[Bug 1184297] Re: Secure boot failed, claiming boot is against security policy
Adam Conrad
adconrad at 0c3.net
Mon Jul 22 10:13:04 UTC 2013
Hello Petter, or anyone else affected,
Accepted ubiquity into precise-proposed. The package will build now and
be available at http://launchpad.net/ubuntu/+source/ubiquity/2.10.26 in
a few hours, and then in the -proposed repository.
Please help us by testing this new package. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Your feedback will aid us getting this update
out to other Ubuntu users.
If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested, and change the tag
from verification-needed to verification-done. If it does not fix the
bug for you, please add a comment stating that, and change the tag to
verification-failed. In either case, details of your testing will help
us make a better decision.
Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in
advance!
** Changed in: ubiquity (Ubuntu Precise)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1184297
Title:
Secure boot failed, claiming boot is against security policy
Status in “base-installer” package in Ubuntu:
Fix Released
Status in “grub-installer” package in Ubuntu:
Fix Released
Status in “grub2” package in Ubuntu:
Fix Released
Status in “grub2-signed” package in Ubuntu:
Fix Released
Status in “ubiquity” package in Ubuntu:
Fix Released
Status in “base-installer” source package in Precise:
Fix Committed
Status in “grub-installer” source package in Precise:
Fix Committed
Status in “grub2” source package in Precise:
Fix Committed
Status in “grub2-signed” source package in Precise:
Fix Committed
Status in “ubiquity” source package in Precise:
Fix Committed
Bug description:
--- SRU ---
== Rational ==
Some machines aren't detected as using SecureBoot at installation time, however require SecureBoot post-installation. The easiest way to deal with this is to install shim-signed, grub-efi-amd64-signed and linux-image-signed on every UEFI machine.
== Test case ==
1) Install the 64bit version of Ubuntu on a UEFI machine with SecureBoot disabled
2) Check that linux-image-signed-*, grub-efi-amd64-signed and shim-signed are installed post-install
3) Check that sudo efibootmgr -v reports the Ubuntu entry as booting shimx64.efi
== Regression potential ==
This will significantly widen the range of machines that will boot through the shim so it's not impossible that a shim bug could prevent some of them from booting.
However I don't think this is a huge issue as the livecd itself already boots through shim, so if they managed to install Ubuntu in the first place, it should still work once that change lands.
--- original bug report ---
I've struggled to install Linux on a Packard Bell EasyNote LV11HC, without having to accept the Windows 8 license, and my progress is documented in http://www.linlap.com/packard_bell_easynote_lv . Had to pull the hard drive and install to a USB stick to be able to get into the firmware menu and enable the F12 boot menu. After finally being able to install Ubuntu 13.04 on the hard drive, the UEFI firmware refused to boot the hard drive, claiming it was against the security policy. I was able to boot Ubuntu by powering on again and using F12 to pick the hard drive.
No idea what is wrong, but can help with debugging the next few days
before I switch to legacy BIOS and put it into production.
ProblemType: Bug
DistroRelease: Ubuntu 13.04
Package: shim 0~20120906.bcd0a4e8-0ubuntu4
ProcVersionSignature: Ubuntu 3.8.0-22.33-generic 3.8.11
Uname: Linux 3.8.0-22-generic x86_64
ApportVersion: 2.9.2-0ubuntu8
Architecture: amd64
Date: Sun May 26 11:14:38 2013
Dependencies:
InstallationDate: Installed on 2013-05-26 (0 days ago)
InstallationMedia: Ubuntu 13.04 "Raring Ringtail" - Release amd64 (20130424)
MarkForUpload: True
SourcePackage: shim
UpgradeStatus: No upgrade log present (probably fresh install)
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-installer/+bug/1184297/+subscriptions
More information about the foundations-bugs
mailing list