I just got started with IncusOS. I downloaded the image through the website - 202602022347 is what it produced.
I am playing around with it, and built a new (VM) server, and it downloaded the latest version - 202602031842.
However that ran into an apparent issue related to the secure boot key updates. Screenshot is attached. I doubt it stops the server from doing it’s thing but it’s still odd.
IncusOS 202602031842 includes some changes in how certificates are managed internally; it looks like something’s not quite happy with the CA verification chain.
Most of the development team is traveling back from a meetup today, so it might take a little while before an updated image is published with a fix.
Should be fixed by incus-osd/providers: Use the Root CA to verifiy update metadata by gibmat · Pull Request #869 · lxc/incus-os · GitHub , which we’ll get pushed out as an update ASAP.
We have pulled 202602031842 from stable for now and 202602040632 should be able shortly with a fix. Affected systems will most likely have to reboot on the previous image in order to unblock the update.
Hopefully this was caught quickly enough that only a small number of systems have downloaded the bad update. Also worth noting that systems using Operations Center should be unaffected.
Anyone who applied 202602031842 but hasn’t rebooted yet should avoid rebooting until they have received 202602040632.
202602040632 is now available for update.
We’ve confirmed that booting an older image will then trigger an update to that new image and fix the issue.
Thanks for the super quick turn-around. I rebooted my machine from the “bad” image to the previous (good) image, it dowloaded the 20260204 update and all is well now.
