mirror of
https://gitlab.archlinux.org/tpowa/archboot.git
synced 2024-09-20 12:00:37 +02:00
more secure boot corrections
This commit is contained in:
parent
f9c6090e15
commit
be7be38257
1 changed files with 5 additions and 10 deletions
|
@ -34,22 +34,17 @@ build ()
|
||||||
add_file "/usr/lib/python3.10/lib-dynload/$i.so"
|
add_file "/usr/lib/python3.10/lib-dynload/$i.so"
|
||||||
done
|
done
|
||||||
# add efitools files
|
# add efitools files
|
||||||
|
add_file "/usr/share/efitools/efi/PreLoader.efi"
|
||||||
add_file "/usr/share/efitools/efi/HashTool.efi"
|
add_file "/usr/share/efitools/efi/HashTool.efi"
|
||||||
add_file "/usr/share/efitools/efi/KeyTool.efi"
|
add_file "/usr/share/efitools/efi/KeyTool.efi"
|
||||||
# add shim signed files from fedora
|
# add shim signed files from fedora
|
||||||
_SHIM_URL="https://kojipkgs.fedoraproject.org/packages/shim/15.4/5/x86_64"
|
_SHIM_URL="https://kojipkgs.fedoraproject.org/packages/shim/15.4/5/aarch64"
|
||||||
_SHIM_VERSION="shim-x64-15.4-5.x86_64.rpm"
|
_SHIM_VERSION="shim-aa64-15.4-5.aarch64.rpm"
|
||||||
_SHIM32_VERSION="shim-ia32-15.4-5.x86_64.rpm"
|
|
||||||
SHIM=$(mktemp -d /var/tmp/shim.XXXX)
|
SHIM=$(mktemp -d /var/tmp/shim.XXXX)
|
||||||
curl -s --create-dirs -L -O --output-dir "${SHIM}" "${_SHIM_URL}/${_SHIM_VERSION}"
|
curl -s --create-dirs -L -O --output-dir "${SHIM}" "${_SHIM_URL}/${_SHIM_VERSION}"
|
||||||
bsdtar -C ${SHIM} -xf "${SHIM}"/"${_SHIM_VERSION}"
|
bsdtar -C ${SHIM} -xf "${SHIM}"/"${_SHIM_VERSION}"
|
||||||
add_file "${SHIM}/boot/efi/EFI/fedora/mmx64.efi" "/usr/share/archboot/fedora-shim/mmx64.efi"
|
add_file "${SHIM}/boot/efi/EFI/fedora/mmaa64.efi" "/usr/share/archboot/fedora-shim/mmaa64.efi"
|
||||||
add_file "${SHIM}/boot/efi/EFI/fedora/shimx64.efi" "/usr/share/archboot/fedora-shim/shimx64.efi"
|
add_file "${SHIM}/boot/efi/EFI/fedora/shimaa64.efi" "/usr/share/archboot/fedora-shim/shimaa64.efi"
|
||||||
SHIM32=$(mktemp -d /var/tmp/shim32.XXXX)
|
|
||||||
curl -s --create-dirs -L -O --output-dir "${SHIM32}" "${_SHIM_URL}/${_SHIM32_VERSION}"
|
|
||||||
bsdtar -C "${SHIM32}" -xf "${SHIM32}/${_SHIM32_VERSION}"
|
|
||||||
add_file "${SHIM32}/boot/efi/EFI/fedora/mmia32.efi" "/usr/share/archboot/fedora-shim/mmia32.efi"
|
|
||||||
add_file "${SHIM32}/boot/efi/EFI/fedora/shimia32.efi" "/usr/share/archboot/fedora-shim/shimia32.efi"
|
|
||||||
# add generate keys script
|
# add generate keys script
|
||||||
add_file "/usr/bin/archboot-secureboot-keys.sh" "/usr/bin/secureboot-keys.sh"
|
add_file "/usr/bin/archboot-secureboot-keys.sh" "/usr/bin/secureboot-keys.sh"
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue