Difference between pages "Cloud Backup" and "Install/BootLoader"

(Difference between pages)
 
(Emerging GRUB)
 
Line 1: Line 1:
This howto will describe a method for automatically backing up your funtoo install to the internet, in this case dropbox, but any online storage will do. Gentoo describes a method of creating a stage 4 archive. The problem with a stage 4 is that it is large and it archives a lot of unnecessary files. Such as applications that can be reinstalled from an emerge world. Instead, this method will aim for more of a "stage 3.5."
+
<noinclude>
 +
{{InstallPart|boot loader configuration}}
 +
</noinclude>
 +
=== Installing a Bootloader ===
  
{{fancynote| This method does not attempt to backup everything. The intention is only to backup the system. Optionally you can also archive and copy your <tt>/home</tt> folder if you have enough online storage.}}
+
These install instructions show you how to use GRUB to boot using BIOS (old-school) or UEFI (new-school).
  
== Use Case ==
+
==== Old School (BIOS) ====
A backup machine currently provides network drives on a home LAN to allow clients on the LAN to backup to, using apps such as Time Machine (Mac) and Genie Timeline (Windows). As this machine ''is'' the backup machine it doesn't have anywhere to backup to itself. In this situation a backup solution is provided by backing up to somewhere online - dropbox. If a restore from the backup is required, the client machine's backups would be trashed, and the backup machine restored.
+
  
== Automatic Backup Archives With Etckeeper ==
+
If you're using the BIOS to boot, setting up GRUB, the bootloader, is pretty easy.
Etckeeper is a tool that is used to save versions of <tt>/etc</tt>, including meta-data in a version control repository such as git.
+
As etckeeper is not in the funtoo portage tree, layman is used to provide an overlay.
+
=== Install etckeeper via layman ===
+
Before you install layman it is worth mentioning that you probably want <tt>USE="git subversion"</tt> in <tt>/etc/portage/make.conf</tt>. After adjusting use flags, to install layman you run:
+
<console>
+
###i## emerge layman
+
</console>
+
In order to backup the layman configuration, but not the portage overlay trees, make the following modifications to the default install.
+
Tell Portage about layman-fetched repositories by adding the following line to <tt>/etc/portage/make.conf</tt>:
+
  
<pre>
+
To use this recommended boot method, first emerge <code>boot-update</code>. This will also cause <code>grub-2</code> to be merged, since it is a dependency of <code>boot-update</code>.
source /etc/layman/make.conf
+
</pre>
+
  
Modify the following lines in <tt>/etc/layman/layman.cfg</tt>:
 
 
<pre>
 
storage  : /var/lib/layman
 
installed : /etc/layman/installed.xml
 
make_conf : /etc/layman/make.conf
 
</pre>
 
 
Add the bgo-overlay. As described on their web page, [http://bgo.zugaina.org/ bgo.zugaina.org].
 
 
<console>
 
<console>
###i## layman -o http://gpo.zugaina.org/lst/gpo-repositories.xml -L
+
(chroot) # ##i##emerge boot-update
###i## layman -a bgo-overlay -o http://gpo.zugaina.org/lst/gpo-repositories.xml
+
 
</console>
 
</console>
  
More information about layman can be found here: http://www.gentoo.org/proj/en/overlays/userguide.xml
+
Then, edit <code>/etc/boot.conf</code> and specify "<code>Funtoo Linux genkernel</code>" as the <code>default</code> setting at the top of the file, replacing <code>"Funtoo Linux"</code>.  
  
Then unmask and install etckeeper.
+
<code>/etc/boot.conf</code> should now look like this:
<console>
+
###i## emerge etckeeper --autounmask-write
+
###i## emerge etckeeper
+
</console>
+
 
+
{{fancynote| To update layman overlays do:}}
+
<console>
+
###i## layman -S
+
</console>
+
 
+
 
+
If you see the following error -- apply this fix:
+
<console>
+
###i## emerge etckeeper
+
Calculating dependencies... done!
+
>>> Verifying ebuild manifests
+
!!! A file is not listed in the Manifest: '/var/lib/layman/bgo-overlay/sys-apps/etckeeper/files/etckeeper-gentoo-0.58.patch'
+
 
+
###i## cd /var/lib/layman/bgo-overlay/sys-apps/etckeeper
+
###i## ebuild etckeeper-0.58-r2.ebuild manifest
+
###i## emerge etckeeper
+
</console>
+
 
+
== Configure etckeeper ==
+
Move any config files that do not live in <tt>/etc</tt>. i.e.
+
Check <tt>/root</tt> for any files to be archive, such as iptables scripts and move them to <tt>/etc</tt>.
+
 
+
{{fancynote| because funtoo uses [[Boot-Update]], this means <tt>/boot/grub/grub.cfg</tt> does not need to be archived.}}
+
 
+
To ensure your portage world file is archived, make the following link:
+
<console>
+
###i## ln /var/lib/portage/world /etc/world
+
</console>
+
 
+
Initialise the git repository.
+
<console>
+
###i## etckeeper init
+
Initialized empty Git repository in /etc/.git/
+
###i## etckeeper commit "Initial commit."
+
</console>
+
 
+
If you don't already have cron installed, emerge it now.
+
<console>
+
###i## emerge vixie-cron
+
</console>
+
And write the cron job to save an hourly version of <tt>/etc</tt>.
+
 
+
{{fancynote| git will only create a new version (commit) if there are changes from the previous one.}}
+
Edit the file <tt>/etc/cron.hourly/etckeeper:
+
  
 
<pre>
 
<pre>
#! /bin/bash
+
boot {
etckeeper commit "Hourly auto-commit"
+
generate grub
</pre>
+
default "Funtoo Linux genkernel"  
 +
timeout 3
 +
}
  
== Encrypt and copy backups online ==
+
"Funtoo Linux" {
=== Copy To Dropbox ===
+
kernel bzImage[-v]
<console>
+
}
###i## emerge dropbox
+
</console>
+
  
Add a dropbox user:
+
"Funtoo Linux genkernel" {
<console>
+
kernel kernel[-v]
###i## useradd dropbox
+
initrd initramfs[-v]
</console>
+
params += real_root=auto
 
+
Write the dropbox init files in <tt>/etc/conf.d/dropbox</tt>:
+
 
+
<pre>
+
DROPBOX_USERS="dropbox"  
+
</pre>
+
<br>
+
<pre>
+
#!/sbin/runscript
+
# Copyright 1999-2004 Gentoo Foundation
+
# Distributed under the terms of the GNU General Public License, v2 or later
+
# $Header: /var/cvsroot/gentoo-x86/sys-fs/dropbox/files/dropbox.init-1.0,v 1.4 2007/04/04 13:35:25 cardoe Exp $
+
 
+
NICENESS=5
+
 
+
depend() {
+
    need localmount net
+
    after bootmisc
+
 
}  
 
}  
  
start() {
+
"Funtoo Linux better-initramfs" {
    ebegin "Starting dropbox..."
+
kernel vmlinuz[-v]
    for dbuser in $DROPBOX_USERS; do
+
initrd /initramfs.cpio.gz
        start-stop-daemon -S -b -m --pidfile /var/run/dropbox-$dbuser.pid  -N $NICENESS -u $dbuser -v -e HOME="/home/$dbuser" -x /opt/dropbox/dropboxd
+
    done
+
    eend $?
+
}
+
 
+
stop() {  
+
    ebegin "Stopping dropbox..."
+
    for dbuser in $DROPBOX_USERS; do
+
        start-stop-daemon --stop --pidfile /var/run/dropbox-$dbuser.pid
+
    done
+
    eend $?
+
}
+
 
+
status() {
+
    for dbuser in $DROPBOX_USERS; do
+
        if [ -e /var/run/dropbox-$dbuser.pid ] ; then
+
            echo "dropboxd for USER $dbuser: running."
+
        else
+
            echo "dropboxd for USER $dbuser: not running."
+
        fi
+
    done
+
    eend $?
+
 
}
 
}
 
</pre>
 
</pre>
Start dropbox now and at boot time:
 
<console>
 
###i## chmod 0755 /etc/init.d/dropbox
 
###i## /etc/init.d/dropbox start
 
###i## rc-update add dropbox default
 
</console>
 
  
After starting the dropbox daemon, it will provide a http link. You will need to visit this site just once to associate your computer with your dropbox account.
+
Please read <code>man boot.conf</code> for further details.
  
Write the cron job to make the backup archive and move it online. Edit the file <tt>/etc/cron.daily/backup</tt>:
+
===== Running grub-install and boot-update =====
  
<pre>
+
Finally, we will need to actually install the GRUB boot loader to your disk, and also run <code>boot-update</code> which will generate your boot loader configuration file:
#! /bin/bash
+
cd /etc
+
git bundle create /tmp/backup.bundle --all
+
cd /tmp
+
mv -v -f backup.bundle /home/dropbox/Dropbox/Private/
+
</pre>
+
  
Make the script executable:
 
 
<console>
 
<console>
###i## chmod +x /etc/cron.daily/backup
+
(chroot) # ##i##grub-install --no-floppy /dev/sda
 +
(chroot) # ##i##boot-update
 
</console>
 
</console>
  
=== Encrypt Backups ===
+
Now you need to update your boot loader configuration file:
It is a good idea to encrypt your backup before moving it online. This can be done with gpg, using a symmetric (password only) or public/private key encryption. Additionally you can chose to sign the backup to check its integrity before restoring.
+
 
<console>
 
<console>
###i## emerge gpg
+
(chroot) # ##i##boot-update
 
</console>
 
</console>
 +
You only need to run <code>grub-install</code> when you first install Funtoo Linux, but you need to re-run <code>boot-update</code> every time you modify your <code>/etc/boot.conf</code> file, so your changes are applied on next boot.
  
==== Symmetric Encryption ====
+
==== New School (UEFI) ====
There is no preparation required to use a symmetric key as all that is required is simply a passphrase.  Just modify the cron job. Edit <tt>/etc/cron.daily/backup</tt>:
+
  
<pre>
+
If you're using UEFI to boot, setting up the boot loader is a bit more complicated for now, but this process will be improving soon. Perform the following steps.
#! /bin/bash
+
cd /etc
+
git bundle create /tmp/backup.bundle --all
+
cd /tmp
+
echo 'encryption_password' | gpg -o backup.gpg --batch --homedir /root/.gnupg -vvv  --passphrase-fd 0 --yes -c backup.bundle
+
mv -v -f router.gpg /home/dropbox/Dropbox/Private/
+
</pre>
+
{{fancyimportant| Remember to change "encryption_password"}}
+
  
{{fancywarning| If you forget this password the backup will be unusable. Lose the password and you lose the backup.}}
+
===== Emerging GRUB =====
 
+
As there is now sensitive information in this file, you might want to remove read permission:
+
<console>
+
###i## chmod og-r /etc/cron.daily/backup
+
</console>
+
 
+
==== Private/Public key Encryption ====
+
Make a private/public encryption/decryptions key pair. The public key will be used to encrypt and the private key to decrypt.
+
<console>
+
###i## gpg --gen-key
+
</console>
+
The public key is used to create the encrypted backup and needs to live on the computer being backed up. A copy of the private key needs to be made and stored securely in another place. If this machine becomes unbootable, and this is the only place the private key lives, the backup dies with it.
+
The private key should not be kept:
+
# In the same place as the back up
+
# On the machine being backed up
+
{{fancynote| The private key is the only key that will decrypt the backup. Lose this key and/or it's password and you lose the backup.}}
+
 
