Some tasks are easier to implement when allowed to perform certain
operations that are normally reserved for the root user (e.g.
do_install
,
do_package_write*
,
do_rootfs
,
and
do_image*
).
For example, the do_install
task benefits
from being able to set the UID and GID of installed files to
arbitrary values.
One approach to allowing tasks to perform root-only operations would be to require BitBake to run as root. However, this method is cumbersome and has security issues. The approach that is actually used is to run tasks that benefit from root privileges in a "fake" root environment. Within this environment, the task and its child processes believe that they are running as the root user, and see an internally consistent view of the filesystem. As long as generating the final output (e.g. a package or an image) does not require root privileges, the fact that some earlier steps ran in a fake root environment does not cause problems.
The capability to run tasks in a fake root environment is known as "fakeroot", which is derived from the BitBake keyword/variable flag that requests a fake root environment for a task.
In the OpenEmbedded build system, the program that implements
fakeroot is known as Pseudo.
Pseudo overrides system calls by using the environment variable
LD_PRELOAD
, which results in the illusion
of running as root.
To keep track of "fake" file ownership and permissions resulting
from operations that require root permissions, Pseudo uses
an SQLite 3 database.
This database is stored in
${
WORKDIR
}/pseudo/files.db
for individual recipes.
Storing the database in a file as opposed to in memory
gives persistence between tasks and builds, which is not
accomplished using fakeroot.
virtual/fakeroot-native:do_populate_sysroot
,
giving the following:
fakeroot do_mytask () { ... } do_mytask[depends] += "virtual/fakeroot-native:do_populate_sysroot"
For more information, see the
FAKEROOT*
variables in the BitBake User Manual.
You can also reference the
"Pseudo"
and
"Why Not Fakeroot?"
articles for background information on Pseudo.