Skip to content

bootloader-updates: automatic updates for the bootloader are enabled by default #779

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
dustymabe merged 1 commit into from
Jan 2, 2026
Merged

bootloader-updates: automatic updates for the bootloader are enabled by default #779

dustymabe merged 1 commit into from
Jan 2, 2026

Conversation

@rich-purnell
Copy link
Contributor

@rich-purnell rich-purnell commented Dec 15, 2025

Starting from F43, the bootloader-update.service is enabled by default.

Related commit: https://gitlab.com/fedora/bootc/base-images/-/commit/6af3341f8037c872985e5b0e8a92e9470b18ddb7

@rich-purnell
bootloader-updates: automatic updates for the bootloader are enabled …
72ca1cc 
…by default

Starting from F43, the `bootloader-update.service` is enabled by default.
@dustymabe
Copy link
Member

dustymabe commented Jan 2, 2026

Thanks @rich-purnell - I think some of the flow here can be cleaned up but we can do that in a followup PR.

dustymabe
dustymabe approved these changes Jan 2, 2026
View reviewed changes
modules/ROOT/pages/bootloader-updates.adoc
hypervisors that support Secure Boot. An example reason to update the
bootloader is for https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/[the BootHole vulnerability].

At the moment, only the EFI system partition (i.e. not the BIOS MBR) can be updated by bootupd.
Copy link
Member

@dustymabe dustymabe Jan 2, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we update the MBR now too. @HuijingHei do you know?

Copy link
Member

@HuijingHei HuijingHei Jan 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we update the MBR now too. @HuijingHei do you know?

Yes, you are right. Will update this later.

@dustymabe dustymabe merged commit 11a4954 into coreos:main Jan 2, 2026
1 check passed
HuijingHei added a commit to HuijingHei/fedora-coreos-docs that referenced this pull request Jan 5, 2026
@HuijingHei
bootloader-updates: BIOS can also be updated by bootupd
dbc3dc7 
Inspired by Dusty's comment:
coreos#779 (comment)
@HuijingHei HuijingHei mentioned this pull request Jan 5, 2026
Merged
HuijingHei added a commit to HuijingHei/fedora-coreos-docs that referenced this pull request Jan 5, 2026
@HuijingHei
bootloader-updates: BIOS can also be updated by bootupd
36f5744 
Inspired by Dusty's comment:
coreos#779 (comment)
travier pushed a commit that referenced this pull request Jan 8, 2026
@HuijingHei @travier
bootloader-updates: BIOS can also be updated by bootupd
48e27e3 
Inspired by Dusty's comment:
#779 (comment)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@HuijingHei HuijingHei HuijingHei left review comments

@dustymabe dustymabe dustymabe approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@rich-purnell @dustymabe @HuijingHei