]>
Commit | Line | Data |
---|---|---|
f37d3835 | 1 | <?xml version='1.0'?> <!--*-nxml-*--> |
3a54a157 | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" |
f37d3835 | 3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> |
f37d3835 ZJS |
4 | <!-- SPDX-License-Identifier: LGPL-2.1+ --> |
5 | ||
70c8db75 | 6 | <refentry id="systemd-boot" conditional='ENABLE_EFI' |
f37d3835 ZJS |
7 | xmlns:xi="http://www.w3.org/2001/XInclude"> |
8 | <refentryinfo> | |
70c8db75 | 9 | <title>systemd-boot</title> |
f37d3835 | 10 | <productname>systemd</productname> |
f37d3835 ZJS |
11 | </refentryinfo> |
12 | ||
13 | <refmeta> | |
70c8db75 | 14 | <refentrytitle>systemd-boot</refentrytitle> |
f37d3835 ZJS |
15 | <manvolnum>7</manvolnum> |
16 | </refmeta> | |
17 | ||
18 | <refnamediv> | |
70c8db75 | 19 | <refname>systemd-boot</refname> |
f37d3835 ZJS |
20 | <refname>sd-boot</refname> |
21 | <refpurpose>A simple UEFI boot manager</refpurpose> | |
22 | </refnamediv> | |
23 | ||
24 | <refsect1> | |
25 | <title>Description</title> | |
26 | ||
c5fcaed8 LP |
27 | <para><command>systemd-boot</command> (short: <command>sd-boot</command>) is a simple UEFI boot |
28 | manager. It provides a graphical menu to select the entry to boot and an editor for the kernel command | |
29 | line. <command>systemd-boot</command> supports systems with UEFI firmware only.</para> | |
53ddb667 | 30 | |
39867bb9 LP |
31 | <para><command>systemd-boot</command> loads boot entry information from the EFI system partition (ESP), |
32 | usually mounted at <filename>/efi/</filename>, <filename>/boot/</filename>, or | |
33 | <filename>/boot/efi/</filename> during OS runtime, as well as from the Extended Boot Loader partition if | |
34 | it exists (usually mounted to <filename>/boot/</filename>). Configuration file fragments, kernels, | |
35 | initrds and other EFI images to boot generally need to reside on the ESP or the Extended Boot Loader | |
36 | partition. Linux kernels must be built with <option>CONFIG_EFI_STUB</option> to be able to be directly | |
37 | executed as an EFI image. During boot <command>systemd-boot</command> automatically assembles a list of | |
38 | boot entries from the following sources:</para> | |
53ddb667 LP |
39 | |
40 | <itemizedlist> | |
41 | <listitem><para>Boot entries defined with <ulink | |
c5fcaed8 LP |
42 | url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink> description files |
43 | located in <filename>/loader/entries/</filename> on the ESP and the Extended Boot Loader | |
44 | Partition. These usually describe Linux kernel images with associated initrd images, but alternatively | |
45 | may also describe arbitrary other EFI executables.</para></listitem> | |
53ddb667 LP |
46 | |
47 | <listitem><para>Unified kernel images following the <ulink | |
c5fcaed8 LP |
48 | url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink>, as executable EFI |
49 | binaries in <filename>/EFI/Linux/</filename> on the ESP and the Extended Boot Loader Partition. | |
48691dca | 50 | </para></listitem> |
53ddb667 LP |
51 | |
52 | <listitem><para>The Microsoft Windows EFI boot manager, if installed</para></listitem> | |
53 | ||
54 | <listitem><para>The Apple MacOS X boot manager, if installed</para></listitem> | |
55 | ||
56 | <listitem><para>The EFI Shell binary, if installed</para></listitem> | |
57 | ||
58 | <listitem><para>A reboot into the UEFI firmware setup option, if supported by the firmware</para></listitem> | |
59 | </itemizedlist> | |
60 | ||
39867bb9 LP |
61 | <para><command>systemd-boot</command> supports the following features:</para> |
62 | ||
63 | <itemizedlist> | |
64 | <listitem><para>Basic boot manager configuration changes (such as timeout | |
65 | configuration, default boot entry selection, …) may be made directly from the boot loader UI at | |
66 | boot-time, as well as during system runtime with EFI variables.</para></listitem> | |
67 | ||
68 | <listitem><para>The boot manager integrates with the <command>systemctl</command> command to implement | |
69 | features such as <command>systemctl reboot --boot-loader-entry=…</command> (for rebooting into a | |
70 | specific boot menu entry, i.e. "reboot into Windows") and <command>systemctl reboot | |
71 | --boot-loader-menu=…</command> (for rebooting into the boot loader menu), by implementing the <ulink | |
72 | url="https://systemd.io/BOOT_LOADER_INTERFACE">Boot Loader Interface</ulink>. See | |
73 | <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for | |
74 | details.</para></listitem> | |
75 | ||
76 | <listitem><para>An EFI variable set by the boot loader informs the OS about the ESP partition used | |
77 | during boot. This is then used to automatically mount the correct ESP partition to | |
78 | <filename>/efi/</filename> or <filename>/boot/</filename> during OS runtime. See | |
79 | <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
80 | for details.</para></listitem> | |
81 | ||
82 | <listitem><para>The boot manager provides information about the boot time spent in UEFI firmware using | |
83 | the <ulink url="https://systemd.io/BOOT_LOADER_INTERFACE">Boot Loader Interface</ulink>. This | |
84 | information can be displayed using | |
85 | <citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry>. | |
86 | </para></listitem> | |
87 | ||
88 | <listitem><para>The boot manager implements boot counting and automatic fallback to older, working boot | |
89 | entries on failure. See <ulink url="https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT">Automatic Boot | |
90 | Assessment</ulink>.</para></listitem> | |
91 | ||
92 | <listitem><para>The boot manager optionally reads a random seed from the ESP partition, combines it | |
93 | with a 'system token' stored in a persistant EFI variable and derives a random seed to use by the OS as | |
94 | entropy pool initializaton, providing a full entropy pool during early boot.</para></listitem> | |
95 | </itemizedlist> | |
96 | ||
97 | <para><citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
c5fcaed8 LP |
98 | may be used from a running system to locate the ESP and the Extended Boot Loader Partition, list |
99 | available entries, and install <command>systemd-boot</command> itself.</para> | |
53ddb667 | 100 | |
39867bb9 LP |
101 | <para><citerefentry><refentrytitle>kernel-install</refentrytitle><manvolnum>8</manvolnum></citerefentry> |
102 | may be used to copy kernel images onto the ESP or the Extended Boot Loader Partition and to generate | |
103 | description files compliant with the Boot Loader | |
104 | Specification.</para> | |
f37d3835 ZJS |
105 | </refsect1> |
106 | ||
f37d3835 ZJS |
107 | <refsect1> |
108 | <title>Key bindings</title> | |
109 | <para>The following keys may be used in the boot menu:</para> | |
110 | ||
111 | <variablelist> | |
112 | <varlistentry> | |
8c073dde LP |
113 | <term><keycap>↑</keycap> (Up)</term> |
114 | <term><keycap>↓</keycap> (Down)</term> | |
115 | <term><keycap>j</keycap></term> | |
116 | <term><keycap>k</keycap></term> | |
117 | <term><keycap>PageUp</keycap></term> | |
118 | <term><keycap>PageDown</keycap></term> | |
119 | <term><keycap>Home</keycap></term> | |
120 | <term><keycap>End</keycap></term> | |
f37d3835 ZJS |
121 | <listitem><para>Navigate up/down in the entry list</para></listitem> |
122 | </varlistentry> | |
123 | ||
124 | <varlistentry> | |
8c073dde | 125 | <term><keycap>↵</keycap> (Enter)</term> |
f37d3835 ZJS |
126 | <listitem><para>Boot selected entry</para></listitem> |
127 | </varlistentry> | |
128 | ||
129 | <varlistentry> | |
8c073dde | 130 | <term><keycap>d</keycap></term> |
f37d3835 ZJS |
131 | <listitem><para>Make selected entry the default</para></listitem> |
132 | </varlistentry> | |
133 | ||
134 | <varlistentry> | |
8c073dde | 135 | <term><keycap>e</keycap></term> |
f37d3835 ZJS |
136 | <listitem><para>Edit the kernel command line for selected entry</para></listitem> |
137 | </varlistentry> | |
138 | ||
139 | <varlistentry> | |
8c073dde LP |
140 | <term><keycap>+</keycap></term> |
141 | <term><keycap>t</keycap></term> | |
f37d3835 ZJS |
142 | <listitem><para>Increase the timeout before default entry is booted</para></listitem> |
143 | </varlistentry> | |
144 | ||
145 | <varlistentry> | |
8c073dde LP |
146 | <term><keycap>-</keycap></term> |
147 | <term><keycap>T</keycap></term> | |
f37d3835 ZJS |
148 | <listitem><para>Decrease the timeout</para></listitem> |
149 | </varlistentry> | |
150 | ||
151 | <varlistentry> | |
8c073dde | 152 | <term><keycap>v</keycap></term> |
70c8db75 | 153 | <listitem><para>Show systemd-boot, UEFI, and firmware versions</para></listitem> |
f37d3835 ZJS |
154 | </varlistentry> |
155 | ||
156 | <varlistentry> | |
8c073dde | 157 | <term><keycap>P</keycap></term> |
f37d3835 ZJS |
158 | <listitem><para>Print status</para></listitem> |
159 | </varlistentry> | |
160 | ||
161 | <varlistentry> | |
8c073dde | 162 | <term><keycap>Q</keycap></term> |
f37d3835 ZJS |
163 | <listitem><para>Quit</para></listitem> |
164 | </varlistentry> | |
165 | ||
166 | <varlistentry> | |
8c073dde LP |
167 | <term><keycap>h</keycap></term> |
168 | <term><keycap>?</keycap></term> | |
f37d3835 ZJS |
169 | <listitem><para>Show a help screen</para></listitem> |
170 | </varlistentry> | |
171 | ||
172 | <varlistentry> | |
8c073dde | 173 | <term><keycombo><keycap>Ctrl</keycap><keycap>l</keycap></keycombo></term> |
f37d3835 ZJS |
174 | <listitem><para>Reprint the screen</para></listitem> |
175 | </varlistentry> | |
176 | </variablelist> | |
177 | ||
178 | <para>The following keys may be used during bootup or in the boot menu to | |
179 | directly boot a specific entry:</para> | |
180 | ||
181 | <variablelist> | |
182 | <varlistentry> | |
8c073dde | 183 | <term><keycap>l</keycap></term> |
f37d3835 ZJS |
184 | <listitem><para>Linux</para></listitem> |
185 | </varlistentry> | |
186 | ||
187 | <varlistentry> | |
8c073dde | 188 | <term><keycap>w</keycap></term> |
f37d3835 ZJS |
189 | <listitem><para>Windows</para></listitem> |
190 | </varlistentry> | |
191 | ||
192 | <varlistentry> | |
8c073dde | 193 | <term><keycap>a</keycap></term> |
f37d3835 ZJS |
194 | <listitem><para>OS X</para></listitem> |
195 | </varlistentry> | |
196 | ||
197 | <varlistentry> | |
8c073dde | 198 | <term><keycap>s</keycap></term> |
f37d3835 ZJS |
199 | <listitem><para>EFI shell</para></listitem> |
200 | </varlistentry> | |
201 | ||
202 | <varlistentry> | |
8c073dde LP |
203 | <term><keycap>1</keycap></term> |
204 | <term><keycap>2</keycap></term> | |
205 | <term><keycap>3</keycap></term> | |
206 | <term><keycap>4</keycap></term> | |
207 | <term><keycap>5</keycap></term> | |
208 | <term><keycap>6</keycap></term> | |
209 | <term><keycap>7</keycap></term> | |
210 | <term><keycap>8</keycap></term> | |
211 | <term><keycap>9</keycap></term> | |
53ddb667 | 212 | <listitem><para>Boot entry number 1 … 9</para></listitem> |
f37d3835 ZJS |
213 | </varlistentry> |
214 | </variablelist> | |
215 | ||
216 | <para>In the editor, most keys simply insert themselves, but the following keys | |
217 | may be used to perform additional actions:</para> | |
218 | ||
219 | <variablelist> | |
220 | <varlistentry> | |
8c073dde LP |
221 | <term><keycap>←</keycap> (Left)</term> |
222 | <term><keycap>→</keycap> (Right)</term> | |
223 | <term><keycap>Home</keycap></term> | |
224 | <term><keycap>End</keycap></term> | |
f37d3835 ZJS |
225 | <listitem><para>Navigate left/right</para></listitem> |
226 | </varlistentry> | |
227 | ||
228 | <varlistentry> | |
8c073dde | 229 | <term><keycap>Esc</keycap></term> |
f37d3835 ZJS |
230 | <listitem><para>Abort the edit and quit the editor</para></listitem> |
231 | </varlistentry> | |
232 | ||
233 | <varlistentry> | |
8c073dde | 234 | <term><keycombo><keycap>Ctrl</keycap><keycap>k</keycap></keycombo></term> |
f37d3835 ZJS |
235 | <listitem><para>Clear the command line</para></listitem> |
236 | </varlistentry> | |
237 | ||
238 | <varlistentry> | |
8c073dde LP |
239 | <term><keycombo><keycap>Ctrl</keycap><keycap>w</keycap></keycombo></term> |
240 | <term><keycombo><keycap>Alt</keycap><keycap>Backspace</keycap></keycombo></term> | |
f37d3835 ZJS |
241 | <listitem><para>Delete word backwards</para></listitem> |
242 | </varlistentry> | |
243 | ||
244 | <varlistentry> | |
8c073dde | 245 | <term><keycombo><keycap>Alt</keycap><keycap>d</keycap></keycombo></term> |
f37d3835 ZJS |
246 | <listitem><para>Delete word forwards</para></listitem> |
247 | </varlistentry> | |
248 | ||
249 | <varlistentry> | |
8c073dde | 250 | <term><keycap>↵</keycap> (Enter)</term> |
f37d3835 ZJS |
251 | <listitem><para>Boot entry with the edited command line</para></listitem> |
252 | </varlistentry> | |
253 | </variablelist> | |
254 | ||
70c8db75 | 255 | <para>Note that unless configured otherwise in the UEFI firmware, systemd-boot will |
f37d3835 ZJS |
256 | use the US keyboard layout, so key labels might not match for keys like +/-. |
257 | </para> | |
258 | </refsect1> | |
259 | ||
53ddb667 LP |
260 | <refsect1> |
261 | <title>Files</title> | |
262 | ||
c5fcaed8 LP |
263 | <para>The files <command>systemd-boot</command> processes generally reside on the UEFI ESP which is |
264 | usually mounted to <filename>/efi/</filename>, <filename>/boot/</filename> or | |
265 | <filename>/boot/efi/</filename> during OS runtime. It also processes files on the Extended Boot Loader | |
266 | partition which is typically mounted to <filename>/boot/</filename>, if it | |
267 | exists. <command>systemd-boot</command> reads runtime configuration such as the boot timeout and default | |
268 | entry from <filename>/loader/loader.conf</filename> on the ESP (in combination with data read from EFI | |
269 | variables). See | |
270 | <citerefentry><refentrytitle>loader.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Boot | |
271 | entry description files following the <ulink url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot | |
272 | Loader Specification</ulink> are read from <filename>/loader/entries/</filename> on the ESP and the | |
273 | Extended Boot Loader partition. Unified kernel boot entries following the <ulink | |
274 | url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink> are read from | |
39867bb9 LP |
275 | <filename>/EFI/Linux/</filename> on the ESP and the Extended Boot Loader partition. Optionally, a random |
276 | seed for early boot entropy pool provisioning is stored in <filename>/loader/random-seed</filename> in | |
277 | the ESP.</para> | |
53ddb667 LP |
278 | </refsect1> |
279 | ||
8eebff9e LP |
280 | <refsect1> |
281 | <title>EFI Variables</title> | |
282 | ||
283 | <para>The following EFI variables are defined, set and read by <command>systemd-boot</command>, under the vendor | |
284 | UUID <literal>4a67b082-0a4c-41cf-b6c7-440b29bb8c4</literal>, for communication between the OS and the boot | |
285 | loader:</para> | |
286 | ||
bc61c2b1 | 287 | <variablelist class='efi-variables'> |
8eebff9e LP |
288 | <varlistentry> |
289 | <term><varname>LoaderBootCountPath</varname></term> | |
290 | <listitem><para>If boot counting is enabled, contains the path to the file in whose name the boot counters are | |
291 | encoded. Set by the boot | |
292 | loader. <citerefentry><refentrytitle>systemd-bless-boot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
293 | uses this information to mark a boot as successful as determined by the successful activation of the | |
294 | <filename>boot-complete.target</filename> target unit.</para></listitem> | |
295 | </varlistentry> | |
296 | ||
297 | <varlistentry> | |
298 | <term><varname>LoaderConfigTimeout</varname></term> | |
fe2579dd | 299 | <term><varname>LoaderConfigTimeoutOneShot</varname></term> |
3f9a0a52 | 300 | <listitem><para>The menu timeout in seconds. Read by the boot loader. <varname>LoaderConfigTimeout</varname> |
fe2579dd LP |
301 | is maintained persistently, while <varname>LoaderConfigTimeoutOneShot</varname> is a one-time override which is |
302 | read once (in which case it takes precedence over <varname>LoaderConfigTimeout</varname>) and then | |
303 | removed. <varname>LoaderConfigTimeout</varname> may be manipulated with the | |
304 | <keycap>t</keycap>/<keycap>T</keycap> keys, see above.)</para></listitem> | |
8eebff9e LP |
305 | </varlistentry> |
306 | ||
307 | <varlistentry> | |
308 | <term><varname>LoaderDevicePartUUID</varname></term> | |
309 | ||
310 | <listitem><para>Contains the partition UUID of the EFI System Partition the boot loader was run from. Set by | |
311 | the boot | |
312 | loader. <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
313 | uses this information to automatically find the disk booted from, in order to discover various other partitions | |
314 | on the same disk automatically.</para></listitem> | |
315 | </varlistentry> | |
316 | ||
317 | <varlistentry> | |
318 | <term><varname>LoaderEntries</varname></term> | |
319 | ||
320 | <listitem><para>A list of the identifiers of all discovered boot loader entries. Set by the boot | |
321 | loader.</para></listitem> | |
322 | </varlistentry> | |
323 | ||
324 | <varlistentry> | |
325 | <term><varname>LoaderEntryDefault</varname></term> | |
326 | <term><varname>LoaderEntryOneShot</varname></term> | |
327 | ||
328 | <listitem><para>The identifier of the default boot loader entry. Set primarily by the OS and read by the boot | |
329 | loader. <varname>LoaderEntryOneShot</varname> sets the default entry for the next boot only, while | |
330 | <varname>LoaderEntryDefault</varname> sets it persistently for all future | |
331 | boots. <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s | |
332 | <option>set-default</option> and <option>set-oneshot</option> commands make use of these variables. The boot | |
333 | loader modifies <varname>LoaderEntryDefault</varname> on request, when the <keycap>d</keycap> key is used, see | |
334 | above.)</para></listitem> | |
335 | </varlistentry> | |
336 | ||
337 | <varlistentry> | |
338 | <term><varname>LoaderEntrySelected</varname></term> | |
339 | ||
340 | <listitem><para>The identifier of the boot loader entry currently being booted. Set by the boot | |
341 | loader.</para></listitem> | |
342 | </varlistentry> | |
343 | ||
5dd5f7cf LP |
344 | <varlistentry> |
345 | <term><varname>LoaderFeatures</varname></term> | |
346 | ||
347 | <listitem><para>A set of flags indicating the features the boot loader supports. Set by the boot loader. Use | |
348 | <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this | |
349 | data.</para></listitem> | |
350 | </varlistentry> | |
351 | ||
8eebff9e LP |
352 | <varlistentry> |
353 | <term><varname>LoaderFirmwareInfo</varname></term> | |
354 | <term><varname>LoaderFirmwareType</varname></term> | |
355 | ||
356 | <listitem><para>Brief firmware information. Set by the boot loader. Use | |
357 | <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this | |
358 | data.</para></listitem> | |
359 | </varlistentry> | |
360 | ||
361 | <varlistentry> | |
362 | <term><varname>LoaderImageIdentifier</varname></term> | |
363 | ||
364 | <listitem><para>The path of executable of the boot loader used for the current boot, relative to the EFI System | |
365 | Partition's root directory. Set by the boot loader. Use | |
366 | <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this | |
367 | data.</para></listitem> | |
368 | </varlistentry> | |
369 | ||
370 | <varlistentry> | |
371 | <term><varname>LoaderInfo</varname></term> | |
372 | ||
373 | <listitem><para>Brief information about the boot loader. Set by the boot loader. Use | |
374 | <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> to view this | |
375 | data.</para></listitem> | |
376 | </varlistentry> | |
377 | ||
378 | <varlistentry> | |
379 | <term><varname>LoaderTimeExecUSec</varname></term> | |
380 | <term><varname>LoaderTimeInitUSec</varname></term> | |
381 | <term><varname>LoaderTimeMenuUsec</varname></term> | |
382 | ||
383 | <listitem><para>Information about the time spent in various parts of the boot loader. Set by the boot | |
384 | loader. Use <citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry> | |
39867bb9 LP |
385 | to view this data. </para></listitem> |
386 | </varlistentry> | |
387 | ||
388 | <varlistentry> | |
389 | <term><varname>LoaderRandomSeed</varname></term> | |
390 | ||
391 | <listitem><para>A binary random seed <command>systemd-boot</command> may optionally pass to the | |
392 | OS. This is a volatile EFI variable that is hashed at boot from the combination of a random seed | |
393 | stored in the ESP (in <filename>/loader/random-seed</filename>) and a "system token" persistently | |
394 | stored in the EFI variable <varname>LoaderSystemToken</varname> (see below). During early OS boot the | |
395 | system manager reads this variable and passes it to the OS kernel's random pool, crediting the full | |
396 | entropy it contains. This is an efficient way to ensure the system starts up with a fully initialized | |
397 | kernel random pool — as early as the initial RAM disk phase. <command>systemd-boot</command> reads | |
398 | the random seed from the ESP, combines it with the "system token", and both derives a new random seed | |
399 | to update in-place the seed stored in the ESP, and the random seed to pass to the OS from it via | |
400 | SHA256 hashing in counter mode. This ensures that different physical systems that boot the same | |
401 | "golden" OS image — i.e. containing the same random seed file in the ESP — will still pass a | |
402 | different random seed to the OS. It is made sure the random seed stored in the ESP is fully | |
403 | overwritten before the OS is booted, to ensure different random seed data is used between subsequent | |
93f59100 LP |
404 | boots.</para> |
405 | ||
406 | <para>See <ulink url="https://systemd.io/RANDOM_SEEDS">Random Seeds</ulink> for | |
407 | further information.</para></listitem> | |
39867bb9 LP |
408 | </varlistentry> |
409 | ||
410 | <varlistentry> | |
411 | <term><varname>LoaderSystemToken</varname></term> | |
412 | ||
413 | <listitem><para>A binary random data field, that is used for generating the random see to pass to the | |
414 | OS (see above). Note that this random data is generally only generated once, during OS installation, | |
415 | and is then never updated again.</para></listitem> | |
8eebff9e LP |
416 | </varlistentry> |
417 | </variablelist> | |
39867bb9 LP |
418 | |
419 | <para>Many of these variables are defined by the <ulink | |
420 | url="https://systemd.io/BOOT_LOADER_INTERFACE">Boot Loader Interface</ulink>.</para> | |
8eebff9e LP |
421 | </refsect1> |
422 | ||
2b6cc3ca LP |
423 | <refsect1> |
424 | <title>Boot Counting</title> | |
425 | ||
426 | <para><command>systemd-boot</command> implements a simple boot counting mechanism on top of the <ulink | |
427 | url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink>, for automatic and unattended | |
5238e957 | 428 | fallback to older kernel versions/boot loader entries when a specific entry continuously fails. Any boot loader |
2b6cc3ca LP |
429 | entry file and unified kernel image file that contains a <literal>+</literal> followed by one or two numbers (if |
430 | two they need to be separated by a <literal>-</literal>), before the <filename>.conf</filename> or | |
431 | <filename>.efi</filename> suffix is subject to boot counting: the first of the two numbers ('tries left') is | |
432 | decreased by one on every boot attempt, the second of the two numbers ('tries done') is increased by one (if 'tries | |
433 | done' is absent it is considered equivalent to 0). Depending on the current value of these two counters the boot | |
434 | entry is considered to be in one of three states:</para> | |
435 | ||
436 | <orderedlist> | |
437 | <listitem><para>If the 'tries left' counter of an entry is greater than zero the entry is considered to be in | |
438 | 'indeterminate' state. This means the entry has not completed booting successfully yet, but also hasn't been | |
439 | determined not to work.</para></listitem> | |
440 | ||
441 | <listitem><para>If the 'tries left' counter of an entry is zero it is considered to be in 'bad' state. This means | |
442 | no further attempts to boot this item will be made (that is, unless all other boot entries are also in 'bad' | |
443 | state), as all attempts to boot this entry have not completed successfully.</para></listitem> | |
444 | ||
445 | <listitem><para>If the 'tries left' and 'tries done' counters of an entry are absent it is considered to be in | |
446 | 'good' state. This means further boot counting for the entry is turned off, as it successfully booted at least | |
447 | once. The | |
448 | <citerefentry><refentrytitle>systemd-bless-boot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry> | |
449 | service moves the currently booted entry from 'indeterminate' into 'good' state when a boot attempt completed | |
450 | successfully.</para></listitem> | |
451 | </orderedlist> | |
452 | ||
453 | <para>Generally, when new entries are added to the boot loader, they first start out in 'indeterminate' state, | |
454 | i.e. with a 'tries left' counter greater than zero. The boot entry remains in this state until either it managed to | |
455 | complete a full boot successfully at least once (in which case it will be in 'good' state) — or the 'tries left' | |
456 | counter reaches zero (in which case it will be in 'bad' state).</para> | |
457 | ||
458 | <para>Example: let's say a boot loader entry file <filename>foo.conf</filename> is set up for 3 boot tries. The | |
459 | installer will hence create it under the name <filename>foo+3.conf</filename>. On first boot, the boot loader will | |
460 | rename it to <filename>foo+2-1.conf</filename>. If that boot does not complete successfully, the boot loader will | |
461 | rename it to <filename>foo+1-2.conf</filename> on the following boot. If that fails too, it will finally be renamed | |
462 | <filename>foo+0-3.conf</filename> by the boot loader on next boot, after which it will be considered 'bad'. If the | |
463 | boot succeeds however the entry file will be renamed to <filename>foo.conf</filename> by the OS, so that it is | |
464 | considered 'good' from then on.</para> | |
465 | ||
466 | <para>The boot menu takes the 'tries left' counter into account when sorting the menu entries: entries in 'bad' | |
467 | state are ordered at the end of the list, and entries in 'good' or 'indeterminate' at the beginning. The user can | |
468 | freely choose to boot any entry of the menu, including those already marked 'bad'. If the menu entry to boot is | |
469 | automatically determined, this means that 'good' or 'indeterminate' entries are generally preferred (as the top item of | |
470 | the menu is the one booted by default), and 'bad' entries will only be considered if there are no 'good' or | |
471 | 'indeterminate' entries left.</para> | |
472 | ||
473 | <para>The <citerefentry><refentrytitle>kernel-install</refentrytitle><manvolnum>8</manvolnum></citerefentry> kernel | |
474 | install framework optionally sets the initial 'tries left' counter to the value specified in | |
475 | <filename>/etc/kernel/tries</filename> when a boot loader entry is first created.</para> | |
476 | </refsect1> | |
477 | ||
f37d3835 ZJS |
478 | <refsect1> |
479 | <title>See Also</title> | |
480 | <para> | |
481 | <citerefentry><refentrytitle>bootctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
482 | <citerefentry><refentrytitle>loader.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
2b6cc3ca | 483 | <citerefentry><refentrytitle>systemd-bless-boot.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
39867bb9 | 484 | <citerefentry><refentrytitle>systemd-boot-system-token.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
2b6cc3ca | 485 | <citerefentry><refentrytitle>kernel-install</refentrytitle><manvolnum>8</manvolnum></citerefentry>, |
a0848495 | 486 | <ulink url="https://systemd.io/BOOT_LOADER_SPECIFICATION">Boot Loader Specification</ulink>, |
2fe82132 | 487 | <ulink url="https://systemd.io/BOOT_LOADER_INTERFACE">Boot Loader Interface</ulink> |
f37d3835 ZJS |
488 | </para> |
489 | </refsect1> | |
490 | </refentry> |