João, I’ve finally finished writing up how I build the current trunk of Alt-F. I started down this road because I needed a build with USB HID support in the kernel and then figured why not get all the recent commits too while I’m at it. It was a good (and time consuming) learning exercise for me. It’s to the point where everything I use either seems to work fine or a fix is beyond my skill set. I would like your feedback on some of my steps in case I did something fundamentally wrong. I have only done builds for the dns325 board family since I've retired my 323 (and it seems impossible to shrink everything to fit the limited flash size anyway.) Here is my process:
1) Use openSUSE Leap 15.2
It was straightforward to get a successful build on 15.2 while anything later had a lot more errors. I decided not to fight it and just stuck with 15.2.
2) Install dev tools per wiki, including intltools and bc as noted for Leap 15
3) Install antlr3-java
This was an additional package that was needed to get the full Alt-F build to complete.
While you’ve said this patch shouldn't be needed, I could not get a build to work unless it was applied.
7) patch -p0 < Alt-F-1.0-openSUSE-Leap-15.0.patch
The patch will complain that some changes are already applied. For all prompts, just hit enter.
8) modify configfs file to fix URL
The update_ca.sh file was missing once I checked the finished build, and it was not in the source tree.
10) modify customroot/usr/bin/update_ca.sh to fix URL
112,113c112,114
< base_pkgs="alt-f-utils mdadm e2fsprogs dosfstools ntfs-3g gptfdisk-sgdisk sfdisk dropbear portmap nfs-utils kexec openssl zlib popt"
< base_pkgs2="inadyn-mt smartmontools at ntp-common cifs-utils openssh-sftp vsftpd rsync wget msmtp stunnel libiconv"
---
> base_pkgs="alt-f-utils mdadm e2fsprogs dosfstools ntfs-3g gptfdisk-sgdisk sfdisk dropbear portmap nfs-utils kexec zlib popt"
> base_pkgs2="inadyn-mt smartmontools at ntp-common cifs-utils openssh-sftp vsftpd rsync wget msmtp stunnel libiconv openssl"
I did this because otherwise I get a filesystem too large error later in the build process. Moving openssl to base_pkgs2 did not seem to have any negative effects but I would like your opinion if that was the right thing to do.
12)
modify package/stunnel/
stunnel.mk to fix URL
This is for the new Entware scripts with some additional fixes added below.
15) modify customroot/usr/www/cgi-bin/packages_opkg.cgi
64c64
< if ! grep -qE armv5soft\|armv7soft $CONFF 2> /dev/null; then
---
> if ! grep -qE armv5-3.2\|armv7-3.2 $CONFF 2> /dev/null; then
151c151
< if (system("opkg -V0 compare_versions " v " \">\" " ver[uinst[nm]]))
---
> if (system("opkg -V0 compare-versions " v " \"<\" " ver[uinst[nm]]))
16) modify customroot/usr/www/cgi-bin/packages_opkg_proc.cgi
226c226
< if ! res=$(opkg update 2>&1); then
---
> if res=$(opkg update 2>&1); then
17) modify package/alt-f-utils/alt-f-utils-0.1.11/dns320l-daemon.c
1250c1250
< if(((sleepCount * pollTimeMs) % 15000) == 0)
---
> if(((sleepCount * pollTimeMs) % 15000) == 0) {
1251a1252,1253
> sleepCount = 0;
> }
This fixes the issue with the fan control counter being a signed value that I discussed in another thread.
18) modify customroot/usr/www/cgi-bin/firmware.cgi
21,22c21,22
< flashed_kernel=$(nanddump -qal 1 /dev/$kernel | grep -o 'Alt-F.*')
< flashed_initramfs=$(nanddump -qal 1 /dev/$initramfs | grep -o 'Alt-F.*')
---
> flashed_kernel=$(nanddump -qal 1000 /dev/$kernel | grep -o 'Alt-F.*')
> flashed_initramfs=$(nanddump -qal 1000 /dev/$initramfs | grep -o 'Alt-F.*')
I saw that this page would not read the current versions from flash and this change fixes that.
10c10
< MXML_SOURCE = mxml_$(MXML_VERSION).orig.tar.gz
---
> MXML_SOURCE = mxml-$(MXML_VERSION).tar.gz
21) modify customroot/usr/www/cgi-bin/sys_utils_proc.cgi
52c52
< cat $1 | grep -iE "$pat"
---
> cat $1 | grep -iE "$pat" | sed 's/&/\&/g; s/</\</g; s/>/\>/g; s/"/\"/g; s/'"'"'/\'/g'
54c54
< cat $1
---
> cat $1 | sed 's/&/\&/g; s/</\</g; s/>/\>/g; s/"/\"/g; s/'"'"'/\'/g'
Syslog would sometimes contain reserved HTML characters resulting in chunks of the log not being displayed. This happens for example whenever msmtp sends an email.
22) modify customroot/usr/www/cgi-bin/sys_utils.cgi
232c232
< eval $(openssl x509 -in /etc/ssl/certs/server.pem -noout -subject | awk -F '/' '{print $2,$3,$4}')
---
> eval $(openssl x509 -in /etc/ssl/certs/server.pem -noout -subject -nameopt compat | awk -F '/' '{print $2,$3,$4}')
This fixes the display of certificate info when the updated openssl package is used.
23) modify customroot/etc/Alt-F with desired version string
24) echo "Certificates|certs.cgi" >> customroot/usr/www/cgi-bin/Setup.men
This would normally be done as part of the package postinst script, but it doesn’t happen when I do a full build.
25) modify customroot/usr/www/cgi-bin/certs.cgi
175a176,177
> <tr><td>Save CA certificate and key to backup file</td>
> <td><input $cadis type=submit name="CAsave" value="saveCA" $(ttip saveca_tt)></td></tr>
185,187d186
< <tr><td>Save CA certificate and key to backup file</td>
< <td><input $cadis type=submit name="CAsave" value="saveCA" $(ttip saveca_tt)></td></tr>
<
The new certificate setup page was unable to save or load the fake root CA. I was able to get saving to work with the change above, but loading is still broken and it is beyond my ability to fix it.
26) chmod +x customroot/usr/www/cgi-bin/certs*.*
27) modify customroot/etc/settings
37a38,41
> /etc/ssl/certs/rootCA.crt
> /etc/ssl/certs/rootCA.key
> /etc/ssl/certs/server.crt
> /etc/ssl/certs/server.key
38a43,44
> /etc/ssl/certs/stunnel.pem
> /etc/ssl/certs/vsftpd.pem
28) modify customroot/usr/sbin/hot_aux.sh
92c92,99
< logger -st hot_aux "$($i restart)"
---
> case "$i" in
> rcentware)
> logger -st hot_aux "$($i start)"
> ;;
> *)
> logger -st hot_aux "$($i restart)"
> ;;
> esac
When Entware is started from boot, the individual packages are started in reverse order. This causes problems with dependencies (between dbus and avahi in my case) so I made this correction.
29) . exports dns325
Use -Os for any prompt ending with "OPTIM) [] (NEW)", for any others just hit return. I would like feedback if this was the correct approach.
30) make >> build-dns325.log && echo OK || echo FAIL
31) ./mkinitramfs.sh
32) ./mkfw.sh
In the end I only get two warnings that are of concern:
WARNING: Package mtd-utils does not contains all files, might or not be OK!
WARNING: Package kernel-modules-armv5 does not contains all files, might or not be OK!
./mkpkg.sh -check mtd-utils
ls: cannot access './usr/sbin/ubi.sh': No such file or directory
./mkpkg.sh -check kernel-modules-armv5
ls: cannot access './usr/lib/modules/4.4.86/kernel/lib/zlib_deflate/zlib_deflate.ko': No such file or directory
ls: cannot access './usr/lib/modules/4.4.86/kernel/lib/zlib_inflate/zlib_inflate.ko': No such file or directory
I’d like your opinion on these errors and if I need to make any build adjustments. Thank you again for all the help you've given me over the years.
Bill