Enable automatic bootloader updates #1468
Comments
|
We should also consider whether to automatically update the BIOS bootloader. It's probably infeasible to do that safely, though. |
|
We've made a lot of progress on this front so we should reconsider that. |
Added the |
|
From the 0.2.19 to the 0.2.24 release, we have fixed the following issues:
We have the following issue still blocking us on Fedora CoreOS:
Once we have the SELinux issues fixed, we should be able to enable automatic updates on boot for non-RAID setups. This has been enabled by default on boot for the Atomic Desktops for Fedora 41 for UEFI, and planned to be enabled for BIOS as well soon. |
|
During our meeting today (10/30), we agreed to proceed with F42 and to assign someone with availability to implement it. You can find more details in the meeting logs. |
|
Sorry for the noise, removing the meeting label as this was already discussed in the community meeting last week. |
Currently, Fedora CoreOS (and in fact, all other rpm-ostree-based Fedora variants) do not update the EFI bootloader together with host updates. The reason for this is explained in greater details in the bootupd README (see especially the Q&A). Recently, we've hit more and more issues related to stale bootloaders, to the point where it's becoming more urgent that we fix this gap.
The main blocker to have automatic bootloader updates is to make them safer in bootupd (related issues: coreos/bootupd#440, coreos/bootupd#454). Once it's deemed safe enough to turn on by default, we then need to integrate it into FCOS. Fedora IoT and Fedora Silverblue likely will also want this.
The text was updated successfully, but these errors were encountered: