Copyright © 2000 Trustix AS
This document attempts to describe the installation of Trustix Secure Linux. In the example used here, we install the system from CD-ROM and over a network onto the primary master IDE disk. Hopefully, you will be able to use these instructions to install on a different system.
The easiest way to start the installation, if supported by your system, is to boot from the CD-ROM media. To do this, you must change the appropriate settings in CMOS setup and then boot with the CD media inserted into the CD-ROM drive on your computer.
You can also create a boot disk with the program `rawrite.exe' located in the dosutils directory on the CD, or use `dd' on a Unix computer to create the disk. The disk image is called boot.img and is located on the CD.
The first screen you come to after starting, is the selection of character set. Choose the one that fits your preferred keyboard setup. As this is written in Norway, we use no-latin1. You will probably know best yourself which one you want on your computer.
Just press the Enter key for OK on the next screen which tells you to read this document.
If you want to upgrade from a previous version of Trustix Secure Linux, you will want to choose ``Upgrade Existing Installation''. For a new server, or a computer already running another operating system, you will want to choose ``Install New System''.
Use the TAB key and the arrow keys on the keyboard to move around, Enter to select, and the space bar to tick and untick boxes.
To install on a computer with no previous installation, choose ``Install New System''.
You will need at least two partitions for Trustix Secure Linux -- One for the root file system, and one for swap. Unix gurus will probably advise you to create more partitions, which is good advice. The size and names of partitions is very much based on taste, but something like the following should be OK:
Make sure the root partition (/) or a dedicated /boot partition is put near the beginning of the disk, as this is needed for some systems to boot properly.
To create partitions, you can either use `Disk Druid' which is easy, or `fdisk' which is more powerful, but harder to use. Here, we document the easy way out, which is Disk Druid. People who prefer fdisk will generally know what to do already.
First we create the swap partition. Choose the `Add' button using the arrow keys and TAB and press Enter to select it. Press TAB three times to go to the `Type' selection. For our swap partition we will, not surprisingly, choose ``Linux Swap'' as type. Do this with the arrow key.
Type your wanted partition size (in megabytes) into the ``Size (Megs):'' field.
The choice of allowable drives tells the program which drives are availible for the partition currenly being created. Choose the one you want the swap partition to reside on, and untick the others.
To create the partition, hit OK.
Add the rest of your preferred partitions and choose their mount points. The mount point tells the system where in the filesystem tree the partition should be located. Note that the filesystem type here should be `Linux native', which is the default.
If this is the only other partition you want to create, you could set it to use all the space left on the disk in two ways:
When you're happy with your partition selections, hit `OK' to proceed. You will probably want to ``Save Changes'' so hit yes there.
You will probably want to format your new partitions. Hit `OK' to do so. Note that you can untick any partitions you do not want to format (for example if the TSL system inherits an old /home partition).
The LILO boot loader is necessary to start up Trustix Secure Linux, so you will need to install this.
You will first be asked if you want to use specific options for LILO. In most cases, this will not be necessary. If you are using a newer IDE disk based system, ticking the `lba32' selection box would probably be nice.
Installing it in the Master Boot Record is necessary if you do not already have another boot loader on your system that you want to use to bootstrap the new lilo.
If you have several operating systems on the same computer, LILO can be set up to boot these other systems in addition to Trustix Secure Linux. If you only have Trustix Secure Linux on this system, you can just hit `OK'.
You will be asked to type in the hostname of your computer. This should be the whole fully qualified DNS name, not just the name of the computer. Next, you have to type in some information about your network. You have to know the IP address, netmask, gateway and nameserver.
If you have more than one network card (normal for a router), you will be asked for information about all of them. Note that the installer provides no option to let you choose which network card gets wich configuration - You will have to figure this out after the install.
You must tell the system what part of the world you are in. Choose the timezone applicable for your location. Here, we generally choose Europe/Oslo, as Oslo is the capital of Norway.
To enhance the security of your system, you should enable Shadow Passwords and MD5 passwords. If you want the machine to be part of a NIS network for sharing passwords, you must also enable NIS.
For most systems, the defaults should be good here.
The root password is the password for the administrator account on the system. The password set here should never be anything easily guessable. Refer to the user manual to get some hints on choosing a good password.
You shoul add a normal user account and use this for all tasks arount the system that do not explicitly require that you are `root'. Type in the username in the `User ID' field, the users full name in the appropriate field, and set a password for this user too. Again, refer to the manual to find more information on usernames and passwords.
Add as many users as you like (remember that these can also be added later as described in the manual), and then go on with the installation by hitting `OK'
You will now have to select which types of applications should be installed, or just select `Everything' to install them all. Most packages here should be installed to get full use of the system.
You can also choose to select individual packages to get even more control of what is installed.
Should the LILO boot loader for some reason choose not to work, it will be nice to have a boot disk handy. We strongly recommend that you create a boot disk for your system, but it is by no means necessary as long as the system works as it is supposed to.
After the boot disk is created, the next step is to begin the installation. As this might take a while, this is a good time to go get some coffee or other favourite beverage.
When the installation is completed, just hit `OK' to reboot the system, and you're ready to go. Remember to remove the boot media.
Installing over the network is mostly like installing from a CD-ROM. We will only cover the differences here.
You have to create a bootdisk from the file bootnet.img. Use rawrite for this, and boot from the disk.
Here you can choose what site you want to install from. You would probably want an official mirror, as these will generally have the most current version. If you have your own mirror site that you want to install from, you can choose to use this instead.
Note that there might be problems with ftp servers running wu-ftpd 2.6.0 and above, because of an anomaly in this programs protocol implementation.
If you have problems with ftp, and you suspect that there might be a firewall between your computer and the installation server, please try using a http mirror, as this protocol is very much more firewall friendly.
You have to enter information about your network here in much the same way as when installing from CD-ROM. A difference is that with this installation method, you can choose to use a dhcp/bootp server if you have this.
If you chose ftp or http install instead of ``Official mirror'', you will now have to type in the site name and directory in which the mirror is located. The directory you need to specify is the distribution root, probably ending in trustix-1.5/i586/, most importantly containing the Trustix directory which again should have all the rpm files under RPMS.
When the mirror is located, the installation proceeds much like with CD-ROM installation.