Created
December 8, 2021 10:01
-
-
Save lilian-benoit/1d86a50620ca560854631ff5008e4533 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
#------------------------------------------------------------------------ | |
# Script permettant de signer les modules virtualbox sur Debian | |
# | |
# (script inspiré par | |
# https://gist.github.com/reillysiemens/ac6bea1e6c7684d62f544bd79b2182a4) | |
# | |
# description: Script permettant de signer les modules | |
# version : 1.1.0 | |
# processname: sign-vbox-modules | |
#------------------------------------------------------------------------ | |
# history : | |
# 1.0.0 | 29/02/2020 (LB) - Création du programme initial | |
# 1.1.0 | 21/08/2021 (LB) - Passage au noyau 5.10 | |
readonly name="$(basename $0)" | |
readonly dirname="$(dirname $0)" | |
readonly hash_algo='sha256' | |
readonly key="${dirname}/MOK.priv" | |
readonly x509="${dirname}/MOK.der" | |
readonly esc='\\e' | |
readonly reset="${esc}[0m" | |
green() { local string="${1}"; echo "${esc}[32m${string}${reset}"; } | |
blue() { local string="${1}"; echo "${esc}[34m${string}${reset}"; } | |
log() { local string="${1}"; echo "[$(blue $name)] ${string}"; } | |
# The exact location of `sign-file` might vary depending on your platform. | |
#alias sign-file="/usr/lib/linux-kbuild-4.19/scripts/sign-file" | |
alias sign-file="/usr/lib/linux-kbuild-5.10/scripts/sign-file" | |
[ -z "${KBUILD_SIGN_PIN}" ] && read -p "Passphrase for ${key}: " KBUILD_SIGN_PIN | |
export KBUILD_SIGN_PIN | |
for module in $(dirname $(modinfo -n vboxdrv))/*.ko; do | |
log "Signing $(green ${module})..." | |
sign-file "${hash_algo}" "${key}" "${x509}" "${module}" | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment