##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

vknecht-master-merge
Jan Wagner -
r68:69e22e063597 Fusion
parent child
Show More
Show file before | Show file after | Hide comments
@@ -150,6 +150,9 password, use only in trusted environments.
150 150 ##### `ENABLE_HARDNET`=false
151 151 Enable IPv4/IPv6 network stack hardening settings.
152 152
153 ##### `ENABLE_SPLITFS`=false
154 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
155
153 156 ##### `CHROOT_SCRIPTS`=""
154 157 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
155 158
@@ -212,3 +215,8 After the image file was successfully created by the `rpi2-gen-image.sh` script
212 215 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
213 216 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
214 217 ```
218 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
219 ```shell
220 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-frmw.img /dev/mmcblk0
221 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-root.img /dev/sdc
222 ```
Show file before | Show file after | Hide comments
@@ -61,7 +61,11 else
61 61 fi
62 62
63 63 # Set up firmware boot cmdline
64 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
64 if [ "$ENABLE_SPLITFS" = true ] ; then
65 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
66 else
67 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
68 fi
65 69
66 70 # Set up serial console support (if requested)
67 71 if [ "$ENABLE_CONSOLE" = true ] ; then
@@ -110,6 +114,9 install_readonly files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-b
110 114
111 115 # Create default fstab
112 116 install_readonly files/mount/fstab $R/etc/fstab
117 if [ "$ENABLE_SPLITFS" = true ] ; then
118 sed -i 's/mmcblk0p2/sda1/' $R/etc/fstab
119 fi
113 120
114 121 # Avoid swapping and increase cache sizes
115 122 install_readonly files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
Show file before | Show file after | Hide comments
@@ -60,7 +60,7 chroot_exec systemctl enable systemd-networkd
60 60
61 61 # Enable network stack hardening
62 62 if [ "$ENABLE_HARDNET" = true ] ; then
63 install_readonly files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
63 install_readonly files/sysctl.d/82-rpi-net-hardening.conf $R/etc/sysctl.d/82-rpi-net-hardening.conf
64 64
65 65 # Enable resolver warnings about spoofed addresses
66 66 cat <<EOM >>$R/etc/host.conf
Show file before | Show file after | Hide comments
@@ -17,8 +17,8 cleanup (){
17 17 umount -l $R/dev/pts 2> /dev/null
18 18 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
19 19 umount "$BUILDDIR/mount" 2> /dev/null
20 losetup -d "$EXT4_LOOP" 2> /dev/null
21 losetup -d "$VFAT_LOOP" 2> /dev/null
20 losetup -d "$ROOT_LOOP" 2> /dev/null
21 losetup -d "$FRMW_LOOP" 2> /dev/null
22 22 trap - 0 1 2 3 6
23 23 }
24 24
Show file before | Show file after | Hide comments
@@ -81,6 +81,7 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
81 81 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
82 82 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
83 83 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
84 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
84 85
85 86 # Kernel compilation settings
86 87 BUILD_KERNEL=${BUILD_KERNEL:=false}
@@ -259,8 +260,8 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
259 260
260 261 # Calculate the amount of needed 512 Byte sectors
261 262 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
262 BOOT_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
263 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS})
263 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
264 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
264 265
265 266 # The root partition is EXT4
266 267 # This means more space than the actual used space of the chroot is used.
@@ -268,37 +269,64 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS})
268 269 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
269 270
270 271 # Calculate required image size in 512 Byte sectors
271 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS} + ${ROOT_SECTORS})
272 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
272 273
273 274 # Prepare date string for image file name
274 275 DATE="$(date +%Y-%m-%d)"
275 276
276 277 # Prepare image file
277 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
278 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
278 if [ "$ENABLE_SPLITFS" = true ] ; then
279 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
280 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
281 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
282 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
283 # Write partition tables
284 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" <<EOM
285 unit: sectors
279 286
280 # Write partition table
281 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
287 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
288 2 : start= 0, size= 0, Id= 0
289 3 : start= 0, size= 0, Id= 0
290 4 : start= 0, size= 0, Id= 0
291 EOM
292 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" <<EOM
293 unit: sectors
294
295 1 : start= ${TABLE_SECTORS}, size= ${ROOT_SECTORS}, Id=83
296 2 : start= 0, size= 0, Id= 0
297 3 : start= 0, size= 0, Id= 0
298 4 : start= 0, size= 0, Id= 0
299 EOM
300 # Set up temporary loop devices
301 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
302 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
303 else
304 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
305 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
306 # Write partition table
307 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
282 308 unit: sectors
283 309
284 1 : start= ${TABLE_SECTORS}, size= ${BOOT_SECTORS}, Id= c, bootable
310 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
285 311 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
286 312 3 : start= 0, size= 0, Id= 0
287 313 4 : start= 0, size= 0, Id= 0
288 314 EOM
315 # Set up temporary loop devices
316 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
317 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
318 fi
289 319
290 # Set up temporary loop devices and build filesystems
291 VFAT_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
292 EXT4_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
293 mkfs.vfat "$VFAT_LOOP"
294 mkfs.ext4 "$EXT4_LOOP"
320 # Build filesystems
321 mkfs.vfat "$FRMW_LOOP"
322 mkfs.ext4 "$ROOT_LOOP"
295 323
296 324 # Mount the temporary loop devices
297 325 mkdir -p "$BUILDDIR/mount"
298 mount "$EXT4_LOOP" "$BUILDDIR/mount"
326 mount "$ROOT_LOOP" "$BUILDDIR/mount"
299 327
300 328 mkdir -p "$BUILDDIR/mount/boot/firmware"
301 mount "$VFAT_LOOP" "$BUILDDIR/mount/boot/firmware"
329 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
302 330
303 331 # Copy all files from the chroot to the loop device mount point directory
304 332 rsync -a "$R/" "$BUILDDIR/mount/"
@@ -306,8 +334,19 rsync -a "$R/" "$BUILDDIR/mount/"
306 334 # Unmount all temporary loop devices and mount points
307 335 cleanup
308 336
309 # Create block map file for "bmaptool"
310 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
337 # Create block map file(s) of image(s)
338 if [ "$ENABLE_SPLITFS" = true ] ; then
339 # Create block map files for "bmaptool"
340 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
341 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
311 342
312 # Image was successfully created
313 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img (${IMAGE_SIZE})" ": successfully created"
343 # Image was successfully created
344 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
345 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr ${TABLE_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
346 else
347 # Create block map file for "bmaptool"
348 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
349
350 # Image was successfully created
351 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
352 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant