Fujitsu Secure Boot Disable

[Jan Dominquez]

HelloI would like to install HAOS on a Fujitsu S920.

I have written the image to a mSATA hard drive. When I connect the mSATA via USB adapter to the Fujitsu everything runs normally. If I try to install the mSATA direct in the Fujitsu, then no boot media is found.

Then go to this location: Generic x86-64 - Home Assistant and perform these activities.

NAMELY: Boot into your Live Ubuntu Desktop in UEFI mode and run those commands at the CLI (Command Line Interface)

I am running into similar issue on S920:

I was running HAOS for few months or so without any issues, but yesterday I removed the msata device and inserted a different one to try different installations. No changes were done in bios (apart selecting bootable devices), just debian installation into new msata, and no changes were done on the old msata.

In the end I decided to go back to previous installation (the old non modified msata drive), but S920 no longer finds that msata as bootable (in boot options only Diagnostics program is listed). Secure boot is disabled as it was before. In SATA devices it is listed as inserted (SATA1 slot, the one under the cooler). If inserted in the other SATA slot it does not see drive at all.

CSM configuration was enabled, but even disabling it - it changes nothing.

I need the secure boot to be enabled. Back then, I had no problems doing so. I recently used the command mokutil --reset to clear the machine owner keys because there were a lot of them and I wanted to make things cleaner.

I also tried to add mmx64.efi and grubx64.efi to the trusted files in BIOS, but I got another error (i.e., shim_lock protocol not found). I was not doing anything special related to secure boot to boot my USB drive before (even when I installed my first Linux distro). Why can't I do that now?

What happened here is that Canonical updated their UEFI Secure Boot signing key and your system's Secure Boot Advanced Targeting variable. In plain terms, they made it so that newer boot files they release are bootable, and older ones aren't. If you got the update and then try to boot an OS that is still using the older files, it won't work and you get a Security Violation error.

Normally the solution here is to update your installation so that you have newer boot files. In this instance, though, you're trying to install from an ISO that has the older boot files. So you can't update the boot files. You have two choices here.

It's possible that the Ubuntu image you downloaded and wrote to the USB drive is not signed with a key that is trusted by the Secure Boot feature of your computer's bios. This could be because the image is unsigned, or because the key used to sign the image is not in the list of trusted keys in your computer's bios.

You must use a bootloader that is signed with a key that is trusted by bios. This will allow the system to verify the digital signature of the bootloader, and load it without triggering the security violation error.

Hi,

I have strange problem, I can not boot openwrt system from disk. Disk is shown in bios, but not under boot options. I tried to use the same disk but from usb adapter connected to usb socket and computer normally boots up. Does any have any idea what can ba the cause?

I used this image -> -22.03.2-x86-64-generic-ext4-combined-efi.img.gz

I wrote it on sata drive via usb adapter using rufus.

As I said when I plugged it to my device and boot from usb openwrt starts normally. But when I mount the same disk directly on device it will not boot.

I also tried installation via debian live usb accoring to this instruction -> -base/openwrt-installation-instructions/ but the same happens it is nott booting.

For that to work, UEFI must be enabled in the 'BIOS' and secure boot disabled, I don't know what's the situation of the s940 in this regard. You can also try the non-EFI (legacy CSM/ BIOS) variant of OpenWrt instead.

I doubt it only supports UEFI, but if it does, just DD copying the image to the HD would not magically create a uefi bootloader entry on the bios settings.

You would need to add it manually, using efibootmgr, a UEFI shell, or some other program that can manipulate the firmware nvram settings.

You can read more here for general UEFI bootloader reference:

_Extensible_Firmware_Interface

(section 4.3.1 specifically about efibootmgr)

If your are not familiar with that it might be easier to enable legacy boot support in your bios settings if it's available, it could be something named CSM or Compatibility Support Module, you would need to research it on your bios manual if it's available.

OpenWrt relies on the removable media path for booting ftom UEFI, it does not set EFI boot entries itself. That means some kind of basic cooperation from the UEFI firmware is needed to find the EFI system partition and to consider it as viable option.

Thanks for hints, I will try suggested sulutions

I searched BIOS dozens of times to see if there is legacy boot option - there isnt.

I also watched review of this unit (this is in polish) -> =589 but this guy cleary said, no support for legacy boot.

Download Win32 Disk Imager for free. A Windows tool for writing images to USB sticks or SD/CF cards . This program is designed to write a raw disk image to a removable device or backup a removable device to a raw image file. It is very useful for...

Ok, so I am in the point where I have installed openwrt on disk and have live usb of refind and this duet is working, however I would like to have both installed on a disk. What would be the idea, create two partitions and using "dd" install images on those partitions?

What I usually do with an X86 having an internal disk is boot up OpenWrt on a USB then use it to write to the internal disk which is still installed in the X86 machine.

Download a copy of the distribution image and stream it onto the disk (make sure of the letter of the target disk):

gzip -cd dd of=/dev/sda bs=4M

Or if you're feeling really bold:

wget -O - gzip -cd dd of=/dev/sda bs=4M

This will of course clobber the existing partition table and render all existing data on the disk unreachable.

You could try installing Refind on openwrt img partition, never tried it for openwrt but for other x86 systems it can work just fine coexisting with other boot loaders on the same EFI system partition.

For this you would need to loop mount the the openwrt disk image, then mount the first partition, and then follow Refind manual installation instructions.

To boot Refind using the removable media path that is taken by grubs bootx64.efi you would need to rename this file perhaps to grubx64.efi

I was able to install refind next to openwrt, but unfortunatelly strange things are happening.. ;/

After having success with refind, I just shutdown computer and placed on the shelf where is should stay, wired everything and boot up... Then I realised after everything worked fine after reboot it there is no internet... Once again I get this device to find out where is the problem, when booting device refind just vanished and it is not booting ;/ I repeated installation process and the same thing happens. I am really pissed off, what a garbage is this device...;/

I can't boot from USB even though the BIOS is set to boot from USB first. Windows Boot manager somehow seems to be taking precedence. I have Windows 7, Linux Mint and Ubuntu installed on my hard-drive. When I boot-up those are the only options, despite having a USB stick plugged in then going into the BIOS and setting the UEFI USB stick as the primary boot device.

The USB device is fine as I can see it in Windows/Linux and can read the files. I made it bootable (in theory) by using linuxlive and/or pendrive with no success (though I've had success with both in the past).

You need to enable booting from non-EFI devices. This option can be found in most BIOSs called the Compatibility Support Module or CSM. This option is sometimes hidden until you disable Secure Boot. I've also seen it hidden until Fast Boot is disabled. Once you enable the CSM module and set it to boot EFI + Legacy boot devices you shouldn't have any trouble booting your USB device.

Your USB must have UEFI boot enabled. To do so, burn your ISO image to stick using Rufus (download here: . Select 'Rufus V1.3.4'and download it. Open the tool and under partitioning Options select 'GPT Partition Scheme for UEFI computer'. Select your ISO from the small CD Drive Icon under format options. Click start. When finished reboot your computer and select the UEFI USB options from the manufacturer's boot options.

I came across this post since I had a similar problem. i.e. my boot sequence in the BIOS was set to: Removable device, CD and HDD. I had my Windows 7 installation on a bootable USB sticked in, (no CD), but still it would boot in the OS from the hard disk drive.

The 16 GB USB stick I was using was not considered as a removable device. In the BIOS settings, I found that the problem was in the hard drive setting sections, so I changed the HDD setting from SATA to Sandisk. The BIOS setting was still Removable, CD and HDD, and this time it booted from the USB.

When you can't find the Compatibility Support Module (CSM), the legacy, and if Rufus seems too complicated and none of the other options in the answers listed here suites you, try a reset of your BIOS to "Optimized Defaults".

As soon as I reset the BIOS, it could identify my USB in a whole different way. Already as the first boot option and even the brand of the USB was there. So I pressed F10 and Enter to save and when rebooting it worked as predicted this time.

I just had that problem and my solution was different. Nothing was working and it's not like i am a novice to this. After a lot of tries with a 2022 win10 build, which was working on other similar PCs, i just installed a 2019 version via rufus, for a sanity check, and voila it worked no problem.

I have to install Solaris on a Fujitsu x64-system.

So I've downloaded the sol-11_4-text-x86.usb, checked the checksum and wrote it with dd to an stick.

When I try to boot from the stick it stops after the Copyright Message. Obviously before "Remounting root read/write" (As seen in the Video here: =vp_FHXUxaIE)

I am able to see the GRUB Menu and I also am able to edit the settings.

Also I'm able to ls the content of the Stick and the SSD.

3a8082e126