On Tue, 2023-06-13 at 10:55 -0700, jbarnesweb via lists.yoctoproject.org wrote:
> I'm trying to understand why I get an Operation not permitted error (errno
> EPERM) with a fakeroot function that calls setfattr.
> Using yocto packages pseudo-native/attr-native
>
> In my recipe, this function is called
>
> fakeroot label_sign_verity() {
> ...
> ls -l ${FITIMAGE_PATH} >>${WORKDIR}/socosupdate_sign_and_package.txt
> #prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35
> tmp/deploy/images/fitImage-initramfs-nested-rootfs-overlake-overlake
> #1000 is the $USER uid
>
> ${DUMPIMAGE} -T flat_dt -p 0 -o ${SOCOS_IMAGEDIR}/Image ${FITIMAGE_PATH}
>
> ...
>
> echo $(ls -l ${SOCOS_IMAGEDIR}/Image)
> >>${WORKDIR}/socosupdate_sign_and_package.txt
> #prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35 tmp/deploy/images/Image
>
> echo PSEUDO_PREFIX=${PSEUDO_PREFIX}
> PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} ${FAKEROOTCMD} ${SETFATTR} -n
> security.ima -v ${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${IMAGE_SIG}
> ${SOCOS_IMAGEDIR}/Image >>${WORKDIR}/socosupdate_sign_and_package.txt
>
> #prints
> PSEUDO_PREFIX=/datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr
>
> PSEUDO_LOCALSTATEDIR=/datadisk/LSG/main/LSG-linux-yocto/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/pseudo/
>
> /datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr/bin/pseudo
>
> /datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/attr-native/usr/bin/setfattr
> -n security.ima -v
> 03020462ff80020100077DC6A2B32D1313FE072B1A44C10CC94C5FDE507A1B8A16ED5836E49A95EB4C1AC53D7A2E2D5E74F2C972B033F83FD405A5AD68DF6B8954EBB8803AF7A774D4573283A1AA0694B38379E8BF94E0B4378EF865E6606BB3E9534A0B916813F6C64DE53AB2B1B7CE579B54ADBA702BA7CF3F60B17769318642804950EADB2E6417F24FFA88F8684B5F319D9731AC07B9B3BD82A52BFDFAD4D6212C5E5D9BA3F4249385F3DC67E21DEA99B00FDECE224B99142FCB81840D93A6AE007F799484B70B1399A674378C4001D03F7529A69F851E642374118E53AC24F1E8849ECD1BC69E75A120E5408E3B73C26D47C658DEA3A3BC1EF7B7738AB75B94B3B6DC06155EEF
> /datadisk/LSG/main/LSG-linux-y
> octo/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/deploy-socosupdate/socosupdate1908//squashfs-root/opt/msft/ap/app/SocOsUpdate/images/Image
> #If I run the above in the same shell that I ran bitbake, it succeeds.
>
> ${SETFATTR} -n security.ima -v
> ${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${INITRD_SIG}
> ${SOCOS_IMAGEDIR}/Image
> # above fails with Operation not permitted, with or without fakeroot
> decoration in function signature.
>
> I've also tried running the command with the pseudo preamble directly
> inside the recipe with and without the fakeroot decoration in the
> function signature. Fails the same way. When I echo $(whoami), it
> says root when fakeroot is used and $USER when not.
fakeroot context is a task level operation, not a function specific
one. Have you tried running the task calling this function under
fakeroot?
Cheers,
Richard
-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#60282): https://lists.yoctoproject.org/g/yocto/message/60282
Mute This Topic: https://lists.yoctoproject.org/mt/99511297/21656
Mute #yocto:https://lists.yoctoproject.org/g/yocto/mutehashtag/yocto
Mute #fakeroot:https://lists.yoctoproject.org/g/yocto/mutehashtag/fakeroot
Mute
#pseudo-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/pseudo-native
Mute #xattr:https://lists.yoctoproject.org/g/yocto/mutehashtag/xattr
Mute #attr-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/attr-native
Group Owner: yocto+ow...@lists.yoctoproject.org
Unsubscribe:
https://lists.yoctoproject.org/g/yocto/leave/6691583/21656/737036229/xyzzy
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
