My Arch Linux installation
This is how I install Arch Linux.
For a generic guide visit ArchWiki. If you have a computer with UEFI support and Intel CPU, this setup can work well for you.
Initial setup
After you boot the Arch Linux ISO image set up keyboard layout.
loadkeys uk
Connect to the Internet. I personally use cable (connect before you boot), but
you can connect via WiFi using wifi-menu command.
Verify you have the Internet connection.
ping archlinux.org
Enable NTP to synchronise time with the Internet.
timedatectl set-ntp true
Partitioning
This will wipe everything else on the disk.
I personally use LVM on LUKS. I usually have two physical partitions:
- /dev/sda1 - EFI (/boot)
- /dev/sda2 - LUKS (/dev/mapper/cryptlvm)
- LVM (/dev/mapper/VolGroup00)
- swap (/dev/VolGroup00/swap)
- root (/dev/VolGroup00/root)
- LVM (/dev/mapper/VolGroup00)
I don’t create a separate home partition because I don’t really find it useful, but nothing stops you from doing so.
Use gdisk utility to create partitions.
gdisk /dev/sda
- Using gdisk create new GPT partition table. You do it using command
o. - Then use
nto create EFI partition.- Use default value for the first sector.
- For the last sector use
+512M. - For the partition type code use
EF00.
- Use
nagain to create our partition for the encrypted system.- Use default value for the first and last sectors.
- Use
8309partition type code which isLUKS Linux.
- Type
wto save the changes. This will wipe your partition table.
Format EFI partition
mkfs.fat -F32 /dev/sda1
Create encrypted (LUKS) partition
cryptsetup luksFormat /dev/sda2
cryptsetup open /dev/sda2 crytptlvm
Set up LVM
pvcreate /dev/mapper/cryptlvm
vgcreate VolGroup00 /dev/mapper/cryptlvm
lvcreate -L 14.9G -n swap VolGroup00
lvcreate -l 100%FREE -n root VolGroup00
Format and enable swap
mkswap /dev/VolGroup00/swap
swapon /dev/VolGroup00/swap
Format and mount the root partition
mkfs.ext4 /dev/VolGroup00/root
mount /dev/VolGroup00/root /mnt
Mount EFI partition
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
Download Arch Linux
pacstrap /mnt base base-devel linux linux-firmware lvm2 gvim git tmux
Generate /etc/fstab
genfstab -U /mnt >> /mnt/etc/fstab
chroot into the new system
arch-chroot /mnt
Set the timezone
ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Run hwclock to generate /etc/adjtime
hwclock --systohc
Localization
Uncomment needed locales in /etc/locale.gen.
# /etc/locale.gen
...
en_GB.UTF-8
en_US.UTF-8
...
Generate them with:
locale-gen
Set LANG variable in /etc/locale.conf:
LANG=en_GB.UTF-8
Set the keyboard layout for the vconsole in /etc/vconsole.conf:
KEYMAP=uk
Hostname
Set your hostname in /etc/hostname:
some-laptop
Add entries in /etc/hosts:
127.0.0.1 localhost
::1 localhost
127.0.1.1 some-laptop.localdomain some-laptop
mkinitcpio and Initramfs
Edit your /etc/mkinitcpio.conf. Find the HOOKS line and change it to:
HOOKS=(base systemd keyboard autodetect modconf block sd-vconsole sd-encrypt sd-lvm2 fsck filesystems)
Then run the following command to generate your initramfs image.
mkinitcpio -p linux
Create your user
Create your user using:
useradd --create-home someuser
passwd someuser
Then add it to the wheel group.
usermod -a -G wheel someuser
sudo
This should have been installed with the base-devel group.
pacman -S sudo
Run visudo and make sure that the line %wheel ALL=(ALL) ALL is uncommented.
That will grant sudo access to the members of the wheel group.
%wheel ALL=(ALL) ALL
Disable root account
I advise to lock your root account so it’s unusable. I don’t think you can do it during the installation, but I’ve never tried.
usermod --lock root
Or you can set a password on it using passwd.
Boot loader
Using Systemd-boot.
bootctl install
Edit /boot/loader/loader.conf to contain:
default arch
timeout 4
console-mode max
editor no
Processor microcode
Install your processor’s microcode. Assuming your computer uses Intel:
pacman -S intel-ucode
Otherwise, please see the guide on ArchWiki.
Boot entry
Then create a boot entry for the OS in /boot/loader/entries/arch.conf.
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options rd.luks.name=[UUID]=cryptlvm root=/dev/VolGroup00/root resume=/dev/VolGroup00/swap
Add the initrd /intel-ucode.img line only if you you use an Intel CPU and
have installed the microcode package for it.
Substitute [UUID] with your LUKS partition UUID. It must be UUID of the
physical partition. You can find it using:
blkid /dev/sda2
Set up networking
The simplest way is to use NetworkManager.
pacman -S networkmanager
systemctl enable NetworkManager
After reboot, cable connection should run out of the box. WiFi set-up may
require you to use the nmcli utility.
Quiet boot
After the system booted, I usually make my boot quieter by adding the following
options to the kernel parameters (i.e. options).
quiet loglevel=3
Reboot
Now you should be ready to go. Use Ctrl+d to escape the chroot session and
type umount -R /mnt, then reboot.
After reboot
After you reboot you should first get a screen asking you to input your disk
encryption password. Then it should take you to the log in screen where you can
log in with your user. Make sure that root user is secured or disabled.
In case if you did not boot in, you can always boot back to the installation
media, mount the drives and use arch-chroot command again to rectify your
mistakes.ocal
Set up X keyboard layout
localectl set-x11-keymap gb pc104 , caps:escape_shifted_capslock,grp:alt_shift_toggle