It was already made clear for you. Just read. If in doubt, run:
sudo install-grub
3 Likes
The wording confused me, thanks for clarification!
4 Likes
Yes, the wording wasn’t definitive enough. So I felt ambiguous. Thanks for saying something.
2 Likes
Please read the introduction of the script if you have questions: Install-grub: a new way to keep your EFI/MBR in-sync with grub package
If I were able to edit the wiki post at the top (I am not seeing an edit menu like those that appear on my posts/comments), I would add this to the “Grub gained security fixes. Updating it may be risky” section. It is only barely clear to me when and why I should run install-grub when the grub binary is updated, and I’ve been reading these announcements for eight years; using Linux since the late 1990s.
Although I am confident I’ll figure out whether or not to install-grub, and know where I can find instructions as to “how”, this is the first time I’ve seen “when” or “whether” addressed. In another life I would write something myself after some research, but I cannot do that right now and won’t be able anytime soon.
1 Like
Wie beim letzten Stable-Update crashed das pamac GUI beendet aber im Hintergrund das update → Strange!
Flawless update for me. Thanks a lot for all your efforts!
KDE Plasma 6.3.4
CPU: AMD 7800x3d, GPU: AMD 7800XT
2 Likes
Replace pamac-gtk with pamac-gtk3:
sudo pacman -S pamac-gtk3
If people found all those Grub vulnerabilities, how many more are waiting to be found? So interesting to think that someone is walking around somewhere in the world, in some office, plugging in USB sticks to random machines and bypassing secure boot. An inside job.
English, please. 
I am sorry to have to be so blunt, but everyone who thinks that Secure Boot was meant to make computers more secure is hopelessly naive.
Secure Boot was added to the UEFI specification for one purpose, and one purpose only, which is to give Microsoft — which is on the UEFI Committee — control over what operating systems may or may not be installed on your computer.
Historically speaking, Apple was Microsoft’s biggest rival, and Apple offered not just an operating system to their customers, but also the computer itself. Microsoft had no such thing. That is why Bill Gates and Steve Ballmer conceived the idea of Secure Boot, so as to bind the x86-64 platform to Microsoft Windows.
The UEFI shell even uses the Windows CMD.EXE command syntax, and UEFI executables — such as the UEFI version of grub — are compiled in the Windows NT binary format. 
[nx-74205:/dev/pts/3][/home/aragorn]
[aragorn] > file /boot/efi/EFI/boot/bootx64.efi
/boot/efi/EFI/boot/bootx64.efi: PE32+ executable for EFI (application), x86-64 (stripped to external PDB), 4 sections
5 Likes
Grub is not really good in release planning. There is about one release per year if that even happens. Most people use grub-git or a snapshot of grub. If you check Ubuntu or Fedora you will see a lot of extra patches for that patches:
1 Like
Got pamac-gtk3 before this update but it crashed too.
A post was split to a new topic: Can’t build mixxx
In the last update thread it was mentioned folks were finding “frozen” plasma screens on multi-monitor systems… anyone who was having that issue find that this update resolved it?
Also, as there has been some past Steam/sdl2-compat issues, so I’d appreciate hearing about people’s Steam gaming experience.
I personally would not want my Linux pre-installed. It could have been tampered with.
Yeah, you can hold shift while booting, to make the Grub Menu visible manually for one boot, you have to hold the Shift key few seconds before you see that Grub is going to load.
OR
you do this changes in /etc/default/grub
GRUB_TIMEOUT_STYLE=menu (or replace menu with hidden) if there is hidden then you need to hold shift to make it visible… its up to you, if you want to see it or not.
You can even set the timer, how long it takes time till Grub Menu is showing…
GRUB_TIMEOUT=1 (i set it to 1 second to have less delay while booting, but you probably fine with the default 5 seconds… its all up to you)
save file and type:
sudo update-grub
You can also collect all important info’s in the forum, to prepare a usb manjaro livebootstick with a fresh ISO + Ventoy and you can do with Timeshift on a external device a system snapshot, to archive additional security before you doing this or any future update.
There are assholes and good guys on our whole planet and you will find them in every country and in every forum. Not matter if its Windows, Linux or Mac related.
@philm
Yo Philm, whats going on about the returning XZ Problem? Is this fixed in this release update?
https://www.heise.de/en/news/XZ-Utils-Vulnerability-probably-enables-code-smuggling-10343158.html
1 Like
I wonder if it will be helpful to also add the following in post 2 [on the grub issue] - “if your computer has more than 1 Linux distro installed on it, and it is not Manjaro’s grub that is controlling the boot menu on the machine, you do not need to run grub-update.”
Just a thought.
Just answer the question. You are referring to information that does not explain well what and when to do with the grub update.
For me $sudo install-grub gives “WARNING: EFI directory not found! Grub couldn’t be installed.”
$lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 119,2G 0 disk
├─sda1 8:1 0 500M 0 part /boot/efi
├─sda2 8:2 0 30G 0 part /
├─sda3 8:3 0 65G 0 part /home
└─sda4 8:4 0 9G 0 part [SWAP]
sdb 8:16 0 931,5G 0 disk
└─sdb1 8:17 0 931,5G 0 part /home/DataDisk
$sudo update-grub gave:
Генерируется файл настройки grub …
Найдена тема: /usr/share/grub/themes/manjaro/theme.txt
Найден образ linux: /boot/vmlinuz-6.6-x86_64
Найден образ initrd: /boot/intel-ucode.img /boot/initramfs-6.6-x86_64.img
Found initrd fallback image: /boot/initramfs-6.6-x86_64-fallback.img
Найден образ linux: /boot/vmlinuz-6.1-x86_64
Найден образ initrd: /boot/intel-ucode.img /boot/initramfs-6.1-x86_64.img
Found initrd fallback image: /boot/initramfs-6.1-x86_64-fallback.img
Предупреждение: Для обнаружения других загрузочных разделов будет запущен os-prober.
Результат работы будет использован для обнаружения загружаемых файлов и создания новых загрузочных записей.
Добавляется элемент загрузочного меню для настроек микропрограммы UEFI …
Found memtest86+ image: /boot/memtest86+/memtest.bin
завершено
And I dont understand is update-grub is enough for " This is however needed to apply recent security fixes" or in my case “EFI directory not found!” is a problem.
1 Like
I found the new package manager Octopi great and stopped using Pamac for a couple months.