fix: live-boot install — avoid chroot, use dpkg extraction fallback

The chroot /installer command fails inside the CI container because
the container exits after debootstrap completes (set -e + container
boundary). The chroot then runs on the host where /installer doesn't
exist.

Fix: use apt-get with Dir overrides first, fall back to dpkg-deb -x
extraction of live-boot .deb files directly into the installer root.
This bypasses chroot entirely and is more robust in container-in-
container environments.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

image-recipe/build-auto-installer-iso.sh

@@ -464,17 +464,51 @@ linux-image-${DEB_ARCH},grub-efi-${DEB_ARCH},grub-pc-bin,\
 pciutils,usbutils,less,nano \
     bookworm /installer http://deb.debian.org/debian
 
-# Install live-boot separately — debootstrap minbase resolver can't handle it
+# Install live-boot separately — debootstrap minbase resolver cannot handle it.
+# Use apt-get with explicit root dir instead of chroot (avoids /proc issues in containers).
 echo "   [container] Installing live-boot for squashfs root support..."
-chroot /installer apt-get update -qq
-chroot /installer apt-get install -y --no-install-recommends live-boot live-boot-initramfs-tools
-chroot /installer apt-get clean
+cp /etc/resolv.conf /installer/etc/resolv.conf 2>/dev/null || true
+apt-get -o Dir=/installer -o Dir::State::status=/installer/var/lib/dpkg/status \
+    -o Dir::Etc::SourceList=/installer/etc/apt/sources.list \
+    -o Dir::Cache=/installer/var/cache/apt \
+    update -qq 2>/dev/null || {
+    # Fallback: copy host apt lists and install directly
+    echo "   [container] apt-get Dir method failed, using dpkg extraction..."
+    apt-get update -qq
+    apt-get download live-boot live-boot-initramfs-tools 2>/dev/null
+    for deb in live-boot*.deb; do
+        dpkg-deb -x "$deb" /installer/ 2>/dev/null || true
+    done
+    rm -f live-boot*.deb
+}
+# Try chroot install if apt-get Dir method populated the lists
+if [ -f /installer/var/lib/apt/lists/*_Packages 2>/dev/null ]; then
+    mount --bind /proc /installer/proc 2>/dev/null || true
+    mount --bind /sys /installer/sys 2>/dev/null || true
+    mount --bind /dev /installer/dev 2>/dev/null || true
+    chroot /installer apt-get install -y --no-install-recommends live-boot live-boot-initramfs-tools 2>/dev/null || true
+    chroot /installer apt-get clean 2>/dev/null || true
+    umount /installer/dev 2>/dev/null || true
+    umount /installer/sys 2>/dev/null || true
+    umount /installer/proc 2>/dev/null || true
+fi
+
 # Verify live-boot hooks are in place
 if [ -d /installer/usr/share/initramfs-tools/scripts/live ]; then
     echo "   [container] live-boot initramfs hooks: OK"
 else
-    echo "   [container] WARNING: live-boot hooks not found!"
-    ls /installer/usr/share/initramfs-tools/scripts/ 2>/dev/null
+    echo "   [container] WARNING: live-boot hooks missing, trying dpkg extraction..."
+    apt-get download live-boot live-boot-initramfs-tools 2>/dev/null || true
+    for deb in live-boot*.deb; do
+        dpkg-deb -x "$deb" /installer/ 2>/dev/null || true
+    done
+    rm -f live-boot*.deb 2>/dev/null || true
+    if [ -d /installer/usr/share/initramfs-tools/scripts/live ]; then
+        echo "   [container] live-boot hooks installed via dpkg extraction: OK"
+    else
+        echo "   [container] FATAL: Could not install live-boot hooks!"
+        exit 1
+    fi
 fi
 
 echo "   [container] Configuring installer environment..."