Installing Slackware 12.2 on Toshiba Satellite A55-S306

Last updated: 17 February 2009.  Click here for the old page.  THIS PAGE IS NO LONGER MAINTAINED.  I have bought a new laptop and so this one is basically obsolete.  I will update it only when I need to.

General Hardware Specifications of Toshiba Satellite A55-S306:

Hardware Components
Status under Linux
Notes
Pentium M processor, 1.5 GHz
Works on linux kernels 2.6.x
See below.
15 inch XGA LCD screen Works See below.
Intel 855GM video 32 MB (shared) Works See below.
256 MB DDR333 RAM Works, upgradable to 1GB. See below.
40 GB Hard Drive UATA133 Works
Intel 2200 series Ethernet Works
Toshiba Internal 56k Modem Does not work.
Did not attempt
Toshiba DVD/CD-RW drive Works See below.
Intel PRO/Wireless 802.11a/b/g Works See below.
Lithium Ion 4400mAh 6 cell battery Works See below.
Intel 82801DB sound (AC97) Works See below.
Intel 82801DB USB (four ports)
Works

Texas Instruments TSB43AB21 Firewire (iControl)
Works

Toshiba PCMCIA slot
Works

This laptop is operating under Kernel version 2.6.28.2 (Slackware 12.2).

Install Process:


    You can get Slackware Linux here.  In my case, I downloaded the install DVD and used this to install.  I chose to install on three primary partitions (hda1 / hda2 swap hda3 /home).  Slackware 12.2 supports LVM out of the box, and if you follow README_LVM.TXT, you can install Slackware this way.  I have done this before, but this time, I opted not to use LVM.  I won't go over the whole install process, but it's very easy.  Just follow the directions.

After Installing But Before Rebooting:

    I like to do some of my system configuration right before I reboot.  It's optional, but I prefer to do it.  The Slackware Linux installer does most of this, but I am a tweaker by nature.  Before you reboot, your system is mounted to /mnt by the installer, therefore you can configure a lot of things before you reboot.  Remember that you must either use /mnt in front of all the file locations, or chroot /mnt.  Anyways, here's all the things I do before rebooting:

After First Boot:

       Now I have a chance to create my user account, so I do that.  Once created, I copy my data from my backups over to /home.  I had to do it this time because I went from using LVM to not using LVM, so I had to recreate the hard drive.  LVM is nice, but I was only trying it out.
     At this point I also start building a new Linux kernel.  This is because now the kernel modules for my Logitech QuickCam Pro 9000 are included in the kernel.  This camera works right out of the box, by the way, provided it's in the kernel; otherwise you'd simply have to compile the add-ons.
    I then install all the software I have either built or downloaded, including OpenOffice, BibleTime, KMyMoney2, and FreeCiv.  Right after installation, only 3.3 GB of space was used by Slackware, and now after software installation it's 4.2 GB.
    Another important thing to do is have a backup for your information.  This is critical no matter who you are.  With Slackware, it's easy: just create a backup script like this one and place it in /etc/cron.daily/.
    I also add a line to my /etc/profile to prevent fork bombs: by adding "ulimit -u 150" at the end of it, this prevents users from launching over 150 processes.  Another edit I do to /etc/profile is to make VISUAL=nano, not vi or emacs, because I usually don't even install vi or emacs.
    Then I change how quickly the terminal window blanks.  Does this aggrivate you?  It is set by /etc/rc.d/rc.M.  On that line you can change it to whatever you want.  Me, personally, I change it to 1 (minute) using the command below.  However, if you want, you can instead disable it (if it bothers you) by using a value of 0.  This is for the display, not the whole computer, and only applies to using Slackware when not in Xorg:

/bin/setterm -blank 1 -powersave powerdown -powerdown 1

Wireless

   Right out of the box, my wireless card (Intel 2200) works, because Slackware 12.2 comes with the firmware for this card.  Just be sure that you install it during the install process.  I usually blacklist this module only because I do not want it to be loaded at boot time.  I usually set up /etc/modprobe.d/ipw2200 to "options ipw2200 associate=0 auto_create=0" so that it does not automatically latch on to an access point and does not automatically create an ad-hoc network.

My Video Card

    I then copy over my xorg.conf.  If you read this, you notice that I specify my screen size.  From my old page:
    With the Intel 855GM video card, you must recompile the Linux kernel provided or a new one.  If you want good support, you should use the intelfb framebuffer module.  However, with the stock Slackware Linux kernel, the vesafb module is built in, and this not be as fast as it could be, and you will also have difficulty switching to and from virtual terminals while using Xorg.  Solution: compile in agpgart, intel-agp, and intelfb.  Also, in the kernel build tree, see Documentation/fb/intelfb.txt for the append statement you need to include in LILO.  Just be sure to use "nohwcursor" rather than "hwcursor" if you want to see where you are typing.  By the way, this card uses the i915 DRM module in the kernel, but make DRM and i915 as modules (<M>).
    And for an append statement in LILO, use vga=792 for 1024x768 framebuffer or vga=788 for 800x600 framebuffer.
    As for the VGA output, I could never, with any distribution of Linux, get it to run two separate displays.  What the VGA output does is display the same thing on the external monitor.  You don't need to do anything to get this to work, too: just reboot with an external monitor connected and it works.  Just be sure you are careful with Xorg options as to screen size and that you experiment a bit with the external monitor.

My Sound

    My sound card "just worked" (tm).  I did not need to run alsaconf, nor even add a user to the audio group.

Tweaking Xorg "For Greater Justice" (tm)

    I read on either a Sun or other Xorg user group that one can make Xorg more efficient with fonts and memory use in general by using only a handfull of fonts.  I tried setting all applications to use one of the Liberation family of fonts (Liberation Mono, Liberation Sans, Liberation Serif) and all themes to use these fonts as well.  The difference in appearance in Xfce was not much, but the difference in response and memory consumption was noticeable.  I include this as an idea to those who would like to tweak it.

Recompiling Linux Kernel

    I needed to do this due to my video card, but in general, I used the opportunity to make the kernel specific to my computer, which reduces its size and memory consumption.  My config is available for you to look at.  I used the Slackware Linux 12.2 generic-smp kernel as a starting reference.  Once I rebooted and it worked, I uninstalled the other two kernels (do not uninstall the kernel-firmware or kernel-headers packages).

CPUFREQ

    My computer uses the ACPI P-States module, in the kernel.  I compile it right in, with the conservative governor, and ACPI's processor module.  This greatly improves battery life.

Sensors

    This machine uses ACPI, and the BIOS may try to "hide" the sensors.  If you read the I2C modules and such in the kernel and build in the right modules, however, these sensors should get detected and work.

Ethernet

    My ethernet works perfectly with the e100 kernel module.

Firewire

    The Linux kernel has the firewire modules for my machine.  However, I can't say if it works because I do not own any firewire devices.

Modem

    The internal modem on this machine never worked, and with phone internet becoming increasingly scarse, I removed it from my laptop.

LCD Backlight

    Just a note for those who are used to other brands and makes of laptop.  With this laptop, you will not need to tell the LCD to blank when the lid is closed, or set up a script: it already works properly.
    However, if you want to control it, here's a very simple solution to doing so.  First, you should give users in the power group the ability to run a script you are about to make.  You add the line "%power ALL=/usr/local/bin/brightness" to /etc/sudoers.  Then take a look at my brightness script.  I would put it in /usr/local/bin with permissions 754 (root can do anything, group can read and execute, and others can only read it) and ownership "root:power" (i.e. root user, power group).  This is because I use membership (or lack thereof) in the power group to give local users the ability to do power-related tasks like shut down the computer, set power variables, etc.
    The Toshiba LCD has only three brightness settings: 100, 40, and 0.  Zero is off, 40 is "low", and 100 is "high".
    To use this, you will need to make sure your kernel has the Toshiba ACPI module built in.
    To run it as a user, you will need to be a member of the power group and use it like this: "sudo brightness 100" etc.  I set it up so that it assumes that you want the brightness at max.  This makes sure that if you run into trouble, it's easier to get the LCD brightness back up.

Fans

    Just a note for those whose laptops need something to tell the fans to turn on and off.  This laptop does this automatically, so do not fear.  The fans are controlled by the BIOS and by ACPI, and even if you don't have ACPI enabled in the kernel, they will continue to run.  Have no fear :)

CD Burner

    This laptop has a CD burner, and it works properly with Slackware Linux 12.2 using K3B.

Touchpad

    This laptop has an ALPS touchpad device, not a Synaptics.  I recommend using the following options to /etc/modprobe.d/psmouse: "options psmouse proto=exps resetafter=1".

Output Of /sbin/lspci

00:00.0 Host bridge: Intel Corporation 82852/82855 GM/GME/PM/GMV Processor to I/O Controller (rev 02)
00:00.1 System peripheral: Intel Corporation 82852/82855 GM/GME/PM/GMV Processor to I/O Controller (rev 02)
00:00.3 System peripheral: Intel Corporation 82852/82855 GM/GME/PM/GMV Processor to I/O Controller (rev 02)
00:02.0 VGA compatible controller: Intel Corporation 82852/855GM Integrated Graphics Device (rev 02)
00:02.1 Display controller: Intel Corporation 82852/855GM Integrated Graphics Device (rev 02)
00:1d.0 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #1 (rev 03)
00:1d.1 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #2 (rev 03)
00:1d.2 USB Controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) USB UHCI Controller #3 (rev 03)
00:1d.7 USB Controller: Intel Corporation 82801DB/DBM (ICH4/ICH4-M) USB2 EHCI Controller (rev 03)
00:1e.0 PCI bridge: Intel Corporation 82801 Mobile PCI Bridge (rev 83)
00:1f.0 ISA bridge: Intel Corporation 82801DBM (ICH4-M) LPC Interface Bridge (rev 03)
00:1f.1 IDE interface: Intel Corporation 82801DBM (ICH4-M) IDE Controller (rev 03)
00:1f.5 Multimedia audio controller: Intel Corporation 82801DB/DBL/DBM (ICH4/ICH4-L/ICH4-M) AC'97 Audio Controller (rev 03)
01:05.0 Network controller: Intel Corporation PRO/Wireless 2200BG [Calexico2] Network Connection (rev 05)
01:07.0 FireWire (IEEE 1394): Texas Instruments TSB43AB21 IEEE-1394a-2000 Controller (PHY/Link)
01:08.0 Ethernet controller: Intel Corporation 82801DB PRO/100 VE (MOB) Ethernet Controller (rev 83)
01:0b.0 CardBus bridge: Toshiba America Info Systems ToPIC100 PCI to Cardbus Bridge with ZV Support (rev 33)

Assorted Specifications

    Yes, I read the Intel specifications sheet for the 82801DB chipset (i.e. this laptop).  This is provided just in case you're like me and want to try and enable all of the features this laptop comes with.  A couple of terms used to refer to this chipset is ICH4 or just "ICH".  In general, the following are supported (this is a brief summary):

Securing Slackware

    Ok, now I move into completing my installation by securing my system.  Note that some, or even most, of this can be done before you reboot, since after your setup is complete, your new Slackware system is mounted on /mnt.

X.org

    Here you want to prevent X.org (the graphical server) from listening for remote connections (assuming you do not run such a server).  This is as easy as editing /usr/bin/startx and changing line 26 to defaultserverargs="-nolisten tcp".

Shutting Off Other Services

    Using netstat -a, I was able to see that other services were listening for connections.  I edited /etc/inetd.conf, commenting out all services so that none would get used, and restarted inetd (/etc/rc.d/rc.inetd restart).

Small Firewall Holes

    I use this to plug various holes in my traffic.  This first one is designed to take the list of valid DNS servers and then restrict DNS traffic only to these two.  This is designed to try and prevent DNS attacks.

for i in `cat /etc/resolv.conf | grep -v '#' | awk '{print $2}' `
do
   iptables -A INPUT -i ! lo -p udp --dport 53 --sport 53 -s $i -j ACCEPT
done
iptables -A INPUT -i ! lo -p udp --dport 53 --sport 53 -j DROP

 
    I use this script to allow DHCP traffic only from my ISP.  THis is in an attempt to prevent possible DHCP attacks.

for i in /etc/dhcpc/dhcpcd-*.info
do
   a=`grep DHCPSID $i | sed 's/DHCPSID=//g'`
   iptables -A INPUT -i ! lo -p udp --sport 67 --dport 68 -s $a -j ACCEPT
done
iptables -A INPUT -i ! lo -p udp --sport 67 --dport 68 -j DROP


    Then here is a way to filter AUTH requests based on a time limit (one per second) and one per host.  This may not work, however, for some locations, simply because of recent abuses of this service.

iptables -A INPUT -i ! lo -p tcp --dport 113 -m limit --limit 1/second -m connlimit ! --conlimit-above 1 -j ACCEPT

    The same thing goes for pings, basically.  Limit one per second, three per host (because Windows ping in the past defaulted to three pings.

iptables -A INPUT -i ! lo -p icmp --icmp-type 8 -m limit --limit 1/second -m connlimit ! --connlimit-above 3 -j ACCEPT

    This wasn't meant to be an exhaustive list of rules, but it is some that should get you thinking.  Basically, if it's not something others need (like file sharing over the internet), or something they should never be sending you (like "Christmas Tree" scans, more than tree pings, etc), don't allow it in.  The book of Proverbs declares that the lazy person's walls are broken down.  Not everyone owns walls, obviously, but the concept applies.

Security Checklist

    I then go through Sans.org's Linux Security Checklist

Conclusion

    It's rather easy to make Slackware into what you need for a home desktop, with a bit of learning and research.  Slackware is also very easy to troubleshoot, and very easy to secure due to its simplicity.