From 11b161866953232ab0becb9948d052b0fd471cb1 Mon Sep 17 00:00:00 2001 From: macmpi <16296055+macmpi@users.noreply.github.com> Date: Mon, 20 Nov 2023 17:04:46 +0100 Subject: [PATCH] version 1.2 New feature: auto-update apkovl file with latest master gadget: improved setup if several ports available and/or some unconnected wlan: only install & start wpa_supplicant if needed updated doc --- README.md | 15 +- headless.apkovl.tar.gz | Bin 7547 -> 8569 bytes headless.apkovl.tar.gz.sha512 | 1 + make.sh | 3 +- overlay/usr/local/bin/headless_bootstrap | 172 +++++++++++++++-------- sample_auto-updt | 10 ++ sample_unattended.sh | 7 +- 7 files changed, 140 insertions(+), 68 deletions(-) create mode 100644 headless.apkovl.tar.gz.sha512 create mode 100644 sample_auto-updt diff --git a/README.md b/README.md index 8427b02..3a5dfb6 100644 --- a/README.md +++ b/README.md @@ -25,15 +25,18 @@ Extra files may be added next to `headless.apkovl.tar.gz` to customise boostrapp - `interfaces`[^3] (*optional*): define network interfaces at will, if defaults DCHP-based are not suitable. - `authorized_keys` (*optional*): provide client's public SSH key to secure `root` ssh login. - `ssh_host_*_key*` (*optional*): provide server's custom ssh keys to be injected (may be stored), instead of using bundled ones[^2] (not stored). Providing an empty key file will trigger new keys generation (ssh server may take longer to start). - - -**Goody:** seamless USB-serial & USB-ethernet gadget mode (PiZero for instance):\ -On supporting Pi devices, just add `dtoverlay=dwc2,dr_mode=peripheral` in `usercfg.txt` (or `config.txt`), and plug USB cable into host Computer port.\ -Serial terminal can then be connected-to from host Computer (e.g. `cu -l ttyACM0` on Linux. xon/xoff flow control).\ -Alternatively, with host Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from host with: `ssh root@10.42.0.2`. +- `auto-updt` (*optional*): allow apkovl file automatic update with latest from master branch: if contains *reboot* keyword all in one line, system will reboot after succesful update (unless ssh session is active or `unattended.sh` script is available). Main execution steps are logged: `cat /var/log/messages | grep headless`. +## Goody: +Seamless USB-serial & USB-ethernet gadget mode (*e.g. PiZero*): +- Make sure dwc2/dwc3 driver is loaded acordingly, and device configuration is set to `peripheral` mode: this may be hardware (including cable) and/or software driven.\ +(on supporting Pi devices, just add `dtoverlay=dwc2,dr_mode=peripheral` in `usercfg.txt` (or `config.txt`) to force by software) +- Plug USB cable into host Computer port before boot.\ +Serial terminal can then be connected-to from host Computer (e.g. `cu -l ttyACM0` on Linux. xon/xoff flow control).\ +Alternatively, with host Computer set-up to share networking with USB interface as 10.42.0.1 gateway, one can log into device from host with: `ssh root@10.42.0.2`. + [^1]: Initial boot fully preserves system's original state (config files & installed packages): a fresh system will therefore come-up as unconfigured. [^2]: About bundled ssh keys: this overlay is meant to **quickly bootstrap** system in order to then proceed with proper install; therefore it purposely embeds [some ssh keys](https://github.com/macmpi/alpine-linux-headless-bootstrap/tree/main/overlay/tmp/.trash) so that bootstrapping is as fast as possible. Those temporary keys are moved in RAM /tmp: they will **not be stored/reused** once actual system install is performed (whether or not ssh server is installed in final setup). diff --git a/headless.apkovl.tar.gz b/headless.apkovl.tar.gz index 8a57b83d8c4d9a00aef5eeab6b579d268fb77a0a..7bbe38c85c3aae26fc9fe67bfaef1e7f96224f73 100644 GIT binary patch literal 8569 zcma)n0AO+bN{QS9>Ss;aB30fxU|adH zZ`iHUF7&60c71-~^S$j&%y_g^SoTrukj?9;A^W48}ZkiMM& zIHCB?crxGkj|)2Z(axEc2x{*&UVluJ2r!a^w2KjC9 z^)qj=pYanf-3j#T?$_!S&0EO0upKyZ9#Y@9waO~E>&F05?zw@uZ=2z zPW_y4d%Kee6?p-#usOGL3?ghOB9udOG(hV|5!T*n77~d0NN~UKrvy7@U;-o%_Pt-d zaQ;cWKj0`s>UIGnvi@yf1ao-a8VsR&f|RVk%?*~g-qu}o?x|WE-#Z+x{T31N zjl$*qnfGn;>U%wGSTpV>IR;c;)8|b0Iq0Ch?PSHtAIu%yFCDff{6VPOXS8p^ zC6ln5_T|tn#rNv1f#k9krT^(lldazi@FC^VJHq8leUX@O&Hg!W2MEIj??~?_Ha8#dWb%Ry5Fw=A z9;~U@W|(VDqXiEn4er;!_<|k485#OL6Z>QANeeew2gAkHpWeqxwXzRNfj!3eN`05L zups89=V8YVvaJcJ;Z=UvNLBWP_K&=1^KX9{&PSrH*wlsO=)~=E&mLzav$@q9921VO z3MB}{>w}!kNp2qG@3209K>=>Tb)OaSFwbIcK7gic7W5%~*V>~F_1J)+im-k86->1! z2Ye-$tpidP@)~#6#RUG^9%moa+^KkD89F$HUpPDlCCGJ9%5ZoMQAB}c1>|*p2ut`N zf1*pyWQRFbtNhl{E;=kXZxFnK}|svCIOSb{}W9ASZF^V7^JH99_{c(R zhag4c^qTcQ-gef5rddX94(qEQe^}e5DVGZAp$xDHlQ)Ix`iEna*>Y?#2mSN z^4(mP$@HiKh;Fj?8NZX+th&UQaeNpmekct^TzGv=N-1xh=Fj&6)DlRtTYP=FbB*6j zTU_J$$N5v4hSFns{MtD=H$BV=oD=GF;9tdPn-Zg51Nh!JDa%xkP~XTXJ2F&qt)e2y zo*turq`Al`z#wZ!M2a;$zFgudp`hs?FgMM@s86#{KFdTK1+{<9H|=feW%;LueXIoU zB&q_)nN7Ll-1A$?PHm*}rQ&vnf#L&M0Cs=r^-`IRY9cHZ!MIXD6cRX|jL;Cf10`piLqM#2 z=Z>kNEt>x7DRJN%?C$t7Fv1eQ`~)2KwbIw%bqy8U>mTs}~=| zRJ(z8xfKd%=eN;t3mno6I~9Q-9`^#ekWUM)^yKy?wvgsQA?8@&Ae(Al9UM(A1#;zs zZ9o=F4Wi>KJ}UvuuGEt6j5iC56Bze**C>bOOkD!~AGQaQ&XQ@&U5-a8Ot1ke6RjCF z4sR~?_9f__5&HOI)06WhX)H*3@wr^AA}|k`$6b^np%|@TxaKochhy-^@?94SQvXN; zmwJ&lxok$qz{z~^Lu5R3^b<{Jjhn4lX9CK-y*^sFS1;&SaqfPPFq%z|(*>G~uz80Q z-iavyZB!aQZU%D%28W(o6Jt}pvtwx1Ahn*a4toY^^|0!SM2dyBbp{c}kP=)Ot^72e ze~Ka|u^v*L=nri(EayOwf7&Fz=dp?3OyR}PPMMjVd!OB(H0HsYq~M+2Ud3N3Z|#7s z-vB^y3TLujG^76QE6Rl`F^+YOZPeN#>l2@VX0-H>^P%`i_QR5A3lOQpX8ldzz?K|H z;;W$Qn~u=t*UeOg3p0ALi3@mwzpqmz=Cj{t`dlwao5H3j?%Qk(<%s#%pvq#=#Hzcy z<(;TV+WRXRK6RRrp{-{N#W1#Mz_h*f>mFkg59Sk|HnLt_L0Ni~&9W(hLi0~2I!f$q ztb&R?hud~J`O``|B@j(yLly4Q)`KrWy=!X#K$?M|v+e}a+hv0ZB`@2YOj!Tw zx0bYgkufTh);Efk*Vu6>R^@YBj8xbp&T_xhR?0fQ!v6j@d-;7Rd8~xcjZbht^3cQq z3znpf=gc)3MMq=BkQl)ly6?*wN5seXa#)nUVG?P=^Smx1c#DA-oM}B;3Gx-iSi@fL zn)dsu%_`uK`h-NJLo~~|#7FaxcY}^3f;E;Nzcb?^2zrwUnSanG0^maH*sX$98?tJl zuJFrFt|N+zCDqZ4(Y9i|MX_5UW84`7+aSDSjp!aZN?ua$y>WlTs(UhVYbuH>qlFjs zi88a+qS+$6PU3uhIC7o`Hde2Wm2TO3;+LkF4*uz?Azd)(9SBr~jE+_2odGb_Pc$Vk z{%7Hp8xtQ=o-bM1aRqm+s1AG0?>dX*fvdWZN<|+vez+e4Q%iRTQ}jibER-ef5)m}IPBYtWnjKy(hMVc%5d3tQ{U&&Gc@~=M(+87WiP0bT(ZdC` zcxWSMIzP@T>Bb#hZi`ma>`vkHiheoD>`XLIvd}*aff4(t+j?-@BHiHF0UqLeP)F;4 zU=zpYTmY5_i9gxa1#*%562sT~)NoXqRh@WxH7;?=TYQqE4@r`Z5ntWM1XQw9c6Pf$ zbdFz0@yIP~C2GQ$3cKEs9~sMZ(NC=5?K)TyX7X)KUb!aggme-W8Ezf*Uhe_oz-0E4 zZ3dGfHkuYGFOQj0U6BNIi^o(tx=nKW>vw9cmbG=4C!-5Bea7a@%Jbi;Kp2XMpOU$g zoB?vU_~^gJsp5VHW|jH}a(|#45fj36Hw%|CjrW`bR{q{$00nmFD;buush11XY8E_A z|DZZ8b}=lIko&||#US`q$BFaT{wVWdCNi_J8Ko-^`4Kg0nA{1^jZ{p6EUZibFBM5B z;`XX*HM_PlQjA4Vxw@`rH598rBG+Y9+v+1-!b*SO?(pLf)4_qha9y7BD*qcmu?5t| zP-ig8R6;$pQ0-$Ti7bQ48~6UEk_6pmv~8_l`-A@!Q#eZeAV$~vOx8B<_cDfZs=#~T zBF5YUI2s}>dwqg;7=)hbD*};7n(K!IcD>KV@w_y+UCa2lXAl38A;u%ss;zHcV+wDl zNSFXHWB9Ez;QtP^abxN||Kill(UV@>!TE-jyGIC3qLf7-?Q2tgWd~9LYKD1eC^w!<(v!l(W3`*KHq0EU)>66L~1~@43D4V`h5FrWigD<0fIy5Z$!*? z$>ta?2t%Z--(PzP4&ow@r^iNY*?!S*Tq68<~?|7)ize!))n1<^ULkDMoUM%_s3uEkprNioURx?wg7u;0~Oz1VgGIWf%Z`jN7|n? z31^?ZW|a-Q?*>_|;MrJ$l|@>GZhqc^UVS52rUshFrP;m?6x)jl)L3JX4pu+q_>gmg zD%>Wl_qNxj$

9p{7^bds9H(tONb;UwWM6 zoM3MoAS=N^ANBAr&;4P$yAf}WRDE7fR8c1f+Qu^ob92`RxypeTK|IqwHUS2nGauLB z$K&D~w5tV3;uG|2fFERSr}al`yv5brsWw+cbcj@j!vM5ZR-MAo^zpy&QgMzJeTs_| z>Wx*CpD`@>%0odx1#VsX+Oizn>aE7hnw(9gefh#CeC-*xjZgY6AVb@cx4;_CGlnO!#tI`O=*RZT{Ouyrh(4D%1>K{gC z0;42PfM@c)JMYx?@UT2+0(-F=V3sb`P!*JA#yU-t1nd4)tZj#LueUMP#nI5WdiEzj z(@!M}vfxuP8=)qEl?yri`*@9@tEhnfZZhOSypdTM-c4>;XO8+Q0~r6@3j9sdQAx;b zKZcdcy?NFBKFS)P92quT1eI!t0AxUyJLD6dz=RuZ#Ouq8x}(gU>3OMTgy2}Es5N}l)d`{G z1}9WSxiR4oVQ#oEEUG970<9K?yc#X3JUTRk*7Pnric&h4V|l!e5@g<*N*^-36$KR= zo)tczIBTB8<3fyGV9Wq;Fjy}2gL+6eV*6!PWYd_{sB}Y@R)Kp6dm;*adEn?mv{D~q zKQ297-uJhp!ELgr`p4ZmAtN&<qz;0oVnDcD?NDLtCdipO<205I2C4gznEfS0 zRkWRg97?VFA8uX+7o80}&DEpt9xpR=vH3z4L=ygeo4pr!GM9~W8aQ{v|Df_6rI%KL z{d>k`$HFh14RhbeSYBFLJHY!7)6SOj18M6JK>g4Q;d(f8jyPiKF&Djw+zoHoc!asP(u;nftX*Y$o+2*vDIr9ixQo7TNEXE1aD7O=o$%>P#EFi|IbR_>NMjW58 zhC6cQXGL7Dv07l_YSc02F|M4CcT3czd*E7AOnI*b3#qSeSCKwqdOg%7pRwVP9;Gh! zbE_8i<*8Pa`LE&~{k%602KSo&izaPrTNpzg)ZkU4Tm25)91@Oii!q0am*k?bt+><_ z@bv4?;qZl1(|Kj)Y%3|j{A&f_q2yF`3Hj_srp_WsP~NbjN8Ff0i&OF2RKeS`63026 zBm)dxqv|(DZYi1`%2upv(oSaj(nBB&ONk9EJXh#^YLJ}Vd z*7)Dvb!ER8)=4>QR7HI~>i*<(wCY1|?1}sc>;)?F56sBG=RlXPOYN>h4G_!{yHbC8 zf-N(@J4`j)Cn5>_A?!E=fYqIlhBof>RAS`JqSh&v^e}x3#tAm$U^>0Lpr8AF+1Le> z!++ZBF*(a|Uy5d(Hozv8;qAQal^dEs`02yFjzbXatEE`8IBHB`Y8CCH0?t{5eu!=C z)D-DCb_v2|JR;*X)}F$-7$c01+U++ypy7Uo64)zte3l$;(J=nJ4q0@|k~YiA0?>;Bae-=6JuDSGtAQwx)Vi zQ8eB8nHNu+9>FR!J*KE}b84`XQktNsAFy&>I7) z+hl}Bu3>=6g5b#xF+XUFXL+~|#2fva0(}Rlv|)(}`jaU-!+x#MWLZyOw5asNm(&zV zM&6N!pzl}`u~E)@`{Jex!vSVE)CBp6J?ZPZ&Bh3RiLKS$-HF#K(WMD+v)`kK6)>A5 z+VZO{Wbx1pi(A+;nVfrCzBb5bm7Bj_+AGR~r)o1#NS-SfjKs_*@^w2+8`~hX&zUU!w9BmZ60Fw)O;-uPRD1xY<*xSMauLL%MJmookrMm zAx?MmusTyX_*I2js5`=-alzVIVc{dl$%kNwoXr?CpC6?C(7RxBWyBh&P>exyPI{Ps z#0nUkFNMlj##gYy)X#vk$7nOlFIRQ_rMunx8>d{3HCqNUzCV(cJFhc4K;Ayx-$YV5 zhyGEgZ0GR(HBFC5e$|%V{JcuNPVcOvgn`zrTTdGkYV>(A#pV0YGR&eM&0B&+Hpf32 zaJCp@g}-JJ;S2GpeIr`S`S{AXDolv_7~B*6XP=4hLctW>58c}pK00|&g*b~o_^&LB0Cr3 zcpkLz_TF2U8B3HY0S?ZSDpb(YeqSR(gHMc%OgKSPPJsVNJ)5{Q@!eBQ*dCr3&&x-Z zp1oVB3}SPA`zR7}0Vnvm3lhgme*hm$&K1gsfd^xWd4m?`U&~VuQU~wun!E)0iSvn- z5@fFb3ggF@mz*VCu5w-4&}Jf%D}tYO1{0F}k}ReskwsAaJea!*c-?8*5WEbVwlJ)> zi|?pzyxQ%f6F)47BZ)DgJ;UNCy6s*%$r>0o!wT7|QCSP_Q&~N*R=YQ_AEnOnKmW%3 zq1Ax8NNlUQJ^EuZ&0)agfb2Y8iR|J6*Uhi$+9y}5i^k-jp(8Ru+%Yl1rSFbNnQpCF zoRDv*2q)NNcwS+SPCv*lQA^=vCIBA`xdXAf%iHrphGH#n@kom*Gs{ao~# z?E?2GD7hGhEdeLgR_c+)p&UpZ!v9Q~z@TaNzvGPNHSG*eLD3S<6JHbfxl zV-*VK%2G2_QMK2UewqdwGqAmh{v%s3QWF}8Gh0lqqrUmO^H2+#=^8gDP^ewb*X8M) z^-&=(OHmmg9qC*a)L%C{e+PzlJ zG)9-=f=FYo!F@jWK&P7q-}|vhp`m6$cy%s@v7c;lLmWsc{))G2ve#*1J>+l4a2@ED`oFznlv<_JCCu*gVQv4xdE8Y{odst%-EBAXl^WwCF zb({3o2fdR^M|F0KNx8VZ+8+PSKJU-Yr)OE09;DV{P3aCamD<#_T1$Z*U4nRnLBpz6 z_~KclN%?#(fnu#sAhNZsiy zo5hl})-=f3=Cgpr!n3FCEvzIpHFZbOkVT^)mFdfvi%GgnnhSYn)BNPiSgyAlcr+|e zaj5tL(fS0%rzCpwd0YILR4W@S)fz%zhMc&7O>dEGBt%c z$nQ;x6OYxlAE-(Hrv<1s#Ex(TN$D1Iu0i|$Y-_UE62b*3HPtK8cdf8O<;RNqP|{dN z_NyCSK_jQT@I_eObP}$WK|t60#&`{Zy_K`~MD5|~PiTK&T_abw6ANfuevSN`puE3bzN9_w8=*m349 zh4kr^C_}gfEHd|oF^SUV8KnNS^%?P3SEDW|N;K=O$Ns`ctst3|5v0NkGLc-&!im-t zp7)XBBEzpNA}(2zB?s1Nk3Ll(ECnugpy)35|!=g26Vrg@hWu z`c0;6Avhj0W0;=tf;{>hTN9%Df_Fy4DizZ-dCUZrwQNoBTSu1a#EUg@AUURKVN(%FHo*B_8>7*h>%a(^DJ>x_CrMFV&GDu?^ z>aj{SVlFvp7Y5>wpdJP9#srcE=(vlLtVRgSeT1xolF z7Fdq-23DxYl`OAF_c6uZq^2FHccCaBHcFmMC(8>{QnF1~ILVw7^V5cW5-1P>@+o{l zTX~C}3Wk15x$2b8?XGYS4#bZy=4;BMPaRx66BIFl%!eo@J*@}2l+(gFIq?+?X%|rm zafX?kr`uxGp2k{{k`>nZk_445B(1a!fJ8%kXt~R1lL}oCOQC5*U}%;V{559=NRu=V zMe6wr-2tdc&pB22kxu{VNvZo$^6vu4zvASsXphaUt#b8VzF_58IO(rDlTiFM@D9#^ zjQU#Keb{^YFDuwjai8LNRAC?*Raw}UXO6ob(L6_2zExr@0TXN$|n-;}e^WfM|3y zD6Lu#0|uJosK~R!PGQT4FNFK9++A4RR?Yh%^PPk%y|limsRRac_~;yABlnd^U&Wq> zTbVB#&XTeTfKjzOkVyH>Gr1^1ircL6kB<}mV-W|rRITobjD=G8la3N~XSuMU9>;}Q zikQCpFdcUhbJw(Xy>rWv8VPKpZVf=of$MvEb?bC`dJE6KDs&s_p}WqX`$z}*GuE=d zd{l;1d2K94@vN*6-8p_uKO3ry5G$_qeRrd)={D6E{T6~c8v1Vr;>$?63JDfTs~RWl w0;2&Zf*_Gg>JN&n(O<^+jz9G`7c<)alrcNl{=a(EKnM9YbSg6mRR{(3AAOw>EC2ui literal 7547 zcmV->9faZ^iwFP!000021MFPsvz*qI_gC{*5ZRN&#YoK#t&~y&G+Qq;4fFzERP6iG ztPP(0??bm`#gQDxPD#(s_?>#icF$elcb0q3?fd-JU3~GG37&}}h{t)R56_Ql1Se2} zKuP@m9Dy+m{Q@MucmnF0)~-SDi@Ge^pW^#h<^Q4N&-lOc{J`$A_N_C&K|C&521;`Wud_zmelLLk(${y#DPk#BpM-!u<1(6qH(JrVvm zhJS!Rfnm@3|0ML)9~O-h7mKp;i`sozcLe}^1?uYR@=}O1pDU}ej>D)m{9F4Pe18j~ zFp9pM57>W$x$Wjv{C%zM>^q9ae<^!@(Z)gS*RR2yYyg1gH*OtQZCn;_UP$j`ZLS;_ z;4E+td8_KU2*K~zUI2xi`#<1(FO@FveLD)#r-Wl7U37)^S*U# zHx28uo2#{T=L1#j1@jxuZOkvd`1)Iod#j%~h1v0cdo`EMy?pUIpdZtJH}mbHt3FvD z|5E=E^h5to;mEW8{~q-Jovi&crGHoa4=Ug0)#BBx+fDS5$UbZPr_ledu-n!zJl}gN z|4)4A|L41B{r^4a|KDW|Z2b1UAprkeJ~-{{n~!Y5->ZCN7Jfv8pH0HQ)c?Hns=9Ri z&lLmy^7s$MNbEWO`xWqiuRx*gg?{_WEsNl@=YOz|;y)6bUBa{de+v8mS#14RVAEAq zS+`*L*7aQQsIxEmHuCGjpC3I$3!J6S2krI|*MUJNmdqn#5nD!E2v>jVxa;aWI-A$M4Dl@-<1lcKz25_S%JC`}Xg2M)%A0e|CSF-}_nf znNooNj{PT)XZ!#3_`h2SSp3@fV-!U^~x|G;FOia2OTic-!BZIQBrSqF$V6 z1~b)@gd()YnO@&aq**id>gH(P4my+}~*y_LAC~zM%mv|FR0oO|ML4O`*SAdKg$2tjs3}d|IhIM1WbIm{!hU8^ZMU^y8mahhyV8;p4u${C3+MM zbLBgu$uq+-8SKhbIDD^+!U&m#H(+$+&|9k|HfePe8C~ISxLKzZ;>i&22Pq&}XIVa$ z;)>u4cy!V*5iJ?p5B)(yf}zj@Lq6a1Rk?~yi??Cw) z5vkpiLv`79mj#NumvmU)#v#L*qqIv?7Ma4ZgD{6AZ&?@#W2PI_Qjw=}YU3nqxPIpV zDQQ~EtmAoi$(lhFL*{@VFW0C|DSds@J+t&=B2q_<><$;nSvmN&zbW`O&X>B9CaE~J zdN~5CjKt!4;0n8fR4hE|4h2ONQ>nOBUL`%Vqk^=y;W06cOg(Bh#8lO`^UUnBvSku& z>dbP22q3PW!;BYpS4O)Ub3A%+j(8eAqbcGI$6Hubw`8|NgqALw_oYmpBlyZH&w;L^}4mo`(Ij#)5 z!-6}YL|P)%rpJ~TuqCoy5oOdMX-iRdXM49kbCqB^EqdDqEIN*KN%2eSK3$3x^*BJ1 zf$Y?Wn6TgZq0vQwyReBYvlC=myq;HwZk4!^+vjV{RTlDj!J&??R~uIg`Q*^};)d8S zFS;5@1;L(AF(+);5YmA4a+edbe9LuZYPK-%UFbDDOOVhULz2OBQ4es1oLkAS% zDBAEjyy}mMB@=8z9k08P@LT*!GZlITf@Fycd=4#2f7lq1Xm298I+qrd>$o7#w$(s* z*E_E!$|=t4(}2eNw%!ouGlu(iaUOQrU~FW-*ep>jP?1to6``$^i!1ERHR+nuO3|EP zO`h7`QRH$`+ibSdOJpB4@yQ<96MZ3Q2s=>qkuLykIH@he6FpW4yiOZKHsnqxMg&un zQ(p5I^0@8=k_oT!HdTjI>8y=n>-BQsjgaL`TCAi{4~T|g2zkPt!mD-`DX-D7!E2g+ zv%jhS!=~(J`|=PA=Imi-JPjngLysv+ukyflZAQi-mhzO+G^TLcrhP zB-0#rYzPmq>45dVqp<}kqL@TW{%qw#J;*xB)s7#JBolktuDuLN_QLh(!=rq z3;S(e>l;Qu5TsOFS?1fG-4WYi?;4VN-O~7o(${#R6Bd^}C^ZjWGyybL$VGnImh=U= zI)#;||HbYQ`ExWh<8 zy;FC?fD9PFf?4Zi2&B4cv8xwv^;SMrJ2hN*DtYLzEzw1Ns9#nX?-h&a;A}!m2W~}r zK0tdzK_?i^@G|biZ5L{SHPD)Dib-uP2^W#ZWztP-CG8Y>wrQ8i5*aRnf{PIMdP80T zQHe;4A67iuY*+bldl`|&au$cdUIdesOqPtWbx0k1_z?PLU{R~}1%>)7S*oF|jtDEeOQ?W77)RPDmx1GSfX==b-N6tB+&LS#$k|YHY znOs~^fE6WPAhaOMMLp5pc6m%72}4~>FVUXg8KS<_S0_>G3B){HdsxKDt1XqZN;lTE zV6o9W@8i@1)aH2kzQ zLQO7nYq?A$y7d7@h5OtS&5FPm4kazGC4-;XMP&4L$j~I~t(n`l3iocdOS|&nU=OQh zFBymPCR*0DG8j^h1EO9Wf{@4R=H#$Bw?7>f1=%eQKGd3W4c(wKRL$+kJ6TrQC52vi zAHlc8me<1eaE>76vQ7vbpd9-W5X?=M^KzoDgYRQ|T_KciTE#(rl90i~8mloyibhBT z9;2hYpQt0dSTC#Ik>LY9CT0y3LPjm2QDGKlRLVz!=^O8`-;x?7(f)<-7Hh&#OvyI( zjuQ-917+ycat_z^j=xVRJThjKTLml>#$>kWuCAFh>&Fp-tbP&&MH?i=oxj9t_8L3R z-fLZIYeg0lRlRUBTp+}7iHK8qrZ33?140d%gmK9)la$Y|rhlQFLqlL!)`ye@nOFU? znm9fpe8)QlRb^VUg!)rzHQFwWmf=lWSB1I*ByTZQ@nBDtQAmf?rZlf*Lktbg7{xTu z2GO`HGS{FcL9|1`=PARW=uqQlEsHBXF4;fMi;kzXGQGQif0`)rHVMh9KO z2T^ETG3zWHDXp`RI^t<^hu=;*;+cLs@!u!O{rrsl4+2vk=6?wC`S;&Xm;agZ2LEx+ z{fO^YbC~vsvdqtFj+j-^+<;7wMBw^9^$Mt_16TqB^v zDKo=J4^1_lE!eu#xt*0JF2yZb>9pXyc|IOFg1is+>nPRITcLBY=5{EDc8eY9HY?~P zQOfd`P}_5RJM|rTY{nCf47j(|tuH9`a!zvIgX;dzOKbH$6q$5wc5jQvQPHt zX3q^9`qmj$RG?@4piQt4LE@H3R*~jkMbv2JLRcel1SdJaSW8!eb-hOE!*0Q2VYhJ* z8P)d(XOCP0wt+Yk@C(R$KQyDK%WWi1N7fHm9o?RB6ZRin2d0HAy;!G=vgJ zd~%gCsqL{lWi2G-71FHMES5I-ar7&m0Gx^v!Of zEZ_Hf&nO)^J2&Ae5THP9;XR44YuFVG>cH-uC2`aEo~PIDI;W!2KWw0exZVUPS@>%S!YJpX?R`sxo4;G5`kZTpf|Tb&-E zD6(vqFosS5z=C-$daO!FmB3!zt1_lda-QsGVQmEW-{2?x3g!@ zdCtpvH*tZv4}ZKjXwi@18uTkPa6-{l?&*2Aq`!N5?z-JCnZouKeV6_u5jIZ%+`;J4 zo|t7xJQjuW#u6Nq*I{njNagv~4c3>}AiI*h$m_z#%76`?pmTUmk&5I(fHPAplh~w# zcst@Ei2|AJ2sNKZVSI_P-wWq2V*3D0Kco3%GB2`N47f-x6#3wtSH97IdI`jqi2*Hn zl9jY%a++Mp&kZlUI6&1j@_Z@I=V({1T{QjgLYq1$5M(1*w zt!?QQPs?J>>2>j%WSWlmT!b+wYxhEeflrwNvl|KlLi|gJmf|%~GS9l4F*z9bvc&W2k=CdTb1U6yGE}(>J znM_Jp()nOptJsBbzu-ipMQdR&;37+=`V3mhbF74Sm4pzxw8&W7_2Fo=fSg21H)$SR z<|E4s1boSnimJiqWRS@{F5=}eTliC2L}vM(nYbVwc(&$w#s~`Wa`T5)R(ouxAs|&?Y2l0=mtp)w3hLo$y}`2w__G8Af))NH+U$ZJc>^^CT8a7tAM%4=jc)U z0dNEKsCKJ{`1^06O>$XI(9`ZjpX(oU1LuVp4DJv6{c;{x`2b(;S#0V7UY0+B&WLZX zKMi4IN%@%mh;X5V_!B<3pUY{QWL`EGw0)%UL2Q!StogV@Y)U<)pwqz?p!_!p_dyDk zOkrJ%I3U>H1Y^sS|K!CbS0N;23%EX4wPKDX*4Lw2bbyq_2n4XD@SxIpIF;;PvM<*{ ztjaC94G7y67JzU8@5QPPtj=o^pZpjTf5GxIC(Qm?%jB|{YW9O2Poj`y#Vhg&O#fdp z81baR5b%xOl4I@jtSyLgt?Li4k_)=t?xHzpyX-b+veLRrE7AggeOd`#;6;kGjcFOf zmE7q(UTFAIf}TK`-qE?Kp=taTBvL%`sVT4qW-{`wAqiRNmnVzW5-U9@AJ_(o;{MR^ zgd4m>eFZM#1+4{8TQ(SQl&qTXKbvg~1Vf>gl!IxS&tDtGP+DA=5a=d_S6Y*3274g? zPjVkh6%jtdR~REI+#yjhnju9jXJT{8F&lh2wwS@z4!T1n(mGN&Ng4-Al-MLc&Q!8= z_=PUf*$6@w`*PprSsAx;q|5f_WRO2Ciq)RtHZ|I=xpb@G!Np@2mmpRWXISE9A>6#! zOy5wwN7nCx?(^7LoVS(=DhvS$^^nfgyAEWUPsBht`84nh{-OHN|Ht7YW>lY*U?z~V0ZVnacF0@+3#CL3R*E| zu~SGubly<&x*(ftk33FnpZBw@nSv2fmqLBB<0 zJ)c`OzNAqVK3shA@iB*edt=k+9?1bH?ropi_QH6javmh2`@ZiyJp1le zF+tskL+=M z-}s5dyPD;aGxUUkui$Gcse%cuOILF#o^833UlbjG!kVt4{tG*{n!(s&d4-tEjt|YT z76OLUJf~wDbA**!m}6a6+|tMAeO6H3sJ=kx4(whS z1+;)BGFQv??zWLB_guhOMC2-l%#w(Pk`&@3DJ2ChW5YV+zko`VHg$mo{}Ccs_F7kG z^!nfJQbzA>Tu}Pz@Y&(f(}Vwt*@UN&lMA7eBJ)wE6A|)CXS%hnK0SE%=J(eJ;_&Fr z!SS=lPY%i+P{WjIuVi6(-Q#|(RGm%_>w>SgTMeMo@E@z5zxjs2cKb%Bvi*@F> z16NmnUExWrWNpWAccU6WztoJb-)e>j6Q2?z^f14xadpbNQz2VL}1xCOI(df8TrXpWbjdq<^0%@6*3_SG?N1+0dbc zP{V6n|NLW{s@fI4NTMj2(WiLH1n$`!^WP=}UoqkmJl45O-An7&Rd%_CWj(9>Ae?8d zlBO42oA(OY8*Wf7@C}bZ3tj0AM2QEtHJPS~3K6HgJ^7h}(9nxq`e^R)ibMea6RUL3 zT-;b@&8+3r0bT!PZvE07v143a2u2r$!7@aO!k#+fvV)mFv?i9&q` zS)831^sQi%??7$x2w{d)B3w}xw42X|N^Jr>3E)nKLb*_x`EN3~C7 zt(Ru8Om*s5Z%_0am)hQNUQ$1XrL`hk>-*EEf}>-!Lf*R zsx>J|)W+-uMIquXV$-~E$O{bkhPO(%_Ry8XeUOvQMKQRd%$^l*UnLi?rd~w*D|Fpw zDmF983I0reC_>JIko<8^#_ZOq{>N{Gxi8cN#FQMGzC@@uuE%sZhxA-awBZv8F}j>5 zg_r^XtKCl4(}LKMk#HhvefZD;n-F{{qZB zhcaAKxX(T{;uk4@Qx_wsZ&|?N-BaD-!3+Tnwa*!y_=jIm?HW3QXDis;XOQtck zC2z3hb#uC!5*C|FPeTVYA*zE!&XAg4%NsTL7c-B5b8yCGhzdT zAvV7a?piII4GsA98?e{3Uo`ipQbPrTm8(d*{^S>P)_fg!;GGM0tIJZRmK8mKfQ&7? z*Yl@ul`%?0_XUtTUqQ0n$EAAUbJ615aoJUfE3gFM zTT3j;&UKhyPE$wuf3vCyXCSspx~jO)H4RNp{E0?av(ZQEXwAGVrog6l^{d9c?f38Z zR0@A>@9Zo~>MuKIhysWkE^|;l634G72SB2E{EDdjP)nO0V3Yg~)MZl>@)lG!Tidc* z8$-)U8msep!ld>bE$_?tbequFS6 zHceKNJZIY4NT%fIvxh{f_7ywL4&jhc-ZUk18HZ^q;W=4m`)Vn(WSLwmiy!{f$uX0U zrQbt=9kiI56m>~`1~g?ho}_G^=q73I0P4FeK!FH~>2$8==&==U%-UMc_n6jLL7-+c z9W3tENXaNn8}2nY%H&@GSFMzW!K0dNn#Z`DMfY)K2@-hB`otNU3*GTfduW zrt;WnHAL!7Z|F3kkdu&~NhZ(iiQCqyz4q!qSJ3I5>o6C6>+aCT-E;TcJ$KLDbNAdm RchCRx^FNd+aH;@!004hQ8tMQ5 diff --git a/headless.apkovl.tar.gz.sha512 b/headless.apkovl.tar.gz.sha512 new file mode 100644 index 0000000..cd33774 --- /dev/null +++ b/headless.apkovl.tar.gz.sha512 @@ -0,0 +1 @@ +a8194eb225839a339f66610d68051516595bf30e943f67b7fd05527876cdbfbf7a1312da8d8abfec0a1ece04b8404ac5186c66a269491a5e6312f1e36b7f7694 headless.apkovl.tar.gz diff --git a/make.sh b/make.sh index ca10909..0297fb7 100755 --- a/make.sh +++ b/make.sh @@ -30,7 +30,8 @@ if [ -n "$build_path" ]; then doas tar cv -C "$build_path"/overlay --no-recursion \ $(doas find "$build_path"/overlay/ | sed "s|$build_path/overlay/||" | sort | xargs ) | \ gzip -c9n > headless.apkovl.tar.gz - TZ=UTC touch -cm -t "$t_stamp" headless.apkovl.tar.gz + sha512sum headless.apkovl.tar.gz > headless.apkovl.tar.gz.sha512 + TZ=UTC touch -cm -t "$t_stamp" headless.apkovl.tar.gz* doas rm -rf "$build_path" fi diff --git a/overlay/usr/local/bin/headless_bootstrap b/overlay/usr/local/bin/headless_bootstrap index 6ba5a96..9b7ccb5 100755 --- a/overlay/usr/local/bin/headless_bootstrap +++ b/overlay/usr/local/bin/headless_bootstrap @@ -3,7 +3,7 @@ # SPDX-FileCopyrightText: Copyright 2022-2023, macmpi # SPDX-License-Identifier: MIT -HDLSBSTRP_VERSION="1.1" +HDLSBSTRP_VERSION="1.2" _apk() { local cmd="$1" @@ -76,12 +76,13 @@ cat <<-EOF >> /tmp/.trash/headless_cleanup rm -f /etc/init.d/headless_* _logger "Clean-up done, enjoy !" cat /tmp/.trash/banner > /dev/console - if [ -c /dev/ttyGS0 ]; then - # Enabling terminal login into ttyGS0 