diff --git a/packages/static/kairos-overlay-files/collection.yaml b/packages/static/kairos-overlay-files/collection.yaml
index 2ef9189..35c4fb6 100644
--- a/packages/static/kairos-overlay-files/collection.yaml
+++ b/packages/static/kairos-overlay-files/collection.yaml
@@ -1,4 +1,4 @@
 packages:
   - name: "kairos-overlay-files"
     category: "static"
-    version: "1.1.33"
+    version: "1.1.34"
diff --git a/packages/static/kairos-overlay-files/files/system/oem/24_sysext.yaml b/packages/static/kairos-overlay-files/files/system/oem/24_sysext.yaml
index 141aaea..77338a8 100644
--- a/packages/static/kairos-overlay-files/files/system/oem/24_sysext.yaml
+++ b/packages/static/kairos-overlay-files/files/system/oem/24_sysext.yaml
@@ -10,6 +10,20 @@ stages:
         - path: /usr/lib/extensions
         - path: /usr/local/lib/extensions
   initramfs:
+    - name: "systemd-sysext uki config"
+      if: '[ -e "/run/cos/uki_boot_mode" ] && [ ! -e "/run/cos/recovery_mode" ] && [ ! -e "/run/cos/autoreset_mode" ]'
+      files:
+        - path: /etc/systemd/system/systemd-sysext.service.d/uki.conf
+          permissions: 0644
+          owner: 0
+          group: 0
+          content: |
+            [Service]
+            TimeoutStartSec=10
+            ExecStart=systemd-sysext refresh --image-policy="root=verity+signed+absent:usr=verity+signed+absent"
+            ExecReload=systemd-sysext refresh --image-policy="root=verity+signed+absent:usr=verity+signed+absent"
+            [Unit]
+            JobRunningTimeoutSec=5
     - name: "systemd-sysext initramfs settings"
       if: '[ -e "/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ] || [ -e "/usr/sbin/systemctl" ] || [ -e "/usr/bin/systemctl" ]'
       systemctl: