Compare commits

...

2 commits

Author SHA1 Message Date
Roddy González
1a6c83140a
Fix presentation of the last article 2024-06-07 13:48:24 +02:00
Roddy González
9ec83035d4
Fix a few typos in the last post 2024-06-07 13:09:11 +02:00

View file

@ -23,8 +23,8 @@ It has been a painful experience, full of bugs and kernel panics.
I've post some of them in the Fediverse.
Like [here](https://mastodon.bsd.cafe/@release_candidate/112520904317829098) and [here](https://mastodon.bsd.cafe/@release_candidate/112128737628556050).
One of the weakest point that I've seen in NetBSD is the installer.
If you need a simple installation it just works ™.
One of the weakest points that I've seen in NetBSD is the installer.
If you need a simple installation *it just works* ™.
But as soon as you need some complex setup, like RAID mixed with encrypted partitions, or something similar, the installer is subpar.
You will face some segfault from the installer, a kernel panic or another surprise.
@ -39,7 +39,7 @@ Now, even today I have no idea how to have actual full disk encryption with NetB
I've seen [a wonderful tutorial for full-disk encryption for MBR-based systems](https://www.unitedbsd.com/d/461-netbsd-full-disk-encryption-with-cgd), but not for UEFI.
And my laptop doesn't really like to boot in old MBR mode.
Following the [documentation of CGD drives](https://www.netbsd.org/docs/guide/en/chap-cgd.html#chap-cgd-example) and [the documentation on UEFI installations](https://wiki.netbsd.org/Installation_on_UEFI_systems/), I have a semi-full disk encryption.
Following the [documentation on CGD drives](https://www.netbsd.org/docs/guide/en/chap-cgd.html#chap-cgd-example) and [the documentation on UEFI installations](https://wiki.netbsd.org/Installation_on_UEFI_systems/), I have a semi-full disk encryption.
With plain-text root file-system, and encrypted `/home`, `/usr`, `/var` and swap.
So, without further complaints, this is the way I have some disk encryption in UEFI systems with NetBSD.
@ -299,8 +299,8 @@ Now I edit fstab to mount the CGD partitions.
```
# vi /targetroot/etc/fstab
# cat /targetroot/etc/fstab
```
```
# NetBSD /etc/fstab
# See /usr/share/examples/fstab/ for more examples.
NAME=NetBSD / ffs rw 1 1
@ -322,8 +322,8 @@ The file rc.confg also needs to be edited
```
# vi /targetroot/etc/rc.conf
```
```
rc_configured=YES
# Add local overrides below.
@ -340,7 +340,8 @@ wscons=YES
`rc_configured=YES` is important, otherwise the system will always boot in single-user mode.
These are the variables I use for a new system.
For example, my network device is `wm0`,
For example, my network device is `wm0`.
And this example hostname is `marte.local`.
Your network card and requirements may be different.
# Unmount and reboot
@ -373,7 +374,7 @@ In the new system you may need to change root password:
# passwd
```
Install pkgin:
Install pkgin.
```
PATH="/usr/pkg/sbin:/usr/pkg/bin:$PATH"
@ -383,14 +384,14 @@ PKG_PATH="http://cdn.netbsd.org/pub/pkgsrc/packages/NetBSD/amd64/10.0/All/"
# pkg_add pkgin
```
And add a new user:
And add a new user.
```
# useradd -m -G wheel -k /etc/skel vsis
```
And, of course RTFM:
And, of course, RTFM.
```
# man afterboot
@ -402,4 +403,8 @@ This is the method I use to install a semi-full disk encrypted NetBSD system.
I may add RAID devices, LVM, multiple disks, etc.
Then mount everything under `/targetroot` and extract the sets.
The restriction is in the root file-system.
It needs to be in plain-text and in a regular partition.
It seems to me that rootfs in CGD or LVM is not well supported.
I may be biased by [the Arch way](https://wiki.archlinux.org/title/installation_guide) to install the system, but I find this method better than the installer.