Re: kernel "unsigned" in sid
- Date: Sat, 12 Jan 2019 19:31:11 +0100
- From: dotdeb@xxxxxxxxx
- Subject: Re: kernel "unsigned" in sid
On Fri, Jan 11, 2019 at 3:52 PM Michael Stone <mstone@xxxxxxxxxx> wrote:
How did you get the unsigned kernel installed in the first place? It's
not typically installed, and I don't see any dependencies that would pull
it in. If it weren't installed there'd be no problem. :)
Good question. I upgrade my sid regularly and don't mess with the kernel: I installed the metapackage that depends on the latest kernel and leave the system uprgrade to its convenience.
I have no idea of where this "unsigned" came from. Is it possible that at some point the metapackage depended on it?
If you have
another kernel already installed, boot into that, then replace the
unsigned kernel with the corresponding kernel that lacks the -unsigned
suffix.If you don't have another kernel installed, try installing an
older one or (as you suggested) wait for the next one. In theory you
should be able to just remove the -unsigned and replace it without
having another kernel available, but it's better to have an alternative
in case something goes wrong.
Unfortunately no other kernel installed and, unless I go and dig into snapsot, at the moment in sid no other kernel version number is available.
If I try to install the "signed" version, something unhelty happens because the same /lib/modules/4.19.0-1-amd64/ is shared by the two.
I'll wait for the next one.
-unsigned means that the kernel doesn't come with a signature that can
be used for secure boot. It's part of the build process for the signed
kernels, is a reproducible build, and may have other special-purpose
applications, but it is not generally needed.