How I install my system with i3, cryptsetup and netinst of Debian 10 Buster
I use 5partitions:
- One not encrypted in EXT4 for system (programs, etc) mounted in /
- One encrypted for user files in EXT4 mounted in /home
- One encrypted for logs in EXT4 mounted in /var
- One encrypted for temporary files in EXT4 mounted in /tmp
- A last one encrypted for swap
1. Copy previous user files
How to encrypt several partitions on Debian 9 (Stretch) with cryptsetup & LVM
After have partitioned my hard like it’s explained in the above tutorial, I copy content of my last backup of /home folder to the /home partition:
sudo cp -r --preserve=all <backup> <home part.>
2. Install Debian
I install Debian with the “netinst” image. When the installation ask me what I’d like to install (like desktop, etc), I check nothing (except the printer server in fact).
3. Install sudo command
By default, sudo is not installed with Debian. So I do:
apt install sudo
usermod --append -G sudo authmane512
To avoid having to write my password every 10 minutes, I add below line in
It’s means that I will have to enter my password every 240 minutes…
Before that, make sure the default editor is not an editor that you don’t know:
sudo update-alternatives --config editor
So after launch
sudo visudo , you should see:
# This file MUST be edited with the 'visudo' command as root.
# Please consider adding local content in /etc/sudoers.d/ instead of
# directly modifying this file.
# See the man page for details on how to write a sudoers file.
Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"# Host alias specification# User alias specification# Cmnd alias specification# User privilege specification
root ALL=(ALL:ALL) ALL# Allow members of group sudo to execute any command
%sudo ALL=(ALL:ALL) ALL# See sudoers(5) for more information on "#include" directives:#includedir /etc/sudoers.d
To make changes effective, logout and login again.
4. Install Fish Shell
Here’s a tutorial:
How to install Fish Shell on Debian 9 Stretch
Then to make fish default for root and my user, I do:
5. Install some basic utilities
sudo apt install vim ssh man nano less git tmux openssh-server locate make build-essential rsync tree psmisc
Because I very often use Vim with root, I configure it for that:
sudo ln -s /home/authmane512/.vimrc /root/
I do same with Git and Fish Shell:
sudo ln -s /home/authmane512/.gitconfig /root/
sudo ln -s /home/authmane512/.config/fish/config.fish /root/.config/fish/
sudo apt install python3-pip
sudo pip3 install trash-cli
To remember that I mustn’t use
rm command, I add this in my
alias rm='echo "This is not the command you are looking for."; false'
sudo apt install ntp
sudo systemctl enable ntp
sudo systemctl restart ntp
EDIT: It seems that GNOME already do it without having to enable ntp service.
Suspend and hibernate
To use pm-suspend and pm-hibernate commands:
sudo apt install pm-utils
To be able to suspend my computer without having to enter my password, I add this line to my
authmane512 ALL=(ALL) NOPASSWD: /usr/sbin/pm-suspend
Remember that to modify the file, you must use this command:
6. Configure cryptsetup & fstab
To access to my encrypted files, I have to install cryptsetup with LVM and modify /etc/fstab and /etc/crypttab files.
sudo apt install lvm2 crypttab
Here’s content of my
In /etc/crypttab, I just add:
mycryptedvol UUID=<UUID> none luks
none means that password will be asked at computer startup.
To get the 3 UUID, I use blkid command. There is one UUID for my FAT partition, one for the system partion and one for the cryptsetup partition.
Before reboot, I have to move content of /var in the /var partition and then empty the /var and /home folders. We can do it with the rescue mode of the Debian “netinst” image. It asks automatically password of the encrypted partition.
mount /dev/mapper/MyVG-varLV /mnt
cp -r --preserve=all /var/* /mnt/
mv /home /home.backup
mv /var /var.backup
Don’t forget to be sure that /var partition is empty before copy anything inside!
7. Install i3 and some graphical programs
sudo apt install i3 dmenu i3lock feh xserver-xorg xinit gksu terminator evince nemo diodon file-roller qalculate network-manager-gnome gthumb xfce4-session
Evince is a document viewer, Nemo a file manager, Diodon a clipboard manager, File Roller an archive manager. It is necessary to reboot after installation to make Terminator working.
Know that the command to open network manager is:
And to open the network connections editor, it’s:
You can get my config files here:
i3blocks is a flexible status line for the i3 window manager. We can install it like this:
sudo apt install ruby-ronn sysstat make gcc lm-sensors alsa-utils
git clone git://github.com/vivien/i3blocks
make clean debug
sudo make install
rm -rf i3blocks
To use it, I need to install Awesome and Entypo fonts. I put them in /usr/local/share/fonts:
sudo mv entypo.ttf /usr/local/share/fonts/
sudo mv fontawesome.ttf /usr/local/share/fonts/
It’s necessary to restart after that. I also need the
acpi command to get battery state:
sudo apt install acpi
I install the latest release from:
Create your free GitHub account today to subscribe to this repository for new releases and build software alongside 50…
Then I configure qt5ct:
Note: It may be necessary to install these dependencies
Crow Translate is a simple and lightweight translator programmed in C++ / Qt that allows to translate and speak text…
I add below line to
deb http://ftp.ch.debian.org/debian sid main contrib non-free
ch by letters of your country.
sudo apt update
sudo apt install -t sid firefox
With Firefox, we have to install below package to make sound working:
sudo apt install pulseaudio
Sublime Text 3
It’s explained very well how to install it here:
Linux Package Manager Repositories - Sublime Text 3 Documentation
Sublime Text 3 includes an auto-upgrade mechanism on Windows and OS X to make upgrades a snap. Instead of going against…
Note that it’s necessary to install
apt-transport-https because the Sublime Text repository is in HTTPS.
I download IntelliJ from website:
Download IntelliJ IDEA: The Java IDE for Professional Developers by JetBrains
Code-centric IDE, focused on your productivity. Full Java EE support, deep code understanding, best debugger…
sudo tar -xf ideaIC-2018.2.1-no-jdk.tar.gz
sudo mv idea-IC-182.3911.36/ idea
sudo ln -s /opt/idea/bin/idea.sh /usr/bin/idea
sudo apt install openjdk-8-jdk # not headless version!
IntelliJ will ask automatically to import previous settings.
I also remove files or folders that I don’t need.
I’ve made this tutorial:
8. Configure GTK 2 and 3
To make my system less ugly, I install a GTK theme. For example:
sudo apt install murrine-themes
I have to configure for both Gtk 2 and 3. So, in
/etc/gtk-2.0/gtkrc , I put:
gtk-theme-name = "MurrinaBlue"
gtk-font-name = "Open Sans 10"
gtk-icon-theme-name = "MurrinaBlue"
gtk-theme-name = MurrinaBlue
gtk-font-name = Open Sans 10
gtk-fallback-icon-theme = MurrinaBlue
gtk-icon-theme-name = MurrinaBlue
9. Install missing firmwares
I’ve made an article here:
On my laptop, the following was missing:
sudo apt install firmware-iwlwifi
I also needed to download another firmware from Github:
sudo mkdir /lib/firmware/brcm
sudo mv BCM20702A1-0a5c-21e6.hcd /lib/firmware/brcm/
To be able to use my Wi-Fi USB adapter:
sudo apt install firmware-realtek
It is necessary to reboot after installation of those firmwares.
$ sudo apt install resolvconf
$ sudo systemctl start resolvconf.service
$ sudo systemctl enable resolvconf.service
$ sudo systemctl status resolvconf.service
Edit content of /etc/resolvconf/resolv.conf.d/head :
$ sudo systemctl restart resolvconf.service
$ sudo chattr +i /etc/resolvconf/resolv.conf.d/head
$ cat /etc/resolv.conf # for checking
Enable tap to click on touchpad
We need to install:
sudo apt install xserver-xorg-input-libinput
We also have to be sure that
xserver-xorg-input-synaptics package is not installed:
sudo apt remove xserver-xorg-input-synaptics
Then, I add below content in
Identifier "libinput touchpad catchall"
Option "Tapping" "on"
After that, quit and reopen your graphical interface, in this case i3.
Edit: Finally, I found that modify
/etc/X11/xorg.conf file give me some problems… So I use another solution now.
We need to know the device of our touchpad:
$ xinput list
⎡ Virtual core pointer id=2 [master pointer (3)]
⎜ ↳ Virtual core XTEST pointer id=4 [slave pointer (2)]
⎜ ↳ SynPS/2 Synaptics TouchPad id=12 [slave pointer (2)]
⎜ ↳ TPPS/2 IBM TrackPoint
We can easily guess that it’s “SynPS/2 Synaptics TouchPad”. We can then find the right property to enable tap to click:
$ xinput --list-props "SynPS/2 Synaptics TouchPad"
Device 'SynPS/2 Synaptics TouchPad':
Device Enabled (150): 1
Coordinate Transformation Matrix (152): 1.000000, 0.000000, 0.000000, 0.000000, 1.000000, 0.000000, 0.000000, 0.000000, 1.000000
libinput Tapping Enabled (287): 0
libinput Tapping Enabled Default (288): 0
libinput Tapping Drag Enabled (289): 1
libinput Tapping Drag Enabled Default (290): 1
libinput Tapping Drag Lock Enabled (291): 0
It’s “libinput Tapping Enabled”. To enable tap to click once, do:
xinput --set-prop "SynPS/2 Synaptics TouchPad" "libinput Tapping Enabled" 1
To enable it permanently, I add below line to my i3 config file:
exec --no-startup-id xinput --set-prop "SynPS/2 Synaptics TouchPad" "libinput Tapping Enabled" 1
/etc/default/grub and I put:
noresume is to prevent my system trying resume. Because it always do that uselessly and startup becomes slower…
Then I do:
sudo grub-mkconfig -o /boot/grub/grub.cfg
Configure my second graphic card
How to configure a second graphic card on Arch Linux or Debian 9 Stretch
Hello! In this tutorial, I will explain step by step how I finally succeed to configure my NVIDIA graphic card on my…
To control luminosity of my screen, I need this program:
sudo apt install xbacklight
To configure it, I have to find the
backlight folder in
sudo find /sys/ -type f -iname '*brightness*'
On my Lenovo Thinkpad T430, it’s:
So I open
/etc/X11/xorg.conf and I put:
Option "Backlight" "/sys/devices/pci0000:00/0000:00:02.0/drm/card0/card0-LVDS-1/intel_backlight/"
After that, I restart graphical interface.
Edit: Finally, I prefer not to modify
/etc/X11/xorg.conf and rather use a command like:
echo 4400 | sudo tee /sys/class/backlight/intel_backlight/brightness
Edit 2: I made a keyboard shortcut with i3 to change this file automatically. To makes this possible, I need to make the file reachable to non root users:
sudo chmod 666 /sys/class/backlight/intel_backlight/brightness
Increasing the amount of inotify watchers
echo fs.inotify.max_user_watches=32768 | sudo tee -a /etc/sysctl.conf
sudo sysctl -p
Edit my hosts file
git clone https://github.com/authmane512/hostsfile.git
sudo ln -s /home/authmane512/misc/myhostsfile/hosts /etc/hosts