Bolay's Wiki

User Tools

Site Tools

Trace:
operating_systems:raspbian:clean_installation

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
Last revisionBoth sides next revision
operating_systems:raspbian:clean_installation [2019/05/14 07:35] – [Update raspbian packages and install needed packages] maferreiraoperating_systems:raspbian:clean_installation [2019/07/10 09:57] – [dhclient can't create lease file] maferreira
Line 2: Line 2:
 ===== Clean your sd card ===== ===== Clean your sd card =====
 Before writing the raspbian image into your sd card, clean your storage device by turning all its bits into  0. Before writing the raspbian image into your sd card, clean your storage device by turning all its bits into  0.
-    # dd if=/dev/zero of=/dev/rdisk<sd card number> bs=4m+  # dd if=/dev/zero of=/dev/rdisk<sd card number> bs=4m
  
-===== Write raspbian image into sd card ===== +===== Burn raspbian image into sd card ===== 
-    # dd if=/Users/<username>/Downloads/2019-04-08-raspbian-stretch-lite.img of=/dev/rdisk<sd card number> bs=4m+  # dd if=/Users/<username>/Downloads/2019-04-08-raspbian-stretch-lite.img of=/dev/rdisk<sd card number> bs=4m
  
 ===== Serial connection and disable first boot autosize ===== ===== Serial connection and disable first boot autosize =====
-<note important>Do the following 3 steps **BEFORE BOOTING FOR THE FIRST TIME** your raspberry pi</note>+<note warning>Do the following 3 steps **BEFORE BOOTING FOR THE FIRST TIME** your raspberry pi</note>
  
 ==== Backup cmdline.txt and config.txt ==== ==== Backup cmdline.txt and config.txt ====
 Before modifying **cmdline.txt** and **config.txt**, **BACKUP THEM**! Before modifying **cmdline.txt** and **config.txt**, **BACKUP THEM**!
-    $ cp -p cmdline.txt cmdline.txt.original +  $ cp -p cmdline.txt cmdline.txt.original 
-    $ cp -p config.txt config.txt.original+  $ cp -p config.txt config.txt.original
  
 ==== Modify cmdline.txt ==== ==== Modify cmdline.txt ====
 Once you have finished, change the output console device and remove the script that autoexpands / partition size at first startup. Once you have finished, change the output console device and remove the script that autoexpands / partition size at first startup.
-    $ vi cmdline.txt +  $ vi cmdline.txt 
-    console=serial0,115200 console=tty1 -> console=ttyAMA0,115200 +  console=serial0,115200 console=tty1 -> console=ttyAMA0,115200 
-    delete init=/usr/lib/raspi-config/init_resize.sh+  delete init=/usr/lib/raspi-config/init_resize.sh
  
 ==== Modify config.txt ==== ==== Modify config.txt ====
 Don't forget to enable this option, otherwise you won't be able to communicate to your raspberry pi throught raspberry debug port (TTL-232R-RPi). Don't forget to enable this option, otherwise you won't be able to communicate to your raspberry pi throught raspberry debug port (TTL-232R-RPi).
-    $ vi config.txt +  $ vi config.txt 
-    add this : enable_uart=1+  add this : enable_uart=1
  
-    /dev/root       1.6G  978M  538M  65% / +  /dev/root       1.6G  978M  538M  65% / 
-    devtmpfs        460M      460M   0% /dev +  devtmpfs        460M      460M   0% /dev 
-    tmpfs           464M      464M   0% /dev/shm +  tmpfs           464M      464M   0% /dev/shm 
-    tmpfs           464M   12M  452M   3% /run +  tmpfs           464M   12M  452M   3% /run 
-    tmpfs           5.0M  4.0K  5.0M   1% /run/lock +  tmpfs           5.0M  4.0K  5.0M   1% /run/lock 
-    tmpfs           464M      464M   0% /sys/fs/cgroup +  tmpfs           464M      464M   0% /sys/fs/cgroup 
-    /dev/mmcblk0p1   43M   22M   21M  51% /boot +  /dev/mmcblk0p1   43M   22M   21M  51% /boot 
-    tmpfs            93M       93M   0% /run/user/1000+  tmpfs            93M       93M   0% /run/user/1000
  
 ===== Resize / manualy and create /media/data partition =====    ===== Resize / manualy and create /media/data partition =====   
 Now, resize the / partition and create a new one. Now, resize the / partition and create a new one.
-    # fdisk /dev/mmcblk0+  # fdisk /dev/mmcblk0
 Your partition table should look like this : Your partition table should look like this :
-    Device         Boot Start     End Sectors  Size Id Type +  Device         Boot Start     End Sectors  Size Id Type 
-    /dev/mmcblk0p1       8192   96042   87851 42.9M  c W95 FAT32 (LBA) +  /dev/mmcblk0p1       8192   96042   87851 42.9M  c W95 FAT32 (LBA) 
-    /dev/mmcblk0p2      98304 3522559 3424256  1.6G 83 Linux+  /dev/mmcblk0p2      98304 3522559 3424256  1.6G 83 Linux
 Delete the / partition, and create a new one (primary) which starts at **THE SAME POSITION** as the one you have  just deleted, in my case **98304**.\\ Delete the / partition, and create a new one (primary) which starts at **THE SAME POSITION** as the one you have  just deleted, in my case **98304**.\\
  
 In the **fstab**, replace **PARTUUID** by /dev/mmcblk0p<partition number>. Reboot your raspberry pi and then tell your system you have resized a partition by typing : In the **fstab**, replace **PARTUUID** by /dev/mmcblk0p<partition number>. Reboot your raspberry pi and then tell your system you have resized a partition by typing :
-    # resize2fs /dev/mmcblk0p<partition number>+  # resize2fs /dev/mmcblk0p<partition number>
  
 After creating the partition that will be mounted at /media/data, **reboot** your raspberry pi. Then, turn it into an ext4 partition, and add it to **fstab**. After creating the partition that will be mounted at /media/data, **reboot** your raspberry pi. Then, turn it into an ext4 partition, and add it to **fstab**.
-    # mkfs.ext4 /dev/mmcblk0p3 +  # mkfs.ext4 /dev/mmcblk0p3 
-    # mkdir -p /media/data +  # mkdir -p /media/data 
-     +   
-    # vi /etc/fstab +  # vi /etc/fstab 
-    /dev/mmcblk0p3        /media/data     ext4    defaults                   0+  /dev/mmcblk0p3        /media/data     ext4    defaults                   0
  
-<note important>Make sure you have **CREATED /media/data** folder **BEFORE MOUNTING** it because your raspberry pi **WON'T BOOT** after that : **Cannot open access to console. The root account is locked see sulogin(8) man page for more details.**</note>+<note warning>Make sure you have **CREATED /media/data** folder **BEFORE MOUNTING** it because your raspberry pi **WON'T BOOT** after that : **Cannot open access to console. The root account is locked see sulogin(8) man page for more details.**</note>
  
 Now, it's time to test what you have done. Now, it's time to test what you have done.
-    # mount -a +  # mount -a 
-    $ df -h +  $ df -h 
-     +   
-    Filesystem      Size  Used Avail Use% Mounted on +  Filesystem      Size  Used Avail Use% Mounted on 
-    /dev/root       7.9G  1.1G  6.5G  14% / +  /dev/root       7.9G  1.1G  6.5G  14% / 
-    devtmpfs        460M      460M   0% /dev +  devtmpfs        460M      460M   0% /dev 
-    tmpfs           464M      464M   0% /dev/shm +  tmpfs           464M      464M   0% /dev/shm 
-    tmpfs           464M   12M  452M   3% /run +  tmpfs           464M   12M  452M   3% /run 
-    tmpfs           5.0M  4.0K  5.0M   1% /run/lock +  tmpfs           5.0M  4.0K  5.0M   1% /run/lock 
-    tmpfs           464M      464M   0% /sys/fs/cgroup +  tmpfs           464M      464M   0% /sys/fs/cgroup 
-    tmpfs           464M      464M   0% /var/spool +  tmpfs           464M      464M   0% /var/spool 
-    tmpfs           464M  148K  464M   1% /var/log +  tmpfs           464M  148K  464M   1% /var/log 
-    tmpfs           464M      464M   0% /var/tmp +  tmpfs           464M      464M   0% /var/tmp 
-    tmpfs           464M      464M   0% /tmp +  tmpfs           464M      464M   0% /tmp 
-    /dev/mmcblk0p1   43M   22M   21M  51% /boot +  /dev/mmcblk0p1   43M   22M   21M  51% /boot 
-    tmpfs            93M       93M   0% /run/user/1000 +  tmpfs            93M       93M   0% /run/user/1000 
-    /dev/mmcblk0p3  6.7G   31M  6.3G   1% /media/data+  /dev/mmcblk0p3  6.7G   31M  6.3G   1% /media/data
  
 +===== dhclient can't create lease file =====
 +  # mkdir -p /media/data/var/lib/dhcp
 +  # ln -s /media/data/var/lib/dhcp /var/lib/dhcp/
 +
 +  # vi /etc/dhcp/dhclient-enter-hooks.d/samba
 +  # netbios_setup (comment the function call)
 +
 +==== Can't get DNS servers from dhcp ====
 +  # touch /media/data/resolv.conf
 +  # ln -s /media/data/resolv.conf /etc/resolv.conf
 ===== Update raspbian packages and install needed packages ===== ===== Update raspbian packages and install needed packages =====
-    # apt update +  # apt update 
-    # apt upgrade +  # apt upgrade 
-    # apt install --no-install-recommends tree lsof nmap git+  # apt install --no-install-recommends tree lsof nmap git
  
 ===== Enable ssh ===== ===== Enable ssh =====
-    touch /boot/ssh +  touch /boot/ssh 
-    # systemctl enable ssh +  # systemctl enable ssh 
-    # systemctl start ssh+  # systemctl start ssh
 Reference : https://www.raspberrypi.org/documentation/remote-access/ssh/ Reference : https://www.raspberrypi.org/documentation/remote-access/ssh/
  
 ===== Mount partitions =====   ===== Mount partitions =====  
-    # vi /etc/fstab +  # vi /etc/fstab 
-    tmpfs /tmp tmpfs defaults   0   0 +  tmpfs /tmp tmpfs defaults   0   0 
-    tmpfs /run tmpfs defaults   0   0 +  tmpfs /run tmpfs defaults   0   0 
-    tmpfs /var/spool tmpfs defaults   0   0 +  tmpfs /var/spool tmpfs defaults   0   0 
-    tmpfs /var/log tmpfs defaults   0   0 +  tmpfs /var/log tmpfs defaults   0   0 
-      +    
-    # reboot +  # reboot 
-<note important>**REBOOT** your raspberry pi **AFTER** adding each line to **FSTAB**</note>+<note warning>**REBOOT** your raspberry pi **AFTER** adding each line to **FSTAB**</note>
  
 Systemd-hostnamed doest not start Systemd-hostnamed doest not start
-    # vi /etc/fstab +  # vi /etc/fstab 
-    tmpfs /var/tmp tmpfs   defaults   0   0+  tmpfs /var/tmp tmpfs   defaults   0   0
  
 Check if there are any errors Check if there are any errors
 ===== Fix rsyslog /var/spool/rsyslog directory missing ===== ===== Fix rsyslog /var/spool/rsyslog directory missing =====
-==== By unit file ==== +==== Using unit file ==== 
-    # vi /etc/systemd/system/generateRsyslogStructure.service +  # vi /etc/systemd/system/generateRsyslogStructure.service 
-     +   
-    [Unit] +  [Unit] 
-    Description=Generate Rsyslog structure +  Description=Generate Rsyslog structure 
-    Before=syslog.service +  Before=syslog.service 
-     +   
-    [Service] +  [Service] 
-    ExecStart=/bin/bash /home/pi/generateRsyslogStructure.sh +  ExecStart=/bin/bash /home/pi/generateRsyslogStructure.sh 
-    Type=oneshot +  Type=oneshot 
-     +   
-    [Install] +  [Install] 
-    WantedBy=default.target+  WantedBy=default.target
  
-    $ vi /home/pi/generateRsyslogStructure.sh +  $ vi /home/pi/generateRsyslogStructure.sh 
-    #!/bin/bash +  #!/bin/bash 
-     +   
-    if [ -r /etc/rsyslog.conf ]; then +  if [ -r /etc/rsyslog.conf ]; then 
-        WorkDirectory=$(grep "WorkDirectory" /etc/rsyslog.conf | cut -d\  -f2) +      WorkDirectory=$(grep "WorkDirectory" /etc/rsyslog.conf | cut -d\  -f2) 
-    else +  else 
-        echo "Cannot read /etc/rsyslog.conf" >> /tmp/rsyslogService.txt +      echo "Cannot read /etc/rsyslog.conf" >> /tmp/rsyslogService.txt 
-        exit 1 +      exit 1 
-    fi +  fi 
-     +   
-    if [ ! -d "$WorkDirectory" ]; then +  if [ ! -d "$WorkDirectory" ]; then 
-        mkdir $WorkDirectory +      mkdir $WorkDirectory 
-    fi +  fi 
-     +   
-    exit 0+  exit 0
  
-    sudo chmod 664 generateRsyslogStructure.service +  sudo chmod 664 generateRsyslogStructure.service 
-    chmod a+x generateRsyslogStructure.sh +  chmod a+x generateRsyslogStructure.sh 
-     +   
-    # systemctl enable generateRsyslogStructure.service +  # systemctl enable generateRsyslogStructure.service 
-==== By tmpfiles.d config files ==== +==== Using tmpfiles.d config files ==== 
-    # vi /etc/tmpfiles.d/genRsyslogStruc.conf +  # vi /etc/tmpfiles.d/genRsyslogStruc.conf 
-    d /var/spool/rsyslog 0755 root root+  d /var/spool/rsyslog 0755 root root 
 +   
 +  # mkdir /var/spool/rsyslog
  
 Reference: [[http://man7.org/linux/man-pages/man5/tmpfiles.d.5.html]] Reference: [[http://man7.org/linux/man-pages/man5/tmpfiles.d.5.html]]
  
 ===== Disable swap ===== ===== Disable swap =====
-    # systemctl stop dphys-swapfile.service +  # systemctl stop dphys-swapfile.service 
-    # systemctl disable dphys-swapfile.service +  # systemctl disable dphys-swapfile.service 
-    # reboot+  # reboot
  
 ===== Mount system in read-only mode ===== ===== Mount system in read-only mode =====
-    # vi /etc/fstab +  # vi /etc/fstab 
-    /dev/mmcblk0p2  /               ext4    defaults,noatime,ro  0       1 +  /dev/mmcblk0p2  /               ext4    defaults,noatime,ro  0       1 
-    /dev/mmcblk0p1  /boot           vfat    defaults,ro          0       2+  /dev/mmcblk0p1  /boot           vfat    defaults,ro          0       2
  
-<note important>**REBOOT** your raspberry pi **AFTER** adding each line to **FSTAB**</note>+<note warning>**REBOOT** your raspberry pi **AFTER** adding each line to **FSTAB**</note>
  
 Systemd manual: https://freedesktop.org/software/systemd/man/systemd.exec.html#id-1.20.8 Systemd manual: https://freedesktop.org/software/systemd/man/systemd.exec.html#id-1.20.8
- 
-===== Disable bash history ===== 
-<note important>Since /etc/profile is only read by interactive shells (login) and we connect to raspberry pi using acdsn acount, when loging into root acount using su command, the system won't read that file. We could directly modify /etc/bash.bashrc but it could be erased by an update.</note> 
- 
-==== acdsn ==== 
-    # vi /home/acdsn/git/fw-rules/<port number>/etc/profile.d/noHistory.sh 
-     
-    #! /bin/bash 
-     
-    history -c 
-    set +o history 
-     
-    export HISTFILESIZE=0 
-    export HISTSIZE=0 
-    unset HISTFILE 
- 
-    # chmod a+x /home/acdsn/git/fw-rules/<port number>/etc/profile.d/noHistory.sh 
- 
-    # ln -s /home/acdsn/git/fw-rules/<port number>/etc/profile.d/noHistory.sh ./etc/profile.d/noHistory.sh 
- 
-==== root ==== 
-    # mv /etc/bash.bashrc /home/acdsn/git/fw-rules/<port number>/etc/ 
-    # mv /home/acdsn/git/fw-rules/<port number>/etc/.bashrc /home/acdsn/git/fw-rules/<port number>/etc/bashrc.root 
-    # ln -s /home/acdsn/git/fw-rules/3780/bashrc.root .bashrc 
- 
-Import **noHistory.sh** into .bashrc 
-    if [ -r /etc/profile.d/noHistory.sh  ]; then 
-        . /etc/profile.d/noHistory.sh 
-    fi 
-Reference: http://www.linuxfromscratch.org/blfs/view/stable/postlfs/profile.html 
  
 ===== Disable apt-daily.service and apt-daily-upgrade.service===== ===== Disable apt-daily.service and apt-daily-upgrade.service=====
 If you reboot your raspberry pi, you might see that apt-daily-upgrade.service failed to start. This happens because your system is in read-only mode. To solve this, disable it and it's timer. If you reboot your raspberry pi, you might see that apt-daily-upgrade.service failed to start. This happens because your system is in read-only mode. To solve this, disable it and it's timer.
  
-    root@3780:/home/acdsn# systemctl list-timers +  root@3780:/home/acdsn# systemctl list-timers 
-    NEXT                          LEFT     LAST                          PASSED       UNIT                         ACTIVATES +  NEXT                          LEFT     LAST                          PASSED       UNIT                         ACTIVATES 
-    Mon 2019-05-06 20:48:57 CEST  6h left  Mon 2019-05-06 08:38:50 CEST  6h ago       apt-daily.timer              apt-daily.service +  Mon 2019-05-06 20:48:57 CEST  6h left  Mon 2019-05-06 08:38:50 CEST  6h ago       apt-daily.timer              apt-daily.service 
-    Tue 2019-05-07 06:39:25 CEST  15h left Mon 2019-05-06 14:27:48 CEST  19min ago    apt-daily-upgrade.timer      apt-daily-upgrade.service +  Tue 2019-05-07 06:39:25 CEST  15h left Mon 2019-05-06 14:27:48 CEST  19min ago    apt-daily-upgrade.timer      apt-daily-upgrade.service 
-    Tue 2019-05-07 14:43:08 CEST  23h left Mon 2019-05-06 14:43:08 CEST  3min 45s ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service+  Tue 2019-05-07 14:43:08 CEST  23h left Mon 2019-05-06 14:43:08 CEST  3min 45s ago systemd-tmpfiles-clean.timer systemd-tmpfiles-clean.service
  
 Now that you have the timer and ther unit name, stop and disable them. Now that you have the timer and ther unit name, stop and disable them.
-    # systemctl stop apt-daily.timer +  # systemctl stop apt-daily.timer 
-    # systemctl stop apt-daily.service +  # systemctl stop apt-daily.service 
-     +   
-    # systemctl disable apt-daily.timer +  # systemctl disable apt-daily.timer 
-    # systemctl disable apt-daily.service+  # systemctl disable apt-daily.service
  
-    # systemctl stop apt-daily-upgrade.timer +  # systemctl stop apt-daily-upgrade.timer 
-    # systemctl stop apt-daily-upgrade.service +  # systemctl stop apt-daily-upgrade.service 
-     +   
-    # systemctl disable apt-daily-upgrade.timer +  # systemctl disable apt-daily-upgrade.timer 
-    # systemctl disable apt-daily-upgrade.service    +  # systemctl disable apt-daily-upgrade.service    
  
 ===== systemd-tmpfiles ===== ===== systemd-tmpfiles =====
 This service doesn't start on boot. Move /var/lib/sudo/ts to /media/data/var/lib/sudo/ts by creating a symlink. This service doesn't start on boot. Move /var/lib/sudo/ts to /media/data/var/lib/sudo/ts by creating a symlink.
-    ln -s /media/data/var/lib/sudo/ts /var/lib/sudo/ts+  # mkdir -p /media/data/var/lib/sudo/ts 
 +  # rm -r /var/lib/sudo/ts 
 +   
 +  # ln -s /media/data/var/lib/sudo/ts /var/lib/sudo/ts