##// END OF EJS Templates
Merge branch 'vknecht-master'
Jan Wagner -
r69:da643e7838f2 Fusion
parent child
Show More
@@ -1,214 +1,222
1 # rpi2-gen-image
1 # rpi2-gen-image
2 ## Introduction
2 ## Introduction
3 `rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time only supports the bootstrapping of the current stable Debian 8 "jessie" release.
3 `rpi2-gen-image.sh` is an advanced Debian Linux bootstrapping shell script for generating Debian OS images for the Raspberry 2 (RPi2) computer. The script at this time only supports the bootstrapping of the current stable Debian 8 "jessie" release.
4
4
5 ## Build dependencies
5 ## Build dependencies
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
6 The following list of Debian packages must be installed on the build system because they are essentially required for the bootstrapping process. The script will check if all required packages are installed and missing packages will be installed automatically if confirmed by the user.
7
7
8 ```debootstrap debian-archive-keyring qemu-user-static dosfstools rsync bmap-tools whois git-core```
8 ```debootstrap debian-archive-keyring qemu-user-static dosfstools rsync bmap-tools whois git-core```
9
9
10 ## Command-line parameters
10 ## Command-line parameters
11 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script.
11 The script accepts certain command-line parameters to enable or disable specific OS features, services and configuration settings. These parameters are passed to the `rpi2-gen-image.sh` script via (simple) shell-variables. Unlike environment shell-variables (simple) shell-variables are defined at the beginning of the command-line call of the `rpi2-gen-image.sh` script.
12
12
13 #####Command-line examples:
13 #####Command-line examples:
14 ```shell
14 ```shell
15 ENABLE_UBOOT=true ./rpi2-gen-image.sh
15 ENABLE_UBOOT=true ./rpi2-gen-image.sh
16 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh
16 ENABLE_CONSOLE=false ENABLE_IPV6=false ./rpi2-gen-image.sh
17 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh
17 ENABLE_WM=xfce4 ENABLE_FBTURBO=true ENABLE_MINBASE=true ./rpi2-gen-image.sh
18 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh
18 ENABLE_HARDNET=true ENABLE_IPTABLES=true /rpi2-gen-image.sh
19 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh
19 APT_SERVER=ftp.de.debian.org APT_PROXY="http://127.0.0.1:3142/" ./rpi2-gen-image.sh
20 ENABLE_MINBASE=true ./rpi2-gen-image.sh
20 ENABLE_MINBASE=true ./rpi2-gen-image.sh
21 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi2-gen-image.sh
21 BUILD_KERNEL=true ENABLE_MINBASE=true ENABLE_IPV6=false ./rpi2-gen-image.sh
22 ```
22 ```
23
23
24 #### APT settings:
24 #### APT settings:
25 ##### `APT_SERVER`="ftp.debian.org"
25 ##### `APT_SERVER`="ftp.debian.org"
26 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
26 Set Debian packages server address. Choose a server from the list of Debian worldwide [mirror sites](https://www.debian.org/mirror/list). Using a nearby server will probably speed-up all required downloads within the bootstrapping process.
27
27
28 ##### `APT_PROXY`=""
28 ##### `APT_PROXY`=""
29 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
29 Set Proxy server address. Using a local Proxy-Cache like `apt-cacher-ng` will speed-up the bootstrapping process because all required Debian packages will only be downloaded from the Debian mirror site once.
30
30
31 ##### `APT_INCLUDES`=""
31 ##### `APT_INCLUDES`=""
32 A comma seperated list of additional packages to be installed during bootstrapping.
32 A comma seperated list of additional packages to be installed during bootstrapping.
33
33
34 #### General system settings:
34 #### General system settings:
35 ##### `HOSTNAME`="rpi2-jessie"
35 ##### `HOSTNAME`="rpi2-jessie"
36 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
36 Set system host name. It's recommended that the host name is unique in the corresponding subnet.
37
37
38 ##### `PASSWORD`="raspberry"
38 ##### `PASSWORD`="raspberry"
39 Set system `root` password. The same password is used for the created user `pi`. It's **STRONGLY** recommended that you choose a custom password.
39 Set system `root` password. The same password is used for the created user `pi`. It's **STRONGLY** recommended that you choose a custom password.
40
40
41 ##### `DEFLOCAL`="en_US.UTF-8"
41 ##### `DEFLOCAL`="en_US.UTF-8"
42 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. The script variant `minbase` (ENABLE_MINBASE=true) doesn't install `locales`.
42 Set default system locale. This setting can also be changed inside the running OS using the `dpkg-reconfigure locales` command. The script variant `minbase` (ENABLE_MINBASE=true) doesn't install `locales`.
43
43
44 ##### `TIMEZONE`="Europe/Berlin"
44 ##### `TIMEZONE`="Europe/Berlin"
45 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
45 Set default system timezone. All available timezones can be found in the `/usr/share/zoneinfo/` directory. This setting can also be changed inside the running OS using the `dpkg-reconfigure tzdata` command.
46
46
47 ##### `EXPANDROOT`=true
47 ##### `EXPANDROOT`=true
48 Expand the root partition and filesystem automatically on first boot.
48 Expand the root partition and filesystem automatically on first boot.
49
49
50 #### Keyboard settings:
50 #### Keyboard settings:
51 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
51 These options are used to configure keyboard layout in `/etc/default/keyboard` for console and Xorg. These settings can also be changed inside the running OS using the `dpkg-reconfigure keyboard-configuration` command.
52
52
53 ##### `XKB_MODEL`=""
53 ##### `XKB_MODEL`=""
54 Set the name of the model of your keyboard type.
54 Set the name of the model of your keyboard type.
55
55
56 ##### `XKB_LAYOUT`=""
56 ##### `XKB_LAYOUT`=""
57 Set the supported keyboard layout(s).
57 Set the supported keyboard layout(s).
58
58
59 ##### `XKB_VARIANT`=""
59 ##### `XKB_VARIANT`=""
60 Set the supported variant(s) of the keyboard layout(s).
60 Set the supported variant(s) of the keyboard layout(s).
61
61
62 ##### `XKB_OPTIONS`=""
62 ##### `XKB_OPTIONS`=""
63 Set extra xkb configuration options.
63 Set extra xkb configuration options.
64
64
65 #### Networking settings (DHCP):
65 #### Networking settings (DHCP):
66 This setting is used to set up networking auto configuration in `/etc/systemd/network/eth.network`.
66 This setting is used to set up networking auto configuration in `/etc/systemd/network/eth.network`.
67
67
68 #####`ENABLE_DHCP`=true
68 #####`ENABLE_DHCP`=true
69 Set the system to use DHCP. This requires an DHCP server.
69 Set the system to use DHCP. This requires an DHCP server.
70
70
71 #### Networking settings (static):
71 #### Networking settings (static):
72 These settings are used to set up a static networking configuration in /etc/systemd/network/eth.network. The following static networking settings are only supported if `ENABLE_DHCP` was set to `false`.
72 These settings are used to set up a static networking configuration in /etc/systemd/network/eth.network. The following static networking settings are only supported if `ENABLE_DHCP` was set to `false`.
