Bug#925971: release-notes: should mention secure boot in d-i

Discussion:

(too old to reply)

Paul Gevers

2019-03-29 15:50:01 UTC

Package: release-notes
X-Debbugs-CC: debian-***@lists.debian.org

As now discussion on the RT sprint, the release notes should probably
say something about the work on secure boot.

I wouldn't know what to put in, so proposals are welcome. Until that
time, I file this bug to not forget.

Paul

Steve McIntyre

2019-03-30 07:50:01 UTC

Permalink

Post by Paul Gevers
Package: release-notes
As now discussion on the RT sprint, the release notes should probably
say something about the work on secure boot.
I wouldn't know what to put in, so proposals are welcome. Until that
time, I file this bug to not forget.

ACK. We'll have some text to add. :-)

--
Steve McIntyre, Cambridge, UK. ***@einval.com
"Arguing that you don't care about the right to privacy because you have
nothing to hide is no different than saying you don't care about free
speech because you have nothing to say."
-- Edward Snowden

Paul Gevers

2019-04-21 18:20:01 UTC

Permalink

Hi Debian-boot,

Friendly ping.

Post by Steve McIntyre

Post by Paul Gevers
As now discussion on the RT sprint, the release notes should probably
say something about the work on secure boot.
I wouldn't know what to put in, so proposals are welcome. Until that
time, I file this bug to not forget.

ACK. We'll have some text to add. :-)

Paul

Holger Wansing

2019-04-21 18:30:01 UTC

Permalink

Hi,

Post by Paul Gevers
Hi Debian-boot,
Friendly ping.

Post by Steve McIntyre

ACK. We'll have some text to add. :-)

4 weeks ago, I sent a proposal to debian-boot:

https://lists.debian.org/debian-boot/2019/03/msg00265.html

Maybe...

Holger

--
Holger Wansing <***@mailbox.org>
PGP-Fingerprint: 496A C6E8 1442 4B34 8508 3529 59F1 87CA 156E B076

Ben Hutchings

2019-04-21 22:30:01 UTC

Permalink

I don't have a complete proposed text, but I think the key points to
include are:

* Secure Boot is a feature enabled on most PCs that prevents loading
unsigned code, protecting against some kinds of bootkit and rootkit.

* Debian can now be installed and run on most PCs with Secure Boot
enabled.

* It is possible to enable Secure Boot on a system that has an existing
Debian installation, if it already boots using UEFI. Before doing
this, it's necessary to install shim-signed, grub-efi-amd64-signed or
grub-efi-ia32-signed, and a Linux kernel package from buster.

* Some features of GRUB and Linux are restricted in Secure Boot mode,
to prevent modifications to their code.

* More information can be found on the Debian wiki at
<https://wiki.debian.org/SecureBoot>.

Ben.

--
Ben Hutchings
It is easier to write an incorrect program
than to understand a correct one.

Debian Bug Tracking System

2019-05-02 21:00:02 UTC

Permalink

Your message dated Thu, 2 May 2019 22:49:49 +0200
with message-id <69d67e4e-ac64-b30d-0f21-***@debian.org>
and subject line Re: Bug#925971: release-notes: should mention secure boot in d-i
has caused the Debian Bug report #925971,
regarding release-notes: should mention secure boot in d-i
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ***@bugs.debian.org
immediately.)

--
925971: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925971
Debian Bug Tracking System
Contact ***@bugs.debian.org with problems