From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Sun, 15 Sep 2024 20:25:35 +0000 (+0200)
Subject: Move /var/log creation from sandbox tree to sandbox_cmd()
X-Git-Tag: v25~294^2~2
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a192f0c01a7938e6729eed2db8ac193f6d6592c4;p=thirdparty%2Fmkosi.git

Move /var/log creation from sandbox tree to sandbox_cmd()

We now always put an overlayfs on top of the sandbox tree so writes
done from within the sandbox aren't persisted, so there's no point
anymore in creating /var/log in the sandbox tree anymore. Instead,
make sure it exists within sandbox_cmd() so we can still access logs
when using --debug-shell.
---

diff --git a/mkosi/__init__.py b/mkosi/__init__.py
index 38f1ec54d..16041edd7 100644
--- a/mkosi/__init__.py
+++ b/mkosi/__init__.py
@@ -1042,8 +1042,6 @@ def install_sandbox_trees(config: Config, dst: Path) -> None:
     if Path("/etc/static").is_symlink():
         (dst / "etc/static").symlink_to(Path("/etc/static").readlink())
 
-    (dst / "var/log").mkdir(parents=True)
-
     if Path("/etc/passwd").exists():
         shutil.copy("/etc/passwd", dst / "etc/passwd")
     if Path("/etc/group").exists():
diff --git a/mkosi/run.py b/mkosi/run.py
index 1b4c8398a..169948b1a 100644
--- a/mkosi/run.py
+++ b/mkosi/run.py
@@ -524,7 +524,7 @@ def sandbox_cmd(
         if path and not any(path.is_relative_to(dir) for dir in (*dirs, "/usr", "/nix", "/tmp")):
             cmdline += ["--bind", path, path]
     else:
-        cmdline += ["--dir", "/var/tmp", "--unshare-ipc"]
+        cmdline += ["--dir", "/var/tmp", "--dir", "/var/log", "--unshare-ipc"]
 
         if devices:
             cmdline += ["--bind", "/sys", "/sys", "--bind", "/dev", "/dev"]