See this email for details.

TL/DR: fips-mode-setup is going away in RHEL 10 (only for now), and be replaced with adding fips=1 to the kernel command line. For compatibility with RHEL 9 and Fedora, we need to first check if the script exists, and fall back to kernel CLI.

Tangentially this email also mentioned that "FIPS mode on Fedora is really not meaningful.". I asked whether we should still support that in Cockpit then: it's good for testing and development, and making sure stuff generally works in FIPS mode, but no commercial support/guarantee — so pretty much exactly what Fedora is. So let's keep that.