背景:在使用ubuntu24.04构建yocto工程时出现错误:
Initialising tasks: 100% |###############################################################################################################################################| Time: 0:00:05
Sstate summary: Wanted 3246 Local 0 Mirrors 0 Missed 3246 Current 0 (0% match, 0% complete)
NOTE: Executing Tasks
ERROR: PermissionError: [Errno 1] Operation not permitted
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/bitbake/bin/bitbake-worker", line 275, in child
bb.utils.disable_network(uid, gid)
File "/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/bitbake/lib/bb/utils.py", line 1693, in disable_network
with open("/proc/self/uid_map", "w") as f:
PermissionError: [Errno 1] Operation not permitted
ERROR: Task (/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/meta/recipes-devtools/gcc/gcc-source_12.3.bb:do_rm_work) failed with exit code '1'
ERROR: PermissionError: [Errno 1] Operation not permitted
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/bitbake/bin/bitbake-worker", line 275, in child
bb.utils.disable_network(uid, gid)
File "/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/bitbake/lib/bb/utils.py", line 1693, in disable_network
with open("/proc/self/uid_map", "w") as f:
PermissionError: [Errno 1] Operation not permitted
ERROR: Task (/home/richard/mount/home/richard/work/display/stm32157_vga/layers/meta-st/meta-st-stm32mp/recipes-kernel/linux/linux-stm32mp_6.1.bb:do_rm_work) failed with exit code '1'
NOTE: Tasks Summary: Attempted 13 tasks of which 0 didn't need to be rerun and 2 failed.
NOTE: Writing buildhistory
NOTE: Writing buildhistory took: 2 seconds
Summary: 2 tasks failed:
/home/richard/mount/home/richard/work/display/stm32157_vga/layers/openembedded-core/meta/recipes-devtools/gcc/gcc-source_12.3.bb:do_rm_work
/home/richard/mount/home/richard/work/display/stm32157_vga/layers/meta-st/meta-st-stm32mp/recipes-kernel/linux/linux-stm32mp_6.1.bb:do_rm_work
Summary: There was 1 WARNING message.
Summary: There were 2 ERROR messages, returning a non-zero exit code.
This issue seems to be caused by App Armor's profile "unprivileged_userns".
dmesg has the following report.
-----
[ 2229.188009] audit: type=1400 audit(1714466038.573:555): apparmor="DENIED" operation="capable" class="cap" profile="unprivileged_userns" pid=20223 comm="texinfo-dummy-n" capability=21 capname="sys_admin"
-----
And can be temporally resolved by unloading the profile.
-----
$ sudo apparmor_parser -R /etc/apparmor.d/unprivileged_userns
-----
解决方法:
$ sudo apparmor_parser -R /etc/apparmor.d/unprivileged_userns
参考资料:
Bug #2056555 “Allow bitbake to create user namespace” : Bugs : apparmor package : Ubuntu