[Bug 1931213] [NEW] fwupd installs without shim if secure boot is disabled

Julian Andres Klode 1931213 at bugs.launchpad.net
Tue Jun 8 07:42:22 UTC 2021 

Public bug reported:

[Impact]
fwupd currently configures the boot entry without shim if secure boot is disabled, leading to different code paths being taken on non-secureboot systems, and fwupd being broken if you intercept the reboot and turn on secure boot.

This makes verifying changes harder.

[Test plan]
Run fwupdmgr reinstall or similar on a system without secure boot and ensure that shim is present in the boot entry created. Check old version to ensure it was broken before

[Where problems could occur]
shim in hirsute+ currently is unable to load fwupd, and it's not the first time this has happened. We need to get better at this, it's not clear how this happened, but maybe this is precisely where testing that bit went wrong?

** Affects: fwupd (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: rls-ii-incoming

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to fwupd in Ubuntu.
https://bugs.launchpad.net/bugs/1931213

Title:
  fwupd installs without shim if secure boot is disabled

Status in fwupd package in Ubuntu:
  New

Bug description:
  [Impact]
  fwupd currently configures the boot entry without shim if secure boot is disabled, leading to different code paths being taken on non-secureboot systems, and fwupd being broken if you intercept the reboot and turn on secure boot.

  This makes verifying changes harder.

  [Test plan]
  Run fwupdmgr reinstall or similar on a system without secure boot and ensure that shim is present in the boot entry created. Check old version to ensure it was broken before

  [Where problems could occur]
  shim in hirsute+ currently is unable to load fwupd, and it's not the first time this has happened. We need to get better at this, it's not clear how this happened, but maybe this is precisely where testing that bit went wrong?

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/fwupd/+bug/1931213/+subscriptions

More information about the foundations-bugs mailing list