[CentOS-devel] RFC: kmods SIG Proposal
Fabian Arrotin
arrfab at centos.orgSun May 23 19:18:05 UTC 2021
- Previous message: [CentOS-devel] RFC: kmods SIG Proposal
- Next message: [CentOS-devel] RFC: kmods SIG Proposal
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 23/05/2021 16:32, Peter Georg wrote: <snip> > * Work with other SIGs and others involved to establish a common > work-flow to sign kernels and/or kernel modules provided by SIGs. > ><snip> As Davide already mentioned earlier, signing kernel with CentOS distro key and/or secureboot isn't something that is possible (and doubt it will ever be possible) See https://pagure.io/centos-infra/issue/307 So in short : if SIGs don't expect to sign kernel with the centos distro key (https://www.centos.org/keys/#centos-project-keys-starting-from-centos-8) and also don't expect their built kernel/kernel modules to be signed with the centos key pair used for secureboot, that's something that can be done. I prefer mentioning this here *before* people start a SIG and then would hit a wall, as nothing would have been discussed as Requirement/must-have vs "nice-to-have" :-) -- Fabian Arrotin The CentOS Project | https://www.centos.org gpg key: 17F3B7A1 | twitter: @arrfab
- Previous message: [CentOS-devel] RFC: kmods SIG Proposal
- Next message: [CentOS-devel] RFC: kmods SIG Proposal
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS-devel mailing list