UsrMove feature (was Re: FESCo meeting minutes for 2011-10-24)

Harald Hoyer harald.hoyer at
Tue Oct 25 07:56:19 UTC 2011

On 10/25/2011 09:33 AM, Michal Hlavinka wrote:
> On 10/25/2011 09:30 AM, Harald Hoyer wrote:
>> On 10/25/2011 09:15 AM, Harald Hoyer wrote:
>>> It's not only an aesthetic issue. This enables possibilities, which were
>>> not doable before.
> ...
>> - mount rootfs encrypted
>> - mount /usr not encrypted (no secrets here)
> this is already possible, I use this setup for a long time.

right, but still a lot of files in /lib* /sbin and /bin, which do not 
need encryption here.

Having all in /usr make the thing so much cleaner...

Just to give you some food for thought: Next steps could include to only 
allow "/usr" prefixed files in Fedora rpms. "/var" and "/etc" could be 
setup with tempfiles and config templates. So our OS (set up by rpms) 
only lives in /usr.

More information about the devel mailing list