]> git.ipfire.org Git - thirdparty/mkosi.git/commitdiff
projects / thirdparty / mkosi.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 51704dd)
Only run systemd-keyutil if secure boot key and cert exist
authorDaan De Meyer <daan.j.demeyer@gmail.com>
Sun, 1 Dec 2024 11:00:10 +0000 (12:00 +0100)
committerJörg Behrmann <behrmann@physik.fu-berlin.de>
Sun, 1 Dec 2024 13:57:32 +0000 (14:57 +0100)
mkosi/__init__.py patch | blob | blame | history

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 56cb876ed8eea5698d94136f0bbc01b8a3d0ba47..83d1355decaad30827c00aa3617474829e167362 100644 (file)
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -4265,7 +4265,12 @@ def validate_certificates_and_keys(config: Config) -> None:
             stdout=subprocess.DEVNULL,
         )
 
-    if config.bootable != ConfigFeature.disabled and config.secure_boot:
+    if (
+        config.bootable != ConfigFeature.disabled
+        and config.secure_boot
+        and config.secure_boot_certificate
+        and config.secure_boot_key
+    ):
         run_systemd_sign_tool(
             config,
             cmdline=[keyutil, "validate"],
Mirror of https://github.com/systemd/mkosi.git