+
List the private keys:
+
<console>
+
###i## gpg -K
+
/root/.gnupg/secring.gpg
+
------------------------
+
sec  2048R/0EF13559 2012-01-21
+
uid                  my_key <noone@example.com>
+
ssb  2048R/67417FEB 2012-01-21
+
</console>
+
 
+
The private key can be exported using either the key name or key number. In this case "my_key" or "0EF13559".
+
To cut and paste the key. Ie, if logging in remotely.
+
<console>
+
###i## gpg -a --export-secret-key 0EF13559
+
</console>
+
 
+
To create a key file:
+
<console>
+
###i## gpg -o private_decryption.gpgkey --export-secret-key 0EF13559
+
</console>
+
  
Now store this key somewhere secure. The backup is only as secure as the private key.
+
You will still use GRUB as a boot loader, but before emerging grub, you will need to enable EFI booting. To do this,
 +
add the following line to <code>/etc/make.conf</code>:
  
Modify the cron job at <tt>/etc/cron.daily/backup</tt>:
+
For x86-64bit systems:
  
 
<pre>
 
<pre>
#! /bin/bash
+
GRUB_PLATFORMS="efi-64"
cd /etc
+
git bundle create /tmp/backup.bundle --all
+
cd /tmp
+
gpg -o backup.gpg -r 'my-key' --batch --homedir /root/.gnupg -vvv  --passphrase-fd 0 --yes -e backup.bundle
+
mv -v -f backup.gpg /home/dropbox/Dropbox/Private/
+
 
</pre>
 
</pre>
  
Replace "my-key" with the appropriate name from the key list.
+
For x86-32bit systems:
Also note the change from -c for symmetric encryption to -e for private/public key encryption
+
 
+
==== Sign Backups ====
+
Create a 2nd private/public (signing) key pair. The private key is used to sign and the public key is used to check the authenticity/integrity.
+
<console>
+
###i## gpg --gen-key
+
</console>
+
 
+
{{fancynote| The password for this key will be required in the script below.}}
+
In this case the private key is required to sign the backup and the public key is used to check the integrity of the backup.
+
Follow a similar process as above to copy the public key to to another computer/storage media.
+
 
+
List the private keys:
+
<console>
+
###i## gpg -k
+
</console>
+
{{fancynote| <tt>-K</tt> lists private keys while <tt>-k</tt> lists public keys.}}
+
 
+
Then export this public key via cut and paste:
+
<console>
+
###i## gpg -a --export <key name or number>
+
</console>
+
 
+
Or to create a key file:
+
<console>
+
###i## gpg -o public_signing.gpgkey --export <key name or number>
+
</console>
+
 
+
Now store this key somewhere secure.
+
 
+
Modify the backup cron job at <tt>/etc/cron.daily/backup</tt>:
+
  
 
<pre>
 
<pre>
#! /bin/bash
+
GRUB_PLATFORMS="efi-32"
cd /etc
+
git bundle create /tmp/backup.bundle --all
+
cd /tmp
+
echo 'signing_key_password' | gpg -s -o backup.gpg -r 'my-encryption-key' --batch --homedir /root/.gnupg -vvv  --passphrase-fd 0 --yes -e backup.bundle
+
mv -v -f backup.gpg /home/dropbox/Dropbox/Private/
+
 
</pre>
 
</pre>
  
{{fancynote| the script will require the password for your private (signing) key to sign the backup. Replace "password" with the password for your signing private key.
+
Then, <code>emerge boot-update</code>. You will notice <code>grub</code> and <code>efibootmgr</code> getting pulled in as dependencies. This is expected and good:
And as there is sensitive information in this file don't forget to remove read permission.}}
+
 
 
<console>
 
<console>
###i## chmod og-r /etc/cron.daily/backup
+
(chroot) # ##i##emerge boot-update
 
</console>
 
</console>
  
== To Restore From A Backup ==
+
===== Installing GRUB =====
This restore will assume your are starting with a new blank disk.
+
Start by performing a stage 3 install, upto and including section 5 "Chroot into your new system." http://www.funtoo.org/wiki/Funtoo_Linux_Installation
+
  
Then the restore process is:
+
Now, for the magic of getting everything in place for booting. You should copy your kernel and initramfs (if you have one -- you will if you are following the default install) to <tt>/boot</tt>. GRUB will boot those. But how do we get UEFI to boot GRUB? Well, we need to run the following command (for 32 bit simply set it as i386-efi):
# Download backup from dropbox
+
# Decrypt
+
# Clone
+
# Link world file
+
# Emerge world
+
# Compile the kernel
+
# Restore grub bootloader
+
# Reboot
+
  
== Download backup from dropbox ==
 
Log into your dropbox account and find your backup file. Move it to a public area if it isn't already in one. Then right click on it and click "copy public link."
 
Now on the computer to be restored, delete the contents of the /etc folder and download the backup file.
 
 
(Need to check if this needs done before chrooting into the new install).
 
 
<console>
 
<console>
###i## cd /etc
+
(chroot) # ##i##grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id="Funtoo Linux [GRUB]" --recheck /dev/sda
###i## rm -rf *
+
###i## cd /tmp
+
###i## wget http://dl.dropbox.com/link-to-backup-file/backup.gpg
+
 
</console>
 
</console>
 +
This command will simply install all the stuff to <tt>/boot/EFI</tt> and <tt>/boot/grub</tt> that your system needs to boot. In particular, the <tt>/boot/EFI/grub/grubx64.efi</tt> file will be created. This is the GRUB boot image that UEFI will load and start.
  
{{fancynote| if you have to copy the link from another computer and therefore can not cut and paste it, there is a "shorten link" option.}}
+
A more detailed explanation of the flags used in the above command:
 +
* <code>--target=x86_64-efi</code>: Tells GRUB that we want to install it in a way that allows it to boot in UEFI
 +
* <code>--efi-directory=/boot</code>: All GRUB UEFI files will be installed in ''/boot''
 +
* <code>--bootloader-id="Funtoo Linux [GRUB]"</code>: This flag is not necessary for GRUB to boot. However, it allows you to change the text of the boot option in the UEFI BIOS. The stuff in the quotes can be set to anything that you would like.
 +
* <code>--recheck</code>: If a device map already exists on the disk or partition that GRUB is being installed on, it will be removed.
 +
* <code>/dev/sda</code>:The device that we are installing GRUB on.
  
== Decrypt ==
+
===== Configuring GRUB =====
If you used a public/private key to encrypt, and optionally signed the backup, import the decryption and signing keys.
+
  
Note:
+
OK, now UEFI has the GRUB image it needs to boot. But we still need to configure GRUB itself so it finds and boots your kernel and initramfs. This is done by performing the following steps. Since boot-update doesn't yet support UEFI, we will use boot-update, but then edit our <code>/boot/grub/grub.cfg</code> to support UEFI booting.  
# The decryption key is the private key of the encryption key pair - private_decryption.gpgkey
+
# The signing key is the public key of the signing key pair - public_signing.gpgkey
+
  
To import the keys by cut and paste:
+
First, you will need to edit <code>/etc/boot.conf</code>. Format this as you would if you were booting without UEFI. If you are not sure how this should look, below is an example of what it could look like if you are booting from an unencrypted ext4 partition:
<console>
+
###i## gpg --import <<EOF
+
</console>
+
{{fancynote| The last line after pasting the key should be "EOF"}}
+
Repeat for both keys.
+
  
To import the keys by file:
+
{{file|name=/etc/boot.conf|desc=|body=
<console>
+
boot {
###i## gpg --import private_decryption.gpgkey
+
        generate grub
###i## gpg --import public_signing.gpgkey
+
        default "Funtoo Linux"
</console>
+
        timeout 3
 +
}
  
Decrypt the backup:
+
"Funtoo Linux" {
<console>
+
        kernel vmlinuz[-v]
###i## gpg -d backup.gpg > backup.bundle
+
        params += rootfstype=ext4 root=/dev/sda2
</console>
+
}
 +
}}
  
If the backup was signed and you have correctly imported the signing public key you should see a message similar to:
+
After you have edited your <code>/etc/boot.conf</code> file, run <code>boot-update</code>. You should now have a <code>/boot/grub/grub.cfg</code> file, which you can edit using the following command:
<console>
+
gpg: Good signature from "my_signing_key <noone@example.com>"
+
</console>
+
  
== Clone ==
 
 
<console>
 
<console>
###i## git clone /tmp/backup.bundle /etc/
+
# ##i##nano /boot/grub/grub.cfg
 
</console>
 
</console>
  
== Link world file ==
 
<console>
 
###i## ln /etc/world /var/lib/portage/world
 
</console>
 
  
== Emerge world ==
+
To get your <code>/boot/grub/grub.cfg</code> to support booting with UEFI, make the following changes. Below the existing insmod lines, add the following lines.  Both of these involve adding support for the UEFI framebuffer to GRUB.:
<console>
+
###i## emerge --sync
+
###i## layman -S
+
###i## emerge -uDaNv world
+
</console>
+
  
== Compile the kernel (genkernel)==
+
<pre>
If you have genkernel set to save config files (the default):
+
  insmod efi_gop
<console>
+
  insmod efi_uga
###i## cp /etc/kernels/kernel-config-x86_64-<latest version>-gentoo /usr/src/linux/.config
+
</pre>
</console>
+
  
Otherwise use the currently loaded kernel's config:
+
Then, change the <code>set gfxpayload</code> line to read as follows. UEFI does not support text mode, so we will keep video initialized to the current resolution.:
<console>
+
###i## zcat /proc/config.gz > /usr/src/linux/.config
+
</console>
+
  
Then compile the kernel:
+
<pre>
<console>
+
  set gfxpayload=keep
###i## genkernel --oldconfig --no-mrproper all
+
</pre>
</console>
+
 
+
== Restore grub bootloader ==
+
<console>
+
###i## grub-install --no-floppy /dev/sda
+
###i## boot-update
+
</console>
+
 
+
Adjust the device as required if installing to another location.
+
 
+
== Reboot ==
+
<console>
+
###i## reboot
+
</console>
+
  
[[Category:First Steps]]
+
You can now save your changes by pressing <code>Control-X</code> and answering <code>y</code> when asked if you want to save the modified buffer. When prompted for a filename, hit Enter to use the existing filename.
[[Category:HOWTO]]
+

Revision as of 19:48, January 1, 2015


Note

This is a template that is used as part of the Installation instructions which covers: boot loader configuration. Templates are being used to allow multiple variant install guides that use most of the same re-usable parts.


Installing a Bootloader

These install instructions show you how to use GRUB to boot using BIOS (old-school) or UEFI (new-school).

Old School (BIOS)

If you're using the BIOS to boot, setting up GRUB, the bootloader, is pretty easy.

To use this recommended boot method, first emerge boot-update. This will also cause grub-2 to be merged, since it is a dependency of boot-update.

(chroot) # emerge boot-update

Then, edit /etc/boot.conf and specify "Funtoo Linux genkernel" as the default setting at the top of the file, replacing "Funtoo Linux".

/etc/boot.conf should now look like this:

boot {
	generate grub
	default "Funtoo Linux genkernel" 
	timeout 3 
}

"Funtoo Linux" {
	kernel bzImage[-v]
}

"Funtoo Linux genkernel" {
	kernel kernel[-v]
	initrd initramfs[-v]
	params += real_root=auto 
} 

"Funtoo Linux better-initramfs" {
	kernel vmlinuz[-v]
	initrd /initramfs.cpio.gz
}

Please read man boot.conf for further details.

