Arch linux: Difference between revisions

From ICO wiki
Jump to navigationJump to search
Fislam (talk | contribs)
No edit summary
Fislam (talk | contribs)
UFW
 
(23 intermediate revisions by the same user not shown)
Line 1: Line 1:
'''Arch Linux''' is a Unix like linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalistic approach, moreover it pushes to user to put great effort into understanding how the system works.


The main reasons to install Arch Linux are as follows:
'''Written by: Farhan Islam-C11 Group'''
1. Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.


2. Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.
==Arch Linux Usage==


3. Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.
===What is Arch Linux?===


4. Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.
Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.


5. Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.
===Top Reasons To Use Arch===


                                                                                                                                               
====Community Based====
'''How to install Arch Linux on VirtualBox for a EFI System'''
 
Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.
 
====User Repository====
 
Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.
 
====Different Desktop Environments====
 
Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.
 
====Power User====
 
Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.
 
====Rolling Releases====
 
Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.
 
==Arch Linux Installation==
 
===Preparing VM===
 
====Download ISO====


This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]
This is a long process, but first of all you need to get the official Arch Linux ISO from [https://www.archlinux.org/download/]
On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM and 85% Processor power.
 
Once that's all done,mount the ISO and fire up the virtual machine.
====VM Specs====
 
On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.
 
===Pre-Installation===
 
====Checking internet connection====


Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>
Once inside the virtual machine, you will see a promt like <code>root@archoiso ~ #</code> first thing you want to do is check whether the internet is working by simply doing <code>ping -c 3 www.google.com</code>


'''Creating file systems, formatting and mounting'''
====Partitioning====
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. FIrst of all you need to check your block devices and partitions.
 
I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.


<code>lsblk</code> to view block devices
<code>lsblk</code> to view block devices
Line 32: Line 60:
<code>Remember first sector empty</code>
<code>Remember first sector empty</code>


<code> KGMTP 512MB </code> 512MB is enough for a EFI boot.
<code> KGMTP 512MB </code> 512MB is recommended by Arch Linux wiki for a EFI boot.


<code>Hexcode: L to view all. Go with ef00</code>
<code>Hexcode: L to view all. Go with ef00</code>
Line 53: Line 81:


Partition name : root  
Partition name : root  
EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.


<code> lsblk </code> To verify the partitions exist
<code> lsblk </code> To verify the partitions exist


Formatting:
====Formatting====


Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.
Format boot partition <code> mkfs.fat -F32 /dev/sda1 </code> FAT32 is used for EFI boot.


Format swap partion <code> mkswap /dev/sda2 </code> Intialize swap <code>swapon /dev/sda2</code>
Format swap partition <code> mkswap /dev/sda2 </code> Initialize swap <code>swapon /dev/sda2</code>


Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journaling system is used for root.
Format root partition <code> mkfs.ext4 /dev/sda3 </code> Ext4 journalling file system is used for root.


Mounting:
====Mounting====


Mount root <code> mount /dev/sda3 /mnt </code>
Mount root <code> mount /dev/sda3 /mnt </code>
Line 72: Line 102:
Mount boot <code> mount /dev/sda1 /mnt/boot </code>
Mount boot <code> mount /dev/sda1 /mnt/boot </code>


=== Installation===


'''Mirrorlist (Optional)'''
====Listing Mirrors====
Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and uncomment the mirrors you want to rank. I sugguest uncommenting at least 20 countries.  Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.


'''Install base packages, Generate fstab'''
You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit <code>/etc/pacman.d/mirrorlist</code> and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries.  Use <code> rankmirrors -n 5 /etc/pacman.d/mirrorlist </code> to rank the top five mirrors , could take a few minutes.
 
====Install base packages, Generate fstab====


To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
To install base packages <code> pacstrap -i /mnt base base-devel </code> These are the core packages of an Arch Linux Installation.
Line 83: Line 115:
To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc
To generate fstab <code> genfstab -U /mnt >> /mnt/etc/fstab </code> Check if fstab generated in /mnt/etc


'''Basic configurations'''
===Post installation of base packages===
 
====Mount Root Partition====


First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.
First of all you need to get inside the newly installed system <code> arch-chroot /mnt </code> You should see a slightly different prompt now.


