##// END OF EJS Templates
Updated: Moved fstab stuff to new file 14-fstab.sh
drtyhlpr -
r141:c9fa0b77637b
parent child
Show More
@@ -0,0 +1,56
1 #
2 # Setup fstab and initramfs
3 #
4
5 # Load utility functions
6 . ./functions.sh
7
8 # Install and setup fstab
9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
10
11 # Add usb/sda disk root partition to fstab
12 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
13 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
14 fi
15
16 # Add encrypted root partition to fstab and crypttab
17 if [ "$ENABLE_CRYPTFS" = true ] ; then
18 # Replace fstab root partition with encrypted partition mapping
19 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
20
21 # Add encrypted partition to crypttab and fstab
22 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
23 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab"
24
25 if [ "$ENABLE_SPLITFS" = true ] ; then
26 # Add usb/sda disk to crypttab
27 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
28 fi
29 fi
30
31 # Generate initramfs file
32 if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then
33 if [ "$ENABLE_CRYPTFS" = true ] ; then
34 # Include initramfs scripts to auto expand encrypted root partition
35 if [ "$EXPANDROOT" = true ] ; then
36 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
37 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
38 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
39 fi
40
41 # Disable SSHD inside initramfs
42 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
43
44 # Dummy mapping required by mkinitramfs
45 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
46
47 # Generate initramfs with encrypted root partition support
48 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
49
50 # Remove dummy mapping
51 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
52 else
53 # Generate initramfs without encrypted root partition support
54 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
55 fi
56 fi
@@ -354,7 +354,8 The functions of this script that are required for the different stages of the b
354 354 | `11-apt.sh` | Setup APT repositories |
355 355 | `12-locale.sh` | Setup Locales and keyboard settings |
356 356 | `13-kernel.sh` | Build and install RPi2/3 Kernel |
357 | `14-rpi-config.sh` | Setup RPi2/3 config and cmdline |
357 | `14-fstab.sh` | Setup fstab and initramfs |
358 | `15-rpi-config.sh` | Setup RPi2/3 config and cmdline |
358 359 | `20-networking.sh` | Setup Networking |
359 360 | `21-firewall.sh` | Setup Firewall |
360 361 | `30-security.sh` | Setup Users and Security settings |
@@ -135,6 +135,10 if [ "$BUILD_KERNEL" = true ] ; then
135 135 rm -fr "${KERNEL_DIR}"
136 136 else
137 137 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
138
139 # Create symlinks for kernel modules
140 ln -sf "${KERNEL_DIR}" "${R}/lib/modules/${KERNEL_VERSION}/build"
141 ln -sf "${KERNEL_DIR}" "${R}/lib/modules/${KERNEL_VERSION}/source"
138 142 fi
139 143
140 144 else # BUILD_KERNEL=false
@@ -154,57 +158,3 else # BUILD_KERNEL=false
154 158 # Copy vmlinuz kernel to the boot directory
155 159 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
156 160 fi
157
158 # Create symlinks for kernel modules
159 ln -sf "${KERNEL_DIR}" "${R}/lib/modules/${KERNEL_VERSION}/build"
160 ln -sf "${KERNEL_DIR}" "${R}/lib/modules/${KERNEL_VERSION}/source"
161
162 # Install and setup fstab
163 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
164
165 # Add usb/sda disk root partition to fstab
166 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
167 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
168 fi
169
170 # Add encrypted root partition to fstab and crypttab
171 if [ "$ENABLE_CRYPTFS" = true ] ; then
172 # Replace fstab root partition with encrypted partition mapping
173 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
174
175 # Add encrypted partition to crypttab and fstab
176 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
177 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab"
178
179 if [ "$ENABLE_SPLITFS" = true ] ; then
180 # Add usb/sda disk to crypttab
181 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
182 fi
183 fi
184
185 # Generate initramfs file
186 if [ "$ENABLE_INITRAMFS" = true ] ; then
187 if [ "$ENABLE_CRYPTFS" = true ] ; then
188 # Include initramfs scripts to auto expand encrypted root partition
189 if [ "$EXPANDROOT" = true ] ; then
190 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
191 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
192 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
193 fi
194
195 # Disable SSHD inside initramfs
196 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
197
198 # Dummy mapping required by mkinitramfs
199 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
200
201 # Generate initramfs with encrypted root partition support
202 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
203
204 # Remove dummy mapping
205 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
206 else
207 # Generate initramfs without encrypted root partition support
208 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
209 fi
210 fi
1 NO CONTENT: file renamed from bootstrap.d/14-rpi-config.sh to bootstrap.d/15-rpi-config.sh
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant