Size optimizations (remove debug symbols). Added 'Dropbear SSH' as additional overlay software. Added '/var/log/' log files. Added support for '/dev/pts' (required by Dropbear).

src/.config

@@ -44,6 +44,12 @@ SYSLINUX_SOURCE_URL=http://kernel.org/pub/linux/utils/boot/syslinux/syslinux-6.0
 #
 LINKS_SOURCE_URL=http://links.twibright.com/download/links-2.12.tar.bz2
 
+# You can find the latest Dropbear source bundles here:
+#
+#   http://matt.ucc.asn.au/dropbear/dropbear.html
+#
+DROPBEAR_SOURCE_URL=http://matt.ucc.asn.au/dropbear/releases/dropbear-2016.73.tar.bz2
+
 
 
 ####################################################

src/02_build_kernel.sh

@@ -55,6 +55,9 @@ else
     sed -i "s/.*CONFIG_LOGO_LINUX_CLUT224.*/\\# CONFIG_LOGO_LINUX_CLUT224 is not set/" .config
     echo "Boot logo is disabled."
   fi
+  
+  # Disable debug symbols in kernel => smaller kernel binary.
+  sed -i "s/^CONFIG_DEBUG_KERNEL.*/\\# CONFIG_DEBUG_KERNEL is not set/" .config
 fi
 
 # Compile the kernel with optimization for 'parallel jobs' = 'number of processors'.

src/09_generate_rootfs.sh

@@ -63,6 +63,13 @@ cp $GLIBC_PREPARED/lib/libnss_dns.so.2 lib
 
 # Copy all necessary 'glibc' libraries to '/lib' END.
 
+strip -g \
+  $SRC_ROOT/work/rootfs/bin/* \
+  $SRC_ROOT/work/rootfs/sbin/* \
+  $SRC_ROOT/work/rootfs/lib/* \
+  2>/dev/null
+echo "Size of libraries and executables has been reduced."
+
 echo "The initramfs area has been generated."
 
 cd $SRC_ROOT

src/README

@@ -15,10 +15,17 @@ have additional software being downloaded, built and installed on the ISO image.
 
 Available overlay software:
 
-  * Links - text based browser. Requires ~3MB additional space. Use the 'links'
+  * Links    - text based browser. Requires ~1MB additional space. Use the
-    command to activate the browser.
+               'links' command to activate the browser.
 
-In time there might be other overlay software packages available.
+  * Dropbear - SSH server/client. Requires ~1MB additional space. The build
+               process creates user 'root' with password 'toor'. These are
+               sample commands which demonstrate how to use Dropbear:
+    
+               SSH server (Alt + F1): dropbear -E -F
+               SSH client (Alt + F2): dbclient 10.0.2.15 -l root
+
+In time there may be other overlay software packages available.
 
 ###   ###   ###
 

src/build_minimal_linux_overlay.sh

@@ -3,4 +3,6 @@
 sh overlay_00_clean.sh
 sh overlay_01_get_links.sh
 sh overlay_02_build_links.sh
+sh overlay_03_get_dropbear.sh
+sh overlay_04_build_dropbear.sh
 

src/minimal_rootfs/etc/01_prepare.sh

@@ -33,5 +33,10 @@ mount -t devtmpfs none /dev
 mount -t proc none /proc
 mount -t tmpfs none /tmp -o mode=1777
 mount -t sysfs none /sys
+
+mkdir -p /dev/pts
+
+mount -t devpts none /dev/pts
+
 echo "Mounted all core filesystems. Ready to continue."
 

src/minimal_rootfs/etc/02_overlay.sh

@@ -34,11 +34,12 @@ mkdir /mnt/dev
 mkdir /mnt/sys
 mkdir /mnt/proc
 mkdir /mnt/tmp
+mkdir /mnt/var
 echo "Created folders for all critical file systems."
 
 # Copy root folders in the new mountpoint.
 echo "Copying the root file system to /mnt..."
-cp -a bin etc lib lib64 root sbin src usr /mnt 2>/dev/null
+cp -a bin etc lib lib64 root sbin src usr var /mnt 2>/dev/null
 
 DEFAULT_OVERLAY_DIR="/tmp/minimal/overlay"
 DEFAULT_UPPER_DIR="/tmp/minimal/rootfs"

src/overlay_02_build_links.sh

@@ -10,6 +10,8 @@ cd $(ls -d links-*)
 echo "Preparing Links work area. This may take a while..."
 make clean 2>/dev/null
 
+rm -rf ../links_installed
+
 echo "Configuring Links..."
 ./configure \
   --prefix=../links_installed \
@@ -19,12 +21,19 @@ echo "Configuring Links..."
   --without-ssl \
   --without-x
 
+# Set CFLAGS directly in Makefile.
+sed -i "s/^CFLAGS = .*/CFLAGS = \\-Os \\-s \\-fno\\-stack\\-protector \\-U_FORTIFY_SOURCE/" Makefile
+
 echo "Building Links..."
 make
 
+echo "Installing Links..."
 make install
-cp -r ../links_installed/bin $SRC_DIR/work/src/minimal_overlay
 
+echo "Reducing Links size..."
+strip -g ../links_installed/bin/* 2>/dev/null
+
+cp -r ../links_installed/bin $SRC_DIR/work/src/minimal_overlay
 echo "Links has been installed."
 
 cd $SRC_DIR

src/overlay_03_get_dropbear.sh

@@ -0,0 +1,39 @@
+#!/bin/sh
+
+SRC_DIR=$(pwd)
+
+# Grab everything after the '=' character.
+DOWNLOAD_URL=$(grep -i DROPBEAR_SOURCE_URL .config | cut -f2 -d'=')
+
+# Grab everything after the last '/' character.
+ARCHIVE_FILE=${DOWNLOAD_URL##*/}
+
+# Read the 'USE_LOCAL_SOURCE' property from '.config'
+USE_LOCAL_SOURCE="$(grep -i USE_LOCAL_SOURCE .config | cut -f2 -d'=')"
+
+if [ "$USE_LOCAL_SOURCE" = "true" -a ! -f $SRC_DIR/source/overlay/$ARCHIVE_FILE  ] ; then
+  echo "Source bundle $SRC_DIR/source/overlay/$ARCHIVE_FILE is missing and will be downloaded."
+  USE_LOCAL_SOURCE="false"
+fi
+
+cd source/overlay
+
+if [ ! "$USE_LOCAL_SOURCE" = "true" ] ; then
+  # Downloading Dropbear source bundle file. The '-c' option allows the download to resume.
+  echo "Downloading Links source bundle from $DOWNLOAD_URL"
+  wget -c $DOWNLOAD_URL
+else
+  echo "Using local Dropbear source bundle $SRC_DIR/source/overlay/$ARCHIVE_FILE"
+fi
+
+# Delete folder with previously extracted Dropbear.
+echo "Removing Dropbear work area. This may take a while..."
+rm -rf ../../work/overlay/dropbear
+mkdir ../../work/overlay/dropbear
+
+# Extract Dropbear to folder 'work/overlay/dropbear'.
+# Full path will be something like 'work/overlay/dropbear/dropbear-2016.73'.
+tar -xvf $ARCHIVE_FILE -C ../../work/overlay/dropbear
+
+cd $SRC_DIR
+

src/overlay_04_build_dropbear.sh

@@ -0,0 +1,93 @@
+#!/bin/sh
+
+SRC_DIR=$(pwd)
+
+if [ ! -d $SRC_DIR/work/glibc/glibc_prepared ] ; then
+  echo "Cannot continue - Dropbear SSH depends on GLIBC. Please buld GLIBC first."
+  exit 1
+fi
+
+cd work/overlay/dropbear
+
+# Change to the Dropbear source directory which ls finds, e.g. 'dropbear-2016.73'.
+cd $(ls -d dropbear-*)
+
+echo "Preparing Dropbear work area. This may take a while..."
+make clean 2>/dev/null
+
+rm -rf ../dropbear_installed
+
+echo "Configuring Dropbear..."
+./configure \
+  --prefix=$SRC_DIR/work/overlay/dropbear/dropbear_installed \
+  --disable-zlib \
+  --disable-loginfunc \
+  CFLAGS="-Os -s -fno-stack-protector -U_FORTIFY_SOURCE"
+
+echo "Building Dropbear..."
+make
+
+echo "Installing Dropbear..."
+make install
+
+mkdir -p ../dropbear_installed/lib
+
+# Copy all dependent GLIBC libraries.
+cp $SRC_DIR/work/glibc/glibc_prepared/lib/libnsl.so.1 ../dropbear_installed/lib
+cp $SRC_DIR/work/glibc/glibc_prepared/lib/libnss_compat.so.2 ../dropbear_installed/lib
+cp $SRC_DIR/work/glibc/glibc_prepared/lib/libutil.so.1 ../dropbear_installed/lib
+cp $SRC_DIR/work/glibc/glibc_prepared/lib/libcrypt.so.1 ../dropbear_installed/lib
+
+mkdir -p ../dropbear_installed/etc/dropbear
+
+# Create Dropbear SSH configuration BEGIN
+
+# Create RSA key.
+../dropbear_installed/bin/dropbearkey \
+  -t rsa \
+  -f ../dropbear_installed/etc/dropbear/dropbear_rsa_host_key 
+
+# Create DSS key.
+../dropbear_installed/bin/dropbearkey \
+  -t dss \
+  -f ../dropbear_installed/etc/dropbear/dropbear_dss_host_key 
+
+# Create ECDSA key.
+../dropbear_installed/bin/dropbearkey \
+  -t ecdsa \
+  -f ../dropbear_installed/etc/dropbear/dropbear_ecdsa_host_key 
+
+# Create user/group configuration files.
+touch ../dropbear_installed/etc/passwd
+touch ../dropbear_installed/etc/group
+
+# Add group 0 for root.
+echo "root:x:0:" \
+  > ../dropbear_installed/etc/group
+
+# Add user root with password 'toor'.
+echo "root:AprZpdBUhZXss:0:0:Minimal Root,,,:/root:/bin/sh" \
+  > ../dropbear_installed/etc/passwd
+
+# Create home folder for root user.
+mkdir -p ../dropbear_installed/root
+
+# Create Dropbear SSH configuration END
+
+echo "Reducing Dropbear size..."
+strip -g \
+  ../dropbear_installed/bin/* \
+  ../dropbear_installed/sbin/* \
+  ../dropbear_installed/lib/*
+
+cp -r \
+  ../dropbear_installed/etc \
+  ../dropbear_installed/bin \
+  ../dropbear_installed/sbin \
+  ../dropbear_installed/lib \
+  $SRC_DIR/work/src/minimal_overlay
+
+echo "Dropbear has been installed."
+
+cd $SRC_DIR
+