ICO wiki - User contributions [en]

User talk:Fislam

2017-12-22T12:37:58Z

Fislam: Created page with "== Installation == ===Preparing=== Some necessary packages that must be installed prior to beginning with the actual gogs installation. First of all do a <code>sudo apt-get..."

== Installation ==

===Preparing===
Some necessary packages that must be installed prior to beginning with the actual gogs installation.
First of all do a
<code>sudo apt-get update</code>
Install the following packages (some are for later)
<code>sudo apt-get install -y gcc g++ build-essential dpkg mysql-server wget</code>

During the installation, you will be asked to enter the password of the database root user. Make sure you use a secure one, and remember it, because you'll need it later in this tutorial.Now create and open a file named gogs.sql. Here, we're using nano, but you can use your favorite text editor.

<code>nano gogs.sql</code>

Paste this in the newly created sql dump

<code>DROP DATABASE IF EXISTS gogs;
CREATE DATABASE IF NOT EXISTS gogs CHARACTER SET utf8 COLLATE utf8_general_ci;</code>

Finally, execute gogs.sql with MySQL to create the Gogs database. Replace your_password with the root password you chose earlier in this step.
<code> mysql -u root -pyour_password < gogs.sql </code>

To install Gogs from source, version control tools like Git and Mercurial are needed, so install them next.
<code>sudo apt-get -y install mercurial git</code>

===Installing Go===

It is recoomended to add a new user git before installing go. Root permissions are not required for this user.

<code>adduser git</code>

Because Gogs is written in Go, we need to install it before compiling Gogs.

First, there are some environment variables we need to set for Go. To do that, open the file ~/.bashrc for editing.

<code>nano ~/.bashrc</code>

Add the following lines to the end of the file, then close and save it.

<code>export GOPATH=/home/git/go

export GOROOT=/usr/local/src/go

export PATH=${PATH}:$GOROOT/bin</code>

Next, apply your changes.

<code>source ~/.bashrc</code>

Now get the most recent compiled version of go from their website

<code>wget https://storage.googleapis.com/golang/go1.4.2.linux-amd64.tar.gz</code>

Decompress

<code>tar zxf go1.4.2.linux-amd64.tar.gz</code>

Change directories to the $GOROOT we defined in ~/.bashrc.

<code>sudo mv go $GOROOT</code>

Now test if Go is working.

===Installing Gogs===

Go has a built in command, get, for easily downloading the source code of a Go project along with all of its dependencies, which we'll use to download Gogs.

<code>go get -d github.com/gogits/gogs</code>

The source code of Gogs will now be in $GOPATH/src/github.com/gogits/gogs, so move there.

<code>cd $GOPATH/src/github.com/gogits/gogs</code>

Next, build and generate the binary. This command may take a moment to run.

<code>go build</code>

Now test go by moving into go directory and typing

<code>./go</code>

This should run Go. However, to run it on the the background.

<code>./go &</code>

===Using Supervisor to manage Go===

<code>sudo apt-get -y install supervisor</code>

Let's make a Gogs daemon by creating a Supervisor configuration section. First, create a directory for the log files to live in.

<code>sudo mkdir -p /var/log/gogs</code>

<code>sudo nano /etc/supervisor/supervisord.conf</code>

Append the following contents to the file to create the Gogs section.

<code>
[program:gogs]

directory=/home/git/go/src/github.com/gogits/gogs/

command=/home/git/go/src/github.com/gogits/gogs/gogs web

autostart=true

autorestart=true

startsecs=10

stdout_logfile=/var/log/gogs/stdout.log

stdout_logfile_maxbytes=1MB

stdout_logfile_backups=10

stdout_capture_maxbytes=1MB

stderr_logfile=/var/log/gogs/stderr.log

stderr_logfile_maxbytes=1MB

stderr_logfile_backups=10

stderr_capture_maxbytes=1MB

environment = HOME="/home/git", USER="git"

user = git

</code>

This section defines the command we want to execute to start Gogs, automatically starts it with Supervisor, and specifies the locations of log files.

<code>sudo service supervisor restart</code>

We can check that Gogs is running with the following command.

<code>ps -ef | grep gogs</code>

You can verify that the server is running by taking a look at the stdout.log file, too.

<code>tail /var/log/gogs/stdout.log</code>

Output should look like <code>2017/12/31 14:24:42 [I] Gogs: Go Git Service 0.5.16.0301 Beta</code>

==Deploying==

===Set up nginx as reverse proxy===
You should also be able visit the web page with URL http://your_server_ip:3000/. This will redirect to the installation page, but don't fill that out just yet. But we want it running on port 80 for now.

Install nginx

<code>sudo apt-get -y install nginx</code>

Create a config file

<code>sudo nano /etc/nginx/sites-available/servername</code>

Adjust to the following template

<code>server {</code>
listen 80;
server_name your_server_ip;

proxy_set_header X-Real-IP $remote_addr; # pass on real client IP

location / {
proxy_pass http://localhost:3000;
}
<code>}</code>

And symlink it so that Nginx can use it.

<code>sudo ln -s /etc/nginx/sites-available/gogs /etc/nginx/sites-enabled/gogs</code>

For more about Nginx virtual host configuration files, see this tutorial.

Finally, restart Nginx to activate the virtual host configuration.

<code>sudo service nginx restart</code>

You should now be able visit the web page with the URL http://your_server_ip/, without specifying the port.

===Initialize Gogs===
There is one more simple step left to initialize Gogs for its first run.

Visit http://your_server_ip/install and fill in the following options. Many of them will be filled out for you already, but make sure to replace the variables in red with the values for your server.

In the first section, Gogs requires MySQL, PostgreSQL or SQLite3, fill out:

Database Type: MySQL
Host: 127.0.0.1:3306
User: root
Password: your_database_password
Database Name: gogs
In the second section, General Settings of Gogs, fill out:

Repository Root Path: /home/git/gogs-repositories
Run User: git
Domain: your_server_ip
HTTP Port: 3000
Application URL: http://your_server_ip/
Skip the optional e-mail and notification settings, then under Admin Account Settings, choose an admin username and password, and include your email address. We'll refer to the admin username as your_admin_username in the next step.

Finally, click Install Gogs, and then log in.

===Test Gogs===

First, go to http://your_server_ip/repo/create and create a repository with the name my-test-repo, and you click on the option Initialize this repository with a README.md.

Now you should be able to clone it. First, move to your home directory.

cd
Next, clone the repository.

git clone http://your_server_ip/your_admin_username/my-test-repo.git
Change to the repository directory.

cd my-test-repo
Update the README.md.

echo 'Blaaa blaaa World' >> README.md
Commit your changes and push them. This command will ask you for your Gogs username and password.

git add --all && git commit -m "init commit" && git push origin master

==Securing gogs==
We need to install Let's Encrypt, generate CA certificate and use nginx to redirect HTTP traffic to HTTPS.

First, add the repository.

<code>sudo add-apt-repository ppa:certbot/certbot</code>

You'll need to press ENTER to accept. Then, update the package list to pick up the new repository's package information.

<code>sudo apt-get update</code>

<code>sudo apt-get install python-certbot-nginx</code>

===Configure Iptables===
Before starting with the certificate, Iptables should be configured.

<code>sudo apt install iptables iptables-persistent</code>

you can use the following iptables rules
<code>

-P INPUT DROP

-P FORWARD DROP

-P OUTPUT ACCEPT

-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

-A INPUT -p tcp -m tcp --dport 22 -j ACCEPT

-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT

-A INPUT -p tcp -m tcp --dport 443 -j ACCEPT

-A INPUT -s 127.0.0.0/8 -i lo -m comment --comment "Allow loopback" -j ACCEPT

-A INPUT -i eth1 -m comment --comment "Allow traffic from LAN" -j ACCEPT

-A INPUT -p icmp -m icmp --icmp-type 8 -m comment --comment "Allow ping" -j ACCEPT

</code>

Make the rules persistent.

<code>sudo invoke-rc.d iptables-persistent save </code>

View Iptables status

<code>iptables -L</code>

===Obtain SSL Certiciate===
Install CertBot & Let's Encrypt
Add the repository

<code>sudo add-apt-repository ppa:certbot/certbot</code>

<code>apt update</code>

<code>sudo apt-get install python-certbot-apache</code>

<code>sudo certbot --nginx -d example.com -d www.example.com</code>

This runs certbot with the --nginx plugin, using -d to specify the names we'd like the certificate to be valid for.

If this is your first time running certbot, you will be prompted to enter an email address and agree to the terms of service. After doing so, certbot will communicate with the Let's Encrypt server, then run a challenge to verify that you control the domain you're requesting a certificate for.

If that's successful, certbot will ask how you'd like to configure your HTTPS settings. For the moment do not select any redirection. Keep using http.

===Self-signed cert (If you do not use Let's Encrypt===
In case of a self signed certificate
<code>sudo openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/nginx-selfsigned.key -out /etc/ssl/certs/nginx-selfsigned.crt</code>

===Generate DHParam and strengthen nginx===

While we are using OpenSSL, we should also create a strong Diffie-Hellman group, which is used in negotiating Perfect Forward Secrecy with clients.

We can do this by typing:

sudo openssl dhparam -out /etc/ssl/certs/dhparam.pem 2048

Create a Configuration Snippet with Strong Encryption Settings

Next, we will create another snippet that will define some SSL settings. This will set Nginx up with a strong SSL cipher suite and enable some advanced features that will help keep our server secure.

The parameters we will set can be reused in future Nginx configurations, so we will give the file a generic name:

<code>sudo nano /etc/nginx/snippets/ssl-params.conf</code>

Paste the following

<code>
# from https://cipherli.st/
# and https://raymii.org/s/tutorials/Strong_SSL_Security_On_nginx.html

ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

ssl_prefer_server_ciphers on;

ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";

ssl_ecdh_curve secp384r1;

ssl_session_cache shared:SSL:10m;

ssl_session_tickets off;

ssl_stapling on;

ssl_stapling_verify on;

resolver 8.8.8.8 8.8.4.4 valid=300s;

resolver_timeout 5s;

# Disable preloading HSTS for now. You can use the commented out header line that includes

# the "preload" directive if you understand the implications.

#add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains";

add_header X-Frame-Options DENY;

add_header X-Content-Type-Options nosniff;

ssl_dhparam /etc/ssl/certs/dhparam.pem;
</code>

===Reconfigure nginx for https redirection===
Fairly straightforward process assuming your servername is servername.eu. Open up the <code>nano /etc/nginx/sites-available/servername</code>

the configuration file should look like this:

<code>server {
server_name servername.eu;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/servername.eu/full.pem# managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/servername.eu/privkey.pem; # managed by Certbot
include snippets/ssl-params.conf;
proxy_set_header X-Real-IP $remote_addr; # pass on real client IP</code>

location / {
proxy_pass http://localhost:3000;}}
<code>
server{</code>
server_name servername.eu
listen 80;
return 301 https://servername.eu;}

Category:I802 Firewalls and VPN IPSec (2017)

2017-09-28T13:03:31Z

Fislam: /* Services */

=Firewalls and VPN/IPSec=

==General information==

ECTS: 4

Lecturer: Lauri Võsandi

To register to this course send your SSH public key to Lauri and state which service you want to configure.

==Scenario==

In this course we will attempt to set up a network similar to a corporate network with multiple offices, eg http://docplayer.it/docs-images/20/596222/images/25-0.png

Our virtual company's story is based on [http://futurama.wikia.com/wiki/MomCorp Mom's Friendly Robot Company].

We will use VPN software to connect subnets to each other and we will use VPN software to connect our personal computers to the intranet.

==Hardware==

School's infra provides with public subnet for 62 hosts:

* IPv4 address: 193.40.244.129-188
* Subnet: /26
* Gateway: 193.40.244.188
* DNS: 8.8.8.8

That network is physically routed to 413-6-16 port in room 413.

We have total of about 264GB of RAM and couple of terabytes of SSD storage:

* Marek's box HP Proliant G5 2x quadcore Xeon, 64G RAM, 2 NIC-s (hosts 130-139)
* Madis' box HP Proliant G5, 4x quadcore Opteron, 64GB RAM, 2 NIC-s (hosts 140-149)
* Erik's box Sun 32GB, 2x 256GB SSD (hosts 155-159)
* Lauri's box HP Proliant G5 2x quadcore Xeon, 64G RAM, 2 NIC-s, 4x 250G SSD (hosts 160-179)
* Frank's box DELL 16GB, 2x 256GB SSD, 6 NIC (hosts 180-185)
* Another Sun box with 24G of RAM, dying harddisks
* Reserved addresses 186-188

NB! Replace BIOS batteries; replace thermal paste

==Grading==

If you don't know what to do pick a topic from the services list below.
Send your SSH public key to Lauri and state which service you want to take care of.

Collect 100p in total to pass the course, note that there are opportunities to collect much more points in total:

* Get the service up and running (15p)
* Configure Let's Encrypt certificates for your service if applicable (15p)
* Add your service to monitoring at mon.momcorp.eu (15p)
* Enable log forwarding to log.momcorp.eu, if applicable configure auditing for your service (15p)
* Configure your service to send e-mails (mail.momcorp.eu) if applicable (15p)
* Keep the service up and running through the semester (up to -20p)
* Keep the bad guys out from your servers (up to -30p)
* Have a disaster recovery plan (up to -20p)
* Configure layer3 firewall (15p)
* Configure application firewall(s) if applicable
* Configure your laptop to connect to intranet using OpenVPN and IPSec (15p)
* Configure your mobile device to connect to intranet using OpenVPN or IPSec (15p)
* Configure your service to use authentication from AD (20p)

We will start with services facing the public internet, see what's the worst that can happen in that case and later migrate some services to intranet only. Some services will retain connectivity to public internet due to their nature (eg OwnCloud, mailserver) and some services will be available only in the intranet (eg fileserver)

==Services==

To support our virtual company in everyday business we need to provide them with a variety of services:

* www.momcorp.eu - Install webserver/load balancer and create a homepage for the company and link to remaining sites. Olusiji
* shop.momcorp.eu - Install Magento and add some fictive products like dark matter and neutron star. Sander
* wiki.momcorp.eu - Install MediaWiki, later integrate with AD. Peep
* blog.momcorp.eu - Install WordPress, later integrate with AD. Steven
* chat.momcorp.eu - Install IRC server, provide multiple channels for developers. Install some web based software for customer helldesk. Ardi
* ns1.momcorp.eu - Primary Bind9 installation, later also add DNSSEC. Erik J
* ns2.momcorp.eu - Secondary Bind9 installation in another physical host. ???
* git.momcorp.eu - Gogs installation. Farhan
* mon.momcorp.eu - Nagios monitoring. Nika
* mail.momcorp.eu - Mailserver with Postfix (postfw, greylisting, dkim, spf, setup secondary mx), later with AD integration if exchange won't be used. Andris
* ca.momcorp.eu - Java servlet container, EJBCA installation for certificate management. Masaki
* nas.momcorp.eu - Samba fileserver. Hindrek
* log.momcorp.eu - Graylog or similar for central logging. Kaspar, Sten-Erik
* vpn.momcorp.eu - OpenVPN gateway. Moira
* cs.momcorp.eu - Teamspeak and/or gaming server for entertainment. Christopher

Additionally for each physical box listed under Hardware we could set up:

* Person responsible for the hypervisor on that box
* Virtual machine with router OS - Mikrotik RouterOS, Vyatta, pfsense or just vanilla Debian with shell scripts

Other topics:

* Mikus - Remote management: Puppet master, DSC, postfix with kerberos (and AD?)
* Strongswan gateway
* OpenVPN gateway, later AD integration
* Exchange
* failover/high availability (heartbeat)
* db clusters/shards/replication (mysql/mariadb)
* clustered filesystems/servers (clvm, corosync, fenced, gfs)
* web caches (varnish, squid, nginx)
* load balancing (haproxy, nginx, simple roundrobin)

==Lectures==

Following lectures are planned:

* 7. sept - Intro, virtualization, containers etc. Relevant story [https://lauri.xn--vsandi-pxa.com/lan/virtualization.html here]
* 14. sept - Network topology, bridges, tagging, trunking, subnetting, LAN, WAN
* 21. sept - iptables, ebtables, packet forwarding, DNAT, SNAT, routing tables, empheral ports, listening ports, slides [https://docs.google.com/presentation/d/1XMISOg88BJ0Dy8o3r8ZL9cxFT0oZZKDqPZ2EaWJRqFQ/edit?usp=sharing here]
* 28. sept - X.509 certificates, certificate authority, TLS, symmetric, asymmetric, keyexchange, Let's Encrypt, relevant slides [https://docs.google.com/presentation/d/1kqTyhhUu5CfwODmOTIC7odhlYfeEeJALTd4RX7XhPLE/edit?usp=sharing here]

Order to be determined:

* OpenVPN
* IPSec
* TBD, there are a lot of topics to discuss

Linux ransomware

2017-06-12T00:00:38Z

Fislam:

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===What about Antivirus?===
Windows users swear by Antivirus softwares, but this is not the case on linux. Truth be told, most antivirus software shall not help detect ransomwares or malwares on linux, since most of the Antivirus companies focus on malwares that infect Windows. Dr.Web is available with a free 3 month trial, and is known have detected a ransomware in the past. Certain systems are more in need of an antivirus than others:
1.If you have the program Wine installed in your system, and you use it to run <code>.exe</code> Windows executables.Scanning these files are crucial.
2.If you have a window based system on your network or a windows partition on your system, you may want to consider an antivirus.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also a project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:

1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

====Qubes OS====
Qubes OS is yet another Linux distribution with higher level of security. Qubes OS is actually a really nice mix of Fedora,Debian and Whonix. It uses the Xen for virtualization and RPM package manager. Some notable security hardened features on Qubes OS:

1.Isolated from the rest: Qubes confines each part of the OS by compartmentalizing them.Each component of the OS is relegated to a domain structure that is isolated from all other domains. The applications in Qubes OS run inside a completely seperate VM and even simple copy paste tasks requires Authorization.

2.Self-destruction:If you open a disposable domain, whatever you run and whatever data you generate from apps within it cease to exist when you close that domain. If you open a Web browser in a disposable domain and stumble on an infected website, the foreign substance would be deleted automatically when the domain closed.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-11T23:59:44Z

Fislam: /* Safest Linux Distros */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===What about Antivirus?===
Windows users swear by Antivirus softwares, but this is not the case on linux. Truth be told, most antivirus software shall not help detect ransomwares or malwares on linux, since most of the Antivirus companies focus on malwares that infect Windows. Dr.Web is available with a free 3 month trial, and is known have detected a ransomware in the past. Certain systems are more in need of an antivirus than others:
1.If you have the program Wine installed in your system, and you use it to run <code>.exe</code> Windows executables.Scanning these files are crucial.
2.If you have a window based system on your network or a windows partition on your system, you may want to consider an antivirus.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also a project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:

1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Qubes OS===
Qubes OS is yet another Linux distribution with higher level of security. Qubes OS is actually a really nice mix of Fedora,Debian and Whonix. It uses the Xen for virtualization and RPM package manager. Some notable security hardened features on Qubes OS:

1.Isolated from the rest: Qubes confines each part of the OS by compartmentalizing them.Each component of the OS is relegated to a domain structure that is isolated from all other domains. The applications in Qubes OS run inside a completely seperate VM and even simple copy paste tasks requires Authorization.

2.Self-destruction:If you open a disposable domain, whatever you run and whatever data you generate from apps within it cease to exist when you close that domain. If you open a Web browser in a disposable domain and stumble on an infected website, the foreign substance would be deleted automatically when the domain closed.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:55:21Z

Fislam: /* Safe Practices */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===What about Antivirus?===
Windows users swear by Antivirus softwares, but this is not the case on linux. Truth be told, most antivirus software shall not help detect ransomwares or malwares on linux, since most of the Antivirus companies focus on malwares that infect Windows. Dr.Web is available with a free 3 month trial, and is known have detected a ransomware in the past. Certain systems are more in need of an antivirus than others:
1.If you have the program Wine installed in your system, and you use it to run <code>.exe</code> Windows executables.Scanning these files are crucial.
2.If you have a window based system on your network or a windows partition on your system, you may want to consider an antivirus.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also a project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:

1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:38:52Z

Fislam: /* Ransomware Removal & Recovery */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also a project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:

1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:37:30Z

Fislam: /* SubGraph OS */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:

1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:36:54Z

Fislam:

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

==Popular Ransomwares==
===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

==Safe Practices==
===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
====SubGraph OS====
Subgraph OS is based on Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

==Conclusion==
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:32:44Z

Fislam: /* Ransomware in Linux */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

==Popular Ransomwares==
===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:32:04Z

Fislam: /* Linux.Encoder.1 */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code> /, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:31:03Z

Fislam: /* Ransomware in Linux */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===How Common is Ransomware in Linux?===
Ransomware is very common on Windows, and there are several ways in which a machine can be affected, the most common is through phising. However, in Linux it works a bit differently. On Linux based systems ransomwares target the web server, as the vast majority of Linux users are server users. The functionalities of a Linux ransomware is very similar to Windows ransomware, but one major difference is Linux requires executable permission before executing, but Windows does not. This makes it harder to exploit Linux based systems.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code>./, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-10T17:21:57Z

Fislam: /* Ransomware in Linux */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code>./, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use nmap to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

Linux ransomware

2017-06-09T20:27:33Z

Fislam: References

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is a Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code>./, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensive tutorial on how to use namp to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partition using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer than os OSX or Windows. Furthermore, by using security hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu. At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

==References==
1.https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/
2.https://vms.drweb.com/virus/?i=7704004&lng=en
3.https://nakedsecurity.sophos.com/2016/03/24/8-tips-for-preventing-ransomware/
4.https://www.securityspyware.com/killdisk-ransomware-linux-virus-removal/
5.http://www.zdnet.com/article/how-to-fix-linux-encoder-ransomware/
6.http://thehackernews.com/2016/03/subgraph-secure-operating-system.html

Linux ransomware

2017-06-09T20:16:13Z

Fislam: /* Conclusion */

'''Written by: Farhan Islam-C11 Group'''

==Ransomware in Linux==

===What is Ransomware?===
Ransomware is a very dangerous malware. It restricts users from accessing their system by either locking the system's screen or locking the user's files till the random is paid. Modern day ransomwares are categorized as Crypto Ransomware, which works by encrypting certain files and forces the user to pay online usually using a crypto currency. After the ransom is paid, the user gets a decryption key, and is able to use that to unlock the system.

===Linux.Encoder.1===
The existence of linux ransomwares weren't discovered until a couple of years ago. Dr.Web Antivirus detected a certain ransomware that attacked linux based systems. This ransomware was known as Linux.Encoder.1. This ransomware didn't just target any file/folder, it targeted the files & folders associated with the web server, this is usually wherever the document root of the web server is located, but it is not limited to it.The ransomware gets root access to system, and it downloads the files with the hackers demands along with a file that has a path to a public RSA (encryption algortighm) key. After that the malicious program starts as a daemon and deletes the original files. Afterwards, the RSA key is used to store AES (Advanced Encryption Standard) keys, which is used by the malicious program to encrypt files on the infected computer.The Linux.Encoder.1 starts by encrypting all the directories in the web server root. The hackers usually specify a string name for file extensions, or a pattern. The ransomware only encrypts the files that meet that criteria. Some common file extensions that are encrypted include <code>.tar.gz , .jpg, .apk, .pub, .mp4, .html</code> . The following directories are commonly encrypted <code>/home, /root, /var/lib/mysql, /etc/nginx, /var/www</code>. The following are not encrypted <code>./, ssh, /usr/bin, /bin, /etc/ssh</code>

===Killdisk===
Killdisk is another ransomware on linux, which does not decrypt. According to ESET security experts, the linux version of Killdisk does not save the encryption keys or communicate with command and control. Bottom line, even if someone pays the ransom, there is no actual chance of restoring their files. Killdisk uses a 3D AES with 64 bit crypto keys applied in 4kb blocks. The key is also unique for every file. Killdisk also makes the system unbootable, and modifies the bootloader completely. Killdisk is also known to have demanded exorbitant prices for decryption, even though it does not decrypt.

===Prevention===
Ransomware is usually found in emails and suspicious websites, but it definitely to limited to it. Every user should exercise caution and certain preventive steps should be taken. The following steps shall greatly reduces the chances of being infected with a ransomware.

1.Backup: Backup everything you need, from your databases to important documents. Keep in mind that you have proper backups in multiple location, a ransomware cannot harm you that much. So make a habit of backing up data regularly. This could be done on a USB drive, cloud based storage, etc.

2. Use a Firewall: The uncomplicated firewall on linux is a very basic option,but if configured properly it should do the trick. Usually it's a good idea to block the countries that are infamous for ransomware, namely the domains <code>.cn, .ru, .ro, .in </code> Limiting traffic to ports that are used by you, not more than that. A regular user should allow HTTP port 80, HTTPS port 443 and maybe SSH port 22 if they need it.

3.Use a vulnerability scanner like to ensure that your system is monitored against threats. There is no surefire way to know your system is vulnerable without using a vulnerability scanner. nMap is a basic tool to do this and is available on all linux distros. There is an extensie tutorial on how to use namp to scan for vulnerability over at [https://blog.michaelfmcnamara.com/2017/05/how-to-scan-for-machines-vulnerable-to-wannacrypt-wannacry-ransomware/].

4. Filter executable files in emails : It is not usual to receive an email with an executable file. It would be wise to block at least the following extension types when received as an email attachment <code>.exe, .dll, .bat </code>. Also it is wise to scan a compressed file type before opening it.

5. Software Update: This should go without saying. It is vital to update the system with security updates at all times. In case of linux <code>sudo apt-get upgrade</code>. Also make sure to update the antivirus definition files as soon as they are available.

6. Disable Remote Desktop: Ransomwares regularly target remote desktop environment. If you do not require RDP, block it with a firewall.

===Ransomware Removal & Recovery===
Certain ransomwares like killdisk on linux still cannot be decrypted. Fortunately Linux.Encoder.1 can be removed. BitDefender has a script to take on the Linux.Encoder.1. This script is available at https://github.com/eugenekolo/linux-ransomware-decrypter . Although the tutorials are on github, there is one vital information that is missing there in case your bootloader was encrypted.

1.Boot into the infected server. If bootloader is locked try booting with live usb stick. Mount the infected partion using <code>mount /dev/xxxx</code>
2.Please follow the github tutorial

There is also project https://www.nomoreransom.org with over 40 decryption tools. This project was originally started by DNP,Intel,Kasperky and Europol. Although chances of recovering your files aren't that high, it is still a great initiative to not pay the hackers.

===Safest Linux Distros===
SubGraph OS: Subgraph is based Debian. It is very heavily protected and is ideal for the truly paranoid. It comes with the following features:
1.Mandatory Full Disk Encryption: Users have no choice but encrypt the entire disk. Subgraph uses shadow encryption, as a result data is protected even if you lose your hard drive or if it fall's into the wrong hands. In other words, your data will not be lost.

2.Online Anonymity: Subgraph routes all your traffic through TOR anonymity network by default, making it difficult for attackers to figure out the actual physical location of their targets. This would ensure the endpoint security.

3.Advanced Proxy Settings:
Communications to outside world is carried out by Metaproxy, and it identifies legitimate connections.

4.Kernel Security:
Subgraph OS is also hardened by Grsecurity – a set of patches that are designed to make Linux kernel's security vulnerabilities like memory corruption flaws far more difficult to exploit.

5.Oz:
Oz is a system for isolating programs so that if an attacker exploits an application security vulnerability, the rest of your machine and your network will remain largely unaffected. Oz makes this possible by delimiting the permission applications have to other parts of the computer, so that when an attacker compromises the security hole in any application it does not allow any malicious activities to take place.

===Conclusion===
Although most ransomwares are meant for Windows, that doesn't mean you are hundred percent safe of Linux. As discussed earlier, a user's best weapon to fight against a ransomware is Backup. If a user follows all the preventive steps they will be far more safer rthan os OSX or Windows. Furthermore, by using secutiy hardened distro like Subgraph OS, the user will be far more safe than something like Ubuntu.At the end of the day, no system is invulnerable, now matter how secure it is. It is important to not give up, and almost never pay the ransom. Alternative movements like The No More RansomWare Project is great initiative, and has the potential greatly minimize the risk of ransomwares. Last but not least, the usage of a firewall is paramount to preventing ransomwares.

Linux ransomware

2017-06-09T20:06:22Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T20:05:40Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T19:12:51Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T19:02:36Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T18:39:57Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T18:29:34Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T18:11:38Z

Fislam: /* Ransomware in Linux */

Linux ransomware

2017-06-09T17:49:07Z

Fislam: killdisk

Linux ransomware

2017-06-09T17:34:31Z

Fislam: encryption

Linux ransomware

2017-06-09T17:16:50Z

Fislam: usage

Linux ransomware

2017-06-09T16:55:02Z

Fislam: Intro

Linux ransomware

2017-06-09T16:46:29Z

Fislam:

==Author Info==
Name: Farhan Islam
Major: Cyber Security

==Ransomware in Linux==
Ransomwares in Linux Operating Systems are not as common as they are on Windows, but they do exist.

Linux ransomware

2017-06-09T16:40:40Z

Fislam: Created page with "Author: Farhan Islam"

Author: Farhan Islam

Arch linux

2017-05-08T16:55:59Z

Fislam: UFW

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Firewall==

UFW is the uncomplicated firewall. It is terminal based and very user friendly.
Install ufw <code>pacman -S ufw</code>
View ip configuration <code> ip addr </code>

For a simple rule where you allow traffic from 192.168.0.1 to 192.168.0.255 and incoming SSH and telnet connections
<code>
ufw default deny

ufw allow from 192.168.0.0/24

ufw allow SSH

ufw allow telnet

</code>

Now enable ufw <code> ufw enable </code>

Check if ufw is running <code> ufw status </code> , it should be running

You can add other apps the same way, just view the <code> ufw app list </code>

To delete a rule, let's say SSH in this case <code>ufw delete allow SSH </code>

Blacklisting IP address
To blacklist an IP you need to edit the following file <code>vim /etc/ufw/before.rules</code>

To blacklist 139.59.152.107 just before the COMMIT add the following <code>-A ufw-before-input -s 139.59.152.107 -j DROP</code>

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work now.

==My ArchBox Screenshots==

[https://ibb.co/cyxM85 UFW status]

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:16:56Z

Fislam: /* Rolling Releases */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:16:42Z

Fislam: /* Power User */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:16:30Z

Fislam: /* Different Desktop Environments */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:16:20Z

Fislam: /* User Repository */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:16:11Z

Fislam: /* Community Based */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-08T16:15:35Z

Fislam: FAQ

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==Questions==

Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T11:25:04Z

Fislam: /* =Checking Xserver */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T11:22:48Z

Fislam: Table of contents done

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

===Post Installation===

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

====Login the Newly Installed System====

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

====Enable Internet====

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

====Pre GUI Installation====

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

=====Xserver installation=====

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

=====Install Linux Headers=====

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

=====VBox Guest Additions Installations=====

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

=====Checking Xserver====

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

====Installing GUI/Desktop Environment====

=====LXDE=====

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Start LXDE by <code>systemctl enable lxdm.service</code>

=====Gnome=====

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by <code>systemctl enable gdm.service</code>

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

==Post GUI Login==

===Installing Packages===

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

====Pacman====

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

===Removing packages===

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

==AUR Helper==

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

==Conclusion==

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

==My ArchBox Screenshots==

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T10:19:33Z

Fislam: /* =Install Ucode */

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

=====Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T10:19:02Z

Fislam:

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

======Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T10:18:42Z

Fislam:

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

======Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T10:17:43Z

Fislam:

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

====Bootloader Installation and Configuration====

=====Verify EFI=====

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

=====Install Bootctl=====

Now install the bootloader <code> bootctl install </code>

=====Export PARTUUID====

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

=====Edit Arch.conf=====

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

======Install Ucode=====

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

======Re-Edit Arch.conf======

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-07T10:09:02Z

Fislam: working on TOC

'''Written by: Farhan Islam-C11 Group'''

==Arch Linux Usage==

===What is Arch Linux?===

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

===Top Reasons To Use Arch===

====Community Based====

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

====User Repository====

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

====Different Desktop Environments====

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

====Power User====

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

====Rolling Releases====

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

==Arch Linux Installation==

===Preparing VM===

====Download ISO====

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

====VM Specs====

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

===Pre-Installation===

====Checking internet connection====

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

====Partitioning====

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

====Formatting====

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

====Mounting====

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

=== Installation===

====Listing Mirrors====

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

====Install base packages, Generate fstab====

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

===Post installation of base packages===

====Mount Root Partition====

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

====Change language====

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

====Set the Time Zone====

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

====Hostname====

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

====32 bit support and Custom Repository====

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

=====Custom Repository Configuration=====

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

====Installing yaourt====

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

====Setup root password====

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

====Add a Regular User====

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

====Sudo Permissions====

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T21:58:23Z

Fislam: Add category

== '''Arch Linux''' ==

'''Written by: Farhan Islam-C11 Group'''

Arch is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on Virtual Box for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T16:48:47Z

Fislam:

== '''Arch Linux''' ==

'''Written by: Farhan Islam-C11 Group'''

Arch is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on Virtual Box for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T16:46:15Z

Fislam: Yaourt security issues

== '''Arch Linux''' ==

'''Written by: Farhan Islam-C11 Group'''

Arch is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on Virtual Box for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''Conclusion'''

'''AUR Helper'''

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, pacaur, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T16:28:46Z

Fislam: Author name added,typo fixes and some edits

== '''Arch Linux''' ==

'''Written by: Farhan Islam-C11 Group'''

Arch is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:

1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on Virtual Box for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is enough for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Un-comment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check /etc folder to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd root </code>
Simply type in the password and confirm it.

Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T06:50:52Z

Fislam:

'''Arch Linux''' is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:
1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on VirtualBox for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]
On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM and 85% Processor power.
Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. FIrst of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is enough for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partion <code> mkswap /dev/sda2 </code> Intialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journaling system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and uncomment the mirrors you want to rank. I sugguest uncommenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Uncomment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

setup the hostname <code> echo bossman-arch > /etc/hostname </code>
Double check to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd </code>

Simply type in “passwd” and confirm password

Add a regular user

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults root pw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootale. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatability issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

'''Conclusion'''

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-06T00:05:09Z

Fislam: Links to some pictures of Arch

'''Arch Linux''' is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:
1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on VirtualBox for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]
On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM and 85% Processor power.
Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. FIrst of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is enough for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partion <code> mkswap /dev/sda2 </code> Intialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journaling system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and uncomment the mirrors you want to rank. I sugguest uncommenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Uncomment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

setup the hostname <code> echo bossman-arch > /etc/hostname </code>
Double check to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd </code>

Simply type in “passwd” and confirm password

Add a regular user

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults root pw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootale. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatability issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.'''Bold text'''

Arch Linux Screenshots:

[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]

[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]

[http://enos.itcollege.ee/~fislam/7.png Xserver is working]

[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]

[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]

[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-05T23:42:49Z

Fislam: References

'''Arch Linux''' is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.

The main reasons to install Arch Linux are as follows:
1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

'''How to install Arch Linux on VirtualBox for a EFI System'''

This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]
On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM and 85% Processor power.
Once that's all done,mount the ISO and fire up the virtual machine.

Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>

'''Creating file systems, formatting and mounting'''
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. FIrst of all you need to check your block devices and partitions.

<code>lsblk</code> to view block devices

<code>cgdisk /dev/sda</code> In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

<code>Remember first sector empty</code>

<code> KGMTP 512MB </code> 512MB is enough for a EFI boot.

<code>Hexcode: L to view all. Go with ef00</code>

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

<code>Hexcode: 8200</code>

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

<code>Hexcode: 8300</code> This is the main linux file system and is suitable for our root partition.

Partition name : root

<code> lsblk </code> To verify the partitions exist

Formatting:

Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.

Format swap partion <code> mkswap /dev/sda2 </code> Intialize swap <code>swapon /dev/sda2</code>

Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journaling system is used for root.

Mounting:

Mount root <code> mount /dev/sda3 /mnt </code>

Now make directory <code> mkdir /mnt/boot </code>

Mount boot <code> mount /dev/sda1 /mnt/boot </code>

'''Mirrorlist (Optional)'''
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and uncomment the mirrors you want to rank. I sugguest uncommenting at least 20 countries. Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.

'''Install base packages, Generate fstab'''

To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc

'''Basic configurations'''

First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.

Change language to EN_US:

Use the command <code> nano /etc/locale.gen </code>

Uncomment <code> en_US.UTF-8 </code> There should be two of these

Generate the locale <code> locale-gen </code>

Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>

Set up the time :

Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>

Set up the hostname:

setup the hostname <code> echo bossman-arch > /etc/hostname </code>
Double check to see if hostname exists

Enable multilib and create custom repository: (Optional Step)

Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

In the same file, all the way in the bottom add a custom repository :
<code>
[archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Run pacman to get yaourt <code>pacman -Sy yaourt </code> Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password <code> passwd </code>

Simply type in “passwd” and confirm password

Add a regular user

<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>

Sudo Permissions:
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

<code> EDITOR=nano.visudo </code> find %wheel and add on the line below <code> Defaults root pw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

'''Bootloader installation and configuration'''

<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Now install the bootloader <code> bootctl install </code>

<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.

<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

<code>

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootale. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

For intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatability issues.

Now you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>

Exit chroot <code> exit </code>

Unmount everything <code> umount -R /mnt </code> Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system <code>Shutdown now </code>

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

'''Enable Internet'''

<code> sudo su </code> For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection.
First check <code>ip link </code> The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable <code> systemctl enable dhcpcd@enp0s3.service </code>

<code>reboot</code> Reboot and ping google or some other site it should work fine.

'''GUI : XSever, VBox Guest Additions and LXDE'''

This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.

Xserver installation:

<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.

Install Linux headers:

<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations:

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom <code> mount /dev/cdrom /mnt </code>

Navigate to /mnt examine and run the script <code> ./VBoxLinuxAdditions.run </code> This should install virtual box guest additions.

<code>pacman -Syu </code> Check for updates.

At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.

Installing LXDE:

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>

Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Installing Gnome:

If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.

Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that

Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> This will get all the dependendencies and clean everything up afterwards and even install after it's being built. You can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.

Finally an example of yaourt:
Yaourt basically works the same way, and you need to be non sudo user to use it. <code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.

'''Removing packages'''

To remove a single package without dependency <code> pacman -R package </code>

To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>

Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>

If you installed with makepkg pacman should take care of the uninstalling.

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.'''Bold text'''

== References ==

'''Arch Linux WIki[https://wiki.archlinux.org/]'''

'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]

'''Arch User Repository'''[https://aur.archlinux.org/]

Arch linux

2017-05-05T23:31:51Z

Fislam: Uninstall app with pacman

Arch linux

2017-05-05T23:20:06Z

Fislam: Yaourt