[kernel-bugs] [Bug 1173115] zypper dup from 15.1 shows mok screen on reboot
http://bugzilla.opensuse.org/show_bug.cgi?id=1173115 http://bugzilla.opensuse.org/show_bug.cgi?id=1173115#c11 Martin Wilck <martin.wilck@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |martin.wilck@suse.com --- Comment #11 from Martin Wilck <martin.wilck@suse.com> --- (In reply to Ludwig Nussel from comment #10)
So similar checks could be done in the kernel spec file and skip mokutil when built with the openSUSE keys.
Or mokutil itself should have a list of keys that don't need to be added to the MoK db. We could have a list of fingerprints of built-in keys somewhere under /etc/uefi, and could check the cert to be imported against this list before importing. And if we don't, we should at least improve the message of the mokutil screen at boot, explaining why it's popping up. -- You are receiving this mail because: You are the assignee for the bug.
participants (1)
-
bugzilla_noreply@suse.com