Products › lamboot-tools › Quick Start
Quick Start
Install, scan, snapshot, and repair in four commands.
Install from a signed release tarball
.tar.gz with a detached .asc signature. Additional distribution channels are being prepared.# 1. Download the signed tarball and its detached signature
curl -LO https://github.com/lamco-admin/lamboot-tools/releases/download/v0.9.1/lamboot-tools-0.9.1.tar.gz
curl -LO https://github.com/lamco-admin/lamboot-tools/releases/download/v0.9.1/lamboot-tools-0.9.1.tar.gz.asc
# 2. Verify the SHA-256 checksum (published on the release page)
echo "bf4638eeb44560feeaa6aed802918fdac12bc51f5b94b074c04f128647d882b2 lamboot-tools-0.9.1.tar.gz" | sha256sum -c
# lamboot-tools-0.9.1.tar.gz: OK
# 3. Import the Lamco Development LLC signing key
gpg --recv-keys 405CB1E36258DA1DA406A852A236DDB84E0EC96E
# 4. Verify the detached GPG signature
gpg --verify lamboot-tools-0.9.1.tar.gz.asc lamboot-tools-0.9.1.tar.gz
# gpg: Good signature from "Lamco Development LLC"
# 5. Unpack and install the core suite
tar xzf lamboot-tools-0.9.1.tar.gz
cd lamboot-tools-0.9.1
sudo make install
make install places the shell tools at /usr/bin/, the shared library under /usr/lib/lamboot-tools/, man pages under /usr/share/man/, and the two bundled static-musl binaries (lamboot-capcheck and lamboot-reader) at /usr/bin/. To add the optional Proxmox VE companion (5 tools), run sudo make install-pve.
Confirm the suite is in place and see each tool's version:
$ lamboot-toolkit status
lamboot-tools 0.9.1
lamboot-diagnose 0.7.3 stable
lamboot-esp 0.6.1 stable
lamboot-nvram 0.5.2 stable
lamboot-backup 0.6.0 stable
lamboot-repair 0.5.4 stable
lamboot-migrate 0.4.7 stable
lamboot-doctor 0.5.0 stable
lamboot-uki-build 0.4.2 stable
lamboot-signing-keys 0.4.1 stable
lamboot-inspect 0.3.0 stable
10 core tools plus the lamboot-toolkit dispatcher (11 total).
Each tool reports both its own version and the umbrella release tag:
$ lamboot-diagnose --version
lamboot-diagnose 0.7.3 (lamboot-tools 0.9.1)
First scan
lamboot-diagnose is a read-only scan of the UEFI boot chain across 11 categories. It changes nothing, so it is safe to run first on any system.$ sudo lamboot-diagnose
lamboot-diagnose 0.7.3 (lamboot-tools 0.9.1)
Firmware mode UEFI [ ok ]
ESP mount /boot/efi (vfat, 511 MiB, 38% used) [ ok ]
ESP filesystem clean [ ok ]
Boot entries 6 present, BootOrder valid [ ok ]
Dead boot entries 1 found (Boot0004 -> missing loader) [ warn ]
Secure Boot enabled, db populated [ ok ]
Bootloader systemd-boot 254 [ ok ]
Kernel images 3 installed, all resolvable [ ok ]
...
Summary: 10 categories ok, 1 warning, 0 errors, 0 critical
[warn] Boot0004 references a loader that no longer exists.
Remediation: sudo lamboot-nvram clean
Docs: https://github.com/lamco-admin/lamboot-tools
Exit code: 0
Severity and exit codes
| Severity | Meaning | Exit impact |
|---|---|---|
| critical | Booting will fail | Exit 2 |
| error | A capability is broken | Exit 2 |
| warning | Works now, but risky | Exit 0 (warnings alone do not fail) |
| info | Fine as-is | Exit 0 |
For machine-readable output, add --json. Every warning-or-above finding includes a remediation command and a documentation URL:
$ lamboot-diagnose --json | jq '.summary'
{
"ok": 10,
"warning": 1,
"error": 0,
"critical": 0,
"exit_code": 0
}
$ lamboot-diagnose --json | jq '.findings[] | select(.severity == "warning")'
{
"category": "nvram",
"severity": "warning",
"message": "Boot0004 references a loader that no longer exists.",
"remediation": "sudo lamboot-nvram clean",
"doc_url": "https://github.com/lamco-admin/lamboot-tools"
}
First backup
lamboot-backup save captures NVRAM, boot order, and Secure Boot state into a single restorable snapshot.$ sudo lamboot-backup save
lamboot-backup 0.6.0 (lamboot-tools 0.9.1)
Captured boot entries 6
Captured BootOrder Boot0001,Boot0002,Boot0000
Captured Secure Boot state enabled
Snapshot /var/lib/lamboot-tools/backups/2026-06-23T14-21-08.json
Exit code: 0
List and inspect snapshots, then restore one if a later change needs to be undone:
$ sudo lamboot-backup list
2026-06-23T14-21-08 6 entries Secure Boot: enabled
$ sudo lamboot-backup show /var/lib/lamboot-tools/backups/2026-06-23T14-21-08.json
# ... displays boot order, entries, Secure Boot posture
$ sudo lamboot-backup restore 2026-06-23T14-21-08
Guided doctor
lamboot-doctor chains the read-only scan, an internal policy step, and the repair actions under a single sudo escalation. It shows the plan and any critical finding requires typed confirmation before it acts.$ sudo lamboot-doctor
lamboot-doctor 0.5.0 (lamboot-tools 0.9.1)
Step 1 Diagnose 11 categories scanned
Step 2 Plan 1 fix proposed
Proposed actions:
1. Remove dead boot entry Boot0004 (missing loader)
Apply this plan? [y/N] y
Step 3 Repair Boot0004 removed
Step 4 Verify BootOrder valid, 0 warnings
Summary: 1 fix applied, system healthy
Exit code: 0
--dry-run
Preview the plan without executing it. Reports what would change with no state modifications.
--auto
Non-interactive automation. Implies --yes. Critical findings still require typed confirmation.
--suggest-next-command
Prints the recommended follow-up command based on the output, for scripting use.
Explore the full documentation
Tool Reference
Subcommands, flags, and examples for all 11 tools plus bundled components.
CLI Contract
Universal flags, exit codes 0 through 7, and the JSON envelope every tool shares.
Workflows
BIOS to UEFI migration, diagnose to repair loop, and Secure Boot key management.
Proxmox Companion
Host-side fleet tools for LamBoot integration on Proxmox VE 7.x and 8.x.
Troubleshooting
Symptom-to-tool scenario matrix for boot-chain, NVRAM, migration, and more.
Install
Full install instructions, requirements, and license.