Version-Release number of selected component: mokutil.x86_64 2:0.7.1-5.fc42 <unknown> Description of problem: If you install Fedora 42 or upgrade from a previous version of Fedora (e.g. 41) to 42, mokutil disables the entire Secure Boot compatibility and claims that the system doesn't support Secure Boot anymore. This happens even if the affected system supports Secure Boot completely and worked before in F41 as expected. Reproducible: Always Steps to Reproduce: Steps to Reproduce: 1. Install Fedora 42 (any version / spin) directly OR install Fedora 41 on a system with Secure Boot enabled. If you install F41 first to upgrade to F42: 2a. On F41: open terminal and check Secure Boot state with "mokutil --sb-state" 3a. mokutil says that Secure Boot is enabled. 4a. Upgrade to F42 and repeat step 2a. 5a. mokutil claims that the system doesn't support Secure Boot now and disabled it entirely (also visible in the hardware security section inside of gnome-control-center). If you install F42 directly: 2b. Open terminal and check Secure Boot state with "mokutil --sb-state" 3b. mokutil claims that the system doesn't support Secure Boot and disabled it entirely. Actual Results: mokutil prevents the usage of Secure Boot on Secure Boot enabled systems. This also prevents the import of own certificates for kernel modules (e.g. NVIDIA drivers). Expected Results: mokutil recognizes the Secure Boot state correctly and keeps it enabled like on F41 before (or directly in F42 on new installations).
I found the solution: My mokutil / MokList was broken and I had to reset it with 'mokutil --reset'. Now it works again as expected. Closing issue with that.