From 6b16f360755c8aeda01bf4e7b01a9422024f384b Mon Sep 17 00:00:00 2001 From: Johnny Hughes Date: Apr 06 2023 16:47:06 +0000 Subject: add a variable for the key for secureboot kernel --- diff --git a/tests/p_kernel/02_kernel_secureboot_signed.sh b/tests/p_kernel/02_kernel_secureboot_signed.sh index b4a8bbe..69b1f71 100755 --- a/tests/p_kernel/02_kernel_secureboot_signed.sh +++ b/tests/p_kernel/02_kernel_secureboot_signed.sh @@ -8,8 +8,13 @@ if [[ "$centos_ver" -ge 7 && "$arch" = "x86_64" ]] ; then for kernel in $(rpm -q kernel --queryformat '%{version}-%{release}.%{arch}\n') do t_Log "Validating kernel $kernel ..." + if [[ "$centos_ver" -eq 8 ]] ; then + key_ver="201" + elif [[ "$centos_ver" -eq 9 ]] ; then + key_ver="201" + fi if [[ "$centos_ver" -ge 8 && "$kernel" > "4.18.0-480.el8" ]] ; then - pesign --show-signature --in /boot/vmlinuz-${kernel}|egrep -q 'Red Hat Inc.|CentOS Secure Boot Signing 201' + pesign --show-signature --in /boot/vmlinuz-${kernel}|egrep -q "Red Hat Inc.|CentOS Secure Boot Signing $key_ver" else pesign --show-signature --in /boot/vmlinuz-${kernel}|egrep -q 'Red Hat Inc.|CentOS Secure Boot \(key 1\)' fi