From 50c98500fdf8824502d63dd3ba68706e2476dc29 Mon Sep 17 00:00:00 2001
From: Colin Walters <walters@verbum.org>
Date: Fri, 29 Sep 2023 17:21:59 -0400
Subject: [PATCH] backend: Make --generate-update-metadata require a sysroot of
 /

As of right now all known callers of this pass `/`.  More generally
we now expect bootupd to run in a container inside its target
root; never outside of it.

xref https://github.com/coreos/coreos-assembler/pull/3631
---
 src/cli/bootupd.rs | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/src/cli/bootupd.rs b/src/cli/bootupd.rs
index a15563ae..1e5384f7 100644
--- a/src/cli/bootupd.rs
+++ b/src/cli/bootupd.rs
@@ -61,7 +61,7 @@ pub struct InstallOpts {
 pub struct GenerateOpts {
     /// Physical root mountpoint
     #[clap(value_parser)]
-    sysroot: String,
+    sysroot: Option<String>,
 }
 
 impl DCommand {
@@ -76,7 +76,11 @@ impl DCommand {
 
     /// Runner for `generate-install-metadata` verb.
     pub(crate) fn run_generate_meta(opts: GenerateOpts) -> Result<()> {
-        bootupd::generate_update_metadata(&opts.sysroot).context("generating metadata failed")?;
+        let sysroot = opts.sysroot.as_deref().unwrap_or("/");
+        if sysroot != "/" {
+            anyhow::bail!("Using a non-default sysroot is not supported: {}", sysroot);
+        }
+        bootupd::generate_update_metadata(sysroot).context("generating metadata failed")?;
         Ok(())
     }