On Mon, Jan 21, 2013 at 1:21 PM, Frederic Crozat <fcro...@suse.com> wrote: > Le lundi 21 janvier 2013 à 13:09 +0100, Kay Sievers a écrit : >> On Mon, Jan 21, 2013 at 1:05 PM, Frederic Crozat <fcro...@suse.com> wrote: >> > Le lundi 21 janvier 2013 à 12:03 +0100, Kay Sievers a écrit : >> >> >> It's the simplest and most efficient setup a system can have. >> > >> > But this setup is not shim loader/"Secure Boot" compatible. >> >> Sure it is. Why not? It has nothing to do which filesystem /boot uses. > > the generator isn't a problem, I was commenting on the "simplest" part. > You still need a shim loader there, since an EFI-stubed kernel can't be > signed by UEFI Signing Service (I'm not discussing signing a kernel > yourself or injecting its key into EFI firmware).
It's just a matter of the features of the EFI loader you use, it still has absolutely nothing to do with how /boot looks like, or what its filesystem is. >> > And it will >> > force most (if not all) distributions to probably "patch" (or disable) >> > this generator so it behave as it is expected by them (ie /boot/efi). >> >> If you would have read the code or the commit or the wiki page, you >> would have noticed that the generator never gets active in any other >> setup. > > I read the code before commenting, and I noticed it won't quick in as > long as /boot is not empty nor mounted in fstab. But you are still > "deviating" from the common practice among distributions and to be > useful and work "as expected" on such distributions, this generator > should use /boot/efi instead. Obviously, you already made you mind, so I > guess it is useless to argue anymore but I doubt it will be of great > usage on most distributions. Yes, we do not want to get into any grub2 business or any other bootloader configuration. This is just an "option" that will not be used by any current default setup. The whole point of this thing is to not need "another OS" like grub2 to read all sorts of storage setups and filesystems, just to load a kernel that does all the same stuff again, but properly, and for real. We can just skip that whole nonsense by making /boot the EFI system partition and store the kernel there. Distribution with their getting-more-fragile-and-insane-every-week boot setup can do their stuff and will not be affected in any way by this. Kay _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
