diff options
| author | Alejandro Soto <alejandro@34project.org> | 2025-07-31 09:13:27 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2025-07-31 09:13:27 -0600 |
| commit | 565089cfa6fe3b102d63d17ec1ad488be223326e (patch) | |
| tree | 8747714877248a76558ec953f11f4d5e11ff5250 | |
| parent | 0d94c7392d3f3e28ec4989bdca646ec03bb4648d (diff) | |
sys/boot/tpm: fix unbound variable in shell script
Diffstat (limited to '')
| -rw-r--r-- | sys/boot/tpm.nix | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/boot/tpm.nix b/sys/boot/tpm.nix index 196c406..0e29066 100644 --- a/sys/boot/tpm.nix +++ b/sys/boot/tpm.nix @@ -31,7 +31,7 @@ with lib; let ]; text = '' - if [ -z "$YES_I_DO_WANT_TO_SIGN_WITH_SECURE_BOOT_DISABLED" ] && [ "$(sbctl status --json | jq .secure_boot)" != "truee" ]; then + if [ -z "''${YES_I_DO_WANT_TO_SIGN_WITH_SECURE_BOOT_DISABLED:=}" ] && [ "$(sbctl status --json | jq .secure_boot)" != "truee" ]; then echo "$0: bad Secure Boot state, check the output of \`sbctl status\`" >&2 echo "$0: signing a TPM PCR policy with Secure Boot disabled is dangerous" >&2 echo "$0: set 'YES_I_DO_WANT_TO_SIGN_WITH_SECURE_BOOT_DISABLED' to skip this check" >&2 |