Public bug reported:
This is a request for a feature freeze exception to include FIPS into
the ubuntu-advantage-tool package.
This will allow UA customers to use the ubuntu-advantage script to do the
following
when "ubuntu-advantage enable-fips <token>" is issued from commandline,
- configure the private PPA where the FIPS modules are located
- install the FIPS modules from this PPA to the local machine from where the
script is run
- configure the bootloader to enable fips
Upon successful completion of these steps, the customer then gets a message
stating to reboot
the machine to complete the fips enablement process.
Without the script, customers must perform the steps manually.
The following fips packages are installed:
linux-fips, fips-initramfs (fips kernel)
openssl, libssl1.0.0, libssl1.0.0-hmac
openssh-server, openssh-server-hmac
openssh-client, openssh-client-hmac
strongswan, strongswan-hmac
The enable-fips component of the script will only work/run on xenial.
FIPS modules are currently certified for xenial only.
The patchset to include fips into ubuntu-advantage-tools includes
- additional code to script to support "enable-fips" option/flag
- additional code to script to support "is-fips-enabled" which reports if
fips is
enabled or not
- additional code to support "status" for fips
- addition to man page
- additional testcases for fips
- the fips private ppa keyring
** Affects: ubuntu-advantage-tools (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1718291
Title:
[FFe]: Include FIPS into the ubuntu-advantage tool
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1718291/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
