grub2/SOURCES/0353-docs-grub-pubkey-has-been-supported-for-some-time.patch
2021-09-09 18:05:23 +00:00

37 lines
1.6 KiB
Diff

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Daniel Axtens <dja@axtens.net>
Date: Sat, 15 Aug 2020 02:04:01 +1000
Subject: [PATCH] docs/grub: --pubkey has been supported for some time
--pubkey is supported, so we can now document it.
(adjust docs: s/grub/grub2)
Signed-off-by: Daniel Axtens <dja@axtens.net>
---
docs/grub.texi | 12 +++---------
1 file changed, 3 insertions(+), 9 deletions(-)
diff --git a/docs/grub.texi b/docs/grub.texi
index 34517e67439..a833364d5ff 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -5695,15 +5695,9 @@ verified with a public key currently trusted by GRUB
validation fails, then file @file{foo} cannot be opened. This failure
may halt or otherwise impact the boot process.
-@comment Unfortunately --pubkey is not yet supported by grub2-install,
-@comment but we should not bring up internal detail grub2-mkimage here
-@comment in the user guide (as opposed to developer's manual).
-
-@comment An initial trusted public key can be embedded within the GRUB
-@comment @file{core.img} using the @code{--pubkey} option to
-@comment @command{grub2-mkimage} (@pxref{Invoking grub2-install}). Presently it
-@comment is necessary to write a custom wrapper around @command{grub2-mkimage}
-@comment using the @code{--grub-mkimage} flag to @command{grub2-install}.
+An initial trusted public key can be embedded within the GRUB
+@file{core.img} using the @code{--pubkey} option to
+@command{grub2-install} (@pxref{Invoking grub2-install}).
GRUB uses GPG-style detached signatures (meaning that a file
@file{foo.sig} will be produced when file @file{foo} is signed), and