[systemd-devel] Support for unmerged-usr systems will be REMOVED in the second half of 2023
Mantas Mikulėnas
grawity at gmail.com
Sat Nov 5 10:36:48 UTC 2022
On Sat, Nov 5, 2022 at 12:06 PM TJ <systemd at iam.tj> wrote:
> Just seen this announcement in the v252 changelog:
>
> "We intend to remove support for split-usr (/usr mounted separately
> during boot) ..."
>
> How does this align with support for separate /usr/ with dm-verity ?
>
> For example, this will affect nspawn. See "man 1 systemd-nspawn" and
> "--root-hash=" where in respect of /usr/ it says:
>
> "Note that this configures the root hash for the root file system. Disk
> images may also contain separate file systems for the /usr/ hierarchy,
> which may be Verity protected as well. The root hash for this protection
> may be configured via the "user.verity.usrhash" extended file attribute
> or via a .usrhash file adjacent to the disk image, following the same
> format and logic as for the root hash for the root file system described
> here."
>
/usr can remain on a separate partition as long as it's mounted *by the
initrd* (the same way initrd currently mounts your rootfs), so that by the
time systemd starts it already has the full filesystem.
What's finally being removed is support for having the rootfs itself mount
/usr halfway through, which requires many things that normally are on
/usr/lib to be split between it and /lib instead (such as on Debian).
Using the initrd to mount /usr isn't new.
<https://web.archive.org/web/20150906203654if_/https://www.gentoo.org/support/news-items/2013-09-27-initramfs-required.html>
--
Mantas Mikulėnas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20221105/6b870bc4/attachment.htm>
More information about the systemd-devel
mailing list