gentoo installation notes
some notes from my attempt at installing gentoo to my thinkpad t420 labtop
set root password so i can ssh
passwd
setup disks
(need to learn how to do headless luks encryption, else there’d only be 1 partition. genkernel doesn’t work with headless luks)
lsblk
here, sda is my laptop’s hard drive
parted -a optimal /dev/sda
mklabel gpt
unit mib
mkpart primary 1 3
name 1 grub
set 1 bios_grub on
mkpart primary 3 131
name 2 boot
set 2 boot on
mkpart primary 131 -1
name 3 root
quit
prepare for encryption first overwrite disks with data from urandom (this takes a long time)
dd if=/dev/urandom of=/dev/sda3 bs=1M status=progress
https://wiki.archlinux.org/index.php/Dm-crypt https://wiki.gentoo.org/wiki/Dm-crypt https://wiki.gentoo.org/wiki/Dm-crypt_full_disk_encryption
cryptsetup --cipher serpent-xts-plain64 --key-size 512 --hash sha512 luksFormat /dev/sda3
Enter passphrase
cryptsetup luksOpen /dev/sda3 gentoo
setup logical volume manager, could try a single btrfs partition and its’ subvolumes feature
pvcreate /dev/mapper/gentoo
vgcreate vg /dev/mapper/gentoo
lvcreate --size 12G --name swap vg
lvcreate --size 50G --name root vg
lvcreate --extents 100%FREE --name home vg
vgchange --available y
format the LVs, ext4 seems easiest, xfs cant be shrunk but there are workarounds, jfs doesn’t have defrag, dont know if btrfs horror stories are up to date it may actually be stable
mkswap -L "swap" /dev/mapper/vg-swap
swapon -v /dev/mapper/vg-swap
mkfs.ext4 -L "root" /dev/mapper/vg-root
mkfs.ext4 -L "home" -m 0 /dev/mapper/vg-home
mkfs.ext2 -L "boot" -T small /dev/sda2
mounting
mount -v -t ext4 /dev/mapper/vg-root /mnt/gentoo
mkdir -v /mnt/gentoo/{home,boot}
mount -v -t ext4 /dev/mapper/vg-home /mnt/gentoo/home
mount -v -t ext2 /dev/sda2 /mnt/gentoo/boot
download tarball, verify and extract
wget http://distfiles.gentoo.org/releases/amd64/autobuilds/20170427/stage3-amd64-20170427.tar.bz2
wget http://distfiles.gentoo.org/releases/amd64/autobuilds/20170427/stage3-amd64-20170427.tar.bz2.CONTENTS
wget http://distfiles.gentoo.org/releases/amd64/autobuilds/20170427/stage3-amd64-20170427.tar.bz2.DIGESTS.asc
gpg --keyserver pool.sks-keyservers.net --recv-key 2D182910 gpg --verify stage3-amd64-*.tar.bz2.DIGESTS.asc
awk '/SHA512 HASH/{getline;print}' stage3-amd64-*.tar.bz2.DIGESTS.asc | sha512sum --check
tar xvjpf stage3-*.tar.bz2 --xattrs --numeric-owner
configure make.conf, this is specific to my t420’s cpu
CFLAGS="-march=native -O2 -pipe"
CXXFLAGS="${CFLAGS}"
MAKEOPTS="-j4"
EMERGE_DEFAULT_OPTS="--jobs 5 --load-average 4.0"
CHOST="x86_64-pc-linux-gnu"
CPU_FLAGS_X86="aes avx mmx mmxext popcnt sse sse2 sse3 sse4_1 sse4_2 ssse3"
USE="${CPU_FLAGS_X86}"
ACCEPT_KEYWORDS="amd64"
ACCEPT_LICENSE="*"
USE="bindist"
CPU_FLAGS_X86="mmx sse sse2"
PORTDIR="/usr/portage"
DISTDIR="${PORTDIR}/distfiles"
PKGDIR="${PORTDIR}/packages"
# Settings for X11
VIDEO_CARDS="intel i95"
INPUT_DEVICES="evdev synaptics"
GENTOO_MIRRORS="http://distfiles.gentoo.org"
Mount more things
mount -t proc /proc /mnt/gentoo/proc
mount --rbind /sys /mnt/gentoo/sys
mount --make-rslave /mnt/gentoo/sys
mount --rbind /dev /mnt/gentoo/dev
mount --make-rslave /mnt/gentoo/dev
CHROOT
chroot /mnt/gentoo /bin/bash
source /etc/profile
export PS1="(chroot) $PS1"
time, locale and keymap
echo "Europe/London" > /etc/timezone
emerge -v --config sys-libs/timezone-data
nano -w /etc/locale.gen
en_GB ISO-8859-1
en_GB.UTF-8 UTF-8
locale-gen
eselect locale list
eselect locale set N
nano -w /etc/conf.d/keymaps
keymap="uk"
now i can bootstrap, optional but i think it replaces all of the pre-compiled stuff with my own
cd /usr/portage/scripts
./bootstrap.sh --pretend
./bootstrap.sh
check gcc-config
gcc-config -l
bootstrap the 2nd time, compiling everything with my own tools that were made with the precompiled ones
./bootstrap.sh
gcc-config -l
cd /
kernel config and compilation. i’m not good enough yet to do this manually so use genkernel
emerge --ask sys-kernel/gentoo-sources
ls -l /usr/src/linux genkernel --lvm all
genkernel took 35 minutes to complete
i don’t know wtf to do with modules, for now i’m leaving /etc/conf.d/modules empty and we’ll see what happens
emerge --ask sys-kernel/linux-firmware
fstab must be created, i dont know how this works with luks, maybe grub can decrypt sda3 for us later on. i read something about a file called crypttab but i can’t find it
nano -w /etc/fstab
/dev/cdrom /mnt/cdrom auto noauto,user 0 0
/dev/sda2 /boot ext2 defaults,noatime 0 2
/dev/mapper/vg-swap none defaults,sw 0 0
/dev/mapper/vg-root / ext4 defaults,noatime 0 1
/dev/mapper/vg-home /home ext4 defaults,noatime 0 2
network info
nano -w /etc/conf.d/hostname
nano -w /etc/conf.d/net
config_eth0="dhcp"
cd /etc/init.d
ln -s net.lo net.eth0
rc-update add net.eth0 default
emerge --ask --noreplace net-misc/netifrc
enable some other stuff
emerge --ask app-admin/sysklogd sys-process/cronie sys-apps/mlocate rc-update add sysklogd default
rc-update add cronie default
rc-update add sshd default
enable wireless
emerge --ask wpa_supplicant net-misc/dhcpcd nano -w /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=wheel
configuring grub
grub-install --target=i386-pc --recheck