##// END OF EJS Templates
spliting more files, fix-uboot, fix-fbturbo, fix-locale
Jan Wagner -
r67:4aa8ac698568
parent child
Show More
@@ -0,0 +1,1
1 Acquire::http:Proxy "";
@@ -0,0 +1,3
1 Package: flash-kernel
2 Pin: origin repositories.collabora.co.uk
3 Pin-Priority: 1000
@@ -0,0 +1,10
1 deb http://ftp.debian.org/debian jessie main contrib
2 #deb-src http://ftp.debian.org/debian jessie main contrib
3
4 deb http://ftp.debian.org/debian/ jessie-updates main contrib
5 #deb-src http://ftp.debian.org/debian/ jessie-updates main contrib
6
7 deb http://security.debian.org/ jessie/updates main contrib
8 #deb-src http://security.debian.org/ jessie/updates main contrib
9
10 deb https://repositories.collabora.co.uk/debian jessie rpi2
@@ -0,0 +1,11
1 # Tell Linux that it is booting on a Raspberry Pi2
2 setenv machid 0x00000c42
3
4 # Save these changes to u-boot's environment
5 saveenv
6
7 # Load the existing Linux kernel into RAM
8 fatload mmc 0:1 ${kernel_addr_r} kernel7.img
9
10 # Boot the kernel we have just loaded
11 bootz ${kernel_addr_r}
@@ -0,0 +1,3
1 # File generated by rpi2-gen-image
2 LANG=C
3 LC_ALL=C
@@ -0,0 +1,5
1 [Match]
2 Name=eth0
3
4 [Network]
5 DHCP=yes
@@ -0,0 +1,1
1 rpi2-jessie
@@ -0,0 +1,2
1 127.0.0.1 localhost
2 127.0.1.1 rpi2-jessie
@@ -0,0 +1,2
1 # Debian switched to systemd-networkd configuration files.
2 # please configure your networks in '/etc/systemd/network/'
@@ -0,0 +1,6
1 Section "Device"
2 Identifier "Allwinner A10/A13 FBDEV"
3 Driver "fbturbo"
4 Option "fbdev" "/dev/fb0"
5 Option "SwapbuffersWait" "true"
6 EndSection
@@ -1,206 +1,214
1 1 # rpi2-gen-image
2 2 ## Introduction
3 3 `rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time only supports the bootstrapping of the current stable Debian 8 "jessie" release.
4 4
5 5 ## Build dependencies
6 6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7 7
8 8 ```debootstrap debian-archive-keyring qemu-user-static dosfstools rsync bmap-tools whois git-core```
9 9
10 10 ## Command-line parameters
11 11 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script.
12 12
13 13 #####Command-line examples:
14 14 ```shell
15 15 ENABLE_UBOOT=true ./rpi2-gen-image.sh
16 16 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh
17 17 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh
18 18 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh
19 19 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh
20 20 ENABLE_MINBASE=true ./rpi2-gen-image.sh
21 ```
21 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi2-gen-image.sh
22 ```
22 23
23 24 #### APT settings:
24 25 ##### `APT_SERVER`="ftp.debian.org"
25 26 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
26 27
27 28 ##### `APT_PROXY`=""
28 29 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
29 30
30 31 ##### `APT_INCLUDES`=""
31 32 A comma seperated list of additional packages to be installed during bootstrapping.
32 33
33 34 #### General system settings:
34 35 ##### `HOSTNAME`="rpi2-jessie"
35 36 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
36 37
37 38 ##### `PASSWORD`="raspberry"
38 39 Set system `root` password. The same password is used for the created user `pi`. It's **STRONGLY** recommended that you choose a custom password.
39 40
40 41 ##### `DEFLOCAL`="en_US.UTF-8"
41 42 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. The script variant `minbase` (ENABLE_MINBASE=true) doesn't install `locales`.
42 43
43 44 ##### `TIMEZONE`="Europe/Berlin"
44 45 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
45 46
46 47 ##### `EXPANDROOT`=true
47 48 Expand the root partition and filesystem automatically on first boot.
48 49
49 50 #### Keyboard settings:
50 51 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
51 52
52 ##### `XKBMODEL`=""
53 ##### `XKB_MODEL`=""
53 54 Set the name of the model of your keyboard type.
54 55
55 ##### `XKBLAYOUT`=""
56 ##### `XKB_LAYOUT`=""
56 57 Set the supported keyboard layout(s).
57 58
58 ##### `XKBVARIANT`=""
59 ##### `XKB_VARIANT`=""
59 60 Set the supported variant(s) of the keyboard layout(s).
60 61
61 ##### `XKBOPTIONS`=""
62 ##### `XKB_OPTIONS`=""
62 63 Set extra xkb configuration options.
63 64
64 #### Networking settings (DHCP)
65 #### Networking settings (DHCP):
65 66 This setting is used to set up networking auto configuration in `/etc/systemd/network/eth.network`.
66 67
67 68 #####`ENABLE_DHCP`=true
68 69 Set the system to use DHCP. This requires an DHCP server.
69 70
70 #### Networking settings (static)
71 #### Networking settings (static):
71 72 These settings are used to set up a static networking configuration in /etc/systemd/network/eth.network. The following static networking settings are only supported if `ENABLE_DHCP` was set to `false`.
72 73
73 74 #####`NET_ADDRESS`=""
74 75 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
75 76
76 77 #####`NET_GATEWAY`=""
77 78 Set the IP address for the default gateway.
78 79
79 80 #####`NET_DNS_1`=""
80 81 Set the IP address for the first DNS server.
81 82
82 83 #####`NET_DNS_2`=""
83 84 Set the IP address for the second DNS server.
84 85
85 86 #####`NET_DNS_DOMAINS`=""
86 87 Set the default DNS search domains to use for non fully qualified host names.
87 88
88 89 #####`NET_NTP_1`=""
89 90 Set the IP address for the first NTP server.
90 91
91 92 #####`NET_NTP_2`=""
92 93 Set the IP address for the second NTP server.
