Comment 0 for bug 1829029

Already discussed by e-mail/IRC with Matthieu. We (the VirtualBox team) would like to call update-secureboot-policy to enroll a signing key when we install our host kernel modules on Ubuntu/Debian systems. However, currently the tool exits if no DKMS modules are found. This patch would add a "--force" parameter which would let us call the tool interactively as part of our installation scripts even if DKMS was not installed. Not sure how or if we should handle the new DKMS list in non-interactive mode.

ProblemType: Bug
DistroRelease: Ubuntu 19.04
Package: shim-signed 1.39+15+1533136590.3beb971-0ubuntu1
ProcVersionSignature: Ubuntu 5.0.0-13.14-generic 5.0.6
Uname: Linux 5.0.0-13-generic x86_64
.proc.sys.kernel.moksbstate_disabled: Error: [Errno 2] Нет такого файла или каталога: '/proc/sys/kernel/moksbstate_disabled'
ApportVersion: 2.20.10-0ubuntu27
Architecture: amd64
CasperVersion: 1.405
CurrentDesktop: ubuntu:GNOME
Date: Tue May 14 16:56:38 2019
EFITables:
 Mai 13 11:05:20 michael-ThinkPad-T470 kernel: efi: EFI v2.50 by Lenovo
 Mai 13 11:05:20 michael-ThinkPad-T470 kernel: efi: SMBIOS=0x9a6d8000 SMBIOS 3.0=0x9a6d5000 ACPI=0x9b5fe000 ACPI 2.0=0x9b5fe014 ESRT=0x9a5a2000 MEMATTR=0x9532e298 TPMEventLog=0x8e96d018
 Mai 13 11:05:20 michael-ThinkPad-T470 kernel: secureboot: Secure boot enabled
 Mai 13 11:05:20 michael-ThinkPad-T470 kernel: esrt: Reserving ESRT space from 0x000000009a5a2000 to 0x000000009a5a2088.
 Mai 13 11:05:21 michael-ThinkPad-T470 kernel: Bluetooth: hci0: Secure boot is enabled
InstallationDate: Installed on 2018-06-12 (335 days ago)
InstallationMedia: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
LiveMediaBuild: Ubuntu 18.04 LTS "Bionic Beaver" - Release amd64 (20180426)
SecureBoot: 6 0 0 0 1
SourcePackage: shim-signed
UpgradeStatus: Upgraded to disco on 2019-03-26 (49 days ago)