How can I disable secure boot using virt-install cli?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]


Hello all:

I am looking for a way to disable secure boot for UEFI guests:
In 3.2.0 I use the command blow to achieve it:

# virt-install --name GuestOne --location #URL --machine q35 --vcpus=2 --memory 4096 --file-size=20 --boot uefi --boot nvram.template=/usr/share/edk2/ovmf/OVMF_VARS.fd

However, in 4.0.0 I cannot get the same result for this cmd

Expect VM is booted with secureboot disabled. But the actual result is the VM is booted with secureboot enabled.

# mokutil --sb-state
SecureBoot enabled

    <type arch='x86_64' machine='pc-q35-rhel9.0.0'>hvm</type>
    <loader readonly='yes' secure='no' type='pflash'>/usr/share/edk2/ovmf/OVMF_CODE.secboot.fd</loader>
    <nvram template='/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd'>/var/lib/libvirt/qemu/nvram/rhel9_VARS.fd</nvram>
    <boot dev='hd'/>

It seems it still creates guests with "/usr/share/edk2/ovmf/OVMF_VARS.secboot.fd" as the nvram template.

Thanks a lot!

[Index of Archives]     [Linux Virtualization]     [KVM Development]     [CentOS Virtualization]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]     [Video 4 Linux]

  Powered by Linux