SYNOPSIS
efi-readvar: [,-v <var>/] [,-s <list>/[,-<entry>/]] [,-o <file>/]DESCRIPTION
with no arguments, prints out the entire secure variable database and expands the contents of hashes and X509 certificates. May be restricted to specific variables and specific signatures within variables. Note that EFI signature lists are numbered from zero and may contain one or more entries (also numbered from zero), so 0-0 represents the first entry of signature list zero.
List the contents of the UEFI signature databases
OPTIONS
- -v <var>
- list only the contents of <var>
- -s <list>[-<entry>]
- list only a given signature list (and optionally
- only a given entry in that list
- -o <file>
- output the requested signature lists to <file>
EXAMPLES
To see all the variables, type
efi-readvars
To see the second entry of signature list 1 for the db variable, do
efi-readvars -v db -s 1-1
To see all entries of signature list 0 for the KEK
efi-readvars -v KEK -s 0