+++ This bug was initially created as a clone of Bug #1972676 +++ In RHEL 8, when a kernel module is loaded, the kernel checks the signature of the module against the public X.509 keys from the kernel system keyring (.builtin_trusted_keys) and the kernel platform keyring (.platform). The .platform keyring contains keys from third-party platform providers and custom public keys. The keys from the kernel system .blacklist keyring are excluded from verification. Additional tools are: yum -y install openssl mokutil keyutils
Verified in build: 4.9.0-0.nightly-2021-06-21-131605 1. Go to the OpenShift release nightly build page for the nightly build, click "Download the installer," and then click "release.txt." 2. Search for "driver-toolkit" and pull the corresponding image to your dev machine with the command: podman pull --authfile /path/to/pullsecret <openshift_release_repo>/<corresponding_image_to_your_dev_machine> 3. Enter the following command from the terminal: podman run <image_from_previous_step> dnf list installed | grep <string> ===================================== Output from the command in step #3: openssl openssl.x86_64 1:1.1.1g-15.el8_3 @rhel-8-baseos-rpms-x86_64 openssl-libs.x86_64 1:1.1.1g-15.el8_3 @System keyutils keyutils.x86_64 1.5.10-6.el8 @rhel-8-baseos-rpms-x86_64 keyutils-libs.x86_64 1.5.10-6.el8 @System mokutil mokutil.x86_64 1:0.3.0-11.el8 @rhel-8-baseos-rpms-x86_64
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory (Moderate: OpenShift Container Platform 4.9.0 bug fix and security update), and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2021:3759