angristan / Arch Linux Install
Labels
Projects that are alternatives of or similar to Arch Linux Install
Arch Linux installation guide
Introduction
These are my notes on installing Arch Linux. This is not meant to be a universal guide, but only how I like to setup Arch Linux on my workstations. Since other people might find it useful, I decided to publish it.
Here is the setup I use:
- UEFI
- systemd-boot
- LVM on LUKS, plain
/boot
- NetworkManager
- Xorg
- KDE / Plasma
- SDDM
This is mostly based on the installation guide. I kept what I needed and added other parts. I made sure to put the links to all the wiki pages that I used. (❤️ Arch Wiki)
Download the ISO
First, download the ISO here https://www.archlinux.org/download/ and burn to a drive or insert it to your VM, and boot on it.
Inital setup
If using a French keyboard:
loadkeys fr
Check if system is under UEFI:
ls /sys/firmware/efi/efivars
Connect to wifi if needed
wifi-menu
Enable NTP and set timezone
timedatectl set-ntp true
timedatectl set-timezone Europe/Paris
Disk management
- https://wiki.archlinux.org/index.php/Partitioning
- https://wiki.archlinux.org/index.php/EFI_system_partition
I will describe below 4 ways of using your disk:
- Classic, unencrypted partitions
- LVM
- LUKS + crypttab for the swap
- LVM on LUKS
Most people use the 4th one these days.
cfdisk
is my favorite partitioning ncurses tool.
For each method, you can launch the tool with:
cfdisk /dev/sda
Replace sda
with your drive. Choose GPT if asked. Create the partitions and label them. Then write and quit.
The tutorial will assume /dev/sda
is your drive for the rest of the tutorial
Method 1 - "Classic" (unencrypted)
Partitions
Partition | Space | Type |
---|---|---|
/dev/sda1 | 512M | EFI System |
/dev/sda2 | xG | Linux Filesystem |
/dev/sda3 | xG | Linux swap |
File systems
/
partition:
mkfs.ext4 /dev/sda2
mount /dev/sda2 /mnt
/boot
partition:
mkfs.fat -F32 /dev/sda1
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
swap
:
mkswap /dev/sda3
swapon /dev/sda3
Method 2 - LVM (unecrypted)
Partitions
Partition | Space | Type |
---|---|---|
/dev/sda1 | 512M | EFI System |
/dev/sda2 | xG | Linux Filesystem |
LVM
Create the physical volume:
pvcreate /dev/sda2
Then the volume group:
vgcreate vg0 /dev/sda2
Then the logical volumes:
lvcreate -L xG vg0 -n swap
lvcreate -l 100%FREE vg0 -n root
File systems
/
partition:
mkfs.ext4 /dev/vg0/root
mount /dev/vg0/root /mnt
/boot
partition:
mkfs.fat -F32 /dev/sda1
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
swap
:
mkswap /dev/vg0/swap
swapon /dev/vg0/swap
Method 3 - LUKS + crypttab
Partitions
Partition | Space | Type |
---|---|---|
/dev/sda1 | 512M | EFI System |
/dev/sda2 | xG | Linux Filesystem |
/dev/sda3 | xG | swap |
LUKS
Prepare the encrypted container:
cryptsetup luksFormat --type luks2 --cipher aes-xts-plain64 --key-size 512 /dev/sda2
cryptsetup open /dev/sda2 cryptroot
File systems
/
:
mkfs.ext4 /dev/mapper/cryptroot
mount /dev/mapper/cryptroot /mnt
/boot
:
mkfs.fat -F32 /dev/sda1
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
Encrypted swap
This setup will use crypttab
to initalize a swap parition on /dev/sda2
, encrypted with a key from /dev/urandom
, upon each boot.
Thus, when the machine is shutdown, the key is lost and the content of the swap partition can't be read.
As usual, we want to use UUID since they are safer to use than their /dev
mappings. Also, the partition will be wiped upon each reboot so it's very important to make sure the same partition is always used.
Since it will be wiped, we can't use a UUID or a label to identify it. Except if we create a tiny, empty file system with a label and then define an offset in crypttab
.
After pacstraping the system and entering arch-root
:
mkfs.ext2 -L cryptswap /dev/sda3 1M
/etc/crypttab
:
swap LABEL=cryptswap /dev/urandom swap,offset=2048,cipher=aes-xts-plain64,size=512
/etc/fstab
:
/dev/mapper/swap none swap defaults 0 0
Method 4 - LVM on LUKS
Partitions
Partition | Space | Type |
---|---|---|
/dev/sda1 | 512M | EFI System |
/dev/sda2 | xG | Linux Filesystem |
LUKS
cryptsetup luksFormat --type luks2 --cipher aes-xts-plain64 --key-size 512 /dev/sda2
cryptsetup open /dev/sda2 cryptlvm
LVM
Create the physical volume:
pvcreate /dev/mapper/cryptlvm
Then the volume group:
vgcreate vg0 /dev/mapper/cryptlvm
Then the logical volumes:
lvcreate -L xG vg0 -n swap
lvcreate -l 100%FREE vg0 -n root
File systems
/
partition:
mkfs.ext4 /dev/vg0/root
mount /dev/vg0/root /mnt
/boot
partition:
mkfs.fat -F32 /dev/sda1
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
swap
:
mkswap /dev/vg0/swap
swapon /dev/vg0/swap
Install system
Install the base packages:
pacstrap /mnt base base-devel linux linux-firmware
System setup
Generate partition table:
genfstab -U /mnt > /mnt/etc/fstab
Enter the chroot:
arch-chroot /mnt
Set timezone and sync clock:
ln -sf /usr/share/zoneinfo/Europe/Paris /etc/localtime
hwclock --systohc
See https://wiki.archlinux.org/index.php/Locale
Uncomment en_US.UTF-8 UTF-8
(and fr_FR.UTF-8 UTF-8
if needed) in /etc/locale.gen
.
Generate locales:
locale-gen
Set default locale:
echo "LANG=en_US.UTF-8
LC_COLLATE=C" > /etc/locale.conf
Set keymap to French (if needed):
echo "KEYMAP=fr-latin9" > /etc/vconsole.conf
Set hostname:
echo "arch" > /etc/hostname
Set hosts file:
echo "127.0.0.1 localhost
::1 localhost
127.0.1.1 arch.localdomain arch" >> /etc/hosts
Set root password:
passwd
Initial ramdisk
- https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#Configuring_mkinitcpio
- https://wiki.archlinux.org/index.php/Mkinitcpio
The HOOKS
line might need to be updated in /etc/mkinitcpio.conf
depending on the disk method you used:
- Method 1: nothing to change
- Method 2:
base systemd udev autodetect modconf block sd-lvm2 filesystems keyboard fsck
- Method 3:
base systemd udev autodetect keyboard sd-vconsole modconf block sd-encrypt filesystems fsck
- Method 4:
base systemd udev autodetect keyboard sd-vconsole modconf block sd-encrypt sd-lvm2 filesystems fsck
Generate the ramdisks using the presets:
mkinitcpio -P
Bootloader: systemd-boot
Since we're using /boot/
, no need to use --path
option.
bootctl install
/boot/loader/entries/arch.conf
:
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options ...
The options
line depends on the disk method you used.
- Method 1:
options root=UUID=$(blkid -s UUID -o value /dev/sda2) rw
- Method 2:
options root=/dev/vg0/root rw
- Method 3:
options rd.luks.name=$(blkid -s UUID -o value /dev/sda3)=cryptroot root=/dev/mapper/cryptroot rw
- Method 4:
options rd.luks.name=$(blkid -s UUID -o value /dev/sda3)=cryptlvm root=/dev/vg0/root rw
Intel Microcode
pacman -S intel-ucode
Add initrd /intel-ucode.img
above initrd /initramfs-linux.img
in /boot/loader/entries/arch.conf
.
Check after reboot:
dmesg -T | grep microcode
Use amd-ucode
for an AMD CPU.
Networking: NetworkManager
pacman -S networkmanager
systemctl enable NetworkManager
systemctl start NetworkManager
If wired with DHCP, nothing more to do.
Reboot! (if you want)
As this point, the system should be working and usable, you can reboot. You can also stay in the chroot.
exit
umount -R /mnt
# cryptsetup close {cryptroot,crptlvm}
reboot
User account
To enable sudo access, uncomment this line in /etc/sudoers
:
%wheel ALL=(ALL) ALL
The sudo
group does not exit by default so we'll use wheel
.
Add user:
useradd -m -g wheel -c 'Stanislas' -s /bin/bash stanislas
passwd stanislas
Xorg
pacman -S xorg-server
pacman -S xf86-video-intel
Desktop environment: Plasma and KDE
pacman -S plasma
pacman -S kde-applications
Display manager: SDDM
pacman -S sddm
systemctl enable sddm
systemctl start sddm
By default, Arch uses the archlinux-simplyblack
theme, which is ugly. Let's setup breeze
(the original default):
mkdir /etc/sddm.conf.d/
echo "[Theme]
Current=breeze" > /etc/sddm.conf.d/theme.conf
If you're not using QWERTY, set the keymap for SDDM with:
localectl set-x11-keymap fr-latin9
Log back in.
Fonts
pacman -S ttf-{bitstream-vera,liberation,freefont,dejavu} freetype2
yay
yay
is my current AUR helper.
git clone https://aur.archlinux.org/yay.git
cd yay
makepkg -si
yay -S yay
VMware
As I trained in a VMware Fusion VM, here are some notes.
Install xf86-video-vmware
instead of xf86-video-intel
. xf86-input-vmmouse
too.
To install the VMware tools:
pacman -S openvpn-vm-tools
systemctl enable vmtoolsd
systemctl start vmtoolsd
Now what?
See https://wiki.archlinux.org/index.php/General_recommendations