Lenovo ThinkPad X220
Lenovo Thinkpad X serija računara napravljena je da bude što manja i kompaktnija, a da pri tome obezbedi komforan i kvalitetan rad sa što dužim radom na baterije.
Lenovo Thinkpad X220 model 4290-N76
Specifikacija sistema:
- Intel® Core™ i7-2620M (2.7GHz, 4MB L3 cache)
- Intel Mobile QM67 Express Chipset
- 8GB PC3-10600 DDR3 memory at 1333MHz
- Intel HD Graphics 3000
- 12.5" TFT display with 1366x768 resolution with LED backlight
- 2.5" × 7mm hard drive bay with Samsung SSD 830Series, MLC, 256GB, SATA-3
- MiniPCI Express slot with Intel Centrino Advanced-N 6205
- MiniPCI Express slot 2 with WWAN
- Intel Gigabit Ethernet PCI-Express Controller
- ThinkPad Bluetooth Daughter Card with Enhanced Data Rate (BDC-2.1)
- ExpressCard/54 slot
- SD Card slot
- Three USB ports (of which one is USB 3.0 on the i7 model)
- 720p HD Integrated camera
- Stereo digital microphones
- Stereo speakers
- Combined headphone and microphone jack
- UltraNav (Trackpoint and Buttonless Touchpad)
- Integrated Fingerprint Reader (UPEK)
- Comes with 65W AC Adapter
- Supports ThinkPad UltraBase Series 3, ThinkPad Mini Dock Series 3, etc.
cpuinfo
livecd ~ # cat /proc/cpuinfo
processor : 0
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
stepping : 7
microcode : 0x26
cpu MHz : 2691.693
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 2
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5383.38
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
stepping : 7
microcode : 0x26
cpu MHz : 2691.693
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 0
cpu cores : 2
apicid : 1
initial apicid : 1
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5382.53
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 2
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
stepping : 7
microcode : 0x26
cpu MHz : 2691.693
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 1
cpu cores : 2
apicid : 2
initial apicid : 2
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5382.57
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 3
vendor_id : GenuineIntel
cpu family : 6
model : 42
model name : Intel(R) Core(TM) i7-2620M CPU @ 2.70GHz
stepping : 7
microcode : 0x26
cpu MHz : 2691.693
cache size : 4096 KB
physical id : 0
siblings : 4
core id : 1
cpu cores : 2
apicid : 3
initial apicid : 3
fpu : yes
fpu_exception : yes
cpuid level : 13
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx rdtscp lm constant_tsc arch_perfmon pebs bts nopl xtopology nonstop_tsc aperfmperf pni pclmulqdq dtes64 monitor ds_cpl vmx smx est tm2 ssse3 cx16 xtpr pdcm pcid sse4_1 sse4_2 x2apic popcnt tsc_deadline_timer aes xsave avx lahf_lm ida arat epb xsaveopt pln pts dts tpr_shadow vnmi flexpriority ept vpid
bogomips : 5382.58
clflush size : 64
cache_alignment : 64
address sizes : 36 bits physical, 48 bits virtual
power management:
livecd ~ #
lspci - list all PCI devices
livecd ~ # lspci
00:00.0 Host bridge: Intel Corporation 2nd Generation Core Processor Family DRAM Controller (rev 09)
00:02.0 VGA compatible controller: Intel Corporation 2nd Generation Core Processor Family Integrated Graphics Controller (rev 09)
00:16.0 Communication controller: Intel Corporation 6 Series/C200 Series Chipset Family MEI Controller #1 (rev 04)
00:16.3 Serial controller: Intel Corporation 6 Series/C200 Series Chipset Family KT Controller (rev 04)
00:19.0 Ethernet controller: Intel Corporation 82579LM Gigabit Network Connection (rev 04)
00:1a.0 USB controller: Intel Corporation 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #2 (rev 04)
00:1b.0 Audio device: Intel Corporation 6 Series/C200 Series Chipset Family High Definition Audio Controller (rev 04)
00:1c.0 PCI bridge: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 1 (rev b4)
00:1c.1 PCI bridge: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 2 (rev b4)
00:1c.3 PCI bridge: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 4 (rev b4)
00:1c.4 PCI bridge: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 5 (rev b4)
00:1c.6 PCI bridge: Intel Corporation 6 Series/C200 Series Chipset Family PCI Express Root Port 7 (rev b4)
00:1d.0 USB controller: Intel Corporation 6 Series/C200 Series Chipset Family USB Enhanced Host Controller #1 (rev 04)
00:1f.0 ISA bridge: Intel Corporation QM67 Express Chipset Family LPC Controller (rev 04)
00:1f.2 SATA controller: Intel Corporation 6 Series/C200 Series Chipset Family 6 port SATA AHCI Controller (rev 04)
00:1f.3 SMBus: Intel Corporation 6 Series/C200 Series Chipset Family SMBus Controller (rev 04)
03:00.0 Network controller: Intel Corporation Centrino Advanced-N 6205 (rev 34)
0d:00.0 System peripheral: Ricoh Co Ltd Device e823 (rev 04)
0e:00.0 USB controller: NEC Corporation uPD720200 USB 3.0 Host Controller (rev 04)
livecd ~ #
hdparm - get/set SATA/IDE device parameters
livecd ~ # hdparm -tT /dev/sda
/dev/sda:
Timing cached reads: 4566 MB in 2.00 seconds = 2284.89 MB/sec
Timing buffered disk reads: 1482 MB in 3.00 seconds = 493.45 MB/sec
livecd ~ #
Priprema diska za kriptovanu instalaciju
Provera diska na lose sktore
It's probably a good idea to check your entire disk for errors before you start. Not only is this good practice, but modern hard disks contain a few 'spare' sectors, and if errors are detected while reading, they can silently replace the bad sector with a backup sector (this is invisible to the OS). So writing and reading the entire disk before you start should allow this to happen.
moderni hard diskovi sadrže nekoliko "rezervnih" sektora
livecd ~ # badblocks -c 10240 -s -w -t random -v /dev/sda
Checking for bad blocks in read-write mode
From block 0 to 250059095
Testing with random pattern: done
Reading and comparing: done
Pass completed, 0 bad blocks found.
livecd ~ #
livecd ~ # shred -v /dev/sda
shred: /dev/sda: pass 1/3 (random)...
shred: /dev/sda: pass 1/3 (random)...1.8GiB/239GiB 0%
shred: /dev/sda: pass 1/3 (random)...2.6GiB/239GiB 1%
......
shred: /dev/sda: pass 3/3 (random)...237GiB/239GiB 99%
shred: /dev/sda: pass 3/3 (random)...238GiB/239GiB 99%
shred: /dev/sda: pass 3/3 (random)...239GiB/239GiB 100%
livecd ~ #
Ucitavanje modula za enkripciju
root@sysresccd /root % modprobe aes_x86_64
livecd ~ # modprobe aes_generic
root@sysresccd /root % cryptsetup luksFormat -c aes-xts-plain -s 256 -y /dev/sda
WARNING!
========
This will overwrite data on /dev/sda irrevocably.
Are you sure? (Type uppercase yes): YES
Enter LUKS passphrase:
Verify passphrase:
root@sysresccd /root %
root@sysresccd /root % hexdump -n 256 -C /dev/sda
00000000 4c 55 4b 53 ba be 00 01 61 65 73 00 00 00 00 00 |LUKS....aes.....|
....root@sysresccd /root %
root@sysresccd /root % cryptsetup luksOpen /dev/sda disk
Enter passphrase for /dev/sda:
root@sysresccd /root %
root@sysresccd /root % fdisk -l /dev/mapper/disk
Disk /dev/mapper/disk: 256.1 GB, 256058417152 bytes
255 heads, 63 sectors/track, 31130 cylinders, total 500114096 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk identifier: 0xa82bc555
Disk /dev/mapper/disk doesn't contain a valid partition table
root@sysresccd /root %
LVM2
Create a Physical Volume containing the encrypted device
root@sysresccd /root % pvcreate /dev/mapper/disk
Writing physical volume data to disk "/dev/mapper/disk"
Physical volume "/dev/mapper/disk" successfully created
root@sysresccd /root %
Create a Volume Group lvm
root@sysresccd /root % vgcreate lvm /dev/mapper/disk
Volume group "lvm" successfully created
root@sysresccd /root %
Create Logical Volumes that will become your final partitions
root@sysresccd /root % lvcreate -l100%FREE -nroot lvm
Logical volume "root" created
root@sysresccd /root %
More about DM-Crypt here
http://en.gentoo-wiki.com/wiki/DM-Crypt_with_LUKS
http://de.gentoo-wiki.com/wiki/DM-Crypt
http://en.gentoo-wiki.com/wiki/DM-Crypt
http://en.gentoo-wiki.com/wiki/Root_filesystem_over_LVM2,_DM-Crypt_and_RAID
ext4
root@sysresccd /root % mkfs.ext4 /dev/mapper/lvm-root
mke2fs 1.42.1 (17-Feb-2012)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
15630336 inodes, 62513152 blocks
3125657 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=0
1908 block groups
32768 blocks per group, 32768 fragments per group
8192 inodes per group
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,
4096000, 7962624, 11239424, 20480000, 23887872
Allocating group tables: done
Writing inode tables: done
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done
root@sysresccd /root %
Instalacija
root@sysresccd /root % mount /dev/mapper/lvm-root /mnt/gentoo
root@sysresccd /root %
root@sysresccd /root % cd /mnt/gentoo
root@sysresccd /mnt/gentoo % wget http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3/stage3-amd64-20120524.tar.bz2
root@sysresccd /mnt/gentoo % wget http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3/stage3-amd64-20120524.tar.bz2.CONTENTS
root@sysresccd /mnt/gentoo % wget http://distfiles.gentoo.org/releases/amd64/autobuilds/current-stage3/stage3-amd64-20120524.tar.bz2.DIGESTS
root@sysresccd /mnt/gentoo % md5sum -c stage3-amd64-20120524.tar.bz2.DIGESTS
stage3-amd64-20120524.tar.bz2: OK
stage3-amd64-20120524.tar.bz2.CONTENTS: OK
md5sum: WARNING: 2 lines are improperly formatted
root@sysresccd /mnt/gentoo %
root@sysresccd /mnt/gentoo % wget http://distfiles.gentoo.org/releases/snapshots/current/portage-latest.tar.bz2
root@sysresccd /mnt/gentoo % wget http://distfiles.gentoo.org/releases/snapshots/current/portage-latest.tar.bz2.md5sum
root@sysresccd /mnt/gentoo % md5sum -c portage-latest.tar.bz2.md5sum
portage-latest.tar.bz2: OK
root@sysresccd /mnt/gentoo %
root@sysresccd /mnt/gentoo % tar -jxvf stage3-amd64-20120524.tar.bz2
root@sysresccd /boot % mount -t proc none /mnt/gentoo/proc
root@sysresccd /boot % mount -o bind /dev/ /mnt/gentoo/dev
root@sysresccd /boot % mount -o bind /dev/pts /mnt/gentoo/dev/pts
root@sysresccd / % cp -L /etc/resolv.conf /mnt/gentoo/etc/
root@sysresccd / % cd /
root@sysresccd / % chroot /mnt/gentoo /bin/bash
sysresccd / # env-update && source /etc/profile
>>> Regenerating /etc/ld.so.cache...
sysresccd / # export PS1="(chroot) $PS1"
(chroot) sysresccd / #
(chroot) sysresccd / # emerge --sync
make.conf
CFLAGS="-O2 -pipe -march=native -mtune=generic"
CXXFLAGS="${CFLAGS}"
LDFLAGS="-Wl,-O1 -Wl,--as-needed"
CHOST="x86_64-pc-linux-gnu"
ACCEPT_KEYWORDS="~amd64"
MAKEOPTS="-j4"
USE=" mmx sse sse2 sse3"
http://en.gentoo-wiki.com/wiki/Safe_Cflags
less /usr/portage/profiles/use.desc
Profil
(chroot) sysresccd profiles # eselect profile list
Available profile symlink targets:
[1] default/linux/amd64/10.0 *
[2] default/linux/amd64/10.0/selinux
[3] default/linux/amd64/10.0/desktop
[4] default/linux/amd64/10.0/desktop/gnome
[5] default/linux/amd64/10.0/desktop/kde
[6] default/linux/amd64/10.0/developer
[7] default/linux/amd64/10.0/no-multilib
[8] default/linux/amd64/10.0/server
[9] hardened/linux/amd64
[10] hardened/linux/amd64/selinux
[11] hardened/linux/amd64/no-multilib
[12] hardened/linux/amd64/no-multilib/selinux
(chroot) sysresccd #
(chroot) sysresccd # eselect profile set 3
(chroot) sysresccd #
Ovim smo izabrali profil broj tri.
UTF8
(chroot) sysresccd # nano -w /etc/locale.gen
Kernel
(chroot) sysresccd # emerge -av gentoo-sources
(chroot) sysresccd # emerge -av genkernel
Pravljenje generickog kernela sa initramfs-om
(chroot) sysresccd # genkernel all
Paludis
(chroot) sysresccd profiles # emerge -av paludis
portage2paludis skript
(chroot) sysresccd # wget http://git.exherbo.org/paludis/paludis-scripts.git/plain/portage2paludis.bash
(chroot) sysresccd # chmod 755 portage2paludis.bash && ./portage2paludis.bash
(chroot) sysresccd # mkdir -p
Document Actions