1 |
Neil Bothwick <neil <at> digimed.co.uk> writes: |
2 |
|
3 |
|
4 |
> > Therefore, I check the configuration of grub2 and fstab. Then I found |
5 |
> > that I forgot to modify mount options in fstab. |
6 |
> > The option of my boot partition was set as noauto. So that I don't use |
7 |
> > the kernel compiled by myself at all. |
8 |
|
9 |
> We've all done that. Now I mount /boot as ro in fstab. That way, if I |
10 |
> forget to remount it before installing a kernel I get an error message |
11 |
> instead of the kernel just disappearing. |
12 |
|
13 |
|
14 |
|
15 |
Perhaps a documentation bug should be filed against the handbook or other |
16 |
gentoo doc explaining some of the security and other approaches |
17 |
and *why* various approaches are used with mounting strategies for /boot/ is |
18 |
warranted? |
19 |
|
20 |
That way, if folks miss it, we can just refer them to the docs and elaborate |
21 |
a bit. Me, I like to keep lots of kernels around for a variety |
22 |
of reasons. Maybe in the GSoC effort (Kernelconfig) is a better place to |
23 |
implement some explanation on the choices of what to do with /boot/ ? [1] |
24 |
|
25 |
|
26 |
Anyway, I'm glad to hear that all is fine now. |
27 |
|
28 |
James |
29 |
|
30 |
|
31 |
[1] https://wiki.gentoo.org/wiki/Google_Summer_of_Code/2016/Ideas/kernelconfig |