##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

Added: Configuration template file support (testing)
drtyhlpr -
r117:6c18469854f3
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,2
1 # Configuration template file used by rpi23-gen-image.sh
2 RELEASE=jessie
Show file before | Show file after | Hide comments
@@ -0,0 +1,3
1 # Configuration template file used by rpi23-gen-image.sh
2 RELEASE=stretch
3 BUILD_KERNEL=true
Show file before | Show file after | Hide comments
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3
3 RELEASE=jessie
4 BUILD_KERNEL=true
Show file before | Show file after | Hide comments
@@ -0,0 +1,4
1 # Configuration template file used by rpi23-gen-image.sh
2 RPI_MODEL=3
3 RELEASE=stretch
4 BUILD_KERNEL=true
Show file before | Show file after | Hide comments
@@ -1,44 +1,55
1 # This file contains utility functions used by rpi23-gen-image.sh
1 # This file contains utility functions used by rpi23-gen-image.sh
2
2
3 cleanup (){
3 cleanup (){
4 set +x
4 set +x
5 set +e
5 set +e
6
6
7 # Identify and kill all processes still using files
7 # Identify and kill all processes still using files
8 echo "killing processes using mount point ..."
8 echo "killing processes using mount point ..."
9 fuser -k "${R}"
9 fuser -k "${R}"
10 sleep 3
10 sleep 3
11 fuser -9 -k -v "${R}"
11 fuser -9 -k -v "${R}"
12
12
13 # Clean up temporary .password file
13 # Clean up temporary .password file
14 if [ -r ".password" ] ; then
14 if [ -r ".password" ] ; then
15 shred -zu .password
15 shred -zu .password
16 fi
16 fi
17
17
18 # Clean up all temporary mount points
18 # Clean up all temporary mount points
19 echo "removing temporary mount points ..."
19 echo "removing temporary mount points ..."
20 umount -l "${R}/proc" 2> /dev/null
20 umount -l "${R}/proc" 2> /dev/null
21 umount -l "${R}/sys" 2> /dev/null
21 umount -l "${R}/sys" 2> /dev/null
22 umount -l "${R}/dev/pts" 2> /dev/null
22 umount -l "${R}/dev/pts" 2> /dev/null
23 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
23 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
24 umount "$BUILDDIR/mount" 2> /dev/null
24 umount "$BUILDDIR/mount" 2> /dev/null
25 cryptsetup close "${CRYPTFS_MAPPING}" 2> /dev/null
25 cryptsetup close "${CRYPTFS_MAPPING}" 2> /dev/null
26 losetup -d "$ROOT_LOOP" 2> /dev/null
26 losetup -d "$ROOT_LOOP" 2> /dev/null
27 losetup -d "$FRMW_LOOP" 2> /dev/null
27 losetup -d "$FRMW_LOOP" 2> /dev/null
28 trap - 0 1 2 3 6
28 trap - 0 1 2 3 6
29 }
29 }
30
30
31 chroot_exec() {
31 chroot_exec() {
32 # Exec command in chroot
32 # Exec command in chroot
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot ${R} $*
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot ${R} $*
34 }
34 }
35
35
36 install_readonly() {
36 install_readonly() {
37 # Install file with user read-only permissions
37 # Install file with user read-only permissions
38 install -o root -g root -m 644 $*
38 install -o root -g root -m 644 $*
39 }
39 }
40
40
41 install_exec() {
41 install_exec() {
42 # Install file with root exec permissions
42 # Install file with root exec permissions
43 install -o root -g root -m 744 $*
43 install -o root -g root -m 744 $*
44 }
44 }
45
46 use_template () {
47 # Test if configuration template file exists
48 if [ ! -r "./templates/${CONFIG_TEMPLATE}" ] ; then
49 echo "error: configuration template ${CONFIG_TEMPLATE} not found"
50 exit 1
51 fi
52
53 # Load template configuration parameters
54 . "./templates/${CONFIG_TEMPLATE}"
55 }
Show file before | Show file after | Hide comments
@@ -1,576 +1,581
1 #!/bin/sh
1 #!/bin/sh
2
2
3 ########################################################################
3 ########################################################################
4 # rpi23-gen-image.sh 2015-2016
4 # rpi23-gen-image.sh 2015-2016
5 #
5 #
6 # Advanced Debian "jessie" and "stretch" bootstrap script for RPi2/3
6 # Advanced Debian "jessie" and "stretch" bootstrap script for RPi2/3
7 #
7 #
8 # This program is free software; you can redistribute it and/or
8 # This program is free software; you can redistribute it and/or
9 # modify it under the terms of the GNU General Public License
9 # modify it under the terms of the GNU General Public License
10 # as published by the Free Software Foundation; either version 2
10 # as published by the Free Software Foundation; either version 2
11 # of the License, or (at your option) any later version.
11 # of the License, or (at your option) any later version.
12 #
12 #
13 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
14 #
14 #
15 # Big thanks for patches and enhancements by 10+ github contributors!
15 # Big thanks for patches and enhancements by 10+ github contributors!
16 ########################################################################
16 ########################################################################
17
17
18 # Are we running as root?
18 # Are we running as root?
19 if [ "$(id -u)" -ne "0" ] ; then
19 if [ "$(id -u)" -ne "0" ] ; then
20 echo "error: this script must be executed with root privileges!"
20 echo "error: this script must be executed with root privileges!"
21 exit 1
21 exit 1
22 fi
22 fi
23
23
24 # Check if ./functions.sh script exists
24 # Check if ./functions.sh script exists
25 if [ ! -r "./functions.sh" ] ; then
25 if [ ! -r "./functions.sh" ] ; then
26 echo "error: './functions.sh' required script not found!"
26 echo "error: './functions.sh' required script not found!"
27 exit 1
27 exit 1
28 fi
28 fi
29
29
30 # Load utility functions
30 # Load utility functions
31 . ./functions.sh
31 . ./functions.sh
32
32
33 # Load parameters from configuration template file
34 if [ ! -z "$CONFIG_TEMPLATE" ] ; then
35 use_template
36 fi
37
33 # Introduce settings
38 # Introduce settings
34 set -e
39 set -e
35 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
40 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
36 set -x
41 set -x
37
42
38 # Raspberry Pi model configuration
43 # Raspberry Pi model configuration
39 RPI_MODEL=${RPI_MODEL:=2}
44 RPI_MODEL=${RPI_MODEL:=2}
40 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb}
45 RPI2_DTB_FILE=${RPI2_DTB_FILE:=bcm2709-rpi-2-b.dtb}
41 RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig}
46 RPI2_UBOOT_CONFIG=${RPI2_UBOOT_CONFIG:=rpi_2_defconfig}
42 RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb}
47 RPI3_DTB_FILE=${RPI3_DTB_FILE:=bcm2710-rpi-3-b.dtb}
43 RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig}
48 RPI3_UBOOT_CONFIG=${RPI3_UBOOT_CONFIG:=rpi_3_32b_defconfig}
44
49
45 # Debian release
50 # Debian release
46 RELEASE=${RELEASE:=jessie}
51 RELEASE=${RELEASE:=jessie}
47 KERNEL_ARCH=${KERNEL_ARCH:=arm}
52 KERNEL_ARCH=${KERNEL_ARCH:=arm}
48 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
53 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
49 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
54 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
50 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
55 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
51 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
56 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
52 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
57 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
53 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
58 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
54
59
55 # URLs
60 # URLs
56 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
61 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
57 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
62 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
58 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm80211/brcm}
63 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm80211/brcm}
59 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
64 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
60 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
65 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
61 UBOOT_URL=${UBOOT_URL:=git://git.denx.de/u-boot.git}
66 UBOOT_URL=${UBOOT_URL:=git://git.denx.de/u-boot.git}
62
67
63 # Build directories
68 # Build directories
64 BASEDIR="$(pwd)/images/${RELEASE}"
69 BASEDIR="$(pwd)/images/${RELEASE}"
65 BUILDDIR="${BASEDIR}/build"
70 BUILDDIR="${BASEDIR}/build"
66
71
67 # Chroot directories
72 # Chroot directories
68 R="${BUILDDIR}/chroot"
73 R="${BUILDDIR}/chroot"
69 ETC_DIR="${R}/etc"
74 ETC_DIR="${R}/etc"
70 LIB_DIR="${R}/lib"
75 LIB_DIR="${R}/lib"
71 BOOT_DIR="${R}/boot/firmware"
76 BOOT_DIR="${R}/boot/firmware"
72 KERNEL_DIR="${R}/usr/src/linux"
77 KERNEL_DIR="${R}/usr/src/linux"
73 WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
78 WLAN_FIRMWARE_DIR="${R}/lib/firmware/brcm"
74
79
75 # Firmware directory: Blank if download from github
80 # Firmware directory: Blank if download from github
76 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
81 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
77
82
78 # General settings
83 # General settings
79 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
84 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
80 PASSWORD=${PASSWORD:=raspberry}
85 PASSWORD=${PASSWORD:=raspberry}
81 USER_PASSWORD=${USER_PASSWORD:=raspberry}
86 USER_PASSWORD=${USER_PASSWORD:=raspberry}
82 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
87 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
83 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
88 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
84 EXPANDROOT=${EXPANDROOT:=true}
89 EXPANDROOT=${EXPANDROOT:=true}
85
90
86 # Keyboard settings
91 # Keyboard settings
87 XKB_MODEL=${XKB_MODEL:=""}
92 XKB_MODEL=${XKB_MODEL:=""}
88 XKB_LAYOUT=${XKB_LAYOUT:=""}
93 XKB_LAYOUT=${XKB_LAYOUT:=""}
89 XKB_VARIANT=${XKB_VARIANT:=""}
94 XKB_VARIANT=${XKB_VARIANT:=""}
90 XKB_OPTIONS=${XKB_OPTIONS:=""}
95 XKB_OPTIONS=${XKB_OPTIONS:=""}
91
96
92 # Network settings (DHCP)
97 # Network settings (DHCP)
93 ENABLE_DHCP=${ENABLE_DHCP:=true}
98 ENABLE_DHCP=${ENABLE_DHCP:=true}
94
99
95 # Network settings (static)
100 # Network settings (static)
96 NET_ADDRESS=${NET_ADDRESS:=""}
101 NET_ADDRESS=${NET_ADDRESS:=""}
97 NET_GATEWAY=${NET_GATEWAY:=""}
102 NET_GATEWAY=${NET_GATEWAY:=""}
98 NET_DNS_1=${NET_DNS_1:=""}
103 NET_DNS_1=${NET_DNS_1:=""}
99 NET_DNS_2=${NET_DNS_2:=""}
104 NET_DNS_2=${NET_DNS_2:=""}
100 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
105 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
101 NET_NTP_1=${NET_NTP_1:=""}
106 NET_NTP_1=${NET_NTP_1:=""}
102 NET_NTP_2=${NET_NTP_2:=""}
107 NET_NTP_2=${NET_NTP_2:=""}
103
108
104 # APT settings
109 # APT settings
105 APT_PROXY=${APT_PROXY:=""}
110 APT_PROXY=${APT_PROXY:=""}
106 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
111 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
107
112
108 # Feature settings
113 # Feature settings
109 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
114 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
110 ENABLE_IPV6=${ENABLE_IPV6:=true}
115 ENABLE_IPV6=${ENABLE_IPV6:=true}
111 ENABLE_SSHD=${ENABLE_SSHD:=true}
116 ENABLE_SSHD=${ENABLE_SSHD:=true}
112 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
117 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
113 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
118 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
114 ENABLE_SOUND=${ENABLE_SOUND:=true}
119 ENABLE_SOUND=${ENABLE_SOUND:=true}
115 ENABLE_DBUS=${ENABLE_DBUS:=true}
120 ENABLE_DBUS=${ENABLE_DBUS:=true}
116 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
121 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
117 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
122 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
118 ENABLE_XORG=${ENABLE_XORG:=false}
123 ENABLE_XORG=${ENABLE_XORG:=false}
119 ENABLE_WM=${ENABLE_WM:=""}
124 ENABLE_WM=${ENABLE_WM:=""}
120 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
125 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
121 ENABLE_USER=${ENABLE_USER:=true}
126 ENABLE_USER=${ENABLE_USER:=true}
122 USER_NAME=${USER_NAME:="pi"}
127 USER_NAME=${USER_NAME:="pi"}
123 ENABLE_ROOT=${ENABLE_ROOT:=false}
128 ENABLE_ROOT=${ENABLE_ROOT:=false}
124 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
129 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
125
130
126 # Advanced settings
131 # Advanced settings
127 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
132 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
128 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
133 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
129 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
134 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
130 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
135 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
131 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
136 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
132 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
137 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
133 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
138 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
134 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
139 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
135 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
140 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
136
141
137 # Kernel compilation settings
142 # Kernel compilation settings
138 BUILD_KERNEL=${BUILD_KERNEL:=false}
143 BUILD_KERNEL=${BUILD_KERNEL:=false}
139 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
144 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
140 KERNEL_THREADS=${KERNEL_THREADS:=1}
145 KERNEL_THREADS=${KERNEL_THREADS:=1}
141 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
146 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
142 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
147 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
143 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
148 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
144
149
145 # Kernel compilation from source directory settings
150 # Kernel compilation from source directory settings
146 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
151 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
147 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
152 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
148 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
153 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
149 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
154 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
150
155
151 # Reduce disk usage settings
156 # Reduce disk usage settings
152 REDUCE_APT=${REDUCE_APT:=true}
157 REDUCE_APT=${REDUCE_APT:=true}
153 REDUCE_DOC=${REDUCE_DOC:=true}
158 REDUCE_DOC=${REDUCE_DOC:=true}
154 REDUCE_MAN=${REDUCE_MAN:=true}
159 REDUCE_MAN=${REDUCE_MAN:=true}
155 REDUCE_VIM=${REDUCE_VIM:=false}
160 REDUCE_VIM=${REDUCE_VIM:=false}
156 REDUCE_BASH=${REDUCE_BASH:=false}
161 REDUCE_BASH=${REDUCE_BASH:=false}
157 REDUCE_HWDB=${REDUCE_HWDB:=true}
162 REDUCE_HWDB=${REDUCE_HWDB:=true}
158 REDUCE_SSHD=${REDUCE_SSHD:=true}
163 REDUCE_SSHD=${REDUCE_SSHD:=true}
159 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
164 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
160
165
161 # Encrypted filesystem settings
166 # Encrypted filesystem settings
162 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
167 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
163 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
168 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
164 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
169 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
165 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
170 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
166 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
171 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
167
172
168 # Stop the Crypto Wars
173 # Stop the Crypto Wars
169 DISABLE_FBI=${DISABLE_FBI:=false}
174 DISABLE_FBI=${DISABLE_FBI:=false}
170
175
171 # Chroot scripts directory
176 # Chroot scripts directory
172 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
177 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
173
178
174 # Packages required in the chroot build environment
179 # Packages required in the chroot build environment
175 APT_INCLUDES=${APT_INCLUDES:=""}
180 APT_INCLUDES=${APT_INCLUDES:=""}
176 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils"
181 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils"
177
182
178 # Packages required for bootstrapping
183 # Packages required for bootstrapping
179 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc"
184 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc"
180 MISSING_PACKAGES=""
185 MISSING_PACKAGES=""
181
186
182 set +x
187 set +x
183
188
184 # Set Raspberry Pi model specific configuration
189 # Set Raspberry Pi model specific configuration
185 if [ "$RPI_MODEL" = 2 ] ; then
190 if [ "$RPI_MODEL" = 2 ] ; then
186 DTB_FILE=${RPI2_DTB_FILE}
191 DTB_FILE=${RPI2_DTB_FILE}
187 UBOOT_CONFIG=${RPI2_UBOOT_CONFIG}
192 UBOOT_CONFIG=${RPI2_UBOOT_CONFIG}
188 elif [ "$RPI_MODEL" = 3 ] ; then
193 elif [ "$RPI_MODEL" = 3 ] ; then
189 DTB_FILE=${RPI3_DTB_FILE}
194 DTB_FILE=${RPI3_DTB_FILE}
190 UBOOT_CONFIG=${RPI3_UBOOT_CONFIG}
195 UBOOT_CONFIG=${RPI3_UBOOT_CONFIG}
191 BUILD_KERNEL=true
196 BUILD_KERNEL=true
192 else
197 else
193 echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!"
198 echo "error: Raspberry Pi model ${RPI_MODEL} is not supported!"
194 exit 1
199 exit 1
195 fi
200 fi
196
201
197 # Check if the internal wireless interface is supported by the RPi model
202 # Check if the internal wireless interface is supported by the RPi model
198 if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" != 3 ] ; then
203 if [ "$ENABLE_WIRELESS" = true ] && [ "$RPI_MODEL" != 3 ] ; then
199 echo "error: The selected Raspberry Pi model has no internal wireless interface"
204 echo "error: The selected Raspberry Pi model has no internal wireless interface"
200 exit 1
205 exit 1
201 fi
206 fi
202
207
203 # Set compiler packages and build RPi2/3 Linux kernel if required by Debian release
208 # Set compiler packages and build RPi2/3 Linux kernel if required by Debian release
204 if [ "$RELEASE" = "jessie" ] ; then
209 if [ "$RELEASE" = "jessie" ] ; then
205 COMPILER_PACKAGES="linux-compiler-gcc-4.8-arm g++ make bc"
210 COMPILER_PACKAGES="linux-compiler-gcc-4.8-arm g++ make bc"
206 elif [ "$RELEASE" = "stretch" ] ; then
211 elif [ "$RELEASE" = "stretch" ] ; then
207 COMPILER_PACKAGES="linux-compiler-gcc-5-arm g++ make bc"
212 COMPILER_PACKAGES="linux-compiler-gcc-5-arm g++ make bc"
208 BUILD_KERNEL=true
213 BUILD_KERNEL=true
209 else
214 else
210 echo "error: Debian release ${RELEASE} is not supported!"
215 echo "error: Debian release ${RELEASE} is not supported!"
211 exit 1
216 exit 1
212 fi
217 fi
213
218
214 # Add packages required for kernel cross compilation
219 # Add packages required for kernel cross compilation
215 if [ "$BUILD_KERNEL" = true ] ; then
220 if [ "$BUILD_KERNEL" = true ] ; then
216 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
221 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
217 fi
222 fi
218
223
219 # Add libncurses5 to enable kernel menuconfig
224 # Add libncurses5 to enable kernel menuconfig
220 if [ "$KERNEL_MENUCONFIG" = true ] ; then
225 if [ "$KERNEL_MENUCONFIG" = true ] ; then
221 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
226 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses5-dev"
222 fi
227 fi
223
228
224 # Stop the Crypto Wars
229 # Stop the Crypto Wars
225 if [ "$DISABLE_FBI" = true ] ; then
230 if [ "$DISABLE_FBI" = true ] ; then
226 ENABLE_CRYPTFS=true
231 ENABLE_CRYPTFS=true
227 fi
232 fi
228
233
229 # Add cryptsetup package to enable filesystem encryption
234 # Add cryptsetup package to enable filesystem encryption
230 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
235 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
231 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
236 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
232 APT_INCLUDES="${APT_INCLUDES},cryptsetup"
237 APT_INCLUDES="${APT_INCLUDES},cryptsetup"
233
238
234 if [ -z "$CRYPTFS_PASSWORD" ] ; then
239 if [ -z "$CRYPTFS_PASSWORD" ] ; then
235 echo "error: no password defined (CRYPTFS_PASSWORD)!"
240 echo "error: no password defined (CRYPTFS_PASSWORD)!"
236 exit 1
241 exit 1
237 fi
242 fi
238 ENABLE_INITRAMFS=true
243 ENABLE_INITRAMFS=true
239 fi
244 fi
240
245
241 # Add initramfs generation tools
246 # Add initramfs generation tools
242 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
247 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
243 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
248 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
244 fi
249 fi
245
250
246 # Add device-tree-compiler required for building the U-Boot bootloader
251 # Add device-tree-compiler required for building the U-Boot bootloader
247 if [ "$ENABLE_UBOOT" = true ] ; then
252 if [ "$ENABLE_UBOOT" = true ] ; then
248 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
253 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler"
249 fi
254 fi
250
255
251 # Check if all required packages are installed on the build system
256 # Check if all required packages are installed on the build system
252 for package in $REQUIRED_PACKAGES ; do
257 for package in $REQUIRED_PACKAGES ; do
253 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
258 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
254 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
259 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
255 fi
260 fi
256 done
261 done
257
262
258 # If there are missing packages ask confirmation for install, or exit
263 # If there are missing packages ask confirmation for install, or exit
259 if [ -n "$MISSING_PACKAGES" ] ; then
264 if [ -n "$MISSING_PACKAGES" ] ; then
260 echo "the following packages needed by this script are not installed:"
265 echo "the following packages needed by this script are not installed:"
261 echo "$MISSING_PACKAGES"
266 echo "$MISSING_PACKAGES"
262
267
263 echo -n "\ndo you want to install the missing packages right now? [y/n] "
268 echo -n "\ndo you want to install the missing packages right now? [y/n] "
264 read confirm
269 read confirm
265 [ "$confirm" != "y" ] && exit 1
270 [ "$confirm" != "y" ] && exit 1
266
271
267 # Make sure all missing required packages are installed
272 # Make sure all missing required packages are installed
268 apt-get -qq -y install ${MISSING_PACKAGES}
273 apt-get -qq -y install ${MISSING_PACKAGES}
269 fi
274 fi
270
275
271 # Check if ./bootstrap.d directory exists
276 # Check if ./bootstrap.d directory exists
272 if [ ! -d "./bootstrap.d/" ] ; then
277 if [ ! -d "./bootstrap.d/" ] ; then
273 echo "error: './bootstrap.d' required directory not found!"
278 echo "error: './bootstrap.d' required directory not found!"
274 exit 1
279 exit 1
275 fi
280 fi
276
281
277 # Check if ./files directory exists
282 # Check if ./files directory exists
278 if [ ! -d "./files/" ] ; then
283 if [ ! -d "./files/" ] ; then
279 echo "error: './files' required directory not found!"
284 echo "error: './files' required directory not found!"
280 exit 1
285 exit 1
281 fi
286 fi
282
287
283 # Check if specified KERNELSRC_DIR directory exists
288 # Check if specified KERNELSRC_DIR directory exists
284 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
289 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
285 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
290 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
286 exit 1
291 exit 1
287 fi
292 fi
288
293
289 # Check if specified CHROOT_SCRIPTS directory exists
294 # Check if specified CHROOT_SCRIPTS directory exists
290 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
295 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
291 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
296 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
292 exit 1
297 exit 1
293 fi
298 fi
294
299
295 # Check if specified device mapping already exists (will be used by cryptsetup)
300 # Check if specified device mapping already exists (will be used by cryptsetup)
296 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
301 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
297 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
302 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
298 exit 1
303 exit 1
299 fi
304 fi
300
305
301 # Don't clobber an old build
306 # Don't clobber an old build
302 if [ -e "$BUILDDIR" ] ; then
307 if [ -e "$BUILDDIR" ] ; then
303 echo "error: directory ${BUILDDIR} already exists, not proceeding"
308 echo "error: directory ${BUILDDIR} already exists, not proceeding"
304 exit 1
309 exit 1
305 fi
310 fi
306
311
307 # Setup chroot directory
312 # Setup chroot directory
308 mkdir -p "${R}"
313 mkdir -p "${R}"
309
314
310 # Check if build directory has enough of free disk space >512MB
315 # Check if build directory has enough of free disk space >512MB
311 if [ "$(df --output=avail ${BUILDDIR} | sed "1d")" -le "524288" ] ; then
316 if [ "$(df --output=avail ${BUILDDIR} | sed "1d")" -le "524288" ] ; then
312 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
317 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
313 exit 1
318 exit 1
314 fi
319 fi
315
320
316 set -x
321 set -x
317
322
318 # Call "cleanup" function on various signals and errors
323 # Call "cleanup" function on various signals and errors
319 trap cleanup 0 1 2 3 6
324 trap cleanup 0 1 2 3 6
320
325
321 # Add required packages for the minbase installation
326 # Add required packages for the minbase installation
322 if [ "$ENABLE_MINBASE" = true ] ; then
327 if [ "$ENABLE_MINBASE" = true ] ; then
323 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
328 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
324 fi
329 fi
325
330
326 # Add required locales packages
331 # Add required locales packages
327 if [ "$DEFLOCAL" != "en_US.UTF-8" ] ; then
332 if [ "$DEFLOCAL" != "en_US.UTF-8" ] ; then
328 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
333 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
329 fi
334 fi
330
335
331 # Add parted package, required to get partprobe utility
336 # Add parted package, required to get partprobe utility
332 if [ "$EXPANDROOT" = true ] ; then
337 if [ "$EXPANDROOT" = true ] ; then
333 APT_INCLUDES="${APT_INCLUDES},parted"
338 APT_INCLUDES="${APT_INCLUDES},parted"
334 fi
339 fi
335
340
336 # Add dbus package, recommended if using systemd
341 # Add dbus package, recommended if using systemd
337 if [ "$ENABLE_DBUS" = true ] ; then
342 if [ "$ENABLE_DBUS" = true ] ; then
338 APT_INCLUDES="${APT_INCLUDES},dbus"
343 APT_INCLUDES="${APT_INCLUDES},dbus"
339 fi
344 fi
340
345
341 # Add iptables IPv4/IPv6 package
346 # Add iptables IPv4/IPv6 package
342 if [ "$ENABLE_IPTABLES" = true ] ; then
347 if [ "$ENABLE_IPTABLES" = true ] ; then
343 APT_INCLUDES="${APT_INCLUDES},iptables"
348 APT_INCLUDES="${APT_INCLUDES},iptables"
344 fi
349 fi
345
350
346 # Add openssh server package
351 # Add openssh server package
347 if [ "$ENABLE_SSHD" = true ] ; then
352 if [ "$ENABLE_SSHD" = true ] ; then
348 APT_INCLUDES="${APT_INCLUDES},openssh-server"
353 APT_INCLUDES="${APT_INCLUDES},openssh-server"
349 fi
354 fi
350
355
351 # Add alsa-utils package
356 # Add alsa-utils package
352 if [ "$ENABLE_SOUND" = true ] ; then
357 if [ "$ENABLE_SOUND" = true ] ; then
353 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
358 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
354 fi
359 fi
355
360
356 # Add rng-tools package
361 # Add rng-tools package
357 if [ "$ENABLE_HWRANDOM" = true ] ; then
362 if [ "$ENABLE_HWRANDOM" = true ] ; then
358 APT_INCLUDES="${APT_INCLUDES},rng-tools"
363 APT_INCLUDES="${APT_INCLUDES},rng-tools"
359 fi
364 fi
360
365
361 # Add fbturbo video driver
366 # Add fbturbo video driver
362 if [ "$ENABLE_FBTURBO" = true ] ; then
367 if [ "$ENABLE_FBTURBO" = true ] ; then
363 # Enable xorg package dependencies
368 # Enable xorg package dependencies
364 ENABLE_XORG=true
369 ENABLE_XORG=true
365 fi
370 fi
366
371
367 # Add user defined window manager package
372 # Add user defined window manager package
368 if [ -n "$ENABLE_WM" ] ; then
373 if [ -n "$ENABLE_WM" ] ; then
369 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
374 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
370
375
371 # Enable xorg package dependencies
376 # Enable xorg package dependencies
372 ENABLE_XORG=true
377 ENABLE_XORG=true
373 fi
378 fi
374
379
375 # Add xorg package
380 # Add xorg package
376 if [ "$ENABLE_XORG" = true ] ; then
381 if [ "$ENABLE_XORG" = true ] ; then
377 APT_INCLUDES="${APT_INCLUDES},xorg"
382 APT_INCLUDES="${APT_INCLUDES},xorg"
378 fi
383 fi
379
384
380 # Replace selected packages with smaller clones
385 # Replace selected packages with smaller clones
381 if [ "$ENABLE_REDUCE" = true ] ; then
386 if [ "$ENABLE_REDUCE" = true ] ; then
382 # Add levee package instead of vim-tiny
387 # Add levee package instead of vim-tiny
383 if [ "$REDUCE_VIM" = true ] ; then
388 if [ "$REDUCE_VIM" = true ] ; then
384 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
389 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
385 fi
390 fi
386
391
387 # Add dropbear package instead of openssh-server
392 # Add dropbear package instead of openssh-server
388 if [ "$REDUCE_SSHD" = true ] ; then
393 if [ "$REDUCE_SSHD" = true ] ; then
389 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")"
394 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")"
390 fi
395 fi
391 fi
396 fi
392
397
393 # Configure kernel sources if no KERNELSRC_DIR
398 # Configure kernel sources if no KERNELSRC_DIR
394 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
399 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
395 KERNELSRC_CONFIG=true
400 KERNELSRC_CONFIG=true
396 fi
401 fi
397
402
398 # Configure reduced kernel
403 # Configure reduced kernel
399 if [ "$KERNEL_REDUCE" = true ] ; then
404 if [ "$KERNEL_REDUCE" = true ] ; then
400 KERNELSRC_CONFIG=false
405 KERNELSRC_CONFIG=false
401 fi
406 fi
402
407
403 # Execute bootstrap scripts
408 # Execute bootstrap scripts
404 for SCRIPT in bootstrap.d/*.sh; do
409 for SCRIPT in bootstrap.d/*.sh; do
405 head -n 3 "$SCRIPT"
410 head -n 3 "$SCRIPT"
406 . "$SCRIPT"
411 . "$SCRIPT"
407 done
412 done
408
413
409 ## Execute custom bootstrap scripts
414 ## Execute custom bootstrap scripts
410 if [ -d "custom.d" ] ; then
415 if [ -d "custom.d" ] ; then
411 for SCRIPT in custom.d/*.sh; do
416 for SCRIPT in custom.d/*.sh; do
412 . "$SCRIPT"
417 . "$SCRIPT"
413 done
418 done
414 fi
419 fi
415
420
416 # Execute custom scripts inside the chroot
421 # Execute custom scripts inside the chroot
417 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
422 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
418 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
423 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
419 chroot_exec /bin/bash -x <<'EOF'
424 chroot_exec /bin/bash -x <<'EOF'
420 for SCRIPT in /chroot_scripts/* ; do
425 for SCRIPT in /chroot_scripts/* ; do
421 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
426 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
422 $SCRIPT
427 $SCRIPT
423 fi
428 fi
424 done
429 done
425 EOF
430 EOF
426 rm -rf "${R}/chroot_scripts"
431 rm -rf "${R}/chroot_scripts"
427 fi
432 fi
428
433
429 # Remove apt-utils
434 # Remove apt-utils
430 if [ "$RELEASE" = "jessie" ] ; then
435 if [ "$RELEASE" = "jessie" ] ; then
431 chroot_exec apt-get purge -qq -y --force-yes apt-utils
436 chroot_exec apt-get purge -qq -y --force-yes apt-utils
432 fi
437 fi
433
438
434 # Generate required machine-id
439 # Generate required machine-id
435 MACHINE_ID=$(dbus-uuidgen)
440 MACHINE_ID=$(dbus-uuidgen)
436 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
441 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
437 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
442 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
438
443
439 # APT Cleanup
444 # APT Cleanup
440 chroot_exec apt-get -y clean
445 chroot_exec apt-get -y clean
441 chroot_exec apt-get -y autoclean
446 chroot_exec apt-get -y autoclean
442 chroot_exec apt-get -y autoremove
447 chroot_exec apt-get -y autoremove
443
448
444 # Unmount mounted filesystems
449 # Unmount mounted filesystems
445 umount -l "${R}/proc"
450 umount -l "${R}/proc"
446 umount -l "${R}/sys"
451 umount -l "${R}/sys"
447
452
448 # Clean up directories
453 # Clean up directories
449 rm -rf "${R}/run/*"
454 rm -rf "${R}/run/*"
450 rm -rf "${R}/tmp/*"
455 rm -rf "${R}/tmp/*"
451
456
452 # Clean up files
457 # Clean up files
453 rm -f "${ETC_DIR}/ssh/ssh_host_*"
458 rm -f "${ETC_DIR}/ssh/ssh_host_*"
454 rm -f "${ETC_DIR}/dropbear/dropbear_*"
459 rm -f "${ETC_DIR}/dropbear/dropbear_*"
455 rm -f "${ETC_DIR}/apt/sources.list.save"
460 rm -f "${ETC_DIR}/apt/sources.list.save"
456 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
461 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
457 rm -f "${ETC_DIR}/*-"
462 rm -f "${ETC_DIR}/*-"
458 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
463 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
459 rm -f "${ETC_DIR}/resolv.conf"
464 rm -f "${ETC_DIR}/resolv.conf"
460 rm -f "${R}/root/.bash_history"
465 rm -f "${R}/root/.bash_history"
461 rm -f "${R}/var/lib/urandom/random-seed"
466 rm -f "${R}/var/lib/urandom/random-seed"
462 rm -f "${R}/initrd.img"
467 rm -f "${R}/initrd.img"
463 rm -f "${R}/vmlinuz"
468 rm -f "${R}/vmlinuz"
464 rm -f "${R}${QEMU_BINARY}"
469 rm -f "${R}${QEMU_BINARY}"
465
470
466 # Calculate size of the chroot directory in KB
471 # Calculate size of the chroot directory in KB
467 CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`)
472 CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`)
468
473
469 # Calculate the amount of needed 512 Byte sectors
474 # Calculate the amount of needed 512 Byte sectors
470 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
475 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
471 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
476 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
472 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
477 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
473
478
474 # The root partition is EXT4
479 # The root partition is EXT4
475 # This means more space than the actual used space of the chroot is used.
480 # This means more space than the actual used space of the chroot is used.
476 # As overhead for journaling and reserved blocks 25% are added.
481 # As overhead for journaling and reserved blocks 25% are added.
477 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 25) \* 1024 \/ 512)
482 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 25) \* 1024 \/ 512)
478
483
479 # Calculate required image size in 512 Byte sectors
484 # Calculate required image size in 512 Byte sectors
480 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
485 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
481
486
482 # Prepare date string for image file name
487 # Prepare date string for image file name
483 DATE="$(date +%Y-%m-%d)"
488 DATE="$(date +%Y-%m-%d)"
484
489
485 # Prepare image file
490 # Prepare image file
486 if [ "$ENABLE_SPLITFS" = true ] ; then
491 if [ "$ENABLE_SPLITFS" = true ] ; then
487 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
492 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
488 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
493 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
489 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
494 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
490 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
495 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
491
496
492 # Write firmware/boot partition tables
497 # Write firmware/boot partition tables
493 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" 2> /dev/null <<EOM
498 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" 2> /dev/null <<EOM
494 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
499 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
495 EOM
500 EOM
496
501
497 # Write root partition table
502 # Write root partition table
498 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" 2> /dev/null <<EOM
503 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" 2> /dev/null <<EOM
499 ${TABLE_SECTORS},${ROOT_SECTORS},83
504 ${TABLE_SECTORS},${ROOT_SECTORS},83
500 EOM
505 EOM
501
506
502 # Setup temporary loop devices
507 # Setup temporary loop devices
503 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
508 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
504 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
509 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
505 else # ENABLE_SPLITFS=false
510 else # ENABLE_SPLITFS=false
506 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
511 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
507 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
512 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
508
513
509 # Write partition table
514 # Write partition table
510 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" 2> /dev/null <<EOM
515 sfdisk -q -L -uS -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" 2> /dev/null <<EOM
511 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
516 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
512 ${ROOT_OFFSET},${ROOT_SECTORS},83
517 ${ROOT_OFFSET},${ROOT_SECTORS},83
513 EOM
518 EOM
514
519
515 # Setup temporary loop devices
520 # Setup temporary loop devices
516 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
521 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
517 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
522 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
518 fi
523 fi
519
524
520 if [ "$ENABLE_CRYPTFS" = true ] ; then
525 if [ "$ENABLE_CRYPTFS" = true ] ; then
521 # Create dummy ext4 fs
526 # Create dummy ext4 fs
522 mkfs.ext4 "$ROOT_LOOP"
527 mkfs.ext4 "$ROOT_LOOP"
523
528
524 # Setup password keyfile
529 # Setup password keyfile
525 echo -n ${CRYPTFS_PASSWORD} > .password
530 echo -n ${CRYPTFS_PASSWORD} > .password
526 chmod 600 .password
531 chmod 600 .password
527
532
528 # Initialize encrypted partition
533 # Initialize encrypted partition
529 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
534 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
530
535
531 # Open encrypted partition and setup mapping
536 # Open encrypted partition and setup mapping
532 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
537 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
533
538
534 # Secure delete password keyfile
539 # Secure delete password keyfile
535 shred -zu .password
540 shred -zu .password
536
541
537 # Update temporary loop device
542 # Update temporary loop device
538 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
543 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
539
544
540 # Wipe encrypted partition (encryption cipher is used for randomness)
545 # Wipe encrypted partition (encryption cipher is used for randomness)
541 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count=$(blockdev --getsz "${ROOT_LOOP}")
546 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count=$(blockdev --getsz "${ROOT_LOOP}")
542 fi
547 fi
543
548
544 # Build filesystems
549 # Build filesystems
545 mkfs.vfat "$FRMW_LOOP"
550 mkfs.vfat "$FRMW_LOOP"
546 mkfs.ext4 "$ROOT_LOOP"
551 mkfs.ext4 "$ROOT_LOOP"
547
552
548 # Mount the temporary loop devices
553 # Mount the temporary loop devices
549 mkdir -p "$BUILDDIR/mount"
554 mkdir -p "$BUILDDIR/mount"
550 mount "$ROOT_LOOP" "$BUILDDIR/mount"
555 mount "$ROOT_LOOP" "$BUILDDIR/mount"
551
556
552 mkdir -p "$BUILDDIR/mount/boot/firmware"
557 mkdir -p "$BUILDDIR/mount/boot/firmware"
553 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
558 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
554
559
555 # Copy all files from the chroot to the loop device mount point directory
560 # Copy all files from the chroot to the loop device mount point directory
556 rsync -a "${R}/" "$BUILDDIR/mount/"
561 rsync -a "${R}/" "$BUILDDIR/mount/"
557
562
558 # Unmount all temporary loop devices and mount points
563 # Unmount all temporary loop devices and mount points
559 cleanup
564 cleanup
560
565
561 # Create block map file(s) of image(s)
566 # Create block map file(s) of image(s)
562 if [ "$ENABLE_SPLITFS" = true ] ; then
567 if [ "$ENABLE_SPLITFS" = true ] ; then
563 # Create block map files for "bmaptool"
568 # Create block map files for "bmaptool"
564 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
569 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
565 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
570 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
566
571
567 # Image was successfully created
572 # Image was successfully created
568 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
573 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
569 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
574 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr \( ${TABLE_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
570 else
575 else
571 # Create block map file for "bmaptool"
576 # Create block map file for "bmaptool"
572 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
577 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
573
578
574 # Image was successfully created
579 # Image was successfully created
575 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
580 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr \( ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
576 fi
581 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant