[systemd-devel] systemd enables custom service units on firstboot

[Martin Petzold]

Hi,

we are building our OS with debootstrap (Debian bullseye). Our image 
shall be flashed on embedded devices. In order to get a unique 
machine-id we removed '/etc/machine-id' as instructed in [1] and also 
removed '/var/lib/dbus/machine-id' as instructed in [2]) from the golden 
image.

After we flash the image and boot it, new machine-ids are created and 
identical.

However, now we realized that some of our systemd service units added to 
'/lib/systemd/system' are enabled and starting on boot. We did not 
enable them, we just copied them to that location at the end of our 
rootfs build. They are just there to be used in some special test cases.

We already checked '/lib/systemd/system-preset/*'. But there is only a 
single file '90-systemd.preset' and there is no rule which matches our 
service units.

1. Why are our service units placed in '/lib/systemd/system' enabled?
2. What actually happens during firstboot?
Related 3. If we do A/B rootfs updates could there be any problems if a 
new machine-id is created on each (sys)update?

Platform:

systemd 252.5-2~bpo11+1 (from bullseye-backports)
systemd-resolved and systemd-networkd with iwd (all from bullseye-backports)
Custom Debian bullseye (with some packages from bullseye-backports)
Custom Kernel 5.10
U-Boot

[1] https://systemd.io/BUILDING_IMAGES/
[2] https://wiki.debian.org/MachineId

Thanks,

Martin