Red Hat Bugzilla – Bug 1010474
Unable to register keys with MokManager
Last modified: 2016-02-05 01:56:00 EST
Description of problem:
When trying to register a cert.der file from the /boot/efi dir using MokManager from Fedora 20, the tool gives no feedback when you press enter on the key to record it.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. create .der file following this doc http://en.opensuse.org/openSUSE:UEFI (No Fedora doc for that)
2. put it under /boot/efi
3.reboot on MokManager and try to add it
No message, no der imported.
Confirmation msg + der imported.
During the UEFI Plugfest
This should be fixed in 0.5-1.f20 .
shim-signed-0.5-1.fc20,shim-0.5-1.fc20 has been submitted as an update for Fedora 20.
This is really critical functionality that must work, so I've added this as a BetaFreezeException to make sure this is in F20.
Package shim-signed-0.5-1.fc20, shim-0.5-1.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing shim-signed-0.5-1.fc20 shim-0.5-1.fc20'
as soon as you are able to.
Please go to the following url:
then log in and leave karma (feedback).
Discussed in 2013-10-28 Blocker Review meeting . Voted as an AcceptedFreezeException. This is required for secureboot to work and cannot be fixed with an update post-release. A tested fix would be considered after freeze.
That update broke my UEFI boot so no we will not accept that as a freeze exception so it can break it for everybody else in otherwords we need to kill this update in birth..
See bug 1023767
shim-0.7-1.fc20,shim-signed-0.7-1.fc20 has been submitted as an update for Fedora 20.
shim-0.7-1.fc20, shim-signed-0.7-1.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.