Difference between revisions of "User:Rdeckard/Installation guide"

From ArchWiki
Jump to navigation Jump to search
(→‎Create fstab: cleanup)
(blanked page)
Tag: Blanking
Line 1: Line 1:
{{Warning|This is my personal guide for installing an Arch Linux system. Use it only as a guide as you follow along with the official [[Installation Guide]].}}
 
  
A guide for installing an encrypted system with just the basics. Uses UEFI to boot kernel directly via EFISTUB. Does not apply to BIOS systems or systems that dual-boot.
 
 
You may need additional packages for video drivers, etc.
 
 
== Preparation ==
 
 
[https://www.archlinux.org/download/ Download] the Arch ISO.
 
 
If you have [[GnuPG]] installed on your current system, verify the download:
 
 
$ gpg --keyserver-options auto-key-retrieve --verify archlinux-''version''-dual.iso.sig
 
 
Create a bootable USB drive by doing the following on an existing Linux installation:
 
 
# dd bs=4M if=''/path/to/''archlinux-''version''-dual.iso of=/dev/sd''x'' status=progress && sync
 
 
where {{ic|/dev/sd''x''}} is the USB drive. Now boot from the USB drive.
 
 
== Pre-installation ==
 
 
=== Set keyboard layout ===
 
 
If using a keymap other than US, set the keyboard layout by doing:
 
 
# loadkeys ''de-latin1''
 
 
Change {{ic|''de-latin1''}} to a layout found in {{ic|/usr/share/kbd/keymaps/**/*.map.gz}}
 
 
=== Connect to the internet ===
 
 
If you have a '''wired''' connection, it should connect automatically.
 
 
If you have a '''wireless''' connection, first stop the wired connection to prevent conflicts:
 
 
# systemctl stop dhcpcd@''interface''.service
 
 
A list of interfaces can be found with:
 
 
# ip link
 
 
Then connect to a wifi network with:
 
 
# wpa_supplicant -B -i ''interface'' -C/run/wpa_supplicant
 
# wpa_cli -i ''interface''
 
> scan
 
> scan_results
 
> add_network
 
> set_network 0 ssid "''SSID''"
 
> set_network 0 psk "''passphrase''"
 
> enable_network 0
 
> quit
 
 
Get an ip address:
 
 
# dhcpcd
 
 
For both '''wired''' and '''wireless''' connections, check your connection with:
 
 
# ping archlinux.org
 
 
=== Update system clock ===
 
 
# timedatectl set-ntp true
 
 
=== Partition the disk ===
 
 
# gdisk /dev/sda
 
 
Create a GUID partition table. The create an [[EFI system partition]] of size 550MiB and marked as partition type {{ic|EF00}}. Create at least one more partition for the system partition.
 
 
{{Note|This guide assumes your disk is at {{ic|/dev/sda}}. Change if needed.}}
 
 
=== Create filesystems and mount===
 
 
Format your ESP as FAT32:
 
 
# mkfs.fat -F32 /dev/sda1
 
 
Replace {{ic|''ext4''}} with the file system you are using in all of the following.
 
 
To create an '''encrypted''' system do:
 
 
# cryptsetup lukFormat /dev/sda2
 
# cryptsetup open /dev/sda2 cryptroot
 
# mkfs.''ext4'' /dev/mapper/cryptroot
 
# mount /dev/mapper/cryptroot /mnt
 
# mount /dev/sda1 /mnt/boot
 
 
To create a '''regular''' (not encrypted) system, do:
 
 
# mkfs.''ext4'' /dev/sda2
 
# mount /dev/sda2 /mnt
 
# mount /dev/sda1 /mnt/boot
 
 
{{Tip|If using [[btrfs]], create any subvolumes you wish to use as mount points now. Then unmount {{ic|/mnt}} and remount your subvolumes to the appropriate mount points. For example:
 
<nowiki># btrfs subvolume create /mnt/@
 
# btrfs subvolume create /mnt/@home
 
# umount /mnt/boot
 
# umount /mnt
 
# mount -o compress=zstd,subvol=@ /mnt
 
# mount -o compress=zstd,subvol=@home /mnt/home
 
# mount /dev/sda1 /mnt/boot</nowiki>
 
}}
 
 
== Installation ==
 
 
# pacstrap /mnt base sudo wpa_supplicant
 
 
{{Tip|
 
* Append any additional packages you desire to the end of this line, or install later while in the chroot environment.
 
* For a list of packages on the ISO that are not in {{grp|base}}, do:
 
<nowiki>$ comm -23 <(wget -q -O - https://git.archlinux.org/archiso.git/plain/configs/releng/packages.both) <(pacman -Qqg base | sort)</nowiki>
 
}}
 
 
{{Note|If using btrfs, {{pkg|btrfs-progs}} should be appended, since it is not in the base group.}}
 
 
== Configuration ==
 
 
=== Create fstab ===
 
 
# genfstab -U /mnt > /mnt/etc/fstab
 
 
=== Chroot ===
 
 
# arch-chroot /mnt
 
 
=== Locale ===
 
 
Uncomment needed locales in {{ic|/etc/locale.gen}} (e.g., {{ic|en_US.UTF-8}}). Then run:
 
 
# locale-gen
 
 
Set {{ic|LANG}}:
 
 
{{hc|1=/etc/locale.conf|2=LANG=en_US.UTF-8}}
 
 
If not using a US keymap, make they keyboard layout permanent:
 
 
{{hc|1=/etc/vconsole.conf|2=KEYMAP=''de-latin1''}}
 
 
=== Set the timezone ===
 
 
# ln -sf /usr/share/zoneinfo/''Region''/''City'' /etc/localtime
 
 
=== Set hardware clock from system clock ===
 
 
# hwclock --systohc
 
 
=== Set hostname ===
 
 
{{hc|/etc/hostname|''hostname''}}
 
 
{{hc|/etc/hosts|
 
127.0.0.1 localhost
 
::1 localhost
 
127.0.1.1 ''hostname''.localdomain ''hostname''}}
 
 
=== Set root password ===
 
 
# passwd
 
 
=== Add normal user ===
 
 
# useradd -m -G wheel ''user''
 
# passwd ''user''
 
 
Open the sudoers file and uncomment the {{ic|wheel}} group:
 
 
# visudo
 
 
=== Generate intramfs ===
 
 
Add the {{ic|keyboard}}, {{ic|keymap}}, and {{ic|encrypt}} hooks. You will need to make sure you have any additional needed hooks for your setup.
 
 
{{hc|1=/etc/mkinitcpio.conf|2=
 
HOOKS=(base udev autodetect modconf '''keyboard''' '''keymap''' block '''encrypt''' filesystems)}}
 
 
Omit {{ic|keymap}} if you are using the default US keymap.
 
 
Regenerate initramfs:
 
 
# mkinitcpio -p linux
 
 
=== Swap ===
 
 
Use either a [[swap]] file or swap partition. If using a swap partition, you should have created an additional partition earlier.
 
 
==== Swap file ====
 
 
# dd if=/dev/zero of=/swapfile bs=1M count=512
 
# chmod 600 /swapfile
 
# mkswap /swapfile
 
# swapon /swapfile
 
 
Update [[fstab]] with a line for the swap file:
 
 
{{hc|/etc/fstab|/swapfile none swap defaults 0 0}}
 
 
{{Warning|If using [[btrfs]] instead of ext4, do '''not''' use a swap file, since it may cause file system corruption. Instead, use a swap partition.}}
 
 
==== Swap partition ====
 
 
For an '''encrypted''' system edit the following file:
 
 
{{hc|/etc/crypttab|
 
swap /dev/disk/by-partuuid/''PARTUUID'' /dev/urandom swap}}
 
 
where {{ic|''PARTUUID''}} is the partition UUID of your swap partition.
 
 
{{Warning|All data on the device listed above will be destroyed on every boot. Ensure you get it right.}}
 
 
Additionally, append to your fstab:
 
 
{{hc|1=/etc/fstab|2=
 
/dev/mapper/swap none swap defaults 0 0}}
 
 
See [[Dm-crypt/Swap encryption]].
 
 
For a '''regular''' system:
 
 
{{hc|1=/etc/fstab|2=
 
/dev/sda3 none swap defaults 0 0}}
 
 
== Exit chroot and reboot ==
 
 
# exit
 
# reboot
 
 
== Configure UEFI ==
 
 
In this setup we are not using a boot loader. Instead we are booting the kernel directly.
 
 
From your Arch Linux live disk, boot into the UEFI Shell v2. Then do:
 
 
Shell> map
 
 
Note the disk number for the hard drive where you are installing Arch Linux. This guide assumes it is {{ic|1}}.
 
 
Now create two UEFI entries:
 
 
Shell> bcfg boot add 0 fs1:\vmlinuz-linux "Arch Linux"
 
Shell> bcfg boot add 1 fs1:\vmlinuz-linux "Arch Linux (Fallback)"
 
 
Create a file with your boot parameters for the normal boot:
 
 
Shell> edit fs1:\options.txt
 
 
For an '''encrypted''' system, this file will contain at least:
 
 
root=/dev/mapper/cryptroot ro initrd=/initramfs-linux.img cryptdevice=/dev/sda2:cryptroot
 
 
{{Tip|Add {{ic|:allow-discards}} after {{ic|cryptroot}} to allow trimming if using an SSD. Then [[enable]] the {{ic|fstrim.timer}} to trim the device weekly.}}
 
 
For a '''regular''' system, this file will contain at least:
 
 
root=/dev/sda2 ro initrd=/initramfs-linux.img
 
 
{{Note|Create at least one additional space before the first character of your boot line in your options files. Otherwise, the root parameter, in this case, gets squashed by a byte order mark and will not be passed to the initramfs, resulting in an error when booting. Additionally, your options file should be one line, and one line only.}}
 
 
Press {{ic|F2}} to save and {{ic|F3}} to quit. Now add the options to your first boot entry:
 
 
Shell> bcfg boot -opt 0 fs1:\options.txt
 
 
Repeat the above process for your second, fallback entry, creating a text file named {{ic|options-fallback.txt}} containing the boot line. Change the intird to the fallback image.
 
 
Add it to the entry using {{ic|bcfg boot -opt 1 fs:1\options-fallback.txt}}.
 
 
== Reboot ==
 
 
When you reboot you should be prompted for your LUKS password if you decided to encrypt the system. See [[User:Rdeckard/Post-installation]].
 

Revision as of 21:43, 21 March 2019