The encrypted partition is created after I enroll the signing key by mokutil and enable secure boot.
But, I get new error message (For details, please refer to attached photo):
taskrunner.go: 271: [change 2 "Setup system for run mode" task] failed: cannot make system runnable: cannot seal the encryption keys: cannot add EFI secure boot policy profile: cannot compute secure boot policy profile: secure boot configuration was modified after the initial configuration was measured, without performing a reboot.
Did I miss some patches when I backported patches to secboot/go-tpm2 which are currently used by snapd?
@Chris
The encrypted partition is created after I enroll the signing key by mokutil and enable secure boot.
But, I get new error message (For details, please refer to attached photo):
taskrunner.go: 271: [change 2 "Setup system for run mode" task] failed: cannot make system runnable: cannot seal the encryption keys: cannot add EFI secure boot policy profile: cannot compute secure boot policy profile: secure boot configuration was modified after the initial configuration was measured, without performing a reboot.
Did I miss some patches when I backported patches to secboot/go-tpm2 which are currently used by snapd?