Score:0

How to install Virtualbox with signed kernel modules

cn flag

I have read Signing Virtualbox modules with EFI Secure Boot enabled. The procedure described there does not work as described with the --reinstall step. There is no detailed prompt. Note that VMware Workstation Pro that also must install kernel modules seems to do the required operations "automagically".

The machine does not have an option in bios to enable legacy boot but requires secure boot. Ubuntu 22.04 LTS booted when first installed on the machine using a blank drive (the OEM MS Windows drive was removed and a blank new drive was installed before installing Ubuntu), and the kernel has been updated whenever Software Updater suggests to do so (typically as a security update) without issue.

However, Virtualbox kernel modules are rejected and Virtualbox is NOT operational. I have not tried the instructions in the above URL concerning mok because the sudo apt-get install virtualbox-dkms --reinstall command did NOT address the issue. (The claimed: The installer prompted me to create the certificate, setup password for in MOK and gave clear instructions to reboot and enroll the certificate in MOK -- did NOT appear). I do not want to make the machine "unbootable".

Is there a virtualbox installation package that solves this issue? If not, are there detailed instructions, "step by step", known to work? Any detailed help, including references/URLs with explicit instructions, greatly would be appreciated. This must be a typical issue with Ubuntu on secure boot systems that need to install kernel modules (e.g., Nvidia proprietary kernel drivers).

After the above question was posted, I have found How To Install VirtualBox On Ubuntu 20.04 that contains a section "NOTE: UEFI Secure Boot Enabled" with the steps "Enroll MOK » Continue » Yes » Enter Password (you have set earlier) » Reboot". Is the above 20.04 set of commands still correct for 22.04? Will these solve the issue?

Score:0
cn flag

As there have been no comments or answers to the above question, I have been forced to do more Web searches and have pieced together what seems actually to work on Ubuntu 22.04 LTS current (as of the date of this posting) with the stock Ubuntu Virtualbox 6.x packages also as of this date.

  1. One must use apt to remove Virtualbox.
  2. One then installs Virtualbox. If the next step does not happen, one must do the --reinstall as specified above (assuming above is not removed/modified by the Powers that Be of this list).
  3. During the (re)install, a non-GUI interface appears (non-GUI means that on the system for which this had to be done, the typical pointing device does not work but rather the TAB key moves to the item that is then highlighted and one must use the ENTER key to select the item). This interface will prompt for what amounts to a password (actually use for public/private key generation, but the generating is "automatic"). As of my system, the password must have at least eight (8) characters, a requirement not revealed until a non-conforming password attempt is made.
  4. The (re)install will proceed with an exception message being generated that the (re)installation failed.
  5. Reboot the machine.
  6. From Secureboot + Ubuntu + VirtualBox Signing kernel modules, I discovered that during the reboot, one will be asked a set of choices, one of which is to Enroll and that choice MUST be made. This also will be a non-GUI "tab" user interface.
  7. (This step should be 6.1, but the auto-format of this list will not produce a new "point" for a 6.1, only a major number increment and thus 8.) To validate that choice, the next prompt will be for the password "you" created in step (3) immediately above, again,a non-GUI "tab" user interface. There is no choice allowing one to see the password (to avoid key entry errors -- a keystroke made in error) and even the placekeeper "*" for each keystroke is not displayed.
  8. Continue with the boot.
  9. Assuming that Virtualbox has been installed under the GUI user interface (in my case, MATE), select Virtualbox, start a virtual machine (in my case, a MS Windows virtual machine that already has been "installed and configured") and it will work (modulo issues with Virtualbox such as extension pack issues).

Upon further reboots, the process does not need to be repeated on the machine in question. HOWEVER, I have not tested this with the kernel or Virtualbox updates suggested by Software Updater. I suspect that unlike the kernel and supplied driver packages (such as the proprietary Nvidia driver), each time a kernel or Virtualbox update is done the above misery must be repeated. This process should be automated in all Linux packages (.deb or .rpm, depending upon the Linux distro being used), and in particular, enterprise versions such as LTS, and work no differently than for the Nvidia proprietary packages (Virtualbox being Oracle, but still open source).

I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.