mklive nukes host pseudofs (dev, sys, proc) when interrupted in some circumstances

[0x5c]

(Previously mentioned as a secondary bug in #288)

When interrupting mklive (or when it hits a failure) in some circumstances, it will fail to unmount all or some of the pseudofs bind mounts in umount_pseudofs. This causes the rm -rf call in error_out to delete anything in the pseudofs bind mounts that remain.

In my case, lingering processes in a DKMS build kept the /dev bind mount busy, causing most dev nodes on the host to be removed. The main symptoms were the shell screaming about /dev/null being nonexistent and most programs failing to start; a full system restart was required.

A simple reproducer would be

./build-x86-images.sh -a x86_64 -b base -- -v linux6.6 -p zfs

and a ^C once the target xbps is at Building DKMS module 'zfs-2.2.2' for kernel-6.5.13_1...

It seems like there's 3 prongs to that bug

1. mklive does not ensure that processes in the chroot are all gone, allowing for pseudofs remaining busy.
2. There is insufficient error handling when unmounting, allowing further cleanup to happen while one or more pseudofs is still being used.
3. The rm call lacks the --one-file-system option, which should prevent it deleting anything in pseudofs if all else fails.

Anything keeping the /sys bind mount busy could also have permanent consequences, like the mangling of efivars on the host.

[leahneukirchen]

+1, especially for (3).

[classabbyamp]

1. mklive does not ensure that processes in the chroot are all gone, allowing for pseudofs remaining busy.

any ideas on this? Not sure how we could ensure everything is done. I don't think wait would work here for procs e.g. spawned by xbps

[classabbyamp]

partial solution, maybe? #365