Change language to EN_US:
====Change language====


Use the command <code> nano /etc/locale.gen </code>
Use the command <code> nano /etc/locale.gen </code>


Uncomment <code> en_US.UTF-8 </code> There should be two of these
Un-comment <code> en_US.UTF-8 </code> There should be two of these


Generate the locale <code> locale-gen </code>
Generate the locale <code> locale-gen </code>
Line 97: Line 131:
Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>
Now the output needs to be saved <code> echo LANG=en_US.UTF-8 > /etc/locale.conf </code> and exported <code> export LANG=en_US.UTF-8 </code>


Set up the time :
====Set the Time Zone====


Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now change to Tallinn by creating a soft link <code> ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime </code> This might already exists
Now set hardware clock to utc <code> hwclock –systohc –utc </code>
Now set hardware clock to utc <code> hwclock –systohc –utc </code>


Set up the hostname:
====Hostname====


setup the hostname <code> echo bossman-arch > /etc/hostname </code>
Setup the hostname by simply echoing the hostname and then outputting in etc <code> echo bossman-arch > /etc/hostname </code>
Double check to see if hostname exists
Double check /etc folder to see if hostname exists


Enable multilib and create custom repository: (Optional Step)
====32 bit support and Custom Repository====


Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs
Type in <code> nano /etc/pacman.conf </code> Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs
=====Custom Repository Configuration=====


In the same file, all the way in the bottom add a custom repository :
In the same file, all the way in the bottom add a custom repository :
<code>  
<code>  
[archlinuxfr]
[archlinuxfr]
SigLevel= Never  
SigLevel= Never  
Server= http://repo.archlinux.fr/$arch
 
</code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.
Server= http://repo.archlinux.fr/$arch </code> Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.
 
====Installing yaourt====


Run pacman to get yaourt <code>pacman -Sy yaourt </code>  Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.
Run pacman to get yaourt <code>pacman -Sy yaourt </code>  Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.


Setup root password <code> passwd </code>
====Setup root password====


Simply type in “passwd” and confirm password
Setup root password <code> passwd root </code>
Simply type in the password and confirm it.
 
====Add a Regular User====


Add a regular user
Add a regular user
It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has
absolute control over the system.


<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>
<code> useradd -m -g users -G wheel,storage -s /bin/bash axon </code> -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, <code>passwd axon </code>


Sudo Permissions:
====Sudo Permissions====
 
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.
We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.


<code> EDITOR=nano.visudo </code> find %wheel and add on the line below  <code> Defaults root pw </code> Now the sudo password will be prompted when doing sudeoers task.
<code> EDITOR=nano.visudo </code> find %wheel and add on the line below  <code> Defaults rootpw </code> Now the sudo password will be prompted when doing sudeoers task.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.
At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.


'''Bootloader installation and configuration'''
====Bootloader Installation and Configuration====
 
=====Verify EFI=====


<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.
<code> mount -t efivarfs efivarfs /sys/firmware/efi/efivars </code> This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.
=====Install Bootctl=====


Now install the bootloader <code> bootctl install </code>
Now install the bootloader <code> bootctl install </code>
====Export PARTUUID====


<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.  
<code> blkid </code> Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.  
Line 144: Line 195:
<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.  
<code> blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf </code> You just outputted the PARTUUID in arch.conf.  


=====Edit Arch.conf=====
This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code> nano /boot/loader/entries/arch.conf </code> You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.
<code>  
<code>  


Line 156: Line 209:
options root=PARTUUID=*YOURUUID* rw
options root=PARTUUID=*YOURUUID* rw


</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootale. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.
</code>Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.


For intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatability issues.
=====Install Ucode=====
 
For Intel processors only <code>pacman -S intel-ucode </code> Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.
 
======Re-Edit Arch.conf======


Now  you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>
Now  you have add ucode to config file <code> /boot/loader/entries/arch.conf </code> and add another initrd above the former initrd like <code> initrd /intel-ucode.img </code>
===Post Installation===
The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.


Exit chroot <code> exit </code>
Exit chroot <code> exit </code>
Line 173: Line 234:


Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.
Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.
====Login the Newly Installed System====


If you have done everything correctly a login prompt should appear. You can login using the your credentials.
If you have done everything correctly a login prompt should appear. You can login using the your credentials.


'''Enable Internet'''
====Enable Internet====


<code> sudo su </code> For the sake of convenience become sudo as soon as you can.
<code> sudo su </code> For the sake of convenience become sudo as soon as you can.
Line 187: Line 250:
<code>reboot</code> Reboot and ping google or some other site it should work fine.
<code>reboot</code> Reboot and ping google or some other site it should work fine.


'''GUI : XSever, VBox Guest Additions and LXDE'''
====Pre GUI Installation====


This is the final step of the installation process. I chose LXDE because it's pretty light and fast. You can install Gnome, it looks outstanding but it might lag.
For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.


Xserver installation:
=====Xserver installation=====


<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.
<code> pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux </code> The following ar the reccomended packages,and they should all be installed.


Install Linux headers:
=====Install Linux Headers=====


<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.
<code> pacman -S linux-headers </code> header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.


VBox Guest Additions Installations:
=====VBox Guest Additions Installations=====


Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.
Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.
Line 208: Line 271:


<code>pacman -Syu </code> Check for updates.
<code>pacman -Syu </code> Check for updates.
====Checking Xserver====


At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.
At this point you need to reboot again.Once back in the system <code> startx </code> you should see some colored windows, this means xserver is ready for GUI.


Installing LXDE:
====Installing GUI/Desktop Environment====
 
=====LXDE=====


Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>
Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. <code> pacman -S lxde </code>


Once the installation is done, all you need to do is a reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.
Start LXDE by <code>systemctl enable lxdm.service</code>


Installing Gnome:
=====Gnome=====


If you prefer Gnome instead of LXDE then <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.
Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. <code> pacman -S gnome gnome-extra gdm</code> Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.


Start gnome by <code>systemctl enable gdm.service</code>


'''Installing with Pacman and Yaourt''' this is only an example of how to use pacman and yaourt, you can set up whatever you want.
Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.
 
==Post GUI Login==
 
===Installing Packages===
 
This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.
 
====Pacman====


Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that
Open up the terminal and <code> sudo pacman -S firefox </code> Firefox will be installed just like that


Install Geekbench. Firstly get it from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> </code>
====PKGBUILD====
PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration
of how to install using makepkg.
 
Install Geekbench. Firstly get snapshot from this link [https://aur.archlinux.org/cgit/aur.git/snapshot/geekbench.tar.gz] Navigate to downloaded location on terminal and do <code>tar xf geekbench.tar.gz </code> and then navigate to this new folder <code> makepkg -sci</code> -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.
 
Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the <code> base devel </code> package also, without it you will not be able to make package.
 
====yaourt====
Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.
 
<code> yaourt -Sb google-chrome </code> This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.
 
 
===Removing packages===
 
To remove a single package without dependency <code> pacman -R package </code>
 
To remove a package with dependencies that which are not required by other applications <code> pacman -Rs package </code>
 
To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless <code> pacman -Rsc package </code>
 
Removing yaourt packages, basically the same except you replace pacman with yaourt <code> yaourt -R package </code>
 
If you installed with makepkg pacman should take care of the uninstalling.
 
==AUR Helper==
 
Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.
 
==Firewall==
 
UFW is the uncomplicated firewall. It is terminal based and very user friendly.
Install ufw <code>pacman -S ufw</code>
View ip configuration <code> ip addr </code>
 
For a simple rule where you allow traffic from 192.168.0.1 to 192.168.0.255 and incoming SSH and telnet connections
<code>
ufw default deny
 
ufw allow from 192.168.0.0/24
 
ufw allow SSH
 
ufw allow telnet
 
</code>
 
Now enable ufw <code> ufw enable </code>
 
Check if ufw is running <code> ufw status </code> , it should be running
 
You can add other apps the same way, just view the <code> ufw app list </code>
 
To delete a rule, let's say SSH in this case <code>ufw delete allow SSH </code>
 
Blacklisting IP address
To blacklist an IP you need to edit the following file <code>vim /etc/ufw/before.rules</code>
 
To blacklist 139.59.152.107 just before the COMMIT add the following <code>-A ufw-before-input -s 139.59.152.107 -j DROP</code>
 
==Conclusion==
 
If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.
 
==Questions==
 
Why not use GRUB for bootloader?
I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.
 
How do I set up wifi in case of a non virtualbox based installation?
 
You need to check to see if iw and wpa supplicants are installed <code>pacman -S iw wpa_supplicant linux-firmware</code>
If they are not there, please install them.
Afterwards do <code>pacman -Syy </code>
Then view the wpa supplication <code>cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf</code>
If this doesn't exist, then you are missing some packages.
Finally run this command with the correct info from your router  <code>wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey")</code>
Wifi Should work now.
 
 
==My ArchBox Screenshots==
 
[https://ibb.co/cyxM85 UFW status]
 
[http://enos.itcollege.ee/~fislam/9.png Gnome Installed]
 
[http://enos.itcollege.ee/~fislam/8.png LXDE Installed]
 
[http://enos.itcollege.ee/~fislam/7.png Xserver is working]
 
[http://enos.itcollege.ee/~fislam/5.png Arch Linux Login Prompt]
 
[http://enos.itcollege.ee/~fislam/4.png Arch Linux chroot mount prompt]
 
[http://enos.itcollege.ee/~fislam/2.png list of files in /etc]
 
[[Category:Operatsioonisüsteemide administreerimine ja sidumine]]
 
 
== References ==
 
'''Arch Linux WIki[https://wiki.archlinux.org/]'''
 
'''Five reasons to Use Arch'''[http://www.cio.com/article/2898189/five-reasons-i-roll-with-arch-linux-and-why-you-should-too.html]
 
'''Arch User Repository'''[https://aur.archlinux.org/]

Latest revision as of 18:55, 8 May 2017

Written by: Farhan Islam-C11 Group

Arch Linux Usage

What is Arch Linux?

Arch is a Unix like Linux distribution. Arch started it’s journey in 2002, and is usually used by advanced users. Arch Linux is not super user friendly to begin, and therefore not recommended for rookies. However, the deal with Arch Linux is that it’s free of bloat-wares and uses a very minimalist approach, moreover it pushes to user to put great effort into understanding how the system works.

Top Reasons To Use Arch

Community Based

Arch Linux is community based, and not market based. It doesn’t need to bother about the markets and customers, in fact it’s all about the development process. Furthermore, Arch doesn’t need to be patched, it is kind of like a stock Android, where the user uses what the upstream developed. Arch Linux probably has the best community support of all the linux distros, and the Arch WIKI contains pretty much everything a user might require.

User Repository

Arch has massive software repositories. Arch has pretty much every application that is available through the packaging system on other distros, if not more. Arch calls it the Arch User Repository. It is a repository maintained by users, whereby users can compile and install packages from the source. Of course, users can also use Yaort command, if they prefer.

Different Desktop Environments

Support for majority of desktop environments. Mainstream linux distro like Ubuntu uses Unity uptill 16.10, and Unity by far the slowest desktop environment I’ve used. Although, users have the option to install Plasma, XFCE, MATE. Other environments like Gnome doesn’t work well on ubuntu. However, as of Ubuntu 17.04, Ubuntu has switched back to Gnome. Arch Linux supports LXDE,XFCE,Gnome,Mate and Cinnamon, and nothing seems to make it laggy, or break it.

Power User

Total User Control. Arch puts you in the pilot’s chair. The user has the ability to build everything from scratch, hence they can choose whatever they want instead of having to deal with unnecessary packages.

Rolling Releases

Rolling Releases. Unlike other distros, you do not come across a major update every 6 months. Arch uses rolling updates. That means, you are always running the latest packages, both desktop and kernel, as you don’t have to wait for a new distro, and you automatically get the latest packages.

Arch Linux Installation

Preparing VM

Download ISO

This is a long process, but first of all you need to get the official Arch Linux ISO from [1]

VM Specs

On Virtual Box you will need to create a EFI enabled virtual machine. In my case, I used 20GB dynamically allocated hard drive, 1.5GB RAM (EDIT: For Gnome I used 2.4gb ram, and later went back down to 1.5GB) and 85% Processor power. Once that's all done,mount the ISO and fire up the virtual machine.

Pre-Installation

Checking internet connection

Once inside the virtual machine, you will see a promt like root@archoiso ~ # first thing you want to do is check whether the internet is working by simply doing ping -c 3 www.google.com

Partitioning

I recommend cgdisk or gdisk for EFI systems, it is very user friendly and straightforward. First of all you need to check your block devices and partitions.

lsblk to view block devices

cgdisk /dev/sda In my case it was /dev/sda

Now you need to start creating the partitions. You basically need just 3 partitions, boot, swap and root. For all of the partitions leave the first sector empty. Now create a partition.

Remember first sector empty

KGMTP 512MB 512MB is recommended by Arch Linux wiki for a EFI boot.

Hexcode: L to view all. Go with ef00

Partition name : boot

Create another partition /dev/sda2

Size in sectors(KMGTP): 2GB The rule is to allocate around 1.5 times the RAM for your Swap partition, so in my case it was 2GB approx.

Hexcode: 8200

Partition name : swap

Create the final partition /dev/sda3

Size in sectors(KMGTP): leave blank By leaving blank it will allocate the remaining space to this partition.

Hexcode: 8300 This is the main linux file system and is suitable for our root partition.

Partition name : root

EDIT: It is is a nice practice to separate the home and root partitions. I did not do it because I do not really intend on using this VM a lot. If you however, want Arch as your primary VM then do create a home partition separate from root and mount in the mount point.

lsblk To verify the partitions exist

Formatting

Format boot partition mkfs.fat -F32 /dev/sda1 FAT32 is used for EFI boot.

Format swap partition mkswap /dev/sda2 Initialize swap swapon /dev/sda2

Format root partition mkfs.ext4 /dev/sda3 Ext4 journalling file system is used for root.

Mounting

Mount root mount /dev/sda3 /mnt

Now make directory mkdir /mnt/boot

Mount boot mount /dev/sda1 /mnt/boot

Installation

Listing Mirrors

You can skip this step if you want.Now you have the option to rank the mirrorlist, even though you do not really have to do this. To do so you need to edit /etc/pacman.d/mirrorlist and un-comment the mirrors you want to rank. I suggest un-commenting at least 20 countries. Use rankmirrors -n 5 /etc/pacman.d/mirrorlist to rank the top five mirrors , could take a few minutes.

Install base packages, Generate fstab

To install base packages pacstrap -i /mnt base base-devel These are the core packages of an Arch Linux Installation. FSTAB basically lists all the partitions and data sources and show how they are being used.

To generate fstab genfstab -U /mnt >> /mnt/etc/fstab Check if fstab generated in /mnt/etc

Post installation of base packages

Mount Root Partition

First of all you need to get inside the newly installed system arch-chroot /mnt You should see a slightly different prompt now.

Change language

Use the command nano /etc/locale.gen

Un-comment en_US.UTF-8 There should be two of these

Generate the locale locale-gen

Now the output needs to be saved echo LANG=en_US.UTF-8 > /etc/locale.conf and exported export LANG=en_US.UTF-8

Set the Time Zone

Now change to Tallinn by creating a soft link ln -s /usr/share/zoneinfo/Europe/Tallinn > /etc/localtime This might already exists Now set hardware clock to utc hwclock –systohc –utc

Hostname

Setup the hostname by simply echoing the hostname and then outputting in etc echo bossman-arch > /etc/hostname Double check /etc folder to see if hostname exists

32 bit support and Custom Repository

Type in nano /etc/pacman.conf Find and uncomment multlib, not the testing, just the multilib and line beneath of course. Multilib makes sure you have access to 32bit programs

Custom Repository Configuration

In the same file, all the way in the bottom add a custom repository : [archlinuxfr]

SigLevel= Never

Server= http://repo.archlinux.fr/$arch Save changes and exit,and of course if you are editing a file you are expected to save it, so I might not always write save changes.

Installing yaourt

Run pacman to get yaourt pacman -Sy yaourt Yaourt is basically the Arch Linux Users version of pacman. It is slighltly different, more on that later.

Setup root password

Setup root password passwd root Simply type in the password and confirm it.

Add a Regular User

Add a regular user It is recommend to add a regular user for security reasons. You should never the use the computer as root user unless you have to, because the root user has absolute control over the system.

useradd -m -g users -G wheel,storage -s /bin/bash axon -m flag is to create -g is the group flag -G on the other hand is the secondary group. Wheel is the Arch equivalent of nano, storage gives access to removable devices, and bash is the shell environment. Now set up a password for the user, passwd axon

Sudo Permissions

We need to make sure to edit one file so that the sudo password is asked everytime when doing a sudoers task.

EDITOR=nano.visudo find %wheel and add on the line below Defaults rootpw Now the sudo password will be prompted when doing sudeoers task. At this point you might have to restart the system, you may encounter some error messages in the next step just reboot, remount and get chroot back in if it happens.

Bootloader Installation and Configuration

Verify EFI

mount -t efivarfs efivarfs /sys/firmware/efi/efivars This should return that it's busy or already in use,it's a good thing if that happens, otherwise you need to recheck all the steps.

Install Bootctl

Now install the bootloader bootctl install

Export PARTUUID

blkid Make a note of the UUID of /dev/sda3. The following steps must be done exactly this way except you will have a very different UUID.

blkid -s PARTUUID -o value /dev/sda3 > /boot/loader/entries/arch.conf You just outputted the PARTUUID in arch.conf.

Edit Arch.conf

This needs to be done correctly, you should double check to make sure you have all the necessary files in the right directory. nano /boot/loader/entries/arch.conf You need to edit this configuration file. You will see the PARTUUID generated and nothing else on it. It should look like the following.

title Arch Linux

linux /vmlinuz-linux

initrd /initramfs-linux.img

options root=PARTUUID=*YOURUUID* rw

Save and exit. Vmlinuz is the name of a linux kernel executable. You should know that kernel is like the heart of an OS. Vmlinuz is compressed and bootable. Initrd is a scheme for temporary root file system into memory, which may be used as part of the Linux startup process. initrd and initramfs refer to two different methods of achieving this.

Install Ucode

For Intel processors only pacman -S intel-ucode Is basically a microcode update file for Intel CPUs. I recommend doing this for compatibility issues.

Re-Edit Arch.conf

Now you have add ucode to config file /boot/loader/entries/arch.conf and add another initrd above the former initrd like initrd /intel-ucode.img

Post Installation

The installation process is complete, but please make sure you safely shutdown the system instead of force quitting.

Exit chroot exit

Unmount everything umount -R /mnt Mnt was a placeholder for root, now that we have the actual system waiting we do not need it.

Shutdown the system Shutdown now

Power off virtual machine

Eject ISO

Arch Linux Installation should be complete,however it is time to power up the VM without ISO, double check to see if the ISO is ejected and and the boot is set to hard drive.

Login the Newly Installed System

If you have done everything correctly a login prompt should appear. You can login using the your credentials.

Enable Internet

sudo su For the sake of convenience become sudo as soon as you can.

Now that you are logged in if you try to ping something or get a package with pacman, it will fail, you must re-enable the internet connection. First check ip link The correct interface is not the first one or the loopback, it is the one with broadcast and in my case it was enp0s3, and the interface was down.

To re-enable systemctl enable dhcpcd@enp0s3.service

reboot Reboot and ping google or some other site it should work fine.

Pre GUI Installation

For a traditional user who is coming from Windows or MAC, GUI is everything. Certain steps need to followed for this.

Xserver installation

pacman -S xorg-server xorg-server-utils xorg-xinit xterm mesa xorg-clock xorg-twm alsa-utils tmux The following ar the reccomended packages,and they should all be installed.

Install Linux Headers

pacman -S linux-headers header files used to compile the kernel -and other applications which depend on the structures defined in theseheader files, like kernel modules. An example can be graphic card drivers.

VBox Guest Additions Installations

Virtual Box guest additions allows the changing of resolution and using USB devices within the VM. Hence it must be done for GUI. To do so, simply insert the Virtual Box Guest Addition CD from the upper menu. It should be inserted. If you get an error it's probably because you have to IDE cdrom, just go back to virtualbox and create a blank IDE drive without mounting anything, then boot back into Arch VM and insert the guest additions cd, this will work.

Now you have to mount the cdrom mount /dev/cdrom /mnt

Navigate to /mnt examine and run the script ./VBoxLinuxAdditions.run This should install virtual box guest additions.

pacman -Syu Check for updates.

Checking Xserver

At this point you need to reboot again.Once back in the system startx you should see some colored windows, this means xserver is ready for GUI.

Installing GUI/Desktop Environment

LXDE

Unlinke gnome lxde doesn't need so much space and this should be a straightforward installation. pacman -S lxde

Start LXDE by systemctl enable lxdm.service

Gnome

Gnome looks really nice, but it s also more power hungry. Note that installing the extra packages are optional,but they include essentials. pacman -S gnome gnome-extra gdm Do not select nvidia even if you have an nvidia GPU. Also I found Gnome not working with VBox 3d Acceleration, and hence it lags when streaming videos.

Start gnome by systemctl enable gdm.service

Once the installation is done, all you need to do is a Reboot and you should see a Graphical login prompt. If you login and everything works, congratulations, the worst is over.

Post GUI Login

Installing Packages

This is only an example of how to use pacman, pkgbuild and yaourt, later I shall talk about AUR helpers, and other alteratives. Pacman is the official Arch Linux package manager, Yaourt is a AUR helper.

Pacman

Open up the terminal and sudo pacman -S firefox Firefox will be installed just like that

PKGBUILD

PKGBUILD is a schell script built using makepkg utility. Geekbench 4 is a terminal based CPU benchmark app. This is a basic demonstration of how to install using makepkg.

Install Geekbench. Firstly get snapshot from this link [2] Navigate to downloaded location on terminal and do tar xf geekbench.tar.gz and then navigate to this new folder makepkg -sci -S flag to get all the dependencies,-c flag clean everything up afterwards, i flag to install after it's being built.

Please note, you can't be sudo and run this command, you will need to exit out of sudo. It will take some time to build packages and then a prompt will ask you if you want to install, of course press y. Installation will be done, and geekbench should be ready. Make sure you have the base devel package also, without it you will not be able to make package.

yaourt

Yaourt doesn't need you to go look online for a snapshot instead if you already know what you're looking for it can be fetched just like pacman.It is similar to PKGBUILD but not secure, since you do not know what source code you're compiling, more on that in AUR Helpers.

yaourt -Sb google-chrome This is to get google chrome with Yaourt, S flag to sync with AUR and B to backup. You will get a few warning just press y and continue, you will even get to edit the config file, but you dont really have to do anything you can have a look and exit anc continue and then there will be a password prompt for installation. Sit back and relax, the installation will be done in a few minutes.


Removing packages

To remove a single package without dependency pacman -R package

To remove a package with dependencies that which are not required by other applications pacman -Rs package

To recursively remove a package and dependencies, meaning the other applications using it will be potentially worthless pacman -Rsc package

Removing yaourt packages, basically the same except you replace pacman with yaourt yaourt -R package

If you installed with makepkg pacman should take care of the uninstalling.

AUR Helper

Basically AUR helpers are the likes of yaourt, apacman, cower, PKGBUILD, etc. I have only used yaourt and PKGBUILD so far. I have heard that yaourt is not the best AUR helper, because it is said to to be insecure. The only problem that I see with yaourt is that it automatically downloads the PKGBUILD without inspecting it first, compared to if you had done it manually you could have read the Author's note and inspect it manually. This could be potentially dangerous, as you yaourt might be compiling malicious source code. As I am a very new to Arch Linux, I was not totally aware of this and used yaourt on a couple of occasions. With so many secure alternatives, it is better not to use yaourt.

Firewall

UFW is the uncomplicated firewall. It is terminal based and very user friendly. Install ufw pacman -S ufw View ip configuration ip addr

For a simple rule where you allow traffic from 192.168.0.1 to 192.168.0.255 and incoming SSH and telnet connections ufw default deny

ufw allow from 192.168.0.0/24

ufw allow SSH

ufw allow telnet

Now enable ufw ufw enable

Check if ufw is running ufw status , it should be running

You can add other apps the same way, just view the ufw app list

To delete a rule, let's say SSH in this case ufw delete allow SSH

Blacklisting IP address To blacklist an IP you need to edit the following file vim /etc/ufw/before.rules

To blacklist 139.59.152.107 just before the COMMIT add the following -A ufw-before-input -s 139.59.152.107 -j DROP

Conclusion

If you have managed to come this far and you have some prior Linux experience, you are going to be all right using Arch Linux. However, if you want a OS that is basically a replacement for Windows, then you should stick to Ubuntu or Mint. Arch Linux is very powerful, capable and customizable. All in all a very nice Operating System, and by using it you can learn a lot.

Questions

Why not use GRUB for bootloader? I understand the Installation manual on Arch Linux wiki suggest to install grub as the bootloader, and most linux distros use grub by default. However, if you want something plain and simple, you do not really need GRUB, you can stick to bootctl, and it will do just fine.

How do I set up wifi in case of a non virtualbox based installation?

You need to check to see if iw and wpa supplicants are installed pacman -S iw wpa_supplicant linux-firmware If they are not there, please install them. Afterwards do pacman -Syy Then view the wpa supplication cat /etc/wpa_supplicant/wpa_supplicant-wlp2s0.conf If this doesn't exist, then you are missing some packages. Finally run this command with the correct info from your router wpa_supplicant -B -i wlp2s0 -c <(wpa_passphrase "the network SSID" "wpa passkey") Wifi Should work now.


My ArchBox Screenshots

UFW status

Gnome Installed

LXDE Installed

Xserver is working

Arch Linux Login Prompt

Arch Linux chroot mount prompt

list of files in /etc


References

Arch Linux WIki[3]

Five reasons to Use Arch[4]

Arch User Repository[5]