> Why can't you just enable journalling in systemd-homed, so we have
LUKS+dm-integrity-journalling?
That's why there's two layers of dm-integrity stacked on top of each other (one protecting the filesystem, one baked into the systemd-homed LUKS image)
> If the user needs to separate / and /home, isn't that just sensible design?
I'm not exactly sure what you mean by this, sorry
> As for SSDs, the latest ones, as far as I can tell, have a lifespan
measured in years even if they're being absolutely hammered by a stress test. If you're really worried about wearing out an SSD, put the journal on rotating rust, but I think those in the know are likely to tell you that the rust will die before the SSD.
This is for a general-purpose desktop OS. I have absolutely no control over the hardware my users have in their computers. Many SSDs from a few years ago have significantly worse lifetimes. I'd rather not wear out the SSD 4x more than necessary (even if many newer SSDs can handle that)
Best,
Adrian
