Ubuntu
shim-signed package

package shim-signed (not installed) failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 5

Bug #1766391 reported by byroniac on 2018-04-24

188

This bug affects 31 people

	Status	Importance	Assigned to	Milestone
linux (Ubuntu)	Fix Released	Critical	Unassigned	Ubuntu ubuntu-18.04
Bionic	Fix Released	Critical	Unassigned	Ubuntu ubuntu-18.04
shim-signed (Ubuntu)	Fix Released	Critical	Unassigned	Ubuntu ubuntu-18.04
Bionic	Fix Released	Critical	Unassigned	Ubuntu ubuntu-18.04

Bug Description

Complains that nvidia-390.48 is not installed but I have a version of it already installed (nvidia-driver-390):

sudo apt install shim-signed
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
shim-signed
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/317 kB of archives.
After this operation, 1,247 kB of additional disk space will be used.
Preconfiguring packages ...
Selecting previously unselected package shim-signed.
(Reading database ... 358912 files and directories currently installed.)
Preparing to unpack .../shim-signed_1.34.6+13-0ubuntu2_amd64.deb ...
Unpacking shim-signed (1.34.6+13-0ubuntu2) ...
Setting up shim-signed (1.34.6+13-0ubuntu2) ...
Installing for x86_64-efi platform.
Installation finished. No error reported.
Generating a new Secure Boot signing key:
Generating a 2048 bit RSA private key
.......................................+++
...........................................+++
writing new private key to '/var/lib/shim-signed/mok/MOK.priv'
-----
Error! The module nvidia 390.48 is not currently installed.
This module is not currently ACTIVE for kernel 4.15.0-18-generic (x86_64).
dpkg: error processing package shim-signed (--configure):
installed shim-signed package post-installation script subprocess returned error exit status 5
Errors were encountered while processing:
shim-signed
E: Sub-process /usr/bin/dpkg returned an error code (1)

ProblemType: Package
DistroRelease: Ubuntu 18.04
Package: shim-signed (not installed)
ProcVersionSignature: Ubuntu 4.15.0-19.20-generic 4.15.17
Uname: Linux 4.15.0-19-generic x86_64
NonfreeKernelModules: nvidia_modeset nvidia
ApportVersion: 2.20.9-0ubuntu6
Architecture: amd64
Date: Mon Apr 23 20:37:00 2018
ErrorMessage: installed shim-signed package post-installation script subprocess returned error exit status 5
InstallationDate: Installed on 2018-03-31 (23 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Alpha amd64 (20180331)
Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3
PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 2.7.15~rc1-1
RelatedPackageVersions:
dpkg 1.19.0.5ubuntu2
apt 1.6.1
SourcePackage: shim-signed
Title: package shim-signed (not installed) failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 5
UpgradeStatus: No upgrade log present (probably fresh install)

Tags:

Revision history for this message

byroniac (byroniac) wrote on 2018-04-24:

AptOrdering.txt Edit (932 bytes, text/plain; charset="utf-8")
Df.txt Edit (2.1 KiB, text/plain; charset="utf-8")
Dmesg.txt Edit (61.1 KiB, text/plain; charset="utf-8")
DpkgHistoryLog.txt Edit (181.2 KiB, text/plain; charset="utf-8")
DpkgTerminalLog.txt Edit (4.5 KiB, text/plain; charset="utf-8")
ProcCpuinfoMinimal.txt Edit (1.2 KiB, text/plain; charset="utf-8")

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-24:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in shim-signed (Ubuntu):
status:	New → Confirmed

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2018-04-24: Status changed to Confirmed

This change was made by a bot.

Changed in linux (Ubuntu):
status:	New → Confirmed

Revision history for this message

Steve Langasek (vorlon) wrote on 2018-04-24:

There are two parts to this bug.
- in some cases, at the time shim-signed's postinst runs, there may be linux-image packages installed for which one or more dkms modules are not currently built. There are a number of legitimate reasons why this may be the case, including unpack ordering during an upgrade. shim-signed needs to gracefully handle the possibility that 'dkms uninstall' fails because the module is not installed.
- the refactoring of the kernel packaging that landed in 4.15.0-19-generic has a typo that prevents it from triggering dkms builds on installation. The correct directory name is /etc/kernel/header_postinst.d/; /var/lib/dpkg/info/linux-headers-4.15.0-19-generic.postinst references /etc/kernel/headers_postinst.d which does not exist.

Changed in linux (Ubuntu):
importance:	Undecided → Critical
milestone:	none → ubuntu-18.04
status:	Confirmed → Triaged
Changed in shim-signed (Ubuntu):
status:	Confirmed → Triaged
importance:	Undecided → Critical
milestone:	none → ubuntu-18.04

Revision history for this message

Steve Langasek (vorlon) wrote on 2018-04-24:

both parts of this need fixed for 18.04 release.

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-24:

This bug was fixed in the package shim-signed - 1.34.7

---------------
shim-signed (1.34.7) bionic; urgency=medium

  * debian/shim-signed.postinst: it's not guaranteed that all linux-image
    packages currently installed have dkms modules built for them.
    Gracefully handle any failures in the path for signing existing dkms
    modules on upgrade due to absent modules. LP: #1766391.
  * Add a dependency on sbsigntool for kmodsign, which we use directly.

-- Steve Langasek <email address hidden> Mon, 23 Apr 2018 21:47:50 -0700

Changed in shim-signed (Ubuntu Bionic):
status:	Triaged → Fix Released

Steve Langasek (vorlon) on 2018-04-24

Changed in linux (Ubuntu Bionic):
status:	Triaged → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2018-04-24:

This bug was fixed in the package linux - 4.15.0-20.21

---------------
linux (4.15.0-20.21) bionic; urgency=medium

* linux: 4.15.0-20.21 -proposed tracker (LP: #1766452)

  * package shim-signed (not installed) failed to install/upgrade: installed
    shim-signed package post-installation script subprocess returned error exit
    status 5 (LP: #1766391)
    - [Packaging] fix invocation of header postinst hooks

-- Seth Forshee <email address hidden> Mon, 23 Apr 2018 23:56:17 -0500

Changed in linux (Ubuntu Bionic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

Duplicates of this bug

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntushim-signed package

package shim-signed (not installed) failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 5

Bug Description

Duplicates of this bug

Other bug subscribers

Bug attachments

Remote bug watches

Ubuntu
shim-signed package