You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Today the composefs backend basically does "enable fsverity if we can" by default. In the code, there is a proper enum but AFAICS it is not exposed via e.g. storage.conf or otherwise.
In contrast in ostree, we did make this explicitly configurable.
(queue the overall problem that we need to unify ostree and c/storage)
Different system operators, may reasonably want distinct things:
Some may want to disable fsverity even on filesystems (e.g. btrfs, xfs) that support it today, because they don't want to pay the verification tax
Today the composefs backend basically does "enable fsverity if we can" by default. In the code, there is a proper enum but AFAICS it is not exposed via e.g.
storage.confor otherwise.In contrast in ostree, we did make this explicitly configurable.
(queue the overall problem that we need to unify ostree and c/storage)
Different system operators, may reasonably want distinct things:
Bikeshed: We could just expose this via
storage.confI guess, something likeuse_composefs = signed | verity | yes | noor so.The text was updated successfully, but these errors were encountered: