From a4cc298d8c7cb2b5cdb953835f5fbd18264c25e6 Mon Sep 17 00:00:00 2001
From: Adam0Brien <aobrien@redhat.com>
Date: Tue, 11 Apr 2023 14:20:50 +0100
Subject: [PATCH] When mounting filesystems, Ignition was relabeling the
 mountpoint directory even if it previously existed. This isn't necessary, and
 fails if the mountpoint is on a read-only filesystem, such as /usr/share/oem
 on Flatcar. Relabel the mountpoint only if we create it. Fixes:
 https://github.com/coreos/ignition/issues/1452

---
 docs/release-notes.md               |  1 +
 internal/exec/stages/mount/mount.go | 20 ++++++++------------
 2 files changed, 9 insertions(+), 12 deletions(-)

diff --git a/docs/release-notes.md b/docs/release-notes.md
index 501cda2430..46f0220212 100644
--- a/docs/release-notes.md
+++ b/docs/release-notes.md
@@ -26,6 +26,7 @@ Starting with this release, ignition-validate binaries are signed with the
 - Clarify documentation of `passwordHash` fields
 - Correctly document Tang `advertisement` field as optional
 - Fix failure disabling nonexistent unit with systemd ≥ 252
+- Don't relabel a mount point that already exists
 
 ### Test changes
 
diff --git a/internal/exec/stages/mount/mount.go b/internal/exec/stages/mount/mount.go
index fd59e80a58..8898bcf007 100644
--- a/internal/exec/stages/mount/mount.go
+++ b/internal/exec/stages/mount/mount.go
@@ -123,29 +123,25 @@ func (s stage) mountFs(fs types.Filesystem) error {
 		return err
 	}
 
-	var firstMissing string
-	if distro.SelinuxRelabel() {
-		var err error
-		firstMissing, err = util.FindFirstMissingPathComponent(path)
+	if _, err := os.Stat(path); err != nil && os.IsNotExist(err) {
+		firstMissing, err := util.FindFirstMissingPathComponent(path)
 		if err != nil {
 			return err
 		}
-	}
 
-	if _, err := os.Stat(path); err != nil && os.IsNotExist(err) {
 		// Record created directories for use by the files stage.
 		// NotateMkdirAll() is relative to the DestDir.
 		if err := s.NotateMkdirAll(relpath, 0755); err != nil {
 			return err
 		}
-	} else if err != nil {
-		return err
-	}
 
-	if distro.SelinuxRelabel() {
-		if err := s.RelabelFiles([]string{firstMissing}); err != nil {
-			return err
+		if distro.SelinuxRelabel() {
+			if err := s.RelabelFiles([]string{firstMissing}); err != nil {
+				return err
+			}
 		}
+	} else if err != nil {
+		return err
 	}
 
 	args := translateOptionSliceToString(fs.MountOptions, ",")