run: Handle the case where /tmp on the host is a symlink

If the app explicitly grants access to the host /tmp (for
instance telegram) then when this is being exposed as a symlink
in the sandbox we get an error because /tmp already exists
as a dir, which we create very early on.

It doesn't really make sense to keep /tmp as a symlink in
the sandbox anyway, so we just special case this and mount
the symlink target as /tmp.

common/flatpak-run.c

@@ -2574,6 +2574,18 @@ exports_path_hide (FlatpakExports *exports,
   g_hash_table_insert (exports->hash, ep->path, ep);
 }
 
+static gboolean
+never_export_as_symlink (const char *path)
+{
+  /* Don't export /tmp as a symlink even if it is on the host, because
+     that will fail with the pre-existing directory we created for /tmp,
+     and anyway, it being a symlink is not useful in the sandbox */
+  if (strcmp (path, "/tmp") == 0)
+    return TRUE;
+
+  return FALSE;
+}
+
 /* We use the level to make sure we get the ordering somewhat right.
  * For instance if /symlink -> /z_dir is exported, then we want to create
  * /z_dir before /symlink, because otherwise an export like /symlink/foo
@@ -2625,7 +2637,7 @@ _exports_path_expose (FlatpakExports *exports,
       if (old_ep != NULL)
         old_mode = old_ep->mode;
 
-      if (S_ISLNK (st.st_mode))
+      if (S_ISLNK (st.st_mode) && !never_export_as_symlink (path))
         {
           g_autofree char *resolved = flatpak_resolve_link (path, NULL);