mirror of
https://github.com/terrapkg/packages.git
synced 2026-06-01 17:32:18 +00:00
Raboneko
1771477260
(cherry picked from commit 573aef30ca)
Co-authored-by: Gilver <rockgrub@disroot.org>
25 lines
813 B
Bash
25 lines
813 B
Bash
#!/usr/bin/env bash
|
|
|
|
# sbctl-batch-sign is a helper script designed to make it easier for users to sign files needed for Secure Boot support.
|
|
# The obvious case in which this script helps a lot is when dual booting Windows as there are a lot of files by Windows that need to be signed in EFI.
|
|
set -e
|
|
|
|
if [ -f /boot/limine.conf ]; then
|
|
echo "Limine detected, please do not use this script."
|
|
exit 0
|
|
fi
|
|
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
echo "Error: This script must be run with root privileges."
|
|
exit 1
|
|
fi
|
|
|
|
export ESP_PATH=/boot
|
|
sbctl verify 2>/dev/null | awk '/✗/ {print $2}' | while IFS= read -r entry; do
|
|
if [[ "$entry" =~ ^.*/EFI/(Microsoft|Windows) || "$entry" == *.mui || "$entry" == *.dll
|
|
|| "$entry" =~ ^/boot/grub ]]; then
|
|
continue
|
|
fi
|
|
sbctl sign -s "$entry"
|
|
done
|