I’m currently running a dual boot configuration with Windows 10 and Fedora 35 Kinoite with secure boot off. I’m trying to figure out how to enable secure boot without resorting to re-installing Fedora. If I turn on secure boot through my computer’s UEFI, the computer doesn’t boot - it just shows a blank black screen at boot up. I’m assuming that’s because since secure boot was not on during Fedora’s installation, it didn’t configure the secure boot shim and thus it’s preventing grub from loading at boot (please let me know if this assumption is incorrect, because my next steps have been based on this assumption). So I figure I need to enable secure boot, and then re-install grub so that it configures the shim correctly.
I’ve found solutions online for Fedora Workstation - which is to turn on secure boot, boot using a Live image, chroot, and reinstall grub.
Sounds like a good plan, but there’s no Live image for Silverblue (I’m assuming booting using a Workstation image is fine?). But secondly, even after chroot, there wouldn’t be a way to dnf reinstall grub, since dnf isn’t available in Silverblue, and that probably wouldn’t be the correct way even if it worked. So what’s the correct procedure to trigger a re-build of the grub config? Even trying to run grub2-mkconfig in chroot throws an error:
# grub2-mkconfig -o /etc/grub2.cfg
/usr/sbin/grub2-probe: error: cannot find a device for / (is /dev mounted?).
I’ve pieced together some good information from the following resources, but haven’t figured it out yet. Any help is appreciated.
Yes, that or you have to tell your BIOS Setup which Secure Boot shim to trust. It’s certainly signed in Silverblue, you may have trouble signing modules for out of tree drivers (nvidia, realtek or so, in case you need them).