Closed rmflom closed 8 months ago
you can turn iLO security back on after flashing the firmware to restore the security settings. this is also documented in the README under "Flashing Firmware"
What i meant is that, in my particular case, i had to disable Secure Boot on the BIOS in order to be able to flash the firmware. I read the whole documentation several times and it had 0 mentions regarding secure boot.
The only purpose of me creating this issue was for you to add a step on the README under "Flashing Firmware", that mentioned disabling Secure Boot on the RSBU (BIOS), if its enabled. Then it can be re-enabled.
By the way thank you a lot for the time invested on this project, it has helped me and others immensely!
i'm not sure how secure boot impacts the ability to communicate with the iLO's local API to perform the flashing step; it should only impact booting which shouldn't matter if you're using a secure boot enabled shim build of ubuntu.
with that said, point taken on the confusion. I'll take a closer look
I spent a couple of hours debugging why i wasnt able to flash the modified firmware on a ubuntu live USB Then I remembered that on this particular server (DL380G9) Secure Boot was enabled
After disabling it i was able to flash it. Bare in mind that the securuty override was disabled and i validated that on iLO web interface, that there was a notice there and i could login with any random amalgamation of letters, also during post there was always a alert message that the protection was disabled.
Here's the errors i got on ubuntu: write32: failed to map physical address xxx... to virtual address. ERROR: iLO security override switch isn't set.