Sign fwupd installs

[KenMacD]

fwupd requires /usr/lib/fwupd/efi/fwupdx64.efi.signed to work. It would be helpful if the signing of this package was added.

[gdamjan]

I use fwupd too. I used this command to sign it:

sudo sbsign --key /etc/secure-boot/db.key --cert /etc/secure-boot/db.crt -o /usr/lib/fwupd/efi/fwupdx64.efi.signed /usr/lib/fwupd/efi/fwupdx64.efi

any suggestions what level of integration you'd like? I could add a secure-boot fwupd or?

[KenMacD]

Thank you, It's now signed, but I know I'm going to forget to sign the new version when it's updated, so I was mainly looking for a pacman hook.

[gdamjan]

I guess it doesn't hurt to add the hook in the package

[gdamjan]

something like this? https://github.com/gdamjan/secure-boot/commit/813db2467ca2aa8b7a98c5990cabf9729adb713d

[KenMacD]

Looks great to me!

[gdamjan]

Sorry for out-of-date aur version, I'm trying to consolidate the master branch here, and the AUR branch there. not the easiest thing to do :/