Bug#1073169: debootstrap: support working on a nodev filesystem (e.g. /tmp)

[Helmut Grohne]

Package: debootstrap
Version: 1.0.134
Tags: patch
X-Debbugs-Cc: jo...@debian.org
Control: affects -1 + src:genext2fs

Hi,

I tried running the genext2fs autopkgtest for the /usr-move bootstrap
upload and it failed rather early here while running debootstrap:

    Cannot install into target '/tmp/...' mounted with noexec or nodev

I thought Johannes fixed debootstrap to work without mknod via
https://salsa.debian.org/installer-team/debootstrap/-/merge_requests/109,
so why would it fail on nodev?

When you're root and on a nodev filesystem, mknod still works. What does
not work is writing to that device. Hence, the bind mounting code does
not come into effect here. That also leads us to a relatively obvious
solution: We can simply try writing to the created devices and perform
the bind mount dance if it does not.

I've prepared a patch for this.

Helmut

diff --minimal -Nru debootstrap-1.0.134/debian/changelog 
debootstrap-1.0.134+nmu1/debian/changelog
--- debootstrap-1.0.134/debian/changelog        2024-01-05 10:17:39.000000000 
+0100
+++ debootstrap-1.0.134+nmu1/debian/changelog   2024-06-13 22:30:06.000000000 
+0200
@@ -1,3 +1,10 @@
+debootstrap (1.0.134+nmu1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Support working with a nodev filesystem. (Closes: #-1)
+
+ -- Helmut Grohne <hel...@subdivi.de>  Thu, 13 Jun 2024 22:30:06 +0200
+
 debootstrap (1.0.134) unstable; urgency=medium
 
   [ Johannes Schauer Marin Rodrigues ]
diff --minimal -Nru debootstrap-1.0.134/functions 
debootstrap-1.0.134+nmu1/functions
--- debootstrap-1.0.134/functions       2024-01-05 10:07:32.000000000 +0100
+++ debootstrap-1.0.134+nmu1/functions  2024-06-13 14:18:14.000000000 +0200
@@ -1306,7 +1306,8 @@
                touch "$TARGET/dev/console"
                ;;
            *)
-               if ! setup_devices_simple; then
+               if ! setup_devices_simple ||
+                  !  sh -c ': >"$1"' -- "$TARGET/dev/null" 2>/dev/null; then
                        setup_devices_bind
                fi
                ;;
@@ -1836,13 +1837,10 @@
                  lxc|lxc-libvirt|mmdebstrap-unshare)
                    ;;
                  *)
-                   if mknod "$1/test-dev-null" c 1 3 2>/dev/null; then
-                       if ! echo test > "$1/test-dev-null"; then
-                           rm -f "$1/test-dev-null"
-                           return 1
-                       fi
-                   else
-                       # mknod failed. Try if bind-mounting works
+                   if ! mknod "$1/test-dev-null" c 1 3 2>/dev/null ||
+                      ! echo test > "$1/test-dev-null"; then
+                       # mknod failed (e.g. user namespace) or writing failed
+                       # (e.g. nodev). Try if bind-mounting works
                        touch "$1/test-dev-null"
                        if ! mount -o bind /dev/null "$1/test-dev-null"; then
                            rm -f "$1/test-dev-null"