[Bug 1789918] Re: /boot/vmlinux-4.17 has invalid signature

Steve Langasek steve.langasek at canonical.com
Thu Aug 30 18:09:24 UTC 2018 

On Thu, Aug 30, 2018 at 05:21:16PM -0000, Adam Conrad wrote:
> My guess is that Brad's been getting all his kernels from the ckt PPA,
> which means they'd all have snakeoil sigs on them instead of the archive
> sig.  In this case, "linux-image-4.17.0-6-generic" and "linux-
> image-4.17.0-6-generic" aren't the same thing, cause linux-signed
> binaries are rebuilt when we copy to the archive.

> Disabling the ckt PPA and doing an "apt-get --reinstall install <list of
> packages above>" will probably fix it.

> In future, I imagine kernel team folks might want to add their PPA's EFI
> signing key to MOK on systems where they're likely to run PPA kernels.

Yes.  Having the exact vmlinuz binary attached to this bug report will let
us confirm this.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to grub2 in Ubuntu.
https://bugs.launchpad.net/bugs/1789918

Title:
  /boot/vmlinux-4.17 has invalid signature

Status in grub2 package in Ubuntu:
  New

Bug description:
  This is on a cosmic system. I wanted to test the 4.18 kernel in the kernel teams unstable ppa. I enabled that ppa, then ran "sudo apt-get update; sudo apt-get dist-upgrade" and then rebooted. Upon boot grub started reporting that none of the kernels I have installed have valid signatures. These were working just fine before this update. The only remedy was to disable secure boot in my bios.
  --- 
  ProblemType: Bug
  ApportVersion: 2.20.10-0ubuntu9
  Architecture: amd64
  CurrentDesktop: ubuntu:GNOME
  DistroRelease: Ubuntu 18.10
  EcryptfsInUse: Yes
  InstallationDate: Installed on 2017-08-14 (380 days ago)
  InstallationMedia: Ubuntu 17.10 "Artful Aardvark" - Alpha amd64 (20170812)
  Package: grub2 (not installed)
  ProcEnviron:
   TERM=tmux-256color
   PATH=(custom, no user)
   XDG_RUNTIME_DIR=<set>
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  ProcVersionSignature: Ubuntu 4.18.0-7.8-generic 4.18.5
  Tags:  wayland-session cosmic
  Uname: Linux 4.18.0-7-generic x86_64
  UpgradeStatus: No upgrade log present (probably fresh install)
  UserGroups: adm cdrom dip kvm libvirt lpadmin plugdev sambashare sudo
  _MarkForUpload: True

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1789918/+subscriptions

More information about the foundations-bugs mailing list