tech_notes

A collection of notes on setups and implementations.
Log | Files | Refs | README
commit 22b3e7a8a22078bcdc90873ade24155124672da8
parent 8a29b4f6f9a445136fe1cbf9b64c1f3bd5f49fa4
Author: Julian Piribauer <julian.piribauer@gmail.com>
Date:   Thu, 19 Feb 2026 21:12:46 +0100

Filling gaps in arch install notes

Diffstat:

March_install.md | 175+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++--------------------


1 file changed, 132 insertions(+), 43 deletions(-)

diff --git a/arch_install.md b/arch_install.md
@@ -1,76 +1,165 @@
 # Arch install
 
-Boot from USB stick
+The following is based on [this](https://archive.0x00sec.org/t/arch-linux-with-lvm-on-luks-dm-crypt-disk-encryption-installation-guide-legacy-bios-system/1479) blog entry.
+This installation method was tested Lenovo's X200s and T420.
 
-timedatectl set-ntp true
+We assume a working ethernet connection.
+After booting into the Arch linux USB stick, we enable network time synchronisation:
 
-parted /dev/sdb
+```bash
+# timedatectl set-ntp true
+```
 
+Then, we create an MSDOS partitioning table with two partitions:
+the first one will be boot while the second one will be encrypted and contain root and home.
+We leave 1MB free before the boot partition.[^1]
+Since we will use a swap file, no swap partition will be necessary for us.
+
+[^1]: According to the ArchWiki, neither the 1MB nor a separate boot partition seems to be necessary(?). I have not tested this and simply present a setup that worked for me.
+
+For simplicity, we will assume installation on /dev/sda.
+Using parted, the commands are
+
+```bash
+# parted /dev/sda
+```
+
+```cpp
 (parted) select /dev/sdX
 (parted) mklabel msdos
 (parted) mkpart primary ext2 1MB 512MB
 (parted) mkpart primary ext4 512MB 100%
 (parted) set 1 boot on
 quit
+```
+
+Then, we encrypt the second partition and give it the name "crypt":
+
+```bash
+# cryptsetup luksFormat /dev/sda2
+# cryptsetup open /dev/sda2 crypt
+```
+
+We initialise a physical volume with a volume group "vg":
+
+```bash
+# pvcreate /dev/mapper/crypt
+# vgcreate vg /dev/mapper/crypt
+```
+
+On the volume group, we create the root and home partitions as logical volumes:
+
+```bash
+# lvcreate -L 60G vg -n root
+# lvcreate -l 100%FREE vg -n home
+```
+
+These logical volumes shall again have the filesystem ext4:
+
+```bash
+# mkfs.ext4 /dev/mapper/vg-root
+# mkfs.ext4 /dev/mapper/vg-home
+```
+
+Then, we can perform the mounting:
+
+```bash
+# mount /dev/mapper/vg-root /mnt
+# mount -m /dev/mapper/vg-home /mnt/home
+# mount -m /dev/sda1 /mnt/boot
+```
+
+We download the necessary (and useful) packages
+
+```bash
+# pacstrap /mnt base base-devel linux linux-firmware lvm2 vim man networkmanager grub
+```
+
+and generate the file system table with
+
+```bash
+# genfstab -U /mnt >> /mnt/etc/fstab
+```
+
+Finally, we dive into the new system:
+
+```bash
+# arch-chroot /mnt
+```
+
+We link our timezone and set the clock:
+
+```bash
+# ln -s /usr/share/timezone/Europe/Zurich /etc/localtime
+# hwclock --systohc
+```
 
-cryptsetup luksFormat /dev/sdb2
-cryptsetup open /dev/sdb2 crypt
-pvcreate /dev/mapper/crypt
-vgcreate vg /dev/mapper/crypt
+Inside /etc/locale.gen, uncomment the regional settings you prefer, e.g. de_CH.UTF-8.
+After saving, execute
 
-lvcreate -L 60G vg -n root
-lvcreate -l 100%FREE vg -n home
+```bash
+# locale-gen
+```
 
-mkfs.ext4 /dev/mapper/vg-root
-mkfs.ext4 /dev/mapper/vg-home
+In /etc.locale.conf, set LANG to your prefered language, e.g. LANG=en_US.UTF-8.
+Then, write your prefered host name into /etc/hostname.
 
-mount /dev/mapper/vg-root /mnt
-mount -m /dev/mapper/vg-home /mnt/home
-mount -m /dev/sdb1 /mnt/boot
+Now comes a crucial part: inside the file /etc/mkinitcpio.conf, make sure the line defining the hooks is of the form (ordering matters!)
 
-pacstrap /mnt base base-devel linux linux-firmware lvm2 vim man networkmanager grub
+```cpp
+Hooks=(base udev autodetect keyboard keymap consolefont modconf block lvm2 encrypt filesystem fsck)
+```
 
-genfstab -U /mnt >> /mnt/etc/fstab
+Install grub with
 
-arch-chroot /mnt
+```bash
+# grub-install /dev/sda
+```
 
-ln -s /usr/share/timezone/Europe/Zurich /etc/localtime
+and open /etc/default/grub.
+Inside, ensure that the argument of GRUB_CMDLINE_LINUX is defined as
 
-hwclock --systohc
+```cpp
+GRUB_CMDLINE_LINUX="cryptdevice=UUID=yourUUID:x root=/dev/mapper/vg-root"
+```
 
-vim /etc/locale.gen
-and uncomment de_CH.UTF-8
+where yourUUID is the device that is is opened, i.e., here, /dev/sda2.
+Also, uncomment the line
 
-locale-gen
+```cpp
+GRUB_ENABLE_CRYPTODISK="y"
+```
 
-vim /etc.locale.conf
-and enter LANG=en_US.UTF-8
+We create the grub config file with
 
-echo T420 > /etc/hostname
+```bash
+# grub-mkconfig -o /boot/grub/grub.cfg
+```
 
-vim /etc/mkinitcpio.conf
-and enter in Hooks=(base udev autodetect keyboard keymap consolefont modconf block lvm2 encrypt filesystem fsck)
+and generate an initial RAM disk for the boot process:
 
-grub-install /dev/sdb
+```bash
+# mkinitcpio -P
+```
 
-vim /etc/default/grub
-enter GRUB_CMDLINE_LINUX="cryptdevice=UUID=yourUUID:x root=/dev/mapper/vg-root"
-where yourUUID is the device that is is opened, i.e., here, /dev/sdb2
-and uncomment GRUB_ENABLE_CRYPTODISK
+Finally, we set a root password, create a new user part of group wheel and give him a password, too.
 
-grub-mkconfig -o /boot/grub/grub.cfg
-mkinitcpio -P
+```bash
+# passwd
+# useradd -m -G wheel julian
+# passwd julian
+```
 
-passwd
-and set a root password
+Optionally, we can asign root privileges to all members of wheel by entering
 
-useradd -m -G wheel julian
+```bash
+# visudo
+```
 
-passwd julian
-set your password
+and uncommenting the line
 
-optional:
-visudo
-and uncomment %wheel ALL=(ALL) ALL for sudo rights after password
+```cpp
+%wheel ALL=(ALL) ALL
+```
 
-reboot and hope!
+Then, it is time for a reboot and some luck :-)