Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Slackware Linux CD-ROM Installation HOWTO
- Patrick Volkerding <volkerdi@slackware.com>
- v14.1, 2012-10-12
- This document covers installation of the Slackware(R) distribution of the
- Linux operating system from the Slackware CD-ROM.
- ______________________________________________________________________
- Table of Contents
- 1. Introduction
- 1.1 Sources of documentation
- 2. Hardware requirements
- 3. Slackware Space Requirements
- 3.1 Preparing a Partition for Slackware
- 3.2 Booting the Slackware CD-ROM
- 3.3 Using Linux fdisk to create Linux partitions
- 4. Installing the Slackware distribution
- 4.1 The ADDSWAP option
- 4.2 The TARGET option
- 4.3 The SOURCE option
- 4.4 The SELECT option
- 4.5 The INSTALL option
- 4.6 The CONFIGURE option
- 4.7 LILO
- 4.8 Networking
- 5. Booting the installed Slackware system
- 6. Post-installation configuration
- 6.1 /etc/rc.d/rc.modules
- 6.2 Configuring the X Window System
- 6.3 Hardware acceleration with X
- 6.4 User Accounts
- 7. For more information
- 8. Trademarks
- ______________________________________________________________________
- 1. Introduction
- Linux is a multiuser, multitasking operating system that was developed by
- Linus Torvalds and hundreds of volunteers around the world working over
- the Internet.
- The Linux operating system now runs on several machine architectures,
- including ARMs, Intel 80x86, Sparc, 68K, PowerPC, DEC Alpha, MIPS, and
- others. The x86 Slackware distribution of Linux runs on most PC
- processors compatible with the Intel 486 or better, including (but not
- limited to) the Intel 486, Celeron, Pentium I, MMX, Pro, II, III, Xeon,
- 4, M, D, Core, Core 2, Core i7, and Atom; AMD 486, K5, K6, K6-II, K6-III,
- Duron, Athlon, Athlon XP, Athlon MP, Athlon 64, Sempron, Phenom,
- Phenom II, and Neo; Cyrix 486, 5x86, 6x86, M-II; Via Cyrix III, Via C3,
- Via Nano; Transmeta Crusoe and Efficeon. Essentially anything that's
- x86 and 32-bit (with at least i486 opcodes) will do for the 32-bit x86
- edition of Slackware, or 64-bit and supporting x86_64 extensions (also
- known as AMD64, EM64T, or Intel 64) for the x86_64 edition of Slackware.
- Linux is modeled after the UNIX(R) operating system. The Slackware
- distribution contains a full program development system with support for
- C, C++, Fortran-77, LISP, and other languages, full TCP/IP networking
- with NFS, PPP, CIFS/SMB (Samba), a full implementation of the X Window
- System, and much more.
- 1.1. Sources of Documentation
- If you're new to Slackware, you'll be happy to know there is a *lot* of
- documentation and help available both on the Internet and on the CD-ROM
- itself.
- The Slackware documentation wiki has a lot of information:
- http://docs.slackware.com
- A great source of general documentation about Linux is the Linux
- Documentation Project, online at: http://tldp.org/
- Here you will find a collection of documents known as the "Linux HOWTOs"
- as well as other useful guides.
- For additional help with Slackware, check out the Slackware forum at
- linuxquestions.org.
- 2. Hardware Requirements
- Most PC hardware will work fine with Slackware, but some Plug-and-Play
- devices can be tricky to set up. In some cases you can work around this
- by letting DOS initialize the card and then starting Slackware with the
- Loadlin utility. Setting the computer's BIOS to configure Plug-and-Play
- cards also may help -- to do this, change the "Plug and Play OS" option to
- "no".
- Here's a basic list of what you'll need to install Slackware:
- 128 megabytes (128MB) or more of RAM. If you have less RAM than this, you
- might still be able to install, but if so don't expect the best possible
- experience.
- You also will need some disk space to install Slackware. For a complete
- installation, you'll probably want to devote a 10GB *or larger* partition
- completely to Slackware (you'll need almost 8GB for a full default
- installation, and then you'll want extra space when you're done).
- If you haven't installed Slackware before, you may have to experiment.
- If you've got the drive space, more is going to be better than not enough.
- Also, you can always install only the first software set (the A series
- containing only the basic system utilities) and then install more software
- later once your system is running.
- If you use SCSI, Slackware supports most SCSI controllers. The "huge"
- kernels support as much of the boot hardware as possible, including
- several hardware RAID controllers, Fiber Channel controllers, software
- RAID in linear and RAID 0 through 6 and RAID 10, LVM (Logical Volume
- Manager), and kernel support required to have fully encrypted systems.
- To install from the DVD or CD-ROM, you'll need a supported drive. These
- days, the chances that your drive is supported by the install kernels
- is excellent. But, if not, you can always use a USB stick and install
- via the network. Or, use a floppy disk to install using PXE and the
- network. See the docs in usb-and-pxe-installers and the etherboot
- directory within for instructions.
- 3. Slackware Space Requirements
- Slackware divides the installable software into categories. (in the old
- days when people installed Linux from floppy disks, these were often
- referred to as "disk sets") Only the A series category (containing the
- base Linux OS) is mandatory, but you can't do very much on a system that
- only has the A series installed. Here's an overview of the software
- categories available for installation, along with the (approximate) amount
- of drive space needed to install the entire set:
- A The base Slackware system. (405 MB)
- AP Linux applications. (445 MB)
- D Program development tools. (1.1 GB)
- E GNU Emacs. (117 MB)
- F FAQs and HOWTOs for common tasks. (33 MB)
- K Linux 3.10.17 kernel source. (582 MB)
- KDE The KDE desktop environment and applications. (1.4 GB)
- KDEI Language support for KDE. (1 GB)
- L System libraries. (1.3 GB)
- N Networking applications and utilities. (340 MB)
- T TeX typesetting language. (291 MB)
- TCL Tcl/Tk/TclX scripting languages and tools. (19 MB)
- X X Window System graphical user interface. (389 MB)
- XAP Applications for the X Window System. (571 MB)
- XFCE The XFCE desktop environment and applications. (72 MB)
- Y Classic text-based BSD games. (6 MB)
- If you have the disk space, we encourage you to do a full installation for
- best results. Otherwise, remember that you must install the A set. You
- probably also want to install the AP, D, L, and N series, as well as the KDE,
- X, XAP, and XFCE sets if you wish to run the X Window System. The Y series is
- fun, but not required.
- 3.1 Preparing a Partition for Slackware
- If you plan to install Slackware onto its own hard drive partition
- (this offers optimal performance), then you'll need to prepare one or
- more partitions for it.
- NOTE: For information on partitioning UEFI systems, please see the
- README_UEFI.TXT file.
- A partition is a section of a hard drive that has been set aside for
- use by an operating system. You can have up to four primary
- partitions on a single hard drive. If you need more than that, you
- can make what is called an ''extended partition.'' This is actually
- a way to make one of the primary partitions contain several
- sub-partitions.
- Usually there won't be any free space on your hard drive. Instead,
- you will have already partitioned it for the use of other operating
- systems, such as MS-DOS or Windows. Before you can make your Linux
- partitions, you'll need to remove one or more of your existing drive
- partitions to make room for it. Removing a partition destroys the
- data on it, so you'll want to back it up first.
- If you've got a large partition that you'd like to shrink to make
- space for Slackware you might consider using GParted, a partition
- editor that allows resizing and moving of existing partitions.
- They have a Live CD and USB image that allows running the program
- on a minimal OS, as well as versions to boot from PXE or the hard
- drive. Bootable images with GParted may be found here:
- http://gparted.sourceforge.net/index.php
- There's also the regular version of GNU parted that does the same
- thing from the command line. It is included in the installer, and
- as a package in the L series.
- If you plan to repartition your system manually, you'll need to back
- up the data on any partitions you plan to change. The usual tool for
- deleting/creating partitions is the fdisk program. Most PC operating
- systems have a version of this tool, and if you're running DOS or
- Windows it's probably best to use the repartitioning tool from that OS.
- Usually DOS uses the entire drive. Use DOS fdisk to delete the
- partition. Then create a smaller primary DOS partition, leaving
- enough space to install Linux. Preferably this should be more than 6GB.
- If your machine doesn't have a lot of RAM, you'll want another
- partition for swap space. The swap partition should be equal to the
- amount of RAM your machine has, but should in any case be at least
- 128MB. If you don't have that much drive space to spare, the more the
- better to avoid running out of virtual RAM (especially if you plan on
- using a graphical desktop). You'll then need to reinstall DOS or
- Windows on your new DOS partition, and then restore your backup.
- We'll go into more detail about partitioning later, and you don't need
- to create any new partitions yet -- just make sure you have enough free
- space on the drive to do an installation (more than 6GB is ideal), or
- that you have some idea about which existing partition you can use for
- to install on.
- 3.2 Booting the Slackware CD-ROM
- If your machine has a bootable CD-ROM drive (you may need to configure
- this in the system's BIOS settings) then you'll be able to directly
- boot the first CD-ROM. If not, then see the files in the
- usb-and-pxe-installers directory for information about alternative
- methods of booting the installer. Also, don't neglect to read the
- CHANGES_AND_HINTS.TXT file, which is probably the most accurate piece
- of documentation to ship with Slackware (thanks Robby!).
- Now it's time to boot the disc. Put the Slackware installation CD-ROM in
- your machine's CD-ROM drive and reboot to load the disc. You'll get an
- initial information screen and a prompt (called the "boot:" prompt) at the
- bottom of the screen. This is where you'll enter the name of the kernel
- that you want to boot with. With most systems you'll want to use the
- default kernel, called hugesmp.s. Even on a machine with only a single
- one-core processor, it is recommended to use this kernel if your machine
- can run it. Otherwise use the huge.s kernel, which should support any
- 486 or better.
- To boot the hugesmp.s kernel, just enter hugesmp.s on the boot prompt:
- boot: hugesmp.s
- (actually, since the hugesmp.s kernel is the default, you could have just
- hit ENTER and the machine would go ahead and load the hugesmp.s kernel
- for you)
- If you've got some non-standard hardware in your machine (or if hugesmp.s
- doesn't work, and you're beginning to suspect you need a different
- kernel), then you'll have to try huge.s. If, for some reason, that still
- will not boot and you know that your hardware should be supported by the
- 3.10.17 kernel, contact volkerdi at slackware dot com and I will see
- what I can do.
- These are the kernels shipped in Slackware:
- hugesmp.s This is the default installation kernel. If possible,
- you can save a bit of RAM later (and some ugly warnings at
- boot time or when trying to load modules when the driver is
- already built-in) by switching to a generic kernel. In this
- case that would be gensmp.s, which is a similar kernel but
- without filesystems and many of the less common drive
- controllers built in. To support these (at the very least
- your root filesystem), an initrd (actually an initramfs)
- is required when a generic kernel is used. Previous
- versions of Slackware used an ext2 filesystem for this, but
- now a filesystem-less dynamic kernel-based directory
- structure is used. A big advantage of this is that the size
- usable by the initrd is only limited by the amount of RAM in
- the machine. A disadvantage is that the generic kernels no
- longer include *any* filesystems besides romfs, so old
- initrd.gz files are not usable (they would have needed new
- modules anyway), and it is trickier to get a custom binaries
- or modules or whatever into the installer for guru-install
- purposes. It's not impossible though -- think tar to/from a
- device such as a USB stick, or leveraging ROMFS.
- gensmp.s The trimmed down, more modular version of hugesmp.s. This
- can be switched to, after setting up an initrd and
- reinstalling LILO. It is packaged as a .txz, and can be
- found on the installed system as:
- /boot/vmlinuz-generic-smp-2.6.33.4-smp
- huge.s This is the 486-compatible single processor version of the
- hugesmp.s kernel. Try this if hugesmp.s does not work on
- your machine.
- generic.s The trimmed down, more modular version of huge.s. Found on
- the system as:
- /boot/vmlinuz-generic-2.6.33.4
- This also requires using an initrd.
- speakup.s This used to be a separate kernel patched with the Speakup
- voice synth software, but this is now part of the regular
- kernels.
- For more information about speakup and its drivers check out:
- http://www.linux-speakup.org.
- To use this, you'll need to specify one of the supported
- synthesizers on the kernel's boot prompt:
- speakup.s speakup.synth=synth
- where 'synth' is one of the supported speech synthesizers:
- acntpc, acntsa, apollo, audptr, bns, decext, decpc,
- dectlk, dtlk, dummy, keypc, ltlk, soft, spkout, txprt.
- A serial port may be specified with an option like this:
- speakup.s speakup.synth=decext speakup.ser=1
- Note that speakup serial ports are numbered starting with
- one (1, 2, 3) rather than the more typical 0, 1, 2 numbering
- usually seen on Linux.
- Note that if you use the huge (non-SMP kernel) and plan to compile any
- third party kernel modules, you may need to apply the kernel patch in
- /extra/linux-3.10... or, you could just cd to the kernel sources, run
- "make menuconfig", make sure that SMP (and the -smp suffix) are turned
- off, and recompile the kernel with "make". But, that's for later --
- after the install.
- Once you've entered your kernel choice and hit ENTER, the kernel and
- install program will load from the DVD or CD-ROM, and you'll arrive at
- the Linux login prompt. (You're running Linux now. Congratulations! :-)
- To log into the system, enter the name of the superuser account and hit
- Enter:
- root
- Since there is no password on the install CD, you will be logged in right
- away.
- 3.3 Using Linux fdisk to create Linux partitions
- At this point, you should have a large chunk of unpartitioned space on
- your hard drive that you'll be making into partitions for Slackware.
- Now you're ready to create your root Linux partition. To do this, you'll
- use the Linux version of fdisk.
- To need to partition a hard drive, you need to specify the
- name of the device when you start fdisk. For example:
- fdisk /dev/sda (Repartition the first hard drive)
- fdisk /dev/sdb (Repartition the second hard drive)
- NOTE: If you prefer, you may also try a newer menu-driven version
- of Linux fdisk called 'cfdisk'. Rumor has it that MOST people do
- prefer cfdisk, and "newer" has to be taken in context. cfdisk has
- many years of testing behind it.
- Once you've started fdisk, it will display a command prompt. First look
- at your existing partition table with the 'p' command:
- Command (m for help): p
- Disk /dev/sda: 40.0 GB, 40020664320 bytes
- 255 heads, 63 sectors/track, 4865 cylinders
- Units = cylinders of 16065 * 512 = 8225280 bytes
- Device Boot Start End Blocks Id System
- /dev/sda1 * 1 2423 19462716 c W95 FAT32 (LBA)
- Here we can see that there is one DOS partition on the drive already,
- starting on the first cylinder and extending to cylinder 2423. Since the
- drive has 4865 cylinders, the range 2424 - 4865 is free to accept a Linux
- installation.
- If the FAT32 partition were using the entire drive, you would have no
- choice but to delete it entirely (this destroys the partition), or go back
- and use some kind of partition resizing tool like GNU parted or Partition
- Magic to create some free space for the installation. If you need to
- delete a partition, use the 'd' command. You'll be asked which partition
- number you want to delete -- check the partition size to make sure it's
- the right one.
- Next, you'll want to use the 'n' command to create a primary partition.
- This will be your root Linux partition.
- Command (m for help): n
- Command action
- e extended
- p primary partition (1-4)
- You'll want to enter 'p' to make a primary partition.
- Partition number (1-4): 2
- Here, you enter "2" since DOS is already using the first primary
- partition. Fdisk will first ask you which cylinder the partition should
- start on. Fdisk knows where your last partition left off and will suggest
- the first available cylinder on the drive as the starting point for the
- new partition. Go ahead and accept this value. Then, fdisk will want to
- know what size to make the partition. You can specify this in a couple of
- ways, either by entering the ending cylinder number directly, or by
- entering a size. In this case, we'll enter the last cylinder. Here's what
- the screen looks like as these figures are entered:
- First cylinder (2424-4865): 2424
- Last cylinder or +size or +sizeM or +sizeK (2424-4865): 4700
- You have now created your primary Linux partition with a size of 18.7 GB.
- Next, you'll want to make a Linux swap partition. You do this the same
- way. First, enter another "n" to make a primary partition:
- Command (m for help): n
- Command action
- e extended
- p primary partition (1-4)
- Enter "p" to select a primary partition. Partition 1 is in use by DOS,
- and you've already used partition 2 for Linux, so you'll want to enter "3"
- for the new partition number:
- Partition number (1-4): 3
- Since this is the last partition we plan to make on this hard drive, we'll
- use the end cylinder this time. Here are the entries for this:
- First cylinder (4701-4865): 4701
- Last cylinder or +size or +sizeM or +sizeK (4701-4865): 4865
- Now we need to set the type of partition to 82, used for Linux swap. The
- reason we didn't need to set a partition type the last time is that unless
- otherwise specified Linux fdisk automatically sets the type of all new
- partitions to 83 (Linux). To set the partition type, use the "t" command:
- Command (m for help): t
- Partition number (1-4): 3
- Hex code (type L to list codes): 82
- Now you're ready to save the updated partition table information onto your
- hard drive. Use the "p" command again to check the results and be sure
- you're satisfied with them:
- Command (m for help): p
- Disk /dev/sda: 40.0 GB, 40020664320 bytes
- 255 heads, 63 sectors/track, 4865 cylinders
- Units = cylinders of 16065 * 512 = 8225280 bytes
- Device Boot Start End Blocks Id System
- /dev/sda1 1 2423 19462716+ c W95 FAT32 (LBA)
- /dev/sda2 2424 4700 18720732 83 Linux
- /dev/sda3 4701 4865 1317332 82 Linux swap
- This looks good, so we'll use the "w" command to write the data out to the
- drive's partition table. If you want to exit without updating the
- partition table (if you've made a mistake), then you can exit without
- changing anything by using the "q" command instead.
- When you exit fdisk using the "w" command, fdisk recommends that you
- reboot the machine to be sure that the changes you've made take effect.
- Unless you've created extended partitions, you can go ahead and run setup
- without rebooting.
- Note: Sometimes fdisk will give you a message like "This drive has more
- than 1024 cylinders" and warn about possible problems using partitions
- with DOS. This is because MS-DOS suffers from a limitation that only
- allows access to the first 1024 cylinders on a hard drive. At one time,
- LILO used the standard BIOS routines to read sectors, so this was a
- limitation of LILO, too. Luckily modern versions of LILO use the LBA32
- method of accessing sectors, so this limitation no longer applies. If you
- see the warning from fdisk, you can safely ignore it.
- 4.0 Installing the Slackware distribution
- Now that you have one or more Linux partitions, you are now ready to begin
- installing software onto your hard drive. To start the Slackware install
- program, enter the command "setup" and hit enter:
- # setup
- The installer will start up with a full-color menu on your screen with the
- various options needed to install Slackware. In general, you'll want to
- start with the ADDSWAP option. Even if you've already created and
- activated a swap partition manually, you'll need to run this so Slackware
- adds the swap partition to your /etc/fstab file. If you don't add it,
- your system won't use the swap space when you reboot.
- Installing a typical system involves running the following options from
- the setup menu in this order: ADDSWAP, TARGET, SOURCE, SELECT, INSTALL,
- and CONFIGURE. You may also start with KEYMAP if you have a non-US
- keyboard layout, or with TARGET if you don't want to use a swap partition.
- For the rest of this section, we'll walk through a typical installation
- process.
- 4.1 The ADDSWAP option:
- First, we select the ADDSWAP option. The system will scan for partitions
- marked as type "Linux swap" and will ask if you want to use them for swap
- space. Answer YES, and the system will format the partition and then make
- it active for swapping. Once it's finished, setup will display a message
- showing the line it will add to /etc/fstab to configure the swap partition
- at boot time. Hit enter to continue, and setup will go on to the TARGET
- section of the install.
- NOTE: If you created a partition to use for swap space, but setup
- doesn't see it when it scans your drives, it's possible that the partition
- type hasn't been set in the partition table. Use the Linux "fdisk"
- program to list your partitions like this:
- # fdisk -l
- Disk /dev/sda: 40.0 GB, 40020664320 bytes
- 255 heads, 63 sectors/track, 4865 cylinders
- Units = cylinders of 16065 * 512 = 8225280 bytes
- Device Boot Start End Blocks Id System
- /dev/sda1 1 2423 19462716+ c W95 FAT32 (LBA)
- /dev/sda2 2424 4700 18720732 83 Linux
- /dev/sda3 4701 4865 1317332 82 Linux
- In this case, if /dev/sda3 is meant to be a Linux swap partition, you'll
- need to start fdisk on drive /dev/sda:
- # fdisk /dev/sda
- Command (m for help): t
- Partition number (1-4): 3
- Hex code (type L to list codes): 82
- Command (m for help): w
- This will change the third partition to type 82 (Linux swap) and write the
- partition table out to /dev/sda.
- When you run setup again, the ADDSWAP option should detect the Linux swap
- partition.
- 4.2 The TARGET option:
- The next option on the setup menu is TARGET. This lets you select which
- partition(s) you'd like to install Slackware on, and will format them
- using a Linux filesystem. Depending on which kernel you chose to boot
- with, your filesystem choices may include ext2 (the traditional Linux
- filesystem), ext3 (a journaling version of ext2), and Reiserfs (the first
- journaling filesystem written for Linux; it stores files in a balanced
- tree).
- When you select the TARGET option, the system will scan for "Linux"
- partitions on your hard drives. If it doesn't find any, you'll need to
- make sure that you've created partitions using the fdisk program, and that
- the partitions are labeled as type 83 (Linux). This is the same process
- shown above. If you've created one or more partitions for Slackware using
- Linux's fdisk program then you shouldn't have any problems, since Linux
- fdisk (and cfdisk) sets all new partitions to type 83 (Linux) by default.
- You will see a menu listing all the Linux partitions. Use the arrow keys
- to select the partition you'd like to use for your root (or primary) Linux
- partition and hit enter. The setup program will then ask if you'd like to
- format the partition, and what type of filesystem to use. If this is a
- new installation of Slackware, you'll need to do this. Otherwise, if you
- are installing software onto an existing Linux system, you don't need to
- format the partition. For example, the partition might be used as your
- /home and contains home directories that you want to keep. If you choose
- not to format a partition, you'll see "partition will not be reformatted"
- on the top of the screen as you confirm your choice, so that there can be
- no question about it.
- There are a few options you need to know about when you format Linux
- partitions. First, you'll need to decide whether or not you'd like to
- check the partition for bad blocks when you do the format. This is
- usually not necessary unless you know the drive in question has problems.
- Checking takes quite a while longer than a normal format (and most IDE
- drives do self-checking anyway), so you'll probably want to just go ahead
- and use the "Format" menu option to format the drive without checking.
- If you have drive problems later on (and can't just replace the hard drive
- with a better one), then you might want to go back and try again using the
- "Check" option to map out the bad sectors on the drive.
- You'll notice that the partition you just formatted is now listed as "in
- use." If you made some other partitions for Slackware, you'll need to go
- through the same process of formatting them, selecting whether or not to
- check for bad blocks, and setting a reasonable inode density. With these
- partitions there will be an additional step -- you'll need to select where
- you'd like to put the partition in your directory tree.
- MS-DOS/Windows assigns a letter such as A:, B:, C:, etc, to each device.
- Unlike DOS, Linux makes your devices visible somewhere under the root
- directory (/). You might have /dev/sda1 for your root partition (/) and
- put /dev/sda2 somewhere underneath it, such as under your /home directory.
- When prompted for a mount location, just enter a directory such as /home,
- and hit enter. As you format each additional partition and place it in
- the filesystem tree, you'll be returned to the partition selection menu.
- When you've prepared all of your Linux partitions, you'll go on to the
- SOURCE option.
- 4.3 The SOURCE option:
- The next menu option is SOURCE, where you select the source from which to
- install Slackware.
- SOURCE displays a menu offering the choice of installation from CD-ROM, a
- hard drive partition, NFS, HTTP/FTP, or a directory (mounted manually).
- You'll want to make sure your Slackware CD-ROM is in your drive, and
- select the first option:
- "Install from a Slackware CD-ROM"
- Next, the system will ask you if you'd like to scan for your CD-ROM drive
- or pick manually from a list. (unless you're trying to show off to your
- friends, go ahead and let setup scan for the CD-ROM drive automatically).
- Setup will then try to access the Slackware CD-ROM. If this is
- successful, setup will tell you that it found and mounted a CD-ROM on a
- Linux device such as /dev/sr0. If the CD-ROM was successful found, you
- may skip ahead to the SELECT section below, otherwise read on for some
- CD-ROM troubleshooting tips.
- If setup is not successful in accessing the CD-ROM drive, you'll need to
- figure out why before you can go on. The most common reason for this is
- that you used a kernel that doesn't support the CD-ROM drive. If that's
- the case, you need to restart the installation CD-ROM and specify a kernel
- that contains a driver to support your CD-ROM drive (if the drive is
- connected to a SCSI card, for example, you'll need to use a kernel with
- support for that card). You can also try switching to a different console
- with Alt-F2 and mounting the CD-ROM drive manually and then installing
- from a pre-mounted directory (if you prefer a hands-on approach).
- If you have no idea which device an IDE CD-ROM drive is connected to, you
- should have the system scan for it. You also can look at the messages
- generated by the system as it boots -- you should see a message that
- Slackware detected your CD-ROM drive along with information about what
- type of drive it is. You can look at these messages by using the right
- shift key together with the PageUp and PageDown keys to scroll the screen
- up and down.
- For the network options, you'll need to have a network card that's
- supported by one of the installer's modules, and preferably a DHCP server
- running to make the network setup easy. The network install options are
- to use as your source an NFS server, an FTP server, or an HTTP server
- (along with an optional port). If you use DHCP to set up, odds are
- you'll have working name resolution and won't need to enter an IP
- address to specify the server (but you can if you wish, of course).
- The network installation feature is intended primarily to facilitate
- installing to many machines on a local network. Please don't use it to
- bog down the Slackware mirror sites.
- Thanks to Eric Hameleers for finally bringing FTP/HTTP installtion
- support to the Slackware installer. :-)
- 4.4 The SELECT option:
- The SELECT option lets you select software to install.
- When you start the SELECT option, you'll see a menu where you can choose
- which categories of software you're interested in installing. The first
- series (called the A series) contains the base filesystem structure and
- binaries that are crucial for your system to boot and run properly. You
- must install the A series. Make sure that at least the selection for
- series A has an [X] next to it. Most of the other choices will also have
- an [X] next to them, and while you can use the cursor keys and the space
- bar to unselect items to save space (see the space requirements above for
- details), you're better off with a complete installation if you have the
- space for it.
- Once you've selected the general categories of software you wish to
- install, hit enter and you'll go on to the INSTALL option.
- 4.5 The INSTALL option:
- This option actually installs the selected packages to the hard drive.
- The first question the INSTALL option will ask is what type of prompting
- you'd like to use during the installation process. A menu will show
- several options, including "full", "newbie", "menu", "expert", "custom",
- "tagpath", and "help". The help option gives detailed information on each
- of the choices.
- Most people will want to use "full". Others might want "menu", "expert"
- or "newbie" mode. We'll cover each of these in detail now.
- The first option to consider is "full". If you select this mode, then
- setup assumes you want to install all the packages in each selected series
- and installs them all without further prompting. This is fast and easy.
- Of course, depending on which software categories you've chosen, this can
- use a lot of drive space. If you use this option, you should be
- installing to a partition with at least 6GB free (and hopefully more like
- 20GB or so) to insure that you don't run out of drive space during the
- installation process. Because Linux allows you to split your installation
- across multiple partitions, the installer cannot know ahead of time
- whether the packages you've chosen to install will fit your partitioning
- scheme. Therefore, it is up to you to make sure that there is enough
- room.
- The "newbie" mode (which was formerly known as "normal" mode) installs all
- of the required packages in each series. For each of the non-required
- packages (one by one) you'll get a menu where you can answer YES (install
- the package), NO (do not install the package), or SKIP (skip ahead to the
- next series). You'll also see a description of what the package does and
- how much space it will require to help you decide whether you need it or
- not. The "newbie" mode is verbose, requires input after each package, and
- is VERY tedious. It certainly takes a lot longer to install using newbie
- mode, and (in spite of the name), it is easier to make mistakes in newbie
- mode than by simply doing a full installation. Still, using it is a good
- way to get a basic education about what software goes into the system
- since you actually get a chance to read the package descriptions. With a
- full installation most of the package descriptions will fly by too quickly
- to read.
- If you can decide which packages you want from less information, the
- "menu" or "expert" options are a good choice, and go much faster than a
- "newbie" mode installation. These options display a menu before
- installing each series and let you toggle items on or off with the
- spacebar. In this Slackware release, the "menu" and "expect" install
- modes act the same, and both options are kept only for consistency.
- The "expert" mode lets you toggle packages individually, allowing the user
- to make good or bad decisions, like turning off crucial packages or
- installing a package that's part of a larger set of software without
- installing the other parts. If you know exactly what you need, the
- "expert" mode offers the maximum amount of flexibility. If you don't
- know what you need, using the "full" mode is strongly suggested.
- The "custom" and "tagpath" options are only used if you've created
- "tagfiles" for installation. In the first directory of each disk set is a
- file called "tagfile" containing a list of all the packages in that
- series, as well as a flag marking whether the package should be installed
- automatically, skipped, or the user should be prompted to decide. This is
- useful for situations where you need to install large numbers of machines
- (such as in a computer lab), but most users will not need to create
- tagfiles. If you are interested in using them, look at one of the
- tagfiles with an editor.
- If you're new to Slackware, and you have enough drive space, you'll
- probably want to select the "full" option as the easiest way to install.
- Otherwise, the "menu" option is another good choice for most beginners.
- If you think you need (or would just like to see) the extra information
- offered by the "newbie" mode, go ahead and use that. Don't say you
- weren't warned about the extra time it requires, though, especially
- when installing the fragments that make up modular X. Trust us, you'll
- be better off selecting "full".
- Once you have selected a prompting mode, the system begins the
- installation process. If you've chosen "menu" or "expert" mode, you'll
- see a menu of software to choose from right away -- use the arrow keys and
- spacebar to pick what you need, and then hit enter to install it. If
- you've chosen the "newbie" mode, the installation will begin immediately,
- continuing until it finds optional packages. You'll get a selection menu
- for each of these. If you selected "full", now it's time to sit back and
- watch the packages install.
- If you've selected too much software, it's possible that your hard drive
- may run out of space during installation. If this happens, you'll know it
- because you'll see error messages on the screen as setup tries to install
- the packages. In such a case, your only choice is to reinstall selecting
- less software. You can avoid this problem by choosing a reasonable amount
- of software to begin with, and installing more software later once your
- system is running. Installing software on a running Slackware system is as
- easy as it is during the initial installation -- just type the following
- command to mount the Slackware CD-ROM:
- mount /dev/cdrom /mnt/cdrom
- Then go to the directory with the packages you want to install, and use
- the install-packages script:
- cd /mnt/cdrom/slackware/xap
- sh install-packages
- Other options for installing packages later on include "installpkg" and
- "pkgtool". For more information about these, see the man pages ("man
- installpkg", "man pkgtool").
- Once you have installed the software on your system, you'll go on to the
- CONFIGURE option.
- 4.6 The CONFIGURE option:
- The setup's CONFIGURE option does the basic configuration your system
- needs, such as setting up your mouse, setting your timezone, and more.
- The CONFIGURE option will first ensure that you've installed a usable
- Linux kernel on your hard drive. The installation program should
- automatically install the kernel used to do the initial installation.
- If you installed using the speakup.s kernel from CD-ROM, the menu will
- prompt you to re-insert your installation disc and hit enter, and then
- setup will copy the kernel from the disc to your hard drive.
- NOTE: If you install a kernel on your system that doesn't boot correctly,
- you can still boot your system with the CD-ROM. To do this, you need to
- enter some information on the boot prompt. For example, if your root
- partition is on /dev/hda1, you'd enter this to boot your system:
- huge.s root=/dev/hda1 initrd= ro
- The "initrd=" option tells the kernel not to run the /init script on the
- installer image in RAM, and the "ro" option makes the root partition
- initially load as read-only so Linux can safely check the filesystem.
- Once you've installed a kernel, you'll be asked if you want to make a
- USB bootstick for your new system. This is a very good idea if you
- happen to have a spare USB flash stick that you don't mind having
- COMPLETELY ERASED. :-), so if you wish to make one, insert a USB
- flash memory stick when prompted and use the "Create" option to create
- a USB bootstick for your system.
- Next you'll be asked what type of mouse you have. Pick the mouse type from
- the menu (or hit cancel if you don't have a mouse), and setup will create a
- /dev/mouse link. Most computers use a PS/2 mouse, which is the first choice.
- After this, other installation scripts will run depending on which
- packages you've installed. For instance, if you installed the network-*
- packages you'll be asked if you want to configure your network.
- 4.7 LILO
- LILO is the Linux Loader, a program that allows you to boot Linux (and
- other operating systems) directly from your hard drive. If you installed
- the LILO package, you now have an opportunity to set it up.
- Installing LILO can be dangerous. If you make a mistake it's possible to
- make your hard drive unbootable. If you're new to Linux, it might be a
- good idea to skip LILO installation and use the bootdisk to start your
- system at first. You can install LILO later using the 'liloconfig'
- command after you've had a chance to read the information about it in
- /usr/doc/lilo-*. If you do decide to go ahead and install LILO, be sure
- you have a way to boot all the operating systems on your machine in case
- something goes wrong. If you can't boot Windows again, use the DOS command
- "FDISK /MBR" to remove LILO from your master boot record. (You can use
- a Windows Startup Disk for this)
- The easiest way to set your machine up with LILO is to pick the "simple"
- choice on the LILO installation menu. This will examine your system and
- try to set up LILO to be able to boot Windows (DOS) and Linux partitions
- that it finds. If it locates the OS/2 Boot Manager, it will ask if you'd
- like to configure the Linux partition so that you can add it to the Boot
- Manager menu. (NOTE: If you use a disk overlay program for large IDE hard
- drives such as EZ-DRIVE, please see the warning below before installing
- LILO)
- The "expert" option gives you much more control over the configuration
- of LILO. If you decide to use the "expert" option, here's how you do
- it. LILO uses a configuration file called /etc/lilo.conf to hold the
- information about your bootable partitions -- the "expert" LILO
- installation lets you direct the construction of this file. To create
- the file, first select BEGIN to enter the basic information about
- where to install LILO. The first menu will ask if you have extra
- parameters you'd like passed to the Linux kernel at boot time. If you
- need any extra parameters enter them here.
- Then you'll be asked if you wish to use the framebuffer console. The
- 1024x768x256 console setting is a nice one to use in most cases, but you
- may need to experiment to find the nicest setting for your card. Some
- look terrible at modes larger than 800x600 because of the default refresh
- rates, but at least ATI cards are known to look great at 1024x768x256.
- If you want to use the framebuffer console, select a mode here.
- Next, decide where you want LILO installed. Usually you'll want to
- install LILO on the boot drive's MBR (master boot record). If you use a
- different boot manager (like the one that comes with OS/2) then you'll
- want to install LILO on your root Linux partition and then add that
- partition to the boot manager menu using its configuration tool. Under
- OS/2, this is the fdisk program.
- NOTE: If you use the EZ-DRIVE utility (a diskmanager program supplied
- with some large IDE drives to make them usable with DOS) then do not
- install LILO to the MBR. If you do, you may disable EZ-DRIVE and render
- your disk unusable with DOS. Instead, install LILO to the superblock of
- your root Linux partition, and use fdisk to make the partition bootable.
- (With MS-DOS fdisk, this is called setting the "active" partition)
- The next menu lets you set a delay before the system boots into the
- default operating system. If you're using LILO to boot more than one
- operating system (such as DOS and Linux) then you'll need to set a delay
- so you can pick which OS you'd like to boot. If you press the SHIFT key
- during the delay, LILO will display a prompt where you can type a label
- (typically Windows or Linux) to select which OS to boot. If you set the
- delay to 'Forever', the system will display a prompt at boot time and wait
- for you to enter a choice.
- Next, you need to add entries for each operating system that LILO can
- boot. The first entry you make will be the machine's default operating
- system. You can add either a DOS, Linux, or Windows partition first.
- For example, let's say you select "Linux". The system will display your
- Linux partitions and ask which one of them you'd like to boot. Enter the
- name (like /dev/hda1) of your root Linux partition. Then, you'll be
- prompted to enter a label. This is the name you will enter at the boot
- time LILO prompt to select which partition you want to boot. A good
- choice for this is "Linux".
- Adding a DOS or Windows partition is similar. To add a Windows partition
- to the LILO configuration file, select the Windows option. The system will
- display your FAT/NTFS partitions and ask which one of them you'd like to
- boot with LILO. Enter the name of your primary Windows partition. Then
- enter a label for the partition, like "Windows". Once you've added all of
- your bootable partitions, install LILO by selecting the "Install" option.
- 4.8 Networking
- Another configuration menu allows you to configure your machine's
- networking setup. First, enter a hostname for your machine. The default
- hostname after installation is "darkstar," but you can enter any name you
- like. Next, you'll be asked to provide a domain name. If you're running a
- stand-alone machine (possibly using a dialup link to an Internet Service
- Provider) then you can pick any name you like. The default domain name is
- "example.net". If you are going to add the machine to a local network,
- you'll need to use the same domain name as the rest of the machines on
- your network. If you're not sure what this is, contact your network
- administrator for help. Once you've specified the hostname and domain
- name, you'll be asked which type of setup you would like: "static IP",
- "DHCP", or "loopback".
- Loopback
- --------
- This is the simplest type of setup, defining only a mechanism for the
- machine to contact itself. If you do not have an Ethernet card, use this
- selection. This is also the correct selection if you'll be using a PCMCIA
- (laptop) Ethernet card and want to set up your networking in
- /etc/pcmcia/network.opts. (you could also configure a PCMCIA card using
- the "static IP" or "DHCP" options, but in that case will not be able to
- "hotplug" the card) Finally, this is the right option to use if you have
- a modem, and will be connecting via dialout and PPP. You'll select
- loopback now, and then set up your phone connection later using pppsetup
- or kppp.
- Static IP
- ---------
- If your machine has an Ethernet card with a static IP address assigned to
- it, you can use this option to set it up. You'll be prompted to enter
- your machine's IP address, netmask, the gateway IP address, and the
- nameserver IP address. If you don't know what numbers you should be
- using, ask the person in charge of the network to help. After entering
- your information, you'll be asked if you want to probe for your network
- card. This is a good idea, so say yes. Confirm that the settings are
- correct, and your networking will be configured to use a static IP
- address.
- DHCP
- ----
- DHCP stands for Dynamic Host Configuration Protocol, and is a system where
- your machine contacts a server to obtain its IP and DNS information.
- This is the usual way to get an IP address with broadband connections like
- cable modems (although some more expensive business-class broadband
- connections may assign static IP addresses). It is very easy to set up a
- DHCP connection -- just select the option. Some providers will give you a
- DHCP hostname (Cox is one that does) that you'll also need to enter in
- order to identify yourself to the network. If you don't have a DHCP
- hostname, just leave it blank and hit ENTER. After entering your
- information, you'll be asked if you want to probe for your network card.
- This is a good idea, so say yes. Confirm that the settings are correct,
- and your networking will be configured to use DHCP.
- Once you've completed all the configuration menus, you can exit setup and
- reboot your machine. Simply press ctrl-alt-delete and the kernel will
- kill any programs that are running, unmount your filesystems, and restart
- the machine.
- 5. Booting the installed Slackware system
- If you've installed LILO, make sure you don't have a disk in your floppy
- drive -- when your machine reboots it should start LILO. Otherwise, insert
- the bootdisk made for your system during the configuration process and use
- it to boot. Also, make sure to remove the CD-ROM to avoid booting it, or
- disable your machine's CD-ROM booting feature in the BIOS settings.
- The kernel will go through the startup process, detecting your hardware,
- checking your partitions and starting various processes. Eventually you'll
- be given a login prompt:
- darkstar login:
- Log into the new system as "root".
- Welcome to Linux 2.6.33.4.
- darkstar login: root
- Last login: Tue May 18 15:36:23 2010 on tty3.
- Linux 2.6.33.4.
- You have new mail.
- darkstar: ~#
- 6. Post-installation configuration
- Once the system is running, most of the work is complete. However, there
- are still a few programs you'll need to configure. We'll cover the most
- important of these in this section.
- 6.1 /etc/rc.d/rc.modules
- This file contains a list of Linux kernel modules. A kernel module is
- like a device driver under DOS. You can think of the /etc/rc.d/rc.modules
- file as similar to DOS's CONFIG.SYS. The file specifies which modules the
- system needs to load to support the machine's hardware. After booting
- your machine, you may find that some of your hardware isn't detected
- (usually an Ethernet card). To provide the support, you'll need to load
- the correct kernel module. Note that modern Linux kernels include a
- feature that allows the kernel to load its own modules, called udev.
- This will load many modules automatically without any need to edit
- rc.modules, and when using udev it might be better to tell it how to
- load the modules you want automatically rather than loading them at boot
- time with rc.modules. This is an advanced topic, and outside the scope of
- this document. If you're interested in this, "man udev" is a good
- place to start reading. In any case, it's best to not edit rc.modules
- unless you find that the modules you want to use are not being loaded
- automatically by udev. You can see a list of the modules that were loaded
- with the "lsmod" command. Likewise, in the majority of cases "alsaconf"
- is not required to configure sound. Rather, the "alsamixer" tool is used
- to unmute the Master and PCM channels and turn up the volume, and the
- "alsactl store" is used to save the sound defaults.
- There's a lot more information out there about kernel modules, including
- lists of module names and the cards they support, as well as extra options
- you can can add to the module lines to configure the hardware in different
- ways. The kernel's documentation in /usr/src/linux/Documentation has a
- lot of good information, as does the information shipped with udev (found
- under /usr/doc/udev-*).
- 6.2 Configuring the X Window System
- Configuring X can be a complex task. The reason for this is the vast
- numbers of video cards available for the PC architecture, most of which
- use different programming interfaces. Luckily, X has come a long way
- since the early days of X386, where monitor modelines had to be tediously
- calculated. With most hardware, X can now be run with NO configuration
- file or additional driver! But you still might want to make a
- configuration file if you'll be using a third party video driver (the
- installer for that may offer to make it for you), or if you just want to
- have greater control over the details of the X configuration.
- To try X without a configuration file, just type "startx" at a command
- line. If you're satisfied with the result, then you're done. If you
- would like X to start automatically at boot, see the /etc/inittab file
- once you've tested "startx" to be sure that X is working.
- If this doesn't work with your card, or if you'd like to take advantage of
- the high-performance features of your video card such as hardware
- acceleration or 3-D hardware rendering, then you'll need to reconfigure X.
- To configure X, you'll need to make an /etc/X11/xorg.conf file. This file
- contains lots of details about your video hardware, mouse, and monitor.
- It's a very complex configuration file, but fortunately there are several
- programs to help create one for you. We'll mention a few of them here:
- Xorg -configure
- ---------------
- Modern versions of X provide a simple way to create an initial xorg.conf
- file that often will work without any additional configuration, or, at the
- very least, provide a good base from which to customize the file. To run
- this command, enter the following in a root terminal:
- # Xorg -configure
- The X server probes for available hardware and creates an initial
- xorg.file located in the /root directory. You can then use this initial
- file to test the configuration by entering the following:
- # Xorg -config /root/xorg.conf.new
- This will load the initial xorg.conf.new file and run the X server. If
- you see the default black and gray checkered background with a mouse
- cursor appear, then the configuration was successful. To exit the X
- server, just press Ctrl+Alt+Backspace simultaneously. Once back at the
- command line, you can copy this xorg.conf.new file to /etc/X11/xorg.conf
- and begin making any manual edits necessary to customize your setup.
- xorgsetup
- ---------
- This is a simple menu driven frontend that's similar in feel to the
- Slackware installer. It simply tells the X server to take a look at the
- card, and then set up the best initial configuration file it can make
- based on the information it gathers. The generated /etc/X11/xorg.conf
- file should be a good starting point for most systems (and should work
- without modification).
- 6.3 Hardware acceleration with X
- If you've used xorgsetup or X -configure to configure for your card, and
- it's one that can take advantage of X's direct rendering support,
- you'll certainly want to enable this. Check your /etc/X11/xorg.conf and
- make sure that the glx module is loaded:
- Load "glx"
- This line will probably already be in place.
- 6.4 User Accounts
- You should make a user account for yourself. Using "root" as your
- everyday account is dangerous, and is considered bad form (at the very
- least) since you can accidentally damage your system if you mistype a
- command. If you're logged in as a normal user, the effects of bad
- commands will be much more limited. Normally you'll only log in as root
- to perform system administration tasks, such as setting or changing the
- root password, installing, configuring, or removing system software, and
- creating or deleting user accounts.
- To make an account for yourself, use the 'adduser' program. To start it,
- type 'adduser' at a prompt and follow the instructions. Going with the
- default selections for user ID, group ID, and shell should be just fine
- for most users. You'll want to add your user to the cdrom, audio, video
- plugdev (plugable devices like USB cameras and flash memory) and scanner
- groups if you have a computer with multimedia peripherals and want to be
- able to access these. Add these group names, comma separated, at the
- following prompt:
- Additional groups (comma separated) []:
- Passwords and security
- ----------------------
- When choosing passwords for a Linux system that is connected to a network
- you should pick a strong password. However, passwords only help protect a
- system from remote trespassing. It's easy to gain access to a system if
- someone has physical access to the console.
- If you forget the root password, you can use the install disc to mount
- your root partition and edit the files containing the password
- information. If you have a bootable optical drive, you can use the first
- installation CD-ROM or the DVD as a rescue disk.
- At the prompt, you can manually mount the root Linux partition from your
- hard drive ("fdisk -l" will give you a list) and remove the root password.
- For example, if your root linux partition is /dev/hda2, here are the
- commands to use after logging into the install disc as "root":
- mount /dev/hda2 /mnt
- cd /mnt/etc
- Next, you'll need to edit the "shadow" file to remove root's password.
- Editors which might be available include "vi", "emacs", "pico", and "nano".
- "vi" and "emacs" might be more of an adventure than you need unless you've
- used them before. The "pico" and "nano" editors are easy for beginners to
- use.
- pico shadow
- At the top of the file, you'll see a line starting with root. Right after
- root, you'll notice the encrypted password information between two colons.
- Here's how root's line in /etc/shadow might look:
- root:EnCl6vi6y2KjU:10266:0:::::
- To remove root's password, you use the editor to erase the scrambled text
- between the two colons, leaving a line that looks like this:
- root::10266:0:::::
- Save the file and reboot the machine, and you'll be able to log in as root
- without a password. The first thing you should do is set a new password
- for root, especially if your machine is connected to a network.
- Here are some pointers on avoiding weak passwords:
- 1. Never use your name (or anyone's name), birthdate, license plate,
- or anything relating to yourself as a password. Someone trying
- to break into your machine might be able to look these things up.
- 2. Don't use a password that is any variation of your login name.
- 3. Do not use words from the dictionary (especially not "password" :)
- or syllables of two different words concatenated together as your
- password. There are automated programs floating around on the net
- that can try them all in a short time.
- 4. Do not use a number (like 123456) or a password shorter than six
- characters.
- The strongest passwords are a mix of letters, numbers, and symbols.
- Here are some examples of strong passwords (but don't use these ;-):
- *^5g!:1? ()lsp@@9 i8#6#1*x ++c$!jke *2zt/mn1
- In practice, any password containing one or two words, a number (or two),
- and a symbol (or two) should be quite secure.
- 7. For more information
- For more information, visit our web site at http://www.slackware.com
- To shop for fine Slackware products (and help keep the project funded),
- please visit http://store.slackware.com. :-)
- Email: info@slackware.com (Information or general inquiries)
- FTP: ftp://ftp.slackware.com (Updates)
- WWW: http://www.slackware.com (News)
- Security issues: security@slackware.com
- General Hotline: volkerdi@slackware.com
- 8. Trademarks
- Slackware is a registered trademark of Slackware Linux, Inc.
- Linux is a registered trademark of Linus Torvalds.
- All trademarks are property of their respective owners.
- http://ftp.slackware.com/pub/slackware/slackware-current/Mozilla/5.0
- http://ftp.slackware.com/
- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Installing Slackware on Logical volumes
- =======================================
- Introduction
- ------------
- For a long time, it has been common for other distros to support
- installation to Logical Volumes. In Slackware, the installer has never
- supported this, but the gurus usually would find a way to create logical
- volumes and install or migrate their Slackware onto those. Having your
- Slackware installed fully on LVM was near impossible until Slackware 12.0.
- Slackware 14.1 has improved support for LVM built into the installer.
- Preparing Logical Volumes (LV)
- ------------------------------
- * Existing LV
- The Slackware installer will recognize and activate any pre-existing
- Logical Volumes on your hard drive(s). These Logical Volumes will be
- selectable targets for the creation of the filesystems (like /, /usr, /home,
- /var)
- * New LV
- When you need to create the LV, you need to do this before starting the
- 'setup' program. You may have to run (c)fdisk first to create the partition
- you want to use for setting up the logical volumes. For any partition you
- create and that you want to use for LVM, you should set the partition type
- to '8e' (Linux LVM).
- In the next example, I will assume we use a single 10 GB partition
- '/dev/sda1' for our Volume Group (VG). With LVM, it is possible to use
- multiple physical volumes (i.e. partitions, whole disks) for a VG, but that is
- left as an exercise for the reader. You can always add extra physical volumes
- to your VG later. We will create a VG called 'myvg' and on that VG create two
- LV's called 'root' and 'home'. The first is going to contain the root partition
- ('/') and the second will become our '/home' partition.
- After booting your computer from the Slackware CD/DVD/USB, and logging in
- as root, you run the following sequence of commands to create the Physical
- Volume (PV), the Volume Group (VG) within that PV and two LV's of size 6GB
- (root) and 3GB (home) inside the VG:
- # pvcreate /dev/sda1
- # vgcreate myvg /dev/sda1
- # lvcreate -L 6G -n root myvg
- # lvcreate -L 3G -n home myvg
- ========================================================================
- NOTE: if you want, you can just allocate all remaining space inside the
- VG to a Logical Volume. Suppose we want to allocate all available
- space to our 'home' LV, then this will the command to use instead
- of the previous one (note the use of '-l' instead of '-L'):
- # lvcreate -l 100%FREE -n home myvg
- ========================================================================
- The device nodes for the logical volumes are created, and the volumes
- will be activated automatically when running lvcreate.
- This is all we need to do before running 'setup'.
- Using LVM during setup
- ----------------------
- In setup, when you choose "TARGET" in the main menu, you will notice that
- the LV's are available in the Linux partition selection. Our two LV's "root"
- and "home" are visible as "/dev/myvg/root" and "/dev/myvg/home". Select the
- first for your root ('/') filesystem, and the other for your /home filesystem.
- Create any filesystem you like on them. My favorite fstype still is ext3,
- but you can choose ext4, xfs or jfs for stability and speed.
- Setup will proceed as usual, but when you get to the point where you are
- presented with the lilo configuration dialog, it is almost time to perform
- one final manual tweak. Proceed with configuring your lilo as usual, and
- select '/dev/myvg/root' as your root filesystem to boot. When you install
- lilo, it will probably not complain, but be aware that having your root
- filesystem on a Logical Volume requires an initial ramdisk (initrd). The
- Slackware installer will not create it for you, and this requires some
- manual intervention after the setup program has finished and you've been
- returned to the command prompt. For now, you can continue with the Slackware
- setup as usual, but at the end, do not reboot just yet!
- At the end of the setup program it will prompt you to select "EXIT" and
- press 'Ctrl-Alt-Del' to reboot the computer. Exit the menu but DO NOT
- reboot just yet! At this point, we are going to create our initrd image.
- Fortunately, the Slackware installer has done some of the work for us.
- It will have created the LVM device nodes which lilo needs in order to
- install successfully. The installer will have mounted the /sys and /proc
- filesystems as well. Inside a 'chroot' we will create an initrd image
- and configure lilo to use it with the generic kernel. Be aware that
- Slackware's 'huge' kernels are too big to work with an initrd image using
- the lilo bootloader. Lilo will complain that there is too little space
- left in the 15M-16M 'memory hole'.
- We are going to 'chroot' into our fresh installation:
- # chroot /mnt
- Next, while we are in the chroot, create the initrd with LVM support -
- in the example command line I assume that the root filesystem is 'ext3',
- we used the LV '/dev/myvg/root' as the root device, and are running the
- Slackware 14.1 default SMP kernel '3.10.17-smp':
- # mkinitrd -c -k 3.10.17-smp -m ext3 -f ext3 -r /dev/myvg/root -L
- The resulting initrd image will be written to the file '/boot/initrd.gz'
- by default. We still need to tell lilo about this initrd, so open the
- configuration file '/etc/lilo.conf' in an editor such as vi or pico - it
- should already have been generated by the 'liloconfig' part of setup. Look
- for the "Linux bootable partition config" and add a line for the initrd.
- Additionally, we change the filename of the kernel to be used. The default
- filename added by 'liloconfig' is '/boot/vmlinuz' which is a symbolic link to
- the huge SMP kernel. Remember that we need a 'generic' kernel with the initrd.
- The end result should look somewhat like this:
- image = /boot/vmlinuz-generic-smp-3.10.17-smp
- initrd = /boot/initrd.gz
- root = /dev/myvg/root
- label = linux
- read-only
- Double-check that the label you are using ('linux' in the above example)
- is unique in the /etc/lilo.conf file. If you are satisfied that everything
- looks OK, write the changes, exit the editor and (re-) run lilo while in
- the chroot. Lilo will issue a couple of warnings concerning a difference in
- what /proc/partitions reports and what lilo thinks are available partitions,
- but it is safe to ignore these.
- =====================================================================
- An alternative method of creating the commandline for mkinitrd is
- to use the '/usr/share/mkinitrd/mkinitrd_command_generator.sh' script
- which is part of the mkinitrd package. This script will analyze your
- Slackware installation and show you a useable 'mkinitrd' commandline:
- # /usr/share/mkinitrd/mkinitrd_command_generator.sh -r
- The above command would emit a commandline (almost) exactly as I
- showed earlier in this README. If you are satisfied that it is the
- correct command for you, then there is no need to type it manually;
- just enclose the above line in "$()" which will actually run the command
- and create your initrd:
- # $( /usr/share/mkinitrd/mkinitrd_command_generator.sh -r )
- All that is left then is to update /etc/lilo.conf and run 'lilo'.
- =====================================================================
- You're done in the chroot now. Exit the chroot by running the command
- 'exit' and return the original console prompt (not that this looks any
- different from the prompt inside the 'chroot' environment!).
- This completes the installation of Slackware. Good luck with your fresh
- 'Slackware with a root filesystem-on-LVM' !
- A word about using a Logical Volume for SWAP
- --------------------------------------------
- The setup program is able to detect a Logical Volume and use it as a swap
- partition, on the condition that you have manually formatted the LV as
- swap before you start 'setup'. That way, you will be able to select it as a
- usable swap partition in the ADDSWAP section. The setup program will inspect
- all your logical volumes for a swap header. Here is how you create the LV,
- assuming you already created the Volume Group 'myvg' earlier - see above -
- and left enough unallocated space in that VG:
- # lvcreate -L 1G -n swap myvg
- This command creates a 1 GB large Logical Volume called 'swap' (but any
- name will do) in the 'myvg' Volume Group. Next, format the volume for
- use as swap partition:
- # mkswap /dev/myvg/swap
- This is enough to get it recognized by the setup program. Have fun!
- ========================================================
- Author:
- Eric Hameleers <alien@slackware.com> 13-oct-2013
- Wiki URLs:
- http://www.slackware.com/~alien/dokuwiki/doku.php?id=slackware:setup
- Documentation:
- /usr/doc/Linux-HOWTOs/LVM-HOWTO
- http://ftp.slackware.com/pub/slackware/slackware-current/Mozilla/5.0
- http://ftp.slackware.com/
- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
- Installing Slackware on encrypted volumes
- =========================================
- Contents:
- * Introduction
- * Using cryptsetup during Slackware installation
- * Encrypting your '/home' partition
- * Encrypted swap
- * Encrypted root filesystem
- * Combining LUKS and LVM
- * Hibernation (suspend-to-disk)
- * Additional passphrases, keyfiles
- * A note on custom kernels
- * USB keyboards and LUKS
- * A mkinitrd helper script
- Introduction
- ------------
- Increasingly common in modern Linux distributions is the ability to
- install onto an encrypted partition (or drive, or volume). Especially for
- people with a laptop who are traveling a lot, it adds a lot to the security
- of your data if access to that data is denied to the potential thief of
- your computer.
- Starting with release 12.0, Slackware has support for LVM built into the
- installer. With a little more effort, the installer offers the opportunity to
- use transparent encryption on the partitions/volumes/disks where you install
- Slackware. You can combine the use of LVM and encryption to minimize the
- number of times you need to enter an unlock passphrase. If you want to know
- more about setting up and using LVM during the installation, read the file
- 'README_LVM.TXT'.
- Slackware uses device-mapper and cryptsetup to achieve transparent
- encryption of your data partitions and your swap. Cryptsetup uses a
- concept called LUKS (Linux Unified Key Setup) which enables you to change
- your unlock password for the encrypted volume without having to re-encrypt
- all of your data. You can even assign multiple passphrases to an encrypted
- volume, so that other people besides you are able to unlock the encryption
- without the need to know _your_ passphrase.
- When preparing a partition for transparent encryption with cryptsetup,
- the program will ask you for a password. This password is used to encrypt
- another randomly generated password and this particular password is used
- to actually encrypt the data inside the mapped volume. Cryptsetup will
- create a mapped device and make this block device available under the
- '/dev/mapper' directory. Any data read from or written to this mapped device
- will automatically be decrypted from / encrypted to the actual partition.
- A big NOTE finally. When you encrypt your root filesystem, you will have
- to make sure that there will be at least one (small) partition which is
- left unencrypted. This partition must contain the kernel(s) you want to boot
- from, and the initrd image that is needed with encrypted volumes. You need
- to install LILO either to the MBR - or if that is not possible, into the
- root sector of this small unencrypted partition. You will probably guess
- why we can not use an encrypted partition for this...
- Using cryptsetup during Slackware installation
- ----------------------------------------------
- We are going to enable encryption on some or all of our partitions or
- volumes before installing Slackware onto them. The first section to follow
- deals with encrypting a single partition which is not the root partition.
- Typically, people have a need to encrypt their home directories and that is
- where that section will focus on. Next is a section on encrypting your
- swap partition in addition to your /home partition. The swap partition
- contains valuable information for a data thief, even after you power off
- your computer. By encrypting the swap partition we deny the potential thief
- access to this data. The section following that will show you how to get
- a fully encrypted system, by encrypting the root ('/') filesystem as well.
- This is a little harder to do, but probably worth the effort.
- To make it more interesting, _and_ easier to use, we will devote a final
- section to using a combination of LVM and disk encryption. As an example,
- we will create a single big encrypted partition, and inside that encrypted
- 'container' we create several Logical Volumes which we will use as our root
- (/), /home and swap partitions. The advantages of this approach are, that you
- will need only a single passphrase to unlock your computer, and you will not
- have to maintain an '/etc/crypttab' file containing information about encrypted
- volumes that need to be unlocked during boot-up. Additionally, we will be
- rewarded with a swap partition that we can use for suspend-to-disk and that
- will remain encrypted after shutdown (so that for instance a potential data
- thief will not be able to get to your valuable data even if you hibernated
- your laptop).
- If you choose this last option to get a fully encrypted Slackware, it is
- advisable to read the 'README_LVM.TXT' file to make yourself more familiar
- with the process of creating and using Logical Volumes during installation
- of Slackware. And then, skip right through to the section of this document
- called "Combining LUKS and LVM".
- Encrypting your '/home' partition
- ---------------------------------
- After the computer boots up from the install CD/DVD (or USB flash disk,
- or PXE) and you find yourself at the '#' prompt, the first thing to do is
- use 'fdisk' or 'cfdisk' to create any partitions you need for your Slackware.
- Next, use 'cryptsetup' to prepare the partitions you intend to be
- encrypted. Note: this section of the README concerns itself with setting
- up encrypted *data* partitions. If you want to know how to configure an
- encrypted *swap* partition, skip to the section called "Encrypted swap".
- Suppose, you want to encrypt the partition called '/dev/sdx2' and use it
- as your '/home' filesystem. (Please replace '/dev/sdx2' with the name of YOUR
- PARTITION in the next series of examples). Several of the commands shown below
- will irrevocably destroy any data that you currently have on the partition. It
- is a good idea to double check the output from 'fdisk -l' before you start.
- * To begin with, we are going to fill the partition with random data. This
- will make it a lot harder for any forensics expert to determine where your
- encrypted data resides on that partition after we're finished installing
- Slackware onto it. The process will take a long time - depending on the
- size of your partition it may take hours or more. if you're not _too_
- concerned with the possibility of an FBI agent confiscating your computer,
- you can skip this command:
- # dd if=/dev/urandom of=/dev/sdx2
- * Prepare the partition for encryption. You will be asked twice to enter
- a passphrase. Note that a passphrase is not limited to a single word. The
- passphrase may contain spaces. We will use a key size of 256 bits. The
- default cipher is 'aes', with mode 'cbc-essiv:sha256' which is safe enough.
- # cryptsetup -s 256 -y luksFormat /dev/sdx2
- You can dump information about the encrypted partition to your console by
- running the following command:
- # cryptsetup luksDump /dev/sdx2
- * Now we will 'open' the encrypted partition and let the devicemapper create
- a mapped block device. We will use the mapped device which behaves just like
- an ordinary disk partition when we get to the TARGET selection in 'setup'. The
- mapped device nodes will be created in the directory '/dev/mapper'. The command
- will ask you for the passphrase which you entered during the "luksFormat"
- operation. The last argument that the command takes is the name of the mapped
- device. We will call our mapped device 'crypthome' (any name will do). It
- will be available for use as the block device '/dev/mapper/crypthome'.
- # cryptsetup luksOpen /dev/sdx2 crypthome
- * We've now finished our preparations, and it is time to start the 'setup'
- program and install Slackware. This setup does not differ at all from the
- setup you have become used to. The only notable difference lies in the
- names of the devices you will select for your target partitions. Be sure
- to read until the end of the story though, because we will have to do some
- postprocessing in order to make your encrypted partitions available after
- reboot (setup can not yet do all of this automatically).
- * In setup, under "ADDSWAP", proceed as usual and configure a normal
- unencrypted swap partition, even if you want to have your swap encrypted.
- We will take care of swap encryption after the installation of Slackware
- finishes.
- * In setup, when you choose "TARGET" in the main menu, you will notice that
- the mapped device is available in the 'Linux partition' selection as
- "/dev/mapper/crypthome". Select the partition you designated for your
- root ('/') filesystem, and next select "/dev/mapper/crypthome" for your
- '/home' filesystem. Create any filesystem you like on them. My favorite
- fstype still is ext3, but you can choose xfs or jfs for stability and speed.
- NOTE: The underlying partition will *also* be visible in the target selection
- menu. Be very careful NOT to select this device ('/dev/sdx2' in our
- example) for any other filesystem you wish to create, or you will
- destroy the data on the encrypted partition.
- * At the end of the Slackware installation when you select "Exit", don't
- reboot just yet! We are going to create a configuration file for
- the cryptsetup program, called '/etc/crypttab'. This file contains the
- information cryptsetup needs for unlocking your encrypted volume and mapping
- it to the correct device name. The file '/etc/crypttab' contains lines of the
- format: "mappedname devicename password options". Since we are still inside
- the installer, the root filesystem of our fresh Slackware installation is
- still mounted under '/mnt'. For our example where we encrypted '/dev/sdx2'
- and mapped the unlocked device to '/dev/mapper/crypthome', we need this
- single line in '/etc/crypttab':
- crypthome /dev/sdx2
- So, we need to run the command:
- # echo "crypthome /dev/sdx2" > /mnt/etc/crypttab
- in order to create the file with the required content (I am assuming here
- that the file did not yet exist... the above command will overwrite the
- data in the file should it have existed). You can of course also just
- start the 'vi' editor and add the above line. When the password is not
- listed in the crypttab file (potentially very unsafe of course) cryptsetup
- will ask you for the password when your computer boots.
- Encrypted swap
- --------------
- In the previous chapter we have installed Slackware using an encrypted
- /home partition, but left the swap partition unencrypted. We are going
- to take care of that 'omission' right now, because we do not want to give
- a potential data thief access to any sensitive data which landed on your
- disk because of the kernel's memory swapping process.
- It really is very simple and straight-forward. It is also independent of
- whether or not you are using encryption for any other (data) partition.
- Add the following line to the 'crypttab' file on your fresh installation
- of Slackware - for the sake of this example I am assuming that the swap
- partition you chose is '/dev/sdx3':
- cryptswap /dev/sdx3 none swap
- You can use the 'vi' editor to add this line to '/mnt/etc/crypttab'.
- You can also choose to run the following command which adds that line to
- the end of the file:
- # echo "cryptswap /dev/sdx3 none swap" >> /mnt/etc/crypttab
- We need to edit the 'fstab' file of your Slackware installation so that
- the correct device will be used for the swap after your computer reboots
- (the device '/dev/sdx3' will no longer be useful, but '/dev/mapper/cryptswap
- will'). The line in '/mnt/etc/fstab' for your swap will look like this at
- first:
- /dev/sdx3 swap swap defaults 0 0
- and you will have to change it so that it becomes like this:
- /dev/mapper/cryptswap swap swap defaults 0 0
- These two edits are sufficient. The above instructions assume that you
- edited the 'crypttab' file at the end of a Slackware installation, but in
- fact you can do this at any time. The Slackware boot-up process will
- take care of the rest. At shutdown of your Slackware, the encrypted swap
- partition will be reformatted as a normal unencrypted swap, so that any
- other OS-es you might be running in a multi-boot configuration will have
- no problems in using this swap partition as well.
- NOTE: the swap partition is encrypted with a new randomly generated key every
- time your computer boots.
- There is no need to ever enter a passphrase!
- NOTE: having an encrypted swap like this causes a re-format of the swap
- partition on avery boot-up and shutdown. This is perfectly OK as long
- as you do not change the order of your hard disks. If you add a disk,
- or move this disk to another computer, the device name may change (for
- instance from sda to sdb) and if you forget to modify '/etc/crypttab'
- your system may end up formatting the wrong partition!
- For this reason alone, it is recommended that you implement disk
- encryption including swap using the "Combining LUKS and LVM" method
- described in the chapter with the same name!
- Encrypted root filesystem
- -------------------------
- You can go one step further than merely encrypting your '/home'
- filesystem's partition. You can choose to encrypt _all_ of your Slackware
- partitions, including the root partition. In that case you will have to
- perform some additional post-install configuration before you reboot your
- Slackware box.
- NOTE: the method described here will result in having several independently
- encrypted partitions. This may require you to enter multiple
- passphrases in order to unlock all of these partitions. If you want to
- unlock your complete system using a single passphrase, and if you do
- not shy back from using LVM, then the better alternative is to follow
- the instructions in the "Combining LUKS and LVM" chapter which follows
- next. If you think that LVM adds one layer of complexity too much,
- then just read on and implement the solution described right here.
- * Be sure to create a small partition which you leave *unencrypted*. Tell
- the installer to mount it under '/boot'. The kernel and the initrd (with
- the cryptsetup and additional required kernel modules) will go there. We are
- going to assume that Slackware is the only OS on the computer so that you
- can tell lilo to install the bootloader in the MBR (which is the default
- option). Lilo is able to boot a Windows if you already had that installed on
- your computer, so even in the dual-boot situation it should be safe to use
- the MBR. With other Linux distributions already present on the computer,
- things may be a little more difficult - you will have to install lilo to
- the /boot partition then.
- * Perform a Slackware install just like I described above, creating
- additional encrypted partitions and mapping them to appropriate names -
- for this example I assume that you map the encrypted root partition
- '/dev/sdx1' to 'cryptroot'. When the LILO configuration pops up, tell lilo
- that your root partition is '/dev/mapper/cryptroot'. Lilo will try to
- install and fail, and will tell you so. It will however have written a
- 'lilo.conf' file which we can edit in a follow-up action. Proceed with
- the installation and at the end, exit the setup program but do _not_
- reboot just yet.
- * After you are returned to the command prompt, perform a 'chroot' into the
- new installation. All the filesystems are still mounted, and the Slackware
- installer will already have mounted the /sys and /proc filesystems for use
- in the 'chroot'. We only need to run the following command:
- # chroot /mnt
- * Next, now that we are in the chroot, create the initrd with LVM (if you
- used Logical Volumes) and CRYPT support - or else your Slackware computer
- will not be able to proceed past the initial stage of booting the kernel.
- The initial ramdisk (initrd) contains a small filesystem with the tools
- needed to unlock the root filesystem, so that the kernel can start the init
- program. In the example command line below which creates the 'initrd.gz'
- image I assume that the root filesystem is 'ext3', we used the mapped device
- 'cryptroot' for the root filesystem on the real partition '/dev/sdx1',
- and are running the Slackware 14.1 default SMP kernel '3.14.10-smp'
- and we did not use Logical Volumes (more about that in the next section):
- # mkinitrd -c -k 3.14.10-smp -m ext3 -f ext3 -r cryptroot -C /dev/sdx1
- * The resulting initrd image will be written to the file '/boot/initrd.gz'
- by default. We still need to tell lilo about this initrd. Open the
- configuration file '/etc/lilo.conf' in an editor such as vi or pico -
- it should already have been generated by the 'liloconfig' part of setup.
- Look for the "Linux bootable partition config" and add a line for the initrd.
- We also need to change the kernel file to a generic kernel, because lilo
- is unable to combine the 'huge' kernels in Slackware 14.0 with an initrd
- image - it will complain about "The initial RAM disk is too big to fit
- between the kernel and the 15M-16M memory hole" if you try with a 'huge'
- kernel. We can live with that, since the 'huge' kernels are not meant
- for day-to-day use anyway. They are meant to install Slackware on a wide
- range of computers and that is why they are 'huge'. The linux part of
- '/etc/lilo.conf' should end up looking somewhat like this:
- image = /boot/vmlinuz-generic-smp-3.14.10-smp
- initrd = /boot/initrd.gz
- root = /dev/mapper/cryptroot
- label = linux
- read-only
- If you add the above section as an extra instead of editing what's already
- present, make sure that the label you use ('linux' in the example above)
- is unique in the configuration file.
- * If you have another OS on your computer and can not install lilo to the
- MBR, you will have selected "Install to superblock (Root)" instead. In
- that case, we have one additional change to make, and that is almost at the
- top of the file. Look up the line that says "boot = /dev/mapper/cryptroot"
- which is the device for your root partition and which was the reason for
- lilo failing to install. Change the boot device to the name of the small
- *unencrypted* partition you've created at the beginning and which is
- mounted under '/boot'. Assuming the name of that partition is '/dev/sdx4',
- the "boot =" line must become like this:
- boot = /dev/sdx4
- We are done. Write the changes, exit the editor and run the command 'lilo'.
- Lilo will issue a couple of warnings concerning a difference in what
- '/proc/partitions' reports and what lilo thinks are the available partitions,
- but it is safe to ignore these.
- Reboot now, and you will be presented with a "Enter passphrase: "
- prompt. After entering the passphrase which unlocks your root filesystem,
- the system will boot into Slackware. If there are other encrypted partitions,
- you will be prompted for their respective passphrases, too.
- Combining LUKS and LVM
- ----------------------
- Until now, we have been occupying ourselves with encrypting separate
- partitions. This is all fully functional, but there are a few drawbacks.
- One, you will need to enter a passphrase for every partition you have encrypted
- (except for the swap which Slackware encrypts with a random passphrase
- on every boot). Two, the method used for encrypting the swap partition
- prohibits the use of the swap as a hibernation partition. And since the
- initrd of Slackware 14.0 supports hibernation, it would be a shame not to be
- able to use this feature on your laptop (which, because of it's portability,
- is the primary target for full disk encryption anyway).
- This section of the README_CRYPT.TXT will deal with these drawbacks and
- offer you full disk encryption (including swap) that needs only a single
- passphrase to unlock and allows for hibernation (suspend-to-disk).
- We are assuming that Slackware will be the only Operating System on your
- computer. In case you already have an OS installed (such as MS Windows), the
- procedure may be a little different because you can not always install lilo to
- the MBR. After booting from the Slackware installation medium, we will
- create a small unencrypted partition that will contain the Linux kernels and
- the initrd image(s). The rest of the disk's free space will be dedicated to
- a single partition which we are going to encrypt. On top of the encrypted
- volume, we are going to create several Logical Volumes, and these LV's
- are going to be formatted as our Slackware partitions ('/', '/home' and
- 'swap'). These are the steps in more detail:
- * Use (c)fdisk to create your partitions. For the sake of this example, I
- am going to assume that /dev/sdx1 is a 100 MB large partition and /dev/sdx2
- is the large partition that eats up the remainder of your disk's free space.
- * First, create a LUKS-encrypted volume on top of /dev/sdx2 after you
- have optionally filled the partition with random data (read the section
- "Encrypting your '/home' partition" for more information about why you
- would want to fill your partition with random data first):
- # dd if=/dev/urandom of=/dev/sdx2
- * Prepare the partition for encryption. You will be asked twice to enter
- a passphrase. Note that a passphrase is not limited to a single word. The
- passphrase may contain spaces. We will use a key size of 256 bits. The
- default cipher is 'aes', with mode 'cbc-essiv:sha256' which is safe enough.
- # cryptsetup -s 256 -y luksFormat /dev/sdx2
- * Open the encrypted partition so that we can start using the mapped device
- which exposes the partition as an unencrypted block device. The command
- will ask you for the passphrase which you entered during the "luksFormat"
- operation. The last argument that the command takes is the name of the mapped
- device. We will call our mapped device 'slackluks' because I am not feeling
- original today. The mapped device which we will be using for unencrypted
- operations will therefore be '/dev/mapper/slackluks'.
- # cryptsetup luksOpen /dev/sdx2 slackluks
- * The LVM part is next. Create a Physical Volume (PV) on device
- '/dev/mapper/slackluks', a Volume Group (VG) called 'cryptvg' - any name will
- do - on the PV, and three Logical Volumes (LV's) in the VG, one for your
- root partition (7 GB in size), one for the /home partition (10 GB in size)
- and a third which we will use for swap (1 GB in size). You will probably
- use different sizes depending on your environment and wishes, but keep the
- sum of the LV sizes less than the total size of the Physical Volume:
- # pvcreate /dev/mapper/slackluks
- # vgcreate cryptvg /dev/mapper/slackluks
- # lvcreate -L 7G -n root cryptvg
- # lvcreate -L 10G -n home cryptvg
- # lvcreate -L 1G -n swap cryptvg
- * Run 'mkswap' so that the 'setup' program will identify the 'swap'
- LV as a valid swap partition:
- # mkswap /dev/cryptvg/swap
- * With the system properly prepared, you can launch 'setup'. The 'setup'
- program will identify the LV swap volume and activate it. When appointing
- the partitions to use for your filesystems, select '/dev/cryptvg/root' for the
- root partition, next select '/dev/cryptvg/home' to be used for your /home .
- And lastly, assign the partition /dev/sdx1 to a /boot filesystem. This
- '/boot' filesystem will be the only unencrypted part of your computer.
- You will notice that there are several more devices to select from but
- *don't* touch these! The devices such as /dev/mapper/* are the underlying
- device names for the encrypted and LVM volumes. If you choose to touch any
- of these, you will destroy the data on the /dev/cryptvg/* volumes which you
- are using.
- After partitioning, we end up with a filesystem configuration like this:
- /dev/cryptvg/root /
- /dev/cryptvg/home /home
- /dev/sdx1 /boot
- * When installation of the packages has finished, the system configuration will
- start, and one of the dialogs will be for 'liloconfig'. The assumption is that
- you are installing Slackware as the only OS on your computer. This means that
- you must install lilo to the MBR. Even if you have another OS like MS Windows
- installed already, Slackware's lilo bootloader will be able to boot Windows
- if you install lilo to the MBR. Choose "expert lilo configuration" with the
- option "Install to Master Boot Record (MBR)". Select '/dev/cryptvg/root' as
- the root partition to boot. Add any Windows partition to lilo if you want to
- dual-boot Windows. Finally, when liloconfig installs the bootloader, you may
- see an error message stating that the "installation failed". Ignore this,
- because we will have to add an initrd to '/etc/lilo.conf' anyway and re-run
- lilo. We will do this after the Slackware installation has come to it's end.
- * Let the installation complete, and after you select "EXIT" you will be
- returned to the command prompt. DO NOT reboot just yet! This is the moment
- where we fix our bootloader. To do so, we will 'chroot' (change root) into
- our freshly installed Slackware filesystem. The setup program has done all
- the preparations already, such as re-mounting /sys and /proc below /mnt and
- generating LVM device nodes in /mnt . Enter the 'chroot' using the command:
- # chroot /mnt
- * In the chroot, you create an initrd image with LVM and CRYPT support -
- or else your Slackware computer will not be able to proceed past the initial
- stage of booting the kernel. The initial ramdisk (initrd) contains a small
- filesystem with the tools needed to unlock the root filesystem, so that
- the kernel can start the init program. In the example command line below
- which creates the 'initrd.gz' image I assume that you formatted the root
- filesystem as 'ext3', and will be running the Slackware 14.0 default SMP
- kernel '3.14.10-smp' :
- # mkinitrd -c -k 3.14.10-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
- NOTE: if you use a non-US keyboard and need to enter a passphrase during boot,
- this may be problematic if the keyboard mapping is US while Slackware
- runs from the initrd filesystem. In this case, add support for your
- keyboard to the initrd image using this additional parameter to the
- 'mkinitrd' command above: "-l <language>". The string <language> is the
- same as the one you select in the installer when your keyboard is
- non-US. Example for a dutch keyboard: "-l nl".
- * The resulting initrd image will be written to the file '/boot/initrd.gz'
- by default. We still need to tell lilo about this initrd, so open the
- configuration file '/etc/lilo.conf' in an editor such as vi or pico -
- it should already have been generated by the 'liloconfig' part of setup.
- Look for the "Linux bootable partition config" and add a line for the initrd.
- We also need to change the kernel file to a generic kernel, because lilo
- is unable to combine the 'huge' kernels in Slackware 14.0 with an initrd
- image - it will complain about "The initial RAM disk is too big to fit
- between the kernel and the 15M-16M memory hole" if you try a 'huge'
- kernel. We can live with that, since the 'huge' kernels are not meant
- for day-to-day use anyway. They are meant to install Slackware on a wide
- range of computers and that is why they are 'huge'. The linux part of
- '/etc/lilo.conf' should end up looking somewhat like this:
- image = /boot/vmlinuz-generic-smp-3.14.10-smp
- initrd = /boot/initrd.gz
- root = /dev/cryptvg/root
- label = linux
- read-only
- If you add the above section as an extra instead of editing what's
- already present, make sure that the label you use ('linux' in the example
- above) is unique in the configuration file.
- We are done. Save your changes, exit the editor and run the command
- 'lilo'. Lilo will issue a couple of warnings concerning a difference in
- what '/proc/partitions' reports and what lilo thinks are the available
- partitions, but it is safe to ignore these. Reboot now, and you will be
- presented with a "Enter passphrase: " prompt. After entering the passphrase
- which unlocks your encrypted partition, the system will boot into Slackware.
- You will be able to work as usual, and when you shut the machine down (or
- suspend to disk using the swap partition) all your data (including swap)
- will be encrypted when stored on disk.
- As you may have noticed, there was no need to create a file '/etc/crypttab'
- this time. Also, there is only a single passphrase to enter. Additionally,
- the swap is encrypted by default which is a big plus if you intend to use a
- laptop and carry it around with you in a hibernated state. All considered,
- this is the most elegant way of encrypting your Slackware computer if you
- do not mind using LVM.
- Additional passphrases, keyfiles
- --------------------------------
- The cryptsetup program assigns 7 'key slots' to any partition or volume
- it encrypts. Each of those seven slots can contain a key to unlock the
- partition's data. The key can be a passphrase, but the content of a
- *keyfile* is another option. You can then pass the name of a file as a
- parameter to cryptsetup in order to unlock an encrypted volume so that
- you won't have to type a passphrase. This creates the possibility to
- use a keyfile on a removable USB flash disk for unlocking your Slackware
- computer. Slackware supports keyfiles: if the file can be found on the file
- system, it will be used and you won't have to type a passphrase.
- A keyfile on a FAT formatted USB stick can be used as well. This scenario
- requires you to use the "-K" parameter to mkinitrd to specify the USB stick's
- FAT-label or UUID, as well as the full path to the keyfile. An example:
- # mkinitrd -c -k 3.14.10-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L -K LABEL=TRAVELSTICK:/keys/alien.luks
- The mkinitrd of Slackware 13.1 introduced this support for USB sticks as
- unlocking mechanism. Alternatively, after the root filesystem is unlocked
- and mounted, it is completely safe to have a keyfile for _additional_
- encrypted filesystems stored in for instance the '/root' directory.
- That way, you still have only one passphrase to type.
- Hibernation (suspend-to-disk)
- -----------------------------
- I will touch briefly on the subject of enabling 'suspend-to-disk'
- because it is not documented properly anywhere else. Configuring your
- Slackware computer for hibernation can be done at any time, it is not
- required to do this during installation of Slackware. Suppose you want
- to use the swap partition '/dev/cryptvg/swap' for hibernation, then you
- must perform the following two steps:
- (1) add "resume=/dev/cryptvg/swap" to the 'append =' line in your
- '/etc/lilo.conf' file. The 'append' line may end up looking like this:
- append = "vt.default_utf8=0 resume=/dev/cryptvg/swap"
- (2) add "-h /dev/cryptvg/swap" as an extra parameter to your mkinitrd command
- to create an initrd with support for resuming from a swap partition.
- Do not forget to run 'lilo' after creating the new initrd.gz file!
- A note on custom kernels
- ------------------------
- If you want to compile your own custom kernel to work with LUKS encrypted
- partitions, you need to enable at least the following two options in your
- kernel configuration:
- Multiple devices driver support (RAID and LVM) --->
- <*> Device mapper support
- <*> Crypt target support
- This is equivalent to the following options in your .config file:
- CONFIG_BLK_DEV_DM=y
- CONFIG_DM_CRYPT=y
- Do not compile these as module! They are required in your kernel.
- USB keyboards and LUKS
- ----------------------
- If you have set up an encrypted root partition, you will need to have
- access to your keyboard in order to type the passphrase. This may require
- you to add the 'uhci-hcd' and 'usbhid' modules to your initrd image if you
- have a USB keyboard. Also note that if you are using a non-US keyboard,
- you can use the '-l' parameter to the 'mkinitrd' command in order to add
- support for this keyboard to your initrd.
- A mkinitrd helper script
- ------------------------
- The mkinitrd package in Slackware 14.0 (and on) ships with a script called
- 'mkinitrd_command_generator.sh'. If you run this script, it will analyze
- your Slackware configuration and make a smart suggestion about the 'mkinitrd'
- command you have to type in order to create an initrd.gz with all the bells
- & whistles. The script will recognize your kernel version, root partition
- and filesystem, it will find out if you are using LUKS and/or LVM and will
- determine what kernel modules your initrd needs to mount the root filesystem.
- The following command will save you the headache of figuring this out all
- by yourself:
- # /usr/share/mkinitrd/mkinitrd_command_generator.sh -r
- It should emit a string like this (your system will probably give different
- parameter values):
- mkinitrd -c -k 3.14.10-smp -m ext3 -f ext3 -r /dev/cryptvg/root -C /dev/sdx2 -L
- You can copy and paste this output to your command prompt, and add any other
- parameters you need such as "-h" to indicate a hibernation partition or
- "-l" to indicate you are using a non-US keyboard layout. You can even run
- the script in full interactive mode by using the "-i" parameter, and it will
- guide you through the process of generating a mkinitrd commandline.
- Desktop Environments
- --------------------
- You probably will not want your encrypted volume to appear on the desktop
- of e.g. KDE or Xfce as a mountable device, so something like this should
- prevent that from occurring:
- # cat /etc/udev/rules.d/99-ignore-luksdevs-on-desktop.rules
- KERNEL=="sdx2", ENV{UDISKS_IGNORE}="1"
- ==============================================================================
- Good luck with your fresh Slackware installion on encrypted partition(s)!
- ==============================================================================
- Author:
- Eric Hameleers <alien@slackware.com> 18-sep-2012
- URLs:
- http://www.slackware.com/~alien/dokuwiki/doku.php?id=slackware:setup
- http://ftp.slackware.com/pub/slackware/slackware-current/Mozilla/5.0
- http://ftp.slackware.com/
Add Comment
Please, Sign In to add comment