On 02.09.22 16:52, Chris Murphy wrote:
I doubt any users care about rolling back /boot specifically. But rather the mechanism ensuring the pairing of kernel+initramfs+/usr is trustworthy.
There could, for example, be a copy of /boot in the snapshotted btrfs root. And our initrd then just needs to contain enough magic sauce so that it can be told to "restore the kernel+initrd from snapshot to /boot" There even could be a special mini-rescue-system-kernel+initrd combo that can do just that. Then the "boot old snapshot" option in the boot loader becomes two step: first boot the "restore-kernel-magic-rescue-system" and then reboot into the old snapshot. This does not sound like it is not doable at all to me. But yes, understood. At least one of the participants in this discussion does not want that to happen, so we are looking for problems instead of possible solutions ;-) Note that I have absolutely no interest in that at all. I plan to skip all that BTRFS / snapshot /stuff at least until my kids start administering my computers for me (hopefully) some decades from now. I'm just writing down one obvious way to solve the "problem". -- Stefan Seyfried "For a successful technology, reality must take precedence over public relations, for nature cannot be fooled." -- Richard Feynman