5 Key Things You Need to Know About Fedora’s Sealed Bootable Container Images

Fedora’s Atomic Desktop team has just released sealed bootable container images for testing. These images create a fully verified boot chain from firmware to the operating system, leveraging Secure Boot and modern container technology. If you’re curious about how this works, how to test it, or what it means for security, this list covers the essentials.

1. What Are Sealed Bootable Container Images?

Sealed bootable container images are pre-built system images that contain every component needed to verify the entire boot process. Starting from the firmware, each step is cryptographically signed and checked, ensuring that only trusted code runs on your machine. This approach uses Secure Boot and is designed for UEFI systems on x86_64 and aarch64. The main benefit? It enables passwordless disk unlocking via the Trusted Platform Module (TPM) in a reasonably secure way by default. Instead of typing a passphrase at every boot, the TPM verifies the boot chain and automatically unlocks the disk, streamlining the user experience while maintaining strong security guarantees.

2. The Core Components Behind the Verified Boot Chain

Three key pieces work together to create the sealed environment:

• systemd-boot – acts as the bootloader, responsible for launching the next stage.
• A Unified Kernel Image (UKI) – bundles the Linux kernel, an initrd, and the kernel command line into a single signed executable. This simplifies verification and reduces attack surface.
• A composefs repository with fs-verity – the root filesystem is stored as a content-addressable, integrity-checked image. Bootc manages this repository, ensuring every file matches its expected hash.

Both systemd-boot and the UKI are signed with test keys for Secure Boot—not the official Fedora keys. This allows early testing without final production signing. The result is a chain where the firmware verifies the bootloader, which verifies the UKI, which then mounts the verified composefs image, creating an unbroken trust path.

3. How to Test the Pre-Built Images

Getting started is straightforward. The project provides both container images and disk images you can deploy directly. Detailed instructions live on the Fedora Atomic Desktops Sealed GitHub repository. You can also build your own customized sealed images using the provided tooling. The test images include SSH enabled and no root password set by default—this is intentional for debugging. Evaluate the process on a non-production machine first. For any issues or feedback, the repository has a list of known problems and a place to report new ones; the maintainers will redirect relevant bugs to upstream projects like bootc, composefs, or systemd as needed.

4. Important Caveats for Testers

These images are strictly in the testing phase. Do not use them on production systems. Key points to remember:

• Secure Boot works with test signing keys, not the official Fedora keys. This means the boot chain is verified only on machines that trust these test certificates.
• The root account has no password set, and sshd is enabled by default. This makes remote debugging easier but is insecure by design—ensure your test environment is isolated.
• Passwordless TPM disk unlocking is the headline feature, but it depends on the sealed boot chain. If any component is tampered with, the TPM will refuse to release the key, keeping your data safe.
• Currently, only UEFI x86_64 and aarch64 systems are supported. Legacy BIOS boot is not available.

By understanding these limitations, you can test effectively without risking your main workstation.

5. Where to Learn More and Contribute

The sealed bootable container effort builds on work from multiple upstream projects. For a deeper dive, check out these resources:

• Presentation “Signed, Sealed, and Delivered” with UKIs and composefs (FOSDEM 2025) by Allison and Timothée.
• “UKIs and composefs support for Bootable Containers” (Devconf.cz 2025) by Timothée.
• “UKI, composefs and remote attestation for Bootable Containers” (ASG 2025) by Pragyan, Vitaly, and Timothée.
• Composefs backend documentation in bootc.

Contributors from bootc, bcvk, composefs and composefs-rs, chunkah, podman, buildah, and systemd have made this possible. You can join the fedora-atomic-desktops-sealed repository to report bugs, submit patches, or simply ask questions. Your testing helps harden the solution before it becomes a default option in future Fedora releases.

Sealed bootable container images represent a significant step toward more secure, container-native operating systems. By combining modern boot tooling with verified filesystems, Fedora is laying the groundwork for passwordless, tamper-proof disk encryption. Start testing today and help shape the next generation of Atomic Desktops.