Difference between revisions of "User:Rdeckard/Installation guide"

From ArchWiki
Jump to navigation Jump to search
(Undo revision 569403 by Rdeckard (talk))
Tag: Undo
 
(110 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
 
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
  
A guide for installing an encrypted system with just the basics. Uses UEFI to boot kernel directly via EFISTUB. Does not apply to BIOS systems or systems that dual-boot.
+
A guide for installing a minimal booting system. It gives several options along the way, depending on your system.
 +
 
 +
* For [[UEFI]], [[EFISTUB]] is used to boot the kernel directly.
 +
* For systems needing BIOS, [[syslinux]] is used.
 +
* Gives options for encrypting the system if desired.
 +
* Gives notes on using [[btrfs]] subvolumes if desired.
  
 
You may need additional packages for video drivers, etc.
 
You may need additional packages for video drivers, etc.
  
== Preparation ==
+
== Pre-installation ==
 +
 
 +
[https://www.archlinux.org/download/ Download] the Arch ISO and [[GnuPG]] signature.
  
[https://www.archlinux.org/download/ Download] the Arch ISO.
+
=== Verify signature ===
  
If you have [[GnuPG]] installed on your current system, verify the download:
+
If you have GnuPG installed on your current system, verify the download:
  
 
  $ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
 
  $ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
 +
 +
==== Create bootable disk ====
  
 
Create a bootable USB drive by doing the following on an existing Linux installation:
 
Create a bootable USB drive by doing the following on an existing Linux installation:
  
  # dd bs=4M if=''/path/to/''archlinux-''version''-dual.iso of=/dev/sd''x'' status=progress && sync
+
  # dd bs=4M if=''/path/to/''archlinux-''version''-x86_64.iso of=/dev/sd''x'' status=progress && sync
  
where {{ic|/dev/sd''x''}} is the USB drive. Now boot from the USB drive.
+
where {{ic|/dev/sd''x''}} is the USB drive.
  
== Pre-installation ==
+
=== Boot the live environment ===
 +
 
 +
Now boot from the USB drive.
  
=== Set keyboard layout ===
+
=== Set the keyboard layout ===
  
If using a keymap other than US, set the keyboard layout by doing:
+
If using a keymap other than US, [[Linux console/Keyboard configuration#Loadkeys|temporarily set the keyboard layout]] by doing:
  
 
  # loadkeys ''de-latin1''
 
  # loadkeys ''de-latin1''
  
 
Change {{ic|''de-latin1''}} to a layout found in {{ic|/usr/share/kbd/keymaps/**/*.map.gz}}
 
Change {{ic|''de-latin1''}} to a layout found in {{ic|/usr/share/kbd/keymaps/**/*.map.gz}}
 +
 +
=== Verify the boot mode ===
 +
 +
Verify that you have booted with UEFI mode by checking that {{ic|/sys/firmware/efi/efivars}} exists. If you're not booted in the UEFI, you should setup your motherboard to do so to follow this installation guide. If you are not able to use UEFI, this guide has an option to boot from BIOS using syslinux.
  
 
=== Connect to the internet ===
 
=== Connect to the internet ===
Line 37: Line 52:
 
  # systemctl stop dhcpcd@''interface''.service
 
  # systemctl stop dhcpcd@''interface''.service
  
A list of interfaces can be found with:
+
[[Network configuration#Listing network interfaces|A list of interfaces]] can be found with:
  
 
  # ip link
 
  # ip link
  
Then connect to a wifi network with:
+
Then connect to a wifi network with [[wpa_supplicant]]:
  
 
  # wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
 
  # wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
Line 53: Line 68:
 
  > quit
 
  > quit
  
Get an ip address:
+
Get an ip address with [[dhcpcd]]:
  
 
  # dhcpcd
 
  # dhcpcd
Line 61: Line 76:
 
  # ping archlinux.org
 
  # ping archlinux.org
  
=== Update system clock ===
+
=== Update the system clock ===
  
 
  # timedatectl set-ntp true
 
  # timedatectl set-ntp true
  
 
=== Partition the disk ===
 
=== Partition the disk ===
 +
 +
{{Warning|All data on your disk will be erased. Backup any data you wish to keep.}}
 +
 +
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
 +
 +
Use {{ic|lsblk}} to [[File systems#Identify existing file systems|identify existing file systems]].
 +
 +
Here is the layout this guide is using. Modify to your needs.
 +
 +
{| class="wikitable"
 +
!colspan="5" | Example partition layout
 +
|-
 +
! Mount point
 +
! Partition
 +
! Partition type
 +
! Suggested size
 +
|-
 +
| {{ic|/mnt/boot}}
 +
| {{ic|/dev/sda1}}
 +
|
 +
* [[EFI system partition]] for '''UEFI''' ''or''
 +
* boot partition for '''BIOS'''
 +
| 550 MiB
 +
|-
 +
| {{ic|/mnt}}
 +
|
 +
* {{ic|/dev/sda2}} for '''regular''' ''or''
 +
* {{ic|/dev/mapper/cryptroot}} for '''encrypted'''
 +
| Linux x86-64 root (/)
 +
| Remainder of the device
 +
|}
 +
 +
Use [[GPT fdisk]] to format the disk:
  
 
  # gdisk /dev/sda
 
  # gdisk /dev/sda
  
Create a GUID partition table. The create an [[EFI system partition]] of size 550MiB and marked as partition type {{ic|EF00}}. Create at least one more partition for the system partition.
+
# Create a new empty GUID partition table by typing {{ic|o}} at the prompt.
 +
# Create a new partition by typing {{ic|n}} at the prompt. Hit {{ic|Enter}} when prompted for the partition number, keeping the default of {{ic|1}}. Hit {{ic|Enter}} again for the first section, keeping the default. For the last sector, type in {{ic|+550M}} and hit {{ic|Enter}}.  
 +
#* For an '''EFI''' system, type in {{ic|EF00}} to indicate it is an [[EFI system partition]] for the partition type. Otherwise, use the default.
 +
# Now create at least one more partition for the installation. To create just one more partition to fill the rest of the disk, type {{ic|n}} at the prompt and use the defaults for the partition number, first sector, last sector, and hex code.
 +
#* If setting up a '''BIOS''' system with [[syslinux]], enter expert mode by entering {{ic|x}}. Then enter {{ic|a}} and then {{ic|1}} to set an attribute for partition 1. Then enter {{ic|2}} to set it as a legacy BIOS partition and then {{ic|Enter}} to exit the set attribute menu.
 +
# Finally, write the table to the disk and exit by entering {{ic|w}} at the prompt.
 +
 
 +
{{Tip|Here are one-liners for the above layout.
  
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
+
For '''EFI''':
 +
 
 +
# sgdisk /dev/sda -o -n 1::+550M -n 2 -t 2:EF00
 +
 
 +
For '''BIOS''':
 +
 
 +
# sgdisk /dev/sda -o -n 1::+550M -n 2 -A 1:set:2
 +
}}
 +
 
 +
==== Create LUKS container ====
 +
 
 +
If encrypting your system with [[dm-crypt]]/LUKS, do:
 +
 
 +
# cryptsetup lukFormat --type luks2 /dev/sda2
 +
# cryptsetup open /dev/sda2 cryptroot
 +
 
 +
Othwerwise, skip this step.
  
=== Create filesystems and mount===
+
=== Format the partitions ===
  
Format your ESP as FAT32:
+
[[Format]] your ESP as FAT32:
  
 
  # mkfs.fat -F32 /dev/sda1
 
  # mkfs.fat -F32 /dev/sda1
Line 81: Line 152:
 
Replace {{ic|''ext4''}} with the file system you are using in all of the following.
 
Replace {{ic|''ext4''}} with the file system you are using in all of the following.
  
To create an '''encrypted''' system do:
+
To format the LUKS container on an '''encrypted''' system do:
  
# cryptsetup lukFormat /dev/sda2
 
# cryptsetup open /dev/sda2 cryptroot
 
 
  # mkfs.''ext4'' /dev/mapper/cryptroot
 
  # mkfs.''ext4'' /dev/mapper/cryptroot
# mount /dev/mapper/cryptroot /mnt
 
# mount /dev/sda1 /mnt/boot
 
  
To create a '''regular''' (not encrypted) system, do:
+
To format a '''regular''' (not encrypted) system, do:
  
 
  # mkfs.''ext4'' /dev/sda2
 
  # mkfs.''ext4'' /dev/sda2
 +
 +
=== Mount the file systems ===
 +
 +
For the '''encrypted''' setup [[mount]] the LUKS container:
 +
# mount /dev/mapper/cryptroot /mnt
 +
 +
For the '''regular''' setup [[mount]] the root partition:
 
  # mount /dev/sda2 /mnt
 
  # mount /dev/sda2 /mnt
 +
 +
In both cases make a mount point for the boot partition and mount it:
 +
# mkdir -p /mnt/boot
 
  # mount /dev/sda1 /mnt/boot
 
  # mount /dev/sda1 /mnt/boot
  
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example:
+
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example, for the '''encrypted''' setup:
  <nowiki># btrfs subvolume create /mnt/@
+
  <nowiki># mount /dev/mapper/cryptroot /mnt
 +
# btrfs subvolume create /mnt/@
 
