Modify Secure Boot key enrollment command#529
Open
eljojo wants to merge 1 commit intonix-community:masterfrom
Open
Modify Secure Boot key enrollment command#529eljojo wants to merge 1 commit intonix-community:masterfrom
eljojo wants to merge 1 commit intonix-community:masterfrom
Conversation
Updated command to include --firmware-builtin option for enrolling Microsoft keys. This is based on https://wiki.nixos.org/wiki/Limine
Member
|
What's the reason to use this? Do you think this should be the general case? Should everone use |
Author
|
@nikstur it seemed like a good idea to me to include the OEM's builtin certificates, they could come with revocation lists that come in handy? that being said, this is a bit of a cargo-culting kind of situation. I'm mostly saw it on that wiki and ran it myself, so I thought it'd be good to add it to this wiki. it's a bit of a philosophical question whether people should trust their OEM's certificates or not, I think it's a sane default to have, and whoever has opinions about it can remove the command. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hello, I follow this guide at home and fount out that a command from the wiki was missing.
Updated command to include --firmware-builtin option for enrolling Microsoft keys.
This is based on https://wiki.nixos.org/wiki/Limine