action #28507
Updated by SLindoMansilla over 6 years ago
## User story As a customer, when I select in the Yast installer to use *encrypted LVM-based* partitions, I expect _/boot_ to also be encrypted, so initrd and kernel are better protected against malicious actions. - Take in mind that _/boot_ can be a directory under the root partition or be in a separated partition, but in any case, it is expected to be encrypted. - Be aware that on SLE 12-SP3 _/boot_ was in a separated partition by default. On SLE 15, _/boot_ is no more in a separated partition by default. ## Acceptance criteria **AC1:** [bsc#1070139](https://bugzilla.suse.com/show_bug.cgi?id=1070139) is resolved. **AC2:** The test suite **lvm-full-encrypt** is adapted to have an encrypted _/boot_ for **aarch64**, **ppc64** and **x86_64** **AC3:** The test suite **lvm-full-encrypt** still gives for SLE 12-SP3 the same results as in https://openqa.suse.de/tests/overview?distri=sle&version=12-SP3&build=0473&groupid=55. ## Tasks 1. Wait for [bsc#1070139](https://bugzilla.suse.com/show_bug.cgi?id=1070139) to be resolved. 2. Adapt test suite **lvm-full-encrypt** to work for SLE 12-SP3 and SLE 15.