Skip to content

Instantly share code, notes, and snippets.

@gbrlsnchs gbrlsnchs/README.md
Last active May 16, 2020

Embed
What would you like to do?
Void Linux Installation Guide (UEFI + chroot + brtfs + LUKS Encryption)

Void Linux installation guide!

Live image

Logging in

User is anon and password is voidlinux. The root user is root and has the same password. This document implies you're using the root user, so no sudo is used until the main user is created and used.

Setting keyboard layout

loadkeys $(ls /usr/share/kbd/keymaps/i386/**/*.map.gz | grep br-abnt2)

Connecting to the internet

cp /etc/wpa_supplicant/wpa_supplicant.conf /etc/wpa_supplicant/wpa_supplicant-<interface>.conf
wpa_passphrase <ssid> <passphrase> | tee -a /etc/wpa_supplicant/wpa_supplicant-<interface>.conf
sv restart dhcpcd
ip link set up <interface>

Formatting disk

Run:

fdisk /dev/sda

Then:

  1. Select g to generate a GTP table
  2. Select n to create the EFI partition with size of +200M
  3. Change the created partition's type by selecting t and then selecting the option that represents EFI Partition
  4. Select n to create the GRUB partition with size of +500M
  5. Select n to create the btrfs partition with the remaining size

Creating the filesystems

mkfs.vfat -n boot -F 32 /dev/sda1
mkfs.ext2 -L GRUB /dev/sda2
cryptsetup luksFormat --type=luks -s=512 /dev/sda3
cryptsetup open /dev/sda3 cryptroot
mkfs.btrfs -L void /dev/mapper/cryptroot

Mounting the btrfspartition and creating subvolumes

mount -o rw,noatime,ssd,compress=zstd,space_cache,commit=120 /dev/mapper/cryptroot /mnt
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@snapshots

Mounting top-level partitions

umount /mnt
mount -o rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvol=@ /dev/mapper/cryptroot /mnt
mkdir -p /mnt/home
mkdir -p /mnt/.snapshots
mount -o rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvol=@home /dev/mapper/cryptroot /mnt/home
mount -o rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvol=@snapshots /dev/mapper/cryptroot /mnt/.snapshots
mkdir /mnt/boot
mount -o rw,noatime /dev/sda2 /mnt/boot
mkdir /mnt/boot/efi
mount -o rw,noatime /dev/sda1 /mnt/boot/efi

Creating nested partitions

mkdir -p /mnt/var/cache
btrfs subvolume create /mnt/var/cache/xbps
btrfs subvolume create /mnt/var/tmp
btrfs subvolume create /mnt/srv

Installing the base system

Using glibc

xbps-install -Sy -R https://alpha.de.repo.voidlinux.org/current -r /mnt base-system btrfs-progs cryptsetup grub-x86_64-efi

Using musl

export XBPS_ARCH=x86_64-musl
xbps-install -Sy -R https://alpha.de.repo.voidlinux.org/current/musl -r /mnt base-system btrfs-progs cryptsetup grub-x86_64-efi

Running chroot

mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
mount -o bind /dev /mnt/dev
mount -t devpts pts /mnt/dev/pts
cp -L /etc/resolv.conf /mnt/etc/
cd /mnt
chroot /mnt /bin/bash
passwd root
chown root:root /
chmod 755 /
echo <hostname> > /etc/hostname

Then edit the file /etc/rc.conf to contain the following:

HOSTNAME="<hostname>"

# Set RTC to UTC or localtime.
HARDWARECLOCK="UTC"

# Set timezone, availables timezones at /usr/share/zoneinfo.
TIMEZONE="America/Sao_Paulo"

# Keymap to load, see loadkeys(8).
KEYMAP="br-abnt2"

# Console font to load, see setfont(8).
#FONT="lat9w-16"

# Console map to load, see setfont(8).
#FONT_MAP=

# Font unimap to load, see setfont(8).
#FONT_UNIMAP=

# Kernel modules to load, delimited by blanks.
#MODULES=""

Then run the following commands:

echo 'en_US.UTF-8 UTF-8' > /etc/default/libc-locales
export GRUB_UUID=$(blkid -s UUID -o value /dev/sda2)
export UEFI_UUID=$(blkid -s UUID -o value /dev/sda1)
export ROOT_UUID=$(blkid -s UUID -o value /dev/mapper/cryptoroot)
export LUKS_UUID=$(blkid -s UUID -o value /dev/sda3)
cat <<EOF > /etc/fstab
UUID=$GRUB_UUID /boot ext2 defaults,noatime 0 2
UUID=$UEFI_UUID /boot/efi vfat defaults,noatime 0 2
UUID=$ROOT_UUID / btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=257 0 1
UUID=$ROOT_UUID /home btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=258 0 2
UUID=$ROOT_UUID /.snapshots btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=259 0 2
EOF
echo "GRUB_CMDLINE_LINUX=\"${LUKS_UUID} i915.modeset=1\"" >> /etc/default/grub
echo 'add_dracutmodules+="crypt btrfs resume"' >> /etc/dracut.conf
echo 'tmpdir=/tmp' >> /etc/dracut.conf
dracut --force --hostonly --kver <kernel-version>
grub-mkconfig -o /boot/grub/grub.cfg
grub-install --target=x86_64-efi --efi-directory=/boot/efi --bootloader-id=void_grub --boot-directory=/boot --recheck --debug
xbps-install -S void-repo-nonfree
xbps-install -Su
xbps-install intel-ucode
echo 'early_microcode="yes"' >> /etc/dracut.conf.d/intel_ucode.conf
xbps-reconfigure -f linux<kernel-version-major.minor>
exit
exit
umount -R /mnt
reboot

Note: one can also add splash quiet to GRUB_CMDLINE_LINUX_DEFAULT in /etc/default/grub.

Post-installation

Creating the main user and adding them to sudoers

Log in as root

xbps-install -S zsh
usermod -m -G wheel -s $(which zsh) <username>
passwd <username>
visudo

After running visudo, uncomment the line that contains %wheel. Log out and log in with the newly created user.

Locking the root account

⚠️ Important ⚠️
Only run this after setting up the main user!

sudo passwd -dl root

Connecting to the internet

Run the proper wpa_supplicant steps to set Wi-Fi or stuff you need. Then, register and start the needed services:

sudo ln -s /etc/sv/dhcpcd /var/service/
sudo ln -s /etc/sv/wpa_supplicant /var/service/

By symlinking the services, runit will pick them up in the next five seconds and start them!

Installing drivers needed by Xorg

sudo xbps-install -S xorg-minimal xorg-fonts \
    xf86-video-intel xf86-video-ati \
    xf86-input-evdev xf86-video-fbdev \
    xf86-input-synaptics
echo 'exec bspwm' >> ~/.xinitrc

Rootless Xorg

First, check whether KMS is enabled:

sudo cat /sys/module/i915/parameters/modeset

If it returns 1, then KMS is enabled. If not, add i915.modeset=1 to the kernel parameters. Then, ensure /etc/X11/Xwrapper.config has needs_root_rights = no and add the user to the following groups:

sudo usermod -aG input,video <username>

Finally, to start Xorg, you should run, without sudo:

startx -- vt1

https://wiki.voidlinux.org/Xorg

@zelleb

This comment has been minimized.

Copy link

zelleb commented Mar 8, 2020

Great guide! But what are those nested partitions for? Are they mounted automatically? You didn't add them to /etc/fstab.

@gbrlsnchs

This comment has been minimized.

Copy link
Owner Author

gbrlsnchs commented Mar 8, 2020

Great guide!

Thanks! It still needs some polish but might be a starting point for folks out there.

But what are those nested partitions for?

In btrfs, snapshots don't work recursively. You have to take a snapshot of each individual existing subvolume. That allows us to exclude those "nested partitions" from snapshots.

Are they mounted automatically? You didn't add them to /etc/fstab.

Yes, here is a quote from btrfs' wiki:

Subvolumes can be nested and each subvolume (except the top-level subvolume) has a parent subvolume. Mounting a subvolume also makes any of its nested child subvolumes available at their respective location relative to the mount-point.

In other words, you only need to mount top-level subvolumes and their child subvolumes will get mounted along with them.

Have fun with Void! 🐱

@zelleb

This comment has been minimized.

Copy link

zelleb commented Mar 8, 2020

OK, so those 3 nested partitions are children of /@, are mounted with it and excluded from snapshots of /@. Cool.

I did a few trail and error installs on a separate drive with efibootmgr. Finally got it working and was unsure about the nested partitions. Gonna wipe my main drive and jump into the void now!

Thanks.

@gbrlsnchs

This comment has been minimized.

Copy link
Owner Author

gbrlsnchs commented Mar 8, 2020

OK, so those 3 nested partitions are children of /@, are mounted with it and excluded from snapshots of /@. Cool.

Exactly!

I did a few trail and error installs on a separate drive with efibootmgr. Finally got it working and was unsure about the nested partitions. Gonna wipe my main drive and jump into the void now!

Thanks.

Cool, welcome and have fun with it! 😸

@tobi-wan-kenobi

This comment has been minimized.

Copy link

tobi-wan-kenobi commented Mar 22, 2020

Thanks a lot for this guide, it was such a help when entering the Void!

A few small remarks:

  • Instead of restarting dhcpcd, I had to manually start wpa_supplicant: wpa_supplicant -B -i <interface> -c <configuration>
  • Setting the shell via which zsh broke login for me (since which zsh points to /usr/bin/zsh, but for setting the shell, only /bin/zsh works for me.
  • For convenience, it might be good to copy the wpa_supplicant-.conf into the chroot

Thanks again!

@gbrlsnchs

This comment has been minimized.

Copy link
Owner Author

gbrlsnchs commented Mar 24, 2020

Thanks a lot for this guide, it was such a help when entering the Void!

Glad I could help! One day I'll tidy and polish this tutorial.

  • Instead of restarting dhcpcd, I had to manually start wpa_supplicant: wpa_supplicant -B -i <interface> -c <configuration>

My Void Live image already had wpa_supplicant spinning as a service, so I'm not sure why it wasn't the same for you. 😿

  • Setting the shell via which zsh broke login for me (since which zsh points to /usr/bin/zsh, but for setting the shell, only /bin/zsh works for me.

Yeah, you're right, it's better to not use which zsh, which sometimes points to undesired places.

  • For convenience, it might be good to copy the wpa_supplicant-.conf into the chroot

Personally, everytime I installed Void, I logged as root. It's much easier as no sudo nor doas is required.

Thanks again!

No problem, I hope you have fun, Void is awesome!

@jessrud

This comment has been minimized.

Copy link

jessrud commented Mar 26, 2020

I do not think the grub partition is strictly necessary. Grub can be installed to the ESP, its just that void's automatic installer (for whatever reason) requires the ESP to be mounted at /boot/efi/, which would normally put grub inside of your encrypted root.

But since you are installing grub manually, this shouldn't be an issue. I think the rationale is that at some point, this allowed you to update the kernel without mounting your ESP, but I think that updating the kernel with xbps ends up running grub, mounting the ESP and regenerating the efi image anyhow.

@jelemux

This comment has been minimized.

Copy link

jelemux commented Apr 14, 2020

Thank you very much for this guide! It put me on a great journey.
I now have PTSD from the dracut rescue shell but that was worth it!

However, I had to do a few things differently to get everything to work.

First it said it couldn't find the UUID of my encrypted drive, so I found out that it didn't decrypt it.
So I put this line into my /etc/default/grub (I found that in the Arch Wiki Article about dm-crypt):

GRUB_CMDLINE_LINUX="cryptdevice=UUID=9c20edda-4ee6-420c-8c61-5b34af6dc890:cryptroot root=/dev/mapper/cryptroot i915.modeset=1" 

and changed the entry in /etc/fstab to /dev/mapper/cryptroot instead of the UUID.

After that it decrypted my drive but couldn't mount it because it somehow was called /dev/mapper/luks-9c20edda-4ee6-420c-8c61-5b34af6dc890.
So figured if I changed the entry in my fstab I could get it to work. Changed the entry in /etc/default/grub too for consistency, and it worked!

The entry in /etc/default/grub as it looks now:

GRUB_CMDLINE_LINUX="cryptdevice=UUID=9c20edda-4ee6-420c-8c61-5b34af6dc890:luks-9c20edda-4ee6-420c-8c61-5b34af6dc890 root=/dev/mapper/luks-9c20edda-4ee6-420c-8c61-5b34af6dc890 i915.modeset=1"

And the entries for the encrypted drive in my fstab:

/dev/mapper/luks-9c20edda-4ee6-420c-8c61-5b34af6dc890 /           btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=257 0 1
/dev/mapper/luks-9c20edda-4ee6-420c-8c61-5b34af6dc890 /home       btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=258 0 2
/dev/mapper/luks-9c20edda-4ee6-420c-8c61-5b34af6dc890 /.snapshots btrfs rw,noatime,ssd,compress=zstd,space_cache,commit=120,subvolid=259 0 2

If I did anything wrong please point me to it, otherwise I hope that my experiences may help others.

Also, what wasn't fully clear to me (although I suspected it) is that I have to rerun the dracut command and grub-mkconfig for the new Kernel. So it's worth to point that out as well.
I was also thinking about the possibility to create some kind of hook to run those commands automatically. Is this possible and how would I go about doing that?

@gbrlsnchs

This comment has been minimized.

Copy link
Owner Author

gbrlsnchs commented May 12, 2020

Also, what wasn't fully clear to me (although I suspected it) is that I have to rerun the dracut command and grub-mkconfig for the new Kernel. So it's worth to point that out as well.
I was also thinking about the possibility to create some kind of hook to run those commands automatically. Is this possible and how would I go about doing that?

I think if you run xbps-reconfigure -f <linux-pkg>, it will force triggering a hook for Linux package and both Dracut and GRUB will be reconfigured.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.