minhtrannhat/dots
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Pacman hooks for signing kernel and grub

Browse Source
This commit is contained in:
minhtrannhat 2022-04-15 22:51:51 -04:00
parent acb7ab379d
commit becb29373d
No known key found for this signature in database
GPG Key ID: 894C6A5801E01CA9
2 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
pacman-hooks/Desktop/98-secureboot-grub.hook Normal file
View File

@ -0,0 +1,13 @@
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = grub
[Action]
Description = Signing GRUB for SecureBoot
When = PostTransaction
Exec = /usr/bin/find /efi/ -name 'grubx64' -exec /usr/bin/sh -c 'if ! /usr/bin/sbverify --list {} 2>/dev/null | /usr/bin/grep -q "signature certificates"; then /usr/bin/sbsign --key /db.key --cert /db.crt --output {} {}; fi' \ ;
Depends = sbsigntools
Depends = findutils
Depends = grep

13
pacman-hooks/Desktop/99-secureboot-linux.hook Normal file
View File

@ -0,0 +1,13 @@
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = linux
[Action]
Description = Signing Kernel for SecureBoot
When = PostTransaction
Exec = /usr/bin/find /boot/ -maxdepth 1 -name 'vmlinuz-*' -exec /usr/bin/sh -c 'if ! /usr/bin/sbverify --list {} 2>/dev/null | /usr/bin/grep -q "signature certificates"; then /usr/bin/sbsign --key /db.key --cert /db.crt --output {} {}; fi' \ ;
Depends = sbsigntools
Depends = findutils
Depends = grep