Compare commits
No commits in common. "1a6c83140a01657d2b91d2e47494bd02b5d10f4b" and "2dd946d030802ac33140e3d7488ae103e090c6f6" have entirely different histories.
1a6c83140a
...
2dd946d030
1 changed files with 11 additions and 16 deletions
|
@ -23,8 +23,8 @@ It has been a painful experience, full of bugs and kernel panics.
|
|||
I've post some of them in the Fediverse.
|
||||
Like [here](https://mastodon.bsd.cafe/@release_candidate/112520904317829098) and [here](https://mastodon.bsd.cafe/@release_candidate/112128737628556050).
|
||||
|
||||
One of the weakest points that I've seen in NetBSD is the installer.
|
||||
If you need a simple installation *it just works* ™.
|
||||
One of the weakest point that I've seen in NetBSD is the installer.
|
||||
If you need a simple installation it just works ™.
|
||||
But as soon as you need some complex setup, like RAID mixed with encrypted partitions, or something similar, the installer is subpar.
|
||||
You will face some segfault from the installer, a kernel panic or another surprise.
|
||||
|
||||
|
@ -39,7 +39,7 @@ Now, even today I have no idea how to have actual full disk encryption with NetB
|
|||
I've seen [a wonderful tutorial for full-disk encryption for MBR-based systems](https://www.unitedbsd.com/d/461-netbsd-full-disk-encryption-with-cgd), but not for UEFI.
|
||||
And my laptop doesn't really like to boot in old MBR mode.
|
||||
|
||||
Following the [documentation on CGD drives](https://www.netbsd.org/docs/guide/en/chap-cgd.html#chap-cgd-example) and [the documentation on UEFI installations](https://wiki.netbsd.org/Installation_on_UEFI_systems/), I have a semi-full disk encryption.
|
||||
Following the [documentation of CGD drives](https://www.netbsd.org/docs/guide/en/chap-cgd.html#chap-cgd-example) and [the documentation on UEFI installations](https://wiki.netbsd.org/Installation_on_UEFI_systems/), I have a semi-full disk encryption.
|
||||
With plain-text root file-system, and encrypted `/home`, `/usr`, `/var` and swap.
|
||||
|
||||
So, without further complaints, this is the way I have some disk encryption in UEFI systems with NetBSD.
|
||||
|
@ -299,8 +299,8 @@ Now I edit fstab to mount the CGD partitions.
|
|||
|
||||
```
|
||||
# vi /targetroot/etc/fstab
|
||||
```
|
||||
```
|
||||
|
||||
# cat /targetroot/etc/fstab
|
||||
# NetBSD /etc/fstab
|
||||
# See /usr/share/examples/fstab/ for more examples.
|
||||
NAME=NetBSD / ffs rw 1 1
|
||||
|
@ -322,8 +322,8 @@ The file rc.confg also needs to be edited
|
|||
|
||||
```
|
||||
# vi /targetroot/etc/rc.conf
|
||||
```
|
||||
```
|
||||
|
||||
|
||||
rc_configured=YES
|
||||
|
||||
# Add local overrides below.
|
||||
|
@ -340,8 +340,7 @@ wscons=YES
|
|||
`rc_configured=YES` is important, otherwise the system will always boot in single-user mode.
|
||||
|
||||
These are the variables I use for a new system.
|
||||
For example, my network device is `wm0`.
|
||||
And this example hostname is `marte.local`.
|
||||
For example, my network device is `wm0`,
|
||||
Your network card and requirements may be different.
|
||||
|
||||
# Unmount and reboot
|
||||
|
@ -374,7 +373,7 @@ In the new system you may need to change root password:
|
|||
# passwd
|
||||
```
|
||||
|
||||
Install pkgin.
|
||||
Install pkgin:
|
||||
|
||||
```
|
||||
PATH="/usr/pkg/sbin:/usr/pkg/bin:$PATH"
|
||||
|
@ -384,14 +383,14 @@ PKG_PATH="http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/amd64/10.0/All/"
|
|||
# pkg_add pkgin
|
||||
```
|
||||
|
||||
And add a new user.
|
||||
And add a new user:
|
||||
|
||||
|
||||
```
|
||||
# useradd -m -G wheel -k /etc/skel vsis
|
||||
```
|
||||
|
||||
And, of course, RTFM.
|
||||
And, of course RTFM:
|
||||
|
||||
```
|
||||
# man afterboot
|
||||
|
@ -403,8 +402,4 @@ This is the method I use to install a semi-full disk encrypted NetBSD system.
|
|||
I may add RAID devices, LVM, multiple disks, etc.
|
||||
Then mount everything under `/targetroot` and extract the sets.
|
||||
|
||||
The restriction is in the root file-system.
|
||||
It needs to be in plain-text and in a regular partition.
|
||||
It seems to me that rootfs in CGD or LVM is not well supported.
|
||||
|
||||
I may be biased by [the Arch way](https://wiki.archlinux.org/title/installation_guide) to install the system, but I find this method better than the installer.
|
||||
|
|
Loading…
Reference in a new issue