KEYBOARD
For slovenian keyboard
# loadkeys slovene
PARTITION
BIOS/GPT
Bios motherboard with gpt partition scheme
Use tools like parted, gdisk.
Prepare partitions
Gdisk
# gdisk /dev/sda Create small 1-2Mb partition for bios (code: EF02) Create small 1 Gb partition for BOOT (code: 8300) Create swap partition in the size of RAM or at least 2Gb (code: 8200) Create root partition 40Gb Create home partition from the rest of the disk space
Format partitions (mkfs. , mkswap, swapon)
# mkfs.ext2 /dev/sda2 BOOT # mkswap /dev/sda3 SWAP # swapon /dev/sda3 # mkfs.ext4 /dev/sda4 ROOT # mkfs.ext4 /dev/sda5 HOME
EFI/GPT
EFI motherboard with GPT partition scheme.
Prepare partitions
# gdisk
# gdisk /dev/sda
Create small 1 Gb partition for EFI (code: EF00)
Create swap partition in the size of RAM or at least 2Gb (code: 8200)
Create root partition 40Gb (it could be smaller)
Create home partition from the rest of the disk size.
You could create separate partitions (VAR, OPT).
Format partitions
# mkfs.fat -F32 /dev/sda1 EFI # mkswap /dev/sda3 SWAP # swapon /dev/sda3 # mkfs.ext4 /dev/sda4 ROOT # mkfs.ext4 /dev/sda5 HOME
Mount partitions (root, boot, home)
# mount /dev/sda4 /mnt # mkdir /mnt/{boot,home} # mount /dev/sda1 /mnt/boot # mount /dev/sda5 /mnt/home
Base system installation
# pacstrap -i /mnt base base-devel
Create mount points in fstab
# genfstab -U /mnt > /mnt/etc/fstab
CHROOT
# arch-chroot /mnt /bin/bash
Install extra programs with pacman
# pacman -S vim dhclient iw wpa_supplicant dialog firefox chromium gedit nautilus vlc terminator thunderbird pssh x11-ssh-askpass dunst rednotebook
Define/configure locale settings
# vim /etc/locale.gen uncomment your default language (for example en_US.UTF-8) # locale-gen # vim /etc/locale.conf LANG=en_US.UTF-8 # vim /etc/vconsole.conf KEYMAP=slovene
TIME configuration
# tzselect # ln -sf /usr/share/zoneinfo/Europe/Ljubljana /etc/localtime # hwclock --systohc --utc
NTP or CHRONY
NTP daemon
# pacman -S ntp # vim /etc/ntp.conf # sysctl enable ntpd
CHRONY
https://wiki.archlinux.org/index.php/Chrony
# pacman -S chrony echo "1 SHA1 HEX:$(tr -d -c '[:xdigit:]' < /dev/urandom | head -c 40)" > /etc/chrony.keys # chmod 640 /etc/chrony.keys # vim /etc/chrony.conf pool arch.pool.ntp.org iburst pool arch.pool.ntp.org offline server offline server offline server offline maxupdateskew 5 driftfile /var/lib/chrony/drift keyfile /etc/chrony.keys rtconutc rtcsync
# systemctl restart chrony # systemctl enable chrony
INITRAMFS
# mkinitcpio -p linux
Install/configure BOOTLOADER
BIOS/GPT
# pacman -S grub # grub-install --recheck /dev/sda # grub-mkconfig -o /boot/grub/grub.cfg
UEFI/GPT
# bootctl install
# vim /boot/loader/entries/arch.conf title Arch Linux linux /vmlinuz-linux initrd /initramfs-linux.img options root=/dev/sda4 rw
# vim /boot/loader/loader.conf timeout 3 default arch editor 1 (after successful reboot change to 0, for security reasons)
EFI Viewer/Manager
# pacman -S efibootmgr # efibootmgr -v
HOSTNAME
# echo newhostname > /etc/hostname
# vim /etc/hosts 127.0.0.1 localhost.localdomain localhost newhostname ::1 localhost.localdomain localhost newhostname
Define ROOT PASSWORD
# passwd
EXIT FROM CHROOT MODE
Ctrl + D
RESTART PC
# rebootADD FIRST USERS
# useradd -m -G wheel -s /bin/bash newuser
# passwd newuser
YAOURT
# pacman -S wget git curl lsof $ git clone https://aur.archlinux.org/package-query.git Cloning into 'package-query'... remote: Counting objects: 16, done. remote: Compressing objects: 100% (16/16), done. remote: Total 16 (delta 0), reused 16 (delta 0) Unpacking objects: 100% (16/16), done. Checking connectivity... done. $ cd package-query $ makepkg -si $ cd .. $ git clone https://aur.archlinux.org/yaourt.git Cloning into 'yaourt'... remote: Counting objects: 14, done. remote: Compressing objects: 100% (11/11), done. remote: Total 14 (delta 3), reused 14 (delta 3) Unpacking objects: 100% (14/14), done. Checking connectivity... done. $ cd yaourt $ makepkg -si $ cd .. $ rehash
XSERVER
# pacman -S xorg-server xorg-xrandr xorg-xrdb xautolock xorg-xinit $ yaourt -S xf86-video-ati mesa-libgl mesa-vdpau (for radeon video cards) $ yaourt -S xf86-video-intel (for intel video cards)
SOUND
# pacman -S pulseaudio pulseaudio-alsa alsa-utils $ yaourt -S cmus
SUDO
# pacman -S sudo
Run visudo and uncomment wheel group.
Add newuser to wheel group.
ZSH (shell)
https://github.com/robbyrussell/oh-my-zsh
# pacman -S zsh $ sh -c "$(wget https://raw.github.com/robbyrussell/oh-my-zsh/master/tools/install.sh -O -)"
ENCRYPT HOME DIRECTORY
https://wiki.archlinux.org/index.php/ECryptfs#Encrypting_a_home_directory
$ yaourt -S ecryptfs-utils # modprobe ecryptfs # ecryptfs-migrate-home -u newuser
Login as new user
use README for help
remove temporary map /home/newuser.LJHFLAHL
PAM-a ecrypt configuration
# vim /etc/pam.d/system-auth Open /etc/pam.d/system-auth and after the line containing auth required pam_unix.so add: auth required pam_ecryptfs.so unwrap Next, above the line containing password required pam_unix.so insert: password optional pam_ecryptfs.so And finally, after the line session required pam_unix.so add: session optional pam_ecryptfs.so
I3 window manager
# pacman -S i3-wm i3lock i3status dmenu
$ vim .i3/config # This file has been auto-generated by i3-config-wizard(1). # It will not be overwritten, so edit it as you like. # # Should you change your keyboard layout some time, delete # this file and re-run i3-config-wizard(1). # # i3 config file (v4) # # Please see http://i3wm.org/docs/userguide.html for a complete reference! # Windows key set $mod Mod4 # set $mod Mod1 <-- alt # Font for window titles. Will also be used by the bar unless a different font # is used in the bar {} block below. font pango:monospace 8 # This font is widely installed, provides lots of unicode glyphs, right-to-left # text rendering and scalability on retina/hidpi displays (thanks to pango). font pango:DejaVu Sans Mono 8 # Before i3 v4.8, we used to recommend this one as the default: # font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1 # The font above is very space-efficient, that is, it looks good, sharp and # clear in small sizes. However, its unicode glyph coverage is limited, the old # X core fonts rendering does not support right-to-left and this being a bitmap # font, it doesn’t scale on retina/hidpi displays. # Use Mouse+$mod to drag floating windows to their wanted position floating_modifier $mod # start a terminal bindsym $mod+Return exec i3-sensible-terminal # kill focused window bindsym $mod+Shift+q kill # start dmenu (a program launcher) bindsym $mod+d exec dmenu_run # There also is the (new) i3-dmenu-desktop which only displays applications # shipping a .desktop file. It is a wrapper around dmenu, so you need that # installed. # bindsym $mod+d exec --no-startup-id i3-dmenu-desktop # change focus bindsym $mod+j focus left bindsym $mod+k focus down bindsym $mod+l focus up bindsym $mod+ccaron focus right # alternatively, you can use the cursor keys: bindsym $mod+Left focus left bindsym $mod+Down focus down bindsym $mod+Up focus up bindsym $mod+Right focus right # move focused window bindsym $mod+Shift+j move left bindsym $mod+Shift+k move down bindsym $mod+Shift+l move up bindsym $mod+Shift+ccaron move right # alternatively, you can use the cursor keys: bindsym $mod+Shift+Left move left bindsym $mod+Shift+Down move down bindsym $mod+Shift+Up move up bindsym $mod+Shift+Right move right # split in horizontal orientation bindsym $mod+h split h # split in vertical orientation bindsym $mod+v split v # enter fullscreen mode for the focused container bindsym $mod+f fullscreen toggle # change container layout (stacked, tabbed, toggle split) bindsym $mod+s layout stacking bindsym $mod+w layout tabbed bindsym $mod+e layout toggle split # toggle tiling / floating bindsym $mod+Shift+space floating toggle # change focus between tiling / floating windows bindsym $mod+space focus mode_toggle # focus the parent container bindsym $mod+a focus parent # focus the child container #bindsym $mod+d focus child # Name the workspaces set $tag1 "1: term" set $tag2 "2: www" set $tag3 "3: mail" set $tag4 "4: edit" set $tag5 "5: nautilus" set $tag6 "6: virtual" set $tag7 "7: music" set $tag8 "8: video" set $tag9 "9: tor" set $tag10 "10: term" # assignment apps to a named workspace #assign [class="^Terminator$"] → "1: term" assign [class="^Tor Browser$"] → "2: www" assign [class="^Firefox$"] → "2: www" assign [class="^Chromium$"] → "2: www" assign [class="^Thunderbird$"] → "3: mail" assign [class="^Gedit$"] → "4: edit" assign [class="^libreoffice-startcenter$"] → "4: edit" assign [class="^Nautilus$"] → "5: nautilus" assign [class="^VirtualBox$"] → "6: virtual" assign [class="^Clementine$"] → "7: music" assign [class="^Vlc$"] → "8: video" assign [class="^Transmission-gtk$"] → "9: tor" # switch to workspace bindsym $mod+1 workspace $tag1 bindsym $mod+2 workspace $tag2 bindsym $mod+3 workspace $tag3 bindsym $mod+4 workspace $tag4 bindsym $mod+5 workspace $tag5 bindsym $mod+6 workspace $tag6 bindsym $mod+7 workspace $tag7 bindsym $mod+8 workspace $tag8 bindsym $mod+9 workspace $tag9 bindsym $mod+0 workspace $tag10 # move focused container to workspace bindsym $mod+Shift+1 move container to workspace $tag1 bindsym $mod+Shift+2 move container to workspace $tag2 bindsym $mod+Shift+3 move container to workspace $tag3 bindsym $mod+Shift+4 move container to workspace $tag4 bindsym $mod+Shift+5 move container to workspace $tag5 bindsym $mod+Shift+6 move container to workspace $tag6 bindsym $mod+Shift+7 move container to workspace $tag7 bindsym $mod+Shift+8 move container to workspace $tag8 bindsym $mod+Shift+9 move container to workspace $tag9 bindsym $mod+Shift+0 move container to workspace $tag10 # reload the configuration file bindsym $mod+Shift+c reload # restart i3 inplace (preserves your layout/session, can be used to upgrade i3) bindsym $mod+Shift+r restart # exit i3 (logs you out of your X session) bindsym $mod+Shift+e exec "i3-nagbar -t warning -m 'You pressed the exit shortcut. Do you really want to exit i3? This will end your X session.' -b 'Yes, exit i3' 'i3-msg exit'" # resize window (you can also use the mouse for that) mode "resize" { # These bindings trigger as soon as you enter the resize mode # Pressing left will shrink the window’s width. # Pressing right will grow the window’s width. # Pressing up will shrink the window’s height. # Pressing down will grow the window’s height. bindsym j resize shrink width 10 px or 10 ppt bindsym k resize grow height 10 px or 10 ppt bindsym l resize shrink height 10 px or 10 ppt bindsym ccaron resize grow width 10 px or 10 ppt # same bindings, but for the arrow keys bindsym Left resize shrink width 10 px or 10 ppt bindsym Down resize grow height 10 px or 10 ppt bindsym Up resize shrink height 10 px or 10 ppt bindsym Right resize grow width 10 px or 10 ppt # back to normal: Enter or Escape bindsym Return mode "default" bindsym Escape mode "default" } bindsym $mod+r mode "resize" # Start i3bar to display a workspace bar (plus the system information i3status # finds out, if available) #bar { # status_command i3status #} # bar { font -misc-fixed-medium-r-normal--13-120-75-75-C-70-iso10646-1 font pango:DejaVu Sans Mono 8 colors { # Whole color settings background #000000 statusline #ffffff separator #666666 # Type border background font focused_workspace #008fff #007fff #ffffff active_workspace #333333 #5f676a #ffffff inactive_workspace #333333 #222222 #888888 urgent_workspace #aa0000 #990000 #ffffff } # i3bar position position top # Using custom i3status.conf status_command i3status -c ~/.i3/i3status.conf } # floating programs # #for_window [instance="torbrowser"] floating enable ### # ################################### # after 5 min lock screen #exec --no-startup-id xset dpms 600 # exec --no-startup-id xautolock -time 5 -locker "i3lock -u -t -e -c 000000 -i ~/Pictures/Ozadja/lock5.png -n" & ################## # Startup programs # # setup background exec --no-startup-id feh --bg-fill ~/Pictures/Ozadja/wall3.jpg # start network manager exec --no-startup-id nm-applet # setup slovenian keyboard exec --no-startup-id setxkbmap -layout si # za pravilno delovanje jave exec --no-startup-id wmname LG3D & # setup displays #exec ~/.i3/detect_displays.sh ###################################### # i3lock shutdown, reboot, lock screen set $Locker i3lock -u -t -e -c 000000 -i ~/Pictures/Ozadja/lock5.png -n && sleep 1 set $mode_system System (l) lock, (e) logout, (s) suspend, (h) hibernate, (r) reboot, (Shift+s) shutdown mode "$mode_system" { bindsym l exec --no-startup-id $Locker, mode "default" bindsym e exec --no-startup-id i3-msg exit, mode "default" bindsym s exec --no-startup-id $Locker && systemctl suspend, mode "default" bindsym h exec --no-startup-id $Locker && systemctl hibernate, mode "default" bindsym r exec --no-startup-id systemctl reboot, mode "default" bindsym Shift+s exec --no-startup-id systemctl poweroff -i, mode "default" # back to normal: Enter or Escape bindsym Return mode "default" bindsym Escape mode "default" } bindsym $mod+Pause mode "$mode_system" ###################################### # # pulse audio volume control #bindsym XF86AudioLowerVolume exec /usr/bin/pactl set-sink-volume 0 -- '-5%' #bindsym XF86AudioRaiseVolume exec /usr/bin/pactl set-sink-volume 0 -- '+5%' #bindsym XF86AudioMute exec /usr/bin/pactl set-sink-volume 0 0 #bindsym XF86Launch1 exec /usr/bin/pactl play-sample that_was_easy #bindsym XF86MonBrightnessUp exec /usr/bin/xbacklight -inc 10 #bindsym XF86MonBrightnessDown exec /usr/bin/xbacklight -dec 5
$ vim .i3/i3status.conf # i3status configuration file. # see "man i3status" for documentation. # It is important that this file is edited as UTF-8. # The following line should contain a sharp s: # ß # If the above line is not correctly displayed, fix your editor first! general { output_format = "i3bar" colors = true interval = 5 } order += "cpu_usage" order += "cpu_temperature 0" #order += "ipv6" order += "disk /home" #order += "run_watch DHCP" #order += "run_watch VPN" #order += "wireless _first_" order += "ethernet _first_" #order += "battery 0" #order += "load" order += "volume master" order += "tztime local" wireless _first_ { format_up = "Wifi: (%quality at %essid, %bitrate) %ip" format_down = "W: down" } ethernet _first_ { # if you use %speed, i3status requires root privileges format_up = "Eth: %ip (%speed)" format_down = "Eth: down" } battery 0 { format = "Bat: %status %percentage %remaining" } #battery 0 { # format = "%status %percentage %remaining %emptytime" # format_down = "No battery" # status_chr = "⚇ CHR"" # status_bat = "⚡ BAT" # status_full = "☻ FULL" # path = "/sys/class/power_supply/BAT0/uevent" # low_threshold = 10 #} cpu_temperature 0 { format = "CPU Temp: %degrees °C" path = "/sys/devices/platform/coretemp.0/hwmon/hwmon1/temp1_input" } cpu_usage { format = "CPU: %usage" } run_watch DHCP { pidfile = "/var/run/dhclient*.pid" } run_watch VPN { pidfile = "/var/run/vpnc/pid" } tztime local { format = "%d-%m-%Y %H:%M:%S" } load { format = "%1min" } disk "/home" { format = "Home: %avail free" } volume master { format = "♪: %volume" format_muted = "♪: muted (%volume)" device = "default" mixer = "Master" mixer_idx = 0 }
FONTS
# pacman -S ttf-dejavu ttf-ubuntu-font-family ttf-ms-fonts(for winbox)
NETWORK MANAGER
https://wiki.archlinux.org/index.php/NetworkManager#Configuration
# pacman -S networkmanager networkmanager-openvpn # systemctl enable NetworkManager.service Created symlink from /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service to /usr/lib/systemd/system/NetworkManager.service. Created symlink from /etc/systemd/system/multi-user.target.wants/NetworkManager.service to /usr/lib/systemd/system/NetworkManager.service. Created symlink from /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service to /usr/lib/systemd/system/NetworkManager-dispatcher.service.
# pacman -S polkit-gnome
# vim /etc/group network:x:90:newuser pre># vim /etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules polkit.addRule(function(action, subject) { if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) { return polkit.Result.YES; } });
LAPTOP (hibernate laptop at 5% of the battery life
# vim /etc/udev/rules.d/99-lowbat.rules # Suspend the system when battery level drops to 5% or lower SUBSYSTEM=="power_supply", ATTR{status}=="Discharging", ATTR{capacity}=="[0-5]", RUN+="/usr/bin/systemctl hibernate"
TOUCHPAD
# vim /etc/X11/xorg.conf.d/50-synaptics.conf Section "InputClass" Identifier "touchpad" Driver "synaptics" MatchIsTouchpad "on" Option "TapButton1" "1" Option "TapButton2" "2" Option "TapButton3" "3" Option "VertEdgeScroll" "on" Option "VertTwoFingerScroll" "on" Option "HorizEdgeScroll" "on" Option "HorizTwoFingerScroll" "on" Option "CircularScrolling" "on" Option "CircScrollTrigger" "2" Option "EmulateTwoFingerMinZ" "40" Option "EmulateTwoFingerMinW" "8" Option "CoastingSpeed" "0" Option "FingerLow" "35" Option "FingerHigh" "40" EndSection
VIRTUALIZATION
VIRTUALBOX
# pacman -S virtualbox gksu $ yaourt -S virtualbox-ext-oracle
# vim /etc/modules-load.d/virtualbox.conf
vboxdrv
vboxnetflt
vboxnetadp
vboxpci$ sudo gpasswd -a newuser vboxusers Adding user newuser to group vboxusers
LIBVIRT (KVM)
$ yaourt -S ebtables bridge-utils dnsmasq qemu virt-viewer $ yaourt -S libguestfs (tools for edit qcow2 images)
Define storage pool
example: directory on external usb drive
# virsh pool-define-as usb dir - - - - /run/media/newuser/141226ea-ea1c-4d93-aa2a-dfc0ed87ebc8/VM
Import new image
$ virt-install \ --name servername \ --memory 1024 \ --disk /run/media/newuser/141226ea-ea1c-4d93-aa2a-dfc0ed87ebc8/VM/eduroam2.img \ --import
NESTED VIRTUALIZATION
# vim /etc/modprobe.d/modprobe.conf options kvm_intel nested=1
PICTURE VIEWERS/EDITORS
$ yaourt -S shutter gimp feh
RDESKTOP (remotely manage windows computers)
$ yaourt -S rdesktopOFFICE
$ yaourt -S libreoffice-still
PDF reader
$ yaourt -S evince
NETWORK TOOLS
$ yaourt -S dnsutils whois ipcalc wireshark-cli nmap minicom net-tools
For wireshark ... # gpasswd -a newuser wireshark Adding user newuser to group wireshark # newgrp wireshark
DISK test tools
$ yaourt -S smartmontools
PRINTERS
$ yaourt -S cups cups-pdf
# systemctl start org.cups.cupsd.service # systemctl enable org.cups.cupsd.service Created symlink from /etc/systemd/system/printer.target.wants/org.cups.cupsd.service to /usr/lib/systemd/system/org.cups.cupsd.service. Created symlink from /etc/systemd/system/sockets.target.wants/org.cups.cupsd.socket to /usr/lib/systemd/system/org.cups.cupsd.socket. Created symlink from /etc/systemd/system/multi-user.target.wants/org.cups.cupsd.path to /usr/lib/systemd/system/org.cups.cupsd.path.
From webpage http://localhost:631, we can add new printers
LCMC – cluster administration
$ yaourt -S jre7-openjdk lcmc
ZIP
$ yaourt -S file-roller p7zip unrar cdrkit
ANTIVIRUS
$ yaourt -S clamav # touch /var/lib/clamav/clamd.sock # chown clamav:clamav /var/lib/clamav/clamd.sock # systemctl restart clamd.service
DOS TOOLS
$ yaourt -S dosfstools
WINE
# vim /etc/pacman.conf (uncomment) [multilib] Include = /etc/pacman.d/mirrorlist $ yaourt -Syu $ yaourt -S wine winetricks
FLASHPLAYER
$ yaourt -S flashplugin
TORRENT CLIENTS
$ yaourt -S transmission-cli deluge
I2P ANONYMOUS SERVICE DAEMON
$ yaourt -S i2p $ sudo systemctl enable i2prouter.service Created symlink from /etc/systemd/system/multi-user.target.wants/i2prouter.service to /usr/lib/systemd/system/i2prouter.service. $ sudo systemctl start i2prouter.service
It works in firefox.
PASSWORD GENERATOR
$ yaourt -S apg
GPG SIGNATURE PROBLEMs
https://wiki.manjaro.org/index.php/Pacman_troubleshooting#.22Failed_to_commit_transaction_.28invalid_or_corrupted_package.29.22_Error
Solution:
# pacman-key --init # pacman-key --populate archlinux # pacman-key --refresh-keys # pacman -Sc # pacman -Syuu
GNOME KEYRING
https://wiki.archlinux.org/index.php/GNOME_Keyring
At the end of files we add:
# vim /etc/pam.d/login
session optional pam_gnome_keyring.so auto_start# vim /etc/pam.d/passwd
password optional pam_gnome_keyring.soSENSORS
$ yaourt -S lm_sensors