93 94
94 95 #### Basic system features:
95 96 ##### `ENABLE_CONSOLE`=true
96 97 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
97 98
98 99 ##### `ENABLE_IPV6`=true
99 100 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
100 101
101 102 ##### `ENABLE_SSHD`=true
102 103 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
103 104
104 105 ##### `ENABLE_RSYSLOG`=true
105 106 If set to false, disable and uninstall rsyslog (so logs will be available only
106 107 in journal files)
107 108
108 109 ##### `ENABLE_SOUND`=true
109 110 Enable sound hardware and install Advanced Linux Sound Architecture.
110 111
111 112 ##### `ENABLE_HWRANDOM`=true
112 113 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
113 114
114 115 ##### `ENABLE_MINGPU`=false
115 116 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
116 117
117 118 ##### `ENABLE_DBUS`=true
118 119 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
119 120
120 121 ##### `ENABLE_XORG`=false
121 122 Install Xorg open-source X Window System.
122 123
123 124 ##### `ENABLE_WM`=""
124 125 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
125 126
126 127 #### Advanced system features:
127 128 ##### `ENABLE_MINBASE`=false
128 129 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
129 130
130 131 ##### `ENABLE_UBOOT`=false
131 132 Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol.
132 133
133 134 ##### `ENABLE_FBTURBO`=false
134 135 Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
135 136
136 137 ##### `ENABLE_IPTABLES`=false
137 138 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
138 139
139 140 ##### `ENABLE_USER`=true
140 141 Create pi user with password raspberry
141 142
142 143 ##### `ENABLE_ROOT`=true
143 144 Set root user password so root login will be enabled
144 145
145 146 ##### `ENABLE_ROOT_SSH`=true
146 147 Enable password root login via SSH. May be a security risk with default
147 148 password, use only in trusted environments.
148 149
149 150 ##### `ENABLE_HARDNET`=false
150 151 Enable IPv4/IPv6 network stack hardening settings.
151 152
152 153 ##### `CHROOT_SCRIPTS`=""
153 154 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
154 155
155 156 #### Kernel compilation:
156 157 ##### `BUILD_KERNEL`=false
157 158 Build and install the latest RPi2 linux kernel. Currently only the default RPi2 kernel configuration is used. Detailed configuration parameters for customizing the kernel and minor bug fixes still need to get implemented. feel free to help.
158 159
160 ##### `KERNEL_THREADS`=1
161 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
162
159 163 ##### `KERNEL_HEADERS`=true
160 If true, also install kernel headers with built kernel.
164 Install kernel headers with built kernel.
165
166 ##### `KERNEL_RMSRC`=true
167 Remove all kernel sources from the generated OS image after building.
161 168
162 169 ## Understanding the script
163 170 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
164 171
165 172 | Script | Description |
166 173 | --- | --- |
167 174 | `10-bootstrap.sh` | Debootstrap basic system |
168 175 | `11-apt.sh` | Setup APT repositories |
169 176 | `12-locale.sh` | Setup Locales and keyboard settings |
170 177 | `13-kernel.sh` | Build and install RPi2 Kernel |
171 178 | `20-networking.sh` | Setup Networking |
172 | `21-firewall.sh` | Setup iptables Firewall |
173 | `30-security.sh` | Setup users and security settings |
174 | `31-logging.sh` | Setup logging |
179 | `21-firewall.sh` | Setup Firewall |
180 | `30-security.sh` | Setup Users and Security settings |
181 | `31-logging.sh` | Setup Logging |
175 182 | `41-uboot.sh` | Build and Setup Uboot |
176 | `42-fbturbo.sh` | Buld and Setup fbturbo Xorg driver |
183 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
177 184 | `50-firstboot.sh` | First boot actions |
178 185
179 186 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
180 187
181 188 | Directory | Description |
182 189 | --- | --- |
183 190 | `boot` | Boot and RPi2 configuration files |
184 191 | `firstboot` | Scripts that get executed on first boot |
185 192 | `iptables` | Firewall configuration files |
193 | `locales` | Locales configuration |
186 194 | `modprobe.d` | Kernel Module Blacklist configuration |
187 195 | `mount` | Fstab configuration |
188 196 | `network` | Networking configuration files |
189 197 | `sysctl.d` | Swapping and Network Hardening configuration |
190 198 | `xorg` | fbturbo Xorg driver configuration |
191 199
192 200 ## Logging of the bootstrapping process
193 201 All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
194 202
195 203 ```shell
196 204 script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log
197 205 ```
198 206
199 207 ## Flashing the image file
200 208 After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
201 209
202 210 #####Flashing examples:
203 211 ```shell
204 212 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
205 213 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
206 214 ```
@@ -1,27 +1,28
1 1 #
2 2 # Debootstrap basic system
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Base debootstrap (unpack only)
8 9 if [ "$ENABLE_MINBASE" = true ] ; then
9 10 http_proxy=${APT_PROXY} debootstrap --arch=armhf --variant=minbase --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
10 11 else
11 12 http_proxy=${APT_PROXY} debootstrap --arch=armhf --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
12 13 fi
13 14
14 15 # Copy qemu emulator binary to chroot
15 16 cp /usr/bin/qemu-arm-static $R/usr/bin
16 17
17 18 # Copy debian-archive-keyring.pgp
18 19 mkdir -p $R/usr/share/keyrings
19 20 cp /usr/share/keyrings/debian-archive-keyring.gpg $R/usr/share/keyrings/debian-archive-keyring.gpg
20 21
21 22 # Complete the bootstrapping process
22 23 chroot_exec /debootstrap/debootstrap --second-stage
23 24
24 25 # Mount required filesystems
25 26 mount -t proc none $R/proc
26 27 mount -t sysfs none $R/sys
27 28 mount --bind /dev/pts $R/dev/pts
@@ -1,40 +1,29
1 1 #
2 2 # Setup APT repositories
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Use proxy inside chroot
8 9 if [ -z "$APT_PROXY" ] ; then
9 echo "Acquire::http::Proxy \"$APT_PROXY\";" >> $R/etc/apt/apt.conf.d/10proxy
10 install_readonly files/apt/10proxy $R/etc/apt/apt.conf.d/10proxy
11 sed -i -e "s/\"\"/\"${APT_PROXY}\"/" $R/etc/apt/apt.conf.d/10proxy
10 12 fi
11 13
12 14 # Pin package flash-kernel to repositories.collabora.co.uk
13 cat <<EOM >$R/etc/apt/preferences.d/flash-kernel
14 Package: flash-kernel
15 Pin: origin repositories.collabora.co.uk
16 Pin-Priority: 1000
17 EOM
15 install_readonly files/apt/flash-kernel $R/etc/apt/preferences.d/flash-kernel
18 16
19 17 # Upgrade collabora package index and install collabora keyring
20 18 echo "deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2" >$R/etc/apt/sources.list
21 19 chroot_exec apt-get -qq -y update
22 20 chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring
23 21
24 22 # Set up initial sources.list
25 cat <<EOM >$R/etc/apt/sources.list
26 deb http://${APT_SERVER}/debian ${RELEASE} main contrib
27 #deb-src http://${APT_SERVER}/debian ${RELEASE} main contrib
28
29 deb http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
30 #deb-src http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
31
32 deb http://security.debian.org/ ${RELEASE}/updates main contrib
33 #deb-src http://security.debian.org/ ${RELEASE}/updates main contrib
34
35 deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2
36 EOM
23 install_readonly files/apt/sources.list $R/etc/apt/sources.list
24 sed -i -e "s/\/ftp.debian.org\//\/${APT_SERVER}\//" $R/etc/apt/sources.list
25 sed -i -e "s/ jessie/ ${RELEASE}/" $R/etc/apt/sources.list
37 26
38 27 # Upgrade package index and update all installed packages and changed dependencies
39 28 chroot_exec apt-get -qq -y update
40 29 chroot_exec apt-get -qq -y -u dist-upgrade
@@ -1,52 +1,58
1 1 #
2 # Setup locales and keyboard settings
2 # Setup Locales and keyboard settings
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Set up timezone
8 9 echo ${TIMEZONE} >$R/etc/timezone
9 10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
10 11
11 12 # Set up default locale and keyboard configuration
12 13 if [ "$ENABLE_MINBASE" = false ] ; then
13 14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
14 15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
15 16 # ... so we have to set locales manually
16 17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
17 18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
18 19 else
19 20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
20 21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
21 22 chroot_exec sed -i "/en_US.UTF-8/s/^#//" /etc/locale.gen
22 23 fi
24
23 25 chroot_exec sed -i "/${DEFLOCAL}/s/^#//" /etc/locale.gen
24 26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
25 27 chroot_exec locale-gen
26 28 chroot_exec update-locale LANG=${DEFLOCAL}
27 29
28 30 # Keyboard configuration, if requested
29 if [ "$XKBMODEL" != "" ] ; then
30 chroot_exec sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKBMODEL}\"/" /etc/default/keyboard
31 if [ "$XKB_MODEL" != "" ] ; then
32 chroot_exec sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" /etc/default/keyboard
31 33 fi
32 if [ "$XKBLAYOUT" != "" ] ; then
33 chroot_exec sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKBLAYOUT}\"/" /etc/default/keyboard
34 if [ "$XKB_LAYOUT" != "" ] ; then
35 chroot_exec sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" /etc/default/keyboard
34 36 fi
35 if [ "$XKBVARIANT" != "" ] ; then
36 chroot_exec sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKBVARIANT}\"/" /etc/default/keyboard
37 if [ "$XKB_VARIANT" != "" ] ; then
38 chroot_exec sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" /etc/default/keyboard
37 39 fi
38 if [ "$XKBOPTIONS" != "" ] ; then
39 chroot_exec sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKBOPTIONS}\"/" /etc/default/keyboard
40 if [ "$XKB_OPTIONS" != "" ] ; then
41 chroot_exec sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" /etc/default/keyboard
40 42 fi
41 43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44
42 45 # Set up font console
43 46 case "${DEFLOCAL}" in
44 47 *UTF-8)
45 48 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' /etc/default/console-setup
46 49 ;;
47 50 *)
48 51 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="guess"/' /etc/default/console-setup
49 52 ;;
50 53 esac
51 54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 else
56 # Set POSIX default locales
57 install_readonly files/locales/locale $R/etc/default/locale
52 58 fi
@@ -1,102 +1,115
1 1 #
2 # Kernel installation
2 # Build and Setup RPi2 Kernel
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Fetch and build latest raspberry kernel
8 9 if [ "$BUILD_KERNEL" = true ] ; then
9 10 # Fetch current raspberrypi kernel sources
10 git -C $R/usr/local/src clone --depth=1 https://github.com/raspberrypi/linux
11 git -C $R/usr/src clone --depth=1 https://github.com/raspberrypi/linux
11 12
12 13 # Load default raspberry kernel configuration
13 make -C $R/usr/local/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcm2709_defconfig
14 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcm2709_defconfig
15
16 # Calculate optimal number of kernel building threads
17 if [ "KERNEL_THREADS" = 1 ] ; then
18 if [ -f /proc/cpuinfo ] ; then
19 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
20 fi
21 fi
14 22
15 23 # Cross compile kernel and modules
16 make -C $R/usr/local/src/linux -j$(grep -c processor /proc/cpuinfo) ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- zImage modules dtbs
24 make -C $R/usr/src/linux -j${KERNEL_THREADS} ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- zImage modules dtbs
17 25
18 26 # Install kernel modules
19 make -C $R/usr/local/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=../.. modules_install
27 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=../../.. modules_install
20 28
21 29 # Install kernel headers
22 30 if [ "$KERNEL_HEADERS" = true ]; then
23 make -C $R/usr/local/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_HDR_PATH=../../usr headers_install
31 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_HDR_PATH=../.. headers_install
24 32 fi
25 33
26 34 # Copy and rename compiled kernel to boot directory
27 35 mkdir $R/boot/firmware/
28 $R/usr/local/src/linux/scripts/mkknlimg $R/usr/local/src/linux/arch/arm/boot/zImage $R/boot/firmware/kernel7.img
36 $R/usr/src/linux/scripts/mkknlimg $R/usr/src/linux/arch/arm/boot/zImage $R/boot/firmware/kernel7.img
29 37
30 38 # Copy dts and dtb device definitions
31 39 mkdir $R/boot/firmware/overlays/
32 cp $R/usr/local/src/linux/arch/arm/boot/dts/*.dtb $R/boot/firmware/
33 cp $R/usr/local/src/linux/arch/arm/boot/dts/overlays/*.dtb* $R/boot/firmware/overlays/
34 cp $R/usr/local/src/linux/arch/arm/boot/dts/overlays/README $R/boot/firmware/overlays/
40 cp $R/usr/src/linux/arch/arm/boot/dts/*.dtb $R/boot/firmware/
41 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/*.dtb* $R/boot/firmware/overlays/
42 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/README $R/boot/firmware/overlays/
43
44 # Remove kernel sources
45 if [ "$KERNEL_RMSRC" = true ]; then
46 rm -fr $R/usr/src/linux
47 fi
35 48
36 49 # Install raspberry bootloader and flash-kernel
37 50 chroot_exec apt-get -qq -y --no-install-recommends install raspberrypi-bootloader-nokernel
38 51 else
39 52 # Kernel installation
40 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${KERNEL} raspberrypi-bootloader-nokernel
53 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${COLLABORA_KERNEL} raspberrypi-bootloader-nokernel
41 54
42 55 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
43 56 chroot_exec apt-get -qq -y install flash-kernel
44 57
45 58 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
46 59 [ -z "$VMLINUZ" ] && exit 1
47 60 cp $VMLINUZ $R/boot/firmware/kernel7.img
48 61 fi
49 62
50 63 # Set up firmware boot cmdline
51 64 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
52 65
53 66 # Set up serial console support (if requested)
54 67 if [ "$ENABLE_CONSOLE" = true ] ; then
55 68 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
56 69 fi
57 70
58 71 # Set up IPv6 networking support
59 72 if [ "$ENABLE_IPV6" = false ] ; then
60 73 CMDLINE="${CMDLINE} ipv6.disable=1"
61 74 fi
62 75
63 76 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
64 77
65 78 # Set up firmware config
66 install -o root -g root -m 644 files/config.txt $R/boot/firmware/config.txt
79 install_readonly files/boot/config.txt $R/boot/firmware/config.txt
67 80
68 81 # Load snd_bcm2835 kernel module at boot time
69 82 if [ "$ENABLE_SOUND" = true ] ; then
70 83 echo "snd_bcm2835" >>$R/etc/modules
71 84 fi
72 85
73 86 # Set smallest possible GPU memory allocation size: 16MB (no X)
74 87 if [ "$ENABLE_MINGPU" = true ] ; then
75 88 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
76 89 fi
77 90
78 91 # Create symlinks
79 92 ln -sf firmware/config.txt $R/boot/config.txt
80 93 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
81 94
82 95 # Prepare modules-load.d directory
83 96 mkdir -p $R/lib/modules-load.d/
84 97
85 98 # Load random module on boot
86 99 if [ "$ENABLE_HWRANDOM" = true ] ; then
87 100 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
88 101 bcm2708_rng
89 102 EOM
90 103 fi
91 104
92 105 # Prepare modprobe.d directory
93 106 mkdir -p $R/etc/modprobe.d/
94 107
95 108 # Blacklist sound modules
96 install -o root -g root -m 644 files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
109 install_readonly files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
97 110
98 111 # Create default fstab
99 install -o root -g root -m 644 files/fstab $R/etc/fstab
112 install_readonly files/mount/fstab $R/etc/fstab
100 113
101 114 # Avoid swapping and increase cache sizes
102 install -o root -g root -m 644 files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
115 install_readonly files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
@@ -1,78 +1,69
1 1 #
2 # Setup networking
2 # Setup Networking
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Set up IPv4 hosts
8 echo ${HOSTNAME} >$R/etc/hostname
9 cat <<EOM >$R/etc/hosts
10 127.0.0.1 localhost
11 127.0.1.1 ${HOSTNAME}
12 EOM
9 install_readonly files/network/hostname $R/etc/hostname
10 sed -i -e "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname
11
12 install_readonly files/network/hosts $R/etc/hosts
13 sed -i -e "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts
13 14
14 15 if [ "$NET_ADDRESS" != "" ] ; then
15 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
16 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
16 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
17 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
17 18 fi
18 19
19 20 # Set up IPv6 hosts
20 21 if [ "$ENABLE_IPV6" = true ] ; then
21 cat <<EOM >>$R/etc/hosts
22 cat <<EOM >>$R/etc/hosts
22 23
23 24 ::1 localhost ip6-localhost ip6-loopback
24 25 ff02::1 ip6-allnodes
25 26 ff02::2 ip6-allrouters
26 27 EOM
27 28 fi
28 29
29 30 # Place hint about network configuration
30 cat <<EOM >$R/etc/network/interfaces
31 # Debian switched to systemd-networkd configuration files.
32 # please configure your networks in '/etc/systemd/network/'
33 source /etc/interfaces.d/*.conf
34 EOM
31 install_readonly files/network/interfaces $R/etc/network/interfaces
35 32
36 33 if [ "$ENABLE_DHCP" = true ] ; then
37 34 # Enable systemd-networkd DHCP configuration for interface eth0
38 cat <<EOM >$R/etc/systemd/network/eth.network
39 [Match]
40 Name=eth0
41
42 [Network]
43 DHCP=yes
44 EOM
35 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network
45 36
46 37 # Set DHCP configuration to IPv4 only
47 if [ "$ENABLE_IPV6" = false ] ; then
48 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
49 fi
38 if [ "$ENABLE_IPV6" = false ] ; then
39 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
40 fi
50 41 else # ENABLE_DHCP=false
51 cat <<EOM >$R/etc/systemd/network/eth.network
42 cat <<EOM >$R/etc/systemd/network/eth.network
52 43 [Match]
53 44 Name=eth0
54 45
55 46 [Network]
56 47 DHCP=no
57 48 Address=${NET_ADDRESS}
58 49 Gateway=${NET_GATEWAY}
59 50 DNS=${NET_DNS_1}
60 51 DNS=${NET_DNS_2}
61 52 Domains=${NET_DNS_DOMAINS}
62 53 NTP=${NET_NTP_1}
63 54 NTP=${NET_NTP_2}
64 55 EOM
65 56 fi
66 57
67 58 # Enable systemd-networkd service
68 59 chroot_exec systemctl enable systemd-networkd
69 60
70 61 # Enable network stack hardening
71 62 if [ "$ENABLE_HARDNET" = true ] ; then
72 install -o root -g root -m 644 files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
63 install_readonly files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
73 64
74 65 # Enable resolver warnings about spoofed addresses
75 66 cat <<EOM >>$R/etc/host.conf
76 67 spoof warn
77 68 EOM
78 69 fi
@@ -1,43 +1,44
1 1 #
2 # Enable firewall based on iptables started by systemd service
2 # Setup Firewall
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 if [ "$ENABLE_IPTABLES" = true ] ; then
8 9 # Create iptables configuration directory
9 10 mkdir -p "$R/etc/iptables"
10 11
11 12 # Create iptables systemd service
12 install -o root -g root -m 644 files/iptables/iptables.service $R/etc/systemd/system/iptables.service
13 install_readonly files/iptables/iptables.service $R/etc/systemd/system/iptables.service
13 14
14 15 # Create flush-table script called by iptables service
15 install -o root -g root -m 755 files/iptables/flush-iptables.sh $R/etc/iptables/flush-iptables.sh
16 install_exec files/iptables/flush-iptables.sh $R/etc/iptables/flush-iptables.sh
16 17
17 18 # Create iptables rule file
18 install -o root -g root -m 644 files/iptables/iptables.rules $R/etc/iptables/iptables.rules
19 install_readonly files/iptables/iptables.rules $R/etc/iptables/iptables.rules
19 20
20 21 # Reload systemd configuration and enable iptables service
21 22 chroot_exec systemctl daemon-reload
22 23 chroot_exec systemctl enable iptables.service
23 24
24 25 if [ "$ENABLE_IPV6" = true ] ; then
25 26 # Create ip6tables systemd service
26 install -o root -g root -m 644 files/iptables/ip6tables.service $R/etc/systemd/system/ip6tables.service
27 install_readonly files/iptables/ip6tables.service $R/etc/systemd/system/ip6tables.service
27 28
28 29 # Create ip6tables file
29 install -o root -g root -m 755 files/iptables/flush-ip6tables.sh $R/etc/iptables/flush-ip6tables.sh
30 install_exec files/iptables/flush-ip6tables.sh $R/etc/iptables/flush-ip6tables.sh
30 31
31 install -o root -g root -m 644 files/iptables/ip6tables.rules $R/etc/iptables/ip6tables.rules
32 install_readonly files/iptables/ip6tables.rules $R/etc/iptables/ip6tables.rules
32 33
33 34 # Reload systemd configuration and enable iptables service
34 35 chroot_exec systemctl daemon-reload
35 36 chroot_exec systemctl enable ip6tables.service
36 37 fi
37 38 fi
38 39
39 40 # Remove SSHD related iptables rules
40 41 if [ "$ENABLE_SSHD" = false ] ; then
41 42 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null
42 43 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/ip6tables.rules 2> /dev/null
43 44 fi
@@ -1,30 +1,31
1 1 #
2 2 # Setup users and security settings
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Generate crypt(3) password string
8 9 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 ${PASSWORD}`
9 10
10 11 # Set up default user
11 12 if [ "$ENABLE_USER" = true ] ; then
12 13 chroot_exec adduser --gecos pi --add_extra_groups --disabled-password pi
13 14 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_PASSWORD}" pi
14 15 fi
15 16
16 17 # Set up root password or not
17 18 if [ "$ENABLE_ROOT" = true ]; then
18 19 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
19 20
20 21 if [ "$ENABLE_ROOT_SSH" = true ]; then
21 22 sed -i 's|[#]*PermitRootLogin.*|PermitRootLogin yes|g' $R/etc/ssh/sshd_config
22 23 fi
23 24 else
24 25 chroot_exec usermod -p \'!\' root
25 26 fi
26 27
27 28 # Enable serial console systemd style
28 29 if [ "$ENABLE_CONSOLE" = true ] ; then
29 30 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
30 31 fi
@@ -1,12 +1,13
1 1 #
2 # Setup logging
2 # Setup Logging
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Disable rsyslog
8 9 if [ "$ENABLE_RSYSLOG" = false ]; then
9 10 sed -i 's|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g' $R/etc/systemd/journald.conf
10 11 chroot_exec systemctl disable rsyslog
11 12 chroot_exec apt-get purge -q -y --force-yes rsyslog
12 13 fi
@@ -1,44 +1,31
1 1 #
2 # Setup Uboot
2 # Build and Setup Uboot
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 # Install gcc/c++ build environment inside the chroot
8 9 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
9 10 chroot_exec apt-get install -q -y --force-yes --no-install-recommends linux-compiler-gcc-4.9-arm g++ make bc
10 11 fi
11 12
12 13 # Fetch and build U-Boot bootloader
13 14 if [ "$ENABLE_UBOOT" = true ] ; then
14 15 # Fetch U-Boot bootloader sources
15 16 git -C $R/tmp clone git://git.denx.de/u-boot.git
