Skip to content

Update Debian & Archlinux for "sensible" 2026 defaults#1919

Open
funk-on-code wants to merge 3 commits into
quickemu-project:masterfrom
funk-on-code:Update-TPM-and-Secureboot-for-2026<07
Open

Update Debian & Archlinux for "sensible" 2026 defaults#1919
funk-on-code wants to merge 3 commits into
quickemu-project:masterfrom
funk-on-code:Update-TPM-and-Secureboot-for-2026<07

Conversation

@funk-on-code

@funk-on-code funk-on-code commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Both Debian 12 and 13 can boot with both TPM and Secureboot enabled, as can Archlinux 2026.01 and beyond__(last tested with 2026.06.01)__, update the configurations to enable these.

Description

When booting with a host with secureboot or TPM, Ubuntu Server and Debian and Archlinux will occasionally boot directly to PXE and break. Rather than manually editing configurations before first boot, I fixed quickget to automatically apply these defaults instead.

There should probably be a current check for all OSes, I will be checking Ubuntu Desktop's and Tails in the next few weeks, as I have time.

Type of change

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Packaging (updates the packaging)
  • Documentation (updates the documentation)

Checklist:

  • I have performed a self-review of my code
  • I have tested my code in common scenarios and confirmed there are no regressions
  • I have added comments to my code, particularly in hard-to-understand sections (none are required)

Both Debian 12 and 13 can boot with both TPM and Secureboot enabled, as can Archlinux 2026.01 and beyond, update the configurations to enable these.

@cubic-dev-ai cubic-dev-ai Bot left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

All reported issues were addressed across 1 file

Confidence score: 5/5

  • Safe to merge after the addressed issues were fixed.

Reply with feedback, questions, or to request a fix.

Re-trigger cubic

Comment thread quickget
@alexhaydock

Copy link
Copy Markdown
Contributor

If we start enabling Secure Boot by default I'd be keen to make it part of a larger review of compatible distros - if it's done for Arch & Debian then it should be done for Ubuntu, Alma, Rocky, CentOS, Fedora, etc.

Personally I'm in favour of this since I enable it for any VMs I run myself, but there's caveats which might run counter to Quickemu's goal of doing the right thing for most users:

  • Not every host distro is going to ship the firmware with the Microsoft Platform Keys enabled to boot signed shims, so we'd need a fallback method for those platforms

  • We would also need to call it out clearly in the documentation (in case anyone is actually trying to install DKMS packages etc inside the guests)

@funk-on-code

Copy link
Copy Markdown
Contributor Author

Fully agree @alexhaydock -- i've been going through them distro by distro as I have the time, and with things like fedora vs fedora core, there's a lot of updates to this I am interested in adding.

Once i'm done, i'll probably do the reverse too and put legacy boots and update RAM requirements too.

Fixes:

P0: Missing ;; terminator after the debian) case block in make_vm_config(), which causes a shell syntax error when bash parses the script.
…-2026<07-patch-1

Fix upstream's cubic-ai-bot's issues.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants