When allocating an instance id we create a unique directory
in $XDG_RUN_DIR/.flatpak/$id and create a .ref file in it which
we then read-lock (with F_SETLK). This lock is also taken by
the bwrap pid 1, so it will be taken for as long as the
app lives.
To clean up old is we remove any directories where we can successfully
write-lock the .ref file. As long as the sandbox lives this should
make it safe against removal.
However, there is a tiny race in the sandbox setup between the inital
O_CREAT of the .ref file and the F_SETLK fcntl. A GC at this point
may find the .ref file existing but not locked and then remove the
directory.
We work around this by only trying to lock .ref files that are more
than 3 seconds old.
5754208b19