The MAAS environment I've been using to reproduce this is virtual. I have MAAS running in an LXD container connected to an LXD Pod. To recreate this environment you'll have to install MAAS 2.8, python-pylxd from github(if using the Debian packages), and apply this patch to reenable secure boot. After MAAS is setup you'll need to configure LXD to accept remote connections to be able to add it as a MAAS Pod.
This bug should be reproducible using LXD 1. Download GRUB and the shim. MAAS gets both from Bionic, you can download them direct here 2. Setup a TFTP server to provide them 3. Add grub.cfg from MAAS 4. Setup DHCP - Example dhcpd.conf from MAAS 5. Create LXD VM 6. Modify LXD VM to boot from over the network 7. See boot failure http://paste.ubuntu.com/p/gjXhVTDgRv/  https://images.maas.io/ephemeral-v3/daily/bootloaders/uefi/amd64/  https://git.launchpad.net/maas/tree/src/provisioningserver/templates/uefi/config.local.amd64.template  http://paste.ubuntu.com/p/RMRxYkDrNG/ -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1865515 Title: Chainbooting from grub over the network to local shim breaks chain of trust To manage notifications about this bug go to: https://bugs.launchpad.net/maas/+bug/1865515/+subscriptions -- ubuntu-bugs mailing list email@example.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs