That set check_signatures=no does not work seems correct, you don't want to be able to circumvent secure boot just by editing grub.cfg
Given that you vastly modified your boot configuration, I don't think this is actionable. I'd suggest you remove that package and maybe reinstall in case it does not fully get rid of it. Not only does it break your boot, it also makes it less secure by replacing trusted binaries with binaries you can sign just by gaining root access, completely circumventing the idea of secure boot preventing rootkits etc. ** Changed in: grub2 (Ubuntu) Status: New => Invalid -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1890672 Title: secure boot fails after upgrade to grub2-common 2.04-1ubuntu26.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1890672/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs