-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
At this point /var/lib/pacman/local defines the current state of /usr. It's not "variable" - you write to /var/lib/pacman/local if and only if you write to /usr. The description of /usr on wiki perfectly describes why /var/lib/pacman/local really belongs there:
So, files in (now) /usr/lib/pacman/local contain filelists of packages, yes? If you wipe /var, lots of packages will have missing files...
Good point. I just did `pacman -Ql |grep -F ' /var'` to see how many files there are. 99.7% of them are directories only, though. Are tmpfiles.d supposed to create directories in /var too? Docs mention using tmpfiles.d to init /tmp or /run, not /var though. But I guess stateless systemd would always provide tmpfiles for that.
- move /var/lib/pacman/local/ to /usr - move the default pacman.conf and mirrorlist to /usr/share - provide tmpfiles.d to copy those files to /etc
What about pacman keyring? Also note that your custom keys should be packaged as well and resigned on-boot.
I wasn't aware of that. I only refer to what the OP requested and that didn't sound complicated at all. Now it does.
If I'm not mistaken, /usr/share and tmpfiles.d are really trivial and wouldn't affect users in any way. That'd be a few additional files somewhere in the filesystem without any effect on existing machines. Or I'm wrong?
This is madness. I remember sometime ago there was a witchhunt against daemons that write to /etc (cups is the worst offender). So why is it OK for systemd to do so? I personally don't want systemd to come anywhere near my /etc. Please package the tmpfiles.d/sysusers stuff with virtkick or whatever, but not with pacman.
Please note I'm not a huge fan of systemd. I'd rather Arch hadn't married systemd back then. But since it has already happened, many parts of Arch make use of systemd (e.g. netctl), there are several systemd contributors amongst Arch Linux developers, it'd be good to make use of various systemd features. As long as they are not costly to implement, of course. And this "factory reset" feature indeed seems to be costly. - -- Kind regards, Damian Nowak StratusHost www.AtlasHost.eu -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBAgAGBQJUFhxzAAoJENUJYSy7yByfwkwP/jJkNBkXQZ/4nkq2/ZuVJHDL dRsaZ4GeTsgOQ6Q3JP7RQ67nvYiQhyUqIIQotvp+ZmT8rjNXkpOQBg9gUC3vycRk RoD38S2A4nDQcYeftM5nMjUYkSJnM01OBblrgw6+wK1NP1NNilgtklRX41Th5xmz bFGqD1b6QO7g5SrY0lelLJUYG3SkN4O8aFO5fKHpUSSaalvoIE6XlL3WtbLA7+nD NhVx4XwmcJMT9rqAlhhOYncm/dzssMdlkSAzTyIqrs4vOSxRvV1LUpcO294qeY31 jSO5vAGKjKMWANkeNUN5d0Ga/gLLEYXPsUNiA9UA4+N9PL9yRLeXO7AeOyG54pYl Ivp+iB5To9n98Vd9JPRThv3egjtod0vt8I75jB8VPcR2ZxFJjVHkA/9WR8yGsnYw 0IaQtmtz+f+DB1vJf+GEBVEZHpGukwOVcjN19qchs0Q0Ee59Kkzlr1jL7c1YbTzV WnYVmnnXIntXHNYBg+DbpJC/VOOmR0yt+tx8mpXToHK9u4rVwnOgw4J1qtS9vz1C 3a0gNdSqxuS4QSV1fTSreiUIuQVi5grFXXAkS2FD5Gh3gMx3kGmkLl/0VQj39puT /mKIkTXbt7hqqWDKSwX1dz7h6PrkYpD6gAeonzNi58UwdHEWIfBWHUSXkEzRnli3 MMBXhJdu6bInfO1wAaDd =ddj8 -----END PGP SIGNATURE-----