I use Garuda-KDE-Lite as my favored Arch variant, and my day-to-day GNU/Linux distribution, dual-booted with Windows 11-Pro (for now), using the rEFInd boot manager. Since Windows 11 wants secure boot enabled, I searched for, and found a way to configure Garuda to sign all the required files, so it can successfully boot with secure boot enabled, namely, by using sbctl, and the configuration steps in the item Secure Boot Setup, that I found in the CachyOS Wiki.
Yesterday, Sunday, September 29, 2024, I decided to try to tri-boot Windows 11 Pro, Garuda-KDE-Lite, and RebornOS. Everything worked perfectly, until I attempted to enable secure boot in both Garuda, and RebornOS, to satisfy Windows 11. After using sbctl to sign all the required files in RebornOS, I was unable to load Garuda with secure boot enabled. When I attempted to launch Garuda, the rEFInd screen would blank as expected, but then it would return with no error item displayed. After several hours of research, I decided to remove RebornOS until I can find a good solution that will allow me to tri-boot all three OSes with secure boot enabled, and not have to manually sign the kernels following an update.
My next exploration is to learn how to add a post install hook for the kernel, so it gets automatically signed with each update, starting with the Arch Wiki. If anyone has information/documentation that will help me, please reply.
Hi Ernie,
It is a good idea to report failures. It is a bit like the scientific attitude to reporting negative results. It will help someone… knowing what does not work is still knowledge.
Sorry , I cant help with secure boot . You are the expert there.
An experiment to see if I can do it. Garuda has become my Arch distribution of choice, but I used RebornOS for a while, and I like it too. If I can figure out a way to automatically sign kernel updates following their installation, I’ll be a happy camper. Right now, sbctl takes care of all that when booting one GNU/Linux distribution, dual-booting with Windows, but not with multiple distributions. That’s what I want to figure out.
I have 5 at the moment, and planning for 6.
Why? I like to keep different sorts of work totally separate, so I use a different distro for each. Void for Vm’s and containers, Devuan for image processing, MX for mail and general use, …
Sorry @Ernie, diverting your topic.
I think those who developed sbctl did not give sufficent thought to the multiboot situation. Have a look at their website or github page… it may give some clues.
Not at all! Your contributions here, are very interesting, and useful! It’s simply the case that, for me, the objective of multi-booting will allow me to have at least one stable, properly functioning OS, while I take chances with my experimentations/adventures in the others. However, in order to achieve my goal, I need to learn how to enable secure boot in all the OSes I use, and I want that to be as painless, and automatic as possible. I hope all this makes sense,
I’m sorry that sometimes things fail for you. Sometimes they do for me too. When that happens, I either do research to learn why, or failing that, I put the experiment on the back burner for another time, when, hopefully, I find new information.
When something you try from one of my posts fails, please reply to the post with details about what failed, what hardware was involved (if you know), and any error messages you get. With that information, I may be able to help,
Thanks for the offer of help, usually i just get into the bios and make a change then try again, then change the bios until its sorted. Not an ideal way and really i should note my steps for next time… but forget and there are just so many bios settings depending on age make and occasionally just one of those things.
Most of the time mint sorts it for me but then when i get confident and say 4 hours to fix it takes me all day to sort.
