i downloaded 2 bootable linux iso files and burnt 2 bootable CD and try to boot a HP Pavillion desktop PC(with factory pre-installed win8.1)
i inserted CD1 and pressed F11 key at startup. Several icons appeared and one of which is "UEFI DVDRAM DEVICE" and i selected it and CD1 successfully boot linux.
When i inserted CD2 and pressed F11 key, the "UEFI DVDRAM DEVICE" icon did NOT appear. i tried all the remaining icons/options but none of them works(all boot into win81). However CD2 can successfully boot my old laptop
(but my SOLE AND ONLY objective is CD2 to boot the above mentioned HP Pavillion desktop PC, and i consider CD2 is a totally waste of time & resources).
what can i do to the second iso file so that the resulting burnt CD can be recognised by the HP Pavillion desktop PC as "UEFI DVDRAM DEVICE" in the same manner as CD1 ?
Is there any method to differtiate whether an iso file downloaded is UEFI compliant or not before it is burnt to a CD ?
i've heard of the isohybrid utility but never used it before.
Any suggestion would be appreciated. Thanks
UEFI compliant / non-compliant Puppy iso files
-
quirkian2new
- Posts: 152
- Joined: Tue 06 Oct 2015, 14:10
- Location: on the inter-planet train
In Puppy versions the iso is usually identified with UEFI in the name of the Puppy iso.
Example:
xenialpup-7.5-Uefi.iso
Puppies that are not UEFI can still be booted on that computer.
Go into the computers bios setup.
Disable secure boot and or enable legacy boot.
Depends on the UEFI bios what options it has.
Secure boot should be in any UEFI bios.
Basically this lets the computer boot something other than Windows!
UEFI Puppies just have added stuff to have the bios boot process work with secure boot enabled.
Do not get all hung up about disabling secure boot.
Example:
xenialpup-7.5-Uefi.iso
Puppies that are not UEFI can still be booted on that computer.
Go into the computers bios setup.
Disable secure boot and or enable legacy boot.
Depends on the UEFI bios what options it has.
Secure boot should be in any UEFI bios.
Basically this lets the computer boot something other than Windows!
UEFI Puppies just have added stuff to have the bios boot process work with secure boot enabled.
Do not get all hung up about disabling secure boot.
That would be Windows, because they pay for Windows to be on the computer.Secure boot is a security standard developed by members of the PC industry to help make sure that a device boots using only software that is trusted by the Original Equipment Manufacturer (OEM).
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
-
quirkian2new
- Posts: 152
- Joined: Tue 06 Oct 2015, 14:10
- Location: on the inter-planet train
Thanks, bigpup ,
i tried all means to disable secure boot.
when i pressed F2, there comes out a menu (system information/hardware test/language/Firmware Management)
i selected "Firmware Management" and two option appeared (Bios update and Bios Rollback).
So there seems no option for me to disable secure boot for this HP Pavillion.
most of the forum members here advised that secure boot be disabled before booting the uefi stick /CD, but ...... is this applicable to all brands of computers ?
Has anyone experienced a computer whose secure boot cannot be disable ? especially factory-partitioned with pre-installed win81 or later ?
i tried all means to disable secure boot.
when i pressed F2, there comes out a menu (system information/hardware test/language/Firmware Management)
i selected "Firmware Management" and two option appeared (Bios update and Bios Rollback).
So there seems no option for me to disable secure boot for this HP Pavillion.
most of the forum members here advised that secure boot be disabled before booting the uefi stick /CD, but ...... is this applicable to all brands of computers ?
Has anyone experienced a computer whose secure boot cannot be disable ? especially factory-partitioned with pre-installed win81 or later ?
-
mostly_lurking
- Posts: 328
- Joined: Wed 25 Jun 2014, 20:31
I wonder if it would be possible to make it work by combining the bootloader stuff from CD1 with the system files from CD2.
