geosharma · November 30, 2021 12:14
diff --git a/new_file0 b/new_file0
 # Notes on Arch Linux installation
 ### Key features:
 BIOS, GPT, encryption, btrfs, xfs. encrypted btrfs root, unencrypted xfs `/home`

 This was created to document the procedures followed during the installation of Arch Linux. This is intended to act as a guide in the event a full installation is required in the future. This is primarily for my own use. I plan to document each step with code. If anyone finds this helpful, then please use it at your own risk, I assume no responsibility for any damage incurred from following these notes. I would recommend that you follow the [Arch Linux Installation Guide](https://wiki.archlinux.org/index.php/installation_guide) and the Arch Linux wikis, rather than these set of notes.

 ## Setup
 * Computer: HP DV6000
 * Hard disk: 230 SSD

 ## References:
 In addition to the Arch Linux Installation Guide, webpages and blogs listed below were very helpful:

 * [Fitzcarraldo's Blog](https://fitzcarraldoblog.wordpress.com/2017/02/10/partitioning-hard-disk-drives-for-bios-mbr-bios-gpt-and-uefi-gpt-in-linux/)
 * [Mathletic ](https://tincman.wordpress.com/2011/01/20/installing-arch-linux-onto-a-gpt-partitioned-btrfs-root-ssd-on-a-legacy-bios-system/)
 * [gutoandreollo](https://gist.github.com/gutoandreollo/e12455886149a6c85a70)
 * [bparmentier](https://github.com/bparmentier/www/blob/master/posts/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.md)
 * [stafwag blog](http://stafwag.github.io/blog/blog/2016/08/30/arch-on-an-encrypted-btrfs-partition/)
 * [BrainDump](https://mzanfardino.wordpress.com/2012/05/24/repairing-broken-arch-linux/)

 ## GPT partitioned SSD with BIOS
 Based on the references, the SSD was formatted as shown below. For no particular reason, I wanted the `/` partition on *btrfs* and `/home` on *XFS*, as I read is done in openSUSE.
 * BIOS boot: 1MiB, Code:EF02, Flags:bios_grub,
 * boot: 512 MB,    Code:8300, Flags:None
 * swap: 6 GB,      Code:8200, Flags:None
 * root: 66 GB,     Code:8300, Flags:None, Attribute: 2 (in expert mode)
 * home: rest,      Code:8300, Flags:None
 * 1.00 MiB at the end of the disk

 [Gparted](https://gparted.org/liveusb.php) live usb can be used for partitioning the harddisk. The instructions for creating a live usb can be found at their website. [tuxboot](http://tuxboot.org/download/) can be used to create the bootable usb. The squence of commands for partitioning in **gparted** commandline are presented below:

 ```
 sudo gdisk /dev/sda
 o, y
 n, 1, [enter], +1M, ef02
 n, 2, [enter], +512M, [enter]
 n, 3, [enter], +6G, 8200
 n, 4, [enter], +65G, [enter]
 n, 5, [enter], -1M, [enter]
 x, a, 4, 2, [enter]
 w, Y
 ```

 ## File systems
 * BIOS boot: unformatted, location: /dev/sda1
 * boot: File system: ext4,        Label: boot  location: /dev/sda2
 * swap: File system: linux-swap,  Label: swap  location: /dev/sda3
 * root: File system: btrfs,       Label: root  location: /dev/sda4
 * home: File system: xfs,         Label: home  location: /dev/sda5
 The sequence of commands to create the file systems were:

 ```
 sudo mkfs.ext4 -L "bios" /dev/sda2
 sudo mkswap -L "swap" /dev/sda3
 sudo mkfs.btrfs -L "root" /dev/sda4
 sudo mkfs.xfs -L "home" /dev/sda5
 ```
 These steps can be performed with the ARCH installation image, however using **gparted** gives the option of visualisation in the gui.

 ## Making Arch Live USB
 Download the image from the website and write the image using [USBWriter](https://sourceforge.net/projects/usbwriter/). It is one of the recommended writers. Boot with Arch live usb.

 ## Steps from Arch Linux Installation Guide
 Once again the **Installation Guide** is the correct document to follow.

 ### Internet connection
 If the device has no wired connection, to get the wireless working follow [Wireless network configuration](https://wiki.archlinux.org/index.php/Wireless_network_configuration). These were the sequence of commands for inspection and setting up the wireless connection. Use `ip link` to determine wireless interface. The wireless interface was `wlp2s0`. If using wireless then stop the *dhcpcd* daemon for wired connection.

 ```
 systemctl stop dhcpcd@ Tab
 lspci -k
 ip link
 ip link set wlp2s0 up
 iw dev wlp2s0 scan | less
 wpa_supplicant -i wlp2s0 -c < (wpa_passphrase "SSID" "key")
 ```
 *wlp2s0* was the wireless interface. If connection to wireless is successful use `Ctrl+c` to quit *wpa_supplicant* and add `-B` switch to run the command in background.

 ```
 wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
 iw dev wlp2s0 link
 dhcpcd wlp2s0
 ```
 ### Update system clock
 ```
 timedatectl set-ntp true
 timedatectl set-timezone America/Kentucky/Louisville
 timedatectl set-local-rtc true
 ```

 ### Disk partition
 Partition the disk as desired.

 ### Format partitions
 Format each of the partitions as desired.

 ### Prepare encrypted partition
 ```
 cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda4
 cryptsetup luksOpen /dev/sda4 cryptroot
 mkfs.btrfs /dev/mapper/cryptroot
 mount -o noatime,compress=lzo,discard,ssd,defaults /dev/mapper/cryptroot /mnt
 ```

 Create btrfs subvolumes

 ```
 cd /mnt
 btrfs subvolume create __active
 btrfs subvolume create __active/rootvol
 btrfs subvolume create __active/var
 btrfs subvolume create __snapshots
 ```

 System configuration

 ```
 cd
 umount /mnt
 mount -o subvol=__active/rootvol /dev/mapper/cryptroot /mnt
 mkdir /mnt/{home,var}
 mount -o inode64,nobarrier /dev/sda5 /mnt/home
 mount -o subvol=__active/var /dev/mapper/cryptroot /mnt/var
 mkdir /mnt/boot
 mount /dev/sda2 /mnt/boot
 sync
 ```
 ### Install System
 ```
 pacstrap /mnt base base-devel btrfs-progs
 ```
 ### Generate fstab
 ```
 genfstab -U -p /mnt >> /mnt/etc/fstab
 ```
 Chroot into the new System
 ```
 arch-chroot /mnt
 ```
 ### Set time zone
 ```
 ln -sf /usr/share/zoneinfo/America/Kentucky/Louisville /etc/localtime
 hwclock --systohc
 ```
 ### Locale
 Uncomment `en_US.UTF-8 UTF-8` in `/etc/locale.gen`
 ```
 locale-gen
 ```
 Set `LANG` variable in *locale.conf*
 ```
 nano /etc/locale.conf
 LANG=en_US.UTF-8
 ```
 ### Hostname
 Create the *hostname* file
 ```
 nano /etc/hostname
 myhostname
 ```
 Add a matching entry to *hosts*
 ```
 nano /etc/hosts
 127.0.0.1   localhost.localdomain   localhost
 ::1         localhost.localdomain   localhost
 127.0.1.1   myhostname.localdomain  myhostname
 ```
 ### Network configuration
 Install `iw` and `wpa_supplicant` for wireless configureation because these packages are not available after fresh install.

 ### Initramfs
 Modify to *mkinitcpio.conf* to include:
 * MODULES="aes_x86_64"
 * BINARIES="/user/bin/btrfsck"
 * HOOKS="...... encrypt filesystems ... btrfs"
 Add the *encrypt* hook before *filesytems* and *btrfs* at the end and remove the *fsck* hook
 ```
 nano /etc/mkinitcpio.conf
 HOOKS="base udev autodetect modconf block encrypt filesystems keyboard btrfs"
 ```
 Save the file and run
 ```
 mkinitcpio -p linux
 ```
 ### Password
 'root' password

 ```
 passwd
 ```
 ### Bootloader
 Install grub
 ```
 pacman -Syu grub
 grub-install --target=i386-pc /dev/sda2
 ```
 Create *grub.cfg*

 Add encrypted root partition to *GRUB_CMDLINE_LINUX=* in '/etc/default/grub'
 ```
 nano /etc/default/grub
 GRUB_CMDLINE_LINUX=""crytpdevice=/dev/sda4:cryptroot""
 ```
 Save the file and generate *grub.cfg*
 ```
 grub-mkconfig -o /boot/grub/grub.cfg
 ```
 Reboot

 ## Post installation
 Log in as `root` with the root password from above.

 ### Configure network
 Since I was using wireless network
 ```
 ip link set wlp2s0 up
 iw dev wlp2s0 scan | less
 wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
 dhcpcd wlp2s0
 ```
 ### Add user
 Add your username and password. If 'archie' is the desired username then:
 ```
 useradd -m -G wheel -s /bin/bash archie
 passwd archie
 ```

 ### Sudo
 Change the default editor from `visudo` to `nano`. Since the user was already added to the *wheel* group, `sudo` was configured to allow members of the *wheel* group sudo access.
 ```
 EDITOR=nano visudo
 ```
 Uncomment the line
 ```
 %wheel All=(ALL) ALL
 ```
 Logout and then login as *user* with *user password*. Test `sudo` with `pacman`

 ### Enable Multilib
 Allows users to run 32-bit applications on 64-bit installation of Arch Linux.

 Uncomment `[multilib]` section in `/etc/pacman.conf`
 ```
 [multilib]
 Include = /etc/pacman.d/mirrorlist
 ```
 ### Wayland
 ```
 sudo pacman -Syu weston
 sudo pacman -S xorg-server-xwayland
 ```
 ### Display manager
 Use GNOME display manager
 ```
 sudo pacman -S gdm
 sudo systemctl enable gdm.service
 ```
 ### Install GNOME DE
 ```
 sudo pacman -S gnome gnome-extra
 ```

 ### Mircocode update
 ```
 sudo pacman -S intel-ucode
 grub-mkconfig -o /boot/grub/grub.cfg
 ```

 ### Network using netctl
 Create a profile in `/etc/netctl` by copying and editing one of the examples in `/etc/netctl/examples/`. Also to obfuscate wireless passphrase use `wpa_passphrase` to compute the 256-bit PSK. An example from the [netctl](https://wiki.archlinux.org/index.php/Netctl) is given below. For example if the *essid* is *highway* and the *passphrase* is *alongandwindingroad*:
 ```
 wpa_passphrase highway alongandwindingroad
 ```
 The output will be as follows:
 ```
 network={
 	ssid="highway"
 	#psk="alongandwindingroad"
 	psk=b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
 }
 ```
 Edit one of the example files as shown below for the example given above and save with an appropriate file name `wireless-wpa_highway`
 ```
 Description='A simple WPA encrypted wireless connection using 256-bit PSK'
 Interface=wlp2s2
 Connection=wireless
 Security=wpa
 IP=dhcp
 ESSID='highway'
 Key=\"b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
 ```
 Test the created profile
 ```
 sudo netctl start wireless-wpa_highway
 ```
 If everything is working then enable the profile to start at boot.
 ```
 netctl enable wireless-wpa_highway
 ```
 If netctl keeps failing then one of the reasons could be that `dhcpcd.service` is enabled. Disalbe the `dhcpcd.service` as 'netctl' will handle *dhcp*
 ```
 sudo systemctl disable dhcpcd.service
 ```

 ### Others
 The Grub graphics was not very pleasant. Adjusted the framebuffer resolution in `/etc/default/grub`
 ```
 GRUB_GFXMODE=1280x800x32,auto
 GRUB_GFXPAYLOAD_LINUX=keep
 ```
 After saving the changes
 ```
 grub-mkconfig -o /boot/grub/grub.cfg
 ```
 Changed Grub theme to [arch-silence](https://aur.archlinux.org/packages/grub2-theme-archlinux/)

 ### Add and arrange the minimize, maximize and close button in Gnome
 ```
 gsettings set org.gnome.shell.overrides button-layout close,minimize,maximize
 ```
 ### Roaming wireless using netctl
 This needs verification.
 * install *wpa_actiond*
 ```
 # pacman -S wpa_actiond
 ```
 * Enable the *interface*
 ```
 sudo systemctl enable [email protected]
 ```
	# Notes on Arch Linux installation
	### Key features:
	BIOS, GPT, encryption, btrfs, xfs. encrypted btrfs root, unencrypted xfs `/home`

	This was created to document the procedures followed during the installation of Arch Linux. This is intended to act as a guide in the event a full installation is required in the future. This is primarily for my own use. I plan to document each step with code. If anyone finds this helpful, then please use it at your own risk, I assume no responsibility for any damage incurred from following these notes. I would recommend that you follow the [Arch Linux Installation Guide](https://wiki.archlinux.org/index.php/installation_guide) and the Arch Linux wikis, rather than these set of notes.

	## Setup
	* Computer: HP DV6000
	* Hard disk: 230 SSD

	## References:
	In addition to the Arch Linux Installation Guide, webpages and blogs listed below were very helpful:

	* [Fitzcarraldo's Blog](https://fitzcarraldoblog.wordpress.com/2017/02/10/partitioning-hard-disk-drives-for-bios-mbr-bios-gpt-and-uefi-gpt-in-linux/)
	* [Mathletic ](https://tincman.wordpress.com/2011/01/20/installing-arch-linux-onto-a-gpt-partitioned-btrfs-root-ssd-on-a-legacy-bios-system/)
	* [gutoandreollo](https://gist.github.com/gutoandreollo/e12455886149a6c85a70)
	* [bparmentier](https://github.com/bparmentier/www/blob/master/posts/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.md)
	* [stafwag blog](http://stafwag.github.io/blog/blog/2016/08/30/arch-on-an-encrypted-btrfs-partition/)
	* [BrainDump](https://mzanfardino.wordpress.com/2012/05/24/repairing-broken-arch-linux/)

	## GPT partitioned SSD with BIOS
	Based on the references, the SSD was formatted as shown below. For no particular reason, I wanted the `/` partition on btrfs and `/home` on XFS, as I read is done in openSUSE.
	* BIOS boot: 1MiB, Code:EF02, Flags:bios_grub,
	* boot: 512 MB, Code:8300, Flags:None
	* swap: 6 GB, Code:8200, Flags:None
	* root: 66 GB, Code:8300, Flags:None, Attribute: 2 (in expert mode)
	* home: rest, Code:8300, Flags:None
	* 1.00 MiB at the end of the disk

	[Gparted](https://gparted.org/liveusb.php) live usb can be used for partitioning the harddisk. The instructions for creating a live usb can be found at their website. [tuxboot](http://tuxboot.org/download/) can be used to create the bootable usb. The squence of commands for partitioning in gparted commandline are presented below:

	```
	sudo gdisk /dev/sda
	o, y
	n, 1, [enter], +1M, ef02
	n, 2, [enter], +512M, [enter]
	n, 3, [enter], +6G, 8200
	n, 4, [enter], +65G, [enter]
	n, 5, [enter], -1M, [enter]
	x, a, 4, 2, [enter]
	w, Y
	```

	## File systems
	* BIOS boot: unformatted, location: /dev/sda1
	* boot: File system: ext4, Label: boot location: /dev/sda2
	* swap: File system: linux-swap, Label: swap location: /dev/sda3
	* root: File system: btrfs, Label: root location: /dev/sda4
	* home: File system: xfs, Label: home location: /dev/sda5
	The sequence of commands to create the file systems were:

	```
	sudo mkfs.ext4 -L "bios" /dev/sda2
	sudo mkswap -L "swap" /dev/sda3
	sudo mkfs.btrfs -L "root" /dev/sda4
	sudo mkfs.xfs -L "home" /dev/sda5
	```
	These steps can be performed with the ARCH installation image, however using gparted gives the option of visualisation in the gui.

	## Making Arch Live USB
	Download the image from the website and write the image using [USBWriter](https://sourceforge.net/projects/usbwriter/). It is one of the recommended writers. Boot with Arch live usb.

	## Steps from Arch Linux Installation Guide
	Once again the Installation Guide is the correct document to follow.

	### Internet connection
	If the device has no wired connection, to get the wireless working follow [Wireless network configuration](https://wiki.archlinux.org/index.php/Wireless_network_configuration). These were the sequence of commands for inspection and setting up the wireless connection. Use `ip link` to determine wireless interface. The wireless interface was `wlp2s0`. If using wireless then stop the dhcpcd daemon for wired connection.

	```
	systemctl stop dhcpcd@ Tab
	lspci -k
	ip link
	ip link set wlp2s0 up
	iw dev wlp2s0 scan \| less
	wpa_supplicant -i wlp2s0 -c < (wpa_passphrase "SSID" "key")
	```
	wlp2s0 was the wireless interface. If connection to wireless is successful use `Ctrl+c` to quit wpa_supplicant and add `-B` switch to run the command in background.

	```
	wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
	iw dev wlp2s0 link
	dhcpcd wlp2s0
	```
	### Update system clock
	```
	timedatectl set-ntp true
	timedatectl set-timezone America/Kentucky/Louisville
	timedatectl set-local-rtc true
	```

	### Disk partition
	Partition the disk as desired.

	### Format partitions
	Format each of the partitions as desired.

	### Prepare encrypted partition
	```
	cryptsetup --cipher aes-xts-plain64 --hash sha512 --use-random --verify-passphrase luksFormat /dev/sda4
	cryptsetup luksOpen /dev/sda4 cryptroot
	mkfs.btrfs /dev/mapper/cryptroot
	mount -o noatime,compress=lzo,discard,ssd,defaults /dev/mapper/cryptroot /mnt
	```

	Create btrfs subvolumes

	```
	cd /mnt
	btrfs subvolume create __active
	btrfs subvolume create __active/rootvol
	btrfs subvolume create __active/var
	btrfs subvolume create __snapshots
	```

	System configuration

	```
	cd
	umount /mnt
	mount -o subvol=__active/rootvol /dev/mapper/cryptroot /mnt
	mkdir /mnt/{home,var}
	mount -o inode64,nobarrier /dev/sda5 /mnt/home
	mount -o subvol=__active/var /dev/mapper/cryptroot /mnt/var
	mkdir /mnt/boot
	mount /dev/sda2 /mnt/boot
	sync
	```
	### Install System
	```
	pacstrap /mnt base base-devel btrfs-progs
	```
	### Generate fstab
	```
	genfstab -U -p /mnt >> /mnt/etc/fstab
	```
	Chroot into the new System
	```
	arch-chroot /mnt
	```
	### Set time zone
	```
	ln -sf /usr/share/zoneinfo/America/Kentucky/Louisville /etc/localtime
	hwclock --systohc
	```
	### Locale
	Uncomment `en_US.UTF-8 UTF-8` in `/etc/locale.gen`
	```
	locale-gen
	```
	Set `LANG` variable in locale.conf
	```
	nano /etc/locale.conf
	LANG=en_US.UTF-8
	```
	### Hostname
	Create the hostname file
	```
	nano /etc/hostname
	myhostname
	```
	Add a matching entry to hosts
	```
	nano /etc/hosts
	127.0.0.1 localhost.localdomain localhost
	::1 localhost.localdomain localhost
	127.0.1.1 myhostname.localdomain myhostname
	```
	### Network configuration
	Install `iw` and `wpa_supplicant` for wireless configureation because these packages are not available after fresh install.

	### Initramfs
	Modify to mkinitcpio.conf to include:
	* MODULES="aes_x86_64"
	* BINARIES="/user/bin/btrfsck"
	* HOOKS="...... encrypt filesystems ... btrfs"
	Add the encrypt hook before filesytems and btrfs at the end and remove the fsck hook
	```
	nano /etc/mkinitcpio.conf
	HOOKS="base udev autodetect modconf block encrypt filesystems keyboard btrfs"
	```
	Save the file and run
	```
	mkinitcpio -p linux
	```
	### Password
	'root' password

	```
	passwd
	```
	### Bootloader
	Install grub
	```
	pacman -Syu grub
	grub-install --target=i386-pc /dev/sda2
	```
	Create grub.cfg

	Add encrypted root partition to GRUB_CMDLINE_LINUX= in '/etc/default/grub'
	```
	nano /etc/default/grub
	GRUB_CMDLINE_LINUX=""crytpdevice=/dev/sda4:cryptroot""
	```
	Save the file and generate grub.cfg
	```
	grub-mkconfig -o /boot/grub/grub.cfg
	```
	Reboot

	## Post installation
	Log in as `root` with the root password from above.

	### Configure network
	Since I was using wireless network
	```
	ip link set wlp2s0 up
	iw dev wlp2s0 scan \| less
	wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "SSID" "key")
	dhcpcd wlp2s0
	```
	### Add user
	Add your username and password. If 'archie' is the desired username then:
	```
	useradd -m -G wheel -s /bin/bash archie
	passwd archie
	```

	### Sudo
	Change the default editor from `visudo` to `nano`. Since the user was already added to the wheel group, `sudo` was configured to allow members of the wheel group sudo access.
	```
	EDITOR=nano visudo
	```
	Uncomment the line
	```
	%wheel All=(ALL) ALL
	```
	Logout and then login as user with user password. Test `sudo` with `pacman`

	### Enable Multilib
	Allows users to run 32-bit applications on 64-bit installation of Arch Linux.

	Uncomment `[multilib]` section in `/etc/pacman.conf`
	```
	[multilib]
	Include = /etc/pacman.d/mirrorlist
	```
	### Wayland
	```
	sudo pacman -Syu weston
	sudo pacman -S xorg-server-xwayland
	```
	### Display manager
	Use GNOME display manager
	```
	sudo pacman -S gdm
	sudo systemctl enable gdm.service
	```
	### Install GNOME DE
	```
	sudo pacman -S gnome gnome-extra
	```

	### Mircocode update
	```
	sudo pacman -S intel-ucode
	grub-mkconfig -o /boot/grub/grub.cfg
	```

	### Network using netctl
	Create a profile in `/etc/netctl` by copying and editing one of the examples in `/etc/netctl/examples/`. Also to obfuscate wireless passphrase use `wpa_passphrase` to compute the 256-bit PSK. An example from the [netctl](https://wiki.archlinux.org/index.php/Netctl) is given below. For example if the essid is highway and the passphrase is alongandwindingroad:
	```
	wpa_passphrase highway alongandwindingroad
	```
	The output will be as follows:
	```
	network={
	ssid="highway"
	#psk="alongandwindingroad"
	psk=b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
	}
	```
	Edit one of the example files as shown below for the example given above and save with an appropriate file name `wireless-wpa_highway`
	```
	Description='A simple WPA encrypted wireless connection using 256-bit PSK'
	Interface=wlp2s2
	Connection=wireless
	Security=wpa
	IP=dhcp
	ESSID='highway'
	Key=\"b2faeec84b34a37f95cc4b4e5696d73eccc1821f4ea4f209606850fb90c3d427
	```
	Test the created profile
	```
	sudo netctl start wireless-wpa_highway
	```
	If everything is working then enable the profile to start at boot.
	```
	netctl enable wireless-wpa_highway
	```
	If netctl keeps failing then one of the reasons could be that `dhcpcd.service` is enabled. Disalbe the `dhcpcd.service` as 'netctl' will handle dhcp
	```
	sudo systemctl disable dhcpcd.service
	```

	### Others
	The Grub graphics was not very pleasant. Adjusted the framebuffer resolution in `/etc/default/grub`
	```
	GRUB_GFXMODE=1280x800x32,auto
	GRUB_GFXPAYLOAD_LINUX=keep
	```
	After saving the changes
	```
	grub-mkconfig -o /boot/grub/grub.cfg
	```
	Changed Grub theme to [arch-silence](https://aur.archlinux.org/packages/grub2-theme-archlinux/)

	### Add and arrange the minimize, maximize and close button in Gnome
	```
	gsettings set org.gnome.shell.overrides button-layout close,minimize,maximize
	```
	### Roaming wireless using netctl
	This needs verification.
	* install wpa_actiond
	```
	# pacman -S wpa_actiond
	```
	* Enable the interface
	```
	sudo systemctl enable [email protected]
	```