From 2ce085c5649361666dc45dc8e4a0ba72f6ce97d8 2016-08-10 09:27:05 From: drtyhlpr Date: 2016-08-10 09:27:05 Subject: [PATCH] Added Raspberry Pi 3 model support --- diff --git a/README.md b/README.md index ebb6950..5289882 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ -# rpi2-gen-image +# rpi23-gen-image ## Introduction -`rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time supports the bootstrapping of the Debian releases "jessie" and "stretch". +`rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian releases "jessie" and "stretch". Raspberry Pi 3 images are currently generated for 32-bit mode only. ## Build dependencies The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user. @@ -8,21 +8,23 @@ The following list of Debian packages must be installed on the build system beca ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git``` ## Command-line parameters -The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script. +The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script. #####Command-line examples: ```shell -ENABLE_UBOOT=true ./rpi2-gen-image.sh -ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh -ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh -ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh -APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh -ENABLE_MINBASE=true ./rpi2-gen-image.sh -BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi2-gen-image.sh -BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi2-gen-image.sh -ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi2-gen-image.sh -ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi2-gen-image.sh -RELEASE=stretch BUILD_KERNEL=true ./rpi2-gen-image.sh +ENABLE_UBOOT=true ./rpi23-gen-image.sh +ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh +ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh +ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh +APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh +ENABLE_MINBASE=true ./rpi23-gen-image.sh +BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh +BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh +ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh +ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh +RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh +RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh +RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh ``` #### APT settings: @@ -36,10 +38,13 @@ Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will sp A comma separated list of additional packages to be installed during bootstrapping. #### General system settings: +##### `RPI_MODEL`=2 +Specifiy the target Raspberry Pi hardware model. The script at this time supports the Raspberry Pi models `2` and `3`. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model 3 is used. + ##### `RELEASE`="jessie" Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie" and "stretch". `BUILD_KERNEL`=true will automatically be set if the Debian release `stretch` is used. -##### `HOSTNAME`="rpi2-jessie" +##### `HOSTNAME`="rpi${RPI_MODEL}-${RELEASE}" Set system host name. It's recommended that the host name is unique in the corresponding subnet. ##### `PASSWORD`="raspberry" @@ -101,7 +106,7 @@ Set the IP address for the second NTP server. #### Basic system features: ##### `ENABLE_CONSOLE`=true -Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. +Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. ##### `ENABLE_IPV6`=true Enable IPv6 support. The network interface configuration is managed via systemd-networkd. @@ -112,6 +117,9 @@ Install and enable OpenSSH service. The default configuration of the service doe ##### `ENABLE_NONFREE`=false Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs. +##### `ENABLE_WIRELESS`=false +Download and install the required non-free closed-source firmware binary blob that is required to run the internal wireless interface of the Rasberry Pi model 3. This parameter is ignored if the specified `RPI_MODEL` is not 3. + ##### `ENABLE_RSYSLOG`=true If set to false, disable and uninstall rsyslog (so logs will be available only in journal files) @@ -132,7 +140,7 @@ Install and enable D-Bus message bus. Please note that systemd should work witho Install Xorg open-source X Window System. ##### `ENABLE_WM`="" -Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`. +Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`. #### Advanced system features: ##### `ENABLE_MINBASE`=false @@ -142,7 +150,7 @@ Use debootstrap script variant `minbase` which only includes essential packages Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information. ##### `ENABLE_UBOOT`=false -Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol. +Replace the default RPi2/3 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol. ##### `ENABLE_FBTURBO`=false Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling. @@ -180,7 +188,7 @@ Enable automatic assignment of predictable, stable network interface names for a #### Kernel compilation: ##### `BUILD_KERNEL`=false -Build and install the latest RPi2 Linux kernel. Currently only the default RPi2 kernel configuration is used. +Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. ##### `KERNEL_REDUCE`=false Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental). @@ -264,7 +272,7 @@ The functions of this script that are required for the different stages of the b | `10-bootstrap.sh` | Debootstrap basic system | | `11-apt.sh` | Setup APT repositories | | `12-locale.sh` | Setup Locales and keyboard settings | -| `13-kernel.sh` | Build and install RPi2 Kernel | +| `13-kernel.sh` | Build and install RPi2/3 Kernel | | `20-networking.sh` | Setup Networking | | `21-firewall.sh` | Setup Firewall | | `30-security.sh` | Setup Users and Security settings | @@ -279,7 +287,7 @@ All the required configuration files that will be copied to the generated OS ima | Directory | Description | | --- | --- | | `apt` | APT management configuration files | -| `boot` | Boot and RPi2 configuration files | +| `boot` | Boot and RPi2/3 configuration files | | `dpkg` | Package Manager configuration | | `etc` | Configuration files and rc scripts | | `firstboot` | Scripts that get executed on first boot | @@ -297,14 +305,14 @@ Debian custom packages, i.e. those not in the debian repositories, can be instal Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created. ## Logging of the bootstrapping process -All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose: +All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose: ```shell -script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log +script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log ``` ## Flashing the image file -After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`. +After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`. #####Flashing examples: ```shell @@ -316,3 +324,12 @@ If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, th bmaptool copy ./images/jessie/2015-12-13-debian-jessie-frmw.img /dev/mmcblk0 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-root.img /dev/sdc ``` + +## External links and references +* [Debian worldwide mirror sites](https://www.debian.org/mirror/list) +* [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware) +* [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux) +* [U-BOOT git repository](http://git.denx.de/?p=u-boot.git;a=summary) +* [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo) +* [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm) +* [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/) diff --git a/bootstrap.d/11-apt.sh b/bootstrap.d/11-apt.sh index cd2a51c..7117c6d 100644 --- a/bootstrap.d/11-apt.sh +++ b/bootstrap.d/11-apt.sh @@ -7,33 +7,33 @@ # Install and setup APT proxy configuration if [ -z "$APT_PROXY" ] ; then - install_readonly files/apt/10proxy "${ETCDIR}/apt/apt.conf.d/10proxy" - sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETCDIR}/apt/apt.conf.d/10proxy" + install_readonly files/apt/10proxy "${ETC_DIR}/apt/apt.conf.d/10proxy" + sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy" fi if [ "$BUILD_KERNEL" = false ] ; then # Install APT pinning configuration for flash-kernel package - install_readonly files/apt/flash-kernel "${ETCDIR}/apt/preferences.d/flash-kernel" + install_readonly files/apt/flash-kernel "${ETC_DIR}/apt/preferences.d/flash-kernel" # Install APT sources.list - install_readonly files/apt/sources.list "${ETCDIR}/apt/sources.list" - echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETCDIR}/apt/sources.list" + install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list" + echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETC_DIR}/apt/sources.list" # Upgrade collabora package index and install collabora keyring chroot_exec apt-get -qq -y update chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring else # BUILD_KERNEL=true # Install APT sources.list - install_readonly files/apt/sources.list "${ETCDIR}/apt/sources.list" + install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list" # Use specified APT server and release - sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETCDIR}/apt/sources.list" - sed -i "s/ jessie/ ${RELEASE}/" "${ETCDIR}/apt/sources.list" + sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list" + sed -i "s/ jessie/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list" fi # Allow the installation of non-free Debian packages if [ "$ENABLE_NONFREE" = true ] ; then - sed -i "s/ contrib/ contrib non-free/" "${ETCDIR}/apt/sources.list" + sed -i "s/ contrib/ contrib non-free/" "${ETC_DIR}/apt/sources.list" fi # Upgrade package index and update all installed packages and changed dependencies diff --git a/bootstrap.d/12-locale.sh b/bootstrap.d/12-locale.sh index bb60178..e69f44c 100644 --- a/bootstrap.d/12-locale.sh +++ b/bootstrap.d/12-locale.sh @@ -6,7 +6,7 @@ . ./functions.sh # Install and setup timezone -echo ${TIMEZONE} > "${ETCDIR}/timezone" +echo ${TIMEZONE} > "${ETC_DIR}/timezone" chroot_exec dpkg-reconfigure -f noninteractive tzdata # Install and setup default locale and keyboard configuration @@ -19,40 +19,40 @@ if [ $(echo "$APT_INCLUDES" | grep ",locales") ] ; then else # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections - sed -i "/en_US.UTF-8/s/^#//" "${ETCDIR}/locale.gen" + sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen" fi - sed -i "/${DEFLOCAL}/s/^#//" "${ETCDIR}/locale.gen" + sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen" chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections chroot_exec locale-gen chroot_exec update-locale LANG="${DEFLOCAL}" # Install and setup default keyboard configuration if [ "$XKB_MODEL" != "" ] ; then - sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETCDIR}/default/keyboard" + sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard" fi if [ "$XKB_LAYOUT" != "" ] ; then - sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETCDIR}/default/keyboard" + sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard" fi if [ "$XKB_VARIANT" != "" ] ; then - sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETCDIR}/default/keyboard" + sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard" fi if [ "$XKB_OPTIONS" != "" ] ; then - sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETCDIR}/default/keyboard" + sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard" fi chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration # Install and setup font console case "${DEFLOCAL}" in *UTF-8) - sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETCDIR}/default/console-setup" + sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup" ;; *) - sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETCDIR}/default/console-setup" + sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup" ;; esac chroot_exec dpkg-reconfigure -f noninteractive console-setup else # (no locales were installed) # Install POSIX default locale - install_readonly files/locales/locale "${ETCDIR}/default/locale" + install_readonly files/locales/locale "${ETC_DIR}/default/locale" fi diff --git a/bootstrap.d/13-kernel.sh b/bootstrap.d/13-kernel.sh index b88200e..a63129d 100644 --- a/bootstrap.d/13-kernel.sh +++ b/bootstrap.d/13-kernel.sh @@ -1,5 +1,5 @@ # -# Build and Setup RPi2 Kernel +# Build and Setup RPi2/3 Kernel # # Load utility functions @@ -17,7 +17,7 @@ if [ "$BUILD_KERNEL" = true ] ; then # Clean the kernel sources if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper fi else # KERNELSRC_DIR="" # Fetch current raspberrypi kernel sources @@ -33,7 +33,7 @@ if [ "$BUILD_KERNEL" = true ] ; then if [ "$KERNELSRC_PREBUILT" = false ] ; then # Remove device, network and filesystem drivers from kernel configuration if [ "$KERNEL_REDUCE" = true ] ; then - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" sed -i\ -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\ -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\ @@ -64,25 +64,25 @@ if [ "$BUILD_KERNEL" = true ] ; then -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\ -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\ -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\ - "${KERNELDIR}/.config" + "${KERNEL_DIR}/.config" fi if [ "$KERNELSRC_CONFIG" = true ] ; then # Load default raspberry kernel configuration - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}" # Start menu-driven kernel configuration (interactive) if [ "$KERNEL_MENUCONFIG" = true ] ; then - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig fi fi # Cross compile kernel and modules - make -C "${KERNELDIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" zImage modules dtbs + make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" zImage modules dtbs fi # Check if kernel compilation was successful - if [ ! -r "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/zImage" ] ; then + if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" ] ; then echo "error: kernel compilation failed! (zImage not found)" cleanup exit 1 @@ -90,65 +90,65 @@ if [ "$BUILD_KERNEL" = true ] ; then # Install kernel modules if [ "$ENABLE_REDUCE" = true ] ; then - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install else - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install # Install kernel firmware - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install fi # Install kernel headers if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then - make -C "${KERNELDIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install + make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install fi # Prepare boot (firmware) directory - mkdir "${BOOTDIR}" + mkdir "${BOOT_DIR}" # Get kernel release version - KERNEL_VERSION=`cat "${KERNELDIR}/include/config/kernel.release"` + KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"` # Copy kernel configuration file to the boot directory - install_readonly "${KERNELDIR}/.config" "${R}/boot/config-${KERNEL_VERSION}" + install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}" # Copy dts and dtb device tree sources and binaries - mkdir "${BOOTDIR}/overlays" - install_readonly "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb "${BOOTDIR}/" - install_readonly "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb* "${BOOTDIR}/overlays/" - install_readonly "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOTDIR}/overlays/README" + mkdir "${BOOT_DIR}/overlays" + install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb "${BOOT_DIR}/" + install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb* "${BOOT_DIR}/overlays/" + install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README" if [ "$ENABLE_UBOOT" = false ] ; then # Convert and copy zImage kernel to the boot directory - "${KERNELDIR}/scripts/mkknlimg" "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOTDIR}/${KERNEL_IMAGE}" + "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}" else # Copy zImage kernel to the boot directory - install_readonly "${KERNELDIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOTDIR}/${KERNEL_IMAGE}" + install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}" fi # Remove kernel sources if [ "$KERNEL_REMOVESRC" = true ] ; then - rm -fr "${KERNELDIR}" + rm -fr "${KERNEL_DIR}" fi - if [ -n "$FIRMWAREDIR" ] && [ -d "$FIRMWAREDIR" ] ; then + if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then # Install boot binaries from local directory - cp ${FIRMWAREDIR}/boot/bootcode.bin ${BOOTDIR}/bootcode.bin - cp ${FIRMWAREDIR}/boot/fixup.dat ${BOOTDIR}/fixup.dat - cp ${FIRMWAREDIR}/boot/fixup_cd.dat ${BOOTDIR}/fixup_cd.dat - cp ${FIRMWAREDIR}/boot/fixup_x.dat ${BOOTDIR}/fixup_x.dat - cp ${FIRMWAREDIR}/boot/start.elf ${BOOTDIR}/start.elf - cp ${FIRMWAREDIR}/boot/start_cd.elf ${BOOTDIR}/start_cd.elf - cp ${FIRMWAREDIR}/boot/start_x.elf ${BOOTDIR}/start_x.elf + cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin + cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat + cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat + cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat + cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf + cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf + cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf else # Install latest boot binaries from raspberry/firmware github - wget -q -O "${BOOTDIR}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin" - wget -q -O "${BOOTDIR}/fixup.dat" "${FIRMWARE_URL}/fixup.dat" - wget -q -O "${BOOTDIR}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat" - wget -q -O "${BOOTDIR}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat" - wget -q -O "${BOOTDIR}/start.elf" "${FIRMWARE_URL}/start.elf" - wget -q -O "${BOOTDIR}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf" - wget -q -O "${BOOTDIR}/start_x.elf" "${FIRMWARE_URL}/start_x.elf" + wget -q -O "${BOOT_DIR}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin" + wget -q -O "${BOOT_DIR}/fixup.dat" "${FIRMWARE_URL}/fixup.dat" + wget -q -O "${BOOT_DIR}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat" + wget -q -O "${BOOT_DIR}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat" + wget -q -O "${BOOT_DIR}/start.elf" "${FIRMWARE_URL}/start.elf" + wget -q -O "${BOOT_DIR}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf" + wget -q -O "${BOOT_DIR}/start_x.elf" "${FIRMWARE_URL}/start_x.elf" fi else # BUILD_KERNEL=false @@ -166,7 +166,7 @@ else # BUILD_KERNEL=false exit 1 fi # Copy vmlinuz kernel to the boot directory - install_readonly "${VMLINUZ}" "${BOOTDIR}/${KERNEL_IMAGE}" + install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}" fi # Setup firmware boot cmdline @@ -208,19 +208,26 @@ if [ "$RELEASE" = "stretch" ] ; then fi # Install firmware boot cmdline -echo "${CMDLINE}" > "${BOOTDIR}/cmdline.txt" +echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt" # Install firmware config -install_readonly files/boot/config.txt "${BOOTDIR}/config.txt" +install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt" # Setup minimal GPU memory allocation size: 16MB (no X) if [ "$ENABLE_MINGPU" = true ] ; then - echo "gpu_mem=16" >> "${BOOTDIR}/config.txt" + echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt" fi # Setup boot with initramfs if [ "$ENABLE_INITRAMFS" = true ] ; then - echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOTDIR}/config.txt" + echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt" +fi + +# Disable RPi3 Bluetooth and restore ttyAMA0 serial device +if [ "$RPI_MODEL" = 3 ] ; then + if [ "$ENABLE_CONSOLE" = true ] ; then + echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt" + fi fi # Create firmware configuration and cmdline symlinks @@ -242,29 +249,29 @@ if [ "$ENABLE_SOUND" = true ] ; then fi # Install kernel modules blacklist -mkdir -p "${ETCDIR}/modprobe.d/" -install_readonly files/modules/raspi-blacklist.conf "${ETCDIR}/modprobe.d/raspi-blacklist.conf" +mkdir -p "${ETC_DIR}/modprobe.d/" +install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf" # Install and setup fstab -install_readonly files/mount/fstab "${ETCDIR}/fstab" +install_readonly files/mount/fstab "${ETC_DIR}/fstab" # Add usb/sda disk root partition to fstab if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then - sed -i "s/mmcblk0p2/sda1/" "${ETCDIR}/fstab" + sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab" fi # Add encrypted root partition to fstab and crypttab if [ "$ENABLE_CRYPTFS" = true ] ; then # Replace fstab root partition with encrypted partition mapping - sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETCDIR}/fstab" + sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab" # Add encrypted partition to crypttab and fstab - install_readonly files/mount/crypttab "${ETCDIR}/crypttab" - echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETCDIR}/crypttab" + install_readonly files/mount/crypttab "${ETC_DIR}/crypttab" + echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab" if [ "$ENABLE_SPLITFS" = true ] ; then # Add usb/sda disk to crypttab - sed -i "s/mmcblk0p2/sda1/" "${ETCDIR}/crypttab" + sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab" fi fi @@ -273,13 +280,13 @@ if [ "$ENABLE_INITRAMFS" = true ] ; then if [ "$ENABLE_CRYPTFS" = true ] ; then # Include initramfs scripts to auto expand encrypted root partition if [ "$EXPANDROOT" = true ] ; then - install_exec files/initramfs/expand_encrypted_rootfs "${ETCDIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs" - install_exec files/initramfs/expand-premount "${ETCDIR}/initramfs-tools/scripts/local-premount/expand-premount" - install_exec files/initramfs/expand-tools "${ETCDIR}/initramfs-tools/hooks/expand-tools" + install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs" + install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount" + install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools" fi # Disable SSHD inside initramfs - printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETCDIR}/initramfs-tools/initramfs.conf" + printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf" # Dummy mapping required by mkinitramfs echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}" @@ -296,4 +303,4 @@ if [ "$ENABLE_INITRAMFS" = true ] ; then fi # Install sysctl.d configuration files -install_readonly files/sysctl.d/81-rpi-vm.conf "${ETCDIR}/sysctl.d/81-rpi-vm.conf" +install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf" diff --git a/bootstrap.d/20-networking.sh b/bootstrap.d/20-networking.sh index f1a9765..c82a037 100644 --- a/bootstrap.d/20-networking.sh +++ b/bootstrap.d/20-networking.sh @@ -6,37 +6,37 @@ . ./functions.sh # Install and setup hostname -install_readonly files/network/hostname "${ETCDIR}/hostname" -sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hostname" +install_readonly files/network/hostname "${ETC_DIR}/hostname" +sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hostname" # Install and setup hosts -install_readonly files/network/hosts "${ETCDIR}/hosts" -sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETCDIR}/hosts" +install_readonly files/network/hosts "${ETC_DIR}/hosts" +sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hosts" # Setup hostname entry with static IP if [ "$NET_ADDRESS" != "" ] ; then NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/') - sed -i "s/^127.0.1.1/${NET_IP}/" "${ETCDIR}/hosts" + sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts" fi # Remove IPv6 hosts if [ "$ENABLE_IPV6" = false ] ; then - sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETCDIR}/hosts" + sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts" fi # Install hint about network configuration -install_readonly files/network/interfaces "${ETCDIR}/network/interfaces" +install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces" # Install configuration for interface eth0 -install_readonly files/network/eth.network "${ETCDIR}/systemd/network/eth.network" +install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network" if [ "$ENABLE_DHCP" = true ] ; then # Enable DHCP configuration for interface eth0 - sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETCDIR}/systemd/network/eth.network" + sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network" # Set DHCP configuration to IPv4 only if [ "$ENABLE_IPV6" = false ] ; then - sed -i "s/DHCP=.*/DHCP=v4/" "${ETCDIR}/systemd/network/eth.network" + sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network" fi else # ENABLE_DHCP=false @@ -50,34 +50,44 @@ else # ENABLE_DHCP=false -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\ -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\ -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\ - "${ETCDIR}/systemd/network/eth.network" + "${ETC_DIR}/systemd/network/eth.network" fi # Remove empty settings from network configuration -sed -i "/.*=\$/d" "${ETCDIR}/systemd/network/eth.network" +sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network" # Move systemd network configuration if required by Debian release if [ "$RELEASE" = "stretch" ] ; then - mv -v "${ETCDIR}/systemd/network/eth.network" "${LIBDIR}/systemd/network/10-eth.network" - rm -fr "${ETCDIR}/systemd/network" + mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network" + rm -fr "${ETC_DIR}/systemd/network" fi # Enable systemd-networkd service chroot_exec systemctl enable systemd-networkd # Install host.conf resolver configuration -install_readonly files/network/host.conf "${ETCDIR}/host.conf" +install_readonly files/network/host.conf "${ETC_DIR}/host.conf" # Enable network stack hardening if [ "$ENABLE_HARDNET" = true ] ; then # Install sysctl.d configuration files - install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETCDIR}/sysctl.d/82-rpi-net-hardening.conf" + install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf" # Setup resolver warnings about spoofed addresses - sed -i "s/^# spoof warn/spoof warn/" "${ETCDIR}/host.conf" + sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf" fi # Enable time sync if [ "NET_NTP_1" != "" ] ; then chroot_exec systemctl enable systemd-timesyncd.service fi + +# Download the firmware binary blob required to use the RPi3 wireless interface +if [ "$ENABLE_WIRELESS" = true ] ; then + if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then + mkdir -p ${WLAN_FIRMWARE_DIR} + fi + + wget -q -O "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin" + wget -q -O "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt" +fi diff --git a/bootstrap.d/21-firewall.sh b/bootstrap.d/21-firewall.sh index 7583d04..b36991e 100644 --- a/bootstrap.d/21-firewall.sh +++ b/bootstrap.d/21-firewall.sh @@ -7,16 +7,16 @@ if [ "$ENABLE_IPTABLES" = true ] ; then # Create iptables configuration directory - mkdir -p "${ETCDIR}/iptables" + mkdir -p "${ETC_DIR}/iptables" # Install iptables systemd service - install_readonly files/iptables/iptables.service "${ETCDIR}/systemd/system/iptables.service" + install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" # Install flush-table script called by iptables service - install_exec files/iptables/flush-iptables.sh "${ETCDIR}/iptables/flush-iptables.sh" + install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh" # Install iptables rule file - install_readonly files/iptables/iptables.rules "${ETCDIR}/iptables/iptables.rules" + install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules" # Reload systemd configuration and enable iptables service chroot_exec systemctl daemon-reload @@ -24,12 +24,12 @@ if [ "$ENABLE_IPTABLES" = true ] ; then if [ "$ENABLE_IPV6" = true ] ; then # Install ip6tables systemd service - install_readonly files/iptables/ip6tables.service "${ETCDIR}/systemd/system/ip6tables.service" + install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service" # Install ip6tables file - install_exec files/iptables/flush-ip6tables.sh "${ETCDIR}/iptables/flush-ip6tables.sh" + install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh" - install_readonly files/iptables/ip6tables.rules "${ETCDIR}/iptables/ip6tables.rules" + install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules" # Reload systemd configuration and enable iptables service chroot_exec systemctl daemon-reload @@ -39,6 +39,6 @@ fi if [ "$ENABLE_SSHD" = false ] ; then # Remove SSHD related iptables rules - sed -i "/^#/! {/SSH/ s/^/# /}" "${ETCDIR}/iptables/iptables.rules" 2> /dev/null - sed -i "/^#/! {/SSH/ s/^/# /}" "${ETCDIR}/iptables/ip6tables.rules" 2> /dev/null + sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null + sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null fi diff --git a/bootstrap.d/30-security.sh b/bootstrap.d/30-security.sh index a2435b9..f9b9e16 100644 --- a/bootstrap.d/30-security.sh +++ b/bootstrap.d/30-security.sh @@ -20,7 +20,7 @@ if [ "$ENABLE_ROOT" = true ] ; then chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root if [ "$ENABLE_ROOT_SSH" = true ] ; then - sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETCDIR}/ssh/sshd_config" + sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config" fi else # Set no root password to disable root login diff --git a/bootstrap.d/31-logging.sh b/bootstrap.d/31-logging.sh index 149ab68..4269afc 100644 --- a/bootstrap.d/31-logging.sh +++ b/bootstrap.d/31-logging.sh @@ -7,7 +7,7 @@ # Disable rsyslog if [ "$ENABLE_RSYSLOG" = false ] ; then - sed -i "s|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g" "${ETCDIR}/systemd/journald.conf" + sed -i "s|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g" "${ETC_DIR}/systemd/journald.conf" chroot_exec systemctl disable rsyslog chroot_exec apt-get -qq -y --force-yes purge rsyslog fi diff --git a/bootstrap.d/41-uboot.sh b/bootstrap.d/41-uboot.sh index f7a4faa..5ee0c13 100644 --- a/bootstrap.d/41-uboot.sh +++ b/bootstrap.d/41-uboot.sh @@ -21,47 +21,47 @@ if [ "$ENABLE_UBOOT" = true ] ; then # Copy compiled bootloader binary and set config.txt to load it install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage" - install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOTDIR}/u-boot.bin" - printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOTDIR}/config.txt" + install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin" + printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt" # Install and setup U-Boot command file - install_readonly files/boot/uboot.mkimage "${BOOTDIR}/uboot.mkimage" - printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOTDIR}/uboot.mkimage)" > "${BOOTDIR}/uboot.mkimage" + install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage" + printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage" if [ "$ENABLE_INITRAMFS" = true ] ; then # Convert generated initramfs for U-Boot using mkimage chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot" # Remove original initramfs file - rm -f "${BOOTDIR}/initramfs-${KERNEL_VERSION}" + rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" # Configure U-Boot to load generated initramfs - printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOTDIR}/uboot.mkimage)" > "${BOOTDIR}/uboot.mkimage" - printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOTDIR}/uboot.mkimage" + printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage" + printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage" else # ENABLE_INITRAMFS=false # Remove initramfs from U-Boot mkfile - sed -i '/.*initramfs.*/d' "${BOOTDIR}/uboot.mkimage" + sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage" if [ "$BUILD_KERNEL" = false ] ; then # Remove dtbfile from U-Boot mkfile - sed -i '/.*dtbfile.*/d' "${BOOTDIR}/uboot.mkimage" - printf "\nbootz \${kernel_addr_r}" >> "${BOOTDIR}/uboot.mkimage" + sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage" + printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage" else - printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOTDIR}/uboot.mkimage" + printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage" fi fi - # Set mkfile to use dtb file - sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOTDIR}/uboot.mkimage" + # Set mkfile to use the correct dtb file + sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage" # Set mkfile to use kernel image - sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOTDIR}/uboot.mkimage" + sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage" # Remove all leading blank lines - sed -i "/./,\$!d" "${BOOTDIR}/uboot.mkimage" + sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage" # Generate U-Boot bootloader image - chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n RPi2 -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr + chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr # Remove U-Boot sources rm -fr "${R}/tmp/u-boot" diff --git a/bootstrap.d/50-firstboot.sh b/bootstrap.d/50-firstboot.sh index c2e0909..cc76f34 100644 --- a/bootstrap.d/50-firstboot.sh +++ b/bootstrap.d/50-firstboot.sh @@ -6,44 +6,44 @@ . ./functions.sh # Prepare rc.firstboot script -cat files/firstboot/10-begin.sh > "${ETCDIR}/rc.firstboot" +cat files/firstboot/10-begin.sh > "${ETC_DIR}/rc.firstboot" # Ensure openssh server host keys are regenerated on first boot if [ "$ENABLE_SSHD" = true ] ; then - cat files/firstboot/21-generate-ssh-keys.sh >> "${ETCDIR}/rc.firstboot" + cat files/firstboot/21-generate-ssh-keys.sh >> "${ETC_DIR}/rc.firstboot" fi # Prepare filesystem auto expand if [ "$EXPANDROOT" = true ] ; then if [ "$ENABLE_CRYPTFS" = false ] ; then - cat files/firstboot/22-expandroot.sh >> "${ETCDIR}/rc.firstboot" + cat files/firstboot/22-expandroot.sh >> "${ETC_DIR}/rc.firstboot" else # Regenerate initramfs to remove encrypted root partition auto expand - cat files/firstboot/23-regenerate-initramfs.sh >> "${ETCDIR}/rc.firstboot" + cat files/firstboot/23-regenerate-initramfs.sh >> "${ETC_DIR}/rc.firstboot" fi fi # Ensure that dbus machine-id exists -cat files/firstboot/24-generate-machineid.sh >> "${ETCDIR}/rc.firstboot" +cat files/firstboot/24-generate-machineid.sh >> "${ETC_DIR}/rc.firstboot" # Create /etc/resolv.conf symlink -cat files/firstboot/25-create-resolv-symlink.sh >> "${ETCDIR}/rc.firstboot" +cat files/firstboot/25-create-resolv-symlink.sh >> "${ETC_DIR}/rc.firstboot" # Configure automatic network interface names if [ "$ENABLE_IFNAMES" = true ] ; then - cat files/firstboot/26-config-ifnames.sh >> "${ETCDIR}/rc.firstboot" + cat files/firstboot/26-config-ifnames.sh >> "${ETC_DIR}/rc.firstboot" fi # Finalize rc.firstboot script -cat files/firstboot/99-finish.sh >> "${ETCDIR}/rc.firstboot" -chmod +x "${ETCDIR}/rc.firstboot" +cat files/firstboot/99-finish.sh >> "${ETC_DIR}/rc.firstboot" +chmod +x "${ETC_DIR}/rc.firstboot" # Install default rc.local if it does not exist -if [ ! -f "${ETCDIR}/rc.local" ] ; then - install_exec files/etc/rc.local "${ETCDIR}/rc.local" +if [ ! -f "${ETC_DIR}/rc.local" ] ; then + install_exec files/etc/rc.local "${ETC_DIR}/rc.local" fi # Add rc.firstboot script to rc.local -sed -i '/exit 0/d' "${ETCDIR}/rc.local" -echo /etc/rc.firstboot >> "${ETCDIR}/rc.local" -echo exit 0 >> "${ETCDIR}/rc.local" +sed -i '/exit 0/d' "${ETC_DIR}/rc.local" +echo /etc/rc.firstboot >> "${ETC_DIR}/rc.local" +echo exit 0 >> "${ETC_DIR}/rc.local" diff --git a/bootstrap.d/99-reduce.sh b/bootstrap.d/99-reduce.sh index b5813c9..3965940 100644 --- a/bootstrap.d/99-reduce.sh +++ b/bootstrap.d/99-reduce.sh @@ -10,13 +10,13 @@ if [ "$ENABLE_REDUCE" = true ] ; then if [ "$REDUCE_APT" = true ] ; then # Install dpkg configuration file if [ "$REDUCE_DOC" = true ] || [ "$REDUCE_MAN" = true ] ; then - install_readonly files/dpkg/01nodoc "${ETCDIR}/dpkg/dpkg.cfg.d/01nodoc" + install_readonly files/dpkg/01nodoc "${ETC_DIR}/dpkg/dpkg.cfg.d/01nodoc" fi # Install APT configuration files - install_readonly files/apt/02nocache "${ETCDIR}/apt/apt.conf.d/02nocache" - install_readonly files/apt/03compress "${ETCDIR}/apt/apt.conf.d/03compress" - install_readonly files/apt/04norecommends "${ETCDIR}/apt/apt.conf.d/04norecommends" + install_readonly files/apt/02nocache "${ETC_DIR}/apt/apt.conf.d/02nocache" + install_readonly files/apt/03compress "${ETC_DIR}/apt/apt.conf.d/03compress" + install_readonly files/apt/04norecommends "${ETC_DIR}/apt/apt.conf.d/04norecommends" # Remove APT cache files rm -fr "${R}/var/cache/apt/pkgcache.bin" @@ -62,10 +62,10 @@ if [ "$ENABLE_REDUCE" = true ] ; then # Remove GPU kernels if [ "$ENABLE_MINGPU" = true ] ; then - rm -f "${BOOTDIR}/start.elf" - rm -f "${BOOTDIR}/fixup.dat" - rm -f "${BOOTDIR}/start_x.elf" - rm -f "${BOOTDIR}/fixup_x.dat" + rm -f "${BOOT_DIR}/start.elf" + rm -f "${BOOT_DIR}/fixup.dat" + rm -f "${BOOT_DIR}/start_x.elf" + rm -f "${BOOT_DIR}/fixup_x.dat" fi # Remove kernel and initrd from /boot (already in /boot/firmware) diff --git a/files/boot/uboot.mkimage b/files/boot/uboot.mkimage index 8d02431..6ce6500 100644 --- a/files/boot/uboot.mkimage +++ b/files/boot/uboot.mkimage @@ -1,7 +1,7 @@ # Set device tree fdtfile setenv dtbfile bcm2709-rpi-2-b.dtb -# Tell Linux that it is booting on a Raspberry Pi2 +# Tell Linux that it is booting on a Raspberry Pi2/3 setenv machid 0x00000c42 # Save these changes to u-boot's environment diff --git a/files/locales/locale b/files/locales/locale index 91f267a..acbe6e4 100644 --- a/files/locales/locale +++ b/files/locales/locale @@ -1,3 +1,3 @@ -# File generated by rpi2-gen-image +# File generated by rpi23-gen-image LANG=C LC_ALL=C diff --git a/functions.sh b/functions.sh index f9627cd..4c05259 100644 --- a/functions.sh +++ b/functions.sh @@ -1,4 +1,4 @@ -# This file contains utility functions used by rpi2-gen-image.sh +# This file contains utility functions used by rpi23-gen-image.sh cleanup (){ set +x diff --git a/rpi2-gen-image.sh b/rpi2-gen-image.sh index 2e2a0c8..e66b297 100755 --- a/rpi2-gen-image.sh +++ b/rpi2-gen-image.sh @@ -1,9 +1,9 @@ #!/bin/sh ######################################################################## -# rpi2-gen-image.sh 2015-2016 +# rpi23-gen-image.sh 2015-2016 # -# Advanced Debian "jessie" and "stretch" bootstrap script for RPi2 +# Advanced Debian "jessie" and "stretch" bootstrap script for RPi2/3 # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -32,9 +32,16 @@ fi # Introduce settings set -e -echo -n -e "\n#\n# RPi2 Bootstrap Settings\n#\n" +echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n" set -x +# Raspberry Pi model configuration +RPI_MODEL=${RPI_MODEL:=2} +RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb} +RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig} +RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb} +RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig} + # Debian release RELEASE=${RELEASE:=jessie} KERNEL_ARCH=${KERNEL_ARCH:=arm} @@ -43,13 +50,12 @@ CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-} COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2} KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig} KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img} -DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb} -UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig} QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static} # URLs KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux} FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot} +WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm80211/brcm} COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian} FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git} UBOOT_URL=${UBOOT_URL:=git://git.denx.de/u-boot.git} @@ -60,19 +66,17 @@ BUILDDIR="${BASEDIR}/build" # Chroot directories R="${BUILDDIR}/chroot" -ETCDIR="${R}/etc" -LIBDIR="${R}/lib" -BOOTDIR="${R}/boot/firmware" -KERNELDIR="${R}/usr/src/linux" +ETC_DIR="${R}/etc" +LIB_DIR="${R}/lib" +BOOT_DIR="${R}/boot/firmware" +KERNEL_DIR="${R}/usr/src/linux" +WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm" # Firmware directory: Blank if download from github -FIRMWAREDIR=${FIRMWAREDIR:=""} - -# Packages for gcc/c++ inside the chroot -COMPILER_PACKAGES=${COMPILER_PACKAGES:="linux-compiler-gcc-4.8-arm g++ make bc"} +RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""} # General settings -HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}} +HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}} PASSWORD=${PASSWORD:=raspberry} DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"} TIMEZONE=${TIMEZONE:="Europe/Berlin"} @@ -105,6 +109,7 @@ ENABLE_CONSOLE=${ENABLE_CONSOLE:=true} ENABLE_IPV6=${ENABLE_IPV6:=true} ENABLE_SSHD=${ENABLE_SSHD:=true} ENABLE_NONFREE=${ENABLE_NONFREE:=false} +ENABLE_WIRELESS=${ENABLE_WIRELESS:=false} ENABLE_SOUND=${ENABLE_SOUND:=true} ENABLE_DBUS=${ENABLE_DBUS:=true} ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true} @@ -175,10 +180,34 @@ MISSING_PACKAGES="" set +x -# Build latest RPi2 Linux kernel if required by Debian release -if [ "$RELEASE" = "stretch" ] ; then +# Set Raspberry Pi model specific configuration +if [ "$RPI_MODEL" = 2 ] ; then + DTB_FILE=${RPI2_DTB_FILE} + UBOOT_CONFIG=${RPI2_UBOOT_CONFIG} +elif [ "$RPI_MODEL" = 3 ] ; then + DTB_FILE=${RPI3_DTB_FILE} + UBOOT_CONFIG=${RPI3_UBOOT_CONFIG} BUILD_KERNEL=true - COMPILER_PACKAGES=$(echo $COMPILER_PACKAGES | sed s/-4.8-arm/-5-arm/) +else + echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!" + exit 1 +fi + +# Check if the internal wireless interface is supported by the RPi model +if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" != 3 ] ; then + echo "error: The selected Raspberry Pi model has no internal wireless interface" + exit 1 +fi + +# Set compiler packages and build RPi2/3 Linux kernel if required by Debian release +if [ "$RELEASE" = "jessie" ] ; then + COMPILER_PACKAGES="linux-compiler-gcc-4.8-arm g++ make bc" +elif [ "$RELEASE" = "stretch" ] ; then + COMPILER_PACKAGES="linux-compiler-gcc-5-arm g++ make bc" + BUILD_KERNEL=true +else + echo "error: Debian release ${RELEASE} is not supported!" + exit 1 fi # Add packages required for kernel cross compilation @@ -399,7 +428,7 @@ fi # Generate required machine-id MACHINE_ID=$(dbus-uuidgen) echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id" -echo -n "${MACHINE_ID}" > "${ETCDIR}/machine-id" +echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id" # APT Cleanup chroot_exec apt-get -y clean @@ -415,13 +444,13 @@ rm -rf "${R}/run/*" rm -rf "${R}/tmp/*" # Clean up files -rm -f "${ETCDIR}/ssh/ssh_host_*" -rm -f "${ETCDIR}/dropbear/dropbear_*" -rm -f "${ETCDIR}/apt/sources.list.save" -rm -f "${ETCDIR}/resolvconf/resolv.conf.d/original" -rm -f "${ETCDIR}/*-" -rm -f "${ETCDIR}/apt/apt.conf.d/10proxy" -rm -f "${ETCDIR}/resolv.conf" +rm -f "${ETC_DIR}/ssh/ssh_host_*" +rm -f "${ETC_DIR}/dropbear/dropbear_*" +rm -f "${ETC_DIR}/apt/sources.list.save" +rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original" +rm -f "${ETC_DIR}/*-" +rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy" +rm -f "${ETC_DIR}/resolv.conf" rm -f "${R}/root/.bash_history" rm -f "${R}/var/lib/urandom/random-seed" rm -f "${R}/initrd.img"