mirror of
https://github.com/Bandie/grub2-signing-extension.git
synced 2024-04-01 15:51:26 +00:00
33 lines
765 B
Bash
Executable File
33 lines
765 B
Bash
Executable File
#!/bin/bash
|
|
# grub2-unsign
|
|
# Unsigns every file in /boot. Depends on grub2-verify
|
|
# Author: Bandie
|
|
# Licence: GNU-GPLv3
|
|
|
|
# Check if something is wrong
|
|
grub-verify
|
|
stat=$?
|
|
case "$stat" in
|
|
1)
|
|
printf '%s\n' "grub2-verify has detected a one or more bad signatures." "Please check for malicious software before you're unsigning everything!" >&2
|
|
exit 1
|
|
;;
|
|
2)
|
|
printf 'Everything is unsigned already.\n'
|
|
exit 0
|
|
;;
|
|
3)
|
|
printf 'Ignoring missing signatures...\n'
|
|
;&
|
|
0|3)
|
|
# Then remove the signatures.
|
|
find /boot -name '*.sig' -exec rm {} +
|
|
|
|
echo "GRUB2 unsigned. WARNING: If you want to deactivate GRUB2's signature feature, change the check_signatures variable in the headers file!"
|
|
exit 0
|
|
;;
|
|
*)
|
|
printf 'Something unknown happened!\n'
|
|
exit 99
|
|
esac
|