Factory Installation w/ secure boot needs a force flag

Bug #1105289 reported by Mario Limonciello on 2013-01-25
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
grub-installer (Ubuntu)
Undecided
Unassigned
Precise
Undecided
Unassigned
Raring
Undecided
Unassigned

Bug Description

At least in the Dell factory implementation, secure boot is not enabled in the firmware until the end of the software install process after validation that everything installed properly.

This means that the current method of looking for secure boot to be marked enabled in grub-installer won't work since it's not yet turned on when the Ubuntu install runs.

To solve this, I'd like to propose adding a new template to grub-installer that could be preseeded to force installing the secure boot binaries even if secure boot doesn't appear to be in the environment.

Mario Limonciello (superm1) wrote :

Couldn't find the bzr branch for precise, so here's a debdiff for precise.

Changed in grub2 (Ubuntu Precise):
status: New → Invalid
Changed in grub2 (Ubuntu Raring):
status: New → Invalid
tags: added: patch
no longer affects: grub2 (Ubuntu)
no longer affects: grub2 (Ubuntu Precise)
no longer affects: grub2 (Ubuntu Raring)
Colin Watson (cjwatson) wrote :

The plan is instead to have grub-install always install the SB image on UEFI systems; since it detects SBness at run-time it's still able to load modules and such when not running under secure boot. As such I'd rather not change grub-installer.

Changed in grub-installer (Ubuntu Precise):
status: New → Won't Fix
Changed in grub-installer (Ubuntu Raring):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers