Wednesday, November 7th 2018
Linux Won't Boot on New MacBook Air: Apple's T2 Security Chip Prevents It
The new MacBook Air with Retina display is overall a nice upgrade from the old versions of these laptops. There's one caveat, though: the new T2 chip that manages Touch ID's Secure Enclave, APFS storage encryption or UEFI Secure Boot validation will make it impossible to boot with a Linux distribution. Apple's T2 documentation (PDF) explicitly covers how the support for booting Linux is not available: the Microsoft Corporation UEFI CA 2011 certificate used also by Linux distributions isn't trusted at this moment, so the T2 chip will make it impossible to boot from Linux distributions. Only Windows is allowed to boot via Boot Camp at the moment.
Apple's Secure Boot support page shows how the new 'Startup Security Utility' can be used to disable Secure Boot, but some people have tried to boot Linux through this method and even with that change it's impossible to boot Linux. The problem extends to the rest of machines including the T2 Security Chip, like the Mac mini, the iMac Pro or the MacBook Pro 2018, for example. Apple hasn't made any comments on the issue.
Source:
Phoronix
Apple's Secure Boot support page shows how the new 'Startup Security Utility' can be used to disable Secure Boot, but some people have tried to boot Linux through this method and even with that change it's impossible to boot Linux. The problem extends to the rest of machines including the T2 Security Chip, like the Mac mini, the iMac Pro or the MacBook Pro 2018, for example. Apple hasn't made any comments on the issue.
16 Comments on Linux Won't Boot on New MacBook Air: Apple's T2 Security Chip Prevents It
sounds kinda fruity to me, or at least another cleverly-designed marketing ploy created to keep their new machines in the headlines as long as possible :D
or, "T2", as in "Terminator 2", as in: all yinz linus users are belong to us, hehehe !
Installing Linux on Macs is primarily a developer thing. In the beginning Mac OS X was fairly decent, but over the years it have become more and more locked down, buggy and technically outdated. For a while many developers still bought Macs to install Linux for the build quality, but even that has degraded lately. These days vendors like Lenovo, Dell and HP offer better solutions, so you can keep your hard-earned cash away from Apple.
In any case, consoles are turnkey machines, with no *nix userland tools or interface for them to speak of. Mac OS is a certified UNIX, with all of the userland to boot (and ability to add more from premade Darwin packages or other ports). The only thing you wouldn't do is run a different windowing environment, but why would you want to? That's kind of my point earlier. It already has the base of Unix stuff shared across most *nix systems, and a better window environment to begin with (which has it's own Mac ports anyways, like Libre/GIMP/etc).
And then there is the GUI; every serious developer configure their OS over time to fit their workflow, and most developer's workflow also evolve over time. The possibilities and ease of customization in Linux is magnitudes over Windows and OS X. Switching desktop environment is of course one of those options; just among five of my colleges sitting closest to me I can find at least four different desktop environments on Linux, and each one made their choice based on convenience and workflow, not based on looks. It comes down to how people prefer to navigate between workspaces and windows, set up keyboard shortcuts etc. The possibilities to do this in Windows and OS X is very limited. Setting up a standard environment in Linux takes a few minutes, fresh Linux users usually starts out by using it like they are used to from Windows or OS X, but gradually starts to tweak it as they get accustomed to it. Then after years, going back feels like returning to the stone age, regardless of how "polished" some aspects of other OS' look. You need to use Linux for several years to fully understand this.
How to disable Secure Boot