EFI Installation - USB drive

Hello everyone,

To put my issue into perspective. I installed fresh install of LEAP 15.3 EFI with secure boot enabled. The installation went fine.

Then I booted into rescue and made those following tar archives: boot.tgz (boot/), boot-efi.tgz (boot/efi/), home.tgz (home/), root.tgz (/). Then I wanted to test my installation from scratch via USB.

So I formatted the drive, created efi partition with a size of 1GB. Then created a second partition, this time LVM. Then I created appropriate LVMs.

I have untarred those tar archives into appropriate places. After that I called mkinitrd and then proceeded with:

grub2-install --target=x86_64-efi --efi-directory=/boot/efi --removable --boot-directory=/boot/efi/EFI --bootloader-id=grub /dev/sda

Installation went fine but the problem is I cannot boot into the opensuse-secureboot system for some reason I am missing. When I choose that option, it justs refreshes right back or it goes black screen for like 1 second and then I am back in boot menu. Could it be somehow related to certain keys or certificated due to secure boot ?

Also, this method works fine for non EFI installations. But EFI is a different kind of issue.

Any ideas ?

is the /boot/efi fat 16 (it will not work if anything else)?

did you mount /boot/efi under /boot/efi before the mkinitrd?

did you modify /etc/fstab to have the new UUID’s before you did the mkinitrd?

For secure-boot with a removable drive, you need:

shim-install --removable

You can add the “–efi-directory” and other options, but those are mostly the defaults anyway.

Using “grub2-install” is fine if you don’t need secure-boot.

For some reason I had to call this command: shim-install --config-file=/boot/grub2/grub.cfg. Now the installation works fine. This thread may be closed Thank you all for your help.