Skip to content

release: Update ordering for drivers target #749

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

release: Update ordering for drivers target #749

wants to merge 1 commit into from

Conversation

@yeazelm
Copy link
Contributor

@yeazelm yeazelm commented Nov 18, 2025

The drivers target should be before we apply settings so we can enforce lockdown for the kernel after they are loaded.

Related to Issue number: bottlerocket-os/bottlerocket#4218 (comment)

Description of changes:
Updates the drivers.target to be Before settings are applied. Related to bottlerocket-os/bottlerocket-kernel-kit#321

Testing done:
Confirmed the target works as expected:

bash-5.1# journalctl -u drivers.target
Nov 18 01:10:13 localhost systemd[1]: Reached target Driver units.
bash-5.1# systemctl status drivers.target
● drivers.target - Driver units
     Loaded: loaded (/x86_64-bottlerocket-linux-gnu/sys-root/usr/lib/systemd/system/drivers.target; enabled; preset: enabled)
     Active: active since Tue 2025-11-18 01:10:13 UTC; 2h 26min ago

Nov 18 01:10:13 localhost systemd[1]: Reached target Driver units.

Terms of contribution:

By submitting this pull request, I agree that this contribution is dual-licensed under the terms of both the Apache License, version 2.0, and the MIT license.

@yeazelm
release: Update ordering for drivers target
ecaf7a5 
The drivers target should be before we apply settings so we can enforce
lockdown for the kernel after they are loaded.

Signed-off-by: Matthew Yeazel <[email protected]>
@yeazelm yeazelm requested a review from bcressey November 18, 2025 03:40
cbgbt
cbgbt approved these changes Nov 25, 2025
View reviewed changes
Copy link
Contributor

@cbgbt cbgbt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It might be good to add a comment explaining why this must go before settings-applier service, but the change lgtm!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bcressey bcressey bcressey approved these changes

@cbgbt cbgbt cbgbt approved these changes

@arnaldo2792 arnaldo2792 arnaldo2792 approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@yeazelm @bcressey @cbgbt @arnaldo2792