Bug#826045: systemd: New kernels are not booted

Julian Andres Klode jak at debian.org
Mon Dec 5 16:10:35 GMT 2016 

On Mon, Dec 05, 2016 at 04:58:09PM +0100, Andre Heider wrote:
> On Mon, Dec 5, 2016 at 3:39 PM, Julian Andres Klode <jak at debian.org> wrote:
> > Yes. Well, not missing, but rather left out by purpose. systemd
> > can't just start installing bootloader _integration_, that would
> > be weird.
> 
> I'm not sure I follow.
> 
> What I'm looking for is just the same basic integration for debian as
> gummiboot once had.

sicherboot offers the same level of integration, but some more
features related to (abusing) secure boot. As the former gummiboot
maintainer, it is basically the next version of the script there.

It handles upgrades of systemd-boot, and installation of new kernels
just like my gummiboot scripts used to (we never used kernel-install
for gummiboot either).

I don't think there's much interest in the systemd team to maintain
a bootloader integration themselves, and I am interested in something
that works somewhat reasonably with full disk encryption.

You just have to 
# apt install sicherboot
# sicherboot setup
(and ignore the steps about enrolling keys...)

and you are ready to go with a fully integrated systemd-boot
experience :)

> 
> Of course the missing scripts I mentioned cannot blindly call
> kernel-install, they'll have to check if systemd-bootd is
> installed/used and bail out accordingly. It doesn't make much sense
> otherwise. Is that what you mean? With that in mind I don't see why
> systemd shouldn't do boot loader integration, all the pieces are
> already there.

Blind detection would conflict with sicherboot, and is not
neccessarily possible. Explicit opt-in seems like the best
choice.

I also like to essentially uncouple the bootloader configuration
from systemd itself. I mean, it's sort of a spec for bootloaders,
and not systemd-specific configs we are generating here.

-- 
Debian Developer - deb.li/jak | jak-linux.org - free software dev
                  |  Ubuntu Core Developer |
When replying, only quote what is necessary, and write each reply
directly below the part(s) it pertains to ('inline').  Thank you.

More information about the Pkg-systemd-maintainers mailing list