Revert "Ensure only systemd or systemd-signed can be installed"
This reverts commit df34cdc207b37bcec729ae51507c9e436a9e670a. Replacing
a core package like systemd would be very tricky, so the systemd-boot
files have been split out into a separate package. There will no longer
be systemd-signed package after that change, so there's no need to
maintain the Replaces and Conflicts.
We want to replace the systemd-boot EFI loader with a signed version,
and our normal way of doing that is to replace the package with a signed
version. However, that would be problematic for a core package like
systemd. Not only are there many reverse dependencies on systemd that
would have to be satisfied by the signed version, but the package is
Priority: important, which means that our apt-bootstrap tool would have
to resolve the conflicts during OS bootstrapping.
Instead, move the few files into a separate package. Nothing directly
depends on systemd-boot, so it should be straightforward to manage it
this way. The built architectures matches those for which gnu-efi is a
build dependency. Without that, systemd-boot is not built.
Ensure only systemd or systemd-signed can be installed
For PAYG, the systemd-boot EFI loader needs to be signed, and this will
be part of a systemd-signed package. Ensure that only systemd or
systemd-signed can be installed by adding Conflicts and Replaces on that
package. The secure boot signer will swap these to systemd when creating
the systemd-signed package.