On 27/07/2022 22:19, Chris Murphy wrote:
* $BOOT is supposed to be readable by all distros that share $BOOT
It will. efifs will be installed to ESP partition.
* efifs drivers must be signed in order to be loaded on UEFI Secure
Boot enabled systems
True. But I think Fedora can sign drivers from the efifs package with
own keys.
* shim is distro specific, and is what provides the key for efifs as
well as the 2nd stage bootloader
I prefer no shim in my computers. I'm using systemd-boot signed by my
own CA.
My /boot is ext4 btw. Works great both on desktop and laptop.
--
Sincerely,
Vitaly Zaitsev (vitaly(a)easycoding.org)