I decided to reinstall Gentoo Linux on my computer, but this time I wanted the whole drive to be encrypted -- including the system partition and the swap, and not only the data partition, as before. Among the other non-standard details, I also have a Wacom tablet and want to be able to type Japanese text. I proceeded as follows (if you do not want that much encryption, just use the livecd: you have a complete, useable system in less than one hour, instead of one or two days).
# Boot the livecd # Make sure the keyboard is set properly. If not (for a British keyboard): loadkeys uk # Delete the whole disk (the speed was 5 to 6 MB/s) dd if=/dev/urandom of=/dev/hda bs=2048k # Create four partitions: boot, swap, system and home fdisk /dev/hda # Encrypt them (the boot partition is not encrypted, # the swap will be taken care of later) cryptsetup luksFormat /dev/hda3 cryptsetup luksFormat /dev/hda4 cryptsetup luksOpen /dev/hda3 root cryptsetup luksOpen /dev/hda4 home # Mount those partitions mkdir /mnt/gentoo mount /dev/mapper/root /mnt/gentoo mkdir /mnt/gentoo/home mount /dev/mapper/home /mnt/gentoo/home mkdir /mnt/gentoo/boot mount /dev/hda1 /mnt/gentoo/boot # Download and install a stage3 tarball (in the releases directory) cd /mnt/gentoo links http://www.gentoo.org/main/en/mirrors.xml tar pjxvf stage3* # Download and install a portage snapshot links http://www.gentoo.org/main/en/mirrors.xml cd usr tar jxvf ../portage* # Check the date (UTC, format is MMDDhhmmYYYY) date date 060319002007 # Set the timezone cd /mnt/gentoo ls usr/share/zoneinfo cp usr/share/zoneinfo/Europe/London /etc/localtime # Set the timezone (again): TIMEZONE="Europe/London" vi etc/conf.d/clock # Create the chroot mount -t proc proc /mnt/gentoo/proc cp -L /etc/resolv.conf /mnt/gentoo/etc/ chroot /mnt/gentoo /bin/bash env-update source /etc/profile emerge vim # You may want to set the name of the computer vi /etc/hosts vi /etc/conf.d/hostname hostname localhost # Compile the kernel # Make sure you ask for luks (that should be installed before) # Make sure you do not forget to compile in (not as modules) all the ciphers # you need. # Make sure you do not forget dm-crypt (in the RAID subsection of the device # drivers subsection). emerge gentoo-sources genkernel cryptsetup-luks grub genkernel --menuconfig --luks all # Edit /boot/grub/grub.conf timeout 10 default 0 splashimage=(hd0,0)/boot/grub/splash.xpm.gz title genkernel-x86_64-2.6.20-gentoo-r8 root (hd0,0) kernel /kernel-genkernel-x86_64-2.6.20-gentoo-r8 root=/dev/ram0 init=/linuxrc ramdisc=8192 vga=0x31b splash=silent crypt_root=/dev/hda3 initrd /initramfs-genkernel-x86_64-2.6.20-gentoo-r8 # Edit etc/fstab /dev/hda1 /boot ext2 noauto,noatime 1 2 /dev/mapper/root / ext3 noatime 0 1 /dev/mapper/swap none swap sw 0 0 /dev/mapper/home /home ext3 noatime 0 0 # Check where the swap partition is used grep /etc/init.d/* swapon # Edit this file and ask that it be created at boot time # Note: it is probably cleaner to just edit /etc/conf.d/cryptfs instead # (when I initially did it, the comments in this file were much more # confusing than they now are) cryptsetup -d /dev/urandom create swap /dev/hda2 mkswap /dev/mapper/swap swapon /dev/mapper/swap # Edit /etc/conf.d/cryptfs target=home source='/dev/hda4' options='' # Set the root password passwd # Have the network started at boot time emerge dhcpd rc-update add net.eth0 default # Cronrab, syslog emerge vixie-cron syslog-ng slocate # Create a user (-m creates a home directory) adduser -g users -G lp,wheel,audio,cdrom,portage,cron -m zoonek passwd zoonek # Sundries vi /etc/locale.gen vi /etc/conf.d/keymaps vi /etc/rc.conf # Select the nearest mirrors emerge mirrorselect mirrorselect -i -o >> /etc/make.conf mirrorselect -i -r -o >> /etc/make.conf # Reboot # If/Since it does not work, reboot on the livecd, go in the chroot and # check the kernel configuration and the grub configuration file cryptsetup luksOpen /dev/hda3 mount /dev/mapper/root /mnt/gentoo mount /dev/hda1 /mnt/gentoo/boot mount -t proc proc /mnt/gentoo/proc chroot /mnt/gentoo /bin/bash env-update source /etc/profile genkernel --menuconfig --luks --no-clean all # Use --no-clean to keep your ls -l /boot/ # previous choices vi /boot/grub/grub.conf # Compile a more complete system... # Change the profile (it was the default one, not a desktop one) ln -s /usr/portage/profiles/default-linux/amd64/2007.0/desktop /etc/make.profile # In /etc/make.conf: MAKEOPTS="-j3" USE="a52 aac alsa ansi avi bzip2 cairo cdr cjk curl dbus djvu doc dts dvd dvdr eds emboss encode examples ffmpeg fftw firefox flac flash fortran gcj gd gif gmp gnome graphviz gstreamer gtk gkt2 hak immqt jack jack-tmpfs jpeg jpeg2k kde mad matroska mikmod mp3 mp4 mpeg musepack nls nvidia odbc ogg opengl pdf pdflib perl png postgres python qt3 qt4 quicktime real ruby sdl sox speex spell sqlite3 svg tcltk tetex tga theora tiff truetype unicode vcd visualization vorbis wavpack win32codecs X x264 xanim xml xv xvid usb" INPUT_DEVICES="evdev keyboard mouse wacom" # This *will* take ages... # If it does not work, you usually have an explicit error message, that asks # you to recompile something else with different USE flags. I use the # --noreplace --newuse --oneshot options. # In case you really want to recompile everything: emerge --emptytree world emerge --update --newuse --deep system emerge --update --newuse --deep world emerge xorg-x11 kde gnome emerge freefonts sharefonts corefonts artwiz-fonts dejavu terminus-font ttf-bitstream-vera unifont freetype echo 'media-fonts/texcm-ttf' >> /etc/portage/package.keywords emerge texcm-ttf emerge amarok emerge sweep emerge mplayer mkvtoolnix mpeg4ip subtitleripper transcode vlc gpac echo 'app-office/openoffice' >> /etc/portage/package.keywords echo 'sys-libs/db' >> /etc/portage/package.keywords emerge openoffice emerge psutils scribus inkscape amarok gimp evince gqview echo 'media-gfx/blender' >> /etc/portage/package.keywords emerge blender emerge cksfv lha p7zip unace unrar unshield cabextract emerge g-cpan gentoolkit layman sudo strace netcat nmap traceroute ntp telnet-bsd ncftp htop lsof xev zsh emerge cvs subversion emerge jedit kxmleditor mlview vim xemacs kate # X11, NVidia emerge xorg-x11 twm # If you have time, try "emerge kde gnome xfce" # If you want a decent desktop without having to # wait for a couple of days, try "emerge xfce" emerge nvidia-drivers eselect opengl set nvidia # Edit /etc/X11/X11.conf # If you forget something, you end up with a weird behaviour, # such as mplayer being unable to go fullscreen because of a # missing module. # You might also want to try: # xorgcfg -textmode # xorgconfig # mkxf86config # No questions to answer... Section "Files" # I am not sure this should be empty EndSection Section "Module" Load "freetype" Load "extmod" Load "glx" Load "dbe" Load "record" Load "xtrap" Load "type1" Load "speedo" EndSection Section "InputDevice" Identifier "Mouse0" Driver "mouse" Option "Protocol" "Auto" Option "Emulate3Buttons" Option "Device" "/dev/input/mice" EndSection Section "InputDevice" Identifier "Keyboard0" Driver "kbd" Option "XkbModel" "pc101" Option "XkbLayout" "gb" EndSection # See http://gentoo-wiki.com/HOWTO_Wacom_Tablet # if you want to configure udev properly to have reliable # device names instead of /dev/input/event3 (which might become # event2 or event4 after a reboot...) Section "InputDevice" Driver "wacom" Identifier "cursor" Option "Device" "/dev/input/event3" Option "Type" "cursor" Option "Mode" "relative" Option "USB" "on" Option "Speed" "1.0" EndSection Section "InputDevice" Driver "wacom" Identifier "stylus" Option "Device" "/dev/input/event3" Option "Type" "stylus" Option "Mode" "absolute" Option "USB" "on" EndSection Section "InputDevice" Driver "wacom" Identifier "eraser" Option "Device" "/dev/input/event3" Option "Type" "eraser" Option "Mode" "absolute" Option "USB" "on" EndSection Section "Monitor" Identifier "Monitor0" HorizSync 80 # 31.5 - 64.3 VertRefresh 75 # 50.0 - 70.0 EndSection Section "Device" Identifier "Card0" Driver "nvidia" EndSection Section "Screen" Identifier "Screen0" Device "Card0" Monitor "Monitor0" DefaultDepth 24 SubSection "Display" Viewport 0 0 Depth 24 Modes "1680x1050" EndSubSection EndSection Section "ServerLayout" Identifier "simple layout" Screen "Screen0" InputDevice "Mouse0" "CorePointer" InputDevice "Keyboard0" "CoreKeyboard" InputDevice "stylus" "SendCoreEvents" InputDevice "cursor" "SendCoreEvents" InputDevice "eraser" "SendCoreEvents" EndSection # Edit /etc/conf.d/xdm if needed DISPLAYMANAGER="kdm" # http://gentoo-wiki.com/HOWTO_Wacom_Tablet # To check that the tablet is working, use wacdump. # To check that X11 receives the right information from it, use xidump. # In Gimp, the tablet may not be activated by default (you can use it, # but only as a mouse, without pressure sensitivity or any distinction # between stylus and eraser: # File --> Preferences --> Input Devices --> Configure extended input devices # Alsa # (There is no sound, but it started one day before I started to reinstall # everything so I suspect a hardware problem...) # (It was a broken fan.) # Make sure ALSA is activated in the kernel and not as a separate package gzip -dc /proc/config.gz | less -i # Look for "sound" emerge alsa-utils alsaconf # It claims I have no sound card... lspci # Still nothing... # For more professional and up-to-date audio applications... layman -fa pro-audio # Unicode echo 'LANG="en_GB.UTF-8"' > /etc/env.d/02locale env-update # Japanese: see http://gentoo-wiki.com/HOWTO_Enabling_Japanese # Fonts emerge media-fonts/kochi-substitute media-fonts/ja-ipafonts media-fonts/arphicfonts media-fonts/baekmuk-fonts emerge cabextract wget http://www.yahelite.org/deep/files/yahelite/Aruniupd.exe # No longer works -- I have an old copy of it cabextract Aruniupd.exe cp *.TTF /usr/share/fonts/ fc-cache -fv # Input method grep -E 'cjk|nls|immqt' /etc/make.conf # If everything has already been compiled, prefer immqt-bc instead of immqt emerge scim-qtimm # For Japanese: emerge scim-anthy # For Chinese: app-i18n/scim-tables app-i18n/scim-pinyin # For Korean: app-i18n/scim-hangul # For 30+ other langauges: app-i18n/scim-m17n # As a normal user echo ' export XMODIFIERS=@im=SCIM export GTK_IM_MODULE=scim export QT_IM_MODULE=scim scim & ' > ~/.xsession # Dictionary: # - There is already a dictionary (kiten) installed with kde # - The corresponding Gnome dictionary (gjiten) is trickier to install # Perl # Make sure you have an overlay directory, otherwise g-cpan yields unhelpful error messages ("uninitialized value"...) echo 'PORTDIR_OVERLAY="/usr/local/portage"' >> /etc/make.conf mkdir /usr/local/portage # Install the modules you need, when you need them (I use those for Blosxom) g-cpan --install File::Cat g-cpan --install Mime::Types # R http://cran.r-project.org/src/base/R-2/R-2.6.0.tar.gz tar zxvf R-2.6.0.tar.gz cd R-2.6.0 ./configure make -j 3 make install wget -r -l 1 -np -nc http://www.sourcekeg.co.uk/cran/src/contrib/ for i in www.sourcekeg.co.uk/cran/src/contrib/*tar.gz; do R CMD INSTALL $i; done mkdir -p /usr/share/texmf/tex/generic/R cp -r /usr/local/lib64/R/share/texmf/* /usr/share/texmf/tex/generic/R mktexlsr # Other mathematical software grep -E 'gd|ansi|tetex' /etc/make.conf emerge --newuse --deep world echo 'sci-mathematics/maxima' >> /etc/portage/package.keywords emerge maxima emerge yacas # Does not work echo 'sci-mathematics/scilab' >> /etc/portage/package.keywords emerge scilab # Does not work emerge octave echo 'dev-util/darcs' >> /etc/portage/package.keywords emerge ghc hugs98 darcs # Eclipse emerge eclipse-sdk # To install plugings (e.g., the CDT (C/C++ development toolkit)), launch Eclipse # and go to Help --> Software updates. # This will install the plugins for *one* user and you will have to install # the dependencies by hand... Nightmare. emerge commons-codec # C# (I do not program in C#, but...) echo 'dev-util/monodevelop' >> /etc/portage/package.keywords echo 'dev-dotnet/gtksourceview-sharp' >> /etc/portage/package.keywords emerge monodevelop # I sometimes have APE (Monkey audio) files but the correspondig software # is distributed under a vague licence that prohibits its inclusion in portage. # Find mac-3.99-u4-b5.tar.gz somewhere (the sourceforge page disappeared) tar zxvf mac-3.99-u4-b5.tar.gz cd mac-3.99-u4-b5 # To extract the ID3 tags cd src/Examples/Analyze/Sample1/ wget http://www.legroom.net/files/software/apeinfo10_source.tgz tar zxvf apeinfo10_source.tgz cd - # Because of an incomplete Makefile, apeinfo has to be static... ./configure --disable-shared --enable-static --prefix=/usr/local #./configure --prefix=/usr/local make make install cp src/Examples/Analyze/Sample1/apeinfo /usr/local/bin/ ldconfig # Basic conversion (individual files, loses ID3 tags) # mac 1.ape 1.wav -d # flac 1.wav # To convert CDImage.ape and CDImage.cue to several *flac files, keeping the ID3 tags # konqueror http://aidanjm.wordpress.com/2007/02/15/split-lossless-audio-ape-flac-wv-wav-by-cue-file/ & apecue2flac () { # No spaces allowed in "$2" (the CUE file) cuebreakpoints $2 | shnsplit -o flac "$1" sh /usr/share/doc/cuetools-1.3.1/extras/cuetag.sh $2 split-track*.flac } emerge cuetools shntool # To convert a single *.ape file to a *.flac while keeping the ID3 tags: # konqueror http://aidanjm.wordpress.com/2007/02/04/converting-monkey%e2%80%99s-audio-ape-files-to-flac-in-ubuntu/ & # convtoflac.sh 1.ape cd /usr/local/bin/ wget -O /usr/local/bin/convtoflac.sh http://www.legroom.net/files/software/convtoflac.sh chmod +x convtoflac.sh perl -p -i -e 's#/usr/bin/sed#/bin/sed#' convtoflac.sh perl -p -i -e 's#/usr/bin/mac#/usr/local/bin/mac#' convtoflac.sh # After recompiling the kernel, be sure to update the NVidia drivers emerge nvidia-drivers # NEEDED emerge alsa-utils # Probably not needed # When updating the system, pay attention to the files that you have modified: # - /etc/conf.d/xdm # DISPLAYMANAGER=kdm # - /etc/conf.d/clock # TIMEZONE="Europe/London" # - /etc/conf.d/cryptfs # - /etc/init.d/localmount
posted at: 19:17 | path: /Linux | permanent link to this entry