Configured a new VM under virt-manager, using the option 'Customize configuration before install' and selecting 'OVMF_CODE_4M.ms.fd' as the firmware. Booted Ubuntu 22.04.2 install media. Verified firmware settings were as expected with 'mokutil --db' and 'mokutil --sb-state'. Verified that SBAT had been applied by confirming /sys/firmware/efi/efivars/SbatLevelRT-605dab50-e046-4300-abb6-3dd810dd8b23 was present.
Enabled focal-proposed in sources and ran 'apt install secureboot-db=1.6~20.04.1'. Confirmed with 'mokutil --dbx' that the Canonical 2012 signing key was present.
Shut down the VM, reconfigured to boot 20.04.5. 20.04.5 booted to grub without a security error. So the test case is incomplete, working on revising.
Configured a new VM under virt-manager, using the option 'Customize configuration before install' and selecting 'OVMF_CODE_ 4M.ms.fd' as the firmware. Booted Ubuntu 22.04.2 install media. Verified firmware settings were as expected with 'mokutil --db' and 'mokutil --sb-state'. Verified that SBAT had been applied by confirming /sys/firmware/ efi/efivars/ SbatLevelRT- 605dab50- e046-4300- abb6-3dd810dd8b 23 was present.
Enabled focal-proposed in sources and ran 'apt install secureboot- db=1.6~ 20.04.1' . Confirmed with 'mokutil --dbx' that the Canonical 2012 signing key was present.
Shut down the VM, reconfigured to boot 20.04.5. 20.04.5 booted to grub without a security error. So the test case is incomplete, working on revising.