I run
LinuxMint21 and when I run fwupdmgr update, it exit with 1 (error). But there's no error on STDERR. Any clue?
My system is up to date.
$ uname -a
Linux box 5.15.0-67-generic #74-Ubuntu SMP Wed Feb 22 14:14:39 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux# tree /boot/efi/
/boot/efi/
└── EFI
├── BOOT
│ ├── BOOTX64.EFI
│ ├── fbx64.efi
│ └── mmx64.efi
├── debian
│ ├── BOOTX64.CSV
│ ├── fbx64.efi
│ ├── grub.cfg
│ ├── grubx64.efi
│ ├── mmx64.efi
│ └── shimx64.efi
└── ubuntu
├── BOOTX64.CSV
├── fw
│ └── fwupd-0123456789abcdef.cap
├── fwupdx64.efi
├── grub.cfg
├── grubx64.efi
├── mmx64.efi
└── shimx64.efi
5 directories, 16 files# fwupdmgr update
Devices with no available firmware updates:
• UEFI Device Firmware
• UEFI Device Firmware
• UEFI Device Firmware
Devices with the latest available firmware version:
• MZVLB512HBJQ-000L7
• System Firmware
╔══════════════════════════════════════════════════════════════════════════════╗
║ Upgrade UEFI dbx from 77 to 217? ║
╠══════════════════════════════════════════════════════════════════════════════╣
║ This updates the dbx to the latest release from Microsoft which adds ║
║ insecure versions of grub and shim to the list of forbidden signatures due ║
║ to multiple discovered security updates. ║
║ ║
║ Before installing the update, fwupd will check for any affected executables ║
║ in the ESP and will refuse to update if it finds any boot binaries signed ║
║ with any of the forbidden signatures.If the installation fails, you will ║
║ need to update shim and grub packages before the update can be deployed. ║
║ ║
║ Once you have installed this dbx update, any DVD or USB installer images ║
║ signed with the old signatures may not work correctly.You may have to ║
║ temporarily turn off secure boot when using recovery or installation media, ║
║ if new images have not been made available by your distribution. ║
║ ║
║ UEFI dbx and all connected devices may not be usable while updating. ║
╚══════════════════════════════════════════════════════════════════════════════╝
Perform operation? [Y|n]:
Downloading… [***************************************]
Downloading… [***************************************]
Decompressing… [***************************************]
Decompressing… [***************************************]
Authenticating… [***************************************]
Authenticating… [***************************************]
Restarting device… [***************************************]
Writing… [***************************************]
Decompressing… [***************************************]
Blocked executable in the ESP, ensure grub and shim are up to date: /boot/efi/EFI/debian/shimx64.efi Authenticode checksum [0123456789abcdef] is present in dbx# fwupdmgr --version
runtime org.freedesktop.fwupd 1.7.9
runtime com.dell.libsmbios 2.4
compile org.freedesktop.gusb 0.3.10
runtime org.kernel 5.15.0-67-generic
compile com.hughsie.libjcat 0.1.9
compile org.freedesktop.fwupd 1.7.9
runtime org.freedesktop.gusb 0.3.10# fwupdmgr get-upgrades
│
└─UEFI dbx:
│ Device ID: 0123456789abcdef
│ Summary: UEFI revocation database
│ Current version: 77
│ Minimum Version: 77
│ Vendor: UEFI:Linux Foundation
│ Install Duration: 1 second
│ Update State: Transient failure
│ Update Error: Blocked executable in the ESP, ensure grub and shim are up to date: /boot/efi/EFI/debian/shimx64.efi Authenticode checksum [0123456789abcdef] is present in dbx
Asked by Mévatlavé Kraspek
(541 rep)
Mar 18, 2023, 05:22 PM
Last activity: Mar 18, 2023, 06:32 PM
Last activity: Mar 18, 2023, 06:32 PM