Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash -e
- if [[ $EUID -ne 0 ]]; then
- exec sudo /bin/bash "$0" "$@"
- fi
- CERTDIR=/boot/secureboot
- BOOT_FILES_DIR=/boot/efi/EFI/Microsoft/Boot
- echo "Validating files checksum..."
- md5sum --quiet --check ${BOOT_FILES_DIR}/efi.md5
- CODE=$?
- if [[ $CODE -eq 0 ]]; then
- echo "Checksum check PASSED!"
- exit 0
- else
- echo "Checksum check FAILED, re-signing efi files!"
- fi
- for file in ${BOOT_FILES_DIR}/*.efi
- do
- echo "Found ${file}!"
- mv ${file} ${file}.bak
- /usr/bin/sbsign --key ${CERTDIR}/DB.key --cert ${CERTDIR}/DB.crt --output ${file} ${file}.bak
- done
- md5sum ${BOOT_FILES_DIR}/*.efi > ${BOOT_FILES_DIR}/efi.md5
- echo "efi files were signed!"
- exit 0
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement