install: Allow permissive ESP detection for existing root

Guara92 · Guara92 · commit bae675d0e95a · 2026-01-25T19:02:06.000+01:00
The strict ESP mount enforcement previously introduced caused regressions
in  scenarios, specifically in CI environments
running inside containers (tmt/podman). In these contexts, bind mounts
often mask `/boot/efi`, causing `is_mountpoint` checks to fail even when
the configuration is valid.

This patch introduces a `require_esp_mount` field to `RootSetup`. When
targeting an existing root (host), we now utilize a permissive mode: if
the explicit mount check fails, logic falls back to scanning the
partition table. This restores compatibility with containerized installs
while maintaining strict safety checks for `to-filesystem` and `to-disk`
modes.

Signed-off-by: Daniele Guarascio &lt;guarascio.daniele@gmail.com&gt;
diff --git a/crates/lib/src/bootc_composefs/boot.rs b/crates/lib/src/bootc_composefs/boot.rs
@@ -531,7 +531,20 @@ pub(crate) fn setup_composefs_bls_boot(
 
             // Locate ESP partition device
             let esp_root = open_target_root(root_setup)?;
-            let esp_part = crate::bootloader::require_boot_efi_mount(&esp_root)?;
+            let esp_part = if root_setup.require_esp_mount {
+                crate::bootloader::require_boot_efi_mount(&esp_root)?
+            } else {
+                match crate::bootloader::require_boot_efi_mount(&esp_root) {
+                    Ok(p) => p,
+                    Err(e) => {
+                        tracing::debug!(
+                            "ESP mount check failed in permissive mode: {e}; falling back to partition table scan"
+                        );
+                        let esp = crate::bootloader::esp_in(&root_setup.device_info)?;
+                        esp.node.clone()
+                    }
+                }
+            };
 
             (
                 root_setup.physical_root_path.clone(),
@@ -1074,7 +1087,21 @@ pub(crate) fn setup_composefs_uki_boot(
             state.require_no_kargs_for_uki()?;
 
             let esp_root = open_target_root(root_setup)?;
-            let esp_part = crate::bootloader::require_boot_efi_mount(&esp_root)?;
+
+            let esp_part = if root_setup.require_esp_mount {
+                crate::bootloader::require_boot_efi_mount(&esp_root)?
+            } else {
+                match crate::bootloader::require_boot_efi_mount(&esp_root) {
+                    Ok(p) => p,
+                    Err(e) => {
+                        tracing::debug!(
+                            "ESP mount check failed in permissive mode: {e}; falling back to partition table scan"
+                        );
+                        let esp = crate::bootloader::esp_in(&root_setup.device_info)?;
+                        esp.node.clone()
+                    }
+                }
+            };
 
             (
                 root_setup.physical_root_path.clone(),
@@ -1254,6 +1281,7 @@ pub(crate) async fn setup_composefs_boot(
             &root_setup.physical_root_path,
             &state.config_opts,
             None,
+            root_setup.require_esp_mount,
         )?;
     } else {
         crate::bootloader::install_systemd_boot(
diff --git a/crates/lib/src/bootloader.rs b/crates/lib/src/bootloader.rs
@@ -92,11 +92,14 @@ pub(crate) fn install_via_bootupd(
     rootfs: &Utf8Path,
     configopts: &crate::install::InstallConfigOpts,
     deployment_path: Option<&str>,
+    require_mount: bool,
 ) -> Result<()> {
-    // We require /boot/efi to be mounted; finding the device is just a sanity check that it is.
-    // The device argument is currently used by bootupctl as a fallback if it can't find the ESP.
-    // But we want to fail fast if our own check fails.
-    let _esp_device = require_boot_efi_mount(root)?;
+    if require_mount {
+        // We require /boot/efi to be mounted; finding the device is just a sanity check that it is.
+        // The device argument is currently used by bootupctl as a fallback if it can't find the ESP.
+        // But we want to fail fast if our own check fails.
+        let _esp_device = require_boot_efi_mount(root)?;
+    }
 
     let verbose = std::env::var_os("BOOTC_BOOTLOADER_DEBUG").map(|_| "-vvvv");
     // bootc defaults to only targeting the platform boot method.
diff --git a/crates/lib/src/install.rs b/crates/lib/src/install.rs
@@ -1160,6 +1160,7 @@ pub(crate) struct RootSetup {
     skip_finalize: bool,
     boot: Option<MountSpec>,
     pub(crate) kargs: CmdlineOwned,
+    pub(crate) require_esp_mount: bool,
 }
 
 fn require_boot_uuid(spec: &MountSpec) -> Result<&str> {
@@ -1625,6 +1626,7 @@ async fn install_with_sysroot(
                     &target_root_path,
                     &state.config_opts,
                     Some(&deployment_path.as_str()),
+                    rootfs.require_esp_mount,
                 )?;
             }
             Bootloader::Systemd => {
@@ -2012,11 +2014,11 @@ fn remove_all_except_loader_dirs(bootdir: &Dir, is_ostree: bool) -> Result<()> {
 }
 
 #[context("Removing boot directory content")]
-fn clean_boot_directories(rootfs: &Dir, is_ostree: bool) -> Result<()> {
+fn clean_boot_directories(rootfs: &Dir, is_ostree: bool, strict_esp: bool) -> Result<()> {
     let bootdir =
         crate::utils::open_dir_remount_rw(rootfs, BOOT.into()).context("Opening /boot")?;
 
-    if ARCH_USES_EFI {
+    if ARCH_USES_EFI && strict_esp {
         // Require an explicit /boot/efi mount to avoid cleaning the wrong ESP.
         crate::bootloader::require_boot_efi_mount(rootfs)?;
     }
@@ -2232,7 +2234,7 @@ pub(crate) async fn install_to_filesystem(
                 .await??;
         }
         Some(ReplaceMode::Alongside) => {
-            clean_boot_directories(&target_rootfs_fd, is_already_ostree)?
+            clean_boot_directories(&target_rootfs_fd, is_already_ostree, !targeting_host_root)?
         }
         None => require_empty_rootdir(&rootfs_fd)?,
     }
@@ -2394,6 +2396,7 @@ pub(crate) async fn install_to_filesystem(
         boot,
         kargs,
         skip_finalize,
+        require_esp_mount: !targeting_host_root,
     };
 
     install_to_filesystem_impl(&state, &mut rootfs, cleanup).await?;
diff --git a/crates/lib/src/install/baseline.rs b/crates/lib/src/install/baseline.rs
@@ -496,5 +496,6 @@ pub(crate) fn install_create_rootfs(
         boot,
         kargs,
         skip_finalize: false,
+        require_esp_mount: true,
     })
 }

Original file line number	Diff line number	Diff line change
`@@ -1160,6 +1160,7 @@ pub(crate) struct RootSetup {`
`1160`	`1160`	`skip_finalize: bool,`
`1161`	`1161`	`boot: Option<MountSpec>,`
`1162`	`1162`	`pub(crate) kargs: CmdlineOwned,`
	`1163`	`+ pub(crate) require_esp_mount: bool,`
`1163`	`1164`	`}`
`1164`	`1165`
`1165`	`1166`	`fn require_boot_uuid(spec: &MountSpec) -> Result<&str> {`
`@@ -1625,6 +1626,7 @@ async fn install_with_sysroot(`
`1625`	`1626`	`&target_root_path,`
`1626`	`1627`	`&state.config_opts,`
`1627`	`1628`	`Some(&deployment_path.as_str()),`
	`1629`	`+ rootfs.require_esp_mount,`
`1628`	`1630`	`)?;`
`1629`	`1631`	`}`
`1630`	`1632`	`Bootloader::Systemd => {`
`@@ -2012,11 +2014,11 @@ fn remove_all_except_loader_dirs(bootdir: &Dir, is_ostree: bool) -> Result<()> {`
`2012`	`2014`	`}`
`2013`	`2015`
`2014`	`2016`	`#[context("Removing boot directory content")]`
`2015`		`-fn clean_boot_directories(rootfs: &Dir, is_ostree: bool) -> Result<()> {`
	`2017`	`+fn clean_boot_directories(rootfs: &Dir, is_ostree: bool, strict_esp: bool) -> Result<()> {`
`2016`	`2018`	`let bootdir =`
`2017`	`2019`	`crate::utils::open_dir_remount_rw(rootfs, BOOT.into()).context("Opening /boot")?;`
`2018`	`2020`
`2019`		`- if ARCH_USES_EFI {`
	`2021`	`+ if ARCH_USES_EFI && strict_esp {`
`2020`	`2022`	`// Require an explicit /boot/efi mount to avoid cleaning the wrong ESP.`
`2021`	`2023`	`crate::bootloader::require_boot_efi_mount(rootfs)?;`
`2022`	`2024`	`}`
`@@ -2232,7 +2234,7 @@ pub(crate) async fn install_to_filesystem(`
`2232`	`2234`	`.await??;`
`2233`	`2235`	`}`
`2234`	`2236`	`Some(ReplaceMode::Alongside) => {`
`2235`		`- clean_boot_directories(&target_rootfs_fd, is_already_ostree)?`
	`2237`	`+ clean_boot_directories(&target_rootfs_fd, is_already_ostree, !targeting_host_root)?`
`2236`	`2238`	`}`
`2237`	`2239`	`None => require_empty_rootdir(&rootfs_fd)?,`
`2238`	`2240`	`}`
`@@ -2394,6 +2396,7 @@ pub(crate) async fn install_to_filesystem(`
`2394`	`2396`	`boot,`
`2395`	`2397`	`kargs,`
`2396`	`2398`	`skip_finalize,`
	`2399`	`+ require_esp_mount: !targeting_host_root,`
`2397`	`2400`	`};`
`2398`	`2401`
`2399`	`2402`	`install_to_filesystem_impl(&state, &mut rootfs, cleanup).await?;`
Original file line number	Diff line number	Diff line change
`@@ -496,5 +496,6 @@ pub(crate) fn install_create_rootfs(`
`496`	`496`	`boot,`
`497`	`497`	`kargs,`
`498`	`498`	`skip_finalize: false,`
	`499`	`+ require_esp_mount: true,`
`499`	`500`	`})`
`500`	`501`	`}`