dracut/grubby fails to update grub.cfg

[Stefan Huchler]

Chris Murphy <lists at colorremedies.com> writes:

>
> That is correct, but it is a prerequisite for being able to even trust
> userspace if kernel space is already compromised then it's a problem.

I dont trust the Companies that their proprietary Bioses and UEFIs are
not itself a rootkit. So the only solution to fix this problem would be
to force coreboot to every pc.


> Please don't conjecture about things you don't actually know anything
> about while you castigate the efforts of a large number of people who
> know better, and you benefit from whether you recognize it or not.

Hmm I thought you could talk a bit directer in the free software
community. At least I dont talk about somebody should been aborted like
Linus does. Or something like that. And I most of the time critisised
the people who forced this hardware standard not the people who tried to
make it work under linux.

I think its not a false belive when I dont like it, for me it has no
gain, but some negative aspects, so I think I have the right to dislike
it.

>
> This is a technology problem, we no longer ask users to compile their
> own applications from scratch, they get packaged for their
> convenience. We don't show people the length boot scroll, this is
> hidden by default. So if you're suggesting things are too complicated,
> I agree, and we'll need to get better. But you appear to suggest the
> threat is not real, the solution is fake, and we need to just bury our
> head in the sand in exchange for ease of use at expense of
> security. And I think that's dangerous and a huge disservice to any
> user, old or new, that such threats don't exist. We simply need to do
> better mitigating them while limiting the complexity/involvement of
> the user in enhancing security.

I dont do that, I just give a feedback who this feels as a linux user.

>
> I wish this particular lie would die, yet here it is again. You're
> either a troll who knows he's lying, or you're just ignorant. Either
> way, you're not forgiven because the ignorance is due to just being
> lazy and depending on others to take up their valuable time to combat
> foolish lies.

I am ignorant because I dont know everything? I find that a bit ignorant
of you. Are here only people allowed to write that know everything?

> New versions of fdisk work with both MBR and GPT partition
> schemes. parted has supported both for some time. To me it seems
> simpler to understand one kind of partition with 128+ entries
> permitted, rather than primary vs extended vs logical vs the LVM
> rabbit hole as a means of partitioning things. And also at least with
> GPT there's a backup header and table, and I've had it come in handy.

gpt and uefi exist since a long time, I think the last time I had this
problems with GPT was a year ago or so, so somethimes it seems this
fdisk and co authores do implement such stuff to slow. I have to say
that it was maybe a ubuntu verison or something so they have very old
version of software included so maybe that was part of the problem.


> Well I'm not completely following either the complaint or the proposed
> solution other than you like the old way. But the old way was once the
> new way so this idea of old way is better than new is an old bad
> argument. It's understandable the new tools can be rough around the
> edges, will have bugs, and need to get better.

I have to make now a uefi partition even I dont care at all about uefi I
have to know that it should be so or so big, I have to remember that, I
have to remember which filesystem type it has etc.

Why cant I just have a command for creating minimal bootstuff, and it
creates the 2 partition. Then I can start the real partition. If they
really get better I will not have said anything.

It just became such a pain in the ass last years, you cant just put out
a harddisk or ssd anymore and put it in another pc/laptop and just boot
it have to look if you have the right combination of uefi or classic
mode, ahci, and secure boot and I shurly missed another thing, you then
have to watch if you have the right version of grub installed etc...

5 years ago there was only one setup for everything now you have 3-4
combinations and then you even have some buggy uefi implementations,
which I cant get booting when I dont install a fresh linux anymore. Did
cost several hours of my live working onto it.

> It's not as much more complicated as it is different. Yes you need an
> EFI System partition to hold the bootloader. I guess that's a bit more
> complicated, but arguably we always needed a partition for the
> bootloader. It doesn't really belong mixed in with the filesystem,
> especially in the context of multiboot.

That fdisk did not work with gpt did not help, I dont plan for several
hours learning process if I just want to fix a boot problem. So if I
would have been a gdisk or parted pro it would be maybe not that big of
a deal. but still it was just to much variables, the double partitioning
stuff really also sucked and scared me. having to partition schemes on
one disk really really scares me.


You say taht its impossible that Secure boot and co did happen as
additional point to make linux boot harder, its pretty proven now
"halloween documents" that acpi was a tool for microsoft to fight
against linux.

So it happend before why should I trust here some companies that made
this stuff? ACPI wasnt microsoft alone too so thats no argument.

I guess I am happy with my newly bought refurbished thinkpad (did not
buy it because of uefi stuff), and in 2-5 years when I maybe have the
first 5TB ssd and need GPT or something like that, I guess the rugh
edges are gone and I get it easily installed.

But till I dont need any of the few small features (for me) and I can
deactivate it I will not use it.

So again lets try to close the thread, the main topic was my boot
problem, its just funny that I have less problems with a general not for
productive systems suggested filesystem like btrfs than I have with this
gpt/uefi stuff, that is supposed to be production ready sinse several
years.

But ok dont talk about btrfs now more else this thread never ends :)