2 Installation - ivanmrva/gentoo-wiki GitHub Wiki

Stage3 Installation

  1. Create a directory for the new Gentoo installation and mount the root LVM volume to it:
    • mkdir /mnt/gentoo
    • mount /dev/mapper/vg0-root /mnt/gentoo
  2. Download and unpack stage3:

Chrooting

  1. Copy DNS info (to ensure internet is working once chrooted to /mnt/gentoo):
    • cp --dereference /etc/resolv.conf /mnt/gentoo/etc/
  2. Mount necessary file systems:
    • mount --types proc /proc /mnt/gentoo/proc
    • mount --rbind /sys /mnt/gentoo/sys
    • mount --make-rslave /mnt/gentoo/sys
    • mount --rbind /dev /mnt/gentoo/dev
    • mount --make-rslave /mnt/gentoo/dev
    • mount --bind /run /mnt/gentoo/run
    • mount --make-slave /mnt/gentoo/run
      • or as one command:
        • sudo mount --types proc /proc /mnt/gentoo/proc && sudo mount --rbind /sys /mnt/gentoo/sys && sudo mount --make-rslave /mnt/gentoo/sys && sudo mount --rbind /dev /mnt/gentoo/dev && sudo sudo mount --make-rslave /mnt/gentoo/dev && sudo mount --bind /run /mnt/gentoo/run && sudo mount --make-slave /mnt/gentoo/run
    • If your distribution (Ubuntu Live USB) has /dev/shm being a symbolic link to /run/shm/, you need to also execute:
      • test -L /dev/shm && rm /dev/shm && mkdir /dev/shm
      • mount --types tmpfs --options nosuid,nodev,noexec shm /dev/shm
      • chmod 1777 /dev/shm /run/shm
  3. Enter the new environment:
    • Change the root location: chroot /mnt/gentoo /bin/bash
    • Reload settings: source /etc/profile
    • Change primary prompt name: export PS1="(chroot) ${PS1}"
  4. Mount boot partition:
    • Create boot directory, if not exist yet: mkdir /boot
    • Check for EFI partition (it should be the fat32 filesystem, usually the first one on the disk) and mount it: mount /dev/nvme0n1p1 /boot

Configure Portage

  1. Update Gentoo ebuild repository:
    • emerge --sync
  2. Set system profile:
    • Get the profile list: eselect profile list
    • Choose the correct profile:
      • Select the latest profile version for deskop + gnome + systemd (e.g. default/linux/amd64/23.0/desktop/gnome/systemd (stable)): eselect profile set 26
  3. Set compilation flags/option in /etc/portage/make.conf (or copy them from the previous Gentoo installation):
    • COMMON_FLAGS="-march=alderlake -O2 -pipe"
      • Use this script to find out CPU architecture:
        • gcc -v -E -x c /dev/null -o /dev/null -march=native 2>&1 | grep /cc1 | grep mtune
    • CPU_FLAGS_X86="aes avx avx2 f16c fma3 mmx mmxext pclmul popcnt rdrand sha sse sse2 sse3 sse4_1 sse4_2 ssse3"
      • Use cpuid2cpuflags command to print out the CPU flags for the current architecture
      • Install it if not present with: emerge cpuid2cpuflags
    • MAKEOPTS="-j16" (enables parallel compilation)
      • Use the number of CPU threads here that can be checked with the command: nproc
      • A good choice is the smaller of: the number of threads the CPU has, or the total amount of system RAM divided by 2 GiB (so, e.g. -j16 requires at least 32 GiB RAM)
  4. Set USE flags in /etc/portage/make.conf - configure reasonable global defaults (adapt the list as you install other packages to your needs):
    • USE="-branding -qt5 wayland -X vaapi cryptsetup lvm device-mapper cacert"
    • First, check the current USE flag list coming from the selected profile with: emerge --info | grep ^USE and adapt the list to your needs with. You might want to check Gnome and Wayland documentation first.
  5. Set VIDEO_CARDS in /etc/portage/make.conf based on your graphic card (check the corresponding Wiki doc):
    • VIDEO_CARDS="intel"
    • Identify your graphic card:
      • lspci | grep -i VGA
    • New intel graphic cards require a firmware:
      • emerge sys-kernel/linux-firmware
      • A corresponding firmware binary needs to be afterwards build into a kernel binary (check the Kernel guide).
    • Enable Vaapi via global use flag and install
      • emerge media-libs/libva-intel-media-driver
    • Verify once all installed if hardware encoding/decoding is used with:
      • emerge x11-apps/igt-gpu-tools
      • intel_gpu_top
        • Video BUSY on 0% means that hardware decoding/encoding is not used.
  6. Set INPUT_DEVICES in /etc/portage/make.conf based on your graphic card (check the X wiki):
    • INPUT_DEVICES="libinput"
    • libunput is used by Intel cards and should be portage default, therefore no entry is required.
    • Verify what portage is using: portageq envvar INPUT_DEVICES
  7. Set ACCEPT_LICENSE in /etc/portage/make.conf:
    • ACCEPT_LICENSE="*" (accepting every license for every package at any version)
  8. Set ACCEPT_KEYWORDS in /etc/portage/make.conf:
    • ACCEPT_KEYWORDS="~amd64" (allowing testing packages beeing installed, not just stable)
  9. Set LINGUAS in /etc/portage/make.conf:
    • LINGUAS="" (setting to empty value, which is different than unset means only installing a default language for each package)
  10. Save/preserve portage elogs:
    • PORTAGE_ELOG_CLASSES="warn error info log qa" (logs everything)
    • PORTAGE_ELOG_SYSTEM="echo save" (show messages after emerging and save them too)
  11. Set EMERGE_DEFAULT_OPTS in /etc/portage/make.conf:
    • EMERGE_DEFAULT_OPTS="--ask --verbose --deep --with-bdeps=y --tree --jobs 16 --load-average 14.4"
      • A typical value for --jobs would be equal to the number of processor cores but not more processes than RAM/2GB
      • A rule of thumb for --load-average is to set X.Y=N*0.9 which will limit the load to 90%, thus maintaining system responsiveness, where N is the number of processor cores

Configure Kernel

  1. Install firmware:
    • emerge sys-kernel/linux-firmware
      • Required by most graphic cards incl. Intel, but can be also required for WIFI card to work, etc.
      • Firmware binaries need to be built into kernel by configuring the CONFIG_EXTRA_FIRMWARE option. Latest Intel firmware is however installed automatically and doesn't any specific firmware configuration in the kernel config file.
      • Check also https://wiki.gentoo.org/wiki/Intel
    • emerge sys-firmware/sof-firmware
      • sound driver required by Intel devices
    • emerge sys-firmware/intel-microcode
  2. Option 1: Full manual configuration and compilation:
    • Install kernel sources:
      • emerge --ask sys-kernel/gentoo-sources
    • Set /usr/src/linux symlink to the installed kernel:
      • eselect kernel list
      • eselect kernel set 1
    • Check the PC hardware and what drivers are currently in use on Ubuntu live OS:
      • emerge sys-apps/pciutils (contains lspci utility)
      • lspci -k (displays the HW with kernel drivers in use)
      • emerge usbutils (contains lsusb utility)
      • lsusb (displays more HW info to USB)
      • lsmod (displays currently loaded kernel modules)
        • TODO: check: A very easy way to manage the kernel is to first install [sys-kernel/gentoo-kernel-bin (https://packages.gentoo.org/packages/sys-kernel/gentoo-kernel-bin) and use the [sys-kernel/modprobed-db (https://packages.gentoo.org/packages/sys-kernel/modprobed-db) to collect information about what the system requires.
    • Configure kernel:
      • Copy .config file from previous system or Ubuntu live (found under /boot/ directory or use zcat /proc/config.gz):
        • cp /usr/src/linux/.config /mnt/gentoo/usr/src/linux/.config
      • Or create a new config from:
        • make deconfig (creates a default config for the given architecture, requires a lot of configuration afterwards)
        • make allmodconfig (creates a config with all modules enabled, should work always theoretically, but in practice, it probably won't)
      • Afterwards execute one of (choose as you like):
        • make olddefconfig (takes the existing config file as its and applies default values for new entries)
        • make oldconfig (takes the existing config file as its and prompts/ask for new or changed entries)
        • make localmodconfig (creates a config based on the currently loaded modules, needs an existing config file as a base, might not work perfectly)
        • make nconfig (for additional manual configuration)
    • Compile kernel and modules:
      • make && make modules_install
    • Install kernel (to /boot/):
      • emerge sys-kernel/installkernel (this is now required so that make install will create a "versioned" image under /boot during installation)
      • make install
    • Generate initrams
      • emerge genkernel
      • genkernel --luks --lvm initramfs (required parameters for an encrypted root fs)
  3. Option 2 (prefered): Gentoo disk kernel installation:
    • Customize kernel config file via custom snippets:
      • Create a file per one snippet, e.g. /etc/kernel/config.d/10-firmware.config with the following content (diff to default config of dist kernel): 
        • CONFIG_EXTRA_FIRMWARE="intel-ucode/06-9a-03"
CONFIG_EXTRA_FIRMWARE_DIR="/lib/firmware"
    • Compile and install kernel (automatically installs kernel under /boot folder including initrams):
      • emerge gentoo-kernel
    • Regenerate GRUB configuration (see steps below as well):
      • grub-mkconfig -o /boot/grub/grub.cfg

Configure FSTAB

  1. Edit etc/fstab with: 
    • UUID=8330-6874				/boot			vfat	umask=0077		0 2
UUID=501eeb58-907b-405a-91af-77f523c8d92e	none			swap	sw			0 0
UUID=4384aae9-0956-4c11-a39d-374506d3e09c	/			ext4	defaults,noatime	0 1
UUID=4eadf208-d701-489c-bf9f-74e90cba9df6	/data1			ext4	defaults,noatime	0 2
UUID=65cf6a54-d5d7-4a8d-a6eb-e63ae39a15b5	/data2			ext4	defaults,noatime	0 2
UUID=9adc7927-7432-47b6-b9cb-9a87b757784d  /data3			ext4	defaults,noatime	0 2
UUID=a8b47f07-4b28-499f-aea0-47e168920f7a	/data4			ext4	defaults,noatime	0 2
UUID=d470ac2b-8f98-4898-977e-525e56dfaff7	/data5			ext4	defaults,noatime	0 2
tmpfs	/var/tmp/portage	tmpfs	size=32G,uid=portage,gid=portage,mode=775,nosuid,noatime,nodev	0 0
      • get UUIDs with blkid

Configure Systemd

  1. Basic system configuration:
    • systemd-machine-id-setup
    • systemd-firstboot --prompt
    • systemctl preset-all
    • hostnamectl set-hostname ivmr-laptop
    • localectl set-keymap us
    • localectl set-x11-keymap us
    • localectl set-locale LANG=en_US.utf8
    • timedatectl set-timezone Europe/Zurich
  2. Enable additional needed services:
    • systemctl enable lvm2-monitor.service
    • systemctl enable sshd
    • systemctl enable systemd-timesyncd.service (time synchronization)

Note: /etc/crypttab configuration is not required.

Configure Bootloader

  1. Install grub package:
    • emerge sys-boot/grub
      • Make sure GRUB_PLATFORMS="efi-64" is enabled. If not execute: echo 'GRUB_PLATFORMS="efi-64"' >> /etc/portage/make.conf
  2. Install grub to boot partition:
    • grub-install --efi-directory=/boot
    • Do not install it to /efi partition (as recommended in Gentoo handbook). This will cause further problems, because Linux kernel is still located under /boot (part of the encrypted disk, e.g. /root partition), so Grub would need to deal first with decrypting the root partition. Moreover, Grub2 doesn't support LUKS2 + argon2id encryption yet.
  3. Update the GRUB configuration:
    • Allow booting on an encrypted LUKS + LVM drive by adding GRUB_CMDLINE_LINUX="dolvm crypt_root=UUID=208eea62-0c82-4dee-8622-72b03c0ac198 crypt_swap=UUID=... root=/dev/mapper/vg0-root init=/lib/systemd/systemd in /etc/default/grub.
      • Get partition UUIDs with blkid
  4. Generate the GRUB configuration:
    • grub-mkconfig -o /boot/grub/grub.cfg
      • This is correct, don't point to to /boot/EFI/gentoo/.

User configuration

  1. Set root user password:
    • passwd
  2. Add personal user:
    • useradd -m -G users,wheel,audio,video,usb,systemd-journal -s /bin/bash ivmr
    • passwd ivmr

Reemerge @world

  1. Optional: Recompile all packages (@world and @system) with the current portage parameters and against the new kernel configuration:
    • emerge -e --newuse @world
    • emerge --depclean

Install Gnome

  1. emerge gnome-light
  2. env-update && source /etc/profile
  3. gpasswd -a ivmr plugdev
  4. systemctl enable gdm.service