You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The ESP seems to be mounted with the default umask=0022 during installation and written into fstab by genfstab. This causes a warning at boot:
systemd[1]: Starting Update Boot Loader Random Seed...
bootctl[1897]: ! Mount point '/boot' which backs the random seed file is world accessible, which is a security hole! !
bootctl[1897]: ! Random seed file '/boot/loader/random-seed' is world accessible, which is a security hole! !
bootctl[1897]: Random seed file /boot/loader/random-seed successfully refreshed (32 bytes).
It would be better to either mount ESP with umask=0077 during installation, or generate an fstab with the option (e.g. Fedora).
p.s. genfstab also clutter the mount options with default values, but that's cosmetic...
The text was updated successfully, but these errors were encountered:
describe the request
The ESP seems to be mounted with the default
umask=0022during installation and written into fstab by genfstab. This causes a warning at boot:It would be better to either mount ESP with
umask=0077during installation, or generate an fstab with the option (e.g. Fedora).p.s. genfstab also clutter the mount options with default values, but that's cosmetic...
The text was updated successfully, but these errors were encountered: