From 3d68e37f38ce861f8e029f808803fefc8fb0facd Mon Sep 17 00:00:00 2001
From: Michael Vogt <michael.vogt@gmail.com>
Date: Wed, 6 Mar 2024 14:54:24 +0100
Subject: [PATCH 1/2] bib: mount `devtmpfs` inside the container too

This ensures that the new `partscan` feature in osbuild works. By
default the containers only have a static snapshot of /dev on a
tmpfs. This means that anything later added by losetup will be
missing inside the container.

It also means that https://github.com/osbuild/osbuild/pull/1468
can be reverted.
---
 bib/internal/setup/setup.go | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/bib/internal/setup/setup.go b/bib/internal/setup/setup.go
index 944a64d0..d3c9ec8d 100644
--- a/bib/internal/setup/setup.go
+++ b/bib/internal/setup/setup.go
@@ -53,6 +53,14 @@ func EnsureEnvironment() error {
 	if err := util.RunCmdSync("mount", "--bind", destPath, osbuildPath); err != nil {
 		return err
 	}
+
+	// Ensure we have devfs inside the container to get dynamic loop
+	// loop devices inside the container.
+	devMnt := "/dev/"
+	if err := util.RunCmdSync("mount", "-t", "devtmpfs", "devtmpfs", devMnt); err != nil {
+		return err
+	}
+
 	return nil
 }
 

From 36730113d0f0819ef80ac4d1e424715fc3ad5b67 Mon Sep 17 00:00:00 2001
From: Michael Vogt <michael.vogt@gmail.com>
Date: Wed, 6 Mar 2024 16:01:10 +0100
Subject: [PATCH 2/2] bib: tweak EnsureEnvironment() based on the feedback from
 Colin

---
 bib/internal/setup/setup.go | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/bib/internal/setup/setup.go b/bib/internal/setup/setup.go
index d3c9ec8d..d6d4d546 100644
--- a/bib/internal/setup/setup.go
+++ b/bib/internal/setup/setup.go
@@ -48,18 +48,19 @@ func EnsureEnvironment() error {
 	if err := util.RunCmdSync("chcon", installType, destPath); err != nil {
 		return err
 	}
-	// Create a bind mount into our target location; we can't copy it because
-	// again we have to perserve the SELinux label.
-	if err := util.RunCmdSync("mount", "--bind", destPath, osbuildPath); err != nil {
-		return err
-	}
 
 	// Ensure we have devfs inside the container to get dynamic loop
 	// loop devices inside the container.
-	devMnt := "/dev/"
-	if err := util.RunCmdSync("mount", "-t", "devtmpfs", "devtmpfs", devMnt); err != nil {
+	if err := util.RunCmdSync("mount", "-t", "devtmpfs", "devtmpfs", "/dev"); err != nil {
+		return err
+	}
+
+	// Create a bind mount into our target location; we can't copy it because
+	// again we have to perserve the SELinux label.
+	if err := util.RunCmdSync("mount", "--bind", destPath, osbuildPath); err != nil {
 		return err
 	}
+	// NOTE: Don't add new code here, do it before the bind mount which acts as the final success indicator
 
 	return nil
 }