From dce78f64acccdc2cf4e192b7f3eaa2b4b7775f21 Mon Sep 17 00:00:00 2001 From: SolidHal Date: Tue, 15 Oct 2019 14:02:24 -0700 Subject: [PATCH 1/8] begin work on better install system --- scripts/InstallScripts/InstallPrawnOS.sh | 41 ++++++++++++++++++++++++ 1 file changed, 41 insertions(+) create mode 100644 scripts/InstallScripts/InstallPrawnOS.sh diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh new file mode 100644 index 0000000..068fecc --- /dev/null +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -0,0 +1,41 @@ +#!/bin/bash + +#Install PrawnOS to the desired device. This will wipe the device, enable root encryption if desired and +#copy the kernel and filesystem to the + + +# This file is part of PrawnOS (http://www.prawnos.com) +# Copyright (c) 2018 Hal Emmerich + +# PrawnOS is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License version 2 +# as published by the Free Software Foundation. + +# PrawnOS is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with PrawnOS. If not, see . + +RESOURCES=/InstallResources +# Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card +BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) + +#The currently booted device is $BOOT_DEVICE + + +echo "Expand or Install?" +echo "Expand in place to fill the entire booted external device" +echo "Install to another internal or external device besides the one we are booted from" +echo "Installation allow for root encryption to be setup, but must target a external or internal device other than the currently booted device" +echo "The currently booted device is $BOOT_DEVICE" +while true; do + read -p "[I]nstall or [E]xpand?" IE + case $IE in + [Ii]* ) METHOD=INSTALL; break;; + [Ee]* ) METHOD=EXPAND; break;; + * ) echo "Please answer I or E";; + esac +done From a28ea7f847ac886bab92cb11189eab5a30097d3f Mon Sep 17 00:00:00 2001 From: SolidHal Date: Tue, 15 Oct 2019 14:39:34 -0700 Subject: [PATCH 2/8] checkin work so far on new install script --- scripts/InstallScripts/InstallPrawnOS.sh | 102 +++++++++++++++++++---- 1 file changed, 85 insertions(+), 17 deletions(-) diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh index 068fecc..fdb5d2a 100644 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -19,23 +19,91 @@ # You should have received a copy of the GNU General Public License # along with PrawnOS. If not, see . -RESOURCES=/InstallResources -# Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card -BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) +main() { -#The currently booted device is $BOOT_DEVICE + RESOURCES=/InstallResources + # Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card + BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) + + echo "Expand or Install?" + echo "Expand in place to fill the entire booted external device" + echo "Install to another internal or external device besides the one we are booted from" + echo "Installation allow for root encryption to be setup, but must target a external or internal device other than the currently booted device" + echo "The currently booted device is ${BOOT_DEVICE}" + while true; do + read -p "[I]nstall or [E]xpand?" IE + case $IE in + [Ii]* ) install; break;; + [Ee]* ) expand; break;; + * ) echo "Please answer I or E";; + esac + done + +} + +#Now to pick the install target: internal, sd, or usb +#if target is usb, and boot device is usb, target is sdb +#and whether to enable crypto +install() { + + echo "Pick an install target. This can be the Internal Emmc, an SD card, or a USB device" + echo "Please ensure you have only have the booted device and the desired target device inserted." + echo "The currently booted device is ${BOOT_DEVICE}" + while true; do + read -p "[I]nternal Emmc, [S]D card, or [U]SB device?" ISU + case $IE in + [Ii]* ) $TARGET=/dev/mmcblk2; break;; + [Ss]* ) $TARGET=/dev/mmcblk0; break;; + [Uu]* ) $TARGET=USB; break;; + * ) echo "Please answer I, S, or U";; + esac + done + + if [[ $TARGET == "USB" ]] + then + if [[ $BOOT_DEVICE == "/dev/sda" ]] + then + $TARGET=/dev/sdb + else + $TARGET=/dev/sda + fi + fi + if [[ $TARGET == $BOOT_DEVICE ]] + then + echo "Can't install to booted device, please ensure you have only have the booted device and one single other inserted" + exit + fi + + #Now on to the installation, basically copy InstallToInternal.sh + +} + +#simply expand to fill the current boot device +expand() { + + if [[ $BOOT_DEVICE == "/dev/mmcblk2" ]] + then + echo "Can't expand to fill internal emmc, install will have done this already" + exit + fi + + #Make the boot partition fille the whole drive + #Delete the partition + sgdisk -d 2 $BOOT_DEVICE + #Make new partition map entry, with full size + sgdisk -N 2 $BOOT_DEVICE + #Set the type to "data" + sgdisk -t 2:0700 $BOOT_DEVICE + #Name it "properly" - Probably not required, but looks nice + sgdisk -c 2:Root $BOOT_DEVICE + #Reload the partition mapping + partprobe $BOOT_DEVICE + #Force the filesystem to fill the new partition + resize2fs -f ${BOOT_DEVICE}p2 + echo "/dev/${BOOT_DEVICE}p2 / ext4 defaults,noatime 0 1" > /etc/fstab + +} -echo "Expand or Install?" -echo "Expand in place to fill the entire booted external device" -echo "Install to another internal or external device besides the one we are booted from" -echo "Installation allow for root encryption to be setup, but must target a external or internal device other than the currently booted device" -echo "The currently booted device is $BOOT_DEVICE" -while true; do - read -p "[I]nstall or [E]xpand?" IE - case $IE in - [Ii]* ) METHOD=INSTALL; break;; - [Ee]* ) METHOD=EXPAND; break;; - * ) echo "Please answer I or E";; - esac -done +#call the main function, script technically starts here +main "$@"; exit From 03574109ba8860005cc25f286f18450b1b2d2ce4 Mon Sep 17 00:00:00 2001 From: SolidHal Date: Fri, 18 Oct 2019 13:46:17 -0700 Subject: [PATCH 3/8] Implemented a more complete install script, need to test --- scripts/InstallScripts/InstallPrawnOS.sh | 161 ++++++++++++++++++++--- 1 file changed, 142 insertions(+), 19 deletions(-) mode change 100644 => 100755 scripts/InstallScripts/InstallPrawnOS.sh diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh old mode 100644 new mode 100755 index fdb5d2a..b7c9db3 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -1,8 +1,6 @@ #!/bin/bash -#Install PrawnOS to the desired device. This will wipe the device, enable root encryption if desired and -#copy the kernel and filesystem to the - +#See the block of "echos" in main() for description of this script # This file is part of PrawnOS (http://www.prawnos.com) # Copyright (c) 2018 Hal Emmerich @@ -19,16 +17,24 @@ # You should have received a copy of the GNU General Public License # along with PrawnOS. If not, see . +RESOURCES=/InstallResources +# Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card +BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) + main() { - - RESOURCES=/InstallResources - # Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card - BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) - + echo "---------------------------------------------------------------------------------------------------------------------" + echo "PrawnOS Install or Expand Script" + echo "Installation sets up the internal emmc partitions, root encryption, and copies the filesystem from the" + echo "current boot device to the target device. The target device cannot be the current boot device" + echo + echo "Expansion simply targets the booted device, and expands the filesystem to fill the entire thing instead of just 2GB." + echo "Because of this, root encryption cannot be setup" + echo + echo "For installation, this script can be quit and re-ran at any point." + echo "Unfortunately for expansion this is not the case" + echo "---------------------------------------------------------------------------------------------------------------------" + echo echo "Expand or Install?" - echo "Expand in place to fill the entire booted external device" - echo "Install to another internal or external device besides the one we are booted from" - echo "Installation allow for root encryption to be setup, but must target a external or internal device other than the currently booted device" echo "The currently booted device is ${BOOT_DEVICE}" while true; do read -p "[I]nstall or [E]xpand?" IE @@ -38,27 +44,24 @@ main() { * ) echo "Please answer I or E";; esac done - } #Now to pick the install target: internal, sd, or usb #if target is usb, and boot device is usb, target is sdb #and whether to enable crypto install() { - echo "Pick an install target. This can be the Internal Emmc, an SD card, or a USB device" echo "Please ensure you have only have the booted device and the desired target device inserted." echo "The currently booted device is ${BOOT_DEVICE}" while true; do read -p "[I]nternal Emmc, [S]D card, or [U]SB device?" ISU case $IE in - [Ii]* ) $TARGET=/dev/mmcblk2; break;; - [Ss]* ) $TARGET=/dev/mmcblk0; break;; + [Ii]* ) $TARGET=/dev/mmcblk2p; break;; + [Ss]* ) $TARGET=/dev/mmcblk0p; break;; [Uu]* ) $TARGET=USB; break;; * ) echo "Please answer I, S, or U";; esac done - if [[ $TARGET == "USB" ]] then if [[ $BOOT_DEVICE == "/dev/sda" ]] @@ -70,23 +73,142 @@ install() { fi if [[ $TARGET == $BOOT_DEVICE ]] then - echo "Can't install to booted device, please ensure you have only have the booted device and one single other inserted" + echo "Can't install to booted device, please ensure you have *only* the booted device and target device inserted" exit fi #Now on to the installation, basically copy InstallToInternal.sh + while true; do + read -p "This will ERASE ALL DATA ON ${TARGET} and reboot when finished, do you want to continue? [y/N]" yn + case $yn in + [Yy]* ) break;; + [Nn]* ) exit;; + * ) echo "Please answer y or n";; + esac + done + umount ${TARGET}1 || /bin/true + umount ${TARGET}2 || /bin/true + + if [[ $TARGET == "/dev/mmcblk2p" ]] + then + emmc_partition + else + external_partition $TARGET + fi + + KERNEL_PARTITION=${TARGET}1 + ROOT_PARTITION=${TARGET}2 + CRYPTO=false + + echo Writing kernel partition + dd if=/dev/zero of=$KERNEL_PARTITION bs=512 count=65536 + dd if=${BOOT_DEVICE}1 of=$KERNEL_PARTITION + + #Handle full disk encryption + echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?" + select yn in "Yes" "No" + do + case $yn,$REPLY in + Yes,*|*,Yes ) + CRYPTO=true + # Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual + # desktop cpu, manually supply -i 15000 for security at the cost of a slightly slower unlock + echo "Enter the password you would like to use to unlock the encrypted root partition at boot" + cryptsetup -q -y -s 512 luksFormat -i 15000 $ROOT_PARTITION || exit 1 + echo "Now unlock the newly created encrypted root partition so we can mount it and install the filesystem" + cryptsetup luksOpen $ROOT_PARTITION luksroot || exit 1 + ROOT_PARTITION=/dev/mapper/luksroot + break + ;; + No,*|*,No ) + break + ;; + * ) + echo "Invalid Option, please enter Yes or No, 1 or 2" + ;; + esac + done + + echo Writing Filesystem, this will take about 4 minutes... + mkfs.ext4 -F -b 1024 $ROOT_PARTITION + mkdir -p /mnt/mmc/ + mount $ROOT_PARTITION /mnt/mmc + rsync -ah --info=progress2 --info=name0 --numeric-ids -x / /mnt/mmc/ + #Remove the live-fstab and install a base fstab + rm /mnt/mmc/etc/fstab + echo "${ROOT_PARTITION} / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab + umount $ROOT_PARTITION + echo Running fsck + e2fsck -p -f $ROOT_PARTITION + if [[ $CRYPTO == "true" ]] + then + # unmount and close encrypted storage + cryptsetup luksClose luksroot + fi + echo Rebooting... Please remove the usb drive once shutdown is complete + reboot + +} + +#Setup partition map on internal emmc +emmc_partition() { + #disable dmesg, writing the partition map tries to write the the first gpt table, which is unmodifiable + dmesg -D + echo Writing partition map to internal emmc + DISK_SZ="$(blockdev --getsz /dev/mmcblk2)" + echo Total disk size is: $DISK_SZ + if [ $DISK_SZ = 30785536 ] + then + echo Detected Emmc Type 1 + sfdisk /dev/mmcblk2 < $RESOURCES/mmc.partmap + + elif [ $DISK_SZ = 30777344 ] + then + echo Detected Emmc Type 2 + sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap + else + echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above + echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work. + select yn in "Yes" "No" + do + case $yn,$REPLY in + Yes,*|*,Yes ) + echo Trying Emmc Type 2 + sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap + break + ;; + * ) + echo "Invalid Option, please enter Yes or No, 1 or 2" + ;; + esac + done + fi + dmesg -E +} + +#Setup partition map for external bootable device, aka usb or sd card +external_partition() { + $TARGET = $1 + parted --script $TARGET mklabel gpt + cgpt create $TARGET + kernel_start=8192 + kernel_size=65536 + cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $TARGET + #Now the main filesystem + root_start=$(($kernel_start + $kernel_size)) + end=`cgpt show $1 | grep 'Sec GPT table' | awk '{print $1}'` + root_size=$(($end - $root_start)) + cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $TARGET } #simply expand to fill the current boot device expand() { - if [[ $BOOT_DEVICE == "/dev/mmcblk2" ]] then echo "Can't expand to fill internal emmc, install will have done this already" exit fi - #Make the boot partition fille the whole drive #Delete the partition sgdisk -d 2 $BOOT_DEVICE @@ -106,4 +228,5 @@ expand() { #call the main function, script technically starts here +#Organized this way so that main can come before the functions it calls main "$@"; exit From 9ed2a58ab8d2cb61633d4c6673a9ed512559283b Mon Sep 17 00:00:00 2001 From: SolidHal Date: Fri, 18 Oct 2019 13:51:24 -0700 Subject: [PATCH 4/8] remove unused script --- scripts/InstallScripts/runonce.sh | 46 ------------------------------- 1 file changed, 46 deletions(-) delete mode 100755 scripts/InstallScripts/runonce.sh diff --git a/scripts/InstallScripts/runonce.sh b/scripts/InstallScripts/runonce.sh deleted file mode 100755 index dfc72f7..0000000 --- a/scripts/InstallScripts/runonce.sh +++ /dev/null @@ -1,46 +0,0 @@ -#!/bin/bash - -if [[ $# -eq 0 ]]; then - echo "Schedules a command to be run after the next reboot." - echo "Usage: $(basename $0) " - echo " $(basename $0) -p " - echo " $(basename $0) -r " -else - REMOVE=0 - COMMAND=${!#} - SCRIPTPATH=$PATH - - while getopts ":r:p:" optionName; do - case "$optionName" in - r) REMOVE=1; COMMAND=$OPTARG;; - p) SCRIPTPATH=$OPTARG;; - esac - done - - SCRIPT="${HOME}/.$(basename $0)_$(echo $COMMAND | sed 's/[^a-zA-Z0-9_]/_/g')" - - if [[ ! -f $SCRIPT ]]; then - echo "PATH=$SCRIPTPATH" >> $SCRIPT - echo "cd $(pwd)" >> $SCRIPT - echo "logger -t $(basename $0) -p local3.info \"COMMAND=$COMMAND ; USER=\$(whoami) ($(logname)) ; PWD=$(pwd) ; PATH=\$PATH\"" >> $SCRIPT - echo "$COMMAND | logger -t $(basename $0) -p local3.info" >> $SCRIPT - echo "$0 -r \"$(echo $COMMAND | sed 's/\"/\\\"/g')\"" >> $SCRIPT - chmod +x $SCRIPT - fi - - CRONTAB="${HOME}/.$(basename $0)_temp_crontab_$RANDOM" - ENTRY="@reboot $SCRIPT" - - echo "$(crontab -l 2>/dev/null)" | grep -v "$ENTRY" | grep -v "^# DO NOT EDIT THIS FILE - edit the master and reinstall.$" | grep -v "^# ([^ ]* installed on [^)]*)$" | grep -v "^# (Cron version [^$]*\$[^$]*\$)$" > $CRONTAB - - if [[ $REMOVE -eq 0 ]]; then - echo "$ENTRY" >> $CRONTAB - fi - - crontab $CRONTAB - rm $CRONTAB - - if [[ $REMOVE -ne 0 ]]; then - rm $SCRIPT - fi -fi From 47f96e0f3b2e5d98ed17522cd7a695b9660c2a84 Mon Sep 17 00:00:00 2001 From: Hal Emmerich Date: Fri, 18 Oct 2019 20:39:07 -0500 Subject: [PATCH 5/8] Fix installing to external device with new script --- scripts/InstallScripts/InstallPrawnOS.sh | 31 +++++++++++++----------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh index b7c9db3..ca5461a 100755 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -34,7 +34,7 @@ main() { echo "Unfortunately for expansion this is not the case" echo "---------------------------------------------------------------------------------------------------------------------" echo - echo "Expand or Install?" + echo "Expand or Install?: " echo "The currently booted device is ${BOOT_DEVICE}" while true; do read -p "[I]nstall or [E]xpand?" IE @@ -54,11 +54,11 @@ install() { echo "Please ensure you have only have the booted device and the desired target device inserted." echo "The currently booted device is ${BOOT_DEVICE}" while true; do - read -p "[I]nternal Emmc, [S]D card, or [U]SB device?" ISU - case $IE in - [Ii]* ) $TARGET=/dev/mmcblk2p; break;; - [Ss]* ) $TARGET=/dev/mmcblk0p; break;; - [Uu]* ) $TARGET=USB; break;; + read -p "[I]nternal Emmc, [S]D card, or [U]SB device?: " ISU + case $ISU in + [Ii]* ) TARGET=/dev/mmcblk2p; break;; + [Ss]* ) TARGET=/dev/mmcblk0p; break;; + [Uu]* ) TARGET=USB; break;; * ) echo "Please answer I, S, or U";; esac done @@ -66,9 +66,9 @@ install() { then if [[ $BOOT_DEVICE == "/dev/sda" ]] then - $TARGET=/dev/sdb + TARGET=/dev/sdb else - $TARGET=/dev/sda + TARGET=/dev/sda fi fi if [[ $TARGET == $BOOT_DEVICE ]] @@ -189,17 +189,20 @@ emmc_partition() { #Setup partition map for external bootable device, aka usb or sd card external_partition() { - $TARGET = $1 - parted --script $TARGET mklabel gpt - cgpt create $TARGET + #cut off the "p" if we are using an sd card, doesn't change TARGET if we are using usb + EXTERNAL_TARGET=$(echo $1 | cut -d 'p' -f 1) + parted --script $EXTERNAL_TARGET mklabel gpt + cgpt create $EXTERNAL_TARGET kernel_start=8192 kernel_size=65536 - cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $TARGET + cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $EXTERNAL_TARGET #Now the main filesystem root_start=$(($kernel_start + $kernel_size)) - end=`cgpt show $1 | grep 'Sec GPT table' | awk '{print $1}'` + end=`cgpt show $EXTERNAL_TARGET | grep 'Sec GPT table' | awk '{print $1}'` root_size=$(($end - $root_start)) - cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $TARGET + cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $EXTERNAL_TARGET + #Refresh the kernel devices + partprobe } #simply expand to fill the current boot device From eaaa4c58c7e306ecd2454e319efb306349b8382a Mon Sep 17 00:00:00 2001 From: Hal Emmerich Date: Fri, 18 Oct 2019 21:36:02 -0500 Subject: [PATCH 6/8] Fix writing kernel to external --- scripts/InstallScripts/InstallPrawnOS.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh index ca5461a..d930947 100755 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -103,7 +103,7 @@ install() { echo Writing kernel partition dd if=/dev/zero of=$KERNEL_PARTITION bs=512 count=65536 - dd if=${BOOT_DEVICE}1 of=$KERNEL_PARTITION + dd if=${BOOT_DEVICE}1 of=$KERNEL_PARTITION conv=notrunc #Handle full disk encryption echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?" @@ -191,13 +191,14 @@ emmc_partition() { external_partition() { #cut off the "p" if we are using an sd card, doesn't change TARGET if we are using usb EXTERNAL_TARGET=$(echo $1 | cut -d 'p' -f 1) - parted --script $EXTERNAL_TARGET mklabel gpt - cgpt create $EXTERNAL_TARGET kernel_start=8192 kernel_size=65536 + root_start=$(($kernel_start + $kernel_size)) + dd if=/dev/zero of=$EXTERNAL_TARGET bs=512 count=$root_start + parted --script $EXTERNAL_TARGET mklabel gpt + cgpt create $EXTERNAL_TARGET cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $EXTERNAL_TARGET #Now the main filesystem - root_start=$(($kernel_start + $kernel_size)) end=`cgpt show $EXTERNAL_TARGET | grep 'Sec GPT table' | awk '{print $1}'` root_size=$(($end - $root_start)) cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $EXTERNAL_TARGET From 1aec88b67b1e4844a0622662ccb38db2050b1f77 Mon Sep 17 00:00:00 2001 From: Hal Emmerich Date: Sun, 20 Oct 2019 15:42:19 -0500 Subject: [PATCH 7/8] external crypto functional --- scripts/InstallScripts/InstallPrawnOS.sh | 47 ++++++++++++++++++------ 1 file changed, 35 insertions(+), 12 deletions(-) diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh index d930947..65ce6f8 100755 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -77,9 +77,17 @@ install() { exit fi + #cut off the "p" if we are using an sd card or internal emmc, doesn't change TARGET if we are using usb + TARGET_NO_P=$(echo $1 | cut -d 'p' -f 1) + if [ ! -e $TARGET_NO_P ]; + then + echo "${TARGET_NO_P} does not exist, have you plugged in your target sd card or usb device?" + exit 1 + fi + #Now on to the installation, basically copy InstallToInternal.sh while true; do - read -p "This will ERASE ALL DATA ON ${TARGET} and reboot when finished, do you want to continue? [y/N]" yn + read -p "This will ERASE ALL DATA ON ${TARGET_NO_P} and reboot when finished, do you want to continue? [y/N]" yn case $yn in [Yy]* ) break;; [Nn]* ) exit;; @@ -94,7 +102,7 @@ install() { then emmc_partition else - external_partition $TARGET + external_partition $TARGET_NO_P fi KERNEL_PARTITION=${TARGET}1 @@ -144,10 +152,19 @@ install() { if [[ $CRYPTO == "true" ]] then # unmount and close encrypted storage + # let things settle, otherwise cryptsetup complainssss + sleep 2 cryptsetup luksClose luksroot fi - echo Rebooting... Please remove the usb drive once shutdown is complete - reboot + echo "Please remove the booted device after power off is complete" + while true; do + read -p "Reboot? [y/N]" re + case $re in + [Yy]* ) reboot;; + [Nn]* ) exit;; + * ) echo "Please answer y or n";; + esac + done } @@ -189,21 +206,27 @@ emmc_partition() { #Setup partition map for external bootable device, aka usb or sd card external_partition() { - #cut off the "p" if we are using an sd card, doesn't change TARGET if we are using usb - EXTERNAL_TARGET=$(echo $1 | cut -d 'p' -f 1) + EXTERNAL_TARGET=$1 kernel_start=8192 kernel_size=65536 root_start=$(($kernel_start + $kernel_size)) - dd if=/dev/zero of=$EXTERNAL_TARGET bs=512 count=$root_start + #wipe the partition map, cgpt doesn't like anything weird in the primary or backup partition maps + sgdisk -Z $EXTERNAL_TARGET + partprobe $EXTERNAL_TARGET + #make the base gpt partition map parted --script $EXTERNAL_TARGET mklabel gpt cgpt create $EXTERNAL_TARGET + #must use cgpt to make the kernel partition, as we need the -S, -T, and -P variables cgpt add -i 1 -t kernel -b $kernel_start -s $kernel_size -l Kernel -S 1 -T 5 -P 10 $EXTERNAL_TARGET #Now the main filesystem - end=`cgpt show $EXTERNAL_TARGET | grep 'Sec GPT table' | awk '{print $1}'` - root_size=$(($end - $root_start)) - cgpt add -i 2 -t data -b $root_start -s $root_size -l Root $EXTERNAL_TARGET - #Refresh the kernel devices - partprobe + #cgpt doesn't seem to handle this part correctly + sgdisk -N 2 $EXTERNAL_TARGET + #Set the type to "data" + sgdisk -t 2:0700 $EXTERNAL_TARGET + #Name it "properly" - Probably not required, but looks nice + sgdisk -c 2:Root $EXTERNAL_TARGET + #Reload the partition mapping + partprobe $EXTERNAL_TARGET } #simply expand to fill the current boot device From 843edfd52535eebe8d009458c08fa7fbc301c483 Mon Sep 17 00:00:00 2001 From: Hal Emmerich Date: Sun, 20 Oct 2019 16:53:13 -0500 Subject: [PATCH 8/8] Update readme, remove old scripts, fix install script --- README.md | 124 ++++++++--------- .../InstallScripts/ExpandExternalInstall.sh | 67 --------- scripts/InstallScripts/InstallPrawnOS.sh | 2 +- scripts/InstallScripts/InstallToInternal.sh | 128 ------------------ scripts/buildFilesystem.sh | 2 +- 5 files changed, 61 insertions(+), 262 deletions(-) delete mode 100755 scripts/InstallScripts/ExpandExternalInstall.sh delete mode 100755 scripts/InstallScripts/InstallToInternal.sh diff --git a/README.md b/README.md index 7038340..34db93a 100644 --- a/README.md +++ b/README.md @@ -72,55 +72,87 @@ sudo dd if=PrawnOs-*-c201-libre-2GB*.img of=/dev/$USB_DEVICE bs=50M; sync There are two ways to use PrawnOS. -The first option is to boot from the external USB or SD device you wrote the image to. -[click here](#install-to-usb-drive-or-sd-card) -* Booting from an external device allows you to try PrawnOS without removing Chrome OS or whatever Linux you are running on your internal storage (emmc), but it is a much slower experience as the c201 only has USB 2.0. +The first option is to boot from the external USB or SD device you wrote the image to, and expand the image to take up the entire boot device. +[click here](#expand-prawnos) +* Expanding the PrawnOS image allows you to boot PrawnOS from the same USB or SD device that you wrote the image to +* Expansion does _NOT_ support root encryption. For root encryption the filesystem must be written after the encrypted root is created. -The second and, recommended, option is to install it on your internal storage (emmc) -[click here](#install-to-internal-drive-emmc) -* This is faster, and frees up a USB port. +The second and recommended option is to install it on a device other than the one you wrote the PrawnOS image to +[click here](#install-to-internal-drive-emmc-or-to-sd-card-or-usb-drive) +* This lets you install PrawnOS to the internal emmc, an SD card or a USB device +* This allows you to setup root encryption +* Installing to an external device allows you to try PrawnOS without removing Chrome OS or whatever Linux you are running on your internal storage (emmc), but USB drives especially are a much slower experience as the c201 only has USB 2.0. +* If you want to boot from external media, I would suggest using an SD card. -### Install to Internal drive (emmc) -Now on the C201, press `control+u` at boot to boot from the USB drive. +### Install to internal drive (emmc) or to SD card or USB drive +Now on the C201, insert the drive you wrote the PrawnOS image to. Press `control+u` at boot to boot from the external drive. - -If you are running stock coreboot and haven't flashed Libreboot, you will first have to enable developer mode and enable USB booting. A quick search should get you some good guides, but if you're having issues feel free to open an issue here on github. +If you are running stock coreboot and haven't flashed Libreboot, you will first have to enable developer mode and enable USB / external device booting. A quick search should get you some good guides, but if you're having issues feel free to open an issue here on github. At the prompt, login as root. The password is blank. -WARNING! THIS WILL ERASE YOUR INTERNAL EMMC STORAGE (your Chrome OS install or other Linux install and all of the associated user data) Make sure to back up any data you would like to keep before running this. +Now insert the other USB device or SD card you would like to install PrawnOS on. If you want to boot from the internal emmc, you have nothing to insert! +Note: If you are installing to an external device, the filesystem portion may take a loooong time (20 minutes). This is because we are reading from one external device (the boot device) and writing to another external device. This more than saturates the USB and/or SD bus. -If you would like to install it to the internal emmc storage run: +WARNING! THIS WILL ERASE YOUR INTERNAL EMMC STORAGE (your Chrome OS install or other Linux install and all of the associated user data) OR WHATEVER EXTERNAL DEVICE YOU CHOOSE AS YOUR INSTALL TARGET. Make sure to back up any data you would like to keep before running this. + +Run: ``` cd / -./InstallToInternal.sh +./InstallPrawnOS.sh ``` -_This will show a bunch of scary red warnings that are a result of the emmc (internal storage) being touchy and the kernel message level being set low for debugging. They don't seem to effect anything long-term._ - -#### Setting up root partition encryption -PrawnOS supports encrypting the full root partition with the use of a custom initramfs and dmcrypt/LUKS -Type "Yes" at the prompt, then enter the password you would like to use and verify it -You will then be prompted one more time to enter your encryption password to mount and setup the filesystem +Choose `Install` and follow the prompts. This will ask what device you want to install to and setup root encryption with a custom initramfs and dmcrypt/LUKS if you want. If you are curious how the initramfs, and root partition encryption work on PrawnOS check out the Initramfs and Encryption section in [DOCUMENTATION.md](DOCUMENTATION.md) +If you run in to any problems please open an issue. +_If you install to the internal emmc this will show a bunch of scary red warnings that are a result of the emmc (internal storage) having a few unwritable (bad) blocks at the beginning of the device and the kernel message level being set low for debugging. They don't effect anything long-term. All C201s have these bad blocks at the beginning of the emmc_ -The device will then reboot. If you are running the stock coreboot, you will have to press `control+d` or wait 30 seconds past the beep to boot to the internal storage. +After reboot, remove the external media you had booted from originally. If you installed to the internal emmc press `control+d`, if you installed to an external device press `control+u` -If you are running Libreboot, it should boot to the internal storage by default. If it doesn't, turn off the device and remove the flash drive before turning it on again. +If you press nothing, it will boot to the internal storage by default. -Now login as root again and run: +Now to install the packages, desktop environment, and setup a user +Login as root again and run: ``` cd /InstallResources ./InstallPackages.sh ``` Which installs either the xfce4 or the lxqt desktop enviroment, sound, trackpad, and Xorg configurations as well as prompts you to make a new user that automatically gets sudo privileges. - -If it asks you about terminal encoding and/or locale, just hit enter. The default works for both. - When finished, it will reboot once again placing you at a login screen. Congratulations! Your computer is now a Prawn! https://sprorgnsm.bandcamp.com/track/the-prawn-song +### Expand PrawnOS +Now on the C201, insert the drive you wrote the PrawnOS image to. Press `control+u` at boot to boot from the external drive. + +If you are running stock coreboot and haven't flashed Libreboot, you will first have to enable developer mode and enable USB / external device booting. A quick search should get you some good guides, but if you're having issues feel free to open an issue here on github. + +At the prompt, login as root. The password is blank. +Run: +``` +cd / +./InstallPrawnOS.sh +``` +Choose `Expand` at the prompt + +If you run in to any problems please open an issue. + +Now to install the packages, desktop environment, and setup a user +``` +cd /InstallResources +./InstallPackages.sh +``` +Which installs either the xfce4 or the lxqt desktop enviroment, sound, trackpad, and Xorg configurations as well as prompts you to make a new user that automatically gets sudo privileges. + +When finished, it will reboot. +Press `control+u` at boot once again, and you'll get to a login screen. + +Congratulations! Your computer is now a Prawn! https://sprorgnsm.bandcamp.com/track/the-prawn-song + +#### If you simply want a basic Linux environment with no desktop environment or window manager: +Skip running `InstallPackages` +Congratulations: you are done! Welcome to PrawnOS. You should probably change the root password and make a user, but I'm not your boss or anything so I'll leave that to you. + #### Connecting to WiFi in a basic environment If you just want a basic environment without xfce or lxqt can skip running InstallPackages.sh. You can connect to WiFi using wpa_supplicant by running the following commands: ``` @@ -132,49 +164,11 @@ Login as root, and run ``` dhclient wlan0 ``` + When that finishes, you should have access to the internet. - -### Install To USB drive or SD card -Now on the C201, press `control+u` at boot to boot from the USB drive. - -If you are running stock coreboot and haven't flashed Libreboot, you will first have to enable developer mode and enable USB booting. A quick search should get you some good guides, but if you're having issues feel free to open an issue here on github. - - -When it boots, login as root. The password is blank. - -#### If you simply want a basic Linux environment with no desktop environment or window manager: -Make sure it's the only storage device plugged in, and run this script to expand the partition and filesystem to the full USB drive. This will reboot when complete, so you'll have to press `control+u` again to boot to the external media. -``` -cd /InstallResources/ -./ExpandExternalInstall.sh -``` -Congratulations: you are done! Welcome to PrawnOS. You should probably change the root password and make a user, but I'm not your boss or anything so I'll leave that to you. -If you want a quick guide on how to connect to WiFi, check out [this down below](#connecting-to-wifi-in-a-basic-environment) - -#### For everyone else, two scripts need to be run. - -The first expands the partition and filesystem to use the entire drive. -Make sure you only have one USB or SD storage device plugged into the machine. -This will reboot when complete, so you'll have to press `control+u` again to boot to the external media. -Run: -``` -cd /InstallResources/ -./ExpandExternalInstall.sh -``` -You can verify it worked by running `df -h` after the reboot. The original `/dev/root/` filesystem was only ~2GB -Then run this script which installs either the xfce4 or the lxqt desktop enviroment, sound, trackpad, and Xorg configurations as well as prompts you to make a new user that automatically gets sudo privileges. - -If it asks you about terminal encoding and/or locale, just hit enter. The default works for both. -When finished, it will reboot once again placing you at a login screen. -``` -./InstallPackages.sh -``` -This will take a while; USB 2.0 is slow. -Welcome to PrawnOS. If you like it, I would suggest installing it to your internal storage (emmc). - ### Upgrading the kernel -The script `UpgradeKernel.sh` located in `/InstallResources` can be ran be used to copy the kernel, modules, and ath9k firmware from a newer version of PrawnOS running on a USB drive or SD card onto an older version of PrawnOS installed on the laptops internal emmc storage. +The script `UpgradeKernel.sh` located in `/InstallResources` can be ran be used to copy the kernel, modules, initramfs, and ath9k firmware from a newer version of PrawnOS running on a USB drive or SD card onto an older version of PrawnOS installed on the laptops internal emmc storage. To use it, write the new PrawnOS image to a USB drive or SD card, boot the laptop to it by pressing `control+u` at boot, navigate to the `/InstallResources` folder, and run the script. diff --git a/scripts/InstallScripts/ExpandExternalInstall.sh b/scripts/InstallScripts/ExpandExternalInstall.sh deleted file mode 100755 index e9e9fb5..0000000 --- a/scripts/InstallScripts/ExpandExternalInstall.sh +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash - -#Expand PrawnOS to fill the entire external device - -# This file is part of PrawnOS (http://www.prawnos.com) -# Copyright (c) 2018 Hal Emmerich - -# PrawnOS is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 -# as published by the Free Software Foundation. - -# PrawnOS is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with PrawnOS. If not, see . - -while true; do - echo "This script will expand PrawnOS to fill the entire external" - echo " storage device it is booted from" - echo "If installing to a USB flash drive, make sure only one USB storage device is plugged in" - read -p "install to: internal external (S)D, external (U)SB Storage: " ESU - case $ESU in - [Ss]* ) TARGET=SD; break;; - [Uu]* ) TARGET=USB; break;; - * ) echo "Please answer S or U";; - esac -done - - -if [ "$TARGET" = "USB" ] -then - #Make the boot partition fille the whole drive - #Delete the partition - sgdisk -d 2 /dev/sda - #Make new partition map entry, with full size - sgdisk -N 2 /dev/sda - #Set the type to "data" - sgdisk -t 2:0700 /dev/sda - #Name it "properly" - Probably not required, but looks nice - sgdisk -c 2:Root /dev/sda - #Reload the partition mapping - partprobe /dev/sda - #Force the filesystem to fill the new partition - resize2fs -f /dev/sda2 - echo "/dev/sda2 / ext4 defaults,noatime 0 1" > /etc/fstab -fi - -if [ "$TARGET" = "SD" ] -then - #Make the boot partition fille the whole drive - #Delete the partition - sgdisk -d 2 /dev/mmcblk0 - #Make new partition map entry, with full size - sgdisk -N 2 /dev/mmcblk0 - #Set the type to "data" - sgdisk -t 2:0700 /dev/mmcblk0 - #Name it "properly" - Probably not required, but looks nice - sgdisk -c 2:Root /dev/mmcblk0 - #Reload the partition mapping - partprobe /dev/mmcblk0 - #Force the filesystem to fill the new partition - resize2fs -f /dev/mmcblk0p2 - echo "/dev/mmcblk1p2 / ext4 defaults,noatime 0 1" > /etc/fstab -fi diff --git a/scripts/InstallScripts/InstallPrawnOS.sh b/scripts/InstallScripts/InstallPrawnOS.sh index 65ce6f8..b28aad1 100755 --- a/scripts/InstallScripts/InstallPrawnOS.sh +++ b/scripts/InstallScripts/InstallPrawnOS.sh @@ -78,7 +78,7 @@ install() { fi #cut off the "p" if we are using an sd card or internal emmc, doesn't change TARGET if we are using usb - TARGET_NO_P=$(echo $1 | cut -d 'p' -f 1) + TARGET_NO_P=$(echo $TARGET | cut -d 'p' -f 1) if [ ! -e $TARGET_NO_P ]; then echo "${TARGET_NO_P} does not exist, have you plugged in your target sd card or usb device?" diff --git a/scripts/InstallScripts/InstallToInternal.sh b/scripts/InstallScripts/InstallToInternal.sh deleted file mode 100755 index a4c4d90..0000000 --- a/scripts/InstallScripts/InstallToInternal.sh +++ /dev/null @@ -1,128 +0,0 @@ -#!/bin/bash - -#Install PrawnOS to the internal emmc, this will partition the internal emmc -#and erase ALL data on it - - -# This file is part of PrawnOS (http://www.prawnos.com) -# Copyright (c) 2018 Hal Emmerich - -# PrawnOS is free software: you can redistribute it and/or modify -# it under the terms of the GNU General Public License version 2 -# as published by the Free Software Foundation. - -# PrawnOS is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with PrawnOS. If not, see . - -RESOURCES=/InstallResources -# Grab the boot device, which is either /dev/sda for usb or /dev/mmcblk0 for an sd card -BOOT_DEVICE=$(mount | head -n 1 | cut -d '2' -f 1) - -echo "--------------------------------------------------------------------------------------------------------" -echo "PrawnOS Install To Internal Emmc Script" -echo "Sets up the internal emmc partitions, root encryption, and copies the filesystem from the bootable media" -echo "This script can be quit and re-ran at any point" -echo "--------------------------------------------------------------------------------------------------------" -read -p "This will ERASE ALL DATA ON THE INTERNAL STORAGE (EMMC) and reboot when finished, do you want to continue? [y/N]" -n 1 -r -echo -if [[ $REPLY =~ ^[Yy]$ ]] -then - #disable dmesg, writing the partition map tries to write the the first gpt table, which is unmodifiable - dmesg -D - umount /dev/mmcblk2p1 || /bin/true - umount /dev/mmcblk2p2 || /bin/true - - echo Writing partition map - DISK_SZ="$(blockdev --getsz /dev/mmcblk2)" - echo Total disk size is: $DISK_SZ - if [ $DISK_SZ = 30785536 ] - then - echo Detected Emmc Type 1 - sfdisk /dev/mmcblk2 < $RESOURCES/mmc.partmap - - elif [ $DISK_SZ = 30777344 ] - then - echo Detected Emmc Type 2 - sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap - else - echo ERROR! Not a known EMMC type, please open an issue on github or send SolidHal an email with the Total disk size reported above - echo Try a fallback value? This will allow installation to continue, at the cost of a very small amoutnt of disk space. This may not work. - select yn in "Yes" "No" - do - case $yn,$REPLY in - Yes,*|*,Yes ) - echo Trying Emmc Type 2 - sfdisk /dev/mmcblk2 < $RESOURCES/mmc_type2.partmap - break - ;; - * ) - echo "Invalid Option, please enter Yes or No, 1 or 2" - ;; - esac - done - fi - dmesg -E - - echo Writing kernel partition - dd if=/dev/zero of=/dev/mmcblk2p1 bs=512 count=65536 - dd if="$BOOT_DEVICE"1 of=/dev/mmcblk2p1 - - ROOT_DEV_NAME=mmcblk2p2 - CRYPTO=false - - #Handle full disk encryption - echo "Would you like to setup full disk encrytion using LUKs/DmCrypt?" - select yn in "Yes" "No" - do - case $yn,$REPLY in - Yes,*|*,Yes ) - CRYPTO=true - # Since iteration count is based on cpu power, and the rk3288 isn't as fast as a usual - # desktop cpu, manually supply -i 15000 for security at the cost of a slightly slower unlock - echo "Now to setup the password you would like to use to unlock the encrypted root partition at boot" - cryptsetup -q -y -s 512 luksFormat -i 15000 /dev/$ROOT_DEV_NAME || exit 1 - echo "Now unlock the newly created encrypted root partition so we can mount it and install the filesystem" - cryptsetup luksOpen /dev/$ROOT_DEV_NAME luksroot || exit 1 - ROOT_DEV_NAME=mapper/luksroot - break - ;; - No,*|*,No ) - break - ;; - * ) - echo "Invalid Option, please enter Yes or No, 1 or 2" - ;; - esac - done - - echo Writing Filesystem, this will take about 4 minutes... - mkfs.ext4 -F -b 1024 /dev/$ROOT_DEV_NAME - mkdir -p /mnt/mmc/ - mount /dev/$ROOT_DEV_NAME /mnt/mmc - rsync -ah --info=progress2 --info=name0 --numeric-ids -x / /mnt/mmc/ - #Remove the live-fstab and install a base fstab - rm /mnt/mmc/etc/fstab - if [[ $CRYPTO == "true" ]] - then - echo "/dev/mapper/luksroot / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab - else - echo "/dev/mmcblk2p2 / ext4 defaults,noatime 0 1" > /mnt/mmc/etc/fstab - fi - umount /dev/$ROOT_DEV_NAME - echo Running fsck - e2fsck -p -f /dev/$ROOT_DEV_NAME - if [[ $CRYPTO == "true" ]] - then - # unmount and close encrypted storage - cryptsetup luksClose luksroot - fi - echo Rebooting... Please remove the usb drive once shutdown is complete - reboot -fi - -echo Exiting diff --git a/scripts/buildFilesystem.sh b/scripts/buildFilesystem.sh index 4652217..a0101f8 100755 --- a/scripts/buildFilesystem.sh +++ b/scripts/buildFilesystem.sh @@ -110,7 +110,7 @@ mkdir $outmnt/InstallResources/icons/ cp $build_resources/logo/icons/icon-small.png $outmnt/InstallResources/icons/ cp $build_resources/logo/icons/ascii/* $outmnt/InstallResources/icons/ cp scripts/InstallScripts/* $outmnt/InstallResources/ -cp scripts/InstallScripts/InstallToInternal.sh $outmnt/ +cp scripts/InstallScripts/InstallPrawnOS.sh $outmnt/ chmod +x $outmnt/*.sh #Setup the chroot for apt