The default is to disable secureboot. However, this requires a password to be set. These defaults seem contradictory when used with DEBIAN_FRONTEND=noninteractive. We use noninteractive mode (along with some other options-- I'll be investigating further tomorrow) to install systems, and the package gets stuck in an infinite loop. From the output of apt-extracttemplates:
Template: shim/disable_secureboot Type: boolean Default: true Description: Disable UEFI Secure Boot? If Secure Boot remains enabled on your system, your system may still boot but any hardware that requires third-party drivers to work correctly may not be usable. Template: shim/enable_secureboot Type: boolean Default: false Description: Enable UEFI Secure Boot? If Secure Boot is enabled on your system, your system may still boot but any hardware that requires third-party drivers to work correctly may not be usable. Template: shim/secureboot_key Type: string Description: Enter a password for Secure Boot. It will be asked again after a reboot. Template: shim/secureboot_key_again Type: string Description: Enter the same password again to verify you have typed it correctly. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1603642 Title: (trusty, debconf passthrough) package shim-signed 1.17~14.04.1+0.8-0ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1603642/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs