Closed thedrow closed 6 years ago
lucaswerkmeister
commented
6 years ago The manpage says that this happens if happens if the caller doesn’t have CAP_MKNOD (can you check with setpriv -d that it’s not been removed from your capability bounding set or something?) or if the filesystem doesn’t support the requested node type (not sure how to check that, mkosi probably creates its own filesystems?).
thedrow
commented
6 years ago The output of setpriv -d is:
uid: 1000
euid: 1000
gid: 1000
egid: 1000
Supplementary groups: 4,24,27,30,46,121,131,136,999,1000,1002
no_new_privs: 0
Inheritable capabilities: [none]
Ambient capabilities: [none]
Capability bounding set: chown,dac_override,dac_read_search,fowner,fsetid,kill,setgid,setuid,setpcap,linux_immutable,net_bind_service,net_broadcast,net_admin,net_raw,ipc_lock,ipc_owner,sys_module,sys_rawio,sys_chroot,sys_ptrace,sys_psacct,sys_admin,sys_boot,sys_nice,sys_resource,sys_time,sys_tty_config,mknod,lease,audit_write,audit_control,setfcap,mac_override,mac_admin,syslog,wake_alarm,block_suspend,audit_read
Securebits: [none]
AppArmor profile: unconfinedYou'll notice that mknod is listed. I'm using ext4 for the image I'm building so I don't see why I'd get this error.
poettering
commented
6 years ago we use the "devices" cgroup logic to prohibit access to creating arbitrary device nodes. quite frankly, dracut shouldn't create them in the first place, the kernel does that automatically anyway through devtmpfs...
THis issue is ultimately cosmetic I guess and safe to ignore
poettering
commented
6 years ago Anyway, let's close this here, I am pretty sure dracut should not create these device nodes anymore
I'm getting the following errors:
While trying to build a Debian rootfs in Ubuntu 18.04. Naturally, I am root since this is required to run the executable. I'm not sure why I'm getting this error.