ExternalVendorCode/heads
1
0
Fork 0
mirror of https://github.com/linuxboot/heads.git synced 2025-04-06 19:06:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

.ash_history: add history command for manual detached signed integrity validation

Browse Source 
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
This commit is contained in:
Thierry Laurion 2023-10-24 13:14:39 -04:00
parent cf065eeba2
commit b2cb9b4997
No known key found for this signature in database
GPG Key ID: E7B4A71658E36A93
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
initrd/.ash_history
View File

@ -1,3 +1,7 @@
#mount /boot in read-only by default
mount /boot
#verify detached signature of /boot content
find /boot/kexec*.txt | gpg --verify /boot/kexec.sig -
#remove invalid kexec_* signed files
mount /dev/sda1 /boot && mount -o remount,rw /boot && rm /boot/kexec* && mount -o remount,ro /boot
#Generate keys from GPG smartcard: