... why aren't all the kernels just signed? Why does this need to be a separate package at all?
I can confirm installing the -signed package fixes it for me. Where in the kernel source does this signature effect the output of /proc/sys/kernel/secure_boot, though? I can't find that... -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1658255 Title: Kernel not enforcing module signatures under SecureBoot To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1658255/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs