Apply bind-mount, kill gpg-agent

to not to afflict side-effects on host system and not to block
unmounting of /dev

Signed-off-by: Knut Ahlers <knut@ahlers.me>

mkroots.sh

@@ -25,10 +25,14 @@ fi
 # Build in a tempdir
 tmpdir=$(mktemp -d)
 function rm_temp() {
+  umount ${tmpdir}
   rm -rf ${tmpdir}
 }
 trap rm_temp EXIT
 
+# Create a bind-mount to avoid side-effects on the host system
+mount --bind ${tmpdir} ${tmpdir}
+
 # Pacstrap the requested packages
 env -i pacstrap -C /usr/share/devtools/pacman-extra.conf -c -d -G -M ${tmpdir} "${packages[@]}"
 
@@ -36,9 +40,18 @@ env -i pacstrap -C /usr/share/devtools/pacman-extra.conf -c -d -G -M ${tmpdir} "
 cp --recursive --preserve=timestamps --backup --suffix=.pacnew rootfs/* ${tmpdir}/
 
 # Initialize locales and pacman-keys
-arch-chroot ${tmpdir} locale-gen
-arch-chroot ${tmpdir} pacman-key --init
-arch-chroot ${tmpdir} pacman-key --populate archlinux
+arch-chroot ${tmpdir} bash -ex <<EOF
+# Generate locales
+locale-gen
+
+# Initialize pacman-key keyring
+pacman-key --init
+pacman-key --populate archlinux
+
+# Stop agent to free /dev mount
+export GNUPGHOME=/etc/pacman.d/gnupg
+gpgconf --kill gpg-agent
+EOF
 
 # Pack rootfs
 tar --numeric-owner --xattrs --acls --exclude-from=exclude -C ${tmpdir} -c . -f archlinux.tar