Hi everyone,
I recently installed Artix with the runit init system and I am loving it! I encrypted my root partition with LUKS1. I wanted to enable secure boot, because I had it off during the installation, so I followed the guide on the Arch Wiki using sbctl. I enabled secure boot and I signed all the efi files of GRUB. However, when I boot with secure boot enabled, GRUB shows errors which go like this:
Enter passphrase for hd0,gpt3:
Attempting to decrypt master key...
Slot 0 opened
error: prohibited by secure boot policy.
Entering rescue mode...
grub rescue>
This has also happened with Arch Linux and Arcolinux. Sbctl shows that all files are signed, so I do not understand why GRUB show the error "prohibited by secure boot policy" when decrypting. Because slot 0 is opened, I think GRUB is able to decrypt the master key but something goes wrong after that. Any ideas?
Thanks!
UPDATE: I found the cause of the problem. I forgot to run grub-install with the --disable-shim-lock option today. Marking this thread as solved.