Package: dkms Version: 3.0.11-3 Severity: critical Justification: breaks unrelated software
Dear Maintainer, * What led up to the situation? Enrolled my own secureboot key chain (PK, KEK, db) and wanted dkms to sign kernel modules automatically. * What exactly did you do (or not do) that was effective (or ineffective)? Set `mok_signing_key=` and `mok_certificate` in `/etc/dkms/framework.conf` to my DB.key/DB.crt and then installed the `nvidia-driver` using apt. * What was the outcome of this action? My DB.key and DB.crt were overridden by some new keys. * What outcome did you expect instead? Even if my configuration is wrong, I would never expect that setting `mok_signing_key=` overriddes anything. -- System Information: Debian Release: trixie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 6.4.0-4-amd64 (SMP w/8 CPU threads; PREEMPT) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dkms depends on: ii build-essential 12.10 ii dpkg-dev 1.22.0 ii gcc [c-compiler] 4:13.2.0-1 ii gcc-13 [c-compiler] 13.2.0-3 ii kmod 30+20230601-1 ii lsb-release 12.0-2 ii make 4.3-4.1 ii patch 2.7.6-7 Versions of packages dkms recommends: ii fakeroot 1.32.1-1 ii linux-headers-amd64 [linux-headers-generic] 6.4.13-1 ii sudo 1.9.14p2-1 Versions of packages dkms suggests: ii e2fsprogs 1.47.0-2+b1 pn menu <none> -- Configuration Files: /etc/dkms/framework.conf changed: -- no debconf information
