##// END OF EJS Templates
.
burnbabyburn -
r327:486b4ea08ef2
parent child
Show More
@@ -1,481 +1,481
1 # rpi23-gen-image
1 # rpi23-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.11.y```).
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9
9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
11
11
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux and `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux and `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13
13
14 ## Command-line parameters
14 ## Command-line parameters
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16
16
17 ##### Command-line examples:
17 ##### Command-line examples:
18 ```shell
18 ```shell
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 ```
32 ```
33
33
34 ## Configuration template files
34 ## Configuration template files
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36
36
37 ##### Command-line examples:
37 ##### Command-line examples:
38 ```shell
38 ```shell
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 ```
41 ```
42
42
43 ## Supported parameters and settings
43 ## Supported parameters and settings
44 #### APT settings:
44 #### APT settings:
45 ##### `APT_SERVER`="ftp.debian.org"
45 ##### `APT_SERVER`="ftp.debian.org/debian"
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47
47
48 ##### `APT_PROXY`=""
48 ##### `APT_PROXY`=""
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
50
50
51 ##### `APT_INCLUDES`=""
51 ##### `APT_INCLUDES`=""
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
53
53
54 ##### `APT_INCLUDES_LATE`=""
54 ##### `APT_INCLUDES_LATE`=""
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56
56
57 ---
57 ---
58
58
59 #### General system settings:
59 #### General system settings:
60 ##### `RPI_MODEL`=2
60 ##### `RPI_MODEL`=2
61 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
61 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
62 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
62 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
63 `1` = Used for Pi 1 model A and B
63 `1` = Used for Pi 1 model A and B
64 `1P` = Used for Pi 1 model B+ and A+
64 `1P` = Used for Pi 1 model B+ and A+
65 `2` = Used for Pi 2 model B
65 `2` = Used for Pi 2 model B
66 `3` = Used for Pi 3 model B
66 `3` = Used for Pi 3 model B
67 `3P` = Used for Pi 3 model B+
67 `3P` = Used for Pi 3 model B+
68 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
68 `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
69
69
70 ##### `RELEASE`="buster"
70 ##### `RELEASE`="buster"
71 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
71 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases "stretch" and "buster". `BUILD_KERNEL`=true will automatically be set if the Debian releases `stretch` or `buster` are used.
72
72
73 ##### `RELEASE_ARCH`="armhf"
73 ##### `RELEASE_ARCH`="armhf"
74 Set the desired Debian release architecture.
74 Set the desired Debian release architecture.
75
75
76 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
76 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
77 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
77 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
78
78
79 ##### `PASSWORD`="raspberry"
79 ##### `PASSWORD`="raspberry"
80 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
80 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
81
81
82 ##### `USER_PASSWORD`="raspberry"
82 ##### `USER_PASSWORD`="raspberry"
83 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
83 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
84
84
85 ##### `DEFLOCAL`="en_US.UTF-8"
85 ##### `DEFLOCAL`="en_US.UTF-8"
86 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
86 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
87
87
88 ##### `TIMEZONE`="Europe/Berlin"
88 ##### `TIMEZONE`="Europe/Berlin"
89 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
89 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
90
90
91 ##### `EXPANDROOT`=true
91 ##### `EXPANDROOT`=true
92 Expand the root partition and filesystem automatically on first boot.
92 Expand the root partition and filesystem automatically on first boot.
93
93
94 ##### `ENABLE_QEMU`=false
94 ##### `ENABLE_QEMU`=false
95 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
95 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
96
96
97 ---
97 ---
98
98
99 #### Keyboard settings:
99 #### Keyboard settings:
100 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
100 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
101
101
102 ##### `XKB_MODEL`=""
102 ##### `XKB_MODEL`=""
103 Set the name of the model of your keyboard type.
103 Set the name of the model of your keyboard type.
104
104
105 ##### `XKB_LAYOUT`=""
105 ##### `XKB_LAYOUT`=""
106 Set the supported keyboard layout(s).
106 Set the supported keyboard layout(s).
107
107
108 ##### `XKB_VARIANT`=""
108 ##### `XKB_VARIANT`=""
109 Set the supported variant(s) of the keyboard layout(s).
109 Set the supported variant(s) of the keyboard layout(s).
110
110
111 ##### `XKB_OPTIONS`=""
111 ##### `XKB_OPTIONS`=""
112 Set extra xkb configuration options.
112 Set extra xkb configuration options.
113
113
114 ---
114 ---
115
115
116 #### Networking settings (DHCP):
116 #### Networking settings (DHCP):
117 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
117 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
118
118
119 ##### `ENABLE_DHCP`=true
119 ##### `ENABLE_DHCP`=true
120 Set the system to use DHCP. This requires an DHCP server.
120 Set the system to use DHCP. This requires an DHCP server.
121
121
122 ---
122 ---
123
123
124 #### Networking settings (static):
124 #### Networking settings (static):
125 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
125 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
126
126
127 ##### `NET_ADDRESS`=""
127 ##### `NET_ADDRESS`=""
128 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
128 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
129
129
130 ##### `NET_GATEWAY`=""
130 ##### `NET_GATEWAY`=""
131 Set the IP address for the default gateway.
131 Set the IP address for the default gateway.
132
132
133 ##### `NET_DNS_1`=""
133 ##### `NET_DNS_1`=""
134 Set the IP address for the first DNS server.
134 Set the IP address for the first DNS server.
135
135
136 ##### `NET_DNS_2`=""
136 ##### `NET_DNS_2`=""
137 Set the IP address for the second DNS server.
137 Set the IP address for the second DNS server.
138
138
139 ##### `NET_DNS_DOMAINS`=""
139 ##### `NET_DNS_DOMAINS`=""
140 Set the default DNS search domains to use for non fully qualified host names.
140 Set the default DNS search domains to use for non fully qualified host names.
141
141
142 ##### `NET_NTP_1`=""
142 ##### `NET_NTP_1`=""
143 Set the IP address for the first NTP server.
143 Set the IP address for the first NTP server.
144
144
145 ##### `NET_NTP_2`=""
145 ##### `NET_NTP_2`=""
146 Set the IP address for the second NTP server.
146 Set the IP address for the second NTP server.
147
147
148 ---
148 ---
149
149
150 #### Basic system features:
150 #### Basic system features:
151 ##### `ENABLE_CONSOLE`=true
151 ##### `ENABLE_CONSOLE`=true
152 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
152 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
153
153
154 ##### `ENABLE_I2C`=false
154 ##### `ENABLE_I2C`=false
155 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
155 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
156
156
157 ##### `ENABLE_SPI`=false
157 ##### `ENABLE_SPI`=false
158 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
158 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
159
159
160 ##### `ENABLE_IPV6`=true
160 ##### `ENABLE_IPV6`=true
161 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
161 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
162
162
163 ##### `ENABLE_SSHD`=true
163 ##### `ENABLE_SSHD`=true
164 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
164 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
165
165
166 ##### `ENABLE_NONFREE`=false
166 ##### `ENABLE_NONFREE`=false
167 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
167 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
168
168
169 ##### `ENABLE_WIRELESS`=false
169 ##### `ENABLE_WIRELESS`=false
170 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
170 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
171
171
172 ##### `ENABLE_RSYSLOG`=true
172 ##### `ENABLE_RSYSLOG`=true
173 If set to false, disable and uninstall rsyslog (so logs will be available only
173 If set to false, disable and uninstall rsyslog (so logs will be available only
174 in journal files)
174 in journal files)
175
175
176 ##### `ENABLE_SOUND`=true
176 ##### `ENABLE_SOUND`=true
177 Enable sound hardware and install Advanced Linux Sound Architecture.
177 Enable sound hardware and install Advanced Linux Sound Architecture.
178
178
179 ##### `ENABLE_HWRANDOM`=true
179 ##### `ENABLE_HWRANDOM`=true
180 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
180 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
181
181
182 ##### `ENABLE_MINGPU`=false
182 ##### `ENABLE_MINGPU`=false
183 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
183 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
184
184
185 ##### `ENABLE_DBUS`=true
185 ##### `ENABLE_DBUS`=true
186 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
186 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
187
187
188 ##### `ENABLE_XORG`=false
188 ##### `ENABLE_XORG`=false
189 Install Xorg open-source X Window System.
189 Install Xorg open-source X Window System.
190
190
191 ##### `ENABLE_WM`=""
191 ##### `ENABLE_WM`=""
192 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
192 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
193
193
194 ---
194 ---
195
195
196 #### Advanced system features:
196 #### Advanced system features:
197 ##### `ENABLE_MINBASE`=false
197 ##### `ENABLE_MINBASE`=false
198 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
198 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
199
199
200 ##### `ENABLE_REDUCE`=false
200 ##### `ENABLE_REDUCE`=false
201 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
201 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
202
202
203 ##### `ENABLE_UBOOT`=false
203 ##### `ENABLE_UBOOT`=false
204 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
204 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
205
205
206 ##### `UBOOTSRC_DIR`=""
206 ##### `UBOOTSRC_DIR`=""
207 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
207 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
208
208
209 ##### `ENABLE_FBTURBO`=false
209 ##### `ENABLE_FBTURBO`=false
210 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
210 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
211
211
212 ##### `FBTURBOSRC_DIR`=""
212 ##### `FBTURBOSRC_DIR`=""
213 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
213 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
214
214
215 ##### `ENABLE_IPTABLES`=false
215 ##### `ENABLE_IPTABLES`=false
216 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
216 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
217
217
218 ##### `ENABLE_USER`=true
218 ##### `ENABLE_USER`=true
219 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
219 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
220
220
221 ##### `USER_NAME`=pi
221 ##### `USER_NAME`=pi
222 Non-root user to create. Ignored if `ENABLE_USER`=false
222 Non-root user to create. Ignored if `ENABLE_USER`=false
223
223
224 ##### `ENABLE_ROOT`=false
224 ##### `ENABLE_ROOT`=false
225 Set root user password so root login will be enabled
225 Set root user password so root login will be enabled
226
226
227 ##### `ENABLE_HARDNET`=false
227 ##### `ENABLE_HARDNET`=false
228 Enable IPv4/IPv6 network stack hardening settings.
228 Enable IPv4/IPv6 network stack hardening settings.
229
229
230 ##### `ENABLE_SPLITFS`=false
230 ##### `ENABLE_SPLITFS`=false
231 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
231 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
232
232
233 ##### `CHROOT_SCRIPTS`=""
233 ##### `CHROOT_SCRIPTS`=""
234 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
234 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
235
235
236 ##### `ENABLE_INITRAMFS`=false
236 ##### `ENABLE_INITRAMFS`=false
237 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
237 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
238
238
239 ##### `ENABLE_IFNAMES`=true
239 ##### `ENABLE_IFNAMES`=true
240 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian releases `stretch` or `buster` are used.
240 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names. This parameter is only supported if the Debian releases `stretch` or `buster` are used.
241
241
242 ##### `DISABLE_UNDERVOLT_WARNINGS`=
242 ##### `DISABLE_UNDERVOLT_WARNINGS`=
243 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
243 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
244
244
245 ---
245 ---
246
246
247 #### SSH settings:
247 #### SSH settings:
248 ##### `SSH_ENABLE_ROOT`=false
248 ##### `SSH_ENABLE_ROOT`=false
249 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
249 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
250
250
251 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
251 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
252 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
252 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
253
253
254 ##### `SSH_LIMIT_USERS`=false
254 ##### `SSH_LIMIT_USERS`=false
255 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
255 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
256
256
257 ##### `SSH_ROOT_PUB_KEY`=""
257 ##### `SSH_ROOT_PUB_KEY`=""
258 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
258 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
259
259
260 ##### `SSH_USER_PUB_KEY`=""
260 ##### `SSH_USER_PUB_KEY`=""
261 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
261 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
262
262
263 ---
263 ---
264
264
265 #### Kernel compilation:
265 #### Kernel compilation:
266 ##### `BUILD_KERNEL`=false
266 ##### `BUILD_KERNEL`=false
267 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
267 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used. `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` is used.
268
268
269 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
269 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
270 This sets the cross compile enviornment for the compiler.
270 This sets the cross compile enviornment for the compiler.
271
271
272 ##### `KERNEL_ARCH`="arm"
272 ##### `KERNEL_ARCH`="arm"
273 This sets the kernel architecture for the compiler.
273 This sets the kernel architecture for the compiler.
274
274
275 ##### `KERNEL_IMAGE`="kernel7.img"
275 ##### `KERNEL_IMAGE`="kernel7.img"
276 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
276 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
277
277
278 ##### `KERNEL_BRANCH`=""
278 ##### `KERNEL_BRANCH`=""
279 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
279 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
280
280
281 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
281 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
282 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
282 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
283
283
284 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
284 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
285 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
285 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
286
286
287 ##### `KERNEL_REDUCE`=false
287 ##### `KERNEL_REDUCE`=false
288 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
288 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
289
289
290 ##### `KERNEL_THREADS`=1
290 ##### `KERNEL_THREADS`=1
291 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
291 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
292
292
293 ##### `KERNEL_HEADERS`=true
293 ##### `KERNEL_HEADERS`=true
294 Install kernel headers with built kernel.
294 Install kernel headers with built kernel.
295
295
296 ##### `KERNEL_MENUCONFIG`=false
296 ##### `KERNEL_MENUCONFIG`=false
297 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
297 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
298
298
299 ##### `KERNEL_OLDDEFCONFIG`=false
299 ##### `KERNEL_OLDDEFCONFIG`=false
300 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
300 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
301
301
302 ##### `KERNEL_CCACHE`=false
302 ##### `KERNEL_CCACHE`=false
303 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
303 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
304
304
305 ##### `KERNEL_REMOVESRC`=true
305 ##### `KERNEL_REMOVESRC`=true
306 Remove all kernel sources from the generated OS image after it was built and installed.
306 Remove all kernel sources from the generated OS image after it was built and installed.
307
307
308 ##### `KERNELSRC_DIR`=""
308 ##### `KERNELSRC_DIR`=""
309 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
309 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
310
310
311 ##### `KERNELSRC_CLEAN`=false
311 ##### `KERNELSRC_CLEAN`=false
312 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
312 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
313
313
314 ##### `KERNELSRC_CONFIG`=true
314 ##### `KERNELSRC_CONFIG`=true
315 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
315 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
316
316
317 ##### `KERNELSRC_USRCONFIG`=""
317 ##### `KERNELSRC_USRCONFIG`=""
318 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
318 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
319
319
320 ##### `KERNELSRC_PREBUILT`=false
320 ##### `KERNELSRC_PREBUILT`=false
321 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
321 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
322
322
323 ##### `RPI_FIRMWARE_DIR`=""
323 ##### `RPI_FIRMWARE_DIR`=""
324 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
324 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
325
325
326 ---
326 ---
327
327
328 #### Reduce disk usage:
328 #### Reduce disk usage:
329 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
329 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
330
330
331 ##### `REDUCE_APT`=true
331 ##### `REDUCE_APT`=true
332 Configure APT to use compressed package repository lists and no package caching files.
332 Configure APT to use compressed package repository lists and no package caching files.
333
333
334 ##### `REDUCE_DOC`=true
334 ##### `REDUCE_DOC`=true
335 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
335 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
336
336
337 ##### `REDUCE_MAN`=true
337 ##### `REDUCE_MAN`=true
338 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
338 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
339
339
340 ##### `REDUCE_VIM`=false
340 ##### `REDUCE_VIM`=false
341 Replace `vim-tiny` package by `levee` a tiny vim clone.
341 Replace `vim-tiny` package by `levee` a tiny vim clone.
342
342
343 ##### `REDUCE_BASH`=false
343 ##### `REDUCE_BASH`=false
344 Remove `bash` package and switch to `dash` shell (experimental).
344 Remove `bash` package and switch to `dash` shell (experimental).
345
345
346 ##### `REDUCE_HWDB`=true
346 ##### `REDUCE_HWDB`=true
347 Remove PCI related hwdb files (experimental).
347 Remove PCI related hwdb files (experimental).
348
348
349 ##### `REDUCE_SSHD`=true
349 ##### `REDUCE_SSHD`=true
350 Replace `openssh-server` with `dropbear`.
350 Replace `openssh-server` with `dropbear`.
351
351
352 ##### `REDUCE_LOCALE`=true
352 ##### `REDUCE_LOCALE`=true
353 Remove all `locale` translation files.
353 Remove all `locale` translation files.
354
354
355 ---
355 ---
356
356
357 #### Encrypted root partition:
357 #### Encrypted root partition:
358 ##### `ENABLE_CRYPTFS`=false
358 ##### `ENABLE_CRYPTFS`=false
359 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
359 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
360
360
361 ##### `CRYPTFS_PASSWORD`=""
361 ##### `CRYPTFS_PASSWORD`=""
362 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
362 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
363
363
364 ##### `CRYPTFS_MAPPING`="secure"
364 ##### `CRYPTFS_MAPPING`="secure"
365 Set name of dm-crypt managed device-mapper mapping.
365 Set name of dm-crypt managed device-mapper mapping.
366
366
367 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
367 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
368 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
368 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
369
369
370 ##### `CRYPTFS_XTSKEYSIZE`=512
370 ##### `CRYPTFS_XTSKEYSIZE`=512
371 Sets key size in bits. The argument has to be a multiple of 8.
371 Sets key size in bits. The argument has to be a multiple of 8.
372
372
373 ---
373 ---
374
374
375 #### Build settings:
375 #### Build settings:
376 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
376 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
377 Set a path to a working directory used by the script to generate an image.
377 Set a path to a working directory used by the script to generate an image.
378
378
379 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
379 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
380 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
380 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
381
381
382 ## Understanding the script
382 ## Understanding the script
383 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
383 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
384
384
385 | Script | Description |
385 | Script | Description |
386 | --- | --- |
386 | --- | --- |
387 | `10-bootstrap.sh` | Debootstrap basic system |
387 | `10-bootstrap.sh` | Debootstrap basic system |
388 | `11-apt.sh` | Setup APT repositories |
388 | `11-apt.sh` | Setup APT repositories |
389 | `12-locale.sh` | Setup Locales and keyboard settings |
389 | `12-locale.sh` | Setup Locales and keyboard settings |
390 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
390 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
391 | `14-fstab.sh` | Setup fstab and initramfs |
391 | `14-fstab.sh` | Setup fstab and initramfs |
392 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
392 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
393 | `20-networking.sh` | Setup Networking |
393 | `20-networking.sh` | Setup Networking |
394 | `21-firewall.sh` | Setup Firewall |
394 | `21-firewall.sh` | Setup Firewall |
395 | `30-security.sh` | Setup Users and Security settings |
395 | `30-security.sh` | Setup Users and Security settings |
396 | `31-logging.sh` | Setup Logging |
396 | `31-logging.sh` | Setup Logging |
397 | `32-sshd.sh` | Setup SSH and public keys |
397 | `32-sshd.sh` | Setup SSH and public keys |
398 | `41-uboot.sh` | Build and Setup U-Boot |
398 | `41-uboot.sh` | Build and Setup U-Boot |
399 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
399 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
400 | `50-firstboot.sh` | First boot actions |
400 | `50-firstboot.sh` | First boot actions |
401 | `99-reduce.sh` | Reduce the disk space usage |
401 | `99-reduce.sh` | Reduce the disk space usage |
402
402
403 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
403 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
404
404
405 | Directory | Description |
405 | Directory | Description |
406 | --- | --- |
406 | --- | --- |
407 | `apt` | APT management configuration files |
407 | `apt` | APT management configuration files |
408 | `boot` | Boot and RPi2/3 configuration files |
408 | `boot` | Boot and RPi2/3 configuration files |
409 | `dpkg` | Package Manager configuration |
409 | `dpkg` | Package Manager configuration |
410 | `etc` | Configuration files and rc scripts |
410 | `etc` | Configuration files and rc scripts |
411 | `firstboot` | Scripts that get executed on first boot |
411 | `firstboot` | Scripts that get executed on first boot |
412 | `initramfs` | Initramfs scripts |
412 | `initramfs` | Initramfs scripts |
413 | `iptables` | Firewall configuration files |
413 | `iptables` | Firewall configuration files |
414 | `locales` | Locales configuration |
414 | `locales` | Locales configuration |
415 | `modules` | Kernel Modules configuration |
415 | `modules` | Kernel Modules configuration |
416 | `mount` | Fstab configuration |
416 | `mount` | Fstab configuration |
417 | `network` | Networking configuration files |
417 | `network` | Networking configuration files |
418 | `sysctl.d` | Swapping and Network Hardening configuration |
418 | `sysctl.d` | Swapping and Network Hardening configuration |
419 | `xorg` | fbturbo Xorg driver configuration |
419 | `xorg` | fbturbo Xorg driver configuration |
420
420
421 ## Custom packages and scripts
421 ## Custom packages and scripts
422 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
422 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
423
423
424 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
424 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
425
425
426 ## Logging of the bootstrapping process
426 ## Logging of the bootstrapping process
427 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
427 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
428
428
429 ```shell
429 ```shell
430 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
430 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
431 ```
431 ```
432
432
433 ## Flashing the image file
433 ## Flashing the image file
434 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
434 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
435
435
436 ##### Flashing examples:
436 ##### Flashing examples:
437 ```shell
437 ```shell
438 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie.img /dev/mmcblk0
438 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie.img /dev/mmcblk0
439 dd bs=4M if=./images/jessie/2017-01-23-rpi3-jessie.img of=/dev/mmcblk0
439 dd bs=4M if=./images/jessie/2017-01-23-rpi3-jessie.img of=/dev/mmcblk0
440 ```
440 ```
441 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
441 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
442 ```shell
442 ```shell
443 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
443 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-frmw.img /dev/mmcblk0
444 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
444 bmaptool copy ./images/jessie/2017-01-23-rpi3-jessie-root.img /dev/sdc
445 ```
445 ```
446
446
447 ## QEMU emulation
447 ## QEMU emulation
448 Start QEMU full system emulation:
448 Start QEMU full system emulation:
449 ```shell
449 ```shell
450 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
450 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
451 ```
451 ```
452
452
453 Start QEMU full system emulation and output to console:
453 Start QEMU full system emulation and output to console:
454 ```shell
454 ```shell
455 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
455 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
456 ```
456 ```
457
457
458 Start QEMU full system emulation with SMP and output to console:
458 Start QEMU full system emulation with SMP and output to console:
459 ```shell
459 ```shell
460 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
460 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
461 ```
461 ```
462
462
463 Start QEMU full system emulation with cryptfs, initramfs and output to console:
463 Start QEMU full system emulation with cryptfs, initramfs and output to console:
464 ```shell
464 ```shell
465 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
465 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
466 ```
466 ```
467
467
468 ## Weekly image builds
468 ## Weekly image builds
469 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
469 The image files are provided by JRWR'S I/O PORT and are built once a Sunday at midnight UTC!
470 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
470 * [Debian Stretch Raspberry Pi2/3 Weekly Image Builds](https://jrwr.io/doku.php?id=projects:debianpi)
471
471
472 ## External links and references
472 ## External links and references
473 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
473 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
474 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
474 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
475 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
475 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
476 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
476 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
477 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
477 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
478 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
478 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
479 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
479 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
480 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
480 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
481 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
481 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,48 +1,48
1 #!/bin/bash
1 #!/bin/bash
2 #
2 #
3 # Debootstrap basic system
3 # Debootstrap basic system
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 VARIANT=""
9 VARIANT=""
10 COMPONENTS="main"
10 COMPONENTS="main"
11 EXCLUDES=""
11 EXCLUDES=""
12
12
13 # Use non-free Debian packages if needed
13 # Use non-free Debian packages if needed
14 if [ "$ENABLE_NONFREE" = true ] ; then
14 if [ "$ENABLE_NONFREE" = true ] ; then
15 COMPONENTS="main,non-free,contrib"
15 COMPONENTS="main,non-free,contrib"
16 fi
16 fi
17
17
18 # Use minbase bootstrap variant which only includes essential packages
18 # Use minbase bootstrap variant which only includes essential packages
19 if [ "$ENABLE_MINBASE" = true ] ; then
19 if [ "$ENABLE_MINBASE" = true ] ; then
20 VARIANT="--variant=minbase"
20 VARIANT="--variant=minbase"
21 fi
21 fi
22
22
23 # Exclude packages if required by Debian release
23 # Exclude packages if required by Debian release
24 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
24 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
25 EXCLUDES="--exclude=init,systemd-sysv"
25 EXCLUDES="--exclude=init,systemd-sysv"
26 fi
26 fi
27
27
28 # Base debootstrap (unpack only)
28 # Base debootstrap (unpack only)
29 http_proxy=${APT_PROXY} debootstrap ${EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian"
29 http_proxy=${APT_PROXY} debootstrap ${EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}"
30
30
31 # Copy qemu emulator binary to chroot
31 # Copy qemu emulator binary to chroot
32 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
32 install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}"
33
33
34 # Copy debian-archive-keyring.pgp
34 # Copy debian-archive-keyring.pgp
35 mkdir -p "${R}/usr/share/keyrings"
35 mkdir -p "${R}/usr/share/keyrings"
36 install_readonly /usr/share/keyrings/debian-archive-keyring.gpg "${R}/usr/share/keyrings/debian-archive-keyring.gpg"
36 install_readonly /usr/share/keyrings/debian-archive-keyring.gpg "${R}/usr/share/keyrings/debian-archive-keyring.gpg"
37
37
38 # Complete the bootstrapping process
38 # Complete the bootstrapping process
39 chroot_exec /debootstrap/debootstrap --second-stage
39 chroot_exec /debootstrap/debootstrap --second-stage
40
40
41 # Mount required filesystems
41 # Mount required filesystems
42 mount -t proc none "${R}/proc"
42 mount -t proc none "${R}/proc"
43 mount -t sysfs none "${R}/sys"
43 mount -t sysfs none "${R}/sys"
44
44
45 # Mount pseudo terminal slave if supported by Debian release
45 # Mount pseudo terminal slave if supported by Debian release
46 if [ -d "${R}/dev/pts" ] ; then
46 if [ -d "${R}/dev/pts" ] ; then
47 mount --bind /dev/pts "${R}/dev/pts"
47 mount --bind /dev/pts "${R}/dev/pts"
48 fi
48 fi
@@ -1,260 +1,265
1 #!/bin/bash
1 #!/bin/bash
2 #
2 #
3 # Build and Setup RPi2/3 Kernel
3 # Build and Setup RPi2/3 Kernel
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 # Fetch and build latest raspberry kernel
9 # Fetch and build latest raspberry kernel
10 if [ "$BUILD_KERNEL" = true ] ; then
10 if [ "$BUILD_KERNEL" = true ] ; then
11 # Setup source directory
11 # Setup source directory
12 mkdir -p "${R}/usr/src/linux"
12 mkdir -p "${R}/usr/src/linux"
13
13
14 # Copy existing kernel sources into chroot directory
14 # Copy existing kernel sources into chroot directory
15 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
16 # Copy kernel sources and include hidden files
16 # Copy kernel sources and include hidden files
17 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
17 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
18
18
19 # Clean the kernel sources
19 # Clean the kernel sources
20 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
21 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
22 fi
22 fi
23 else # KERNELSRC_DIR=""
23 else # KERNELSRC_DIR=""
24 # Create temporary directory for kernel sources
24 # Create temporary directory for kernel sources
25 temp_dir=$(as_nobody mktemp -d)
25 temp_dir=$(as_nobody mktemp -d)
26
26
27 # Fetch current RPi2/3 kernel sources
27 # Fetch current RPi2/3 kernel sources
28 if [ -z "${KERNEL_BRANCH}" ] ; then
28 if [ -z "${KERNEL_BRANCH}" ] ; then
29 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
30 else
30 else
31 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
32 fi
32 fi
33
33
34 # Copy downloaded kernel sources
34 # Copy downloaded kernel sources
35 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
35 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
36
36
37 # Remove temporary directory for kernel sources
37 # Remove temporary directory for kernel sources
38 rm -fr "${temp_dir}"
38 rm -fr "${temp_dir}"
39
39
40 # Set permissions of the kernel sources
40 # Set permissions of the kernel sources
41 chown -R root:root "${R}/usr/src"
41 chown -R root:root "${R}/usr/src"
42 fi
42 fi
43
43
44 # Calculate optimal number of kernel building threads
44 # Calculate optimal number of kernel building threads
45 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
46 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
47 fi
47 fi
48
48
49 # Configure and build kernel
49 # Configure and build kernel
50 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 if [ "$KERNELSRC_PREBUILT" = false ] ; then
51 # Remove device, network and filesystem drivers from kernel configuration
51 # Remove device, network and filesystem drivers from kernel configuration
52 if [ "$KERNEL_REDUCE" = true ] ; then
52 if [ "$KERNEL_REDUCE" = true ] ; then
53 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
54 sed -i\
54 sed -i\
55 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
61 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
69 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
70 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
71 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
72 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
77 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
83 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
84 "${KERNEL_DIR}/.config"
84 "${KERNEL_DIR}/.config"
85 fi
85 fi
86
86
87 if [ "$KERNELSRC_CONFIG" = true ] ; then
87 if [ "$KERNELSRC_CONFIG" = true ] ; then
88 # Load default raspberry kernel configuration
88 # Load default raspberry kernel configuration
89 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
89 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
90
90
91 # Set kernel configuration parameters to enable qemu emulation
91 # Set kernel configuration parameters to enable qemu emulation
92 if [ "$ENABLE_QEMU" = true ] ; then
92 if [ "$ENABLE_QEMU" = true ] ; then
93 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
93 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
94 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
94 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
95
95
96 if [ "$ENABLE_CRYPTFS" = true ] ; then
96 if [ "$ENABLE_CRYPTFS" = true ] ; then
97 {
97 {
98 echo "CONFIG_EMBEDDED=y"
98 echo "CONFIG_EMBEDDED=y"
99 echo "CONFIG_EXPERT=y"
99 echo "CONFIG_EXPERT=y"
100 echo "CONFIG_DAX=y"
100 echo "CONFIG_DAX=y"
101 echo "CONFIG_MD=y"
101 echo "CONFIG_MD=y"
102 echo "CONFIG_BLK_DEV_MD=y"
102 echo "CONFIG_BLK_DEV_MD=y"
103 echo "CONFIG_MD_AUTODETECT=y"
103 echo "CONFIG_MD_AUTODETECT=y"
104 echo "CONFIG_BLK_DEV_DM=y"
104 echo "CONFIG_BLK_DEV_DM=y"
105 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
105 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
106 echo "CONFIG_DM_CRYPT=y"
106 echo "CONFIG_DM_CRYPT=y"
107 echo "CONFIG_CRYPTO_BLKCIPHER=y"
107 echo "CONFIG_CRYPTO_BLKCIPHER=y"
108 echo "CONFIG_CRYPTO_CBC=y"
108 echo "CONFIG_CRYPTO_CBC=y"
109 echo "CONFIG_CRYPTO_XTS=y"
109 echo "CONFIG_CRYPTO_XTS=y"
110 echo "CONFIG_CRYPTO_SHA512=y"
110 echo "CONFIG_CRYPTO_SHA512=y"
111 echo "CONFIG_CRYPTO_MANAGER=y"
111 echo "CONFIG_CRYPTO_MANAGER=y"
112 } >> "${KERNEL_DIR}"/.config
112 } >> "${KERNEL_DIR}"/.config
113 fi
113 fi
114 fi
114 fi
115
115
116 # Copy custom kernel configuration file
116 # Copy custom kernel configuration file
117 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
117 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
118 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
118 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
119 fi
119 fi
120
120
121 # Set kernel configuration parameters to their default values
121 # Set kernel configuration parameters to their default values
122 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
122 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
123 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
123 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
124 fi
124 fi
125
125
126 # Start menu-driven kernel configuration (interactive)
126 # Start menu-driven kernel configuration (interactive)
127 if [ "$KERNEL_MENUCONFIG" = true ] ; then
127 if [ "$KERNEL_MENUCONFIG" = true ] ; then
128 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
128 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
129 fi
129 fi
130 fi
130 fi
131
131
132 # Use ccache to cross compile the kernel
132 # Use ccache to cross compile the kernel
133 if [ "$KERNEL_CCACHE" = true ] ; then
133 if [ "$KERNEL_CCACHE" = true ] ; then
134 cc="ccache ${CROSS_COMPILE}gcc"
134 cc="ccache ${CROSS_COMPILE}gcc"
135 else
135 else
136 cc="${CROSS_COMPILE}gcc"
136 cc="${CROSS_COMPILE}gcc"
137 fi
137 fi
138
138
139 # Cross compile kernel and dtbs
139 # Cross compile kernel and dtbs
140 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
140 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
141
141
142 # Cross compile kernel modules
142 # Cross compile kernel modules
143 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
143 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
144 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
144 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
145 fi
145 fi
146 fi
146 fi
147
147
148 # Check if kernel compilation was successful
148 # Check if kernel compilation was successful
149 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
149 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
150 echo "error: kernel compilation failed! (kernel image not found)"
150 echo "error: kernel compilation failed! (kernel image not found)"
151 cleanup
151 cleanup
152 exit 1
152 exit 1
153 fi
153 fi
154
154
155 # Install kernel modules
155 # Install kernel modules
156 if [ "$ENABLE_REDUCE" = true ] ; then
156 if [ "$ENABLE_REDUCE" = true ] ; then
157 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
157 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
158 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
158 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
159 fi
159 fi
160 else
160 else
161 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
161 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
162 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
162 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
163 fi
163 fi
164
164
165 # Install kernel firmware
165 # Install kernel firmware
166 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
166 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
167 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
167 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
168 fi
168 fi
169 fi
169 fi
170
170
171 # Install kernel headers
171 # Install kernel headers
172 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
172 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
173 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
173 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
174 fi
174 fi
175 # make tar.gz kernel package - missing os bzw. modules
176 #** ** ** WARNING ** ** **
177 #Your architecture did not define any architecture-dependent files
178 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
179 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
175
180
176 # Prepare boot (firmware) directory
181 # Prepare boot (firmware) directory
177 mkdir "${BOOT_DIR}"
182 mkdir "${BOOT_DIR}"
178
183
179 # Get kernel release version
184 # Get kernel release version
180 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
185 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
181
186
182 # Copy kernel configuration file to the boot directory
187 # Copy kernel configuration file to the boot directory
183 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
188 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
184
189
185 # Prepare device tree directory
190 # Prepare device tree directory
186 mkdir "${BOOT_DIR}/overlays"
191 mkdir "${BOOT_DIR}/overlays"
187
192
188 # Ensure the proper .dtb is located
193 # Ensure the proper .dtb is located
189 if [ "$KERNEL_ARCH" = "arm" ] ; then
194 if [ "$KERNEL_ARCH" = "arm" ] ; then
190 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
195 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
191 if [ -f "${dtb}" ] ; then
196 if [ -f "${dtb}" ] ; then
192 install_readonly "${dtb}" "${BOOT_DIR}/"
197 install_readonly "${dtb}" "${BOOT_DIR}/"
193 fi
198 fi
194 done
199 done
195 else
200 else
196 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
201 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
197 if [ -f "${dtb}" ] ; then
202 if [ -f "${dtb}" ] ; then
198 install_readonly "${dtb}" "${BOOT_DIR}/"
203 install_readonly "${dtb}" "${BOOT_DIR}/"
199 fi
204 fi
200 done
205 done
201 fi
206 fi
202
207
203 # Copy compiled dtb device tree files
208 # Copy compiled dtb device tree files
204 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
209 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
205 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
210 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
206 if [ -f "${dtb}" ] ; then
211 if [ -f "${dtb}" ] ; then
207 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
212 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
208 fi
213 fi
209 done
214 done
210
215
211 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
216 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
212 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
217 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
213 fi
218 fi
214 fi
219 fi
215
220
216 if [ "$ENABLE_UBOOT" = false ] ; then
221 if [ "$ENABLE_UBOOT" = false ] ; then
217 # Convert and copy kernel image to the boot directory
222 # Convert and copy kernel image to the boot directory
218 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
223 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
219 else
224 else
220 # Copy kernel image to the boot directory
225 # Copy kernel image to the boot directory
221 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
226 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
222 fi
227 fi
223
228
224 # Remove kernel sources
229 # Remove kernel sources
225 if [ "$KERNEL_REMOVESRC" = true ] ; then
230 if [ "$KERNEL_REMOVESRC" = true ] ; then
226 rm -fr "${KERNEL_DIR}"
231 rm -fr "${KERNEL_DIR}"
227 else
232 else
228 # Prepare compiled kernel modules
233 # Prepare compiled kernel modules
229 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
234 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
230 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
235 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
231 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
236 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
232 fi
237 fi
233
238
234 # Create symlinks for kernel modules
239 # Create symlinks for kernel modules
235 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
240 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
236 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
241 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
237 fi
242 fi
238 fi
243 fi
239 elif [ "$BUILD_KERNEL" = false ] ; then
244 elif [ "$BUILD_KERNEL" = false ] ; then
240 echo " Install precompiled kernel..."
245 echo " Install precompiled kernel..."
241 echo "error: not implemented"
246 echo "error: not implemented"
242 # Check if kernel installation was successful
247 # Check if kernel installation was successful
243 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
248 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
244 if [ -z "$VMLINUZ" ] ; then
249 if [ -z "$VMLINUZ" ] ; then
245 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
250 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
246 cleanup
251 cleanup
247 exit 1
252 exit 1
248 fi
253 fi
249 # Copy vmlinuz kernel to the boot directory
254 # Copy vmlinuz kernel to the boot directory
250 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
255 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
251
256
252 if [ "$SET_ARCH" = 64 ] ; then
257 if [ "$SET_ARCH" = 64 ] ; then
253 echo "Using precompiled arm64 kernel"
258 echo "Using precompiled arm64 kernel"
254 else
259 else
255 echo "error: no precompiled arm64 (bcmrpi3) kernel found"
260 echo "error: no precompiled arm64 (bcmrpi3) kernel found"
256 exit 1
261 exit 1
257 # inset precompiled 64 bit kernel code here
262 # inset precompiled 64 bit kernel code here
258 fi
263 fi
259 #fi build_kernel=true
264 #fi build_kernel=true
260 fi
265 fi
@@ -1,61 +1,66
1 #!/bin/bash
1 #!/bin/bash
2 #
2 #
3 # Setup fstab and initramfs
3 # Setup fstab and initramfs
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 # Install and setup fstab
9 # Install and setup fstab
10 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
10 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
11
11
12 if [ "$ENABLE_UBOOTUSB" = true ] ; then
13 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
14 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
15 fi
16
12 # Add usb/sda disk root partition to fstab
17 # Add usb/sda disk root partition to fstab
13 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
18 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
14 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
19 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
15 fi
20 fi
16
21
17 # Add encrypted root partition to fstab and crypttab
22 # Add encrypted root partition to fstab and crypttab
18 if [ "$ENABLE_CRYPTFS" = true ] ; then
23 if [ "$ENABLE_CRYPTFS" = true ] ; then
19 # Replace fstab root partition with encrypted partition mapping
24 # Replace fstab root partition with encrypted partition mapping
20 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
25 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
21
26
22 # Add encrypted partition to crypttab and fstab
27 # Add encrypted partition to crypttab and fstab
23 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
28 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
24 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
29 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab"
25
30
26 if [ "$ENABLE_SPLITFS" = true ] ; then
31 if [ "$ENABLE_SPLITFS" = true ] ; then
27 # Add usb/sda disk to crypttab
32 # Add usb/sda disk to crypttab
28 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
33 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
29 fi
34 fi
30 fi
35 fi
31
36
32 # Generate initramfs file
37 # Generate initramfs file
33 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
38 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
34 if [ "$ENABLE_CRYPTFS" = true ] ; then
39 if [ "$ENABLE_CRYPTFS" = true ] ; then
35 # Include initramfs scripts to auto expand encrypted root partition
40 # Include initramfs scripts to auto expand encrypted root partition
36 if [ "$EXPANDROOT" = true ] ; then
41 if [ "$EXPANDROOT" = true ] ; then
37 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
42 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
38 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
43 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
39 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
44 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
40 fi
45 fi
41
46
42 # Disable SSHD inside initramfs
47 # Disable SSHD inside initramfs
43 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
48 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
44
49
45 # Add cryptsetup modules to initramfs
50 # Add cryptsetup modules to initramfs
46 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
51 printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook"
47
52
48 # Dummy mapping required by mkinitramfs
53 # Dummy mapping required by mkinitramfs
49 echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
54 echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
50
55
51 # Generate initramfs with encrypted root partition support
56 # Generate initramfs with encrypted root partition support
52 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
57 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
53
58
54 # Remove dummy mapping
59 # Remove dummy mapping
55 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
60 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
56 else
61 else
57 # Generate initramfs without encrypted root partition support
62 # Generate initramfs without encrypted root partition support
58 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
63 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
59 fi
64 fi
60 fi
65 fi
61
66
@@ -1,153 +1,161
1 #!/bin/bash
1 #!/bin/bash
2 #
2 #
3 # Setup RPi2/3 config and cmdline
3 # Setup RPi2/3 config and cmdline
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
11 # Install boot binaries from local directory
11 # Install boot binaries from local directory
12 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
15 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
16 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
18 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
19 else
19 else
20 # Create temporary directory for boot binaries
20 # Create temporary directory for boot binaries
21 temp_dir=$(as_nobody mktemp -d)
21 temp_dir=$(as_nobody mktemp -d)
22
22
23 # Install latest boot binaries from raspberry/firmware github
23 # Install latest boot binaries from raspberry/firmware github
24 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
25 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
27 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
28 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
29 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
30 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
31
31
32 # Move downloaded boot binaries
32 # Move downloaded boot binaries
33 mv "${temp_dir}/"* "${BOOT_DIR}/"
33 mv "${temp_dir}/"* "${BOOT_DIR}/"
34
34
35 # Remove temporary directory for boot binaries
35 # Remove temporary directory for boot binaries
36 rm -fr "${temp_dir}"
36 rm -fr "${temp_dir}"
37
37
38 # Set permissions of the boot binaries
38 # Set permissions of the boot binaries
39 chown -R root:root "${BOOT_DIR}"
39 chown -R root:root "${BOOT_DIR}"
40 chmod -R 600 "${BOOT_DIR}"
40 chmod -R 600 "${BOOT_DIR}"
41 fi
41 fi
42 fi
42 fi
43
43
44 # Setup firmware boot cmdline
44 # Setup firmware boot cmdline
45 if [ "$ENABLE_SPLITFS" = true ] ; then
45 if [ "$ENABLE_UBOOTUSB" = true ] ; then
46 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
46 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
47 else
47 else
48 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
48 if [ "$ENABLE_SPLITFS" = true ] ; then
49 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
50 else
51 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
52 fi
49 fi
53 fi
50
54
55
51 # Add encrypted root partition to cmdline.txt
56 # Add encrypted root partition to cmdline.txt
52 if [ "$ENABLE_CRYPTFS" = true ] ; then
57 if [ "$ENABLE_CRYPTFS" = true ] ; then
53 if [ "$ENABLE_SPLITFS" = true ] ; then
58 if [ "$ENABLE_SPLITFS" = true ] ; then
54 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
59 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
55 else
60 else
56 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
61 if [ "$ENABLE_UBOOTUSB" = true ] ; then
62 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
63 else
64 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
57 fi
65 fi
58 fi
66 fi
59
67
60 # Add serial console support
68 # Add serial console support
61 if [ "$ENABLE_CONSOLE" = true ] ; then
69 if [ "$ENABLE_CONSOLE" = true ] ; then
62 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
70 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
63 fi
71 fi
64
72
65 # Remove IPv6 networking support
73 # Remove IPv6 networking support
66 if [ "$ENABLE_IPV6" = false ] ; then
74 if [ "$ENABLE_IPV6" = false ] ; then
67 CMDLINE="${CMDLINE} ipv6.disable=1"
75 CMDLINE="${CMDLINE} ipv6.disable=1"
68 fi
76 fi
69
77
70 # Automatically assign predictable network interface names
78 # Automatically assign predictable network interface names
71 if [ "$ENABLE_IFNAMES" = false ] ; then
79 if [ "$ENABLE_IFNAMES" = false ] ; then
72 CMDLINE="${CMDLINE} net.ifnames=0"
80 CMDLINE="${CMDLINE} net.ifnames=0"
73 else
81 else
74 CMDLINE="${CMDLINE} net.ifnames=1"
82 CMDLINE="${CMDLINE} net.ifnames=1"
75 fi
83 fi
76
84
77 # Set init to systemd if required by Debian release
85 # Set init to systemd if required by Debian release
78 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
86 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
79 CMDLINE="${CMDLINE} init=/bin/systemd"
87 CMDLINE="${CMDLINE} init=/bin/systemd"
80 fi
88 fi
81
89
82 # Install firmware boot cmdline
90 # Install firmware boot cmdline
83 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
91 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
84
92
85 # Install firmware config
93 # Install firmware config
86 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
94 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
87
95
88 # Setup minimal GPU memory allocation size: 16MB (no X)
96 # Setup minimal GPU memory allocation size: 16MB (no X)
89 if [ "$ENABLE_MINGPU" = true ] ; then
97 if [ "$ENABLE_MINGPU" = true ] ; then
90 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
98 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
91 fi
99 fi
92
100
93 # Setup boot with initramfs
101 # Setup boot with initramfs
94 if [ "$ENABLE_INITRAMFS" = true ] ; then
102 if [ "$ENABLE_INITRAMFS" = true ] ; then
95 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
103 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
96 fi
104 fi
97
105
98 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
106 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
99 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
107 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
100 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
108 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
101 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
109 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
102 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
110 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
103 fi
111 fi
104 fi
112 fi
105
113
106 # Create firmware configuration and cmdline symlinks
114 # Create firmware configuration and cmdline symlinks
107 ln -sf firmware/config.txt "${R}/boot/config.txt"
115 ln -sf firmware/config.txt "${R}/boot/config.txt"
108 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
116 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
109
117
110 # Install and setup kernel modules to load at boot
118 # Install and setup kernel modules to load at boot
111 mkdir -p "${R}/lib/modules-load.d/"
119 mkdir -p "${R}/lib/modules-load.d/"
112 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
120 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
113
121
114 # Load hardware random module at boot
122 # Load hardware random module at boot
115 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
123 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
116 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
124 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
117 fi
125 fi
118
126
119 # Load sound module at boot
127 # Load sound module at boot
120 if [ "$ENABLE_SOUND" = true ] ; then
128 if [ "$ENABLE_SOUND" = true ] ; then
121 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
129 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
122 else
130 else
123 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
131 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
124 fi
132 fi
125
133
126 # Enable I2C interface
134 # Enable I2C interface
127 if [ "$ENABLE_I2C" = true ] ; then
135 if [ "$ENABLE_I2C" = true ] ; then
128 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
136 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
129 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${R}/lib/modules-load.d/rpi2.conf"
137 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${R}/lib/modules-load.d/rpi2.conf"
130 sed -i "s/^# i2c-dev/i2c-dev/" "${R}/lib/modules-load.d/rpi2.conf"
138 sed -i "s/^# i2c-dev/i2c-dev/" "${R}/lib/modules-load.d/rpi2.conf"
131 fi
139 fi
132
140
133 # Enable SPI interface
141 # Enable SPI interface
134 if [ "$ENABLE_SPI" = true ] ; then
142 if [ "$ENABLE_SPI" = true ] ; then
135 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
143 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
136 echo "spi-bcm2708" >> "${R}/lib/modules-load.d/rpi2.conf"
144 echo "spi-bcm2708" >> "${R}/lib/modules-load.d/rpi2.conf"
137 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
145 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
138 sed -i "s/spi-bcm2708/spi-bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
146 sed -i "s/spi-bcm2708/spi-bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
139 fi
147 fi
140 fi
148 fi
141
149
142 # Disable RPi2/3 under-voltage warnings
150 # Disable RPi2/3 under-voltage warnings
143 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
151 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
144 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
152 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
145 fi
153 fi
146
154
147 # Install kernel modules blacklist
155 # Install kernel modules blacklist
148 mkdir -p "${ETC_DIR}/modprobe.d/"
156 mkdir -p "${ETC_DIR}/modprobe.d/"
149 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
157 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
150
158
151 # Install sysctl.d configuration files
159 # Install sysctl.d configuration files
152 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
160 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
153
161
@@ -1,102 +1,104
1 #!/bin/bash
1 #!/bin/bash
2 #
2 #
3 # Build and Setup U-Boot
3 # Build and Setup U-Boot
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 # Fetch and build U-Boot bootloader
9 # Fetch and build U-Boot bootloader
10 if [ "$ENABLE_UBOOT" = true ] ; then
10 if [ "$ENABLE_UBOOT" = true ] ; then
11 # Install c/c++ build environment inside the chroot
11 # Install c/c++ build environment inside the chroot
12 chroot_install_cc
12 chroot_install_cc
13
13
14 # Copy existing U-Boot sources into chroot directory
14 # Copy existing U-Boot sources into chroot directory
15 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
15 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
16 # Copy local U-Boot sources
16 # Copy local U-Boot sources
17 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
17 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
18 else
18 else
19 # Create temporary directory for U-Boot sources
19 # Create temporary directory for U-Boot sources
20 temp_dir=$(as_nobody mktemp -d)
20 temp_dir=$(as_nobody mktemp -d)
21
21
22 # Fetch U-Boot sources
22 # Fetch U-Boot sources
23 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
23 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
24
24
25 # Copy downloaded U-Boot sources
25 # Copy downloaded U-Boot sources
26 mv "${temp_dir}/u-boot" "${R}/tmp/"
26 mv "${temp_dir}/u-boot" "${R}/tmp/"
27
27
28 # Set permissions of the U-Boot sources
28 # Set permissions of the U-Boot sources
29 chown -R root:root "${R}/tmp/u-boot"
29 chown -R root:root "${R}/tmp/u-boot"
30
30
31 # Remove temporary directory for U-Boot sources
31 # Remove temporary directory for U-Boot sources
32 rm -fr "${temp_dir}"
32 rm -fr "${temp_dir}"
33 fi
33 fi
34
34
35 # Build and install U-Boot inside chroot
35 # Build and install U-Boot inside chroot
36 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
36 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
37
37
38 # Copy compiled bootloader binary and set config.txt to load it
38 # Copy compiled bootloader binary and set config.txt to load it
39 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
39 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
40 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
40 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
41 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
41 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
42
42
43 # Install and setup U-Boot command file
44 # Set correct KERNEL_IMAGE in mkfile
45 sed -i "s/kernel7.img/$KERNEL_BIN_IMAGE/g" files/boot/uboot.mkimage
46 # Set correct DTB_FILE
47 sed -i "s/bcm2709-rpi-2-b.dtb/$DTB_FILE/g" files/boot/uboot.mkimage
48 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
43 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
49 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
50
45
51 if [ "$ENABLE_INITRAMFS" = true ] ; then
46 if [ "$ENABLE_INITRAMFS" = true ] ; then
52 # Convert generated initramfs for U-Boot using mkimage
47 # Convert generated initramfs for U-Boot using mkimage
53 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
48 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
54
49
55 # Remove original initramfs file
50 # Remove original initramfs file
56 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
51 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
57
52
58 # Configure U-Boot to load generated initramfs
53 # Configure U-Boot to load generated initramfs
59 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
60 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
55
56 fi
61 else # ENABLE_INITRAMFS=false
57 else # ENABLE_INITRAMFS=false
62 # Remove initramfs from U-Boot mkfile
58 # Remove initramfs from U-Boot mkfile
63 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
59 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
64
60
65 if [ "$BUILD_KERNEL" = false ] ; then
61 if [ "$BUILD_KERNEL" = false ] ; then
66 # Remove dtbfile from U-Boot mkfile
62 # Remove dtbfile from U-Boot mkfile
67 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
63 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
68 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
64 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
69 else
65 else
70 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
66 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
71 fi
67 fi
72 fi
68 fi
73
69
74 if [ "$SET_ARCH" = 64 ] ; then
70 if [ "$SET_ARCH" = 64 ] ; then
75 echo "Setting up config.txt to boot 64bit uboot"
71 echo "Setting up config.txt to boot 64bit uboot"
76 printf "\n# Enable CPU 64 bit mode\narm_control=0x200\n" >> "${BOOT_DIR}/config.txt"
72
77 printf "\n# Tell u-boot a 64bit kernel is used\narm_64bit=1\n" >> "${BOOT_DIR}/config.txt"
73 printf "\n# 64bit-mode" >> "${BOOT_DIR}/config.txt"
78 printf "\n# Device tree start addr\ndevice_tree_address=0x100\n" >> "${BOOT_DIR}/config.txt"
74 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md" >> "${BOOT_DIR}/config.txt"
79 printf "\n# Device tree stop adrr\ndevice_tree_end=0x8000\n" >> "${BOOT_DIR}/config.txt"
75 printf "\narm_64bit=1" >> "${BOOT_DIR}/config.txt"
76 sed -i "s|bootz|booti|g" "${BOOT_DIR}/uboot.mkimage"
80 fi
77 fi
81
78
79 if [ "$ENABLE_UBOOTUSB" = true ] ; then
80 sed -i "s|mmc|usb|g" "${BOOT_DIR}/uboot.mkimage"
81 fi
82
83
82 # Set mkfile to use the correct mach id
84 # Set mkfile to use the correct mach id
83 if [ "$ENABLE_QEMU" = true ] ; then
85 if [ "$ENABLE_QEMU" = true ] ; then
84 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
86 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
85 fi
87 fi
86
88
87 # Set mkfile to use the correct dtb file
89 # Set mkfile to use the correct dtb file
88 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
90 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
89
91
90 # Set mkfile to use kernel image
92 # Set mkfile to use kernel image
91 sed "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
93 sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
92
94
93 # Remove all leading blank lines
95 # Remove all leading blank lines
94 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
96 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
95
97
96 # Generate U-Boot bootloader image
98 # Generate U-Boot bootloader image
97 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
99 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
98
100
99 # Remove U-Boot sources
101 # Remove U-Boot sources
100 rm -fr "${R}/tmp/u-boot"
102 rm -fr "${R}/tmp/u-boot"
101 fi
103 fi
102
104
@@ -1,9 +1,8
1 deb http://ftp.debian.org/debian jessie main contrib
1 # Debian packages for testing
2 #deb-src http://ftp.debian.org/debian jessie main contrib
2 deb http://mirror.united-gameserver.de/debian/ testing main contrib non-free
3
3 # Uncomment the deb-src line if you want 'apt-get source'
4 deb http://ftp.debian.org/debian/ jessie-updates main contrib
4 # to work with most packages.
5 #deb-src http://ftp.debian.org/debian/ jessie-updates main contrib
5 deb-src http://mirror.united-gameserver.de/debian/ testing main contrib non-free
6
7 #deb http://security.debian.org/ jessie/updates main contrib
8 #deb-src http://security.debian.org/ jessie/updates main contrib
9
6
7 # Security updates for stable
8 # deb http://security.debian.org/ stable/updates main contrib non-free
@@ -1,15 +1,16
1 # Set device tree fdtfile
1 # Set device tree fdtfile
2 setenv dtbfile bcm2709-rpi-2-b.dtb
2 setenv dtbfile bcm2710-rpi-3-b.dtb
3
3
4 # Tell Linux that it is booting on a Raspberry Pi2/3
4 # Tell Linux that it is booting on a Raspberry Pi2/3
5 setenv machid 0x00000c42
5 setenv machid 0x00000c42
6
6
7 # Save these changes to u-boot's environment
7 # Save these changes to u-boot's environment
8 saveenv
8 saveenv
9
9
10 # Load the existing Linux kernel into RAM
10 # Load the existing Linux kernel into RAM
11 fatload mmc 0:1 ${kernel_addr_r} kernel7.img
11 mmc dev 0
12 fatload mmc 0:1 ${kernel_addr_r} Image
12 fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
13 fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
13 fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
14 fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
14
15
15 # Boot the kernel we have just loaded
16 # Boot the kernel we have just loaded
@@ -1,775 +1,778
1 #!/bin/bash
1 #!/bin/bash
2 ########################################################################
2 ########################################################################
3 # rpi23-gen-image.sh 2015-2017
3 # rpi23-gen-image.sh 2015-2017
4 #
4 #
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
6 #
6 #
7 # This program is free software; you can redistribute it and/or
7 # This program is free software; you can redistribute it and/or
8 # modify it under the terms of the GNU General Public License
8 # modify it under the terms of the GNU General Public License
9 # as published by the Free Software Foundation; either version 2
9 # as published by the Free Software Foundation; either version 2
10 # of the License, or (at your option) any later version.
10 # of the License, or (at your option) any later version.
11 #
11 #
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 #
13 #
14 # Big thanks for patches and enhancements by 20+ github contributors!
14 # Big thanks for patches and enhancements by 20+ github contributors!
15 ########################################################################
15 ########################################################################
16
16
17 # Are we running as root?
17 # Are we running as root?
18 if [ "$(id -u)" -ne "0" ] ; then
18 if [ "$(id -u)" -ne "0" ] ; then
19 echo "error: this script must be executed with root privileges!"
19 echo "error: this script must be executed with root privileges!"
20 exit 1
20 exit 1
21 fi
21 fi
22
22
23 # Check if ./functions.sh script exists
23 # Check if ./functions.sh script exists
24 if [ ! -r "./functions.sh" ] ; then
24 if [ ! -r "./functions.sh" ] ; then
25 echo "error: './functions.sh' required script not found!"
25 echo "error: './functions.sh' required script not found!"
26 exit 1
26 exit 1
27 fi
27 fi
28
28
29 # Load utility functions
29 # Load utility functions
30 . ./functions.sh
30 . ./functions.sh
31
31
32 # Load parameters from configuration template file
32 # Load parameters from configuration template file
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 use_template
34 use_template
35 fi
35 fi
36
36
37 # Introduce settings
37 # Introduce settings
38 set -e
38 set -e
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
40 set -x
40 set -x
41
41
42 # Raspberry Pi model configuration
42 # Raspberry Pi model configuration
43 export RPI_MODEL=${RPI_MODEL:=2}
43 export RPI_MODEL=${RPI_MODEL:=2}
44
44
45 # Debian release
45 # Debian release
46 export RELEASE=${RELEASE:=buster}
46 export RELEASE=${RELEASE:=buster}
47
47
48 #Kernel Branch
48 #Kernel Branch
49 export KERNEL_BRANCH=${KERNEL_BRANCH:=""}
49 export KERNEL_BRANCH=${KERNEL_BRANCH:=""}
50
50
51 # URLs
51 # URLs
52 export KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
52 export KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
53 export FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
53 export FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
54 export WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
54 export WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
55 export FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
55 export FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
56 export UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
56 export UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
57
57
58 # Firmware directory: Blank if download from github
58 # Firmware directory: Blank if download from github
59 export RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
59 export RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
60
60
61 # Build directories
61 # Build directories
62 export BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
62 export BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
63 export BUILDDIR="${BASEDIR}/build"
63 export BUILDDIR="${BASEDIR}/build"
64
64
65 # Prepare date string for default image file name
65 # Prepare date string for default image file name
66 DATE="$(date +%Y-%m-%d)"
66 DATE="$(date +%Y-%m-%d)"
67 if [ -z "$KERNEL_BRANCH" ] ; then
67 if [ -z "$KERNEL_BRANCH" ] ; then
68 export IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
68 export IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
69 else
69 else
70 export IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
70 export IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
71 fi
71 fi
72
72
73 # Chroot directories
73 # Chroot directories
74 export R="${BUILDDIR}/chroot"
74 export R="${BUILDDIR}/chroot"
75 export ETC_DIR="${R}/etc"
75 export ETC_DIR="${R}/etc"
76 export LIB_DIR="${R}/lib"
76 export LIB_DIR="${R}/lib"
77 export BOOT_DIR="${R}/boot/firmware"
77 export BOOT_DIR="${R}/boot/firmware"
78 export KERNEL_DIR="${R}/usr/src/linux"
78 export KERNEL_DIR="${R}/usr/src/linux"
79 export WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
79 export WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
80
80
81 # General settings
81 # General settings
82 export SET_ARCH=${SET_ARCH:=32}
82 export SET_ARCH=${SET_ARCH:=32}
83 export HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
83 export HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
84 export PASSWORD=${PASSWORD:=raspberry}
84 export PASSWORD=${PASSWORD:=raspberry}
85 export USER_PASSWORD=${USER_PASSWORD:=raspberry}
85 export USER_PASSWORD=${USER_PASSWORD:=raspberry}
86 export DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
86 export DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
87 export TIMEZONE=${TIMEZONE:="Europe/Berlin"}
87 export TIMEZONE=${TIMEZONE:="Europe/Berlin"}
88 export EXPANDROOT=${EXPANDROOT:=true}
88 export EXPANDROOT=${EXPANDROOT:=true}
89
89
90 # Keyboard settings
90 # Keyboard settings
91 export XKB_MODEL=${XKB_MODEL:=""}
91 export XKB_MODEL=${XKB_MODEL:=""}
92 export XKB_LAYOUT=${XKB_LAYOUT:=""}
92 export XKB_LAYOUT=${XKB_LAYOUT:=""}
93 export XKB_VARIANT=${XKB_VARIANT:=""}
93 export XKB_VARIANT=${XKB_VARIANT:=""}
94 export XKB_OPTIONS=${XKB_OPTIONS:=""}
94 export XKB_OPTIONS=${XKB_OPTIONS:=""}
95
95
96 # Network settings (DHCP)
96 # Network settings (DHCP)
97 export ENABLE_DHCP=${ENABLE_DHCP:=true}
97 export ENABLE_DHCP=${ENABLE_DHCP:=true}
98
98
99 # Network settings (static)
99 # Network settings (static)
100 export NET_ADDRESS=${NET_ADDRESS:=""}
100 export NET_ADDRESS=${NET_ADDRESS:=""}
101 export NET_GATEWAY=${NET_GATEWAY:=""}
101 export NET_GATEWAY=${NET_GATEWAY:=""}
102 export NET_DNS_1=${NET_DNS_1:=""}
102 export NET_DNS_1=${NET_DNS_1:=""}
103 export NET_DNS_2=${NET_DNS_2:=""}
103 export NET_DNS_2=${NET_DNS_2:=""}
104 export NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
104 export NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
105 export NET_NTP_1=${NET_NTP_1:=""}
105 export NET_NTP_1=${NET_NTP_1:=""}
106 export NET_NTP_2=${NET_NTP_2:=""}
106 export NET_NTP_2=${NET_NTP_2:=""}
107
107
108 # APT settings
108 # APT settings
109 export APT_PROXY=${APT_PROXY:=""}
109 export APT_PROXY=${APT_PROXY:=""}
110 export APT_SERVER=${APT_SERVER:="ftp.debian.org"}
110 export APT_SERVER=${APT_SERVER:="ftp.debian.org"}
111
111
112 # Feature settings
112 # Feature settings
113 export ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
113 export ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
114 export ENABLE_I2C=${ENABLE_I2C:=false}
114 export ENABLE_I2C=${ENABLE_I2C:=false}
115 export ENABLE_SPI=${ENABLE_SPI:=false}
115 export ENABLE_SPI=${ENABLE_SPI:=false}
116 export ENABLE_IPV6=${ENABLE_IPV6:=true}
116 export ENABLE_IPV6=${ENABLE_IPV6:=true}
117 export ENABLE_SSHD=${ENABLE_SSHD:=true}
117 export ENABLE_SSHD=${ENABLE_SSHD:=true}
118 export ENABLE_NONFREE=${ENABLE_NONFREE:=false}
118 export ENABLE_NONFREE=${ENABLE_NONFREE:=false}
119 export ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
119 export ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
120 export ENABLE_SOUND=${ENABLE_SOUND:=true}
120 export ENABLE_SOUND=${ENABLE_SOUND:=true}
121 export ENABLE_DBUS=${ENABLE_DBUS:=true}
121 export ENABLE_DBUS=${ENABLE_DBUS:=true}
122 export ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
122 export ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
123 export ENABLE_MINGPU=${ENABLE_MINGPU:=false}
123 export ENABLE_MINGPU=${ENABLE_MINGPU:=false}
124 export ENABLE_XORG=${ENABLE_XORG:=false}
124 export ENABLE_XORG=${ENABLE_XORG:=false}
125 export ENABLE_WM=${ENABLE_WM:=""}
125 export ENABLE_WM=${ENABLE_WM:=""}
126 export ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
126 export ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
127 export ENABLE_USER=${ENABLE_USER:=true}
127 export ENABLE_USER=${ENABLE_USER:=true}
128 export USER_NAME=${USER_NAME:="pi"}
128 export USER_NAME=${USER_NAME:="pi"}
129 export ENABLE_ROOT=${ENABLE_ROOT:=false}
129 export ENABLE_ROOT=${ENABLE_ROOT:=false}
130 export ENABLE_QEMU=${ENABLE_QEMU:=false}
130 export ENABLE_QEMU=${ENABLE_QEMU:=false}
131
131
132 # SSH settings
132 # SSH settings
133 export SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
133 export SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
134 export SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
134 export SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
135 export SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
135 export SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
136 export SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
136 export SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
137 export SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
137 export SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
138
138
139 # Advanced settings
139 # Advanced settings
140 export ENABLE_MINBASE=${ENABLE_MINBASE:=false}
140 export ENABLE_MINBASE=${ENABLE_MINBASE:=false}
141 export ENABLE_REDUCE=${ENABLE_REDUCE:=false}
141 export ENABLE_REDUCE=${ENABLE_REDUCE:=false}
142 export ENABLE_UBOOT=${ENABLE_UBOOT:=false}
142 export ENABLE_UBOOT=${ENABLE_UBOOT:=false}
143 export UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
143 export UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
144 export ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
144 export ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
145 export FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
145 export FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
146 export export ENABLE_HARDNET=${ENABLE_HARDNET:=false}
146 export export ENABLE_HARDNET=${ENABLE_HARDNET:=false}
147 export ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
147 export ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
148 export ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
148 export ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
149 export ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
149 export ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
150 export ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
150 export ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
151 export DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
151 export DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
152
152
153 # Kernel compilation settings
153 # Kernel compilation settings
154 export BUILD_KERNEL=${BUILD_KERNEL:=true}
154 export BUILD_KERNEL=${BUILD_KERNEL:=true}
155 export KERNEL_REDUCE=${KERNEL_REDUCE:=false}
155 export KERNEL_REDUCE=${KERNEL_REDUCE:=false}
156 export KERNEL_THREADS=${KERNEL_THREADS:=1}
156 export KERNEL_THREADS=${KERNEL_THREADS:=1}
157 export KERNEL_HEADERS=${KERNEL_HEADERS:=true}
157 export KERNEL_HEADERS=${KERNEL_HEADERS:=true}
158 export KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
158 export KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
159 export KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
159 export KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
160 export KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
160 export KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
161 export KERNEL_CCACHE=${KERNEL_CCACHE:=false}
161 export KERNEL_CCACHE=${KERNEL_CCACHE:=false}
162
162
163 # Kernel compilation from source directory settings
163 # Kernel compilation from source directory settings
164 export KERNELSRC_DIR=${KERNELSRC_DIR:=""}
164 export KERNELSRC_DIR=${KERNELSRC_DIR:=""}
165 export KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
165 export KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
166 export KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
166 export KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
167 export KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
167 export KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
168
168
169 # Reduce disk usage settings
169 # Reduce disk usage settings
170 export REDUCE_APT=${REDUCE_APT:=true}
170 export REDUCE_APT=${REDUCE_APT:=true}
171 export REDUCE_DOC=${REDUCE_DOC:=true}
171 export REDUCE_DOC=${REDUCE_DOC:=true}
172 export REDUCE_MAN=${REDUCE_MAN:=true}
172 export REDUCE_MAN=${REDUCE_MAN:=true}
173 export REDUCE_VIM=${REDUCE_VIM:=false}
173 export REDUCE_VIM=${REDUCE_VIM:=false}
174 export REDUCE_BASH=${REDUCE_BASH:=false}
174 export REDUCE_BASH=${REDUCE_BASH:=false}
175 export REDUCE_HWDB=${REDUCE_HWDB:=true}
175 export REDUCE_HWDB=${REDUCE_HWDB:=true}
176 export REDUCE_SSHD=${REDUCE_SSHD:=true}
176 export REDUCE_SSHD=${REDUCE_SSHD:=true}
177 export REDUCE_LOCALE=${REDUCE_LOCALE:=true}
177 export REDUCE_LOCALE=${REDUCE_LOCALE:=true}
178
178
179 # Encrypted filesystem settings
179 # Encrypted filesystem settings
180 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
180 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
181 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
181 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
182 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
182 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
183 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
183 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
184 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
184 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
185
185
186 # Chroot scripts directory
186 # Chroot scripts directory
187 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
187 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
188
188
189 # Packages required in the chroot build environment
189 # Packages required in the chroot build environment
190 export APT_INCLUDES=${APT_INCLUDES:=""}
190 export APT_INCLUDES=${APT_INCLUDES:=""}
191 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup"
191 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup"
192
192
193 # Packages required for bootstrapping
193 # Packages required for bootstrapping
194 export REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
194 export REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
195 export MISSING_PACKAGES=""
195 export MISSING_PACKAGES=""
196
196
197 # Packages installed for c/c++ build environment in chroot (keep empty)
197 # Packages installed for c/c++ build environment in chroot (keep empty)
198 export COMPILER_PACKAGES=""
198 export COMPILER_PACKAGES=""
199
199
200 #autconfigure best apt server to not spam ftp.debian.org
200 #autconfigure best apt server to not spam ftp.debian.org
201 #rm files/apt/sources.list
201 #rm files/apt/sources.list
202 #netselect-apt does not know buster yet
202 #netselect-apt does not know buster yet
203 if [ "$RELEASE" = "buster" ] ; then
203 if [ "$RELEASE" = "buster" ] ; then
204 RLS=testing
204 RLS=testing
205 else
205 else
206 RLS="$RELEASE"
206 RLS="$RELEASE"
207 fi
207 fi
208
208
209 rm "${ETC_DIR}/apt/sources.list"
209 if [ -f "$(pwd)/files/apt/sources.list" ] ; then
210 rm "$(pwd)/files/apt/sources.list"
211 fi
210
212
211 if [ "$ENABLE_NONFREE" = true ] ; then
213 if [ "$ENABLE_NONFREE" = true ] ; then
212 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --nonfree --outfile "${ETC_DIR}/apt/sources.list" -d "$RLS"
214 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --nonfree --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
213 else
215 else
214 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --outfile "${ETC_DIR}/apt/sources.list" -d "$RLS"
216 netselect-apt --arch "$RELEASE_ARCH" --tests 10 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
215 fi
217 fi
216 APT_SERVER=$(grep -m 1 http /etc/apt/sources.list | cut -d ' ' -f 2)
218 APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3)
219 APT_SERVER=${APT_SERVER::-1}
217
220
218 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
221 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
219 if [ -n "$SET_ARCH" ] ; then
222 if [ -n "$SET_ARCH" ] ; then
220 echo "Setting Architecture specific settings"
223 echo "Setting Architecture specific settings"
221 ##################################
224 ##################################
222 # 64 bit config
225 # 64 bit config
223 ##################################
226 ##################################
224 if [ "$SET_ARCH" = 64 ] ; then
227 if [ "$SET_ARCH" = 64 ] ; then
225 echo "64 bit mode selected - Setting up enviroment"
228 echo "64 bit mode selected - Setting up enviroment"
226 # 64 bit depended settings
229 # 64 bit depended settings
227 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
230 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
228 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
231 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
229 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
232 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
230
233
231 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
234 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
232 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
235 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
233 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
236 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
234 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
237 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
235 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
238 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
236 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
239 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
237 else
240 else
238 echo "error: At the moment Raspberry PI 3 and 3B+ are the only Models which support 64bit"
241 echo "error: At the moment Raspberry PI 3 and 3B+ are the only Models which support 64bit"
239 exit 1
242 exit 1
240 fi
243 fi
241 fi
244 fi
242
245
243 ##################################
246 ##################################
244 # 32 bit config
247 # 32 bit config
245 ##################################
248 ##################################
246 if [ "$SET_ARCH" = 32 ] ; then
249 if [ "$SET_ARCH" = 32 ] ; then
247 echo "32 bit mode selected - Setting up enviroment"
250 echo "32 bit mode selected - Setting up enviroment"
248 #General 32bit configuration
251 #General 32bit configuration
249 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
252 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
250 KERNEL_ARCH=${KERNEL_ARCH:=arm}
253 KERNEL_ARCH=${KERNEL_ARCH:=arm}
251 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
254 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
252
255
253 #Raspberry setting grouped by board compability
256 #Raspberry setting grouped by board compability
254 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
257 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
255 echo "Setting settings for bcm2835 Raspberry PI boards"
258 echo "Setting settings for bcm2835 Raspberry PI boards"
256 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
259 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
257 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
260 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
258 RELEASE_ARCH=${RELEASE_ARCH:=armel}
261 RELEASE_ARCH=${RELEASE_ARCH:=armel}
259 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
262 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
260 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
263 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
261 fi
264 fi
262 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
265 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
263 echo "Setting settings for bcm2837 Raspberry PI boards"
266 echo "Setting settings for bcm2837 Raspberry PI boards"
264 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
267 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
265 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
268 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
266 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
269 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
267 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
270 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
268 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
271 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
269 fi
272 fi
270 fi
273 fi
271 #SET_ARCH not set
274 #SET_ARCH not set
272 else
275 else
273 echo "error: Please set '32' or '64' as value for SET_ARCH"
276 echo "error: Please set '32' or '64' as value for SET_ARCH"
274 exit 1
277 exit 1
275 fi
278 fi
276
279
277 #Device specific configuration
280 #Device specific configuration
278 echo "Select DTB-File"
281 echo "Select DTB-File"
279 case "$RPI_MODEL" in
282 case "$RPI_MODEL" in
280 0)
283 0)
281 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
284 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
282 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
285 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
283 ;;
286 ;;
284 1)
287 1)
285 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
288 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
286 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
289 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
287 ;;
290 ;;
288 1P)
291 1P)
289 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
292 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
290 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
293 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
291 ;;
294 ;;
292 2)
295 2)
293 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
296 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
294 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
297 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
295 ;;
298 ;;
296 3)
299 3)
297 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
300 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
298 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
301 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
299 ;;
302 ;;
300 3P)
303 3P)
301 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
304 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
302 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
305 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
303 ;;
306 ;;
304 *)
307 *)
305 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
308 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
306 exit 1
309 exit 1
307 ;;
310 ;;
308 esac
311 esac
309 echo "$DTB_FILE selected"
312 echo "$DTB_FILE selected"
310
313
311 #DEBUG off
314 #DEBUG off
312 set +x
315 set +x
313
316
314 # Check if the internal wireless interface is supported by the RPi model
317 # Check if the internal wireless interface is supported by the RPi model
315 if [ "$ENABLE_WIRELESS" = true ] ; then
318 if [ "$ENABLE_WIRELESS" = true ] ; then
316 if [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ] ; then
319 if [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ] ; then
317 echo "error: The selected Raspberry Pi model has no internal wireless interface"
320 echo "error: The selected Raspberry Pi model has no internal wireless interface"
318 exit 1
321 exit 1
319 else
322 else
320 echo "Raspberry Pi $RPI_MODEL has WIFI support"
323 echo "Raspberry Pi $RPI_MODEL has WIFI support"
321 fi
324 fi
322 fi
325 fi
323
326
324 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
327 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
325 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
328 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
326 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
329 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
327 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
330 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
328 exit 1
331 exit 1
329 fi
332 fi
330 fi
333 fi
331
334
332 # Add libncurses5 to enable kernel menuconfig
335 # Add libncurses5 to enable kernel menuconfig
333 if [ "$KERNEL_MENUCONFIG" = true ] ; then
336 if [ "$KERNEL_MENUCONFIG" = true ] ; then
334 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
337 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
335 fi
338 fi
336
339
337 # Add ccache compiler cache for (faster) kernel cross (re)compilation
340 # Add ccache compiler cache for (faster) kernel cross (re)compilation
338 if [ "$KERNEL_CCACHE" = true ] ; then
341 if [ "$KERNEL_CCACHE" = true ] ; then
339 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
342 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
340 fi
343 fi
341
344
342 # Add cryptsetup package to enable filesystem encryption
345 # Add cryptsetup package to enable filesystem encryption
343 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
346 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
344 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
347 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
345 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
348 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
346
349
347 if [ -z "$CRYPTFS_PASSWORD" ] ; then
350 if [ -z "$CRYPTFS_PASSWORD" ] ; then
348 echo "error: no password defined (CRYPTFS_PASSWORD)!"
351 echo "error: no password defined (CRYPTFS_PASSWORD)!"
349 exit 1
352 exit 1
350 fi
353 fi
351 ENABLE_INITRAMFS=true
354 ENABLE_INITRAMFS=true
352 fi
355 fi
353
356
354 # Add initramfs generation tools
357 # Add initramfs generation tools
355 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
358 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
356 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
359 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
357 fi
360 fi
358
361
359 # Add device-tree-compiler required for building the U-Boot bootloader
362 # Add device-tree-compiler required for building the U-Boot bootloader
360 if [ "$ENABLE_UBOOT" = true ] ; then
363 if [ "$ENABLE_UBOOT" = true ] ; then
361 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
364 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
362 fi
365 fi
363
366
364 # Check if root SSH (v2) public key file exists
367 # Check if root SSH (v2) public key file exists
365 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
368 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
366 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
369 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
367 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
370 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
368 exit 1
371 exit 1
369 fi
372 fi
370 fi
373 fi
371
374
372 # Check if $USER_NAME SSH (v2) public key file exists
375 # Check if $USER_NAME SSH (v2) public key file exists
373 if [ -n "$SSH_USER_PUB_KEY" ] ; then
376 if [ -n "$SSH_USER_PUB_KEY" ] ; then
374 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
377 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
375 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
378 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
376 exit 1
379 exit 1
377 fi
380 fi
378 fi
381 fi
379
382
380 # Check if all required packages are installed on the build system
383 # Check if all required packages are installed on the build system
381 for package in $REQUIRED_PACKAGES ; do
384 for package in $REQUIRED_PACKAGES ; do
382 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
385 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
383 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
386 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
384 fi
387 fi
385 done
388 done
386
389
387 # If there are missing packages ask confirmation for install, or exit
390 # If there are missing packages ask confirmation for install, or exit
388 if [ -n "$MISSING_PACKAGES" ] ; then
391 if [ -n "$MISSING_PACKAGES" ] ; then
389 echo "the following packages needed by this script are not installed:"
392 echo "the following packages needed by this script are not installed:"
390 echo "$MISSING_PACKAGES"
393 echo "$MISSING_PACKAGES"
391
394
392 printf "\ndo you want to install the missing packages right now? [y/n] "
395 printf "\ndo you want to install the missing packages right now? [y/n] "
393 read -r confirm
396 read -r confirm
394 [ "$confirm" != "y" ] && exit 1
397 [ "$confirm" != "y" ] && exit 1
395
398
396 # Make sure all missing required packages are installed
399 # Make sure all missing required packages are installed
397 apt-get -qq -y install "${MISSING_PACKAGES}"
400 apt-get -qq -y install "${MISSING_PACKAGES}"
398 fi
401 fi
399
402
400 # Check if ./bootstrap.d directory exists
403 # Check if ./bootstrap.d directory exists
401 if [ ! -d "./bootstrap.d/" ] ; then
404 if [ ! -d "./bootstrap.d/" ] ; then
402 echo "error: './bootstrap.d' required directory not found!"
405 echo "error: './bootstrap.d' required directory not found!"
403 exit 1
406 exit 1
404 fi
407 fi
405
408
406 # Check if ./files directory exists
409 # Check if ./files directory exists
407 if [ ! -d "./files/" ] ; then
410 if [ ! -d "./files/" ] ; then
408 echo "error: './files' required directory not found!"
411 echo "error: './files' required directory not found!"
409 exit 1
412 exit 1
410 fi
413 fi
411
414
412 # Check if specified KERNELSRC_DIR directory exists
415 # Check if specified KERNELSRC_DIR directory exists
413 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
416 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
414 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
417 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
415 exit 1
418 exit 1
416 fi
419 fi
417
420
418 # Check if specified UBOOTSRC_DIR directory exists
421 # Check if specified UBOOTSRC_DIR directory exists
419 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
422 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
420 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
423 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
421 exit 1
424 exit 1
422 fi
425 fi
423
426
424 # Check if specified FBTURBOSRC_DIR directory exists
427 # Check if specified FBTURBOSRC_DIR directory exists
425 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
428 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
426 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
429 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
427 exit 1
430 exit 1
428 fi
431 fi
429
432
430 # Check if specified CHROOT_SCRIPTS directory exists
433 # Check if specified CHROOT_SCRIPTS directory exists
431 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
434 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
432 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
435 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
433 exit 1
436 exit 1
434 fi
437 fi
435
438
436 # Check if specified device mapping already exists (will be used by cryptsetup)
439 # Check if specified device mapping already exists (will be used by cryptsetup)
437 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
440 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
438 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
441 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
439 exit 1
442 exit 1
440 fi
443 fi
441
444
442 # Don't clobber an old build
445 # Don't clobber an old build
443 if [ -e "$BUILDDIR" ] ; then
446 if [ -e "$BUILDDIR" ] ; then
444 echo "error: directory ${BUILDDIR} already exists, not proceeding"
447 echo "error: directory ${BUILDDIR} already exists, not proceeding"
445 exit 1
448 exit 1
446 fi
449 fi
447
450
448 # Setup chroot directory
451 # Setup chroot directory
449 mkdir -p "${R}"
452 mkdir -p "${R}"
450
453
451 # Check if build directory has enough of free disk space >512MB
454 # Check if build directory has enough of free disk space >512MB
452 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
455 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
453 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
456 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
454 exit 1
457 exit 1
455 fi
458 fi
456
459
457 # Call "cleanup" function on various signals and errors
460 # Call "cleanup" function on various signals and errors
458 trap cleanup 0 1 2 3 6
461 trap cleanup 0 1 2 3 6
459
462
460 # Add required packages for the minbase installation
463 # Add required packages for the minbase installation
461 if [ "$ENABLE_MINBASE" = true ] ; then
464 if [ "$ENABLE_MINBASE" = true ] ; then
462 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
465 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
463 fi
466 fi
464
467
465 # Add parted package, required to get partprobe utility
468 # Add parted package, required to get partprobe utility
466 if [ "$EXPANDROOT" = true ] ; then
469 if [ "$EXPANDROOT" = true ] ; then
467 APT_INCLUDES="${APT_INCLUDES},parted"
470 APT_INCLUDES="${APT_INCLUDES},parted"
468 fi
471 fi
469
472
470 # Add dbus package, recommended if using systemd
473 # Add dbus package, recommended if using systemd
471 if [ "$ENABLE_DBUS" = true ] ; then
474 if [ "$ENABLE_DBUS" = true ] ; then
472 APT_INCLUDES="${APT_INCLUDES},dbus"
475 APT_INCLUDES="${APT_INCLUDES},dbus"
473 fi
476 fi
474
477
475 # Add iptables IPv4/IPv6 package
478 # Add iptables IPv4/IPv6 package
476 if [ "$ENABLE_IPTABLES" = true ] ; then
479 if [ "$ENABLE_IPTABLES" = true ] ; then
477 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
480 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
478 fi
481 fi
479
482
480 # Add openssh server package
483 # Add openssh server package
481 if [ "$ENABLE_SSHD" = true ] ; then
484 if [ "$ENABLE_SSHD" = true ] ; then
482 APT_INCLUDES="${APT_INCLUDES},openssh-server"
485 APT_INCLUDES="${APT_INCLUDES},openssh-server"
483 fi
486 fi
484
487
485 # Add alsa-utils package
488 # Add alsa-utils package
486 if [ "$ENABLE_SOUND" = true ] ; then
489 if [ "$ENABLE_SOUND" = true ] ; then
487 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
490 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
488 fi
491 fi
489
492
490 # Add rng-tools package
493 # Add rng-tools package
491 if [ "$ENABLE_HWRANDOM" = true ] ; then
494 if [ "$ENABLE_HWRANDOM" = true ] ; then
492 APT_INCLUDES="${APT_INCLUDES},rng-tools"
495 APT_INCLUDES="${APT_INCLUDES},rng-tools"
493 fi
496 fi
494
497
495 # Add fbturbo video driver
498 # Add fbturbo video driver
496 if [ "$ENABLE_FBTURBO" = true ] ; then
499 if [ "$ENABLE_FBTURBO" = true ] ; then
497 # Enable xorg package dependencies
500 # Enable xorg package dependencies
498 ENABLE_XORG=true
501 ENABLE_XORG=true
499 fi
502 fi
500
503
501 # Add user defined window manager package
504 # Add user defined window manager package
502 if [ -n "$ENABLE_WM" ] ; then
505 if [ -n "$ENABLE_WM" ] ; then
503 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
506 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
504
507
505 # Enable xorg package dependencies
508 # Enable xorg package dependencies
506 ENABLE_XORG=true
509 ENABLE_XORG=true
507 fi
510 fi
508
511
509 # Add xorg package
512 # Add xorg package
510 if [ "$ENABLE_XORG" = true ] ; then
513 if [ "$ENABLE_XORG" = true ] ; then
511 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
514 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
512 fi
515 fi
513
516
514 # Replace selected packages with smaller clones
517 # Replace selected packages with smaller clones
515 if [ "$ENABLE_REDUCE" = true ] ; then
518 if [ "$ENABLE_REDUCE" = true ] ; then
516 # Add levee package instead of vim-tiny
519 # Add levee package instead of vim-tiny
517 if [ "$REDUCE_VIM" = true ] ; then
520 if [ "$REDUCE_VIM" = true ] ; then
518 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
521 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
519 fi
522 fi
520
523
521 # Add dropbear package instead of openssh-server
524 # Add dropbear package instead of openssh-server
522 if [ "$REDUCE_SSHD" = true ] ; then
525 if [ "$REDUCE_SSHD" = true ] ; then
523 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
526 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
524 fi
527 fi
525 fi
528 fi
526
529
527 # Configure kernel sources if no KERNELSRC_DIR
530 # Configure kernel sources if no KERNELSRC_DIR
528 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
531 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
529 KERNELSRC_CONFIG=true
532 KERNELSRC_CONFIG=true
530 fi
533 fi
531
534
532 # Configure reduced kernel
535 # Configure reduced kernel
533 if [ "$KERNEL_REDUCE" = true ] ; then
536 if [ "$KERNEL_REDUCE" = true ] ; then
534 KERNELSRC_CONFIG=false
537 KERNELSRC_CONFIG=false
535 fi
538 fi
536
539
537 set -x
540 set -x
538
541
539 # Execute bootstrap scripts
542 # Execute bootstrap scripts
540 for SCRIPT in bootstrap.d/*.sh; do
543 for SCRIPT in bootstrap.d/*.sh; do
541 head -n 4 "$SCRIPT"
544 head -n 4 "$SCRIPT"
542 . "$SCRIPT"
545 . "$SCRIPT"
543 done
546 done
544
547
545 ## Execute custom bootstrap scripts
548 ## Execute custom bootstrap scripts
546 if [ -d "custom.d" ] ; then
549 if [ -d "custom.d" ] ; then
547 for SCRIPT in custom.d/*.sh; do
550 for SCRIPT in custom.d/*.sh; do
548 . "$SCRIPT"
551 . "$SCRIPT"
549 done
552 done
550 fi
553 fi
551
554
552 # Execute custom scripts inside the chroot
555 # Execute custom scripts inside the chroot
553 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
556 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
554 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
557 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
555 chroot_exec /bin/bash -x <<'EOF'
558 chroot_exec /bin/bash -x <<'EOF'
556 for SCRIPT in /chroot_scripts/* ; do
559 for SCRIPT in /chroot_scripts/* ; do
557 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
560 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
558 $SCRIPT
561 $SCRIPT
559 fi
562 fi
560 done
563 done
561 EOF
564 EOF
562 rm -rf "${R}/chroot_scripts"
565 rm -rf "${R}/chroot_scripts"
563 fi
566 fi
564
567
565 # Remove c/c++ build environment from the chroot
568 # Remove c/c++ build environment from the chroot
566 chroot_remove_cc
569 chroot_remove_cc
567
570
568 # Generate required machine-id
571 # Generate required machine-id
569 MACHINE_ID=$(dbus-uuidgen)
572 MACHINE_ID=$(dbus-uuidgen)
570 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
573 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
571 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
574 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
572
575
573 # APT Cleanup
576 # APT Cleanup
574 chroot_exec apt-get -y clean
577 chroot_exec apt-get -y clean
575 chroot_exec apt-get -y autoclean
578 chroot_exec apt-get -y autoclean
576 chroot_exec apt-get -y autoremove
579 chroot_exec apt-get -y autoremove
577
580
578 # Unmount mounted filesystems
581 # Unmount mounted filesystems
579 umount -l "${R}/proc"
582 umount -l "${R}/proc"
580 umount -l "${R}/sys"
583 umount -l "${R}/sys"
581
584
582 # Clean up directories
585 # Clean up directories
583 rm -rf "${R}/run/*"
586 rm -rf "${R}/run/*"
584 rm -rf "${R}/tmp/*"
587 rm -rf "${R}/tmp/*"
585
588
586 # Clean up files
589 # Clean up files
587 rm -f "${ETC_DIR}/ssh/ssh_host_*"
590 rm -f "${ETC_DIR}/ssh/ssh_host_*"
588 rm -f "${ETC_DIR}/dropbear/dropbear_*"
591 rm -f "${ETC_DIR}/dropbear/dropbear_*"
589 rm -f "${ETC_DIR}/apt/sources.list.save"
592 rm -f "${ETC_DIR}/apt/sources.list.save"
590 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
593 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
591 rm -f "${ETC_DIR}/*-"
594 rm -f "${ETC_DIR}/*-"
592 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
595 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
593 rm -f "${ETC_DIR}/resolv.conf"
596 rm -f "${ETC_DIR}/resolv.conf"
594 rm -f "${R}/root/.bash_history"
597 rm -f "${R}/root/.bash_history"
595 rm -f "${R}/var/lib/urandom/random-seed"
598 rm -f "${R}/var/lib/urandom/random-seed"
596 rm -f "${R}/initrd.img"
599 rm -f "${R}/initrd.img"
597 rm -f "${R}/vmlinuz"
600 rm -f "${R}/vmlinuz"
598 rm -f "${R}${QEMU_BINARY}"
601 rm -f "${R}${QEMU_BINARY}"
599
602
600 if [ "$ENABLE_QEMU" = true ] ; then
603 if [ "$ENABLE_QEMU" = true ] ; then
601 # Configure qemu compatible kernel
604 # Configure qemu compatible kernel
602 DTB_FILE=vexpress-v2p-ca15_a7.dtb
605 DTB_FILE=vexpress-v2p-ca15_a7.dtb
603 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
606 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
604 KERNEL_DEFCONFIG="vexpress_defconfig"
607 KERNEL_DEFCONFIG="vexpress_defconfig"
605 if [ "$KERNEL_MENUCONFIG" = false ] ; then
608 if [ "$KERNEL_MENUCONFIG" = false ] ; then
606 KERNEL_OLDDEFCONFIG=true
609 KERNEL_OLDDEFCONFIG=true
607 fi
610 fi
608
611
609 # Setup QEMU directory
612 # Setup QEMU directory
610 mkdir "${BASEDIR}/qemu"
613 mkdir "${BASEDIR}/qemu"
611
614
612 # Copy kernel image to QEMU directory
615 # Copy kernel image to QEMU directory
613 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
616 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
614
617
615 # Copy kernel config to QEMU directory
618 # Copy kernel config to QEMU directory
616 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
619 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
617
620
618 # Copy kernel dtbs to QEMU directory
621 # Copy kernel dtbs to QEMU directory
619 for dtb in "${BOOT_DIR}/"*.dtb ; do
622 for dtb in "${BOOT_DIR}/"*.dtb ; do
620 if [ -f "${dtb}" ] ; then
623 if [ -f "${dtb}" ] ; then
621 install_readonly "${dtb}" "${BASEDIR}/qemu/"
624 install_readonly "${dtb}" "${BASEDIR}/qemu/"
622 fi
625 fi
623 done
626 done
624
627
625 # Copy kernel overlays to QEMU directory
628 # Copy kernel overlays to QEMU directory
626 if [ -d "${BOOT_DIR}/overlays" ] ; then
629 if [ -d "${BOOT_DIR}/overlays" ] ; then
627 # Setup overlays dtbs directory
630 # Setup overlays dtbs directory
628 mkdir "${BASEDIR}/qemu/overlays"
631 mkdir "${BASEDIR}/qemu/overlays"
629
632
630 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
633 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
631 if [ -f "${dtb}" ] ; then
634 if [ -f "${dtb}" ] ; then
632 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
635 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
633 fi
636 fi
634 done
637 done
635 fi
638 fi
636
639
637 # Copy u-boot files to QEMU directory
640 # Copy u-boot files to QEMU directory
638 if [ "$ENABLE_UBOOT" = true ] ; then
641 if [ "$ENABLE_UBOOT" = true ] ; then
639 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
642 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
640 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
643 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
641 fi
644 fi
642 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
645 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
643 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
646 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
644 fi
647 fi
645 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
648 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
646 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
649 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
647 fi
650 fi
648 fi
651 fi
649
652
650 # Copy initramfs to QEMU directory
653 # Copy initramfs to QEMU directory
651 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
654 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
652 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
655 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
653 fi
656 fi
654 fi
657 fi
655
658
656 # Calculate size of the chroot directory in KB
659 # Calculate size of the chroot directory in KB
657 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
660 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
658
661
659 # Calculate the amount of needed 512 Byte sectors
662 # Calculate the amount of needed 512 Byte sectors
660 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
663 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
661 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
664 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
662 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
665 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
663
666
664 # The root partition is EXT4
667 # The root partition is EXT4
665 # This means more space than the actual used space of the chroot is used.
668 # This means more space than the actual used space of the chroot is used.
666 # As overhead for journaling and reserved blocks 35% are added.
669 # As overhead for journaling and reserved blocks 35% are added.
667 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
670 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
668
671
669 # Calculate required image size in 512 Byte sectors
672 # Calculate required image size in 512 Byte sectors
670 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
673 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
671
674
672 # Prepare image file
675 # Prepare image file
673 if [ "$ENABLE_SPLITFS" = true ] ; then
676 if [ "$ENABLE_SPLITFS" = true ] ; then
674 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
677 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
675 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
678 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
676 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
679 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
677 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
680 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
678
681
679 # Write firmware/boot partition tables
682 # Write firmware/boot partition tables
680 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
683 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
681 "${TABLE_SECTORS}","${FRMW_SECTORS}",c,*
684 "${TABLE_SECTORS}","${FRMW_SECTORS}",c,*
682 EOM
685 EOM
683
686
684 # Write root partition table
687 # Write root partition table
685 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
688 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
686 "${TABLE_SECTORS}","${ROOT_SECTORS}",83
689 "${TABLE_SECTORS}","${ROOT_SECTORS}",83
687 EOM
690 EOM
688
691
689 # Setup temporary loop devices
692 # Setup temporary loop devices
690 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
693 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
691 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
694 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
692 else # ENABLE_SPLITFS=false
695 else # ENABLE_SPLITFS=false
693 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
696 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
694 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
697 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
695
698
696 # Write partition table
699 # Write partition table
697 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
700 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
698 "${TABLE_SECTORS}","${FRMW_SECTORS}",c,*
701 "${TABLE_SECTORS}","${FRMW_SECTORS}",c,*
699 "${ROOT_OFFSET}","${ROOT_SECTORS}",83
702 "${ROOT_OFFSET}","${ROOT_SECTORS}",83
700 EOM
703 EOM
701
704
702 # Setup temporary loop devices
705 # Setup temporary loop devices
703 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
706 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
704 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
707 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
705 fi
708 fi
706
709
707 if [ "$ENABLE_CRYPTFS" = true ] ; then
710 if [ "$ENABLE_CRYPTFS" = true ] ; then
708 # Create dummy ext4 fs
711 # Create dummy ext4 fs
709 mkfs.ext4 "$ROOT_LOOP"
712 mkfs.ext4 "$ROOT_LOOP"
710
713
711 # Setup password keyfile
714 # Setup password keyfile
712 touch .password
715 touch .password
713 chmod 600 .password
716 chmod 600 .password
714 echo -n "${CRYPTFS_PASSWORD}" > .password
717 echo -n "${CRYPTFS_PASSWORD}" > .password
715
718
716 # Initialize encrypted partition
719 # Initialize encrypted partition
717 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
720 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
718
721
719 # Open encrypted partition and setup mapping
722 # Open encrypted partition and setup mapping
720 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
723 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
721
724
722 # Secure delete password keyfile
725 # Secure delete password keyfile
723 shred -zu .password
726 shred -zu .password
724
727
725 # Update temporary loop device
728 # Update temporary loop device
726 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
729 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
727
730
728 # Wipe encrypted partition (encryption cipher is used for randomness)
731 # Wipe encrypted partition (encryption cipher is used for randomness)
729 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
732 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
730 fi
733 fi
731
734
732 # Build filesystems
735 # Build filesystems
733 mkfs.vfat "$FRMW_LOOP"
736 mkfs.vfat "$FRMW_LOOP"
734 mkfs.ext4 "$ROOT_LOOP"
737 mkfs.ext4 "$ROOT_LOOP"
735
738
736 # Mount the temporary loop devices
739 # Mount the temporary loop devices
737 mkdir -p "$BUILDDIR/mount"
740 mkdir -p "$BUILDDIR/mount"
738 mount "$ROOT_LOOP" "$BUILDDIR/mount"
741 mount "$ROOT_LOOP" "$BUILDDIR/mount"
739
742
740 mkdir -p "$BUILDDIR/mount/boot/firmware"
743 mkdir -p "$BUILDDIR/mount/boot/firmware"
741 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
744 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
742
745
743 # Copy all files from the chroot to the loop device mount point directory
746 # Copy all files from the chroot to the loop device mount point directory
744 rsync -a "${R}/" "$BUILDDIR/mount/"
747 rsync -a "${R}/" "$BUILDDIR/mount/"
745
748
746 # Unmount all temporary loop devices and mount points
749 # Unmount all temporary loop devices and mount points
747 cleanup
750 cleanup
748
751
749 # Create block map file(s) of image(s)
752 # Create block map file(s) of image(s)
750 if [ "$ENABLE_SPLITFS" = true ] ; then
753 if [ "$ENABLE_SPLITFS" = true ] ; then
751 # Create block map files for "bmaptool"
754 # Create block map files for "bmaptool"
752 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
755 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
753 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
756 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
754
757
755 # Image was successfully created
758 # Image was successfully created
756 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
759 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
757 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
760 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
758 else
761 else
759 # Create block map file for "bmaptool"
762 # Create block map file for "bmaptool"
760 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
763 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
761
764
762 # Image was successfully created
765 # Image was successfully created
763 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
766 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
764
767
765 # Create qemu qcow2 image
768 # Create qemu qcow2 image
766 if [ "$ENABLE_QEMU" = true ] ; then
769 if [ "$ENABLE_QEMU" = true ] ; then
767 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
770 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
768 QEMU_SIZE=16G
771 QEMU_SIZE=16G
769
772
770 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
773 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
771 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
774 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
772
775
773 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
776 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
774 fi
777 fi
775 fi
778 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant