[Support] System Encryption DM-Crypt with LUKS

Message

Reikinio · Post by **Reikinio** » Wed Aug 02, 2006 1:33 am

computer_guy57 wrote:Having a little trouble on my 2nd attempt. Correct .cpio got linked into kernel (I think), but on reboot I get:
Code: Select all
Failed to execute /init
Kernel panic - not syncing: No init found. Try passing init= option to kernel.
Permissions problem, perhaps?

Probably, how are you creating the initramfs image ?
Make sure you chmod 755 init.
To get the initramfs image linked to the kernel, this is what you need to do:

Code: Select all

# Remove previous image, if you're recompiling the kernel, a previous image will exist 
rm -iv /usr/src/linux/usr/initramfs_data.cpio.gz 
# Copy new initramfs image to /usr/src/linux/src
cp /root/initramfs_data.cpio.gz /usr/src/linux/src/
# Touch it to prevent it being overwrited with kernel's default initramfs image. 
touch /usr/src/linux/usr/initramfs_data.cpio.gz
# configure and compile your kernel
# leave CONFIG_INITRAMFS_SOURCE empty!!
make && make modules_install
# basic check, size=size of kernel + size of initramfs_data.cpio.gz, more or less
du -h /usr/src/linux/arch/i386/boot/bzImage 
# copy kernel to /boot
cp -i arch/i386/boot/bzImage /boot/<kernel>
# reboot

computer_guy57 · Post by **computer_guy57** » Wed Aug 02, 2006 3:12 am

I did redo the whole initramfs, following exactly the instructions in the howto. Made sure to include the chmod 0755... line. Same problem.

If the only change in the kernel is the .gz image in /usr/src/linux/usr, do I have to do make menuconfig before make, to ensure that the image gets linked?

I'm contemplating just going to an encrypted home partition only. Can you give us a treatment of why this probably isn't the best way to go? (Mods: if this thread is inappropriate for this discussion we can move it somewhere else.)

Post by **candrews** » Wed Aug 02, 2006 4:46 pm

Genkernel 3.4 now supports luks. Make sure you have cryptsetup-luks emerged with -dynamic (which is the default) and just make your kernel as normal with genkernel, but add "--luks" to the genkernel command. Make sure grub uses the initrd, too.

Zmyrgel · Post by **Zmyrgel** » Thu Aug 10, 2006 5:44 pm

Hi, I tested this encryption and suprisingly I can't boot my system anymore

Code: Select all

Failed to execute /init
/bin/sh can't access tty: job control turned off

Any idea how to fix this? I managed to get past few kernel panics but this is where my skill stops...

Code: Select all

title=Gentoo 2.6.17
kernel (hd0,0)/kernel-2.6 root=/dev/sda3 ikmap=fi-latin1-i386.bin video=vesafb:$
initrd (hd0,0)/initramfs-gentoo-crypt

Kernel is compiled as in guide, and almost all made exactly as in guide, though I use aes cipher.

Reikinio · Post by **Reikinio** » Thu Aug 10, 2006 6:32 pm

Hi

Zmyrgel wrote:Hi, I tested this encryption and suprisingly I can't boot my system anymore
Code: Select all
Failed to execute /init
/bin/sh can't access tty: job control turned off
Any idea how to fix this? I managed to get past few kernel panics but this is where my skill stops...
Code: Select all
title=Gentoo 2.6.17
kernel (hd0,0)/kernel-2.6 root=/dev/sda3 ikmap=fi-latin1-i386.bin video=vesafb:$
initrd (hd0,0)/initramfs-gentoo-crypt
Kernel is compiled as in guide, and almost all made exactly as in guide, though I use aes cipher.

The init script must have executable permissions, make sure you chmod 755 init.
Job control and the init applet in busybox configuration should be disabled, are they disabled ?

Code: Select all

Init Utilities  --->
   [ ] init
Shells --->
   [ ]   Job control

Please post your busybox.conf, but before you do so, compare it with the one in the guide.

Also, can you post your initramfs image structure, the device nodes should be there, /dev/console and /dev/null, make sure they have the proper major/minor numbers.

btw, the guide is still "under development"

I'm going to finish it soon, probably today.

Zmyrgel · Post by **Zmyrgel** » Thu Aug 10, 2006 6:37 pm

Reikinio wrote: The init script must have executable permissions, make sure you chmod 755 init.

Yeah, I made sure that this is done.

Job control and the init applet in busybox configuration should be disabled, are they disabled ?
Code: Select all
Init Utilities  --->
   [ ] init
Shells --->
   [ ]   Job control

Not 100% sure about this so I test it and see if it helps

Please post your busybox.conf, but before you do so, compare it with the one in the guide.

Ok

Also, can you post your initramfs image structure, the device nodes should be there, /dev/console and /dev/null, make sure they have the proper major/minor numbers.

I made the nodes as in the guide.

btw, the guide is still "under development"
I'm going to finish it soon, probably today.

Now you tell me

Reikinio · Post by **Reikinio** » Thu Aug 10, 2006 6:41 pm

candrews wrote:Genkernel 3.4 now supports luks. Make sure you have cryptsetup-luks emerged with -dynamic (which is the default) and just make your kernel as normal with genkernel, but add "--luks" to the genkernel command. Make sure grub uses the initrd, too.

What do you mean ?
LUKS support with genkernel has been there for a long time, the LUKS site has instructions for it, and there is a note in the guide recommending people to not use the guide and use genkernel with the LUKS site's instructions instead(to avoid themselves the trouble of doing everything by hand).
I'll move it to the "Introduction" section of the guide, so everyone reads it.

computer_guy57 wrote: If the only change in the kernel is the .gz image in /usr/src/linux/usr, do I have to do make menuconfig before make, to ensure that the image gets linked?

Not needed.

computer_guy57 wrote: I'm contemplating just going to an encrypted home partition only. Can you give us a treatment of why this probably isn't the best way to go? (Mods: if this thread is inappropriate for this discussion we can move it somewhere else.)

Because an attacker could tamper with your root partition data, and modify the system to perform a man-in-the-middle attack(reading the passphrase for your /home partition) without you noticing it.

PS: Sorry for the delay.

Reikinio · Post by **Reikinio** » Thu Aug 10, 2006 6:48 pm

Zmyrgel wrote: Now you tell me

There was/is a big yellow sign with the following message "Under development"

I'm curious about that "Failed to execute /init " message, never happened to me(both in my main sys and my laptop), It should not be hard to figure out the culprit, post your busybox .config and all the error messages(if there're more).

Zmyrgel · Post by **Zmyrgel** » Thu Aug 10, 2006 7:11 pm

Reikinio wrote: There was/is a big yellow sign with the following message "Under development"

Need better glasses or something

I'm curious about that "Failed to execute /init " message, never happened to me(both in my main sys and my laptop), It should not be hard to figure out the culprit, post your busybox .config and all the error messages(if there're more).

Ok, I got past that by checking the busybox options and disablin the job control. It should be pointed out in the wiki entry too, I didn't remove any default options from it. I didn't have the "init" enabled, though. There should be a troubleshooting section in the wiki entry. Would help a lot if the most common errors would be collected and put there to aid others in encrypting their hard drives.

Sadly I didn't get far with this, now I too get the "No init found" as few posts above. I tried to run it as with the initrd think as I'm new to this initramfs thingy. So, when I copy the file into the kernel sources and compile it, it should be all done and such issue the correct options in grub and it should boot? No additional file movings or initrd lines?

Reikinio · Post by **Reikinio** » Thu Aug 10, 2006 7:32 pm

Zmyrgel wrote: Ok, I got past that by checking the busybox options and disablin the job control. It should be pointed out in the wiki entry too, I didn't remove any default options from it. I didn't have the "init" enabled, though. There should be a troubleshooting section in the wiki entry. Would help a lot if the most common errors would be collected and put there to aid others in encrypting their hard drives.

I'll add them to the busybox configuration example, they should be disabled, in particular the init applet must not be enabled.
Yes, there is one(FAQ section), but unfortunately does not contain much info on how to troubleshoot the initramfs not being built correctly, I'll add some info for it and rename it to "FAQ/Troubleshooting".

Zmyrgel wrote: Sadly I didn't get far with this, now I too get the "No init found" as few posts above. I tried to run it as with the initrd think as I'm new to this initramfs thingy. So, when I copy the file into the kernel sources and compile it, it should be all done and such issue the correct options in grub and it should boot? No additional file movings or initrd lines?

The initramfs image should be copied to /usr/src/linux/usr/(rename the file to initramfs_data.cpio.gz) if and only if you want it to be built into the kernel, if you do this you don't need to pass it via the bootloader, hence you should remove the initrd line from grub.conf
I find it better to pass the initramfs archive via the bootloader, because it's easy to fix if you did something wrong(decompress initramfs, fix, pack, done), if you do this, you don't need to copy the initramfs image to /usr/src/linux/usr , you place it in /boot, and add a proper initrd line to grub.conf

If you're passing the initramfs via the bootloader, you add this to grub.conf

Code: Select all

root (hd0,0)
kernel /boot/kernel-2.6 root=/dev/sda3 ikmap=fi-latin1-i386.bin
initrd /boot/initramfs-gentoo-crypt

You're getting the "no init found" because the kernel is not using initramfs-gentoo-crypt, either because it's not linked to the kernel or because it's not passed by the bootloader.

Reikinio · Post by **Reikinio** » Thu Aug 10, 2006 7:38 pm

Oh shit, I forgot about something.

The following kernel options are required to load the initramfs via the bootloader

Code: Select all

Device Drivers  --->
    Block devices  --->
     <*> RAM disk support
     [*]   Initial RAM disk (initrd) support

I think this is most likely your problem, sorry.

Zmyrgel · Post by **Zmyrgel** » Thu Aug 10, 2006 8:15 pm

Reikinio wrote:Oh shit, I forgot about something.
The following kernel options are required to load the initramfs via the bootloader
Code: Select all
Device Drivers  --->
    Block devices  --->
     <*> RAM disk support
     [*]   Initial RAM disk (initrd) support
I think this is most likely your problem, sorry.

Sorry, just checked and both were enabled.

I made it that I removed the initramfs-data-cpio.gz from the kernel and recompiled the kernel. Then I added the entries to use the initrd in the grub.conf and now I get nice mix:

Code: Select all

Failure to execute /init
Kernel Panic - Init not found

Truly interresting issue....

A side note, you could add in the wiki on how exactly add more partitions on the setup and what about LVM?

Details of my installation:

Code: Select all

/dev/sda1 /boot
/dev/sda2 /swap
/dev/sda3 /
/dev/sda4 /home

I tried to edit /etc/conf.d/cryptfs...

Code: Select all

# /etc/conf.d/cryptfs
# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/cryptfs.confd,v 1.3 2005/06/25 14:11:37 swegener Exp $

# Note regarding the syntax of this file.  This file is *almost* bash,
# but each line is evaluated separately.  Separate swaps/mounts can be
# specified.  The init-script which reads this file assumes that a
# swap= or mount= line starts a new section, similar to lilo or grub
# configuration.

# Note when using gpg keys and /usr on a separate partition, you will
# have to copy /usr/bin/gpg to /bin/gpg so that it will work properly.
# See http://bugs.gentoo.org/90482 for more information.

# Swap partitions. These should come first so that no keys make their
# way into unencrypted swap.
# If no options are given, they will default to: -c aes -h sha1 -d /dev/urandom
# If no makefs is given then mkswap will be assumed
swap=crypt-swap
source='/dev/mapper/swap'

# Mounts
# If no options are given, they will default to: -c aes -h sha1
# No mkfs is run unless you specify a makefs option
# NOTE: if you are using cryptsetup-luks and want to use its features
# then you must add a type=luks line otherwise it will be treated like
# the original cryptsetup

# dm-crypt example

mount=crypt-home
source='/dev/mapper/home'
type=luks
#options='-d /root/keyfile'
#pre_mount='/sbin/mkreiserfs -f -f ${dev}'
#post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}'

# Loopback file example

#mount='home-crypt'
#source='/dev/loop0'
#options='-c serpent -s 256'
#loop_file='/mnt/crypt/home'

build_initramfs

Code: Select all

.  ..  bin  dev  etc  init  new-root  proc  sbin  sys

./bin:
.         chmod      dmesg     gzip      mknod       seq          tty
..        chown      du        head      more        setkeycodes  umount
[         chvt       dumpkmap  kill      mount       sh           uname
[[        clear      echo      killall   mountpoint  sleep        uudecode
ash       cp         egrep     less      mv          sort         uuencode
awk       cpio       env       ln        pidof       strings      vi
basename  cut        expr      loadfont  ps          sync         watch
bunzip2   date       false     ls        pwd         tail         wc
busybox   dd         fgrep     lsattr    readlink    tar          which
bzcat     deallocvt  find      md5sum    reset       test         xargs
cat       df         free      mesg      rm          touch        yes
chattr    diff       grep      mkdir     rmdir       tr           zcat
chgrp     dirname    gunzip    mkfifo    sed         true

./dev:
.  ..  console  null

./etc:
.  ..  fi-latin1-i386.bin  msg  splash

./etc/splash:
.  ..  GoGentooGo

./etc/splash/GoGentooGo:
.  ..  1024x768.cfg  images  silent-1024x768.jpg

./etc/splash/GoGentooGo/images:
.  ..  silent-1024x768.jpg  verbose-1024x768.jpg

./new-root:
.  ..

./proc:
.  ..

./sbin:
.       fdisk      insmod    mkfs.ext2  reboot              swapoff
..      fsck       loadkmap  mkfs.ext3  rmmod               swapon
chroot  fsck.ext2  lsmod     mkswap     splash_helper       switch_root
e2fsck  fsck.ext3  mdev      modprobe   splash_util.static  sysctl
fbset   halt       mke2fs    poweroff   start-stop-daemon   tune2fs

./sys:

Busybox config

Code: Select all

#
# Automatically generated make config: don't edit
#
HAVE_DOT_CONFIG=y

#
# Busybox Settings
#

#
# General Configuration
#
# CONFIG_NITPICK is not set
# CONFIG_FEATURE_BUFFERS_USE_MALLOC is not set
# CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set
# CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set
CONFIG_SHOW_USAGE=y
# CONFIG_FEATURE_VERBOSE_USAGE is not set
# CONFIG_FEATURE_COMPRESS_USAGE is not set
# CONFIG_FEATURE_INSTALLER is not set
# CONFIG_LOCALE_SUPPORT is not set
CONFIG_GETOPT_LONG=y
CONFIG_FEATURE_DEVPTS=y
# CONFIG_FEATURE_CLEAN_UP is not set
# CONFIG_FEATURE_SUID is not set
# CONFIG_FEATURE_SUID_CONFIG is not set
# CONFIG_FEATURE_SUID_CONFIG_QUIET is not set
# CONFIG_SELINUX is not set
CONFIG_BUSYBOX_EXEC_PATH="/proc/self/exe"

#
# Build Options
#
CONFIG_STATIC=y
# CONFIG_BUILD_LIBBUSYBOX is not set
# CONFIG_FEATURE_FULL_LIBBUSYBOX is not set
# CONFIG_FEATURE_SHARED_BUSYBOX is not set
CONFIG_LFS=y
# USING_CROSS_COMPILER is not set
CROSS_COMPILER_PREFIX=""
# CONFIG_BUILD_AT_ONCE is not set

#
# Debugging Options
#
# CONFIG_DEBUG is not set
# CONFIG_DEBUG_PESSIMIZE is not set
# CONFIG_NO_DEBUG_LIB is not set
# CONFIG_DMALLOC is not set
# CONFIG_EFENCE is not set
CONFIG_DEBUG_YANK_SUSv2=y

#
# Installation Options
#
CONFIG_INSTALL_NO_USR=y
CONFIG_INSTALL_APPLET_SYMLINKS=y
# CONFIG_INSTALL_APPLET_HARDLINKS is not set
# CONFIG_INSTALL_APPLET_DONT is not set
PREFIX="./_install"

#
# Busybox Library Tuning
#
CONFIG_MD5_SIZE_VS_SPEED=2

#
# Applets
#

#
# Archival Utilities
#
# CONFIG_AR is not set
# CONFIG_FEATURE_AR_LONG_FILENAMES is not set
CONFIG_BUNZIP2=y
CONFIG_CPIO=y
# CONFIG_DPKG is not set
# CONFIG_DPKG_DEB is not set
# CONFIG_FEATURE_DPKG_DEB_EXTRACT_ONLY is not set
CONFIG_GUNZIP=y
# CONFIG_FEATURE_GUNZIP_UNCOMPRESS is not set
CONFIG_GZIP=y
# CONFIG_RPM2CPIO is not set
# CONFIG_RPM is not set
CONFIG_TAR=y
CONFIG_FEATURE_TAR_CREATE=y
CONFIG_FEATURE_TAR_BZIP2=y
# CONFIG_FEATURE_TAR_LZMA is not set
# CONFIG_FEATURE_TAR_FROM is not set
CONFIG_FEATURE_TAR_GZIP=y
# CONFIG_FEATURE_TAR_COMPRESS is not set
# CONFIG_FEATURE_TAR_OLDGNU_COMPATIBILITY is not set
CONFIG_FEATURE_TAR_GNU_EXTENSIONS=y
# CONFIG_FEATURE_TAR_LONG_OPTIONS is not set
# CONFIG_UNCOMPRESS is not set
# CONFIG_UNLZMA is not set
# CONFIG_FEATURE_LZMA_FAST is not set
# CONFIG_UNZIP is not set

#
# Common options for cpio and tar
#
# CONFIG_FEATURE_UNARCHIVE_TAPE is not set
# CONFIG_FEATURE_DEB_TAR_GZ is not set
# CONFIG_FEATURE_DEB_TAR_BZ2 is not set
# CONFIG_FEATURE_DEB_TAR_LZMA is not set

#
# Coreutils
#
CONFIG_BASENAME=y
# CONFIG_CAL is not set
CONFIG_CAT=y
# CONFIG_CATV is not set
CONFIG_CHGRP=y
CONFIG_CHMOD=y
CONFIG_CHOWN=y
CONFIG_CHROOT=y
# CONFIG_CKSUM is not set
# CONFIG_CMP is not set
# CONFIG_COMM is not set
CONFIG_CP=y
CONFIG_CUT=y
CONFIG_DATE=y
CONFIG_FEATURE_DATE_ISOFMT=y
CONFIG_DD=y
CONFIG_FEATURE_DD_SIGNAL_HANDLING=y
CONFIG_FEATURE_DD_IBS_OBS=y
CONFIG_DF=y
CONFIG_DIFF=y
CONFIG_FEATURE_DIFF_BINARY=y
CONFIG_FEATURE_DIFF_DIR=y
# CONFIG_FEATURE_DIFF_MINIMAL is not set
CONFIG_DIRNAME=y
# CONFIG_DOS2UNIX is not set
# CONFIG_UNIX2DOS is not set
CONFIG_DU=y
CONFIG_FEATURE_DU_DEFAULT_BLOCKSIZE_1K=y
CONFIG_ECHO=y
CONFIG_FEATURE_FANCY_ECHO=y
CONFIG_ENV=y
# CONFIG_FEATURE_ENV_LONG_OPTIONS is not set
CONFIG_EXPR=y
# CONFIG_EXPR_MATH_SUPPORT_64 is not set
CONFIG_FALSE=y
# CONFIG_FOLD is not set
CONFIG_HEAD=y
CONFIG_FEATURE_FANCY_HEAD=y
# CONFIG_HOSTID is not set
# CONFIG_ID is not set
# CONFIG_INSTALL is not set
# CONFIG_FEATURE_INSTALL_LONG_OPTIONS is not set
# CONFIG_LENGTH is not set
CONFIG_LN=y
# CONFIG_LOGNAME is not set
CONFIG_LS=y
CONFIG_FEATURE_LS_FILETYPES=y
CONFIG_FEATURE_LS_FOLLOWLINKS=y
CONFIG_FEATURE_LS_RECURSIVE=y
CONFIG_FEATURE_LS_SORTFILES=y
CONFIG_FEATURE_LS_TIMESTAMPS=y
CONFIG_FEATURE_LS_USERNAME=y
CONFIG_FEATURE_LS_COLOR=y
# CONFIG_FEATURE_LS_COLOR_IS_DEFAULT is not set
CONFIG_MD5SUM=y
CONFIG_MKDIR=y
CONFIG_FEATURE_MKDIR_LONG_OPTIONS=y
CONFIG_MKFIFO=y
CONFIG_MKNOD=y
CONFIG_MV=y
CONFIG_FEATURE_MV_LONG_OPTIONS=y
# CONFIG_NICE is not set
# CONFIG_NOHUP is not set
# CONFIG_OD is not set
# CONFIG_PRINTENV is not set
# CONFIG_PRINTF is not set
CONFIG_PWD=y
# CONFIG_REALPATH is not set
CONFIG_RM=y
CONFIG_RMDIR=y
CONFIG_SEQ=y
# CONFIG_SHA1SUM is not set
CONFIG_SLEEP=y
# CONFIG_FEATURE_FANCY_SLEEP is not set
CONFIG_SORT=y
CONFIG_FEATURE_SORT_BIG=y
# CONFIG_STAT is not set
# CONFIG_FEATURE_STAT_FORMAT is not set
# CONFIG_STTY is not set
# CONFIG_SUM is not set
CONFIG_SYNC=y
CONFIG_TAIL=y
CONFIG_FEATURE_FANCY_TAIL=y
# CONFIG_TEE is not set
# CONFIG_FEATURE_TEE_USE_BLOCK_IO is not set
CONFIG_TEST=y
# CONFIG_FEATURE_TEST_64 is not set
CONFIG_TOUCH=y
CONFIG_TR=y
# CONFIG_FEATURE_TR_CLASSES is not set
# CONFIG_FEATURE_TR_EQUIV is not set
CONFIG_TRUE=y
CONFIG_TTY=y
CONFIG_UNAME=y
# CONFIG_UNIQ is not set
# CONFIG_USLEEP is not set
CONFIG_UUDECODE=y
CONFIG_UUENCODE=y
CONFIG_WATCH=y
CONFIG_WC=y
# CONFIG_WHO is not set
# CONFIG_WHOAMI is not set
CONFIG_YES=y

#
# Common options for cp and mv
#
CONFIG_FEATURE_PRESERVE_HARDLINKS=y

#
# Common options for ls, more and telnet
#
CONFIG_FEATURE_AUTOWIDTH=y

#
# Common options for df, du, ls
#
CONFIG_FEATURE_HUMAN_READABLE=y

#
# Common options for md5sum, sha1sum
#
CONFIG_FEATURE_MD5_SHA1_SUM_CHECK=y

#
# Console Utilities
#
CONFIG_CHVT=y
CONFIG_CLEAR=y
CONFIG_DEALLOCVT=y
CONFIG_DUMPKMAP=y
CONFIG_LOADFONT=y
CONFIG_LOADKMAP=y
# CONFIG_OPENVT is not set
CONFIG_RESET=y
# CONFIG_SETCONSOLE is not set
# CONFIG_FEATURE_SETCONSOLE_LONG_OPTIONS is not set
CONFIG_SETKEYCODES=y
# CONFIG_SETLOGCONS is not set

#
# Debian Utilities
#
# CONFIG_MKTEMP is not set
# CONFIG_PIPE_PROGRESS is not set
CONFIG_READLINK=y
# CONFIG_FEATURE_READLINK_FOLLOW is not set
# CONFIG_RUN_PARTS is not set
# CONFIG_FEATURE_RUN_PARTS_LONG_OPTIONS is not set
CONFIG_START_STOP_DAEMON=y
CONFIG_FEATURE_START_STOP_DAEMON_FANCY=y
# CONFIG_FEATURE_START_STOP_DAEMON_LONG_OPTIONS is not set
CONFIG_WHICH=y

#
# Editors
#
CONFIG_AWK=y
CONFIG_FEATURE_AWK_MATH=y
# CONFIG_ED is not set
# CONFIG_PATCH is not set
CONFIG_SED=y
CONFIG_VI=y
CONFIG_FEATURE_VI_COLON=y
CONFIG_FEATURE_VI_YANKMARK=y
CONFIG_FEATURE_VI_SEARCH=y
CONFIG_FEATURE_VI_USE_SIGNALS=y
CONFIG_FEATURE_VI_DOT_CMD=y
CONFIG_FEATURE_VI_READONLY=y
CONFIG_FEATURE_VI_SETOPTS=y
CONFIG_FEATURE_VI_SET=y
CONFIG_FEATURE_VI_WIN_RESIZE=y
CONFIG_FEATURE_VI_OPTIMIZE_CURSOR=y

#
# Finding Utilities
#
CONFIG_FIND=y
CONFIG_FEATURE_FIND_PRINT0=y
CONFIG_FEATURE_FIND_MTIME=y
CONFIG_FEATURE_FIND_MMIN=y
CONFIG_FEATURE_FIND_PERM=y
CONFIG_FEATURE_FIND_TYPE=y
CONFIG_FEATURE_FIND_XDEV=y
CONFIG_FEATURE_FIND_NEWER=y
CONFIG_FEATURE_FIND_INUM=y
CONFIG_FEATURE_FIND_EXEC=y
CONFIG_GREP=y
CONFIG_FEATURE_GREP_EGREP_ALIAS=y
CONFIG_FEATURE_GREP_FGREP_ALIAS=y
CONFIG_FEATURE_GREP_CONTEXT=y
CONFIG_XARGS=y
# CONFIG_FEATURE_XARGS_SUPPORT_CONFIRMATION is not set
# CONFIG_FEATURE_XARGS_SUPPORT_QUOTES is not set
# CONFIG_FEATURE_XARGS_SUPPORT_TERMOPT is not set
# CONFIG_FEATURE_XARGS_SUPPORT_ZERO_TERM is not set

#
# Init Utilities
#
# CONFIG_INIT is not set
# CONFIG_DEBUG_INIT is not set
# CONFIG_FEATURE_USE_INITTAB is not set
# CONFIG_FEATURE_INIT_SCTTY is not set
# CONFIG_FEATURE_EXTRA_QUIET is not set
# CONFIG_FEATURE_INIT_COREDUMPS is not set
# CONFIG_FEATURE_INITRD is not set
CONFIG_HALT=y
CONFIG_MESG=y

#
# Login/Password Management Utilities
#
# CONFIG_FEATURE_SHADOWPASSWDS is not set
# CONFIG_USE_BB_SHADOW is not set
# CONFIG_USE_BB_PWD_GRP is not set
# CONFIG_ADDGROUP is not set
# CONFIG_DELGROUP is not set
# CONFIG_ADDUSER is not set
# CONFIG_DELUSER is not set
# CONFIG_GETTY is not set
# CONFIG_FEATURE_UTMP is not set
# CONFIG_FEATURE_WTMP is not set
# CONFIG_LOGIN is not set
# CONFIG_FEATURE_SECURETTY is not set
# CONFIG_PASSWD is not set
# CONFIG_SU is not set
# CONFIG_SULOGIN is not set
# CONFIG_VLOCK is not set

#
# Linux Ext2 FS Progs
#
CONFIG_CHATTR=y
CONFIG_E2FSCK=y
CONFIG_FSCK=y
CONFIG_LSATTR=y
CONFIG_MKE2FS=y
CONFIG_TUNE2FS=y
# CONFIG_E2LABEL is not set
# CONFIG_FINDFS is not set

#
# Linux Module Utilities
#
CONFIG_INSMOD=y
# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set
# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set
# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set
# CONFIG_FEATURE_INSMOD_LOAD_MAP_FULL is not set
CONFIG_RMMOD=y
CONFIG_LSMOD=y
CONFIG_FEATURE_LSMOD_PRETTY_2_6_OUTPUT=y
CONFIG_MODPROBE=y
CONFIG_FEATURE_MODPROBE_MULTIPLE_OPTIONS=y

#
# Options common to multiple modutils
#
CONFIG_FEATURE_CHECK_TAINTED_MODULE=y
CONFIG_FEATURE_2_4_MODULES=y
CONFIG_FEATURE_2_6_MODULES=y
# CONFIG_FEATURE_QUERY_MODULE_INTERFACE is not set

#
# Linux System Utilities
#
CONFIG_DMESG=y
CONFIG_FBSET=y
# CONFIG_FEATURE_FBSET_FANCY is not set
# CONFIG_FEATURE_FBSET_READMODE is not set
# CONFIG_FDFLUSH is not set
# CONFIG_FDFORMAT is not set
CONFIG_FDISK=y
FDISK_SUPPORT_LARGE_DISKS=y
CONFIG_FEATURE_FDISK_WRITABLE=y
# CONFIG_FEATURE_AIX_LABEL is not set
# CONFIG_FEATURE_SGI_LABEL is not set
# CONFIG_FEATURE_SUN_LABEL is not set
# CONFIG_FEATURE_OSF_LABEL is not set
# CONFIG_FEATURE_FDISK_ADVANCED is not set
# CONFIG_FREERAMDISK is not set
# CONFIG_FSCK_MINIX is not set
# CONFIG_MKFS_MINIX is not set
# CONFIG_FEATURE_MINIX2 is not set
# CONFIG_GETOPT is not set
# CONFIG_HEXDUMP is not set
# CONFIG_HWCLOCK is not set
# CONFIG_FEATURE_HWCLOCK_LONG_OPTIONS is not set
# CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS is not set
# CONFIG_IPCRM is not set
# CONFIG_IPCS is not set
# CONFIG_LOSETUP is not set
CONFIG_MDEV=y
CONFIG_FEATURE_MDEV_CONF=y
CONFIG_FEATURE_MDEV_EXEC=y
CONFIG_MKSWAP=y
# CONFIG_FEATURE_MKSWAP_V0 is not set
CONFIG_MORE=y
CONFIG_FEATURE_USE_TERMIOS=y
CONFIG_MOUNT=y
# CONFIG_FEATURE_MOUNT_NFS is not set
# CONFIG_PIVOT_ROOT is not set
# CONFIG_RDATE is not set
# CONFIG_READPROFILE is not set
# CONFIG_SETARCH is not set
CONFIG_SWAPONOFF=y
CONFIG_SWITCH_ROOT=y
CONFIG_UMOUNT=y
CONFIG_FEATURE_UMOUNT_ALL=y

#
# Common options for mount/umount
#
# CONFIG_FEATURE_MOUNT_LOOP is not set
# CONFIG_FEATURE_MTAB_SUPPORT is not set

#
# Miscellaneous Utilities
#
# CONFIG_ADJTIMEX is not set
# CONFIG_BBCONFIG is not set
# CONFIG_CROND is not set
# CONFIG_DEBUG_CROND_OPTION is not set
# CONFIG_FEATURE_CROND_CALL_SENDMAIL is not set
# CONFIG_CRONTAB is not set
# CONFIG_DC is not set
# CONFIG_DEVFSD is not set
# CONFIG_DEVFSD_MODLOAD is not set
# CONFIG_DEVFSD_FG_NP is not set
# CONFIG_DEVFSD_VERBOSE is not set
# CONFIG_FEATURE_DEVFS is not set
# CONFIG_EJECT is not set
# CONFIG_LAST is not set
CONFIG_LESS=y
CONFIG_FEATURE_LESS_BRACKETS=y
CONFIG_FEATURE_LESS_FLAGS=y
# CONFIG_FEATURE_LESS_FLAGCS is not set
# CONFIG_FEATURE_LESS_MARKS is not set
CONFIG_FEATURE_LESS_REGEXP=y
# CONFIG_HDPARM is not set
# CONFIG_FEATURE_HDPARM_GET_IDENTITY is not set
# CONFIG_FEATURE_HDPARM_HDIO_SCAN_HWIF is not set
# CONFIG_FEATURE_HDPARM_HDIO_UNREGISTER_HWIF is not set
# CONFIG_FEATURE_HDPARM_HDIO_DRIVE_RESET is not set
# CONFIG_FEATURE_HDPARM_HDIO_TRISTATE_HWIF is not set
# CONFIG_FEATURE_HDPARM_HDIO_GETSET_DMA is not set
# CONFIG_MAKEDEVS is not set
# CONFIG_FEATURE_MAKEDEVS_LEAF is not set
# CONFIG_FEATURE_MAKEDEVS_TABLE is not set
CONFIG_MOUNTPOINT=y
# CONFIG_MT is not set
# CONFIG_RUNLEVEL is not set
# CONFIG_RX is not set
CONFIG_STRINGS=y
# CONFIG_SETSID is not set
# CONFIG_TASKSET is not set
# CONFIG_TIME is not set
# CONFIG_WATCHDOG is not set

#
# Networking Utilities
#
# CONFIG_FEATURE_IPV6 is not set
# CONFIG_ARPING is not set
# CONFIG_DNSD is not set
# CONFIG_ETHER_WAKE is not set
# CONFIG_FAKEIDENTD is not set
# CONFIG_FTPGET is not set
# CONFIG_FTPPUT is not set
# CONFIG_FEATURE_FTPGETPUT_LONG_OPTIONS is not set
# CONFIG_HOSTNAME is not set
# CONFIG_HTTPD is not set
# CONFIG_FEATURE_HTTPD_WITHOUT_INETD is not set
# CONFIG_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP is not set
# CONFIG_FEATURE_HTTPD_SETUID is not set
# CONFIG_FEATURE_HTTPD_BASIC_AUTH is not set
# CONFIG_FEATURE_HTTPD_AUTH_MD5 is not set
# CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES is not set
# CONFIG_FEATURE_HTTPD_CGI is not set
# CONFIG_FEATURE_HTTPD_CONFIG_WITH_SCRIPT_INTERPR is not set
# CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV is not set
# CONFIG_FEATURE_HTTPD_ENCODE_URL_STR is not set
# CONFIG_IFCONFIG is not set
# CONFIG_FEATURE_IFCONFIG_STATUS is not set
# CONFIG_FEATURE_IFCONFIG_SLIP is not set
# CONFIG_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ is not set
# CONFIG_FEATURE_IFCONFIG_HW is not set
# CONFIG_FEATURE_IFCONFIG_BROADCAST_PLUS is not set
# CONFIG_IFUPDOWN is not set
# CONFIG_FEATURE_IFUPDOWN_IP is not set
# CONFIG_FEATURE_IFUPDOWN_IP_BUILTIN is not set
# CONFIG_FEATURE_IFUPDOWN_IPV4 is not set
# CONFIG_FEATURE_IFUPDOWN_IPV6 is not set
# CONFIG_FEATURE_IFUPDOWN_IPX is not set
# CONFIG_FEATURE_IFUPDOWN_MAPPING is not set
# CONFIG_INETD is not set
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_ECHO is not set
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DISCARD is not set
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_TIME is not set
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_DAYTIME is not set
# CONFIG_FEATURE_INETD_SUPPORT_BUILTIN_CHARGEN is not set
# CONFIG_FEATURE_INETD_RPC is not set
# CONFIG_IP is not set
# CONFIG_FEATURE_IP_ADDRESS is not set
# CONFIG_FEATURE_IP_LINK is not set
# CONFIG_FEATURE_IP_ROUTE is not set
# CONFIG_FEATURE_IP_TUNNEL is not set
# CONFIG_FEATURE_IP_SHORT_FORMS is not set
# CONFIG_IPADDR is not set
# CONFIG_IPLINK is not set
# CONFIG_IPROUTE is not set
# CONFIG_IPTUNNEL is not set
# CONFIG_IPCALC is not set
# CONFIG_FEATURE_IPCALC_FANCY is not set
# CONFIG_FEATURE_IPCALC_LONG_OPTIONS is not set
# CONFIG_NAMEIF is not set
# CONFIG_NC is not set
# CONFIG_NC_GAPING_SECURITY_HOLE is not set
# CONFIG_NETSTAT is not set
# CONFIG_NSLOOKUP is not set
# CONFIG_PING is not set
# CONFIG_FEATURE_FANCY_PING is not set
# CONFIG_PING6 is not set
# CONFIG_FEATURE_FANCY_PING6 is not set
# CONFIG_ROUTE is not set
# CONFIG_TELNET is not set
# CONFIG_FEATURE_TELNET_TTYPE is not set
# CONFIG_FEATURE_TELNET_AUTOLOGIN is not set
# CONFIG_TELNETD is not set
# CONFIG_FEATURE_TELNETD_INETD is not set
# CONFIG_TFTP is not set
# CONFIG_FEATURE_TFTP_GET is not set
# CONFIG_FEATURE_TFTP_PUT is not set
# CONFIG_FEATURE_TFTP_BLOCKSIZE is not set
# CONFIG_DEBUG_TFTP is not set
# CONFIG_TRACEROUTE is not set
# CONFIG_FEATURE_TRACEROUTE_VERBOSE is not set
# CONFIG_FEATURE_TRACEROUTE_SOURCE_ROUTE is not set
# CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set

#
# udhcp Server/Client
#
# CONFIG_APP_UDHCPD is not set
# CONFIG_APP_UDHCPC is not set
# CONFIG_APP_DUMPLEASES is not set
# CONFIG_FEATURE_UDHCP_SYSLOG is not set
# CONFIG_FEATURE_UDHCP_DEBUG is not set
# CONFIG_VCONFIG is not set
# CONFIG_WGET is not set
# CONFIG_FEATURE_WGET_STATUSBAR is not set
# CONFIG_FEATURE_WGET_AUTHENTICATION is not set
# CONFIG_FEATURE_WGET_IP6_LITERAL is not set
# CONFIG_FEATURE_WGET_LONG_OPTIONS is not set
# CONFIG_ZCIP is not set

#
# Process Utilities
#
CONFIG_FREE=y
# CONFIG_FUSER is not set
CONFIG_KILL=y
CONFIG_KILLALL=y
CONFIG_PIDOF=y
# CONFIG_FEATURE_PIDOF_SINGLE is not set
# CONFIG_FEATURE_PIDOF_OMIT is not set
CONFIG_PS=y
# CONFIG_FEATURE_PS_WIDE is not set
# CONFIG_RENICE is not set
CONFIG_BB_SYSCTL=y
# CONFIG_TOP is not set
# CONFIG_FEATURE_TOP_CPU_USAGE_PERCENTAGE is not set
# CONFIG_UPTIME is not set

#
# Shells
#
CONFIG_FEATURE_SH_IS_ASH=y
# CONFIG_FEATURE_SH_IS_HUSH is not set
# CONFIG_FEATURE_SH_IS_LASH is not set
# CONFIG_FEATURE_SH_IS_MSH is not set
# CONFIG_FEATURE_SH_IS_NONE is not set
CONFIG_ASH=y

#
# Ash Shell Options
#
# CONFIG_ASH_JOB_CONTROL is not set
CONFIG_ASH_READ_NCHARS=y
# CONFIG_ASH_READ_TIMEOUT is not set
CONFIG_ASH_ALIAS=y
CONFIG_ASH_MATH_SUPPORT=y
# CONFIG_ASH_MATH_SUPPORT_64 is not set
# CONFIG_ASH_GETOPTS is not set
CONFIG_ASH_BUILTIN_ECHO=y
CONFIG_ASH_BUILTIN_TEST=y
# CONFIG_ASH_CMDCMD is not set
CONFIG_ASH_MAIL=y
CONFIG_ASH_OPTIMIZE_FOR_SIZE=y
# CONFIG_ASH_RANDOM_SUPPORT is not set
CONFIG_ASH_EXPAND_PRMT=y
# CONFIG_HUSH is not set
# CONFIG_LASH is not set
# CONFIG_MSH is not set

#
# Bourne Shell Options
#
CONFIG_FEATURE_SH_EXTRA_QUIET=y
# CONFIG_FEATURE_SH_STANDALONE_SHELL is not set
CONFIG_FEATURE_COMMAND_EDITING=y
# CONFIG_FEATURE_COMMAND_EDITING_VI is not set
CONFIG_FEATURE_COMMAND_HISTORY=15
CONFIG_FEATURE_COMMAND_SAVEHISTORY=y
CONFIG_FEATURE_COMMAND_TAB_COMPLETION=y
# CONFIG_FEATURE_COMMAND_USERNAME_COMPLETION is not set
CONFIG_FEATURE_SH_FANCY_PROMPT=y

#
# System Logging Utilities
#
# CONFIG_SYSLOGD is not set
# CONFIG_FEATURE_ROTATE_LOGFILE is not set
# CONFIG_FEATURE_REMOTE_LOG is not set
# CONFIG_FEATURE_IPC_SYSLOG is not set
CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE=0
# CONFIG_LOGREAD is not set
# CONFIG_FEATURE_LOGREAD_REDUCED_LOCKING is not set
# CONFIG_KLOGD is not set
# CONFIG_LOGGER is not set

init inside of initramfs is copied from the wiki, not downloaded as the downloaded wasn't too good.

and kernel config

Code: Select all

#
# Automatically generated make config: don't edit
# Linux kernel version: 2.6.17-gentoo-r4
# Thu Aug 10 22:06:00 2006
#
CONFIG_X86_32=y
CONFIG_SEMAPHORE_SLEEPERS=y
CONFIG_X86=y
CONFIG_MMU=y
CONFIG_GENERIC_ISA_DMA=y
CONFIG_GENERIC_IOMAP=y
CONFIG_GENERIC_HWEIGHT=y
CONFIG_ARCH_MAY_HAVE_PC_FDC=y
CONFIG_DMI=y

#
# Code maturity level options
#
CONFIG_EXPERIMENTAL=y
CONFIG_LOCK_KERNEL=y
CONFIG_INIT_ENV_ARG_LIMIT=32

#
# General setup
#
CONFIG_LOCALVERSION=""
CONFIG_LOCALVERSION_AUTO=y
CONFIG_SWAP=y
CONFIG_SYSVIPC=y
CONFIG_POSIX_MQUEUE=y
# CONFIG_BSD_PROCESS_ACCT is not set
CONFIG_SYSCTL=y
CONFIG_AUDIT=y
CONFIG_AUDITSYSCALL=y
# CONFIG_IKCONFIG is not set
# CONFIG_CPUSETS is not set
# CONFIG_RELAY is not set
CONFIG_INITRAMFS_SOURCE=""
CONFIG_UID16=y
CONFIG_VM86=y
# CONFIG_CC_OPTIMIZE_FOR_SIZE is not set
# CONFIG_EMBEDDED is not set
CONFIG_KALLSYMS=y
# CONFIG_KALLSYMS_EXTRA_PASS is not set
CONFIG_HOTPLUG=y
CONFIG_PRINTK=y
CONFIG_BUG=y
CONFIG_ELF_CORE=y
CONFIG_BASE_FULL=y
CONFIG_FUTEX=y
CONFIG_EPOLL=y
CONFIG_SHMEM=y
CONFIG_SLAB=y
# CONFIG_TINY_SHMEM is not set
CONFIG_BASE_SMALL=0
# CONFIG_SLOB is not set

#
# Loadable module support
#
CONFIG_MODULES=y
CONFIG_MODULE_UNLOAD=y
# CONFIG_MODULE_FORCE_UNLOAD is not set
# CONFIG_MODVERSIONS is not set
# CONFIG_MODULE_SRCVERSION_ALL is not set
CONFIG_KMOD=y
CONFIG_STOP_MACHINE=y

#
# Block layer
#
CONFIG_LBD=y
# CONFIG_BLK_DEV_IO_TRACE is not set
# CONFIG_LSF is not set

#
# IO Schedulers
#
CONFIG_IOSCHED_NOOP=y
# CONFIG_IOSCHED_AS is not set
CONFIG_IOSCHED_DEADLINE=y
# CONFIG_IOSCHED_CFQ is not set
# CONFIG_DEFAULT_AS is not set
CONFIG_DEFAULT_DEADLINE=y
# CONFIG_DEFAULT_CFQ is not set
# CONFIG_DEFAULT_NOOP is not set
CONFIG_DEFAULT_IOSCHED="deadline"

#
# Processor type and features
#
CONFIG_SMP=y
CONFIG_X86_PC=y
# CONFIG_X86_ELAN is not set
# CONFIG_X86_VOYAGER is not set
# CONFIG_X86_NUMAQ is not set
# CONFIG_X86_SUMMIT is not set
# CONFIG_X86_BIGSMP is not set
# CONFIG_X86_VISWS is not set
# CONFIG_X86_GENERICARCH is not set
# CONFIG_X86_ES7000 is not set
# CONFIG_M386 is not set
# CONFIG_M486 is not set
# CONFIG_M586 is not set
# CONFIG_M586TSC is not set
# CONFIG_M586MMX is not set
# CONFIG_M686 is not set
# CONFIG_MPENTIUMII is not set
# CONFIG_MPENTIUMIII is not set
# CONFIG_MPENTIUMM is not set
CONFIG_MPENTIUM4=y
# CONFIG_MK6 is not set
# CONFIG_MK7 is not set
# CONFIG_MK8 is not set
# CONFIG_MCRUSOE is not set
# CONFIG_MEFFICEON is not set
# CONFIG_MWINCHIPC6 is not set
# CONFIG_MWINCHIP2 is not set
# CONFIG_MWINCHIP3D is not set
# CONFIG_MGEODEGX1 is not set
# CONFIG_MGEODE_LX is not set
# CONFIG_MCYRIXIII is not set
# CONFIG_MVIAC3_2 is not set
CONFIG_X86_GENERIC=y
CONFIG_X86_CMPXCHG=y
CONFIG_X86_XADD=y
CONFIG_X86_L1_CACHE_SHIFT=7
CONFIG_RWSEM_XCHGADD_ALGORITHM=y
CONFIG_GENERIC_CALIBRATE_DELAY=y
CONFIG_X86_WP_WORKS_OK=y
CONFIG_X86_INVLPG=y
CONFIG_X86_BSWAP=y
CONFIG_X86_POPAD_OK=y
CONFIG_X86_CMPXCHG64=y
CONFIG_X86_GOOD_APIC=y
CONFIG_X86_INTEL_USERCOPY=y
CONFIG_X86_USE_PPRO_CHECKSUM=y
CONFIG_X86_TSC=y
CONFIG_HPET_TIMER=y
CONFIG_NR_CPUS=2
# CONFIG_SCHED_SMT is not set
CONFIG_SCHED_MC=y
# CONFIG_PREEMPT_NONE is not set
# CONFIG_PREEMPT_VOLUNTARY is not set
CONFIG_PREEMPT=y
CONFIG_PREEMPT_BKL=y
CONFIG_X86_LOCAL_APIC=y
CONFIG_X86_IO_APIC=y
CONFIG_X86_MCE=y
CONFIG_X86_MCE_NONFATAL=y
CONFIG_X86_MCE_P4THERMAL=y
# CONFIG_TOSHIBA is not set
# CONFIG_I8K is not set
CONFIG_X86_REBOOTFIXUPS=y
CONFIG_MICROCODE=y
CONFIG_X86_MSR=y
CONFIG_X86_CPUID=y

#
# Firmware Drivers
#
# CONFIG_EDD is not set
# CONFIG_DELL_RBU is not set
# CONFIG_DCDBAS is not set
CONFIG_NOHIGHMEM=y
# CONFIG_HIGHMEM4G is not set
# CONFIG_HIGHMEM64G is not set
CONFIG_PAGE_OFFSET=0xC0000000
CONFIG_ARCH_FLATMEM_ENABLE=y
CONFIG_ARCH_SPARSEMEM_ENABLE=y
CONFIG_ARCH_SELECT_MEMORY_MODEL=y
CONFIG_SELECT_MEMORY_MODEL=y
CONFIG_FLATMEM_MANUAL=y
# CONFIG_DISCONTIGMEM_MANUAL is not set
# CONFIG_SPARSEMEM_MANUAL is not set
CONFIG_FLATMEM=y
CONFIG_FLAT_NODE_MEM_MAP=y
CONFIG_SPARSEMEM_STATIC=y
CONFIG_SPLIT_PTLOCK_CPUS=4
CONFIG_MATH_EMULATION=y
CONFIG_MTRR=y
# CONFIG_EFI is not set
CONFIG_IRQBALANCE=y
# CONFIG_REGPARM is not set
CONFIG_SECCOMP=y
# CONFIG_HZ_100 is not set
CONFIG_HZ_250=y
# CONFIG_HZ_1000 is not set
CONFIG_HZ=250
CONFIG_KEXEC=y
CONFIG_PHYSICAL_START=0x100000
# CONFIG_HOTPLUG_CPU is not set

#
# Power management options (ACPI, APM)
#
CONFIG_PM=y
CONFIG_PM_LEGACY=y
# CONFIG_PM_DEBUG is not set

#
# ACPI (Advanced Configuration and Power Interface) Support
#
CONFIG_ACPI=y
CONFIG_ACPI_AC=y
CONFIG_ACPI_BATTERY=y
CONFIG_ACPI_BUTTON=y
CONFIG_ACPI_VIDEO=y
CONFIG_ACPI_HOTKEY=y
CONFIG_ACPI_FAN=y
CONFIG_ACPI_PROCESSOR=y
CONFIG_ACPI_THERMAL=y
# CONFIG_ACPI_ASUS is not set
# CONFIG_ACPI_IBM is not set
# CONFIG_ACPI_TOSHIBA is not set
CONFIG_ACPI_BLACKLIST_YEAR=0
# CONFIG_ACPI_DEBUG is not set
CONFIG_ACPI_EC=y
CONFIG_ACPI_POWER=y
CONFIG_ACPI_SYSTEM=y
CONFIG_X86_PM_TIMER=y
# CONFIG_ACPI_CONTAINER is not set

#
# APM (Advanced Power Management) BIOS Support
#
# CONFIG_APM is not set

#
# CPU Frequency scaling
#
CONFIG_CPU_FREQ=y
CONFIG_CPU_FREQ_TABLE=y
# CONFIG_CPU_FREQ_DEBUG is not set
CONFIG_CPU_FREQ_STAT=y
# CONFIG_CPU_FREQ_STAT_DETAILS is not set
CONFIG_CPU_FREQ_DEFAULT_GOV_PERFORMANCE=y
# CONFIG_CPU_FREQ_DEFAULT_GOV_USERSPACE is not set
CONFIG_CPU_FREQ_GOV_PERFORMANCE=y
CONFIG_CPU_FREQ_GOV_POWERSAVE=y
CONFIG_CPU_FREQ_GOV_USERSPACE=y
CONFIG_CPU_FREQ_GOV_ONDEMAND=y
CONFIG_CPU_FREQ_GOV_CONSERVATIVE=y

#
# CPUFreq processor drivers
#
CONFIG_X86_ACPI_CPUFREQ=y
# CONFIG_X86_POWERNOW_K6 is not set
# CONFIG_X86_POWERNOW_K7 is not set
# CONFIG_X86_POWERNOW_K8 is not set
# CONFIG_X86_GX_SUSPMOD is not set
CONFIG_X86_SPEEDSTEP_CENTRINO=y
CONFIG_X86_SPEEDSTEP_CENTRINO_ACPI=y
CONFIG_X86_SPEEDSTEP_CENTRINO_TABLE=y
# CONFIG_X86_SPEEDSTEP_ICH is not set
# CONFIG_X86_SPEEDSTEP_SMI is not set
# CONFIG_X86_P4_CLOCKMOD is not set
# CONFIG_X86_CPUFREQ_NFORCE2 is not set
# CONFIG_X86_LONGRUN is not set

#
# shared options
#
# CONFIG_X86_ACPI_CPUFREQ_PROC_INTF is not set
# CONFIG_X86_SPEEDSTEP_LIB is not set

#
# Bus options (PCI, PCMCIA, EISA, MCA, ISA)
#
CONFIG_PCI=y
# CONFIG_PCI_GOBIOS is not set
# CONFIG_PCI_GOMMCONFIG is not set
# CONFIG_PCI_GODIRECT is not set
CONFIG_PCI_GOANY=y
CONFIG_PCI_BIOS=y
CONFIG_PCI_DIRECT=y
CONFIG_PCI_MMCONFIG=y
CONFIG_PCIEPORTBUS=y
# CONFIG_PCI_MSI is not set
CONFIG_ISA_DMA_API=y
CONFIG_ISA=y
# CONFIG_EISA is not set
# CONFIG_MCA is not set
# CONFIG_SCx200 is not set

#
# PCCARD (PCMCIA/CardBus) support
#
CONFIG_PCCARD=y
# CONFIG_PCMCIA_DEBUG is not set
CONFIG_PCMCIA=y
CONFIG_PCMCIA_LOAD_CIS=y
CONFIG_PCMCIA_IOCTL=y
CONFIG_CARDBUS=y

#
# PC-card bridges
#
CONFIG_YENTA=m
CONFIG_YENTA_O2=y
CONFIG_YENTA_RICOH=y
CONFIG_YENTA_TI=y
CONFIG_YENTA_ENE_TUNE=y
CONFIG_YENTA_TOSHIBA=y
CONFIG_PD6729=m
CONFIG_I82092=m
CONFIG_I82365=m
CONFIG_TCIC=m
CONFIG_PCMCIA_PROBE=y
CONFIG_PCCARD_NONSTATIC=m

#
# PCI Hotplug Support
#
# CONFIG_HOTPLUG_PCI is not set

#
# Executable file formats
#
CONFIG_BINFMT_ELF=y
CONFIG_BINFMT_AOUT=y
CONFIG_BINFMT_MISC=y

#
# Networking
#
CONFIG_NET=y

#
# Networking options
#
# CONFIG_NETDEBUG is not set
CONFIG_PACKET=y
# CONFIG_PACKET_MMAP is not set
CONFIG_UNIX=y
CONFIG_XFRM=y
CONFIG_XFRM_USER=m
CONFIG_NET_KEY=m
CONFIG_INET=y
CONFIG_IP_MULTICAST=y
# CONFIG_IP_ADVANCED_ROUTER is not set
CONFIG_IP_FIB_HASH=y
# CONFIG_IP_PNP is not set
# CONFIG_NET_IPIP is not set
# CONFIG_NET_IPGRE is not set
# CONFIG_IP_MROUTE is not set
# CONFIG_ARPD is not set
# CONFIG_SYN_COOKIES is not set
CONFIG_INET_AH=m
CONFIG_INET_ESP=m
CONFIG_INET_IPCOMP=m
CONFIG_INET_XFRM_TUNNEL=m
CONFIG_INET_TUNNEL=m
CONFIG_INET_DIAG=y
CONFIG_INET_TCP_DIAG=y
# CONFIG_TCP_CONG_ADVANCED is not set
CONFIG_TCP_CONG_BIC=y

#
# IP: Virtual Server Configuration
#
# CONFIG_IP_VS is not set
# CONFIG_IPV6 is not set
# CONFIG_INET6_XFRM_TUNNEL is not set
# CONFIG_INET6_TUNNEL is not set
CONFIG_NETFILTER=y
# CONFIG_NETFILTER_DEBUG is not set

#
# Core Netfilter Configuration
#
CONFIG_NETFILTER_NETLINK=m
CONFIG_NETFILTER_NETLINK_QUEUE=m
CONFIG_NETFILTER_NETLINK_LOG=m
CONFIG_NETFILTER_XTABLES=m
CONFIG_NETFILTER_XT_TARGET_CLASSIFY=m
CONFIG_NETFILTER_XT_TARGET_CONNMARK=m
CONFIG_NETFILTER_XT_TARGET_MARK=m
CONFIG_NETFILTER_XT_TARGET_NFQUEUE=m
CONFIG_NETFILTER_XT_TARGET_NOTRACK=m
CONFIG_NETFILTER_XT_MATCH_COMMENT=m
CONFIG_NETFILTER_XT_MATCH_CONNBYTES=m
CONFIG_NETFILTER_XT_MATCH_CONNMARK=m
CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m
CONFIG_NETFILTER_XT_MATCH_DCCP=m
CONFIG_NETFILTER_XT_MATCH_ESP=m
CONFIG_NETFILTER_XT_MATCH_HELPER=m
CONFIG_NETFILTER_XT_MATCH_LENGTH=m
CONFIG_NETFILTER_XT_MATCH_LIMIT=m
CONFIG_NETFILTER_XT_MATCH_MAC=m
CONFIG_NETFILTER_XT_MATCH_MARK=m
CONFIG_NETFILTER_XT_MATCH_POLICY=m
CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m
CONFIG_NETFILTER_XT_MATCH_PKTTYPE=m
CONFIG_NETFILTER_XT_MATCH_REALM=m
CONFIG_NETFILTER_XT_MATCH_SCTP=m
CONFIG_NETFILTER_XT_MATCH_STATE=m
CONFIG_NETFILTER_XT_MATCH_STRING=m
CONFIG_NETFILTER_XT_MATCH_TCPMSS=m

#
# IP: Netfilter Configuration
#
CONFIG_IP_NF_CONNTRACK=m
CONFIG_IP_NF_CT_ACCT=y
CONFIG_IP_NF_CONNTRACK_MARK=y
CONFIG_IP_NF_CONNTRACK_EVENTS=y
CONFIG_IP_NF_CONNTRACK_NETLINK=m
CONFIG_IP_NF_CT_PROTO_SCTP=m
CONFIG_IP_NF_FTP=m
CONFIG_IP_NF_IRC=m
CONFIG_IP_NF_NETBIOS_NS=m
CONFIG_IP_NF_TFTP=m
CONFIG_IP_NF_AMANDA=m
CONFIG_IP_NF_PPTP=m
CONFIG_IP_NF_H323=m
# CONFIG_IP_NF_QUEUE is not set
CONFIG_IP_NF_IPTABLES=m
CONFIG_IP_NF_MATCH_IPRANGE=m
CONFIG_IP_NF_MATCH_TOS=m
CONFIG_IP_NF_MATCH_RECENT=m
CONFIG_IP_NF_MATCH_ECN=m
CONFIG_IP_NF_MATCH_DSCP=m
CONFIG_IP_NF_MATCH_AH=m
CONFIG_IP_NF_MATCH_TTL=m
CONFIG_IP_NF_MATCH_OWNER=m
CONFIG_IP_NF_MATCH_ADDRTYPE=m
CONFIG_IP_NF_MATCH_HASHLIMIT=m
CONFIG_IP_NF_FILTER=m
CONFIG_IP_NF_TARGET_REJECT=m
CONFIG_IP_NF_TARGET_LOG=m
CONFIG_IP_NF_TARGET_ULOG=m
CONFIG_IP_NF_TARGET_TCPMSS=m
CONFIG_IP_NF_NAT=m
CONFIG_IP_NF_NAT_NEEDED=y
CONFIG_IP_NF_TARGET_MASQUERADE=m
CONFIG_IP_NF_TARGET_REDIRECT=m
CONFIG_IP_NF_TARGET_NETMAP=m
CONFIG_IP_NF_TARGET_SAME=m
CONFIG_IP_NF_NAT_SNMP_BASIC=m
CONFIG_IP_NF_NAT_IRC=m
CONFIG_IP_NF_NAT_FTP=m
CONFIG_IP_NF_NAT_TFTP=m
CONFIG_IP_NF_NAT_AMANDA=m
CONFIG_IP_NF_NAT_PPTP=m
CONFIG_IP_NF_NAT_H323=m
CONFIG_IP_NF_MANGLE=m
CONFIG_IP_NF_TARGET_TOS=m
CONFIG_IP_NF_TARGET_ECN=m
CONFIG_IP_NF_TARGET_DSCP=m
CONFIG_IP_NF_TARGET_TTL=m
CONFIG_IP_NF_TARGET_CLUSTERIP=m
CONFIG_IP_NF_RAW=m
CONFIG_IP_NF_ARPTABLES=m
CONFIG_IP_NF_ARPFILTER=m
# CONFIG_IP_NF_ARP_MANGLE is not set

#
# DCCP Configuration (EXPERIMENTAL)
#
CONFIG_IP_DCCP=m
CONFIG_INET_DCCP_DIAG=m
CONFIG_IP_DCCP_ACKVEC=y

#
# DCCP CCIDs Configuration (EXPERIMENTAL)
#
CONFIG_IP_DCCP_CCID2=m
CONFIG_IP_DCCP_CCID3=m
CONFIG_IP_DCCP_TFRC_LIB=m

#
# SCTP Configuration (EXPERIMENTAL)
#
CONFIG_IP_SCTP=m
# CONFIG_SCTP_DBG_MSG is not set
# CONFIG_SCTP_DBG_OBJCNT is not set
# CONFIG_SCTP_HMAC_NONE is not set
# CONFIG_SCTP_HMAC_SHA1 is not set
CONFIG_SCTP_HMAC_MD5=y

#
# TIPC Configuration (EXPERIMENTAL)
#
CONFIG_TIPC=m
CONFIG_TIPC_ADVANCED=y
CONFIG_TIPC_ZONES=3
CONFIG_TIPC_CLUSTERS=1
CONFIG_TIPC_NODES=255
CONFIG_TIPC_SLAVE_NODES=0
CONFIG_TIPC_PORTS=8191
CONFIG_TIPC_LOG=0
# CONFIG_TIPC_DEBUG is not set
# CONFIG_ATM is not set
# CONFIG_BRIDGE is not set
# CONFIG_VLAN_8021Q is not set
# CONFIG_DECNET is not set
# CONFIG_LLC2 is not set
# CONFIG_IPX is not set
# CONFIG_ATALK is not set
# CONFIG_X25 is not set
# CONFIG_LAPB is not set
# CONFIG_NET_DIVERT is not set
# CONFIG_ECONET is not set
# CONFIG_WAN_ROUTER is not set

#
# QoS and/or fair queueing
#
# CONFIG_NET_SCHED is not set
CONFIG_NET_CLS_ROUTE=y

#
# Network testing
#
# CONFIG_NET_PKTGEN is not set
# CONFIG_HAMRADIO is not set
# CONFIG_IRDA is not set
# CONFIG_BT is not set
# CONFIG_IEEE80211 is not set
CONFIG_WIRELESS_EXT=y

#
# Device Drivers
#

#
# Generic Driver Options
#
CONFIG_STANDALONE=y
CONFIG_PREVENT_FIRMWARE_BUILD=y
CONFIG_FW_LOADER=y

#
# Connector - unified userspace <-> kernelspace linker
#
# CONFIG_CONNECTOR is not set

#
# Memory Technology Devices (MTD)
#
# CONFIG_MTD is not set

#
# Parallel port support
#
# CONFIG_PARPORT is not set

#
# Plug and Play support
#
CONFIG_PNP=y
# CONFIG_PNP_DEBUG is not set

#
# Protocols
#
# CONFIG_ISAPNP is not set
# CONFIG_PNPBIOS is not set
CONFIG_PNPACPI=y

#
# Block devices
#
# CONFIG_BLK_DEV_FD is not set
# CONFIG_BLK_DEV_XD is not set
# CONFIG_BLK_CPQ_DA is not set
# CONFIG_BLK_CPQ_CISS_DA is not set
# CONFIG_BLK_DEV_DAC960 is not set
# CONFIG_BLK_DEV_UMEM is not set
# CONFIG_BLK_DEV_COW_COMMON is not set
CONFIG_BLK_DEV_LOOP=y
# CONFIG_BLK_DEV_CRYPTOLOOP is not set
# CONFIG_BLK_DEV_NBD is not set
# CONFIG_BLK_DEV_SX8 is not set
# CONFIG_BLK_DEV_UB is not set
CONFIG_BLK_DEV_RAM=y
CONFIG_BLK_DEV_RAM_COUNT=16
CONFIG_BLK_DEV_RAM_SIZE=4096
CONFIG_BLK_DEV_INITRD=y
# CONFIG_CDROM_PKTCDVD is not set
# CONFIG_ATA_OVER_ETH is not set

#
# ATA/ATAPI/MFM/RLL support
#
CONFIG_IDE=y
CONFIG_BLK_DEV_IDE=y

#
# Please see Documentation/ide.txt for help/info on IDE drives
#
# CONFIG_BLK_DEV_IDE_SATA is not set
# CONFIG_BLK_DEV_HD_IDE is not set
CONFIG_BLK_DEV_IDEDISK=y
CONFIG_IDEDISK_MULTI_MODE=y
# CONFIG_BLK_DEV_IDECS is not set
CONFIG_BLK_DEV_IDECD=y
# CONFIG_BLK_DEV_IDETAPE is not set
# CONFIG_BLK_DEV_IDEFLOPPY is not set
# CONFIG_BLK_DEV_IDESCSI is not set
# CONFIG_IDE_TASK_IOCTL is not set

#
# IDE chipset support/bugfixes
#
CONFIG_IDE_GENERIC=y
CONFIG_BLK_DEV_CMD640=y
# CONFIG_BLK_DEV_CMD640_ENHANCED is not set
# CONFIG_BLK_DEV_IDEPNP is not set
CONFIG_BLK_DEV_IDEPCI=y
CONFIG_IDEPCI_SHARE_IRQ=y
# CONFIG_BLK_DEV_OFFBOARD is not set
CONFIG_BLK_DEV_GENERIC=y
# CONFIG_BLK_DEV_OPTI621 is not set
# CONFIG_BLK_DEV_RZ1000 is not set
CONFIG_BLK_DEV_IDEDMA_PCI=y
# CONFIG_BLK_DEV_IDEDMA_FORCED is not set
CONFIG_IDEDMA_PCI_AUTO=y
# CONFIG_IDEDMA_ONLYDISK is not set
# CONFIG_BLK_DEV_AEC62XX is not set
# CONFIG_BLK_DEV_ALI15X3 is not set
# CONFIG_BLK_DEV_AMD74XX is not set
# CONFIG_BLK_DEV_ATIIXP is not set
# CONFIG_BLK_DEV_CMD64X is not set
# CONFIG_BLK_DEV_TRIFLEX is not set
# CONFIG_BLK_DEV_CY82C693 is not set
# CONFIG_BLK_DEV_CS5520 is not set
# CONFIG_BLK_DEV_CS5530 is not set
# CONFIG_BLK_DEV_CS5535 is not set
# CONFIG_BLK_DEV_HPT34X is not set
# CONFIG_BLK_DEV_HPT366 is not set
# CONFIG_BLK_DEV_SC1200 is not set
# CONFIG_BLK_DEV_PIIX is not set
# CONFIG_BLK_DEV_IT821X is not set
# CONFIG_BLK_DEV_NS87415 is not set
# CONFIG_BLK_DEV_PDC202XX_OLD is not set
# CONFIG_BLK_DEV_PDC202XX_NEW is not set
# CONFIG_BLK_DEV_SVWKS is not set
# CONFIG_BLK_DEV_SIIMAGE is not set
# CONFIG_BLK_DEV_SIS5513 is not set
# CONFIG_BLK_DEV_SLC90E66 is not set
# CONFIG_BLK_DEV_TRM290 is not set
# CONFIG_BLK_DEV_VIA82CXXX is not set
# CONFIG_IDE_ARM is not set
# CONFIG_IDE_CHIPSETS is not set
CONFIG_BLK_DEV_IDEDMA=y
# CONFIG_IDEDMA_IVB is not set
CONFIG_IDEDMA_AUTO=y
# CONFIG_BLK_DEV_HD is not set

#
# SCSI device support
#
# CONFIG_RAID_ATTRS is not set
CONFIG_SCSI=y
CONFIG_SCSI_PROC_FS=y

#
# SCSI support type (disk, tape, CD-ROM)
#
CONFIG_BLK_DEV_SD=y
# CONFIG_CHR_DEV_ST is not set
# CONFIG_CHR_DEV_OSST is not set
CONFIG_BLK_DEV_SR=y
CONFIG_BLK_DEV_SR_VENDOR=y
CONFIG_CHR_DEV_SG=y
# CONFIG_CHR_DEV_SCH is not set

#
# Some SCSI devices (e.g. CD jukebox) support multiple LUNs
#
# CONFIG_SCSI_MULTI_LUN is not set
# CONFIG_SCSI_CONSTANTS is not set
# CONFIG_SCSI_LOGGING is not set

#
# SCSI Transport Attributes
#
# CONFIG_SCSI_SPI_ATTRS is not set
# CONFIG_SCSI_FC_ATTRS is not set
# CONFIG_SCSI_ISCSI_ATTRS is not set
# CONFIG_SCSI_SAS_ATTRS is not set

#
# SCSI low-level drivers
#
# CONFIG_ISCSI_TCP is not set
# CONFIG_BLK_DEV_3W_XXXX_RAID is not set
# CONFIG_SCSI_3W_9XXX is not set
# CONFIG_SCSI_7000FASST is not set
# CONFIG_SCSI_ACARD is not set
# CONFIG_SCSI_AHA152X is not set
# CONFIG_SCSI_AHA1542 is not set
# CONFIG_SCSI_AACRAID is not set
# CONFIG_SCSI_AIC7XXX is not set
# CONFIG_SCSI_AIC7XXX_OLD is not set
# CONFIG_SCSI_AIC79XX is not set
# CONFIG_SCSI_DPT_I2O is not set
# CONFIG_SCSI_ADVANSYS is not set
# CONFIG_SCSI_IN2000 is not set
# CONFIG_MEGARAID_NEWGEN is not set
# CONFIG_MEGARAID_LEGACY is not set
# CONFIG_MEGARAID_SAS is not set
CONFIG_SCSI_SATA=y
CONFIG_SCSI_SATA_AHCI=y
# CONFIG_SCSI_SATA_SVW is not set
CONFIG_SCSI_ATA_PIIX=y
# CONFIG_SCSI_SATA_MV is not set
# CONFIG_SCSI_SATA_NV is not set
# CONFIG_SCSI_PDC_ADMA is not set
# CONFIG_SCSI_SATA_QSTOR is not set
# CONFIG_SCSI_SATA_PROMISE is not set
# CONFIG_SCSI_SATA_SX4 is not set
# CONFIG_SCSI_SATA_SIL is not set
# CONFIG_SCSI_SATA_SIL24 is not set
# CONFIG_SCSI_SATA_SIS is not set
# CONFIG_SCSI_SATA_ULI is not set
CONFIG_SCSI_SATA_VIA=y
# CONFIG_SCSI_SATA_VITESSE is not set
CONFIG_SCSI_SATA_INTEL_COMBINED=y
CONFIG_SCSI_BUSLOGIC=y
# CONFIG_SCSI_OMIT_FLASHPOINT is not set
# CONFIG_SCSI_DMX3191D is not set
# CONFIG_SCSI_DTC3280 is not set
# CONFIG_SCSI_EATA is not set
# CONFIG_SCSI_FUTURE_DOMAIN is not set
CONFIG_SCSI_GDTH=y
# CONFIG_SCSI_GENERIC_NCR5380 is not set
# CONFIG_SCSI_GENERIC_NCR5380_MMIO is not set
# CONFIG_SCSI_IPS is not set
# CONFIG_SCSI_INITIO is not set
# CONFIG_SCSI_INIA100 is not set
# CONFIG_SCSI_NCR53C406A is not set
# CONFIG_SCSI_SYM53C8XX_2 is not set
# CONFIG_SCSI_IPR is not set
# CONFIG_SCSI_PAS16 is not set
# CONFIG_SCSI_PSI240I is not set
# CONFIG_SCSI_QLOGIC_FAS is not set
# CONFIG_SCSI_QLOGIC_1280 is not set
# CONFIG_SCSI_QLA_FC is not set
# CONFIG_SCSI_LPFC is not set
# CONFIG_SCSI_SYM53C416 is not set
# CONFIG_SCSI_DC395x is not set
# CONFIG_SCSI_DC390T is not set
# CONFIG_SCSI_T128 is not set
# CONFIG_SCSI_U14_34F is not set
# CONFIG_SCSI_ULTRASTOR is not set
# CONFIG_SCSI_NSP32 is not set
# CONFIG_SCSI_DEBUG is not set

#
# PCMCIA SCSI adapter support
#
# CONFIG_PCMCIA_AHA152X is not set
# CONFIG_PCMCIA_FDOMAIN is not set
# CONFIG_PCMCIA_NINJA_SCSI is not set
# CONFIG_PCMCIA_QLOGIC is not set
# CONFIG_PCMCIA_SYM53C500 is not set

#
# Old CD-ROM drivers (not SCSI, not IDE)
#
# CONFIG_CD_NO_IDESCSI is not set

#
# Multi-device support (RAID and LVM)
#
CONFIG_MD=y
# CONFIG_BLK_DEV_MD is not set
CONFIG_BLK_DEV_DM=y
CONFIG_DM_CRYPT=y
# CONFIG_DM_SNAPSHOT is not set
# CONFIG_DM_MIRROR is not set
# CONFIG_DM_ZERO is not set
# CONFIG_DM_MULTIPATH is not set
# CONFIG_BLK_DEV_DM_BBR is not set

#
# Fusion MPT device support
#
# CONFIG_FUSION is not set
# CONFIG_FUSION_SPI is not set
# CONFIG_FUSION_FC is not set
# CONFIG_FUSION_SAS is not set

#
# IEEE 1394 (FireWire) support
#
# CONFIG_IEEE1394 is not set

#
# I2O device support
#
CONFIG_I2O=y
CONFIG_I2O_LCT_NOTIFY_ON_CHANGES=y
CONFIG_I2O_EXT_ADAPTEC=y
CONFIG_I2O_CONFIG=y
CONFIG_I2O_CONFIG_OLD_IOCTL=y
CONFIG_I2O_BUS=y
CONFIG_I2O_BLOCK=y
CONFIG_I2O_SCSI=y
CONFIG_I2O_PROC=y

#
# Network device support
#
CONFIG_NETDEVICES=y
CONFIG_DUMMY=m
# CONFIG_BONDING is not set
# CONFIG_EQUALIZER is not set
# CONFIG_TUN is not set
# CONFIG_NET_SB1000 is not set

#
# ARCnet devices
#
# CONFIG_ARCNET is not set

#
# PHY device support
#
# CONFIG_PHYLIB is not set

#
# Ethernet (10 or 100Mbit)
#
CONFIG_NET_ETHERNET=y
CONFIG_MII=y
# CONFIG_HAPPYMEAL is not set
# CONFIG_SUNGEM is not set
# CONFIG_CASSINI is not set
# CONFIG_NET_VENDOR_3COM is not set
# CONFIG_LANCE is not set
# CONFIG_NET_VENDOR_SMC is not set
# CONFIG_NET_VENDOR_RACAL is not set

#
# Tulip family network device support
#
# CONFIG_NET_TULIP is not set
# CONFIG_AT1700 is not set
# CONFIG_DEPCA is not set
# CONFIG_HP100 is not set
# CONFIG_NET_ISA is not set
CONFIG_NET_PCI=y
# CONFIG_PCNET32 is not set
# CONFIG_AMD8111_ETH is not set
# CONFIG_ADAPTEC_STARFIRE is not set
# CONFIG_AC3200 is not set
# CONFIG_APRICOT is not set
CONFIG_B44=y
# CONFIG_FORCEDETH is not set
# CONFIG_CS89x0 is not set
# CONFIG_DGRS is not set
# CONFIG_EEPRO100 is not set
# CONFIG_E100 is not set
# CONFIG_FEALNX is not set
# CONFIG_NATSEMI is not set
# CONFIG_NE2K_PCI is not set
# CONFIG_8139CP is not set
# CONFIG_8139TOO is not set
# CONFIG_SIS900 is not set
# CONFIG_EPIC100 is not set
# CONFIG_SUNDANCE is not set
# CONFIG_TLAN is not set
# CONFIG_VIA_RHINE is not set

#
# Ethernet (1000 Mbit)
#
# CONFIG_ACENIC is not set
# CONFIG_DL2K is not set
# CONFIG_E1000 is not set
# CONFIG_NS83820 is not set
# CONFIG_HAMACHI is not set
# CONFIG_YELLOWFIN is not set
# CONFIG_R8169 is not set
# CONFIG_SIS190 is not set
# CONFIG_SKGE is not set
# CONFIG_SKY2 is not set
# CONFIG_SK98LIN is not set
# CONFIG_VIA_VELOCITY is not set
# CONFIG_TIGON3 is not set
# CONFIG_BNX2 is not set

#
# Ethernet (10000 Mbit)
#
# CONFIG_CHELSIO_T1 is not set
# CONFIG_IXGB is not set
# CONFIG_S2IO is not set

#
# Token Ring devices
#
# CONFIG_TR is not set

#
# Wireless LAN (non-hamradio)
#
CONFIG_NET_RADIO=y
# CONFIG_NET_WIRELESS_RTNETLINK is not set

#
# Obsolete Wireless cards support (pre-802.11)
#
# CONFIG_STRIP is not set
# CONFIG_ARLAN is not set
# CONFIG_WAVELAN is not set
# CONFIG_PCMCIA_WAVELAN is not set
# CONFIG_PCMCIA_NETWAVE is not set

#
# Wireless 802.11 Frequency Hopping cards support
#
# CONFIG_PCMCIA_RAYCS is not set

#
# Wireless 802.11b ISA/PCI cards support
#
# CONFIG_IPW2100 is not set
# CONFIG_IPW2200 is not set
# CONFIG_AIRO is not set
# CONFIG_HERMES is not set
# CONFIG_ATMEL is not set

#
# Wireless 802.11b Pcmcia/Cardbus cards support
#
# CONFIG_AIRO_CS is not set
# CONFIG_PCMCIA_WL3501 is not set

#
# Prism GT/Duette 802.11(a/b/g) PCI/Cardbus support
#
# CONFIG_PRISM54 is not set
# CONFIG_HOSTAP is not set
CONFIG_NET_WIRELESS=y

#
# PCMCIA network device support
#
# CONFIG_NET_PCMCIA is not set

#
# Wan interfaces
#
# CONFIG_WAN is not set
# CONFIG_FDDI is not set
# CONFIG_HIPPI is not set
CONFIG_PPP=y
CONFIG_PPP_MULTILINK=y
CONFIG_PPP_FILTER=y
CONFIG_PPP_ASYNC=m
CONFIG_PPP_SYNC_TTY=m
CONFIG_PPP_DEFLATE=m
CONFIG_PPP_BSDCOMP=m
CONFIG_PPP_MPPE=m
CONFIG_PPPOE=m
# CONFIG_SLIP is not set
# CONFIG_NET_FC is not set
# CONFIG_SHAPER is not set
# CONFIG_NETCONSOLE is not set
# CONFIG_NETPOLL is not set
# CONFIG_NET_POLL_CONTROLLER is not set

#
# ISDN subsystem
#
# CONFIG_ISDN is not set

#
# Telephony Support
#
# CONFIG_PHONE is not set

#
# Input device support
#
CONFIG_INPUT=y

#
# Userland interfaces
#
CONFIG_INPUT_MOUSEDEV=y
CONFIG_INPUT_MOUSEDEV_PSAUX=y
CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
# CONFIG_INPUT_JOYDEV is not set
# CONFIG_INPUT_TSDEV is not set
CONFIG_INPUT_EVDEV=y
# CONFIG_INPUT_EVBUG is not set

#
# Input Device Drivers
#
CONFIG_INPUT_KEYBOARD=y
CONFIG_KEYBOARD_ATKBD=y
# CONFIG_KEYBOARD_SUNKBD is not set
# CONFIG_KEYBOARD_LKKBD is not set
# CONFIG_KEYBOARD_XTKBD is not set
# CONFIG_KEYBOARD_NEWTON is not set
CONFIG_INPUT_MOUSE=y
CONFIG_MOUSE_PS2=y
# CONFIG_MOUSE_SERIAL is not set
# CONFIG_MOUSE_INPORT is not set
# CONFIG_MOUSE_LOGIBM is not set
# CONFIG_MOUSE_PC110PAD is not set
# CONFIG_MOUSE_VSXXXAA is not set
# CONFIG_INPUT_JOYSTICK is not set
# CONFIG_INPUT_TOUCHSCREEN is not set
# CONFIG_INPUT_MISC is not set

#
# Hardware I/O ports
#
CONFIG_SERIO=y
CONFIG_SERIO_I8042=y
# CONFIG_SERIO_SERPORT is not set
# CONFIG_SERIO_CT82C710 is not set
# CONFIG_SERIO_PCIPS2 is not set
CONFIG_SERIO_LIBPS2=y
# CONFIG_SERIO_RAW is not set
# CONFIG_GAMEPORT is not set

#
# Character devices
#
CONFIG_VT=y
CONFIG_VT_CONSOLE=y
CONFIG_HW_CONSOLE=y
# CONFIG_SERIAL_NONSTANDARD is not set

#
# Serial drivers
#
CONFIG_SERIAL_8250=y
# CONFIG_SERIAL_8250_CONSOLE is not set
CONFIG_SERIAL_8250_PCI=y
CONFIG_SERIAL_8250_PNP=y
# CONFIG_SERIAL_8250_CS is not set
CONFIG_SERIAL_8250_NR_UARTS=4
CONFIG_SERIAL_8250_RUNTIME_UARTS=4
# CONFIG_SERIAL_8250_EXTENDED is not set

#
# Non-8250 serial port support
#
CONFIG_SERIAL_CORE=y
# CONFIG_SERIAL_JSM is not set
CONFIG_UNIX98_PTYS=y
CONFIG_LEGACY_PTYS=y
CONFIG_LEGACY_PTY_COUNT=256

#
# IPMI
#
# CONFIG_IPMI_HANDLER is not set

#
# Watchdog Cards
#
# CONFIG_WATCHDOG is not set
# CONFIG_HW_RANDOM is not set
# CONFIG_NVRAM is not set
# CONFIG_RTC is not set
# CONFIG_GEN_RTC is not set
# CONFIG_DTLK is not set
# CONFIG_R3964 is not set
# CONFIG_APPLICOM is not set
# CONFIG_SONYPI is not set

#
# Ftape, the floppy tape device driver
#
CONFIG_AGP=y
# CONFIG_AGP_ALI is not set
# CONFIG_AGP_ATI is not set
# CONFIG_AGP_AMD is not set
# CONFIG_AGP_AMD64 is not set
CONFIG_AGP_INTEL=y
# CONFIG_AGP_NVIDIA is not set
# CONFIG_AGP_SIS is not set
# CONFIG_AGP_SWORKS is not set
# CONFIG_AGP_VIA is not set
# CONFIG_AGP_EFFICEON is not set
CONFIG_DRM=y
# CONFIG_DRM_TDFX is not set
# CONFIG_DRM_R128 is not set
# CONFIG_DRM_RADEON is not set
# CONFIG_DRM_I810 is not set
# CONFIG_DRM_I830 is not set
# CONFIG_DRM_I915 is not set
# CONFIG_DRM_MGA is not set
# CONFIG_DRM_SIS is not set
# CONFIG_DRM_VIA is not set
# CONFIG_DRM_SAVAGE is not set

#
# PCMCIA character devices
#
# CONFIG_SYNCLINK_CS is not set
# CONFIG_CARDMAN_4000 is not set
# CONFIG_CARDMAN_4040 is not set
# CONFIG_MWAVE is not set
# CONFIG_CS5535_GPIO is not set
# CONFIG_RAW_DRIVER is not set
# CONFIG_HPET is not set
# CONFIG_HANGCHECK_TIMER is not set

#
# TPM devices
#
# CONFIG_TCG_TPM is not set
# CONFIG_TELCLOCK is not set

#
# I2C support
#
CONFIG_I2C=y
CONFIG_I2C_CHARDEV=y

#
# I2C Algorithms
#
CONFIG_I2C_ALGOBIT=y
CONFIG_I2C_ALGOPCF=y
CONFIG_I2C_ALGOPCA=y

#
# I2C Hardware Bus support
#
# CONFIG_I2C_ALI1535 is not set
# CONFIG_I2C_ALI1563 is not set
# CONFIG_I2C_ALI15X3 is not set
# CONFIG_I2C_AMD756 is not set
# CONFIG_I2C_AMD8111 is not set
CONFIG_I2C_I801=y
# CONFIG_I2C_I810 is not set
# CONFIG_I2C_PIIX4 is not set
# CONFIG_I2C_NFORCE2 is not set
# CONFIG_I2C_PARPORT_LIGHT is not set
# CONFIG_I2C_PROSAVAGE is not set
# CONFIG_I2C_SAVAGE4 is not set
# CONFIG_SCx200_ACB is not set
# CONFIG_I2C_SIS5595 is not set
# CONFIG_I2C_SIS630 is not set
# CONFIG_I2C_SIS96X is not set
# CONFIG_I2C_STUB is not set
# CONFIG_I2C_VIA is not set
# CONFIG_I2C_VIAPRO is not set
# CONFIG_I2C_VOODOO3 is not set
# CONFIG_I2C_PCA_ISA is not set

#
# Miscellaneous I2C Chip support
#
# CONFIG_SENSORS_DS1337 is not set
# CONFIG_SENSORS_DS1374 is not set
# CONFIG_SENSORS_EEPROM is not set
# CONFIG_SENSORS_PCF8574 is not set
# CONFIG_SENSORS_PCA9539 is not set
# CONFIG_SENSORS_PCF8591 is not set
# CONFIG_SENSORS_MAX6875 is not set
# CONFIG_I2C_DEBUG_CORE is not set
# CONFIG_I2C_DEBUG_ALGO is not set
# CONFIG_I2C_DEBUG_BUS is not set
# CONFIG_I2C_DEBUG_CHIP is not set

#
# SPI support
#
# CONFIG_SPI is not set
# CONFIG_SPI_MASTER is not set

#
# Dallas's 1-wire bus
#
# CONFIG_W1 is not set

#
# Hardware Monitoring support
#
CONFIG_HWMON=y
# CONFIG_HWMON_VID is not set
# CONFIG_SENSORS_ADM1021 is not set
# CONFIG_SENSORS_ADM1025 is not set
# CONFIG_SENSORS_ADM1026 is not set
# CONFIG_SENSORS_ADM1031 is not set
# CONFIG_SENSORS_ADM9240 is not set
# CONFIG_SENSORS_ASB100 is not set
# CONFIG_SENSORS_ATXP1 is not set
# CONFIG_SENSORS_DS1621 is not set
# CONFIG_SENSORS_F71805F is not set
# CONFIG_SENSORS_FSCHER is not set
# CONFIG_SENSORS_FSCPOS is not set
# CONFIG_SENSORS_GL518SM is not set
# CONFIG_SENSORS_GL520SM is not set
# CONFIG_SENSORS_IT87 is not set
# CONFIG_SENSORS_LM63 is not set
# CONFIG_SENSORS_LM75 is not set
# CONFIG_SENSORS_LM77 is not set
# CONFIG_SENSORS_LM78 is not set
# CONFIG_SENSORS_LM80 is not set
# CONFIG_SENSORS_LM83 is not set
# CONFIG_SENSORS_LM85 is not set
# CONFIG_SENSORS_LM87 is not set
# CONFIG_SENSORS_LM90 is not set
# CONFIG_SENSORS_LM92 is not set
# CONFIG_SENSORS_MAX1619 is not set
# CONFIG_SENSORS_PC87360 is not set
# CONFIG_SENSORS_SIS5595 is not set
# CONFIG_SENSORS_SMSC47M1 is not set
# CONFIG_SENSORS_SMSC47B397 is not set
# CONFIG_SENSORS_VIA686A is not set
# CONFIG_SENSORS_VT8231 is not set
# CONFIG_SENSORS_W83781D is not set
# CONFIG_SENSORS_W83792D is not set
# CONFIG_SENSORS_W83L785TS is not set
# CONFIG_SENSORS_W83627HF is not set
# CONFIG_SENSORS_W83627EHF is not set
# CONFIG_SENSORS_HDAPS is not set
# CONFIG_HWMON_DEBUG_CHIP is not set

#
# Misc devices
#
# CONFIG_IBM_ASM is not set

#
# Multimedia devices
#
# CONFIG_VIDEO_DEV is not set
CONFIG_VIDEO_V4L2=y

#
# Digital Video Broadcasting Devices
#
# CONFIG_DVB is not set
# CONFIG_USB_DABUSB is not set

#
# Graphics support
#
CONFIG_FB=y
CONFIG_FB_CFB_FILLRECT=y
CONFIG_FB_CFB_COPYAREA=y
CONFIG_FB_CFB_IMAGEBLIT=y
# CONFIG_FB_MACMODES is not set
CONFIG_FB_FIRMWARE_EDID=y
CONFIG_FB_MODE_HELPERS=y
# CONFIG_FB_TILEBLITTING is not set
# CONFIG_FB_CIRRUS is not set
# CONFIG_FB_PM2 is not set
# CONFIG_FB_CYBER2000 is not set
# CONFIG_FB_ARC is not set
# CONFIG_FB_ASILIANT is not set
# CONFIG_FB_IMSTT is not set
# CONFIG_FB_VGA16 is not set
CONFIG_FB_VESA=y
# CONFIG_FB_VESA_STD is not set
CONFIG_FB_VESA_TNG=y
CONFIG_FB_VESA_DEFAULT_MODE="640x480@60"
CONFIG_VIDEO_SELECT=y
# CONFIG_FB_HGA is not set
# CONFIG_FB_S1D13XXX is not set
# CONFIG_FB_NVIDIA is not set
# CONFIG_FB_RIVA is not set
# CONFIG_FB_I810 is not set
# CONFIG_FB_INTEL is not set
# CONFIG_FB_MATROX is not set
# CONFIG_FB_RADEON is not set
# CONFIG_FB_ATY128 is not set
# CONFIG_FB_ATY is not set
# CONFIG_FB_SAVAGE is not set
# CONFIG_FB_SIS is not set
# CONFIG_FB_NEOMAGIC is not set
# CONFIG_FB_KYRO is not set
# CONFIG_FB_3DFX is not set
# CONFIG_FB_VOODOO1 is not set
# CONFIG_FB_CYBLA is not set
# CONFIG_FB_TRIDENT is not set
# CONFIG_FB_GEODE is not set
# CONFIG_FB_VIRTUAL is not set

#
# Console display driver support
#
CONFIG_VGA_CONSOLE=y
# CONFIG_VGACON_SOFT_SCROLLBACK is not set
# CONFIG_MDA_CONSOLE is not set
CONFIG_DUMMY_CONSOLE=y
CONFIG_FRAMEBUFFER_CONSOLE=y
# CONFIG_FRAMEBUFFER_CONSOLE_ROTATION is not set
# CONFIG_FONTS is not set
CONFIG_FONT_8x8=y
CONFIG_FONT_8x16=y

#
# Logo configuration
#
# CONFIG_LOGO is not set
# CONFIG_BACKLIGHT_LCD_SUPPORT is not set
CONFIG_FB_SPLASH=y

#
# Speakup console speech
#
# CONFIG_SPEAKUP is not set
CONFIG_SPEAKUP_DEFAULT="none"

#
# Sound
#
CONFIG_SOUND=y

#
# Advanced Linux Sound Architecture
#
# CONFIG_SND is not set

#
# Open Sound System
#
# CONFIG_SOUND_PRIME is not set

#
# USB support
#
CONFIG_USB_ARCH_HAS_HCD=y
CONFIG_USB_ARCH_HAS_OHCI=y
CONFIG_USB_ARCH_HAS_EHCI=y
CONFIG_USB=y
# CONFIG_USB_DEBUG is not set

#
# Miscellaneous USB options
#
CONFIG_USB_DEVICEFS=y
# CONFIG_USB_BANDWIDTH is not set
# CONFIG_USB_DYNAMIC_MINORS is not set
# CONFIG_USB_SUSPEND is not set
# CONFIG_USB_OTG is not set

#
# USB Host Controller Drivers
#
CONFIG_USB_EHCI_HCD=y
# CONFIG_USB_EHCI_SPLIT_ISO is not set
# CONFIG_USB_EHCI_ROOT_HUB_TT is not set
# CONFIG_USB_ISP116X_HCD is not set
# CONFIG_USB_OHCI_HCD is not set
CONFIG_USB_UHCI_HCD=y
# CONFIG_USB_SL811_HCD is not set

#
# USB Device Class drivers
#
# CONFIG_USB_ACM is not set
CONFIG_USB_PRINTER=y

#
# NOTE: USB_STORAGE enables SCSI, and 'SCSI disk support'
#

#
# may also be needed; see USB_STORAGE Help for more information
#
CONFIG_USB_STORAGE=y
# CONFIG_USB_STORAGE_DEBUG is not set
# CONFIG_USB_STORAGE_DATAFAB is not set
# CONFIG_USB_STORAGE_FREECOM is not set
# CONFIG_USB_STORAGE_ISD200 is not set
# CONFIG_USB_STORAGE_DPCM is not set
# CONFIG_USB_STORAGE_USBAT is not set
# CONFIG_USB_STORAGE_SDDR09 is not set
# CONFIG_USB_STORAGE_SDDR55 is not set
# CONFIG_USB_STORAGE_JUMPSHOT is not set
# CONFIG_USB_STORAGE_ALAUDA is not set
# CONFIG_USB_LIBUSUAL is not set

#
# USB Input Devices
#
CONFIG_USB_HID=y
CONFIG_USB_HIDINPUT=y
# CONFIG_USB_HIDINPUT_POWERBOOK is not set
# CONFIG_HID_FF is not set
# CONFIG_USB_HIDDEV is not set
# CONFIG_USB_AIPTEK is not set
# CONFIG_USB_WACOM is not set
# CONFIG_USB_ACECAD is not set
# CONFIG_USB_KBTAB is not set
# CONFIG_USB_POWERMATE is not set
# CONFIG_USB_TOUCHSCREEN is not set
# CONFIG_USB_YEALINK is not set
# CONFIG_USB_XPAD is not set
# CONFIG_USB_ATI_REMOTE is not set
# CONFIG_USB_ATI_REMOTE2 is not set
# CONFIG_USB_KEYSPAN_REMOTE is not set
# CONFIG_USB_APPLETOUCH is not set

#
# USB Imaging devices
#
# CONFIG_USB_MDC800 is not set
# CONFIG_USB_MICROTEK is not set

#
# USB Network Adapters
#
# CONFIG_USB_CATC is not set
# CONFIG_USB_KAWETH is not set
# CONFIG_USB_PEGASUS is not set
# CONFIG_USB_RTL8150 is not set
# CONFIG_USB_USBNET is not set
# CONFIG_USB_ZD1201 is not set
CONFIG_USB_MON=y

#
# USB port drivers
#

#
# USB Serial Converter support
#
# CONFIG_USB_SERIAL is not set

#
# USB Miscellaneous drivers
#
# CONFIG_USB_EMI62 is not set
# CONFIG_USB_EMI26 is not set
# CONFIG_USB_AUERSWALD is not set
# CONFIG_USB_RIO500 is not set
# CONFIG_USB_LEGOTOWER is not set
# CONFIG_USB_LCD is not set
# CONFIG_USB_LED is not set
CONFIG_USB_CYTHERM=m
# CONFIG_USB_PHIDGETKIT is not set
CONFIG_USB_PHIDGETSERVO=m
# CONFIG_USB_IDMOUSE is not set
# CONFIG_USB_SISUSBVGA is not set
# CONFIG_USB_LD is not set
# CONFIG_USB_TEST is not set

#
# USB DSL modem support
#

#
# USB Gadget Support
#
# CONFIG_USB_GADGET is not set

#
# MMC/SD Card support
#
# CONFIG_MMC is not set

#
# LED devices
#
# CONFIG_NEW_LEDS is not set

#
# LED drivers
#

#
# LED Triggers
#

#
# InfiniBand support
#
# CONFIG_INFINIBAND is not set

#
# EDAC - error detection and reporting (RAS) (EXPERIMENTAL)
#
# CONFIG_EDAC is not set

#
# Real Time Clock
#
# CONFIG_RTC_CLASS is not set

#
# File systems
#
CONFIG_EXT2_FS=y
CONFIG_EXT2_FS_XATTR=y
CONFIG_EXT2_FS_POSIX_ACL=y
CONFIG_EXT2_FS_SECURITY=y
CONFIG_EXT2_FS_XIP=y
CONFIG_FS_XIP=y
CONFIG_EXT3_FS=y
CONFIG_EXT3_FS_XATTR=y
CONFIG_EXT3_FS_POSIX_ACL=y
CONFIG_EXT3_FS_SECURITY=y
CONFIG_JBD=y
# CONFIG_JBD_DEBUG is not set
CONFIG_FS_MBCACHE=y
CONFIG_REISERFS_FS=y
# CONFIG_REISERFS_CHECK is not set
CONFIG_REISERFS_PROC_INFO=y
CONFIG_REISERFS_FS_XATTR=y
CONFIG_REISERFS_FS_POSIX_ACL=y
CONFIG_REISERFS_FS_SECURITY=y
CONFIG_JFS_FS=m
CONFIG_JFS_POSIX_ACL=y
CONFIG_JFS_SECURITY=y
CONFIG_JFS_DEBUG=y
CONFIG_JFS_STATISTICS=y
CONFIG_FS_POSIX_ACL=y
CONFIG_XFS_FS=y
CONFIG_XFS_EXPORT=y
CONFIG_XFS_QUOTA=y
CONFIG_XFS_SECURITY=y
CONFIG_XFS_POSIX_ACL=y
CONFIG_XFS_RT=y
# CONFIG_OCFS2_FS is not set
# CONFIG_MINIX_FS is not set
# CONFIG_ROMFS_FS is not set
CONFIG_INOTIFY=y
# CONFIG_QUOTA is not set
CONFIG_QUOTACTL=y
CONFIG_DNOTIFY=y
# CONFIG_AUTOFS_FS is not set
CONFIG_AUTOFS4_FS=y
CONFIG_FUSE_FS=m

#
# CD-ROM/DVD Filesystems
#
CONFIG_ISO9660_FS=y
CONFIG_JOLIET=y
# CONFIG_ZISOFS is not set
CONFIG_UDF_FS=y
CONFIG_UDF_NLS=y

#
# DOS/FAT/NT Filesystems
#
CONFIG_FAT_FS=y
CONFIG_MSDOS_FS=y
CONFIG_VFAT_FS=y
CONFIG_FAT_DEFAULT_CODEPAGE=437
CONFIG_FAT_DEFAULT_IOCHARSET="iso8859-1"
CONFIG_NTFS_FS=y
# CONFIG_NTFS_DEBUG is not set
CONFIG_NTFS_RW=y

#
# Pseudo filesystems
#
CONFIG_PROC_FS=y
CONFIG_PROC_KCORE=y
CONFIG_SYSFS=y
CONFIG_TMPFS=y
# CONFIG_HUGETLBFS is not set
# CONFIG_HUGETLB_PAGE is not set
CONFIG_RAMFS=y
# CONFIG_CONFIGFS_FS is not set

#
# Miscellaneous filesystems
#
# CONFIG_ADFS_FS is not set
# CONFIG_AFFS_FS is not set
# CONFIG_HFS_FS is not set
# CONFIG_HFSPLUS_FS is not set
# CONFIG_BEFS_FS is not set
# CONFIG_BFS_FS is not set
# CONFIG_EFS_FS is not set
# CONFIG_CRAMFS is not set
# CONFIG_SQUASHFS is not set
# CONFIG_VXFS_FS is not set
# CONFIG_HPFS_FS is not set
# CONFIG_QNX4FS_FS is not set
# CONFIG_SYSV_FS is not set
# CONFIG_UFS_FS is not set

#
# Network File Systems
#
CONFIG_NFS_FS=y
CONFIG_NFS_V3=y
CONFIG_NFS_V3_ACL=y
# CONFIG_NFS_V4 is not set
# CONFIG_NFS_DIRECTIO is not set
CONFIG_NFSD=y
CONFIG_NFSD_V3=y
# CONFIG_NFSD_V3_ACL is not set
# CONFIG_NFSD_V4 is not set
CONFIG_NFSD_TCP=y
CONFIG_LOCKD=y
CONFIG_LOCKD_V4=y
CONFIG_EXPORTFS=y
CONFIG_NFS_ACL_SUPPORT=y
CONFIG_NFS_COMMON=y
CONFIG_SUNRPC=y
# CONFIG_RPCSEC_GSS_KRB5 is not set
# CONFIG_RPCSEC_GSS_SPKM3 is not set
CONFIG_SMB_FS=y
# CONFIG_SMB_NLS_DEFAULT is not set
CONFIG_CIFS=y
# CONFIG_CIFS_STATS is not set
# CONFIG_CIFS_XATTR is not set
# CONFIG_CIFS_EXPERIMENTAL is not set
# CONFIG_NCP_FS is not set
CONFIG_CODA_FS=y
# CONFIG_CODA_FS_OLD_API is not set
# CONFIG_AFS_FS is not set
# CONFIG_9P_FS is not set

#
# Partition Types
#
# CONFIG_PARTITION_ADVANCED is not set
CONFIG_MSDOS_PARTITION=y

#
# Native Language Support
#
CONFIG_NLS=y
CONFIG_NLS_DEFAULT="utf-8"
CONFIG_NLS_CODEPAGE_437=y
# CONFIG_NLS_CODEPAGE_737 is not set
# CONFIG_NLS_CODEPAGE_775 is not set
# CONFIG_NLS_CODEPAGE_850 is not set
CONFIG_NLS_CODEPAGE_852=y
# CONFIG_NLS_CODEPAGE_855 is not set
# CONFIG_NLS_CODEPAGE_857 is not set
# CONFIG_NLS_CODEPAGE_860 is not set
# CONFIG_NLS_CODEPAGE_861 is not set
# CONFIG_NLS_CODEPAGE_862 is not set
# CONFIG_NLS_CODEPAGE_863 is not set
# CONFIG_NLS_CODEPAGE_864 is not set
# CONFIG_NLS_CODEPAGE_865 is not set
# CONFIG_NLS_CODEPAGE_866 is not set
# CONFIG_NLS_CODEPAGE_869 is not set
# CONFIG_NLS_CODEPAGE_936 is not set
# CONFIG_NLS_CODEPAGE_950 is not set
# CONFIG_NLS_CODEPAGE_932 is not set
# CONFIG_NLS_CODEPAGE_949 is not set
# CONFIG_NLS_CODEPAGE_874 is not set
# CONFIG_NLS_ISO8859_8 is not set
# CONFIG_NLS_CODEPAGE_1250 is not set
# CONFIG_NLS_CODEPAGE_1251 is not set
# CONFIG_NLS_ASCII is not set
CONFIG_NLS_ISO8859_1=y
CONFIG_NLS_ISO8859_2=y
# CONFIG_NLS_ISO8859_3 is not set
# CONFIG_NLS_ISO8859_4 is not set
# CONFIG_NLS_ISO8859_5 is not set
# CONFIG_NLS_ISO8859_6 is not set
# CONFIG_NLS_ISO8859_7 is not set
# CONFIG_NLS_ISO8859_9 is not set
# CONFIG_NLS_ISO8859_13 is not set
# CONFIG_NLS_ISO8859_14 is not set
CONFIG_NLS_ISO8859_15=y
# CONFIG_NLS_KOI8_R is not set
# CONFIG_NLS_KOI8_U is not set
CONFIG_NLS_UTF8=y

#
# Instrumentation Support
#
CONFIG_PROFILING=y
CONFIG_OPROFILE=y
# CONFIG_KPROBES is not set

#
# Kernel hacking
#
# CONFIG_PRINTK_TIME is not set
# CONFIG_MAGIC_SYSRQ is not set
# CONFIG_DEBUG_KERNEL is not set
CONFIG_LOG_BUF_SHIFT=15
CONFIG_DEBUG_BUGVERBOSE=y
# CONFIG_DEBUG_FS is not set
# CONFIG_UNWIND_INFO is not set
CONFIG_EARLY_PRINTK=y
CONFIG_STACK_BACKTRACE_COLS=2
CONFIG_X86_FIND_SMP_CONFIG=y
CONFIG_X86_MPPARSE=y
CONFIG_DOUBLEFAULT=y

#
# Security options
#
# CONFIG_KEYS is not set
# CONFIG_SECURITY is not set

#
# Cryptographic options
#
CONFIG_CRYPTO=y
CONFIG_CRYPTO_HMAC=y
CONFIG_CRYPTO_NULL=y
CONFIG_CRYPTO_MD4=y
CONFIG_CRYPTO_MD5=y
CONFIG_CRYPTO_SHA1=y
CONFIG_CRYPTO_SHA256=y
CONFIG_CRYPTO_SHA512=y
# CONFIG_CRYPTO_WP512 is not set
# CONFIG_CRYPTO_TGR192 is not set
CONFIG_CRYPTO_DES=y
CONFIG_CRYPTO_BLOWFISH=y
CONFIG_CRYPTO_TWOFISH=y
CONFIG_CRYPTO_SERPENT=y
CONFIG_CRYPTO_AES=y
CONFIG_CRYPTO_AES_586=y
CONFIG_CRYPTO_CAST5=y
CONFIG_CRYPTO_CAST6=y
CONFIG_CRYPTO_TEA=y
CONFIG_CRYPTO_ARC4=y
CONFIG_CRYPTO_KHAZAD=y
CONFIG_CRYPTO_ANUBIS=y
CONFIG_CRYPTO_DEFLATE=y
CONFIG_CRYPTO_MICHAEL_MIC=y
CONFIG_CRYPTO_CRC32C=y
# CONFIG_CRYPTO_TEST is not set

#
# Hardware crypto devices
#
# CONFIG_CRYPTO_DEV_PADLOCK is not set

#
# Library routines
#
CONFIG_CRC_CCITT=y
CONFIG_CRC16=y
CONFIG_CRC32=y
CONFIG_LIBCRC32C=y
CONFIG_ZLIB_INFLATE=y
CONFIG_ZLIB_DEFLATE=y
CONFIG_TEXTSEARCH=y
CONFIG_TEXTSEARCH_KMP=m
CONFIG_TEXTSEARCH_BM=m
CONFIG_TEXTSEARCH_FSM=m
CONFIG_GENERIC_HARDIRQS=y
CONFIG_GENERIC_IRQ_PROBE=y
CONFIG_GENERIC_PENDING_IRQ=y
CONFIG_X86_SMP=y
CONFIG_X86_HT=y
CONFIG_X86_BIOS_REBOOT=y
CONFIG_X86_TRAMPOLINE=y
CONFIG_KTIME_SCALAR=y

My grub.conf was in the earlier post... nothing else comes to mind, I'm off to sleep to gather energy for this weeks last day at the local

helldesk

Reikinio · Post by **Reikinio** » Fri Aug 11, 2006 3:09 am

Zmyrgel wrote: I made it that I removed the initramfs-data-cpio.gz from the kernel and recompiled the kernel. Then I added the entries to use the initrd in the grub.conf and now I get nice mix:
Code: Select all
Failure to execute /init
Kernel Panic - Init not found

Ok, that message indicates the initramfs archive is not being loaded.
Another indication that the initramfs archive is not being loaded is fbsplash not working.

Things to check:

* init exists on build_initramfs/ and has executable permissions.
done

* Are you sure you created the initramfs correctly, as in, did you copy pasted the command to create and compress the cpio archive(initramfs image) ?
A "common" error is compressing the parent directory of build_initramfs, so, please post the output of this command:

Code: Select all

zcat /boot/initramfs-gentoo-crytp | cpio --list

* Are you sure that /boot/initramfs-gentoo-crypt exists on the /boot partition ?
You need to mount /boot before copying files to it, I know it sounds dumb, but still..

* Typos in grub.conf ?

* Remove "quiet" from your kernel parameters and read the kernel error messages, anything weird ?

There is nothing more to it, if it keeps failing you might want to try having the initramfs archive built into the kernel, this way you don't have to worry about it not being loaded via the bootloader, just make sure you follow the instructions.
For example you must place it in /usr/src/linux/usr and rename it to initramfs_data.cpio.gz, then touch the file and compile the kernel.
When it finishes compiling, check the kernel size it should be bigger than usual, in addition you can check if /usr/src/linux/usr/initramfs_data.cpio.gz was overwritted.
Then boot using the kernel and everything should work.

Zmyrgel wrote: A side note, you could add in the wiki on how exactly add more partitions on the setup and what about LVM?

What do you mean ?
For example, when you create the mappings you just need to repeat the same process for other partitions, nothing special, but let me know which step you think it should be improved with examples and I'll try adding some.

About LVM, It can be done, I'll add a ToDo list on the article discussion page, LVM will be in it.
Somebody else will have to write instructions and init support for it, because I've never used it and don't plan to start anytime soon.

Zmyrgel wrote: I tried to edit /etc/conf.d/cryptfs...

Code: Select all

# /etc/conf.d/cryptfs
# $Header: /var/cvsroot/gentoo-x86/sys-fs/cryptsetup-luks/files/cryptfs.confd,v 1.3 2005/06/25 14:11:37 swegener Exp $

# Note regarding the syntax of this file.  This file is *almost* bash,
# but each line is evaluated separately.  Separate swaps/mounts can be
# specified.  The init-script which reads this file assumes that a
# swap= or mount= line starts a new section, similar to lilo or grub
# configuration.

# Note when using gpg keys and /usr on a separate partition, you will
# have to copy /usr/bin/gpg to /bin/gpg so that it will work properly.
# See http://bugs.gentoo.org/90482 for more information.

# Swap partitions. These should come first so that no keys make their
# way into unencrypted swap.
# If no options are given, they will default to: -c aes -h sha1 -d /dev/urandom
# If no makefs is given then mkswap will be assumed
swap=crypt-swap
source='/dev/mapper/swap'

# Mounts
# If no options are given, they will default to: -c aes -h sha1
# No mkfs is run unless you specify a makefs option
# NOTE: if you are using cryptsetup-luks and want to use its features
# then you must add a type=luks line otherwise it will be treated like
# the original cryptsetup

# dm-crypt example

mount=crypt-home
source='/dev/mapper/home'
type=luks
#options='-d /root/keyfile'
#pre_mount='/sbin/mkreiserfs -f -f ${dev}'
#post_mount='chown root:root ${mount_point}; chmod 1777 ${mount_point}'

# Loopback file example

#mount='home-crypt'
#source='/dev/loop0'
#options='-c serpent -s 256'
#loop_file='/mnt/crypt/home'

You've some errors on it.
The cryptfs comments examples are wrong, you don't set the source to the mapping name, you've to set it to the real device.
And you need to use options=' ', otherwise the cryptfs implementation scripts will assign you with some default options that are not needed for luks partitions.
This is explained in the guide, see the "Decrypting/Encrypting partitions at startup" section.

By the way, since I've not uploaded the files to my website yet, you should disable the applets check in the init script(user variables are right after the comments).

Zmyrgel wrote: a lot of config options.

Looks good to me.

Regards

Zmyrgel · Post by **Zmyrgel** » Fri Aug 11, 2006 8:15 am

Ok, that message indicates the initramfs archive is not being loaded.
Another indication that the initramfs archive is not being loaded is fbsplash not working.

I've deleted the entries for framebuffer as it is just eyecandy and not too important

Things to check:

* Are you sure you created the initramfs correctly, as in, did you copy pasted the command to create and compress the cpio archive(initramfs image) ?
A "common" error is compressing the parent directory of build_initramfs, so, please post the output of this command:
Code: Select all
zcat /boot/initramfs-gentoo-crytp | cpio --list
* Are you sure that /boot/initramfs-gentoo-crypt exists on the /boot partition ?
You need to mount /boot before copying files to it, I know it sounds dumb, but still..

* Typos in grub.conf ?

* Remove "quiet" from your kernel parameters and read the kernel error messages, anything weird ?

I did copy past the command put still no

Last time I tried just by building the initrd image myself and copying it to boot... and it is there

I recompiled the kernel after I removed the copied file from the /usr/src/linux/usr. This should be the other, older way?

I removed the quiet as I didn't get the fb to work, so I removed all slash entries so I get the basic system to work, then it's time to add the eyecandy.

There is nothing more to it, if it keeps failing you might want to try having the initramfs archive built into the kernel, this way you don't have to worry about it not being loaded via the bootloader, just make sure you follow the instructions.
For example you must place it in /usr/src/linux/usr and rename it to initramfs_data.cpio.gz, then touch the file and compile the kernel.
When it finishes compiling, check the kernel size it should be bigger than usual, in addition you can check if /usr/src/linux/usr/initramfs_data.cpio.gz was overwritted.
Then boot using the kernel and everything should work.

I tested this but didn't get it to work. I'll try again today once I get home from work.

What do you mean ?
For example, when you create the mappings you just need to repeat the same process for other partitions, nothing special, but let me know which step you think it should be improved with examples and I'll try adding some.

It would be mentioned more clearly in the Wiki so there's no need to wonder it. You could also explain the cryptfs file options more clearly. I had problems with them as shown mentioned. And what about the passphrases, do I need to open all partitions separately and all? I had 8 partitions when I started to follow this wiki which I quickly substracted to 4

Basicly it would just made the process more obvious.

About LVM, It can be done, I'll add a ToDo list on the article discussion page, LVM will be in it.
Somebody else will have to write instructions and init support for it, because I've never used it and don't plan to start anytime soon.

Ok, I could test it myself but I only have my laptop now so I don't plan to change these settings anytime soon

Need one working system atleast... Hopefully someone will do this as LVM is quite handy.

You've some errors on it.
The cryptfs comments examples are wrong, you don't set the source to the mapping name, you've to set it to the real device.
And you need to use options=' ', otherwise the cryptfs implementation scripts will assign you with some default options that are not needed for luks partitions.
This is explained in the guide, see the "Decrypting/Encrypting partitions at startup" section.

Ok, I change the options part... Should I pass there some options as I use the AES cipher or just put one space in there?
I will also change the source part.

By the way, since I've not uploaded the files to my website yet, you should disable the applets check in the init script(user variables are right after the comments).

Ah, forgot to mention that I commented them out. I wondered a while as I didn't find them as I had downloaded the "poor" version of init. After copying the init from wiki, I commented the applet part from it.

All and all, great work and thank you for your quick replies. Hopefully I get this working soon. One obvious mistake I've made, is my lack of "installation beverage".

Can't code while sober....

Zmyrgel · Post by **Zmyrgel** » Fri Aug 11, 2006 3:58 pm

I tested the mentioned things and still get the same error, "failed to execute /init" and then kernel panic

I tried it by compiling the initramfs in the new way, and then in the old way and both returned the same error.

Here' the init file I use minus the early comments

Code: Select all

 
#!/bin/sh
# user defined variables
uv_init=/sbin/init           # init to execute after switching to real root
uv_root_mapping=root         # self descriptive
uv_swap_mapping=swap	     # ^^
uv_check_env=1               # test if busybox applets exist 

# default values(don't edit)          
gv_active_splashutil=0
gv_splash_silent=0
gv_root_mode=rw
gv_shell_checkpoint=0

# functions
die()
{
        local lv_msg="$1"
	umount -n /mnt 2>/dev/null
        [ "${gv_splash_silent}" -eq 1 ] && splash_verbose
        echo "${lv_msg}"
        echo 
        echo "Dropping you into a minimal shell..."
        exec /bin/sh
}

bin_exist()
{
	[ ! -e "/bin/${1}" ] && [ ! -e "/sbin/${1}" ] && die "Error: ${2} ${1} not found."
}

#check_busybox_applets()
#{
#	if [ ! -e "/etc/applets" ]; then
#		echo "Warning: Cannot check if BusyBox's applets exist(/etc/applets missing)"
#	else
#		for i in `cat /etc/applets`; do
#			bin_exist ${i} "BusyBox applet" 
#		done
#	fi
#}

rmmod_group() {
        local lv_group="$1"
        local lv_invert
        local lv_mod

        if [ -f "/etc/modules/${lv_group}" ]; then
                for mod in `cat "/etc/modules/${lv_group}"`; do
                        invert="${lv_mod} ${lv_invert}"
                done

                for mod in ${lv_invert}; do
                        #
                        # There are some modules that cannot
                        # be unloaded
                        #
                        if [ "${lv_mod}" != "unix" ]; then
                                rmmod "`echo "${lv_mod}" | sed 's/-/_/g'`"
                        fi
                done
        fi
}

modprobe_group() {
        local lv_group="$1"
        local lv_mod

        if [ -f "/etc/modules/${lv_group}" ]; then
                for mod in `cat "/etc/modules/${lv_group}"`; do
                        modprobe "${lv_mod}" > /dev/null 2>&1
                done
        fi
}

#killallwait() { # no use for it yet
#        local lv_p="$1"
#
#        while killall -q -3 "${lv_p}"; do
#                sleep 1
#        done
#}

splash_command() {
        local lv_cmd="$1"

        if [ ${gv_active_splashutil} != 0 ]; then
                echo "$lv_cmd" > /lib/splash/cache/.splash
        fi
}

splash_verbose() {
        splash_command "set mode verbose" 
}

splash_silent() {
        splash_command "set mode silent"
}

splash_message() {
        local lv_msg="$1"

        splash_command "set message ${lv_msg}"
        splash_command "repaint"
}

splash_setup() {
	[ "$uv_check_env" -eq 1 ] && bin_exist "splash_util.static" "--"
        if [ -n "${gv_splash_console}" ]; then
                exec < "${gv_splash_console}" > "${gv_splash_console}" 2>&1
        fi
        if [ -n "${gv_splash_theme}" ]; then
                [ -e /lib/splash/cache ] || mkdir -p /lib/splash/cache
                [ -e /lib/splash/cache/.splash ] || mknod /lib/splash/cache/.splash p
                splash_util.static --daemon "--theme=${gv_splash_theme}"
                gv_active_splashutil=1
        fi
}

splash_daemon_stop() {
	if [ "${gv_active_splashutil}" -ne 0 ]; then
                splash_command "exit"
                gv_active_splashutil=0
        fi
}

shell_checkpoint() {
        local lv_level=$1

        if [ "${gv_shell_checkpoint}" -eq "${lv_level}" ]; then
                splash_verbose
		echo "Checkpoint ${lv_level}" 
                exec /bin/sh
        fi
}

suspend2_resume() {
        [ "${gv_splash_silent}" -eq 1 ] && splash_message "Resuming..."
        splash_daemon_stop

        modprobe_group suspend2
        if [ -z "${gv_splash_theme}" ]; then
                if which suspend2ui_text > /dev/null; then
                        echo `which suspend2ui_text` > /proc/suspend2/userui_program
                fi
        else
                ln -s "/etc/splash/${gv_splash_theme}" /etc/splash/suspend2
                echo `which suspend2ui_fbsplash` > /proc/suspend2/userui_program
        fi
	mount -n -o remount,ro /
        echo > /proc/suspend2/do_resume
	mount -n -o remount,rw /
        rmmod_group suspend2
	cryptsetup luksClose "${uv_swap_mapping}" 2>/dev/null || cryptsetup remove "${uv_swap_mapping}"
        die "Error: resume from hibernation failed."
}

get_key() {
	local lv_mode="${1}"
	local lv_dev="${2}"
        gv_filepath="${3}"
	local lv_devname="`echo "${lv_dev}" | cut -d'/' -f3 | tr -d '0-9'`" # for use with /sys/block/ 
	local lv_filename="`echo "${gv_filepath}" | sed 's/\/.*\///g'`"

	modprobe_group remdev
	# wait for device
	local lv_first_time=1
	while ! mount -n -o ro "${lv_dev}" /mnt 2>/dev/null >/dev/null 
	do
		if [ "${lv_first_time}" != 0 ]; then
			echo "Insert removable device and press Enter."
			read x
			echo "Please wait a few seconds...."
			lv_first_time=0
		else
			[ ! -e "/sys/block/${lv_devname}" ] && echo "Info: /sys/block/${lv_devname} does not exist."
			[ ! -e "${lv_dev}" ] && echo "Info: ${lv_dev} does not exist."
		fi
		sleep 5
	done
	echo "Info: Removable device mounted."
	# check if keyfile exist
	if [ ! -e "/mnt/${gv_filepath}" ]; then
	 	die "Error: ${gv_filepath} does not exist on ${lv_dev}."
	fi
	# get the key
	case "$lv_mode" in
		gpg)    # key will be piped into cryptsetup as a passphrase in exec_cryptsetup()
			[ "$uv_check_env" -eq 1 ] && bin_exist "gpg" "--"
			gv_key_gpg=1
			;;
		none)
			gv_key_file="/mnt/${gv_filepath}"
			;;
		*)
			die "Error: ${lv_mode} is not valid."
			;; 
	esac
}

exec_cryptsetup() {  # 1 is device, 2 is mapping
	local lv_arg1="create"
	local lv_arg2="${2}"
	local lv_arg3="${1}"

	cryptsetup isLuks "${1}" 2>/dev/null && { lv_arg1="luksOpen"; lv_arg2="${1}"; lv_arg3="${2}"; }

	if [ -n "${gv_key_gpg}" ]; then
		modprobe_group gpg
		# Fixup gpg tty requirement
		mv /dev/tty /dev/tty.org
		cp -a /dev/console /dev/tty
		while [ ! -e "/dev/mapper/${2}" ]
		do
			sleep 2
			gpg --quiet --homedir / --logger-file /dev/null --decrypt /mnt/${gv_filepath} | \
			cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}" 2>/dev/null
		done
		rm /dev/tty
		mv /dev/tty.org /dev/tty
		rmmod_group gpg
		umount -n /mnt
		rmmod_group remdev
		gv_key_gpg=
	else
		if [ -n "${gv_key_file}" ]; then
			cryptsetup -d "${gv_key_file}" "${lv_arg1}" "${lv_arg2}" "${lv_arg3}"
	                if [ "$?" -ne 0 ]; then
                                die "Error: e1 failed to decrypt ${1}."
               	        fi
			umount -n /mnt
			rmmod_group remdev
			gv_key_file=
		else
			cryptsetup "${lv_arg1}" "${lv_arg2}" "${lv_arg3}"
			if [ "$?" -ne 0 ]; then
                               	die "Error: e2 failed to decrypt ${1}."
                       	fi
		fi
	fi
}

do_root_work() {
	[ -n "${gv_root_device}" ] || die "Error: root missing."

	if [ -n "${gv_key_root_mode}" ]; then
		# if 'init_key_root' arg was given
		[ -n "${gv_key_root_device}" ] || die "Error: init_key_root: device field empty."
		[ -n "${gv_key_root_filepath}" ] || die "Error: init_key_root: filepath field empty."

		get_key "${gv_key_root_mode}" "${gv_key_root_device}" "${gv_key_root_filepath}"
	fi
	shell_checkpoint 4
	echo "Partition: root"
	exec_cryptsetup "${gv_root_device}" "${uv_root_mapping}" 
	mount -o "${gv_root_mode}" "/dev/mapper/${uv_root_mapping}" /new-root
        if [ "$?" -ne 0 ]; then
		cryptsetup luksClose "${uv_root_mapping}" 2>/dev/null || cryptsetup remove "${uv_root_mapping}" 	
        	die "Error: mount root failed, dm-crypt mapping closed."
        fi
	shell_checkpoint 5
}

do_swap_work() {
      	if [ -n "${gv_key_swap_mode}" ]; then
               	# if 'init_key_swap' arg was given
                [ -n "${gv_key_swap_device}" ] || die "Error: init_key_swap : device field empty."
                [ -n "${gv_key_swap_filepath}" ] || die "Error: init_key_swap: filepath field empty."

                get_key "${gv_key_swap_mode}" "${gv_key_swap_device}" "${gv_key_swap_filepath}"
	fi
	shell_checkpoint 2
	echo "Partition: swap"  
        exec_cryptsetup "${gv_swap_device}" "${uv_swap_mapping}"
	shell_checkpoint 3
}

do_work() {
	[ "${gv_splash_silent}" -eq 1 ] && splash_verbose
	# load kmap and font	
	if [ -n "${gv_kmap}" ]; then
		if [ -e "/etc/${gv_kmap}" ]; then
			loadkmap < "/etc/${gv_kmap}"
		else
			die "Error: keymap ${gv_kmap} does not exist on /etc"
		fi
		if [ -n "${gv_font}" ]; then
			if [ -e "/etc/${gv_font}" ]; then
				loadfont < "/etc/${gv_font}"
			else
				die "Error: font ${gv_font} does not exist on /etc"
			fi
		fi
	fi
	print_msg
	shell_checkpoint 1
	if [ -n "${gv_active_suspend2}" ]; then
		# suspend2 users should always boot this way to prevent data loss

		[ -n "${gv_swap_device}" ] || die "Error: suspend2 requires iswap argument."
		do_swap_work

		if [ "${gv_active_suspend2}" -eq 1 ]; then

			local lv_s2img="`cat /proc/suspend2/image_exists | head -n 1`"
			[ "${lv_s2img}" -eq 0 ] && die "Error: no image exist at location pointed by resume2="
			if [ "${lv_s2img}" -ne 1 ]; then
				echo
				echo "WARNING: there is no recognizable signature at location pointed by resume2="
				echo -n "Do you want to proceed(type:yes)? "
				read lv_answer
				[ "${lv_answer}" != "yes" ] && die "resume aborted by user"
			fi      
			suspend2_resume
		else
			# noresume2  
			# open swap, open root, destroy suspend2 image, switch root
			do_root_work
			echo "Destroying previous suspend2 image(if any).."
			echo 0 > /proc/suspend2/image_exists
			# alternative: mkswap "/dev/mapper/${uv_swap_mapping}" 2>/dev/null >/dev/null
			do_switch
		fi	

	else
                do_root_work
                do_switch
	fi
}

do_switch() {
	# Unmount everything and switch root filesystems for good:
	# exec the real init and begin the real boot process.
	echo > /proc/sys/kernel/hotplug
	[ "${gv_splash_silent}" -eq 1 ] && splash_silent && splash_message "Switching / ..."
	echo "Switching / ..."
	splash_daemon_stop
	sleep 1
	/bin/umount -l /proc
	/bin/umount -l /sys
	/bin/umount -l /dev
	shell_checkpoint 6
	exec switch_root /new-root "${uv_init}"
}

print_msg() {
#	clear
	echo
	cat /etc/msg 2>/dev/null
	echo
}

parse_cmdl_args() {
	local x
	CMDLINE=`cat /proc/cmdline`
	for param in $CMDLINE; do
    		case "${param}" in
			rescue)
				gv_shell_checkpoint=1
				;;
			root=*)
				gv_root_device="`echo "${param}" | cut -d'=' -f2`"
				;;
			ro)
				gv_root_mode="ro"
				;;
			splash=*)
				gv_splash_theme="`echo "${param}" | sed 's/.*theme://' | sed 's/,.*//'`"
				[ -n "`echo ${param} | grep silent`" ] && gv_splash_silent=1
				;;
			CONSOLE=*)
				gv_splash_console="`echo "${param}" | cut -d'=' -f2`"
				;;
			is2)
				# check if booting with noresume2
				if [ -z "`grep noresume2 /proc/cmdline`" ]; then
					gv_active_suspend2=1
				else
					gv_active_suspend2=0
				fi
				;;
			ikmap=*)
				gv_kmap="`echo "${param}" | cut -d'=' -f2 | cut -d':' -f1`"
				gv_font="`echo "${param}" | cut -d':' -s -f2`"		
				;;
			ichkpt=*)
				gv_shell_checkpoint=`echo "${param}" | cut -d'=' -f2`
				;;
			iswap=*)
				gv_swap_device="`echo "${param}" | cut -d'=' -f2 | cut -d':' -f1`"
				;;
			ikey_root=*)
				x="`echo "${param}" | cut -d'=' -f2 | tr ":" " "`"
				gv_key_root_mode="`echo ${x} | cut -d' ' -f1`"
				gv_key_root_device="`echo ${x} | cut -d' ' -s -f2`"
				gv_key_root_filepath="`echo ${x} | cut -d' ' -s -f3`"
				;;
			ikey_swap=*)
				x="`echo "${param}" | cut -d'=' -f2 | tr ":" " "`"
				gv_key_swap_mode="`echo ${x} | cut -d' ' -f1`"
				gv_key_swap_device="`echo ${x} | cut -d' ' -s -f2`"
				gv_key_swap_filepath="`echo ${x} | cut -d' ' -s -f3`"
				;;
	   	 esac
	done
}

main() {
	export PATH=/sbin:/bin
#	dmesg -n 1
        umask 0077
	[ ! -d /proc ] && mkdir /proc
	/bin/mount -t proc proc /proc
#       # install busybox applets
#       /bin/busybox --install -s
	[ "$uv_check_env" -eq 1 ] && check_busybox_applets
	[ "$uv_check_env" -eq 1 ] && bin_exist "cryptsetup" "--"
        [ ! -d /tmp ] && mkdir /tmp
	[ ! -d /mnt ] && mkdir /mnt
	[ ! -d /new-root ] && mkdir /new-root
	/bin/mount -t sysfs sysfs /sys
	parse_cmdl_args
	modprobe_group boot
	# populate /dev from /sys
	/bin/mount -t tmpfs tmpfs /dev
	/sbin/mdev -s
	# handle hotplug events
	echo /sbin/mdev > /proc/sys/kernel/hotplug
	splash_setup
	# fix: /dev/device-mapper should be /dev/mapper/control
	# otherwise it fails on my amd64 system(busybox v1.2.1), weird that it works
	# on my laptop(i686, /dev/mapper/control gets created on luksOpen).
	if [ ! -e "/dev/mapper/control" ]; then
		# see: /proc/misc, /sys/class/misc/device-mapper/dev 
		mkdir /dev/mapper && mv /dev/device-mapper /dev/mapper/control
		echo "device-mapper mapper/control issue fixed.." >> /.initlog
	fi
	do_work
}
main

Reikinio · Post by **Reikinio** » Fri Aug 11, 2006 5:29 pm

Ok, you've still have the same problem, the required initramfs is not being loaded.
Try something different, this time let the kernel build the initramfs, like this:
Edit CONFIG_INITRAMFS_SOURCE and enter the path to the build_initramfs directory, then compile the kernel, the build process will link the initramfs into the kernel and it'll save the archive in /usr/src/linux/usr/initramfs_data.cpio.gz.
Right after the compilation finishes, use "zcat /usr/src/linux/usr/initramfs_data.cpio.gz | cpio --list", the contents of build_initramfs should be there.
Now you know for sure that the initramfs was built into the kernel.
Edit grub.conf and remove the initrd line.
Boot the kernel .

To disable the applets check:

Code: Select all

uv_check_env=0  # 0 == disabled, do not comment the lines.

Zmyrgel · Post by **Zmyrgel** » Fri Aug 11, 2006 8:05 pm

I did that and quess what.... nothing changed

Code: Select all

livecd gentoo # zcat /mnt/gentoo/usr/src/linux/usr/initramfs_data.cpio.gz | cpio --list
cpio: Removing leading `/' from member names
bin
cpio: Removing leading `/' from member names
bin/busybox
cpio: Removing leading `/' from member names
bin/[
cpio: Removing leading `/' from member names
bin/[[
cpio: Removing leading `/' from member names
bin/ash
cpio: Removing leading `/' from member names
bin/awk
cpio: Removing leading `/' from member names
bin/basename
cpio: Removing leading `/' from member names
bin/bunzip2
cpio: Removing leading `/' from member names
bin/bzcat
cpio: Removing leading `/' from member names
bin/cat
cpio: Removing leading `/' from member names
bin/chattr
cpio: Removing leading `/' from member names
bin/chgrp
cpio: Removing leading `/' from member names
bin/chmod
cpio: Removing leading `/' from member names
bin/chown
cpio: Removing leading `/' from member names
bin/chvt
cpio: Removing leading `/' from member names
bin/clear
cpio: Removing leading `/' from member names
bin/cp
cpio: Removing leading `/' from member names
bin/cpio
cpio: Removing leading `/' from member names
bin/cut
cpio: Removing leading `/' from member names
bin/date
cpio: Removing leading `/' from member names
bin/dd
cpio: Removing leading `/' from member names
bin/deallocvt
cpio: Removing leading `/' from member names
bin/df
cpio: Removing leading `/' from member names
bin/diff
cpio: Removing leading `/' from member names
bin/dirname
cpio: Removing leading `/' from member names
bin/dmesg
cpio: Removing leading `/' from member names
bin/du
cpio: Removing leading `/' from member names
bin/dumpkmap
cpio: Removing leading `/' from member names
bin/echo
cpio: Removing leading `/' from member names
bin/egrep
cpio: Removing leading `/' from member names
bin/env
cpio: Removing leading `/' from member names
bin/expr
cpio: Removing leading `/' from member names
bin/false
cpio: Removing leading `/' from member names
bin/fgrep
cpio: Removing leading `/' from member names
bin/find
cpio: Removing leading `/' from member names
bin/free
cpio: Removing leading `/' from member names
bin/grep
cpio: Removing leading `/' from member names
bin/gunzip
cpio: Removing leading `/' from member names
bin/gzip
cpio: Removing leading `/' from member names
bin/head
cpio: Removing leading `/' from member names
bin/kill
cpio: Removing leading `/' from member names
bin/killall
cpio: Removing leading `/' from member names
bin/less
cpio: Removing leading `/' from member names
bin/ln
cpio: Removing leading `/' from member names
bin/loadfont
cpio: Removing leading `/' from member names
bin/ls
cpio: Removing leading `/' from member names
bin/lsattr
cpio: Removing leading `/' from member names
bin/md5sum
cpio: Removing leading `/' from member names
bin/mesg
cpio: Removing leading `/' from member names
bin/mkdir
cpio: Removing leading `/' from member names
bin/mkfifo
cpio: Removing leading `/' from member names
bin/mknod
cpio: Removing leading `/' from member names
bin/more
cpio: Removing leading `/' from member names
bin/mount
cpio: Removing leading `/' from member names
bin/mountpoint
cpio: Removing leading `/' from member names
bin/mv
cpio: Removing leading `/' from member names
bin/pidof
cpio: Removing leading `/' from member names
bin/ps
cpio: Removing leading `/' from member names
bin/pwd
cpio: Removing leading `/' from member names
bin/readlink
cpio: Removing leading `/' from member names
bin/reset
cpio: Removing leading `/' from member names
bin/rm
cpio: Removing leading `/' from member names
bin/rmdir
cpio: Removing leading `/' from member names
bin/sed
cpio: Removing leading `/' from member names
bin/seq
cpio: Removing leading `/' from member names
bin/setkeycodes
cpio: Removing leading `/' from member names
bin/sh
cpio: Removing leading `/' from member names
bin/sleep
cpio: Removing leading `/' from member names
bin/sort
cpio: Removing leading `/' from member names
bin/strings
cpio: Removing leading `/' from member names
bin/sync
cpio: Removing leading `/' from member names
bin/tail
cpio: Removing leading `/' from member names
bin/tar
cpio: Removing leading `/' from member names
bin/test
cpio: Removing leading `/' from member names
bin/touch
cpio: Removing leading `/' from member names
bin/tr
cpio: Removing leading `/' from member names
bin/true
cpio: Removing leading `/' from member names
bin/tty
cpio: Removing leading `/' from member names
bin/umount
cpio: Removing leading `/' from member names
bin/uname
cpio: Removing leading `/' from member names
bin/uudecode
cpio: Removing leading `/' from member names
bin/uuencode
cpio: Removing leading `/' from member names
bin/vi
cpio: Removing leading `/' from member names
bin/watch
cpio: Removing leading `/' from member names
bin/wc
cpio: Removing leading `/' from member names
bin/which
cpio: Removing leading `/' from member names
bin/xargs
cpio: Removing leading `/' from member names
bin/yes
cpio: Removing leading `/' from member names
bin/zcat
cpio: Removing leading `/' from member names
sbin
cpio: Removing leading `/' from member names
sbin/chroot
cpio: Removing leading `/' from member names
sbin/e2fsck
cpio: Removing leading `/' from member names
sbin/fbset
cpio: Removing leading `/' from member names
sbin/fdisk
cpio: Removing leading `/' from member names
sbin/fsck
cpio: Removing leading `/' from member names
sbin/fsck.ext2
cpio: Removing leading `/' from member names
sbin/fsck.ext3
cpio: Removing leading `/' from member names
sbin/halt
cpio: Removing leading `/' from member names
sbin/insmod
cpio: Removing leading `/' from member names
sbin/loadkmap
cpio: Removing leading `/' from member names
sbin/lsmod
cpio: Removing leading `/' from member names
sbin/mdev
cpio: Removing leading `/' from member names
sbin/mke2fs
cpio: Removing leading `/' from member names
sbin/mkfs.ext2
cpio: Removing leading `/' from member names
sbin/mkfs.ext3
cpio: Removing leading `/' from member names
sbin/mkswap
cpio: Removing leading `/' from member names
sbin/modprobe
cpio: Removing leading `/' from member names
sbin/poweroff
cpio: Removing leading `/' from member names
sbin/reboot
cpio: Removing leading `/' from member names
sbin/rmmod
cpio: Removing leading `/' from member names
sbin/start-stop-daemon
cpio: Removing leading `/' from member names
sbin/swapoff
cpio: Removing leading `/' from member names
sbin/swapon
cpio: Removing leading `/' from member names
sbin/switch_root
cpio: Removing leading `/' from member names
sbin/sysctl
cpio: Removing leading `/' from member names
sbin/tune2fs
cpio: Removing leading `/' from member names
sbin/splash_helper
cpio: Removing leading `/' from member names
sbin/splash_util.static
cpio: Removing leading `/' from member names
proc
cpio: Removing leading `/' from member names
sys
cpio: Removing leading `/' from member names
new-root
cpio: Removing leading `/' from member names
etc
cpio: Removing leading `/' from member names
etc/msg
cpio: Removing leading `/' from member names
etc/fi-latin1-i386.bin
cpio: Removing leading `/' from member names
etc/splash
cpio: Removing leading `/' from member names
etc/splash/GoGentooGo
cpio: Removing leading `/' from member names
etc/splash/GoGentooGo/images
cpio: Removing leading `/' from member names
etc/splash/GoGentooGo/images/silent-1024x768.jpg
cpio: Removing leading `/' from member names
etc/splash/GoGentooGo/images/verbose-1024x768.jpg
cpio: Removing leading `/' from member names
etc/splash/GoGentooGo/1024x768.cfg
cpio: Removing leading `/' from member names
dev
cpio: Removing leading `/' from member names
dev/null
cpio: Removing leading `/' from member names
dev/console
cpio: Removing leading `/' from member names
init
5102 blocks
livecd gentoo #

Starting to get little frustrated towards this encryption....
Any more ideas? It's quite odd that it won't load the initrd or initramfs at all. Or is there something with the init file... It seems fine too...

Code: Select all

livecd gentoo # ls -la /mnt/gentoo/root/build_initramfs/
total 36
drwxr-xr-x  9 root root    94 Aug 11 20:50 .
drwx------  5 root root  4096 Aug 11 20:51 ..
drwxr-xr-x  2 root root  4096 Aug  9 19:22 bin
drwxr-xr-x  2 root root    31 Aug  9 19:26 dev
drwxr-xr-x  3 root root    54 Aug  9 20:01 etc
-rwxr-xr-x  1 root root 21945 Aug 11 20:50 init
drwxr-xr-x  2 root root     6 Aug  9 19:23 new-root
drwxr-xr-x  2 root root     6 Aug  9 19:23 proc
drwxr-xr-x  2 root root  4096 Aug  9 20:17 sbin
drwxr-xr-x  2 root root     6 Aug  9 19:23 sys
livecd gentoo #

Reikinio · Post by **Reikinio** » Fri Aug 11, 2006 8:22 pm

I'm out of ideas, it should work.

But do not despair, if it keeps failing you can always use genkernel to generate an initramfs, read the instructions here.

computer_guy57 · Post by **computer_guy57** » Sat Aug 12, 2006 5:09 am

My (hopefully) final attempt at this is underway...

Just out of curiosity, why do you say not to enter anything in CONFIG_INITRAMFS_SOURCE, and instead just drop the gzipped image into /usr/src/linux/usr? What technical difference does it have on the end result?

The very first time I did this, I did use CONFIG_INITRAMFS... and it at least ran the init script. The second time, I did it as the guide said, and it didn't run the init script.

So... what's wrong with doing it that way?

Reikinio · Post by **Reikinio** » Sat Aug 12, 2006 1:50 pm

computer_guy57 wrote:My (hopefully) final attempt at this is underway...

Just out of curiosity, why do you say not to enter anything in CONFIG_INITRAMFS_SOURCE, and instead just drop the gzipped image into /usr/src/linux/usr? What technical difference does it have on the end result?

The very first time I did this, I did use CONFIG_INITRAMFS... and it at least ran the init script. The second time, I did it as the guide said, and it didn't run the init script.

So... what's wrong with doing it that way?

There is nothing wrong with letting the kernel build the initramfs, the thing is that I've never used that method and I find it easy to just drop the initramfs_data.cpio.gz archive in /usr/src/linux/usr.

In the "Creating initramfs" section, there is a list of documents that explain what "early userspace" is all about, they also document several approches to handle initramfs creation, you should read them if you're going to let the kernel build process create the initramfs.

I don't get why so many people have problems with that step, it should be fairly simple, at least it works for me, don't despair if it keeps failing to load the initramfs archive, there are alternatives such as using genkernel to create initramfs.

Good luck,

Zmyrgel · Post by **Zmyrgel** » Sat Aug 12, 2006 7:54 pm

Yeah, seems pretty odd... I tried with the genkernel and all but still got the same error message.

Well, that's it for me for now, I installed good old faithfull back.... happy with Slack

I probably return to Gentoo at somepoint and test this again... Or find a way to do this in Slackware. I hope you find solution on these "init not found" issue, seems pretty mysterioes as I build it in the kernel and it shows there but won't boot it...

Reikinio · Post by **Reikinio** » Sat Aug 12, 2006 10:30 pm

Zmyrgel wrote:Yeah, seems pretty odd... I tried with the genkernel and all but still got the same error message.

Well, that's it for me for now, I installed good old faithfull back.... happy with Slack

I probably return to Gentoo at somepoint and test this again... Or find a way to do this in Slackware. I hope you find solution on these "init not found" issue, seems pretty mysterioes as I build it in the kernel and it shows there but won't boot it...

I'm sorry I couldn't be of much assistance.

btw: You can use the information(and init script) of the guide with Slackware, it's not distro specific.
btw2: Here is another article about initramfs(click), perhaps it will help you figure out what went wrong.

Either way, good luck.

computer_guy57 · Post by **computer_guy57** » Sun Aug 13, 2006 8:38 pm

Well I got mine set up again with LUKS... but I rebooted and I'm back to my old problem of not having the /dev/hd* nodes created.

Sorry to dissappoint but I think I'll just stick with encrypted home for now. Maybe it would've been a good idea to give this a dry run on another computer that I really don't need, then move it over to this one later... maybe I'll try the full-system on another computer after I get this one running normally.

I would keep trying but this computer (my main one) has been out of commission now for at least a week or two and it would be nice to have it back.

Thanks anyway for the HOWTO and the idea. It was nicely written and I did learn a whole lot from it.

Post by **prometheanfire** » Tue Aug 15, 2006 7:27 am

would it be possible to use the same usb key as a boot device for both my laptop and desktop?

balkira · Post by **balkira** » Fri Aug 18, 2006 4:43 pm

hello guys,

First I wanted to say thanks, especially a big hail up for Reikinio who does a great job and a strong support.

Then, on my free time I did this http://www.openchill.org/genluks

It is a first draft of an automatic installer. It only supports symmetric encryption for now (aes, blowfish, serpent) the rest (public keys ...) will appear with some time but it is planned.

It is buggy YES it lacks SCSI SATA support and many other things but if your environment reflects the specs http://www.openchill.org/2006/07/genluk ... s.php#more then it should be fine for you.

Feedback, critics, new ideas or mistakes I made is very welcomed.

Note: the partitioning design requires an ENTIRE hard drive. I mean that the installer will create its own partitions (boot / swap) on a hd{a,b,c,d} device. This is very arguable as it doesnt allow the user to select his own pre partionned devices. This maybe unappropriated for many users but it will changed to ask the user which partition scheme he would like to use, I just didn't get the time to do it yet.

Note2: Other conceptual choices have been made like compiling in live your busybox and your kernel but if you choose the local installation, all packages have been precompiled. An online installation is planned but is much more "risky" because of compilation failures or packages blocked by a special portage snapshot (ie shadow pam-login).

mm what else...ahh yes, don't forget to have fun with it!!

and please do not run it on an actual production system, it is NOT a mature project, do not come and wine if you break anything.

Thanks to all of your different experiences, I can make this, and because of this I'm having fun. So cheers for giving me so much fun

bless all

EDIT: SCSI SATA support has been added t the next 0.1.5 release, stay tuned (20070305)

[Support] System Encryption DM-Crypt with LUKS

Genkernel 3.4

Re: Genkernel 3.4

gentoo LUKS installer