install: Move warning after state and possible re-exec

I'm not sure if this fell out of a refactoring or not, but right now we end up emitting the warning here twice in the case that we re-exec the current process in order to get the right SELinux label. It's unfortunately a bit hard to truly minimize the set of things we do before `prepare_install`, so we'll just have to be mindful. Signed-off-by: Colin Walters <[email protected]>
lukewarmtemp · Jun 13, 2024 · 28e24c2 · 28e24c2
1 parent a15090b
commit 28e24c2
Showing 1 changed file with 7 additions and 3 deletions.
diff --git a/lib/src/install.rs b/lib/src/install.rs
@@ -1442,14 +1442,18 @@ pub(crate) async fn install_to_filesystem(
         anyhow::bail!("Not a mountpoint: {root_path}");
     }
 
+    // Gather global state, destructuring the provided options.
+    // IMPORTANT: We might re-execute the current process in this function (for SELinux among other things)
+    // IMPORTANT: and hence anything that is done before MUST BE IDEMPOTENT.
+    // IMPORTANT: In practice, we should only be gathering information before this point,
+    // IMPORTANT: and not performing any mutations at all.
+    let state = prepare_install(opts.config_opts, opts.source_opts, opts.target_opts).await?;
+
     // Check to see if this happens to be the real host root
     if !fsopts.acknowledge_destructive {
         warn_on_host_root(&rootfs_fd)?;
     }
 
-    // Gather global state, destructuring the provided options
-    let state = prepare_install(opts.config_opts, opts.source_opts, opts.target_opts).await?;
-
     match fsopts.replace {
         Some(ReplaceMode::Wipe) => {
             let rootfs_fd = rootfs_fd.try_clone()?;