##// END OF EJS Templates
Restart systemd.resolv only if not resolv.conf exists
root -
r101:cab8c29a873b
parent child
Show More
@@ -1,306 +1,310
1 #
1 #
2 # Build and Setup RPi2/3 Kernel
2 # Build and Setup RPi2/3 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build latest raspberry kernel
8 # Fetch and build latest raspberry kernel
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 # Setup source directory
10 # Setup source directory
11 mkdir -p "${R}/usr/src"
11 mkdir -p "${R}/usr/src"
12
12
13 # Copy existing kernel sources into chroot directory
13 # Copy existing kernel sources into chroot directory
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 # Copy kernel sources
15 # Copy kernel sources
16 cp -r "${KERNELSRC_DIR}" "${R}/usr/src"
16 cp -r "${KERNELSRC_DIR}" "${R}/usr/src"
17
17
18 # Clean the kernel sources
18 # Clean the kernel sources
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 fi
21 fi
22 else # KERNELSRC_DIR=""
22 else # KERNELSRC_DIR=""
23 # Fetch current raspberrypi kernel sources
23 # Fetch current raspberrypi kernel sources
24 git -C "${R}/usr/src" clone --depth=1 "${KERNEL_URL}"
24 git -C "${R}/usr/src" clone --depth=1 "${KERNEL_URL}"
25 fi
25 fi
26
26
27 # Calculate optimal number of kernel building threads
27 # Calculate optimal number of kernel building threads
28 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
28 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
29 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
29 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
30 fi
30 fi
31
31
32 # Configure and build kernel
32 # Configure and build kernel
33 if [ "$KERNELSRC_PREBUILT" = false ] ; then
33 if [ "$KERNELSRC_PREBUILT" = false ] ; then
34 # Remove device, network and filesystem drivers from kernel configuration
34 # Remove device, network and filesystem drivers from kernel configuration
35 if [ "$KERNEL_REDUCE" = true ] ; then
35 if [ "$KERNEL_REDUCE" = true ] ; then
36 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
36 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
37 sed -i\
37 sed -i\
38 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
38 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
39 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
39 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
40 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
40 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
41 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
41 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
42 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
42 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
43 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
43 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
44 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
44 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
45 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
45 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
46 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
46 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
47 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
47 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
48 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
48 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
49 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
49 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
50 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
50 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
51 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
51 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
52 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
52 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
53 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
53 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
54 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
54 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
55 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
55 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
56 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
57 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
58 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
59 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
59 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
60 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
60 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
61 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
62 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
63 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
64 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
65 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
66 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
67 "${KERNEL_DIR}/.config"
67 "${KERNEL_DIR}/.config"
68 fi
68 fi
69
69
70 if [ "$KERNELSRC_CONFIG" = true ] ; then
70 if [ "$KERNELSRC_CONFIG" = true ] ; then
71 # Load default raspberry kernel configuration
71 # Load default raspberry kernel configuration
72 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
72 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
73
73
74 if [ ! -z "$KERNELUSR_CONFIG" ] ; then
75 cp $KERNELUSR_CONFIG ${KERNEL_DIR}/.config
76 fi
77
74 # Start menu-driven kernel configuration (interactive)
78 # Start menu-driven kernel configuration (interactive)
75 if [ "$KERNEL_MENUCONFIG" = true ] ; then
79 if [ "$KERNEL_MENUCONFIG" = true ] ; then
76 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
80 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
77 fi
81 fi
78 fi
82 fi
79
83
80 # Cross compile kernel and modules
84 # Cross compile kernel and modules
81 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" zImage modules dtbs
85 make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" zImage modules dtbs
82 fi
86 fi
83
87
84 # Check if kernel compilation was successful
88 # Check if kernel compilation was successful
85 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" ] ; then
89 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" ] ; then
86 echo "error: kernel compilation failed! (zImage not found)"
90 echo "error: kernel compilation failed! (zImage not found)"
87 cleanup
91 cleanup
88 exit 1
92 exit 1
89 fi
93 fi
90
94
91 # Install kernel modules
95 # Install kernel modules
92 if [ "$ENABLE_REDUCE" = true ] ; then
96 if [ "$ENABLE_REDUCE" = true ] ; then
93 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
97 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
94 else
98 else
95 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
99 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
96
100
97 # Install kernel firmware
101 # Install kernel firmware
98 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
102 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
99 fi
103 fi
100
104
101 # Install kernel headers
105 # Install kernel headers
102 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
106 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
103 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
107 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
104 fi
108 fi
105
109
106 # Prepare boot (firmware) directory
110 # Prepare boot (firmware) directory
107 mkdir "${BOOT_DIR}"
111 mkdir "${BOOT_DIR}"
108
112
109 # Get kernel release version
113 # Get kernel release version
110 KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"`
114 KERNEL_VERSION=`cat "${KERNEL_DIR}/include/config/kernel.release"`
111
115
112 # Copy kernel configuration file to the boot directory
116 # Copy kernel configuration file to the boot directory
113 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
117 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
114
118
115 # Copy dts and dtb device tree sources and binaries
119 # Copy dts and dtb device tree sources and binaries
116 mkdir "${BOOT_DIR}/overlays"
120 mkdir "${BOOT_DIR}/overlays"
117 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb "${BOOT_DIR}/"
121 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb "${BOOT_DIR}/"
118 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb* "${BOOT_DIR}/overlays/"
122 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb* "${BOOT_DIR}/overlays/"
119 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
123 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
120
124
121 if [ "$ENABLE_UBOOT" = false ] ; then
125 if [ "$ENABLE_UBOOT" = false ] ; then
122 # Convert and copy zImage kernel to the boot directory
126 # Convert and copy zImage kernel to the boot directory
123 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}"
127 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}"
124 else
128 else
125 # Copy zImage kernel to the boot directory
129 # Copy zImage kernel to the boot directory
126 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}"
130 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/zImage" "${BOOT_DIR}/${KERNEL_IMAGE}"
127 fi
131 fi
128
132
129 # Remove kernel sources
133 # Remove kernel sources
130 if [ "$KERNEL_REMOVESRC" = true ] ; then
134 if [ "$KERNEL_REMOVESRC" = true ] ; then
131 rm -fr "${KERNEL_DIR}"
135 rm -fr "${KERNEL_DIR}"
132 fi
136 fi
133
137
134 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
138 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
135 # Install boot binaries from local directory
139 # Install boot binaries from local directory
136 cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin
140 cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin
137 cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat
141 cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat
138 cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat
142 cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat
139 cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat
143 cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat
140 cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf
144 cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf
141 cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf
145 cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf
142 cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf
146 cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf
143 else
147 else
144 # Install latest boot binaries from raspberry/firmware github
148 # Install latest boot binaries from raspberry/firmware github
145 wget -q -O "${BOOT_DIR}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
149 wget -q -O "${BOOT_DIR}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
146 wget -q -O "${BOOT_DIR}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
150 wget -q -O "${BOOT_DIR}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
147 wget -q -O "${BOOT_DIR}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
151 wget -q -O "${BOOT_DIR}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
148 wget -q -O "${BOOT_DIR}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
152 wget -q -O "${BOOT_DIR}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
149 wget -q -O "${BOOT_DIR}/start.elf" "${FIRMWARE_URL}/start.elf"
153 wget -q -O "${BOOT_DIR}/start.elf" "${FIRMWARE_URL}/start.elf"
150 wget -q -O "${BOOT_DIR}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
154 wget -q -O "${BOOT_DIR}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
151 wget -q -O "${BOOT_DIR}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
155 wget -q -O "${BOOT_DIR}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
152 fi
156 fi
153
157
154 else # BUILD_KERNEL=false
158 else # BUILD_KERNEL=false
155 # Kernel installation
159 # Kernel installation
156 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
160 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
157
161
158 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
162 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
159 chroot_exec apt-get -qq -y install flash-kernel
163 chroot_exec apt-get -qq -y install flash-kernel
160
164
161 # Check if kernel installation was successful
165 # Check if kernel installation was successful
162 VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)"
166 VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)"
163 if [ -z "$VMLINUZ" ] ; then
167 if [ -z "$VMLINUZ" ] ; then
164 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
168 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
165 cleanup
169 cleanup
166 exit 1
170 exit 1
167 fi
171 fi
168 # Copy vmlinuz kernel to the boot directory
172 # Copy vmlinuz kernel to the boot directory
169 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
173 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
170 fi
174 fi
171
175
172 # Setup firmware boot cmdline
176 # Setup firmware boot cmdline
173 if [ "$ENABLE_SPLITFS" = true ] ; then
177 if [ "$ENABLE_SPLITFS" = true ] ; then
174 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
178 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
175 else
179 else
176 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
180 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1"
177 fi
181 fi
178
182
179 # Add encrypted root partition to cmdline.txt
183 # Add encrypted root partition to cmdline.txt
180 if [ "$ENABLE_CRYPTFS" = true ] ; then
184 if [ "$ENABLE_CRYPTFS" = true ] ; then
181 if [ "$ENABLE_SPLITFS" = true ] ; then
185 if [ "$ENABLE_SPLITFS" = true ] ; then
182 CMDLINE=$(echo ${CMDLINE} | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
186 CMDLINE=$(echo ${CMDLINE} | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
183 else
187 else
184 CMDLINE=$(echo ${CMDLINE} | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
188 CMDLINE=$(echo ${CMDLINE} | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
185 fi
189 fi
186 fi
190 fi
187
191
188 # Add serial console support
192 # Add serial console support
189 if [ "$ENABLE_CONSOLE" = true ] ; then
193 if [ "$ENABLE_CONSOLE" = true ] ; then
190 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
194 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
191 fi
195 fi
192
196
193 # Remove IPv6 networking support
197 # Remove IPv6 networking support
194 if [ "$ENABLE_IPV6" = false ] ; then
198 if [ "$ENABLE_IPV6" = false ] ; then
195 CMDLINE="${CMDLINE} ipv6.disable=1"
199 CMDLINE="${CMDLINE} ipv6.disable=1"
196 fi
200 fi
197
201
198 # Automatically assign predictable network interface names
202 # Automatically assign predictable network interface names
199 if [ "$ENABLE_IFNAMES" = false ] ; then
203 if [ "$ENABLE_IFNAMES" = false ] ; then
200 CMDLINE="${CMDLINE} net.ifnames=0"
204 CMDLINE="${CMDLINE} net.ifnames=0"
201 else
205 else
202 CMDLINE="${CMDLINE} net.ifnames=1"
206 CMDLINE="${CMDLINE} net.ifnames=1"
203 fi
207 fi
204
208
205 # Set init to systemd if required by Debian release
209 # Set init to systemd if required by Debian release
206 if [ "$RELEASE" = "stretch" ] ; then
210 if [ "$RELEASE" = "stretch" ] ; then
207 CMDLINE="${CMDLINE} init=/bin/systemd"
211 CMDLINE="${CMDLINE} init=/bin/systemd"
208 fi
212 fi
209
213
210 # Install firmware boot cmdline
214 # Install firmware boot cmdline
211 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
215 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
212
216
213 # Install firmware config
217 # Install firmware config
214 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
218 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
215
219
216 # Setup minimal GPU memory allocation size: 16MB (no X)
220 # Setup minimal GPU memory allocation size: 16MB (no X)
217 if [ "$ENABLE_MINGPU" = true ] ; then
221 if [ "$ENABLE_MINGPU" = true ] ; then
218 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
222 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
219 fi
223 fi
220
224
221 # Setup boot with initramfs
225 # Setup boot with initramfs
222 if [ "$ENABLE_INITRAMFS" = true ] ; then
226 if [ "$ENABLE_INITRAMFS" = true ] ; then
223 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
227 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
224 fi
228 fi
225
229
226 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
230 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
227 if [ "$RPI_MODEL" = 3 ] ; then
231 if [ "$RPI_MODEL" = 3 ] ; then
228 if [ "$ENABLE_CONSOLE" = true ] ; then
232 if [ "$ENABLE_CONSOLE" = true ] ; then
229 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
233 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
230 fi
234 fi
231 fi
235 fi
232
236
233 # Create firmware configuration and cmdline symlinks
237 # Create firmware configuration and cmdline symlinks
234 ln -sf firmware/config.txt "${R}/boot/config.txt"
238 ln -sf firmware/config.txt "${R}/boot/config.txt"
235 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
239 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
236
240
237 # Install and setup kernel modules to load at boot
241 # Install and setup kernel modules to load at boot
238 mkdir -p "${R}/lib/modules-load.d/"
242 mkdir -p "${R}/lib/modules-load.d/"
239 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
243 install_readonly files/modules/rpi2.conf "${R}/lib/modules-load.d/rpi2.conf"
240
244
241 # Load hardware random module at boot
245 # Load hardware random module at boot
242 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
246 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
243 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
247 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${R}/lib/modules-load.d/rpi2.conf"
244 fi
248 fi
245
249
246 # Load sound module at boot
250 # Load sound module at boot
247 if [ "$ENABLE_SOUND" = true ] ; then
251 if [ "$ENABLE_SOUND" = true ] ; then
248 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
252 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${R}/lib/modules-load.d/rpi2.conf"
249 fi
253 fi
250
254
251 # Install kernel modules blacklist
255 # Install kernel modules blacklist
252 mkdir -p "${ETC_DIR}/modprobe.d/"
256 mkdir -p "${ETC_DIR}/modprobe.d/"
253 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
257 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
254
258
255 # Install and setup fstab
259 # Install and setup fstab
256 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
260 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
257
261
258 # Add usb/sda disk root partition to fstab
262 # Add usb/sda disk root partition to fstab
259 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
263 if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] ; then
260 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
264 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab"
261 fi
265 fi
262
266
263 # Add encrypted root partition to fstab and crypttab
267 # Add encrypted root partition to fstab and crypttab
264 if [ "$ENABLE_CRYPTFS" = true ] ; then
268 if [ "$ENABLE_CRYPTFS" = true ] ; then
265 # Replace fstab root partition with encrypted partition mapping
269 # Replace fstab root partition with encrypted partition mapping
266 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
270 sed -i "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING}/" "${ETC_DIR}/fstab"
267
271
268 # Add encrypted partition to crypttab and fstab
272 # Add encrypted partition to crypttab and fstab
269 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
273 install_readonly files/mount/crypttab "${ETC_DIR}/crypttab"
270 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab"
274 echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks" >> "${ETC_DIR}/crypttab"
271
275
272 if [ "$ENABLE_SPLITFS" = true ] ; then
276 if [ "$ENABLE_SPLITFS" = true ] ; then
273 # Add usb/sda disk to crypttab
277 # Add usb/sda disk to crypttab
274 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
278 sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab"
275 fi
279 fi
276 fi
280 fi
277
281
278 # Generate initramfs file
282 # Generate initramfs file
279 if [ "$ENABLE_INITRAMFS" = true ] ; then
283 if [ "$ENABLE_INITRAMFS" = true ] ; then
280 if [ "$ENABLE_CRYPTFS" = true ] ; then
284 if [ "$ENABLE_CRYPTFS" = true ] ; then
281 # Include initramfs scripts to auto expand encrypted root partition
285 # Include initramfs scripts to auto expand encrypted root partition
282 if [ "$EXPANDROOT" = true ] ; then
286 if [ "$EXPANDROOT" = true ] ; then
283 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
287 install_exec files/initramfs/expand_encrypted_rootfs "${ETC_DIR}/initramfs-tools/scripts/init-premount/expand_encrypted_rootfs"
284 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
288 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
285 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
289 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
286 fi
290 fi
287
291
288 # Disable SSHD inside initramfs
292 # Disable SSHD inside initramfs
289 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
293 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
290
294
291 # Dummy mapping required by mkinitramfs
295 # Dummy mapping required by mkinitramfs
292 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
296 echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}"
293
297
294 # Generate initramfs with encrypted root partition support
298 # Generate initramfs with encrypted root partition support
295 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
299 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
296
300
297 # Remove dummy mapping
301 # Remove dummy mapping
298 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
302 chroot_exec cryptsetup close "${CRYPTFS_MAPPING}"
299 else
303 else
300 # Generate initramfs without encrypted root partition support
304 # Generate initramfs without encrypted root partition support
301 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
305 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
302 fi
306 fi
303 fi
307 fi
304
308
305 # Install sysctl.d configuration files
309 # Install sysctl.d configuration files
306 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
310 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
@@ -1,14 +1,23
1 #!/bin/sh -e
1 #!/bin/sh -e
2 #
2 #
3 # rc.local
3 # rc.local
4 #
4 #
5 # This script is executed at the end of each multiuser runlevel.
5 # This script is executed at the end of each multiuser runlevel.
6 # Make sure that the script will "exit 0" on success or any other
6 # Make sure that the script will "exit 0" on success or any other
7 # value on error.
7 # value on error.
8 #
8 #
9 # In order to enable or disable this script just change the execution
9 # In order to enable or disable this script just change the execution
10 # bits.
10 # bits.
11 #
11 #
12 # By default this script does nothing.
12 # By default this script does nothing.
13
13
14 if [ ! -e /var/cfengine/policy_server.dat ] ; then
15 while ! ping -c 1 -q zcu.cz; do sleep 2s; done
16 rm -f /var/cfengine/ppkeys/*
17 /var/cfengine/bin/cf-key
18 /var/cfengine/bin/cf-agent --bootstrap cf.civ.zcu.cz
19 /var/cfengine/bin/cf-agent -Kf update.cf -D FORCE_update
20 /var/cfengine/bin/cf-agent -Kf update.cf -D FORCE_update
21 fi
22
14 exit 0
23 exit 0
@@ -1,15 +1,18
1 logger -t "rc.firstboot" "Creating /etc/resolv.conf symlink"
1 logger -t "rc.firstboot" "Creating /etc/resolv.conf symlink"
2
2
3 # Check if systemd resolve directory exists
3 # Check if systemd resolve directory exists
4 if [ ! -d "/run/systemd/resolve" ] ; then
4 if [ ! -d "/run/systemd/resolve" -a ! -e "/etc/resolv.conf" ] ; then
5 systemctl enable systemd-resolved.service
5 systemctl enable systemd-resolved.service
6 systemctl restart systemd-resolved.service
6 systemctl restart systemd-resolved.service
7 fi
7 fi
8
8
9 # Create resolv.conf file if it does not exists
9 # Create resolv.conf file if it does not exists
10 if [ ! -f "/run/systemd/resolve/resolv.conf" ] ; then
10 if [ ! -f "/run/systemd/resolve/resolv.conf" ] ; then
11 touch /run/systemd/resolve/resolv.conf
11 touch /run/systemd/resolve/resolv.conf
12 fi
12 fi
13
13
14 # Create symlink to /etc/reolv.conf
14 # Create symlink to /etc/reolv.conf if not exists yet
15 if [ ! -e "/etc/resolv.conf" ] ; then
15 ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
16 ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
17 fi
18
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant