Ubuntu内核更新后,开启安全引导无法运行VMware。为解决此问题,可以不关闭安全引导,而是通过UEFI界面Enroll密钥或使用openssl创建并签名vmmom和vmnet模块,然后导入到UEFI。
[已过时]
[Out of Date]
Ubuntu内核更新 不能运行 vmware
linux uefi 开启安全引导之后不能运行VMware 。。。
更新:
2019.04.03:
内核更新后又不好使了:
4.18.0-17-generic #18-Ubuntu
幸亏uefi 有安全引导setup模式
sudo vmware-modconfig --console --install-all
Starting VMware services:
Virtual machine monitor failed
Virtual machine communication interface done
VM communication interface socket family done
Blocking file system done
Virtual ethernet failed
VMware Authentication Daemon done
Unable to start services
找了很多,都是把安全引导关了,,这什么解决方式啊,(脏话)
话不多说
VMwareKB 的解答
https://kb.vmware.com/s/article/2146460
过段时间再翻译
翻译
面向小白:
$openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -days 36500 -subj "/CN=VMware/"
$sudo /usr/src/linux-headers-`uname -r`/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmmon)
$sudo /usr/src/linux-headers-`uname -r`/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmnet)
$sudo mokutil --import MOK.der
重启电脑在开机之前的uefi界面Enroll 密钥
对大佬:
用openssl创建密钥对 vmmom, vmnet 模块签名并导入到uefi
原文
Resolution
Notes:Workstation does not ship vmmon.ko and vmnet.ko in the bundle
currently. The two modules are built during the installation or the
first launch of workstation.
During the installation if the host provides the proper kernel headers and gcc, these two modules will be built silently. The
progress is logged into /tmp/vmware-root/vmware-PID.log.
When workstation is first launched, a dialog will pop up to ask you for the usable kernel headers and/or gcc. These two modules will
be built with window showing the progress and log printed on terminal.To correct the issue with secure boot enabled:
Generate a key pair using the openssl to sign vmmon and vmnet modules: $openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -nodes -days 36500 -subj "/CN=VMware/" Replace MOK with the name of the file you want for the key. Sign the modules using the generated key by running these commands: $sudo /usr/src/linux-headers-`uname -r`/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmmon) $sudo /usr/src/linux-headers-`uname -r`/scripts/sign-file sha256 ./MOK.priv ./MOK.der $(modinfo -n vmnet) Import the public key to the system's MOK list by running this command: $mokutil --import MOK.der Confirm a password for this MOK enrollment request. Reboot your machine. Follow the instructions to complete the enrollment from the UEFI console. Note: Preceding commands are verified to work on Ubuntu 16.04 hosts. The general steps are applicable to all Linux distributions,but specific Linux distributions might differ in commands.
2551
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
