Why this project?
If the image looks familiar to you, you already have the answer : )
(*) Knowledge of how a live operating system is built helps in creating a really solid system for one’s purposes: correctly using the live-build framework means that the needed software stack stays in the filesystem.squashfs within the ISO 9660 partition. Persistence will be used only for config files.
This is why on the Lampone Pi’s GitHub page the live build procedure is open and documented and why a well done persistent live system is much preferable against a “read-only-mounted” one.
Download the image
Open source
Lampone Pi is a free and open-source software, whose development is hosted on GitHub. Feel free to contribute to the projects.
Technically it’s a Debian arm64 derivative with a unique partitioning scheme crafted for maximizing the strength against filesystem corruption: the ISO9660 system partition (here mmcblk0p2) is read-only by design at filesystem-level. The data persistence partition (here mmcblk0p4) contains only the delta: system updates and your data lay there. mmcblk0p1 is the efi FAT boot partition.
The data partition mounted on top of a read-only system partition makes the resulting operating system resistent to filesystem-corruption. Moreover, you can do complete system backups by just tar-ring only the files contained within that partition.
And why the thrid partition?
The complete “liveng” specification can be found at: liveng.readthedocs.io.
Case study: kernel update
Lampone Pi features a read-only ISO 9660 system partition but it’s able to update the kernel, it’s magic heh?
Here a user demonstration.
root@lampone-pi:~# uname -a
Linux lampone-pi 5.5.0-0.bpo.2-arm64 #1 SMP Debian 5.5.17-1~bpo10+1 (2020-04-23) aarch64 GNU/Linux
root@lampone-pi:~# apt install -y linux-image-5.6.0-0.bpo.2-arm64 linux-headers-5.6.0-0.bpo.2-arm64 -t buster-backports
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
linux-headers-5.6.0-0.bpo.2-common linux-kbuild-5.6
The following NEW packages will be installed:
linux-headers-5.6.0-0.bpo.2-arm64 linux-headers-5.6.0-0.bpo.2-common linux-image-5.6.0-0.bpo.2-arm64 linux-kbuild-5.6
0 upgraded, 4 newly installed, 0 to remove and 47 not upgraded.
Get:1 http://deb.debian.org/debian buster-backports/main arm64 linux-headers-5.6.0-0.bpo.2-common all 5.6.14-2~bpo10+1 [8420 kB]
Get:2 http://deb.debian.org/debian buster-backports/main arm64 linux-kbuild-5.6 arm64 5.6.14-2~bpo10+1 [360 kB]
Get:3 http://deb.debian.org/debian buster-backports/main arm64 linux-headers-5.6.0-0.bpo.2-arm64 arm64 5.6.14-2~bpo10+1 [594 kB]
Get:4 http://deb.debian.org/debian buster-backports/main arm64 linux-image-5.6.0-0.bpo.2-arm64 arm64 5.6.14-2~bpo10+1 [44.4 MB]
Fetched 53.8 MB in 12s (4406 kB/s)
[…]
/etc/kernel/postinst.d/initramfs-tools:
mount: /tmp/_resilientlinux: WARNING: device write-protected, mounted read-only.
update-initramfs: Generating /boot/initrd.img-5.6.0-0.bpo.2-arm64
live-boot: core filesystems devices utils udev blockdev dns.
xorriso 1.5.0 : RockRidge filesystem manipulator, libburnia project.
Drive current: -outdev ‘stdio:/dev/mmcblk0p3’
Media current: stdio file, overwriteable
Media status : is blank
Media summary: 0 sessions, 0 data blocks, 0 data, 256m free
xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules
Added to ISO image: directory ‘/’=’/boot/temp’
xorriso : UPDATE : 3 files added in 1 seconds
xorriso : UPDATE : 3 files added in 1 seconds
xorriso : UPDATE : 13.56% done
xorriso : UPDATE : Thank you for being patient. Working since 12 seconds.
ISO image produced: 38943 sectors
Written to medium : 38943 sectors at LBA 0
Writing to ‘stdio:/dev/mmcblk0p3’ completed successfully.
Setting up linux-headers-5.6.0-0.bpo.2-arm64 (5.6.14-2~bpo10+1) …
root@lampone-pi:~# reboot
root@lampone-pi:~# uname -a
Linux lampone-pi 5.6.0-0.bpo.2-arm64 #1 SMP Debian 5.6.14-2~bpo10+1 (2020-06-09) aarch64 GNU/Linuxroot@lampone-pi:~# uname -a
Linux lampone-pi 5.5.0-0.bpo.2-arm64 #1 SMP Debian 5.5.17-1~bpo10+1 (2020-04-23) aarch64 GNU/Linux
As you can see, at every kernel update the third small partition is overwritten. The GRUB bootloader is instructed to boot by default from this partition, because that one always contains the most updated kernel and initrd files.
The second partition’s files are kept at their default state and can be useful in case of recovery or when a complete persistence reset is performed; the big filesystem.squashfs file is saved within this partition so it isn’t touched during kernel updates.
Usage example
Here the Raspberry Digital Signage stack is deployed onto a Lampone Pi operating system istead of Raspbian Lite (showing the Resilient Linux website).
