diff --git a/usr/lib/initcpio/install/archboot_base_common b/usr/lib/initcpio/install/archboot_base_common
index 174103df6..139f39a46 100644
--- a/usr/lib/initcpio/install/archboot_base_common
+++ b/usr/lib/initcpio/install/archboot_base_common
@@ -9,7 +9,6 @@ build ()
 
     add_symlink /var/run ../run
     add_symlink /var/lock ../run/lock
-    add_symlink /var/log/lastlog /dev/null
 
     ### add basic apps
     map add_binary init agetty basename mount umount clear env printf gawk tty bash rbash \
@@ -140,20 +139,23 @@ build ()
     add_file "/usr/share/archboot/base/etc/systemd/system/serial-getty@.service" "/etc/systemd/system/serial-getty@.service"
     add_file "/usr/share/archboot/base/etc/systemd/system/systemd-sysusers.service" "/etc/systemd/system/systemd-sysusers.service"
     ### disable systemd mounts:
-    # mask fuse, it's not included by default
-    # no tmpfs needed on /tmp!
-    # disable debugfs, configfs and tracefs
+    # disable configfs, debugfs, fuse and tracefs
     for i in sys-kernel-debug sys-kernel-tracing sys-kernel-config sys-fs-fuse-connections tmp; do
         add_symlink "/etc/systemd/system/${i}.mount" "/dev/null"
     done
     ### disable systemd targets:
-    # disable swap
-    # disable cryptsetup integritysetup veritysetup
+    # swap cryptsetup integritysetup veritysetup
     for i in cryptsetup integritysetup swap veritysetup; do
         add_symlink "/etc/systemd/system/${i}.target" "/dev/null"
     done
+    ### disable systemd services:
+    for i in firstboot machine-id-commit pcrmachine binfmt boot-random-seed repart
+        add_symlink "/etc/systemd/system/sytem-${i}.service" "/dev/null"
+    done
     # remove multi-user.target.wants
     rm -rf ${BUILDROOT}/etc/systemd/system/multi-user.target.wants
+    # disable lastlog
+    add_symlink "/var/log/lastlog" "/dev/null"
     ### add missing libsystemd files
     map add_file "/usr/lib/libnss_myhostname.so.2" "/usr/lib/libnss_mymachines.so.2" \
                  "/usr/lib/libnss_resolve.so.2" "/usr/lib/libnss_systemd.so.2"
diff --git a/usr/share/archboot/base/etc/tmpfiles.d/var.conf b/usr/share/archboot/base/etc/tmpfiles.d/var.conf
new file mode 100644
index 000000000..d3d4ca492
--- /dev/null
+++ b/usr/share/archboot/base/etc/tmpfiles.d/var.conf
@@ -0,0 +1,22 @@
+#  This file is part of systemd.
+#
+#  systemd is free software; you can redistribute it and/or modify it
+#  under the terms of the GNU Lesser General Public License as published by
+#  the Free Software Foundation; either version 2.1 of the License, or
+#  (at your option) any later version.
+
+# See tmpfiles.d(5) for details
+
+q /var 0755 - - -
+
+L /var/run - - - - ../run
+
+d /var/log 0755 - - -
+f /var/log/wtmp 0664 root utmp -
+f /var/log/btmp 0660 root utmp -
+
+d /var/cache 0755 - - -
+
+d /var/lib 0755 - - -
+
+d /var/spool 0755 - - -