From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp11.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms9.migadu.com with LMTPS id 2M15NTDAB2TiUQEASxT56A (envelope-from ) for ; Tue, 07 Mar 2023 23:52:32 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp11.migadu.com with LMTPS id yNZxNTDAB2RF7gAA9RJhRA (envelope-from ) for ; Tue, 07 Mar 2023 23:52:32 +0100 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 64762A714 for ; Tue, 7 Mar 2023 23:52:32 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1pZgAQ-0008Pq-Tp; Tue, 07 Mar 2023 17:52:23 -0500 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pZgAO-0008PY-6n for help-guix@gnu.org; Tue, 07 Mar 2023 17:52:20 -0500 Received: from cascadia.aikidev.net ([2600:3c01:e000:267:0:a171:de7:c]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1pZgAM-0008Cg-AV; Tue, 07 Mar 2023 17:52:19 -0500 Received: from localhost (unknown [IPv6:2600:3c01:e000:21:7:77:0:40]) (Authenticated sender: vagrant@cascadia.debian.net) by cascadia.aikidev.net (Postfix) with ESMTPSA id 5411C1AB6E; Tue, 7 Mar 2023 14:52:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=debian.org; s=1.vagrant.user; t=1678229529; bh=zfXJor7eFeD0SnZjKebkDMQ+eWxPZAsb4Qf3k/nh1fE=; h=From:To:Cc:Subject:In-Reply-To:References:Date:From; b=F2GYILDeK2t6zUvbiQP7t2L0jm7np8NcDRQBzsvI4Qvm4cRmb0QvTK8wJnNS73H/x T5dosG6RAzRABSBnnBm84dtJv8QT9q6OToQExMAqyVLu8oDGVWnLtaCbeKwtHSTT8b sJq+p1xDidNWR9Z2Ok7N7Epnccus9djsciuuVxkDRL7Jsn5VLG+jUIUZpAi5iw3zL3 g0JEr7nQFL7/srGwAxWJ8CIJm/D2vyhppY6COrI7meRQS+B/SG/i3UG9AhNE4loi6r lrBtUWM+ceptoXzDeGtVpx37rM8u40MBl2pgV+plyPOsXiZuNsl4Hq/u7BC39laoqQ Fw3mEeMgD92/w== From: Vagrant Cascadian To: Ludovic =?utf-8?Q?Court=C3=A8s?= , Emmanuel Beffara Cc: help-guix@gnu.org Subject: Re: Grub installation and configuration In-Reply-To: <87bkl4bkwd.fsf@gnu.org> References: <20230303184720.GG2153@beffara.org> <87bkl4bkwd.fsf@gnu.org> Date: Tue, 07 Mar 2023 14:52:00 -0800 Message-ID: <87356gw4xb.fsf@yucca> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Received-SPF: none client-ip=2600:3c01:e000:267:0:a171:de7:c; envelope-from=vagrant@debian.org; helo=cascadia.aikidev.net X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: help-guix@gnu.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-guix-bounces+larch=yhetil.org@gnu.org Sender: help-guix-bounces+larch=yhetil.org@gnu.org X-Migadu-Country: US X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1678229552; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=7uUajGwIR6+2MwFMygJsCxUFFyNHj3PJx8Y2aBGEkSo=; b=nybzFErEOlnGm860k3mjIHlUJk12CM4NxNs6/GCEhubT3pwnkhT7LTmknNuSYqbbxWIsES jG6fvWvw4ZWYB5ajwvALArzH8zKPps41/AGFoSOg+90QtSSEgROf2XiHneYdw9ynAyEpwJ 0OP/PcFmz+WvbAS0gG5y7k2pRHR0x+8mGFLI5gMot+fLzNNU8Y3TGavyQN2bdr+uzeCp6/ /UUuw3ptkw92Loe63A4QM+ZGEXPMSii2VrDeMQrOGV5N0jHFoTlx26p8xo/RTxK0P4TD0f RRZ4T7lZvMAXeE3/EBZkhl3oVCloUS39ICTphxpM3Wg99LMREudt82tZOigfrg== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=pass header.d=debian.org header.s=1.vagrant.user header.b=F2GYILDe; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none ARC-Seal: i=1; s=key1; d=yhetil.org; t=1678229552; a=rsa-sha256; cv=none; b=Wzlb4SKJ9MHUK1h4xwwjNGiCFpa63W6f0fyKkeAGGAxwVlBERi0HMVGBTn4Xm26T1vQ3Wl