Install OpenSuSE to my Thinkpad T60p
Sorry I'm a novice SuSE user:-)
- OpenSuSE References
URLs
http://en.opensuse.org/
http://ja.opensuse.org/ (japanese info)
http://suse.nm.land.to/index.php?install
http://www.it.ecei.tohoku.ac.jp/~dobachi/cgi-bin/wiki/wifky.pl?p=FrontPage
Books
Beginning Suse Linux
はじめてのSUSE Linux 10―「インストール」から各種アプリケーションの「設定」「応用」まで
- Install
Download DVD image
Reference URLs
http://en.opensuse.org/Download
http://en.opensuse.org/Mirrors_Released_Version#Japan
Install
not so difficult. :-)
Update
http://en.opensuse.org/Updating_SUSE_Linux
In Japan, set mirror to JAIST or KDDI (RIKEN mirror does not work)
http://ftp.jaist.ac.jp/pub/Linux/openSUSE/distribution/openSUSE-stable/repo/
- Setup
Graphics
Install ATI Driver
http://en.opensuse.org/ATI_Driver (I followed this instruction)
OpenGL (TODO?)
Using Xgl on SUSE Linux
http://en.opensuse.org/Using_Xgl_on_SUSE_Linux
http://ja.opensuse.org/Using_Xgl_on_SUSE_Linux (Japanese)
Beryl (TODO?)
http://blog.livedoor.jp/vine_user/archives/50961027.html (Japanese)
Xen
http://en.opensuse.org/Xen
http://en.opensuse.org/Installing_Xen3
Yast2 -> Software -> Software Management
kernel-xen,xen,,,, yast2-vm
reboot
Problem)
Xen Kernel with ATI Driver does not boot.
stop with "Activating Device Mapper" message :-(
References
http://www.ne.jp/asahi/open/gallery/linux/xen/xen3vt/xen3vt.htm (Japanese)
「6.SUSE 10.1 Xen環境でのWindows XP インストール」 がある
Samba
Setup by YaST
yast2->NetworkService->Samba Server
Add users by commandline.
# smbpasswd -a hoge
Disable TouchPad
You can disable the TouchPad by BIOS setup menu.
Or, X11 configuration
http://ubuntu.wordpress.com/2006/03/24/disable-synaptics-touchpad/、
Edit /etc/X11/xorg.conf
add Option "SHMConfig" "on" into Section "InputDevice"
then,
$ synclient TouchpadOff=1
Network (still in trouble)
I can't get the DHCP address.
Static IP address works fine.
ifconfig eth0 192.168.0.200
route add default gw 192.168.0.1
Edit resolv.conf
nameserver 192.168.0.1
/etc/networks
http://groups.google.co.jp/group/linux.debian.user/browse_thread/thread/ef583c3d7305efc6
With Xen, I can't configure the network by YaST.
- Reconfigure
Kernel Rebuild
Download kernel-source-2.6.18.2-34.i586.rpm
$ rpm -i kernel-source-2.6.18.2-34.i586.rpm
$ cd /usr/src/linux-2.6.18.2-34/
$ cp /boot/config-2.6.18.2-34-default .confog
$ make oldconfig
$ make modules_install
$ make install
Or, to build the binary RPM.
Download kernel-source-2.6.18.2-34.rpm from oss-src
$ rpm -ivh kernel-source-2.6.18.2-34.rpm
$ cd /usr/src/packages/SOURCES
$ rpmbuild -ba kernel-default.spec
Reference URLs
http://www.suse.de/~agruen/kernel-doc/
http://kumaneko-sakura.sblo.jp/article/958080.html (Japanese)
RPMの作成方法は熊猫さんが詳しく解説されていました(多謝)
Too add new config, you have to modify/create following files
/usr/src/packages/SOURCES/config.conf (add your config)
/usr/src/packages/SOURCES/config.tar.bz2 (add your config)
/usr/src/packages/SOURCES/series.conf (add your patch)
/usr/src/packages/SOURCES/patches.hoge.tar.bs2 (your patch archive)
/usr/src/packages/SOURCES/kernel-hoge.spec (your spec file)
TPM
The default kernel contains TPM drivers as module. so
$ modprobe tpm_tis
Measured BIOS eventlog is here
/sys/kernel/security/tpm0/
Trusted Grub
There are two patchs
http://www.prosec.rub.de/trusted_grub.html
http://trousers.sourceforge.net/grub.html
Integrity Measurement Architecture (IMA)
http://domino.research.ibm.com/comm/research_people.nsf/pages/sailer.ima.html
Download latest patch from
http://sourceforge.net/projects/linux-ima
$ cd /usr/src/linux-2.6.18.2-34/
$ patch -p1 < ibm_ima_7.3_2.6.19.patch
Fix some errors
$ make xconfig
CRYPTO_SHA1=Y
TCG_TPM=Y
TPM_TIS=Y
IMA_MEASURE=Y
Edit Makefile to change the release name
# make modules_install
# make install
Edit /boot/grub/menu.lst, add "ima=1" to kernel commandline
Disable AppArmor(AA) since AA also use the LSM. We can't stack the IMA and AA on LSM.
yast2->AppArmor->Configure->Disable
Edit /etc/fstab to add following line
securityfs /sys/kernel/security securityfs rw 0 0
# reboot
Eventlog located in /sys/kernel/security/ima
note)
If you want to use MAC with IMA. GRSEC or TOMOYO−Linux might be work since they do not use the LSM.
- Troubles
If I use /bin/tcsh as my login shell, Gnome desktop does not start.:-(
In tcsh, to use an autocomplete, use TAB key instead of ESC.
:-)