sd-image: Fix Raspberry Pi 4 image builder #78090
Conversation
|
Is this tested? I'm not too confident in what I wrote... |
| @@ -20,12 +20,23 @@ | |||
| firmwareSize = 128; | |||
| # This is a hack to avoid replicating config.txt from boot.loader.raspberryPi | |||
| populateFirmwareCommands = | |||
| "${config.system.build.installBootLoader} ${config.system.build.toplevel} -d ./firmware"; | |||
| "${config.system.build.installBootLoader} ${config.system.build.toplevel} -d ./"; | |||
There was a problem hiding this comment.
Why is this line even necessary?
As far as I can tell, it only runs for the initial SD card image build... and yet, my bootloader is properly configured everytime that I update the system, so I don't understand what this is doing one-time that is needed?
There was a problem hiding this comment.
Yep, very good point. I think with the removal of ./firmware, it's probably not necessary at all.
I'll remove it and take it for a spin later when I get home
|
This looks like what I've been using, but I haven't tested from scratch with a new SD Card. Also, I have one question about one of the lines. |
@diamondburned Yep, I've tested it on a fresh card. Boots fine and config changes work nicely 🙂
|
These changes address the issues outlined in NixOS#73487. They allow for rebuilds of system configuration to persist on the Raspberry Pi 4. Without these changes, SD images generated from this expression won't write their boot configs correctly, and thus the Pi will just reboot to the installer configuration. Along with this, also create '/files/var/empty' to allow for sshd to start up correctly.
cmacrae
force-pushed
the
raspbery_pi_4/fix_sdimage_builder
branch
from
3470a8a
to
febcf75
Compare
|
There's another issue that I've had to work around and I've seen others mention - this module is still not really able to be included by the end user in a day-to-day usage device - you can't remove the installation-device profile and thus can't remove the nixos user, enable SSH at boot, etc. cc: @samueldr |
| # As the boot process is done entirely in the firmware partition. | ||
| populateRootCommands = ""; | ||
| # /var/empty is needed for some services, such as sshd | ||
| populateRootCommands = "mkdir -p ./files/var/empty"; |
There was a problem hiding this comment.
If this is required, this shouldn't be handled here. This should be fixed upstream in NixOS so that when it is missing, it works. I think this explains an issue I saw on another board, but did not investigate.
At the very least, if it's not part of some tmpfiles declaration, it should be part of the first boot commands in the generic sd image builder.
There was a problem hiding this comment.
I thought this would be handled in the activation script:
There was a problem hiding this comment.
iirc Pi images are treated as if they're live CDs, which doesn't run this. I'm not sure though, I just know that without those commands, there wouldn't be a /var/empty.
There was a problem hiding this comment.
Yeah that sounds right, might need this for the other rpi images too.
There was a problem hiding this comment.
yes, I've used this same for rpi3:
systemd.tmpfiles.rules = [
"d /var/empty - - - -"
];
There was a problem hiding this comment.
I wonder what's the failure mode here. Why isn't it required for other systems than the ARM images?
There was a problem hiding this comment.
On rpi3 I'm also experiencing sshd crashing with Missing privilege separation directory: /var/empty. Only on the first boot. If i reboot once, it's fine.
On the first boot when it's not working dmesg | grep /var/empty gives me:
[ 8.485396] stage-2-init: mkdir: cannot create directory '/var/empty': No space left on device
[ 8.536393] stage-2-init: find: '/var/empty': No such file or directory
[ 8.545242] stage-2-init: chmod: cannot access '/var/empty': No such file or directory
[ 8.556068] stage-2-init: chown: cannot access '/var/empty': No such file or directory
Seems like there is no space left on the sd card at this point? Maybe because resizing hasn't have happened yet?
On the second boot there is nothing in dmesg related to /var/empty.
Should i open a bug report for this?
There was a problem hiding this comment.
Oh, that could be the root cause of this issue I guess. I would rather this gets fixed appropriately rather than patched over.
If you open a bug, it is not likely sshd-specific, but really this one issue. And please do, cc me once you do.
There was a problem hiding this comment.
I vote for merging this immediately, since a hack that fixes broken sshd is better than broken sshd.
There was a problem hiding this comment.
t. person that has wasted the last hours trying to log into sshd on his raspberrypi.
|
This is the installer image, as described by the path of the file. It shouldn't be included on a running end-user system. We don't usually provide hardware-specific configurations in the Nixpkgs repo. For this there is nixos-hardware where we probably should begin adding SBCs too. But you're right that this is some kind of expectations mismatch. The end-user wants to run the raspberry pi system on their sd card, so why can't they include sd-image-raspberrypi4? Well, that's the In fact, that profile file, I announce, will be removed from 20.03 once 20.03 is branched off. Noting again: as previously stated, it will be kept in unstable up until the moment mainline Linux runs on the Raspberry Pi 4. Once mainline boots on the Pi 4, the generic aarch64 image will be the image for both the pi 3 and 4. |
| "/boot" = { | ||
| device = "/dev/disk/by-label/FIRMWARE"; | ||
| fsType = "vfat"; | ||
| }; |
|
@samueldr On my Raspberry PI, when I change Shouldn't the content of /dev/sda1 be replaced on every I stumbled upon this while trying to bring a RPI Kisok to work using NixOS and also requested for help here: https://discourse.nixos.org/t/raspberry-pi-3-official-touch-screen-not-working/5735/5?u=vancoding |
|
I think this just the installer image, so it won't affect running systems (i.e. |
|
@kwohlfahrt Ah, okay. Yeah, having the same configuration for image generation and updating is what I'm trying to achieve. I want to manage many Raspberry PIs, which should have all the same configuration (which gets updated from time to time). And adding an additional Raspberry PI should be as easy as taking this configuration and generating an image for it. But that's OT, sorry. |
|
If you can reproduce your issues, can you validate that, with #90119 in the commit you are using to build the image, the installer image works as expected? It should now:
|
|
The build of the image stopped working, but I didn’t get my Raspberri Pi 4
Model B (armv7l) to accept ssh (I don’t have a mini-HDMI cable here so I
can’t attach a monitor).
I decided to just use raspian and try to nixos-infect the system instead,
because I have no idea how to debug this.
…On Sun, Jun 21, 2020 at 4:53 AM Samuel Dionne-Riel ***@***.***> wrote:
If you can reproduce your issues, can you validate that, with #90119
<#90119> in the commit you are using
to build the image, the installer image works as expected?
It should now:
- Mount the boot partition correctly
- Use a less confusing label for the boot partition
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#78090 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/AAYB5ZSZ5SRUIZZCRKXJEOTRXVYZPANCNFSM4KJBLNWQ>
.
|
|
s/stopped working/stopped failing/
I don’t know if the system boots at all or if the sshd crashes or if my
config is just plain wrong.
On Mon, Jun 22, 2020 at 7:40 PM Philip Patsch <philip.patsch@tweag.io>
wrote:
… The build of the image stopped working, but I didn’t get my Raspberri Pi 4
Model B (armv7l) to accept ssh (I don’t have a mini-HDMI cable here so I
can’t attach a monitor).
I decided to just use raspian and try to nixos-infect the system instead,
because I have no idea how to debug this.
On Sun, Jun 21, 2020 at 4:53 AM Samuel Dionne-Riel <
***@***.***> wrote:
> If you can reproduce your issues, can you validate that, with #90119
> <#90119> in the commit you are
> using to build the image, the installer image works as expected?
>
> It should now:
>
> - Mount the boot partition correctly
> - Use a less confusing label for the boot partition
>
> —
> You are receiving this because you commented.
> Reply to this email directly, view it on GitHub
> <#78090 (comment)>, or
> unsubscribe
> <https://github.com/notifications/unsubscribe-auth/AAYB5ZSZ5SRUIZZCRKXJEOTRXVYZPANCNFSM4KJBLNWQ>
> .
>
|
|
Note that as with all images using the installer profile, the SSHD will not start by default. Furthermore, it would require additional credentials on the device. This is all assuming you are not using a custom build. Now, what I understand from this discussion is that this is a first-boot only issue, and is not specific to the raspberry pi. Re-doing and fixing the hack here is not a solution, it needs to be done for all sd images. BUT, note that we just added a patch that changes something with how the images are built, and it's possible it also fixes that issue with starting sshd since it may now have enough space on the partition during boot for this to work. The proper solution is the one from @danbst Which I think would be appropriate to add to the generic I do not have a setup with a reproduction of the issue, so I'm not in the best situation to validate that issue. |
The Raspberry Pi 4 Model B is an aarch64 device, but since you said "(armv7l)" I am assuming this comes from raspios (née Raspbian) which is running on 32 bit. I don't know that you can successfully infect a 32 bit ARM system with an aarch64 NixOS system. |
Ah, I was super confused by that. So I think I’m gonna try again with the
I wonder, nixos-infect should not require running any 64bit executables before reboot, and after reboot it has a 64bit kernel … though the question is whether the boot partition stuff is set up correctly by nixos-infect anyway, and if it’s not I would be in the same situation as with the SD image. Thank you for the help! |
|
Feel free to reopen if it's still relevant. |
Motivation for this change
These changes address the issues outlined in #73487.
They allow for rebuilds of system configuration to persist on the
Raspberry Pi 4. Without these changes, SD images generated from this
expression won't write their boot configs correctly, and thus the Pi
will just reboot to the installer configuration.
Along with this, also create
/var/emptyto allow for sshd tostart up correctly.
Things done
sandboxinnix.confon non-NixOS linux)nix-shell -p nixpkgs-review --run "nixpkgs-review wip"./result/bin/)nix path-info -Sbefore and after)