- Joined
- 8 Apr 2003
- Messages
- 6,376
This little howto will show you how to setup and compile a minimal Gentoo install - all of this information was found from various sites on the net, and a lot was taken from the gentoo handbook.
Place the disc in the drive and press enter when prompted, when you get to the root prompt type passwd to set a password for the root account, and then net-setup eth0 to configure your network card, then type in - /etc/init.d/sshd start - this will start the ssh server, now you just have to run something like putty, or some other ssh util and connect to your machine.
Here we will set up the disc(s)
Make a 100meg partition,this will be sda1, and will be used as the un-encrypted boot drive
You can change the name vault to anything you like but you will have to remember it for later.
You can change these values depending on the size of your hard drive, the below are used on a 500GB HDD
this could be changed to home or anything you want, again remember it for later
You will want to downlad the latest stage3 tarball, and portage tarball
Next we will edit make.conf to tailor it to your CPU
Safe Cflags AMD
Safe Cflags Intel
Find your CPU from the above links and add what is suggested, i just normally add -march=native -mtune=native, and leave what is already in the make.conf file
Next we will select some mirrors close to you for your updates and syncing of portage
This will copy over the DNS address that you entered if you used manual setup or dhcp
Now to chroot into you install and start the fun
Optional - This is if you wish to use the latest GCC (as of this writing it was 4.6 - you will have to add the ~arch use flag to make.conf to use this ~amd64 ~x86)
Add to /etc/portage/package.keywords
This command will drop you out of the chroot, issue command below to put your right back in there
This will help localize your machine xx_XX is your location, e.g en_US
This command will drop you out of the chroot, issue command below to put your right back in there
emerge -e system - they say with latest versions of gcc you dont have to do this, but because I have changed my flags in make.conf, i do this just to be safe, after the compile has finished you will want to type
Seeing as its a fresh install and no conf files have been changed I just select -5
This will set your local time
Again this will depend on your location - you can issue - ls /usr/share/zoneinfo - and find your location
Now comes the kernel - I always make mine from scratch - you can find out how from here
make menuconfig - change anything you need, this is where the above site comes in handy, or you could go here and ask pappy nice and he may make you a .config file
Now we do a few extra steps to get a nice screen when we boot up
or what ever the version is of the kernel you are using
Here is where you need to remember what you named your vg-ftpweb dir if you changed it
Now we give the machine a name
Now we setup the network
Now to map any ip addresses to names if you require it
Here you should just uncomment the options rc_logger="YES" and rc_sys=""
Here we can set the loayout of your Keyboard
Here you can set the time, You can either leave it as UTC (which always shows wrong time for me) or you can set it to local
Now we install the system tools
This will install the firewall, this will not be covered here, but there are many guides on the net
This will set the SSH to start when the pc boots
Now we install the boot loader
Now we have to make the initramfs, so that the system can open and boot the encrypted drive
This will make and compile the initramfs
In order for the file we just made to be ran we have to change it's permissions so it is executable
Now to setup the boot loader so that the system knows where the files are that are required to boot
The above will need to be changed depending on what you called your kernel file and initramfs, as for the video resolution that too will have to be changed to sort what your card can handle
Now to finish things off
Now comes the scary part
Remove the CD after the pc boots and cross every finger, toe, and anything else you can cross and hope your system boots, as long as you have followed this guide to the letter (and I haven't mistyped or overlooked anything) you should be asked to enter your password to boot the system, sometimes it will be gobbled up in all the output on the screen, if it looks like the system has hung just put in your password and hit enter
Place the disc in the drive and press enter when prompted, when you get to the root prompt type passwd to set a password for the root account, and then net-setup eth0 to configure your network card, then type in - /etc/init.d/sshd start - this will start the ssh server, now you just have to run something like putty, or some other ssh util and connect to your machine.
Here we will set up the disc(s)
Code:
fdisk /dev/sda
Make a 100meg partition,this will be sda1, and will be used as the un-encrypted boot drive
Code:
(optional)
If you want to wipe the drive you can either use dban or
dd if=/dev/urandom of=/dev/sda2
cryptsetup -y --cipher aes-cbc-essiv:sha256 --key-size 256 luksFormat /dev/sda2
You can change the name vault to anything you like but you will have to remember it for later.
Code:
cryptsetup luksOpen /dev/sda2 vault
pvcreate /dev/mapper/vault
vgcreate vg /dev/mapper/vault
You can change these values depending on the size of your hard drive, the below are used on a 500GB HDD
Code:
lvcreate -L1G -nroot vg
lvcreate -L8G -nswap vg
lvcreate -L1G -nopt vg
lvcreate -L15G -nusr vg
lvcreate -L10G -ntmp vg
lvcreate -L10G -nvar vg
issue vgdisplay to show free space on drive and then
lvcreate -l xx -nftpweb vg - xx being vaule from vgdisplay
this could be changed to home or anything you want, again remember it for later
Code:
edit /etc/mke2fs.conf and remove the huge_file option,
this is not required unless you will be storing files of 2TB
mkfs.ext4 /dev/sda1
tune2fs -O ^has_journal /dev/sda1 - removes journal
mkfs.ext4 /dev/mapper/vg-root
mkfs.ext4 /dev/mapper/vg-opt
mkfs.ext4 /dev/mapper/vg-usr
mkfs.ext4 /dev/mapper/vg-tmp
mkfs.ext4 /dev/mapper/vg-var
mkfs.ext4 /dev/mapper/vg-ftpweb - or whatever you have named it
mkswap /dev/mapper/vg-swap
swapon /dev/mapper/vg-swap
mount /dev/mapper/vg-root /mnt/gentoo
mkdir /mnt/gentoo/boot
mount /dev/sda1 /mnt/gentoo/boot
mkdir /mnt/gentoo/ftpweb
mkdir /mnt/gentoo/opt
mkdir /mnt/gentoo/usr
mkdir /mnt/gentoo/tmp
mkdir /mnt/gentoo/var
mkdir /mnt/gentoo/var/tmp
mount /dev/mapper/vg-opt /mnt/gentoo/opt
mount /dev/mapper/vg-tmp /mnt/gentoo/tmp
mount /dev/mapper/vg-usr /mnt/gentoo/usr
mount /dev/mapper/vg-var /mnt/gentoo/var
mount /dev/mapper/vg-ftpweb /mnt/gentoo/ftpweb
chmod 1777 /mnt/gentoo/tmp
chmod 1777 /mnt/gentoo/var/tmp
cd /mnt/gentoo
links http://www.gentoo.org/main/en/mirrors.xml
You will want to downlad the latest stage3 tarball, and portage tarball
Code:
md5sum -c stage3-amd64-<release>.tar.bz2.DIGESTS
tar xvjpf stage3-*.tar.bz2
md5sum -c portage-latest.tar.bz2.md5sum
tar xvjf /mnt/gentoo/portage-latest.tar.bz2 -C /mnt/gentoo/usr
Next we will edit make.conf to tailor it to your CPU
Safe Cflags AMD
Safe Cflags Intel
Find your CPU from the above links and add what is suggested, i just normally add -march=native -mtune=native, and leave what is already in the make.conf file
Code:
nano -w /mnt/gentoo/etc/make.conf
Next we will select some mirrors close to you for your updates and syncing of portage
Code:
mirrorselect -i -o >> /mnt/gentoo/etc/make.conf
mirrorselect -i -r -o >> /mnt/gentoo/etc/make.conf
This will copy over the DNS address that you entered if you used manual setup or dhcp
Code:
cp -L /etc/resolv.conf /mnt/gentoo/etc/
Now to chroot into you install and start the fun
Code:
mount -t proc none /mnt/gentoo/proc
mount --rbind /dev /mnt/gentoo/dev
chroot /mnt/gentoo /bin/bash
env-update
source /etc/profile
export PS1="(chroot) $PS1"
Optional - This is if you wish to use the latest GCC (as of this writing it was 4.6 - you will have to add the ~arch use flag to make.conf to use this ~amd64 ~x86)
Add to /etc/portage/package.keywords
Code:
=sys-devel/gcc-4.6* **
echo sys-devel/gcc >> /etc/portage/package.unmask
add this to /etc/portage/package.use
sys-fs/lvm2 static static-libs
sys-fs/mdadm static
sys-apps/busybox static static-libs
sys-apps/util-linux static-libs
sys-fs/cryptsetup static
=sys-apps/util-linux-2.20.1-r1 static-libs
>=dev-libs/libgpg-error-1.10-r1 static-libs
>=dev-libs/libgcrypt-1.5.0-r1 static-libs
>=dev-libs/popt-1.16-r1 static-libs
Add this to /etc/portage/package.mask
>=sys-fs/udev-182
emerge portage
emerge gcc
gcc-config -l
gcc-config 2
env-update && source /etc/profile
This command will drop you out of the chroot, issue command below to put your right back in there
Code:
export PS1="(chroot) $PS1"
Code:
emerge --oneshot libtool
This will help localize your machine xx_XX is your location, e.g en_US
Code:
nano -w /etc/env.d/02locale
LANG="xx_XX.UTF-8"
LC_COLLATE="C"
nano -w /etc/locale.gen
locale-gen
env-update && source /etc/profile
This command will drop you out of the chroot, issue command below to put your right back in there
Code:
export PS1="(chroot) $PS1"
emerge -e system - they say with latest versions of gcc you dont have to do this, but because I have changed my flags in make.conf, i do this just to be safe, after the compile has finished you will want to type
Code:
etc-update
Seeing as its a fresh install and no conf files have been changed I just select -5
This will set your local time
Code:
cp /usr/share/zoneinfo/XXXXX/XXXXX /etc/localtime
echo "XXXX/XXXXXX" > /etc/timezone
Again this will depend on your location - you can issue - ls /usr/share/zoneinfo - and find your location
Now comes the kernel - I always make mine from scratch - you can find out how from here
Code:
emerge gentoo-sources
cd /usr/src/linux
make menuconfig - change anything you need, this is where the above site comes in handy, or you could go here and ask pappy nice and he may make you a .config file
Now we do a few extra steps to get a nice screen when we boot up
Code:
make
emerge klibc
emerge v86d
make menuconfig
add /usr/share/v86d/initramfs - under general setup
make && make modules_install
cp arch/x86_64/boot/bzImage /boot/kernel-3.3.1-gentoo
or what ever the version is of the kernel you are using
Here is where you need to remember what you named your vg-ftpweb dir if you changed it
Code:
nano -w /etc/fstab
/dev/sda1 /boot ext4 defaults,noatime,nodev 1 2
/dev/mapper/vg-swap none swap sw 0 0
/dev/mapper/vg-root / ext4 defaults,noatime,nodev 0 1
/dev/mapper/vg-opt /opt ext4 defaults,noatime,nodev 0 1
/dev/mapper/vg-usr /usr ext4 defaults,noatime,nodev 0 1
/dev/mapper/vg-tmp /tmp ext4 defaults,noatime,nodev 0 1
/dev/mapper/vg-var /var ext4 defaults,noatime,nodev 0 1
/dev/mapper/vg-ftpweb /ftpweb ext4 defaults,noatime,nodev 0 1
proc /proc proc defaults 0 0
shm /dev/shm tmpfs nodev,nosuid,noexec 0 0
Now we give the machine a name
Code:
nano -w /etc/conf.d/hostname
Now we setup the network
Code:
nano -w /etc/conf.d/net
For staitc IP's
config_eth0="192.168.1.20 netmask 255.255.255.0 brd 192.168.1.255"
routes_eth0="default via 192.168.1.15"
For DHCP
config_eth0="dhcp"
cd /etc/init.d
ln -s net.lo net.eth0
rc-update add net.eth0 default
Now to map any ip addresses to names if you require it
Code:
nano -w /etc/hosts
Code:
passwd - set the root password for your install
Here you should just uncomment the options rc_logger="YES" and rc_sys=""
Code:
nano -w /etc/rc.conf
nano -w /etc/conf.d/rc
Here we can set the loayout of your Keyboard
Code:
nano -w /etc/conf.d/keymaps
Here you can set the time, You can either leave it as UTC (which always shows wrong time for me) or you can set it to local
Code:
nano -w /etc/conf.d/hwclock
Now we install the system tools
Code:
emerge syslog-ng
rc-update add syslog-ng default
emerge vixie-cron
rc-update add vixie-cron default
emerge mlocate
This will install the firewall, this will not be covered here, but there are many guides on the net
Code:
emerge iptables
This will set the SSH to start when the pc boots
Code:
rc-update add sshd default
Now we install the boot loader
Code:
emerge grub
Now we have to make the initramfs, so that the system can open and boot the encrypted drive
Code:
emerge -pv mdadm lvm2 busybox cryptsetup
check that they have static and on some static-libs
mkdir -p /usr/src/initramfs
cd /usr/src/initramfs
mkdir bin dev dev/mapper dev/vc etc newroot proc sys
cp /bin/busybox /sbin/cryptsetup /sbin/lvm.static /sbin/mdadm bin
mv bin/lvm.static bin/lvm
ln -s busybox bin/cat
ln -s busybox bin/mount
ln -s busybox bin/sh
ln -s busybox bin/switch_root
ln -s busybox bin/umount
ln -s busybox bin/sleep
ln -s lvm bin/vgscan
ln -s lvm bin/vgchange
cp -a /dev/console /dev/sda2 /dev/null /dev/urandom dev
cp -a /dev/mapper/vg-root dev/mapper
ln -s ../console dev/vc/0
mkdir /dev/vc
ln -s ../console /dev/vc/0
busybox dumpkmap > etc/kmap-us - again you can change this to your location
ln -s busybox bin/loadkmap
This will make and compile the initramfs
Code:
nano -w init
#!/bin/sh
mount -t proc proc /proc
mount -t sysfs sysfs /sys
mount -t devtmpfs devtmpfs /dev
#for a french azerty keyboard
loadkmap < /etc/kmap-us
rescue() {
echo "Dropping to rescue shell" >&2
/bin/sh </dev/tty1 >/dev/tty1 2>&1
}
/bin/cryptsetup luksOpen /dev/sda2 vault || rescue
/bin/lvm pvscan || rescue
/bin/lvm vgscan || rescue
/bin/lvm vgchange -ay vg || rescue
mount -r /dev/mapper/vg-root /newroot || rescue
CMDLINE=`cat /proc/cmdline`
umount /dev
umount /sys
umount /proc
exec /bin/busybox switch_root /newroot /sbin/init ${CMDLINE}
In order for the file we just made to be ran we have to change it's permissions so it is executable
Code:
chmod u+x init
find . | cpio --quiet -o -H newc | gzip -9 > /boot/initramfs
Now to setup the boot loader so that the system knows where the files are that are required to boot
Code:
nano -w /boot/grub/grub.conf
default 0
timeout 30
splashimage=(hd0,0)/boot/grub/splash.xpm.gz
title Gentoo Linux 3.3.1
root (hd0,0)
kernel /boot/kernel-3.3.1-gentoo root=/dev/sda2 rootfstype=ext4 video=uvesafb:1280x800-16,mtrr:3,ywrap
initrd /boot/initramfs
The above will need to be changed depending on what you called your kernel file and initramfs, as for the video resolution that too will have to be changed to sort what your card can handle
Now to finish things off
Code:
grep -v rootfs /proc/mounts > /etc/mtab
grub-install --no-floppy /dev/sda
Now comes the scary part
Code:
exit
cd
umount -l /mnt/gentoo/dev{/shm,/pts,}
umount -l /mnt/gentoo{/boot,/proc,}
reboot
Remove the CD after the pc boots and cross every finger, toe, and anything else you can cross and hope your system boots, as long as you have followed this guide to the letter (and I haven't mistyped or overlooked anything) you should be asked to enter your password to boot the system, sometimes it will be gobbled up in all the output on the screen, if it looks like the system has hung just put in your password and hit enter