Proof of concept of a community driven operating system (or call it firmware or distribution) for the Xtreamer.
Since we heavily base on the offical firmware, or in other words we just slightly modify this, we use their firmware release number in ours, too. The realeases are called xtcos-<Xtreamer Firmware Number>-<Our Patchlevel, encreased by every fw xtcos release>.
Planned release date in the end of february. Release and further devel stopped since we get not the source of the GPL packages included in the actual/latest firmware (there are just some older packages available). 2010-03-02, nixda.
Released at 2010-02-12, XTcOS-2.2-3 (md5sum 2ce3c2b8dfc9efa3dbe7aecef7d6ea15)
Important note about hardware detection:
In this release we changed the hotplug binary to add our xtcos-hotplug-config feature. During this process we used the wrong hotplug sources and so poorly this hotplug agent misses the detecting of the wifi adapter (and maybe more). But you can easily change this back to the original hotplug from firmware 2.2 since we put the original binary in our firmware, too:
~ # ls -al /sbin/hotplug* -rwxr-xr-x 1 root root 57324 Feb 12 13:59 /sbin/hotplug -rwxr-xr-x 1 root root 64192 Feb 12 14:27 /sbin/hotplug-fw-2.2
So make a backup of our new one and copy the one from fw-2.2 to /sbin/hotplug:
~ # cp /sbin/hotplug /sbin/hotplug-xtcos-2.2-3 ~ # cp /sbin/hotplug-fw-2.2 /sbin/hotplug
We will release a fixed hotplug in the next few days.
See notes from further XTcOS releases, it is an emergency firmware.
Other features see the notes from further XTcOS releases
By default we activated the arno-firewall. The default config is:
## 2010-01-12 by nixda # # This is a simple configuration for arno's iptables firewall, see # http://rocky.eld.leidenuniv.nl/joomla/index.php?option=com_content&view=article&id=45&Itemid=63 # # For our simple setup you may not need to change anything if you want to grant access # to your box from (only) all IPs of the local network. Therefor I have added this # switch GRANT_LOCAL_NET to arno's firewall script: GRANT_LOCAL_NET=1 # Sometimes you may want to add furter hosts (not in the range of your subnet) # to grant full access, too. If so than just add something like this FULL_ACCESS_HOSTS # rule: # # FULL_ACCESS_HOSTS="192.168.100.2" # You may add change a lot of more rulsets. arno's firewall is _very_ powerfull. # If you don't know exact how things go on you may not change anything. # EXT_IF="eth0 wlan0" EXT_IF_DHCP_IP=1 EXT_OPEN_ICMP=1 ENV_FILE="/share/arno-iptables-firewall/environment" PLUGIN_BIN_PATH="/share/arno-iptables-firewall/plugins" PLUGIN_CONF_PATH="/usr/local/etc/arno-iptables-firewall/plugins"
You can easily change this configuration be editing the file /usr/local/etc/arno-iptables-firewall/firewall.conf. If you want to use the XTcOS hotplug configuration just put the config on a externat storage device (f.e. usb stick) and plug it to the xtreamer. The config file must not be in any subdirectory and its name must be xtcos-hotplug-arnofirewall.conf.
With this release we add for the first time a simple util to configure some deamons, service via configuration files you put on your usb stick. The idea behind is that you are able to config the firewall even you made a big mistake first and have no more access to the box via network. And since right now we have not keyboad, monitor I thought this way to configure may not be a failure.
Right now these services can be configured: The arno's firewall, Samba, lighhtpd, stupid-ftpd and udhcpc. The configfiles for these services must be named as following:
xtcos-hotplug-arnofirewall.conf xtcos-hotplug-samba.conf xtcos-hotplug-lighttpd.conf xtcos-hotplug-stupid-ftpd.conf xtcos-hotplug-udhcpc.script.conf
You need to put these files on the first storage device (so called sda1)!
By default xtcos-hotplug-conf.sh makes a backup and a diff of your old config including a timestamp (xtcos-hotplug-<service id>-<timestamp>.conf.bak and xtcos-hotplug-<service id>-<timestamp>.conf.diff). A short report will be found in file xtcos-hotplug-conf-report-<timestamp>.txt. Your new config will be renamed to …-<timestamp>.done.
Just two notes: Be aware to not put CR+LF for newlines in. Just use LF like used in the unix world! To affect the changes for udhcpc you may reboot.
Released at 2010-02-10, xtcos-install-2.2-2.img.bz2 (md5sum 6411357dc38557706354afacad70bc4d)
See notes from XTcOS-2.2.b5-0, it is an emergency firmware.
Other features see the notes for XTcOS-2.2.b5-0.
In general this release offers further kernel modules, a new busybox-1.16 and some more utils, binaries. The step after this release will contain some very smart install and configure options… stay tuned!
This version was only for some internal tests.
WARNING
Xtreamer comes with a opened firmware so everybody in your network can take control of your xtreamer within seconds. Our distribution is not secure, but we fixed some big holes and put utils in your hand to go on.
Right now this release has a default password for the root access for ssh (which is running!). The password is xtcos.
DO NOT PLUG YOUR DEVICE IN FOREIGEN NETWORKS
Further xtcos versions - if there will be one - will come with a iptables config to only allow access from local network(s).
Download xtcos-install-2.2b5-0.img (md5sum 96880550fdb513f74014d4d50db25a78), unzip (bunzip2) the file, rename it to install.img and follow the instructions from Xtreamer for an emergency flash (shutdown Xtreamer, unplug power for about 10 seconds, plug in power, press the following key one behind the other (on the RC): Home, 3, Power.
Until now we did not brick any of our Xtreamers. But all risk is on your side!
We used an inoffical beta version 2.2.b5 for this test. As soon as Xtreamer will releae an new firmware we think of patching that too and releasing a new XTcOS.
The diff of the smb.conf:
@ -1,3 +1,4 @@ [global] -security=share +smb passwd file=/usr/local/daemon/samba/lib/smbpasswd +security=user include=/usr/local/etc/workgroup @@ -9,4 +10,4 @@ use sendfile=yes -guest account=root -#encrypt passwords=yes +guest account=nobody +encrypt passwords=yes passdb backend=smbpasswd @@ -26,3 +27,4 @@ path=/tmp/usbmounts/ -guest ok=yes +username=root +browsable=yes writable=yes
So the first time you should add a useraccount (f.e. root, whatever) to the smb passwd file with
/usr/local/daemon/samba/sbin/smbpasswd -a root
Only root get a shell and user sync has /bin/sync, the others /bin/false. All accounts but root are locked. It seems Xtreamer does not use/need them… we will see. In the Xtreamer there is not something like a usermanagement because everything runs as root. You and we can change this but it takes some time. So if you like to contribute…
We added a lot more modules to play and test. vpeter contributet a patch to get smart values from the sata interface. The kernel should be ready to boot a rootfs from a internal hdd but I just have not one to test. To see how the kernel is configured have a look at /proc/config.gz (added feature, too). Who likes the .config file?
The modules we put in all alle gzipped to save space on flash. So for this we needed to replace the module-utils from Xtreamer with our own (Xtreamer used some of busybox).
OpenSSH is installed and running by default. Be aware: Root logins are permitted!!!
The kernel is ready for and we added a lot of netfiltermodules. To play around we added the arno-iptables-firewall environment, too. We just not finished in customizing this. Maybe we change this util with another, unsure right now.
in /sbin:
in /bin;
I would say that in my opinion it is not a realy good idea that the Xtreamer uses the binary DvdPlayer for a lot of things to initialize and configure. So there is no chance, no way to put something into the xtreamer that looks anything like a real management of services or runlevels like we know it from well designed LSB conform distributions.
So for a first step we take /etc/udhcpc.script as a starting point to sync the time or start sshd for example. I don't like that, too.
We start zntpdate from the /etc/udhcpc.script. Just have a look there to make sure it uses the right time/timezone…
A mounted cifs share (as saved shortcut) looks like this (if you wanna put this directly into /etc/fstab):
//192.168.0.1/C /tmp/netb/mnt/My_Shortcuts/GIANT6:itsme/C cifs rw,nodiratime,unc=\\192.168.0.1\C,username=itsme,domain=Workgroup,rsize=64512,wsize=57344 0 0
Here we have our bootloader, the linux kernel and the images for audio and video in there. The hex offset for them are:
On another firmware from another Xtreamer I see this offsets:
This machine was running the original kernel which is smaller than the one from xtcos. Between audio and video we have still 0x1c0000.
You see we only modified some few parts (f.e. where we have the source code) and there is not that much space left on flash to put other big projects in it. Our intension is more in add a harddisk and put the rootfs there. This wouldn't be that hard but sadly for that everybody needs a serial cable and must modify the bootloader config. Another idea would be to patch linux so this will boot from hdd or use the pivotroot environment. It is up on you to decide how it will go on… Contributions are welcome!