Document link:

https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/using_image_mode_for_rhel_to_build_deploy_and_manage_operating_systems/enabling-the-fips-mode-while-building-a-bootc-image

Section number and name:

Chapter 8. Enabling the FIPS mode while building a bootc image

Describe the issue:

In verification steps for both 8.1 and 8.2 there is:

$ *fips-mode-setup --check*
FIPS mode is enabled.

But in reality you'll get:

$ *fips-mode-setup --check* 
Installation of FIPS modules is not completed.
FIPS mode is enabled.
Inconsistent state detected.

This is a harmless message and it was discussed extensively in https://issues.redhat.com/browse/RHELBU-2798?focusedId=24884264&page=com.atlassian.jira.plugin.system.issuetabpanels%3Acomment-tabpanel#comment-24884264. mpact of this issue:

Customer might be misled by a different output than the one documented.

Suggestions for improvement:

and I would suggest to follow the RHEL-10 documentation and use the same verification steps for RHEL-9 too, ie.:

$ cat /proc/sys/crypto/fips_enabled
1
$ update-crypto-policies --show
FIPS

See verification in 7.2 of https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10-beta/html/using_image_mode_for_rhel_to_build_deploy_and_manage_operating_systems/enabling-the-fips-mode-while-building-a-bootc-image#enabling-the-fips-mode-to-perform-an-anaconda-installation. This is perfectly valid for RHEL-9 too.