Tree - centos/t_functional - CentOS Git server

Blob History Raw

	859aef	`#!/bin/bash`
	859aef	`# This test will verify that grub2-efi is correctly signed with correct cert in the CA chain`
	859aef
	859aef	`t_Log "Running $0 - Verifying that kernel is correctly signed with correct cert"`
	859aef
Pablo Greco	8d3da8	`if [[ "$centos_ver" -ge 7 && "$arch" = "x86_64" ]] ; then`
	859aef	`t_InstallPackage pesign`
	859aef	`for kernel in $(rpm -q kernel --queryformat '%{version}-%{release}.%{arch}\n')`
	859aef	`do`
	0557ff	`t_Log "Validating kernel $kernel ..."`
	c4423d	`if [[ "$centos_ver" -ge 8 && "$kernel" > "4.18.0-480.el8" ]] ; then`
	c4423d	`pesign --show-signature --in /boot/vmlinuz-${kernel}\|egrep -q 'Red Hat Inc.\|CentOS Secure Boot Signing 201'`
	c4423d	`else`
	c4423d	`pesign --show-signature --in /boot/vmlinuz-${kernel}\|egrep -q 'Red Hat Inc.\|CentOS Secure Boot $key 1$'`
	c4423d	`fi`
	859aef	`t_CheckExitStatus $?`
	859aef	`done`
	859aef	`else`
	9a1e76	`t_Log "previous versions than CentOS 7 - or not x86_64 -aren't using secureboot ... skipping"`
	859aef	`exit 0`
	859aef	`fi`
	859aef