Add tmpfiles.d/systemd.conf and systemd-tmpfiles-setup.service to systemd-based initramfs
See #273 (closed)
(TPM PCR signature and public key files from systemd-stub are not copied over from the initrd to /run/systemd/
in the live system.)
# objcopy -O binary --only-section=.initrd /efi/EFI/Linux/982132008de649089768b8fa1887cbe1-6.9.9-arch1-1.efi initrd_out.img
# lsinitcpio initrd_out.img | grep "tmpfiles"
usr/bin/systemd-tmpfiles
usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service
usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup.service
usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service
usr/lib/systemd/system/systemd-tmpfiles-setup.service
usr/lib/tmpfiles.d/
usr/lib/tmpfiles.d/systemd.conf
After next boot, the files are properly copied over.
# ls -lha /run/systemd/tpm2-*
-r--r--r-- 1 root root 451 Jan 1 1970 /run/systemd/tpm2-pcr-public-key.pem
-r--r--r-- 1 root root 8.3K Jan 1 1970 /run/systemd/tpm2-pcr-signature.json
-r--r--r-- 1 root root 451 Jul 16 09:16 /run/systemd/tpm2-srk-public-key.pem
-r--r--r-- 1 root root 284 Jul 16 09:16 /run/systemd/tpm2-srk-public-key.tpm2b_public
This didn't seem to break my system, but can there be unwanted consequences to adding https://github.com/systemd/systemd/blob/main/tmpfiles.d/systemd.conf.in to the initrd ? Or should other tmpfiles be added too ?
Edited by cedric cvl