From Fedora Project Wiki
(Created page with "{{admon/important | Comments and Explanations | The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "view source" link.<br/> '''Copy the source to a ''new page'' before making changes! DO NOT EDIT THIS TEMPLATE FOR YOUR CHANGE PROPOSAL.'''}} {{admon/tip | Guidance | For details on how to fill out this form, see the [https://docs.fedoraproject.org/en-US/program_management/change...")
 
No edit summary
Line 7: Line 7:
<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->
<!-- The actual name of your proposed change page should look something like: Changes/Your_Change_Proposal_Name.  This keeps all change proposals in the same namespace -->


= Clean Systemd-boot installs
= Clean Systemd-boot installs =


{{Change_Proposal_Banner}}
{{Change_Proposal_Banner}}


== Summary ==
== Summary ==
Fedora default installs with a shim + grub bootloader on EFI platforms, yet has been shipping systemd-boot in various forms for a number of releases. There are a few howto's which describe how to replace grub with systemd-boot with varying levels of functionality. This should be easier, with a formalized default method that can be built upon. This proposal aims to complete the work started with anaconda (inst.sdboot), kickstart (--sdboot) such that the "everything" media can install a grub free machine.
Fedora default installs with a shim + grub bootloader on EFI platforms, yet has been shipping systemd-boot in various forms for a number of releases. There are a few howto's which describe how to replace grub with systemd-boot with varying levels of functionality. This should be easier, with a formalized default method that can be built upon. This proposal aims to complete the work started with anaconda (inst.sdboot), kickstart (bootloader --sdboot) such that the "everything" media can install a grub free machine.


== Owner ==
== Owner ==
Line 35: Line 35:
<!-- [[Category:SystemWideChange]] -->
<!-- [[Category:SystemWideChange]] -->


* Targeted release: [https://docs.fedoraproject.org/en-US/releases/f<VERSION>/ Fedora Linux 39
* Targeted release: [https://docs.fedoraproject.org/en-US/releases/f39/ Fedora Linux 39]
* Last updated: <!-- this is an automatic macro — you don't need to change this line -->  {{REVISIONYEAR}}-{{REVISIONMONTH}}-{{REVISIONDAY2}}  
* Last updated: <!-- this is an automatic macro — you don't need to change this line -->  {{REVISIONYEAR}}-{{REVISIONMONTH}}-{{REVISIONDAY2}}  
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
<!-- After the change proposal is accepted by FESCo, tracking bug is created in Bugzilla and linked to this page  
Line 49: Line 49:


== Detailed Description ==
== Detailed Description ==
As a first pass, simply having the 'inst.sdboot' option already in anaconda work. As it stands, that replaces grub+shim with the systemd-boot loader, and moves the kernel + initrd to the EFI system partition (ESP). It doesn't attempt to create unified kernel images, so the existing `dnf update`, kdumpctl, `make install` in a kernel source directory should all work. The vast majority of this work has been done, leaving only two action items, removing grubby from core, and merging a shimming package (sdubby) into the fedora repos.
As a first pass, the 'inst.sdboot' option already in anaconda should work. As it stands, that replaces grub+shim with the systemd-boot loader, and moves the kernel + initrd to the EFI system partition (ESP). It doesn't attempt to create unified kernel images, so the existing `dnf update`, kdumpctl, `make install` in a kernel source directory should all work. The vast majority of this work has been done, leaving only two action items, removing grubby from core, and merging a shimming package (sdubby) into the fedora repos.


Beyond that there are various enhancements which can be made to remove the /boot partition (leaving the EFI at /boot/efi), enrolling fedora keys if the secure boot mode is "Setup", adding options to enable shim+systemd-boot, assuring that there is a systemd-boot-signed package, etc.
Beyond that there are various enhancements which can be made to remove the /boot partition (leaving the EFI at /boot/efi), enrolling fedora keys if the secure boot mode is "Setup", adding options to enable shim+systemd-boot, assuring that there is a systemd-boot-signed package, etc.
The advantages of just enabling the systemd-boot loader without UKIs or restructuring the /boot and /boot/efi mount points result in a wider range of supported machines and a more familiar environment for users and applications. AFA, by not changing the HostOnly initrd build process the vast majority of UEFI machines are supported.
To be clear the intention isn't to replace grub, but to co-exist alongside as an alternative bootloader.




Line 58: Line 63:


== Benefit to Fedora ==
== Benefit to Fedora ==
<!-- What is the benefit to the distribution?  Will the software we generate be improved? How will the process of creating Fedora releases be improved?
<!-- What is the benefit to the distribution?  Will the software we generate be improved? How will the process of creating Fedora releases be improved?
 
      Be sure to include the following areas if relevant:
      If this is a major capability update, what has changed?
          For example: This change introduces Python 5 that runs without the Global Interpreter Lock and is fully multithreaded.
      If this is a new functionality, what capabilities does it bring?
          For example: This change allows package upgrades to be performed automatically and rolled-back at will.
      Does this improve some specific package or set of packages?
          For example: This change modifies a package to use a different language stack that reduces install size by removing dependencies.
      Does this improve specific Spins or Editions?
          For example: This change modifies the default install of Fedora Workstation to be more in line with the base install of Fedora Server.
      Does this make the distribution more efficient?
          For example: This change replaces thousands of individual %post scriptlets in packages with one script that runs at the end.
      Is this an improvement to maintainer processes?
          For example: Gating Fedora packages on automatic QA tests will make rawhide more stable and allow changes to be implemented more smoothly.
      Is this an improvement targeted as specific contributors?
          For example: Ensuring that a minimal set of tools required for contribution to Fedora are installed by default eases the onboarding of new contributors.
 
    When a Change has multiple benefits, it's better to list them all.
 
    Consider these Change pages from previous editions as inspiration:
    https://fedoraproject.org/wiki/Changes/Annobin (low-level and technical, invisible to users)
    https://fedoraproject.org/wiki/Changes/ParallelInstallableDebuginfo (low-level, but visible to advanced users)
    https://fedoraproject.org/wiki/Changes/VirtualBox_Guest_Integration (primarily a UX change)
    https://fedoraproject.org/wiki/Changes/NoMoreAlpha (an improvement to distro processes)
    https://fedoraproject.org/wiki/Changes/perl5.26 (major upgrade to a popular software stack, visible to users of that stack)
-->
-->
Fedora is considered a forward looking distro, and as systemd-boot and UKIs gain traction it should be straightforward for users/testers to try out this option as well.  
Fedora is considered a forward looking distro. As systemd-boot and UKIs gain traction it should be straightforward for users/testers to try out this option in their own environments with a well defined configuration.


The intention isn't to replace grub, but to co-exist alongside as an alternative bootloader.
Potentially in the future, once secure boot/etc is straightened out the simpler/cleaner code base may prove to be more secure, or a consistent set of measured boot PCRs may enable a simpler (for the end user) encrypted storage environment.
 
and can be installed by other distros it should be the leader in providing a testing/integration platform for environments that aren't interested in running grub


== Scope ==
== Scope ==
* Proposal owners:
* Proposal owners:
<!-- What work do the feature owners have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
<!-- What work do the feature owners have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
At the moment two things remain open:
https://pagure.io/fedora-comps/pull-request/838
and:
https://bugzilla.redhat.com/show_bug.cgi?id=2134972
Both of which are largely in the "needs more discussion" state, but otherwise are complete as they stand.
There is also an open kexec-tools + aarch64 zboot set that needs to be merged in order to support kdump properly on aarch64 platforms, although that problem is caused by zboot enablement and affects grub as well. Zboot is required for systemd-boot at the moment.


* Other developers: <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Other developers: <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- What work do other developers have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
<!-- What work do other developers have to accomplish to complete the feature in time for release?  Is it a large change affecting many parts of the distribution or is it a very isolated change? What are those changes?-->
Depending on the results of the discussion above: Its possible the systemd maintainers, kdumpctl, etc may need changes.


* Release engineering: [https://pagure.io/releng/issues #Releng issue number] <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Release engineering: [https://pagure.io/releng/issues #Releng issue number] <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
Line 113: Line 105:
== Upgrade/compatibility impact ==
== Upgrade/compatibility impact ==
<!-- What happens to systems that have had a previous versions of Fedora installed and are updated to the version containing this change? Will anything require manual configuration or data migration? Will any existing functionality be no longer supported? -->
<!-- What happens to systems that have had a previous versions of Fedora installed and are updated to the version containing this change? Will anything require manual configuration or data migration? Will any existing functionality be no longer supported? -->
Ideally nothing as we aren't deprecating or changing the shim + grub boot paths.


<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
Line 131: Line 124:
3. What are the expected results of those actions?
3. What are the expected results of those actions?
-->
-->
# Have a VM or non critical test machine that can be reinstalled at will.
# Assure secure boot is disabled or in setup mode.
# Pass `inst.sdboot` on the kernel/grub command line presented on the install media and install as normal.
## possibly adding additional space to the EFI system partition during partitioning to guarantee there is sufficient space for the number of bootable kernels active on the machine (~100MB each should be more than sufficient)
## Alternatively `--sdboot` can be added to the bootloader command in kickstarts, and the partitions/etc adjusted there
# Use the machine as normal.
# Report issues during upgrades, or with any packages that can't find kernel images. Everything besides the loader entries, kernel image, and generated initrds should remain in /boot.


<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
Line 146: Line 148:
  - Green has been scientifically proven to be the most relaxing color. The move to a default background color of green with green text will result in Fedora users being the most relaxed users of any operating system.
  - Green has been scientifically proven to be the most relaxing color. The move to a default background color of green with green text will result in Fedora users being the most relaxed users of any operating system.
-->
-->
Ideally, after the initial install the fedora experience should generally remain the same. There may be slight differences in boot timings (at least on aarch64 possibly slightly faster) and the bootctl utility may have more information.


== Dependencies ==
== Dependencies ==
<!-- What other packages (RPMs) depend on this package?  Are there changes outside the developers' control on which completion of this change depends?  In other words, completion of another change owned by someone else and might cause you to not be able to finish on time or that you would need to coordinate?  Other upstream projects like the kernel (if this is not a kernel change)? -->
<!-- What other packages (RPMs) depend on this package?  Are there changes outside the developers' control on which completion of this change depends?  In other words, completion of another change owned by someone else and might cause you to not be able to finish on time or that you would need to coordinate?  Other upstream projects like the kernel (if this is not a kernel change)? -->
Systemd-boot, described in the comps and sdubby review.


<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
Line 154: Line 161:


== Contingency Plan ==
== Contingency Plan ==
Tell users that the install option remains incomplete and point them at how to manually edit comps and pull down the copr repos needed. Similar to the existing systemd-boot HOWTOs.


<!-- If you cannot complete your feature by the final development freeze, what is the backup plan?  This might be as simple as "Revert the shipped configuration".  Or it might not (e.g. rebuilding a number of dependent packages).  If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy.  -->
<!-- If you cannot complete your feature by the final development freeze, what is the backup plan?  This might be as simple as "Revert the shipped configuration".  Or it might not (e.g. rebuilding a number of dependent packages).  If you feature is not completed in time we want to assure others that other parts of Fedora will not be in jeopardy.  -->
* Contingency mechanism: (What to do?  Who will do it?) N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Contingency mechanism: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
<!-- When is the last time the contingency mechanism can be put in place?  This will typically be the beta freeze. -->
* Contingency deadline: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
* Contingency deadline: N/A (not a System Wide Change)  <!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
Line 165: Line 174:
== Documentation ==
== Documentation ==
<!-- Is there upstream documentation on this change, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
<!-- Is there upstream documentation on this change, or notes you have written yourself?  Link to that material here so other interested developers can get involved. -->
https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#inst-sdboot
or
https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader


<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->
<!-- REQUIRED FOR SYSTEM WIDE CHANGES -->

Revision as of 20:26, 12 June 2023

Comments and Explanations
The page source contains comments providing guidance to fill out each section. They are invisible when viewing this page. To read it, choose the "view source" link.
Copy the source to a new page before making changes! DO NOT EDIT THIS TEMPLATE FOR YOUR CHANGE PROPOSAL.
Guidance
For details on how to fill out this form, see the documentation.
Report issues
To report an issue with this template, file an issue in the pgm_docs repo.


Clean Systemd-boot installs

This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes process, proposals are publicly announced in order to receive community feedback. This proposal will only be implemented if approved by the Fedora Engineering Steering Committee.

Summary

Fedora default installs with a shim + grub bootloader on EFI platforms, yet has been shipping systemd-boot in various forms for a number of releases. There are a few howto's which describe how to replace grub with systemd-boot with varying levels of functionality. This should be easier, with a formalized default method that can be built upon. This proposal aims to complete the work started with anaconda (inst.sdboot), kickstart (bootloader --sdboot) such that the "everything" media can install a grub free machine.

