Can someone tell me what this is and what to do? I am getting it recently whenever there is an update. I don't think it gets updated. And it doesn't show as standalone.
First question, are you dual booting with Windows and thus have SECURE BOOT enabled?
If you answer "NO"
Then my answer is to never install that package if SECURE BOOT is disabled in the BIOS.
That package is only for the use of signed signatures with Microsoft's proprietary SECURE BOOT protocal. And like I said, unless you are dual booting with Windows and have SECURE BOOT enabled, that package is not needed, and has the possibility of doing more damage then good.
Found this to back up my argument...
1 Like
no. I don't dual boot and secure boot is disabled. I also get an update list in the terminal: "shim" and "shim-signed". but they don't get updated, and even ignored.
so the question now is: why do they keep appearing?
1 Like
Probably because it comes with one of the Ubuntu packages from the REPO. To be honest, I am not sure which package it comes from, but it can be ignored for now.
Also, go ahead and install the best package manager for Linux, Synaptic Package Manager.
CTRL ALT T to enter terminal.
sudo apt install synaptic
Once its installed, Click the Zorin 
logo and type SYNAPTIC. Enter password once launched.
Type in the search box... shim-signed
As you can see, its not installed on my system, for if it was, there would be a checkmark in it, and it would be GREEN in color to signify installed. If yours is green, you can mark it for removal by right clicking on it, and then you hit the APPLY button after to finalize.
To prevent this package from updating, you can also select it, then go to PACKAGE, and put a lock on it, you can do this for any software on your system.
Hope this helps!
StarTreker
Your Tech Support Guru
As I understand it, the shim-signed - bootloader chained update only appears if secure boot is enabled in BIOS.
In the words of Spock
I already had synaptic installed. I checked shim there and it seems that it is installed.
what should I do?
Right click on it, and mark for removal, then click the APPLY button.
what abut mokutil?
Are you absolutely certain that SecureBoot is disabled? Because those packages are only installed if SecureBoot is enabled.
Perhaps you disabled SecureBoot after the installation was done?
secure boot is disabled. but I don't exclude the possibility that I enabled/disabled it after installation.
I did install it maybe 6 months ago and until now I didn't have to deal with this
Well you could remove Mokutils and such and see what happens.
deleted all three. let's see if it will break anything or not
1 Like
It should be fine. The procedure to remove shim-signed is
sudo apt remove --purge shim-signed
Nothing fancy to look out for there... So removing it via Synaptic would have the exact same effect.
You may want to use sudo apt clean && sudo apt autoremove after.
1 Like
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.
Marked solution. 126