When you are using Linux, of any distribution, you sometimes need to look at settings for the UEFI. The reasons vary; you may have a dual-boot system and cannot find the other boot option, maybe you want to have it boot securely, or, in some cases, you want to turn secure boot off so you can boot anything.
For secure boot, you need to use the mokutil command. This manages the keys that are available on the system.
The most obvious and simple to grasp tool is the efibootmgr. Using this, you can work with the different points where you want the boot to continue. Using UEFI, it is much more flexible to create options for how you boot. With the small nifty tool, efibootmgr, you can change, add, and remove boot entries. The boot entries point the process to where it needs to go.
The efibootmgr is available for most distributions as a binary. So, install the ordinary one with your distribution. Once it is installed, you need to run it as root. As you should understand, you may render your system impossible to boot, so be careful. If you run the command without parameters, you get a simple list of current entries.
The list in the picture is very short; the dual boot systems will has many more entries. Since your system probably have many more entries, you may want to choose another start. This is done easily enough.
This is intended for experiments, the ‘-n’ means set bootnext. This will set what will boot the next time you reboot; it does not change what will continue booting first. If you have added something new, you should do this to try it out. If the boot goes through the way you wished it would set it to permanent.
The above command changes the permanent boot order. You do not have to type all zeros, only ‘C, B’ would also have worked. In creating a boot entry:
Running the command without more switches assumes that you have your ESP on dev/sda1 and that it is mounted at /boot/efi. You can also set up the boot to be on another disk. Below is an example.
The command adds ‘-c’ and activates as the first boot entry. The parameter ‘-L’ sets where the file is. This is relative to the ESP partition, usually mounted at ‘/boot/efi’. The ‘-d’ parameter points to the drive you want to use, the default is /dev/sda. Did it go well? If not, you can activate and deactivate the boot entry using ‘-a’ and ‘-A’, respectively.
The parameter points to Boot000C, as you can see, you can also use only the first non-zero value in the point number. If you have many disks, the output looks a little more complex. Use the verbose option to see if they are on many disks.
Timeout: 0 seconds
Boot0000* rEFInd Boot Manager HD(2,GPT,439e77ad-82ea-464d-801d-3d5a3d4b7cd4,0xfa000,0x96000)/File(\EFI\refind\refind_x64.efi)
Boot0001* rEFInd HD(1,GPT,c85dcbd6-880b-f74d-8dac-0504f1dd291e,0x800,0xaf000)/File(\EFI\refind\refind_x64.efi)
Boot000B* ubuntu HD(2,GPT,439e77ad-82ea-464d-801d-3d5a3d4b7cd4,0xfa000,0x96000)/File(\EFI\UBUNTU\GRUBX64.EFI)
Boot000C* UEFI OS HD(2,GPT,439e77ad-82ea-464d-801d-3d5a3d4b7cd4,0xfa000,0x96000)/File(\EFI\BOOT\BOOTX64.EFI)
The funny part here is that you have the partition first, and then the UUID, and finally the path on that disk. It is a bit tricky to remember the values, but it makes for a more robust solution for the system. Any removable disk may not get the same letter after ‘sd’ next time you boot.
The EFI tools are a collection of tools that you can use to figure out what is defined already. The efi-readvar tool can show you everything you have access to. The printout is academic since all you see are the keys. To manipulate the list, you use efi-updatevar. This requires many hoops to do, and when done incorrectly, you can brick your system. With that said, if you have a specific need, you can use the efivars file system. It is mounted read-only by default because of the risk of bricking the system. The steps to get access to the variables are detailed in the link below.
This is about the Macbook Pro that cannot boot without using the GPU, which makes graphical boot impossible when you want to install Linux. Making more changes to the UEFI variables are dangerous not just to your disk contents, it can also set things to not even try a boot.
If you know what guide you are looking for, you use the efibootdump command. This requires a more in-depth knowledge of your system though.
Changing your UEFI variables is possible, however, you should make sure you know exactly what you are doing if you change anything else than the boot order. The boot order will make you reboot a few times until you understand any mistakes you may have made. If you are interested in speeding up your boot and make it more dynamic, consider rEFInd!