From patchwork Thu Apr 14 12:23:20 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: phodina X-Patchwork-Id: 38585 Return-Path: X-Original-To: patchwork@mira.cbaines.net Delivered-To: patchwork@mira.cbaines.net Received: by mira.cbaines.net (Postfix, from userid 113) id 0A34727BBEA; Thu, 14 Apr 2022 13:24:36 +0100 (BST) X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on mira.cbaines.net X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_INVALID, DKIM_SIGNED,FREEMAIL_FROM,MAILING_LIST_MULTI,SPF_HELO_PASS, URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mira.cbaines.net (Postfix) with ESMTPS id B636D27BBE9 for ; Thu, 14 Apr 2022 13:24:31 +0100 (BST) Received: from localhost ([::1]:54820 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1neyWU-0003In-U7 for patchwork@mira.cbaines.net; Thu, 14 Apr 2022 08:24:30 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:44898) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1neyW2-0003If-Ta for guix-patches@gnu.org; Thu, 14 Apr 2022 08:24:02 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:33412) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1neyW2-0005nZ-KN for guix-patches@gnu.org; Thu, 14 Apr 2022 08:24:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1neyW2-0001Qf-GB for guix-patches@gnu.org; Thu, 14 Apr 2022 08:24:02 -0400 X-Loop: help-debbugs@gnu.org Subject: [bug#48314] [PATCH v5] Install guix system on Raspberry Pi Resent-From: phodina Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Thu, 14 Apr 2022 12:24:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 48314 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Maxime Devos Cc: Stefan , "48314@debbugs.gnu.org" <48314@debbugs.gnu.org> Received: via spool by 48314-submit@debbugs.gnu.org id=B48314.16499390205462 (code B ref 48314); Thu, 14 Apr 2022 12:24:02 +0000 Received: (at 48314) by debbugs.gnu.org; 14 Apr 2022 12:23:40 +0000 Received: from localhost ([127.0.0.1]:55543 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1neyVg-0001Q2-07 for submit@debbugs.gnu.org; Thu, 14 Apr 2022 08:23:40 -0400 Received: from mail-4316.protonmail.ch ([185.70.43.16]:57323) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1neyVe-0001Pm-3f for 48314@debbugs.gnu.org; Thu, 14 Apr 2022 08:23:38 -0400 Date: Thu, 14 Apr 2022 12:23:20 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1649939008; bh=+33li8ehsll2Sw8BK8dFVO96EZ8wa2eZyoa84t9OD0c=; h=Date:To:From:Cc:Reply-To:Subject:Message-ID:In-Reply-To: References:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID; b=08IIAKUMYS9DkEBpubkJE0kn363mq7aIqyKuzVvgtwwWUz6ivY1ew8Nm1yoW6PQMb 6ai4Z/BrzppWxFO00UvfG3smbaICpIcHShUMmv84oVz/4ZwrbYOQD0eHoKtwHI8TZj FAhACK7bogsPdWX14OD/Y7ji15BCu92Ff3U1FaWvweJnxYF/yeefYS974B+7h56Lji b+XEuShJB/MhYCySBmHCy3e+kX/c5wPoiyhMOCu8qevDH1PE2mIL7/Sk5KoJLW7Tsi 9ID/DuMMV2k86HBVTgd15YCV3UyIOZ4mRCxXU7drHJ0laE/WwnELRkRx9uL8PnKl/C BbROhMf6BMJAg== Message-ID: In-Reply-To: <86d36088dc4c81112e1529ef9e5e46d6629912c1.camel@telenet.be> References: <19E4796A-B0DB-444F-8773-2E8D3EF6132D@vodafonemail.de> <1JV7YdNsB7LB0ij9pMN5ktIsdpU8g98Lpu0yOrl_r6wFvRjqRJ5XqOktugKlia2rSeyNVEwY0b8VJrFJr1TsWgOIo-JW6EmTpj6Bz4dNzxQ=@protonmail.com> <86d36088dc4c81112e1529ef9e5e46d6629912c1.camel@telenet.be> MIME-Version: 1.0 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: guix-patches@gnu.org List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: guix-patches-bounces+patchwork=mira.cbaines.net@gnu.org Sender: "Guix-patches" Reply-to: phodina X-ACL-Warn: , phodina via Guix-patches X-Patchwork-Original-From: phodina via Guix-patches via From: phodina X-getmail-retrieved-from-mailbox: Patches Thanks Maxime, sorry for silly mistake. Here are the updated patches. The last changes are part of the 4th patch in the patch set. After build I installed it to the SD card using following command: sudo -E ./pre-inst-env guix system init gnu/system/examples/raspberry-pi-64.tmpl /mnt However, I experience an issue when login into the system. I can get there using my SSH key, but it seems the passwd set-uid binary is missing from the profile: $ ssh pi@192.168.1.181 You are required to change your password immediately (administrator enforced). WARNING: Your password has expired. passwd: no such file or directory I understand that the password is not set and the account is accessed through SSH so it asks after login to change it. How come it's possible to change it? I tried to add shadow into the packages, but the error said, it's already part of the system, so my guess is that it's just missing in the PATH variable. Could it be due to the fact it's present in /run/setuid-programs? ---- Petr From 7e13ab0bb33e0f90b094ad4e2759e6e8bc1e8e9c Mon Sep 17 00:00:00 2001 From: Stefan Date: Wed, 13 Apr 2022 21:19:41 +0200 Subject: [PATCH v5 8/8] gnu: raspberry-pi: Add a bootloader-chain for the Raspberry Pi and os examples. * gnu/packages/raspberry-pi.scm (grub-efi-bootloader-chain-raspi-64): New bootloader variable, capable to boot a Raspberry Pi over network or from a local storage. * gnu/system/examples/raspberry-pi-64.tmpl: New operating-system example. * gnu/system/examples/raspberry-pi-64-nfs-root.tmpl: New operating-system example for booting over network. diff --git a/gnu/packages/raspberry-pi.scm b/gnu/packages/raspberry-pi.scm index d808f61ac2..d52a4a72c5 100644 --- a/gnu/packages/raspberry-pi.scm +++ b/gnu/packages/raspberry-pi.scm @@ -18,11 +18,14 @@ ;;; along with GNU Guix. If not, see . (define-module (gnu packages raspberry-pi) + #:use-module (gnu bootloader) + #:use-module (gnu bootloader grub) #:use-module (gnu packages) #:use-module (gnu packages admin) #:use-module (gnu packages algebra) #:use-module (gnu packages base) #:use-module (gnu packages bash) + #:use-module (gnu packages bootloaders) #:use-module (gnu packages commencement) #:use-module (gnu packages cross-base) #:use-module (gnu packages documentation) @@ -312,6 +315,22 @@ (define-public (make-raspi-bcm28-dtbs linux) (simple-format #f "The device-tree files for Raspberry Pi models from ~a." (package-name linux))))) +(define-public grub-efi-bootloader-chain-raspi-64 + ;; A bootloader capable to boot a Raspberry Pi over network via TFTP or from + ;; a local storage like a micro SD card. + ;; It neither installs firmware nor device-tree files for the Raspberry Pi. + ;; It just assumes them to be existing in boot/efi in the same way that some + ;; UEFI firmware with ACPI data is usually assumed to be existing on PCs. + ;; It creates firmware configuration files and a bootloader-chain with U-Boot + ;; to provide an EFI API for the final GRUB bootloader. + ;; It also serves as a blue-print to create an own bootloader-chain with + ;; firmwre and device-tree packages or files. + (efi-bootloader-chain grub-efi-netboot-removable-bootloader + #:packages (list u-boot-rpi-efi-64) + #:files (list %raspi-config-txt + %raspi-bcm27-dtb-txt + %raspi-u-boot-bootloader-txt))) + (define (make-raspi-defconfig arch defconfig sha256-as-base32) "Make for the architecture ARCH a file-like object from the DEFCONFIG file with the hash SHA256-AS-BASE32. This object can be used as the #:defconfig diff --git a/gnu/system/examples/raspberry-pi-64-nfs-root.tmpl b/gnu/system/examples/raspberry-pi-64-nfs-root.tmpl new file mode 100644 index 0000000000..c006a287fb --- /dev/null +++ b/gnu/system/examples/raspberry-pi-64-nfs-root.tmpl @@ -0,0 +1,73 @@ +;; This is an operating-system configuration template of a +;; 64-bit minimal system for a Raspberry Pi with an NFS root file-system. + +;; It neither installs firmware nor device-tree files for the Raspberry Pi. +;; It just assumes them to be existing in boot/efi in the same way that some +;; UEFI firmware with ACPI data is usually assumed to be existing on PCs. + +;; It expects the boot/efi directory to be served via TFTP and the root +;; file-system to be served via NFS. See the grub-efi-netboot-bootloader +;; description in the manual for more details. + +(use-modules (gnu) + (gnu artwork) + (gnu system nss)) +(use-service-modules admin + avahi + networking + ssh) +(use-package-modules certs + linux + raspberry-pi + ssh) + +(define %my-public-key + (local-file (string-append (getenv "HOME") "/.ssh/id_ecdsa.pub"))) + +(define-public raspberry-pi-64-nfs-root + (operating-system + (host-name "raspberrypi-guix") + (timezone "Europe/Berlin") + (bootloader (bootloader-configuration + (bootloader grub-efi-bootloader-chain-raspi-64) + (targets '("/boot/efi")) + (theme (grub-theme (resolution '(1920 . 1080)) + (image (file-append + %artwork-repository + "/grub/GuixSD-fully-black-16-9.svg")))))) + (kernel-arguments '("ip=dhcp")) + (kernel (modify-linux #:linux linux-libre-arm64-generic + #:extra-version "arm64-generic-netboot" + #:configs '("CONFIG_NFS_SWAP=y" + "CONFIG_USB_USBNET=y" + "CONFIG_USB_LAN78XX=y" + "CONFIG_USB_NET_SMSC95XX=y"))) + (initrd-modules '()) + (file-systems (cons* (file-system + (mount-point "/") + (type "nfs") + (device ":/export/raspberrypi/guix") + (options "addr=10.20.30.40,vers=4.1")) + %base-file-systems)) + (swap-devices (list (swap-space (target "/run/swapfile")))) + (users (cons* (user-account + (name "pi") + (group "users") + (supplementary-groups '("wheel" "netdev" "audio" "video")) + (home-directory "/home/pi")) + %base-user-accounts)) + (packages (cons* nss-certs + openssh + %base-packages)) + (services (cons* (service avahi-service-type) + (service dhcp-client-service-type) + (service ntp-service-type) + (service openssh-service-type + (openssh-configuration + (x11-forwarding? #t) + (authorized-keys + `(("pi" ,%my-public-key))))) + %base-services)) + (name-service-switch %mdns-host-lookup-nss))) + +raspberry-pi-64-nfs-root diff --git a/gnu/system/examples/raspberry-pi-64.tmpl b/gnu/system/examples/raspberry-pi-64.tmpl new file mode 100644 index 0000000000..6b0178c861 --- /dev/null +++ b/gnu/system/examples/raspberry-pi-64.tmpl @@ -0,0 +1,77 @@ +;; This is an operating-system configuration template of a +;; 64-bit minimal system for a Raspberry Pi with local storage. + +;; It neither installs firmware nor device-tree files for the Raspberry Pi. +;; It just assumes them to be existing in boot/efi in the same way that some +;; UEFI firmware with ACPI data is usually assumed to be existing on PCs. + +;; It expects the boot-partition to be mounted as boot/efi in the same way +;; as it is usually expeted on PCs with UEFI firmware. + +(use-modules (gnu) + (gnu artwork) + (gnu system nss)) +(use-service-modules admin + avahi + networking + ssh) +(use-package-modules certs + linux + raspberry-pi + ssh) + +(define %my-public-key + (local-file (string-append (getenv "HOME") "/.ssh/id_ecdsa.pub"))) + +(define-public raspberry-pi-64 + (operating-system + (host-name "raspberrypi-guix") + (timezone "Europe/Berlin") + (bootloader (bootloader-configuration + (bootloader grub-efi-bootloader-chain-raspi-64) + (targets '("/boot/efi")) + (theme (grub-theme (resolution '(1920 . 1080)) + (image (file-append + %artwork-repository + "/grub/GuixSD-fully-black-16-9.svg")))))) + (kernel (modify-linux #:linux linux-libre-arm64-generic + #| It is possible to use a specific defconfig file, + for example the "bcmrpi3_defconfig" with the + variable shown below. Unfortunately the kernel + build from the linux-libre sources with this + defconfig file does not boot. + #:extra-version "gnu-bcmrpi3" + #:defconfig %bcmrpi3-defconfig + |#)) + (initrd-modules '()) + (file-systems (cons* (file-system + (mount-point "/") + (type "ext4") + (device (file-system-label "Guix"))) + (file-system + (mount-point "/boot/efi") + (type "vfat") + (device (file-system-label "EFI"))) + %base-file-systems)) + (swap-devices (list (swap-space (target "/run/swapfile")))) + (users (cons* (user-account + (name "pi") + (group "users") + (supplementary-groups '("wheel" "netdev" "audio" "video")) + (home-directory "/home/pi")) + %base-user-accounts)) + (packages (cons* nss-certs + openssh + %base-packages)) + (services (cons* (service avahi-service-type) + (service dhcp-client-service-type) + (service ntp-service-type) + (service openssh-service-type + (openssh-configuration + (x11-forwarding? #t) + (authorized-keys + `(("pi" ,%my-public-key))))) + %base-services)) + (name-service-switch %mdns-host-lookup-nss))) + +raspberry-pi-64 -- 2.34.0