Raspi2-3_GenImage Files · bootstrap.d/14-fstab.sh · Collaboration Tremplin des Sciences

proposal to add copy of fixup4* and start4* from firmware repository...

proposal to add copy of fixup4* and start4* from firmware repository into boot folder of the new image. If these files are not present boot hangs at early stage. Tested with buster and bullseye 64

Unknown - - Load All Authors

Fichier de la dernière révision:

r696:2f2cf24844e7 pull


                r710:39687c656a45

Download file

             14-fstab.sh
        
                    120 lines
            
             | 5.1 KiB
            
                | application/x-sh
            
             |
                BashLexer
            
             / bootstrap.d / 14-fstab.sh
          
                    Historique
                
                 |
                  Source
                 | Brut
                 |Copy content
                 |Copy permalink

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
      #

      # Setup fstab and initramfs

      #

      # Load utility functions

      . ./functions.sh

      # Install and setup fstab

      install_readonly files/mount/fstab "${ETC_DIR}/fstab"

      # Generate initramfs file

        Unknown
    
Dropbear initramfs...

              r501
            
      if [ "$ENABLE_INITRAMFS" = true ] ; then

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
        if [ "$ENABLE_CRYPTFS" = true ] ; then

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
          # Include initramfs scripts to auto expand encrypted root partition

          if [ "$EXPANDROOT" = true ] ; then

            install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"

            install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"

            install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"

          fi

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
          # Replace fstab root partition with encrypted partition mapping

          sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"

        Unknown
    
formating and dropbear fix for static ip

              r569
            
        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
          # Add encrypted partition to crypttab and fstab

          install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"

          echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"

        Unknown
    
formating and dropbear fix for static ip

              r569
            
        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
      	if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_SPLITFS" = false ]; then

      	  sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"

            # Add usb/sda2 disk to crypttab

            sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"

          fi

          # Add encrypted root partition to fstab and crypttab

          if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_USBBOOT" = false ]; then

            # Add usb/sda1 disk to crypttab

            sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"

        Unknown
    
formating and dropbear fix for static ip

              r569
            
          fi

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
          if [ "$CRYPTFS_DROPBEAR" = true ]; then

            if [ "$ENABLE_DHCP" = false ] ; then

              # Get cdir from NET_ADDRESS e.g. 24

              cdir=$(printf "%s" "${NET_ADDRESS}" | cut -d '/' -f2)

        Unknown
    
Dropbear initramfs...

              r501
            
        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
              # Convert cdir ro netmask e.g. 24 to 255.255.255.0

              NET_MASK=$(cdr2mask "$cdir")

              # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf

              # ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<hostname>:<device>:<autoconf>

              sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf

            else

              sed -i "\$a\nIP=::::${HOSTNAME}::dhcp" "${ETC_DIR}"/initramfs-tools/initramfs.conf

            fi

            if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then

              install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub

              cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys

            else

              # Create key

              chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear

              # Convert dropbear key to openssh key

              chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa

              # Get Public Key Part

              chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear | chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub

              # Delete unwanted lines

              sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub

              sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub

              # Trust the new key

              cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys

              # Save Keys - convert with putty from rsa/openssh to puttkey

              cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa

              # Get unlock script

              install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh

              # Enable Dropbear inside initramfs

              printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"

              # Enable Dropbear inside initramfs

              sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear	  

            fi

          # CRYPTFSDROPBEAR=false

          else

            # Disable SSHD inside initramfs

            printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"

          fi

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
        drtyhlpr
    
fix: typos in DTB for all

              r261
            
          # Add cryptsetup modules to initramfs

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
          #printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"

        drtyhlpr
    
fix: typos in DTB for all

              r261
            
        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
          # Dummy mapping required by mkinitramfs

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
          echo "0 1 crypt "${CRYPTFS_CIPHER}" ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
          # Generate initramfs with encrypted root partition support

          chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"

          # Remove dummy mapping

          chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
        # CRYPTFS=false

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
        else

        Unknown
    
-using --verbose and debug while creating cryptfs to give a hint by default...

              r696
            
        	#USB BOOT /boot on sda1 / on sda2

      	if [ "$ENABLE_USBBOOT" = true ] ; then

        	  sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"

        	  sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"

      	fi

      	# Add usb/sda disk root partition to fstab

      	if [ "$ENABLE_SPLITFS" = true ] ; then

        	  sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"

      	fi

        drtyhlpr
    
Updated: Moved fstab stuff to new file 14-fstab.sh

              r141
            
          # Generate initramfs without encrypted root partition support

          chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"

        fi

      fi

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	#
		# Setup fstab and initramfs
		#

		# Load utility functions
		. ./functions.sh

		# Install and setup fstab
		install_readonly files/mount/fstab "${ETC_DIR}/fstab"

		# Generate initramfs file
Unknown Dropbear initramfs...	r501	if [ "$ENABLE_INITRAMFS" = true ] ; then
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	if [ "$ENABLE_CRYPTFS" = true ] ; then
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	# Include initramfs scripts to auto expand encrypted root partition
		if [ "$EXPANDROOT" = true ] ; then
		install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
		install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
		install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
		fi
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696
		# Replace fstab root partition with encrypted partition mapping
		sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
Unknown formating and dropbear fix for static ip	r569
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	# Add encrypted partition to crypttab and fstab
		install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
		echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
Unknown formating and dropbear fix for static ip	r569
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_SPLITFS" = false ]; then
		sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
		# Add usb/sda2 disk to crypttab
		sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab"
		fi

		# Add encrypted root partition to fstab and crypttab
		if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_USBBOOT" = false ]; then
		# Add usb/sda1 disk to crypttab
		sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
Unknown formating and dropbear fix for static ip	r569	fi
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	if [ "$CRYPTFS_DROPBEAR" = true ]; then
		if [ "$ENABLE_DHCP" = false ] ; then
		# Get cdir from NET_ADDRESS e.g. 24
		cdir=$(printf "%s" "${NET_ADDRESS}" \| cut -d '/' -f2)
Unknown Dropbear initramfs...	r501
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	# Convert cdir ro netmask e.g. 24 to 255.255.255.0
		NET_MASK=$(cdr2mask "$cdir")

		# Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
		# ip=<client-ip>:<server-ip>:<gw-ip>:<netmask>:<hostname>:<device>:<autoconf>
		sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
		else
		sed -i "\$a\nIP=::::${HOSTNAME}::dhcp" "${ETC_DIR}"/initramfs-tools/initramfs.conf
		fi

		if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
		install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
		cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys
		else
		# Create key
		chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear

		# Convert dropbear key to openssh key
		chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa

		# Get Public Key Part
		chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear \| chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub

		# Delete unwanted lines
		sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
		sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub

		# Trust the new key
		cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys

		# Save Keys - convert with putty from rsa/openssh to puttkey
		cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa

		# Get unlock script
		install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh

		# Enable Dropbear inside initramfs
		printf "#\n# DROPBEAR: [ y \| n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"

		# Enable Dropbear inside initramfs
		sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear
		fi
		# CRYPTFSDROPBEAR=false
		else
		# Disable SSHD inside initramfs
		printf "#\n# DROPBEAR: [ y \| n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
		fi
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141
drtyhlpr fix: typos in DTB for all	r261	# Add cryptsetup modules to initramfs
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	#printf "#\n# CRYPTSETUP: [ y \| n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
drtyhlpr fix: typos in DTB for all	r261
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	# Dummy mapping required by mkinitramfs
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	echo "0 1 crypt "${CRYPTFS_CIPHER}" ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" \| chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141
		# Generate initramfs with encrypted root partition support
		chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"

		# Remove dummy mapping
		chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	# CRYPTFS=false
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	else
Unknown -using --verbose and debug while creating cryptfs to give a hint by default...	r696	#USB BOOT /boot on sda1 / on sda2
		if [ "$ENABLE_USBBOOT" = true ] ; then
		sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
		sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
		fi

		# Add usb/sda disk root partition to fstab
		if [ "$ENABLE_SPLITFS" = true ] ; then
		sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
		fi
drtyhlpr Updated: Moved fstab stuff to new file 14-fstab.sh	r141	# Generate initramfs without encrypted root partition support
		chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
		fi
		fi