This is what I set up for backups recently using a cheap USB-enclosure which can house 2 SATA disks and shows them as 2 USB mass-storage devices to my system (using only one USB cable). Without any further introduction, here goes the HOWTO:
First, create one big partition on each of the two disks (/dev/sdc and /dev/sdd in my case) of the exact same size. The cfdisk details are omitted here.
$ cfdisk /dev/sdc $ cfdisk /dev/sdd
Then, create a new RAID array using the mdadm utility:
$ mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdc1 /dev/sdd1
The array is named md0, consists of the two devices (--raid-devices=2) /dev/sdc1 and /dev/sdd1, and it's a RAID-1 array, i.e. data is simply mirrored on both disks so if one of them fails you don't lose data (--level=1). After this has been done the array will be synchronized so that both disks contain the same data (this process will take a long time). You can watch the current status via:
$ cat /proc/mdstat Personalities : [raid1] md0 : active raid1 sdd1 sdc1 1465135869 blocks super 1.1 [2/2] [UU] [>....................] resync = 0.0% (70016/1465135869) finish=2440.6min speed=10002K/sec unused devices:
Some more info is also available from mdadm:
$ mdadm --detail --scan ARRAY /dev/md0 metadata=1.01 name=foobar:0 UUID=1234578:1234578:1234578:1234578 $ mdadm --detail /dev/md0 /dev/md0: Version : 1.01 Creation Time : Sat Feb 6 23:58:51 2010 Raid Level : raid1 Array Size : 1465135869 (1397.26 GiB 1500.30 GB) Used Dev Size : 1465135869 (1397.26 GiB 1500.30 GB) Raid Devices : 2 Total Devices : 2 Persistence : Superblock is persistent Update Time : Sun Feb 7 00:03:21 2010 State : active, resyncing Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 Rebuild Status : 0% complete Name : foobar:0 (local to host foobar) UUID : 1234578:1234578:1234578:1234578 Events : 1 Number Major Minor RaidDevice State 0 8 33 0 active sync /dev/sdc1 1 8 49 1 active sync /dev/sdd1
Next, you'll want to create a big partition on the RAID device (cfdisk details omitted)...
$ cfdisk /dev/md0
...and then encrypt all the (future) data on the device using dm-crypt+LUKS and cryptsetup:
$ cryptsetup --verbose --verify-passphrase luksFormat /dev/md0p1 Enter your desired pasphrase here (twice) $ cryptsetup luksOpen /dev/md0p1 myraid
After opening the encrypted container with cryptsetup luksOpen you can create a filesystem on it (ext3 in my case):
$ mkfs.ext3 -j -m 0 /dev/mapper/myraid
That's about it. In future you can access the RAID data by using the steps below.
Starting the RAID and mouting the drive:
$ mdadm --assemble /dev/md0 /dev/sdc1 /dev/sdd1 $ cryptsetup luksOpen /dev/md0p1 myraid $ mount -t ext3 /dev/mapper/myraid /mnt
Shutting down the RAID:
$ umount /mnt $ cryptsetup luksClose myraid $ mdadm --stop /dev/md0
That's all. Performance is shitty due to all the data being shoved out over one USB cable (and USB itself being too slow for these amounts of data), but I don't care too much about that as this setup is meant for backups, not performance-critical stuff.
Update 04/2011: Thanks to Bohdan Zograf there's a Belorussian translation of this article now!
I recently got my hands on a Lenovo IdeaPad S9e netbook for a short amount of time (I don't own it), so I did a few tests with Debian unstable (more or less Lenny right now) and a Linux 2.6.28 kernel on it, see results below.
The machine type is 4187-42G, and it features an Intel Atom N270 CPU (with HyperThreading) at 1.6 GHz, 1 GB of DDR2 RAM, an 80 GB SATA drive, an 8.9" WSVGA 1024x600 (glossy) screen, VGA port, LAN, wifi, bluetooth, 2xUSB, SD card slot, PCI ExpressCard slot, built-in microphone, and a webcam.
You can enter the BIOS by pressing F2, the boot menu by pressing F12 during boot. Booting from USB works fine on this netbook. There's a Splashtop installation on the netbook (called "Lenovo Quickstart" here) which you can disable in the BIOS.
There's no CD-ROM drive, so the simplest way is to use a USB thumb drive for installation. Here's how you can prepare one containing a Lenny installer (assuming your USB thumb drive is /dev/sda):
$ wget http://cdimage.debian.org/debian-cd/5.0.1/i386/iso-cd/debian-501-i386-netinst.iso $ wget http://ftp.nl.debian.org/debian/dists/lenny/main/installer-i386/current/images/hd-media/boot.img.gz $ gunzip boot.img.gz $ dd if=boot.img of=/dev/sda1 $ mount -t vfat /dev/sda1 /mnt $ cp debian-500-i386-netinst.iso /mnt $ umount /mnt
If the above USB thumb drive doesn't boot correctly (which it did not in my case: GRUB error 17) it's probably because of a messed-up MBR. This is how you can fix it:
$ apt-get install mbr $ install-mbr /dev/sda
Then insert the USB thumb drive in the Lenovo IdeaPad S9e, choose USB boot in the BIOS, and start the installer. Most of the process works as usual, the only small difference is that you might want to load the "parted" installer module in order to resize the Windows-partition on the disk (if you want to keep it) to make space for Linux. The second (fat32) partition seems to keep a restore image and/or the Splashtop stuff, not sure.
Works out of the box using the snd_hda_intel driver. The hardware is onboard audio in the southbridge (82801G / ICH7) and uses the Realtek ALC269 codec. If some programs don't have working audio, try modprobe snd-pcm-oss.
Untested so far.
Works out of the box using the bluetooth and btusb driver. The laptop's Bluetooth device is USB-attached internally and shows up in lsusb as:
$ lsusb Bus 003 Device 002: ID 0a5c:2150 Broadcom Corp. $ dmesg usb 3-2: Product: BCM2046 Bluetooth Device
After modprobe btusb you can use hcitool / hciconfig etc. as usual, and/or enable more related stuff with /etc/init.d/bluetooth start.
The lm-sensors script detects the lm75, eeprom, i2c-dev, and i2c_i801 modules. The following is the 'sensors' output:
$ sensors acpitz-virtual-0 Adapter: Virtual device temp1: +36.0 °C (crit = +95.0 °C)
The hard drive temperature can be viewed with:
$ hddtemp /dev/sda /dev/sda: FUJITSU MHZ2080BH G1: 44 °C
$ dmesg | grep -i hpet ACPI: HPET 3F6E1E41, 0038 (r1 INTEL CALISTGA 6040000 LOHR 5A) ACPI: HPET id: 0x8086a201 base: 0xfed00000 hpet clockevent registered HPET: 3 timers in total, 0 timers will be used for per-cpu timer hpet0: at MMIO 0xfed00000, IRQs 2, 8, 0 hpet0: 3 comparators, 64-bit 14.318180 MHz counter
You can check the wakeups-per-second with powertop.
Works out of the box. It seems to be attached via USB internally (usb-storage driver).
$ lsusb Bus 001 Device 004: ID 0bda:0158 Realtek Semiconductor Corp. Mass Stroage Device
Untested so far.
Works fine, see comments for "acpitool" output.
Works out of the box using the tg3 driver.
$ modprobe tg3 tg3.c:v3.94 (August 14, 2008) tg3 0000:02:00.0: PCI INT A -> GSI 16 (level, low) -> IRQ 16 tg3 0000:02:00.0: setting latency timer to 64 eth0: Tigon3 [partno(BCM95906) rev c002 PHY(5906)] (PCI Express) 10/100Base-TX Ethernet 00:11:22:33:44:55 eth0: RXcsums LinkChgREG MIirq ASF WireSpeed TSOcap eth0: dma_rwctrl dma_mask[64-bit]
Works out of the box, both in X as well as in the console using gpm.
$ dmesg Synaptics Touchpad, model: 1, fw: 7.2, id: 0x1c0b1, caps: 0xd04731/0xa40000
I'm using the hibernate Debian package. You can explicitly force the usage of either method in /etc/hibernate/hibernate.conf by uncommenting the respective lines.
TryMethod disk.conf # TryMethod ram.conf
Suspend does not yet work out of the box, however, as the machine is unknown:
$ s2ram -n Machine unknown This machine can be identified by: sys_vendor = "LENOVO " sys_product = "418742G " sys_version = "Lenovo " bios_version = "14CN51WW " See http://suspend.sf.net/s2ram-support.html for details.
After a few test I found that s2ram -f -a 3 works fine (tested from console only so far). Now this needs to be integrated upstream and in the Debian package (I'll file a bug report). Update: Submitted bug #520848, and an email to the upstream mailing list.
There doesn't seem to be a mainline driver for the Broadcom BCM4312 wifi card in the laptop, yet:
$ lspci -nn 05:00.0 Network controller : Broadcom Corporation BCM4312 802.11b/g [14e4:4315] (rev 01)
Neither the b43 nor the b43legacy drivers work as of 2.6.28. For now, one of two possible options is to build a (partly non-free) driver provided by Broadcom from source (option 2 would be to use ndiswrapper, I guess, but that's untested):
$ wget http://people.debian.org/~adamm/kernel/linux-kbuild-2.6.28_2.6.28-0.1_i386.deb $ dpkg -i linux-kbuild-2.6.28_2.6.28-0.1_i386.deb (currently needed in unstable due to bug #518115) $ apt-get install build-essential linux-headers-2.6.28-1-686 $ mkdir temp; cd temp $ wget http://www.broadcom.com/docs/linux_sta/hybrid-portsrc-x86_32-v5_10_79_10.tar.gz $ tar xfvz hybrid-portsrc-x86_32-v5_10_79_10.tar.gz $ make -C /lib/modules/`uname -r`/build M=`pwd` clean $ make -C /lib/modules/`uname -r`/build M=`pwd` modules
If that worked, you can load the driver via:
$ rmmod bcm43xx; rmmod b43; rmmod b43legacy (you could also permanently blacklist these modules) $ modprobe ieee80211_crypt_tkip $ insmod ./wl.ko $ dmesg wl: module license '' taints kernel. wl 0000:05:00.0: PCI INT A -> GSI 18 (level, low) -> IRQ 18 wl 0000:05:00.0: setting latency timer to 64 eth1: Broadcom BCM4315 802.11 Wireless Controller 184.108.40.206
You can now run iwconfig, iwlist, etc. from the command line, or use some GUIs such as kwifimanager.
In order to disable wireless, run:
$ rmmod wl
So far, I only tested WEP (but not WPA).
Works out of the box using the acpi_cpufreq driver. Use cpufreq-set -c 0 -g performance if you need full CPU power, cpufreq-set -c 0 -g powersave otherwise. Use -c 1 to do the same with the other CPU/core.
Works fine out of the box using the pcspkr module, tested with beep.
Works out of the box using the intel X.org driver.
$ xrandr Screen 0: minimum 320 x 200, current 1024 x 600, maximum 1024 x 1024 VGA disconnected (normal left inverted right x axis y axis) LVDS connected 1024x600+0+0 (normal left inverted right x axis y axis) 195mm x 113mm 1024x600 60.0*+ 800x600 60.3 640x480 59.9 TV disconnected (normal left inverted right x axis y axis)
DRI works out of the box with the (mainline, open-source) driver:
$ glxinfo | grep direct direct rendering: Yes
If you attach an external monitor or projector, you can enable it using xrandr as usual:
$ xrandr --output VGA --auto
You can also use a dual-head setup by adding this to your "Screen" section in /etc/X11/xorg.conf:
SubSection "Display" Virtual 2048 2048 EndSubSection
After restarting the X server, you can play with xrandr and move the external screen (VGA) "below" the laptop's LCD screen (LVDS) for a simple dual-head setup. The GUI tools arandr or grandr are probably a bit simpler to use than plain command line xrandr.
Works fine, of course. The only small problem is that there are only two USB ports, more would have been better.
Works fine, it's an 80 GB SATA drive.
Works out of the box using the uvcvideo driver.
$ lsusb Bus 001 Device 005: ID 5986:0141 Acer, Inc $ modprobe uvcvideo uvcvideo: Found UVC 1.00 device Lenovo EasyCamera (5986:0141) input: Lenovo EasyCamera as /devices/pci0000:00/0000:00:1d.7/usb1/1-3/1-3:1.0/input/input9 usb 1-3: New USB device found, idVendor=5986, idProduct=0141 usb 1-3: New USB device strings: Mfr=3, Product=1, SerialNumber=0 usb 1-3: Product: Lenovo EasyCamera usb 1-3: Manufacturer: BISON Corporation
You can use luvcvideo for webcam viewing.
Lasts for ca. 3.5 hours, probably less if the system is under high load.
Fn+CursorUp / Fn+CursorDown (brightness), Fn+ESC (enable/disable webcam), Fn+F1 (sleep mode), Fn+F2 (enable/disable TFT backlight), Fn+F6 (enable/disable thouchpad), Fn+F7 (Num lock), Fn+F8 (scroll lock), and Fn+F11 (F12 key) all work fine.
Fn+F3, Fn+F5, Fn+F9, Fn+F10, and all other special keys are untested.
The power, disk activity, CAPS lock, Num lock, and battery charging LEDs all work fine out of the box.
-[0000:00]-+-00.0 Intel Corporation Mobile 945GME Express Memory Controller Hub [8086:27ac] +-02.0 Intel Corporation Mobile 945GME Express Integrated Graphics Controller [8086:27ae] +-02.1 Intel Corporation Mobile 945GM/GMS/GME, 943/940GML Express Integrated Graphics Controller [8086:27a6] +-1b.0 Intel Corporation 82801G (ICH7 Family) High Definition Audio Controller [8086:27d8] +-1c.0-[0000:02]----00.0 Broadcom Corporation NetLink BCM5906M Fast Ethernet PCI Express [14e4:1713] +-1c.1-[0000:03-04]-- +-1c.2-[0000:05]----00.0 Broadcom Corporation BCM4312 802.11b/g [14e4:4315] +-1d.0 Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #1 [8086:27c8] +-1d.1 Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #2 [8086:27c9] +-1d.2 Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #3 [8086:27ca] +-1d.3 Intel Corporation 82801G (ICH7 Family) USB UHCI Controller #4 [8086:27cb] +-1d.7 Intel Corporation 82801G (ICH7 Family) USB2 EHCI Controller [8086:27cc] +-1e.0-[0000:06]-- +-1f.0 Intel Corporation 82801GBM (ICH7-M) LPC Interface Bridge [8086:27b9] +-1f.1 Intel Corporation 82801G (ICH7 Family) IDE Controller [8086:27df] +-1f.2 Intel Corporation 82801GBM/GHM (ICH7 Family) SATA IDE Controller [8086:27c4] \-1f.3 Intel Corporation 82801G (ICH7 Family) SMBus Controller [8086:27da]
All in all it's a really nice hardware, and it works (more or less) flawlessly without much hassle with recent distros/kernels.
Update 2009-03-22: Updated various sections, added more info. Added resources section.
Yet another thing that has been on my TODO list for quite a while: encrypted USB thumb drives and/or encrypted external USB hard drives.
I have finally tried this over the weekend using loop-AES. This is very useful for securing your USB thumb drive contents in case you lose it or it gets stolen. Also, I use an external USB hard drive for backups (previously unencrypted). This is encryped now, too.
Here's a quick HOWTO:
AES encrypted loop device support" in "
Device Drivers -> Block Devices -> Loopback device support", and recompile the kernel.
loop encryption key scrubbing support" as it seems to promise higher security (can anybody confirm that?).
apt-get install loop-aes-2.6-686(or a similar package) should suffice.
apt-get install loop-aes-utils
shred -n 1 -v /dev/sda3.
-n 25or higher if you want more security and have a few days time to wait for the thing to finish...
losetup -e aes256 -C 3 -S 'seed' /dev/loop0 /dev/sda3.
-C 3means "run hashed password through 3000 iterations of AES-256 before using it for loop encryption. This consumes lots of CPU cycles at loop setup/mount time but not thereafter." (see
losetup(8)). This is supposed to be more secure.
-S 'seed'(replace "
seed" with a secret string like "
g7sN4" or something) should make brute force attacks a bit harder. Don't forget the seed!
mke2fs -j /dev/loop0
losetup -d /dev/loop0
/dev/sda3 /mnt/crypted_sda3 ext3 noauto,loop=/dev/loop0,encryption=AES256,itercountk=3 0 0
mount -o pseed=seed /mnt/crypted_sda3
/mnt/crypted_sda3which will be encrypted automatically.
For a more detailed guide read the Encrypted-Root-Filesystem-HOWTO. A performance comparison of different ciphers is available, but in general I didn't notice too much of a slow-down because of the encryption...
It's a 5 megapixel camera, it has a 4x optical zoom, it's pretty fast, can do videos (640x480 at 30 fps) etc. etc.
Of course, it only comes with a 16 MB SD-card which is a joke, so I'll need to get something like a 1 GB card soonish.
It seems to be pretty well-suited for macro photography (1cm minimum distance), see the samples on the right.
Using this camera with Linux is not as simple as mounting it as an USB mass storage device. Instead, the camera uses the Picture Transfer Protocol (PTP) for file transfers.
Fortunately, the wonderful gphoto2 (
apt-get install gphoto2) supports that, so I can easily get all images and videos off the camera with a simple
(actually, the camera is only "supported" in the current gphoto2 CVS version, the latest stable release, 2.1.6, doesn't really recognize it — but it still works ;-)
As I now have a pretty solid digital camera (compared to my last one), and I've also been gifted a good book on digital photography, I hope to be able to improve the quality of the photos in my photoblog quite a lot in the nearer future.
In any case, I'll sure have some fun with this new toy...