On 24/5/24 18:44, Lennart Poettering wrote:
On Fr, 24.05.24 17:39, Dimitris Karakasilis (dimit...@karakasilis.me) wrote:
we (at kairos.io) are trying to understand how systemd-sysext
extensions can
Hmm, I thought kairos wasn't so fond of systemd?
Why would you think that? Kairos is distro-agno
Hi Lennart,
Thanks for the detailed feedback,
On Wed, May 22, 2024 at 3:08 PM Lennart Poettering
wrote:
>
> On Fr, 17.05.24 11:03, Alexander Gordeev (a...@gordius.net) wrote:
>
> > Hi,
> >
> > I've tried systemd-boot recently, I like it a lot. Thanks!
> > There is still one concern. I'd like to
On Mo, 27.05.24 09:48, Alexander Gordeev (a...@gordius.net) wrote:
> > That said, the intended semantics for that are not clear to me at
> > all. i.e. there are some options:
> >
> > 1. mount the current ("primary") ESP to /efi/, and operate exclusively
> >on that, except that at the very end
On Sa, 25.05.24 09:00, Felix Rubio (fe...@kngnt.org) wrote:
> Hi everybody,
>
> For some time now I have been using UKIs, with SB enabled and tying FDE
> decryption on PCRs 7+11+14, with the PCR 11 being measured during UKI
> creation. Then, I use systemd-cryptenroll to update the secret:
>
>
On Sa, 25.05.24 13:23, Andrei Borzenkov (arvidj...@gmail.com) wrote:
> These are PCRs for which you intend to provide signed policy. These PCRs
> must be listed in JSON file that is given to systemd-cryptsetup as
> tpm2-signature= parameter. The only PCR for which there is systemd tool to
> comput
On So, 26.05.24 10:23, Jens Schmidt (farb...@vodafonemail.de) wrote:
> 3.4MiB just to store 856 characters?
It stores structured logs for each of these entries, see "journalctl
-o verbose", i.e. a *lot* more data than you see in the simple output.
It also maintains an index for field, so that "s
On Mon, May 27, 2024 at 11:17 AM Lennart Poettering
wrote:
>
> On Sa, 25.05.24 13:23, Andrei Borzenkov (arvidj...@gmail.com) wrote:
>
> > These are PCRs for which you intend to provide signed policy. These PCRs
> > must be listed in JSON file that is given to systemd-cryptsetup as
> > tpm2-signatu
> (the way I'd implement this, is not by actually teaching these
> commands individual multi-ESP support, but simply by implementing a
> single sync_esp() call or so which syncs the relavant info from
> primary to secondary ESPs correctly, and that each of these commands
> just call as last step. F
Excuse me for top-posting but I can second that. Earlier I had a long
thread about not being able to get the signed PCRs work, I never
figured out that a signature was only created for 11.
It would really help people not to lose their time if documentation
stated - there be dragons, go only if you
On Mo, 27.05.24 14:47, Aleksandar Kostadinov (akost...@redhat.com) wrote:
> Excuse me for top-posting but I can second that. Earlier I had a long
> thread about not being able to get the signed PCRs work, I never
> figured out that a signature was only created for 11.
>
> It would really help peop
On So, 26.05.24 18:52, Patrick ZAJDA (patr...@zajda.fr) wrote:
> Hello,
>
> I am on Debian Bookworm, SystemD 252.25 (bookworm-proposed-update).
That's a 2y old version of systemd. Event in current versions of
systemd DNSSEC supports is experimental, but should behave much
better. Please run somet
Hi,
Currently I'm using a udev rule to set a known name for a network
interface connected
to certain pins on an SoC, then I use a .link file to set altnames for
that interface.
The udev rule matches the base address of the memory mapped registers of the MAC
connected to the given pins (e.g. ATTR{d
On Mo, 27.05.24 16:59, Lars Petter Mostad (lar...@gmail.com) wrote:
> Hi,
>
> Currently I'm using a udev rule to set a known name for a network
> interface connected
> to certain pins on an SoC, then I use a .link file to set altnames for
> that interface.
> The udev rule matches the base address
On Mon, May 27, 2024 at 5:02 PM Lennart Poettering
wrote:
>
> On Mo, 27.05.24 14:47, Aleksandar Kostadinov (akost...@redhat.com) wrote:
>
> > Excuse me for top-posting but I can second that. Earlier I had a long
> > thread about not being able to get the signed PCRs work, I never
> > figured out t
On 2024-05-27 10:28, Lennart Poettering wrote:
> It stores structured logs for each of these entries, see "journalctl
> -o verbose", i.e. a *lot* more data than you see in the simple output.
>
> It also maintains an index for field, so that "systemctl status" can
> reasonably quickly show only o
15 matches
Mail list logo
