diff options
| author | Christian Breunig <christian@breunig.cc> | 2025-03-21 08:37:34 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-03-21 08:37:34 +0100 |
| commit | d552f7f8c38d7ad3bd28d9019a58b57e41b07f0b (patch) | |
| tree | fc2421034e941871e0d233c52bda6992f3e1acc2 /scripts/package-build/linux-kernel/build-kernel.sh | |
| parent | 750951606bbbbdc7c1e21d36a8af8e8ba1b98db9 (diff) | |
| parent | 96f1844557950055aa8f9cd97bd95a6a0b1761b9 (diff) | |
| download | vyos-build-d552f7f8c38d7ad3bd28d9019a58b57e41b07f0b.tar.gz vyos-build-d552f7f8c38d7ad3bd28d9019a58b57e41b07f0b.zip | |
Merge pull request #930 from c-po/T861-secure-boot
T861: minor improvements to secure-boot certificate handling
Diffstat (limited to 'scripts/package-build/linux-kernel/build-kernel.sh')
| -rwxr-xr-x | scripts/package-build/linux-kernel/build-kernel.sh | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/scripts/package-build/linux-kernel/build-kernel.sh b/scripts/package-build/linux-kernel/build-kernel.sh index e3efd127..62dd7829 100755 --- a/scripts/package-build/linux-kernel/build-kernel.sh +++ b/scripts/package-build/linux-kernel/build-kernel.sh @@ -36,12 +36,13 @@ do done # Change name of Signing Cert -sed -i -e "s/CN =.*/CN=VyOS build time autogenerated kernel key/" certs/default_x509.genkey +sed -i -e "s/CN =.*/CN=VyOS Networks build time autogenerated Kernel key/" certs/default_x509.genkey TRUSTED_KEYS_FILE=trusted_keys.pem # start with empty key file echo -n "" > $TRUSTED_KEYS_FILE -CERTS=$(find ../../../../data/live-build-config/includes.chroot/var/lib/shim-signed/mok -name "*.pem" -type f || true) +GIT_ROOT=$(git rev-parse --show-toplevel) +CERTS=$(find ${GIT_ROOT}/data/certificates -name "*.pem" -type f || true) if [ ! -z "${CERTS}" ]; then # add known public keys to Kernel certificate chain for file in $CERTS; do |