summaryrefslogtreecommitdiff
path: root/system/efitools/README
diff options
context:
space:
mode:
authorJonathan Li <jonathan dot li at hotmail dot co dot uk>2015-02-08 07:28:36 +0700
committerWilly Sudiarto Raharjo <willysr@slackbuilds.org>2015-02-08 07:28:36 +0700
commit64212ca888562368acc255329294fa0726cb8425 (patch)
treebdfbff17404d985302f78ea23ceacdf0593ce934 /system/efitools/README
parent43f30994a634b679f5d2ea7074f712c62d2c7a57 (diff)
downloadslackbuilds-64212ca888562368acc255329294fa0726cb8425.tar.gz
system/efitools: Added (Tools for manipulating UEFI secure boot).
Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
Diffstat (limited to 'system/efitools/README')
-rw-r--r--system/efitools/README17
1 files changed, 17 insertions, 0 deletions
diff --git a/system/efitools/README b/system/efitools/README
new file mode 100644
index 0000000000..796f9b00d2
--- /dev/null
+++ b/system/efitools/README
@@ -0,0 +1,17 @@
+efitools is a set of tools for manipulating EFI secure boot platforms.
+
+If you ever plan to use LockDown.efi (it's an EFI program that
+installs a predefined set of Secure Boot keys if you run it while your
+machine is in setup mode) you will want to use your own Secure Boot
+keys and maybe specify an owner GUID (in hex). The keys should be placed
+in the SlackBuild directory and named:
+Platform Key public/private keys - PK.crt, PK.key
+Key Exchange public/private keys - KEK.crt, KEK.key
+Signature Database public/private keys - DB.crt, DB.key
+
+and the SlackBuild should be executed using:
+
+GUID=xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx USE_KEYS=yes ./efitools.SlackBuild
+
+It's unlikely that you'll use LockDown.efi and there are alternate methods
+to do what it does, so it's fine just to ignore it.