Search Criteria
Package Details: sbupdate-git 0.r113.4e6d106-1
Package Actions
Git Clone URL: | https://aur.archlinux.org/sbupdate-git.git (read-only, click to copy) |
---|---|
Package Base: | sbupdate-git |
Description: | Generate and sign kernel images for UEFI Secure Boot |
Upstream URL: | https://github.com/andreyv/sbupdate |
Keywords: | boot uefi |
Licenses: | GPL3 |
Conflicts: | sbupdate |
Provides: | sbupdate |
Submitter: | andreyv |
Maintainer: | andreyv |
Last Packager: | andreyv |
Votes: | 35 |
Popularity: | 0.027493 |
First Submitted: | 2016-08-19 10:22 (UTC) |
Last Updated: | 2021-03-19 17:20 (UTC) |
Latest Comments
1 2 Next › Last »
andreyv commented on 2022-04-05 18:46 (UTC)
@traysh sbupdate does not sign extra files in hook mode (see README for details), so renaming the hook will not help. I intend to add specific support for
systemd-boot-update.service
later, but for now you cansystemctl edit systemd-boot-update.service
and add a manual sign command.traysh commented on 2022-04-05 17:55 (UTC) (edited on 2022-04-05 17:58 (UTC) by traysh)
Hello!
I use systemd-boot with Secure Boot, so I installed the aur package
systemd-boot-pacman-hook
, as sugested in the wiki.It installs
/usr/share/libalpm/hooks/95-systemd-boot.hook
, which runs/usr/bin/systemctl restart systemd-boot-update.service
whenever systemd is updated.But that is incompatible with this package due to a small detail:
95-systemd-boot.hook
is sorted after95-sbupdate.hook
, so the new systemd binary on the EFI partition will be installed aftersbupdate
is run, thus will not be signed. And that will my system unable to Secure Boot until I manually runsbupdate
.Would you consider renaming
95-sbupdate.hook
to96-sbupdate.hook
, which would eliminate this problem? Pretty please?Thank you
ranixon commented on 2021-06-25 14:38 (UTC)
Thanks @petercxy, now is installed.
petercxy commented on 2021-06-25 08:50 (UTC)
The GPG key F6532C30466E8B3E seems to be unavailable for now due to issues with the MIT keyserver (?).
As a temporary workaround, the key is available via GitHub at https://github.com/andreyv.gpg, so something like
would allow the signature checks to pass.
@ranixon
ranixon commented on 2021-06-24 18:46 (UTC) (edited on 2021-06-24 18:53 (UTC) by ranixon)
I tried to install it using makepkg -si and i got this error
andreyv commented on 2021-03-19 17:24 (UTC)
I think trusting GitHub's key would be no better than fetching the GitHub source with HTTPS.
So I added just the main key — thanks.
VannTen commented on 2021-03-15 08:44 (UTC) (edited on 2021-03-15 08:45 (UTC) by VannTen)
with the validpgpkeys part yes (it constrains which keys are allowed to validate the commits)
However Github sign the merges done on github.com with :
So adding your key and this one to validpgpkeys should to the trick.
andreyv commented on 2021-03-14 17:56 (UTC)
Thanks.
Sometimes there are also commits from other people. Merging on GitHub won't sign them with the needed key. Would makepkg abort in such case?
VannTen commented on 2021-03-02 20:36 (UTC)
I noticed that you sign your commits. So could you maybe use
in the PKGBUILD ?
andreyv commented on 2019-12-01 09:56 (UTC)
Fixed.
1 2 Next › Last »