| @@ -16,9 +16,14 install_readonly files/apt/sources.list "${ETC_DIR}/apt/sources.list" | |||
|
|
16 | 16 | |
|
|
17 | 17 | # Use specified APT server and release |
|
|
18 | 18 | sed -i "s/\/ftp.debian.org\//\/${APT_SERVER}\//" "${ETC_DIR}/apt/sources.list" |
|
|
19 | ||
|
|
20 | #Fix for changing path for security updates in testing/bullseye | |
|
|
19 | 21 | if [ "$RELEASE" = "testing" ] ; then |
|
|
20 | 22 | sed -i "s,stretch\\/updates,testing-security," "${ETC_DIR}/apt/sources.list" |
|
|
21 | else | |
|
|
23 | fi | |
|
|
24 | ||
|
|
25 | if [ -z "$RELEASE" ] ; then | |
|
|
26 | # Change release in sources list | |
|
|
22 | 27 | sed -i "s/ stretch/ ${RELEASE}/" "${ETC_DIR}/apt/sources.list" |
|
|
23 | 28 | fi |
|
|
24 | 29 | |
| @@ -8,23 +8,20 | |||
|
|
8 | 8 | # Install and setup fstab |
|
|
9 | 9 | install_readonly files/mount/fstab "${ETC_DIR}/fstab" |
|
|
10 | 10 | |
|
|
11 | #USB BOOT /boot on sda1 / on sda2 | |
|
|
12 | if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_CRYPTFS" = false ]; then | |
|
|
13 | sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab" | |
|
|
14 | sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab" | |
|
|
15 | fi | |
|
|
16 | ||
|
|
11 | 17 | # Add usb/sda disk root partition to fstab |
|
|
12 | 18 |
if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_CRYPTFS" = false ] |
|
|
13 | 19 | sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/fstab" |
|
|
14 | 20 | fi |
|
|
15 | 21 | |
|
|
16 | if [ "$ENABLE_USBBOOT" = true ] ; then | |
|
|
17 | sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab" | |
|
|
18 | sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab" | |
|
|
19 | fi | |
|
|
20 | ||
|
|
21 | 22 | # Generate initramfs file |
|
|
22 | 23 | if [ "$ENABLE_INITRAMFS" = true ] ; then |
|
|
23 | 24 | if [ "$ENABLE_CRYPTFS" = true ] ; then |
|
|
24 | if [ "$ENABLE_USBBOOT" = true ] ; then | |
|
|
25 | # Add usb/sda2 disk to crypttab | |
|
|
26 | sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab" | |
|
|
27 | fi | |
|
|
28 | 25 | |
|
|
29 | 26 | # Include initramfs scripts to auto expand encrypted root partition |
|
|
30 | 27 | if [ "$EXPANDROOT" = true ] ; then |
| @@ -40,8 +37,14 if [ "$ENABLE_INITRAMFS" = true ] ; then | |||
|
|
40 | 37 | install_readonly files/mount/crypttab "${ETC_DIR}/crypttab" |
|
|
41 | 38 | echo "${CRYPTFS_MAPPING} /dev/mmcblk0p2 none luks,initramfs" >> "${ETC_DIR}/crypttab" |
|
|
42 | 39 | |
|
|
40 | if [ "$ENABLE_USBBOOT" = true ] && [ "$ENABLE_SPLITFS" = false ]; then | |
|
|
41 | sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab" | |
|
|
42 | # Add usb/sda2 disk to crypttab | |
|
|
43 | sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/crypttab" | |
|
|
44 | fi | |
|
|
45 | ||
|
|
43 | 46 | # Add encrypted root partition to fstab and crypttab |
|
|
44 | if [ "$ENABLE_SPLITFS" = true ] ; then | |
|
|
47 | if [ "$ENABLE_SPLITFS" = true ] && [ "$ENABLE_USBBOOT" = false ]; then | |
|
|
45 | 48 | # Add usb/sda1 disk to crypttab |
|
|
46 | 49 | sed -i "s/mmcblk0p2/sda1/" "${ETC_DIR}/crypttab" |
|
|
47 | 50 | fi |
| @@ -56,9 +59,6 if [ "$ENABLE_INITRAMFS" = true ] ; then | |||
|
|
56 | 59 | |
|
|
57 | 60 | # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf |
|
|
58 | 61 | sed -i "\$a\nIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf |
|
|
59 | ||
|
|
60 | #Regenerate initramfs | |
|
|
61 | #chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}" | |
|
|
62 | 62 |
|
|
|
63 | 63 | |
|
|
64 | 64 | if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then |
| @@ -100,10 +100,10 if [ "$ENABLE_INITRAMFS" = true ] ; then | |||
|
|
100 | 100 | fi |
|
|
101 | 101 | |
|
|
102 | 102 | # Add cryptsetup modules to initramfs |
|
|
103 | printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook" | |
|
|
103 | #printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook" | |
|
|
104 | 104 | |
|
|
105 | 105 | # Dummy mapping required by mkinitramfs |
|
|
106 |
echo "0 1 crypt |
|
|
|
106 | echo "0 1 crypt "${CRYPTFS_CIPHER}" ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}" | |
|
|
107 | 107 | |
|
|
108 | 108 | # Generate initramfs with encrypted root partition support |
|
|
109 | 109 | chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}" |
| @@ -863,7 +863,7 mkdir -p "$BUILDDIR/mount/boot/firmware" | |||
|
|
863 | 863 | mount "$FRMW_LOOP" "$BUILDDIR/mount/boot/firmware" |
|
|
864 | 864 | |
|
|
865 | 865 | # Copy all files from the chroot to the loop device mount point directory |
|
|
866 |
rsync -a |
|
|
|
866 | rsync -a --progress "${R}/" "$BUILDDIR/mount/" | |
|
|
867 | 867 | |
|
|
868 | 868 | # Unmount all temporary loop devices and mount points |
|
|
869 | 869 | cleanup |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant
