##// END OF EJS Templates
Added ENABLE_SPLITFS option to create distinct images for firmware and root partitions
Vincent Knecht -
r65:54acc1e70a3e
parent child
Show More
@@ -1,169 +1,177
1 # rpi2-gen-image
1 # rpi2-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time only supports the bootstrapping of the current stable Debian 8 "jessie" release.
3 `rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time only supports the bootstrapping of the current stable Debian 8 "jessie" release.
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static dosfstools rsync bmap-tools whois git-core```
8 ```debootstrap debian-archive-keyring qemu-user-static dosfstools rsync bmap-tools whois git-core```
9
9
10 ## Command-line parameters
10 ## Command-line parameters
11 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script.
11 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script.
12
12
13 #####Command-line examples:
13 #####Command-line examples:
14 ```shell
14 ```shell
15 ENABLE_UBOOT=true ./rpi2-gen-image.sh
15 ENABLE_UBOOT=true ./rpi2-gen-image.sh
16 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh
16 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh
17 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh
17 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh
18 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh
18 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh
19 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh
19 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh
20 ENABLE_MINBASE=true ./rpi2-gen-image.sh
20 ENABLE_MINBASE=true ./rpi2-gen-image.sh
21 ```
21 ```
22
22
23 #### APT settings:
23 #### APT settings:
24 ##### `APT_SERVER`="ftp.debian.org"
24 ##### `APT_SERVER`="ftp.debian.org"
25 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
25 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
26
26
27 ##### `APT_PROXY`=""
27 ##### `APT_PROXY`=""
28 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
28 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
29
29
30 ##### `APT_INCLUDES`=""
30 ##### `APT_INCLUDES`=""
31 A comma seperated list of additional packages to be installed during bootstrapping.
31 A comma seperated list of additional packages to be installed during bootstrapping.
32
32
33 #### General system settings:
33 #### General system settings:
34 ##### `HOSTNAME`="rpi2-jessie"
34 ##### `HOSTNAME`="rpi2-jessie"
35 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
35 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
36
36
37 ##### `PASSWORD`="raspberry"
37 ##### `PASSWORD`="raspberry"
38 Set system `root` password. The same password is used for the created user `pi`. It's **STRONGLY** recommended that you choose a custom password.
38 Set system `root` password. The same password is used for the created user `pi`. It's **STRONGLY** recommended that you choose a custom password.
39
39
40 ##### `DEFLOCAL`="en_US.UTF-8"
40 ##### `DEFLOCAL`="en_US.UTF-8"
41 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. The script variant `minbase` (ENABLE_MINBASE=true) doesn't install `locales`.
41 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. The script variant `minbase` (ENABLE_MINBASE=true) doesn't install `locales`.
42
42
43 ##### `TIMEZONE`="Europe/Berlin"
43 ##### `TIMEZONE`="Europe/Berlin"
44 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
44 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
45
45
46 ##### `EXPANDROOT`=true
46 ##### `EXPANDROOT`=true
47 Expand the root partition and filesystem automatically on first boot.
47 Expand the root partition and filesystem automatically on first boot.
48
48
49 #### Keyboard settings:
49 #### Keyboard settings:
50 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
50 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
51
51
52 ##### `XKBMODEL`=""
52 ##### `XKBMODEL`=""
53 Set the name of the model of your keyboard type.
53 Set the name of the model of your keyboard type.
54
54
55 ##### `XKBLAYOUT`=""
55 ##### `XKBLAYOUT`=""
56 Set the supported keyboard layout(s).
56 Set the supported keyboard layout(s).
57
57
58 ##### `XKBVARIANT`=""
58 ##### `XKBVARIANT`=""
59 Set the supported variant(s) of the keyboard layout(s).
59 Set the supported variant(s) of the keyboard layout(s).
60
60
61 ##### `XKBOPTIONS`=""
61 ##### `XKBOPTIONS`=""
62 Set extra xkb configuration options.
62 Set extra xkb configuration options.
63
63
64 #### Networking settings (DHCP)
64 #### Networking settings (DHCP)
65 This setting is used to set up networking auto configuration in `/etc/systemd/network/eth.network`.
65 This setting is used to set up networking auto configuration in `/etc/systemd/network/eth.network`.
66
66
67 #####`ENABLE_DHCP`=true
67 #####`ENABLE_DHCP`=true
68 Set the system to use DHCP. This requires an DHCP server.
68 Set the system to use DHCP. This requires an DHCP server.
69
69
70 #### Networking settings (static)
70 #### Networking settings (static)
71 These settings are used to set up a static networking configuration in /etc/systemd/network/eth.network. The following static networking settings are only supported if `ENABLE_DHCP` was set to `false`.
71 These settings are used to set up a static networking configuration in /etc/systemd/network/eth.network. The following static networking settings are only supported if `ENABLE_DHCP` was set to `false`.
72
72
73 #####`NET_ADDRESS`=""
73 #####`NET_ADDRESS`=""
74 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
74 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
75
75
76 #####`NET_GATEWAY`=""
76 #####`NET_GATEWAY`=""
77 Set the IP address for the default gateway.
77 Set the IP address for the default gateway.
78
78
79 #####`NET_DNS_1`=""
79 #####`NET_DNS_1`=""
80 Set the IP address for the first DNS server.
80 Set the IP address for the first DNS server.
81
81
82 #####`NET_DNS_2`=""
82 #####`NET_DNS_2`=""
83 Set the IP address for the second DNS server.
83 Set the IP address for the second DNS server.
84
84
85 #####`NET_DNS_DOMAINS`=""
85 #####`NET_DNS_DOMAINS`=""
86 Set the default DNS search domains to use for non fully qualified host names.
86 Set the default DNS search domains to use for non fully qualified host names.
87
87
88 #####`NET_NTP_1`=""
88 #####`NET_NTP_1`=""
89 Set the IP address for the first NTP server.
89 Set the IP address for the first NTP server.
90
90
91 #####`NET_NTP_2`=""
91 #####`NET_NTP_2`=""
92 Set the IP address for the second NTP server.
92 Set the IP address for the second NTP server.
93
93
94 #### Basic system features:
94 #### Basic system features:
95 ##### `ENABLE_CONSOLE`=true
95 ##### `ENABLE_CONSOLE`=true
96 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
96 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
97
97
98 ##### `ENABLE_IPV6`=true
98 ##### `ENABLE_IPV6`=true
99 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
99 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
100
100
101 ##### `ENABLE_SSHD`=true
101 ##### `ENABLE_SSHD`=true
102 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
102 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
103
103
104 ##### `ENABLE_RSYSLOG`=true
104 ##### `ENABLE_RSYSLOG`=true
105 If set to false, disable and uninstall rsyslog (so logs will be available only
105 If set to false, disable and uninstall rsyslog (so logs will be available only
106 in journal files)
106 in journal files)
107
107
108 ##### `ENABLE_SOUND`=true
108 ##### `ENABLE_SOUND`=true
109 Enable sound hardware and install Advanced Linux Sound Architecture.
109 Enable sound hardware and install Advanced Linux Sound Architecture.
110
110
111 ##### `ENABLE_HWRANDOM`=true
111 ##### `ENABLE_HWRANDOM`=true
112 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
112 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
113
113
114 ##### `ENABLE_MINGPU`=false
114 ##### `ENABLE_MINGPU`=false
115 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
115 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
116
116
117 ##### `ENABLE_DBUS`=true
117 ##### `ENABLE_DBUS`=true
118 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
118 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
119
119
120 ##### `ENABLE_XORG`=false
120 ##### `ENABLE_XORG`=false
121 Install Xorg open-source X Window System.
121 Install Xorg open-source X Window System.
122
122
123 ##### `ENABLE_WM`=""
123 ##### `ENABLE_WM`=""
124 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
124 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
125
125
126 #### Advanced sytem features:
126 #### Advanced sytem features:
127 ##### `ENABLE_MINBASE`=false
127 ##### `ENABLE_MINBASE`=false
128 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
128 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
129
129
130 ##### `ENABLE_UBOOT`=false
130 ##### `ENABLE_UBOOT`=false
131 Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol.
131 Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol.
132
132
133 ##### `ENABLE_FBTURBO`=false
133 ##### `ENABLE_FBTURBO`=false
134 Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
134 Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
135
135
136 ##### `ENABLE_IPTABLES`=false
136 ##### `ENABLE_IPTABLES`=false
137 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
137 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
138
138
139 ##### `ENABLE_USER`=true
139 ##### `ENABLE_USER`=true
140 Create pi user with password raspberry
140 Create pi user with password raspberry
141
141
142 ##### `ENABLE_ROOT`=true
142 ##### `ENABLE_ROOT`=true
143 Set root user password so root login will be enabled
143 Set root user password so root login will be enabled
144
144
145 ##### `ENABLE_ROOT_SSH`=true
145 ##### `ENABLE_ROOT_SSH`=true
146 Enable password root login via SSH. May be a security risk with default
146 Enable password root login via SSH. May be a security risk with default
147 password, use only in trusted environments.
147 password, use only in trusted environments.
148
148
149 ##### `ENABLE_HARDNET`=false
149 ##### `ENABLE_HARDNET`=false
150 Enable IPv4/IPv6 network stack hardening settings.
150 Enable IPv4/IPv6 network stack hardening settings.
151
151
152 ##### `ENABLE_SPLITFS`=false
153 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
154
152 ##### `CHROOT_SCRIPTS`=""
155 ##### `CHROOT_SCRIPTS`=""
153 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
156 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
154
157
155 ## Logging of the bootstrapping process
158 ## Logging of the bootstrapping process
156 All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
159 All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
157
160
158 ```shell
161 ```shell
159 script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log
162 script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log
160 ```
163 ```
161
164
162 ## Flashing the image file
165 ## Flashing the image file
163 After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
166 After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
164
167
165 #####Flashing examples:
168 #####Flashing examples:
166 ```shell
169 ```shell
167 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
170 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
168 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
171 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
169 ```
172 ```
173 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
174 ```shell
175 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-frmw.img /dev/mmcblk0
176 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-root.img /dev/sdc
177 ```
@@ -1,699 +1,743
1 #!/bin/sh
1 #!/bin/sh
2
2
3 ########################################################################
3 ########################################################################
4 # rpi2-gen-image.sh ver2a 12/2015
4 # rpi2-gen-image.sh ver2a 12/2015
5 #
5 #
6 # Advanced debian "jessie" bootstrap script for RPi2
6 # Advanced debian "jessie" bootstrap script for RPi2
7 #
7 #
8 # This program is free software; you can redistribute it and/or
8 # This program is free software; you can redistribute it and/or
9 # modify it under the terms of the GNU General Public License
9 # modify it under the terms of the GNU General Public License
10 # as published by the Free Software Foundation; either version 2
10 # as published by the Free Software Foundation; either version 2
11 # of the License, or (at your option) any later version.
11 # of the License, or (at your option) any later version.
12 #
12 #
13 # some parts based on rpi2-build-image:
13 # some parts based on rpi2-build-image:
14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
16 ########################################################################
16 ########################################################################
17
17
18 # Clean up all temporary mount points
18 # Clean up all temporary mount points
19 cleanup (){
19 cleanup (){
20 set +x
20 set +x
21 set +e
21 set +e
22 echo "removing temporary mount points ..."
22 echo "removing temporary mount points ..."
23 umount -l $R/proc 2> /dev/null
23 umount -l $R/proc 2> /dev/null
24 umount -l $R/sys 2> /dev/null
24 umount -l $R/sys 2> /dev/null
25 umount -l $R/dev/pts 2> /dev/null
25 umount -l $R/dev/pts 2> /dev/null
26 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
26 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
27 umount "$BUILDDIR/mount" 2> /dev/null
27 umount "$BUILDDIR/mount" 2> /dev/null
28 losetup -d "$EXT4_LOOP" 2> /dev/null
28 losetup -d "$ROOT_LOOP" 2> /dev/null
29 losetup -d "$VFAT_LOOP" 2> /dev/null
29 losetup -d "$FRMW_LOOP" 2> /dev/null
30 trap - 0 1 2 3 6
30 trap - 0 1 2 3 6
31 }
31 }
32
32
33 # Exec command in chroot
33 # Exec command in chroot
34 chroot_exec() {
34 chroot_exec() {
35 LANG=C LC_ALL=C chroot $R $*
35 LANG=C LC_ALL=C chroot $R $*
36 }
36 }
37
37
38 set -e
38 set -e
39 set -x
39 set -x
40
40
41 # Debian release
41 # Debian release
42 RELEASE=${RELEASE:=jessie}
42 RELEASE=${RELEASE:=jessie}
43 KERNEL=${KERNEL:=3.18.0-trunk-rpi2}
43 KERNEL=${KERNEL:=3.18.0-trunk-rpi2}
44
44
45 # Build settings
45 # Build settings
46 BASEDIR=./images/${RELEASE}
46 BASEDIR=./images/${RELEASE}
47 BUILDDIR=${BASEDIR}/build
47 BUILDDIR=${BASEDIR}/build
48
48
49 # General settings
49 # General settings
50 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
50 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
51 PASSWORD=${PASSWORD:=raspberry}
51 PASSWORD=${PASSWORD:=raspberry}
52 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
52 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
53 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
53 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
54 XKBMODEL=${XKBMODEL:=""}
54 XKBMODEL=${XKBMODEL:=""}
55 XKBLAYOUT=${XKBLAYOUT:=""}
55 XKBLAYOUT=${XKBLAYOUT:=""}
56 XKBVARIANT=${XKBVARIANT:=""}
56 XKBVARIANT=${XKBVARIANT:=""}
57 XKBOPTIONS=${XKBOPTIONS:=""}
57 XKBOPTIONS=${XKBOPTIONS:=""}
58 EXPANDROOT=${EXPANDROOT:=true}
58 EXPANDROOT=${EXPANDROOT:=true}
59
59
60 # Network settings
60 # Network settings
61 ENABLE_DHCP=${ENABLE_DHCP:=true}
61 ENABLE_DHCP=${ENABLE_DHCP:=true}
62 # NET_* settings are ignored when ENABLE_DHCP=true
62 # NET_* settings are ignored when ENABLE_DHCP=true
63 # NET_ADDRESS is an IPv4 or IPv6 address and its prefix, separated by "/"
63 # NET_ADDRESS is an IPv4 or IPv6 address and its prefix, separated by "/"
64 NET_ADDRESS=${NET_ADDRESS:=""}
64 NET_ADDRESS=${NET_ADDRESS:=""}
65 NET_GATEWAY=${NET_GATEWAY:=""}
65 NET_GATEWAY=${NET_GATEWAY:=""}
66 NET_DNS_1=${NET_DNS_1:=""}
66 NET_DNS_1=${NET_DNS_1:=""}
67 NET_DNS_2=${NET_DNS_2:=""}
67 NET_DNS_2=${NET_DNS_2:=""}
68 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
68 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
69 NET_NTP_1=${NET_NTP_1:=""}
69 NET_NTP_1=${NET_NTP_1:=""}
70 NET_NTP_2=${NET_NTP_2:=""}
70 NET_NTP_2=${NET_NTP_2:=""}
71
71
72 # APT settings
72 # APT settings
73 APT_PROXY=${APT_PROXY:=""}
73 APT_PROXY=${APT_PROXY:=""}
74 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
74 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
75
75
76 # Feature settings
76 # Feature settings
77 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
77 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
78 ENABLE_IPV6=${ENABLE_IPV6:=true}
78 ENABLE_IPV6=${ENABLE_IPV6:=true}
79 ENABLE_SSHD=${ENABLE_SSHD:=true}
79 ENABLE_SSHD=${ENABLE_SSHD:=true}
80 ENABLE_SOUND=${ENABLE_SOUND:=true}
80 ENABLE_SOUND=${ENABLE_SOUND:=true}
81 ENABLE_DBUS=${ENABLE_DBUS:=true}
81 ENABLE_DBUS=${ENABLE_DBUS:=true}
82 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
82 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
83 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
83 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
84 ENABLE_XORG=${ENABLE_XORG:=false}
84 ENABLE_XORG=${ENABLE_XORG:=false}
85 ENABLE_WM=${ENABLE_WM:=""}
85 ENABLE_WM=${ENABLE_WM:=""}
86 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
86 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
87 ENABLE_USER=${ENABLE_USER:=true}
87 ENABLE_USER=${ENABLE_USER:=true}
88 ENABLE_ROOT=${ENABLE_ROOT:=false}
88 ENABLE_ROOT=${ENABLE_ROOT:=false}
89 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
89 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
90
90
91 # Advanced settings
91 # Advanced settings
92 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
92 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
93 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
93 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
94 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
94 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
95 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
95 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
96 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
96 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
97 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
97
98
98 # Image chroot path
99 # Image chroot path
99 R=${BUILDDIR}/chroot
100 R=${BUILDDIR}/chroot
100 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
101 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
101
102
102 # Packages required for bootstrapping
103 # Packages required for bootstrapping
103 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
104 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
104
105
105 # Missing packages that need to be installed
106 # Missing packages that need to be installed
106 MISSING_PACKAGES=""
107 MISSING_PACKAGES=""
107
108
108 # Packages required in the chroot build environment
109 # Packages required in the chroot build environment
109 APT_INCLUDES=${APT_INCLUDES:=""}
110 APT_INCLUDES=${APT_INCLUDES:=""}
110 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
111 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
111
112
112 set +x
113 set +x
113
114
114 # Are we running as root?
115 # Are we running as root?
115 if [ "$(id -u)" -ne "0" ] ; then
116 if [ "$(id -u)" -ne "0" ] ; then
116 echo "this script must be executed with root privileges"
117 echo "this script must be executed with root privileges"
117 exit 1
118 exit 1
118 fi
119 fi
119
120
120 # Check if all required packages are installed
121 # Check if all required packages are installed
121 for package in $REQUIRED_PACKAGES ; do
122 for package in $REQUIRED_PACKAGES ; do
122 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
123 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
123 MISSING_PACKAGES="$MISSING_PACKAGES $package"
124 MISSING_PACKAGES="$MISSING_PACKAGES $package"
124 fi
125 fi
125 done
126 done
126
127
127 # Ask if missing packages should get installed right now
128 # Ask if missing packages should get installed right now
128 if [ -n "$MISSING_PACKAGES" ] ; then
129 if [ -n "$MISSING_PACKAGES" ] ; then
129 echo "the following packages needed by this script are not installed:"
130 echo "the following packages needed by this script are not installed:"
130 echo "$MISSING_PACKAGES"
131 echo "$MISSING_PACKAGES"
131
132
132 echo -n "\ndo you want to install the missing packages right now? [y/n] "
133 echo -n "\ndo you want to install the missing packages right now? [y/n] "
133 read confirm
134 read confirm
134 if [ "$confirm" != "y" ] ; then
135 if [ "$confirm" != "y" ] ; then
135 exit 1
136 exit 1
136 fi
137 fi
137 fi
138 fi
138
139
139 # Make sure all required packages are installed
140 # Make sure all required packages are installed
140 apt-get -qq -y install ${REQUIRED_PACKAGES}
141 apt-get -qq -y install ${REQUIRED_PACKAGES}
141
142
142 # Don't clobber an old build
143 # Don't clobber an old build
143 if [ -e "$BUILDDIR" ]; then
144 if [ -e "$BUILDDIR" ]; then
144 echo "directory $BUILDDIR already exists, not proceeding"
145 echo "directory $BUILDDIR already exists, not proceeding"
145 exit 1
146 exit 1
146 fi
147 fi
147
148
148 set -x
149 set -x
149
150
150 # Call "cleanup" function on various signals and errors
151 # Call "cleanup" function on various signals and errors
151 trap cleanup 0 1 2 3 6
152 trap cleanup 0 1 2 3 6
152
153
153 # Set up chroot directory
154 # Set up chroot directory
154 mkdir -p $R
155 mkdir -p $R
155
156
156 # Add required packages for the minbase installation
157 # Add required packages for the minbase installation
157 if [ "$ENABLE_MINBASE" = true ] ; then
158 if [ "$ENABLE_MINBASE" = true ] ; then
158 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
159 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
159 else
160 else
160 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
161 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
161 fi
162 fi
162
163
163 # Add parted package, required to get partprobe utility
164 # Add parted package, required to get partprobe utility
164 if [ "$EXPANDROOT" = true ] ; then
165 if [ "$EXPANDROOT" = true ] ; then
165 APT_INCLUDES="${APT_INCLUDES},parted"
166 APT_INCLUDES="${APT_INCLUDES},parted"
166 fi
167 fi
167
168
168 # Add dbus package, recommended if using systemd
169 # Add dbus package, recommended if using systemd
169 if [ "$ENABLE_DBUS" = true ] ; then
170 if [ "$ENABLE_DBUS" = true ] ; then
170 APT_INCLUDES="${APT_INCLUDES},dbus"
171 APT_INCLUDES="${APT_INCLUDES},dbus"
171 fi
172 fi
172
173
173 # Add iptables IPv4/IPv6 package
174 # Add iptables IPv4/IPv6 package
174 if [ "$ENABLE_IPTABLES" = true ] ; then
175 if [ "$ENABLE_IPTABLES" = true ] ; then
175 APT_INCLUDES="${APT_INCLUDES},iptables"
176 APT_INCLUDES="${APT_INCLUDES},iptables"
176 fi
177 fi
177
178
178 # Add openssh server package
179 # Add openssh server package
179 if [ "$ENABLE_SSHD" = true ] ; then
180 if [ "$ENABLE_SSHD" = true ] ; then
180 APT_INCLUDES="${APT_INCLUDES},openssh-server"
181 APT_INCLUDES="${APT_INCLUDES},openssh-server"
181 fi
182 fi
182
183
183 # Add alsa-utils package
184 # Add alsa-utils package
184 if [ "$ENABLE_SOUND" = true ] ; then
185 if [ "$ENABLE_SOUND" = true ] ; then
185 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
186 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
186 fi
187 fi
187
188
188 # Add rng-tools package
189 # Add rng-tools package
189 if [ "$ENABLE_HWRANDOM" = true ] ; then
190 if [ "$ENABLE_HWRANDOM" = true ] ; then
190 APT_INCLUDES="${APT_INCLUDES},rng-tools"
191 APT_INCLUDES="${APT_INCLUDES},rng-tools"
191 fi
192 fi
192
193
193 if [ "$ENABLE_USER" = true ]; then
194 if [ "$ENABLE_USER" = true ]; then
194 APT_INCLUDES="${APT_INCLUDES},sudo"
195 APT_INCLUDES="${APT_INCLUDES},sudo"
195 fi
196 fi
196
197
197 # Add fbturbo video driver
198 # Add fbturbo video driver
198 if [ "$ENABLE_FBTURBO" = true ] ; then
199 if [ "$ENABLE_FBTURBO" = true ] ; then
199 # Enable xorg package dependencies
200 # Enable xorg package dependencies
200 ENABLE_XORG=true
201 ENABLE_XORG=true
201 fi
202 fi
202
203
203 # Add user defined window manager package
204 # Add user defined window manager package
204 if [ -n "$ENABLE_WM" ] ; then
205 if [ -n "$ENABLE_WM" ] ; then
205 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
206 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
206
207
207 # Enable xorg package dependencies
208 # Enable xorg package dependencies
208 ENABLE_XORG=true
209 ENABLE_XORG=true
209 fi
210 fi
210
211
211 # Add xorg package
212 # Add xorg package
212 if [ "$ENABLE_XORG" = true ] ; then
213 if [ "$ENABLE_XORG" = true ] ; then
213 APT_INCLUDES="${APT_INCLUDES},xorg"
214 APT_INCLUDES="${APT_INCLUDES},xorg"
214 fi
215 fi
215
216
216 # Base debootstrap (unpack only)
217 # Base debootstrap (unpack only)
217 if [ "$ENABLE_MINBASE" = true ] ; then
218 if [ "$ENABLE_MINBASE" = true ] ; then
218 http_proxy=${APT_PROXY} debootstrap --arch=armhf --variant=minbase --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
219 http_proxy=${APT_PROXY} debootstrap --arch=armhf --variant=minbase --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
219 else
220 else
220 http_proxy=${APT_PROXY} debootstrap --arch=armhf --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
221 http_proxy=${APT_PROXY} debootstrap --arch=armhf --foreign --include=${APT_INCLUDES} $RELEASE $R http://${APT_SERVER}/debian
221 fi
222 fi
222
223
223 # Copy qemu emulator binary to chroot
224 # Copy qemu emulator binary to chroot
224 cp /usr/bin/qemu-arm-static $R/usr/bin
225 cp /usr/bin/qemu-arm-static $R/usr/bin
225
226
226 # Copy debian-archive-keyring.pgp
227 # Copy debian-archive-keyring.pgp
227 chroot $R mkdir -p /usr/share/keyrings
228 chroot $R mkdir -p /usr/share/keyrings
228 cp /usr/share/keyrings/debian-archive-keyring.gpg $R/usr/share/keyrings/debian-archive-keyring.gpg
229 cp /usr/share/keyrings/debian-archive-keyring.gpg $R/usr/share/keyrings/debian-archive-keyring.gpg
229
230
230 # Complete the bootstrapping process
231 # Complete the bootstrapping process
231 chroot $R /debootstrap/debootstrap --second-stage
232 chroot $R /debootstrap/debootstrap --second-stage
232
233
233 # Mount required filesystems
234 # Mount required filesystems
234 mount -t proc none $R/proc
235 mount -t proc none $R/proc
235 mount -t sysfs none $R/sys
236 mount -t sysfs none $R/sys
236 mount --bind /dev/pts $R/dev/pts
237 mount --bind /dev/pts $R/dev/pts
237
238
238 # Use proxy inside chroot
239 # Use proxy inside chroot
239 if [ -z "$APT_PROXY" ] ; then
240 if [ -z "$APT_PROXY" ] ; then
240 echo "Acquire::http::Proxy \"$APT_PROXY\";" >> $R/etc/apt/apt.conf.d/10proxy
241 echo "Acquire::http::Proxy \"$APT_PROXY\";" >> $R/etc/apt/apt.conf.d/10proxy
241 fi
242 fi
242
243
243 # Pin package flash-kernel to repositories.collabora.co.uk
244 # Pin package flash-kernel to repositories.collabora.co.uk
244 cat <<EOM >$R/etc/apt/preferences.d/flash-kernel
245 cat <<EOM >$R/etc/apt/preferences.d/flash-kernel
245 Package: flash-kernel
246 Package: flash-kernel
246 Pin: origin repositories.collabora.co.uk
247 Pin: origin repositories.collabora.co.uk
247 Pin-Priority: 1000
248 Pin-Priority: 1000
248 EOM
249 EOM
249
250
250 # Set up timezone
251 # Set up timezone
251 echo ${TIMEZONE} >$R/etc/timezone
252 echo ${TIMEZONE} >$R/etc/timezone
252 chroot_exec dpkg-reconfigure -f noninteractive tzdata
253 chroot_exec dpkg-reconfigure -f noninteractive tzdata
253
254
254 # Upgrade collabora package index and install collabora keyring
255 # Upgrade collabora package index and install collabora keyring
255 echo "deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2" >$R/etc/apt/sources.list
256 echo "deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2" >$R/etc/apt/sources.list
256 chroot_exec apt-get -qq -y update
257 chroot_exec apt-get -qq -y update
257 chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring
258 chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring
258
259
259 # Set up initial sources.list
260 # Set up initial sources.list
260 cat <<EOM >$R/etc/apt/sources.list
261 cat <<EOM >$R/etc/apt/sources.list
261 deb http://${APT_SERVER}/debian ${RELEASE} main contrib
262 deb http://${APT_SERVER}/debian ${RELEASE} main contrib
262 #deb-src http://${APT_SERVER}/debian ${RELEASE} main contrib
263 #deb-src http://${APT_SERVER}/debian ${RELEASE} main contrib
263
264
264 deb http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
265 deb http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
265 #deb-src http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
266 #deb-src http://${APT_SERVER}/debian/ ${RELEASE}-updates main contrib
266
267
267 deb http://security.debian.org/ ${RELEASE}/updates main contrib
268 deb http://security.debian.org/ ${RELEASE}/updates main contrib
268 #deb-src http://security.debian.org/ ${RELEASE}/updates main contrib
269 #deb-src http://security.debian.org/ ${RELEASE}/updates main contrib
269
270
270 deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2
271 deb https://repositories.collabora.co.uk/debian ${RELEASE} rpi2
271 EOM
272 EOM
272
273
273 # Upgrade package index and update all installed packages and changed dependencies
274 # Upgrade package index and update all installed packages and changed dependencies
274 chroot_exec apt-get -qq -y update
275 chroot_exec apt-get -qq -y update
275 chroot_exec apt-get -qq -y -u dist-upgrade
276 chroot_exec apt-get -qq -y -u dist-upgrade
276
277
277 # Set up default locale and keyboard configuration
278 # Set up default locale and keyboard configuration
278 if [ "$ENABLE_MINBASE" = false ] ; then
279 if [ "$ENABLE_MINBASE" = false ] ; then
279 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
280 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
280 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
281 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
281 # ... so we have to set locales manually
282 # ... so we have to set locales manually
282 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
283 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
283 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
284 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
284 else
285 else
285 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
286 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
286 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
287 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
287 chroot_exec sed -i "/en_US.UTF-8/s/^#//" /etc/locale.gen
288 chroot_exec sed -i "/en_US.UTF-8/s/^#//" /etc/locale.gen
288 fi
289 fi
289 chroot_exec sed -i "/${DEFLOCAL}/s/^#//" /etc/locale.gen
290 chroot_exec sed -i "/${DEFLOCAL}/s/^#//" /etc/locale.gen
290 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
291 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
291 chroot_exec locale-gen
292 chroot_exec locale-gen
292 chroot_exec update-locale LANG=${DEFLOCAL}
293 chroot_exec update-locale LANG=${DEFLOCAL}
293
294
294 # Keyboard configuration, if requested
295 # Keyboard configuration, if requested
295 if [ "$XKBMODEL" != "" ] ; then
296 if [ "$XKBMODEL" != "" ] ; then
296 chroot_exec sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKBMODEL}\"/" /etc/default/keyboard
297 chroot_exec sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKBMODEL}\"/" /etc/default/keyboard
297 fi
298 fi
298 if [ "$XKBLAYOUT" != "" ] ; then
299 if [ "$XKBLAYOUT" != "" ] ; then
299 chroot_exec sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKBLAYOUT}\"/" /etc/default/keyboard
300 chroot_exec sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKBLAYOUT}\"/" /etc/default/keyboard
300 fi
301 fi
301 if [ "$XKBVARIANT" != "" ] ; then
302 if [ "$XKBVARIANT" != "" ] ; then
302 chroot_exec sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKBVARIANT}\"/" /etc/default/keyboard
303 chroot_exec sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKBVARIANT}\"/" /etc/default/keyboard
303 fi
304 fi
304 if [ "$XKBOPTIONS" != "" ] ; then
305 if [ "$XKBOPTIONS" != "" ] ; then
305 chroot_exec sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKBOPTIONS}\"/" /etc/default/keyboard
306 chroot_exec sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKBOPTIONS}\"/" /etc/default/keyboard
306 fi
307 fi
307 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
308 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
308 # Set up font console
309 # Set up font console
309 case "${DEFLOCAL}" in
310 case "${DEFLOCAL}" in
310 *UTF-8)
311 *UTF-8)
311 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' /etc/default/console-setup
312 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' /etc/default/console-setup
312 ;;
313 ;;
313 *)
314 *)
314 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="guess"/' /etc/default/console-setup
315 chroot_exec sed -i 's/^CHARMAP.*/CHARMAP="guess"/' /etc/default/console-setup
315 ;;
316 ;;
316 esac
317 esac
317 chroot_exec dpkg-reconfigure -f noninteractive console-setup
318 chroot_exec dpkg-reconfigure -f noninteractive console-setup
318 fi
319 fi
319
320
320 # Kernel installation
321 # Kernel installation
321 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
322 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
322 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${KERNEL} raspberrypi-bootloader-nokernel
323 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${KERNEL} raspberrypi-bootloader-nokernel
323 chroot_exec apt-get -qq -y install flash-kernel
324 chroot_exec apt-get -qq -y install flash-kernel
324
325
325 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
326 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
326 [ -z "$VMLINUZ" ] && exit 1
327 [ -z "$VMLINUZ" ] && exit 1
327 cp $VMLINUZ $R/boot/firmware/kernel7.img
328 cp $VMLINUZ $R/boot/firmware/kernel7.img
328
329
329 # Set up IPv4 hosts
330 # Set up IPv4 hosts
330 echo ${HOSTNAME} >$R/etc/hostname
331 echo ${HOSTNAME} >$R/etc/hostname
331 cat <<EOM >$R/etc/hosts
332 cat <<EOM >$R/etc/hosts
332 127.0.0.1 localhost
333 127.0.0.1 localhost
333 127.0.1.1 ${HOSTNAME}
334 127.0.1.1 ${HOSTNAME}
334 EOM
335 EOM
335 if [ "$NET_ADDRESS" != "" ] ; then
336 if [ "$NET_ADDRESS" != "" ] ; then
336 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
337 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
337 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
338 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
338 fi
339 fi
339
340
340 # Set up IPv6 hosts
341 # Set up IPv6 hosts
341 if [ "$ENABLE_IPV6" = true ] ; then
342 if [ "$ENABLE_IPV6" = true ] ; then
342 cat <<EOM >>$R/etc/hosts
343 cat <<EOM >>$R/etc/hosts
343
344
344 ::1 localhost ip6-localhost ip6-loopback
345 ::1 localhost ip6-localhost ip6-loopback
345 ff02::1 ip6-allnodes
346 ff02::1 ip6-allnodes
346 ff02::2 ip6-allrouters
347 ff02::2 ip6-allrouters
347 EOM
348 EOM
348 fi
349 fi
349
350
350 # Place hint about network configuration
351 # Place hint about network configuration
351 cat <<EOM >$R/etc/network/interfaces
352 cat <<EOM >$R/etc/network/interfaces
352 # Debian switched to systemd-networkd configuration files.
353 # Debian switched to systemd-networkd configuration files.
353 # please configure your networks in '/etc/systemd/network/'
354 # please configure your networks in '/etc/systemd/network/'
354 EOM
355 EOM
355
356
356 if [ "$ENABLE_DHCP" = true ] ; then
357 if [ "$ENABLE_DHCP" = true ] ; then
357 # Enable systemd-networkd DHCP configuration for interface eth0
358 # Enable systemd-networkd DHCP configuration for interface eth0
358 cat <<EOM >$R/etc/systemd/network/eth.network
359 cat <<EOM >$R/etc/systemd/network/eth.network
359 [Match]
360 [Match]
360 Name=eth0
361 Name=eth0
361
362
362 [Network]
363 [Network]
363 DHCP=yes
364 DHCP=yes
364 EOM
365 EOM
365
366
366 # Set DHCP configuration to IPv4 only
367 # Set DHCP configuration to IPv4 only
367 if [ "$ENABLE_IPV6" = false ] ; then
368 if [ "$ENABLE_IPV6" = false ] ; then
368 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
369 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
369 fi
370 fi
370 else # ENABLE_DHCP=false
371 else # ENABLE_DHCP=false
371 cat <<EOM >$R/etc/systemd/network/eth.network
372 cat <<EOM >$R/etc/systemd/network/eth.network
372 [Match]
373 [Match]
373 Name=eth0
374 Name=eth0
374
375
375 [Network]
376 [Network]
376 DHCP=no
377 DHCP=no
377 Address=${NET_ADDRESS}
378 Address=${NET_ADDRESS}
378 Gateway=${NET_GATEWAY}
379 Gateway=${NET_GATEWAY}
379 DNS=${NET_DNS_1}
380 DNS=${NET_DNS_1}
380 DNS=${NET_DNS_2}
381 DNS=${NET_DNS_2}
381 Domains=${NET_DNS_DOMAINS}
382 Domains=${NET_DNS_DOMAINS}
382 NTP=${NET_NTP_1}
383 NTP=${NET_NTP_1}
383 NTP=${NET_NTP_2}
384 NTP=${NET_NTP_2}
384 EOM
385 EOM
385 fi
386 fi
386
387
387 # Enable systemd-networkd service
388 # Enable systemd-networkd service
388 chroot_exec systemctl enable systemd-networkd
389 chroot_exec systemctl enable systemd-networkd
389
390
390 # Generate crypt(3) password string
391 # Generate crypt(3) password string
391 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 ${PASSWORD}`
392 ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 ${PASSWORD}`
392
393
393 # Set up default user
394 # Set up default user
394 if [ "$ENABLE_USER" = true ] ; then
395 if [ "$ENABLE_USER" = true ] ; then
395 chroot_exec adduser --gecos pi --add_extra_groups --disabled-password pi
396 chroot_exec adduser --gecos pi --add_extra_groups --disabled-password pi
396 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_PASSWORD}" pi
397 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_PASSWORD}" pi
397 fi
398 fi
398
399
399 # Set up root password or not
400 # Set up root password or not
400 if [ "$ENABLE_ROOT" = true ]; then
401 if [ "$ENABLE_ROOT" = true ]; then
401 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
402 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
402
403
403 if [ "$ENABLE_ROOT_SSH" = true ]; then
404 if [ "$ENABLE_ROOT_SSH" = true ]; then
404 sed -i 's|[#]*PermitRootLogin.*|PermitRootLogin yes|g' $R/etc/ssh/sshd_config
405 sed -i 's|[#]*PermitRootLogin.*|PermitRootLogin yes|g' $R/etc/ssh/sshd_config
405 fi
406 fi
406 else
407 else
407 chroot_exec usermod -p \'!\' root
408 chroot_exec usermod -p \'!\' root
408 fi
409 fi
409
410
410 # Set up firmware boot cmdline
411 # Set up firmware boot cmdline
411 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1"
412 if [ "$ENABLE_SPLITFS" = true ] ; then
413 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1"
414 else
415 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1"
416 fi
412
417
413 # Set up serial console support (if requested)
418 # Set up serial console support (if requested)
414 if [ "$ENABLE_CONSOLE" = true ] ; then
419 if [ "$ENABLE_CONSOLE" = true ] ; then
415 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
420 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
416 fi
421 fi
417
422
418 # Set up IPv6 networking support
423 # Set up IPv6 networking support
419 if [ "$ENABLE_IPV6" = false ] ; then
424 if [ "$ENABLE_IPV6" = false ] ; then
420 CMDLINE="${CMDLINE} ipv6.disable=1"
425 CMDLINE="${CMDLINE} ipv6.disable=1"
421 fi
426 fi
422
427
423 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
428 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
424
429
425 # Set up firmware config
430 # Set up firmware config
426 install -o root -g root -m 644 files/config.txt $R/boot/firmware/config.txt
431 install -o root -g root -m 644 files/config.txt $R/boot/firmware/config.txt
427
432
428 # Load snd_bcm2835 kernel module at boot time
433 # Load snd_bcm2835 kernel module at boot time
429 if [ "$ENABLE_SOUND" = true ] ; then
434 if [ "$ENABLE_SOUND" = true ] ; then
430 echo "snd_bcm2835" >>$R/etc/modules
435 echo "snd_bcm2835" >>$R/etc/modules
431 fi
436 fi
432
437
433 # Set smallest possible GPU memory allocation size: 16MB (no X)
438 # Set smallest possible GPU memory allocation size: 16MB (no X)
434 if [ "$ENABLE_MINGPU" = true ] ; then
439 if [ "$ENABLE_MINGPU" = true ] ; then
435 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
440 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
436 fi
441 fi
437
442
438 # Create symlinks
443 # Create symlinks
439 ln -sf firmware/config.txt $R/boot/config.txt
444 ln -sf firmware/config.txt $R/boot/config.txt
440 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
445 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
441
446
442 # Prepare modules-load.d directory
447 # Prepare modules-load.d directory
443 mkdir -p $R/lib/modules-load.d/
448 mkdir -p $R/lib/modules-load.d/
444
449
445 # Load random module on boot
450 # Load random module on boot
446 if [ "$ENABLE_HWRANDOM" = true ] ; then
451 if [ "$ENABLE_HWRANDOM" = true ] ; then
447 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
452 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
448 bcm2708_rng
453 bcm2708_rng
449 EOM
454 EOM
450 fi
455 fi
451
456
452 # Prepare modprobe.d directory
457 # Prepare modprobe.d directory
453 mkdir -p $R/etc/modprobe.d/
458 mkdir -p $R/etc/modprobe.d/
454
459
455 # Blacklist sound modules
460 # Blacklist sound modules
456 install -o root -g root -m 644 files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
461 install -o root -g root -m 644 files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
457
462
458 # Create default fstab
463 # Create default fstab
459 install -o root -g root -m 644 files/fstab $R/etc/fstab
464 install -o root -g root -m 644 files/fstab $R/etc/fstab
465 if [ "$ENABLE_SPLITFS" = true ] ; then
466 sed -i '/mmcblk0p2/sda1/' $R/etc/fstab
467 fi
460
468
461 # Avoid swapping and increase cache sizes
469 # Avoid swapping and increase cache sizes
462 install -o root -g root -m 644 files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
470 install -o root -g root -m 644 files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
463
471
464 # Enable network stack hardening
472 # Enable network stack hardening
465 if [ "$ENABLE_HARDNET" = true ] ; then
473 if [ "$ENABLE_HARDNET" = true ] ; then
466 install -o root -g root -m 644 files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
474 install -o root -g root -m 644 files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
467
475
468 # Enable resolver warnings about spoofed addresses
476 # Enable resolver warnings about spoofed addresses
469 cat <<EOM >>$R/etc/host.conf
477 cat <<EOM >>$R/etc/host.conf
470 spoof warn
478 spoof warn
471 EOM
479 EOM
472 fi
480 fi
473
481
474 # First boot actions
482 # First boot actions
475 cat files/firstboot/10-begin.sh > $R/etc/rc.firstboot
483 cat files/firstboot/10-begin.sh > $R/etc/rc.firstboot
476
484
477 # Ensure openssh server host keys are regenerated on first boot
485 # Ensure openssh server host keys are regenerated on first boot
478 if [ "$ENABLE_SSHD" = true ] ; then
486 if [ "$ENABLE_SSHD" = true ] ; then
479 cat files/firstboot/21-generate-ssh-keys.sh >> $R/etc/rc.firstboot
487 cat files/firstboot/21-generate-ssh-keys.sh >> $R/etc/rc.firstboot
480 rm -f $R/etc/ssh/ssh_host_*
488 rm -f $R/etc/ssh/ssh_host_*
481 fi
489 fi
482
490
483 if [ "$EXPANDROOT" = true ] ; then
491 if [ "$EXPANDROOT" = true ] ; then
484 cat files/firstboot/22-expandroot.sh >> $R/etc/rc.firstboot
492 cat files/firstboot/22-expandroot.sh >> $R/etc/rc.firstboot
485 fi
493 fi
486
494
487 cat files/firstboot/99-finish.sh >> $R/etc/rc.firstboot
495 cat files/firstboot/99-finish.sh >> $R/etc/rc.firstboot
488 chmod +x $R/etc/rc.firstboot
496 chmod +x $R/etc/rc.firstboot
489
497
490 sed -i '/exit 0/d' $R/etc/rc.local
498 sed -i '/exit 0/d' $R/etc/rc.local
491 echo /etc/rc.firstboot >> $R/etc/rc.local
499 echo /etc/rc.firstboot >> $R/etc/rc.local
492 echo exit 0 >> $R/etc/rc.local
500 echo exit 0 >> $R/etc/rc.local
493
501
494 # Disable rsyslog
502 # Disable rsyslog
495 if [ "$ENABLE_RSYSLOG" = false ]; then
503 if [ "$ENABLE_RSYSLOG" = false ]; then
496 sed -i 's|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g' $R/etc/systemd/journald.conf
504 sed -i 's|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g' $R/etc/systemd/journald.conf
497 chroot_exec systemctl disable rsyslog
505 chroot_exec systemctl disable rsyslog
498 chroot_exec apt-get purge -q -y --force-yes rsyslog
506 chroot_exec apt-get purge -q -y --force-yes rsyslog
499 fi
507 fi
500
508
501 # Enable serial console systemd style
509 # Enable serial console systemd style
502 if [ "$ENABLE_CONSOLE" = true ] ; then
510 if [ "$ENABLE_CONSOLE" = true ] ; then
503 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
511 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
504 fi
512 fi
505
513
506 # Enable firewall based on iptables started by systemd service
514 # Enable firewall based on iptables started by systemd service
507 if [ "$ENABLE_IPTABLES" = true ] ; then
515 if [ "$ENABLE_IPTABLES" = true ] ; then
508 # Create iptables configuration directory
516 # Create iptables configuration directory
509 mkdir -p "$R/etc/iptables"
517 mkdir -p "$R/etc/iptables"
510
518
511 # Create iptables systemd service
519 # Create iptables systemd service
512 install -o root -g root -m 644 files/iptables/iptables.service $R/etc/systemd/system/iptables.service
520 install -o root -g root -m 644 files/iptables/iptables.service $R/etc/systemd/system/iptables.service
513
521
514 # Create flush-table script called by iptables service
522 # Create flush-table script called by iptables service
515 install -o root -g root -m 755 files/iptables/flush-iptables.sh $R/etc/iptables/flush-iptables.sh
523 install -o root -g root -m 755 files/iptables/flush-iptables.sh $R/etc/iptables/flush-iptables.sh
516
524
517 # Create iptables rule file
525 # Create iptables rule file
518 install -o root -g root -m 644 files/iptables/iptables.rules $R/etc/iptables/iptables.rules
526 install -o root -g root -m 644 files/iptables/iptables.rules $R/etc/iptables/iptables.rules
519
527
520 # Reload systemd configuration and enable iptables service
528 # Reload systemd configuration and enable iptables service
521 chroot_exec systemctl daemon-reload
529 chroot_exec systemctl daemon-reload
522 chroot_exec systemctl enable iptables.service
530 chroot_exec systemctl enable iptables.service
523
531
524 if [ "$ENABLE_IPV6" = true ] ; then
532 if [ "$ENABLE_IPV6" = true ] ; then
525 # Create ip6tables systemd service
533 # Create ip6tables systemd service
526 install -o root -g root -m 644 files/iptables/ip6tables.service $R/etc/systemd/system/ip6tables.service
534 install -o root -g root -m 644 files/iptables/ip6tables.service $R/etc/systemd/system/ip6tables.service
527
535
528 # Create ip6tables file
536 # Create ip6tables file
529 install -o root -g root -m 755 files/iptables/flush-ip6tables.sh $R/etc/iptables/flush-ip6tables.sh
537 install -o root -g root -m 755 files/iptables/flush-ip6tables.sh $R/etc/iptables/flush-ip6tables.sh
530
538
531 install -o root -g root -m 644 files/iptables/ip6tables.rules $R/etc/iptables/ip6tables.rules
539 install -o root -g root -m 644 files/iptables/ip6tables.rules $R/etc/iptables/ip6tables.rules
532
540
533 # Reload systemd configuration and enable iptables service
541 # Reload systemd configuration and enable iptables service
534 chroot_exec systemctl daemon-reload
542 chroot_exec systemctl daemon-reload
535 chroot_exec systemctl enable ip6tables.service
543 chroot_exec systemctl enable ip6tables.service
536 fi
544 fi
537 fi
545 fi
538
546
539 # Remove SSHD related iptables rules
547 # Remove SSHD related iptables rules
540 if [ "$ENABLE_SSHD" = false ] ; then
548 if [ "$ENABLE_SSHD" = false ] ; then
541 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null
549 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null
542 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/ip6tables.rules 2> /dev/null
550 sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/ip6tables.rules 2> /dev/null
543 fi
551 fi
544
552
545 # Install gcc/c++ build environment inside the chroot
553 # Install gcc/c++ build environment inside the chroot
546 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
554 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
547 chroot_exec apt-get install -q -y --force-yes --no-install-recommends linux-compiler-gcc-4.9-arm g++ make bc
555 chroot_exec apt-get install -q -y --force-yes --no-install-recommends linux-compiler-gcc-4.9-arm g++ make bc
548 fi
556 fi
549
557
550 # Fetch and build U-Boot bootloader
558 # Fetch and build U-Boot bootloader
551 if [ "$ENABLE_UBOOT" = true ] ; then
559 if [ "$ENABLE_UBOOT" = true ] ; then
552 # Fetch U-Boot bootloader sources
560 # Fetch U-Boot bootloader sources
553 git -C $R/tmp clone git://git.denx.de/u-boot.git
561 git -C $R/tmp clone git://git.denx.de/u-boot.git
554
562
555 # Build and install U-Boot inside chroot
563 # Build and install U-Boot inside chroot
556 chroot_exec make -C /tmp/u-boot/ rpi_2_defconfig all
564 chroot_exec make -C /tmp/u-boot/ rpi_2_defconfig all
557
565
558 # Copy compiled bootloader binary and set config.txt to load it
566 # Copy compiled bootloader binary and set config.txt to load it
559 cp $R/tmp/u-boot/u-boot.bin $R/boot/firmware/
567 cp $R/tmp/u-boot/u-boot.bin $R/boot/firmware/
560 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> $R/boot/firmware/config.txt
568 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> $R/boot/firmware/config.txt
561
569
562 # Set U-Boot command file
570 # Set U-Boot command file
563 cat <<EOM >$R/boot/firmware/uboot.mkimage
571 cat <<EOM >$R/boot/firmware/uboot.mkimage
564 # Tell Linux that it is booting on a Raspberry Pi2
572 # Tell Linux that it is booting on a Raspberry Pi2
565 setenv machid 0x00000c42
573 setenv machid 0x00000c42
566
574
567 # Set the kernel boot command line
575 # Set the kernel boot command line
568 setenv bootargs "earlyprintk ${CMDLINE}"
576 setenv bootargs "earlyprintk ${CMDLINE}"
569
577
570 # Save these changes to u-boot's environment
578 # Save these changes to u-boot's environment
571 saveenv
579 saveenv
572
580
573 # Load the existing Linux kernel into RAM
581 # Load the existing Linux kernel into RAM
574 fatload mmc 0:1 \${kernel_addr_r} kernel7.img
582 fatload mmc 0:1 \${kernel_addr_r} kernel7.img
575
583
576 # Boot the kernel we have just loaded
584 # Boot the kernel we have just loaded
577 bootz \${kernel_addr_r}
585 bootz \${kernel_addr_r}
578 EOM
586 EOM
579
587
580 # Generate U-Boot image from command file
588 # Generate U-Boot image from command file
581 chroot_exec mkimage -A arm -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi2 Boot Script" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
589 chroot_exec mkimage -A arm -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi2 Boot Script" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
582 fi
590 fi
583
591
584 # Fetch and build fbturbo Xorg driver
592 # Fetch and build fbturbo Xorg driver
585 if [ "$ENABLE_FBTURBO" = true ] ; then
593 if [ "$ENABLE_FBTURBO" = true ] ; then
586 # Fetch fbturbo driver sources
594 # Fetch fbturbo driver sources
587 git -C $R/tmp clone https://github.com/ssvb/xf86-video-fbturbo.git
595 git -C $R/tmp clone https://github.com/ssvb/xf86-video-fbturbo.git
588
596
589 # Install Xorg build dependencies
597 # Install Xorg build dependencies
590 chroot_exec apt-get install -q -y --no-install-recommends xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
598 chroot_exec apt-get install -q -y --no-install-recommends xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
591
599
592 # Build and install fbturbo driver inside chroot
600 # Build and install fbturbo driver inside chroot
593 chroot_exec /bin/bash -c "cd /tmp/xf86-video-fbturbo; autoreconf -vi; ./configure --prefix=/usr; make; make install"
601 chroot_exec /bin/bash -c "cd /tmp/xf86-video-fbturbo; autoreconf -vi; ./configure --prefix=/usr; make; make install"
594
602
595 # Add fbturbo driver to Xorg configuration
603 # Add fbturbo driver to Xorg configuration
596 cat <<EOM >$R/usr/share/X11/xorg.conf.d/99-fbturbo.conf
604 cat <<EOM >$R/usr/share/X11/xorg.conf.d/99-fbturbo.conf
597 Section "Device"
605 Section "Device"
598 Identifier "Allwinner A10/A13 FBDEV"
606 Identifier "Allwinner A10/A13 FBDEV"
599 Driver "fbturbo"
607 Driver "fbturbo"
600 Option "fbdev" "/dev/fb0"
608 Option "fbdev" "/dev/fb0"
601 Option "SwapbuffersWait" "true"
609 Option "SwapbuffersWait" "true"
602 EndSection
610 EndSection
603 EOM
611 EOM
604
612
605 # Remove Xorg build dependencies
613 # Remove Xorg build dependencies
606 chroot_exec apt-get -q -y purge --auto-remove xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
614 chroot_exec apt-get -q -y purge --auto-remove xorg-dev xutils-dev x11proto-dri2-dev libltdl-dev libtool automake libdrm-dev
607 fi
615 fi
608
616
609 # Remove gcc/c++ build environment from the chroot
617 # Remove gcc/c++ build environment from the chroot
610 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
618 if [ "$ENABLE_UBOOT" = true ] || [ "$ENABLE_FBTURBO" = true ]; then
611 chroot_exec apt-get -y -q purge --auto-remove bc binutils cpp cpp-4.9 g++ g++-4.9 gcc gcc-4.9 libasan1 libatomic1 libc-dev-bin libc6-dev libcloog-isl4 libgcc-4.9-dev libgomp1 libisl10 libmpc3 libmpfr4 libstdc++-4.9-dev libubsan0 linux-compiler-gcc-4.9-arm linux-libc-dev make
619 chroot_exec apt-get -y -q purge --auto-remove bc binutils cpp cpp-4.9 g++ g++-4.9 gcc gcc-4.9 libasan1 libatomic1 libc-dev-bin libc6-dev libcloog-isl4 libgcc-4.9-dev libgomp1 libisl10 libmpc3 libmpfr4 libstdc++-4.9-dev libubsan0 linux-compiler-gcc-4.9-arm linux-libc-dev make
612 fi
620 fi
613
621
614 # Clean cached downloads
622 # Clean cached downloads
615 chroot_exec apt-get -y clean
623 chroot_exec apt-get -y clean
616 chroot_exec apt-get -y autoclean
624 chroot_exec apt-get -y autoclean
617 chroot_exec apt-get -y autoremove
625 chroot_exec apt-get -y autoremove
618
626
619 # Invoke custom scripts
627 # Invoke custom scripts
620 if [ -n "${CHROOT_SCRIPTS}" ]; then
628 if [ -n "${CHROOT_SCRIPTS}" ]; then
621 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
629 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
622 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
630 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
623 rm -rf "${R}/chroot_scripts"
631 rm -rf "${R}/chroot_scripts"
624 fi
632 fi
625
633
626 # Unmount mounted filesystems
634 # Unmount mounted filesystems
627 umount -l $R/proc
635 umount -l $R/proc
628 umount -l $R/sys
636 umount -l $R/sys
629
637
630 # Clean up files
638 # Clean up files
631 rm -f $R/etc/apt/sources.list.save
639 rm -f $R/etc/apt/sources.list.save
632 rm -f $R/etc/resolvconf/resolv.conf.d/original
640 rm -f $R/etc/resolvconf/resolv.conf.d/original
633 rm -rf $R/run
641 rm -rf $R/run
634 mkdir -p $R/run
642 mkdir -p $R/run
635 rm -f $R/etc/*-
643 rm -f $R/etc/*-
636 rm -f $R/root/.bash_history
644 rm -f $R/root/.bash_history
637 rm -rf $R/tmp/*
645 rm -rf $R/tmp/*
638 rm -f $R/var/lib/urandom/random-seed
646 rm -f $R/var/lib/urandom/random-seed
639 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
647 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
640 rm -f $R/etc/machine-id
648 rm -f $R/etc/machine-id
641 rm -fr $R/etc/apt/apt.conf.d/10proxy
649 rm -fr $R/etc/apt/apt.conf.d/10proxy
642
650
643 # Calculate size of the chroot directory in KB
651 # Calculate size of the chroot directory in KB
644 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
652 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
645
653
646 # Calculate the amount of needed 512 Byte sectors
654 # Calculate the amount of needed 512 Byte sectors
647 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
655 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
648 BOOT_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
656 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
649 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS})
657 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
650
658
651 # The root partition is EXT4
659 # The root partition is EXT4
652 # This means more space than the actual used space of the chroot is used.
660 # This means more space than the actual used space of the chroot is used.
653 # As overhead for journaling and reserved blocks 20% are added.
661 # As overhead for journaling and reserved blocks 20% are added.
654 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
662 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
655
663
656 # Calculate required image size in 512 Byte sectors
664 # Calculate required image size in 512 Byte sectors
657 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS} + ${ROOT_SECTORS})
665 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
658
666
659 # Prepare date string for image file name
667 # Prepare date string for image file name
660 DATE="$(date +%Y-%m-%d)"
668 DATE="$(date +%Y-%m-%d)"
661
669
662 # Prepare image file
670 # Prepare image file
663 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
671 if [ "$ENABLE_SPLITFS" = true ] ; then
664 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
672 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
673 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
674 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
675 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
676 # Write partition tables
677 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" <<EOM
678 unit: sectors
665
679
666 # Write partition table
680 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
667 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
681 2 : start= 0, size= 0, Id= 0
682 3 : start= 0, size= 0, Id= 0
683 4 : start= 0, size= 0, Id= 0
684 EOM
685 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" <<EOM
668 unit: sectors
686 unit: sectors
669
687
670 1 : start= ${TABLE_SECTORS}, size= ${BOOT_SECTORS}, Id= c, bootable
688 1 : start= ${TABLE_SECTORS}, size= ${ROOT_SECTORS}, Id=83
689 2 : start= 0, size= 0, Id= 0
690 3 : start= 0, size= 0, Id= 0
691 4 : start= 0, size= 0, Id= 0
692 EOM
693 # Set up temporary loop devices and build filesystems
694 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
695 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
696 else
697 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
698 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
699 # Write partition table
700 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
701 unit: sectors
702
703 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
671 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
704 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
672 3 : start= 0, size= 0, Id= 0
705 3 : start= 0, size= 0, Id= 0
673 4 : start= 0, size= 0, Id= 0
706 4 : start= 0, size= 0, Id= 0
674 EOM
707 EOM
708 # Set up temporary loop devices and build filesystems
709 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
710 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
711 fi
675
712
676 # Set up temporary loop devices and build filesystems
713 mkfs.vfat "$FRMW_LOOP"
677 VFAT_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
714 mkfs.ext4 "$ROOT_LOOP"
678 EXT4_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
679 mkfs.vfat "$VFAT_LOOP"
680 mkfs.ext4 "$EXT4_LOOP"
681
715
682 # Mount the temporary loop devices
716 # Mount the temporary loop devices
683 mkdir -p "$BUILDDIR/mount"
717 mkdir -p "$BUILDDIR/mount"
684 mount "$EXT4_LOOP" "$BUILDDIR/mount"
718 mount "$ROOT_LOOP" "$BUILDDIR/mount"
685
719
686 mkdir -p "$BUILDDIR/mount/boot/firmware"
720 mkdir -p "$BUILDDIR/mount/boot/firmware"
687 mount "$VFAT_LOOP" "$BUILDDIR/mount/boot/firmware"
721 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
688
722
689 # Copy all files from the chroot to the loop device mount point directory
723 # Copy all files from the chroot to the loop device mount point directory
690 rsync -a "$R/" "$BUILDDIR/mount/"
724 rsync -a "$R/" "$BUILDDIR/mount/"
691
725
692 # Unmount all temporary loop devices and mount points
726 # Unmount all temporary loop devices and mount points
693 cleanup
727 cleanup
694
728
695 # (optinal) create block map file for "bmaptool"
729 if [ "$ENABLE_SPLITFS" = true ] ; then
696 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
730 # (optional) create block map file for "bmaptool"
731 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
732 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
733
734 # Image was successfully created
735 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} \* 512 \/ 1024)M)" ": successfully created"
736 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr ${TABLE_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024)M)" ": successfully created"
737 else
738 # (optional) create block map file for "bmaptool"
739 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
697
740
698 # Image was successfully created
741 # Image was successfully created
699 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img (${IMAGE_SIZE})" ": successfully created"
742 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024)M)" ": successfully created"
743 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant