Comment # 38 on bug 1195118 from 
Please correct me if I am wrong, but how about this general approach:

- Don't rely on that post-install mokutil call being successful.

- Use mokutil's introspection features when the certificates are actually
needed; i.e. during the dracut run.

- If the certs are not already imported at that time, do it then. At that point
in time, there are better chances of the crucial infrastructure (/etc/shadow)
being in place.


I guess right now it's not only during a YaST installation that this doesn't
work; it's probably the same for a kiwi or an image installation, or when doing
zypper calls manually.

Moving that part to the dracut run should fix all those scenarios.

You are receiving this mail because: