Permission denied error when adding packge to ISO

I’m trying to add a package to the iso build for an unsupported network card and I’m getting this error:

N: Download is performed unsandboxed as root as file ‘/root/packages/./realtek-r8126-dkms_10.015.00-1_amd64.deb’ couldn’t be accessed by user ‘_apt’. - pkgAcquire::Run (13: Permission denied)

I’ve tried changing both the file permissions and ownership of the file, but still getting the same error.

Anybody have an idea how to resolve this? – TIA

It would pay to provide context around what version you’re building, how you’re building it, what commands you’re using to build it etc. Then someone who understands the build process (not me, sadly) might be able to assist.

Fair enough… A little more context.

This is with the latest rolling release using the standard build docker. I add the .deb to the /packages dir per the build instructions and build per the instructions as well.

The build itself has no other issues and completes successfully, just with the added driver package missing. I’ve tested the resulting iso is working but missing the r8126 driver.

Any pointers would be appreciated.

You do follow the Build VyOS instruction (including the ‘Build ISO’ part) and start the docker container similar to Build Vyos: Tips and Tricks?

After changing into the checked-out vyos-build directory, you run the docker command?

Where did you get the realtek DEB file from?

And what confuses me a bit is that you put the DEB file in /root/packages? For me the packages folder is a folder in the vyos-build repo. And I’m in the vyos-build repo when I start the docker container.

vyos_bld@f0acfcd8a739:/vyos$ ls -l packages/
total 43984
...
-rw-r--r-- 1 vyos_bld vyos_bld  4146430 Feb 21 15:09 vyos-intel-qat_4.24.0-00005-0_amd64.deb
...
vyos_bld@f0acfcd8a739:/vyos$ id vyos_bld
uid=1000(vyos_bld) gid=1000(vyos_bld) groups=1000(vyos_bld)

@patient0 Thanks for your reply.

Yes… I’m following the build instructions exactly:
cd vyos-build
docker run --rm -it --privileged -v $(pwd):/vyos -w /vyos vyos/vyos-build:current bash
sudo make clean
sudo ./build-vyos-image --architecture amd64 --build-by “[email protected]” generic

I’m getting the deb from GitHub - awesometic/realtek-r8126-dkms: A DKMS package for easy use of Realtek r8126 driver, which supports 5 GbE. Granted it may not run when loaded, but it should not be giving me a permission error. I’m new to VyOS and this is somewhat a test to see how the process works. I’m half expecting to have to build it myself but one problem at a time.

I put the .deb in vyos-build/packages, the error message is showing the path as: /root/packages/./realtek-r8126-dkms_10.015.00-1_amd64.deb. It obviously finds it so not sure why the difference, so something to look into.

For the example you sent it’s showing the file owner as vyos_bld, I’ll try set it to that when I get a moment. I’ve tried a few other owners and groups but not that one.

Looks good, pretty much how I start it.

It’s the ID of user I started the docker container with

BUT: I get the same error when download the RealTek DEB into the ./packages directory. Something is not compatible with this kind of installation. Can you manually install the DEB after installation of VyOS itself?

@patient0 Thanks for the verification. I’ll try installing it myself as soon as I can get the time. Hopefully tonight.

Also try if you attempt with some different deb if you get the same error or not.

DKMS compiles the module for the kernel and the build environment is not prepared for that I assume.

Edit 2025-04-14: build image process is working again. Editing below instructions

And now the little how-to:

Have a look in vyos-build/scripts/package-build/linux-kernel, there are a few scripts to compile the kernel and additional modules. There is a Python script to compile the Realtek 8152 driver. I added the r8126 driver in similar fashion.

All the necessary changes are pushed to GitHub - boretom/vyos-build at feature/add-realtek-8126 . git cherry-pick or git rebase should work fine.

It downloads the driver archive from my site (unmodified archive) since you have to solve a riddle to be able to download it from Realtek. I’m sure that’s not legal (maybe it is) but maybe ok for testing.

## checkout vyos-build, checkout branch current
## skip this step if you already have it checked-out
$ git clone --single-branch --branch current https://github.com/vyos/vyos-build
$ cd vyos-build
## add my r8126 repo and fetch it
$ git remote add boretom https://github.com/boretom/vyos-build
$ git fetch boretom
## git cherry-pick the latest from the `feature/add-realtek-8126` branch
## add `-n` to `cherry-pick` to _not_ commit the changes to your local git repo
## but just have them in the working copy. 
$ git cherry-pick -n boretom/feature/add-realtek-8126
## fire up the build docker image however you like
## change into the linux-build package build directory
vyos_bld@...:/vyos$ cd scripts/package-build/linux-kernel
## build the kernel and the Realtek 8126 module
vyos_bld@...:/vyos/scripts/package-build/linux-kernel$ ./build.py --config package.toml --packages linux-kernel realtek-r8126
## copy the resulting `*.deb` file from this directory into /vyos/packages

The resulting kernel and module are signed. If you make changes to the kernel and/or compile it again, the keys may change (not sure) and you would have to rebuild the module.

Edit: Had a brain outage, corrected the above steps.
A side-note about building the Realtek module: it should be possible to build the kernel and the driver in one go, like:
removed the result of the brain outage…
But the code in ./build.py does after all just run build-realtek-r8126.py, running it manually is fine.

1 Like

@patient0 Thanks so much for taking the time to dig into this! I haven’t had time to get back to this, but will this weekend.

1 Like

Don’t try anything at the moment, building the 1.5-rolling image is broken upstream (2025-04-11 11:00 UTC).
Building the 1.5-rolling image is working again (2025-04-14 08:30 UTC), thanks to everybody involved.

I’ll clean up the post with the how-to once I can confirm that it works, and modify this post to reflect that.

I did some changes and pushed them to GitHub - boretom/vyos-build at feature/add-realtek-8126 . That should allow to git cherry-pick that commit and you’ll get the changes to vyos-build that are necessary.

I compiled vyos-1.5-rollling with the Realtek 8126 driver if you want to give a go to see if it works at all. Running the ISO itself should be enough, no installation necessary. I assume the driver is loaded automatically but if not, run:

sudo modprobe -v r8126

Download from my own server:
vyos-1.5-rolling-20250413-1248-tk-generic-amd64.iso (529MB)
vyos-1.5-rolling-20250413-1248-tk-generic-amd64.iso MD5SUM file

The image compile process is not yet fixed, it does involve some patch and compiling packages manually.

1 Like

Wow! You went above and beyond on this one! I was just asking for a few pointers, and you roll me a ISO. And yup… running the ISO the driver is loading.

Thank you so much.

Just saying… given how things rolls these days I wouldnt trust a compile made by somebody else but Im guessing you can do your own compile shortly in case that would be an issue.

@Apachez I agree, that’s why I wrote no installation is necessary. That way one could check to see if the driver loads and is working from the live ISO. Sure it can already contain a virus or malware.

@hyyram I updated the compile instructions in post #9.

Be sure to check the code and you can download the 8126 driver archive yourself (Realtek PCIe 1G / 2.5G / 5G / 10G Ethernet Family Controller Software) and compare the sha256 of the it with the one from my site (https://kupper.org/files/r8126-10.015.00.tar.bz2).

I have not tried it myself yet: maybe if you place it in /vyos/scripts/package-build/linux-kernel it won’t download it from my site. And if the whole thing works maybe VyOS does include it upstream like for the Realtek 8152.

1 Like

@Apachez Good point. In my case, this is just a test as I do plan to build it myself.

@patient0 I can’t say it enough… the effort you put into this is priceless! Thanks again!

It’s self-serving since I do enjoy that kind of stuff :). Of course good if it helps someone after all.

1 Like

Would you like to create a PR?

I’ll create one after getting feedback if the driver is any good/stable.

@Viacheslav maybe a question : if creating a PR for it, can I assume that the driver source archive would be in https://packages.vyos.net/source-mirror/, named the same as the download from the Realtek side, in that case r8126-10.015.00.tar.bz2?

1 Like

Ah they still dont have git repo for this.
Yes the file will be named as original, when we upload it to packages.

1 Like