Raspi2-3_GenImage Commit - r338:5dd9ea36ae5f · Collaboration Tremplin des Sciences

fixes...

Unknown -

r338:5dd9ea36ae5f

parent child

Context file:

r338:5dd9ea36ae5f

Collapse all files

bootstrap.d/13-kernel.sh +6 -6

             #
             # Build and Setup RPi2/3 Kernel
             #
             # Load utility functions
             . ./functions.sh
             # Fetch and build latest raspberry kernel
             if [ "$BUILD_KERNEL" = true ] ; then
               # Setup source directory
               mkdir -p "${R}/usr/src/linux"
               # Copy existing kernel sources into chroot directory
               if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
                 # Copy kernel sources and include hidden files
                 cp -r "${KERNELSRC_DIR}/". "${R}/usr/src/linux"
                 # Clean the kernel sources
                 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
                 fi
               else # KERNELSRC_DIR=""
                 # Create temporary directory for kernel sources
                 temp_dir=$(as_nobody mktemp -d)
                 # Fetch current RPi2/3 kernel sources
                 if [ -z "${KERNEL_BRANCH}" ] ; then
                   as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
                 else
                   as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
-               fi
+                fi
                 # Copy downloaded kernel sources
                 cp -r "${temp_dir}/linux/"* "${R}/usr/src/linux/"
                 # Remove temporary directory for kernel sources
                 rm -fr "${temp_dir}"
                 # Set permissions of the kernel sources
                 chown -R root:root "${R}/usr/src"
               fi
               # Calculate optimal number of kernel building threads
               if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
                 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
               fi
               # Configure and build kernel
               if [ "$KERNELSRC_PREBUILT" = false ] ; then
                 # Remove device, network and filesystem drivers from kernel configuration
                 if [ "$KERNEL_REDUCE" = true ] ; then
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
                   sed -i\
                   -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
                   -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
                   -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
                   -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
                   -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
                   -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
                   -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
                   "${KERNEL_DIR}/.config"
                 fi
                 if [ "$KERNELSRC_CONFIG" = true ] ; then
                   # Load default raspberry kernel configuration
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
                   # Set kernel configuration parameters to enable qemu emulation
                   if [ "$ENABLE_QEMU" = true ] ; then
                     echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
                     echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
                     if [ "$ENABLE_CRYPTFS" = true ] ; then
                       {
                         echo "CONFIG_EMBEDDED=y"
                         echo "CONFIG_EXPERT=y"
                         echo "CONFIG_DAX=y"
                         echo "CONFIG_MD=y"
                         echo "CONFIG_BLK_DEV_MD=y"
                         echo "CONFIG_MD_AUTODETECT=y"
                         echo "CONFIG_BLK_DEV_DM=y"
                         echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
                         echo "CONFIG_DM_CRYPT=y"
                         echo "CONFIG_CRYPTO_BLKCIPHER=y"
                         echo "CONFIG_CRYPTO_CBC=y"
                         echo "CONFIG_CRYPTO_XTS=y"
                         echo "CONFIG_CRYPTO_SHA512=y"
                         echo "CONFIG_CRYPTO_MANAGER=y"
                       } >> ${KERNEL_DIR}/.config
-            	fi
+                    fi
                   fi
                   # Copy custom kernel configuration file
                   if [ -n "$KERNELSRC_USRCONFIG" ] ; then
                     cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
                   fi
                   # Set kernel configuration parameters to their default values
                   if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
                     make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
                   fi
                   # Start menu-driven kernel configuration (interactive)
                   if [ "$KERNEL_MENUCONFIG" = true ] ; then
                     make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
                   fi
                 fi
                 # Use ccache to cross compile the kernel
                 if [ "$KERNEL_CCACHE" = true ] ; then
                   cc="ccache ${CROSS_COMPILE}gcc"
                 else
                   cc="${CROSS_COMPILE}gcc"
                 fi
                 # Cross compile kernel and dtbs
                 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
                 # Cross compile kernel modules
                 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
                   make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
                 fi
               fi
               # Check if kernel compilation was successful
               if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
                 echo "error: kernel compilation failed! (kernel image not found)"
                 cleanup
                 exit 1
               fi
               # Install kernel modules
               if [ "$ENABLE_REDUCE" = true ] ; then
                 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
                 fi
               else
                 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
                 fi
                 # Install kernel firmware
                 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
                   make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
                 fi
               fi
               # Install kernel headers
               if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
                 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
               fi
               # Prepare boot (firmware) directory
               mkdir "${BOOT_DIR}"
               # Get kernel release version
-              KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"`
+              KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
               # Copy kernel configuration file to the boot directory
               install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
               # Prepare device tree directory
               mkdir "${BOOT_DIR}/overlays"
               # Ensure the proper .dtb is located
               if [ "$KERNEL_ARCH" = "arm" ] ; then
                 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
                   if [ -f "${dtb}" ] ; then
                     install_readonly "${dtb}" "${BOOT_DIR}/"
                   fi
                 done
               else
                 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
                   if [ -f "${dtb}" ] ; then
                     install_readonly "${dtb}" "${BOOT_DIR}/"
                   fi
                 done
               fi
               # Copy compiled dtb device tree files
               if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
                 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
                   if [ -f "${dtb}" ] ; then
                     install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
                   fi
                 done
                 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
                   install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
                 fi
               fi
               if [ "$ENABLE_UBOOT" = false ] ; then
                 # Convert and copy kernel image to the boot directory
                 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
               else
                 # Copy kernel image to the boot directory
                 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
               fi
               # Remove kernel sources
               if [ "$KERNEL_REMOVESRC" = true ] ; then
                 rm -fr "${KERNEL_DIR}"
               else
                 # Prepare compiled kernel modules
                 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
                   if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
                     make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
                   fi
                   # Create symlinks for kernel modules
                   chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
                   chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
                 fi
               fi
             else # BUILD_KERNEL=false
               # Kernel installation
               chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
               # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
               chroot_exec apt-get -qq -y install flash-kernel
               # Check if kernel installation was successful
               VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
               if [ -z "$VMLINUZ" ] ; then
                 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
                 cleanup
                 exit 1
               fi
               # Copy vmlinuz kernel to the boot directory
               install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
             fi

bootstrap.d/21-firewall.sh +5 -4

             #
             # Setup Firewall
             #
             # Load utility functions
             . ./functions.sh
             if [ "$ENABLE_IPTABLES" = true ] ; then
               # Create iptables configuration directory
               mkdir -p "${ETC_DIR}/iptables"
-              # make sure iptables-legacy,iptables-legacy-restore and iptables-legacy-save are the used alternatives
+              # make sure iptables-legacy is the used alternatives
-              chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
+              #iptables-save and -restore are slaves of iptables and thus are set accordingly
-              chroot_exec update-alternatives --verbose --set iptables-save /usr/sbin/iptables-legacy-save
+              if ! [ "$RELEASE" = jessie ] ; then
-              chroot_exec update-alternatives --verbose --set iptables-restore /usr/sbin/iptables-legacy-restore
+            	chroot_exec update-alternatives --verbose --set iptables /usr/sbin/iptables-legacy
+              fi
               # Install iptables systemd service
               install_readonly files/iptables/iptables.service "${ETC_DIR}/systemd/system/iptables.service"
               # Install flush-table script called by iptables service
               install_exec files/iptables/flush-iptables.sh "${ETC_DIR}/iptables/flush-iptables.sh"
               # Install iptables rule file
               install_readonly files/iptables/iptables.rules "${ETC_DIR}/iptables/iptables.rules"
               # Reload systemd configuration and enable iptables service
               chroot_exec systemctl daemon-reload
               chroot_exec systemctl enable iptables.service
               if [ "$ENABLE_IPV6" = true ] ; then
                 # Install ip6tables systemd service
                 install_readonly files/iptables/ip6tables.service "${ETC_DIR}/systemd/system/ip6tables.service"
                 # Install ip6tables file
                 install_exec files/iptables/flush-ip6tables.sh "${ETC_DIR}/iptables/flush-ip6tables.sh"
                 install_readonly files/iptables/ip6tables.rules "${ETC_DIR}/iptables/ip6tables.rules"
                 # Reload systemd configuration and enable iptables service
                 chroot_exec systemctl daemon-reload
                 chroot_exec systemctl enable ip6tables.service
               fi
               if [ "$ENABLE_SSHD" = false ] ; then
                # Remove SSHD related iptables rules
                sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/iptables.rules" 2> /dev/null
                sed -i "/^#/! {/SSH/ s/^/# /}" "${ETC_DIR}/iptables/ip6tables.rules" 2> /dev/null
               fi
             fi

bootstrap.d/30-security.sh +2 -2

             #
             # Setup users and security settings
             #
             # Load utility functions
             . ./functions.sh
             # Generate crypt(3) password string
-            ENCRYPTED_PASSWORD=`mkpasswd -m sha-512 "${PASSWORD}"`
+            ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
-            ENCRYPTED_USER_PASSWORD=`mkpasswd -m sha-512 "${USER_PASSWORD}"`
+            ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
             # Setup default user
             if [ "$ENABLE_USER" = true ] ; then
               chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
               chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
             fi
             # Setup root password or not
             if [ "$ENABLE_ROOT" = true ] ; then
               chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
             else
               # Set no root password to disable root login
               chroot_exec usermod -p \'!\' root
             fi
             # Enable serial console systemd style
             if [ "$ENABLE_CONSOLE" = true ] ; then
               chroot_exec systemctl enable serial-getty\@ttyAMA0.service
             fi

bootstrap.d/32-sshd.sh +6 -6

             #
             # Setup SSH settings and public keys
             #
             # Load utility functions
             . ./functions.sh
             if [ "$ENABLE_SSHD" = true ] ; then
               DROPBEAR_ARGS=""
               if [ "$SSH_ENABLE_ROOT" = false ] ; then
                 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                   # User root is not allowed to log in
                   sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin no|g" "${ETC_DIR}/ssh/sshd_config"
                 else
                   # User root is not allowed to log in
                   DROPBEAR_ARGS="-w"
                 fi
               fi
               if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
                 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                   # Permit SSH root login
                   sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" "${ETC_DIR}/ssh/sshd_config"
                 else
                   # Permit SSH root login
                   DROPBEAR_ARGS=""
                 fi
                 # Add SSH (v2) public key for user root
-                if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then
+                if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
                   # Create root SSH config directory
                   mkdir -p "${R}/root/.ssh"
                   # Set permissions of root SSH config directory
                   chroot_exec chmod 700 "/root/.ssh"
                   chroot_exec chown root:root "/root/.ssh"
                   # Add SSH (v2) public key(s) to authorized_keys file
                   cat "$SSH_ROOT_PUB_KEY" >> "${R}/root/.ssh/authorized_keys"
                   # Set permissions of root SSH authorized_keys file
                   chroot_exec chmod 600 "/root/.ssh/authorized_keys"
                   chroot_exec chown root:root "/root/.ssh/authorized_keys"
                   if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                     # Allow SSH public key authentication
                     sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
                   fi
                 fi
               fi
               if [ "$ENABLE_USER" = true ] ; then
                 # Add SSH (v2) public key for user $USER_NAME
-                if [ ! -z "$SSH_USER_PUB_KEY" ] ; then
+                if [ -n "$SSH_USER_PUB_KEY" ] ; then
                   # Create $USER_NAME SSH config directory
                   mkdir -p "${R}/home/${USER_NAME}/.ssh"
                   # Set permissions of $USER_NAME SSH config directory
                   chroot_exec chmod 700 "/home/${USER_NAME}/.ssh"
-                  chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh"
+                  chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh"
                   # Add SSH (v2) public key(s) to authorized_keys file
                   cat "$SSH_USER_PUB_KEY" >> "${R}/home/${USER_NAME}/.ssh/authorized_keys"
                   # Set permissions of $USER_NAME SSH config directory
                   chroot_exec chmod 600 "/home/${USER_NAME}/.ssh/authorized_keys"
-                  chroot_exec chown ${USER_NAME}:${USER_NAME} "/home/${USER_NAME}/.ssh/authorized_keys"
+                  chroot_exec chown "${USER_NAME}":"${USER_NAME}" "/home/${USER_NAME}/.ssh/authorized_keys"
                   if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                     # Allow SSH public key authentication
                     sed -i "s|[#]*PubkeyAuthentication.*|PubkeyAuthentication yes|g" "${ETC_DIR}/ssh/sshd_config"
                   fi
                 fi
               fi
               # Limit the users that are allowed to login via SSH
               if [ "$SSH_LIMIT_USERS" = true ] && [ "$ENABLE_REDUCE" = false ] ; then
                 allowed_users=""
                 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
                   allowed_users="root"
                 fi
                 if [ "$ENABLE_USER" = true ] ; then
                   allowed_users="${allowed_users} ${USER_NAME}"
                 fi
-                if [ ! -z "$allowed_users" ] ; then
+                if [ -n "$allowed_users" ] ; then
                   echo "AllowUsers ${allowed_users}" >> "${ETC_DIR}/ssh/sshd_config"
                 fi
               fi
               # Disable password-based authentication
               if [ "$SSH_DISABLE_PASSWORD_AUTH" = true ] ; then
                 if [ "$ENABLE_ROOT" = true ] && [ "$SSH_ENABLE_ROOT" = true ] ; then
                   if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                     sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin without-password|g" "${ETC_DIR}/ssh/sshd_config"
                   else
                     DROPBEAR_ARGS="-g"
                   fi
                 fi
                 if [ "$ENABLE_REDUCE" = false ] || [ "$REDUCE_SSHD" = false ] ; then
                   sed -i "s|[#]*PasswordAuthentication.*|PasswordAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
                   sed -i "s|[#]*ChallengeResponseAuthentication no.*|ChallengeResponseAuthentication no|g" "${ETC_DIR}/ssh/sshd_config"
                   sed -i "s|[#]*UsePAM.*|UsePAM no|g" "${ETC_DIR}/ssh/sshd_config"
                 else
                   DROPBEAR_ARGS="${DROPBEAR_ARGS} -s"
                 fi
               fi
               # Update dropbear SSH configuration
               if [ "$ENABLE_REDUCE" = true ] && [ "$REDUCE_SSHD" = true ] ; then
                 sed "s|^DROPBEAR_EXTRA_ARGS=.*|DROPBEAR_EXTRA_ARGS=\"${DROPBEAR_ARGS}\"|g" "${ETC_DIR}/default/dropbear"
               fi
-            fi
+            fi
  No newline at end of file

bootstrap.d/41-uboot.sh +1 -1

             #
             # Build and Setup U-Boot
             #
             # Load utility functions
             . ./functions.sh
             # Fetch and build U-Boot bootloader
             if [ "$ENABLE_UBOOT" = true ] ; then
               # Install c/c++ build environment inside the chroot
               chroot_install_cc
               # Copy existing U-Boot sources into chroot directory
               if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
                 # Copy local U-Boot sources
                 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
               else
                 # Create temporary directory for U-Boot sources
                 temp_dir=$(as_nobody mktemp -d)
                 # Fetch U-Boot sources
                 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
                 # Copy downloaded U-Boot sources
                 mv "${temp_dir}/u-boot" "${R}/tmp/"
                 # Set permissions of the U-Boot sources
                 chown -R root:root "${R}/tmp/u-boot"
                 # Remove temporary directory for U-Boot sources
                 rm -fr "${temp_dir}"
               fi
               # Build and install U-Boot inside chroot
-              chroot_exec make -j${KERNEL_THREADS} -C /tmp/u-boot/ ${UBOOT_CONFIG} all
+              chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
               # Copy compiled bootloader binary and set config.txt to load it
               install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
               install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
               printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
               # Install and setup U-Boot command file
               install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
               printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
               if [ "$ENABLE_INITRAMFS" = true ] ; then
                 # Convert generated initramfs for U-Boot using mkimage
                 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
                 # Remove original initramfs file
                 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
                 # Configure U-Boot to load generated initramfs
                 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
                 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
               else # ENABLE_INITRAMFS=false
                 # Remove initramfs from U-Boot mkfile
                 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
                 if [ "$BUILD_KERNEL" = false ] ; then
                   # Remove dtbfile from U-Boot mkfile
                   sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
                   printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
                 else
                   printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
                 fi
               fi
               # Set mkfile to use the correct dtb file
               sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
               # Set mkfile to use the correct mach id
               if [ "$ENABLE_QEMU" = true ] ; then
                 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
               fi
               # Set mkfile to use kernel image
               sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
               # Remove all leading blank lines
               sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
               # Generate U-Boot bootloader image
               chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
               # Remove U-Boot sources
               rm -fr "${R}/tmp/u-boot"
             fi

bootstrap.d/99-reduce.sh +3 -3

             #
             # Reduce system disk usage
             #
             # Load utility functions
             . ./functions.sh
             # Reduce the image size by various operations
             if [ "$ENABLE_REDUCE" = true ] ; then
               if [ "$REDUCE_APT" = true ] ; then
                 # Install dpkg configuration file
                 if [ "$REDUCE_DOC" = true ] || [ "$REDUCE_MAN" = true ] ; then
                   install_readonly files/dpkg/01nodoc "${ETC_DIR}/dpkg/dpkg.cfg.d/01nodoc"
                 fi
                 # Install APT configuration files
                 install_readonly files/apt/02nocache "${ETC_DIR}/apt/apt.conf.d/02nocache"
                 install_readonly files/apt/03compress "${ETC_DIR}/apt/apt.conf.d/03compress"
                 install_readonly files/apt/04norecommends "${ETC_DIR}/apt/apt.conf.d/04norecommends"
                 # Remove APT cache files
                 rm -fr "${R}/var/cache/apt/pkgcache.bin"
                 rm -fr "${R}/var/cache/apt/srcpkgcache.bin"
               fi
               # Remove all doc files
               if [ "$REDUCE_DOC" = true ] ; then
-                find "${R}/usr/share/doc" -depth -type f ! -name copyright | xargs rm || true
+                find "${R}/usr/share/doc" -depth -type f ! -name copyright -print0 | xargs -0 rm || true
-                find "${R}/usr/share/doc" -empty | xargs rmdir || true
+                find "${R}/usr/share/doc" -empty -print0 | xargs -0 rmdir || true
               fi
               # Remove all man pages and info files
               if [ "$REDUCE_MAN" = true ] ; then
                 rm -rf "${R}/usr/share/man" "${R}/usr/share/groff" "${R}/usr/share/info" "${R}/usr/share/lintian" "${R}/usr/share/linda" "${R}/var/cache/man"
               fi
               # Remove all locale translation files
               if [ "$REDUCE_LOCALE" = true ] ; then
-                find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' | xargs rm -r
+                find "${R}/usr/share/locale" -mindepth 1 -maxdepth 1 ! -name 'en' -print0 | xargs -0 rm -r
               fi
               # Remove hwdb PCI device classes (experimental)
               if [ "$REDUCE_HWDB" = true ] ; then
                 rm -fr "/lib/udev/hwdb.d/20-pci-*"
               fi
               # Replace bash shell by dash shell (experimental)
               if [ "$REDUCE_BASH" = true ] ; then
                 if [ "$RELEASE" = "stretch" ] || [ "$RELEASE" = "buster" ] ; then
                   echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --allow-remove-essential bash
                 else
                   echo "Yes, do as I say!" | chroot_exec apt-get purge -qq -y --force-yes bash
                 fi
                 chroot_exec update-alternatives --install /bin/bash bash /bin/dash 100
               fi
               # Remove sound utils and libraries
               if [ "$ENABLE_SOUND" = false ] ; then
                 chroot_exec apt-get -qq -y purge alsa-utils libsamplerate0 libasound2 libasound2-data
               fi
               # Re-install tools for managing kernel modules
               if [ "$RELEASE" = "jessie" ] ; then
                 chroot_exec apt-get -qq -y install module-init-tools
               fi
               # Remove GPU kernels
               if [ "$ENABLE_MINGPU" = true ] ; then
                 rm -f "${BOOT_DIR}/start.elf"
                 rm -f "${BOOT_DIR}/fixup.dat"
                 rm -f "${BOOT_DIR}/start_x.elf"
                 rm -f "${BOOT_DIR}/fixup_x.dat"
               fi
               # Remove kernel and initrd from /boot (already in /boot/firmware)
               if [ "$BUILD_KERNEL" = false ] ; then
                 rm -f "${R}/boot/vmlinuz-*"
                 rm -f "${R}/boot/initrd.img-*"
               fi
               # Clean APT list of repositories
               rm -fr "${R}/var/lib/apt/lists/*"
               chroot_exec apt-get -qq -y update
             fi

files/boot/uboot.mkimage +1 0

             # Set device tree fdtfile
             setenv dtbfile bcm2709-rpi-2-b.dtb
             # Tell Linux that it is booting on a Raspberry Pi2/3
             setenv machid 0x00000c42
             # Save these changes to u-boot's environment
             saveenv
             # Load the existing Linux kernel into RAM
+            mmc dev 0
             fatload mmc 0:1 ${kernel_addr_r} kernel7.img
             fatload mmc 0:1 ${fdt_addr_r} ${dtbfile}
             fatload mmc 0:1 ${ramdisk_addr_r} ${initramfs}
             # Boot the kernel we have just loaded

General Comments 0

Écrire
Preview

Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant

No TODOs yet

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Dépôts
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages