b141171629
- Remove -fcf-protection compiler flag to allow i386 builds (law) Related: rhbz#1915452 - Unify GRUB configuration file location across all platforms Related: rhbz#1918817 - Add 'at_keyboard_fallback_set' var to force the set manually (rmetrich) - Add appended signatures support for ppc64le LPAR Secure Boot (daxtens) Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
37 lines
1.6 KiB
Diff
37 lines
1.6 KiB
Diff
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
From: Daniel Axtens <dja@axtens.net>
|
|
Date: Sat, 15 Aug 2020 02:04:01 +1000
|
|
Subject: [PATCH] docs/grub: --pubkey has been supported for some time
|
|
|
|
--pubkey is supported, so we can now document it.
|
|
|
|
(adjust docs: s/grub/grub2)
|
|
Signed-off-by: Daniel Axtens <dja@axtens.net>
|
|
---
|
|
docs/grub.texi | 12 +++---------
|
|
1 file changed, 3 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/docs/grub.texi b/docs/grub.texi
|
|
index 2436c57f598..7fc2a62a4f8 100644
|
|
--- a/docs/grub.texi
|
|
+++ b/docs/grub.texi
|
|
@@ -5732,15 +5732,9 @@ verified with a public key currently trusted by GRUB
|
|
validation fails, then file @file{foo} cannot be opened. This failure
|
|
may halt or otherwise impact the boot process.
|
|
|
|
-@comment Unfortunately --pubkey is not yet supported by grub2-install,
|
|
-@comment but we should not bring up internal detail grub2-mkimage here
|
|
-@comment in the user guide (as opposed to developer's manual).
|
|
-
|
|
-@comment An initial trusted public key can be embedded within the GRUB
|
|
-@comment @file{core.img} using the @code{--pubkey} option to
|
|
-@comment @command{grub2-mkimage} (@pxref{Invoking grub2-install}). Presently it
|
|
-@comment is necessary to write a custom wrapper around @command{grub2-mkimage}
|
|
-@comment using the @code{--grub-mkimage} flag to @command{grub2-install}.
|
|
+An initial trusted public key can be embedded within the GRUB
|
|
+@file{core.img} using the @code{--pubkey} option to
|
|
+@command{grub2-install} (@pxref{Invoking grub2-install}).
|
|
|
|
GRUB uses GPG-style detached signatures (meaning that a file
|
|
@file{foo.sig} will be produced when file @file{foo} is signed), and
|