[install-guide] Added Secureboot explanation to PXE EFI procedure
Jack Reed
jjr at fedoraproject.org
Thu Jan 10 06:02:39 UTC 2013
commit 5ab81ed1779ed2520747979ec38aa95f426ed63e
Author: Jack Reed <jreed at redhat.com>
Date: Thu Jan 10 16:02:23 2013 +1000
Added Secureboot explanation to PXE EFI procedure
en-US/pxe-server-config-efi.xml | 17 +++++++++++++++--
1 files changed, 15 insertions(+), 2 deletions(-)
---
diff --git a/en-US/pxe-server-config-efi.xml b/en-US/pxe-server-config-efi.xml
index 0c464c9..863b155 100644
--- a/en-US/pxe-server-config-efi.xml
+++ b/en-US/pxe-server-config-efi.xml
@@ -91,11 +91,24 @@
range6 3ffe:501:ffff:100:: temporary;
prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64;
- option dhcp6.bootfile-url "tftp://[3ffe:501:ffff:100::1]/bootia32.efi";
+ option dhcp6.bootfile-url "tftp://[3ffe:501:ffff:100::1]/grubx64.efi";
option dhcp6.name-servers 3ffe:501:ffff:100::1;
}
-</screen>
+</screen>
+
+ <para>
+ In a Secure Boot environment, the configuration file must specify that the <application>shim</application> utility be downloaded rather than the GRUB image. No other file can be downloaded via <command>tftp</command> in Secure Boot mode. <application>shim</application> is specified using the <filename>filename</filename> option in IPv4 configurations and the <filename>bootfile-url</filename> option in IPv6 configurations.
+ </para>
+
+ <para>
+ Once the <application>shim</application> utility is downloaded and validated, it will automatically download the GRUB image. This image must be named either <filename>grub.efi</filename> or <filename>grubx64.efi</filename> and be available at the same location as <application>shim</application> and be accessible by <command>tftp</command>.
+ </para>
+
+ <para>
+ The <application>shim-signed</application> package is available in the Fedora yum repository. For more information on Secure Boot, refer to the <citetitle>Fedora UEFI Secure Boot Guide</citetitle>.
+ </para>
+
</step>
<step>
More information about the docs-commits
mailing list