raspberry pi – essentials

here is a collection of hints after installing raspbmc on your raspberry pi

on OSX i had problems with „sudo python install.py“, just login as admin – and be careful selecting the right disk!!
you don’t have to attache a display. just login via ssh with user pi, password raspberry and change the password with

  passwd

other OSs via http://www.raspberrypi.org/downloads

system informations
installed packages
 dpkg –list
 
get linux-version
 uname -a 
Linux raspberrypi 3.6.11+ #474 PREEMPT Thu Jun 13 17:14:42 BST 2013 armv6l GNU/Linux
running processes
  top -d 5
  ps -ef
  ps -efH
cpu temperature
  /opt/vc/bin/vcgencmd measure_temp

log-files are under /var/log
eg show Bad password attempts in ssh
  grep -w „Bad password attempt“ /var/log/auth.log

HDD-overview
 sudo fdisk -l
 df
 cat /proc/partitions

update/upgrade system
 sudo apt-get update && sudo apt-get upgrade


Rasp-„BIOS“ – RPi_config
pi has no BIOS but a config-file instead (monitor-resolution, overclocking etc.) – checkt infos here

external ssh-access
set a port-forwarding on your router to ip of pi on port 22
check existing firewall/iptables config of pi
  sudo iptables -L
add the following temporary rule to iptables

  sudo iptables -I INPUT -i eth0 -p tcp –dport 22 -j ACCEPT

now check if you have external access to pi

for permanent configuration add a line to /etc/network/if-up.d/secure-rmc
open the file 
  sudo nano /etc/network/if-up.d/secure-rmc 
at the end of the file there should be somthing like
  if [ „$IFACE“ != „lo“ ]; then
    NETMASK=$(get_subnet $IFACE)
iptables -A INPUT -s $NETMASK -i $IFACE -j ACCEPT
iptables -A INPUT -i $IFACE -j DROP
fi
add the following line 
  if [ „$IFACE“ != „lo“ ]; then
    NETMASK=$(get_subnet $IFACE)
iptables -A INPUT -s $NETMASK -i $IFACE -j ACCEPT
iptables -A INPUT -i $IFACE -p tcp –dport 22 -j ACCEPT
iptables -A INPUT -i $IFACE -j DROP
fi

finally restart pi
  sudo shutdown -r now
details here (only german)

info about using iptables to rate-limit incoming connections here
  iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent –set 
  iptables -I INPUT -p tcp –dport 22 -i eth0 -m state –state NEW -m recent –update –seconds 60 –hitcount 4 -j DROP
for permanent blocking add in /etc/network/if-up.d/secure-rmc 
  iptables -I INPUT -p tcp –dport 22 -i $IFACE -m state –state NEW -m recent –set 
  iptables -I INPUT -p tcp –dport 22 -i $IFACE -m state –state NEW -m recent –update –seconds 60 –hitcount 4 -j DROP

backup / copy disk-images
To backup the system-files disk, find out where it is
  df
my result is

  Filesystem     1K-blocks    Used Available Use% Mounted on
  /dev/mmcblk0p2   1878688 1369668    413584  77% /
  /dev/mmcblk0p1     70561    6913     63649  10% /boot

the / mount-point is the system-files disk with 1.8GB and the /boot mount is the boot-partition on the SD-card
to make a backup of the system-files disk do the following
  dd if=/dev/mmcblk0p2 of=/home/pi/backup/disk2.img
Restore from the image file „disk2.img“ to the first partition of /dev/sda:

  dd if=disk2.img of=/dev/sda1

unmount dev/sda1
  umount /dev/sda1

after usb-plugging in
tail -f /var/log/messages 
set the name for the new volume. first check, if it has a name with

  sudo e2label /dev/sda1
if it’s empty set the new name
  sudo e2label /dev/sda1 new_name
check for sda: sda1 …

  sudo mount -t vfat -o uid=pi,gid=pi /dev/sda1 /media/USBHDD/or with EXT4-fs
  sudo mount -t ext4 -o uid=pi,gid=pi /dev/sda1 /media/USBHDD/

backup on OS X

plug in your raspi-sd-card to your mac.
use diskutil list to get your mount-point
then unmount the drive (eg:)
  diskutil unmountDisk /dev/disk1

now you can take an image of the disk with dd
  dd if=/dev/disk1 of=raspi.img

to copy the image to a new sd-card do the same steps as above, but modify the dd command
  dd if=raspi.img of=/dev/disk1

backup with rsync
another way to backup is to async all files to another disk. exclude all mounted drives (like here /media)! it’s not fast but the files are easy to access afterwards. big advantage is, that only newer files are processed.
  sudo rsync -aAXv /* /media/raspbmc/ –exclude={/dev/*,/proc/*,/sys/*,/tmp/*,/run/*,/mnt/*,/media/*,/lost+found,/boot/*}


move system-files to usb
after creating an usb-stick with the system-files edit /media/USBHDD/etc/fstab to point / to /dev/sda1
then edit /boot/cmdline.txt and set root=/dev/sda1
reboot
long info here

gphoto2
install the program
  sudo apt-get install gphoto2
attach your camara and turn it on
  gphoto2 –auto-detect

