In today’s announcement from the openSUSE team, the rolling release Tumbleweed is undergoing a significant change as it integrates systemd-boot, thus promising enhancements in system boot performance and security.
According to openSUSE, the primary driver for adopting systemd-boot is its simplicity and efficiency, particularly when managing systems with full-disk encryption. Here’s what it’s all about.
Unlike GRUB, which embeds complex decryption and key derivation functions directly into the boot loader – potentially slowing down system startup – systemd-boot simplifies this process. It delegates decryption and other tasks to the Linux kernel and user space, aiming to make the boot process faster and more streamlined.
Moreover, openSUSEโs Tumbleweed and MicroOS, known for utilizing the Btrfs filesystem and snapshot capabilities, face challenges in their boot processes. In light of this, systemd-boot integration is seen as a solution to these complexities, facilitating seamless booting from snapshots and ensuring that kernel updates are smoothly applied in a dynamic environment.
To support systemd-boot integration, new tools and scripts have been introduced, with sdbootutil playing a pivotal role. It manages kernel versions, snapshots, and boot entries, creating new boot options in the EFI System Partition (ESP) and ensuring that new kernels from snapshots are correctly handled. It also generates the necessary initial ramdisk for these snapshots, which is crucial for booting.
However, while systemd-boot support in openSUSE is currently experimental, both Tumbleweed and MicroOS offer it as an alternative to GRUB in the YaST installer for those willing to experiment.
Furthermore, ready-made appliances that utilize systemd-boot and full-disk encryption by default are available for testing. For further details, check out the announcement.
