Arch Linux – UEFI, LVM, and LUKS
This post will be an onging update to my Arch install on an aging HP ultrabook and primarily for my own reference. It could be helpful to others but I’d highly recommend running through a vanilla Arch install in virtualbox a few times to get an idea of the entire process vs relying on this page.
- Download Arch ISO and create bootable USB
- Verify UEFI is enabled in laptop BIOS
- Boot to USB
- Use wifi-menu to establish connection
- Verify IP is set
- Verify DNS settings in /etc/resolv.conf
- ping www.google.com
- Enable sshd if you want to configure install remotely
- systemctl start sshd
- echo ‘root:okgo’ | chpasswd
- gdisk /dev/sda/li>
- EFI Partition
- N
- Partition 1
- First sector default
- Last sector +150MiB
- Hex code ef00
- Boot partition
- N
- Partition 2
- First sector default
- Last sector +150MiB
- Hex code 8300
- LUKS container
- N
- Partition 3
- First sector default
- Last sector default
- Hex code 8e00
- type p to verify new partitions
- type w to create new partitions
- LUKS Setup
- Cryptsetup luksFormat /dev/sda3
- Cryptsetup luksOpen /dev/sda3 luks
- vgcreate vg1 /dev/mapper/luks
- lvcreate -n root -L 40GiB vg1 (/var /tmp could also be created here, just need to mount later)
- lvcreate -n home -L 20GiB vg1
- lvcreate -n swap -L 6GiB vg1
- Setup swap
- mkswap /dev/mapper/vg1-swap
- swapon /dev/mapper/vg1-swap
- swapon -s
- Format partitions
- mkfs.vfat -F 32 /dev/sda1 (EPS)
- mkfs.ext4 /dev/sda2 (boot)
- mkfs.ext4 /dev/mapper/root (and any other besides swap)
- Mount partitions
- mount /dev/mapper/vg1-root /mnt
- mkdir /mnt/boot/
- mount /dev/sda2 /mnt/boot/
- mkdir /mnt/boot/efi
- mount /dev/sda1 /mnt/boot/efi
- mount any remaining partitions that were created to /mnt/xxxxx
- Configure system time
- timedatectl set-ntp true
- timedatectl status
- pacstrap /mnt base base-devel (could include other packages here)
- genfstab -U /mnt >> /mnt/etc/fstab
- cat /mnt/etc/fstab
- arch-chroot /mnt
- ln -sf /usr/share/zoneinfo/America/yourtimezone /etc/localtime
- hwclock -systohc
- date
- vi /etc/locale.gen and uncomment your locale + save
- locale-gen
- echo LANG=xx_XX.UTF-8 > /etc/locale.conf
- echo systemname01 > /etc/hostname
- Install base packages
- yes | pacman -S networkmanager firewalld ntp openssh grub efibootmgr dialog wpa_supplicant intel-ucode arch-audit vim sudo nmap dnsutils zip gzip nfs-utils fcron
- for x in NetworkManager firewalld ntpd sshd fcron; do echo $x; systemctl enable $x; done
- systemctl enable fstrim.timer
- vim /etc/lvm/lvm.conf
- issue_discards=1
- Add discard option to all mount points in /etc/fstab
- passwd (update for root)
- useradd -m G wheel myuser
- passwd myuser
- grub-install –target=x86_64-efi –efi-directory=/boot/efi –bootloader-id=ArchLinux
- blkid | grep crypto | cut -d ‘ ‘ -f2 | tr -d ‘”‘ > luksuuid.txt
- vim /etc/default/grub
- GRUB_CMDLINE_LINUX=”cryptdevice=UUID=<insert from luksuuid.txt>:luks:allow-discards resume=/dev/mapper/vg1-swap”
- vim mkinitcpio.conf
- HOOKS=(base udev autodetect modconf encrypt lvm2 resume block filesystems keyboard fsck)
- mkinitcpio -p linux
- grub-mkconfig -o /boot/grub/grub.cfg
- exit
- reboot now
- If everything is right you boot and enter LUKS password to continue
- login as your user account
- use nmtui to connect to wifi
- su –
- visudo
- uncommment %wheel ALL=(ALL) ALL and save
Install XFCE
- sudo pacman -S xorg-server xorg-xinit xorg-apps
- sudo pacman -S lightdm lightdm-gtk-greeter lightdm-gtk-greeter-settings light-locker
- sudo pacman -S xfce4 xfce4-goodies plank file-roller network-manager-applet pavucontrol system-config-printer gtk3-print-backends remmina freerdp firefox guvcview
- sudo systemctl enable lightdm
- systemctl get-default (manually set to graphical.target if not returned)
- either reboot or systemctl start lightdm (kicks off instantly)
- Window Manager Tweaks > Compositor > uncheck show shadows under dock windows
- removes line across bottom third of screen caused by plank
- Settings > Session and Startup
- Add Disable Beep (xset -b)
- Add Plank (plank &)
Install Logitech Unify
- git clone https://aur.archlinux.org/ltunify-git.git
- cd ltunify folder
- makepkg
- sudo pacman -U <new tar.gz file>
- sed -i ‘s/^MODULES=””/MODULES=”hid-logitech-hidpp”/’ /etc/mkinitcpio.conf
- mkinitcpio -p linux
- reboot
Install Bluetooth
- sudo pacman -S bluez bluez-utilz blueman
- modprobe btusb
- sudo systemctl enable bluetooth
- sudo systemctl start bluetooth
Install Arch Branded Xscreensaver
- git clone https://aur.archlinux.org/xscreensaver-arch-logo.git
- cd xscreensaver-arch-logo
- makepgk
- sudo pacman -U <new tar.gz file>
2018-03-19 – And the Arch experiment is over for now. Headed back to Fedora running KDE this go around.