Am 05.04.22 um 22:50 schrieb Leon Fauster: > Am 05.04.22 um 20:34 schrieb Neal Gompa: >> On Tue, Apr 5, 2022 at 1:51 PM Brian Stinson <brian at bstinson.com> wrote: >>> >>> On Tue, Apr 5, 2022, at 12:25, Leon Fauster via CentOS-devel wrote: >>>> Hey all, >>>> >>>> I wonder what the current status of UEFI Secure Boot in CS9 is? >>>> >>>> I installed CentOS-Stream-9-20220328.0-x86_64-dvd1 on a workstation. >>>> >>>> # rpm -qa|egrep -i '^efi|kernel-5|^grub2'|sort >>>> efibootmgr-16-12.el9.x86_64 >>>> efi-filesystem-4-9.el9.noarch >>>> efivar-libs-38-2.el9.x86_64 >>>> grub2-common-2.06-25.el9.noarch >>>> grub2-efi-x64-2.06-25.el9.x86_64 >>>> grub2-tools-2.06-25.el9.x86_64 >>>> grub2-tools-minimal-2.06-25.el9.x86_64 >>>> kernel-5.14.0-75.el9.x86_64 >>>> >>>> and can't boot with "secure boot" enabled. >>>> Grub shows something like ~shim signature bad~. >>>> >>>> Any updated informations out there? >>>> >>> >>> An update to pesign caused a couple of kernels to be signed with the >>> embedded test certificates. >>> https://kojihub.stream.rdu2.redhat.com/koji/buildinfo?buildID=17931 >>> <= this build (or a later one) is on its way into the buildroot and >>> we can rebuild. >>> >> >> And for us chickens: >> https://kojihub.stream.centos.org/koji/buildinfo?buildID=17931 >> > > > Ok, I read between the lines that it should work. Thanks. > Lets wait for the next compose. > I wonder how often do the public mirrors for CS9 get new composes/updates? It seems that its stuck at 20220328 while https://composes.stream.centos.org/production/latest-CentOS-Stream/ shows 9 more composes ...? Or should I point the local repo files to composes.stream.centos.org? -- Leon