Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Arch Linux Installation
- *LVM on LUKS Arch installation with systemd-boot*
- ## USB
- Download Arch Linux
- Find out the name of your USB drive with lsblk. Make sure that it is not mounted.
- To mount the Arch ISO run the following command, replacing /dev/sdx with your drive, e.g. /dev/sdb. (do not append a partition number, so do not use something like /dev/sdb1):
- ```shell
- dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress && sync
- ```
- ## Preparation
- Boot from USB disk
- Change default font:
- ```shell
- setfont sun12x22
- ```
- Check if running in UEFI mode:
- ```shell
- ls /sys/firmware/efi
- ```
- If there is any content in this folder then you are in UEFI mode.
- Check that there is a connection:
- ```shell
- ping archlinux.org
- ```
- Update the system clock:
- ```shell
- timedatectl set-ntp true
- ```
- Lastly to enable mirrors, edit `/etc/pacman.d/mirrorlist` and locate your geographic region. Uncomment mirrors you would like to use.
- ### Partitioning
- Get the name of the disk to format/partition:
- ```shell
- lsblk
- ```
- The name should be something like `/dev/sda`
- First shred the disk using the shred tool:
- ```shell
- shred -v -n1 /dev/sdX
- ```
- Now partition the disk using `gdisk`:
- ```shell
- gdisk /dev/sda
- ```
- Partition 1 should be an EFI boot partition (code: ef00) of 512MB. Partition 2 should be a Linux LVM partition (8e00). The 2nd partition can take up the full disk or only a part of it. Remember to write the partition table changes to the disk on configuration completion.
- Once partitioned you can format the boot partition (the LVM partition needs to be encrypted before it gets formatted)
- ```shell
- mkfs.fat -F32 /dev/sda1
- ```
- ### Encryption
- First modprobe for `dm-crypt`
- ```shell
- modprobe dm-crypt
- ```
- Now, encrypt the disk:
- ```shell
- cryptsetup luksFormat /dev/sda2
- ```
- Open the disk with the password set above:
- ```shell
- cryptsetup open --type luks /dev/sda2 lvm
- ```
- Check the lvm disk exists:
- ```shell
- ls /dev/mapper/lvm
- ```
- Create a physical volume:
- ```shell
- pvcreate /dev/mapper/lvm
- ```
- Create a volume group:
- ```shell
- vgcreate volume /dev/mapper/lvm
- ```
- Create logical partitions:
- ```shell
- lvcreate -L20G volume -n swap
- lvcreate -L40G volume -n root
- lvcreate -l 100%FREE volume -n home
- ```
- Format file system on logical partitions:
- ```shell
- mkfs.ext4 /dev/mapper/volume-root
- mkfs.ext4 /dev/mapper/volume-home
- mkswap /dev/mapper/volume-swap
- ```
- Mount the volumes and file systems:
- ```shell
- mount /dev/mapper/volume-root /mnt
- mkdir /mnt/home
- mount /mnt/boot
- mount /dev/mapper/volume-home /mnt/home
- mount /dev/sda1 /mnt/boot
- swapon /dev/mapper/volume-swap
- ```
- ## Installation
- Bootstrap base system onto disk using pacstrap:
- ```shell
- pacstrap /mnt base base-devel vim
- ```
- Generate `fstab`:
- ```shell
- genfstab -p /mnt >> /mnt/etc/fstab
- ```
- `chroot` into system:
- ```shell
- arch-chroot /mnt
- ```
- Set time locale:
- ```shell
- ln -sf /usr/share/zoneinfo/Africa/Johannesburg /etc/localtime
- ```
- Set clock:
- ```shell
- hwclock --systohc
- ```
- Uncomment `en_US.UTF-8 UTF-8` `en_US ISO-8859-1` and other needed localizations in `/etc/locale.gen`. Now run:
- ```shell
- locale-gen
- ```
- Create locale config file:
- ```shell
- locale > /etc/locale.conf
- ```
- Add an hostname:
- ```shell
- vim /etc/hostname
- ```
- Update `/etc/hosts` to contain::
- ```text
- 127.0.1.1 myhostname.localdomain myhostname
- ```
- Because we are using disk encryption we have to change the initramfs.
- Edit the `/etc/mkinitcpio.conf`. Look for the HOOKS variable and move `keyboard` to before the `filesystems` and add `encrypt` and `lvm2` after `keyboard`. Like:
- ```text
- HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
- ```
- Regenerate the initramfs:
- ```shell
- mkinitcpio -p linux
- ```
- Install a bootloader:
- ```shell
- bootctl --path=/boot/ install
- ```
- Create bootloader. Edit `/boot/loader/loader.conf`. Replace the file's contents with:
- ```text
- default arch
- timeout 3
- editor 0
- ```
- The `editor 0` ensures the configuration can't be changed on boot.
- Next create a bootloader entry in `/boot/loader/entries/arch.conf`
- ```text
- title Arch Linux
- linux /vmlinuz-linux
- initrd /initramfs-linux.img
- options cryptdevice=UUID={UUID}:volume root=/dev/mapper/volume-root quiet rw
- ```
- In order to get the UUID run the following command in vim:
- ```shell
- :read ! blkid /dev/sda2
- ```
- ## Complete
- exit `chroot`:
- ```shell
- exit
- ```
- unmount everything:
- ```shell
- umount -R /mnt
- ```
- and reboot
- ```shell
- reboot
- ```
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement