User Tools

Site Tools


Creating custom debian image for use on Renegade SBCs

The project-supplied Linux image is a modified Ubuntu 16.04 image… a few years old. As I've been regularly using Debian/buster, I encounter mild differences (and certainly differences in software versions). At least Ubuntu is still debian underneath, I'd prefer stripping out everything and starting from scratch, yet until I get around to constructing my own bootable image, I'm limited to the existing one.

So why not scoop out the Ubuntu bits and replace it with a fresh debian install? After all, kernel is in a separate /boot directory… so there really isn't anything specific in the root filesystem.

Following will be the steps I took to accomplish this.

Backup working image

We have a working image, we should preserve it, and work from an independent copy:

root@node00:~# cp -a ROC-RK3328-CC_Ubuntu16.04_Arch64_20180309.img debian.img

Mount the partition

Locate partition of root filesystem

First up, we need the partition of the root filesystem:

root@node00:~# mount | grep ' / '
/dev/mmcblk0p7 on / type ext4 (rw,relatime,data=ordered)

By the device name, what we want is partition 7.

Locate partition in partition table

Then, we need an idea of the current partitioning layout:

root@node00:~# fdisk -l
Device          Start      End  Sectors  Size Type
/dev/mmcblk0p1     64     8063     8000  3.9M Linux filesystem
/dev/mmcblk0p2   8064     8191      128   64K Linux filesystem
/dev/mmcblk0p3   8192    16383     8192    4M Linux filesystem
/dev/mmcblk0p4  16384    24575     8192    4M Linux filesystem
/dev/mmcblk0p5  24576    32767     8192    4M Linux filesystem
/dev/mmcblk0p6  32768   262143   229376  112M EFI System
/dev/mmcblk0p7 262144 62521310 62259167 29.7G Linux filesystem

We see that partition 7 starts at block 262144. We need that in bytes. There are 512 bytes in 1 block, so multiply 262144 by 512: 134217728 is the byte offset from the start of the storage medium.

Perform the offset mount

With the mount command and local loopback support, we can do an offset mount as follows:

root@node00:~# mount -o loop,offset=134217728 debian.img /mnt

Clear out existing data

The existing installation will be present… we want to start from a clean slate.

root@node00:~# rm -rf /mnt/*

Install the new distribution

Using the debootstrap tool, getting a minimal debian system is quite easy:

root@node00:~# debootstrap buster /mnt
W: Cannot check Release signature; keyring file not available /usr/share/keyrings/debian-archive-keyring.gpg
I: Retrieving InRelease
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Configuring tasksel...
I: Configuring tasksel-data...
I: Configuring libc-bin...
I: Configuring systemd...
I: Base system installed successfully.

Configure the distribution

The install basically just dumped files onto the partition. We need to do some initial configurations.


Copy the pertinent interfaces file:

root@node00:~# cp /etc/network/interfaces.d/eth0 /mnt/etc/network/interfaces.d/eth0

set up local user

As I am planning on deploying this as my cluster image, I want my user to be predefined. I'm going to grab the lines out of the current files and append them to the new installation's files:

for file in passwd group shadow gshadow; do
    cat /etc/${file} | grep '^wedge:' >> /mnt/etc/${file}

copy root ssh keyring

root@node00:~# cp -a /root/.ssh /mnt/root

set hostname

root@node00:~# echo "node01" > /mnt/etc/hostname

Again, just need to drop files into place:

root@node00:~# for file in hosts idmapd.conf auto.master auto.home default/nfs-common; do
> cat /etc/${file} > /mnt/etc/${file}
> done

For consistency, I dropped a copy of auto.master and auto.home ON node00, even though it does not use autofs (it is serving NFS).

set up /etc/fstab

Basically the exact same, only without the /home directory line:

root@node00:~# cat /mnt/etc/fstab
/dev/mmcblk0p6  /boot   vfat defaults        0       2
tmpfs     /tmp      tmpfs noatime,nodiratime,nosuid,noexec,mode=1777       0    0
tmpfs     /var/tmp  tmpfs noatime,nodiratime,nosuid,noexec,mode=1777       0    0
tmpfs     /var/log  tmpfs noatime,nodiratime,nosuid,noexec,mode=1777       0    0

Again, putting things like /tmp, /var/tmp, and /var/log in RAMdisks, to further reduce writes to solid state media. Generally trying to increase mileage as best as possible.

drop in kernel modules

Especially since this is the most particular aspect of the whole endeavor (custom kernel, custom modules):

root@node00:~# cd /lib/modules
root@node00:/lib/modules# cp -a 4.4.114* /mnt/lib/modules/

chroot and install packages

With basics out of the way, we should now install some packages that were not included in the base install.


First up, we need to isolate ourselves from the host system. We do this via a chroot:

root@node00:~# chroot /mnt

mount proc

Next, to get basic tools working, mount /proc:

root@node00:/# mount -t proc proc /proc

In its mistaken aim to be 'user friendly', even the venerable debian makes some missteps. One of them is assuming the user wants recommended and suggested packages installed by default.

I. do. not.

So, up front before updating, upgrading, or installing… let us rectify this most grievous of errors- make a file called /etc/apt/apt.conf.d/99norecommends and place the following in it:

APT::Install-Recommends "false";
APT::Install-Suggests "false";

BAM! Problem solved.

Remount /tmp for exec privileges during package install

If /tmp has been mounted noexec, we may occasionally see errors thrown when installing packages (as they tend to deploy some scripts to /tmp with the intention of executing them as part of package configuration). To avoid the errors, I create /etc/apt/apt.conf.d/98noexec to handle the issue, and revert back to preferred behavior upon completion:

DPkg::Pre-Invoke  {"mount -o remount,exec   /tmp";};
DPkg::Post-Invoke {"mount -o remount,noexec /tmp";};

update, upgrade

And don't forget to re-run every so often.

root@node00:/# clear; aptitude update; aptitude upgrade; aptitude clean

install desired packages

Install the essentials:

root@node00:/# clear; aptitude install build-essential ssh vim less screen wget bc autofs manpages manpages-dev nfs-common; aptitude clean

set root password

Be sure to set a root password:

root@node00:/# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully

Exit chroot, unmount

Are we set? If so, exit the chroot shell and unmount the volume:

root@node00:/# umount /proc   # don't forgot to unmount the /proc we mounted
root@node00:/# exit           # gets us out of chroot shell
root@node00:~# umount /mnt    # back on host namespace, unmount image

And done!

haxx/projects/sbc/custom_image.txt · Last modified: 2018/04/11 04:07 by wedge