> "Third-party drivers should not be installed on systems that will be used for FIPS or the real-time kernel."
This may be sufficient. We're already talking about a fairly extreme edge case here. The footprint of hardware that triggers the ubuntu-drivers criteria that also is intended to use FIPS later is already quite small. If we ever add additional packages that leverage GRUB_FLAVOUR_ORDER in the future, we could add information as needed?
The subiquity piece of this is likely the smallest part. The `aggressive` installs of the oem packages in already-configured desktop instances via update-manager is the bigger headache.( i.e. running fips fine, then oem packages `randomly` install, and I lose compliance without being aware.)
> "Third-party drivers should not be installed on systems that will be used for FIPS or the real-time kernel."
This may be sufficient. We're already talking about a fairly extreme edge case here. The footprint of hardware that triggers the ubuntu-drivers criteria that also is intended to use FIPS later is already quite small. If we ever add additional packages that leverage GRUB_FLAVOUR_ORDER in the future, we could add information as needed?
The subiquity piece of this is likely the smallest part. The `aggressive` installs of the oem packages in already-configured desktop instances via update-manager is the bigger headache.( i.e. running fips fine, then oem packages `randomly` install, and I lose compliance without being aware.)