1 files changed, 60 insertions, 0 deletions

diff --git a/lx-trainer-vm/make_lxtrainer_secureboot.sh b/lx-trainer-vm/make_lxtrainer_secureboot.sh
new file mode 100755
index 0000000..1b77bc9
--- /dev/null
+++ b/lx-trainer-vm/make_lxtrainer_secureboot.sh
@@ -0,0 +1,60 @@
+#!/bin/sh
+set -e
+
+MAIN="http://de.archive.ubuntu.com/ubuntu/pool/main"
+
+if [ ! -f "lx-trainer.img" ]; then
+	echo "error: lx-trainer.img missing"
+	exit 1
+fi
+
+if [ `id -u` -ne 0 ]; then
+	echo "sorry, must run as root"
+	exit 1
+fi
+
+# prepare temp space
+TMPD="/tmp/tmp-lxtrainer-uefi"
+rm -rf $TMPD
+mkdir -p $TMPD
+
+# download signed uefi packages from ubuntu
+wget --continue $MAIN/g/grub2/grub-common_2.02~beta3-4ubuntu7_amd64.deb -O $TMPD/1.deb
+wget --continue $MAIN/g/grub2-signed/grub-efi-amd64-signed_1.85+2.02~beta3-4ubuntu7_amd64.deb -O $TMPD/2.deb
+wget --continue $MAIN/s/shim-signed/shim-signed_1.32+0.9+1474479173.6c180c6-1ubuntu1_amd64.deb -O $TMPD/3.deb
+
+# unpack packages
+dpkg -x $TMPD/1.deb $TMPD/1
+dpkg -x $TMPD/2.deb $TMPD/2
+dpkg -x $TMPD/3.deb $TMPD/3
+
+# setup loop device for image
+DEV=`sudo losetup --show -P -f lx-trainer.img`
+
+# extract grub.cfg from image
+sudo mount ${DEV}p3 /mnt
+cp /mnt/boot/grub/grub.cfg $TMPD/
+sudo umount /mnt
+
+# setup uefi partition
+sudo mount ${DEV}p2 /mnt
+if [ -d "/mnt/EFI/BOOT" ]; then
+	sudo mkdir -p /mnt/EFI/ubuntu
+	sudo mkdir -p /mnt/EFI/ubuntu/fonts
+	if [ -f "/mnt/EFI/BOOT/BOOTX64.EFI" ]; then
+		sudo mv /mnt/EFI/BOOT/BOOTX64.EFI /mnt/EFI/BOOT/BOOTX64.EFI.debian
+	fi
+	sudo cp $TMPD/1/usr/share/grub/unicode.pf2 /mnt/EFI/ubuntu/fonts/
+	sudo cp $TMPD/2/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed /mnt/EFI/BOOT/grubx64.efi
+	sudo cp $TMPD/3/usr/lib/shim/shimx64.efi.signed /mnt/EFI/BOOT/BOOTX64.EFI
+	sudo cp $TMPD/grub.cfg /mnt/EFI/ubuntu/
+else
+	echo "error: no UEFI found on lx-trainer.img"
+fi
+sudo umount /mnt
+
+# cleanup loop device
+sudo losetup -d $DEV
+
+# cleanup temp space
+rm -rf $TMPD