1 unstable release
0.0.1 | Aug 30, 2023 |
---|
#59 in #unified
16KB
sdsb - Self-Determination for Secure Boot
This program is designed to provide a simpler framework for creating kernels with different initramfs generators (such as mkinitcpio
, dracut
and booster
), embedding them in Unified Kernel Images, and generating a configured bootloader to load these images from boot.
It uses sbctl
(or potentially some other framework) to use your own Secure Boot keys to lock down the entire boot chain. The idea is to do this in a relatively declarative manner that can ideally replace the various messy ad-hoc scripts used for generating bootloader configurations which have mixed support for non-mkinitcpio generators on Arch or other distributions.
This program is significantly influenced by the contents of the Controlling Secure Boot page by Rod Smith
Dependencies
~0.5–1.1MB
~25K SLoC