From daddb84cb09fdc0c7b675e4ce1319b6bfd6e071c Mon Sep 17 00:00:00 2001 From: Omer Tuchfeld Date: Tue, 19 Nov 2024 20:03:48 +0100 Subject: [PATCH] install: Fix broken warn_on_host_root check The `warn_on_host_root` check was broken when we added support for installing on already-ostree systems. See https://github.com/containers/bootc/issues/907 The solution is to use the original user provided root_path for the fd passed to warn_on_host_root, rather than the modified one, as that will always match /proc/0/root's fsid (in ostree systems systemd is running with the deployment root as its root, and this is what we have mounted as /:/target) Signed-off-by: Omer Tuchfeld --- lib/src/install.rs | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/lib/src/install.rs b/lib/src/install.rs index 83dd7752..0765156e 100644 --- a/lib/src/install.rs +++ b/lib/src/install.rs @@ -1653,11 +1653,15 @@ pub(crate) async fn install_to_filesystem( // the deployment root. let possible_physical_root = fsopts.root_path.join("sysroot"); let possible_ostree_dir = possible_physical_root.join("ostree"); - if possible_ostree_dir.exists() { + let original_root_path = if possible_ostree_dir.exists() { tracing::debug!( "ostree detected in {possible_ostree_dir}, assuming target is a deployment root and using {possible_physical_root}" ); + let original = fsopts.root_path.clone(); fsopts.root_path = possible_physical_root; + original + } else { + fsopts.root_path.clone() }; // Get a file descriptor for the root path @@ -1683,7 +1687,10 @@ pub(crate) async fn install_to_filesystem( // Check to see if this happens to be the real host root if !fsopts.acknowledge_destructive { - warn_on_host_root(&rootfs_fd)?; + let original_rootfs_fd = + Dir::open_ambient_dir(&original_root_path, cap_std::ambient_authority()) + .with_context(|| format!("Opening target root directory {original_root_path}"))?; + warn_on_host_root(&original_rootfs_fd)?; } match fsopts.replace {