That is correct, SL and TUV do not support secure boot at this time.
This link is a year old, and I am sure more support it by now, but:
http://mjg59.dreamwidth.org/20522.html
I'm sure a more up to date list can be found with moderate searching.
On 09/24/2013 11:46 AM, Yasha Karant wrote:
This thread started because my colleague is using SuSE and tried Ubuntu
-- and both failed to secure boot properly from the generic hardware to
which he upgraded. This failure prompted a question about SL (as a
no-fee option for a TUV enterprise, commercial, supported, production
Linux base).
Evidently, the current answer for SL is that it is not UEFI Secure Boot
enabled, and SL 6x cannot reliably be installed upon such systems --
depending upon the quirks (or proprietary generosity) of the actual BIOS
supplier.
Yasha Karant
On 09/24/2013 09:04 AM, Connie Sieh wrote:
On Tue, 24 Sep 2013, Yasha Karant wrote:
Secure boot is enabled. Evidently, the only means to disable secure
boot requires that a secure boot loader/configuration program be running
-- e.g., the MS proprietary boot loader (typically, supplied as part of
MS Windows 8) must be used to disable secure boat if the UEFI actually
permits this to be disabled (I have heard of some UEFI implementations
that do not permit secure boot truly to be disabled).
If the system is Windows 8 logo compatible and is x86_4 then a way to
disable "secure boot" must be provided by the hardware vendor. This is
commonly done via a option in the "bios". This requirement is part of
the "microsoft windows 8 logo requirements". Note the method of
disabling is not defined by the UEFI spec. So each vendor may do it
differently.
The only hardware that does not permit "secure boot" to be disabled is
arm based Windows. The Windows logo requirements at at work here.
>
If Linux cannot handle this issue, then Linux is finished on all generic
(e.g., not Apple that supplies both the hardware and operating
environment software under a restrictive proprietary for-profit
intellectual property license) X86-64 hardware, as (almost?) all current
such hardware is MS 8 (UEFI secure boot) compliant.
At the moment Fedora, SuSE , Ubuntu all can handle "secure boot". It is
expected that RHEL 7 will also handle it. It is also possible to "sign"
your own kernel and place your keys in the "bios".
-connie
Yasha Karant
On 09/23/2013 10:29 PM, Connie Sieh wrote:
On Mon, 23 Sep 2013, Yasha Karant wrote:
A colleague who uses SuSE non-enterprise for his professional
(enterprise) workstations has now attempted to load the latest SuSE
on a
machine with a new generic (aftermarket) "gamer" UEFI X86-64
motherboard. It does not properly boot. I do not have any UEFI
motherboards, and thus no experience with SL6x on such motherboards.
Is "secure boot" enabled in the UEFI ?
Does anyone? Does SL6x boot correctly (and easily) on a UEFI
motherboard? If so, he may switch to SL.
Yes as long as "secure boot" is disabled .
Yasha Karant
-connie sieh
--
Mr. Mark V. Stodola
Senior Control Systems Engineer
National Electrostatics Corp.
P.O. Box 620310
Middleton, WI 53562-0310 USA
Phone: (608) 831-7600
Fax: (608) 831-9591