16 17
17 18 # Build and install U-Boot inside chroot
18 19 chroot_exec make -C /tmp/u-boot/ rpi_2_defconfig all
19 20
20 21 # Copy compiled bootloader binary and set config.txt to load it
21 22 cp $R/tmp/u-boot/u-boot.bin $R/boot/firmware/
22 23 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> $R/boot/firmware/config.txt
23 24
24 25 # Set U-Boot command file
25 cat <<EOM >$R/boot/firmware/uboot.mkimage
26 # Tell Linux that it is booting on a Raspberry Pi2
27 setenv machid 0x00000c42
28
29 # Set the kernel boot command line
30 setenv bootargs "earlyprintk ${CMDLINE}"
31
32 # Save these changes to u-boot's environment
33 saveenv
34
35 # Load the existing Linux kernel into RAM
36 fatload mmc 0:1 \${kernel_addr_r} kernel7.img
37
38 # Boot the kernel we have just loaded
39 bootz \${kernel_addr_r}
40 EOM
26 install_readonly files/boot/uboot.mkimage $R/boot/firmware/uboot.mkimage
27 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat $R/boot/firmware/uboot.mkimage)" > $R/boot/firmware/uboot.mkimage
41 28
42 29 # Generate U-Boot image from command file
43 chroot_exec mkimage -A arm -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi2 Boot Script" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
30 chroot_exec /tmp/u-boot/tools/mkimage -A arm -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n RPi2 -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
44 31 fi
@@ -1,34 +1,34
1 1 #
2 # Fetch and build fbturbo Xorg driver
2 # Build and Setup fbturbo Xorg driver
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
7 8 if [ "$ENABLE_FBTURBO" = true ] ; then
8 9 # Fetch fbturbo driver sources
9 10 git -C $R/tmp clone https://github.com/ssvb/xf86-video-fbturbo.git
10 11
11 12 # Install Xorg build dependencies
12 13 chroot_exec apt-get install -q -y --no-install-recommends xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
13 14
14 15 # Build and install fbturbo driver inside chroot
15 chroot_exec /bin/bash -c "cd /tmp/xf86-video-fbturbo; autoreconf -vi; ./configure --prefix=/usr; make; make install"
16 chroot_exec /bin/bash -x <<'EOF'
17 cd /tmp/xf86-video-fbturbo
18 autoreconf -vi
19 ./configure --prefix=/usr
20 make
21 make install
22 EOF
16 23
17 24 # Add fbturbo driver to Xorg configuration
18 cat <<EOM >$R/usr/share/X11/xorg.conf.d/99-fbturbo.conf
19 Section "Device"
20 Identifier "Allwinner A10/A13 FBDEV"
21 Driver "fbturbo"
22 Option "fbdev" "/dev/fb0"
23 Option "SwapbuffersWait" "true"
24 EndSection
25 EOM
25 install_readonly files/xorg/99-fbturbo.conf $R/usr/share/X11/xorg.conf.d/99-fbturbo.conf
26 26
27 27 # Remove Xorg build dependencies
28 28 chroot_exec apt-get -q -y purge --auto-remove xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
29 29 fi
30 30
31 31 # Remove gcc/c++ build environment from the chroot
32 32 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
33 33 chroot_exec apt-get -y -q purge --auto-remove bc binutils cpp cpp-4.9 g++ g++-4.9 gcc gcc-4.9 libasan1 libatomic1 libc-dev-bin libc6-dev libcloog-isl4 libgcc-4.9-dev libgomp1 libisl10 libmpc3 libmpfr4 libstdc++-4.9-dev libubsan0 linux-compiler-gcc-4.9-arm linux-libc-dev make
34 34 fi
@@ -1,24 +1,29
1 1 #
2 2 # First boot actions
3 3 #
4 4
5 # Load utility functions
5 6 . ./functions.sh
6 7
8 # Prepare rc.firstboot script
7 9 cat files/firstboot/10-begin.sh > $R/etc/rc.firstboot
8 10
9 11 # Ensure openssh server host keys are regenerated on first boot
10 12 if [ "$ENABLE_SSHD" = true ] ; then
11 13 cat files/firstboot/21-generate-ssh-keys.sh >> $R/etc/rc.firstboot
12 14 rm -f $R/etc/ssh/ssh_host_*
13 15 fi
14 16
17 # Prepare filesystem auto expand
15 18 if [ "$EXPANDROOT" = true ] ; then
16 19 cat files/firstboot/22-expandroot.sh >> $R/etc/rc.firstboot
17 20 fi
18 21
22 # Finalize rc.firstboot script
19 23 cat files/firstboot/99-finish.sh >> $R/etc/rc.firstboot
20 24 chmod +x $R/etc/rc.firstboot
21 25
26 # Add rc.firstboot script to rc.local
22 27 sed -i '/exit 0/d' $R/etc/rc.local
23 28 echo /etc/rc.firstboot >> $R/etc/rc.local
24 29 echo exit 0 >> $R/etc/rc.local
1 NO CONTENT: file renamed from files/config.txt to files/boot/config.txt
1 NO CONTENT: file renamed from files/fstab to files/mount/fstab
@@ -1,23 +1,38
1 # This file contains utility functions used by rpi2-gen-image.sh
2
1 3 cleanup (){
2 # Clean up all temporary mount points
3 4 set +x
4 5 set +e
6
7 # Identify and kill all processes still using files
5 8 echo "killing processes using mount point ..."
6 9 fuser -k $R
7 10 sleep 3
8 11 fuser -9 -k -v $R
12
13 # Clean up all temporary mount points
9 14 echo "removing temporary mount points ..."
10 15 umount -l $R/proc 2> /dev/null
11 16 umount -l $R/sys 2> /dev/null
12 17 umount -l $R/dev/pts 2> /dev/null
13 18 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
14 19 umount "$BUILDDIR/mount" 2> /dev/null
15 20 losetup -d "$EXT4_LOOP" 2> /dev/null
16 21 losetup -d "$VFAT_LOOP" 2> /dev/null
17 22 trap - 0 1 2 3 6
18 23 }
19 24
20 25 chroot_exec() {
21 26 # Exec command in chroot
22 27 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot $R $*
23 28 }
29
30 install_readonly() {
31 # Install file with user read-only permissions
32 install -o root -g root -m 644 $*
33 }
34
35 install_exec() {
36 # Install file with root exec permissions
37 install -o root -g root -m 744 $*
38 }
@@ -1,305 +1,313
1 1 #!/bin/sh
2 2
3 3 ########################################################################
4 4 # rpi2-gen-image.sh ver2a 12/2015
5 5 #
6 6 # Advanced debian "jessie" bootstrap script for RPi2
7 7 #
8 8 # This program is free software; you can redistribute it and/or
9 9 # modify it under the terms of the GNU General Public License
10 10 # as published by the Free Software Foundation; either version 2
11 11 # of the License, or (at your option) any later version.
12 12 #
13 13 # some parts based on rpi2-build-image:
14 14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
15 15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
16 16 ########################################################################
17 17
18 source ./functions.sh
18 # Load utility functions
19 . ./functions.sh
19 20
20 21 set -e
22 echo -n -e "\n#\n# RPi2 Bootstrap Settings\n#\n"
21 23 set -x
22 24
23 25 # Debian release
24 26 RELEASE=${RELEASE:=jessie}
25 KERNEL=${KERNEL:=3.18.0-trunk-rpi2}
27 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
26 28
27 29 # Build settings
28 30 BASEDIR=$(pwd)/images/${RELEASE}
29 31 BUILDDIR=${BASEDIR}/build
30 32
31 33 # General settings
32 34 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
33 35 PASSWORD=${PASSWORD:=raspberry}
34 36 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
35 37 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
36 XKBMODEL=${XKBMODEL:=""}
37 XKBLAYOUT=${XKBLAYOUT:=""}
38 XKBVARIANT=${XKBVARIANT:=""}
39 XKBOPTIONS=${XKBOPTIONS:=""}
40 38 EXPANDROOT=${EXPANDROOT:=true}
41 39
42 # Network settings
40 # Keyboard settings
41 XKB_MODEL=${XKB_MODEL:=""}
42 XKB_LAYOUT=${XKB_LAYOUT:=""}
43 XKB_VARIANT=${XKB_VARIANT:=""}
44 XKB_OPTIONS=${XKB_OPTIONS:=""}
45
46 # Network settings (DHCP)
43 47 ENABLE_DHCP=${ENABLE_DHCP:=true}
44 # NET_* settings are ignored when ENABLE_DHCP=true
45 # NET_ADDRESS is an IPv4 or IPv6 address and its prefix, separated by "/"
48
49 # Network settings (static)
50 # only used on ENABLE_DHCP=false
46 51 NET_ADDRESS=${NET_ADDRESS:=""}
47 52 NET_GATEWAY=${NET_GATEWAY:=""}
48 53 NET_DNS_1=${NET_DNS_1:=""}
49 54 NET_DNS_2=${NET_DNS_2:=""}
50 55 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
51 56 NET_NTP_1=${NET_NTP_1:=""}
52 57 NET_NTP_2=${NET_NTP_2:=""}
53 58
54 59 # APT settings
55 60 APT_PROXY=${APT_PROXY:=""}
56 61 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
57 62
58 63 # Feature settings
59 64 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
60 65 ENABLE_IPV6=${ENABLE_IPV6:=true}
61 66 ENABLE_SSHD=${ENABLE_SSHD:=true}
62 67 ENABLE_SOUND=${ENABLE_SOUND:=true}
63 68 ENABLE_DBUS=${ENABLE_DBUS:=true}
64 69 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
65 70 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
66 71 ENABLE_XORG=${ENABLE_XORG:=false}
67 72 ENABLE_WM=${ENABLE_WM:=""}
68 73 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
69 74 ENABLE_USER=${ENABLE_USER:=true}
70 75 ENABLE_ROOT=${ENABLE_ROOT:=false}
71 76 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
72 77
73 78 # Advanced settings
74 79 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
75 80 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
76 81 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
77 82 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
78 83 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
79 84
80 85 # Kernel compilation settings
81 86 BUILD_KERNEL=${BUILD_KERNEL:=false}
87 KERNEL_THREADS=${KERNEL_THREADS:=1}
82 88 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
89 KERNEL_RMSRC=${KERNEL_RMSRC:=true}
83 90
84 91 # Image chroot path
85 92 R=${BUILDDIR}/chroot
86 93 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
87 94
88 95 # Packages required for bootstrapping
89 96 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
90 97
91 98 # Missing packages that need to be installed
92 99 MISSING_PACKAGES=""
93 100
94 101 # Packages required in the chroot build environment
95 102 APT_INCLUDES=${APT_INCLUDES:=""}
96 103 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
97 104
98 105 set +x
99 106
100 107 # Are we running as root?
101 108 if [ "$(id -u)" -ne "0" ] ; then
102 109 echo "this script must be executed with root privileges"
103 110 exit 1
104 111 fi
105 112
106 113 # Add packages required for kernel cross compilation
107 114 if [ "$BUILD_KERNEL" = true ] ; then
108 115 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
109 116 fi
110 117
111 118 # Check if all required packages are installed
112 119 for package in $REQUIRED_PACKAGES ; do
113 120 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
114 121 MISSING_PACKAGES="$MISSING_PACKAGES $package"
115 122 fi
116 123 done
117 124
118 125 # Ask if missing packages should get installed right now
119 126 if [ -n "$MISSING_PACKAGES" ] ; then
120 127 echo "the following packages needed by this script are not installed:"
121 128 echo "$MISSING_PACKAGES"
122 129
123 130 echo -n "\ndo you want to install the missing packages right now? [y/n] "
124 131 read confirm
125 132 if [ "$confirm" != "y" ] ; then
126 133 exit 1
127 134 fi
128 135 fi
129 136
130 137 # Make sure all required packages are installed
131 138 apt-get -qq -y install ${REQUIRED_PACKAGES}
132 139
133 140 # Don't clobber an old build
134 141 if [ -e "$BUILDDIR" ]; then
135 142 echo "directory $BUILDDIR already exists, not proceeding"
136 143 exit 1
137 144 fi
138 145
139 146 set -x
140 147
141 148 # Call "cleanup" function on various signals and errors
142 149 trap cleanup 0 1 2 3 6
143 150
144 151 # Set up chroot directory
145 152 mkdir -p $R
146 153
147 154 # Add required packages for the minbase installation
148 155 if [ "$ENABLE_MINBASE" = true ] ; then
149 156 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
150 157 else
151 158 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
152 159 fi
153 160
154 161 # Add parted package, required to get partprobe utility
155 162 if [ "$EXPANDROOT" = true ] ; then
156 163 APT_INCLUDES="${APT_INCLUDES},parted"
157 164 fi
158 165
159 166 # Add dbus package, recommended if using systemd
160 167 if [ "$ENABLE_DBUS" = true ] ; then
161 168 APT_INCLUDES="${APT_INCLUDES},dbus"
162 169 fi
163 170
164 171 # Add iptables IPv4/IPv6 package
165 172 if [ "$ENABLE_IPTABLES" = true ] ; then
166 173 APT_INCLUDES="${APT_INCLUDES},iptables"
167 174 fi
168 175
169 176 # Add openssh server package
170 177 if [ "$ENABLE_SSHD" = true ] ; then
171 178 APT_INCLUDES="${APT_INCLUDES},openssh-server"
172 179 fi
173 180
174 181 # Add alsa-utils package
175 182 if [ "$ENABLE_SOUND" = true ] ; then
176 183 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
177 184 fi
178 185
179 186 # Add rng-tools package
180 187 if [ "$ENABLE_HWRANDOM" = true ] ; then
181 188 APT_INCLUDES="${APT_INCLUDES},rng-tools"
182 189 fi
183 190
184 191 if [ "$ENABLE_USER" = true ]; then
185 192 APT_INCLUDES="${APT_INCLUDES},sudo"
186 193 fi
187 194
188 195 # Add fbturbo video driver
189 196 if [ "$ENABLE_FBTURBO" = true ] ; then
190 197 # Enable xorg package dependencies
191 198 ENABLE_XORG=true
192 199 fi
193 200
194 201 # Add user defined window manager package
195 202 if [ -n "$ENABLE_WM" ] ; then
196 203 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
197 204
198 205 # Enable xorg package dependencies
199 206 ENABLE_XORG=true
200 207 fi
201 208
202 209 # Add xorg package
203 210 if [ "$ENABLE_XORG" = true ] ; then
204 211 APT_INCLUDES="${APT_INCLUDES},xorg"
205 212 fi
206 213
207 214 ## Main bootstrap
208 215 for i in bootstrap.d/*.sh; do
216 head -n 3 $i
209 217 . $i
210 218 done
211 219
212 220 ## Custom bootstrap scripts
213 221 if [ -d "custom.d" ]; then
214 222 for i in custom.d/*.sh; do
215 223 . $i
216 224 done
217 225 fi
218 226
219 227 # Invoke custom scripts
220 228 if [ -n "${CHROOT_SCRIPTS}" ]; then
221 229 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
222 230 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
223 231 rm -rf "${R}/chroot_scripts"
224 232 fi
225 233
226 234 ## Cleanup
227 235 chroot_exec apt-get -y clean
228 236 chroot_exec apt-get -y autoclean
229 237 chroot_exec apt-get -y autoremove
230 238
231 239 # Unmount mounted filesystems
232 240 umount -l $R/proc
233 241 umount -l $R/sys
234 242
235 243 # Clean up files
236 244 rm -f $R/etc/apt/sources.list.save
237 245 rm -f $R/etc/resolvconf/resolv.conf.d/original
238 246 rm -rf $R/run
239 247 mkdir -p $R/run
240 248 rm -f $R/etc/*-
241 249 rm -f $R/root/.bash_history
242 250 rm -rf $R/tmp/*
243 251 rm -f $R/var/lib/urandom/random-seed
244 252 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
245 253 rm -f $R/etc/machine-id
246 254 rm -fr $R/etc/apt/apt.conf.d/10proxy
247 255 rm -f $R/etc/resolv.conf
248 256
249 257 # Calculate size of the chroot directory in KB
250 258 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
251 259
252 260 # Calculate the amount of needed 512 Byte sectors
253 261 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
254 262 BOOT_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
255 263 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS})
256 264
257 265 # The root partition is EXT4
258 266 # This means more space than the actual used space of the chroot is used.
259 267 # As overhead for journaling and reserved blocks 20% are added.
260 268 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
261 269
262 270 # Calculate required image size in 512 Byte sectors
263 271 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS} + ${ROOT_SECTORS})
264 272
265 273 # Prepare date string for image file name
266 274 DATE="$(date +%Y-%m-%d)"
267 275
268 276 # Prepare image file
269 277 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
270 278 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
271 279
272 280 # Write partition table
273 281 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
274 282 unit: sectors
275 283
276 284 1 : start= ${TABLE_SECTORS}, size= ${BOOT_SECTORS}, Id= c, bootable
277 285 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
278 286 3 : start= 0, size= 0, Id= 0
279 287 4 : start= 0, size= 0, Id= 0
280 288 EOM
281 289
282 290 # Set up temporary loop devices and build filesystems
283 291 VFAT_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
284 292 EXT4_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
285 293 mkfs.vfat "$VFAT_LOOP"
286 294 mkfs.ext4 "$EXT4_LOOP"
287 295
288 296 # Mount the temporary loop devices
289 297 mkdir -p "$BUILDDIR/mount"
290 298 mount "$EXT4_LOOP" "$BUILDDIR/mount"
291 299
292 300 mkdir -p "$BUILDDIR/mount/boot/firmware"
293 301 mount "$VFAT_LOOP" "$BUILDDIR/mount/boot/firmware"
294 302
295 303 # Copy all files from the chroot to the loop device mount point directory
296 304 rsync -a "$R/" "$BUILDDIR/mount/"
297 305
298 306 # Unmount all temporary loop devices and mount points
299 307 cleanup
300 308
301 # (optinal) create block map file for "bmaptool"
309 # Create block map file for "bmaptool"
302 310 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
303 311
304 312 # Image was successfully created
305 313 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img (${IMAGE_SIZE})" ": successfully created"
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant