From f5a3e197512428a14925376345215fcc79f73c8b Mon Sep 17 00:00:00 2001 From: Eric Hameleers Date: Mon, 8 Nov 2021 09:18:14 +0100 Subject: liveslak: add Secure Boot support to all 64bit ISOs Read the updates in the README for more background and guidance. User notice: As a one-time action the very first time you boot a Secure Boot enabled liveslak ISO, you will have to enroll the liveslak certificate (/EFI/BOOT/liveslak.der) with which the Slackware boot-up binaries (grub and kernel) were signed into your computer's MOK (Machine Owner Key database). This enrollment request will show on-screen during initial boot, just follow the prompts to 'enroll from disk'. Afterwards the computer will reboot and from then on, your liveslak will boot without any user intervention on your Secure Boot computer. Note: liveslak uses Fedora's initial boot loader (the 'shim') which has been signed by Microsoft. In future we may get our own signed shim for liveslak and/or Slackware, but don't hold your breath. --- pkglists/secureboot.conf | 12 ++++++++++++ pkglists/secureboot.lst | 3 +++ 2 files changed, 15 insertions(+) create mode 100644 pkglists/secureboot.conf create mode 100644 pkglists/secureboot.lst (limited to 'pkglists') diff --git a/pkglists/secureboot.conf b/pkglists/secureboot.conf new file mode 100644 index 0000000..a81a7c2 --- /dev/null +++ b/pkglists/secureboot.conf @@ -0,0 +1,12 @@ +# If 'SL_REPO_URL' is a rsync:// URL and 'SL_REPO' points to a non-existent +# or empty directory, then the content of 'SL_REPO_URL' will be rsync-ed +# to the local directory 'SL_REPO'. +SL_REPO_URL="rsync://slackware.uk/people/alien/sbrepos/${SL_VERSION}/${SL_ARCH}" +SL_REPO="/var/cache/liveslak/sbrepos/${SL_VERSION}/${SL_ARCH}" + +# Package root directory: +SL_PKGROOT=${SL_REPO} + +# Patches root directory: +SL_PATCHROOT="" + diff --git a/pkglists/secureboot.lst b/pkglists/secureboot.lst new file mode 100644 index 0000000..260a246 --- /dev/null +++ b/pkglists/secureboot.lst @@ -0,0 +1,3 @@ +mokutil +sbsigntools + -- cgit v1.2.3