Mount cache directory before all other mounts

The cache directory could potentially be /var so to avoid overriding
other mounts we have to mount it first.

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 9563eabe5266f8e563cb3cbc818e57870ff58786..7694dcbc7eb4db3bee6a53147ac5404e144b5727 100644 (file)
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -464,10 +464,13 @@ def run_prepare_scripts(context: Context, build: bool) -> None:
                     sandbox=context.sandbox(
                         network=True,
                         options=sources + [
+                            # If the cache dir is /var and the workspace directory is /var/tmp (e.g. in mkosi-initrd),
+                            # then all the files we mount here might be located in the configured cache directory, so
+                            # we have to mount the cache directory first to not override all the other mounts.
+                            "--bind", context.cache_dir, context.cache_dir,
                             "--ro-bind", script, script,
                             "--ro-bind", cd, cd,
                             "--bind", context.root, context.root,
-                            "--bind", context.cache_dir, context.cache_dir,
                             *finalize_crypto_mounts(tools=context.config.tools()),
                             "--chdir", Path.cwd(),
                         ],