Hey everyone… had a nightmare where the normal install of nvivida jsut doesnt work anymore, causues me lots of problems… wont play videos… crashes chrome etc..
now ive just followed this - Nvidia Drivers on Rocky Linux ( rpm ) now everything works perfectly again..
does anyone know how i can get secure boot working with those instructions?
Thanks!!!
Secure boot requires the drivers to be signed. If they aren’t signed, then you need to ask whoever packaged them to sign them. Or just leave secure boot disabled.
oh okay, i thought youd jsut be able to do like you could on the other instructions that used to work..
god im in a right situation..
I don’t have a problem with secure boot being turned off. Have had it turned off for years. Some may say it’s not wise, but then I don’t do dodgy things on my computer, don’t visit weird websites, and don’t click dodgy links on social media.
If you used the drivers from rpmfusion then there is the possibility they are already signed. To check you use the modinfo utility. For my VirtualBox modules this is what the output looks like on Fedora:
$ modinfo vboxdrv
filename: /lib/modules/6.15.8-100.fc41.x86_64/extra/VirtualBox/vboxdrv.ko.xz
version: 7.1.10_RPMFUSION r169112 (0x00340001)
license: GPL
description: Oracle VirtualBox Support Driver
author: Oracle and/or its affiliates
srcversion: 3DF1B40A8B5F27CD18177B4
depends:
name: vboxdrv
retpoline: Y
vermagic: 6.15.8-100.fc41.x86_64 SMP preempt mod_unload
sig_id: PKCS#7
signer: t4s-646628455
sig_key: 0D:C1:50:95:C1:22:5C:EE:8C:B8:E2:B1:EE:A6:8C:28:2E:D8:3C:FF
sig_hashalgo: sha256
signature: 7A:B4:27:E9:94:1D:F3:97:F7:72:BD:44:D6:3F:12:A3:9E:6D:26:4E:
81:19:34:BE:6A:0C:96:10:80:1F:B....
you will have to explore with lsmod to figure out what the nvidia driver is called.
If you find the drivers are signed then the next step is to enroll them to the UEFI bios with the mockutil command. It has a man page so read it. The public and private certs can be found here:
/etc/pki/akmods/certs and /etc/pki/akmods/private
The command to enroll will be something like this:
mokutil -i /etc/pki/akmods/certs/public_key.der
Now don’t rush to do this as the enrollment process varies by motherboard manufacturer. On my linux laptop once you issue the command and reboot you are prompted to proceed and confirm actions. On my rocky server on reboot nothing happens because you have to enter the bios and find the security page and then fumble through the process there.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.