Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

SWIFT: Generate New Ti...

SWIFT: POC Conversion

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Done-Errata
Priority: Undefined
Fix Version/s: rhel-9.7
Affects Version/s: rhel-9.6
Component/s: lorax-templates-rhel
Labels:
- rn-yml

Fixed in Build:
lorax-templates-rhel-9.7-1.el9
Regression:
No
Severity:
Low

AssignedTeam:
image-builder-1

Internal Target Milestone:
14
Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
Yes
Sprint:
None

Preliminary Testing:
Pass
Errata Link:
https://errata.engineering.redhat.com/advisory/150013
Test Coverage:

RegressionOnly

Release Note Type:
Enhancement
Release Note Text:

Hide
.New boot menu entry for `fips=1` added to ISO installations

With this update, the DVD and Boot ISO image installations provide a new boot menu entry for setting the `fips=1` kernel boot option. This simplifies the process, as enabling FIPS mode during the RHEL installation ensures that the system generates all keys with FIPS-approved algorithms and continuous monitoring tests in place. By using this boot option, you start the installation with the `fips=1` kernel parameter and you can target the system's compliance with Federal Information Processing Standards (FIPS) 140 requirements.

Show
.New boot menu entry for `fips=1` added to ISO installations With this update, the DVD and Boot ISO image installations provide a new boot menu entry for setting the `fips=1` kernel boot option. This simplifies the process, as enabling FIPS mode during the RHEL installation ensures that the system generates all keys with FIPS-approved algorithms and continuous monitoring tests in place. By using this boot option, you start the installation with the `fips=1` kernel parameter and you can target the system's compliance with Federal Information Processing Standards (FIPS) 140 requirements.
Release Note Status:
Done
ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

In RHEL10 we are adding a menu to the boot.iso that sets fips=1 on the kernel cmdline when booting the anaconda installer. We should also add this to RHEL 9.8 for consistency.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

rhel9.7-fips.png
7 kB
2025/05/16 5:02 PM

clones

RHEL-91929 [RHEL-10] Add a menu entry to the boot.iso to boot with fips=1

Closed

is related to

RHELDOCS-20588 RHEL 9.6 DISA STIG security profile not adding "fips=1" to kernel

Closed

links to

RHBA-2025:150013 lorax-templates-rhel update

Assignee:: Brian Lane

Reporter:: Brian Lane

Developer:: Brian Lane

QA Contact:: Release Test Team

Doc Contact:: Mirek Jahoda

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2025/05/15 5:20 PM

Updated:: 2025/11/11 12:07 PM

Resolved:: 2025/11/11 12:02 PM

Target end:: 2025/06/02

Next Planned Release Date:: 2025/11/11

Release Date:: 2025/11/11

Details

Description

Attachments

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates