| 1 | [[PageOutline]] |
| 2 | |
| 3 | = Disabling Serial Console = |
| 4 | For varying privacy and security reasons, some people like to completely silence the serial console output. This needs to be done in the following places: |
| 5 | * [#bootloader Bootloader] (serial console) |
| 6 | * [#kernel Linux Kernel] (serial console) |
| 7 | * [#linuxos Linux OS] (console login) |
| 8 | |
| 9 | ''' Please NOTE: There will be no way to access the board besides over the network after making these changes.''' |
| 10 | |
| 11 | ''' Please make changes at your own risk''' |
| 12 | |
| 13 | Recovery would be through re-programming the board via the Gateworks JTAG Programmer. |
| 14 | |
| 15 | [=#bootloader] |
| 16 | == Disable U-Boot bootloader serial console == |
| 17 | In order to disable serial console for the U-Boot bootloader you must re-build the bootloader with the feature disabled. |
| 18 | * Laguna bootloader |
| 19 | - see [wiki:laguna/bootloader] for building |
| 20 | - alter config |
| 21 | (include/configs/cavium_cns3000.h and/or include/configs/cavium_cns3000_spi.h): |
| 22 | * remove '#define CONFIG_CNS3000_SERIAL' |
| 23 | * set CONFIG_BOOTDELAY to 0 to save a couple of seconds on bootup |
| 24 | * Ventana bootloader |
| 25 | - see [wiki:ventana/bootloader] for building |
| 26 | - alter config (include/configs/gw_ventana.h): |
| 27 | * remove '#define CONFIG_DM_SERIAL' |
| 28 | * set CONFIG_BOOTDELAY to 0 to save a couple of seconds on bootup |
| 29 | |
| 30 | |
| 31 | [=#kernel] |
| 32 | == Disable Kernel serial console == |
| 33 | In order to disable serial console for the Linux Kernel you can either recompile it with the support disabled, or you can alter the bootargs the bootloader passes to the kernel to disable it at runtime. |
| 34 | |
| 35 | Kernel configuration: |
| 36 | * Remove the following from the kernel config (.config) |
| 37 | * CONFIG_SERIAL_CORE_CONSOLE |
| 38 | * CONFIG_SERIAL_EARLYCON |
| 39 | * CONFIG_SERIAL_IMX_CONSOLE (Ventana / imx6) |
| 40 | * CONFIG_SERIAL_8250_CONSOLE (Laguna / cns3xxx) |
| 41 | |
| 42 | Kernel bootargs: |
| 43 | * Remove the 'console' bootargs |
| 44 | |
| 45 | Example bootloader configuration to remove the {{{console}}} bootarg: |
| 46 | * Laguna - Alter {{{bootargs}}}: |
| 47 | {{{ |
| 48 | printenv bootargs |
| 49 | bootargs=console=ttyS0,115200 root=/dev/mtdblock3 rootfstype=squashfs,jffs2 noinitrd init=/etc/preinit |
| 50 | setenv bootargs 'root=/dev/mtdblock3 rootfstype=squashfs,jffs2 noinitrd init=/etc/preinit' |
| 51 | saveenv |
| 52 | }}} |
| 53 | * Ventana - unset {{{console}}}: |
| 54 | {{{ |
| 55 | setenv console |
| 56 | saveenv |
| 57 | }}} |
| 58 | |
| 59 | |
| 60 | |
| 61 | [=#linuxos] |
| 62 | == Disable Linux OS console login == |
| 63 | In order to disable console login in a Linux OS you must disable the service that performs this function. While this is Linux distribution specific it usually involves the 'init' process launching the 'getty' or 'login' application with a parameter of a specific serial device or tty1 (which is the kernel console tty) |
| 64 | |
| 65 | === OpenWrt === |
| 66 | modern OpenWrt uses it's own {{{procd}}} as a replacement for the standard Linux init. While it is a complete re-implementation it still follows the standard of processing an {{{/etc/inittab}}} file for configuring what processes are spawned from init. |
| 67 | |
| 68 | To kill off login from the kernel serial console as well as any other serial devices, remove or comment with a leading '#' any lines that invoke {{{/bin/ash --login}}} from /etc/inittab such as: |
| 69 | {{{ |
| 70 | ::askconsole:/bin/ash --login |
| 71 | tty1::askfirst:/bin/ash --login |
| 72 | }}} |
| 73 | |
| 74 | === Yocto (and other Linux distros using the standard sysvinit) === |
| 75 | Many Linus distros use the {{{sysvinit}}} package which processes {{{/etc/inittab}}} for commands to spawn a {{{getty}}} on various serial devices or tty's. |
| 76 | |
| 77 | To kill off login from the kernel serial console as well as any other serial devices, remove or comment with a leading '#' any lines that invoke the {{{getty}}} process from /etc/inittab. For example, remove the following: |
| 78 | {{{ |
| 79 | mxc1:12345:respawn:/sbin/getty -L 115200 ttymxc1 |
| 80 | 1:12345:respawn:/sbin/getty 38400 tty1 |
| 81 | }}} |
| 82 | |
| 83 | === Ubuntu === |
| 84 | Ubuntu doesn't by default enable serial console or serial port login capability however if you have added this it may have been done by adding an {{{/etc/init/serial.conf}}} that you can alter or remove. |