I am working with a I-PI SMARC RB5 board that I have recently flashed with the latest versions:
- LEC-RB5-8G-4K-UBUNTU_20_04-HLOS_2v1.0.2_23_08_07
- LEC-RB5-8G-FHD-UBUNTU_20_04-HLOS_2v1.0.2_23_08_07
- LEC-RB5-8G-UBUNTU_20_04-NON-HLOS_2V1.0.2_23_08_07
Every version gives the same result. After flashing, I attempted to update the system using apt update and apt upgrade, but I am encountering permission errors that prevent these operations from completing.
When running apt update or apt upgrade as the root user, I receive errors indicating that certain operations are “Operation not permitted”. Additionally, when I try to use chown to change file ownership—even as root—I get the same “Operation not permitted” error.
For example:
root@qrb5165-rb5:/# touch /tmp/testfile
root@qrb5165-rb5:/# ls -l /tmp/testfile
-rw-r--r-- 1 root root 0 Nov 21 16:05 /tmp/testfile
root@qrb5165-rb5:/# chown _apt:root /tmp/testfile
chown: changing ownership of '/tmp/testfile': Operation not permittedThis suggests that the root user lacks certain capabilities required to perform typical administrative tasks.
What I’ve Tried:
1.Filesystem Checks:
•Verified that the root filesystem is mounted with read-write permissions:
root@qrb5165-rb5:/# mount | grep ' / '
/dev/sda8 on / type ext4 (rw,relatime)
2.Capabilities Check:
Used capsh --print to check the capabilities of the root user:
root@qrb5165-rb5:/# capsh --print
Current: = cap_setgid,cap_setuid+ep
Bounding set =cap_setgid,cap_setuid
3. Namespace and Container Checks:
Attempted to read /proc/1/environ but received a “Permission denied” error.
•Listed namespaces:
root@qrb5165-rb5:/# ls -l /proc/$$/ns
lrwxrwxrwx 1 root root 0 Nov 21 16:23 ipc -> 'ipc:[4026531839]'
lrwxrwxrwx 1 root root 0 Nov 21 16:23 mnt -> 'mnt:[4026531840]'
...•This suggests that processes might be running in isolated namespaces or containers.
5.OverlayFS Usage:
•Observed that several directories are mounted using OverlayFS:
root@qrb5165-rb5:/# mount | grep overlay
overlay on /etc type overlay (...)
overlay on /cache type overlay (...)
overlay on /data type overlay (...)
overlay on /usr/share type overlay (...)Request for Assistance:
I suspect that the root user on this device has intentionally limited capabilities, possibly due to system security configurations or the use of containerization technologies. As a result, I am unable to perform essential administrative tasks like system updates or changing file ownership.
Could you please provide guidance on the following:
1.Is there an official method to obtain full root capabilities on the QRB5165-RB5 board?
2.What is the recommended procedure to perform system updates (apt update and apt upgrade) on this device?
3.Are the limitations on root capabilities intentional for security reasons, and if so, is there a developer mode or another supported way to enable full administrative access for development purposes?
PS: i tried with the user adlink as well, same issues and it is not able to "sudo"
