[Bug 1990179] Re: fwupd dbx datqabase bug fix

Wed Sep 21 03:04:59 UTC 2022

I didn't request fwupdmgr update --verbose, I requested fwupdtool update
--verbose.  There was a reason I requested that difference.

Anyway though; the problem is very clear now from your output from
fwupdgmr as well.

Blocked executable in the ESP, ensure grub and shim are up to date:
/boot/efi/efi.factory/boot/bootx64.efi Authenticode checksum
[2ea4cb6a1f1eb1d3dce82d54fde26ded243ba3e18de7c6d211902a594fe56788] is
present in dbx

What is going on is that the ESP contains another bootloader that is
used for the recovery partition, which if secureboot DBX update was
pushed down would no longer be able to execute.  This other bootloader
needs to be updated before the DBX update will be accepted.

** Also affects: oem-priority
   Importance: Undecided
       Status: New

** Changed in: fwupd (Ubuntu)
       Status: Incomplete => Invalid

** Also affects: dell
   Importance: Undecided
       Status: New

** Summary changed:

- fwupd dbx datqabase bug fix
+ DBX Update can't be installed due to binaries on ESP for recovery partition

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to fwupd in Ubuntu.
https://bugs.launchpad.net/bugs/1990179

Title:
  DBX Update can't be installed due to binaries on ESP for recovery
  partition

Status in Dell Ubuntu Project:
  New
Status in OEM Priority Project:
  New
Status in fwupd package in Ubuntu:
  Invalid

Bug description:
  https://github.com/fwupd/fwupd/issues/5035

  The above contains all the info -- Ubuntu needs to pick up the fwupd upstream fix
  for doing dbx database updates since they now fail with Ubuntu 20.04 and its current fwupd 
  release.  Please fix this!
  --- 
  ProblemType: Bug
  ApportVersion: 2.20.11-0ubuntu27.24
  Architecture: amd64
  CasperMD5CheckResult: skip
  CurrentDesktop: KDE
  DistributionChannelDescriptor:
   # This is the distribution channel descriptor for the OEM CDs
   # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor
   canonical-oem-somerville-focal-amd64-20200502-85
  DistroRelease: Ubuntu 20.04
  InstallationDate: Installed on 2022-06-17 (95 days ago)
  InstallationMedia: Ubuntu 20.04 "Focal" - Build amd64 LIVE Binary 20200502-05:58
  NonfreeKernelModules: nvidia_modeset nvidia
  Package: fwupd 1.7.5-3~20.04.1
  PackageArchitecture: amd64
  ProcVersionSignature: Ubuntu 5.14.0-1051.58-oem 5.14.21
  Tags: third-party-packages focal
  Uname: Linux 5.14.0-1051-oem x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dialout dip disk lp lpadmin plugdev sambashare staff sudo video
  _MarkForUpload: True
  mtime.conffile..etc.fwupd.remotes.d.lvfs-testing.conf: 2022-06-28T08:43:04.868520
  mtime.conffile..etc.fwupd.remotes.d.lvfs.conf: 2022-06-28T08:43:05.012520

To manage notifications about this bug go to:
https://bugs.launchpad.net/dell/+bug/1990179/+subscriptions