Need help

[daddacorn2019]

I need help signing a pop os and I get all the way to where I need to reboot but the mok manager doesn't load upon reboot and I'm stumped can anyone help me out

[lcp]

Is there any error message from MokManager?

[daddacorn2019]

Non at all , it all goes fine until you restart the computer into the mokmanager in which it doesn't at all. I popped another distro in which was Ubuntu on a live USB and immediately the mokmanager came up but it didn't work since I had pop os installed not Ubuntu. I've been doin a little reading that it's possibly because pop os uses system md but that's being my knowledge of getting it to work I just haven't been able to figure it out yet

[lcp]

Could you paste the result of "efibootmgr -v"? I'd like to know which bootloader is used in your system.

[daddacorn2019]

Ok I'm not home at the exact moment but I'll get it done by tomorrow I appreciate your willingness to help thanks alot seriously

[daddacorn2019]

thomas@pop-os:~$ efibootmgr -v BootCurrent: 0002 Timeout: 0 seconds BootOrder: 0002,2001,0000,2002 Boot0000 HDD: KBG30ZPZ128G TOSHIBA PciRoot(0x0)/Pci(0x1c,0x6)/Pci(0x0,0x0)/NVMe(0x1,00-08-0D-04-00-3D-2B-22)/HD(1,GPT,ce9af72f-381d-4f5b-bdeb-316d5cde2f70,0x1000,0xf8fff)RC Boot0002 Pop!_OS 19.10 HD(1,GPT,ce9af72f-381d-4f5b-bdeb-316d5cde2f70,0x1000,0xf8fff)/File(\EFI\systemd\systemd-bootx64.efi) Boot2001 EFI USB Device RC Boot2002 EFI Network RC

so im already booted into the surface kernel ive just edited some boot files to redirect me into from the original kernel. like i said i can use the mokutil all the way until its supposed to reboot into the mokmanager which it doesnt .

[lcp]

I wonder if systemd bootloader supports MOK. You would need tbe shim bootloader installed to make MOK work.

[daddacorn2019]

Is there anyway that I can check if it's already installed? What I pasted on here does it look normal or is it like I thought with system md being a bother I can only understand I little of what I'm looking at such as the not order

[lcp]

Usually shim will be installed in the EFI system partition and the name would be either shimx64.efi or bootx64.efi depending on the distro settings. The boot option in your system shows the bootloader is "systemd-bootx64.efi", so it's likely to be the systemd bootloader.

To be honest, I don't know much about Pop OS and don't know if they package shim or not.

[lcp]

I checked the source code of systemd in systemd/src/boot/efi, and it seems systemd-boot would need shim to handle MOK. Unless shim is loaded before systemd-boot, MOK won't work with systemd-boot.

[daddacorn2019]

Ok , hey thank you for going out your way like that I appreciate it, I've only found a couple work arounds for it that involves downloading a program called rEFInd but some of the directions in it is beyond my scope of knowledge for it. It's ok that red secure boot bar is just announced though and I'm trying to learn so I just gotta read a little more. I'm pretty sure I've found something in the arch wiki about how it handled signing using shim and system md but again it's a steep learning process for me just started using Linux 4 months ago . But again thank you if you ever find anything let me know I'm still gonna be here trying