On Mon, 2024-06-17 at 12:44 +0100, Aoife Moloney wrote: > Wiki - > https://fedoraproject.org/wiki/Changes/NvidiaInstallationWithSecureboot > Discussion Thread - > https://discussion.fedoraproject.org/t/f41-change-proposal-nvidia-driver-installation-with-secure-boot-support-self-contained/120330 > > This is a proposed Change for Fedora Linux. > This document represents a proposed Change. As part of the Changes > process, proposals are publicly announced in order to receive > community feedback. This proposal will only be implemented if > approved > by the Fedora Engineering Steering Committee. > > > == Summary == > > Nvidia Drivers have been removed from GNOME Software because it > didn't > support Secure Boot which is increasingly often enabled. This change > brings the option back with Secure Boot supported. > > == Owner == > > * Name: [[User:eischmann|Jiří Eischmann]] > * Name: Milan Crha > > * Email: eischmann@xxxxxxxxxx > * Email: mcrha@xxxxxxxxxx > > > == Detailed Description == > > The goal is this change is to provide an easy way to install Nvidia > drivers in Fedora Workstation. It was removed from GNOME Software > because the original mechanism didn't support Secure Boot. When users > installed the drivers with Secure Boot enabled, they could not boot > the OS. > What we're doing this time is using mokutil to create a key for the > user to self-sign the drivers. When installing the drivers, the user > is asked to provide a password for the key. On the next reboot the > user is presented with the mokutil interface to enroll the key. I don't know if you are aware akmods already support secure boot since F36 [1] and in "Importing the key" is described on enroll the public self sign key [1] https://rpmfusion.org/Howto/Secure%20Boot > See the > [https://gitlab.gnome.org/GNOME/gnome-software/-/merge_requests/2034 > upstream merge request] for more details and screenshots. > > == Feedback == > > > == Benefit to Fedora == > The Nvidia drivers are necessary not only for gaming, but especially > for CUDA and AI/LLM workloads. The Nvidia drivers can't be part of > Fedora because of their license, but Fedora should offer an easy > installation of them to stay relevant in the respective fields. > > == Scope == > > * Proposal Owners: The feature will be implemented in GNOME Software > 47 and will be shipped in the gnome-software package in Fedora Linux > 41. > > * Other Developers: No work required from other Fedora developers. > The > only requirement outside of the scope of the proposal owners is to > reintroduce AppStream metadata into the Nvidia driver repo on > RPMFusion.org. > > * Release Engineering: > > * Policies and Guidelines: > > * Trademark approval: > > * Alignment with Community Initiatives: > > == Upgrade/compatibility impact == > > No impact is expected. > > == How To Test == > > 1. Open GNOME Software.<br> > 2. Search for "nvidia".<br> > 3. Choose the Nvidia driver, click Install and follow the > prompts.<br> > 4. Reboot and enroll the self-signing key in the mokutil tool > following <<the documentation will be added>><br> > 5. The OS should boot up with the Nvidia driver enabled.<br> > > == User Experience == > > This change aims to improve user experience of installing the > proprietary Nvidia driver. > > == Contingency Plan == > If the feature is not implemented on time for Fedora Linux 41, we can > simply remove AppStream metadata from the Nvidia driver repo and the > driver will not show up in GNOME Software like in Fedora Linux 40. > > == Documentation == > The GNOME Software part is intuitive and doesn't require > documentation. The mokutil part is less intuitive and will be > documented in the Fedora Workstation section on > docs.fedoraproject.org. The docs will be published when the feature > lands in Fedora Linux 41. > > == Release Notes == > > -- > Aoife Moloney > > Fedora Operations Architect > > Fedora Project > > Matrix: @amoloney:fedora.im > > IRC: amoloney > -- > _______________________________________________ > devel-announce mailing list -- devel-announce@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to > devel-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel-announce@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue > -- > _______________________________________________ > devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx > To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx > Fedora Code of Conduct: > https://docs.fedoraproject.org/en-US/project/code-of-conduct/ > List Guidelines: > https://fedoraproject.org/wiki/Mailing_list_guidelines > List Archives: > https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx > Do not reply to spam, report it: > https://pagure.io/fedora-infrastructure/new_issue -- Sérgio M. B. -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
