diff options
| author | Jan Wagner <mail@jwagner.eu> | 2016-03-25 21:58:11 +0100 |
|---|---|---|
| committer | Jan Wagner <mail@jwagner.eu> | 2016-03-25 21:58:11 +0100 |
| commit | b33dfc51ccafb9172c0a29c0e4376f0db8b9e3f1 (patch) | |
| tree | 918f5d661c091cdac6bd6bcc28f677d0993f4369 /files | |
| parent | 50170a27d4119c047344793bb7aec685acb3ad6e (diff) | |
| download | rpi2-gen-image-b33dfc51ccafb9172c0a29c0e4376f0db8b9e3f1.tar.gz rpi2-gen-image-b33dfc51ccafb9172c0a29c0e4376f0db8b9e3f1.tar.bz2 rpi2-gen-image-b33dfc51ccafb9172c0a29c0e4376f0db8b9e3f1.zip | |
Added: ENABLE_CRYPTFS - encrypted rootfs, use-latest-bootloader, cp-cleanup
Diffstat (limited to 'files')
| -rw-r--r-- | files/apt/sources.list | 2 | ||||
| -rw-r--r-- | files/firstboot/21-generate-ssh-keys.sh | 24 | ||||
| -rw-r--r-- | files/firstboot/22-expandroot.sh | 16 | ||||
| -rw-r--r-- | files/firstboot/24-create-resolv-symlink.sh | 18 | ||||
| -rw-r--r-- | files/mount/crypttab | 1 |
5 files changed, 39 insertions, 22 deletions
diff --git a/files/apt/sources.list b/files/apt/sources.list index 36472fc..ffc2c9b 100644 --- a/files/apt/sources.list +++ b/files/apt/sources.list @@ -6,5 +6,3 @@ deb http://ftp.debian.org/debian/ jessie-updates main contrib deb http://security.debian.org/ jessie/updates main contrib #deb-src http://security.debian.org/ jessie/updates main contrib - -deb https://repositories.collabora.co.uk/debian jessie rpi2 diff --git a/files/firstboot/21-generate-ssh-keys.sh b/files/firstboot/21-generate-ssh-keys.sh index a6c567c..928ee2e 100644 --- a/files/firstboot/21-generate-ssh-keys.sh +++ b/files/firstboot/21-generate-ssh-keys.sh @@ -1,8 +1,20 @@ logger -t "rc.firstboot" "Generating SSH host keys" -rm -f /etc/ssh/ssh_host_* -ssh-keygen -q -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key -ssh-keygen -q -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key -ssh-keygen -q -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key -ssh-keygen -q -t ed25519 -N "" -f /etc/ssh/ssh_host_ed25519_key -systemctl restart sshd +if [ -d "/etc/ssh/" ] ; then + rm -f /etc/ssh/ssh_host_* + systemctl stop sshd + ssh-keygen -q -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key + ssh-keygen -q -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key + ssh-keygen -q -t ecdsa -N "" -f /etc/ssh/ssh_host_ecdsa_key + ssh-keygen -q -t ed25519 -N "" -f /etc/ssh/ssh_host_ed25519_key + systemctl start sshd +fi + +if [ -d "/etc/dropbear/" ] ; then + rm -f /etc/dropbear/dropbear_* + systemctl stop dropbear + dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key + dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key + dropbearkey -t ecdsa -f /etc/dropbear/dropbear_ecdsa_host_key + systemctl start dropbear +fi diff --git a/files/firstboot/22-expandroot.sh b/files/firstboot/22-expandroot.sh index 00b94af..03ec50d 100644 --- a/files/firstboot/22-expandroot.sh +++ b/files/firstboot/22-expandroot.sh @@ -5,14 +5,14 @@ case "${ROOT_PART}" in mmcblk0*) ROOT_DEV=mmcblk0 ;; sda*) ROOT_DEV=sda ;; esac -if [ "$PART_NUM" = "$ROOT_PART" ]; then +if [ "$PART_NUM" = "$ROOT_PART" ] ; then logger -t "rc.firstboot" "$ROOT_PART is not an SD card. Don't know how to expand" return 0 fi # NOTE: the NOOBS partition layout confuses parted. For now, let's only # agree to work with a sufficiently simple partition layout -if [ "$PART_NUM" -gt 2 ]; then +if [ "$PART_NUM" -gt 2 ] ; then logger -t "rc.firstboot" "Your partition layout is not currently supported by this tool." return 0 fi @@ -24,14 +24,18 @@ fi # Get the starting offset of the root partition PART_START=$(parted /dev/${ROOT_DEV} -ms unit s p | grep "^${PART_NUM}" | cut -f 2 -d: | sed 's/[^0-9]//g') -[ "$PART_START" ] || return 1 +if [ -z "$PART_START" ] ; then + logger -t "rc.firstboot" "${ROOT_DEV} unable to get starting sector of the partition" + return 1 +fi # Get the possible last sector for the root partition PART_LAST=$(fdisk -l /dev/${ROOT_DEV} | grep '^Disk.*sectors' | awk '{ print $7 - 1 }') -[ "$PART_LAST" ] || return 1 +if [ -z "$PART_LAST" ] ; then + logger -t "rc.firstboot" "${ROOT_DEV} unable to get last sector of the partition" + return 1 +fi -# Return value will likely be error for fdisk as it fails to reload the -# partition table because the root fs is mounted ### Since rc.local is run with "sh -e", let's add "|| true" to prevent premature exit fdisk /dev/${ROOT_DEV} <<EOF2 || true p diff --git a/files/firstboot/24-create-resolv-symlink.sh b/files/firstboot/24-create-resolv-symlink.sh index 0dd09de..8a3f00b 100644 --- a/files/firstboot/24-create-resolv-symlink.sh +++ b/files/firstboot/24-create-resolv-symlink.sh @@ -1,13 +1,15 @@ logger -t "rc.firstboot" "Creating /etc/resolv.conf symlink" - # Check if systemd resolve directory exists -if [ -d "/run/systemd/resolve" ] ; then - # Create resolv.conf file if it does not exists - if [ ! -f "/run/systemd/resolve/resolv.conf" ] ; then - touch /run/systemd/resolve/resolv.conf - fi +if [ ! -d "/run/systemd/resolve" ] ; then + systemctl enable systemd-resolved.service + systemctl restart systemd-resolved.service +fi - # Create symlink to /etc/reolv.conf - ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf +# Create resolv.conf file if it does not exists +if [ ! -f "/run/systemd/resolve/resolv.conf" ] ; then + touch /run/systemd/resolve/resolv.conf fi + +# Create symlink to /etc/reolv.conf +ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf diff --git a/files/mount/crypttab b/files/mount/crypttab new file mode 100644 index 0000000..78ae2e1 --- /dev/null +++ b/files/mount/crypttab @@ -0,0 +1 @@ +# <target name> <source device> <key file> <options> |