install: mount esp part before clean_boot_directories()

HuijingHei · HuijingHei · commit a04ec67eaaa0 · 2025-12-18T14:45:57.000+08:00
On ostree OS like FCOS, esp is not mounted after booted, need to
find esp and mount before clean, or `/boot/efi` will be removed.

Signed-off-by: Huijing Hei &lt;hhei@redhat.com&gt;
diff --git a/crates/lib/src/bootloader.rs b/crates/lib/src/bootloader.rs
@@ -5,12 +5,13 @@ use anyhow::{anyhow, bail, Context, Result};
 use bootc_utils::CommandRunExt;
 use camino::Utf8Path;
 use cap_std_ext::cap_std::fs::Dir;
+use cap_std_ext::dirext::CapStdExtDirExt;
 use fn_error_context::context;
 
 use bootc_blockdev::{Partition, PartitionTable};
 use bootc_mount as mount;
 
-use crate::bootc_composefs::boot::{mount_esp, SecurebootKeys};
+use crate::bootc_composefs::boot::{get_sysroot_parent_dev, mount_esp, SecurebootKeys};
 use crate::{discoverable_partition_specification, utils};
 
 /// The name of the mountpoint for efi (as a subdirectory of /boot, or at the toplevel)
@@ -30,6 +31,36 @@ pub(crate) fn esp_in(device: &PartitionTable) -> Result<&Partition> {
         .ok_or(anyhow::anyhow!("ESP not found in partition table"))
 }
 
+/// Get esp partition node based on the root dir
+pub(crate) fn get_esp_partition_node(root: &Dir) -> Result<Option<String>> {
+    let device = get_sysroot_parent_dev(&root)?;
+    let base_partitions = bootc_blockdev::partitions_of(Utf8Path::new(&device))?;
+    let esp = base_partitions.find_partition_of_esp()?;
+    if let Some(esp) = esp {
+        return Ok(Some(esp.node.clone()));
+    };
+    Ok(None)
+}
+
+// Mount esp part at /boot/efi
+pub(crate) fn mount_esp_part(root: &Dir, root_path: &Utf8Path, physical_root: &Dir) -> Result<()> {
+    let efi_path = Utf8Path::new("boot").join(crate::bootloader::EFI_DIR);
+    if let Some(esp_fd) = root
+        .open_dir_optional(&efi_path)
+        .context("Opening /boot/efi")?
+    {
+        if let Some(false) = esp_fd.is_mountpoint(".")? {
+            tracing::debug!("Not a mountpoint: /boot/efi");
+            // On ostree env, should use /target/sysroot because of composefs
+            if let Some(esp_part) = get_esp_partition_node(&physical_root)? {
+                bootc_mount::mount(&esp_part, &root_path.join(&efi_path))?;
+                tracing::debug!("Mounted {esp_part} at /boot/efi");
+            }
+        }
+    }
+    Ok(())
+}
+
 /// Determine if the invoking environment contains bootupd, and if there are bootupd-based
 /// updates in the target root.
 #[context("Querying for bootupd")]
diff --git a/crates/lib/src/install.rs b/crates/lib/src/install.rs
@@ -2196,6 +2196,15 @@ pub(crate) async fn install_to_filesystem(
                 .await??;
         }
         Some(ReplaceMode::Alongside) => {
+            // On existing ostree OS like FCOS, esp is not mounted after booted,
+            // need to find esp and mount before clean
+            if ARCH_USES_EFI {
+                crate::bootloader::mount_esp_part(
+                    &target_rootfs_fd,
+                    &target_root_path,
+                    &rootfs_fd,
+                )?;
+            }
             clean_boot_directories(&target_rootfs_fd, is_already_ostree)?
         }
         None => require_empty_rootdir(&rootfs_fd)?,
