From f0857fd5608525115bd8a96c2f75368263f6f830 Mon Sep 17 00:00:00 2001
From: monsieuremre <130907164+monsieuremre@users.noreply.github.com>
Date: Mon, 23 Oct 2023 15:33:05 +0000
Subject: [PATCH] Fix double mount issue for /var/log and /var/tmp

Mounting var with bind and mounting a subdirectory causes /var/tmp and /var/log bind mounted twice each. can be checked with lsblk. When we bind mount var only after having mounted the subdirectories, everything is mounted only one.
---
 usr/bin/remount-secure | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/usr/bin/remount-secure b/usr/bin/remount-secure
index 9c5bb55..e38e837 100755
--- a/usr/bin/remount-secure
+++ b/usr/bin/remount-secure
@@ -232,14 +232,6 @@ _tmp() {
    remount_secure
 }
 
-_var() {
-   mount_folder="$NEWROOT/var"
-   ## noexec: Not possible. Reason:
-   ## Debian stores executable maintainer scripts in /var/lib/dpkg/info folder.
-   intended_mount_options="nosuid,nodev"
-   remount_secure
-}
-
 _var_tmp() {
    mount_folder="$NEWROOT/var/tmp"
    intended_mount_options="nosuid,nodev${most_noexec_maybe}"
@@ -252,6 +244,14 @@ _var_log() {
    remount_secure
 }
 
+_var() {
+   mount_folder="$NEWROOT/var"
+   ## noexec: Not possible. Reason:
+   ## Debian stores executable maintainer scripts in /var/lib/dpkg/info folder.
+   intended_mount_options="nosuid,nodev"
+   remount_secure
+}
+
 _lib() {
    mount_folder="$NEWROOT/lib"
    ## Cannot use noexec on /lib as per:
@@ -289,9 +289,9 @@ main() {
    _dev
    _dev_shm
    _tmp
-   _var
    _var_tmp
    _var_log
+   _var
    _home
 
    end