This post describes an installation of Arch Linux with GPT (GUID partition table), LUKS (Linux Unified Key Setup) and LVM (Logical Volume Manager) with the basic graphical window manager i3. LVM is set up on top of LUKS. Systemd-boot is used as an EFI compatible boot manager. I wrote this post, so next time I don’t have to search all the information in the Arch Linux Wiki. For more details, consult the links in the reference section.
Important: This is not a beginners guide for an Arch Linux installation, so you should have basic understanding of Arch Linux, LUKS and LVM. You should understand all options so you can adjust them to your needs.
Preparations
Set keyboard layout:
# loadkeys de_CH-latin1
Activate vi mode for more convinience
# set -o vi
Connect to WiFi:
# wifi-menu
Set system time using NTP:
# timedatectl set-ntp true # timedatectl status
Disk setup
Setup GUID partition Table (GPT):
# gdisk /dev/sda o # Create a new empty GUID partition table (GPT) y # Confirm # EFI System Partition (ESP) n # Add a new partition 1 # Partition number [Return] # First sector +512M # Last sector = size ef00 # Partition type = EFI System # LUKS container n # Add a new partition 2 # Partition number [Return] # First sector [Return] # Last sector = Use remaining space 8e00 # Partition type = Linux LVM p # Check partitions w # Write changes to disk and exit y # Confirm
Format EFI System Partition (ESP):
# mkfs.fat -F32 /dev/sda1
Encrypt the other partition with LUKS (512 Bit AES-XTS and SHA512 for passphrase):
# cryptsetup luksFormat -v -s 512 -h sha512 /dev/sda2 # cryptsetup luksOpen /dev/sda2 luks
Setup Logical Volume Manager:
# pvcreate /dev/mapper/luks # vgcreate rootvg /dev/mapper/luks
Create Logical Volumes:
# lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks) # lvcreate -n root -L 25G rootvg # lvcreate -n var -L 15G rootvg # lvcreate -n home -l 100%FREE rootvg
Check LVM Setup:
# pvs # vgs # lvs
Create filesystems for LVs:
# mkfs.ext4 /dev/mapper/rootvg-home # mkfs.ext4 /dev/mapper/rootvg-root # mkfs.ext4 /dev/mapper/rootvg-var # mkswap /dev/mapper/rootvg-swap # swapon /dev/mapper/rootvg-swap
Install base system
Mount LVs and ESP for installation:
# mount /dev/mapper/rootvg-root /mnt # mkdir /mnt/{var,home,boot} # mount /dev/mapper/rootvg-home /mnt/home # mount /dev/mapper/rootvg-var /mnt/var # mount /dev/sda1 /mnt/boot
Select mirrors:
# vi /etc/pacman.d/mirrorlist
Synchronize repositories:
# pacman -Sy
Install base packages:
# pacstrap /mnt base linux linux-firmware
Generate fstab file:
# genfstab -p /mnt > /mnt/etc/fstab
Chroot into the new system:
# arch-chroot /mnt
Basic configuration
Configure hostname:
# echo chaos > /etc/hostname
Configure timezone:
# $ timedatectl list-timezones | grep Zurich Europe/Zurich # timedatectl set-timezone Europe/Zurich
Configure locale:
# vi /etc/locale.gen # uncomment the following locales en_US.UTF-8 UTF-8 en_US ISO-8859-1
Update locales:
# locale-gen
Set language:
# echo "LANG=en_US.UTF-8" > /etc/locale.conf
Configure virtual console:
# echo "KEYMAP=de_CH-latin1" > /etc/vconsole.conf # echo "FONT=Lat2-Terminus16">> /etc/vconsole.conf
Configure pacman:
# vi /etc/pacman.conf # Add to [options] section: Color ILoveCandy # Enable Multilib [multilib] Include = /etc/pacman.d/mirrorlist
Synchronize repositories:
# pacman -Sy
Install basic software
Install basic packages:
# pacman -S base lvm2 e2fsprogs vim net-tools dhcpcd man-db man-pages bash-completion
Install packages for WiFi:
# pacman -S dialog wpa_supplicant wpa_actiond wireless_tools rfkill # systemctl enable netctl-auto@wlp4s0
Activate IPv6 Privacy extension:
# vi /etc/sysctl.d/ipv6_tempaddr.conf net.ipv6.conf.all.use_tempaddr = 2 net.ipv6.conf.default.use_tempaddr = 2
Install and configure sudo:
# pacman -S sudo vim # visudo %wheel ALL=(ALL) ALL
Activate NTP Client:
# systemctl enable systemd-timesyncd
Install and activate OpenSSH:
# pacman -S openssh rxvt-unicode-terminfo # systemctl enable sshd # If you want an SSH server running
Configure users
Set root password:
# passwd
Add new user:
# useradd -m -G wheel emanuel # passwd emanuel
Configure boot environment
Configure hooks for initramfs:
# vi /etc/mkinitcpio.conf HOOKS=( ... keyboard keymap encrypt lvm2 ... filesystems ...)
Create initramfs:
# mkinitcpio -p linux
Install bootloader
# bootctl install
Create bootloader entry:
# blkid | grep sda2 | cut -f2 -d\" > /boot/loader/entries/arch.conf # Write long UUID to file for later use # vi /boot/loader/entries/arch.conf title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options cryptdevice=UUID=da360677-31d9-41da-b738-7c53c9932914:luks root=/dev/mapper/rootvg-root rw
Create default entry:
# vi /boot/loader/loader.conf timeout 2 default arch
Install basic desktop environment (X11 and i3 window manager)
Install video driver:
# pacman -S xf86-video-intel
Install Xorg
# pacman -S xorg xterm xorg-xrandr # localectl --no-convert set-x11-keymap ch
Install i3 window manager and desktop environment:
# pacman -S i3-wm i3blocks i3lock i3status dmenu rxvt-unicode xterm xbindkeys zenity xclip figlet
Install login manager
# pacman -S lightdm lightdm-gtk-greeter # systemctl enable lightdm.service
Install basic desktop applications:
# pacman -S acpi feh mpv gnome-terminal nautilus evince eog file-roller gvfs gvfs-gphoto2 gvfs-mtp gvfs-nfs gvfs-smb firefox smbclient
Install some basic terminal applications:
# pacman -S mlocate scrot bind-tools ed jq bc git mosh nmap p7zip zip unzip unrar qrencode the_silver_searcher tmux wget
Install alsa-utils for sound:
# pacman -S alsa-utils pulseaudio-alsa
Themes:
# pacman -S gnome-themes-extra gtk-engine-murrine arc-gtk-theme arc-solid-gtk-theme arc-icon-theme lxappearance-gtk
Finish installation
Reboot into new system:
# exit # umount -R /mnt # reboot # Yay!
References
- Arch Linux Wiki: Installation Guide: https://wiki.archlinux.org/index.php/installation_guide
- Arch Linux Wiki: EFI System Partition: https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#EFI_System_Partition
- Arch Linux Wiki: Disk Encryption: https://wiki.archlinux.org/index.php/Disk_encryption
- Arch Linux Wiki: System Encryption: LVM on LUKS: https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting_an_entire_system#LVM_on_LUKS
- Arch Linux Wiki: LVM: https://wiki.archlinux.org/index.php/LVM
- Arch Linux Wiki: Systemd-boot: https://wiki.archlinux.org/index.php/Systemd-boot
You forgot to add pacman -Syu to synchronize repo databases. It’ll give you an error if you try installing a package after adding multilib.
Oh yes. I added this. Thanks.
Great article !
Thank you
# mount /dev/mapper/rootvg-root /mnt
# mkdir /mnt/{var,home,boot}
# mount /dev/mapper/rootvg-home /mnt/home
# mount /dev/mapper/rootvg-var /mnt/var
# mount /dev/sda1 /mnt/boot
—————–+————————
# swapon /dev/mapper/luks
Thx. I added it directly after creating the filesystems:
# mkfs.ext4 /dev/mapper/rootvg-home
# mkfs.ext4 /dev/mapper/rootvg-root
# mkfs.ext4 /dev/mapper/rootvg-var
# mkswap /dev/mapper/rootvg-swap
# swapon /dev/mapper/rootvg-swap
Thanks Emanuel
It’s a great article. I will follow all of it, but I need another help as I have an ssd ( Samsung 850 EVO)
I will be much obliged if you kindly let me know what extra settings should I add to get the most out from my ssd. As I am willing to encryptt the whole disk what extra steps should I take to work trim service perfectly and to improve the performance of my ssd.
Hi Ariful
You’re welcome.
I think this is described here: https://wiki.archlinux.org/index.php/Dm-crypt/Specialties#Discard.2FTRIM_support_for_solid_state_drives_.28SSD.29
and here: https://wiki.archlinux.org/index.php/Solid_State_Drives#TRIM
But I have not configured TRIM for my SSD. So be careful when applying such settings and create a backup before. I also cannot say how big the extra performance would be. If you have any results, let me know 🙂
Greets,
Emanuel
Hi Emanuel,
I haven’t configured the TRIM. I am running my machine with the default configuration of dm/crypt regarding TRIM. Thanks for your superb article. It helped me a lot, though I haven’t configured the i3WM. It’s really a hard thing to do right now.
Hope you will write another article on how to rice i3WM 🙂
Thanks bro, keep doing this kind of great stuffs.
Hi Rocky
thanks 🙂
You can find my configuration files for my desktop here: https://github.com/mindfuckup/Configs/tree/master/home
For example, my i3 configuration (not so special…): https://github.com/mindfuckup/Configs/blob/master/home/.config/i3/config
GRZ
Emanuel
is this line correct
# lvcreate -n swap -L 4G -C y rootvg # -C = continuous data blocks)
I’ve searched high and low for a command like this and could not justify it.
Hi
This line creates a new LV for paging/swapping with the name “swap” in the VG “rootvg” and the size of 4 GB. The “-C y” option defines that all blocks have to be continuous on the disk. This is done due to performance reasons.
Regards,
Emanuel
I have problems understanding the hooks order.
Would HOOKS=”base udev autodetect keyboard keymap consolefont modconf block encrypt lvm2 filesystems fsck” work?
Hi
Yes. That will work. Important is that keyboard and keymap is in front of encrypt, because you need the keyboard and a proper keyboard layout to enter the password for the LUKS encryption.
Thanks for your posting. May I share this?
It’s public, yes 🙂
Vollguet. Merci.
Trying to keep this fresh: Due to https://www.archlinux.org/news/base-group-replaced-by-mandatory-base-package-manual-intervention-required/ base package now does not contain editor, kernel. This mean there is no `vi/nano, linux, linux-firmware` in base package when you first do `pacstrap /mnt base`. Source: https://www.reddit.com/r/archlinux/comments/deboku/looking_for_help_mkinitcpio_error_failed_to_load/
Hi
Thanks for the hint. I’ve not installed Arch since a while. I added some packages I think they are needed or useful. Tellme if I should add some more.
I added the following:
– linux
– linux-firmware
– lvm2
– e2fsprogs
– vim
– net-tools
– dhcpcd
– man-db
– man-pages
Thanks & best wishes,
Emanuel
Hi, thanks for post
To me doesnt work, i try to follow steps in my virtual machine and a laptop but in laptop i have kernel panic after boot, and in virtualbox i have only a black screen after boot , i dont know what are missing.
Do you have some trouble like that?
Hi, you’re welcome 🙂
No, I did the install on my ThinkPad T460s and it worked like described. You could check if you have enabled UEFI in the VirtualBox settings.
Good Luck 😉
Emanuel
Yes, I’m enabled it.
Well, thanks.
Marcos
Hi.
Thank you very much for the great procedure.I’m just wondering if it’s necessary to make an extra / Var folder.Thank you very much for your answer.And an apology for my English
Hi
You’re welcome.
No, it’s not neccessary. It’s just an advantage: If something in the /var directory get’s larger over time (e.g. logfiles), the root filesystem is not filled up. This could crash your system otherwise. You can have everything except /boot on the / filesystem.
Grz,
Emanuel
Hey Emanuel,
thanks for the guide! I always referred back to it when I needed to install arch again.
It seems to be outdated now however 🙁
Any chance you will be updating it?
Best,
John
Hey John
Yes I know, it’s a bit outdated :/. I may udpate it in the future maybe.
Best,
Emanuel