Arch Linux – UEFI, LVM, and LUKS

Posted on Posted in Arch

This post will be an onging update to my Arch install on an aging HP ultrabook and primarily for my own reference.  It could be helpful to others but I’d highly recommend running through a vanilla Arch install in virtualbox a few times to get an idea of the entire process vs relying on this page.

  1. Download Arch ISO and create bootable USB
  2. Verify UEFI is enabled in laptop BIOS
  3. Boot to USB
  4. Use wifi-menu to establish connection
  5. Verify IP is set
  6. Verify DNS settings in /etc/resolv.conf
  7. ping www.google.com
  8. Enable sshd if you want to configure install remotely
    1. systemctl start sshd
    2. echo ‘root:okgo’ | chpasswd
  9. gdisk /dev/sda/li>
  10. EFI Partition
    1. N
    2. Partition 1
    3. First sector default
    4. Last sector +150MiB
    5. Hex code ef00
  11. Boot partition
    1. N
    2. Partition 2
    3. First sector default
    4. Last sector +150MiB
    5. Hex code 8300
  12. LUKS container
    1. N
    2. Partition 3
    3. First sector default
    4. Last sector default
    5. Hex code 8e00
  13. type p to verify new partitions
  14. type w to create new partitions
  15. LUKS Setup
    1. Cryptsetup luksFormat /dev/sda3
    2. Cryptsetup luksOpen /dev/sda3 luks
  16. vgcreate vg1 /dev/mapper/luks
  17. lvcreate -n root -L 40GiB vg1 (/var /tmp could also be created here, just need to mount later)
  18. lvcreate -n home -L 20GiB vg1
  19. lvcreate -n swap -L 6GiB vg1
  20. Setup swap
    1. mkswap /dev/mapper/vg1-swap
    2. swapon /dev/mapper/vg1-swap
    3. swapon -s
  21. Format partitions
    1. mkfs.vfat -F 32 /dev/sda1 (EPS)
    2. mkfs.ext4 /dev/sda2 (boot)
    3. mkfs.ext4 /dev/mapper/root (and any other besides swap)
  22. Mount partitions
    1. mount /dev/mapper/vg1-root /mnt
    2. mkdir /mnt/boot/
    3. mount /dev/sda2 /mnt/boot/
    4. mkdir /mnt/boot/efi
    5. mount /dev/sda1 /mnt/boot/efi
    6. mount any remaining partitions that were created to /mnt/xxxxx
  23. Configure system time
    1. timedatectl set-ntp true
    2. timedatectl status
  24. pacstrap /mnt base base-devel (could include other packages here)
  25. genfstab -U /mnt >> /mnt/etc/fstab
    1. cat /mnt/etc/fstab
  26. arch-chroot /mnt
  27. ln -sf /usr/share/zoneinfo/America/yourtimezone /etc/localtime
  28. hwclock -systohc
    1. date
  29. vi /etc/locale.gen and uncomment your locale + save
  30. locale-gen
  31. echo LANG=xx_XX.UTF-8 > /etc/locale.conf
  32. echo systemname01 > /etc/hostname
  33. Install base packages
    1. yes | pacman -S networkmanager firewalld ntp openssh grub efibootmgr dialog wpa_supplicant intel-ucode arch-audit vim sudo nmap dnsutils zip gzip nfs-utils fcron
    2. for x in NetworkManager firewalld ntpd sshd fcron; do echo $x; systemctl enable $x; done
  34. systemctl enable fstrim.timer
  35. vim /etc/lvm/lvm.conf
    1. issue_discards=1
  36. Add discard option to all mount points in /etc/fstab
  37. passwd (update for root)
  38. useradd -m G wheel myuser
  39. passwd myuser
  40. grub-install –target=x86_64-efi –efi-directory=/boot/efi –bootloader-id=ArchLinux
  41. blkid | grep crypto | cut -d ‘ ‘ -f2 | tr -d ‘”‘ > luksuuid.txt
  42. vim /etc/default/grub
    1. GRUB_CMDLINE_LINUX=”cryptdevice=UUID=<insert from luksuuid.txt>:luks:allow-discards resume=/dev/mapper/vg1-swap”
  43. vim mkinitcpio.conf
    1. HOOKS=(base udev autodetect modconf encrypt lvm2 resume block filesystems keyboard fsck)
  44. mkinitcpio -p linux
  45. grub-mkconfig -o /boot/grub/grub.cfg
  46. exit
  47. reboot now
  48. If everything is right you boot and enter LUKS password to continue
  49. login as your user account
  50. use nmtui to connect to wifi
  51. su –
  52. visudo
  53. uncommment %wheel ALL=(ALL) ALL and save

Install XFCE

  1. sudo pacman -S xorg-server xorg-xinit xorg-apps
  2. sudo pacman -S lightdm lightdm-gtk-greeter lightdm-gtk-greeter-settings light-locker
  3. sudo pacman -S xfce4 xfce4-goodies plank file-roller network-manager-applet pavucontrol system-config-printer gtk3-print-backends remmina freerdp firefox guvcview
  4. sudo systemctl enable lightdm
  5. systemctl get-default (manually set to graphical.target if not returned)
  6. either reboot or systemctl start lightdm (kicks off instantly)
  7. Window Manager Tweaks > Compositor > uncheck show shadows under dock windows
    1. removes line across bottom third of screen caused by plank
  8. Settings > Session and Startup
    1. Add Disable Beep (xset -b)
    2. Add Plank (plank &)

Install Logitech Unify

  1. git clone https://aur.archlinux.org/ltunify-git.git
  2. cd ltunify folder
  3. makepkg
  4. sudo pacman -U <new tar.gz file>
  5. sed -i ‘s/^MODULES=””/MODULES=”hid-logitech-hidpp”/’ /etc/mkinitcpio.conf
  6. mkinitcpio -p linux
  7. reboot

Install Bluetooth

  1. sudo pacman -S bluez bluez-utilz blueman
  2. modprobe btusb
  3. sudo systemctl enable bluetooth
  4. sudo systemctl start bluetooth

Install Arch Branded Xscreensaver

  1. git clone https://aur.archlinux.org/xscreensaver-arch-logo.git
  2. cd xscreensaver-arch-logo
  3. makepgk
  4. sudo pacman -U <new tar.gz file>

2018-03-19 – And the Arch experiment is over for now.  Headed back to Fedora running KDE this go around.