We have some patches in the ebuild to replace hardcoded paths. See bug 763180. Reproducible: Always Steps to Reproduce: 1. Install a VM, e.g. lxc init images:debian/bookworm debian-bookworm --vm 2. start it: lxc start debian-bookworm Actual Results: You will get the following error message: Error: Required EFI firmware settings file missing "/usr/share/edk2-ovmf/OVMF_VARS.secboot.fd" Try `lxc info --show-log debian-bookworm` for more info To resolve this '-e "s:OVMF_VARS.ms.fd:OVMF_VARS.secboot.fd:g" \' has to be replaced with '-e "s:OVMF_VARS.ms.fd:OVMF_VARS.fd:g" \'.
I've always started the vm's with "-c security.secureboot=false" but if this fixes the secure boot issue we've had... great! I can't test this in a few days, but it seems reasonable enough to commit already. I do guess bug #830006 is what eventually fixed the issue for lxd too.
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=595a3534d50588cb5fcb9f5a2be13401ed7b0f34 commit 595a3534d50588cb5fcb9f5a2be13401ed7b0f34 Author: Joonas Niilola <juippis@gentoo.org> AuthorDate: 2022-10-12 16:39:50 +0000 Commit: Joonas Niilola <juippis@gentoo.org> CommitDate: 2022-10-12 16:39:50 +0000 app-containers/lxd: fix ebuild to support secure boot with VMs Closes: https://bugs.gentoo.org/876796 Signed-off-by: Joonas Niilola <juippis@gentoo.org> app-containers/lxd/lxd-5.0.1-r1.ebuild | 190 +++++++++++++++++++++++++++++++++ 1 file changed, 190 insertions(+)
