When I try to boot as usual, I see a red message that says that something about my bootloader or system has changed.
In other words, secure boot is doing its thing and catching some sort of unexpected change.
Before this happened: I installed something to a USB drive using UNetBootIn. When shutting down afterwards, I think that I might have observed my system powering off in an unusual manner. Either of these things may or may not have anything to do with the fact that my bootloader was modified.
Question 1: The message mentions a lot of possibilities - how can I diagnose exactly what is triggering it?
Question 2: How can I repair the bootloader?
Additional background:
The first thing that I did was to follow Repair MBR After Windows Install using recovery mode in the OpenSUSE installer, but it did not work because it assumes a standard bootloader, not UEFI (I discovered that this was the reason the instructions didn’t work from a Stack Overflow question about a similar problem in Ubuntu). That page should definitely include instructions for UEFI, or mention that it isn’t relevant for UEFI.
The second thing I did was to try booting my system using the non-secure boot entry. This worked. That said, I want to repair the bootloader so that I can use secure again and catch any future problems that may be more serious.
The third thing that I tried, after reading OpenSUSE cannot boot after BIOS update - solved, was to use the upgrade option from the installer. It mentioned that the medium was not compatible with the installed system (fine, I can just rollback with Snapper afterwards). I didn’t follow-through with the installation, however, because it indicated that the bootloader was to be installed “into / partition”, which seemed incorrect to me (shouldn’t it be installed into the FAT /boot/UEFI partition?)
Thanks in advance for any advice on what to do in this scenario.