Skip to content

Instantly share code, notes, and snippets.

@mogenson

mogenson/dell-5530-arch-install.md

Last active August 26, 2019 16:25
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save mogenson/7453512a342b9678baacc37362add2ac to your computer and use it in GitHub Desktop.
Save mogenson/7453512a342b9678baacc37362add2ac to your computer and use it in GitHub Desktop.
Download ZIP
Dell 5530 Arch Linux Installation Guide
Raw
dell-5530-arch-install.md

Dell 5530 Arch Linux Installation Guide

This following instructions install Arch Linux on a Dell 5530 laptop. This installation uses systemd for boot. It sets up a 30GB root partition and an encrypted user partition that is decrypted and mounted on login. Let's get started.

Base installation

Download and write the Arch Linux installation ISO to a flash drive. Insert flash drive, press power, hold F12, and select flash drive to boot.

Set system clock:
timedatectl set-ntp true

Partition disk:
gdisk /dev/nvme0n1

o ↵ to create a new empty GUID partition table (GPT)
y ↵ to confirm

n ↵ add a new partition
↵ to select default partition number of 1
↵ to select default start at first sector
+512M ↵ make that size partition for booting
ef00 ↵ Partition type EFI

n ↵ to add new partition
↵ to select default partition number of 2
↵ to select default start of sector
+128G ↵ make that size partition for root
8300 ↵ to make partition type for root

n ↵ to add new partition
↵ to select default partition number of 3
↵ to select default start of sector
↵ to select default end of sector
8300 ↵ to make partition type for home

p ↵ if you want to check the partition layout
w ↵ to write changes to disk
y ↵ to confirm

Create filesystems:

  • mkfs.fat -F32 /dev/nvme0n1p1
    • for bootloader partition
  • mkfs.ext4 /dev/nvme0n1p2
    • for root partition
  • cryptsetup --type luks1 luksFormat /dev/nvme0n1p3
    • encrypt user partition
    • you must enter the same password you will use for user login
  • cryptsetup open /dev/nvme0n1p3 luks_partition
    • the luks_partition label is only temporary
  • mkfs.ext4 /dev/mapper/luks_partition
    • for user partition
  • cryptsetup close luks_partition

Mount partitions:
mount /dev/nvme0n1p2 /mnt
mkdir /mnt/boot
mkdir /mnt/home
mount /dev/nvme0n1p1 /mnt/boot

Update mirrors:
curl -s "https://www.archlinux.org/mirrorlist/?country=US&protocol=https&ip_version=4" | sed -e "s/^#Server/Server/" > /etc/pacman.d/mirrorlist

Install:
pacstrap /mnt base base-devel dialog wpa_supplicant pam_mount intel-ucode vim

Create /etc/fstab:
genfstab -pU /mnt > /mnt/etc/fstab

Start chroot:
arch-chroot /mnt

Set timezone:
ln -sf /usr/share/zoneinfo/US/Eastern /etc/localtime

Set clock:
hwclock --systohc

Edit /etc/locale.gen:

  • uncomment en_US.UTF-8 UTF-8

Generate locale:
locale-gen

Create /etc/locale.conf:
echo "LANG=en_US.UTF-8" > /etc/locale.conf

Set hostname:
echo dell > /etc/hostname

Edit /etc/hosts with hostname from /etc/hostname:

127.0.0.1	localhost
::1		localhost
127.0.1.1	dell

Change root password:
passwd

Install bootloader:
bootctl install

Copy PARTUUID labels for block devices to bootloader conf:
blkid > /boot/loader/entries/arch.conf

Keep only the PARTUUID for /dev/nvme0n1p2 and edit arch.conf:

title	Arch Linux
linux	/vmlinuz-linux
initrd	/intel-ucode.img
initrd	/initramfs-linux.img
options	root=PARTUUID=70c1cc2d-d307-b94d-8008-38edf777b735 rw

Edit /boot/loader/loader.conf:

default arch
editor no

Add user:
useradd -m -g users -G wheel,uucp mike
passwd mike

  • must be same password used for cryptsetup

Give user sudo power:
visudo

  • uncomment %wheel ALL= (ALL) ALL

Change ownership of $HOME:
chmod mike:users /home/mike

Use pam_mount to decrypt and mount /dev/nvme0n1p3 on login:

Edit the end of /etc/security/pam_mount.conf.xml:

<mkmountpoint enable="1" remove="true" />

<volume
        user="mike"
        fstype="crypt"
        path="/dev/nvme0n1p3"
        mountpoint="/home/mike"
        options="fsck,noatime,discard"
/>
<mkmountpoint enable="1" remove="true" />

</pam_mount>

Edit /etc/pam.d/system-login:


#%PAM-1.0

auth       required   pam_tally2.so        onerr=succeed file=/var/log/tallylog
auth       required   pam_shells.so
auth       requisite  pam_nologin.so
auth       optional   pam_mount.so
auth       include    system-auth

account    required   pam_tally2.so
account    required   pam_access.so
account    required   pam_nologin.so
account    include    system-auth

password   optional   pam_mount.so
password   include    system-auth

session    optional   pam_loginuid.so
session    optional   pam_keyinit.so       force revoke
session [success=1 default=ignore]  pam_succeed_if.so  service = systemd-user quiet
session    optional   pam_mount.so
session    include    system-auth
session    optional   pam_motd.so          motd=/etc/motd
session    optional   pam_mail.so          dir=/var/spool/mail standard quiet
-session   optional   pam_systemd.so
session    required   pam_env.so

Exit chroot:
exit

Unmount partitions:
umount -R /mnt

Turn off, remove flash drive, reboot and login to user:
poweroff

Configuration

Pacman

Pacman hooks

AUR helper

git clone https://aur.archlinux.org/yay-bin.git
cd yay-bin
makepkg -si

Gnome (using nvidia on xorg)

yay -S nvidia gnome systemctl enable gdm.service systemctl enable NetworkManager.service systemctl enable bluetooth.service

yay -S caps2esc systemctl enable caps2esc.service

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment