How do I install two independent Ubuntu installations on a single hard drive with UEFI?

dual-boot grub2 uefi grub-efi

Solution 1:

I have two suggestions...

Option #1: Separate ESPs

Under EFI, the boot loader resides on "the" EFI System Partition (ESP). I put the word "the" in quotation marks because there's no rule that says you're limited to one ESP. If you create two ESPs on your hard disk, you can use one of them for your first installation and the second ESP for the second installation. This should work pretty seamlessly, although you'll have to create your partitions manually (using the "Something Else" option during installation), at least for your second Ubuntu installation.

One problem with this approach is that, although the EFI specification explicitly states that you can create as many ESPs as you like, some software might become confused by it. One prominent example of this is the Windows installer, at least through Windows 7 (I don't know about Windows 8 or later); when the Windows 7 installer sees a disk with two ESP, it flakes out and does weird things. IIRC, it doesn't complete its own installation properly. It's conceivable that Windows repair tools would suffer from the same problem. If you're not booting Windows on this system, this shouldn't be a big deal. If you are booting with Windows, you should simply be aware of the problem, because you can easily overcome it by temporarily changing the type code of the non-Windows ESP(s) if you run into problems. Note that Windows will boot just fine on a disk with multiple ESPs; it's just the installer that chokes on such disks.

Another issue is how you'd switch between your two distributions. You might need to customize one or both of your installations' GRUB setups using a tool like GRUB Customizer. Another (but not incompatible) option would be to use your firmware's own boot manager to switch between your two GRUB installations, and use each one to boot just its own version of Ubuntu.

Option #2: Abandon GRUB (or at least Ubuntu's GRUB tools)

The problem with GRUB for your situation is that you've got two installations and the GRUB maintenance tools are likely to become confused by that configuration. This observation leads to the obvious solution that you should simply not use those tools. There are several other EFI boot loaders for Linux, most of which are easier to manually maintain than GRUB. You could set up ELILO, SYSLINUX, Fedora's patched GRUB Legacy, gummiboot, or rEFInd and manage both your installations manually. In fact, because rEFInd detects kernels whenever it boots, rEFInd should be close to no-maintenance, once it's set up. Alternatively, but in a similar vein, you could hand-edit your grub.cfg file to do what you want, rather than rely on the GRUB setup scripts.

Aside from rEFInd, all of these tools will require you to make configuration changes whenever you update a kernel, which will be a drag. There's also the question of when and how to install the extra boot program. I'd probably put it off until after your second Ubuntu installation, since each installation will register its own copy of GRUB as the default boot loader, and you want to override that default.

Note also that none of these tools can read a kernel from an encrypted filesystem or from an LVM, so you'll need to have a separate unencrypted /boot partition for each of your Ubuntu installations. This is the way most instructions I've seen say to set up an encrypted Ubuntu installation anyhow, so it's probably not a big deal unless you want to play on the "bleeding edge" of disk encryption.

Some EFI boot loaders have additional specific partitioning or filesystem requirements. Most notably, ELILO, SYSLINUX, and gummiboot all require the kernel to reside on a FAT partition, and the ESP works best for this. You can do this by mounting the ESP at /boot, but this is an iffy solution in Ubuntu because some package updates require symbolic links. You'd also have trouble doing this with two separate Ubuntu installations because they'd both try to claim the same files. (In this case, "the ESP" really means "the partition from which the boot loader ran," so you can have just one ESP in this case.) GRUB Legacy and rEFInd are more flexible about this.

My Recommendation

Personally, I'd use rEFInd for this -- but as I maintain rEFInd, I'm not exactly unbiased. In fact, I've got a computer that multi-boots between three Ubuntu installations, and rEFInd switches between them just fine. This particular system doesn't use encryption, but I doubt if that will cause any new problems from rEFInd's perspective.

That said, separate ESPs should work fine, too, with the caveat that you might need to use GRUB Customizer to tweak the settings of at least one of those GRUB copies.

Solution 2:

Here are the steps I used to dual boot with two LUKS encrypted Ubuntu systems on a single hard drive with UEFI using option #2 recommended by Rod Smith previously. This was specifically with Ubuntu 18.04.1-desktop. Home directory encryption is no longer given as an option during install as there are concerns of the reliability and maintenance of eCryptfs. It is recommended to use LUKS instead, so I think is the best option to have multiple users with encrypted home partitions.

    1. Boot into a Live USB, this was by downloading the ISO and using the Startup Disk Creator to format and setup a USB drive.
    1. Use GParted to partition the disk. This was based on recommendations at https://help.ubuntu.com/community/ManualFullSystemEncryption and using some of the defaults set by the Ubuntu installer when selecting disk encryption for the full disk.
      • EFI System Partition / 512MiB / FAT32 / boot, esp (flags)
      • Boot System #1 / 732MiB / EXT4
      • Boot System #2 / 732MiB / EXT4
      • Data Encrypted #1 / [desired size] / cleared
      • Data Encrypted #2 / [desired size] / cleared
    1. Reboot back into Live USB
      • Install Ubuntu
      • Select installation preferences
      • Select "Something else" for partition disk layout, and within that partition configuration for the installation:
        • Select "EFI System Partition" as the bootloader in the menu at the bottom.
        • Select "Data Encrypted #1" and select "physical device for encryption" and then enter the encryption phrase to be used for the partition.
        • Select the newly created partition with EXT4 and change the mount point to "/".
        • Select the "Boot System #1" and have the mount point for it be "/boot".
      • Continue and install
    1. Reboot into the new install
      • Install "refind" via "apt-get install refind" and have it install automatically to the ESP, the "EFI System Partition".
    1. Reboot back into the Live USB
      • Repeat the steps 3 and 4 for the #2 Boot System and Data Encrypted #2 partitions installing the second Ubuntu installation.
    1. Configure and upgrade each installation as needed.

Solution 3:

I use the following approach with a single ESP:

I created additional boot-loaders for each OS with

sudo grub-install --bootloader-id=ID

using a different ID for each operating system.

Example:

I have Ubuntu 16.04 and Ubuntu 18.04 installed. I boot into Ubuntu 16.04 and run

sudo grub-install --bootloader-id=Ubuntu1604

Then from booted into Ubuntu 18.04 I run

sudo grub-install --bootloader-id=Ubuntu1804

In the UEFI-settings I see the new boot entries with the names Ubuntu1604 and Ubuntu1804and rearrange the boot order to set one of the new entries to the first place.

I can also see the folders with this names in the ESP.

When a system upgrade ships with a new version of grub, it will reinstall a fresh instance of grub to the ubuntu-folder on the ESP, it will not affect the boot-loaders I created myself, but I have to rearrange the boot-order again as the ubuntu-entry will be pushed to the first place in the boot-order.

This is what efibootmgr -v shows in my configuration:

~$ efibootmgr -v
BootCurrent: 0001
Timeout: 0 seconds
BootOrder: 0001,0002,0004,0000,0003,0005
Boot0000* ubuntu    HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(\EFI\ubuntu\shimx64.efi)
Boot0001* US1804    HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(\EFI\US1804\grubx64.efi)
Boot0002* US1604    HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(\EFI\US1604\grubx64.efi)
Boot0003* UEFI OS   HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(\EFI\BOOT\BOOTX64.EFI)
Boot0004* US1904    HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(\EFI\US1904\shimx64.efi)
Boot0005* ubuntu    HD(1,GPT,249ac0f6-d3e4-4b91-91d5-6e8d63c093c3,0x800,0x9a000)/File(EFI\Ubuntu\grubx64.efi)

Related

Is setting default mount options for udisks really not possible?
How do I use the GUI to search for files in GNOME?
What causes "Failed to fetch ... File has unexpected size. Mirror sync progress?" error?
Permanently change keyboard layout
Connection timeout for ssh server
Wifi slows down if I connect with Bluetooth device on Ubuntu 14.10
Unable to run a 32-bit program on 64-bit VM
How safe is Ubuntu tweak's Janitor?
Keyboard not working 100% after Ubuntu 13.10 upgrade
Cannot reach public WIFI login page in Ubuntu 18.04 Captive Portal Issue
Programmatically disable apt unattended upgrades
How to install Winusb?