I needed to patch the kernel for ACS override and I found this process to be unexpectedly complicated and difficult in debian.
If I had just downloaded the tarball from kernel.org and done it the old way I would have been done with this yesterday, but I wanted to keep using the stable debian kernel with the only difference being the ACS Override patch.
I have a folder full of new fresh .debs, but if I want to install any of them it complains that it will conflict with what I already have installed. I do not wish to remove the kernel I already have installed in case I need to boot to it again.
I ended up using someone else's Makefile that magically renamed the packages, but I am still left with an unsigned kernel I can't use secure boot with.
#1 If I recompile and install the "proper" debian way, how do I ensure the packages are named differently enough to not conflict with the stock kernel already installed?
#2 How do I use the signed-templates package to sign my newly compiled kernel for use with secure boot?
I have already seen https://wiki.debian.org/SecureBoot#Shim, but surely there is an easier way?
I would follow the above, but I am afraid I will mess up the signing of the currently installed kernel since I have no idea how this works.
If I had just downloaded the tarball from kernel.org and done it the old way I would have been done with this yesterday, but I wanted to keep using the stable debian kernel with the only difference being the ACS Override patch.
I have a folder full of new fresh .debs, but if I want to install any of them it complains that it will conflict with what I already have installed. I do not wish to remove the kernel I already have installed in case I need to boot to it again.
I ended up using someone else's Makefile that magically renamed the packages, but I am still left with an unsigned kernel I can't use secure boot with.
#1 If I recompile and install the "proper" debian way, how do I ensure the packages are named differently enough to not conflict with the stock kernel already installed?
#2 How do I use the signed-templates package to sign my newly compiled kernel for use with secure boot?
I have already seen https://wiki.debian.org/SecureBoot#Shim, but surely there is an easier way?
I would follow the above, but I am afraid I will mess up the signing of the currently installed kernel since I have no idea how this works.
Statistics: Posted by MrT — 2024-04-09 05:41 — Replies 7 — Views 178