I'm trying to understand why I get an Operation not permitted error (errno
EPERM) with a fakeroot function that calls setfattr.
Using yocto packages pseudo-native/attr-native
In my recipe, this function is called
fakeroot label_sign_verity() {
...
ls -l ${FITIMAGE_PATH} >>${WORKDIR}/socosupdate_sign_and_package.txt
#prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35
tmp/deploy/images/fitImage-initramfs-nested-rootfs-overlake-overlake
#1000 is the $USER uid
${DUMPIMAGE} -T flat_dt -p 0 -o ${SOCOS_IMAGEDIR}/Image ${FITIMAGE_PATH}
...
echo $(ls -l ${SOCOS_IMAGEDIR}/Image)
>>${WORKDIR}/socosupdate_sign_and_package.txt
#prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35 tmp/deploy/images/Image
echo PSEUDO_PREFIX=${PSEUDO_PREFIX}
PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} ${FAKEROOTCMD} ${SETFATTR} -n
security.ima -v ${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${IMAGE_SIG}
${SOCOS_IMAGEDIR}/Image >>${WORKDIR}/socosupdate_sign_and_package.txt
#prints
PSEUDO_PREFIX=/datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr
PSEUDO_LOCALSTATEDIR=/datadisk/LSG/main/LSG-linux-yocto/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/pseudo/
/datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr/bin/pseudo
/datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/attr-native/usr/bin/setfattr
-n security.ima -v
03020462ff80020100077DC6A2B32D1313FE072B1A44C10CC94C5FDE507A1B8A16ED5836E49A95EB4C1AC53D7A2E2D5E74F2C972B033F83FD405A5AD68DF6B8954EBB8803AF7A774D4573283A1AA0694B38379E8BF94E0B4378EF865E6606BB3E9534A0B916813F6C64DE53AB2B1B7CE579B54ADBA702BA7CF3F60B17769318642804950EADB2E6417F24FFA88F8684B5F319D9731AC07B9B3BD82A52BFDFAD4D6212C5E5D9BA3F4249385F3DC67E21DEA99B00FDECE224B99142FCB81840D93A6AE007F799484B70B1399A674378C4001D03F7529A69F851E642374118E53AC24F1E8849ECD1BC69E75A120E5408E3B73C26D47C658DEA3A3BC1EF7B7738AB75B94B3B6DC06155EEF
/datadisk/LSG/main/LSG-linux-y
octo/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/deploy-socosupdate/socosupdate1908//squashfs-root/opt/msft/ap/app/SocOsUpdate/images/Image
#If I run the above in the same shell that I ran bitbake, it succeeds.
${SETFATTR} -n security.ima -v
${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${INITRD_SIG}
${SOCOS_IMAGEDIR}/Image
# above fails with Operation not permitted, with or without fakeroot decoration
in function signature.
I've also tried running the command with the pseudo preamble directly inside
the recipe with and without the fakeroot decoration in the function signature.
Fails the same way. When I echo $(whoami), it says root when fakeroot is used
and $USER when not.
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60273): https://lists.yoctoproject.org/g/yocto/message/60273
Mute This Topic: https://lists.yoctoproject.org/mt/99511297/21656
Mute #yocto:https://lists.yoctoproject.org/g/yocto/mutehashtag/yocto
Mute #fakeroot:https://lists.yoctoproject.org/g/yocto/mutehashtag/fakeroot
Mute
#pseudo-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/pseudo-native
Mute #xattr:https://lists.yoctoproject.org/g/yocto/mutehashtag/xattr
Mute #attr-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/attr-native
Group Owner: [email protected]
Unsubscribe: https://lists.yoctoproject.org/g/yocto/unsub
[[email protected]]
-=-=-=-=-=-=-=-=-=-=-=-
