Bug#1111713: systemd-boot: might create a non-working EFI default entry when using secure-boot and shim
Luca Boccassi
bluca at debian.org
Thu Aug 21 12:27:27 BST 2025
Control: tags -1 wontfix
Control: close -1
On Thu, 21 Aug 2025 13:17:32 +0200 Norbert Lange <nolange79 at gmail.com>
wrote:
> Package: systemd-boot
> Version: 257.7-1
> Severity: important
>
> Dear Maintainer,
>
> Using systemd-boot-efi-amd64-signed, shim-signed and systemd-boot
> will result in 2 EFI entries beeing added (if they dont exists) every
time
> systemd-boot is upgraded.
>
> once via 'bootctl update' which will result in a entry that is not
working
> when using secure-boot via the shim.
>
> and one using the shim (if that package is installed).
>
> I dont know why but this also happened to set the default to the
> nonworking-non-shim twice (cant reproduce now).
>
> I would like to be able to remove the "Linux Boot Manager" entry
> once and dont ever have it come back.
>
> So maybe add --no-variables to the 'bootctl update' call,
> or atleast when the shim is available on the second
> EFI entry will be created.
This is working as intended. If you don't like the default setup, you
are free to install the systemd-boot-efi* and systemd-boot-tools
packages, and use your own installation scripts instead.
More information about the Pkg-systemd-maintainers
mailing list