Saturday, 7 May 2022

Adding a 32-bit GRUB bootloader to boot and install ISOs

 

Many distros no longer include both 32-bit and 64-bit bootloader support. Unfortunately some hardware including most based on the relatively recent Intel Atom processor architecture won't boot 'OOTB'. Whilst I wrote 'isorespin.sh' and 'isorespinner.sh' in part to address this issue I restricted their functionality to the Ubuntu 'family' of ISOs for support purposes. One of the most frequest questions I have been asked is 'can you add support for <insert distro> ISOs?'. Unfortunately distros, even those based on or derived from Ubuntu, are often built with different directory structures and packages. As a result writing a script that caters for multiple distros becomes complex and cumbersome. However with Ubuntu looking to move to a new snap-based installer I've revisited the 32-bit boot issue. 

Initially I created a simple script 'treetoobitiso.sh' to just add the 32-bit GRUB bootloader to the Ubuntu 'family' of ISOs. But if a different distro uses a similar file system layout then essentialy there is no reason why it also wouldn't work so I've extended this script to include an '--unsupported' option to allow running, or at least attempt running, with any ISO.

Invocation is straightforward:

linuxium@LINUXIUM:~$ treetoobitiso.sh -h
Usage: treetoobitiso.sh -h | [ --unsupported ] -i <ISO> [ --disk ]
treetoobitiso.sh: Exiting ... ISO not created.
linuxium@LINUXIUM:~$

being derived from 'isorespinner.sh'. 

To create a bootable Ubuntu or similar ISO:

linuxium@LINUXIUM:~$ treetoobitiso.sh -i linuxmint-20.3-cinnamon-64bit.iso
treetoobitiso.sh: Running in RAM ...
treetoobitiso.sh: Extracting treetoobitiso files ...
treetoobitiso.sh: Extracting ISO ...
treetoobitiso.sh: Adding 32-bit GRUB bootloader ...
treetoobitiso.sh: Spinning ISO ...
treetoobitiso.sh: Respun ISO created as 'linuxium-linuxmint-20.3-cinnamon-64bit.iso' ... see logfile 'treetoobitiso.log' for details.
linuxium@LINUXIUM:~$


For other ISOs:

linuxium@LINUXIUM:~$ treetoobitiso.sh -i pop-os_22.04_amd64_intel_4.iso
treetoobitiso.sh: 'pop-os_22.04_amd64_intel_4.iso' must be an Ubuntu, Kubuntu, Lubuntu, Ubuntu Budgie, Ubuntu GNOME, Ubuntu MATE, Xubuntu or Linux Mint desktop ISO.
treetoobitiso.sh: Exiting ... ISO not created.
linuxium@LINUXIUM:~$

use the '--unsupported' option:

linuxium@LINUXIUM:~$ treetoobitiso.sh --unsupported -i pop-os_22.04_amd64_intel_4.iso
treetoobitiso.sh: Running in RAM ...
treetoobitiso.sh: Extracting treetoobitiso files ...
treetoobitiso.sh: Extracting ISO ...
treetoobitiso.sh: Adding 32-bit GRUB bootloader ...
treetoobitiso.sh: Spinning ISO ...
treetoobitiso.sh: Respun ISO created as 'linuxium-pop-os_22.04_amd64_intel_4.iso' ... see logfile 'treetoobitiso.log' for details.
linuxium@LINUXIUM:~$


As long as the ISO has a file system layout that is recognised by the script, it should work otherwise you will be notified:

linuxium@LINUXIUM:~$ treetoobitiso.sh --unsupported -i Fedora-Workstation-Live-x86_64-35-1.2.iso
treetoobitiso.sh: Running in RAM ...
treetoobitiso.sh: Extracting treetoobitiso files ...
treetoobitiso.sh: Extracting ISO ...
treetoobitiso.sh: ISO structure currently not supported.
treetoobitiso.sh: Exiting ... ISO not created.
linuxium@LINUXIUM:~$

Once booted an installation will be dependent on the ISO's installer. Typically it will try to install a 64-bit GRUB bootloader however it may also fail as whilst it recognises that it was booted by a 32-bit bootloader it likely will not have the code to handle such an installation.

So I've created a companion script 'treetoobit.sh' to install a 32-bit GRUB bootloader during an installation attempt and again, whilst the Ubuntu 'family' of ISOs is supported, if the ISO is Debian/Ubuntu based (i.e. uses the 'apt' package manager) then it may also work using the '--unsupported' option.

For Ubuntu or similar ISOs perform the installation and then immediately before closing the final installation 'success' screen run the 'treetoobit.sh' script.


Some ISOs use the same partitions as Ubuntu for installation which simplifies running the script.


Others use a random name for the mount point and may not leave both the 'installation' and 'boot' partitions mounted at the end of the installation. It is best to first run 'lsblk -a' to see the current state and then perform any required mounting manually.



It is possible that an installation will finish leaving no sign of the partitions so both the mount point and paritions have to be set up first prior to running the script.  


Unfortunately not all installations will complete successfully and depending on what the installer still had left to do means there may be additional manual steps required (hence the 'unsupported' caveat). In the case of Debian looking at the Calamares installer indicates that this includes removing the 'live-*' and 'calamares-settings-debian' packages.


Also if the installation does not support the 'apt' package manager then the script will refuse to run.


Finally, and perhaps of interest to anyone believing in 'snap' security or non-repudiation, specifically for the current 'canary' Ubuntu 22.04 ISO which uses the new Ubuntu ​desktop installer, it is necessary to run the 'treetoobit.sh' script before starting the installation. This will inject code into the desktop installer snap to use 32-bit GRUB packages as otherwise the installation will fail and recovery becomes tedious.

Please donate to help support the development if you find the script useful by following the link http://goo.gl/nXWSGf.


    



 

Friday, 22 April 2022

Customizing Ubuntu ISOs: Documentation and examples of how to use 'isorespinner.sh'

 


isorespinner.sh

This script is a ​progression of 'isorespin.sh'. Whilst 'isorespin' was created to support Ubuntu and similar Linux distributions on mini PCs, some of the functionality that was developed is now unused. Additionally with ​Canonical now trialling a new ​Ubuntu ​desktop installer and the ISO using a new multi-layer filesystem, rather than hack the ​earlier code to coerce compatibility I'​ve​ developed a new script ​which I've called ​'isorespinner.sh' ​and provides the most useful features and ​addresses the functionality that is ​now relevant to​ ​respinning.

The syntax of the new script is as follows:

Usage: isorespinner.sh [ -h | -v | --check ]
       isorespinner.sh -i <ISO> [ -w <directory> | -u | -k <kernel> | --dist-upgrade | --upgrade | --interactive | --all | --disk | --debug | ...
       isorespinner.sh ... -b [ GRUB-32 | GRUB-64 ] | -g [ "" | "<kernel boot parameter> ... " ] | c "<cmd> ... " | ...
       isorespinner.sh ... --key "<repo> ... " | -r "<repo> ... " | -p "<pkg> ... " | -l "<pkg.deb> ... " | -e "<pkg> ... " | -f [ "<file> | <directory> ... " ]

with a lot of the options unchanged from their previous functionality as described here.

The primary significant difference between 'isorespin.sh' and 'isorespinner.sh' is that the new script no longer adds a GRUB 32-bit bootloader by default so ​the option '-b GRUB-32' ​should be used ​if ​it is ​required. Secondly along with removing redundant options, the GUI interface has been dropped so options can only be specified using the command line​. ​As a result ​all ​the previous functionality can be replicated using the current options. The prerequisite dependencies are the same as before and if not installed the script will identify any that are required.

The new script includes two new features​:

  1. The script tries to run using memory for the temporary files to alleviate continuous read/writes to storage ​and thereby​ reduce drive wear. ​However to exclude running in memory​ ​the option '--disk' ​should be specified ​especially if using the script for large and complex respins as currently it is possible to exceed the initial memory allocation ​which ​results ​in running out of 'virtual' space. 
  2. ​The other key new feature is the support for multi-layer filesystem ISOs such as the new canary Ubuntu Jammy 22.04 ISO. However due to the nature of how such ISOs uses layers, respinning becomes somewhat dependent and/or specific to the individual layers​.​ The default language layer is derived from the 'LANG' shell variable or ​set ​as 'English' if either ​the variable is unset or set to 'C.UTF-8'. A different language layer, assuming it is already​ ​supported​ by the ISO​, can be respun by prefixing the respin command with the required 'LANG' variable, so for Spanish for example, use 'LANG=es isorespinner.sh -i ...​'​. If all language layers require respinning​ then ​use the option '--all'. Currently only a 'normal' installation is supported as the 'minimal' installation has not ​yet ​been ​investigated.

