I have noticed in the boot up sequence for an Incus Ubuntu VM that I am seeing the error “secure boot prohibited by boot policy”. That’s interesting because an ubuntu incus VM launched with:
incus launch images:ubuntu/24.04/desktop --vm Desktop-2404 -c boot.autostart=true -c limits.cpu=2 -c limits.memory=4GiB
is booting EFI and I would not think that secure boot would flag an error.
Yeah, I don’t know what part of the boot process is being blocked by secure boot policy, but clearly the OS does start so the bits that matter are allowed.
I find it odd, particularly because Ubuntu can use secure boot, although I consider it a moot point.
Ubuntu clearly does support secure boot in this case as otherwise your OS wouldn’t have booted at all. It simplify looks like something in the early boot path of Ubuntu tried to load an unsigned binary and got rejected by the firmware, but that wasn’t critical to the boot sequence so the rest still continued just fine.