-- Leo's gemini proxy
-- Connecting to warp.geminispace.club:1965...
-- Connected
-- Sending request
-- Meta line: 20 text/gemini;lang=en
ISSUED: 2023-11-19 EDITED: 2023-12-07
> 📢 this gemlog is part of series use the link below to go the main menu!
>⚠️ To follow this walk-through you need to read in order the following gemlogs:
Finally I landed on my favorite part of this series of gemlogs, the one where I can… Finally… (breathing…)
📢 📢 📢 GET RID OF SYSTEMDDDDDDDDDDDDDDDDDDDD 🎇 🎇 🎇
This is absolutely amazing! 🍾 🍾 🍾
I have dreamed for years to use any operative system without systemd on my boards and now it is a reality! 😭
This is why I remarked how it was very important the fact that at Libre Computer were able to run a stock Debian instead of some arguable rearrangement… Kudos to them!
As a matter of fact, this allowed me to migrate the system from Debian to Devuan!
Well there are two reasons why I didn't pursue what, based on my opening, sounded more predictable:
1. Some people would prefer to use Debian because systemd and this allows them to install Debian on an encrypted file-system (and I feel sorry for them 😔).
2. Technically speaking bootstrapping Devuan would had increased the amount of pebcak and prevented the former point.
My steps to migrate from Bookworm to Daedalus are almost a carbon-copy of the original documentation plus some tweaks!
I reported it just for the sake of the Gemini readers… 🤗
I already created my USER and added the USER to the SUDO group:
adduser
Create you user and…
adduser YOUR-USER sudo
And now a simple log-out log-in as your NEW-USER to apply the changes
> ⚠️ The migration breaks the dropbear-initramfs it is recommended to have, at least, a keyboard nearby to unlock ROOT
This change should avoid to connect the keyboard to unlock the partition directly from the board.
sudo micro /etc/dropbear/initramfs/dropbear.conf
and change from this:
DROPBEAR_OPTIONS="-p 222 -c cryptroot-unlock"
to this
DROPBEAR_OPTIONS="-p 222" # -c cryptroot-unlock"
I commented the "-c cryptroot-unlock" that isn't going to work.
Last command before to start:
sudo update-initramfs -u
> ⚠️ The migration requires a reboot around step 7
Before to start type: `sudo -s` to get administration privileges!
From:
deb http://deb.debian.org/debian bookworm main contrib non-free non-free-firmware deb http://deb.debian.org/debian bookworm-updates main contrib non-free non-free-firmware deb http://security.debian.org/debian-security bookworm-security main contrib non-free non-free-firmware
to:
deb http://deb.devuan.org/merged daedalus main contrib non-free non-free-firmware deb http://deb.devuan.org/merged daedalus-updates main contrib non-free non-free-firmware deb http://deb.devuan.org/merged daedalus-security main contrib non-free non-free-firmware deb http://deb.devuan.org/merged daedalus-backports main contrib non-free non-free-firmware
apt-get update --allow-insecure-repositories
It will complain but it will be fixed the next step.
apt-get install devuan-keyring --allow-unauthenticated
apt-get update
> ⚠️ be careful NOT to use dist-upgrade here (cit. [1])
apt-get upgrade
> ⚠️ Do not install RUNIT; it caused a lot of problem with the network interfaces that were solved after replacing RUNIT with OpenRC
apt-get install eudev openrc
apt-get -f install
> A reboot is required to change sysvinit (runit…) to pid1 (cit [1]).
reboot
If you are doing then migration headless you need to follow a temporarily work-around, here the steps:
*nix:
ssh -i .ssh/unlock_luks -O "HostKeyAlgorithms ssh-rsa" -p 222 root@[your-assigned-ip] -v
Windows
ssh -i .\.ssh\unlock_luks -O "HostKeyAlgorithms ssh-rsa" -p 222 root@[your-assigned-ip] -v
Inside BUSYBOX:
touch /cryptroot/crypttab cryptroot-unlock
Prompt the passphrase!
> Now perform the migration proper. (cit. [1])
sudo apt-get dist-upgrade
sudo apt-get purge systemd libnss-systemd
apt-get autoremove --purge sudo apt-get autoclean
Unfortunately the standard procedure was unable to remove completely `systemd` thus `libsystemd0` was still there, removing it is a bit convoluted:
sudo aptitude install elogind libpam-elogind policykit-1 --without-recommends
The following NEW packages will be installed:
elogind libduktape207{a} libelogind0{a} libpam-elogind{b}
libpolkit-agent-1-0{a} libpolkit-gobject-1-0{a}
libpolkit-gobject-elogind-1-0{a} pkexec{a} policykit-1
polkitd{a} sgml-base{a} xml-core{a}
The following packages are RECOMMENDED but will NOT be installed:
gnome-flashback gnome-shell lxpolkit lxqt-policykit
mate-polkit phosh policykit-1-gnome polkit-kde-agent-1
polkitd-pkla ukui-polkit
0 packages upgraded, 12 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,418 kB of archives. After unpacking 5,246 kB will be used.
The following packages have unmet dependencies:
dummy-logind : Conflicts: logind which is a virtual package, provided by:
- libpam-elogind (246.10-5), but 246.10-5 is to be installed
- dummy-logind (246.10-5), but 246.10-5 is installed
libpam-elogind : Depends: libelogind-compat but it is not going to be installed
The following actions will resolve these dependencies:
Remove the following packages:
1) dummy-logind [246.10-5 (now, stable)]
2) libsystemd0 [252.17-1~deb12u1 (now, stable)]
Install the following packages:
3) libelogind-compat [246.10-5 (stable)]
Accept this solution? [Y/n/q/?] y
The following NEW packages will be installed:
elogind libduktape207{a} libelogind-compat{a} libelogind0{a}
libpam-elogind libpolkit-agent-1-0{a}
libpolkit-gobject-1-0{a} libpolkit-gobject-elogind-1-0{a}
pkexec{a} policykit-1 polkitd{a} sgml-base{a} xml-core{a}
The following packages will be REMOVED:
dummy-logind{a} libsystemd0{a}
The following packages are RECOMMENDED but will NOT be installed:
gnome-flashback gnome-shell lxpolkit lxqt-policykit
mate-polkit phosh policykit-1-gnome polkit-kde-agent-1
polkitd-pkla ukui-polkit
0 packages upgraded, 13 newly installed, 2 to remove and 0 not upgraded.
Need to get 1,425 kB of archives. After unpacking 4,307 kB will be used.
Do you want to continue? [Y/n/?] y
Aptitude will resolve it leaving some packages with missing dependencies:
util-linux depends on libsystemd0. ppp depends on libsystemd0. lvm2 depends on libsystemd0 (>= 233). libwebkit2gtk-4.1-0:arm64 depends on libsystemd0. libwebkit2gtk-4.0-37:arm64 depends on libsystemd0. libvte-2.91-0:arm64 depends on libsystemd0 (>= 220). libseat1:arm64 depends on libsystemd0 (>= 238). libpulse0:arm64 depends on libsystemd0. liblvm2cmd2.03:arm64 depends on libsystemd0 (>= 233). libjavascriptcoregtk-4.1-0:arm64 depends on libsystemd0. libjavascriptcoregtk-4.0-18:arm64 depends on libsystemd0. libgnome-desktop-3-20:arm64 depends on libsystemd0. gnome-keyring depends on libsystemd0. gcr depends on libsystemd0. bsdutils depends on libsystemd0. at-spi2-core depends on libsystemd0.
> ⚠️ In a different time you may find some of these libraries slightly updates
Reinstalling them but `util-linux` and `bsdutils` and adding `cryptsetp`, `cryptsetup-initramfs` and `dropbear` should fix it:
sudo aptitude reinstall ppp lvm2 libwebkit2gtk-4.1-0 libwebkit2gtk-4.0-37 libvte-2.91-0 libseat1 libpulse0 liblvm2cmd2.03 libjavascriptcoregtk-4.1-0 libjavascriptcoregtk-4.0-18 libgnome-desktop-3-20 gnome-keyring gcr at-spi2-core cryptsetup cryptsetup-initramfs dropbear-initramfs
For some reasons `util-linux` and `bsdutils` cannot be reinstalled, but if you run the command for fixing packages issues it won't find anything to fix:
sudo apt install -f -s Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
Check to see if systemd is still there:
apt list --installed | grep systemd WARNING: apt does not have a stable CLI interface. Use with caution in scripts. libsystemd-shared/stable,now 252.17-1~deb12u1 arm64 [installed]
OH-MY-GOSH!!! 😱
It is resilient like a parasite!!! 😩
Luckily it can be remove without fear!!! 💪
sudo apt purge libsystemd-shared
Completely removed! 🙏
> 💡 Congratulation you finally removed systemd! 👏 👏 👏
> ⚠️ This workaround will modify a system file, you do this at your own risk!
Our hero OP (GMID and Telescope author), suggested a tip to fix the broken script:
sudo micro /usr/share/cryptsetup/initramfs/bin/cryptroot-unlock
> 💡 Copy the first line, paste it above and comment it with a # before, then make the changes to the line below
Modify this block:
if [ ! -f "$TABFILE" ] || [ "$TABFILE" -ot "/proc/1" ]; then # Too early, init-top/cryptroot hasn't finished yet echo "Try again later" >&2 exit 1 fi
into:
if [ ! -f "$TABFILE" ] ; then # Too early, init-top/cryptroot hasn't finished yet echo "Try again later" >&2 exit 1 fi
Basically this is what should be removed:
|| [ "$TABFILE" -ot "/proc/1" ]
Update the initramfs:
update-initramfs -u
This section couldn't miss! 😎
dpkg-reconfigure grub-efi-arm64
it will be prompt some questions, mostly are default, what you have to care are:
Install grub on the extra path
Install grub on the NVRAM
After that you can update grub:
update-grub
sudo aptitude remove base-files
Don't remove but downgrade the package!
sudo apt install cpufrequtils sudo micro /etc/default/cpufrequtils
Paste inside:
# valid values: userspace conservative powersave ondemand performance # get them from cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_available_governors GOVERNOR="ondemand"
Since the OS boot and work properly even if that partition is not mount — as a matter of fact GRUB must be installed in the "extra media path" — I am not even sure having that partition mounted is actually needed as in a x86 installation. Since the partition it is not required to boot it can be mount later thanks to CRONTAB and the @reboot macro!
> ⚠️ This operation must be performed as root or with `sudo`
sudo crontab -e
and add:
@reboot mount /dev/disk/by-label/EFI /boot/efi
> ⚠️ Several issues caused by runit started to appear the day after I issued this gemlog. Therefore I made some updates: 1. I replaced runit with openrc, I also added a new section "CAVEATS" with further tuning.
Now I got my Devuan since this board doesn't get official support from FreeBSD and OpenBSD either. For me is a great improvement, I already got decent performance and better usability respect Armbian, Devuan is way more lighter and the lack of systemd make the use and the maintenance of the OS much easier.
This gemlog close the series and now I can finally prepare the main true topic; I haven't decided yet if fitting everything into one big gemlog or if creates the main one and a fourth auxiliary gemlog.
That's all, please should you find any typos or other mistakes do not hesitate to contact me by email! 🙏
────────────
For comments or suggestion write me at:
-- Response ended
-- Page fetched on Tue May 21 13:57:33 2024