1791608 – [RFE] Satellite should provide a feature to provision systems with UEFI Secure Boot enabled

Bug 1791608 - [RFE] Satellite should provide a feature to provision systems with UEFI Secure Boot enabled

Summary: [RFE] Satellite should provide a feature to provision systems with UEFI Secur...

Keywords:
Status:	NEW
Alias:	None
Product:	Red Hat Satellite
Classification:	Red Hat
Component:	Provisioning
Sub Component:
Version:	6.6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	high
Severity:	high
Target Milestone:	Unspecified
Assignee:	satellite6-bugs
QA Contact:	Satellite QE Team
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2020-01-16 09:21 UTC by Stefan Meyer
Modified:	2023-08-03 00:34 UTC (History)
CC List:	26 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-09-02 15:19:06 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Knowledge Base (Solution)	4843841	0	None	None	None	2020-02-20 19:02:01 UTC

Comment 16 Lukas Zapletal 2021-08-12 10:28:20 UTC

HTTP UEFI SecureBoot works, its just not supported or tested.

Just follow our HTTP UEFI chapter but instead "Grub2 UEFI HTTP" PXE loader, choose "Grub2 UEFI HTTP SecureBoot" option. This will make the DHCP server to reply with "shim.efi" filename option which then verifies the signature and passes over to grub2 signed by Red Hat keys.

Other workflows like Discovery or Bootdisk are not supported and will not work at the moment.

https://docs.theforeman.org/nightly/Provisioning_Guide/index-foreman-el.html#creating-hosts-with-uefi-http-boot-provisioning_provisioning

Comment 37 Mike McCune 2022-07-08 17:15:31 UTC

Upon review of our valid but aging backlog the Satellite Team has concluded that this Bugzilla does not meet the criteria for a resolution in the near term, and are planning to close in a month. This message may be a repeat of a previous update and the bug is again being considered to be closed. If you have any concerns about this, please contact your Red Hat Account team.  Thank you.

Note You need to log in before you can comment on or make changes to this bug.

aganbat
ahumbe
alex.wang
bkearney
bsmitley
ckoep
cylopez
fgarciad
inecas
j.becker
kurathod
ldelouw
lstejska
lzap
mhulan
mschindl
rgreene
rheron
sadas
satellite6-bugs
saydas
sganar
sokeeffe
spurrier
sshtein
thadzhie