diff --git a/rust/lanzatool/src/esp.rs b/rust/lanzatool/src/esp.rs
index 3112225..f797caa 100644
--- a/rust/lanzatool/src/esp.rs
+++ b/rust/lanzatool/src/esp.rs
@@ -5,18 +5,23 @@ pub struct EspPaths {
     pub nixos: PathBuf,
     pub kernel: PathBuf,
     pub initrd: PathBuf,
+    pub linux: PathBuf,
+    pub lanzaboote_image: PathBuf,
 }
 
 impl EspPaths {
     pub fn new(esp: &str) -> Self {
         let esp = Path::new(esp);
         let esp_nixos = esp.join("EFI/nixos");
+        let esp_linux = esp.join("EFI/Linux");
 
         Self {
             esp: esp.to_owned(),
             nixos: esp_nixos.clone(),
             kernel: esp_nixos.join("kernel"),
             initrd: esp_nixos.join("initrd"),
+            linux: esp_linux.clone(),
+            lanzaboote_image: esp_linux.join("lanzaboote-image.efi"),
         }
     }
 }
diff --git a/rust/lanzatool/src/install.rs b/rust/lanzatool/src/install.rs
index 7bd4fe2..d24ddea 100644
--- a/rust/lanzatool/src/install.rs
+++ b/rust/lanzatool/src/install.rs
@@ -14,7 +14,7 @@ pub fn install(_: &Path, bootspec: &Path, lanzaboote_bin: &Path) -> Result<()> {
 
     let esp_paths = EspPaths::new(&bootspec_doc.v1.extension.esp);
 
-    stub::assemble(
+    let lanzaboote_image = stub::assemble(
         lanzaboote_bin,
         &bootspec_doc.v1.extension.os_release,
         &bootspec_doc.v1.kernel_params,
@@ -27,6 +27,9 @@ pub fn install(_: &Path, bootspec: &Path, lanzaboote_bin: &Path) -> Result<()> {
     fs::create_dir_all(&esp_paths.nixos)?;
     fs::copy(bootspec_doc.v1.kernel, esp_paths.kernel)?;
     fs::copy(bootspec_doc.v1.initrd, esp_paths.initrd)?;
+
+    fs::create_dir_all(&esp_paths.linux)?;
+    fs::copy(lanzaboote_image, esp_paths.lanzaboote_image)?;
     // install_systemd_boot(bootctl, &esp)?;
 
     Ok(())
diff --git a/rust/lanzatool/src/stub.rs b/rust/lanzatool/src/stub.rs
index dcbf49a..286ade0 100644
--- a/rust/lanzatool/src/stub.rs
+++ b/rust/lanzatool/src/stub.rs
@@ -1,6 +1,6 @@
 use std::fs;
 use std::os::unix::fs::MetadataExt;
-use std::path::Path;
+use std::path::{Path, PathBuf};
 use std::process::Command;
 
 use anyhow::Result;
@@ -12,7 +12,7 @@ pub fn assemble(
     kernel_cmdline: &[String],
     kernel_path: &Path,
     initrd_path: &Path,
-) -> Result<()> {
+) -> Result<PathBuf> {
     // objcopy copies files into the PE binary. That's why we have to write the contents
     // of some bootspec properties to disk
     let kernel_cmdline_file = Path::new("/tmp/kernel_cmdline");
@@ -46,6 +46,8 @@ pub fn assemble(
     let initrd_path_offs = kernel_cmdline_offs + file_size(kernel_cmdline_file)?;
     let kernel_path_offs = initrd_path_offs + file_size(initrd_path_file)?;
 
+    let lanzaboote_image = PathBuf::from("/tmp/lanzaboote-image.efi");
+
     let args = vec![
         String::from("--add-section"),
         format!(".osrel={}", path_to_string(os_release)),
@@ -64,7 +66,7 @@ pub fn assemble(
         String::from("--change-section-vma"),
         format!(".kernelp={:#x}", kernel_path_offs),
         path_to_string(lanzaboote_bin),
-        String::from("lanzaboote-image.efi"),
+        path_to_string(&lanzaboote_image),
     ];
 
     let status = Command::new("objcopy").args(&args).status()?;
@@ -72,7 +74,7 @@ pub fn assemble(
         return Err(anyhow::anyhow!("Failed to build stub with args `{:?}`", &args).into());
     }
 
-    Ok(())
+    Ok(lanzaboote_image)
 }
 
 // All Linux file paths should be convertable to strings