The Best OS: Install Gentoo Linux on an encrypted btrfs root with optional Sway WM.
HTML-код
- Опубликовано: 27 июн 2024
- In this video we install Gentoo, a source-based Linux operating system from installation media we created in a previous video. Our Gentoo system is a two-partition system with an encrypted BTRFS root, high levels of binary optimization, and a minimal package set, plus an optional Wayland-based tiling window manager: Sway. Our Sway environment includes Waybar, Foot, CMUS, MPV, IMV, Firefox, Nano, Ranger and nmtui.
*GitHub Index Repo*: github.com/libreisaac/gentoo-...
(github dot com slash libreisaac slash gentoo-installation-guide-resources)
*Repositories For This Channel": github.com/libreisaac?tab=rep...
(github dot com slash libreisaac questionmark tab equals repositories)
Installation Media Creation:
From a Linux environment: • Create Gentoo installa...
From a Windows environment: • Create Gentoo installa...
This is an updated version of the old guide which rolls Gentoo and Sway installation into a single video. The key differences from the (now unlisted) originals are:
1. Installing and enabling sysklogd for logging, chronyd for time synchronization, and chronie for scheduled tasks.
2. Launching greetd via the `inittab` file, rather than a (dodgy) service.
3. Installing imv to view images from the terminal.
Chapters
00:00 Introduction
01:05 Installation Media Creation
01:25 Booting Into the Installer
01:57 Initializing the Installer
02:15 Partitioning Your Disk
04:14 Encrypting the Root
04:55 Creating & Mounting Filesystems
07:39 Connecting to WiFi
08:42 Downloading the Stage3
10:01 Verifying & Unpacking the Stage3
11:30 Localizing Your System
13:18 Creating your FS Table
14:35 Configuring Grub
15:44 Configuring Portage
25:41 Looking up Packages & USE Flags
27:08 Changing Root
28:32 Applying Localization Configuration
29:12 Setting CPU Flags
29:59 Recompiling Everything & Troubleshooting Portage
31:39 Emerging Rust
32:15 Emerging Core Packages
32:29 Configuring Doas
33:03 Configuring Greetd
34:07 Configuring Your Services
35:23 Creating & Managing Users
35:58 Compiling your Kernel
37:50 Installing the Grub Bootloader
38:15 Booting into Gentoo
38:40 Locking Root & Running NMTUI
38:57 Fixing the Logging Service
39:52 Installing Sway
42:40 Necessary Sway Config Changes
43:27 Emerging Firefox
43:58 Demoing Sway
49:50 Waybar Config
50:14 Foot Config
50:32 Outro
Installed Packages:
Gentoo Base System:
- sys-kernel/gentoo-sources (Linux Kernel source code)
- sys-kernel/genkernel (Linux Kernel compiler)
- sys-kernel/installkernel (Linux Kernel installer)
- sys-kernel/linux-firmware (Kernel firmware/drivers)
- sys-fs/cryptsetup (Disk encryption)
- sys-fs/btrfs-progs (BetterFS filesystem utilities)
- sys-boot/grub (Bootloader)
- sys-apps/sysvinit (Initialization System)
- sys-block/parted (Disk manager)
- sys-auth/seatd (Session provision)
- sys-apps/dbus (Session extension)
- sys-apps/pciutils (Hardware device utilities)
- app-admin/sysklogd (System logger)
- sys-process/cronie (Scheduled tasks)
- net-misc/chrony (Time synchronization)
- net-misc/networkmanager (Internet & WiFi management)
- app-admin/doas (Privilege escalation; 'run as admin')
- app-shells/bash-completion (Terminal autocompletion extensions)
- dev-vcs/git (Source code version control system)
- gui-libs/greetd (Login screen manager)
- gui-apps/tuigreet (Login screen)
- app-editors/nano (Text editor)
- app-portage/cpuid2cpuflags (CPU flag utility for Portage)
Sway Window Environment:
- sway (Tiling window manager)
- waybar (Status bar)
- fontawesome (Icon font for status bar)
- swaylock (Lock screen)
- swayidle (Inactivity timeouts)
- swaybg (Background configuration)
- suspend (Sleep)
- foot (Graphical terminal)
- ranger (File explorer)
- cmus (Music player)
- htop (Task manager)
- grim (Screenshot)
- slurp (Screenshot regions)
- wl-clipboard (Screenshot to clipboard)
- alsa-utils (Sound device manager)
- imv (Terminal-launched image viewer)
- mpv (Terminal-launched video player)
- pipewire (System sound provision)
- wireplumber (Pipewire controls)
- bemenu (App launcher)
- firefox (Graphical web browser) Наука
CORRECTIONS: Pipewire Fixes, Pipewire User Group & WiFi setup during installation.
UPDATES: Python 3.12 is now the default target in Gentoo. Once I've run through to check everything works without needing additional configuration, the template will be updated, and no manual change need be made for new installations.
PIPEWIRE USER GROUP:
After setting up the Sway desktop environment, you'll want to run `usermod [username] -aG pipewire` to give your user account control over Pipewire.
WIFI SETUP DURING INSTALLATION:
Unfortunately I missed a couple steps when describing connecting to WiFi; prior to entering the `wpa_cli`:
- Run `nano /etc/wpa_supplicant/wpa_supplicant.conf` to create a WPA Supplicant configuration file.
- Add `ctrl_interface=/run/wpa_supplicant` on the first line of the file.
- Add `update_config=1` to the second line of the file.
- Save the file and exit Nano with `CTRL + S` and `CTRL + X`.
- Start the `wpa_supplicant` service with `rc-service wpa_supplicant start`.
Then run `wpa_cli` as described, configuring and enabling a network. Once you've finished, you can run `rc-service wpa_supplicant restart` to connect.
Once the system is set up and booted into, `nmtui` makes managing WiFi networks a breeze.
PIPEWIRE FIXES:
Skip this section if you didn't install Gentoo with the provided desktop environment via this guide before 2024-05-05 17:38 UTC.
Pipewire should have the `sound-server pipewire-alsa` USE flags added. If you installed Gentoo using this guide, with the desktop environment, previously, you should check `media-video/pipewire sound-server pipewire-alsa` is present in your `package.use` file. The volume down command in the `.config/sway/config` file had a typo previously (`set-colume`), and did not launch Wireplumber alongside Pipewire; old installations will need to fix the typo and add `exec dbus-launch --exit-with-session wireplumber` under line 199 which launches Pipewire the same way.
May want to add a note now that Gentoo is switching to python 3.12 as default target starting 20240601!
Bro pin this comment
I didn't have the ability to pin comments previously, but looks like I do now! Cheers for the reminder. 😊
What a coincidence! I was trying to install gentoo with this exact setup for the last few days, and now this video pops up in my recommended videos section! Thank you a lot, this video is gonna be really useful for me :)
The quality and scope of this video is waaay better than the viewcount and empty comment section might suggest. I initially only clicked for the disk encryption part but ended up watching the whole thing and learning a bunch of new stuff doing so. Thanks for sharing your knowledge and configs, good job dude
It's niche content, I wouldn't expect a million views, but very happy to hear you got value out of it! 🙂
Now this is the good shit, earned my sub
better than any other how to I have seen
Great informative content! I was having some minor issues setting up my own spin on this (I have some strong preferences for other pieces of software), but the info contained in here is pure gold. Thanks a lot for taking on what I assume was a massive amount of time & effort, not just on the video but making the information available on your github as well, very cool!
ps the links to the github are not working in the description, it's truncated, easy enough to find, but may want to fix for someone out there struggling!
Glad to hear it helped you! I like to hear about strong preferences-customizability is part of why we choose Gentoo, after all. 😉
I'll see if I can do anything about the links. YT gives me a warning when saving them in the description saying they won't be clickable until my channel is 'verified' either by showing ID (no thanks) or after some indeterminate time of being in good standing, but if they're truncated too I'll try to work around it. Thanks for the heads up!
Lmk if there's anything else you'd like to see covered. I've got a laundry list of topics I'm planning on going over, been focusing more on dev work the past month or so, but getting an itch to make some more videos.
@@libreisaac I'd love to see the video you hinted at being a possibility, a more in depth delve on manually building a kernel. For now I just consider myself to know just enough to be dangerous 😆, I'll be checking out all your future stuff regardless to sift more nuggets into my wetware! thanks again 🙇
Oh one other thing I happened to notice in the eselect news in case anyone from the future comes across this, but Gentoo is changing the default Python target from 3.11 to 3.12 on 2024-06-01.
I don't comment on videos very often but starting it off by saying "Hello there" requires me to say "General Kenobi!"
Just 35 subscribers for this channel is criminally low, that's for sure. Many thanks to you for preparing this amazingly detailed video, which obviously is the product of a lot of effort. I learned a bunch of new stuff thanks to you. Greetings from Turkey ❤
Just a small question: which one of the compilers provided by Gentoo would be the best to choose, for a laptop setup with glibc for daily driving (gaming and programming included) ? GCC, or Clang/LLVM?
I have an Nvidia Discrete GPU (3070 Ti) and AMD Integrated GPU (the one which comes with the R7 6800H CPU). I have to use Steam and I refrain from using the Flatpak version of it as much as possible, because it causes performance issues, so glibc seems necessary. Thanks in advance 🙏
Glad you got value out of it!
GCC is the better default, but you're very likely end up with both installed. You can use package.env + an env file with CC and CXX etc variables to change compiler on a per-package basis.
@@libreisaac thanks. I'm assuming that it's also possible to do the same thing with musl? (I'm talking about using glibc as the main system library, and using musl when desired.)
Thanks a lot Issac. Make more helpful videos.
I'm an ex Gentoo user. My main struggles with Gentoo were mostly getting all USE flags and especially Kconfig options to work together. Plus, I had a trash PC (Intel Pentium), so compilation took an eternity.
Maybe give it a shot again, try it out in a VM. Gentoo now has binaries available for some of the heavier loads.
Very Nice content! I had a doubt on solving my graphics driver issues. The thing is that I have a laptop with 2 graphics cards. First one is the integrated intel graphics card Intel HD 5500 and the other one is the dedicated graphics card which is AMD RADEON R5 M330.(Basically Radeon 300 series before June 2015) Even when I installed arch linux on this machine, I had issues because the integrated graphics card was a VGA controller while my dedicated graphics card was only the display controller/ renderer. It is a common issue on laptops with dual graphics cards and the mobile gpu is only limited to rendering.
I tried to install the graphics driver for the radeon graphics card. Which was xf86-video-ati. The thing is that it is a legacy graphics driver and for some reason when I tried to run DRI_PRIME=1 on any sort of application, I would get memory allocation errors, the applications would hang and then I would have to force shutdown my laptop.
That's why I would just use my integrated graphics card. But, sometimes I require using my dedicated gpu for gpu intensive applications.
But I couldn't use my dedicated gpu.
I haven't tried a hybrid setup of this nature before, so I can't say for certain. What were your VIDEO_CARDS flags? You shouldn't have needed to install any drivers manually.
wiki.gentoo.org/wiki/AMDGPU#Identifying_which_graphics_card_is_in_use has troubleshooting steps, probably you would want `intel radeonsi`.
@@libreisaac Thanks! I thought I would need to write intel and radeon(legacy gpu card) because my Amd radeon r5 m330 release date was before june 2015 so it is not supported by amdgpu
Got wifi working, had some issue where dhcpcd was running when it shouldn't have because networkmanager doesnt play nice with it, now working on the firefox thing, I will attempt to fresh install it then if that doesnt work ill try with firefoxbin
Now do a FreeBSD From Scratch tutorial :3
following this mostly verbatim, i'm running into an issue where initramfs cannot locate the luks device, and dropping into the rescue shell i'm unable to find it either in /dev/mapper. my laptop has two nvme drives on it, but i don't think that should be an issue. i spent a day or so troubleshooting the UUIDs but still no luck
looking at the wiki page on dm-crypt, i noticed a lot of the kernel modules there aren't mentioned in this video. is it worth trying to enable those? great video btw -- glad to see someone doing an install guide that uses LUKS :)
semi-related, but emerging neovim requires i set LUA_SINGLE_TARGET to "lua5-1" -- as someone new to gentoo but familiar with linux, is there a way to override this so it uses a newer lua version? ty :)
On the grub menu, you can press a key to edit the boot script for the highlighted entry. I can't remember off the top of my head for certain what the key is-I think it's 'e', but the only laptop I have to hand is one I changed to use the EFI stub boot setup to help another person in the comments here. It should say under the box containing the Grub boot options.
If you open that, and look for the line containing your drive's UUID, what, exactly, does it say?
Also, in the recovery shell, if you try `cryptsetup luksOpen /dev/nvme0p1 root`, does it work, or does cryptsetup not exist?
The necessary modules should be automatically selected with the `--luks` argument passed to Genkernel; if the steps you changed were around the kernel compilation, it's possible it could be the kernel or initramfs which is the problem, but if cryptsetup is available in the initramfs, it's unlikely.
For Neovim, you can't tell it to use 5.4, unless there's an unstable version which uses that lua version. You can, however, add lua5_1 or luajit to LUA_TARGETS, then add the following flags to your package.use:
app-editors/neovim -lua_single_target_lua5-4 lua_single_target_luajit
dev-lua/luv -lua_single_target_lua5-4 lua_single_target_luajit
I also have 'python' on Neovim, and 'npm ssl' on net-libs/nodejs, I believe all three are optional, but required for many LSPs
@@libreisaac the grub editor shows all the proper partitions, and the rescue shell has cryptsetup enabled, but for some reason the part (nvme0n1p1) doesn't show up in /dev/. I'm reinstalling from scratch currently as i may have missed a step somewhere so i can follow up with a bit more info if it fails again
ty for the advice on nvim !
Interesting. Was it just that partition, or nvme in general? When configuring the kernel, check the modules listed in wiki.gentoo.org/wiki/Nvme
Just in case you're not aware, you can luksOpen and chroot off the installation media to enter your env to make changes without needing to reinstall everything again, but doing a reinstall can't hurt. You may want to skip the full recompile step and do it later on when you've got the system booting. You could also skip manually installing Rust, which will result in the binary version being pulled in with Tuigreet, saving additional time, again you can clean up once you're booted successfully.
@@libreisaac i'll check the nvme section - ty ! :)
same error again, the grub editor shows the following:
linux /vmlinuz-(kernel-version-architecture) root=UUID=(unencrypted root uuid) ro rootflags=subvol=activeroot crypt_root=(/dev/nvme uuid) quiet
so i think it may be an nvme-support issue. i'll give configuring the kernel some more a shot and if its successful i'll post the changes here on the offchance someone else winds up needing to do something similar
Hey, i was following the tutorial and after rebooting it looks like my entire filesystem was mounted as readonly somehow. Do you have any idea what went wrong?
When booting, Linux mounts your FS as readonly, and at a later step remouts as writable when it's deemed safe to do so. Something is wrong with your boot config.
What does the booted system look like? Do you get Tuigreet, or just a terminal? If Tuigreet, can you log in?
Assuming you can access a terminal:
1. Lsblk to see what's mounted. If any of the mount points described by the guide (/, /home, /boot or /efi) don't exist, that's the first place to look in your fstab.
2. Check your /etc/fstab and UUIDs against blkid, and the options against those in the video. Make sure you're using UUID and not PARTUUID.
3. Check the /etc/inittab again
4. Check /boot/grub/grub.cfg (might be slightly different path, going off the top of my head as I'm on my phone). There should be lines with root=UUID=X and crypt_root=UUID=X. Root may be PARTUUID. The crypt_root UUID should match the UUID from blkid /dev/sda2, and root UUID/PARTUUID should match the corresponding value for the decrypted partition, which should iirc be mounted to /dev/mapper/root.
If you can rc-status boot, both fsck and root should be running.
If you notice an error in a config file, you can reboot with the installation media, cryptsetup luksOpen, mount up and edit with Nano. If you can't actually run commands in your booted env, most stuff can be done in this env too.
@@libreisaac thanks for your answer! My system boots into tuigreet like any normal install would. I can run commands just fine with the exception of anything that needs to write to disk. I did notice an error in my fstab where my boot partition wasn't being mounted correctly due to a typo so i went and fixed that, however all the other uuids seem to match and everything seems to be running fine in rc-status other than systemd-tmpfiles-setup and NetworkManager. Do you have any other idea on what might be wrong?
this is a very cool and detailed video but i would not recommend setting the make.conf like he did, especially for beginners.
using -03 and lto in your common flags is suicidal in most cases and can create issues no beginner would be able to solve, the potential 5 to 10% performance increase (and im being very generous here) is not worth the risk, just stick with defaults where you can.
even for advanced users i think it's better to enable lto on a per package basis simply by adding the lto where needed.
Can you give some examples of packages where these settings cause issues which are anything worse than a compilation failure?
In the case of compilation failure, it's merely a case of applying a different env-a time sink for large packages like Firefox, but hardly suicidal.
Runtime failures used to be relatively common, but this is a serious software bug-relying on undefined behaviour usually has much worse implications than 'it doesn't support some compiler optimizations'. If you know of packages which have such failures, I'd be happy to go bug the maintainers.
There is a legitimate tradeoff in compilation time, but my personal opinion is that compilation time is seriously overstated as a problem for users-it only blocks a user on first install of a given piece of software. For development, longer compilation can be a massive pain, but nobody should be using Portage to handle iterative development builds.
@@libreisaac i don't have any specific package in mind i was just saying this as general advice, a compile time error can already be a big headache for a beginner, it will only cause frustration especially if we are talking about packages that take forever to compile..
it might not be obvious to the user why the compilation failed, and at the end that's just hours of compilation time down the drain for something that could have been avoided in the first place..
from my knowledge gcc -03 is barely tested, it's very cool some users are willing to do it but personally i would not trust my entire system to be build on it, even with all the sanitizers and safeguards, code will be buggy and unsafe, especially c code, so unless i have full trust on what was written or the performance gain is substantial i will pass.
to people who know what they are doing all kudos to you, i heard lto has come a long way in gentoo (otherwise the lto flag would not exist) but i just don't think the risk/reward is worth it for first timers.
Can you not use fdisk or gdisk to part the disk?
Any disk partitioning utility will do, I'm just fond of parted myself.
I don't recommend using -O3 it might degrade your performance for some programs and will make binaries larger due to loop unrolling (-02 does make big binaries too but theres -Os for that) and some packages wont compile, using -O2 with setting proper cflags and rustflags is the safest and fastest option for a desktop, i do hear some people have used -O3 for ages and haven't got any problems but most of the time they have not benchmarked it, -O3 really depends, sometimes a little faster or slower, use whatever -O you want i guess, but i prefer and recommend -O2
also to the viewers, read the gentoo wiki, contributors spent there time to write very good documentation, its better then the arch wiki, not to be that RTFM guy but you really should
TLDR; -O3 can be slower and buggier, you shouldnt use it systemwide, only use it for programs you know which work better with -O3
In GCC and LLVM, O3 is faster. Particularly when comparing march=native on O2 and O3. Clang, at least in the benchmarks I've seen, can be more spotty, but still O3 is generally faster.
In very old hardware, or cache constrained systems, O2 may be faster, but Os is likely to be even faster than O2, and these are niche, not a good general rule. O3 doesn't enable funroll-loops, and hasn't for a very long time. It does loop transformations, but more selective, well thought out transformations than were enabled by the optimization level in the past.
Two decades ago it was true that O3 was generally slower, and quite buggy (the optimization level was not what was buggy, however-the software being compiled was buggy, relying on undefined behaviour, and those bugs were revealed by O3). A decade ago, O3 was often faster, and in most, but not all software, the bugs it revealed were patched. Nowadays, if O3 breaks a piece of software, you probably shouldn't be using that software. I personally haven't encountered anything which needs a lower optimization level-I suspect realistically, only long abandoned drivers for ancient hardware are causes for concern for the average user. On the vast majority of modern systems, it will be faster than O2. Rust uses O3 for this reason.
The differences are not huge, and the compilation times *are* non-trivially longer, but personally, I think people make far more of a big deal about compilation times than they warrant. Still, some people really do care, and those people would probably be better served with O2 because the gains O3 yields are not generally large. LTO is even worse for compilation times, though in some cases it can yield quite significant performance improvements, so it's a trickier tradeoff for those people.
Agree that people should read the wiki, and I'll outright say people *should* RTFM.
after installing sway and all of its dependencies when i reboot into the greeter and try to login im hit with some type of eglintilialise error as well as base screen init failed
Likely graphics driver/config related. What's your GPU, and the value of /etc/portage/make.conf VIDEO_CARDS? And how many cardX values do you see when running ls /dev/dri (you can hit F2 in greetd to change the sway script to /bin/bash to login to a terminal).
@@libreisaac 1060ti, nouveau and when i run ls /dev/dri i see "by-path", "card0" and "renderD128"
@@libreisaac nvidia 1060ti, nouveau and when i run "ls /dev/dri/" it shows "by-path", "card0" and "renderD128".
If you modify the sway script to have --unsupported-gpu does it work?
Or if you hit e on the grub menu, and add 'nvidia-drm.modeset=1' to the kernel params after crypt_root? (If this fixes it, you'll need to edit /etc/default/grub, remove grub from /boot and regenerate).
Does your CPU have integrated graphics?
In GRUB_CMDLINE_LINUX_DEFAULT is it "crypt_root" or "cryptroot" ?
In gentoo, it's crypt_root. It can be different in other distros though.
@@libreisaac OK :) I ask because earlier you use /dev/mapper/cryptroot path (not /dev/mapper/crypt_root) but if I understand well, it is irrelevant... right?
Yep, that's just the name used during installation, and it could really be anything you liked. Doesn't have an impact on the installed system.
Mod4 + V doesn't open alsa mixer, I am unsure why, it may have been after I updated everything, I tried to reinstall the alsa-utils to fix but didn't work, I did not change my kernel, and it was working yesterday
Also the Firefox and Firefox-bin work but still don't show the screen they have some odd fragmentation-white screen
What output do you get running 'alsamixer' in a terminal?
Can you launch Firefox from a terminal with 'Firefox -safe-mode'? If so, does it work launching without safemode after disabling hardware acceleration?
@@libreisaac alsa-mixer and alsamixer display the same thing: bash command not found
Safe mode for Firefox works fine, in the settings after unchecking use hardware accel when available for Firefox and reopening it still doesn't work and if I edit the about:config to change webgl.disabled to true it doesn't change (I briefly looked up to try and change it but I might be mistaken)
Also I greatly appreciate you helping me out for all of these
Wait my bad, I think I understand go into package.use and -hwaccel then update it, doin it now
You may have already said, but what exactly is your GPU setup and videocards flags? Including integrated graphics which aren't in use.
If you run 'emerge --info alsa-utils', what use flags are applied? Just to be doubly sure it's not some weird path issue, '/bin/alsamixer' definitely doesn't exist? Even in a root terminal ('doas -u root /bin/bash' then 'ls /bin/alsa*')
@@libreisaac I have an intel integrated video card, and I looked up the type and it shouldn't be the old one, it's compatible with virtual acceleration according to their websites, the flag is "Intel" I already tried the other Intel type thing and had the same issue from what I remember
EDIT: Intel(R) HD Graphics 4000
Running the info emerge: nls -bat -doc -ieee1394 -libsamplerate -ncurses (-selinux) ABI_X86=(64)
Doing ls: I got also info, alsactl, alsatplg and alsaucm, I remember it's meant to be here but for whatever reason it's not
Firefox cannot seem to find the profile, I fixed the vaapi issue, and for some reason the wifi card a Intel(R) Centrino(R) Advanced-N 6205, will not show up, I edited the kernel, looked up everything tried like 30 different things, nothing seems to work, the wifi card works completely find in livecd but not in the actual booted gentoo os
What do you mean by profile? The env profile? Make sure the structure is:
/etc/portage/
package.env -- Contains www-client/firefox no-lto
env/no-lto -- Contains the environment variable overlays
For the WiFi, you may need to try enabling binary redistributables for the Linux firmware package, reemerging it (on Ethernet or in the live env CD) and rebooting.
@@libreisaac I'll try the Wi-Fi solution you have real quick and I think it's the software profile with like specific settings or Your Firefox profile cannot be loaded. It may be missing or inaccessible
I have the env and no lto correct and safe mode works with Firefox for whatever reason
@@libreisaacthank you for some reason I thought I reemerged the firmware after uncommenting but I guess I hadn't it's popping up with ifconfig now
@@libreisaacWiFi works! Thank you
@@libreisaacerror for Firefox: JavaScript error: resource://gre/modules/XULstore.sys.mjs line 60 error can't find profile directory
Can't login to doas how do I reset the password into doas
What's the error you're getting?
Should be able to log in as root and modify the /etc/doas.conf file to fix whatever you did wrong.
On the login screen, hit F2, change the command to just `/bin/bash` to login to a terminal, log in as root, with whatever you set the password to on the first passed command, and open the config file in nano.
If the config file has the correct content ('permit :wheel'), then check the permissions are correct as in the doas config chapter (timestamps in the description), and make sure your user account is in the wheel group (usermod USERBAME - aG wheel).
When you run doas, you should be entering your user account password, not the root password.
If you can't even log in as root, you can always boot into the installation media again, and run the following:
cryptsetup luksOpen /dev/yourrootpartition cryptroot
mount /dev/mapper/cryptroot /mnt/gentoo -t btrfs -o defaults,noatime,compress=lzo,autodefrag,subvol=activeroot
Then run the same set of chroot commands as previously (see timestamps in description) and you then should be able to run passwd to change the root password and passwd USERNAME to change your user account's password.
It's entirely my bad I misunderstood something fundamentally, nothing went wrong
Thank you for the very quick reply
I got an error when rebooting into sway: warning on line 26 (//etc/sway/config) 'output * bg /usr/share/backgrounds/sway/Sway_Wallpaper_Blue_1920x1080.png fill': Unable to access background file '/usr/share/backgrounds/sway/Sway_Wallpaper_Blue_1920x1090.png'Error on line 26 (//etc/sway/config) 'output * bg /usr/share/backgrounds/sway/Sway_Wallpaper_Blue_1920x1080.png fill': Unable to access background file '/usr/share/backgrounds/sway/Sway_Wallpaper_Blue_1920x1090.png'
What's in 'nano ~/.config/sway/config'? You can hit F2 in Tuigreet to change the login command from the Sway script to '/bin/bash' to easily access a terminal. Iirc by default foot is on Win+Enter or Alt+Enter with a broken sway config, which is another option.
If that config file doesn't exist, you either missed the sway config step, or copied to the wrong location, and it's using the fallback. The description has timestamps, you can go through the sway config steps again (no need to re-emerge anything, just the Github and unpacking steps), or if you just put the sway config in the wrong place, you can move it to that directory.
If the file exists, you'll just need to find the offending line and comment it out/remove it/change it, or source the default Sway background image and place it in the location it's trying to read it from.
@@libreisaac the file ~/.config/sway/config exists
im going to try and manually add a default background
@@libreisaac manually putting a background did get it to boot with the background and curser but nothing else appears
Do you have a line near the top whose content is '# Programs'?
I tried running firefox after emerging:
Crash Annotation GraphicsCriticalError: |[0] [GFX1-]: vaapitest: ERROR (t=0.786429) [G
k+-]: vaapitest: ERROR
Crash Annotation GraphicsCriticalError: [[0] [GFX1-]: vaapitest: ERROR (t=0.786429) [1 fir FX1-]: vaapitest: VA-API test failed: failed to initialise VAAPI connection.
aon. (
(t=0.786494) [GFX1-]: vaapitest: VA-API test failed: failed to initialise VAAPI conne
console.error: ({})
X
/firconsole.error: (new TypeError("a is null", "resource://gre/modules/components-utils/moz
xl.js", 1))
I put firefox into the no lto
What GPU do you have, and what is the value of your VIDEO_CARDS variable in /env/portage/make.conf?
@@libreisaac I'm using a Fujitsu Life book t902 so the graphics are intel HD Graphics 4000 with 3rd generation Core i processors
@@libreisaac I think I might need to change over to Intel i965 for the video card in portage make conf
What about switching grub with efistub
I haven't tried this, so word of warning: might be completely wrong. Basing loosely off wiki.gentoo.org/wiki/EFI_stub
I'll give it a try at some point and report back w/ findings, but feel free to try and lmk if you run into issues in the meantime.
1. Swap out the `grub` use flag on `installkernel` in `package.use` with `efistub`. _May_ require additional use flag changes, which Portage should report.
2. When configuring the kernel, open `Processor types and features`, go to the bottom, where you should see a deselected option for `Built-in kernel command line`; enable it w/ space.
3. Enter on the new `Built-in kernel command string` option directly below.
4. Set to `cryptdevice=UUID=[UUID for encrypted root partition] root=PARTUUID=[PARTUUID for decrypted device (/dev/mapper/cryptroot)] rw quiet`.
5. When configuring services run `rc-update add kernel-bootcfg-boot-successful default` to add a boot entry to the EFI menu when boot succeeds.
And of course, skip all the grub-related steps in the video, don't install grub, etc.
@@libreisaac Okay I'll get back to you when I've finished the system, thank you.
@@libreisaac It doesnt prompt me for a passowrd and sys it couldnt find the root device ?
Spinning up a VM now
Took longer than I would have liked. Wound up having to do it on bare metal; my VM's UEFI firmware is a little borked, and the documentation is pretty lacking IMO, but eventually got a successful boot.
1. Boot back into your installation media & select keyboard layout
2. `cryptsetup luksOpen /dev/sda2 cryptroot`
3. `mount -t btrfs -o defaults,noatime,compress=lzo,autodefrag,subvol=activeroot /dev/mapper/cryptroot /mnt/gentoo`
4. Same again for `subvol=home` to `/mnt/gentoo/home`
5. Run the chroot mounts and commands again; timestamp in the video description will take you to the relevant part of the video.
6. Add `sys-kernel/installkernel ~amd64` and `sys-boot/uefi-mkconfig ~amd64` to your `/etc/portage/package.accept_keywords` file; `efistub` is not on the stable release.
7. `emerge --ask installkernel` should show the `efistub` use flag now; confirm to update it.
8. You'll need your relevant microcode package. For example, with an Intel CPU, I had to: add `sys-firmware/intel-microcode intel-ucode` to `package.license`, `sys-firmware/intel-microcode initramfs` in `package.use`, run through the WiFi connection steps in the corrections comment on this video (for WiFi), switch to a non-chrooted terminal and run `cp /etc/resolv.conf /mnt/gentoo/etc/resolv.conf`, then back in a chroot terminal run `emerge --ask intel-microcode`.
9. `genkernel --luks --btrfs --keymap --no-splash --oldconfig --save-config --menuconfig --install all`
10. Disable `Processor type and features -> Built-in kernel command line`, make `File systems -> DOS/FAT/EXFAT/NT -> MSDOS` and `VFAT` built-in (`*`, not `M`), and clear all options in `Device Drivers -> Graphics Support -> Frame buffer devices -> Support for frame buffer device drivers`, except `EFI-based Framebuffer Support` and `Simple framebuffer support`, save, and exit to compile. Should be much faster than previous compilations.
11. `mkdir -p /efi/EFI/gentoo`
12. `mv /boot/initramfs... /efi/EFI/gentoo/initramfs.img`
13. `mv /boot/vmlinuz... /efi/EFI/gentoo/vmlinuz.efi`
14. `mv /boot/System.map... /efi/EFI/gentoo`
15. `emerge --ask efibootmgr`
16. `efibootmgr --create --disk /dev/sda --part 1 --label "Gentoo" --loader "\EFI\gentoo\vmlinuz.efi" -u "crypt_root=UUID=[uuid from blkid /dev/sda2] root=/dev/mapper/root ro initrd=\EFI\gentoo\initramfs.img rootfstype=btrfs rootflags=subvol=activeroot quiet"`
You may also want to run `rm /boot/*.old` to clean up.
In future, for kernel updates, you'll build as usual, then `mv` the files in `/boot` again.
You can list boot entries with just `efibootmgr`, each has a hex number identifier like `Boot0017` where 0017 is the ID. You can delete an entry with `efibootmgr -b 0017 -B`
As you're relying on your computer's firmware, and UEFI implementations are notoriously loose with their interpretations of the spec (I've encountered this myself doing UEFI dev 😩), it's *possible* this won't work for you. I've included some steps (eg some of the driver options in the kernel) which don't seem to be necessary for _everyone_ to try to foolproof it. Lmk if you have any more problems.