Ceci est une ancienne révision du document !
I have a PC with a hard disk of 1TB, a solid state drive of 250 GB, and a CD/DVD drive. I want to install Windows 10 and four Linux distros on it using UEFI and secure boot. Previously, I had a lot of problems when I made a multi-boot system with Linux distros, because the boot loader (grub2) and its directory (/boot/) must be shared. The problem is that each distro installs a different version of grub2. The result could be that the PC refuses to boot after a distro update due to inconsistencies between the updates that the distro made in the /boot directory and the boot loader installed on the hard disk. To prevent this I intend to use the two-step boot mechanism described in article “Howto: GRUB2 and multiboot Pt. 4” that was published FCM#88. The central boot loader gets a separate partition for its data and it will allow the user to select a distro from a menu. The central boot loader will then start the specific boot loader of the selected distro. The specific boot loader has its own partition for its data, and it will show a second menu to the user to select a particular kernel version and eventually extra boot options. The chainloader module of grub2 is used to start another boot loader. I also use LVM (Logical Volume Manager) as much as possible. In LVM, one can assign one or more physical partitions to a so-called volume group, and create logical partitions in the volume group. These logical partitions are called logical volumes in LVM speak. It is very easy to change the size of logical volumes when needed. Another advantage is that the name of a logical volume can not change, so you can safely address a logical volume lv in volume group hdvg as /dev/mapper/hdvg-lv or /dev/hdvg/lv.
J'ai un PC ace un disque dur de 1 To, un disque SSD de 250 Go et un lecteur CD/DVD. Je veux installer dessus Windows 10 et quatre distrib. Linux en utilisant UEFI et secure boot.
Auparavant, j'ai eu des tas e problèmes quand je fais un système multi-boot avec des distrib. Linux, parce que le chargeur de démarrage (Grub) et son répertoire devaient être partagés. Le problème est que chaque distrib. installe une version différente de Grb2. Il pouvait en résulter que le PC refuse de démarrer après la mise à jour d'une distrib. du fait des incohérences entre les mises à jour que la distrib. faisait dans répertoire /boot et le chargeur de démarrage installé sur le disque dur.
Pour empêcher cela, j'ai l'intention d'utiliser le mécanisme de démarrage en deux étapes décrit dans l'article « Tutoriel : Grub2 et le multi-boot - Partie 4 » publié dans le FCM n° 84. Les données du chargeur de démarrage central sont placées dans une partition séparée, permettant à l'utilisateur de choisir sa distrib. dans un menu. Ensuite, le chargeur de démarrage central démarre le chargeur de démarrage spécifique de la distrib. choisie. La chargeur de démarrage a sa propre partition pour ses données et il affichera un second menu pour que l'utilisateur choisisse une version particulière du noyau et éventuellement des options de démarrage supplémentaires. Le module de chaînage des chargeurs de Grub2 est utilisé pour démarrer un autre chargeur de démarrage.
J'utilise aussi LVM (Logical Volume Manager - Gestionnaire de volumes logiques) autant que possible. Dans LVM, on peut assigner une ou plusieurs partitions physiques à ce qu'on appelle un groupe de volumes et créer des partitions logiques dans le groupe de volumes. Ces partitions logiques sont appelées volumes logiques dans le vocabulaire LVM. C'est très facile de modifier la taille des volumes logiques quand on a besoin. Un autre avantage est que le nom du volume logique ne peut pas changer ; aussi, vous pouvez sans risque adresser un volume logique lv dans le groupe de volumes hdvg par /dev/mapper/hdvg-lv ou /dev/hdvg/lv.
I intend to create one volume group “hdvg” on the hard disk for the volatile data of the distros, and another one “ssdvg” on the solid state drive. I will install Windows 10 on the first half of the hard disk. The central boot loader needs a physical partition (the boot loader does not speak LVM), and I will place it on the solid state drive. Other partitions that are shared between all distros are: • a physical partition used as swap area, and • a logical volume for temporary files that are erased when Linux starts up (/tmp). Both partitions will be on the hard drive as they contain volatile data. I will create for each distro: • a physical partition on the solid state drive for the specific boot loader (/boot), • a logical volume on the solid state drive for the root file system of the distro (/), and finally • a logical volume for persistent data (/var) on the hard disk. One usually also provides a separate partition for the user data (/home), but I will not do that because I have a NAS from which I mount my home directories in the preferred distro (Kubuntu). The other distros are just for experimenting, so they never contain important data.
Je compte créer un groupe de volumes « hdvg « sur le disque dur pour les données volatiles des distrib. et un autre, «ssdvg », sur le SSD. J'installerai Windows 10 sur la première moitié du disque dur.
Le chargeur de démarrage contral a besoin d'une partition physique (il ne parle pas LVM) et je le placerai sur le SSD. Les autres partitions partagées entre les distrib. sont : • une partition physique utilisée pour le swap, • et un volume logique pour les fichiers temporaires qui sont éffacées quand Linux démarre (/tmp).
Ces deux partitions seront sur le disque dur car elles contiennent des données volatiles.
Pour chaque distrib., je créerai : • une partition physique sur le SSD pour le chargeur de démarrage spécifique (/boot), • un volume logique sur le SSD pour le système de fichiers racine de la distrib. (/), • et finalement, un volume logique pour les données permanentes (/ver) sur le disque dur.
Il est aussi d'usage de réserver une partition séparée pour les données personnelles (/home), mais je ne le ferai pas parce que j'ai un NAS à partir duquel je monte mes répertoires personnels dans ma distrib. favorite (Kubuntu). Les autres distrib. sont juste pour des essais ; elles ne comportent donc aucune donnée importante.
Step 1: prepare for the installation of Windows 10 Decouple first the solid state disk from the motherboard to make sure Windows 10 uses only the hard disk. Windows 10 is sold in the form of a USB stick, so plug the stick in one of the USB slots and boot the PC. Enter the BIOS to enable UEFI and secure boot. For my motherboard type, I must press the Del key a few times just after the PC boots. Step 2: prepare the BIOS The nasty thing is that the procedure depends on the motherboard type, so you probably have to experiment to find the exact settings for your motherboard. Mine is an ASUS A88X-Plus. For this type of motherboard, one must enter Advanced Mode and then select the Boot tab. To enable UEFI, go into “Compatibility Support Mode” and set: • “Launch CSM” to Enabled, • “Boot Device Control“ to “UEFI only”, • “Boot from storage devices” to “Both, UEFI first” and • “Boot from PCIe/PCI expansion devices” to “UEFI drive first”. To enable secure boot, set “Secure boot“ to “Windows UEFI mode”. Make the USB stick the first boot device. I had to select “UEFI: KDI-MSFTWindows10”. Always select the UEFI variant in case you have multiple options. Save the configuration and exit.
Étape 1 : Préparer l'installation de Windows 10
D'abord, débranchez le disque SSD de la carte mère pour être sûr que Windows 10 utilise uniquement le disque dur.
Windows 10 est vendu dans une clé USB ; aussi, branchez la clé dans un des connecteurs USB et démarrez le PC. Entrez dans le BIOS pour activer UEFI et le secure boot. Pour le type de ma carte-mère, je dois appuyer sur la touche Suppr quelques instants après le démarrage du PC.
Étape 2 : Préparer le BIOS
Le point désagréable, c'est que la procédure dépend du type de carte-mère ; aussi, vous devrez probablement faire quelques essais pour trouver les réglages corrects de votre carte-mère. La mienne est une ASUS A88X-Plus. Pour ce type de carte-mère, on doit entrer dans Advanced Mode (Mode Expert) et sélectionner la rubrique Boot (Démarrage).
Pour autoriser UEFI, allez dans « Compatibility Support Mode » (mode de support de la compatibilité) et réglez : • « Launch CSM » (Lancer CSM) sur Activé, • « Boot Device Control » (Contrôle du disque de démarrage) sur « UEFI only » (UEFI seulement), • « Boot from storage devices » (Démarrage à partir des disque de stockage) sur « Both, UEFI first » (les deux, UEFI le premier), • et « Boot from PCIe/PCI expansion devices» (Démarrage à partir des dispositifs d'extension PCIe/PCI) sur « UEFI drive first » (Le disque UEFI en premier).
Pour autoriser secure boot, réglez “Secure boot“ sur “Windows UEFI mode” (Mode Windows UEFI).
Passez la clé USB en premier dispositif de démarrage. J'ai dû sélectionner « UEFI: KDI-MSFTWindows10 ». En cas de choix multiples, sélectionnez toujours la variante UEFI. Sauvegardez la configuration et sortez.
Step 3: install Windows The PC reboots now and starts with the installation of Windows 10. The installation program proposes to divide the hard disk in four partitions. I reduced the size of the largest partition to 500 GByte so I have enough space for the future Linux partitions. During the installation, you have to answer a few questions, but finally your PC reboots into Windows 10. In a multiboot environment, you must disable fast reboot to avoid corruption of your Windows 8, 8.1 or 10 installation. Go to the “Control Panel”, select System, “Power options,” and then “Choose what the power options do”. Click on “Change settings that are currently unavailable,” and finally remove the tick in front of “Turn on fast startup (recommended)”. “Save changes” and reboot your PC. Now remove the USB stick with the Windows 10 software.
Étape 3 : Installer Windows
Le PC redémarre maintenant et démarre l'installation de Windows 10.
Le programme d'installation propose de diviser le disque dur en quatre partitions. J'ai réduit la taille de la plus grande partition à 500 Go de sorte que j'ai assez d'espace pour les futures partitions Linux.
Durant l'installation, j'ai dû répondre à quelques questions, mais finalement le PC redémarre sur Windows 10.
Dans un environnement multi-boot, vous pouvez désactiver le démarrage rapide (fast reboot) pour éviter une corruption de votre installation Windows 8, 8.1 ou 10.
Allez au « Panneau de contrôle », sélectionnez Système, « Options d'alimentation » et ensuite « Choisissez ce font les options d'alimentation ». Cliquez sur « Changer les réglages actuellement indisponibles » et, enfin, décochez « Fonctionner avec démarrage rapide (recommandé) ». « Sauver les modifications » et redémarrez votre PC.
Maintenant, retirez la clé USB avec le logiciel Windows 10.
Step 4: install Kubuntu Download the iso-image of Kubuntu 14.04 LTS 64-bit, burn it on a DVD, put it in the CD/DVD drive, and shutdown the system. Reconnect the solid state drive to the motherboard and boot the PC. Go into BIOS and select the DVD as boot device. I had to select “UEFI: P3 TSTST corp CDDVDW SH-224 DB”. Always select the UEFI variant in case you have multiple options. Save the configuration and exit. Select first “Start Kubuntu”, wait some time until you can select your language, and “Install Kubuntu”. In step “Disk Setup,” choose “Manual” as “Installation Type”. Bummer: the installer does not allow to create LVM volume groups and logical volumes, but it can work with logical volumes if they are created in advance. So you now have the choice: • forget about LVM and create only physical partitions, or • jump to the Kubuntu live and create the physical partitions and logical volumes there. I will explore the latter option.
Step 5 : Create partitions and logical volumes in Kubuntu live Quit the installation, and Kubuntu live is started automatically. Open now a terminal: you find one under Applications→System as “Terminal Konsole”. Install gparted with following command: sudo apt-get install gparted Start gparted: sudo gparted Select the appropriate disk: you should be able to figure out from the sizes which one is the hard disk and which one is the solid state drive. Make sure to remember the identification (for example: /dev/sda7) of each partition you have created. The hard disk already has a partition table. Select the unallocated area and select Partition→New to add a new partition: give it a size of 1GB and select linux-swap as file system. This partition will be used as swap space. Repeat the process to add another partition, with file system lvm2pv, that spans the complete unallocated area. Press the Apply button. Note: there is no need to format the partitions: let the installer do that.
The SSD drive does not have a partition table yet. Select the device and select Device→Create Partition Table. Under Advanced, change the type from msdos to gpt, and Apply. Create now 6 partitions: • one of 100 Mbyte with file system ext2 for the central boot loader, • four of 1 GByte also with file system ext2 for the specific boot loaders, and • a last one with file system lvm2pv that spans the complete unallocated area. Press the Apply button. Close gparted and return to the terminal. Add the physical partition with file system lvm2pv that we just created on the hard disk (in my case this was called /dev/sdb6) to LVM: sudo pvcreate /dev/sdb6 Create the volume group hdvg and assign the partition to it: sudo vgcreate hdvg /dev/sdb6 Create logical volume var1 of 30 Gbyte in volume group hdvg: sudo lvcreate -n var1 -L 30G hdvg In the same way, create logical volumes var2, var3 and var4 and a 10 Gbyte logical volume tmp. Create now the volume group ssdvg on the solid state drive, and create four logical volumes root1, root2, root3, root4 of 20 GByte each. Go back to the installer by pressing “Install Kubuntu” on the desktop.
