systemd-boot
Related articles
systemd-boot, previously called gummiboot, is a simple UEFI boot manager which executes configured EFI images. The default entry is selected by a configured pattern (glob) or an on-screen menu. It is included with systemd, which is installed on Arch system by default.
It is simple to configure but it can only start EFI executables such as the Linux kernel EFISTUB, UEFI Shell, GRUB, the Windows Boot Manager.
Contents
Installation
EFI boot
- Make sure you are booted in UEFI mode.
- Verify your EFI variables are accessible.
- Mount your EFI System Partition (ESP) properly.
esp
is used to denote the mountpoint in this article. - If the ESP is not mounted at
/boot
, then copy your kernel and initramfs onto that ESP. - Type the following command to install systemd-boot:
# bootctl --path=esp install
It will copy the systemd-boot binary to your EFI System Partition (esp/EFI/systemd/systemd-bootx64.efi
andesp/EFI/Boot/BOOTX64.EFI
– both of which are identical – on x86-64 systems) and add systemd-boot itself as the default EFI application (default boot entry) loaded by the EFI Boot Manager. - Finally you must configure the boot loader to function properly.
BIOS boot
You can successfully install systemd-boot if booted with in BIOS mode. However, this process requires you to tell firmware to launch systemd-boot's EFI file at boot, usually via two ways:
- you have a working EFI Shell somewhere else.
- your firmware interface provides a way of properly setting the EFI file that needs to be loaded at boot time.
If you can do it, the installation is easier: go into your EFI Shell or your firmware configuration interface and change your machine's default EFI file to esp/EFI/systemd/systemd-bootx64.efi
( or systemd-bootia32.efi
depending if your system firmware is 32 bit).
Updating
Unlike the previous separate gummiboot package, which updated automatically on a new package release with a post_install
script, updates of new systemd-boot versions must now be done manually by the user. However the procedure can be automated using pacman hooks.
Manually
systemd-boot (bootctl(1), systemd-efi-boot-generator(8)) assumes that your EFI System Partition is mounted on /boot
.
# bootctl update
If the ESP is not mounted on /boot
, the --path=
option can pass it. For example:
# bootctl --path=esp update
Automatically
The AUR package systemd-boot-pacman-hookAUR provides a Pacman hook to automate the update process. Installing the package will add a hook which will be executed every time the systemd package is upgraded.
Alternatively, place the following pacman hook in the /etc/pacman.d/hooks/
directory:
/etc/pacman.d/hooks/systemd-boot.hook
[Trigger] Type = Package Operation = Upgrade Target = systemd [Action] Description = Updating systemd-boot... When = PostTransaction Exec = /usr/bin/bootctl update
Configuration
Basic configuration
The basic configuration is stored in esp/loader/loader.conf
file and it is composed by three options:
-
default
– default entry to select (without the.conf
suffix); can be a wildcard likearch-*
.
-
timeout
– menu timeout in seconds. If this is not set, the menu will only be shown on key press during boot.
-
editor
– whether to enable the kernel parameters editor or not.1
(default) is enabled,0
is disabled; since the user can addinit=/bin/bash
to bypass root password and gain root access, it is strongly recommended to set this option to0
.
Example:
esp/loader/loader.conf
default arch timeout 4 editor 0
Adding boot entries
bootctl searches for boot menu items in esp/loader/entries/*.conf
– each file found must contain exactly one boot entry. The possible options are:
-
title
– operating system name. Required.
-
version
– kernel version, shown only when multiple entries with same title exist. Optional.
-
machine-id
– machine identifier from/etc/machine-id
, shown only when multiple entries with same title and version exist. Optional.
-
efi
– EFI program to start, relative to your ESP (esp
); e.g./vmlinuz-linux
. Either this orlinux
(see below) is required.
-
options
– command line options to pass to the EFI program or kernel boot parameters. Optional, but you will need at leastinitrd=efipath
androot=dev
if booting Linux.
For Linux, you can specify linux path-to-vmlinuz
and initrd path-to-initramfs
; this will be automatically translated to efi path
and options initrd=path
– this syntax is only supported for convenience and has no differences in function.
Standard root installations
Here is an example entry for a root partition without LVM or LUKS:
esp/loader/entries/arch.conf
title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw
Please note in the example above that PARTUUID
/PARTLABEL
identifies a GPT partition, and differs from UUID
/LABEL
, which identifies a filesystem. Using the PARTUUID
/PARTLABEL
is advantageous because it is invariant (i.e. unchanging) if you reformat the partition with another filesystem, or if the /dev/sd*
mapping changed for some reason. It is also useful if you do not have a filesystem on the partition (or use LUKS, which does not support LABEL
s).
LVM root installations
Here is an example for a root partition using Logical Volume Management:
esp/loader/entries/arch-lvm.conf
title Arch Linux (LVM) linux /vmlinuz-linux initrd /initramfs-linux.img options root=/dev/mapper/<VolumeGroup-LogicalVolume> rw
Replace <VolumeGroup-LogicalVolume>
with the actual VG and LV names (e.g. root=/dev/mapper/volgroup00-lvolroot
). Alternatively, it is also possible to use a UUID instead:
.... options root=UUID=<UUID identifier> rw
Note that root=UUID=
is used instead of root=PARTUUID=
, which is used for Root partitions without LVM or LUKS.
Encrypted Root Installations
Here is an example configuration file for an encrypted root partition (DM-Crypt / LUKS) using the encrypt
mkinitcpio hook:
esp/loader/entries/arch-encrypted.conf
title Arch Linux Encrypted linux /vmlinuz-linux initrd /initramfs-linux.img options cryptdevice=UUID=<UUID>:<mapped-name> root=/dev/mapper/<mapped-name> quiet rw
UUID is used in this example; PARTUUID
should be able to replace the UUID, if so desired. You may also replace the /dev
path with a regular UUID. mapped-name
is whatever you want it to be called. See Dm-crypt/System configuration#Boot loader.
If you are using LVM, your cryptdevice line will look like this:
esp/loader/entries/arch-encrypted-lvm.conf
title Arch Linux Encrypted LVM linux /vmlinuz-linux initrd /initramfs-linux.img options cryptdevice=UUID=<UUID>:MyVolGroup root=/dev/mapper/MyVolGroup-MyVolRoot quiet rw
You can also add other EFI programs such as \EFI\arch\grub.efi
.
btrfs subvolume root installations
If booting a btrfs subvolume as root, amend the options
line with rootflags=subvol=<root subvolume>
. In the example below, root has been mounted as a btrfs subvolume called 'ROOT' (e.g. mount -o subvol=ROOT /dev/sdxY /mnt
):
esp/loader/entries/arch-btrfs-subvol.conf
title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options root=PARTUUID=14420948-2cea-4de7-b042-40f67c618660 rw rootflags=subvol=ROOT
A failure to do so will otherwise result in the following error message: ERROR: Root device mounted successfully, but /sbin/init does not exist.
ZFS root installations
When booting from a ZFS dataset, add zfs=<root dataset>
to the options
line. Here the root dataset has been set to 'zroot/ROOT/default':
esp/loader/entries/arch-zfs.conf
title Arch Linux ZFS linux /vmlinuz-linux initrd /initramfs-linux.img options zfs=zroot/ROOT/default rw
When booting off of a ZFS dataset ensure that it has had the bootfs
property set with zpool set bootfs=<root dataset> <zpool>
.
EFI Shells or other EFI apps
In case you installed EFI shells and other EFI application into the ESP, you can use the following snippets:
esp/loader/entries/uefi-shell-v1-x86_64.conf
title UEFI Shell x86_64 v1 efi /EFI/shellx64_v1.efi
esp/loader/entries/uefi-shell-v2-x86_64.conf
title UEFI Shell x86_64 v2 efi /EFI/shellx64_v2.efi
Support hibernation
Kernel parameters editor with password protection
Alternatively you can install systemd-boot-passwordAUR which supports password
basic configuration option. Use sbpctl generate
to generate a value for this option.
Install systemd-boot-password with the following command:
# sbpctl install esp
With enabled editor you will be prompted for your password before you can edit kernel parameters.
The following keys are used inside the menu:
-
Up/Down
- select entry -
Enter
- boot the selected entry -
d
- select the default entry to boot (stored in a non-volatile EFI variable) -
-/T
- decrease the timeout (stored in a non-volatile EFI variable) -
+/t
- increase the timeout (stored in a non-volatile EFI variable) -
e
- edit the kernel command line. It has no effect if theeditor
config option is set to0
. -
v
- show the gummiboot and UEFI version -
Q
- quit -
P
- print the current configuration -
h/?
- help
These hotkeys will, when pressed inside the menu or during bootup, directly boot a specific entry:
-
l
- Linux -
w
- Windows -
a
- OS X -
s
- EFI Shell -
1-9
- number of entry
Troubleshooting
Manual entry using efibootmgr
If bootctl install
command failed, you can create a EFI boot entry manually using efibootmgr:
# efibootmgr -c -d /dev/sdX -p Y -l /EFI/systemd/systemd-bootx64.efi -L "Linux Boot Manager"
where /dev/sdXY
is the EFI System Partition.
Menu does not appear after Windows upgrade
See UEFI#Windows changes boot order.