Ben Stienstra

Linux, Unix, network, radio and more...

User Tools

Site Tools


lenovo_x1_carbon_2015_gentoo

~~TOC~~

Lenovo X1 Carbon 2015 - Gentoo install

2015-08-05: Things change… if in doubt read the Gentoo wiki.

BIOS Settings

  • Disable Secure boot
  • Disable Intel Rapid Start
  • Disable Intel(R) AMT
  • Disable Intel NFF Control
  • Disable Computrace Module Activation
  • Optional: enable Fn Sticky Key

Starting points

  • UEFI: Unified Extensible Firmware Interface
  • GPT: GUID partition table.
  • LUKS: Linux Unified Key Setup
  • LVM: Logical Volume Manager.
  • ext4: file system.
  • GRUB2: bootloader
  • SystemD: init system.

Prerequisites

Boot from USB

  • Boot laptop, press enter to interrupt normal startup, then press F12 and select USB drive.
  • At the GRUB menu select the default 64bit boot option.
  • If you have a HiDPI screen, select a more readable font:
    setfont ter-u32n
  • Change the root password, log in from another system (SSH) to start the installation.

Prepare SSD

  • Wipe the SSD:
    wipefs /dev/sda -a
    sgdisk --zap /dev/sda
  • If you used the SDD before, please securely erase the drive first.
  • Check with fdisk to see if the partition table is empty.
  • Create GPT partition table (option g with fdisk)
  • Create a 2MiB BIOS boot partition. The BIOS boot partition is needed when GPT partition layout is used with GRUB2 (type: BIOS boot).
  • Create 512MiB EFI partition (type: EFI System).
  • Create a new (rest of the disk) LVM partition.
  • Example layout:
    Disk /dev/sda: 238.5 GiB, 256060514304 bytes, 500118192 sectors
    Units: sectors of 1 * 512 = 512 bytes
    Sector size (logical/physical): 512 bytes / 512 bytes
    I/O size (minimum/optimal): 512 bytes / 512 bytes
    Disklabel type: gpt
    Disk identifier: 7CE0001F-3F1C-4A08-A598-96D4AA484581
    
    Device       Start       End   Sectors  Size Type
    /dev/sda1     2048      6143      4096    2M BIOS boot
    /dev/sda2     6144   1054719   1048576  512M EFI System
    /dev/sda3  1054720 500118158 499063439  238G Linux LVM
  • Format EFI partiton:
    mkfs.vfat -F32 /dev/sda2
  • Encrypt harddrive:
    cryptsetup -c aes-xts-plain64 -h sha256 -s 512 luksFormat /dev/sda3
  • Check results:
    cryptsetup luksDump /dev/sda3
  • Open the device:
    cryptsetup luksOpen /dev/sda3 lvm
  • Create LVM PV, VG and LVs:
    pvcreate /dev/mapper/lvm
    vgcreate ssd /dev/mapper/lvm
    lvcreate -L 8G ssd -n swapvol
    lvcreate -l +100%FREE ssd -n rootvol
  • Create filesystems:
    mkfs.ext4 /dev/mapper/ssd-rootvol
    mkswap /dev/mapper/ssd-swapvol
  • Mount filesystems:
    mount /dev/ssd/rootvol /mnt/gentoo
    mkdir -p /mnt/gentoo/boot/efi
    mount /dev/sda2 /mnt/gentoo/boot/efi
    swapon /dev/ssd/swapvol

Install stage

  • Check and set date:
    # date
    Thu Dec 18 19:56:19 UTC 2014
    # date [MMDDhhmm[[CC]YY][.ss]]
    
    #or
    ntpdate ntp1.polaire.nl
  • Download stage3 tarballs, go to releases/amd64/autobuilds/ on a mirror nearby:
    # cd /mnt/gentoo
    # elinks http://www.gentoo.org/main/en/mirrors.xml
  • Move to the releases/amd64/autobuilds/ and download the files below:
    • stage3-amd64-[date].tar.bz2
    • stage3-amd64-[date].tar.bz2.CONTENTS
    • stage3-amd64-[date].tar.bz2.DIGESTS
    • stage3-amd64-[date].tar.bz2.DIGESTS.asc</code>
  • Verify integrity:
    # openssl dgst -r -sha512 stage3-amd64-<release>.tar.bz2
  • Verify cryptographic signature:
    # gpg --recv-keys 0xBB572E0E2D182910
    # gpg --verify stage3-amd64-20141204.tar.bz2.DIGESTS.asc 
  • Unpack tarball:
    # tar xvjpf stage3-*.tar.bz2 --xattrs

Install base

  • Edit /mnt/gentoo/root/etc/portage/make.conf:
    vi /mnt/gentoo/etc/portage/make.conf
    CFLAGS="-march=native -O2 -pipe"
    CXXFLAGS="${CFLAGS}"
    MAKEOPTS="-j5"
  • Copy DNS info:
    cp -L /etc/resolv.conf /mnt/gentoo/etc/
  • Mount special file systems:
    mount -t proc proc /mnt/gentoo/proc
    mount --rbind /sys /mnt/gentoo/sys
    mount --make-rslave /mnt/gentoo/sys
    mount --rbind /dev /mnt/gentoo/dev
    mount --make-rslave /mnt/gentoo/dev
  • Enter new environment:
    chroot /mnt/gentoo /bin/bash
    source /etc/profile
    export PS1="(chroot) $PS1"

Configure portage

  • Install a portage snapshot:
    # emerge-webrsync
  • Update portage tree to latest version:
    # emerge --sync --quiet
  • Select profile (for example: desktop/gnome/systemd):
    # eselect profile list
    # eselect profile set <num>
  • Create symlink for SystemD:
    # ln -sf /proc/self/mounts /etc/mtab
  • Re emerge in order to compile with systemd :
    # emerge -avDN @world
  • Install VIM:
    # emerge --ask vim
  • Configure timezone:
    # echo "Europe/Amsterdam" > /etc/timezone
  • Reconfigure the sys-libs/timezone-data package:
    # emerge --config sys-libs/timezone-data
  • Configure locale:
    # vi /etc/locale.gen
    en_US.UTF-8 UTF-8
    
    # locale-gen
    # locale -a
  • Set system wide locale:
    # eselect locale list
    # eselect locale set <num>
  • Reload environment:
    # env-update && source /etc/profile

Configure Kernel

  • Install kernel sources:
    # emerge --ask sys-kernel/gentoo-sources
  • Install pci utils:
    # emerge --ask sys-apps/pciutils
  • Emerge genkernel-next:
     emerge genkernel-next
  • Emerge linux firmware:
    emerge linux-firmware
  • Emerge LVM:
    emerge --ask lvm2
    emerge sys-fs/cryptsetup
  • Build kernel:
    genkernel --lvm --menuconfig all
    
    Gentoo Linux --->
            Support for init systems, system and service managers --->
                    [*]Openrc 
                    [*] systemd
    
    Device Drivers  --->
       Multiple devices driver support (RAID and LVM)  --->
           <*> Device mapper support
               <*> Crypt target support
               <*> Snapshot target
               <*> Mirror target
           <*> Multipath target
               <*> I/O Path Selector based on the number of in-flight I/Os
               <*> I/O Path Selector based on the service time
    
  • Build initramfs:
    genkernel --luks --lvm --install initramfs
  • Check:
    ls /boot/initramfs*
  • Configure /etc/fstab:
    /dev/sda2               /boot/efi       vfat            noauto,noatime  1 2
    /dev/mapper/ssd-rootvol /               ext4            noatime         0 1
    /dev/mapper/ssd-swapvol none            swap            sw              0 0
  • Configure networking:
    # vi /etc/conf.d/hostname
    
    # vi /etc/conf.d/net
    dns_domain_lo="polaire.nl"
    config_enp0s25="dhcp"
    
    #  emerge --ask --noreplace net-misc/netifrc
    
  • Edit /etc/hosts
    127.0.0.1     tux.homenetwork tux localhost
  • Set root password:
    passwd

Install tools

  • Install mailx:
    # emerge --ask virtual/mailx
    # emerge --config =mail-mta/nullmailer-1.13-r4
  • Install logrotate:
    # emerge --ask app-admin/logrotate
  • Install cron:
    # emerge --ask sys-process/cronie
    # systemctl enable cronie.service
  • Install file indexing:
    # emerge --ask sys-apps/mlocate
  • Install DHCP client:
    # emerge --ask net-misc/dhcpcd

Install bootloader

  • Add EFI support:
    vi /etc/portage/make.conf
    GRUB_PLATFORMS="efi-64"
  • Install grub2:
    # echo "sys-boot/grub:2 device-mapper" >>/etc/portage/package.use/grub
    
    # emerge --ask sys-boot/grub
  • Edit grub config:
    # echo 'GRUB_ENABLE_CRYPTODISK=y' >> /etc/default/grub
    # echo 'GRUB_CMDLINE_LINUX="udev dolvm crypt_root=/dev/sda3 real_root=/dev/ssd/rootvol cryptdevice=/dev/sda3:ssd-rootvol"' >> /etc/default/grub
  • Generate config:
    # grub2-mkconfig -o /boot/grub/grub.cfg
  • Install grub2:
    # grub2-install /dev/sda

Reboot system

  • Exit chroot:
    exit
  • Umount:
    umount -l /mnt/gentoo/dev{/shm,/pts,}
    umount /mnt/gentoo{/boot,/sys,/proc,}
    reboot
lenovo_x1_carbon_2015_gentoo.txt · Last modified: 2015/08/06 13:02 by admin