-
Bug
-
Resolution: Unresolved
-
Critical
-
rhel-9.6
-
clevis-21-202.el9
-
No
-
Critical
-
1
-
rhel-sst-security-special-projects
-
ssg_security
-
None
-
False
-
-
None
-
Red Hat Enterprise Linux
-
SECENGSP Cycle 10
-
None
As it has been discovered in v21, recent PKCS#11 changes are breaking Tang functionality at boot time.
For more information about failing scenario, please check next links:
https://github.com/cockpit-project/cockpit/issues/21048
https://bodhi.fedoraproject.org/updates/FEDORA-2024-5f97e1176b
Steps to reproduce
- Install clevis-21-1.el9.x86_64
- Configure clevis to use tang pin and execute dracut
- Reboot machine
Expected results
Clevis should boot automatically
Actual results
Machine gets blocked with message: "Detected empty PKCS#11 device, redetect (Y/N)?:"
- is cloned by
-
RHEL-61186 [RHEL10]: clevis: v21 breaks tang functionality at boot time
- Release Pending
- links to
-
RHBA-2024:139484 clevis bug fix and enhancement update