site  contact  subhomenews

Random thoughts: uefi, Arch

March 25, 2013 — BarryK
Just a few random thoughts...

With "Secure boot" is Microsoft's attempt to slow down adoption of Linux on PCs. At least, that's my take on it, Microsoft would argue differently.

Regarding getting Puppy to boot on PCs with UEFI Secure boot enabled, I am inclined not to bother.

The reason is, I don't want to be goaded into doing something that seems to be a troublesome workaround. I would rather not support it, and let people become more aware of what Microsoft has done, and become angry with Microsoft.

At least in the European Union, Secure boot is disabled, but here in Australia everyone grovels in front of MS. The USA too I suppose.

The thing is, PC hardware is becoming cheap. You can buy a Linux box and attach a screen, keyboard, mouse. What I mean is, people are going to be more open to purchasing a Linux hardware box, even though they might already have a PC running Windows 8.

Arch Linux
I have fixed Woof to build from Arch packages, however I personally won't take it any further.

I don't want to build an Arch pup for users, either for x86 or arm, for a couple of reasons.

Firstly, size. My x86 Arch pup build is enormous. This is because Arch developers have given no concern for size in some packages, choosing to link some libraries statically where they need not have been.

Secondly, I am not sold on the rolling release model. For us Linux geeks it is OK, but I don't think it is good for the "great unwashed" (see Sages comment in the previous blog post).

Oh yes, I should note, I read somewhere that the excessive static linking is to achieve better stability in the rolling release model, I guess for when someone upgrades. Which is a major minus point.

In normal distros, after a "freeze" of packages, there is still a huge amount of debugging required to get the distro to release quality. The rolling release model throws away this stable and debugged model and introduces too many unknowns. I know that many Arch users would argue otherwise!

So, I have got Arch build working in Puppy, that's it. If anyone else wants to build an Arch pup with Woof for public use, they are welcome.
Probably too, they could identify some packages to recompile to be much smaller -- but then of course that doesn't fit in with the rolling release model.


in Australia everyone grovels in front of MS
Username: Sage
Time for a quiet word with young Julia. This feisty lady doesn't grovel in front of anyone. Grovel isn't in her heritage's vocabulary. Terryphi will now translate...

Username: BarryK
"Don't get me started about her. Words like conniving, sneaky, cynical, come to mind, for starters.

ms, security
Username: darkcity
"Microsoft has a valid points wanting to prevent malicious drivers or boot loaders. However, having themselves as the sole provider of trusted keys is unacceptable - especially considering the track record on monopolies and security. If they were serious it should have been an independent body. On the topic of security, malware took out some Linux machines in South Korea,

SecureBoot and UEFI
Username: jamesbond
"Well, if that's the intention of SecureBoot, I can say that MS has already failed. Mainstream distros (Ubuntu, Fedora) have already come out with SecureBoot support as early as late last year, and we can expect that this support will get better with time. It's an annoyance I agree, but it's not nothing that we can't live without. In fact, some distros (e.g. Fedora) are turning the game on its head - they are making SecureBoot to make their distros secure. But that's for SecureBoot, which is different from UEFI. UEFI is the new "BIOS", and in fact I have seen advertisements naming it as "UEFI BIOS", or "Advanced BIOS with UEFI support", etc, you get the point. For the great unwashed masses - there is no difference between BIOS (which in fact is a form of firmware) and UEFI (which is in fact is a kind of BIOS). Before Win8, EFI (without the "U") has been used in Macs for years. You may want to reconsider your stand for UEFI. BIOS is going away and UEFI is the replacement, there is no getting around it. We all hope that CoreBoot (formerly LinuxBIOS) would take hold - but as of now it is only used in ChromeBooks (which is rather infamous because of how difficult it is to get Linux to boot on it --- not CoreBoot faults, I must say, it's more because of Google's policy on ChromeBooks). UEFI supports stuff that BIOS doesn't support: booting from GPT partition, booting from disk larger than 2.2TB, and among others. Sure the legacy BIOS can be fixed to handle these too - but the problem is, no-one is doing that as there is no commercial interest; mainstream systems will come with UEFI rather than "BIOS that support 3TB disk". So it looks like for now UEFI is here to stay. Unless you want to completely leave the x86 market, then sooner or later Puppy must be able to boot from UEFI machines, as all the "Linux box" I've seen are all ARM devices (I'm glad to be corrected if I'm wrong) --- which have their own set of problems. Booting from UEFI is not that difficult really, you just need another boot loader - Puppy already use isolinux for the Live CD, grub/grub4dos for frugal install. All you need is a FAT image that contains the right boot loaders (for Fatdog64 we use rEFInd and grub2-efi), and tell mkisofs to use it as an alternative boot-loader.

conniving, sneaky, cynical?
Username: Sage
"Come, come - are you describing the qualities required of a successful politician? She may not even be aware of it herself, but, unlike the rather more overt Irish and Scots, after centuries of subjugation, exploitation, and denigration the Welsh have learned to, errr, work around the antics of the (English) Establishment and their Nasty Party exploits. "..UEFI is here to stay." : Oh no it isn't. You've been given a promise that our friends in China who make the kit will always supply you with an OEM UEFI-free board to build/upgrade your own - it ain't rocket science. It's high time schools taught our children how to strip and rebuild a PC in their ICT lessons and [b]NOT[/b] how to use WORD, IE and all that cr*p. And it's well past time their parents learned the same.

re Julia!!!
Username: 01micko
""This feisty lady doesn't grovel in front of anyone. ".. except for the Greens and Independents to seize power!!! 'nuff said.

Username: BarryK
"Yes, just to clarify, it is not UEFI itself that I have a problem with, its the Secure-boot thing. I think that I read somewhere, the European Union government ordered that all computers sold in the EU must have Secure-boot disabled. So, at least in some places they have stood-up to MS.

bash 3.0
Username: 01micko
"Since the old spup days I've been using your bash-4.1 for quirky. Zero problems reported. (That's in 2 and a half years, old spup-100). Any chance of an update for default woof?

Upup Raring test build
Username: pemasu
"I have woofed first test build of Upup Raring for masses. It has 3.8.4 non-PAE kernel. Feedback and bug hunting will be appreciated.

UEFI Thoughts
Username: JustGreg
"I understand your frustration and concern over UEFI/Secure boot, Barry. I went through the same when I got a Window$ 8 machine and thought I was stuck with Window$ 8. Thanks to Kirk, Jamesbond and the maker of Shim, a solution is available. UEFI is just another boot process. In many ways, the perceived security is an illusion. UEFI keeps the general user from getting into trouble. In the long run, it will be manipulated for profit or just to cause problems. UEFI (shell) has many tools. In fact, it has the typical features of most command shells. The real issue for the community is keeping up with the technology changes. At this time, the Linux community has done an excellent job. The arrival of UEFI is similar to that of USB flash drives. At first, the booting of a USB flash drive was difficult. Once, it was found that one could treat them like a magnetic hard drive and write a hard drive MBR (first 444 bytes) then making a bootable USB device became easy. To me, the community needs to look at the 64 bit multiple core processing and UEFI boot process. Technology is moving quickly from the older 34 bit architecture. If you think I am wrong then please tell me. Being married and with children (grown), I am used to being told I do not known what I am talking about ;)

Upup Raring
Username: aarf
"boots straight to modesetting desktop needs a jwm update as "no click in the box" for java with the current jwm put my pupsave in the wrong> sdb3 partition and didnt find it on boot. i have psubdir= in the kernel line. otherwise pretty smooth. not alpha but rc.

sfs unload destroyer.
Username: aarf
"one other thing too. pemasus last couple of puppies have the destroyer sfs unload on the fly version. unload wont succeed and anything done after clicking unload will be erased on reboot. hard shutdown is also needed. like ppm, need to get jemimah's ones they work. wifi seems to be going down often but eventually reconnection.

Username: BarryK
"aarf, That would be the 'sfs_load' PET? (shinobar's baby) I have removed it from the Raring package list. That will be in the next Woof commit.

fly unload sfs
Username: aarf
"yes it is using unload in this: [img][/img] which causes the problems. the loading part works fine and is very good to have. perhaps alter the unloading to link to the boot manager interface which is buried deep in the menu for now at least.

-sfs_load patch
Username: 01micko
"seems to be a problem with busybox mount [code]--- /initrd/pup_ro2/usr/sbin/sfs_load 2013-02-27 11:53:46.000000000 +1000 +++ /usr/sbin/sfs_load 2013-03-27 18:30:57.309979853 +1000 @@ -1549,7 +1549,7 @@ # remount aufs if [ "$AUFS" != "" ];then debug "busybox mount -t aufs -o remount,del:$MNTPNT unionfs /" - busybox mount -t aufs -o remount,del:$MNTPNT unionfs / + mount -t aufs -o remount,del:$MNTPNT unionfs / #use full mount STATUS=$? else debug "mount -t unionfs -o remount,del=$MNTPNT unionfs /" [/code] You can easy apply it manually aarf, just edit /usr/sbin/sfs_load and change [i]busybox mount[/i] to [i]mount[/i], see if it works for you.

Username: aarf
"hi 01micko #commented out - line, added the one line with a + then unloaded java sfs ok next failed to unload shinobars all lang sfs but it said stuff was in use and to try bootmanager ok then still going, tried to unload my personal sfs with lots of stuff in eg lupu right click, lupify slacko, and other stuff.but it just kept at the waiting box and didnt go any further after about 5 minutes tried a shutdown and failed, had to long press the power off button. previously had problems just unloading java for example.

sfs load
Username: aarf
"note there are two [img][/img] i only edited the one above [img][/img] on reboot it was back to original and the copy i made in the same folder had disappeared edited looked like this [img][/img]

Username: aarf
" "i only edited the one above" should read "i only edited the one below"

sfs load repeat
Username: aarf
"repeated with same code edit. this time not closing opera before trying to unload jre> fail with waiting dialog not closing. note that all my sfs are still loaded even though i havent reloaded any of them, and jre has been reported as unloaded once. the hard shutdown seems to be causing a retrace. ext3 partition.

M$ = Their own worst enemy
Username: Dewbie
"[b]BarryK wrote:[/b] [i]"Secure boot" is Microsoft's attempt to slow down adoption of Linux on PCs.[/i] On the other hand, Windows Vista and 8 are M$' attempts to [i]speed up[/i] adoption of Linux on PCs. ;)

Tags: puppy