Table of Contents

Permissions

Sudoers

Disable per-tty authentication:

/etc/sudoers.d/no-tty-tickets: Defaults !tty_tickets

Storage

Partitioning

cgpt add -i 1 -b 8671232 -s 6156288 /dev/sda
# force check, ignore size/corruption warnings
e2fsck /dev/sda1
# resize to partition limit
resize2fs /dev/sda1
# new partition  ("-i 13" is optional)
cgpt add -i 13 -b 14827520 -s 224690176 -t rootfs  /dev/sda

New layout: 

64       16384      11  ChromeOS firmware
       16450           1       9  ChromeOS reserved
       16451           1      10  ChromeOS reserved
       20480       32768       2  ChromeOS kernel
       53248       32768       4  ChromeOS kernel
       86016       32768       8  Linux data
      249856       32768      12  EFI System Partition
      282624     4194304       5  ChromeOS rootfs
     4476928     4194304       3  ChromeOS rootfs
     8671232     6156288       1  Linux data
    14827520   224690176      13  ChromeOS rootfs (new root)
   239517696       32768       6  ChromeOS kernel
   239550464    10485760       7  ChromeOS rootfs

LUKS

Algorithm benchmarks: 

chrx@shochu:~$ cryptsetup benchmark
# Tests are approximate using memory only (no storage IO).
PBKDF2-sha1       608929 iterations per second
PBKDF2-sha256     399001 iterations per second
PBKDF2-sha512     269141 iterations per second
PBKDF2-ripemd160  362578 iterations per second
PBKDF2-whirlpool  134157 iterations per second
#  Algorithm | Key |  Encryption |  Decryption
     aes-cbc   128b   119.0 MiB/s   139.9 MiB/s
 serpent-cbc   128b    46.9 MiB/s   178.5 MiB/s
 twofish-cbc   128b   102.1 MiB/s   144.3 MiB/s
     aes-cbc   256b    93.2 MiB/s   102.1 MiB/s
 serpent-cbc   256b    45.7 MiB/s   178.6 MiB/s
 twofish-cbc   256b   100.5 MiB/s   144.7 MiB/s
     aes-xts   256b   137.7 MiB/s   136.7 MiB/s
 serpent-xts   256b   172.7 MiB/s   169.0 MiB/s
 twofish-xts   256b   131.1 MiB/s   131.2 MiB/s
     aes-xts   512b   104.4 MiB/s   103.6 MiB/s
 serpent-xts   512b   172.7 MiB/s   169.3 MiB/s
 twofish-xts   512b   130.9 MiB/s   130.9 MiB/s

Encrypt: 

cryptsetup -c serpent-xts-plain64 -s 512 luksFormat /dev/sda13
cryptsetup luksOpen --allow-discards /dev/sda13 crypt-root

Benchmark: 

root@shochu:/home/chrx# bonnie++ -f -d ./tmp -r 512 -s 1600 -n 0 -u root
Using uid:0, gid:0.
Writing intelligently...done
Rewriting...done
Reading intelligently...done
start 'em...done...done...done...done...done...
Version  1.97       ------Sequential Output------ --Sequential Input- --Random-
Concurrency   1     -Per Chr- --Block-- -Rewrite- -Per Chr- --Block-- --Seeks--
Machine        Size K/sec %CP K/sec %CP K/sec %CP K/sec %CP K/sec %CP  /sec %CP
shochu        1600M           163279  16 158908  10           +++++ +++ +++++ +++
Latency                        1914ms    2300ms              1653us    4015us

1.97,1.97,shochu,1,1453330209,1600M,,,,163279,16,158908,10,,,+++++,+++,+++++,+++,,,,,,,,,,,,,,,,,,,1914ms,2300ms,,1653us,4015us,,,,,,

LVM2

Enable discards in /etc/lvm/lvm.conf: 

# [...]
devices {
   # [...]
   issue_discards = 1
   # [...]
}
# [...]





pvcreate /dev/mapper/crypt-root
vgcreate vg-root /dev/mapper/crypt-root
vgchange -a y vg-root
# don't zero
lvcreate -Zn -n root -L1g vg-root
lvcreate -Zn -n usr -L25G vg-root
lvcreate -Zn -n var -L5g vg-root
lvcreate -Zn -n tmp -L1.5g vg-root
lvcreate -Zn -n home -l100%FREE vg-root

Resultant LVs: 

LV   VG      Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  home vg-root -wi-a----- 74.64g
  root vg-root -wi-a-----  1.00g
  tmp  vg-root -wi-a-----  1.50g
  usr  vg-root -wi-a----- 25.00g
  var  vg-root -wi-a-----  5.00g

Ext4

for i in tmp usr var home ; do mkfs.ext4 -m  /dev/vg-root/$i ; done
cd /mnt
for i in root tmp usr var ; do mkdir "$i" && mount /dev/vg-root/$i "./$i"; done
for i in tmp usr var ; do cp -a /$i/* $i/ ; done
tar cvf /mnt/usr/root.tar --one-file-system  /
cd /mnt/root 
tar xvf ../usr/root.tar  --exclude=usr --exclude=var

fstab

/dev/mapper/vg--root-root / ext4 defaults,discard,relatime 1 1
/dev/mapper/vg--root-usr /usr ext4 defaults,discard,relatime 0 2
/dev/mapper/vg--root-var /var ext4 defaults,discard,relatime 0 2
/dev/mapper/vg--root-tmp /tmp ext4 defaults,discard,relatime 0 2
/dev/mapper/vg--root-home /home ext4 defaults,discard,relatime 0 2

Trim support

Keyboard

Search key is Overlay1_Enable.

http://unix.stackexchange.com/questions/39547/dead-compose-keys-not-working-in-gtk-apps-since-upgrade

Other keys:

Keys Symbol
Search + [ Keyboard backlight down
Search + ] Keyboard backlight up
Search + Alt Caps Lock
Search + Backspace Delete
Search + (. or v) Insert
Search + Left Home
Search + Right End
Search + Up PgUp
Search + Down PgDn

Compose Key

  • Not working in Xubuntu by default since 14.04. Need ibus (and ibus-gtk?) installed.

Run as part of the session: 

ibus-daemon --xim -d

Shochu Reinstallation

Using GalliumOS 2.1

Partitioning

Partition Table: msdos
Disk Flags: 

Number  Start       End            Size           Type      File system  Flags
 1      1048576B    511705087B     510656512B     primary   ext2         boot
 2      512752640B  128035323903B  127522571264B  extended
 5      512753664B  128035323903B  127522570240B  logical

LUKS

aes-xts-plain64 sha256

LVM

LV   VG           Attr       LSize  Pool Origin Data%  Meta%  Move Log Cpy%Sync Convert
  home galliumos-vg -wi-a----- 50.00g                                                    
  root galliumos-vg -wi-a----- 10.00g                                                    
  usr  galliumos-vg -wi-a----- 30.00g

Bluetooth

Microsoft Mouse 3600

Doesn't pair by default needs "GATT" bluetoothd experimental feature. Enable it and restart bluetooth.

/etc/default/bluetooth: 

NOPLUGIN_OPTION="-E"

SideBar