Package: refind
Version: 0.12.0-1
Severity: normal
Dear Maintainer,
The postinst script checks sysfs if Secure Boot is enabled.
The sysfs entry is changed
from: /sys/firmware/efi/vars/SecureBoot-<UUID>/data
to: /sys/firmware/efi/efivars/SecureBoot-<UUID>
Thus it doesn't correctly detect Secure Boot.
Checking method may be also incorrect.
("od -An -t u1 /sys/firmware/efi/efivars/SecureBoot-<UUID> | tr -d
'[[:space:]]'" command shows 60001 or 60000 on my PC)
I'm not sure if we can boot with rEFInd under Secure Boot environment after all
the above issues will be resolved.
It seems the upstream version 0.13.2 improves Secure Boot feature in its
refind-install script.
I suggest to upgrade to newer version on sid, and make some backports to
stable.
-- System Information:
Debian Release: 11.0
APT prefers stable-security
APT policy: (600, 'stable-security'), (600, 'stable'), (90, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.10.0-8-amd64 (SMP w/8 CPU threads)
Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE
Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE not
set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages refind depends on:
ii debconf [debconf-2.0] 1.5.77
ii efibootmgr 17-1
ii gdisk 1.0.6-1.1
ii openssl 1.1.1k-1
Versions of packages refind recommends:
ii python3 3.9.2-3
ii sbsigntool 0.9.2-2
refind suggests no packages.
