Not quite sure but looks it will get executed also on kernel uninstall :) Now, need to address Nvidia packages updates.
#!/bin/sh DKMS_DIR=/lib/modules/$1/updates/dkms KEYS_DIR=/opt/sign SIGN_CMD=/usr/src/linux-headers-$1/scripts/sign-file for file in $DKMS_DIR/*.ko do $SIGN_CMD sha256 $KEYS_DIR/MOK.priv $KEYS_DIR/MOK.der "$file" > /dev/null 2>&1 done exit 0
Tuesday, January 31, 2017
Automate DKMS modules signing in Linux
Some time ago I have managed to sign DKMS Nvidia modules with generated keys and upload those to UEFI. Of course, I had to sign modules every time they've been rebuilt, i.e. when kernel or nvidia driver gets updated. So after few kernel updates I have decided to automate the task via postinst.d hook.