##// END OF EJS Templates
a
Unknown -
r471:88966a4516b3
parent child
Show More
@@ -1,531 +1,531
1 # rpi23-gen-image
1 # rpi23-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for Raspberry Pi 2 (RPi2) and Raspberry Pi 3 (RPi3) computers. The script at this time supports the bootstrapping of the Debian (armhf) releases `stretch` and `buster`. Raspberry Pi 3 images are generated for 32-bit mode only. Raspberry Pi 3 64-bit images can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9
9
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the RPi3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf) cross-compiler toolchain.
11
11
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
12 The script has been tested using the default `crossbuild-essential-armhf` toolchain meta package on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13
13
14 ## Command-line parameters
14 ## Command-line parameters
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16
16
17 ##### Command-line examples:
17 ##### Command-line examples:
18 ```shell
18 ```shell
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 ```
32 ```
33
33
34 ## Configuration template files
34 ## Configuration template files
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36
36
37 ##### Command-line examples:
37 ##### Command-line examples:
38 ```shell
38 ```shell
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 ```
41 ```
42
42
43 ## Supported parameters and settings
43 ## Supported parameters and settings
44 #### APT settings:
44 #### APT settings:
45 ##### `APT_SERVER`="ftp.debian.org/debian"
45 ##### `APT_SERVER`="ftp.debian.org/debian"
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47
47
48 ##### `APT_PROXY`=""
48 ##### `APT_PROXY`=""
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50
50
51 ##### `APT_INCLUDES`=""
51 ##### `APT_INCLUDES`=""
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
53
53
54 ##### `APT_INCLUDES_LATE`=""
54 ##### `APT_INCLUDES_LATE`=""
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56
56
57 ---
57 ---
58
58
59 #### General system settings:
59 #### General system settings:
60 ##### `SET_ARCH`=32
60 ##### `SET_ARCH`=32
61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
62 If you want to change e.g. cross-compiler -> Templates always override defaults
62 If you want to change e.g. cross-compiler -> Templates always override defaults
63
63
64 ##### `RPI_MODEL`=2
64 ##### `RPI_MODEL`=2
65 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
65 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
66 - `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
66 - `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
67 - `1` = Used for Pi 1 model A and B
67 - `1` = Used for Pi 1 model A and B
68 - `1P` = Used for Pi 1 model B+ and A+
68 - `1P` = Used for Pi 1 model B+ and A+
69 - `2` = Used for Pi 2 model B
69 - `2` = Used for Pi 2 model B
70 - `3` = Used for Pi 3 model B
70 - `3` = Used for Pi 3 model B
71 - `3P` = Used for Pi 3 model B+
71 - `3P` = Used for Pi 3 model B+
72 - `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
72 - `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
73
73
74 ##### `RELEASE`="buster"
74 ##### `RELEASE`="buster"
75 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
75 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
76
76
77 ##### `RELEASE_ARCH`="armhf"
77 ##### `RELEASE_ARCH`="armhf"
78 Set the desired Debian release architecture.
78 Set the desired Debian release architecture.
79
79
80 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
80 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
81 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
81 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
82
82
83 ##### `PASSWORD`="raspberry"
83 ##### `PASSWORD`="raspberry"
84 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
84 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
85
85
86 ##### `USER_PASSWORD`="raspberry"
86 ##### `USER_PASSWORD`="raspberry"
87 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
87 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
88
88
89 ##### `DEFLOCAL`="en_US.UTF-8"
89 ##### `DEFLOCAL`="en_US.UTF-8"
90 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
90 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
91
91
92 ##### `TIMEZONE`="Europe/Berlin"
92 ##### `TIMEZONE`="Europe/Berlin"
93 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
93 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
94
94
95 ##### `EXPANDROOT`=true
95 ##### `EXPANDROOT`=true
96 Expand the root partition and filesystem automatically on first boot.
96 Expand the root partition and filesystem automatically on first boot.
97
97
98 ##### `ENABLE_QEMU`=false
98 ##### `ENABLE_QEMU`=false
99 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
99 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
100
100
101 ---
101 ---
102
102
103 #### Keyboard settings:
103 #### Keyboard settings:
104 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
104 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
105
105
106 ##### `XKB_MODEL`=""
106 ##### `XKB_MODEL`=""
107 Set the name of the model of your keyboard type.
107 Set the name of the model of your keyboard type.
108
108
109 ##### `XKB_LAYOUT`=""
109 ##### `XKB_LAYOUT`=""
110 Set the supported keyboard layout(s).
110 Set the supported keyboard layout(s).
111
111
112 ##### `XKB_VARIANT`=""
112 ##### `XKB_VARIANT`=""
113 Set the supported variant(s) of the keyboard layout(s).
113 Set the supported variant(s) of the keyboard layout(s).
114
114
115 ##### `XKB_OPTIONS`=""
115 ##### `XKB_OPTIONS`=""
116 Set extra xkb configuration options.
116 Set extra xkb configuration options.
117
117
118 ---
118 ---
119
119
120 #### Networking settings (DHCP):
120 #### Networking settings (DHCP):
121 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
121 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
122
122
123 ##### `ENABLE_DHCP`=true
123 ##### `ENABLE_DHCP`=true
124 Set the system to use DHCP. This requires an DHCP server.
124 Set the system to use DHCP. This requires an DHCP server.
125
125
126 ---
126 ---
127
127
128 #### Networking settings (static):
128 #### Networking settings (static):
129 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
129 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
130
130
131 ##### `NET_ADDRESS`=""
131 ##### `NET_ADDRESS`=""
132 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
132 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
133
133
134 ##### `NET_GATEWAY`=""
134 ##### `NET_GATEWAY`=""
135 Set the IP address for the default gateway.
135 Set the IP address for the default gateway.
136
136
137 ##### `NET_DNS_1`=""
137 ##### `NET_DNS_1`=""
138 Set the IP address for the first DNS server.
138 Set the IP address for the first DNS server.
139
139
140 ##### `NET_DNS_2`=""
140 ##### `NET_DNS_2`=""
141 Set the IP address for the second DNS server.
141 Set the IP address for the second DNS server.
142
142
143 ##### `NET_DNS_DOMAINS`=""
143 ##### `NET_DNS_DOMAINS`=""
144 Set the default DNS search domains to use for non fully qualified host names.
144 Set the default DNS search domains to use for non fully qualified host names.
145
145
146 ##### `NET_NTP_1`=""
146 ##### `NET_NTP_1`=""
147 Set the IP address for the first NTP server.
147 Set the IP address for the first NTP server.
148
148
149 ##### `NET_NTP_2`=""
149 ##### `NET_NTP_2`=""
150 Set the IP address for the second NTP server.
150 Set the IP address for the second NTP server.
151
151
152 ---
152 ---
153
153
154 #### Basic system features:
154 #### Basic system features:
155 ##### `ENABLE_CONSOLE`=true
155 ##### `ENABLE_CONSOLE`=true
156 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
156 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
157
157
158 ##### `ENABLE_PRINTK`=false
158 ##### `ENABLE_PRINTK`=false
159 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
159 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
160
160
161 ##### `ENABLE_BLUETOOTH`=false
161 ##### `ENABLE_BLUETOOTH`=false
162 Enable onboard Bluetooth interface on the RPi0/3/3P. See: https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/
162 Enable onboard Bluetooth interface on the RPi0/3/3P. See: https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/
163
163
164 ##### `ENABLE_MINIUART_OVERLAY`=false
164 ##### `ENABLE_MINIUART_OVERLAY`=false
165 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the cpu frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
165 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the cpu frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
166
166
167 ##### `ENABLE_TURBO`=false
167 ##### `ENABLE_TURBO`=false
168 VOIDS WARRANTY! Enable Turbo mode - NO overclocking. This setting locks cpu at highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
168 VOIDS WARRANTY! Enable Turbo mode - NO overclocking. This setting locks cpu at highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
169
169
170 ##### `ENABLE_I2C`=false
170 ##### `ENABLE_I2C`=false
171 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
171 Enable I2C interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
172
172
173 ##### `ENABLE_SPI`=false
173 ##### `ENABLE_SPI`=false
174 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
174 Enable SPI interface on the RPi2/3. Please check the [RPi2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
175
175
176 ##### `ENABLE_IPV6`=true
176 ##### `ENABLE_IPV6`=true
177 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
177 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
178
178
179 ##### `ENABLE_SSHD`=true
179 ##### `ENABLE_SSHD`=true
180 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
180 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
181
181
182 ##### `ENABLE_NONFREE`=false
182 ##### `ENABLE_NONFREE`=false
183 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
183 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
184
184
185 ##### `ENABLE_WIRELESS`=false
185 ##### `ENABLE_WIRELESS`=false
186 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
186 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
187
187
188 ##### `ENABLE_RSYSLOG`=true
188 ##### `ENABLE_RSYSLOG`=true
189 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
189 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
190
190
191 ##### `ENABLE_SOUND`=true
191 ##### `ENABLE_SOUND`=true
192 Enable sound hardware and install Advanced Linux Sound Architecture.
192 Enable sound hardware and install Advanced Linux Sound Architecture.
193
193
194 ##### `ENABLE_HWRANDOM`=true
194 ##### `ENABLE_HWRANDOM`=true
195 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
195 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
196
196
197 ##### `ENABLE_MINGPU`=false
197 ##### `ENABLE_MINGPU`=false
198 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
198 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
199
199
200 ##### `ENABLE_DBUS`=true
200 ##### `ENABLE_DBUS`=true
201 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
201 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
202
202
203 ##### `ENABLE_XORG`=false
203 ##### `ENABLE_XORG`=false
204 Install Xorg open-source X Window System.
204 Install Xorg open-source X Window System.
205
205
206 ##### `ENABLE_WM`=""
206 ##### `ENABLE_WM`=""
207 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
207 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
208
208
209 ##### `ENABLE_SYSVINIT`=false
209 ##### `ENABLE_SYSVINIT`=false
210 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
210 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
211
211
212 ---
212 ---
213
213
214 #### Advanced system features:
214 #### Advanced system features:
215 ##### `ENABLE_SYSTEMDSWAP`=false
215 ##### `ENABLE_SYSTEMDSWAP`=false
216 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
216 Enables [Systemd-swap service](https://github.com/Nefelim4ag/systemd-swap). Usefull if `KERNEL_ZSWAP` is enabled.
217
217
218 ##### `ENABLE_MINBASE`=false
218 ##### `ENABLE_MINBASE`=false
219 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
219 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
220
220
221 ##### `ENABLE_REDUCE`=false
221 ##### `ENABLE_REDUCE`=false
222 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
222 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
223
223
224 ##### `ENABLE_UBOOT`=false
224 ##### `ENABLE_UBOOT`=false
225 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
225 Replace the default RPi2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
226
226
227 ##### `UBOOTSRC_DIR`=""
227 ##### `UBOOTSRC_DIR`=""
228 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
228 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
229
229
230 ##### `ENABLE_FBTURBO`=false
230 ##### `ENABLE_FBTURBO`=false
231 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
231 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
232
232
233 ##### `FBTURBOSRC_DIR`=""
233 ##### `FBTURBOSRC_DIR`=""
234 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
234 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
235
235
236 ##### `ENABLE_VIDEOCORE`=false
236 ##### `ENABLE_VIDEOCORE`=false
237 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
237 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
238
238
239 ##### `VIDEOCORESRC_DIR`=""
239 ##### `VIDEOCORESRC_DIR`=""
240 Path to a directory (`userland`) of [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git) that will be copied, configured, build and installed inside the chroot.
240 Path to a directory (`userland`) of [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git) that will be copied, configured, build and installed inside the chroot.
241
241
242 ##### `ENABLE_NEXMON`=false
242 ##### `ENABLE_NEXMON`=false
243 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
243 Install and enable the [Source code for a C-based firmware patching framework for Broadcom/Cypress WiFi chips that enables you to write your own firmware patches, for example, to enable monitor mode with radiotap headers and frame injection](https://github.com/seemoo-lab/nexmon.git).
244
244
245 ##### `NEXMON_DIR`=""
245 ##### `NEXMONSRC_DIR`=""
246 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
246 Path to a directory (`nexmon`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
247
247
248 ##### `ENABLE_IPTABLES`=false
248 ##### `ENABLE_IPTABLES`=false
249 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
249 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
250
250
251 ##### `ENABLE_USER`=true
251 ##### `ENABLE_USER`=true
252 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
252 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
253
253
254 ##### `USER_NAME`=pi
254 ##### `USER_NAME`=pi
255 Non-root user to create. Ignored if `ENABLE_USER`=false
255 Non-root user to create. Ignored if `ENABLE_USER`=false
256
256
257 ##### `ENABLE_ROOT`=false
257 ##### `ENABLE_ROOT`=false
258 Set root user password so root login will be enabled
258 Set root user password so root login will be enabled
259
259
260 ##### `ENABLE_HARDNET`=false
260 ##### `ENABLE_HARDNET`=false
261 Enable IPv4/IPv6 network stack hardening settings.
261 Enable IPv4/IPv6 network stack hardening settings.
262
262
263 ##### `ENABLE_SPLITFS`=false
263 ##### `ENABLE_SPLITFS`=false
264 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
264 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
265
265
266 ##### `CHROOT_SCRIPTS`=""
266 ##### `CHROOT_SCRIPTS`=""
267 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
267 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
268
268
269 ##### `ENABLE_INITRAMFS`=false
269 ##### `ENABLE_INITRAMFS`=false
270 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
270 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
271
271
272 ##### `ENABLE_IFNAMES`=true
272 ##### `ENABLE_IFNAMES`=true
273 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
273 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
274
274
275 ##### `DISABLE_UNDERVOLT_WARNINGS`=
275 ##### `DISABLE_UNDERVOLT_WARNINGS`=
276 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
276 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
277
277
278 ---
278 ---
279
279
280 #### SSH settings:
280 #### SSH settings:
281 ##### `SSH_ENABLE_ROOT`=false
281 ##### `SSH_ENABLE_ROOT`=false
282 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
282 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
283
283
284 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
284 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
285 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
285 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
286
286
287 ##### `SSH_LIMIT_USERS`=false
287 ##### `SSH_LIMIT_USERS`=false
288 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
288 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
289
289
290 ##### `SSH_ROOT_PUB_KEY`=""
290 ##### `SSH_ROOT_PUB_KEY`=""
291 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
291 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
292
292
293 ##### `SSH_USER_PUB_KEY`=""
293 ##### `SSH_USER_PUB_KEY`=""
294 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
294 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
295
295
296 ---
296 ---
297
297
298 #### Kernel compilation:
298 #### Kernel compilation:
299 ##### `BUILD_KERNEL`=true
299 ##### `BUILD_KERNEL`=true
300 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used.
