Firmware update on Dell Latitude 5510 fails with "missing signed bootloader for secure boot"

Using Ubuntu 21.04, I'm trying to update the firmware on a Dell Latitude 5510. The command is fwupdmgr update, and it looks good to begin with.

I receive this message:

Upgrade available for System Firmware from 1.5.1 to 1.7.0
Latitude 5510 must remain plugged into a power source for the duration of the update to avoid damage. Continue with update? [Y|n]: 

This goes well while the update is downloading and decompressing, but stops in the authenticating stage with this message:

missing signed bootloader for secure boot: /usr/libexec/fwupd/efi/fwupdx64.efi.signed cannot be found

I have seen similar questions both here and elsewhere, but no solution. I obviously don't understand this signing business, but still hope that someone here can assist.

Simple question: how can I sign the bootloader using only Ubuntu?


Solution 1:

You can turn off secure boot. The signature is for secure boot, and you can turn it off during the firmware update.

Depending on the firmware you might or might not need to run the computer with secure boot off after that operation. I think it is OK to run the computer without secure boot.

Ubuntu has a license from Microsoft to sign its software for secure boot, but several Linux distros have no such license (and don't want it because it is not FOSS). Those distros must be run with secure boot turned off.

Solution 2:

Please go into your computer's BIOS and turn the secure boot off, then you will be able to boot into Ubuntu. Secure boot does little, especially for Linux users; it was made to prevent you/malware for removing Windows!