Skip to content

Add tmpfiles.d/systemd.conf and systemd-tmpfiles-setup.service to systemd-based initramfs

cedric cvl requested to merge clavelc/mkinitcpio:tpm2-pcr into master

See #273 (closed) (TPM PCR signature and public key files from systemd-stub are not copied over from the initrd to /run/systemd/ in the live system.)

# objcopy -O binary --only-section=.initrd /efi/EFI/Linux/982132008de649089768b8fa1887cbe1-6.9.9-arch1-1.efi initrd_out.img
# lsinitcpio initrd_out.img | grep "tmpfiles"
usr/bin/systemd-tmpfiles
usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup-dev.service
usr/lib/systemd/system/sysinit.target.wants/systemd-tmpfiles-setup.service
usr/lib/systemd/system/systemd-tmpfiles-setup-dev.service
usr/lib/systemd/system/systemd-tmpfiles-setup.service
usr/lib/tmpfiles.d/
usr/lib/tmpfiles.d/systemd.conf

After next boot, the files are properly copied over.

# ls -lha /run/systemd/tpm2-*
-r--r--r-- 1 root root  451 Jan  1  1970 /run/systemd/tpm2-pcr-public-key.pem
-r--r--r-- 1 root root 8.3K Jan  1  1970 /run/systemd/tpm2-pcr-signature.json
-r--r--r-- 1 root root  451 Jul 16 09:16 /run/systemd/tpm2-srk-public-key.pem
-r--r--r-- 1 root root  284 Jul 16 09:16 /run/systemd/tpm2-srk-public-key.tpm2b_public

This didn't seem to break my system, but can there be unwanted consequences to adding https://github.com/systemd/systemd/blob/main/tmpfiles.d/systemd.conf.in to the initrd ? Or should other tmpfiles be added too ?

Edited by cedric cvl

Merge request reports

Loading