Step 6 : Restart the Kubuntu installation Choose again, “Manual” as “Installation Type” in step “Disk Setup”. Use the central boot partition for /boot/central, and the first specific boot partition for /boot. In both cases, select ext2 as the file system. Use /dev/ssdvg/root1 as /, /dev/hdvg/var1 as /var, and /dev/hdvg/tmp as /tmp, all with a ext4 file system. Finally use the swap partition as swap space. Let the installer format all partitions. Continue with the installation. Install the boot loader on the solid state drive and finally your PC will reboot. If you boot directly into Windows, enter the BIOS and make sure that Ubuntu is the first boot device. I had to select “Ubuntu (P4 : WDC WD10EAVS-00D7B1)”. You should now be able to start up Windows and Kubuntu via the grub menu.
Step 7 : Configure Linux to use the SSD Note: in this step you will make some changes to configuration files. Be very careful doing so: always make a backup file of the original version (sudo cp config-file config-file.bak), and add a comment with your name and date, and the reason why you made the change to the modified file. In this way you can easily revert changes or find all files that you modified. Use the live DVD to repair in case things go terribly wrong. You must reduce as much as possible the number of writes to your solid state drive to increase its lifetime. The file system, by default, writes the access time of each file or directory that you read. This information is almost never used, so it is safe to disable this feature. You should at least do this for the solid state drive, but it does no harm if you do this too for your hard disk as it will make your disk access faster. Edit /etc/fstab as root, and add “noatime” in the options field (don't forget the comma) of the partitions or logical volumes that are on any of the disks.
Example: UUID=8482863b-d04e-40d2-be10-f5f3df88b8cd / ext4 errors=remount-ro 0 1 UUID=f65f89ac-b2b0-4345-949a-6965e3513db3 /boot ext2 defaults 0 2 becomes: UUID=8482863b-d04e-40d2-be10-f5f3df88b8cd / ext4 errors=remount-ro,noatime 0 1 UUID=f65f89ac-b2b0-4345-949a-6965e3513db3 /boot ext2 defaults,noatime 0 2 Verify that you entered the correct syntax by executing: sudo mount -a.
A second modification is to run the trim command at boot up time and not via a cron job. Edit /etc/rc.local as root, and add “fstrim -v <partition>” for each partition that is written on the solid state drive that is written often by this distro. I have added: fstrim -v / Edit /etc/cron-weekly/fstrim as root, and put a hash '#” in front of “fstrim-all”. Example: #exec fstrim-all In case your cache partition is on the solid state drive, you should also reduce the number of times Linux uses the cache by editing /etc/sysctl.conf as root and adding following lines: vm.swappiness=1 vm.vfs_cache_pressure=50 Some applications like Firefox and Java write a lot to the home directory. Also this causes unnecessary wear of the solid state drive. For example, google “firefox and ssd” to find instructions to make applications solid-state-drive friendly.
Step 8 : Configure the 2-step boot menu I found my inspiration in article “Howto: GRUB2 and multiboot Pt. 4” that was published in FullCircle 88. Our central boot partition, /boot/central, is the equivalent of /mnt/GRUBpart/boot in the article. Take into account that UEFI requires a lot of changes to the procedure. First, add chain loader entries to /etc/grub.d/40_custom. Chain loader entries for use without UEFI are very simple. Such an entry looks as follows: if hd0,msdos1 is the grub name of the partition where you want to jump to (the partition that is mounted on /boot or on / if you have no separate boot partition): menuentry 'Ubuntu' { set root='hd0,msdos1' chainloader +1 } Hint: inspect /boot/grub/grub.cfg to find out how partitions are named by grub. Use the grub shell in case you are in doubt about the correct names: reboot your PC, go into the BIOS, disable secure boot, save and exit, and press escape when you see the grub menu. You can now enter commands like dir (hd0,msdos1)/ to see the contents of a given partition: this will help you to verify if an assumed grub name is correct. Use the command reboot to reboot the PC.
A chain loader entry for UEFI is much more complicated. It looks as shown above, if hd0,gpt5 is the grub name of the partition where you want to jump to (the partition that is mounted on /boot or on / if you have no separate boot partition), and if hd2,gpt is the grub name for the EFI partition. Note: check and correct the paths to the different files when you use another distro and/or partition scheme! It is probably better to work with the uuid as the hard disk numbers (hdx) in grub can change if you, for example, start up with an USB stick plugged in. Use sudo blkid /dev/sda5 to find the uuid of partition /dev/sda5. The chain loader entry looks now as shown (page after next) at the bottom (don't forget to enter the correct values for the hints too). Add a chainloader entry (previous page, top right) to jump to Kubuntu itself and copy the entries for “Windows 10” and “System Setup” from /boot/grub/grub.cfg to /etc/grub.d/40_custom.
Execute: sudo update-grub reboot, and verify that the new entries work. Correct if necessary. Prepare the central boot directory: sudo mkdir /boot/central/efi sudo mount -o bind /boot/efi /boot/central/efi sudo cp /boot/efi/EFI/ubuntu/grub.cfg /boot/efi/EFI/ubuntu/grub.cfg.bak sudo grub-install /dev/sda –boot-directory=/boot/central Make a backup of grub.cfg, generate the grub.cfg first for the central boot loader, and afterwards again for Kubuntu.
sudo cp /boot/grub/grub.cfg /boot/grub/grub.cfg.bak cd /etc/grub.d sudo chmod -x *linux* *mem* *prober* *uefi* sudo update-grub sudo cp /boot/grub/grub.cfg /boot/central/grub/ sudo cp /boot/grub/unicode.pf2 /boot/central/grub/ sudo chmod +x *linux* *mem* sudo chmod -x *custom* sudo update-grub Prepare the central boot loader and create 2 new boot entries, called central_grub and central_shim. The -d option indicates the disk that contains the efi partition, and -p is the number of the efi partition. The efi partition in my case is /dev/sdb2 so we get:
sudo cp -R /boot/efi/EFI/ubuntu /boot/efi/EFI/central sudo mv /boot/efi/EFI/ubuntu/grub.cfg.bak /boot/efi/EFI/ubuntu/grub.cfg sudo rm /boot/efi/EFI/central/grub.cfg.bak sudo efibootmgr -c -l \\EFI\\central\\grubx64.efi -L central_grub -d /dev/sdb -p 2 sudo efibootmgr -c -l \\EFI\\central\\shimx64.efi -L central_shim -d /dev/sdb -p 2 Verify the contents of /boot/efi/EFI/central/grub.cfg and /boot/efi/EFI/ubuntu/grub.cfg. These files have following content: search.fs_uuid 5b686b70-7fdf-495c-afa8-33847392b06f root hd0,gpt1 set prefix=($root)'/grub' configfile $prefix/grub.cfg Make sure that uuid and root refer to, respectively, the central boot partition and the kubuntu specific boot partition. Correct if necessary.
Step 9: Install the other distros The next distro I installed was Debian but I was obliged to disable secure boot in the BIOS first. Installation is similar to the installation of the first distro, except that you don't have to worry anymore about creating partitions. Make sure that /boot/central, /tmp, and the swap partition, are not formatted again. The installers of some distros always format the swap partition. This partition will then get a new uuid. In that case you need to correct the uuid of the swap partition in the /etc/fstab file of the other distros. Add now a chain loader entry in /boot/central/grub/grub.cfg for the new installed distro. Make sure you use the correct paths: for Debian you must replace ubuntu/grubx64.efi by debian/grubx64.efi. Reboot, go in the BIOS, enable secure boot, and make central_shim the default boot loader. The end You should now be able to easily switch between Kubuntu, Debian and Windows 10. Enjoy! A last remark: you can not combine grub splash images with Secure Boot because the image files are considered to be insecure by the BIOS as they are not signed.