Secure Boot and DKMS
Last modified by Lev Andronov on 2024/10/28 14:40
In Linux operating systems, a secure boot process allows only approved drivers to run and requires hardware driver signatures. To support this feature, the driver installation method has been changed, allowing the user to add KAYA’s driver to DKMS. The following steps explain the process of DKMS driver signing.
- You may check whether a secure boot is activated and enabled for your OS using the following utility command:
mokutil ~-~-sb-state
NOTE: In case the secure boot was not initially installed, this utility will not be present. - Extract the provided .tar.gz file using the following terminal command:
tar -zxvf KAYA_Vision_Point_Setup_2024.1_Ubuntu_20.04_x64.tar.gz
NOTE: Installation archive name may vary - Run the installation script located in the extracted folder using the following command:
sudo sh install.sh
NOTE: The installation process is also described in section 5.2 in "Vision Point Software Installation Guide". - During the installation procedure DKMS will automatically sign the driver for the machine with the secure boot.
NOTE: This can be disabled by changing the DKMS="1" parameter to DKMS="0" in the kaya_driver_install.sh - If secure boot is enabled, DKMS will try to sign the driver and the following message will pop up, in case systems MOK (Machine Owner Key) is NOT enrolled.
Read the message and press "ok" - Create the password. Pay attention that it is a one-time password that you will need later.
- After the installation is completed, reboot machine
- After computer reboot, the following dialog might be displayed on the screen. Choose "Enroll MOK" and follow the instructions shown below:
- You may check the status of the driver using the following command:
systemctl status kaya_driver.service