1SYSTEMD-BOOT(7) systemd-boot SYSTEMD-BOOT(7)
2
6 systemd-boot, sd-boot - A simple UEFI boot manager
7
9 systemd-boot (short: sd-boot) is a simple UEFI boot manager. It
10 provides a textual menu to select the entry to boot and an editor for
11 the kernel command line. systemd-boot supports systems with UEFI
12 firmware only.
13 systemd-boot loads boot entry information from the EFI system partition
15 (ESP), usually mounted at /efi/, /boot/, or /boot/efi/ during OS
16 runtime, as well as from the Extended Boot Loader partition (XBOOTLDR)
17 if it exists (usually mounted to /boot/). Configuration file fragments,
18 kernels, initrds and other EFI images to boot generally need to reside
19 on the ESP or the Extended Boot Loader partition. Linux kernels must be
20 built with CONFIG_EFI_STUB to be able to be directly executed as an EFI
21 image. During boot systemd-boot automatically assembles a list of boot
22 entries from the following sources:
23 • Boot entries defined with Boot Loader Specification[1] Type #1
25 description files located in /loader/entries/ on the ESP and the
26 Extended Boot Loader Partition. These usually describe Linux kernel
27 images with associated initrd images, but alternatively may also
28 describe other arbitrary EFI executables.
29 • Unified kernel images, Boot Loader Specification[1] Type #2, which
31 are executable EFI binaries in /EFI/Linux/ on the ESP and the
32 Extended Boot Loader Partition.
33 • The Microsoft Windows EFI boot manager, if installed.
35 • The Apple macOS boot manager, if installed.
37 • The EFI Shell binary, if installed.
39 • A reboot into the UEFI firmware setup option, if supported by the
41 firmware.
42 • Secure Boot variables enrollment if the UEFI firmware is in
44 setup-mode and files are provided on the ESP.
45 systemd-boot supports the following features:
47 • Basic boot manager configuration changes (such as timeout
49 configuration, default boot entry selection, ...) may be made
50 directly from the boot loader UI at boot-time, as well as during
51 system runtime with EFI variables.
52 • The boot manager integrates with the systemctl command to implement
54 features such as systemctl reboot --boot-loader-entry=... (for
55 rebooting into a specific boot menu entry, i.e. "reboot into
56 Windows") and systemctl reboot --boot-loader-menu=... (for
57 rebooting into the boot loader menu), by implementing the Boot
58 Loader Interface[2]. See systemctl(1) for details.
59 • An EFI variable set by the boot loader informs the OS about the EFI
61 System Partition used during boot. This is then used to
62 automatically mount the correct EFI System Partition to /efi/ or
63 /boot/ during OS runtime. See systemd-gpt-auto-generator(8) for
64 details.
65 • The boot manager provides information about the boot time spent in
67 UEFI firmware using the Boot Loader Interface[2]. This information
68 can be displayed using systemd-analyze(1).
69 • The boot manager implements boot counting and automatic fallback to
71 older, working boot entries on failure. See Automatic Boot
72 Assessment[3].
73 • The boot manager optionally reads a random seed from the ESP
75 partition, combines it with a 'system token' stored in a persistent
76 EFI variable and derives a random seed to use by the OS as entropy
77 pool initialization, providing a full entropy pool during early
78 boot.
79 • The boot manager allows for Secure Boot variables to be enrolled if
81 the UEFI firmware is in setup-mode. Additionally, variables can be
82 automatically enrolled if configured.
83 bootctl(1) may be used from a running system to locate the ESP and the
85 Extended Boot Loader Partition, list available entries, and install
86 systemd-boot itself.
87 kernel-install(8) may be used to copy kernel images onto the ESP or the
89 Extended Boot Loader Partition and to generate description files
90 compliant with the Boot Loader Specification.
91 systemd-stub(7) may be used as UEFI boot stub for executed kernels,
93 which is useful to show graphical boot splashes before transitioning
94 into the Linux world. It is also capable of automatically picking up
95 auxiliary credential files (for boot parameterization) and system
96 extension images, as companion files to the booted kernel images.
97
99 The following keys may be used in the boot menu:
100 ↑ (Up), ↓ (Down), j, k, PageUp, PageDown, Home, End
102 Navigate up/down in the entry list
103 ↵ (Enter), → (Right)
105 Boot selected entry
106 d
108 Make selected entry the default
109 e
111 Edit the kernel command line for selected entry
112 +, t
114 Increase the timeout before default entry is booted
115 -, T
117 Decrease the timeout
118 r
120 Change screen resolution, skipping any unsupported modes.
121 R
123 Reset screen resolution to firmware or configuration file default.
124 p
126 Print status
127 h, ?, F1
129 Show a help screen
130 f
132 Reboot into firmware interface.
133 For compatibility with the keybindings of several firmware
135 implementations this operation may also be reached with F2, F10,
136 Del and Esc.
137 The following keys may be pressed during bootup or in the boot menu to
139 directly boot a specific entry:
140 l
142 Linux
143 w
145 Windows
146 a
148 macOS
149 s
151 EFI shell
152 1, 2, 3, 4, 5, 6, 7, 8, 9
154 Boot entry number 1 ... 9
155 The boot menu is shown when a non-zero menu timeout has been
157 configured. If the menu timeout has been set to zero, it is sufficient
158 to press any key — before the boot loader initializes — to bring up the
159 boot menu, except for the keys listed immediately above as they
160 directly boot into the selected boot menu item. Note that depending on
161 the firmware implementation the time window where key presses are
162 accepted before the boot loader initializes might be short. If the
163 window is missed, reboot and try again, possibly pressing a suitable
164 key (e.g. the space bar) continuously; on most systems it should be
165 possible to hit the time window after a few attempts. To avoid this
166 problem, consider setting a non-zero timeout, thus showing the boot
167 menu unconditionally. Some desktop environments might offer an option
168 to directly boot into the boot menu, to avoid the problem altogether.
169 Alternatively, use the command line systemctl reboot
170 --boot-loader-menu=0 from the shell.
171 In the editor, most keys simply insert themselves, but the following
173 keys may be used to perform additional actions:
174 ← (Left), → (Right), Home, End
176 Navigate left/right
177 Esc, Ctrl+c
179 Abort the edit and quit the editor
180 Ctrl+k
182 Clear the command line forwards
183 Ctrl+w, Alt+Backspace
185 Delete word backwards
186 Ctrl+Del, Alt+d
188 Delete word forwards
189 ↵ (Enter)
191 Boot entry with the edited command line
192 Note that unless configured otherwise in the UEFI firmware,
194 systemd-boot will use the US keyboard layout, so key labels might not
195 match for keys like +/-.
196
198 The files systemd-boot processes generally reside on the UEFI ESP which
199 is usually mounted to /efi/, /boot/ or /boot/efi/ during OS runtime. It
200 also processes files on the Extended Boot Loader partition which is
201 typically mounted to /boot/, if it exists.
202 systemd-boot reads runtime configuration such as the boot timeout and
204 default entry from /loader/loader.conf on the ESP (in combination with
205 data read from EFI variables). See loader.conf(5).
206 Boot entry description files following the Boot Loader Specification[1]
208 are read from /loader/entries/ on the ESP and the Extended Boot Loader
209 partition.
210 Unified kernel boot entries following the Boot Loader Specification[1]
212 are read from /EFI/Linux/ on the ESP and the Extended Boot Loader
213 partition.
214 Optionally, a random seed for early boot entropy pool provisioning is
216 stored in /loader/random-seed in the ESP.
217 During initialization, sd-boot automatically loads all driver files
219 placed in the /EFI/systemd/drivers/ directory of the ESP. The files
220 placed there must have an extension of the EFI architecture ID followed
221 by .efi (e.g. for x86-64 this means a suffix of x64.efi). This may be
222 used to automatically load file system drivers and similar, to extend
223 the native firmware support.
224 Enrollment of Secure Boot variables can be performed manually or
226 automatically if files are available under
227 /loader/keys/NAME/{db,KEK,PK}.auth, NAME being the display name for the
228 set of variables in the menu. If one of the sets is named auto then it
229 might be enrolled automatically depending on whether
230 "secure-boot-enroll" is set to force or not.
231
233 The following EFI variables are defined, set and read by systemd-boot,
234 under the vendor UUID "4a67b082-0a4c-41cf-b6c7-440b29bb8c4f", for
235 communication between the boot loader and the OS:
236 LoaderBootCountPath
238 If boot counting is enabled, contains the path to the file in whose
239 name the boot counters are encoded. Set by the boot loader.
240 systemd-bless-boot.service(8) uses this information to mark a boot
241 as successful as determined by the successful activation of the
242 boot-complete.target target unit.
243 LoaderConfigTimeout, LoaderConfigTimeoutOneShot
245 The menu timeout in seconds. Read by the boot loader.
246 LoaderConfigTimeout is maintained persistently, while
247 LoaderConfigTimeoutOneShot is a one-time override which is read
248 once (in which case it takes precedence over LoaderConfigTimeout)
249 and then removed. LoaderConfigTimeout may be manipulated with the
250 t/T keys, see above.
251 LoaderDevicePartUUID
253 Contains the partition UUID of the EFI System Partition the boot
254 loader was run from. Set by the boot loader. systemd-gpt-auto-
255 generator(8) uses this information to automatically find the disk
256 booted from, in order to discover various other partitions on the
257 same disk automatically.
258 LoaderEntries
260 A list of the identifiers of all discovered boot loader entries.
261 Set by the boot loader.
262 LoaderEntryDefault, LoaderEntryOneShot
264 The identifier of the default boot loader entry. Set primarily by
265 the OS and read by the boot loader. LoaderEntryOneShot sets the
266 default entry for the next boot only, while LoaderEntryDefault sets
267 it persistently for all future boots. bootctl(1)'s set-default and
268 set-oneshot commands make use of these variables. The boot loader
269 modifies LoaderEntryDefault on request, when the d key is used, see
270 above.
271 LoaderEntrySelected
273 The identifier of the boot loader entry currently being booted. Set
274 by the boot loader.
275 LoaderFeatures
277 A set of flags indicating the features the boot loader supports.
278 Set by the boot loader. Use bootctl(1) to view this data.
279 LoaderFirmwareInfo, LoaderFirmwareType
281 Brief firmware information. Set by the boot loader. Use bootctl(1)
282 to view this data.
283 LoaderImageIdentifier
285 The path of executable of the boot loader used for the current
286 boot, relative to the EFI System Partition's root directory. Set by
287 the boot loader. Use bootctl(1) to view this data.
288 LoaderInfo
290 Brief information about the boot loader. Set by the boot loader.
291 Use bootctl(1) to view this data.
292 LoaderTimeExecUSec, LoaderTimeInitUSec, LoaderTimeMenuUsec
294 Information about the time spent in various parts of the boot
295 loader. Set by the boot loader. Use systemd-analyze(1) to view this
296 data.
297 LoaderSystemToken
299 A binary random data field, that is used for generating the random
300 seed to pass to the OS (see above). Note that this random data is
301 generally only generated once, during OS installation, and is then
302 never updated again.
303 Many of these variables are defined by the Boot Loader Interface[2].
305
307 systemd-boot implements a simple boot counting mechanism on top of the
308 Boot Loader Specification[1], for automatic and unattended fallback to
309 older kernel versions/boot loader entries when a specific entry
310 continuously fails. Any boot loader entry file and unified kernel image
311 file that contains a "+" followed by one or two numbers (if two they
312 need to be separated by a "-"), before the .conf or .efi suffix is
313 subject to boot counting: the first of the two numbers ('tries left')
314 is decreased by one on every boot attempt, the second of the two
315 numbers ('tries done') is increased by one (if 'tries done' is absent
316 it is considered equivalent to 0). Depending on the current value of
317 these two counters the boot entry is considered to be in one of three
318 states:
319 1. If the 'tries left' counter of an entry is greater than zero the
321 entry is considered to be in 'indeterminate' state. This means the
322 entry has not completed booting successfully yet, but also hasn't
323 been determined not to work.
324 2. If the 'tries left' counter of an entry is zero it is considered to
326 be in 'bad' state. This means no further attempts to boot this item
327 will be made (that is, unless all other boot entries are also in
328 'bad' state), as all attempts to boot this entry have not completed
329 successfully.
330 3. If the 'tries left' and 'tries done' counters of an entry are
332 absent it is considered to be in 'good' state. This means further
333 boot counting for the entry is turned off, as it successfully
334 booted at least once. The systemd-bless-boot.service(8) service
335 moves the currently booted entry from 'indeterminate' into 'good'
336 state when a boot attempt completed successfully.
337 Generally, when new entries are added to the boot loader, they first
339 start out in 'indeterminate' state, i.e. with a 'tries left' counter
340 greater than zero. The boot entry remains in this state until either it
341 managed to complete a full boot successfully at least once (in which
342 case it will be in 'good' state) — or the 'tries left' counter reaches
343 zero (in which case it will be in 'bad' state).
344 Example: let's say a boot loader entry file foo.conf is set up for 3
346 boot tries. The installer will hence create it under the name
347 foo+3.conf. On first boot, the boot loader will rename it to
348 foo+2-1.conf. If that boot does not complete successfully, the boot
349 loader will rename it to foo+1-2.conf on the following boot. If that
350 fails too, it will finally be renamed foo+0-3.conf by the boot loader
351 on next boot, after which it will be considered 'bad'. If the boot
352 succeeds however the entry file will be renamed to foo.conf by the OS,
353 so that it is considered 'good' from then on.
354 The boot menu takes the 'tries left' counter into account when sorting
356 the menu entries: entries in 'bad' state are ordered at the beginning
357 of the list, and entries in 'good' or 'indeterminate' at the end. The
358 user can freely choose to boot any entry of the menu, including those
359 already marked 'bad'. If the menu entry to boot is automatically
360 determined, this means that 'good' or 'indeterminate' entries are
361 generally preferred (as the bottom item of the menu is the one booted
362 by default), and 'bad' entries will only be considered if there are no
363 'good' or 'indeterminate' entries left.
364 The kernel-install(8) kernel install framework optionally sets the
366 initial 'tries left' counter to the value specified in
367 /etc/kernel/tries when a boot loader entry is first created.
368
370 When using qemu with OVMF (UEFI Firmware for virtual machines) the
371 -kernel switch works not only for linux kernels, but for any EFI
372 binary, including sd-boot and unified linux kernels. Example command
373 line for loading systemd-boot on x64:
374 qemu-system-x86_64 [ ... ] -kernel
376 /usr/lib/systemd/boot/efi/systemd-bootx64.efi
377 systemd-boot will detect that it was started directly instead of being
379 loaded from ESP and will search for the ESP in that case, taking into
380 account boot order information from the hypervisor (if available).
381
383 bootctl(1), loader.conf(5), systemd-bless-boot.service(8), systemd-
384 boot-random-seed.service(8), kernel-install(8), systemd-stub(7), Boot
385 Loader Specification[1], Boot Loader Interface[2]
386
388 1. Boot Loader Specification
389 https://uapi-group.org/specifications/specs/boot_loader_specification
390 2. Boot Loader Interface
392 https://systemd.io/BOOT_LOADER_INTERFACE
393 3. Automatic Boot Assessment
395 https://systemd.io/AUTOMATIC_BOOT_ASSESSMENT
396systemd 253 SYSTEMD-BOOT(7)