Running grub-install and boot-update

Finally, we will need to actually install the GRUB boot loader to your disk, and also run boot-update which will generate your boot loader configuration file:

(chroot) # grub-install --no-floppy /dev/sda
(chroot) # boot-update

Now you need to update your boot loader configuration file:

(chroot) # boot-update

You only need to run grub-install when you first install Funtoo Linux, but you need to re-run boot-update every time you modify your /etc/boot.conf file, so your changes are applied on next boot.

New School (UEFI)

If you're using UEFI to boot, setting up the boot loader is a bit more complicated for now, but this process will be improving soon. Perform the following steps.

Emerging GRUB

You will still use GRUB as a boot loader, but before emerging grub, you will need to enable EFI booting. To do this, add the following line to /etc/make.conf:

For x86-64bit systems:

GRUB_PLATFORMS="efi-64"

For x86-32bit systems:

GRUB_PLATFORMS="efi-32"

Then, emerge boot-update. You will notice grub and efibootmgr getting pulled in as dependencies. This is expected and good:

(chroot) # emerge boot-update
Installing GRUB

Now, for the magic of getting everything in place for booting. You should copy your kernel and initramfs (if you have one -- you will if you are following the default install) to /boot. GRUB will boot those. But how do we get UEFI to boot GRUB? Well, we need to run the following command (for 32 bit simply set it as i386-efi):

(chroot) # grub-install --target=x86_64-efi --efi-directory=/boot --bootloader-id="Funtoo Linux [GRUB]" --recheck /dev/sda

This command will simply install all the stuff to /boot/EFI and /boot/grub that your system needs to boot. In particular, the /boot/EFI/grub/grubx64.efi file will be created. This is the GRUB boot image that UEFI will load and start.

A more detailed explanation of the flags used in the above command:

  • --target=x86_64-efi: Tells GRUB that we want to install it in a way that allows it to boot in UEFI
  • --efi-directory=/boot: All GRUB UEFI files will be installed in /boot
  • --bootloader-id="Funtoo Linux [GRUB]": This flag is not necessary for GRUB to boot. However, it allows you to change the text of the boot option in the UEFI BIOS. The stuff in the quotes can be set to anything that you would like.
  • --recheck: If a device map already exists on the disk or partition that GRUB is being installed on, it will be removed.
  • /dev/sda:The device that we are installing GRUB on.
Configuring GRUB

OK, now UEFI has the GRUB image it needs to boot. But we still need to configure GRUB itself so it finds and boots your kernel and initramfs. This is done by performing the following steps. Since boot-update doesn't yet support UEFI, we will use boot-update, but then edit our /boot/grub/grub.cfg to support UEFI booting.

First, you will need to edit /etc/boot.conf. Format this as you would if you were booting without UEFI. If you are not sure how this should look, below is an example of what it could look like if you are booting from an unencrypted ext4 partition:

/etc/boot.conf
boot {
        generate grub
        default "Funtoo Linux"
        timeout 3
}

"Funtoo Linux" {
        kernel vmlinuz[-v]
        params += rootfstype=ext4 root=/dev/sda2
}

After you have edited your /etc/boot.conf file, run boot-update. You should now have a /boot/grub/grub.cfg file, which you can edit using the following command:

# nano /boot/grub/grub.cfg


To get your /boot/grub/grub.cfg to support booting with UEFI, make the following changes. Below the existing insmod lines, add the following lines. Both of these involve adding support for the UEFI framebuffer to GRUB.:

  insmod efi_gop
  insmod efi_uga

Then, change the set gfxpayload line to read as follows. UEFI does not support text mode, so we will keep video initialized to the current resolution.:

  set gfxpayload=keep

You can now save your changes by pressing Control-X and answering y when asked if you want to save the modified buffer. When prompted for a filename, hit Enter to use the existing filename.