[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
This bug was fixed in the package shim-signed - 1.32~14.04.2 --- shim-signed (1.32~14.04.2) trusty; urgency=medium * Backport shim-signed 1.32 to 14.04. (LP: #1700170) shim-signed (1.32) artful; urgency=medium * Handle cleanup of /var/lib/shim-signed on package purge. shim-signed (1.31) artful; urgency=medium * Fix regression in postinst when /var/lib/dkms does not exist. (LP #1700195) * Sort the list of dkms modules when recording. shim-signed (1.30) artful; urgency=medium * update-secureboot-policy: track the installed DKMS modules so we can skip failing unattended upgrades if they hasn't changed (ie. if no new DKMS modules have been installed, just honour the user's previous decision to not disable shim validation). (LP: #1695578) * update-secureboot-policy: allow re-enabling shim validation when no DKMS packages are installed. (LP: #1673904) * debian/source_shim-signed.py: add the textual representation of SecureBoot and MokSBStateRT EFI variables rather than just adding the files directly; also, make sure we include the relevant EFI bits from kernel log. (LP: #1680279) shim-signed (1.29) artful; urgency=medium * Makefile: Generate BOOT$arch.CSV, for use with fallback. * debian/rules: make sure we can do per-arch EFI files. shim-signed (1.28) zesty; urgency=medium * Adjust apport hook to include key files that tell us about the system's current SB state. LP: #1680279. shim-signed (1.27) zesty; urgency=medium [ Steve Langasek ] * Update to the signed 0.9+1474479173.6c180c6-1ubuntu1 binary from Microsoft. * update-secureboot-policy: - detect when we have no debconf prompting and error out instead of ending up in an infinite loop. LP: #1673817. - refactor to make the code easier to follow. - remove a confusing boolean that would always re-prompt on a request to --enable, but not on a request to --disable. [ Mathieu Trudel-Lapierre ] * update-secureboot-policy: - some more fixes to properly handle non-interactive mode. (LP: #1673817) shim-signed (1.23) zesty; urgency=medium * debian/control: bump the Depends on grub2-common since that's needed to install with the new updated EFI binaries filenames. shim-signed (1.22) yakkety; urgency=medium * Update to the signed 0.9+1474479173.6c180c6-0ubuntu1 binary from Microsoft. * Update paths now that the shim binary has been renamed to include the target architecture. * debian/shim-signed.postinst: clean up old MokManager.efi from EFI/ubuntu; since it's being replaced by mm$arch.efi. shim-signed (1.21.3) vivid; urgency=medium * No-change rebuild for shim 0.9+1465500757.14a5905.is.0.8-0ubuntu3. shim-signed (1.21.2) vivid; urgency=medium * Revert to signed shim from 0.8-0ubuntu2. - shim.efi.signed originally built from shim 0.8-0ubuntu2 in wily. shim-signed (1.20) yakkety; urgency=medium * Update to the signed 0.9+1465500757.14a5905-0ubuntu1 binary from Microsoft. (LP: #1581299) -- Mathieu Trudel-LapierreMon, 10 Jul 2017 20:29:28 -0400 ** Changed in: shim-signed (Ubuntu Trusty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
This bug was fixed in the package shim-signed - 1.32~17.04.1 --- shim-signed (1.32~17.04.1) zesty; urgency=medium * Backport shim-signed 1.32 to 17.04. (LP: #1700170) shim-signed (1.32) artful; urgency=medium * Handle cleanup of /var/lib/shim-signed on package purge. shim-signed (1.31) artful; urgency=medium * Fix regression in postinst when /var/lib/dkms does not exist. (LP#1700195) * Sort the list of dkms modules when recording. shim-signed (1.30) artful; urgency=medium * update-secureboot-policy: track the installed DKMS modules so we can skip failing unattended upgrades if they hasn't changed (ie. if no new DKMS modules have been installed, just honour the user's previous decision to not disable shim validation). (LP: #1695578) * update-secureboot-policy: allow re-enabling shim validation when no DKMS packages are installed. (LP: #1673904) * debian/source_shim-signed.py: add the textual representation of SecureBoot and MokSBStateRT EFI variables rather than just adding the files directly; also, make sure we include the relevant EFI bits from kernel log. (LP: #1680279) shim-signed (1.29) artful; urgency=medium * Makefile: Generate BOOT$arch.CSV, for use with fallback. * debian/rules: make sure we can do per-arch EFI files. -- Mathieu Trudel-LapierreMon, 10 Jul 2017 17:10:08 -0400 ** Changed in: shim-signed (Ubuntu Zesty) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
This bug was fixed in the package shim-signed - 1.32~16.04.1 --- shim-signed (1.32~16.04.1) xenial; urgency=medium * Backport shim-signed 1.32 to 16.04. (LP: #1700170) shim-signed (1.32) artful; urgency=medium * Handle cleanup of /var/lib/shim-signed on package purge. shim-signed (1.31) artful; urgency=medium * Fix regression in postinst when /var/lib/dkms does not exist. (LP#1700195) * Sort the list of dkms modules when recording. shim-signed (1.30) artful; urgency=medium * update-secureboot-policy: track the installed DKMS modules so we can skip failing unattended upgrades if they hasn't changed (ie. if no new DKMS modules have been installed, just honour the user's previous decision to not disable shim validation). (LP: #1695578) * update-secureboot-policy: allow re-enabling shim validation when no DKMS packages are