This following instructions install Arch Linux on a Dell 5530 laptop. This installation uses systemd for boot. It sets up a 30GB root partition and an encrypted user partition that is decrypted and mounted on login. Let's get started.
Download and write the Arch Linux installation ISO to a flash drive. Insert flash drive, press power, hold F12, and select flash drive to boot.
Set system clock:
timedatectl set-ntp true
Partition disk:
gdisk /dev/nvme0n1
o ↵ to create a new empty GUID partition table (GPT)
y ↵ to confirm
n ↵ add a new partition
↵ to select default partition number of 1
↵ to select default start at first sector
+512M ↵ make that size partition for booting
ef00 ↵ Partition type EFI
n ↵ to add new partition
↵ to select default partition number of 2
↵ to select default start of sector
+128G ↵ make that size partition for root
8300 ↵ to make partition type for root
n ↵ to add new partition
↵ to select default partition number of 3
↵ to select default start of sector
↵ to select default end of sector
8300 ↵ to make partition type for home
p ↵ if you want to check the partition layout
w ↵ to write changes to disk
y ↵ to confirm
Create filesystems:
mkfs.fat -F32 /dev/nvme0n1p1
- for bootloader partition
mkfs.ext4 /dev/nvme0n1p2
- for root partition
cryptsetup --type luks1 luksFormat /dev/nvme0n1p3
- encrypt user partition
- you must enter the same password you will use for user login
cryptsetup open /dev/nvme0n1p3 luks_partition
- the luks_partition label is only temporary
mkfs.ext4 /dev/mapper/luks_partition
- for user partition
cryptsetup close luks_partition
Mount partitions:
mount /dev/nvme0n1p2 /mnt
mkdir /mnt/boot
mkdir /mnt/home
mount /dev/nvme0n1p1 /mnt/boot
Update mirrors:
curl -s "https://www.archlinux.org/mirrorlist/?country=US&protocol=https&ip_version=4" | sed -e "s/^#Server/Server/" > /etc/pacman.d/mirrorlist
Install:
pacstrap /mnt base base-devel dialog wpa_supplicant pam_mount intel-ucode vim
Create /etc/fstab:
genfstab -pU /mnt > /mnt/etc/fstab
Start chroot:
arch-chroot /mnt
Set timezone:
ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime
Set clock:
hwclock --systohc
Edit /etc/locale.gen:
- uncomment en_US.UTF-8 UTF-8
Generate locale:
locale-gen
Create /etc/locale.conf:
echo "LANG=en_US.UTF-8" > /etc/locale.conf
Set hostname:
echo dell > /etc/hostname
Edit /etc/hosts with hostname from /etc/hostname:
127.0.0.1 localhost
::1 localhost
127.0.1.1 dell
Change root password:
passwd
Install bootloader:
bootctl install
Copy PARTUUID labels for block devices to bootloader conf:
blkid > /boot/loader/entries/arch.conf
Keep only the PARTUUID for /dev/nvme0n1p2 and edit arch.conf:
title Arch Linux
linux /vmlinuz-linux
initrd /intel-ucode.img
initrd /initramfs-linux.img
options root=PARTUUID=70c1cc2d-d307-b94d-8008-38edf777b735 rw
Edit /boot/loader/loader.conf:
default arch
editor no
Add user:
useradd -m -g users -G wheel,uucp mike
passwd mike
- must be same password used for cryptsetup
Give user sudo power:
visudo
- uncomment %wheel ALL= (ALL) ALL
Change ownership of $HOME:
chmod mike:users /home/mike
Use pam_mount to decrypt and mount /dev/nvme0n1p3 on login:
Edit the end of /etc/security/pam_mount.conf.xml:
<mkmountpoint enable="1" remove="true" />
<volume
user="mike"
fstype="crypt"
path="/dev/nvme0n1p3"
mountpoint="/home/mike"
options="fsck,noatime,discard"
/>
<mkmountpoint enable="1" remove="true" />
</pam_mount>
Edit /etc/pam.d/system-login:
#%PAM-1.0
auth required pam_tally2.so onerr=succeed file=/var/log/tallylog
auth required pam_shells.so
auth requisite pam_nologin.so
auth optional pam_mount.so
auth include system-auth
account required pam_tally2.so
account required pam_access.so
account required pam_nologin.so
account include system-auth
password optional pam_mount.so
password include system-auth
session optional pam_loginuid.so
session optional pam_keyinit.so force revoke
session [success=1 default=ignore] pam_succeed_if.so service = systemd-user quiet
session optional pam_mount.so
session include system-auth
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so dir=/var/spool/mail standard quiet
-session optional pam_systemd.so
session required pam_env.so
Exit chroot:
exit
Unmount partitions:
umount -R /mnt
Turn off, remove flash drive, reboot and login to user:
poweroff
Pacman hooks
- (mirrorlist)[https://wiki.archlinux.org/index.php/Reflector#Automation]
- (systemd-boot)[https://wiki.archlinux.org/index.php/Systemd-boot#Automatic_update]
AUR helper
git clone https://aur.archlinux.org/yay-bin.git
cd yay-bin
makepkg -si
yay -S nvidia gnome
systemctl enable gdm.service
systemctl enable NetworkManager.service
systemctl enable bluetooth.service
yay -S caps2esc
systemctl enable caps2esc.service