Skip to content

Commit

Permalink
install: Fix broken warn_on_host_root check
Browse files Browse the repository at this point in the history
The `warn_on_host_root` check was broken when we added support for
installing on already-ostree systems (but only for already-ostree
systems).

See containers#907

The solution is to use the original user provided root_path for the fd
passed to warn_on_host_root, rather than the modified one, as that will
always match /proc/0/root's fsid (in ostree systems systemd is running
with the deployment root as its root, and this is what we have mounted
as /:/target)

Signed-off-by: Omer Tuchfeld <[email protected]>
  • Loading branch information
omertuc committed Nov 25, 2024
1 parent 7c8121a commit b57fcad
Showing 1 changed file with 8 additions and 5 deletions.
13 changes: 8 additions & 5 deletions lib/src/install.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1716,6 +1716,14 @@ pub(crate) async fn install_to_filesystem(
}
}

// Check to see if this happens to be the real host root
if !fsopts.acknowledge_destructive {
let root_path = &fsopts.root_path;
let rootfs_fd = Dir::open_ambient_dir(root_path, cap_std::ambient_authority())
.with_context(|| format!("Opening target root directory {root_path}"))?;
warn_on_host_root(&rootfs_fd)?;
}

// If we're installing to an ostree root, then find the physical root from
// the deployment root.
let possible_physical_root = fsopts.root_path.join("sysroot");
Expand All @@ -1741,11 +1749,6 @@ pub(crate) async fn install_to_filesystem(
rootfs_fd
};

// Check to see if this happens to be the real host root
if !fsopts.acknowledge_destructive {
warn_on_host_root(&rootfs_fd)?;
}

match fsopts.replace {
Some(ReplaceMode::Wipe) => {
let rootfs_fd = rootfs_fd.try_clone()?;
Expand Down

0 comments on commit b57fcad

Please sign in to comment.