Debian
Setting up a minimal X environment
Tags:  debian, linux, nvidia,  first published on Jan 1, 2016 - last modified on Dec 3, 2017

At the end of the minimal installation instructions we ended up with a bare-bones Debian installation, where we can now login as root with the password that was entered as part of the installation.

A normal user account should be created, I personally set things up so that my normal user account is uid/gid 1000 and add other groups to it, the uid/gids can of course be changed as needed. This is also a good time to install sudo and add the non-privileged user to it.

andromeda
root@andromeda:~# aptitude -t jessie-backports install sudo
root@andromeda:~# addgroup --gid 1000 luser
root@andromeda:~# adduser --uid 1000 --gid 1000 luser
root@andromeda:~# addgroup luser sudo
root@andromeda:~# addgroup luser users
root@andromeda:~# addgroup luser staff
root@andromeda:~# addgroup luser audio

let’s now set up the locale, the following steps depend on where you live, the example here is for a US English locale.

andromeda
This should display only C, C.UTF-8 and POSIX at this point
root@andromeda:~# locale -a
C
C.UTF-8
POSIX
root@andromeda:~# aptitude install locales
Edit this file and uncomment the wanted locale(s), say en_US.UTF-8
root@andromeda:~# vi /etc/locale.gen
root@andromeda:~# cat /etc/locale.gen | grep -v \#
en_US.UTF-8 UTF-8
root@andromeda:~# locale-gen
root@andromeda:~# echo 'LANG=en_US.UTF-8' > /etc/default/locale

after regenerating the locales and setting the default, running env in a login shell should display the LANG=custom_locale environmental variable.

By default journalctl is run in non-persistent mode, to enable persistence just mkdir /var/log/journal the maximum size used for this can be configured in /etc/systemd/journald.conf with SystemMaxUse, the default is 10% of the filesystem, after changing this file restart the journal by running systemctl restart systemd-journald

It is now time to install more packages. If dhcpcd was disabled earlier, manually start it for the time being and update the package database, and upgrade any needed packages

andromeda
root@andromeda:~# /etc/init.d/dhcpcd start
root@andromeda:~# aptitude update
See below for more information on what to do in aptitude
root@andromeda:~# aptitude -t jessie-backports

In general I prefer to run backported packages whenever possible, at the time of this writing stable was jessie and testing was stretch, so I usually alias ‘sudo aptitude -t jessie-backports’ to ap to minimize typing, however in this guide I will write out the aptitude command line fully.

After updating the packages I run aptitude -t jessie-backports and upgrade installed packages to their jessie-backports versions, typing u, shift+u, g and g again.

For a bare-metal installation I tend to be conservative and might or might not upgrade the kernel to the backports version (currently for example jessie is on 3.16 while jessie-backports is on 4.2). If you want to experiment it would probably be a good idea to, after installing, set up /etc/default/grub with GRUB_DEFAULT=saved and set the kernel you want to normally boot with grub-set-default.

Either way after the above the headers of whichever kernel is in use should be installed at this point via aptitude install linux-headers-amd64 or aptitude -t jessie-backports install linux-headers-amd64 depending on the kernel choice.

It is a good idea to now install sshd, to make it easier to debug issues from other computers, and also to set up some dependencies, like dbus, that will be used by later packages

andromeda
root@andromeda:~# aptitude -t jessie-backports install openssh-server
root@andromeda:~# systemctl enable ssh.service
root@andromeda:~# systemctl start ssh.service
root@andromeda:~# systemctl reboot

Note that apparently in stretch you can start the sshd server both by using ssh.service and sshd.service, but the service can be enabled only by using ssh.service.

X11 installation

In order to continue with the set-up of the system and its networking X11 needs to be running. I have moved to an i3-based set up some time ago and am quite enjoying it both in terms of minimalism and usability, it is extremely fast, configurable and fits in very well with the way I use the system, so from now on the installation instructions assume this is what will be used both in terms of packages installed and configuration.

The package list we will be using is this

andromeda
root@andromeda:~# aptitude -t jessie-backports install i3 xterm pulseaudio xinit dkms x11-xserver-utils dbus-x11
root@andromeda:~# addgroup luser pulse
root@andromeda:~# addgroup luser pulse-access

Note in some newer debian releases you might also need to install xserver-xorg-legacy.

Before continuing it’s also a good idea to make sure you are getting the best font experience you can, if you are running an LCD screen I would suggest creating the following symlinks to enable subpixel anti-aliasing and hinting, note some of these links might already exist, so use -sf here just in case. Also note the below assume that your LCD screen has its phosphors laid out as RGB, if it is different please use one of the other subpixel hinting files

andromeda
root@andromeda:~# cd /etc/fonts/conf.d
root@andromeda:/etc/fonts/conf.d# ln -s /usr/share/fontconfig/conf.avail/10-sub-pixel-rgb.conf
root@andromeda:/etc/fonts/conf.d# ln -s /usr/share/fontconfig/conf.avail/10-autohint.conf
Note lcdfilter might already be there
root@andromeda:/etc/fonts/conf.d# ln -s /usr/share/fontconfig/conf.avail/11-lcdfilter-default.conf

After these packages it’s time to configure the video card, unfortunately in Jessie nouveau was not able to drive my main monitor at its native resolution over hdmi for some reason, while Nvidia’s proprietary drivers could, therefore I had to install their package according to the Debian wiki instructions 1 however note this followup post if you are in need of a more up-to-date driver for things like CUDA etc.

Note that in more recent debian releases (i.e. stretch) nvidia-xconfig would not strictly be needed anymore, so it could be omitted from the below lines.

andromeda
root@andromeda:~# aptitude -t jessie-backports install nvidia-detect
Make sure your video card is supported, this is an example of a supported card
root@andromeda:~# nvidia-detect
Detected NVIDIA GPUs:
02:00.0 VGA compatible controller [0300]: NVIDIA Corporation GK106 [GeForce GTX 660] [10de:11c0] (rev a1)
Your card is supported by the default drivers and legacy driver series 304.
It is recommended to install the
    nvidia-driver
package.
Now install the drivers
root@andromeda:~# aptitude -t jessie-backports install nvidia-kernel-dkms xorg-server-source nvidia-xconfig
This might or might not be needed in recent drivers
root@andromeda:~# nvidia-xconfig
Now reboot to blacklist nouveau and use the nvidia driver don't forget to restart dhcpcd afterwards if you need to
root@andromeda:~# systemctl reboot

If you are using this installation guide to install a VirtualBox VM, you should install the following packages instead and add your user to the vboxsf group to be able to have access to the shared folders.

andromeda
root@andromeda:~# aptitude -t jessie-backports install virtualbox-guest-dkms virtualbox-guest-x11 virtualbox-guest-utils
root@andromeda:~# addgroup luser vboxsf
root@andromeda:~# systemctl reboot

at this point if you login with your user account and type startx you should be able to get to your chosen graphical enviroment, if you are using i3 you will have to answer a question of which key you prefer to use as your i3 modifier, and after that you can press this modifier key and Enter to start your xterm.

After confirming that the X environment works, the system can be set up so it boots automatically in it. Given that to actually boot the system one needs to know the LUKS password, having to type the username/password to login as well at every boot does not seem to significantly enhance the system’s security.

An override.conf file for tty1 has already been created in the previous instructions, so it can be modified as follows:

andromeda
root@andromeda:~# root@andromeda:~# cat /etc/systemd/system/getty@tty1.service.d/override.conf
[Service]
TTYVTDisallocate=no
Type=simple
ExecStart=
ExecStart=-/sbin/agetty --autologin luser --noclear %I 38400 linux

this will log into the selected user after booting, in order for X to start a bash login file also needs to be created for the user that does so if it’s not running already:

andromeda
root@andromeda:~# echo '[[ -z $DISPLAY && $XDG_VTNR == 1 ]] && exec startx' > ~luser/.bash_profile
root@andromeda:~# chown luser:luser ~luser/.bash_profile

Audio considerations

Debugging pulseaudio issues is definitely beyond the scope of this guide, if you are experiencing problems I suggest checking out this excellent guide on Arch wiki 2 however a few suggestions would be to first of all blacklist any USB or HDMI sound devices

andromeda
root@andromeda:~# aptitude -t jessie-backports install alsa-utils
root@andromeda:~# echo blacklist snd_usb_audio > /etc/modprobe.d/sound.blacklist.conf
root@andromeda:~# echo blacklist snd_hda_codec_hdmi >> /etc/modprobe.d/sound.blacklist.conf

after rebooting you can check your sound by running speaker-test -c 2 -t wav, if everything is ok you should hear a left/right voice from your speakers. If you can’t hear anything you should first of all make sure that all the outputs listed by alsamixer both for pulseaudio and for your physical card have a green 00 under it to make sure they are not muted

andromeda
this should cover pulseaudio
root@andromeda:~# alsamixer
this should give you your physical devices
root@andromeda:~# alsamixer -c 0 -D sysdefault
this might or might not be needed to persist your changes
root@andromeda:~# alsactl store

if you still don’t have sound you might also want to try running amixer -c 0 sset “Auto-Mute Mode” Disabled

Optionally you can also install pavucontrol to fine-tune your pulseaudio configuration, or follow one of Arch Linux wiki guides to set up Jack or OSS.

And we’re done!

after you reboot you should find yourself at your X screen, the instructions from this point on will assume you are running in X as your chosen user, and so will use sudo whenever needed, we can now continue to and set up networking in pfSense

Changelog:
  • Initial release - 2016-01-01
  • Added mention of xserver-xorg-legacy - 2016-09-04
  • Stretch updates - 2017-11-27
  • Add sshd - 2017-11-29
  • New highlighting for commands - 2017-12-03
  • Debian stretch again - 2018-06-21