From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by ms8.migadu.com with LMTPS id CCOLOkM3/2XjZgAA62LTzQ:P1 (envelope-from ) for ; Sat, 23 Mar 2024 21:10:44 +0100 Received: from aspmx1.migadu.com ([2001:41d0:303:e224::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1.migadu.com with LMTPS id CCOLOkM3/2XjZgAA62LTzQ (envelope-from ) for ; Sat, 23 Mar 2024 21:10:44 +0100 X-Envelope-To: larch@yhetil.org Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lunabee.space header.s=purelymail1 header.b=pMxgDK3o; dkim=fail ("headers rsa verify failed") header.d=purelymail.com header.s=purelymail1 header.b=D2ARaJB0; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Seal: i=1; s=key1; d=yhetil.org; t=1711224643; a=rsa-sha256; cv=none; b=ERmuhkjEVSMK3GLUuGNTRuziakXvboWDn/HcJYcgnlzIXfN4SiSTANrXUuYTfIjKvNxBAl u0VVHzaYXHnpu1pb2AyMw0H5NZPl6mGvvEcj4d+w1T8FaYbiOZhFzlJX1R/d8mXdPv/jsJ 8bo2N0QAE0ZfgwxoUuO6XlBN3r/kHEya3mcVY/Trth2UqDZxX6C9rFOcOo40JVCePlWKIJ Kv6DE8oikn8pKo1hMTWHw0grXf6Ma0l7WHeBj2cK1j7UcDqKd9Ppsmfq9cDAfOet3OIr64 q+Y2/noowpJ+J0XvEF1KZZu699CtoGo2AQxMADdK8u2OYH0FCl6hSKCQOHkzYQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=lunabee.space header.s=purelymail1 header.b=pMxgDK3o; dkim=fail ("headers rsa verify failed") header.d=purelymail.com header.s=purelymail1 header.b=D2ARaJB0; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of "guix-patches-bounces+larch=yhetil.org@gnu.org" designates 209.51.188.17 as permitted sender) smtp.mailfrom="guix-patches-bounces+larch=yhetil.org@gnu.org" ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1711224643; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding:resent-cc: resent-from:resent-sender:resent-message-id:in-reply-to:in-reply-to: references:references:list-id:list-help:list-unsubscribe: list-subscribe:list-post:dkim-signature; bh=pZOopb6EYrm8sYBiuXiUoWrC8ByNiH/bZvuwKcjq0jI=; b=m8qazArsFQyx5RkxjtrN0J/NIXc3LA36MfwzdFmo4rd71tHlC2MpCQ5VUG12hTaucfAdNc wCIZCZeBjzQ8+6xpKJFgI+6CTkWW2uyQY+TbB9RVteUz4YztzELcxs27ZO03bOAomRxSgM Af2FB2nDoii0KaH5CI8DxsH5MgBqOvlpOqXQibyjj2w/roqrmt7DaSVf+74DTYvB5Y4oPO 8I6LQf0bUdo6g5oVIO8Dc/iegAsZbvkwz5zEQFCXrW+zaMih8iz7JObTkqEUPaO6CNEzt9 SEL08M3TPrashb3uhbVO4V/aQFsLM4+ZfobqW/+rELAl8OcO+QVYOZwtDXLUdQ== Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id 8D53423122 for ; Sat, 23 Mar 2024 21:10:43 +0100 (CET) Received: from localhost ([::1] helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1ro7hA-0002EB-0N; Sat, 23 Mar 2024 16:10:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1ro7h8-0002Dj-5M for guix-patches@gnu.org; Sat, 23 Mar 2024 16:10:22 -0400 Received: from debbugs.gnu.org ([2001:470:142:5::43]) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1ro7h7-0001op-Qa for guix-patches@gnu.org; Sat, 23 Mar 2024 16:10:21 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1ro7hm-0001XM-GJ for guix-patches@gnu.org; Sat, 23 Mar 2024 16:11:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#68524] [PATCH 0/2] Support root encryption and secure boot References: In-Reply-To: Resent-From: Lilah Tascheter Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Sat, 23 Mar 2024 20:11:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 68524 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 68524@debbugs.gnu.org Cc: nchatz314@gmail.com Received: via spool by 68524-submit@debbugs.gnu.org id=B68524.17112246205802 (code B ref 68524); Sat, 23 Mar 2024 20:11:02 +0000 Received: (at 68524) by debbugs.gnu.org; 23 Mar 2024 20:10:20 +0000 Received: from localhost ([127.0.0.1]:51093 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ro7h5-0001VV-Fy for submit@debbugs.gnu.org; Sat, 23 Mar 2024 16:10:20 -0400 Received: from sendmail.purelymail.com ([34.202.193.197]:49304) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1ro7Q9-0000nh-Us for 68524@debbugs.gnu.org; Sat, 23 Mar 2024 15:52:56 -0400 DKIM-Signature: a=rsa-sha256; b=pMxgDK3oIuy+XYNeXRAqGHB/pjhLYqNZtXEZCvveCNXu6UBaRDM4iYz0rQH+IXVhK7VBOdDq98Dv/TTDkKhPfBdJuxNaN7oRzldQdleGcbaCC6uFsNubng0AhTjuVgLnKHGZKnZNONx/0eJZ8HXHtc5MnszRhXg0pPQ/OveQTZOIGzgIgsafm4lSbo1na0AuqkuHcODg1LePfiKLCcIb6VRn7Dhgtwi6o0URxJhfIarsDFk7C41+sC3zqaRYC3bBeY/LtoElMfGwtfiTfhKFslwJ9VR5EzFPxxuMPU/YwbTiDpo6770MSJxTQx3w36ecrQyD0u3G/hpMfgrdN/9FXg==; s=purelymail1; d=lunabee.space; v=1; bh=pZOopb6EYrm8sYBiuXiUoWrC8ByNiH/bZvuwKcjq0jI=; h=Received:Subject:From:To; DKIM-Signature: a=rsa-sha256; b=D2ARaJB0py9kVdoJ0GkTdc7LnID53wU4SvZaWpHI01nOtowbx4TmdobD7EF+m93jfMz8O/9dgHq0pRKvgTkhG5zhi8m47mFdYMxWfoflwscUxRAArXJAt7S9AdhNzUe6sZDRfhFUjxI1lEo3K9SpRhhxRgL3QbxYt9KZh4vZLtQnoP/25X6G7iKUKP7j30HzUx6SyJjAseh2W1U9w+vj6Sx2VWthOLSD2MiV5b5qvvh8rcWz07/9NQJXPb+DCvoQSdZFLJXeTHjoz/hln3y5BrExm6jAGtvO8+voGXX6yT3wW2+TrVNLuxIcJvvICPxIdA6aQlGrfgAeedAoYqRgYA==; s=purelymail1; d=purelymail.com; v=1; bh=pZOopb6EYrm8sYBiuXiUoWrC8ByNiH/bZvuwKcjq0jI=; h=Feedback-ID:Received:Subject:From:To; Feedback-ID: 8937:2070:null:purelymail X-Pm-Original-To: 68524@debbugs.gnu.org Received: by smtp.purelymail.com (Purelymail SMTP) with ESMTPSA id 136536595; (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384); Sat, 23 Mar 2024 19:40:41 +0000 (UTC) Message-ID: <09d16b08abe96944ff692c233db4f9fd65dc5a60.camel@lunabee.space> Date: Sat, 23 Mar 2024 14:40:40 -0500 Organization: Dissociation for Heresiographal Computation Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable User-Agent: Evolution 3.46.4 MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , From: Lilah Tascheter via Guix-patches Reply-To: Lilah Tascheter Errors-To: guix-patches-bounces+larch=yhetil.org@gnu.org Sender: guix-patches-bounces+larch=yhetil.org@gnu.org X-Migadu-Flow: FLOW_IN X-Migadu-Country: US X-Spam-Score: -6.82 X-Migadu-Queue-Id: 8D53423122 X-Migadu-Scanner: mx12.migadu.com X-Migadu-Spam-Score: -6.82 X-TUID: BqQuih16E+aO sorry for the late responses; I don't actually get sent your replies unless you cc me. and yeah don't worry it's isolated. there's only two bits of systemd used, systemd-boot-stub and ukify. ukify is pretty much just a single python script, and systemd-boot-stub is just a bit of code tacked on to the boot process to handle combining the kernel, args, and initrd together. no daemons or code past the bootloader at all! of note I'm currently in the process of rewriting the entire guix bootloader stack to make this work a Lot nicer. sooo hopefully that gets finished soon.