Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package yast2-bootloader for
openSUSE:Factory checked in at 2025-08-13 16:23:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2-bootloader (Old)
and /work/SRC/openSUSE:Factory/.yast2-bootloader.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2-bootloader"
Wed Aug 13 16:23:06 2025 rev:349 rq:1299069 version:5.0.24
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2-bootloader/yast2-bootloader.changes
2025-07-30 11:45:43.371581933 +0200
+++
/work/SRC/openSUSE:Factory/.yast2-bootloader.new.1085/yast2-bootloader.changes
2025-08-13 16:24:29.277425606 +0200
@@ -1,0 +2,7 @@
+Tue Aug 12 07:45:21 UTC 2025 - Stefan Schubert <[email protected]>
+
+- Do not register random recovery pin during FDE intallation.
+ (bsc#1247941)
+- 5.0.23
+
+-------------------------------------------------------------------
Old:
----
yast2-bootloader-5.0.23.tar.bz2
New:
----
yast2-bootloader-5.0.24.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2-bootloader.spec ++++++
--- /var/tmp/diff_new_pack.cPOX9C/_old 2025-08-13 16:24:40.837911638 +0200
+++ /var/tmp/diff_new_pack.cPOX9C/_new 2025-08-13 16:24:40.853912311 +0200
@@ -1,7 +1,7 @@
#
# spec file for package yast2-bootloader
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: yast2-bootloader
-Version: 5.0.23
+Version: 5.0.24
Release: 0
Summary: YaST2 - Bootloader Configuration
License: GPL-2.0-or-later
++++++ yast2-bootloader-5.0.23.tar.bz2 -> yast2-bootloader-5.0.24.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-bootloader-5.0.23/package/yast2-bootloader.changes
new/yast2-bootloader-5.0.24/package/yast2-bootloader.changes
--- old/yast2-bootloader-5.0.23/package/yast2-bootloader.changes
2025-07-28 11:08:41.000000000 +0200
+++ new/yast2-bootloader-5.0.24/package/yast2-bootloader.changes
2025-08-12 14:45:14.000000000 +0200
@@ -1,4 +1,11 @@
-------------------------------------------------------------------
+Tue Aug 12 07:45:21 UTC 2025 - Stefan Schubert <[email protected]>
+
+- Do not register random recovery pin during FDE intallation.
+ (bsc#1247941)
+- 5.0.23
+
+-------------------------------------------------------------------
Wed Jul 23 13:30:13 UTC 2025 - Stefan Schubert <[email protected]>
- Proposal cleanup: If the system supports BLS bootloader, select
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-bootloader-5.0.23/package/yast2-bootloader.spec
new/yast2-bootloader-5.0.24/package/yast2-bootloader.spec
--- old/yast2-bootloader-5.0.23/package/yast2-bootloader.spec 2025-07-28
11:08:41.000000000 +0200
+++ new/yast2-bootloader-5.0.24/package/yast2-bootloader.spec 2025-08-12
14:45:14.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2-bootloader
-Version: 5.0.23
+Version: 5.0.24
Release: 0
Summary: YaST2 - Bootloader Configuration
License: GPL-2.0-or-later
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-bootloader-5.0.23/src/lib/bootloader/bls.rb
new/yast2-bootloader-5.0.24/src/lib/bootloader/bls.rb
--- old/yast2-bootloader-5.0.23/src/lib/bootloader/bls.rb 2025-07-28
11:08:41.000000000 +0200
+++ new/yast2-bootloader-5.0.24/src/lib/bootloader/bls.rb 2025-08-12
14:45:14.000000000 +0200
@@ -107,6 +107,7 @@
end
# Enable TPM2/FIDO2 if it is required
+ # rubocop:disable Metrics/AbcSize
def self.set_authentication
generate_machine_id
devicegraph = Y2Storage::StorageManager.instance.staging
@@ -118,19 +119,16 @@
# encryption is enough.
next if d.authentication.value == "password"
+ # Password used by systemd-cryptenroll to unlock the device (LUKS2)
export_password(d.password, "cryptenroll")
- export_password(d.password, "sdbootutil") if d.authentication.value ==
"tpm2+pin"
-
- if d.authentication.value == "fido2"
- Yast::Popup.Message(
- format(_(
- "Please ensure that a FIDO2 Key is connected to your system in
order to " \
- "enroll the authentication for device %{device}.\n" \
- "You will be asked to push the FIDO2 key button twice for " \
- "transfering the information."
- ), device: d.blk_device.name)
- )
+ # Password used by sdbootutil as a recovery PIN
+ if d.authentication.value == "tpm2" || d.authentication.value ==
"tpm2+pin"
+ export_password(d.password, "sdbootutil")
end
+ # Password used by sdbootutil as a TPM2 PIN
+ export_password(d.password, "sdbootutil-pin") if
d.authentication.value == "tpm2+pin"
+
+ ask_for_fido2_key(d.blk_device.name) if d.authentication.value ==
"fido2"
begin
Yast::Execute.on_target!(SDBOOTUTIL,
"enroll", "--method=#{d.authentication.value}",
@@ -146,6 +144,7 @@
end
end
end
+ # rubocop:enable Metrics/AbcSize
def self.generate_machine_id
Yast::SCR.Execute(Yast::Path.new(".target.remove"), "/etc/machine-id")
@@ -183,5 +182,16 @@
)
end
end
+
+ def self.ask_for_fido2_key(device_name)
+ Yast::Popup.Message(
+ format(_(
+ "Please ensure that a FIDO2 Key is connected to your system in order
to " \
+ "enroll the authentication for device %{device}.\n" \
+ "You will be asked to push the FIDO2 key button twice for " \
+ "transfering the information."
+ ), device: device_name)
+ )
+ end
end
end
