[MacTUG] You can't run Linux on Apple's 2018 Macs (thanks to the T2 security chip) - Liliputing : programming
Edward Chrzanowski
edward.chrzanowski at uwaterloo.ca
Thu Nov 8 08:45:17 EST 2018
Here's what the default, "Full Securit"y does:
Full Security is the default Secure Boot setting, offering the highest level of security. This is a level of security previously available only on iOS devices. During startup, your Mac verifies the integrity of the operating system (OS) on your startup disk to make sure that it's legitimate. If the OS is unknown or can't be verified as legitimate, your Mac connects to Apple to download the updated integrity information it needs to verify the OS. This information is unique to your Mac, and it ensures that your Mac starts up from an OS that is trusted by Apple.
To change it:
1. Turn on your Mac, then press and hold Command (⌘)-R immediately after you see the Apple logo to start up from macOS Recovery.
2. When you see the macOS Utilities window, choose Utilities > Startup Security Utility from the menu bar.
3. When you're asked to authenticate, click Enter macOS Password, then choose an administrator account and enter its password.
[https://www.imore.com/sites/imore.com/files/styles/xlarge/public/field/image/2018/11/macos-high-sierra-startup-security-utility.jpg?itok=lq_EC0qt]
From there, if you want to boot into Linux, you want t choose the "No Security" option.
Here's how Apple describes it:
The No Security setting doesn't enforce any of the above security requirements for your startup disk.
Because the T2 Security Chip is no longer verifying the system integrity, you will lose Touch ID authentication for Apple Pay. That's because it can no longer guarantee the security of the connection between Touch ID and the purchase either. If you have an iPhone or iPad, though, you can still use those to authenticate Apple Pay on your Mac, just like you would on a Mac with no built-in Touch ID.
I haven't had time to test booting into Linux on the new Mac mini yet, so it's possible there are other levers that need pulling to make it all work, but there's nothing Apple's doing to actively prevent people who really want to boot into Linux to do it. And I'm looking forward to trying it out myself in the very near future.
________________________________
From: mactug-bounces at lists.uwaterloo.ca <mactug-bounces at lists.uwaterloo.ca> on behalf of Marlon A. Griffith <m3griffi at uwaterloo.ca>
Sent: Wednesday, November 7, 2018 4:19:51 PM
To: Mactug
Subject: [MacTUG] You can't run Linux on Apple's 2018 Macs (thanks to the T2 security chip) - Liliputing : programming
"""
SatansAlpaca 38 points 2 hours ago
This conflates multiple issues. First is that T2 implements Secure Boot,
and doesn’t trust certificates used by Linux distributions. This is a
policy decision. It can be turned off by the end user without arcane
knowledge.
The second issue is that T2 brokers access to a wide array of
components, including storage, and it looks like it happens in a way
that Linux doesn’t know how to deal with. This is a technical issue that
can be resolved with Linux kernel work, most likely.
https://old.reddit.com/r/programming/comments/9v1ugg/you_cant_run_linux_on_apples_2018_macs_thanks_to/
"""
_______________________________________________
MacTUG mailing list
MacTUG at lists.uwaterloo.ca
https://lists.uwaterloo.ca/mailman/listinfo/mactug
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uwaterloo.ca/pipermail/mactug/attachments/20181108/f9a60257/attachment.html>
More information about the MacTUG
mailing list