ericonr
/
sbctl
mirror of https://github.com/ericonr/sbctl.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
220 Commits 6 Branches 0 Tags 418 KiB
Commit Graph

3 Commits

Author SHA1 Message Date
Morten Linderud d108dbc9e0
Fixup 
Signed-off-by: Morten Linderud <morten@linderud.pw>
 2021-06-02 21:56:02 +02:00
Érico Nogueira 63876f01d5 Use x/sys/unix for ioctl instead of rolling our own. 
Keep FS_* constants which aren't listed in the package, and leave
SetAttr there, even though it's currently not used.

Leave a comment about this implementation not working on 64-bit big
endian systems. Chances of this software being run on such a platform
are very low, since at the moment, to my knowledge, Secure Boot on
64-bit big endian can only happen with aarch64_be, which is quite rare.
 2021-04-18 00:38:49 -03:00
Morten Linderud 2572b38a8e
sbctl: Check for immutable files before sbkeysync 
This allows us to give a sensible error for `enroll-keys` if the files
are set as immutable.

    $ sbctl enroll-keys
    ==> ERROR: File is immutable: /sys/firmware/efi/efivars/PK-8be4df61-93ca-11d2-aa0d-00e098032b8c
    ==> ERROR: File is immutable: /sys/firmware/efi/efivars/KEK-8be4df61-93ca-11d2-aa0d-00e098032b8c
    ==> ERROR: File is immutable: /sys/firmware/efi/efivars/db-d719b2cb-3d3a-4596-a3bc-dad00e67656f
    ==> ERROR: You need to chattr -i files in efivarfs

Signed-off-by: Morten Linderud <morten@linderud.pw>
 2021-04-03 12:27:44 +02:00