> This is a long standing bug in shim, that has been fixed 2 years ago > [0] but the distros keep shipping outdated versions, due to the > reluctance of MS to sign new shim builds.
Yep, the process is slow and tedious. latest centos stream shim review is here: https://github.com/rhboot/shim-review/issues/454 To be fair fedora and rhel managed to roll out the updates quite a while ago, so it is probably not the signing process alone. Workaround for centos stream 9: (1) turn off secure boot (if enabled) (2) install latest shim (unsigned): sudo dnf install shim-unsigned-x64 (3) replace shim on the ESP: sudo cp /usr/share/shim/15.8-2.el9/x64/shimx64.efi /boot/efi/EFI/centos/shimx64.efi HTH & take care, Gerd -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#120991): https://edk2.groups.io/g/devel/message/120991 Mute This Topic: https://groups.io/mt/110601533/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
