On Tue, 2018-07-31 at 17:11 +0100, Steve McIntyre wrote: > On Tue, Jul 31, 2018 at 10:52:00PM +0800, Ben Hutchings wrote: > > On Tue, 2018-07-31 at 21:17 +0800, Hideki Yamane wrote: > > > Hi, > > > > > > During "Report from the Debian EFI team about the support of > > > Secure > > > Boot on Debian" session, you said that maybe we should touch > > > debootstrap, > > > but I'm not sure what should we do for it. > > > > > > Could you explain your thought for it, please? > > > > I didn't understand that remark either. > > > > Perhaps it was meant to refer to other tools using debootstrap, > > like > > vmdb2, that also install a boot loader. > > That kind of thing, yes. Should have been clearer. Debootstrap itself > doesn't install a kernel or bootloader, which were the packages I was > thinking about.
I might have shared this before and apologies if so - but just in case it can be useful, here's how we implemented this in live-build to create a secure-boot compatible live bootable image: https://salsa.debian.org/live-team/live-build/blob/master/scripts/build/binary_grub-efi#L149 -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part