UsrMove feature (was Re: FESCo meeting minutes for 2011-10-24)
harald.hoyer at gmail.com
Tue Oct 25 07:56:19 UTC 2011
On 10/25/2011 09:33 AM, Michal Hlavinka wrote:
> On 10/25/2011 09:30 AM, Harald Hoyer wrote:
>> On 10/25/2011 09:15 AM, Harald Hoyer wrote:
>>> It's not only an aesthetic issue. This enables possibilities, which were
>>> not doable before.
>> - mount rootfs encrypted
>> - mount /usr not encrypted (no secrets here)
> this is already possible, I use this setup for a long time.
right, but still a lot of files in /lib* /sbin and /bin, which do not
need encryption here.
Having all in /usr make the thing so much cleaner...
Just to give you some food for thought: Next steps could include to only
allow "/usr" prefixed files in Fedora rpms. "/var" and "/etc" could be
setup with tempfiles and config templates. So our OS (set up by rpms)
only lives in /usr.
More information about the devel