[systemd-devel] repart: How to use CopyBocks= with usr-verity?
Nils Kattenbeck
nilskemail at gmail.com
Fri Mar 29 18:54:25 UTC 2024
Hello everyone,
I am having trouble with getting CopyBlocks= to work with a verify enabled
usr partition. The documentations says that it should automatically work
automatically but it does not describe which properties have to be set for
which partition, i.e. repart.d file.
So far I have tried several variations of Verity=/VerityMatchKey=, settings
it only on one partition, both etc., setting CopyBlocks= on only usr or usr
and usr-verity. Setting CopyBlocks= on both does not work and
systemd-repart fails with the message that it was unable to find the
correct partition for usr-verity. The other approach was setting
CopyBlocks= only on the usr partition but regardless of what I try with
Verity= the root hash changes (and thus also the partition UUIDs). Or more
specifically the usr partition retains the correct/original PARTUUID
whereas the PARTUUID of the usr-verity partition changes.
Maybe someone has an idea what might cause this or better yet already has a
similar working solution which they could share.
Kind regards,
Nils
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20240329/5e1fd4d1/attachment.htm>
More information about the systemd-devel
mailing list