lenovo_x1_carbon_2015_gentoo
Table of Contents
Lenovo X1 Carbon 2015 - Gentoo install
2015-08-05: Things change… if in doubt read the Gentoo wiki.
BIOS Settings
- Disable Secure boot
- Disable Intel Rapid Start
- Disable Intel(R) AMT
- Disable Intel NFF Control
- Disable Computrace Module Activation
- Optional: enable Fn Sticky Key
Starting points
- UEFI: Unified Extensible Firmware Interface
- GPT: GUID partition table.
- LUKS: Linux Unified Key Setup
- LVM: Logical Volume Manager.
- ext4: file system.
- GRUB2: bootloader
- SystemD: init system.
Prerequisites
- The Gentoo (minimal) ISO does not seem to boot with UEFI, so download the latest SystemRescueCD.
- Create USB stick or try UNetbootin.
Boot from USB
- Boot laptop, press enter to interrupt normal startup, then press F12 and select USB drive.
- At the GRUB menu select the default 64bit boot option.
- If you have a HiDPI screen, select a more readable font:
setfont ter-u32n
- Change the root password, log in from another system (SSH) to start the installation.
Prepare SSD
- Wipe the SSD:
wipefs /dev/sda -a sgdisk --zap /dev/sda
- If you used the SDD before, please securely erase the drive first.
- Check with fdisk to see if the partition table is empty.
- Create GPT partition table (option g with fdisk)
- Create a 2MiB BIOS boot partition. The BIOS boot partition is needed when GPT partition layout is used with GRUB2 (type: BIOS boot).
- Create 512MiB EFI partition (type: EFI System).
- Create a new (rest of the disk) LVM partition.
- Example layout:
Disk /dev/sda: 238.5 GiB, 256060514304 bytes, 500118192 sectors Units: sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disklabel type: gpt Disk identifier: 7CE0001F-3F1C-4A08-A598-96D4AA484581 Device Start End Sectors Size Type /dev/sda1 2048 6143 4096 2M BIOS boot /dev/sda2 6144 1054719 1048576 512M EFI System /dev/sda3 1054720 500118158 499063439 238G Linux LVM
- Format EFI partiton:
mkfs.vfat -F32 /dev/sda2
- Encrypt harddrive:
cryptsetup -c aes-xts-plain64 -h sha256 -s 512 luksFormat /dev/sda3
- Check results:
cryptsetup luksDump /dev/sda3
- Open the device:
cryptsetup luksOpen /dev/sda3 lvm
- Create LVM PV, VG and LVs:
pvcreate /dev/mapper/lvm vgcreate ssd /dev/mapper/lvm lvcreate -L 8G ssd -n swapvol lvcreate -l +100%FREE ssd -n rootvol
- Create filesystems:
mkfs.ext4 /dev/mapper/ssd-rootvol mkswap /dev/mapper/ssd-swapvol
- Mount filesystems:
mount /dev/ssd/rootvol /mnt/gentoo mkdir -p /mnt/gentoo/boot/efi mount /dev/sda2 /mnt/gentoo/boot/efi swapon /dev/ssd/swapvol
Install stage
- Check and set date:
# date Thu Dec 18 19:56:19 UTC 2014 # date [MMDDhhmm[[CC]YY][.ss]] #or ntpdate ntp1.polaire.nl
- Download stage3 tarballs, go to releases/amd64/autobuilds/ on a mirror nearby:
# cd /mnt/gentoo # elinks http://www.gentoo.org/main/en/mirrors.xml
- Move to the releases/amd64/autobuilds/ and download the files below:
- stage3-amd64-[date].tar.bz2
- stage3-amd64-[date].tar.bz2.CONTENTS
- stage3-amd64-[date].tar.bz2.DIGESTS
- stage3-amd64-[date].tar.bz2.DIGESTS.asc</code>
- Verify integrity:
# openssl dgst -r -sha512 stage3-amd64-<release>.tar.bz2
- Verify cryptographic signature:
# gpg --recv-keys 0xBB572E0E2D182910 # gpg --verify stage3-amd64-20141204.tar.bz2.DIGESTS.asc
- Unpack tarball:
# tar xvjpf stage3-*.tar.bz2 --xattrs
Install base
- Edit /mnt/gentoo/root/etc/portage/make.conf:
vi /mnt/gentoo/etc/portage/make.conf CFLAGS="-march=native -O2 -pipe" CXXFLAGS="${CFLAGS}" MAKEOPTS="-j5"
- Copy DNS info:
cp -L /etc/resolv.conf /mnt/gentoo/etc/
- Mount special file systems:
mount -t proc proc /mnt/gentoo/proc mount --rbind /sys /mnt/gentoo/sys mount --make-rslave /mnt/gentoo/sys mount --rbind /dev /mnt/gentoo/dev mount --make-rslave /mnt/gentoo/dev
- Enter new environment:
chroot /mnt/gentoo /bin/bash source /etc/profile export PS1="(chroot) $PS1"
Configure portage
- Install a portage snapshot:
# emerge-webrsync
- Update portage tree to latest version:
# emerge --sync --quiet
- Select profile (for example: desktop/gnome/systemd):
# eselect profile list # eselect profile set <num>
- Create symlink for SystemD:
# ln -sf /proc/self/mounts /etc/mtab
- Re emerge in order to compile with systemd :
# emerge -avDN @world
- Install VIM:
# emerge --ask vim
- Configure timezone:
# echo "Europe/Amsterdam" > /etc/timezone
- Reconfigure the sys-libs/timezone-data package:
# emerge --config sys-libs/timezone-data
- Configure locale:
# vi /etc/locale.gen en_US.UTF-8 UTF-8 # locale-gen # locale -a
- Set system wide locale:
# eselect locale list # eselect locale set <num>
- Reload environment:
# env-update && source /etc/profile
Configure Kernel
- Install kernel sources:
# emerge --ask sys-kernel/gentoo-sources
- Install pci utils:
# emerge --ask sys-apps/pciutils
- Emerge genkernel-next:
emerge genkernel-next
- Emerge linux firmware:
emerge linux-firmware
- Emerge LVM:
emerge --ask lvm2 emerge sys-fs/cryptsetup
- Build kernel:
genkernel --lvm --menuconfig all Gentoo Linux ---> Support for init systems, system and service managers ---> [*]Openrc [*] systemd Device Drivers ---> Multiple devices driver support (RAID and LVM) ---> <*> Device mapper support <*> Crypt target support <*> Snapshot target <*> Mirror target <*> Multipath target <*> I/O Path Selector based on the number of in-flight I/Os <*> I/O Path Selector based on the service time
- Build initramfs:
genkernel --luks --lvm --install initramfs
- Check:
ls /boot/initramfs*
- Configure /etc/fstab:
/dev/sda2 /boot/efi vfat noauto,noatime 1 2 /dev/mapper/ssd-rootvol / ext4 noatime 0 1 /dev/mapper/ssd-swapvol none swap sw 0 0
- Configure networking:
# vi /etc/conf.d/hostname # vi /etc/conf.d/net dns_domain_lo="polaire.nl" config_enp0s25="dhcp" # emerge --ask --noreplace net-misc/netifrc
- Edit /etc/hosts
127.0.0.1 tux.homenetwork tux localhost
- Set root password:
passwd
Install tools
- Install mailx:
# emerge --ask virtual/mailx # emerge --config =mail-mta/nullmailer-1.13-r4
- Install logrotate:
# emerge --ask app-admin/logrotate
- Install cron:
# emerge --ask sys-process/cronie # systemctl enable cronie.service
- Install file indexing:
# emerge --ask sys-apps/mlocate
- Install DHCP client:
# emerge --ask net-misc/dhcpcd
Install bootloader
- Add EFI support:
vi /etc/portage/make.conf GRUB_PLATFORMS="efi-64"
- Install grub2:
# echo "sys-boot/grub:2 device-mapper" >>/etc/portage/package.use/grub # emerge --ask sys-boot/grub
- Edit grub config:
# echo 'GRUB_ENABLE_CRYPTODISK=y' >> /etc/default/grub # echo 'GRUB_CMDLINE_LINUX="udev dolvm crypt_root=/dev/sda3 real_root=/dev/ssd/rootvol cryptdevice=/dev/sda3:ssd-rootvol"' >> /etc/default/grub
- Generate config:
# grub2-mkconfig -o /boot/grub/grub.cfg
- Install grub2:
# grub2-install /dev/sda
Reboot system
- Exit chroot:
exit
- Umount:
umount -l /mnt/gentoo/dev{/shm,/pts,} umount /mnt/gentoo{/boot,/sys,/proc,} reboot
lenovo_x1_carbon_2015_gentoo.txt · Last modified: 2021/10/09 15:14 by 127.0.0.1