Make /work related stuff of chroot_cmd() optional

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 8f4e75372bd97dd0263b70dd6374fea7ca51f152..47a5bdb30942672210449a4ed6eeeadc2ff9994b 100644 (file)
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -572,7 +572,7 @@ def run_prepare_scripts(context: Context, build: bool) -> None:
             arg = "final"
 
         for script in context.config.prepare_scripts:
-            chroot = chroot_cmd(resolve=True)
+            chroot = chroot_cmd(resolve=True, work=True)
 
             helpers = {
                 "mkosi-chroot": chroot,
@@ -649,7 +649,7 @@ def run_build_scripts(context: Context) -> None:
         finalize_source_mounts(context.config, ephemeral=context.config.build_sources_ephemeral) as sources,
     ):
         for script in context.config.build_scripts:
-            chroot = chroot_cmd(resolve=context.config.with_network)
+            chroot = chroot_cmd(resolve=context.config.with_network, work=True)
 
             helpers = {
                 "mkosi-chroot": chroot,
@@ -727,7 +727,7 @@ def run_postinst_scripts(context: Context) -> None:
         finalize_source_mounts(context.config, ephemeral=context.config.build_sources_ephemeral) as sources,
     ):
         for script in context.config.postinst_scripts:
-            chroot = chroot_cmd(resolve=context.config.with_network)
+            chroot = chroot_cmd(resolve=context.config.with_network, work=True)
 
             helpers = {
                 "mkosi-chroot": chroot,
@@ -791,7 +791,7 @@ def run_finalize_scripts(context: Context) -> None:
 
     with finalize_source_mounts(context.config, ephemeral=context.config.build_sources_ephemeral) as sources:
         for script in context.config.finalize_scripts:
-            chroot = chroot_cmd(resolve=context.config.with_network)
+            chroot = chroot_cmd(resolve=context.config.with_network, work=True)
 
             helpers = {
                 "mkosi-chroot": chroot,

diff --git a/mkosi/sandbox.py b/mkosi/sandbox.py
index c983948e4b0be15dccca87279f66052c8321651c..b91b5bbbf2935a921065de08db47cd85466bb32e 100644 (file)
--- a/mkosi/sandbox.py
+++ b/mkosi/sandbox.py
@@ -272,17 +272,19 @@ def apivfs_cmd() -> list[PathString]:
     ]
 
 
-def chroot_cmd(*, resolve: bool = False) -> list[PathString]:
+def chroot_cmd(*, resolve: bool = False, work: bool = False) -> list[PathString]:
+    workdir = '/buildroot/work' if work else ''
+
     return apivfs_cmd() + [
         "sh", "-c",
         " && ".join(
             [
-                "trap 'rm -rf /buildroot/work' EXIT",
+                *([f"trap 'rm -rf {workdir}' EXIT"] if work else []),
                 # /etc/resolv.conf can be a dangling symlink to /run/systemd/resolve/stub-resolv.conf. Bubblewrap tries
                 # to call mkdir() on each component of the path which means it will try to call
                 # mkdir(/run/systemd/resolve/stub-resolv.conf) which will fail unless /run/systemd/resolve exists
                 # already so we make sure that it already exists.
-                "mkdir -p -m 755 /buildroot/work /buildroot/run/systemd /buildroot/run/systemd/resolve",
+                f"mkdir -p -m 755 {workdir} /buildroot/run/systemd /buildroot/run/systemd/resolve",
                 # No exec here because we need to clean up the /work directory afterwards.
                 "$0 \"$@\"",
             ]
@@ -293,8 +295,7 @@ def chroot_cmd(*, resolve: bool = False) -> list[PathString]:
         "--setenv", "HOME", "/",
         "--setenv", "PATH", "/work/scripts:/usr/bin:/usr/sbin",
         *(["--ro-bind-try", "/etc/resolv.conf", "/etc/resolv.conf"] if resolve else []),
-        "--bind", "/work", "/work",
-        "--chdir", "/work/src",
+        *(["--bind", "/work", "/work", "--chdir", "/work/src"] if work else []),
         "--setenv", "BUILDROOT", "/",
         # Start an interactive bash shell if we're not given any arguments.
         "sh", "-c", '[ "$0" = "sh" ] && [ $# -eq 0 ] && exec bash -i || exec $0 "$@"',