diff options
Diffstat (limited to 'mkosi.conf.d')
-rw-r--r-- | mkosi.conf.d/10-systemd.conf | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/mkosi.conf.d/10-systemd.conf b/mkosi.conf.d/10-systemd.conf index d82a59dd03..ec0f690d4e 100644 --- a/mkosi.conf.d/10-systemd.conf +++ b/mkosi.conf.d/10-systemd.conf @@ -11,8 +11,12 @@ OutputDirectory=mkosi.output BuildDirectory=mkosi.builddir CacheDirectory=mkosi.cache +[Validation] +SecureBoot=yes +# Disabled until systemd-measure can operate without a TPM device. +SignExpectedPcr=no + [Host] -Acl=yes QemuMem=2G ExtraSearchPaths=build/ # Make sure we don't trigger systemd-firstboot prompting for the root password. @@ -30,3 +34,5 @@ KernelCommandLineExtra=systemd.crash_shell ip=enp0s1:any # Make sure sulogin works even with a locked root account. SYSTEMD_SULOGIN_FORCE=1 + # Make sure /sysroot is mounted rw in the initrd. + rw |