On Sun, Dec 6, 2015 at 8:05 AM, drago01 <drago01(a)gmail.com> wrote:
On Wed, Dec 2, 2015 at 4:30 AM, Andrew Lutomirski
<luto(a)mit.edu> wrote:
> Since the old proposal to have the bootloader automatically enumerate
> boot options never went anywhere, can we do the next best thing?
>
> Specifically, these days grub2-mkconfig appears to produce output
> that's functionally identical to what grubby generates. Can we switch
> new-kernel-pkg to just regenerate the grub2 config using
> grub2-mkconfig instead of using grubby?
>
> Debian has worked like this forever, and IMO it's superior in pretty
> much all respects. There are already nice config hooks for making
> custom changes, and they're a lot more reliable than trusting grubby
> to do what you expect it to do.
Well mkconfig can produce a configuration that does not actually work
when grub2 itself gets updated (in which case the bootloader does not
get rewritten).
Hypothetically on BIOS systems, a GRUB core.img [1] could become stale
over time, and an upgraded grub-mkconfig could introduce an
incompatible format change, but that's really unlikely and wouldn't be
intentional.
This isn't possible on UEFI. Any update of grub2-efi means the
core.img is replaced with a generically built one (that's also signed
by a Fedora key for the purposes of supporting UEFI Secure Boot).
Until this is fixed grub2-mkconfig is dangerous and should not be
used.
That's such an overstatement as to be wrong. Pretty much all other
distributions have been doing this for a long time to no ill effect.
On a BIOS computer, a Fedora upgrade (fedup or
dnf-plugin-system-upgrade) will lack generation of a new core.img,
where a new installation will have a new core.img (and new grub.cfg).
So there's a risk of problems due to core.img becoming increasingly
stale with successful upgrades rather than reinstalls. But since
grubby is responsible for modifying rather than replacing grub.cfg
with grub-mkconfig, it's probably less of a concern than the lack of
bug and security fixes going into the core.img.
[1] The code embedded into the MBR gap, or BIOSBoot partition; a.k.a.
GRUB legacy terminology was stage 2 bootloader. It's created and
embedded by the grub2-install command; which is unnecessary (and
arguably deprecated) on UEFI systems.
--
Chris Murphy