On Wed, Apr 06, 2022 at 12:19:50PM -0400, Jeremy Bicha wrote: > Hi, > > I'm emailing this list because I didn't know a more specific place to > report this bug. > > What I Did > -------------- > - I used GNOME Boxes 42 (from my Ubuntu 22.04 LTS host). > - I clicked + then Download an Operating System and chose Debian Testing. > - I believe this uses > https://cdimage.debian.org/cdimage/weekly-builds/amd64/iso-dvd/debian-testing-amd64-DVD-1.iso > and > https://salsa.debian.org/libvirt-team/osinfo-db/-/blob/debian/sid/data/install-script/debian.org/debian-preseed-desktop.xml.in > - I increased the virtual disk size a bit on the confirm prompt (to like 25 > GB) > - That install worked and I got a functioning Debian GNOME Testing install. > > - Then I used today's daily build of Ubuntu 22.04 (pre-release) to > install Ubuntu. > - It resized the Debian partition and I had to manually tweak it just > a bit to get a big enough partition for Ubuntu alongside Debian. > - After installing Ubuntu, there was a Debian option in the grub boot > menu installed by Ubuntu. > - Debian failed to boot. I'm attaching a screenshot. It says: > error: bad shim signature. > error: you need to load the kernel first. > > Maybe this is as easy as telling osinfo-db to also install a signed > kernel. Maybe the signing thing is more complicated. I'm not really > going to spend more time on this issue but I wanted to pass it along > so that someone else who is interested could try to fix it.
Sounds like you installed debian with secureboot enabled, and then installed ubuntu which replaced the boot loader which of course breaks the secureboot chain of trust and it correctly identified the tampering and prevented the boot of an insecure temperated environment. I could be wrong. I personally don't use secureboot on my systems. -- Len Sorensen