# btrfs subvolume create /mnt/@home
 
# btrfs subvolume create /mnt/@home
# umount /mnt/boot
 
 
# umount /mnt
 
# umount /mnt
# mount -o compress=zstd,subvol=@ /mnt
+
# mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
# mount -o compress=zstd,subvol=@home /mnt/home
+
# mkdir -p /mnt/home
 +
# mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
 +
# mkdir -p /mnt/boot
 
# mount /dev/sda1 /mnt/boot</nowiki>
 
# mount /dev/sda1 /mnt/boot</nowiki>
 
}}
 
}}
Line 107: Line 186:
 
== Installation ==
 
== Installation ==
  
  # pacstrap /mnt base sudo wpa_supplicant
+
=== Select the mirrors ===
 +
 
 +
If you desire, edit {{ic|/etc/pacman.d/mirrorlist}} to select which [[mirrors]] have priority. Higher in the file means higher priority. This file will be copied to the new installation.
 +
 
 +
=== Install the base packages ===
 +
 
 +
Instead of installing {{grp|base}}, we're only installing a select group of minimal packages needed. Almost all of the base group is installed with these packages through dependencies, and this eliminates a few packages that will not be needed (like netctl and various filesystem userspaces):
 +
 
 +
  # pacstrap /mnt linux pacman systemd btrfs-progs vim licenses man-db man-pages texinfo inetutils iproute2 iputils diffutils file gettext pciutils procps-ng psmisc sed tar usbutils which
 +
 
 +
* {{pkg|linux}}, {{pkg|pacman}}, and {{pkg|systemd}} are the minimal packages needed to boot the system and pull in most dependencies that you will need.
 +
* {{pkg|btrfs-progs}} is needed only if you are using [[btrfs]]. If using another [[Filesystem#Types of file systems|file system]], install the required user-space utilities instead.
 +
* {{pkg|vim}} is a [[text editor]] for editing configuration files. Replace with your favorite editor.
 +
* {{pkg|licenses}} installs licenses used in the packages you install.
 +
* {{pkg|man-db}}, {{pkg|man-pages}}, and {{pkg|texinfo}} install [[manpage]]s and [[info manual]].
 +
* {{pkg|inetutils}} {{pkg|iproute2}} {{pkg|iputils}} contain network utilities like {{man|8|ip}} and {{man|8|ping}}.
 +
* The remaining packages are helpful utilities that are not pulled in by other packages in the list and highly recommended.
 +
 
 +
Append additional packages you wish to install to the line. You will have the opportunity to install more packages in the chroot environment and when you boot into the new system.
 +
 
 +
If you have an AMD or Intel processor, you will want to go ahead and install the {{pkg|amd-ucode}} or {{pkg|intel-ucode}} packages, respectively to enable [[microcode]] updates later in the guide.
  
{{Tip|
+
{{Note|''sed'' is required for generating locales. See {{Bug|62150}}.}}
* Append any additional packages you desire to the end of this line, or install later while in the chroot environment.
 
* For a list of packages on the ISO that are not in {{grp|base}}, do:
 
<nowiki>$ comm -23 <(wget -q -O - https://git.archlinux.org/archiso.git/plain/configs/releng/packages.both) <(pacman -Qqg base | sort)</nowiki>
 
}}
 
  
{{Note|If using btrfs, {{pkg|btrfs-progs}} should be appended, since it is not in the base group.}}
+
== Configure the system ==
  
== Configuration ==
+
=== Fstab ===
  
=== Create fstab ===
+
Generate the [[fstab]] for your new installation:
  
 
  # genfstab -U /mnt > /mnt/etc/fstab
 
  # genfstab -U /mnt > /mnt/etc/fstab
  
 
=== Chroot ===
 
=== Chroot ===
 +
 +
[[chroot]] into the new installation:
  
 
  # arch-chroot /mnt
 
  # arch-chroot /mnt
  
=== Locale ===
+
=== Time zone ===
  
Uncomment needed locales in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
+
Set the [[System time#Time zone|time zone]]:
 +
 
 +
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
 +
 
 +
[[System time#Set hardware clock from system clock|Set the hardware clock from the system clock]]:
 +
 
 +
# hwclock --systohc
 +
 
 +
=== Localization ===
 +
 
 +
Uncomment needed [[locale]]s in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
  
 
  # locale-gen
 
  # locale-gen
  
Set {{ic|LANG}}:
+
Set the {{ic|LANG}} environment variable the locale:
  
 
{{hc|1=/etc/locale.conf|2=LANG=en_US.UTF-8}}
 
{{hc|1=/etc/locale.conf|2=LANG=en_US.UTF-8}}
  
If not using a US keymap, make they keyboard layout permanent:
+
If you are not using a US keymap, make they keyboard layout permanent:
  
 
{{hc|1=/etc/vconsole.conf|2=KEYMAP=''de-latin1''}}
 
{{hc|1=/etc/vconsole.conf|2=KEYMAP=''de-latin1''}}
  
=== Set the timezone ===
+
=== Network configuration ===
 
 
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
 
 
 
=== Set hardware clock from system clock ===
 
  
# hwclock --systohc
+
==== Hostname ====
  
=== Set hostname ===
+
Set the [[hostname]]:
  
 
{{hc|/etc/hostname|''hostname''}}
 
{{hc|/etc/hostname|''hostname''}}
Line 158: Line 261:
 
127.0.1.1 ''hostname''.localdomain ''hostname''}}
 
127.0.1.1 ''hostname''.localdomain ''hostname''}}
  
=== Set root password ===
+
==== Configuration ====
 +
 
 +
[[systemd-networkd]] will be used to connect to the internet after installation is complete.
 +
 
 +
Create a minimal systemd-networkd configuration file. Here {{ic|''interface''}} is the wireless interface or the wired interface if not using wireless.
 +
 
 +
{{hc|1=/etc/systemd/network/config.network|2=
 +
[Match]
 +
Name=''interface''
 +
 
 +
[Network]
 +
DHCP=yes}}
 +
 
 +
[[Enable]] the {{ic|systemd-networkd.service}} unit.
 +
 
 +
==== DNS resolution ====
 +
 
 +
To use [[systemd-resolved]] for DNS resolution, create a symlink as follows:
 +
 
 +
# ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
 +
 
 +
[[Enable]] the {{ic|systemd-resolved.service}} unit.
 +
 
 +
==== Wireless ====
 +
 
 +
If using a wireless interface, [[install]] the {{pkg|iwd}} package now:
  
  # passwd
+
  # pacman -S iwd
  
=== Add normal user ===
+
Additionally [[enable]] the {{ic|iwd.service}} for wireless on boot.
  
# useradd -m -G wheel ''user''
+
{{Note|To prevent a known race condition that causes wireless device renaming problems, create a [[drop-in file]] with the following:
# passwd ''user''
+
{{hc|1=/etc/systemd/system/iwd.service.d/override.conf|2=
 +
[Unit]
 +
After=systemd-udevd.service systemd-networkd.service
 +
}}}}
  
Open the sudoers file and uncomment the {{ic|wheel}} group:
+
=== Initramfs ===
  
# visudo
+
If using an '''encrypted''' system, add the {{ic|encrypt}} hook to your [[mkinitcpio]] configuration as shown below.
  
=== Generate intramfs ===
+
Add the {{ic|keymap}} hook if you are not using the default US keymap.
  
Add the {{ic|keyboard}}, {{ic|keymap}}, and {{ic|encrypt}} hooks. You will need to make sure you have any additional needed hooks for your setup.
+
If using btrfs, you can remove the {{ic|fsck}} hook.
  
 
{{hc|1=/etc/mkinitcpio.conf|2=
 
{{hc|1=/etc/mkinitcpio.conf|2=
HOOKS=(base udev autodetect modconf '''keyboard''' '''keymap''' block '''encrypt''' filesystems)}}
+
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck '''keymap''' '''encrypt''')}}
  
Omit {{ic|keymap}} if you are using the default US keymap.
+
{{Tip|Move {{ic|keyboard}} in front of {{ic|autodetect}} if using an external USB keyboard that was not connected when the image is created.}}
  
 
Regenerate initramfs:
 
Regenerate initramfs:
Line 184: Line 315:
 
  # mkinitcpio -p linux
 
  # mkinitcpio -p linux
  
=== Swap ===
+
=== Root password ===
  
Use either a [[swap]] file or swap partition. If using a swap partition, you should have created an additional partition earlier.
+
Set the root password:
  
==== Swap file ====
+
# passwd
  
# dd if=/dev/zero of=/swapfile bs=1M count=512
+
{{Tip|You can skip this step if you are giving your normal user super user privileges via sudo.}}
# chmod 600 /swapfile
 
# mkswap /swapfile
 
# swapon /swapfile
 
  
Update [[fstab]] with a line for the swap file:
+
=== Add normal user ===
 +
 
 +
[[Install]] the {{pkg|sudo}} package:
 +
 
 +
# pacman -S sudo
 +
 
 +
Add a normal user, add it to the {{ic|wheel}} group, and set the password:
 +
 
 +
# useradd -m -G wheel ''user''
 +
# passwd ''user''
  
{{hc|/etc/fstab|/swapfile none swap defaults 0 0}}
+
Open the sudoers file and uncomment the {{ic|wheel}} group, giving that user access to sudo:
  
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file, since it may cause file system corruption. Instead, use a swap partition.}}
+
# EDITOR=vim visudo
  
==== Swap partition ====
+
=== Swap file ===
  
For an '''encrypted''' system edit the following file:
+
If using btrfs, first create a subvolume for the [[swap file]] to reside on. Then, create an empty swap file and set it to not use COW:
  
{{hc|/etc/crypttab|
+
# btrfs subvolume create /.swap
swap /dev/disk/by-partuuid/''PARTUUID'' /dev/urandom swap}}
+
# truncate -s 0 /.swap/swapfile
 +
# chattr +C /.swap/swapfile
  
where {{ic|''PARTUUID''}} is the partition UUID of your swap partition.
+
If not using btrfs, simply create a directory:
  
{{Warning|All data on the device listed above will be destroyed on every boot. Ensure you get it right.}}
+
# mkdir /.swap
  
Additionally, append to your fstab:
+
In all cases do:
  
{{hc|1=/etc/fstab|2=
+
# dd if=/dev/zero of=/.swap/swapfile bs=1M count=2048
/dev/mapper/swap none swap defaults 0 0}}
+
# chmod 600 /.swap/swapfile
 +
# mkswap /.swap/swapfile
  
See [[Dm-crypt/Swap encryption]].
+
Update [[fstab]] with a line for the swap file:
  
For a '''regular''' system:
+
{{hc|/etc/fstab|/.swap/swapfile none swap defaults 0 0}}
  
{{hc|1=/etc/fstab|2=
+
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file for kernels before v5.0, since it may cause file system corruption. Instead, use a swap partition (not covered here).}}
/dev/sda3 none swap defaults 0 0}}
 
  
== Exit chroot and reboot ==
+
=== Boot loader ===
  
# exit
+
Two options are provided here. If you have a UEFI motherboard, use [[#EFISTUB]]. Otherwise, use the BIOS setup with [[#syslinux]]. In either case, you will need your [[#kernel parameters]].
# reboot
 
  
== Configure UEFI ==
+
==== EFISTUB ====
  
In this setup we are not using a boot loader. Instead we are booting the kernel directly.
+
In the UEFI setup we are not using a boot loader. Instead we are booting the kernel directly via [[EFISTUB]]. Previously you should have created a EFI system partition of the size 550MiB and marked it with the partition type {{ic|EF00}}.
  
From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
+
Exit the chroot and reboot the system. From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
  
 
  Shell> map
 
  Shell> map
Line 239: Line 376:
 
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
 
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
  
Now create two UEFI entries:
+
Now create two UEFI entries using [[bcfg]].
  
 
  Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
 
  Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
 
  Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
 
  Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
  
Create a file with your boot parameters for the normal boot:
+
Create a file with your [[#Kernel parameters]] as a single line:
  
 
  Shell> edit fs1:\options.txt
 
  Shell> edit fs1:\options.txt
  
For an '''encrypted''' system, this file will contain at least:
+
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the first character gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
 +
 
 +
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add that file as the options to your first boot entry:
 +
 
 +
Shell> bcfg boot -opt 0 fs1:\options.txt
 +
 
 +
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing a single line with your kernel parameters, chaning the intird to the fallback image (i.e., {{ic|/initramfs-linux-fallback.img}}).
 +
 
 +
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
 +
 
 +
==== syslinux ====
 +
 
 +
In the BIOS setup we are using [[syslinux]]. Previously you should have created a boot partition that was marked with the attribute "legacy BIOS bootable".
 +
 
 +
Now, while still in the chroot install {{pkg|syslinux}}:
 +
 
 +
# pacman -S syslinux
 +
 
 +
Create the following configuration file:
 +
 
 +
{{hc|/boot/syslinux/syslinux.cfg|
 +
DEFAULT arch
 +
 
 +
LABEL arch
 +
  MENU LABEL Arch Linux
 +
  LINUX ../vmlinuz-linux
 +
  APPEND ''kernel-parameters''
 +
 
 +
LABEL archfallback
 +
  MENU LABEL Arch Linux
 +
  LINUX ../vmlinuz-linux
 +
  APPEND ''fallback-kernel-parameters''
 +
}}
 +
 
 +
where {{ic|''kernel-parameters''}} is from [[#kernel parameters]]. {{ic|''fallback-kernel-parameters''}} is exactly the same except with {{ic|initrd}} pointing to the fallback initramfs (i.e., {{ic|/initramfs-linux-fallback.img}}).
  
root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img cryptdevice=/dev/sda2:cryptroot
+
Exit the chroot and unmount all of the partitions:
  
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
+
# umount -R /mnt
 +
 
 +
Then install the bootloader:
 +
 
 +
# syslinux --directory syslinux /dev/sda1
 +
 
 +
And install the [[MBR]]:
 +
 
 +
# dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/gptmbr.bin of=/dev/sda
 +
 
 +
==== Kernel parameters ====
  
For a '''regular''' system, this file will contain at least:
+
No matter what boot loader you use, you need to pass some [[kernel parameters]] to it as indicated in the above sections.
  
root=/dev/sda2 ro initrd=/initramfs-linux.img
+
For an '''encrypted''' system, the kernel parameters will contain at least:
  
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the root parameter, in this case, gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
+
root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd cryptdevice=/dev/sda2:cryptroot
  
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add the options to your first boot entry:
+
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
  
Shell> bcfg boot -opt 0 fs1:\options.txt
+
For a '''regular''' system, the kernel parameters will contain at least:
  
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing the boot line. Change the intird to the fallback image.
+
root=/dev/sda2 ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd
  
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
+
{{Note|
 +
* In either case, if using btrfs, and you want to boot from a specific subvolume, add {{ic|1=rootfstype=btrfs rootflags=subvol=/@}}, where {{ic|@}} is the subvolume you will mount as {{ic|/}}.
 +
* If you have an Intel or AMD CPU, enable [[microcode]] updates by adding an {{ic|/intel-ucode.img}} or {{ic|/amd-ucode.img}}, respectively to {{ic|1=initrd=}} with a comma separating the two images. It ''must'' be the first initrd entry on the line. For example: {{ic|1=initrd=/intel-ucode.img,/initramfs-linux.img}}.}}
  
 
== Reboot ==
 
== Reboot ==
  
 
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].
 
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].

Latest revision as of 00:57, 22 August 2019

Warning: This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official Installation Guide.

A guide for installing a minimal booting system. It gives several options along the way, depending on your system.

  • For UEFI, EFISTUB is used to boot the kernel directly.
  • For systems needing BIOS, syslinux is used.
  • Gives options for encrypting the system if desired.
  • Gives notes on using btrfs subvolumes if desired.

You may need additional packages for video drivers, etc.

Pre-installation

Download the Arch ISO and GnuPG signature.

Verify signature

If you have GnuPG installed on your current system, verify the download:

$ gpg --keyserver-options auto-key-retrieve --verify archlinux-version-dual.iso.sig

Create bootable disk

Create a bootable USB drive by doing the following on an existing Linux installation:

# dd bs=4M if=/path/to/archlinux-version-x86_64.iso of=/dev/sdx status=progress && sync

where /dev/sdx is the USB drive.

Boot the live environment

Now boot from the USB drive.

Set the keyboard layout

If using a keymap other than US, temporarily set the keyboard layout by doing:

# loadkeys de-latin1

Change de-latin1 to a layout found in /usr/share/kbd/keymaps/**/*.map.gz

Verify the boot mode

Verify that you have booted with UEFI mode by checking that /sys/firmware/efi/efivars exists. If you're not booted in the UEFI, you should setup your motherboard to do so to follow this installation guide. If you are not able to use UEFI, this guide has an option to boot from BIOS using syslinux.

Connect to the internet

If you have a wired connection, it should connect automatically.

If you have a wireless connection, first stop the wired connection to prevent conflicts:

# systemctl stop dhcpcd@interface.service

A list of interfaces can be found with:

# ip link

Then connect to a wifi network with wpa_supplicant:

# wpa_supplicant -B -i interface -C/run/wpa_supplicant
# wpa_cli -i interface
> scan
> scan_results
> add_network
> set_network 0 ssid "SSID"
> set_network 0 psk "passphrase"
> enable_network 0
> quit

Get an ip address with dhcpcd:

# dhcpcd

For both wired and wireless connections, check your connection with:

# ping archlinux.org

Update the system clock

# timedatectl set-ntp true

Partition the disk

Warning: All data on your disk will be erased. Backup any data you wish to keep.
Note: This guide assumes your disk is at /dev/sda. Change if needed.

Use lsblk to identify existing file systems.

Here is the layout this guide is using. Modify to your needs.

Example partition layout
Mount point Partition Partition type Suggested size
/mnt/boot /dev/sda1 550 MiB
/mnt
  • /dev/sda2 for regular or
  • /dev/mapper/cryptroot for encrypted
Linux x86-64 root (/) Remainder of the device

Use GPT fdisk to format the disk:

# gdisk /dev/sda
  1. Create a new empty GUID partition table by typing o at the prompt.
  2. Create a new partition by typing n at the prompt. Hit Enter when prompted for the partition number, keeping the default of 1. Hit Enter again for the first section, keeping the default. For the last sector, type in +550M and hit Enter.
    • For an EFI system, type in EF00 to indicate it is an EFI system partition for the partition type. Otherwise, use the default.
  3. Now create at least one more partition for the installation. To create just one more partition to fill the rest of the disk, type n at the prompt and use the defaults for the partition number, first sector, last sector, and hex code.
    • If setting up a BIOS system with syslinux, enter expert mode by entering x. Then enter a and then 1 to set an attribute for partition 1. Then enter 2 to set it as a legacy BIOS partition and then Enter to exit the set attribute menu.
  4. Finally, write the table to the disk and exit by entering w at the prompt.
Tip: Here are one-liners for the above layout.

For EFI:

# sgdisk /dev/sda -o -n 1::+550M -n 2 -t 2:EF00

For BIOS:

# sgdisk /dev/sda -o -n 1::+550M -n 2 -A 1:set:2

Create LUKS container

If encrypting your system with dm-crypt/LUKS, do:

# cryptsetup lukFormat --type luks2 /dev/sda2
# cryptsetup open /dev/sda2 cryptroot

Othwerwise, skip this step.

Format the partitions

Format your ESP as FAT32:

# mkfs.fat -F32 /dev/sda1

Replace ext4 with the file system you are using in all of the following.

To format the LUKS container on an encrypted system do:

# mkfs.ext4 /dev/mapper/cryptroot

To format a regular (not encrypted) system, do:

# mkfs.ext4 /dev/sda2

Mount the file systems

For the encrypted setup mount the LUKS container:

# mount /dev/mapper/cryptroot /mnt

For the regular setup mount the root partition:

# mount /dev/sda2 /mnt

In both cases make a mount point for the boot partition and mount it:

# mkdir -p /mnt/boot
# mount /dev/sda1 /mnt/boot
Tip: If using btrfs, create any subvolumes you wish to use as mount points now. Then unmount /mnt and remount your subvolumes to the appropriate mount points. For example, for the encrypted setup:
# mount /dev/mapper/cryptroot /mnt
# btrfs subvolume create /mnt/@
# btrfs subvolume create /mnt/@home
# umount /mnt
# mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
# mkdir -p /mnt/home
# mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
# mkdir -p /mnt/boot
# mount /dev/sda1 /mnt/boot

Installation

Select the mirrors

If you desire, edit /etc/pacman.d/mirrorlist to select which mirrors have priority. Higher in the file means higher priority. This file will be copied to the new installation.

Install the base packages

Instead of installing base, we're only installing a select group of minimal packages needed. Almost all of the base group is installed with these packages through dependencies, and this eliminates a few packages that will not be needed (like netctl and various filesystem userspaces):

# pacstrap /mnt linux pacman systemd btrfs-progs vim licenses man-db man-pages texinfo inetutils iproute2 iputils diffutils file gettext pciutils procps-ng psmisc sed tar usbutils which

Append additional packages you wish to install to the line. You will have the opportunity to install more packages in the chroot environment and when you boot into the new system.

If you have an AMD or Intel processor, you will want to go ahead and install the amd-ucode or intel-ucode packages, respectively to enable microcode updates later in the guide.

Note: sed is required for generating locales. See FS#62150.

Configure the system

Fstab

Generate the fstab for your new installation:

# genfstab -U /mnt > /mnt/etc/fstab

Chroot

chroot into the new installation:

# arch-chroot /mnt

Time zone

Set the time zone:

# ln -sf /usr/share/zoneinfo/Region/City /etc/localtime

Set the hardware clock from the system clock:

# hwclock --systohc

Localization

Uncomment needed locales in /etc/locale.gen (e.g., en_US.UTF-8). Then run:

# locale-gen

Set the LANG environment variable the locale:

/etc/locale.conf
LANG=en_US.UTF-8

If you are not using a US keymap, make they keyboard layout permanent:

/etc/vconsole.conf
KEYMAP=de-latin1

Network configuration

Hostname

Set the hostname:

/etc/hostname
hostname
/etc/hosts
127.0.0.1	localhost
::1		localhost
127.0.1.1	hostname.localdomain	hostname

Configuration

systemd-networkd will be used to connect to the internet after installation is complete.

Create a minimal systemd-networkd configuration file. Here interface is the wireless interface or the wired interface if not using wireless.

/etc/systemd/network/config.network
[Match]
Name=interface

[Network]
DHCP=yes

Enable the systemd-networkd.service unit.

DNS resolution

To use systemd-resolved for DNS resolution, create a symlink as follows:

# ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Enable the systemd-resolved.service unit.

Wireless

If using a wireless interface, install the iwd package now:

# pacman -S iwd

Additionally enable the iwd.service for wireless on boot.

Note: To prevent a known race condition that causes wireless device renaming problems, create a drop-in file with the following:
/etc/systemd/system/iwd.service.d/override.conf
[Unit]
After=systemd-udevd.service systemd-networkd.service

Initramfs

If using an encrypted system, add the encrypt hook to your mkinitcpio configuration as shown below.

Add the keymap hook if you are not using the default US keymap.

If using btrfs, you can remove the fsck hook.

/etc/mkinitcpio.conf
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck keymap encrypt)
Tip: Move keyboard in front of autodetect if using an external USB keyboard that was not connected when the image is created.

Regenerate initramfs:

# mkinitcpio -p linux

Root password

Set the root password:

# passwd
Tip: You can skip this step if you are giving your normal user super user privileges via sudo.

Add normal user

Install the sudo package:

# pacman -S sudo

Add a normal user, add it to the wheel group, and set the password:

# useradd -m -G wheel user
# passwd user

Open the sudoers file and uncomment the wheel group, giving that user access to sudo:

# EDITOR=vim visudo

Swap file

If using btrfs, first create a subvolume for the swap file to reside on. Then, create an empty swap file and set it to not use COW:

# btrfs subvolume create /.swap
# truncate -s 0 /.swap/swapfile
# chattr +C /.swap/swapfile

If not using btrfs, simply create a directory:

# mkdir /.swap

In all cases do:

# dd if=/dev/zero of=/.swap/swapfile bs=1M count=2048
# chmod 600 /.swap/swapfile
# mkswap /.swap/swapfile

Update fstab with a line for the swap file:

/etc/fstab
/.swap/swapfile none swap defaults 0 0
Warning: If using btrfs instead of ext4, do not use a swap file for kernels before v5.0, since it may cause file system corruption. Instead, use a swap partition (not covered here).

Boot loader

Two options are provided here. If you have a UEFI motherboard, use #EFISTUB. Otherwise, use the BIOS setup with #syslinux. In either case, you will need your #kernel parameters.

EFISTUB

In the UEFI setup we are not using a boot loader. Instead we are booting the kernel directly via EFISTUB. Previously you should have created a EFI system partition of the size 550MiB and marked it with the partition type EF00.

Exit the chroot and reboot the system. From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:

Shell> map

Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is 1.

Now create two UEFI entries using bcfg.

Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"

Create a file with your #Kernel parameters as a single line:

Shell> edit fs1:\options.txt
Note: Create at least one additional space before the first character of your boot line in your options files. Otherwise, the first character gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.

Press F2 to save and F3 to quit. Now add that file as the options to your first boot entry:

Shell> bcfg boot -opt 0 fs1:\options.txt

Repeat the above process for your second, fallback entry, creating a text file named options-fallback.txt containing a single line with your kernel parameters, chaning the intird to the fallback image (i.e., /initramfs-linux-fallback.img).

Add it to the entry using bcfg boot -opt 1 fs:1\options-fallback.txt.

syslinux

In the BIOS setup we are using syslinux. Previously you should have created a boot partition that was marked with the attribute "legacy BIOS bootable".

Now, while still in the chroot install syslinux:

# pacman -S syslinux

Create the following configuration file:

/boot/syslinux/syslinux.cfg
DEFAULT arch

LABEL arch
  MENU LABEL Arch Linux
  LINUX ../vmlinuz-linux
  APPEND kernel-parameters

LABEL archfallback
  MENU LABEL Arch Linux
  LINUX ../vmlinuz-linux
  APPEND fallback-kernel-parameters

where kernel-parameters is from #kernel parameters. fallback-kernel-parameters is exactly the same except with initrd pointing to the fallback initramfs (i.e., /initramfs-linux-fallback.img).

Exit the chroot and unmount all of the partitions:

# umount -R /mnt

Then install the bootloader:

# syslinux --directory syslinux /dev/sda1

And install the MBR:

# dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/gptmbr.bin of=/dev/sda

Kernel parameters

No matter what boot loader you use, you need to pass some kernel parameters to it as indicated in the above sections.

For an encrypted system, the kernel parameters will contain at least:

root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd cryptdevice=/dev/sda2:cryptroot
Tip: Add :allow-discards after cryptroot to allow trimming if using an SSD. Then enable the fstrim.timer to trim the device weekly.

For a regular system, the kernel parameters will contain at least:

root=/dev/sda2 ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd
Note:
  • In either case, if using btrfs, and you want to boot from a specific subvolume, add rootfstype=btrfs rootflags=subvol=/@, where @ is the subvolume you will mount as /.
  • If you have an Intel or AMD CPU, enable microcode updates by adding an /intel-ucode.img or /amd-ucode.img, respectively to initrd= with a comma separating the two images. It must be the first initrd entry on the line. For example: initrd=/intel-ucode.img,/initramfs-linux.img.

Reboot

When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See User:Rdeckard/Post-installation.