create_disk.sh: stop setting immutable bit on sysroot

Nowadays, the sysroot is mounted read-only anyway, so it seems unnecessary to also slap on an immutable bit. Note this is distinct from the deployment root immutable bit. Prompted by the fact that when moving to osbuild, we don't want to have to care about this and try to replicate it.
HuijingHei · Jan 10, 2024 · e693d65 · e693d65
1 parent 189d72c
commit e693d65
Showing 1 changed file with 0 additions and 9 deletions.
diff --git a/src/create_disk.sh b/src/create_disk.sh
@@ -531,15 +531,6 @@ if [[ ${secure_execution} -eq 1 ]] && [[ ! -e /dev/disk/by-id/virtio-genprotimg
 fi
 touch $rootfs/boot/ignition.firstboot
 
-# Finally, add the immutable bit to the physical root; we don't
-# expect people to be creating anything there.  A use case for
-# OSTree in general is to support installing *inside* the existing
-# root of a deployed OS, so OSTree doesn't do this by default, but
-# we have no reason not to enable it here.  Administrators should
-# generally expect that state data is in /etc and /var; if anything
-# else is in /sysroot it's probably by accident.
-chattr +i $rootfs
-
 fstrim -a -v
 # Ensure the filesystem journals are flushed
 for fs in $rootfs/boot $rootfs; do