##// END OF EJS Templates
removed the usb part from ubootusb
Unknown -
r541:fa11a3c0304b
parent child
Show More
@@ -8,7 +8,7
8 # Install and setup fstab
8 # Install and setup fstab
9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
9 install_readonly files/mount/fstab "${ETC_DIR}/fstab"
10
10
11 if [ "$ENABLE_UBOOTUSB" = true ] ; then
11 if [ "$ENABLE_USBBOOT" = true ] ; then
12 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
12 sed -i "s/mmcblk0p1/sda1/" "${ETC_DIR}/fstab"
13 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
13 sed -i "s/mmcblk0p2/sda2/" "${ETC_DIR}/fstab"
14 fi
14 fi
@@ -42,40 +42,54 if [ "$ENABLE_INITRAMFS" = true ] ; then
42 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
42 install_exec files/initramfs/expand-premount "${ETC_DIR}/initramfs-tools/scripts/local-premount/expand-premount"
43 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
43 install_exec files/initramfs/expand-tools "${ETC_DIR}/initramfs-tools/hooks/expand-tools"
44 fi
44 fi
45
46 if [ "$CRYPTFS_DROPBEAR" = true ] ; then
47 # Get cdir from NET_ADDRESS e.g. 24
48 cdir=$(${NET_ADDRESS} | cut -d '/' -f2)
49
50 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
51 NET_MASK=$(cdr2mask "$cdir")
52
53 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
54 sed -i "\$aIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
55
56 # Regenerate initramfs
57 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
58 fi
45
59
46 if [ "$CRYPTFS_DROPBEAR" = true ]; then
60 if [ "$CRYPTFS_DROPBEAR" = true ]; then
47 if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
61 if [ -n "$CRYPTFS_DROPBEAR_PUBKEY" ] && [ -f "$CRYPTFS_DROPBEAR_PUBKEY" ] ; then
48 install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
62 install_readonly "${CRYPTFS_DROPBEAR_PUBKEY}" "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
49 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys
63 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub >> "${ETC_DIR}"/dropbear-initramfs/authorized_keys
50 else
64 else
51 # Create key
65 # Create key
52 chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear
66 chroot_exec /usr/bin/dropbearkey -t rsa -f /etc/dropbear-initramfs/id_rsa.dropbear
53
67
54 # Convert dropbear key to openssh key
68 # Convert dropbear key to openssh key
55 chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa
69 chroot_exec /usr/lib/dropbear/dropbearconvert dropbear openssh /etc/dropbear-initramfs/id_rsa.dropbear /etc/dropbear-initramfs/id_rsa
56
70
57 # Get Public Key Part
71 # Get Public Key Part
58 chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear | chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub
72 chroot_exec /usr/bin/dropbearkey -y -f /etc/dropbear-initramfs/id_rsa.dropbear | chroot_exec tee /etc/dropbear-initramfs/id_rsa.pub
59
73
60 # Delete unwanted lines
74 # Delete unwanted lines
61 sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
75 sed -i '/Public/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
62 sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
76 sed -i '/Fingerprint/d' "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub
63
77
64 # Trust the new key
78 # Trust the new key
65 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys
79 cat "${ETC_DIR}"/dropbear-initramfs/id_rsa.pub > "${ETC_DIR}"/dropbear-initramfs/authorized_keys
66
80
67 # Save Keys - convert with putty from rsa/openssh to puttkey
81 # Save Keys - convert with putty from rsa/openssh to puttkey
68 cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa
82 cp -f "${ETC_DIR}"/dropbear-initramfs/id_rsa "${BASEDIR}"/dropbear_initramfs_key.rsa
69
83
70 # Get unlock script
84 # Get unlock script
71 install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh
85 install_exec files/initramfs/crypt_unlock.sh "${ETC_DIR}"/initramfs-tools/hooks/crypt_unlock.sh
72
86
73 # Enable Dropbear inside initramfs
87 # Enable Dropbear inside initramfs
74 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
88 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=y\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
75
89
76 # Enable Dropbear inside initramfs
90 # Enable Dropbear inside initramfs
77 sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear
91 sed -i "54 i sleep 5" "${R}"/usr/share/initramfs-tools/scripts/init-premount/dropbear
78 fi
92 fi
79 else
93 else
80 # Disable SSHD inside initramfs
94 # Disable SSHD inside initramfs
81 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
95 printf "#\n# DROPBEAR: [ y | n ]\n#\n\nDROPBEAR=n\n" >> "${ETC_DIR}/initramfs-tools/initramfs.conf"
@@ -54,7 +54,7 if [ "$ENABLE_KEYGEN" = true] ; then
54 fi
54 fi
55
55
56 # Setup firmware boot cmdline
56 # Setup firmware boot cmdline
57 if [ "$ENABLE_UBOOTUSB" = true ] ; then
57 if [ "$ENABLE_USBBOOT" = true ] ; then
58 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait init=/bin/systemd"
58 CMDLINE="dwc_otg.lpm_enable=0 root=/dev/sda2 rootfstype=ext4 rootflags=commit=100,data=writeback elevator=deadline rootwait init=/bin/systemd"
59 else
59 else
60 if [ "$ENABLE_SPLITFS" = true ] ; then
60 if [ "$ENABLE_SPLITFS" = true ] ; then
@@ -69,7 +69,7 if [ "$ENABLE_CRYPTFS" = true ] ; then
69 if [ "$ENABLE_SPLITFS" = true ] ; then
69 if [ "$ENABLE_SPLITFS" = true ] ; then
70 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
70 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/")
71 else
71 else
72 if [ "$ENABLE_UBOOTUSB" = true ] ; then
72 if [ "$ENABLE_USBBOOT" = true ] ; then
73 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
73 CMDLINE=$(echo "${CMDLINE}" | sed "s/sda2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda2:${CRYPTFS_MAPPING}/")
74 else
74 else
75 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
75 CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/")
@@ -57,20 +57,6 else # ENABLE_DHCP=false
57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
57 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_1}|"\
58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
58 -e "0,/NTP=\$/ s|NTP=\$|NTP=${NET_NTP_2}|"\
59 "${ETC_DIR}/systemd/network/eth.network"
59 "${ETC_DIR}/systemd/network/eth.network"
60
61 if [ "$CRYPTFS_DROPBEAR" = true ] ; then
62 # Get cdir from NET_ADDRESS e.g. 24
63 cdir=$(${NET_ADDRESS} | cut -d '/' -f2)
64
65 # Convert cdir ro netmask e.g. 24 to 255.255.255.0
66 NET_MASK=$(cdr2mask "$cdir")
67
68 # Write static ip settings to "${ETC_DIR}"/initramfs-tools/initramfs.conf
69 sed -i "\$aIP=${NET_ADDRESS}::${NET_GATEWAY}:${NET_MASK}:${HOSTNAME}:" "${ETC_DIR}"/initramfs-tools/initramfs.conf
70
71 # Regenerate initramfs
72 chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}"
73 fi
74 fi
60 fi
75
61
76 # Remove empty settings from network configuration
62 # Remove empty settings from network configuration
@@ -159,7 +159,7 ENABLE_MINBASE=${ENABLE_MINBASE:=false}
159 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
159 ENABLE_REDUCE=${ENABLE_REDUCE:=false}
160 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
160 ENABLE_UBOOT=${ENABLE_UBOOT:=false}
161 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
161 UBOOTSRC_DIR=${UBOOTSRC_DIR:=""}
162 ENABLE_UBOOTUSB=${ENABLE_UBOOTUSB=false}
162 ENABLE_USBBOOT=${ENABLE_USBBOOT=false}
163 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
163 ENABLE_FBTURBO=${ENABLE_FBTURBO:=false}
164 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
164 ENABLE_VIDEOCORE=${ENABLE_VIDEOCORE:=false}
165 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
165 ENABLE_NEXMON=${ENABLE_NEXMON:=false}
@@ -433,11 +433,13 fi
433 # Add device-tree-compiler required for building the U-Boot bootloader
433 # Add device-tree-compiler required for building the U-Boot bootloader
434 if [ "$ENABLE_UBOOT" = true ] ; then
434 if [ "$ENABLE_UBOOT" = true ] ; then
435 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
435 APT_INCLUDES="${APT_INCLUDES},device-tree-compiler,bison,flex,bc"
436 #else
436 fi
437 # if [ "$ENABLE_UBOOTUSB" = true ] ; then
437
438 # echo "error: Enabling UBOOTUSB requires u-boot to be enabled"
438 if [ "$ENABLE_USBBOOT" = true ] ; then
439 # exit 1
439 if ["$RPI_MODEL" != 3 ] || ["$RPI_MODEL" != 3P ] ; then
440 # fi
440 echo "error: Booting from USB alone is only supported by Raspberry Pi 3 and 3P"
441 exit 1
442 fi
441 fi
443 fi
442
444
443 # Check if root SSH (v2) public key file exists
445 # Check if root SSH (v2) public key file exists
General Comments 0
Vous devez vous connecter pour laisser un commentaire. Se connecter maintenant