Some tasks are easier to implement when allowed to perform certain operations that are normally reserved for the root user (e.g. do_install, do_package_write*, do_rootfs, and do_image*). For example, the do_install task benefits from being able to set the UID and GID of installed files to arbitrary values.

One approach to allowing tasks to perform root-only operations would be to require BitBake to run as root. However, this method is cumbersome and has security issues. The approach that is actually used is to run tasks that benefit from root privileges in a "fake" root environment. Within this environment, the task and its child processes believe that they are running as the root user, and see an internally consistent view of the filesystem. As long as generating the final output (e.g. a package or an image) does not require root privileges, the fact that some earlier steps ran in a fake root environment does not cause problems.

The capability to run tasks in a fake root environment is known as "fakeroot", which is derived from the BitBake keyword/variable flag that requests a fake root environment for a task.

In the OpenEmbedded build system, the program that implements fakeroot is known as Pseudo. Pseudo overrides system calls by using the environment variable LD_PRELOAD, which results in the illusion of running as root. To keep track of "fake" file ownership and permissions resulting from operations that require root permissions, Pseudo uses an SQLite 3 database. This database is stored in ${WORKDIR}/pseudo/files.db for individual recipes. Storing the database in a file as opposed to in memory gives persistence between tasks and builds, which is not accomplished using fakeroot.

       fakeroot do_mytask () {
           ...
       }
       do_mytask[depends] += "virtual/fakeroot-native:do_populate_sysroot"
                

For more information, see the FAKEROOT* variables in the BitBake User Manual. You can also reference the "Pseudo" and "Why Not Fakeroot?" articles for background information on Pseudo.