LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Arch (https://www.linuxquestions.org/questions/arch-29/)
-   -   Simple Arch Set Up (https://www.linuxquestions.org/questions/arch-29/simple-arch-set-up-4175427698/)

szboardstretcher 09-17-2012 02:51 PM

Simple Arch Set Up
 
Edit: added simple stateful firewall setup using iptables, with info from archwiki

I had a need to install a minimal system -- and being the way I am, I created a document on how to do it. Then I ended up installing it on my laptop, to offer a friendly desktop. So, here is a step by step, sort of copy and paste guide to installing Arch on a laptop with intel wireless and video.

Anything you don't understand can be quickly googled im sure.

Code:

# <boot to usb/cd whatever>

#
# bring up wireless networking
#

ip link set wlan0 up
wifi-menu wlan0

#
# partition disks and mount
#

fdisk /dev/sda
        new, primary, 20g, bootable
        new, primary, 1024m, type, swap
        new, primary, all
        write, quit
mkfs.ext4 /dev/sda1
mkfs.ext4 /dev/sda3
mkswap /dev/sda2
swapon /dev/sda2
mount /dev/sda1 /mnt
mkdir /mnt/home
mount /dev/sda3 /mnt/home

#
# for pacman to work, change siglevel to TrustAll
# bootstrap the new drives, generate an fstab based
# on it
#

# trust all packages -- do not verify package signatures
# fyi: its better to leave package signature requirements enabled

vi /etc/pacman.conf (TrustAll)
pacstrap /mnt base base-devel
genfstab -p /mnt > /mnt/etc/fstab

#
# chroot into new system...
#

arch-chroot /mnt

#
# language and region settings required
#

vi /etc/locale.gen
        uncomment en_US-UTF line
echo LANG=en_US.UTF-8 > /etc/locale.conf
export LANG=en_US.UTF-8
ln -s /usr/share/zoneinfo/US/Eastern /etc/localtime
locale-gen

#
# set hostname, enable dhcp on eth0 interface
# make pacman change to TrustAll again
#

echo ArchTerminal > /etc/hostname
vi /etc/hosts
        ArchTerminal 127.0.0.1
echo ArchTerminal > /etc/hostname
vi /etc/rc.conf
        interface=eth0
vi /etc/pacman.conf
        TrustAll

#
# install packages required for rest of installation
# up to reboot, restart wireless to make config file
#
       
pacman -S wireless_tools netcfg wpa_supplicant\
        wpa_actiond dialog dhclient grub-bios os-prober
vi /etc/rc.conf
        # add these to the DAEMONS
        net-auto-wireless @ntpdate dbus
wifi-menu

#
# add intel915 support to boot, run mkinitcpio
# create grub config, install grub to mbr on new drive
#

# for intel915 support
vi /etc/mkinitcpio.conf
        MODULES="i915"
# standard stuff       
mkinitcpio -p linux
grub-install --target=i386-pc --recheck /dev/sda
cp /usr/share/locale/en\@quot/LC_MESSAGES/grub.mo /boot/grub/locale/en.mo
grub-mkconfig -o /boot/grub/grub.cfg

#
# set password for root, exit chroot, unmount
# all drives and reboot into new system
#

passwd root
exit
umount /mnt/home
umount /mnt
reboot

#
# log into new system
# bring up wireless again, update system
# add a non-root user, install relevant packages for system
#

<login>
ip link set wlan0 up
wifi-menu
pacman --sync --refresh --sysupgrade
adduser (add a non-root user [groups = lp games video audio optical storage scanner power users)
pacman -S alsa-utils xorg-server xorg-xinit xorg-server-utils xf86-video-intel \
        xf86-input-synaptics xterm terminator openbox obconf wget \
        obmenu openbox-themes chromium firefox nitrogen slim slim-themes \
        archlinux-themes-slim tint2 rox minicom dmenu ntp gvim synergy \
        ristretto flashplugin keepassx volwheel xfce4-clipman-plugin conky xcompmgr

#
# install X and openbox, create default configuration
# make 'startx' run openbox
#
       
su - (non-root-user)
mkdir -p .config/openbox
cp /etc/xdg/openbox/{rc.xml,menu.xml,autostart,environment} ~/.config/openbox
chmod +x ~/.config/openbox/autostart
echo "exec openbox-session" > ~/.xinitrc

#
# bind alt-f2 to dmenu
# startup with: dmenu, tint2, nitrogen, dropbox
#

vi ~/.config/openbox/rc.xml
        <keybind key="A-F2">
            <action name="execute"><execute>dmenu_run</execute></action>
        </keybind>
vi ~/.config/openbox/autostart
        /usr/bin/nitrogen --restore &
        /usr/bin/xcompmgr -cfF -t-9 -l-11 -r9 -o.95 -D6 &
        /usr/bin/tint2 &
        /usr/bin/dmenu &
        sleep 2
        /usr/bin/dropboxd &
        /usr/bin/xfce4-clipman &
        /usr/bin/volwheel

#
# firewall setup
# @https://wiki.archlinux.org/index.php/Simple_Stateful_Firewall
#

iptables -N TCP
iptables -N UDP
iptables -p FORWARD DROP
iptables -P FORWARD DROP
iptables -P OUTPUT ACCEPT
iptables -P INPUT DROP
iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
iptables -A INPUT -i lo -j ACCEPT
iptables -A INPUT -m conntrack --ctstate INVALID -j DROP
iptables -A INPUT -p icmp --icmp-type 8 -m conntrack --ctstate NEW -j ACCEPT
iptables -A INPUT -p udp -m conntrack --ctstate NEW -j UDP
iptables -A INPUT -p tcp --syn -m conntrack --ctstate NEW -j TCP
iptables -A INPUT -p udp -j REJECT --reject-with icmp-port-unreachable
iptables -A INPUT -p tcp -j REJECT --reject-with tcp-rst
iptables -A INPUT -j REJECT --reject-with icmp-proto-unreachable
rc.d save iptables
vi /etc/rc.conf
      add 'iptables' to DAEMON list to start iptables at startup
       
#
# optional setup
#

# dropbox
# as non-root-user
cd ~
mkdir ./AURbuilds
cd AURbuilds
wget http://aur.archlinux.org/packages/dr/dropbox/dropbox.tar.gz
tar zxvf dropbox.tar.gz
cd dropbox
makepkg -s
pacman -U dropbox-1.4...whatever...xz

# synergy
# either run this, or add it to openbox/autostart
synergyc --daemon --name terminal42 192.192.192.222

# tint2
# run tint2conf and enable battery if laptop
tint2conf

# slim
vi /etc/inittab
comment out id:3, uncomment id:5
uncomment x:5...slim line

# rox
right click on image, select run action*, drag and drop risseto to it

# conky
# http://www.iceflatline.com/2009/12/my-conky-configuration/
copy and paste code into .conkyrc
echo "/usr/bin/conky &" >> ~/.config/openbox/autostart


nobuntu 09-17-2012 10:40 PM

I haven't yet tried Arch, but if I do so at some point I will be sure to refer to this document. Thank you for sharing it with the community! :)

TobiSGD 09-17-2012 10:51 PM

Nice one. Thought about putting it into the LQ Wiki or the Articles section?

EDDY1 09-17-2012 11:30 PM

Great tutorial it seems much easier than the arch beginners guide also wouldn't take 2 days to figure out.
Also you didn't confuse me with /mnt/boot like the beginners guide did.
On my first try I ended up with 2 entries in fstab same partition, / & /boot.

Lone_Wolf 09-18-2012 07:32 AM

Some comments from a long time archlinux user :

- if you want to use suspend / hibernate , the swap size is to small
- a separate /boot does have advantages
- this guide won't work for a laptop with (U)EFI boot, or with a HDD/SSD bigger then 2 TB
- better put the unsecure desktop in BOLD CAPITALS
using TrustAll is equivalent to not using package signing, and arch has been heavily criticised in the past for not having package signing.

- AUR packages are unsupported, and the PKGBUILD should be reviewed before running makepkg. maybe add a 'vi PKGBUILD' ?

- maybe add something that copy/paste from an internet document without understanding what the commands do is very bad practice

szboardstretcher 09-21-2012 09:00 AM

Quote:

Originally Posted by R3nCi (Post 4782899)
I haven't yet tried Arch, but if I do so at some point I will be sure to refer to this document. Thank you for sharing it with the community! :)

Thank you. I just hope it helps people get started faster, and helps their over-all enjoyment of Arch linux.

Quote:

Originally Posted by TobiSGD (Post 4782905)
Nice one. Thought about putting it into the LQ Wiki or the Articles section?

I had not. But, I'll see what I can do. Thanks for the suggestion Tobi.

Quote:

Originally Posted by EDDY1 (Post 4782928)
Great tutorial it seems much easier than the arch beginners guide also wouldn't take 2 days to figure out. Also you didn't confuse me with /mnt/boot like the beginners guide did.
On my first try I ended up with 2 entries in fstab same partition, / & /boot.

Im glad you are using the experience to learn. Its a fascinating distribution. Good luck in the future.

Quote:

Originally Posted by Lone_Wolf (Post 4783202)
Some comments from a long time archlinux user :
- maybe add something that copy/paste from an internet document without understanding what the commands do is very bad practice

Good information -- advanced users will be glad to see this additional setup mentioned.

Please read the last sentence of the intro w/r/t understanding. I put it in bold to make it easier to read.

Thanks everyone!


All times are GMT -5. The time now is 09:11 PM.