I installed my fedora workstation with secureboot still on not knowing at the time i would have complications with the nvidia drivers. When i boot i get the error report that my kernel is tainted, this is because a few of the nvidia modules are not signed. After searching the internet for a while i managed to find that it is possible to fix this without the need to start over with secure boot off. This is by self signing the modules in question, however i have not managed to find how i am supposed to do this.
And besides not really looking forward to completely starting over, secure boot does give that extra bit of security i’d rather not loose.
So my question is as follows, does anyone know how to sign these modules?
On further thought, self signing the modules makes things kind of static.
The drivers I use come from the rpmfusion repo and are built using akmods. The kernel is updated frequently, which requires a rebuild of the module for each new kernel. Occasionally there is an update to the nvidia driver version. All this happens automatically when updates occur and are installed.
Unless you were to hold a static kernel and driver release the signing process may have to be repeated with each change, thus adding complexity to the normal updates.
Just something else to consider when thinking about the desire to remain with secure boot enabled.