[RFE] Use systemd-repart and dm-verity #4
Labels
kind/feature
A feature request.
Comments
|
I have recently come to use mkosi for use-cases like this as it allows easy configuration and supports many neat features such as systemd-repart, automatic dm-verity (including root hash, signature and such), automatic generation of the extension-release file and such. |
|
For what it's worth, cons: mkosi does not support Gentoo as a target, it's not neatly packaged and it breaks fairly often (being "hacked together" mostly with systemd's interactive testing in mind). Don't get me wrong: it's a neat tool that, in theory, would remove most friction when it comes to producing systexts/portableexts but those cons make it very hard to really rely on it in production (IMHO ofc). |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Current situation
We build plain squashfs images
Impact
We don't benefit from dm-verity protection
Ideal future situation
Use systemd-repart to create dm-verity images
The text was updated successfully, but these errors were encountered: