efivar

List all UEFI variables

$ efivar [[-l|--list]]

$ efivar [[-n|--name]] [146b234d-4052-4e07-b326-11220f8e1fe8-lBoot0000] [[-p|--print]]

efivar [OPTIONS] [COMMAND] [VARIABLE_NAME] [VALUE]
efivar --list
efivar --print VARIABLE_NAME
efivar --write VARIABLE_NAME [VALUE]
efivar --append VARIABLE_NAME [VALUE]
efivar --delete VARIABLE_NAME

--list, -l
    Lists all available UEFI variables found in NVRAM.

--print, -p
    Prints the value and attributes of a specified UEFI variable.

--write, -w
    Writes a new value to a UEFI variable. Requires a variable name and data (from command line or --from-file).

--append, -a
    Appends data to an existing UEFI variable. Requires a variable name and data (from command line or --from-file).

--delete, -d
    Deletes a specified UEFI variable from NVRAM. Use with extreme caution.

--from-file, -f
    Reads the variable data from the specified file. Used with --write or --append.

--guid, -g
    Specifies the GUID (Globally Unique Identifier) of the variable. Required for variables not in the default namespace or when ambiguity exists.

--attributes, -t
    Sets the attributes (e.g., 'NV', 'BS', 'RT', 'AT') for a variable during write or append operations. Attributes are typically comma-separated.

--verbose, -v
    Enables verbose output, providing more details about the operation.

--help, -h
    Displays the help message and exits.

--version
    Displays version information and exits.

efivar is a command-line utility for interacting with UEFI (Unified Extensible Firmware Interface) variables. These variables are stored in the system's NVRAM (Non-Volatile RAM) and are crucial for the firmware, bootloaders, and operating systems to store configuration data and state.
Common uses include managing boot entries (though efibootmgr is often preferred for that), secure boot settings, and system-specific configurations. It allows users to list, read, write, and delete UEFI variables, providing a powerful interface for low-level system configuration.
The command often requires root privileges as it interacts directly with system firmware. Misuse of efivar can render a system unbootable, so caution is advised. It provides more granular control over individual variables compared to higher-level tools.

Root Privileges: efivar almost always requires root privileges (e.g., using sudo) to access and modify UEFI variables.
System Stability: Incorrectly modifying or deleting UEFI variables can render your system unbootable or lead to unpredictable behavior. Exercise extreme caution.
Firmware Specificity: The meaning and function of UEFI variables can vary significantly between different UEFI firmware implementations and motherboard manufacturers.
Write Protection: Some UEFI variables may be protected by the firmware or require specific Secure Boot states to be modified.

Under Linux, UEFI variables are primarily exposed through the efivarfs pseudo-filesystem, typically mounted at /sys/firmware/efi/efivars. Each variable appears as a file with its name and a GUID. While direct file operations are possible, efivar offers a more robust and safer command-line interface for complex manipulations, such as handling binary data, specific GUIDs, and setting attributes.

UEFI variables are identified by a Globally Unique Identifier (GUID) and a name (e.g., '8be4df61-93ca-11d2-aa0d-00e098032b8c-BootOrder'). Their content is often binary data, and interpreting it accurately usually requires knowledge of the UEFI Specification or specific firmware documentation.

Common applications for efivar include:
Debugging UEFI boot issues by inspecting or modifying boot order variables.
Manually configuring advanced firmware options not exposed in the visual BIOS/UEFI setup.
Managing Secure Boot related variables (e.g., PK, KEK, DB, DBX) for advanced security configurations.
Automating firmware configuration tasks in data centers or large deployments.

efivar is part of the broader Linux UEFI support infrastructure. Its development is closely tied to the `efivarfs` pseudo-filesystem, which exposes UEFI variables as files in `/sys/firmware/efi/efivars`. The command-line tool provides a more direct and programmatic interface, complementing the file-system approach, especially for complex operations like setting attributes or handling binary data. It emerged as UEFI replaced traditional BIOS, enabling Linux to fully interact with and manage modern firmware settings.

efibootmgr(8), efivarfs(4), dd(1)