From 41ab707fd6831a7af91a238d6cfef745cd09a116 Mon Sep 17 00:00:00 2001
From: Krzesimir Nowak <knowak@microsoft.com>
Date: Fri, 26 Sep 2025 14:55:11 +0200
Subject: [PATCH] build_sysext: Factor out install root to a variable

Made it easier to change its path.

Signed-off-by: Krzesimir Nowak <knowak@microsoft.com>
---
 build_sysext | 42 ++++++++++++++++++++++++++----------------
 1 file changed, 26 insertions(+), 16 deletions(-)

diff --git a/build_sysext b/build_sysext
index d2777c65fd..6dc7f7d869 100755
--- a/build_sysext
+++ b/build_sysext
@@ -135,12 +135,22 @@ _get_sysext_arch() {
     fi
 }
 
+if [[ ${FLAGS_install_root_basename} = */* || ${FLAGS_install_root_basename} = . || ${FLAGS_install_root_basename} = .. ]]; then
+    die "Just use a normal install root basename like 'my-best-rootfs-with-no-slashes' instead of ${FLAGS_install_root_basename@Q}, will ya?!"
+fi
+
+# Put the custom install root directory inside the install-root
+# subdirectory of BUILD_DIR to avoid the accidental messing with other
+# directories we create inside directly inside BUILD_DIR.
+THE_INSTALL_ROOT=${BUILD_DIR}/install-root/${FLAGS_install_root_basename}
+
 cleanup() {
   local dirs=(
     "${BUILD_DIR}/fs-root"
-    "${BUILD_DIR}/${FLAGS_install_root_basename}"
+    "${THE_INSTALL_ROOT}"
     "${BUILD_DIR}/workdir"
     "${BUILD_DIR}/img-rootfs"
+    "${BUILD_DIR}/install-root"
   )
   umount "${dirs[@]}" 2>/dev/null || true
   rm -rf "${dirs[@]}" || true
@@ -181,9 +191,9 @@ fi
 
 mkdir "${BUILD_DIR}/fs-root"
 mount -rt squashfs -o loop,nodev "${FLAGS_squashfs_base}" "${BUILD_DIR}/fs-root"
-mkdir "${BUILD_DIR}/${FLAGS_install_root_basename}"
+mkdir -p "${THE_INSTALL_ROOT}"
 mkdir "${BUILD_DIR}/workdir"
-mount -t overlay overlay -o lowerdir="${BUILD_DIR}/fs-root${pkginfo_lowerdirs}",upperdir="${BUILD_DIR}/${FLAGS_install_root_basename}",workdir="${BUILD_DIR}/workdir" "${BUILD_DIR}/${FLAGS_install_root_basename}"
+mount -t overlay overlay -o lowerdir="${BUILD_DIR}/fs-root${pkginfo_lowerdirs}",upperdir="${THE_INSTALL_ROOT}",workdir="${BUILD_DIR}/workdir" "${THE_INSTALL_ROOT}"
 
 REPO_BUILD_ID=$(source "${REPO_MANIFESTS_DIR}/version.txt"; echo "$FLATCAR_BUILD_ID")
 REPO_FLATCAR_VERSION=$(source "${REPO_MANIFESTS_DIR}/version.txt"; echo "$FLATCAR_VERSION")
@@ -223,7 +233,7 @@ info "Building '${SYSEXTNAME}' sysext with (meta-)packages '${@}' in '${BUILD_DI
 for package; do
   echo "Installing package into sysext image: $package"
   FEATURES="-ebuild-locks binpkg-multi-instance" emerge \
-    --root="${BUILD_DIR}/${FLAGS_install_root_basename}" \
+    --root="${THE_INSTALL_ROOT}" \
     --config-root="/build/${FLAGS_board}"  \
     --sysroot="/build/${FLAGS_board}"  \
     --usepkgonly \
@@ -239,18 +249,18 @@ export SOURCE_DATE_EPOCH=$(stat -c '%Y' "${BUILD_DIR}/fs-root/usr/lib/os-release
 
 # Unmount in order to get rid of the overlay, but keep fs-root for
 # now, so we can use selinux file contexts.
-umount "${BUILD_DIR}/${FLAGS_install_root_basename}"
+umount "${THE_INSTALL_ROOT}"
 
 if [[ "$FLAGS_generate_pkginfo" = "${FLAGS_TRUE}" ]] ; then
   info "  Creating pkginfo squashfs '${BUILD_DIR}/${SYSEXTNAME}_pkginfo.raw'"
   mkdir -p "${BUILD_DIR}/img-pkginfo/var/db"
-  cp -R "${BUILD_DIR}/${FLAGS_install_root_basename}/var/db/pkg" "${BUILD_DIR}/img-pkginfo/var/db/"
+  cp -R "${THE_INSTALL_ROOT}/var/db/pkg" "${BUILD_DIR}/img-pkginfo/var/db/"
   mksquashfs "${BUILD_DIR}/img-pkginfo" "${BUILD_DIR}/${SYSEXTNAME}_pkginfo.raw" \
               -noappend -xattrs-exclude '^btrfs.' -comp zstd -Xcompression-level 22 -b 512k
 fi
 
 info "Writing ${SYSEXTNAME}_packages.txt"
-ROOT="${BUILD_DIR}/${FLAGS_install_root_basename}" PORTAGE_CONFIGROOT="${BUILD_DIR}/${FLAGS_install_root_basename}" \
+ROOT="${THE_INSTALL_ROOT}" PORTAGE_CONFIGROOT="${THE_INSTALL_ROOT}" \
       equery --no-color list --format '$cpv::$repo' '*' > "${BUILD_DIR}/${SYSEXTNAME}_packages.txt"
 
 # Check if there are forbidden packages
@@ -283,7 +293,7 @@ if [[ "${FLAGS_strip_binaries}" = "${FLAGS_TRUE}" ]]; then
     info "Stripping all non-stripped binaries in sysext using '${strip}'"
 
     # Find all non-stripped binaries, remove ':' from filepath, and strip 'em
-    find "${BUILD_DIR}/${FLAGS_install_root_basename}" -exec file \{\} \; \
+    find "${THE_INSTALL_ROOT}" -exec file \{\} \; \
          | awk '/not stripped/ {print substr($1, 1, length($1)-1)}' \
          | while read bin; do
                 info "     ${strip} ${bin}"
@@ -295,37 +305,37 @@ if [[ -n "${FLAGS_manglefs_script}" ]]; then
   if [[ ! -x "${FLAGS_manglefs_script}" ]]; then
     die "${FLAGS_manglefs_script} is not executable"
   fi
-  "${FLAGS_manglefs_script}" "${BUILD_DIR}/${FLAGS_install_root_basename}"
+  "${FLAGS_manglefs_script}" "${THE_INSTALL_ROOT}"
 fi
 
 info "Removing non-/usr directories from sysext image"
-for entry in "${BUILD_DIR}/${FLAGS_install_root_basename}"/*; do
+for entry in "${THE_INSTALL_ROOT}"/*; do
   if [[ "${entry}" = */usr ]]; then
     continue
   fi
   info "  Removing ${entry##*/}"
   rm -rf "${entry}"
 done
-mkdir -p "${BUILD_DIR}/${FLAGS_install_root_basename}/usr/lib/extension-release.d"
+mkdir -p "${THE_INSTALL_ROOT}/usr/lib/extension-release.d"
 version_field="${VERSION_FIELD_OVERRIDE:-VERSION_ID=${FLATCAR_VERSION_ID}}"
 all_fields=(
   'ID=flatcar'
   "${version_field}"
   "ARCHITECTURE=${ARCH}"
 )
-printf '%s\n' "${all_fields[@]}" >"${BUILD_DIR}/${FLAGS_install_root_basename}/usr/lib/extension-release.d/extension-release.${SYSEXTNAME}"
+printf '%s\n' "${all_fields[@]}" >"${THE_INSTALL_ROOT}/usr/lib/extension-release.d/extension-release.${SYSEXTNAME}"
 
 info "Removing opaque directory markers to always merge all contents"
-find "${BUILD_DIR}/${FLAGS_install_root_basename}" -xdev -type d -exec sh -c 'if [ "$(attr -R -q -g overlay.opaque {} 2>/dev/null)" = y ]; then attr -R -r overlay.opaque {}; fi' \;
+find "${THE_INSTALL_ROOT}" -xdev -type d -exec sh -c 'if [ "$(attr -R -q -g overlay.opaque {} 2>/dev/null)" = y ]; then attr -R -r overlay.opaque {}; fi' \;
 
 info "Checking for invalid file ownership"
-invalid_files=$(find "${BUILD_DIR}/${FLAGS_install_root_basename}" -user sdk -or -group sdk)
+invalid_files=$(find "${THE_INSTALL_ROOT}" -user sdk -or -group sdk)
 if [[ -n "${invalid_files}" ]]; then
   die "Invalid file ownership: ${invalid_files}"
 fi
 
 info "Relabeling sysext contents"
-setfiles -D -E -F -r "${BUILD_DIR}/${FLAGS_install_root_basename}" -v -T 0 "${BUILD_DIR}/fs-root/usr/share/flatcar/etc/selinux/mcs/contexts/files/file_contexts" "${BUILD_DIR}/${FLAGS_install_root_basename}"
+setfiles -D -E -F -r "${THE_INSTALL_ROOT}" -v -T 0 "${BUILD_DIR}/fs-root/usr/share/flatcar/etc/selinux/mcs/contexts/files/file_contexts" "${THE_INSTALL_ROOT}"
 umount "${BUILD_DIR}/fs-root"
 
 # Set up EROFS compression options based on compression type
@@ -351,7 +361,7 @@ systemd-repart \
   --private-key="${SYSEXT_SIGNING_KEY_DIR}/sysexts.key" \
   --certificate="${SYSEXT_SIGNING_KEY_DIR}/sysexts.crt" \
   --make-ddi=sysext \
-  --copy-source="${BUILD_DIR}/${FLAGS_install_root_basename}" \
+  --copy-source="${THE_INSTALL_ROOT}" \
   "${BUILD_DIR}/${SYSEXTNAME}.raw"
 
 rm -rf "${BUILD_DIR}"/{fs-root,"${FLAGS_install_root_basename}",workdir}