Documentation fix

[reitzrobert77]

Fix the following points in the documentation:

• Add a warning note to ask the user to try to do the install on a fresh system.

• As testing if sectpmctl could install Secure Boot keys and provisions the TPM is only possible when it is too late already, add test code in the documentation to try to ensure that sectpmctl would succeed.

That should ensure at leat a bit better that problems with either Secure Boot or the TPM won't lead to an unbootable state. When the bootloader and TPM provisioning is done, the most risky part is completed successfully.

• In installation, using efibootmgr to delete old boot entries, an error could occur

Invalid bootnum value0002 0003

• Tests on ACER devices brought a hole bunch of problems which needs documentation and probably also implementation of quirks

1. Secure Boot can only be put to setup mode if first a BIOS admin password had been set
2. Even if in setup mode, the db list is not empty, but can be cleared by command (should be done automatically)
3. Even if in setup mode, the dbx list is not empty and can not be cleared by command (quirk option to not set dbx is needed)
4. Even if the TPM is cleared, it is not possible to execute tpm2_clear and tpm2_dictionarylockout (quirk option to skip needed)

[reitzrobert77]

Done already in https://github.com/T-Systems-MMS/sectpmctl/issues/19 Handle TPM_RC_PCR_CHANGED