Owner

  • Name: Jeremy Linton
  • Name: Possibly others since it may touch -comps, systemd-boot, etc
  • Email: <jeremy.linton@arm.com>


Current status

  • Targeted release: Fedora Linux 39
  • Last updated: 2023-06-12
  • [<will be assigned by the Wrangler> devel thread]
  • FESCo issue: <will be assigned by the Wrangler>
  • Tracker bug: <will be assigned by the Wrangler>
  • Release notes tracker: <will be assigned by the Wrangler>

Detailed Description

As a first pass, the 'inst.sdboot' option already in anaconda should work. As it stands, that replaces grub+shim with the systemd-boot loader, and moves the kernel + initrd to the EFI system partition (ESP). It doesn't attempt to create unified kernel images, so the existing dnf update, kdumpctl, make install in a kernel source directory should all work. The vast majority of this work has been done, leaving only two action items, removing grubby from core, and merging a shimming package (sdubby) into the fedora repos.

Beyond that there are various enhancements which can be made to remove the /boot partition (leaving the EFI at /boot/efi), enrolling fedora keys if the secure boot mode is "Setup", adding options to enable shim+systemd-boot, assuring that there is a systemd-boot-signed package, etc.

The advantages of just enabling the systemd-boot loader without UKIs or restructuring the /boot and /boot/efi mount points result in a wider range of supported machines and a more familiar environment for users and applications. AFA, by not changing the HostOnly initrd build process the vast majority of UEFI machines are supported.

To be clear the intention isn't to replace grub, but to co-exist alongside as an alternative bootloader.


Feedback

Benefit to Fedora

Fedora is considered a forward looking distro. As systemd-boot and UKIs gain traction it should be straightforward for users/testers to try out this option in their own environments with a well defined configuration.

Potentially in the future, once secure boot/etc is straightened out the simpler/cleaner code base may prove to be more secure, or a consistent set of measured boot PCRs may enable a simpler (for the end user) encrypted storage environment.

Scope

  • Proposal owners:

At the moment two things remain open:

https://pagure.io/fedora-comps/pull-request/838

and:

https://bugzilla.redhat.com/show_bug.cgi?id=2134972

Both of which are largely in the "needs more discussion" state, but otherwise are complete as they stand.

There is also an open kexec-tools + aarch64 zboot set that needs to be merged in order to support kdump properly on aarch64 platforms, although that problem is caused by zboot enablement and affects grub as well. Zboot is required for systemd-boot at the moment.

  • Other developers:

Depending on the results of the discussion above: Its possible the systemd maintainers, kdumpctl, etc may need changes.


  • Policies and guidelines: N/A (not needed for this Change)
  • Trademark approval: N/A (not needed for this Change)
  • Alignment with Community Initiatives:

Upgrade/compatibility impact

Ideally nothing as we aren't deprecating or changing the shim + grub boot paths.


How To Test

  1. Have a VM or non critical test machine that can be reinstalled at will.
  2. Assure secure boot is disabled or in setup mode.
  3. Pass inst.sdboot on the kernel/grub command line presented on the install media and install as normal.
    1. possibly adding additional space to the EFI system partition during partitioning to guarantee there is sufficient space for the number of bootable kernels active on the machine (~100MB each should be more than sufficient)
    2. Alternatively --sdboot can be added to the bootloader command in kickstarts, and the partitions/etc adjusted there
  4. Use the machine as normal.
  5. Report issues during upgrades, or with any packages that can't find kernel images. Everything besides the loader entries, kernel image, and generated initrds should remain in /boot.



User Experience

Ideally, after the initial install the fedora experience should generally remain the same. There may be slight differences in boot timings (at least on aarch64 possibly slightly faster) and the bootctl utility may have more information.


Dependencies

Systemd-boot, described in the comps and sdubby review.



Contingency Plan

Tell users that the install option remains incomplete and point them at how to manually edit comps and pull down the copr repos needed. Similar to the existing systemd-boot HOWTOs.

  • Contingency mechanism: N/A (not a System Wide Change)
  • Contingency deadline: N/A (not a System Wide Change)
  • Blocks release? N/A (not a System Wide Change), Yes/No


Documentation

https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#inst-sdboot or https://pykickstart.readthedocs.io/en/latest/kickstart-docs.html#bootloader


N/A (not a System Wide Change)

Release Notes