We want to replace the systemd-boot EFI loader with a signed version,
and our normal way of doing that is to replace the package with a signed
version. However, that would be problematic for a core package like
systemd. Not only are there many reverse dependencies on systemd that
would have to be satisfied by the signed version, but the package is
Priority: important, which means that our apt-bootstrap tool would have
to resolve the conflicts during OS bootstrapping.
Instead, move the few files into a separate package. Nothing directly
depends on systemd-boot, so it should be straightforward to manage it
this way. The built architectures matches those for which gnu-efi is a
build dependency. Without that, systemd-boot is not built.
77d5ae9...
by
Will Thompson <email address hidden>
Unconditionally enable tmp.mount
Previously, we depended on the "one-time migration" block in postinst to
read /etc/default/tmpfs and enable tmp.mount by copying it into /etc.
This behaviour is inherited from Debian where tmpfs-on-/tmp is not the
default. /etc/default/tmpfs is provided by the initscripts package,
which is no longer a required package and so is not included in the
first phase of debootstrap where the systemd package is installed.
Since we always want /tmp to be a tmpfs in Endless OS, we can just
remove this Debian-specific logic and follow upstream, where tmp.mount
is installed to /lib/systemd/system and symlinked into
/lib/systemd/system/local-fs.target.wants/. Assuming that users have not
modified either /etc/systemd/system/tmp.mount or
the /etc/systemd/system/local-fs.target.wants/tmp.mount symlink,
on an ostree upgrade these files in /etc should be removed, and the
copies in /lib will be used instead. On converted systems, we can just
leave them harmlessly in place.
