Changes between Initial Version and Version 1 of FreeBSDOnEmbeddedDevice

Timestamp:

02/02/12 09:33:11 (12 years ago)

Author:

Rick van der Zwet

Comment:

--

FreeBSDOnEmbeddedDevice

@@ +1 @@
+[[PageOutline(1-3,"Table of Content")]]
+This guide will tell you how-to put FreeBSD 9.x on an (ALIX) embedded device. For FreeBSD 8.x see the archived guide for hints [[wiki:Archive/FreeBSDOnEmbeddedDevice]]
+
+TODO: This is NOT complete yet.
+
+= Initial disk configuration =
+{{{#!sh
+## Hack to find memory card and have partion entries re-read
+# - No cards:
+#   dd: /dev/da0: Device not configured
+# - Inactive card:
+#   dd: /dev/da4: Operation not permitted
+# - Active card:
+#   0+0 records in
+#   0+0 records out
+#   0 bytes transferred in 0.000018 secs (0 bytes/sec)
+}}}
+build# ls /dev/da? | xargs -I %%DA%% -n 1 dd if=/dev/zero of=%%DA%% count=0
+build# setenv DA /dev/da0
+
+Hack to __really__  have all old partition information is detroyed:
+build# dd if=/dev/zero of=$DA bs=1m count=1
+
+build# fdisk -BI $DA
+build# echo "a: * * 4.2BSD" | bsdlabel -R -B -m i386 ${DA}s1 /dev/stdin
+build# newfs ${DA}s1a
+build# mount ${DA}s1a /mnt
+
+= Disk population =
+
+build# setenv RELEASE 8.2-RELEASE
+build# mkdir -p /usr/data/$RELEASE
+build# cd /usr/data/$RELEASE
+
+build# mkdir kernels base manpages
+build# (cd base; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/$RELEASE/base/)
+build# (cd kernels; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/$RELEASE/kernels/)
+build# (cd manpages; echo 'mget *' | ftp -i ftp://ftp.nl.freebsd.org/pub/FreeBSD/releases/i386/$RELEASE/manpages/)
+
+More sophisticated approach (rsync not in base):
+build# rsync -vaz ftp.nl.freebsd.org::FreeBSD/releases/i386/$RELEASE/kernels .
+
+
+build# setenv DESTDIR /mnt
+
+build# (cd base; cat base.?? | tar --unlink -xpzf - -C $DESTDIR)
+build# (cd kernels; sh install.sh generic)
+build# (cd manpages; sh install.sh)
+
+Tip: Soekris 2521 requires CPU_ELAN which is not included into the kernel by default. For optimal performance compile the kernel yourself 
+
+Activate right kernel:
+build# rm -r /mnt/boot/kernel/ ; mv /mnt/boot/GENERIC/ /mnt/boot/kernel
+
+= Disk configuration =
+
+Need resolving power at later stage inside chroot:
+build# cp /etc/resolv.conf /mnt/etc/
+build# chroot /mnt
+
+Important: if you FAIL to chroot and continue you will now start destroying your build system
+
+Need rw on first boot for ssh keys and such:
+chroot# echo "/dev/ad0s1a / ufs rw,noatime 0 1" > /etc/fstab
+Tip: On Soekris net4801 v1.33 Flash is secondary
+net4801# echo "/dev/ad1s1a / ufs rw,noatime 0 1" > /etc/fstab
+
+Make sure to continue to check the disks on reboot, instead of waiting for user input:
+chroot# echo "fsck_y_enable=YES" >> /etc/rc.conf
+
+{{{#!sh
+chroot# cat <<EOF > /boot/loader.conf
+console=comconsole
+autoboot_delay=3
+
+hw.ata.ata_dma=0   # Soekris boot failure
+EOF
+}}}
+
+Serial console boot only:
+chroot# echo "-h" > /boot.config
+
+Enable serial console:
+chroot# sed '/ttyu0/ s/off/on /' /etc/ttys > /etc/ttys.new && mv /etc/ttys.new /etc/ttys
+
+Cosmetic: disable all vidconsoles as a soekris embedded device does not have any:
+chroot# sed '/ttyv[0-7]/ s/on /off/g' /etc/ttys > /etc/ttys.new && mv /etc/ttys.new /etc/ttys
+
+== Accounting & access control ==
+chroot# echo "sshd_enable=YES" >> /etc/rc.conf
+chroot# pw usermod root -w random
+
+Administive user (admin for example):
+chroot# setenv FTP_PASSIVE_MODE yes
+chroot# pkg_add -r sudo
+chroot# pw useradd admin -G wheel -c 'Admin User' -s /bin/csh -m -w random
+chroot# echo '%wheel ALL=(ALL) ALL' >> /usr/local/etc/sudoers
+
+== Networking ==
+chroot# echo "hostname=riff.vanderzwet.net" >> /etc/rc.conf
+
+Package installation using 7.2 kernel and 8.0-RC2 world is core dumping, postponing for later stage
+
+Make any other optional changes before first boot inside chroot(8):
+chroot# vi /etc/rc.conf
+
+
+chroot# exit
+build# umount /mnt
+
+= Initial boot =
+Note: NOT READY YET: Insert card into your embedded device and get yourself a prompt, using serial of ssh login. 
+== Package install ==
+
+=== dnsmasq ===
+
+dnsmasq used for local network dns and dhcp:
+node# pkg_add -r dnsmasq
+node# echo "dnsmasq_enable=YES" >> /etc/rc.conf
+
+{{{#!sh
+node# cat <<EOF > /usr/local/etc/dnsmasq.conf
+interface=sis0
+
+dhcp-range=192.168.42.100,192.168.42.200
+
+domain=vanderzwet.net
+EOF
+}}}
+
+=== ntp ===
+node# echo "ntpd_enable=YES" >> /etc/rc.conf
+{{{
+node# cat <<EOF > /etc/ntp.conf
+server 0.nl.pool.ntp.org
+server 1.nl.pool.ntp.org
+server 2.nl.pool.ntp.org
+
+driftfile /var/db/ntp.drift
+EOF
+}}}
+
+=== motd ===
+
+node# (sed '3,$ d' /etc/motd; echo "WWW: http://rickvanderzwet.nl" ) > /etc/motd.new; mv /etc/motd.new /etc/motd 
+
+=== Flash disk protection ===
+node# echo "update_motd=NO" >> /etc/rc.conf
+node# echo "tmpmfs=YES" >> /etc/rc.conf
+Tip: You could make /var completely read-only, but I hate the details like package management getting lost. Flash cards these days are cheap anyways, mine lived for 1 year after extensive use. Of course with read-only this will be _much_ longer.
+node# echo "varmfs=YES" >> /etc/rc.conf
+Tip: Having your flash living in read-only gives you added security and increases the live-time of your (older) Flash cards
+node# sed '/1a/ s/rw/ro/' /etc/fstab > /etc/fstab.new; mv /etc/fstab.new /etc/fstab
+
+=== various ===
+node# pkg_add -r tinyproxy sudo vim-lite
+
+= Put into production =
+node# reboot
+
+= Adding packages =
+Tip: As space is limited unpacking packages can result in I/O errors due to (memory) disks which run out of space. Installing for example the package apache22 goes as follows:
+node# mkdir /usr/local/tmp
+node# setenv PKG_TMPDIR /usr/local/tmp
+node# pkg_add -r -t /usr/local/tmp/instmp.XXXXXX apache22