Bootable Linux USB stick

From CCP4 wiki
Revision as of 17:00, 22 March 2016 by Kay (talk | contribs)
Jump to navigation Jump to search

We regularly and successfully use USB sticks for courses where participants bring their own notebooks. The big benefit is that students learn Linux, and realize that they can easily use the hardware they already own. Current notebook hardware is by far fast enough for data processing, structure solution and coot visualization. What we found:

  1. the sticks should be fast USB3 (very good results with SANdisk Extreme 32GB). The computers do not have to be recent, nor do they have to have USB3 ports. USB2 ports support up to 30MB/s, but only USB3 sticks deliver this!
  2. we use Fedora 23 because its hardware support is very good. We always use the 64bit distro.
  3. The stick can be booted on MacBooks as well (press the alt key at the boot sound); their hardware works well with Fedora 23. For Windows clients (press F11 or F12, sometimes F9 or F10 for the boot menu), one has to make sure that "fast boot" (or "fast startup") is disabled (or Shift is pressed while shutting Windows down), and sometimes powercfg -H off (as Administrator in a console window) is additionally required; otherwise the USB stick may not boot. Occasionally we find a computer that does not boot from the stick because the BIOS screen can not be reached (due to unknown BIOS password; happens with machines belonging to institutions which administer them centrally) or some such, but 19 out of 20 work as they should.
  4. performance tuning (not strictly required): We use an ext4 filesystem and data=writeback,nobarrier in /etc/fstab. To set the writeback option on the / filesystem one needs to use tune2fs on a Linux machine where the stick is just mounted (i.e. not booted from), with the option data_journal_writeback; one should also set nobarrier that way. With this tuning the stick feels as fast as a local harddisk (except for large writes, like CCP4 or Phenix installation).
  5. we always create a few-GB FAT32 partition because that makes file exchange with Windows and Macs very simple
  6. we just install CCP4 and whatever else we need (XDS, Phenix, Chimera, ..), and then dd or ddrescue (on a machine with USB3 ports) an image of that stick to all other sticks.
  7. any number of bells and whistles could be added to this, like clients sending their hostnames to a server after booting, and accepting updates by rsync.

To make students familiar with the sticks and how to boot them, one needs 30+ minutes and a few tutors.

Some more details

  1. the SANdisk Extreme is the best stick we found; physically small sticks look nicer but are slow (even though they are called USB3)
  2. the FAT32 partition should be the first partition on the stick; 2GB is enough for us. Then comes the Linux partition, with 13.9GB, so that the sum of the two partitions is slightly below 16GB. The third partition is then a 16.1GB /data partition. This scheme has the advantage that the image of the stick can just as well be copied (with dd or better ddrescue) to a 16GB stick; the /data partition then does not fit and cannot be used on that stick, but the operating system will then work on the small stick just as well. This requires that the /data partition is not mounted automatically from /etc/fstab (i.e. it should be listed, but with the noauto option), but rather with a command like mount /data & from /etc/rc.d/rc.local - because if the 16GB stick is booted, it will otherwise find a corrupt filesystem and the boot will fail, leaving you with a rudimentary shell prompt which only experts can recover from. Also this means that the image of the stick need only comprise the first 16GB (unless the /data partition already has something on it) - that makes it faster to copy it, and it is quite fast to re-create an empty /data partition after booting the stick.
  3. it is a good idea to give easy root access to the one user you create because certainly some packages will have to be installed or updated when the stick is in use
  4. it is a good idea to save an image of the stick whenever you made a successful change; otherwise you might need to start from scratch if you mess something up.
  5. (if the installation not already does it for you) you should label the partitions and use the labels for mounting the partitions in /etc/fstab; don't use /dev/sda1 or the like because depending on the hardware it is booted on, after booting the stick, and depending on the actual hardware, the stick may be /dev/sdb or /dev/sdc !


Howto create a bootabled GPT-partitioned USB-stick with Fedora 23

This will create a USB stick capable to

  • EFI boot on Mac's
  • UEFI boot on PC's
  • BIOS boot on newer hardware (legacy boot / CSM enabled)
  • BIOS boots on medium aged bios hardware

does not boot on old BIOS hardware which doesn't support booting from GPT (see below):

GPT partition the stick using gdisk

The example shows a 32 GB Sandisk Extreme:

Part 1: +1G VFAT		(0700) (Windows needs it to be the first partition) 
Part 2: +1M Biosboot		(ef02)
Part 3: +250M EFI		(ef00)
Part 4: +13500M /		(0083)
Part 5: +15000M /mnt/data	(0083)

For performance, make sure that the big partitions are aligned to 8192-sector boundaries; default is 2048-sector boundaries - the default can be adjusted. If you use the above sizes and the + sign for specifying them, this happens to work out automatically.

Install Fedora23 on an UEFI machine (UEFI enabled; LegacyBoot / CSM disabled)

Whenever you see a ?, you must fill in the appropriate drive letter (e.g. c or d).

sd?3: efi		       /boot/efi
sd?4: ext4		/ 
sd?5: ext4		/mnt/data

adjust the USB-stick for UEFI/EFI boot (before reboot from chroot environment)

chroot:

chroot /mnt/sysimage

install updates:

dnf -y update

configure grub2 for (U)EFI systems: disable auto recognition of other installed Operating systems (specific to current computer), and update grub2-efi.cfg to use uuid's (devices not consistent across different machines)

echo 'GRUB_DISABLE_OS_PROBER=”true”' >> /etc/default/grub
grub2-mkconfig -o /etc/grub2-efi.cfg

(switches from devices to uuid and removes boot entries for other OS's)

tune ext4 filesystems:

tune2fs -o journal_data_writeback,nobarrier /dev/sd?4
tune2fs -o journal_data_writeback,nobarrier /dev/sd?5

(to set the default mount options, the partition has to be mounted, for / it must be done from chroot)

create & label vfat filesystem:

mkfs.vfat /dev/sd?1
dosfslabel /dev/sd?1 VFAT

exit
systemctl poweroff (or reboot for testing)

Install grub2 for BIOS boot (from chroot environment)

boot Fedora Live DVD on a BIOS machine and chroot to the stick:

mount /dev/sd?4 /mnt
mount -o bind /dev /mnt/dev
mount -t proc /proc /mnt/proc
mount -t sysfs /sys /mnt/sys
chroot /mnt

Install grub2 for BIOS boot and configure it:

rm /boot/grub2/grubenv

(symlink to /boot/efi/EFI/fedora/grubenv in grub2-efi.rpm; binary file in grub2.rpm)

grub2-install /dev/sd?

(also creates a new /boot/grub2/grubenv

grub2-mkconfig -o /etc/grub2.cfg

check /etc/grub2.cfg and if needed, change at all positions “linuxefi” to “linux16”, and “intrdefi” to “intrd16”

Problems on old BIOS hardware

some old computers still might not boot (they don't support booting from GPT). This can be fixed but the stick afterwards cannot boot on EFI/UEFI systems anymore. a) set the boot flag (active) on the single 0xEE partition in the protective MBR by using fdisk version <= 2.22 (versions 1.23 and newer have GPT support and thus don't make changes to the protective MBR but to the GPT) (I used fdisk (util-linux-ng 2.17.2) on a ScientificLinux 6.7 machine)

fdisk /dev/sd? 
a
part 1
w

b) recompute CHS values using option “h” in gdisk's expert menu:

gdisk /dev/sd?
x
h
m
q

this can be reversed: - toggle bootflag off in old fdisk - recompute CHS values in gdisk

(using a sgdisk backup of the GPT should also be fine)

helpful links:

http://www.rodsbooks.com/gdisk/bios.html#bios --> option h of gdisks experts menu did the trick!

https://fedoraproject.org/wiki/GRUB_2?rd=Grub2#Updating_GRUB_2_configuration_on_BIOS_systems

generating images and copies of the stick

fill empty part of all partitions on the stick with “zeros”: for each partition, do

dd if=/dev/zero of=/mountpoint/delete.me bs=65536  # this will stop when filesystem full
rm /mountpoint/delete.me

Better: use the (enhanced) SECURITY ERASE UNIT feature of hdparm (quicker, and nicer for the device).

save a compressed disk image - we use the parallel gzip program called pigz:

dd if=/dev/sd? | pigz -c usbstick.img.gz

(time: ~180 secs speed: ~175MB/s, size of image: 1.8 GB) write compressed image back to a stick:

unpigz -c usbstick.img.gz | dd of=/dev/sd? bs=4096

(speed should be >100MB/s)