------- Comment From heinz-werner_se...@de.ibm.com 2020-02-06 07:32 EDT------- After testing, it seems to be that the behaviour of the settings need addl. fixes... Stay tuned.
------- Comment From stefan.haberl...@de.ibm.com 2020-02-06 07:35 EDT------- OK, to be more precise. You can have the secure= entry in any of the following places: - in a configuration section: Example: [test] target = /boot image = /boot/image-test parmfile = /boot/parmfile-test secure = 1 - in the menu section: Example: :menu1 target = /boot 1 = linux 2 = test default = 1 prompt = 1 timeout = 0 secure = 1 - in the defaultboot section with defaultauto when NOT using a menu but generating an auto menu (this can be seen as a replacement for the :menu section) Example: [defaultboot] defaultauto target = /boot default = 1 secure = 1 You are right, the man page is misleading as it combines the [defaultboot] section containing a defaultmenu with the secure= entry. This does not work and we should fix the man page here. I do not completely understand the following question: > With multiple menus in zipl.conf: how does zipl -S work? There is only one active menu in the zipl.conf But nevertheless "zipl -S" should overwrite every setting from the zipl.conf regardless where secure= is specified. Also combinations of the various places are possible. The most significant entry wins. The expected significance of the different positions should be: "zipl-S " > menu section or "defaultauto" section > configuration section Hope this clarifies the situation a bit more. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1860531 Title: IPL on z15 always performed regardless of the secure-boot related settings To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu-z-systems/+bug/1860531/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