installed. (LP: #1673904) * debian/source_shim-signed.py: add the textual representation of SecureBoot and MokSBStateRT EFI variables rather than just adding the files directly; also, make sure we include the relevant EFI bits from kernel log. (LP: #1680279) shim-signed (1.29) artful; urgency=medium * Makefile: Generate BOOT$arch.CSV, for use with fallback. * debian/rules: make sure we can do per-arch EFI files. -- Mathieu Trudel-LapierreMon, 10 Jul 2017 17:43:10 -0400 ** Changed in: shim-signed (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Verification-done for xenial; using shim-signed 1.32~17.04.1: The right elements now include a human-readable content (which is what the latest SRU changes) in the apport-generated crash files (specifically, MokSBStateRT values if present, along with SecureBoot state). ** Tags removed: verification-needed verification-needed-yakkety verification-needed-zesty ** Tags added: verification-done-zesty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Verification-done for xenial; using shim-signed 1.32~16.04.1: The apport hook now includes the proper values for MokSBStateRT (if present) and SecureBoot variables from /sys/firmware/efi/efivars. ** Tags removed: verification-needed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Verification done for trusty: I've used shim-signed 1.32~14.04.2 and verified that the update apport hook is included and working as expected. ** Tags removed: verification-needed-trusty ** Tags added: verification-done-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Hello Steve, or anyone else affected, Accepted shim-signed into trusty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/shim- signed/1.32~14.04.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-trusty to verification-done-trusty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-trusty. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: shim-signed (Ubuntu Trusty) Status: New => Fix Committed ** Tags added: verification-needed-trusty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
** Changed in: shim-signed (Ubuntu Xenial) Status: Fix Released => Fix Committed ** Tags removed: verification-done-xenial ** Tags added: verification-needed-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Hello Steve, or anyone else affected, Accepted shim-signed into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/shim- signed/1.32~16.10.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-yakkety to verification-done-yakkety. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-yakkety. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Tags added: verification-needed-yakkety -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Hello Steve, or anyone else affected, Accepted shim-signed into zesty-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/shim- signed/1.32~17.04.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-zesty to verification-done-zesty. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-zesty. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: shim-signed (Ubuntu Zesty) Status: New => Fix Committed ** Tags added: verification-needed-zesty -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
This bug was fixed in the package shim-signed - 1.28~16.04.1 --- shim-signed (1.28~16.04.1) xenial; urgency=medium * Adjust apport hook to include key files that tell us about the system's current SB state. LP: #1680279. -- Steve LangasekWed, 05 Apr 2017 15:14:49 -0700 ** Changed in: shim-signed (Ubuntu Xenial) Status: Fix Committed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
I changed my mind; this is a verification-done: just knowing whether the files are there even if they're not mapping to proper data is already a plus. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Verified shim-signed 1.28~16.04.1 in xenial. MokSBStateRT and SecureBoot are now included in apport reports, but they are being shown as binary data (as a single unprintable character). I think this qualifies as verification-failed. ** Tags added: verification-failed-xenial ** Tags removed: verification-failed-xenial ** Tags added: verification-done-xenial -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
Hello Steve, or anyone else affected, Accepted shim-signed into yakkety-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/shim- signed/1.28~16.10.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed.Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, and change the tag from verification-needed to verification-done. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed. In either case, details of your testing will help us make a better decision. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance! ** Changed in: shim-signed (Ubuntu Yakkety) Status: New => Fix Committed ** Tags added: verification-needed ** Changed in: shim-signed (Ubuntu Xenial) Status: New => Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1680279] Re: attach secureboot state files to shim-signed apport reports
** Changed in: shim-signed (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1680279 Title: attach secureboot state files to shim-signed apport reports To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1680279/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs