diff options
Diffstat (limited to 'debian/patches/reinstate-enroll.patch')
| -rw-r--r-- | debian/patches/reinstate-enroll.patch | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/debian/patches/reinstate-enroll.patch b/debian/patches/reinstate-enroll.patch new file mode 100644 index 0000000..0c46db8 --- /dev/null +++ b/debian/patches/reinstate-enroll.patch @@ -0,0 +1,16 @@ +Description: Upstream pull request incorrectly drops enroll-key option + When a brand new secureboot key is created, and it hasn't been + previously enrolled as a mok key, it will be rejected by the + kernel. After creating a new key, one should be enrolling it. +Index: dkms/dkms.in +=================================================================== +--- dkms.orig/dkms.in ++++ dkms/dkms.in +@@ -956,6 +956,7 @@ prepare_signing() + fi + echo "Certificate or key are missing, generating them using update-secureboot-policy..." + SHIM_NOTRIGGER=y update-secureboot-policy --new-key &>/dev/null ++ update-secureboot-policy --enroll-key + fi + + ;; |