On Mo, 18.06.18 16:54, R P Herrold (herrold@xxxxxxxxxxxx) wrote: > On Mon, 18 Jun 2018, Lennart Poettering wrote: > > > On Do, 14.06.18 14:20, Chris Murphy (lists@xxxxxxxxxxxxxxxxx) wrote: > > > > > The cited BLS spec is the original one, [1] > > ... later: L.P.: > > [reduce] the size of the spec if possible, and drop as many > > bits of it as we can, i.e. the stuff noone implements > > anyway. > > > > > The cited BLS spec requires $BOOT be VFAT, are we doing that? > > Will cgroup and SElinux protections work in VFAT ? cgroups and file systems have little to do with each other. VFAT won't store selinux labels of course, but you can assign a fixed label to all files of a vfat file system when mounting it. It's what Fedora does when dealing with the ESP already. So regarding selinux it's not whether to do selinux or not to do it, but whether is really necessary to label the initrd file and the kernel differently, or whether it's ok to give all files in /boot the same label. I am pretty sure that's actually what already happens anyway, even if you have ext4, but then again i am not running grub nor ext4, so I don't really know. > > Why would we? I mean the idea is that $BOOT can be shared among > > multiple OSes installed. Which means one really should settle on a > > I see a lot of need in [1] for re-partitioning and optionally > adding a /boot partition where none was specified, to make > this work > > The move toward containers includes getting away from more > than a single partition (and so, a separate /boot partition, > as mostly irrelavant). Getting rid of a separate /boot > partition is a win, as it removes the need for a separate > mountpoint in /etc/fstab for a '/boot/'. partition, and all > the gyrations as to partitioning in [1] Well, my personal opinion is that the ESP is where kernels should be placed if at all possible, in order to simplify things. You need the ESP anyway, there's no way around it, hence if you can just unify the pre-root stuff there, and then only have the ESP and your root dir as necessary partitions. Lennart -- Lennart Poettering, Red Hat _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/message/H7GJBIFU56PESKBRNDDXZO5WHFV3JOK3/
