fix, sysctl-initramfs: switch log to /run/initramfs/sysctl-initramfs-error.log

since ephemeral, in RAM, not written to disk, no conflict with grub-live

https://forums.whonix.org/t/kernel-hardening/7296/435

etc/initramfs-tools/scripts/init-bottom/sysctl-initramfs

@@ -15,19 +15,12 @@ prereqs)
         ;;
 esac
 
-## ${rootmnt} is mounted read-only in the initramfs so it needs to be remounted first.
+## Write to '/run/initramfs' folder.
-if mount | grep "${rootmnt}" | grep -q "(ro,"; then
+## https://forums.whonix.org/t/kernel-hardening/7296/435
-  remount="yes"
-  mount -o remount,rw "${rootmnt}"
-fi
 
-sysctl -p ${rootmnt}/etc/sysctl.conf >/dev/null 2> "${rootmnt}/var/log/sysctl-initramfs-error.log"
+sysctl -p ${rootmnt}/etc/sysctl.conf >/dev/null 2> "/run/initramfs/sysctl-initramfs-error.log"
-sysctl -p ${rootmnt}/etc/sysctl.d/*.conf >/dev/null 2>> "${rootmnt}/var/log/sysctl-initramfs-error.log"
+sysctl -p ${rootmnt}/etc/sysctl.d/*.conf >/dev/null 2>> "/run/initramfs/sysctl-initramfs-error.log"
 
-if [ "${remount}" = "yes" ]; then
+grep -v "unprivileged_userfaultfd" "/run/initramfs/sysctl-initramfs-error.log"
-  mount -o remount,ro "${rootmnt}"
-fi
-
-grep -v "unprivileged_userfaultfd" "${rootmnt}/var/log/sysctl-initramfs-error.log"
 
 true