Quantcast
Channel: Debian User Forums
Viewing all articles
Browse latest Browse all 2901

Installation • Re: [Solved] Can't boot Debian 12. Security Policy Violation

$
0
0
Hello,
To save me disabling secure boot to do some maintenance whilst root was unmounted I booted Debian-12.7 live KDE desktop image on a Devuan system (Bookworm 12).

To my surprise it has had the exact same affect as the Windows update. I guess I now need to wait for the Debian update to my main OS too. I guess Debian should update the shim in the repos before the .iso?
As far as I know, the Debian Live ISO does not change anything in the system it is booted from. Unless you have done something else.
I clicked my encrypted drive in Dolphin and entered my password. Then dropped to the console and did ls /dev/mapper then shutdown - h now.

My guess is that a shim carries revocations that updated my local list as it was signed correctly which is pretty cool but problematic, if you have multiple boot systems like isos or multiple Linux. I only have Devuan installed so I shall just disable secure boot for booting recovery disks in future. Though I guess it shouldn't happen too often.

mokutil --list-sbat-revocations
gives
sbat,1,2024010900
shim,4
grub,3
grub.debian,4

Statistics: Posted by kevlar7007 — 2024-09-10 21:45



Viewing all articles
Browse latest Browse all 2901

Trending Articles