I’m attempting to provision PXE-less using the latest FDI 3.7.5 on bare metal hosts, I see UEFI support was only just recently supported and it seems as if the image passes the correct arguments to kexec when secure boot is enabled. However when I have secure boot enabled I get an error message back stating that the require key is not available.
Apr 22 04:09:01 fdi sudo[1884]: foreman-proxy : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/sbin/kexec --debug --force --kexec-file-syscall --append=url=http://edsforeman.lan/unattended/provision?token=7a71970b-ba2b-4e72-ad06-35eb2e6a6792&static=yes interface=c8:f7:50:f5:18:77 netcfg/get_ipaddress=192.168.1.17 netcfg/get_netmask=255.255.255.0 netcfg/get_gateway=192.168.1.1 netcfg/get_nameservers=192.168.1.101 netcfg/disable_dhcp=true netcfg/get_hostname=macc8f750f51877.lan BOOTIF=00-c8-f7-50-f5-18-77 nomodeset nokaslr auto=true domain=lan console-setup/ask_detect=false console-setup/layout=USA console-setup/variant=USA keyboard-configuration/layoutcode=us localechooser/translation/warn-light=true localechooser/translation/warn-severe=true locale=en_US --initrd=/tmp/initrd.img /tmp/vmlinuz
Apr 22 04:09:01 fdi systemd[1]: Started Session c1 of user root.
Apr 22 04:09:01 fdi sudo[1884]: pam_unix(sudo:session): session opened for user root by (uid=0)
Apr 22 04:09:01 fdi smart-proxy[1489]: Try gzip decompression.
Apr 22 04:09:01 fdi smart-proxy[1489]: Try LZMA decompression.
Apr 22 04:09:01 fdi smart-proxy[1489]: lzma_decompress_file: read on /tmp/vmlinuz of 65536 bytes failed
Apr 22 04:09:01 fdi smart-proxy[1489]: kexec_file_load failed: Required key not available
Apr 22 04:09:01 fdi sudo[1884]: pam_unix(sudo:session): session closed for user root
Apr 22 04:09:01 fdi foreman-proxy[1489]: The attempted command failed with code 255
Is there some customization I need to do to the image to support having secure boot enabled? a custom built FDI?