diff options
Diffstat (limited to 'secureboot-helper-kernel.hook')
| -rw-r--r-- | secureboot-helper-kernel.hook | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/secureboot-helper-kernel.hook b/secureboot-helper-kernel.hook new file mode 100644 index 000000000000..5cdcce80852c --- /dev/null +++ b/secureboot-helper-kernel.hook @@ -0,0 +1,16 @@ +[Trigger] +Operation = Install +Operation = Upgrade +Type = Package +Target = linux +Target = linux-lts +Target = linux-zen +Target = linux-hardened + +[Action] +Description = Signing Kernel for SecureBoot +When = PostTransaction +Exec = /usr/bin/find /boot/ -maxdepth 1 -name 'vmlinuz-*' -exec /usr/bin/sh -c 'if ! /usr/bin/sbverify --list {} 2>/dev/null | /usr/bin/grep -q "signature certificates"; then /usr/bin/sbsign --key /%SIGN_LOCATION%/db.key --cert /%SIGN_LOCATION%/db.crt --output {} {}; fi' \ ; +Depends = sbsigntools +Depends = findutils +Depends = grep |