]> code.delx.au - refind/blobdiff - debian/postinst
delx.au / code / refind / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
install.sh & related: Improved Secure Boot detection & removed error
[refind] / debian / postinst
diff --git a/debian/postinst b/debian/postinst
index 76df587a028eeac8f840e429c4d04164cd37ed4f..e78bd9d5da74561a4584c02de3b0cd90bc12c928 100755 (executable)
--- a/debian/postinst
+++ b/debian/postinst
@@ -12,7 +12,11 @@ fi
 
 cd /usr/share/refind
 
-declare VarFile=`ls -d /sys/firmware/efi/vars/SecureBoot* 2> /dev/null`
+if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
+   IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
+else
+   IsSecureBoot="0"
+fi
 # Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
 # present, the script uses shim rather than PreLoader.
 declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
@@ -31,7 +35,7 @@ declare OpenSSL=`which openssl 2> /dev/null`
 # enroll an extra MOK. I'm including it here because I'm NOT a
 # distribution maintainer, and I want to encourage users to use
 # their own local keys.
-if [[ -n $VarFile && -n $ShimFile ]] ; then
+if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
    if [[ -n $SBSign && -n $OpenSSL ]] ; then
       ./install.sh --shim $ShimFile --localkeys --yes
    else