0

As the title states, I recently messed with GRUB when I was following this tutorial on making a Windows bootable USB. Unless I typed something else in poorly I believe this to be the issue. When I restarted my computer it gave me an Boot Violation message. It seemed like it was going to bring me into BIOS but booted straight to Ubuntu somehow. I'm not quite sure what I did wrong or how to fix it. I have the USB that I used to install linux if that helps. I have tried using Boot Repair but receive this message when I run it:

GPT detected. Please create a BIOS-Boot partition (>1MB, unformatted filesystem, bios_grub flag). This can be performed via tools such as Gparted. Then try again. Alternatively, you can retry after activating the [Separate /boot/efi partition:] option.

I have found several posts similar to this one on the site but they either do not have a response or are for laptops that are trying to (re)install an OS and it did not work.

Community
  • 1
Mixed Pebble
  • 3
  • Boot violation is from UEFI Secure boot. And gpt partitioning usually means UEFI boot. But if drive is gpt Windows will only install in UEFI boot mode. And how you boot installer is how it installs. If you want an UEFI bootable installer, you can do this. But if Windows 7 you have to move boot files to correct location /EFI/Boot/bootx64.efi for it to work. UEFI only USB key, just extract ISO ( 7 zip or similar) to FAT32 formated flash & set boot flag. http://askubuntu.com/questions/395879/how-to-create-uefi-only-bootable-usb-live-media – oldfred Apr 26 '16 at 13:32

1 Answers1

1

There are several different answers to the question to which you linked, so it's quite unclear what procedure you followed; however, it sounds like you may have created a new GRUB binary that was not signed with a valid Secure Boot key; or perhaps you installed a BIOS-mode version of GRUB and the attempt to launch it triggered your firmware's Secure Boot warning. In either case, by my hypothesis you then dropped back to your standard Ubuntu version of GRUB, which launched Ubuntu.

Secure Boot is a complex topic. In brief, with Secure Boot active, EFI boot loaders must be signed with keys that you as a user do not normally control. (There are ways to take control of the process yourself, but that's a very advanced topic.) Thus, if you modify the boot loader binary (typically grubx64.efi), you must either disable Secure Boot or learn enough about it to sign the binary and add your key to the Machine Owner Key (MOK) database. For more on this, see my Web page on the topic.

Concerning your "GPT detected..." message from Boot Repair, that indicates that you booted your Boot Repair disk in BIOS mode, whereas your regular Ubuntu installation is probably in EFI mode. With an EFI-mode installation on the hard disk, it's almost always best to disable the Compatibility Support Module (CSM; aka "legacy-mode support" or a similar term) in the firmware setup utility. This action will prevent accidental boots in BIOS mode. See my page on the CSM for more on how the CSM can cause problems and how to avoid these problems.

Note that Secure Boot and CSM are both optional EFI features; an EFI can support, neither, one, or both of these features. The easiest EFI-mode boot path disables both of them; however, there are cases in which one or the other of those features is desirable. It's rare for both of them to be necessary, and in fact some EFIs make them mutually exclusive -- you can't activate the CSM if Secure Boot is active.

More broadly speaking, there should be no reason to involve GRUB in creating a Windows bootable USB drive; Windows has its own boot loaders (both BIOS-mode and EFI-mode), so GRUB is an extra complication at best. That said, I couldn't tell you how to create a bootable Windows disk from either Windows or Ubuntu, so I can't offer an alternative or commentary on whatever procedure you've followed, except to say that I'm skeptical of any procedure that involves GRUB.

Rod Smith
  • 44,284
  • 7
  • 63
  • 105
  • Thank you. I was able to get my computer working using your webpage. I went into BIOS, boot device and switched OS device to Other OS. You did mention that most malware targets Windows and so this is best for computers that do not use Windows. To my understanding it does not seem like this is an issue if I leave it disabled for now since I will be upgrading from Ubuntu 14.04 to Ubuntu 16.04 in the near future. Again, thank you for your help. – Mixed Pebble Apr 26 '16 at 15:35