After the last update sbctl package stopped signing the efi kernel bundle. 🧐
I don't know why, yet. It builds the efi from vmlinuz and initrd, copies it to efi partition, but doesn't sign it for some reason.
I only found a notice about deprecating the bundling feature in the future.
Well I will have to find another way of uki bundling and signing...
#ArchLinux #sbctl
I don't know why, yet. It builds the efi from vmlinuz and initrd, copies it to efi partition, but doesn't sign it for some reason.
I only found a notice about deprecating the bundling feature in the future.
Well I will have to find another way of uki bundling and signing...
#ArchLinux #sbctl
Dean Wallace :archlinux: 🖖
in reply to Štěpán Škorpil :skorpil_cz: • • •Štěpán Škorpil :skorpil_cz:
in reply to Dean Wallace :archlinux: 🖖 • • •Dean Wallace :archlinux: 🖖
in reply to Štěpán Škorpil :skorpil_cz: • • •usr/lib/initcpio/post/sbctl
Štěpán Škorpil :skorpil_cz:
in reply to Dean Wallace :archlinux: 🖖 • • •I now use the mkinitcpio to create the bundle and sbctl signes these perfectly fine.
Actually I don't know why I used sbctl for bundling at all. Did mkinitcpio add this feature later? Or I didn't find the proper setting in the wiki back then? 🤷♂️
Glad it all works again together...
Dean Wallace :archlinux: 🖖
in reply to Štěpán Škorpil :skorpil_cz: • • •Štěpán Škorpil :skorpil_cz:
in reply to Dean Wallace :archlinux: 🖖 • • •@angrylinus Aha, ok That's why. 😄 I have set secure boot 4 years ago and started to use sbctl a bit later. Like 3y ago?
Tools are evolving the good way, it's nice to have it natively in mkinitcpio.
Btw I also have to update the way I am using tpm2 for drive encryption. Back than I had to hack it (and it still works), but now there also should be a native way to set it up.
Dean Wallace :archlinux: 🖖
in reply to Štěpán Škorpil :skorpil_cz: • • •gitlab.archlinux.org/archlinux…
I'm relatively new to the SB thing..
[mkinitcpio] Create UEFI executables (9cc35234) · Commits · Arch Linux / Mkinitcpio / mkinitcpio · GitLab
GitLabMorten Linderud
in reply to Štěpán Škorpil :skorpil_cz: • • •