Your message dated Thu, 2 May 2019 22:49:49 +0200 with message-id <69d67e4e-ac64-b30d-0f21-6682a5c242d1@debian.org> and subject line Re: Bug#925971: release-notes: should mention secure boot in d-i has caused the Debian Bug report #925971, regarding release-notes: should mention secure boot in d-i to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 925971: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925971 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: release-notes: should mention secure boot in d-i
- From: Paul Gevers <elbrus@debian.org>
- Date: Fri, 29 Mar 2019 16:45:20 +0100
- Message-id: <3d7bc92e-b629-32cc-c934-fd5b6116cca8@debian.org>
Package: release-notes X-Debbugs-CC: debian-boot@lists.debian.org As now discussion on the RT sprint, the release notes should probably say something about the work on secure boot. I wouldn't know what to put in, so proposals are welcome. Until that time, I file this bug to not forget. PaulAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---
--- Begin Message ---
- To: Ben Hutchings <ben@decadent.org.uk>, 925971-done@bugs.debian.org, debian-boot <debian-boot@lists.debian.org>
- Subject: Re: Bug#925971: release-notes: should mention secure boot in d-i
- From: Paul Gevers <elbrus@debian.org>
- Date: Thu, 2 May 2019 22:49:49 +0200
- Message-id: <69d67e4e-ac64-b30d-0f21-6682a5c242d1@debian.org>
- In-reply-to: <e04066d56685de5df91e4329d30c5e00f6a23d82.camel@decadent.org.uk>
- References: <3d7bc92e-b629-32cc-c934-fd5b6116cca8@debian.org> <3d7bc92e-b629-32cc-c934-fd5b6116cca8@debian.org> <e04066d56685de5df91e4329d30c5e00f6a23d82.camel@decadent.org.uk>
Hi Ben, Holger, On 22-04-2019 00:25, Ben Hutchings wrote: > On Fri, 2019-03-29 at 16:45 +0100, Paul Gevers wrote: >> Package: release-notes >> X-Debbugs-CC: debian-boot@lists.debian.org >> >> As now discussion on the RT sprint, the release notes should probably >> say something about the work on secure boot. >> >> I wouldn't know what to put in, so proposals are welcome. Until that >> time, I file this bug to not forget. > > I don't have a complete proposed text, but I think the key points to > include are: > > * Secure Boot is a feature enabled on most PCs that prevents loading > unsigned code, protecting against some kinds of bootkit and rootkit. > > * Debian can now be installed and run on most PCs with Secure Boot > enabled. > > * It is possible to enable Secure Boot on a system that has an existing > Debian installation, if it already boots using UEFI. Before doing > this, it's necessary to install shim-signed, grub-efi-amd64-signed or > grub-efi-ia32-signed, and a Linux kernel package from buster. > > * Some features of GRUB and Linux are restricted in Secure Boot mode, > to prevent modifications to their code. > > * More information can be found on the Debian wiki at > <https://wiki.debian.org/SecureBoot>. For now (I do expect improvements after review, but didn't want to wait), I have basically committed the text above: https://salsa.debian.org/ddp-team/release-notes/commit/90a9a34 as well as applied more or less the update proposed by Holger: https://salsa.debian.org/ddp-team/release-notes/commit/f112557 Thanks PaulAttachment: signature.asc
Description: OpenPGP digital signature
--- End Message ---