This is a tracking bug for Change: Enabling composefs by default for Atomic Desktops, CoreOS and IoT For more details, see: https://fedoraproject.org/wiki/Changes/ComposefsAtomicCoreOSIoT We want to enable composefs by default for Fedora Atomic Desktops, Fedora CoreOS and Fedora IoT. This makes the root mount of the system (/) a truly read only filesystem, increasing the system integrity and robustness. This is the first step toward a full at runtime verification of filesystem integrity. If you encounter a bug related to this Change, please do not comment here. Instead create a new bug and set it to block this bug.
Hi Jean-Baptiste, could you provide a status update on this change please? Changes need to be code complete before we enter beta freeze next Tuesday 27th August. Are you still on track to land this in F41, or do you need to defer to F42? Thanks, Aoife
This change is on track for Fedora CoreOS & Fedora IoT. For Fedora Atomic Desktops, we don't have a plan ready for the transition thus I'm deferring it, for the Atomic Desktops only, to Fedora 42. I'll update the wiki page. Let's keep this change for F41 as we're still planning to enable it for IoT & CoreOS.
Thanks Timothee! Can I ask you dissect the change to have the CoreOS & IoT one for F41 (current change) and a new change wiki for the Atomic part please? The change is accepted so just a separate wiki for the Atomic side is sufficient and I can add the tracker bug to that one for F42. Thanks!
Thanks, I've created https://fedoraproject.org/wiki/Changes/ComposefsAtomicDesktops for F42.