oK/VC9Ab+W1qlyugEV7WeaRmf1B0wtxwZHQR7HrfQJB0hcSvJyuxLyXFRtiupjwBLNcvKC nx6XNGPvbBpaOryDDpn8Ig65CkqIR8lJw0w73BVJzm6miw9566DAGQOqkt6L+OsfS/zZ+t 3Uw1amXgEN0uNZoeWFhNr5doMsfXfQhZWJSu6vSpBbWM5R05rIfjmnw6lRxykwanTqQmA3 VN6KVOkYTIQGKEEo5isqgp6zkadMdps2G3XGX6n1EuPRmaEw+dsoS3ibrURlQg== Authentication-Results: aspmx1.migadu.com; dkim=pass header.d=debian.org header.s=1.vagrant.user header.b=F2GYILDe; spf=pass (aspmx1.migadu.com: domain of "help-guix-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="help-guix-bounces+larch=yhetil.org@gnu.org"; dmarc=none X-Migadu-Spam-Score: -8.13 X-Spam-Score: -8.13 X-Migadu-Queue-Id: 64762A714 X-Migadu-Scanner: scn1.migadu.com X-TUID: Q9WmnB583veb --=-=-= Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 2023-03-07, Ludovic Court=C3=A8s wrote: > Emmanuel Beffara skribis: > >> - Install the keymaps in the EFI partition like the Grub modules, so tha= t the >> proper keymap is setup early in the boot process. > > [...] > >> - Set the terminal_output before any user input is required (and in part= icular >> the passphrase request), for proper interaction. > > [...] > >> - Offer the option to put kernels and initrds in the EFI partition (and = also >> any resource needed by Grub like the background picture, locales etc),= so >> that Grub can be fully functional without decrypting. Apart from solvi= ng the >> issue of having to enter the passphrase twice and with different keyma= ps, >> this would also allow having Guix System in an encrypted partition whi= le >> allowing to boot other systems without requiring its passphrase. >> >> I would love to propose patches for that but I am too much of a beginner= with >> Guix to be able to do that right now=E2=80=A6 > > All good points! > > Maybe what you can do, then, is report each issue to bug-guix@gnu.org > separately and provide guidance for the GRUB side of things: what should > the generated =E2=80=98grub.cfg=E2=80=99 look like after each of these po= ints is > addressed? > > In return, an experienced Guix person can provide guidance on the Guix > side of things so we converge towards an actual patch set. Kind of related, with EFI you could actually install additional system generations as entirely separate EFI boot entries (e.g. /boot/efi/efi/guix-N and /boot/efi/efi/guix-N+1) in case the most recent grub was broken for some reason. Space for EFI variables will eventually run out if you have too many of these, but would at least allow reverting to the last two or three or maybe more generations of grub and their corresponding configurations. This might be a violation of EFI specs, as I think you are supposed to use the vendor name as the directory name, but technically ought to work just fine. Someone, who is whistling innocently right now, recently had a few too many misadventures with EFI, but maybe some good can come of it. :) live well, vagrant --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQRlgHNhO/zFx+LkXUXcUY/If5cWqgUCZAfAEQAKCRDcUY/If5cW qvpUAP9fCvn92NSrVOdPZUHkyDyi+OMPIBlVr8ovoW3WkQmH2wEAr3NHZFS99Fjx NWrnDdmJM3wxJS+RPPAWCyZJnA/vJg8= =Dt6R -----END PGP SIGNATURE----- --=-=-=--