300 Build and install the latest RPi2/3 Linux kernel. Currently only the default RPi2/3 kernel configuration is used.
301
301
302 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
302 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
303 This sets the cross compile enviornment for the compiler.
303 This sets the cross compile enviornment for the compiler.
304
304
305 ##### `KERNEL_ARCH`="arm"
305 ##### `KERNEL_ARCH`="arm"
306 This sets the kernel architecture for the compiler.
306 This sets the kernel architecture for the compiler.
307
307
308 ##### `KERNEL_IMAGE`="kernel7.img"
308 ##### `KERNEL_IMAGE`="kernel7.img"
309 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
309 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
310
310
311 ##### `KERNEL_BRANCH`=""
311 ##### `KERNEL_BRANCH`=""
312 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
312 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
313
313
314 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
314 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
315 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
315 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
316
316
317 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
317 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
318 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
318 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
319
319
320 ##### `KERNEL_REDUCE`=false
320 ##### `KERNEL_REDUCE`=false
321 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
321 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
322
322
323 ##### `KERNEL_THREADS`=1
323 ##### `KERNEL_THREADS`=1
324 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
324 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
325
325
326 ##### `KERNEL_HEADERS`=true
326 ##### `KERNEL_HEADERS`=true
327 Install kernel headers with built kernel.
327 Install kernel headers with built kernel.
328
328
329 ##### `KERNEL_MENUCONFIG`=false
329 ##### `KERNEL_MENUCONFIG`=false
330 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
330 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
331
331
332 ##### `KERNEL_OLDDEFCONFIG`=false
332 ##### `KERNEL_OLDDEFCONFIG`=false
333 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
333 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
334
334
335 ##### `KERNEL_CCACHE`=false
335 ##### `KERNEL_CCACHE`=false
336 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
336 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
337
337
338 ##### `KERNEL_REMOVESRC`=true
338 ##### `KERNEL_REMOVESRC`=true
339 Remove all kernel sources from the generated OS image after it was built and installed.
339 Remove all kernel sources from the generated OS image after it was built and installed.
340
340
341 ##### `KERNELSRC_DIR`=""
341 ##### `KERNELSRC_DIR`=""
342 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
342 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
343
343
344 ##### `KERNELSRC_CLEAN`=false
344 ##### `KERNELSRC_CLEAN`=false
345 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
345 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
346
346
347 ##### `KERNELSRC_CONFIG`=true
347 ##### `KERNELSRC_CONFIG`=true
348 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
348 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
349
349
350 ##### `KERNELSRC_USRCONFIG`=""
350 ##### `KERNELSRC_USRCONFIG`=""
351 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
351 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
352
352
353 ##### `KERNELSRC_PREBUILT`=false
353 ##### `KERNELSRC_PREBUILT`=false
354 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
354 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
355
355
356 ##### `RPI_FIRMWARE_DIR`=""
356 ##### `RPI_FIRMWARE_DIR`=""
357 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
357 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
358
358
359 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
359 ##### `KERNEL_DEFAULT_GOV`="ONDEMAND"
360 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
360 Set the default cpu governor at kernel compilation. Supported values are: PERFORMANCE POWERSAVE USERSPACE ONDEMAND CONSERVATIVE SCHEDUTIL
361
361
362 ##### `KERNEL_NF`=false
362 ##### `KERNEL_NF`=false
363 Enable Netfilter modules as kernel modules
363 Enable Netfilter modules as kernel modules
364
364
365 ##### `KERNEL_VIRT`=false
365 ##### `KERNEL_VIRT`=false
366 Enable Kernel KVM support (/dev/kvm)
366 Enable Kernel KVM support (/dev/kvm)
367
367
368 ##### `KERNEL_ZSWAP`=false
368 ##### `KERNEL_ZSWAP`=false
369 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
369 Enable Kernel Zswap support. Best use on high RAM load and mediocre CPU load usecases
370
370
371 ##### `KERNEL_BPF`=true
371 ##### `KERNEL_BPF`=true
372 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
372 Allow attaching eBPF programs to a cgroup using the bpf syscall (CONFIG_BPF_SYSCALL CONFIG_CGROUP_BPF) [systemd compilations about it - File /lib/systemd/system/systemd-journald.server:36 configures an IP firewall (IPAddressDeny=all), but the local system does not support BPF/cgroup based firewalls]
373
373
374 ---
374 ---
375
375
376 #### Reduce disk usage:
376 #### Reduce disk usage:
377 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
377 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
378
378
379 ##### `REDUCE_APT`=true
379 ##### `REDUCE_APT`=true
380 Configure APT to use compressed package repository lists and no package caching files.
380 Configure APT to use compressed package repository lists and no package caching files.
381
381
382 ##### `REDUCE_DOC`=true
382 ##### `REDUCE_DOC`=true
383 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
383 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
384
384
385 ##### `REDUCE_MAN`=true
385 ##### `REDUCE_MAN`=true
386 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
386 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
387
387
388 ##### `REDUCE_VIM`=false
388 ##### `REDUCE_VIM`=false
389 Replace `vim-tiny` package by `levee` a tiny vim clone.
389 Replace `vim-tiny` package by `levee` a tiny vim clone.
390
390
391 ##### `REDUCE_BASH`=false
391 ##### `REDUCE_BASH`=false
392 Remove `bash` package and switch to `dash` shell (experimental).
392 Remove `bash` package and switch to `dash` shell (experimental).
393
393
394 ##### `REDUCE_HWDB`=true
394 ##### `REDUCE_HWDB`=true
395 Remove PCI related hwdb files (experimental).
395 Remove PCI related hwdb files (experimental).
396
396
397 ##### `REDUCE_SSHD`=true
397 ##### `REDUCE_SSHD`=true
398 Replace `openssh-server` with `dropbear`.
398 Replace `openssh-server` with `dropbear`.
399
399
400 ##### `REDUCE_LOCALE`=true
400 ##### `REDUCE_LOCALE`=true
401 Remove all `locale` translation files.
401 Remove all `locale` translation files.
402
402
403 ---
403 ---
404
404
405 #### Encrypted root partition:
405 #### Encrypted root partition:
406 ##### `ENABLE_CRYPTFS`=false
406 ##### `ENABLE_CRYPTFS`=false
407 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
407 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
408
408
409 ##### `CRYPTFS_PASSWORD`=""
409 ##### `CRYPTFS_PASSWORD`=""
410 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
410 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
411
411
412 ##### `CRYPTFS_MAPPING`="secure"
412 ##### `CRYPTFS_MAPPING`="secure"
413 Set name of dm-crypt managed device-mapper mapping.
413 Set name of dm-crypt managed device-mapper mapping.
414
414
415 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
415 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
416 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
416 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
417
417
418 ##### `CRYPTFS_XTSKEYSIZE`=512
418 ##### `CRYPTFS_XTSKEYSIZE`=512
419 Sets key size in bits. The argument has to be a multiple of 8.
419 Sets key size in bits. The argument has to be a multiple of 8.
420
420
421 ##### `CRYPTFS_DROPBEAR`=false
421 ##### `CRYPTFS_DROPBEAR`=false
422 Enable Dropbear Initramfs support
422 Enable Dropbear Initramfs support
423
423
424 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
424 ##### `CRYPTFS_DROPBEAR_PUBKEY`=""
425 Provide path to dropbear Public RSA-OpenSSH Key
425 Provide path to dropbear Public RSA-OpenSSH Key
426
426
427 ---
427 ---
428
428
429 #### Build settings:
429 #### Build settings:
430 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
430 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
431 Set a path to a working directory used by the script to generate an image.
431 Set a path to a working directory used by the script to generate an image.
432
432
433 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
433 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
434 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
434 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
435
435
436 ## Understanding the script
436 ## Understanding the script
437 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
437 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
438
438
439 | Script | Description |
439 | Script | Description |
440 | --- | --- |
440 | --- | --- |
441 | `10-bootstrap.sh` | Debootstrap basic system |
441 | `10-bootstrap.sh` | Debootstrap basic system |
442 | `11-apt.sh` | Setup APT repositories |
442 | `11-apt.sh` | Setup APT repositories |
443 | `12-locale.sh` | Setup Locales and keyboard settings |
443 | `12-locale.sh` | Setup Locales and keyboard settings |
444 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
444 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
445 | `14-fstab.sh` | Setup fstab and initramfs |
445 | `14-fstab.sh` | Setup fstab and initramfs |
446 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
446 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
447 | `20-networking.sh` | Setup Networking |
447 | `20-networking.sh` | Setup Networking |
448 | `21-firewall.sh` | Setup Firewall |
448 | `21-firewall.sh` | Setup Firewall |
449 | `30-security.sh` | Setup Users and Security settings |
449 | `30-security.sh` | Setup Users and Security settings |
450 | `31-logging.sh` | Setup Logging |
450 | `31-logging.sh` | Setup Logging |
451 | `32-sshd.sh` | Setup SSH and public keys |
451 | `32-sshd.sh` | Setup SSH and public keys |
452 | `41-uboot.sh` | Build and Setup U-Boot |
452 | `41-uboot.sh` | Build and Setup U-Boot |
453 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
453 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
454 | `50-firstboot.sh` | First boot actions |
454 | `50-firstboot.sh` | First boot actions |
455 | `99-reduce.sh` | Reduce the disk space usage |
455 | `99-reduce.sh` | Reduce the disk space usage |
456
456
457 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
457 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
458
458
459 | Directory | Description |
459 | Directory | Description |
460 | --- | --- |
460 | --- | --- |
461 | `apt` | APT management configuration files |
461 | `apt` | APT management configuration files |
462 | `boot` | Boot and RPi2/3 configuration files |
462 | `boot` | Boot and RPi2/3 configuration files |
463 | `dpkg` | Package Manager configuration |
463 | `dpkg` | Package Manager configuration |
464 | `etc` | Configuration files and rc scripts |
464 | `etc` | Configuration files and rc scripts |
465 | `firstboot` | Scripts that get executed on first boot |
465 | `firstboot` | Scripts that get executed on first boot |
466 | `initramfs` | Initramfs scripts |
466 | `initramfs` | Initramfs scripts |
467 | `iptables` | Firewall configuration files |
467 | `iptables` | Firewall configuration files |
468 | `locales` | Locales configuration |
468 | `locales` | Locales configuration |
469 | `modules` | Kernel Modules configuration |
469 | `modules` | Kernel Modules configuration |
470 | `mount` | Fstab configuration |
470 | `mount` | Fstab configuration |
471 | `network` | Networking configuration files |
471 | `network` | Networking configuration files |
472 | `sysctl.d` | Swapping and Network Hardening configuration |
472 | `sysctl.d` | Swapping and Network Hardening configuration |
473 | `xorg` | fbturbo Xorg driver configuration |
473 | `xorg` | fbturbo Xorg driver configuration |
474
474
475 ## Custom packages and scripts
475 ## Custom packages and scripts
476 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
476 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
477
477
478 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
478 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
479
479
480 ## Logging of the bootstrapping process
480 ## Logging of the bootstrapping process
481 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
481 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
482
482
483 ```shell
483 ```shell
484 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
484 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
485 ```
485 ```
486
486
487 ## Flashing the image file
487 ## Flashing the image file
488 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
488 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
489
489
490 ##### Flashing examples:
490 ##### Flashing examples:
491 ```shell
491 ```shell
492 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
492 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
493 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
493 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
494 ```
494 ```
495 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
495 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
496 ```shell
496 ```shell
497 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
497 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
498 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
498 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
499 ```
499 ```
500
500
501 ## QEMU emulation
501 ## QEMU emulation
502 Start QEMU full system emulation:
502 Start QEMU full system emulation:
503 ```shell
503 ```shell
504 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
504 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
505 ```
505 ```
506
506
507 Start QEMU full system emulation and output to console:
507 Start QEMU full system emulation and output to console:
508 ```shell
508 ```shell
509 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
509 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
510 ```
510 ```
511
511
512 Start QEMU full system emulation with SMP and output to console:
512 Start QEMU full system emulation with SMP and output to console:
513 ```shell
513 ```shell
514 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
514 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
515 ```
515 ```
516
516
517 Start QEMU full system emulation with cryptfs, initramfs and output to console:
517 Start QEMU full system emulation with cryptfs, initramfs and output to console:
518 ```shell
518 ```shell
519 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
519 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
520 ```
520 ```
521
521
522 ## External links and references
522 ## External links and references
523 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
523 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
524 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
524 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
525 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
525 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
526 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
526 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
527 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
527 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
528 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
528 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
529 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
529 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
530 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
530 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
531 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
531 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
@@ -1,497 +1,496
1 #
1 #
2 # Build and Setup RPi2/3 Kernel
2 # Build and Setup RPi2/3 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build latest raspberry kernel
8 # Fetch and build latest raspberry kernel
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 # Setup source directory
10 # Setup source directory
11 mkdir -p "${KERNEL_DIR}"
11 mkdir -p "${KERNEL_DIR}"
12
12
13 # Copy existing kernel sources into chroot directory
13 # Copy existing kernel sources into chroot directory
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 # Copy kernel sources and include hidden files
15 # Copy kernel sources and include hidden files
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17
17
18 # Clean the kernel sources
18 # Clean the kernel sources
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 fi
21 fi
22 else # KERNELSRC_DIR=""
22 else # KERNELSRC_DIR=""
23 # Create temporary directory for kernel sources
23 # Create temporary directory for kernel sources
24 temp_dir=$(as_nobody mktemp -d)
24 temp_dir=$(as_nobody mktemp -d)
25
25
26 if [ "$ENABLE_NEXMON" = true ] ; then
26 if [ "$ENABLE_NEXMON" = true ] ; then
27 NEXMON_URL
27 NEXMON_URL
28 else
28 else
29 # Fetch current RPi2/3 kernel sources
29 # Fetch current RPi2/3 kernel sources
30 if [ -z "${KERNEL_BRANCH}" ] ; then
30 if [ -z "${KERNEL_BRANCH}" ] ; then
31 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
31 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
32 else
32 else
33 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
33 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
34 fi
34 fi
35 fi
35 fi
36
37 # Copy downloaded kernel sources
36 # Copy downloaded kernel sources
38 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
37 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
39
38
40 # Remove temporary directory for kernel sources
39 # Remove temporary directory for kernel sources
41 rm -fr "${temp_dir}"
40 rm -fr "${temp_dir}"
42
41
43 # Set permissions of the kernel sources
42 # Set permissions of the kernel sources
44 chown -R root:root "${R}/usr/src"
43 chown -R root:root "${R}/usr/src"
45 fi
44 fi
46
45
47 # Calculate optimal number of kernel building threads
46 # Calculate optimal number of kernel building threads
48 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
47 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
49 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
48 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
50 fi
49 fi
51
50
52 # Configure and build kernel
51 # Configure and build kernel
53 if [ "$KERNELSRC_PREBUILT" = false ] ; then
52 if [ "$KERNELSRC_PREBUILT" = false ] ; then
54 # Remove device, network and filesystem drivers from kernel configuration
53 # Remove device, network and filesystem drivers from kernel configuration
55 if [ "$KERNEL_REDUCE" = true ] ; then
54 if [ "$KERNEL_REDUCE" = true ] ; then
56 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
55 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
57 sed -i\
56 sed -i\
58 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
62 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
64 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
67 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
68 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
70 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
69 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
70 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
72 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
71 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
73 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
72 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
74 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
73 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
75 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
74 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
75 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
76 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
78 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
77 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
78 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
80 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
79 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
80 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
81 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
83 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
82 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
84 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
83 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
85 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
84 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
86 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
85 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
87 "${KERNEL_DIR}/.config"
86 "${KERNEL_DIR}/.config"
88 fi
87 fi
89
88
90 if [ "$KERNELSRC_CONFIG" = true ] ; then
89 if [ "$KERNELSRC_CONFIG" = true ] ; then
91 # Load default raspberry kernel configuration
90 # Load default raspberry kernel configuration
92 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
91 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
93
92
94 #Switch to KERNELSRC_DIR so we can use set_kernel_config
93 #Switch to KERNELSRC_DIR so we can use set_kernel_config
95 cd "${KERNEL_DIR}" || exit
94 cd "${KERNEL_DIR}" || exit
96
95
97 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
96 # enable ZSWAP see https://askubuntu.com/a/472227 or https://wiki.archlinux.org/index.php/zswap
98 if [ "$KERNEL_ZSWAP" = true ] ; then
97 if [ "$KERNEL_ZSWAP" = true ] ; then
99 set_kernel_config CONFIG_ZPOOL y
98 set_kernel_config CONFIG_ZPOOL y
100 set_kernel_config CONFIG_ZSWAP y
99 set_kernel_config CONFIG_ZSWAP y
101 set_kernel_config CONFIG_ZBUD y
100 set_kernel_config CONFIG_ZBUD y
102 set_kernel_config CONFIG_Z3FOLD y
101 set_kernel_config CONFIG_Z3FOLD y
103 set_kernel_config CONFIG_ZSMALLOC y
102 set_kernel_config CONFIG_ZSMALLOC y
104 set_kernel_config CONFIG_PGTABLE_MAPPING y
103 set_kernel_config CONFIG_PGTABLE_MAPPING y
105 fi
104 fi
106
105
107 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
106 # enable basic KVM support; see https://www.raspberrypi.org/forums/viewtopic.php?f=63&t=210546&start=25#p1300453
108 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
107 if [ "$KERNEL_VIRT" = true ] && { [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
109 set_kernel_config CONFIG_VIRTUALIZATION y
108 set_kernel_config CONFIG_VIRTUALIZATION y
110 set_kernel_config CONFIG_KVM y
109 set_kernel_config CONFIG_KVM y
111 set_kernel_config CONFIG_VHOST_NET m
110 set_kernel_config CONFIG_VHOST_NET m
112 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
111 set_kernel_config CONFIG_VHOST_CROSS_ENDIAN_LEGACY y
113 fi
112 fi
114
113
115 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
114 # Netfilter kernel support See https://github.com/raspberrypi/linux/issues/2177#issuecomment-354647406
116 if [ "$KERNEL_NF" = true ] ; then
115 if [ "$KERNEL_NF" = true ] ; then
117 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
116 set_kernel_config CONFIG_IP_NF_TARGET_SYNPROXY m
118 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
117 set_kernel_config CONFIG_NETFILTER_XT_MATCH_CGROUP m
119 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
118 set_kernel_config CONFIG_NETFILTER_XT_MATCH_IPCOMP m
120 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
119 set_kernel_config CONFIG_NETFILTER_XT_MATCH_SOCKET m
121 set_kernel_config CONFIG_NFT_FIB_INET m
120 set_kernel_config CONFIG_NFT_FIB_INET m
122 set_kernel_config CONFIG_NFT_FIB_IPV4 m
121 set_kernel_config CONFIG_NFT_FIB_IPV4 m
123 set_kernel_config CONFIG_NFT_FIB_IPV6 m
122 set_kernel_config CONFIG_NFT_FIB_IPV6 m
124 set_kernel_config CONFIG_NFT_FIB_NETDEV m
123 set_kernel_config CONFIG_NFT_FIB_NETDEV m
125 set_kernel_config CONFIG_NFT_OBJREF m
124 set_kernel_config CONFIG_NFT_OBJREF m
126 set_kernel_config CONFIG_NFT_RT m
125 set_kernel_config CONFIG_NFT_RT m
127 set_kernel_config CONFIG_NFT_SET_BITMAP m
126 set_kernel_config CONFIG_NFT_SET_BITMAP m
128 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
127 set_kernel_config CONFIG_NF_CONNTRACK_TIMEOUT y
129 set_kernel_config CONFIG_NF_LOG_ARP m
128 set_kernel_config CONFIG_NF_LOG_ARP m
130 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
129 set_kernel_config CONFIG_NF_SOCKET_IPV4 m
131 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
130 set_kernel_config CONFIG_NF_SOCKET_IPV6 m
132 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
131 set_kernel_config CONFIG_BRIDGE_EBT_BROUTE m
133 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
132 set_kernel_config CONFIG_BRIDGE_EBT_T_FILTER m
134 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
133 set_kernel_config CONFIG_BRIDGE_NF_EBTABLES m
135 set_kernel_config CONFIG_IP6_NF_IPTABLES m
134 set_kernel_config CONFIG_IP6_NF_IPTABLES m
136 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
135 set_kernel_config CONFIG_IP6_NF_MATCH_AH m
137 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
136 set_kernel_config CONFIG_IP6_NF_MATCH_EUI64 m
138 set_kernel_config CONFIG_IP6_NF_NAT m
137 set_kernel_config CONFIG_IP6_NF_NAT m
139 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
138 set_kernel_config CONFIG_IP6_NF_TARGET_MASQUERADE m
140 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
139 set_kernel_config CONFIG_IP6_NF_TARGET_NPT m
141 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
140 set_kernel_config CONFIG_IP_SET_BITMAP_IPMAC m
142 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
141 set_kernel_config CONFIG_IP_SET_BITMAP_PORT m
143 set_kernel_config CONFIG_IP_SET_HASH_IP m
142 set_kernel_config CONFIG_IP_SET_HASH_IP m
144 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
143 set_kernel_config CONFIG_IP_SET_HASH_IPMARK m
145 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
144 set_kernel_config CONFIG_IP_SET_HASH_IPPORT m
146 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
145 set_kernel_config CONFIG_IP_SET_HASH_IPPORTIP m
147 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
146 set_kernel_config CONFIG_IP_SET_HASH_IPPORTNET m
148 set_kernel_config CONFIG_IP_SET_HASH_MAC m
147 set_kernel_config CONFIG_IP_SET_HASH_MAC m
149 set_kernel_config CONFIG_IP_SET_HASH_NET m
148 set_kernel_config CONFIG_IP_SET_HASH_NET m
150 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
149 set_kernel_config CONFIG_IP_SET_HASH_NETIFACE m
151 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
150 set_kernel_config CONFIG_IP_SET_HASH_NETNET m
152 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
151 set_kernel_config CONFIG_IP_SET_HASH_NETPORT m
153 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
152 set_kernel_config CONFIG_IP_SET_HASH_NETPORTNET m
154 set_kernel_config CONFIG_IP_SET_LIST_SET m
153 set_kernel_config CONFIG_IP_SET_LIST_SET m
155 set_kernel_config CONFIG_NETFILTER_XTABLES m
154 set_kernel_config CONFIG_NETFILTER_XTABLES m
156 set_kernel_config CONFIG_NETFILTER_XTABLES m
155 set_kernel_config CONFIG_NETFILTER_XTABLES m
157 set_kernel_config CONFIG_NFT_BRIDGE_META m
156 set_kernel_config CONFIG_NFT_BRIDGE_META m
158 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
157 set_kernel_config CONFIG_NFT_BRIDGE_REJECT m
159 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
158 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV4 m
160 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
159 set_kernel_config CONFIG_NFT_CHAIN_NAT_IPV6 m
161 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
160 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV4 m
162 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
161 set_kernel_config CONFIG_NFT_CHAIN_ROUTE_IPV6 m
163 set_kernel_config CONFIG_NFT_COMPAT m
162 set_kernel_config CONFIG_NFT_COMPAT m
164 set_kernel_config CONFIG_NFT_COUNTER m
163 set_kernel_config CONFIG_NFT_COUNTER m
165 set_kernel_config CONFIG_NFT_CT m
164 set_kernel_config CONFIG_NFT_CT m
166 set_kernel_config CONFIG_NFT_DUP_IPV4 m
165 set_kernel_config CONFIG_NFT_DUP_IPV4 m
167 set_kernel_config CONFIG_NFT_DUP_IPV6 m
166 set_kernel_config CONFIG_NFT_DUP_IPV6 m
168 set_kernel_config CONFIG_NFT_DUP_NETDEV m
167 set_kernel_config CONFIG_NFT_DUP_NETDEV m
169 set_kernel_config CONFIG_NFT_EXTHDR m
168 set_kernel_config CONFIG_NFT_EXTHDR m
170 set_kernel_config CONFIG_NFT_FWD_NETDEV m
169 set_kernel_config CONFIG_NFT_FWD_NETDEV m
171 set_kernel_config CONFIG_NFT_HASH m
170 set_kernel_config CONFIG_NFT_HASH m
172 set_kernel_config CONFIG_NFT_LIMIT m
171 set_kernel_config CONFIG_NFT_LIMIT m
173 set_kernel_config CONFIG_NFT_LOG m
172 set_kernel_config CONFIG_NFT_LOG m
174 set_kernel_config CONFIG_NFT_MASQ m
173 set_kernel_config CONFIG_NFT_MASQ m
175 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
174 set_kernel_config CONFIG_NFT_MASQ_IPV4 m
176 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
175 set_kernel_config CONFIG_NFT_MASQ_IPV6 m
177 set_kernel_config CONFIG_NFT_META m
176 set_kernel_config CONFIG_NFT_META m
178 set_kernel_config CONFIG_NFT_NAT m
177 set_kernel_config CONFIG_NFT_NAT m
179 set_kernel_config CONFIG_NFT_NUMGEN m
178 set_kernel_config CONFIG_NFT_NUMGEN m
180 set_kernel_config CONFIG_NFT_QUEUE m
179 set_kernel_config CONFIG_NFT_QUEUE m
181 set_kernel_config CONFIG_NFT_QUOTA m
180 set_kernel_config CONFIG_NFT_QUOTA m
182 set_kernel_config CONFIG_NFT_REDIR m
181 set_kernel_config CONFIG_NFT_REDIR m
183 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
182 set_kernel_config CONFIG_NFT_REDIR_IPV4 m
184 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
183 set_kernel_config CONFIG_NFT_REDIR_IPV6 m
185 set_kernel_config CONFIG_NFT_REJECT m
184 set_kernel_config CONFIG_NFT_REJECT m
186 set_kernel_config CONFIG_NFT_REJECT_INET m
185 set_kernel_config CONFIG_NFT_REJECT_INET m
187 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
186 set_kernel_config CONFIG_NFT_REJECT_IPV4 m
188 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
187 set_kernel_config CONFIG_NFT_REJECT_IPV6 m
189 set_kernel_config CONFIG_NFT_SET_HASH m
188 set_kernel_config CONFIG_NFT_SET_HASH m
190 set_kernel_config CONFIG_NFT_SET_RBTREE m
189 set_kernel_config CONFIG_NFT_SET_RBTREE m
191 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
190 set_kernel_config CONFIG_NF_CONNTRACK_IPV4 m
192 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
191 set_kernel_config CONFIG_NF_CONNTRACK_IPV6 m
193 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
192 set_kernel_config CONFIG_NF_DEFRAG_IPV4 m
194 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
193 set_kernel_config CONFIG_NF_DEFRAG_IPV6 m
195 set_kernel_config CONFIG_NF_DUP_IPV4 m
194 set_kernel_config CONFIG_NF_DUP_IPV4 m
196 set_kernel_config CONFIG_NF_DUP_IPV6 m
195 set_kernel_config CONFIG_NF_DUP_IPV6 m
197 set_kernel_config CONFIG_NF_DUP_NETDEV m
196 set_kernel_config CONFIG_NF_DUP_NETDEV m
198 set_kernel_config CONFIG_NF_LOG_BRIDGE m
197 set_kernel_config CONFIG_NF_LOG_BRIDGE m
199 set_kernel_config CONFIG_NF_LOG_IPV4 m
198 set_kernel_config CONFIG_NF_LOG_IPV4 m
200 set_kernel_config CONFIG_NF_LOG_IPV6 m
199 set_kernel_config CONFIG_NF_LOG_IPV6 m
201 set_kernel_config CONFIG_NF_NAT_IPV4 m
200 set_kernel_config CONFIG_NF_NAT_IPV4 m
202 set_kernel_config CONFIG_NF_NAT_IPV6 m
201 set_kernel_config CONFIG_NF_NAT_IPV6 m
203 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
202 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV4 m
204 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
203 set_kernel_config CONFIG_NF_NAT_MASQUERADE_IPV6 m
205 set_kernel_config CONFIG_NF_NAT_PPTP m
204 set_kernel_config CONFIG_NF_NAT_PPTP m
206 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
205 set_kernel_config CONFIG_NF_NAT_PROTO_GRE m
207 set_kernel_config CONFIG_NF_NAT_REDIRECT m
206 set_kernel_config CONFIG_NF_NAT_REDIRECT m
208 set_kernel_config CONFIG_NF_NAT_SIP m
207 set_kernel_config CONFIG_NF_NAT_SIP m
209 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
208 set_kernel_config CONFIG_NF_NAT_SNMP_BASIC m
210 set_kernel_config CONFIG_NF_NAT_TFTP m
209 set_kernel_config CONFIG_NF_NAT_TFTP m
211 set_kernel_config CONFIG_NF_REJECT_IPV4 m
210 set_kernel_config CONFIG_NF_REJECT_IPV4 m
212 set_kernel_config CONFIG_NF_REJECT_IPV6 m
211 set_kernel_config CONFIG_NF_REJECT_IPV6 m
213 set_kernel_config CONFIG_NF_TABLES m
212 set_kernel_config CONFIG_NF_TABLES m
214 set_kernel_config CONFIG_NF_TABLES_ARP m
213 set_kernel_config CONFIG_NF_TABLES_ARP m
215 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
214 set_kernel_config CONFIG_NF_TABLES_BRIDGE m
216 set_kernel_config CONFIG_NF_TABLES_INET m
215 set_kernel_config CONFIG_NF_TABLES_INET m
217 set_kernel_config CONFIG_NF_TABLES_IPV4 m
216 set_kernel_config CONFIG_NF_TABLES_IPV4 m
218 set_kernel_config CONFIG_NF_TABLES_IPV6 m
217 set_kernel_config CONFIG_NF_TABLES_IPV6 m
219 set_kernel_config CONFIG_NF_TABLES_NETDEV m
218 set_kernel_config CONFIG_NF_TABLES_NETDEV m
220 fi
219 fi
221
220
222 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
221 # Enables BPF syscall for systemd-journald see https://github.com/torvalds/linux/blob/master/init/Kconfig#L848 or https://groups.google.com/forum/#!topic/linux.gentoo.user/_2aSc_ztGpA
223 if [ "$KERNEL_BPF" = true ] ; then
222 if [ "$KERNEL_BPF" = true ] ; then
224 set_kernel_config CONFIG_BPF_SYSCALL y
223 set_kernel_config CONFIG_BPF_SYSCALL y
225 set_kernel_config CONFIG_BPF_EVENTS y
224 set_kernel_config CONFIG_BPF_EVENTS y
226 set_kernel_config CONFIG_BPF_STREAM_PARSER y
225 set_kernel_config CONFIG_BPF_STREAM_PARSER y
227 set_kernel_config CONFIG_CGROUP_BPF y
226 set_kernel_config CONFIG_CGROUP_BPF y
228 fi
227 fi
229
228
230 # KERNEL_DEFAULT_GOV was set by user
229 # KERNEL_DEFAULT_GOV was set by user
231 if ! [ "$KERNEL_DEFAULT_GOV" = POWERSAVE ] && [ -n "$KERNEL_DEFAULT_GOV" ]; then
230 if ! [ "$KERNEL_DEFAULT_GOV" = POWERSAVE ] && [ -n "$KERNEL_DEFAULT_GOV" ]; then
232 # unset default governor
231 # unset default governor
233 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
232 unset_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_POWERSAVE
234
233
235 case "$KERNEL_DEFAULT_GOV" in
234 case "$KERNEL_DEFAULT_GOV" in
236 "PERFORMANCE")
235 "PERFORMANCE")
237 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
236 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE y
238 ;;
237 ;;
239 "USERSPACE")
238 "USERSPACE")
240 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
239 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE y
241 ;;
240 ;;
242 "ONDEMAND")
241 "ONDEMAND")
243 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
242 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_ONDEMAND y
244 ;;
243 ;;
245 "CONSERVATIVE")
244 "CONSERVATIVE")
246 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
245 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_CONSERVATIVE y
247 ;;
246 ;;
248 "CONSERVATIVE")
247 "CONSERVATIVE")
249 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
248 set_kernel_config CONFIG_CPU_FREQ_DEFAULT_GOV_SCHEDUTIL y
250 ;;
249 ;;
251 *)
250 *)
252 echo "error: unsupported default cpu governor"
251 echo "error: unsupported default cpu governor"
253 exit 1
252 exit 1
254 ;;
253 ;;
255 esac
254 esac
256 fi
255 fi
257
256
258
257
259
258
260 #Revert to previous directory
259 #Revert to previous directory
261 cd "${WORKDIR}" || exit
260 cd "${WORKDIR}" || exit
262
261
263 # Set kernel configuration parameters to enable qemu emulation
262 # Set kernel configuration parameters to enable qemu emulation
264 if [ "$ENABLE_QEMU" = true ] ; then
263 if [ "$ENABLE_QEMU" = true ] ; then
265 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
264 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
266 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
265 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
267
266
268 if [ "$ENABLE_CRYPTFS" = true ] ; then
267 if [ "$ENABLE_CRYPTFS" = true ] ; then
269 {
268 {
270 echo "CONFIG_EMBEDDED=y"
269 echo "CONFIG_EMBEDDED=y"
271 echo "CONFIG_EXPERT=y"
270 echo "CONFIG_EXPERT=y"
272 echo "CONFIG_DAX=y"
271 echo "CONFIG_DAX=y"
273 echo "CONFIG_MD=y"
272 echo "CONFIG_MD=y"
274 echo "CONFIG_BLK_DEV_MD=y"
273 echo "CONFIG_BLK_DEV_MD=y"
275 echo "CONFIG_MD_AUTODETECT=y"
274 echo "CONFIG_MD_AUTODETECT=y"
276 echo "CONFIG_BLK_DEV_DM=y"
275 echo "CONFIG_BLK_DEV_DM=y"
277 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
276 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
278 echo "CONFIG_DM_CRYPT=y"
277 echo "CONFIG_DM_CRYPT=y"
279 echo "CONFIG_CRYPTO_BLKCIPHER=y"
278 echo "CONFIG_CRYPTO_BLKCIPHER=y"
280 echo "CONFIG_CRYPTO_CBC=y"
279 echo "CONFIG_CRYPTO_CBC=y"
281 echo "CONFIG_CRYPTO_XTS=y"
280 echo "CONFIG_CRYPTO_XTS=y"
282 echo "CONFIG_CRYPTO_SHA512=y"
281 echo "CONFIG_CRYPTO_SHA512=y"
283 echo "CONFIG_CRYPTO_MANAGER=y"
282 echo "CONFIG_CRYPTO_MANAGER=y"
284 } >> "${KERNEL_DIR}"/.config
283 } >> "${KERNEL_DIR}"/.config
285 fi
284 fi
286 fi
285 fi
287
286
288 # Copy custom kernel configuration file
287 # Copy custom kernel configuration file
289 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
288 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
290 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
289 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
291 fi
290 fi
292
291
293 # Set kernel configuration parameters to their default values
292 # Set kernel configuration parameters to their default values
294 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
293 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
295 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
294 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
296 fi
295 fi
297
296
298 # Start menu-driven kernel configuration (interactive)
297 # Start menu-driven kernel configuration (interactive)
299 if [ "$KERNEL_MENUCONFIG" = true ] ; then
298 if [ "$KERNEL_MENUCONFIG" = true ] ; then
300 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
299 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
301 fi
300 fi
302 # end if "$KERNELSRC_CONFIG" = true
301 # end if "$KERNELSRC_CONFIG" = true
303 fi
302 fi
304
303
305 # Use ccache to cross compile the kernel
304 # Use ccache to cross compile the kernel
306 if [ "$KERNEL_CCACHE" = true ] ; then
305 if [ "$KERNEL_CCACHE" = true ] ; then
307 cc="ccache ${CROSS_COMPILE}gcc"
306 cc="ccache ${CROSS_COMPILE}gcc"
308 else
307 else
309 cc="${CROSS_COMPILE}gcc"
308 cc="${CROSS_COMPILE}gcc"
310 fi
309 fi
311
310
312 # Cross compile kernel and dtbs
311 # Cross compile kernel and dtbs
313 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
312 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
314
313
315 # Cross compile kernel modules
314 # Cross compile kernel modules
316 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
315 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
317 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
316 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
318 fi
317 fi
319 # end if "$KERNELSRC_PREBUILT" = false
318 # end if "$KERNELSRC_PREBUILT" = false
320 fi
319 fi
321
320
322 # Check if kernel compilation was successful
321 # Check if kernel compilation was successful
323 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
322 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
324 echo "error: kernel compilation failed! (kernel image not found)"
323 echo "error: kernel compilation failed! (kernel image not found)"
325 cleanup
324 cleanup
326 exit 1
325 exit 1
327 fi
326 fi
328
327
329 # Install kernel modules
328 # Install kernel modules
330 if [ "$ENABLE_REDUCE" = true ] ; then
329 if [ "$ENABLE_REDUCE" = true ] ; then
331 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
330 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
332 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
331 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
333 fi
332 fi
334 else
333 else
335 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
334 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
336 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
335 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
337 fi
336 fi
338
337
339 # Install kernel firmware
338 # Install kernel firmware
340 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
339 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
341 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
340 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
342 fi
341 fi
343 fi
342 fi
344
343
345 # Install kernel headers
344 # Install kernel headers
346 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
345 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
347 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
346 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
348 fi
347 fi
349 # make tar.gz kernel package - missing os bzw. modules
348 # make tar.gz kernel package - missing os bzw. modules
350 #** ** ** WARNING ** ** **
349 #** ** ** WARNING ** ** **
351 #Your architecture did not define any architecture-dependent files
350 #Your architecture did not define any architecture-dependent files
352 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
351 #to be placed into the tarball. Please add those to ./scripts/package/buildtar .
353 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
352 # make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" targz-pkg
354
353
355 # Prepare boot (firmware) directory
354 # Prepare boot (firmware) directory
356 mkdir "${BOOT_DIR}"
355 mkdir "${BOOT_DIR}"
357
356
358 # Get kernel release version
357 # Get kernel release version
359 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
358 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
360
359
361 # Copy kernel configuration file to the boot directory
360 # Copy kernel configuration file to the boot directory
362 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
361 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
363
362
364 # Prepare device tree directory
363 # Prepare device tree directory
365 mkdir "${BOOT_DIR}/overlays"
364 mkdir "${BOOT_DIR}/overlays"
366
365
367 # Ensure the proper .dtb is located
366 # Ensure the proper .dtb is located
368 if [ "$KERNEL_ARCH" = "arm" ] ; then
367 if [ "$KERNEL_ARCH" = "arm" ] ; then
369 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
368 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
370 if [ -f "${dtb}" ] ; then
369 if [ -f "${dtb}" ] ; then
371 install_readonly "${dtb}" "${BOOT_DIR}/"
370 install_readonly "${dtb}" "${BOOT_DIR}/"
372 fi
371 fi
373 done
372 done
374 else
373 else
375 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
374 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
376 if [ -f "${dtb}" ] ; then
375 if [ -f "${dtb}" ] ; then
377 install_readonly "${dtb}" "${BOOT_DIR}/"
376 install_readonly "${dtb}" "${BOOT_DIR}/"
378 fi
377 fi
379 done
378 done
380 fi
379 fi
381
380
382 # Copy compiled dtb device tree files
381 # Copy compiled dtb device tree files
383 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
382 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
384 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
383 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
385 if [ -f "${dtb}" ] ; then
384 if [ -f "${dtb}" ] ; then
386 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
385 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
387 fi
386 fi
388 done
387 done
389
388
390 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
389 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
391 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
390 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
392 fi
391 fi
393 fi
392 fi
394
393
395 if [ "$ENABLE_UBOOT" = false ] ; then
394 if [ "$ENABLE_UBOOT" = false ] ; then
396 # Convert and copy kernel image to the boot directory
395 # Convert and copy kernel image to the boot directory
397 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
396 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
398 else
397 else
399 # Copy kernel image to the boot directory
398 # Copy kernel image to the boot directory
400 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
399 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
401 fi
400 fi
402
401
403 # Remove kernel sources
402 # Remove kernel sources
404 if [ "$KERNEL_REMOVESRC" = true ] ; then
403 if [ "$KERNEL_REMOVESRC" = true ] ; then
405 rm -fr "${KERNEL_DIR}"
404 rm -fr "${KERNEL_DIR}"
406 else
405 else
407 # Prepare compiled kernel modules
406 # Prepare compiled kernel modules
408 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
407 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
409 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
408 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
410 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
409 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
411 fi
410 fi
412
411
413 # Create symlinks for kernel modules
412 # Create symlinks for kernel modules
414 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
413 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
415 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
414 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
416 fi
415 fi
417 fi
416 fi
418
417
419 else # BUILD_KERNEL=false
418 else # BUILD_KERNEL=false
420 # echo Install precompiled kernel...
419 # echo Install precompiled kernel...
421 # echo error: not implemented
420 # echo error: not implemented
422 if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
421 if [ "$SET_ARCH" = 64 ] && { [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; } ; then
423
422
424 # Use Sakakis modified kernel if ZSWAP is active
423 # Use Sakakis modified kernel if ZSWAP is active
425 if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
424 if [ "$KERNEL_ZSWAP" = true ] || [ "$KERNEL_VIRT" = true ] || [ "$KERNEL_NF" = true ] || [ "$KERNEL_BPF" = true ] ; then
426 RPI3_64_KERNEL_URL=RPI3_64_BIS_KERNEL_URL
425 RPI3_64_KERNEL_URL=RPI3_64_BIS_KERNEL_URL
427 fi
426 fi
428
427
429 # Create temporary directory for dl
428 # Create temporary directory for dl
430 temp_dir=$(as_nobody mktemp -d)
429 temp_dir=$(as_nobody mktemp -d)
431
430
432 # Fetch kernel dl
431 # Fetch kernel dl
433 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
432 as_nobody wget -O "${temp_dir}"/kernel.tar.xz -c "$RPI3_64_KERNEL_URL"
434
433
435 #extract download
434 #extract download
436 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
435 tar -xJf "${temp_dir}"/kernel.tar.xz -C "${temp_dir}"
437
436
438 #move extracted kernel to /boot/firmware
437 #move extracted kernel to /boot/firmware
439 mkdir "${R}/boot/firmware"
438 mkdir "${R}/boot/firmware"
440 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
439 cp "${temp_dir}"/boot/* "${R}"/boot/firmware/
441 cp -r "${temp_dir}"/lib/* "${R}"/lib/
440 cp -r "${temp_dir}"/lib/* "${R}"/lib/
442
441
443 # Remove temporary directory for kernel sources
442 # Remove temporary directory for kernel sources
444 rm -fr "${temp_dir}"
443 rm -fr "${temp_dir}"
445
444
446 # Set permissions of the kernel sources
445 # Set permissions of the kernel sources
447 chown -R root:root "${R}/boot/firmware"
446 chown -R root:root "${R}/boot/firmware"
448 chown -R root:root "${R}/lib/modules"
447 chown -R root:root "${R}/lib/modules"
449 fi
448 fi
450
449
451 # INstall Kernel from hypriot comptabile with all Raspberry PI
450 # INstall Kernel from hypriot comptabile with all Raspberry PI
452 if [ "$SET_ARCH" = 32 ] ; then
451 if [ "$SET_ARCH" = 32 ] ; then
453 # Create temporary directory for dl
452 # Create temporary directory for dl
454 temp_dir=$(as_nobody mktemp -d)
453 temp_dir=$(as_nobody mktemp -d)
455
454
456 # Fetch kernel
455 # Fetch kernel
457 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
456 as_nobody wget -O "${temp_dir}"/kernel.deb -c "$RPI_32_KERNEL_URL"
458
457
459 # Copy downloaded U-Boot sources
458 # Copy downloaded U-Boot sources
460 mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
459 mv "${temp_dir}"/kernel.deb "${R}"/tmp/kernel.deb
461
460
462 # Set permissions
461 # Set permissions
463 chown -R root:root "${R}"/tmp/kernel.deb
462 chown -R root:root "${R}"/tmp/kernel.deb
464
463
465 # Install kernel
464 # Install kernel
466 chroot_exec dpkg -i /tmp/kernel.deb
465 chroot_exec dpkg -i /tmp/kernel.deb
467
466
468 # move /boot to /boot/firmware to fit script env.
467 # move /boot to /boot/firmware to fit script env.
469 #mkdir "${BOOT_DIR}"
468 #mkdir "${BOOT_DIR}"
470 mkdir "${temp_dir}"/firmware
469 mkdir "${temp_dir}"/firmware
471 mv "${R}"/boot/* "${temp_dir}"/firmware/
470 mv "${R}"/boot/* "${temp_dir}"/firmware/
472 mv "${temp_dir}"/firmware "${R}"/boot/
471 mv "${temp_dir}"/firmware "${R}"/boot/
473
472
474 #same for kernel headers
473 #same for kernel headers
475 if [ "$KERNEL_HEADERS" = true ] ; then
474 if [ "$KERNEL_HEADERS" = true ] ; then
476 # Fetch kernel header
475 # Fetch kernel header
477 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
476 as_nobody wget -O "${temp_dir}"/kernel-header.deb -c "$RPI_32_KERNELHEADER_URL"
478 mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
477 mv "${temp_dir}"/kernel-header.deb "${R}"/tmp/kernel-header.deb
479 chown -R root:root "${R}"/tmp/kernel-header.deb
478 chown -R root:root "${R}"/tmp/kernel-header.deb
480 # Install kernel header
479 # Install kernel header
481 chroot_exec dpkg -i /tmp/kernel-header.deb
480 chroot_exec dpkg -i /tmp/kernel-header.deb
482 rm -f "${R}"/tmp/kernel-header.deb
481 rm -f "${R}"/tmp/kernel-header.deb
483 fi
482 fi
484
483
485 # Remove temporary directory and files
484 # Remove temporary directory and files
486 rm -fr "${temp_dir}"
485 rm -fr "${temp_dir}"
487 rm -f "${R}"/tmp/kernel.deb
486 rm -f "${R}"/tmp/kernel.deb
488 fi
487 fi
489
488
490 # Check if kernel installation was successful
489 # Check if kernel installation was successful
491 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
490 KERNEL="$(ls -1 "${R}"/boot/firmware/kernel* | sort | tail -n 1)"
492 if [ -z "$KERNEL" ] ; then
491 if [ -z "$KERNEL" ] ; then
493 echo "error: kernel installation failed! (/boot/kernel* not found)"
492 echo "error: kernel installation failed! (/boot/kernel* not found)"
494 cleanup
493 cleanup
495 exit 1
494 exit 1
496 fi
495 fi
497 fi
496 fi
@@ -1,270 +1,270
1 #
1 #
2 # Setup RPi2/3 config and cmdline
2 # Setup RPi2/3 config and cmdline
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 if [ "$BUILD_KERNEL" = true ] ; then
8 #if [ "$BUILD_KERNEL" = true ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 # Install boot binaries from local directory
10 # Install boot binaries from local directory
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 else
18 else
19 # Create temporary directory for boot binaries
19 # Create temporary directory for boot binaries
20 temp_dir=$(as_nobody mktemp -d)
20 temp_dir=$(as_nobody mktemp -d)
21
21
22 # Install latest boot binaries from raspberry/firmware github
22 # Install latest boot binaries from raspberry/firmware github
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30
30
31 # Move downloaded boot binaries
31 # Move downloaded boot binaries
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
32 mv "${temp_dir}/"* "${BOOT_DIR}/"
33
33
34 # Remove temporary directory for boot binaries
34 # Remove temporary directory for boot binaries
35 rm -fr "${temp_dir}"
35 rm -fr "${temp_dir}"
36
36
37 # Set permissions of the boot binaries
37 # Set permissions of the boot binaries
38 chown -R root:root "${BOOT_DIR}"
38 chown -R root:root "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
39 chmod -R 600 "${BOOT_DIR}"
40 fi
40 fi
41 fi
41 #fi
42
42
43 # Setup firmware boot cmdline
43 # Setup firmware boot cmdline
44 if [ "$ENABLE_UBOOTUSB" = true ] ; then
44 if [ "$ENABLE_UBOOTUSB" = true ] ; then
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
46 else
46 else
47 if [ "$ENABLE_SPLITFS" = true ] ; then
47 if [ "$ENABLE_SPLITFS" = true ] ; then
48 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
48 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
49 else
49 else
50 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
50 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
51 fi
51 fi
52 fi
52 fi
53
53
54 # Add encrypted root partition to cmdline.txt
54 # Add encrypted root partition to cmdline.txt
55 if [ "$ENABLE_CRYPTFS" = true ] ; then
55 if [ "$ENABLE_CRYPTFS" = true ] ; then
56 if [ "$ENABLE_SPLITFS" = true ] ; then
56 if [ "$ENABLE_SPLITFS" = true ] ; then
57 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
57 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
58 else
58 else
59 if [ "$ENABLE_UBOOTUSB" = true ] ; then
59 if [ "$ENABLE_UBOOTUSB" = true ] ; then
60 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
60 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
61 else
61 else
62 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
62 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
63 fi
63 fi
64 fi
64 fi
65 fi
65 fi
66
66
67 if [ "$ENABLE_PRINTK" = true ] ; then
67 if [ "$ENABLE_PRINTK" = true ] ; then
68 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
68 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
69 fi
69 fi
70
70
71 # Install udev rule for serial alias - serial0 = console serial1=bluetooth
71 # Install udev rule for serial alias - serial0 = console serial1=bluetooth
72 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
72 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
73
73
74 # Remove IPv6 networking support
74 # Remove IPv6 networking support
75 if [ "$ENABLE_IPV6" = false ] ; then
75 if [ "$ENABLE_IPV6" = false ] ; then
76 CMDLINE="${CMDLINE} ipv6.disable=1"
76 CMDLINE="${CMDLINE} ipv6.disable=1"
77 fi
77 fi
78
78
79 # Automatically assign predictable network interface names
79 # Automatically assign predictable network interface names
80 if [ "$ENABLE_IFNAMES" = false ] ; then
80 if [ "$ENABLE_IFNAMES" = false ] ; then
81 CMDLINE="${CMDLINE} net.ifnames=0"
81 CMDLINE="${CMDLINE} net.ifnames=0"
82 else
82 else
83 CMDLINE="${CMDLINE} net.ifnames=1"
83 CMDLINE="${CMDLINE} net.ifnames=1"
84 fi
84 fi
85
85
86 # Install firmware config
86 # Install firmware config
87 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
87 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
88
88
89 #locks cpu at max frequency
89 #locks cpu at max frequency
90 if [ "$ENABLE_TURBO" = true ] ; then
90 if [ "$ENABLE_TURBO" = true ] ; then
91 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
91 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
92 # helps to avoid sdcard corruption when force_turbo is enabled.
92 # helps to avoid sdcard corruption when force_turbo is enabled.
93 echo "boot_delay=1" >> "${BOOT_DIR}/config.txt"
93 echo "boot_delay=1" >> "${BOOT_DIR}/config.txt"
94 fi
94 fi
95
95
96 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
96 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
97
97
98 # Bluetooth enabled
98 # Bluetooth enabled
99 if [ "$ENABLE_BLUETOOTH" = true ] ; then
99 if [ "$ENABLE_BLUETOOTH" = true ] ; then
100 # Create temporary directory for Bluetooth sources
100 # Create temporary directory for Bluetooth sources
101 temp_dir=$(as_nobody mktemp -d)
101 temp_dir=$(as_nobody mktemp -d)
102
102
103 # Fetch Bluetooth sources
103 # Fetch Bluetooth sources
104 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
104 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
105
105
106 # Copy downloaded sources
106 # Copy downloaded sources
107 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
107 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
108
108
109 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
109 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
110 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
110 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
111 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
111 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
112
112
113 # Set permissions
113 # Set permissions
114 chown -R root:root "${R}/tmp/pi-bluetooth"
114 chown -R root:root "${R}/tmp/pi-bluetooth"
115
115
116 # Install tools
116 # Install tools
117 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
117 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
118 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
118 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
119
119
120 # Install bluetooth udev rule
120 # Install bluetooth udev rule
121 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
121 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
122
122
123 # Install Firmware Flash file and apropiate licence
123 # Install Firmware Flash file and apropiate licence
124 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
124 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
125 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
125 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
126 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
126 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
127 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
127 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
128 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
128 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
129
129
130 # Remove temporary directory
130 # Remove temporary directory
131 rm -fr "${temp_dir}"
131 rm -fr "${temp_dir}"
132
132
133 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
133 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
134 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
134 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
135
135
136 # set overlay to swap ttyAMA0 and ttyS0
136 # set overlay to swap ttyAMA0 and ttyS0
137 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
137 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
138
138
139 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
139 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
140 if [ "$ENABLE_TURBO" = false ] ; then
140 if [ "$ENABLE_TURBO" = false ] ; then
141 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
141 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
142 fi
142 fi
143 fi
143 fi
144
144
145 # Activate services
145 # Activate services
146 chroot_exec systemctl enable pi-bluetooth.hciuart.service
146 chroot_exec systemctl enable pi-bluetooth.hciuart.service
147 chroot_exec systemctl enable pi-bluetooth.bthelper@serial1.service
147 chroot_exec systemctl enable pi-bluetooth.bthelper@serial1.service
148
148
149 else # if ENABLE_BLUETOOTH = false
149 else # if ENABLE_BLUETOOTH = false
150 # set overlay to disable bluetooth
150 # set overlay to disable bluetooth
151 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
151 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
152 fi # ENABLE_BLUETOOTH end
152 fi # ENABLE_BLUETOOTH end
153 fi
153 fi
154
154
155 # may need sudo systemctl disable hciuart
155 # may need sudo systemctl disable hciuart
156 if [ "$ENABLE_CONSOLE" = true ] ; then
156 if [ "$ENABLE_CONSOLE" = true ] ; then
157 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
157 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
158 # add string to cmdline
158 # add string to cmdline
159 CMDLINE="${CMDLINE} console=serial0,115200"
159 CMDLINE="${CMDLINE} console=serial0,115200"
160
160
161 # Enable serial console systemd style
161 # Enable serial console systemd style
162 chroot_exec systemctl enable serial-getty@serial0.service
162 chroot_exec systemctl enable serial-getty@serial0.service
163 else
163 else
164 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
164 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
165 # disable serial console systemd style
165 # disable serial console systemd style
166 #chroot_exec systemctl disable serial-getty@serial0.service
166 #chroot_exec systemctl disable serial-getty@serial0.service
167 fi
167 fi
168
168
169 # Remove cmdline.txt entry of starting zswap
169 # Remove cmdline.txt entry of starting zswap
170 if [ "$KERNEL_ZSWAP" = true ] ; then
170 if [ "$KERNEL_ZSWAP" = true ] ; then
171 CMDLINE="${CMDLINE} zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4"
171 CMDLINE="${CMDLINE} zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4"
172 fi
172 fi
173
173
174 if [ "$ENABLE_SYSTEMDSWAP" = true ] ; then
174 if [ "$ENABLE_SYSTEMDSWAP" = true ] ; then
175
175
176 # Remove cmdline.txt entry of starting zswap
176 # Remove cmdline.txt entry of starting zswap
177 if [ "$KERNEL_ZSWAP" = true ] ; then
177 if [ "$KERNEL_ZSWAP" = true ] ; then
178 sed -i 's|zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4||g'
178 sed -i 's|zswap.enabled=1 zswap.max_pool_percent=25 zswap.compressor=lz4||g'
179 fi
179 fi
180 # Create temporary directory for systemd-swap sources
180 # Create temporary directory for systemd-swap sources
181 temp_dir=$(as_nobody mktemp -d)
181 temp_dir=$(as_nobody mktemp -d)
182
182
183 # Fetch systemd-swap sources
183 # Fetch systemd-swap sources
184 as_nobody git -C "${temp_dir}" clone "${ZSWAP_URL}"
184 as_nobody git -C "${temp_dir}" clone "${ZSWAP_URL}"
185
185
186 # Copy downloaded systemd-swap sources
186 # Copy downloaded systemd-swap sources
187 mv "${temp_dir}/systemd-swap" "${R}/tmp/"
187 mv "${temp_dir}/systemd-swap" "${R}/tmp/"
188
188
189 # Set permissions of the systemd-swap sources
189 # Set permissions of the systemd-swap sources
190 chown -R root:root "${R}/tmp/systemd-swap"
190 chown -R root:root "${R}/tmp/systemd-swap"
191
191
192 # Remove temporary directory for systemd-swap sources
192 # Remove temporary directory for systemd-swap sources
193 rm -fr "${temp_dir}"
193 rm -fr "${temp_dir}"
194
194
195 # Change into downloaded src dir
195 # Change into downloaded src dir
196 cd "${R}/tmp/systemd-swap" || exit
196 cd "${R}/tmp/systemd-swap" || exit
197
197
198 # Build package
198 # Build package
199 . ./systemd-swap/package.sh debian
199 . ./systemd-swap/package.sh debian
200
200
201 # Install package
201 # Install package
202 chroot_exec dpkg -i /tmp/systemd-swap/systemd-swap-*any.deb
202 chroot_exec dpkg -i /tmp/systemd-swap/systemd-swap-*any.deb
203
203
204 # Enable service
204 # Enable service
205 chroot_exec systemctl enable systemd-swap
205 chroot_exec systemctl enable systemd-swap
206
206
207 # Change back into script root dir
207 # Change back into script root dir
208 cd "${WORKDIR}" || exit
208 cd "${WORKDIR}" || exit
209 fi
209 fi
210
210
211 # Install firmware boot cmdline
211 # Install firmware boot cmdline
212 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
212 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
213
213
214 # Setup minimal GPU memory allocation size: 16MB (no X)
214 # Setup minimal GPU memory allocation size: 16MB (no X)
215 if [ "$ENABLE_MINGPU" = true ] ; then
215 if [ "$ENABLE_MINGPU" = true ] ; then
216 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
216 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
217 fi
217 fi
218
218
219 # Setup boot with initramfs
219 # Setup boot with initramfs
220 if [ "$ENABLE_INITRAMFS" = true ] ; then
220 if [ "$ENABLE_INITRAMFS" = true ] ; then
221 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
221 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
222 fi
222 fi
223
223
224 # Create firmware configuration and cmdline symlinks
224 # Create firmware configuration and cmdline symlinks
225 ln -sf firmware/config.txt "${R}/boot/config.txt"
225 ln -sf firmware/config.txt "${R}/boot/config.txt"
226 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
226 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
227
227
228 # Install and setup kernel modules to load at boot
228 # Install and setup kernel modules to load at boot
229 mkdir -p "${LIB_DIR}/modules-load.d/"
229 mkdir -p "${LIB_DIR}/modules-load.d/"
230 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
230 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
231
231
232 # Load hardware random module at boot
232 # Load hardware random module at boot
233 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
233 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
234 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
234 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
235 fi
235 fi
236
236
237 # Load sound module at boot
237 # Load sound module at boot
238 if [ "$ENABLE_SOUND" = true ] ; then
238 if [ "$ENABLE_SOUND" = true ] ; then
239 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
239 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
240 else
240 else
241 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
241 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
242 fi
242 fi
243
243
244 # Enable I2C interface
244 # Enable I2C interface
245 if [ "$ENABLE_I2C" = true ] ; then
245 if [ "$ENABLE_I2C" = true ] ; then
246 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
246 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
247 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
247 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
248 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
248 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
249 fi
249 fi
250
250
251 # Enable SPI interface
251 # Enable SPI interface
252 if [ "$ENABLE_SPI" = true ] ; then
252 if [ "$ENABLE_SPI" = true ] ; then
253 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
253 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
254 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
254 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
255 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
255 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
256 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
256 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
257 fi
257 fi
258 fi
258 fi
259
259
260 # Disable RPi2/3 under-voltage warnings
260 # Disable RPi2/3 under-voltage warnings
261 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
261 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
262 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
262 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
263 fi
263 fi
264
264
265 # Install kernel modules blacklist
265 # Install kernel modules blacklist
266 mkdir -p "${ETC_DIR}/modprobe.d/"
266 mkdir -p "${ETC_DIR}/modprobe.d/"
267 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
267 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
268
268
269 # Install sysctl.d configuration files
269 # Install sysctl.d configuration files
270 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
270 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
@@ -1,95 +1,100
1 #!/bin/sh
1 #!/bin/sh
2 #
2 #
3 # Build and Setup nexmon with monitor mode patch
3 # Build and Setup nexmon with monitor mode patch
4 #
4 #
5
5
6 # Load utility functions
6 # Load utility functions
7 . ./functions.sh
7 . ./functions.sh
8
8
9 if [ "$ENABLE_NEXMON" = true ] && [ "$ENABLE_WIRELESS" = true ]; then
9 if [ "$ENABLE_NEXMON" = true ] && [ "$ENABLE_WIRELESS" = true ]; then
10
10 # Copy existing nexmon sources into chroot directory
11 if [ -n "$NEXMONSRC_DIR" ] && [ -d "$NEXMONSRC_DIR" ] ; then
12 # Copy local U-Boot sources
13 cp -r "${NEXMONSRC_DIR}" "${R}/tmp"
14 else
11 # Create temporary directory for nexmon sources
15 # Create temporary directory for nexmon sources
12 temp_dir=$(as_nobody mktemp -d)
16 temp_dir=$(as_nobody mktemp -d)
13
17
14 # Fetch nexmon sources
18 # Fetch nexmon sources
15 as_nobody git -C "${temp_dir}" clone "${NEXMON_URL}"
19 as_nobody git -C "${temp_dir}" clone "${NEXMON_URL}"
16
20
17 # Copy downloaded nexmon sources
21 # Copy downloaded nexmon sources
18 mv "${temp_dir}/nexmon" "${R}"/tmp/
22 mv "${temp_dir}/nexmon" "${R}"/tmp/
19
23
20 # Set permissions of the nexmon sources
24 # Set permissions of the nexmon sources
21 chown -R root:root "${R}"/tmp/nexmon
25 chown -R root:root "${R}"/tmp/nexmon
22
26
23 # Set script Root
24 export NEXMON_ROOT="${R}"/tmp/nexmon
25
26 # Remove temporary directory for nexmon sources
27 # Remove temporary directory for nexmon sources
27 rm -fr "${temp_dir}"
28 rm -fr "${temp_dir}"
29 fi
30
31 # Set script Root
32 export NEXMON_ROOT="${R}"/tmp/nexmon
28
33
29 # Build nexmon firmware outside the build system, if we can.
34 # Build nexmon firmware outside the build system, if we can.
30 cd "${NEXMON_ROOT}" || exit
35 cd "${NEXMON_ROOT}" || exit
31
36
37 # Make ancient isl build
38 cd buildtools/isl-0.10 || exit
39 CC="${CC}"gcc
40 ./configure
41 make
42
32 # Disable statistics
43 # Disable statistics
33 touch DISABLE_STATISTICS
44 touch DISABLE_STATISTICS
34
45
35 # Setup Enviroment: see https://github.com/NoobieDog/nexmon/blob/master/setup_env.sh
46 # Setup Enviroment: see https://github.com/NoobieDog/nexmon/blob/master/setup_env.sh
36 #ARCH="${KERNEL_ARCH}"
47 #ARCH="${KERNEL_ARCH}"
37 #SUBARCH="${KERNEL_ARCH}"
48 #SUBARCH="${KERNEL_ARCH}"
38 export KERNEL="${KERNEL_IMAGE}"
49 export KERNEL="${KERNEL_IMAGE}"
39 export ARCH=arm
50 export ARCH=arm
40 export SUBARCH=arm
51 export SUBARCH=arm
41 export CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
52 export CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
42 export CCPLUGIN="${NEXMON_ROOT}"/buildtools/gcc-nexmon-plugin/nexmon.so
53 export CCPLUGIN="${NEXMON_ROOT}"/buildtools/gcc-nexmon-plugin/nexmon.so
43 export ZLIBFLATE="zlib-flate -compress"
54 export ZLIBFLATE="zlib-flate -compress"
44 export Q=@
55 export Q=@
45 export NEXMON_SETUP_ENV=1
56 export NEXMON_SETUP_ENV=1
46 export HOSTUNAME=$(uname -s)
57 export HOSTUNAME=$(uname -s)
47 export PLATFORMUNAME=$(uname -m)
58 export PLATFORMUNAME=$(uname -m)
48 #. ./setup_env.sh
59 #. ./setup_env.sh
49
60
50 # Make nexmon
61 # Make nexmon
51 make
62 make
52
63
53 # Make ancient isl build
54 cd buildtools/isl-0.10 || exit
55 CC="${CC}"gcc
56 ./configure
57 make
58
59 # Backup stock broadcom wlan driver - "${LIB_DIR}"/modules/${KERNEL_VERSION}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
64 # Backup stock broadcom wlan driver - "${LIB_DIR}"/modules/${KERNEL_VERSION}/kernel/drivers/net/wireless/broadcom/brcm80211/brcmfmac/brcmfmac.ko
60 brcmfmac_path=$(modinfo brcmfmac | grep -m 1 -oP "^filename:(\s*?)(.*)$" | sed -e 's/^filename:\(\s*\)\(.*\)$/\2/g')
65 brcmfmac_path=$(modinfo brcmfmac | grep -m 1 -oP "^filename:(\s*?)(.*)$" | sed -e 's/^filename:\(\s*\)\(.*\)$/\2/g')
61 mv "${brcmfmac_path}" "${brcmfmac_path}".orig
66 mv "${brcmfmac_path}" "${brcmfmac_path}".orig
62
67
63 # build patches
68 # build patches
64 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] ; then
69 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] ; then
65 cd "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon || exit
70 cd "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon || exit
66 make clean
71 make clean
67
72
68 # We do this so we don't have to install the ancient isl version into /usr/local/lib on systems.
73 # We do this so we don't have to install the ancient isl version into /usr/local/lib on systems.
69 LD_LIBRARY_PATH="${NEXMON_ROOT}"/buildtools/isl-0.10/.libs make ARCH="${KERNEL_ARCH}" CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
74 LD_LIBRARY_PATH="${NEXMON_ROOT}"/buildtools/isl-0.10/.libs make ARCH="${KERNEL_ARCH}" CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
70
75
71 # copy RPi0W & RPi3 firmware
76 # copy RPi0W & RPi3 firmware
72 mv "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.org.bin
77 mv "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.org.bin
73 cp "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.nexmon.bin
78 cp "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.nexmon.bin
74 cp -f "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.bin
79 cp -f "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac43430-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43430-sdio.bin
75
80
76 cp "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac_4.14.y-nexmon/brcmfmac.ko "${brcmfmac_path}"
81 cp "${NEXMON_ROOT}"/patches/bcm43430a1/7_45_41_46/nexmon/brcmfmac_4.14.y-nexmon/brcmfmac.ko "${brcmfmac_path}"
77 fi
82 fi
78
83
79 if [ "$RPI_MODEL" = 3P ] ; then
84 if [ "$RPI_MODEL" = 3P ] ; then
80 cd "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon || exit
85 cd "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon || exit
81 make clean
86 make clean
82
87
83 # We do this so we don't have to install the ancient isl version into /usr/local/lib on systems.
88 # We do this so we don't have to install the ancient isl version into /usr/local/lib on systems.
84 LD_LIBRARY_PATH=${NEXMON_ROOT}/buildtools/isl-0.10/.libs make ARCH="${KERNEL_ARCH}" CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
89 LD_LIBRARY_PATH=${NEXMON_ROOT}/buildtools/isl-0.10/.libs make ARCH="${KERNEL_ARCH}" CC="${NEXMON_ROOT}"/buildtools/gcc-arm-none-eabi-5_4-2016q2-linux-x86/bin/arm-none-eabi-
85
90
86 # RPi3B+ firmware
91 # RPi3B+ firmware
87 mv "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.org.bin
92 mv "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.org.bin
88 cp "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.nexmon.bin
93 cp "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.nexmon.bin
89 cp -f "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.bin
94 cp -f "${NEXMON_ROOT}"/patches/bcm43455c0/7_45_154/nexmon/brcmfmac43455-sdio.bin "${WLAN_FIRMWARE_DIR}"/brcmfmac43455-sdio.bin
90 fi
95 fi
91
96
92 #Revert to previous directory
97 #Revert to previous directory
93 cd "${WORKDIR}" || exit
98 cd "${WORKDIR}" || exit
94
99
95 fi
100 fi
@@ -1,847 +1,852
1 #!/bin/sh
1 #!/bin/sh
2 ########################################################################
2 ########################################################################
3 # rpi23-gen-image.sh 2015-2017
3 # rpi23-gen-image.sh 2015-2017
4 #
4 #
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
5 # Advanced Debian "stretch" and "buster" bootstrap script for RPi2/3
6 #
6 #
7 # This program is free software; you can redistribute it and/or
7 # This program is free software; you can redistribute it and/or
8 # modify it under the terms of the GNU General Public License
8 # modify it under the terms of the GNU General Public License
9 # as published by the Free Software Foundation; either version 2
9 # as published by the Free Software Foundation; either version 2
10 # of the License, or (at your option) any later version.
10 # of the License, or (at your option) any later version.
11 #
11 #
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 #
13 #
14 # Big thanks for patches and enhancements by 20+ github contributors!
14 # Big thanks for patches and enhancements by 20+ github contributors!
15 ########################################################################
15 ########################################################################
16
16
17 # Are we running as root?
17 # Are we running as root?
18 if [ "$(id -u)" -ne "0" ] ; then
18 if [ "$(id -u)" -ne "0" ] ; then
19 echo "error: this script must be executed with root privileges!"
19 echo "error: this script must be executed with root privileges!"
20 exit 1
20 exit 1
21 fi
21 fi
22
22
23 # Check if ./functions.sh script exists
23 # Check if ./functions.sh script exists
24 if [ ! -r "./functions.sh" ] ; then
24 if [ ! -r "./functions.sh" ] ; then
25 echo "error: './functions.sh' required script not found!"
25 echo "error: './functions.sh' required script not found!"
26 exit 1
26 exit 1
27 fi
27 fi
28
28
29 # Load utility functions
29 # Load utility functions
30 . ./functions.sh
30 . ./functions.sh
31
31
32 # Load parameters from configuration template file
32 # Load parameters from configuration template file
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 use_template
34 use_template
35 fi
35 fi
36
36
37 # Introduce settings
37 # Introduce settings
38 set -e
38 set -e
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
39 echo -n -e "\n#\n# RPi2/3 Bootstrap Settings\n#\n"
40 set -x
40 set -x
41
41
42 # Raspberry Pi model configuration
42 # Raspberry Pi model configuration
43 RPI_MODEL=${RPI_MODEL:=2}
43 RPI_MODEL=${RPI_MODEL:=2}
44
44
45 # Debian release
45 # Debian release
46 RELEASE=${RELEASE:=buster}
46 RELEASE=${RELEASE:=buster}
47
47
48 # Kernel Branch
48 # Kernel Branch
49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
50
50
51 # URLs
51 # URLs
52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
59 #BIS= Kernel has KVM and zswap enabled
59 #BIS= Kernel has KVM and zswap enabled
60 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
60 RPI3_64_BIS_KERNEL_URL=${RPI3_64_BIS_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel-bis/releases/download/4.14.80.20181113/bcmrpi3-kernel-bis-4.14.80.20181113.tar.xz}
61 #default bcmrpi3_defconfig target kernel
61 #default bcmrpi3_defconfig target kernel
62 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
62 RPI3_64_DEF_KERNEL_URL=${RPI3_64_DEF_KERNEL_URL:=https://github.com/sakaki-/bcmrpi3-kernel/releases/download/4.14.80.20181113/bcmrpi3-kernel-4.14.80.20181113.tar.xz}
63 #enhanced kernel
63 #enhanced kernel
64 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
64 RPI3_64_KERNEL_URL=${RPI3_64_KERNEL_URL:=$RPI3_64_DEF_KERNEL_URL}
65 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
65 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
66 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
66 NEXMON_URL=${NEXMON_URL:=https://github.com/seemoo-lab/nexmon.git}
67 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
67 SYSTEMDSWAP_URL=${SYSTEMDSWAP_URL:=https://github.com/Nefelim4ag/systemd-swap.git}
68 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
68 RPI_32_KERNEL_URL=${RPI_32_KERNEL_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel_20180422-141901_armhf.deb}
69 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
69 RPI_32_KERNELHEADER_URL=${RPI_32_KERNELHEADER_URL:=https://github.com/hypriot/rpi-kernel/releases/download/v4.14.34/raspberrypi-kernel-headers_20180422-141901_armhf.deb}
70
70
71 # Build directories
71 # Build directories
72 WORKDIR=$(pwd)
72 WORKDIR=$(pwd)
73 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
73 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
74 BUILDDIR="${BASEDIR}/build"
74 BUILDDIR="${BASEDIR}/build"
75
75
76 # Chroot directories
76 # Chroot directories
77 R="${BUILDDIR}/chroot"
77 R="${BUILDDIR}/chroot"
78 ETC_DIR="${R}/etc"
78 ETC_DIR="${R}/etc"
79 LIB_DIR="${R}/lib"
79 LIB_DIR="${R}/lib"
80 BOOT_DIR="${R}/boot/firmware"
80 BOOT_DIR="${R}/boot/firmware"
81 KERNEL_DIR="${R}/usr/src/linux"
81 KERNEL_DIR="${R}/usr/src/linux"
82 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
82 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
83 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
83 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
84
84
85 # Firmware directory: Blank if download from github
85 # Firmware directory: Blank if download from github
86 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
86 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
87
87
88 # General settings
88 # General settings
89 SET_ARCH=${SET_ARCH:=32}
89 SET_ARCH=${SET_ARCH:=32}
90 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
90 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
91 PASSWORD=${PASSWORD:=raspberry}
91 PASSWORD=${PASSWORD:=raspberry}
92 USER_PASSWORD=${USER_PASSWORD:=raspberry}
92 USER_PASSWORD=${USER_PASSWORD:=raspberry}
93 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
93 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
94 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
94 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
95 EXPANDROOT=${EXPANDROOT:=true}
95 EXPANDROOT=${EXPANDROOT:=true}
96
96
97 # Keyboard settings
97 # Keyboard settings
98 XKB_MODEL=${XKB_MODEL:=""}
98 XKB_MODEL=${XKB_MODEL:=""}
99 XKB_LAYOUT=${XKB_LAYOUT:=""}
99 XKB_LAYOUT=${XKB_LAYOUT:=""}
100 XKB_VARIANT=${XKB_VARIANT:=""}
100 XKB_VARIANT=${XKB_VARIANT:=""}
101 XKB_OPTIONS=${XKB_OPTIONS:=""}
101 XKB_OPTIONS=${XKB_OPTIONS:=""}
102
102
103 # Network settings (DHCP)
103 # Network settings (DHCP)
104 ENABLE_DHCP=${ENABLE_DHCP:=true}
104 ENABLE_DHCP=${ENABLE_DHCP:=true}
105
105
106 # Network settings (static)
106 # Network settings (static)
107 NET_ADDRESS=${NET_ADDRESS:=""}
107 NET_ADDRESS=${NET_ADDRESS:=""}
108 NET_GATEWAY=${NET_GATEWAY:=""}
108 NET_GATEWAY=${NET_GATEWAY:=""}
109 NET_DNS_1=${NET_DNS_1:=""}
109 NET_DNS_1=${NET_DNS_1:=""}
110 NET_DNS_2=${NET_DNS_2:=""}
110 NET_DNS_2=${NET_DNS_2:=""}
111 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
111 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
112 NET_NTP_1=${NET_NTP_1:=""}
112 NET_NTP_1=${NET_NTP_1:=""}
113 NET_NTP_2=${NET_NTP_2:=""}
113 NET_NTP_2=${NET_NTP_2:=""}
114
114
115 # APT settings
115 # APT settings
116 APT_PROXY=${APT_PROXY:=""}
116 APT_PROXY=${APT_PROXY:=""}
117 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
117 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
118
118
119 # Feature settings
119 # Feature settings
120 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
120 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
121 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
121 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
122 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
122 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
123 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
123 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
124 ENABLE_I2C=${ENABLE_I2C:=false}
124 ENABLE_I2C=${ENABLE_I2C:=false}
125 ENABLE_SPI=${ENABLE_SPI:=false}
125 ENABLE_SPI=${ENABLE_SPI:=false}
126 ENABLE_IPV6=${ENABLE_IPV6:=true}
126 ENABLE_IPV6=${ENABLE_IPV6:=true}
127 ENABLE_SSHD=${ENABLE_SSHD:=true}
127 ENABLE_SSHD=${ENABLE_SSHD:=true}
128 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
128 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
129 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
129 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
130 ENABLE_SOUND=${ENABLE_SOUND:=true}
130 ENABLE_SOUND=${ENABLE_SOUND:=true}
131 ENABLE_DBUS=${ENABLE_DBUS:=true}
131 ENABLE_DBUS=${ENABLE_DBUS:=true}
132 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
132 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
133 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
133 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
134 ENABLE_XORG=${ENABLE_XORG:=false}
134 ENABLE_XORG=${ENABLE_XORG:=false}
135 ENABLE_WM=${ENABLE_WM:=""}
135 ENABLE_WM=${ENABLE_WM:=""}
136 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
136 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
137 ENABLE_USER=${ENABLE_USER:=true}
137 ENABLE_USER=${ENABLE_USER:=true}
138 USER_NAME=${USER_NAME:="pi"}
138 USER_NAME=${USER_NAME:="pi"}
139 ENABLE_ROOT=${ENABLE_ROOT:=false}
139 ENABLE_ROOT=${ENABLE_ROOT:=false}
140 ENABLE_QEMU=${ENABLE_QEMU:=false}
140 ENABLE_QEMU=${ENABLE_QEMU:=false}
141 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
141 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
142
142
143 # SSH settings
143 # SSH settings
144 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
144 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
145 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
145 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
146 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
146 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
147 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
147 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
148 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
148 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
149
149
150 # Advanced settings
150 # Advanced settings
151 ENABLE_SYSTEMDSWAP=${ENABLE_MINBASE:=false}
151 ENABLE_SYSTEMDSWAP=${ENABLE_MINBASE:=false}
152 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
152 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
153 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
153 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
154 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
154 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
155 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
155 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
156 ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
156 ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
157 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
157 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
158 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
158 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
159 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
159 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
160 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
160 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
161 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
161 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
162 NEXMON_DIR=${NEXMON_DIR:=""}
162 NEXMONSRC_DIR=${NEXMONSRC_DIR:=""}
163 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
163 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
164 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
164 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
165 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
165 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
166 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
166 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
167 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
167 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
168 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
168 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
169
169
170 # Kernel compilation settings
170 # Kernel compilation settings
171 BUILD_KERNEL=${BUILD_KERNEL:=true}
171 BUILD_KERNEL=${BUILD_KERNEL:=true}
172 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
172 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
173 KERNEL_THREADS=${KERNEL_THREADS:=1}
173 KERNEL_THREADS=${KERNEL_THREADS:=1}
174 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
174 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
175 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
175 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
176 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
176 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
177 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
177 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
178 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
178 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
179 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
179 KERNEL_ZSWAP=${KERNEL_ZSWAP:=false}
180 KERNEL_VIRT=${KERNEL_VIRT:=false}
180 KERNEL_VIRT=${KERNEL_VIRT:=false}
181 KERNEL_BPF=${KERNEL_BPF:=false}
181 KERNEL_BPF=${KERNEL_BPF:=false}
182 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=POWERSAVE}
182 KERNEL_DEFAULT_GOV=${KERNEL_DEFAULT_GOV:=POWERSAVE}
183
183
184 # Kernel compilation from source directory settings
184 # Kernel compilation from source directory settings
185 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
185 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
186 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
186 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
187 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
187 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
188 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
188 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
189
189
190 # Reduce disk usage settings
190 # Reduce disk usage settings
191 REDUCE_APT=${REDUCE_APT:=true}
191 REDUCE_APT=${REDUCE_APT:=true}
192 REDUCE_DOC=${REDUCE_DOC:=true}
192 REDUCE_DOC=${REDUCE_DOC:=true}
193 REDUCE_MAN=${REDUCE_MAN:=true}
193 REDUCE_MAN=${REDUCE_MAN:=true}
194 REDUCE_VIM=${REDUCE_VIM:=false}
194 REDUCE_VIM=${REDUCE_VIM:=false}
195 REDUCE_BASH=${REDUCE_BASH:=false}
195 REDUCE_BASH=${REDUCE_BASH:=false}
196 REDUCE_HWDB=${REDUCE_HWDB:=true}
196 REDUCE_HWDB=${REDUCE_HWDB:=true}
197 REDUCE_SSHD=${REDUCE_SSHD:=true}
197 REDUCE_SSHD=${REDUCE_SSHD:=true}
198 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
198 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
199
199
200 # Encrypted filesystem settings
200 # Encrypted filesystem settings
201 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
201 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
202 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
202 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
203 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
203 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
204 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
204 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
205 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
205 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
206 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
206 #Dropbear-initramfs supports unlocking encrypted filesystem via SSH on bootup
207 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
207 CRYPTFS_DROPBEAR=${CRYPTFS_DROPBEAR:=false}
208 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
208 #Provide your own Dropbear Public RSA-OpenSSH Key otherwise it will be generated
209 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
209 CRYPTFS_DROPBEAR_PUBKEY=${CRYPTFS_DROPBEAR_PUBKEY:=""}
210
210
211 # Chroot scripts directory
211 # Chroot scripts directory
212 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
212 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
213
213
214 # Packages required in the chroot build environment
214 # Packages required in the chroot build environment
215 APT_INCLUDES=${APT_INCLUDES:=""}
215 APT_INCLUDES=${APT_INCLUDES:=""}
216 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
216 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
217
217
218 #Packages to exclude from chroot build environment
218 #Packages to exclude from chroot build environment
219 APT_EXCLUDES=${APT_EXCLUDES:=""}
219 APT_EXCLUDES=${APT_EXCLUDES:=""}
220
220
221 # Packages required for bootstrapping
221 # Packages required for bootstrapping
222 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
222 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo netselect-apt"
223 MISSING_PACKAGES=""
223 MISSING_PACKAGES=""
224
224
225 # Packages installed for c/c++ build environment in chroot (keep empty)
225 # Packages installed for c/c++ build environment in chroot (keep empty)
226 COMPILER_PACKAGES=""
226 COMPILER_PACKAGES=""
227
227
228 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
228 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
229 APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
229 APT_CACHER_RUNNING=$(lsof -i :3142 | cut -d ' ' -f3 | uniq | sed '/^\s*$/d')
230 if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
230 if [ "${APT_CACHER_RUNNING}" = "apt-cacher-ng" ] ; then
231 APT_PROXY=http://127.0.0.1:3142/
231 APT_PROXY=http://127.0.0.1:3142/
232 fi
232 fi
233
233
234 #netselect-apt does not know buster yet
234 #netselect-apt does not know buster yet
235 if [ "$RELEASE" = "buster" ] ; then
235 if [ "$RELEASE" = "buster" ] ; then
236 RLS=testing
236 RLS=testing
237 else
237 else
238 RLS="$RELEASE"
238 RLS="$RELEASE"
239 fi
239 fi
240
240
241 if [ -f "$(pwd)/files/apt/sources.list" ] ; then
241 if [ -f "$(pwd)/files/apt/sources.list" ] ; then
242 rm "$(pwd)/files/apt/sources.list"
242 rm "$(pwd)/files/apt/sources.list"
243 fi
243 fi
244
244
245 if [ "$ENABLE_NONFREE" = true ] ; then
245 if [ "$ENABLE_NONFREE" = true ] ; then
246 netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --nonfree --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
246 netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --nonfree --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
247 else
247 else
248 netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
248 netselect-apt --arch "$RELEASE_ARCH" -t 3 --sources --outfile "$(pwd)/files/apt/sources.list" -d "$RLS"
249 fi
249 fi
250
250
251 #sed and cut the result string so we can use it as APT_SERVER
251 #sed and cut the result string so we can use it as APT_SERVER
252 APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3 | sed 's|/$|''|')
252 APT_SERVER=$(grep -m 1 http files/apt/sources.list | sed "s|http://| |g" | cut -d ' ' -f 3 | sed 's|/$|''|')
253
253
254 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
254 #make script easier and more stable to use with convenient setup switch. Just setup SET_ARCH and RPI_MODEL and your good to go!
255 if [ -n "$SET_ARCH" ] ; then
255 if [ -n "$SET_ARCH" ] ; then
256 # 64 bit configuration
256 # 64 bit configuration
257 if [ "$SET_ARCH" = 64 ] ; then
257 if [ "$SET_ARCH" = 64 ] ; then
258 # General 64 bit depended settings
258 # General 64 bit depended settings
259 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
259 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
260 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
260 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
261 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
261 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
262
262
263 # Board specific settings
263 # Board specific settings
264 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
264 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
265 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
265 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
266 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
266 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
267 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
267 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
268 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
268 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
269 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
269 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
270 else
270 else
271 echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
271 echo "error: Only Raspberry PI 3 and 3B+ support 64 bit"
272 exit 1
272 exit 1
273 fi
273 fi
274 fi
274 fi
275
275
276 # 32 bit configuration
276 # 32 bit configuration
277 if [ "$SET_ARCH" = 32 ] ; then
277 if [ "$SET_ARCH" = 32 ] ; then
278 # General 32 bit dependend settings
278 # General 32 bit dependend settings
279 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
279 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
280 KERNEL_ARCH=${KERNEL_ARCH:=arm}
280 KERNEL_ARCH=${KERNEL_ARCH:=arm}
281 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
281 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
282
282
283 # Hardware specific settings
283 # Hardware specific settings
284 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
284 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
285 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
285 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
286 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
286 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
287 RELEASE_ARCH=${RELEASE_ARCH:=armel}
287 RELEASE_ARCH=${RELEASE_ARCH:=armel}
288 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
288 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
289 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
289 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
290 fi
290 fi
291
291
292 # Hardware specific settings
292 # Hardware specific settings
293 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
293 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
294 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
294 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
295 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
295 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
296 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
296 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
297 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
297 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
298 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
298 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
299 fi
299 fi
300 fi
300 fi
301 #SET_ARCH not set
301 #SET_ARCH not set
302 else
302 else
303 echo "error: Please set '32' or '64' as value for SET_ARCH"
303 echo "error: Please set '32' or '64' as value for SET_ARCH"
304 exit 1
304 exit 1
305 fi
305 fi
306 # Device specific configuration and U-Boot configuration
306 # Device specific configuration and U-Boot configuration
307 case "$RPI_MODEL" in
307 case "$RPI_MODEL" in
308 0)
308 0)
309 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
309 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
310 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
310 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
311 ;;
311 ;;
312 1)
312 1)
313 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
313 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
314 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
314 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
315 ;;
315 ;;
316 1P)
316 1P)
317 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
317 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
318 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
318 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
319 ;;
319 ;;
320 2)
320 2)
321 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
321 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
322 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
322 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
323 ;;
323 ;;
324 3)
324 3)
325 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
325 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
326 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
326 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
327 ;;
327 ;;
328 3P)
328 3P)
329 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
329 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
330 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
330 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
331 ;;
331 ;;
332 *)
332 *)
333 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
333 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
334 exit 1
334 exit 1
335 ;;
335 ;;
336 esac
336 esac
337
337
338 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
338 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
339 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
339 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
340 # Include bluetooth packages on supported boards
340 # Include bluetooth packages on supported boards
341 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
341 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
342 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
342 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
343 fi
343 fi
344 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
344 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
345 # Check if the internal wireless interface is not supported by the RPi model
345 # Check if the internal wireless interface is not supported by the RPi model
346 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
346 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
347 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
347 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
348 exit 1
348 exit 1
349 fi
349 fi
350 fi
350 fi
351
351
352 # Prepare date string for default image file name
352 # Prepare date string for default image file name
353 DATE="$(date +%Y-%m-%d)"
353 DATE="$(date +%Y-%m-%d)"
354 if [ -z "$KERNEL_BRANCH" ] ; then
354 if [ -z "$KERNEL_BRANCH" ] ; then
355 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
355 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
356 else
356 else
357 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
357 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
358 fi
358 fi
359
359
360 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
360 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
361 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
361 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
362 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
362 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
363 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
363 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
364 exit 1
364 exit 1
365 fi
365 fi
366 fi
366 fi
367
367
368 set +x
368 set +x
369
369
370 # Add cmake to compile videocore sources
370 # Add cmake to compile videocore sources
371 if [ "$ENABLE_VIDEOCORE" = true ] ; then
371 if [ "$ENABLE_VIDEOCORE" = true ] ; then
372 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
372 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
373 fi
373 fi
374
374
375 # Add deps for nexmon
376 if [ "$ENABLE_NEXMON" = true ] ; then
377 REQUIRED_PACKAGES="${REQUIRED_PACKAGES},libgmp3-dev,gawk,qpdf,bison,flex,make,autoconf,automake,build-essential,libtool"
378 fi
379
375 # Add libncurses5 to enable kernel menuconfig
380 # Add libncurses5 to enable kernel menuconfig
376 if [ "$KERNEL_MENUCONFIG" = true ] ; then
381 if [ "$KERNEL_MENUCONFIG" = true ] ; then
377 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
382 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
378 fi
383 fi
379
384
380 # Add ccache compiler cache for (faster) kernel cross (re)compilation
385 # Add ccache compiler cache for (faster) kernel cross (re)compilation
381 if [ "$KERNEL_CCACHE" = true ] ; then
386 if [ "$KERNEL_CCACHE" = true ] ; then
382 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
387 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
383 fi
388 fi
384
389
385 # Add cryptsetup package to enable filesystem encryption
390 # Add cryptsetup package to enable filesystem encryption
386 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
391 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
387 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
392 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
388 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
393 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
389
394
390 #If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
395 #If cryptfs,dropbear and initramfs are enabled include dropbear-initramfs package
391 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
396 if [ "$CRYPTFS_DROPBEAR" = true ] && [ "$ENABLE_INITRAMFS" = true ]; then
392 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
397 APT_INCLUDES="${APT_INCLUDES},dropbear-initramfs"
393 fi
398 fi
394
399
395 if [ -z "$CRYPTFS_PASSWORD" ] ; then
400 if [ -z "$CRYPTFS_PASSWORD" ] ; then
396 echo "error: no password defined (CRYPTFS_PASSWORD)!"
401 echo "error: no password defined (CRYPTFS_PASSWORD)!"
397 exit 1
402 exit 1
398 fi
403 fi
399 ENABLE_INITRAMFS=true
404 ENABLE_INITRAMFS=true
400 fi
405 fi
401
406
402 # Add initramfs generation tools
407 # Add initramfs generation tools
403 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
408 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
404 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
409 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
405 fi
410 fi
406
411
407 # Add device-tree-compiler required for building the U-Boot bootloader
412 # Add device-tree-compiler required for building the U-Boot bootloader
408 if [ "$ENABLE_UBOOT" = true ] ; then
413 if [ "$ENABLE_UBOOT" = true ] ; then
409 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
414 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
410 else
415 else
411 if [ "$ENABLE_UBOOTUSB" = true ] ; then
416 if [ "$ENABLE_UBOOTUSB" = true ] ; then
412 echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
417 echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
413 exit 1
418 exit 1
414 fi
419 fi
415 fi
420 fi
416
421
417 # Check if root SSH (v2) public key file exists
422 # Check if root SSH (v2) public key file exists
418 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
423 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
419 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
424 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
420 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
425 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
421 exit 1
426 exit 1
422 fi
427 fi
423 fi
428 fi
424
429
425 # Check if $USER_NAME SSH (v2) public key file exists
430 # Check if $USER_NAME SSH (v2) public key file exists
426 if [ -n "$SSH_USER_PUB_KEY" ] ; then
431 if [ -n "$SSH_USER_PUB_KEY" ] ; then
427 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
432 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
428 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
433 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
429 exit 1
434 exit 1
430 fi
435 fi
431 fi
436 fi
432
437
433 # Check if all required packages are installed on the build system
438 # Check if all required packages are installed on the build system
434 for package in $REQUIRED_PACKAGES ; do
439 for package in $REQUIRED_PACKAGES ; do
435 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
440 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
436 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
441 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
437 fi
442 fi
438 done
443 done
439
444
440 # If there are missing packages ask confirmation for install, or exit
445 # If there are missing packages ask confirmation for install, or exit
441 if [ -n "$MISSING_PACKAGES" ] ; then
446 if [ -n "$MISSING_PACKAGES" ] ; then
442 echo "the following packages needed by this script are not installed:"
447 echo "the following packages needed by this script are not installed:"
443 echo "$MISSING_PACKAGES"
448 echo "$MISSING_PACKAGES"
444
449
445 printf "\ndo you want to install the missing packages right now? [y/n] "
450 printf "\ndo you want to install the missing packages right now? [y/n] "
446 read -r confirm
451 read -r confirm
447 [ "$confirm" != "y" ] && exit 1
452 [ "$confirm" != "y" ] && exit 1
448
453
449 # Make sure all missing required packages are installed
454 # Make sure all missing required packages are installed
450 apt-get -qq -y install "${MISSING_PACKAGES}"
455 apt-get -qq -y install "${MISSING_PACKAGES}"
451 fi
456 fi
452
457
453 # Check if ./bootstrap.d directory exists
458 # Check if ./bootstrap.d directory exists
454 if [ ! -d "./bootstrap.d/" ] ; then
459 if [ ! -d "./bootstrap.d/" ] ; then
455 echo "error: './bootstrap.d' required directory not found!"
460 echo "error: './bootstrap.d' required directory not found!"
456 exit 1
461 exit 1
457 fi
462 fi
458
463
459 # Check if ./files directory exists
464 # Check if ./files directory exists
460 if [ ! -d "./files/" ] ; then
465 if [ ! -d "./files/" ] ; then
461 echo "error: './files' required directory not found!"
466 echo "error: './files' required directory not found!"
462 exit 1
467 exit 1
463 fi
468 fi
464
469
465 # Check if specified KERNELSRC_DIR directory exists
470 # Check if specified KERNELSRC_DIR directory exists
466 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
471 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
467 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
472 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
468 exit 1
473 exit 1
469 fi
474 fi
470
475
471 # Check if specified UBOOTSRC_DIR directory exists
476 # Check if specified UBOOTSRC_DIR directory exists
472 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
477 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
473 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
478 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
474 exit 1
479 exit 1
475 fi
480 fi
476
481
477 # Check if specified VIDEOCORESRC_DIR directory exists
482 # Check if specified VIDEOCORESRC_DIR directory exists
478 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
483 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
479 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
484 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
480 exit 1
485 exit 1
481 fi
486 fi
482
487
483 # Check if specified FBTURBOSRC_DIR directory exists
488 # Check if specified FBTURBOSRC_DIR directory exists
484 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
489 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
485 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
490 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
486 exit 1
491 exit 1
487 fi
492 fi
488
493
489 # Check if specified NEXMON_DIR directory exists
494 # Check if specified NEXMONSRC_DIR directory exists
490 if [ -n "$NEXMON_DIR" ] && [ ! -d "$NEXMON_DIR" ] ; then
495 if [ -n "$NEXMONSRC_DIR" ] && [ ! -d "$NEXMONSRC_DIR" ] ; then
491 echo "error: '${NEXMON_DIR}' specified directory not found (NEXMON_DIR)!"
496 echo "error: '${NEXMONSRC_DIR}' specified directory not found (NEXMONSRC_DIR)!"
492 exit 1
497 exit 1
493 fi
498 fi
494
499
495 # Check if specified CHROOT_SCRIPTS directory exists
500 # Check if specified CHROOT_SCRIPTS directory exists
496 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
501 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
497 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
502 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
498 exit 1
503 exit 1
499 fi
504 fi
500
505
501 # Check if specified device mapping already exists (will be used by cryptsetup)
506 # Check if specified device mapping already exists (will be used by cryptsetup)
502 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
507 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
503 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
508 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
504 exit 1
509 exit 1
505 fi
510 fi
506
511
507 # Don't clobber an old build
512 # Don't clobber an old build
508 if [ -e "$BUILDDIR" ] ; then
513 if [ -e "$BUILDDIR" ] ; then
509 echo "error: directory ${BUILDDIR} already exists, not proceeding"
514 echo "error: directory ${BUILDDIR} already exists, not proceeding"
510 exit 1
515 exit 1
511 fi
516 fi
512
517
513 # Setup chroot directory
518 # Setup chroot directory
514 mkdir -p "${R}"
519 mkdir -p "${R}"
515
520
516 # Check if build directory has enough of free disk space >512MB
521 # Check if build directory has enough of free disk space >512MB
517 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
522 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
518 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
523 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
519 exit 1
524 exit 1
520 fi
525 fi
521
526
522 set -x
527 set -x
523
528
524 # Call "cleanup" function on various signals and errors
529 # Call "cleanup" function on various signals and errors
525 trap cleanup 0 1 2 3 6
530 trap cleanup 0 1 2 3 6
526
531
527 # Add required packages for the minbase installation
532 # Add required packages for the minbase installation
528 if [ "$ENABLE_MINBASE" = true ] ; then
533 if [ "$ENABLE_MINBASE" = true ] ; then
529 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
534 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
530 fi
535 fi
531
536
532 # Add parted package, required to get partprobe utility
537 # Add parted package, required to get partprobe utility
533 if [ "$EXPANDROOT" = true ] ; then
538 if [ "$EXPANDROOT" = true ] ; then
534 APT_INCLUDES="${APT_INCLUDES},parted"
539 APT_INCLUDES="${APT_INCLUDES},parted"
535 fi
540 fi
536
541
537 # Add dbus package, recommended if using systemd
542 # Add dbus package, recommended if using systemd
538 if [ "$ENABLE_DBUS" = true ] ; then
543 if [ "$ENABLE_DBUS" = true ] ; then
539 APT_INCLUDES="${APT_INCLUDES},dbus"
544 APT_INCLUDES="${APT_INCLUDES},dbus"
540 fi
545 fi
541
546
542 # Add iptables IPv4/IPv6 package
547 # Add iptables IPv4/IPv6 package
543 if [ "$ENABLE_IPTABLES" = true ] ; then
548 if [ "$ENABLE_IPTABLES" = true ] ; then
544 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
549 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
545 fi
550 fi
546
551
547 # Add openssh server package
552 # Add openssh server package
548 if [ "$ENABLE_SSHD" = true ] ; then
553 if [ "$ENABLE_SSHD" = true ] ; then
549 APT_INCLUDES="${APT_INCLUDES},openssh-server"
554 APT_INCLUDES="${APT_INCLUDES},openssh-server"
550 fi
555 fi
551
556
552 # Add alsa-utils package
557 # Add alsa-utils package
553 if [ "$ENABLE_SOUND" = true ] ; then
558 if [ "$ENABLE_SOUND" = true ] ; then
554 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
559 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
555 fi
560 fi
556
561
557 # Add rng-tools package
562 # Add rng-tools package
558 if [ "$ENABLE_HWRANDOM" = true ] ; then
563 if [ "$ENABLE_HWRANDOM" = true ] ; then
559 APT_INCLUDES="${APT_INCLUDES},rng-tools"
564 APT_INCLUDES="${APT_INCLUDES},rng-tools"
560 fi
565 fi
561
566
562 # Add fbturbo video driver
567 # Add fbturbo video driver
563 if [ "$ENABLE_FBTURBO" = true ] ; then
568 if [ "$ENABLE_FBTURBO" = true ] ; then
564 # Enable xorg package dependencies
569 # Enable xorg package dependencies
565 ENABLE_XORG=true
570 ENABLE_XORG=true
566 fi
571 fi
567
572
568 # Add user defined window manager package
573 # Add user defined window manager package
569 if [ -n "$ENABLE_WM" ] ; then
574 if [ -n "$ENABLE_WM" ] ; then
570 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
575 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
571
576
572 # Enable xorg package dependencies
577 # Enable xorg package dependencies
573 ENABLE_XORG=true
578 ENABLE_XORG=true
574 fi
579 fi
575
580
576 # Add xorg package
581 # Add xorg package
577 if [ "$ENABLE_XORG" = true ] ; then
582 if [ "$ENABLE_XORG" = true ] ; then
578 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
583 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
579 fi
584 fi
580
585
581 # Replace selected packages with smaller clones
586 # Replace selected packages with smaller clones
582 if [ "$ENABLE_REDUCE" = true ] ; then
587 if [ "$ENABLE_REDUCE" = true ] ; then
583 # Add levee package instead of vim-tiny
588 # Add levee package instead of vim-tiny
584 if [ "$REDUCE_VIM" = true ] ; then
589 if [ "$REDUCE_VIM" = true ] ; then
585 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
590 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
586 fi
591 fi
587
592
588 # Add dropbear package instead of openssh-server
593 # Add dropbear package instead of openssh-server
589 if [ "$REDUCE_SSHD" = true ] ; then
594 if [ "$REDUCE_SSHD" = true ] ; then
590 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
595 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
591 fi
596 fi
592 fi
597 fi
593
598
594 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
599 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
595 if [ "$ENABLE_SYSVINIT" = false ] ; then
600 if [ "$ENABLE_SYSVINIT" = false ] ; then
596 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
601 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
597 fi
602 fi
598
603
599 # Configure kernel sources if no KERNELSRC_DIR
604 # Configure kernel sources if no KERNELSRC_DIR
600 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
605 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
601 KERNELSRC_CONFIG=true
606 KERNELSRC_CONFIG=true
602 fi
607 fi
603
608
604 # Configure reduced kernel
609 # Configure reduced kernel
605 if [ "$KERNEL_REDUCE" = true ] ; then
610 if [ "$KERNEL_REDUCE" = true ] ; then
606 KERNELSRC_CONFIG=false
611 KERNELSRC_CONFIG=false
607 fi
612 fi
608
613
609 # Configure qemu compatible kernel
614 # Configure qemu compatible kernel
610 if [ "$ENABLE_QEMU" = true ] ; then
615 if [ "$ENABLE_QEMU" = true ] ; then
611 DTB_FILE=vexpress-v2p-ca15_a7.dtb
616 DTB_FILE=vexpress-v2p-ca15_a7.dtb
612 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
617 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
613 KERNEL_DEFCONFIG="vexpress_defconfig"
618 KERNEL_DEFCONFIG="vexpress_defconfig"
614 if [ "$KERNEL_MENUCONFIG" = false ] ; then
619 if [ "$KERNEL_MENUCONFIG" = false ] ; then
615 KERNEL_OLDDEFCONFIG=true
620 KERNEL_OLDDEFCONFIG=true
616 fi
621 fi
617 fi
622 fi
618
623
619 # Execute bootstrap scripts
624 # Execute bootstrap scripts
620 for SCRIPT in bootstrap.d/*.sh; do
625 for SCRIPT in bootstrap.d/*.sh; do
621 head -n 3 "$SCRIPT"
626 head -n 3 "$SCRIPT"
622 . "$SCRIPT"
627 . "$SCRIPT"
623 done
628 done
624
629
625 ## Execute custom bootstrap scripts
630 ## Execute custom bootstrap scripts
626 if [ -d "custom.d" ] ; then
631 if [ -d "custom.d" ] ; then
627 for SCRIPT in custom.d/*.sh; do
632 for SCRIPT in custom.d/*.sh; do
628 . "$SCRIPT"
633 . "$SCRIPT"
629 done
634 done
630 fi
635 fi
631
636
632 # Execute custom scripts inside the chroot
637 # Execute custom scripts inside the chroot
633 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
638 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
634 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
639 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
635 chroot_exec /bin/bash -x <<'EOF'
640 chroot_exec /bin/bash -x <<'EOF'
636 for SCRIPT in /chroot_scripts/* ; do
641 for SCRIPT in /chroot_scripts/* ; do
637 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
642 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
638 $SCRIPT
643 $SCRIPT
639 fi
644 fi
640 done
645 done
641 EOF
646 EOF
642 rm -rf "${R}/chroot_scripts"
647 rm -rf "${R}/chroot_scripts"
643 fi
648 fi
644
649
645 # Remove c/c++ build environment from the chroot
650 # Remove c/c++ build environment from the chroot
646 chroot_remove_cc
651 chroot_remove_cc
647
652
648 # Generate required machine-id
653 # Generate required machine-id
649 MACHINE_ID=$(dbus-uuidgen)
654 MACHINE_ID=$(dbus-uuidgen)
650 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
655 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
651 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
656 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
652
657
653 # APT Cleanup
658 # APT Cleanup
654 chroot_exec apt-get -y clean
659 chroot_exec apt-get -y clean
655 chroot_exec apt-get -y autoclean
660 chroot_exec apt-get -y autoclean
656 chroot_exec apt-get -y autoremove
661 chroot_exec apt-get -y autoremove
657
662
658 # Unmount mounted filesystems
663 # Unmount mounted filesystems
659 umount -l "${R}/proc"
664 umount -l "${R}/proc"
660 umount -l "${R}/sys"
665 umount -l "${R}/sys"
661
666
662 # Clean up directories
667 # Clean up directories
663 rm -rf "${R}/run/*"
668 rm -rf "${R}/run/*"
664 rm -rf "${R}/tmp/*"
669 rm -rf "${R}/tmp/*"
665
670
666 # Clean up files
671 # Clean up files
667 rm -f "${ETC_DIR}/ssh/ssh_host_*"
672 rm -f "${ETC_DIR}/ssh/ssh_host_*"
668 rm -f "${ETC_DIR}/dropbear/dropbear_*"
673 rm -f "${ETC_DIR}/dropbear/dropbear_*"
669 rm -f "${ETC_DIR}/apt/sources.list.save"
674 rm -f "${ETC_DIR}/apt/sources.list.save"
670 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
675 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
671 rm -f "${ETC_DIR}/*-"
676 rm -f "${ETC_DIR}/*-"
672 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
677 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
673 rm -f "${ETC_DIR}/resolv.conf"
678 rm -f "${ETC_DIR}/resolv.conf"
674 rm -f "${R}/root/.bash_history"
679 rm -f "${R}/root/.bash_history"
675 rm -f "${R}/var/lib/urandom/random-seed"
680 rm -f "${R}/var/lib/urandom/random-seed"
676 rm -f "${R}/initrd.img"
681 rm -f "${R}/initrd.img"
677 rm -f "${R}/vmlinuz"
682 rm -f "${R}/vmlinuz"
678 rm -f "${R}${QEMU_BINARY}"
683 rm -f "${R}${QEMU_BINARY}"
679
684
680 if [ "$ENABLE_QEMU" = true ] ; then
685 if [ "$ENABLE_QEMU" = true ] ; then
681 # Setup QEMU directory
686 # Setup QEMU directory
682 mkdir "${BASEDIR}/qemu"
687 mkdir "${BASEDIR}/qemu"
683
688
684 # Copy kernel image to QEMU directory
689 # Copy kernel image to QEMU directory
685 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
690 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
686
691
687 # Copy kernel config to QEMU directory
692 # Copy kernel config to QEMU directory
688 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
693 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
689
694
690 # Copy kernel dtbs to QEMU directory
695 # Copy kernel dtbs to QEMU directory
691 for dtb in "${BOOT_DIR}/"*.dtb ; do
696 for dtb in "${BOOT_DIR}/"*.dtb ; do
692 if [ -f "${dtb}" ] ; then
697 if [ -f "${dtb}" ] ; then
693 install_readonly "${dtb}" "${BASEDIR}/qemu/"
698 install_readonly "${dtb}" "${BASEDIR}/qemu/"
694 fi
699 fi
695 done
700 done
696
701
697 # Copy kernel overlays to QEMU directory
702 # Copy kernel overlays to QEMU directory
698 if [ -d "${BOOT_DIR}/overlays" ] ; then
703 if [ -d "${BOOT_DIR}/overlays" ] ; then
699 # Setup overlays dtbs directory
704 # Setup overlays dtbs directory
700 mkdir "${BASEDIR}/qemu/overlays"
705 mkdir "${BASEDIR}/qemu/overlays"
701
706
702 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
707 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
703 if [ -f "${dtb}" ] ; then
708 if [ -f "${dtb}" ] ; then
704 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
709 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
705 fi
710 fi
706 done
711 done
707 fi
712 fi
708
713
709 # Copy u-boot files to QEMU directory
714 # Copy u-boot files to QEMU directory
710 if [ "$ENABLE_UBOOT" = true ] ; then
715 if [ "$ENABLE_UBOOT" = true ] ; then
711 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
716 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
712 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
717 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
713 fi
718 fi
714 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
719 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
715 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
720 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
716 fi
721 fi
717 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
722 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
718 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
723 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
719 fi
724 fi
720 fi
725 fi
721
726
722 # Copy initramfs to QEMU directory
727 # Copy initramfs to QEMU directory
723 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
728 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
724 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
729 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
725 fi
730 fi
726 fi
731 fi
727
732
728 # Calculate size of the chroot directory in KB
733 # Calculate size of the chroot directory in KB
729 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
734 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
730
735
731 # Calculate the amount of needed 512 Byte sectors
736 # Calculate the amount of needed 512 Byte sectors
732 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
737 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
733 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
738 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
734 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
739 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
735
740
736 # The root partition is EXT4
741 # The root partition is EXT4
737 # This means more space than the actual used space of the chroot is used.
742 # This means more space than the actual used space of the chroot is used.
738 # As overhead for journaling and reserved blocks 35% are added.
743 # As overhead for journaling and reserved blocks 35% are added.
739 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
744 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
740
745
741 # Calculate required image size in 512 Byte sectors
746 # Calculate required image size in 512 Byte sectors
742 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
747 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
743
748
744 # Prepare image file
749 # Prepare image file
745 if [ "$ENABLE_SPLITFS" = true ] ; then
750 if [ "$ENABLE_SPLITFS" = true ] ; then
746 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
751 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
747 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
752 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
748 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
753 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
749 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
754 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
750
755
751 # Write firmware/boot partition tables
756 # Write firmware/boot partition tables
752 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
757 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
753 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
758 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
754 EOM
759 EOM
755
760
756 # Write root partition table
761 # Write root partition table
757 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
762 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
758 ${TABLE_SECTORS},${ROOT_SECTORS},83
763 ${TABLE_SECTORS},${ROOT_SECTORS},83
759 EOM
764 EOM
760
765
761 # Setup temporary loop devices
766 # Setup temporary loop devices
762 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
767 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
763 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
768 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
764 else # ENABLE_SPLITFS=false
769 else # ENABLE_SPLITFS=false
765 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
770 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
766 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
771 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
767
772
768 # Write partition table
773 # Write partition table
769 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
774 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
770 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
775 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
771 ${ROOT_OFFSET},${ROOT_SECTORS},83
776 ${ROOT_OFFSET},${ROOT_SECTORS},83
772 EOM
777 EOM
773
778
774 # Setup temporary loop devices
779 # Setup temporary loop devices
775 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
780 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
776 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
781 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
777 fi
782 fi
778
783
779 if [ "$ENABLE_CRYPTFS" = true ] ; then
784 if [ "$ENABLE_CRYPTFS" = true ] ; then
780 # Create dummy ext4 fs
785 # Create dummy ext4 fs
781 mkfs.ext4 "$ROOT_LOOP"
786 mkfs.ext4 "$ROOT_LOOP"
782
787
783 # Setup password keyfile
788 # Setup password keyfile
784 touch .password
789 touch .password
785 chmod 600 .password
790 chmod 600 .password
786 echo -n ${CRYPTFS_PASSWORD} > .password
791 echo -n ${CRYPTFS_PASSWORD} > .password
787
792
788 # Initialize encrypted partition
793 # Initialize encrypted partition
789 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
794 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
790
795
791 # Open encrypted partition and setup mapping
796 # Open encrypted partition and setup mapping
792 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
797 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
793
798
794 # Secure delete password keyfile
799 # Secure delete password keyfile
795 shred -zu .password
800 shred -zu .password
796
801
797 # Update temporary loop device
802 # Update temporary loop device
798 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
803 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
799
804
800 # Wipe encrypted partition (encryption cipher is used for randomness)
805 # Wipe encrypted partition (encryption cipher is used for randomness)
801 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
806 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
802 fi
807 fi
803
808
804 # Build filesystems
809 # Build filesystems
805 mkfs.vfat "$FRMW_LOOP"
810 mkfs.vfat "$FRMW_LOOP"
806 mkfs.ext4 "$ROOT_LOOP"
811 mkfs.ext4 "$ROOT_LOOP"
807
812
808 # Mount the temporary loop devices
813 # Mount the temporary loop devices
809 mkdir -p "$BUILDDIR/mount"
814 mkdir -p "$BUILDDIR/mount"
810 mount "$ROOT_LOOP" "$BUILDDIR/mount"
815 mount "$ROOT_LOOP" "$BUILDDIR/mount"
811
816
812 mkdir -p "$BUILDDIR/mount/boot/firmware"
817 mkdir -p "$BUILDDIR/mount/boot/firmware"
813 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
818 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
814
819
815 # Copy all files from the chroot to the loop device mount point directory
820 # Copy all files from the chroot to the loop device mount point directory
816 rsync -a "${R}/" "$BUILDDIR/mount/"
821 rsync -a "${R}/" "$BUILDDIR/mount/"
817
822
818 # Unmount all temporary loop devices and mount points
823 # Unmount all temporary loop devices and mount points
819 cleanup
824 cleanup
820
825
821 # Create block map file(s) of image(s)
826 # Create block map file(s) of image(s)
822 if [ "$ENABLE_SPLITFS" = true ] ; then
827 if [ "$ENABLE_SPLITFS" = true ] ; then
823 # Create block map files for "bmaptool"
828 # Create block map files for "bmaptool"
824 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
829 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
825 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
830 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
826
831
827 # Image was successfully created
832 # Image was successfully created
828 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
833 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
829 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
834 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
830 else
835 else
831 # Create block map file for "bmaptool"
836 # Create block map file for "bmaptool"
832 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
837 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
833
838
834 # Image was successfully created
839 # Image was successfully created
835 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
840 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
836
841
837 # Create qemu qcow2 image
842 # Create qemu qcow2 image
838 if [ "$ENABLE_QEMU" = true ] ; then
843 if [ "$ENABLE_QEMU" = true ] ; then
839 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
844 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
840 QEMU_SIZE=16G
845 QEMU_SIZE=16G
841
846
842 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
847 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
843 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
848 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
844
849
845 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
850 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
846 fi
851 fi
847 fi
852 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant