Gentoo Linux Installed on VirtualBox with UEFI firmware

I haven’t written many blogs since life has taken it’s course, and I figured I’d at least share one thing I know will help maybe one or two people out there.  After fighting with documentation and information, I recently successfully installed Gentoo Linux with UEFI (EFI) firmware on VirtualBox.  Not that documentation isn’t out there, it’s just that the main documentation is so outdated and didn’t handle UEFI properly as well.  So, without time wasted, I will share my line-by-line notes/self-documentation which I did because I suck at remembering things that I don’t do regularly 😉

Prerequisites: Make sure you have a VM setup for Linux, and I’d say above 2G ram and disk space above 10G.  Also, for the sake of the install, set the network adapter to “Bridged Adapter” connected to your internet-connected adapter on the host.  Make sure your VirtualBox VM is configured for EFI.  Even though VirtualBox has cautions about it being for “special OS’es”, it’s not so much the case in todays world any longer.  You can do it through the GUI in “Settings -> System -> Motherboard” at the bottom selecting a button underneath “Extended Features” named “Enable EFI (Special OSes only)”.
You can also do it through the commandline with ‘VBoxManage modifyvm “VM-Name” —firmware efi64’ (Changing VM-Name to the VM’s name in VirtualBox)
  • Boot the cd, choose advanced options, then pick console, then let it boot
  • To ssh in for a comfy install, do “/etc/init.d/sshd start && passwd root” and set roots password (temporarily), run ifconfig to find the IP then ssh into that IP as root.
  • Create the partitions:
    • gdisk /dev/sda
      • Creates GPT partition table:
      • Command: o
        • Proceed?: y
      • Creates partition 1 (/boot)
      • Command: n
        • Partition Number: 1
          • First Sector: <return>
          • Last sector: +128M
          • Hex Code: <return>
      • Creates partition 2 (UEFI ESP)
      • Command: n
        • Partition Number: 2
          • First sector:<return>
          • Last Sector: +32M
          • Hex Code: EF00
      • Creates partition 3 (swap)
        • Command: n
          • Partition Number: 3
          • First sector:<return>
          • Last sector: +1024M
          • Hex code: 8200
      • Creates partition 4 (/)
        • Command: n
          • Partition number: 4
          • First sector:<return>
          • Last sector: <return>
          • Hex code: <return>
      • Write partition table to disk
        • Command: w
        • Proceed?: y
  • mkdir -p /mnt/gentoo
  • mount /dev/sda4 /mnt/gentoo
  • mkdir /mnt/gentoo/boot
  • mount /dev/sda1 /mnt/gentoo/boot
  • mkdir /mnt/gentoo/boot/efi
  • mount /dev/sda2 /mnt/gentoo/boot/efi
  • cd /mnt/gentoo
  • Grab the latest stage3-amd64-* tarball
  • tar xpf stage3-amd64*
  • mount -t proc none proc
  • mount —rbind /sys sys
  • mount —make-rslave sys
  • Mount —rbind /dev dev
  • mount —make-rslave dev
  • cp /etc/resolv.conf etc
  • chroot . /bin/bash
  • source /etc/profile
  • emerge-webrsync
  • passwd
  • useradd -g users -G wheel,portage,audio,video,usb,cdrom -m <userid you’d like>
  • passwd <userid you picked above>
  • emerge -vp vim
  • Create /etc/fstab with the following
      • /dev/sda1 /boot ext4 no auto,noatime 1 2
      • /dev/sda2 /boot/efi vfat defaults 0 0
      • /dev/sda3 none swap sw 0 0
      • /dev/sda4 / ext4 noatime 0 1
      • /dev/cdrom /mnt/cdrom auto noauto,ro 0 0
  • Edit /etc/portage/make.conf
    • Add in the line: USE=“-X”
  • Edit /etc/locale.gen
    • Uncomment “en_US” along with “en_US.UTF-8
  • Edit /etc/conf.d/hostname
    • Change “localhost” to your hostname: hostname=“localhost”
  • Edit /etc/conf.d/net
    • Add in the following, changing “domain.com” to your domain name 
      • dns_domain_lo=“domain.com”
  • ln -sf /usr/share/zoneinfo/US/Arizona /etc/localtime
  • emerge -av sys-kernel/gentoo-sources
  • cd /usr/src/linux
  • make menuconfig
    Below are kernel configuration options to enable within menuconfig.
    The lines with “Activate blah blah blah” are for people who want the variable names to find in the configuration files instead of manually choosing.

    • Activate CONFIG_DEVTMPFS and CONFIG_DEVTMPFS_MOUNT
      • Enabling devtmpfs support
        • Device drivers —>
          • Generic Driver Options —>
            • [*] Maintain a devtmpfs filesystem to mount at /dev
            • [*] Automount devtmpfs at /dev, after the kernel mounted the rootfs
    • Activate CONFIG_BLK_DEV_SD
      • Enabling SCSI disk support
        • Device Drivers —>
          • SCSI device support —>
            • <*> SCSI disk support
    • Activate CONFIG_EXT2_FSCONFIG_EXT3_FSCONFIG_EXT4_FSCONFIG_MSDOS_FSCONFIG_VFAT_FSCONFIG_PROC_FS, and CONFIG_TMPFS
      • File systems —>
        • <*> Second extended fs support
        • <*> The Extended 3 (ext3) filesystem
        • <*> The Extended 4 (ext4) filesystem
        • <*> Reiserfs support
        • <*> JFS filesystem support
        • <*> XFS filesystem support
        • <*> Btrfs filesystem support
        • DOS/FAT/NT Filesystems —>
          • <*> MSDOS fs support
          • <*> VFAT (Windows-95) fs support
      • Pseudo Filesystems —>
        • [*] /proc file system support
        • [*] Tmpfs virtual memory file system support ( former shm fs )
    • Activate CONFIG_SMP
      • Activating SMP support
        • Processor type and features —>
          • [*] Symmetric multi-processing support
    • Activate CONFIG_HID_GENERIC and CONFIG_USB_HIDCONFIG_USB_SUPPORTCONFIG_USB_XHCI_HCDCONFIG_USB_EHCI_HCDCONFIG_USB_OHCI_HCD
      • Activating USB support for input device
        • Device Drivers —>
          • HID support —>
            • -*- HID bus support
              • <*> Generic HID driver
              • [*] Battery level reporting for HID devices
                • USB HID support —>
                  • <*> USB HID transport layer
          • [*] USB support —>
            • <*> xHCI HCD (USB 3.0) support
            • <*> EHCI HCD (USB 2.0) support
            • <*> OHCI HCD (USB 1.1) support
    • Activating CONFIG_PARTITION_ADVANCED and CONFIG_EFI_PARTITION
      • Enable support for GPT
        • -*- Enable the block layer —>
          • Partition Types —>
            • [*] Advanced partition selection
            • [*] EFI GUID Partition support
    • Activating CONFIG_EFICONFIG_EFI_STUBCONFIG_EFI_MIXED, and CONFIG_EFI_VARS
      • Enable support for UEFI
        • Processor type and features —>
          • [*] EFI runtime service support
          • [*] EFI stub support
          • [*] EFI mixed-mode support
        • Firmware Drivers —>
          • EFI (Extensible Firmware Interface) Support —>
            • <*> EFI Variable Support via sysfs
  • make -j3 && make -j3 modules_install
  • make install
  • emerge —ask sys-boot/grub
  • grub-install –target=x86_64-efi –efi-directory=/boot/efi
  • grub-mkconfig -o /boot/grub/grub.cfg
  • emerge –ask sys-apps/iproute2 net-misc/dhcpcd
  • unmount all partitions and shutdown with “shutdown -h now
  • Start the VM again and once booted and hitting the UEFI shell, do the following
    • Type: “fs0:
    • Type: “edit startup.nsh” (this will be an interactive editor)
      • Add in: “\EFI\gentoo\grubx64.efi
      • Hit “ctrl-s<return><return>” to save
      • Hit: “ctrl-q<return>” to quit the editor
    • Type: “reset” to reboot.
  • Now, the UEFI 5-second delay will be there before booting Gentoo.  You’re done.

Getting External IP Address from Ubee brand Cox Cable Modem

I’m sure there are others in this world that have Cox cable internet with an Ubee brand cable modem/Wireless access point. I’m sure within that crowd of people, a few are looking to find a way to get the external IP allocated to your connection. (the IP of the cable modem from the outside world)
I run Unix (Linux & Unix actually), and this is what I use from the command line:

wget http://192.168.0.1/RgSetup.asp –http-user=user –http-password=MYPASSWORD -qO- | grep -o ‘[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}\.[0-9]\{1,3\}’ | head -1

Replace MYPASSWORD with the password you use to login to the web interface of the Ubee cable modem. Also, be sure to escape the special characters in your password with a backslash ( \ ) when you use it in the commandline, or else they won’t work.
This will simply spit out the IP address allocated at that time.

Hope this helps someone!

‘ShellShock’ BASH vulnerability (this is about OSX but affects Linux & UNIX as well)

I’m sure if you haven’t been under a rock the last week or two, you’ve heard about the BASH shell vulnerability called ‘ShellShock’ that affects Linux, Unix, & OSX. (also, anything else that runs BASH including Cygwin on Windows)
If you haven’t, it’s a variable manipulation vulnerability that can inject whatever it wants into a file, or get data from a file.  To check if you are vulnerable, paste the following into your BASH prompt (no, it’s not dangerous):

env x='() { :;}; echo vulnerable’ bash -c ‘echo hello’

If you are vulnerable, it will print out:

vulnerable
hello

Red Hat Linux has an advisory update about this: https://rhn.redhat.com/errata/RHSA-2014-1306.html

Apple has a patch for this on OS X Mavericks: http://support.apple.com/downloads/DL1769/en_US/BashUpdateMavericks.dmg

It updates the BASH version from 3.2.51(1)-release to 3.2.53(1)-release

Check yours by simply typing ‘bash –version’ at the prompt.

Pvcreate not detecting harddrives (Device /dev/abc not found (or ignored by filtering).

During a recreation of an LVM Volume Group on a new machine, I noticed that the drives weren’t being accepted by pvcreate when initializing them. My drives weren’t RAID configured, as they are simply /dev/sdb,c,d,e,f,g, etc. The error thrown when “pvcreate /dev/sd#” was “Device /dev/sd# not found (or ignored by filtering).” (replacing # with the drive name such as sda1)
What I did was edit the /etc/lvm/lvm.conf file, and change the filter to accept the sd scsi drives.
I went the redneck approach and slapped a bunch of letters in to cover anything that could exist, but I’m sure there are other ways. This is my filter line:
filter = [ “a|drbd.*|”, “a|sda3|”, “a|sd[bcdefghijklmnopqrstuvwxyz]|”, “r|.*|” ]

Note: sda3 is being used for a system partition and is being rejected in this line as well.

That fixed it, and pvscan detected the drive, and pvcreate was able to access it.

 

EDIT 10/3/2014:

I’ve received quite a few reader alerts telling me to use partitions, along with the comments already posted seeming to say the same thing indirectly.  I wanted to alert those that are unaware that you can include an entire disk into a Volume Group without partitions.  Since the entire disk will be used, partitions would be redundant.  That is not the cause of the filtering issue, since I’ve experimented with partitions for 2-3 minutes when I had this issue with the same outcome.
I’d also like to add a page from the documentation for CentOS that talks about LVM filtering:
http://www.centos.org/docs/5/html/Cluster_Logical_Volume_Manager/lvm_filters.html
While it’s for CentOS 5, the syntax on LVM has remained the same for quite a few years.

reflections on bridges in life

Since the Linux kernel is reaching it’s 20 year mark, it’s brought me to the point of really thinking what an impact it has on my life. Since 1995 I have had Linux as my outlet of creation along with a vague but powerful brotherhood with others just like myself. I started on MS-DOS on the PC, and I could not stand using Windows 3.1. I wanted something more powerful, fluid, able to run more than one application without swapping it out of memory to go to the other. Not crash the entire computer when an application screwed up! I ran a BBS (bulletin board service) on MS-DOS and experimented with multitasking in Windows… would work until you actually did something with the second application. I jumped over to a multitasker named Desqview/386 by QEMM, and it worked beautifully… it showed me that it was indeed possible to have 2 applications running at the same time on the same processor. It was all text-based, as well. I wanted more, so I tried Windows 95 Beta 1 (Code name: Chicago). Initially, it was amazing because it would multitask two applications together without a visible flaw. The selling point for me was the multithreading capabilities which was dividing a process into individual threads, and allowing the processor to switch between each of them in a far more granular fashion. Unfortunately, it did not deliver what it said it had. Running an application that displayed a spinning thread, I started about 30 windows, and saw that the multithreading was not being performed in any efficient way. Also, the system appeared to be too reliant upon Microsoft for drivers, and codes. I wasn’t going to allow this, that’s not how computing is meant.
I used VAX VMS on the University of Maryland system before all of this, and I wanted something like that, with that structure of growth. On an FTP site, I ran across Minix. I read the description: a UNIX-like PC-based operating system with the ability to multitask. I downloaded it, blasted it to floppies, and ran it on my system. SO bare, so minimal (unusable by most in today’s world) but it was working. Nothing was hidden, everything was there at my fingertips and believe me… it was the first moment I felt like a god. To be denied that feeling for so long, and to have it given to you in an instant is enough to make any man absorb himself in it.
After a couple weeks, it wasn’t enough. I was missing the ability to reach out with my modem and connect to BBS boards. That part would dry up quick, because I discovered TCP/IP and the ability to connect to a world-wide network. This was a huge thing in that time, and still is even though it’s often just an accepted part of life. Since I knew C programming from coding on WWIV BBS & Renegade BBS systems, I whipped up a quick and dirty dialer for Minix and connected to the county internet gateway machine. Granted, TCP/IP wasn’t easily configurable on it at that time, but the connection was made.

With that thought in mind, I went with my friend to a Trek convention (yeah yeah… it was for fun, not for dressing up) and I ran across a table selling geeky stuff. A 5-CD box was there, with “Infomagic Slakware Linux 1.2” emblazoned across the box. It was only like $12, I thought what the hell, let’s see what this is. I took it home and blasted Minix off of the machine to install Slakware Linux. At the time, installing Linux was not for the faint of heart. Understanding disk geometry, CPU register tables, graphics card internals, and a couple other important things, were necessary to configure the harddisk and install the operating system properly. After a week or two of playing around, it worked. IT WORKED. With a graphical interface, at that. As against graphical interfaces as I was at the time, I remained at the prompt which proved very valuable due to the heavy learning curve teaching the internals by force. I got Linux talking to the county VAX gateway, and used Gopher & Veronica for information digging… for hours, days, weeks…. months… learning about this new thing.

When something just screams to be ripped apart, examined, making you want to taste it, you know it’s your very essence. Linux has come so far in that time, a ghost of what it once was. It’s still held on to that one philosophy that almost brings me to tears when I think about it disappearing. That philosophy is:
1) Everything written is a tool, nothing does everything
2) Everything on the computer is a file. Nothing is hidden, everything is accessible.
3) All code is transparent, available for the user to alter for his/her own needs

While there are many mantras of the UNIX & Linux world, these 3 are the largest in my mind. With this, everything you dream can become a reality, all that is necessary is ambition, stubbornness, and a touch of rebelliousness.

Cheers, Linus Torvalds. You’ve created a monster named Linux, a kernel that sprouted it’s own wings with the help of many, and has breathed hellfire throughout the computing industry. I love you, man. Keep the fight until we pass the torch, brother.

Pine (or alpine) with gmail

I use gmail for just about everything mail related since it’s more reliable than any provider anywhere it seems.
the only downfall is that it’s not a straight POP3 for security reasons, which means your not just going to go cleartext with a console-app that does pop3 email.
SOOOOO I like the application “pine”, which is console only, and is a wonderful little utility for quick, simple, easy to read email along with composing, etc. It just needs configuring to work with Gmail.

After a bit of searching to do this since I’m about lazy, I ran across this. These are instructions on the configuration of pine (or the alternative, alpine). NOTE: I use Linux, a type of UNIX operating system. It’s not a windows application.

Instructions:

First enable IMAP on your Google account!!!
-Log into Google and click “settings”,
-Click “Forwarding and POP/IMAP”
-Under IMAP Access click “Enable IMAP”

Your .pinerc needs to be like this:

user-id=your.username at gmail.com
user-domain=gmail.com

smtp-server=smtp.gmail.com:587/tls/user=your.username at gmail.com

(all on one line)
inbox-path={imap.gmail.com:993/ssl/novalidate-cert/user=your.username at gmail.com}INBOX

(all on one line)
incoming-folders=your.username at gmail.com {imap.gmail.com:993/novalidate-cert/ssl/user=your.username at gmail.com}
(you probably have to check “enable-incoming-folders” in your Pine Setup, Config as well)

(all on one line)
folder-collections=”your.username at gmail.com” {imap.gmail.com:993/ssl/user=your.username at gmail.com}[]

You can invoke pine using an alternate .pinerc like so:
pine -p .pinerc_gmail
You can’t use /afs/isis/pkg/pine/bin/pine because it’s configured to fix settings for smtp-server and user-domain back to UNC’s. So you can read your Gmail with it but when you send e-mail things get confusing.