On Tue, 2023-06-13 at 10:55 -0700, jbarnesweb via lists.yoctoproject.org wrote: > I'm trying to understand why I get an Operation not permitted error (errno > EPERM) with a fakeroot function that calls setfattr. > Using yocto packages pseudo-native/attr-native > > In my recipe, this function is called > > fakeroot label_sign_verity() { > ... > ls -l ${FITIMAGE_PATH} >>${WORKDIR}/socosupdate_sign_and_package.txt > #prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35 > tmp/deploy/images/fitImage-initramfs-nested-rootfs-overlake-overlake > #1000 is the $USER uid > > ${DUMPIMAGE} -T flat_dt -p 0 -o ${SOCOS_IMAGEDIR}/Image ${FITIMAGE_PATH} > > ... > > echo $(ls -l ${SOCOS_IMAGEDIR}/Image) > >>${WORKDIR}/socosupdate_sign_and_package.txt > #prints -rw-r--r-- 2 1000 1000 55097242 Jun 12 20:35 tmp/deploy/images/Image > > echo PSEUDO_PREFIX=${PSEUDO_PREFIX} > PSEUDO_LOCALSTATEDIR=${PSEUDO_LOCALSTATEDIR} ${FAKEROOTCMD} ${SETFATTR} -n > security.ima -v ${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${IMAGE_SIG} > ${SOCOS_IMAGEDIR}/Image >>${WORKDIR}/socosupdate_sign_and_package.txt > > #prints > PSEUDO_PREFIX=/datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr > > PSEUDO_LOCALSTATEDIR=/datadisk/LSG/main/LSG-linux-yocto/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/pseudo/ > > /datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/pseudo-native/usr/bin/pseudo > > /datadisk/LSG/main/LSG-linux-yocto/tmp/sysroots-components/x86_64/attr-native/usr/bin/setfattr > -n security.ima -v > 03020462ff80020100077DC6A2B32D1313FE072B1A44C10CC94C5FDE507A1B8A16ED5836E49A95EB4C1AC53D7A2E2D5E74F2C972B033F83FD405A5AD68DF6B8954EBB8803AF7A774D4573283A1AA0694B38379E8BF94E0B4378EF865E6606BB3E9534A0B916813F6C64DE53AB2B1B7CE579B54ADBA702BA7CF3F60B17769318642804950EADB2E6417F24FFA88F8684B5F319D9731AC07B9B3BD82A52BFDFAD4D6212C5E5D9BA3F4249385F3DC67E21DEA99B00FDECE224B99142FCB81840D93A6AE007F799484B70B1399A674378C4001D03F7529A69F851E642374118E53AC24F1E8849ECD1BC69E75A120E5408E3B73C26D47C658DEA3A3BC1EF7B7738AB75B94B3B6DC06155EEF > /datadisk/LSG/main/LSG-linux-y > octo/tmp/work/aarch64-msft-linux/socosupdate/1.0-r0/deploy-socosupdate/socosupdate1908//squashfs-root/opt/msft/ap/app/SocOsUpdate/images/Image > #If I run the above in the same shell that I ran bitbake, it succeeds. > > ${SETFATTR} -n security.ima -v > ${IMA_HEADER}${HASH_ALGO}${KEY_ID}${SIG_LENGTH}${INITRD_SIG} > ${SOCOS_IMAGEDIR}/Image > # above fails with Operation not permitted, with or without fakeroot > decoration in function signature. > > I've also tried running the command with the pseudo preamble directly > inside the recipe with and without the fakeroot decoration in the > function signature. Fails the same way. When I echo $(whoami), it > says root when fakeroot is used and $USER when not.
fakeroot context is a task level operation, not a function specific one. Have you tried running the task calling this function under fakeroot? Cheers, Richard
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#60282): https://lists.yoctoproject.org/g/yocto/message/60282 Mute This Topic: https://lists.yoctoproject.org/mt/99511297/21656 Mute #yocto:https://lists.yoctoproject.org/g/yocto/mutehashtag/yocto Mute #fakeroot:https://lists.yoctoproject.org/g/yocto/mutehashtag/fakeroot Mute #pseudo-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/pseudo-native Mute #xattr:https://lists.yoctoproject.org/g/yocto/mutehashtag/xattr Mute #attr-native:https://lists.yoctoproject.org/g/yocto/mutehashtag/attr-native Group Owner: yocto+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/yocto/leave/6691583/21656/737036229/xyzzy [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-