This is 100% vibe coded, but I think it might be possible to have imagecraft not require access to loop devices at all which would be a great step towards having it be able to run in unprivileged containers (I have another vibe-coded branch that removes it in the grub case). Happy to talk about all this at some point! Replace the losetup-based build path with a loop-free flow. For each partition in a volume, pack() now: 1. Reads the partition's sector offset and size from sfdisk --json on the disk file (via the new diskutil.get_partition_geometry helper, which works for both GPT and MBR images). 2. Sanity-checks the on-disk size against the structure spec. 3. Creates a temp file sized to match the partition. 4. Calls diskutil.format_populate_partition to mkfs/copy content into the temp file. 5. dd's the temp file into the disk image at the right sector offset via diskutil.inject_partition_into_image. 6. Deletes the temp file. attach_images/detach_images/get_loop_paths and the atexit handler in ImageService are no longer called from the build path, removing the losetup requirement. The methods themselves are kept in place for now because pack/grubutil.py still uses image.attach_loopdev() for grub install; that is being addressed in a parallel Phase B effort. This is required so imagecraft can build images inside unprivileged LXD containers, where /dev/loop-control is gated on init_user_ns CAP_SYS_ADMIN. --- - [ ] I've followed the [contribution guidelines](https://github.com/canonical/imagecraft/blob/main/CONTRIBUTING.md). - [ ] I've signed the [CLA](http://www.ubuntu.com/legal/contributors/). - [ ] I've successfully run `make lint && make test`. - [ ] I've added or updated any relevant documentation. - [ ] In documents I changed, I [added a meta description](https://canonical-starflow.readthedocs-hosted.com/how-to/add-a-page-meta-description/) if one was missing.