Re: F37 Change: Enable read only /sysroot for Fedora Silverblue & Kinoite (Self-Contained Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 


On Wed, Feb 16, 2022, at 12:48 PM, Stephen Snow wrote:
> On Wed, 2022-02-16 at 12:12 -0500, Ben Cotton wrote:
>> https://fedoraproject.org/wiki/Changes/Silverblue_Kinoite_readonly_sysroot
>> 
>> == Summary ==
>> 
>> This change is about enabling an opt-in ostree feature that re-mounts
>> `/sysroot` as read only to avoid accidental changes.
>> 
>> Users and administrators are not expected to directly interact with
>> the content available there and should instead use the interface
>> offered by rpm-ostree, GNOME Software or (soon) Plasma Discover to
>> manage their system.
>> 
> I use Silverblue. How does this affect my ability to modify /etc in the
> opt-in scenario?

It doesn't; `/etc` is mounted writable.

> Does rpm-ostree offer a method to modify /etc in that
> case? What if I want a mutable /var, like I currently have, does this
> change under this proposal? 

`/var` does not change either.

> What is the value of this for the normal Fedora Linux user?

The basic idea is that `/sysroot` is actually an ostree implementation detail, and really nothing else should be writing to it.

Fedora CoreOS has worked this way for a long time; we just didn't make the change in ostree by default out of conservatism.

> See, that's an unwelcome thing IMO.

I think actually the migration service could inject `rw` into all bootloader entries actually.

> I don't know. I think not being able to boot into my previous
> deployments a visible change to my user experience.

The service adjusting all bootloader entries is the easy fix for this.

Or, TL;DR: Don't panic, no power is being removed and it's very likely that no one will notice.
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux