On Thu, 18 Jul 2013 11:46:58 +0200 Hans Witvliet <suse@a-domani.nl> wrote:

Obviously, using "new grub2 features" can not not be exploited anymore in 13.1.

First feature is that with grub2, you are allowed to but "/boot" inside a LVM (not allowed by grub-legacy and hence not supported bay YaST-installer)

Second feature is to have /boot within an encrypted LVM. Again, (not allowed by grub-legacy and hence not supported bay YaST-installer)

Only unprotected parts are the grub2-images (core.img, etc) I presume it will have impact on the installer and YaST. It's another (small) step to make systems a little bit more secure.

Perhaps something for 13.2 ?

hw

Please add it to https://features.opensuse.org/ so we can add it to supported scenarious for yast2 bootloader ( installer also use this module for proposals ) Josef -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org

On Thu, 18 Jul 2013 11:46:58 +0200 Hans Witvliet <suse@a-domani.nl> wrote:

Obviously, using "new grub2 features" can not not be exploited anymore in 13.1.

First feature is that with grub2, you are allowed to but "/boot" inside a LVM (not allowed by grub-legacy and hence not supported bay YaST-installer)

Second feature is to have /boot within an encrypted LVM. Again, (not allowed by grub-legacy and hence not supported bay YaST-installer)

Only unprotected parts are the grub2-images (core.img, etc) I presume it will have impact on the installer and YaST. It's another (small) step to make systems a little bit more secure.

Perhaps something for 13.2 ?

hw

Please add it to https://features.opensuse.org/ so we can add it to supported scenarious for yast2 bootloader ( installer also use this module for proposals ) Josef -- To unsubscribe, e-mail: opensuse-factory+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse-factory+owner@opensuse.org