nix/modules/lanzaboote.nix

@@ -21,14 +21,13 @@ in
     enable = mkEnableOption "Enable the LANZABOOTE";
 
     enrollKeys = mkEnableOption "Automatic enrollment of the keys using sbctl";
-    createKeys = mkEnableOption "Automatic creation of the keys using sbctl";
 
     configurationLimit = mkOption {
       default = config.boot.loader.systemd-boot.configurationLimit;
       defaultText = "config.boot.loader.systemd-boot.configurationLimit";
       example = 120;
       type = types.nullOr types.int;
-      description = ''
+      description = lib.mdDoc ''
         Maximum number of latest generations in the boot menu.
         Useful to prevent boot partition running out of disk space.
 
@@ -111,10 +110,6 @@ in
     boot.loader.external = {
       enable = true;
       installHook = pkgs.writeShellScript "bootinstall" ''
-        ${optionalString cfg.createKeys ''
-          ${pkgs.sbctl}/bin/sbctl create-keys
-        ''}
-
         ${optionalString cfg.enrollKeys ''
           mkdir -p /tmp/pki
           cp -r ${cfg.pkiBundle}/* /tmp/pki

rust/tool/Cargo.lock

@@ -67,9 +67,9 @@ dependencies = [
 
 [[package]]
 name = "anyhow"
-version = "1.0.82"
+version = "1.0.81"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f538837af36e6f6a9be0faa67f9a314f8119e4e4b5867c6ab40ed60360142519"
+checksum = "0952808a6c2afd1aa8947271f3a60f1a6763c7b912d210184c5149b5cf147247"
 
 [[package]]
 name = "assert_cmd"
@@ -299,9 +299,9 @@ dependencies = [
 
 [[package]]
 name = "expect-test"
-version = "1.5.0"
+version = "1.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9e0be0a561335815e06dab7c62e50353134c796e7a6155402a64bcff66b6a5e0"
+checksum = "30d9eafeadd538e68fb28016364c9732d78e420b9ff8853fa5e4058861e9f8d3"
 dependencies = [
  "dissimilar",
  "once_cell",
@@ -698,9 +698,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.115"
+version = "1.0.114"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "12dc5c46daa8e9fdf4f5e71b6cf9a53f2487da0e86e55808e2d35539666497dd"
+checksum = "c5f09b1bd632ef549eaa9f60a1f8de742bdbc698e6cee2095fc84dde5f549ae0"
 dependencies = [
  "itoa",
  "ryu",

rust/tool/systemd/Cargo.toml

@@ -6,21 +6,21 @@ edition = "2021"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
-anyhow = "1.0.82"
+anyhow = "1.0.81"
 base32ct = { version = "0.2.0", features = ["alloc"] }
 stderrlog = "0.6.0"
 log = { version = "0.4.21", features = ["std"] }
 clap = { version = "4.5.4", features = ["derive"] }
 lanzaboote_tool = { path = "../shared" }
 indoc = "2.0.5"
-serde_json = "1.0.115"
+serde_json = "1.0.114"
 sha2 = "0.10.8"
 tempfile = "3.10.1"
 nix = { version = "0.28.0", default-features = false, features = [ "fs" ] }
 
 [dev-dependencies]
 assert_cmd = "2.0.14"
-expect-test = "1.5.0"
+expect-test = "1.4.1"
 filetime = "0.2.23"
 rand = "0.8.5"
 goblin = "0.7.1"

rust/uefi/Cargo.lock

@@ -31,9 +31,9 @@ checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
 [[package]]
 name = "cpio"
-version = "0.3.0"
+version = "0.2.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "60f1e083e4cca56002af53561ec885d6de310b60515f525e0bc093d14515908c"
+checksum = "27e77cfc4543efb4837662cb7cd53464ae66f0fd5c708d71e0f338b1c11d62d3"
 
 [[package]]
 name = "cpufeatures"

rust/uefi/pio/Cargo.toml

@@ -10,4 +10,4 @@ embedded-io = { version = "0.6.1", features = [ "alloc" ] }
 snafu = { version = "0.8.2", default-features = false }
 
 [dev-dependencies]
-cpio = "0.3.0"
+cpio = "0.2.2"