Hi,
In preparations for the Ubuntu Resolute Raccoon in April I’m researching configuring desktops with TPM Encryption enabled. To enable TPM it also requires Secure Boot to be enabled.
Currently the Foreman Discovery Image v5.1.3 (20206-02-06) with Secure Boot enabled fails with:
error: ../../grub-core/kern/efi/sb.c:182: bad shim signature.
error: ../../grub-core/loader/i386/efi/linux.c:260: you need to load the kernel first
Press any key to continue…
I’ve seen on other posts that it has been recommended to use GitHub - ATIX-AG/foreman-discovery-image-kiwi: This repository contains KIWI image description(s) for Foreman Discovery Images (FDI) based on various distributions. · GitHub however the latest commits are from two years ago.
Is there a more up to date way of getting the foreman discovery image to work with Secure boot?
In addition ideally once the above part is working I’d like to extend the discovery image to produce facts:
Secure_boot: True| false
TPM: True | false
So that I can update the partition table to configure tpm based on the above facts. If anyone has any ideas to the best course of action for this, that would be lovely as well. At the moment I think some sort of scripted addon could work.
Many Thanks,
Tania