forked from asb/spindle
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwheezy-stage1
executable file
·146 lines (123 loc) · 4.89 KB
/
wheezy-stage1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
#!/bin/sh
# Part of spindle http://asbradbury.org/projects/spindle
#
# See LICENSE file for copyright and license details
set -e
. ./common
CURIMG=stage1.$IMGFORMAT
# Security for these keys doesn't matter: just using ssh as it's convenient
# It's not easy to disable authentication, so just use passwordless keys.
# could be generated with dropbearkey -t dss -f
# ./etc/dropbear/dropbear_dss_host_key and base64 encoding the result
DROPBEAR_DSS_KEY=$(cat <<EOF
AAAAB3NzaC1kc3MAAACBANfidOdFkDa7co3actgF4sQ0R8sYTzQ5jLAx23nwy5HKDt5pzwXKnkjq
wBm7/CsC7/WHozTlRSIwA+9jlZlteOUzALTUkICVA24rg90gjqiR5Gzqd6nSB1iKWjbTX5rxR+9j
HcVzfp832HHTRJgthQ035Em+6lJJ4PpIgRhDDE2jAAAAFQDlWsVzKm4G24GQnGxDuhGsrC2i5wAA
AIBelNlG6om0WZYsP9M1kA9DCaWaWVLVt/o7AeSjTT1/f7E2xwluPBRLqKMYdWab4EdkoZLL9QU/
c4t6vRSYMZ8dxT8fpZ49HZLMrg6Defxb5Us6IaMGJwEXKx5s1p37S2SMs2oYLBAxtTv3a2WvVGxO
mTFe6O1QV8C2/0Mml92S5wAAAIEAtaxaCnAIu1FJ4GJLAoKDQA2OZElYgMoD6WGn1JMYjdKa3xE0
8pl/IBt+OTZ3TR8ifuB0NrS6jlSi6pZVeqauZyZIkiIJPBULcsXWm98meeQpi0sz+uVyGSxVcVGT
icg5BSkoPHjAC4KrojvTKR85PPgW1rMeJ3sGgtSXsTVMEVQAAAAVALRiKgnxo7cCasEP41n3Kd3n
/5PB
EOF
)
# could be generated with sh-keygen -t dsa -f qemu_arm_key -N ""
PRIVATE_SSH_KEY=$(cat <<EOF
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQCndCU8k4fuxWa2phVz9s2WH2OtwYuNxn3I7VfW9WZt+La3DaKg
cjJo2yxT+PWbicdzZ7+bKn50F/9SJd+RgzcCrSHszOewpmDJfJQHrVje5A3XgfBF
3DZZzsRS3b4bR+24z7ws++qSL0UdQhX9R8V2UUPEw0B3tDZMsEB6os2D4wIVAP0K
CXSFvoyrSkxOV9SfLHY/wPbxAoGBAJa08pbR+BYR/5t6M2QMN+Hj87eReJ4Gov+j
ZGPFhVpQ7gdKllRMzWIxgb7UkxfXzXUhZSJHWOF66eFAP+zjEwiALYJVIcWCd19y
E3dP7qB9VTQdNYGrW0DA4oaxBL1AmnPtbrfT8mPs48dKoMoKYocoBYYASmu/hKU0
JTF5qtjTAoGAXHA/KTiu/w/e0LjX9aeMLu4+U9o+8AcRKKFUVsu2ADmrHTzPFE1F
0iBERYkCnm+n4ilOdL+YQTStyNzbsj8lgsc+PRB5f3S2o+Cd4ADC8E+A+FYrmYPK
duaZG6byxosiuE0SFPSnXtFHyw8uRH6ZFe/Z2qbdevgFO6ZU1kcvM4UCFQDnvfA8
2jtIk4Lc55jgJBl2ygLvwg==
-----END DSA PRIVATE KEY-----
EOF
)
# could be generated with sh-keygen -t dsa -f qemu_arm_key -N ""
PUBLIC_SSH_KEY="ssh-dss \
AAAAB3NzaC1kc3MAAACBAKd0JTyTh+7FZramFXP2zZYfY63Bi43GfcjtV9b1Zm34\
trcNoqByMmjbLFP49ZuJx3Nnv5sqfnQX/1Il35GDNwKtIezM57CmYMl8lAetWN7k\
DdeB8EXcNlnOxFLdvhtH7bjPvCz76pIvRR1CFf1HxXZRQ8TDQHe0NkywQHqizYPj\
AAAAFQD9Cgl0hb6Mq0pMTlfUnyx2P8D28QAAAIEAlrTyltH4FhH/m3ozZAw34ePz\
t5F4ngai/6NkY8WFWlDuB0qWVEzNYjGBvtSTF9fNdSFlIkdY4Xrp4UA/7OMTCIAt\
glUhxYJ3X3ITd0/uoH1VNB01gatbQMDihrEEvUCac+1ut9PyY+zjx0qgygpihygF\
hgBKa7+EpTQlMXmq2NMAAACAXHA/KTiu/w/e0LjX9aeMLu4+U9o+8AcRKKFUVsu2\
ADmrHTzPFE1F0iBERYkCnm+n4ilOdL+YQTStyNzbsj8lgsc+PRB5f3S2o+Cd4ADC\
8E+A+FYrmYPKduaZG6byxosiuE0SFPSnXtFHyw8uRH6ZFe/Z2qbdevgFO6ZU1kcv\
M4U= asb@ulala"
setup_dropbear() {
chmod +x dropbearmulti-armv6l &&
cp -a dropbearmulti-armv6l qemu_rootfs/bin/dropbear &&
cd qemu_rootfs/bin &&
ln -s dropbear scp &&
cd "$OLDPWD" &&
mkdir -p qemu_rootfs/etc/dropbear &&
printf "%s" "$DROPBEAR_DSS_KEY" | base64 -d > qemu_rootfs/etc/dropbear/dropbear_dss_host_key &&
printf "%s" "$PRIVATE_SSH_KEY" > qemu_arm_key &&
chmod 600 qemu_arm_key &&
printf "%s" "$PUBLIC_SSH_KEY" > qemu_arm_key.pub &&
cp -a qemu_arm_key.pub qemu_rootfs/root
}
INIT_SH=$(cat <<\EOF
#!/bin/sh
export HOME=/home/root
mount -t proc proc proc
mount -t sysfs sys sys
mount -t devtmpfs dev dev
mkdir -p dev/pts
mount -t devpts dev/pts dev/pts
export PS1='($HOST) \w \$ '
export PATH
ifconfig eth0 10.0.2.15
route add default gw 10.0.2.2
[ "$(date +%s)" -lt 1000 ] && rdate 10.0.2.2 # or time-b.nist.gov
mount -t tmpfs /tmp /tmp
mount -o noatime /dev/sdb2 /mnt
[ -d /mnt/tmp ] && mount --bind /tmp /mnt/tmp
mount -t tmpfs /home /home
mkdir -p /home/root
cd $HOME
mkdir -p /home/root/.ssh
cp -a /root/qemu_arm_key.pub /home/root/.ssh/authorized_keys
chmod 600 /home/root/.ssh/authorized_keys
dropbear -E -s
exec /sbin/oneit -c /dev/ttyAMA0 /bin/ash
EOF
)
replace_init_sh() {
printf "%s" "$INIT_SH" > qemu_rootfs/sbin/init.sh
}
do_second_stage_debootstrap() {
onvm_chroot sh -ex - <<EOF
export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
./debootstrap/debootstrap --second-stage
apt-get clean
EOF
}
# Made redundant by firmware debs
configure_udev() {
onvm_chroot sh -e - <<EOF
printf 'SUBSYSTEM=="vchiq", GROUP="video", MODE="0660"\n' > /etc/udev/rules.d/10-local-rpi.rules
EOF
}
cd $WORKDIR
dotask branch_image ../$OUTDIR/stage0.$IMGFORMAT $CURIMG
dotask download_if_necessary http://asbradbury.org/tmp/raspi/simple-root-filesystem-armv6l.tar.bz2
dotask download_if_necessary http://asbradbury.org/tmp/raspi/system-image-armv6l.tar.bz2
dotask download_if_necessary http://asbradbury.org/tmp/raspi/dropbearmulti-armv6l
[ -f zImage ] || tar -xf system-image-armv6l.tar.bz2 --strip-components=1 system-image-armv6l/zImage
tar -xvf simple-root-filesystem-armv6l.tar.bz2
rm -rf qemu_rootfs
mv simple-root-filesystem-armv6l qemu_rootfs
dotask setup_dropbear
dotask replace_init_sh
dotask mksquashfs qemu_rootfs qemu_rootfs.sqf -noappend -all-root
dotask run_qemu $CURIMG
dotask do_second_stage_debootstrap
#dotask configure_udev
dotask shutdown_qemu
dotask finish_image