When grub or new kernel was installed in boot partition, their permission can be determined by umask.
Why set boot partition as noauto or ro in fstab ? What's the advantage ? On May 5, 2016 1:46 AM, "James" <[email protected]> wrote: > Neil Bothwick <neil <at> digimed.co.uk> writes: > > > > > Therefore, I check the configuration of grub2 and fstab. Then I found > > > that I forgot to modify mount options in fstab. > > > The option of my boot partition was set as noauto. So that I don't use > > > the kernel compiled by myself at all. > > > We've all done that. Now I mount /boot as ro in fstab. That way, if I > > forget to remount it before installing a kernel I get an error message > > instead of the kernel just disappearing. > > > > Perhaps a documentation bug should be filed against the handbook or other > gentoo doc explaining some of the security and other approaches > and *why* various approaches are used with mounting strategies for /boot/ > is > warranted? > > That way, if folks miss it, we can just refer them to the docs and > elaborate > a bit. Me, I like to keep lots of kernels around for a variety > of reasons. Maybe in the GSoC effort (Kernelconfig) is a better place to > implement some explanation on the choices of what to do with /boot/ ? [1] > > > Anyway, I'm glad to hear that all is fine now. > > James > > > [1] > https://wiki.gentoo.org/wiki/Google_Summer_of_Code/2016/Ideas/kernelconfig > > > >
