Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revisionBoth sides next revision | ||
| docs:guide-user:additional-software:imagebuilder [2021/09/29 09:12] – [Building the Image Builder with all packages inside] avoid duplicating content vgaetera | docs:guide-user:additional-software:imagebuilder [2024/04/01 16:18] – [Arch / Manjaro / EndeavourOS] sixx | ||
|---|---|---|---|
| Line 3: | Line 3: | ||
| [[docs: | [[docs: | ||
| [[docs: | [[docs: | ||
| - | [[docs: | + | [[docs: |
| The Image Builder (previously called the Image Generator) is a pre-compiled environment suitable for creating custom images without the need for compiling them from source. | The Image Builder (previously called the Image Generator) is a pre-compiled environment suitable for creating custom images without the need for compiling them from source. | ||
| Line 22: | Line 22: | ||
| <WRAP important> | <WRAP important> | ||
| * The Image Builder runs only in 64-bit Linux. You can however run a 64-bit Linux in PC or VM, e.g. VirtualBox, even from 32-bit Windows. | * The Image Builder runs only in 64-bit Linux. You can however run a 64-bit Linux in PC or VM, e.g. VirtualBox, even from 32-bit Windows. | ||
| - | * The Image Builder has similar prerequisites as the [[docs: | + | * The Image Builder has similar prerequisites as the [[docs: |
| </ | </ | ||
| Example dependencies in the most common distros: | Example dependencies in the most common distros: | ||
| - | ==== Arch / Manjaro | + | ==== Arch ==== |
| <code bash> | <code bash> | ||
| sudo pacman -S --needed base-devel ncurses zlib gawk git gettext \ | sudo pacman -S --needed base-devel ncurses zlib gawk git gettext \ | ||
| Line 33: | Line 33: | ||
| </ | </ | ||
| - | ==== CentOS / Fedora ==== | + | ==== Fedora ==== |
| <code bash> | <code bash> | ||
| sudo dnf install git gawk gettext ncurses-devel zlib-devel \ | sudo dnf install git gawk gettext ncurses-devel zlib-devel \ | ||
| openssl-devel libxslt wget which @c-development @development-tools \ | openssl-devel libxslt wget which @c-development @development-tools \ | ||
| - | @development-libs zlib-static which python3 | + | @development-libs zlib-static which python3 |
| </ | </ | ||
| - | ==== Debian / Ubuntu ==== | + | ==== Debian |
| <code bash> | <code bash> | ||
| - | sudo apt install build-essential | + | sudo apt install build-essential |
| - | zlib1g-dev gawk git gettext libssl-dev xsltproc rsync wget unzip python | + | gettext libssl-dev xsltproc rsync wget unzip python3 python3-distutils |
| </ | </ | ||
| + | ==== WSL ==== | ||
| + | This method is NOT OFFICIALLY supported. | ||
| + | But it works. | ||
| + | |||
| + | [[docs: | ||
| ===== Obtaining the Image Builder ===== | ===== Obtaining the Image Builder ===== | ||
| You can download an archive that contains the **Image Builder**, it is usually located in the same download page where you find the firmware image for your device. | You can download an archive that contains the **Image Builder**, it is usually located in the same download page where you find the firmware image for your device. | ||
| Line 75: | Line 80: | ||
| | '' | | '' | ||
| | '' | | '' | ||
| - | | '' | + | | '' |
| Run '' | Run '' | ||
| Line 133: | Line 138: | ||
| It is strongly recommended to use [[docs: | It is strongly recommended to use [[docs: | ||
| This helps minimize conflicts with auto-generated settings which can change between versions. | This helps minimize conflicts with auto-generated settings which can change between versions. | ||
| + | |||
| + | see: [[: | ||
| ==== Building image ==== | ==== Building image ==== | ||
| Line 138: | Line 145: | ||
| <code bash> | <code bash> | ||
| - | make image PROFILE=" | + | make image \ |
| + | PROFILE=" | ||
| + | PACKAGES=" | ||
| + | FILES=" | ||
| + | DISABLED_SERVICES=" | ||
| </ | </ | ||
| Line 159: | Line 170: | ||
| scp root@192.168.1.1:/ | scp root@192.168.1.1:/ | ||
| scp root@192.168.1.1:/ | scp root@192.168.1.1:/ | ||
| - | make image PROFILE=" | + | make image \ |
| + | PROFILE=" | ||
| + | PACKAGES=" | ||
| + | FILES=" | ||
| + | DISABLED_SERVICES=" | ||
| </ | </ | ||
| ===== Troubleshooting ===== | ===== Troubleshooting ===== | ||
| - Did you run everything as a non-root user? | - Did you run everything as a non-root user? | ||
| - | - Check the log output, are there package issues (conflicts, improper names)? | + | - Check the logged |
| - | - Check the log output, did you exceed maximum space? | + | - Check the logged |
| + | - Check the logged output, are there other obvious errors? | ||
| - Wait a few hours/ | - Wait a few hours/ | ||
| - Verify you have a supported OS, prerequisites, | - Verify you have a supported OS, prerequisites, | ||
| Line 241: | Line 257: | ||
| In the graphical configuration, | In the graphical configuration, | ||
| - | You can [[docs: | + | You can [[docs: |
| Don't call '' | Don't call '' | ||
| Line 272: | Line 288: | ||
| The '' | The '' | ||
| - | If you want to add a custom local repository, copy the '' | + | If you want to add a custom local repository, copy the '' |
| If you have problems with using you local repository because the " | If you have problems with using you local repository because the " | ||
| Line 279: | Line 295: | ||
| NOTE: if you want to override packages coming from an existing feed, you must write your custom feed ABOVE the line of the package feed containing the packages you want to override, as shown in the examples above. | NOTE: if you want to override packages coming from an existing feed, you must write your custom feed ABOVE the line of the package feed containing the packages you want to override, as shown in the examples above. | ||
| - | ==== Creating a restricted user ==== | + | ==== Restricting root access |
| - | Create a restricted | + | Create a non-privileged admin user and lock root password. |
| Configure privilege elevation with sudo. | Configure privilege elevation with sudo. | ||
| Set up key-based authentication and disable password authentication for Dropbear. | Set up key-based authentication and disable password authentication for Dropbear. | ||
| Line 287: | Line 303: | ||
| mkdir -p files/ | mkdir -p files/ | ||
| cat << " | cat << " | ||
| - | USER_NAME=" | + | USER_NAME=" |
| - | USER_GROUP=" | + | USER_SSHPUB=" |
| - | USER_SSHPUB=" | + | |
| USER_SHELL="/ | USER_SHELL="/ | ||
| SUDO_USER=" | SUDO_USER=" | ||
| - | SUDO_GROUP=" | + | SUDO_GROUP=" |
| - | SUDO_GID="10" | + | groupadd -r "${SUDO_GROUP}" |
| - | uci set dropbear.@dropbear[0].PasswordAuth="0" | + | useradd -m -G "${SUDO_GROUP}" |
| - | uci set dropbear.@dropbear[0].RootPasswordAuth="0" | + | |
| - | uci commit dropbear | + | |
| - | / | + | |
| passwd -l " | passwd -l " | ||
| - | groupadd -r -g " | ||
| - | touch / | ||
| cat << EOI > / | cat << EOI > / | ||
| %${SUDO_GROUP} ALL=(ALL) ALL | %${SUDO_GROUP} ALL=(ALL) ALL | ||
| EOI | EOI | ||
| - | groupadd " | ||
| - | useradd -m -g " | ||
| - | -s " | ||
| - | passwd -d " | ||
| USER_HOME=" | USER_HOME=" | ||
| mkdir -p " | mkdir -p " | ||
| Line 313: | Line 319: | ||
| ${USER_SSHPUB} | ${USER_SSHPUB} | ||
| EOI | EOI | ||
| - | chown -R "${USER_NAME}: | + | uci set dropbear.@dropbear[0].PasswordAuth="0" |
| - | chmod -R go= "${USER_HOME}" | + | uci set dropbear.@dropbear[0].RootPasswordAuth="0" |
| + | uci commit dropbear | ||
| + | / | ||
| EOF | EOF | ||
| - | make image FILES=" | + | make image \ |
| + | FILES=" | ||
| + | PACKAGES=" | ||
| </ | </ | ||