-
Bug
-
Resolution: Unresolved
-
Undefined
-
None
-
rhel-10.0.beta
-
None
-
None
-
rhel-sst-security-special-projects
-
ssg_security
-
None
-
False
-
-
No
-
Red Hat Enterprise Linux
-
None
-
Unspecified Release Note Type - Unknown
-
None
For RHEL 10, Make clevis-pin-tpm2 required by clevis, so it gets used as default pin.
Rationale: clevis-pin-tpm2 is a newer/rewritten tpm2 pin that supports tpm2 authorized policies (although for this it needs a signing tool that is not part of Fedora/RHEL yet).
The change consists in adding a Requires: clevis-pin-tpm2 to the clevis spec file, making it required. Being available, clevis will use it as the tpm2 pin.
AC: make sure clevis includes clevis-pin-tpm2 as a dependency.
- relates to
-
RHEL-29279 clevis: rebase to clevis-20 [rhel-10]
- Release Pending
- links to
-
RHBA-2024:132292 clevis bug fix and enhancement update