/contrib/famzah

Enthusiasm never stops

Category Archives: Linux


by Leave a comment

Debian rootfs installation customized for Bifferboard

Update: There are (more up-to-date) automated scripts which you can use for the below actions:

  1. You need to checkout the whole Bifferboard SVN repository.
  2. The scripts are located in the directory “/debian/rootfs“. Execute them from the checked out repository on your local computer.

First you have to mount a medium on which we are going to install the Debian system. Generally, you have two options:

  • Using a USB Flash drive:


    ## MAKE SURE THAT YOU UPDATE THIS
    $ export ROOTDEV=/dev/sdc1
    $ sudo mkfs.ext3 $ROOTDEV
    $ sudo tune2fs -c 0 -i 0 $ROOTDEV
    $ export MNTPOINT=/mnt/diskimage
    $ sudo mount $ROOTDEV $MNTPOINT

  • Using a Qemu image:


    $ export MNTPOINT=/mnt/diskimage
    $ export IMGFILE=hd0.img
    $ sudo mount -o loop,offset=32256 "$IMGFILE" $MNTPOINT

Once we have the medium mounted at $MNTPOINT, we can proceed with installing Debian there and configuring it for Bifferboard:

$ export DBS_OS_VERSION=lenny
## replace "bg." with your local archive, or just omit it
$ export DBS_LOCAL_ARCHIVE=bg.
$ sudo debootstrap --arch i386 ${DBS_OS_VERSION} $MNTPOINT/ http://ftp.${DBS_LOCAL_ARCHIVE}debian.org/debian
## ... go grab a pizza or something ... this will take a while
$ sudo cp /etc/resolv.conf $MNTPOINT/etc/
$ sudo mount proc $MNTPOINT/proc -t proc
$ sudo chroot $MNTPOINT
##
## We are now in the "chroot" environment as root
##
/# apt-get -qq update && apt-get install wget
/# cd /root && wget http://bifferboard.svn.sourceforge.net/viewvc/bifferboard/debian/rootfs/include/debootstrap-postconfig.sh
/root# chmod +x debootstrap-postconfig.sh && ./debootstrap-postconfig.sh
/root# passwd root
/root# exit
##
## Back to our machine
##
$ sudo umount $MNTPOINT/proc
$ sudo umount $MNTPOINT

Now you have a minimum Debian installation customized for Bifferboard in the following way:

  • Custom kernel for Bifferboard installed by a .deb package.
  • Ethernet interface configured as DHCP client.
  • Temporary directories /tmp and /var/tmp mounted on a RAM-disk.
  • All APT sources “main contrib non-free” enabled.
  • Serial console on ttyS0 (115200 8N1).
  • RTC (real-time clock) kernel modules blacklisted – the Bifferboard has no RTC.
  • IPv6 disabled – takes a lot of resources and we won’t use it anyway, for now.

I may add any further customizations if needed. You can always review the debootstrap-postconfig.sh script for details on what is being configured.

You can use this image/disk as a rootfs which you can boot directly on Bifferboard or try in Qemu. Note that you have to install our Debian kernel on Bifferboard prior to booting this rootfs.

Used resources:


by Leave a comment

Create a Qemu image file which you can mount in both Linux and Qemu

The idea is to be able to easily manage a Qemu image outside of Qemu, natively on Linux. This can help you to alter the files on the Qemu image easily on Linux and then test the modified Qemu image on a Qemu virtual machine.

You can download an empty, formatted with Ext3 Qemu raw image at the following URL address:

There is nothing special about how you can achieve this yourself:

  • Create an empty Qemu image file.
  • Run an installation CD of Debian (or any other Linux) under Qemu and use the empty image as an available hard disk.
  • Partition and format the Qemu hard disk (resp. the Qemu image file) using the Linux installer.
  • Interrupt the Linux installer, stop Qemu, mount the Qemu image on Linux and clean it up.

You can achieve the above using the following commands:

# make sure to update the .iso URL if needed
$ wget http://cdimage.debian.org/debian-cd/5.0.3/i386/iso-cd/debian-503-i386-netinst.iso
$ qemu-img create hd0.img 2G
$ qemu -hda hd0.img -cdrom debian-503-i386-netinst.iso -boot d
# continue with the installation to the point where you can set up the partitions
# set up a primary partition using the entire disk space, do not set up a swap partition; save changes to disk and continue
# interrupt the installation (for example from the second console by executing "halt"), stop the virtual machine, we will not need it any further
$ sudo mkdir -p /mnt/diskimage
$ sudo mount -o loop,offset=32256 hd0.img /mnt/diskimage
$ sudo rm -r /mnt/diskimage/*
$ sudo mkdir -m 0700 '/mnt/diskimage/lost+found'
$ sudo umount /mnt/diskimage

Now we have an empty Qemu image which we can mount in both Linux and Qemu.

Here is an example on how to mount this image in Qemu:

qemu -usb -usbdevice disk:hd0.img

Do not use the image simultaneously as Linux mount and Qemu hard disk.

Used resources:


by Leave a comment

Build a Debian Linux kernel for Bifferboard as .deb packages

In my previous article I explained why and how to build a very small Linux kernel with all possible modules enabled which would help us to run a standard Debian installation on Bifferboard.

You can download the already built .deb packages for Debian “lenny” at the following addresses:

On my Bifferboard, I use the following Kernel command line to boot this kernel:

rootwait root=/dev/sda1 console=uart,io,0x3f8

For Qemu, because of some USB mass-storage emulation issues, the line looks like:

rootwait root=/dev/sda1 console=uart,io,0x3f8 irqpoll

Update: There are (more up-to-date) automated scripts which you can use for the below actions:

  • You need to checkout the whole Bifferboard SVN repository.
  • The scripts are located in the directory “/debian/kernel“. Execute the “build.sh” script from the checked out repository on your local computer, on a Debian “lenny” system.

If you want to build the packages yourself, you need to execute the following commands on a Debian “lenny” machine (a virtual machine or a chroot()’ed installation work too):

famzah@FURNA:~$ sudo apt-get install kernel-package fakeroot build-essential ncurses-dev tar patch
famzah@FURNA:~$ export KVERSION=2.6.30.5
famzah@FURNA:~$ rm -rf /tmp/tmpkern-$KVERSION
famzah@FURNA:~$ mkdir /tmp/tmpkern-$KVERSION
famzah@FURNA:~$ cd /tmp/tmpkern-$KVERSION && wget http://www.kernel.org/pub/linux/kernel/v2.6/linux-$KVERSION.tar.bz2
famzah@FURNA:/tmp/tmpkern-2.6.30.5$ tar -xjf linux-$KVERSION.tar.bz2
famzah@FURNA:/tmp/tmpkern-2.6.30.5$ sudo mkdir -p /usr/src/bifferboard && sudo chown $USER /usr/src/bifferboard
famzah@FURNA:/tmp/tmpkern-2.6.30.5$ mv linux-$KVERSION /usr/src/bifferboard/
famzah@FURNA:/tmp/tmpkern-2.6.30.5$ cd /usr/src/bifferboard/linux-$KVERSION
famzah@FURNA:/usr/src/bifferboard/linux-2.6.30.5$ wget 'http://www.famzah.net/download/bifferboard/obsolete/bifferboard-2.6.30.5-12.patch' -O bifferboard-2.6.30.5-12.patch
famzah@FURNA:/usr/src/bifferboard/linux-2.6.30.5$ patch --quiet -p1 < bifferboard-2.6.30.5-12.patch
famzah@FURNA:/usr/src/bifferboard/linux-2.6.30.5$ wget http://www.famzah.net/download/bifferboard/obsolete/build-biff-kernel-2.6.30.5-deb.sh
famzah@FURNA:/usr/src/bifferboard/linux-2.6.30.5$ chmod +x build-biff-kernel-2.6.30.5-deb.sh
famzah@FURNA:/usr/src/bifferboard/linux-2.6.30.5$ ./build-biff-kernel-2.6.30.5-deb.sh
# When "make menuconfig" is displayed, just EXIT and SAVE the configuration.
#
# After the build, you can find the two .deb packages in "/usr/src/bifferboard".

Used resources:


by Leave a comment

Build a very small Linux kernel with all possible modules enabled

…and still be able to mount a root file-system stored on a USB mass-storage.

The idea is to build a very small kernel with the bare minimum compiled-in and all the rest as modules which are stored on the “rootfs” device. Once the “rootfs” device has been mounted by the kernel, the kernel can load any additional modules from there. Therefore, our kernel has the following compiled-in features:

  • device drivers for the “rootfs”: USB mass-storage.
  • File-systems: ext3.
  • Misc: BSD process accounting, /proc support, inotify support, NO initrd (we do not need one as we can mount the “rootfs” device directly), NO compiled-in wireless support (only by modules, thus you cannot download a “rootfs” over-the-air by PXE, for example), NO swap support (Bifferboard I/O is too slow for swapping).
  • Size: very small, only 918224 bytes.

Why would someone need such a kernel?
The size of the bootable kernel image (+the initrd ramdisk, if any) on a Bifferboard single-chip-computer is limited to:

  • 974848 bytes with Biffboot v2.0
  • 983040 bytes with BiffBoot v1.X

Furthermore, some patches and special configuration is required for the RDC chip which is the heart of the system. The creator of Bifferboard has done this for us already – he developed the patch and created a minimal config for the 2.6.30.5 Linux kernel.

In order to merge the Bifferboard minimal kernel config with a config where all modules are enabled, I do the following:

  • Make a kernel config with all possible modules enabled by executing “make allmodconfig“. The problem with this config is that it has every possible option selected as “Yes”, not only the modules. Therefore, I substitute every “Yes” (which is not a module) to “No” by executing “perl -pi -e ‘s/=y/=n/g’ .config“. This way I have only config entries which say “CONFIG_SOME_OPTION=m”.
  • Download the other minimal kernel config which I want to merge with priority over the “all modules config”. I make a “grep =y .config-biff > .config-biff-yes“. This way I leave only the “Yes” selected kernel config options, nothing more.
  • Finally, I can merge the config files into one by concatenating them. The file which is concatenated last has the most priority. This is how Kconfig merges the config lines and resolves conflicts or redefinitions of the same kernel option.
  • There is however a problem with this automatic way of generating and merging an all-modules kernel config – there are sections in the kernel config which add no additional code to the kernel (thus add no space either) but they “hide” their child sub-sections. One has to go through the kernel menu manually and select with “Yes” every menu option which has a sub-menu associated with it. You can easily recognize such menu options by the “—>” ending after their menu title. I’ve created a third config which is also being merged as last which selects all such options as “Yes” (multiple CONFIG_SUBMENU_EXAMPLE=y).
  • If you want to overwrite anything at the very end, you can create a fourth config file and merge it as very last.

Here is a Bash script which does what I’ve currently described: http://www.famzah.net/download/bifferboard/obsolete/build-biff-kernel-2.6.30.5-deb.sh.

Note that when you have no initrd and boot from a USB mass-storage device, you have to add “rootdelay=30” (or less) to your kernel command line. It takes some time for the USB mass-storage devices to get initialized. If there is no “rootdelay” option specified, the kernel tries to mount the “rootfs” device immediately which ends up in Kernel panic – not syncing: VFS: Unable to mount root fs. This very useful article describing the initial RAM disk (initd) in detail helped me to find out why the original Ubuntu kernel+initrd gave no kernel panic and was able to mount the root file-system from my USB stick, but at the very same time my custom kernel couldn’t do it. I did some initrd debugging and found out that it simulates the kernel command line option “rootdelay” – it polls if the “rootfs” device has been detected, every 0.1 seconds.

UPDATE: The option “rootwait” is what I was actually looking for. It is similar to “rootdelay=NN”, only that it waits forever for a root device and continues with the boot immediately after the root device is found, thus the kernel wastes no time in just waiting for “NN” seconds to elapse.

You can read my next article which gives detailed instructions on how to build a kernel suitable for Bifferboard and package it as .deb files.


by Leave a comment

Qemu .deb package for the RDC Bifferboard hardware

Following the instructions found at these articles, I build a .deb package for Qemu which is suitable for the RDC processor which is used by Bifferboard. The instructions and patches can be found at the official Qemu Wiki page of Bifferboard.

There is nothing special I’ve done here, just packaged the qemu binary, so that you can easily try the “qemu-rdc” binary. The download link follows:

Here are some simple instructions on how to test your own “bzImage” kernel build:

#
# Installation instructions for the .deb package and for the Qemu setup
#
famzah@FURNA:~$ wget http://www.famzah.net/download/bifferboard/qemu-rdc_0.10.5-1_i386.deb
famzah@FURNA:~$ sudo dpkg -i qemu-rdc_0.10.5-1_i386.deb
famzah@FURNA:~$ mkdir test-kernel
famzah@FURNA:~$ cd test-kernel/
famzah@FURNA:~/test-kernel$ svn co https://bifferboard.svn.sourceforge.net/svnroot/bifferboard/qemu/
famzah@FURNA:~/test-kernel$ cd qemu/run
famzah@FURNA:~/test-kernel/qemu/run$ vi run-qemu.sh # at the last line, change "qemu" with "qemu-rdc"

#
# You can now test your kernel/rootfs build. For example:
#
famzah@FURNA:~/test-kernel/qemu/run$ cp /home/famzah/biffer/qemu/custom_bzImage ./bzImage
famzah@FURNA:~/test-kernel/qemu/run$ QEMU_BIN=qemu-rdc ./run-qemu.sh

If you want to attach a USB mass-storage device and try your rootfs build there, please follow the instructions at the official Qemu Wiki page of Bifferboard on which parameters to add to “qemu-rdc” in “run-qemu.sh”.

You can exit the emulator by pressing CTRL+a and “x”. You will get some help info by pressing CTRL+a and “?”. See the man or documentation pages of “qemu” for more information.

In a few days I’ll post an article and a .deb package for a kernel 2.6.30.5 build with (almost) all possible modules, suitable for running a native i386 Debian rootfs installation on Bifferboard.

P.S. Today I got my serial USB RS232 @ 3.3V cable and can now start with some real tests 😀


by 1 Comment

Record desktop activity by making regular screenshots on Ubuntu

If you want to capture your desktop regularly for accounting or other purposes, here is how I implemented this on my Kubuntu desktop machine.

I found the following packages in my Kubuntu repository:

  • scrot – easy batch mode, only console interface
  • deskscribe – just records in some text log files, no image screenshots
  • ksnapshot – dcop problems while trying to make it work in batch mode

The winner is scrot. The simple Bash scripts I developed do the following:

  • Makes a snapshot, suitable for running automatically by crontab (make-snapshot.sh)
  • Tests if there are recent snapshots in a specified folder; an error is issued otherwise (test-snapshot.sh)

Here is what I’ve put in my user’s crontab (“crontab -e”):

* * * * * ~/make-snapshot.sh :0 /no-backup/famzah/snapshots
* * * * * ~/test-snapshot.sh 5 /no-backup/famzah/snapshots

This way a snapshot is made every minute. Every five minutes a check is made if the snapshot utility works properly. In the case of an error, the output from the “test-snapshot.sh” script is sent via email by crontab. This is a standard feature of crontab.

Update: The snapshots are now automatically split into sub-directories according to the current date “%Y-%m-%d/”.

