Overview

File crypto-policies-fips-mode-setup-dracut.patch of Package crypto-policies.39697

From 787735428661eb84701dadb302c4977cf649a8f6 Mon Sep 17 00:00:00 2001
From: Alexander Sosedkin <asosedkin@redhat.com>
Date: Fri, 20 Sep 2024 17:37:00 +0200
Subject: [PATCH] fips-mode-setup: tolerate fips dracut module presence w/o
 FIPS

---
 fips-mode-setup | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/fips-mode-setup b/fips-mode-setup
index fb85ba8..cb564b7 100755
--- a/fips-mode-setup
+++ b/fips-mode-setup
@@ -143,11 +143,12 @@ if test $check = 1 ; then
 
 	# Decide 2: initramfs module presence
 	if test "$initramfs_inspectable" = 1 ; then
-		if test "$initramfs_fips_module" = 1 ; then
-			fips_positive=1
-		else
+		if test "$initramfs_fips_module" != 1 ; then
 			fips_negative=1
 		fi
+		# from dracut ~104 the module will be always enabled,
+		# so *not* having it is a fips_negative sign,
+		# but having it is neither
 	fi
 
 	# Decide 3: active crypto-policy
-- 
GitLab
openSUSE Build Service is sponsored by
Places