No Sudo Rights on BBB Client Using NFS Server

Hi there.

I have a BBB that successfully boots from my Ubuntu desktop running the NFS service. The problem is I can, while in the BBB via SSH, kick around a little bit. I can create files and run Python3 scripts - which is all I really need. The problem is I can’t use any privileged commands, because sudo won’t work . I want to embedded this BBB into a box, and I don’t want to open it up every time to reboot it if I place a new kernel or different rootfs on the easily accessible desktop.

I was wondering if there is a way to have the rootfs be temporally owned by the BBB so that I can use “sudo reboot” to have the new kernel booted, or if there is another way to reboot the BBB to use the new kernel/rootfs on the desktop?

Kind regards,
Jack

Hi @Jack_Nightengale, this smells like you are missing “no_root_squash” in your nfs configuration.

Please confirm your NFS settings from /etc/exports…

Regards,

My exports file is configured as follow:

/var/rootfs 192.168.1.0/24(rw,sync,no_root_squash,no_subtree_check,anonuid=1000,anongid=1000)

My hope was that when I added the anonuid=1000 and anongid=1000 I would map the BBB Debian id to my main user on the desktop (id=1000).

Kind regards,
Jack

I think it’s also worth mentioning that I don’t have root on the BBB and that the rootfs is owned by root in the desktop.

Hi @Jack_Nightengale,

The default user was set to 1000, so you shouldn’t need to change anonuid/anongid. When i test NFS, I just use:

/opt/buster/ *(rw,sync,no_subtree_check,no_root_squash)

Correct, root on ubuntu is disabled… (it’s an ubuntu thing…)

Regards,

@RobertCNelson, I’ll quickly check if I place the rootfs under the opt directory, and edit the nfs configuartion if anything changes.

@Jack_Nightengale i wouldn’t worry about the directory, but i’d rip out those anonuid=1000,anongid=1000 settings and try again…

Regards,

@RobertCNelson I still can’t use sudo. Here is the output:

Debian GNU/Linux 10 beaglebone ttyS0

BeagleBoard.org Debian Image 2020-01-16

Support/FAQ: http://elinux.org/Beagleboard:BeagleBoneBlack_Debian

default username:password is [debian:temppwd]

beaglebone login: [   26.398418] usb0: HOST MAC 78:04:73:7e:8c:75
[   26.422046] usb0: MAC 78:04:73:7e:8c:76
[   26.445462] usb1: HOST MAC 78:04:73:7e:8c:78
[   26.466279] usb1: MAC 78:04:73:7e:8c:79
[   26.877060] configfs-gadget gadget: high-speed config #1: c
[   28.179848] IPv6: ADDRCONF(NETDEV_UP): usb1: link is not ready
debian
Password:
Last login: Thu Feb 14 10:12:32 UTC 2019 on ttyS0

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
debian@beaglebone:~$ ls
bin  p.py
debian@beaglebone:~$ python3 p.py
osefnejfneofe
debian@beaglebone:~$ sudo reboot
sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set
debian@beaglebone:~$

I also used “sudo exportfs -a” on the desktop before manually power the BBB on again.

Kind regards,
Jack

@Jack_Nightengale, i just retested my directions… I’m not sure what’s blocking “sudo” on your system, it might be how you copied the file system from the Beagle…

Server: 192.168.1.80
Beagle: 192.168.1.177

Server: Install NFS:

sudo apt install nfs-kernel-server
sudo nano /etc/exports
/opt/buster/ *(rw,sync,no_subtree_check,no_root_squash)
sudo exportfs -a

Beagle; Install NFS, and copy files over…

debian@beaglebone:~$ cat /etc/dogtag
BeagleBoard.org Debian Stretch IoT Image 2020-04-06

debian@beaglebone:~$ sudo apt install nfs-common

debian@beaglebone:~$ sudo mkdir /tmp/rootfs/
debian@beaglebone:~$ sudo mount -t nfs -o rw,nfsvers=3,rsize=8192,wsize=8192 192.168.1.80:/opt/buster/ /tmp/rootfs/

debian@beaglebone:~$ mount | grep nfs
192.168.1.80:/opt/buster/ on /tmp/rootfs type nfs (rw,relatime,vers=3,rsize=8192,wsize=8192,namlen=255,hard,proto=tcp,timeo=600,retrans=2,sec=sys,mountaddr=192.168.1.80,mountvers=3,mountport=41366,mountproto=udp,local_lock=none,addr=192.168.1.80)

debian@beaglebone:~$ cd /opt/scripts/tools/developers/
debian@beaglebone:/opt/scripts/tools/developers$ ./nfs-rsync.sh

NFS Settings for my setup:

#uname_r=4.14.108-ti-r131
client_ip=192.168.1.177
server_ip=192.168.1.80
gw_ip=192.168.1.1
root_dir=/opt/buster

Server: install tftpd-hpa, so we can use uname_r nfs boot…

sudo apt install tftpd-hpa

cat /etc/default/tftpd-hpa 
# /etc/default/tftpd-hpa

TFTP_USERNAME="tftp"
TFTP_DIRECTORY="/opt/buster/boot"
TFTP_ADDRESS="0.0.0.0:69"
TFTP_OPTIONS="--secure"

sudo /etc/init.d/tftpd-hpa restart

Beagle: Copy /nfs-uEnv.txt as /uEnv.txt and edit:

##client_ip needs to be set for u-boot to try booting via nfs

client_ip=192.168.1.177

#u-boot defaults: uncomment and override where needed

server_ip=192.168.1.80
gw_ip=192.168.1.1
#netmask=255.255.255.0
#hostname=
#device=eth0
#autoconf=off
root_dir=/opt/buster
#nfs_options=,vers=3
#nfsrootfstype=ext4 rootwait fixrtc

##use uname_r= only if TFTP SERVER is setup for uname_r boot:
uname_r=4.14.108-ti-r131

Verify Beagle is loading from tftp:

Loaded environment from /uEnv.txt
Importing environment from mmc ...
Checking if uenvcmd is set ...
Checking if client_ip is set ...
gpio: pin 56 (gpio 56) value is 1
Running nfsboot_uname_r ...
Booting from 192.168.1.80 ...
cpsw Waiting for PHY auto negotiation to complete.. done
link up on port 0, speed 100, full duplex
Using cpsw device
TFTP from server 192.168.1.80; our IP address is 192.168.1.177
Filename 'vmlinuz-4.14.108-ti-r131'.
Load address: 0x82000000
Loading: #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 #################################################################
	 ########
	 1.4 MiB/s
done
Bytes transferred = 9654768 (9351f0 hex)
link up on port 0, speed 100, full duplex
Using cpsw device
TFTP from server 192.168.1.80; our IP address is 192.168.1.177
Filename 'dtbs/4.14.108-ti-r131/am335x-boneblack.dtb'.
Load address: 0x88000000
Loading: #####
	 5.2 MiB/s
done
Bytes transferred = 60180 (eb14 hex)
## Flattened Device Tree blob at 88000000
   Booting using the fdt blob at 0x88000000
   Loading Device Tree to 8ffee000, end 8ffffb13 ... OK

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 4.14.108-ti-r131 (voodoo@x2-am57xx-beagle-x15-2gb) (gcc version 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)) #1stretch SMP PREEMPT Tue Mar 24 19:18:37 UTC 2020
[    0.000000] CPU: ARMv7 Processor [413fc082] revision 2 (ARMv7), cr=10c5387d
[    0.000000] CPU: PIPT / VIPT nonaliasing data cache, VIPT aliasing instruction cache
[    0.000000] OF: fdt: Machine model: TI AM335x BeagleBone Black
[    0.000000] Memory policy: Data cache writeback
[    0.000000] cma: Reserved 48 MiB at 0x9c800000
[    0.000000] CPU: All CPU(s) started in SVC mode.

Login into System:

Debian GNU/Linux 9 beaglebone ttyS0

BeagleBoard.org Debian Stretch IoT Image 2020-04-06

Support: http://elinux.org/Beagleboard:BeagleBoneBlack_Debian

default username:password is [debian:temppwd]

beaglebone login: debian
Password: 
Last login: Fri May 15 14:44:59 UTC 2020 on ttyS0

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
debian@beaglebone:~$

debian@beaglebone:~$ mount | grep nfs
192.168.1.80:/opt/buster on / type nfs (rw,relatime,vers=3,rsize=4096,wsize=4096,namlen=255,hard,nolock,proto=udp,timeo=11,retrans=3,sec=sys,mountaddr=192.168.1.80,mountvers=3,mountproto=udp,local_lock=all,addr=192.168.1.80)

debian@beaglebone:~$ whoami
debian

debian@beaglebone:~$ sudo whoami
root

debian@beaglebone:~$ sudo reboot
[  OK  ] Stopped target RPC Port Mapper.
[  OK  ] Stopped target Graphical Interface.
[  OK  ] Stopped target Sound Card.
[  OK  ] Stopped target Host and Network Name Lookups.
         Stopping dnsmasq - A lightweight DHCP and caching DNS server...
[  OK  ] Closed Load/Save RF Kill Switch Status /dev/rfkill Watch.
         Unmounting RPC Pipe File System...
[  OK  ] Stopped target Timers.

@RobertCNelson Thank you for the detailed response. I checked all my services, my tftpd-hpa is configured as above, and the command

debian@beaglebone:~$ mount | grep nfs

gives me the same output as your, just my IPs differs.

192.168.1.254:/var/rootfs on / type nfs (rw,relatime,vers=3,rsize=4096,wsize=4096,namlen=255,hard,nolock,proto=udp,timeo=11,retrans=3,sec=sys,mountaddr=192.168.1.254,mountvers=3,mountproto=udp,local_lock=all,addr=192.168.1.254)

It might be files ownership on the desktop that is blocking it. Here is the file ownership on the BBB:

debian@beaglebone:/$ ls -l
total 72
-rw-r–r-- 1 debian debian 40 Feb 8 2020 ID.txt
-rw-r–r-- 1 debian debian 1359 Feb 8 2020 bbb-uEnv.txt
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 bin
drwxr-xr-x 4 debian debian 4096 Feb 8 2020 boot
drwxr-xr-x 14 root root 3080 Feb 14 10:12 dev
drwxr-xr-x 66 debian debian 4096 Feb 17 2020 etc
drwxr-xr-x 3 debian debian 4096 Feb 8 2020 home
drwxr-xr-x 14 debian debian 4096 Feb 8 2020 lib
drwx------ 2 debian debian 4096 Feb 8 2020 lost+found
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 media
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 mnt
-rw-r–r-- 1 debian debian 1008 Feb 8 2020 nfs-uEnv.txt
drwxr-xr-x 5 debian debian 4096 Feb 8 2020 opt
dr-xr-xr-x 89 root root 0 Jan 1 1970 proc
drwx------ 2 debian debian 4096 Feb 8 2020 root
drwxr-xr-x 17 root root 520 Feb 14 10:13 run
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 sbin
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 srv
dr-xr-xr-x 12 root root 0 Jan 1 2000 sys
drwxrwxrwt 3 root root 4096 Feb 17 2020 tmp
drwxr-xr-x 10 debian debian 4096 Feb 8 2020 usr
drwxr-xr-x 11 debian debian 4096 Feb 8 2020 var

And on the desktop under /var/rootfs:

skulos@skulos:/var/rootfs$ ls -l
total 88
-rw-r–r-- 1 skulos skulos 1359 Feb 8 04:49 bbb-uEnv.txt
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 bin
drwxr-xr-x 4 skulos skulos 4096 Feb 8 04:49 boot
drwxr-xr-x 4 skulos skulos 4096 Feb 8 04:49 dev
drwxr-xr-x 66 skulos skulos 4096 Feb 17 10:28 etc
drwxr-xr-x 3 skulos skulos 4096 Feb 8 04:49 home
-rw-r–r-- 1 skulos skulos 40 Feb 8 04:49 ID.txt
drwxr-xr-x 14 skulos skulos 4096 Feb 8 04:49 lib
drwx------ 2 skulos skulos 4096 Feb 8 04:49 lost+found
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 media
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 mnt
-rw-r–r-- 1 skulos skulos 1008 Feb 8 04:49 nfs-uEnv.txt
drwxr-xr-x 5 skulos skulos 4096 Feb 8 04:49 opt
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 proc
drwx------ 2 skulos skulos 4096 Feb 8 04:49 root
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 run
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 sbin
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 srv
drwxr-xr-x 2 skulos skulos 4096 Feb 8 04:49 sys
drwxrwxrwt 3 root root 4096 Feb 17 10:29 tmp
drwxr-xr-x 10 skulos skulos 4096 Feb 8 04:50 usr
drwxr-xr-x 11 skulos skulos 4096 Feb 8 04:50 var

I also created a file on the desktop using sudo to see what would happen, and got this:

debian@beaglebone:~$ ls -l
total 12
drwxr-xr-x 2 debian debian 4096 Feb 8 2020 bin
-rw-r–r-- 1 root root 1178 Feb 17 2020 list
-rw-r–r-- 1 debian debian 23 Feb 23 2020 p.py

Is there another way to reboot the board? And how did you copy the rootfs on your system?

Kind regards,
Jack

Also I get debian with whoami, and sudo whoami get the error sudo: /usr/bin/sudo must be owned by uid 0 and have the setuid bit set.

I’ve tried everything I can think of. I’ve changed ownerships, I tried all of the NFS squash options. I’ve placed the NFS in a home directory, root directory and subroot directory.

@Jack_Nightengale, your root file system on your x86 doesn’t have the correct permissions…

voodoo@hestia:/opt/buster$ ls -lha
total 92K
drwxr-xr-x 20 root root 4.0K May 15 09:48 .
drwxr-xr-x 12 root root 4.0K May 15 09:33 ..
-rw-r--r--  1 root root 1.4K Apr  6 09:01 bbb-uEnv.txt
drwxr-xr-x  2 root root 4.0K May 15 09:45 bin
drwxr-xr-x  4 root root 4.0K May 15 09:43 boot
drwxr-xr-x  2 root root 4.0K May 15 09:45 dev
drwxr-xr-x 86 root root 4.0K May 15 09:46 etc
drwxr-xr-x  3 root root 4.0K Apr  6 05:34 home
-rw-r--r--  1 root root   52 Apr  6 09:01 ID.txt
drwxr-xr-x 13 root root 4.0K Apr  6 05:31 lib
drwxr-xr-x  2 root root 4.0K Apr  6 05:14 media
drwxr-xr-x  2 root root 4.0K Apr  6 05:14 mnt
-rw-r--r--  1 root root 1008 Apr  6 09:01 nfs-uEnv.txt
drwxr-xr-x  8 root root 4.0K Apr  6 09:01 opt
dr-xr-xr-x  2 root root 4.0K Dec 31  1969 proc
drwx------  3 root root 4.0K Apr  6 05:31 root
drwxr-xr-x  2 root root 4.0K May 15 09:46 run
drwxr-xr-x  2 root root 4.0K May 15 09:45 sbin
drwxr-xr-x  2 root root 4.0K Apr  6 05:14 srv
dr-xr-xr-x  2 root root 4.0K May 15 09:43 sys
drwxrwxrwt  9 root root 4.0K May 15 11:44 tmp
drwxr-xr-x 10 root root 4.0K Apr  6 05:14 usr
drwxr-xr-x 12 root root 4.0K Apr  6 05:22 var

Did you run rsync as root when you copied it over?

Regards,

No, I did not. I just copied the image off of the SD Card into a folder. Should I run the nfs-rsync.sh from the rootfs directory on the desktop or when I’ve SSH’d into the BBB?

I’ve also changed the ownership of the rootfs to root on the desktop.

Regards.

@RobertCNelson Do I just copy the rfs from the SD card into the directory, as root, and then run the rsync script or the rsync command?

Hi @Jack_Nightengale, i recommend user ‘boot’ off the microSD and then transfer the data from the BBB to you nfs server via rsync. So using your previous post’s i would:

Boot BeagleBone Black off microSD

Create a temporary nfs mount point:

sudo mkdir /tmp/rootfs/

Mount your nfs server (192.168.1.254 based on your posts)

sudo mount -t nfs -o rw,nfsvers=3,rsize=8192,wsize=8192 192.168.1.254:/var/rootfs/ /tmp/rootfs/"

Then transfer your BeagleBone Black’s rootfs via rsync: (this has the --delete flag, so it’ll clear out any difference in your NFS’s directory…)

sudo rsync -aAx --human-readable --info=name0,progress2 --delete /* /tmp/rootfs/ --exclude={/dev/*,/proc/*,/sys/*,/tmp/*,/run/*,/mnt/*,/media/*,/lost+found}

Regards,