This User Guide on image building
https://openwrt.org/docs/guide-user/additional-software/imagebuilder#custom_packages
expressly states,
All operations should be performed with a non-root user account.
However some of the config files I want to include in this commeand,
make image PROFILE=[router-model] PACKAGES="luci" FILES=files/
are root-owned. (Maybe all of them as they originate in the /etc/config
directory of the router.)
Will the command, run as non-root, be able to handle root-owned files? (If a file is root-owned in the router, its copy in my Ubuntu also ends up root-owned; because I use sudo rsync
or sudo cp -aR
and otherwise take care that my handling of the file does not change its ownership etc.)
I notice that other commands, e.g. cp
and tar
, when they come to root-owned files, fail unless they are run with sudo
.
ADDENDA
Sorry, I realize that whether a command run as non-root could manipulate a file is not just a matter of ownership, but also permissions. So the question, better stated, may be whether image make
run as non-root would have no trouble with files originating in the router's etc/config
with their restrictive ownership and permissions.
Here might be a relevant bit from this User Guide
https://openwrt.org/docs/guide-user/additional-software/imagebuilder#custom_packages
Namely:
Examples
The following example shows:
- Creating the directory for the configuration files.
- Using
scp
to transferuci
configuration files from a WL500GP router to thefiles/etc/config
directory.- Generating an image for WL500GP with custom packages and
uci
configuration files.
mkdir -p files/etc/config
scp root@192.168.1.1:/etc/config/network files/etc/config/
scp root@192.168.1.1:/etc/config/wireless files/etc/config/
scp root@192.168.1.1:/etc/config/firewall files/etc/config/
make image PROFILE=wl500gp PACKAGES="nano openvpn -ppp -ppp-mod-pppoe" FILES=files/
I believe the result of scp
as above is that when the files reach the destination, their owner will have become the non-root user by whom scp
was run.
So maybe, the ownership of files for inclusion in image building should be non-root before the operation (as vgaetera had already told us in a comment before I began writing these addenda). Only there may be no need for any scripting vgaetera mentions if I am reading the User Guide's Example right. What a relief it would be not to have write a script!
N.b. Background to the comment I accept as solution is that the config files included in image building were set to non-root ownership (as above); which (per Solution) the the image building process reverts to root ownership.