Switching from EFI GRUB to MBR GRUB to permanently fix the dualboot issue (W11/Garuda)

Hey there,

I made the same grave mistake as many others and dual-boot W11 / Garuda Dr460nized. I also already temporarily fixed my problems with a live-boot of Garuda and an EFI repair via the GUI tool (thx for the nice UX in this regard :).

I am now looking for a more permanent solution and a sanity check in regard to GRUB. My installation is an encrypted LVM Garuda, currently with GRUB “residing”/linked on the W11-SSDs EFI configuration. I can currently work and access said Garuda.

Now, to the actual question - is there a way of re-partitioning my encrypted LVM to provide my Garuda Installation/SSD with its own GRUB MBR so it can finally be freed of its Windows shackles by being bootable independently of W11 or am I just daydreaming something here? I want to avoid a completly new install of Garuda because of all the config I changed already.

If I got this right, having the MBR on-disk should remediate all the overwrite issues from M$ Windows, right?

Thanks in advance >_<

Some more pointers about my setup:

Windows 11: up-to-date, bitlocker: on, efi-boot, internal NVMe SSD(s)
UEFI: secure boot: off, default-boot: W11 (otherwise select Garuda via UEFI)
Garuda: up-to-date, on encrypted LVM, external USB-C NVMe SSD

System:
Kernel: 6.14.6-zen1-1-zen arch: x86_64 bits: 64 compiler: gcc v: 15.1.1
clocksource: tsc avail: hpet,acpi_pm
parameters: BOOT_IMAGE=/@/boot/vmlinuz-linux-zen
root=UUID=cc7c5462-adce-4da8-8d92-7dfeecd7e537 rw rootflags=subvol=@
quiet rd.luks.uuid=6cb09db6-5ed4-4df3-bc77-4d1d6a716a8a loglevel=3
ibt=off
Desktop: KDE Plasma v: 6.3.5 tk: Qt v: N/A info: frameworks v: 6.14.0
wm: kwin_wayland with: krunner vt: 1 dm: SDDM Distro: Garuda
base: Arch Linux
Machine:
Type: Desktop Mobo: ASRock model: X670E Steel Legend
serial: <superuser required> uuid: <superuser required> UEFI: American
Megatrends LLC. v: 3.16 date: 12/18/2024
CPU:
Info: model: AMD Ryzen 9 7900X bits: 64 type: MT MCP arch: Zen 4 gen: 4
level: v4 note: check built: 2022+ process: TSMC n5 (5nm) family: 0x19 (25)
model-id: 0x61 (97) stepping: 2 microcode: 0xA601209
Topology: cpus: 1x dies: 2 clusters: 2x1 cores: 12 threads: 24 tpc: 2
smt: enabled cache: L1: 768 KiB desc: d-12x32 KiB; i-12x32 KiB L2: 12 MiB
desc: 12x1024 KiB L3: 64 MiB desc: 2x32 MiB
Speed (MHz): avg: 3437 min/max: 545/5737 boost: enabled scaling:
driver: amd-pstate-epp governor: powersave cores: 1: 3437 2: 3437 3: 3437
4: 3437 5: 3437 6: 3437 7: 3437 8: 3437 9: 3437 10: 3437 11: 3437 12: 3437
13: 3437 14: 3437 15: 3437 16: 3437 17: 3437 18: 3437 19: 3437 20: 3437
21: 3437 22: 3437 23: 3437 24: 3437 bogomips: 225162
Flags: avx avx2 ht lm nx pae sse sse2 sse3 sse4_1 sse4_2 sse4a ssse3 svm
Vulnerabilities: <filter>
Graphics:
Device-1: NVIDIA AD102 [GeForce RTX 4090] driver: nvidia v: 570.144
alternate: nouveau,nvidia_drm non-free: 550-570.xx+
status: current (as of 2025-04) arch: Lovelace code: AD1xx
process: TSMC n4 (5nm) built: 2022+ pcie: gen: 4 speed: 16 GT/s lanes: 16
ports: active: none off: DP-2,DP-3 empty: DP-1,HDMI-A-1 bus-ID: 01:00.0
chip-ID: 10de:2684 class-ID: 0300
Device-2: Advanced Micro Devices [AMD/ATI] Raphael vendor: ASRock
driver: amdgpu v: kernel arch: RDNA-2 code: Navi-2x process: TSMC n7 (7nm)
built: 2020-22 pcie: gen: 4 speed: 16 GT/s lanes: 16 ports: active: none
empty: DP-4, DP-5, DP-6, HDMI-A-2, Writeback-1 bus-ID: 16:00.0
chip-ID: 1002:164e class-ID: 0300 temp: 44.0 C
Display: wayland server: X.org v: 1.21.1.16 with: Xwayland v: 24.1.6
compositor: kwin_wayland driver: X: loaded: amdgpu,nvidia
unloaded: modesetting,nouveau alternate: fbdev,nv,vesa dri: radeonsi
gpu: nvidia,nvidia-nvswitch d-rect: 6000x2880 display-ID: 0
Monitor-1: DP-2 pos: top-right model: AOC Q27G2G3R3B serial: <filter>
built: 2022 res: mode: 2560x1440 hz: 165 scale: 178% (1.78) to: 1440x2560
dpi: 109 gamma: 1.2 size: 597x336mm (23.5x13.23") diag: 685mm (27")
ratio: 16:9 modes: max: 2560x1440 min: 640x480
Monitor-2: DP-3 pos: bottom-l model: Dell AW3423DWF serial: <filter>
built: 2022 res: mode: 3440x1440 hz: 165 scale: 100% (1) dpi: 109 gamma: 1.2
size: 800x337mm (31.5x13.27") diag: 868mm (34.2") modes: max: 3440x1440
min: 640x480
API: EGL v: 1.5 hw: drv: nvidia nouveau drv: nvidia drv: amd radeonsi
platforms: device: 0 drv: nvidia device: 1 drv: radeonsi device: 2
drv: nouveau device: 3 drv: swrast gbm: drv: radeonsi surfaceless:
drv: nvidia wayland: drv: nvidia x11: drv: nvidia
API: OpenGL v: 4.6.0 compat-v: 4.5 vendor: nvidia mesa v: 570.144
glx-v: 1.4 direct-render: yes renderer: NVIDIA GeForce RTX 4090/PCIe/SSE2
memory: 23.43 GiB display-ID: :1.0
API: Vulkan v: 1.4.313 layers: 14 device: 0 type: discrete-gpu
name: NVIDIA GeForce RTX 4090 driver: nvidia v: 570.144 device-ID: 10de:2684
surfaces: N/A device: 1 type: integrated-gpu name: AMD Radeon Graphics
(RADV RAPHAEL_MENDOCINO) driver: mesa radv v: 25.0.5-arch1.1
device-ID: 1002:164e surfaces: N/A device: 2 type: cpu name: llvmpipe
(LLVM 19.1.7 256 bits) driver: mesa llvmpipe v: 25.0.5-arch1.1 (LLVM
19.1.7) device-ID: 10005:0000 surfaces: N/A
Info: Tools: api: clinfo, eglinfo, glxinfo, vulkaninfo
de: kscreen-console,kscreen-doctor gpu: corectrl, nvidia-settings,
nvidia-smi wl: wayland-info x11: xdpyinfo, xprop, xrandr
Audio:
Device-1: NVIDIA AD102 High Definition Audio driver: snd_hda_intel v: kernel
pcie: gen: 4 speed: 16 GT/s lanes: 16 bus-ID: 01:00.1 chip-ID: 10de:22ba
class-ID: 0403
Device-2: Advanced Micro Devices [AMD/ATI] Rembrandt Radeon High
Definition Audio driver: snd_hda_intel v: kernel pcie: gen: 4
speed: 16 GT/s lanes: 16 bus-ID: 16:00.1 chip-ID: 1002:1640 class-ID: 0403
Device-3: Advanced Micro Devices [AMD] Family 17h/19h/1ah HD Audio
vendor: ASRock driver: snd_hda_intel v: kernel pcie: gen: 4 speed: 16 GT/s
lanes: 16 bus-ID: 16:00.6 chip-ID: 1022:15e3 class-ID: 0403
Device-4: Lautsprecher Teufel GmbH CINEBAR ONE
driver: hid-generic,snd-usb-audio,usbhid type: USB rev: 2.0 speed: 12 Mb/s
lanes: 1 mode: 1.1 bus-ID: 3-4:4 chip-ID: 2cc2:0027 class-ID: 0300
serial: <filter>
Device-5: C-Media Schiit Modi 3 driver: hid-generic,snd-usb-audio,usbhid
type: USB rev: 2.0 speed: 480 Mb/s lanes: 1 mode: 2.0 bus-ID: 3-9:7
chip-ID: 0d8c:0066 class-ID: 0300
API: ALSA v: k6.14.6-zen1-1-zen status: kernel-api with: aoss
type: oss-emulator tools: N/A
Server-1: PipeWire v: 1.4.2 status: active with: 1: pipewire-pulse
status: active 2: wireplumber status: active 3: pipewire-alsa type: plugin
4: pw-jack type: plugin tools: pactl,pw-cat,pw-cli,wpctl
Network:
Device-1: Intel 82599ES 10-Gigabit SFI/SFP+ Network driver: ixgbe v: kernel
pcie: gen: 2 speed: 5 GT/s lanes: 4 link-max: lanes: 8 port: e000
bus-ID: 02:00.0 chip-ID: 8086:10fb class-ID: 0200
IF: enp2s0 state: up speed: 10000 Mbps duplex: full mac: <filter>
Device-2: Realtek RTL8111/8168/8211/8411 PCI Express Gigabit Ethernet
vendor: ASRock driver: r8169 v: kernel pcie: gen: 1 speed: 2.5 GT/s lanes: 1
port: c000 bus-ID: 06:00.0 chip-ID: 10ec:8168 class-ID: 0200
IF: enp6s0 state: down mac: <filter>
Device-3: MEDIATEK MT7922 802.11ax PCI Express Wireless Network Adapter
driver: mt7921e v: kernel pcie: gen: 2 speed: 5 GT/s lanes: 1
bus-ID: 08:00.0 chip-ID: 14c3:0616 class-ID: 0280
IF: wlp8s0 state: down mac: <filter>
Device-4: Realtek RTL8125 2.5GbE vendor: ASRock driver: r8169 v: kernel
pcie: gen: 2 speed: 5 GT/s lanes: 1 port: b000 bus-ID: 09:00.0
chip-ID: 10ec:8125 class-ID: 0200
IF: enp9s0 state: down mac: <filter>
Device-5: Realtek RTL8153 Gigabit Ethernet Adapter driver: r8152 type: USB
rev: 3.0 speed: 5 Gb/s lanes: 1 mode: 3.2 gen-1x1 bus-ID: 4-1.2:4
chip-ID: 0bda:8153 class-ID: 0000 serial: <filter>
IF: enp20s0u1u2 state: down mac: <filter>
Info: services: NetworkManager, smbd, systemd-timesyncd, wpa_supplicant
Bluetooth:
Device-1: MediaTek Wireless_Device driver: btusb v: 0.8 type: USB rev: 2.1
speed: 480 Mb/s lanes: 1 mode: 2.0 bus-ID: 3-12:8 chip-ID: 0e8d:0616
class-ID: e001 serial: <filter>
Report: btmgmt ID: hci0 rfk-id: 0 state: up address: <filter> bt-v: 5.2
lmp-v: 11 status: discoverable: no pairing: no class-ID: 6c0104
Drives:
Local Storage: total: 3.69 TiB used: 86.07 GiB (2.3%)
SMART Message: Unable to run smartctl. Root privileges required.
ID-1: /dev/nvme0n1 maj-min: 259:1 vendor: Kingston model: SKC3000D2048G
size: 1.86 TiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s
lanes: 4 tech: SSD serial: <filter> fw-rev: EIFK31.6 temp: 28.9 C
scheme: GPT
ID-2: /dev/nvme1n1 maj-min: 259:0 vendor: Kingston model: SFYRS1000G
size: 931.51 GiB block-size: physical: 512 B logical: 512 B speed: 63.2 Gb/s
lanes: 4 tech: SSD serial: <filter> fw-rev: EIFK31.6 temp: 27.9 C
scheme: GPT
ID-3: /dev/nvme2n1 maj-min: 259:7 vendor: Samsung model: SSD 980 500GB
size: 465.76 GiB block-size: physical: 512 B logical: 512 B speed: 31.6 Gb/s
lanes: 4 tech: SSD serial: <filter> fw-rev: 1B4QFXO7 temp: 36.9 C
scheme: GPT
ID-4: /dev/sda maj-min: 8:0 vendor: Western Digital
model: WD PC SN 740 SDDPMQD size: 476.94 GiB block-size: physical: 4096 B
logical: 512 B type: USB rev: 3.2 spd: 5 Gb/s lanes: 1 mode: 3.2 gen-1x1
tech: N/A serial: <filter> fw-rev: 3108 scheme: GPT
Partition:
ID-1: / raw-size: 476.94 GiB size: 476.94 GiB (100.00%)
used: 86.04 GiB (18.0%) fs: btrfs dev: /dev/dm-0 maj-min: 253:0
mapped: luks-6cb09db6-5ed4-4df3-bc77-4d1d6a716a8a
ID-2: /boot/efi raw-size: 100 MiB size: 96 MiB (96.00%)
used: 33.5 MiB (34.9%) fs: vfat dev: /dev/nvme1n1p1 maj-min: 259:2
ID-3: /home raw-size: 476.94 GiB size: 476.94 GiB (100.00%)
used: 86.04 GiB (18.0%) fs: btrfs dev: /dev/dm-0 maj-min: 253:0
mapped: luks-6cb09db6-5ed4-4df3-bc77-4d1d6a716a8a
ID-4: /var/log raw-size: 476.94 GiB size: 476.94 GiB (100.00%)
used: 86.04 GiB (18.0%) fs: btrfs dev: /dev/dm-0 maj-min: 253:0
mapped: luks-6cb09db6-5ed4-4df3-bc77-4d1d6a716a8a
ID-5: /var/tmp raw-size: 476.94 GiB size: 476.94 GiB (100.00%)
used: 86.04 GiB (18.0%) fs: btrfs dev: /dev/dm-0 maj-min: 253:0
mapped: luks-6cb09db6-5ed4-4df3-bc77-4d1d6a716a8a
Swap:
Kernel: swappiness: 133 (default 60) cache-pressure: 100 (default) zswap: no
ID-1: swap-1 type: zram size: 61.88 GiB used: 0 KiB (0.0%) priority: 100
comp: zstd avail: lzo-rle,lzo,lz4,lz4hc,deflate,842 max-streams: 24
dev: /dev/zram0
Sensors:
System Temperatures: cpu: 43.5 C mobo: N/A gpu: amdgpu temp: 45.0 C
Fan Speeds (rpm): N/A
Info:
Memory: total: 64 GiB note: est. available: 61.88 GiB used: 5.89 GiB (9.5%)
Processes: 525 Power: uptime: 1h 21m states: freeze,mem,disk suspend: deep
avail: s2idle wakeups: 0 hibernate: platform avail: shutdown, reboot,
suspend, test_resume image: 24.68 GiB services: org_kde_powerdevil,
power-profiles-daemon, upowerd Init: systemd v: 257 default: graphical
tool: systemctl
Packages: pm: pacman pkgs: 2341 libs: 592 tools: octopi,paru Compilers:
clang: 19.1.7 gcc: 15.1.1 Shell: garuda-inxi default: fish v: 4.0.2
running-in: konsole inxi: 3.3.38
Garuda (2.7.2-1):
System install date:     2025-04-17
Last full system update: 2025-05-18
Is partially upgraded:   No
Relevant software:       snapper NetworkManager dracut nvidia-dkms
Windows dual boot:       Probably (Run as root to verify)
Failed units:

One of the issues is not being able to use Secure boot for most Linux installs at least by default; this makes things more complicated with dual boot as well; also having issues with a similar setup and experiencing issues with Bitlocker drives & now encrypted drives working in Garuda. Hoping the changes to KDE in a month or so with the new Beta might help. Much appreciated.

Secure Boot is not a feature. It’s a prison from which only Microsoft has the key. It’s like giving your front door key to a stranger who can then decide whether or not to give you access to your own house. It’s madness.

Fortunately, there are ways to use W11 without Secure Boot.
If you think you can’t live without it, there are also instructions on how to enable it under Arch-based distributions.

Neither of these is correct. These problems are not caused by the operating system.
Even if the operating system were the cause, why should these “problems” be solved by upgrading the Desktop Environment?
They are your own problems because you don’t know enough about Arch and Linux.

Secure boot, tpm, cms are all scams and should all be disabled before even codering putting an OS on the system. As for bitlocker like fast boot no one actually needs them.

I have not dealt with LVM and the procedures for a long time, but I assume that this will not be possible without data loss and reinstallation of Garuda.

That would be pretty sad :\
I dunno if you can just re-partition the lvm like any other structure to make some space for an on-disk GRUB, maybe one of you ppl know though..

Just to clear some things up - I have secure boot disabled (see config description of this post), so there shouldn’t be a possibility of this influencing my problem

Maybe you can get the necessary info there…
Arch-Wiki - Resizing LVM-on-LUKS

maybe hopefully

i dont use luks actually. i did resize a free space from 600mb. formated as fat32 and marked as /boot/efi and so on then started live iso chroot in garuda and installed grub on the /dev/sda (your one) partition . updated with dracut and logout correctly . reboot and press on my mobo f8 and boot it without any windows but thats near a year ago.

i do not know if you can do without installing Garuda again.

Below is a link to an script which will back up your configuration files so you can do a reinstall and then restore all your settings.

Its called ‘transfuse’

#transfuse (script to backup KDE configuration)
########################################################################
#   curl -O https://gitlab.com/cscs/transfuse/-/raw/main/transfuse     #   
#chmod +x transfuse                                                    #
#./transfuse -b `user`                                                #
#./transfuse -p `user`                                                #
#./transfuse -pr `package`                                             #
#                                                                      #
#                                                                      #
#   TRANSFUSE                                                          #
#                                                                      #
#   A Script to Backup and Restore KDE Plasma Desktop Configurations   #
#                                                                      #
#   Usage: transfuse [option] [USER/PATIENT]                           #
#                                                                      #
#   Options:                                                           #
#    -h   --help                                      show this help   #
#    -b   --backup USER               copy and compress USER configs   #
#    -bt  --backupt USER                 backup USER appearance only   #
#    -BR  --backuproot                           backup root configs   #
#    -C   --copy USER                       copy but do not compress   #
#    -Ct  --copyt USER                     copy USER appearance only   #
#    -c   --compress                         compress copied configs   #
#    -p   --pkglists              create lists of installed packages * #
#    -pr  --pkgrestore                   install native package list * #
#    -pra --pkgrestorealien               install alien package list * #
#    -r   --restore PATIENT             restore configs /to/ PATIENT   #
#                                                                      #
#   Environment Variable       TR_COVER=1       Skip wallpaper steps   #
#   Environment Variable       TR_CHART=1        More verbose output   #
#   Environment Variable       TR_USECP=1          Use cp over rsync   #
#   (*) pkg* options require pacman package manager or an AUR helper   #
#                                                                      #
########################################################################

i hope this helps