07-23-2018 02:32 PM - last edited on 03-06-2024 08:19 PM by ROGBot
mokutil --import ${mok_key_file}.derwould successfully request the passwords, but then fail miserably when trying to update the UEFI variables. Running an STrace on the process I'm able to see it create the MokNew variable, as expected, but then gets an EINVAL error when trying to unlink() the same "file" (in /sys/firmware/efi/efivars). As to why it's trying to unlink() a file it just created moments earlier, I don't know.
mokutil --enable-validationor
mokutil --disable-validation) with a similar issue (the error is "Failed to request new MokSB state"). Booting the kernel with efi_no_storage_paranoia was no help (I thought perhaps the UEFI NVRAM was running low).
07-23-2018 02:33 PM
08-01-2018 07:38 AM
08-02-2018 02:05 PM
Zarathustraa wrote:
You can try this. https://wiki.archlinux.org/index.php/Secure_Boot
That should sign all of the kernels correctly; but, I've always given up on enrolling the new keys.
I have had some luck using refind, and mok in the pass. http://www.rodsbooks.com/refind/secureboot.html
08-10-2018 09:56 AM