fix: properly overwrite files on install

Without truncate the file was not overwritten properly if the file with
the same name already exists and has smaller size.

Fixes #8097

Also add a 10 second timeout on UEFI ISO boot, so that boot menu can be
seen without pressing `Esc` many times.

Signed-off-by: Andrey Smirnov <andrey.smirnov@siderolabs.com>

pkg/imager/iso/loader.conf

@@ -0,0 +1,5 @@
+# systemd-boot configuration
+
+timeout 10
+
+secure-boot-enroll if-safe

pkg/imager/iso/uefi.go

@@ -5,6 +5,9 @@
 package iso
 
 import (
+	"bytes"
+	"context"
+	_ "embed"
 	"fmt"
 	"os"
 	"path/filepath"
@@ -38,6 +41,9 @@ const (
 	mib = 1024 * 1024
 )
 
+//go:embed loader.conf
+var loaderConfig []byte
+
 // CreateUEFI creates an iso using a UKI, systemd-boot.
 //
 // The ISO created supports only booting in UEFI mode, and supports SecureBoot.
@@ -118,6 +124,13 @@ func CreateUEFI(printf func(string, ...any), options UEFIOptions) error {
 		return err
 	}
 
+	if _, err := cmd.RunContext(
+		cmd.WithStdin(context.Background(), bytes.NewReader(loaderConfig)),
+		"mcopy", "-i", efiBootImg, "-", "::loader/loader.conf",
+	); err != nil {
+		return err
+	}
+
 	if options.PlatformKeyPath != "" {
 		if _, err := cmd.Run("mcopy", "-i", efiBootImg, options.PlatformKeyPath, filepath.Join("::loader/keys/auto", constants.PlatformKeyAsset)); err != nil {
 			return err

pkg/imager/utils/copy.go

@@ -40,7 +40,7 @@ func CopyFiles(printf func(string, ...any), instructions ...CopyInstruction) err
 			//nolint:errcheck
 			defer from.Close()
 
-			to, err := os.OpenFile(dest, os.O_RDWR|os.O_CREATE, 0o666)
+			to, err := os.OpenFile(dest, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o666)
 			if err != nil {
 				return err
 			}