utils: Move open_dir_noxdev here

Prep for using it elsewhere.

Signed-off-by: Colin Walters <[email protected]>

Author: cgwalters

lib/src/lints.rs

@@ -11,8 +11,6 @@ use cap_std_ext::cap_std;
 use cap_std_ext::dirext::CapStdExtDirExt as _;
 use fn_error_context::context;
 
-use crate::utils::openat2_with_retry;
-
 /// Reference to embedded default baseimage content that should exist.
 const BASEIMAGE_REF: &str = "usr/share/doc/bootc/baseimage/base";
 
@@ -72,25 +70,6 @@ fn check_kernel(root: &Dir) -> Result<()> {
     Ok(())
 }
 
-/// Open the target directory, but return Ok(None) if this would cross a mount point.
-fn open_dir_noxdev(
-    parent: &Dir,
-    path: impl AsRef<std::path::Path>,
-) -> std::io::Result<Option<Dir>> {
-    use rustix::fs::{Mode, OFlags, ResolveFlags};
-    match openat2_with_retry(
-        parent,
-        path,
-        OFlags::CLOEXEC | OFlags::DIRECTORY | OFlags::NOFOLLOW,
-        Mode::empty(),
-        ResolveFlags::NO_XDEV | ResolveFlags::BENEATH,
-    ) {
-        Ok(r) => Ok(Some(Dir::reopen_dir(&r)?)),
-        Err(e) if e == rustix::io::Errno::XDEV => Ok(None),
-        Err(e) => return Err(e.into()),
-    }
-}
-
 fn check_utf8(dir: &Dir) -> Result<()> {
     for entry in dir.entries()? {
         let entry = entry?;
@@ -109,7 +88,7 @@ fn check_utf8(dir: &Dir) -> Result<()> {
                 "/{strname}: Found non-utf8 symlink target"
             );
         } else if ifmt.is_dir() {
-            let Some(subdir) = open_dir_noxdev(dir, entry.file_name())? else {
+            let Some(subdir) = crate::utils::open_dir_noxdev(dir, entry.file_name())? else {
                 continue;
             };
             if let Err(err) = check_utf8(&subdir) {
@@ -181,17 +160,6 @@ mod tests {
         Ok(tempdir)
     }
 
-    #[test]
-    fn test_open_noxdev() -> Result<()> {
-        let root = Dir::open_ambient_dir("/", cap_std::ambient_authority())?;
-        // This hard requires the host setup to have /usr/bin on the same filesystem as /
-        let usr = Dir::open_ambient_dir("/usr", cap_std::ambient_authority())?;
-        assert!(open_dir_noxdev(&usr, "bin").unwrap().is_some());
-        // Requires a mounted /proc, but that also seems ane.
-        assert!(open_dir_noxdev(&root, "proc").unwrap().is_none());
-        Ok(())
-    }
-
     #[test]
     fn test_var_run() -> Result<()> {
         let root = &fixture()?;

lib/src/utils.rs

@@ -110,6 +110,25 @@ pub(crate) fn open_dir_remount_rw(root: &Dir, target: &Utf8Path) -> Result<Dir>
     root.open_dir(target).map_err(anyhow::Error::new)
 }
 
+/// Open the target directory, but return Ok(None) if this would cross a mount point.
+pub fn open_dir_noxdev(
+    parent: &Dir,
+    path: impl AsRef<std::path::Path>,
+) -> std::io::Result<Option<Dir>> {
+    use rustix::fs::{Mode, OFlags, ResolveFlags};
+    match openat2_with_retry(
+        parent,
+        path,
+        OFlags::CLOEXEC | OFlags::DIRECTORY | OFlags::NOFOLLOW,
+        Mode::empty(),
+        ResolveFlags::NO_XDEV | ResolveFlags::BENEATH,
+    ) {
+        Ok(r) => Ok(Some(Dir::reopen_dir(&r)?)),
+        Err(e) if e == rustix::io::Errno::XDEV => Ok(None),
+        Err(e) => return Err(e.into()),
+    }
+}
+
 /// Given a target path, remove its immutability if present
 #[context("Removing immutable flag from {target}")]
 pub(crate) fn remove_immutability(root: &Dir, target: &Utf8Path) -> Result<()> {
@@ -223,6 +242,8 @@ pub(crate) fn digested_pullspec(image: &str, digest: &str) -> String {
 
 #[cfg(test)]
 mod tests {
+    use cap_std_ext::cap_std;
+
     use super::*;
 
     #[test]
@@ -269,4 +290,15 @@ mod tests {
             SignatureSource::ContainerPolicyAllowInsecure
         );
     }
+
+    #[test]
+    fn test_open_noxdev() -> Result<()> {
+        let root = Dir::open_ambient_dir("/", cap_std::ambient_authority())?;
+        // This hard requires the host setup to have /usr/bin on the same filesystem as /
+        let usr = Dir::open_ambient_dir("/usr", cap_std::ambient_authority())?;
+        assert!(open_dir_noxdev(&usr, "bin").unwrap().is_some());
+        // Requires a mounted /proc, but that also seems ane.
+        assert!(open_dir_noxdev(&root, "proc").unwrap().is_none());
+        Ok(())
+    }
 }