Skip to content

Commit

Permalink
fix(modsign): load keys to correct keyring
Browse files Browse the repository at this point in the history
Until now, 03modsign module was loading keys from /lib/modules/keys/* into the
current session keyring.
This change makes it add keys to the secondary trusted keyring. This works
only as long as added certificate is signed by key from the same keyring.
  • Loading branch information
webczat authored and LaszloGombos committed Jun 28, 2023
1 parent 179e1a9 commit b7ef130
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules.d/03modsign/load-modsign-keys.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,5 @@

for x in /lib/modules/keys/*; do
[ "${x}" = "/lib/modules/keys/*" ] && break
keyctl padd asymmetric "" @s < "${x}"
keyctl padd asymmetric "" %:.secondary_trusted_keys < "${x}"
done

0 comments on commit b7ef130

Please sign in to comment.