GNU/Linux on IBM/Lenovo ThinkPad T43

Forewords

This document is far from complete. It was last updated on 9 June 2007. Don’t expect updates.

This document describes my adventures with installing Debian sid (3.1) GNU/Linux on an IBM (or Lenovo if you prefer) ThinkPad T43 using crypted root filesystem. It also tries to document one way to install hardware device drivers and configure power saving features to fit the particular laptop for writer’s personal preferences and environment. Some of the stuff have been tested with Debian etch as well.

For Debian and non-Debian alike, TuxMobil has plenty of links to pages (more of less) similar to this.

Disclaimer

I take no responsibility for what you do with your computer. This stuff works for me and that’s pretty much all I care about. If it breaks your installation, you’re on your own. (“If it breaks, you get to keep both pieces.”)

Introduction

When I started an on-site assignment at [NDA] I was given an IBM/Lenovo ThinkPad T43 to do my work with. It came with Windows XP Professional pre-installed, but I was allowed – and in fact, supposed – to install Linux on it. The only requirement was that if I ever wanted to take the thing outside the walls of [NDA], I had to have a crypted filesystem.

Until then, I had only experimented with crypted disk images, which was rather trivial with cryptoloop. The problem was how to do this automatically with the root filesystem. How can I do it with minimal manual work?

Installation and setting up crypted root

Installing hardware drivers

First of all, http://linux.spiney.org/debian_gnu_linux_on_an_ibm_thinkpad_t43p is your best friend! Use that guide instead. Feel adventurous? Feel free to read ahead.

Hardware 3D-acceleration (FGLRX)

Download drivers from ATI and compile kernel and modules with make-kpkg. All done!

WLAN

Umm… It works, though. See http://www.thinkwiki.org/wiki/Ipw2200.

Fingerprint reader

See http://linux.spiney.org/debian_gnu_linux_on_an_ibm_thinkpad_t43p_fingerprint_reader.

Here’s what I ended up doing:

Configure GDM to authenticate with a fingerprint

Allow luser-applications to use fingerprint reader

ll you need to do is to allow lusers to read and write the fingerprint reader device. I created group bsp and added myself there. Then I wrote this script (to be copied to /etc/init.d) to set the permissions at start up. It probably doesn’t work after suspend; I haven’t tried that yet. One the file is in place, run update-rc.d bsp defaults (as root). Finally run invoke-rc.d bsp start (as root).

Configure xscreensaver to authenticate with a fingerprint

If authentication doesn’t work, check /var/log/auth.log. If you get BioAPI error #194d the permissions are not properly set. If you are asked for a fingerprint after your password, you have edited the wrong file (like I did).

Configuring powersave

Scripts for ACPI

Stuff implemented:

Working, but not enabled here:

First of all my scripts assume certain ACPI-events are caught as ibm/hotkey and not as button/lid that laptop-mode-tools already catch. This can be changed by giving ibm-acpi the parameter hotkey=enable,0x0fef. Also make sure the module is loaded at startup. See /etc/modprobe.d/ibm-acpi.

The next thing would be to catch those events and have my script handle them. It should be easy to add other handlers there.

Finally, the actual scripts to Do Stuff(tm).

Remember the x-bit.

Acknowledgements