celsius

I agree this would be a great and sensible feature to have as virtually all modern laptops come with TPM2 chips and fingerprint sensors nowadays. However, there doesn't seem to...

While brittle, inconvenient and in theory less performant, it's simpler and lets the `init` process be free of CGO. See https://github.com/anatol/booster/pull/240

Same topic as https://github.com/anatol/booster/issues/110. It doesn't necessarily need to be in Booster.

I'm against this in favor letting external tools do it instead as currently, `sbctl` and `systemd-ukify` are able to create unified kernel images. For instance, we could just have a...

I'm against this. While PKCS#11 support would be nice, it's not clear to me how common the usage is to justify the feature. Besides, a more contemporary protocol/standard such as...

To clarify, you're invoking the `sudo` command internally to bring up a WireGuard interface? That signals a red flag to me and this would be the only block that would...

`wg-quick` creates a WireGuard tunnel and sets up a firewall. Those two actions at least are inherently privileged operations that requires root. As far as I can tell, there's no...

@anatol part of the description for commit https://github.com/anatol/booster/commit/67eaed963ba20fc52eca4ead3a94ccf67738bd87 is wrong -- we don't write the output to `/boot/Linux/EFI`. Would this be a problem?

> Same issue filed for Tor Browser: [Tor Browser silently fails if dbus-glib is not installed on Linux](https://gitlab.torproject.org/tpo/applications/tor-browser/-/issues/41914) This issue has been around for years, and, more importantly, [this library...

> Is this issue being worked on by someone? dracut handles the new systemd-cryptenroll setup just fine, FYI. I don't know about anatol but I only _skimmed_ through the relevant...