On Tue, 2022-12-20 at 14:56 -0500, Demi Marie Obenour wrote: > How do you plan to handle system recovery? For VMs this is much > less of a concern, but on bare metal there needs to be a way for > a local, authenticated administrator to obtain a root shell on > the system console even if the root filesystem cannot be mounted. > This has saved my system more than once. > > Also, how will Xen be supported in this model? Will the hypervisor > be part of an alternate UKI? CCing Marek Marczykowski-Gorécki of > Qubes OS.
It is all answered in the large amount of text you quoted, if you read it carefully. The old kernel+inird does not go away, so you disable secure boot and just use the good old methods, or worst case you use a recovery disk (or USB drive, or whatever you use to install) if you damaged the boot partition. Anything that is not explicitly supported likewise will use the old kernel + custom initrd, you just disable secure boot. Simo. -- Simo Sorce RHEL Crypto Team Red Hat, Inc _______________________________________________ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
