User:Zulu Foxtrott/Parts/Installation/System

From Gentoo Wiki
Jump to:navigation Jump to:search


Filesystem information

About fstab

Under Linux, all partitions used by the system must be listed in /etc/fstab. This file contains the mount points of those partitions (where they are seen in the file system structure), how they should be mounted and with what special options (automatically or not, whether users can mount them or not, etc.)

The fstab file

The /etc/fstab file uses a table-like syntax. Every line consists of six fields, separated by whitespace (space(s), tabs or a mixture). Each field has its own meaning:

  1. The first field shows the block special device or remote filesystem to be mounted. Several kinds of device identifiers are available for block special device nodes, including paths to device files, filesystem labels and UUIDs, and partition labels and UUIDs.
  2. The second field shows the mount point at which the partition should be mounted.
  3. The third field shows the filesystem used by the partition.
  4. The fourth field shows the mount options used by mount when it wants to mount the partition. As every filesystem has its own mount options, users are encouraged to read the mount man page (man mount) for a full listing. Multiple mount options are comma-separated.
  5. The fifth field is used by dump to determine if the partition needs to be dumped or not. This can generally be left as 0 (zero).
  6. The sixth field is used by fsck to determine the order in which filesystems should be checked if the system wasn't shut down properly. Btrfs filesystems should have 0 here. On other filesystems the root filesystem should have 1 while the rest should have 2 (or 0 if a filesystem check isn't necessary).
The default /etc/fstab file provided by Gentoo is not a valid fstab file but instead more of a template.

In the remainder of the text, the partitions (and the respective /dev/mmcblk* block device files) outlined in the default partitioning scheme will be used. Correspondingly, the subvolumes used from this point on will be kept in line with the default Btrfs filesystem layout.

Filesystem labels and UUIDs

Both MBR (BIOS) and GPT include support for filesystem labels and filesystem UUIDs. These attributes can be defined in /etc/fstab as alternatives for the mount command to use when attempting to find and mount block devices. Filesystem labels and UUIDs are identified by the LABEL and UUID prefix and can be viewed with the blkid command:

root #blkid
If the filesystem inside a partition is wiped, then the filesystem label and the UUID values will be subsequently altered or removed.

Because of uniqueness, readers that are using an MBR-style partition table are recommended to use UUIDs over labels to define mountable volumes in /etc/fstab.

Partition labels and UUIDs

Users who have gone the GPT route have a couple more 'robust' options available to define partitions in /etc/fstab. Partition labels and partition UUIDs can be used to identify the block device's individual partition(s), regardless of what filesystem has been chosen for the partition itself. Partition labels and UUIDs are identified by the PARTLABEL and PARTUUID prefixes respectively and can be viewed nicely in the terminal by running the blkid command:

root #blkid

While not always true for partition labels, using a UUID to identify a partition in fstab provides a guarantee that the bootloader will not be confused when looking for a certain volume, even if the filesystem would be changed in the future. Using the block device files (/dev/mmcblk*) for defining the partitions in fstab is risky for systems that are restarted often and have storage media (and thus block devices) added and removed regularly.

The naming for block device files depends on a number of factors, including how and in what order the storage devices are attached to the system. They also could show up in a different order depending on which of the devices are detected by the kernel first during the early boot process. With this being stated, unless one intends to constantly fiddle with the device ordering, using default block device files is a simple and straightforward approach.

Creating the fstab file

Create the fstab file that once the installation is finished and the target system runs will be located at /etc/fstab:

root #nano -w /mnt/gentoo/etc/fstab

To successfully mount Btrfs subvolumes additionally the subvol= mount option needs to be set and given the name of the respective subvolume that is to be mounted. Otherwise the system wouldn't take the Btrfs filesystem's structure into account and instead mount the parent volume, which in turn would render all files relevant to boot the target system inaccessible under their expected paths.

Add the rules that match the previously decided partitioning scheme and, if applicable, Btrfs filesystem structure. If other partitions or drives are used, append rules for those devices too.

Below is an elaborate example of an /etc/fstab file, providing everything what is needed to properly bring up a system that is using the default partitioning scheme in combination with the default Btrfs filesystem layout:

FILE /mnt/gentoo/etc/fstabA full fstab example
/            btrfs    noatime,subvol=rootvol              0 0
   /home        btrfs    noatime,subvol=homevol              0 0
   /var/swap    btrfs    noatime,subvol=swapvol              0 0
/var/swap/swapfile                     none         swap     sw                                  0 0

To improve performance, most users would want to add the noatime mount option, which results in a faster system since access times aren't registered (those are not needed generally anyway). This is also recommended for solid state drive (SSD) users, who may also enable the discard mount option (ext4 and btrfs only for now) which makes the TRIM command work.

And this is what the /etc/fstab file would have to look like following the examples given in the instructions, if the main partition has been encrypted with LUKS:

FILE /mnt/gentoo/etc/fstabA full fstab example accounting for LUKS encryption
/dev/mapper/main_crypt                 /            btrfs    noatime,subvol=rootvol              0 0
/dev/mapper/main_crypt                 /home        btrfs    noatime,subvol=homevol              0 0
/dev/mapper/main_crypt                 /var/swap    btrfs    noatime,subvol=swapvol              0 0
/var/swap/swapfile                     none         swap     sw                                  0 0

Double-check the /mnt/gentoo/etc/fstab file, save and quit to continue.

Setting a hostname

One of the choices the user has to make is name his/her system. This seems to be quite easy, but lots of users are having difficulties finding the appropriate name for their Linux system. To speed things up, know that the decision is not final - it can be changed afterwards. The example below sets the target system's hostname to tux.

root #nano -w /mnt/gentoo/etc/conf.d/hostname
# Set the hostname variable to the selected host name

Setting a temporary root password

Don't set a temporary root password lightheartedly as it always carries a certain security risk should one forget to change the root password as soon as indicated adequate.

The root Linux account is an all-powerful account, so pick a strong password. The temporary root password must be changed on first login as soon as the target system successfully booted Gentoo. This will of course be mentioned later on in the instructions again, but better set up a reminder now so no oversight will happen.

To set a temporary root password the file /mnt/gentoo/etc/shadow needs to be manipulated. For basic security reasons passwords in /etc/shadow are not stored in plaintext, instead only a hash of the password is recorded.

To calculate such a hash for the password of choice the openssl passwd command from the openssl program can be used. Add the -6 option to use the relatively secure SHA512 algorithm.

First, openssl passwd will ask for the password, so type it in. While typing in the password of choice there will be no indication that any input is received, as this would allow an onlooker to record the length of the password. Press Enter when done. Second, openssl passwd will ask for verification of the password, so type it in once more (as before there will be no indication that any input is received) and again conclude with pressing Enter. Finally the hash of the password will be displayed as output:

root #openssl passwd -6
Verifying - Password:

In the example the password "gentoo" was used. It is strongly advised not to use the same.

The calculated hash now has to be placed in the /etc/shadow file.

The -6 option that produces a SHA512 password hash is only available with openssl version 1.1.1. or newer. Older versions can only produce an insecure MD5 password hash with the -1 option. While setting a temporary root password also works with an MD5 hash, it is not recommended to do so. Try updating openssl first. The command openssl version can be used to determine the version of the openssl program that is currently installed in the command line environment on the host system.

TODO: really?!

To place the calculated hash in the /etc/shadow file in a graphical environment simply use the mouse to copy the hash. In case no mouse is available use pen and paper to note the hash down. Now, open /mnt/gentoo/etc/shadow:

root #nano -w /mnt/gentoo/etc/shadow
Be careful not to replace or delete any characters within the /etc/shadow file.

Modify the line that begins with the string root by pasting the hash directly behind the first colon. With the hash that was calculated for the example password "gentoo" the resulting line would look like this:

FILE /mnt/gentoo/etc/shadowThe example root line for /etc/shadow
<span style="white-space: nowrap">root:$6$I9Q9AyTL$Z76H7wD8mT9JAyrp/vaYyFwyA5wRVN0tze8pvM.MqScC7BBm2PU7pLL0h5nSxueqUpYAlZTox4Ag2Dp5vchjJ0:14698:0:::::</span>

Init and boot configuration

Gentoo (at least when using OpenRC) uses /etc/rc.conf to configure the services, startup, and shutdown of a system. Open up /mnt/gentoo/etc/rc.conf and enjoy all the comments in the file. Review the settings and change where needed.

root #nano -w /mnt/gentoo/etc/rc.conf

Next, open /mnt/gentoo/etc/conf.d/keymaps to handle keyboard configuration. Edit it to configure and select the right keyboard.

root #nano -w /mnt/gentoo/etc/conf.d/keymaps

Take special care with the keymap variable. If the wrong keymap is selected, then weird results will come up when typing on the keyboard.

Finally, edit /mnt/gentoo/etc/conf.d/hwclock to set the clock options. Edit it according to personal preference.

root #nano -w /mnt/gentoo/etc/conf.d/hwclock

If the hardware clock is not using UTC, then it is necessary to set clock="local" in the file. Otherwise the system might show clock skew behavior.

{{Handbook:Parts/Navigator|Prev=Handbook:Zulu Foxtrott/Installation/Kernel|Next=Handbook:Zulu Foxtrott/Installation/Tools}}