sudo snap install fwupd
sudo fwupdmgr refresh
sudo fwupdmgr update
#(say yes, yes, and yes to reboot)
Gemini reassured that the devices listed with "no updates" are not a concern, we should only check whether the mokutil tests below work OK.
As per the verification link above,
Tested with
mokutil --db | grep "2023"
Not Before: Jun 13 19:21:47 2023 GMT
Subject: C=US, O=Microsoft Corporation, CN=Microsoft UEFI CA 2023
mokutil --kek | grep "2023"
Not Before: Mar 2 20:21:35 2023 GMT
Subject: C=US, O=Microsoft Corporation, CN=Microsoft Corporation KEK 2K CA 2023
Removed the fwupd snap, and also removed snap itself to prevent bloat
sudo snap remove fwupd
(and remove snap itself on ELS)
snap list
(if nothing other than core, core20, lxd, or snapd, can remove)
sudo systemctl disable --now snapd.service snapd.socket
sudo apt-get purge -y snapd
sudo rm -rf /snap /var/snap /var/lib/snapd /var/cache/snapd /usr/lib/snapd
Found that the L VM was already up-to-date since it was a newer VM, created in 2025.
SDev2 had to be updated in the same manner as for the HAPROXY VM above.
SSS web server also had to be updated in the same manner.
On the AWS VM, I see
mokutil --sb-state
EFI variables are not supported on this system
Gemini says,
You do not need to do anything for this AWS VM. You are completely in the clear.
Seeing EFI variables are not supported on this system means that this specific EC2 instance is not using UEFI Secure Boot at all. In fact, it is likely booting using Legacy BIOS rather than UEFI.
With that, all the VMs seem to be accounted for.
No comments:
Post a Comment