Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
New Member
Posts: 4
Registered: ‎06-11-2014
Kudos: 2

Building custom image for EdgeMax

Hi,

I would like to build a custom firmware image for EdgeMAX that includes various squeeze packages etc and a later version of Squid.

Managed to build an image by decompressing the standard image, adding files to the squashfs-root folder and then recreating squashfs.tmp.

I am using the same squashfs tools that Vyos use on a a debian squeeze box.

However I am hitting one issue that has wasted a day of my time so far and I have been unable to resolve.

if I logon as the ubnt user, then I cannot configure the user

ubnt@ubnt:~$ configure
Failed to set up config session

This occurs even when I unsquash the filesystem and then resquash it without making any modifications.

I am wondering if it's becuase Ubiquiti use a special version of squashfs-tools?

I guess it's something to do with selinux or something similar as I am getting errors like this

ubnt@ubnt:~$ /usr/sbin/ubnt-ifctl list-sys-intfs ethernet
Bus error

Can anyone lighten up my day?

Thanks

Danny

 

 

 

New Member
Posts: 4
Registered: ‎06-11-2014
Kudos: 2

Re: Building custom image for EdgeMax

How come my post has 0 replies. Do Ubiquity have any objection to building a custom image. I thought the idea was that it's an open platform?
Established Member
Posts: 1,043
Registered: ‎02-17-2014
Kudos: 374
Solutions: 40

Re: Building custom image for EdgeMax

[ Edited ]

I would lay money that your thread will go over the head of 90% of the users on this forum.  Stick with it.  You just haven't caught the right person's eye yet.

I love to play and can do a fair number of things, but even so, this thread is definately beyond my experiance.

Regular Member
Posts: 612
Registered: ‎11-06-2013
Kudos: 210
Solutions: 24

Re: Building custom image for EdgeMax

The EdgeRouter line is not an open platform from anything I've read. In fact using Debian specifically means that people do not have to release any custom code. That is part of the Debian license structure.

SuperUser
Posts: 21,560
Registered: ‎11-20-2011
Kudos: 7578
Solutions: 229

Re: Building custom image for EdgeMax


sorvani wrote:

The EdgeRouter line is not an open platform from anything I've read. In fact using Debian specifically means that people do not have to release any custom code. That is part of the Debian license structure.


That's completely false.

http://en.wikipedia.org/wiki/Debian_Social_Contract



isp builder | linux sorcerer | datacenter automation conjurer | paid consultation available
SuperUser
Posts: 21,560
Registered: ‎11-20-2011
Kudos: 7578
Solutions: 229

Re: Building custom image for EdgeMax

The problem you may run into is that the cavium specific SDK has proprietary parts for the hardware. Although you could build a generic MIPS64 system, you would lack the hardware acceleration the chipset provides (and what makes it special).



isp builder | linux sorcerer | datacenter automation conjurer | paid consultation available
Previous Employee
Posts: 10,504
Registered: ‎06-09-2011
Kudos: 3018
Solutions: 945
Contributions: 16

Re: Building custom image for EdgeMax


Josh_SPITwSPOTS wrote:

The problem you may run into is that the cavium specific SDK has proprietary parts for the hardware. Although you could build a generic MIPS64 system, you would lack the hardware acceleration the chipset provides (and what makes it special).


Only the kernel needs the cavium SDK, but I don't think he's trying to recompile a whole system.  It sounds like he trying to do what I was trying to do at LINK.  

EdgeMAX Router Software Development
Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5353
Solutions: 1654
Contributions: 2

Re: Building custom image for EdgeMax


danielniasoff wrote:

I am wondering if it's becuase Ubiquiti use a special version of squashfs-tools?

Just to clarify, no we don't use any modified/special squashfs-tools, but building custom firmware images is not officially recommended/supported of course.

On the other hand, as discussed before, in most (pretty much all?) cases you don't need to build a whole image to do customizations. With the "firstboot.d", "pre-config.d", and "post-config.d" mechanisms plus the preservation of the whole "/config" directory across upgrades, one can basically create a "tarball" that can be used to "deploy" any customizations.

For example, adding a package can be done by putting the .deb somewhere in /config and adding a script in "/config/scripts/firstboot.d" to install the package. Patching files can be done the same way etc. etc.

Deployment is similar too. After getting a new unit, deploy the tarball, upgrade the software and reboot (which need to be done anyway), and that's it.

Personally I think this is easier than building the whole image (I should know a little since I implemented the whole build system Icon Smile). And more importantly, if something is messed up, a reset to factory default will clean it right up (which won't work for a broken custom image).

If you do have some requirements that are not possible to accomplish using these mechanisms, let us know and perhaps we can look into extending them. If you still think you want to go the image building route, you are certainly welcome to discuss and share your experience with the community of course.

New Member
Posts: 4
Registered: ‎06-11-2014
Kudos: 2

Re: Building custom image for EdgeMax

Hi,

Thanks for your replies. I am relieved that this post has generated some interest Smiley Happy


UBNT-ancheng wrote:


For example, adding a package can be done by putting the .deb somewhere in /config and adding a script in "/config/scripts/firstboot.d" to install the package. Patching files can be done the same way etc. etc.



Basically I am planning to build a service built on the EdgeMAX.

I could use the above approach but this approach would mean manual intervention if the user messes up the image and deletes the config files etc.

All I am trying to do is edit the existing image and inject a few files and scripts.

However looking at various posts it seems that just extracting and rebuilding the factory firmware without making changes breaks it somehow and I can't see any responses that indicate why this is occuring.

Here are the steps that I am taking

root@debian:/edgeos/custom# tar -xf ../ER-e100-v1.4.1.build4648309.tar
root@debian:/edgeos/custom# unsquashfs squashfs.tmp
root@debian:/edgeos/custom# rm squashfs.tmp
root@debian:/edgeos/custom# mksquashfs squashfs-root squashfs.tmp
root@debian:/edgeos/custom# md5sum squashfs.tmp | awk '{ print $1 }' > squashfs.tmp.md5
root@debian:/edgeos/custom# tar -cf ../CUSTOM-e100-v1.4.1.build4648309.tar

I am doing this on a squeeze box with the squashfs-tools that Vyos use for thier images which supports xattr.

So what can I be doing wrong?

You must know if you built the build system Smiley Happy

Thanks alot.

Daniel

Previous Employee
Posts: 13,551
Registered: ‎06-10-2011
Kudos: 5353
Solutions: 1654
Contributions: 2

Re: Building custom image for EdgeMax


danielniasoff wrote:

All I am trying to do is edit the existing image and inject a few files and scripts.


That sounds like it would be really straightforward to do with a simple firstboot.d script, so I would recommend that approach.

On the other hand, we do recognize that it is people's prerogative to do what they want with the device they purchased Icon Smile  So if you do decide to go the other route, you are certainly welcome to discuss and share the experience with the community. For example, there have been quite a few forum threads discussing opening up the device enclosure, playing with bootloader, even modifying hardware, etc., none of which is officially recommended/supported of course, but nonetheless we welcome the unofficial discussions Icon Smile

New Member
Posts: 4
Registered: ‎06-11-2014
Kudos: 2

Re: Building custom image for EdgeMax

Thanks

Do you have any idea why I am getting the error with the ubnt user on the device after unsquashing and resquashing the filesystem without making any changes.

Can you share the version of squashfs that you are using?

New Member
Posts: 9
Registered: ‎08-17-2015
Kudos: 14

Re: Building custom image for EdgeMax

Did you ever find a resolution to this?  I want to do the same thing you described, and create a custom image.  I get the exact same problem.  Once the filesystem has been recreated with mksquashfs, the only user that can create a configuration session is root.

 

 

New Member
Posts: 9
Registered: ‎08-17-2015
Kudos: 14

Re: Building custom image for EdgeMax

After a long time searching I finally found a work around for this.  The problem comes from unsquashfs not persevering all of the xattrs of the files that are extracted.  I am not sure why this is happening yet, but as a work around you can manually set the xattrs after the extraction.  Here is a list of the files that didn't get the attribute set in 1.7.0. 

 

The easiest way to find what attributes are not set is to run unsquashfs as standard user.  All of the files that we have a problem with will print printed to stderror. 

 

squashfs-root/bin/kmod - security.capability=0sAQAAAgAAAQAAAAAAAAAAAAAAAAA=

squashfs-root/opt/vyatta/sbin/my_cli_bin - security.capability=0sAQAAAgAAIAAAAAAAAAAAAAAAAAA=

squashfs-root/opt/vyatta/sbin/my_cli_shell_api - security.capability=0sAQAAAgAAIAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/brctl - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/ethtool - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/ip - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/ipset - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/sysctl - security.capability=0sAQAAAgAAIAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/tc - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/sbin/xtables-multi - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/arp - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/conntrack - security.capability=0sAQAAAgAQAAAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/ntpdate - security.capability=0sAQAAAgAAAAIAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/tcpdump - security.capability=0sAQAAAgAgAAAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/ubnt-discover - security.capability=0sAQAAAgAgAAAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/ubnt-ifctl - security.capability=0sAQAAAgAQAgAAAAAAAAAAAAAAAAA=

squashfs-root/usr/sbin/ubnt-util - security.capability=0sAQAAAgAgIAAAAAAAAAAAAAAAAAA=

 

 

New Member
Posts: 1
Registered: ‎06-11-2014

Re: Building custom image for EdgeMax

Hi Adama,

 

Well done, I was really struggling with that.

 

I gave up with the EdgeMax because of this but it might be useful in the future.

 

Surprised that UBNT couldn't let me in on this "secret" but it's out now so we've won!

 

Thanks

 

Daniel

Reply