On Tue, Apr 5, 2022, at 12:25, Leon Fauster via CentOS-devel wrote: > Hey all, > > I wonder what the current status of UEFI Secure Boot in CS9 is? > > I installed CentOS-Stream-9-20220328.0-x86_64-dvd1 on a workstation. > > # rpm -qa|egrep -i '^efi|kernel-5|^grub2'|sort > efibootmgr-16-12.el9.x86_64 > efi-filesystem-4-9.el9.noarch > efivar-libs-38-2.el9.x86_64 > grub2-common-2.06-25.el9.noarch > grub2-efi-x64-2.06-25.el9.x86_64 > grub2-tools-2.06-25.el9.x86_64 > grub2-tools-minimal-2.06-25.el9.x86_64 > kernel-5.14.0-75.el9.x86_64 > > and can't boot with "secure boot" enabled. > Grub shows something like ~shim signature bad~. > > Any updated informations out there? > > -- > Thanks > Leon > > > > _______________________________________________ > CentOS-devel mailing list > CentOS-devel at centos.org > https://lists.centos.org/mailman/listinfo/centos-devel An update to pesign caused a couple of kernels to be signed with the embedded test certificates. https://kojihub.stream.rdu2.redhat.com/koji/buildinfo?buildID=17931 <= this build (or a later one) is on its way into the buildroot and we can rebuild. --Brian