julianfairfax
commented
10 months ago This should close #167
Closed julianfairfax closed 6 months ago
julianfairfax
commented
10 months ago This should close #167
julianfairfax
commented
9 months ago Could someone take a look at this please?
Foxboron
commented
9 months ago I have looked over it and I'm not quite confident in the packaging work to include it in the README.md.
Just throwing the binary into /usr/bin and including a minimal metadata file, that doesn't even include a license, doesn't seem right.
There is an entire make install command that is just not being used and I'm not sure if scripts like these are the proper way to package Debian packages.
julianfairfax
commented
9 months ago Just throwing the binary into /usr/bin and including a minimal metadata file, that doesn't even include a license, doesn't seem right.
There is an entire make install command that is just not being used
I am now using that, and all expected files are now included.
and I'm not sure if scripts like these are the proper way to package Debian packages.
They are a way to make Debian packages. If by "proper way", you mean the way you would have to do it for the package to by accepted into the Debian repos, then this is not that way.
However, creating such a Debian package is also requires packaging all dependencies. As this tool is written in go, which is a newer programming language and has less packages in Debian, that could be a long and complicated process, especially since each dependency of sbctl that is not packaged in Debian, could also have its own dependencies that also require packaging.
This is something I would like to do at some point. But at the moment I don't have the time or the willingness to tackle that task. This package, that I have created, is exactly the same as how a "proper" Debian package would be, except for its creation method.
Additionally, this is a more interesting improvement to me than the creation process of the package:
I also spent a lot of time trying to create something similar to the pacman hook, for automatic resigning after a modification of Debian's EFI files, but I was unsuccessful.
I don't have time to further investigate that, but, if someone knows how to do this, within the framework of the package setup, then I will implement it.
Foxboron
commented
9 months ago I don't intend for you to package all the dependencies. But having a build_deb.sh just seems like a poor way to package this.
julianfairfax
commented
9 months ago I don't intend for you to package all the dependencies. But having a
build_deb.shjust seems like a poor way to package this.
There is no alternative. The only other way of building the package is the "proper" Debian way, which requires building all the dependencies.
I'm not sure what it is that you do want, but if this package isn't to your liking, then you should close the PR. The fact is that the package does work exactly as a Debian package should.
user@verbose:~$ apt info sbctl
Package: sbctl
Version: 0.11
Priority: extra
Section: misc
Maintainer: Julian <juliannfairfax@protonmail.com>
Installed-Size: unknown
Download-Size: 4,145 kB
APT-Manual-Installed: yes
APT-Sources: https://julianfairfax.gitlab.io/package-repo/debs packages/main amd64 Packages
Description: Secure Boot key manager
user@verbose:~$ dpkg-query -L sbctl
/.
/usr
/usr/bin
/usr/bin/sbctl
/usr/lib
/usr/lib/kernel
/usr/lib/kernel/install.d
/usr/lib/kernel/install.d/91-sbctl.install
/usr/share
/usr/share/bash-completion
/usr/share/bash-completion/completions
/usr/share/bash-completion/completions/sbctl
/usr/share/fish
/usr/share/fish/vendor_completions.d
/usr/share/fish/vendor_completions.d/sbctl.fish
/usr/share/licenses
/usr/share/licenses/sbctl
/usr/share/licenses/sbctl/LICENSE
/usr/share/man
/usr/share/man/man8
/usr/share/man/man8/sbctl.8
/usr/share/zsh
/usr/share/zsh/site-functions
/usr/share/zsh/site-functions/_sbctl
I have created a Debian package for sbctl which is available in my Debian repository.
In the future, I may look into getting this tool into the official Debian repos, but that is not as easy as creating this package was.
I also spent a lot of time trying to create something similar to the pacman hook, for automatic resigning after a modification of Debian's EFI files, but I was unsuccessful.
I don't have time to further investigate that, but, if someone knows how to do this, within the framework of the package setup, then I will implement it.
In any case, hopefully this package will help users who want to use sbctl on Debian, but don't feel like compiling it. I can tell you sbctl works the same way on Debian as it does on Arch, despite it not being documented on the Debian wiki. Thanks to sbctl, I have working secure boot on Debian on my laptop (which didn't come with Microsoft's keys)!