repart: Exclude APIVFS mountpoint directories

Also exclude APIVFS and temporary files directories from the copy
operation so that these files don't accidentally end up in images.

src/partition/repart.c

@@ -4065,6 +4065,12 @@ static int make_copy_files_denylist(Context *context, const Partition *p, Hashma
                 }
         }
 
+        FOREACH_STRING(s, "proc", "sys", "dev", "tmp", "run", "var/tmp") {
+                r = add_exclude_path(s, &denylist, DENY_CONTENTS);
+                if (r < 0)
+                        return r;
+        }
+
         STRV_FOREACH(e, p->exclude_files) {
                 r = add_exclude_path(*e, &denylist, endswith(*e, "/") ? DENY_CONTENTS : DENY_INODE);
                 if (r < 0)

test/units/testsuite-58.sh

@@ -852,6 +852,8 @@ test_exclude_files() {
     runas testuser mkdir "$root/usr"
     runas testuser touch "$root/usr/def"
     runas testuser touch "$root/usr/qed"
+    runas testuser mkdir "$root/tmp"
+    runas testuser touch "$root/tmp/prs"
 
     runas testuser tee "$defs/00-root.conf" <<EOF
 [Partition]
@@ -890,6 +892,10 @@ EOF
     assert_rc 0 ls "$imgs/mnt/usr"
     assert_rc 2 ls "$imgs/mnt/usr/def"
 
+    # Test that /tmp/prs did not end up in the root partition but /tmp did.
+    assert_rc 0 ls "$imgs/mnt/tmp"
+    assert_rc 2 ls "$imgs/mnt/tmp/prs"
+
     # Test that /usr/qed did not end up in the usr partition but /usr/def did.
     mount -t ext4 "${loop}p2" "$imgs/mnt/usr"
     assert_rc 0 ls "$imgs/mnt/usr/def"