Vmware Installation of Gentoo Linux from scratch on an Encrypted partition
This is a tutorial on how to install Gentoo Linux from scratch on an encrypted partition of a virtual machine using VMWare. This tutorial assumes that everyone has VMware already installed and proceeds from there.
Part One: Installing the command-line OS
Download the minimal installation CD image (x86_64 / x86 depending on your machine architecture) from the Gentoo website onto your local machine.
https://www.gentoo.org/downloads/=> http://distfiles.gentoo.org/releases/amd64/autobuilds/20191002T214502Z/install-amd64-minimal-20191002T214502Z.iso
Launch Vmware and create a new virtual machine, then boot the live image on the virtual machine
Preparing the partitions: Start by partitioning the HDD into three different partitions. The boot partition, the swap partition and the root/installation partition that would be encrypted.
we need to partition this hdd using fdisk:
# fdisk /dev/sda
We will create 3 primary partitions:
/dev/sda1 => /boot => 128mb => bootable, will contain the grub boot manager, kernel, decryption software (cryptsetup)
/dev/sda2 => swap (2gb)
/dev/sda3 => / => encrypted
Using fdisk:
fdisk /dev/sda => open sda hard disk for editing
d => delete a partition
n => new partition
p => print the created partitions
t => change partition type (82 is swap and 83 is ext)
a => set a partition as bootable (active)
w => write partition table
We need to initialize the encrypted volume/patition: /dev/sda3
# cryptsetup -s 512 luksFormat /dev/sda3
Now we need to format our partitions. Ideally, the /boot partition could be
ext2 and for the / partition, we will use ext4:
/dev/sda1 => ext2 # mkfs.ext2 /dev/sda1
/dev/sda2 => swap # mkswap /dev/sda2
/dev/sda3 => ext4
Before formatting /dev/sda3, we first need to decrypt it.
# cryptsetup luksOpen /dev/sda3 root
by doing this, the decrypted partition will be accessible at /dev/mapper/root
# mkfs.ext4 /dev/mapper/rootFrom the VM, download Stage3 archive files from the Gentoo download repository. The stage3 archive contains files that are used to build the required boot folder.
Use the Links command to browse the Gentoo downloads page and download the archive. (ensure that this download is inside #/mnt/gentoo/ folder)
links https://gentoo.org/downloads/Nb: In case you have the stage3 archive files on a usb stick, follow the steps below:
1- connect the USB to the VM
2- mount the usb partition to an empty folder
=> to find the new partition of the connected usb stick
# ls /dev/sd*
# mkdir /mnt/usb
# mount /dev/sdb1 /mnt/usb
3- now copy the files:
# cp /mnt/usb/stage3* /mnt/gentoo
4- finally, dismount the partition:
# umount /mnt/usb
or
# umount /dev/sdb1To unzip the file, we can use:
# cd /mnt/gentoo
# tar xpvf stage3*.tar.xz
Chrooting (changing root), mounting boot partition, setting the timezone, download the Gentoo source files.
We need to copy the Portage configuration to the configuration folder:
# mkdir /mnt/gentoo/etc/portage/repos.conf
# cp /mnt/gentoo/usr/share/portage/config/repos.conf /mnt/gentoo/etc/portage/repos.conf/gentoo.conf
For faster download speed, you can select the closest mirror to your region:
# mirrorselect -i -o >> /mnt/gentoo/etc/portage/make.conf
Portage is the system used for downloading and installing softwares in gentoo.
We make sure that the newly installed gentoo environment has the correct DNS server config:
# cp /etc/resolv.conf /mnt/gentoo/etc/Then we prepare the environment for Chrooting:
# mount --types proc /proc /mnt/gentoo/proc
# mount --rbind /sys /mnt/gentoo/sys
# mount --make-rslave /mnt/gentoo/sys
# mount --rbind /dev /mnt/gentoo/dev
# mount --make-rslave /mnt/gentoo/dev
chrooting to the new environment:
# chroot /mnt/gentoo /bin/bash
# source /etc/profile
Once in the chroot, we can now continue with mounting the boot partition:
# mount /dev/sda1 /boot
Then updating your @world packages (all installed packages):
# emerge-webrsync
Configuring the Kernel. The purpose of this step is to select only the programs and functionalities that you need for the installation and leave every unnecessary program unchecked.
Setting the timezone: from /usr/share/zoneinfo we find our timezone to be Europe/London
# echo "Europe/London" > /etc/timezone
# emerge --config timezone-data
Setting the locales:
# nano /etc/locale.gen
en_US ISO-8859-1
en_US.UTF-8 UTF-8then, we generate them:
# locale-genand apply them:
# eselect locale listselect the en_US.utf8
# eselect locale set en_US.utf8Finally, we update the whole environment with:
# env-update && source /etc/profile
Now we download the linux sources:
# emerge gentoo-sourcesThen we change our directory and move to the linux sources folder:
# cd /usr/src/linux
Press the space bar to select any program and the arrow keys to navigate through the functionalities.
To enable a feature, you have 2 options:
<*> my module => press space bar or "y", this will make the feature built-in
<M> my modyle => press "m", this will build the feature as moduleAnd start the kernel configuration menu:
# make menuconfig
VIRTUALBOX:
If you are in installing Gentoo inside virtualbox, you may want to enable some virtualbox drivers in the kernel:
Device Drivers
[*] Virtualization drivers --->
<M> Virtual Box Guest integration support
I2C support --->
I2C Hardware Bus support --->
<M> Intel PIIX4 and compatible (ATI/AMD/Serverworks/Broadcom/SMSC)Once you save and exit the menuconfig you can compile your kernel by using:
# make && make modules && make modules_install && make installThen we need to install genkernel with the support of cryptsetup:
# nano /etc/portage/make.conf
and add cryptsetup to the USE flags so it becomes a dependency of genkernel and gets installed to decrypt /dev/sda3 at boot:
USE="cryptsetup"
Installing Initial ramdisk (initramfs), the boot loader (grub), defining how the partitions should be mounted in fstab, installing dhcp and configuring the network interface for automatic network config. Next, installing cronie for time-based job scheduling and sysklogd for system logging.
Then we generate the initramfs (this does the decryption of /dev/sda3 for us):
# emerge --autounmask-write genkernel
# dispatch-conf (press "u" to confirm the changes)
# emerge genkernel
# genkernel --luks --install initramfsFinally, unmount the boot partition and the system and dev partitions and reboot the system.
We need to setup/configure the partitions scheme in /etc/fstab:
# nano /etc/fstab
/dev/sda1 /boot ext2 defaults,noatime 0 2
/dev/sda2 none swap sw 0 0
/dev/mapper/root / ext4 noatime 0 1
We setup GRUB boot manager:
# emerge grub
Configure the grub configuration file /etc/default/grub with the encryption of /dev/sda3:
# nano /etc/default/grub
GRUB_CMDLINE_LINUX="crypt_root=/dev/sda3"
# grub-install /dev/sda
# grub-mkconfig -o /boot/grub/grub.cfg
We make sure that required files for networking are installed:
# emerge dhcpcd
The network interface name (eg. enp0s3) can be obtained using
# ifconfig
# nano /etc/conf.d/net
config_enp0s3="dhcp"
Enable automatic networking start at boot:
# cd /etc/init.d
# ln -s net.lo net.enp0s3
# rc-update add net.enp0s3 default
Set up your hostname:
# nano /etc/conf.d/hostname
hostname="gentoovm"
Edit the hosts file:
# nano /etc/hosts
127.0.0.1 localhost gentoovm
Set the keymaps settings if required:
# nano /etc/conf.d/keymaps
keymap="us"
Install cron and log managers:
# emerge cronie sysklogd
Add them to boot list:
# rc-update add cronie default
# rc-update add sysklogd default
Finally, we set a password for root:
# passwd rootUser creation:
# useradd -m -G users,wheel,audio -s /bin/bash claude
# passwd claudeExit the chroot:
# exit
Umount all mounted devices:
# umount /mnt/gentoo/boot
# umount /mnt/gentoo/proc
# umount -R /mnt/gentoo/dev
# umount -R /mnt/gentoo/sys
# cd /
# umount /mnt/gentoo
And reboot:
# reboot
Check out part two of the installation where we will be installing a minimal windows manager called i3.
Hope you enjoyed this tutorial.