使用yocto的Linux功能

pkg_postinst脚本在构建只读rootfs时已经得到执行，所以这种方法起作用。但是，必须确保在构建主机中可以使用脚本中调用的命令，否则脚本的执行将失败，并且会延迟到设备上的第一次引导。如何确保setcap命令可用取决于Yocto版本，这将在Yocto 2.3中更改。下面是一个完整的示例配方：

LICENSE = "MIT" 

do_install() { 
    install -d ${D}/${bindir} 
    touch ${D}/${bindir}/foobar 
} 

pkg_postinst_${PN}() { 
    setcap cap_chown+e "$D/${bindir}/foobar" 
} 
# Dependency when installing on the target. 
RDEPENDS_${PN} = "libcap" 
# Dependency for rootfs construction, Yocto > 2.3. 
PACKAGE_WRITE_DEPS = "libcap-native" 
# Dependency for rootfs construction, Yocto <= 2.3 (untested). 
# Enabling this makes builds slightly less efficient with 
# Yocto > 2.3 because it implies that libcap-native is 
# needed for building this recipe, which isn't the case. 
# DEPENDS += "libcap-native" 

小心保存xattrs。默认的.tar图像格式将会丢弃它们。从https://github.com/01org/meta-intel-iot-security/blob/master/meta-security-framework/classes/xattr-images.bbclass顶部：

# xattr support is expected to be compiled into mtd-utils. We just need to 
# use it. 
EXTRA_IMAGECMD_jffs2_append = " --with-xattr" 

# By default, OE-core uses tar from the host, which may or may not have the 
# --xattrs parameter which was introduced in 1.27. For image building we 
# use a recent enough tar instead. 
# 
# The GNU documentation does not specify whether --xattrs-include is necessary. 
# In practice, it turned out to be not needed when creating archives and 
# required when extracting, but it seems prudent to use it in both cases. 
IMAGE_DEPENDS_tar_append = " tar-replacement-native" 
EXTRANATIVEPATH += "tar-native" 
IMAGE_CMD_TAR = "tar --xattrs --xattrs-include=*" 

要把它放到你的形象的食谱，如果它很重要。

最后，我通过将mtd-utils更新为mtd-utils-2.0.0（mkfs.ubifs支持扩展属性）来解决该问题。

此外，我现在使用IMAGE_PREPROCESS_COMMAND直接在处理图像之前设置功能。