On Mon, Sep 25, 2023 at 4:57 PM Andrei Borzenkov
Is Secure Boot enabled? If yes, did you import certificates for VirtualBox modules?
uefi and secureboot of the physical host machine is enabled. i have written this in this thread before. import what certificates where to exactly? meanwhile I have kind of researched more into this mokutil stuff and "KMP" kernel module packages was a new term to me, and with the help of this i found some germanic website speaking about exactly this shortcoming of opensuse and the mix with SLEs/suse corp. and everything thats related and some older release notes of suse 15.3 and newer also speak about NVIDIA and KMPs and mokutil needing to enroll some? key into the MOK database to make nvidia KMP to work. tanslate google: https://curius.de/2022/05/virtualbox-in-opensuse-leap-mit-secure-boot/ leading also to dealings about NVIDIA KMP stuff.... https://doc.opensuse.org/release-notes/x86_64/openSUSE/Leap/15.5/index.html
4 Drivers and Hardware # 4.1 Secure Boot: Third-Party Drivers Need to Be Properly Signed
and https://doc.opensuse.org/release-notes/x86_64/openSUSE/Leap/15.3/index.html leading and speaking of kernel KMP stuff specially for virtualbox
4 Drivers and hardware Report Documentation Bug # 4.1 Secure Boot: SUSE Linux Enterprise kernel and openSUSE signed Kernel Module Packages Report Documentation Bug # The newly introduced openSUSE-signkey-cert package is required for openSUSE KMPs like virtualbox,
so i guess I need to mokutil some key as well? from that
.... openSUSE-signkey-cert package.....
That blog post up there wondering why opensuse team does not automagically enroll the key into MOK database, and thats also me wondering the same? i have like exactly one KMP naed file in /etc/uefi/certs/ ..... named: 1F673297-kmp.crt belonging apparently to certain RPM rpm -qf 1F673297-kmp.crt openSUSE-signkey-cert-20220613-lp155.3.5.x86_64 am I headed for the right direction? the question remaind why doesnt this MOK enrollment does not happen automatically actually for the user? this seems like serious technocalities just in order to run an opensource piece of software called virtualbox on a linux or on opensuse especially. ty