[prev in list] [next in list] [prev in thread] [next in thread]
List: gentoo-dev
Subject: Re: [gentoo-dev] [PATCH 2/3] dist-kernel-utils.eclass: only sign image if it is a UKI
From: Andrew Ammerlaan <andrewammerlaan () gentoo ! org>
Date: 2023-08-27 19:34:18
Message-ID: 7b383ca6-194b-4557-92c0-40f290189b23 () gentoo ! org
[Download RAW message or body]
From 1a1062e142cf654b43790d2a211e3d447feb055c Mon Sep 17 00:00:00 2001
From: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
Date: Sat, 26 Aug 2023 21:32:07 +0200
Subject: [PATCH] dist-kernel-utils.eclass: only sign image if it is a UKI
If we are not using UKIs we don't have to do anything since the kernel image
was already signed in kernel-build.eclass.
Signed-off-by: Andrew Ammerlaan <andrewammerlaan@gentoo.org>
---
eclass/dist-kernel-utils.eclass | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/eclass/dist-kernel-utils.eclass
b/eclass/dist-kernel-utils.eclass
index 6903183b6efb3..b2e9df6746e35 100644
--- a/eclass/dist-kernel-utils.eclass
+++ b/eclass/dist-kernel-utils.eclass
@@ -131,11 +131,11 @@ dist-kernel_install_kernel() {
done
shopt -u nullglob
export KERNEL_INSTALL_PLUGINS="${KERNEL_INSTALL_PLUGINS} ${plugins[@]}"
- fi
- if [[ ${KERNEL_IUSE_SECUREBOOT} ]]; then
- # Kernel-install requires uki's are named uki.efi, sign in-place
- secureboot_sign_efi_file "${image}" "${image}"
+ if [[ ${KERNEL_IUSE_SECUREBOOT} ]]; then
+ # Ensure the uki is signed if dracut hasn't already done so.
+ secureboot_sign_efi_file "${image}"
+ fi
fi
ebegin "Installing the kernel via installkernel"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic