This allows to add additional CAs as trust anchors via the root key
"ca-trust" in the YAML config files.
Why is this helpful and can't be done for example with SRMs?
After the CA files are copied, "update-ca-trust" must be called. This
updates *all* ca trust files. This means your SRM will override all
trust files with the ones used when creating the SRM.
When you then use the SRM with a newer version of SystemRescue, you will
still use the old ca trust files from when the SRM was built.
This prevents huge dependency downloads by pacman when the SystemRescue version gets older
by using a snapshot repo from the day the SystemRescue version is released.
The classic rolling repos from Arch are also available as option. Activate with the
"--config /etc/pacman-rolling.conf" option to pacman.
To allow switching on a per-command basis, two different sets of remote package databases
are required. But the local package database must be the same for both variants. This
is achived by using two different DBPaths in the pacman config files and bind-mounting
the local part together. pacman does not accept symlinks for this, so it must be a bind mount.
* Following upstream archiso
* NetworkManager stays as default in SystemRescueCd
* Explicitly symlink /etc/resolv.conf to /run/NetworkManager/resolv.conf
to make clear NetworkManager is in charge
Closesfdupoux/sysresccd-src#75
* The synchronization point is getty-pre.target to block login while autorun
is active
* After sysresccd-initialize.service to have keyboard layout configured
* stdin/stdout/stderr conected to /dev/console to make interactive scripts work
Closesfdupoux/sysresccd-src#18
* Passes through PAM (pam_systemd module) via login(1). This sets up
systemd --user instance, which will create and listen on dbus session socket.
* login(1) is called (via agetty(8)) with -p option, keeping the environment
pam_systemd configured for the user, most importantly
DBUS_SESSION_BUS_ADDRESS.
* Thus dbus-launch call in /etc/X11/xinit/xinitrc is unnecessary.
* autologin.conf drop-in configured in the template unit (getty@.service)
to make autologin work on all virtual consoles.
Use localectl to set kbd and x11 keymaps.
Order sysresccd-initialize.service before getty-pre.target (pasive target,
pulled in manually) to ensure console keymap is proper configured when
getty@.service runs.
Fixes#74
