Using /opt with System Extensions By default, Kairos does not include /opt as a system extension (sysext) overlay hierarchy. This is because in normal runtime, /opt is writable and bind-mounted to the persistent partition, allowing users and applications to freely write data that persists across reboots. However, when a system extension is loaded that includes a /opt hierarchy, the behavior of that directory changes: it becomes read-only, overridden by the overlay from the system extension im...| kairos.io
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
Index ·| www.freedesktop.org
Warning This feature is in preview state and only available in Kairos v3.4.x releases and alphas. Please check the section “Known issues” at the bottom for more information. Signing keys for system extensions under Trusted Boot Sysexts need to be signed with the same key/cert as the ones used to sign the EFI files. As those are part of the system and available in the EFI firmware, we can extract the public part and verify the sysexts locally.| kairos.io
Index ·| www.freedesktop.org