mokutil ignores timeout parameter

Ok, I have analyzed mokutil's src code and from what I understood, timeout has to be a single parameter. Of course, it can be changed there, but calling it several times in a row should do not harm either.

Splitting its invocation in two seems to fix the problem; the bug can be reassigned to shim-signed if needed, as the the patch actually modifies that package.

The attachment "shim-signed.diff" seems to be a patch. If it isn't, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are a member of the ~ubuntu-reviewers, unsubscribe the team.

[This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issues please contact him.]

Sorry, mis-clicked sth while browsing, could you please revert back the status?

Thanks.

BTW, is there any help we can provide ensure the fix makes its way to the official 20.04 LTS release (I guess it might be tough I guess, due to release candidate being out today, am I right?), or at least one of the early updates?

This bug was fixed in the package shim-signed - 1.40.3

---------------
shim-signed (1.40.3) focal; urgency=medium

  * Depend on the correct version of grub-signed (LP: #1871895)

 -- Julian Andres Klode <email address hidden> Thu, 09 Apr 2020 20:48:31 +0200

Status changed to 'Confirmed' because the bug affects multiple users.

Hello Aleksander, or anyone else affected,

Accepted shim-signed into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/shim-signed/1.37~18.04.6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Confirmed shim-signed 1.37~18.04.6+15+1533136590.3beb971-0ubuntu1 from bionic-proposed fixes the problem described on this ticket

installed bionic
# apt update
# apt upgrade
edit /etc/apt/source.list to include bionic-proposed
# apt update
# apt install shim-signed
# dpkg -l | grep shim-signed
ii shim-signed 1.37~18.04.6+15+1533136590.3beb971-0ubuntu1 amd64 Secure Boot chain-loading bootloader (Microsoft-signed binary)

Then install dkms firmware
# sudo apt install fwts-efi-runtime-dkms
Got prompt with a menu to set the MOK password

# reboot
Got prompt to enroll the MOK with previous password

Keys shows enrolled
# mokutil --list-enrolled

This bug was fixed in the package shim-signed - 1.37~18.04.6

---------------
shim-signed (1.37~18.04.6) bionic; urgency=medium

  * Pass --timeout -1 to mokutil in a separate mokutil run (LP: #1869187)
    thanks to Aleksander Miera for the patch.

shim-signed (1.37~18.04.5) bionic; urgency=medium

  * Fix versioned dependency on mokutil so that it matches the version in
    bionic-updates. LP: #1862632.

shim-signed (1.37~18.04.4) bionic; urgency=medium

  * Pass --timeout -1 to mokutil so that users don't end up with broken
    systems by missing MokManager on reboot after install. LP: #1856422.
  * Add a versioned dependency on the mokutil that introduces --timeout.

 -- Matthieu Clemenceau <email address hidden> Fri, 10 Jul 2020 14:27:41 -0500

The verification of the Stable Release Update for shim-signed has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

This bug is _not_ fixed in groovy, only in stable releases

This bug was fixed in the package shim-signed - 1.45

---------------
shim-signed (1.45) groovy; urgency=medium

  * Merge back changes from focal that got lost in the shim revert, as
    groovy carried on from the reverted 1.41 upload and did not merge
    back 1.40.{1,2,3}:
    - Depend on the correct version of grub-signed (LP: #1871895)
    - Install grub to multiple ESPs (LP: #1871821)
    - Pass --timeout -1 to mokutil in a separate mokutil run (LP: #1869187),
      thanks to Aleksander Miera for the patch.

 -- Julian Andres Klode <email address hidden> Wed, 21 Oct 2020 11:02:12 +0200

The Groovy Gorilla has reached end of life, so this bug will not be fixed for that release