My thoughts on Slackware, life and everything

Tag: uefi

Secure Boot support landed in liveslak 1.5.0

Secure Boot ???

Secure Boot is part of the UEFI specification and first appeared in the Unified Extensible Firmware Interface (UEFI) 2.3.1 specification (Errata C). It is meant to prevent the execution of unauthorized code upon boot of a computer. Most modern Personal Computers will have a way of enabling Secure Boot in UEFI, but it is common to leave it disabled if you are not running a Microsoft OS on it since Microsoft controls Secure Boot.
For dual-boot scenario’s the story is different however. Microsoft Windows 8 and 10 advise to have Secure Boot enabled but don’t enforce it, but as far as I know, for Microsoft Windows 11 enabling Secure Boot will be a requirement to get full upgrade support.

Microsoft’s own Windows OS-es fully support Secure Boot (naturally), but non-Microsoft Operating Systems that want to boot on a Secure Boot enabled computer, must have an initial bootloader which has been cryptographically signed with the ‘Microsoft UEFI CA‘ key. Getting Microsoft to sign a 3rd-party (mostly Linux) bootloader is a complex procedure which involves money (but not always) and establishment of trust. You need to realize that if a malicious bootloader gets accidentally signed by Microsoft, this bootloader could be used to deliver all kinds of nasty to every Secure Boot platform in existence. And that would defy the whole purpose of a tightly controlled ‘Secure Boot‘ environment.

It’s likely that more and more computers with MS Windows installed or with a dual-boot configuration will have Secure Boot enabled in the near future. For Slackware and its derivatives, including my liveslak based ISOs, this is a potential problem because Secure Boot is not supported yet and therefore our OS will not launch.
Additionally, one of the use-cases of liveslak ISOs is to take it along with you on a USB stick on your key-chain and boot random PC hardware with it – just for fun, or to test the Slackware compatibility of new hardware, or simply to have your Slackware desktop with you on a stick all the time.
A liveslak ISO will be a lot less useful if every PC you encounter has Secure Boot enabled.
So I set out to find a solution.

One possible way out of this dilemma is to acquire a Microsoft-signed first-stage bootloader, just like Red Hat, Fedora, Debian, Ubuntu and the other big brothers already provide. Like said before – this process is complex and I am not able to satisfy the requirements at the moment. In future, who knows? I am working on that.

Alternatively, and other small distros seem to do this too, an already signed bootloader can be ‘borrowed’ from another distro and used to boot a liveslak ISO. But that has consequences which I will elaborate further down. This is the solution I chose.

Note: In case you have doubts: the liveslak ISOs support Secure Boot from now on. But nothing changes when your computer does not have Secure Boot enabled. Slackware Live Edition will boot and work exactly like before.

Boot sequence

Let me give a quick and dirty and possibly not 100% terminology-accurate explanation of the boot procedure in a Secure Boot computer.

  • The TPM chip in the computer may be used to store a bunch of (Microsoft) security certificates which are trusted by the Secure Boot subsystem of UEFI, as well as (potentially) a list of certificates that have been revoked due to security violations. Otherwise these keys are stored in NVRAM (non-volatile RAM).
    Secure Boot will load only bootloaders that have been signed by a trusted Microsoft certificate. The most widely used Linux bootloader which Microsoft accepts for signing is the ‘shim‘, a trivial application which does not do much more than verifying the signatures of the second-stage bootloader which it is hard-coded to look for. A signed  ‘shim’ binary also contains an embedded SSL certificate of the distro that owns the shim binary.
    The shim accepts two certificates when it checks the signature of the second-stage bootloader and other binaries: one is the Microsoft certificate and the other is this embedded distro certificate. This allows such a distro to provide a nice unattended problem-free boot on every computer with Secure Boot enabled.
  • The shim loads the second-stage bootloader, this is most often the Grub2 bootloader but it could be any EFI image file (such as rEFInd). The hard-coded default filename that the shim will attempt to load is ‘grubx64.efi’ so whatever your distro bootloader, it needs to be renamed to that.
    Shim will check the signing certificate of that file and will proceed only if it recognizes the certificate as valid.
  • Grub will be informed by the shim that it loads in a Secure Boot environment and because of that, Grub will ask the shim if it is OK to load the kernel it is configured for. Shim will check the signing certificate of your kernel and will signal an ‘OK’ to Grub only if it recognizes the kernel’s signing certificate as valid.
  • Your Linux OS will now boot properly.
    But what happens if Grub or the kernel are not signed, or when they are signed with an un-recognized certificate? Well, your computer will refuse to boot.

Lack of trust

The problem for liveslak (and for Slackware) is that neither Patrick nor I own any of the private keys corresponding to the SSL certificate that these big distros embed in the signed ‘shim’ binary they provide (naturally). Therefore I must sign the liveslak grub and kernel images using my own private key and public certificate pair.
The public certificate I use for signing is not recognized by UEFI SecureBoot, since it is not embedded in any bootloader which has been signed by the Microsoft Certificate Authority. If Secure Boot is enabled then the signing certificate of liveslak’s grub and kernel images will not be accepted by shim… and the Live OS fails to boot.

As the owner of your PC, you can clear the Microsoft certificates from the local certificate store and load your own certificate instead. Your computer will then boot without issue because your bootloader finds the certificate that it is validating in the trust store.
This is probably the best solution if you are never going to run MS Windows on it anyway. But if you do, or might, or if you want to provide a solution that works on a multitude of computers besides your own, you need to come up with something else.

You are the Machine Owner

Lucky for us poor distro developers, Secure Boot recognizes a database of Machine Owner Keys (MOK) next to the Microsoft trusted keys. And you are the Machine Owner if you have physical access to the computer and know the password to unlock the MOK database (it is empty by default).
The MOK can be populated with public keys of your own making, or of your friends… and/or with liveslak’s public key. And then the shim will accept liveslak’s signed Grub and kernel… and liveslak will boot just fine.

Managing Machine Owner Keys (MOK)

My repository contains two relevant packages: mokutil and sbsigntools. The mokutil package contains the ‘mokutil’ program which allows you to query the SecureBoot NVRAM and to manipulate MOK certificates (the latter only if Secure Boot is enabled). The sbsigntools package contains ‘sbsign’ which is used by liveslak to cryptographically sign the Grub and kernel images.

To check whether Secure Boot is enabled, run:

# mokutil --sb-state

If this returns “Secure Boot enabled” then you are probably running a commercial Linux distro :-). In this case, you can generate a MOK enroll request to the shim before rebooting:

# wget https://download.liveslak.org/secureboot/liveslak.der
# mokutil --import liveslak.der

You will be prompted for an optional password. If you enter one, this password then needs to be entered again after reboot to complete the MOK enrollment.

If Secure Boot is not enabled, don’t worry: you can still enroll this ‘liveslak.der’. Just continue reading.

Adding liveslak.der certificate to MOK database

The remainder of the article will describe in detail how to add the liveslak public key (a SSL certificate) to the MOK if you were unable to use the mokutil program as described above.

Note that adding the certificate is a one-time action. Once the MOK database contains the liveslak certificate, future liveslak ISOs will boot on your SecureBoot-enabled computer out of the box.

Enable Secure Boot in your UEFI (press F1 or whatever key your computer needs to enter setup and find the proper menu to enable SB). Then reboot your computer with a liveslak (1.5.0 or later release) medium inserted.
UEFI will look for the first-stage bootloader on the liveslak medium in the ESP partition (ESP = EFI System Partition which is a FAT partition with partition type 0xEF00). According to UEFI spec, it wants to load the file ‘/EFI/BOOT/bootx64.efi’. The Fedora ‘shim’ binary which is now contained in the liveslak ISO has been renamed to that exact filename. Shim loads, it will try to load our Grub and discovers that its SSL signature is invalid/unknown. Shim will then ask you if it should load the MokManager instead (the ‘mmmx64.efi file in the same directory) which is signed with the distro certificate embedded in the shim.

If you press ‘any key’ within 10 seconds, the MokManager will load and you will have your opportunity to enroll the ‘liveslak.der’ certificate. If you wait instead, the computer reboots and if you had already made an enrollment request as described in the previous paragraph, that request will then be erased and you’ll have to try again.
If MokManager loads, it will show the below screen if you created an enrollment request before the reboot. Select the “Enroll MOK” to complete that enrollment request.


If you entered a password during the “mokutil –import” command you will have to enter that same password next:

 

If you did not create an enrollment request prior to reboot, then this particular menu item will not be present and you should use the “Enroll key from disk” menu instead.
A simple and spartan file browser will be your guide towards the ‘/EFI/BOOT/’ directory on the liveslak medium; select ‘liveslak.der’ file and confirm.
After enrollment of the ‘liveslak.der’ certificate, you must reboot.

After the reboot, your Slackware Live Edition should boot as usual. If you watch closely you will see a flash right before Grub loads – that is the shim loading right before it.

Now, you can check that Secure Boot is actually enabled:

root@darkstar:~# dmesg |grep -i secure
[ 0.016864] Secure boot enabled

Cool!

Download Slackware Live Edition

You can find a set of new ISOs based on liveslak on download.liveslak.org/latest/, the 64bit versions of them support Secure Boot.
I tried also generating 32bit ISOs but they refuse to load the init script. The kernel loads, it unpacks the initrd image, but then the boot process stalls right before control is handed over to the initrd. I have no idea why. I tried generating ISOs with an older release of liveslak (1.4.0) that had proven to produce working 32bit ISOs but no luck. Something in the new 5.15 kernel perhaps which liveslak fails to add to the ISO? Suggestions are welcome.

It will probably work best if you use the ‘iso2usb.sh‘ script provided with liveslak to transfer the ISO content to a USB stick, it will give you a persistent environment with optional data encryption and apparently this will allow it to boot on a lot more computers.

Get liveslak sources

The liveslak project is hosted in git. Its browsable cgit interface is here: https://git.liveslak.org/liveslak/

A set of the liveslak scripts can also be downloaded from http://www.slackware.com/~alien/liveslak/ or https://slackware.nl/people/alien/liveslak/

The liveslak public key (SSL certificate in DER encoding) that you need to enroll can be downloaded from https://download.liveslak.org/secureboot/liveslak.der

Let me know your experiences!
Cheers, Eric

Slackware Live Edition

I thought it would be a cool idea to celebrate the “farewell to udev”. With the abandoned ConsoleKit replaced by ConsoleKit2 which is actively maintained by the Slackware-friendly XFCE crew, and Gentoo’s eudev taking the place of udev, we are well equipped to keep systemd out of our distro for a while. Basically eudev contains the udev code as found in the systemd sources, but then stripped from all standards-violating systemd crap and with a sane build system. Hooray, we’re back in business and eudev gained some more traction. Win-win.

How to celebrate the occasion? Easy! By releasing the Slackware Live Edition.

liveslak-1.0.0

Please also check out the original announcement text (moved to a different page) and the follow-up articles on “liveslak” which explain how this project grew from its humble beginnings.

First teasing screenshots of my (then still called) “Project X” were revealed in a blog post in November 2015. I wrote the original annoucement a week later, also in November, on this exact blog page. However, the original text talked about being beta, incomplete and in need of testing. In the meantime, this page’s URL is being linked to from everywhere and I get many questions about “when will it be ready” so I decided to re-write this text into a proper reference page and moved the original text to a different location for posterity.

Note for clueless newbies

The Slackware Live Edition comes with two user accounts: user ‘root’ (with password ‘root’) and user ‘live’ (with password ‘live’). My advice is to login as user live and use “su” or “sudo” to get root access.

Note: the “su” and “sudo” commands will ask for the ‘live’ user’s password!

What is Slackware Live Edition, and what is liveslak?

Slackware Live Edition:
It is a version of Slackware (14.2 and newer)  that can be booted and run directly from a DVD or a USB stick. It is distributed as an ISO image and meant to be a showcase of what Slackware is about. You get the default install, no customizations, but with all the power. You do not have to install Slackware to your harddisk first to experience it first-hand.

Liveslak:
The combination of scripts, bitmaps and configurations to generate the ISO images are called project “liveslak“.

Let me state the reasons I had for starting this “liveslak” project (apart from sheer curiosity):

  1. Provide a Live version of Slackware proper – i.e. show Slackware as it is, but without having to install it. No hiding of kernel messages scrolling across the screen at boot – no custom wallpapers, etcetera. Meant for education and demonstration purposes.
  2. The target should be slackware-current – the bleeding edge. Many people want to know what that looks like but are hesitant to install slackware-current for fear that it breaks stuff and causes productivity loss.
  3. Provide a way to generate a Live ISO with just Slackware packages as the source – fully scripted and deterministic.
  4. Still be able to customize its content – for instance provide stripped-down or minimalist versions of Slackware but also allow for the inclusion of 3rd party packages.
  5. Option to create a bootable USB stick running Slackware Live (which is different from ‘dd’-ing the hybrid ISO to a USB stick!)
  6. Keep It Simple Stupid!

… but I had not anticipated the expansion of scope that can be attributed to the people who have been testing all my Beta versions. They came up with real-life use-cases, worthwhile additions and fixes. My thanks go out to all of you! The “liveslak” is so much more now then I initially conceived. Instead of being just a simple demo-toy it is now usable as a full-blown Live work environment in its own right. I carry a USB stick with a secured Slackware Live on my key chain all the time.

Highlights of Slackware Live Edition

Properly documented

The Slackware Documentation Project contains extensive documentation about “liveslak“, both for users of the Live OS and for people who want to know “how it works”  and want to develop a custom Live OS.
Check it out please, in particular all the boot options for the Live OS.

Good hardware support

The Live OS boots on “good old” BIOS computers but also on modern UEFI hardware (disable secure boot first). The kernel and userland software in the OS is fully up to date and supports modern and older hardware. If your computer does not support a 64bit Operating System then you can just download the 32bit version of Slackware Live Edition.

Persistence

Slackware Live Edition is persistent if you install its ISO to a USB stick using the “iso2usb.sh” script. Persistence of a Live OS means, the things you change or add (or delete) are stored on the USB medium and will survive a reboot. As opposed to the raw ISO image (burnt to a DVD or ‘dd’-ed to a USB stick) which is a pure Live OS where all your modifications are written to a RAM disk and gone when you reboot.

A feature I consider crucial for a persistent Live OS on a USB stick that you carry around with you in your jacket pocket is… data protection!

Data encryption

How do you protect the stuff you are accumulating in your live user’s homedirectory, such as passwords, confidential documents, GPG and SSH keys etc? You lose the USB stick, someone else may steal it – your sensitive files will be compromised. Therefore the Slackware Live Edition allows you to apply strong, unbreakable encryption to your precious data. You have the option to create a LUKS-encrypted container file in the Linux filesystem of the USB stick. The filesystem inside that encrypted container will then be mounted on the /home directory of the Live OS when it boots.
When creating the LUKS container you must enter a passphrase which will be used to encrypt all your data. During the boot-up of the Live OS, you will be prompted to enter this exact passphrase again which will then unlock the container and make your data available. On shutdown, the container will be locked again and a potential thief of your USB stick will be unable to get to the files  (i.e. your homedirectory) which reside in the encrypted LUKS container.

Multiple OS variants or flavors

The “liveslak” scripts are able to generate a variety of Slackware Live ISO flavors: SLACKWARE, XFCE, PLASMA5, MATE, CINNAMON, CUSTOM. The locations where you can download these ISO files are shown in the next paragraph.

  1. By default, “liveslak” creates a 3 GB large ISO from scratch that will give you a complete 64bit Slackware-current Live Edition.
  2. The scripts can also create a 700 MB slimmed-down XFCE version with XDM as the graphical login manager which fits on a CDROM medium or a 1 GB USB stick.
  3. A 4 GB ISO image of Slackware64-current containing Plasma 5 instead of KDE 4 is also an option. The PLASMA5 variant is spiced up with several other packages I maintain: vlc, libreoffice, calibre, qbittorrent, ffmpeg, chromium, openjdk, veracrypt.
  4. The option to generate a 2 GB ISO containing either the Mate or the Cinnamon desktop instead of Slackware’s own KDE 4 could be added courtesy of Willy Sudiarto Raharjo’s repositories.
  5. The “liveslak” scripts allow a large degree of customization so that you can create “your own” variant of a Slackware based Live OS. One example of what’s possible is the Live Edition of Cinelerra CV.

 No custom kernel or 3rd party tools needed

The main script “make_slackware_live.sh” creates an ISO from scratch. The script installs Slackware packages or package sets into compressed “squashfs” modules, configures and optimizes the target filesystem to be run as a Live environment, and then generates an initial ramdisk that will assemble the Live environment when you boot. All that is put into a bootable ISO image file. Thanks to Linux kernel 4.x and the squashfs-tools package added to Slackware 14.2, the process requires no compilation nor does it need non-standard packages to create a Slackware Live Edition (of course, the Plasma, Mate and Cinnamon flavours do require 3rd party packages). The downside is that the ISO has to be created on Slackware 14.2 (older versions of Slackware do not have the proper tools or kernels). It follows that the only Slackware release which is supported as a Live Edition is 14.2 and the “-current” development tree. All future releases will be supported too of course.

Install the Live OS to your hard drive easily

The included program “setup2hd” (all ISOs except the small XFCE variant) is a modified Slackware installer which will guide you through the familiar setup menus and install the content of the Slackware Live Edition to your hard disk. The “setup2hd” program can be run from your X session so that you can keep interacting with the Internet while Slackware installs itself.

setup2hd

Start the builtin PXE server and let the whole LAN run Slackware Live

Load the Live OS into RAM using the “toram” boot parameter and then start “pxeserver” from an X terminal. All computers in your LAN will be able to boot Slackware Live Edition from the network now. Ideal for a hackfest.

pxeserver

Download the ISO images

As stated above, you can choose between several variants of Slackware Live Edition. ISO images for the SLACKWARE, XFCE, PLASMA5 and MATE flavours using the latest Slackware-current packages are available.

The ISO images (with MD5 checksum and GPG signature) are available on the master (bear) and its mirror servers. A symlink called “latest” will always point to the latest set of ISO images.

And if you love the bleeding edge, an ISO file for slackware64-current is automatically (re-)generated every time there is an update to the ChangeLog.txt of Slackware-current. You can find this ISO image here:

Download the source

Git repository for the scripts can be found here:

A checkout of the repository can be found here:

Transfer the ISO content to a medium

  • You can burn the ISO file to a CDROM medium (only the XFCE Edition fits on a CD) or to a DVD,using your favorite burning program like k3b (KDE), xfburn (XFCE), xcdroast (plain X-Window) or brasero (GNOME)… or a Windows burning program if you want.
    Make sure you inform the application that this is a bootable ISO, i.e. do not simply burn the contents of the ISO to a disk.
  • Or, you use the program ‘dd’ or else ‘cp’ to transfer the ISO to a USB stick (aka flash drive). Any of the following two commandlines will do the job, provided your USB stick is known by your Linux computer as “/dev/sdX“. Note that sdX means the whole disk, not a partition on the disk!

    $ dd if=slackware-live-14.2.iso of=/dev/sdX
    $ cp slackware-live-14.2.iso /dev/sdX

    This creates a read-only bootable USB medium containing Slackware Live. Readonly means that you will not get persistence this way. This method is similar to using a DVD medium. If you want a writable USB stick instead, read the next option.

  • You can use the ‘iso2usb.sh’ script to transfer the content of the ISO to a USB stick, thereby adding persistence to the Live OS on the stick. The stick will remain writable and you can add new modules later on if you want.
    You can find extensive documentation on the usage of that script on the Slackware Documentation Wiki.

Booting the Live OS

When you boot Slackware Live on a BIOS computer, Syslinux will handle the boot and show the following menu:

  • Start (SLACKWARE | PLASMA5 | XFCE | MATE) Live (depending on which of the ISOs you boot)
  • Non-US Keyboard selection
  • Non-US Language selection
  • Memory test with memtest86+

You can select a keyboard mapping that matches your computer’s. And/or boot Slackware in another language than US English. You will probably want to change the timezone; syslinux allows you to edit the boot commandline by pressing <TAB> because the syslinux bootmenu does not offer you a selection of timezones.

On UEFI computers, GRUB2 handles the boot and it will show a menu similar (and similarly themed) as the Syslinux menu:

  • Start (SLACKWARE | PLASMA5 | XFCE | MATE) Live (depending on which of the ISOs you boot)
  • Non-US Keyboard selection
  • Non-US Language selection
  • Non-US Timezone selection
  • Memory test with memtest86+

Editing a Grub menu is possible by pressing the ‘e’ key. After making your changes to the boot commandline, press <F10> to boot.

Another difference between Syslinux and Grub menus: in Grub you select keyboard, language and/or timezone and you’ll return to the main menu every time. You still have to select “Start Slackware Live” to boot. In the Syslinux menu, only the keyboard selection menu will return you to (apparently bot not actually) the same main menu. The non-US language selection will boot you into Slackware Live immediately without returning to the main menu. A limitation of syslinux.

liveslak-0.9.0-xfce

 

Things to remember when you boot the ISO

Slackware Live does not log you on automatically! This is a demonstration environment, with the purpose of getting you acquainted with Slackware, remember? Therefore you will first see all these intimidating kernel messages scrolling across the screen while booting the OS. Then you need to login manually.

Consult the documentation for assistance with the various boot parameters you can use to tailor the Live OS to your needs. The syslinux boot has help screens behind the F2, F3, F4 and F5 function keys and the grub boot screen has a “help on boot parameters” menu entry.

How to create a persistent USB stick from the ISO?

The ISO can be burnt to a DVD or copied to USB stick using ‘dd’ or just plain ‘cp’, but that will give you a read-only medium because all changes to the Live OS are in fact written to your computer’s RAM and lost when you reboot.

Use the ‘iso2usb.sh‘ script to create a Live OS on the USB device with persistence.

Note: The “iso2usb.sh” script can also be found in “/usr/local/sbin” when you boot Slackware Live Edition.

By default, the changes you make while running Slackware Live will then be preserved across reboots because the OS will write all these changes to the directory “persistence” in the root of the USB device. The script requires an input and an output parameter at a minimum:

# ./iso2usb.sh -i ~/Download/slackware64-live-14.2.iso -o /dev/sdX

… where /dev/sdX is the device name of your USB stick (the actual device, not a partition on the device).

Alternatively you can use a file “persistence.img” in the root of the USB device which will be loop-mounted by the Live OS and changes to the system will be written to the filesystem inside this container file. A feature which should be appreciated by people who want to use a USB stick with a VFAT partition instead of a Linux ext4 partition. The script requires an additional parameter “-P” in this case:

# ./iso2usb.sh -P -i ~/Download/slackware64-live-current.iso -o /dev/sdX

Note that your USB stick will get formatted by the script – erasing all data currently stored on it. The iso2usb.sh script will pause to show you the characteristics of the target device and ask you once more if you really want to continue erasing it. You will not easily destroy your hard drive unless you are really not paying attention!

How to create a LUKS encrypted homedirectory container?

The iso2usb.sh script has a parameter “-c” which takes a size argument. If you want to create a 400 MB encrypted container file to hide your homedirectory in, then you need to specify “-c 400M”. If you want 2.5 GB for your homedirectory, use “-c 2.5G”. If you are not concerned so much with the exact size but want to allocate a percentage of the free space on the stick, then use “-c 40%” to create a LUKS container that uses 40% of the available free space.

Now to put that into an actual example command line which will create a file (its name will be “slhome.img”) using up 50% of the free space on the stick:

# ./iso2usb.sh -i slackware64-live-xfce-current.iso -o /dev/sdX -c 50%

When the script gets to the point where it creates the LUKS container file, it will prompt you for a passphrase which will be used for encrypting and decrypting the container’s data. Right after that, the script will prompt you to enter that passphrase again when the LUKS container is unlocked and the ISO’s /home content is copied into the container.

Help, I messed up my persistent USB stick!

You can still boot a USB stick containing persistence and/or encrypted LUKS homedirectory to a “pristine condition”.

Suppose you screwed up somehow and the USB stick won’t work properly anymore or won’t even boot to the desktop. If this happens, you can still boot the original unmodified Live OS, discarding all your accumulated persistent changes. The unmodified OS should always boot unless your USB stick is physically damaged.

You have two options to solve the levels of brokenness:

  1. Start by adding the boot command parameter “nop” which stands for “no persistence”. The “nop” boot parameter will  cause Slackware Live to ignore your persistent data, as most probably the persistent data store will contain the cause of your issue. Even when passing “nop” to grub or syslinux, Slackware Live will still mount your encrypted LUKS container on the /home directory if you are using that. It is possible that your issue is somewhere in your homedirectory (for instance you might have an issue with configuration files in ~/.local ~/.config or ~/.kde).
  2. If you want to ignore any LUKS container as well as ignoring the persistent storage, and use the /home directory of the original Live OS, an additional parameter “luksvol=” must be added to the boot commandline. Note that there is nothing at the right side of that equal sign! The two parameters together look like “nop luksvol=“.

After logging in to a pristine Slackware Live you can then remount the Linux partition of your USB stick to make it writable:

# mount -o remount,rw /mnt/livemedia

Now that the USB stick’s partition is writable you can either prune the persistence directory “/mnt/livemedia/persistence” (i.e. delete all data in there) and/or fix the content of your LUKS container file “/mnt/livemedia/slhome.img“.

Have fun! Eric

Below, you will find all the comments made by visitors since the original announcement was posted here on the blog.

A glibc-2.17 multilib update for slackware-current

Today’s update to the Slackware-current ChangeLog.txt comes with a large piece of communication by Pat Volkerding. A new kernel, a start of UEFI boot support in the Slackware installer, and new glibc packages are the most important changes mentioned in the post. If Pat had a blog this would definitely be a proper “blog post” considering its size. A recommended read for followers of the Slackware development effort.

Of course that glibc update warrants a companion update of the multilib packages which I maintain on the side. Check out these download locations:

Remember, multilib configuration is (only) needed if you want to use binary-only 32-bit software on 64-bit Slackware – think of Valve’s Steam Client, the WINE emulator, Citrix client etc.

If you are looking for instructions on how to add or update multilib on your 64-bit Slackware, check out our Slackware Documentation Project which has this information and much more.

Cheers, Eric

 

© 2024 Alien Pastures

Theme by Anders NorenUp ↑