Installing Gentoo on a ThinkPad X131e

2013-11-11

I have recently acquired a Lenovo ThinkPad X131e computer with an AMD E2-1800 APU and I decided I would try out Gentoo Linux with it.

Since I want Full Disk Encryption, I’m using LUKS and LVM.

First, I wanted to wipe out everything that’s on the disk and fill it with random data:

# dd if=/dev/urandom of=/dev/sda

This wrote data on /dev/sda until it was completely filled and the output was:

625142449+0 records in
625142449+0 records out
320072933376 bytes (320 GB) copied, 85522.6 s, 3.7 MB/s

This took no less than 23.75 hours to complete!

I created partitions with parted, one for /boot, and one for LVM.

The current defaults for cryptsetup (1.6.2) differ from version 1.4.3’s, which I had to use on the Gentoo live CD, I issued this command to work around that:

cryptsetup -y --cipher aes-xts-plain64 --key-size 512 --hash sha512 --iter-time 10000 --use-random luksFormat /dev/sda2

I then opened the newly created LUKS volume and created a physical volume for LVM with pvcreate, a logical volume on it with vgcreate, and logical volumes with lvcreate. Next, I created filesystems on the newly created volumes and for the /boot/ partition with mke2fs.

The rest was mostly based on the handbook. I chrooted in my new system and installed (mostly) everything I needed.

Since I used GPT, I needed a bootloader that could handle it, I chose syslinux since I’m already familiar with it, I had to use an old version, though, and installed extlinux.

Here is my /boot/extlinux/extlinux.conf file:

DEFAULT gentoo

LABEL gentoo
  LINUX /boot/kernel-genkernel-x86_64-3.10.17-gentoo
  INITRD /boot/initramfs-genkernel-x86_64-3.10.17-gentoo
  APPEND cryptdevice=/dev/sda2:vg root=/dev/mapper/vg-root uswsusp resume=/dev/mapper/vg-swap

It won’t boot by itself, though, because I haven’t created a proper initramfs to handle my usage, and I was dropped to a shell and had to use cryptsetup and lvm to manually open /, issuing cryptsetup luksOpen /dev/sda2 vault and lvm vgchange -ay vg and then telling the bootloader my root is on /dev/vg/root, it’s dirty, but it works. Creating a proper initramfs isn’t top priority for now.

My wireless card being a Broadcom BCM43228, I needed net-wireless/broadcom-sta, I had to accept the licence for the blob, too, using a /etc/portage/package.license file with this line: net-wireless/broadcom-sta Broadcom. The module then loaded automatically and I could use the wireless card with wicd.

I had to download the BÉPO keymap file for the console and extract it to /usr/share/keymaps/i386/dvorak/, and then change the keymap field in /etc/conf.d/keymaps. Update : now that kbd includes BÉPO, the keymap files are in /usr/share/keymaps/i386/bepo/ by default.

Update (2013-11-18): with a better extlinux.conf, it works:

TIMEOUT 30
ONTIMEOUT gentoo

UI menu.c32
MENU TITLE boot
LABEL gentoo
      LINUX /boot/kernel-genkernel-x86_64-3.12.0-gentoo
      INITRD /boot/initramfs-genkernel-x86_64-3.12.0-gentoo
      APPEND crypt_root=/dev/sda2 root=/dev/mapper/vg-root dolvm 

LABEL gentoo-old
      LINUX /boot/kernel-genkernel-x86_64-3.10.17-gentoo
      INITRD /boot/initramfs-genkernel-x86_64-3.10.17-gentoo
      APPEND crypt_root=/dev/sda2 root=/dev/mapper/vg-root dolvm

It prompts for the passphrase then boots successfully. genkernel was able to generate the appropriate initramfs with the --lvm and --luks switches.