- Package:
- shim-signed
- Source:
- shim-signed
- Description:
- Secure Boot chain-loading bootloader (Microsoft-signed binary)
- Submitter:
- Marc Riedel
- Date:
- 2026-05-21 11:59:01 UTC
- Severity:
- normal
With the latest changes, the installation of this package fails for now. I drive several self signed systems with all default certificates removed. So please add the possibility to continue the installation - e.g. a button "Acknowledged and continue, I know what I'm doing!".
I pondered doing this when I added the extra checks here. I have to ask - why are you even installing shim-signed on systems with SB enabled but where you've removed the default Microsoft certificates?
Several years ago, when I tried to use the self signed grubx64.efi (grub-efi-amd64-unsigned) it refused to chainload the self signed kernel. So I went with grubx64.efi.signed (grub-efi-amd64-signed), but it depends on shim-signed (shim_lock). Am Do., 21. Mai 2026 um 12:32 Uhr schrieb Steve McIntyre <steve@einval.com>: