Bug#820036: Debian does not run on systems with Secure Boot enabled

[Ben Hutchings]

Control: summary -1

GRUB and Linux images are now signed by the production key trusted by
shim-signed.  Debian-installer apparently installs the signed packages,
but other installation systems are not yet ready.

Ben.

-- 
Ben Hutchings
Quantity is no substitute for quality, but it's the only one we've got.




signature.asc
Description: This is a digitally signed message part

Bug#820036: Debian does not run on systems with Secure Boot enabled

[Ben Hutchings]

Package: general
Severity: important

Most new desktop/laptop PCs cannot run Debian without the firmware
being reconfigured to disable Secure Boot.  This is a known problem
that is being worked on, but it hasn't so far been properly recorded
in the BTS.

This is a tracking bug which will be marked as blocked by more
specific bugs in the packages that need changes.  Please don't try to
'tidy it up' by reassigning it - this issue requires changes in many
packages and by several teams.

Ben.

-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.4.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)