forked from containers/bootc
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
install: Mount
/boot
readonly by default
As we want to support enabling `root.transient` in some images, this means that things like `apt|dnf install foo` literally just works out of the box. However...we have a looming danger around things like kernels. Typically the package installation scripts for those aren't going to handle this correctly. Let's mount `/boot` readonly by default, as we have been doing in Fedora CoreOS and derivatives for a while. Now I'm not totally happy with this because ultimately I think this should be configurable by the OS, not hardcoded in bootc. We have some thought to put in to exactly how that's exposed. But for now let's set the precedent here. Signed-off-by: Colin Walters <[email protected]>
- Loading branch information
Showing
2 changed files
with
31 additions
and
2 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters