I’m trying to get some guidance on what realistic expectations are for the average user to update PureBoot on the Librem 14. I have a few issues with what I’ve seen so far:
The firmware Releases README has very strong language discouraging users from updating their firmware in this manner (“The files in this repo are not intended for end users. They are intended to be used by official Purism update
mechanisms (eg, coreboot utility script), or downloaded
and applied manually when directed by Purism support staff.
Direct flashing or other use by end users without specific
instruction to do so is highly discouraged.”)
The recommended option is to install a bunch of dependencies*, run a shell script, and compile the firmware? Seriously? What if users don’t want to install dependencies just to update their firmware?
*Several of these don’t appear to be in Fedora 37. I realize Librem 14 doesn’t come with Fedora installed, but I don’t believe these would be available in Qubes OS either, which you can get from Purism.
It sounds as though I can just download the ROM from firmware releases, extract it, put it on a USB, and install through PureBoot menu. Is that the case? If so, why the strong wording discouraging people from doing this? What would I lose or risk by going this route as opposed to running the coreboot utility and updater script
@notsopure the script has two usage options and one of them downloads the correct firmware from the releases for you without building it form source at all. It just tries to check which purism laptop you have and then gets you the correct one. This usage also results in less dependencies that need to be installed for it to run.
The Fedora/Qubes packages are by the way listed in the script it self; git gcc g++ make xz bzip2 pciutils-devel see line 15
I think the reason why purism is discouraging you to chose the pureboot/coreboot file your self is if you mess up you will probably brick your laptop, which should be fixable but will require special hardware.
@fsflover exactly that why they tell the users to use the script instead of downloading the coreboot or pureboot releases yourself.
I think this is not as important with the Librem14 only being one version, but with the Librem15 and 13 this was probably very important since the different versions are quite difficult to tell apart.
Where are the instructions for installing the firmware? If I look at the files in releases, I see 4 files: an ISO and three rom.gz files. What am I supposed to be doing these? I would assume burning the ISO to a flash drive, but what about the rom.gz files?
I’m having a hard time understanding why this isn’t “If you have X, take this Y and install it.”
@notsopure I’ll try to answer each of your points from my perspective.
its all about choice in this case being able to build pureboot from scratch, can and does provide trust and also modification options for people that are interested in that.