serial for 60 sec - # no choice than making permanent change to pre 3.19 versions of /etc/securetty - grep -q "ttyGS0" /etc/securetty || echo "ttyGS0" >> /etc/securetty - /sbin/getty -L 115200 ttyGS0 vt100 & + if [ -n "${gdgt_term}" ]; then + # Enabling terminal login into valid serial port + # no choice than making permanent change to /etc/securetty (Alpine 3.19 already has ttyGS0) + grep -q "${gdgt_term}" /etc/securetty || echo "${gdgt_term}" >> /etc/securetty + /sbin/getty -L 115200 "${gdgt_term}" vt100 & fi + exit 0 EOF chmod +x /tmp/.trash/headless_cleanup } @@ -140,42 +141,74 @@ echo "$keygen_stance" >> /etc/conf.d/sshd rc-service sshd restart } +_updt_apkovl() { +## update apkovl overlay file & eventually reboot +# URL redirects to apkovl file on github master: is.gd shortener provides basic analytics. +# Analytics are public and can be checked at https://is.gd/stats.php?url=apkovl_master +# Privacy policy: https://is.gd/privacy.php + +local file_url="https://is.gd/apkovl_master" +local sha_url="https://github.com/macmpi/alpine-linux-headless-bootstrap/raw/main/headless.apkovl.tar.gz.sha512" +local updt_status="failed, keeping original version" +_logger "Updating overlay file..." + +# wget -q -O /tmp/sha -T 10 "$sha_url" > /dev/null 2>&1 && \ +if wget -q -O /tmp/apkovl -T 10 "$file_url" > /dev/null 2>&1 && \ +echo "36243ca58766232a1ff996de611724cee295109f981f3eb5d4b6df916c856036c002abd0cd58266602f3fcbf22777c1bfd1fb891888e864294b86dba366f6f2e toto" > /tmp/sha && \ + [ "$( sha512sum /tmp/apkovl | awk '{print $1}' )" = "$( awk '{print $1}' /tmp/sha )" ]; then + _is_ro && mount -o remount,rw "${ovlpath}" + cp /tmp/apkovl "${ovl}" + _is_ro && mount -o remount,ro "${ovlpath}" + ! [ "$( sha512sum "${ovl}" | awk '{print $1}' )" = "$( awk '{print $1}' /tmp/sha )" ] && \ + _logger "Bad update: original apkovl file may be altered, please check!..." && return 1 + updt_status="successful" +fi +rm -f /tmp/apkovl /tmp/sha +_logger "Update $updt_status" +[ "$updt_status" = "successful" ] || return 1 +# reboot if specified in auto-updt file (and no ssh session ongoing nor unattended.sh script available) +! pgrep -a -P "$( cat /run/sshd.pid 2>/dev/null )" 2>/dev/null | grep -q "sshd: root@pts" && \ + ! [ -f "${ovlpath}"/unattended.sh ] && \ + grep -q "^reboot$" "${ovlpath}"/auto-updt && \ + _logger "Will reboot in 3sec..." && sleep 3 && reboot +exit 0 +} + _tst_version() { -# Tested URL redirects to github project page: is.gd shortener provides basic analytics. +## Compare current version with latest online, notify & eventally calls for update +# URL redirects to github project page: is.gd shortener provides basic analytics. # Analytics are public and can be checked at https://is.gd/stats.php?url=apkovl_run # Privacy policy: https://is.gd/privacy.php local new_vers="" -local status="failed" local ref="/macmpi/alpine-linux-headless-bootstrap/releases/tag/v" -if wget -q -O /tmp/homepg -T 10 https://is.gd/apkovl_run > /dev/null 2>&1; then - status="success" +local url="https://is.gd/apkovl_run" + +if wget -q -O /tmp/homepg -T 10 "$url" > /dev/null 2>&1; then + _logger "Internet access: success" ver="$( grep -o "$ref.*\"" /tmp/homepg | grep -Eo '[0-9]+[\.[0-9]+]*' )" rm -f /tmp/homepg - [ -n "$ver" ] && ! [ "$ver" = "$HDLSBSTRP_VERSION" ] && \ - new_vers="!! Version $ver is available on Github project page !!" && \ - _logger "$new_vers" && \ + if [ -n "$ver" ] && ! [ "$ver" = "$HDLSBSTRP_VERSION" ]; then + new_vers="!! Version $ver is available on Github project page !!" + _logger "$new_vers" printf '%s\n\n' "$new_vers" >> /tmp/.trash/banner + # Optionally update apkovl if key-file allows it + [ -f "${ovlpath}"/auto-updt ] && _updt_apkovl & + fi +else + _logger "Internet access: failed" fi -_logger "Internet access: $status" + } _setup_networking() { ## Setup Network interfaces -local has_wifi +local has_wifi wlan_lst _has_wifi() { return "$has_wifi"; } - -find /sys/class/ieee80211/*/device/net/* -maxdepth 0 -type d -exec basename {} \; > /tmp/.wlan_list 2>/dev/null -[ -s /tmp/.wlan_list ] && [ -f "${ovlpath}"/wpa_supplicant.conf ] +wlan_lst="$( find /sys/class/net/*/phy80211 -exec \ + sh -c 'printf %s\| "$( basename "$( dirname "$0" )" )"' {} \; 2>/dev/null )" +wlan_lst="${wlan_lst%\|}" +[ -n "$wlan_lst" ] && [ -f "${ovlpath}"/wpa_supplicant.conf ] has_wifi=$? -if _has_wifi; then - _logger "Configuring wifi..." - _apk add wpa_supplicant - _preserve "/etc/wpa_supplicant/wpa_supplicant.conf" - install -m600 "${ovlpath}"/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant.conf - rc-service wpa_supplicant restart -else - _logger "No wifi interface or SSID/pass file supplied" -fi _preserve "/etc/network/interfaces" if ! install -m644 "${ovlpath}"/interfaces /etc/network/interfaces > /dev/null 2>&1; then @@ -202,24 +235,31 @@ if ! install -m644 "${ovlpath}"/interfaces /etc/network/interfaces > /dev/null 2 EOF ;; *) - _has_wifi && grep -q "$INTERFACE" /tmp/.wlan_list && \ + # According to below we could rely on DEVTYPE for wlan devices + # https://lists.freedesktop.org/archives/systemd-devel/2014-January/015999.html + # but...some wlan might still be ill-behaved: use wlan_lst + # shellcheck disable=SC2169 # ash does support string replacement + _has_wifi && ! [ "${wlan_lst/$INTERFACE/}" = "$wlan_lst" ] && \ cat <<-EOF >> /etc/network/interfaces auto $INTERFACE iface $INTERFACE inet dhcp EOF + # ensure considered gadget interface is actually connected over USB (may have several) [ "$DEVTYPE" = "gadget" ] && \ - cat <<-EOF >> /etc/network/interfaces && cat <<-EOF > /etc/resolv.conf - auto $INTERFACE - iface $INTERFACE inet static - address 10.42.0.2/24 - gateway 10.42.0.1 + ! [ "$( find -L /sys/class/udc/*/device/gadget*/net/"$INTERFACE" -maxdepth 0 -exec \ + sh -c 'cat "${0%/device*}"/current_speed' {} \; )" = "UNKNOWN" ] && \ + cat <<-EOF >> /etc/network/interfaces && cat <<-EOF > /etc/resolv.conf + auto $INTERFACE + iface $INTERFACE inet static + address 10.42.0.2/24 + gateway 10.42.0.1 - EOF - nameserver 208.67.222.222 - nameserver 208.67.220.220 + EOF + nameserver 208.67.222.222 + nameserver 208.67.220.220 - EOF + EOF ;; esac done @@ -230,35 +270,46 @@ echo "Using following network interfaces:" cat /etc/network/interfaces echo "###################################" +if _has_wifi && grep -qE "$wlan_lst" /etc/network/interfaces; then + _logger "Configuring wifi..." + _apk add wpa_supplicant + _preserve "/etc/wpa_supplicant/wpa_supplicant.conf" + install -m600 "${ovlpath}"/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant.conf + rc-service wpa_supplicant restart +else + _logger "No wifi interface or SSID/pass file supplied" +fi + _preserve "/etc/hostname" echo "alpine-headless" > /etc/hostname hostname -F /etc/hostname rc-service networking restart -rm -f /tmp/.wlan_list } _setup_gadget() { ## load composite USB Serial/USB Ethernel driver & setup terminal _logger "Enabling USB-gadget Serial and Ethernet ports" -lsmod | grep -q "dwc2" || modprobe -qs dwc2 # remove conflicting modules in case they were initially loaded (cmdline.txt) modprobe -rq g_serial g_ether g_cdc -modprobe -q g_cdc && sleep 1 -# once driver has settled check if cable is connected: unload if not -[ "$( cat "$udc_gadget"/current_speed )" = "UNKNOWN" ] && \ - _logger "USB cable not connected !!" && modprobe -rq g_cdc && return 1 +modprobe -q g_cdc -# default serial config: xon/xoff flow control -stty -g -F /dev/ttyGS0 >/dev/null 2>&1 -# notes to users willing to connect from Linux Ubuntu-based host terminal: -# - user on host needs to be part of dialout group (reboot required), and -# - disable spurious AT commands from ModemManager on host-side Gadget serial port -# you may create a /etc/udev/rules.d/99-ttyacms-gadget.rules as per: -# https://linux-tips.com/t/prevent-modem-manager-to-capture-usb-serial-devices/284/2 -# ATTRS{idVendor}=="0525" ATTRS{idProduct}=="a4aa", ENV{ID_MM_DEVICE_IGNORE}="1" +# look for valid serial port actually connected with USB cable +# (setting console to unconnect serial port would block boot) +gdgt_term="$( find /dev/ttyGS* -exec \ + sh -c 'timeout 1 echo "" > "$0" 2>/dev/null && echo "${0##*/}"' {} \; )" +if [ -n "$gdgt_term" ]; then + # default serial config: xon/xoff flow control + stty -g -F /dev/"$gdgt_term" >/dev/null 2>&1 + # notes to users willing to connect from Linux Ubuntu-based host terminal: + # - user on host needs to be part of dialout group (reboot required), and + # - disable spurious AT commands from ModemManager on host-side Gadget serial port + # you may create a /etc/udev/rules.d/99-ttyacms-gadget.rules as per: + # https://linux-tips.com/t/prevent-modem-manager-to-capture-usb-serial-devices/284/2 + # ATTRS{idVendor}=="0525" ATTRS{idProduct}=="a4aa", ENV{ID_MM_DEVICE_IGNORE}="1" -setconsole /dev/ttyGS0 + setconsole /dev/"$gdgt_term" +fi } @@ -272,10 +323,13 @@ _logger "Alpine Linux headless bootstrap v$HDLSBSTRP_VERSION by macmpi" # help randomness for wpa_supplicant and sshd (urandom until 3.16) rc-service seedrng restart || rc-service urandom restart -# setup USB gadget mode if such device mode is enabled -udc_gadget="$( dirname "$( find -L /sys/class/udc/* -maxdepth 2 -type f -name "is_a_peripheral" 2>/dev/null)" )" -[ "$( cat "$udc_gadget"/is_a_peripheral 2>/dev/null )" = "0" ] && \ - _setup_gadget +# setup USB gadget ports if some ports are enabled in peripheral mode +# Note: we assume dwc2/dwc3 is pre-loaded, we just check mode +gdgt_term="" +[ "$( find -L /sys/class/udc/*/is_a_peripheral -print0 2>/dev/null | \ + xargs -0 cat 2>/dev/null | \ + grep -c "0" )" -ge "1" ] && \ + _setup_gadget # Determine ovl file location # grab used ovl filename from dmesg @@ -291,8 +345,10 @@ fi # Create banner file warn="" -grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$? -[ "$RO" -eq "0" ] && warn="(remount partition rw!)" +grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; is_ro=$? +_is_ro() { return "$is_ro"; } + +_is_ro && warn="(remount partition rw!)" cat <<-EOF > /tmp/.trash/banner Alpine Linux headless bootstrap v$HDLSBSTRP_VERSION by macmpi diff --git a/sample_auto-updt b/sample_auto-updt new file mode 100644 index 0000000..5fbe9ba --- /dev/null +++ b/sample_auto-updt @@ -0,0 +1,10 @@ +# SPDX-FileCopyrightText: Copyright 2022-2023, macmpi +# SPDX-License-Identifier: MIT + +# Automated reboot after update is cancelled if: +# - there is an opened ssh session +# - unattended.sh script is provided + +# Uncomment line below to enable reboot after update +#reboot + diff --git a/sample_unattended.sh b/sample_unattended.sh index 110e74f..c03ba8f 100644 --- a/sample_unattended.sh +++ b/sample_unattended.sh @@ -37,10 +37,11 @@ else fi # also works in case volume is mounted read-only -grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; RO=$? -[ "$RO" -eq "0" ] && mount -o remount,rw "${ovlpath}" +grep -q "${ovlpath}.*[[:space:]]ro[[:space:],]" /proc/mounts; is_ro=$? +_is_ro() { return "$is_ro"; } +_is_ro && mount -o remount,rw "${ovlpath}" rm -f "${ovl}" -[ "$RO" -eq "0" ] && mount -o remount,ro "${ovlpath}" +_is_ro && mount -o remount,ro "${ovlpath}" ########################################################