The UEFI image is encrypted after it's generated. This is done by mounting it as a loopback (via losetup and dmsetup) and using cryptsetup reencrypt. This requires access to /dev and some kernel modules. All in, it requires sudo access to the host machine.
That isn't great, and kind of goes against best practices for yocto/bitbake and/or running docker containers.
Try and determine if this is really necessary, and do it better if able.
The UEFI image is encrypted after it's generated. This is done by mounting it as a loopback (via
losetupanddmsetup) and usingcryptsetup reencrypt. This requires access to/devand some kernel modules. All in, it requiressudoaccess to the host machine.That isn't great, and kind of goes against best practices for yocto/bitbake and/or running docker containers.
Try and determine if this is really necessary, and do it better if able.