I set up a KVM guest with Secure Boot for testing this.
The patched gnu-efi to build shim 13 successfully was built on this PPA [1].
The original shim 13 too (from shim-staging PPA [2]), it built successfully
using those changes.
Unfortunately shim-signed fails to build (for key-related reasons, likely expected),
and the version built in the shim-staging PPA for Trusty has a too newer version
for the grub2-common dependency (>= 2.02~beta2-36ubuntu12).
So I installed it with with `dpkg -i --force-depends-version`.
Summary, the test used:
- shim-13 built with patched gnu-efi
- grub2 packages from trusty-proposed
- and shim-signed from shim-staging PPA.
I set up a KVM guest with Secure Boot for testing this.
The patched gnu-efi to build shim 13 successfully was built on this PPA [1].
The original shim 13 too (from shim-staging PPA [2]), it built successfully
using those changes.
Unfortunately shim-signed fails to build (for key-related reasons, likely expected), 36ubuntu12) . depends- version` .
and the version built in the shim-staging PPA for Trusty has a too newer version
for the grub2-common dependency (>= 2.02~beta2-
So I installed it with with `dpkg -i --force-
Summary, the test used:
- shim-13 built with patched gnu-efi
- grub2 packages from trusty-proposed
- and shim-signed from shim-staging PPA.
It works. :- )
$ dpkg -s grub-efi- amd64-signed grub2-common shim shim-signed | grep -e ^Package: -e ^Version amd64-signed 2.02~beta2- 9ubuntu1. 15 9ubuntu1. 15 14.04.1+ 13-0ubuntu2
Package: grub-efi-
Version: 1.34.17+
Package: grub2-common
Version: 2.02~beta2-
Package: shim
Version: 13-0ubuntu2
Package: shim-signed
Version: 1.33.1~
$ sudo grub-install --uefi-secure-boot && sudo reboot
<...>
ubuntu@ trusty- secboot: ~$ dmesg | grep Secure
[ 0.000000] Secure boot enabled
ubuntu@ trusty- secboot: ~$ sudo fwts uefidump - | grep Secure
Name: SecureBoot.
Value: 0x01 (Secure Boot Mode On).
[1] https:/ /launchpad. net/~mfo/ +archive/ ubuntu/ sf188840di /launchpad. net/~canonical- foundations/ +archive/ ubuntu/ shim/
[2] https:/