[Bug 808108] New: Enable Secure Boot is not enabled by default when in secure boot mode
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c0 Summary: Enable Secure Boot is not enabled by default when in secure boot mode Classification: openSUSE Product: openSUSE 12.3 Version: RC 2 Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Release Notes AssignedTo: ke@suse.com ReportedBy: lnussel@suse.com QAContact: coolo@suse.com CC: aplanas@novell.com Found By: --- Blocker: --- +++ This bug was initially created as a clone of Bug #807839 +++ This only affects machines in UEFI mode with secure boot enabled. YaST does not automatically detect if the machine has secure boot enabled and will therefore install an unsigned bootloader by default which will not be accepted by the firmware. To have a signed bootloader installed the option "Enable Secure" boot has to be manually checked. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c Karl Eichwalder <ke@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c Karl Eichwalder <ke@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |808614 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c1 Karl Eichwalder <ke@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #1 from Karl Eichwalder <ke@suse.com> 2013-03-11 13:44:40 CET --- Thanks, fixed in SVN: 3.4. Crypted LVM in UEFI Mode Needs /boot Partition This only affects installations in UEFI mode. In the partitioning proposal when checking the option to use LVM (which is required for full disk encryption) YaST does not create a separate /boot partition. That means kernel and initrd end up in the (potentially encrypted) LVM container, inaccessible to the boot loader. To get full disk encryption when using UEFI, partitioning has to be done manually. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c2 --- Comment #2 from Karl Eichwalder <ke@suse.com> 2013-03-11 13:46:14 CET --- Grrhhh. c&p error. This one: 3.3. Enable Secure Boot in YaST Not Enabled by Default When in Secure Boot Mode This only affects machines in UEFI mode with secure boot enabled. YaST does not automatically detect if the machine has secure boot enabled and will therefore install an unsigned bootloader by default. But the unsigned bootloader will not be accepted by the firmware. To have a signed bootloader installed the option "Enable Secure" boot has to be manually enabled. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c3 --- Comment #3 from Swamp Workflow Management <swamp@suse.de> 2013-03-13 19:05:03 UTC --- openSUSE-RU-2013:0449-1: An update that has 7 recommended fixes can now be installed. Category: recommended (important) Bug References: 804773,808104,808108,808111,808116,808595,808614 CVE References: Sources used: openSUSE 12.3 (src): release-notes-openSUSE-12.3.6-1.6.1 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c4 Christian Boltz <suse-beta@cboltz.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |suse-beta@cboltz.de --- Comment #4 from Christian Boltz <suse-beta@cboltz.de> 2013-03-13 23:49:00 CET --- (In reply to comment #2)
installed the option "Enable Secure" boot has to be manually enabled.
Just courious - shouldn't this be ... "Enable Secure boot" has ... (move the quotation mark around)? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=808108 https://bugzilla.novell.com/show_bug.cgi?id=808108#c5 --- Comment #5 from Karl Eichwalder <ke@suse.com> 2013-03-14 08:16:45 CET --- Yes, it is fixed in the meantime--typo reported separately: https://bugzilla.novell.com/show_bug.cgi?id=809141 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com