This is an old revision of the document!
Table of Contents
Raspbian
Clone only a directory
git clone <git path> cd <git directory> git config core.sparsecheckout true echo "<directory name>" >> .git/info/sparse-checkout git checkout --
Reduce time that is used to raise network interfaces
As root, create the “networking.service.d” directory if it does not already exist and create/modify “reduce-timeout.conf”
mkdir /etc/systemd/system/networking.service.d vi reduce-timeout.conf
Then add this to your “reduce.timeout.conf” file
[Service] TimeoutStartSec=XX
Disable swap
As root, turn off the process that automatically creates a swap file
/etc/init.d/dphys-swapfile stop
Also as root, add “exit 0” to the beginning of your “dphys-swapfile” file (before any executable line of code)
vi /etc/init.d/dphys-swapfile ### BEGIN INIT INFO # Provides: dphys-swapfile # Required-Start: $syslog $remote_fs # Required-Stop: $syslog $remote_fs # Should-Start: $local_fs # Should-Stop: $local_fs # Default-Start: 2 3 4 5 # Default-Stop: # Short-Description: Autogenerate and use a swap file # Description: This init.d script exists so one does not need to have a fixed size # swap partition. Instead install without swap partition and then run # this, with file size (re-)computed automatically to fit the current # RAM size. ### END INIT INFO exit 0 . /lib/lsb/init-functions # get ready to work PATH=/sbin:/bin:/usr/sbin:/usr/bin export PATH ...
Stop process using files in /
First we need to know which processes are using files in the directory we want to make read-only. To do so, you can use the fuser command.
sudo fuser -v -m /
You should have something like this
USER PID ACCESS COMMAND /: root kernel mount / Some other process root 423 Frce. rsyslogd root 657 Frce. dhclient Some other process
Now, if you check rsyslog status it might be stopped because it uses /var/spool/rsyslog, and /var/spool is mounted in tmpfs. This means that the directory used by rsyslog is not created/available at boot. To solve this problem you need a script that is executed at startup. To do so, create a systemd unit file.
vim /etc/systemd/system/generateRsyslogStructure.service
[Unit] Description=Generate rsyslog structure Before=rsyslog.service [Service] ExecStart=/home/acdsn/git/acdsn-scripts/PI/generateRsyslogStructure.sh Type=oneshot [Install] WantedBy=default.target
And then create “createSyslogDir.sh”
#!/bin/bash if [ -r /etc/rsyslog.conf ]; then WorkDirectory=$(grep "WorkDirectory" /etc/rsyslog.conf | cut -d\ -f2) else echo "Cannot read /etc/rsyslog.conf" >> /tmp/rsyslogService.txt exit 1 fi [ -d "$WorkDirectory" ] || mkdir $WorkDirectory exit 0
Restart rsyslog and it should work!
From the 2 processes I showed you earlier, only dhclient remains.
dhclient is launched by dhcpcd which uses a file as database for each network interface (/var/lib/dhcpcd5/dhcpcd-<network interface name>.lease). As a database, this file is written and read often. We need to move the lease file to a read-only directory (in our case it can be /tmp).
After reading the dhcpcd documentation, I only found a -lf option to specify the path to the lease files. But that is not the best solution since the configuration is only used in runtime. It would be better if there was an option in the config file where I could specify the lease files path.
So I took a look to the dhcpcd.conf manual page but I didn't found a “leasefile path” option. I also research in Internet if there was a “leasefile path”, but again, no results.
I started thinking if I couldn't see the option from the documentation I would have to analyze the source code.
If you have done the BLFS project before, you might remember installing dhcpcd package. Here is what they used to compile it:
./configure --libexecdir=/lib/dhcpcd \ --dbdir=/var/lib/dhcpcd && make sudo make install
As you can see, dbdir is a compilation variable that contains the path where dhcpcd can find the lease files for each network interface.
Here is the precedure I used to try to find if there is a config file other than dhcpcd.conf or if there is an option to change the default lease files path.
- Find out where dbdir is defined/used
- Search for some kind of read_config function and see where it is used
Unfortunately, this method didn't work and I had to use a different one. I searched in the dhcpcd.conf manual page for an option that isn't used very often in order to make the “debug” process easy.
I choose the xidhwaddr option. I executed grep -r -i “xidhwaddr” . in the dhcpcd-6.10.1 directory and I had the following result:
./dhcpcd.8.in:.It Fl H , Fl Fl xidhwaddr ./dhcpcd.conf.5.in:.It Ic xidhwaddr ./if-options.c: {"xidhwaddr", no_argument, NULL, 'H'},
After this, I took a look to the if-options.c file to know where this C struct option where used. The first line of code I found contained a parse_config_line function which had a char *line parameter.
The next step was to find out where this function was called. I found out that it was called by a read_config function which didn't have a char *line parameter.
It was obvious that the line variable was initialised and declared inside read_config. After a research in that function, I realised that the line variable contained data from either dhcpcd.conf or /lib/dhcpcd/dhcpcd-definitions.conf (an embedded config file).
After some time of lecture, I found out that there wasn't a config file with a lease-file option.
Create a clean raspbian image
sudo dd if=/Users/<username>/Downloads/2019-04-08-raspbian-stretch-lite.img of=/dev/rdisk<sd card number> bs=4m
Before modifying cmdline.txt and config.txt, BACKUP THEM!
cp -p cmdline.txt cmdline.txt.original cp -p config.txt config.txt.original
Once you have finished, change the output console device and remove the script that autoexpands / partition size at first startup.
vi cmdline.txt console=serial0,115200 console=tty1 -> console=ttyAMA0,115200 delete init=/usr/lib/raspi-config/init_resize.sh
Don't forget to enable this option, otherwise you won't be able to communicate to your raspberry pi throught raspberry debug port (TTL-232R-RPi).
vi config.txt add this : enable_uart=1
/dev/root 1.6G 978M 538M 65% / devtmpfs 460M 0 460M 0% /dev tmpfs 464M 0 464M 0% /dev/shm tmpfs 464M 12M 452M 3% /run tmpfs 5.0M 4.0K 5.0M 1% /run/lock tmpfs 464M 0 464M 0% /sys/fs/cgroup /dev/mmcblk0p1 43M 22M 21M 51% /boot tmpfs 93M 0 93M 0% /run/user/1000
Now, resize the / partition and create a new one. As root, type :
fdisk /dev/mmcblk0
Your partition table should look like this :
Device Boot Start End Sectors Size Id Type /dev/mmcblk0p1 8192 96042 87851 42.9M c W95 FAT32 (LBA) /dev/mmcblk0p2 98304 3522559 3424256 1.6G 83 Linux
Delete the / partition, and create a new one (primary) which starts at THE SAME POSITION as the one you have just deleted, in my case 98304.
In the fstab, replace PARTUUID by /dev/mmcblk0p<partition number>. Reboot your raspberry pi and then tell your system you have resized a partition by typing :
resize2fs /dev/mmcblk0p<partition number>
sudo apt update sudo apt upgrade
touch /boot/ssh sudo systemctl enable ssh sudo systemctl start ssh
Reference : https://www.raspberrypi.org/documentation/remote-access/ssh/
vi fstab tmpfs /tmp tmpfs defaults 0 0 tmpfs /run tmpfs defaults 0 0 reboot
Check if there are any errors
vi /etc/systemd/system/generateRsyslogStructure.service [Unit] Description=Generate Rsyslog structure Before=syslog.service [Service] ExecStart=/bin/bash /home/pi/generateRsyslogStructure.sh Type=oneshot [Install] WantedBy=default.target
vi /home/pi/generateRsyslogStructure.sh #!/bin/bash if [ -r /etc/rsyslog.conf ]; then WorkDirectory=$(grep "WorkDirectory" /etc/rsyslog.conf | cut -d\ -f2) else echo "Cannot read /etc/rsyslog.conf" >> /tmp/rsyslogService.txt exit 1 fi if [ ! -d "$WorkDirectory" ]; then mkdir $WorkDirectory fi exit 0
sudo chmod 664 generateRsyslogStructure.service chmod a+x generateRsyslogStructure.sh sudo systemctl enable enerateRsyslogStructure.service vi /etc/fstab tmpfs /var/spool tmpfs defaults 0 0 reboot
vi /etc/fstab tmpfs /var/log tmpfs defaults 0 0 reboot
Systemd-hostnamed doest not start
vi /etc/fstab tmpfs /var/tmp tmpfs defaults 0 0 reboot
vi /etc/fstab PARTUUID=c1dc39e5-02 / ext4 defaults,noatime,ro 0 1 reboot
vi /etc/fstab PARTUUID=c1dc39e5-01 /boot vfat defaults,ro 0 2
sudo systemctl stop dphys-swapfile.service sudo systemctl disable dphys-swapfile.service reboot
Systemd manual: https://freedesktop.org/software/systemd/man/systemd.exec.html#id-1.20.8
Create a partition with the unused partition size.
–Rw mode–
Create /media/data
Mount /media/data (/etc/fstab)
reboot
–Ro mode–
reboot
vi /etc/profile.d/noHistory.sh #! /bin/bash history -c set +o history export HISTFILESIZE=0 export HISTSIZE=0 unset HISTFILE chmod a+x /etc/profile.d/noHistory.sh reboot
Rename username
As root account is disabled by default on raspberrian, we need to activate it. But before doing that, mount / in read-write mode.
sudo mount -o remount,rw / sudo su passwd root
And then enter the new password you want.
usermod -l acdsn pi usermod -m -d /home/acdsn acdsn
Set a password to the user
passwd acdsn
Rename group
groupmod --new-name acdsn pi
Rename hostname
vi /etc/hostname
Replace the existing hostname by the new one.
Generate ssh keys
ssh-keygen -t rsa -b 2048