From: Daan De Meyer <daan.j.demeyer@gmail.com>
Date: Thu, 27 Mar 2025 16:27:02 +0000 (+0100)
Subject: pacman: Always bind mount /var/lib/pacman/local from sandbox
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=refs%2Fpull%2F3631%2Fhead;p=thirdparty%2Fmkosi.git

pacman: Always bind mount /var/lib/pacman/local from sandbox

We want any writes to /var/lib/pacman/local to go to any configured
overlayfs on /buildroot, instead of going directly to the
/var/lib/pacman/local directory which might be a lowerdir in the
overlayfs if one is used. Let's implement this by simply specifying
a path relative to the sandbox instead of specifying the path on the
host.

Fixes #3625
---

diff --git a/mkosi/installer/pacman.py b/mkosi/installer/pacman.py
index a11589b52..9755b9992 100644
--- a/mkosi/installer/pacman.py
+++ b/mkosi/installer/pacman.py
@@ -65,8 +65,11 @@ class Pacman(PackageManager):
         if (context.root / "var/lib/pacman/local").exists():
             # pacman reuses the same directory for the sync databases and the local database containing the
             # list of installed packages. The former should go in the cache directory, the latter should go
-            # in the image, so we bind mount the local directory from the image to make sure that happens.
-            mounts += ["--bind", context.root / "var/lib/pacman/local", "/var/lib/pacman/local"]
+            # in the image, so we bind mount the local directory from the image to make sure that happens. We
+            # make sure to bind mount directly from the mounted /buildroot directly instead of from the host
+            # root directory since /buildroot might be an overlay mount and we want to make sure any writes
+            # are done to the upperdir of the overlay mount.
+            mounts += ["--bind", "+/buildroot/var/lib/pacman/local", "/var/lib/pacman/local"]
 
         return mounts