On Do, 02.10.25 09:02, Tomasz Torcz ([email protected]) wrote: > On Wed, Oct 01, 2025 at 05:22:36PM -0400, Neal Gompa wrote: > > With three kernels at any given time (plus the rescue image), a > > conservative estimate of 300MiB per generic initramfs makes 1.5GB very > > tight. > > We probably do want to bump /boot to 2GB. And all our disk images need > > similar adjustments unfortunately. > > > > Since it's possible to have all-generic initramfses as a > > configuration, we have to account for it. > > We can also take a step back: if we do not encrypt /, * > we can get rid of separate /boot partition at all. This could > be just a directory on rootfs. > We mount ESP in /boot/efi anyway. > > * We use GRUB by default. It has some basic support for LUKS2, so > it may work on encrypted rootfs, too: > https://wiki.archlinux.org/title/GRUB#Encrypted_/boot
This will never fly. The disk encryption stack these days is more than querying for a passwords. It's FIDO2, PKCS11, TPM2, … Reimplementing that in Grub is a terrible idea. It's awful enough Grub reimplements its own storage/file system stack, replicating badly what Linux does. It's even worse trying to shoehorn the complexity of the disk encryption stack into it as well. Good luck with that, Lennart -- Lennart Poettering, Berlin -- _______________________________________________ devel mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/[email protected] Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
