Zerocat Machine with GNU Guix System (encrypted) – Get Started ============================================================== Copyright (C) 2021, 2022 Kai Mertens Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the section entitled "GNU Free Documentation License". Introduction ------------ Your Zerocat Machine is a liberated ThinkPad Laptop, which starts with free, trustworthy software right at power-up. The motherboard’s firmware has been deleted and – as far as achievable – replaced by free licensed firmware. This liberating procedure is explained in more detail within the project documentation of Zerocat Coreboot Machines: The firmware replacement itself has been processed by means of Zerocat’s Chipflasher, an electronic device that respects and maintains essential freedoms of computer users: The same applies to the selected operating system, GNU Guix System, which invents new, technical milestones for the GNU System, as founded by Richard M. Stallman. Passwords --------- ### Within Chip The GRUB2 console or some entries of the boot menu might be protected by a password. Use the following credentials if being asked for: * GRUB2 Username: * Password: This GRUB2 username and its password can be changed by flashing a newly configured ROM image to the motherboard’s BIOS chip. It is *not* easily changed by software. ### Partitions on Internal SSD All partitions on your internal SSD are *encrypted* via LUKS and need to be unlocked during boot. Depending on the type of your disk’s partition table, these are the names of your partitions: * root partition - MS-DOS Partition Table: `(ahci0,msdos1)` aka `/dev/sda1` aka `cryptroot` - GPT Partition Table: `(ahci0,gpt1)` aka `/dev/sda1` aka `cryptroot` Password: You can change its password by means of `cryptsetup` fromout your operating system. See `info cryptsetup` for usage information. * home partition - MS-DOS Partition Table: `(ahci0,msdos5)` aka `/dev/sda5` aka `crypthome` - GPT Partition Table: `(ahci0,gpt3)` aka `/dev/sda3` aka `crypthome` Password: You can change its password by means of `cryptsetup` fromout your operating system. See `info cryptsetup` for usage information. ### Accounts of the GNU System Your GNU Guix System might be shipped with three user accounts preconfigured, *root account*, *admin account*, and *normal user account*. If a *normal user account* is not yet configured, check the current system configuration file `/run/current-system/configuration.scm` for an out-commented template entry. * root account (root user, fully priviledged, administrative purposes only) - Username: root - Password: The password can be changed by means of `passwd`. See `info passwd` for usage information. * admin account (administrative user, priviledged, standard administrative purposes) - Username: user0 - Password: The password can be changed by means of `passwd`. See `info passwd` for usage information. * normal user account (normal user, no priviledges, every-day use, internet use) - Username: user1 - Password: The password can be changed by means of `passwd`. See `info passwd` for usage information. At the graphical login prompt, you might select the admin or the user account, but not the root account. To login as root, a virtual linux console or a user’s terminal is required. Boot your Machine ----------------- ### Radio Devices You might want to disable radio devices by using the laptop’s kill switch, if any. It is often located at one of the device’s edges. ### Enter Passwords The entry of passwords will not be displayed on screen, thus no characters are to be seen. Enter your password blindly and finalize the entry with the “Enter” key. In case of a typo, you can still use the backspace key for correction, but you won’t see a cursor on screen. ### Power On Switch your device on and wait for the boot menu to appear. 1. Type hotkey “x” to adjust the keymap for GRUB2. You will enter a dialogue which is controlled by the escape key only. The default keymap is “us”, but this won't be very useful in case your machine is equipped with a keyboard of a different layout. In case of a typo, reach the end of the dialogue by pressing the escape key, turn back to the boot menu, and try again. (You can skip this section in case your device has been configured to use a keymap matching the keyboard of the device.) 2. Type hotkey “y” to unlock selected disk partitions. You will enter a dialogue which is controlled by the escape key only. 1. Unlock the *home partition* aka `(ahci0,msdos5)` or `(ahci0,gpt3)`. 2. Unlock the *root partition* aka `(ahci0,msdos1)` or `(ahci0,gpt1)`. 3. Reach the end of the dialogue and turn back to the boot menu. In case of a typo, reach the end of the dialogue, turn back to the boot menu, and try again. 3. Type hotkey “g” to search on disk for the GRUB2 configuration file, provided by GNU Guix System. The GNU Guix boot menu will appear. Select the first, default entry. The initial RAM-disk starts up, asking itself for passwords again. (If the boot process gets stuck with message “loading kernel modules...”, try pressing the Backspace Key to trigger the process.) 1. Unlock the *root partition* aka `/dev/sda1`. 2. Unlock the *home partition* aka `/dev/sda5` or `/dev/sda3`. 3. Wait and watch the boot process until appearance of the graphical login prompt. 4. Enter your selected username, i.e. `user0` or `user1`. 5. Enter user’s password. 6. Your Xfce4 Session should start up. Take Ownership -------------- Please change passwords as soon as you are familiar with your system, and before starting to use radio devices. Screensaver ----------- There should be a simple screensaver available, providing a black screen when active. To unlock, enter your user’s password directly, without any additional key hit. Suspend Mode ------------ Point and click onto the user menu, top right of your desktop, and select “Suspend” in order to enter suspend mode. Data is located in RAM, which is kept powered, but CPU is halted. In order to leave Suspend Mode and wake the machine back again, press the “Fn” button for about one second. Shutdown -------- Point and click onto the user menu, top right of your desktop, and select “Shutdown”. Buttons and Blue Function Keys ------------------------------ Special buttons and blue (gray?) function keys are configurable. Please check current settings of the Xfce4 Desktop Environment: * Applications > Settings > Power Management > General * Applications > Settings > Keyboard > Shortcuts for Applications ### Hints * In Xfce4, the combination of “Fn+F4” is called “Power Mode Key”. * In Xfce4, the combination of “Fn+Pos1” and “Fn+End” is called “Brightness Control Keys”. * In Xfce4, the combination of “Fn+F3” is called “Battery Key”. * Not *all* “Fn” keys are usable. Important Manuals ----------------- Please read the most important manuals. Open a terminal window by typing “Ctrl+Alt+T” and type the following commands: * Use `info info` to learn how to use the GNU Info Reader. * Use `info guix` to read the manual of your GNU Guix System with the GNU Info Reader. * Use `info cryptsetup` to get information about how to change or add passwords to LUKS encrypted partitions. * Use `info passwd` to learn how users can change their passwords. * Use `info coreutils` to understand the tools and the philosophy of your GNU System. * Try `info nano` to learn how to use the GNU Nano Editor. GNU Guix Examples ----------------- * Use `guix system list-generations` to see available system generations, which are as well accessible fromout the GRUB2 boot menu provided by GNU Guix. * Use `guix system describe` to get information about your current system. Use `nano ` to read the file mentioned in the previous output and learn about system-wide installed packages. * Use `guix pull --list-generations` to see your user’s list of available guix versions. * Use `guix package -I` to see installed packages of the current user’s standard profile, if available. * Use `guix --help` to get general usage information. Success! -------- We wish you the best experience and success with your liberated Zerocat Guix Machine and would kindly ask for your supportive feedback for our website. See for contact details.