NuttShell (NSH)

Last Updated: February 8, 2016



Table of Contents

1.0 Overview

1.1 Console/NSH Front End

1.2 Command Overview

1.3 Conditional Command Execution

1.4 Looping

1.5 Built-In Variables

1.6 Current Working Directory

1.7 Environment Variables

1.8 NSH Start-Up Script
2.0 Commands.

2.1 Evaluate Expression (test)

2.2 Add a Routing Table Entry (addroute)

2.3 Access the ARP table (arp)

2.4 Base64 Decode (base64dec)

2.5 Base64 Encode (base64enc)

2.6 Extract Base File/Directory Name (basename)

2.7 Terminate a Loop (break)

2.8 Concatenate Files (cat)

2.9 Change Current Working Directory (cd)

2.10 Compare Files (cmp)

2.11 Copy Files (cp)

2.12 Show or set the date and time (date)

2.13 Copy and Convert Files (dd)

2.14 Delete a Routing Table Entry (delroute)

2.15 Show volume status (df)

2.16 Extract Path to a File/Directory (dirname)

2.17 Echo Strings and Variables (echo)

2.18 Execute User Code (exec)

2.19 Exit NSH (exit)

2.20 Show Memory Manager Status (free)

2.21 Get File Via TFTP (get)

2.22 Show Usage Command Usage (help)

2.23 Hexadecimal Dump of File or Device (hexdump)

2.24 Manage Network Configuration (ifconfig)

2.25 Take a network down (ifdown)

2.26 Bring a network up (ifup)

2.27 Install an OS module (insmod)

2.28 Send a signal to a task (kill)

2.29 Setup/teardown the Loop Device (losetup)

2.30 List Directory Contents (ls)

2.31 Show information about installed OS modules (lsmod)

2.32 Calculate MD5 (md5)

2.33 Access Memory (mb, mh, and mw)

2.34 Show Current Tasks and Threads (ps)

2.35 Create a Directory (mkdir)

2.36 Create a FAT Filesystem (mkfatfs)

2.37 Create a FIFO (mkfifo)

2.38 Create a RAMDISK (mkrd)

2.39 Mount a File System (mount)

2.40 Rename a File (mv)

2.41 Mount an NFS file system (nfsmount)

2.42 Lookup a network address (nslookup)

2.43 Change a User's Password (passwd)

2.44 Check Network Peer (ping/ping6)

2.45 Shut the system down (poweroff)

2.46 Send File Via TFTP (put)

2.47 Show Current Working Directory (pwd)

2.48 Reset and reboot the system (reboot)

2.49 Remove a File (rm)

2.50 Remove a Directory (rmdir)

2.51 Remove on OS Module (rmmod)

2.52 Set an Environment Variable (set)

2.53 Execute an NSH Script (sh)

2.54 Shut the system down (shutdown)

2.55 Wait for Seconds (sleep)

2.56 Time execution of another command (time)

2.57 Unmount a File System (umount)

2.58 Print system information (uname)

2.59 Unset an Environment Variable (unset)

2.60 URL Decode (urldecode)

2.61 URL Encode (urlencode)

2.62 Add a New User (useradd)

2.63 Delete a user (userdel)

2.64 Wait for Microseconds (usleep)

2.65 Get File Via HTTP (wget)

2.66 Hexadecimal Dump of Memory (xd)
3.0 Configuration Settings

3.1 Command Dependencies on Configuration Settings

3.2 NSH-Specific Configuration Settings
4.0 Customizing the NuttShell

4.1 The NSH Library and NSH Initialization

4.2 NSH Commands

4.3 NSH "Built-In" Applications

4.4 Customizing NSH Initialization
5.0 Shell Login

5.1 Enabling Shell Logins

5.2 Verification of Credentials

5.3 Password Files

5.4 Creating a Password File for a ROMFS File System
Index

1.0 Overview

The NSH Library. The apps/nshlib sub-directory contains the NuttShell (NSH) library. This library can easily to linked to produce a NSH application (See as an example apps/examples/nsh). The NSH Library provides a simple shell application for NuttX.

1.1 Console/NSH Front End

NSH Consoles. Using settings in the configuration file, NSH may be configured to use (1) the serial stdin/out, (2) a USB serial device (such as CDC/ACM), or (3) a telnet connection as the console. Or, perhaps even all at once since or BOTH. An indefinite number of telnet sessions are supported.

Start-Up prompt. When NSH is started, you will see the a welcome message such the following on the selected console:

    NuttShell (NSH)
    nsh>
    
The greating may also include NuttX versioning information if you are using a versioned copy of NuttX. nsh> is the NSH prompt and indicates that you may enter a command from the console.

Extended Command Line Editing. By default, NuttX uses a simple command line editor that allows command entry after the nsh> and supports only the backspace key for editing. However, a more complete command line editor can be selected by setting CONFIG_NSH_CLE=y in the NuttX configuration file. When that option is selected, the following EMACS-like line editing commands are supported:

Key Binding Editor Action
^A Move cursor to start of the line
^B Move left one character
^D or Del Delete a single character at the cursor position
^E Move cursor to end of current line
^F Move right one character
^H or Backspace Delete character, left (backspace)
^K Delete to the end of the line
^U Delete the entire line

1.2 Command Overview

Simple, Re-directed, and Background Commands. The NuttShell (NSH) is a simple shell application. NSH supports the following commands forms:

    Simple command: <cmd>
    Command with re-directed output: <cmd> > <file>
    <cmd> >> <file>
    Background command: <cmd> &
    Re-directed background command: <cmd> > <file> &
    <cmd> >> <file> &

Where:

    <cmd> is any one of the simple commands listed later.
    <file> is the full or relative path to any writable object in the filesystem name space (file or character driver). Such objects will be referred to simply as files throughout this document.

nice'd Background Commands NSH executes at the mid-priority (128). Backgrounded commands can be made to execute at higher or lower priorities using nice:

    [nice [-d <niceness>>]] <cmd> [> <file>|>> <file>] [&]

Where <niceness> is any value between -20 and 19 where lower (more negative values) correspond to higher priorities. The default niceness is 10.

Multiple commands per line. NSH will accept multiple commands per command line with each command separated with the semi-colon character (;).

Optional Syntax Extensions Because these features commit significant resources, it is disabled by default.

  • CONFIG_NSH_CMDPARMS. If selected, then the output from commands, from file applications, and from NSH built-in commands can be used as arguments to other commands. The entity to be executed is identified by enclosing the command line in back quotes. For example,

      set FOO `myprogram $BAR`
      

    Will execute the program named myprogram passing it the value of the environment variable BAR. The value of the environment variable FOO is then set output of myprogram on stdout.

  • CONFIG_NSH_ARGCAT. Support concatenation of strings with environment variables or command output. For example:
      set FOO XYZ
      set BAR 123
      set FOOBAR ABC_${FOO}_${BAR}
      
    would set the environment variable FOO to XYZ, BAR to 123 and FOOBAR to ABC_XYZ_123. If CONFIG_NSH_ARGCAT is not selected, then a slightly small FLASH footprint results but then also only simple environment variables like $FOO can be used on the command line.

1.3 Conditional Command Execution

An if-then[-else]-fi construct is also supported in order to support conditional execution of commands. This works from the command line but is primarily intended for use within NSH scripts (see the sh commnd). The syntax is as follows:

    if <cmd>
    then
      [sequence of <cmd>]
    else
      [sequence of <cmd>]
    fi
    

1.4 Looping

Looping Constructs. while-do-done and until-do-done looping constructs are also supported. These work from the command line but are primarily intended for use within NSH scripts (see the sh command).

  • while-do-done. Execute [sequence of <cmd>] as long as <cmd> has an exit status of zero. The syntax is as follows:

      while <cmd>
      do
        [sequence of <cmd>]
      done
      

  • until-do-done Execute [sequence of <cmd>] as long as <cmd> has a non-zero exit status. The syntax is as follows:

      until <cmd>
      do
        [sequence of <cmd>]
      done
      

The break Command. A break command is also supported. The break command is only meaningful within the body of the a while or until loop, between the do and done tokens. If the break command is executed within the body of a loop, the loop will immediately terminate and execution will continue with the next command immediately following the done token.

1.5 Built-In Variables

    $? The result of the last simple command execution. On backgrounded commands, this variable holds only the result of spawning the background command.

1.6 Current Working Directory

cd and pwd. All path arguments to commands may be either an absolute path or a path relative to the current working directory. The current working directory is set using the cd command and can be queried either by using the pwd command or by using the echo $PWD command.

1.7 Environment Variables

Environment Variables:

    PWDThe current working directory
    OLDPWDThe previous working directory

1.8 NSH Start-Up Script

NSH Start-Up Script. NSH supports options to provide a start up script for NSH. In general this capability is enabled with CONFIG_NSH_ROMFSETC, but has several other related configuration options as described with the NSH-specific configuration settings. This capability also depends on:

  • CONFIG_DISABLE_MOUNTPOINT not set
  • CONFIG_NFILE_DESCRIPTORS > 4
  • CONFIG_FS_ROMFS enabled

Default Start-Up Behavior. The implementation that is provided is intended to provide great flexibility for the use of Start-Up files. This paragraph will discuss the general behavior when all of the configuration options are set to the default values.

In this default case, enabling CONFIG_NSH_ROMFSETC will cause NSH to behave as follows at NSH startup time:

  • NSH will create a read-only RAM disk (a ROM disk), containing a tiny ROMFS filesystem containing the following:
      `--init.d/
           `-- rcS
      
    Where rcS is the NSH start-up script.
  • NSH will then mount the ROMFS filesystem at /etc, resulting in:
      |--dev/
      |   `-- ram0
      `--etc/
          `--init.d/
              `-- rcS
      
  • By default, the contents of rcS script are:
      # Create a RAMDISK and mount it at XXXRDMOUNTPOINTXXX
      
      mkrd -m 1 -s 512 1024
      mkfatfs /dev/ram1
      mount -t vfat /dev/ram1 /tmp
      
  • NSH will execute the script at /etc/init.d/rcS at start-up (before the first NSH prompt. After execution of the script, the root FS will look like:
      |--dev/
      |   |-- ram0
      |   `-- ram1
      |--etc/
      |   `--init.d/
      |       `-- rcS
      `--tmp/
      

Modifying the ROMFS Image. The contents of the /etc directory are retained in the file apps/nshlib/nsh_romfsimg.h OR, if CONFIG_NSH_ARCHROMFS is defined, include/arch/board/rcs.template). In order to modify the start-up behavior, there are three things to study:

  1. Configuration Options. The additional CONFIG_NSH_ROMFSETC configuration options discussed with the other NSH-specific configuration settings.
  2. tools/mkromfsimg.sh Script. The script tools/mkromfsimg.sh creates nsh_romfsimg.h. It is not automatically executed. If you want to change the configuration settings associated with creating and mounting the /tmp directory, then it will be necessary to re-generate this header file using the tools/mkromfsimg.sh script.

    The behavior of this script depends upon three things:

    • The configuration settings then installed configuration.
    • The genromfs tool (available from http://romfs.sourceforge.net).
    • The file apps/nshlib/rcS.template (OR, if CONFIG_NSH_ARCHROMFS is defined include/arch/board/rcs.template.

  3. rcS.template. The file apps/nshlib/rcS.template contains the general form of the rcS file; configured values are plugged into this template file to produce the final rcS file.

NOTE: apps/nshlib/rcS.template generates the standard, default nsh_romfsimg.h file. If CONFIG_NSH_ARCHROMFS is defined in the NuttX configuration file, then a custom, board-specific nsh_romfsimg.h file residing in configs/<board>/include will be used. NOTE when the OS is configured, include/arch/board will be linked to configs/<board>/include.

All of the startup-behavior is contained in rcS.template. The role of mkromfsimg.sh is to (1) apply the specific configuration settings to rcS.template to create the final rcS, and (2) to generate the header file nsh_romfsimg.h containg the ROMFS file system image.

Further Information. See the section on Customizing the NuttShell for additional, more detailed information about the NSH start-up script and how to modify it.

2.0 Commands

2.1 Evaluate Expression (test)

Command Syntax:

    [ <expression> ]
    test <expression>
    

Synopsis. These are two alternative forms of the same command. They support evaluation of a boolean expression which sets $?. This command is used most frequently as the conditional command following the if in the if-then[-else]-fi construct.

Expression Syntax:

    expression = simple-expression | !expression | expression -o expression | expression -a expression

    simple-expression = unary-expression | binary-expression

    unary-expression = string-unary | file-unary

    string-unary = -n string | -z string

    file-unary = -b file | -c file | -d file | -e file | -f file | -r file | -s file | -w file

    binary-expression = string-binary | numeric-binary

    string-binary = string = string | string == string | string != string

    numeric-binary = integer -eq integer | integer -ge integer | integer -gt integer | integer -le integer | integer -lt integer | integer -ne integer

2.2 Add a Routing Table Entry (addroute)

Command Syntax:

    addroute <target> <netmask> <router>
    

Synopsis. This command adds an entry in the routing table. The new entry will map the IP address of a router on a local network(<router>) to an external network characterized by the <target> IP address and a network mask <netmask>

Example:

    nsh> addroute 1.1.1.1 2.2.2.2 3.3.3.3
    

2.3 Access the ARP table (arp)

Command Syntax:

    arp [-a <ipaddr> |-d <ipaddr> |-s <ipaddr> <hwaddr>]
    

Synopsis. Access the OS ARP table.

    -a <ipaddr>
    Will show the hardware address that the IP address <ipaddr> is mapped to.
    -d <ipaddr>
    Will delete the mapping for the IP address <ipaddr> from the ARP table.
    -s <ipaddr> <hwaddr>
    Will set (or replace) the mapping of the IP address <ipaddr> to the hardware address <hwaddr>.

Example:

    nsh> arp -a 10.0.0.1
    nsh: arp: no such ARP entry: 10.0.0.1
    
    nsh> arp -s 10.0.0.1 00:13:3b:12:73:e6
    nsh> arp -a 10.0.0.1
    HWAddr: 00:13:3b:12:73:e6
    
    nsh> arp -d 10.0.0.1
    nsh> arp -a 10.0.0.1
    nsh: arp: no such ARP entry: 10.0.0.1
    

2.4 Base64 Decode (base64dec)

Command Syntax:

    base64dec [-w] [-f] <string or filepath>
    

Synopsis. To be provided.

2.5 Base64 Encode (base64enc)

Command Syntax:

    base64enc [-w] [-f] <string or filepath>
    

Synopsis. To be provided.

2.6 Extract Base File/Directory Name (basename)

Command Syntax:

    basename <path> [<suffix>]
    

Synopsis. Extract the final string from a <path> by removing the preceding path segments and (optionally) removing any trailing <suffix>.

2.7 Terminate a Loop (break)

Command Syntax:

    break
    

Synopsis. The break command is only meaningful within the body of the a while or until loop, between the do and done tokens. Outside of a loop, break command does nothing. If the break command is executed within the body of a loop, the loop will immediately terminate and execution will continue with the next command immediately following the done token.

2.8 Concatenate Files (cat)

Command Syntax:

    cat <path> [<path> [<path> ...]]
    

Synopsis. This command copies and concatentates all of the files at <path> to the console (or to another file if the output is redirected).

2.9 Change Current Working Directory (cd)

Command Syntax:

    cd [<dir-path>|-|~|..]
    

Synopsis. Changes the current working directory (PWD). Also sets the previous working directory environment variable (OLDPWD).

Forms:

    cd <dir-path> sets the current working directory to <dir-path>.
    cd - sets the current working directory to the previous working directory ($OLDPWD). Equivalent to cd $OLDPWD.
    cd or cd ~ set the current working directory to the 'home' directory. The home directory can be configured by setting CONFIG_LIB_HOMEDIR in the configuration file. The default home directory is /.
    cd .. sets the current working directory to the parent directory.

2.10 Compare Files (cmp)

Command Syntax:

    cmp <path1> <path2>
    

Synopsis. Compare of the contents of the file at <path1> with the contents of the file at <path2>. Returns an indication only if the files differ.

2.11 Copy Files (cp)

Command Syntax:

    cp <source-path> <dest-path>
    

Synopsis. Copy of the contents of the file at <source-path> to the location in the filesystem indicated by <dest-path>.

2.12 Show or set the date and time (date)

Command Syntax:

    date [-s "MMM DD HH:MM:SS YYYY"]
    

Synopsis. Show or set the current date and time.

Only one format is used both on display and when setting the date/time: MMM DD HH:MM:SS YYYY. For example,

    data -s "Sep 1 11:30:00 2011"
    

24-hour time is used.

2.13 Copy and Convert Files (dd)

Command Syntax:

    dd if=<infile> of=<outfile> [bs=<sectsize>] [count=<sectors>] [skip=<sectors>]
    

Synopsis. Copy blocks from <infile> to <outfile>. <infile> or <outfile> may be the path to a standard file, a character device, or a block device. Examples follow:

  1. Read from character device, write to regular file. This will create a new file of the specified size filled with zero.
      nsh> ls -l /dev
      /dev:
       crw-rw-rw-       0 zero
      nsh> dd if=/dev/zero of=/tmp/zeros bs=64 count=16
      nsh> ls -l /tmp
      /tmp:
       -rw-rw-rw-    1024 ZEROS
      
  2. Read from character device, write to block device. This will fill the entire block device with zeros.
    • nsh> ls -l /dev
      /dev:
       brw-rw-rw-       0 ram0
       crw-rw-rw-       0 zero
      nsh> dd if=/dev/zero of=/dev/ram0
      
  3. Read from a block devic, write to a character device. This will read the entire block device and dump the contents in the bit bucket.
    • nsh> ls -l /dev
      /dev:
       crw-rw-rw-       0 null
       brw-rw-rw-       0 ram0
      nsh> dd if=/dev/ram0 of=/dev/null
      

2.14 Delete a Routing Table Entry (delroute)

Command Syntax:

    delroute <target> <netmask>
    

Synopsis. The entry removed will be the first entry in the routing table that matches the external network characterized by the <target> IP address and the network mask <netmask>

Example:

    nsh> delroute 1.1.1.1 2.2.2.2
    

2.15 Show Volume Status (df)

Command Syntax:

    df [-h]
    

Synopsis. Show the state of each mounted volume. As an example:

    nsh> mount
      /etc type romfs
      /tmp type vfat
    nsh> df
      Block  Number
      Size   Blocks     Used Available Mounted on
        64        6        6         0 /etc
       512      985        2       983 /tmp
    nsh>
    

If CONFIG_NSH_CMDOPT_DF_H is defined in the NuttX configuration, then the df will also support an option -h which may be used to show the volume information in human readable format.

2.16 Extract Path to a File/Directory (dirname)

Command Syntax:

    dirname <path>
    

Synopsis. Extract the path string leading up to the full <path> by removing the final directory or file name.

2.17 Echo Strings and Variables (echo)

Command Syntax:

    echo [<string|$name> [<string|$name>...]]
    

Synopsis. Copy the sequence of strings and expanded environment variables to console output (or to a file if the output is re-directed).

2.18 Execute User Code (exec)

Command Syntax:

    exec <hex-address>
    

Synopsis. Execute the user logic at address <hex-address>. NSH will pause until the execution unless the user logic is executed in background via exec <hex-address> &.

2.19 Exit NSH (exit)

Command Syntax:

    exit
    

Synopsis. Exit NSH. Only useful for the serial front end if you have started some other tasks (perhaps using the exec command) and you would like to have NSH out of the way. For the telnet front-end, exit terminates the telenet session.

2.20 Show Memory Manager Status (free)

Command Syntax:

    free
    

Synopsis. Show the current state of the memory allocator. For example,

    nsh> free
                 total       used       free    largest
    Mem:       4194288    1591552    2602736    2601584
    nsh>
    

Where:

    total This is the total size of memory allocated for use by malloc in bytes.
    used This is the total size of memory occupied by chunks handed out by malloc.
    free This is the total size of memory occupied by free (not in use) chunks.
    largest Size of the largest free (not in use) chunk.

2.21 Get File Via TFTP (get)

Command Syntax:

    get [-b|-n] [-f <local-path>] -h <ip-address> <remote-path>
    

Synopsis. Copy the file at <remote-address> from the host whose IP address is identified by <ip-address>.

Other options:

    -f <local-path> The file will be saved relative to the current working directory unless <local-path> is provided.
    -b|-n Selects either binary ("octet") or test ("netascii") transfer mode. Default: text.

2.22 Show Usage Command Usage (help)

Command Syntax:

    help [-v] [<cmd>]
    

Synopsis. Presents summary information about NSH commands to console.

Options:

    -v how verbose output will full command usage.
    <cmd> Show full command usage only for this command.

2.23 Hexadecimal Dump of File or Device (hexdump)

Command Syntax:

    hexdump <file or device>
    

Synopsis. Dump data in hexadecimal format from a file or character device.


2.24 Manage Network Configuration (ifconfig)

Command Syntax:

Synopsis. Multiple forms of the ifconfigcommand are supported:

  1. With one or no arguments, ifconfig will shows the current configuration of the network and, perhaps, the status of ethernet device:

      ifconfig
      ifconfig [nic_name]
      

    As an example:

      nsh> ifconfig
      eth0    HWaddr 00:18:11:80:10:06
              IPaddr:10.0.0.2 DRaddr:10.0.0.1 Mask:255.255.255.0
      

    If network statistics are enabled (CONFIG_NET_STATISTICS), then this command will also show the detailed state of network.

  2. If both the network interface name and an IP address are supplied as arguments, then ifconfig will set the address of the ethernet device:

      ifconfig nic_name ip_address
      
  3. Other forms to be provided

NOTE: This commands depends upon having the procfs file system configured into the system. The procfs file system must also have been mounted with a command like:

2.25 Take a network down (ifdown)

Command Syntax:

Synopsis. Take down the interface identified by the name <nic-name>.

Example:

2.26 Bring a network up (ifup)

Command Syntax:

Synopsis. Bring up down the interface identified by the name <nic-name>.

Example:

2.27 Install an OS module (insmod)

Command Syntax:

Synopsis. Install the loadable OS module at <file-path> as module <module-name>.

Example:

2.28 Send a signal to a task (kill)

Command Syntax:

Synopsis. Send the <signal> to the task identified by <pid>.

Example:

NOTE: NuttX does not support a FULL POSIX signalling system. Standard signals like SIGCHLD, SIGINTR, SIGKILL, etc. do not exist in NuttX and sending those signal may not have the result that you expect. Rather, NuttX supports only what are referred to as POSIX real-time signals. These signals may be used to communicate with running tasks, may be use to waiting waiting tasks, etc. But, as an example, kill -9 (SIGKILL) will not terminate a task.

2.29 Setup/teardown the Loop Device (losetup)

Command Syntax 1:

Synopsis. Setup the loop device at <dev-path> to access the file at <file-path> as a block device. In the following example a 256K file is created (dd) and losetup is used to make the file accessible as a block device. A FAT file system is created (mkfatfs) and mounted (mount). Files can then be managed on the loop-mounted file.

Command Syntax 2:

Synopsis. Teardown the setup for the loop device at <dev-path>.

2.30 List Directory Contents (ls)

Command Syntax:

Synopsis. Show the contents of the directory at <dir-path>. NOTE: <dir-path> must refer to a directory and no other filesystem object.

Options:

2.31 Show information about installed OS modules (lsmod)

Command Syntax:

Synopsis. Show information about the currently installed OS modules. This information includes:

Example:

2.32 Calculate MD5 (md5)

Command Syntax:

Synopsis. To be provided.

2.33 Access Memory (mb, mh, and mw)

Command Syntax:

Synopsis. Access memory using byte size access (mb), 16-bit accesses (mh), or 32-bit access (mw). In each case,

Example:

2.34 Show Current Tasks and Threads (ps)

Command Syntax:

Synopsis. Show the currently active threads and tasks. For example,

NOTE: This commands depends upon having the procfs file system configured into the system. The procfs file system must also have been mounted with a command like:

2.35 Create a Directory (mkdir)

Command Syntax:

Synopsis. Create the directory at <path>. All components of of <path> except the final directory name must exist on a mounted file system; the final directory must not.

Limited to Mounted File Systems. Recall that NuttX uses a pseudo filesystem for its root file system. The mkdir command can only be used to create directories in volumes set up with the mount command; it cannot be used to create directories in the pseudo filesystem.

Example:

2.36 Create a FAT Filesystem (mkfatfs)

Command Syntax:

Synopsis. Format a fat file system on the block device specified by <block-driver> path. The FAT size may be provided as an option. Without the <fatsize> option, mkfatfs will select either the FAT12 or FAT16 format. For historical reasons, if you want the FAT32 format, it must be explicitly specified on the command line.

NSH provides this command to access the mkfatfs() NuttX API. This block device must reside in the NuttX pseudo filesystem and must have been created by some call to register_blockdriver() (see include/nuttx/fs/fs.h).

2.37 Create a FIFO (mkfifo)

Command Syntax:

Synopsis. Creates a FIFO character device anywhere in the pseudo file system, creating whatever pseudo directories that may be needed to complete the <path>. By convention, however, device drivers are place in the standard /dev directory. After it is created, the FIFO device may be used as any other device driver. NSH provides this command to access the mkfifo() NuttX API.

Example

2.38 Create a RAMDISK (mkrd)

Command Syntax:

Synopsis. Create a ramdisk consisting of <nsectors>, each of size <sector-size> (or 512 bytes if <sector-size> is not specified. The ramdisk will be registered as /dev/ram<n> (if <n> is not specified, mkrd will attempt to register the ramdisk as /dev/ram0.

Example

Once the ramdisk has been created, it may be formatted using the mkfatfs command and mounted using the mount command.

Example

2.39 Mount a File System (mount)

Command Syntax:

Synopsis. The mount command performs one of two different operations. If no parameters are provided on the command line after the mount command, then the mount command will enumerate all of the current mountpoints on the console.

If the mount parameters are provied on the command after the mount command, then the mount command will mount a file system in the NuttX pseudo-file system. mount' performs a three way association, binding:

  1. File system. The '-t <fstype>' option identifies the type of file system that has been formatted on the <block-device>. As of this writing, vfat is the only supported value for <fstype>
  2. Block Device. The <block-device> argument is the full or relative path to a block driver inode in the pseudo filesystem. By convention, this is a name under the /dev sub-directory. This <block-device> must have been previously formatted with the same file system type as specified by <fstype>
  3. Mount Point. The mount point, <dir-path>, is the location in the pseudo filesystem where the mounted volume will appear. This mount point can only reside in the NuttX pseudo filesystem. By convention, this mount point is a subdirectory under /mnt. The mount command will create whatever pseudo directories that may be needed to complete the full path but the full path must not already exist.

After the volume has been mounted in the NuttX pseudo filesystem, it may be access in the same way as other objects in thefile system.

Examples:

Using mount to mount a file system:

Using mount to enumerate mounts:

2.40 Rename a File (mv)

Command Syntax:

Synopsis. Rename the file object at <old-path> to <new-path>. Both paths must reside in the same mounted filesystem.

2.41 Mount an NFS file system (nfsmount)

Command Syntax:

Synopsis. Mount the remote NFS server directory<remote-path> at <mount-point> on the target machine. <server-address> is the IP address of the remote server.

2.42 Lookup a network address (nslookup)

Command Syntax:

Synopsis. Lookup and print the IP address associated with <host-name>.

2.43 Change a User's Password (passwd)

Command Syntax:

Synopsis. Set the password for the existing user <username> to <password>.

2.44 Check Network Peer (ping/ping6)

Command Syntax:

Synopsis. Test the network communication with a remote peer. Example,

ping6 differs from ping in that it uses IPv6 addressing.

2.45 Shut the system down (poweroff)

Command Syntax:

Synopsis. Shutdown and power off the system immediately. This command depends on hardware support to power down the system.

NOTE: Supporting both the poweroff and shutdown commands is redundant.

2.46 Send File Via TFTP (put)

Command Syntax:

Synopsis. Copy the file at <local-address> to the host whose IP address is identified by <ip-address>.

Other options:

2.47 Show Current Working Directory (pwd)

Command Syntax:

Synopsis. Show the current working directory.

Same as echo $PWD.

2.48 Reboot the system (reboot)

Command Syntax:

Synopsis. Reset and reboot the system immediately. This command depends on hardware support to reset the system.

NOTE: Supporting both the reboot and shutdown commands is redundant.

2.49 Remove a File (rm)

Command Syntax:

Synopsis. Remove the specified <file-path> name from the mounted file system. Recall that NuttX uses a pseudo filesystem for its root file system. The rm command can only be used to remove (unlink) files in volumes set up with the mount command; it cannot be used to remove names in the pseudo filesystem.

Example:

2.50 Remove a Directory (rmdir)

Command Syntax:

Synopsis. Remove the specified <dir-path> directory from the mounted file system. Recall that NuttX uses a pseudo filesystem for its root file system. The rmdir command can only be used to remove directories from volumes set up with the mount command; it cannot be used to remove directories from the pseudo filesystem.

Example:

2.51 Remove on OS Module (rmmod)

Command Syntax:

Synopsis. Remove the loadable OS module with the <module-name>. NOTE: An OS module can only be removed if it is not busy.

Example:

2.52 Set an Environment Variable (set)

Command Syntax:

Synopsis. Set the environment variable <name> to the string <value>. For example,

2.53 Execute an NSH Script (sh)

Command Syntax:

Synopsis. Execute the sequence of NSH commands in the file referred to by <script-path>.

2.54 Shut the system down (shutdown)

Command Syntax:

Synopsis. Shutdown and power off the system or, optionally, reset and reboot the system immediately. This command depends on hardware support to power down or reset the system; one, both, or neither behavior may be supported.

NOTE: The shutdown command duplicates the behavior of the poweroff and eboot commands.

2.55 Wait for Seconds (sleep)

Command Syntax:

Synopsis. Pause execution (sleep) for <sec> seconds.

2.56 Time execution of another command (time)

Command Syntax:

Synopsis. Perform command timing. This command will execute the following <command> string and then show how much time was required to execute the command. Time is shown with a resolution of 100 microseconds which may be beyond the resolution of many configurations. Note that the <command> must be enclosed in quotation marks if it contains spaces or other delimiters.

Example:

The additional 10 millseconds in this example is due to the way that the sleep command works: It always waits one system clock tick longer than requested and this test setup used a 10 millisecond periodic system timer. Sources of error could include various quantization errors, competing CPU usage, and the additional overhead of the time command execution itself which is included in the total.

The reported time is the elapsed time from starting of the command to completion of the command. This elapsed time may not necessarily be just the processing time for the command. It may included interrupt level processing, for example. In a busy system, command processing could be delayed if pre-empted by other, higher priority threads competing for CPU time. So the reported time includes all CPU processing from the start of the command to its finish possibly including unrelated processing time during that interval.

Notice that:

Since the sleep command is executed in background, the sleep command completes almost immediately. As opposed to the following where the time command is run in background with the sleep command:

2.57 Unmount a File System (umount)

Command Syntax:

Synopsis. Un-mount the file system at mount point <dir-path>. The umount command can only be used to un-mount volumes previously mounted using mount command.

Example:

2.58 Print system information (uname)

Command Syntax:

Synopsis. Print certain system information. With no options, the output is the same as -s.

2.59 Unset an Environment Variable (unset)

Command Syntax:

Synopsis. Remove the value associated with the environment variable <name>. Example:

2.60 URL Decode (urldecode)

Command Syntax:

Synopsis. To be provided.

2.61 URL Encode (urlencode)

Command Syntax:

Synopsis. To be provided.

2.62 Add a New User (useradd)

Command Syntax:

Synopsis. Add a new user with <username> and <password>.

2.63 Delete a user (userdel)

Command Syntax:

Synopsis. Delete the user with the name <username>.

2.64 Wait for Microseconds (usleep)

Command Syntax:

Synopsis. Pause execution (sleep) of <usec> microseconds.

2.65 Get File Via HTTP (wget)

Command Syntax:

Synopsis. Use HTTP to copy the file at <url> to the current directory.

Options:

2.66 Hexadecimal Dump of Memory (xd)

Command Syntax:

Synopsis. Dump <byte-count> bytes of data from address <hex-address>.

Example:

3.0 Configuration Settings

The availability of the above commands depends upon features that may or may not be enabled in the NuttX configuration file. The following table indicates the dependency of each command on NuttX configuration settings. General configuration settings are discussed in the NuttX Porting Guide. Configuration settings specific to NSH as discussed at the bottom of this document.

Note that in addition to general NuttX configuation settings, each NSH command can be individually disabled via the settings in the rightmost column. All of these settings make the configuration of NSH potentially complex but also allow it to squeeze into very small memory footprints.

3.1 Command Dependencies on Configuration Settings

Table. Command Dependencies on Configuration Settings

Command Depends on Configuration Can Be Disabled with
[ !CONFIG_NSH_DISABLESCRIPT CONFIG_NSH_DISABLE_TEST
addroute CONFIG_NET && CONFIG_NET_ROUTE CONFIG_NSH_DISABLE_ADDROUTE
arp CONFIG_NET && CONFIG_NET_ARP CONFIG_NSH_DISABLE_ARP
base64dec CONFIG_NETUTILS_CODECS && CONFIG_CODECS_BASE64 CONFIG_NSH_DISABLE_BASE64DEC
base64enc CONFIG_NETUTILS_CODECS && CONFIG_CODECS_BASE64 CONFIG_NSH_DISABLE_BASE64ENC
basename   CONFIG_NSH_DISABLE_BASENAME
break !CONFIG_NSH_DISABLESCRIPT && !CONFIG_NSH_DISABLE_LOOPS  
cat CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_CAT
cd !CONFIG_DISABLE_ENVIRON && CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_CD
cmp CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_CMP
cp CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_CP
date
CONFIG_NSH_DISABLE_DATE
dd CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_DD
delroute CONFIG_NET && CONFIG_NET_ROUTE CONFIG_NSH_DISABLE_DELROUTE
df !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_READABLE3 CONFIG_NSH_DISABLE_DF
dirname   CONFIG_NSH_DISABLE_DIRNAME
echo
CONFIG_NSH_DISABLE_ECHO
exec
CONFIG_NSH_DISABLE_EXEC
exit
CONFIG_NSH_DISABLE_EXIT
free
CONFIG_NSH_DISABLE_FREE
get CONFIG_NET && CONFIG_NET_UDP && CONFIG_NFILE_DESCRIPTORS > 0 && MTU >= 5581 CONFIG_NSH_DISABLE_GET
help5
CONFIG_NSH_DISABLE_HELP
hexdump CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_HEXDUMP
ifconfig CONFIG_NET && CONFIG_FS_PROCFS && !CONFIG_FS_PROCFS_EXCLUDE_NET CONFIG_NSH_DISABLE_IFCONFIG
ifdown CONFIG_NET && CONFIG_FS_PROCFS && !CONFIG_FS_PROCFS_EXCLUDE_NET CONFIG_NSH_DISABLE_IFUPDOWN
ifup CONFIG_NET && CONFIG_FS_PROCFS && !CONFIG_FS_PROCFS_EXCLUDE_NET CONFIG_NSH_DISABLE_IFUPDOWN
insmod CONFIG_MODULE CONFIG_NSH_DISABLE_MODCMDS
kill !CONFIG_DISABLE_SIGNALS CONFIG_NSH_DISABLE_KILL
losetup !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_DEV_LOOP CONFIG_NSH_DISABLE_LOSETUP
ls CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_LS
lsmod CONFIG_MODULE && CONFIG_FS_PROCFS && !CONFIG_FS_PROCFS_EXCLUDE_MODULE CONFIG_NSH_DISABLE_MODCMDS
md5 CONFIG_NETUTILS_CODECS && CONFIG_CODECS_HASH_MD5 CONFIG_NSH_DISABLE_MD5
mb,mh,mw
CONFIG_NSH_DISABLE_MB,
CONFIG_NSH_DISABLE_MH,
CONFIG_NSH_DISABLE_MW
mkdir (((!CONFIG_DISABLE_MOUNTPOINT && CONFIG_FS_WRITABLE) || !CONFIG_DISABLE_PSEUDOFS_OPERATIONS) && CONFIG_NFILE_DESCRIPTORS > 0)4 CONFIG_NSH_DISABLE_MKDIR
mkfatfs !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_FAT CONFIG_NSH_DISABLE_MKFATFS
mkfifo CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_MKFIFO
mkrd !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_WRITABLE4 CONFIG_NSH_DISABLE_MKRD
mount !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_READABLE3 CONFIG_NSH_DISABLE_MOUNT
mv (((!CONFIG_DISABLE_MOUNTPOINT && CONFIG_FS_WRITABLE) || !CONFIG_DISABLE_PSEUDOFS_OPERATIONS) && CONFIG_NFILE_DESCRIPTORS > 0)4 CONFIG_NSH_DISABLE_MV
nfsmount !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_NET && CONFIG_NFS CONFIG_NSH_DISABLE_NFSMOUNT
nslookup CONFIG_LIBC_NETDB && CONFIG_NETDB_DNSCLIENT CONFIG_NSH_DISABLE_NSLOOKUP
passwd !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_WRITABLE && CONFIG_NSH_LOGIN_PASSWD CONFIG_NSH_DISABLE_PASSWD
ping CONFIG_NET && CONFIG_NET_ICMP && CONFIG_NET_ICMP_PING && !CONFIG_DISABLE_SIGNALS CONFIG_NSH_DISABLE_PING
ping6 CONFIG_NET && CONFIG_NET_ICMPv6 && CONFIG_NET_ICMPv6_PING && !CONFIG_DISABLE_SIGNALS CONFIG_NSH_DISABLE_PING6
poweroff CONFIG_BOARDCTL_POWEROFF CONFIG_NSH_DISABLE_POWEROFF
ps CONFIG_FS_PROCFS && !CONFIG_FS_PROCFS_EXCLUDE_PROC CONFIG_NSH_DISABLE_PS
put CONFIG_NET && CONFIG_NET_UDP && CONFIG_NFILE_DESCRIPTORS > 0 && MTU >= 5581,2 CONFIG_NSH_DISABLE_PUT
pwd !CONFIG_DISABLE_ENVIRON && CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_PWD
reboot CONFIG_BOARD_RESET CONFIG_NSH_DISABLE_REBOOT
rm (((!CONFIG_DISABLE_MOUNTPOINT && CONFIG_FS_WRITABLE) || !CONFIG_DISABLE_PSEUDOFS_OPERATIONS) && CONFIG_NFILE_DESCRIPTORS > 0)4 CONFIG_NSH_DISABLE_RM
rmdir (((!CONFIG_DISABLE_MOUNTPOINT && CONFIG_FS_WRITABLE) || !CONFIG_DISABLE_PSEUDOFS_OPERATIONS) && CONFIG_NFILE_DESCRIPTORS > 0)4 CONFIG_NSH_DISABLE_RMDIR
rmmod CONFIG_MODULE CONFIG_NSH_DISABLE_MODCMDS
set !CONFIG_DISABLE_ENVIRON CONFIG_NSH_DISABLE_SET
sh CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_NFILE_STREAMS > 0 && !CONFIG_NSH_DISABLESCRIPT CONFIG_NSH_DISABLE_SH
shutdown CONFIG_BOARDCTL_POWEROFF || CONFIG_BOARD_RESET CONFIG_NSH_DISABLE_SHUTDOWN
sleep !CONFIG_DISABLE_SIGNALS CONFIG_NSH_DISABLE_SLEEP
test !CONFIG_NSH_DISABLESCRIPT CONFIG_NSH_DISABLE_TEST
time   CONFIG_NSH_DISABLE_TIME
umount !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_READABLE3 CONFIG_NSH_DISABLE_UMOUNT
uname br CONFIG_NSH_DISABLE_UNAME
unset !CONFIG_DISABLE_ENVIRON CONFIG_NSH_DISABLE_UNSET
urldecode !CONFIG_NETUTILS_CODECS && CONFIG_CODECS_URLCODE CONFIG_NSH_DISABLE_URLDECODE
urlencode !CONFIG_NETUTILS_CODECS && CONFIG_CODECS_URLCODE CONFIG_NSH_DISABLE_URLENCODE
useradd !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_WRITABLE && CONFIG_NSH_LOGIN_PASSWD CONFIG_NSH_DISABLE_USERADD
userdel !CONFIG_DISABLE_MOUNTPOINT && CONFIG_NFILE_DESCRIPTORS > 0 && CONFIG_FS_WRITABLE && CONFIG_NSH_LOGIN_PASSWD CONFIG_NSH_DISABLE_USERDEL
usleep !CONFIG_DISABLE_SIGNALS CONFIG_NSH_DISABLE_USLEEP
wget CONFIG_NET && CONFIG_NET_TCP && CONFIG_NFILE_DESCRIPTORS > 0 CONFIG_NSH_DISABLE_WGET
xd
CONFIG_NSH_DISABLE_XD

1 Because of hardware padding, the actual required packet size may be larger
2 Special TFTP server start-up optionss will probably be required to permit creation of files for the correct operation of the put command.
3 CONFIG_FS_READABLE is not a user configuration but is set automatically if any readable filesystem is selected. At present, this is either CONFIG_FS_FAT or CONFIG_FS_ROMFS.
4 CONFIG_FS_WRITABLE is not a user configuration but is set automatically if any writable filesystem is selected. At present, this is only CONFIG_FS_FAT.
5 Verbose help output can be suppressed by defining CONFIG_NSH_HELP_TERSE. In that case, the help command is still available but will be slightly smaller.

3.2 NSH-Specific Configuration Settings

The behavior of NSH can be modified with the following settings in the configs/<board-name>/defconfig file:

Configuration Description
CONFIG_NSH_READLINE Selects the minimal implementation of readline(). This minimal implementation provides on backspace for command line editing. It expects some minimal VT100 command support from the terminal.
CONFIG_NSH_CLE Selects the more extensive, EMACS-like command line editor. Select this option only if (1) you don't mind a modest increase in the FLASH footprint, and (2) you work with a terminal that supports extensive VT100 editing commands. Selecting this option will add probably 1.5-2KB to the FLASH footprint.
CONFIG_NSH_BUILTIN_APPS Support external registered, "builtin" applications that can be executed from the NSH command line (see apps/README.txt for more information). This required CONFIG_BUILTIN to enable NuttX support for "builtin" applications.
CONFIG_NSH_FILEIOSIZE Size of a static I/O buffer used for file access (ignored if there is no filesystem). Default is 1024.
CONFIG_NSH_STRERROR strerror(errno) makes more readable output but strerror() is very large and will not be used unless this setting is y. This setting depends upon the strerror() having been enabled with CONFIG_LIBC_STRERROR.
CONFIG_NSH_LINELEN The maximum length of one command line and of one output line. Default: 80
CONFIG_NSH_DISABLE_SEMICOLON By default, you can enter multiple NSH commands on a line with each command separated by a semicolon. You can disable this feature to save a little memory on FLASH challenged platforms. Default: n
CONFIG_NSH_CMDPARMS If selected, then the output from commands, from file applications, and from NSH built-in commands can be used as arguments to other commands. The entity to be executed is identified by enclosing the command line in back quotes. For example,
    set FOO `myprogram $BAR
    
will execute the program named myprogram passing it the value of the environment variable BAR. The value of the environment variable FOO is then set output of myprogram on stdout. Because this feature commits significant resources, it is disabled by default.
CONFIG_NSH_TMPDIR If CONFIG_NSH_CMDPARMS is selected, then function output will be retained in a temporary file. In that case, this string must be provided to specify the full path to a directory where temporary files can be created. This would be a good application of RAM disk: To provide temporary storage for function output.
CONFIG_NSH_MAXARGUMENTS The maximum number of NSH command arguments. Default: 6
CONFIG_NSH_ARGCAT Support concatenation of strings with environment variables or command output. For example:
    set FOO XYZ
    set BAR 123
    set FOOBAR ABC_${FOO}_${BAR}
    
would set the environment variable FOO to XYZ, BAR to 123 and FOOBAR to ABC_XYZ_123. If CONFIG_NSH_ARGCAT is not selected, then a slightly small FLASH footprint results but then also only simple environment variables like $FOO can be used on the command line.
CONFIG_NSH_NESTDEPTH The maximum number of nested if-then[-else]-fi sequences that are permissable. Default: 3
CONFIG_NSH_DISABLESCRIPT This can be set to y to suppress support for scripting. This setting disables the sh, test, and [ commands and the if-then[-else]-fi construct. This would only be set on systems where a minimal footprint is a necessity and scripting is not.
CONFIG_NSH_DISABLE_ITEF If scripting is enabled, then then this option can be selected to suppress support for if-then-else-fi sequences in scripts. This would only be set on systems where some minimal scripting is required but if-then-else-fi is not.
CONFIG_NSH_DISABLE_LOOPS If scripting is enabled, then then this option can be selected suppress support for while-do-done and until-do-done sequences in scripts. This would only be set on systems where some minimal scripting is required but looping is not.
CONFIG_NSH_DISABLEBG This can be set to y to suppress support for background commands. This setting disables the nice command prefix and the & command suffix. This would only be set on systems where a minimal footprint is a necessity and background command execution is not.
CONFIG_NSH_MMCSDMINOR If the architecture supports an MMC/SD slot and if the NSH architecture specific logic is present, this option will provide the MMC/SD minor number, i.e., the MMC/SD block driver will be registered as /dev/mmcsdN where N is the minor number. Default is zero.
CONFIG_NSH_ROMFSETC Mount a ROMFS filesystem at /etc and provide a startup script at /etc/init.d/rcS. The default startup script will mount a FAT FS RAMDISK at /tmp but the logic is easily extensible.
CONFIG_NSH_CONSOLE

If CONFIG_NSH_CONSOLE is set to y, then a serial console front-end is selected.

Normally, the serial console device is a UART and RS-232 interface. However, if CONFIG_USBDEV is defined, then a USB serial device may, instead, be used if the one of the following are defined:

  • CONFIG_PL2303 and CONFIG_PL2303_CONSOLE. Sets up the Prolifics PL2303 emulation as a console device at /dev/console.
  • CONFIG_CDCACM and CONFIG_CDCACM_CONSOLE. Sets up the CDC/ACM serial device as a console device at /dev/console.
  • CONFIG_NSH_USBCONSOLE. If defined, then the an arbitrary USB device may be used to as the NSH console. In this case, CONFIG_NSH_USBCONDEV must be defined to indicate which USB device to use as the console. The advantage of using a device other that /dev/console is that normal debug output can then use /dev/console while NSH uses CONFIG_NSH_USBCONDEV.

    CONFIG_NSH_USBCONDEV. If CONFIG_NSH_USBCONSOLE is set to 'y', then CONFIG_NSH_USBCONDEV must also be set to select the USB device used to support the NSH console. This should be set to the quoted name of a readable/write-able USB driver such as: CONFIG_NSH_USBCONDEV="/dev/ttyACM0".

If there are more than one USB slots, then a USB device minor number may also need to be provided:

  • CONFIG_NSH_UBSDEV_MINOR. The minor device number of the USB device. Default: 0

If USB tracing is enabled (CONFIG_USBDEV_TRACE), then NSH will initialize USB tracing as requested by the following. Default: Only USB errors are traced.

  • CONFIG_NSH_USBDEV_TRACEINIT. Show initialization events
  • CONFIG_NSH_USBDEV_TRACECLASS. Show class driver events
  • CONFIG_NSH_USBDEV_TRACETRANSFERS. Show data transfer events
  • CONFIG_NSH_USBDEV_TRACECONTROLLER. Show controller events
  • CONFIG_NSH_USBDEV_TRACEINTERRUPTS. Show interrupt-related events.
CONFIG_NSH_ALTCONDEV and CONFIG_NSH_CONDEV If CONFIG_NSH_CONSOLE is set to y, then CONFIG_NSH_ALTCONDEV may also be selected to enable use of an alternate character device to support the NSH console. If CONFIG_NSH_ALTCONDEV is selected, then CONFIG_NSH_CONDEV holds the quoted name of a readable/write-able character driver such as: CONFIG_NSH_CONDEV="/dev/ttyS1". This is useful, for example, to separate the NSH command line from the system console when the system console is used to provide debug output. Default: stdin and stdout (probably "/dev/console")
  • NOTE 1: When any other device other than /dev/console is used for a user interface, (1) linefeeds (\n) will not be expanded to carriage return / linefeeds (\r\n). You will need to configure your terminal program to account for this. And (2) input is not automatically echoed so you will have to turn local echo on.
  • NOTE 2: This option forces the console of all sessions to use NSH_CONDEV. Hence, this option only makes sense for a system that supports only a single session. This option is, in particular, incompatible with Telnet sessions because each Telnet session must use a different console device.
CONFIG_NSH_TELNET If CONFIG_NSH_TELNET is set to y, then a TELENET server front-end is selected. When this option is provided, you may log into NuttX remotely using telnet in order to access NSH.
CONFIG_NSH_ARCHINIT Set CONFIG_NSH_ARCHINIT if your board provides architecture specific initialization via the board-specific function board_app_initialize(). This function will be called early in NSH initialization to allow board logic to do such things as configure MMC/SD slots.

If Telnet is selected for the NSH console, then we must configure the resources used by the Telnet daemon and by the Telnet clients.

Configuration Description
CONFIG_NSH_TELNETD_PORT The telnet daemon will listen on this TCP port number for connections. Default: 23
CONFIG_NSH_TELNETD_DAEMONPRIO Priority of the Telnet daemon. Default: SCHED_PRIORITY_DEFAULT
CONFIG_NSH_TELNETD_DAEMONSTACKSIZE Stack size allocated for the Telnet daemon. Default: 2048
CONFIG_NSH_TELNETD_CLIENTPRIO Priority of the Telnet client. Default: SCHED_PRIORITY_DEFAULT
CONFIG_NSH_TELNETD_CLIENTSTACKSIZE Stack size allocated for the Telnet client. Default: 2048

One or both of CONFIG_NSH_CONSOLE and CONFIG_NSH_TELNET must be defined. If CONFIG_NSH_TELNET is selected, then there some other configuration settings that apply:

Configuration Description
CONFIG_NET=y Of course, networking must be enabled.
CONFIG_NSOCKET_DESCRIPTORS And, of course, you must allocate some socket descriptors.
CONFIG_NET_TCP=y TCP/IP support is required for telnet (as well as various other TCP-related configuration settings).
CONFIG_NSH_IOBUFFER_SIZE Determines the size of the I/O buffer to use for sending/ receiving TELNET commands/reponses
CONFIG_NSH_DHCPC Obtain the IP address via DHCP.
CONFIG_NSH_IPADDR If CONFIG_NSH_DHCPC is NOT set, then the static IP address must be provided.
CONFIG_NSH_DRIPADDR Default router IP address
CONFIG_NSH_NETMASK Network mask
CONFIG_NSH_NOMAC Set if your ethernet hardware has no built-in MAC address. If set, a bogus MAC will be assigned.
CONFIG_NSH_MAX_ROUNDTRIP This is the maximum round trip for a response to a ICMP ECHO request. It is in units of deciseconds. The default is 20 (2 seconds).

If you use DHCPC, then some special configuration network options are required. These include:

Configuration Description
CONFIG_NET=y Of course, networking must be enabled.
CONFIG_NSOCKET_DESCRIPTORS And, of course, you must allocate some socket descriptors.
CONFIG_NET_UDP=y UDP support is required for DHCP (as well as various other UDP-related configuration settings).
CONFIG_NET_BROADCAST=y UDP broadcast support is needed.
CONFIG_NET_ETH_MTU=650 (or larger) Per RFC2131 (p. 9), the DHCP client must be prepared to receive DHCP messages of up to 576 bytes (excluding Ethernet, IP, or UDP headers and FCS). NOTE: Note that the actual MTU setting will depend upon the specific link protocol. Here Ethernet is indicated.

If CONFIG_NSH_ROMFSETC is selected, then the following additional configuration setting apply:

Configuration Description
CONFIG_NSH_ARCHROMFS May be defined to specify an alternative ROMFS image that can be found at configs/<board>/include/nsh_romfsimg.h.
CONFIG_NSH_ROMFSMOUNTPT The default mountpoint for the ROMFS volume is "/etc", but that can be changed with this setting. This must be a absolute path beginning with '/' and enclosed in quotes.
CONFIG_NSH_INITSCRIPT This is the relative path to the startup script within the mountpoint. The default is "init.d/rcS". This is a relative path and must not start with '/' but must be enclosed in quotes.
CONFIG_NSH_ROMFSDEVNO This is the minor number of the ROMFS block device. The default is '0' corresponding to /dev/ram0.
CONFIG_NSH_ROMFSSECTSIZE This is the sector size to use with the ROMFS volume. Since the default volume is very small, this defaults to 64 but should be increased if the ROMFS volume were to be become large. Any value selected must be a power of 2.

When the default rcS file used when CONFIG_NSH_ROMFSETC is selected, it will mount a FAT FS under /tmp. The following selections describe that FAT FS.

Configuration Description
CONFIG_NSH_FATDEVNO This is the minor number of the FAT FS block device. The default is '1' corresponding to /dev/ram1.
CONFIG_NSH_FATSECTSIZE This is the sector size use with the FAT FS. Default is 512.

4.0 Customizing the NuttShell

Overview. The NuttShell (NSH) is a simple shell application that may be used with NuttX. It supports a variety of commands and is (very) loosely based on the bash shell and the common utilities used in Unix shell programming. The paragraphs in this appendix will focus on customizing NSH: Adding new commands, changing the initialization sequence, etc.

4.1 The NSH Library and NSH Initialization

Overview. NSH is implemented as a library that can be found at apps/nshlib. As a library, it can be custom built into any application that follows the NSH initialization sequence described below. As an example, the code at apps/examples/nsh/nsh_main.c illustrates how to start NSH and the logic there was intended to be incorporated into your own custom code. Although code was generated simply as an example, in the end most people just use this example code as their application main() function. That initialization performed by that example is discussed in the following paragraphs.

4.1.1 NSH Initialization sequence

The NSH start-up sequence is very simple. As an example, the code at apps/examples/nsh/nsh_main.c illustrates how to start NSH. It simple does the following:

  1. If you have C++ static initializers, it will call your implementation of up_cxxinitialize() which will, in turn, call those static initializers. For the case of the STM3240G-EVAL board, the implementation of up_cxxinitialize() can be found at nuttx/configs/stm3240g-eval/src/up_cxxinitialize.c.

  2. This function then calls nsh_initialize() which initializes the NSH library. nsh_initialize() is described in more detail below.

  3. If the Telnetconsole is enabled, it calls nsh_telnetstart() which resides in the NSH library. nsh_telnetstart() will start the Telnet daemon that will listen for Telnet connections and start remote NSH sessions.

  4. If a local console is enabled (probably on a serial port), then nsh_consolemain() is called. nsh_consolemain() also resides in the NSH library. nsh_consolemain() does not return so that finished the entire NSH initialization sequence.

4.1.2 nsh_initialize()

The NSH initialization function, nsh_initialize(), be found in apps/nshlib/nsh_init.c. It does only three things:

  1. nsh_romfsetc(): If so configured, it executes an NSH start-up script that can be found at /etc/init.d/rcS in the target file system. The nsh_romfsetc() function can be found in apps/nshlib/nsh_romfsetc.c. This function will (1) register a ROMFS file system, then (2) mount the ROMFS file system. /etc is the default location where a read-only, ROMFS file system is mounted by nsh_romfsetc().

    The ROMFS image is, itself, just built into the firmware. By default, this rcS start-up script contains the following logic:

      # Create a RAMDISK and mount it at XXXRDMOUNTPOINTXXX
      
      mkrd -m XXXMKRDMINORXXX -s XXMKRDSECTORSIZEXXX XXMKRDBLOCKSXXX
      mkfatfs /dev/ramXXXMKRDMINORXXX
      mount -t vfat /dev/ramXXXMKRDMINORXXX XXXRDMOUNTPOINTXXX
      

    Where the XXXX*XXXX strings get replaced in the template when the ROMFS image is created:

    • XXXMKRDMINORXXX will become the RAM device minor number. Default: 0

    • XXMKRDSECTORSIZEXXX will become the RAM device sector size

    • XXMKRDBLOCKSXXX will become the number of sectors in the device.

    • XXXRDMOUNTPOINTXXX will become the configured mount point. Default: /etc

    By default, the substituted values would yield an rcS file like:

      # Create a RAMDISK and mount it at /tmp
      
      mkrd -m 1 -s 512 1024
      mkfatfs /dev/ram1
      mount -t vfat /dev/ram1 /tmp
      

    This script will, then:

    • Create a RAMDISK of size 512*1024 bytes at /dev/ram1,

    • Format a FAT file system on the RAM disk at /dev/ram1, and then

    • Mount the FAT filesystem at a configured mountpoint, /tmp.

    This rcS template file can be found at apps/nshlib/rcS.template. The resulting ROMFS file system can be found in apps/nshlib/nsh_romfsimg.h.

  2. board_app_initialize(): Next any architecture-specific NSH initialization will be performed (if any). For the STM3240G-EVAL, this architecture specific initialization can be found at configs/stm3240g-eval/src/stm32_appinit.c. This it does things like: (1) Initialize SPI devices, (2) Initialize SDIO, and (3) mount any SD cards that may be inserted.

  3. nsh_netinit(): The nsh_netinit() function can be found in apps/nshlib/nsh_netinit.c.

4.2 NSH Commands

Overview. NSH supports a variety of commands as part of the NSH program. All of the NSH commands are listed in the NSH documentation above. Not all of these commands may be available at any time, however. Many commands depend upon certain NuttX configuration options. You can enter the help command at the NSH prompt to see the commands actual available:

For example, if network support is disabled, then all network-related commands will be missing from the list of commands presented by 'nsh> help'. You can see the specific command dependencies in the table above.

4.2.1 Adding New NSH Commands

New commands can be added to the NSH very easily. You simply need to add two things:

  1. The implementation of your command, and

  2. A new entry in the NSH command table

Implementation of Your Command. For example, if you want to add a new a new command called mycmd to NSH, you would first implement the mycmd code in a function with this prototype:

The argc and argv are used to pass command line arguments to the NSH command. Command line parameters are passed in a very standard way: argv[0] will be the name of the command, and argv[1] through argv[argc-1] are the additional arguments provided on the NSH command line.

The first parameter, vtbl, is special. This is a pointer to session-specific state information. You don't need to know the contents of the state information, but you do need to pass this vtbl argument when you interact with the NSH logic. The only use you will need to make of the vtbl argument will be for outputting data to the console. You don't use printf() within NSH commands. Instead you would use:

So if you only wanted to output "Hello, World!" on the console, then your whole command implementation might be:

The prototype for the new command should be placed in apps/examples/nshlib/nsh.h>.

Adding You Command to the NSH Command Table. All of the commands support by NSH appear in a single table called:

That table can be found in the file apps/examples/nshlib/nsh_parse.c. The structure cmdmap_s is also defined in apps/nshlib/nsh_parse.c:

This structure provides everything that you need to describe your command: Its name (cmd), the function that handles the command (cmd_mycmd()), the minimum and maximum number of arguments needed by the command, and a string describing the command line arguments. That last string is what is printed when enter "nsh> help".

So, for you sample commnd, you would add the following the to the g_cmdmap[] table:

This entry is particularly simply because mycmd is so simple. Look at the other commands in g_cmdmap[] for more complex examples.

4.3 NSH "Built-In" Applications

Overview. In addition to these commands that are a part of NSH, external programs can also be executed as NSH commands. These external programs are called "Built-In" Applications for historic reasons. That terminology is somewhat confusing because the actual NSH commands as described above are truly "built-into" NSH whereas these applications are really external to NuttX.

These applications are built-into NSH in the sense that they can be executed by simply typing the name of the application at the NSH prompt. Built-in application support is enabled with these configuration option:

When these configuration options are set, you will also be able to see the built-in applications if you enter "nsh> help". They will appear at the bottom of the list of NSH commands under:

Note that no detailed help information beyond the name of the built-in application is provided.

4.3.1 Built-In Applications

Overview. The underlying logic that supports the NSH built-in applications is called "Built-In Applications". The builtin application logic can be found at apps/builtin. This logic simply does the following:

  1. It supports registration mechanism so that builtin applications can dynamically register themselves at build time, and

  2. Utility functions to look up, list, and execute the builtin applications.

Built-In Application Utility Functions. The utility functions exported by the builtin application logic are prototyped in nuttx/include/nuttx/binfmt/builtin.h and apps/include/builtin.h. These utility functions include:

Autogenerated Header Files. Application entry points with their requirements are gathered together in two files when NuttX is first built:

  1. apps/builtin/builtin_proto.h: Prototypes of application task entry points.

  2. apps/builtin/builtin_list.h: Application specific information and start-up requirements

Registration of Built-In Applications. The NuttX build occurs in several phases as different build targets are executed: (1) context when the configuration is established, (2) depend when target dependencies are generated, and (3) default (all) when the normal compilation and link operations are performed. Built-in application information is collected during the make context build phase.

An example application that can be "built-in" is be found in the apps/examples/hello directory. Let's walk through this specific cause to illustrate the general way that built-in applications are created and how they register themselves so that they can be used from NSH.

apps/examples/hello. The main routine for apps/examples/hello can be found in apps/examples/hello/main.c. The main routine is:

This is the built in function that will be registered during the context build phase of the NuttX build. That registration is performed by logic in apps/examples/hello/Makefile. But the build system gets to that logic through a rather tortuous path:

  1. The top-level context make target is in nuttx/Makefile. All build targets depend upon the context build target. For the apps/ directory, this build target will execute the context target in the apps/Makefile.

  2. The apps/Makefile will, in turn, execute the context targets in all of the configured sub-directories. In our case will include the Makefile in apps/examples.

  3. And finally, the apps/examples/Makefile will execute the context target in all configured examplesub-directores, getting us finally to apps/examples/Makefile which is covered below.

NOTE: Since this context build phase can only be executed one time, any subsequent configuration changes that you make will, then, not be reflected in the build sequence. That is a common area of confusion. Before you can instantiate the new configuration, you have to first get rid of the old configuration. The most drastic way to this is:

But then you will have to re-configuration NuttX from scratch. But if you only want to re-build the configuration in the apps/ sub-directory, then there is a less labor-intensive way to do that. The following NuttX make command will remove the configuration only from the apps/ directory and will let you continue without re-configuring everything:

Logic for the context target in apps/examples/hello/Makefile registers the hello_main() application in the builtin's builtin_proto.hand builtin_list.h files. That logic that does that in apps/examples/hello/Makefile is abstracted below:

  1. First, the Makefile includes apps/Make.defs:

      include $(APPDIR)/Make.defs
      

    This defines a macro called REGISTER that adds data to the builtin header files:

      define REGISTER
          @echo "Register: $1"
          @echo "{ \"$1\", $2, $3, $4 }," >> "$(APPDIR)/builtin/builtin_list.h"
          @echo "EXTERN int $4(int argc, char *argv[]);" >> "$(APPDIR)/builtin/builtin_proto.h"
      endef
      

    When this macro runs, you will see the output in the build "Register: hello", that is a sure sign that the registration was successful.

  2. The make file then defines the application name (hello), the task priority (default), and the stack size that will be allocated in the task runs (2K).

      APPNAME         = hello
      PRIORITY        = SCHED_PRIORITY_DEFAULT
      STACKSIZE       = 2048
      
  3. And finally, the Makefile invokes the REGISTER macro to added the hello_main() builtin application. Then, when the system build completes, the hello command can be executed from the NSH command line. When the hello command is executed, it will start the task with entry point hello_main() with the default priority and with a stack size of 2K.

      context:
        $(call REGISTER,$(APPNAME),$(PRIORITY),$(STACKSIZE),$(APPNAME)_main)
      

Other Uses of Built-In Application. The primary purpose of builtin applications is to support command line execution of applications from NSH. However, there is one other use of builtin applications that should be mentioned.

  1. binfs. binfs is a tiny file system located at apps/builtin/binfs.c. This provides an alternative what of visualizing installed builtin applications. Without binfs, you can see the installed builtin applications using the NSH help command. binfs will create a tiny pseudo-file system mounted at /bin. Using binfs, you can see the available builtin applications by listing the contents of /bin directory. This gives some superficial Unix compatibility, but does not really add any new functionality.

4.3.2 Synchronous Built-In Applications

By default, built-in commands started from the NSH command line will run asynchronously with NSH. If you want to force NSH to execute commands then wait for the command to execute, you can enable that feature by adding the following to the NuttX configuration file:

This configuration option enables support for the standard waitpid() RTOS interface. When that interface is enabled, NSH will use it to wait, sleeping until the built-in application executes to completion.

Of course, even with CONFIG_SCHED_WAITPID=y defined, specific applications can still be forced to run asynchronously by adding the ampersand (&) after the NSH command.

4.4 Customizing NSH Initialization

Ways to Customize NSH Initialization. There are three ways to customize the NSH start-up behavior. Here they are presented in order of increasing difficulty:

  1. You can extend the initialization logic in configs/stm3240g-eval/src/stm32_appinit.c. The logic there is called each time that NSH is started and is good place in particular for any device-related initialization.

  2. You replace the sample code at apps/examples/nsh/nsh_main.c with whatever start-up logic that you want. NSH is a library at apps/nshlib. apps.examplex/nsh is just a tiny, example start-up function (CONFIG_USER_ENTRYPOINT()) that that runs immediately and illustrates how to start NSH If you want something else to run immediately then you can write your write your own custom CONFIG_USER_ENTRYPOINT() function and then start other tasks from your custom CONFIG_USER_ENTRYPOINT().

  3. NSH also supports a start-up script that executed when NSH first runs. This mechanism has the advantage that the start-up script can contain any NSH commands and so can do a lot of work with very little coding. The disadvantage is that is is considerably more complex to create the start-up script. It is sufficiently complex that is deserves its own paragraph

4.4.1 NuttShell Start up Scripts

First of all you should look at NSH Start-Up Script paragraph. Most everything you need to know can be found there. That information will be repeated and extended here for completeness.

NSH Start-Up Script. NSH supports options to provide a start up script for NSH. The start-up script contains any command support by NSH (i.e., that you see when you enter 'nsh> help'). In general this capability is enabled with CONFIG_NSH_ROMFSETC=y, but has several other related configuration options as described with the NSH-specific configuration settings paragraph. This capability also depends on:

Default Start-Up Behavior. The implementation that is provided is intended to provide great flexibility for the use of Start-Up files. This paragraph will discuss the general behavior when all of the configuration options are set to the default values.

In this default case, enabling CONFIG_NSH_ROMFSETC will cause NSH to behave as follows at NSH start-up time:

Example Configurations. Here are some configurations that have CONFIG_NSH_ROMFSETC=y in the NuttX configuration file. They might provide useful examples:

In most of these cases, the configuration sets up the default /etc/init.d/rcS script. The default script is here: apps/nshlib/rcS.template. (The funny values in the template like XXXMKRDMINORXXX get replaced via sed at build time). This default configuration creates a ramdisk and mounts it at /tmp as discussed above.

If that default behavior is not what you want, then you can provide your own custom rcS script by defining CONFIG_NSH_ARCHROMFS=y in the configuration file.

Modifying the ROMFS Image. The contents of the /etc directory are retained in the file apps/nshlib/nsh_romfsimg.h OR, if CONFIG_NSH_ARCHROMFS is defined, include/arch/board/nsh_romfsimg.h. In order to modify the start-up behavior, there are three things to study:

  1. Configuration Options. The additional CONFIG_NSH_ROMFSETC configuration options discussed with the other NSH-specific configuration settings.

  2. tools/mkromfsimg.sh Script. The script tools/mkromfsimg.sh creates nsh_romfsimg.h. It is not automatically executed. If you want to change the configuration settings associated with creating and mounting the /tmp directory, then it will be necessary to re-generate this header file using the tools/mkromfsimg.sh script.

    The behavior of this script depends upon several things:

    1. The configuration settings then installed configuration.

    2. The genromfs tool(available from http://romfs.sourceforge.net) or included within the NuttX buildroot toolchain. There is also a snapshot available in the NuttX tools repository here.

    3. The xxd tool that is used to generate the C header files (xxd is a normal part of a complete Linux or Cygwin installation, usually as part of the vi package).

    4. The file apps/nshlib/rcS.template (OR, if CONFIG_NSH_ARCHROMFS is defined include/arch/board/rcs.template.

  3. rcS.template. The file apps/nshlib/rcS.template contains the general form of the rcS file; configured values are plugged into this template file to produce the final rcS file.

    To generate a custom rcS file a copy of rcS.template needs to be placed at tools/ and changed according to the desired start-up behaviour. Running tools/mkromfsimg.h creates nsh_romfsimg.h which needs to be copied to apps/nhslib OR if CONFIG_NSH_ARCHROMFS is defined to configs/<board>/include.

rcS.template. The default rcS.template, apps/nshlib/rcS.template, generates the standard, default apps/nshlib/nsh_romfsimg.h file.

If CONFIG_NSH_ARCHROMFS is defined in the NuttX configuration file, then a custom, board-specific nsh_romfsimg.h file residing in configs/<board>/includewill be used. NOTE when the OS is configured, include/arch/board will be linked to configs/<board>/include.

All of the startup-behavior is contained in rcS.template. The role of mkromfsimg.sh script is to (1) apply the specific configuration settings to rcS.template to create the final rcS, and (2) to generate the header file nsh_romfsimg.h containg the ROMFS file system image. To do this, mkromfsimg.sh uses two tools that must be installed in your system:

  1. The genromfs tool that is used to generate the ROMFS file system image.

  2. The xxd tool that is used to create the C header file.

5.0 Shell Login

5.1 Enabling Shell Logins

NuttShell sessions can be protected by requiring that the user supply username and password credentials at the beginning of the session. Logins can be enabled for standard USB or serial consoles with:

Logins for Telnet sessions can be enabled separately with:

Logins can be enabled for either or both session types. On a successful login, the user will have access to the NSH session:

After each failed login attempt, a delay can be set up. The purpose of this delay is to discourage attempts to crack the password by brute force. That delay is configured with

This setting provides the login failure delay in units of milliseconds. The system will pause this amount of time after each failed login attempt. After a certain number of failed login attempts, the session will be closed. That number is controlled by:

5.2 Verification of Credentials

There are three ways that NSH can be configured to verify user credentials at login time:

  1. The simplest implementation simply uses fixed login credentials and is selected with:

      CONFIG_NSH_LOGIN_FIXED=y
      

    The fixed login credentials are selected via:

      CONFIG_NSH_LOGIN_USERNAME=admin
      CONFIG_NSH_LOGIN_PASSWORD="Administrator"
      

    This is not very flexible since there can be only one user and the password is fixed in the FLASH image. This option is also not very secure because a malicious user could get the password by just looking at the .text stings in the flash image.

  2. NSH can also be configured to defer the entire user credential verification to platform-specific logic with this setting:

      CONFIG_NSH_LOGIN_PLATFORM=y
      

    In this case, NSH will call a platform-specific function to perform the verification of user credentials. The platform-specific logic must provide a function with the following prototype:

      int platform_user_verify(FAR const char *username, FAR const char *password);
      

    which is prototyped an described in apps/include/nsh.h and which may be included like:

      #include <apps/nsh.h>
      

    An appropriate place to implement this function might be in the directory apps/platform/<board>.

  3. A final option is to use a password file contained encrypted password information. This final option is selected with the following and described in more detail in the following paragraph.

      CONFIG_NSH_LOGIN_PASSWD=y
      

5.3 Password Files

NuttX can also be configured to support a password file, by default at /etc/passwd. This option enables support for a password file:

This options requires that you have selected CONFIG_FSUTILS_PASSWD=y to enable the access methods of apps/fsutils/passwd:

And this determines the location of the password file in a mounted volume:

/etc/passwd is a standard location, but you will need to locate the password where ever you have a mounted volume.

The password file can be a fixed list of users in a ROMFS file system or a modifiable list maintained in a file in some writable file system. If the password file lies in a read-only file system like ROMFS, then you should also indicate that the password file is read-only.

If the password file is writable, then additional NSH commands will be enabled to modify the password file: useradd, userdel, and passwd. If you do not wish you have these commands available, then they should be specifically disabled.

The password file logic requires a few additional settings:

  1. The size of dynamically allocated and freed buffer that is used for file access:

      CONFIG_FSUTILS_PASSWD_IOBUFFER_SIZE=512
      
  2. And the 128-bit encryption key. The password file currently uses the Tiny Encryption Algorithm (TEA), but could be extended to use something more powerful.

      CONFIG_FSUTILS_PASSWD_KEY1=0x12345678
      CONFIG_FSUTILS_PASSWD_KEY2=0x9abcdef0
      CONFIG_FSUTILS_PASSWD_KEY3=0x12345678
      CONFIG_FSUTILS_PASSWD_KEY4=0x9abcdef0
      

Password can only be decrypted with access to this key. Note that this key could potentially be fished out of your FLASH image, but without any symbolic information, that would be a difficult job since the TEA KEY is binary data and not distinguishable from other binary data in the FLASH image.

If the password file is enabled (CONFIG_NSH_LOGIN_PASSWD=y), then the fixed user credentials will not be used for the NSH session login. Instead, the password file will be consulted to verify the user credentials.

5.4 Creating a Password File for a ROMFS File System

What we want to accomplish is a ROMFS file system, mounted at /etc and containing the password file, passwd like:

Where /etc/init.d/rcS is the start-up script; /etc/passwd is a the password file. Note that here we assume that you are already using a start-up script. We can then piggyback the passwd file into the /etc file system already mounted for the NSH start up file as described above above.

I use the sim/nsh configuration to create a new password file, but other configurations could also be used. That configuration already supports a ROMFS file system, passwords, and login prompts. First, I make these changes to that configuration.

  1. Disable logins

      - CONFIG_NSH_CONSOLE_LOGIN=y
      + # CONFIG_NSH_CONSOLE_LOGIN is not set
        # CONFIG_NSH_TELNET_LOGIN is not set
      
  2. Move the password file to a write-able file system:

      - CONFIG_FSUTILS_PASSWD_PATH="/etc/passwd"
      + CONFIG_FSUTILS_PASSWD_PATH="/tmp/passwd"
      
  3. Make the password file modifiable

      - CONFIG_FSUTILS_PASSWD_READONLY=y
      # CONFIG_FSUTILS_PASSWD_READONLY is not set
      

Now rebuild the simulation. No login should be required to enter the shell and you should find the useradd, userdel, and passwd commands available in the help summary, provided that they are enabled. Make certain that the useradd command is not disabled:

Use the NSH useradd command to add new uses with new user passwords like:

Do this as many times as you would like. Each time that you do this a new entry with an encrypted password will be added to the passwd file at /tmp/passwd. You can see the content of the password file like:

When you are finished, you can simply copy the /tmp/passwd content from the cat command and paste it into an editor. Make sure to remove any carriage returns that may have ended up on the file if you are using Windows.

Then create/re-create the nsh_romfsimg.h file as described below.

  1. The content on the nsh_romfsimg.h header file is generated from a template directory structure. Create the directory structure:

      mkdir etc
      mkdir etc/init.d
      

    And copy your existing startup script into etc/init.c as rcS.

  2. Save your new password file in the etc/ directory as passwd.

  3. Create the new ROMFS image.

      genromfs -f romfs_img -d etc -V MyVolName
      
  4. Convert the ROMFS image to a C header file

      xxd -i romfs_img >nsh_romfsimg.h
      
  5. Edit nsh_romfsimg.h: Mark both data definitions as const so that the data will be stored in FLASH.

  6. Edit nsh_romfsimg.h, mark both data definitions as const so that that will be stored in FLASH.

There is a good example of how to do this in the NSH simulation configuration at configs/sim/nsh. The ROMFS support files are provided at configs/sim/include and the README.txt file at the location provides detailed information about creating and modifying the ROMFS file system.

Index