On Fri, Mar 18, 2005 at 12:09:36AM +0100, Philippe De Swert wrote: > Hello, Hi, > > Basically, what I did was: > > > > - created a minimal root filesystem i.e. an initrd with a "smart" > > linuxrc script > > > > - used busybox to get as many of the utilities I needed into a small > > binary (busybox is in the initrd) > > > > - created a kernel image with the watchdog patch, both for the net4501 > > and the net4801 (as I have them both) > > <snip> > > It would be nice to have a detailed description of that on our wiki...if you > find time > > > - created a set of packages I want to use on my Soekris boxes; these > > packages are based on their Debian versions i.e. they are actually > > stripped down Debian packages > > What did you do there? Adapted debian init scripts? Removed docs? - setup a separate apt space so that the apt cache of the build host and the target machine do not have to be the same + to avoid having to be root to build everything - for each package, created a makefile to get only the relevant pieces of the corresponding Debian package i.e. check if there is a newer version, retrieve it, unpack it (dpkg-deb), copy binaries into new package - adapted scripts (e.g. some init scripts had to be adapted to fit busybox's start-stop-daemon) are just put into the newly generated package - based on a toc (table of contents) file a gzipped cpio file is generated Pro's: ------ - everything under control - small packages: just the required stuff is there e.g. lots of things in a 10MB CF card partition (kernel, initrd with busybox, several packages e.g. iptables, tc, openssh, openssl, openvpn, ntpdate, ntp, make, djbdns, tinydns, tcpdump (+ latest libc, pam) - only generation of the initrd.gz (compressed ext2 filesystem) from an initrd.cpio.gz is done as root (script run with sudo) - modularity i.e. easy to add extra packages, leave packages out to create different types of machines Contra's: --------- - lots of manual work e.g. dependencies are human controlled, makefiles are written: not difficult but time consuming - upgrades (e.g. from Sarge to Sid) require human checks (e.g. did dependencies change?); updates (e.g. security) inside one release (e.g. Sarge) should not be a problem as dependencies are fixed I exchanged several mails with Chris yesterday and would like to combine things from his setup and mine to come to a "router like" system i.e. separation between firmware (binaries) and configuration. I like Chris' approach of building everything inside a chroot using debootstrap, dpkg, apt etc. because this limits the amount of manual work but I would also like to be able to change things on the target system e.g. password changes, ssh key generation, openvpn key generation etc. is host specific. We've been exchanging ideas already. > > For my net4501 connected to a broadband line, the list looks like > > this: base config djbdns dmntls ez-ipupd fwbfw icmpinfo initrd > > iproute iptables latm1 lcap1 ldb3 llzo1 lncurses log lpam0g lpammdls > > lpamrntm lpcap lreadln lssl097 lwrap0 lz1g make ntpdate ntpsrvr > > openssl openvpn pkgtools sc520wd ssh ssmtp tcpdump tcshaper udhcpc > > Can we already get these packages somewhere? It would be nice to use those as > a Emdebian base if they are suitable enough. I will do the following (target = end of the weekend): - check if everything is still buildable (i.e. rebuild) - put the build infrastructure somewhere (this might be the time to _use_ the free webspace of my ISP;-)) - I already created some documentation some time ago: how to bootstrap and how to configure - building itself should be pretty clear from the makefiles > > Because it is actually a toolchain to build a Debian for Soekris, I > > had been thinking about sending a mail to the > > debian-embedded@lists.debian.org list but as the Soekris is actually > > just a stripped down PC, I didn't consider it "embedded" enough. > > We consider the soekris as a suitable target. It can be turned into a small > hard-disk less, low-power setup and forget device. Ok. > Regards, cu, > Philippe -- lenaerts.frank@pandora.be gpg fingerprint: A41E A399 5160 BAB9 AEF1 58F2 B92A F4AB 9FFB 3707 gpg key id: 9FFB3707 Those who do not understand Unix are condemned to reinvent it, poorly." -- Henry Spencer
Attachment:
signature.asc
Description: Digital signature