On Wed, Jul 9, 2025, at 5:14 PM, Chris Adams wrote: > Once upon a time, Chris Murphy <li...@colorremedies.com> said: >> Not After : Jun 27 21:32:45 2026 GMT > <snip> >> I'm confused why I'm able to boot. Seems like shim should fail verification >> if the public key is expired. > > Are you posting from the future? :)
I'm not supposed to admit that. ;) OK so after firmware update the system unsurprisingly still boots, because it is apparently still 2025. But none of the certificates have changed. I guess they'll get around to it in the next 11 months? Meanwhile I've (re)experienced a "feature" of my Lenovo firmware. Whereupon loading BIOS defaults and saving them, there are no more boot entries listed in the firmware boot menu. Not Windows. Not Fedora. Both have bootloaders found on the EFI System partition but apparently this firmware won't list them unless they're also found in efivars? Upon choosing the nvme raw device (it doesn't list partitions) it boots... Windows. root@fovo:/boot/efi/EFI/BOOT# sha256sum BOOTX64.EFI 4773d74d87c2371a25883b59a3b6d98d157de46933676706d215015b1130f2d1 BOOTX64.EFI root@fovo:/boot/efi/EFI/BOOT# sha256sum ../fedora/shimx64.efi 4773d74d87c2371a25883b59a3b6d98d157de46933676706d215015b1130f2d1 ../fedora/shimx64.efi Windows recovery boot menu likewise won't list Fedora, I guess because it's not found in efivars. Track down a Fedora install USB stick, and I'm able to fix this with efibootmgr, but... what a swig of sour milk. I'd put this in the soft fail category of how these sorts of updates can go sideways. -- Chris Murphy -- _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
