Bug 1216524 - slowroll Tumbleweed -- boot failure after update - security violation
Summary: slowroll Tumbleweed -- boot failure after update - security violation
Status: NEW
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Bootloader (show other bugs)
Version: Current
Hardware: Other openSUSE Tumbleweed
: P5 - None : Normal (vote)
Target Milestone: ---
Assignee: Bernhard Wiedemann
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-10-24 04:13 UTC by Neil Rickert
Modified: 2023-11-14 08:49 UTC (History)
1 user (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Neil Rickert 2023-10-24 04:13:49 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0
Build Identifier: 

I updated my slowroll system today.  This was mainly grub updates.

On reboot, I got an immediate security violation and no boot menu.  It looks as if the update "grub.efi" does not have a suitable signature.

Searching around, I found a file "/usr/share/grub2/x86_64-efi/grub.der"

I tried enrolling that, and that fixed the problem.  However the update did not automatically enroll that cert and did not advise that it be enrolled.

Reproducible: Always
Comment 1 Gary Ching-Pang Lin 2023-11-14 08:47:40 UTC 
The grub2 package was built under oepnSUSE:ALP and signed by the project key instead of the official openSUSE signkey. It has to be configured by the build service team.