I've been happily Windows-free for about 5 years, but lately I need some Win-only software including a few games that don't work at all on Linux. My main questions:
-
How to avoid Windows messing with my Linux install? Having a separate PC is not possible for me right now. I'm considering uninstalling grub and instead selecting the boot device I want from UEFI, idk if this is advisable though.
-
I'm also interested in how to get a Windows install that's as minimal as possible: I don't want to log in to a Microsoft account, I don't want telemetry etc, I only want whatever is strictly required to make my system functional. The one thing I do want is Windows Defender cause ain't no way I'm dealing with an antivirus.
-
Should I go for Win 11 or stick to 10?
Any tips or experiences are welcome!
Ps: I know this information is probably all out there, but I thought a post in this community about it would be useful for others as well.
UPDATE: I ended up going with a regular old dual boot using Windows 10 iot LTSC - there's a few games I wanted to run and a driver as well so I chose to install directly on hardware as opposed to a VM. I created the install media using Ventoy, and UNPLUGGED EVERY OTHER DRIVE during installation except the one Windows was supposed to come on. Afterwards I had to boot in with a live Linux USB (the nice thing about Ventoy is that you can write multiple ISOs to your USB so it came in handy) to manually install rEFInd onto the original EFI partition that my Linux install uses, then I just had to set up the correct boot order in UEFI and everything is working. I also had to fuck around on the boot partition and with efibootmgr
to remove all traces of grub so things don't get tangled up which was a bit scary but things are working perfectly now.
Two physical drives. Install windows first in one, then Linux on the other. If you don't do this order windows boot manager will take over and you'll have to boot Linux from bios.
I'm not using dual boot anymore, but when I did, I always selected the partition from BIOS, which was totally fine for me. Are there arguments against it?
Will it maybe work if I just unplug my Linux drive during the Win install?
One problem with that is that you will end up with two EFI partitions. This is not supported very well by anything, really, so you will run the risk of Windows messing with the wrong partition anyway.
i've been running two drives two EFI partitions dual boot for some time now and it never posed a problem specific to it. on the contrary it makes it easier to distro-hop since you can format the Linux EFI Drive and resize it however you want depending on the distro.
Yep, dual disks with the Windows installation done first is how I did/do it. GRUB/systemd-boot worked just fine from then on, and I am not on Windows 11, so I didn't get hit with that fuck-up Microsoft did just a few days ago.
I also recommend rEFInd for the bootloader if you don't want to set anything up (and risk messing up). You don't need to configure your boot entries, it scans for boot options and shows them with a graphical interface, so your Linux and Windows should just show up.
If I have a new PC with a blank hard drive, what should be the install order?
Windows, then rEFInd, then Linux?
Linux, Win, rEFInd too. Windows is the destructive force here, so rEFInd should always go after it.
It does look like the easiest option so I will definitely use it, thanks!
One thing I've been trying lately that's a bit different: I happen to have an old SSD that had an enclosure with it (kind of like this) which essentially turns it into an external USB drive.
I then used Rufus to install Windows on that drive, using the "Windows To Go" option and also checking the option to not allow Windows to access the internal drives. That way, my laptop can just happily run Linux by itself, and if I need to use Windows for anything I can just plug the drive in, hit F12 on boot and choose to boot from that drive instead. The added bonus is that Windows also can't mess with anything on my regular system or monkey about with the boot loader.
I've only had it on there for about a week but it seems to be working perfectly fine so far!
Oh and also Rufus gives you the option to start with a local account already set up, so you don't have to do the MS online account bullshit. And then after install I used ShutUp10 to turn off as much telemetry as I could.
Hm this sounds very interesting, it would be pretty convenient, I'll look into it
Windows doesn't mess with the Linux install anymore, that was with BIOS boot. Just make sure the EFI partition is big enough so you can fit both.
Does it not? I've seen posts about grub being borked after Windows updates, or was that only on legacy BIOS systems?
As far as I know, that only stops out of date versions of grub that have a certain vulnerability from running that would allow escaping Secure Boot. Meh. It doesn't touch any Linux files or anything and you can boot if you turn off Secure Boot so you can fix it. Long shot from what used to happen where you could only have one boot loader installed at a time so installing Windows would wipe what was there before.
(and by fix it I mean replace grub with systemd-boot)
It’s not supposed to at least. There was a bug recently where it broke the bootloader. But windows is supposed to be able to tell there’s another OS and not break it.
Using modern UEFI booting with a 1GB shared ESP and grub2 has worked just fine for me in the last 8 years. os-prober has always just found the Windows install and generated the necessary boot entry for grub. Windows has never trespassed into the Fedora or Ubuntu folder of the ESP as far as I can tell.
Might as well go for Win11, you're going to have to deal with it next year anyways.
Windows doesn't do minimal, it does whatever the hell it wants. There are some OOBE tricks to get a local account working.
I have used the privacy.sexy app to strip down some of the most obnoxious Win11 bits - be warned that you have to disable defender to have it work. Is it doing bad things? Is MS doing incredibly shady shit with their detections? Who's to say? When I turn on Defender afterwards, everything seems "fine".
There's no need to get rid of grub, or play games with different boot drives. Get to know how EFI works. Look at efibootmgr's output - that's pretty much all that the firmware knows. The firmware has multiple entries consisting of a drive (magic device number), a program path (EFI\grub\grub_x64.efi), and maybe a string to pass along. There is a priority list (0003,0001,0002) which MS occasionally likes to re-arrange.
I would recommend going for the IoT LTSC versions of Windows.
https://massgrave.dev/windows_ltsc_links
Like others have said, I just use two drives, and I can boot into Windows with GRUB.
However, these days, I just do a VM with GPU passthrough. (I installed a second graphics card in my PC just for this.)
The most painless way to dual-boot is to install something that's not Windows alongside something else that's not Windows.
As for the second question: Windows 11 IoT LTSC has yet to be mentioned here - the only things that can stop you from using it are legality and convenience.
I'm not sure if W10 has an IoT LTSC version, but W10 LTSC does exist.
Getting a second drive just for windows I think is a good approach. If you were to do so, it's important that you remove all other drives while installing windows, otherwise the Windows installer will put its boot files into whatever existing EFI partition it finds.
Then using something like https://github.com/Raphire/Win11Debloat you should be good to go with a relatively clean setup.
To have a local account, I use Rufus to setup the usb installer in a way that it automatically creates the local account, and it can also disable the secure boot and tpm requirements from the installer if you want. Though I think rufus is a windows program only. I know there's the "OOBE" approach for the local account, but I haven't done that before. That could be an option too
If your windows software works in a vm or wine then that might be a better choice for you.
The only thing windows will do with to a Linux install anymore is mess up the boot. People still say two separate drives is the optimal choice to prevent this but it really doesn’t save you from anything but fat fingering your own partitions during the install process and if the disks are the same size/interface/manufacturer it doesn’t do much there either.
So as has always been the case since dual booting existed: install windows first, saving the space you want to use for Linux then install whatever you want. Have your distributions preferred method of repairing failed boot on hand so that when something breaks unexpectedly you can fix it. Often it’s more than a boot repair tool, but an entire bootable environment that can be used for all kinds of purposes.
Use uup dump and rufus to make a windows installer and put it on a usb. I specifically recommend rufus as opposed to dd or other normal way of doing things because it has special options regarding windows oobe and requirements that will be invoked on use.
It doesn’t matter if you choose 10 or 11. Both can be had in ltsc channels. Dealers choice, you’re the one with software that needs it!
Letting windows install on its own drive by removing the linux drive (otherwise it will select that drives efi partition), I use systemd boot and I just copied the EFI/Microsoft folder from the windows drive efi partition to the linux efi partition systemd-boot will auto detect it. As for minimal, just use windows 10 ltsc, or windows education and use a debloater tool that is trustworthy (I like winutill).
I've got two separate drives. Linux Mint on an SSD and Windows 10 on an older, mechanical drive. Leave the Windows drive alone. Make the Linux drive the first drive in your BIOS boot order, with the option to boot to Windows as your second drive.
If your GRUB menu doesn't show the Windows drive yet, run "sudo update-grub" to detect it. When your reboot, the bootloader should show both options.
I use a Windows VM (Tiny10 works ok here) in whatever lightweight linux OS I'm fucking with at the time. All my files and stuff are on a local server so I can swap distros easily if I want.
Usually it runs ok, can game, and I dont have to deal with restarting a bunch of stuff. I've been using CachyOS, not sure if I like it yet