##// END OF EJS Templates
Raspi2-3_GenImage
RSS

Cloner depuis https://github.com/drtyhlpr/rpi23-gen-image.git

Merge pull request #166 from burnbabyburn/0...
drtyhlpr -
r465:d3336fac57fa Fusion
parent child
Show More
Show file before | Show file after | Hide comments
@@ -0,0 +1,33
1 SUBSYSTEM=="input", GROUP="input", MODE="0660"
2 SUBSYSTEM=="i2c-dev", GROUP="i2c", MODE="0660"
3 SUBSYSTEM=="spidev", GROUP="spi", MODE="0660"
4 SUBSYSTEM=="bcm2835-gpiomem", GROUP="gpio", MODE="0660"
5
6 SUBSYSTEM=="gpio", GROUP="gpio", MODE="0660"
7 SUBSYSTEM=="gpio*", PROGRAM="/bin/sh -c '\
8 chown -R root:gpio /sys/class/gpio && chmod -R 770 /sys/class/gpio;\
9 chown -R root:gpio /sys/devices/virtual/gpio && chmod -R 770 /sys/devices/virtual/gpio;\
10 chown -R root:gpio /sys$devpath && chmod -R 770 /sys$devpath\
11 '"
12
13 KERNEL=="ttyAMA[01]", PROGRAM="/bin/sh -c '\
14 ALIASES=/proc/device-tree/aliases; \
15 if cmp -s $ALIASES/uart0 $ALIASES/serial0; then \
16 echo 0;\
17 elif cmp -s $ALIASES/uart0 $ALIASES/serial1; then \
18 echo 1; \
19 else \
20 exit 1; \
21 fi\
22 '", SYMLINK+="serial%c"
23
24 KERNEL=="ttyS0", PROGRAM="/bin/sh -c '\
25 ALIASES=/proc/device-tree/aliases; \
26 if cmp -s $ALIASES/uart1 $ALIASES/serial0; then \
27 echo 0; \
28 elif cmp -s $ALIASES/uart1 $ALIASES/serial1; then \
29 echo 1; \
30 else \
31 exit 1; \
32 fi \
33 '", SYMLINK+="serial%c"
Show file before | Show file after | Hide comments
@@ -0,0 +1,1
1 kernel.printk = 3 4 1 3 No newline at end of file
Show file before | Show file after | Hide comments
@@ -1,495 +1,501
1 1 # rpi23-gen-image
2 2 ## Introduction
3 3 `rpi23-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for all Raspberry Pi computers. The script at this time supports the bootstrapping of the Debian (armhf/armel) releases `stretch` and `buster`. Raspberry Pi 0/1/2/3 images are generated for 32-bit mode only. Raspberry Pi 3 supports 64-bit images that can be generated using custom configuration parameters (```templates/rpi3-stretch-arm64-4.14.y```).
4 4
5 5 ## Build dependencies
6 6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7 7
8 8 ```debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo```
9 9
10 10 It is recommended to configure the `rpi23-gen-image.sh` script to build and install the latest Raspberry Pi Linux kernel. For the Raspberry 3 this is mandatory. Kernel compilation and linking will be performed on the build system using an ARM (armhf/armel) cross-compiler toolchain.
11 11
12 12 The script has been tested using the default `crossbuild-essential-armhf` and `crossbuild-essential-armel` toolchain meta packages on Debian Linux `stretch` build systems. Please check the [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains) for further information.
13 13
14 14 ## Command-line parameters
15 15 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi23-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi23-gen-image.sh` script.
16 16
17 17 ##### Command-line examples:
18 18 ```shell
19 19 ENABLE_UBOOT=true ./rpi23-gen-image.sh
20 20 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi23-gen-image.sh
21 21 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi23-gen-image.sh
22 22 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi23-gen-image.sh
23 23 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi23-gen-image.sh
24 24 ENABLE_MINBASE=true ./rpi23-gen-image.sh
25 25 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi23-gen-image.sh
26 26 BUILD_KERNEL=true KERNELSRC_DIR=/tmp/linux ./rpi23-gen-image.sh
27 27 ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
28 28 ENABLE_CRYPTFS=true CRYPTFS_PASSWORD=changeme EXPANDROOT=false ENABLE_MINBASE=true ENABLE_REDUCE=true ENABLE_MINGPU=true BUILD_KERNEL=true ./rpi23-gen-image.sh
29 29 RELEASE=stretch BUILD_KERNEL=true ./rpi23-gen-image.sh
30 30 RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
31 31 RELEASE=stretch RPI_MODEL=3 ENABLE_WIRELESS=true ENABLE_MINBASE=true BUILD_KERNEL=true ./rpi23-gen-image.sh
32 32 ```
33 33
34 34 ## Configuration template files
35 35 To avoid long lists of command-line parameters and to help to store the favourite parameter configurations the `rpi23-gen-image.sh` script supports so called configuration template files (`CONFIG_TEMPLATE`=template). These are simple text files located in the `./templates` directory that contain the list of configuration parameters that will be used. New configuration template files can be added to the `./templates` directory.
36 36
37 37 ##### Command-line examples:
38 38 ```shell
39 39 CONFIG_TEMPLATE=rpi3stretch ./rpi23-gen-image.sh
40 40 CONFIG_TEMPLATE=rpi2stretch ./rpi23-gen-image.sh
41 41 ```
42 42
43 43 ## Supported parameters and settings
44 44 #### APT settings:
45 45 ##### `APT_SERVER`="ftp.debian.org"
46 46 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
47 47
48 48 ##### `APT_PROXY`=""
49 49 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once. If `apt-cacher-ng` is running on default `http://127.0.0.1:3142` it is autodetected and you don't need to set this.
50 50
51 51 ##### `APT_INCLUDES`=""
52 52 A comma separated list of additional packages to be installed by debootstrap during bootstrapping.
53 53
54 54 ##### `APT_INCLUDES_LATE`=""
55 55 A comma separated list of additional packages to be installed by apt after bootstrapping and after APT sources are set up. This is useful for packages with pre-depends, which debootstrap do not handle well.
56 56
57 57 ---
58 58
59 59 #### General system settings:
60 60 ##### `SET_ARCH`=32
61 61 Set Architecture to default 32bit. If you want to to compile 64bit (RPI3 or RPI3+) set it to `64`. This option will set every needed crosscompiler or boeard specific option for a successful build.
62 62
63 63 ##### `RPI_MODEL`=2
64 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models (`BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used) :
65
66 `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
67
68 `1` = Used for Raspberry Pi 1 model A and B
69
70 `1P` = Used for Raspberry Pi 1 model B+ and A+
71
72 `2` = Used for Raspberry Pi 2 model B
73
74 `3` = Used for Raspberry Pi 3 model B
75
76 `3P` = Used for Raspberry Pi 3 model B+
64 Specifiy the target Raspberry Pi hardware model. The script at this time supports the following Raspberry Pi models:
65 - `0` = Used for Raspberry Pi 0 and Raspberry Pi 0 W
66 - `1` = Used for Pi 1 model A and B
67 - `1P` = Used for Pi 1 model B+ and A+
68 - `2` = Used for Pi 2 model B
69 - `3` = Used for Pi 3 model B
70 - `3P` = Used for Pi 3 model B+
71 - `BUILD_KERNEL`=true will automatically be set if the Raspberry Pi model `3` or `3P` is used.
77 72
78 73 ##### `RELEASE`="buster"
79 74 Set the desired Debian release name. The script at this time supports the bootstrapping of the Debian releases `stretch` and `buster`.
80 75
81 76 ##### `RELEASE_ARCH`="armhf"
82 77 Set the desired Debian release architecture.
83 78
84 79 ##### `HOSTNAME`="rpi$RPI_MODEL-$RELEASE"
85 80 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
86 81
87 82 ##### `PASSWORD`="raspberry"
88 83 Set system `root` password. It's **STRONGLY** recommended that you choose a custom password.
89 84
90 85 ##### `USER_PASSWORD`="raspberry"
91 86 Set password for the created non-root user `USER_NAME`=pi. Ignored if `ENABLE_USER`=false. It's **STRONGLY** recommended that you choose a custom password.
92 87
93 88 ##### `DEFLOCAL`="en_US.UTF-8"
94 89 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. Please note that on using this parameter the script will automatically install the required packages `locales`, `keyboard-configuration` and `console-setup`.
95 90
96 91 ##### `TIMEZONE`="Europe/Berlin"
97 92 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
98 93
99 94 ##### `EXPANDROOT`=true
100 95 Expand the root partition and filesystem automatically on first boot.
101 96
102 97 ##### `ENABLE_QEMU`=false
103 98 Generate kernel (`vexpress_defconfig`), file system image (`qcow2`) and DTB files that can be used for QEMU full system emulation (`vexpress-A15`). The output files are stored in the `$(pwd)/images/qemu` directory. You can find more information about running the generated image in the QEMU section of this readme file.
104 99
105 100 ---
106 101
107 102 #### Keyboard settings:
108 103 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
109 104
110 105 ##### `XKB_MODEL`=""
111 106 Set the name of the model of your keyboard type.
112 107
113 108 ##### `XKB_LAYOUT`=""
114 109 Set the supported keyboard layout(s).
115 110
116 111 ##### `XKB_VARIANT`=""
117 112 Set the supported variant(s) of the keyboard layout(s).
118 113
119 114 ##### `XKB_OPTIONS`=""
120 115 Set extra xkb configuration options.
121 116
122 117 ---
123 118
124 119 #### Networking settings (DHCP):
125 120 This parameter is used to set up networking auto configuration in `/etc/systemd/network/eth.network`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.`
126 121
127 122 ##### `ENABLE_DHCP`=true
128 123 Set the system to use DHCP. This requires an DHCP server.
129 124
130 125 ---
131 126
132 127 #### Networking settings (static):
133 128 These parameters are used to set up a static networking configuration in `/etc/systemd/network/eth.network`. The following static networking parameters are only supported if `ENABLE_DHCP` was set to `false`. The default location of network configuration files in the Debian `stretch` release was changed to `/lib/systemd/network`.
134 129
135 130 ##### `NET_ADDRESS`=""
136 131 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
137 132
138 133 ##### `NET_GATEWAY`=""
139 134 Set the IP address for the default gateway.
140 135
141 136 ##### `NET_DNS_1`=""
142 137 Set the IP address for the first DNS server.
143 138
144 139 ##### `NET_DNS_2`=""
145 140 Set the IP address for the second DNS server.
146 141
147 142 ##### `NET_DNS_DOMAINS`=""
148 143 Set the default DNS search domains to use for non fully qualified host names.
149 144
150 145 ##### `NET_NTP_1`=""
151 146 Set the IP address for the first NTP server.
152 147
153 148 ##### `NET_NTP_2`=""
154 149 Set the IP address for the second NTP server.
155 150
156 151 ---
157 152
158 153 #### Basic system features:
159 154 ##### `ENABLE_CONSOLE`=true
160 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi 0/1/2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
155 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2/3. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system. On RPI `0` `3` `3P` the CPU speed is locked at lowest speed.
156
157 ##### `ENABLE_PRINTK`=false
158 Enables printing kernel messages to konsole. printk is `3 4 1 3` as in raspbian.
159
160 ##### `ENABLE_BLUETOOTH`=false
161 Enable onboard Bluetooth interface on the RPi0/3/3P. See: https://spellfoundry.com/2016/05/29/configuring-gpio-serial-port-raspbian-jessie-including-pi-3/
162
163 ##### `ENABLE_MINIUART_OVERLAY`=false
164 Enable Bluetooth to use this. Adds overlay to swap UART0 with UART1. Enabling (slower) Bluetooth and full speed serial console. - RPI `0` `3` `3P` have a fast `hardware UART0` (ttyAMA0) and a `mini UART1` (ttyS0)! RPI `1` `1P` `2` only have a `hardware UART0`. `UART0` is considered better, because is faster and more stable than `mini UART1`. By default the Bluetooth modem is mapped to the `hardware UART0` and `mini UART` is used for console. The `mini UART` is a problem for the serial console, because its baudrate depends on the cpu frequency, which is changing on runtime. Resulting in a volatile baudrate and thus in an unusable serial console.
165
166 ##### `ENABLE_TURBO`=false
167 Enable Turbo mode. This setting locks cpu at highest frequency. As setting ENABLE_CONSOLE=true locks RPI to lowest CPU speed, this is can be used additionally to lock cpu hat max speed. Need a good power supply and probably cooling for the Raspberry PI.
161 168
162 169 ##### `ENABLE_I2C`=false
163 170 Enable I2C interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
164 171
165 172 ##### `ENABLE_SPI`=false
166 173 Enable SPI interface on the RPi 0/1/2/3. Please check the [RPi 0/1/2/3 pinout diagrams](https://elinux.org/RPi_Low-level_peripherals) to connect the right GPIO pins.
167 174
168 175 ##### `ENABLE_IPV6`=true
169 176 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
170 177
171 178 ##### `ENABLE_SSHD`=true
172 179 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
173 180
174 181 ##### `ENABLE_NONFREE`=false
175 182 Allow the installation of non-free Debian packages that do not comply with the DFSG. This is required to install closed-source firmware binary blobs.
176 183
177 184 ##### `ENABLE_WIRELESS`=false
178 185 Download and install the [closed-source firmware binary blob](https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm) that is required to run the internal wireless interface of the Raspberry Pi model `3`. This parameter is ignored if the specified `RPI_MODEL` is not `3`.
179 186
180 187 ##### `ENABLE_RSYSLOG`=true
181 If set to false, disable and uninstall rsyslog (so logs will be available only
182 in journal files)
188 If set to false, disable and uninstall rsyslog (so logs will be available only in journal files)
183 189
184 190 ##### `ENABLE_SOUND`=true
185 191 Enable sound hardware and install Advanced Linux Sound Architecture.
186 192
187 193 ##### `ENABLE_HWRANDOM`=true
188 194 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
189 195
190 196 ##### `ENABLE_MINGPU`=false
191 197 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
192 198
193 199 ##### `ENABLE_DBUS`=true
194 200 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
195 201
196 202 ##### `ENABLE_XORG`=false
197 203 Install Xorg open-source X Window System.
198 204
199 205 ##### `ENABLE_WM`=""
200 206 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi23-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
201 207
202 208 ##### `ENABLE_SYSVINIT`=false
203 209 Support for halt,init,poweroff,reboot,runlevel,shutdown,telinit commands
204 210
205 211 ---
206 212
207 213 #### Advanced system features:
208 214 ##### `ENABLE_MINBASE`=false
209 215 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
210 216
211 217 ##### `ENABLE_REDUCE`=false
212 218 Reduce the disk space usage by deleting packages and files. See `REDUCE_*` parameters for detailed information.
213 219
214 220 ##### `ENABLE_UBOOT`=false
215 221 Replace the default RPi 0/1/2/3 second stage bootloader (bootcode.bin) with [U-Boot bootloader](https://git.denx.de/?p=u-boot.git;a=summary). U-Boot can boot images via the network using the BOOTP/TFTP protocol.
216 222
217 223 ##### `UBOOTSRC_DIR`=""
218 224 Path to a directory (`u-boot`) of [U-Boot bootloader sources](https://git.denx.de/?p=u-boot.git;a=summary) that will be copied, configured, build and installed inside the chroot.
219 225
220 226 ##### `ENABLE_FBTURBO`=false
221 227 Install and enable the [hardware accelerated Xorg video driver](https://github.com/ssvb/xf86-video-fbturbo) `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
222 228
223 229 ##### `FBTURBOSRC_DIR`=""
224 230 Path to a directory (`xf86-video-fbturbo`) of [hardware accelerated Xorg video driver sources](https://github.com/ssvb/xf86-video-fbturbo) that will be copied, configured, build and installed inside the chroot.
225 231
226 232 ##### `ENABLE_VIDEOCORE`=false
227 233 Install and enable the [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) `vcgencmd`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
228 234
229 235 ##### `VIDEOCORESRC_DIR`=""
230 236 Path to a directory (`userland`) of [Source code for ARM side libraries for interfacing to Raspberry Pi GPU](https://github.com/raspberrypi/userland) that will be copied, configured, build and installed inside the chroot.
231 237
232 238 ##### `ENABLE_IPTABLES`=false
233 239 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
234 240
235 241 ##### `ENABLE_USER`=true
236 242 Create non-root user with password `USER_PASSWORD`=raspberry. Unless overridden with `USER_NAME`=user, username will be `pi`.
237 243
238 244 ##### `USER_NAME`=pi
239 245 Non-root user to create. Ignored if `ENABLE_USER`=false
240 246
241 247 ##### `ENABLE_ROOT`=false
242 248 Set root user password so root login will be enabled
243 249
244 250 ##### `ENABLE_HARDNET`=false
245 251 Enable IPv4/IPv6 network stack hardening settings.
246 252
247 253 ##### `ENABLE_SPLITFS`=false
248 254 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
249 255
250 256 ##### `CHROOT_SCRIPTS`=""
251 257 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this directory is run in lexicographical order.
252 258
253 259 ##### `ENABLE_INITRAMFS`=false
254 260 Create an initramfs that that will be loaded during the Linux startup process. `ENABLE_INITRAMFS` will automatically get enabled if `ENABLE_CRYPTFS`=true. This parameter will be ignored if `BUILD_KERNEL`=false.
255 261
256 262 ##### `ENABLE_IFNAMES`=true
257 263 Enable automatic assignment of predictable, stable network interface names for all local Ethernet, WLAN interfaces. This might create complex and long interface names.
258 264
259 265 ##### `DISABLE_UNDERVOLT_WARNINGS`=
260 266 Disable RPi2/3 under-voltage warnings and overlays. Setting the parameter to `1` will disable the warning overlay. Setting it to `2` will additionally allow RPi2/3 turbo mode when low-voltage is present.
261 267
262 268 ---
263 269
264 270 #### SSH settings:
265 271 ##### `SSH_ENABLE_ROOT`=false
266 272 Enable password root login via SSH. This may be a security risk with default password, use only in trusted environments. `ENABLE_ROOT` must be set to `true`.
267 273
268 274 ##### `SSH_DISABLE_PASSWORD_AUTH`=false
269 275 Disable password based SSH authentication. Only public key based SSH (v2) authentication will be supported.
270 276
271 277 ##### `SSH_LIMIT_USERS`=false
272 278 Limit the users that are allowed to login via SSH. Only allow user `USER_NAME`=pi and root if `SSH_ENABLE_ROOT`=true to login. This parameter will be ignored if `dropbear` SSH is used (`REDUCE_SSHD`=true).
273 279
274 280 ##### `SSH_ROOT_PUB_KEY`=""
275 281 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `root`. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported. `ENABLE_ROOT` **and** `SSH_ENABLE_ROOT` must be set to `true`.
276 282
277 283 ##### `SSH_USER_PUB_KEY`=""
278 284 Add SSH (v2) public key(s) from specified file to `authorized_keys` file to enable public key based SSH (v2) authentication of user `USER_NAME`=pi. The specified file can also contain multiple SSH (v2) public keys. SSH protocol version 1 is not supported.
279 285
280 286 ---
281 287
282 288 #### Kernel compilation:
283 289 ##### `BUILD_KERNEL`=true
284 290 Build and install the latest RPi 0/1/2/3 Linux kernel. Currently only the default RPi 0/1/2/3 kernel configuration is used.
285 291
286 292 ##### `CROSS_COMPILE`="arm-linux-gnueabihf-"
287 293 This sets the cross compile enviornment for the compiler.
288 294
289 295 ##### `KERNEL_ARCH`="arm"
290 296 This sets the kernel architecture for the compiler.
291 297
292 298 ##### `KERNEL_IMAGE`="kernel7.img"
293 299 Name of the image file in the boot partition. If not set, `KERNEL_IMAGE` will be set to "kernel8.img" automatically if building for arm64.
294 300
295 301 ##### `KERNEL_BRANCH`=""
296 302 Name of the requested branch from the GIT location for the RPi Kernel. Default is using the current default branch from the GIT site.
297 303
298 304 ##### `QEMU_BINARY`="/usr/bin/qemu-arm-static"
299 305 Sets the QEMU enviornment for the Debian archive. If not set, `QEMU_BINARY` will be set to "/usr/bin/qemu-aarch64-static" automatically if building for arm64.
300 306
301 307 ##### `KERNEL_DEFCONFIG`="bcm2709_defconfig"
302 308 Sets the default config for kernel compiling. If not set, `KERNEL_DEFCONFIG` will be set to "bcmrpi3\_defconfig" automatically if building for arm64.
303 309
304 310 ##### `KERNEL_REDUCE`=false
305 311 Reduce the size of the generated kernel by removing unwanted device, network and filesystem drivers (experimental).
306 312
307 313 ##### `KERNEL_THREADS`=1
308 314 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
309 315
310 316 ##### `KERNEL_HEADERS`=true
311 317 Install kernel headers with built kernel.
312 318
313 319 ##### `KERNEL_MENUCONFIG`=false
314 320 Start `make menuconfig` interactive menu-driven kernel configuration. The script will continue after `make menuconfig` was terminated.
315 321
316 322 ##### `KERNEL_OLDDEFCONFIG`=false
317 323 Run `make olddefconfig` to automatically set all new kernel configuration options to their recommended default values.
318 324
319 325 ##### `KERNEL_CCACHE`=false
320 326 Compile the kernel using ccache. This speeds up kernel recompilation by caching previous compilations and detecting when the same compilation is being done again.
321 327
322 328 ##### `KERNEL_REMOVESRC`=true
323 329 Remove all kernel sources from the generated OS image after it was built and installed.
324 330
325 331 ##### `KERNELSRC_DIR`=""
326 332 Path to a directory (`linux`) of [RaspberryPi Linux kernel sources](https://github.com/raspberrypi/linux) that will be copied, configured, build and installed inside the chroot.
327 333
328 334 ##### `KERNELSRC_CLEAN`=false
329 335 Clean the existing kernel sources directory `KERNELSRC_DIR` (using `make mrproper`) after it was copied to the chroot and before the compilation of the kernel has started. This parameter will be ignored if no `KERNELSRC_DIR` was specified or if `KERNELSRC_PREBUILT`=true.
330 336
331 337 ##### `KERNELSRC_CONFIG`=true
332 338 Run `make bcm2709_defconfig` (and optional `make menuconfig`) to configure the kernel sources before building. This parameter is automatically set to `true` if no existing kernel sources directory was specified using `KERNELSRC_DIR`. This parameter is ignored if `KERNELSRC_PREBUILT`=true.
333 339
334 340 ##### `KERNELSRC_USRCONFIG`=""
335 341 Copy own config file to kernel `.config`. If `KERNEL_MENUCONFIG`=true then running after copy.
336 342
337 343 ##### `KERNELSRC_PREBUILT`=false
338 344 With this parameter set to true the script expects the existing kernel sources directory to be already successfully cross-compiled. The parameters `KERNELSRC_CLEAN`, `KERNELSRC_CONFIG`, `KERNELSRC_USRCONFIG` and `KERNEL_MENUCONFIG` are ignored and no kernel compilation tasks are performed.
339 345
340 346 ##### `RPI_FIRMWARE_DIR`=""
341 347 The directory (`firmware`) containing a local copy of the firmware from the [RaspberryPi firmware project](https://github.com/raspberrypi/firmware). Default is to download the latest firmware directly from the project.
342 348
343 349 ---
344 350
345 351 #### Reduce disk usage:
346 352 The following list of parameters is ignored if `ENABLE_REDUCE`=false.
347 353
348 354 ##### `REDUCE_APT`=true
349 355 Configure APT to use compressed package repository lists and no package caching files.
350 356
351 357 ##### `REDUCE_DOC`=true
352 358 Remove all doc files (harsh). Configure APT to not include doc files on future `apt-get` package installations.
353 359
354 360 ##### `REDUCE_MAN`=true
355 361 Remove all man pages and info files (harsh). Configure APT to not include man pages on future `apt-get` package installations.
356 362
357 363 ##### `REDUCE_VIM`=false
358 364 Replace `vim-tiny` package by `levee` a tiny vim clone.
359 365
360 366 ##### `REDUCE_BASH`=false
361 367 Remove `bash` package and switch to `dash` shell (experimental).
362 368
363 369 ##### `REDUCE_HWDB`=true
364 370 Remove PCI related hwdb files (experimental).
365 371
366 372 ##### `REDUCE_SSHD`=true
367 373 Replace `openssh-server` with `dropbear`.
368 374
369 375 ##### `REDUCE_LOCALE`=true
370 376 Remove all `locale` translation files.
371 377
372 378 ---
373 379
374 380 #### Encrypted root partition:
375 381 ##### `ENABLE_CRYPTFS`=false
376 382 Enable full system encryption with dm-crypt. Setup a fully LUKS encrypted root partition (aes-xts-plain64:sha512) and generate required initramfs. The /boot directory will not be encrypted. This parameter will be ignored if `BUILD_KERNEL`=false. `ENABLE_CRYPTFS` is experimental. SSH-to-initramfs is currently not supported but will be soon - feel free to help.
377 383
378 384 ##### `CRYPTFS_PASSWORD`=""
379 385 Set password of the encrypted root partition. This parameter is mandatory if `ENABLE_CRYPTFS`=true.
380 386
381 387 ##### `CRYPTFS_MAPPING`="secure"
382 388 Set name of dm-crypt managed device-mapper mapping.
383 389
384 390 ##### `CRYPTFS_CIPHER`="aes-xts-plain64:sha512"
385 391 Set cipher specification string. `aes-xts*` ciphers are strongly recommended.
386 392
387 393 ##### `CRYPTFS_XTSKEYSIZE`=512
388 394 Sets key size in bits. The argument has to be a multiple of 8.
389 395
390 396 ---
391 397
392 398 #### Build settings:
393 399 ##### `BASEDIR`=$(pwd)/images/${RELEASE}
394 400 Set a path to a working directory used by the script to generate an image.
395 401
396 402 ##### `IMAGE_NAME`=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}
397 403 Set a filename for the output file(s). Note: the script will create $IMAGE_NAME.img if `ENABLE_SPLITFS`=false or $IMAGE_NAME-frmw.img and $IMAGE_NAME-root.img if `ENABLE_SPLITFS`=true. Note 2: If the KERNEL_BRANCH is not set, the word "CURRENT" is used.
398 404
399 405 ## Understanding the script
400 406 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
401 407
402 408 | Script | Description |
403 409 | --- | --- |
404 410 | `10-bootstrap.sh` | Debootstrap basic system |
405 411 | `11-apt.sh` | Setup APT repositories |
406 412 | `12-locale.sh` | Setup Locales and keyboard settings |
407 413 | `13-kernel.sh` | Build and install RPi 0/1/2/3 Kernel |
408 414 | `14-fstab.sh` | Setup fstab and initramfs |
409 415 | `15-rpi-config.sh` | Setup RPi 0/1/2/3 config and cmdline |
410 416 | `20-networking.sh` | Setup Networking |
411 417 | `21-firewall.sh` | Setup Firewall |
412 418 | `30-security.sh` | Setup Users and Security settings |
413 419 | `31-logging.sh` | Setup Logging |
414 420 | `32-sshd.sh` | Setup SSH and public keys |
415 421 | `41-uboot.sh` | Build and Setup U-Boot |
416 422 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
417 423 | `43-videocore.sh` | Build and Setup videocore libraries |
418 424 | `50-firstboot.sh` | First boot actions |
419 425 | `99-reduce.sh` | Reduce the disk space usage |
420 426
421 427 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
422 428
423 429 | Directory | Description |
424 430 | --- | --- |
425 431 | `apt` | APT management configuration files |
426 432 | `boot` | Boot and RPi 0/1/2/3 configuration files |
427 433 | `dpkg` | Package Manager configuration |
428 434 | `etc` | Configuration files and rc scripts |
429 435 | `firstboot` | Scripts that get executed on first boot |
430 436 | `initramfs` | Initramfs scripts |
431 437 | `iptables` | Firewall configuration files |
432 438 | `locales` | Locales configuration |
433 439 | `modules` | Kernel Modules configuration |
434 440 | `mount` | Fstab configuration |
435 441 | `network` | Networking configuration files |
436 442 | `sysctl.d` | Swapping and Network Hardening configuration |
437 443 | `xorg` | fbturbo Xorg driver configuration |
438 444
439 445 ## Custom packages and scripts
440 446 Debian custom packages, i.e. those not in the debian repositories, can be installed by placing them in the `packages` directory. They are installed immediately after packages from the repositories are installed. Any dependencies listed in the custom packages will be downloaded automatically from the repositories. Do not list these custom packages in `APT_INCLUDES`.
441 447
442 448 Scripts in the custom.d directory will be executed after all other installation is complete but before the image is created.
443 449
444 450 ## Logging of the bootstrapping process
445 451 All information related to the bootstrapping process and the commands executed by the `rpi23-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
446 452
447 453 ```shell
448 454 script -c 'APT_SERVER=ftp.de.debian.org ./rpi23-gen-image.sh' ./build.log
449 455 ```
450 456
451 457 ## Flashing the image file
452 458 After the image file was successfully created by the `rpi23-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi 0/1/2/3 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
453 459
454 460 ##### Flashing examples:
455 461 ```shell
456 462 bmaptool copy ./images/buster/2017-01-23-rpi3-buster.img /dev/mmcblk0
457 463 dd bs=4M if=./images/buster/2017-01-23-rpi3-buster.img of=/dev/mmcblk0
458 464 ```
459 465 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
460 466 ```shell
461 467 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-frmw.img /dev/mmcblk0
462 468 bmaptool copy ./images/buster/2017-01-23-rpi3-buster-root.img /dev/sdc
463 469 ```
464 470
465 471 ## QEMU emulation
466 472 Start QEMU full system emulation:
467 473 ```shell
468 474 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=tty1"
469 475 ```
470 476
471 477 Start QEMU full system emulation and output to console:
472 478 ```shell
473 479 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
474 480 ```
475 481
476 482 Start QEMU full system emulation with SMP and output to console:
477 483 ```shell
478 484 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -smp cpus=2,maxcpus=2 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
479 485 ```
480 486
481 487 Start QEMU full system emulation with cryptfs, initramfs and output to console:
482 488 ```shell
483 489 qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio
484 490 ```
485 491
486 492 ## External links and references
487 493 * [Debian worldwide mirror sites](https://www.debian.org/mirror/list)
488 494 * [Debian Raspberry Pi 2 Wiki](https://wiki.debian.org/RaspberryPi2)
489 495 * [Debian CrossToolchains Wiki](https://wiki.debian.org/CrossToolchains)
490 496 * [Official Raspberry Pi Firmware on github](https://github.com/raspberrypi/firmware)
491 497 * [Official Raspberry Pi Kernel on github](https://github.com/raspberrypi/linux)
492 498 * [U-BOOT git repository](https://git.denx.de/?p=u-boot.git;a=summary)
493 499 * [Xorg DDX driver fbturbo](https://github.com/ssvb/xf86-video-fbturbo)
494 500 * [RPi3 Wireless interface firmware](https://github.com/RPi-Distro/firmware-nonfree/tree/master/brcm80211/brcm)
495 501 * [Collabora RPi2 Kernel precompiled](https://repositories.collabora.co.uk/debian/)
Show file before | Show file after | Hide comments
@@ -1,58 +1,58
1 1 #
2 2 # Setup Locales and keyboard settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup timezone
9 9 echo "${TIMEZONE}" > "${ETC_DIR}/timezone"
10 10 chroot_exec dpkg-reconfigure -f noninteractive tzdata
11 11
12 12 # Install and setup default locale and keyboard configuration
13 13 if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then
14 14 # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug
15 15 # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957
16 16 # ... so we have to set locales manually
17 17 if [ "$DEFLOCAL" = "en_US.UTF-8" ] ; then
18 18 chroot_exec echo "locales locales/locales_to_be_generated multiselect ${DEFLOCAL} UTF-8" | debconf-set-selections
19 19 else
20 20 # en_US.UTF-8 should be available anyway : https://www.debian.org/doc/manuals/debian-reference/ch08.en.html#_the_reconfiguration_of_the_locale
21 21 chroot_exec echo "locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8, ${DEFLOCAL} UTF-8" | debconf-set-selections
22 22 sed -i "/en_US.UTF-8/s/^#//" "${ETC_DIR}/locale.gen"
23 23 fi
24 24
25 25 sed -i "/${DEFLOCAL}/s/^#//" "${ETC_DIR}/locale.gen"
26 26 chroot_exec echo "locales locales/default_environment_locale select ${DEFLOCAL}" | debconf-set-selections
27 27 chroot_exec locale-gen
28 28 chroot_exec update-locale LANG="${DEFLOCAL}"
29 29
30 30 # Install and setup default keyboard configuration
31 if [ "$XKB_MODEL" != "pc105" ] ; then
31 if [ "$XKB_MODEL" != "" ] ; then
32 32 sed -i "s/^XKBMODEL.*/XKBMODEL=\"${XKB_MODEL}\"/" "${ETC_DIR}/default/keyboard"
33 33 fi
34 if [ "$XKB_LAYOUT" != "us" ] ; then
34 if [ "$XKB_LAYOUT" != "" ] ; then
35 35 sed -i "s/^XKBLAYOUT.*/XKBLAYOUT=\"${XKB_LAYOUT}\"/" "${ETC_DIR}/default/keyboard"
36 36 fi
37 37 if [ "$XKB_VARIANT" != "" ] ; then
38 38 sed -i "s/^XKBVARIANT.*/XKBVARIANT=\"${XKB_VARIANT}\"/" "${ETC_DIR}/default/keyboard"
39 39 fi
40 40 if [ "$XKB_OPTIONS" != "" ] ; then
41 41 sed -i "s/^XKBOPTIONS.*/XKBOPTIONS=\"${XKB_OPTIONS}\"/" "${ETC_DIR}/default/keyboard"
42 42 fi
43 43 chroot_exec dpkg-reconfigure -f noninteractive keyboard-configuration
44 44
45 45 # Install and setup font console
46 46 case "${DEFLOCAL}" in
47 47 *UTF-8)
48 48 sed -i 's/^CHARMAP.*/CHARMAP="UTF-8"/' "${ETC_DIR}/default/console-setup"
49 49 ;;
50 50 *)
51 51 sed -i 's/^CHARMAP.*/CHARMAP="guess"/' "${ETC_DIR}/default/console-setup"
52 52 ;;
53 53 esac
54 54 chroot_exec dpkg-reconfigure -f noninteractive console-setup
55 55 else # (no locales were installed)
56 56 # Install POSIX default locale
57 57 install_readonly files/locales/locale "${ETC_DIR}/default/locale"
58 58 fi
Show file before | Show file after | Hide comments
@@ -1,255 +1,255
1 1 #
2 2 # Build and Setup RPi2/3 Kernel
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build latest raspberry kernel
9 9 if [ "$BUILD_KERNEL" = true ] ; then
10 10 # Setup source directory
11 11 mkdir -p "${KERNEL_DIR}"
12 12
13 13 # Copy existing kernel sources into chroot directory
14 14 if [ -n "$KERNELSRC_DIR" ] && [ -d "$KERNELSRC_DIR" ] ; then
15 15 # Copy kernel sources and include hidden files
16 16 cp -r "${KERNELSRC_DIR}/". "${KERNEL_DIR}"
17 17
18 18 # Clean the kernel sources
19 19 if [ "$KERNELSRC_CLEAN" = true ] && [ "$KERNELSRC_PREBUILT" = false ] ; then
20 20 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" mrproper
21 21 fi
22 22 else # KERNELSRC_DIR=""
23 23 # Create temporary directory for kernel sources
24 24 temp_dir=$(as_nobody mktemp -d)
25 25
26 26 # Fetch current RPi2/3 kernel sources
27 27 if [ -z "${KERNEL_BRANCH}" ] ; then
28 28 as_nobody -H git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}" linux
29 29 else
30 30 as_nobody -H git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}" linux
31 31 fi
32 32
33 33 # Copy downloaded kernel sources
34 34 cp -r "${temp_dir}/linux/"* "${KERNEL_DIR}"
35 35
36 36 # Remove temporary directory for kernel sources
37 37 rm -fr "${temp_dir}"
38 38
39 39 # Set permissions of the kernel sources
40 40 chown -R root:root "${R}/usr/src"
41 41 fi
42 42
43 43 # Calculate optimal number of kernel building threads
44 44 if [ "$KERNEL_THREADS" = "1" ] && [ -r /proc/cpuinfo ] ; then
45 45 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
46 46 fi
47 47
48 48 # Configure and build kernel
49 49 if [ "$KERNELSRC_PREBUILT" = false ] ; then
50 50 # Remove device, network and filesystem drivers from kernel configuration
51 51 if [ "$KERNEL_REDUCE" = true ] ; then
52 52 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
53 53 sed -i\
54 54 -e "s/\(^CONFIG_SND.*\=\).*/\1n/"\
55 55 -e "s/\(^CONFIG_SOUND.*\=\).*/\1n/"\
56 56 -e "s/\(^CONFIG_AC97.*\=\).*/\1n/"\
57 57 -e "s/\(^CONFIG_VIDEO_.*\=\).*/\1n/"\
58 58 -e "s/\(^CONFIG_MEDIA_TUNER.*\=\).*/\1n/"\
59 59 -e "s/\(^CONFIG_DVB.*\=\)[ym]/\1n/"\
60 60 -e "s/\(^CONFIG_REISERFS.*\=\).*/\1n/"\
61 61 -e "s/\(^CONFIG_JFS.*\=\).*/\1n/"\
62 62 -e "s/\(^CONFIG_XFS.*\=\).*/\1n/"\
63 63 -e "s/\(^CONFIG_GFS2.*\=\).*/\1n/"\
64 64 -e "s/\(^CONFIG_OCFS2.*\=\).*/\1n/"\
65 65 -e "s/\(^CONFIG_BTRFS.*\=\).*/\1n/"\
66 66 -e "s/\(^CONFIG_HFS.*\=\).*/\1n/"\
67 67 -e "s/\(^CONFIG_JFFS2.*\=\)[ym]/\1n/"\
68 68 -e "s/\(^CONFIG_UBIFS.*\=\).*/\1n/"\
69 69 -e "s/\(^CONFIG_SQUASHFS.*\=\)[ym]/\1n/"\
70 70 -e "s/\(^CONFIG_W1.*\=\)[ym]/\1n/"\
71 71 -e "s/\(^CONFIG_HAMRADIO.*\=\).*/\1n/"\
72 72 -e "s/\(^CONFIG_CAN.*\=\).*/\1n/"\
73 73 -e "s/\(^CONFIG_IRDA.*\=\).*/\1n/"\
74 74 -e "s/\(^CONFIG_BT_.*\=\).*/\1n/"\
75 75 -e "s/\(^CONFIG_WIMAX.*\=\)[ym]/\1n/"\
76 76 -e "s/\(^CONFIG_6LOWPAN.*\=\).*/\1n/"\
77 77 -e "s/\(^CONFIG_IEEE802154.*\=\).*/\1n/"\
78 78 -e "s/\(^CONFIG_NFC.*\=\).*/\1n/"\
79 79 -e "s/\(^CONFIG_FB_TFT=.*\=\).*/\1n/"\
80 80 -e "s/\(^CONFIG_TOUCHSCREEN.*\=\).*/\1n/"\
81 81 -e "s/\(^CONFIG_USB_GSPCA_.*\=\).*/\1n/"\
82 82 -e "s/\(^CONFIG_DRM.*\=\).*/\1n/"\
83 83 "${KERNEL_DIR}/.config"
84 84 fi
85 85
86 86 if [ "$KERNELSRC_CONFIG" = true ] ; then
87 87 # Load default raspberry kernel configuration
88 88 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" "${KERNEL_DEFCONFIG}"
89 89
90 90 # Set kernel configuration parameters to enable qemu emulation
91 91 if [ "$ENABLE_QEMU" = true ] ; then
92 92 echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config
93 93 echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config
94 94
95 95 if [ "$ENABLE_CRYPTFS" = true ] ; then
96 96 {
97 97 echo "CONFIG_EMBEDDED=y"
98 98 echo "CONFIG_EXPERT=y"
99 99 echo "CONFIG_DAX=y"
100 100 echo "CONFIG_MD=y"
101 101 echo "CONFIG_BLK_DEV_MD=y"
102 102 echo "CONFIG_MD_AUTODETECT=y"
103 103 echo "CONFIG_BLK_DEV_DM=y"
104 104 echo "CONFIG_BLK_DEV_DM_BUILTIN=y"
105 105 echo "CONFIG_DM_CRYPT=y"
106 106 echo "CONFIG_CRYPTO_BLKCIPHER=y"
107 107 echo "CONFIG_CRYPTO_CBC=y"
108 108 echo "CONFIG_CRYPTO_XTS=y"
109 109 echo "CONFIG_CRYPTO_SHA512=y"
110 110 echo "CONFIG_CRYPTO_MANAGER=y"
111 } >> ${KERNEL_DIR}/.config
111 } >> "${KERNEL_DIR}"/.config
112 112 fi
113 113 fi
114 114
115 115 # Copy custom kernel configuration file
116 116 if [ -n "$KERNELSRC_USRCONFIG" ] ; then
117 117 cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config
118 118 fi
119 119
120 120 # Set kernel configuration parameters to their default values
121 121 if [ "$KERNEL_OLDDEFCONFIG" = true ] ; then
122 122 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" olddefconfig
123 123 fi
124 124
125 125 # Start menu-driven kernel configuration (interactive)
126 126 if [ "$KERNEL_MENUCONFIG" = true ] ; then
127 127 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" menuconfig
128 128 fi
129 129 fi
130 130
131 131 # Use ccache to cross compile the kernel
132 132 if [ "$KERNEL_CCACHE" = true ] ; then
133 133 cc="ccache ${CROSS_COMPILE}gcc"
134 134 else
135 135 cc="${CROSS_COMPILE}gcc"
136 136 fi
137 137
138 138 # Cross compile kernel and dtbs
139 139 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs
140 140
141 141 # Cross compile kernel modules
142 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
142 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
143 143 make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules
144 144 fi
145 145 fi
146 146
147 147 # Check if kernel compilation was successful
148 148 if [ ! -r "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" ] ; then
149 149 echo "error: kernel compilation failed! (kernel image not found)"
150 150 cleanup
151 151 exit 1
152 152 fi
153 153
154 154 # Install kernel modules
155 155 if [ "$ENABLE_REDUCE" = true ] ; then
156 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
156 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
157 157 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install
158 158 fi
159 159 else
160 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
160 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
161 161 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install
162 162 fi
163 163
164 164 # Install kernel firmware
165 if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then
165 if grep -q "^firmware_install:" "${KERNEL_DIR}/Makefile" ; then
166 166 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install
167 167 fi
168 168 fi
169 169
170 170 # Install kernel headers
171 171 if [ "$KERNEL_HEADERS" = true ] && [ "$KERNEL_REDUCE" = false ] ; then
172 172 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_HDR_PATH=../.. headers_install
173 173 fi
174 174
175 175 # Prepare boot (firmware) directory
176 176 mkdir "${BOOT_DIR}"
177 177
178 178 # Get kernel release version
179 179 KERNEL_VERSION=$(cat "${KERNEL_DIR}/include/config/kernel.release")
180 180
181 181 # Copy kernel configuration file to the boot directory
182 182 install_readonly "${KERNEL_DIR}/.config" "${R}/boot/config-${KERNEL_VERSION}"
183 183
184 184 # Prepare device tree directory
185 185 mkdir "${BOOT_DIR}/overlays"
186 186
187 187 # Ensure the proper .dtb is located
188 188 if [ "$KERNEL_ARCH" = "arm" ] ; then
189 189 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/"*.dtb ; do
190 190 if [ -f "${dtb}" ] ; then
191 191 install_readonly "${dtb}" "${BOOT_DIR}/"
192 192 fi
193 193 done
194 194 else
195 195 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/broadcom/"*.dtb ; do
196 196 if [ -f "${dtb}" ] ; then
197 197 install_readonly "${dtb}" "${BOOT_DIR}/"
198 198 fi
199 199 done
200 200 fi
201 201
202 202 # Copy compiled dtb device tree files
203 203 if [ -d "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays" ] ; then
204 204 for dtb in "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/"*.dtb ; do
205 205 if [ -f "${dtb}" ] ; then
206 206 install_readonly "${dtb}" "${BOOT_DIR}/overlays/"
207 207 fi
208 208 done
209 209
210 210 if [ -f "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" ] ; then
211 211 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/dts/overlays/README" "${BOOT_DIR}/overlays/README"
212 212 fi
213 213 fi
214 214
215 215 if [ "$ENABLE_UBOOT" = false ] ; then
216 216 # Convert and copy kernel image to the boot directory
217 217 "${KERNEL_DIR}/scripts/mkknlimg" "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
218 218 else
219 219 # Copy kernel image to the boot directory
220 220 install_readonly "${KERNEL_DIR}/arch/${KERNEL_ARCH}/boot/${KERNEL_BIN_IMAGE}" "${BOOT_DIR}/${KERNEL_IMAGE}"
221 221 fi
222 222
223 223 # Remove kernel sources
224 224 if [ "$KERNEL_REMOVESRC" = true ] ; then
225 225 rm -fr "${KERNEL_DIR}"
226 226 else
227 227 # Prepare compiled kernel modules
228 if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then
229 if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then
228 if grep -q "CONFIG_MODULES=y" "${KERNEL_DIR}/.config" ; then
229 if grep -q "^modules_prepare:" "${KERNEL_DIR}/Makefile" ; then
230 230 make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare
231 231 fi
232 232
233 233 # Create symlinks for kernel modules
234 234 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/build"
235 235 chroot_exec ln -sf /usr/src/linux "/lib/modules/${KERNEL_VERSION}/source"
236 236 fi
237 237 fi
238 238
239 239 else # BUILD_KERNEL=false
240 240 # Kernel installation
241 241 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-"${COLLABORA_KERNEL}" raspberrypi-bootloader-nokernel
242 242
243 243 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
244 244 chroot_exec apt-get -qq -y install flash-kernel
245 245
246 246 # Check if kernel installation was successful
247 247 VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)"
248 248 if [ -z "$VMLINUZ" ] ; then
249 249 echo "error: kernel installation failed! (/boot/vmlinuz-* not found)"
250 250 cleanup
251 251 exit 1
252 252 fi
253 253 # Copy vmlinuz kernel to the boot directory
254 254 install_readonly "${VMLINUZ}" "${BOOT_DIR}/${KERNEL_IMAGE}"
255 255 fi
Show file before | Show file after | Hide comments
@@ -1,174 +1,229
1 1 #
2 2 # Setup RPi2/3 config and cmdline
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$BUILD_KERNEL" = true ] ; then
9 9 if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then
10 10 # Install boot binaries from local directory
11 11 cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin
12 12 cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat
13 13 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat
14 14 cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat
15 15 cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf
16 16 cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf
17 17 cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf
18 18 else
19 19 # Create temporary directory for boot binaries
20 20 temp_dir=$(as_nobody mktemp -d)
21 21
22 22 # Install latest boot binaries from raspberry/firmware github
23 23 as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
24 24 as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
25 25 as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
26 26 as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
27 27 as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
28 28 as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
29 29 as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
30 30
31 31 # Move downloaded boot binaries
32 32 mv "${temp_dir}/"* "${BOOT_DIR}/"
33 33
34 34 # Remove temporary directory for boot binaries
35 35 rm -fr "${temp_dir}"
36 36
37 37 # Set permissions of the boot binaries
38 38 chown -R root:root "${BOOT_DIR}"
39 39 chmod -R 600 "${BOOT_DIR}"
40 40 fi
41 41 fi
42 42
43 43 # Setup firmware boot cmdline
44 44 if [ "$ENABLE_SPLITFS" = true ] ; then
45 45 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
46 46 else
47 47 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait console=tty1 init=/bin/systemd"
48 48 fi
49 49
50 50 # Add encrypted root partition to cmdline.txt
51 51 if [ "$ENABLE_CRYPTFS" = true ] ; then
52 52 if [ "$ENABLE_SPLITFS" = true ] ; then
53 53 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
54 54 else
55 55 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
56 56 fi
57 57 fi
58 58
59 # Add serial console support
60 if [ "$ENABLE_CONSOLE" = true ] ; then
61 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
59 #locks cpu at max frequency
60 if [ "$ENABLE_TURBO" = true ] ; then
61 echo "force_turbo=1" >> "${BOOT_DIR}/config.txt"
62 62 fi
63 63
64 # Remove IPv6 networking support
65 if [ "$ENABLE_IPV6" = false ] ; then
66 CMDLINE="${CMDLINE} ipv6.disable=1"
64 if [ "$ENABLE_PRINTK" = true ] ; then
65 install_readonly files/sysctl.d/83-rpi-printk.conf "${ETC_DIR}/sysctl.d/83-rpi-printk.conf"
67 66 fi
68 67
69 # Automatically assign predictable network interface names
70 if [ "$ENABLE_IFNAMES" = false ] ; then
71 CMDLINE="${CMDLINE} net.ifnames=0"
72 else
73 CMDLINE="${CMDLINE} net.ifnames=1"
74 fi
68 # Install udev rule for serial alias
69 install_readonly files/etc/99-com.rules "${LIB_DIR}/udev/rules.d/99-com.rules"
75 70
76 # Install firmware boot cmdline
77 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
78
79 # Install firmware config
80 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
71 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
81 72
82 # Setup minimal GPU memory allocation size: 16MB (no X)
83 if [ "$ENABLE_MINGPU" = true ] ; then
84 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
85 fi
73 # RPI0,3,3P Use default ttyS0 (mini-UART)as serial interface
74 SET_SERIAL="ttyS0"
86 75
87 # Setup boot with initramfs
88 if [ "$ENABLE_INITRAMFS" = true ] ; then
89 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
90 fi
91
92 # Disable RPi3 Bluetooth and restore ttyAMA0 serial device
93 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
94 if [ "$ENABLE_CONSOLE" = true ] && [ "$ENABLE_UBOOT" = false ] ; then
95 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
96 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
97 else
76 # Bluetooth enabled
77 if [ "$ENABLE_BLUETOOTH" = true ] ; then
98 78 # Create temporary directory for Bluetooth sources
99 79 temp_dir=$(as_nobody mktemp -d)
100 80
101 81 # Fetch Bluetooth sources
102 82 as_nobody git -C "${temp_dir}" clone "${BLUETOOTH_URL}"
103 83
104 84 # Copy downloaded sources
105 85 mv "${temp_dir}/pi-bluetooth" "${R}/tmp/"
106 86
87 # Bluetooth firmware from arch aur https://aur.archlinux.org/packages/pi-bluetooth/
88 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
89 as_nobody wget -q -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
90
107 91 # Set permissions
108 92 chown -R root:root "${R}/tmp/pi-bluetooth"
109 93
110 94 # Install tools
111 95 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/btuart" "${R}/usr/bin/btuart"
112 96 install_readonly "${R}/tmp/pi-bluetooth/usr/bin/bthelper" "${R}/usr/bin/bthelper"
113 97
114 98 # Install bluetooth udev rule
115 99 install_readonly "${R}/tmp/pi-bluetooth/lib/udev/rules.d/90-pi-bluetooth.rules" "${LIB_DIR}/udev/rules.d/90-pi-bluetooth.rules"
116 100
117 101 # Install Firmware Flash file and apropiate licence
118 mkdir "${ETC_DIR}/firmware/"
102 mkdir -p "$BLUETOOTH_FIRMWARE_DIR"
103 install_readonly "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
104 install_readonly "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" "${BLUETOOTH_FIRMWARE_DIR}/LICENCE.broadcom_bcm43xx"
105 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.bthelper@.service" "${ETC_DIR}/systemd/system/pi-bluetooth.bthelper@.service"
106 install_readonly "${R}/tmp/pi-bluetooth/debian/pi-bluetooth.hciuart.service" "${ETC_DIR}/systemd/system/pi-bluetooth.hciuart.service"
107
108 # Remove temporary directory
109 rm -fr "${temp_dir}"
119 110
120 wget -O "${R}/tmp/pi-bluetooth/LICENCE.broadcom_bcm43xx" https://aur.archlinux.org/cgit/aur.git/plain/LICENCE.broadcom_bcm43xx?h=pi-bluetooth
121 wget -O "${R}/tmp/pi-bluetooth/BCM43430A1.hcd" https://aur.archlinux.org/cgit/aur.git/plain/BCM43430A1.hcd?h=pi-bluetooth
111 # Switch Pi3 Bluetooth function to use the mini-UART (ttyS0) and restore UART0/ttyAMA0 over GPIOs 14 & 15. Slow Bluetooth and slow cpu. Use /dev/ttyS0 instead of /dev/ttyAMA0
112 if [ "$ENABLE_MINIUART_OVERLAY" = true ] ; then
113 SET_SERIAL="ttyAMA0"
122 114
123 # Get /dev/serial back for compability
124 wget -O "${ETC_DIR}/udev/rules.d/99-com.rules" https://raw.githubusercontent.com/RPi-Distro/raspberrypi-sys-mods/master/etc.armhf/udev/rules.d/99-com.rules
115 # set overlay to swap ttyAMA0 and ttyS0
116 echo "dtoverlay=pi3-miniuart-bt" >> "${BOOT_DIR}/config.txt"
117
118 # if force_turbo didn't lock cpu at high speed, lock it at low speed (XOR logic) or miniuart will be broken
119 if [ "$ENABLE_TURBO" = false ] ; then
120 echo "core_freq=250" >> "${BOOT_DIR}/config.txt"
125 121 fi
122
123 # Activate services
124 chroot_exec systemctl enable pi-bluetooth.hciuart.service
125 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
126 else
127 chroot_exec systemctl enable pi-bluetooth.hciuart.service
128 #chroot_exec systemctl enable pi-bluetooth.bthelper@.service
129 fi
130
131 else # if ENABLE_BLUETOOTH = false
132 # set overlay to disable bluetooth
133 echo "dtoverlay=pi3-disable-bt" >> "${BOOT_DIR}/config.txt"
134 fi # ENABLE_BLUETOOTH end
135
136 else
137 # RPI1,1P,2 Use default ttyAMA0 (full UART) as serial interface
138 SET_SERIAL="ttyAMA0"
139 fi
140
141 # may need sudo systemctl disable hciuart
142 if [ "$ENABLE_CONSOLE" = true ] ; then
143 echo "enable_uart=1" >> "${BOOT_DIR}/config.txt"
144 # add string to cmdline
145 CMDLINE="${CMDLINE} console=serial0,115200"
146
147 # Enable serial console systemd style
148 chroot_exec systemctl enable serial-getty\@"$SET_SERIAL".service
149 else
150 echo "enable_uart=0" >> "${BOOT_DIR}/config.txt"
151 # disable serial console systemd style
152 chroot_exec systemctl disable serial-getty\@"$SET_SERIAL".service
153 fi
154
155 # Remove IPv6 networking support
156 if [ "$ENABLE_IPV6" = false ] ; then
157 CMDLINE="${CMDLINE} ipv6.disable=1"
158 fi
159
160 # Automatically assign predictable network interface names
161 if [ "$ENABLE_IFNAMES" = false ] ; then
162 CMDLINE="${CMDLINE} net.ifnames=0"
163 else
164 CMDLINE="${CMDLINE} net.ifnames=1"
165 fi
166
167 # Install firmware boot cmdline
168 echo "${CMDLINE}" > "${BOOT_DIR}/cmdline.txt"
169
170 # Install firmware config
171 install_readonly files/boot/config.txt "${BOOT_DIR}/config.txt"
172
173 # Setup minimal GPU memory allocation size: 16MB (no X)
174 if [ "$ENABLE_MINGPU" = true ] ; then
175 echo "gpu_mem=16" >> "${BOOT_DIR}/config.txt"
176 fi
177
178 # Setup boot with initramfs
179 if [ "$ENABLE_INITRAMFS" = true ] ; then
180 echo "initramfs initramfs-${KERNEL_VERSION} followkernel" >> "${BOOT_DIR}/config.txt"
126 181 fi
127 182
128 183 # Create firmware configuration and cmdline symlinks
129 184 ln -sf firmware/config.txt "${R}/boot/config.txt"
130 185 ln -sf firmware/cmdline.txt "${R}/boot/cmdline.txt"
131 186
132 187 # Install and setup kernel modules to load at boot
133 188 mkdir -p "${LIB_DIR}/modules-load.d/"
134 189 install_readonly files/modules/rpi2.conf "${LIB_DIR}/modules-load.d/rpi2.conf"
135 190
136 191 # Load hardware random module at boot
137 192 if [ "$ENABLE_HWRANDOM" = true ] && [ "$BUILD_KERNEL" = false ] ; then
138 193 sed -i "s/^# bcm2708_rng/bcm2708_rng/" "${LIB_DIR}/modules-load.d/rpi2.conf"
139 194 fi
140 195
141 196 # Load sound module at boot
142 197 if [ "$ENABLE_SOUND" = true ] ; then
143 198 sed -i "s/^# snd_bcm2835/snd_bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
144 199 else
145 200 echo "dtparam=audio=off" >> "${BOOT_DIR}/config.txt"
146 201 fi
147 202
148 203 # Enable I2C interface
149 204 if [ "$ENABLE_I2C" = true ] ; then
150 205 echo "dtparam=i2c_arm=on" >> "${BOOT_DIR}/config.txt"
151 206 sed -i "s/^# i2c-bcm2708/i2c-bcm2708/" "${LIB_DIR}/modules-load.d/rpi2.conf"
152 207 sed -i "s/^# i2c-dev/i2c-dev/" "${LIB_DIR}/modules-load.d/rpi2.conf"
153 208 fi
154 209
155 210 # Enable SPI interface
156 211 if [ "$ENABLE_SPI" = true ] ; then
157 212 echo "dtparam=spi=on" >> "${BOOT_DIR}/config.txt"
158 213 echo "spi-bcm2708" >> "${LIB_DIR}/modules-load.d/rpi2.conf"
159 214 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ]; then
160 215 sed -i "s/spi-bcm2708/spi-bcm2835/" "${LIB_DIR}/modules-load.d/rpi2.conf"
161 216 fi
162 217 fi
163 218
164 219 # Disable RPi2/3 under-voltage warnings
165 220 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
166 221 echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt"
167 222 fi
168 223
169 224 # Install kernel modules blacklist
170 225 mkdir -p "${ETC_DIR}/modprobe.d/"
171 226 install_readonly files/modules/raspi-blacklist.conf "${ETC_DIR}/modprobe.d/raspi-blacklist.conf"
172 227
173 228 # Install sysctl.d configuration files
174 229 install_readonly files/sysctl.d/81-rpi-vm.conf "${ETC_DIR}/sysctl.d/81-rpi-vm.conf"
Show file before | Show file after | Hide comments
@@ -1,134 +1,132
1 1 #
2 2 # Setup Networking
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Install and setup hostname
9 9 install_readonly files/network/hostname "${ETC_DIR}/hostname"
10 10 sed -i "s/^RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hostname"
11 11
12 12 # Install and setup hosts
13 13 install_readonly files/network/hosts "${ETC_DIR}/hosts"
14 14 sed -i "s/RaspberryPI/${HOSTNAME}/" "${ETC_DIR}/hosts"
15 15
16 16 # Setup hostname entry with static IP
17 17 if [ "$NET_ADDRESS" != "" ] ; then
18 18 NET_IP=$(echo "${NET_ADDRESS}" | cut -f 1 -d'/')
19 19 sed -i "s/^127.0.1.1/${NET_IP}/" "${ETC_DIR}/hosts"
20 20 fi
21 21
22 22 # Remove IPv6 hosts
23 23 if [ "$ENABLE_IPV6" = false ] ; then
24 24 sed -i -e "/::[1-9]/d" -e "/^$/d" "${ETC_DIR}/hosts"
25 25 fi
26 26
27 27 # Install hint about network configuration
28 28 install_readonly files/network/interfaces "${ETC_DIR}/network/interfaces"
29 29
30 30 # Install configuration for interface eth0
31 31 install_readonly files/network/eth.network "${ETC_DIR}/systemd/network/eth.network"
32 32
33 33 # Install configuration for interface wl*
34 34 install_readonly files/network/wlan.network "${ETC_DIR}/systemd/network/wlan.network"
35 35
36 36 #always with dhcp since wpa_supplicant integration is missing
37 37 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/wlan.network"
38 38
39 39 if [ "$ENABLE_DHCP" = true ] ; then
40 40 # Enable DHCP configuration for interface eth0
41 41 sed -i -e "s/DHCP=.*/DHCP=yes/" -e "/DHCP/q" "${ETC_DIR}/systemd/network/eth.network"
42 42
43 43 # Set DHCP configuration to IPv4 only
44 44 if [ "$ENABLE_IPV6" = false ] ; then
45 45 sed -i "s/DHCP=.*/DHCP=v4/" "${ETC_DIR}/systemd/network/eth.network"
46 46 fi
47 47
48 48 else # ENABLE_DHCP=false
49 49 # Set static network configuration for interface eth0
50 50 sed -i\
51 51 -e "s|DHCP=.*|DHCP=no|"\
52 52 -e "s|Address=\$|Address=${NET_ADDRESS}|"\
53 53 -e "s|Gateway=\$|Gateway=${NET_GATEWAY}|"\
54 54 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_1}|"\
55 55 -e "0,/DNS=\$/ s|DNS=\$|DNS=${NET_DNS_2}|"\
56 56 -e "s|Domains=\$|Domains=${NET_DNS_DOMAINS}|"\
57 57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
58 58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
59 59 "${ETC_DIR}/systemd/network/eth.network"
60 60 fi
61 61
62 62 # Remove empty settings from network configuration
63 63 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/eth.network"
64 64 # Remove empty settings from wlan configuration
65 65 sed -i "/.*=\$/d" "${ETC_DIR}/systemd/network/wlan.network"
66 66
67 67 # Move systemd network configuration if required by Debian release
68 68 mv -v "${ETC_DIR}/systemd/network/eth.network" "${LIB_DIR}/systemd/network/10-eth.network"
69 69 # If WLAN is enabled copy wlan configuration too
70 70 if [ "$ENABLE_WIRELESS" = true ] ; then
71 71 mv -v "${ETC_DIR}/systemd/network/wlan.network" "${LIB_DIR}/systemd/network/11-wlan.network"
72 72 fi
73 73 rm -fr "${ETC_DIR}/systemd/network"
74 74
75 75 # Enable systemd-networkd service
76 76 chroot_exec systemctl enable systemd-networkd
77 77
78 78 # Install host.conf resolver configuration
79 79 install_readonly files/network/host.conf "${ETC_DIR}/host.conf"
80 80
81 81 # Enable network stack hardening
82 82 if [ "$ENABLE_HARDNET" = true ] ; then
83 83 # Install sysctl.d configuration files
84 84 install_readonly files/sysctl.d/82-rpi-net-hardening.conf "${ETC_DIR}/sysctl.d/82-rpi-net-hardening.conf"
85 85
86 86 # Setup resolver warnings about spoofed addresses
87 87 sed -i "s/^# spoof warn/spoof warn/" "${ETC_DIR}/host.conf"
88 88 fi
89 89
90 90 # Enable time sync
91 91 if [ "$NET_NTP_1" != "" ] ; then
92 92 chroot_exec systemctl enable systemd-timesyncd.service
93 93 fi
94 94
95 95 # Download the firmware binary blob required to use the RPi3 wireless interface
96 96 if [ "$ENABLE_WIRELESS" = true ] ; then
97 97 if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then
98 98 mkdir -p "${WLAN_FIRMWARE_DIR}"
99 99 fi
100 100
101 101 # Create temporary directory for firmware binary blob
102 102 temp_dir=$(as_nobody mktemp -d)
103 103
104 104 # Fetch firmware binary blob for RPI3B+
105 105 if [ "$RPI_MODEL" = 3P ] ; then
106 106 # Fetch firmware binary blob for RPi3P
107 107 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.bin"
108 108 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.txt"
109 109 as_nobody wget -q -O "${temp_dir}/brcmfmac43455-sdio.clm_blob" "${WLAN_FIRMWARE_URL}/brcmfmac43455-sdio.clm_blob"
110
111 # Move downloaded firmware binary blob
112 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
113
114 # Set permissions of the firmware binary blob
115 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
116 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
110 117 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
111 118 # Fetch firmware binary blob for RPi3
112 119 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
113 120 as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
114 fi
115 121
116 122 # Move downloaded firmware binary blob
117 if [ "$RPI_MODEL" = 3P ] ; then
118 mv "${temp_dir}/brcmfmac43455-sdio."* "${WLAN_FIRMWARE_DIR}/"
119 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
120 123 mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
121 fi
122
123 # Remove temporary directory for firmware binary blob
124 rm -fr "${temp_dir}"
125 124
126 125 # Set permissions of the firmware binary blob
127 if [ "$RPI_MODEL" = 3P ] ; then
128 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
129 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43455-sdio."*
130 elif [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 0 ] ; then
131 126 chown root:root "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
132 127 chmod 600 "${WLAN_FIRMWARE_DIR}/brcmfmac43430-sdio."*
133 128 fi
129
130 # Remove temporary directory for firmware binary blob
131 rm -fr "${temp_dir}"
134 132 fi
Show file before | Show file after | Hide comments
@@ -1,29 +1,29
1 1 #
2 2 # Setup users and security settings
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Generate crypt(3) password string
9 9 ENCRYPTED_PASSWORD=$(mkpasswd -m sha-512 "${PASSWORD}")
10 10 ENCRYPTED_USER_PASSWORD=$(mkpasswd -m sha-512 "${USER_PASSWORD}")
11 11
12 12 # Setup default user
13 13 if [ "$ENABLE_USER" = true ] ; then
14 chroot_exec adduser --gecos $USER_NAME --add_extra_groups --disabled-password $USER_NAME
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" $USER_NAME
14 chroot_exec adduser --gecos "$USER_NAME" --add_extra_groups --disabled-password "$USER_NAME"
15 chroot_exec usermod -a -G sudo -p "${ENCRYPTED_USER_PASSWORD}" "$USER_NAME"
16 16 fi
17 17
18 18 # Setup root password or not
19 19 if [ "$ENABLE_ROOT" = true ] ; then
20 20 chroot_exec usermod -p "${ENCRYPTED_PASSWORD}" root
21 21 else
22 22 # Set no root password to disable root login
23 23 chroot_exec usermod -p \'!\' root
24 24 fi
25 25
26 26 # Enable serial console systemd style
27 27 if [ "$ENABLE_CONSOLE" = true ] ; then
28 28 chroot_exec systemctl enable serial-getty\@ttyAMA0.service
29 29 fi
Show file before | Show file after | Hide comments
@@ -1,98 +1,100
1 1 #
2 2 # Build and Setup U-Boot
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 # Fetch and build U-Boot bootloader
9 9 if [ "$ENABLE_UBOOT" = true ] ; then
10 10 # Install c/c++ build environment inside the chroot
11 11 chroot_install_cc
12 12
13 13 # Copy existing U-Boot sources into chroot directory
14 14 if [ -n "$UBOOTSRC_DIR" ] && [ -d "$UBOOTSRC_DIR" ] ; then
15 15 # Copy local U-Boot sources
16 16 cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
17 17 else
18 18 # Create temporary directory for U-Boot sources
19 19 temp_dir=$(as_nobody mktemp -d)
20 20
21 21 # Fetch U-Boot sources
22 22 as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
23 23
24 24 # Copy downloaded U-Boot sources
25 25 mv "${temp_dir}/u-boot" "${R}/tmp/"
26 26
27 27 # Set permissions of the U-Boot sources
28 28 chown -R root:root "${R}/tmp/u-boot"
29 29
30 30 # Remove temporary directory for U-Boot sources
31 31 rm -fr "${temp_dir}"
32 32 fi
33 33
34 34 # Build and install U-Boot inside chroot
35 35 chroot_exec make -j"${KERNEL_THREADS}" -C /tmp/u-boot/ "${UBOOT_CONFIG}" all
36 36
37 37 # Copy compiled bootloader binary and set config.txt to load it
38 38 install_exec "${R}/tmp/u-boot/tools/mkimage" "${R}/usr/sbin/mkimage"
39 39 install_readonly "${R}/tmp/u-boot/u-boot.bin" "${BOOT_DIR}/u-boot.bin"
40 40 printf "\n# boot u-boot kernel\nkernel=u-boot.bin\n" >> "${BOOT_DIR}/config.txt"
41 41
42 42 # Install and setup U-Boot command file
43 43 install_readonly files/boot/uboot.mkimage "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
44 printf "# Set the kernel boot command line\nsetenv bootargs \"earlyprintk ${CMDLINE}\"\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
45 45
46 46 if [ "$ENABLE_INITRAMFS" = true ] ; then
47 47 # Convert generated initramfs for U-Boot using mkimage
48 48 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -T ramdisk -C none -n "initramfs-${KERNEL_VERSION}" -d "/boot/firmware/initramfs-${KERNEL_VERSION}" "/boot/firmware/initramfs-${KERNEL_VERSION}.uboot"
49 49
50 50 # Remove original initramfs file
51 51 rm -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}"
52 52
53 53 # Configure U-Boot to load generated initramfs
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat ${BOOT_DIR}/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
54 printf "# Set initramfs file\nsetenv initramfs initramfs-${KERNEL_VERSION}.uboot\n\n$(cat "${BOOT_DIR}"/uboot.mkimage)" > "${BOOT_DIR}/uboot.mkimage"
55 55 printf "\nbootz \${kernel_addr_r} \${ramdisk_addr_r} \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
56 56 else # ENABLE_INITRAMFS=false
57 57 # Remove initramfs from U-Boot mkfile
58 58 sed -i '/.*initramfs.*/d' "${BOOT_DIR}/uboot.mkimage"
59 59
60 60 if [ "$BUILD_KERNEL" = false ] ; then
61 61 # Remove dtbfile from U-Boot mkfile
62 62 sed -i '/.*dtbfile.*/d' "${BOOT_DIR}/uboot.mkimage"
63 63 printf "\nbootz \${kernel_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
64 64 else
65 65 printf "\nbootz \${kernel_addr_r} - \${fdt_addr_r}" >> "${BOOT_DIR}/uboot.mkimage"
66 66 fi
67 67 fi
68 68
69 if [ "$KERNEL_ARCH" = "arm64" ] ; then
69 if [ "$SET_ARCH" = 64 ] ; then
70 70 echo "Setting up config.txt to boot 64bit uboot"
71 {
72 printf "\n# 64bit-mode"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md"
74 printf "\narm_64bit=1"
75 } >> "${BOOT_DIR}/config.txt"
71 76
72 printf "\n# 64bit-mode" >> "${BOOT_DIR}/config.txt"
73 printf "\n# arm_control=0x200 is deprecated https://www.raspberrypi.org/documentation/configuration/config-txt/misc.md" >> "${BOOT_DIR}/config.txt"
74 printf "\narm_64bit=1" >> "${BOOT_DIR}/config.txt"
75
77 #in 64bit uboot booti is used instead of bootz [like in KERNEL_BIN_IMAGE=zImage (armv7)|| Image(armv8)]
76 78 sed -i "s|bootz|booti|g" "${BOOT_DIR}/uboot.mkimage"
77 79 fi
78 80
79 81 # Set mkfile to use the correct dtb file
80 sed -i "s/^\(setenv dtbfile \).*/\1${DTB_FILE}/" "${BOOT_DIR}/uboot.mkimage"
82 sed -i "s|bcm2709-rpi-2-b.dtb|${DTB_FILE}|" "${BOOT_DIR}/uboot.mkimage"
81 83
82 84 # Set mkfile to use the correct mach id
83 85 if [ "$ENABLE_QEMU" = true ] ; then
84 86 sed -i "s/^\(setenv machid \).*/\10x000008e0/" "${BOOT_DIR}/uboot.mkimage"
85 87 fi
86 88
87 89 # Set mkfile to use kernel image
88 sed -i "s/^\(fatload mmc 0:1 \${kernel_addr_r} \).*/\1${KERNEL_IMAGE}/" "${BOOT_DIR}/uboot.mkimage"
90 sed -i "s|kernel7.img|${KERNEL_IMAGE}|" "${BOOT_DIR}/uboot.mkimage"
89 91
90 92 # Remove all leading blank lines
91 93 sed -i "/./,\$!d" "${BOOT_DIR}/uboot.mkimage"
92 94
93 95 # Generate U-Boot bootloader image
94 96 chroot_exec /usr/sbin/mkimage -A "${KERNEL_ARCH}" -O linux -T script -C none -a 0x00000000 -e 0x00000000 -n "RPi${RPI_MODEL}" -d /boot/firmware/uboot.mkimage /boot/firmware/boot.scr
95 97
96 98 # Remove U-Boot sources
97 99 rm -fr "${R}/tmp/u-boot"
98 100 fi
Show file before | Show file after | Hide comments
@@ -1,53 +1,53
1 1 #
2 2 # Setup videocore - Raspberry Userland
3 3 #
4 4
5 5 # Load utility functions
6 6 . ./functions.sh
7 7
8 8 if [ "$ENABLE_VIDEOCORE" = true ] ; then
9 9 # Copy existing videocore sources into chroot directory
10 10 if [ -n "$VIDEOCORESRC_DIR" ] && [ -d "$VIDEOCORESRC_DIR" ] ; then
11 # Copy local U-Boot sources
11 # Copy local videocore sources
12 12 cp -r "${VIDEOCORESRC_DIR}" "${R}/tmp/userland"
13 13 else
14 # Create temporary directory for U-Boot sources
14 # Create temporary directory for videocore sources
15 15 temp_dir=$(as_nobody mktemp -d)
16 16
17 # Fetch U-Boot sources
17 # Fetch videocore sources
18 18 as_nobody git -C "${temp_dir}" clone "${VIDEOCORE_URL}"
19 19
20 # Copy downloaded U-Boot sources
20 # Copy downloaded videocore sources
21 21 mv "${temp_dir}/userland" "${R}/tmp/"
22 22
23 23 # Set permissions of the U-Boot sources
24 24 chown -R root:root "${R}/tmp/userland"
25 25
26 26 # Remove temporary directory for U-Boot sources
27 27 rm -fr "${temp_dir}"
28 28 fi
29 29
30 30 # Create build dir
31 31 mkdir "${R}"/tmp/userland/build
32 32
33 33 # push us to build directory
34 pushd "${R}"/tmp/userland/build
34 cd "${R}"/tmp/userland/build
35 35
36 36 if [ "$RELEASE_ARCH" = "arm64" ] ; then
37 37 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
38 38 fi
39 39
40 40 if [ "$RELEASE_ARCH" = "armel" ] ; then
41 41 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_C_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_CXX_COMPILER=arm-linux-gnueabi-g++ -DCMAKE_ASM_COMPILER=arm-linux-gnueabi-gcc -DCMAKE_C_FLAGS="${CMAKE_C_FLAGS} -U_FORTIFY_SOURCE" -DCMAKE_ASM_FLAGS="${CMAKE_ASM_FLAGS} -c" -DCMAKE_SYSTEM_PROCESSOR="arm" -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
42 42 fi
43 43
44 44 if [ "$RELEASE_ARCH" = "armhf" ] ; then
45 45 cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DCMAKE_TOOLCHAIN_FILE="${R}"/tmp/userland/makefiles/cmake/toolchains/arm-linux-gnueabihf.cmake -DVIDEOCORE_BUILD_DIR="${R}" "${R}/tmp/userland"
46 46 fi
47 47
48 48 #build userland
49 49 make -j "$(nproc)"
50 50
51 #pop us out of build dir
52 popd
51 #back to root of scriptdir
52 cd "${WORKDIR}"
53 53 fi
Show file before | Show file after | Hide comments
@@ -1,77 +1,77
1 1 # This file contains utility functions used by rpi23-gen-image.sh
2 2
3 3 cleanup (){
4 4 set +x
5 5 set +e
6 6
7 7 # Identify and kill all processes still using files
8 8 echo "killing processes using mount point ..."
9 9 fuser -k "${R}"
10 10 sleep 3
11 11 fuser -9 -k -v "${R}"
12 12
13 13 # Clean up temporary .password file
14 14 if [ -r ".password" ] ; then
15 15 shred -zu .password
16 16 fi
17 17
18 18 # Clean up all temporary mount points
19 19 echo "removing temporary mount points ..."
20 20 umount -l "${R}/proc" 2> /dev/null
21 21 umount -l "${R}/sys" 2> /dev/null
22 22 umount -l "${R}/dev/pts" 2> /dev/null
23 23 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
24 24 umount "$BUILDDIR/mount" 2> /dev/null
25 25 cryptsetup close "${CRYPTFS_MAPPING}" 2> /dev/null
26 26 losetup -d "$ROOT_LOOP" 2> /dev/null
27 27 losetup -d "$FRMW_LOOP" 2> /dev/null
28 28 trap - 0 1 2 3 6
29 29 }
30 30
31 31 chroot_exec() {
32 32 # Exec command in chroot
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot ${R} $*
33 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot "${R}" "$@"
34 34 }
35 35
36 36 as_nobody() {
37 37 # Exec command as user nobody
38 sudo -E -u nobody LANG=C LC_ALL=C $*
38 sudo -E -u nobody LANG=C LC_ALL=C "$@"
39 39 }
40 40
41 41 install_readonly() {
42 42 # Install file with user read-only permissions
43 install -o root -g root -m 644 $*
43 install -o root -g root -m 644 "$@"
44 44 }
45 45
46 46 install_exec() {
47 47 # Install file with root exec permissions
48 install -o root -g root -m 744 $*
48 install -o root -g root -m 744 "$@"
49 49 }
50 50
51 51 use_template () {
52 52 # Test if configuration template file exists
53 53 if [ ! -r "./templates/${CONFIG_TEMPLATE}" ] ; then
54 54 echo "error: configuration template ${CONFIG_TEMPLATE} not found"
55 55 exit 1
56 56 fi
57 57
58 58 # Load template configuration parameters
59 59 . "./templates/${CONFIG_TEMPLATE}"
60 60 }
61 61
62 62 chroot_install_cc() {
63 63 # Install c/c++ build environment inside the chroot
64 64 if [ -z "${COMPILER_PACKAGES}" ] ; then
65 65 COMPILER_PACKAGES=$(chroot_exec apt-get -s install g++ make bc | grep "^Inst " | awk -v ORS=" " '{ print $2 }')
66 66 # Install COMPILER_PACKAGES in chroot
67 chroot_exec apt-get -q -y --allow-unauthenticated --no-install-recommends install ${COMPILER_PACKAGES}
67 chroot_exec apt-get -q -y --allow-unauthenticated --no-install-recommends install "${COMPILER_PACKAGES}"
68 68 fi
69 69 }
70 70
71 71 chroot_remove_cc() {
72 72 # Remove c/c++ build environment from the chroot
73 if [ ! -z "${COMPILER_PACKAGES}" ] ; then
74 chroot_exec apt-get -qq -y --auto-remove purge ${COMPILER_PACKAGES}
73 if [ -n "${COMPILER_PACKAGES}" ] ; then
74 chroot_exec apt-get -qq -y --auto-remove purge "${COMPILER_PACKAGES}"
75 75 COMPILER_PACKAGES=""
76 76 fi
77 77 }
Show file before | Show file after | Hide comments
@@ -1,784 +1,807
1 1 #!/bin/sh
2 2 ########################################################################
3 3 # rpi23-gen-image.sh 2015-2017
4 4 #
5 5 # Advanced Debian "stretch" and "buster" bootstrap script for Raspberry Pi
6 6 #
7 7 # This program is free software; you can redistribute it and/or
8 8 # modify it under the terms of the GNU General Public License
9 9 # as published by the Free Software Foundation; either version 2
10 10 # of the License, or (at your option) any later version.
11 11 #
12 12 # Copyright (C) 2015 Jan Wagner <mail@jwagner.eu>
13 13 #
14 14 # Big thanks for patches and enhancements by 20+ github contributors!
15 15 ########################################################################
16 16
17 17 # Are we running as root?
18 18 if [ "$(id -u)" -ne "0" ] ; then
19 19 echo "error: this script must be executed with root privileges!"
20 20 exit 1
21 21 fi
22 22
23 23 # Check if ./functions.sh script exists
24 24 if [ ! -r "./functions.sh" ] ; then
25 25 echo "error: './functions.sh' required script not found!"
26 26 exit 1
27 27 fi
28 28
29 29 # Load utility functions
30 30 . ./functions.sh
31 31
32 32 # Load parameters from configuration template file
33 33 if [ -n "$CONFIG_TEMPLATE" ] ; then
34 34 use_template
35 35 fi
36 36
37 37 # Introduce settings
38 38 set -e
39 39 echo -n -e "\n#\n# RPi 0/1/2/3 Bootstrap Settings\n#\n"
40 40 set -x
41 41
42 42 # Raspberry Pi model configuration
43 43 RPI_MODEL=${RPI_MODEL:=2}
44 44
45 45 # Debian release
46 46 RELEASE=${RELEASE:=buster}
47 47
48 48 # Kernel Branch
49 49 KERNEL_BRANCH=${KERNEL_BRANCH:=""}
50 50
51 51 # URLs
52 52 KERNEL_URL=${KERNEL_URL:=https://github.com/raspberrypi/linux}
53 53 FIRMWARE_URL=${FIRMWARE_URL:=https://github.com/raspberrypi/firmware/raw/master/boot}
54 54 WLAN_FIRMWARE_URL=${WLAN_FIRMWARE_URL:=https://github.com/RPi-Distro/firmware-nonfree/raw/master/brcm}
55 55 COLLABORA_URL=${COLLABORA_URL:=https://repositories.collabora.co.uk/debian}
56 56 FBTURBO_URL=${FBTURBO_URL:=https://github.com/ssvb/xf86-video-fbturbo.git}
57 57 UBOOT_URL=${UBOOT_URL:=https://git.denx.de/u-boot.git}
58 58 VIDEOCORE_URL=${VIDEOCORE_URL:=https://github.com/raspberrypi/userland}
59 59 BLUETOOTH_URL=${BLUETOOTH_URL:=https://github.com/RPi-Distro/pi-bluetooth.git}
60 60
61 61 # Build directories
62 BASEDIR=${BASEDIR:=$(pwd)/images/${RELEASE}}
62 WORKDIR=$(pwd)
63 BASEDIR=${BASEDIR:=${WORKDIR}/images/${RELEASE}}
63 64 BUILDDIR="${BASEDIR}/build"
64 65
65 66 # Chroot directories
66 67 R="${BUILDDIR}/chroot"
67 68 ETC_DIR="${R}/etc"
68 69 LIB_DIR="${R}/lib"
69 70 BOOT_DIR="${R}/boot/firmware"
70 71 KERNEL_DIR="${R}/usr/src/linux"
71 72 WLAN_FIRMWARE_DIR="${LIB_DIR}/firmware/brcm"
73 BLUETOOTH_FIRMWARE_DIR="${ETC_DIR}/firmware/bt"
72 74
73 75 # Firmware directory: Blank if download from github
74 76 RPI_FIRMWARE_DIR=${RPI_FIRMWARE_DIR:=""}
75 77
76 78 # General settings
77 79 SET_ARCH=${SET_ARCH:=32}
78 80 HOSTNAME=${HOSTNAME:=rpi${RPI_MODEL}-${RELEASE}}
79 81 PASSWORD=${PASSWORD:=raspberry}
80 82 USER_PASSWORD=${USER_PASSWORD:=raspberry}
81 83 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
82 84 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
83 85 EXPANDROOT=${EXPANDROOT:=true}
84 86
85 87 # Keyboard settings
86 88 XKB_MODEL=${XKB_MODEL:=""}
87 89 XKB_LAYOUT=${XKB_LAYOUT:=""}
88 90 XKB_VARIANT=${XKB_VARIANT:=""}
89 91 XKB_OPTIONS=${XKB_OPTIONS:=""}
90 92
91 93 # Network settings (DHCP)
92 94 ENABLE_DHCP=${ENABLE_DHCP:=true}
93 95
94 96 # Network settings (static)
95 97 NET_ADDRESS=${NET_ADDRESS:=""}
96 98 NET_GATEWAY=${NET_GATEWAY:=""}
97 99 NET_DNS_1=${NET_DNS_1:=""}
98 100 NET_DNS_2=${NET_DNS_2:=""}
99 101 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
100 102 NET_NTP_1=${NET_NTP_1:=""}
101 103 NET_NTP_2=${NET_NTP_2:=""}
102 104
103 105 # APT settings
104 106 APT_PROXY=${APT_PROXY:=""}
105 107 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
106 108
107 109 # Feature settings
110 ENABLE_PRINTK=${ENABLE_PRINTK:=false}
111 ENABLE_BLUETOOTH=${ENABLE_BLUETOOTH:=false}
112 ENABLE_MINIUART_OVERLAY=${ENABLE_MINIUART_OVERLAY:=false}
108 113 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
109 114 ENABLE_I2C=${ENABLE_I2C:=false}
110 115 ENABLE_SPI=${ENABLE_SPI:=false}
111 116 ENABLE_IPV6=${ENABLE_IPV6:=true}
112 117 ENABLE_SSHD=${ENABLE_SSHD:=true}
113 118 ENABLE_NONFREE=${ENABLE_NONFREE:=false}
114 119 ENABLE_WIRELESS=${ENABLE_WIRELESS:=false}
115 120 ENABLE_SOUND=${ENABLE_SOUND:=true}
116 121 ENABLE_DBUS=${ENABLE_DBUS:=true}
117 122 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
118 123 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
119 124 ENABLE_XORG=${ENABLE_XORG:=false}
120 125 ENABLE_WM=${ENABLE_WM:=""}
121 126 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
122 127 ENABLE_USER=${ENABLE_USER:=true}
123 128 USER_NAME=${USER_NAME:="pi"}
124 129 ENABLE_ROOT=${ENABLE_ROOT:=false}
125 130 ENABLE_QEMU=${ENABLE_QEMU:=false}
126 131 ENABLE_SYSVINIT=${ENABLE_SYSVINIT:=false}
127 132
128 133 # SSH settings
129 134 SSH_ENABLE_ROOT=${SSH_ENABLE_ROOT:=false}
130 135 SSH_DISABLE_PASSWORD_AUTH=${SSH_DISABLE_PASSWORD_AUTH:=false}
131 136 SSH_LIMIT_USERS=${SSH_LIMIT_USERS:=false}
132 137 SSH_ROOT_PUB_KEY=${SSH_ROOT_PUB_KEY:=""}
133 138 SSH_USER_PUB_KEY=${SSH_USER_PUB_KEY:=""}
134 139
135 140 # Advanced settings
136 141 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
137 142 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
138 143 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
139 144 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
140 145 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
141 146 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
142 147 VIDEOCORESRC_DIR=${VIDEOCORESRC_DIR:=""}
143 148 FBTURBOSRC_DIR=${FBTURBOSRC_DIR:=""}
144 149 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
145 150 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
146 151 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
147 152 ENABLE_INITRAMFS=${ENABLE_INITRAMFS:=false}
148 153 ENABLE_IFNAMES=${ENABLE_IFNAMES:=true}
149 154 DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS:=}
150 155
151 156 # Kernel compilation settings
152 157 BUILD_KERNEL=${BUILD_KERNEL:=true}
153 158 KERNEL_REDUCE=${KERNEL_REDUCE:=false}
154 159 KERNEL_THREADS=${KERNEL_THREADS:=1}
155 160 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
156 161 KERNEL_MENUCONFIG=${KERNEL_MENUCONFIG:=false}
157 162 KERNEL_REMOVESRC=${KERNEL_REMOVESRC:=true}
158 163 KERNEL_OLDDEFCONFIG=${KERNEL_OLDDEFCONFIG:=false}
159 164 KERNEL_CCACHE=${KERNEL_CCACHE:=false}
160 165
161 166 # Kernel compilation from source directory settings
162 167 KERNELSRC_DIR=${KERNELSRC_DIR:=""}
163 168 KERNELSRC_CLEAN=${KERNELSRC_CLEAN:=false}
164 169 KERNELSRC_CONFIG=${KERNELSRC_CONFIG:=true}
165 170 KERNELSRC_PREBUILT=${KERNELSRC_PREBUILT:=false}
166 171
167 172 # Reduce disk usage settings
168 173 REDUCE_APT=${REDUCE_APT:=true}
169 174 REDUCE_DOC=${REDUCE_DOC:=true}
170 175 REDUCE_MAN=${REDUCE_MAN:=true}
171 176 REDUCE_VIM=${REDUCE_VIM:=false}
172 177 REDUCE_BASH=${REDUCE_BASH:=false}
173 178 REDUCE_HWDB=${REDUCE_HWDB:=true}
174 179 REDUCE_SSHD=${REDUCE_SSHD:=true}
175 180 REDUCE_LOCALE=${REDUCE_LOCALE:=true}
176 181
177 182 # Encrypted filesystem settings
178 183 ENABLE_CRYPTFS=${ENABLE_CRYPTFS:=false}
179 184 CRYPTFS_PASSWORD=${CRYPTFS_PASSWORD:=""}
180 185 CRYPTFS_MAPPING=${CRYPTFS_MAPPING:="secure"}
181 186 CRYPTFS_CIPHER=${CRYPTFS_CIPHER:="aes-xts-plain64:sha512"}
182 187 CRYPTFS_XTSKEYSIZE=${CRYPTFS_XTSKEYSIZE:=512}
183 188
184 189 # Chroot scripts directory
185 190 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
186 191
187 192 # Packages required in the chroot build environment
188 193 APT_INCLUDES=${APT_INCLUDES:=""}
189 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup"
194 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,apt-utils,ca-certificates,debian-archive-keyring,dialog,sudo,systemd,sysvinit-utils,locales,keyboard-configuration,console-setup,libnss-systemd"
190 195
191 196 # Packages to exclude from chroot build environment
192 197 APT_EXCLUDES=${APT_EXCLUDES:=""}
193 198
194 199 # Packages required for bootstrapping
195 200 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git bc psmisc dbus sudo"
196 201 MISSING_PACKAGES=""
197 202
198 203 # Packages installed for c/c++ build environment in chroot (keep empty)
