One Paragraph of project description goes here
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes. See deployment for notes on how to deploy the project on a live system.
clueskee
clueskee
/ README-Template.md
Created
April 19, 2020 11:25
— forked from PurpleBooth/README-Template.md
A template to make good README.md
clueskee
/ ignorelist
Created
November 23, 2020 17:40
— forked from rubo77/ignorelist
This ignorelist can be used to backup your home folder without useless folders and files, see http://askubuntu.com/a/545676/34298
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # rsync-homedir-excludes | |
| # | |
| # A list of files to exclude when backing up *nix home directories using rsync. | |
| # | |
| # Author: Ruben Barkow <https://gist.github.com/rubo77> (original) | |
| # Version: 2015-08-30 | |
| # Website: https://gist.github.com/rubo77/8ffaadbc58ab099d2bc3 | |
| # the repository has moved to github |
clueskee
/ dkms-kmod-auto-mok-signing.md
Created
August 6, 2021 20:53
— forked from lijikun/dkms-kmod-auto-mok-signing.md
Automatic Signing of DKMS-Generated Kernel Modules for Secure Boot
Automatic Signing of DKMS-Generated Kernel Modules for Secure Boot (Nvidia Driver on CentOS 8 as Example)
First I thank Nvidia for sponsoring the video card.
Secure Boot isn't exactly easy to configure to work with Linux and disabling it isn't really a good idea. Many modern Linux distributions provide the Microsoft-signed shim EFI binary to interpose between Secure Boot and the grub2 bootloader, making booting Linux easy enough if you only ever use kernels and drivers from the official repos. Still, enabling Secure Boot prevents the loading of kernel or modules without a proper digital signature. For example, the propriatary Nvidia GPU driver won't work, unless your distro really went to great lengths to distribute a signed version of the kernel module.
To make Secure Boot play nicely with the driver (i.e. to work at all), we can generate and import a Machine Owner Key (MOK)
clueskee
/ dkms-module-signing.md
Created
August 8, 2021 19:34
— forked from sbueringer/dkms-module-signing.md
Make DKMS sign kernel modules on installation, with full script support and somewhat distro independent
On systems with UEFI Secure Boot enabled, recent Linux kernels will only load signed modules, so it's about time DKMS grew the capability to sign modules it's building.
These scripts are extended and scriptified variants of https://computerlinguist.org/make-dkms-sign-kernel-modules-for-secure-boot-on-ubuntu-1604.html and https://askubuntu.com/questions/760671/could-not-load-vboxdrv-after-upgrade-to-ubuntu-16-04-and-i-want-to-keep-secur/768310#768310 and add some error checking, a passphrase around your signing key, and support for compressed modules.
dkms-sign-module is a wrapper for the more generic sign-modules which can also be used outside of DKMS.
- Create a directory under
/root, say/root/module-signing, put the three scripts below in there and make them executable:chmod u+x one-time-setup sign-modules dkms-sign-module