You are reading content from Scuttlebutt
@kieran %0kO3x7vJIpG6N7dCvTh076lPxkfBSw/JfDKaVjOCJg8=.sha256

Dual Boot Devuan & Mint on a Lenovo Yoga 720 with NVMe SSD

This was the first computer I've ever bought that's cost me more than £150. And its been dreamy to use. Its got a touch screen (which honestly, I don't need and haven't really touched). Getting Linux installed initially was mildly troublesome, and once I'd got a basic Ubuntu 16.04 Gnome version running, at the time I was happy settling for that, despite really wanting to experiment more, I just needed a working computer. So I made it a target for 2019 to learn more about partitioning, the Linux kernel, and how to properly manage your own system and to rebuild my computer. This target was thrust upon me forcefully when I woke up to this one morning...

computer-death.jpg

This forced my hand.

So I set out to rebuild with Devuan as my main OS, and Mint as a secondary OS and fully encrypt each setup with LUKS encryption. I haven't yet encrypted the /shared partition but its easy with the knowledge I've gained now.

Took me several attempts to get it right, here's how I got on and what I learned...


Steps

  • Configure BIOS to boot using UEFI only
  • Disable 'Secure Boot'
  • Use gparted to layout drive paritions
    • Create a FAT32 EFI system partition with flags /boot and /esp
    • Create /boot partitions for each encrypted filesystem
  • Install Devuan
  • Manually install grub and update its settings once you've booted in once
  • Use cryptsetup to create a LUKS partition for Mint
  • Install Mint in the encrypted filesystem
  • Update Mint's grub to tell it its dealing with an encrypted file system

Partitioning

I partitioned my drives thusly and left 30 GB at the end, just incase I want to add a third distro at some point:

# Partition       # Filesystem        # Mount Point  # Size    # Flags
/dev/nvme0n1p1    fat32               /boot/efi      512 MB    boot, esp
/dev/nvme0n1p2    [Encrypted] (ext4)  /  (Devuan)    20480 MB
/dev/nvme0n1p3    [Encrypted] (ext4)  /  (Mint)      20480 MB
/dev/nvme0n1p4    extended
  /dev/nvme0n1p5  ext4                /boot (Devuan) 1024 MB
  /dev/nvme0n1p6  ext4                /boot (Mint)   1024 MB
  /dev/nvme0n1p7  ext4                /shared        ...the rest...
unallocated                                          30720 MB

Installing Devuan

Setting up the BIOS from the boot menu was easy, and once I'd connected with an Etherenet cable (via my Raspberry Pi which is forwarding its own wireless connection, whoop!), I was able to get Devuan to actually install. It doesn't recognise the Wifi and touchpad / touchscreen drivers, a problem which I have yet to tackle (am using Mint for the time being). If anyone has any info re: this, would be great! Anyway, with Devuan you can encrypt your partitions so I selected the partitions as above and go through the encryption steps. Complete the install, and OWCH. Grub doesn't install. My heart sinks. How am I going to boot this OS? Several days pass and I try multiple times to manually configure grub but its horrific. At one point somehow after booting Mint from a USB, it recognises a Devuan installation, but not with a custom partition configuration. Sigh.

Thanks to the wonder of stack exchange I was able to piece together a solution.

Before leaving the Devuan installation after GRUB fails to install, execute a shell and do the following:

mount --bind /dev /target/dev
mount --bind /dev/pts /target/dev/pts
mount --bind /proc /target/proc
mount --bind /sys /target/sys
cp /etc/resolv.conf /target/etc
chroot /target /bin/bash

apt update
apt install grub-efi-amd64
update-grub
grub-install --target=x86_64-efi /dev/nvme0n1

If I understand correctly, this is mounting the recently installed OS and we're then switching to a bash shell from which we can run apt. This goes swimmingly until I run update-grub, at which point we get an error:

/etc/grub.d/30_uefi-firmware arithmetic expression: expecting EOF: " 1f & 1"

ARGGGH

Resolved by modifying line 34 in /etc/grub.d/30_uefi-firemware, replacing [ "$(( $(printf %x \'"$(cat $OsIndications | cut -b1)") & 1 ))" = 1 ]; then with [ "$(( $(printf %d \'"$(cat $OsIndications | cut -b1)") & 1 ))" = 1 ]; then

Now grub will recognise Devuan and we can boot, once at least! Whoop! However, since the touchpad doesn't work, we have to plug in a mouse to open a terminal (hotkeys aren't yet configured..., or at least I don't know what it is)

First we add ourselves to the sudo group, running visudo as root and adding ourselves with all permissions.

