From 0ea6e363dd817d0e2e73ef96d6dc7885787d8b77 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Tue, 19 Jul 2022 13:44:32 -0400
Subject: [PATCH] coreos-printk-quiet: Apply Lennart's suggestions

Doesn't work today, blocks on SELinux policy.
---
 .../usr/lib/systemd/system/coreos-printk-quiet.service    | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/overlay.d/05core/usr/lib/systemd/system/coreos-printk-quiet.service b/overlay.d/05core/usr/lib/systemd/system/coreos-printk-quiet.service
index d93a32ad28..d8e50cd92f 100644
--- a/overlay.d/05core/usr/lib/systemd/system/coreos-printk-quiet.service
+++ b/overlay.d/05core/usr/lib/systemd/system/coreos-printk-quiet.service
@@ -18,10 +18,10 @@ ConditionKernelCommandLine=!loglevel
 [Service]
 Type=oneshot
 RemainAfterExit=yes
-# We need to make /run/sysctl.d if it doesn't exist and also
-# ensure it has a SELinux label that works for systemd-sysctl.service.
-# Then we just generate a sysctl file which is read by systemd-sysctl.service.
-ExecStart=/bin/bash -euo pipefail -c 'mkdir -p /run/sysctl.d && chcon --reference=/etc/sysctl.d /run/sysctl.d && echo "kernel.printk = 4" > /run/sysctl.d/01-coreos-printk.conf'
+# Using systemd-tmpfiles "inline" like this delegates things like selinux labeling
+# to it.
+ExecStart=/usr/bin/systemd-tmpfiles --create -
+StandardInputText=f /run/sysctl.d/01-coreos-printk.conf - - - - kernel.printk = 4
 
 [Install]
 WantedBy=sysinit.target