@@ -0,0 +1,1 | |||
|
1 | spoof warn |
@@ -8,7 +8,7 | |||
|
8 | 8 | # Use proxy inside chroot |
|
9 | 9 | if [ -z "$APT_PROXY" ] ; then |
|
10 | 10 | install_readonly files/apt/10proxy $R/etc/apt/apt.conf.d/10proxy |
|
11 |
sed -i |
|
|
11 | sed -i "s/\"\"/\"${APT_PROXY}\"/" $R/etc/apt/apt.conf.d/10proxy | |
|
12 | 12 | fi |
|
13 | 13 | |
|
14 | 14 | # Pin package flash-kernel to repositories.collabora.co.uk |
@@ -21,8 +21,8 chroot_exec apt-get -qq -y --force-yes install collabora-obs-archive-keyring | |||
|
21 | 21 | |
|
22 | 22 | # Set up initial sources.list |
|
23 | 23 | install_readonly files/apt/sources.list $R/etc/apt/sources.list |
|
24 |
sed -i |
|
|
25 |
sed -i |
|
|
24 | sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" $R/etc/apt/sources.list | |
|
25 | sed -i "s/ jessie/ ${RELEASE}/" $R/etc/apt/sources.list | |
|
26 | 26 | |
|
27 | 27 | # Upgrade package index and update all installed packages and changed dependencies |
|
28 | 28 | chroot_exec apt-get -qq -y update |
@@ -19,40 +19,40 if [ "$ENABLE_MINBASE" = false ] ; then | |||
|
19 | 19 | else |
|
20 | 20 | # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale |
|
21 | 21 | chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections |
|
22 |
|
|
|
22 | sed -i "/en_US.UTF-8/s/^#//" $R/etc/locale.gen | |
|
23 | 23 | fi |
|
24 | 24 | |
|
25 |
|
|
|
25 | sed -i "/${DEFLOCAL}/s/^#//" $R/etc/locale.gen | |
|
26 | 26 | chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections |
|
27 | 27 | chroot_exec locale-gen |
|
28 | 28 | chroot_exec update-locale LANG=${DEFLOCAL} |
|
29 | 29 | |
|
30 | 30 | # Keyboard configuration, if requested |
|
31 | 31 | if [ "$XKB_MODEL" != "" ] ; then |
|
32 |
|
|
|
32 | sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" $R/etc/default/keyboard | |
|
33 | 33 | fi |
|
34 | 34 | if [ "$XKB_LAYOUT" != "" ] ; then |
|
35 |
|
|
|
35 | sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" $R/etc/default/keyboard | |
|
36 | 36 | fi |
|
37 | 37 | if [ "$XKB_VARIANT" != "" ] ; then |
|
38 |
|
|
|
38 | sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" $R/etc/default/keyboard | |
|
39 | 39 | fi |
|
40 | 40 | if [ "$XKB_OPTIONS" != "" ] ; then |
|
41 |
|
|
|
41 | sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" $R/etc/default/keyboard | |
|
42 | 42 | fi |
|
43 | 43 | chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration |
|
44 | 44 | |
|
45 | 45 | # Set up font console |
|
46 | 46 | case "${DEFLOCAL}" in |
|
47 | 47 | *UTF-8) |
|
48 |
|
|
|
48 | sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' $R/etc/default/console-setup | |
|
49 | 49 | ;; |
|
50 | 50 | *) |
|
51 |
|
|
|
51 | sed -i 's/^CHARMAP.*/CHARMAP="guess"/' $R/etc/default/console-setup | |
|
52 | 52 | ;; |
|
53 | 53 | esac |
|
54 | 54 | chroot_exec dpkg-reconfigure -f noninteractive console-setup |
|
55 | else | |
|
55 | else # ENABLE_MINBASE=true | |
|
56 | 56 | # Set POSIX default locales |
|
57 | 57 | install_readonly files/locales/locale $R/etc/default/locale |
|
58 | 58 | fi |
@@ -48,7 +48,7 if [ "$BUILD_KERNEL" = true ] ; then | |||
|
48 | 48 | |
|
49 | 49 | # Install raspberry bootloader and flash-kernel |
|
50 | 50 | chroot_exec apt-get -qq -y --no-install-recommends install raspberrypi-bootloader-nokernel |
|
51 | else | |
|
51 | else # BUILD_KERNEL=false | |
|
52 | 52 | # Kernel installation |
|
53 | 53 | chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${COLLABORA_KERNEL} raspberrypi-bootloader-nokernel |
|
54 | 54 |
@@ -7,10 +7,10 | |||
|
7 | 7 | |
|
8 | 8 | # Set up IPv4 hosts |
|
9 | 9 | install_readonly files/network/hostname $R/etc/hostname |
|
10 |
sed -i |
|
|
10 | sed -i "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname | |
|
11 | 11 | |
|
12 | 12 | install_readonly files/network/hosts $R/etc/hosts |
|
13 |
sed -i |
|
|
13 | sed -i "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts | |
|
14 | 14 | |
|
15 | 15 | if [ "$NET_ADDRESS" != "" ] ; then |
|
16 | 16 | NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/') |
@@ -38,6 +38,7 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network | |||
|
38 | 38 | if [ "$ENABLE_IPV6" = false ] ; then |
|
39 | 39 | sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network |
|
40 | 40 | fi |
|
41 | ||
|
41 | 42 | else # ENABLE_DHCP=false |
|
42 | 43 | cat <<EOM >$R/etc/systemd/network/eth.network |
|
43 | 44 | [Match] |
@@ -63,7 +64,5 if [ "$ENABLE_HARDNET" = true ] ; then | |||
|
63 | 64 | install_readonly files/sysctl.d/82-rpi-net-hardening.conf $R/etc/sysctl.d/82-rpi-net-hardening.conf |
|
64 | 65 | |
|
65 | 66 | # Enable resolver warnings about spoofed addresses |
|
66 | cat <<EOM >>$R/etc/host.conf | |
|
67 | spoof warn | |
|
68 | EOM | |
|
67 | install_readonly files/network/host.conf $R/etc/host.conf | |
|
69 | 68 | fi |
@@ -37,8 +37,8 if [ "$ENABLE_IPTABLES" = true ] ; then | |||
|
37 | 37 | fi |
|
38 | 38 | fi |
|
39 | 39 | |
|
40 | # Remove SSHD related iptables rules | |
|
41 | 40 | if [ "$ENABLE_SSHD" = false ] ; then |
|
42 | sed -e '/^#/! {/SSH/ s/^/# /}' -i $R/etc/iptables/iptables.rules 2> /dev/null | |
|
43 |
sed |
|
|
41 | # Remove SSHD related iptables rules | |
|
42 | sed -i "/^#/! {/SSH/ s/^/# /}" $R/etc/iptables/iptables.rules 2> /dev/null | |
|
43 | sed -i "/^#/! {/SSH/ s/^/# /}" $R/etc/iptables/ip6tables.rules 2> /dev/null | |
|
44 | 44 | fi |
@@ -19,9 +19,10 if [ "$ENABLE_ROOT" = true ]; then | |||
|
19 | 19 | chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root |
|
20 | 20 | |
|
21 | 21 | if [ "$ENABLE_ROOT_SSH" = true ]; then |
|
22 |
sed -i |
|
|
22 | sed -i "s|[#]*PermitRootLogin.*|PermitRootLogin yes|g" $R/etc/ssh/sshd_config | |
|
23 | 23 | fi |
|
24 | 24 | else |
|
25 | # Set no root password to disable root login | |
|
25 | 26 | chroot_exec usermod -p \'!\' root |
|
26 | 27 | fi |
|
27 | 28 |
@@ -7,7 +7,7 | |||
|
7 | 7 | |
|
8 | 8 | # Disable rsyslog |
|
9 | 9 | if [ "$ENABLE_RSYSLOG" = false ]; then |
|
10 |
sed -i |
|
|
10 | sed -i "s|[#]*ForwardToSyslog=yes|ForwardToSyslog=no|g" $R/etc/systemd/journald.conf | |
|
11 | 11 | chroot_exec systemctl disable rsyslog |
|
12 | 12 | chroot_exec apt-get purge -q -y --force-yes rsyslog |
|
13 | 13 | fi |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant