removed tpm again

yast · Feb 27, 2025 · 237b8ad · 237b8ad
1 parent 8380843
commit 237b8ad
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 46 deletions.
diff --git a/src/lib/bootloader/bls.rb b/src/lib/bootloader/bls.rb
@@ -2,7 +2,6 @@
 
 require "fileutils"
 require "yast"
-require "y2storage"
 require "bootloader/sysconfig"
 require "bootloader/cpu_mitigations"
 require "cfa/grub2/default"
@@ -102,40 +101,5 @@ def self.default_menu
       end
       output
     end
-
-
-    # Enabe TPM2, if it is required
-    def self.enable_tpm2
-      return unless Y2Storage::StorageManager.instance.proposal
-      return unless Y2Storage::StorageManager.instance.proposal.settings.encryption_use_tpm2
-
-      begin
-        Yast::Execute.on_target!("keyctl", "padd", "user", "cryptenroll",
-           "@u", stdout: :capture,
-           stdin: Y2Storage::StorageManager.instance.proposal.settings.encryption_password)
-      rescue Cheetah::ExecutionFailed => e
-        Yast::Report.Error(
-          format(_(
-                   "Cannot pass the password via the keyring:\n" \
-                   "Command `%{command}`.\n" \
-                   "Error output: %{stderr}"
-                 ), command: e.commands.inspect, stderr: e.stderr)
-        )
-        return
-      end
-
-      begin
-        Yast::Execute.on_target!("/usr/bin/sdbootutil",
-                                 "enroll", "--method=tpm2")
-      rescue Cheetah::ExecutionFailed => e
-        Yast::Report.Error(
-          format(_(
-                   "Cannot enroll TPM2 method:\n" \
-                   "Command `%{command}`.\n" \
-                   "Error output: %{stderr}"
-                 ), command: e.commands.inspect, stderr: e.stderr)
-        )
-      end
-    end
   end
 end
diff --git a/src/lib/bootloader/grub2bls.rb b/src/lib/bootloader/grub2bls.rb
@@ -107,10 +107,7 @@ def proposed?
 
     # writes configuration to target disk
     def write(*)
-      if Yast::Stage.initial # while new installation only (currently)
-        Bls.install_bootloader
-        Bls.enable_tpm2
-      end
+      Bls.install_bootloader if Yast::Stage.initial # while new installation only (currently)
       Bls.create_menu_entries
       Bls.install_bootloader
       @sections.write
@@ -158,7 +155,7 @@ def packages
       res = super
       res << ("grub2-" + grub2bls_architecture + "-efi-bls")
       res << "sdbootutil"
-      res << "shim"
+      res << "shim" if secure_boot
       res
     end
 

diff --git a/src/lib/bootloader/systemdboot.rb b/src/lib/bootloader/systemdboot.rb
@@ -120,10 +120,7 @@ def read
     def write(etc_only: false)
       super
       log.info("Writing settings...")
-      if Yast::Stage.initial # while new installation only (currently)
-        Bls.install_bootloader
-        Bls.ble_tmp2
-      end
+      Bls.install_bootloader if Yast::Stage.initial # while new installation only (currently)
       write_kernel_parameter
       Bls.create_menu_entries
       Bls.write_menu_timeout(menu_timeout)
@@ -182,7 +179,7 @@ def packages
 
       case Yast::Arch.architecture
       when "x86_64"
-        res << "shim"
+        res << "shim" if secure_boot
       else
         log.warn "Unknown architecture #{Yast::Arch.architecture} for systemdboot"
       end