rpms/mokutil
6
0
Fork 0
Code Issues Pull Requests Releases Activity

return zero in case --test-key is enrolled

Browse Source 
Resolves: #RHEL-90836
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
This commit is contained in:
Leo Sandoval 2025-07-04 17:03:42 -06:00
parent 853ac02b9c
commit fa1c018530
3 changed files with 47 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
0006-return-zero-in-case-test-key-is-enrolled.patch Normal file
View File

@ -0,0 +1,40 @@
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Leo Sandoval <lsandova@redhat.com>
Date: Fri, 27 Jun 2025 17:28:58 -0600
Subject: [PATCH] return zero in case --test-key is enrolled
Otherwise it returns non-zero even if key is enrolled, indicating a
negative result.
With this change, the --test-key return code would be following
[root@localhost ~]# mokutil --test-key sb_cert.cer
sb_cert.cer is already enrolled
[root@localhost ~]# echo $?
0
instead of
[root@localhost ~]# mokutil --test-key sb_cert.cer
sb_cert.cer is already enrolled
[root@localhost ~]# echo $?
1
Signed-off-by: Leo Sandoval <lsandova@redhat.com>
---
src/mokutil.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/mokutil.c b/src/mokutil.c
index 918ca06..368524b 100644
--- a/src/mokutil.c
+++ b/src/mokutil.c
@@ -1590,7 +1590,7 @@ test_key (const MokRequest req, const char *key_file)
ret = 1;
} else {
print_skip_message (key_file, key, read_size, req);
- ret = 1;
+ ret = 0;
}
error:

3
mokutil.patches
View File

@ -2,4 +2,5 @@ Patch0001: 0001-mokutil.c-show-help-if-no-args-or-help-even-on-unsup.patch
Patch0002: 0002-mokutil-fix-a-typo-mock.patch
Patch0003: 0003-mokutil-remove-unused-int_to_b64.patch
Patch0004: 0004-mokutil.c-on-test-key-return-non-zero-if-test-key-is.patch
Patch0005: 0005-mokutil-introduce-is-sb-enabled-parameter.patch
Patch0005: 0005-mokutil-introduce-is-sb-enabled-parameter.patch
Patch0006: 0006-return-zero-in-case-test-key-is-enrolled.patch

6
mokutil.spec
View File

@ -1,6 +1,6 @@
Name: mokutil
Version: 0.7.2
Release: 2%{?dist}
Release: 3%{?dist}
Epoch: 2
Summary: Tool to manage UEFI Secure Boot MoK Keys
License: GPL-3.0-or-later
@ -47,6 +47,10 @@ mokutil provides a tool to manage keys for Secure Boot through the MoK
%{_datadir}/bash-completion/completions/mokutil
%changelog
* Fri Jun 27 2025 Leo Sandoval <lsandova@redhat.com> - 0.7.2-3
- Return zero in case --test-key is enrolled
- Resolves: #RHEL-90836
* Mon May 12 2025 Leo Sandoval <lsandova@redhat.com> - 0.7.2-2
- Rebase several patches from upstream which:
- Introduce --is-sb-enabled parameter and better return codes