Sortix
current nightly

Sortix nightly manual

This manual documents Sortix nightly, a development build that has not been officially released. You can instead view this document in the latest official manual.

NAME

installationoperating system installation instructions

DESCRIPTION

This document describes how to install Sortix on a computer from a cdrom release. Please read it through carefully before beginning the installation so you know what to expect and things you need to keep in mind. The upgrade(7) manual page covers upgrading an existing installation.

Prerequisites

  • A sortix-x.y-arch.iso release for your architecture.
  • A cdrom onto which the release has been burned, or USB portable storage onto which the release has been placed at the first byte and onwards.
  • A computer meeting the system requirements.

System Requirements

  • 32-bit x86 CPU (i686 release) or 64-bit x86 CPU (x86_64 release).
  • 1280 MiB RAM (recommended) to run the iso live environment (including installer) with all ports loaded, or significantly less if only the basic or minimal sets of ports are loaded. An installation on a harddisk only requires 32 MiB (32-bit) or 48 MiB (64-bit) of memory after installation.
  • ATA or AHCI harddisk with at least 1 GiB of unpartitioned space.
  • BIOS firmware, or UEFI firmware in legacy mode.
  • PS/2 keyboard/mouse firmware emulation to use those devices.
  • If you wish to dual boot, you need an existing operating system with a multiboot compliant bootloader such as GRUB.

Preparation

Read this document through before beginning the installation. The installation process is designed to be reasonable, but you need to patient and in an emotionally stable place. It is important you understand the current limitations of the system and carefully consider whether you want to go through with the installation at this time.
Before installing any operating system, be sure to have backed up local data in the event something goes wrong. This operating system comes without any warranty at all (see the license).
Consider the partitioning scheme and whether you wish to dual boot. Consult the partitioning instructions below. If dual-booting and there isn't enough unpartitioned space, use the native partition editor of the existing operating system to shrink its installation.
Determine how the target machine will boot the release. If the firmware supports usb-iso hybrid images, you can use rw(1) or dd(1) to copy the release physically onto a USB portable storage device. If the target machine has a cdrom drive, you can burn the release to a cdrom. Insert the installation medium in the computer and power it on. If needed, change the boot order in the firmware to prefer the installation medium over any existing operating system installations.
After the installation is complete, remove the installation medium and restore the firmware boot order to prioritize the local harddisk. Then power the computer on normally to run the new operating system.

Release .iso Modification

Optionally, you might want to modify a release .iso to meet your custom needs per the instructions in release-iso-modification(7).
If you want to ssh into your installation, it's recommended to amend the installation .iso with your public key, pregenerate the server keys and obtain fingerprints, and seed randomness using this procedure.
The release modification procedure lets you customize aspects such as the default bootloader menu option and timeout, the default hostname, the default keyboard layout, the default graphics resolution, adding files of your choice to the live environment, control which drivers are loaded by default, control which live environment daemons are started by default, deploy ssh keys so secure shell connections are trusted on the first connection, configure automatic installation and upgrading, and so on.
Warning: The live environment does not come with any random entropy and it will take some time and system usage before enough entropy is collected for secure random number generation. To keep your system secure, it is recommended to use the release modification procedure to add a /boot/random.seed file to the release .iso in order to securely seed the cryptographically secure pseudorandom number generator.

Qemu

Virtual machines are a well-supported installation target. For instance, to prepare a 1 GiB harddisk and install the operating system onto it, run something like:
qemu-img create sortix.raw 1G 
qemu-system-x86_64 -enable-kvm -m 1024 -vga std -cdrom sortix.iso \ 
                   -drive file=sortix.raw,format=raw
After the installation is complete, power off the computer and remove the -cdrom sortix.iso option.

Bootloader Menu

Booting the release will present you with a GRUB bootloader menu. You have three primary options:
  • Running a fully-featured temporary live environment.
  • Running the operating system installer (sysinstall(8)).
  • Upgrading an existing installation to this release (sysupgrade(8)).
Each of these options are a live environment running exclusively in RAM. The difference is only what program is run after the system has booted. The bootloader will load the whole operating system and ports into memory from the installation medium. This may take a moment. You need enough memory to store the whole system and the runtime usage. If the system memory is really insufficient, then the bootloader may have strange behavior, take a really long time to load, or not complete the boot at all.

Bootloader Advanced Options

The bootloader advanced options menu lets you customize the live environment by making one-time adjustments to the boot process. These decisions will not carry over to the final installed system, which you instead will need to configure to have the same effects.
You can configure which ports gets loaded using the bootloader menu. The base system is rather lean and can be made quite small. You need some ports to complete an installation. Only the selected ports are loaded into the live environment and installed onto the new installation. If upgrading an existing installation, then any ports not loaded will be removed from the installation being upgraded.
Ports can additionally be loaded as binary packages in the /repository directory by navigating to the advanced menu and then the select binary packages submenu and then selecting which ports.
The display(1) graphical user interface and desktop environment can be disabled by navigating to the advanced menu and selecting Disable GUI, which will instead boot to a plain /dev/tty1 terminal.
The kernel console can be changed to the primary serial port terminal by selecting Enable serial console. You can use the release-iso-modification(7) procedure to customize the serial port settings (speed, bits, parity), window size, and the TERM environment variable ahead of time. Otherwise it will default to a speed of 38400 with 8 bits and no parity, with a 80x25 window size, and the default TERM variable. You can change the settings appropriately after boot using the stty(1) ispeed, ospeed, cols, and rows commands, followed by export TERM=terminal to select your terminal. The installation remembers the kernel(7) --console and --term options it was booted with. If you wish for the installed GRUB bootloader to use the serial line, choose the chroot option at the end of the installation, and then set the GRUB_SERIAL_COMMAND and GRUB_TERMINAL variables appropriately per the GRUB documentation in the /etc/grub file and run the update-grub(8) command.
The network drivers can be disabled by navigating to the advanced menu and selecting Disable network drivers. It can be useful to disable the network drivers if it's undesirable to put the system on the network for security reasons. You will be asked later if you'd like to save this choice in the kernel options.
By default dhclient(8) will automatically configure ether(4) network interfaces with DHCP and bring up network connectivity. The DHCP client can be disabled by navigating to the advanced menu and selecting Disable DHCP client, which is useful if you want to manually configure the network or not expose the system until you are ready.

Installer

This guide assumes you selected the operating system installation option in the bootloader. If not, you can run the installer by running the sysinstall(8) command.
You will boot into the display(1) graphical user interface and desktop environment by default. A single terminal(1) window will open by default. More terminals can be opened by pressing Control + Alt + T. See display(1) for the available shortcuts.
The installer is an interactive command line program that asks you questions and you answer them. It provides useful information you shouldn't accidentally overlook. Before answering any question, read all output since your last answer.
You should have this installation guide ready at all times. You can view this installation(7) page during the installation by answering '!man' to any regular prompt (excluding password prompts). Likewise you can answer '!' to get an interactive shell. Upon completion, you will be asked the question again.

Keyboard Layout

You need to choose the applicable keyboard layout. By default, a standard US keyboard layout is used. You can view a list of keyboard layouts if you wish. This layout is then loaded and the preference will be stored in kblayout(5).

Display Resolution

If a driver exists for your graphics card, then you will be asked for your preferred display resolution by chvideomode(1). The display will then use this resolution and your preference will be stored in videomode(5).

Bootloader

The kernel(7) is a multiboot compatible binary that can be loaded by any multiboot specification compatible bootloader such as GRUB. You need to use such a bootloader to boot the operating system. You will be offered the choice of installing GRUB as the bootloader. Note however that this GRUB is not able to detect other operating systems and you will have to configure it manually if you wish to use it in a dual boot scheme. The answer will default to yes if no existing partitions are found, or if an existing Sortix installation is found that uses the provided bootloader; and will otherwise default to no.
The bootloader will be installed on the boot harddisk, which is the harddisk containing the /boot partition if any, and otherwise the harddisk containing the root filesystem.
Single-boot configurations should use the offered bootloader. Dual-boot configurations should refuse it and arrange for bootloading by other means. The installer will generate /etc/default/grub.d/10_sortix.cache which is a fragment of GRUB configuration that offers the menu option of running Sortix. You can splice that into /etc/grub.d/40_custom of an existing GRUB installation and run update-grub(8) to add it as a boot option.
If you accept the bootloader, you will be asked if you wish to password protect the bootloader. If you don't, anyone able to use the keyboard during system bootloading will be trivially able to gain root access using the bootloader command line. If you use this, you should also password protect the firmware and prohibit it from booting from anything but the harddisk. An attacker will then need to tamper with the computer itself physically. The password will be hashed and stored in grubpw(5) and is inserted into the GRUB configuration when update-grub(8) is run.
If the kernel(7) was booted with explicit options via the advanced bootloader menu, then you will be asked if you'd like to make these changes permanent via the GRUB_CMDLINE_SORTIX variable in the /etc/grub configuration file. Run update-grub(8) to apply the changes if you edit this file.

Partitioning

You will now need to set up a partition for the root filesystem and other filesystems you wish to use. The installer will give you instructions and run the disked(8) partitioning program. You can view its man page by typing man and you can view this man page by typing man 7 installation.
disked defaults to the first detected harddisk as the current harddisk. You can switch to another harddisk using the device device-name command. You can view all devices with the devices command.
If the current device does not already have a partition table, you can create a mbr(7) or gpt(7) partition table using the mktable command. gpt(7) is the preferred choice for new partition tables as mbr(7) has unfortunate limitations. If you are dissatisfied with the current partition table, you can use the rmtable command which will destroy the partition table and effectively delete all data on the harddisk.
The ls command lists all partitions and unused space on the current device. The mkpart command creates a partition. You will be asked interactive questions to determine its location. You will be asked if you wish to format a filesystem. ext2 is the native filesystem. If applicable, you will be asked if you wish to create a mountpoint for it in fstab(5). The rmpart partition-number command removes a partition table entry and effectively deletes all data on the partition.
If you accepted the included bootloader, it will be installed on the boot harddisk, which is the harddisk containing the /boot partition if any, and otherwise the harddisk containing the root filesystem. If the boot harddisk uses the gpt(7) partitioning scheme, then you must create a biosboot partition on the boot harddisk which is where the bootloader will be installed. It should be at the start of the boot harddisk and a size of 1 MiB will be more than sufficient.
You need to make a partition containing the root filesystem mounted at /. A size of 1 GiB will be comfortable for the base system and ports and basic usage. There is no inherent need for a /boot or a /home partition, so you are encouraged to make the root filesystem as large as you wish. Operating systems upgrades will preserve the root filesystem and the installer handles installing on top of an existing installation and preserves user files and local configuration.
Type exit when you are done to continue the installation. If the installer detects a problem with your partitioning, it will offer to run disked(8) again.

Installation

The installer will show its installation intentions and ask you to confirm the installation. If you answer yes, then the installation will begin.
The installer will copy the live environment into the target root filesystem according to the file lists in /tix/manifest and create configuration files matching your earlier choices. It will write 256 bytes of randomness to /boot/random.seed. It will generate an initrd that locates and boots the root filesystem. It will install the bootloader if desired. The installation will take a moment.

Configuration

After the installation is complete, a bare system is installed but it lacks crucial configuration files and it will refuse to start when booted.

Hostname

You will be asked for the hostname of the new system which be stored in hostname(5). This question is skipped if the file already exits.

Root

You will be asked for the root password. A root account is made in passwd(5) and group(5). This question is skipped if the root account already exists. If the live environment's root user has ssh keys and configuration, you will be asked whether you'd like to copy the files to the new installation.

Users

You will be asked in a loop if you wish to make another user. Answer no when you are done. Otherwise enter the name of the new account. If you wish to create an account by the name of no then simply add a space in front as leading spaces are trimmed.
You will then be asked for the full name and the password for the new user. A user directory will be made in /home. The new user is added to passwd(5) and group(5).
Please note that Sortix is not currently secure as a multi-user system and filesystem permissions are not enforced.

Graphical User Interface

You will be asked if you want to enable the graphical user interface. If you answer yes, then the system-wide default session(5) is configured to run display(1) upon login. Otherwise the user's preferred shell will be run upon login.

Automatic Upgrades

You will be asked if you would like to enable automatic operating system upgrades from the internet. This choice will enable the autoupgrade daemon (tix-autoupgrade(8)) which invokes tix-upgrade(8) in the background. Each upgrade will be scheduled for the next boot and is completely unattended. Alternatively you can invoke tix-upgrade(8) to do an upgrade(7) manually.
Privacy notice: If enabled, the operating system's website and download mirror will be periodically checked for new releases, which will be downloaded and installed.
If enabled, you will be asked whether you would like to automatically restart the system after an upgrade has been scheduled. You can optionally choose the time or delay before the reboot in the shutdown(8) format, or choose yes which sets a one minute delay. Warning messages will be broadcast with wall(1) to give users a chance to save unfinished work.
If enabled, you will be asked which upgrade channel the system is on. For stable releases, you can choose the stable channel, where every new major, minor, and patch stable release is published. Alternatively for stable releases, you can select the patch channel, which only receives stable patches for the current major and minor release, and may be ideal for servers as the fixes are maximally stable and compatible. However, the patch channel will not upgrade to new major and minor operating system releases, and you will need to upgrade manually. The nightly channel offers daily builds with the latest source code, which are supported and strives to be as stable as possible, but have not been officially released yet. On development builds, you can select the appropriate default channel associated with the release in question.

Network Time

You will be asked if you want to enable the Network Time Protocol client ntpd(8), which will automatically synchronize the current time with the internet. Although it's recommended to use network time to avoid clock drift, it does come with potential privacy implications.
Privacy notice: If enabled, the default configuration will obtain time from various internet servers and the installer will inform you which ones they are. You are encouraged to answer man to read the ntpd.conf(5) manual and then answer edit to edit the configuration with your preferences.

SSH Server

You will be asked if you want to enable a sshd(8) server for remotely logging into this machine over a secure cryptographic channel. Answer no if in doubt as anyone who obtains your credentials will be able to connect to your computer and log in as you. Password authentication is disabled by default as public key cryptography should be used for security, but if you have a very strong password, you could enable it when asked. It's recommended to securely bootstrap ssh authentication using the release-iso-modification(7) procedure to amend the installation medium with your public key, pregenerated server private keys, and a random seed. You are using a bad workflow if you encounter a ssh server fingerprint check. If the installer environment contains a sshd_config(5) or private sshd keys, then you will be asked if you want to copy the files into the new installation.

Completion

This will complete the operating system installation. Upon reboot, the new system will start normally. After powering off your system, you need to remove the installation medium and (if applicable) restore boot priorities in your firmware. If you did not accept the bootloader, you will need to manually configure a bootloader to boot the new operating system.
You will be given the choice of directly booting into the new system without a reboot, powering off the system, rebooting the system, halting the system, or chrooting into the new system. All of these options (except the chroot(2)) will destroy the live environment and all files within it will be lost.
This is a last chance to make modifications before the new system boots for the first time. If you want to make final modifications to the system (examples are below), you can answer '!' to escape to a shell in the live environment inside the subdirectory where the new system is mounted. You can then run chroot -d . to enter a shell within the new installation.
Upon boot of the new system it will be configured in multi-user mode and you will be presented with a login screen. Authenticate as one of the local users and you will be given a shell.
To power off the computer login as user poweroff or run poweroff(8) after logging in. To reboot the computer login as user reboot or run reboot(8) after logging in.
The user-guide(7) manual page is a basic overview of the system for new users.
Congratulations on your new Sortix system.

SEE ALSO

chkblayout(1), chvideomode(1), display(1), man(1), fstab(5), group(5), grubpw(5), kblayout(5), passwd(5), videomode(5), development(7), gpt(7), initrd(7), kernel(7), mbr(7), release-iso-modification(7), upgrade(7), user-guide(7), disked(8), fsck(8), init(8), sysinstall(8), sysupgrade(8), update-grub(8), update-initrd(8)
Copyright 2011-2025 Jonas 'Sortie' Termansen and contributors.
Sortix's source code is free software under the ISC license. 		#sortix on irc.sortix.org
@sortix_org