From 54acc1e70a3e357d0c60e4d9a9afd99077edce84 2016-03-11 16:44:01 From: Vincent Knecht Date: 2016-03-11 16:44:01 Subject: [PATCH] Added ENABLE_SPLITFS option to create distinct images for firmware and root partitions --- diff --git a/README.md b/README.md index 6378db3..40c68f7 100644 --- a/README.md +++ b/README.md @@ -149,6 +149,9 @@ password, use only in trusted environments. ##### `ENABLE_HARDNET`=false Enable IPv4/IPv6 network stack hardening settings. +##### `ENABLE_SPLITFS`=false +Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`. + ##### `CHROOT_SCRIPTS`="" Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order. @@ -167,3 +170,8 @@ After the image file was successfully created by the `rpi2-gen-image.sh` script bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0 ``` +If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive: +```shell +bmaptool copy ./images/jessie/2015-12-13-debian-jessie-frmw.img /dev/mmcblk0 +bmaptool copy ./images/jessie/2015-12-13-debian-jessie-root.img /dev/sdc +``` diff --git a/rpi2-gen-image.sh b/rpi2-gen-image.sh index 5b61ae2..880afbf 100755 --- a/rpi2-gen-image.sh +++ b/rpi2-gen-image.sh @@ -25,8 +25,8 @@ cleanup (){ umount -l $R/dev/pts 2> /dev/null umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null umount "$BUILDDIR/mount" 2> /dev/null - losetup -d "$EXT4_LOOP" 2> /dev/null - losetup -d "$VFAT_LOOP" 2> /dev/null + losetup -d "$ROOT_LOOP" 2> /dev/null + losetup -d "$FRMW_LOOP" 2> /dev/null trap - 0 1 2 3 6 } @@ -94,6 +94,7 @@ ENABLE_UBOOT=${ENABLE_UBOOT:=false} ENABLE_FBTURBO=${ENABLE_FBTURBO:=false} ENABLE_HARDNET=${ENABLE_HARDNET:=false} ENABLE_IPTABLES=${ENABLE_IPTABLES:=false} +ENABLE_SPLITFS=${ENABLE_SPLITFS:=false} # Image chroot path R=${BUILDDIR}/chroot @@ -408,7 +409,11 @@ else fi # Set up firmware boot cmdline -CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1" +if [ "$ENABLE_SPLITFS" = true ] ; then + CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1" +else + CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1" +fi # Set up serial console support (if requested) if [ "$ENABLE_CONSOLE" = true ] ; then @@ -457,6 +462,9 @@ install -o root -g root -m 644 files/modprobe.d/raspi-blacklist.conf $R/etc/modp # Create default fstab install -o root -g root -m 644 files/fstab $R/etc/fstab +if [ "$ENABLE_SPLITFS" = true ] ; then + sed -i '/mmcblk0p2/sda1/' $R/etc/fstab +fi # Avoid swapping and increase cache sizes install -o root -g root -m 644 files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf @@ -645,8 +653,8 @@ CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`) # Calculate the amount of needed 512 Byte sectors TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512) -BOOT_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512) -ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS}) +FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512) +ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS}) # The root partition is EXT4 # This means more space than the actual used space of the chroot is used. @@ -654,37 +662,63 @@ ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS}) ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512) # Calculate required image size in 512 Byte sectors -IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS} + ${ROOT_SECTORS}) +IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS}) # Prepare date string for image file name DATE="$(date +%Y-%m-%d)" # Prepare image file -dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS} -dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS} +if [ "$ENABLE_SPLITFS" = true ] ; then + dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS} + dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS} + dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS} + dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS} + # Write partition tables + sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" <