Limine Bootloader: Possibility to replace grub2?

I am a pretty big fan of “composed/controlled/managed” systems like Atomic Desktops.

As I only into Linux since a couple of years, I also like to have a system that “just works”.

But still, the more I read into it, the systemd dominance is a bit scary.

Unlike the Linux kernel, the systemd API surface is large, and there are more and more projects like Desktop Environments kinda enforcing it.

In my understanding, computer security can only come from simple code that is understandable. The Linux Kernel… not really that. Grub2, systemd, glibc… probably not either.

So using simpler solutions sounds like a good idea.

The limine bootloader may be such a project.

https://limine-bootloader.org

It is very simple, with limited support for filesystems, and a couple of security features like

  • verifying the integrity of the kernel with a signature
  • being able to store that signature in the EFI executable, so that tampering is not possible with a secure firmware

It is restricted though. EXT4 is only barely supported, so having a FAT32 /boot partition would be the way to go. It cannot be encrypted, but can be verified, I am not sure what implications this has. There is no support for encrypted boot in grub2 either.

@ericzhang456 made a COPR here, no recent builts but they went fine

https://copr.fedorainfracloud.org/coprs/ericzhang456/limine/

What do you think about this? Is systemd-boot the future that Fedora wants?

Does there need to be a boot loader with UEFI? I like the idea of having less middle-man, and heard of UEFI direct kernel boots on Arch years ago.

Other than that, I’d prefer to stick with GRUB since it works, or systemd-boot as a standard.

At the very least, I’m skeptical of any tech that up-front advertises a Discord server :stuck_out_tongue:

1 Like

Some UEFIs are password protected. Which is a good thing, but may cause problems.

I assume there might be more issues, but yes, direct kernel boots would be even more minimal and fast.

well that is the common behaviour I assume

systemd is already a big monopoly outside of the init system, supervision, privilege escalation, logging, … If the Fedora project can fully stand behind the project, then yes, but I am critical.

Discord has good moderation. But yes for sure, they have an issue tracker though

There are a collection of focused solutions to real world problem in the linux environment. Systemd is used because it works well and replaces tools that were not as good.

I too would like to see Grub2 disappear, but agree with the others here that systemd-boot is a more appropriate replacement than Limine, which I’ve never heard of before.

Actually I know some people that just directly boot the kernel from UEFI.

As systemd-boot doesnt support BIOS either, this could actually be the best way forward?

1 Like

The one challenge with systemd-boot is that
it is UEFI only, which would mean those
systems that are BIOS only would be
left behind(*).

Quite some time ago I looked at whether
I could resurrect the various BIOS->UEFI
bootstraps (and thought that it should be
possible), but I did not have the time to
investigate further.

FD: All my current systems have been
moved to systemd-boot from grub2, as I
no longer have any legacy systems, and
no longer have any real interest in
supporting those legacy BIOS only
systems.

(*) While not exactly the same schedule,
this is somewhat equivalent to the move
to x86_64-v2 requirements (many (most?)
x86_64-v2 systems had EFI capable
firmware, although some of them were
reported to be 32-bit EFI, which might
be good enough for most use cases).

1 Like

Could you explain the difference between systemd-boot and direct kernel boot using EFI-stub?

This would be the other obvious choice I think.

And yes, BIOS support is a thing here. Duplicate maintenance is needed some time. Why have optimization options if no binary repo uses them, scared of leaving behind 15 year old machines?