S.M.A.R.T. - Worth using? BIOS and/or OS
Having had 4 IBM 60GXP drives fail in 18 months (luckily they were all part of mirrored RAID setups), I now keep a closer eye on my drives.
I've got S.M.A.R.T. enabled in BIOS but so far it's not told me a thing. I assume it will just give me a message if and when a drive is on the brink of total failure? Anyone know for sure how this works? I guess there's no point in disabling it anyway, apart from maybe minimally faster boot times?
I've also been looking at a couple of XP utilities which give all the S.M.A.R.T. information - Active SMART (http://www.ariolic.com/activesmart/) and DiskCheckup (http://www.passmark.com/products/diskcheckup.htm). Active SMART costs £15 and will actually tell you as different values change. DiskCheckup is free but only lists the values, it doesn't seem to actually warn you if anything looks bad.
Does anyone else actually keep an eye on S.M.A.R.T.? Are there any other utilities worth trying?
By the way, I use the Promise SATA controller if I check S.M.A.R.T. - with the VIA controller I get nonsense values back, like my 74Gb Raptor being 2143Gb!!
I'm not running the IBM's anymore, the whole lot died!
I initially setup 2 PCs with 2 GXP60s each. When 2 of the 4 died I RMA'd the drives and got replacements. Now all 4 originals are dead and both of the replacements are scratch disks as they have intermittent problems.
My local server now has mirrored raid with 2 160Gb Western Digitals, and my desktop is running from a single Raptor 74Gb.
I initially installed the SMART utilities to keep an eye on drive temperatures (which incidentally range from 21 to 28C sitting behind the fans in Lian Li cases). I've just left it running on the desktop to give me a bit of prior warning if the drive is degrading now it's not mirrored.
Why do you say "it slows things down too much"? The BIOS check at startup isn't noticeable, and Active SMART has a 250K footprint and by default only monitors the drives once an hour.
Similar Messages
-
Great DOT improvement using Bios 3.6 for 865PE Neo-2 P series
Great DOT improvement of Bios 3.6O for 865PE Neo-2 P series.
Thanks to NovJoe and everybody in the following thread (especially iliveonhope)
https://forum-en.msi.com/index.php?sid=&postid=277300#post277300
The DOT is kind like straight forward approach by reaching the preset DOT on the bios after booting and during aplication for less then 2 second, the old bios is gradually increasing almost 1 minute or more.
Also the FSB reading on CC is function well not randomly change as on the last Bios.
The Autooverclocking value using CC if not change by default is always shown the maximum FSB.
The weaknesess is still the default value using 'save' on CC that not performing well (its better to have user define FSB value) and also the DOT range could be much higher then the Commander so I can set certain FSB value to max FSB value. (Waiting for the next improvement from the MSI Software Team).
It will work fine for anybody who use FSB:DRAM Feq. = 1:1 using DDR greater then 400
Interesting thing about this DOT method is it always back on the lowest FSB during stand-by, for me its great hardware saving (It will be great if the FSB stays on the user define setting).
Regarding the CPU temperatue is a little bit lower compared with the 865PE Neo-2 S series using the same Heat sink type.
Its worth to try except it cannot reach the maximum OCing due to the DOT rank limitation.
M/B 865 PE Neo-2 PFS Platinum Edition Bios Ver.3.6
CPU:P4 2.4C (HT enable) and ThermalTake SubZero 4G
(Commander,Turbo,2434 mHz - 2760 mHz)
Memory: Corsair XMS 3500 2x512 meg (dual-channel dimm 2 and 4) 2-3-2-5
VGA:ELSA Gladiac 925 Ti4600
HD:2 SATA Maxtor 80gig and 1 ATA Maxtor 80Gig
CD/RW Yamaha and Pioneer DVD
PSU:ThermalTake Silent PurePower 480W (W0010/Black)
+5 V/40 A, +3.3 V/30 A, +12 V/18 A, -5 V/0.3 A, -12 V/0.8 A, +5 VSB/2 A Peak Load 550 W
Window XP SP1
NEC FP2141SB
Microsoft DesktopPro
Sound Blaster Audigy 2 Platinum + Klipsch Promedia 4.1clausman,
What bios version do you used ? is already version 3.6
If you are using Bios 3.60 try to run PC mark 2002 or other benching software (if you have it), you will note that when the benchmark starting the FSB will raise and then after you stop it in the middle or end the FSB will go back to the lowest FSB (Do it by showing the CC beside the PC mark.
Please let me know.
M/B 865 PE Neo-2 PFS Platinum Edition Bios Ver.3.6
CPU:P4 2.4C (HT enable) and ThermalTake SubZero 4G
(Commander,Turbo,2434 mHz - 2760 mHz)
Memory: Corsair XMS 3500 2x512 meg (dual-channel dimm 2 and 4) 2-3-2-5
VGA:ELSA Gladiac 925 Ti4600
HD:2 SATA Maxtor 80gig and 1 ATA Maxtor 80Gig
CD/RW Yamaha and Pioneer DVD
PSU:ThermalTake Silent PurePower 480W (W0010/Black)
+5 V/40 A, +3.3 V/30 A, +12 V/18 A, -5 V/0.3 A, -12 V/0.8 A, +5 VSB/2 A Peak Load 550 W
Window XP SP1
NEC FP2141SB
Microsoft DesktopPro
Sound Blaster Audigy 2 Platinum + Klipsch Promedia 4.1 -
SSD in Bios and can be used as storage but not as general drive
Hello I need some help and was pointed here by another MS Forum. The following is where I am at so far:
Hello,
I need some help. I have bought a SanDisk SSD and intalled it into my PC with the hope I could go from HDD to SSD but although the
BIOS appears to show that it has picked the drive up and it can be used as Storage Space, I am not able to use it as a general or main drive or migrate so it becomes the main drive.
I have Win 8.1 pro with media and a Asrock ConRoe 1333-D667 Motherboard.
Any help possible?
Geethu B replied on
May 11, 2014
Microsoft
Support Engineer
Hi Luke,
For a better understanding of the issue, when you say “main drive”, do you want Windows 8.1 to be installed on SSD drive?
You may create System Image of Windows 8.1 from HDD. Then remove HDD from the computer. Now Restore System Image to SSD and check if
it works.
To take System Image refer to the article.
How to create a system image to refresh your
Windows 8 PC
To restore files to SSD, follow these steps.
a. Open
Recovery by pressing Windows Key + C, and typing
Control Panel. In the search box, type recovery, and then click Recovery.
b. Click
Advanced recovery methods.
c. Click
Use a system image you created earlier to recover your computer, and then follow the steps.
Hope this information helps. Reply to the post with updated status of the issue to assist you further.
lukecahill replied
on May 11, 2014
Thank you,
Yes I would like Windows to run from the SSD.
The main problem I have is when I tried to clone the drive to SSD it not even registering as a drive the same if I try doing a clean
install.
It shows as an available drive to clone to if I set it as a storage device but then when you attempt it it says not enough room even
though the drive has 127gb available and the drive being cloned only has bout 105gb on it.
Geethu B replied on
May 12, 2014
Microsoft
Support Engineer
Hi Luke,
Issues related to cloning drives are supported in TechNet Forums. I would suggest you to post the query in TechNet Forums.
http://social.technet.microsoft.com/Forums/en-US/home?category=w8itpro
Hope this information helps.Hi!
If you have the possibility to do a clean installation, which I can see that you have, this is the best option.
What you need to do is to remove all drives from your computer, then connect the SSD only, enter BIOS and change the SATA Compability mode to AHCI.
Then install Windows to your drive and when completed, attach the other drives again.
I hope this helps!
Best regards
Andreas Molin
Andreas Molin | Site: www.guidestomicrosoft.com | Twitter: andreas_molin -
Using external monitor in bios and bootup on 3000 N100
Is it possible to use an external monitor in bios and bootup as my monitor has just died and is now out of warrenty? I am able to use the laptop monitor for about a second each time i open the lid before it turns off. Any help would be much appreciated.
thanks for the quick reply, however it did not work. would the monitor that im using make any difference? (its a sony multiscan g220)
-
Ok i put the wrong e-mail in when redemed my new i tunes card and it was worth 25 dollars and now its saying i cant use it. HELP
First, you're not communicating with Apple when you post in these forums. The only people who will respond are fellow users and there's nothing we can do directly with this problem.
But I can tell you that if you redeemed the card through the wrong iTunes Store ID, then sorry, but there's no way to transfer credit from one account to another. You'll have to use the iTunes Store ID under which you redeemed the card to make your purchases. You would not have been able to redeem the card through another account unless you had the password to that account, though, so you may not have actually successfully redeemed the card. Have you tried to redeem it through your "real" iTunes Store account?
Regards. -
Is it worth using select query on infotype tables
Hi Experts,
I might be posting in the wrong column, but i just need to know is it worth using a select query on Infotype tables (PAxxxx)?? or should we prefer using the function modules for data fetching?
If select is not suggested, what is the reason for that?
Rgds
PrateekHi ,
Its not said that u cant write select on PAXXXX tables . Yes of couse LDB are there to fetch the data but it depends on
the requirement when to write a select and when to consider using in LDB .
Generally when you are looking at say 8 to 10 tables of infotypes with free selection , then LDB is suggested to fetch the data .
if you are looking to fetch the data for say some tables for a restricted selection (where clause) then select is used .
If i want to write a program using select only then fetching data from infotypes tables for large no of records will lead to
more time consumption which becomes easier in LDB as they are fetched in hierarchy level based on keys .
Normally it will be a combination of LDB and select querys in the development scenario
Br,
Vijay. -
I have been using AOL for many years as my ISP but now I want to close my account and use iCloud. My challenge is I don't want to lose five years worth of emails and attachments saved in AOL personal folders. Can I can transfer the files using iCloud?
Do you receive AOL mail in the Mail app or on the website?
-
RTFEditorKit is it worth using it.
Hello.
Its been well documented that a RTFEditorkit does not save(persist) images,tables using a JTextPane.
Does anybody have a solution to this or is it worth using it at all.
Feedback appreciated.You asked for solution.
The code to save/load images below.
If you want to develop your own RTFEditorKit I'll be glad to answer questions.
regards,
Stas
protected void writeIcon(Element leaf, Writer out) throws IOException {
AttributeSet attr = leaf.getAttributes();
ImageIcon icon = (ImageIcon) StyleConstants.getIcon(attr);
int w = StyleConstants.getIcon(attr).getIconWidth();
int h = StyleConstants.getIcon(attr).getIconHeight();
if (icon != null) {
ByteArrayOutputStream os = new ByteArrayOutputStream();
* perform saving as PNG image It's MS Word approach to images. PNG
* format is used because of free licensing of PNG format.
ImageEncoder pe = ImageCodec.createImageEncoder("PNG", os, null);
BufferedImage bi = new BufferedImage(w, h, BufferedImage.TYPE_INT_RGB);
bi.getGraphics().drawImage(icon.getImage(), 0, 0, null);
pe.encode(bi);
byte[] ba = os.toByteArray();
int len = ba.length;
int i;
StringBuffer sb = new StringBuffer(len * 2);
for (i = 0; i < len; i++) {
String sByte = Integer.toHexString(ba[i] & 0xFF);
if (sByte.length() < 2) {
sb.append('0' + sByte);
} else {
sb.append(sByte);
String s = sb.toString();
out.write("{\\pict\\pngblip ");
out.write(s);
out.write("}");
protected void insertImage(String content) {
int len = content.length();
//converts to binary representation
byte[] buf = new byte[len / 2];
for (int j = 0; j < len / 2; j++) {
byte b1 = get16(content.charAt(j * 2));
byte b2 = get16(content.charAt(j * 2 + 1));
buf[j] = (byte) (b1 * 16 + b2);
//creates image from binary
Image img = Toolkit.getDefaultToolkit().createImage(buf);
ImageIcon icon = new ImageIcon();
icon.setImage(img);
if ((icon.getIconHeight() < 0) || (icon.getIconWidth() < 0)) {
return;
MutableAttributeSet attr = new DefaultBajtextAttributeSet();
StyleConstants.setIcon(attr, icon);
//inserts image in the document
document.insertString(currentOffset, " ", attr);
currentOffset++; -
Real-time Blacklist (RBL) Servers are they worth using?
Hi, are Real-time Blacklist (RBL) Servers worth using, and if so what's the best once to use?
Thanks
- CameronI agree with Joe. Using just Spamhaus is a pretty good approach. Spamhaus is reasonably conservative about blacklisting servers, so it is less likely that you will reject legitimate servers (which can happen with some more aggressive RBLs).
Also, if you are serious about this, download and carefully follow Pterobyte's "Frontline Defense for Mac OSX Server" <http://osx.topicdesk.com/content/view/38/62/>. By implementing his tutorial, you will be fine tuning your server so that it rejects about 70% - 80% of spam before it reaching your content filter. It increases the efficiency of your setup a great deal. -
OWB 10.2 Design questions - OLAP objects - worth using? too buggy?
I am designing a 2 tiered data warehouse. I have a staging schema where numerous staging tables and key mapping tables are kept and a data warehouse schema where I have relationally implemented dimensions and cubes. I want the dw layer to be made up of conformed dimensions and facts as per Kimball.
For the DW layer, my plan was to create cubes and dimensions which would be implemented as ROLAP. I would then selectively create MOLAP cubes for subsets of the data warehouse.
My first question - does this much make sense or should I avoid the logical constructs of dimensions and cubes like the plague and simply build star schemas as Oracle tables directly?
Assuming I can use cubes and dimensions - how do I control the column names for the cube foreign keys? I have one cube with several date dimension foreign keys. Using the cube editor I get nonsensical names like time_dim_key, time_dim_key1, time_dim_key2. I want these to be creation_date_fk, expiration_date_fk, etc so that they are readable. I don't see any way with the cube editor to control this.
Also, please see my other posts about errors with the role concept on dimensions.
And lastly, have any of you had success in deploying a large scale DW with OWB using dimensions and cubes?So far the verdict is TOO BUGGY. There is a documented bug in metalink:
DATA COLLECTED
===============
Deployment output
ATLAS_TIME_DIM
Create Error
ORA-06550: line 960, column 95:
PLS-00123: program too large (Diana nodes)
ISSUE CLARIFICATION
====================
Dimension deployment (with 5 or more roles) results in a PLS-00123 error.
ISSUE VERIFICATION
===================
Verified the issue by the deployment output which show the PLS-00123 error.
CAUSE DETERMINATION
====================
Defect in OWB 10g R2
CAUSE JUSTIFICATION
====================
Bug 5066108 (CWM2 CODE GEN USES A SINGLE ANONYMOUS PLSQL BLOCK)
POTENTIAL SOLUTION(S)
======================
Possible workarounds:
Reduce the number of roles associated with the dimension.
Use relational vs. multidimensional
POTENTIAL SOLUTION JUSTIFICATION(S)
====================================
Deployment is successful with fewer roles associated.
Looking at the recommended solutions it appears that I can:
1) limit the cube to very few dimensions making it useless for anything major
2) Use relational - My first interpretation of this was that I could generate the cube but use the "data objects only" deployment. No such luck. When the roles are added to the cube, the designer window locks up when the roles exceed 8 for the time dimension.
So, the "use relational" workaround seems to imply that cubes and dimensions should be avoided. Anyone have any contrary experiences?
Specifically has anyone done any of the following successfully with OWB 10.2:
1. Have you implemented a time dimension with more than 10 roles associated with it?
2. Have you implemented a cube (relationally or otherwise) with more than 5 roles of a single dimension against it?
3. Have you implemented a cube with more than 10 dimensions of any kind associated with it? -
Information: Update BIOS and Battery Firmware to ensure full charge capacity
Is your system’s BIOS and battery firmware updated to the latest level?
If not, you may not be getting the maximum capacity and run time from your battery!
Lenovo’s engineering team released updated BIOS and battery firmware in July that is applicable to customers who have ThinkPad models:
X100e, L410/L510, L412/L512, SL410/SL510, T410/T410i, T510,T510i, W510 or ThinkPad Edge, 13, 14, or 15 inch units.
Customers who use Lenovo ThinkVantage Toolbox would have received a notification and opportunity to apply this update, and Lenovo’s ThinkVantage System Update tool would also identify and apply these updates.
If you aren’t using either of these tools, and have one of the systems above, please follow this link to our support site. You can learn more there, and download and install the updates specific to your system.
Probably also worth mentioning, is an earlier tip applicable to X200t and X201t tablet users who have 8 cell extended batteries. This technical tip and related BIOS updates ensure these batteries properly charge to their full capacities, and resolves a particular symptom where the battery would stop charging at less than 50%.
Source Lenovo Blogs: Update BIOS and Battery Firmware to ensure full charge capacity
Recommendation before updating bios:
- detach all devices from you system
- undock your system, if docked
- start from a cold boot. (shutting down the system completely, wait 15 min, start up again)
- if possible, upgrade with a cd-rom drive
Edit: Recommendation added.
Follow @LenovoForums on Twitter! Try the forum search, before first posting: Forum Search Option
Please insert your type, model (not S/N) number and used OS in your posts.
I´m a volunteer here using New X1 Carbon, ThinkPad Yoga, Yoga 11s, Yoga 13, T430s,T510, X220t, IdeaCentre B540.
TIP: If your computer runs satisfactorily now, it may not be necessary to update the system.
English Community Deutsche Community Comunidad en EspañolHow old is your Mac computer? If it is 2+ year old or older you need a new battery. Right there in what you posted is says "Service Battery". That means Change the battery.
-
Upgrade BIOS and drivers have possibly corrupted drive. OS will not boot.
Model: Toshiba P505-8980
Part Number: P6PG0U-005002
OS: Windows 7 Professional 64-bit (upgraded from Home Premium)
6 gig RAM, 500gig HD
Actions:
I haven't started up my computer in a while. First I installed the critical and optional updates (3 total) from windows update, rebooted, and Toshiba Service Center popped up and said that there was the BIOS 3.10 update and the HDD/SSD Alert update. Through the Service Center I downloaded and installed the BIOS update, at the end it seemed as if there was an error. I rebooted the computer and everything seemed ok, so I downloaded the HDD/SSD update through the Service Center. Upon rebooting the drive would not boot. (Screen remained blank with a blinking cursor and HDD light was not on.) There are no accessories/USB devices/drives attached. After a reboot I checked the BIOS and it recognizes the Hard drive, I restored all settings in BIOS to default and rebooted. The computer started receiving stop errors (blue screen) and stuck in a reboot loop. I entered the BIOS, restored default settings again and rebooted, I could get to safe mode and it would receive stop errors trying to load disk.sys file. I also tried last known good configuration and that wouldn't work either. After a while the laptop was able for me to select to try and repair the disk using the repair utility. It reported that there may be partition errors (on the last step of recovery) and I selected to repartition the drive to factory default with the Toshiba repair tools. It got to about 98-99% and received errors at the end. I tried using a Windows disk to reinstall the OS, but it reported it couldn't install on any of the drive partitions because of an error in the boot configurations. After trying to repair again it doesn't report any disks or partitions. Currently after booting it reports now that there is an error that occurred while attempting to read boot configuration. File: \Boot\BCD|Status: 0xc000000f. Guessing that the boot sector got corrupted. After reading that BIOS isn't recommended to be installed while in windows, I'm wondering if using the service center messed something up.
Question 1: Any recommended actions to take now? No recovery disk available
Question 2: Is there a way to configure the service center to download a BIOS update and be able to save it instead of only being able to install it within windows and the service center?
Thanks in Advance!I was able to get into system recovery. This system recovery was different then the first one I came across. Underneath the Command Prompt option there was a selection for a Toshiba based restore. That is the one I tried that failed at 98-99% This system recovery just has the standard options. At first it showed me the original OS of Home Premium (recovered). I tried to repair the Home Premium and it still wouldn't work. "Startup could not repair the problem". On the many tries the probelms were either "Failed Installation" or "Partition Table". Then when I tried loading the OS it would blue screen and reboot repeatedly. So I loaded up Windows 7 Professional from a different CD to at least get the OS working. I tried Repairing but that didn't work with the same errors, and it also reported that there was no system image on the disk. I did a Custom (fresh) install and had all items copied to Windows.Old folder. So now I have an OS, BUT I can't activate it now even with the keys that I have from the old version because it said the key was only used for upgrade, not clean installs. So now I'm left with trying to find a way to get the original Home Premium image so I can load that and then upgrade since I have the keys I need. I tried doing repairs again, this time it showed me two Windows 7 Professional and one Windows 7 Home Premium. Again I tried repairing the Home Premium but it came back with the same errors. Now all that remains is just the fresh install of Windows 7 Professional that I installed but can't activate with the key. Anyway I can get/download a factory image from Toshiba? I only just bought the laptop shortly before Christmas.
-
X58 Platnium SLI bios and ram issues
I successfully updated the bios from v3.0 to v3.1 using the MSI HQ USB BIOS Flash Tool/Utility. Greenpower confirmed it.
Unfortunately, the QPI frequency dropped from 6.4GT to 4.8GT. Using the 3.0 bios I was able to change the QPI frequency between AUTO, 4.8GT and 6.4GT. Now using bios v3.1, I can only change between AUTO and 4.8GT.
Has anyone else experienced this?
My other problem is that my Memory is running at PC3 - 8500 (1066Mhz) instead of PC3-10666 (1333MHz)
I have 3 - 1GB sticks of RAM in triple channel mode. The specs on the ram are in the link below.
http://www.ocztechnology.com/products/memory/ocz_ddr3_pc3_10666_intel-i7_triple_channelMechsner,
I changed the base clock in the Cell Menu from 133 to 167 and my RAM speed dropped from 1066 to 1002 after I restarted. Can you explain this? -
Using slim and xfce4, something crashes on exit
I recently did a fresh install of Arch onto an older PC that I have. It's running a P4 3.06GHz, an nVidia GeForce FX 5900, and 1GB RAM. Because of the lower resources, I decided to use xfce4 and slim. I have a monitor and TV hooked up through s-video with the "seperate X screen" option. Whenever I logout of xfce (this includes, logout, reboot, shutdown), it goes to a blank black screen with a cursor at the top left and just hangs. I have slim configured to run from inittab, so it picks up after a couple seconds. However, if I run startx from console, and then logout of xfce the system just hangs and wont accept any keyboard input (including ctrl+alt+function to switch run levels). Also, if I choose to shutdown or reboot, the system will do so but the only thing I see is the blank screen until the POST. If I do a startx from console, the logout, I'm able to ssh in from my laptop, login and issue a reboot (again the screen doesn't change until the POST). Also, if I turn the "seperate x screen" option off, and just run the desktop on the monitor, it doesn't freeze. I've worked my way through a number of issues so far, but this one has me completely stumped. I'm not sure if there's something wrong with my configuration or if it's just a problem with the graphics driver. Any advice and/or help is greatly appreciated.
Here are configuration and log files:
Xorg.conf
# nvidia-settings: X configuration file generated by nvidia-settings
# nvidia-settings: version 1.0 (buildmeister@builder75) Wed Jan 27 03:03:53 PST 2010
Section "ServerLayout"
Identifier "X.org Configured"
Screen 0 "Screen0" 0 0
Screen 1 "Screen1" RightOf "Screen0"
InputDevice "Mouse0" "CorePointer"
InputDevice "Keyboard0" "CoreKeyboard"
Option "BlankTime" "0"
Option "StandbyTime" "0"
Option "SuspendTime" "0"
Option "OffTime" "0"
EndSection
Section "Files"
ModulePath "/usr/lib/xorg/modules"
FontPath "/usr/share/fonts/misc"
FontPath "/usr/share/fonts/100dpi:unscaled"
FontPath "/usr/share/fonts/75dpi:unscaled"
FontPath "/usr/share/fonts/TTF"
FontPath "/usr/share/fonts/Type1"
EndSection
Section "Module"
Load "glx"
Load "dri2"
Load "dri"
Load "dbe"
Load "record"
Load "extmod"
EndSection
Section "ServerFlags"
Option "Xinerama" "0"
EndSection
Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
EndSection
Section "InputDevice"
Identifier "Mouse0"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/input/mice"
Option "ZAxisMapping" "4 5 6 7"
EndSection
Section "Monitor"
Identifier "Monitor0"
VendorName "Unknown"
Option "DPI" "95 x 96"
ModelName "CMO CMC 17 AD"
HorizSync 30.0 - 82.0
VertRefresh 50.0 - 75.0
EndSection
Section "Monitor"
Identifier "Monitor1"
VendorName "Unknown"
ModelName "TV-0"
HorizSync 28.0 - 33.0
VertRefresh 43.0 - 72.0
EndSection
Section "Device"
Identifier "Card0"
Driver "nvidia"
VendorName "nVidia Corporation"
BoardName "NV35 [GeForce FX 5900]"
BusID "PCI:1:0:0"
EndSection
Section "Device"
Identifier "Videocard0"
Driver "nvidia"
VendorName "NVIDIA Corporation"
BoardName "GeForce FX 5900"
BusID "PCI:1:0:0"
Screen 0
EndSection
Section "Device"
Identifier "Videocard1"
Driver "nvidia"
VendorName "NVIDIA Corporation"
BoardName "GeForce FX 5900"
BusID "PCI:1:0:0"
Screen 1
EndSection
Section "Screen"
Identifier "Screen0"
Device "Videocard0"
Monitor "Monitor0"
DefaultDepth 24
Option "TwinView" "0"
Option "TwinViewXineramaInfoOrder" "CRT-0"
Option "metamodes" "CRT: nvidia-auto-select +0+0"
SubSection "Display"
Depth 24
EndSubSection
EndSection
Section "Screen"
Identifier "Screen1"
Device "Videocard1"
Monitor "Monitor1"
DefaultDepth 24
Option "TwinView" "0"
Option "metamodes" "TV: nvidia-auto-select +0+0"
SubSection "Display"
Depth 24
EndSubSection
EndSection
slim.conf
# Path, X server and arguments (if needed)
# Note: -xauth $authfile is automatically appended
default_path ./:/bin:/usr/bin:/usr/local/bin
default_xserver /usr/bin/X
xserver_arguments -nolisten tcp vt07
# Commands for halt, login, etc.
halt_cmd /sbin/shutdown -h now
reboot_cmd /sbin/shutdown -r now
console_cmd /usr/bin/xterm -C -fg white -bg black +sb -T "Console login" -e /bin/sh -c "/bin/cat /etc/issue; exec /bin/login"
#suspend_cmd /usr/sbin/suspend
# Full path to the xauth binary
xauth_path /usr/bin/xauth
# Xauth file for server
authfile /var/run/slim.auth
# Activate numlock when slim starts. Valid values: on|off
# numlock on
# Hide the mouse cursor (note: does not work with some WMs).
# Valid values: true|false
# hidecursor false
# This command is executed after a succesful login.
# you can place the %session and %theme variables
# to handle launching of specific commands in .xinitrc
# depending of chosen session and slim theme
# NOTE: if your system does not have bash you need
# to adjust the command according to your preferred shell,
# i.e. for freebsd use:
# login_cmd exec /bin/sh - ~/.xinitrc %session
login_cmd exec /bin/bash -login ~/.xinitrc %session
# Commands executed when starting and exiting a session.
# They can be used for registering a X11 session with
# sessreg. You can use the %user variable
sessionstart_cmd /usr/bin/sessreg -a -l $DISPLAY %user
sessionstop_cmd /usr/bin/sessreg -d -l $DISPLAY %user
# Start in daemon mode. Valid values: yes | no
# Note that this can be overriden by the command line
# options "-d" and "-nodaemon"
# daemon yes
# Available sessions (first one is the default).
# The current chosen session name is replaced in the login_cmd
# above, so your login command can handle different sessions.
# see the xinitrc.sample file shipped with slim sources
sessions xfce4,icewm,wmaker,blackbox
# Executed when pressing F11 (requires imagemagick)
screenshot_cmd import -window root /slim.png
# welcome message. Available variables: %host, %domain
welcome_msg Welcome to %host
# Session message. Prepended to the session name when pressing F1
# session_msg Session:
# shutdown / reboot messages
shutdown_msg The system is halting...
reboot_msg The system is rebooting...
# default user, leave blank or remove this line
# for avoid pre-loading the username.
default_user desktopuser
# Focus the password field on start when default_user is set
# Set to "yes" to enable this feature
focus_password yes
# Automatically login the default user (without entering
# the password. Set to "yes" to enable this feature
auto_login yes
# current theme, use comma separated list to specify a set to
# randomly choose from
current_theme default
# Lock file
lockfile /var/lock/slim.lock
# Log file
logfile /var/log/slim.log
slim.log isolated reboot
/usr/bin/xauth: creating new authority file /var/run/slim.auth
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 14:07:00 2010
(==) Using config file: "/etc/X11/xorg.conf"
/usr/bin/xauth: creating new authority file /home/desktopuser/.Xauthority
/usr/bin/startxfce4: X server already running on display :0.0
/tmp/xrdb_dysqQd:1: error: Unknown #directive "Those"
# Those are fallback settings, use the ui plugin to change it
/tmp/xrdb_dysqQd:2: error: Unknown #directive "or"
# or add your overrides to ~/.Xresources
/tmp/xrdb_dysqQd:3: error: Unknown #directive "Xft"
# Xft.hintstyle: hintnone/hintslight/hintmedium/hintfull
/tmp/xrdb_dysqQd:4: error: Unknown #directive "Xft"
# Xft hinting: 1/0
4 errors in preprocessor.
xrdb: "Xft.hinting" on line 9 overrides entry on line 6
xrdb: "Xft.hintstyle" on line 11 overrides entry on line 7
/tmp/xrdb_dysqQd:1: error: Unknown #directive "Those"
# Those are fallback settings, use the ui plugin to change it
/tmp/xrdb_dysqQd:2: error: Unknown #directive "or"
# or add your overrides to ~/.Xresources
/tmp/xrdb_dysqQd:3: error: Unknown #directive "Xft"
# Xft.hintstyle: hintnone/hintslight/hintmedium/hintfull
/tmp/xrdb_dysqQd:4: error: Unknown #directive "Xft"
# Xft hinting: 1/0
4 errors in preprocessor.
xrdb: "Xft.hinting" on line 9 overrides entry on line 6
xrdb: "Xft.hintstyle" on line 11 overrides entry on line 7
Agent pid 1617
xfdesktop[1637]: starting up
(xfce4-settings-helper:1639): GLib-GObject-CRITICAL **: g_param_spec_flags: assertion `G_TYPE_IS_FLAGS (flags_type)' failed
(xfce4-settings-helper:1639): GLib-GObject-CRITICAL **: g_object_class_install_property: assertion `G_IS_PARAM_SPEC (pspec)' failed
slim.log isolated logout
slim: waiting for X server to shut down..........
slim: X server slow to shut down, sending KILL signal.
slim: waiting for server to die
/usr/bin/xauth: creating new authority file /var/run/slim.auth
slim: waiting for X server to begin accepting connections
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 14:01:03 2010
(==) Using config file: "/etc/X11/xorg.conf"
Xorg.0.log
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 18:39:41 2010
(==) Using config file: "/etc/X11/xorg.conf"
(==) ServerLayout "X.org Configured"
(**) |-->Screen "Screen0" (0)
(**) | |-->Monitor "Monitor0"
(**) | |-->Device "Videocard0"
(**) |-->Screen "Screen1" (1)
(**) | |-->Monitor "Monitor1"
(**) | |-->Device "Videocard1"
(**) |-->Input Device "Mouse0"
(**) |-->Input Device "Keyboard0"
(**) Option "BlankTime" "0"
(**) Option "StandbyTime" "0"
(**) Option "SuspendTime" "0"
(**) Option "OffTime" "0"
(**) Option "Xinerama" "0"
(==) Automatically adding devices
(==) Automatically enabling devices
(**) FontPath set to:
/usr/share/fonts/misc,
/usr/share/fonts/100dpi:unscaled,
/usr/share/fonts/75dpi:unscaled,
/usr/share/fonts/TTF,
/usr/share/fonts/Type1,
/usr/share/fonts/misc,
/usr/share/fonts/100dpi:unscaled,
/usr/share/fonts/75dpi:unscaled,
/usr/share/fonts/TTF,
/usr/share/fonts/Type1
(**) ModulePath set to "/usr/lib/xorg/modules"
(WW) AllowEmptyInput is on, devices using drivers 'kbd', 'mouse' or 'vmmouse' will be disabled.
(WW) Disabling Mouse0
(WW) Disabling Keyboard0
(II) Loader magic: 0x81e4c40
(II) Module ABI versions:
X.Org ANSI C Emulation: 0.4
X.Org Video Driver: 6.0
X.Org XInput driver : 7.0
X.Org Server Extension : 2.0
(++) using VT number 7
(--) PCI:*(0:1:0:0) 10de:0331:0000:0000 nVidia Corporation NV35 [GeForce FX 5900] rev 161, Mem @ 0xfd000000/16777216, 0xe0000000/134217728, BIOS @ 0x????????/131072
(--) PCI: (0:2:10:0) 4444:0016:0070:b7f3 Internext Compression Inc iTVC16 (CX23416) MPEG-2 Encoder rev 1, Mem @ 0xf0000000/67108864
(WW) Open ACPI failed (/var/run/acpid.socket) (No such file or directory)
(II) "extmod" will be loaded. This was enabled by default and also specified in the config file.
(II) "dbe" will be loaded. This was enabled by default and also specified in the config file.
(II) "glx" will be loaded. This was enabled by default and also specified in the config file.
(II) "record" will be loaded. This was enabled by default and also specified in the config file.
(II) "dri" will be loaded. This was enabled by default and also specified in the config file.
(II) "dri2" will be loaded. This was enabled by default and also specified in the config file.
(II) LoadModule: "glx"
(II) Loading /usr/lib/xorg/modules/extensions/libglx.so
(II) Module glx: vendor="NVIDIA Corporation"
compiled for 4.0.2, module version = 1.0.0
Module class: X.Org Server Extension
(II) NVIDIA GLX Module 173.14.25 Wed Jan 27 02:59:37 PST 2010
(II) Loading extension GLX
(II) LoadModule: "dri2"
(II) Loading /usr/lib/xorg/modules/extensions/libdri2.so
(II) Module dri2: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.1.0
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension DRI2
(II) LoadModule: "dri"
(II) Loading /usr/lib/xorg/modules/extensions/libdri.so
(II) Module dri: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension XFree86-DRI
(II) LoadModule: "dbe"
(II) Loading /usr/lib/xorg/modules/extensions/libdbe.so
(II) Module dbe: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension DOUBLE-BUFFER
(II) LoadModule: "record"
(II) Loading /usr/lib/xorg/modules/extensions/librecord.so
(II) Module record: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.13.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension RECORD
(II) LoadModule: "extmod"
(II) Loading /usr/lib/xorg/modules/extensions/libextmod.so
(II) Module extmod: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension MIT-SCREEN-SAVER
(II) Loading extension XFree86-VidModeExtension
(II) Loading extension XFree86-DGA
(II) Loading extension DPMS
(II) Loading extension XVideo
(II) Loading extension XVideo-MotionCompensation
(II) Loading extension X-Resource
(II) LoadModule: "nvidia"
(II) Loading /usr/lib/xorg/modules/drivers/nvidia_drv.so
(II) Module nvidia: vendor="NVIDIA Corporation"
compiled for 4.0.2, module version = 1.0.0
Module class: X.Org Video Driver
(II) NVIDIA dlloader X Driver 173.14.25 Wed Jan 27 02:34:38 PST 2010
(II) NVIDIA Unified Driver for all Supported NVIDIA GPUs
(II) Primary Device is: PCI 01@00:00:0
(II) Loading sub module "fb"
(II) LoadModule: "fb"
(II) Loading /usr/lib/xorg/modules/libfb.so
(II) Module fb: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org ANSI C Emulation, version 0.4
(II) Loading sub module "wfb"
(II) LoadModule: "wfb"
(II) Loading /usr/lib/xorg/modules/libwfb.so
(II) Module wfb: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org ANSI C Emulation, version 0.4
(II) Loading sub module "ramdac"
(II) LoadModule: "ramdac"
(II) Module "ramdac" already built-in
(**) NVIDIA(0): Depth 24, (--) framebuffer bpp 32
(==) NVIDIA(0): RGB weight 888
(==) NVIDIA(0): Default visual is TrueColor
(==) NVIDIA(0): Using gamma correction (1.0, 1.0, 1.0)
(**) NVIDIA(0): Option "TwinView" "0"
(**) NVIDIA(0): Option "MetaModes" "CRT: nvidia-auto-select +0+0"
(**) NVIDIA(0): Option "TwinViewXineramaInfoOrder" "CRT-0"
(**) NVIDIA(0): Option "DPI" "95 x 96"
(**) NVIDIA(0): Enabling RENDER acceleration
(II) NVIDIA(0): Support for GLX with the Damage and Composite X extensions is
(II) NVIDIA(0): enabled.
(II) NVIDIA(0): NVIDIA GPU GeForce FX 5900 (NV35) at PCI:1:0:0 (GPU-0)
(--) NVIDIA(0): Memory: 131072 kBytes
(--) NVIDIA(0): VideoBIOS: 04.35.20.18.04
(II) NVIDIA(0): Detected AGP rate: 8X
(--) NVIDIA(0): Interlaced video modes are supported on this GPU
(--) NVIDIA(0): Connected display device(s) on GeForce FX 5900 at PCI:1:0:0:
(--) NVIDIA(0): CMO CMC 17" AD (CRT-0)
(--) NVIDIA(0): NVIDIA TV Encoder (TV-0)
(--) NVIDIA(0): CMO CMC 17" AD (CRT-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(0): NVIDIA TV Encoder (TV-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(0): TV encoder: NVIDIA
(II) NVIDIA(0): Display Device found referenced in MetaMode: CRT-0
(II) NVIDIA(0): Assigned Display Device: CRT-0
(II) NVIDIA(0): Validated modes:
(II) NVIDIA(0): "CRT:nvidia-auto-select+0+0"
(II) NVIDIA(0): Virtual screen size determined to be 1280 x 1024
(**) NVIDIA(0): DPI set to (95, 96); computed from "DPI" X config option
(==) NVIDIA(0): Enabling 32-bit ARGB GLX visuals.
(**) NVIDIA(1): Depth 24, (--) framebuffer bpp 32
(==) NVIDIA(1): RGB weight 888
(==) NVIDIA(1): Default visual is TrueColor
(==) NVIDIA(1): Using gamma correction (1.0, 1.0, 1.0)
(**) NVIDIA(1): Option "TwinView" "0"
(**) NVIDIA(1): Option "MetaModes" "TV: nvidia-auto-select +0+0"
(**) NVIDIA(1): Enabling RENDER acceleration
(II) NVIDIA(1): NVIDIA GPU GeForce FX 5900 (NV35) at PCI:1:0:0 (GPU-0)
(--) NVIDIA(1): Memory: 131072 kBytes
(--) NVIDIA(1): VideoBIOS: 04.35.20.18.04
(II) NVIDIA(1): Detected AGP rate: 8X
(--) NVIDIA(1): Interlaced video modes are supported on this GPU
(--) NVIDIA(1): Connected display device(s) on GeForce FX 5900 at PCI:1:0:0:
(--) NVIDIA(1): CMO CMC 17" AD (CRT-0)
(--) NVIDIA(1): NVIDIA TV Encoder (TV-0)
(--) NVIDIA(1): CMO CMC 17" AD (CRT-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(1): NVIDIA TV Encoder (TV-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(1): TV encoder: NVIDIA
(II) NVIDIA(1): Display Device found referenced in MetaMode: TV-0
(II) NVIDIA(1): Assigned Display Device: TV-0
(II) NVIDIA(1): Validated modes:
(II) NVIDIA(1): "TV:nvidia-auto-select+0+0"
(II) NVIDIA(1): Virtual screen size determined to be 1024 x 768
(==) NVIDIA(1): DPI set to (75, 75); computed from built-in default
(==) NVIDIA(1): Enabling 32-bit ARGB GLX visuals.
(--) Depth 24 pixmap format is 32 bpp
(II) NVIDIA(0): Initialized AGP GART.
(II) NVIDIA(0): Unable to connect to the ACPI daemon; the ACPI daemon may not
(II) NVIDIA(0): be running or the "AcpidSocketPath" X configuration option
(II) NVIDIA(0): may not be set correctly. When the ACPI daemon is
(II) NVIDIA(0): available, the NVIDIA X driver can use it to receive ACPI
(II) NVIDIA(0): events. For details, please see the "ConnectToAcpid" and
(II) NVIDIA(0): "AcpidSocketPath" X configuration options in Appendix B: X
(II) NVIDIA(0): Config Options in the README.
(II) NVIDIA(0): Setting mode "CRT:nvidia-auto-select+0+0"
(II) Loading extension NV-GLX
(II) NVIDIA(0): NVIDIA 3D Acceleration Architecture Initialized
(II) NVIDIA(0): Using the NVIDIA 2D acceleration architecture
(==) NVIDIA(0): Backing store disabled
(==) NVIDIA(0): Silken mouse enabled
(==) NVIDIA(0): DPMS enabled
(II) Loading extension NV-CONTROL
(==) RandR enabled
(II) NVIDIA(1): Initialized AGP GART.
(II) NVIDIA(1): Unable to connect to the ACPI daemon; the ACPI daemon may not
(II) NVIDIA(1): be running or the "AcpidSocketPath" X configuration option
(II) NVIDIA(1): may not be set correctly. When the ACPI daemon is
(II) NVIDIA(1): available, the NVIDIA X driver can use it to receive ACPI
(II) NVIDIA(1): events. For details, please see the "ConnectToAcpid" and
(II) NVIDIA(1): "AcpidSocketPath" X configuration options in Appendix B: X
(II) NVIDIA(1): Config Options in the README.
(II) NVIDIA(1): Setting mode "TV:nvidia-auto-select+0+0"
(II) NVIDIA(1): NVIDIA 3D Acceleration Architecture Initialized
(II) NVIDIA(1): Using the NVIDIA 2D acceleration architecture
(==) NVIDIA(1): Backing store disabled
(==) NVIDIA(1): Silken mouse enabled
(==) NVIDIA(1): DPMS enabled
(==) RandR enabled
(II) Initializing built-in extension Generic Event Extension
(II) Initializing built-in extension SHAPE
(II) Initializing built-in extension MIT-SHM
(II) Initializing built-in extension XInputExtension
(II) Initializing built-in extension XTEST
(II) Initializing built-in extension BIG-REQUESTS
(II) Initializing built-in extension SYNC
(II) Initializing built-in extension XKEYBOARD
(II) Initializing built-in extension XC-MISC
(II) Initializing built-in extension SECURITY
(II) Initializing built-in extension XINERAMA
(II) Initializing built-in extension XFIXES
(II) Initializing built-in extension RENDER
(II) Initializing built-in extension RANDR
(II) Initializing built-in extension COMPOSITE
(II) Initializing built-in extension DAMAGE
(II) Initializing extension GLX
(II) config/hal: Adding input device Macintosh mouse button emulation
(II) LoadModule: "evdev"
(II) Loading /usr/lib/xorg/modules/input/evdev_drv.so
(II) Module evdev: vendor="X.Org Foundation"
compiled for 1.7.3, module version = 2.3.2
Module class: X.Org XInput Driver
ABI class: X.Org XInput driver, version 7.0
(**) Macintosh mouse button emulation: always reports core events
(**) Macintosh mouse button emulation: Device: "/dev/input/event0"
(II) Macintosh mouse button emulation: Found 3 mouse buttons
(II) Macintosh mouse button emulation: Found relative axes
(II) Macintosh mouse button emulation: Found x and y relative axes
(II) Macintosh mouse button emulation: Configuring as mouse
(**) Macintosh mouse button emulation: YAxisMapping: buttons 4 and 5
(**) Macintosh mouse button emulation: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200
(II) XINPUT: Adding extended input device "Macintosh mouse button emulation" (type: MOUSE)
(**) Macintosh mouse button emulation: (accel) keeping acceleration scheme 1
(**) Macintosh mouse button emulation: (accel) acceleration profile 0
(II) Macintosh mouse button emulation: initialized for relative axes.
(II) config/hal: Adding input device AT Translated Set 2 keyboard
(**) AT Translated Set 2 keyboard: always reports core events
(**) AT Translated Set 2 keyboard: Device: "/dev/input/event1"
(II) AT Translated Set 2 keyboard: Found keys
(II) AT Translated Set 2 keyboard: Configuring as keyboard
(II) XINPUT: Adding extended input device "AT Translated Set 2 keyboard" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Microsoft Microsoft Wireless Optical Desktop® 1.00
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: always reports core events
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: Device: "/dev/input/event6"
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found 9 mouse buttons
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found scroll wheel(s)
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found relative axes
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found x and y relative axes
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found keys
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as mouse
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as keyboard
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: YAxisMapping: buttons 4 and 5
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200
(II) XINPUT: Adding extended input device "Microsoft Microsoft Wireless Optical Desktop® 1.00" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: (accel) keeping acceleration scheme 1
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: (accel) acceleration profile 0
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: initialized for relative axes.
(II) config/hal: Adding input device Microsoft Microsoft Wireless Optical Desktop® 1.00
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: always reports core events
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: Device: "/dev/input/event5"
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found keys
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as keyboard
(II) XINPUT: Adding extended input device "Microsoft Microsoft Wireless Optical Desktop® 1.00" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Power Button
(**) Power Button: always reports core events
(**) Power Button: Device: "/dev/input/event2"
(II) Power Button: Found keys
(II) Power Button: Configuring as keyboard
(II) XINPUT: Adding extended input device "Power Button" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Power Button
(**) Power Button: always reports core events
(**) Power Button: Device: "/dev/input/event3"
(II) Power Button: Found keys
(II) Power Button: Configuring as keyboard
(II) XINPUT: Adding extended input device "Power Button" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
errors from errors.log, this stuff just repeats
Mar 19 15:44:43 ArchDaemon kernel: ACPI: I/O resource smsc47m1 [0x680-0x6ff] conflicts with ACPI region IOPM [0x680-0x6ff]
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Unable to open firmware v4l-cx2341x-enc.fw (must be 376836 bytes)
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Did you put the firmware in the hotplug firmware directory?
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Unable to open firmware v4l-cx2341x-enc.fw (must be 376836 bytes)
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Did you put the firmware in the hotplug firmware directory?
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 3
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 0
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 1
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 2
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 2
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 0
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 3
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 1
Mar 19 18:39:22 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
Mar 19 18:39:22 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
Mar 19 18:39:30 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
errors common in auth.log
Mar 19 13:10:25 ArchDaemon sudo: desktopuser : pam_authenticate: Conversation error ; TTY=unknown ; PWD=/home/desktopuser ; USER=root ; COMMAND=/usr/lib/xfce4/xfsm-shutdown-helper
Mar 19 13:10:30 ArchDaemon dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.10" (uid=1001 pid=1567 comm="exo-mount) interface="org.freedesktop.Hal.Device.Volume" member="Mount" error name="(unset)" requested_reply=0 destination="org.freedesktop.Hal" (uid=0 pid=1336 comm="/usr/sbin/hald))I recently did a fresh install of Arch onto an older PC that I have. It's running a P4 3.06GHz, an nVidia GeForce FX 5900, and 1GB RAM. Because of the lower resources, I decided to use xfce4 and slim. I have a monitor and TV hooked up through s-video with the "seperate X screen" option. Whenever I logout of xfce (this includes, logout, reboot, shutdown), it goes to a blank black screen with a cursor at the top left and just hangs. I have slim configured to run from inittab, so it picks up after a couple seconds. However, if I run startx from console, and then logout of xfce the system just hangs and wont accept any keyboard input (including ctrl+alt+function to switch run levels). Also, if I choose to shutdown or reboot, the system will do so but the only thing I see is the blank screen until the POST. If I do a startx from console, the logout, I'm able to ssh in from my laptop, login and issue a reboot (again the screen doesn't change until the POST). Also, if I turn the "seperate x screen" option off, and just run the desktop on the monitor, it doesn't freeze. I've worked my way through a number of issues so far, but this one has me completely stumped. I'm not sure if there's something wrong with my configuration or if it's just a problem with the graphics driver. Any advice and/or help is greatly appreciated.
Here are configuration and log files:
Xorg.conf
# nvidia-settings: X configuration file generated by nvidia-settings
# nvidia-settings: version 1.0 (buildmeister@builder75) Wed Jan 27 03:03:53 PST 2010
Section "ServerLayout"
Identifier "X.org Configured"
Screen 0 "Screen0" 0 0
Screen 1 "Screen1" RightOf "Screen0"
InputDevice "Mouse0" "CorePointer"
InputDevice "Keyboard0" "CoreKeyboard"
Option "BlankTime" "0"
Option "StandbyTime" "0"
Option "SuspendTime" "0"
Option "OffTime" "0"
EndSection
Section "Files"
ModulePath "/usr/lib/xorg/modules"
FontPath "/usr/share/fonts/misc"
FontPath "/usr/share/fonts/100dpi:unscaled"
FontPath "/usr/share/fonts/75dpi:unscaled"
FontPath "/usr/share/fonts/TTF"
FontPath "/usr/share/fonts/Type1"
EndSection
Section "Module"
Load "glx"
Load "dri2"
Load "dri"
Load "dbe"
Load "record"
Load "extmod"
EndSection
Section "ServerFlags"
Option "Xinerama" "0"
EndSection
Section "InputDevice"
Identifier "Keyboard0"
Driver "kbd"
EndSection
Section "InputDevice"
Identifier "Mouse0"
Driver "mouse"
Option "Protocol" "auto"
Option "Device" "/dev/input/mice"
Option "ZAxisMapping" "4 5 6 7"
EndSection
Section "Monitor"
Identifier "Monitor0"
VendorName "Unknown"
Option "DPI" "95 x 96"
ModelName "CMO CMC 17 AD"
HorizSync 30.0 - 82.0
VertRefresh 50.0 - 75.0
EndSection
Section "Monitor"
Identifier "Monitor1"
VendorName "Unknown"
ModelName "TV-0"
HorizSync 28.0 - 33.0
VertRefresh 43.0 - 72.0
EndSection
Section "Device"
Identifier "Card0"
Driver "nvidia"
VendorName "nVidia Corporation"
BoardName "NV35 [GeForce FX 5900]"
BusID "PCI:1:0:0"
EndSection
Section "Device"
Identifier "Videocard0"
Driver "nvidia"
VendorName "NVIDIA Corporation"
BoardName "GeForce FX 5900"
BusID "PCI:1:0:0"
Screen 0
EndSection
Section "Device"
Identifier "Videocard1"
Driver "nvidia"
VendorName "NVIDIA Corporation"
BoardName "GeForce FX 5900"
BusID "PCI:1:0:0"
Screen 1
EndSection
Section "Screen"
Identifier "Screen0"
Device "Videocard0"
Monitor "Monitor0"
DefaultDepth 24
Option "TwinView" "0"
Option "TwinViewXineramaInfoOrder" "CRT-0"
Option "metamodes" "CRT: nvidia-auto-select +0+0"
SubSection "Display"
Depth 24
EndSubSection
EndSection
Section "Screen"
Identifier "Screen1"
Device "Videocard1"
Monitor "Monitor1"
DefaultDepth 24
Option "TwinView" "0"
Option "metamodes" "TV: nvidia-auto-select +0+0"
SubSection "Display"
Depth 24
EndSubSection
EndSection
slim.conf
# Path, X server and arguments (if needed)
# Note: -xauth $authfile is automatically appended
default_path ./:/bin:/usr/bin:/usr/local/bin
default_xserver /usr/bin/X
xserver_arguments -nolisten tcp vt07
# Commands for halt, login, etc.
halt_cmd /sbin/shutdown -h now
reboot_cmd /sbin/shutdown -r now
console_cmd /usr/bin/xterm -C -fg white -bg black +sb -T "Console login" -e /bin/sh -c "/bin/cat /etc/issue; exec /bin/login"
#suspend_cmd /usr/sbin/suspend
# Full path to the xauth binary
xauth_path /usr/bin/xauth
# Xauth file for server
authfile /var/run/slim.auth
# Activate numlock when slim starts. Valid values: on|off
# numlock on
# Hide the mouse cursor (note: does not work with some WMs).
# Valid values: true|false
# hidecursor false
# This command is executed after a succesful login.
# you can place the %session and %theme variables
# to handle launching of specific commands in .xinitrc
# depending of chosen session and slim theme
# NOTE: if your system does not have bash you need
# to adjust the command according to your preferred shell,
# i.e. for freebsd use:
# login_cmd exec /bin/sh - ~/.xinitrc %session
login_cmd exec /bin/bash -login ~/.xinitrc %session
# Commands executed when starting and exiting a session.
# They can be used for registering a X11 session with
# sessreg. You can use the %user variable
sessionstart_cmd /usr/bin/sessreg -a -l $DISPLAY %user
sessionstop_cmd /usr/bin/sessreg -d -l $DISPLAY %user
# Start in daemon mode. Valid values: yes | no
# Note that this can be overriden by the command line
# options "-d" and "-nodaemon"
# daemon yes
# Available sessions (first one is the default).
# The current chosen session name is replaced in the login_cmd
# above, so your login command can handle different sessions.
# see the xinitrc.sample file shipped with slim sources
sessions xfce4,icewm,wmaker,blackbox
# Executed when pressing F11 (requires imagemagick)
screenshot_cmd import -window root /slim.png
# welcome message. Available variables: %host, %domain
welcome_msg Welcome to %host
# Session message. Prepended to the session name when pressing F1
# session_msg Session:
# shutdown / reboot messages
shutdown_msg The system is halting...
reboot_msg The system is rebooting...
# default user, leave blank or remove this line
# for avoid pre-loading the username.
default_user desktopuser
# Focus the password field on start when default_user is set
# Set to "yes" to enable this feature
focus_password yes
# Automatically login the default user (without entering
# the password. Set to "yes" to enable this feature
auto_login yes
# current theme, use comma separated list to specify a set to
# randomly choose from
current_theme default
# Lock file
lockfile /var/lock/slim.lock
# Log file
logfile /var/log/slim.log
slim.log isolated reboot
/usr/bin/xauth: creating new authority file /var/run/slim.auth
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 14:07:00 2010
(==) Using config file: "/etc/X11/xorg.conf"
/usr/bin/xauth: creating new authority file /home/desktopuser/.Xauthority
/usr/bin/startxfce4: X server already running on display :0.0
/tmp/xrdb_dysqQd:1: error: Unknown #directive "Those"
# Those are fallback settings, use the ui plugin to change it
/tmp/xrdb_dysqQd:2: error: Unknown #directive "or"
# or add your overrides to ~/.Xresources
/tmp/xrdb_dysqQd:3: error: Unknown #directive "Xft"
# Xft.hintstyle: hintnone/hintslight/hintmedium/hintfull
/tmp/xrdb_dysqQd:4: error: Unknown #directive "Xft"
# Xft hinting: 1/0
4 errors in preprocessor.
xrdb: "Xft.hinting" on line 9 overrides entry on line 6
xrdb: "Xft.hintstyle" on line 11 overrides entry on line 7
/tmp/xrdb_dysqQd:1: error: Unknown #directive "Those"
# Those are fallback settings, use the ui plugin to change it
/tmp/xrdb_dysqQd:2: error: Unknown #directive "or"
# or add your overrides to ~/.Xresources
/tmp/xrdb_dysqQd:3: error: Unknown #directive "Xft"
# Xft.hintstyle: hintnone/hintslight/hintmedium/hintfull
/tmp/xrdb_dysqQd:4: error: Unknown #directive "Xft"
# Xft hinting: 1/0
4 errors in preprocessor.
xrdb: "Xft.hinting" on line 9 overrides entry on line 6
xrdb: "Xft.hintstyle" on line 11 overrides entry on line 7
Agent pid 1617
xfdesktop[1637]: starting up
(xfce4-settings-helper:1639): GLib-GObject-CRITICAL **: g_param_spec_flags: assertion `G_TYPE_IS_FLAGS (flags_type)' failed
(xfce4-settings-helper:1639): GLib-GObject-CRITICAL **: g_object_class_install_property: assertion `G_IS_PARAM_SPEC (pspec)' failed
slim.log isolated logout
slim: waiting for X server to shut down..........
slim: X server slow to shut down, sending KILL signal.
slim: waiting for server to die
/usr/bin/xauth: creating new authority file /var/run/slim.auth
slim: waiting for X server to begin accepting connections
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 14:01:03 2010
(==) Using config file: "/etc/X11/xorg.conf"
Xorg.0.log
This is a pre-release version of the X server from The X.Org Foundation.
It is not supported in any way.
Bugs may be filed in the bugzilla at http://bugs.freedesktop.org/.
Select the "xorg" product for bugs you find in this release.
Before reporting bugs in pre-release versions please check the
latest version in the X.Org Foundation git repository.
See http://wiki.x.org/wiki/GitPage for git access instructions.
X.Org X Server 1.7.5.902 (1.7.6 RC 2)
Release Date: 2010-03-12
X Protocol Version 11, Revision 0
Build Operating System: Linux 2.6.33-ARCH i686
Current Operating System: Linux ArchDaemon 2.6.32-ARCH #1 SMP PREEMPT Mon Mar 15 20:08:25 UTC 2010 i686
Kernel command line: root=/dev/disk/by-uuid/49d062ba-9f7b-4d18-98f2-87249f723889 ro 5 acpi_enforce_resources=lax vga=771
Build Date: 13 March 2010 07:33:22PM
Current version of pixman: 0.16.6
Before reporting problems, check http://wiki.x.org
to make sure that you have the latest version.
Markers: (--) probed, (**) from config file, (==) default setting,
(++) from command line, (!!) notice, (II) informational,
(WW) warning, (EE) error, (NI) not implemented, (??) unknown.
(==) Log file: "/var/log/Xorg.0.log", Time: Fri Mar 19 18:39:41 2010
(==) Using config file: "/etc/X11/xorg.conf"
(==) ServerLayout "X.org Configured"
(**) |-->Screen "Screen0" (0)
(**) | |-->Monitor "Monitor0"
(**) | |-->Device "Videocard0"
(**) |-->Screen "Screen1" (1)
(**) | |-->Monitor "Monitor1"
(**) | |-->Device "Videocard1"
(**) |-->Input Device "Mouse0"
(**) |-->Input Device "Keyboard0"
(**) Option "BlankTime" "0"
(**) Option "StandbyTime" "0"
(**) Option "SuspendTime" "0"
(**) Option "OffTime" "0"
(**) Option "Xinerama" "0"
(==) Automatically adding devices
(==) Automatically enabling devices
(**) FontPath set to:
/usr/share/fonts/misc,
/usr/share/fonts/100dpi:unscaled,
/usr/share/fonts/75dpi:unscaled,
/usr/share/fonts/TTF,
/usr/share/fonts/Type1,
/usr/share/fonts/misc,
/usr/share/fonts/100dpi:unscaled,
/usr/share/fonts/75dpi:unscaled,
/usr/share/fonts/TTF,
/usr/share/fonts/Type1
(**) ModulePath set to "/usr/lib/xorg/modules"
(WW) AllowEmptyInput is on, devices using drivers 'kbd', 'mouse' or 'vmmouse' will be disabled.
(WW) Disabling Mouse0
(WW) Disabling Keyboard0
(II) Loader magic: 0x81e4c40
(II) Module ABI versions:
X.Org ANSI C Emulation: 0.4
X.Org Video Driver: 6.0
X.Org XInput driver : 7.0
X.Org Server Extension : 2.0
(++) using VT number 7
(--) PCI:*(0:1:0:0) 10de:0331:0000:0000 nVidia Corporation NV35 [GeForce FX 5900] rev 161, Mem @ 0xfd000000/16777216, 0xe0000000/134217728, BIOS @ 0x????????/131072
(--) PCI: (0:2:10:0) 4444:0016:0070:b7f3 Internext Compression Inc iTVC16 (CX23416) MPEG-2 Encoder rev 1, Mem @ 0xf0000000/67108864
(WW) Open ACPI failed (/var/run/acpid.socket) (No such file or directory)
(II) "extmod" will be loaded. This was enabled by default and also specified in the config file.
(II) "dbe" will be loaded. This was enabled by default and also specified in the config file.
(II) "glx" will be loaded. This was enabled by default and also specified in the config file.
(II) "record" will be loaded. This was enabled by default and also specified in the config file.
(II) "dri" will be loaded. This was enabled by default and also specified in the config file.
(II) "dri2" will be loaded. This was enabled by default and also specified in the config file.
(II) LoadModule: "glx"
(II) Loading /usr/lib/xorg/modules/extensions/libglx.so
(II) Module glx: vendor="NVIDIA Corporation"
compiled for 4.0.2, module version = 1.0.0
Module class: X.Org Server Extension
(II) NVIDIA GLX Module 173.14.25 Wed Jan 27 02:59:37 PST 2010
(II) Loading extension GLX
(II) LoadModule: "dri2"
(II) Loading /usr/lib/xorg/modules/extensions/libdri2.so
(II) Module dri2: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.1.0
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension DRI2
(II) LoadModule: "dri"
(II) Loading /usr/lib/xorg/modules/extensions/libdri.so
(II) Module dri: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension XFree86-DRI
(II) LoadModule: "dbe"
(II) Loading /usr/lib/xorg/modules/extensions/libdbe.so
(II) Module dbe: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension DOUBLE-BUFFER
(II) LoadModule: "record"
(II) Loading /usr/lib/xorg/modules/extensions/librecord.so
(II) Module record: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.13.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension RECORD
(II) LoadModule: "extmod"
(II) Loading /usr/lib/xorg/modules/extensions/libextmod.so
(II) Module extmod: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
Module class: X.Org Server Extension
ABI class: X.Org Server Extension, version 2.0
(II) Loading extension MIT-SCREEN-SAVER
(II) Loading extension XFree86-VidModeExtension
(II) Loading extension XFree86-DGA
(II) Loading extension DPMS
(II) Loading extension XVideo
(II) Loading extension XVideo-MotionCompensation
(II) Loading extension X-Resource
(II) LoadModule: "nvidia"
(II) Loading /usr/lib/xorg/modules/drivers/nvidia_drv.so
(II) Module nvidia: vendor="NVIDIA Corporation"
compiled for 4.0.2, module version = 1.0.0
Module class: X.Org Video Driver
(II) NVIDIA dlloader X Driver 173.14.25 Wed Jan 27 02:34:38 PST 2010
(II) NVIDIA Unified Driver for all Supported NVIDIA GPUs
(II) Primary Device is: PCI 01@00:00:0
(II) Loading sub module "fb"
(II) LoadModule: "fb"
(II) Loading /usr/lib/xorg/modules/libfb.so
(II) Module fb: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org ANSI C Emulation, version 0.4
(II) Loading sub module "wfb"
(II) LoadModule: "wfb"
(II) Loading /usr/lib/xorg/modules/libwfb.so
(II) Module wfb: vendor="X.Org Foundation"
compiled for 1.7.5.902, module version = 1.0.0
ABI class: X.Org ANSI C Emulation, version 0.4
(II) Loading sub module "ramdac"
(II) LoadModule: "ramdac"
(II) Module "ramdac" already built-in
(**) NVIDIA(0): Depth 24, (--) framebuffer bpp 32
(==) NVIDIA(0): RGB weight 888
(==) NVIDIA(0): Default visual is TrueColor
(==) NVIDIA(0): Using gamma correction (1.0, 1.0, 1.0)
(**) NVIDIA(0): Option "TwinView" "0"
(**) NVIDIA(0): Option "MetaModes" "CRT: nvidia-auto-select +0+0"
(**) NVIDIA(0): Option "TwinViewXineramaInfoOrder" "CRT-0"
(**) NVIDIA(0): Option "DPI" "95 x 96"
(**) NVIDIA(0): Enabling RENDER acceleration
(II) NVIDIA(0): Support for GLX with the Damage and Composite X extensions is
(II) NVIDIA(0): enabled.
(II) NVIDIA(0): NVIDIA GPU GeForce FX 5900 (NV35) at PCI:1:0:0 (GPU-0)
(--) NVIDIA(0): Memory: 131072 kBytes
(--) NVIDIA(0): VideoBIOS: 04.35.20.18.04
(II) NVIDIA(0): Detected AGP rate: 8X
(--) NVIDIA(0): Interlaced video modes are supported on this GPU
(--) NVIDIA(0): Connected display device(s) on GeForce FX 5900 at PCI:1:0:0:
(--) NVIDIA(0): CMO CMC 17" AD (CRT-0)
(--) NVIDIA(0): NVIDIA TV Encoder (TV-0)
(--) NVIDIA(0): CMO CMC 17" AD (CRT-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(0): NVIDIA TV Encoder (TV-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(0): TV encoder: NVIDIA
(II) NVIDIA(0): Display Device found referenced in MetaMode: CRT-0
(II) NVIDIA(0): Assigned Display Device: CRT-0
(II) NVIDIA(0): Validated modes:
(II) NVIDIA(0): "CRT:nvidia-auto-select+0+0"
(II) NVIDIA(0): Virtual screen size determined to be 1280 x 1024
(**) NVIDIA(0): DPI set to (95, 96); computed from "DPI" X config option
(==) NVIDIA(0): Enabling 32-bit ARGB GLX visuals.
(**) NVIDIA(1): Depth 24, (--) framebuffer bpp 32
(==) NVIDIA(1): RGB weight 888
(==) NVIDIA(1): Default visual is TrueColor
(==) NVIDIA(1): Using gamma correction (1.0, 1.0, 1.0)
(**) NVIDIA(1): Option "TwinView" "0"
(**) NVIDIA(1): Option "MetaModes" "TV: nvidia-auto-select +0+0"
(**) NVIDIA(1): Enabling RENDER acceleration
(II) NVIDIA(1): NVIDIA GPU GeForce FX 5900 (NV35) at PCI:1:0:0 (GPU-0)
(--) NVIDIA(1): Memory: 131072 kBytes
(--) NVIDIA(1): VideoBIOS: 04.35.20.18.04
(II) NVIDIA(1): Detected AGP rate: 8X
(--) NVIDIA(1): Interlaced video modes are supported on this GPU
(--) NVIDIA(1): Connected display device(s) on GeForce FX 5900 at PCI:1:0:0:
(--) NVIDIA(1): CMO CMC 17" AD (CRT-0)
(--) NVIDIA(1): NVIDIA TV Encoder (TV-0)
(--) NVIDIA(1): CMO CMC 17" AD (CRT-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(1): NVIDIA TV Encoder (TV-0): 400.0 MHz maximum pixel clock
(--) NVIDIA(1): TV encoder: NVIDIA
(II) NVIDIA(1): Display Device found referenced in MetaMode: TV-0
(II) NVIDIA(1): Assigned Display Device: TV-0
(II) NVIDIA(1): Validated modes:
(II) NVIDIA(1): "TV:nvidia-auto-select+0+0"
(II) NVIDIA(1): Virtual screen size determined to be 1024 x 768
(==) NVIDIA(1): DPI set to (75, 75); computed from built-in default
(==) NVIDIA(1): Enabling 32-bit ARGB GLX visuals.
(--) Depth 24 pixmap format is 32 bpp
(II) NVIDIA(0): Initialized AGP GART.
(II) NVIDIA(0): Unable to connect to the ACPI daemon; the ACPI daemon may not
(II) NVIDIA(0): be running or the "AcpidSocketPath" X configuration option
(II) NVIDIA(0): may not be set correctly. When the ACPI daemon is
(II) NVIDIA(0): available, the NVIDIA X driver can use it to receive ACPI
(II) NVIDIA(0): events. For details, please see the "ConnectToAcpid" and
(II) NVIDIA(0): "AcpidSocketPath" X configuration options in Appendix B: X
(II) NVIDIA(0): Config Options in the README.
(II) NVIDIA(0): Setting mode "CRT:nvidia-auto-select+0+0"
(II) Loading extension NV-GLX
(II) NVIDIA(0): NVIDIA 3D Acceleration Architecture Initialized
(II) NVIDIA(0): Using the NVIDIA 2D acceleration architecture
(==) NVIDIA(0): Backing store disabled
(==) NVIDIA(0): Silken mouse enabled
(==) NVIDIA(0): DPMS enabled
(II) Loading extension NV-CONTROL
(==) RandR enabled
(II) NVIDIA(1): Initialized AGP GART.
(II) NVIDIA(1): Unable to connect to the ACPI daemon; the ACPI daemon may not
(II) NVIDIA(1): be running or the "AcpidSocketPath" X configuration option
(II) NVIDIA(1): may not be set correctly. When the ACPI daemon is
(II) NVIDIA(1): available, the NVIDIA X driver can use it to receive ACPI
(II) NVIDIA(1): events. For details, please see the "ConnectToAcpid" and
(II) NVIDIA(1): "AcpidSocketPath" X configuration options in Appendix B: X
(II) NVIDIA(1): Config Options in the README.
(II) NVIDIA(1): Setting mode "TV:nvidia-auto-select+0+0"
(II) NVIDIA(1): NVIDIA 3D Acceleration Architecture Initialized
(II) NVIDIA(1): Using the NVIDIA 2D acceleration architecture
(==) NVIDIA(1): Backing store disabled
(==) NVIDIA(1): Silken mouse enabled
(==) NVIDIA(1): DPMS enabled
(==) RandR enabled
(II) Initializing built-in extension Generic Event Extension
(II) Initializing built-in extension SHAPE
(II) Initializing built-in extension MIT-SHM
(II) Initializing built-in extension XInputExtension
(II) Initializing built-in extension XTEST
(II) Initializing built-in extension BIG-REQUESTS
(II) Initializing built-in extension SYNC
(II) Initializing built-in extension XKEYBOARD
(II) Initializing built-in extension XC-MISC
(II) Initializing built-in extension SECURITY
(II) Initializing built-in extension XINERAMA
(II) Initializing built-in extension XFIXES
(II) Initializing built-in extension RENDER
(II) Initializing built-in extension RANDR
(II) Initializing built-in extension COMPOSITE
(II) Initializing built-in extension DAMAGE
(II) Initializing extension GLX
(II) config/hal: Adding input device Macintosh mouse button emulation
(II) LoadModule: "evdev"
(II) Loading /usr/lib/xorg/modules/input/evdev_drv.so
(II) Module evdev: vendor="X.Org Foundation"
compiled for 1.7.3, module version = 2.3.2
Module class: X.Org XInput Driver
ABI class: X.Org XInput driver, version 7.0
(**) Macintosh mouse button emulation: always reports core events
(**) Macintosh mouse button emulation: Device: "/dev/input/event0"
(II) Macintosh mouse button emulation: Found 3 mouse buttons
(II) Macintosh mouse button emulation: Found relative axes
(II) Macintosh mouse button emulation: Found x and y relative axes
(II) Macintosh mouse button emulation: Configuring as mouse
(**) Macintosh mouse button emulation: YAxisMapping: buttons 4 and 5
(**) Macintosh mouse button emulation: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200
(II) XINPUT: Adding extended input device "Macintosh mouse button emulation" (type: MOUSE)
(**) Macintosh mouse button emulation: (accel) keeping acceleration scheme 1
(**) Macintosh mouse button emulation: (accel) acceleration profile 0
(II) Macintosh mouse button emulation: initialized for relative axes.
(II) config/hal: Adding input device AT Translated Set 2 keyboard
(**) AT Translated Set 2 keyboard: always reports core events
(**) AT Translated Set 2 keyboard: Device: "/dev/input/event1"
(II) AT Translated Set 2 keyboard: Found keys
(II) AT Translated Set 2 keyboard: Configuring as keyboard
(II) XINPUT: Adding extended input device "AT Translated Set 2 keyboard" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Microsoft Microsoft Wireless Optical Desktop® 1.00
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: always reports core events
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: Device: "/dev/input/event6"
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found 9 mouse buttons
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found scroll wheel(s)
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found relative axes
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found x and y relative axes
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found keys
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as mouse
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as keyboard
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: YAxisMapping: buttons 4 and 5
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: EmulateWheelButton: 4, EmulateWheelInertia: 10, EmulateWheelTimeout: 200
(II) XINPUT: Adding extended input device "Microsoft Microsoft Wireless Optical Desktop® 1.00" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: (accel) keeping acceleration scheme 1
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: (accel) acceleration profile 0
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: initialized for relative axes.
(II) config/hal: Adding input device Microsoft Microsoft Wireless Optical Desktop® 1.00
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: always reports core events
(**) Microsoft Microsoft Wireless Optical Desktop® 1.00: Device: "/dev/input/event5"
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Found keys
(II) Microsoft Microsoft Wireless Optical Desktop® 1.00: Configuring as keyboard
(II) XINPUT: Adding extended input device "Microsoft Microsoft Wireless Optical Desktop® 1.00" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Power Button
(**) Power Button: always reports core events
(**) Power Button: Device: "/dev/input/event2"
(II) Power Button: Found keys
(II) Power Button: Configuring as keyboard
(II) XINPUT: Adding extended input device "Power Button" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
(II) config/hal: Adding input device Power Button
(**) Power Button: always reports core events
(**) Power Button: Device: "/dev/input/event3"
(II) Power Button: Found keys
(II) Power Button: Configuring as keyboard
(II) XINPUT: Adding extended input device "Power Button" (type: KEYBOARD)
(**) Option "xkb_rules" "evdev"
(**) Option "xkb_model" "evdev"
(**) Option "xkb_layout" "us"
errors from errors.log, this stuff just repeats
Mar 19 15:44:43 ArchDaemon kernel: ACPI: I/O resource smsc47m1 [0x680-0x6ff] conflicts with ACPI region IOPM [0x680-0x6ff]
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Unable to open firmware v4l-cx2341x-enc.fw (must be 376836 bytes)
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Did you put the firmware in the hotplug firmware directory?
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Unable to open firmware v4l-cx2341x-enc.fw (must be 376836 bytes)
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Did you put the firmware in the hotplug firmware directory?
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 3
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 0
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 1
Mar 19 18:39:21 ArchDaemon kernel: ivtv0: Failed to initialize on minor 2
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 2
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 0
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 3
Mar 19 18:39:22 ArchDaemon kernel: ivtv0: Failed to initialize on minor 1
Mar 19 18:39:22 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
Mar 19 18:39:22 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
Mar 19 18:39:30 ArchDaemon kernel: sd 4:0:0:0: [sdb] Assuming drive cache: write through
errors common in auth.log
Mar 19 13:10:25 ArchDaemon sudo: desktopuser : pam_authenticate: Conversation error ; TTY=unknown ; PWD=/home/desktopuser ; USER=root ; COMMAND=/usr/lib/xfce4/xfsm-shutdown-helper
Mar 19 13:10:30 ArchDaemon dbus-daemon: Rejected send message, 1 matched rules; type="method_call", sender=":1.10" (uid=1001 pid=1567 comm="exo-mount) interface="org.freedesktop.Hal.Device.Volume" member="Mount" error name="(unset)" requested_reply=0 destination="org.freedesktop.Hal" (uid=0 pid=1336 comm="/usr/sbin/hald)) -
System encryption using LUKS and GPG encrypted keys for arch linux
Update: As of 2012-03-28, arch changed from gnupg 1.4 to 2.x which uses pinentry for the password dialog. The "etwo" hook described here doesn't work with gnupg 2. Either use the openssl hook below or use a statically compiled version of gnupg 1.4.
Update: As of 2012-12-19, the mkinitcpio is not called during boot, unless the "install" file for the hook contains "add_runscript". This resulted in an unbootable system for me. Also, the method name was changed from install () to build ().
Update: 2013-01-13: Updated the hook files using the corrections by Deth.
Note: This guide is a bit dated now, in particular the arch installation might be different now. But essentially, the approach stays the same. Please also take a look at the posts further down, specifically the alternative hooks that use openssl.
I always wanted to set up a fully encrypted arch linux server that uses gpg encrypted keyfiles on an external usb stick and luks for root filesystem encryption. I already did it once in gentoo using this guide. For arch, I had to play alot with initcpio hooks and after one day of experimentation, I finally got it working. I wrote a little guide for myself which I'm going to share here for anyone that might be interested. There might be better or easier ways, like I said this is just how I did it. I hope it might help someone else. Constructive feedback is always welcome
Intro
Using arch linux mkinitcpio's encrypt hook, one can easily use encrypted root partitions with LUKS. It's also possible to use key files stored on an external drive, like an usb stick. However, if someone steals your usb stick, he can just copy the key and potentially access the system. I wanted to have a little extra security by additionally encrypting the key file with gpg using a symmetric cipher and a passphrase.
Since the encrypt hook doesn't support this scenario, I created a modifed hook called “etwo” (silly name I know, it was the first thing that came to my mind). It will simply look if the key file has the extension .gpg and, if yes, use gpg to decrypt it, then pipe the result into cryptsetup.
Conventions
In this short guide, I use the following disk/partition names:
/dev/sda: is the hard disk that will contain an encrypted swap (/dev/sda1), /var (/dev/sda2) and root (/dev/sda3) partition.
/dev/sdb is the usb stick that will contain the gpg encrypted luks keys, the kernel and grub. It will have one partition /dev/sdb1 formatted with ext2.
/dev/mapper/root, /dev/mapper/swap and /dev/mapper/var will be the encrypted devices.
Credits
Thanks to the authors of SECURITY_System_Encryption_DM-Crypt_with_LUKS (gentoo wiki), System Encryption with LUKS (arch wiki), mkinitcpio (arch wiki) and Early Userspace in Arch Linux (/dev/brain0 blog)!
Guide
1. Boot the arch live cd
I had to use a newer testing version, because the 2010.05 cd came with a broken gpg. You can download one here: http://releng.archlinux.org/isos/. I chose the “core“ version. Go ahead and boot the live cd, but don't start the setup yet.
2. Set keymap
Use km to set your keymap. This is important for non-qwerty keyboards to avoid suprises with passphrases...
3. Wipe your discs
ATTENTION: this will DELETE everything on /dev/sda and /dev/sdb forever! Do not blame me for any lost data!
Before encrypting the hard disc, it has to be completely wiped and overwritten with random data. I used shred for this. Others use badblocks or dd with /dev/urandom. Either way, this will take a long time, depending on the size of your disc. I also wiped my usb stick just to be sure.
shred -v /dev/sda
shred -v /dev/sdb
4. Partitioning
Fire up fdisk and create the following partitions:
/dev/sda1, type linux swap.
/dev/sda2: type linux
/dev/sda3: type linux
/dev/sdb1, type linux
Of course you can choose a different layout, this is just how I did it. Keep in mind that only the root filesystem will be decrypted by the initcpio. The rest will be decypted during normal init boot using /etc/crypttab, the keys being somewhere on the root filesystem.
5. Format and mount the usb stick
Create an ext2 filesystem on /dev/sdb1:
mkfs.ext2 /dev/sdb1
mkdir /root/usb
mount /dev/sdb1 /root/usb
cd /root/usb # this will be our working directory for now.
Do not mount anything to /mnt, because the arch installer will use that directory later to mount the encrypted root filesystem.
6. Configure the network (if not already done automatically)
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
route add default gw 192.168.0.1
echo "nameserver 192.168.0.1" >> /etc/resolv.conf
(this is just an example, your mileage may vary)
7. Install gnupg
pacman -Sy
pacman -S gnupg
Verify that gnupg works by launching gpg.
8. Create the keys
Just to be sure, make sure swap is off:
cat /proc/swaps
should return no entries.
Create gpg encrypted keys (remember, we're still in our working dir /root/usb):
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > root.gpg
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > var.gpg
Choose a strong password!!
Don't do this in two steps, e.g don't do dd to a file and then gpg on that file. The key should never be stored in plain text on an unencrypted device, except if that device is wiped on system restart (ramfs)!
Note that the default cipher for gpg is cast5, I just chose to use a different one.
9. Create the encrypted devices with cryptsetup
Create encrypted swap:
cryptsetup -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -d /dev/urandom create swap /dev/sda1
You should see /dev/mapper/swap now. Don't format nor turn it on for now. This will be done by the arch installer.
Important: From the Cryptsetup 1.1.2 Release notes:
Cryptsetup can accept passphrase on stdin (standard input). Handling of new line (\n) character is defined by input specification:
if keyfile is specified as "-" (using --key-file=- or by positional argument in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- <action> ), input is processed
as normal binary file and no new line is interpreted.
if there is no key file specification (with default input from stdin pipe like echo passphrase | cryptsetup <action> ) input is processed as input from terminal, reading will
stop after new line is detected.
If I understand this correctly, since the randomly generated key can contain a newline early on, piping the key into cryptsetup without specifying --key-file=- could result in a big part of the key to be ignored by cryptsetup. Example: if the random key was "foo\nandsomemorebaratheendofthekey", piping it directly into cryptsetup without --key-file=- would result in cryptsetup using only "foo" as key which would have big security implications. We should therefor ALWAYS pipe the key into cryptsetup using --key-file=- which ignores newlines.
gpg -q -d root.gpg 2>/dev/null | cryptsetup -v -–key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool luksFormat /dev/sda3
gpg -q -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -v luksFormat /dev/sda2
Check for any errors.
10. Open the luks devices
gpg -d root.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda3 root
gpg -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda2 var
If you see /dev/mapper/root and /dev/mapper/var now, everything is ok.
11. Start the installer /arch/setup
Follow steps 1 to 3.
At step 4 (Prepare hard drive(s), select “3 – Manually Configure block devices, filesystems and mountpoints. Choose /dev/sdb1 (the usb stick) as /boot, /dev/mapper/swap for swap, /dev/mapper/root for / and /dev/mapper/var for /var.
Format all drives (choose “yes” when asked “do you want to have this filesystem (re)created”) EXCEPT for /dev/sdb1, choose “no”. Choose the correct filesystem for /dev/sdb1, ext2 in my case. Use swap for /dev/mapper/swap. For the rest, I chose ext4.
Select DONE to start formatting.
At step 5 (Select packages), select grub as boot loader. Select the base group. Add mkinitcpio.
Start step 6 (Install packages).
Go to step 7 (Configure System).
By sure to set the correct KEYMAP, LOCALE and TIMEZONE in /etc/rc.conf.
Edit /etc/fstab:
/dev/mapper/root / ext4 defaults 0 1
/dev/mapper/swap swap swap defaults 0 0
/dev/mapper/var /var ext4 defaults 0 1
# /dev/sdb1 /boot ext2 defaults 0 1
Configure the rest normally. When you're done, setup will launch mkinitcpio. We'll manually launch this again later.
Go to step 8 (install boot loader).
Be sure to change the kernel line in menu.lst:
kernel /vmlinuz26 root=/dev/mapper/root cryptdevice=/dev/sda3:root cryptkey=/dev/sdb1:ext2:/root.gpg
Don't forget the :root suffix in cryptdevice!
Also, my root line was set to (hd1,0). Had to change that to
root (hd0,0)
Install grub to /dev/sdb (the usb stick).
Now, we can exit the installer.
12. Install mkinitcpio with the etwo hook.
Create /mnt/lib/initcpio/hooks/etwo:
#!/usr/bin/ash
run_hook() {
/sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
if [ -e "/sys/class/misc/device-mapper" ]; then
if [ ! -e "/dev/mapper/control" ]; then
/bin/mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
fi
[ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
# Get keyfile if specified
ckeyfile="/crypto_keyfile"
usegpg="n"
if [ "x${cryptkey}" != "x" ]; then
ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
if poll_device "${ckdev}" ${rootdelay}; then
case ${ckarg1} in
*[!0-9]*)
# Use a file on the device
# ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
if [ "${ckarg2#*.}" = "gpg" ]; then
ckeyfile="${ckeyfile}.gpg"
usegpg="y"
fi
mkdir /ckey
mount -r -t ${ckarg1} ${ckdev} /ckey
dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
umount /ckey
# Read raw data from the block device
# ckarg1 is numeric: ckarg1=offset, ckarg2=length
dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
esac
fi
[ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
fi
if [ -n "${cryptdevice}" ]; then
DEPRECATED_CRYPT=0
cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
else
DEPRECATED_CRYPT=1
cryptdev="${root}"
cryptname="root"
fi
warn_deprecated() {
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
if poll_device "${cryptdev}" ${rootdelay}; then
if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
if [ "${usegpg}" = "y" ]; then
# gpg tty fixup
if [ -e /dev/tty ]; then mv /dev/tty /dev/tty.backup; fi
cp -a /dev/console /dev/tty
while [ ! -e /dev/mapper/${cryptname} ];
do
sleep 2
/usr/bin/gpg -d "${ckeyfile}" 2>/dev/null | cryptsetup --key-file=- luksOpen ${cryptdev} ${cryptname} ${CSQUIET}
dopassphrase=0
done
rm /dev/tty
if [ -e /dev/tty.backup ]; then mv /dev/tty.backup /dev/tty; fi
else
if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
fi
fi
fi
# Ask for a passphrase
if [ ${dopassphrase} -gt 0 ]; then
echo ""
echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
sleep 2;
done
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
elif [ -n "${crypto}" ]; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
msg "Non-LUKS encrypted device found..."
if [ $# -ne 5 ]; then
err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
err "Non-LUKS decryption not attempted..."
return 1
fi
exe="/sbin/cryptsetup create ${cryptname} ${cryptdev}"
tmp=$(echo "${crypto}" | cut -d: -f1)
[ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f2)
[ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f3)
[ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f4)
[ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f5)
[ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
if [ -f ${ckeyfile} ]; then
exe="${exe} --key-file ${ckeyfile}"
else
exe="${exe} --verify-passphrase"
echo ""
echo "A password is required to access the ${cryptname} volume:"
fi
eval "${exe} ${CSQUIET}"
if [ $? -ne 0 ]; then
err "Non-LUKS device decryption failed. verify format: "
err " crypto=hash:cipher:keysize:offset:skip"
exit 1
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
else
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
fi
fi
rm -f ${ckeyfile}
fi
Create /mnt/lib/initcpio/install/etwo:
#!/bin/bash
build() {
local mod
add_module dm-crypt
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
add_all_modules '/crypto/'
fi
add_dir "/dev/mapper"
add_binary "cryptsetup"
add_binary "dmsetup"
add_binary "/usr/bin/gpg"
add_file "/usr/lib/udev/rules.d/10-dm.rules"
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
add_runscript
help ()
cat<<HELPEOF
This hook allows for an encrypted root device with support for gpg encrypted key files.
To use gpg, the key file must have the extension .gpg and you have to install gpg and add /usr/bin/gpg
to your BINARIES var in /etc/mkinitcpio.conf.
HELPEOF
Edit /mnt/etc/mkinitcpio.conf (only relevant sections displayed):
MODULES=”ext2 ext4” # not sure if this is really nessecary.
BINARIES=”/usr/bin/gpg” # this could probably be done in install/etwo...
HOOKS=”base udev usbinput keymap autodetect pata scsi sata usb etwo filesystems” # (usbinput is only needed if you have an usb keyboard)
Copy the initcpio stuff over to the live cd:
cp /mnt/lib/initcpio/hooks/etwo /lib/initcpio/hooks/
cp /mnt/lib/initcpio/install/etwo /lib/initcpio/install/
cp /mnt/etc/mkinitcpio.conf /etc/
Verify your LOCALE, KEYMAP and TIMEZONE in /etc/rc.conf!
Now reinstall the initcpio:
mkinitcpio -g /mnt/boot/kernel26.img
Make sure there were no errors and that all hooks were included.
13. Decrypt the "var" key to the encrypted root
mkdir /mnt/keys
chmod 500 /mnt/keys
gpg –output /mnt/keys/var -d /mnt/boot/var.gpg
chmod 400 /mnt/keys/var
14. Setup crypttab
Edit /mnt/etc/crypttab:
swap /dev/sda1 SWAP -c aes-cbc-essiv:sha256 -s 256 -h whirlpool
var /dev/sda2 /keys/var
15. Reboot
We're done, you may reboot. Make sure you select the usb stick as the boot device in your bios and hope for the best. . If it didn't work, play with grub's settings or boot from the live cd, mount your encrypted devices and check all settings. You might also have less trouble by using uuid's instead of device names. I chose device names to keep things as simple as possible, even though it's not the optimal way to do it.
Make backups of your data and your usb stick and do not forget your password(s)! Or you can say goodbye to your data forever...
Last edited by fabriceb (2013-01-15 22:36:23)I'm trying to run my install script that is based on https://bbs.archlinux.org/viewtopic.php?id=129885
Decrypting the gpg key after grub works, but then "Devce root already exists." appears every second.
any idea ?
#!/bin/bash
# This script is designed to be run in conjunction with a UEFI boot using Archboot intall media.
# prereqs:
# EFI "BIOS" set to boot *only* from EFI
# successful EFI boot of Archboot USB
# mount /dev/sdb1 /src
set -o nounset
#set -o errexit
# Host specific configuration
# this whole script needs to be customized, particularly disk partitions
# and configuration, but this section contains global variables that
# are used during the system configuration phase for convenience
HOSTNAME=daniel
USERNAME=user
# Globals
# We don't need to set these here but they are used repeatedly throughout
# so it makes sense to reuse them and allow an easy, one-time change if we
# need to alter values such as the install target mount point.
INSTALL_TARGET="/install"
HR="--------------------------------------------------------------------------------"
PACMAN="pacman --noconfirm --config /tmp/pacman.conf"
TARGET_PACMAN="pacman --noconfirm --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
CHROOT_PACMAN="pacman --noconfirm --cachedir /var/cache/pacman/pkg --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
FILE_URL="file:///packages/core-$(uname -m)/pkg"
FTP_URL='ftp://mirrors.kernel.org/archlinux/$repo/os/$arch'
HTTP_URL='http://mirrors.kernel.org/archlinux/$repo/os/$arch'
# Functions
# I've avoided using functions in this script as they aren't required and
# I think it's more of a learning tool if you see the step-by-step
# procedures even with minor duplciations along the way, but I feel that
# these functions clarify the particular steps of setting values in config
# files.
SetValue () {
# EXAMPLE: SetValue VARIABLENAME '\"Quoted Value\"' /file/path
VALUENAME="$1" NEWVALUE="$2" FILEPATH="$3"
sed -i "s+^#\?\(${VALUENAME}\)=.*$+\1=${NEWVALUE}+" "${FILEPATH}"
CommentOutValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^\(${VALUENAME}.*\)$/#\1/" "${FILEPATH}"
UncommentValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^#\(${VALUENAME}.*\)$/\1/" "${FILEPATH}"
# Initialize
# Warn the user about impending doom, set up the network on eth0, mount
# the squashfs images (Archboot does this normally, we're just filling in
# the gaps resulting from the fact that we're doing a simple scripted
# install). We also create a temporary pacman.conf that looks for packages
# locally first before sourcing them from the network. It would be better
# to do either *all* local or *all* network but we can't for two reasons.
# 1. The Archboot installation image might have an out of date kernel
# (currently the case) which results in problems when chrooting
# into the install mount point to modprobe efivars. So we use the
# package snapshot on the Archboot media to ensure our kernel is
# the same as the one we booted with.
# 2. Ideally we'd source all local then, but some critical items,
# notably grub2-efi variants, aren't yet on the Archboot media.
# Warn
timer=9
echo -e "\n\nMAC WARNING: This script is not designed for APPLE MAC installs and will potentially misconfigure boot to your existing OS X installation. STOP NOW IF YOU ARE ON A MAC.\n\n"
echo -n "GENERAL WARNING: This procedure will completely format /dev/sda. Please cancel with ctrl-c to cancel within $timer seconds..."
while [[ $timer -gt 0 ]]
do
sleep 1
let timer-=1
echo -en "$timer seconds..."
done
echo "STARTING"
# Get Network
echo -n "Waiting for network address.."
#dhclient eth0
dhcpcd -p eth0
echo -n "Network address acquired."
# Mount packages squashfs images
umount "/packages/core-$(uname -m)"
umount "/packages/core-any"
rm -rf "/packages/core-$(uname -m)"
rm -rf "/packages/core-any"
mkdir -p "/packages/core-$(uname -m)"
mkdir -p "/packages/core-any"
modprobe -q loop
modprobe -q squashfs
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_$(uname -m).squashfs" "/packages/core-$(uname -m)"
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_any.squashfs" "/packages/core-any"
# Create temporary pacman.conf file
cat << PACMANEOF > /tmp/pacman.conf
[options]
Architecture = auto
CacheDir = ${INSTALL_TARGET}/var/cache/pacman/pkg
CacheDir = /packages/core-$(uname -m)/pkg
CacheDir = /packages/core-any/pkg
[core]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
[extra]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
#Uncomment to enable pacman -Sy yaourt
[archlinuxfr]
Server = http://repo.archlinux.fr/\$arch
PACMANEOF
# Prepare pacman
[[ ! -d "${INSTALL_TARGET}/var/cache/pacman/pkg" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/cache/pacman/pkg"
[[ ! -d "${INSTALL_TARGET}/var/lib/pacman" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/lib/pacman"
${PACMAN} -Sy
${TARGET_PACMAN} -Sy
# Install prereqs from network (not on archboot media)
echo -e "\nInstalling prereqs...\n$HR"
#sed -i "s/^#S/S/" /etc/pacman.d/mirrorlist # Uncomment all Server lines
UncommentValue S /etc/pacman.d/mirrorlist # Uncomment all Server lines
${PACMAN} --noconfirm -Sy gptfdisk btrfs-progs-unstable libusb-compat gnupg
# Configure Host
# Here we create three partitions:
# 1. efi and /boot (one partition does double duty)
# 2. swap
# 3. our encrypted root
# Note that all of these are on a GUID partition table scheme. This proves
# to be quite clean and simple since we're not doing anything with MBR
# boot partitions and the like.
echo -e "format\n"
# shred -v /dev/sda
# disk prep
sgdisk -Z /dev/sda # zap all on disk
#sgdisk -Z /dev/mmcb1k0 # zap all on sdcard
sgdisk -a 2048 -o /dev/sda # new gpt disk 2048 alignment
#sgdisk -a 2048 -o /dev/mmcb1k0
# create partitions
sgdisk -n 1:0:+200M /dev/sda # partition 1 (UEFI BOOT), default start block, 200MB
sgdisk -n 2:0:+4G /dev/sda # partition 2 (SWAP), default start block, 200MB
sgdisk -n 3:0:0 /dev/sda # partition 3, (LUKS), default start, remaining space
#sgdisk -n 1:0:1800M /dev/mmcb1k0 # root.gpg
# set partition types
sgdisk -t 1:ef00 /dev/sda
sgdisk -t 2:8200 /dev/sda
sgdisk -t 3:8300 /dev/sda
#sgdisk -t 1:0700 /dev/mmcb1k0
# label partitions
sgdisk -c 1:"UEFI Boot" /dev/sda
sgdisk -c 2:"Swap" /dev/sda
sgdisk -c 3:"LUKS" /dev/sda
#sgdisk -c 1:"Key" /dev/mmcb1k0
echo -e "create gpg file\n"
# create gpg file
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > /root/root.gpg
echo -e "format LUKS on root\n"
# format LUKS on root
gpg -q -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- -c aes-xts-plain -s 512 --hash sha512 luksFormat /dev/sda3
echo -e "open LUKS on root\n"
gpg -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- luksOpen /dev/sda3 root
# NOTE: make sure to add dm_crypt and aes_i586 to MODULES in rc.conf
# NOTE2: actually this isn't required since we're mounting an encrypted root and grub2/initramfs handles this before we even get to rc.conf
# make filesystems
# following swap related commands not used now that we're encrypting our swap partition
#mkswap /dev/sda2
#swapon /dev/sda2
#mkfs.ext4 /dev/sda3 # this is where we'd create an unencrypted root partition, but we're using luks instead
echo -e "\nCreating Filesystems...\n$HR"
# make filesystems
mkfs.ext4 /dev/mapper/root
mkfs.vfat -F32 /dev/sda1
#mkfs.vfat -F32 /dev/mmcb1k0p1
echo -e "mount targets\n"
# mount target
#mount /dev/sda3 ${INSTALL_TARGET} # this is where we'd mount the unencrypted root partition
mount /dev/mapper/root ${INSTALL_TARGET}
# mount target
mkdir ${INSTALL_TARGET}
# mkdir ${INSTALL_TARGET}/key
# mount -t vfat /dev/mmcb1k0p1 ${INSTALL_TARGET}/key
mkdir ${INSTALL_TARGET}/boot
mount -t vfat /dev/sda1 ${INSTALL_TARGET}/boot
# Install base, necessary utilities
mkdir -p ${INSTALL_TARGET}/var/lib/pacman
${TARGET_PACMAN} -Sy
${TARGET_PACMAN} -Su base
# curl could be installed later but we want it ready for rankmirrors
${TARGET_PACMAN} -S curl
${TARGET_PACMAN} -S libusb-compat gnupg
${TARGET_PACMAN} -R grub
rm -rf ${INSTALL_TARGET}/boot/grub
${TARGET_PACMAN} -S grub2-efi-x86_64
# Configure new system
SetValue HOSTNAME ${HOSTNAME} ${INSTALL_TARGET}/etc/rc.conf
sed -i "s/^\(127\.0\.0\.1.*\)$/\1 ${HOSTNAME}/" ${INSTALL_TARGET}/etc/hosts
SetValue CONSOLEFONT Lat2-Terminus16 ${INSTALL_TARGET}/etc/rc.conf
#following replaced due to netcfg
#SetValue interface eth0 ${INSTALL_TARGET}/etc/rc.conf
# write fstab
# You can use UUID's or whatever you want here, of course. This is just
# the simplest approach and as long as your drives aren't changing values
# randomly it should work fine.
cat > ${INSTALL_TARGET}/etc/fstab <<FSTAB_EOF
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
/dev/sda1 /boot vfat defaults 0 0
/dev/mapper/cryptswap none swap defaults 0 0
/dev/mapper/root / ext4 defaults,noatime 0 1
FSTAB_EOF
# write etwo
mkdir -p /lib/initcpio/hooks/
mkdir -p /lib/initcpio/install/
cp /src/etwo_hooks /lib/initcpio/hooks/etwo
cp /src/etwo_install /lib/initcpio/install/etwo
mkdir -p ${INSTALL_TARGET}/lib/initcpio/hooks/
mkdir -p ${INSTALL_TARGET}/lib/initcpio/install/
cp /src/etwo_hooks ${INSTALL_TARGET}/lib/initcpio/hooks/etwo
cp /src/etwo_install ${INSTALL_TARGET}/lib/initcpio/install/etwo
# write crypttab
# encrypted swap (random passphrase on boot)
echo cryptswap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> ${INSTALL_TARGET}/etc/crypttab
# copy configs we want to carry over to target from install environment
mv ${INSTALL_TARGET}/etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf.orig
cp /etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf
mkdir -p ${INSTALL_TARGET}/tmp
cp /tmp/pacman.conf ${INSTALL_TARGET}/tmp/pacman.conf
# mount proc, sys, dev in install root
mount -t proc proc ${INSTALL_TARGET}/proc
mount -t sysfs sys ${INSTALL_TARGET}/sys
mount -o bind /dev ${INSTALL_TARGET}/dev
echo -e "umount boot\n"
# we have to remount /boot from inside the chroot
umount ${INSTALL_TARGET}/boot
# Create install_efi script (to be run *after* chroot /install)
touch ${INSTALL_TARGET}/install_efi
chmod a+x ${INSTALL_TARGET}/install_efi
cat > ${INSTALL_TARGET}/install_efi <<EFI_EOF
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
echo -e "mount boot\n"
# remount here or grub et al gets confused
mount -t vfat /dev/sda1 /boot
# mkinitcpio
# NOTE: intel_agp drm and i915 for intel graphics
SetValue MODULES '\\"dm_mod dm_crypt aes_x86_64 ext2 ext4 vfat intel_agp drm i915\\"' /etc/mkinitcpio.conf
SetValue HOOKS '\\"base udev pata scsi sata usb usbinput keymap consolefont etwo encrypt filesystems\\"' /etc/mkinitcpio.conf
SetValue BINARIES '\\"/usr/bin/gpg\\"' /etc/mkinitcpio.conf
mkinitcpio -p linux
# kernel modules for EFI install
modprobe efivars
modprobe dm-mod
# locale-gen
UncommentValue de_AT /etc/locale.gen
locale-gen
# install and configure grub2
# did this above
#${CHROOT_PACMAN} -Sy
#${CHROOT_PACMAN} -R grub
#rm -rf /boot/grub
#${CHROOT_PACMAN} -S grub2-efi-x86_64
# you can be surprisingly sloppy with the root value you give grub2 as a kernel option and
# even omit the cryptdevice altogether, though it will wag a finger at you for using
# a deprecated syntax, so we're using the correct form here
# NOTE: take out i915.modeset=1 unless you are on intel graphics
SetValue GRUB_CMDLINE_LINUX '\\"cryptdevice=/dev/sda3:root cryptkey=/dev/sda1:vfat:/root.gpg add_efi_memmap i915.i915_enable_rc6=1 i915.i915_enable_fbc=1 i915.lvds_downclock=1 pcie_aspm=force quiet\\"' /etc/default/grub
# set output to graphical
SetValue GRUB_TERMINAL_OUTPUT gfxterm /etc/default/grub
SetValue GRUB_GFXMODE 960x600x32,auto /etc/default/grub
SetValue GRUB_GFXPAYLOAD_LINUX keep /etc/default/grub # comment out this value if text only mode
# install the actual grub2. Note that despite our --boot-directory option we will still need to move
# the grub directory to /boot/grub during grub-mkconfig operations until grub2 gets patched (see below)
grub_efi_x86_64-install --bootloader-id=grub --no-floppy --recheck
# create our EFI boot entry
# bug in the HP bios firmware (F.08)
efibootmgr --create --gpt --disk /dev/sda --part 1 --write-signature --label "ARCH LINUX" --loader "\\\\grub\\\\grub.efi"
# copy font for grub2
cp /usr/share/grub/unicode.pf2 /boot/grub
# generate config file
grub-mkconfig -o /boot/grub/grub.cfg
exit
EFI_EOF
# Install EFI using script inside chroot
chroot ${INSTALL_TARGET} /install_efi
rm ${INSTALL_TARGET}/install_efi
# Post install steps
# anything you want to do post install. run the script automatically or
# manually
touch ${INSTALL_TARGET}/post_install
chmod a+x ${INSTALL_TARGET}/post_install
cat > ${INSTALL_TARGET}/post_install <<POST_EOF
set -o errexit
set -o nounset
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
# root password
echo -e "${HR}\\nNew root user password\\n${HR}"
passwd
# add user
echo -e "${HR}\\nNew non-root user password (username:${USERNAME})\\n${HR}"
groupadd sudo
useradd -m -g users -G audio,lp,optical,storage,video,games,power,scanner,network,sudo,wheel -s /bin/bash ${USERNAME}
passwd ${USERNAME}
# mirror ranking
echo -e "${HR}\\nRanking Mirrors (this will take a while)\\n${HR}"
cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.all
sed -i "s/#S/S/" /etc/pacman.d/mirrorlist.all
rankmirrors -n 5 /etc/pacman.d/mirrorlist.all > /etc/pacman.d/mirrorlist
# temporary fix for locale.sh update conflict
mv /etc/profile.d/locale.sh /etc/profile.d/locale.sh.preupdate || true
# yaourt repo (add to target pacman, not tmp pacman.conf, for ongoing use)
echo -e "\\n[archlinuxfr]\\nServer = http://repo.archlinux.fr/\\\$arch" >> /etc/pacman.conf
echo -e "\\n[haskell]\\nServer = http://www.kiwilight.com/\\\$repo/\\\$arch" >> /etc/pacman.conf
# additional groups and utilities
pacman --noconfirm -Syu
pacman --noconfirm -S base-devel
pacman --noconfirm -S yaourt
# sudo
pacman --noconfirm -S sudo
cp /etc/sudoers /tmp/sudoers.edit
sed -i "s/#\s*\(%wheel\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
sed -i "s/#\s*\(%sudo\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
visudo -qcsf /tmp/sudoers.edit && cat /tmp/sudoers.edit > /etc/sudoers
# power
pacman --noconfirm -S acpi acpid acpitool cpufrequtils
yaourt --noconfirm -S powertop2
sed -i "/^DAEMONS/ s/)/ @acpid)/" /etc/rc.conf
sed -i "/^MODULES/ s/)/ acpi-cpufreq cpufreq_ondemand cpufreq_powersave coretemp)/" /etc/rc.conf
# following requires my acpi handler script
echo "/etc/acpi/handler.sh boot" > /etc/rc.local
# time
pacman --noconfirm -S ntp
sed -i "/^DAEMONS/ s/hwclock /!hwclock @ntpd /" /etc/rc.conf
# wireless (wpa supplicant should already be installed)
pacman --noconfirm -S iw wpa_supplicant rfkill
pacman --noconfirm -S netcfg wpa_actiond ifplugd
mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig
echo -e "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=network\nupdate_config=1" > /etc/wpa_supplicant.conf
# make sure to copy /etc/network.d/examples/wireless-wpa-config to /etc/network.d/home and edit
sed -i "/^DAEMONS/ s/)/ @net-auto-wireless @net-auto-wired)/" /etc/rc.conf
sed -i "/^DAEMONS/ s/ network / /" /etc/rc.conf
echo -e "\nWIRELESS_INTERFACE=wlan0" >> /etc/rc.conf
echo -e "WIRED_INTERFACE=eth0" >> /etc/rc.conf
echo "options iwlagn led_mode=2" > /etc/modprobe.d/iwlagn.conf
# sound
pacman --noconfirm -S alsa-utils alsa-plugins
sed -i "/^DAEMONS/ s/)/ @alsa)/" /etc/rc.conf
mv /etc/asound.conf /etc/asound.conf.orig || true
#if alsamixer isn't working, try alsamixer -Dhw and speaker-test -Dhw -c 2
# video
pacman --noconfirm -S base-devel mesa mesa-demos
# x
#pacman --noconfirm -S xorg xorg-xinit xorg-utils xorg-server-utils xdotool xorg-xlsfonts
#yaourt --noconfirm -S xf86-input-wacom-git # NOT NEEDED? input-wacom-git
#TODO: cut down the install size
#pacman --noconfirm -S xorg-server xorg-xinit xorg-utils xorg-server-utils
# TODO: wacom
# environment/wm/etc.
#pacman --noconfirm -S xfce4 compiz ccsm
#pacman --noconfirm -S xcompmgr
#yaourt --noconfirm -S physlock unclutter
#pacman --noconfirm -S rxvt-unicode urxvt-url-select hsetroot
#pacman --noconfirm -S gtk2 #gtk3 # for taffybar?
#pacman --noconfirm -S ghc
# note: try installing alex and happy from cabal instead
#pacman --noconfirm -S haskell-platform haskell-hscolour
#yaourt --noconfirm -S xmonad-darcs xmonad-contrib-darcs xcompmgr
#yaourt --noconfirm -S xmobar-git
# TODO: edit xfce to use compiz
# TODO: xmonad, but deal with video tearing
# TODO: xmonad-darcs fails to install from AUR. haskell dependency hell.
# switching to cabal
# fonts
pacman --noconfirm -S terminus-font
yaourt --noconfirm -S webcore-fonts
yaourt --noconfirm -S fontforge libspiro
yaourt --noconfirm -S freetype2-git-infinality
# TODO: sed infinality and change to OSX or OSX2 mode
# and create the sym link from /etc/fonts/conf.avail to conf.d
# misc apps
#pacman --noconfirm -S htop openssh keychain bash-completion git vim
#pacman --noconfirm -S chromium flashplugin
#pacman --noconfirm -S scrot mypaint bc
#yaourt --noconfirm -S task-git stellarium googlecl
# TODO: argyll
POST_EOF
# Post install in chroot
#echo "chroot and run /post_install"
chroot /install /post_install
rm /install/post_install
# copy grub.efi file to the default HP EFI boot manager path
mkdir -p ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/
mkdir -p ${INSTALL_TARGET}/boot/EFI/BOOT/
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/bootmgfw.efi
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/BOOT/BOOTX64.EFI
cp /root/root.gpg ${INSTALL_TARGET}/boot/
# NOTES/TODO -
need help with how to reset bios and admin password to reformat hard drive in 8440p elitebook? removal of cmos, resetting laptop, using cccleaner, windows password recovery and hiren's was noneffective, any help is appreciated. thanks
Hi,
As your notebook is a business class machine, security is more stringent - the password is stored in non-volatile memory and there are no 'backdoor' passwords. Your best option would be to contact HP regarding this.
Regards,
DP-K
****Click the White thumb to say thanks****
****Please mark Accept As Solution if it solves your problem****
****I don't work for HP****
Microsoft MVP - Windows Experience
Maybe you are looking for
-
Hi Everyone, My client has an requirement. When we are making Vendor invoice of 10000 and outgoing payment of 2000 have been made .Invendor report it should show as 2000 cleared item as it has been paid and 8000 as open item i have checked FBL1N its
-
Invoice printing output preview is not displaying anymore.
Hello The user have invoices where you cannot click the issue output preview. Before the 9th of january everything was fine, he said all he did was transport 2 things. 1. made the field of payment term mandatory instead of it being optional. 2. Added
-
Hi All, I need the functionality of JMS for my Java application in Swing. I have onle Java1.2 on my system. What are the other requirements for JMS. Any Server is needed? Please do let me know? Thanks in advance. Regards Ravi
-
Hi I am running a website. The server provided to me is tomcat and is in Linux and database is MYSQL. I am getting the below stated error. In my PC the code is running truly but when i upload it to website the following error occured.I have tried wit
-
Attaching a document to a customer
Hi Expert, I want to attach a document (PDF) to a customer. And when creating a new sales order of this customer, the document attached appear. How can i do ? Thanks in advance for your reply