Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

Apt upgrade hangs on DKMS sign tool invocation

Ask for help with issues regarding the Installations of the Debian O/S.
Post Reply
Message
Author
IT-Nerd
Posts: 9
Joined: 2014-03-23 23:44

Apt upgrade hangs on DKMS sign tool invocation

#1 Post by IT-Nerd »

Hello everyone. I have successfully used the guides here:

https://wiki.debian.org/SecureBoot
https://wiki.ubuntu.com/UEFI/SecureBoot
https://wiki.archlinux.org/title/Unifie ... ecure_Boot

in order to create Machine Owner keys and sign during DKMS post installation any kernel modules required, currently the Nvidia driver package modules.
I have been using this process for quite some time, my Kernel Module signing script is:

Code: Select all

#!/bin/bash

###############################################################################
# Linux Kernel DKMS Module Signing script hook
###############################################################################

readonly KERNEL_VERSION="${1}"
readonly MODULE_FILEPATH="${2}"
readonly SIGN_TOOL="/usr/src/linux-headers-${KERNEL_VERSION}/scripts/sign-file"
readonly SIGN_ALGORITHM="sha256"
readonly PRIVATE_KEY="/var/lib/shim-signed/mok/MOK.priv"
readonly PUBLIC_KEY="/var/lib/shim-signed/mok/MOK.der"

echo "Linux Kernel version: ${KERNEL_VERSION} - Signing module ${MODULE_FILEPATH}"
echo "SIGN_TOOL: ${SIGN_TOOL}"

# Read passphrase
echo -n "Passphrase for the private key: "
read -r KBUILD_SIGN_PIN
export KBUILD_SIGN_PIN

"${SIGN_TOOL}" "${SIGN_ALGORITHM}" \
"${PRIVATE_KEY}" "${PUBLIC_KEY}" \
"${MODULE_FILEPATH}" \
|| exit 1

exit 0
and my

Code: Select all

/etc/dkms/framework.conf
is set to point to this script:

Code: Select all

sign_tool="/root/sign-dkms-modules.sh"
I tried today to perform an Apt upgrade and the process hangs during invocation of the script. Process output showcases the following process chain:

Code: Select all

sudo -> apt -> dpkg -> nvidia-kernel-d -> frontend -> common.postinst -> dkms -> dkms -> sign-dkms-modules.sh
The echo command of my script is not printed at all and even if I set +x to the script nothing is printed. Has anything changed in the DKMS signing process lately?
Top
user6c57b8
Posts: 19
Joined: 2022-05-31 16:19
Has thanked: 5 times

Re: Apt upgrade hangs on DKMS sign tool invocation

#2 Post by user6c57b8 »

If I were you (because I'm a 900% fan of sanity checks) I'd make your script something like this:

Code: Select all

#!/bin/sh
echo 'Hello, World! STDOUT'
echo 'Hello, World! STDERR' >&2
as /root/sign-dkms-modules.sh then:

Code: Select all

sudo chmod 0777 /root/sign-dkms-modules.sh
/root/sign-dkms-modules.sh #give it a whirl
And then see if the code runs when it's suppose to.
Top
Post Reply

Return to “Installation”