Originally posted by chuckula
View Post
Announcement
Collapse
No announcement yet.
Fedora 38 Plots Path To Unified Kernel Support
Collapse
X
-
Interesting.
Seems as if it could make auto-provisioning k8s clusters much easier?
Some kind of auto-build system though would seem to be a requirement.
From a repo of available stuff, pull these requirements, with these kernel args, (on top of required standard stuff to make a running system), build and sign it.
load file to ipxe server (or local system) and be up and running.
Sure could be a much easier, less time consuming, less(human) error prone way, thus more productive and maybe “less elitist” way to allow more people to make more choices and customize.
Comment
-
Originally posted by pdbecid View PostThis sure is going to ruffle some feathers.
*Grabs Popcorn*
- Likes 1
Comment
-
Finally, people are actually starting to care about GNU/Linux secured boot process, and how “Secure Boot” wasn’t actually secure the way it's implemented on most distros. https://0pointer.net/blog/brave-new-...oot-world.html
- Likes 6
Comment
-
Originally posted by chuckula View PostI'm the opposite of this: I custom compile my kernel for my hardware and I don't even need an initrd.
What I'd like to see is an intelligent kernel configuration utility that auto-detects your hardware, self-configures for an optimized build, and even lets you know exactly what firmware files your system needs so I don't have to do the massive housekeeping to delete unnecessary cruft like I do now.
Linux boot security is absolutely atrocious right now, this is a step in the right direction to change that. If you don't like it, don't use it. That's what "opt-in" is all about. The rest of the users that care about boot security chains will welcome the change.
- Likes 7
Comment
-
Loyal Fedora user (since, I think, Fedora Core 9). Very happy with the current status of NVidia GPU and ZFS integration. I see a lot of storm clouds on the horizon with this proposal.
Let me start by saying that I like the goal in general and I am looking forward to what the Fedora team will come up with. However, as I read the proposal I shutter at the idea of Discoverable Partitions. I may move all my machines to network boot if this will be the only way to multi-boot in the secure future...
- Likes 1
Comment
-
I like the idea of unified selfbooting kernels.
If you really need to add or change kernel parameters then I'm sure you could build your own UKI's which will not be signed with redhat's Secure boot key.
So either disable Secure boot or use your own keys.
Comment
Comment