, you write a signature to the disk with the parameter '-w'.
I know I may have missed some options that are more obscure, but I do not want to overload you too much.
Network Booting
If you go into your UEFI console setup at boot time, you need to enable network booting.
For VirtualBox, change the Network adapter type to 'Paravirtualized Network (virtio-net)' and reboot. Make sure that when you installed the OS, you enabled EFI OS.
After a reboot, the 'efibootmgr' command should show that there are new entries for the network booting, if you enabled both IPv4 and IPv6, as shown in Figure 4.
FIGURE 4
Best Practices
It is best to add a new entry and set it as default for the next boot.
Reboot the system and make sure the entry works. If the entry works, then you can change the Boot Order and delete other entries, if needed.
Make sure you have one backup entry that works so you can always get back into the system. This is especially true if you load multiple Bootloaders.
Conclusion
Be aware that 'efibootmgr' may have entries that are still BIOS based. So, some entries may not appear too similar.
I lightly covered the basic use of 'efibootmgr' in the Bootloader article.
Examples of Boot Managers are GRUB, rEFInd, Limine and others. The Boot Manager is the same as a Bootloader. There are many Bootloaders available for Linux.
It is possible to have multiple Bootloaders on a single system. You can also boot multiple Operating Systems from the Bootloader, if there is more than one installed.
Boot Process
When the system powers on, it initializes the hardware, such as the CPU, memory, etc. The system verifies the hardware to be operational. This is like the Power-On Self-Test (POST) of the older Basic Input output System (BIOS).
If a hardware error occurs, the system halts the boot process and gives an error message. This allows the user to fix the problem.
Boot Manager
Once the hardware is functioning, the UEFI will then check the boot order in the system settings.
Once it has determined which storage unit (hard disk, NVMe, etc.), network device, USB device, CD/DVD and EFI systems.
Most times, the boot device will be an EFI system. This is a storage unit that contains an EFI directory. On some systems, this could be '/boot/EFI' or '/boot/efi/EFI' folder. The folder is the EFI System Partition (ESP) which should be FAT (FAT12, FAT16 or FAT32).
NOTE: Secure Boot is used to keep a digital signature of the Bootloader in the ESP and verify that nothing has changed. This can help prevent malicious attacks on a system. Anytime you add a new OS, change the Bootloader, or update it, you will get a security alert.
The system passes control to the Bootloader that is listed in the non-volatile RAM (NVRAM) of the UEFI firmware. For those familiar with older systems, this is like the Complimentary Metal-Oxide-Semiconductor (CMOS). Whereas the CMOS is on a volatile storage with a battery backup, the UEFI NVRAM is on something similar to flash drive storage, so no battery is required.
There is a listed Boot Order as well. If the first Bootloader is unavailable, then the system tries the next Bootloader or device from the list.
Bootloader
Within the ESP are folders that contain EFI files. Grub, for example, will be 'grubx64.efi'. If you have multiple Bootloaders, then other EFI files exist. The EFI file is used to load the Bootloader. If the EFI file is corrupt or the incorrect file, the Bootloader will not load.
We assume it finds a Bootloader, such as GRUB. The Bootloader displays a menu and lets the user select the OS they wish to load, or it simply times out and loads the default.
Now, this may be more than simply an OS to choose from the list; there could be a listing of all the kernels for a Linux system.
If one kernel gives problems, such as someone built their own kernel and left out specific drivers that are needed, the system may not boot properly or work properly. The user can choose an older kernel version that worked properly and then they can re-compile a new kernel.
Operating System (OS)
Once the user makes a selection, or the Bootloader times out and selects a default, the control passes to the specified kernel.
The kernel has control of the system and loads all necessary drivers. The OS starts, and the user has a Graphical User Interface (GUI) or Command-Line Interface (CLI), whichever is installed.
Now that you know the process to boot the system, we can look at the 'efibootmgr' that is used to control the entries in the UEFI NVRAM to control the Bootloader or device to boot from during the boot process.
EFIBootMGR
Usually, 'efibootmgr' is present on most systems. If you open a terminal, run 'efibootmgr' and get an error that the system cannot find ‘efibootmgr’, then you will need to install it.
For Ubuntu:
Code:
sudo apt install efibootmgrFor Fedora or CentOS:
Code:
sudo dnf install efibootmgrFor Arch Linux:
Code:
sudo pacman -Sy install efibootmgrNow, you should have 'efibootmgr' installed. If you run 'efibootmgr -V', you’ll get the version of the installed program.
Let's look at the output of just running 'efibootmgr' to get the current settings and boot entries in Figure 1. Keep in mind that I’m using an Ubuntu system, but they should all look similar.
FIGURE 1
Let's look at this output and see what we are dealing with.
The 'BootCurrent' is the entry that was booted from during the last boot process. Here, it is entry '0001'.
'Timeout' is the time that passes before the Bootloader chooses the default entry. Keep in mind that you can also set this value in the Bootloaders.
Next, we can see the 'BootOrder' which is the list of the entries of Bootloaders or devices in the order that it checks the entries. If the first entry exists, then it boots the system from the entry. If the entry does not exist, then it checks the next entry in the list. For example, if the first entry is a DVD that is used to boot live systems, but no disk is in the DVD drive, then it checks the next entry in the list, and so on until an entry boots the system, or all entries fail.
The rest of the output are the entries of Bootloaders or devices.
If you look at the 'BootOrder', Entry 1 is the default. Looking further into Entry 1, you see the EFI that control is being passed to is 'shimx64.efi'. GRUB uses either 'grubx64.efi' or 'shimx64.efi'. So, this entry is for loading GRUB.
NOTE: You may have noticed that I am running this in VirtualBox since the entry in 'Boot0002' shows a VBOX Disk. It still works the same as on a physical system.
Some of these entries are a little easier to see on VirtualBox, since if you enable the EFI option to use UEFI, the storage boot order is all grayed out, as shown in Figure 2.
FIGURE 2
You cannot control the Boot Order here, since UEFI manages it.
So, even if I add a bootable DVD image, it adds the DVD entry to the UEFI Boot Entries, as shown in Figure 3.
FIGURE 3
The asterisks (*) after each entry name, such as 'Boot0001', show that the entry is active and the user can boot from it if it is in the order and everything before it times out.
Later, we will cover how to deactivate an entry so that it is not even checked or used.
If you look back at Figure 1, you can see the GRUB entry has the listing of the location of the 'shimx64' file. Right before the location is '/File', which means it is in BIOS mode. Any entry with '/File' is a BIOS loader. The reason for this is that UEFI is backwards compatible to still load BIOS boot devices. If you look at Figure 3 for the GRUB Entry, it is Boot0003. This is an example of GRUB installed in UEFI mode.
Let's look at the command-line abilities of 'efibootmgr'.
Command-Line Parameters
As with most command-line programs, there are parameters you can pass to the program to accomplish specific tasks.
The parameters for 'efibootmgr' when you issue the '--help' option are:
- -a | --active Set bootnum active
- -A | --inactive Set bootnum inactive
- -b | --bootnum XXXX Modify BootXXXX (hex)
- -B | --delete-bootnum Delete bootnum
- -c | --create Create new variable bootnum and add to bootorder at index (-I)
- -C | --create-only Create new variable bootnum and do not add to bootorder
- -d | --disk disk Disk containing boot loader (defaults to /dev/sda)
- -D | --remove-dups Remove duplicate values from BootOrder
- -e | --edd [1|3] Force boot entries to be created using EDD 1.0 or 3.0 info
- -E | --device num EDD 1.0 device number (defaults to 0x80)
- --full-dev-path Use a full device path
- --file-dev-path Use an abbreviated File() device path
- -f | --reconnect Re-connect devices after driver is loaded
- -F | --no-reconnect Do not re-connect devices after driver is loaded
- -g | --gpt Force disk with invalid PMBR to be treated as GPT
- -i | --iface name Create a netboot entry for the named interface
- -I | --index number When creating an entry, insert it in bootorder at specified position (default: 0)
- -l | --loader name (Defaults to "\EFI\ubuntu\grub.efi")
- -L | --label label Boot manager display label (defaults to "Linux")
- -m | --mirror-below-4G t|f Mirror memory below 4GB
- -M | --mirror-above-4G X Percentage memory to mirror above 4GB
- -n | --bootnext XXXX Set BootNext to XXXX (hex)
- -N | --delete-bootnext Delete BootNext
- -o | --bootorder XXXX,YYYY,ZZZZ,... Explicitly set BootOrder (hex)
- -O | --delete-bootorder Delete BootOrder
- -p | --part part Partition containing loader (defaults to 1 on partitioned devices)
- -q | --quiet Be quiet
- -r | --driver Operate on Driver variables, not Boot Variables
- -t | --timeout seconds Set boot manager timeout waiting for user input
- -T | --delete-timeout Delete Timeout
- -u | --unicode | --UCS-2 Handle extra args as UCS-2 (default is ASCII)
- -v | --verbose Print additional information
- -V | --version Return version and exit
- -w | --write-signature Write unique sig to MBR if needed
- -y | --sysprep Operate on SysPrep variables, not Boot Variables
- -@ | --append-binary-args file Append extra args from file (use "-" for stdin)
- -h | --help Show help/usage
If you need to delete an entry, then use '-B' to delete the entry specified with '-b'.
So, when you want to create a new entry, using '-c' or '-C', which the difference is that '-c' will add the new entry to the Boot Order, but '-C' will not add it to the Boot Order. There are other parameters that you can use with '-c' or '-C'.
We need to specify the disk drive, '-d', to use for the entry. Once you list the drive, you need to designate the partition, '-p' such as partition 1, which would be '-p 1'. You can give a friendly for the entry '-L', which we can call an entry 'GRUB' and use the parameter '-L GRUB'. Finally, we must specify the Bootloader using '-l', such as '-l /EFI/grub2/grubx64.efi'. If you were to use the ‘-C’ option, the other parameters would be required.
Sometimes, you can have duplicate entries, so by specifying the '-D' option, you can have it remove duplicates from the entries, if any exist.
The NVRAM has two different ways to store information: EDD 1.0 and EDD 3.0. The version 1 system allows for number devices, which EDD 3 will have a full path name. If you create an entry and it does not save properly, then you need to add the '-e 3' parameter since your system is most likely using EDD 3 and not EDD 1.
The '-E' device number is '0x80' for EDD 1.
You can use '--full-dev-path' when specifying a device path.
It is possible to use '--file-dev-path'. This may not be as reliable, but an example is 'HD(1,GPT,092024c6-8470-464a-b24e-d1429d4f7066,0x800,0x219800)'. This is the first hard disk, which is GPT and has a PARTUUID listed. The 0x800 is the beginning of the partition (2048) and ends at 2,201,600. Know that the hex number '0x219800' is equal to the decimal value of '2,201,600', which is the size of my sample partition. You can find the value with 'blockdev --getsize /dev/sda1'. Change your device name as needed.
You can download EFI drivers from the manufacturer of your Ethernet or Wireless device and set it up as an entry, but you need to specify the '-f' parameter to load the new driver and initialize the device. If you do not want a reconnect, use the '-F' parameter.
You can force a disk to be seen as a GPT disk with the parameter '-g'
If you create a NetBoot entry, you can use '-i' to create the entry name with the '-i <name>'.
Perhaps you want to insert a new entry into a specific position in the list. Use the '-I #' to specify the position, but the default is '0' if you use the parameter '-I', but specify no number. Without the '-I', it places entries into the next available spot starting from '0000'.
When using the option '-n', you can specify at the next boot to boot from the specified entry. Once rebooted, the Boot Order goes back to normal. For example, if you add a new entry, 'Boot0005', you can test it at the next boot by issuing the command 'efibootmgr -n 0005'.
If you change the next boot to be a specific entry, but then decide not to boot from it, you can issue the command 'efibootmgr -N', which will clear the entry and the boot order is normal again.
You can change the Boot Order as you need, which will be permanent , until you change it again. This is not an issue of its occurring during one boot, like with '-n'. To do this, list the current Boot Order by issuing 'efibootmgr', then use the command 'efibootmgr -o XXXX, YYYY,ZZZZ'. Separate the entries with commas. You can verify the change by issuing the command 'efibootmgr' and getting a listing again.
Using the option '-O- will delete the Boot Order as it is, unless it is still the default, and change it back to the default as set by the firmware.
If you do not want to see output from any of the commands, you can use '-q' to minimize the output from the command.
If you are going to set up a driver entry, such as for an ethernet or wireless device, you can use '-r' to set driver settings and not regular boot settings.
You can set the timeout timer in the Bootloader, or in the UEFI NVRAM with the parameter '-t #' where you set the number of seconds before it uses the default entry.
If you do not want a timeout, you can delete it with the option '-T'.
Use '-v' to get verbose output when running a command.
If you need the version of 'efibootmgr', use the parameter '-V'.
On an older system, or using a disk with MBR, you write a signature to the disk with the parameter '-w'.
I know I may have missed some options that are more obscure, but I do not want to overload you too much.
Network Booting
If you go into your UEFI console setup at boot time, you need to enable network booting.
For VirtualBox, change the Network adapter type to 'Paravirtualized Network (virtio-net)' and reboot. Make sure that when you installed the OS, you enabled EFI OS.
After a reboot, the 'efibootmgr' command should show that there are new entries for the network booting, if you enabled both IPv4 and IPv6, as shown in Figure 4.
FIGURE 4
Best Practices
It is best to add a new entry and set it as default for the next boot.
Reboot the system and make sure the entry works. If the entry works, then you can change the Boot Order and delete other entries, if needed.
Make sure you have one backup entry that works so you can always get back into the system. This is especially true if you load multiple Bootloaders.
Conclusion
Be aware that 'efibootmgr' may have entries that are still BIOS based. So, some entries may not appear too similar.
I lightly covered the basic use of 'efibootmgr' in the Bootloader article.
