diff options
author | Luca Boccassi <bluca@debian.org> | 2023-05-13 11:09:00 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2023-05-13 11:09:00 +0100 |
commit | e0226959ae98bbe983c3fbc232c6552d39e36d14 (patch) | |
tree | 6da02461e185df7deb6486dd13763528b3399778 /mkosi.conf.d/10-systemd.conf | |
parent | 942afbad2a4e558bda13b6dd14ee48e08021264d (diff) | |
parent | 47e5e12866af14112452aeb8bc43a66191c6fbc1 (diff) | |
download | systemd-e0226959ae98bbe983c3fbc232c6552d39e36d14.tar.gz |
Merge pull request #27571 from DaanDeMeyer/mkosi
mkosi: Package a erofs usr partition with signed verity
Diffstat (limited to 'mkosi.conf.d/10-systemd.conf')
-rw-r--r-- | mkosi.conf.d/10-systemd.conf | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/mkosi.conf.d/10-systemd.conf b/mkosi.conf.d/10-systemd.conf index d82a59dd03..ec0f690d4e 100644 --- a/mkosi.conf.d/10-systemd.conf +++ b/mkosi.conf.d/10-systemd.conf @@ -11,8 +11,12 @@ OutputDirectory=mkosi.output BuildDirectory=mkosi.builddir CacheDirectory=mkosi.cache +[Validation] +SecureBoot=yes +# Disabled until systemd-measure can operate without a TPM device. +SignExpectedPcr=no + [Host] -Acl=yes QemuMem=2G ExtraSearchPaths=build/ # Make sure we don't trigger systemd-firstboot prompting for the root password. @@ -30,3 +34,5 @@ KernelCommandLineExtra=systemd.crash_shell ip=enp0s1:any # Make sure sulogin works even with a locked root account. SYSTEMD_SULOGIN_FORCE=1 + # Make sure /sysroot is mounted rw in the initrd. + rw |