Closed RENANZG closed 1 year ago
[b]I'm pretty sure it has to do with DKMS, as the Debian Wiki tutorial confused me. [/b]
Some possible causes:
Cause:: Kernel module was at two different locations. I found this strange situation:
user@debian:~$ sudo ls /lib/modules/
6.1.0-10-amd64 6.1.0-11-amd64
user@debian:~$ sudo ls /var/lib/dkms
user@debian:~$ sudo ls /boot
config-6.1.0-10-amd64 keyfile.gpg
config-6.1.0-11-amd64 lost+found
efi System.map-6.1.0-10-amd64
grub System.map-6.1.0-11-amd64
initrd.img-6.1.0-10-amd64 vmlinuz-6.1.0-10-amd64
initrd.img-6.1.0-11-amd64 vmlinuz-6.1.0-11-amd64
user@debian:~$ sudo modprobe -v rtw_8723du
insmod /lib/modules/6.1.0-11-amd64/kernel/drivers/net/wireless/realtek/rtw88/rtw_usb.ko
modprobe: ERROR: could not insert 'rtw_8723du': Key was rejected by service
Other signated driver "de", much more estrange:
user@debian:~$ sudo modprobe -v rtw_8723de
insmod /lib/modules/6.1.0-11-amd64/kernel/drivers/net/wireless/realtek/rtw88/rtw_pci.ko
insmod /lib/modules/6.1.0-11-amd64/kernel/drivers/net/wireless/realtek/rtw88/rtw_8723de.ko
user@debian:~$ sudo modprobe -v rtw_8723de
????????????SHOW ONLY ONE TIME?????????????????????????
Cause: need to create a X.509 key pair (a public key and a corresponding secret key) to use as a MOK.
Cause: Error with DKMS "With the current state of the DKMS package, if a user attempts to install any package that includes a third-party driver (Broadcom WiFi, VirtualBox, v4l2loobpack, etc.), the process of signing the newly built driver with a MOK key will fail silently. This means that any packages and hardware that require third-party drivers are currently unusable on a system with Secure Boot. This bug has been tested and verified to occur with the bcmwl-kernel-source package, but also is very likely to affect any other packages that use DKMS modules."
I think I'll try to do everything from scratch (again).
Hihi, I found a friend of yours: https://github.com/lcp/mokutil
References: https://askubuntu.com/questions/1437877/signed-kernel-module-not-accepted https://unix.stackexchange.com/questions/751517/insmod-causes-key-rejected-by-service https://askubuntu.com/questions/762254/why-do-i-get-required-key-not-available-when-install-3rd-party-kernel-modules https://bugs.launchpad.net/ubuntu/+source/dkms/+bug/1991725 https://bugs.launchpad.net/ubuntu/+source/v4l2loopback/+bug/1991584 https://discourse.ubuntu.com/t/dkms-package-support-extra-drivers-does-not-work-in-ubuntu-22-10-install-media/31655
Neither is this a bug in shim nor is this a support forum for how to sign third-party kernel modules, so closing.
You maintain an important repository for Linux and its philosophy of freedom (or for corporate servers?). So, it is necessary to adopt standards, or guidelines, for Linux distributions from the beginning (literally from the "bootloader") that guarantee a more user-friendly use for the common user.
The Unix philosophy is documented by Doug McIlroy[1] in the Bell System Technical Journal from 1978:[2]
- Make each program do one thing well. To do a new job, build afresh rather than complicate old programs by adding new "features".
- Expect the output of every program to become the input to another, as yet unknown, program. Don't clutter output with extraneous information. Avoid stringently columnar or binary input formats. Don't insist on interactive input.
- Design and build software, even operating systems, to be tried early, ideally within weeks. Don't hesitate to throw away the clumsy parts and rebuild them.
- Use tools in preference to unskilled help to lighten a programming task, even if you have to detour to build the tools and expect to throw some of them out after you've finished using them.
Thanks
I don't know who to turn to so I found this repository (repository of experts...). I'm learning how to use linux (and almost becoming an software engineer... im so tired...).
I still can't sign the Kernel in Secure Boot or the wifi module.
As for the kernel:
As for wifi:
I had already reported here, but no solution: Make sign-install - Debian 12 - linux-headers-6.1.0-11-amd64 #159 https://github.com/lwfinger/rtw88/issues/159
He said:
And reported here, but no solutions: [Not Solved] Secure boot error - Can't load key - Permission denied https://forums.debian.net/viewtopic.php?p=780025#p780025
THANKS !!!!