[systemd-devel] Splitting sd-boot from systemd/bootctl for enabling sd-boot in Fedora

Neal Gompa ngompa13 at gmail.com
Wed Apr 27 17:07:48 UTC 2022


On Wed, Apr 27, 2022 at 12:19 PM Zbigniew Jędrzejewski-Szmek
<zbyszek at in.waw.pl> wrote:
>
> On Wed, Apr 27, 2022 at 11:40:36AM -0400, Neal Gompa wrote:
> > On Wed, Apr 27, 2022 at 11:26 AM Dan Nicholson <dbn at endlessos.org> wrote:
> > >
> > > On Wed, Apr 27, 2022 at 9:10 AM Neal Gompa <ngompa13 at gmail.com> wrote:
> > > >
> > > > Note that it means Fedora CI, pull requests from contributors, and
> > > > releng auto-rebuilds will no longer work. Maintainers basically
> > > > sign-on to do all of those things manually and have to be responsive
> > > > for doing it. You will get FTBFS tickets every cycle because of it,
> > > > for example.
> > >
> > > Asking systemd folks to change their development process because of
> > > limitations in Fedora/Koji seems like a big ask, don't you think?
> >
> > Honestly, that never factors in for me, because then I'd never ask
> > anything of anyone. :)
> >
> > But no, it doesn't sound unreasonable to me, because I reasonably
> > expect the parts that make up the EFI boot manager code to be somewhat
> > separate from the rest of the codebase in the first place. It targets
> > a different build environment and has to be built differently from the
> > rest of systemd anyway. So to me, it's not a "big ask" as you put it.
>
> Once more (this has already been written *independently* by Lennart
> and me, but let's say it once again): THE USERSPACE AND EFI-SPACE
> PARTS SHARE CODE, the configuration system and the build system. So if
> we split them, we'd probably want to update them in tandem anyway, and
> it's just easier to do it, then to try to figure out if the sd-boot parts
> didn't change and we can skip the update.
>

Yes, well he was asking me why I bothered to ask, and I answered. That
doesn't have a bearing on what reality turned out to be.

> Since the signing is automatic once configured, I can't grok what
> savings people foresee by doing separate builds.
>

That's the point: correct signing is *not* automatic. It's *manual*
and done by *you* doing the build. Automatic signing is independent of
who does it, this is not that.




--
真実はいつも一つ!/ Always, there's only one truth!


More information about the systemd-devel mailing list