Difference between revisions of "User:Rdeckard/Installation guide"

From ArchWiki
Jump to navigation Jump to search
(expand pre-installation)
 
(104 intermediate revisions by the same user not shown)
Line 1: Line 1:
 
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
 
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
  
A guide for installing an encrypted system with just the basics. Uses UEFI to boot kernel directly via EFISTUB. Does not apply to BIOS systems or systems that dual-boot.
+
A guide for installing a minimal booting system. It gives several options along the way, depending on your system.
 +
 
 +
* For [[UEFI]], [[EFISTUB]] is used to boot the kernel directly.
 +
* For systems needing BIOS, [[syslinux]] is used.
 +
* Gives options for encrypting the system if desired.
 +
* Gives notes on using [[btrfs]] subvolumes if desired.
  
 
You may need additional packages for video drivers, etc.
 
You may need additional packages for video drivers, etc.
Line 15: Line 20:
 
  $ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
 
  $ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
  
=== Create bootable disk ===
+
==== Create bootable disk ====
  
 
Create a bootable USB drive by doing the following on an existing Linux installation:
 
Create a bootable USB drive by doing the following on an existing Linux installation:
Line 29: Line 34:
 
=== Set the keyboard layout ===
 
=== Set the keyboard layout ===
  
If using a keymap other than US, set the keyboard layout by doing:
+
If using a keymap other than US, [[Linux console/Keyboard configuration#Loadkeys|temporarily set the keyboard layout]] by doing:
  
 
  # loadkeys ''de-latin1''
 
  # loadkeys ''de-latin1''
Line 37: Line 42:
 
=== Verify the boot mode ===
 
=== Verify the boot mode ===
  
Verify that you have booted with UEFI mode by checking that {{ic|/sys/firmware/efi/efivars}} exists. If you're not booted in the UEFI, you should setup your motherboard to do so to follow this installation guide.
+
Verify that you have booted with UEFI mode by checking that {{ic|/sys/firmware/efi/efivars}} exists. If you're not booted in the UEFI, you should setup your motherboard to do so to follow this installation guide. If you are not able to use UEFI, this guide has an option to boot from BIOS using syslinux.
  
 
=== Connect to the internet ===
 
=== Connect to the internet ===
Line 47: Line 52:
 
  # systemctl stop dhcpcd@''interface''.service
 
  # systemctl stop dhcpcd@''interface''.service
  
A list of interfaces can be found with:
+
[[Network configuration#Listing network interfaces|A list of interfaces]] can be found with:
  
 
  # ip link
 
  # ip link
  
Then connect to a wifi network with:
+
Then connect to a wifi network with [[wpa_supplicant]]:
  
 
  # wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
 
  # wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
Line 63: Line 68:
 
  > quit
 
  > quit
  
Get an ip address:
+
Get an ip address with [[dhcpcd]]:
  
 
  # dhcpcd
 
  # dhcpcd
Line 77: Line 82:
 
=== Partition the disk ===
 
=== Partition the disk ===
  
Use [[GPT fdisk]] to format the disk:
+
{{Warning|All data on your disk will be erased. Backup any data you wish to keep.}}
  
# gdisk /dev/sda
+
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
  
Create a GUID partition table. Then create an [[EFI system partition]] of size 550MiB and marked as partition type {{ic|EF00}}. Create at least one more partition for the system partition.
+
Use {{ic|lsblk}} to [[File systems#Identify existing file systems|identify existing file systems]].
 
 
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
 
  
 
Here is the layout this guide is using. Modify to your needs.
 
Here is the layout this guide is using. Modify to your needs.
  
 
{| class="wikitable"
 
{| class="wikitable"
 +
!colspan="5" | Example partition layout
 +
|-
 
! Mount point
 
! Mount point
 
! Partition
 
! Partition
! [[Wikipedia:GUID Partition Table#Partition type GUIDs|Partition type GUID]]
+
! Partition type  
! [[Wikipedia:GUID Partition Table#Partition entries (LBA 2–33)|Partition attributes]]
 
 
! Suggested size
 
! Suggested size
 
|-
 
|-
| {{ic|/boot}}
+
| {{ic|/mnt/boot}}
 
| {{ic|/dev/sda1}}
 
| {{ic|/dev/sda1}}
| {{ic|C12A7328-F81F-11D2-BA4B-00A0C93EC93B}}: [[EFI system partition]]
 
 
|
 
|
 +
* [[EFI system partition]] for '''UEFI''' ''or''
 +
* boot partition for '''BIOS'''
 
| 550 MiB
 
| 550 MiB
 
|-
 
|-
| {{ic|/}}
+
| {{ic|/mnt}}
| {{ic|/dev/sda2}}
 
| {{ic|4F68BCE3-E8CD-4DB1-96E7-FBCAF984B709}}: Linux x86-64 root (/)
 
 
|
 
|
 +
* {{ic|/dev/sda2}} for '''regular''' ''or''
 +
* {{ic|/dev/mapper/cryptroot}} for '''encrypted'''
 +
| Linux x86-64 root (/)
 
| Remainder of the device
 
| Remainder of the device
 
|}
 
|}
  
=== Create LUKS container ===
+
Use [[GPT fdisk]] to format the disk:
 +
 
 +
# gdisk /dev/sda
 +
 
 +
# Create a new empty GUID partition table by typing {{ic|o}} at the prompt.
 +
# Create a new partition by typing {{ic|n}} at the prompt. Hit {{ic|Enter}} when prompted for the partition number, keeping the default of {{ic|1}}. Hit {{ic|Enter}} again for the first section, keeping the default. For the last sector, type in {{ic|+550M}} and hit {{ic|Enter}}.
 +
#* For an '''EFI''' system, type in {{ic|EF00}} to indicate it is an [[EFI system partition]] for the partition type. Otherwise, use the default.
 +
# Now create at least one more partition for the installation. To create just one more partition to fill the rest of the disk, type {{ic|n}} at the prompt and use the defaults for the partition number, first sector, last sector, and hex code.
 +
#* If setting up a '''BIOS''' system with [[syslinux]], enter expert mode by entering {{ic|x}}. Then enter {{ic|a}} and then {{ic|1}} to set an attribute for partition 1. Then enter {{ic|2}} to set it as a legacy BIOS partition and then {{ic|Enter}} to exit the set attribute menu.
 +
# Finally, write the table to the disk and exit by entering {{ic|w}} at the prompt.
 +
 
 +
{{Tip|Here are one-liners for the above layout.
 +
 
 +
For '''EFI''':
 +
 
 +
# sgdisk /dev/sda -o -n 1::+550M -n 2 -t 2:EF00
 +
 
 +
For '''BIOS''':
 +
 
 +
# sgdisk /dev/sda -o -n 1::+550M -n 2 -A 1:set:2
 +
}}
 +
 
 +
==== Create LUKS container ====
  
If encrypting your system, do:
+
If encrypting your system with [[dm-crypt]]/LUKS, do:
  
  # cryptsetup lukFormat /dev/sda2
+
  # cryptsetup lukFormat --type luks2 /dev/sda2
 
  # cryptsetup open /dev/sda2 cryptroot
 
  # cryptsetup open /dev/sda2 cryptroot
  
Line 118: Line 146:
 
=== Format the partitions ===
 
=== Format the partitions ===
  
Format your ESP as FAT32:
+
[[Format]] your ESP as FAT32:
  
 
  # mkfs.fat -F32 /dev/sda1
 
  # mkfs.fat -F32 /dev/sda1
Line 134: Line 162:
 
=== Mount the file systems ===
 
=== Mount the file systems ===
  
 +
For the '''encrypted''' setup [[mount]] the LUKS container:
 +
# mount /dev/mapper/cryptroot /mnt
 +
 +
For the '''regular''' setup [[mount]] the root partition:
 
  # mount /dev/sda2 /mnt
 
  # mount /dev/sda2 /mnt
 +
 +
In both cases make a mount point for the boot partition and mount it:
 +
# mkdir -p /mnt/boot
 
  # mount /dev/sda1 /mnt/boot
 
  # mount /dev/sda1 /mnt/boot
  
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example:
+
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example, for the '''encrypted''' setup:
  <nowiki># btrfs subvolume create /mnt/@
+
  <nowiki># mount /dev/mapper/cryptroot /mnt
 +
# btrfs subvolume create /mnt/@
 
# btrfs subvolume create /mnt/@home
 
# btrfs subvolume create /mnt/@home
# umount /mnt/boot
 
 
# umount /mnt
 
# umount /mnt
# mount -o compress=zstd,subvol=@ /mnt
+
# mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
# mount -o compress=zstd,subvol=@home /mnt/home
+
# mkdir -p /mnt/home
 +
# mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
 +
# mkdir -p /mnt/boot
 
# mount /dev/sda1 /mnt/boot</nowiki>
 
# mount /dev/sda1 /mnt/boot</nowiki>
 
}}
 
}}
Line 149: Line 186:
 
== Installation ==
 
== Installation ==
  
# pacstrap /mnt base sudo iwd
+
=== Select the mirrors ===
 +
 
 +
If you desire, edit {{ic|/etc/pacman.d/mirrorlist}} to select which [[mirrors]] have priority. Higher in the file means higher priority. This file will be copied to the new installation.
 +
 
 +
=== Install the base packages ===
  
{{Tip|
+
Instead of installing {{grp|base}}, we're only installing a select group of minimal packages needed. Almost all of the base group is installed with these packages through dependencies, and this eliminates a few packages that will not be needed (like netctl and various filesystem userspaces):
* Append any additional packages you desire to the end of this line, or install later while in the chroot environment.
+
 
* For a list of packages on the ISO that are not in {{grp|base}}, do:
+
# pacstrap /mnt linux pacman systemd btrfs-progs vim licenses man-db man-pages texinfo inetutils iproute2 iputils diffutils file gettext pciutils procps-ng psmisc sed tar usbutils which
<nowiki>$ comm -23 <(wget -q -O - https://git.archlinux.org/archiso.git/plain/configs/releng/packages.both) <(pacman -Qqg base | sort)</nowiki>
+
 
}}
+
* {{pkg|linux}}, {{pkg|pacman}}, and {{pkg|systemd}} are the minimal packages needed to boot the system and pull in most dependencies that you will need.
 +
* {{pkg|btrfs-progs}} is needed only if you are using [[btrfs]]. If using another [[Filesystem#Types of file systems|file system]], install the required user-space utilities instead.
 +
* {{pkg|vim}} is a [[text editor]] for editing configuration files. Replace with your favorite editor.
 +
* {{pkg|licenses}} installs licenses used in the packages you install.
 +
* {{pkg|man-db}}, {{pkg|man-pages}}, and {{pkg|texinfo}} install [[manpage]]s and [[info manual]].
 +
* {{pkg|inetutils}} {{pkg|iproute2}} {{pkg|iputils}} contain network utilities like {{man|8|ip}} and {{man|8|ping}}.
 +
* The remaining packages are helpful utilities that are not pulled in by other packages in the list and highly recommended.
 +
 
 +
Append additional packages you wish to install to the line. You will have the opportunity to install more packages in the chroot environment and when you boot into the new system.
 +
 
 +
If you have an AMD or Intel processor, you will want to go ahead and install the {{pkg|amd-ucode}} or {{pkg|intel-ucode}} packages, respectively to enable [[microcode]] updates later in the guide.
 +
 
 +
{{Note|''sed'' is required for generating locales. See {{Bug|62150}}.}}
  
{{Note|If using btrfs, {{pkg|btrfs-progs}} should be appended, since it is not in the base group.}}
+
== Configure the system ==
  
== Configuration ==
+
=== Fstab ===
  
=== Create fstab ===
+
Generate the [[fstab]] for your new installation:
  
 
  # genfstab -U /mnt > /mnt/etc/fstab
 
  # genfstab -U /mnt > /mnt/etc/fstab
  
 
=== Chroot ===
 
=== Chroot ===
 +
 +
[[chroot]] into the new installation:
  
 
  # arch-chroot /mnt
 
  # arch-chroot /mnt
  
=== Locale ===
+
=== Time zone ===
 +
 
 +
Set the [[System time#Time zone|time zone]]:
 +
 
 +
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
 +
 
 +
[[System time#Set hardware clock from system clock|Set the hardware clock from the system clock]]:
 +
 
 +
# hwclock --systohc
  
Uncomment needed locales in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
+
=== Localization ===
 +
 
 +
Uncomment needed [[locale]]s in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
  
 
  # locale-gen
 
  # locale-gen
  
Set {{ic|LANG}}:
+
Set the {{ic|LANG}} environment variable the locale:
  
 
{{hc|1=/etc/locale.conf|2=LANG=en_US.UTF-8}}
 
{{hc|1=/etc/locale.conf|2=LANG=en_US.UTF-8}}
  
If not using a US keymap, make they keyboard layout permanent:
+
If you are not using a US keymap, make they keyboard layout permanent:
  
 
{{hc|1=/etc/vconsole.conf|2=KEYMAP=''de-latin1''}}
 
{{hc|1=/etc/vconsole.conf|2=KEYMAP=''de-latin1''}}
  
=== Set the timezone ===
+
=== Network configuration ===
  
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
+
==== Hostname ====
 
 
=== Set hardware clock from system clock ===
 
 
 
# hwclock --systohc
 
  
=== Set hostname ===
+
Set the [[hostname]]:
  
 
{{hc|/etc/hostname|''hostname''}}
 
{{hc|/etc/hostname|''hostname''}}
Line 200: Line 261:
 
127.0.1.1 ''hostname''.localdomain ''hostname''}}
 
127.0.1.1 ''hostname''.localdomain ''hostname''}}
  
=== Set root password ===
+
==== Configuration ====
  
  # passwd
+
[[systemd-networkd]] will be used to connect to the internet after installation is complete.
 +
 
 +
Create a minimal systemd-networkd configuration file. Here {{ic|''interface''}} is the wireless interface or the wired interface if not using wireless.
 +
 
 +
{{hc|1=/etc/systemd/network/config.network|2=
 +
[Match]
 +
Name=''interface''
 +
 
 +
[Network]
 +
DHCP=yes}}
 +
 
 +
[[Enable]] the {{ic|systemd-networkd.service}} unit.
 +
 
 +
==== DNS resolution ====
 +
 
 +
To use [[systemd-resolved]] for DNS resolution, create a symlink as follows:
 +
 
 +
  # ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf
 +
 
 +
[[Enable]] the {{ic|systemd-resolved.service}} unit.
 +
 
 +
==== Wireless ====
 +
 
 +
If using a wireless interface, [[install]] the {{pkg|iwd}} package now:
 +
 
 +
# pacman -S iwd
  
=== Add normal user ===
+
Additionally [[enable]] the {{ic|iwd.service}} for wireless on boot.
  
# useradd -m -G wheel ''user''
+
{{Note|To prevent a known race condition that causes wireless device renaming problems, create a [[drop-in file]] with the following:
# passwd ''user''
+
{{hc|1=/etc/systemd/system/iwd.service.d/override.conf|2=
 +
[Unit]
 +
After=systemd-udevd.service systemd-networkd.service
 +
}}}}
  
Open the sudoers file and uncomment the {{ic|wheel}} group:
+
=== Initramfs ===
  
# visudo
+
If using an '''encrypted''' system, add the {{ic|encrypt}} hook to your [[mkinitcpio]] configuration as shown below.
  
=== Generate intramfs ===
+
Add the {{ic|keymap}} hook if you are not using the default US keymap.
  
Add the {{ic|keyboard}}, {{ic|keymap}}, and {{ic|encrypt}} hooks. You will need to make sure you have any additional needed hooks for your setup.
+
If using btrfs, you can remove the {{ic|fsck}} hook.
  
 
{{hc|1=/etc/mkinitcpio.conf|2=
 
{{hc|1=/etc/mkinitcpio.conf|2=
HOOKS=(base udev autodetect modconf '''keyboard''' '''keymap''' block '''encrypt''' filesystems)}}
+
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck '''keymap''' '''encrypt''')}}
  
Omit {{ic|keymap}} if you are using the default US keymap.
+
{{Tip|Move {{ic|keyboard}} in front of {{ic|autodetect}} if using an external USB keyboard that was not connected when the image is created.}}
  
 
Regenerate initramfs:
 
Regenerate initramfs:
Line 226: Line 315:
 
  # mkinitcpio -p linux
 
  # mkinitcpio -p linux
  
=== Swap ===
+
=== Root password ===
 +
 
 +
Set the root password:
  
Use either a [[swap]] file or swap partition. If using a swap partition, you should have created an additional partition earlier.
+
# passwd
  
==== Swap file ====
+
{{Tip|You can skip this step if you are giving your normal user super user privileges via sudo.}}
  
If using btrfs, first do:
+
=== Add normal user ===
 +
 
 +
[[Install]] the {{pkg|sudo}} package:
 +
 
 +
# pacman -S sudo
 +
 
 +
Add a normal user, add it to the {{ic|wheel}} group, and set the password:
 +
 
 +
# useradd -m -G wheel ''user''
 +
# passwd ''user''
 +
 
 +
Open the sudoers file and uncomment the {{ic|wheel}} group, giving that user access to sudo:
 +
 
 +
# EDITOR=vim visudo
 +
 
 +
=== Swap file ===
 +
 
 +
If using btrfs, first create a subvolume for the [[swap file]] to reside on. Then, create an empty swap file and set it to not use COW:
  
 
  # btrfs subvolume create /.swap
 
  # btrfs subvolume create /.swap
 
  # truncate -s 0 /.swap/swapfile
 
  # truncate -s 0 /.swap/swapfile
 +
# chattr +C /.swap/swapfile
  
Otherwise do:
+
If not using btrfs, simply create a directory:
  
 
  # mkdir /.swap
 
  # mkdir /.swap
Line 243: Line 352:
 
In all cases do:
 
In all cases do:
  
  # dd if=/dev/zero of=/swapfile bs=1M count=2048
+
  # dd if=/dev/zero of=/.swap/swapfile bs=1M count=2048
  # chmod 600 /swapfile
+
  # chmod 600 /.swap/swapfile
  # mkswap /swapfile
+
  # mkswap /.swap/swapfile
# swapon /swapfile
 
  
 
Update [[fstab]] with a line for the swap file:
 
Update [[fstab]] with a line for the swap file:
  
{{hc|/etc/fstab|/swapfile none swap defaults 0 0}}
+
{{hc|/etc/fstab|/.swap/swapfile none swap defaults 0 0}}
 +
 
 +
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file for kernels before v5.0, since it may cause file system corruption. Instead, use a swap partition (not covered here).}}
 +
 
 +
=== Boot loader ===
 +
 
 +
Two options are provided here. If you have a UEFI motherboard, use [[#EFISTUB]]. Otherwise, use the BIOS setup with [[#syslinux]]. In either case, you will need your [[#kernel parameters]].
 +
 
 +
==== EFISTUB ====
 +
 
 +
In the UEFI setup we are not using a boot loader. Instead we are booting the kernel directly via [[EFISTUB]]. Previously you should have created a EFI system partition of the size 550MiB and marked it with the partition type {{ic|EF00}}.
 +
 
 +
Exit the chroot and reboot the system. From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
 +
 
 +
Shell> map
  
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file for kernels before v5.0, since it may cause file system corruption. Instead, use a swap partition.}}
+
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
  
==== Swap partition ====
+
Now create two UEFI entries using [[bcfg]].
  
For an '''encrypted''' system edit the following file:
+
Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
 +
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
  
{{hc|/etc/crypttab|
+
Create a file with your [[#Kernel parameters]] as a single line:
swap /dev/disk/by-partuuid/''PARTUUID'' /dev/urandom swap}}
 
  
where {{ic|''PARTUUID''}} is the partition UUID of your swap partition.  
+
Shell> edit fs1:\options.txt
  
{{Warning|All data on the device listed above will be destroyed on every boot. Ensure you get it right.}}
+
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the first character gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
  
Additionally, append to your fstab:
+
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add that file as the options to your first boot entry:
  
{{hc|1=/etc/fstab|2=
+
Shell> bcfg boot -opt 0 fs1:\options.txt
/dev/mapper/swap none swap defaults 0 0}}
 
  
See [[Dm-crypt/Swap encryption]].
+
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing a single line with your kernel parameters, chaning the intird to the fallback image (i.e., {{ic|/initramfs-linux-fallback.img}}).
  
For a '''regular''' system:
+
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
  
{{hc|1=/etc/fstab|2=
+
==== syslinux ====
/dev/sda3 none swap defaults 0 0}}
 
  
== Exit chroot and reboot ==
+
In the BIOS setup we are using [[syslinux]]. Previously you should have created a boot partition that was marked with the attribute "legacy BIOS bootable".
  
# exit
+
Now, while still in the chroot install {{pkg|syslinux}}:
# reboot
 
  
== Configure UEFI ==
+
# pacman -S syslinux
  
In this setup we are not using a boot loader. Instead we are booting the kernel directly.
+
Create the following configuration file:
  
From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
+
{{hc|/boot/syslinux/syslinux.cfg|
 +
DEFAULT arch
  
Shell> map
+
LABEL arch
 +
  MENU LABEL Arch Linux
 +
  LINUX ../vmlinuz-linux
 +
  APPEND ''kernel-parameters''
 +
 
 +
LABEL archfallback
 +
  MENU LABEL Arch Linux
 +
  LINUX ../vmlinuz-linux
 +
  APPEND ''fallback-kernel-parameters''
 +
}}
  
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
+
where {{ic|''kernel-parameters''}} is from [[#kernel parameters]]. {{ic|''fallback-kernel-parameters''}} is exactly the same except with {{ic|initrd}} pointing to the fallback initramfs (i.e., {{ic|/initramfs-linux-fallback.img}}).
  
Now create two UEFI entries:
+
Exit the chroot and unmount all of the partitions:
  
  Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
+
  # umount -R /mnt
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
 
  
Create a file with your boot parameters for the normal boot:
+
Then install the bootloader:
  
  Shell> edit fs1:\options.txt
+
  # syslinux --directory syslinux /dev/sda1
  
For an '''encrypted''' system, this file will contain at least:
+
And install the [[MBR]]:
  
  root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img cryptdevice=/dev/sda2:cryptroot
+
  # dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/gptmbr.bin of=/dev/sda
  
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
+
==== Kernel parameters ====
  
For a '''regular''' system, this file will contain at least:
+
No matter what boot loader you use, you need to pass some [[kernel parameters]] to it as indicated in the above sections.
  
root=/dev/sda2 ro initrd=/initramfs-linux.img
+
For an '''encrypted''' system, the kernel parameters will contain at least:
  
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the root parameter, in this case, gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
+
root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd cryptdevice=/dev/sda2:cryptroot
  
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add the options to your first boot entry:
+
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
  
Shell> bcfg boot -opt 0 fs1:\options.txt
+
For a '''regular''' system, the kernel parameters will contain at least:
  
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing the boot line. Change the intird to the fallback image.
+
root=/dev/sda2 ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd
  
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
+
{{Note|
 +
* In either case, if using btrfs, and you want to boot from a specific subvolume, add {{ic|1=rootfstype=btrfs rootflags=subvol=/@}}, where {{ic|@}} is the subvolume you will mount as {{ic|/}}.
 +
* If you have an Intel or AMD CPU, enable [[microcode]] updates by adding an {{ic|/intel-ucode.img}} or {{ic|/amd-ucode.img}}, respectively to {{ic|1=initrd=}} with a comma separating the two images. It ''must'' be the first initrd entry on the line. For example: {{ic|1=initrd=/intel-ucode.img,/initramfs-linux.img}}.}}
  
 
== Reboot ==
 
== Reboot ==
  
 
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].
 
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].

Latest revision as of 00:57, 22 August 2019

Warning: This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official Installation Guide.

A guide for installing a minimal booting system. It gives several options along the way, depending on your system.

  • For UEFI, EFISTUB is used to boot the kernel directly.
  • For systems needing BIOS, syslinux is used.
  • Gives options for encrypting the system if desired.
  • Gives notes on using btrfs subvolumes if desired.

You may need additional packages for video drivers, etc.

Pre-installation

Download the Arch ISO and GnuPG signature.

Verify signature

If you have GnuPG installed on your current system, verify the download:

$ gpg --keyserver-options auto-key-retrieve --verify archlinux-version-dual.iso.sig

Create bootable disk

Create a bootable USB drive by doing the following on an existing Linux installation:

# dd bs=4M if=/path/to/archlinux-version-x86_64.iso of=/dev/sdx status=progress && sync

where /dev/sdx is the USB drive.

Boot the live environment

Now boot from the USB drive.

Set the keyboard layout

If using a keymap other than US, temporarily set the keyboard layout by doing:

# loadkeys de-latin1

Change de-latin1 to a layout found in /usr/share/kbd/keymaps/**/*.map.gz

Verify the boot mode

Verify that you have booted with UEFI mode by checking that /sys/firmware/efi/efivars exists. If you're not booted in the UEFI, you should setup your motherboard to do so to follow this installation guide. If you are not able to use UEFI, this guide has an option to boot from BIOS using syslinux.

Connect to the internet

If you have a wired connection, it should connect automatically.

If you have a wireless connection, first stop the wired connection to prevent conflicts:

# systemctl stop dhcpcd@interface.service

A list of interfaces can be found with:

# ip link

Then connect to a wifi network with wpa_supplicant:

# wpa_supplicant -B -i interface -C/run/wpa_supplicant
# wpa_cli -i interface
> scan
> scan_results
> add_network
> set_network 0 ssid "SSID"
> set_network 0 psk "passphrase"
> enable_network 0
> quit

Get an ip address with dhcpcd:

# dhcpcd

For both wired and wireless connections, check your connection with:

# ping archlinux.org

Update the system clock

# timedatectl set-ntp true

Partition the disk

Warning: All data on your disk will be erased. Backup any data you wish to keep.
Note: This guide assumes your disk is at /dev/sda. Change if needed.

Use lsblk to identify existing file systems.

Here is the layout this guide is using. Modify to your needs.

Example partition layout
Mount point Partition Partition type Suggested size
/mnt/boot /dev/sda1 550 MiB
/mnt
  • /dev/sda2 for regular or
  • /dev/mapper/cryptroot for encrypted
Linux x86-64 root (/) Remainder of the device

Use GPT fdisk to format the disk:

# gdisk /dev/sda
  1. Create a new empty GUID partition table by typing o at the prompt.
  2. Create a new partition by typing n at the prompt. Hit Enter when prompted for the partition number, keeping the default of 1. Hit Enter again for the first section, keeping the default. For the last sector, type in +550M and hit Enter.
    • For an EFI system, type in EF00 to indicate it is an EFI system partition for the partition type. Otherwise, use the default.
  3. Now create at least one more partition for the installation. To create just one more partition to fill the rest of the disk, type n at the prompt and use the defaults for the partition number, first sector, last sector, and hex code.
    • If setting up a BIOS system with syslinux, enter expert mode by entering x. Then enter a and then 1 to set an attribute for partition 1. Then enter 2 to set it as a legacy BIOS partition and then Enter to exit the set attribute menu.
  4. Finally, write the table to the disk and exit by entering w at the prompt.
Tip: Here are one-liners for the above layout.

For EFI:

# sgdisk /dev/sda -o -n 1::+550M -n 2 -t 2:EF00

For BIOS:

# sgdisk /dev/sda -o -n 1::+550M -n 2 -A 1:set:2

Create LUKS container

If encrypting your system with dm-crypt/LUKS, do:

# cryptsetup lukFormat --type luks2 /dev/sda2
# cryptsetup open /dev/sda2 cryptroot

Othwerwise, skip this step.

Format the partitions

Format your ESP as FAT32:

# mkfs.fat -F32 /dev/sda1

Replace ext4 with the file system you are using in all of the following.

To format the LUKS container on an encrypted system do:

# mkfs.ext4 /dev/mapper/cryptroot

To format a regular (not encrypted) system, do:

# mkfs.ext4 /dev/sda2

Mount the file systems

For the encrypted setup mount the LUKS container:

# mount /dev/mapper/cryptroot /mnt

For the regular setup mount the root partition:

# mount /dev/sda2 /mnt

In both cases make a mount point for the boot partition and mount it:

# mkdir -p /mnt/boot
# mount /dev/sda1 /mnt/boot
Tip: If using btrfs, create any subvolumes you wish to use as mount points now. Then unmount /mnt and remount your subvolumes to the appropriate mount points. For example, for the encrypted setup:
# mount /dev/mapper/cryptroot /mnt
# btrfs subvolume create /mnt/@
# btrfs subvolume create /mnt/@home
# umount /mnt
# mount -o compress=zstd,subvol=@ /dev/mapper/cryptroot /mnt
# mkdir -p /mnt/home
# mount -o compress=zstd,subvol=@home /dev/mapper/cryptroot /mnt/home
# mkdir -p /mnt/boot
# mount /dev/sda1 /mnt/boot

Installation

Select the mirrors

If you desire, edit /etc/pacman.d/mirrorlist to select which mirrors have priority. Higher in the file means higher priority. This file will be copied to the new installation.

Install the base packages

Instead of installing base, we're only installing a select group of minimal packages needed. Almost all of the base group is installed with these packages through dependencies, and this eliminates a few packages that will not be needed (like netctl and various filesystem userspaces):

# pacstrap /mnt linux pacman systemd btrfs-progs vim licenses man-db man-pages texinfo inetutils iproute2 iputils diffutils file gettext pciutils procps-ng psmisc sed tar usbutils which

Append additional packages you wish to install to the line. You will have the opportunity to install more packages in the chroot environment and when you boot into the new system.

If you have an AMD or Intel processor, you will want to go ahead and install the amd-ucode or intel-ucode packages, respectively to enable microcode updates later in the guide.

Note: sed is required for generating locales. See FS#62150.

Configure the system

Fstab

Generate the fstab for your new installation:

# genfstab -U /mnt > /mnt/etc/fstab

Chroot

chroot into the new installation:

# arch-chroot /mnt

Time zone

Set the time zone:

# ln -sf /usr/share/zoneinfo/Region/City /etc/localtime

Set the hardware clock from the system clock:

# hwclock --systohc

Localization

Uncomment needed locales in /etc/locale.gen (e.g., en_US.UTF-8). Then run:

# locale-gen

Set the LANG environment variable the locale:

/etc/locale.conf
LANG=en_US.UTF-8

If you are not using a US keymap, make they keyboard layout permanent:

/etc/vconsole.conf
KEYMAP=de-latin1

Network configuration

Hostname

Set the hostname:

/etc/hostname
hostname
/etc/hosts
127.0.0.1	localhost
::1		localhost
127.0.1.1	hostname.localdomain	hostname

Configuration

systemd-networkd will be used to connect to the internet after installation is complete.

Create a minimal systemd-networkd configuration file. Here interface is the wireless interface or the wired interface if not using wireless.

/etc/systemd/network/config.network
[Match]
Name=interface

[Network]
DHCP=yes

Enable the systemd-networkd.service unit.

DNS resolution

To use systemd-resolved for DNS resolution, create a symlink as follows:

# ln -s /run/systemd/resolve/stub-resolv.conf /etc/resolv.conf

Enable the systemd-resolved.service unit.

Wireless

If using a wireless interface, install the iwd package now:

# pacman -S iwd

Additionally enable the iwd.service for wireless on boot.

Note: To prevent a known race condition that causes wireless device renaming problems, create a drop-in file with the following:
/etc/systemd/system/iwd.service.d/override.conf
[Unit]
After=systemd-udevd.service systemd-networkd.service

Initramfs

If using an encrypted system, add the encrypt hook to your mkinitcpio configuration as shown below.

Add the keymap hook if you are not using the default US keymap.

If using btrfs, you can remove the fsck hook.

/etc/mkinitcpio.conf
HOOKS=(base udev autodetect modconf block filesystems keyboard fsck keymap encrypt)
Tip: Move keyboard in front of autodetect if using an external USB keyboard that was not connected when the image is created.

Regenerate initramfs:

# mkinitcpio -p linux

Root password

Set the root password:

# passwd
Tip: You can skip this step if you are giving your normal user super user privileges via sudo.

Add normal user

Install the sudo package:

# pacman -S sudo

Add a normal user, add it to the wheel group, and set the password:

# useradd -m -G wheel user
# passwd user

Open the sudoers file and uncomment the wheel group, giving that user access to sudo:

# EDITOR=vim visudo

Swap file

If using btrfs, first create a subvolume for the swap file to reside on. Then, create an empty swap file and set it to not use COW:

# btrfs subvolume create /.swap
# truncate -s 0 /.swap/swapfile
# chattr +C /.swap/swapfile

If not using btrfs, simply create a directory:

# mkdir /.swap

In all cases do:

# dd if=/dev/zero of=/.swap/swapfile bs=1M count=2048
# chmod 600 /.swap/swapfile
# mkswap /.swap/swapfile

Update fstab with a line for the swap file:

/etc/fstab
/.swap/swapfile none swap defaults 0 0
Warning: If using btrfs instead of ext4, do not use a swap file for kernels before v5.0, since it may cause file system corruption. Instead, use a swap partition (not covered here).

Boot loader

Two options are provided here. If you have a UEFI motherboard, use #EFISTUB. Otherwise, use the BIOS setup with #syslinux. In either case, you will need your #kernel parameters.

EFISTUB

In the UEFI setup we are not using a boot loader. Instead we are booting the kernel directly via EFISTUB. Previously you should have created a EFI system partition of the size 550MiB and marked it with the partition type EF00.

Exit the chroot and reboot the system. From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:

Shell> map

Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is 1.

Now create two UEFI entries using bcfg.

Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"

Create a file with your #Kernel parameters as a single line:

Shell> edit fs1:\options.txt
Note: Create at least one additional space before the first character of your boot line in your options files. Otherwise, the first character gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.

Press F2 to save and F3 to quit. Now add that file as the options to your first boot entry:

Shell> bcfg boot -opt 0 fs1:\options.txt

Repeat the above process for your second, fallback entry, creating a text file named options-fallback.txt containing a single line with your kernel parameters, chaning the intird to the fallback image (i.e., /initramfs-linux-fallback.img).

Add it to the entry using bcfg boot -opt 1 fs:1\options-fallback.txt.

syslinux

In the BIOS setup we are using syslinux. Previously you should have created a boot partition that was marked with the attribute "legacy BIOS bootable".

Now, while still in the chroot install syslinux:

# pacman -S syslinux

Create the following configuration file:

/boot/syslinux/syslinux.cfg
DEFAULT arch

LABEL arch
  MENU LABEL Arch Linux
  LINUX ../vmlinuz-linux
  APPEND kernel-parameters

LABEL archfallback
  MENU LABEL Arch Linux
  LINUX ../vmlinuz-linux
  APPEND fallback-kernel-parameters

where kernel-parameters is from #kernel parameters. fallback-kernel-parameters is exactly the same except with initrd pointing to the fallback initramfs (i.e., /initramfs-linux-fallback.img).

Exit the chroot and unmount all of the partitions:

# umount -R /mnt

Then install the bootloader:

# syslinux --directory syslinux /dev/sda1

And install the MBR:

# dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/gptmbr.bin of=/dev/sda

Kernel parameters

No matter what boot loader you use, you need to pass some kernel parameters to it as indicated in the above sections.

For an encrypted system, the kernel parameters will contain at least:

root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd cryptdevice=/dev/sda2:cryptroot
Tip: Add :allow-discards after cryptroot to allow trimming if using an SSD. Then enable the fstrim.timer to trim the device weekly.

For a regular system, the kernel parameters will contain at least:

root=/dev/sda2 ro initrd=/initramfs-linux.img init=/usr/lib/systemd/systemd
Note:
  • In either case, if using btrfs, and you want to boot from a specific subvolume, add rootfstype=btrfs rootflags=subvol=/@, where @ is the subvolume you will mount as /.
  • If you have an Intel or AMD CPU, enable microcode updates by adding an /intel-ucode.img or /amd-ucode.img, respectively to initrd= with a comma separating the two images. It must be the first initrd entry on the line. For example: initrd=/intel-ucode.img,/initramfs-linux.img.

Reboot

When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See User:Rdeckard/Post-installation.