Linux Mint Forums

I intend to install Linux Mint 15 Olivia (Linux Only/Single OS) on my Dell XPS 14 (signature), this notebook will be used for programming, texts, web, "light" image edit, and so on. So, I have some questions:

1. As you can see in the signature, I have HDD + mSATA, so the following partition scheme is the best for my situation?

HDD: [500GB-> / * Encrypted with LUKS]
mSATA: [200MB -> EFI] + [200MB -> /boot ] + [8GB -> swap * Encrypted with LUKS] + ["rest" -> unallocated]
(Accepting recommendations, hints and tricks...)

2. The best way to encrypt the system is using LUKS during the installation (LiveUSB)?

3. Should I format the "/" with Ext4 or XFS?

4. Which partition should I point in the "Device for boot loader installation" during the installation, as my system is UEFI, I think I should point to the EFI Partition (200MB), correct?

5. How can I boot Linux Mint using UEFI [if I try the normal installation (/ + EFI + /boot + swap) I get stuck at GRUB black screen "grub>"]?

Thanks in advance!

JCChristian wrote:1. As you can see in the signature, I have HDD + mSATA, so the following partition scheme is the best for my situation?

HDD: [500GB-> / * Encrypted with LUKS]
mSATA: [200MB -> EFI] + [200MB -> /boot ] + [8GB -> swap * Encrypted with LUKS] + ["rest" -> unallocated]

I don't happen to have any SSDs myself; however, my understanding is that placing swap on an SSD is sub-optimal because if it gets used often, it will wear out the SSD too quickly, and if swap doesn't get used much, you'll see no speed benefit from that placement. Both the EFI System Partition (ESP) and the Linux /boot partition are accessed only briefly at boot time (and very infrequently therafter), so they also won't get much speed benefit from being placed on the ESP.

Instead, if the SSD is big enough, I'd put the Linux root (/) partition on it, split off /home to be on the spinning disk, and put the Linux /boot partition, swap partition, and ESP on the spinning disk, too. If there's enough space on the SSD, you might create a separate data partition there, to be mounted within your home directory, for user data you access frequently and that might benefit from the speed advantage of an SSD.

If this is dual-booting with Windows, you may need to get it to coexist, too, and that may impose size limits that would make my recommendation impractical. Likewise if the SSD is really tiny.

3. Should I format the "/" with Ext4 or XFS?

Ext4fs seems to be more popular, but either will work. One note: If you don't split off a separate /boot partition, using ext4fs on root (/) will give you more boot loader options. If you do split off a separate /boot partition, I recommend using ext2/3/4fs or ReiserFS.

4. Which partition should I point in the "Device for boot loader installation" during the installation, as my system is UEFI, I think I should point to the EFI Partition (200MB), correct?

It's unclear what purpose such a query, if present, poses on an EFI install, since the ESP is the only place that an EFI boot loader can reside. I suppose it might make sense to ask this question if a computer has multiple ESPs, but if there's just one, it's just confusing. In the past, such queries were leftover detritus from BIOS-mode installs and were ignored in EFI-mode installs. I don't know if Mint is still suffering from such a vestigial query, since I haven't installed Mint 15 yet.

5. How can I boot Linux Mint using UEFI [if I try the normal installation (/ + EFI + /boot + swap) I get stuck at GRUB black screen "grub>"]?

Unfortunately, the answer depends very much on the computer in question; some have bugs that cause problems for GRUB. If you can't get it to work, though, you could do a BIOS-mode install and then install an EFI-mode boot loader once the BIOS-mode install is complete. Several are available. Alternatively, if you're not dual-booting with an existing EFI-mode Windows installation, you could do a BIOS-mode install and leave it that way.

Thanks for reply.

- As I already said in the topic, I'll do a Linux only installation, Mint 15 only!
- As you can see in my signature, my mSATA (SSD) is 32GB, what would be a good partition scheme for it, including "/" (root) + data partition, maybe ~2GB for root, and ~30GB for data partition?

----- [Update]

I read about the Linux Foundation Secure Boot System, and I'll give it a try, hope this works (if it really works the way I'm thinking...). Any updates, I'll post here, but I'm still open for suggestions, I'll always be...

Unless you split off /usr, /var, /tmp, and other such directories, 2GB is far too small for root (/). On a Mint 14 installation I happen to have handy, the base system consumes about 3.1GiB. That value can grow substantially if you install lots of software, and it can grow temporarily as you install software. (Package files will get downloaded, stored for a few minutes until they're unpacked, and then deleted.) Thus, I'd say 5GiB should be the minimum size for root (/), with 10-25GiB being a more comfortable size for most systems.

I don't know if Mint 15 includes Secure Boot support. If it does, you shouldn't have to do anything special with it. If not, the easiest way to deal with Secure Boot is to disable it in your firmware's setup utility. This will theoretically make it eaiser for malware to infect the boot process, but most such malware is targeted at Windows, so the risk for Linux is relatively small. (It's not non-existent, of course, just small.) If you want to enable Secure Boot, my page on the topic may be useful; or I've got a page about Secure Boot with rEFInd specifically.

FWIW, I just checked Mint 15, and it seems to include a copy of GRUB that's signed with Canonical's (Ubuntu's) key. This version of GRUB in turn will load unsigned kernels. This effectively defeats the purpose of Secure Boot, at least on a Linux-only system, with the exception of OSes booted via external media.

- So, is it better and easier to me just disable Secure Boot and install Mint 15 in UEFI only, Secure Boot in a Linux only system is just a false security feeling in most of the cases?
- The following partition scheme would suit my needs...

250MB (HDD) = EFI
~9.7GB (HDD) = swap (I intend to upgrade the RAM to 8GB, later)
490GB (HDD) = /home

(all space) 32GB (mSATA) = /

> Installation via Live USB with "Encrypt my home folder" enabled (does it really works!?)

... in performance, security and maintenance view?

Thanks in advance!

IMHO, at the moment Secure Boot doesn't buy much, and it creates hassles. That said, if you happen to be bitten by one of the few real-world UEFI boot kits, the slim advantages of Secure Boot would become much more real. It's a gamble, really. Also, the nature of computer security is that it changes, and it often changes quite rapidly. If this sounds a bit wishy-washy, it's because the real world is uncertain.

srs5694 wrote:IMHO, at the moment Secure Boot doesn't buy much, and it creates hassles. That said, if you happen to be bitten by one of the few real-world UEFI boot kits, the slim advantages of Secure Boot would become much more real. It's a gamble, really. Also, the nature of computer security is that it changes, and it often changes quite rapidly. If this sounds a bit wishy-washy, it's because the real world is uncertain.

Thanks!