It does work with a traditional BIOS (in a virtual machine, at least) - as a test, I've taken a Xenialpup64 UEFI ISO, copied its contents into a folder, removed Xenial's vmlinuz, initrd.gz, and any .sfs files, and replaced them with the ones from Wary Puppy (the system I'm currently using). I didn't bother to re-write the boot menu, so it still said "Xenialpup", but since Wary uses the same boot parameters, it worked anyway. I then created a new ISO from that folder with the following command line (taken from Wary's remasterpup2 script):
EDIT:
the command above probably won't create a UEFI-enabled ISO; this one is from Xenialpup, but it doesn't work with Wary's mkisofs:
You could also try the "Isomaster" program that comes with many Puppies to edit the ISO, but I've had some problems in the past where it would sometimes create ISOs that refused booting with checksum errors, and I have no idea how well it handles the UEFI stuff.
I couldn't actually test this on a UEFI setup - neither my computer nor my Virtualbox version support it.
(It's also possible to get multiple systems on a single CD this way; I recommend putting each one into a separate directory, then editing the boot menu entries to include those file paths.)
It does work with a traditional BIOS (in a virtual machine, at least) - as a test, I've taken a Xenialpup64 UEFI ISO, copied its contents into a folder, removed Xenial's vmlinuz, initrd.gz, and any .sfs files, and replaced them with the ones from Wary Puppy (the system I'm currently using). I didn't bother to re-write the boot menu, so it still said "Xenialpup", but since Wary uses the same boot parameters, it worked anyway. I then created a new ISO from that folder with the following command line (taken from Wary's remasterpup2 script):
Code: Select all
mkisofs -D -R -o output.iso -b isolinux.bin -c boot.cat -no-emul-boot -boot-load-size 4 -boot-info-table /my/folderthe command above probably won't create a UEFI-enabled ISO; this one is from Xenialpup, but it doesn't work with Wary's mkisofs:
Code: Select all
mkisofs -iso-level 4 -D -R -o custom-puppy.iso -b isolinux.bin -no-emul-boot -boot-load-size 4 -boot-info-table -eltorito-alt-boot -eltorito-platform efi -b efi.img -no-emul-boot /my/folderI couldn't actually test this on a UEFI setup - neither my computer nor my Virtualbox version support it.
(It's also possible to get multiple systems on a single CD this way; I recommend putting each one into a separate directory, then editing the boot menu entries to include those file paths.)
You are not accessing the bios setup correctly.
This in general tells you how to do it in a HP Pavillion desktop PC.
https://support.hp.com/us-en/document/c03653226
It shows how on laptop's and desktop's.
The info on desktop PC is lower on the web page.
To access the bios setup:
Disabling Secure Boot on a desktop computer is down at bottom of web page.
This in general tells you how to do it in a HP Pavillion desktop PC.
https://support.hp.com/us-en/document/c03653226
It shows how on laptop's and desktop's.
The info on desktop PC is lower on the web page.
To access the bios setup:
The web page tells you step by step how to disable secure boot.Turn off the computer.
Turn on the computer and immediately press F10 repeatedly, about once every second, until the Computer Setup Utility opens.
Use the left and right arrow keys to select the Security menu, then use the up and down arrow keys to select Secure Boot Configuration, and then press Enter.
Disabling Secure Boot on a desktop computer is down at bottom of web page.
The things they do not tell you, are usually the clue to solving the problem.
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
When I was a kid I wanted to be older.... This is not what I expected
YaPI(any iso installer)
Hi quirkian2new,
You didn't tell us which Puppies you burned to a CD; which booted on the Pavilion and which didn't.
Puppies which have UEFI in their names include in the files they write to a CD/DVD one file named efi.img. Puppies don't need them to boot; but computers which use the UEFI mechanism require that file to be present if it is to boot other than (IIRC) in legacy mode.
If the cd which didn't boot is re-writable, you might try copying an efi.img to the boot folder, or the root of the cd. No guarantees.
You didn't tell us which Puppies you burned to a CD; which booted on the Pavilion and which didn't.
Puppies which have UEFI in their names include in the files they write to a CD/DVD one file named efi.img. Puppies don't need them to boot; but computers which use the UEFI mechanism require that file to be present if it is to boot other than (IIRC) in legacy mode.
If the cd which didn't boot is re-writable, you might try copying an efi.img to the boot folder, or the root of the cd. No guarantees.
-
quirkian2new
- Posts: 152
- Joined: Tue 06 Oct 2015, 14:10
- Location: on the inter-planet train
Thanks guys for your advice,
but I decide NOT to disable secure boot for this HP Pavilion at this moment.
I also decided to download super_grub2_disk_hybrid_2.02s9.iso (the third iso, I opened it and checked that it contains the file efi.img ) and burnt the 3rd CD and try to boot the HP Pavilion, and here is the result :
i inserted CD3 and pressed F11 key at startup. Several icons appeared and one of which is "UEFI DVDRAM DEVICE" and i presumed that CD3 was successfully recognised as a uefi compliant device. I selected it and hoped that CD3 can be successfully boot .
Oh no my god, an error message appeared saying something like that there was "no validated certificates found on this uefi compliant device" . It just stopped at this error screen.
Through this tedious learning process so that i understand uefi compliant devices may NOT necessary boot successfully without a validated digital certificate.
My impression (don't know true or not) is that there seems 2 things necessary for a successful boot(if secure boot not disable) : first is some code that makes the iso uefi compliant and the second is a digital certiciate that is "VALIDATED BY YOUR COMPUTER'S FIRMWARE"
In my opinion most winfugees won't waste the time to undergo this tedious learning process even if they want to try a linux livecd.
So i came to another question : Is there any preojects out there which will produce a "UNIVERSALLY uefi bootable skeleton iso image with UNIVERSALLY capable digital certs" so that each forum member can roll their own linux version by just adding vmlinuz, initrd, main.sfs etc to that folder and click a gui-mksiofs to produce such iso.
super_grub2_disk_hybrid (approx. 20 MB) may be a good starting point but it seems to lack proper digital cert. Also after i burnt the CD, i can't append any further data even though i didnot choose the "close CD after bunrt" during the burning process. I also tried using isomaster to edit that iso but resulted in a non-uefi-compliant iso.
but I decide NOT to disable secure boot for this HP Pavilion at this moment.
I also decided to download super_grub2_disk_hybrid_2.02s9.iso (the third iso, I opened it and checked that it contains the file efi.img ) and burnt the 3rd CD and try to boot the HP Pavilion, and here is the result :
i inserted CD3 and pressed F11 key at startup. Several icons appeared and one of which is "UEFI DVDRAM DEVICE" and i presumed that CD3 was successfully recognised as a uefi compliant device. I selected it and hoped that CD3 can be successfully boot .
Oh no my god, an error message appeared saying something like that there was "no validated certificates found on this uefi compliant device" . It just stopped at this error screen.
Through this tedious learning process so that i understand uefi compliant devices may NOT necessary boot successfully without a validated digital certificate.
My impression (don't know true or not) is that there seems 2 things necessary for a successful boot(if secure boot not disable) : first is some code that makes the iso uefi compliant and the second is a digital certiciate that is "VALIDATED BY YOUR COMPUTER'S FIRMWARE"
In my opinion most winfugees won't waste the time to undergo this tedious learning process even if they want to try a linux livecd.
So i came to another question : Is there any preojects out there which will produce a "UNIVERSALLY uefi bootable skeleton iso image with UNIVERSALLY capable digital certs" so that each forum member can roll their own linux version by just adding vmlinuz, initrd, main.sfs etc to that folder and click a gui-mksiofs to produce such iso.
super_grub2_disk_hybrid (approx. 20 MB) may be a good starting point but it seems to lack proper digital cert. Also after i burnt the CD, i can't append any further data even though i didnot choose the "close CD after bunrt" during the burning process. I also tried using isomaster to edit that iso but resulted in a non-uefi-compliant iso.
- Attachments
-
- Screenshot_2018-10-21.jpg
- (77.14 KiB) Downloaded 361 times
Try fatdog, it has a certification key. I've always disabled Secure Boot, so haven't use it. I think the key may also work with puppies as well. Others would have to confirm this though.
The page from Fatdog documentation regarding secure boot: http://distro.ibiblio.org/fatdog/web/fa ... -boot.html
The page from Fatdog documentation regarding secure boot: http://distro.ibiblio.org/fatdog/web/fa ... -boot.html
-
Mike Walsh
- Posts: 6351
- Joined: Sat 28 Jun 2014, 12:42
- Location: King's Lynn, UK.
