Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hey all,

Some of you might know about the recent discussion in Fedora about
dropping BIOS support[1][2]. While the end result for now is that
we're not dropping it[3], several side discussions involved enabling
systemd-boot as an option in Fedora in the future.

While I *personally* am not a huge fan of systemd-boot itself, I *am*
a fan of a lot of the mechanisms around it, and I think it would be
valuable for us to adopt more of that in Fedora. To that end, that
means making it easier for people to fully adopt systemd-boot on their
systems in Fedora with minimal effort (ideally just a kickstart or
Anaconda flag if desired).

>From my point of view as someone working on several Fedora variants
and would like to provide more optionality around this, there are a
couple of issues:

* bootctl(1) appears to be tightly coupled to sd-boot
* sd-boot is part of the systemd source tree

The first problem is mostly because I think bootctl(1) is a fantastic
interface to manage *any* Bootloader Spec[4] (BLS) conformant boot
manager, and I would love for that tool to be useful for doing so.
Being able to do things like install/upgrade/swap GRUB 2,
systemd-boot, or any other registered BLS-enabled boot manager would
make it tremendously useful and valuable as a "building block" tool. I
feel it would make sense to offer some kind of configuration to teach
bootctl(1) about these boot managers so that it can work for them, and
not just systemd-boot.

The second problem is because having sd-boot in the systemd source
tree means that in order for Fedora to sign the boot manager EFI
binaries, we have to lock down the systemd source package to the
secure boot Koji build channel. This is unequivocally unacceptable
from my point of view, as the restrictions around the secure boot
channel make it realistically impossible for community contribution
and maintenance of the package.

Realistically, I think if we want to make movement on making
systemd-boot fully supported in Fedora, the systemd-boot boot manager
code itself should be split out into its own repository with its own
release cadence, while bootctl(1) and related infrastructure remains
in the systemd source tree and evolves to be able to manage arbitrary
BLS-conformant boot managers.

This would also (hopefully) encourage other boot managers to support
the Bootloader Spec configuration model, making it succeed as a
semi-universal abstraction for boot manager configuration. We could
then teach our tooling in Fedora to interact with bootctl(1) to do
bootloader things, rather than having to create multiple tools and
scripts to deal with this.

The alternative, of course, is to build sd-boot by having a second
source package of the systemd code and setting it up to only build the
boot stuff. This is painful for a variety of reasons: it guarantees we
need to have some kind of synchronization point to ensure fixes and
improvements are carried between the two. It is more work from a
maintenance perspective (especially around security stuff), and it
doesn't really help with pushing the adoption of the Bootloader Spec
as a whole.

What do you all think?

Best regards,
Neal

[1]: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/K5YKCQU3YVCTMSBHLP4AOQWIE3AHWCKC/
[2]: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx/thread/JUJV6BEJAXK5LATTSWGRFZDIAVM7KN4J/
[3]: https://pagure.io/fesco/issue/2780#comment-794311
[4]: https://systemd.io/BOOT_LOADER_SPECIFICATION/

-- 
真実はいつも一つ!/ Always, there's only one truth!
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux