rpm -Va shows /boot/efi mode different from vendor default
Posted: 2018/04/16 16:25:29
If you run , it shows that the mode of the files is different than the vendor defaults. This is an issue for STIG requirements.
Neither running
nor reinstalling shim seems to fix this. Any idea how to do this?
I found this on redhat, https://access.redhat.com/solutions/3237921, but can't access it because I don't have a subscription.
Code: Select all
rpm -Va | grep '^.M'
Code: Select all
.M....... /boot/efi/EFI/BOOT/BOOTX64.EFI
.M....... /boot/efi/EFI/BOOT/fbx64.efi
.M....... /boot/efi/EFI/centos/BOOT.CSV
.M....... /boot/efi/EFI/centos/BOOTX64.CSV
.M....... /boot/efi/EFI/centos/mmx64.efi
.M....... /boot/efi/EFI/centos/shim.efi
.M....... /boot/efi/EFI/centos/shimx64-centos.efi
.M....... /boot/efi/EFI/centos/shimx64.efi
Code: Select all
rpm --setperms shim-x64-12-1.el7.x86_64
rpm --setperms shim-x64-12-1.el7.x86_64
I found this on redhat, https://access.redhat.com/solutions/3237921, but can't access it because I don't have a subscription.