@ quirkian2new:-
AFAIK, the developers of Fatdog - jamesbond & Kirk - were trying to develop a 'workaround' to secure boot et al when it first appeared some years ago. They tried everything they could think of, but finally came to the conclusion that it wasn't going to work. So they decided it was time to 'bite the bullet'.....and stumped up the required $99 for a 'secure key'.
Now, I could be wrong about this next bit. But as I understand it, they, out of the kindness of their hearts, subsequently 'shared' this secure key with the Woof-CE team. And to this day, any UEFI-capable Puppies that use the 'efi.img' module that mikeslr mentioned, also make use of this 'secure key'.
It seems that jamesbond & Kirk, when filling out the 'paperwork' for their secure key, realised that Puppy was going to develop and prosper far faster than Windoze ever would.....so they were very careful to not specify a particular 'flavour' of FatDog/Puppy, but rather simply a 'generic' term for the canine breed instead.
Bigpup's right; you simply haven't done things in the right order, that's all. It's perfectly possible to turn secure boot off/enable 'legacy' boot instead on that machine. And even if you decide against doing so, for reasons best known to you personally, there are several recent Puppies/Dogs/FatDogs to choose from that will allow you to run them even with 'SecureBoot' still enabled....
Mike.
AFAIK, the developers of Fatdog - jamesbond & Kirk - were trying to develop a 'workaround' to secure boot et al when it first appeared some years ago. They tried everything they could think of, but finally came to the conclusion that it wasn't going to work. So they decided it was time to 'bite the bullet'.....and stumped up the required $99 for a 'secure key'.
Now, I could be wrong about this next bit. But as I understand it, they, out of the kindness of their hearts, subsequently 'shared' this secure key with the Woof-CE team. And to this day, any UEFI-capable Puppies that use the 'efi.img' module that mikeslr mentioned, also make use of this 'secure key'.
It seems that jamesbond & Kirk, when filling out the 'paperwork' for their secure key, realised that Puppy was going to develop and prosper far faster than Windoze ever would.....so they were very careful to not specify a particular 'flavour' of FatDog/Puppy, but rather simply a 'generic' term for the canine breed instead.
Bigpup's right; you simply haven't done things in the right order, that's all. It's perfectly possible to turn secure boot off/enable 'legacy' boot instead on that machine. And even if you decide against doing so, for reasons best known to you personally, there are several recent Puppies/Dogs/FatDogs to choose from that will allow you to run them even with 'SecureBoot' still enabled....
Mike.
A little correction 
Now there is more than one way to do that. Linux Foundation also paid that $99 and did something similar, and it was called "preloader".
Both are available freely for use by small Linux distros at no cost.
We didn't do it. Matthew Garret (mjg59) - at that time still working for RedHat - did it. We used his work, called "shim".Mike Walsh wrote:AFAIK, the developers of Fatdog - jamesbond & Kirk - ... decided it was time to 'bite the bullet'.....and stumped up the required $99 for a 'secure key'.
Now there is more than one way to do that. Linux Foundation also paid that $99 and did something similar, and it was called "preloader".
Both are available freely for use by small Linux distros at no cost.
Fatdog64 forum links: [url=http://murga-linux.com/puppy/viewtopic.php?t=117546]Latest version[/url] | [url=https://cutt.ly/ke8sn5H]Contributed packages[/url] | [url=https://cutt.ly/se8scrb]ISO builder[/url]
-
Mike Walsh
- Posts: 6351
- Joined: Sat 28 Jun 2014, 12:42
- Location: King's Lynn, UK.
Ah. Thanks for the correction, James.
I knew I'd read some of this stuff somewhere a while back. Sorry for getting the details wrong!
However it's viewed, I was aware that somebody, somewhere, had had to pay the 'key fee'; it simply wouldn't have been possible otherwise. I'm pretty sure it was you guys who 'led the way' for the rest of us, though.....so, that is appreciated. nonetheless.
Cheers.
Mike.
I knew I'd read some of this stuff somewhere a while back. Sorry for getting the details wrong!
However it's viewed, I was aware that somebody, somewhere, had had to pay the 'key fee'; it simply wouldn't have been possible otherwise. I'm pretty sure it was you guys who 'led the way' for the rest of us, though.....so, that is appreciated. nonetheless.
Cheers.
Mike.