@@ -0,0 +1,45 | |||
|
1 | #!/bin/sh | |
|
2 | ||
|
3 | PREREQ="dropbear" | |
|
4 | ||
|
5 | prereqs() { | |
|
6 | echo "$PREREQ" | |
|
7 | } | |
|
8 | ||
|
9 | case "$1" in | |
|
10 | prereqs) | |
|
11 | prereqs | |
|
12 | exit 0 | |
|
13 | ;; | |
|
14 | esac | |
|
15 | ||
|
16 | . "${CONFDIR}/initramfs.conf" | |
|
17 | . /usr/share/initramfs-tools/hook-functions | |
|
18 | ||
|
19 | if [ "${DROPBEAR}" != "n" ] && [ -r "/etc/crypttab" ] ; then | |
|
20 | cat > "${DESTDIR}/bin/unlock" << EOF | |
|
21 | #!/bin/sh | |
|
22 | if PATH=/lib/unlock:/bin:/sbin /scripts/local-top/cryptroot; then | |
|
23 | kill \`ps | grep cryptroot | grep -v "grep" | awk '{print \$1}'\` | |
|
24 | # following line kill the remote shell right after the passphrase has | |
|
25 | # been entered. | |
|
26 | kill -9 \`ps | grep "\-sh" | grep -v "grep" | awk '{print \$1}'\` | |
|
27 | exit 0 | |
|
28 | fi | |
|
29 | exit 1 | |
|
30 | EOF | |
|
31 | ||
|
32 | chmod 755 "${DESTDIR}/bin/unlock" | |
|
33 | ||
|
34 | mkdir -p "${DESTDIR}/lib/unlock" | |
|
35 | cat > "${DESTDIR}/lib/unlock/plymouth" << EOF | |
|
36 | #!/bin/sh | |
|
37 | [ "\$1" == "--ping" ] && exit 1 | |
|
38 | /bin/plymouth "\$@" | |
|
39 | EOF | |
|
40 | ||
|
41 | chmod 755 "${DESTDIR}/lib/unlock/plymouth" | |
|
42 | ||
|
43 | echo To unlock root-partition run "unlock" >> ${DESTDIR}/etc/motd | |
|
44 | ||
|
45 | fi No newline at end of file |
@@ -392,6 +392,12 Set cipher specification string. `aes-xts*` ciphers are strongly recommended. | |||
|
392 | 392 | ##### `CRYPTFS_XTSKEYSIZE`=512 |
|
393 | 393 | Sets key size in bits. The argument has to be a multiple of 8. |
|
394 | 394 | |
|
395 | ##### `CRYPTFS_DROPBEAR`=false | |
|
396 | Enable Dropbear Initramfs support | |
|
397 | ||
|
398 | ##### `CRYPTFS_DROPBEAR_PUBKEY`="" | |
|
399 | Provide path to dropbear Public RSA-OpenSSH Key | |
|
400 | ||
|
395 | 401 | --- |
|
396 | 402 | |
|
397 | 403 | #### Build settings: |
@@ -29,7 +29,7 if [ "$ENABLE_CRYPTFS" = true ] ; then | |||
|
29 | 29 | fi |
|
30 | 30 | |
|
31 | 31 | # Generate initramfs file |
|
32 |
if |
|
|
32 | if [ "$ENABLE_INITRAMFS" = true ] ; then | |
|
33 | 33 | if [ "$ENABLE_CRYPTFS" = true ] ; then |
|
34 | 34 | # Include initramfs scripts to auto expand encrypted root partition |
|
35 | 35 | if [ "$EXPANDROOT" = true ] ; then |
@@ -38,8 +38,43 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then | |||
|
38 | 38 | install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools" |
|
39 | 39 | fi |
|
40 | 40 | |
|
41 | # Disable SSHD inside initramfs | |
|
42 | printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf" | |
|
41 | if [ "$CRYPTFS_DROPBEAR" = true ]; then | |
|
42 | if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then | |
|
43 | install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub | |
|
44 | cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys | |
|
45 | else | |
|
46 | # Create key | |
|
47 | chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear | |
|
48 | ||
|
49 | # Convert dropbear key to openssh key | |
|
50 | chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa | |
|
51 | ||
|
52 | # Get Public Key Part | |
|
53 | chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear | chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub | |
|
54 | ||
|
55 | # Delete unwanted lines | |
|
56 | sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub | |
|
57 | sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub | |
|
58 | ||
|
59 | # Trust the new key | |
|
60 | cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys | |
|
61 | ||
|
62 | # Save Keys - convert with putty from rsa/openssh to puttkey | |
|
63 | cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa | |
|
64 | ||
|
65 | # Get unlock script | |
|
66 | install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh | |
|
67 | ||
|
68 | # Enable Dropbear inside initramfs | |
|
69 | printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf" | |
|
70 | ||
|
71 | # Enable Dropbear inside initramfs | |
|
72 | sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear | |
|
73 | fi | |
|
74 | else | |
|
75 | # Disable SSHD inside initramfs | |
|
76 | printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf" | |
|
77 | fi | |
|
43 | 78 | |
|
44 | 79 | # Add cryptsetup modules to initramfs |
|
45 | 80 | printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook" |
@@ -56,23 +56,38 if [ "$ENABLE_CRYPTFS" = true ] ; then | |||
|
56 | 56 | fi |
|
57 | 57 | fi |
|
58 | 58 | |
|
59 | #locks cpu at max frequency | |
|
60 | if [ "$ENABLE_TURBO" = true ] ; then | |
|
61 | echo "force_turbo=1" >> "${BOOT_DIR}/config.txt" | |
|
62 | fi | |
|
63 | ||
|
59 | # Enable Kernel messages on standard output | |
|
64 | 60 | if [ "$ENABLE_PRINTK" = true ] ; then |
|
65 | 61 | install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf" |
|
66 | 62 | fi |
|
67 | 63 | |
|
68 | # Install udev rule for serial alias | |
|
64 | # Install udev rule for serial alias - serial0 = console serial1=bluetooth | |
|
69 | 65 | install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules" |
|
70 | 66 | |
|
67 | # Remove IPv6 networking support | |
|
68 | if [ "$ENABLE_IPV6" = false ] ; then | |
|
69 | CMDLINE="${CMDLINE} ipv6.disable=1" | |
|
70 | fi | |
|
71 | ||
|
72 | # Automatically assign predictable network interface names | |
|
73 | if [ "$ENABLE_IFNAMES" = false ] ; then | |
|
74 | CMDLINE="${CMDLINE} net.ifnames=0" | |
|
75 | else | |
|
76 | CMDLINE="${CMDLINE} net.ifnames=1" | |
|
77 | fi | |
|
78 | ||
|
79 | # Install firmware config | |
|
80 | install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt" | |
|
81 | ||
|
82 | # Locks CPU frequency at maximum | |
|
83 | if [ "$ENABLE_TURBO" = true ] ; then | |
|
84 | echo "force_turbo=1" >> "${BOOT_DIR}/config.txt" | |
|
85 | # helps to avoid sdcard corruption when force_turbo is enabled. | |
|
86 | echo "boot_delay=1" >> "${BOOT_DIR}/config.txt" | |
|
87 | fi | |
|
88 | ||
|
71 | 89 | if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then |
|
72 | 90 | |
|
73 | # RPI0,3,3P Use default ttyS0 (mini-UART)as serial interface | |
|
74 | SET_SERIAL="ttyS0" | |
|
75 | ||
|
76 | 91 | # Bluetooth enabled |
|
77 | 92 | if [ "$ENABLE_BLUETOOTH" = true ] ; then |
|
78 | 93 | # Create temporary directory for Bluetooth sources |
@@ -94,6 +109,10 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then | |||
|
94 | 109 | # Install tools |
|
95 | 110 | install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart" |
|
96 | 111 | install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper" |
|
112 | ||
|
113 | # make scripts executable | |
|
114 | chmod +x "${R}/usr/bin/bthelper" | |
|
115 | chmod +x "${R}/usr/bin/btuart" | |
|
97 | 116 | |
|
98 | 117 | # Install bluetooth udev rule |
|
99 | 118 | install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules" |
@@ -105,12 +124,12 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then | |||
|
105 | 124 | install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service" |
|
106 | 125 | install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service" |
|
107 | 126 | |
|
108 |
# Remove temporary director |
|
|
127 | # Remove temporary directories | |
|
109 | 128 | rm -fr "${temp_dir}" |
|
129 | rm -fr "${R}"/tmp/pi-bluetooth | |
|
110 | 130 | |
|
111 | 131 | # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0 |
|
112 | 132 | if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then |
|
113 | SET_SERIAL="ttyAMA0" | |
|
114 | 133 | |
|
115 | 134 | # set overlay to swap ttyAMA0 and ttyS0 |
|
116 | 135 | echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt" |
@@ -119,23 +138,15 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then | |||
|
119 | 138 | if [ "$ENABLE_TURBO" = false ] ; then |
|
120 | 139 | echo "core_freq=250" >> "${BOOT_DIR}/config.txt" |
|
121 | 140 | fi |
|
122 | ||
|
123 | # Activate services | |
|
124 | chroot_exec systemctl enable pi-bluetooth.hciuart.service | |
|
125 | #chroot_exec systemctl enable pi-bluetooth.bthelper@.service | |
|
126 | else | |
|
127 | chroot_exec systemctl enable pi-bluetooth.hciuart.service | |
|
128 | #chroot_exec systemctl enable pi-bluetooth.bthelper@.service | |
|
129 | 141 |
|
|
142 | ||
|
143 | # Activate services | |
|
144 | chroot_exec systemctl enable pi-bluetooth.hciuart.service | |
|
130 | 145 | |
|
131 | 146 | else # if ENABLE_BLUETOOTH = false |
|
132 | 147 | # set overlay to disable bluetooth |
|
133 | 148 | echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt" |
|
134 | 149 | fi # ENABLE_BLUETOOTH end |
|
135 | ||
|
136 | else | |
|
137 | # RPI1,1P,2 Use default ttyAMA0 (full UART) as serial interface | |
|
138 | SET_SERIAL="ttyAMA0" | |
|
139 | 150 | fi |
|
140 | 151 | |
|
141 | 152 | # may need sudo systemctl disable hciuart |
@@ -145,31 +156,14 if [ "$ENABLE_CONSOLE" = true ] ; then | |||
|
145 | 156 | CMDLINE="${CMDLINE} console=serial0,115200" |
|
146 | 157 | |
|
147 | 158 | # Enable serial console systemd style |
|
148 |
chroot_exec systemctl enable serial-getty\@ |
|
|
159 | chroot_exec systemctl enable serial-getty\@serial0.service | |
|
149 | 160 | else |
|
150 | 161 | echo "enable_uart=0" >> "${BOOT_DIR}/config.txt" |
|
151 | # disable serial console systemd style | |
|
152 | chroot_exec systemctl disable serial-getty\@"$SET_SERIAL".service | |
|
153 | fi | |
|
154 | ||
|
155 | # Remove IPv6 networking support | |
|
156 | if [ "$ENABLE_IPV6" = false ] ; then | |
|
157 | CMDLINE="${CMDLINE} ipv6.disable=1" | |
|
158 | fi | |
|
159 | ||
|
160 | # Automatically assign predictable network interface names | |
|
161 | if [ "$ENABLE_IFNAMES" = false ] ; then | |
|
162 | CMDLINE="${CMDLINE} net.ifnames=0" | |
|
163 | else | |
|
164 | CMDLINE="${CMDLINE} net.ifnames=1" | |
|
165 | 162 | fi |
|
166 | 163 | |
|
167 | 164 | # Install firmware boot cmdline |
|
168 | 165 | echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt" |
|
169 | 166 | |
|
170 | # Install firmware config | |
|
171 | install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt" | |
|
172 | ||
|
173 | 167 | # Setup minimal GPU memory allocation size: 16MB (no X) |
|
174 | 168 | if [ "$ENABLE_MINGPU" = true ] ; then |
|
175 | 169 | echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt" |
@@ -57,6 +57,20 else # ENABLE_DHCP=false | |||
|
57 | 57 | -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\ |
|
58 | 58 | -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\ |
|
59 | 59 | "${ETC_DIR}/systemd/network/eth.network" |
|
60 | ||
|
61 | if [ "$CRYPTFS_DROPBEAR" = true ] ; then | |
|
62 | # Get cdir from NET_ADDRESS e.g. 24 | |
|
63 | cdir=$(${NET_ADDRESS} | cut -d '/' -f2) | |
|
64 | ||
|
65 | # Convert cdir ro netmask e.g. 24 to 255.255.255.0 | |
|
66 | NET_MASK=$(cdr2mask "$cdir") | |
|
67 | ||
|
68 | # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf | |
|
69 | sed -i "\$aIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf | |
|
70 | ||
|
71 | # Regenerate initramfs | |
|
72 | chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}" | |
|
73 | fi | |
|
60 | 74 | fi |
|
61 | 75 | |
|
62 | 76 | # Remove empty settings from network configuration |
@@ -27,6 +27,9 if [ "$ENABLE_IPTABLES" = true ] ; then | |||
|
27 | 27 | chroot_exec systemctl enable iptables.service |
|
28 | 28 | |
|
29 | 29 | if [ "$ENABLE_IPV6" = true ] ; then |
|
30 | # make sure ip6tables-legacy is the used alternatives | |
|
31 | chroot_exec update-alternatives --verbose --set ip6tables /usr/sbin/ip6tables-legacy | |
|
32 | ||
|
30 | 33 | # Install ip6tables systemd service |
|
31 | 34 | install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service" |
|
32 | 35 |
@@ -22,8 +22,3 else | |||
|
22 | 22 | # Set no root password to disable root login |
|
23 | 23 | chroot_exec usermod -p \'!\' root |
|
24 | 24 | fi |
|
25 | ||
|
26 | # Enable serial console systemd style | |
|
27 | if [ "$ENABLE_CONSOLE" = true ] ; then | |
|
28 | chroot_exec systemctl enable serial-getty\@ttyAMA0.service | |
|
29 | fi |
@@ -50,4 +50,7 if [ "$ENABLE_VIDEOCORE" = true ] ; then | |||
|
50 | 50 | |
|
51 | 51 | #back to root of scriptdir |
|
52 | 52 | cd "${WORKDIR}" |
|
53 | ||
|
54 | # Remove videocore sources | |
|
55 | rm -fr "${R}"/tmp/userland/ | |
|
53 | 56 | fi |
@@ -75,3 +75,12 chroot_remove_cc() { | |||
|
75 | 75 | COMPILER_PACKAGES="" |
|
76 | 76 | fi |
|
77 | 77 | } |
|
78 | ||
|
79 | # https://serverfault.com/a/682849 - converts e.g. /24 to 255.255.255.0 | |
|
80 | cdr2mask () | |
|
81 | { | |
|
82 | # Number of args to shift, 255..255, first non-255 byte, zeroes | |
|
83 | set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0 | |
|
84 | [ $1 -gt 1 ] && shift $1 || shift | |
|
85 | echo ${1-0}.${2-0}.${3-0}.${4-0} | |
|
86 | } No newline at end of file |
@@ -185,6 +185,10 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""} | |||
|
185 | 185 | CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"} |
|
186 | 186 | CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"} |
|
187 | 187 | CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512} |
|
188 | #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup | |
|
189 | CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false} | |
|
190 | #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated | |
|
191 | CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""} | |
|
188 | 192 | |
|
189 | 193 | # Chroot scripts directory |
|
190 | 194 | CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""} |
@@ -203,11 +207,9 MISSING_PACKAGES="" | |||
|
203 | 207 | # Packages installed for c/c++ build environment in chroot (keep empty) |
|
204 | 208 | COMPILER_PACKAGES="" |
|
205 | 209 | |
|
206 | set +x | |
|
207 | ||
|
208 | #Check if apt-cacher-ng has port 3142 open and set APT_PROXY | |
|
209 | APT_CACHER_RUNNING=$(lsof -i :3142 | grep apt-cacher-ng | cut -d ' ' -f3 | uniq) | |
|
210 | if [ -n "${APT_CACHER_RUNNING}" ] ; then | |
|
210 | # Check if apt-cacher-ng has port 3142 open and set APT_PROXY | |
|
211 | APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d') | |
|
212 | if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then | |
|
211 | 213 | APT_PROXY=http://127.0.0.1:3142/ |
|
212 | 214 | fi |
|
213 | 215 | |
@@ -258,7 +260,7 if [ -n "$SET_ARCH" ] ; then | |||
|
258 | 260 | CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-} |
|
259 | 261 | fi |
|
260 | 262 | fi |
|
261 | #SET_ARCH not set | |
|
263 | # SET_ARCH not set | |
|
262 | 264 | else |
|
263 | 265 | echo "error: Please set '32' or '64' as value for SET_ARCH" |
|
264 | 266 | exit 1 |
@@ -298,9 +300,12 esac | |||
|
298 | 300 | # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard |
|
299 | 301 | if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then |
|
300 | 302 | # Include bluetooth packages on supported boards |
|
301 |
if [ "$ENABLE_BLUETOOTH" = true ] |
|
|
303 | if [ "$ENABLE_BLUETOOTH" = true ] ; then | |
|
302 | 304 | APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez" |
|
303 | 305 | fi |
|
306 | if [ "$ENABLE_WIRELESS" = true ] ; then | |
|
307 | APT_INCLUDES="${APT_INCLUDES},wireless-tools,crda,wireless-regdb" | |
|
308 | fi | |
|
304 | 309 | else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard |
|
305 | 310 | # Check if the internal wireless interface is not supported by the RPi model |
|
306 | 311 | if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then |
@@ -345,6 +350,11 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then | |||
|
345 | 350 | REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup" |
|
346 | 351 | APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup" |
|
347 | 352 | |
|
353 | # If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package | |
|
354 | if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then | |
|
355 | APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs" | |
|
356 | fi | |
|
357 | ||
|
348 | 358 | if [ -z "$CRYPTFS_PASSWORD" ] ; then |
|
349 | 359 | echo "error: no password defined (CRYPTFS_PASSWORD)!" |
|
350 | 360 | exit 1 |
@@ -362,14 +372,6 if [ "$ENABLE_UBOOT" = true ] ; then | |||
|
362 | 372 | APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc" |
|
363 | 373 | fi |
|
364 | 374 | |
|
365 | if [ "$ENABLE_BLUETOOTH" = true ] ; then | |
|
366 | if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then | |
|
367 | if [ "$ENABLE_CONSOLE" = false ] ; then | |
|
368 | APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez" | |
|
369 | fi | |
|
370 | fi | |
|
371 | fi | |
|
372 | ||
|
373 | 375 | # Check if root SSH (v2) public key file exists |
|
374 | 376 | if [ -n "$SSH_ROOT_PUB_KEY" ] ; then |
|
375 | 377 | if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant