Steven Shiau
2018-09-11 07:50:45 UTC
Hi Simon, Doug,
I'd like to raise this issue again. It was discussed last year:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011372.html
Now with dnsmasq 2.79-1 on Ubuntu cosmic:
# dpkg -l dnsmasq
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-======================-================-================-=================================================
ii dnsmasq 2.79-1 all Small
caching DNS proxy and DHCP/TFTP server
I have copied /usr/lib/shim/shimx64.efi.signed as bootx64.efi in the
tftpboot root, and copied
/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed as grubx64.efi in
the tftpboot root, too.
If I use the following in dnsmasq.conf:
========================
dhcp-boot=pxelinux.0
dhcp-match=set:efi-x86_64,option:client-arch,7
dhcp-boot=tag:efi-x86_64,bootx64.efi
========================
Then the uEFI network booting client is able to boot in secure mode.
However,
If I use the following in dnsmasq.conf:
========================
pxe-service=X86PC, "Boot BIOS PXE", pxelinux.0
pxe-service=BC_EFI, "Boot UEFI BC", bootx64.efi
pxe-service=X86-64_EFI, "Boot UEFI X86-64", bootx64.efi
========================
Then uEFI nework booting client is _NOT_ able to boot in secure mode.
Even when secure boot mode is disabled, the client is _NOT_ able to
network boot. It just enters local machine OS.
The problem is, I need the pxe-service config so that the proxy mode can
work. That's why I can not use dhcp-boot option.
Any solution to this? Thank you very much.
Steven
I'd like to raise this issue again. It was discussed last year:
http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011372.html
Now with dnsmasq 2.79-1 on Ubuntu cosmic:
# dpkg -l dnsmasq
Desired=Unknown/Install/Remove/Purge/Hold
|
Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-======================-================-================-=================================================
ii dnsmasq 2.79-1 all Small
caching DNS proxy and DHCP/TFTP server
I have copied /usr/lib/shim/shimx64.efi.signed as bootx64.efi in the
tftpboot root, and copied
/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed as grubx64.efi in
the tftpboot root, too.
If I use the following in dnsmasq.conf:
========================
dhcp-boot=pxelinux.0
dhcp-match=set:efi-x86_64,option:client-arch,7
dhcp-boot=tag:efi-x86_64,bootx64.efi
========================
Then the uEFI network booting client is able to boot in secure mode.
However,
If I use the following in dnsmasq.conf:
========================
pxe-service=X86PC, "Boot BIOS PXE", pxelinux.0
pxe-service=BC_EFI, "Boot UEFI BC", bootx64.efi
pxe-service=X86-64_EFI, "Boot UEFI X86-64", bootx64.efi
========================
Then uEFI nework booting client is _NOT_ able to boot in secure mode.
Even when secure boot mode is disabled, the client is _NOT_ able to
network boot. It just enters local machine OS.
The problem is, I need the pxe-service config so that the proxy mode can
work. That's why I can not use dhcp-boot option.
Any solution to this? Thank you very much.
Steven
--
Steven Shiau <steven _at_ stevenshiau org>
Public Key Server PGP Key ID: 4096R/163E3FB0
Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0
Steven Shiau <steven _at_ stevenshiau org>
Public Key Server PGP Key ID: 4096R/163E3FB0
Fingerprint: EB1D D5BF 6F88 820B BCF5 356C 8E94 C9CD 163E 3FB0