@kowalski7cc @dangoodin It works with the shim/MokManager stuff just like GRUB itself would (i.e. on first run the user gets prompted to trust it, if they have the standard third-party-friendly secureboot stuff enabled; if disabled it just runs). Obviously it changes TPM PCR contents since shim does that properly, so it would be detectable with measured boot.
Every single thing here is working as intended.
https://social.treehouse.systems/@marcan/113560977486826077
No replies.
────