Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.
Sign upAll removing /boot prior to decrypting other partition(s) #2446
Comments
This comment has been minimized.
Show comment
Hide comment
This comment has been minimized.
Show comment
Hide comment
|
See #885 - it's a precondition to what you want... |
andrewdavidwong
changed the title from
Insecure Default Boot Mount
to
All removing /boot prior to decrypting other partition(s)
Nov 22, 2016
andrewdavidwong
added
C: core
enhancement
help wanted
labels
Nov 22, 2016
andrewdavidwong
added this to the Far in the future milestone
Nov 22, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
baffo32 commentedNov 21, 2016
Qubes OS version (e.g.,
R3.1):3.2
Expected behavior:
I want to be able to yank my rewriteable boot device prior to decryption, so that if dom0 is compromised it cannot change the boot partition, which I share with other systems.
Actual behavior:
/boot is automatically mounted and fsck'd on boot, so yanking the boot device results in a failed boot.
Steps to reproduce the behavior:
Install Qubes with /boot on a removable device.
Begin booting with the device. As soon as the initramfs image is loaded (or, altenately, prior to entering a decryption passphrase), remove the device. Then continue booting.
The boot fails because the OS cannot mount the removable device.
General notes:
This is fixed by adding the 'noauto' flag to /boot in /etc/fstab .