search

andreyv / sbupdate

Generate and sign kernel images for UEFI Secure Boot on Arch Linux
GNU General Public License v3.0
225 stars 20 forks source link

Multiple cmdlines per kernel #43

Closed RA-Kooi closed 2 years ago

RA-Kooi commented 3 years ago

I have a situation where I have a single kernel, but multiple commandlines. Normally I use systemd-boot to do this, but now I want to move to using secureboot with an encrypted /boot partition, and I'm pretty sure systemd-boot isn't able to read anything else than simple vfat partitions.

Right now I set KERNELS from the config as hack to also sign the "second" kernel in /boot, which is simply a symlink to my main kernel. But maybe it's better to add some extra functionality to the script to do this in a more supported way, as FAT partitions don't support symlinks.

andreyv commented 2 years ago

The functionality is already there, see sbupdate.conf and the CONFIGS/CMDLINE settings.

The command line is part of the signed EFI image, so there will be multiple output images for multiple command lines even with the same kernel.