Operating system for indestructible Raspberry Pi installations

Lampone Pi is a live Debian GNU/Linux Buster arm64 operating system for the Raspberry Pi microcomputer boards. At the time of writing, it’s the only live ISO 9660 operating system for the Pi which can also perform kernel updates. Although it is not affiliated or derived from Raspbian, it’s the homologous of Raspbian Lite (they both derive from Debian), but differently it’s a 64bit live OS.

:: resilient

A Debian GNU/Linux (Buster) derivative with a unique partitioning scheme crafted for maximizing the strength against filesystem corruption (*): the ISO9660 system partition is read-only by design at filesystem-level.

:: ductile

Persistence partition contains only the diffs from the stock installation; system updates and your data lay there – you can do system backups/snapshots by just copying the files contained within the 4th partition (rw folder).

Why this project?

If the image looks familiar to you, you already have the answer : )

(*) Knowledge of how a live operating system is built helps in creating a really solid system for one’s purposes: correctly using the live-build framework means that the needed software stack stays in the filesystem.squashfs within the ISO 9660 partition. Persistence will be used only for config files.

This is why  on the Lampone Pi’s GitHub page the live build procedure is open and documented and why a well done persistent live system is much preferable against a “read-only-mounted” one.

Install
instructions 

You can write the image file to a micro-SD card (8GB minimum) as you do with any other Raspberry Pi operating system: follow the steps described depending on the host operating system of your choice.

Use a SD-to-USB adapter.

Lampone Pi  is at the moment compatible with the Raspberry Pi 3 family.

Write the USB key from a Linux

Make use of dd; if the device file corresponding to the USB adapter is /dev/sdx for example, do:
dd if=path/to/resilientlinux.iso of=/dev/sdx bs=10M

 learn more

Write the USB key from a Windows

Make use of Etcher for the write,
www.balena.io/etcher

 learn more

Write the USB key from a Mac

Make use of Etcher for the write,
www.balena.io/etcher

 learn more

Boot

Just boot the Raspberry Pi with the just written SD card.

 learn more

Download the image

Open source

Lampone Pi is a free and open-source software, whose development is hosted on GitHub. Feel free to contribute to the projects.

Technically it’s a Debian arm64 derivative with a unique partitioning scheme crafted for maximizing the strength against filesystem corruption: the ISO9660 system partition (here mmcblk0p2) is read-only by design at filesystem-level. The data persistence partition (here mmcblk0p4) contains only the delta: system updates and your data lay there. mmcblk0p1 is the efi FAT boot partition.

The data partition mounted on top of a read-only system partition makes the resulting operating system resistent to filesystem-corruption. Moreover, you can do complete system backups by just tar-ring only the files contained within that partition.

And why the thrid partition? The complete “liveng” specification can be found at: liveng.readthedocs.io.

GitHub home

Case study: kernel update

Lampone Pi features a read-only ISO 9660 system partition but it’s able to update the kernel, it’s magic heh?

Here a user demonstration.

root@lampone-pi:~# uname -a
Linux lampone-pi 5.5.0-0.bpo.2-arm64 #1 SMP Debian 5.5.17-1~bpo10+1 (2020-04-23) aarch64 GNU/Linux

root@lampone-pi:~# apt install -y linux-image-5.6.0-0.bpo.2-arm64 linux-headers-5.6.0-0.bpo.2-arm64 -t buster-backports
Reading package lists… Done
Building dependency tree
Reading state information… Done
The following additional packages will be installed:
linux-headers-5.6.0-0.bpo.2-common linux-kbuild-5.6
The following NEW packages will be installed:
linux-headers-5.6.0-0.bpo.2-arm64 linux-headers-5.6.0-0.bpo.2-common linux-image-5.6.0-0.bpo.2-arm64 linux-kbuild-5.6
0 upgraded, 4 newly installed, 0 to remove and 47 not upgraded.
Get:1 http://deb.debian.org/debian buster-backports/main arm64 linux-headers-5.6.0-0.bpo.2-common all 5.6.14-2~bpo10+1 [8420 kB]
Get:2 http://deb.debian.org/debian buster-backports/main arm64 linux-kbuild-5.6 arm64 5.6.14-2~bpo10+1 [360 kB]
Get:3 http://deb.debian.org/debian buster-backports/main arm64 linux-headers-5.6.0-0.bpo.2-arm64 arm64 5.6.14-2~bpo10+1 [594 kB]
Get:4 http://deb.debian.org/debian buster-backports/main arm64 linux-image-5.6.0-0.bpo.2-arm64 arm64 5.6.14-2~bpo10+1 [44.4 MB]
Fetched 53.8 MB in 12s (4406 kB/s)
[…]
/etc/kernel/postinst.d/initramfs-tools:
mount: /tmp/_resilientlinux: WARNING: device write-protected, mounted read-only.
update-initramfs: Generating /boot/initrd.img-5.6.0-0.bpo.2-arm64
live-boot: core filesystems devices utils udev blockdev dns.
xorriso 1.5.0 : RockRidge filesystem manipulator, libburnia project.

Drive current: -outdev ‘stdio:/dev/mmcblk0p3’
Media current: stdio file, overwriteable
Media status : is blank
Media summary: 0 sessions, 0 data blocks, 0 data, 256m free
xorriso : WARNING : -volid text does not comply to ISO 9660 / ECMA 119 rules
Added to ISO image: directory ‘/’=’/boot/temp’
xorriso : UPDATE : 3 files added in 1 seconds
xorriso : UPDATE : 3 files added in 1 seconds
xorriso : UPDATE : 13.56% done
xorriso : UPDATE : Thank you for being patient. Working since 12 seconds.
ISO image produced: 38943 sectors
Written to medium : 38943 sectors at LBA 0
Writing to ‘stdio:/dev/mmcblk0p3’ completed successfully.
Setting up linux-headers-5.6.0-0.bpo.2-arm64 (5.6.14-2~bpo10+1) …

root@lampone-pi:~# reboot

root@lampone-pi:~# uname -a
Linux lampone-pi 5.6.0-0.bpo.2-arm64 #1 SMP Debian 5.6.14-2~bpo10+1 (2020-06-09) aarch64 GNU/Linuxroot@lampone-pi:~# uname -a
Linux lampone-pi 5.5.0-0.bpo.2-arm64 #1 SMP Debian 5.5.17-1~bpo10+1 (2020-04-23) aarch64 GNU/Linux

As you can see, at every kernel update the third small partition is overwritten. The GRUB bootloader is instructed to boot by default from this partition, because that one always contains the most updated kernel and initrd files.

The second partition’s files are kept at their default state and can be useful in case of recovery or when a complete persistence reset is performed; the big filesystem.squashfs file is saved within this partition so it isn’t touched during kernel updates.

Usage example

Here the Raspberry Digital Signage stack is deployed onto a Lampone Pi operating system istead of Raspbian Lite (showing the Resilient Linux website).