Comments (6)
They are probably not going to be default provided as they are unique for each installation. But I haven't really planned this far yet.
That makes sense, and is honestly not the end of the world if they appear in lostfiles.
In any case, something to consider is an empty config file, with example config values commented out. These options override defaults from cmdline
and os-release
, along with the default location for the keys.
This way there is a tracked config file that could be included with the sbctl package. The pacnew
it creates could serve as a way to inform users of new or changed configuration file.
Just a thought!
Thanks for this wonderful tool. Made setting up secure boot incredibly painless 🙂
from sbctl.
/proc/cmdline
is only a "sane" default. Users are left up to their own device to ensure there isn't uneeded stuff there. I'm unsure if trimming it without any insight is a good idea.
from sbctl.
Is there a "standard" place to put the user-modified cmdline
?
I've found how to pass a custom cmdline
and os-release
but I've just thrown it in an arbitrary place.
Has it been considered to have a configuration directory and file for sbctl such that these files would not show up in lostfiles
and would be controlled by pacman?
e.g. something like /etc/sbctl/cmdline
and /etc/sbctl/os-release
?
That's fine if it's not in scope, just wasn't sure where the "proper" place to put these overrides were.
from sbctl.
That's a great point actually! I think it ties into #6 for the sake of having configuration setup and more flexibility for the settings.
I'm not sure if any of that solves the lostfiles
problem though. They are probably not going to be default provided as they are unique for each installation. But I haven't really planned this far yet.
from sbctl.
the "standard" place for cmdline is /etc/kernel/cmdline
I guess
https://www.freedesktop.org/software/systemd/man/kernel-install.html
from sbctl.
Ah yes, reading /etc/kernel/cmdline
and fallback to /proc/cmdline
would make a lot of sense. Thank you!
from sbctl.
Related Issues (20)
- Mkinitcpio post hook error HOT 4
- In the README the Ubuntu package link is not available, it takes the reader to the OpenSUSE package HOT 3
- Implement sbctl debug HOT 1
- Multiple displays and resolution doesn't work HOT 9
- Cannot re-enroll keys after upgrading system HOT 4
- Kernel removal fails if image file is already removed, resulting in multiple installed kernels on fedora HOT 2
- Unable to make secure boot to work on Surface Go 1st Gen and Arch Linux
- sbctl sign-all does not sign all efi binaries HOT 8
- `sbctl reset` when in setup mode results in PC hang
- Suggestion: Only sign generated file in initcpio hook, use sign-all in a separate pacman hook HOT 4
- sbctl won't work on Fujtsu Lifebook A574/M, BIOS would just reset ANY USER intervention of the secure boot changes HOT 6
- [archlinux] failed signing ***: *** does not exist HOT 3
- my Bios gone black HOT 4
- pacstrap fails due to mkinitcpio post hook HOT 2
- initcpio hook adds temporary files to list HOT 1
- kernel-install plugin fails with uki layout when removing HOT 1
- [Good News] Lenovo Thinkpad Yoga L13 AMD Gen 2 does not brick when removing vendor+ms keys. HOT 6
- sbctl sign failing with "binary has no valid signatures" HOT 4
- mkdir /usr/share/secureboot/keys: read-only file system HOT 1
- sbctl verify "does not exist" - entries are not scriptable (in an easy way) HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from sbctl.