shim

Merge ~juliank/shim/+git/shim-signed:alternatives into ~ubuntu-core-dev/shim/+git/shim-signed:master

  1. Git
  2. lp:~juliank/shim/+git/shim-signed
  3. alternatives
  4. Merge into master
Proposed by Julian Andres Klode
Status: Needs review
Proposed branch: ~juliank/shim/+git/shim-signed:alternatives
Merge into: ~ubuntu-core-dev/shim/+git/shim-signed:master
Diff against target: 336 lines (+190/-9)
12 files modified
Makefile (+7/-3)
debian/changelog (+18/-0)
debian/control (+2/-2)
debian/kernel-postinst.d/zz-shim (+6/-0)
debian/shim-signed.install (+4/-1)
debian/shim-signed.postinst (+91/-3)
debian/shim-signed.triggers (+1/-0)
debian/tests/control (+3/-0)
debian/tests/test-is-not-revoked (+6/-0)
external-shimaa64.efi.previous (+1/-0)
external-shimx64.efi.previous (+1/-0)
is-not-revoked (+50/-0)
Reviewer Review Type Date Requested Status
Steve Langasek Approve
Ubuntu Stable Release Updates Team Pending
Review via email: mp+436050@code.staging.launchpad.net

Description of the change

A way to ease the pain of key rotation using alternatives

To post a comment you must log in.
Revision history for this message
Julian Andres Klode (juliank) :
Reply
Revision history for this message
Julian Andres Klode (juliank) wrote :

on_secure_boot and most of have_non_revoked_kernel are copied from grub-check-signatures (which would fail postinst with a debconf dialog, which is not actually meaningful as the files are unpacked and would be used). We should evaluate unifying things in the future, but this avoids both tying in a grub2 SRU (there is one in progress already) and our is-not-revoked helper can be used for build-time testing.

Reply
Revision history for this message
Julian Andres Klode (juliank) wrote :

I need to actually copy in the bugs closed to the changelog but the implementation is ready for reviews now.

Reply
Revision history for this message
Julian Andres Klode (juliank) :
Reply
Revision history for this message
Julian Andres Klode (juliank) wrote :

Regarding the design decisions, please see the ubuntu-devel thread. I think most of the complexity is in actually checking if we are good to install, so this is not a lot more complex than aborting in preinst but means it works fine if kernels and shim are upgraded in the same upgrade run, like setup_alternatives + hooking it into the kernel postinst.d is less code than putting up a debconf dialog with an error message :)

In a month or so, when we're sure everyone has upgraded their kernel we could remove the alternatives again and abort in preinst so that people can find out more easily that they're actually using shim 15.7 and not the old version.

Reply
Revision history for this message
Steve Langasek (vorlon) :
review: Needs Fixing
Reply
Revision history for this message
Julian Andres Klode (juliank) :
Reply
Revision history for this message
Steve Langasek (vorlon) :
review: Approve
Reply

There was an error fetching revisions from git servers. Please try again in a few minutes. If the problem persists, contact Launchpad support.

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
The diff is not available at this time. You can reload the page or download it.

Subscribers

People subscribed via source and target branches