On Sa, 27.05.23 08:31, Felix Rubio (felix@xxxxxxxxx) wrote: > Hi Lennart, > > I remember having read some time ago that UKI could pose problems with > early-boot modules provided by vendors and so. But... let's give it a try! > Then, the process should be: > > 1. Install a version of shim signed with MS keys. > 2. Generate the UKI > 3. rename the UKI image to grubx64.efi so that it gets picked up by shim > > As a side: the ESP partition is bit small. Do you think if I introduce > systemd-boot I could load the UKI being stored from /boot? In that case this > would be like > > 1. Install a version of shim signed with MS keys. > 2. Install systemd-boot as grubx64.efi so that it gets picked up by shim > 3. Generate the UKI to /boot/ > > I will give it a try... and see how it goes. systemd-boot can look into either ESP or XBOOTLDR for UKIs btw, precisely to deal with the problems around sizing ESP. Lennart -- Lennart Poettering, Berlin
Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Mon, 5 Jun 2023 10:21:46 +0200
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <fa97b23e2e04407abcace8b81817d1f7@kngnt.org>
- References: <f7ae22d92170ecbec85fad95453e3e74@kngnt.org> <5cd240d7-d843-abed-f175-729d765efadb@gmail.com> <5628da3bebb61926448c4cae80c7b693@kngnt.org> <ZG4Eedbmya2AlFnw@gardel-login> <7feef1e1d6ed0d8699e158d047cf5ac3@kngnt.org> <ZG43MTxLHP2hLsaI@gardel-login> <cefcf40c5edf497c08146857135d4356@kngnt.org> <ZG8byYZZcKK0n1NR@gardel-login> <fa97b23e2e04407abcace8b81817d1f7@kngnt.org>
- References:
- why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Felix Rubio
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Andrei Borzenkov
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Felix Rubio
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Lennart Poettering
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Felix Rubio
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Lennart Poettering
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Felix Rubio
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Lennart Poettering
- Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- From: Felix Rubio
- why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- Prev by Date: Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- Next by Date: Re: systemd-repart very slow creation of partitions with Encrypt=
- Previous by thread: Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- Next by thread: Re: why systemd-boot (seems as everyone else) does not check the signatures of initramfs?
- Index(es):
 |