fsBefore does not recognise one filesystem as depending on another filesystem in the case of bind mounts where the source of the bind mount is not itself a mount point

[jakobrs]

Describe the bug
stage-1.nix generates a list of file systems that are needed for boot. This list is not topologically sorted, which leads to situations where the system won't boot because the file systems aren't mounted in the right order.

Edit: After looking at it for a while, it seems the real problem is that this function is too strict:

{
  # Check whenever `b` depends on `a` as a fileSystem
  fsBefore = a: b: a.mountPoint == b.device
                || hasPrefix "${a.mountPoint}${optionalString (!(hasSuffix "/" a.mountPoint)) "/"}" b.mountPoint;
}

I think it should be something like this instead:

{
  # Check whenever `b` depends on `a` as a fileSystem
  fsBefore = a: b: hasPrefix "${a.mountPoint}${optionalString (!(hasSuffix "/" a.mountPoint)) "/"}" b.device
                || hasPrefix "${a.mountPoint}${optionalString (!(hasSuffix "/" a.mountPoint)) "/"}" b.mountPoint;
}

To Reproduce

{
  fileSystems."/persist".device = "/dev/disk/by-uuid/whatever";
  fileSystems."/nix" = {
    device = "/persist/nix";
    fsType = "none";
    options = [ "bind" ];
  };
}

Because /nixcomes before /persist alphabetically, it's mounted first (which fails). You can read the initrd-fsinfo file using:

1. nixos-rebuild build
2. nix-store -qR ./result | grep initrd-linux
3. archivemount <result of last command>/initrd mnt
4. cat mnt/nix/store/*initrd-fsinfo*

Expected behavior
The list of file systems to be topologically sorted.

Additional context
Originally found this while trying to try out root-on-tmpfs.

Notify maintainers
Couldn't find anyone.

Metadata

• system: "x86_64-linux"
• host os: Linux 5.6.7, NixOS, 20.03.1619.ab3adfe1c76 (Markhor)
• multi-user?: yes
• sandbox: yes
• version: nix-env (Nix) 2.3.4
• channels(root): "nixos-20.03.1619.ab3adfe1c76, nixos-19.09-19.09.2477.a7ceb2536ab, nixos-unstable-20.09pre223023.fce7562cf46, nixos-unstable-small-20.09pre223385.3b00e78e63b"
• channels(jakob): "nixpkgs-20.09pre221814.10100a97c89"
• nixpkgs: /home/jakob/.nix-defexpr/channels/nixpkgs

Maintainer information:

# a list of nixpkgs attributes affected by the problem
attribute:
# a list of nixos modules affected by the problem
module: system/boot

[griff]

This is also a problem when using overlayfs since the dependencies are specified in options not device or mountPoint and for this problem #86967 is not enough to fix the issue. The fileSystem.<name>.depends option sugested by @jakobrs in #86967 (comment) would solve it.

Actually the only reason the current ISO and netboot images aren't broken because of this (they use overlayfs) is solely because /nix/.ro-store and /nix/.rw-store comes alphabetically before /nix/store.

[stale]

I marked this as stale due to inactivity. → More info

[nrdxp]

This is still an issue, and for me a fairly big one, since I can't generate secrets with agenix with my current setup:
ryantm/agenix#45 (comment)
nix-community/impermanence#22 (comment)