mirror of
https://github.com/edgelesssys/constellation.git
synced 2024-12-26 16:09:45 -05:00
23 lines
716 B
Plaintext
23 lines
716 B
Plaintext
|
#!/bin/sh
|
||
|
set -euxo pipefail
|
||
|
|
||
|
# This will work in sd-boot 251 to auto-enroll secure boot keys.
|
||
|
# https://www.freedesktop.org/software/systemd/man/systemd-boot.html
|
||
|
# > CHANGES WITH 252 in spe:
|
||
|
# > [...]
|
||
|
# > * sd-boot can automatically enroll SecureBoot keys from files found on
|
||
|
# > the ESP. This enrollment can be either automatic ('force' mode) or
|
||
|
# > controlled by the user ('manual' mode).
|
||
|
# > [...]
|
||
|
#
|
||
|
# echo "secure-boot-enroll force" >> /boot/loader/loader.conf
|
||
|
|
||
|
# create mountpoints in /etc
|
||
|
mkdir -p /etc/{cni,kubernetes}
|
||
|
|
||
|
# move issue files away from /etc
|
||
|
# to allow /run/issue and /run/issue.d to take precedence
|
||
|
mv /etc/issue.d /usr/lib/issue.d || true
|
||
|
rm -f /etc/issue
|
||
|
rm -f /etc/issue.net
|