The scripts have a help message, in case any of the parameters are not very clear. You need to install the “scrot” package by the following command:

sudo apt-get install scrot

Tested with Kubuntu Karmic and Lucid.

An exercise left for the reader 🙂 – a crontab script to clean up very old directories with screenshots. Hint: A simple “find … -type d -mtime … | xargs rm …” should do the trick.


by 9 Comments

Infonotary E-Signature with Cardman 6121 on Kubuntu Karmic and Lucid

There are three systems involved in using an Infonotary e-signature with a reader in Firefox 3.5/3.6 on Linux 32-bit:

Installation instructions for Kubuntu Karmic and Lucid follow:

  1. Execute the following in a terminal console: 
    sudo apt-get install pcscd pcsc-omnikey
sudo tar -C / -zxf HiPath_SIcurity_Card_API_V3_1_010_Linux.tar.gz
sudo ln -s /lib/libpcsclite.so.1 /lib/libpcsclite.so.0
  2. Review the “Security device settings in Firefox 3.5/3.6” paragraph below and set up “/usr/local/lib/libsiecap11.so” in Firefox
  3. Install the Infonotary root certificate chain by following the instructions on the Infonotary wiki page. Review the “Инсталиране на удостоверителната верига на Инфонотари” section there. Make sure that you edit the CA certificate trust settings exactly as described.

Update: Since I upgraded to Lucid, when I plug in my Cardman reader, I need to restart “pcscd” and Firefox before I can use it. The command for restarting “pcscd” is “sudo /etc/init.d/pcscd restart”.

Some more detailed explanation about the above commands and programs follows. If you are in a hurry, you can safely skip them. I’m using a 32-bit installation of Kubuntu.

Drivers for the reader: Prior to Karmic 9.10 I used the “opensc” package, not the Siemens HiPath Sicurity API library. The “opensc” package no longer works for me. Make sure that the following packages are not installed on your system, the Siemens API library provides their functionality:

sudo apt-get --purge remove opensc libopensc2 libopenct1 openct libccid

Note that the Siemens API library has some dependency problems on newer systems. It is linked against “/lib/libpcsclite.so.0”, but the package “libpcsclite1” now ships “/lib/libpcsclite.so.1”. They seem fully compatible though (or are the same library?). Therefore, a symlink “/lib/libpcsclite.so.0 -> /lib/libpcsclite.so.1” must be made. You can check if your Siemens library installation works well by issuing the command “ldd /usr/local/lib/libsiecap11.so”. If you see something like the following:

libpcsclite.so.0 => not found

…then there is a problem. You have to re-check if you made the symlink as advised.
If you see something like the following:

libpcsclite.so.0 => /lib/libpcsclite.so.0 (0x00466000)

…then you are OK.

Middleware software: I’ve always used “pcscd”. On Karmic I tried “openct” too, but it didn’t work for me.

Security device settings in Firefox 3.5/3.6: Edit->Preferences->Advanced->Encryption->Security Devices->Load->Module filename: /usr/local/lib/libsiecap11.so

There are some instructions on the Infonotary Wiki page too, but I’m not positive if they are up-to-date and suitable for Kubuntu Karmic or Lucid.

Just a side note: While I was using the “opensc” drivers, I found out that if you choose “/usr/lib/onepin-opensc-pkcs11.so” for “Module filename” in Firefox, then you won’t be asked twice for your PIN code (actually the second request was for something like “Secondary authentication” PIN). Prior to this, I used “/usr/lib/libopensc-pkcs11.so” and it worked well too – I typed nothing for Secondary authentication, but it was annoying.

Download disclaimer about my copy of the “HiPath SIcurity Card API V3.1 PKCS#11 for Linux”: I uploaded the copy of this archive file as I got it from my card reader vendor. I give no guarantee for the integrity of this copy and I cannot be held liable for any security or other damage, whatsoever. You have been warned.