Model                          Port            
———————————————————-

Canon PowerShot A720 IS (PTP mode) usb:001,009     

  sudo gphoto2 –summary
list photos on the camera
  sudo gphoto2 –list-files
copy all files to current directory
  sudo gphoto2 –get-all-files

lighttpd webserver
install the package
  sudo apt-get install lighttpd
check your new webpage http://%5Byour-ip-address%5D
this page shows you first info of your new webserver
Configuration files in /etc/lighttpd
change server.port in /etc/lighttpd/lighttpd.conf to eg 8085
restart the server
  sudo /etc/init.d/lighttpd restart
check the new port http://%5Byour-ip-address%5D:8085/

for permanent usage create a new folder for the log-file and set the user www-data as owner
  cd /etc/lighttpd
  sudo mkdir log
create the log-files
  sudo touch error.log
  sudo touch access.log
  sudo chown -R www-data:www-data /etc/lighttpd/log

add fastcgi to lighttpd
  sudo nano /etc/lighttpd/lighttpd.conf
add mod_cgi to the server.modules
creatge a cgi-bin directory under your webserver’s root directory
Add the following to the bottom of the file


# cgi for python and shell

$HTTP[„url“] =~ „^/cgi-bin/“ {cgi.assign = („.py“ => „/usr/bin/python“ , „.sh“ => „/bin/bash“)}

then

  sudo /etc/init.d/lighttpd restart
or

  sudo /etc/init.d/lighttpd force-reload

Note that to see stderr output from CGI processes, you need to set
  server.breakagelog = „/var/log/lighttpd/breakage.log“ 


www-file are here
  /var/www

enable server-status (doc)
add mod_status to server.modules
and add the following line to lighttpd.conf
  #server-status
  status.status-url = „/status“

install php5-fpm (doc)
  sudo apt-get install php5-fpm

(
issue – add demoCA folder to working-dir, inside touch index.txt and folder newcerts, echo „01“ > serial

issues alter /usr/lib/ssl/openssl.cnf after error „The commonName field needed to be supplied and was missing“ and change to [policy-match] commonName = supplied
)

activate log / logging of page-visites 
just add the module to the config file /etc/lighttpd/lighttpd.conf
mod_accesslog

and set the path to the log-file
accesslog.filename = „/var/log/lighttpd.log“ 

enable directory listing for specific folders
add the following line to the config file /etc/lighttpd/lighttpd.conf

# directory listing
$HTTP[„url“] =~ „^/www/($|/)“ { server.dir-listing = „enable“ }
now go to your server.document-root in my case just /var/www
and create a symbolic link to your destination directory – in my case the usb-drive (beware of problems with permissions)
ln -s /media/MYSTICK/www ./www
now restart the webserver

enable directory listing globally

add the following line to the config
server.dir-listing = „enable“
now restart the webserver
infos from here
tutorial for first script here

more logging infos here

wlan
to check the correct installtion of the drivers for the edimax-wlan-usb-stick use
  dmesg
and look for the lines
usb 1-1.3.2: Product: 802.11n WLAN Adapter
usb 1-1.3.2: Manufacturer: Realtek

usbcore: registered new interface driver rtl8192cu

to scan SSIDs (SSID) near you do iwlist with your network (eg wlan0), you also get quality and signal level
sudo iwlist wlan0 scan

now check the status of your network connections with
 ifconfig
to connect to a dhcp access-point edit the following file
 sudo nano /etc/network/interfaces
encryption of passphrase see this article
use wpa_passphrase to encrypt your password by wpa_passphrase ‚myHotSpot‘ ‚mypassword‘
use the resulting psk-passphrase in the interfaces-file /etc/network/interfaces
is should look like the following example

Now we should restart the networking services:
sudo /etc/init.d/networking restart

here is a nice tool, to manage multiple networks with a GUI-like interface
install wicd-curses and run it with sudo.

configuration of XBMC-Networks is located here
/etc/NetworkManager/system-connections

info from here

pi as wlan-router – read this

disable hdmi
 /opt/vc/bin/tvservice -o
write it to /etc/rc.local

mount
get info about plugged devices
  sudo fdisk -l
create mount-dir
then

  sudo mount /dev/sdb1 /media/raspbmc/

if there are problems with the fs-type …
  sudo mount -t vfat -o uid=pi,gid=pi /dev/sda1 /media/USBHDD/
or with EXT4-fs
  sudo mount -t ext4 -o uid=pi,gid=pi /dev/sda1 /media/USBHDD/

for problems with write-permission:

  sudo mount -o rw,uid=pi /dev/sde1 /media/XYM/

for permanent check you current mounts 
cat /proc/mounts

and the line of your mountpoint to /etc/fstab (sudo nano /etc/fstab) – eg –
  /dev/sdb1 /media/USBdrive   vfat    users,noatime,umask=0 0       0

reload the fstab-config with
  sudo mount -a

format usb-stick
list your connected drives
  sudo fdisk -l
start fdisk with your selected drive (i use /dev/sda)
  sudo fdisk /dev/sda
press p to print the partition table info. start partitioning with d and go through the process. now check the editied partitions with p and then write it with w. now exit with q/ctrl-c.
now write the new fs to the drive
  mkfs -t ext2 /dev/sda1
done – mount the device…

Advertisements

Kommentar verfassen

Trage deine Daten unten ein oder klicke ein Icon um dich einzuloggen:

WordPress.com-Logo

Du kommentierst mit Deinem WordPress.com-Konto. Abmelden / Ändern )

Twitter-Bild

Du kommentierst mit Deinem Twitter-Konto. Abmelden / Ändern )

Facebook-Foto

Du kommentierst mit Deinem Facebook-Konto. Abmelden / Ändern )

Google+ Foto

Du kommentierst mit Deinem Google+-Konto. Abmelden / Ändern )

Verbinde mit %s