Now we add "nvme" to /etc/initramfs-tools/modules, and run `sudo update-initramfs -u``.

We also need to edit our grub configuration to make sure it boots again, add the following line in /etc/default/grub: GRUB_CMDLINE_LINUX="intel_pstate=no_hwp".

We also need to add 'nomodeset' to GRUB_CMDLINE_LINUX_DEFAULT

And now we have to run sudo update-grub and grub will always recognise Devuan.

Installing Mint

Boot as normal from the USB, but before we begin the installation we have to encrypt the partiton we intend to install mint into. We also need to make sure we close the encrypted partition before we shutdown!

sudo cryptsetup luksFormat /dev/nvme0n1p3 # setup encryption - choose a memorable password!
sudo cryptsetup luksOpen /dev/nvme0n1p3 luks1 # open encrypted partition
# setup LVM (logical volume management)
sudo pvcreate /dev/mapper/luks1
sudo vgcreate vg0 /dev/mapper/luks1
sudo lvcreate -n root -l 8G vg0 # create a root volume of 8GB
sudo lvcreate -n home -l +100%Free vg0 # create a home volume of the rest (~12 GB)

Now run the installation, and select the relevant /dev/mapper/vg0-* partitions inside the logical volume and assign to / and /home. Don't forget to create a separate /boot partition to the Devuan one.

Once the installation is complete, DON'T REBOOT.

We now have to:

  • Mount the newly installed system,
  • chroot in to the mounted system
  • Tell grub2 (which was installed along with Mint) that its got an encrypted drive to deal with
  • Generate a /etc/crypttab/ file with the UUID of the encrypted /dev/nvme0n1p3 partition.
sudo blkid | grep LUKS # copy the UUID for /dev/nvme0n1p3
sudo mount /dev/vg0/root /mnt
sudo mount /dev/nvme0n1p6 /mnt/boot
sudo mount --bind /dev /mnt/dev
sudo mount --bind /run/lvm /mnt/run/lvm
sudo mount /dev/nvme0n1p1 /mnt/boot/efi
sudo chroot /mnt
mount -t proc proc /proc
mount -t sysfs sysfs /sys
mount -t devpts devpts /dev/pts

Generate a crypttab file and input:

luks UUID="therootIDyoucopied" none luks,discard

And finally, rebuild the boot loader files:

update-initfamrs -k all -c
update-grub

Done! You should now be able to switch between Mint and Devuan from the BIOS screen using F2. Sadly this configuration they use two separate GRUB configs (ones using grub, ones using grub2) and so they don't appear on the same menu. But I don't care. I got it working!

Next challenge: find the right drivers for Devuan.

#Pain leads to #Joy...

Posting this on scuttlebutt makes we wish #buttoverflow was a thing already

cc: #linux #partitioning

@SoapDog %JFdN4wUJ3sGIlZK8LT3VQbYxd9tj6sOBtPcWEAZAQ3Q=.sha256

@kieran one of the joys of using non-windows and non-apple stuff is that you have choices, including the choice of breaking it up :sweat_smile:

Keep us posted on your nix journey. Some people wander around until they find a distro that they love. Others don't really care about distros are are more into their wm/desktops. What excites you about nix?

My excitement about these type of machines is around the idea of setting the machine as you like it. As time passes and you tweak more and more the installation to suit you, you end up not with Devuan or Mint but with a bespoke machine that behaves as you want it to.

User has chosen not to be hosted publicly
Join Scuttlebutt now