* Does the service require post-rpm-installation configuration in order to be useful (for example, does it need manual edits to a configuration file)? Configuration is an optional step, the defaults are suitable to get started. * Does the service listen on a network socket for connections originating on a separate physical or virtual machine? No, aesmd.service & qgs.service listen on UNIX sockets; mpa_registration.service does not listen on sockets at all. * Is the service non-persistent (i.e. run once at startup and exit)? aesmd.service & qgs.service are persistent long running services, mpa_registration is single-shot run & exit. The latter will check EFI variables to determine if any work is needed and silently exits if nothing needs doing, as such it can be safely run on every boot to "do the right thing(tm)" * What is the exact name (or names) of the systemd unit files to be enabled? aesmd.service mpa_registration.service qgs.service Upstream has no support for socket activation for the two persistent daemons unfortunately. * Is this request for all Fedora deliverables or only for some Editions (list them)? All
Note, that all of these services are conditionalized on /dev/sgx_enclave existing $ grep Condition *service aesmd.service:ConditionPathExists=/dev/sgx_enclave mpa_registration.service:ConditionPathExists=/dev/sgx_enclave qgs.service:ConditionPathExists=/dev/sgx_enclave The kernel will auto-create /dev/sgx_enclave if-and-only-if the user has gone into the firmware and turned on the SGX feature, as it is usually not enabled by default.
I speculatively created a PR: https://src.fedoraproject.org/rpms/fedora-release/pull-request/365 Assuming its accepted, this will also be required to be cherry-picked over to the Fedora 42 branch for https://fedoraproject.org/w/index.php?title=Changes/IntelSGX