nixos/systemd-initrd: silence various warnings

Silences 2 warning messages that appear when using the systemd initrd:

1. "System tainted (var-run-bad)": occurs because `/var/run` isn't a
   symlink to `/run`. Fixed by making /run and linking /var/run to it.

2. "Failed to make /usr a mountpoint": occurs because ProtectSystem
   defaults to true in the initrd, which makes systemd try to remount
   `/usr` as read-only, which doesn't exist in the initrd. Fixed by
   linking `/usr/bin` and `/usr/sbin` to the initrd bin directories.

Also moves the `/tmp` creation from the initrd module to make-initrd-ng,
to avoid making an unnecessary `/tmp/.keep`, saving a store path and a
few bytes in the initrd image.

Author: andre4ik3

nixos/modules/system/boot/systemd/initrd.nix

@@ -481,7 +481,6 @@ in
       settings.Manager.DefaultEnvironment = "PATH=/bin:/sbin";
 
       contents = {
-        "/tmp/.keep".text = "systemd requires the /tmp mount point in the initrd cpio archive";
         "/init".source = "${cfg.package}/lib/systemd/systemd";
         "/etc/systemd/system".source = stage1Units;
 
@@ -507,6 +506,8 @@ in
 
         "/bin".source = "${initrdBinEnv}/bin";
         "/sbin".source = "${initrdBinEnv}/sbin";
+        "/usr/bin".source = "${initrdBinEnv}/bin";
+        "/usr/sbin".source = "${initrdBinEnv}/sbin";
 
         "/etc/sysctl.d/nixos.conf".text = "kernel.modprobe = /sbin/modprobe";
         "/etc/modprobe.d/systemd.conf".source = "${cfg.package}/lib/modprobe.d/systemd.conf";

pkgs/build-support/kernel/make-initrd-ng.nix

@@ -100,7 +100,8 @@ runCommand name
     ++ lib.optional makeUInitrd ubootTools;
   })
   ''
-    mkdir -p ./root/var/empty
+    mkdir -p ./root/{run,tmp,var/empty}
+    ln -s ../run ./root/var/run
     make-initrd-ng "$contentsPath" ./root
     mkdir "$out"
     (cd root && find . -exec touch -h -d '@1' '{}' +)