With hardware-specific changes on their way, the next step is customizing the target root filesystem, the software that runs under the Linux kernel, also called the Linux user space.

The usual approach to this is to start with one of the available core images and both optimize and customize it as per the needs of your embedded project. Usually, the images chosen as a starting point are either core-image-base for a headless system, or core-image-sato for a graphical system, but any of them will do.

This chapter will show you how to add a software layer to contain those changes, and will explain some of the common customizations made, such as size optimization. It will also show you how to add new packages to your root filesystem, including licensing considerations.

We have already seen how to use the build history feature to obtain a list of packages and files included in our image. In this recipe, we will explain how the root filesystem is built so that we are able to track its components.

Root filesystem customization involves adding or modifying content to the base image. Metadata for this content goes into one or more software layers, depending on the amount of customization needed.

A typical embedded project will have just one software layer containing all non-hardware-specific customizations. But it is also possible to have extra layers for graphical frameworks or system-wide elements.

Our layers can provide recipes for different versions of the same package. For example, the meta-freescale layer contains several different types of Linux kernel recipes:

As we mentioned before, all recipes provide the package name (for example, linux-imx or linux-fslc) by default, but all Linux recipes must also provide the virtual/kernel virtual package. The build system will resolve...

It is common to want to add new packages to an image that already has an available recipe in one of the included Yocto layers.

When the target image desired is very different from the supplied core images, it is recommended to define a new image rather than to customize an existing one.

This recipe will show how to customize an existing image by adding supported packages to it, but also to create a completely new image recipe if needed.

$ bitbake-layers show-recipes htophtop: meta-oe              1.0.3

$ bitbake -s | grep htophtop                                                :1.0.3-r0

$ find /opt/yocto/fsl-community-bsp/sources -type f -name "htop*.bb"...

We have seen how to customize our image so that we can add supported packages to it. When we can't find an existing recipe, or we need to integrate some new software we have developed, we will need to create a new Yocto recipe.

All recipes inherit the base class with the default set of tasks to run. After inheriting the base class, a recipe knows how to do things such as fetching and compiling.

As most recipes are meant to install some sort of executable, the base class knows how to build it. But sometimes all we want is to install data, scripts, or configuration files into the filesystem.

If the data or configuration is related to an application, the most logical thing to do is to package it together with the application's recipe itself, and if we think it is better to be installed separately, we could even split it into its own package.

But other times, the data or configuration is unrelated to an application; maybe it applies to the whole system or we just want to provide a separate recipe for it. Or we could even want to install some interpreted language scripts that don't need to be compiled.

It is also common to need to add or modify users and groups to our filesystem. This recipe explains how it is done.

<username>:<password>:<uid>:<gid>:<comment>:<home directory>:<login shell> 

The initialization manager is an important part of the root filesystem. It is the first thing the kernel executes, and it has the responsibility to start the rest of the system, and manages system shutdown too.

The initialization manager is usually fixed by the Linux distribution. The Poky distribution allows you to select between initialization managers, the most used being System V init (sysvinit) and systemd. The poky-tiny distribution has no initialization manager and uses BusyBox init to directly read the inittab file and launch programs.

The UNIX System V operating system introduced an initialization system that was the basis for Linux's initialization. Several recent attempts have been made to replace it, and systemd has finally managed to get enough traction in between Linux distributions to be considered the successor to sysvinit.

This recipe will introduce the sysvinit initialization manager.

As an alternative to sysvinit, you can configure your project to use systemd as an initialization manager. systemd not only performs system initialization, it also manages system processes, and packs many more features than sysvinit.

The systemd initialization manager is replacing sysvinit and other initialization managers in most Linux distributions. However, the adoption of systemd in major Linux distributions has not lacked controversy. Many see systemd as an overly complex system with a complicated architecture that goes against the Unix philosophy of simple, short, clear, and extensible modular software, easily maintained and repurposed.

systemd is also big in size compared with sysvinit, although it can be scaled down and customized for embedded projects. Some of its features are tightly integrated with kernel features and updating it may force a kernel update, which is not always feasible for embedded devices.

It does however feature parallel...

The supported package formats, .rpm, .ipk, and .deb, support the addition of installation scripts that can be run at different times during a package installation process. In this recipe, we will see how to install them.

pkg_preinst_${PN} () { 
    # Shell commands 
} 

Before or in parallel with the root filesystem customization, embedded projects usually require an image size optimization that will reduce the boot time and memory usage.

Smaller images mean less storage space, less transmission time, and less programming time, which saves money both in manufacturing and field updates.

By default, the compressed Linux kernel image (zImage) for the Wandboard is around 6.2 MB. This recipe will show how we can reduce that.

CONFIG_KERNEL_XZ=y                                                               
# CONFIG_SWAP is not set                                                         
CONFIG_NO_HZ=y                                                                   
CONFIG_HIGH_RES_TIMERS=y                                         ...

Images with reduced sizes are used alongside production images for tasks such as rescue systems and manufacturing test processes. They are also ideal to be built as initramfs images, that is, images that the Linux kernel mounts from memory, and can even be bundled into a single Linux kernel image binary.

By default, the core-image-minimal size for the Wandboard unpacked root filesystem tarball is around 13 MB, and core-image-sato is around 244 MB. This recipe will explore methods to reduce the size of the root filesystem.

DESCRIPTION = "Minimal console-only image." 
 
IMAGE_INSTALL= "\
        base-files \  
        base-passwd \ 
        busybox \  
        sysvinit \  
        initscripts \  
" 
 
IMAGE_LINGUAS = " " 
 
LICENSE = "MIT" ...

Early user space or initial memory images, known as initramfs images, are typically used as early user spaces with the task of mounting complex filesystems, such as for example when an encrypted partition needs to be set up. For that use case, initramfs will prepare the final root filesystem and then perform a switch_root, effectively replacing the old filesystem with the new and running a new init from the new filesystem. initramfs needs to contain all tools needed to mount the final root filesystem.

Other uses for initramfs include rescue and manufacturing systems.

This recipe will show how to configure the Yocto build system to build initramfs images.

In the age of internet-connected devices and the Internet of Things, security in embedded devices is an important consideration in the design of an embedded system.

In this recipe, we will discuss two of the frameworks most frequently used to enhance the security of the root filesystem and show how to integrate them into your Yocto Project-based product.

-rwxr-xr-x

When releasing a product based on the Yocto project, we have to consider that we are building on top of a multitude of different open source projects, each with different licensing requirements.

At the minimum, your embedded product will contain a bootloader (probably u-boot), the Linux kernel, and a root filesystem with one or more applications. Both u-boot and the Linux kernel are licensed under the General Public License version 2 (GPLv2), and the root filesystem could contain a variety of programs with different licenses.

All open source licenses allow you to sell a commercial product with a mixture of proprietary and open licenses as long as they are independent and the product complies with all the open source licenses. We will discuss open source and proprietary cohabiting in the Working with open source and proprietary code recipe later on.

When developing open source applications, it's important to give careful thought to the license the software will be released...

The Yocto build system makes it easy to provide auditing information to our legal advisers. This recipe will explain how.

tmp/deploy/licenses/image-small-initramfs-wandboard-<timestamp>/package.manifest 
base-files 
base-passwd 
busybox 
busybox-syslog 
busybox-udhcpc 
initscripts 
initscripts-functions 
libc6 
run-postinsts 
sysvinit 
sysvinit-inittab 
sysvinit-pidof 
update-alternatives-opkg 
update-rc.d 

PACKAGE NAME: base-files                                                         
PACKAGE VERSION: 3.0.14                                                  ...

It is common for an embedded product to be built upon an open source system like the one built by Yocto, and to include proprietary software that adds value and specializes the product. This proprietary part usually contains intellectual property and needs to be protected, and it's important to understand how it can coexist with open source code.

This recipe will discuss some examples of open source packages commonly found on embedded products and will briefly explain how to use proprietary software with them.