On 10/25/19 4:52 PM, Thomas Goirand wrote: > Hi, > > I've setup my new laptop with secureboot, and now, I can't use the DKMS > modules from Virtualbox, as they aren't signed. I've been told by Sledge > that I should use MOK to do that, and that DKMS packages are supposed to > have all in them to support MOK. > > So my question is: > - where may I find a doc for MOK, as a user. And by that, I don't mean > the official MOK doc, where it explains how to install MOK from scratch > (which isn't useful to me...), but more, how can I just enrol a new key > and sign my kernel modules with them. > - the above probably belongs to debian-users, though, not this one. Is > there a DKMS package out there that supports MOK the correct way, so I > could cheat on it, and contribute this to the Virtualbox package? > > Cheers, > > Thomas Goirand (zigo)
Someone sent me a quick howto (I'm not sure why he did that in private). I've written that on the wiki, for everyone to use: https://wiki.debian.org/SecureBoot#Enroling_a_new_key In fact, it's rather easy. Now the question remains: how to do all of this automatically in a DKMS module? Cheers, Thomas Goirand (zigo)