From 3a23f07bba81cf64e63bd6430dcc3daff718947f Mon Sep 17 00:00:00 2001
From: Sertonix <sertonix@posteo.net>
Date: Sun, 16 Feb 2025 18:27:19 +0100
Subject: [PATCH] main/secureboot-hook: use PATH to find binaries

Not hardcoding the paths to binaries avoids issues when these are moved.
---
 main/secureboot-hook/APKBUILD        | 6 +++---
 main/secureboot-hook/secureboot.hook | 6 +++---
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/main/secureboot-hook/APKBUILD b/main/secureboot-hook/APKBUILD
index 986324ac998d..59bb2e3fc635 100644
--- a/main/secureboot-hook/APKBUILD
+++ b/main/secureboot-hook/APKBUILD
@@ -1,8 +1,8 @@
 # Contributor: Jakub Jirutka <jakub@jirutka.cz>
 # Maintainer: Jakub Jirutka <jakub@jirutka.cz>
 pkgname=secureboot-hook
-pkgver=0.2
-pkgrel=2
+pkgver=0.3
+pkgrel=0
 pkgdesc="A kernel hook for generating signed UEFI Unified Kernel Image"
 url="https://gitlab.alpinelinux.org/alpine/aports"
 arch="noarch !armhf !s390x !ppc64le"  # limited by sbsigntool
@@ -23,6 +23,6 @@ package() {
 }
 
 sha512sums="
-cd76188468f27761a42bf92976e5e0475d3a3a46b24fa44c23c8afb28735f1bf99bac17665cedb1f0bed50eef522b909214f90bca703c7543314ed6ebdffc1b0  secureboot.hook
+df4c3c75cad8a9b89f60197ce6c426a7eebdff92dc5831da24eece4c4abd873270a5eadf494af9c9946ed19961ddb67035bb2981210808f5ce78cf8c304ba290  secureboot.hook
 0777b1ec63d7d21a2144737fb913a52b8deedadbec69b7450799c228950adf9213d5d40e52617841dbae3bf4451f37a18f833e94860fab2c7779779b5fa9f66d  secureboot.conf
 "
diff --git a/main/secureboot-hook/secureboot.hook b/main/secureboot-hook/secureboot.hook
index 7b6847aa2f93..a5e27bdfeeee 100644
--- a/main/secureboot-hook/secureboot.hook
+++ b/main/secureboot-hook/secureboot.hook
@@ -78,10 +78,10 @@ if [ "$backup_old" = yes ] && [ -f "$output" ]; then
 	cp -a "$output" "$output.bak"
 fi
 
-/sbin/mkinitfs -o "$tmpdir"/initramfs "$NEW_VERSION-$FLAVOR"
+mkinitfs -o "$tmpdir"/initramfs "$NEW_VERSION-$FLAVOR"
 
 echo "==> $HOOK_NAME: creating UEFI Unified Kernel Image with $vmlinuz"
-/usr/bin/efi-mkuki \
+efi-mkuki \
 	-c "$cmdline" \
 	-s "$splash_image" \
 	-S "$efistub_file" \
@@ -95,7 +95,7 @@ if [ "$signing_disabled" = yes ]; then
 	mv "$tmpdir"/unsigned.efi "$output"
 else
 	echo "==> $HOOK_NAME: signing UEFI image and writing to $output"
-	/usr/bin/sbsign \
+	sbsign \
 		--cert "$signing_cert" \
 		--key "$signing_key" \
 		--output "$output" \
-- 
GitLab