Hi Simon, Doug, I'd like to raise this issue again. It was discussed last year: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011372.html Now with dnsmasq 2.79-1 on Ubuntu cosmic: # dpkg -l dnsmasq Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++-======================-================-================-================================================= ii dnsmasq 2.79-1 all Small caching DNS proxy and DHCP/TFTP server
I have copied /usr/lib/shim/shimx64.efi.signed as bootx64.efi in the tftpboot root, and copied /usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed as grubx64.efi in the tftpboot root, too. If I use the following in dnsmasq.conf: ======================== dhcp-boot=pxelinux.0 dhcp-match=set:efi-x86_64,option:client-arch,7 dhcp-boot=tag:efi-x86_64,bootx64.efi ======================== Then the uEFI network booting client is able to boot in secure mode. However, If I use the following in dnsmasq.conf: ======================== pxe-service=X86PC, "Boot BIOS PXE", pxelinux.0 pxe-service=BC_EFI, "Boot UEFI BC", bootx64.efi pxe-service=X86-64_EFI, "Boot UEFI X86-64", bootx64.efi ======================== Then uEFI nework booting client is _NOT_ able to boot in secure mode. Even when secure boot mode is disabled, the client is _NOT_ able to network boot. It just enters local machine OS. The problem is, I need the pxe-service config so that the proxy mode can work. That's why I can not use dhcp-boot option. Any solution to this? Thank you very much. Steven -- Steven Shiau <steven _at_ stevenshiau org> Public Key Server PGP Key ID: 4096R/163E3FB0 Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0 _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss