( linux )


Contents

  1. Arch Installation / Encrypted Setup / Syslinux
  2. FAT32

Wed, Jan 24, 2018

ARCH INSTALLATION / ENCRYPTED SETUP / Syslinux

This is LVM on LUKS setup based on Arch’s wiki documentation.

Keyboard

$ loadkeys us

Partition

$ lsblk				# List block devices
$ gdisk /dev/sda		# To partition /dev/sda
$ o				# Either new or start over
$ y				# Accept
$ n				# Create new partition
$ Enter				# Accept default partition number
$ Enter				# Accept default first sector
$ +512M				# Allocated 512MB for boot partition
$ 8300				# Set type of partition or L to list
$ n				# Create new partition
$ Enter				# Accept default partition number
$ Enter				# Accept default first sector
$ Enter				# Accept default last sector
$ 8E00				# Set partition type to LVM
$ w				# Write change
$ y				# Accept
$ cryptsetup luksFormat --type luks2 /dev/sda2	# Create encrypted container
$ cryptsetup open /dev/sda2 cryptolvm		# Open container
$ pvcreate /dev/mapper/cryptolvm		# Create physical volume
$ vgcreate MyVol /dev/mapper/cryptolvm		# Create MyVol volume group
$ lvcreate -L 60G MyVol -n home			# Allocated 1/5 space for home
$ lvcreate -L 8G MyVol -n swap			# Allocated 2xRAM for swap
$ lvcreate -l 100%FREE MyVol -n root		# Allocated remaining for root
$ mkfs.ext4 /dev/mapper/MyVol-home		# Format home
$ mkswap /dev/mapper/MyVol-swap			# Format swap
$ mkfs.ext4 /dev/mapper/MyVol-root		# Format root
$ swapon /dev/mapper/MyVol-swap			# Mount swap
$ mount /dev/mapper/MyVol-root /mnt		# Mount root
$ mkdir -pv /mnt/home				# Create home directory
$ mount /dev/mapper/MyVol-home /mnt/home	# Mount home
$ mkfs.ext2 /dev/sda1				# Create Ext2
$ mkdir	/mnt/boot				# Create boot directory
$ mount /dev/sda1 /mnt/boot			# Mount boot

Wireless

$ wifi-menu

Install Base System

$ pacstrap /mnt base

Configure System

$ genfstab -p /mnt >> /mnt/etc/fstab	# Generate fstab
$ arch-chroot /mnt			# chroot

Add hostname to /etc/hostname and /etc/hosts

/etc/hosts

127.0.0.1	localhost
127.0.0.1	hostname.subdomain.domain	hostname

Set time zone:

$ ln -s /usr/share/zoneinfo/Pacific/Auckland /etc/localtime

Uncomment the locale in /etc/locale.gen

$ locale-gen				# Generate locale

Set locale preference by adding LANG=”en_NZ.UTF-8” to /etc/locale.conf

Configure mkinitcpio

Add keyboard, encrypt and lvm2 hooks to /etc/mkinitcpio.conf

HOOKS=(... keyboard encrypt lvm2 fsck)

mkinitcpio and set root password:

$ mkinitcpio -p linux
$ passwd

Install Boot Loader

$ pacman -S gdisk			# Prerequisite
$ pacman -S syslinux
$ syslinux-install_update -i -a -m

/boot/syslinux/syslinux.cfg

LABEL arch
    MENU LABEL Arch Linux
    LINUX ../vmlinuz-linux
    APPEND root=/dev/mapper/MyVol-root cryptdevice=/dev/sda2:cryptolvm rw
    INITRD ../initramfs-linux.img

LABEL archfallback
    MENU LABEL Arch Linux Fallback
    LINUX ../vmlinuz-linux
    APPEND root=/dev/mapper/MyVol-root cryptdevice=/dev/sda2:cryptolvm rw
    INITRD ../initramfs-linux-fallback.img

/etc/crypttab

Append line:

cryptolvm	/dev/sda2

Create crypttab.initramfs

$ cp /etc/crypttab /etc/crypttab.initramfs

Wireless

$ pacman -S dialog wpa_supplicant

Umount and Reboot

$ exit			# Exit from chroot environment
$ umount -R /mnt
$ reboot

Create New User

$ useradd -m -G wheel -s /bin/bash daniel
$ passwd daniel
$ usermod -a -G audio,network,power,scanner,storage,systemd-journal,video daniel

The above creates a new user with home directory, change password and add user to additional groups.

Wireless

$ wifi-menu
$ ls /etc/netctl/			# Find the wifi profile
$ netctl enable profile-name		# profile-name as obtained above

Sudo

$ pacman -S sudo

Run visudo, edit it to restrict sudo to specific group or user.

Additional Install

$ sudo pacman -S openssh
$ sudo systemctl enable sshd.service
$ sudo pacman -S --needed base-devel
$ wget -c https://aur.archlinux.org/cgit/aur.git/snapshot/cower.tar.gz
$ tar xzvf cower.tar.gz
$ cd cower
$ makepkg -s
$ sudo pacman -U cower-<version>.pkg.tar.xz
$ wget -c https://aur.archlinux.org/cgit/aur.git/snapshot/pacaur.tar.gz
$ tar xzvf pacaur.tar.gz
$ cd pacaur
$ makepkg -s
$ sudo pacman -U pacaur-<version>.pkg.tar.xz

Audio

$ sudo pacman -S alsa-utils
$ amixer sset Master unmute		# ALSA comes muted by default.

Restore

Restore home from backup.

$ sudo pacman -S - < pkglist.txt	# Install all packages from backup list

Do the same for AUR with pacaur.

Fri, Jan 26, 2018

FAT32

gparted or via command line.

Either way, install dosfstools.
I’m using FAT32 (LBA), which is also the factory default for USB stick.

$ lsblk
$ sudo fdisk /dev/sdb
$ o
$ n
$ p
$ Enter
$ Enter
$ Enter
$ t
$ c
$ w
$ sudo mkfs.vfat /dev/sdb1 -n DN-U-001
$ sudo mount -o gid=storage,fmask=113,dmask=002 /dev/sdb1 /mnt/usbstick
$ sudo umount /mnt/usbstick

Alternatively:

$ sudo mount -o uid=daniel /dev/sdb1 /mnt/usbstick

References:

LBA
Mounting USB stick with write access