** Description changed: [Impact] - Any user of Secure Boot with DKMS modules having the GNOME debconf frontend enabled or other debconf frontends that are not Dialog or readline. + Users of SecureBoot with DKMS modules can trigger a maintainer script crash by using the buttons presented in the debconf UI, leaving the package in an unconfigured state. [Test case] 1) Delete /var/lib/shim-signed/mok/MOK.* if exists. 2) Run 'sudo update-secureboot-policy --new-key' 3) Run 'sudo update-secureboot-policy --enroll-key' 4) When prompted to "enable Secure Boot", hit the Back button. With no patch applied, the dialog will fall into an invalid state and error out, with the characteristic "return code 30" error as seen in the bug report. With the patch applied, no Back button will be present -- the user should not be allowed to back up out of the enrolment dialog except by making the conscious decision to enable SecureBoot / enroll a MOK or continue with no changes, as are the two options presented. [Regression Potential] Issues to watch out for are any related to password handling (failure to get the password and continue out of the debconf prompts without error), failure to enroll keys, or being unable to use dkms modules after reboot and successful enrolment of the key. Any erroring out of the debconf prompts at install should be investigated as possible regressions from this SRU. --- during partial update from 17.10 to 18.04 ProblemType: Package DistroRelease: Ubuntu 18.04 Package: shim-signed 1.34.9+13-0ubuntu2 ProcVersionSignature: Ubuntu 4.13.0-38.43-generic 4.13.16 Uname: Linux 4.13.0-38-generic x86_64 .proc.sys.kernel.moksbstate_disabled: Error: [Errno 2] Aucun fichier ou dossier de ce type: '/proc/sys/kernel/moksbstate_disabled' ApportVersion: 2.20.9-0ubuntu7 Architecture: amd64 Date: Thu Apr 26 11:31:05 2018 DistributionChannelDescriptor: # This is a distribution channel descriptor # For more information see http://wiki.ubuntu.com/DistributionChannelDescriptor canonical-oem-somerville-xenial-amd64-20160624-2 ErrorMessage: installed shim-signed package post-installation script subprocess returned error exit status 30 InstallationDate: Installed on 2018-03-26 (30 days ago) InstallationMedia: Ubuntu 16.04 "Xenial" - Build amd64 LIVE Binary 20160624-10:47 MokSBStateRT: 6 0 0 0 1 Python3Details: /usr/bin/python3.6, Python 3.6.5, python3-minimal, 3.6.5-3 PythonDetails: /usr/bin/python2.7, Python 2.7.15rc1, python-minimal, 2.7.15~rc1-1 RelatedPackageVersions: dpkg 1.19.0.5ubuntu2 apt 1.6.1 SecureBoot: 6 0 0 0 1 SourcePackage: shim-signed Title: package shim-signed 1.34.9+13-0ubuntu2 failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 30 UpgradeStatus: No upgrade log present (probably fresh install)
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1767091 Title: package shim-signed 1.34.9+13-0ubuntu2 failed to install/upgrade: installed shim-signed package post-installation script subprocess returned error exit status 30 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shim-signed/+bug/1767091/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
