Does this must require linux-lts?

[Firestar-Reimu]

https://aur.archlinux.org/packages/arch-secure-boot

This says linux-lts as a dependency

but I use linux and I do not want to use another (and less than 6.2 because I need the ntfs3 update) kernel

Can I use arch-secure-boot with linux/linux-mainline/linux-zen, etc.?

[maximbaz]

Hello! linux-lts is used to create a recovery image, in case a kernel upgrade causes an unbootable system, you would be able to boot into the recovery .efi image and from there fix up your system. Does this clarify the purpose of it?

[Firestar-Reimu]

1. What about a LTS kernel update like 6.1.22 -> 6.1.23?
2. Can the recovery image be rebuilt every time the kernel update?

[maximbaz]

The efi images, normal and recovery, will be automatically rebuilt when any of the targets specified below are updated, including lts kernel upgrade!

https://github.com/maximbaz/arch-secure-boot/blob/main/pacman-hooks/95-arch-secure-boot-generate-efi.hook

[Firestar-Reimu]

Thanks, I hope that this program can support more kernels.

[maximbaz]

It certainly can 😉 not for the recovery image, that uses lts on purpose, but regular image supports any kernel, see the config 👍

[Firestar-Reimu]

1. where is the config

2. So you can make a package which do not support recovery image and do not hard-require linux-lts?

[maximbaz]

1. see lines 10 and 14, config is being read both from a file or simply from environment variables, whatever you prefer

https://github.com/maximbaz/arch-secure-boot/blob/ce12afdf288a0505bc426f33319a7e126c584376/arch-secure-boot#L10

2. It would be against the goal of this project to exclude generation of recovery image, so I won't be making such package, but you are very welcome to take the code and remove the line that does it!

This particular project is based on a lot of hardcoded opinions for a reason that it allows it to both be small in size (less bugs, less security risks) and do one single job well.