Am 05.04.22 um 20:34 schrieb Neal Gompa: > On Tue, Apr 5, 2022 at 1:51 PM Brian Stinson <brian at bstinson.com> wrote: >> >> On Tue, Apr 5, 2022, at 12:25, Leon Fauster via CentOS-devel wrote: >>> Hey all, >>> >>> I wonder what the current status of UEFI Secure Boot in CS9 is? >>> >>> I installed CentOS-Stream-9-20220328.0-x86_64-dvd1 on a workstation. >>> >>> # rpm -qa|egrep -i '^efi|kernel-5|^grub2'|sort >>> efibootmgr-16-12.el9.x86_64 >>> efi-filesystem-4-9.el9.noarch >>> efivar-libs-38-2.el9.x86_64 >>> grub2-common-2.06-25.el9.noarch >>> grub2-efi-x64-2.06-25.el9.x86_64 >>> grub2-tools-2.06-25.el9.x86_64 >>> grub2-tools-minimal-2.06-25.el9.x86_64 >>> kernel-5.14.0-75.el9.x86_64 >>> >>> and can't boot with "secure boot" enabled. >>> Grub shows something like ~shim signature bad~. >>> >>> Any updated informations out there? >>> >> >> An update to pesign caused a couple of kernels to be signed with the embedded test certificates. https://kojihub.stream.rdu2.redhat.com/koji/buildinfo?buildID=17931 <= this build (or a later one) is on its way into the buildroot and we can rebuild. >> > > And for us chickens: > https://kojihub.stream.centos.org/koji/buildinfo?buildID=17931 > Ok, I read between the lines that it should work. Thanks. Lets wait for the next compose. -- Leon