install: Allow permissive ESP detection for existing root

Guara92 · Guara92 · commit 67361c40f940 · 2026-02-08T12:52:25.000+01:00
The strict ESP mount enforcement previously introduced caused regressions
in  scenarios, specifically in CI environments
running inside containers (tmt/podman). In these contexts, bind mounts
often mask `/boot/efi`, causing `is_mountpoint` checks to fail even when
the configuration is valid.

This patch introduces a `require_esp_mount` field to `RootSetup`. When
targeting an existing root (host), we now utilize a permissive mode: if
the explicit mount check fails, logic falls back to scanning the
partition table. This restores compatibility with containerized installs
while maintaining strict safety checks for `to-filesystem` and `to-disk`
modes.

Signed-off-by: Daniele Guarascio &lt;guarascio.daniele@gmail.com&gt;
diff --git a/crates/lib/src/bootc_composefs/boot.rs b/crates/lib/src/bootc_composefs/boot.rs
@@ -531,7 +531,20 @@ pub(crate) fn setup_composefs_bls_boot(
 
             // Locate ESP partition device
             let esp_root = open_target_root(root_setup)?;
-            let esp_part = crate::bootloader::require_boot_efi_mount(&esp_root)?;
+            let esp_part = if root_setup.require_esp_mount {
+                crate::bootloader::require_boot_efi_mount(&esp_root)?
+            } else {
+                match crate::bootloader::require_boot_efi_mount(&esp_root) {
+                    Ok(p) => p,
+                    Err(e) => {
+                        tracing::debug!(
+                            "ESP mount check failed in permissive mode: {e}; falling back to partition table scan"
+                        );
+                        let esp = crate::bootloader::esp_in(&root_setup.device_info)?;
+                        esp.node.clone()
+                    }
+                }
+            };
 
             (
                 root_setup.physical_root_path.clone(),
@@ -1074,7 +1087,21 @@ pub(crate) fn setup_composefs_uki_boot(
             state.require_no_kargs_for_uki()?;
 
             let esp_root = open_target_root(root_setup)?;
-            let esp_part = crate::bootloader::require_boot_efi_mount(&esp_root)?;
+
+            let esp_part = if root_setup.require_esp_mount {
+                crate::bootloader::require_boot_efi_mount(&esp_root)?
+            } else {
+                match crate::bootloader::require_boot_efi_mount(&esp_root) {
+                    Ok(p) => p,
+                    Err(e) => {
+                        tracing::debug!(
+                            "ESP mount check failed in permissive mode: {e}; falling back to partition table scan"
+                        );
+                        let esp = crate::bootloader::esp_in(&root_setup.device_info)?;
+                        esp.node.clone()
+                    }
+                }
+            };
 
             (
                 root_setup.physical_root_path.clone(),
@@ -1254,6 +1281,7 @@ pub(crate) async fn setup_composefs_boot(
             &root_setup.physical_root_path,
             &state.config_opts,
             None,
+            root_setup.require_esp_mount,
         )?;
     } else {
         crate::bootloader::install_systemd_boot(
diff --git a/crates/lib/src/bootloader.rs b/crates/lib/src/bootloader.rs
@@ -92,11 +92,14 @@ pub(crate) fn install_via_bootupd(
     rootfs: &Utf8Path,
     configopts: &crate::install::InstallConfigOpts,
     deployment_path: Option<&str>,
+    require_mount: bool,
 ) -> Result<()> {
-    // We require /boot/efi to be mounted; finding the device is just a sanity check that it is.
-    // The device argument is currently used by bootupctl as a fallback if it can't find the ESP.
-    // But we want to fail fast if our own check fails.
-    let _esp_device = require_boot_efi_mount(root)?;
+    if require_mount {
+        // We require /boot/efi to be mounted; finding the device is just a sanity check that it is.
+        // The device argument is currently used by bootupctl as a fallback if it can't find the ESP.
+        // But we want to fail fast if our own check fails.
+        let _esp_device = require_boot_efi_mount(root)?;
+    }
 
     let verbose = std::env::var_os("BOOTC_BOOTLOADER_DEBUG").map(|_| "-vvvv");
     // bootc defaults to only targeting the platform boot method.
diff --git a/crates/lib/src/install.rs b/crates/lib/src/install.rs
@@ -1298,6 +1298,7 @@ pub(crate) struct RootSetup {
     skip_finalize: bool,
     boot: Option<MountSpec>,
     pub(crate) kargs: CmdlineOwned,
+    pub(crate) require_esp_mount: bool,
 }
 
 fn require_boot_uuid(spec: &MountSpec) -> Result<&str> {
@@ -1772,6 +1773,7 @@ async fn install_with_sysroot(
                     &target_root_path,
                     &state.config_opts,
                     Some(&deployment_path.as_str()),
+                    rootfs.require_esp_mount,
                 )?;
             }
             Bootloader::Systemd => {
@@ -2159,11 +2161,11 @@ fn remove_all_except_loader_dirs(bootdir: &Dir, is_ostree: bool) -> Result<()> {
 }
 
 #[context("Removing boot directory content")]
-fn clean_boot_directories(rootfs: &Dir, is_ostree: bool) -> Result<()> {
+fn clean_boot_directories(rootfs: &Dir, is_ostree: bool, strict_esp: bool) -> Result<()> {
     let bootdir =
         crate::utils::open_dir_remount_rw(rootfs, BOOT.into()).context("Opening /boot")?;
 
-    if ARCH_USES_EFI {
+    if ARCH_USES_EFI && strict_esp {
         // Require an explicit /boot/efi mount to avoid cleaning the wrong ESP.
         crate::bootloader::require_boot_efi_mount(rootfs)?;
     }
@@ -2379,7 +2381,7 @@ pub(crate) async fn install_to_filesystem(
                 .await??;
         }
         Some(ReplaceMode::Alongside) => {
-            clean_boot_directories(&target_rootfs_fd, is_already_ostree)?
+            clean_boot_directories(&target_rootfs_fd, is_already_ostree, !targeting_host_root)?
         }
         None => require_empty_rootdir(&rootfs_fd)?,
     }
@@ -2541,6 +2543,7 @@ pub(crate) async fn install_to_filesystem(
         boot,
         kargs,
         skip_finalize,
+        require_esp_mount: !targeting_host_root,
     };
 
     install_to_filesystem_impl(&state, &mut rootfs, cleanup).await?;
diff --git a/crates/lib/src/install/baseline.rs b/crates/lib/src/install/baseline.rs
@@ -496,5 +496,6 @@ pub(crate) fn install_create_rootfs(
         boot,
         kargs,
         skip_finalize: false,
+        require_esp_mount: true,
     })
 }

Original file line number	Diff line number	Diff line change
`@@ -1298,6 +1298,7 @@ pub(crate) struct RootSetup {`
`1298`	`1298`	`skip_finalize: bool,`
`1299`	`1299`	`boot: Option<MountSpec>,`
`1300`	`1300`	`pub(crate) kargs: CmdlineOwned,`
	`1301`	`+ pub(crate) require_esp_mount: bool,`
`1301`	`1302`	`}`
`1302`	`1303`
`1303`	`1304`	`fn require_boot_uuid(spec: &MountSpec) -> Result<&str> {`
`@@ -1772,6 +1773,7 @@ async fn install_with_sysroot(`
`1772`	`1773`	`&target_root_path,`
`1773`	`1774`	`&state.config_opts,`
`1774`	`1775`	`Some(&deployment_path.as_str()),`
	`1776`	`+ rootfs.require_esp_mount,`
`1775`	`1777`	`)?;`
`1776`	`1778`	`}`
`1777`	`1779`	`Bootloader::Systemd => {`
`@@ -2159,11 +2161,11 @@ fn remove_all_except_loader_dirs(bootdir: &Dir, is_ostree: bool) -> Result<()> {`
`2159`	`2161`	`}`
`2160`	`2162`
`2161`	`2163`	`#[context("Removing boot directory content")]`
`2162`		`-fn clean_boot_directories(rootfs: &Dir, is_ostree: bool) -> Result<()> {`
	`2164`	`+fn clean_boot_directories(rootfs: &Dir, is_ostree: bool, strict_esp: bool) -> Result<()> {`
`2163`	`2165`	`let bootdir =`
`2164`	`2166`	`crate::utils::open_dir_remount_rw(rootfs, BOOT.into()).context("Opening /boot")?;`
`2165`	`2167`
`2166`		`- if ARCH_USES_EFI {`
	`2168`	`+ if ARCH_USES_EFI && strict_esp {`
`2167`	`2169`	`// Require an explicit /boot/efi mount to avoid cleaning the wrong ESP.`
`2168`	`2170`	`crate::bootloader::require_boot_efi_mount(rootfs)?;`
`2169`	`2171`	`}`
`@@ -2379,7 +2381,7 @@ pub(crate) async fn install_to_filesystem(`
`2379`	`2381`	`.await??;`
`2380`	`2382`	`}`
`2381`	`2383`	`Some(ReplaceMode::Alongside) => {`
`2382`		`- clean_boot_directories(&target_rootfs_fd, is_already_ostree)?`
	`2384`	`+ clean_boot_directories(&target_rootfs_fd, is_already_ostree, !targeting_host_root)?`
`2383`	`2385`	`}`
`2384`	`2386`	`None => require_empty_rootdir(&rootfs_fd)?,`
`2385`	`2387`	`}`
`@@ -2541,6 +2543,7 @@ pub(crate) async fn install_to_filesystem(`
`2541`	`2543`	`boot,`
`2542`	`2544`	`kargs,`
`2543`	`2545`	`skip_finalize,`
	`2546`	`+ require_esp_mount: !targeting_host_root,`
`2544`	`2547`	`};`
`2545`	`2548`
`2546`	`2549`	`install_to_filesystem_impl(&state, &mut rootfs, cleanup).await?;`
Original file line number	Diff line number	Diff line change
`@@ -496,5 +496,6 @@ pub(crate) fn install_create_rootfs(`
`496`	`496`	`boot,`
`497`	`497`	`kargs,`
`498`	`498`	`skip_finalize: false,`
	`499`	`+ require_esp_mount: true,`
`499`	`500`	`})`
`500`	`501`	`}`