You are not logged in.
I was planning to do a UEFI dual boot with Arch and Windows. I got Arch to UEFI boot with rEFInd but I couldn't get Windows to play along so I'm back with BIOS emulation. I already erased all the GPT partitions (including the UEFI system partition) and went back to MBR. The problem is that apparently the efibootmgr command wrote directly to my firmware and now I have a rEFInd boot entry that points to nowhere. It's not really hurting anything but I'd like to know how to get rid of it. It also kind of makes me uneasy that a simple command can do that. Imagine if a malicious program just wrote 100 bogus entries in there. You'd never be able to find your real OS. Anyway I have access to the UEFI shell built into my motherboard and the Arch live CD which I can UEFI boot off of.
Last edited by weirddan455 (2012-11-16 03:56:20)
Offline
You can boot from a live CD and use efibootmgr to remove the entry by number, as in:
# efibootmgr -v
Timeout: 10 seconds
BootOrder: 0000,0007,0006,0008
Boot0000* rEFInd HD(2,1b8,64000,f1b7598e-baa8-16ea-4ef6-3ff3b606ac1e)File(\EFI\refind\refind.efi)
Boot0006* Hard Drive BIOS(2,0,00)SATA: ST32000542AS .
Boot0007* CD/DVD Drive BIOS(3,0,00)PATA: HP DVD Writer 1040r .
Boot0008* INTERNAL EFI SHELL: ST32000542AS ACPI(a0341d0,0)PCI(1f,2)ATAPI(1,0,0)HD(2,1b8,64000,f1b7598e-baa8-16ea-4ef6-3ff3b606ac1e)File(\EFI\BOOT\BOOTX64.EFI)
# efibootmgr -b 0000 -B
The "-v" option displays all the entries so you can confirm you're deleting the right one, and then you use the combination of "-b ####" (to specify the entry) and "-B" (to delete it).
As to the safety issues of this approach to boot management, within Linux you need root access to use efibootmgr, so it's really less riskier than, say, the rm command, which can do much more harm if root were to run it maliciously. Of course, if you boot an insecure or malicious OS, all bets are off. FWIW, that's one of the problems that Secure Boot is supposed to help prevent.
Offline
Thanks, that worked
Offline