Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PR than contains the fixes for the issues I have opened #27

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

solsticedhiver
Copy link

Please let me know of anything

@inthreedee
Copy link

I would not recommend removing the /boot path check. We're not just monitoring for legitimately installed packages and want to be notified in case anything malicious changes something in /boot.

Not sure if #16 is still relevant but it's been working fine for me.

Also relevant: #19

@solsticedhiver
Copy link
Author

I don't think this software is meant to look for malicious file installed by packages, or whatever.
It is to check there was no changes between boots.

Also, /boot is not enough, because your ESP could be mounted on /efi.

By the way, I am now mounting the ESP on /efi, and keep /boot in the encrypted root partition. Also using UKI and Secure Boot, I am signing the efi executable. so this software is less relevant for me. I would suggest anyone to follow that scheme that make almost irrelevant chkboot.

@inthreedee
Copy link

For any scenario where /boot (or the relevant efi partition) is not encrypted, this software is meant to notify the user in the event that any files in the boot partition are modified by something other than the user. Your PR only monitors for updates to packages performed by the user. Since those actions are always legitimate, no warnings will ever be thrown and the purpose of this software has been undermined.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants