← prev | next →
ktheticdev 2022-09-08 14:42:24
Alyx 🦊 2022-09-08 14:41:29
You very much misunderstood the design ideology behind the arch linux logo. The hole in the bottom represents a head, the bottom of the arch linux logo is shaped like a person
errr no the logo is actually a boob.
niksingh710 2022-09-08 14:42:34
any guide on setting up secure boot?
jonathn 2022-09-08 14:42:42
niksingh710 2022-09-08 14:42:34
any guide on setting up secure boot?
Apart from the one on the wiki?
https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
Alyx 🦊 2022-09-08 14:42:47
ktheticdev 2022-09-08 14:42:24
errr no the logo is actually a boob.
I mean yes a lot of arch linux users are that sometimes lel
ktheticdev 2022-09-08 14:42:54
niksingh710 2022-09-08 14:42:34
any guide on setting up secure boot?
better not doing it cuz you’ll lose ability to hibernate
niksingh710 2022-09-08 14:43:37
jonathn 2022-09-08 14:42:42
Apart from the one on the wiki?
https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot
yep from there i kindda understood how this all works
but want something that i do once and then it automatically get done after updates
ktheticdev 2022-09-08 14:44:02
niksingh710 2022-09-08 14:43:37
yep from there i kindda understood how this all works
but want something that i do once and then it automatically get done after updates
pacman hook
niksingh710 2022-09-08 14:44:34
ktheticdev 2022-09-08 14:44:02
pacman hook
okay
ktheticdev 2022-09-08 14:44:47
Lockdown state
jonathn 2022-09-08 14:44:56
niksingh710 2022-09-08 14:43:37
yep from there i kindda understood how this all works
but want something that i do once and then it automatically get done after updates
Like https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Automatic_signing_with_the_pacman_hook ?
ktheticdev 2022-09-08 14:45:50
ktheticdev 2022-09-08 14:44:47
Lockdown state
due to some bitlocker security issues when lockdown is disabled linux is unable hibernate with secure boot
niksingh710 2022-09-08 14:45:53
jonathn 2022-09-08 14:44:56
Like https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot#Automatic_signing_with_the_pacman_hook ?
aah thanks mate
niksingh710 2022-09-08 14:46:24
ktheticdev 2022-09-08 14:45:50
due to some bitlocker security issues when lockdown is disabled linux is unable hibernate with secure boot
when have windows as dual boot then only this happens?
ktheticdev 2022-09-08 14:46:49
niksingh710 2022-09-08 14:46:24
when have windows as dual boot then only this happens?
no, always
ktheticdev 2022-09-08 14:47:01
unless you compile your kernel without lockdown support
niksingh710 2022-09-08 14:48:08
ktheticdev 2022-09-08 14:47:01
unless you compile your kernel without lockdown support
lockdown is a new thing to me
i mostly use suspend
ktheticdev 2022-09-08 14:48:35
niksingh710 2022-09-08 14:48:08
lockdown is a new thing to me
i mostly use suspend
lockdown is basically a state, not a shutdown option
ktheticdev 2022-09-08 14:48:49
the thing that won’t work is hibernate and hybrid sleep
grazzolini 2022-09-08 14:50:38
ktheticdev 2022-09-08 14:46:49
no, always
This is incorrect
grazzolini 2022-09-08 14:50:50
niksingh710 2022-09-08 14:48:08
lockdown is a new thing to me
i mostly use suspend
You can use secure boot
ktheticdev 2022-09-08 14:51:14
grazzolini 2022-09-08 14:50:38
This is incorrect
well lockdown can be disabled but afaik kernel has to be recompiled
grazzolini 2022-09-08 14:51:52
ktheticdev 2022-09-08 14:51:14
well lockdown can be disabled but afaik kernel has to be recompiled
There’s no need to disable anything. I’m using SB right now without needing to touch lockdown.
ktheticdev 2022-09-08 14:52:09
grazzolini 2022-09-08 14:51:52
There’s no need to disable anything. I’m using SB right now without needing to touch lockdown.
errr
how then…
grazzolini 2022-09-08 14:52:38
ktheticdev 2022-09-08 14:52:09
errr
how then…
I use my own keys
grazzolini 2022-09-08 14:52:47
But afaik, this would work with shim also
ktheticdev 2022-09-08 14:52:53
grazzolini 2022-09-08 14:52:38
I use my own keys
so? how does that solve the problem?
ktheticdev 2022-09-08 14:53:08
check your CONFIG_LSM_LOCKDOWN variable
ktheticdev 2022-09-08 14:53:29
oh actually
ktheticdev 2022-09-08 14:53:42
CONFIG_SECURITY_LOCKDOWN_LSM
grazzolini 2022-09-08 14:53:42
ktheticdev 2022-09-08 14:53:08
check your CONFIG_LSM_LOCKDOWN variable
I’m using Arch Linux stock kernel, it has no LSM lockdown
ktheticdev 2022-09-08 14:53:53
grazzolini 2022-09-08 14:53:42
I’m using Arch Linux stock kernel, it has no LSM lockdown
oh) I see
grazzolini 2022-09-08 14:54:04
ktheticdev 2022-09-08 14:53:53
oh) I see
Nvm, it seems it has:
zcat /proc/config.gz | grep CONFIG_SECURITY_LOCKDOWN_LSM
CONFIG_SECURITY_LOCKDOWN_LSM=y
grazzolini 2022-09-08 14:54:11
then again, I don’t hibernate, nor care to
ktheticdev 2022-09-08 14:54:20
grazzolini 2022-09-08 14:54:11
then again, I don’t hibernate, nor care to
oh, understandable then
grazzolini 2022-09-08 14:54:54
ktheticdev 2022-09-08 14:54:20
oh, understandable then
But you can use SB just fine, even more so if you don’t dual boot with windows
← prev | next →