The concept of an 'unsealed' RealmFS no longer exists so support for this has been
removed. The result is much less complex and easier to understand and maintain.
Keyring is an encrypted file to store secrets. The encryption key is
derived from the disk decryption passphrase so that the file can be
automatically decrypted and processed during boot.
The keys contained in the keyring file are loaded into the kernel key
store so that they can later be retrieved by other components.
Currenly during installation a signing key is generated and stored in
the keyring so that the system can transparently sign RealmFS images
when the user modifies or updates them.