199 204 COMPILER_PACKAGES=""
200 205
201 206 set +x
202 207
208 #Check if apt-cacher-ng has port 3142 open and set APT_PROXY
209 APT_CACHER_RUNNING=$(lsof -i :3142 | grep apt-cacher-ng | cut -d ' ' -f3 | uniq)
210 if [ -n "${APT_CACHER_RUNNING}" ] ; then
211 APT_PROXY=http://127.0.0.1:3142/
212 fi
213
203 214 # Setup architecture specific settings
204 215 if [ -n "$SET_ARCH" ] ; then
205 216 # 64-bit configuration
206 217 if [ "$SET_ARCH" = 64 ] ; then
207 218 # General 64-bit depended settings
208 219 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-aarch64-static}
209 220 KERNEL_ARCH=${KERNEL_ARCH:=arm64}
210 221 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="Image"}
211 222
212 223 # Raspberry Pi model specific settings
213 224 if [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
214 225 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-arm64"
215 226 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi3_defconfig}
216 227 RELEASE_ARCH=${RELEASE_ARCH:=arm64}
217 228 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel8.img}
218 229 CROSS_COMPILE=${CROSS_COMPILE:=aarch64-linux-gnu-}
219 230 else
220 231 echo "error: Only Raspberry PI 3 and 3B+ support 64-bit"
221 232 exit 1
222 233 fi
223 234 fi
224 235
225 236 # 32-bit configuration
226 237 if [ "$SET_ARCH" = 32 ] ; then
227 238 # General 32-bit dependend settings
228 239 QEMU_BINARY=${QEMU_BINARY:=/usr/bin/qemu-arm-static}
229 240 KERNEL_ARCH=${KERNEL_ARCH:=arm}
230 241 KERNEL_BIN_IMAGE=${KERNEL_BIN_IMAGE:="zImage"}
231 242
232 243 # Raspberry Pi model specific settings
233 244 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] ; then
234 245 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armel"
235 246 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcmrpi_defconfig}
236 247 RELEASE_ARCH=${RELEASE_ARCH:=armel}
237 248 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel.img}
238 249 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabi-}
239 250 fi
240 251
241 252 # Raspberry Pi model specific settings
242 253 if [ "$RPI_MODEL" = 2 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
243 254 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
244 255 KERNEL_DEFCONFIG=${KERNEL_DEFCONFIG:=bcm2709_defconfig}
245 256 RELEASE_ARCH=${RELEASE_ARCH:=armhf}
246 257 KERNEL_IMAGE=${KERNEL_IMAGE:=kernel7.img}
247 258 CROSS_COMPILE=${CROSS_COMPILE:=arm-linux-gnueabihf-}
248 259 fi
249 260 fi
250 261 #SET_ARCH not set
251 262 else
252 263 echo "error: Please set '32' or '64' as value for SET_ARCH"
253 264 exit 1
254 265 fi
255 266 # Device specific configuration and U-Boot configuration
256 267 case "$RPI_MODEL" in
257 268 0)
258 269 DTB_FILE=${DTB_FILE:=bcm2708-rpi-0-w.dtb}
259 270 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
260 271 ;;
261 272 1)
262 273 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b.dtb}
263 274 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
264 275 ;;
265 276 1P)
266 277 DTB_FILE=${DTB_FILE:=bcm2708-rpi-b-plus.dtb}
267 278 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_defconfig}
268 279 ;;
269 280 2)
270 281 DTB_FILE=${DTB_FILE:=bcm2709-rpi-2-b.dtb}
271 282 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_2_defconfig}
272 283 ;;
273 284 3)
274 285 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
275 286 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
276 287 ;;
277 288 3P)
278 289 DTB_FILE=${DTB_FILE:=bcm2710-rpi-3-b.dtb}
279 290 UBOOT_CONFIG=${UBOOT_CONFIG:=rpi_3_defconfig}
280 291 ;;
281 292 *)
282 293 echo "error: Raspberry Pi model $RPI_MODEL is not supported!"
283 294 exit 1
284 295 ;;
285 296 esac
286 297
298 # Raspberry PI 0,3,3P with Bluetooth and Wifi onboard
299 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
300 # Include bluetooth packages on supported boards
301 if [ "$ENABLE_BLUETOOTH" = true ] && [ "$ENABLE_CONSOLE" = false ]; then
302 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
303 fi
304 else # Raspberry PI 1,1P,2 without Wifi and bluetooth onboard
305 # Check if the internal wireless interface is not supported by the RPi model
306 if [ "$ENABLE_WIRELESS" = true ] || [ "$ENABLE_BLUETOOTH" = true ]; then
307 echo "error: The selected Raspberry Pi model has no integrated interface for wireless or bluetooth"
308 exit 1
309 fi
310 fi
311
287 312 # Prepare date string for default image file name
288 313 DATE="$(date +%Y-%m-%d)"
289 314 if [ -z "$KERNEL_BRANCH" ] ; then
290 315 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
291 316 else
292 317 IMAGE_NAME=${IMAGE_NAME:=${BASEDIR}/${DATE}-${KERNEL_ARCH}-${KERNEL_BRANCH}-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
293 318 fi
294 319
295 # Check if the internal wireless interface is supported by the RPi model
296 if [ "$ENABLE_WIRELESS" = true ] ; then
297 if [ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P ] || [ "$RPI_MODEL" = 2 ] ; then
298 echo "error: The selected Raspberry Pi model has no internal wireless interface"
299 exit 1
300 else
301 echo "Raspberry Pi $RPI_MODEL has WIFI support"
302 fi
303 fi
304
305 320 # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported
306 321 if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then
307 322 if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then
308 323 echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported"
309 324 exit 1
310 325 fi
311 326 fi
312 327
313 328 # Add cmake to compile videocore sources
314 329 if [ "$ENABLE_VIDEOCORE" = true ] ; then
315 330 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cmake"
316 331 fi
317 332
318 333 # Add libncurses5 to enable kernel menuconfig
319 334 if [ "$KERNEL_MENUCONFIG" = true ] ; then
320 335 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} libncurses-dev"
321 336 fi
322 337
323 338 # Add ccache compiler cache for (faster) kernel cross (re)compilation
324 339 if [ "$KERNEL_CCACHE" = true ] ; then
325 340 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} ccache"
326 341 fi
327 342
328 343 # Add cryptsetup package to enable filesystem encryption
329 344 if [ "$ENABLE_CRYPTFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
330 345 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} cryptsetup"
331 346 APT_INCLUDES="${APT_INCLUDES},cryptsetup,busybox,console-setup"
332 347
333 348 if [ -z "$CRYPTFS_PASSWORD" ] ; then
334 349 echo "error: no password defined (CRYPTFS_PASSWORD)!"
335 350 exit 1
336 351 fi
337 352 ENABLE_INITRAMFS=true
338 353 fi
339 354
340 355 # Add initramfs generation tools
341 356 if [ "$ENABLE_INITRAMFS" = true ] && [ "$BUILD_KERNEL" = true ] ; then
342 357 APT_INCLUDES="${APT_INCLUDES},initramfs-tools"
343 358 fi
344 359
345 360 # Add device-tree-compiler required for building the U-Boot bootloader
346 361 if [ "$ENABLE_UBOOT" = true ] ; then
347 362 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
348 363 fi
349 364
365 if [ "$ENABLE_BLUETOOTH" = true ] ; then
366 if [ "$RPI_MODEL" = 0 ] || [ "$RPI_MODEL" = 3 ] || [ "$RPI_MODEL" = 3P ] ; then
367 if [ "$ENABLE_CONSOLE" = false ] ; then
368 APT_INCLUDES="${APT_INCLUDES},bluetooth,bluez"
369 fi
370 fi
371 fi
372
350 373 # Check if root SSH (v2) public key file exists
351 374 if [ -n "$SSH_ROOT_PUB_KEY" ] ; then
352 375 if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then
353 376 echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!"
354 377 exit 1
355 378 fi
356 379 fi
357 380
358 381 # Check if $USER_NAME SSH (v2) public key file exists
359 382 if [ -n "$SSH_USER_PUB_KEY" ] ; then
360 383 if [ ! -f "$SSH_USER_PUB_KEY" ] ; then
361 384 echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!"
362 385 exit 1
363 386 fi
364 387 fi
365 388
366 389 # Check if all required packages are installed on the build system
367 390 for package in $REQUIRED_PACKAGES ; do
368 if [ "$(dpkg-query -W -f='${Status}' $package)" != "install ok installed" ] ; then
391 if [ "$(dpkg-query -W -f='${Status}' "$package")" != "install ok installed" ] ; then
369 392 MISSING_PACKAGES="${MISSING_PACKAGES} $package"
370 393 fi
371 394 done
372 395
373 396 # If there are missing packages ask confirmation for install, or exit
374 397 if [ -n "$MISSING_PACKAGES" ] ; then
375 398 echo "the following packages needed by this script are not installed:"
376 399 echo "$MISSING_PACKAGES"
377 400
378 401 printf "\ndo you want to install the missing packages right now? [y/n] "
379 402 read -r confirm
380 403 [ "$confirm" != "y" ] && exit 1
381 404
382 405 # Make sure all missing required packages are installed
383 406 apt-get -qq -y install `echo "${MISSING_PACKAGES}" | sed "s/ //"`
384 407 fi
385 408
386 409 # Check if ./bootstrap.d directory exists
387 410 if [ ! -d "./bootstrap.d/" ] ; then
388 411 echo "error: './bootstrap.d' required directory not found!"
389 412 exit 1
390 413 fi
391 414
392 415 # Check if ./files directory exists
393 416 if [ ! -d "./files/" ] ; then
394 417 echo "error: './files' required directory not found!"
395 418 exit 1
396 419 fi
397 420
398 421 # Check if specified KERNELSRC_DIR directory exists
399 422 if [ -n "$KERNELSRC_DIR" ] && [ ! -d "$KERNELSRC_DIR" ] ; then
400 423 echo "error: '${KERNELSRC_DIR}' specified directory not found (KERNELSRC_DIR)!"
401 424 exit 1
402 425 fi
403 426
404 427 # Check if specified UBOOTSRC_DIR directory exists
405 428 if [ -n "$UBOOTSRC_DIR" ] && [ ! -d "$UBOOTSRC_DIR" ] ; then
406 429 echo "error: '${UBOOTSRC_DIR}' specified directory not found (UBOOTSRC_DIR)!"
407 430 exit 1
408 431 fi
409 432
410 433 # Check if specified VIDEOCORESRC_DIR directory exists
411 434 if [ -n "$VIDEOCORESRC_DIR" ] && [ ! -d "$VIDEOCORESRC_DIR" ] ; then
412 435 echo "error: '${VIDEOCORESRC_DIR}' specified directory not found (VIDEOCORESRC_DIR)!"
413 436 exit 1
414 437 fi
415 438
416 439 # Check if specified FBTURBOSRC_DIR directory exists
417 440 if [ -n "$FBTURBOSRC_DIR" ] && [ ! -d "$FBTURBOSRC_DIR" ] ; then
418 441 echo "error: '${FBTURBOSRC_DIR}' specified directory not found (FBTURBOSRC_DIR)!"
419 442 exit 1
420 443 fi
421 444
422 445 # Check if specified CHROOT_SCRIPTS directory exists
423 446 if [ -n "$CHROOT_SCRIPTS" ] && [ ! -d "$CHROOT_SCRIPTS" ] ; then
424 447 echo "error: ${CHROOT_SCRIPTS} specified directory not found (CHROOT_SCRIPTS)!"
425 448 exit 1
426 449 fi
427 450
428 451 # Check if specified device mapping already exists (will be used by cryptsetup)
429 452 if [ -r "/dev/mapping/${CRYPTFS_MAPPING}" ] ; then
430 453 echo "error: mapping /dev/mapping/${CRYPTFS_MAPPING} already exists, not proceeding"
431 454 exit 1
432 455 fi
433 456
434 457 # Don't clobber an old build
435 458 if [ -e "$BUILDDIR" ] ; then
436 459 echo "error: directory ${BUILDDIR} already exists, not proceeding"
437 460 exit 1
438 461 fi
439 462
440 463 # Setup chroot directory
441 464 mkdir -p "${R}"
442 465
443 466 # Check if build directory has enough of free disk space >512MB
444 467 if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then
445 468 echo "error: ${BUILDDIR} not enough space left to generate the output image!"
446 469 exit 1
447 470 fi
448 471
449 472 set -x
450 473
451 474 # Call "cleanup" function on various signals and errors
452 475 trap cleanup 0 1 2 3 6
453 476
454 477 # Add required packages for the minbase installation
455 478 if [ "$ENABLE_MINBASE" = true ] ; then
456 479 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools,ifupdown"
457 480 fi
458 481
459 482 # Add parted package, required to get partprobe utility
460 483 if [ "$EXPANDROOT" = true ] ; then
461 484 APT_INCLUDES="${APT_INCLUDES},parted"
462 485 fi
463 486
464 487 # Add dbus package, recommended if using systemd
465 488 if [ "$ENABLE_DBUS" = true ] ; then
466 489 APT_INCLUDES="${APT_INCLUDES},dbus"
467 490 fi
468 491
469 492 # Add iptables IPv4/IPv6 package
470 493 if [ "$ENABLE_IPTABLES" = true ] ; then
471 494 APT_INCLUDES="${APT_INCLUDES},iptables,iptables-persistent"
472 495 fi
473 496
474 497 # Add openssh server package
475 498 if [ "$ENABLE_SSHD" = true ] ; then
476 499 APT_INCLUDES="${APT_INCLUDES},openssh-server"
477 500 fi
478 501
479 502 # Add alsa-utils package
480 503 if [ "$ENABLE_SOUND" = true ] ; then
481 504 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
482 505 fi
483 506
484 507 # Add rng-tools package
485 508 if [ "$ENABLE_HWRANDOM" = true ] ; then
486 509 APT_INCLUDES="${APT_INCLUDES},rng-tools"
487 510 fi
488 511
489 512 # Add fbturbo video driver
490 513 if [ "$ENABLE_FBTURBO" = true ] ; then
491 514 # Enable xorg package dependencies
492 515 ENABLE_XORG=true
493 516 fi
494 517
495 518 # Add user defined window manager package
496 519 if [ -n "$ENABLE_WM" ] ; then
497 520 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
498 521
499 522 # Enable xorg package dependencies
500 523 ENABLE_XORG=true
501 524 fi
502 525
503 526 # Add xorg package
504 527 if [ "$ENABLE_XORG" = true ] ; then
505 528 APT_INCLUDES="${APT_INCLUDES},xorg,dbus-x11"
506 529 fi
507 530
508 531 # Replace selected packages with smaller clones
509 532 if [ "$ENABLE_REDUCE" = true ] ; then
510 533 # Add levee package instead of vim-tiny
511 534 if [ "$REDUCE_VIM" = true ] ; then
512 535 APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/vim-tiny/levee/")"
513 536 fi
514 537
515 538 # Add dropbear package instead of openssh-server
516 539 if [ "$REDUCE_SSHD" = true ] ; then
517 540 APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")"
518 541 fi
519 542 fi
520 543
521 544 # Configure systemd-sysv exclude to make halt/reboot/shutdown scripts available
522 545 if [ "$ENABLE_SYSVINIT" = false ] ; then
523 546 APT_EXCLUDES="--exclude=${APT_EXCLUDES},init,systemd-sysv"
524 547 fi
525 548
526 549 # Check if kernel is getting compiled
527 550 if [ "$BUILD_KERNEL" = false ] ; then
528 551 echo "Downloading precompiled kernel"
529 552 echo "error: not configured"
530 553 exit 1;
531 554 # BUILD_KERNEL=true
532 555 else
533 556 echo "No precompiled kernel repositories were added"
534 557 fi
535 558
536 559 # Configure kernel sources if no KERNELSRC_DIR
537 560 if [ "$BUILD_KERNEL" = true ] && [ -z "$KERNELSRC_DIR" ] ; then
538 561 KERNELSRC_CONFIG=true
539 562 fi
540 563
541 564 # Configure reduced kernel
542 565 if [ "$KERNEL_REDUCE" = true ] ; then
543 566 KERNELSRC_CONFIG=false
544 567 fi
545 568
546 569 # Configure qemu compatible kernel
547 570 if [ "$ENABLE_QEMU" = true ] ; then
548 571 DTB_FILE=vexpress-v2p-ca15_a7.dtb
549 572 UBOOT_CONFIG=vexpress_ca15_tc2_defconfig
550 573 KERNEL_DEFCONFIG="vexpress_defconfig"
551 574 if [ "$KERNEL_MENUCONFIG" = false ] ; then
552 575 KERNEL_OLDDEFCONFIG=true
553 576 fi
554 577 fi
555 578
556 579 # Execute bootstrap scripts
557 580 for SCRIPT in bootstrap.d/*.sh; do
558 581 head -n 3 "$SCRIPT"
559 582 . "$SCRIPT"
560 583 done
561 584
562 585 ## Execute custom bootstrap scripts
563 586 if [ -d "custom.d" ] ; then
564 587 for SCRIPT in custom.d/*.sh; do
565 588 . "$SCRIPT"
566 589 done
567 590 fi
568 591
569 592 # Execute custom scripts inside the chroot
570 593 if [ -n "$CHROOT_SCRIPTS" ] && [ -d "$CHROOT_SCRIPTS" ] ; then
571 594 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
572 595 chroot_exec /bin/bash -x <<'EOF'
573 596 for SCRIPT in /chroot_scripts/* ; do
574 597 if [ -f $SCRIPT -a -x $SCRIPT ] ; then
575 598 $SCRIPT
576 599 fi
577 600 done
578 601 EOF
579 602 rm -rf "${R}/chroot_scripts"
580 603 fi
581 604
582 605 # Remove c/c++ build environment from the chroot
583 606 chroot_remove_cc
584 607
585 608 # Generate required machine-id
586 609 MACHINE_ID=$(dbus-uuidgen)
587 610 echo -n "${MACHINE_ID}" > "${R}/var/lib/dbus/machine-id"
588 611 echo -n "${MACHINE_ID}" > "${ETC_DIR}/machine-id"
589 612
590 613 # APT Cleanup
591 614 chroot_exec apt-get -y clean
592 615 chroot_exec apt-get -y autoclean
593 616 chroot_exec apt-get -y autoremove
594 617
595 618 # Unmount mounted filesystems
596 619 umount -l "${R}/proc"
597 620 umount -l "${R}/sys"
598 621
599 622 # Clean up directories
600 623 rm -rf "${R}/run/*"
601 624 rm -rf "${R}/tmp/*"
602 625
603 626 # Clean up files
604 627 rm -f "${ETC_DIR}/ssh/ssh_host_*"
605 628 rm -f "${ETC_DIR}/dropbear/dropbear_*"
606 629 rm -f "${ETC_DIR}/apt/sources.list.save"
607 630 rm -f "${ETC_DIR}/resolvconf/resolv.conf.d/original"
608 631 rm -f "${ETC_DIR}/*-"
609 632 rm -f "${ETC_DIR}/apt/apt.conf.d/10proxy"
610 633 rm -f "${ETC_DIR}/resolv.conf"
611 634 rm -f "${R}/root/.bash_history"
612 635 rm -f "${R}/var/lib/urandom/random-seed"
613 636 rm -f "${R}/initrd.img"
614 637 rm -f "${R}/vmlinuz"
615 638 rm -f "${R}${QEMU_BINARY}"
616 639
617 640 if [ "$ENABLE_QEMU" = true ] ; then
618 641 # Setup QEMU directory
619 642 mkdir "${BASEDIR}/qemu"
620 643
621 644 # Copy kernel image to QEMU directory
622 645 install_readonly "${BOOT_DIR}/${KERNEL_IMAGE}" "${BASEDIR}/qemu/${KERNEL_IMAGE}"
623 646
624 647 # Copy kernel config to QEMU directory
625 648 install_readonly "${R}/boot/config-${KERNEL_VERSION}" "${BASEDIR}/qemu/config-${KERNEL_VERSION}"
626 649
627 650 # Copy kernel dtbs to QEMU directory
628 651 for dtb in "${BOOT_DIR}/"*.dtb ; do
629 652 if [ -f "${dtb}" ] ; then
630 653 install_readonly "${dtb}" "${BASEDIR}/qemu/"
631 654 fi
632 655 done
633 656
634 657 # Copy kernel overlays to QEMU directory
635 658 if [ -d "${BOOT_DIR}/overlays" ] ; then
636 659 # Setup overlays dtbs directory
637 660 mkdir "${BASEDIR}/qemu/overlays"
638 661
639 662 for dtb in "${BOOT_DIR}/overlays/"*.dtb ; do
640 663 if [ -f "${dtb}" ] ; then
641 664 install_readonly "${dtb}" "${BASEDIR}/qemu/overlays/"
642 665 fi
643 666 done
644 667 fi
645 668
646 669 # Copy u-boot files to QEMU directory
647 670 if [ "$ENABLE_UBOOT" = true ] ; then
648 671 if [ -f "${BOOT_DIR}/u-boot.bin" ] ; then
649 672 install_readonly "${BOOT_DIR}/u-boot.bin" "${BASEDIR}/qemu/u-boot.bin"
650 673 fi
651 674 if [ -f "${BOOT_DIR}/uboot.mkimage" ] ; then
652 675 install_readonly "${BOOT_DIR}/uboot.mkimage" "${BASEDIR}/qemu/uboot.mkimage"
653 676 fi
654 677 if [ -f "${BOOT_DIR}/boot.scr" ] ; then
655 678 install_readonly "${BOOT_DIR}/boot.scr" "${BASEDIR}/qemu/boot.scr"
656 679 fi
657 680 fi
658 681
659 682 # Copy initramfs to QEMU directory
660 683 if [ -f "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" ] ; then
661 684 install_readonly "${BOOT_DIR}/initramfs-${KERNEL_VERSION}" "${BASEDIR}/qemu/initramfs-${KERNEL_VERSION}"
662 685 fi
663 686 fi
664 687
665 688 # Calculate size of the chroot directory in KB
666 689 CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')")
667 690
668 691 # Calculate the amount of needed 512 Byte sectors
669 692 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
670 693 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
671 694 ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}")
672 695
673 696 # The root partition is EXT4
674 697 # This means more space than the actual used space of the chroot is used.
675 698 # As overhead for journaling and reserved blocks 35% are added.
676 699 ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512)
677 700
678 701 # Calculate required image size in 512 Byte sectors
679 702 IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}")
680 703
681 704 # Prepare image file
682 705 if [ "$ENABLE_SPLITFS" = true ] ; then
683 706 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}"
684 707 dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}"
685 708 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}"
686 709 dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}"
687 710
688 711 # Write firmware/boot partition tables
689 712 sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null <<EOM
690 713 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
691 714 EOM
692 715
693 716 # Write root partition table
694 717 sfdisk -q -L -uS -f "$IMAGE_NAME-root.img" 2> /dev/null <<EOM
695 718 ${TABLE_SECTORS},${ROOT_SECTORS},83
696 719 EOM
697 720
698 721 # Setup temporary loop devices
699 722 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME"-frmw.img)"
700 723 ROOT_LOOP="$(losetup -o 1M -f --show "$IMAGE_NAME"-root.img)"
701 724 else # ENABLE_SPLITFS=false
702 725 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count="${TABLE_SECTORS}"
703 726 dd if=/dev/zero of="$IMAGE_NAME.img" bs=512 count=0 seek="${IMAGE_SECTORS}"
704 727
705 728 # Write partition table
706 729 sfdisk -q -L -uS -f "$IMAGE_NAME.img" 2> /dev/null <<EOM
707 730 ${TABLE_SECTORS},${FRMW_SECTORS},c,*
708 731 ${ROOT_OFFSET},${ROOT_SECTORS},83
709 732 EOM
710 733
711 734 # Setup temporary loop devices
712 735 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show "$IMAGE_NAME".img)"
713 736 ROOT_LOOP="$(losetup -o 65M -f --show "$IMAGE_NAME".img)"
714 737 fi
715 738
716 739 if [ "$ENABLE_CRYPTFS" = true ] ; then
717 740 # Create dummy ext4 fs
718 741 mkfs.ext4 "$ROOT_LOOP"
719 742
720 743 # Setup password keyfile
721 744 touch .password
722 745 chmod 600 .password
723 746 echo -n ${CRYPTFS_PASSWORD} > .password
724 747
725 748 # Initialize encrypted partition
726 749 echo "YES" | cryptsetup luksFormat "${ROOT_LOOP}" -c "${CRYPTFS_CIPHER}" -s "${CRYPTFS_XTSKEYSIZE}" .password
727 750
728 751 # Open encrypted partition and setup mapping
729 752 cryptsetup luksOpen "${ROOT_LOOP}" -d .password "${CRYPTFS_MAPPING}"
730 753
731 754 # Secure delete password keyfile
732 755 shred -zu .password
733 756
734 757 # Update temporary loop device
735 758 ROOT_LOOP="/dev/mapper/${CRYPTFS_MAPPING}"
736 759
737 760 # Wipe encrypted partition (encryption cipher is used for randomness)
738 761 dd if=/dev/zero of="${ROOT_LOOP}" bs=512 count="$(blockdev --getsz "${ROOT_LOOP}")"
739 762 fi
740 763
741 764 # Build filesystems
742 765 mkfs.vfat "$FRMW_LOOP"
743 766 mkfs.ext4 "$ROOT_LOOP"
744 767
745 768 # Mount the temporary loop devices
746 769 mkdir -p "$BUILDDIR/mount"
747 770 mount "$ROOT_LOOP" "$BUILDDIR/mount"
748 771
749 772 mkdir -p "$BUILDDIR/mount/boot/firmware"
750 773 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
751 774
752 775 # Copy all files from the chroot to the loop device mount point directory
753 776 rsync -a "${R}/" "$BUILDDIR/mount/"
754 777
755 778 # Unmount all temporary loop devices and mount points
756 779 cleanup
757 780
758 781 # Create block map file(s) of image(s)
759 782 if [ "$ENABLE_SPLITFS" = true ] ; then
760 783 # Create block map files for "bmaptool"
761 784 bmaptool create -o "$IMAGE_NAME-frmw.bmap" "$IMAGE_NAME-frmw.img"
762 785 bmaptool create -o "$IMAGE_NAME-root.bmap" "$IMAGE_NAME-root.img"
763 786
764 787 # Image was successfully created
765 788 echo "$IMAGE_NAME-frmw.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
766 789 echo "$IMAGE_NAME-root.img ($(expr \( "${TABLE_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
767 790 else
768 791 # Create block map file for "bmaptool"
769 792 bmaptool create -o "$IMAGE_NAME.bmap" "$IMAGE_NAME.img"
770 793
771 794 # Image was successfully created
772 795 echo "$IMAGE_NAME.img ($(expr \( "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}" \) \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
773 796
774 797 # Create qemu qcow2 image
775 798 if [ "$ENABLE_QEMU" = true ] ; then
776 799 QEMU_IMAGE=${QEMU_IMAGE:=${BASEDIR}/qemu/${DATE}-${KERNEL_ARCH}-CURRENT-rpi${RPI_MODEL}-${RELEASE}-${RELEASE_ARCH}}
777 800 QEMU_SIZE=16G
778 801
779 802 qemu-img convert -f raw -O qcow2 "$IMAGE_NAME".img "$QEMU_IMAGE".qcow2
780 803 qemu-img resize "$QEMU_IMAGE".qcow2 $QEMU_SIZE
781 804
782 805 echo "$QEMU_IMAGE.qcow2 ($QEMU_SIZE)" ": successfully created"
783 806 fi
784 807 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant