** No longer affects: unattended-upgrades (Ubuntu)
** No longer affects: unattended-upgrades (Ubuntu Trusty)
** No longer affects: unattended-upgrades (Ubuntu Xenial)
** No longer affects: unattended-upgrades (Ubuntu Yakkety)
--
You received this bug notification because you are a member of
This bug was fixed in the package shim-signed - 1.32~14.04.2
---
shim-signed (1.32~14.04.2) trusty; urgency=medium
* Backport shim-signed 1.32 to 14.04. (LP: #1700170)
shim-signed (1.32) artful; urgency=medium
* Handle cleanup of /var/lib/shim-signed on package purge.
Verification done for trusty: I've used shim-signed 1.32~14.04.2;
interactive and non-interactive, unattended upgrades are behaving as
expected and correctly stop if a new DKMS package is being installed, or
continue if existing DKMS packages are being upgraded (not unnecessarily
breaking upgrade
Hello Jeremy, or anyone else affected,
Accepted shim-signed into trusty-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/shim-
signed/1.32~14.04.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package. See
An upload of shim-signed to trusty-proposed has been rejected from the
upload queue for the following reason: "needs adjusted versioned dep on
grub2-common; drop ref to LP: #1624096 from changelog".
** Changed in: unattended-upgrades (Ubuntu Trusty)
Status: New => Invalid
** Changed in:
This bug was fixed in the package shim-signed - 1.27~16.04.1
---
shim-signed (1.27~16.04.1) xenial; urgency=medium
* Backport shim 0.9+1474479173.6c180c6-1ubuntu1 to 16.04. (LP:
#1637290)
shim-signed (1.27) zesty; urgency=medium
[ Steve Langasek ]
* Update to the signed
This bug was fixed in the package shim-signed - 1.27~16.10.1
---
shim-signed (1.27~16.10.1) yakkety; urgency=medium
* Backport shim 0.9+1474479173.6c180c6-1ubuntu1 to 16.10. (LP:
#1637290)
shim-signed (1.27) zesty; urgency=medium
[ Steve Langasek ]
* Update to the signed
Verified shim-signed 1.27~16.04.1 on xenial:
Processing triggers for shared-mime-info (1.5-2ubuntu0.1) ...
Setting up libreoffice-core (1:5.1.6~rc2-0ubuntu1~xenial1) ...
Setting up libreoffice-base-core (1:5.1.6~rc2-0ubuntu1~xenial1) ...
Setting up libreoffice-calc (1:5.1.6~rc2-0ubuntu1~xenial1)
Verified shim-signed 1.27~16.10.1 on yakkety:
Processing triggers for systemd (231-9ubuntu3) ...
Processing triggers for man-db (2.7.5-1) ...
Setting up grub-efi-amd64-bin (2.02~beta2-36ubuntu11.2) ...
Setting up grub2-common (2.02~beta2-36ubuntu11.2) ...
Setting up shim-signed
Hello Jeremy, or anyone else affected,
Accepted shim-signed into yakkety-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/shim-
signed/1.27~16.10.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package. See
Hello Jeremy, or anyone else affected,
Accepted shim-signed into xenial-proposed. The package will build now
and be available at https://launchpad.net/ubuntu/+source/shim-
signed/1.27~16.04.1 in a few hours, and then in the -proposed
repository.
Please help us by testing this new package. See
** Description changed:
+ [Impact]
+ Any user with unattended upgrades enabled and DKMS packages in a Secure Boot
environment might be prompted to change Secure Boot policy, which will fail and
crash in unattended-upgrades.
+
+ [Test case]
+ 1) Install new package
+ 2) Create
** Also affects: unattended-upgrades (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: shim-signed (Ubuntu Yakkety)
Importance: Undecided
Status: New
** Also affects: unattended-upgrades (Ubuntu Trusty)
Importance: Undecided
Status: New
** Also
This bug was fixed in the package shim-signed - 1.27
---
shim-signed (1.27) zesty; urgency=medium
[ Steve Langasek ]
* Update to the signed 0.9+1474479173.6c180c6-1ubuntu1 binary from
Microsoft.
* update-secureboot-policy:
- detect when we have no debconf prompting and
** Changed in: shim-signed (Ubuntu)
Milestone: None => ubuntu-17.03
** Changed in: shim-signed (Ubuntu)
Status: Incomplete => In Progress
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
** Tags added: rls-z-incoming
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to unattended-upgrades in
Ubuntu.
https://bugs.launchpad.net/bugs/1673817
Title:
update-secure-boot-policy behaving badly with unattended-upgrades
Per my last comment on IRC, I think 'exit 1' is actually better here
because we aren't taking the specified action. grub calls update-
secureboot-policy || true, but that just sets the trigger anyway. shim-
signed calls without the || true, and so the trigger will fail under
this condition. But
On Fri, Mar 17, 2017 at 03:52:28PM -, Mathieu Trudel-Lapierre wrote:
> What is the content of the following files?
> /proc/sys/kernel/secure_boot
> /proc/sys/kernel/moksbstate_disabled
This shouldn't matter for solving this bug. I believe the only thing you
need is, at line 83 when checking
Both are 0 now.
After filing the bug report, I did a dist-upgrade and choose not to
disable secure boot when prompted (because it was already disabled or
else VirtualBox wouldn't be working).
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which
What is the content of the following files?
/proc/sys/kernel/secure_boot
/proc/sys/kernel/moksbstate_disabled
** Changed in: shim-signed (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed
** Changed in: unattended-upgrades (Ubuntu)
Status: New => Invalid
** Changed in: shim-signed (Ubuntu)
Assignee: (unassigned) => Mathieu Trudel-Lapierre (cyphermox)
** Changed in: shim-signed (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because
** Attachment added: "unattended-upgrades-dpkg.log"
https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1673817/+attachment/4839527/+files/unattended-upgrades-dpkg.log
** Attachment removed: "JournalErrors.txt"
22 matches
Mail list logo
