These might be a bit much grub boot menu default entries. We already have 4:
- persistent boot
- recovery mode persistent boot
- live boot
- recovery mode live boot
Option recovery mode live boot is way too unimportant (given much important boot modes) to have a default entry. But I just now figured out how to get rid of it. Soon we will have three default boot menu entries:
- persistent boot
- recovery mode persistent boot
- live boot
(By default entry I mean: easily accessible in grub default boot menu.)
This discussion cannot really be separated from multiple boot modes for better security: persistent user | live user | persistent secureadmin | persistent superadmin | persistent recovery mode.
I am not longer sure, should there be a root boot mode default entry or superoot default default entry or both? Will ask in above forum thread.
Could you please either replace the following or add an additional short options?
no-apparmor-profile-everythingapparmor-superrootapparmor-debug
These are quite a lot to type when typing these manually. Suggestions for shorter versions:
-
no-apparmor-profile-everything→noape -
apparmor-superroot→superroot -
apparmor-debug→aadebug
In some situations (Qubes) these options may not be (easily) accessible through Qubes boot menu but manually typing kernel boot parameters only (in Qubes VM settings, kernel parameter).
Suggested criteria for good short kernel boot parameter names:
- short
- easy to type
- hard to misread / type wrong
- not inappropriately conflicting with existing boot option
- unlikely to be picked in future by a different project which isn’t aware of us (so we don’t have to change these later) to avoid double-use of these
apparmor-debug → aadebug… Maybe for that one we could “hijack” (if there already is such a kernel boot parameter) debug?
I don’t think we should add 3 more default boot menu entries? noape, aadebug don’t seem important enough to be added as grub default boot menu entries?
For now we could merge your git branch immediately without adding any new grub boot menu entries. For now we could type noape, superroot, aadebug manually. Until we figured out the design (which menu entries should be default) and implementation of multiple boot modes for better security: persistent user | live user | persistent secureadmin | persistent superadmin | persistent recovery mode.