##// END OF EJS Templates
Merge pull request #4 from drtyhlpr/master...
burnbabyburn -
r363:0f037155f0ec Fusion
parent child
Show More
@@ -0,0 +1,33
1 #
2 # Setup videocore - Raspberry Userland
3 #
4
5 # Load utility functions
6 . ./functions.sh
7
8 if [ "$ENABLE_VIDEOCORE" = true ] ; then
9 # Copy existing videocore sources into chroot directory
10 if [ -n "$VIDEOCORESRC_DIR" ] && [ -d "$VIDEOCORESRC_DIR" ] ; then
11 # Copy local U-Boot sources
12 cp -r "${VIDEOCORESRC_DIR}" "${R}/tmp"
13 else
14 # Create temporary directory for U-Boot sources
15 temp_dir=$(as_nobody mktemp -d)
16
17 # Fetch U-Boot sources
18 as_nobody git -C "${temp_dir}" clone "${VIDEOCORE_URL}"
19
20 # Copy downloaded U-Boot sources
21 mv "${temp_dir}/userland" "${R}/tmp/"
22
23 # Set permissions of the U-Boot sources
24 chown -R root:root "${R}/tmp/userland"
25
26 # Remove temporary directory for U-Boot sources
27 rm -fr "${temp_dir}"
28 fi
29
30 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DVIDEOCORE_BUILD_DIR="${R}"/opt/vc
31 make -j "$(nproc)"
32 chroot_exec PATH="${PATH}":/opt/vc/bin
33 fi
@@ -1,493 +1,499
1 # rpi23-gen-image
1 # rpi23-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `jessie`, `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `jessie`, `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9
9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
11
11
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `jessie` and `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `jessie` and `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13
13
14 If a Debian Linux `jessie` build system is used it will be required to add the [Debian Cross-toolchains repository](http://emdebian.org/tools/debian/) first:
14 If a Debian Linux `jessie` build system is used it will be required to add the [Debian Cross-toolchains repository](http://emdebian.org/tools/debian/) first:
15
15
16 ```
16 ```
17 echo "deb http://emdebian.org/tools/debian/ jessie main" > /etc/apt/sources.list.d/crosstools.list
17 echo "deb http://emdebian.org/tools/debian/ jessie main" > /etc/apt/sources.list.d/crosstools.list
18 sudo -u nobody wget -O - http://emdebian.org/tools/debian/emdebian-toolchain-archive.key | apt-key add -
18 sudo -u nobody wget -O - http://emdebian.org/tools/debian/emdebian-toolchain-archive.key | apt-key add -
19 dpkg --add-architecture armhf
19 dpkg --add-architecture armhf
20 apt-get update
20 apt-get update
21 ```
21 ```
22
22
23 ## Command-line parameters
23 ## Command-line parameters
24 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
24 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
25
25
26 ##### Command-line examples:
26 ##### Command-line examples:
27 ```shell
27 ```shell
28 ENABLE_UBOOT=true ./rpi23-gen-image.sh
28 ENABLE_UBOOT=true ./rpi23-gen-image.sh
29 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
29 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
30 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
30 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
31 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
31 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
32 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
32 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
33 ENABLE_MINBASE=true ./rpi23-gen-image.sh
33 ENABLE_MINBASE=true ./rpi23-gen-image.sh
34 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
34 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
35 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
35 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
36 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
36 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
37 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
37 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
38 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
38 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
39 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
39 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
40 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
40 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
41 ```
41 ```
42
42
43 ## Configuration template files
43 ## Configuration template files
44 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
44 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
45
45
46 ##### Command-line examples:
46 ##### Command-line examples:
47 ```shell
47 ```shell
48 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
48 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
49 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
49 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
50 ```
50 ```
51
51
52 ## Supported parameters and settings
52 ## Supported parameters and settings
53 #### APT settings:
53 #### APT settings:
54 ##### `APT_SERVER`="ftp.debian.org"
54 ##### `APT_SERVER`="ftp.debian.org"
55 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
55 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
56
56
57 ##### `APT_PROXY`=""
57 ##### `APT_PROXY`=""
58 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
58 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
59
59
60 ##### `APT_INCLUDES`=""
60 ##### `APT_INCLUDES`=""
61 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
61 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
62
62
63 ##### `APT_INCLUDES_LATE`=""
63 ##### `APT_INCLUDES_LATE`=""
64 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
64 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
65
65
66 ---
66 ---
67
67
68 #### General system settings:
68 #### General system settings:
69 ##### `RPI_MODEL`=2
69 ##### `RPI_MODEL`=2
70 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
70 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
71 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
71 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
72 `1` = Used for Pi 1 model A and B
72 `1` = Used for Pi 1 model A and B
73 `1P` = Used for Pi 1 model B+ and A+
73 `1P` = Used for Pi 1 model B+ and A+
74 `2` = Used for Pi 2 model B
74 `2` = Used for Pi 2 model B
75 `3` = Used for Pi 3 model B
75 `3` = Used for Pi 3 model B
76 `3P` = Used for Pi 3 model B+
76 `3P` = Used for Pi 3 model B+
77 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
77 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
78
78
79 ##### `RELEASE`="jessie"
79 ##### `RELEASE`="jessie"
80 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie", "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
80 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "jessie", "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
81
81
82 ##### `RELEASE_ARCH`="armhf"
82 ##### `RELEASE_ARCH`="armhf"
83 Set the desired Debian release architecture.
83 Set the desired Debian release architecture.
84
84
85 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
85 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
86 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
86 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
87
87
88 ##### `PASSWORD`="raspberry"
88 ##### `PASSWORD`="raspberry"
89 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
89 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
90
90
91 ##### `USER_PASSWORD`="raspberry"
91 ##### `USER_PASSWORD`="raspberry"
92 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
92 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
93
93
94 ##### `DEFLOCAL`="en_US.UTF-8"
94 ##### `DEFLOCAL`="en_US.UTF-8"
95 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
95 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
96
96
97 ##### `TIMEZONE`="Europe/Berlin"
97 ##### `TIMEZONE`="Europe/Berlin"
98 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
98 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
99
99
100 ##### `EXPANDROOT`=true
100 ##### `EXPANDROOT`=true
101 Expand the root partition and filesystem automatically on first boot.
101 Expand the root partition and filesystem automatically on first boot.
102
102
103 ##### `ENABLE_QEMU`=false
103 ##### `ENABLE_QEMU`=false
104 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
104 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
105
105
106 ---
106 ---
107
107
108 #### Keyboard settings:
108 #### Keyboard settings:
109 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
109 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
110
110
111 ##### `XKB_MODEL`=""
111 ##### `XKB_MODEL`=""
112 Set the name of the model of your keyboard type.
112 Set the name of the model of your keyboard type.
113
113
114 ##### `XKB_LAYOUT`=""
114 ##### `XKB_LAYOUT`=""
115 Set the supported keyboard layout(s).
115 Set the supported keyboard layout(s).
116
116
117 ##### `XKB_VARIANT`=""
117 ##### `XKB_VARIANT`=""
118 Set the supported variant(s) of the keyboard layout(s).
118 Set the supported variant(s) of the keyboard layout(s).
119
119
120 ##### `XKB_OPTIONS`=""
120 ##### `XKB_OPTIONS`=""
121 Set extra xkb configuration options.
121 Set extra xkb configuration options.
122
122
123 ---
123 ---
124
124
125 #### Networking settings (DHCP):
125 #### Networking settings (DHCP):
126 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
126 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
127
127
128 ##### `ENABLE_DHCP`=true
128 ##### `ENABLE_DHCP`=true
129 Set the system to use DHCP. This requires an DHCP server.
129 Set the system to use DHCP. This requires an DHCP server.
130
130
131 ---
131 ---
132
132
133 #### Networking settings (static):
133 #### Networking settings (static):
134 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
134 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
135
135
136 ##### `NET_ADDRESS`=""
136 ##### `NET_ADDRESS`=""
137 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
137 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
138
138
139 ##### `NET_GATEWAY`=""
139 ##### `NET_GATEWAY`=""
140 Set the IP address for the default gateway.
140 Set the IP address for the default gateway.
141
141
142 ##### `NET_DNS_1`=""
142 ##### `NET_DNS_1`=""
143 Set the IP address for the first DNS server.
143 Set the IP address for the first DNS server.
144
144
145 ##### `NET_DNS_2`=""
145 ##### `NET_DNS_2`=""
146 Set the IP address for the second DNS server.
146 Set the IP address for the second DNS server.
147
147
148 ##### `NET_DNS_DOMAINS`=""
148 ##### `NET_DNS_DOMAINS`=""
149 Set the default DNS search domains to use for non fully qualified host names.
149 Set the default DNS search domains to use for non fully qualified host names.
150
150
151 ##### `NET_NTP_1`=""
151 ##### `NET_NTP_1`=""
152 Set the IP address for the first NTP server.
152 Set the IP address for the first NTP server.
153
153
154 ##### `NET_NTP_2`=""
154 ##### `NET_NTP_2`=""
155 Set the IP address for the second NTP server.
155 Set the IP address for the second NTP server.
156
156
157 ---
157 ---
158
158
159 #### Basic system features:
159 #### Basic system features:
160 ##### `ENABLE_CONSOLE`=true
160 ##### `ENABLE_CONSOLE`=true
161 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
161 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
162
162
163 ##### `ENABLE_I2C`=false
163 ##### `ENABLE_I2C`=false
164 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
164 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
165
165
166 ##### `ENABLE_SPI`=false
166 ##### `ENABLE_SPI`=false
167 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
167 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
168
168
169 ##### `ENABLE_IPV6`=true
169 ##### `ENABLE_IPV6`=true
170 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
170 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
171
171
172 ##### `ENABLE_SSHD`=true
172 ##### `ENABLE_SSHD`=true
173 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
173 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
174
174
175 ##### `ENABLE_NONFREE`=false
175 ##### `ENABLE_NONFREE`=false
176 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
176 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
177
177
178 ##### `ENABLE_WIRELESS`=false
178 ##### `ENABLE_WIRELESS`=false
179 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
179 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
180
180
181 ##### `ENABLE_RSYSLOG`=true
181 ##### `ENABLE_RSYSLOG`=true
182 If set to false, disable and uninstall rsyslog (so logs will be available only
182 If set to false, disable and uninstall rsyslog (so logs will be available only
183 in journal files)
183 in journal files)
184
184
185 ##### `ENABLE_SOUND`=true
185 ##### `ENABLE_SOUND`=true
186 Enable sound hardware and install Advanced Linux Sound Architecture.
186 Enable sound hardware and install Advanced Linux Sound Architecture.
187
187
188 ##### `ENABLE_HWRANDOM`=true
188 ##### `ENABLE_HWRANDOM`=true
189 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
189 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
190
190
191 ##### `ENABLE_MINGPU`=false
191 ##### `ENABLE_MINGPU`=false
192 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
192 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
193
193
194 ##### `ENABLE_DBUS`=true
194 ##### `ENABLE_DBUS`=true
195 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
195 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
196
196
197 ##### `ENABLE_XORG`=false
197 ##### `ENABLE_XORG`=false
198 Install Xorg open-source X Window System.
198 Install Xorg open-source X Window System.
199
199
200 ##### `ENABLE_WM`=""
200 ##### `ENABLE_WM`=""
201 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
201 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
202
202
203 ##### `ENABLE_SYSVINIT`=false
203 ##### `ENABLE_SYSVINIT`=false
204 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
204 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
205
205
206 ---
206 ---
207
207
208 #### Advanced system features:
208 #### Advanced system features:
209 ##### `ENABLE_MINBASE`=false
209 ##### `ENABLE_MINBASE`=false
210 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
210 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
211
211
212 ##### `ENABLE_REDUCE`=false
212 ##### `ENABLE_REDUCE`=false
213 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
213 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
214
214
215 ##### `ENABLE_UBOOT`=false
215 ##### `ENABLE_UBOOT`=false
216 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
216 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
217
217
218 ##### `UBOOTSRC_DIR`=""
218 ##### `UBOOTSRC_DIR`=""
219 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
219 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
220
220
221 ##### `ENABLE_FBTURBO`=false
221 ##### `ENABLE_FBTURBO`=false
222 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
222 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
223
223
224 ##### `FBTURBOSRC_DIR`=""
224 ##### `FBTURBOSRC_DIR`=""
225 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
225 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
226
226
227 ##### `ENABLE_VIDEOCORE`=false
228 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
229
230 ##### `VIDEOCORESRC_DIR`=""
231 Path to a directory (`userland`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
232
227 ##### `ENABLE_IPTABLES`=false
233 ##### `ENABLE_IPTABLES`=false
228 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
234 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
229
235
230 ##### `ENABLE_USER`=true
236 ##### `ENABLE_USER`=true
231 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
237 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
232
238
233 ##### `USER_NAME`=pi
239 ##### `USER_NAME`=pi
234 Non-root user to create. Ignored if `ENABLE_USER`=false
240 Non-root user to create. Ignored if `ENABLE_USER`=false
235
241
236 ##### `ENABLE_ROOT`=false
242 ##### `ENABLE_ROOT`=false
237 Set root user password so root login will be enabled
243 Set root user password so root login will be enabled
238
244
239 ##### `ENABLE_HARDNET`=false
245 ##### `ENABLE_HARDNET`=false
240 Enable IPv4/IPv6 network stack hardening settings.
246 Enable IPv4/IPv6 network stack hardening settings.
241
247
242 ##### `ENABLE_SPLITFS`=false
248 ##### `ENABLE_SPLITFS`=false
243 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
249 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
244
250
245 ##### `CHROOT_SCRIPTS`=""
251 ##### `CHROOT_SCRIPTS`=""
246 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
252 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
247
253
248 ##### `ENABLE_INITRAMFS`=false
254 ##### `ENABLE_INITRAMFS`=false
249 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
255 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
250
256
251 ##### `ENABLE_IFNAMES`=true
257 ##### `ENABLE_IFNAMES`=true
252 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian releases `stretch` or `buster` are used.
258 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian releases `stretch` or `buster` are used.
253
259
254 ##### `DISABLE_UNDERVOLT_WARNINGS`=
260 ##### `DISABLE_UNDERVOLT_WARNINGS`=
255 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
261 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
256
262
257 ---
263 ---
258
264
259 #### SSH settings:
265 #### SSH settings:
260 ##### `SSH_ENABLE_ROOT`=false
266 ##### `SSH_ENABLE_ROOT`=false
261 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
267 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
262
268
263 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
269 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
264 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
270 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
265
271
266 ##### `SSH_LIMIT_USERS`=false
272 ##### `SSH_LIMIT_USERS`=false
267 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
273 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
268
274
269 ##### `SSH_ROOT_PUB_KEY`=""
275 ##### `SSH_ROOT_PUB_KEY`=""
270 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
276 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
271
277
272 ##### `SSH_USER_PUB_KEY`=""
278 ##### `SSH_USER_PUB_KEY`=""
273 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
279 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
274
280
275 ---
281 ---
276
282
277 #### Kernel compilation:
283 #### Kernel compilation:
278 ##### `BUILD_KERNEL`=false
284 ##### `BUILD_KERNEL`=false
279 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
285 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
280
286
281 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
287 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
282 This sets the cross compile enviornment for the compiler.
288 This sets the cross compile enviornment for the compiler.
283
289
284 ##### `KERNEL_ARCH`="arm"
290 ##### `KERNEL_ARCH`="arm"
285 This sets the kernel architecture for the compiler.
291 This sets the kernel architecture for the compiler.
286
292
287 ##### `KERNEL_IMAGE`="kernel7.img"
293 ##### `KERNEL_IMAGE`="kernel7.img"
288 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
294 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
289
295
290 ##### `KERNEL_BRANCH`=""
296 ##### `KERNEL_BRANCH`=""
291 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
297 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
292
298
293 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
299 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
294 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
300 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
295
301
296 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
302 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
297 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
303 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
298
304
299 ##### `KERNEL_REDUCE`=false
305 ##### `KERNEL_REDUCE`=false
300 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
306 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
301
307
302 ##### `KERNEL_THREADS`=1
308 ##### `KERNEL_THREADS`=1
303 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
309 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
304
310
305 ##### `KERNEL_HEADERS`=true
311 ##### `KERNEL_HEADERS`=true
306 Install kernel headers with built kernel.
312 Install kernel headers with built kernel.
307
313
308 ##### `KERNEL_MENUCONFIG`=false
314 ##### `KERNEL_MENUCONFIG`=false
309 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
315 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
310
316
311 ##### `KERNEL_OLDDEFCONFIG`=false
317 ##### `KERNEL_OLDDEFCONFIG`=false
312 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
318 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
313
319
314 ##### `KERNEL_CCACHE`=false
320 ##### `KERNEL_CCACHE`=false
315 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
321 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
316
322
317 ##### `KERNEL_REMOVESRC`=true
323 ##### `KERNEL_REMOVESRC`=true
318 Remove all kernel sources from the generated OS image after it was built and installed.
324 Remove all kernel sources from the generated OS image after it was built and installed.
319
325
320 ##### `KERNELSRC_DIR`=""
326 ##### `KERNELSRC_DIR`=""
321 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
327 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
322
328
323 ##### `KERNELSRC_CLEAN`=false
329 ##### `KERNELSRC_CLEAN`=false
324 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
330 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
325
331
326 ##### `KERNELSRC_CONFIG`=true
332 ##### `KERNELSRC_CONFIG`=true
327 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
333 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
328
334
329 ##### `KERNELSRC_USRCONFIG`=""
335 ##### `KERNELSRC_USRCONFIG`=""
330 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
336 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
331
337
332 ##### `KERNELSRC_PREBUILT`=false
338 ##### `KERNELSRC_PREBUILT`=false
333 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
339 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
334
340
335 ##### `RPI_FIRMWARE_DIR`=""
341 ##### `RPI_FIRMWARE_DIR`=""
336 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
342 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
337
343
338 ---
344 ---
339
345
340 #### Reduce disk usage:
346 #### Reduce disk usage:
341 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
347 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
342
348
343 ##### `REDUCE_APT`=true
349 ##### `REDUCE_APT`=true
344 Configure APT to use compressed package repository lists and no package caching files.
350 Configure APT to use compressed package repository lists and no package caching files.
345
351
346 ##### `REDUCE_DOC`=true
352 ##### `REDUCE_DOC`=true
347 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
353 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
348
354
349 ##### `REDUCE_MAN`=true
355 ##### `REDUCE_MAN`=true
350 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
356 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
351
357
352 ##### `REDUCE_VIM`=false
358 ##### `REDUCE_VIM`=false
353 Replace `vim-tiny` package by `levee` a tiny vim clone.
359 Replace `vim-tiny` package by `levee` a tiny vim clone.
354
360
355 ##### `REDUCE_BASH`=false
361 ##### `REDUCE_BASH`=false
356 Remove `bash` package and switch to `dash` shell (experimental).
362 Remove `bash` package and switch to `dash` shell (experimental).
357
363
358 ##### `REDUCE_HWDB`=true
364 ##### `REDUCE_HWDB`=true
359 Remove PCI related hwdb files (experimental).
365 Remove PCI related hwdb files (experimental).
360
366
361 ##### `REDUCE_SSHD`=true
367 ##### `REDUCE_SSHD`=true
362 Replace `openssh-server` with `dropbear`.
368 Replace `openssh-server` with `dropbear`.
363
369
364 ##### `REDUCE_LOCALE`=true
370 ##### `REDUCE_LOCALE`=true
365 Remove all `locale` translation files.
371 Remove all `locale` translation files.
366
372
367 ---
373 ---
368
374
369 #### Encrypted root partition:
375 #### Encrypted root partition:
370 ##### `ENABLE_CRYPTFS`=false
376 ##### `ENABLE_CRYPTFS`=false
371 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
377 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
372
378
373 ##### `CRYPTFS_PASSWORD`=""
379 ##### `CRYPTFS_PASSWORD`=""
374 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
380 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
375
381
376 ##### `CRYPTFS_MAPPING`="secure"
382 ##### `CRYPTFS_MAPPING`="secure"
377 Set name of dm-crypt managed device-mapper mapping.
383 Set name of dm-crypt managed device-mapper mapping.
378
384
379 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
385 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
380 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
386 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
381
387
382 ##### `CRYPTFS_XTSKEYSIZE`=512
388 ##### `CRYPTFS_XTSKEYSIZE`=512
383 Sets key size in bits. The argument has to be a multiple of 8.
389 Sets key size in bits. The argument has to be a multiple of 8.
384
390
385 ---
391 ---
386
392
387 #### Build settings:
393 #### Build settings:
388 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
394 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
389 Set a path to a working directory used by the script to generate an image.
395 Set a path to a working directory used by the script to generate an image.
390
396
391 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
397 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
392 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
398 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
393
399
394 ## Understanding the script
400 ## Understanding the script
395 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
401 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
396
402
397 | Script | Description |
403 | Script | Description |
398 | --- | --- |
404 | --- | --- |
399 | `10-bootstrap.sh` | Debootstrap basic system |
405 | `10-bootstrap.sh` | Debootstrap basic system |
400 | `11-apt.sh` | Setup APT repositories |
406 | `11-apt.sh` | Setup APT repositories |
401 | `12-locale.sh` | Setup Locales and keyboard settings |
407 | `12-locale.sh` | Setup Locales and keyboard settings |
402 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
408 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
403 | `14-fstab.sh` | Setup fstab and initramfs |
409 | `14-fstab.sh` | Setup fstab and initramfs |
404 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
410 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
405 | `20-networking.sh` | Setup Networking |
411 | `20-networking.sh` | Setup Networking |
406 | `21-firewall.sh` | Setup Firewall |
412 | `21-firewall.sh` | Setup Firewall |
407 | `30-security.sh` | Setup Users and Security settings |
413 | `30-security.sh` | Setup Users and Security settings |
408 | `31-logging.sh` | Setup Logging |
414 | `31-logging.sh` | Setup Logging |
409 | `32-sshd.sh` | Setup SSH and public keys |
415 | `32-sshd.sh` | Setup SSH and public keys |
410 | `41-uboot.sh` | Build and Setup U-Boot |
416 | `41-uboot.sh` | Build and Setup U-Boot |
411 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
417 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
412 | `50-firstboot.sh` | First boot actions |
418 | `50-firstboot.sh` | First boot actions |
413 | `99-reduce.sh` | Reduce the disk space usage |
419 | `99-reduce.sh` | Reduce the disk space usage |
414
420
415 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
421 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
416
422
417 | Directory | Description |
423 | Directory | Description |
418 | --- | --- |
424 | --- | --- |
419 | `apt` | APT management configuration files |
425 | `apt` | APT management configuration files |
420 | `boot` | Boot and RPi2/3 configuration files |
426 | `boot` | Boot and RPi2/3 configuration files |
421 | `dpkg` | Package Manager configuration |
427 | `dpkg` | Package Manager configuration |
422 | `etc` | Configuration files and rc scripts |
428 | `etc` | Configuration files and rc scripts |
423 | `firstboot` | Scripts that get executed on first boot |
429 | `firstboot` | Scripts that get executed on first boot |
424 | `initramfs` | Initramfs scripts |
430 | `initramfs` | Initramfs scripts |
425 | `iptables` | Firewall configuration files |
431 | `iptables` | Firewall configuration files |
426 | `locales` | Locales configuration |
432 | `locales` | Locales configuration |
427 | `modules` | Kernel Modules configuration |
433 | `modules` | Kernel Modules configuration |
428 | `mount` | Fstab configuration |
434 | `mount` | Fstab configuration |
429 | `network` | Networking configuration files |
435 | `network` | Networking configuration files |
430 | `sysctl.d` | Swapping and Network Hardening configuration |
436 | `sysctl.d` | Swapping and Network Hardening configuration |
431 | `xorg` | fbturbo Xorg driver configuration |
437 | `xorg` | fbturbo Xorg driver configuration |
432
438
433 ## Custom packages and scripts
439 ## Custom packages and scripts
434 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
440 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
435
441
436 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
442 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
437
443
438 ## Logging of the bootstrapping process
444 ## Logging of the bootstrapping process
439 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
445 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
440
446
441 ```shell
447 ```shell
442 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
448 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
443 ```
449 ```
444
450
445 ## Flashing the image file
451 ## Flashing the image file
446 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
452 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
447
453
448 ##### Flashing examples:
454 ##### Flashing examples:
449 ```shell
455 ```shell
450 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie.img /dev/mmcblk0
456 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie.img /dev/mmcblk0
451 dd bs=4M if=./images/jessie/2017-01-23-rpi3-jessie.img of=/dev/mmcblk0
457 dd bs=4M if=./images/jessie/2017-01-23-rpi3-jessie.img of=/dev/mmcblk0
452 ```
458 ```
453 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
459 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
454 ```shell
460 ```shell
455 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
461 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
456 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
462 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
457 ```
463 ```
458
464
459 ## QEMU emulation
465 ## QEMU emulation
460 Start QEMU full system emulation:
466 Start QEMU full system emulation:
461 ```shell
467 ```shell
462 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
468 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
463 ```
469 ```
464
470
465 Start QEMU full system emulation and output to console:
471 Start QEMU full system emulation and output to console:
466 ```shell
472 ```shell
467 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
473 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
468 ```
474 ```
469
475
470 Start QEMU full system emulation with SMP and output to console:
476 Start QEMU full system emulation with SMP and output to console:
471 ```shell
477 ```shell
472 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
478 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
473 ```
479 ```
474
480
475 Start QEMU full system emulation with cryptfs, initramfs and output to console:
481 Start QEMU full system emulation with cryptfs, initramfs and output to console:
476 ```shell
482 ```shell
477 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
483 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
478 ```
484 ```
479
485
480 ## Weekly image builds
486 ## Weekly image builds
481 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
487 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
482 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
488 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
483
489
484 ## External links and references
490 ## External links and references
485 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
491 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
486 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
492 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
487 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
493 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
488 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
494 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
489 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
495 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
490 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
496 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
491 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
497 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
492 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
498 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
493 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
499 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,41 +1,41
1 #
1 #
2 # Debootstrap basic system
2 # Debootstrap basic system
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 VARIANT=""
8 VARIANT=""
9 COMPONENTS="main"
9 COMPONENTS="main"
10
10
11 # Use non-free Debian packages if needed
11 # Use non-free Debian packages if needed
12 if [ "$ENABLE_NONFREE" = true ] ; then
12 if [ "$ENABLE_NONFREE" = true ] ; then
13 COMPONENTS="main,non-free,contrib"
13 COMPONENTS="main,non-free,contrib"
14 fi
14 fi
15
15
16 # Use minbase bootstrap variant which only includes essential packages
16 # Use minbase bootstrap variant which only includes essential packages
17 if [ "$ENABLE_MINBASE" = true ] ; then
17 if [ "$ENABLE_MINBASE" = true ] ; then
18 VARIANT="--variant=minbase"
18 VARIANT="--variant=minbase"
19 fi
19 fi
20
20
21 # Base debootstrap (unpack only)
21 # Base debootstrap (unpack only)
22 http_proxy=${APT_PROXY} debootstrap ${APT_EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
22 http_proxy=${APT_PROXY} debootstrap "${APT_EXCLUDES}" --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
23
23
24 # Copy qemu emulator binary to chroot
24 # Copy qemu emulator binary to chroot
25 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
25 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
26
26
27 # Copy debian-archive-keyring.pgp
27 # Copy debian-archive-keyring.pgp
28 mkdir -p "${R}/usr/share/keyrings"
28 mkdir -p "${R}/usr/share/keyrings"
29 install_readonly /usr/share/keyrings/debian-archive-keyring.gpg "${R}/usr/share/keyrings/debian-archive-keyring.gpg"
29 install_readonly /usr/share/keyrings/debian-archive-keyring.gpg "${R}/usr/share/keyrings/debian-archive-keyring.gpg"
30
30
31 # Complete the bootstrapping process
31 # Complete the bootstrapping process
32 chroot_exec /debootstrap/debootstrap --second-stage
32 chroot_exec /debootstrap/debootstrap --second-stage
33
33
34 # Mount required filesystems
34 # Mount required filesystems
35 mount -t proc none "${R}/proc"
35 mount -t proc none "${R}/proc"
36 mount -t sysfs none "${R}/sys"
36 mount -t sysfs none "${R}/sys"
37
37
38 # Mount pseudo terminal slave if supported by Debian release
38 # Mount pseudo terminal slave if supported by Debian release
39 if [ -d "${R}/dev/pts" ] ; then
39 if [ -d "${R}/dev/pts" ] ; then
40 mount --bind /dev/pts "${R}/dev/pts"
40 mount --bind /dev/pts "${R}/dev/pts"
41 fi
41 fi
@@ -1,55 +1,55
1 #
1 #
2 # Setup APT repositories
2 # Setup APT repositories
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Install and setup APT proxy configuration
8 # Install and setup APT proxy configuration
9 if [ -z "$APT_PROXY" ] ; then
9 if [ -z "$APT_PROXY" ] ; then
10 install_readonly files/apt/10proxy "${ETC_DIR}/apt/apt.conf.d/10proxy"
10 install_readonly files/apt/10proxy "${ETC_DIR}/apt/apt.conf.d/10proxy"
11 sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy"
11 sed -i "s/\"\"/\"${APT_PROXY}\"/" "${ETC_DIR}/apt/apt.conf.d/10proxy"
12 fi
12 fi
13
13
14 if [ "$BUILD_KERNEL" = false ] ; then
14 if [ "$BUILD_KERNEL" = false ] ; then
15 # Install APT pinning configuration for flash-kernel package
15 # Install APT pinning configuration for flash-kernel package
16 install_readonly files/apt/flash-kernel "${ETC_DIR}/apt/preferences.d/flash-kernel"
16 install_readonly files/apt/flash-kernel "${ETC_DIR}/apt/preferences.d/flash-kernel"
17
17
18 # Install APT sources.list
18 # Install APT sources.list
19 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
19 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
20 echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETC_DIR}/apt/sources.list"
20 echo "deb ${COLLABORA_URL} ${RELEASE} rpi2" >> "${ETC_DIR}/apt/sources.list"
21
21
22 # Upgrade collabora package index and install collabora keyring
22 # Upgrade collabora package index and install collabora keyring
23 chroot_exec apt-get -qq -y update
23 chroot_exec apt-get -qq -y update
24 chroot_exec apt-get -qq -y --allow-unauthenticated install collabora-obs-archive-keyring
24 chroot_exec apt-get -qq -y --allow-unauthenticated install collabora-obs-archive-keyring
25 else # BUILD_KERNEL=true
25 else # BUILD_KERNEL=true
26 # Install APT sources.list
26 # Install APT sources.list
27 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
27 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list"
28
28
29 # Use specified APT server and release
29 # Use specified APT server and release
30 sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list"
30 sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list"
31 sed -i "s/ jessie/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list"
31 sed -i "s/ jessie/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list"
32 fi
32 fi
33
33
34 # Allow the installation of non-free Debian packages
34 # Allow the installation of non-free Debian packages
35 if [ "$ENABLE_NONFREE" = true ] ; then
35 if [ "$ENABLE_NONFREE" = true ] ; then
36 sed -i "s/ contrib/ contrib non-free/" "${ETC_DIR}/apt/sources.list"
36 sed -i "s/ contrib/ contrib non-free/" "${ETC_DIR}/apt/sources.list"
37 fi
37 fi
38
38
39 # Upgrade package index and update all installed packages and changed dependencies
39 # Upgrade package index and update all installed packages and changed dependencies
40 chroot_exec apt-get -qq -y update
40 chroot_exec apt-get -qq -y update
41 chroot_exec apt-get -qq -y -u dist-upgrade
41 chroot_exec apt-get -qq -y -u dist-upgrade
42
42
43 if [ "$APT_INCLUDES_LATE" ] ; then
43 if [ "$APT_INCLUDES_LATE" ] ; then
44 chroot_exec apt-get -qq -y install $(echo $APT_INCLUDES_LATE |tr , ' ')
44 chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')"
45 fi
45 fi
46
46
47 if [ -d packages ] ; then
47 if [ -d packages ] ; then
48 for package in packages/*.deb ; do
48 for package in packages/*.deb ; do
49 cp $package ${R}/tmp
49 cp "$package" "${R}"/tmp
50 chroot_exec dpkg --unpack /tmp/$(basename $package)
50 chroot_exec dpkg --unpack /tmp/"$(basename "$package")"
51 done
51 done
52 fi
52 fi
53 chroot_exec apt-get -qq -y -f install
53 chroot_exec apt-get -qq -y -f install
54
54
55 chroot_exec apt-get -qq -y check
55 chroot_exec apt-get -qq -y check
@@ -1,58 +1,58
1 #
1 #
2 # Setup Locales and keyboard settings
2 # Setup Locales and keyboard settings
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Install and setup timezone
8 # Install and setup timezone
9 echo ${TIMEZONE} > "${ETC_DIR}/timezone"
9 echo "${TIMEZONE}" > "${ETC_DIR}/timezone"
10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11
11
12 # Install and setup default locale and keyboard configuration
12 # Install and setup default locale and keyboard configuration
13 if [ $(echo "$APT_INCLUDES" | grep ",locales") ] ; then
13 if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then
14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 # ... so we have to set locales manually
16 # ... so we have to set locales manually
17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
19 else
19 else
20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
22 sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen"
22 sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen"
23 fi
23 fi
24
24
25 sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen"
25 sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen"
26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
27 chroot_exec locale-gen
27 chroot_exec locale-gen
28 chroot_exec update-locale LANG="${DEFLOCAL}"
28 chroot_exec update-locale LANG="${DEFLOCAL}"
29
29
30 # Install and setup default keyboard configuration
30 # Install and setup default keyboard configuration
31 if [ "$XKB_MODEL" != "pc105" ] ; then
31 if [ "$XKB_MODEL" != "pc105" ] ; then
32 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard"
32 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard"
33 fi
33 fi
34 if [ "$XKB_LAYOUT" != "us" ] ; then
34 if [ "$XKB_LAYOUT" != "us" ] ; then
35 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard"
35 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard"
36 fi
36 fi
37 if [ "$XKB_VARIANT" != "" ] ; then
37 if [ "$XKB_VARIANT" != "" ] ; then
38 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard"
38 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard"
39 fi
39 fi
40 if [ "$XKB_OPTIONS" != "" ] ; then
40 if [ "$XKB_OPTIONS" != "" ] ; then
41 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard"
41 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard"
42 fi
42 fi
43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44
44
45 # Install and setup font console
45 # Install and setup font console
46 case "${DEFLOCAL}" in
46 case "${DEFLOCAL}" in
47 *UTF-8)
47 *UTF-8)
48 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup"
48 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup"
49 ;;
49 ;;
50 *)
50 *)
51 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup"
51 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup"
52 ;;
52 ;;
53 esac
53 esac
54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 else # (no locales were installed)
55 else # (no locales were installed)
56 # Install POSIX default locale
56 # Install POSIX default locale
57 install_readonly files/locales/locale "${ETC_DIR}/default/locale"
57 install_readonly files/locales/locale "${ETC_DIR}/default/locale"
58 fi
58 fi
@@ -1,253 +1,255
1 #
1 #
2 # Build and Setup RPi2/3 Kernel
2 # Build and Setup RPi2/3 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build latest raspberry kernel
8 # Fetch and build latest raspberry kernel
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 # Setup source directory
10 # Setup source directory
11 mkdir -p "${R}/usr/src/linux"
11 mkdir -p "${KERNEL_DIR}"
12
12
13 # Copy existing kernel sources into chroot directory
13 # Copy existing kernel sources into chroot directory
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 # Copy kernel sources and include hidden files
15 # Copy kernel sources and include hidden files
16 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17
17
18 # Clean the kernel sources
18 # Clean the kernel sources
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 fi
21 fi
22 else # KERNELSRC_DIR=""
22 else # KERNELSRC_DIR=""
23 # Create temporary directory for kernel sources
23 # Create temporary directory for kernel sources
24 temp_dir=$(as_nobody mktemp -d)
24 temp_dir=$(as_nobody mktemp -d)
25
25
26 # Fetch current RPi2/3 kernel sources
26 # Fetch current RPi2/3 kernel sources
27 if [ -z "${KERNEL_BRANCH}" ] ; then
27 if [ -z "${KERNEL_BRANCH}" ] ; then
28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 else
29 else
30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 fi
31 fi
32
32
33 # Copy downloaded kernel sources
33 # Copy downloaded kernel sources
34 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
35
35
36 # Remove temporary directory for kernel sources
36 # Remove temporary directory for kernel sources
37 rm -fr "${temp_dir}"
37 rm -fr "${temp_dir}"
38
38
39 # Set permissions of the kernel sources
39 # Set permissions of the kernel sources
40 chown -R root:root "${R}/usr/src"
40 chown -R root:root "${R}/usr/src"
41 fi
41 fi
42
42
43 # Calculate optimal number of kernel building threads
43 # Calculate optimal number of kernel building threads
44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 fi
46 fi
47
47
48 # Configure and build kernel
48 # Configure and build kernel
49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 # Remove device, network and filesystem drivers from kernel configuration
50 # Remove device, network and filesystem drivers from kernel configuration
51 if [ "$KERNEL_REDUCE" = true ] ; then
51 if [ "$KERNEL_REDUCE" = true ] ; then
52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 sed -i\
53 sed -i\
54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 "${KERNEL_DIR}/.config"
83 "${KERNEL_DIR}/.config"
84 fi
84 fi
85
85
86 if [ "$KERNELSRC_CONFIG" = true ] ; then
86 if [ "$KERNELSRC_CONFIG" = true ] ; then
87 # Load default raspberry kernel configuration
87 # Load default raspberry kernel configuration
88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
89
89
90 # Set kernel configuration parameters to enable qemu emulation
90 # Set kernel configuration parameters to enable qemu emulation
91 if [ "$ENABLE_QEMU" = true ] ; then
91 if [ "$ENABLE_QEMU" = true ] ; then
92 echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config
92 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
93 echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config
93 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
94
94
95 if [ "$ENABLE_CRYPTFS" = true ] ; then
95 if [ "$ENABLE_CRYPTFS" = true ] ; then
96 echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config
96 {
97 echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config
97 echo "CONFIG_EMBEDDED=y"
98 echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config
98 echo "CONFIG_EXPERT=y"
99 echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config
99 echo "CONFIG_DAX=y"
100 echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config
100 echo "CONFIG_MD=y"
101 echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config
101 echo "CONFIG_BLK_DEV_MD=y"
102 echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config
102 echo "CONFIG_MD_AUTODETECT=y"
103 echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config
103 echo "CONFIG_BLK_DEV_DM=y"
104 echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config
104 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
105 echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config
105 echo "CONFIG_DM_CRYPT=y"
106 echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config
106 echo "CONFIG_CRYPTO_BLKCIPHER=y"
107 echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config
107 echo "CONFIG_CRYPTO_CBC=y"
108 echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config
108 echo "CONFIG_CRYPTO_XTS=y"
109 echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config
109 echo "CONFIG_CRYPTO_SHA512=y"
110 echo "CONFIG_CRYPTO_MANAGER=y"
111 } >> ${KERNEL_DIR}/.config
110 fi
112 fi
111 fi
113 fi
112
114
113 # Copy custom kernel configuration file
115 # Copy custom kernel configuration file
114 if [ ! -z "$KERNELSRC_USRCONFIG" ] ; then
116 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
115 cp $KERNELSRC_USRCONFIG ${KERNEL_DIR}/.config
117 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
116 fi
118 fi
117
119
118 # Set kernel configuration parameters to their default values
120 # Set kernel configuration parameters to their default values
119 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
121 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
120 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
122 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
121 fi
123 fi
122
124
123 # Start menu-driven kernel configuration (interactive)
125 # Start menu-driven kernel configuration (interactive)
124 if [ "$KERNEL_MENUCONFIG" = true ] ; then
126 if [ "$KERNEL_MENUCONFIG" = true ] ; then
125 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
127 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
126 fi
128 fi
127 fi
129 fi
128
130
129 # Use ccache to cross compile the kernel
131 # Use ccache to cross compile the kernel
130 if [ "$KERNEL_CCACHE" = true ] ; then
132 if [ "$KERNEL_CCACHE" = true ] ; then
131 cc="ccache ${CROSS_COMPILE}gcc"
133 cc="ccache ${CROSS_COMPILE}gcc"
132 else
134 else
133 cc="${CROSS_COMPILE}gcc"
135 cc="${CROSS_COMPILE}gcc"
134 fi
136 fi
135
137
136 # Cross compile kernel and dtbs
138 # Cross compile kernel and dtbs
137 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
139 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
138
140
139 # Cross compile kernel modules
141 # Cross compile kernel modules
140 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
142 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
141 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
143 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
142 fi
144 fi
143 fi
145 fi
144
146
145 # Check if kernel compilation was successful
147 # Check if kernel compilation was successful
146 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
148 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
147 echo "error: kernel compilation failed! (kernel image not found)"
149 echo "error: kernel compilation failed! (kernel image not found)"
148 cleanup
150 cleanup
149 exit 1
151 exit 1
150 fi
152 fi
151
153
152 # Install kernel modules
154 # Install kernel modules
153 if [ "$ENABLE_REDUCE" = true ] ; then
155 if [ "$ENABLE_REDUCE" = true ] ; then
154 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
156 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
155 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
157 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
156 fi
158 fi
157 else
159 else
158 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
160 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
159 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
161 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
160 fi
162 fi
161
163
162 # Install kernel firmware
164 # Install kernel firmware
163 if [ $(grep "^firmware_install:" "${KERNEL_DIR}/Makefile") ] ; then
165 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
164 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
166 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
165 fi
167 fi
166 fi
168 fi
167
169
168 # Install kernel headers
170 # Install kernel headers
169 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
171 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
170 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
172 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
171 fi
173 fi
172
174
173 # Prepare boot (firmware) directory
175 # Prepare boot (firmware) directory
174 mkdir "${BOOT_DIR}"
176 mkdir "${BOOT_DIR}"
175
177
176 # Get kernel release version
178 # Get kernel release version
177 KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"`
179 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
178
180
179 # Copy kernel configuration file to the boot directory
181 # Copy kernel configuration file to the boot directory
180 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
182 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
181
183
182 # Prepare device tree directory
184 # Prepare device tree directory
183 mkdir "${BOOT_DIR}/overlays"
185 mkdir "${BOOT_DIR}/overlays"
184
186
185 # Ensure the proper .dtb is located
187 # Ensure the proper .dtb is located
186 if [ "$KERNEL_ARCH" = "arm" ] ; then
188 if [ "$KERNEL_ARCH" = "arm" ] ; then
187 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
189 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
188 if [ -f "${dtb}" ] ; then
190 if [ -f "${dtb}" ] ; then
189 install_readonly "${dtb}" "${BOOT_DIR}/"
191 install_readonly "${dtb}" "${BOOT_DIR}/"
190 fi
192 fi
191 done
193 done
192 else
194 else
193 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
195 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
194 if [ -f "${dtb}" ] ; then
196 if [ -f "${dtb}" ] ; then
195 install_readonly "${dtb}" "${BOOT_DIR}/"
197 install_readonly "${dtb}" "${BOOT_DIR}/"
196 fi
198 fi
197 done
199 done
198 fi
200 fi
199
201
200 # Copy compiled dtb device tree files
202 # Copy compiled dtb device tree files
201 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
203 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
202 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
204 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
203 if [ -f "${dtb}" ] ; then
205 if [ -f "${dtb}" ] ; then
204 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
206 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
205 fi
207 fi
206 done
208 done
207
209
208 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
210 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
209 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
211 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
210 fi
212 fi
211 fi
213 fi
212
214
213 if [ "$ENABLE_UBOOT" = false ] ; then
215 if [ "$ENABLE_UBOOT" = false ] ; then
214 # Convert and copy kernel image to the boot directory
216 # Convert and copy kernel image to the boot directory
215 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
217 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
216 else
218 else
217 # Copy kernel image to the boot directory
219 # Copy kernel image to the boot directory
218 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
220 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
219 fi
221 fi
220
222
221 # Remove kernel sources
223 # Remove kernel sources
222 if [ "$KERNEL_REMOVESRC" = true ] ; then
224 if [ "$KERNEL_REMOVESRC" = true ] ; then
223 rm -fr "${KERNEL_DIR}"
225 rm -fr "${KERNEL_DIR}"
224 else
226 else
225 # Prepare compiled kernel modules
227 # Prepare compiled kernel modules
226 if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then
228 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
227 if [ $(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile") ] ; then
229 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
228 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
230 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
229 fi
231 fi
230
232
231 # Create symlinks for kernel modules
233 # Create symlinks for kernel modules
232 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
234 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
233 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
235 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
234 fi
236 fi
235 fi
237 fi
236
238
237 else # BUILD_KERNEL=false
239 else # BUILD_KERNEL=false
238 # Kernel installation
240 # Kernel installation
239 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
241 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
240
242
241 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
243 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
242 chroot_exec apt-get -qq -y install flash-kernel
244 chroot_exec apt-get -qq -y install flash-kernel
243
245
244 # Check if kernel installation was successful
246 # Check if kernel installation was successful
245 VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)"
247 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
246 if [ -z "$VMLINUZ" ] ; then
248 if [ -z "$VMLINUZ" ] ; then
247 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
249 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
248 cleanup
250 cleanup
249 exit 1
251 exit 1
250 fi
252 fi
251 # Copy vmlinuz kernel to the boot directory
253 # Copy vmlinuz kernel to the boot directory
252 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
254 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
253 fi
255 fi
@@ -1,59 +1,59
1 #
1 #
2 # Setup fstab and initramfs
2 # Setup fstab and initramfs
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Install and setup fstab
8 # Install and setup fstab
9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
10
10
11 # Add usb/sda disk root partition to fstab
11 # Add usb/sda disk root partition to fstab
12 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
12 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
13 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
13 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
14 fi
14 fi
15
15
16 # Add encrypted root partition to fstab and crypttab
16 # Add encrypted root partition to fstab and crypttab
17 if [ "$ENABLE_CRYPTFS" = true ] ; then
17 if [ "$ENABLE_CRYPTFS" = true ] ; then
18 # Replace fstab root partition with encrypted partition mapping
18 # Replace fstab root partition with encrypted partition mapping
19 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
19 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
20
20
21 # Add encrypted partition to crypttab and fstab
21 # Add encrypted partition to crypttab and fstab
22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
24
24
25 if [ "$ENABLE_SPLITFS" = true ] ; then
25 if [ "$ENABLE_SPLITFS" = true ] ; then
26 # Add usb/sda disk to crypttab
26 # Add usb/sda disk to crypttab
27 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
27 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
28 fi
28 fi
29 fi
29 fi
30
30
31 # Generate initramfs file
31 # Generate initramfs file
32 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
32 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
33 if [ "$ENABLE_CRYPTFS" = true ] ; then
33 if [ "$ENABLE_CRYPTFS" = true ] ; then
34 # Include initramfs scripts to auto expand encrypted root partition
34 # Include initramfs scripts to auto expand encrypted root partition
35 if [ "$EXPANDROOT" = true ] ; then
35 if [ "$EXPANDROOT" = true ] ; then
36 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
36 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
37 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
37 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
38 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
38 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
39 fi
39 fi
40
40
41 # Disable SSHD inside initramfs
41 # Disable SSHD inside initramfs
42 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
42 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
43
43
44 # Add cryptsetup modules to initramfs
44 # Add cryptsetup modules to initramfs
45 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
45 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
46
46
47 # Dummy mapping required by mkinitramfs
47 # Dummy mapping required by mkinitramfs
48 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
48 echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
49
49
50 # Generate initramfs with encrypted root partition support
50 # Generate initramfs with encrypted root partition support
51 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
51 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
52
52
53 # Remove dummy mapping
53 # Remove dummy mapping
54 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
54 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
55 else
55 else
56 # Generate initramfs without encrypted root partition support
56 # Generate initramfs without encrypted root partition support
57 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
57 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
58 fi
58 fi
59 fi
59 fi
@@ -1,151 +1,151
1 #
1 #
2 # Setup RPi2/3 config and cmdline
2 # Setup RPi2/3 config and cmdline
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$BUILD_KERNEL" = true ] ; then
8 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 # Install boot binaries from local directory
10 # Install boot binaries from local directory
11 cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 else
18 else
19 # Create temporary directory for boot binaries
19 # Create temporary directory for boot binaries
20 temp_dir=$(as_nobody mktemp -d)
20 temp_dir=$(as_nobody mktemp -d)
21
21
22 # Install latest boot binaries from raspberry/firmware github
22 # Install latest boot binaries from raspberry/firmware github
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30
30
31 # Move downloaded boot binaries
31 # Move downloaded boot binaries
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
33
33
34 # Remove temporary directory for boot binaries
34 # Remove temporary directory for boot binaries
35 rm -fr "${temp_dir}"
35 rm -fr "${temp_dir}"
36
36
37 # Set permissions of the boot binaries
37 # Set permissions of the boot binaries
38 chown -R root:root "${BOOT_DIR}"
38 chown -R root:root "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
40 fi
40 fi
41 fi
41 fi
42
42
43 # Setup firmware boot cmdline
43 # Setup firmware boot cmdline
44 if [ "$ENABLE_SPLITFS" = true ] ; then
44 if [ "$ENABLE_SPLITFS" = true ] ; then
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
46 else
46 else
47 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
47 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
48 fi
48 fi
49
49
50 # Add encrypted root partition to cmdline.txt
50 # Add encrypted root partition to cmdline.txt
51 if [ "$ENABLE_CRYPTFS" = true ] ; then
51 if [ "$ENABLE_CRYPTFS" = true ] ; then
52 if [ "$ENABLE_SPLITFS" = true ] ; then
52 if [ "$ENABLE_SPLITFS" = true ] ; then
53 CMDLINE=$(echo ${CMDLINE} | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
53 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
54 else
54 else
55 CMDLINE=$(echo ${CMDLINE} | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
55 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
56 fi
56 fi
57 fi
57 fi
58
58
59 # Add serial console support
59 # Add serial console support
60 if [ "$ENABLE_CONSOLE" = true ] ; then
60 if [ "$ENABLE_CONSOLE" = true ] ; then
61 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
61 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
62 fi
62 fi
63
63
64 # Remove IPv6 networking support
64 # Remove IPv6 networking support
65 if [ "$ENABLE_IPV6" = false ] ; then
65 if [ "$ENABLE_IPV6" = false ] ; then
66 CMDLINE="${CMDLINE} ipv6.disable=1"
66 CMDLINE="${CMDLINE} ipv6.disable=1"
67 fi
67 fi
68
68
69 # Automatically assign predictable network interface names
69 # Automatically assign predictable network interface names
70 if [ "$ENABLE_IFNAMES" = false ] ; then
70 if [ "$ENABLE_IFNAMES" = false ] ; then
71 CMDLINE="${CMDLINE} net.ifnames=0"
71 CMDLINE="${CMDLINE} net.ifnames=0"
72 else
72 else
73 CMDLINE="${CMDLINE} net.ifnames=1"
73 CMDLINE="${CMDLINE} net.ifnames=1"
74 fi
74 fi
75
75
76 # Set init to systemd if required by Debian release
76 # Set init to systemd if required by Debian release
77 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
77 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
78 CMDLINE="${CMDLINE} init=/bin/systemd"
78 CMDLINE="${CMDLINE} init=/bin/systemd"
79 fi
79 fi
80
80
81 # Install firmware boot cmdline
81 # Install firmware boot cmdline
82 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
82 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
83
83
84 # Install firmware config
84 # Install firmware config
85 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
85 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
86
86
87 # Setup minimal GPU memory allocation size: 16MB (no X)
87 # Setup minimal GPU memory allocation size: 16MB (no X)
88 if [ "$ENABLE_MINGPU" = true ] ; then
88 if [ "$ENABLE_MINGPU" = true ] ; then
89 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
89 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
90 fi
90 fi
91
91
92 # Setup boot with initramfs
92 # Setup boot with initramfs
93 if [ "$ENABLE_INITRAMFS" = true ] ; then
93 if [ "$ENABLE_INITRAMFS" = true ] ; then
94 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
94 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
95 fi
95 fi
96
96
97 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
97 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
98 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
98 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
99 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
99 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
100 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
100 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
101 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
101 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
102 fi
102 fi
103 fi
103 fi
104
104
105 # Create firmware configuration and cmdline symlinks
105 # Create firmware configuration and cmdline symlinks
106 ln -sf firmware/config.txt "${R}/boot/config.txt"
106 ln -sf firmware/config.txt "${R}/boot/config.txt"
107 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
107 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
108
108
109 # Install and setup kernel modules to load at boot
109 # Install and setup kernel modules to load at boot
110 mkdir -p "${R}/lib/modules-load.d/"
110 mkdir -p "${R}/lib/modules-load.d/"
111 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
111 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
112
112
113 # Load hardware random module at boot
113 # Load hardware random module at boot
114 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
114 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
115 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
115 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
116 fi
116 fi
117
117
118 # Load sound module at boot
118 # Load sound module at boot
119 if [ "$ENABLE_SOUND" = true ] ; then
119 if [ "$ENABLE_SOUND" = true ] ; then
120 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
120 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
121 else
121 else
122 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
122 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
123 fi
123 fi
124
124
125 # Enable I2C interface
125 # Enable I2C interface
126 if [ "$ENABLE_I2C" = true ] ; then
126 if [ "$ENABLE_I2C" = true ] ; then
127 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
127 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
128 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${R}/lib/modules-load.d/rpi2.conf"
128 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${R}/lib/modules-load.d/rpi2.conf"
129 sed -i "s/^# i2c-dev/i2c-dev/" "${R}/lib/modules-load.d/rpi2.conf"
129 sed -i "s/^# i2c-dev/i2c-dev/" "${R}/lib/modules-load.d/rpi2.conf"
130 fi
130 fi
131
131
132 # Enable SPI interface
132 # Enable SPI interface
133 if [ "$ENABLE_SPI" = true ] ; then
133 if [ "$ENABLE_SPI" = true ] ; then
134 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
134 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
135 echo "spi-bcm2708" >> "${R}/lib/modules-load.d/rpi2.conf"
135 echo "spi-bcm2708" >> "${R}/lib/modules-load.d/rpi2.conf"
136 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
136 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
137 sed -i "s/spi-bcm2708/spi-bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
137 sed -i "s/spi-bcm2708/spi-bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
138 fi
138 fi
139 fi
139 fi
140
140
141 # Disable RPi2/3 under-voltage warnings
141 # Disable RPi2/3 under-voltage warnings
142 if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
142 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
143 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
143 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
144 fi
144 fi
145
145
146 # Install kernel modules blacklist
146 # Install kernel modules blacklist
147 mkdir -p "${ETC_DIR}/modprobe.d/"
147 mkdir -p "${ETC_DIR}/modprobe.d/"
148 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
148 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
149
149
150 # Install sysctl.d configuration files
150 # Install sysctl.d configuration files
151 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
151 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
@@ -1,134 +1,134
1 #
1 #
2 # Setup Networking
2 # Setup Networking
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Install and setup hostname
8 # Install and setup hostname
9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
10 sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hostname"
10 sed -i "s/^rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hostname"
11
11
12 # Install and setup hosts
12 # Install and setup hosts
13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hosts"
14 sed -i "s/rpi2-jessie/${HOSTNAME}/" "${ETC_DIR}/hosts"
15
15
16 # Setup hostname entry with static IP
16 # Setup hostname entry with static IP
17 if [ "$NET_ADDRESS" != "" ] ; then
17 if [ "$NET_ADDRESS" != "" ] ; then
18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 fi
20 fi
21
21
22 # Remove IPv6 hosts
22 # Remove IPv6 hosts
23 if [ "$ENABLE_IPV6" = false ] ; then
23 if [ "$ENABLE_IPV6" = false ] ; then
24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
25 fi
25 fi
26
26
27 # Install hint about network configuration
27 # Install hint about network configuration
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29
29
30 # Install configuration for interface eth0
30 # Install configuration for interface eth0
31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
32
32
33 # Install configuration for interface wl*
33 # Install configuration for interface wl*
34 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
34 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
35
35
36 #always with dhcp since wpa_supplicant integration is missing
36 #always with dhcp since wpa_supplicant integration is missing
37 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
37 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
38
38
39 if [ "$ENABLE_DHCP" = true ] ; then
39 if [ "$ENABLE_DHCP" = true ] ; then
40 # Enable DHCP configuration for interface eth0
40 # Enable DHCP configuration for interface eth0
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
42
42
43 # Set DHCP configuration to IPv4 only
43 # Set DHCP configuration to IPv4 only
44 if [ "$ENABLE_IPV6" = false ] ; then
44 if [ "$ENABLE_IPV6" = false ] ; then
45 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
45 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
46 fi
46 fi
47
47
48 else # ENABLE_DHCP=false
48 else # ENABLE_DHCP=false
49 # Set static network configuration for interface eth0
49 # Set static network configuration for interface eth0
50 sed -i\
50 sed -i\
51 -e "s|DHCP=.*|DHCP=no|"\
51 -e "s|DHCP=.*|DHCP=no|"\
52 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
52 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
53 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
53 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
54 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
54 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
55 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
55 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
56 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
56 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
59 "${ETC_DIR}/systemd/network/eth.network"
59 "${ETC_DIR}/systemd/network/eth.network"
60 fi
60 fi
61
61
62 # Remove empty settings from network configuration
62 # Remove empty settings from network configuration
63 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
63 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
64 # Remove empty settings from wlan configuration
64 # Remove empty settings from wlan configuration
65 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
65 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
66
66
67 # Move systemd network configuration if required by Debian release
67 # Move systemd network configuration if required by Debian release
68 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
68 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
69 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
69 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
70 if [ "$ENABLE_WIRELESS" = true ] ; then
70 if [ "$ENABLE_WIRELESS" = true ] ; then
71 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
71 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
72 fi
72 fi
73 rm -fr "${ETC_DIR}/systemd/network"
73 rm -fr "${ETC_DIR}/systemd/network"
74 fi
74 fi
75
75
76 # Enable systemd-networkd service
76 # Enable systemd-networkd service
77 chroot_exec systemctl enable systemd-networkd
77 chroot_exec systemctl enable systemd-networkd
78
78
79 # Install host.conf resolver configuration
79 # Install host.conf resolver configuration
80 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
80 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
81
81
82 # Enable network stack hardening
82 # Enable network stack hardening
83 if [ "$ENABLE_HARDNET" = true ] ; then
83 if [ "$ENABLE_HARDNET" = true ] ; then
84 # Install sysctl.d configuration files
84 # Install sysctl.d configuration files
85 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
85 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
86
86
87 # Setup resolver warnings about spoofed addresses
87 # Setup resolver warnings about spoofed addresses
88 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
88 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
89 fi
89 fi
90
90
91 # Enable time sync
91 # Enable time sync
92 if [ "NET_NTP_1" != "" ] ; then
92 if [ "$NET_NTP_1" != "" ] ; then
93 chroot_exec systemctl enable systemd-timesyncd.service
93 chroot_exec systemctl enable systemd-timesyncd.service
94 fi
94 fi
95
95
96 # Download the firmware binary blob required to use the RPi3 wireless interface
96 # Download the firmware binary blob required to use the RPi3 wireless interface
97 if [ "$ENABLE_WIRELESS" = true ] ; then
97 if [ "$ENABLE_WIRELESS" = true ] ; then
98 if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then
98 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
99 mkdir -p ${WLAN_FIRMWARE_DIR}
99 mkdir -p "${WLAN_FIRMWARE_DIR}"
100 fi
100 fi
101
101
102 # Create temporary directory for firmware binary blob
102 # Create temporary directory for firmware binary blob
103 temp_dir=$(as_nobody mktemp -d)
103 temp_dir=$(as_nobody mktemp -d)
104
104
105 # Fetch firmware binary blob for RPI3B+
105 # Fetch firmware binary blob for RPI3B+
106 if [ "$RPI_MODEL" = 3P ] ; then
106 if [ "$RPI_MODEL" = 3P ] ; then
107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
109 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
109 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
110 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
110 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
111 # Fetch firmware binary blob for RPI3
111 # Fetch firmware binary blob for RPI3
112 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
112 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
113 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
113 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
114 fi
114 fi
115
115
116 # Move downloaded firmware binary blob
116 # Move downloaded firmware binary blob
117 if [ "$RPI_MODEL" = 3P ] ; then
117 if [ "$RPI_MODEL" = 3P ] ; then
118 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
118 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
119 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
119 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
120 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
120 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
121 fi
121 fi
122
122
123 # Remove temporary directory for firmware binary blob
123 # Remove temporary directory for firmware binary blob
124 rm -fr "${temp_dir}"
124 rm -fr "${temp_dir}"
125
125
126 # Set permissions of the firmware binary blob
126 # Set permissions of the firmware binary blob
127 if [ "$RPI_MODEL" = 3P ] ; then
127 if [ "$RPI_MODEL" = 3P ] ; then
128 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
128 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
129 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
129 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
130 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
130 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
131 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
131 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
132 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
132 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
133 fi
133 fi
134 fi
134 fi
@@ -1,49 +1,50
1 #
1 #
2 # Setup Firewall
2 # Setup Firewall
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$ENABLE_IPTABLES" = true ] ; then
8 if [ "$ENABLE_IPTABLES" = true ] ; then
9 # Create iptables configuration directory
9 # Create iptables configuration directory
10 mkdir -p "${ETC_DIR}/iptables"
10 mkdir -p "${ETC_DIR}/iptables"
11
11
12 # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives
12 # make sure iptables-legacy is the used alternatives
13 #iptables-save and -restore are slaves of iptables and thus are set accordingly
14 if ! [ "$RELEASE" = jessie ] ; then
13 chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
15 chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
14 chroot_exec update-alternatives --verbose --set iptables-save /usr/sbin/iptables-legacy-save
16 fi
15 chroot_exec update-alternatives --verbose --set iptables-restore /usr/sbin/iptables-legacy-restore
16
17
17 # Install iptables systemd service
18 # Install iptables systemd service
18 install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
19 install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
19
20
20 # Install flush-table script called by iptables service
21 # Install flush-table script called by iptables service
21 install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"
22 install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"
22
23
23 # Install iptables rule file
24 # Install iptables rule file
24 install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"
25 install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"
25
26
26 # Reload systemd configuration and enable iptables service
27 # Reload systemd configuration and enable iptables service
27 chroot_exec systemctl daemon-reload
28 chroot_exec systemctl daemon-reload
28 chroot_exec systemctl enable iptables.service
29 chroot_exec systemctl enable iptables.service
29
30
30 if [ "$ENABLE_IPV6" = true ] ; then
31 if [ "$ENABLE_IPV6" = true ] ; then
31 # Install ip6tables systemd service
32 # Install ip6tables systemd service
32 install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
33 install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
33
34
34 # Install ip6tables file
35 # Install ip6tables file
35 install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"
36 install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"
36
37
37 install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"
38 install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"
38
39
39 # Reload systemd configuration and enable iptables service
40 # Reload systemd configuration and enable iptables service
40 chroot_exec systemctl daemon-reload
41 chroot_exec systemctl daemon-reload
41 chroot_exec systemctl enable ip6tables.service
42 chroot_exec systemctl enable ip6tables.service
42 fi
43 fi
43
44
44 if [ "$ENABLE_SSHD" = false ] ; then
45 if [ "$ENABLE_SSHD" = false ] ; then
45 # Remove SSHD related iptables rules
46 # Remove SSHD related iptables rules
46 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
47 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
47 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
48 sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
48 fi
49 fi
49 fi
50 fi
@@ -1,29 +1,29
1 #
1 #
2 # Setup users and security settings
2 # Setup users and security settings
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Generate crypt(3) password string
8 # Generate crypt(3) password string
9 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 "${PASSWORD}"`
9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
10 ENCRYPTED_USER_PASSWORD=`mkpasswd -m sha-512 "${USER_PASSWORD}"`
10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11
11
12 # Setup default user
12 # Setup default user
13 if [ "$ENABLE_USER" = true ] ; then
13 if [ "$ENABLE_USER" = true ] ; then
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
16 fi
16 fi
17
17
18 # Setup root password or not
18 # Setup root password or not
19 if [ "$ENABLE_ROOT" = true ] ; then
19 if [ "$ENABLE_ROOT" = true ] ; then
20 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
20 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
21 else
21 else
22 # Set no root password to disable root login
22 # Set no root password to disable root login
23 chroot_exec usermod -p \'!\' root
23 chroot_exec usermod -p \'!\' root
24 fi
24 fi
25
25
26 # Enable serial console systemd style
26 # Enable serial console systemd style
27 if [ "$ENABLE_CONSOLE" = true ] ; then
27 if [ "$ENABLE_CONSOLE" = true ] ; then
28 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
28 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
29 fi
29 fi
@@ -1,116 +1,116
1 #
1 #
2 # Setup SSH settings and public keys
2 # Setup SSH settings and public keys
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$ENABLE_SSHD" = true ] ; then
8 if [ "$ENABLE_SSHD" = true ] ; then
9 DROPBEAR_ARGS=""
9 DROPBEAR_ARGS=""
10
10
11 if [ "$SSH_ENABLE_ROOT" = false ] ; then
11 if [ "$SSH_ENABLE_ROOT" = false ] ; then
12 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
12 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
13 # User root is not allowed to log in
13 # User root is not allowed to log in
14 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin no|g" "${ETC_DIR}/ssh/sshd_config"
14 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin no|g" "${ETC_DIR}/ssh/sshd_config"
15 else
15 else
16 # User root is not allowed to log in
16 # User root is not allowed to log in
17 DROPBEAR_ARGS="-w"
17 DROPBEAR_ARGS="-w"
18 fi
18 fi
19 fi
19 fi
20
20
21 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
21 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
22 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
22 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
23 # Permit SSH root login
23 # Permit SSH root login
24 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config"
24 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config"
25 else
25 else
26 # Permit SSH root login
26 # Permit SSH root login
27 DROPBEAR_ARGS=""
27 DROPBEAR_ARGS=""
28 fi
28 fi
29
29
30 # Add SSH (v2) public key for user root
30 # Add SSH (v2) public key for user root
31 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
31 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
32 # Create root SSH config directory
32 # Create root SSH config directory
33 mkdir -p "${R}/root/.ssh"
33 mkdir -p "${R}/root/.ssh"
34
34
35 # Set permissions of root SSH config directory
35 # Set permissions of root SSH config directory
36 chroot_exec chmod 700 "/root/.ssh"
36 chroot_exec chmod 700 "/root/.ssh"
37 chroot_exec chown root:root "/root/.ssh"
37 chroot_exec chown root:root "/root/.ssh"
38
38
39 # Add SSH (v2) public key(s) to authorized_keys file
39 # Add SSH (v2) public key(s) to authorized_keys file
40 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys"
40 cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys"
41
41
42 # Set permissions of root SSH authorized_keys file
42 # Set permissions of root SSH authorized_keys file
43 chroot_exec chmod 600 "/root/.ssh/authorized_keys"
43 chroot_exec chmod 600 "/root/.ssh/authorized_keys"
44 chroot_exec chown root:root "/root/.ssh/authorized_keys"
44 chroot_exec chown root:root "/root/.ssh/authorized_keys"
45
45
46 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
46 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
47 # Allow SSH public key authentication
47 # Allow SSH public key authentication
48 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
48 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
49 fi
49 fi
50 fi
50 fi
51 fi
51 fi
52
52
53 if [ "$ENABLE_USER" = true ] ; then
53 if [ "$ENABLE_USER" = true ] ; then
54 # Add SSH (v2) public key for user $USER_NAME
54 # Add SSH (v2) public key for user $USER_NAME
55 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
55 if [ -n "$SSH_USER_PUB_KEY" ] ; then
56 # Create $USER_NAME SSH config directory
56 # Create $USER_NAME SSH config directory
57 mkdir -p "${R}/home/${USER_NAME}/.ssh"
57 mkdir -p "${R}/home/${USER_NAME}/.ssh"
58
58
59 # Set permissions of $USER_NAME SSH config directory
59 # Set permissions of $USER_NAME SSH config directory
60 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
60 chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
61 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
61 chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh"
62
62
63 # Add SSH (v2) public key(s) to authorized_keys file
63 # Add SSH (v2) public key(s) to authorized_keys file
64 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
64 cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
65
65
66 # Set permissions of $USER_NAME SSH config directory
66 # Set permissions of $USER_NAME SSH config directory
67 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
67 chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
68 chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys"
68 chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh/authorized_keys"
69
69
70 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
70 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
71 # Allow SSH public key authentication
71 # Allow SSH public key authentication
72 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
72 sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
73 fi
73 fi
74 fi
74 fi
75 fi
75 fi
76
76
77 # Limit the users that are allowed to login via SSH
77 # Limit the users that are allowed to login via SSH
78 if [ "$SSH_LIMIT_USERS" = true ] && [ "$ENABLE_REDUCE" = false ] ; then
78 if [ "$SSH_LIMIT_USERS" = true ] && [ "$ENABLE_REDUCE" = false ] ; then
79 allowed_users=""
79 allowed_users=""
80 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
80 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
81 allowed_users="root"
81 allowed_users="root"
82 fi
82 fi
83
83
84 if [ "$ENABLE_USER" = true ] ; then
84 if [ "$ENABLE_USER" = true ] ; then
85 allowed_users="${allowed_users} ${USER_NAME}"
85 allowed_users="${allowed_users} ${USER_NAME}"
86 fi
86 fi
87
87
88 if [ ! -z "$allowed_users" ] ; then
88 if [ -n "$allowed_users" ] ; then
89 echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
89 echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
90 fi
90 fi
91 fi
91 fi
92
92
93 # Disable password-based authentication
93 # Disable password-based authentication
94 if [ "$SSH_DISABLE_PASSWORD_AUTH" = true ] ; then
94 if [ "$SSH_DISABLE_PASSWORD_AUTH" = true ] ; then
95 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
95 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
96 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
96 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
97 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin without-password|g" "${ETC_DIR}/ssh/sshd_config"
97 sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin without-password|g" "${ETC_DIR}/ssh/sshd_config"
98 else
98 else
99 DROPBEAR_ARGS="-g"
99 DROPBEAR_ARGS="-g"
100 fi
100 fi
101 fi
101 fi
102
102
103 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
103 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
104 sed -i "s|[#]*PasswordAuthentication.*|PasswordAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
104 sed -i "s|[#]*PasswordAuthentication.*|PasswordAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
105 sed -i "s|[#]*ChallengeResponseAuthentication no.*|ChallengeResponseAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
105 sed -i "s|[#]*ChallengeResponseAuthentication no.*|ChallengeResponseAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
106 sed -i "s|[#]*UsePAM.*|UsePAM no|g" "${ETC_DIR}/ssh/sshd_config"
106 sed -i "s|[#]*UsePAM.*|UsePAM no|g" "${ETC_DIR}/ssh/sshd_config"
107 else
107 else
108 DROPBEAR_ARGS="${DROPBEAR_ARGS} -s"
108 DROPBEAR_ARGS="${DROPBEAR_ARGS} -s"
109 fi
109 fi
110 fi
110 fi
111
111
112 # Update dropbear SSH configuration
112 # Update dropbear SSH configuration
113 if [ "$ENABLE_REDUCE" = true ] && [ "$REDUCE_SSHD" = true ] ; then
113 if [ "$ENABLE_REDUCE" = true ] && [ "$REDUCE_SSHD" = true ] ; then
114 sed "s|^DROPBEAR_EXTRA_ARGS=.*|DROPBEAR_EXTRA_ARGS=\"${DROPBEAR_ARGS}\"|g" "${ETC_DIR}/default/dropbear"
114 sed "s|^DROPBEAR_EXTRA_ARGS=.*|DROPBEAR_EXTRA_ARGS=\"${DROPBEAR_ARGS}\"|g" "${ETC_DIR}/default/dropbear"
115 fi
115 fi
116 fi No newline at end of file
116 fi
@@ -1,88 +1,98
1 #
1 #
2 # Build and Setup U-Boot
2 # Build and Setup U-Boot
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build U-Boot bootloader
8 # Fetch and build U-Boot bootloader
9 if [ "$ENABLE_UBOOT" = true ] ; then
9 if [ "$ENABLE_UBOOT" = true ] ; then
10 # Install c/c++ build environment inside the chroot
10 # Install c/c++ build environment inside the chroot
11 chroot_install_cc
11 chroot_install_cc
12
12
13 # Copy existing U-Boot sources into chroot directory
13 # Copy existing U-Boot sources into chroot directory
14 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
14 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
15 # Copy local U-Boot sources
15 # Copy local U-Boot sources
16 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
16 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
17 else
17 else
18 # Create temporary directory for U-Boot sources
18 # Create temporary directory for U-Boot sources
19 temp_dir=$(as_nobody mktemp -d)
19 temp_dir=$(as_nobody mktemp -d)
20
20
21 # Fetch U-Boot sources
21 # Fetch U-Boot sources
22 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
22 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
23
23
24 # Copy downloaded U-Boot sources
24 # Copy downloaded U-Boot sources
25 mv "${temp_dir}/u-boot" "${R}/tmp/"
25 mv "${temp_dir}/u-boot" "${R}/tmp/"
26
26
27 # Set permissions of the U-Boot sources
27 # Set permissions of the U-Boot sources
28 chown -R root:root "${R}/tmp/u-boot"
28 chown -R root:root "${R}/tmp/u-boot"
29
29
30 # Remove temporary directory for U-Boot sources
30 # Remove temporary directory for U-Boot sources
31 rm -fr "${temp_dir}"
31 rm -fr "${temp_dir}"
32 fi
32 fi
33
33
34 # Build and install U-Boot inside chroot
34 # Build and install U-Boot inside chroot
35 chroot_exec make -j${KERNEL_THREADS} -C /tmp/u-boot/ ${UBOOT_CONFIG} all
35 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
36
36
37 # Copy compiled bootloader binary and set config.txt to load it
37 # Copy compiled bootloader binary and set config.txt to load it
38 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
38 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
39 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
39 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
40 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
40 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
41
41
42 # Install and setup U-Boot command file
42 # Install and setup U-Boot command file
43 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
43 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
45
45
46 if [ "$ENABLE_INITRAMFS" = true ] ; then
46 if [ "$ENABLE_INITRAMFS" = true ] ; then
47 # Convert generated initramfs for U-Boot using mkimage
47 # Convert generated initramfs for U-Boot using mkimage
48 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
48 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
49
49
50 # Remove original initramfs file
50 # Remove original initramfs file
51 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
51 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
52
52
53 # Configure U-Boot to load generated initramfs
53 # Configure U-Boot to load generated initramfs
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
55 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
55 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
56 else # ENABLE_INITRAMFS=false
56 else # ENABLE_INITRAMFS=false
57 # Remove initramfs from U-Boot mkfile
57 # Remove initramfs from U-Boot mkfile
58 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
58 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
59
59
60 if [ "$BUILD_KERNEL" = false ] ; then
60 if [ "$BUILD_KERNEL" = false ] ; then
61 # Remove dtbfile from U-Boot mkfile
61 # Remove dtbfile from U-Boot mkfile
62 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
62 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
63 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
63 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
64 else
64 else
65 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
65 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
66 fi
66 fi
67 fi
67 fi
68
68
69 if [ "$KERNEL_ARCH" = "arm64" ] ; then
70 echo "Setting up config.txt to boot 64bit uboot"
71
72 printf "\n# 64bit-mode" >> "${BOOT_DIR}/config.txt"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md" >> "${BOOT_DIR}/config.txt"
74 printf "\narm_64bit=1" >> "${BOOT_DIR}/config.txt"
75 #in 64bit uboot booti is used instead of bootz [like in KERNEL_BIN_IMAGE=zImage (armv7)|| Image(armv8)]
76 sed -i "s|bootz|booti|g" "${BOOT_DIR}/uboot.mkimage"
77 fi
78
69 # Set mkfile to use the correct dtb file
79 # Set mkfile to use the correct dtb file
70 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
80 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
71
81
72 # Set mkfile to use the correct mach id
82 # Set mkfile to use the correct mach id
73 if [ "$ENABLE_QEMU" = true ] ; then
83 if [ "$ENABLE_QEMU" = true ] ; then
74 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
84 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
75 fi
85 fi
76
86
77 # Set mkfile to use kernel image
87 # Set mkfile to use kernel image
78 sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
88 sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
79
89
80 # Remove all leading blank lines
90 # Remove all leading blank lines
81 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
91 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
82
92
83 # Generate U-Boot bootloader image
93 # Generate U-Boot bootloader image
84 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
94 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
85
95
86 # Remove U-Boot sources
96 # Remove U-Boot sources
87 rm -fr "${R}/tmp/u-boot"
97 rm -fr "${R}/tmp/u-boot"
88 fi
98 fi
@@ -1,85 +1,85
1 #
1 #
2 # Reduce system disk usage
2 # Reduce system disk usage
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Reduce the image size by various operations
8 # Reduce the image size by various operations
9 if [ "$ENABLE_REDUCE" = true ] ; then
9 if [ "$ENABLE_REDUCE" = true ] ; then
10 if [ "$REDUCE_APT" = true ] ; then
10 if [ "$REDUCE_APT" = true ] ; then
11 # Install dpkg configuration file
11 # Install dpkg configuration file
12 if [ "$REDUCE_DOC" = true ] || [ "$REDUCE_MAN" = true ] ; then
12 if [ "$REDUCE_DOC" = true ] || [ "$REDUCE_MAN" = true ] ; then
13 install_readonly files/dpkg/01nodoc "${ETC_DIR}/dpkg/dpkg.cfg.d/01nodoc"
13 install_readonly files/dpkg/01nodoc "${ETC_DIR}/dpkg/dpkg.cfg.d/01nodoc"
14 fi
14 fi
15
15
16 # Install APT configuration files
16 # Install APT configuration files
17 install_readonly files/apt/02nocache "${ETC_DIR}/apt/apt.conf.d/02nocache"
17 install_readonly files/apt/02nocache "${ETC_DIR}/apt/apt.conf.d/02nocache"
18 install_readonly files/apt/03compress "${ETC_DIR}/apt/apt.conf.d/03compress"
18 install_readonly files/apt/03compress "${ETC_DIR}/apt/apt.conf.d/03compress"
19 install_readonly files/apt/04norecommends "${ETC_DIR}/apt/apt.conf.d/04norecommends"
19 install_readonly files/apt/04norecommends "${ETC_DIR}/apt/apt.conf.d/04norecommends"
20
20
21 # Remove APT cache files
21 # Remove APT cache files
22 rm -fr "${R}/var/cache/apt/pkgcache.bin"
22 rm -fr "${R}/var/cache/apt/pkgcache.bin"
23 rm -fr "${R}/var/cache/apt/srcpkgcache.bin"
23 rm -fr "${R}/var/cache/apt/srcpkgcache.bin"
24 fi
24 fi
25
25
26 # Remove all doc files
26 # Remove all doc files
27 if [ "$REDUCE_DOC" = true ] ; then
27 if [ "$REDUCE_DOC" = true ] ; then
28 find "${R}/usr/share/doc" -depth -type f ! -name copyright | xargs rm || true
28 find "${R}/usr/share/doc" -depth -type f ! -name copyright -print0 | xargs -0 rm || true
29 find "${R}/usr/share/doc" -empty | xargs rmdir || true
29 find "${R}/usr/share/doc" -empty -print0 | xargs -0 rmdir || true
30 fi
30 fi
31
31
32 # Remove all man pages and info files
32 # Remove all man pages and info files
33 if [ "$REDUCE_MAN" = true ] ; then
33 if [ "$REDUCE_MAN" = true ] ; then
34 rm -rf "${R}/usr/share/man" "${R}/usr/share/groff" "${R}/usr/share/info" "${R}/usr/share/lintian" "${R}/usr/share/linda" "${R}/var/cache/man"
34 rm -rf "${R}/usr/share/man" "${R}/usr/share/groff" "${R}/usr/share/info" "${R}/usr/share/lintian" "${R}/usr/share/linda" "${R}/var/cache/man"
35 fi
35 fi
36
36
37 # Remove all locale translation files
37 # Remove all locale translation files
38 if [ "$REDUCE_LOCALE" = true ] ; then
38 if [ "$REDUCE_LOCALE" = true ] ; then
39 find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' | xargs rm -r
39 find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' -print0 | xargs -0 rm -r
40 fi
40 fi
41
41
42 # Remove hwdb PCI device classes (experimental)
42 # Remove hwdb PCI device classes (experimental)
43 if [ "$REDUCE_HWDB" = true ] ; then
43 if [ "$REDUCE_HWDB" = true ] ; then
44 rm -fr "/lib/udev/hwdb.d/20-pci-*"
44 rm -fr "/lib/udev/hwdb.d/20-pci-*"
45 fi
45 fi
46
46
47 # Replace bash shell by dash shell (experimental)
47 # Replace bash shell by dash shell (experimental)
48 if [ "$REDUCE_BASH" = true ] ; then
48 if [ "$REDUCE_BASH" = true ] ; then
49 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
49 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
50 echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --allow-remove-essential bash
50 echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --allow-remove-essential bash
51 else
51 else
52 echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --force-yes bash
52 echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --force-yes bash
53 fi
53 fi
54
54
55 chroot_exec update-alternatives --install /bin/bash bash /bin/dash 100
55 chroot_exec update-alternatives --install /bin/bash bash /bin/dash 100
56 fi
56 fi
57
57
58 # Remove sound utils and libraries
58 # Remove sound utils and libraries
59 if [ "$ENABLE_SOUND" = false ] ; then
59 if [ "$ENABLE_SOUND" = false ] ; then
60 chroot_exec apt-get -qq -y purge alsa-utils libsamplerate0 libasound2 libasound2-data
60 chroot_exec apt-get -qq -y purge alsa-utils libsamplerate0 libasound2 libasound2-data
61 fi
61 fi
62
62
63 # Re-install tools for managing kernel modules
63 # Re-install tools for managing kernel modules
64 if [ "$RELEASE" = "jessie" ] ; then
64 if [ "$RELEASE" = "jessie" ] ; then
65 chroot_exec apt-get -qq -y install module-init-tools
65 chroot_exec apt-get -qq -y install module-init-tools
66 fi
66 fi
67
67
68 # Remove GPU kernels
68 # Remove GPU kernels
69 if [ "$ENABLE_MINGPU" = true ] ; then
69 if [ "$ENABLE_MINGPU" = true ] ; then
70 rm -f "${BOOT_DIR}/start.elf"
70 rm -f "${BOOT_DIR}/start.elf"
71 rm -f "${BOOT_DIR}/fixup.dat"
71 rm -f "${BOOT_DIR}/fixup.dat"
72 rm -f "${BOOT_DIR}/start_x.elf"
72 rm -f "${BOOT_DIR}/start_x.elf"
73 rm -f "${BOOT_DIR}/fixup_x.dat"
73 rm -f "${BOOT_DIR}/fixup_x.dat"
74 fi
74 fi
75
75
76 # Remove kernel and initrd from /boot (already in /boot/firmware)
76 # Remove kernel and initrd from /boot (already in /boot/firmware)
77 if [ "$BUILD_KERNEL" = false ] ; then
77 if [ "$BUILD_KERNEL" = false ] ; then
78 rm -f "${R}/boot/vmlinuz-*"
78 rm -f "${R}/boot/vmlinuz-*"
79 rm -f "${R}/boot/initrd.img-*"
79 rm -f "${R}/boot/initrd.img-*"
80 fi
80 fi
81
81
82 # Clean APT list of repositories
82 # Clean APT list of repositories
83 rm -fr "${R}/var/lib/apt/lists/*"
83 rm -fr "${R}/var/lib/apt/lists/*"
84 chroot_exec apt-get -qq -y update
84 chroot_exec apt-get -qq -y update
85 fi
85 fi
@@ -1,15 +1,16
1 # Set device tree fdtfile
1 # Set device tree fdtfile
2 setenv dtbfile bcm2709-rpi-2-b.dtb
2 setenv dtbfile bcm2709-rpi-2-b.dtb
3
3
4 # Tell Linux that it is booting on a Raspberry Pi2/3
4 # Tell Linux that it is booting on a Raspberry Pi2/3
5 setenv machid 0x00000c42
5 setenv machid 0x00000c42
6
6
7 # Save these changes to u-boot's environment
7 # Save these changes to u-boot's environment
8 saveenv
8 saveenv
9
9
10 # Load the existing Linux kernel into RAM
10 # Load the existing Linux kernel into RAM
11 mmc dev 0
11 fatload mmc 0:1 ${kernel_addr_r} kernel7.img
12 fatload mmc 0:1 ${kernel_addr_r} kernel7.img
12 fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
13 fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
13 fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
14 fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
14
15
15 # Boot the kernel we have just loaded
16 # Boot the kernel we have just loaded
@@ -1,783 +1,796
1 #!/bin/sh
1 #!/bin/sh
2
2
3 ########################################################################
3 ########################################################################
4 # rpi23-gen-image.sh 2015-2017
4 # rpi23-gen-image.sh 2015-2017
5 #
5 #
6 # Advanced Debian "jessie", "stretch" and "buster" bootstrap script for RPi2/3
6 # Advanced Debian "jessie", "stretch" and "buster" bootstrap script for RPi2/3
7 #
7 #
8 # This program is free software; you can redistribute it and/or
8 # This program is free software; you can redistribute it and/or
9 # modify it under the terms of the GNU General Public License
9 # modify it under the terms of the GNU General Public License
10 # as published by the Free Software Foundation; either version 2
10 # as published by the Free Software Foundation; either version 2
11 # of the License, or (at your option) any later version.
11 # of the License, or (at your option) any later version.
12 #
12 #
13 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
14 #
14 #
15 # Big thanks for patches and enhancements by 20+ github contributors!
15 # Big thanks for patches and enhancements by 20+ github contributors!
16 ########################################################################
16 ########################################################################
17
17
18 # Are we running as root?
18 # Are we running as root?
19 if [ "$(id -u)" -ne "0" ] ; then
19 if [ "$(id -u)" -ne "0" ] ; then
20 echo "error: this script must be executed with root privileges!"
20 echo "error: this script must be executed with root privileges!"
21 exit 1
21 exit 1
22 fi
22 fi
23
23
24 # Check if ./functions.sh script exists
24 # Check if ./functions.sh script exists
25 if [ ! -r "./functions.sh" ] ; then
25 if [ ! -r "./functions.sh" ] ; then
26 echo "error: './functions.sh' required script not found!"
26 echo "error: './functions.sh' required script not found!"
27 exit 1
27 exit 1
28 fi
28 fi
29
29
30 # Load utility functions
30 # Load utility functions
31 . ./functions.sh
31 . ./functions.sh
32
32
33 # Load parameters from configuration template file
33 # Load parameters from configuration template file
34 if [ ! -z "$CONFIG_TEMPLATE" ] ; then
34 if [ -n "$CONFIG_TEMPLATE" ] ; then
35 use_template
35 use_template
36 fi
36 fi
37
37
38 # Introduce settings
38 # Introduce settings
39 set -e
39 set -e
40 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
40 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
41 set -x
41 set -x
42
42
43 # Raspberry Pi model configuration
43 # Raspberry Pi model configuration
44 RPI_MODEL=${RPI_MODEL:=2}
44 RPI_MODEL=${RPI_MODEL:=2}
45
45
46 #bcm2708-rpi-0-w.dtb (Used for Pi 0 and PI 0W)
46 #bcm2708-rpi-0-w.dtb (Used for Pi 0 and PI 0W)
47 RPI0_DTB_FILE=${RPI0_DTB_FILE:=bcm2708-rpi-0-w.dtb}
47 RPI0_DTB_FILE=${RPI0_DTB_FILE:=bcm2708-rpi-0-w.dtb}
48 RPI0_UBOOT_CONFIG=${RPI0_UBOOT_CONFIG:=rpi_defconfig}
48 RPI0_UBOOT_CONFIG=${RPI0_UBOOT_CONFIG:=rpi_defconfig}
49
49
50 #bcm2708-rpi-b.dtb (Used for Pi 1 model A and B)
50 #bcm2708-rpi-b.dtb (Used for Pi 1 model A and B)
51 RPI1_DTB_FILE=${RPI1_DTB_FILE:=bcm2708-rpi-b.dtb}
51 RPI1_DTB_FILE=${RPI1_DTB_FILE:=bcm2708-rpi-b.dtb}
52 RPI1_UBOOT_CONFIG=${RPI1_UBOOT_CONFIG:=rpi_defconfig}
52 RPI1_UBOOT_CONFIG=${RPI1_UBOOT_CONFIG:=rpi_defconfig}
53
53
54 #bcm2708-rpi-b-plus.dtb (Used for Pi 1 model B+ and A+)
54 #bcm2708-rpi-b-plus.dtb (Used for Pi 1 model B+ and A+)
55 RPI1P_DTB_FILE=${RPI1P_DTB_FILE:=bcm2708-rpi-b-plus.dtb}
55 RPI1P_DTB_FILE=${RPI1P_DTB_FILE:=bcm2708-rpi-b-plus.dtb}
56 RPI1P_UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG:=rpi_defconfig}
56 RPI1P_UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG:=rpi_defconfig}
57
57
58 #bcm2709-rpi-2-b.dtb (Used for Pi 2 model B)
58 #bcm2709-rpi-2-b.dtb (Used for Pi 2 model B)
59 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb}
59 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb}
60 RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig}
60 RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig}
61
61
62 #bcm2710-rpi-3-b.dtb (Used for Pi 3 model B)
62 #bcm2710-rpi-3-b.dtb (Used for Pi 3 model B)
63 RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb}
63 RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb}
64 RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig}
64 RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig}
65
65
66 #bcm2710-rpi-3-b-plus.dtb (Used for Pi 3 model B+)
66 #bcm2710-rpi-3-b-plus.dtb (Used for Pi 3 model B+)
67 RPI3P_DTB_FILE=${RPI3P_DTB_FILE:=bcm2710-rpi-3-b-plus.dtb}
67 RPI3P_DTB_FILE=${RPI3P_DTB_FILE:=bcm2710-rpi-3-b-plus.dtb}
68 RPI3P_UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG:=rpi_3_32b_defconfig}
68 RPI3P_UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG:=rpi_3_32b_defconfig}
69
69
70 # Debian release
70 # Debian release
71 RELEASE=${RELEASE:=jessie}
71 RELEASE=${RELEASE:=jessie}
72 KERNEL_ARCH=${KERNEL_ARCH:=arm}
72 KERNEL_ARCH=${KERNEL_ARCH:=arm}
73 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
73 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
74 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
74 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
75 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
75 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
76 if [ "$KERNEL_ARCH" = "arm64" ] ; then
76 if [ "$KERNEL_ARCH" = "arm64" ] ; then
77 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
77 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
78 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
78 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
79 fi
79 fi
80
80
81 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
81 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
82 #RASPBERRY PI 1, PI ZERO, PI ZERO W, AND COMPUTE MODULE DEFAULT Kernel BUILD CONFIGURATION
82 #RASPBERRY PI 1, PI ZERO, PI ZERO W, AND COMPUTE MODULE DEFAULT Kernel BUILD CONFIGURATION
83 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
83 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
84 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
84 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
85 else
85 else
86 #RASPBERRY PI 2, PI 3, PI 3+, AND COMPUTE MODULE 3 DEFAULT Kernel BUILD CONFIGURATION
86 #RASPBERRY PI 2, PI 3, PI 3+, AND COMPUTE MODULE 3 DEFAULT Kernel BUILD CONFIGURATION
87 #https://www.raspberrypi.org/documentation/linux/kernel/building.md
87 #https://www.raspberrypi.org/documentation/linux/kernel/building.md
88 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
88 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
89 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
89 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
90 fi
90 fi
91
91
92 if [ "$RELEASE_ARCH" = "arm64" ] ; then
92 if [ "$RELEASE_ARCH" = "arm64" ] ; then
93 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
93 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
94 else
94 else
95 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
95 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
96 fi
96 fi
97 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
97 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
98
98
99 # URLs
99 # URLs
100 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
100 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
101 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
101 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
102 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
102 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
103 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
103 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
104 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
104 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
105 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
105 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
106 VIDEOCORE_URL=${VIDEOCORE_URL=https://github.com/raspberrypi/userland}
106
107
107 # Build directories
108 # Build directories
108 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
109 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
109 BUILDDIR="${BASEDIR}/build"
110 BUILDDIR="${BASEDIR}/build"
110
111
111 # Prepare date string for default image file name
112 # Prepare date string for default image file name
112 DATE="$(date +%Y-%m-%d)"
113 DATE="$(date +%Y-%m-%d)"
113 if [ -z "$KERNEL_BRANCH" ] ; then
114 if [ -z "$KERNEL_BRANCH" ] ; then
114 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
115 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
115 else
116 else
116 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
117 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
117 fi
118 fi
118
119
119 # Chroot directories
120 # Chroot directories
120 R="${BUILDDIR}/chroot"
121 R="${BUILDDIR}/chroot"
121 ETC_DIR="${R}/etc"
122 ETC_DIR="${R}/etc"
122 LIB_DIR="${R}/lib"
123 LIB_DIR="${R}/lib"
123 BOOT_DIR="${R}/boot/firmware"
124 BOOT_DIR="${R}/boot/firmware"
124 KERNEL_DIR="${R}/usr/src/linux"
125 KERNEL_DIR="${R}/usr/src/linux"
125 WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
126 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
126
127
127 # Firmware directory: Blank if download from github
128 # Firmware directory: Blank if download from github
128 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
129 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
129
130
130 # General settings
131 # General settings
131 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
132 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
132 PASSWORD=${PASSWORD:=raspberry}
133 PASSWORD=${PASSWORD:=raspberry}
133 USER_PASSWORD=${USER_PASSWORD:=raspberry}
134 USER_PASSWORD=${USER_PASSWORD:=raspberry}
134 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
135 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
135 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
136 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
136 EXPANDROOT=${EXPANDROOT:=true}
137 EXPANDROOT=${EXPANDROOT:=true}
137
138
138 # Keyboard settings
139 # Keyboard settings
139 XKB_MODEL=${XKB_MODEL:=""}
140 XKB_MODEL=${XKB_MODEL:=""}
140 XKB_LAYOUT=${XKB_LAYOUT:=""}
141 XKB_LAYOUT=${XKB_LAYOUT:=""}
141 XKB_VARIANT=${XKB_VARIANT:=""}
142 XKB_VARIANT=${XKB_VARIANT:=""}
142 XKB_OPTIONS=${XKB_OPTIONS:=""}
143 XKB_OPTIONS=${XKB_OPTIONS:=""}
143
144
144 # Network settings (DHCP)
145 # Network settings (DHCP)
145 ENABLE_DHCP=${ENABLE_DHCP:=true}
146 ENABLE_DHCP=${ENABLE_DHCP:=true}
146
147
147 # Network settings (static)
148 # Network settings (static)
148 NET_ADDRESS=${NET_ADDRESS:=""}
149 NET_ADDRESS=${NET_ADDRESS:=""}
149 NET_GATEWAY=${NET_GATEWAY:=""}
150 NET_GATEWAY=${NET_GATEWAY:=""}
150 NET_DNS_1=${NET_DNS_1:=""}
151 NET_DNS_1=${NET_DNS_1:=""}
151 NET_DNS_2=${NET_DNS_2:=""}
152 NET_DNS_2=${NET_DNS_2:=""}
152 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
153 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
153 NET_NTP_1=${NET_NTP_1:=""}
154 NET_NTP_1=${NET_NTP_1:=""}
154 NET_NTP_2=${NET_NTP_2:=""}
155 NET_NTP_2=${NET_NTP_2:=""}
155
156
156 # APT settings
157 # APT settings
157 APT_PROXY=${APT_PROXY:=""}
158 APT_PROXY=${APT_PROXY:=""}
158 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
159 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
159
160
160 # Feature settings
161 # Feature settings
161 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
162 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
162 ENABLE_I2C=${ENABLE_I2C:=false}
163 ENABLE_I2C=${ENABLE_I2C:=false}
163 ENABLE_SPI=${ENABLE_SPI:=false}
164 ENABLE_SPI=${ENABLE_SPI:=false}
164 ENABLE_IPV6=${ENABLE_IPV6:=true}
165 ENABLE_IPV6=${ENABLE_IPV6:=true}
165 ENABLE_SSHD=${ENABLE_SSHD:=true}
166 ENABLE_SSHD=${ENABLE_SSHD:=true}
166 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
167 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
167 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
168 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
168 ENABLE_SOUND=${ENABLE_SOUND:=true}
169 ENABLE_SOUND=${ENABLE_SOUND:=true}
169 ENABLE_DBUS=${ENABLE_DBUS:=true}
170 ENABLE_DBUS=${ENABLE_DBUS:=true}
170 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
171 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
171 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
172 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
172 ENABLE_XORG=${ENABLE_XORG:=false}
173 ENABLE_XORG=${ENABLE_XORG:=false}
173 ENABLE_WM=${ENABLE_WM:=""}
174 ENABLE_WM=${ENABLE_WM:=""}
174 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
175 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
175 ENABLE_USER=${ENABLE_USER:=true}
176 ENABLE_USER=${ENABLE_USER:=true}
176 USER_NAME=${USER_NAME:="pi"}
177 USER_NAME=${USER_NAME:="pi"}
177 ENABLE_ROOT=${ENABLE_ROOT:=false}
178 ENABLE_ROOT=${ENABLE_ROOT:=false}
178 ENABLE_QEMU=${ENABLE_QEMU:=false}
179 ENABLE_QEMU=${ENABLE_QEMU:=false}
179 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
180 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
180
181
181 # SSH settings
182 # SSH settings
182 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
183 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
183 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
184 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
184 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
185 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
185 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
186 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
186 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
187 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
187
188
188 # Advanced settings
189 # Advanced settings
189 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
190 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
190 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
191 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
191 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
192 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
192 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
193 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
193 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
194 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
195 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=true}
196 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
194 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
197 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
195 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
198 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
196 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
199 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
197 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
200 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
198 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
201 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
199 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
202 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
200 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
203 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
201
204
202 # Kernel compilation settings
205 # Kernel compilation settings
203 BUILD_KERNEL=${BUILD_KERNEL:=false}
206 BUILD_KERNEL=${BUILD_KERNEL:=false}
204 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
207 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
205 KERNEL_THREADS=${KERNEL_THREADS:=1}
208 KERNEL_THREADS=${KERNEL_THREADS:=1}
206 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
209 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
207 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
210 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
208 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
211 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
209 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
212 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
210 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
213 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
211
214
212 if [ "$KERNEL_ARCH" = "arm64" ] ; then
215 if [ "$KERNEL_ARCH" = "arm64" ] ; then
213 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
216 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
214 else
217 else
215 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
218 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
216 fi
219 fi
217
220
218 # Kernel compilation from source directory settings
221 # Kernel compilation from source directory settings
219 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
222 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
220 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
223 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
221 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
224 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
222 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
225 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
223
226
224 # Reduce disk usage settings
227 # Reduce disk usage settings
225 REDUCE_APT=${REDUCE_APT:=true}
228 REDUCE_APT=${REDUCE_APT:=true}
226 REDUCE_DOC=${REDUCE_DOC:=true}
229 REDUCE_DOC=${REDUCE_DOC:=true}
227 REDUCE_MAN=${REDUCE_MAN:=true}
230 REDUCE_MAN=${REDUCE_MAN:=true}
228 REDUCE_VIM=${REDUCE_VIM:=false}
231 REDUCE_VIM=${REDUCE_VIM:=false}
229 REDUCE_BASH=${REDUCE_BASH:=false}
232 REDUCE_BASH=${REDUCE_BASH:=false}
230 REDUCE_HWDB=${REDUCE_HWDB:=true}
233 REDUCE_HWDB=${REDUCE_HWDB:=true}
231 REDUCE_SSHD=${REDUCE_SSHD:=true}
234 REDUCE_SSHD=${REDUCE_SSHD:=true}
232 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
235 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
233
236
234 # Encrypted filesystem settings
237 # Encrypted filesystem settings
235 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
238 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
236 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
239 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
237 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
240 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
238 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
241 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
239 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
242 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
240
243
241 # Chroot scripts directory
244 # Chroot scripts directory
242 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
245 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
243
246
244 # Packages required in the chroot build environment
247 # Packages required in the chroot build environment
245 APT_INCLUDES=${APT_INCLUDES:=""}
248 APT_INCLUDES=${APT_INCLUDES:=""}
246 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils"
249 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils"
247
250
248 #Packages to exclude from chroot build environment
251 #Packages to exclude from chroot build environment
249 APT_EXCLUDES=${APT_EXCLUDES:=""}
252 APT_EXCLUDES=${APT_EXCLUDES:=""}
250
253
251 # Packages required for bootstrapping
254 # Packages required for bootstrapping
252 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
255 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
253 MISSING_PACKAGES=""
256 MISSING_PACKAGES=""
254
257
255 # Packages installed for c/c++ build environment in chroot (keep empty)
258 # Packages installed for c/c++ build environment in chroot (keep empty)
256 COMPILER_PACKAGES=""
259 COMPILER_PACKAGES=""
257
260
258 set +x
261 set +x
259
262
260 #If init and systemd-sysv are wanted e.g. halt/reboot/shutdown scripts
263 #If init and systemd-sysv are wanted e.g. halt/reboot/shutdown scripts
261 if [ "$ENABLE_SYSVINIT" = false ] ; then
264 if [ "$ENABLE_SYSVINIT" = false ] ; then
262 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
265 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
263 fi
266 fi
264
267
265 # Set Raspberry Pi model specific configuration
268 # Set Raspberry Pi model specific configuration
266 if [ "$RPI_MODEL" = 0 ] ; then
269 if [ "$RPI_MODEL" = 0 ] ; then
267 DTB_FILE=${RPI0_DTB_FILE}
270 DTB_FILE=${RPI0_DTB_FILE}
268 UBOOT_CONFIG=${RPI0_UBOOT_CONFIG}
271 UBOOT_CONFIG=${RPI0_UBOOT_CONFIG}
269 elif [ "$RPI_MODEL" = 1 ] ; then
272 elif [ "$RPI_MODEL" = 1 ] ; then
270 DTB_FILE=${RPI1_DTB_FILE}
273 DTB_FILE=${RPI1_DTB_FILE}
271 UBOOT_CONFIG=${RPI1_UBOOT_CONFIG}
274 UBOOT_CONFIG=${RPI1_UBOOT_CONFIG}
272 elif [ "$RPI_MODEL" = 1P ] ; then
275 elif [ "$RPI_MODEL" = 1P ] ; then
273 DTB_FILE=${RPI1P_DTB_FILE}
276 DTB_FILE=${RPI1P_DTB_FILE}
274 UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG}
277 UBOOT_CONFIG=${RPI1P_UBOOT_CONFIG}
275 elif [ "$RPI_MODEL" = 2 ] ; then
278 elif [ "$RPI_MODEL" = 2 ] ; then
276 DTB_FILE=${RPI2_DTB_FILE}
279 DTB_FILE=${RPI2_DTB_FILE}
277 UBOOT_CONFIG=${RPI2_UBOOT_CONFIG}
280 UBOOT_CONFIG=${RPI2_UBOOT_CONFIG}
278 elif [ "$RPI_MODEL" = 3 ] ; then
281 elif [ "$RPI_MODEL" = 3 ] ; then
279 DTB_FILE=${RPI3_DTB_FILE}
282 DTB_FILE=${RPI3_DTB_FILE}
280 UBOOT_CONFIG=${RPI3_UBOOT_CONFIG}
283 UBOOT_CONFIG=${RPI3_UBOOT_CONFIG}
281 elif [ "$RPI_MODEL" = 3P ] ; then
284 elif [ "$RPI_MODEL" = 3P ] ; then
282 DTB_FILE=${RPI3P_DTB_FILE}
285 DTB_FILE=${RPI3P_DTB_FILE}
283 UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG}
286 UBOOT_CONFIG=${RPI3P_UBOOT_CONFIG}
284 else
287 else
285 echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!"
288 echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!"
286 exit 1
289 exit 1
287 fi
290 fi
288
291
289 # Check if the internal wireless interface is supported by the RPi model
292 # Check if the internal wireless interface is supported by the RPi model
290 if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ]); then
293 if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ]); then
291
294
292 echo "error: The selected Raspberry Pi model has no internal wireless interface"
295 echo "error: The selected Raspberry Pi model has no internal wireless interface"
293 exit 1
296 exit 1
294 fi
297 fi
295
298
296 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
299 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
297 if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
300 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
298 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
301 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
299 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
302 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
300 exit 1
303 exit 1
301 fi
304 fi
302 fi
305 fi
303
306
304 # Build RPi2/3 Linux kernel if required by Debian release
307 # Build RPi2/3 Linux kernel if required by Debian release
305 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
308 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
306 BUILD_KERNEL=true
309 BUILD_KERNEL=true
307 fi
310 fi
308
311
309 # Add packages required for kernel cross compilation
312 # Add packages required for kernel cross compilation
310 if [ "$BUILD_KERNEL" = true ] ; then
313 if [ "$BUILD_KERNEL" = true ] ; then
311 if [ "$KERNEL_ARCH" = "arm" ] ; then
314 if [ "$KERNEL_ARCH" = "arm" ] ; then
312 if [ "$RELEASE_ARCH" = "armel" ]; then
315 if [ "$RELEASE_ARCH" = "armel" ]; then
313 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
316 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
314 fi
317 fi
315 if [ "$RELEASE_ARCH" = "armhf" ]; then
318 if [ "$RELEASE_ARCH" = "armhf" ]; then
316 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
319 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
317 fi
320 fi
318 fi
321 fi
319 if [ "$RELEASE_ARCH" = "arm64" ]; then
322 if [ "$RELEASE_ARCH" = "arm64" ]; then
320 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
323 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
321 fi
324 fi
322 fi
325 fi
323
326
327 if [ "$ENABLE_VIDEOCORE" = true ] ; then
328 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
329 fi
330
324 # Add libncurses5 to enable kernel menuconfig
331 # Add libncurses5 to enable kernel menuconfig
325 if [ "$KERNEL_MENUCONFIG" = true ] ; then
332 if [ "$KERNEL_MENUCONFIG" = true ] ; then
326 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
333 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
327 fi
334 fi
328
335
329 # Add ccache compiler cache for (faster) kernel cross (re)compilation
336 # Add ccache compiler cache for (faster) kernel cross (re)compilation
330 if [ "$KERNEL_CCACHE" = true ] ; then
337 if [ "$KERNEL_CCACHE" = true ] ; then
331 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
338 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
332 fi
339 fi
333
340
334 # Add cryptsetup package to enable filesystem encryption
341 # Add cryptsetup package to enable filesystem encryption
335 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
342 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
336 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
343 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
337 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
344 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
338
345
339 if [ -z "$CRYPTFS_PASSWORD" ] ; then
346 if [ -z "$CRYPTFS_PASSWORD" ] ; then
340 echo "error: no password defined (CRYPTFS_PASSWORD)!"
347 echo "error: no password defined (CRYPTFS_PASSWORD)!"
341 exit 1
348 exit 1
342 fi
349 fi
343 ENABLE_INITRAMFS=true
350 ENABLE_INITRAMFS=true
344 fi
351 fi
345
352
346 # Add initramfs generation tools
353 # Add initramfs generation tools
347 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
354 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
348 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
355 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
349 fi
356 fi
350
357
351 # Add device-tree-compiler required for building the U-Boot bootloader
358 # Add device-tree-compiler required for building the U-Boot bootloader
352 if [ "$ENABLE_UBOOT" = true ] ; then
359 if [ "$ENABLE_UBOOT" = true ] ; then
353 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex"
360 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex"
354 fi
361 fi
355
362
356 # Check if root SSH (v2) public key file exists
363 # Check if root SSH (v2) public key file exists
357 if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
364 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
358 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
365 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
359 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
366 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
360 exit 1
367 exit 1
361 fi
368 fi
362 fi
369 fi
363
370
364 # Check if $USER_NAME SSH (v2) public key file exists
371 # Check if $USER_NAME SSH (v2) public key file exists
365 if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
372 if [ -n "$SSH_USER_PUB_KEY" ] ; then
366 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
373 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
367 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
374 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
368 exit 1
375 exit 1
369 fi
376 fi
370 fi
377 fi
371
378
372 # Check if all required packages are installed on the build system
379 # Check if all required packages are installed on the build system
373 for package in $REQUIRED_PACKAGES ; do
380 for package in $REQUIRED_PACKAGES ; do
374 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
381 if [ "$(dpkg-query -W -f='${Status}' $package)" != "install ok installed" ] ; then
375 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
382 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
376 fi
383 fi
377 done
384 done
378
385
379 # If there are missing packages ask confirmation for install, or exit
386 # If there are missing packages ask confirmation for install, or exit
380 if [ -n "$MISSING_PACKAGES" ] ; then
387 if [ -n "$MISSING_PACKAGES" ] ; then
381 echo "the following packages needed by this script are not installed:"
388 echo "the following packages needed by this script are not installed:"
382 echo "$MISSING_PACKAGES"
389 echo "$MISSING_PACKAGES"
383
390
384 echo -n "\ndo you want to install the missing packages right now? [y/n] "
391 printf "\ndo you want to install the missing packages right now? [y/n] "
385 read confirm
392 read -r confirm
386 [ "$confirm" != "y" ] && exit 1
393 [ "$confirm" != "y" ] && exit 1
387
394
388 # Make sure all missing required packages are installed
395 # Make sure all missing required packages are installed
389 apt-get -qq -y install ${MISSING_PACKAGES}
396 apt-get -qq -y install "${MISSING_PACKAGES}"
390 fi
397 fi
391
398
392 # Check if ./bootstrap.d directory exists
399 # Check if ./bootstrap.d directory exists
393 if [ ! -d "./bootstrap.d/" ] ; then
400 if [ ! -d "./bootstrap.d/" ] ; then
394 echo "error: './bootstrap.d' required directory not found!"
401 echo "error: './bootstrap.d' required directory not found!"
395 exit 1
402 exit 1
396 fi
403 fi
397
404
398 # Check if ./files directory exists
405 # Check if ./files directory exists
399 if [ ! -d "./files/" ] ; then
406 if [ ! -d "./files/" ] ; then
400 echo "error: './files' required directory not found!"
407 echo "error: './files' required directory not found!"
401 exit 1
408 exit 1
402 fi
409 fi
403
410
404 # Check if specified KERNELSRC_DIR directory exists
411 # Check if specified KERNELSRC_DIR directory exists
405 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
412 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
406 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
413 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
407 exit 1
414 exit 1
408 fi
415 fi
409
416
410 # Check if specified UBOOTSRC_DIR directory exists
417 # Check if specified UBOOTSRC_DIR directory exists
411 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
418 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
412 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
419 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
413 exit 1
420 exit 1
414 fi
421 fi
415
422
423 # Check if specified VIDEOCORESRC_DIR directory exists
424 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
425 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
426 exit 1
427 fi
428
416 # Check if specified FBTURBOSRC_DIR directory exists
429 # Check if specified FBTURBOSRC_DIR directory exists
417 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
430 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
418 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
431 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
419 exit 1
432 exit 1
420 fi
433 fi
421
434
422 # Check if specified CHROOT_SCRIPTS directory exists
435 # Check if specified CHROOT_SCRIPTS directory exists
423 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
436 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
424 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
437 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
425 exit 1
438 exit 1
426 fi
439 fi
427
440
428 # Check if specified device mapping already exists (will be used by cryptsetup)
441 # Check if specified device mapping already exists (will be used by cryptsetup)
429 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
442 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
430 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
443 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
431 exit 1
444 exit 1
432 fi
445 fi
433
446
434 # Don't clobber an old build
447 # Don't clobber an old build
435 if [ -e "$BUILDDIR" ] ; then
448 if [ -e "$BUILDDIR" ] ; then
436 echo "error: directory ${BUILDDIR} already exists, not proceeding"
449 echo "error: directory ${BUILDDIR} already exists, not proceeding"
437 exit 1
450 exit 1
438 fi
451 fi
439
452
440 # Setup chroot directory
453 # Setup chroot directory
441 mkdir -p "${R}"
454 mkdir -p "${R}"
442
455
443 # Check if build directory has enough of free disk space >512MB
456 # Check if build directory has enough of free disk space >512MB
444 if [ "$(df --output=avail ${BUILDDIR} | sed "1d")" -le "524288" ] ; then
457 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
445 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
458 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
446 exit 1
459 exit 1
447 fi
460 fi
448
461
449 set -x
462 set -x
450
463
451 # Call "cleanup" function on various signals and errors
464 # Call "cleanup" function on various signals and errors
452 trap cleanup 0 1 2 3 6
465 trap cleanup 0 1 2 3 6
453
466
454 # Add required packages for the minbase installation
467 # Add required packages for the minbase installation
455 if [ "$ENABLE_MINBASE" = true ] ; then
468 if [ "$ENABLE_MINBASE" = true ] ; then
456 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
469 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
457 fi
470 fi
458
471
459 # Add required locales packages
472 # Add required locales packages
460 if [ "$DEFLOCAL" != "en_US.UTF-8" ] || ([ -n XKB_MODEL ] || [ -n XKB_LAYOUT ] || [ -n XKB_VARIANT ] || [ -n XKB_OPTIONS ]); then
473 if [ "$DEFLOCAL" != "en_US.UTF-8" ] || ([ -n XKB_MODEL ] || [ -n XKB_LAYOUT ] || [ -n XKB_VARIANT ] || [ -n XKB_OPTIONS ]); then
461 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
474 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
462 fi
475 fi
463
476
464 # Add parted package, required to get partprobe utility
477 # Add parted package, required to get partprobe utility
465 if [ "$EXPANDROOT" = true ] ; then
478 if [ "$EXPANDROOT" = true ] ; then
466 APT_INCLUDES="${APT_INCLUDES},parted"
479 APT_INCLUDES="${APT_INCLUDES},parted"
467 fi
480 fi
468
481
469 # Add dbus package, recommended if using systemd
482 # Add dbus package, recommended if using systemd
470 if [ "$ENABLE_DBUS" = true ] ; then
483 if [ "$ENABLE_DBUS" = true ] ; then
471 APT_INCLUDES="${APT_INCLUDES},dbus"
484 APT_INCLUDES="${APT_INCLUDES},dbus"
472 fi
485 fi
473
486
474 # Add iptables IPv4/IPv6 package
487 # Add iptables IPv4/IPv6 package
475 if [ "$ENABLE_IPTABLES" = true ] ; then
488 if [ "$ENABLE_IPTABLES" = true ] ; then
476 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
489 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
477 fi
490 fi
478
491
479 # Add openssh server package
492 # Add openssh server package
480 if [ "$ENABLE_SSHD" = true ] ; then
493 if [ "$ENABLE_SSHD" = true ] ; then
481 APT_INCLUDES="${APT_INCLUDES},openssh-server"
494 APT_INCLUDES="${APT_INCLUDES},openssh-server"
482 fi
495 fi
483
496
484 # Add alsa-utils package
497 # Add alsa-utils package
485 if [ "$ENABLE_SOUND" = true ] ; then
498 if [ "$ENABLE_SOUND" = true ] ; then
486 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
499 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
487 fi
500 fi
488
501
489 # Add rng-tools package
502 # Add rng-tools package
490 if [ "$ENABLE_HWRANDOM" = true ] ; then
503 if [ "$ENABLE_HWRANDOM" = true ] ; then
491 APT_INCLUDES="${APT_INCLUDES},rng-tools"
504 APT_INCLUDES="${APT_INCLUDES},rng-tools"
492 fi
505 fi
493
506
494 # Add fbturbo video driver
507 # Add fbturbo video driver
495 if [ "$ENABLE_FBTURBO" = true ] ; then
508 if [ "$ENABLE_FBTURBO" = true ] ; then
496 # Enable xorg package dependencies
509 # Enable xorg package dependencies
497 ENABLE_XORG=true
510 ENABLE_XORG=true
498 fi
511 fi
499
512
500 # Add user defined window manager package
513 # Add user defined window manager package
501 if [ -n "$ENABLE_WM" ] ; then
514 if [ -n "$ENABLE_WM" ] ; then
502 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
515 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
503
516
504 # Enable xorg package dependencies
517 # Enable xorg package dependencies
505 ENABLE_XORG=true
518 ENABLE_XORG=true
506 fi
519 fi
507
520
508 # Add xorg package
521 # Add xorg package
509 if [ "$ENABLE_XORG" = true ] ; then
522 if [ "$ENABLE_XORG" = true ] ; then
510 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
523 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
511 fi
524 fi
512
525
513 # Replace selected packages with smaller clones
526 # Replace selected packages with smaller clones
514 if [ "$ENABLE_REDUCE" = true ] ; then
527 if [ "$ENABLE_REDUCE" = true ] ; then
515 # Add levee package instead of vim-tiny
528 # Add levee package instead of vim-tiny
516 if [ "$REDUCE_VIM" = true ] ; then
529 if [ "$REDUCE_VIM" = true ] ; then
517 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
530 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
518 fi
531 fi
519
532
520 # Add dropbear package instead of openssh-server
533 # Add dropbear package instead of openssh-server
521 if [ "$REDUCE_SSHD" = true ] ; then
534 if [ "$REDUCE_SSHD" = true ] ; then
522 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")"
535 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
523 fi
536 fi
524 fi
537 fi
525
538
526 if [ "$RELEASE" != "jessie" ] ; then
539 if [ "$RELEASE" != "jessie" ] ; then
527 APT_INCLUDES="${APT_INCLUDES},libnss-systemd"
540 APT_INCLUDES="${APT_INCLUDES},libnss-systemd"
528 fi
541 fi
529
542
530 # Configure kernel sources if no KERNELSRC_DIR
543 # Configure kernel sources if no KERNELSRC_DIR
531 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
544 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
532 KERNELSRC_CONFIG=true
545 KERNELSRC_CONFIG=true
533 fi
546 fi
534
547
535 # Configure reduced kernel
548 # Configure reduced kernel
536 if [ "$KERNEL_REDUCE" = true ] ; then
549 if [ "$KERNEL_REDUCE" = true ] ; then
537 KERNELSRC_CONFIG=false
550 KERNELSRC_CONFIG=false
538 fi
551 fi
539
552
540 # Configure qemu compatible kernel
553 # Configure qemu compatible kernel
541 if [ "$ENABLE_QEMU" = true ] ; then
554 if [ "$ENABLE_QEMU" = true ] ; then
542 DTB_FILE=vexpress-v2p-ca15_a7.dtb
555 DTB_FILE=vexpress-v2p-ca15_a7.dtb
543 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
556 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
544 KERNEL_DEFCONFIG="vexpress_defconfig"
557 KERNEL_DEFCONFIG="vexpress_defconfig"
545 if [ "$KERNEL_MENUCONFIG" = false ] ; then
558 if [ "$KERNEL_MENUCONFIG" = false ] ; then
546 KERNEL_OLDDEFCONFIG=true
559 KERNEL_OLDDEFCONFIG=true
547 fi
560 fi
548 fi
561 fi
549
562
550 # Execute bootstrap scripts
563 # Execute bootstrap scripts
551 for SCRIPT in bootstrap.d/*.sh; do
564 for SCRIPT in bootstrap.d/*.sh; do
552 head -n 3 "$SCRIPT"
565 head -n 3 "$SCRIPT"
553 . "$SCRIPT"
566 . "$SCRIPT"
554 done
567 done
555
568
556 ## Execute custom bootstrap scripts
569 ## Execute custom bootstrap scripts
557 if [ -d "custom.d" ] ; then
570 if [ -d "custom.d" ] ; then
558 for SCRIPT in custom.d/*.sh; do
571 for SCRIPT in custom.d/*.sh; do
559 . "$SCRIPT"
572 . "$SCRIPT"
560 done
573 done
561 fi
574 fi
562
575
563 # Execute custom scripts inside the chroot
576 # Execute custom scripts inside the chroot
564 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
577 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
565 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
578 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
566 chroot_exec /bin/bash -x <<'EOF'
579 chroot_exec /bin/bash -x <<'EOF'
567 for SCRIPT in /chroot_scripts/* ; do
580 for SCRIPT in /chroot_scripts/* ; do
568 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
581 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
569 $SCRIPT
582 $SCRIPT
570 fi
583 fi
571 done
584 done
572 EOF
585 EOF
573 rm -rf "${R}/chroot_scripts"
586 rm -rf "${R}/chroot_scripts"
574 fi
587 fi
575
588
576 # Remove c/c++ build environment from the chroot
589 # Remove c/c++ build environment from the chroot
577 chroot_remove_cc
590 chroot_remove_cc
578
591
579 # Remove apt-utils
592 # Remove apt-utils
580 if [ "$RELEASE" = "jessie" ] ; then
593 if [ "$RELEASE" = "jessie" ] ; then
581 chroot_exec apt-get purge -qq -y --force-yes apt-utils
594 chroot_exec apt-get purge -qq -y --force-yes apt-utils
582 fi
595 fi
583
596
584 # Generate required machine-id
597 # Generate required machine-id
585 MACHINE_ID=$(dbus-uuidgen)
598 MACHINE_ID=$(dbus-uuidgen)
586 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
599 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
587 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
600 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
588
601
589 # APT Cleanup
602 # APT Cleanup
590 chroot_exec apt-get -y clean
603 chroot_exec apt-get -y clean
591 chroot_exec apt-get -y autoclean
604 chroot_exec apt-get -y autoclean
592 chroot_exec apt-get -y autoremove
605 chroot_exec apt-get -y autoremove
593
606
594 # Unmount mounted filesystems
607 # Unmount mounted filesystems
595 umount -l "${R}/proc"
608 umount -l "${R}/proc"
596 umount -l "${R}/sys"
609 umount -l "${R}/sys"
597
610
598 # Clean up directories
611 # Clean up directories
599 rm -rf "${R}/run/*"
612 rm -rf "${R}/run/*"
600 rm -rf "${R}/tmp/*"
613 rm -rf "${R}/tmp/*"
601
614
602 # Clean up files
615 # Clean up files
603 rm -f "${ETC_DIR}/ssh/ssh_host_*"
616 rm -f "${ETC_DIR}/ssh/ssh_host_*"
604 rm -f "${ETC_DIR}/dropbear/dropbear_*"
617 rm -f "${ETC_DIR}/dropbear/dropbear_*"
605 rm -f "${ETC_DIR}/apt/sources.list.save"
618 rm -f "${ETC_DIR}/apt/sources.list.save"
606 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
619 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
607 rm -f "${ETC_DIR}/*-"
620 rm -f "${ETC_DIR}/*-"
608 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
621 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
609 rm -f "${ETC_DIR}/resolv.conf"
622 rm -f "${ETC_DIR}/resolv.conf"
610 rm -f "${R}/root/.bash_history"
623 rm -f "${R}/root/.bash_history"
611 rm -f "${R}/var/lib/urandom/random-seed"
624 rm -f "${R}/var/lib/urandom/random-seed"
612 rm -f "${R}/initrd.img"
625 rm -f "${R}/initrd.img"
613 rm -f "${R}/vmlinuz"
626 rm -f "${R}/vmlinuz"
614 rm -f "${R}${QEMU_BINARY}"
627 rm -f "${R}${QEMU_BINARY}"
615
628
616 if [ "$ENABLE_QEMU" = true ] ; then
629 if [ "$ENABLE_QEMU" = true ] ; then
617 # Setup QEMU directory
630 # Setup QEMU directory
618 mkdir "${BASEDIR}/qemu"
631 mkdir "${BASEDIR}/qemu"
619
632
620 # Copy kernel image to QEMU directory
633 # Copy kernel image to QEMU directory
621 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
634 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
622
635
623 # Copy kernel config to QEMU directory
636 # Copy kernel config to QEMU directory
624 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
637 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
625
638
626 # Copy kernel dtbs to QEMU directory
639 # Copy kernel dtbs to QEMU directory
627 for dtb in "${BOOT_DIR}/"*.dtb ; do
640 for dtb in "${BOOT_DIR}/"*.dtb ; do
628 if [ -f "${dtb}" ] ; then
641 if [ -f "${dtb}" ] ; then
629 install_readonly "${dtb}" "${BASEDIR}/qemu/"
642 install_readonly "${dtb}" "${BASEDIR}/qemu/"
630 fi
643 fi
631 done
644 done
632
645
633 # Copy kernel overlays to QEMU directory
646 # Copy kernel overlays to QEMU directory
634 if [ -d "${BOOT_DIR}/overlays" ] ; then
647 if [ -d "${BOOT_DIR}/overlays" ] ; then
635 # Setup overlays dtbs directory
648 # Setup overlays dtbs directory
636 mkdir "${BASEDIR}/qemu/overlays"
649 mkdir "${BASEDIR}/qemu/overlays"
637
650
638 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
651 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
639 if [ -f "${dtb}" ] ; then
652 if [ -f "${dtb}" ] ; then
640 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
653 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
641 fi
654 fi
642 done
655 done
643 fi
656 fi
644
657
645 # Copy u-boot files to QEMU directory
658 # Copy u-boot files to QEMU directory
646 if [ "$ENABLE_UBOOT" = true ] ; then
659 if [ "$ENABLE_UBOOT" = true ] ; then
647 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
660 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
648 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
661 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
649 fi
662 fi
650 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
663 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
651 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
664 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
652 fi
665 fi
653 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
666 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
654 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
667 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
655 fi
668 fi
656 fi
669 fi
657
670
658 # Copy initramfs to QEMU directory
671 # Copy initramfs to QEMU directory
659 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
672 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
660 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
673 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
661 fi
674 fi
662 fi
675 fi
663
676
664 # Calculate size of the chroot directory in KB
677 # Calculate size of the chroot directory in KB
665 CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`)
678 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
666
679
667 # Calculate the amount of needed 512 Byte sectors
680 # Calculate the amount of needed 512 Byte sectors
668 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
681 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
669 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
682 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
670 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
683 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
671
684
672 # The root partition is EXT4
685 # The root partition is EXT4
673 # This means more space than the actual used space of the chroot is used.
686 # This means more space than the actual used space of the chroot is used.
674 # As overhead for journaling and reserved blocks 35% are added.
687 # As overhead for journaling and reserved blocks 35% are added.
675 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 35) \* 1024 \/ 512)
688 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
676
689
677 # Calculate required image size in 512 Byte sectors
690 # Calculate required image size in 512 Byte sectors
678 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
691 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
679
692
680 # Prepare image file
693 # Prepare image file
681 if [ "$ENABLE_SPLITFS" = true ] ; then
694 if [ "$ENABLE_SPLITFS" = true ] ; then
682 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=${TABLE_SECTORS}
695 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
683 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
696 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
684 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=${TABLE_SECTORS}
697 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
685 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
698 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
686
699
687 # Write firmware/boot partition tables
700 # Write firmware/boot partition tables
688 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
701 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
689 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
702 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
690 EOM
703 EOM
691
704
692 # Write root partition table
705 # Write root partition table
693 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
706 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
694 ${TABLE_SECTORS},${ROOT_SECTORS},83
707 ${TABLE_SECTORS},${ROOT_SECTORS},83
695 EOM
708 EOM
696
709
697 # Setup temporary loop devices
710 # Setup temporary loop devices
698 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $IMAGE_NAME-frmw.img)"
711 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
699 ROOT_LOOP="$(losetup -o 1M -f --show $IMAGE_NAME-root.img)"
712 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
700 else # ENABLE_SPLITFS=false
713 else # ENABLE_SPLITFS=false
701 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=${TABLE_SECTORS}
714 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
702 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek=${IMAGE_SECTORS}
715 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
703
716
704 # Write partition table
717 # Write partition table
705 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
718 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
706 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
719 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
707 ${ROOT_OFFSET},${ROOT_SECTORS},83
720 ${ROOT_OFFSET},${ROOT_SECTORS},83
708 EOM
721 EOM
709
722
710 # Setup temporary loop devices
723 # Setup temporary loop devices
711 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $IMAGE_NAME.img)"
724 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
712 ROOT_LOOP="$(losetup -o 65M -f --show $IMAGE_NAME.img)"
725 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
713 fi
726 fi
714
727
715 if [ "$ENABLE_CRYPTFS" = true ] ; then
728 if [ "$ENABLE_CRYPTFS" = true ] ; then
716 # Create dummy ext4 fs
729 # Create dummy ext4 fs
717 mkfs.ext4 "$ROOT_LOOP"
730 mkfs.ext4 "$ROOT_LOOP"
718
731
719 # Setup password keyfile
732 # Setup password keyfile
720 touch .password
733 touch .password
721 chmod 600 .password
734 chmod 600 .password
722 echo -n ${CRYPTFS_PASSWORD} > .password
735 echo -n ${CRYPTFS_PASSWORD} > .password
723
736
724 # Initialize encrypted partition
737 # Initialize encrypted partition
725 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
738 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
726
739
727 # Open encrypted partition and setup mapping
740 # Open encrypted partition and setup mapping
728 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
741 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
729
742
730 # Secure delete password keyfile
743 # Secure delete password keyfile
731 shred -zu .password
744 shred -zu .password
732
745
733 # Update temporary loop device
746 # Update temporary loop device
734 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
747 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
735
748
736 # Wipe encrypted partition (encryption cipher is used for randomness)
749 # Wipe encrypted partition (encryption cipher is used for randomness)
737 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count=$(blockdev --getsz "${ROOT_LOOP}")
750 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
738 fi
751 fi
739
752
740 # Build filesystems
753 # Build filesystems
741 mkfs.vfat "$FRMW_LOOP"
754 mkfs.vfat "$FRMW_LOOP"
742 mkfs.ext4 "$ROOT_LOOP"
755 mkfs.ext4 "$ROOT_LOOP"
743
756
744 # Mount the temporary loop devices
757 # Mount the temporary loop devices
745 mkdir -p "$BUILDDIR/mount"
758 mkdir -p "$BUILDDIR/mount"
746 mount "$ROOT_LOOP" "$BUILDDIR/mount"
759 mount "$ROOT_LOOP" "$BUILDDIR/mount"
747
760
748 mkdir -p "$BUILDDIR/mount/boot/firmware"
761 mkdir -p "$BUILDDIR/mount/boot/firmware"
749 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
762 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
750
763
751 # Copy all files from the chroot to the loop device mount point directory
764 # Copy all files from the chroot to the loop device mount point directory
752 rsync -a "${R}/" "$BUILDDIR/mount/"
765 rsync -a "${R}/" "$BUILDDIR/mount/"
753
766
754 # Unmount all temporary loop devices and mount points
767 # Unmount all temporary loop devices and mount points
755 cleanup
768 cleanup
756
769
757 # Create block map file(s) of image(s)
770 # Create block map file(s) of image(s)
758 if [ "$ENABLE_SPLITFS" = true ] ; then
771 if [ "$ENABLE_SPLITFS" = true ] ; then
759 # Create block map files for "bmaptool"
772 # Create block map files for "bmaptool"
760 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
773 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
761 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
774 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
762
775
763 # Image was successfully created
776 # Image was successfully created
764 echo "$IMAGE_NAME-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
777 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
765 echo "$IMAGE_NAME-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
778 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
766 else
779 else
767 # Create block map file for "bmaptool"
780 # Create block map file for "bmaptool"
768 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
781 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
769
782
770 # Image was successfully created
783 # Image was successfully created
771 echo "$IMAGE_NAME.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
784 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
772
785
773 # Create qemu qcow2 image
786 # Create qemu qcow2 image
774 if [ "$ENABLE_QEMU" = true ] ; then
787 if [ "$ENABLE_QEMU" = true ] ; then
775 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
788 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
776 QEMU_SIZE=16G
789 QEMU_SIZE=16G
777
790
778 qemu-img convert -f raw -O qcow2 $IMAGE_NAME.img $QEMU_IMAGE.qcow2
791 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
779 qemu-img resize $QEMU_IMAGE.qcow2 $QEMU_SIZE
792 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
780
793
781 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
794 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
782 fi
795 fi
783 fi
796 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant