Using 5Ghz and 2.4 Ghz for different devices
I am an old lady, so please be gentle. I know nothing about networking but have been reading and trying hard to learn.
About a month ago my MBP started having major issues maintaining a wifi connection. I read through most of a 190+ page thread about other Yosemite users having this problem and tried the suggested solutions that I could understand. What has worked for me is to set up my old 2007 Airport Extreme to use only 5 Ghz. Now my MBP connection works great but my AirPrint printer can only use 2.4 Ghz. I extended my network with one old Airport Express and connected the printer to it with the printer cable so I can print easily from my MBP. I have configured a second old Airport Express on 2.4 Ghz so I can use the printer from iOS devices but it is SLOW and what a pain to keep changing networks.
Would a new Airport Extreme make life easier for me? Would giving 5 and 2.4 different names on the new Airport Extreme offer a better printing experience than my current setup? It's about time that I get a new router anyway, I guess. TIA for advice.
For an old lady you did well cobbling that network together to the point it works at all. It sounds like a major inconvenience.
Would a new Airport Extreme make life easier for me?
Much easier. Not only that, like all Apple products it comes with 90 days of complimentary telephone support, if you need help with its configuration (which you probably won't).
Would giving 5 and 2.4 different names on the new Airport Extreme offer a better printing experience than my current setup?
No, I don't think you will find that worthwhile. Don't give the 5 GHz network a separate name, just let your devices connect to whatever network they determine is best. That way, as wireless environmental conditions change they will have the agility to choose either one without your intervention.
AirPrint will work automatically, as long as your printer really is an AirPrint printer. AirPrint is a specific network connection protocol and is not synonymous with mere wireless. If your printer is not an AirPrint printer, it will continue to work, but you might need to configure it to connect to the new AirPort Extreme's network.
Similar Messages
-
Can I have one apple ID and two iCloud accounts for different devices.
can I have one apple I'd and numerous iCloud accounts for different devices?
Yes you can, you just need to go into settings and into icloud, once it says account, login to your desired account
-
Using several UMTS access points (APN) for different services
Hello,
I wonder if it is possible to use several UMTS access points (APN) for different services.
situation:
1) The iPhone is used for business AND private purposes.
2) The company's mobile telephone contract includes a APN, which is only usable by the employees' mobile phones.
problem / question:
Is it possible to define two access points in the iPhone, that for example the exchange account uses the company's APN, while all the other apps use the standard APN of the carrier?
Problem is, that some iPhone's benefits like Push-Messages are blocked by the carrier's APN. Now, I have to switch the access point by installing the appropriate profile every time I want to check my e-mails or vice versa for using "normal" apps.
I hope you can hep me.
Greets from Germany
MitchThanks for your help! This really helps a lot! We actually only want to replace the autonmous access point with the controller solution and make one WLAN available at another site. From what I can see, this is possible with our current solution - we just need to switch from Layer 2 to Layer 3 and purchase the corresponding amount of supported Access Points (I think we should be able to get some refurbished ones).
Am I correct in assuming that the Access Points we want to replace (AIR-AP1230B-E-K9 with 802.11b radio only) cannot be upgraded to lightweight ones? Since if I understood document http://www.cisco.com/en/US/docs/wireless/access_point/conversion/lwapp/upgrade/guide/lwapnote.html correctly, this is not possible with access points that only have 802.11b radios.
Regarding the switch from Layer 2 to Layer 3: Do we really only need to perform the steps I described in my first post?
And one last question regarding REAP. As far as I understood this is only needed when local traffic needs to be maintained in case the connection to the WLC becomes unavailable. So we really don't need it if we want to access resources that are only available over the WLC?
Thanks again for your help!
Michael -
I want to use 30 ipads to run kiosk software in my restaurant. Can I use one Apple ID (and one credit card) for all devices?
Alternatively you can always manage your iPads (does not matter how many) with a single apple id and all reporting to your account under "find my device" service. Keeping an eye on all your units. Additionally as you mentioned these are for your Restaurant you may find the solutions offered by this company who creates apps and hardware for this purpose: http://www.spartakioskpro.com
Additionally if you expand beyond those 30 iPads to say 300 you will want to enable or plan on MDM as your best option to automate every ipad to use the same profile and app and ios configuration while also keeping a close eye on all of them via online MDM services like: https://meraki.cisco.com/products/systems-manager
Here is a pic -
I have an IMAC and use Aperture and I am looking for a App that will allow me to have one of my photos look like a painting - any suggestions? It is a gift for my brother
I like photoshop elements.
http://www.photoshopelementsuser.com/blog/from-photograph-to-painting/
You can also do something like this:
http://www.luminous-landscape.com/tutorials/new_page_9.shtml -
ADF mobile: Reuse taskflows for different device models (resolutions) ?
Hi,
ADf 11.1.2.3.0 + mobile extension.
What's best practice to create the same mobile app for different device models (= different screen resolutions = different layout)?
I mean an app on a smartphone may use different gui components and layout than on a tablet device.
In adfmf-feature.xml the content of a feature can be either a amx page or a task flow.
Here I can add a constraint to determine e.g. the device.model and use different amx pages depending on the device model.
But how to reuse the task flow (assumtion: the taskflow is independent from the device model) and just create specific amx page per device model?
regards
PeterReplying to an old thread.
With ADF Mobile 11.1.2.4.0, to display different content views for different devices, it is recommended that we use following property as a constraint on the content of the feature.
Property
Operator
Value
hardware.screen.diagonalSize
more
6
It applies this constraint on the devices which have screen size more than 6 inches. Which is applicable for the tablets.
For more details, look at the HR sample found at the following location in your JDev after installing the ADF Mobile Extension
jdev_install/jdeveloper/jdev/extensions/oracle.adf.mobile/Samples -
Uniform UI for different devices
Hi All,
We have different devices with different resolution, aspect ratio. I was trying to figure out, Is there possibility of developing UI which will look same in different devices? Or should we develop separately for different devices? I was just guessing, prob we can use separate .res files for different devices using LWUIT.
Please provide your inputs regarding this. And if there are best practices for J2ME application, you can share with me.
Thanks in advance,
Sandeep[J2MEPolish|http://www.j2mepolish.org/cms/] does the job pretty good. Try it out.
-
Can DFM notifiy/email different users for different device errors?
I'm aware how to change DFM thresholds/polling for different devices. I can get notification working fine for "an email".
But,
Can DFM email "joe" for router failures, and "fred" for switch failures?
URL to describe steps would be great!
Might Cisco implement this feature if not already?From http://www.cisco.com/univercd/cc/td/doc/product/rtrmgmt/cw2000/dfm/dfm_faq.htm#67620
Q) Can I configure the Mail Notifier Adapter to send notifications to different recipients depending on the fault type?
A) No. You can send notifications to different recipients, but all recipients will receive the same information. -
Good day!! I was having two Iphones with same icloud id, later i deleted 1 id from one device, and made 2nd id for this device but same time my old id is stored on other device and i can not change it with another id, can any1 guide me on this issue.
Log in to icloud.com on a web browser and remove the device from "Find My iPhone"
-
Can I use the same Apple ID for iMessage and FaceTime services simultaneously on two different devices - iPhone and iPad? It seems those are competing to each other, and the services work on one of them only (iPhone).
Many thanks, Sir! Both are mine and it's good to know that imessage can work on both with the same Apple ID. Will now have to find out why imessage stopped working on iPad when it started on iPhone (new). After exploring the forum I understand that there may be plenty of reasons why imessage does not work, even though it worked previously on the same device with the same ID.
-
Dual Band (5ghz and 2.4 ghz) Wireless Network Config and Dropped Connection
Hi, I have an Airport Extreme (802.11N) and a Motorola WR850G (802.11A/B/G) that I'm trying to connect in a dual band setup - but something in my setup is causing the Airport to drop it's connection (before the connection is dropped - everything works great). After I lose connectivity, both routers show up in my list of wireless networks, the light stays green, but I don't have local or internet access. When I try to reconnect, the log on times out. Also, the Airport isn't displayed in the Airport Utility (light is green on the airport itself though). Unplugging and resetting the Airport Allows all computers on the network to connect locally and to the internet for a few hours until the connection drops again. While it is up and running, I have no problems streaming movies off the connected Airdisk, navigating the internet, and connecting both N and G devices to the network.
I'd love to hear from you if you've gotten a similar setup to work, and if possible, have you provide the settings you used to make this work. I've looked around quite a bit and haven't seen a detailed description of the process (even from the Apple documentation). Also, advice from anyone would be greatly appreciated since my wireless networking knowledge is pretty basic.
My configuration:
Time Warner cable modem connected to the Airport's WAN port. WR850G connected by LAN port to Airport's LAN port. Bridge Mode check box selected on WR850G. Airport setup for 802.11n (5Ghz). Unique SSIDs to determine which network is 'N'. Same password for both networks. My Firmware and utilities are up to date.
Computers/Devices on Network:
Two Macs with Airport Extreme N cards. A Vista PC with a D-link N card (only compatible with 2.4 Ghz so it connects to the G network). A Vista PC with a GB ethernet card connected to the Airport Extreme. Various other G devices like iPod touches and an old iBook. Airdisk connected to the Airport Extreme.
Thanks,I removed the second router (Moto wr850g) and everything seems to be working smoothly. It must be some settings on that one that are causing the problem, but I haven't been able to get it configured correctly. I noticed there were some IP conflicts with my wireless wanting to use the old Moto router IP and trying to assign my Mac an IP from that router. Does anyone know specifically what needs to be disabled on a router in bridge mode? Since I have a third party router there aren't any handy wizards that can configure it for me.
Thanks again -
System encryption using LUKS and GPG encrypted keys for arch linux
Update: As of 2012-03-28, arch changed from gnupg 1.4 to 2.x which uses pinentry for the password dialog. The "etwo" hook described here doesn't work with gnupg 2. Either use the openssl hook below or use a statically compiled version of gnupg 1.4.
Update: As of 2012-12-19, the mkinitcpio is not called during boot, unless the "install" file for the hook contains "add_runscript". This resulted in an unbootable system for me. Also, the method name was changed from install () to build ().
Update: 2013-01-13: Updated the hook files using the corrections by Deth.
Note: This guide is a bit dated now, in particular the arch installation might be different now. But essentially, the approach stays the same. Please also take a look at the posts further down, specifically the alternative hooks that use openssl.
I always wanted to set up a fully encrypted arch linux server that uses gpg encrypted keyfiles on an external usb stick and luks for root filesystem encryption. I already did it once in gentoo using this guide. For arch, I had to play alot with initcpio hooks and after one day of experimentation, I finally got it working. I wrote a little guide for myself which I'm going to share here for anyone that might be interested. There might be better or easier ways, like I said this is just how I did it. I hope it might help someone else. Constructive feedback is always welcome
Intro
Using arch linux mkinitcpio's encrypt hook, one can easily use encrypted root partitions with LUKS. It's also possible to use key files stored on an external drive, like an usb stick. However, if someone steals your usb stick, he can just copy the key and potentially access the system. I wanted to have a little extra security by additionally encrypting the key file with gpg using a symmetric cipher and a passphrase.
Since the encrypt hook doesn't support this scenario, I created a modifed hook called “etwo” (silly name I know, it was the first thing that came to my mind). It will simply look if the key file has the extension .gpg and, if yes, use gpg to decrypt it, then pipe the result into cryptsetup.
Conventions
In this short guide, I use the following disk/partition names:
/dev/sda: is the hard disk that will contain an encrypted swap (/dev/sda1), /var (/dev/sda2) and root (/dev/sda3) partition.
/dev/sdb is the usb stick that will contain the gpg encrypted luks keys, the kernel and grub. It will have one partition /dev/sdb1 formatted with ext2.
/dev/mapper/root, /dev/mapper/swap and /dev/mapper/var will be the encrypted devices.
Credits
Thanks to the authors of SECURITY_System_Encryption_DM-Crypt_with_LUKS (gentoo wiki), System Encryption with LUKS (arch wiki), mkinitcpio (arch wiki) and Early Userspace in Arch Linux (/dev/brain0 blog)!
Guide
1. Boot the arch live cd
I had to use a newer testing version, because the 2010.05 cd came with a broken gpg. You can download one here: http://releng.archlinux.org/isos/. I chose the “core“ version. Go ahead and boot the live cd, but don't start the setup yet.
2. Set keymap
Use km to set your keymap. This is important for non-qwerty keyboards to avoid suprises with passphrases...
3. Wipe your discs
ATTENTION: this will DELETE everything on /dev/sda and /dev/sdb forever! Do not blame me for any lost data!
Before encrypting the hard disc, it has to be completely wiped and overwritten with random data. I used shred for this. Others use badblocks or dd with /dev/urandom. Either way, this will take a long time, depending on the size of your disc. I also wiped my usb stick just to be sure.
shred -v /dev/sda
shred -v /dev/sdb
4. Partitioning
Fire up fdisk and create the following partitions:
/dev/sda1, type linux swap.
/dev/sda2: type linux
/dev/sda3: type linux
/dev/sdb1, type linux
Of course you can choose a different layout, this is just how I did it. Keep in mind that only the root filesystem will be decrypted by the initcpio. The rest will be decypted during normal init boot using /etc/crypttab, the keys being somewhere on the root filesystem.
5. Format and mount the usb stick
Create an ext2 filesystem on /dev/sdb1:
mkfs.ext2 /dev/sdb1
mkdir /root/usb
mount /dev/sdb1 /root/usb
cd /root/usb # this will be our working directory for now.
Do not mount anything to /mnt, because the arch installer will use that directory later to mount the encrypted root filesystem.
6. Configure the network (if not already done automatically)
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
route add default gw 192.168.0.1
echo "nameserver 192.168.0.1" >> /etc/resolv.conf
(this is just an example, your mileage may vary)
7. Install gnupg
pacman -Sy
pacman -S gnupg
Verify that gnupg works by launching gpg.
8. Create the keys
Just to be sure, make sure swap is off:
cat /proc/swaps
should return no entries.
Create gpg encrypted keys (remember, we're still in our working dir /root/usb):
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > root.gpg
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > var.gpg
Choose a strong password!!
Don't do this in two steps, e.g don't do dd to a file and then gpg on that file. The key should never be stored in plain text on an unencrypted device, except if that device is wiped on system restart (ramfs)!
Note that the default cipher for gpg is cast5, I just chose to use a different one.
9. Create the encrypted devices with cryptsetup
Create encrypted swap:
cryptsetup -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -d /dev/urandom create swap /dev/sda1
You should see /dev/mapper/swap now. Don't format nor turn it on for now. This will be done by the arch installer.
Important: From the Cryptsetup 1.1.2 Release notes:
Cryptsetup can accept passphrase on stdin (standard input). Handling of new line (\n) character is defined by input specification:
if keyfile is specified as "-" (using --key-file=- or by positional argument in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- <action> ), input is processed
as normal binary file and no new line is interpreted.
if there is no key file specification (with default input from stdin pipe like echo passphrase | cryptsetup <action> ) input is processed as input from terminal, reading will
stop after new line is detected.
If I understand this correctly, since the randomly generated key can contain a newline early on, piping the key into cryptsetup without specifying --key-file=- could result in a big part of the key to be ignored by cryptsetup. Example: if the random key was "foo\nandsomemorebaratheendofthekey", piping it directly into cryptsetup without --key-file=- would result in cryptsetup using only "foo" as key which would have big security implications. We should therefor ALWAYS pipe the key into cryptsetup using --key-file=- which ignores newlines.
gpg -q -d root.gpg 2>/dev/null | cryptsetup -v -–key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool luksFormat /dev/sda3
gpg -q -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -v luksFormat /dev/sda2
Check for any errors.
10. Open the luks devices
gpg -d root.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda3 root
gpg -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda2 var
If you see /dev/mapper/root and /dev/mapper/var now, everything is ok.
11. Start the installer /arch/setup
Follow steps 1 to 3.
At step 4 (Prepare hard drive(s), select “3 – Manually Configure block devices, filesystems and mountpoints. Choose /dev/sdb1 (the usb stick) as /boot, /dev/mapper/swap for swap, /dev/mapper/root for / and /dev/mapper/var for /var.
Format all drives (choose “yes” when asked “do you want to have this filesystem (re)created”) EXCEPT for /dev/sdb1, choose “no”. Choose the correct filesystem for /dev/sdb1, ext2 in my case. Use swap for /dev/mapper/swap. For the rest, I chose ext4.
Select DONE to start formatting.
At step 5 (Select packages), select grub as boot loader. Select the base group. Add mkinitcpio.
Start step 6 (Install packages).
Go to step 7 (Configure System).
By sure to set the correct KEYMAP, LOCALE and TIMEZONE in /etc/rc.conf.
Edit /etc/fstab:
/dev/mapper/root / ext4 defaults 0 1
/dev/mapper/swap swap swap defaults 0 0
/dev/mapper/var /var ext4 defaults 0 1
# /dev/sdb1 /boot ext2 defaults 0 1
Configure the rest normally. When you're done, setup will launch mkinitcpio. We'll manually launch this again later.
Go to step 8 (install boot loader).
Be sure to change the kernel line in menu.lst:
kernel /vmlinuz26 root=/dev/mapper/root cryptdevice=/dev/sda3:root cryptkey=/dev/sdb1:ext2:/root.gpg
Don't forget the :root suffix in cryptdevice!
Also, my root line was set to (hd1,0). Had to change that to
root (hd0,0)
Install grub to /dev/sdb (the usb stick).
Now, we can exit the installer.
12. Install mkinitcpio with the etwo hook.
Create /mnt/lib/initcpio/hooks/etwo:
#!/usr/bin/ash
run_hook() {
/sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
if [ -e "/sys/class/misc/device-mapper" ]; then
if [ ! -e "/dev/mapper/control" ]; then
/bin/mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
fi
[ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
# Get keyfile if specified
ckeyfile="/crypto_keyfile"
usegpg="n"
if [ "x${cryptkey}" != "x" ]; then
ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
if poll_device "${ckdev}" ${rootdelay}; then
case ${ckarg1} in
*[!0-9]*)
# Use a file on the device
# ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
if [ "${ckarg2#*.}" = "gpg" ]; then
ckeyfile="${ckeyfile}.gpg"
usegpg="y"
fi
mkdir /ckey
mount -r -t ${ckarg1} ${ckdev} /ckey
dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
umount /ckey
# Read raw data from the block device
# ckarg1 is numeric: ckarg1=offset, ckarg2=length
dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
esac
fi
[ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
fi
if [ -n "${cryptdevice}" ]; then
DEPRECATED_CRYPT=0
cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
else
DEPRECATED_CRYPT=1
cryptdev="${root}"
cryptname="root"
fi
warn_deprecated() {
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
if poll_device "${cryptdev}" ${rootdelay}; then
if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
if [ "${usegpg}" = "y" ]; then
# gpg tty fixup
if [ -e /dev/tty ]; then mv /dev/tty /dev/tty.backup; fi
cp -a /dev/console /dev/tty
while [ ! -e /dev/mapper/${cryptname} ];
do
sleep 2
/usr/bin/gpg -d "${ckeyfile}" 2>/dev/null | cryptsetup --key-file=- luksOpen ${cryptdev} ${cryptname} ${CSQUIET}
dopassphrase=0
done
rm /dev/tty
if [ -e /dev/tty.backup ]; then mv /dev/tty.backup /dev/tty; fi
else
if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
fi
fi
fi
# Ask for a passphrase
if [ ${dopassphrase} -gt 0 ]; then
echo ""
echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
sleep 2;
done
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
elif [ -n "${crypto}" ]; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
msg "Non-LUKS encrypted device found..."
if [ $# -ne 5 ]; then
err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
err "Non-LUKS decryption not attempted..."
return 1
fi
exe="/sbin/cryptsetup create ${cryptname} ${cryptdev}"
tmp=$(echo "${crypto}" | cut -d: -f1)
[ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f2)
[ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f3)
[ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f4)
[ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f5)
[ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
if [ -f ${ckeyfile} ]; then
exe="${exe} --key-file ${ckeyfile}"
else
exe="${exe} --verify-passphrase"
echo ""
echo "A password is required to access the ${cryptname} volume:"
fi
eval "${exe} ${CSQUIET}"
if [ $? -ne 0 ]; then
err "Non-LUKS device decryption failed. verify format: "
err " crypto=hash:cipher:keysize:offset:skip"
exit 1
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
else
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
fi
fi
rm -f ${ckeyfile}
fi
Create /mnt/lib/initcpio/install/etwo:
#!/bin/bash
build() {
local mod
add_module dm-crypt
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
add_all_modules '/crypto/'
fi
add_dir "/dev/mapper"
add_binary "cryptsetup"
add_binary "dmsetup"
add_binary "/usr/bin/gpg"
add_file "/usr/lib/udev/rules.d/10-dm.rules"
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
add_runscript
help ()
cat<<HELPEOF
This hook allows for an encrypted root device with support for gpg encrypted key files.
To use gpg, the key file must have the extension .gpg and you have to install gpg and add /usr/bin/gpg
to your BINARIES var in /etc/mkinitcpio.conf.
HELPEOF
Edit /mnt/etc/mkinitcpio.conf (only relevant sections displayed):
MODULES=”ext2 ext4” # not sure if this is really nessecary.
BINARIES=”/usr/bin/gpg” # this could probably be done in install/etwo...
HOOKS=”base udev usbinput keymap autodetect pata scsi sata usb etwo filesystems” # (usbinput is only needed if you have an usb keyboard)
Copy the initcpio stuff over to the live cd:
cp /mnt/lib/initcpio/hooks/etwo /lib/initcpio/hooks/
cp /mnt/lib/initcpio/install/etwo /lib/initcpio/install/
cp /mnt/etc/mkinitcpio.conf /etc/
Verify your LOCALE, KEYMAP and TIMEZONE in /etc/rc.conf!
Now reinstall the initcpio:
mkinitcpio -g /mnt/boot/kernel26.img
Make sure there were no errors and that all hooks were included.
13. Decrypt the "var" key to the encrypted root
mkdir /mnt/keys
chmod 500 /mnt/keys
gpg –output /mnt/keys/var -d /mnt/boot/var.gpg
chmod 400 /mnt/keys/var
14. Setup crypttab
Edit /mnt/etc/crypttab:
swap /dev/sda1 SWAP -c aes-cbc-essiv:sha256 -s 256 -h whirlpool
var /dev/sda2 /keys/var
15. Reboot
We're done, you may reboot. Make sure you select the usb stick as the boot device in your bios and hope for the best. . If it didn't work, play with grub's settings or boot from the live cd, mount your encrypted devices and check all settings. You might also have less trouble by using uuid's instead of device names. I chose device names to keep things as simple as possible, even though it's not the optimal way to do it.
Make backups of your data and your usb stick and do not forget your password(s)! Or you can say goodbye to your data forever...
Last edited by fabriceb (2013-01-15 22:36:23)I'm trying to run my install script that is based on https://bbs.archlinux.org/viewtopic.php?id=129885
Decrypting the gpg key after grub works, but then "Devce root already exists." appears every second.
any idea ?
#!/bin/bash
# This script is designed to be run in conjunction with a UEFI boot using Archboot intall media.
# prereqs:
# EFI "BIOS" set to boot *only* from EFI
# successful EFI boot of Archboot USB
# mount /dev/sdb1 /src
set -o nounset
#set -o errexit
# Host specific configuration
# this whole script needs to be customized, particularly disk partitions
# and configuration, but this section contains global variables that
# are used during the system configuration phase for convenience
HOSTNAME=daniel
USERNAME=user
# Globals
# We don't need to set these here but they are used repeatedly throughout
# so it makes sense to reuse them and allow an easy, one-time change if we
# need to alter values such as the install target mount point.
INSTALL_TARGET="/install"
HR="--------------------------------------------------------------------------------"
PACMAN="pacman --noconfirm --config /tmp/pacman.conf"
TARGET_PACMAN="pacman --noconfirm --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
CHROOT_PACMAN="pacman --noconfirm --cachedir /var/cache/pacman/pkg --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
FILE_URL="file:///packages/core-$(uname -m)/pkg"
FTP_URL='ftp://mirrors.kernel.org/archlinux/$repo/os/$arch'
HTTP_URL='http://mirrors.kernel.org/archlinux/$repo/os/$arch'
# Functions
# I've avoided using functions in this script as they aren't required and
# I think it's more of a learning tool if you see the step-by-step
# procedures even with minor duplciations along the way, but I feel that
# these functions clarify the particular steps of setting values in config
# files.
SetValue () {
# EXAMPLE: SetValue VARIABLENAME '\"Quoted Value\"' /file/path
VALUENAME="$1" NEWVALUE="$2" FILEPATH="$3"
sed -i "s+^#\?\(${VALUENAME}\)=.*$+\1=${NEWVALUE}+" "${FILEPATH}"
CommentOutValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^\(${VALUENAME}.*\)$/#\1/" "${FILEPATH}"
UncommentValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^#\(${VALUENAME}.*\)$/\1/" "${FILEPATH}"
# Initialize
# Warn the user about impending doom, set up the network on eth0, mount
# the squashfs images (Archboot does this normally, we're just filling in
# the gaps resulting from the fact that we're doing a simple scripted
# install). We also create a temporary pacman.conf that looks for packages
# locally first before sourcing them from the network. It would be better
# to do either *all* local or *all* network but we can't for two reasons.
# 1. The Archboot installation image might have an out of date kernel
# (currently the case) which results in problems when chrooting
# into the install mount point to modprobe efivars. So we use the
# package snapshot on the Archboot media to ensure our kernel is
# the same as the one we booted with.
# 2. Ideally we'd source all local then, but some critical items,
# notably grub2-efi variants, aren't yet on the Archboot media.
# Warn
timer=9
echo -e "\n\nMAC WARNING: This script is not designed for APPLE MAC installs and will potentially misconfigure boot to your existing OS X installation. STOP NOW IF YOU ARE ON A MAC.\n\n"
echo -n "GENERAL WARNING: This procedure will completely format /dev/sda. Please cancel with ctrl-c to cancel within $timer seconds..."
while [[ $timer -gt 0 ]]
do
sleep 1
let timer-=1
echo -en "$timer seconds..."
done
echo "STARTING"
# Get Network
echo -n "Waiting for network address.."
#dhclient eth0
dhcpcd -p eth0
echo -n "Network address acquired."
# Mount packages squashfs images
umount "/packages/core-$(uname -m)"
umount "/packages/core-any"
rm -rf "/packages/core-$(uname -m)"
rm -rf "/packages/core-any"
mkdir -p "/packages/core-$(uname -m)"
mkdir -p "/packages/core-any"
modprobe -q loop
modprobe -q squashfs
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_$(uname -m).squashfs" "/packages/core-$(uname -m)"
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_any.squashfs" "/packages/core-any"
# Create temporary pacman.conf file
cat << PACMANEOF > /tmp/pacman.conf
[options]
Architecture = auto
CacheDir = ${INSTALL_TARGET}/var/cache/pacman/pkg
CacheDir = /packages/core-$(uname -m)/pkg
CacheDir = /packages/core-any/pkg
[core]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
[extra]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
#Uncomment to enable pacman -Sy yaourt
[archlinuxfr]
Server = http://repo.archlinux.fr/\$arch
PACMANEOF
# Prepare pacman
[[ ! -d "${INSTALL_TARGET}/var/cache/pacman/pkg" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/cache/pacman/pkg"
[[ ! -d "${INSTALL_TARGET}/var/lib/pacman" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/lib/pacman"
${PACMAN} -Sy
${TARGET_PACMAN} -Sy
# Install prereqs from network (not on archboot media)
echo -e "\nInstalling prereqs...\n$HR"
#sed -i "s/^#S/S/" /etc/pacman.d/mirrorlist # Uncomment all Server lines
UncommentValue S /etc/pacman.d/mirrorlist # Uncomment all Server lines
${PACMAN} --noconfirm -Sy gptfdisk btrfs-progs-unstable libusb-compat gnupg
# Configure Host
# Here we create three partitions:
# 1. efi and /boot (one partition does double duty)
# 2. swap
# 3. our encrypted root
# Note that all of these are on a GUID partition table scheme. This proves
# to be quite clean and simple since we're not doing anything with MBR
# boot partitions and the like.
echo -e "format\n"
# shred -v /dev/sda
# disk prep
sgdisk -Z /dev/sda # zap all on disk
#sgdisk -Z /dev/mmcb1k0 # zap all on sdcard
sgdisk -a 2048 -o /dev/sda # new gpt disk 2048 alignment
#sgdisk -a 2048 -o /dev/mmcb1k0
# create partitions
sgdisk -n 1:0:+200M /dev/sda # partition 1 (UEFI BOOT), default start block, 200MB
sgdisk -n 2:0:+4G /dev/sda # partition 2 (SWAP), default start block, 200MB
sgdisk -n 3:0:0 /dev/sda # partition 3, (LUKS), default start, remaining space
#sgdisk -n 1:0:1800M /dev/mmcb1k0 # root.gpg
# set partition types
sgdisk -t 1:ef00 /dev/sda
sgdisk -t 2:8200 /dev/sda
sgdisk -t 3:8300 /dev/sda
#sgdisk -t 1:0700 /dev/mmcb1k0
# label partitions
sgdisk -c 1:"UEFI Boot" /dev/sda
sgdisk -c 2:"Swap" /dev/sda
sgdisk -c 3:"LUKS" /dev/sda
#sgdisk -c 1:"Key" /dev/mmcb1k0
echo -e "create gpg file\n"
# create gpg file
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > /root/root.gpg
echo -e "format LUKS on root\n"
# format LUKS on root
gpg -q -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- -c aes-xts-plain -s 512 --hash sha512 luksFormat /dev/sda3
echo -e "open LUKS on root\n"
gpg -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- luksOpen /dev/sda3 root
# NOTE: make sure to add dm_crypt and aes_i586 to MODULES in rc.conf
# NOTE2: actually this isn't required since we're mounting an encrypted root and grub2/initramfs handles this before we even get to rc.conf
# make filesystems
# following swap related commands not used now that we're encrypting our swap partition
#mkswap /dev/sda2
#swapon /dev/sda2
#mkfs.ext4 /dev/sda3 # this is where we'd create an unencrypted root partition, but we're using luks instead
echo -e "\nCreating Filesystems...\n$HR"
# make filesystems
mkfs.ext4 /dev/mapper/root
mkfs.vfat -F32 /dev/sda1
#mkfs.vfat -F32 /dev/mmcb1k0p1
echo -e "mount targets\n"
# mount target
#mount /dev/sda3 ${INSTALL_TARGET} # this is where we'd mount the unencrypted root partition
mount /dev/mapper/root ${INSTALL_TARGET}
# mount target
mkdir ${INSTALL_TARGET}
# mkdir ${INSTALL_TARGET}/key
# mount -t vfat /dev/mmcb1k0p1 ${INSTALL_TARGET}/key
mkdir ${INSTALL_TARGET}/boot
mount -t vfat /dev/sda1 ${INSTALL_TARGET}/boot
# Install base, necessary utilities
mkdir -p ${INSTALL_TARGET}/var/lib/pacman
${TARGET_PACMAN} -Sy
${TARGET_PACMAN} -Su base
# curl could be installed later but we want it ready for rankmirrors
${TARGET_PACMAN} -S curl
${TARGET_PACMAN} -S libusb-compat gnupg
${TARGET_PACMAN} -R grub
rm -rf ${INSTALL_TARGET}/boot/grub
${TARGET_PACMAN} -S grub2-efi-x86_64
# Configure new system
SetValue HOSTNAME ${HOSTNAME} ${INSTALL_TARGET}/etc/rc.conf
sed -i "s/^\(127\.0\.0\.1.*\)$/\1 ${HOSTNAME}/" ${INSTALL_TARGET}/etc/hosts
SetValue CONSOLEFONT Lat2-Terminus16 ${INSTALL_TARGET}/etc/rc.conf
#following replaced due to netcfg
#SetValue interface eth0 ${INSTALL_TARGET}/etc/rc.conf
# write fstab
# You can use UUID's or whatever you want here, of course. This is just
# the simplest approach and as long as your drives aren't changing values
# randomly it should work fine.
cat > ${INSTALL_TARGET}/etc/fstab <<FSTAB_EOF
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
/dev/sda1 /boot vfat defaults 0 0
/dev/mapper/cryptswap none swap defaults 0 0
/dev/mapper/root / ext4 defaults,noatime 0 1
FSTAB_EOF
# write etwo
mkdir -p /lib/initcpio/hooks/
mkdir -p /lib/initcpio/install/
cp /src/etwo_hooks /lib/initcpio/hooks/etwo
cp /src/etwo_install /lib/initcpio/install/etwo
mkdir -p ${INSTALL_TARGET}/lib/initcpio/hooks/
mkdir -p ${INSTALL_TARGET}/lib/initcpio/install/
cp /src/etwo_hooks ${INSTALL_TARGET}/lib/initcpio/hooks/etwo
cp /src/etwo_install ${INSTALL_TARGET}/lib/initcpio/install/etwo
# write crypttab
# encrypted swap (random passphrase on boot)
echo cryptswap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> ${INSTALL_TARGET}/etc/crypttab
# copy configs we want to carry over to target from install environment
mv ${INSTALL_TARGET}/etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf.orig
cp /etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf
mkdir -p ${INSTALL_TARGET}/tmp
cp /tmp/pacman.conf ${INSTALL_TARGET}/tmp/pacman.conf
# mount proc, sys, dev in install root
mount -t proc proc ${INSTALL_TARGET}/proc
mount -t sysfs sys ${INSTALL_TARGET}/sys
mount -o bind /dev ${INSTALL_TARGET}/dev
echo -e "umount boot\n"
# we have to remount /boot from inside the chroot
umount ${INSTALL_TARGET}/boot
# Create install_efi script (to be run *after* chroot /install)
touch ${INSTALL_TARGET}/install_efi
chmod a+x ${INSTALL_TARGET}/install_efi
cat > ${INSTALL_TARGET}/install_efi <<EFI_EOF
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
echo -e "mount boot\n"
# remount here or grub et al gets confused
mount -t vfat /dev/sda1 /boot
# mkinitcpio
# NOTE: intel_agp drm and i915 for intel graphics
SetValue MODULES '\\"dm_mod dm_crypt aes_x86_64 ext2 ext4 vfat intel_agp drm i915\\"' /etc/mkinitcpio.conf
SetValue HOOKS '\\"base udev pata scsi sata usb usbinput keymap consolefont etwo encrypt filesystems\\"' /etc/mkinitcpio.conf
SetValue BINARIES '\\"/usr/bin/gpg\\"' /etc/mkinitcpio.conf
mkinitcpio -p linux
# kernel modules for EFI install
modprobe efivars
modprobe dm-mod
# locale-gen
UncommentValue de_AT /etc/locale.gen
locale-gen
# install and configure grub2
# did this above
#${CHROOT_PACMAN} -Sy
#${CHROOT_PACMAN} -R grub
#rm -rf /boot/grub
#${CHROOT_PACMAN} -S grub2-efi-x86_64
# you can be surprisingly sloppy with the root value you give grub2 as a kernel option and
# even omit the cryptdevice altogether, though it will wag a finger at you for using
# a deprecated syntax, so we're using the correct form here
# NOTE: take out i915.modeset=1 unless you are on intel graphics
SetValue GRUB_CMDLINE_LINUX '\\"cryptdevice=/dev/sda3:root cryptkey=/dev/sda1:vfat:/root.gpg add_efi_memmap i915.i915_enable_rc6=1 i915.i915_enable_fbc=1 i915.lvds_downclock=1 pcie_aspm=force quiet\\"' /etc/default/grub
# set output to graphical
SetValue GRUB_TERMINAL_OUTPUT gfxterm /etc/default/grub
SetValue GRUB_GFXMODE 960x600x32,auto /etc/default/grub
SetValue GRUB_GFXPAYLOAD_LINUX keep /etc/default/grub # comment out this value if text only mode
# install the actual grub2. Note that despite our --boot-directory option we will still need to move
# the grub directory to /boot/grub during grub-mkconfig operations until grub2 gets patched (see below)
grub_efi_x86_64-install --bootloader-id=grub --no-floppy --recheck
# create our EFI boot entry
# bug in the HP bios firmware (F.08)
efibootmgr --create --gpt --disk /dev/sda --part 1 --write-signature --label "ARCH LINUX" --loader "\\\\grub\\\\grub.efi"
# copy font for grub2
cp /usr/share/grub/unicode.pf2 /boot/grub
# generate config file
grub-mkconfig -o /boot/grub/grub.cfg
exit
EFI_EOF
# Install EFI using script inside chroot
chroot ${INSTALL_TARGET} /install_efi
rm ${INSTALL_TARGET}/install_efi
# Post install steps
# anything you want to do post install. run the script automatically or
# manually
touch ${INSTALL_TARGET}/post_install
chmod a+x ${INSTALL_TARGET}/post_install
cat > ${INSTALL_TARGET}/post_install <<POST_EOF
set -o errexit
set -o nounset
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
# root password
echo -e "${HR}\\nNew root user password\\n${HR}"
passwd
# add user
echo -e "${HR}\\nNew non-root user password (username:${USERNAME})\\n${HR}"
groupadd sudo
useradd -m -g users -G audio,lp,optical,storage,video,games,power,scanner,network,sudo,wheel -s /bin/bash ${USERNAME}
passwd ${USERNAME}
# mirror ranking
echo -e "${HR}\\nRanking Mirrors (this will take a while)\\n${HR}"
cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.all
sed -i "s/#S/S/" /etc/pacman.d/mirrorlist.all
rankmirrors -n 5 /etc/pacman.d/mirrorlist.all > /etc/pacman.d/mirrorlist
# temporary fix for locale.sh update conflict
mv /etc/profile.d/locale.sh /etc/profile.d/locale.sh.preupdate || true
# yaourt repo (add to target pacman, not tmp pacman.conf, for ongoing use)
echo -e "\\n[archlinuxfr]\\nServer = http://repo.archlinux.fr/\\\$arch" >> /etc/pacman.conf
echo -e "\\n[haskell]\\nServer = http://www.kiwilight.com/\\\$repo/\\\$arch" >> /etc/pacman.conf
# additional groups and utilities
pacman --noconfirm -Syu
pacman --noconfirm -S base-devel
pacman --noconfirm -S yaourt
# sudo
pacman --noconfirm -S sudo
cp /etc/sudoers /tmp/sudoers.edit
sed -i "s/#\s*\(%wheel\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
sed -i "s/#\s*\(%sudo\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
visudo -qcsf /tmp/sudoers.edit && cat /tmp/sudoers.edit > /etc/sudoers
# power
pacman --noconfirm -S acpi acpid acpitool cpufrequtils
yaourt --noconfirm -S powertop2
sed -i "/^DAEMONS/ s/)/ @acpid)/" /etc/rc.conf
sed -i "/^MODULES/ s/)/ acpi-cpufreq cpufreq_ondemand cpufreq_powersave coretemp)/" /etc/rc.conf
# following requires my acpi handler script
echo "/etc/acpi/handler.sh boot" > /etc/rc.local
# time
pacman --noconfirm -S ntp
sed -i "/^DAEMONS/ s/hwclock /!hwclock @ntpd /" /etc/rc.conf
# wireless (wpa supplicant should already be installed)
pacman --noconfirm -S iw wpa_supplicant rfkill
pacman --noconfirm -S netcfg wpa_actiond ifplugd
mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig
echo -e "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=network\nupdate_config=1" > /etc/wpa_supplicant.conf
# make sure to copy /etc/network.d/examples/wireless-wpa-config to /etc/network.d/home and edit
sed -i "/^DAEMONS/ s/)/ @net-auto-wireless @net-auto-wired)/" /etc/rc.conf
sed -i "/^DAEMONS/ s/ network / /" /etc/rc.conf
echo -e "\nWIRELESS_INTERFACE=wlan0" >> /etc/rc.conf
echo -e "WIRED_INTERFACE=eth0" >> /etc/rc.conf
echo "options iwlagn led_mode=2" > /etc/modprobe.d/iwlagn.conf
# sound
pacman --noconfirm -S alsa-utils alsa-plugins
sed -i "/^DAEMONS/ s/)/ @alsa)/" /etc/rc.conf
mv /etc/asound.conf /etc/asound.conf.orig || true
#if alsamixer isn't working, try alsamixer -Dhw and speaker-test -Dhw -c 2
# video
pacman --noconfirm -S base-devel mesa mesa-demos
# x
#pacman --noconfirm -S xorg xorg-xinit xorg-utils xorg-server-utils xdotool xorg-xlsfonts
#yaourt --noconfirm -S xf86-input-wacom-git # NOT NEEDED? input-wacom-git
#TODO: cut down the install size
#pacman --noconfirm -S xorg-server xorg-xinit xorg-utils xorg-server-utils
# TODO: wacom
# environment/wm/etc.
#pacman --noconfirm -S xfce4 compiz ccsm
#pacman --noconfirm -S xcompmgr
#yaourt --noconfirm -S physlock unclutter
#pacman --noconfirm -S rxvt-unicode urxvt-url-select hsetroot
#pacman --noconfirm -S gtk2 #gtk3 # for taffybar?
#pacman --noconfirm -S ghc
# note: try installing alex and happy from cabal instead
#pacman --noconfirm -S haskell-platform haskell-hscolour
#yaourt --noconfirm -S xmonad-darcs xmonad-contrib-darcs xcompmgr
#yaourt --noconfirm -S xmobar-git
# TODO: edit xfce to use compiz
# TODO: xmonad, but deal with video tearing
# TODO: xmonad-darcs fails to install from AUR. haskell dependency hell.
# switching to cabal
# fonts
pacman --noconfirm -S terminus-font
yaourt --noconfirm -S webcore-fonts
yaourt --noconfirm -S fontforge libspiro
yaourt --noconfirm -S freetype2-git-infinality
# TODO: sed infinality and change to OSX or OSX2 mode
# and create the sym link from /etc/fonts/conf.avail to conf.d
# misc apps
#pacman --noconfirm -S htop openssh keychain bash-completion git vim
#pacman --noconfirm -S chromium flashplugin
#pacman --noconfirm -S scrot mypaint bc
#yaourt --noconfirm -S task-git stellarium googlecl
# TODO: argyll
POST_EOF
# Post install in chroot
#echo "chroot and run /post_install"
chroot /install /post_install
rm /install/post_install
# copy grub.efi file to the default HP EFI boot manager path
mkdir -p ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/
mkdir -p ${INSTALL_TARGET}/boot/EFI/BOOT/
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/bootmgfw.efi
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/BOOT/BOOTX64.EFI
cp /root/root.gpg ${INSTALL_TARGET}/boot/
# NOTES/TODO -
I am struggling to work with spot colours, using scanned images edited in Photoshop for use in InDesign to then go to print.
We print to two plates to save money for our publication. In this case magenta and black.
I could use the spot colour mode but that works with curves and I only want a certain part magenta. Imagine a business card with a gloss finish where I only want to apply it to certain part ie the name of the employee, using a curve would match a certain shade therefore this method would be unsuitable.
I have also tried using channels, one grayscale and one magenta, but using the file types either InDesign bugs or it comes out in mono.
It isn't possible to recreate the logo in InDesign, if only it was this easy...
If someones already discussed this, I can't find it, but if someone could point me in the right direction—I'd be very grateful!
Using Photoshop CS4, InDesign CS4. Access to Adobe Cloud at home...I'm assuming at least some people on here must have experience of the Scintilla control for creating a Notepad++ type application. I'd like to use this control, unfortunately there is very little in the way of documentation or working examples
around
>unfortunately there is very little in the way of documentation
Have you read all of this?
Scintilla Documentation
http://www.scintilla.org/ScintillaDoc.html
>or working examples around
Have you examined this project in detail?
SciTE is a SCIntilla based Text Editor.
http://www.scintilla.org/SciTE.html
SciTE Documentation
http://www.scintilla.org/SciTEDoc.html
- Wayne -
Hi ,
Oracle 11R2 enterprise edition asm
We have cbsprod primary database on server and planning to create standby database .
I want to use "log_file_name_convert" and "db_file_name_convert" .
Plz let me know how the above parameters will be utilized by considering following info
Details on PRIMARY :
GROUP# STATUS MEMBER
1 +DATA1/cbsprod/onlinelog/group_1.262.813692221
1 +DATA1/cbsprod/onlinelog/group_1.263.813692221
2 +DATA1/cbsprod/onlinelog/group_2.264.813692221
2 +DATA1/cbsprod/onlinelog/group_2.265.813692221
3 +DATA1/cbsprod/onlinelog/group_3.266.813692221
3 +DATA1/cbsprod/onlinelog/group_3.267.813692221
4 +REDOCONTROL01/cbsprod/onlinelog/group_4.256.813773233
4 +REDOCONTROL02/cbsprod/onlinelog/group_4.256.813773235
5 +REDOCONTROL03/cbsprod/onlinelog/group_5.256.813773335
5 +REDOCONTROL01/cbsprod/onlinelog/group_5.257.813773335
6 +REDOCONTROL02/cbsprod/onlinelog/group_6.257.813773375
6 +REDOCONTROL03/cbsprod/onlinelog/group_6.257.813773375
7 +REDOCONTROL01/cbsprod/onlinelog/group_7.258.813773443
7 +REDOCONTROL02/cbsprod/onlinelog/group_7.258.813773443
8 +REDOCONTROL03/cbsprod/onlinelog/group_8.258.813773461
8 +REDOCONTROL01/cbsprod/onlinelog/group_8.259.813773461
9 +REDOCONTROL01/cbsprod/onlinelog/group_9.260.813773465
9 +REDOCONTROL02/cbsprod/onlinelog/group_9.259.813773465
Details on Standby database :
SQL> select GROUP#,STATUS,MEMBER from v$logfile order by GROUP#;
GROUP# STATUS MEMBER
1 +DATA1/cbsdr/onlinelog/group_1.262.813692221
1 +DATA1/cbsdr/onlinelog/group_1.263.813692221
2 +DATA1/cbsdr/onlinelog/group_2.264.813692221
2 +DATA1/cbsdr/onlinelog/group_2.265.813692221
3 +DATA1/cbsdr/onlinelog/group_3.266.813692221
3 +DATA1/cbsdr/onlinelog/group_3.267.813692221
4 +REDOCONTROL01/cbsdr/onlinelog/group_4.256.813773233
4 +REDOCONTROL02/cbsdr/onlinelog/group_4.256.813773235
5 +REDOCONTROL03/cbsdr/onlinelog/group_5.256.813773335
5 +REDOCONTROL01/cbsdr/onlinelog/group_5.257.813773335
6 +REDOCONTROL02/cbsdr/onlinelog/group_6.257.813773375
6 +REDOCONTROL03/cbsdr/onlinelog/group_6.257.813773375
7 +REDOCONTROL01/cbsdr/onlinelog/group_7.258.813773443
7 +REDOCONTROL02/cbsdr/onlinelog/group_7.258.813773443
8 +REDOCONTROL03/cbsdr/onlinelog/group_8.258.813773461
8 +REDOCONTROL01/cbsdr/onlinelog/group_8.259.813773461
9 +REDOCONTROL01/cbsdr/onlinelog/group_9.260.813773465
9 +REDOCONTROL02/cbsdr/onlinelog/group_9.259.813773465
18 rows selected.
The same situation for datafiles :
Datafiles on primary resides on +DATA1/cbsprod/datafiles/
+DATA2/cbsprod/datafiles/
+DATA3/cbsprod/datafiles/
+DATA4/cbsprod/datafiles/
+DATA5/cbsprod/datafiles/
+DATA6/cbsprod/datafiles/
+DATA7/cbsprod/datafiles/
+DATA8/cbsprod/datafiles/
+DATA9/cbsprod/datafiles/
Datafiles on standby resides on +DATA1/cbsdr/datafiles/
+DATA2/cbsdr/datafiles/
+DATA3/cbsdr/datafiles/
+DATA4/cbsdr/datafiles/
+DATA5/cbsdr/datafiles/
+DATA6/cbsdr/datafiles/
+DATA7/cbsdr/datafiles/
+DATA8/cbsdr/datafiles/
+DATA9/cbsdr/datafiles/Enter below parameters in INIT<SID>.ORA file.
*.log_file_name_convert='<path of logfile in PR>','<path of logfile in DR>'
*.db_file_name_convert='<path of dbfile in PR>','<path of dbfile in DR>'
If there are multiple log and db destinations:
*.log_file_name_convert='<1st path of logfile in PR>','<1st path of logfile in DR>','<2nd path of logfile in PR>','<2nd path of logfile in DR>',...
*.db_file_name_convert='<1st path of dbfile in PR>','<2nd path of dbfile in DR>','<1st path of dbfile in PR>','<2nd path of dbfile in DR>',...
In your case:
*.log_file_name_convert='+DATA1/cbsprod/onlinelog/','+DATA1/cbsdr/onlinelog/','+REDOCONTROL01/cbsprod/onlinelog/','+REDOCONTROL01/cbsdr/onlinelog/','+REDOCONTROL02/cbsprod/onlinelog/','+REDOCONTROL02/cbsdr/onlinelog/',' REDOCONTROL03/cbsprod/onlinelog/','REDOCONTROL03/cbsdr/onlinelog/'
*.db_file_name_convert='+DATA2/cbsprod/datafiles/','+DATA2/cbsdr/datafiles/','+DATA3/cbsprod/datafiles/','+DATA3/cbsdr/datafiles/','+DATA4/cbsprod/datafiles/','+DATA4/cbsdr/datafiles/','+DATA5/cbsprod/datafiles/','+DATA5/cbsdr/datafiles/','+DATA6/cbsprod/datafiles/','+DATA6/cbsdr/datafiles/','+DATA7/cbsprod/datafiles/','+DATA7/cbsdr/datafiles/','+DATA8/cbsprod/datafiles/','+DATA8/cbsdr/datafiles/','+DATA9/cbsprod/datafiles/','+DATA9/cbsdr/datafiles/'
Note: Put "/" at the end of path.
Edited by: 1009303 on Jun 2, 2013 12:47 AM -
Apple ID for different devices?
I have an iPad2 and I just purchased an iPad Mini for my wife.
I want to be able to transfer my app purchases on my iPad2 to my wife's iPad Mini, and to do so, I know that I have to use the same Apple ID for her iPad Mini as I have for my iPad2.
How will keeping the same Apple ID for the two devices affect the following:
1) Can my wife set up a different email address for her account for her Mail app on her iPad Mini than I am using on my iPad2?
2) Will having the same Apple ID affect our ability to communicate with each other using FaceTime on our two devices?
Thanks for your help.1. Your wife can set up her own email account on her Mini without any issues at all.
2. You can use one Apple ID one both devices and set up and use FaceTime and Messages on both devices without having to set up another Apple ID. You will howver have to add an additional email address for her to be contacted at in the FaceTime and Messages setting - and then remove the Apple ID email address as the "contact at" email address from the settings in both apps.
I have 4 devices (including my Mac) that I use one Apple ID on and can FaceTime and Message from all devices to all devices because I entered different contact at email addresses on 3 of the devices.
You may want to consider having your wife set up an Apple ID just to make it easier to use FaceTime and Messages and so that she can have her own iCloud account. If she will sync with iTunes and has no real interest in iCloud, having her own ID will be a non issue in that regard.
Maybe you are looking for
-
Itunes only freezes? PLEASE help!!!!
I have called a number to have them fix it i have emailed and uninstalled then reistalled many many times. What happens is, iTunes will open up, but before i have any time to do anything, it will freeze, and my only option is ctrl alt delete. i am de
-
Javascript and Struts HTML problem
Hi all, I write the following script in my jsp page, but this one does not produce the output at all : <script type="text/javascript"> document.write("<input type="button" value='<bean:message key="btn.show"/>' onclick='onShowClick(this.form,"<b
-
When I connect my iPod to my mac, it is reconized by profiler, so the usb ports definetly works, but will not open in iTunes, when I had a pc it would just automaticlly open, it dosen't here.
-
I'm having a Leopard installation problem I haven't seen discussed, so here goes. Installation appears to go as it should (taking about an hour). I get a screen saying installation was successful and a count-down to restart. I click restart. GRAY scr
-
ITunes on a new computer won't sync music or ringtones to my iPhone
Hi, I recently bought a new computer (Acer touch screen Aspire V5) which uses Windows 8. I downloaded the latest iTunes (11.0.4.4) I authorised my computer to my iTunes account and was able to download my iTunes purchases and add music from my old co