Open requested to merge tallero/mkinitcpio-archiso:integrity into master
It adds support for comparing
airootfs signature against a backup file eventually put on an external device, for example on an integrity dongle.
The signature file can be specified using the
sigdevice kernel parameter, using the same syntax as the one for the
cryptdevice parameter in the encrypt module, i.e.
This same feature is provided by the
encrypt hook in
when the root file system is encrypted because it would be pointless to verify the signature after having tried to unlock a potentially malicious
Notes: this branch is based on !25.