On Tue, Aug 12, 2025 at 10:30:55AM +0530, Sudhakar Kuppusamy wrote:
> Thank you Daniel.
>
> > On 11 Aug 2025, at 9:24 PM, Daniel Kiper <dki...@net-space.pl> wrote:
> > On Tue, Jul 29, 2025 at 08:21:46PM +0530, Sudhakar Kuppusamy wrote:

[...]

> >> +  if (is_cert_removed_from_db (cert) == false)
> >> +    err = grub_error (GRUB_ERR_EOF,
> >> +                      "not found certificate with CN:%s in the db list", 
> >> cert->subject);
> >
> > First of all, I am not convinced the cert should be removed automatically
> > from the db. I think it would be better if it is documented it should be
> > done manually. However, if you convince me it should be done automatically
> > here then lack of cert in the db should not trigger an error...
>
> It is not automatically removing the cert from the db but does it manually
> when user try to remove distrusted cert via append_rm_dbx_cert command.

So, I mean it should not happen then...

Daniel

_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel

Reply via email to