build icon indicating copy to clipboard operation
build copied to clipboard
verified publisher icon armbian

[Bug]: sudo execution failed during customize-image.sh execution

Open Lebensgefahr opened this issue 1 month ago • 1 comments

What happened?

This is not actually a bug and can be closed, but I hope it will save other users time.

I am building an Armbian image for my printer. customize-image.sh is used to install Klipper and other related software using KIAUH. I encountered the following error: sudo: effective uid is not 0, is /usr/bin/sudo on a file system with the 'nosuid' option set or an NFS file system without root privileges?

This happened while running: printf '1\n1\n1\nn\n2\nY\n4\nY\n80\nB\nQ\n' | sudo -u mks ./kiauh.sh

mks is an unprivileged user with passwordless sudo. KIAUH attempts to install packages and complete command can look like this: sudo -u mks sudo SOMETHING

The previous build succeeded on September 6, 2025. I remember that missing qemu-user-static package caused build failures. I did not change anything in customize-image.sh, but the build started failing. After investigating, I discovered that the C flag was missing in the binfmt_misc entry for qemu-aarch64:

cat /proc/sys/fs/binfmt_misc/qemu-aarch64 
enabled
interpreter /usr/libexec/qemu-binfmt/aarch64-binfmt-P
flags: PF
offset 0
magic 7f454c460201010000000000000000000200b700
mask ffffffffffffff00fffffffffffffffffeffffff

As described here: https://en.wikipedia.org/wiki/Binfmt_misc The fix is:

sudo bash -c 'echo -1 > /proc/sys/fs/binfmt_misc/qemu-aarch64'
sudo bash -c 'echo ":qemu-aarch64:M::\x7f\x45\x4c\x46\x02\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\xb7\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/libexec/qemu-binfmt/aarch64-binfmt-P:CFP" > /proc/sys/fs/binfmt_misc/register'

After that:

cat /proc/sys/fs/binfmt_misc/qemu-aarch64 
enabled
interpreter /usr/libexec/qemu-binfmt/aarch64-binfmt-P
flags: POCF
offset 0
magic 7f454c460201010000000000000000000200b700
mask ffffffffffffff00fffffffffffffffffeffffff

How to reproduce?

Create an unprivileged user inside custimize-image.sh with sudoers.d file and run:

sudo -u UNPRIVILIGED_USER_WITH_SUDO sudo

Branch

main (main development branch)

On which host OS are you running the build script and observing this problem?

Ubuntu 24.04 Noble

Are you building on Windows WSL2?

  • [ ] Yes, my Ubuntu/Debian/OtherOS is running on WSL2

Relevant log URL

No response

Code of Conduct

  • [x] I agree to follow this project's Code of Conduct

Lebensgefahr avatar Nov 24 '25 11:11 Lebensgefahr

Jira ticket: AR-2786

github-actions[bot] avatar Nov 24 '25 11:11 github-actions[bot]