Make sure /var/tmp is not an overlayfs unless required

If we put an overlayfs on /var because the user provided files in
/var via their sandbox tree, make sure /var/tmp is not an overlayfs
unless really required so tools like systemd-repart can make full
use of the underlying filesystem features which are disabled if
/var/tmp is on an overlayfs.

diff --git a/mkosi/run.py b/mkosi/run.py
index 169948b1a3e6a07f6eee68076c700702d96475be..e580b36d94c6675646baa2189ac9b4b7f7e71bcd 100644 (file)
--- a/mkosi/run.py
+++ b/mkosi/run.py
@@ -571,6 +571,13 @@ def sandbox_cmd(
                 else:
                     cmdline += ["--tmpfs", Path("/") / d]
 
+        # If we put an overlayfs on /var, and /var/tmp is not in the sandbox tree, make sure /var/tmp is a bind mount
+        # of a regular empty directory instead of the overlays so tools like systemd-repart can use the underlying
+        # filesystem features from btrfs when using /var/tmp.
+        if overlay and not (overlay / "var/tmp").exists():
+            tmp = stack.enter_context(vartmpdir())
+            cmdline += ["--bind", tmp, "/var/tmp"]
+
         yield [*cmdline, *options, "--"]