General Information
This howto is an Howto install a Debian/GNU Linux system onto a USB flash thumbdrive with the root partition encrypted (using Initramfs-tools & DM-Crypt). We use UUIDs for partitions labels to eliminate device conflicts.
Notes:
1. This howto has only been tested to work with Debian Etch.
2. This howto works with the USB thumbdrive detected as any device. Within these notes, you will find /dev/sda.
Requirements
1. Human Brain
2.
Debian Live CD
3. USB Thumb Drive (I use a 8GB Flash drive)
4. A Hell of a lot of Jolt
Installation
As root (duh :P)
I. Load required kernel modules (if necessary)
root@hostname# modprobe ehci_hcd
root@hostname# modprobe ohci_hcd
root@hostname# modprobe usbhid
root@hostname# modprobe usb_storage
root@hostname# modprobe dm-crypt
root@hostname# modprobe aes (or aes_686 or aes_x86_64 as appropriate for your system)
|
II. Install required applications
Install the necessary applications on the build system:
|
$ |
root@hostname# apt-get install cryptsetup dmsetup parted debootstrap grub |
III. Identifying your media
Determine what device our system identifies our flash media as. To do this, simply stick the usb thumbdrive into one of the usb ports and then run the tail command:
debian:/home/user/0.1-prerelease# tail -n 14 /var/log/messages
Nov 6 02:52:39 debian kernel: lo: Disabled Privacy Extensions
Nov 6 02:52:39 debian kernel: IPv6 over IPv4 tunneling driver
Nov 6 03:04:36 debian kernel: usb 5-3: USB disconnect, address 3
Nov 6 03:04:43 debian kernel: usb 5-3: new high speed USB device using ehci_hcd and address 5
Nov 6 03:04:43 debian kernel: usb 5-3: configuration #1 chosen from 1 choice
Nov 6 03:04:43 debian kernel: scsi1 : SCSI emulation for USB Mass Storage devic es
Nov 6 03:04:48 debian kernel: Vendor: Model: CENTRIOS Rev: PMAP
Nov 6 03:04:48 debian kernel: Type: Direct-Access ANSI SCSI revision: 00
Nov 6 03:04:48 debian kernel: SCSI device sda: 16120832 512-byte hdwr sectors ( 8254 MB)
Nov 6 03:04:48 debian kernel: sda: Write Protect is off
Nov 6 03:04:48 debian kernel: SCSI device sda: 16120832 512-byte hdwr sectors ( 8254 MB)
Nov 6 03:04:48 debian kernel: sda: Write Protect is off
Nov 6 03:04:48 debian kernel: sda: sda1
Nov 6 03:04:48 debian kernel: sd 1:0:0:0: Attached scsi removable disk sda
|
As we can see from this output, the device was detected and assigned to /dev/sda.
IV. Partition the media
Next we need to partition the media. For a flash media installation, we will have a boot & a root partition. There will be no swap as this could prematurely age the drive.
For formating, we'll need a small unencrypted boot partition and then assign the rest to / (root).
root@hostname# parted /dev/sda "mklabel msdos mkpart primary 0.0 25.0 mkpart primary 25.0 -0 set 1 boot on"
root@hostname#
|
V. LUKS Format the encrypted partition
root@hostname# cryptsetup luksFormat /dev/sda2
WARNING!
========
This will overwrite data on /dev/sda2 irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
Command successful.
root@hostname#
|
VI. Cryptsetup Mount the Encrypted Partition
root@hostname# cryptsetup luksOpen /dev/sda2 rootfs
Enter LUKS passphrase:
key slot 0 unlocked.
Command successful.
root@hostname#
|
VII. Format the encrypted partition
root@hostname# mkfs.ext2 /dev/mapper/rootfs
mke2fs 1.39-WIP (29-Mar-2006)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
123392 inodes, 246383 blocks
12319 blocks (5.00%) reserved for the super user
First data block=0
8 block groups
32768 blocks per group, 32768 fragments per group
15424 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
|
VIII. Format the boot partition
root@hostname# mkfs.ext2 /dev/sda1
mke2fs 1.39-WIP (29-Mar-2006)
Filesystem label=
OS type: Linux
Block size=1024 (log=0)
Fragment size=1024 (log=0)
5208 inodes, 20800 blocks
1040 blocks (5.00%) reserved for the super user
First data block=1
3 block groups
8192 blocks per group, 8192 fragments per group
1736 inodes per group
Superblock backups stored on blocks:
8193
Writing inode tables: done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 35 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
root@hostname#
|
IX. Get the Universally Unique Identifiers (UUID)
This stage we can lookup the UUIDs for the /boot and encrypted partitions for use later in /etc/crypttab and /etc/fstab.
root@hostname# /lib/udev/vol_id -u /dev/sda1
e2c7d346-f164-4a3f-b98d-eb108c0478d5
root@hostname# /lib/udev/vol_id -u /dev/sda2 or cryptsetup luksUUID /dev/sda2
aba7dc2c-b78f-43e6-b39e-a1b9a185acf9
root@hostname#
|
Note: /sbin/blkid will give the wrong UUID for LUKS partitions.
X. Mount the Partitions
Create a temporary mount point and mount the partition to it so we can install.
root@hostname# mkdir /mnt/buildroot
root@hostname# mount -t ext2 /dev/mapper/rootfs /mnt/buildroot
root@hostname# mkdir /mnt/buildroot/boot
root@hostname# mount /dev/sda1 /mnt/buildroot/boot
root@hostname#
|
XI. Install base packages
Now that we have our partition mounted, we can install the base Debian system onto it.
root@hostname# debootstrap --arch i386 etch /mnt/buildroot
I: Retrieving Release
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Found additional base dependencies: libdb4.2 libgnutls12 libreadline5
libsigc++-2.0-0c2a openbsd-inetd readline-common
I: Checking component main on http://ftp.debian.org/debian...
I: Retrieving adduser
...
...
I: Configuring gnupg...
I: Configuring sysklogd...
I: Configuring klogd...
I: Configuring netbase...
I: Configuring openbsd-inetd...
I: Base system installed successfully.
root@hostname#
|
XII. Temporary bind /dev and /sys to the build directories.
Some applications that we will install while need access to the system devices and files. To allow that we need to bind certain directories.
root@hostname# mount -o bind /dev/ /mnt/buildroot/dev
root@hostname# mount -o bind /sys /mnt/buildroot/sys
root@hostname#
|
XIII. Chroot Jail
root@hostname# chroot /mnt/buildroot /bin/su -l
hostname:~#
|
XIV. System Configuration
FILE: /etc/fstab
Use vi to create the /etc/fstab file and add these contents to it:
#/etc/fstab: static file system information.
#
/dev/mapper/rootfs / ext2 defaults,errors=remount-ro,noatime 0 1
UUID=e2c7d346-f164-4a3f-b98d-eb108c0478d5 /boot ext2 defaults,noatime,ro 0 1
none /proc proc defaults 0 0
tmpfs /tmp tmpfs defaults,noatime 0 0
tmpfs /var/lock tmpfs defaults,noatime 0 0
tmpfs /var/log tmpfs defaults,noatime 0 0
tmpfs /var/run tmpfs defaults,noatime 0 0
|
Note: /var/tmp should not be mounted as tmpfs as the files stored here are often expected to survive a reboot.
Since we're mounting /boot as read-only, we need to add a hook for apt to remount it as read-write for updates. Create /etc/apt/apt.conf.d/30remount_readwrite like so:
DPkg
{
Pre-Invoke {
"mount -o remount,rw /boot;" }
Post-Invoke {
"mount -o remount,ro /boot;" }
}
|
Then mount all the filesystems:
hostname:~# mount -a (may need to be run twice)
hostname:~#
|
Set Hostname
Set the hostname by editing /etc/hostname, and then add the base configuration to /etc/hosts:
127.0.0.1 localhost.localdoman localhost BlackSun
|
FILE: /etc/apt/sources.list
Next we have to add some sources to the Apt configuration.
deb http://ftp.debian.org/debian etch main non-free contrib
deb-src http://ftp.debian.org/debian etch main non-free contrib
deb http://mirrors.kernel.org/debian/ etch main non-free contrib
deb-src http://mirrors.kernel.org/debian/ etch main non-free contrib
deb http://security.debian.org/ etch/updates main contrib non-free
deb http://mirror.noreply.org/pub/tor etch main
deb-src http://mirror.noreply.org/pub/tor etch main
|
Add GPG Keys to keyring for Tor
root@hostname# gpg --keyserver subkeys.pgp.net --recv 94C09C7F
root@hostname# gpg --fingerprint 94C09C7F
*should show you:
pub 1024D/94C09C7F 1999-11-10
Key fingerprint = 5B00 C96D 5D54 AEE1 206B AF84 DE7A AF6E 94C0 9C7F
uid [ultimate] Peter Palfrader
[...]
Then issue
root@hostname# gpg --export 94C09C7F | sudo apt-key add -
|
XV. Recreate subdirectories for tmpfs mounted directories.
Using Tmpfs to save space has one side effect, and that is since it deletes everything when you unmount it, it causes some applications to lose their log directories. So we need to recreate them when the system boots. The easiest way to do that is to create a initialization file in /etc/rcS.d/S37BlackSun-init.sh.
#!/bin/sh
case "$1" in
start)
echo
echo "BlackSun"
echo "-Recreating required subdirectories on /var/log (tmpfs)"
# /var/log subdirectories.
mkdir -p /var/log/fsck
mkdir -p /var/log/ksymoops
mkdir -p /var/log/news
# Example for the mixmaster anonymous remailer
if [ -f /usr/bin/mixmaster ] ; then
mkdir -p /var/log/mixmaster
fi
# Example for the Tor proxy
if [ -f /usr/sbin/tor ] ; then
mkdir -p /var/log/tor
chown -R debian-tor /var/log/tor
fi
# Example for Privoxy
if [ -f /usr/sbin/privoxy ] ; then
mkdir -p /var/log/privoxy
chown -R privoxy /var/log/privoxy
fi
# Apt archive subdirectories.
mkdir -p /var/cache/apt/archives/partial
echo "-done."
echo
;;
stop)
echo "BlackSun shutting down."
# Add anything that needs to happen at shutdown here.
echo
;;
*)
echo "Usage: cryptdisks {start|stop}"
exit 1
;;
esac
|
XVI. Install additional packages.
Start by updating the apt databases.
hostname# apt-get update
Get:1 http://mirrors.kernel.org etch Release.gpg [189B]
Get:2 http://mirrors.kernel.org etch Release [38.3kB]
Get:3 http://mirrors.kernel.org etch/main Packages [4079kB]
Get:4 http://ftp.debian.org etch Release.gpg [189B]
Hit http://ftp.debian.org etch Release
Hit http://ftp.debian.org etch/main Packages
Get:5 http://ftp.debian.org etch/non-free Packages [74.6kB]
Get:6 http://ftp.debian.org etch/contrib Packages [57.1kB]
Get:7 http://ftp.debian.org etch/main Sources [1559kB]
Get:8 http://ftp.debian.org etch/non-free Sources [30.3kB]
Get:9 http://ftp.debian.org etch/contrib Sources [24.3kB]
Get:10 http://mirrors.kernel.org etch/non-free Packages [74.6kB]
Get:11 http://mirrors.kernel.org etch/contrib Packages [57.1kB]
Get:12 http://mirrors.kernel.org etch/main Sources [1559kB]
Get:13 http://mirrors.kernel.org etch/non-free Sources [30.3kB]
Get:14 http://mirrors.kernel.org etch/contrib Sources [24.3kB]
Fetched 7608kB in 48s (158kB/s)
Reading package lists... Done
hostname#
|
As space is limited, remove apt's cached files.
Install initramfs-tools
hostname# apt-get install initramfs-tools
Reading package lists... Done
Building dependency tree... Done
The following extra packages will be installed:
busybox klibc-utils libklibc libvolume-id0 udev
The following NEW packages will be installed:
busybox initramfs-tools klibc-utils libklibc libvolume-id0 udev
0 upgraded, 6 newly installed, 0 to remove and 0 not upgraded.
Need to get 873kB of archives.
After unpacking 2564kB of additional disk space will be used.
Do you want to continue [Y/n]? y
Fetched 873kB in 1s (711kB/s)
Preconfiguring packages ...
Selecting previously deselected package libvolume-id0.
(Reading database ... 9071 files and directories currently installed.)
Unpacking libvolume-id0 (from .../libvolume-id0_0.103-2_i386.deb) ...
Selecting previously deselected package udev.
Unpacking udev (from .../archives/udev_0.103-2_i386.deb) ...
Selecting previously deselected package busybox.
Unpacking busybox (from .../busybox_1%3a1.1.3-4_i386.deb) ...
Selecting previously deselected package libklibc.
Unpacking libklibc (from .../libklibc_1.4.31-1_i386.deb) ...
Selecting previously deselected package klibc-utils.
Unpacking klibc-utils (from .../klibc-utils_1.4.31-1_i386.deb) ...
Selecting previously deselected package initramfs-tools.
Unpacking initramfs-tools (from .../initramfs-tools_0.85e_all.deb) ...
Setting up libvolume-id0 (0.103-2) ...
Setting up udev (0.103-2) ...
A chroot environment has been detected, udev not started.
Setting up busybox (1.1.3-4) ...
Setting up libklibc (1.4.31-1) ...
Setting up klibc-utils (1.4.31-1) ...
Setting up initramfs-tools (0.85e) ...
hostname#
|
Configure /etc/initramfs-tools/modules:
usbcore
ehci-hcd
ohci-hcd
uhci-hcd
usbhid
ide-core
scsi_mod
usb-storage
mbcache
ext2
ide-cd
ide-disk
ide-generic
sd_mod
|
Configure /etc/initramfs-tools/initramfs.conf
# initramfs.conf
# Configuration file for mkinitramfs(8). See initramfs.conf(5).
MODULES=most
BUSYBOX=y
BOOT=local
DEVICE=eth0
NFSROOT=auto
|
Install Cryptsetup
hostname# apt-get install cryptsetup dmsetup hashalot
Reading package lists... Done
Building dependency tree... Done
Suggested packages:
dosfstools
The following NEW packages will be installed:
cryptsetup dmsetup hashalot
0 upgraded, 3 newly installed, 0 to remove and 0 not upgraded.
Need to get 318kB of archives.
After unpacking 942kB of additional disk space will be used.
Do you want to continue [Y/n]? y
...
...
...
Fetched 318kB in 0s (1400kB/s)
Selecting previously deselected package dmsetup.
(Reading database ... 9299 files and directories currently installed.)
Unpacking dmsetup (from .../dmsetup_2%3a1.02.12-1_i386.deb) ...
Selecting previously deselected package cryptsetup.
Unpacking cryptsetup (from .../cryptsetup_2%3a1.0.4+svn26-1_i386.deb) ...
Selecting previously deselected package hashalot.
Unpacking hashalot (from .../hashalot_0.3-4_i386.deb) ...
Setting up dmsetup (1.02.12-1) ...
Setting up cryptsetup (1.0.4+svn26-1) ...
Setting up hashalot (0.3-4) ...
localepurge: Disk space freed in /usr/share/locale: 4K
hostname#
|
Now that cryptsetup is installed, add the required mounting information to /etc/crypttab:
# *target name* *source device* *key file* *options*
rootfs /dev/disk/by-uuid/aba7dc2c-b78f-43e6-b39e-a1b9a185acf9 none luks
|
Install cryptroot scripts for initramfs.
hostname# cp /usr/share/initramfs-tools/hooks/cryptroot /etc/initramfs-tools/hooks/
hostname:~# cp /usr/share/initramfs-tools/scripts/local-top/cryptroot /etc/initramfs-tools/scripts/local-top/
hostname:~#
|
Now we need to add a small delay in /etc/initramfs-tools/scripts/local-top/cryptroot to allow for USB detection.
modprobe -q dm_crypt ## After this line add the following.
# Add delay
echo "Sleeping for 5 seconds to allow USB detection."
sleep 5
echo "Awake, attempting to mount encrypted partitions."
|
Install Tor
root@hostname:~ apt-get install tor
|
Install Xorg
root@hostname:~# apt-get install xorg
|
Install Kde
root@hostname:~# apt-get install kde
|
Install Privoxy
For most users, the default configuration will work acceptably, we just need to verify a few configuration items. The first item is for what interface and port the proxy is listening on.
Configure Privoxy
Once you've installed Privoxy, you will need to configure Privoxy to use Tor. Open Privoxy's "config" file (look in /etc/privoxy/ or /usr/local/etc/) and add the following line to the top of the config file. Don't forget to add the dot at the end.
forward-socks4a / 127.0.0.1:9050 .
|
Privoxy keeps a log file of everything passed through it. In order to stop this you will need to comment out three lines by inserting a # before the line. The three lines are:
and the line
and (on some systems) the line
debug 1 # show each GET/POST/CONNECT request
|
Depending on which default config file you have for Privoxy, you may also need to turn off enable-remote-toggle, enable-remote-http-toggle, and enable-edit-actions.
You'll need to restart Privoxy for the changes to take effect.
root@hostname# /etc/init.d/privoxy start
|
Install IceWeasel
GNU IceWeasel, which will soon be known as GNU IceCat[1], is the web browser from GNU Project. The GNU Project aims with IceWeasel to provide a version of Mozilla Firefox which is made entirely of free software.
apt-get install iceweasel
|
Once Tor, Privoxy & Iceweasel are installed, be sure to install the Tor plugin located at https://addons.mozilla.org/firefox/2275/
Install GCC
Install build-essential
apt-get install build-essential
|
Install libncurses5
apt-get install libncurses5
|
Install libncurses-ruby
apt-get install libncurses-ruby
|
Install OpenSSL
Install Kdevelop
Install Xchat
Install BitchX
Install Xmms
Install OpenVpn
Download the Config Files for Anonet
wget http://anonet.org/quickstart/anonet.conf
wget http://anonet.org/quickstart/anonclient.zip
|
If you are running a UNIX-like operating system, please follow these directions:
1. Save the config file you downloaded earlier to a known place on your filesystem, e.g.
/etc/openvpn/anonet.conf
2. Extract the key files to the same directory, e.g.
/etc/openvpn
3. Connect to the anoNet entry point by running
openvpn --config /etc/openvpn/anonet.conf
4. You should see a bunch of text scroll by, what you are looking for is "Initialization Sequence Completed".
If you see this, you are now connected. If you do not, please contact us.
Install Pidgin w/ OTR Plugin
root@hostname# mkdir /root/build
root@hostname# cd /root/build/
root@hostname# wget http://superb-west.dl.sourceforge.net/sourceforge/pidgin/pidgin-2.2.2.tar.bz2
root@hostname# wget http://www.cypherpunks.ca/otr/libotr-3.1.0.tar.gz
root@hostname# wget http://www.cypherpunks.ca/otr/pidgin-otr-3.1.0.tar.gz
root@hostname# tar -xvf pidgin-2.2.2.tar.bz2
root@hostname# tar -xzvf pidgin-otr-3.1.0.tar.gz
root@hostname# tar -xzvf libotr-3.1.0.tar.gz
root@hostname# apt-get install intltool
root@hostname# apt-get install libgpg-error-dev
root@hostname# apt-get install libgcrypt11-dev
root@hostname# apt-get install libgtk2.0-dev
root@hostname# apt-get install libxml2-dev
root@hostname# apt-get install libgnutls-dev
root@hostname# cd pidgin-2.2.2
root@hostname# ./configure --prefix=/usr --mandir=/usr/share/man
root@hostname# make
root@hostname# make install
root@hostname# cd libotr-3.1.0
root@hostname# ./configure --with-pic --prefix=/usr --mandir=/usr/share/man
root@hostname# make
root@hostname# make install
root@hostname# cd pidgin-otr-3.1.0
root@hostname# ./configure --prefix=/usr --mandir=/usr/share/man
root@hostname# make
root@hostname# make install
root@hostname#
|
Edit /etc/network/interfaces
# Used by ifup(8) and ifdown(8). See the interfaces(5) manpage or
# /usr/share/doc/ifupdown/examples for more information.
auto lo
iface lo inet loopback
#auto eth0
iface eth0 inet dhcp
|
XVII. Install Grub.
We want to install Grub before the kernel. We do this to take advantage of the kernels automagic configuration of the required Grub boot stanzas.
Install grub from within the chroot jail, we need to remount /boot as read-write.
hostname# mount -o remount,rw /boot
hostname# apt-get install grub
hostname#
|
Install grub from outside the chroot jail:
root@hostname# grub-install --recheck --root-directory=/mnt/buildroot /dev/sda
Probing devices to guess BIOS drives. This may take a long time.
Installation finished. No error reported.
This is the contents of the device map /mnt/buildroot//boot/grub/device.map.
Check if this is correct or not. If any of the lines is incorrect,
fix it and re-run the script `grub-install'.
(fd0) /dev/fd0
(hd0) /dev/hda
(hd1) /dev/sda
root@hostname#
|
Inside the chroot jail, we need to open /boot/grub/menu.lst and add this simplified configuration.:
# default num
default 0
# timeout sec
timeout 5
# pretty colours
color green/black black/green
### BEGIN AUTOMAGIC KERNELS LIST
## ## Start Default Options ##
# kopt=root=/dev/mapper/rootfs ro\n")
# groot=(hd0,0)
# alternative=true
# lockalternative=false
# defoptions=
# lockold=false
# howmany=all
# memtest86=true
# updatedefaultentry=false
## ## End Default Options ##
### END DEBIAN AUTOMAGIC KERNELS LIST
|
Then we need to run grub (again from outside the chroot jail) to link it all together
root@hostname# grub
Probing devices to guess BIOS drives. This may take a long time.
GNU GRUB version 0.97 (640K lower / 3072K upper memory)
[ Minimal BASH-like line editing is supported. For
the first word, TAB lists possible command
completions. Anywhere else TAB lists the possible
completions of a device/filename. ]
grub> root (hd1,0)
root (hd1,0)
Filesystem type is ext2fs, partition type 0x83
grub> setup (hd1)
setup (hd1)
Checking if "/boot/grub/stage1" exists... yes
Checking if "/boot/grub/stage2" exists... yes
Checking if "/boot/grub/e2fs_stage1_5" exists... yes
Running "embed /boot/grub/e2fs_stage1_5 (hd1)"...
failed (this is not fatal)
Running "embed /boot/grub/e2fs_stage1_5 (hd1,0)"...
failed (this is not fatal)
Running "install /boot/grub/stage1 (hd1) /boot/grub/stage2
p /boot/grub/menu.lst "... succeeded
Done.
grub> quit
|
Remove the Grub device map to force rescanning during boot.
hostname:~# rm -f /boot/grub/device.map
hostname:~#
|
XVIII. Install kernel.
Install Kernel
Setup Kernel configuration. Edit /etc/kernel-img.conf
do_symlinks = yes
relative_links = yes
do_bootloader = no
do_bootfloppy = no
do_initrd = yes ## <--- Verify this line
link_in_boot = yes
postinst_hook = /sbin/update-grub
postrm_hook = /sbin/update-grub
|
Install the kernel. The package linux-image-686 is a dummy package that requires the current kernel image as a dependency. Remove the linux-image-686 dummy package immediately afterwards or it will force you to update kernels every time a new one is published.
hostname:~# apt-get install linux-image-686
***
hostname:~# apt-get remove linux-image-686
***
hostname:~# apt-get clean
hostname:~#
|
Remount /boot as read-only.
hostname:~# mount -o remount,ro /boot
hostname:~#
|
XIX. Add user accounts
Set root password and add users in the chroot
hostname# chroot /mnt/buildroot /bin/su -
hostname:~# passwd
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
hostname:~# adduser test
Adding user `test'...
Adding new group `test' (1001).
Adding new user `test' (1001) with group `test'.
Creating home directory `/home/test'.
Copying files from `/etc/skel'
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for test
Enter the new value, or press ENTER for the default
Full Name []: test
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [y/N] y
hostname:~#
*Repeat as necessary for more users*
|
XX. Exit Chroot Jail
hostname:~# umount -a
hostname:~# umount /proc
hostname:~# exit
root@hostname:~#
|
XXI. Unmount
root@hostname# umount /mnt/buildroot/dev/mapper
root@hostname# umount /mnt/buildroot/sys
root@hostname# umount /mnt/buildroot
root@hostname# cryptsetup luksClose rootfs
root@hostname#
|
Reboot into the new system!
This guide is © 2007 Lazarus.
Author: Lazarus
ramaeth at gmail dot com