I am making a switch to void linux. So far it has been working fine. I like that it is very stream-lined and hardware support has been mostly fine.

I have tweaked the installation on my computers to use UEFI and thus I am using rEFInd instead of grub. This is because it makes doing bare metal backups and restore just a simple file copy. Using UEFI grub or my previous BIOS based boot process would require doing some EFI tricks or installing MBR and the like. Right now, I just need to partition things right and copy things to the right location to have a working system.

My installation process roughly follows the UEFI chroot install.

This process is implemented in a script and can be found here:

Script usage:

	Usage: installer.sh _sdx_ _hostname_ [options]

	- _sdx_: Block device to install to
	- _hostname_: Hostname to use

	Options:
	- mem=memory : memory size, defaults computed from /proc/meminfo
	- glibc : Do a glibc install
	- noxwin : do not insall X11 related packages
	- desktop=no ; do not install desktop environment
	- desktop=mate : Install MATE dekstop environment
	- rsync.host=host : rsync backup server
	- rsync.secret=secret : rsync backup pre-shared-key
	- passwd=password : root password (prompt if not specified)
	- enc-passwd=encrypted : encrypted root password.
	- ovl=tar.gz : tarball containing additional files
	- pkgs=file : text file containing additional software to install

Initial set-up

Boot using the void live CD and partition the target disk:

cfdisk -z /dev/xda

Make sure you use gpt label type (for UEFI boot). I am creating the following partitions:

  1. 500MB EFI System
  2. RAM Size * 1.5 Linux swap, Mainly used for Hibernate.
  3. Rest of drive Linux filesystem, Root file system

This is on a USB thumb drive. The data I keep on an internal disk.

Now we create the filesystems:

sysdev=<block device>

mkfs.vfat -F 32 -n EFI "${sysdev}1"
mkswap -L swp0 "${sysdev}2"
mkfs.xfs -f -L voidlinux "${sysdev}3"

We’re now ready to mount the volumes, making any necessary mount point directories along the way (the sequence is important, yes):

mount "${sysdev}3" /mnt
mkdir /mnt/boot
mount "${sysdev}1" /mnt/boot

Installing Void

So we do a targetted install:

For musl-libc

env XBPS_ARCH=x86_64-musl xbps-install -S -R http://alpha.de.repo.voidlinux.org/current/musl -r /mnt base-system grub-x86_64-efi

For glibc (untested)

env XBPS_ARCH=x86_64 xbps-install -S -R http://alpha.de.repo.voidlinux.org/current -r /mnt base-system grub-x86_64-efi

But actually, for the package list I have been using these lists:

This installs a MATE desktop environment.

Software selection notes

  • For time synchronisation (ntp) we ae choosing chrony as it is reputed to be more secure that ntpd and more compliant than openntpd.
  • We are using the default configuration, which should be OK. Uses pool.ntp.org for the time server which would use a suitable default.
  • For cron we are using dcron. It is full featured (i.e. compatibnle with cron and it can handle power-off situations, while being the most light-weight option available. See: VoidLinux FAQ: Cron
  • Includes autofs and nfs-utils for network filesystems and automount support.

nonfree software

Install:

intel-ucode
unrar

Enter the void chroot

Upon completion of the install, we set up our chroot jail, and chroot into our mounted filesystem:

mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
mount -o bind /dev /mnt/dev
mount -t devpts pts /mnt/dev/pts
cp -L /etc/resolv.conf /mnt/etc/
chroot /mnt bash -il

In order to verify our install, we can have a look at the directory structure:

 ls -la

The output should look something akin to the following:

total 12
drwxr-xr-x 16 root root 4096 Jan 17 15:27 .
drwxr-xr-x  3 root root 4096 Jan 17 15:16 ..
lrwxrwxrwx  1 root root    7 Jan 17 15:26 bin -> usr/bin
drwxr-xr-x  4 root root  127 Jan 17 15:37 boot
drwxr-xr-x  2 root root   17 Jan 17 15:26 dev
drwxr-xr-x 26 root root 4096 Jan 17 15:27 etc
drwxr-xr-x  2 root root    6 Jan 17 15:26 home
lrwxrwxrwx  1 root root    7 Jan 17 15:26 lib -> usr/lib
lrwxrwxrwx  1 root root    9 Jan 17 15:26 lib32 -> usr/lib32
lrwxrwxrwx  1 root root    7 Jan 17 15:26 lib64 -> usr/lib
drwxr-xr-x  2 root root    6 Jan 17 15:26 media
drwxr-xr-x  2 root root    6 Jan 17 15:26 mnt
drwxr-xr-x  2 root root    6 Jan 17 15:26 opt
drwxr-xr-x  2 root root    6 Jan 17 15:26 proc
drwxr-x---  2 root root   26 Jan 17 15:39 root
drwxr-xr-x  3 root root   17 Jan 17 15:26 run
lrwxrwxrwx  1 root root    8 Jan 17 15:26 sbin -> usr/sbin
drwxr-xr-x  2 root root    6 Jan 17 15:26 sys
drwxrwxrwt  2 root root    6 Jan 17 15:15 tmp
drwxr-xr-x 11 root root  123 Jan 17 15:26 usr
drwxr-xr-x 11 root root  150 Jan 17 15:26 var

While chrooted, we create the password for the root user, and set root access permissions:

 passwd root
 chown root:root /
 chmod 755 /

Since I am a bash convert, I would do this:

 xbps-alternatives --set bash

Create the hostname for the new install:

echo <HOSTNAME> > /etc/hostname

Edit our /etc/rc.conf file, like so:

HOSTNAME="<HOSTNAME>"

# Set RTC to UTC or localtime.
HARDWARECLOCK="UTC"

# Set timezone, availables timezones at /usr/share/zoneinfo.
TIMEZONE="Europe/Amsterdam"

# Keymap to load, see loadkeys(8).
KEYMAP="us-acentos"

# Console font to load, see setfont(8).
#FONT="lat9w-16"

# Console map to load, see setfont(8).
#FONT_MAP=

# Font unimap to load, see setfont(8).
#FONT_UNIMAP=

# Kernel modules to load, delimited by blanks.
#MODULES=""

Also, modify the /etc/fstab:

#
# See fstab(5).
#
# <file system>	<dir>	<type>	<options>		<dump>	<pass>
tmpfs		/tmp	tmpfs	defaults,nosuid,nodev   0       0
LABEL=EFI	/boot	vfat	rw,fmask=0133,dmask=0022,noatime,discard  0 2
LABEL=voidlinux	/	xfs	rw,relatime,discard	0 1
LABEL=swp0 	swap	swap	defaults		0 0

For a removable drive I include the line:

LABEL=volume	/media/blahblah xfs	rw,relatime,nofail 0 0

The important setting here is nofail.

If using glibc you can modify /etc/default/libc-locales and uncomment:

en_US.UTF-8 UTF-8

Or whatever locale you want to use. And run:

 xbps-reconfigure -f glibc-locales

Set-up UEFI boot

Download the rEFInd zip binary from:

Set-up the boot partition:

mkdir /boot/EFI
mkdir /boot/EFI/BOOT

Copy from the zip file the file refind-bin-{version}/refind/refind_x64.efi to /boot/EFI/BOOT/BOOTX64.EFI.

The version I am using right now can be found here: v0.11.4 BOOTX64.EFI

Create kernel options files /boot/cmdline:

root=LABEL=voidlinux ro quiet

For my hardware I had to add the option:

  • intel_iommu=igfx_off
    • To work around some strange bug.
  • i915.enable_ips=0
    • fixes a power saving mode problem on 4.1-rc6+

Create the following script as /boot/mkmenu.sh

Add the following scripts to:

  • /etc/kernel.d/post-install/99-refind
  • /etc/kernel.d/post-remove/99-refind

Make sure they are executable. This is supposed to re-create menu entries whenever the kernel gets upgraded.

We need to have a look at /lib/modules to get our Linux kernel version

ls -la /lib/modules

Which should return something akin to:

drwxr-xr-x  3 root root   21 Jan 31 15:22 .
drwxr-xr-x 23 root root 8192 Jan 31 15:22 ..
drwxr-xr-x  3 root root 4096 Jan 31 15:22 5.2.13_1

And this script to create boot files:

xbps-reconfigure -f linux5.2

If you need to manually prepare boot files:

# update dracut
dracut --force --kver 4.19.4_1
# update refind menu
bash /boot/mkmenu.sh

We are now ready to boot into Void.

exit
umount -R /mnt
reboot

Post install

After the first boot, we need to activate services:

Command line set-up:

ln -s /etc/sv/dhcpcd /var/service
ln -s /etc/sv/sshd /var/service
ln -s /etc/sv/{acpid,chronyd,cgmanager,crond,uuidd,statd,rcpbind,autofs} /var/service

Full workstation set-up:

ln -s /etc/sv/dbus /var/service
ln -s /etc/sv/NetworkManager /var/service
ln -s /etc/sv/sshd /var/service
ln -s /etc/sv/{acpid,chronyd,cgmanager,crond,uuidd,statd,rcpbind,autofs} /var/service
ln -s /etc/sv/{consolekit,lxdm} /var/service

Creating new users:

useradd -m -s /bin/bash -U -G wheel,users,audio,video,cdrom,input newuser
passwd newuser

Note: The wheel user group allows the user to escalate to root.

Configure sudo:

visudo

Uncomment:

# %wheel ALL=(ALL) ALL

Logging

Source: Logging

Optional:

usermod -aG socklog <your username>

Because I like to have just a single directory for everything and use grep, I do the following:

rm -rf /var/log/socklog/?*
mkdir /var/log/socklog/everything
ln -s socklog/everything/current /var/log/messages.log

Create the file /var/log/socklog/everything/config with these contents:

+*
u172.17.1.8:514

Enable daemons…

ln -s /etc/sv/socklog-unix /var/service/
ln -s /etc/sv/nanoklogd /var/service/

Reload svlogd (if it was already running)

killall -1 svlogd

System backups

For void linux I prefer to re-install instead to do a full backup. A few selected files are backed-up. This is done with this script

To install, copy that script to /usr/local/sbin and make it executable.

Create a cronjob in /etc/cron.daily/rsvault to enable.

Configure server information in /etc/rsync.cfg

rsync_host="<server>"
rsync_passwd="<passwd>

Make sure you set permissions accordingly:

  • chmod 600 /etc/rsync.cfg

Create hardlinks to files that you would like to protect in /etc/rsync.vault. For example:

  • /etc/crypttab
  • /crypto_keyfile.bin
  • /etc/hosts #: if using for ad blocking

Alternatively, you can do a full backup with this script.

Identd server

I am using this identd serverto support a simple Single-Sign-On scheme.

mkdir -p /etc/sv/an_identd/log
wget -O/usr/local/sbin/an_identd https://raw.githubusercontent.com/TortugaLabs/autonom/master/an_identd.py
wget -O/etc/sv/an_identd/run https://raw.githubusercontent.com/TortugaLabs/autonom/master/etc-sv-an_identd/run
wget -O/etc/sv/an_identd/log/run https://raw.githubusercontent.com/TortugaLabs/autonom/master/etc-sv-an_identd/log/run
chmod 755 /usr/local/sbin/an_identd $mnt/etc/sv/an_identd/run $mnt/etc/sv/an_identd/log/run
ln -s /etc/sv/an_identd /var/service

Configure keyboard

Create configuration file: /etc/X11/xorg.conf.d/30-keyboard.conf

Section "InputClass"
    Identifier "keyboard-all"
    Option "XkbLayout" "us"
    # Option "XkbModel" "pc105"
    # Option "XkbVariant" "altgr-intl"
    Option "XkbVariant" "intl"
    # MatchIsKeyboard "on"
EndSection

This makes the intl for the XkbVariant the system-wide default.

Since, as a programmer I prefer the altgr-intl variant, then I run this in my de desktop environment startup to override the default:

setxkbmap -rules evdev -model evdev -layout us -variant altgr-intl

Using SLIM

I have switched to SLiM as the display manager. This is configured in /etc/slim.conf.

Tweaks and Bug-fixes

power button handling

This patch prevents the /etc/acpi/handler.sh to handle the power button instead, letting the Desktop Environment handle the event.

rtkit spamming logs

Apparently, rtkit requres an rtkit user to exist. Otherwise it will spam the logs with error messages. To correct use this command:

useradd -r -s /sbin/nologin rtkit

Old Notes

PolKit rule tweaks

Testing as of 2019-09-07, the following does not seem to be needed any longer. I left it here just for reference (in case it breaks again.


OK, in my case, shutdown, reboot and local media access functions were not available using the MATE desktop.

To enable this I had to create/tweak the PolKit rules…