Wednesday, June 3, 2015

Linux 4.1.0-rc6 on the Alix 2d3

The Alix 2d3 is not exactly the newest of devices but I still like it. While the last kernel config I posted was for linux 3.4.0-rc5, I progressively went through the introduction of systemd in Debian and currently I'm running linux 4.1.0-rc6. If anyone finds it useful, here is my 4.1.0-rc6 config.
There are some important changes compared to the linux 3.4.0-rc5 config:

  • enabled options that are required for systemd (cgroups: CONFIG_CGROUPS, autofs: CONFIG_AUTOFS4_FS)
  • enabled seemingly useless dnotify (CONFIG_DNOTIFY) without which NFS refuses to start
  • enabled nftables, but iptables is still included (both as modules), so either of the two can be used
  • finally disabled IPsec... I used to be swayed by the "If unsure, say Y."
  • enabled dm-crypt for encrypted media
  • disabled CONFIG_CRYPTO_DEV_GEODE (Support for the Geode LX AES engine) -- there are more than enough ways the NSA can compromise our systems even without this
  • enabled extended FS attributes, security labels (FS capabilities) and ACLs
  • enabled the shiny-new ext4 encryption option (CONFIG_EXT4_ENCRYPTION)
  • disabled local file systems other than ext2/3/4, msdos, vfat, ntfs, with only ext4 being built in; the others that are enabled are built as modules
  • enabled CIFS (samba)
  • enabled VLAN support (CONFIG_VLAN_8021Q)
This means the following should work:
  • using the kernel with systemd
  • using encrypted storage (cryptsetup)
  • the Alix button, LEDs and watchdog
  • nftables
  • setcap/getcap, setfacl/getfacl
  • NFS and samba sharing/mounting
Still disabled are things like USB mice and keyboards. If you need these, you need to enable them yourself. Also, WiFi is not enabled in the sample config -- this needs to be enabled based on what WiFi card, if any, you have in your Alix.

No comments:

Post a Comment