2

Situation

I have installed the nvidia driver in a computer run by Ubuntu 18.04 LTS with the GDM3 display. I followed the recommendation of the command ubuntu-driver devices, and the driver in point nvidia-graphics-driver-435 is available from the repository.

The installation sudo apt install nvidia-driver-435 goes well. If I type sudo lshw -c video the line about configuration shows that nvidia is the driver on duty.

Forewarned is forearmed

I had at reach the exhaustive contribution of @LuisAlvarado at https://askubuntu.com/a/61433/446253. In case the installation fails, he suggests the following two-stage troubleshooting strategy (boldface is mine).

If your desktop does not load after installing the corresponding driver, then do the following:

sudo nano /etc/gdm3/custom.conf

then remove the comment (# symbol) from the line that says

# WaylandEnable=false

and save. Then reboot. If this still does not work, then please disable Secure Boot since you might actually be using UEFI.

Troubleshooting step 1

If I reboot, I can log in but the desktop does not load up. I then comment in WaylandEnable=false (so the flag is active) as suggested and reboot. However, the bootstrap hangs with a purple screen; if I type F12 to leave the graphics environment, the console informs me "A start job is running for hold until boot process finished" and this proceeds 'endlessly'.

Troubleshooting step 2

Then I reboot and enter the boot loader. Contrary to expectations, SecureBoot is already disabled. It is enabling it that makes loading boot and desktop pass.

Undoing troubleshooting step 1

Once in my desktop environment, however, the system warns me of problems occurring. The logs in /var/crash regard gnome shell and XWayland. Hence, I comment out WaylandEnable=false again, undoing the first troubleshoot step. I reboot and all proceeds seamlessly.

The only strange thing is that, unlike earlier, sudo lshw -c video lacks the driver entry in the configuration line; silence; so no guarantee that nvidia is the driver on duty. I take reassurance that it is so from the tab Additional Drivers in the Software & Updates, and from

grep -iq nouveau /var/log/Xorg.0.log which fails

grep -iq nvidia /var/log/Xorg.0.log which passes.

Question

In my case there was no need to tweak the custom configuration of GDM3. Apparently, enabling Secure Boot took the pain away. I feel there is much folklore about disabling Secure Boot as the great healer for many installation troubles. However, I lack directions to orientate myself in how it should be and how it is. Would anyone please clarify how this works?

Community
  • 1
XavierStuvw
  • 1,451
  • 3
  • 16
  • 45
  • Secure Boot is supposed to stop people who might not know better from using unsigned code(malware) when booting their computer and messing up Windows(don't know about Mac). It can have unintended consequences of making stuff difficult for Linux. Since Linux people should know more, quite often disabling Secure Boot is the easy option, with other options being more difficult. – crip659 Mar 18 '20 at 15:19

2 Answers2

1

Much of the confusion is caused by things changing release to release. Ubuntu has worked with secure boot since 2012, but initially, the signature checking stopped before any kernel modules were loaded. After the 16.04 (?) release, modules were added to the signatrue chain, so the unsigned Nvidia modules then required either turning off secure boot or adding your own signature to them. At some later release, this adding your own signature was automated and included in the install.

Wayland still does not work with Nvidia drivers in use. You may get an option at login (under the gear icon) to select a Wayland login (no need to edit any gdm config files). Initially, Wayland was not offered when Nvidia drivers were in use, then (18.04 included) Wayland was offered even when you had selected to use the Nvidia drivers, but would switch to the intergrated Intel drivers. At some later release, Wayland was removed from the login options when Nvidia drivers were in use.

ubfan1
  • 17,838
0

My steps to make it work with secure boot were as follows:

sudo apt-get update
sudo apt-get upgrade

I pressed then a menu labeled as "Perform MOK Management" appeared, there were the following four options:

  • 1 . Continue boot
  • 2 . Enroll Key
  • 3 . Enroll Key from Disk
  • 4 . Enroll Key from Hash

I chose option number 2, then I continued to boot, it finally worked, I went to Ubuntu settings->Details and my Graphic Card name was shown correctly.

Faisal Shahbaz
  • 126
  • 2