>Theo de Raadt wrote: >> In other words, it is pretty simple -- reinstall, and prove reproducibility. > >I have clients and work to do. Did this all on a Sunday night. > >> And frankly, doing your entire system as /, should almost be an unsupported >> option. It is a ridiculous configuration >> for about 20 reasons. > >Mais oui, m'sieu. Was my first try at whole-disk encryption. Next time I build >a new machine, I'll do it right.
That has nothing to do with having one / partition, via many partitions. And secondly when it is the first try, and flaws become evident, why keep digging a deeper hole. Even the sorries become noise.