Closed RA-Kooi closed 2 years ago
The functionality is already there, see sbupdate.conf
and the CONFIGS
/CMDLINE
settings.
The command line is part of the signed EFI image, so there will be multiple output images for multiple command lines even with the same kernel.
I have a situation where I have a single kernel, but multiple commandlines. Normally I use systemd-boot to do this, but now I want to move to using secureboot with an encrypted
/boot
partition, and I'm pretty sure systemd-boot isn't able to read anything else than simple vfat partitions.Right now I set
KERNELS
from the config as hack to also sign the "second" kernel in /boot, which is simply a symlink to my main kernel. But maybe it's better to add some extra functionality to the script to do this in a more supported way, as FAT partitions don't support symlinks.