From d39cb2a59adfaa2e9534b578b7199ce164dc05ae Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miguel=20Mart=C3=ADn?= <mmartinv@redhat.com>
Date: Tue, 5 Dec 2023 08:07:34 +0100
Subject: [PATCH] stages(dracut): mount dracut required filesystems.
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

mount dracut required filesystems to avoid errors like:
"/proc/ is not mounted. This is not a supported mode
of operation. Please fix your invocation environment to
mount /proc/ and /sys/ properly. Proceeding anyway."

Signed-off-by: Miguel Martín <mmartinv@redhat.com>
---
 stages/org.osbuild.dracut | 40 ++++++++++++++++++++++++++++++---------
 1 file changed, 31 insertions(+), 9 deletions(-)

diff --git a/stages/org.osbuild.dracut b/stages/org.osbuild.dracut
index a45b097eb..7248a3fa3 100755
--- a/stages/org.osbuild.dracut
+++ b/stages/org.osbuild.dracut
@@ -12,10 +12,12 @@ page and schema for this stage.
 NB: needs chroot for now as well as `strip` for stripping the initrfams.
 """
 
+import os
 import subprocess
 import sys
 
 import osbuild.api
+from osbuild.util.mnt import MountGuard
 
 SCHEMA = """
 "required": ["kernel"],
@@ -201,15 +203,35 @@ def main(tree, options):
 
     opts += extra
 
-    for kver in kernels:
-        print(f"Building initramfs for {kver}", file=sys.stderr)
-
-        subprocess.run(["/usr/sbin/chroot", tree,
-                        "/usr/bin/dracut",
-                        "--no-hostonly",
-                        "--kver", kver]
-                       + opts,
-                       check=True)
+    mounts = [
+        {"path": "/dev", "bind": True, "ro": False, "mode": 0o755},
+        {"path": "/proc", "bind": True, "ro": True, "mode": 0o555},
+        {"path": "/sys", "bind": True, "ro": True, "mode": 0o555},
+    ]
+    with MountGuard() as mounter:
+        for mount in mounts:
+            ro = mount["ro"]
+            bind = mount["bind"]
+            src = mount["path"]
+            mode = mount["mode"]
+            dest = os.path.join(tree, src.lstrip("/"))
+            os.makedirs(dest, exist_ok=True)
+            os.chmod(dest, mount.get("mode", mode))
+            mounter.mount(src, dest, bind=bind, ro=ro)
+
+        os.symlink("/proc/self/fd", f"{tree}/dev/fd")
+
+        for kver in kernels:
+            print(f"Building initramfs for {kver}", file=sys.stderr)
+
+            subprocess.run(["/usr/sbin/chroot", tree,
+                            "/usr/bin/dracut",
+                            "--no-hostonly",
+                            "--kver", kver]
+                           + opts,
+                           check=True)
+
+        os.unlink(f"{tree}/dev/fd")
 
     return 0