Looking at invocation, a good example of why 'isorespinner.sh' is required is the back-porting of the Intel P-State driver fix for Intel Alder Lake processors. Currently the brand new Jammy ISO ships with Linux kernel version 5.15.25 which results in poor performance on Alder Lake due to ITMT support for with P and E core selection. However the Linux kernel version 5.15.35 includes this back-ported fix and this can be incorporated into a respun ISO by using the option '-k v5.15.35' which will then use the Canonical build of the Mainline Test tree prior to the kernel filtering through the kernel rollout process.

Whilst before it was possible to respin an ISO suitable for Intel Atom processors using the single '--atom' option, now the various components have to be first downloaded and respun as specific options e.g. '-b GRUB-32 -l rtl8723bs_4.12.0_amd64.deb -f linuxium-install-UCM-files.sh -f wrapper-linuxium-install-UCM-files.sh -f linuxium-install-broadcom-drivers.sh -f wrapper-linuxium-install-broadcom-drivers.sh -c wrapper-linuxium-install-UCM-files.sh -c wrapper-linuxium-install-broadcom-drivers.sh' as the '--atom' option has been depreciated. For reference these are the 'atom' files:

rtl8723bt_4.12.0_amd64.deb (used when the linux-firmware package is at least version 1.169)
rtl8723bs_4.12.0_amd64.deb (used for earlier versions of the linux-firmware package)
linuxium-install-broadcom-drivers.sh
linuxium-install-UCM2-files.sh (used for ISOs 20.04 and up - rename as 'UCM' without the '2')

I​'ve​ also found that the new multi-layer filesystem ​ISO ​was too 'heavy' for very low-powered Intel mini PCs​. However with a minimum configuration of a Cherry Trail processor ​and 2GB memory​ and some​ specific respinning, both usage and installation was possible. Even then ​an Intel Compute Stick struggled ​but using ​a respun ISO with ​the options '-b GRUB-32 -g intel_idle.max_cstate=1 -g fsck.mode=skip -p lz4 -c "sed -i 's/^COMPRESS=zstd/COMPRESS=lz4/' /etc/initramfs-tools/initramfs.conf"' prevent​ed​ ​both ​freezing during installation and ​also ​running out of memory when creating a new 'initramfs'.

As this is the initial release inevitably there will be improvements required so please donate if you find the script useful using the following link http://goo.gl/nXWSGf as everything helps with development costs.


Canonical have announced the release of Ubuntu 22.04 LTS (Jammy Jellyfish)

For the last few years I've respun various ISOs to support running Ubuntu, Ubuntu flavours and Ubuntu-based distros on mini PCs by specifically addressing the issue of those devices that use restrictive bootloaders including 32-bit GRUB.

I've relied on donations to support my work and cover development and storage costs. Recently these have been few and far between indicating that the demand for such ISOs is not there.
As a result I'm reducing the number of ISOs I provide and only offer some examples of how my 'isorespinner.sh' script works.




With Canonical announcing the latest release of Ubuntu 22.04 LTS (Jammy Jellyfish) I’ve respun the desktop ISO to create an ISO which includes support for Intel Atom devices as well as any other 64-bit (x86-64/AMD64) PC:

linuxium-ubuntu-22.04.4-desktop-amd64.iso (-i ubuntu-22.04-desktop-amd64.iso -b GRUB-32 -l rtl8723bs_4.12.0_amd64.deb -f linuxium-install-UCM-files.sh -f wrapper-linuxium-install-UCM-files.sh -f linuxium-install-broadcom-drivers.sh -f wrapper-linuxium-install-broadcom-drivers.sh -c wrapper-linuxium-install-UCM-files.sh -c wrapper-linuxium-install-broadcom-drivers.sh)




I've also respun Lubuntu:

linuxium-lubuntu-22.04.4-desktop-amd64.iso (-i lubuntu-22.04-desktop-amd64.iso -b GRUB-32 -l rtl8723bs_4.12.0_amd64.deb -f linuxium-install-UCM-files.sh -f wrapper-linuxium-install-UCM-files.sh -f linuxium-install-broadcom-drivers.sh -f wrapper-linuxium-install-broadcom-drivers.sh -c wrapper-linuxium-install-UCM-files.sh -c wrapper-linuxium-install-broadcom-drivers.sh)




Finally for the adventurous few wanting to try the new Ubuntu desktop installer I've respun the desktop ISO (jammy-desktop-canary-amd64.iso version 20220418.1) with a set of options I found prevent​ed​ ​both ​freezing during installation and ​also ​running out of memory when creating a new 'initramfs' on Intel Atom devices:

linuxium-20220418.1-ubuntu-jammy-desktop-canary-amd64.iso (-i jammy-desktop-canary-amd64.iso -b GRUB-32 -g intel_idle.max_cstate=1 -g fsck.mode=skip -p lz4 -c "sed -i 's/^COMPRESS=zstd/COMPRESS=lz4/' /etc/initramfs-tools/initramfs.conf")


Downloading Note

After downloading an ISO file it is recommended to test that the file is correct and safe to use by verifying the integrity of the downloaded file. An error during the download could result in a corrupted file and trigger random issues during the usage of the ISO.

The program 'md5sum' is designed to verify data integrity using the MD5 (Message-Digest algorithm 5) 128-bit cryptographic hash. The MD5 calculation gives a checksum (called a hash value), which must equal the MD5 value of a correct ISO.

First open a terminal and go to the correct directory to check a downloaded ISO. Then run the command 'md5sum <ISO>' for example:

md5sum linuxium-ubuntu-22.04.4-desktop-amd64.iso

'md5sum' should then print out a single line after calculating the hash:

db4bc3918a95f54d6374f06d6d09316c  linuxium-ubuntu-22.04-desktop-amd64.iso

Compare the hash (the alphanumeric string on left) from your output with the corresponding hash below. If both hashes match exactly then the downloaded file is almost certainly intact. However if the hashes do not match then there was a problem with the download and you should download the file again.

ISO 'md5sum' hashes:

v1.0.0:
db4bc3918a95f54d6374f06d6d09316c  linuxium-ubuntu-22.04-desktop-amd64.iso
2512e8241cee853472bbad639b2cbc6e  linuxium-20220418.1-ubuntu-jammy-desktop-canary-amd64.iso
4743a3fb5fddfef89c981fcbfac7aee0  linuxium-lubuntu-22.04-desktop-amd64.iso
v1.0.1:
0bab6914628260917c70c79331e2e171  linuxium-lubuntu-22.04-desktop-amd64.iso


Please donate if you find these ISOs useful.

Thursday, 7 April 2022

If things don't change, things will stay as they are.

 


The 'canary' ISO for Ubuntu 22.04 (Jammy Jellyfish) introduces the new Ubuntu Desktop installer which uses 'subiquity' as a backend and 'Flutter' for the UI.

Rather than hack 'isorespin.sh' to coerce compatibility I'm developing a new script which takes the most useful features and targets functionality that is more relevent to current usage.

Despite plus ça change, plus c'est la même chose (the more things change, the more they stay the same) I thought it best to give the script a new name: 'isorespinner.sh'.

More to come.


“If things don't change, things will stay as they are.” - John Englander 

"Plus ça change, plus c'est la même chose." - Jean-Baptiste Alphonse Karr

Wednesday, 30 March 2022

First look at SteamOS 3

 


Having downloaded the Steam Deck recovery image and written to a USB using 'Rufus', I was surprised that booting on various AMD mini PCs has so far been unsuccessful whereas after just a few tweaks it successfully booted on a couple of different Intel NUCs. 

Installation was easy however rebooting again needed tweaks to get to a SteamOS 3 desktop.

Package installation was hindered by trust issues related to signatures but eventually I was able to install 'neofetch' as an example.

However 'gaming' is limited as most games baulk at the lack of a suitable graphics capability and/or drivers. Time for some further investigating!

  

Friday, 29 October 2021

Supporting 'impish' releases

Now that Canonical has released Ubuntu 21.10 (Impish Indri) you can use my latest release of ‘isorespin.sh‘ to respin Ubuntu ISOs:

and Lubuntu ISOs:

as well as the other supported flavours but remember to install the additional package 'zstd' before respinning as this release uses a new compression tool.

Please remember to donate if you find my work useful.

Wednesday, 22 September 2021

New release of 'isorespin.sh'

Following news of the GRUB2 Secure Boot Bypass 2021 and as a result of Google's security changes on Google Drive together with the first daily build's from Canonical of Ubuntu 21.10 (impish) and point releases for 20.04.3 and 18.04.6 I've updated my ‘isorespin.sh‘ script and respun some ISOs suitable for Intel Atom and Intel Apollo Lake devices.


Note that support for 21.10 (impish) is not finalized as the release is still under development so respinning will be experimental at this stage. However due to a new compression tool being used an additional package 'zstd' will need to be installed prior to attempting any respinning.


Unfortunately interest seems to have declined judging by the lack of donations so please remember to donate if you find this work useful.