Am 17.03.20 um 20:57 schrieb Axel Braun:
[...] I never got why to encrypt just disk when there are bunch of data leaking via /tmp.
https://bugzilla.opensuse.org/show_bug.cgi?id=1166005 is a good reason to just encrypt /home
You can put /boot back on a separate partition. That way you still have everything except kernel and initrd encrypted so accidental data leak via tmp or swap is still prevented. There was a decision in an unfortunately private SLE feature request some years ago (https://fate.suse.com/320215) to ignore the inconveniences of /boot on / in favor of working snapshots unfortunately. cu Ludwig -- (o_ Ludwig Nussel //\ V_/_ http://www.suse.com/ SUSE Software Solutions Germany GmbH, HRB 36809 (AG Nürnberg), GF: Felix Imendörffer -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org