The UEFI image is encrypted after it's generated. This is done by mounting it as a loopback (via losetup and dmsetup) and using cryptsetup reencrypt. This requires access to /dev and some kernel modules. All in, it requires sudo access to the host machine.
That isn't great, and kind of goes against best practices for yocto/bitbake and/or running docker containers.
Try and determine if this is really necessary, and do it better if able.
The UEFI image is encrypted after it's generated. This is done by mounting it as a loopback (via
losetup
anddmsetup
) and usingcryptsetup reencrypt
. This requires access to/dev
and some kernel modules. All in, it requiressudo
access to the host machine.That isn't great, and kind of goes against best practices for yocto/bitbake and/or running docker containers.
Try and determine if this is really necessary, and do it better if able.