> Why can't you just enable journalling in systemd-homed, so we have
LUKS+dm-integrity-journalling?
That's why there's two layers of dm-integrity stacked on top of each
other (one protecting the filesystem, one baked into the systemd-homed
LUKS image)
> If the user needs to separate / and /home, isn't that just sensible
design?
I'm not exactly sure what you mean by this, sorry
> As for SSDs, the latest ones, as far as I can tell, have a lifespan
measured in years even if they're being absolutely hammered by a stress
test. If you're really worried about wearing out an SSD, put the journal
on rotating rust, but I think those in the know are likely to tell you
that the rust will die before the SSD.
This is for a general-purpose desktop OS. I have absolutely no control
over the hardware my users have in their computers. Many SSDs from a
few years ago have significantly worse lifetimes. I'd rather not wear
out the SSD 4x more than necessary (even if many newer SSDs can handle
that)
Best,
Adrian
