Re: signing modules

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 16/03/2020 16:42, Jerry Geis wrote:
You need to turn off secure booting - you can still boot using UEFI,
but if secure booting is turned on the kernel doesn't allow unsigned
modules.

Thanks - so is that command line to run ? Config file to edit ?

I ran mokutil --disable-verification and rebooted
I dont desire that MOK management screen to show - how do you get rid of
that ?

After rebooting my module still does not load.


Rather than disabling a security feature, why don't you generate a Secure Boot signing key and sign your module?

Please see the RHEL documentation here:

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Kernel_Administration_Guide/sect-signing-kernel-modules-for-secure-boot.html

Elrepo has a guide here on how to import your Secure Boot signing key once you have signed your module:

http://elrepo.org/tiki/SecureBootKey

Phil
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux