On Tuesday 15 Aug 2017 16:02:19 Mike Gilbert wrote: > On Tue, Aug 15, 2017 at 2:17 PM, Rich Freeman <ri...@gentoo.org> wrote: > > On Tue, Aug 15, 2017 at 11:04 AM, Mick <michaelkintz...@gmail.com> wrote: > >> I can't recall if I did this myself in a moment of security induced > >> inspiration. I doubt I did. So how did this happen? What is > >> responsible for mounting this fs? > > > > It looks like this never did turn into a news item: > > https://archives.gentoo.org/gentoo-dev/message/35304b0db4de9e06fea32227537 > > 9fa81 > > > > You can remount it as rw if your tools don't do it automatically. It > > might not hurt to file a bug if one doesn't already exist for the tool > > that isn't remounting it. > > Please bother efibootmgr upstream about it, or bother the OpenRC > maintainer who decided to break things.
Thank you Rich, I suspected it was an intentional change and from a security perspective it is to be commended. However, it could cause uninformed users like myself some lost time, thinking something may have gone wrong on our system. I submitted bug #627964: https://bugs.gentoo.org/show_bug.cgi?id=627964 I think a news item although useful, on its own is not sufficient. If remounting 'rw' and back again to 'ro' is not performed by the legit commands which touch efivars (e.g. efibootmgr, GRUB, et al), the HandBook should also be amended if it hasn't been already, because newbies will have one more excuse to pack it in and go back to *buntu. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
