On Wed, Apr 27, 2022 at 9:10 AM Neal Gompa <ngompa13@xxxxxxxxx> wrote: > > Note that it means Fedora CI, pull requests from contributors, and > releng auto-rebuilds will no longer work. Maintainers basically > sign-on to do all of those things manually and have to be responsive > for doing it. You will get FTBFS tickets every cycle because of it, > for example. Asking systemd folks to change their development process because of limitations in Fedora/Koji seems like a big ask, don't you think? Having implemented UEFI secure boot signing for Endless, I can concur it is a PITA. However, there are certainly ways to make it work that have no effect on upstream. Our Endless system is pretty hacky, but Debian's is pretty well thought out. What both have in common is that the signer generates a separate package so that the normal build flow isn't affected. In the case of systemd, there would be both an unsigned and signed version of the sd-boot EFI program in separate packages. I'm sure it would require work to fix, but this seems like more of a Koji problem than a systemd problem. I also feel like Lennart's suggestion that sd-boot get split out as a separate source package but using the same tarball is completely reasonable if your signing system is too onerous to use. -- Dan
Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Dan Nicholson <dbn@xxxxxxxxxxxxx>
- Date: Wed, 27 Apr 2022 09:25:58 -0600
- Cc: "Roderick W. Smith" <rodsmith@xxxxxxxxxxxxx>, systemd Mailing List <systemd-devel@xxxxxxxxxxxxxxxxxxxxx>
- In-reply-to: <CAEg-Je8u6S4AWSAYKzPgt6Lk2-XM3-Gmhz6HXYi0em7=gBJvsg@mail.gmail.com>
- References: <CAEg-Je_gcj_Nz6o6venEwefn7Q9K_1a9QoNGvT7RZ9SQ0NzJNw@mail.gmail.com> <YmkfViY7jf6S+aaT@krowka> <CAEg-Je9uf=9W1Obc+QyJ_pS8A65GZOcQz9owumn50co=voop7Q@mail.gmail.com> <YmlPYbFri+kgBzrQ@krowka> <CAEg-Je8u6S4AWSAYKzPgt6Lk2-XM3-Gmhz6HXYi0em7=gBJvsg@mail.gmail.com>
- Follow-Ups:
- References:
- Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Neal Gompa
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Zbigniew Jędrzejewski-Szmek
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Neal Gompa
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Zbigniew Jędrzejewski-Szmek
- Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- From: Neal Gompa
- Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Prev by Date: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Next by Date: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Previous by thread: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Next by thread: Re: Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora
- Index(es):
 |