From b38cfe8b34fd94d75d54fae798962119da050c0a 2018-11-12 18:00:30 From: burnbabyburn Date: 2018-11-12 18:00:30 Subject: [PATCH] massive refactor and bugfes --- diff --git a/bootstrap.d/11-apt.sh b/bootstrap.d/11-apt.sh index 462d42a..51a810d 100644 --- a/bootstrap.d/11-apt.sh +++ b/bootstrap.d/11-apt.sh @@ -12,41 +12,21 @@ if [ -z "$APT_PROXY" ] ; then fi if [ "$BUILD_KERNEL" = false ] ; then - if [ "$RPI_MODEL" = 2 ] ; then - # Install APT pinning configuration for flash-kernel package - install_readonly files/apt/flash-kernel "${ETC_DIR}/apt/preferences.d/flash-kernel" - - # Install APT sources.list - install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list" - echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETC_DIR}/apt/sources.list" - - # Upgrade collabora package index and install collabora keyring - chroot_exec apt-get -qq -y update - chroot_exec apt-get -qq -y --allow-unauthenticated install collabora-obs-archive-keyring - # if RPI_MODEL = [0] || [1] || [1P] - else - echo "error: ATM there is just a precompiled kernel for model 2"; - # insert apt configuration for precompiled kernel repository for RPI 0,1,1P - fi - + echo "Downloading precompiled kernel" + echo "error: not configured" + exit 1; else # BUILD_KERNEL=true #autconfigure best apt server to not spam ftp.debian.org - rm files/apt/sources.list + #rm files/apt/sources.list #netselect-apt does not know buster yet - if [ "$RELEASE" = "buster" ] ; then - RLS = "testing" + if [ "$RELEASE" = "buster" ] ; then + RELEASE=${RELEASE:=testing} fi - - if [ "$ENABLE_NONFREE" ] ; then - netselect-apt --arch "$RELEASE_ARCH" --sources --nonfree --outfile "${ETC_DIR}/apt/sources.list" -d "$RELEASE" - else - netselect-apt --arch "$RELEASE_ARCH" --sources --nonfree --outfile "${ETC_DIR}/apt/sources.list" -d "$RELEASE" + netselect_string=${netselect_string:=""} + if [ "$ENABLE_NONFREE" = true ] ; then + netselect-apt --arch "$RELEASE_ARCH" --sources "$netselect_string" --outfile "${ETC_DIR}/apt/sources.list" -d "$RLS" fi -fi - -# Allow the installation of non-free Debian packages -if [ "$ENABLE_NONFREE" = true ] ; then - sed -i "s/ contrib/ contrib non-free/" "${ETC_DIR}/apt/sources.list" + netselect-apt --arch "$RELEASE_ARCH" --sources "$netselect_string" --outfile "${ETC_DIR}/apt/sources.list" -d "$RLS" fi # Upgrade package index and update all installed packages and changed dependencies @@ -54,13 +34,13 @@ chroot_exec apt-get -qq -y update chroot_exec apt-get -qq -y -u dist-upgrade if [ "$APT_INCLUDES_LATE" ] ; then - chroot_exec apt-get -qq -y install $(echo $APT_INCLUDES_LATE |tr , ' ') + chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')" fi if [ -d packages ] ; then for package in packages/*.deb ; do - cp $package ${R}/tmp - chroot_exec dpkg --unpack /tmp/$(basename $package) + cp "$package" "${R}"/tmp + chroot_exec dpkg --unpack /tmp/"$(basename "$package")" done fi chroot_exec apt-get -qq -y -f install diff --git a/bootstrap.d/12-locale.sh b/bootstrap.d/12-locale.sh index ac342ef..c626142 100644 --- a/bootstrap.d/12-locale.sh +++ b/bootstrap.d/12-locale.sh @@ -6,11 +6,12 @@ . ./functions.sh # Install and setup timezone -echo ${TIMEZONE} > "${ETC_DIR}/timezone" +echo "${TIMEZONE}" > "${ETC_DIR}/timezone" chroot_exec dpkg-reconfigure -f noninteractive tzdata # Install and setup default locale and keyboard configuration -if [ $(echo "$APT_INCLUDES" | grep ",locales") ] ; then + +if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957 # ... so we have to set locales manually diff --git a/bootstrap.d/13-kernel.sh b/bootstrap.d/13-kernel.sh index c68a6b4..137da83 100644 --- a/bootstrap.d/13-kernel.sh +++ b/bootstrap.d/13-kernel.sh @@ -89,30 +89,30 @@ if [ "$BUILD_KERNEL" = true ] ; then # Set kernel configuration parameters to enable qemu emulation if [ "$ENABLE_QEMU" = true ] ; then - echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config + echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config if [ "$ENABLE_CRYPTFS" = true ] ; then - echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config - fi + echo "CONFIG_EMBEDDED=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_EXPERT=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_DAX=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_MD=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_BLK_DEV_MD=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_MD_AUTODETECT=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_BLK_DEV_DM=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_DM_CRYPT=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_CRYPTO_BLKCIPHER=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_CRYPTO_CBC=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_CRYPTO_XTS=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_CRYPTO_SHA512=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_CRYPTO_MANAGER=y" >> "${KERNEL_DIR}"/.config + fi fi # Copy custom kernel configuration file - if [ ! -z "$KERNELSRC_USRCONFIG" ] ; then - cp $KERNELSRC_USRCONFIG ${KERNEL_DIR}/.config + if [ -n "$KERNELSRC_USRCONFIG" ] ; then + cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config fi # Set kernel configuration parameters to their default values @@ -134,11 +134,11 @@ if [ "$BUILD_KERNEL" = true ] ; then fi # Cross compile kernel and dtbs - make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs + make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs # Cross compile kernel modules - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then - make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then + make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules fi fi @@ -151,16 +151,16 @@ if [ "$BUILD_KERNEL" = true ] ; then # Install kernel modules if [ "$ENABLE_REDUCE" = true ] ; then - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install fi else - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install fi # Install kernel firmware - if [ $(grep "^firmware_install:" "${KERNEL_DIR}/Makefile") ] ; then + if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install fi fi @@ -174,7 +174,7 @@ if [ "$BUILD_KERNEL" = true ] ; then mkdir "${BOOT_DIR}" # Get kernel release version - KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"` + KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release") # Copy kernel configuration file to the boot directory install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}" @@ -223,8 +223,8 @@ if [ "$BUILD_KERNEL" = true ] ; then rm -fr "${KERNEL_DIR}" else # Prepare compiled kernel modules - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then - if [ $(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then + if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare fi @@ -234,37 +234,24 @@ if [ "$BUILD_KERNEL" = true ] ; then fi fi elif [ "$BUILD_KERNEL" = false ] ; then - # Collabora states this kernel is just for RPI 2 so better implement a check. - #From https://repositories.collabora.co.uk/debian/dists/jessie/rpi2/binary-armhf/Packages - #"The Linux kernel "${COLLABORA_KERNEL}" and modules for use on ARMv7 kernel for Raspberry pi 2 model B+" - # nested if to be easily extended for more precompiled kernels - if [ "$SET_ARCH" = 32 ] ; then - if [ "$RPI_MODEL" = 2 ] ; then - # Kernel installation - chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel - - # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot - chroot_exec apt-get -qq -y install flash-kernel - - # Check if kernel installation was successful - VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)" - if [ -z "$VMLINUZ" ] ; then - echo "error: kernel installation failed! (/boot/vmlinuz-* not found)" - cleanup - exit 1 - fi - # Copy vmlinuz kernel to the boot directory - install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}" - fi - if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then - echo "error: no precompiled kernel found" - exit 1 - # insert precompiled Kernel code here - fi - #if [ "$SET_ARCH" = 64 ] + echo " Install precompiled kernel..." + echo "error: not implemented" + # Check if kernel installation was successful + VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)" + if [ -z "$VMLINUZ" ] ; then + echo "error: kernel installation failed! (/boot/vmlinuz-* not found)" + cleanup + exit 1 + fi + # Copy vmlinuz kernel to the boot directory + install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}" + + if [ "$SET_ARCH" = 64 ] ; then + echo "Using precompiled arm64 kernel" else - echo "error: no precompiled 64bit kernel found" + echo "error: no precompiled arm64 (bcmrpi3) kernel found" exit 1 # inset precompiled 64 bit kernel code here fi +#fi build_kernel=true fi diff --git a/bootstrap.d/21-firewall.sh b/bootstrap.d/21-firewall.sh index 1cabec2..4e4de26 100644 --- a/bootstrap.d/21-firewall.sh +++ b/bootstrap.d/21-firewall.sh @@ -8,12 +8,15 @@ if [ "$ENABLE_IPTABLES" = true ] ; then # Create iptables configuration directory mkdir -p "${ETC_DIR}/iptables" - + + #In Jessie iptables is old enough + if ! [ "$RELEASE" = jessie ] ; then # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy - chroot_exec update-alternatives --verbose --set iptables-save /usr/sbin/iptables-legacy-save - chroot_exec update-alternatives --verbose --set iptables-restore /usr/sbin/iptables-legacy-restore - + #chroot_exec update-alternatives --verbose --set iptables-save /usr/sbin/iptables-legacy-save + #chroot_exec update-alternatives --verbose --set iptables-restore /usr/sbin/iptables-legacy-restore + fi + # Install iptables systemd service install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service" diff --git a/files/apt/sources.list b/files/apt/sources.list index ffc2c9b..31c4dbf 100644 --- a/files/apt/sources.list +++ b/files/apt/sources.list @@ -4,5 +4,6 @@ deb http://ftp.debian.org/debian jessie main contrib deb http://ftp.debian.org/debian/ jessie-updates main contrib #deb-src http://ftp.debian.org/debian/ jessie-updates main contrib -deb http://security.debian.org/ jessie/updates main contrib +#deb http://security.debian.org/ jessie/updates main contrib #deb-src http://security.debian.org/ jessie/updates main contrib + diff --git a/rpi23-gen-image.sh b/rpi23-gen-image.sh index db4db2a..7e35325 100755 --- a/rpi23-gen-image.sh +++ b/rpi23-gen-image.sh @@ -1,9 +1,8 @@ -#!/bin/sh - +#!/bin/bash ######################################################################## # rpi23-gen-image.sh 2015-2017 # -# Advanced Debian "jessie", "stretch" and "buster" bootstrap script for RPi2/3 +# Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3 # # This program is free software; you can redistribute it and/or # modify it under the terms of the GNU General Public License @@ -31,7 +30,7 @@ fi . ./functions.sh # Load parameters from configuration template file -if [ ! -z "$CONFIG_TEMPLATE" ] ; then +if [ -n "$CONFIG_TEMPLATE" ] ; then use_template fi @@ -44,7 +43,7 @@ set -x RPI_MODEL=${RPI_MODEL:=2} # Debian release -RELEASE=${RELEASE:=jessie} +RELEASE=${RELEASE:=buster} #Kernel Branch KERNEL_BRANCH=${KERNEL_BRANCH:=""} @@ -53,10 +52,12 @@ KERNEL_BRANCH=${KERNEL_BRANCH:=""} KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux} FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot} WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm} -COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian} FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git} UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git} +# Firmware directory: Blank if download from github +RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""} + # Build directories BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}} BUILDDIR="${BASEDIR}/build" @@ -77,11 +78,8 @@ BOOT_DIR="${R}/boot/firmware" KERNEL_DIR="${R}/usr/src/linux" WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm" -# Firmware directory: Blank if download from github -RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""} - # General settings -SET_ARCH=${SET_ARCH} +SET_ARCH=${SET_ARCH:=32} HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}} PASSWORD=${PASSWORD:=raspberry} USER_PASSWORD=${USER_PASSWORD:=raspberry} @@ -219,18 +217,18 @@ if [ -n "$SET_ARCH" ] ; then RELEASE_ARCH=${RELEASE_ARCH:=arm64} CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-} REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64" - - if ([ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]) ; then + + if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then # RPI 3 serie specific settings DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig} - + KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig} KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img} - else + else echo "error: At the moment Raspberry PI 3 and 3B+ are the only Models which support 64bit" exit 1 - fi + fi fi ################################## @@ -251,42 +249,72 @@ if [ -n "$SET_ARCH" ] ; then RELEASE_ARCH=${RELEASE_ARCH:=armel} KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img} CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-} - fi + fi if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf" KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig} - RELEASE_ARCH=${RELEASE_ARCH:=armhf} + RELEASE_ARCH=${RELEASE_ARCH:=armhf} KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img} CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-} - fi - - #Device specific configuration - case "$RPI_MODEL" in + fi + #Device specific configuration + case "$RPI_MODEL" in 0) - DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb} ;; + DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb} + ;; 1) - DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb} ;; + DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb} + ;; 1P) - DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb} ;; + DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb} + ;; 2) DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb} UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig} - #Precompiled Kernel rpi2 - COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2} - ;; - 3) - DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} - UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_32b_defconfig} - ;; + ;; + 3) + DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} + UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_32b_defconfig} + ;; 3P) - DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} + DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_32b_defconfig} - ;; - *) + ;; + *) echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!" - exit 1 - ;; + exit 1 + ;; esac + + #Device specific configuration +# if [ "$RPI_MODEL" = 0 ] ; then +# DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb} +# fi +# if [ "$RPI_MODEL" = 1 ] ; then +# DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb} +# fi +# if [ "$RPI_MODEL" = 1P ] ; then +# DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb} +# fi +# if [ "$RPI_MODEL" = 2 ] ; then +# DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb} +# UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig} +# #Precompiled Kernel rpi2 +# #COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2} +# fi +# if [ "$RPI_MODEL" = 3 ] ; then +# DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} +# UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_32b_defconfig} +# fi +# if [ "$RPI_MODEL" = 3P ] ; then +# DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb} +# UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_32b_defconfig} +# fi +# if [ -z "$RPI_MODEL" ] ; then +# echo "error: Raspberry Pi model $RPI_MODEL is not set!" +# exit 1 +# fi + #end 32 bit fi #SET_ARCH not set @@ -296,7 +324,7 @@ else fi # Check if the internal wireless interface is supported by the RPi model -if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ]) ; then +if [ "$ENABLE_WIRELESS" = true ] && { [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ] ; } ; then echo "error: The selected Raspberry Pi model has no internal wireless interface" exit 1 else @@ -304,7 +332,7 @@ else fi # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported -if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then +if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported" exit 1 @@ -344,7 +372,7 @@ if [ "$ENABLE_UBOOT" = true ] ; then fi # Check if root SSH (v2) public key file exists -if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then +if [ -n "$SSH_ROOT_PUB_KEY" ] ; then if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!" exit 1 @@ -352,7 +380,7 @@ if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then fi # Check if $USER_NAME SSH (v2) public key file exists -if [ ! -z "$SSH_USER_PUB_KEY" ] ; then +if [ -n "$SSH_USER_PUB_KEY" ] ; then if [ ! -f "$SSH_USER_PUB_KEY" ] ; then echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!" exit 1 @@ -361,7 +389,7 @@ fi # Check if all required packages are installed on the build system for package in $REQUIRED_PACKAGES ; do - if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then + if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then MISSING_PACKAGES="${MISSING_PACKAGES} $package" fi done @@ -371,12 +399,12 @@ if [ -n "$MISSING_PACKAGES" ] ; then echo "the following packages needed by this script are not installed:" echo "$MISSING_PACKAGES" - echo -n "\ndo you want to install the missing packages right now? [y/n] " - read confirm + printf "\ndo you want to install the missing packages right now? [y/n] " + read -r confirm [ "$confirm" != "y" ] && exit 1 # Make sure all missing required packages are installed - apt-get -qq -y install ${MISSING_PACKAGES} + apt-get -qq -y install "${MISSING_PACKAGES}" fi # Check if ./bootstrap.d directory exists @@ -447,7 +475,7 @@ if [ "$ENABLE_MINBASE" = true ] ; then fi # Add required locales packages -if [ "$DEFLOCAL" != "en_US.UTF-8" ] || ([ -n XKB_MODEL ] || [ -n XKB_LAYOUT ] || [ -n XKB_VARIANT ] || [ -n XKB_OPTIONS ]); then +if [ "$DEFLOCAL" != "en_US.UTF-8" ] || { [ -n "$XKB_MODEL" ] || [ -n "$XKB_LAYOUT" ] || [ -n "$XKB_VARIANT" ] || [ -n "$XKB_OPTIONS" ] ; } ; then APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup" fi @@ -509,15 +537,10 @@ if [ "$ENABLE_REDUCE" = true ] ; then # Add dropbear package instead of openssh-server if [ "$REDUCE_SSHD" = true ] ; then - APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")" + APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")" fi fi -#backwards compability to jessie - untested -if [ "$RELEASE" != "jessie" ] ; then - APT_INCLUDES="${APT_INCLUDES},libnss-systemd" -fi - # Configure kernel sources if no KERNELSRC_DIR if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then KERNELSRC_CONFIG=true @@ -557,11 +580,6 @@ fi # Remove c/c++ build environment from the chroot chroot_remove_cc -# Remove apt-utils -if [ "$RELEASE" = "jessie" ] ; then - chroot_exec apt-get purge -qq -y --force-yes apt-utils -fi - # Generate required machine-id MACHINE_ID=$(dbus-uuidgen) echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id" @@ -651,54 +669,54 @@ if [ "$ENABLE_QEMU" = true ] ; then fi # Calculate size of the chroot directory in KB -CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`) +CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')") # Calculate the amount of needed 512 Byte sectors TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512) FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512) -ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS}) +ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}") # The root partition is EXT4 # This means more space than the actual used space of the chroot is used. # As overhead for journaling and reserved blocks 35% are added. -ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 35) \* 1024 \/ 512) +ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512) # Calculate required image size in 512 Byte sectors -IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS}) +IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}") # Prepare image file if [ "$ENABLE_SPLITFS" = true ] ; then - dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=${TABLE_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=${TABLE_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek=${ROOT_SECTORS} + dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}" # Write firmware/boot partition tables sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null < /dev/null < /dev/null < .password + echo -n "${CRYPTFS_PASSWORD}" > .password # Initialize encrypted partition echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password @@ -723,7 +741,7 @@ if [ "$ENABLE_CRYPTFS" = true ] ; then ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}" # Wipe encrypted partition (encryption cipher is used for randomness) - dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count=$(blockdev --getsz "${ROOT_LOOP}") + dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")" fi # Build filesystems @@ -750,22 +768,22 @@ if [ "$ENABLE_SPLITFS" = true ] ; then bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img" # Image was successfully created - echo "$IMAGE_NAME-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" - echo "$IMAGE_NAME-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" + echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" + echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" else # Create block map file for "bmaptool" bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img" # Image was successfully created - echo "$IMAGE_NAME.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" + echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created" # Create qemu qcow2 image if [ "$ENABLE_QEMU" = true ] ; then QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}} QEMU_SIZE=16G - qemu-img convert -f raw -O qcow2 $IMAGE_NAME.img $QEMU_IMAGE.qcow2 - qemu-img resize $QEMU_IMAGE.qcow2 $QEMU_SIZE + qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2 + qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created" fi