Fix: try to not bind PCR-7 to systemd-cryptenroll

See bug: systemd/systemd#24906
Cosmian · Mar 21, 2024 · 8f58ce3 · 8f58ce3
1 parent a486c05
commit 8f58ce3
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/resources/scripts/cosmian_fstool b/resources/scripts/cosmian_fstool
@@ -134,7 +134,7 @@ fi
 
 # Enroll the TPM to decrypt the luks without password (a password is required to run this command)
 echo "Enrolling the TPM for this container..."
-PASSWORD=$PASSWORD systemd-cryptenroll --tpm2-device=/dev/tpmrm0 --tpm2-pcrs=7 "$BLOCK_DEVICE"
+PASSWORD=$PASSWORD systemd-cryptenroll --tpm2-device=/dev/tpmrm0 "$BLOCK_DEVICE"
 
 # Remove previous entry from the fstab and crypttab (create a .bak file to ease the rollback)
 echo "Removing previous obsolete auto mounting rules..."