73
73
74 #####`NET_ADDRESS`=""
74 #####`NET_ADDRESS`=""
75 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
75 Set a static IPv4 or IPv6 address and its prefix, separated by "/", eg. "192.169.0.3/24".
76
76
77 #####`NET_GATEWAY`=""
77 #####`NET_GATEWAY`=""
78 Set the IP address for the default gateway.
78 Set the IP address for the default gateway.
79
79
80 #####`NET_DNS_1`=""
80 #####`NET_DNS_1`=""
81 Set the IP address for the first DNS server.
81 Set the IP address for the first DNS server.
82
82
83 #####`NET_DNS_2`=""
83 #####`NET_DNS_2`=""
84 Set the IP address for the second DNS server.
84 Set the IP address for the second DNS server.
85
85
86 #####`NET_DNS_DOMAINS`=""
86 #####`NET_DNS_DOMAINS`=""
87 Set the default DNS search domains to use for non fully qualified host names.
87 Set the default DNS search domains to use for non fully qualified host names.
88
88
89 #####`NET_NTP_1`=""
89 #####`NET_NTP_1`=""
90 Set the IP address for the first NTP server.
90 Set the IP address for the first NTP server.
91
91
92 #####`NET_NTP_2`=""
92 #####`NET_NTP_2`=""
93 Set the IP address for the second NTP server.
93 Set the IP address for the second NTP server.
94
94
95 #### Basic system features:
95 #### Basic system features:
96 ##### `ENABLE_CONSOLE`=true
96 ##### `ENABLE_CONSOLE`=true
97 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
97 Enable serial console interface. Recommended if no monitor or keyboard is connected to the RPi2. In case of problems fe. if the network (auto) configuration failed - the serial console can be used to access the system.
98
98
99 ##### `ENABLE_IPV6`=true
99 ##### `ENABLE_IPV6`=true
100 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
100 Enable IPv6 support. The network interface configuration is managed via systemd-networkd.
101
101
102 ##### `ENABLE_SSHD`=true
102 ##### `ENABLE_SSHD`=true
103 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
103 Install and enable OpenSSH service. The default configuration of the service doesn't allow `root` to login. Please use the user `pi` instead and `su -` or `sudo` to execute commands as root.
104
104
105 ##### `ENABLE_RSYSLOG`=true
105 ##### `ENABLE_RSYSLOG`=true
106 If set to false, disable and uninstall rsyslog (so logs will be available only
106 If set to false, disable and uninstall rsyslog (so logs will be available only
107 in journal files)
107 in journal files)
108
108
109 ##### `ENABLE_SOUND`=true
109 ##### `ENABLE_SOUND`=true
110 Enable sound hardware and install Advanced Linux Sound Architecture.
110 Enable sound hardware and install Advanced Linux Sound Architecture.
111
111
112 ##### `ENABLE_HWRANDOM`=true
112 ##### `ENABLE_HWRANDOM`=true
113 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
113 Enable Hardware Random Number Generator. Strong random numbers are important for most network based communications that use encryption. It's recommended to be enabled.
114
114
115 ##### `ENABLE_MINGPU`=false
115 ##### `ENABLE_MINGPU`=false
116 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
116 Minimize the amount of shared memory reserved for the GPU. It doesn't seem to be possible to fully disable the GPU.
117
117
118 ##### `ENABLE_DBUS`=true
118 ##### `ENABLE_DBUS`=true
119 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
119 Install and enable D-Bus message bus. Please note that systemd should work without D-bus but it's recommended to be enabled.
120
120
121 ##### `ENABLE_XORG`=false
121 ##### `ENABLE_XORG`=false
122 Install Xorg open-source X Window System.
122 Install Xorg open-source X Window System.
123
123
124 ##### `ENABLE_WM`=""
124 ##### `ENABLE_WM`=""
125 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
125 Install a user defined window manager for the X Window System. To make sure all X related package dependencies are getting installed `ENABLE_XORG` will automatically get enabled if `ENABLE_WM` is used. The `rpi2-gen-image.sh` script has been tested with the following list of window managers: `blackbox`, `openbox`, `fluxbox`, `jwm`, `dwm`, `xfce4`, `awesome`.
126
126
127 #### Advanced system features:
127 #### Advanced system features:
128 ##### `ENABLE_MINBASE`=false
128 ##### `ENABLE_MINBASE`=false
129 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
129 Use debootstrap script variant `minbase` which only includes essential packages and apt. This will reduce the disk usage by about 65 MB.
130
130
131 ##### `ENABLE_UBOOT`=false
131 ##### `ENABLE_UBOOT`=false
132 Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol.
132 Replace default RPi2 second stage bootloader (bootcode.bin) with U-Boot bootloader. U-Boot can boot images via the network using the BOOTP/TFTP protocol.
133
133
134 ##### `ENABLE_FBTURBO`=false
134 ##### `ENABLE_FBTURBO`=false
135 Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
135 Install and enable the hardware accelerated Xorg video driver `fbturbo`. Please note that this driver is currently limited to hardware accelerated window moving and scrolling.
136
136
137 ##### `ENABLE_IPTABLES`=false
137 ##### `ENABLE_IPTABLES`=false
138 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
138 Enable iptables IPv4/IPv6 firewall. Simplified ruleset: Allow all outgoing connections. Block all incoming connections except to OpenSSH service.
139
139
140 ##### `ENABLE_USER`=true
140 ##### `ENABLE_USER`=true
141 Create pi user with password raspberry
141 Create pi user with password raspberry
142
142
143 ##### `ENABLE_ROOT`=true
143 ##### `ENABLE_ROOT`=true
144 Set root user password so root login will be enabled
144 Set root user password so root login will be enabled
145
145
146 ##### `ENABLE_ROOT_SSH`=true
146 ##### `ENABLE_ROOT_SSH`=true
147 Enable password root login via SSH. May be a security risk with default
147 Enable password root login via SSH. May be a security risk with default
148 password, use only in trusted environments.
148 password, use only in trusted environments.
149
149
150 ##### `ENABLE_HARDNET`=false
150 ##### `ENABLE_HARDNET`=false
151 Enable IPv4/IPv6 network stack hardening settings.
151 Enable IPv4/IPv6 network stack hardening settings.
152
152
153 ##### `ENABLE_SPLITFS`=false
154 Enable having root partition on an USB drive by creating two image files: one for the `/boot/firmware` mount point, and another for `/`.
155
153 ##### `CHROOT_SCRIPTS`=""
156 ##### `CHROOT_SCRIPTS`=""
154 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
157 Path to a directory with scripts that should be run in the chroot before the image is finally built. Every executable file in this direcory is run in lexicographical order.
155
158
156 #### Kernel compilation:
159 #### Kernel compilation:
157 ##### `BUILD_KERNEL`=false
160 ##### `BUILD_KERNEL`=false
158 Build and install the latest RPi2 linux kernel. Currently only the default RPi2 kernel configuration is used. Detailed configuration parameters for customizing the kernel and minor bug fixes still need to get implemented. feel free to help.
161 Build and install the latest RPi2 linux kernel. Currently only the default RPi2 kernel configuration is used. Detailed configuration parameters for customizing the kernel and minor bug fixes still need to get implemented. feel free to help.
159
162
160 ##### `KERNEL_THREADS`=1
163 ##### `KERNEL_THREADS`=1
161 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
164 Number of parallel kernel building threads. If the parameter is left untouched the script will automatically determine the number of CPU cores to set the number of parallel threads to speed the kernel compilation.
162
165
163 ##### `KERNEL_HEADERS`=true
166 ##### `KERNEL_HEADERS`=true
164 Install kernel headers with built kernel.
167 Install kernel headers with built kernel.
165
168
166 ##### `KERNEL_RMSRC`=true
169 ##### `KERNEL_RMSRC`=true
167 Remove all kernel sources from the generated OS image after building.
170 Remove all kernel sources from the generated OS image after building.
168
171
169 ## Understanding the script
172 ## Understanding the script
170 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
173 The functions of this script that are required for the different stages of the bootstrapping are split up into single files located inside the `bootstrap.d` directory. During the bootstrapping every script in this directory gets executed in lexicographical order:
171
174
172 | Script | Description |
175 | Script | Description |
173 | --- | --- |
176 | --- | --- |
174 | `10-bootstrap.sh` | Debootstrap basic system |
177 | `10-bootstrap.sh` | Debootstrap basic system |
175 | `11-apt.sh` | Setup APT repositories |
178 | `11-apt.sh` | Setup APT repositories |
176 | `12-locale.sh` | Setup Locales and keyboard settings |
179 | `12-locale.sh` | Setup Locales and keyboard settings |
177 | `13-kernel.sh` | Build and install RPi2 Kernel |
180 | `13-kernel.sh` | Build and install RPi2 Kernel |
178 | `20-networking.sh` | Setup Networking |
181 | `20-networking.sh` | Setup Networking |
179 | `21-firewall.sh` | Setup Firewall |
182 | `21-firewall.sh` | Setup Firewall |
180 | `30-security.sh` | Setup Users and Security settings |
183 | `30-security.sh` | Setup Users and Security settings |
181 | `31-logging.sh` | Setup Logging |
184 | `31-logging.sh` | Setup Logging |
182 | `41-uboot.sh` | Build and Setup Uboot |
185 | `41-uboot.sh` | Build and Setup Uboot |
183 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
186 | `42-fbturbo.sh` | Build and Setup fbturbo Xorg driver |
184 | `50-firstboot.sh` | First boot actions |
187 | `50-firstboot.sh` | First boot actions |
185
188
186 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
189 All the required configuration files that will be copied to the generated OS image are located inside the `files` directory. It is not recommended to modify these configuration files manually.
187
190
188 | Directory | Description |
191 | Directory | Description |
189 | --- | --- |
192 | --- | --- |
190 | `boot` | Boot and RPi2 configuration files |
193 | `boot` | Boot and RPi2 configuration files |
191 | `firstboot` | Scripts that get executed on first boot |
194 | `firstboot` | Scripts that get executed on first boot |
192 | `iptables` | Firewall configuration files |
195 | `iptables` | Firewall configuration files |
193 | `locales` | Locales configuration |
196 | `locales` | Locales configuration |
194 | `modprobe.d` | Kernel Module Blacklist configuration |
197 | `modprobe.d` | Kernel Module Blacklist configuration |
195 | `mount` | Fstab configuration |
198 | `mount` | Fstab configuration |
196 | `network` | Networking configuration files |
199 | `network` | Networking configuration files |
197 | `sysctl.d` | Swapping and Network Hardening configuration |
200 | `sysctl.d` | Swapping and Network Hardening configuration |
198 | `xorg` | fbturbo Xorg driver configuration |
201 | `xorg` | fbturbo Xorg driver configuration |
199
202
200 ## Logging of the bootstrapping process
203 ## Logging of the bootstrapping process
201 All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
204 All information related to the bootstrapping process and the commands executed by the `rpi2-gen-image.sh` script can easily be saved into a logfile. The common shell command `script` can be used for this purpose:
202
205
203 ```shell
206 ```shell
204 script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log
207 script -c 'APT_SERVER=ftp.de.debian.org ./rpi2-gen-image.sh' ./build.log
205 ```
208 ```
206
209
207 ## Flashing the image file
210 ## Flashing the image file
208 After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
211 After the image file was successfully created by the `rpi2-gen-image.sh` script it can be copied to the microSD card that will be used by the RPi2 computer. This can be performed by using the tools `bmaptool` or `dd`. Using `bmaptool` will probably speed-up the copy process because `bmaptool` copies more wisely than `dd`.
209
212
210 #####Flashing examples:
213 #####Flashing examples:
211 ```shell
214 ```shell
212 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
215 bmaptool copy ./images/jessie/2015-12-13-debian-jessie.img /dev/mmcblk0
213 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
216 dd bs=4M if=./images/jessie/2015-12-13-debian-jessie.img of=/dev/mmcblk0
214 ```
217 ```
218 If you have set `ENABLE_SPLITFS`, copy the `-frmw` image on the microSD card, then the `-root` one on the USB drive:
219 ```shell
220 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-frmw.img /dev/mmcblk0
221 bmaptool copy ./images/jessie/2015-12-13-debian-jessie-root.img /dev/sdc
222 ```
@@ -1,115 +1,122
1 #
1 #
2 # Build and Setup RPi2 Kernel
2 # Build and Setup RPi2 Kernel
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Fetch and build latest raspberry kernel
8 # Fetch and build latest raspberry kernel
9 if [ "$BUILD_KERNEL" = true ] ; then
9 if [ "$BUILD_KERNEL" = true ] ; then
10 # Fetch current raspberrypi kernel sources
10 # Fetch current raspberrypi kernel sources
11 git -C $R/usr/src clone --depth=1 https://github.com/raspberrypi/linux
11 git -C $R/usr/src clone --depth=1 https://github.com/raspberrypi/linux
12
12
13 # Load default raspberry kernel configuration
13 # Load default raspberry kernel configuration
14 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcm2709_defconfig
14 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- bcm2709_defconfig
15
15
16 # Calculate optimal number of kernel building threads
16 # Calculate optimal number of kernel building threads
17 if [ "KERNEL_THREADS" = 1 ] ; then
17 if [ "KERNEL_THREADS" = 1 ] ; then
18 if [ -f /proc/cpuinfo ] ; then
18 if [ -f /proc/cpuinfo ] ; then
19 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
19 KERNEL_THREADS=$(grep -c processor /proc/cpuinfo)
20 fi
20 fi
21 fi
21 fi
22
22
23 # Cross compile kernel and modules
23 # Cross compile kernel and modules
24 make -C $R/usr/src/linux -j${KERNEL_THREADS} ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- zImage modules dtbs
24 make -C $R/usr/src/linux -j${KERNEL_THREADS} ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- zImage modules dtbs
25
25
26 # Install kernel modules
26 # Install kernel modules
27 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=../../.. modules_install
27 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_MOD_PATH=../../.. modules_install
28
28
29 # Install kernel headers
29 # Install kernel headers
30 if [ "$KERNEL_HEADERS" = true ]; then
30 if [ "$KERNEL_HEADERS" = true ]; then
31 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_HDR_PATH=../.. headers_install
31 make -C $R/usr/src/linux ARCH=arm CROSS_COMPILE=arm-linux-gnueabihf- INSTALL_HDR_PATH=../.. headers_install
32 fi
32 fi
33
33
34 # Copy and rename compiled kernel to boot directory
34 # Copy and rename compiled kernel to boot directory
35 mkdir $R/boot/firmware/
35 mkdir $R/boot/firmware/
36 $R/usr/src/linux/scripts/mkknlimg $R/usr/src/linux/arch/arm/boot/zImage $R/boot/firmware/kernel7.img
36 $R/usr/src/linux/scripts/mkknlimg $R/usr/src/linux/arch/arm/boot/zImage $R/boot/firmware/kernel7.img
37
37
38 # Copy dts and dtb device definitions
38 # Copy dts and dtb device definitions
39 mkdir $R/boot/firmware/overlays/
39 mkdir $R/boot/firmware/overlays/
40 cp $R/usr/src/linux/arch/arm/boot/dts/*.dtb $R/boot/firmware/
40 cp $R/usr/src/linux/arch/arm/boot/dts/*.dtb $R/boot/firmware/
41 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/*.dtb* $R/boot/firmware/overlays/
41 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/*.dtb* $R/boot/firmware/overlays/
42 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/README $R/boot/firmware/overlays/
42 cp $R/usr/src/linux/arch/arm/boot/dts/overlays/README $R/boot/firmware/overlays/
43
43
44 # Remove kernel sources
44 # Remove kernel sources
45 if [ "$KERNEL_RMSRC" = true ]; then
45 if [ "$KERNEL_RMSRC" = true ]; then
46 rm -fr $R/usr/src/linux
46 rm -fr $R/usr/src/linux
47 fi
47 fi
48
48
49 # Install raspberry bootloader and flash-kernel
49 # Install raspberry bootloader and flash-kernel
50 chroot_exec apt-get -qq -y --no-install-recommends install raspberrypi-bootloader-nokernel
50 chroot_exec apt-get -qq -y --no-install-recommends install raspberrypi-bootloader-nokernel
51 else
51 else
52 # Kernel installation
52 # Kernel installation
53 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${COLLABORA_KERNEL} raspberrypi-bootloader-nokernel
53 chroot_exec apt-get -qq -y --no-install-recommends install linux-image-${COLLABORA_KERNEL} raspberrypi-bootloader-nokernel
54
54
55 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
55 # Install flash-kernel last so it doesn't try (and fail) to detect the platform in the chroot
56 chroot_exec apt-get -qq -y install flash-kernel
56 chroot_exec apt-get -qq -y install flash-kernel
57
57
58 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
58 VMLINUZ="$(ls -1 $R/boot/vmlinuz-* | sort | tail -n 1)"
59 [ -z "$VMLINUZ" ] && exit 1
59 [ -z "$VMLINUZ" ] && exit 1
60 cp $VMLINUZ $R/boot/firmware/kernel7.img
60 cp $VMLINUZ $R/boot/firmware/kernel7.img
61 fi
61 fi
62
62
63 # Set up firmware boot cmdline
63 # Set up firmware boot cmdline
64 if [ "$ENABLE_SPLITFS" = true ] ; then
65 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda1 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
66 else
64 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
67 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/mmcblk0p2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait net.ifnames=1 console=tty1 ${CMDLINE}"
68 fi
65
69
66 # Set up serial console support (if requested)
70 # Set up serial console support (if requested)
67 if [ "$ENABLE_CONSOLE" = true ] ; then
71 if [ "$ENABLE_CONSOLE" = true ] ; then
68 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
72 CMDLINE="${CMDLINE} console=ttyAMA0,115200 kgdboc=ttyAMA0,115200"
69 fi
73 fi
70
74
71 # Set up IPv6 networking support
75 # Set up IPv6 networking support
72 if [ "$ENABLE_IPV6" = false ] ; then
76 if [ "$ENABLE_IPV6" = false ] ; then
73 CMDLINE="${CMDLINE} ipv6.disable=1"
77 CMDLINE="${CMDLINE} ipv6.disable=1"
74 fi
78 fi
75
79
76 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
80 echo "${CMDLINE}" >$R/boot/firmware/cmdline.txt
77
81
78 # Set up firmware config
82 # Set up firmware config
79 install_readonly files/boot/config.txt $R/boot/firmware/config.txt
83 install_readonly files/boot/config.txt $R/boot/firmware/config.txt
80
84
81 # Load snd_bcm2835 kernel module at boot time
85 # Load snd_bcm2835 kernel module at boot time
82 if [ "$ENABLE_SOUND" = true ] ; then
86 if [ "$ENABLE_SOUND" = true ] ; then
83 echo "snd_bcm2835" >>$R/etc/modules
87 echo "snd_bcm2835" >>$R/etc/modules
84 fi
88 fi
85
89
86 # Set smallest possible GPU memory allocation size: 16MB (no X)
90 # Set smallest possible GPU memory allocation size: 16MB (no X)
87 if [ "$ENABLE_MINGPU" = true ] ; then
91 if [ "$ENABLE_MINGPU" = true ] ; then
88 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
92 echo "gpu_mem=16" >>$R/boot/firmware/config.txt
89 fi
93 fi
90
94
91 # Create symlinks
95 # Create symlinks
92 ln -sf firmware/config.txt $R/boot/config.txt
96 ln -sf firmware/config.txt $R/boot/config.txt
93 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
97 ln -sf firmware/cmdline.txt $R/boot/cmdline.txt
94
98
95 # Prepare modules-load.d directory
99 # Prepare modules-load.d directory
96 mkdir -p $R/lib/modules-load.d/
100 mkdir -p $R/lib/modules-load.d/
97
101
98 # Load random module on boot
102 # Load random module on boot
99 if [ "$ENABLE_HWRANDOM" = true ] ; then
103 if [ "$ENABLE_HWRANDOM" = true ] ; then
100 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
104 cat <<EOM >$R/lib/modules-load.d/rpi2.conf
101 bcm2708_rng
105 bcm2708_rng
102 EOM
106 EOM
103 fi
107 fi
104
108
105 # Prepare modprobe.d directory
109 # Prepare modprobe.d directory
106 mkdir -p $R/etc/modprobe.d/
110 mkdir -p $R/etc/modprobe.d/
107
111
108 # Blacklist sound modules
112 # Blacklist sound modules
109 install_readonly files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
113 install_readonly files/modprobe.d/raspi-blacklist.conf $R/etc/modprobe.d/raspi-blacklist.conf
110
114
111 # Create default fstab
115 # Create default fstab
112 install_readonly files/mount/fstab $R/etc/fstab
116 install_readonly files/mount/fstab $R/etc/fstab
117 if [ "$ENABLE_SPLITFS" = true ] ; then
118 sed -i 's/mmcblk0p2/sda1/' $R/etc/fstab
119 fi
113
120
114 # Avoid swapping and increase cache sizes
121 # Avoid swapping and increase cache sizes
115 install_readonly files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
122 install_readonly files/sysctl.d/81-rpi-vm.conf $R/etc/sysctl.d/81-rpi-vm.conf
@@ -1,69 +1,69
1 #
1 #
2 # Setup Networking
2 # Setup Networking
3 #
3 #
4
4
5 # Load utility functions
5 # Load utility functions
6 . ./functions.sh
6 . ./functions.sh
7
7
8 # Set up IPv4 hosts
8 # Set up IPv4 hosts
9 install_readonly files/network/hostname $R/etc/hostname
9 install_readonly files/network/hostname $R/etc/hostname
10 sed -i -e "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname
10 sed -i -e "s/^rpi2-jessie/${HOSTNAME}/" $R/etc/hostname
11
11
12 install_readonly files/network/hosts $R/etc/hosts
12 install_readonly files/network/hosts $R/etc/hosts
13 sed -i -e "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts
13 sed -i -e "s/rpi2-jessie/${HOSTNAME}/" $R/etc/hosts
14
14
15 if [ "$NET_ADDRESS" != "" ] ; then
15 if [ "$NET_ADDRESS" != "" ] ; then
16 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
16 NET_IP=$(echo ${NET_ADDRESS} | cut -f 1 -d'/')
17 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
17 sed -i "s/^127.0.1.1/${NET_IP}/" $R/etc/hosts
18 fi
18 fi
19
19
20 # Set up IPv6 hosts
20 # Set up IPv6 hosts
21 if [ "$ENABLE_IPV6" = true ] ; then
21 if [ "$ENABLE_IPV6" = true ] ; then
22 cat <<EOM >>$R/etc/hosts
22 cat <<EOM >>$R/etc/hosts
23
23
24 ::1 localhost ip6-localhost ip6-loopback
24 ::1 localhost ip6-localhost ip6-loopback
25 ff02::1 ip6-allnodes
25 ff02::1 ip6-allnodes
26 ff02::2 ip6-allrouters
26 ff02::2 ip6-allrouters
27 EOM
27 EOM
28 fi
28 fi
29
29
30 # Place hint about network configuration
30 # Place hint about network configuration
31 install_readonly files/network/interfaces $R/etc/network/interfaces
31 install_readonly files/network/interfaces $R/etc/network/interfaces
32
32
33 if [ "$ENABLE_DHCP" = true ] ; then
33 if [ "$ENABLE_DHCP" = true ] ; then
34 # Enable systemd-networkd DHCP configuration for interface eth0
34 # Enable systemd-networkd DHCP configuration for interface eth0
35 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network
35 install_readonly files/network/eth.network $R/etc/systemd/network/eth.network
36
36
37 # Set DHCP configuration to IPv4 only
37 # Set DHCP configuration to IPv4 only
38 if [ "$ENABLE_IPV6" = false ] ; then
38 if [ "$ENABLE_IPV6" = false ] ; then
39 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
39 sed -i "s/^DHCP=yes/DHCP=v4/" $R/etc/systemd/network/eth.network
40 fi
40 fi
41 else # ENABLE_DHCP=false
41 else # ENABLE_DHCP=false
42 cat <<EOM >$R/etc/systemd/network/eth.network
42 cat <<EOM >$R/etc/systemd/network/eth.network
43 [Match]
43 [Match]
44 Name=eth0
44 Name=eth0
45
45
46 [Network]
46 [Network]
47 DHCP=no
47 DHCP=no
48 Address=${NET_ADDRESS}
48 Address=${NET_ADDRESS}
49 Gateway=${NET_GATEWAY}
49 Gateway=${NET_GATEWAY}
50 DNS=${NET_DNS_1}
50 DNS=${NET_DNS_1}
51 DNS=${NET_DNS_2}
51 DNS=${NET_DNS_2}
52 Domains=${NET_DNS_DOMAINS}
52 Domains=${NET_DNS_DOMAINS}
53 NTP=${NET_NTP_1}
53 NTP=${NET_NTP_1}
54 NTP=${NET_NTP_2}
54 NTP=${NET_NTP_2}
55 EOM
55 EOM
56 fi
56 fi
57
57
58 # Enable systemd-networkd service
58 # Enable systemd-networkd service
59 chroot_exec systemctl enable systemd-networkd
59 chroot_exec systemctl enable systemd-networkd
60
60
61 # Enable network stack hardening
61 # Enable network stack hardening
62 if [ "$ENABLE_HARDNET" = true ] ; then
62 if [ "$ENABLE_HARDNET" = true ] ; then
63 install_readonly files/sysctl.d/81-rpi-net-hardening.conf $R/etc/sysctl.d/81-rpi-net-hardening.conf
63 install_readonly files/sysctl.d/82-rpi-net-hardening.conf $R/etc/sysctl.d/82-rpi-net-hardening.conf
64
64
65 # Enable resolver warnings about spoofed addresses
65 # Enable resolver warnings about spoofed addresses
66 cat <<EOM >>$R/etc/host.conf
66 cat <<EOM >>$R/etc/host.conf
67 spoof warn
67 spoof warn
68 EOM
68 EOM
69 fi
69 fi
@@ -1,38 +1,38
1 # This file contains utility functions used by rpi2-gen-image.sh
1 # This file contains utility functions used by rpi2-gen-image.sh
2
2
3 cleanup (){
3 cleanup (){
4 set +x
4 set +x
5 set +e
5 set +e
6
6
7 # Identify and kill all processes still using files
7 # Identify and kill all processes still using files
8 echo "killing processes using mount point ..."
8 echo "killing processes using mount point ..."
9 fuser -k $R
9 fuser -k $R
10 sleep 3
10 sleep 3
11 fuser -9 -k -v $R
11 fuser -9 -k -v $R
12
12
13 # Clean up all temporary mount points
13 # Clean up all temporary mount points
14 echo "removing temporary mount points ..."
14 echo "removing temporary mount points ..."
15 umount -l $R/proc 2> /dev/null
15 umount -l $R/proc 2> /dev/null
16 umount -l $R/sys 2> /dev/null
16 umount -l $R/sys 2> /dev/null
17 umount -l $R/dev/pts 2> /dev/null
17 umount -l $R/dev/pts 2> /dev/null
18 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
18 umount "$BUILDDIR/mount/boot/firmware" 2> /dev/null
19 umount "$BUILDDIR/mount" 2> /dev/null
19 umount "$BUILDDIR/mount" 2> /dev/null
20 losetup -d "$EXT4_LOOP" 2> /dev/null
20 losetup -d "$ROOT_LOOP" 2> /dev/null
21 losetup -d "$VFAT_LOOP" 2> /dev/null
21 losetup -d "$FRMW_LOOP" 2> /dev/null
22 trap - 0 1 2 3 6
22 trap - 0 1 2 3 6
23 }
23 }
24
24
25 chroot_exec() {
25 chroot_exec() {
26 # Exec command in chroot
26 # Exec command in chroot
27 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot $R $*
27 LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot $R $*
28 }
28 }
29
29
30 install_readonly() {
30 install_readonly() {
31 # Install file with user read-only permissions
31 # Install file with user read-only permissions
32 install -o root -g root -m 644 $*
32 install -o root -g root -m 644 $*
33 }
33 }
34
34
35 install_exec() {
35 install_exec() {
36 # Install file with root exec permissions
36 # Install file with root exec permissions
37 install -o root -g root -m 744 $*
37 install -o root -g root -m 744 $*
38 }
38 }
@@ -1,313 +1,352
1 #!/bin/sh
1 #!/bin/sh
2
2
3 ########################################################################
3 ########################################################################
4 # rpi2-gen-image.sh ver2a 12/2015
4 # rpi2-gen-image.sh ver2a 12/2015
5 #
5 #
6 # Advanced debian "jessie" bootstrap script for RPi2
6 # Advanced debian "jessie" bootstrap script for RPi2
7 #
7 #
8 # This program is free software; you can redistribute it and/or
8 # This program is free software; you can redistribute it and/or
9 # modify it under the terms of the GNU General Public License
9 # modify it under the terms of the GNU General Public License
10 # as published by the Free Software Foundation; either version 2
10 # as published by the Free Software Foundation; either version 2
11 # of the License, or (at your option) any later version.
11 # of the License, or (at your option) any later version.
12 #
12 #
13 # some parts based on rpi2-build-image:
13 # some parts based on rpi2-build-image:
14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
14 # Copyright (C) 2015 Ryan Finnie <ryan@finnie.org>
15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
15 # Copyright (C) 2015 Luca Falavigna <dktrkranz@debian.org>
16 ########################################################################
16 ########################################################################
17
17
18 # Load utility functions
18 # Load utility functions
19 . ./functions.sh
19 . ./functions.sh
20
20
21 set -e
21 set -e
22 echo -n -e "\n#\n# RPi2 Bootstrap Settings\n#\n"
22 echo -n -e "\n#\n# RPi2 Bootstrap Settings\n#\n"
23 set -x
23 set -x
24
24
25 # Debian release
25 # Debian release
26 RELEASE=${RELEASE:=jessie}
26 RELEASE=${RELEASE:=jessie}
27 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
27 COLLABORA_KERNEL=${COLLABORA_KERNEL:=3.18.0-trunk-rpi2}
28
28
29 # Build settings
29 # Build settings
30 BASEDIR=$(pwd)/images/${RELEASE}
30 BASEDIR=$(pwd)/images/${RELEASE}
31 BUILDDIR=${BASEDIR}/build
31 BUILDDIR=${BASEDIR}/build
32
32
33 # General settings
33 # General settings
34 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
34 HOSTNAME=${HOSTNAME:=rpi2-${RELEASE}}
35 PASSWORD=${PASSWORD:=raspberry}
35 PASSWORD=${PASSWORD:=raspberry}
36 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
36 DEFLOCAL=${DEFLOCAL:="en_US.UTF-8"}
37 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
37 TIMEZONE=${TIMEZONE:="Europe/Berlin"}
38 EXPANDROOT=${EXPANDROOT:=true}
38 EXPANDROOT=${EXPANDROOT:=true}
39
39
40 # Keyboard settings
40 # Keyboard settings
41 XKB_MODEL=${XKB_MODEL:=""}
41 XKB_MODEL=${XKB_MODEL:=""}
42 XKB_LAYOUT=${XKB_LAYOUT:=""}
42 XKB_LAYOUT=${XKB_LAYOUT:=""}
43 XKB_VARIANT=${XKB_VARIANT:=""}
43 XKB_VARIANT=${XKB_VARIANT:=""}
44 XKB_OPTIONS=${XKB_OPTIONS:=""}
44 XKB_OPTIONS=${XKB_OPTIONS:=""}
45
45
46 # Network settings (DHCP)
46 # Network settings (DHCP)
47 ENABLE_DHCP=${ENABLE_DHCP:=true}
47 ENABLE_DHCP=${ENABLE_DHCP:=true}
48
48
49 # Network settings (static)
49 # Network settings (static)
50 # only used on ENABLE_DHCP=false
50 # only used on ENABLE_DHCP=false
51 NET_ADDRESS=${NET_ADDRESS:=""}
51 NET_ADDRESS=${NET_ADDRESS:=""}
52 NET_GATEWAY=${NET_GATEWAY:=""}
52 NET_GATEWAY=${NET_GATEWAY:=""}
53 NET_DNS_1=${NET_DNS_1:=""}
53 NET_DNS_1=${NET_DNS_1:=""}
54 NET_DNS_2=${NET_DNS_2:=""}
54 NET_DNS_2=${NET_DNS_2:=""}
55 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
55 NET_DNS_DOMAINS=${NET_DNS_DOMAINS:=""}
56 NET_NTP_1=${NET_NTP_1:=""}
56 NET_NTP_1=${NET_NTP_1:=""}
57 NET_NTP_2=${NET_NTP_2:=""}
57 NET_NTP_2=${NET_NTP_2:=""}
58
58
59 # APT settings
59 # APT settings
60 APT_PROXY=${APT_PROXY:=""}
60 APT_PROXY=${APT_PROXY:=""}
61 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
61 APT_SERVER=${APT_SERVER:="ftp.debian.org"}
62
62
63 # Feature settings
63 # Feature settings
64 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
64 ENABLE_CONSOLE=${ENABLE_CONSOLE:=true}
65 ENABLE_IPV6=${ENABLE_IPV6:=true}
65 ENABLE_IPV6=${ENABLE_IPV6:=true}
66 ENABLE_SSHD=${ENABLE_SSHD:=true}
66 ENABLE_SSHD=${ENABLE_SSHD:=true}
67 ENABLE_SOUND=${ENABLE_SOUND:=true}
67 ENABLE_SOUND=${ENABLE_SOUND:=true}
68 ENABLE_DBUS=${ENABLE_DBUS:=true}
68 ENABLE_DBUS=${ENABLE_DBUS:=true}
69 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
69 ENABLE_HWRANDOM=${ENABLE_HWRANDOM:=true}
70 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
70 ENABLE_MINGPU=${ENABLE_MINGPU:=false}
71 ENABLE_XORG=${ENABLE_XORG:=false}
71 ENABLE_XORG=${ENABLE_XORG:=false}
72 ENABLE_WM=${ENABLE_WM:=""}
72 ENABLE_WM=${ENABLE_WM:=""}
73 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
73 ENABLE_RSYSLOG=${ENABLE_RSYSLOG:=true}
74 ENABLE_USER=${ENABLE_USER:=true}
74 ENABLE_USER=${ENABLE_USER:=true}
75 ENABLE_ROOT=${ENABLE_ROOT:=false}
75 ENABLE_ROOT=${ENABLE_ROOT:=false}
76 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
76 ENABLE_ROOT_SSH=${ENABLE_ROOT_SSH:=false}
77
77
78 # Advanced settings
78 # Advanced settings
79 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
79 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
80 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
80 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
81 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
81 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
82 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
82 ENABLE_HARDNET=${ENABLE_HARDNET:=false}
83 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
83 ENABLE_IPTABLES=${ENABLE_IPTABLES:=false}
84 ENABLE_SPLITFS=${ENABLE_SPLITFS:=false}
84
85
85 # Kernel compilation settings
86 # Kernel compilation settings
86 BUILD_KERNEL=${BUILD_KERNEL:=false}
87 BUILD_KERNEL=${BUILD_KERNEL:=false}
87 KERNEL_THREADS=${KERNEL_THREADS:=1}
88 KERNEL_THREADS=${KERNEL_THREADS:=1}
88 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
89 KERNEL_HEADERS=${KERNEL_HEADERS:=true}
89 KERNEL_RMSRC=${KERNEL_RMSRC:=true}
90 KERNEL_RMSRC=${KERNEL_RMSRC:=true}
90
91
91 # Image chroot path
92 # Image chroot path
92 R=${BUILDDIR}/chroot
93 R=${BUILDDIR}/chroot
93 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
94 CHROOT_SCRIPTS=${CHROOT_SCRIPTS:=""}
94
95
95 # Packages required for bootstrapping
96 # Packages required for bootstrapping
96 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
97 REQUIRED_PACKAGES="debootstrap debian-archive-keyring qemu-user-static binfmt-support dosfstools rsync bmap-tools whois git-core"
97
98
98 # Missing packages that need to be installed
99 # Missing packages that need to be installed
99 MISSING_PACKAGES=""
100 MISSING_PACKAGES=""
100
101
101 # Packages required in the chroot build environment
102 # Packages required in the chroot build environment
102 APT_INCLUDES=${APT_INCLUDES:=""}
103 APT_INCLUDES=${APT_INCLUDES:=""}
103 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
104 APT_INCLUDES="${APT_INCLUDES},apt-transport-https,ca-certificates,debian-archive-keyring,dialog,sudo"
104
105
105 set +x
106 set +x
106
107
107 # Are we running as root?
108 # Are we running as root?
108 if [ "$(id -u)" -ne "0" ] ; then
109 if [ "$(id -u)" -ne "0" ] ; then
109 echo "this script must be executed with root privileges"
110 echo "this script must be executed with root privileges"
110 exit 1
111 exit 1
111 fi
112 fi
112
113
113 # Add packages required for kernel cross compilation
114 # Add packages required for kernel cross compilation
114 if [ "$BUILD_KERNEL" = true ] ; then
115 if [ "$BUILD_KERNEL" = true ] ; then
115 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
116 REQUIRED_PACKAGES="${REQUIRED_PACKAGES} crossbuild-essential-armhf"
116 fi
117 fi
117
118
118 # Check if all required packages are installed
119 # Check if all required packages are installed
119 for package in $REQUIRED_PACKAGES ; do
120 for package in $REQUIRED_PACKAGES ; do
120 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
121 if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then
121 MISSING_PACKAGES="$MISSING_PACKAGES $package"
122 MISSING_PACKAGES="$MISSING_PACKAGES $package"
122 fi
123 fi
123 done
124 done
124
125
125 # Ask if missing packages should get installed right now
126 # Ask if missing packages should get installed right now
126 if [ -n "$MISSING_PACKAGES" ] ; then
127 if [ -n "$MISSING_PACKAGES" ] ; then
127 echo "the following packages needed by this script are not installed:"
128 echo "the following packages needed by this script are not installed:"
128 echo "$MISSING_PACKAGES"
129 echo "$MISSING_PACKAGES"
129
130
130 echo -n "\ndo you want to install the missing packages right now? [y/n] "
131 echo -n "\ndo you want to install the missing packages right now? [y/n] "
131 read confirm
132 read confirm
132 if [ "$confirm" != "y" ] ; then
133 if [ "$confirm" != "y" ] ; then
133 exit 1
134 exit 1
134 fi
135 fi
135 fi
136 fi
136
137
137 # Make sure all required packages are installed
138 # Make sure all required packages are installed
138 apt-get -qq -y install ${REQUIRED_PACKAGES}
139 apt-get -qq -y install ${REQUIRED_PACKAGES}
139
140
140 # Don't clobber an old build
141 # Don't clobber an old build
141 if [ -e "$BUILDDIR" ]; then
142 if [ -e "$BUILDDIR" ]; then
142 echo "directory $BUILDDIR already exists, not proceeding"
143 echo "directory $BUILDDIR already exists, not proceeding"
143 exit 1
144 exit 1
144 fi
145 fi
145
146
146 set -x
147 set -x
147
148
148 # Call "cleanup" function on various signals and errors
149 # Call "cleanup" function on various signals and errors
149 trap cleanup 0 1 2 3 6
150 trap cleanup 0 1 2 3 6
150
151
151 # Set up chroot directory
152 # Set up chroot directory
152 mkdir -p $R
153 mkdir -p $R
153
154
154 # Add required packages for the minbase installation
155 # Add required packages for the minbase installation
155 if [ "$ENABLE_MINBASE" = true ] ; then
156 if [ "$ENABLE_MINBASE" = true ] ; then
156 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
157 APT_INCLUDES="${APT_INCLUDES},vim-tiny,netbase,net-tools"
157 else
158 else
158 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
159 APT_INCLUDES="${APT_INCLUDES},locales,keyboard-configuration,console-setup"
159 fi
160 fi
160
161
161 # Add parted package, required to get partprobe utility
162 # Add parted package, required to get partprobe utility
162 if [ "$EXPANDROOT" = true ] ; then
163 if [ "$EXPANDROOT" = true ] ; then
163 APT_INCLUDES="${APT_INCLUDES},parted"
164 APT_INCLUDES="${APT_INCLUDES},parted"
164 fi
165 fi
165
166
166 # Add dbus package, recommended if using systemd
167 # Add dbus package, recommended if using systemd
167 if [ "$ENABLE_DBUS" = true ] ; then
168 if [ "$ENABLE_DBUS" = true ] ; then
168 APT_INCLUDES="${APT_INCLUDES},dbus"
169 APT_INCLUDES="${APT_INCLUDES},dbus"
169 fi
170 fi
170
171
171 # Add iptables IPv4/IPv6 package
172 # Add iptables IPv4/IPv6 package
172 if [ "$ENABLE_IPTABLES" = true ] ; then
173 if [ "$ENABLE_IPTABLES" = true ] ; then
173 APT_INCLUDES="${APT_INCLUDES},iptables"
174 APT_INCLUDES="${APT_INCLUDES},iptables"
174 fi
175 fi
175
176
176 # Add openssh server package
177 # Add openssh server package
177 if [ "$ENABLE_SSHD" = true ] ; then
178 if [ "$ENABLE_SSHD" = true ] ; then
178 APT_INCLUDES="${APT_INCLUDES},openssh-server"
179 APT_INCLUDES="${APT_INCLUDES},openssh-server"
179 fi
180 fi
180
181
181 # Add alsa-utils package
182 # Add alsa-utils package
182 if [ "$ENABLE_SOUND" = true ] ; then
183 if [ "$ENABLE_SOUND" = true ] ; then
183 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
184 APT_INCLUDES="${APT_INCLUDES},alsa-utils"
184 fi
185 fi
185
186
186 # Add rng-tools package
187 # Add rng-tools package
187 if [ "$ENABLE_HWRANDOM" = true ] ; then
188 if [ "$ENABLE_HWRANDOM" = true ] ; then
188 APT_INCLUDES="${APT_INCLUDES},rng-tools"
189 APT_INCLUDES="${APT_INCLUDES},rng-tools"
189 fi
190 fi
190
191
191 if [ "$ENABLE_USER" = true ]; then
192 if [ "$ENABLE_USER" = true ]; then
192 APT_INCLUDES="${APT_INCLUDES},sudo"
193 APT_INCLUDES="${APT_INCLUDES},sudo"
193 fi
194 fi
194
195
195 # Add fbturbo video driver
196 # Add fbturbo video driver
196 if [ "$ENABLE_FBTURBO" = true ] ; then
197 if [ "$ENABLE_FBTURBO" = true ] ; then
197 # Enable xorg package dependencies
198 # Enable xorg package dependencies
198 ENABLE_XORG=true
199 ENABLE_XORG=true
199 fi
200 fi
200
201
201 # Add user defined window manager package
202 # Add user defined window manager package
202 if [ -n "$ENABLE_WM" ] ; then
203 if [ -n "$ENABLE_WM" ] ; then
203 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
204 APT_INCLUDES="${APT_INCLUDES},${ENABLE_WM}"
204
205
205 # Enable xorg package dependencies
206 # Enable xorg package dependencies
206 ENABLE_XORG=true
207 ENABLE_XORG=true
207 fi
208 fi
208
209
209 # Add xorg package
210 # Add xorg package
210 if [ "$ENABLE_XORG" = true ] ; then
211 if [ "$ENABLE_XORG" = true ] ; then
211 APT_INCLUDES="${APT_INCLUDES},xorg"
212 APT_INCLUDES="${APT_INCLUDES},xorg"
212 fi
213 fi
213
214
214 ## Main bootstrap
215 ## Main bootstrap
215 for i in bootstrap.d/*.sh; do
216 for i in bootstrap.d/*.sh; do
216 head -n 3 $i
217 head -n 3 $i
217 . $i
218 . $i
218 done
219 done
219
220
220 ## Custom bootstrap scripts
221 ## Custom bootstrap scripts
221 if [ -d "custom.d" ]; then
222 if [ -d "custom.d" ]; then
222 for i in custom.d/*.sh; do
223 for i in custom.d/*.sh; do
223 . $i
224 . $i
224 done
225 done
225 fi
226 fi
226
227
227 # Invoke custom scripts
228 # Invoke custom scripts
228 if [ -n "${CHROOT_SCRIPTS}" ]; then
229 if [ -n "${CHROOT_SCRIPTS}" ]; then
229 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
230 cp -r "${CHROOT_SCRIPTS}" "${R}/chroot_scripts"
230 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
231 LANG=C chroot $R bash -c 'for SCRIPT in /chroot_scripts/*; do if [ -f $SCRIPT -a -x $SCRIPT ]; then $SCRIPT; fi done;'
231 rm -rf "${R}/chroot_scripts"
232 rm -rf "${R}/chroot_scripts"
232 fi
233 fi
233
234
234 ## Cleanup
235 ## Cleanup
235 chroot_exec apt-get -y clean
236 chroot_exec apt-get -y clean
236 chroot_exec apt-get -y autoclean
237 chroot_exec apt-get -y autoclean
237 chroot_exec apt-get -y autoremove
238 chroot_exec apt-get -y autoremove
238
239
239 # Unmount mounted filesystems
240 # Unmount mounted filesystems
240 umount -l $R/proc
241 umount -l $R/proc
241 umount -l $R/sys
242 umount -l $R/sys
242
243
243 # Clean up files
244 # Clean up files
244 rm -f $R/etc/apt/sources.list.save
245 rm -f $R/etc/apt/sources.list.save
245 rm -f $R/etc/resolvconf/resolv.conf.d/original
246 rm -f $R/etc/resolvconf/resolv.conf.d/original
246 rm -rf $R/run
247 rm -rf $R/run
247 mkdir -p $R/run
248 mkdir -p $R/run
248 rm -f $R/etc/*-
249 rm -f $R/etc/*-
249 rm -f $R/root/.bash_history
250 rm -f $R/root/.bash_history
250 rm -rf $R/tmp/*
251 rm -rf $R/tmp/*
251 rm -f $R/var/lib/urandom/random-seed
252 rm -f $R/var/lib/urandom/random-seed
252 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
253 [ -L $R/var/lib/dbus/machine-id ] || rm -f $R/var/lib/dbus/machine-id
253 rm -f $R/etc/machine-id
254 rm -f $R/etc/machine-id
254 rm -fr $R/etc/apt/apt.conf.d/10proxy
255 rm -fr $R/etc/apt/apt.conf.d/10proxy
255 rm -f $R/etc/resolv.conf
256 rm -f $R/etc/resolv.conf
256
257
257 # Calculate size of the chroot directory in KB
258 # Calculate size of the chroot directory in KB
258 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
259 CHROOT_SIZE=$(expr `du -s $R | awk '{ print $1 }'`)
259
260
260 # Calculate the amount of needed 512 Byte sectors
261 # Calculate the amount of needed 512 Byte sectors
261 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
262 TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512)
262 BOOT_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
263 FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512)
263 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS})
264 ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS})
264
265
265 # The root partition is EXT4
266 # The root partition is EXT4
266 # This means more space than the actual used space of the chroot is used.
267 # This means more space than the actual used space of the chroot is used.
267 # As overhead for journaling and reserved blocks 20% are added.
268 # As overhead for journaling and reserved blocks 20% are added.
268 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
269 ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 20) \* 1024 \/ 512)
269
270
270 # Calculate required image size in 512 Byte sectors
271 # Calculate required image size in 512 Byte sectors
271 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${BOOT_SECTORS} + ${ROOT_SECTORS})
272 IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS})
272
273
273 # Prepare date string for image file name
274 # Prepare date string for image file name
274 DATE="$(date +%Y-%m-%d)"
275 DATE="$(date +%Y-%m-%d)"
275
276
276 # Prepare image file
277 # Prepare image file
278 if [ "$ENABLE_SPLITFS" = true ] ; then
279 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=${TABLE_SECTORS}
280 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS}
281 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=${TABLE_SECTORS}
282 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}-root.img" bs=512 count=0 seek=${ROOT_SECTORS}
283 # Write partition tables
284 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img" <<EOM
285 unit: sectors
286
287 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
288 2 : start= 0, size= 0, Id= 0
289 3 : start= 0, size= 0, Id= 0
290 4 : start= 0, size= 0, Id= 0
291 EOM
292 sfdisk -q -L -f "$BASEDIR/${DATE}-debian-${RELEASE}-root.img" <<EOM
293 unit: sectors
294
295 1 : start= ${TABLE_SECTORS}, size= ${ROOT_SECTORS}, Id=83
296 2 : start= 0, size= 0, Id= 0
297 3 : start= 0, size= 0, Id= 0
298 4 : start= 0, size= 0, Id= 0
299 EOM
300 # Set up temporary loop devices
301 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-frmw.img)"
302 ROOT_LOOP="$(losetup -o 1M -f --show $BASEDIR/${DATE}-debian-${RELEASE}-root.img)"
303 else
277 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
304 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=${TABLE_SECTORS}
278 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
305 dd if=/dev/zero of="$BASEDIR/${DATE}-debian-${RELEASE}.img" bs=512 count=0 seek=${IMAGE_SECTORS}
279
280 # Write partition table
306 # Write partition table
281 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
307 sfdisk -q -f "$BASEDIR/${DATE}-debian-${RELEASE}.img" <<EOM
282 unit: sectors
308 unit: sectors
283
309
284 1 : start= ${TABLE_SECTORS}, size= ${BOOT_SECTORS}, Id= c, bootable
310 1 : start= ${TABLE_SECTORS}, size= ${FRMW_SECTORS}, Id= c, bootable
285 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
311 2 : start= ${ROOT_OFFSET}, size= ${ROOT_SECTORS}, Id=83
286 3 : start= 0, size= 0, Id= 0
312 3 : start= 0, size= 0, Id= 0
287 4 : start= 0, size= 0, Id= 0
313 4 : start= 0, size= 0, Id= 0
288 EOM
314 EOM
315 # Set up temporary loop devices
316 FRMW_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
317 ROOT_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
318 fi
289
319
290 # Set up temporary loop devices and build filesystems
320 # Build filesystems
291 VFAT_LOOP="$(losetup -o 1M --sizelimit 64M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
321 mkfs.vfat "$FRMW_LOOP"
292 EXT4_LOOP="$(losetup -o 65M -f --show $BASEDIR/${DATE}-debian-${RELEASE}.img)"
322 mkfs.ext4 "$ROOT_LOOP"
293 mkfs.vfat "$VFAT_LOOP"
294 mkfs.ext4 "$EXT4_LOOP"
295
323
296 # Mount the temporary loop devices
324 # Mount the temporary loop devices
297 mkdir -p "$BUILDDIR/mount"
325 mkdir -p "$BUILDDIR/mount"
298 mount "$EXT4_LOOP" "$BUILDDIR/mount"
326 mount "$ROOT_LOOP" "$BUILDDIR/mount"
299
327
300 mkdir -p "$BUILDDIR/mount/boot/firmware"
328 mkdir -p "$BUILDDIR/mount/boot/firmware"
301 mount "$VFAT_LOOP" "$BUILDDIR/mount/boot/firmware"
329 mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware"
302
330
303 # Copy all files from the chroot to the loop device mount point directory
331 # Copy all files from the chroot to the loop device mount point directory
304 rsync -a "$R/" "$BUILDDIR/mount/"
332 rsync -a "$R/" "$BUILDDIR/mount/"
305
333
306 # Unmount all temporary loop devices and mount points
334 # Unmount all temporary loop devices and mount points
307 cleanup
335 cleanup
308
336
337 # Create block map file(s) of image(s)
338 if [ "$ENABLE_SPLITFS" = true ] ; then
339 # Create block map files for "bmaptool"
340 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img"
341 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}-root.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}-root.img"
342
343 # Image was successfully created
344 echo "$BASEDIR/${DATE}-debian-${RELEASE}-frmw.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
345 echo "$BASEDIR/${DATE}-debian-${RELEASE}-root.img ($(expr ${TABLE_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
346 else
309 # Create block map file for "bmaptool"
347 # Create block map file for "bmaptool"
310 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
348 bmaptool create -o "$BASEDIR/${DATE}-debian-${RELEASE}.bmap" "$BASEDIR/${DATE}-debian-${RELEASE}.img"
311
349
312 # Image was successfully created
350 # Image was successfully created
313 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img (${IMAGE_SIZE})" ": successfully created"
351 echo "$BASEDIR/${DATE}-debian-${RELEASE}.img ($(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS} \* 512 \/ 1024 \/ 1024)M)" ": successfully created"
352 fi
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant