kurtbahartr · April 23, 2025 11:46
diff --git a/sign-mok.sh b/sign-mok.sh
 #!/bin/bash

 if [[ "$@" =~ ^-h$ ]] || [[ "$@" =~ ^-h\  ]] || [[ "$@" =~ \ -h\  ]] || [[ "$@" =~ \ -h$ ]]; then
  echo "usage: sign-mok.sh /path/to/module.ko ..."
  echo ""
  echo "kmodsign usually accepts only one module per invocation."
  echo "This script works with multiple modules because we work around this limitation with a for loop."
  exit
 fi

 if [ "$2" != "" ]; then
  echo "kmodsign usually accepts only one module per invocation."
  echo "This script works with multiple modules because we work around this limitation with a for loop."
 fi

 for module in $@; do
  echo "Signing $module..."
  [ -f "$module" ] && sudo kmodsign sha512 /var/lib/shim-signed/mok/MOK.{priv,der} $module && echo "Signed $module." || echo "Could not sign $module."
 done
	#!/bin/bash

	if [[ "$@" =~ ^-h$ ]] \|\| [[ "$@" =~ ^-h\ ]] \|\| [[ "$@" =~ \ -h\ ]] \|\| [[ "$@" =~ \ -h$ ]]; then
	echo "usage: sign-mok.sh /path/to/module.ko ..."
	echo ""
	echo "kmodsign usually accepts only one module per invocation."
	echo "This script works with multiple modules because we work around this limitation with a for loop."
	exit
	fi

	if [ "$2" != "" ]; then
	echo "kmodsign usually accepts only one module per invocation."
	echo "This script works with multiple modules because we work around this limitation with a for loop."
	fi

	for module in $@; do
	echo "Signing $module..."
	[ -f "$module" ] && sudo kmodsign sha512 /var/lib/shim-signed/mok/MOK.{priv,der} $module && echo "Signed $module." \|\| echo "Could not sign $module."
	done