fwupd has dbx plugin enabled but shouldn't

In discussion with the Security Team, I've learned that the dbx plugin in fwupd is enabled by default. Prior to 22.04 release I had conversations about the fact that we should not be using fwupd to deliver dbx updates by default, but these don't seem to have resulted in changes to the packaging. We may in the future want to use fwupd to deliver dbx updates, but in the meantime there is a concern that delivery of dbx updates needs to be coordinated with the OS (we have the secureboot-db package seeded across all products in support of this), and there is not coordination between fwupd and the OS package manager.

We need to update fwupd to disable the dbx plugin by default (DisabledPlugins= in /etc/fwupd/daemon.conf).

This affects both jammy and focal, where fwupd has been SRUed.

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: fwupd 1.7.5-3
ProcVersionSignature: Ubuntu 5.15.0-27.28-generic 5.15.30
Uname: Linux 5.15.0-27-generic x86_64
NonfreeKernelModules: zfs zunicode zavl icp zcommon znvpair
ApportVersion: 2.20.11-0ubuntu82
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Fri May 6 11:04:01 2022
InstallationDate: Installed on 2019-12-23 (864 days ago)
InstallationMedia: Ubuntu 19.10 "Eoan Ermine" - Release amd64 (20191017)
RebootRequiredPkgs: Error: path contained symlinks.
SourcePackage: fwupd
UpgradeStatus: Upgraded to jammy on 2022-04-15 (20 days ago)