On 03.06.2023 15:25, Virendra Negi wrote:
I noticed a couple of days back that in the event of an apt-get update of
the target services, our services did not start.
"target service" sounds very strange in systemd world.
Apparently, the service was in a sleeping state when it was upgraded.
Just to close this off, because you guys have spend time in helping me
navigate through this: Finally I decided to go for FDE based on the TPM.
Then, most of my concerns where addressed by using PCRs 0,1,7 and 9, so
that initramfs gets also measured. This allows me to keep a separate
boot
