Difference between pages "Rootfs over encrypted lvm" and "Lenovo Thinkpad T420"

From Funtoo
(Difference between pages)
Jump to: navigation, search
m (Create a filesystem on volumes)
 
(Boot Parameters)
 
Line 1: Line 1:
This howto describes how to setup LVM and rootfs with cryptoLUKS-encrypted drive
+
 +
== Introduction ==
 +
Throughout, this article will assume the following:
 +
* You have installed Gentoo or Funtoo in the past.
 +
** If you haven't, this article will still serve you well, but please have either the official funtoo, or gentoo install guides open. We move through non-machine-specific bits with little elaboration.
 +
* Have a T420 or similar machine.
  
= Prepare the hard drive and partitions =
+
Even if you do not have a T420, you may find this guide useful for:
This is an example partition scheme, you may want to choose differently.
+
* Nvidia Optimus Cards.
<code>/dev/sda1</code> used as <code>/boot</code>. <code>/dev/sda2</code> will be encrypted drive with LVM.
+
* Power management.
 +
* General setup.
  
* <code>/dev/sda1</code> -- <code>/boot</code> partition.  
+
This installation assumes (For now) that the install is starting from an MS-Windows installation. If you are not on Windows, please add your favourite choice of steps, keep the emphasis on ease of understanding.
* <code>/dev/sda2</code> -- BIOS boot partition (not needed for MBR - only needed if you are using GPT) This step required for GRUB2. For more info, see: [http://www.funtoo.org/Funtoo_Linux_Installation#Prepare_Hard_Disk] for more information on GPT and MBR.
+
* <code>/dev/sda3</code> -- <code>/</code> partition, will be the drive with LUKS and LVM.
+
  
 +
== Getting Started ==
 +
You'll want to get yourself running off a LiveCD or LiveUSB to start. This guide will assume liveUSB, since some users find them more difficult to prepare, this is usually due to boot flag issues.
 +
(Note: ''Live USB restore drives are nice to have in general! The author keeps one in his college binder.'')
 +
 +
==== Windows ====
 +
We can use LiLi for this, it provides a nice, simple interface and is fairly reliable: [http://www.linuxliveusb.com/en/download LiLi Download]
 +
 +
=== SysrescueCD ===
 +
Grab the version that Suites your needs here: [http://www.sysresccd.org/Download Sysrescue Download]
 +
Next use LiLi (Or whatever you happen to be using) to flash the image or burn your CD. Reboot, change your boot device, and you'll find yourself at a grub menu.
 +
 +
Since the T series are all 64-bit laptops, make sure to boot the 64-bit kernel, as the default is 32-bit.
 +
 +
''But Why?: If we pick 32-bit, later on we won't be able to chroot into our Funtoo's 64-bit stage 3.''
 +
 +
You should see a fairly verbose boot as sysrescueCD scans for modules it requires and starts up. It is safe to simply accept prompt defaults here, unless they are errors.
 +
 +
When you are greeted by the interactive command prompt, enter 'wizard' as prompted, and accept the default entry in the dialogue. This will give us a functioning XFCE desktop environment.
 +
 +
== Partitioning ==
 +
Partitioning is the only step of this install which provides real risk to data on other operating systems. Be extremely careful if there is something you do not wish to loose. These steps are not foolproof and may result in lost data.
 +
 +
Please be aware that MBR disks only support '''4''' primary partitions. You can solve this by creating an 'extended' partition and adding logical partitions to it. If you are feeling particularly brave try GPT on your disk.
 +
 +
So lets start:
 +
First open up gparted. You should see it on the taskbar if you're using systemrescueCD. It will scan available drives and show you the partition table. Most users will likely find one of the following to their liking:
 +
 +
==== Pure Funtoo ====
 +
You'll likely want:
 +
<pre>
 +
/boot      :: EXT2      :: 100mb-500mb
 +
    ''Note: We choose EXT2 because there is really no good use for a journalled boot partition, but feel free to use EXT4 instead!''
 +
/          :: EXT4      :: 60gb (suggested floor value) - 500+
 +
swap        :: linux-swap :: Your RAM Value (Optional, allows for hibernation)
 +
</pre>
 +
You may wish for a separate /home, which is perfectly legitimate, or any number of other partitions.
 +
 +
==== Dual Boot with Windows ====
 +
If dual booting with Windows, it is advisable to have Windows installed '''first''' since it will muck with the MBR and possibly want to create it's own boot partition.
 +
You'll likely want:
 +
<pre>
 +
System Reserved    :: NTFS      :: Whatever windows chooses.
 +
Windows            :: NTFS      :: >100gb (If you plan on doing any serious work on windows)
 +
/boot              :: EXT2      :: 100mb-500mb
 +
Extended Partition -
 +
  /                :: EXT4      :: Whatever is left.
 +
  swap            :: linux-swap:: Your RAM value. (Optional, allows for hibernation)
 +
</pre>
 +
You may also want a separate /home, etc. These will fit into your extended partition without contributing to MBR's 4 partition limit.
 +
 +
== Starting the  (actual) Install ==
 +
Up until now everything we've done has just been foreplay. Finally we can mount our partitions and get started on the installation!
 +
 +
==== Mounting ====
 +
First, lets mount all of our partitions.
 +
* Make a directory for root. Lets assume '''/mnt/funtoo'''
 
<console>
 
<console>
# ##i##dd if=/dev/zero of=/dev/sda3 bs=100M
+
###i## mkdir /mnt/funtoo
# ##i##dd if=/dev/urandom of=/dev/sda3 bs=100M
+
 
</console>
 
</console>
The <code>dd</code> part is optional, and the command only needs to be run for security reasons (i.e only if you had top secret files on your drive). The command overwrites the lingering data on the device with random data. It takes around 6 hours to complete for a 200GB drive.
+
* Mount your '/' partition to /mnt/funtoo
 +
<console>
 +
###i## mount /dev/sd## /mnt/funtoo
 +
</console>
 +
* Make a directory for your boot partition.
 +
<console>
 +
###i## mkdir /mnt/funtoo/boot
 +
</console>
 +
* Mount your boot partition.
 +
<console>
 +
###i## mount /dev/sd## /mnt/funtoo/boot
 +
</console>
 +
* Mount anything else you may have made and need. (Not swap)
  
{{Note}} You will get a message about reaching the end of the device when the <code>dd</code> command has finished. This behavior is intended.
+
==== Checking the Date ====
 +
Although this may seem super un-important, if you want to avoid lots of spammy warning messages later, checking your date is beneficial.
 +
<console>
 +
###i## date
 +
</console>
 +
If it needs to be set, you'll want something like:
 +
<console>
 +
###i## date 071620002011
 +
#Fri Jul 16 20:00:00 UTC 2011
 +
</console>
  
= Encrypting the drive =
+
==== Fetch a Stage 3 ====
 +
Next we need to fetch a tarball containing a barebones stage. We will download the core-i7 architecture version, if you have a core i5 or i3, don't worry, it's all the same.
 
<console>
 
<console>
# ##i##cryptsetup --cipher aes-xts-plain64 luksFormat /dev/sda3
+
###i## cd /mnt/funtoo
# ##i##cryptsetup luksOpen /dev/sda3 dmcrypt_root
+
###i## wget http://ftp.osuosl.org/pub/funtoo/funtoo-current/x86-64bit/corei7/stage3-current.tar.xz
 
</console>
 
</console>
  
There you'll be prompted to enter your password phrase for encrypted drive, type your paranoid password there.
+
Next let's unpack with:
 +
<console>
 +
###i## tar xJpf stage3-current.tar.xz
 +
</console>
 +
{{Note}} ''Seriously, don't forget the 'p' option.''
 +
 
 +
If you run 'ls' now, you should see the <code>/mnt/funtoo</code> is fully populated with folders such as lib, home, and proc.
  
= Create logical volumes =
+
==== Chroot'ing ====
 +
Now we need to change the ''apparent root'' of our system to our fledgling Funtoo system.
 
<console>
 
<console>
# ##i##pvcreate /dev/mapper/dmcrypt_root
+
###i## cd /mnt/funtoo
# ##i##vgcreate vg /dev/mapper/dmcrypt_root
+
###i## mount --bind /proc ./proc
# ##i##lvcreate -L10G --name root vg         
+
###i## mount --bind /dev ./dev
# ##i##lvcreate -L2G --name swap vg
+
###i## cp /etc/resolv.conf ./etc
# ##i##lvcreate -L5G --name portage vg
+
###i## env -i HOME=/root TERM=$TERM chroot /mnt/funtoo /bin/bash --login
# ##i##lvcreate -l 100%FREE -nhome vg
+
 
</console>
 
</console>
Feel free to specify your desired size by altering the numbers after the -L flag. For example, to make your portage dataset 20GB's, use the flag -L20G instead of -L5G.
 
  
= Create a filesystem on volumes =
+
==== Getting the Portage Tree ====
 +
Funtoo (Unlike Gentoo) uses a git based portage tree, however if you're coming from Gentoo, you'll be glad to know we sync with the Gentoo tree once every 12 hours.
 
<console>
 
<console>
# ##i##mkfs.ext2 /dev/sda1
+
###i## emerge --sync
# ##i##mkswap /dev/mapper/vg-swap
+
# ##i##mkfs.ext4 /dev/mapper/vg-root
+
# ##i##mkfs.ext4 /dev/mapper/vg-portage
+
# ##i##mkfs.ext4 /dev/mapper/vg-home
+
 
</console>
 
</console>
 +
''You can ignore most of the errors that might be spat out at this stage, however if they do not disappear on subsequent merges, talk to us in #funtoo.''
 +
Your first sync will take significantly longer then subsequent syncs, as the whole tree must be synced.
 +
 +
==== A Configuration Celebration ====
 +
Now that we have our portage tree cloned, we need to do some initial setup on some files before doing anything else with portage.
 +
 +
'''Fstab'''
  
= Basic system setup =
 
 
<console>
 
<console>
##r### ##b##swapon /dev/mapper/vg-swap
+
###i## nano /etc/fstab
##r### ##b##mkdir /mnt/funtoo
+
##r### ##b##mount /dev/mapper/vg-root /mnt/funtoo
+
##r### ##b##mkdir -p /mnt/funtoo/{boot,usr/portage,home}
+
##r### ##b##mount /dev/sda1 /mnt/funtoo/boot
+
##r### ##b##mount /dev/mapper/vg-portage /mnt/funtoo/usr/portage
+
##r### ##b##mount /dev/mapper/vg-home /mnt/funtoo/home
+
 
</console>
 
</console>
Now perform all the steps required for basic system install, please follow [http://docs.funtoo.org/wiki/Funtoo_Linux_Installation]
 
don't forget to emerge the following before your install is finished:
 
  
* '''cryptsetup'''
+
You'll want something like this: (Replace the dev values with what you are using)
* '''lvm2'''
+
{{File
* '''a bootloader (grub recommended)'''
+
|/etc/fstab|<pre>
* '''kernel sources (gentoo-sources recommended)'''
+
# <fs> <mountpoint> <type> <opts>         <dump/pass>
 +
 
 +
/dev/sda1 /boot ext2 noauto,noatime  1 2
 +
/dev/sda3 none swap sw         0 0
 +
/dev/sda4 / ext4 noatime         0 1
 +
/dev/cdrom /mnt/cdrom auto noauto,ro         0 0
 +
</pre>}}
 +
 
 +
'''Localtime'''
  
= Editing the fstab =
+
Lets remove the default localtime, and create a symbolic link to the proper time zone. (You probably will want something other then Vancouver)
Fire up your favorite text editor to edit <code>/etc/fstab</code>. You want to put the following in the file:
+
 
<console>
 
<console>
# <fs>                  <mountpoint>  <type>    <opts>                          <dump/pass>
+
###i## rm /etc/localtime
/dev/sda1              /boot        ext2      noauto,noatime                  1 2
+
###i## ln -s /usr/share/zoneinfo/America/Vancouver /etc/localtime
/dev/mapper/vg-swap    none          swap      sw                              0 0
+
/dev/mapper/vg-root    /             ext4      noatime,nodiratime,defaults    0 1
+
/dev/sr0                /mnt/cdrom    auto      noauto,ro                      0 0
+
/dev/mapper/vg-portage  /usr/portage  ext4      noatime,nodiratime              0 0
+
/dev/mapper/vg-home    /home        ext4      noatime,nodiratime              0 0
+
 
</console>
 
</console>
  
= Kernel options =
+
''' Hostname '''
{{Note}}This part is particularly important: pay close attention.
+
Set your host name:
{{kernelop
+
<console>
|'''General setup --->'''
+
###i## nano /etc/conf.d/hostname
|'''[*] Initial RAM filesystem and RAM disk (initramfs/initrd) support'''
+
</console>
}}
+
  
{{kernelop
+
'''Hwclock'''
|'''Device Drivers --->''' <br> '''Generic Driver Options --->'''
+
|'''[*] Maintain a devtmpfs filesystem to mount at /dev''' <br>
+
}}
+
  
{{kernelop
+
If you're using a dual boot system, you'll want to change this. Otherwise it's entirely optional.
|'''Device Drivers --->''' <br> '''[*] Multiple devices driver support --->'''
+
<console>
|'''<*>Device Mapper Support''' <br> '''<*> Crypt target support'''
+
###i## nano /etc/conf.d/hwclock
}}
+
</console>
  
{{kernelop
+
If you're on windows you'll want:
|'''Cryptographic API --->'''
+
<console>
|'''-*-AES cipher algorithms''' <br> '''<*> XTS support'''
+
###i## clock="local"
}}
+
</console>
  
= Initramfs setup and configuration =
+
'''Make.conf'''
== Better-initramfs ==
+
Important enough that it deserves it's own article. A template make.conf for the T420 will be forthcoming.
'''Build your initramfs with [https://bitbucket.org/piotrkarbowski/better-initramfs better-initramfs] project.'''
+
  
{{note}}better-initramfs supports neither dynamic modules nor udev, so you should compile your kernel with built-in support for your block devices.
+
For now:
 +
If you have an i5 or i3 you will want
 +
{{File
 +
|/etc/portage/make.conf|<pre>
 +
MAKEOPTS="-j3"
 +
</pre>}}
 +
If you have an i7 you'll probably want:
 +
{{File
 +
|/etc/portage/make.conf|<pre>
 +
MAKEOPTS="-j5"
 +
</pre>}}
  
 +
''But I have Hyperthreading! Why only -j3?''
 +
Hyperthreading and compiling don't play well together. You'll have the same (or better) performance with -j3 as -j5 with a dual core hyper threaded processor.
 +
 +
== Stop, Kernel time! ==
 +
''For this guide we'll be using some pre-found config options that I will be adding later.''
 +
 +
* Networking:
 +
** iwlwifi and auxilary
 +
** Unknown intel ethernet adapter. Selected several.
 +
* GPU
 +
** Intel available default.
 +
** nvidia will be dealt with later
 +
 +
Install:
 +
* wpa_supplicant
 +
* iwl6000-ucode
 +
* wireless-tools
 +
 +
 +
== Bootloader Setup ==
 +
In funtoo the setup of grub is extremely simplified.
 
<console>
 
<console>
##r### ##b##cd /opt
+
###i## emerge -vqat boot-update
##r### ##b##git clone git://github.com/slashbeast/better-initramfs.git
+
##r### ##b##cd better-initramfs
+
##r### ##b##less README.rst
+
##r### ##b##bootstrap/bootstrap-all
+
##r### ##b##make prepare
+
##r### ##b##make image
+
 
</console>
 
</console>
 +
''Q: What are those options? A: We'll get to them later, lets get the system booted first, okay? ''
 +
Boot-update is a tool that will allow for very simple configuration of grub similar to older versions (But nicer still).
  
Copy resulting <code>initramfs.cpio.gz</code> to <code>/boot</code>:
+
You will now edit the file <code>/etc/boot.conf</code>:
<console>##r### ##b##cp output/initramfs.cpio.gz /boot</console>
+
{{File
 +
|/etc/boot.conf|<pre>
 +
boot {
 +
        generate grub
 +
        default "Funtoo Linux genkernel"
 +
        timeout 3
 +
}
  
Alternatively, a pre-compiled binary initramfs is available at https://bitbucket.org/piotrkarbowski/better-initramfs/downloads
+
"Funtoo Linux" {
 +
        kernel bzImage[-v]
 +
        # params += nomodeset
 +
}
 +
 
 +
"Funtoo Linux genkernel" {
 +
        kernel kernel[-v]
 +
        initrd initramfs[-v]
 +
        params += real_root=auto
 +
        # params += nomodeset
 +
}
 +
</pre>}}
 +
This can be configured (We'll touch on this later. We need to make sure the kernel is booting and working before we start tweaking) with options for the kernel.
 +
 
 +
==== Dual-Booters Only ====
 +
If you want to dual boot with windows you'll need to add an entry here:
 +
{{File
 +
|/etc/boot.conf|<pre>
 +
<pre>
 +
"Windows 7" {
 +
    type win7
 +
    params root=/dev/sda1
 +
}
 +
</pre>}}
 +
==== Installing Grub onto the Drive(Everyone) ====
 +
Next we can install grub onto the drive.
 
<console>
 
<console>
##r### ##b##wget https://bitbucket.org/piotrkarbowski/better-initramfs/downloads/release-x86_64-v0.7.2.tar.bz2
+
###i## grub-install --no-floppy /dev/sda
##r### ##b##tar xf release-x86_64-v0.5.tar.bz2
+
###i## boot-update
##r### ##b##cd release*
+
##r### ##b##gzip initramfs.cpio
+
##r### ##b##cp initramfs.cpio.gz /boot
+
 
</console>
 
</console>
 +
No errors means we should be good to go!
 +
 +
== Tidy up and go. ==
 +
Just a few more things!
 +
 +
Lets set a root password.
 +
<console>
 +
###i## passwd
 +
</console>
 +
 +
It is advisable to exit the chroot and umount all the relevant install drives. Or at least just exit the chroot, but you can just simply reboot from here.
 +
<console>
 +
###i## exit
 +
###i## cd /
 +
###i## umount /mnt/funtoo/boot /mnt/funtoo/dev /mnt/funtoo/proc /mnt/funtoo
 +
###i## reboot
 +
</console>
 +
 +
== Configuring the New System ==
 +
Welcome to funtoo! You should be greeted by a bunch of spammy text that scrolls by reasonably fast and then a couple penguins and openrc. Login to your root user and lets start playing.
 +
 +
A note, this part of the guide is meant to be much more of a dialogue between us.
 +
 +
==== Getting up the (wired) network ====
 +
If you're gifted with a wired network connect, use it! The initial setup is much more convenient and quick.
 +
 +
Quickly set up the network with
 +
<console>
 +
###i## /etc/init.d/dhcpcd start
 +
</console>
 +
Now check to see if our wired adapter is listed with ifconfig.
 +
<console>
 +
###i## ifconfig
 +
#  (or)
 +
###i## ping google.com
 +
</console>
 +
If you see it listed with a description, we're good to go!
 +
 +
==== Editing the make.conf ====
 +
Before we start merging into our tree everything under the sun, lets do some system planning.
 +
 +
You can use this as a starting point:
 +
{{File
 +
|/etc/portage/make.conf|<pre>
 +
# These settings were set by the metro build script that automatically built this stage.
 +
# Please consult /etc/make.conf.example for a more detailed example.
 +
 +
ACCEPT_KEYWORDS="~amd64"
 +
CHOST="x86_64-pc-linux-gnu"
 +
CFLAGS="-march=corei7 -O2 -pipe"
 +
CXXFLAGS="-march=corei7 -O2 -pipe"
 +
SYNC="git://github.com/funtoo/ports-2012.git"
 +
 +
# -j3 :: Have make use 3 threads by default.
 +
MAKEOPTS="-j3"
 +
#  Setup emerge's default options:
 +
#    --ask    :: Double check before merging.
 +
#    --verbose :: Show use flags etc.
 +
#    --quiet  :: Don't show me make spam.
 +
#    --tree    :: Use nice dependancy graphs.
 +
EMERGE_DEFAULT_OPTS="--ask --verbose --quiet --tree"
 +
 +
# Portage Features
 +
#    TODO: Descriptions
 +
FEATURES="mini-manifest parallel-fetch userfetch parallel-install sandbox fixpackages collision-protect"
 +
 +
#  We might use binary packages later. Lets set that up just in case.
 +
PORTAGE_BINHOST=/usr/portage/packages
 +
 +
 +
# CCache
 +
#  This is not going to be done by default.
 +
#  Why? It's only wortwhile if you plan on compiling packages multiple
 +
#  times per version, which the average user will not.
 +
#CCACHE_SIZE="5G"
 +
#CCACHE_DIR="/var/cache/ccache"
 +
 +
# Licenses
 +
#  By default we're just going to accept everything.
 +
ACCEPT_LICENSE="*"
 +
 +
 +
# Device Specific Settings
 +
#    INPUT_DEVICES :: A list of input devices you'll be wanting. This is needed for xorg and not much else.
 +
INPUT_DEVICES="evdev synaptics"
 +
#    VIDEO CARDS  :: A list of video cards. Optimus users beware here.
 +
VIDEO_CARDS="intel i915 i965 nvidia"
 +
 +
# Use flags.
 +
#  Application specific flags should be migrated to /etc/portage/package.use (which can be a folder with multiple files!)
 +
#  To look at the user flags for an application use "equery uses FOOPKG"
 +
USE="
 +
acpi alsa /
 +
bash-completition /
 +
curl /
 +
dvdr /
 +
ithreads /
 +
ncurses networkmanager/
 +
policykit /
 +
ssl sse sse2 sse3 sse4 /
 +
threads /
 +
udev /
 +
vim-syntax /
 +
zsh-completion /
 +
"
 +
</pre>}}
 +
 +
=== Installing an Editor ===
 +
Well, first things first lets get ourselves an editor. The author prefers vim, but you may like emacs or something else... Feel free to disregard this and explore! If you plan to have multiple users however, this will often be expected by experienced linux users.
  
Remember, better-initramfs project is a work in progress, so you need to update from time to time. It can be done easily with <code>git</code>. Go to the better-initramfs source dir and follow:
 
 
<console>
 
<console>
##r### ##b##cd /opt/better-initramfs
+
###i## emerge vim
##r### ##b##git pull
+
##r### ##b##less ChangeLog
+
 
</console>
 
</console>
{{Note}}Please read the ChangeLog carefuly and perform necessary updates to <code>/etc/boot.conf</code>. Also, please backup the working <code>/boot/initramfs.cpio.gz</code> and <code>/etc/boot.conf</code> before updating better-initramfs.
+
Check that your USE flags look reasonable (see above) and feel free to do any fine tweaking in /etc/portage/package.use.
 +
Consult your output after merge! You may want to follow some of it's advice.
  
== Genkernel ==
+
You can find multiple good guides on google for vim configurations and setups.
Funtoo's genkernel capable to create initramfs for encrypted drive. Compile and install kernel and initramfs of your favorite kernel sources:
+
Funtoo also provides a very nice base configuration in /etc/vim/vimrc.
<pre>genkernel --kernel-config=/path/to/your/custom-kernel-config --no-mrproper --makeopts=-j5 --install --lvm --luks all</pre>
+
Configure the bootloader as described above, with correct kernel and initramfs images names. An example for genkernel and grub2:
+
  
{{code|/etc/boot.conf|<pre>
+
==== Boot Parameters ====
 +
The T420 has a number of boot parameters that can be set to conserve power. On a laptop these options are generally reasonable:
 +
{{File
 +
|/etc/boot.conf|<pre>
 
boot {
 
boot {
  generate grub
+
generate grub
  default "Funtoo Linux"
+
default "Funtoo Linux"  
  timeout 3
+
timeout 15
 
}
 
}
 +
 
"Funtoo Linux" {
 
"Funtoo Linux" {
  kernel kernel-genkernel-x86_64-2.6.39
+
kernel bzImage[-v]
   initrd initramfs-genkernel-x86_64-2.6.39
+
#  Force PCIE Active State Power Management on.
   params += crypt_root=/dev/sda2 dolvm real_root=/dev/mapper/vg-root  rootfstype=ext4 resume=swap:/dev/mapper/vg-swap quiet
+
params += pcie_aspm=force
}</pre>}}
+
#   TODO (Range 1..15)
 +
params += epb=7
 +
#   TODO
 +
params += hpet=force
 +
#  i915 Enable rc6 sleep state (?)
 +
params += i915.i915_enable_rc6=1
 +
#  TODO (Framebuffer?)
 +
params += i915.i915_enable_fbc=1
 +
#  Downclock the lvds screen (60hz -> 50hz)
 +
params += i915.lvds_downclock=1
 +
        #  Quiet some of the excessively verbose kernel boot
 +
        params += quiet
 +
}
  
= Grub2 configuration =
+
"Windows 7" {
An example of <code>/etc/boot.conf</code> for better-initramfs
+
        type win7
{{code|/etc/boot.conf|<pre>
+
        params root=/dev/sda1
boot {
+
  generate grub
+
  default "Funtoo Linux"
+
  timeout 3
+
 
}
 
}
"Funtoo Linux" {
 
  kernel bzImage[-v]
 
  initrd /initramfs.cpio.gz
 
  params += enc_root=/dev/sda2 lvm luks root=/dev/mapper/vg-root  rootfstype=ext4 resume=swap:/dev/mapper/vg-swap quiet
 
}</pre>}}
 
  
= Lilo configuration =
+
#"Funtoo Linux genkernel" {
For oldschool geeks, an example for lilo bootloader. Emerge lilo with device-mapper support
+
# kernel kernel[-v]
 +
# initrd initramfs[-v]
 +
# params += real_root=auto
 +
#}
 +
</pre>}}
 +
 
 +
When you're done, update grub with:
 +
<console>
 +
###i## boot-update
 +
</console>
 +
 
 +
==== Power Saving Local Scripts ====
 +
Next we're going to set up a script that runs at default runlevel for the machine. This will echo several options to various dev files. Most distros would do this via /etc/rc.local or something of the like.
 +
 
 +
With Funtoo (and Gentoo) this is accomplished via
 
<pre>
 
<pre>
# echo 'sys-boot/lilo device-mapper' >> /etc/portage/package.use/lilo
+
/etc/local.d
# emerge lilo</pre>
+
</pre>
 +
Consult the README (in directory) for more information.
  
{{code|/etc/lilo.conf|<pre>append="init=/linuxrc dolvm crypt_root=/dev/sda2 real_root=/dev/mapper/vg-root"
 
boot=/dev/sda
 
compact
 
default=funtoo
 
lba32
 
prompt
 
read-only
 
timeout=50
 
image=/boot/kernel-genkernel-x86_64-2.6.39
 
initrd=/boot/initramfs-genkernel-x86_64-2.6.39
 
label=funtoo
 
</pre>}}
 
= Syslinux bootloader setup =
 
Syslinux is another advanced bootloader which you can find on all live CD's.
 
 
<pre>
 
<pre>
# emerge syslinux
+
$ cat /etc/local.d/power-saving.start
# mkdir /boot/extlinux
+
# /bin/bash
# extlinux --install /boot/extlinux
+
#
# dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/mbr.bin of=/dev/sda
+
echo 1 > /sys/modules/snd_hda_intel/parameters/power_save
- or -
+
for i in /sys/bus/usb/devices/*/power/autosuspend; do
# sgdisk /dev/sda --attributes=1:set:2
+
    echo 1 > $i
# dd bs=440 conv=notrunc count=1 if=/usr/share/syslinux/gptmbr.bin of=/dev/sda, for GPT partition</pre>
+
done
{{code|/boot/extlinux/extlinux.conf|<pre>LABEL kernel1_bzImage-3.2.1
+
for i in /sys/class/scsi_host/host*/link_power_management_policy; do
MENU LABEL Funtoo Linux bzImage-3.2.1
+
    echo min_power > $i
LINUX /bzImage-3.2.1
+
done
INITRD /initramfs.cpio.gz
+
</pre>
APPEND rootfstype=ext4 luks enc_root=/dev/sda2 lvm root=/dev/mapper/vg-root
+
If you copy this wholesale remember to chmod -x the file!
</pre>}}
+
  
= Final steps =
+
==== rc.conf ====
Umount everything, close encrypted drive and reboot
+
rc.conf lets us change some options to do with open RC.
<pre>umount /mnt/funtoo/proc (/dev, /home, /usr/portage, /boot)
+
vgchange -a n
+
cryptsetup luksClose /dev/sda2 dmcrypt_root</pre>
+
After reboot you will get the following:
+
<pre>>>> better-initramfs started. Kernel version 2.6.35-gentoo-r10
+
>>> Create all the symlinks to /bin/busybox.
+
>>> Initiating /dev/dir
+
>>> Getting LVM volumes up (if any)
+
Reding all physical volumes. This make take awhile...
+
No volume group found
+
No volume group found
+
>>> Opening encrypted partition and mapping to /dev/mapper/dmcrypt_root
+
Enter passphrase fore /dev/sda2:</pre>
+
Type your password
+
  
<pre>>>> Again, getting LVM volumes up (if any, after map dmcrypt).
+
First, lets set rc_sys to it's default, this will suppress a warning message at boot.
  Reading all physical volumes.  This may take a while...
+
<pre>
  Found volume group "vg" using metadata type lvm2
+
rc_sys=""
  4 logical volume(s) in volume group "vg" now active
+
</pre>
>>> Mounting rootfs to /newroot
+
 
>>> Umounting /sys and /proc.
+
Next, we can turn on rc_parallel to get a bit of speedup on boot.
>>> Switching root to /newroot and executing /sbin/init.
+
<pre>
INIT: version 2.88 booting
+
rc_parallel="YES"
Loading /libexec/rc/console/keymap
+
</pre>
  OpenRC 0.6.1 is starting up Funtoo Linux (x86_64)
+
If you get errors or problems with services on boot, try turning this off.
...boot messages omitted for clarity
+
 
 
+
== Making it Usable ==
orion login: oleg
+
Next we'll be setting up a normal user and installing the venerable Xorg.
Password:
+
 
Last login: Thu Oct 14 20:49:21 EEST 2010 on tty1
+
==== Mouse in framebuffer ====
oleg@orion ~ %</pre>
+
Right now we should be looking at a framebuffer'd console.
 +
<pre>
 +
/etc/init.d/gpm start
 +
</pre>
 +
gpm is a daemon that allows us to use our mouse (trackpad/trackpoint) on console. Give it a try! If you want to keep it on across boots, add it to your init.
 +
<pre>
 +
rc-update add gpm default
 +
</pre>
 +
 
 +
==== Making a New User =====
 +
Lets use superadduser to make the task ever so much easier (Though, it is already easy)
 +
<pre>
 +
emerge superadduser
 +
superadduser
 +
</pre>
 +
 
 +
Walk through the prompts and set up your user how you choose.
 +
 
 +
==== Sudo Make Me a Sandwich ====
 +
Next lets merge in sudo, and set up our new user to be able to use sudo.
 +
<pre>
 +
emerge sudo
 +
</pre>
 +
Now edit the config with
 +
<pre>
 +
visudo
 +
</pre>
 +
You'll probably want to uncomment out one of the two options:
 +
<pre>
 +
## Uncomment to allow members of group wheel to execute any command
 +
# %wheel ALL=(ALL) ALL
 +
 
 +
## Same thing without a password
 +
# %wheel ALL=(ALL) NOPASSWD: ALL
 +
</pre>
 +
 
 +
Now just add your user to the 'wheel' group.
 +
<pre>
 +
gpasswd -a foouser wheel
 +
exit
 +
</pre>
 +
Now re-login as your user, and you should be good to go!
 +
 
 +
==== Tmux ====
 +
Before we emerge xorg, lets get tmux working so we can easily scroll through output and look at USE flags etc.
 +
<pre>
 +
emerge tmux
 +
</pre>
 +
The default config will suffice for now. You may find it beneficial to learn to use tmux ''properly'' sometime, but for now we'll hold hands.
 +
 
 +
<pre>
 +
tmux
 +
</pre>
 +
Now we can scroll through output with CTRL+B [ and the up and down arrows.
 +
 
 +
== Xorg ==
 +
Xorg is a large topic in and on itself. We'll focus on getting a working xorg and a simple window manager.
 +
 
 +
<pre>
 +
# (in tmux)
 +
sudo emerge xorg-server
 +
</pre>
 +
Once again use CTRL+B [ to start scrolling (escape to exit) and look through your use flags, adding anything you might want.
  
= Additional links =
+
== A note on Gnome ==
* [[gentoo-wiki:Root filesystem over LVM2, DM-Crypt and RAID|Root filesystem over LVM2, DM-Crypt, and RAID]]
+
Want to get rid of that awful lock screen on wake from suspend?
* [http://wiki.archlinux.org/index.php/System_Encryption_with_LUKS_for_dm-crypt System Encryption with LUKS for dm-crypt]
+
<pre>gsettings set org.gnome.desktop.lockdown disable-lock-screen 'true'</pre>
  
 
[[Category:HOWTO]]
 
[[Category:HOWTO]]
 +
[[Category:HWLaptop]]
 +
[[Category:Hardware Compatibility]]

Revision as of 20:43, 17 January 2014

Introduction

Throughout, this article will assume the following:

  • You have installed Gentoo or Funtoo in the past.
    • If you haven't, this article will still serve you well, but please have either the official funtoo, or gentoo install guides open. We move through non-machine-specific bits with little elaboration.
  • Have a T420 or similar machine.

Even if you do not have a T420, you may find this guide useful for:

  • Nvidia Optimus Cards.
  • Power management.
  • General setup.

This installation assumes (For now) that the install is starting from an MS-Windows installation. If you are not on Windows, please add your favourite choice of steps, keep the emphasis on ease of understanding.

Getting Started

You'll want to get yourself running off a LiveCD or LiveUSB to start. This guide will assume liveUSB, since some users find them more difficult to prepare, this is usually due to boot flag issues. (Note: Live USB restore drives are nice to have in general! The author keeps one in his college binder.)

Windows

We can use LiLi for this, it provides a nice, simple interface and is fairly reliable: LiLi Download

SysrescueCD

Grab the version that Suites your needs here: Sysrescue Download Next use LiLi (Or whatever you happen to be using) to flash the image or burn your CD. Reboot, change your boot device, and you'll find yourself at a grub menu.

Since the T series are all 64-bit laptops, make sure to boot the 64-bit kernel, as the default is 32-bit.

But Why?: If we pick 32-bit, later on we won't be able to chroot into our Funtoo's 64-bit stage 3.

You should see a fairly verbose boot as sysrescueCD scans for modules it requires and starts up. It is safe to simply accept prompt defaults here, unless they are errors.

When you are greeted by the interactive command prompt, enter 'wizard' as prompted, and accept the default entry in the dialogue. This will give us a functioning XFCE desktop environment.

Partitioning

Partitioning is the only step of this install which provides real risk to data on other operating systems. Be extremely careful if there is something you do not wish to loose. These steps are not foolproof and may result in lost data.

Please be aware that MBR disks only support 4 primary partitions. You can solve this by creating an 'extended' partition and adding logical partitions to it. If you are feeling particularly brave try GPT on your disk.

So lets start: First open up gparted. You should see it on the taskbar if you're using systemrescueCD. It will scan available drives and show you the partition table. Most users will likely find one of the following to their liking:

Pure Funtoo

You'll likely want:

/boot       :: EXT2       :: 100mb-500mb
    ''Note: We choose EXT2 because there is really no good use for a journalled boot partition, but feel free to use EXT4 instead!''
/           :: EXT4       :: 60gb (suggested floor value) - 500+
swap        :: linux-swap :: Your RAM Value (Optional, allows for hibernation)

You may wish for a separate /home, which is perfectly legitimate, or any number of other partitions.

Dual Boot with Windows

If dual booting with Windows, it is advisable to have Windows installed first since it will muck with the MBR and possibly want to create it's own boot partition. You'll likely want:

System Reserved    :: NTFS      :: Whatever windows chooses.
Windows            :: NTFS      :: >100gb (If you plan on doing any serious work on windows)
/boot              :: EXT2      :: 100mb-500mb
Extended Partition -
  /                :: EXT4      :: Whatever is left.
  swap             :: linux-swap:: Your RAM value. (Optional, allows for hibernation)

You may also want a separate /home, etc. These will fit into your extended partition without contributing to MBR's 4 partition limit.

Starting the (actual) Install

Up until now everything we've done has just been foreplay. Finally we can mount our partitions and get started on the installation!

Mounting

First, lets mount all of our partitions.

  • Make a directory for root. Lets assume /mnt/funtoo
# mkdir /mnt/funtoo
  • Mount your '/' partition to /mnt/funtoo
# mount /dev/sd## /mnt/funtoo
  • Make a directory for your boot partition.
# mkdir /mnt/funtoo/boot
  • Mount your boot partition.
# mount /dev/sd## /mnt/funtoo/boot
  • Mount anything else you may have made and need. (Not swap)

Checking the Date

Although this may seem super un-important, if you want to avoid lots of spammy warning messages later, checking your date is beneficial.

# date

If it needs to be set, you'll want something like:

# date 071620002011
#Fri Jul 16 20:00:00 UTC 2011

Fetch a Stage 3

Next we need to fetch a tarball containing a barebones stage. We will download the core-i7 architecture version, if you have a core i5 or i3, don't worry, it's all the same.

# cd /mnt/funtoo
# wget http://ftp.osuosl.org/pub/funtoo/funtoo-current/x86-64bit/corei7/stage3-current.tar.xz

Next let's unpack with:

# tar xJpf stage3-current.tar.xz

Note Note: Seriously, don't forget the 'p' option.

If you run 'ls' now, you should see the /mnt/funtoo is fully populated with folders such as lib, home, and proc.

Chroot'ing

Now we need to change the apparent root of our system to our fledgling Funtoo system.

# cd /mnt/funtoo
# mount --bind /proc ./proc
# mount --bind /dev ./dev
# cp /etc/resolv.conf ./etc
# env -i HOME=/root TERM=$TERM chroot /mnt/funtoo /bin/bash --login

Getting the Portage Tree

Funtoo (Unlike Gentoo) uses a git based portage tree, however if you're coming from Gentoo, you'll be glad to know we sync with the Gentoo tree once every 12 hours.

# emerge --sync

You can ignore most of the errors that might be spat out at this stage, however if they do not disappear on subsequent merges, talk to us in #funtoo. Your first sync will take significantly longer then subsequent syncs, as the whole tree must be synced.

A Configuration Celebration

Now that we have our portage tree cloned, we need to do some initial setup on some files before doing anything else with portage.

Fstab

# nano /etc/fstab

You'll want something like this: (Replace the dev values with what you are using)

{{{name}}}
{{{body}}}

Localtime

Lets remove the default localtime, and create a symbolic link to the proper time zone. (You probably will want something other then Vancouver)

# rm /etc/localtime
# ln -s /usr/share/zoneinfo/America/Vancouver /etc/localtime

Hostname Set your host name:

# nano /etc/conf.d/hostname

Hwclock

If you're using a dual boot system, you'll want to change this. Otherwise it's entirely optional.

# nano /etc/conf.d/hwclock

If you're on windows you'll want:

# clock="local"

Make.conf Important enough that it deserves it's own article. A template make.conf for the T420 will be forthcoming.

For now: If you have an i5 or i3 you will want

{{{name}}}
{{{body}}}

If you have an i7 you'll probably want:

{{{name}}}
{{{body}}}

But I have Hyperthreading! Why only -j3? Hyperthreading and compiling don't play well together. You'll have the same (or better) performance with -j3 as -j5 with a dual core hyper threaded processor.

Stop, Kernel time!

For this guide we'll be using some pre-found config options that I will be adding later.

  • Networking:
    • iwlwifi and auxilary
    • Unknown intel ethernet adapter. Selected several.
  • GPU
    • Intel available default.
    • nvidia will be dealt with later

Install:

  • wpa_supplicant
  • iwl6000-ucode
  • wireless-tools


Bootloader Setup

In funtoo the setup of grub is extremely simplified.

# emerge -vqat boot-update

Q: What are those options? A: We'll get to them later, lets get the system booted first, okay? Boot-update is a tool that will allow for very simple configuration of grub similar to older versions (But nicer still).

You will now edit the file /etc/boot.conf:

{{{name}}}
{{{body}}}

This can be configured (We'll touch on this later. We need to make sure the kernel is booting and working before we start tweaking) with options for the kernel.

Dual-Booters Only

If you want to dual boot with windows you'll need to add an entry here:

{{{name}}}
{{{body}}}

Installing Grub onto the Drive(Everyone)

Next we can install grub onto the drive.

# grub-install --no-floppy /dev/sda
# boot-update

No errors means we should be good to go!

Tidy up and go.

Just a few more things!

Lets set a root password.

# passwd

It is advisable to exit the chroot and umount all the relevant install drives. Or at least just exit the chroot, but you can just simply reboot from here.

# exit
# cd /
# umount /mnt/funtoo/boot /mnt/funtoo/dev /mnt/funtoo/proc /mnt/funtoo
# reboot

Configuring the New System

Welcome to funtoo! You should be greeted by a bunch of spammy text that scrolls by reasonably fast and then a couple penguins and openrc. Login to your root user and lets start playing.

A note, this part of the guide is meant to be much more of a dialogue between us.

Getting up the (wired) network

If you're gifted with a wired network connect, use it! The initial setup is much more convenient and quick.

Quickly set up the network with

# /etc/init.d/dhcpcd start

Now check to see if our wired adapter is listed with ifconfig.

# ifconfig
#  (or)
# ping google.com

If you see it listed with a description, we're good to go!

Editing the make.conf

Before we start merging into our tree everything under the sun, lets do some system planning.

You can use this as a starting point:

{{{name}}}
{{{body}}}

Installing an Editor

Well, first things first lets get ourselves an editor. The author prefers vim, but you may like emacs or something else... Feel free to disregard this and explore! If you plan to have multiple users however, this will often be expected by experienced linux users.

# emerge vim

Check that your USE flags look reasonable (see above) and feel free to do any fine tweaking in /etc/portage/package.use. Consult your output after merge! You may want to follow some of it's advice.

You can find multiple good guides on google for vim configurations and setups. Funtoo also provides a very nice base configuration in /etc/vim/vimrc.

Boot Parameters

The T420 has a number of boot parameters that can be set to conserve power. On a laptop these options are generally reasonable:

{{{name}}}
{{{body}}}

When you're done, update grub with:

# boot-update

Power Saving Local Scripts

Next we're going to set up a script that runs at default runlevel for the machine. This will echo several options to various dev files. Most distros would do this via /etc/rc.local or something of the like.

With Funtoo (and Gentoo) this is accomplished via

/etc/local.d

Consult the README (in directory) for more information.

$ cat /etc/local.d/power-saving.start
# /bin/bash
#
echo 1 > /sys/modules/snd_hda_intel/parameters/power_save
for i in /sys/bus/usb/devices/*/power/autosuspend; do
    echo 1 > $i
done
for i in /sys/class/scsi_host/host*/link_power_management_policy; do
    echo min_power > $i
done

If you copy this wholesale remember to chmod -x the file!

rc.conf

rc.conf lets us change some options to do with open RC.

First, lets set rc_sys to it's default, this will suppress a warning message at boot.

rc_sys=""

Next, we can turn on rc_parallel to get a bit of speedup on boot.

rc_parallel="YES"

If you get errors or problems with services on boot, try turning this off.

Making it Usable

Next we'll be setting up a normal user and installing the venerable Xorg.

Mouse in framebuffer

Right now we should be looking at a framebuffer'd console.

/etc/init.d/gpm start

gpm is a daemon that allows us to use our mouse (trackpad/trackpoint) on console. Give it a try! If you want to keep it on across boots, add it to your init.

rc-update add gpm default

Making a New User =

Lets use superadduser to make the task ever so much easier (Though, it is already easy)

emerge superadduser
superadduser

Walk through the prompts and set up your user how you choose.

Sudo Make Me a Sandwich

Next lets merge in sudo, and set up our new user to be able to use sudo.

emerge sudo

Now edit the config with

visudo

You'll probably want to uncomment out one of the two options:

## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL) ALL

## Same thing without a password
# %wheel ALL=(ALL) NOPASSWD: ALL

Now just add your user to the 'wheel' group.

gpasswd -a foouser wheel
exit

Now re-login as your user, and you should be good to go!

Tmux

Before we emerge xorg, lets get tmux working so we can easily scroll through output and look at USE flags etc.

emerge tmux

The default config will suffice for now. You may find it beneficial to learn to use tmux properly sometime, but for now we'll hold hands.

tmux

Now we can scroll through output with CTRL+B [ and the up and down arrows.

Xorg

Xorg is a large topic in and on itself. We'll focus on getting a working xorg and a simple window manager.

# (in tmux)
sudo emerge xorg-server

Once again use CTRL+B [ to start scrolling (escape to exit) and look through your use flags, adding anything you might want.

A note on Gnome

Want to get rid of that awful lock screen on wake from suspend?

gsettings set org.gnome.desktop.lockdown disable-lock-screen 'true'