1

I have Toshiba laptop Portege Z930, core i7 with Ubuntu 16.04 (amd64) and Win 8 dual boot. During today's software update in Ubuntu the system hangs on. After reboot I see grub shell. I boot the system from USB stick (Xubuntu 14.04) and run Boot Repair. The log is here (I tried to deactivate the [Backup and rename Windows EFI files] option either with no difference). Now after reboot I see Shim UEFI key management tool. Firstly it has full screen mode, then after timer expires for the first time its window shrinks a little bit (presumably, goes to 800x600 resolution). Each time after timer expires Shims' window blinks once and restarts the timer.

What should I do to come to Grub boot menu? I don't see any keys to add in Shim's window. Do I have to create one? Any way to avoid this (don't want to waste my time on this)? Also I have Secure Boot disabled in my BIOS (if this info helps). I tried to enable it and saw no difference.

Artem Pelenitsyn
  • 365
  • Do not add or change any keys. Ubuntu uses the Microsoft key. Shimx64.efi is the grub version for secure boot but has worked normally for non-secure boot. Your report showed you only had the standard UEFI boot files for Ubuntu, not the UEFI Secure boot versions. But Boot-Repair added the signed versions for secure boot. So you should be able to boot with Secure boot on or off in UEFI. You show you have many Boot-Repair reports in ESP - efi system partition. You may want to house clean older versions, so as not to fill partition. – oldfred Jun 28 '16 at 13:36

2 Answers2

3

I have two thoughts on this:

Filesystem damage

Some EFIs are highly sensitive to filesystem damage, which might make it look as if a new GRUB binary was improperly signed. This would then trigger the MokManager display you've shown. (It's not technically Shim that's showing that display, but MokManager.) In this case, you may be able to fix the problem by doing:

sudo dosfsck /dev/sda2

You'll need to do that from an Ubuntu emergency disk, of course. Also, this type of damage can occur if you failed to both disable Fast Startup and disable hibernation. Thus, it's important that you disable these Windows features to prevent a recurrence.

Note also that if the filesystem is damaged, you might need to re-install GRUB -- but do so after fixing the filesystem problem. Boot Repair should be able to help with this.

A new bug

It could be there's been a recent update to Shim and/or GRUB that's causing it to flake out on your particular computer. In this case, reverting to the old version may help. This may require copying the shimx64.efi binary from another computer or re-installing GRUB in some way. Alternatively, if the bug is in GRUB, you could install another boot manager entirely. I describe several on this page. I haven't noticed any recent updates to either Shim or GRUB, but I may have missed something.

With Secure Boot off, you can bypass Shim entirely by creating a new boot entry with a command like this:

sudo efibootmgr -c -d /dev/sda -p 2 -l \\EFI\\ubuntu\\grubx64.efi -L GRUB

This command tells the computer to boot via grubx64.efi on partition 2 (-p 2) of /dev/sda (-d /dev/sda). Your current setup boots via Shim, which is necessary to handle Secure Boot; but with that feature disabled, a direct call to GRUB can bypass any Secure Boot flakiness -- assuming there's nothing wrong with the GRUB binary. As noted earlier, if that binary is damaged, it could create the symptoms you're seeing, and this procedure would not help -- the system would simply fail to boot in some other way.

Rod Smith
  • 44,284
  • 7
  • 63
  • 105
  • There were a number of grub files such as grub-efi-amd64 pushed out to 14.04 on 6/25. – Organic Marble Jun 28 '16 at 15:33
  • Thank you for your feedback! Tried some of your recipes, but they didn't help. First: I run dosfsck, it says something about dirty bit. It gives me two alternatives: 1) Clean, 2) Do nothing. Strangely enough when I press 1, Enter, it exits saying that it did nothing. I tried to run it like dosfsck -a -t -w, now it says that it cleaned the bit. Another run of dosfsck without options confirms the the partion is OK now. After one more Boot Repair I get the same blue screen on startup :( – Artem Pelenitsyn Jun 28 '16 at 22:11
  • Secondly, I tried efibootmgr. Upon completion It shows new entry on startup list and confirms that it is default option now. But I get the same blue screen at actual startup. As of Fast Startup and Hibernation on Windows: I gues that I turned them off many years ago, when first install of Ubuntu on this laptop. But I'm not sure. Can I do something with this given that I can't boot into Windows (I guess, the answer is NO). – Artem Pelenitsyn Jun 28 '16 at 22:13
  • 1
    You may be able to use the computer's built-in boot manager to boot Windows directly. Alternatively, you could use my rEFInd boot manager on a USB flash drive or CD-R to boot either OS. You could also try backing up the entire ESP (it's small), creating a fresh FAT filesystem on it, and then restoring it. That might help fix some types of filesystem damage, but if the GRUB file itself is already damaged, it won't fix that problem; you'll still need to re-install GRUB in that case (or switch to something else). – Rod Smith Jun 29 '16 at 19:49
1

Try running Boot Repair again, but this time make sure "Secure Boot" (under the "GRUB Options" tab) is checked.

insert_name_here
  • 1,545