0xStubs

Computer science, IT, Photography

Stock Debian Jessie on the Raspberry Pi 2

With raspbian there is a ready-to-use Debian variant available for the Raspberry Pi 2. But since Debian itself already has great support for the armhf architecture, it is perfectly possible to run stock Debian on the Raspberry Pi 2. Here is how a bootable image of Jessie can be created.

This procedure has to be done on the Raspberry Pi 2 or another armhf system (update: Goulou added instructions to do it on an x86 machine in the comments below this article). It makes use of the systemd-nspawn utility to enter the container. Of course the container can be entered manually using chroot if systemd is not available.

Create and enter base system:

debootstrap jessie image
systemd-nspawn -D image

Set root password, hostname and timezone:

passwd
echo "jessieberry" > /etc/hostname
echo "Europe/Berlin" > /etc/timezone
ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime

Configure network for DHCP:

cat > /etc/network/interfaces.d/eth0 << EOF
auto eth0
iface eth0 inet dhcp
EOF

Configure fstab:

cat > /etc/fstab << EOF
/dev/mmcblk0p1 /boot vfat noatime 0 2
/dev/mmcblk0p2 / ext4 noatime 0 1
EOF

Configure apt sources. Here we add the raspberrypi repository as a source for a customized kernel and the necessary firmware. We use apt pinning to make sure that only those packages are installed from the raspberrypi repository.

cat > /etc/apt/sources.list << EOF
deb http://ftp.de.debian.org/debian jessie main contrib non-free
deb http://ftp.de.debian.org/debian jessie-updates main contrib non-free
deb http://security.debian.org jessie/updates main contrib non-free
deb http://archive.raspberrypi.org/debian wheezy main
EOF

wget http://archive.raspberrypi.org/debian/raspberrypi.gpg.key -O - | apt-key add -

cat > /etc/apt/preferences.d/raspberrypi << EOF
Package: *
Pin: origin archive.raspberrypi.org
Pin-Priority: 1

Package: raspberrypi-bootloader
Pin: origin archive.raspberrypi.org
Pin-Priority: 1000

Package: libraspberrypi0
Pin: origin archive.raspberrypi.org
Pin-Priority: 1000

Package: libraspberrypi-bin
Pin: origin archive.raspberrypi.org
Pin-Priority: 1000
EOF

Install additional software. libraspberrypi-bin pulls in kernel and firmware among some binary tools.

apt update
apt upgrade
apt install locales dbus openssh-server dosfstools libraspberrypi-bin
apt-get clean

Choose locales to generate and set a default locale for the system:

dpkg-reconfigure locales

Now sshd needs some tweaks. First we want to allow root login using a password (we might want to change this back later on the running system). Also we set up a service that generates fresh SSH host keys on the first boot-up. This way we can deploy the image to multiple machines.

sed -i 's/PermitRootLogin without-password/PermitRootLogin yes/g' \
    /etc/ssh/sshd_config

cat > /etc/systemd/system/sshdgenkeys.service << EOF
[Unit]
Description=SSH key generation on first startup
Before=ssh.service
ConditionPathExists=|!/etc/ssh/ssh_host_key
ConditionPathExists=|!/etc/ssh/ssh_host_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_rsa_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_dsa_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key
ConditionPathExists=|!/etc/ssh/ssh_host_ecdsa_key.pub
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key
ConditionPathExists=|!/etc/ssh/ssh_host_ed25519_key.pub

[Service]
ExecStart=/usr/bin/ssh-keygen -A
Type=oneshot
RemainAfterExit=yes

[Install]
WantedBy=ssh.service
EOF

mkdir /etc/systemd/system/ssh.service.wants
ln -s /etc/systemd/system/sshdgenkeys.service /etc/systemd/system/ssh.service.wants

Enable time synchronization and disable hwclock-save since there is no hardware clock on the Raspberry Pi 2. After that we can exit the container.

systemctl enable systemd-timesyncd
systemctl disable hwclock-save
exit

Assuming /dev/sdb is the SD-card we want to flash, partition it with two partitions: a 200MB primary partition of type c and another primary partition of type 83. Then we format and mount the paritions:

mkfs.vfat /dev/sdb1
mkfs.ext4 /dev/sdb2
mkdir /mnt/{boot,system}
mount /dev/sdb1 /mnt/boot
mount /dev/sdb2 /mnt/system

Copy all necessary files. Leave out SSH host keys, logs, private files and the machine-id.

rsync -av image/boot/ /mnt/boot
rsync -av --exclude=/etc/ssh/*_key* \
          --exclude=/var/log/* \
          --exclude=/root/* \
          --exclude=/etc/machine-id \
          --exclude=/boot/* \
          image/ /mnt/system

As a last step we need to recreate some files we left out since they are allowed to be empty but must exist. After that we can umount the partitions and the image should be ready to go.

touch /mnt/system/{var/log/lastlog,etc/machine-id}
umount /mnt/{boot,system}

5 Responses to Stock Debian Jessie on the Raspberry Pi 2

  1. zatalian says:

    I can’t install the raspberrypi-bin package. When i try “apt update” apt is looking for a “amd64” architecture in the repository…

    • Michael says:

      On what kind of system do you try to build the image? It has to be done on an armhf machine. You could for example do it directly on the Raspberry Pi 2. I guess you try doing it on an amd64.

      • zatalian says:

        Oops… I completly missed the the part that it has to be done on a armhf machine. I tried to do it on my desktop pc.

  2. Goulou says:

    Well, it’s doable in a amd64 machine, I just did it using the “qemu-arm-static” trick
    Basically, you have to enable execution of ARM binaries with qemu-arm-static in the “host” with the following commands (this is a VERY short version of it!) :
    echo -1 > /proc/sys/fs/binfmt_misc/qemu-arm 2>/dev/null
    echo “:qemu-arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfe\xff\xff\xff:/usr/bin/qemu-arm-static:” > /proc/sys/fs/binfmt_misc/register
    mkdir -p image/usr/bin/qemu-arm-static
    cp /usr/bin/qemu-arm-static image/usr/bin/qemu-arm-static
    cp /etc/resolv.conf image/etc/resolv.conf

    once you have put the qemu in the yet-to-be-created chroot, you can launch the first step normally with the extra argument specifying the architecture ( “debootstrap –arch=armhf jessie image” ). It works as if you were running an armhf host, and once it is done, you can even chroot in the target directory and “apt-get install” anything you want!

Leave a Reply to zatalian Cancel reply

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.