Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Do, 25.05.23 10:08, Andrea Pappacoda (andrea@xxxxxxxxxxxx) wrote:

> Il giorno mer 24 mag 2023 alle 14:35:05 +02:00:00, Lennart Poettering
> <lennart@xxxxxxxxxxxxxx> ha scritto:
> > Note that in systemd git main there's already support for generating
> > UKIs dynamically when a kernel RPM/DEB is installed (as long as the
> > "kernel-install" infra is in use). It can be signed with a local key,
> > that can be enrolled with MOK.
>
> This sounds really interesting! Could you please point to some documentation
> about this feature? I'd like to try it out on my Debian system, if possible.

This has not been released yet in a stable release. It has been merged
into git main though.

See this for the original PR:

https://github.com/systemd/systemd/pull/27262

Lennart

--
Lennart Poettering, Berlin
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux