Closed lobsec closed 1 year ago
Hi @lobsec! Probably it's a secure boot issue. You can try to do something like:
sudo /usr/src/linux-headers-$(uname -r)/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n xpad)
However, have you ever tried modern bpf (sysdig --modern-bpf
)? It should work with out the kernel module! š
Hi @therealbobo and thanks for your time. Yes, secure boot is enabled.
$ sudo mokutil --sb-state
SecureBoot enabled
I create the keys with
openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -days 36500 -subj "/CN=Sysdig/"
and then I sign them with
$ sudo /usr/src/kernels/$(uname -r)/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n scap)
$ sudo mokutil --import MOK.der
After that I reboot and I enrolled the keys but nothing has changed.
Did you enrolled the mok? š¤
Yes I did. Tomorrow I'll try to disable secure boot feature and try again. If that doesn't work, maybe it's not compatible with Almalinux.
I'm pretty sure that it's compatible. I'll fire up a vm and give it a try! š
I can confirm that is a secure boot related issue: I've tried to disable it, reboot and then it runs perfectly.
I close this but feel to reopen if anything new comes up! š
Hi everyone, I finally found the solution on Almalinux 9.x with secure boot on.
sudo dnf remove sysdig
sudo dnf install openscap openscap-utils scap-security-guide
sudo dnf install sysdig
sudo mokutil --import /var/lib/dkms/mok.pub
(path of the MOK file will be shown during the sysdig installation
Hi community. I've just installed sysdig on a fresh Almalinux 9.2 by using the rpm in the github repo. The installation process seems to be ok
but if I try to run sysdig as root I receive the error message below.
If I try to run
modprobe scap
I receive an error messagge likeHere's my system information: Kernel:
5.14.0-284.18.1.el9_2.x86_64
Installed kernel packages:Thanks to anyone can help me.