[Bug 2089320] Re: Secure boot variables full, unable to boot
Julian Andres Klode
2089320 at bugs.launchpad.net
Fri Nov 22 07:29:39 UTC 2024
I guess after the 2nd boot? secureboot-db I believe has been updated and
now contains current revocations which are quite big but also necessary,
it installs them at boot (possibly the service runs when Maas is booting
it's deploying side of things, idk).
Particularly, it revokes a lot of Windows boot loaders due to
BlackLotus.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to shim in Ubuntu.
https://bugs.launchpad.net/bugs/2089320
Title:
Secure boot variables full, unable to boot
Status in shim package in Ubuntu:
New
Bug description:
Deploying 22.04 fills up the secure boot variable Forbidden
Signatures. The system is still able to boot, but there are warnings
when booting. However, deploying with 24.04 seems to fill the secure
boot variable so much that the Ubuntu install is unable to start.
This behavior was noticed when deploying through MAAS to a Supermicro
- SYS-6028U-TR4+
(https://www.supermicro.com/products/system/2u/6028/SYS-6028U-TR4_.cfm?parts=SHOW)
system.
This is the output I was able to capture from the terminal:
```
Could not create MokListTrustedRT: Volume full
Something has gone seriously wrong: import_mok_state() failed: Volume full
```
The error messages were similar to the ones found in this upstream
issue: https://github.com/rhboot/shim/issues/654.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/shim/+bug/2089320/+subscriptions
More information about the foundations-bugs
mailing list