I hope Arch Linux never dies

Similar Messages

• Linode with latest Arch Linux never brings networking online at boot?

  Hello, I use Linode for my primary VPS related stuff. On it, I usually use Arch Linux. Recently however, I've faced a pretty big issue. If I spin up a new linode, do a pacman -Syu and then reboot it, it will not setup networking when it starts up.
  I have to manually login with their Lish out-of-band access to login and start networking manually (ie, by doing dhcpcd eth0). I've filed a support ticket with them, but they said it was basically out of their control and pointed me here. I've never had this issue until recently.
  I've already tried setting up netctl and such for defaults, but it still ends up with no DHCP lease upon boot, and I'm not sure why. Anyone know of this issue and/or how to fix it?

  I had this same issue. I fixed it by (via Lish) systemctl enabling and starting dhcpcd.service, and (if that didn't fix ssh) restarting sshd.service.
  I also found this interesting:
  [root@sandbox ~]# cat /usr/lib/systemd/network/10-dhcp.network
  [Match]
  Name=eth0
  [Network]
  DHCP=yes
  Is networkd supposed to be handling network configuration, and if so, shouldn't that be "ef*" rather than eth0?
  Is there a better solution that should be put in place to fix this? How does Arch normally do DHCP on Ethernet right now?
  Last edited by STUART (2014-08-05 12:23:04)

• [SOLVED] Ndiswrapper, NetworkManager 0.7 and 64-bit Arch Linux

  Hi there!
  I am having problems configuring my wireless card. I know I have to use Ndiswrapper, and this is what I have tried to do; however, it didn't go quite well.
  This is rather odd because it worked perfectly in the 32-bit version of Arch Linux, but now it doesn't work.
  So, here comes the code.
  valandil ~ $ lspci | grep Network
  0b:00.0 Network controller: Broadcom Corporation BCM4311 802.11b/g WLAN (rev 01)
  I really use ndiswrapper and have already installed what I think is the proper driver (it seems that the list the official ndiswrapper site had has somehow disappeared.
  sudo ndiswrapper -l
  Password:
  bcmwl5 : driver installed
  device (14E4:4311) present (alternate driver: ssb)
  Here's iwconfig:
  valandil ~ $ iwconfig
  lo no wireless extensions.
  eth0 no wireless extensions.
  wmaster0 no wireless extensions.
  wlan0 IEEE 802.11bg ESSID:""
  Mode:Managed Frequency:2.412 GHz Access Point: Not-Associated
  Tx-Power=0 dBm
  Retry min limit:7 RTS thr:off Fragment thr=2352 B
  Power Management:off
  Link Quality:0 Signal level:0 Noise level:0
  Rx invalid nwid:0 Rx invalid crypt:0 Rx invalid frag:0
  Tx excessive retries:0 Invalid misc:0 Missed beacon:0
  I use NetworkManager 0.7 and have configured properly:
  rc.conf:
  # /etc/rc.conf - Main Configuration for Arch Linux
  # LOCALIZATION
  # LOCALE: available languages can be listed with the 'locale -a' command
  # HARDWARECLOCK: set to "UTC" or "localtime"
  # USEDIRECTISA: use direct I/O requests instead of /dev/rtc for hwclock
  # TIMEZONE: timezones are found in /usr/share/zoneinfo
  # KEYMAP: keymaps are found in /usr/share/kbd/keymaps
  # CONSOLEFONT: found in /usr/share/kbd/consolefonts (only needed for non-US)
  # CONSOLEMAP: found in /usr/share/kbd/consoletrans
  # USECOLOR: use ANSI color sequences in startup messages
  LOCALE="en_US.utf8"
  HARDWARECLOCK="localtime"
  USEDIRECTISA="no"
  TIMEZONE="America/Vancouver"
  KEYMAP="cf"
  CONSOLEFONT=
  CONSOLEMAP=
  USECOLOR="yes"
  # HARDWARE
  # MOD_AUTOLOAD: Allow autoloading of modules at boot and when needed
  # MOD_BLACKLIST: Prevent udev from loading these modules
  # MODULES: Modules to load at boot-up. Prefix with a ! to blacklist.
  # NOTE: Use of 'MOD_BLACKLIST' is deprecated. Please use ! in the MODULES array.
  MOD_AUTOLOAD="yes"
  #MOD_BLACKLIST=() #deprecated
  MODULES=(fuse ndiswrapper fglrx !b44 !mii bcm43xx !snd_pcsp snd-mixer-oss snd-pcm-oss snd-hwdep snd-page-alloc snd-pcm snd-timer snd snd-hda-intel soundcore !pcspkr)
  # Scan for LVM volume groups at startup, required if you use LVM
  USELVM="no"
  # NETWORKING
  # HOSTNAME: Hostname of machine. Should also be put in /etc/hosts
  HOSTNAME="cipher"
  # Use 'ifconfig -a' or 'ls /sys/class/net/' to see all available interfaces.
  # Interfaces to start at boot-up (in this order)
  # Declare each interface then list in INTERFACES
  # - prefix an entry in INTERFACES with a ! to disable it
  # - no hyphens in your interface names - Bash doesn't like it
  # DHCP: Set your interface to "dhcp" (eth0="dhcp")
  # Wireless: See network profiles below
  #eth0="eth0 192.168.0.2 netmask 255.255.255.0 broadcast 192.168.0.255"
  eth0="dhcp"
  INTERFACES=(lo !eth0 !wlan0)
  # Routes to start at boot-up (in this order)
  # Declare each route then list in ROUTES
  # - prefix an entry in ROUTES with a ! to disable it
  gateway="default gw 192.168.1.1"
  ROUTES=(!gateway)
  # Enable these network profiles at boot-up. These are only useful
  # if you happen to need multiple network configurations (ie, laptop users)
  # - set to 'menu' to present a menu during boot-up (dialog package required)
  # - prefix an entry with a ! to disable it
  # Network profiles are found in /etc/network.d
  # This now requires the netcfg package
  #NETWORKS=(main)
  # DAEMONS
  # Daemons to start at boot-up (in this order)
  # - prefix a daemon with a ! to disable it
  # - prefix a daemon with a @ to start it up in the background
  DAEMONS=(@stbd httpd !network syslog-ng netfs crond alsa hal dhcdbd networkmanager fam gdm)
  hosts file :
  # /etc/hosts: static lookup table for host names
  #<ip-address> <hostname.domain.org> <hostname>
  127.0.0.1 localhost.localdomain localhost cipher
  # End of file
  /etc/NetworkManager/nm-system-settings.conf:
  GNU nano 2.0.9 File: /etc/NetworkManager/nm-system-settings.conf
  [main]
  plugins=keyfile
  [keyfile]
  hostname=cipher
  I hope you can solve this problem; wireless is really crucial.
  Thanks for any help,
  Last edited by valandil (2012-05-02 18:27:09)

  Alleluia!!!
  I think I will write a new rule for myself to follow :
  Thou shalt never use ndiswrapper again.
  Thanks a lot, wonder, and thanks to you too, Xyne.
  FYI, I tried to use something else than ndiswrapper before, but it didn't yield satisfying results. Anyway, thanks.

• System encryption using LUKS and GPG encrypted keys for arch linux

  Update: As of 2012-03-28, arch changed from gnupg 1.4 to 2.x which uses pinentry for the password dialog. The "etwo" hook described here doesn't work with gnupg 2. Either use the openssl hook below or use a statically compiled version of gnupg 1.4.
  Update: As of 2012-12-19, the mkinitcpio is not called during boot, unless the "install" file for the hook contains "add_runscript". This resulted in an unbootable system for me. Also, the method name was changed from install () to build ().
  Update: 2013-01-13: Updated the hook files using the corrections by Deth.
  Note: This guide is a bit dated now, in particular the arch installation might be different now. But essentially, the approach stays the same. Please also take a look at the posts further down, specifically the alternative hooks that use openssl.
  I always wanted to set up a fully encrypted arch linux server that uses gpg encrypted keyfiles on an external usb stick and luks for root filesystem encryption. I already did it once in gentoo using this guide. For arch, I had to play alot with initcpio hooks and after one day of experimentation, I finally got it working. I wrote a little guide for myself which I'm going to share here for anyone that might be interested. There might be better or easier ways, like I said this is just how I did it. I hope it might help someone else. Constructive feedback is always welcome
  Intro
  Using arch linux mkinitcpio's encrypt hook, one can easily use encrypted root partitions with LUKS. It's also possible to use key files stored on an external drive, like an usb stick. However, if someone steals your usb stick, he can just copy the key and potentially access the system. I wanted to have a little extra security by additionally encrypting the key file with gpg using a symmetric cipher and a passphrase.
  Since the encrypt hook doesn't support this scenario, I created a modifed hook called “etwo” (silly name I know, it was the first thing that came to my mind). It will simply look if the key file has the extension .gpg and, if yes, use gpg to decrypt it, then pipe the result into cryptsetup.
  Conventions
  In this short guide, I use the following disk/partition names:
  /dev/sda: is the hard disk that will contain an encrypted swap (/dev/sda1), /var (/dev/sda2) and root (/dev/sda3) partition.
  /dev/sdb is the usb stick that will contain the gpg encrypted luks keys, the kernel and grub. It will have one partition /dev/sdb1 formatted with ext2.
  /dev/mapper/root, /dev/mapper/swap and /dev/mapper/var will be the encrypted devices.
  Credits
  Thanks to the authors of SECURITY_System_Encryption_DM-Crypt_with_LUKS (gentoo wiki), System Encryption with LUKS (arch wiki), mkinitcpio (arch wiki) and Early Userspace in Arch Linux (/dev/brain0 blog)!
  Guide
  1. Boot the arch live cd
  I had to use a newer testing version, because the 2010.05 cd came with a broken gpg. You can download one here: http://releng.archlinux.org/isos/. I chose the “core“ version. Go ahead and boot the live cd, but don't start the setup yet.
  2. Set keymap
  Use km to set your keymap. This is important for non-qwerty keyboards to avoid suprises with passphrases...
  3. Wipe your discs
  ATTENTION: this will DELETE everything on /dev/sda and /dev/sdb forever! Do not blame me for any lost data!
  Before encrypting the hard disc, it has to be completely wiped and overwritten with random data. I used shred for this. Others use badblocks or dd with /dev/urandom. Either way, this will take a long time, depending on the size of your disc. I also wiped my usb stick just to be sure.
  shred -v /dev/sda
  shred -v /dev/sdb
  4. Partitioning
  Fire up fdisk and create the following partitions:
  /dev/sda1, type linux swap.
  /dev/sda2: type linux
  /dev/sda3: type linux
  /dev/sdb1, type linux
  Of course you can choose a different layout, this is just how I did it. Keep in mind that only the root filesystem will be decrypted by the initcpio. The rest will be decypted during normal init boot using /etc/crypttab, the keys being somewhere on the root filesystem.
  5. Format  and mount the usb stick
  Create an ext2 filesystem on /dev/sdb1:
  mkfs.ext2 /dev/sdb1
  mkdir /root/usb
  mount /dev/sdb1 /root/usb
  cd /root/usb # this will be our working directory for now.
  Do not mount anything to /mnt, because the arch installer will use that directory later to mount the encrypted root filesystem.
  6. Configure the network (if not already done automatically)
  ifconfig eth0 192.168.0.2 netmask 255.255.255.0
  route add default gw 192.168.0.1
  echo "nameserver 192.168.0.1" >> /etc/resolv.conf
  (this is just an example, your mileage may vary)
  7. Install gnupg
  pacman -Sy
  pacman -S gnupg
  Verify that gnupg works by launching gpg.
  8. Create the keys
  Just to be sure, make sure swap is off:
  cat /proc/swaps
  should return no entries.
  Create gpg encrypted keys (remember, we're still in our working dir /root/usb):
  dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > root.gpg
  dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > var.gpg
  Choose a strong password!!
  Don't do this in two steps, e.g don't do dd to a file and then gpg on that file. The key should never be stored in plain text on an unencrypted device, except if that device is wiped on system restart (ramfs)!
  Note that the default cipher for gpg is cast5, I just chose to use a different one.
  9. Create the encrypted devices with cryptsetup
  Create encrypted swap:
  cryptsetup -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -d /dev/urandom create swap /dev/sda1
  You should see /dev/mapper/swap now. Don't format nor turn it on for now. This will be done by the arch installer.
  Important: From the Cryptsetup 1.1.2 Release notes:
  Cryptsetup can accept passphrase on stdin (standard input). Handling of new line (\n) character is defined by input specification:
      if keyfile is specified as "-" (using --key-file=- or by positional argument in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- <action> ), input is processed
        as normal binary file and no new line is interpreted.
      if there is no key file specification (with default input from stdin pipe like echo passphrase | cryptsetup <action> ) input is processed as input from terminal, reading will
        stop after new line is detected.
  If I understand this correctly, since the randomly generated key can contain a newline early on, piping the key into cryptsetup without specifying --key-file=- could result in a big part of the key to be ignored by cryptsetup. Example: if the random key was "foo\nandsomemorebaratheendofthekey", piping it directly into cryptsetup without --key-file=- would result in cryptsetup using only "foo" as key which would have big security implications. We should therefor ALWAYS pipe the key into cryptsetup using --key-file=- which ignores newlines.
  gpg -q -d root.gpg 2>/dev/null | cryptsetup -v -–key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool luksFormat /dev/sda3
  gpg -q -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -v luksFormat /dev/sda2
  Check for any errors.
  10. Open the luks devices
  gpg -d root.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda3 root
  gpg -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda2 var
  If you see /dev/mapper/root and /dev/mapper/var now, everything is ok.
  11. Start the installer /arch/setup
  Follow steps 1 to 3.
  At step 4 (Prepare hard drive(s), select “3 – Manually Configure block devices, filesystems and mountpoints. Choose /dev/sdb1 (the usb stick) as /boot, /dev/mapper/swap for swap, /dev/mapper/root for / and /dev/mapper/var for /var.
  Format all drives (choose “yes” when asked “do you want to have this filesystem (re)created”) EXCEPT for /dev/sdb1, choose “no”. Choose the correct filesystem for /dev/sdb1, ext2 in my case. Use swap for /dev/mapper/swap. For the rest, I chose ext4.
  Select DONE to start formatting.
  At step 5 (Select packages), select grub as boot loader. Select the base group. Add mkinitcpio.
  Start step 6 (Install packages).
  Go to step 7 (Configure System).
  By sure to set the correct KEYMAP, LOCALE and TIMEZONE in /etc/rc.conf.
  Edit /etc/fstab:
  /dev/mapper/root / ext4 defaults 0 1
  /dev/mapper/swap swap swap defaults 0 0
  /dev/mapper/var /var ext4 defaults 0 1
  # /dev/sdb1 /boot ext2 defaults 0 1
  Configure the rest normally. When you're done, setup will launch mkinitcpio. We'll manually launch this again later.
  Go to step 8 (install boot loader).
  Be sure to change the kernel line in menu.lst:
  kernel /vmlinuz26 root=/dev/mapper/root cryptdevice=/dev/sda3:root cryptkey=/dev/sdb1:ext2:/root.gpg
  Don't forget the :root suffix in cryptdevice!
  Also, my root line was set to (hd1,0). Had to change that to
  root (hd0,0)
  Install grub to /dev/sdb (the usb stick).
  Now, we can exit the installer.
  12. Install mkinitcpio with the etwo hook.
  Create /mnt/lib/initcpio/hooks/etwo:
  #!/usr/bin/ash
  run_hook() {
  /sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
  if [ -e "/sys/class/misc/device-mapper" ]; then
  if [ ! -e "/dev/mapper/control" ]; then
  /bin/mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
  fi
  [ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
  # Get keyfile if specified
  ckeyfile="/crypto_keyfile"
  usegpg="n"
  if [ "x${cryptkey}" != "x" ]; then
  ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
  ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
  ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
  if poll_device "${ckdev}" ${rootdelay}; then
  case ${ckarg1} in
  *[!0-9]*)
  # Use a file on the device
  # ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
  if [ "${ckarg2#*.}" = "gpg" ]; then
  ckeyfile="${ckeyfile}.gpg"
  usegpg="y"
  fi
  mkdir /ckey
  mount -r -t ${ckarg1} ${ckdev} /ckey
  dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
  umount /ckey
  # Read raw data from the block device
  # ckarg1 is numeric: ckarg1=offset, ckarg2=length
  dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
  esac
  fi
  [ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
  fi
  if [ -n "${cryptdevice}" ]; then
  DEPRECATED_CRYPT=0
  cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
  cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
  else
  DEPRECATED_CRYPT=1
  cryptdev="${root}"
  cryptname="root"
  fi
  warn_deprecated() {
  echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
  echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
  if poll_device "${cryptdev}" ${rootdelay}; then
  if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
  [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
  dopassphrase=1
  # If keyfile exists, try to use that
  if [ -f ${ckeyfile} ]; then
  if [ "${usegpg}" = "y" ]; then
  # gpg tty fixup
  if [ -e /dev/tty ]; then mv /dev/tty /dev/tty.backup; fi
  cp -a /dev/console /dev/tty
  while [ ! -e /dev/mapper/${cryptname} ];
  do
  sleep 2
  /usr/bin/gpg -d "${ckeyfile}" 2>/dev/null | cryptsetup --key-file=- luksOpen ${cryptdev} ${cryptname} ${CSQUIET}
  dopassphrase=0
  done
  rm /dev/tty
  if [ -e /dev/tty.backup ]; then mv /dev/tty.backup /dev/tty; fi
  else
  if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
  dopassphrase=0
  else
  echo "Invalid keyfile. Reverting to passphrase."
  fi
  fi
  fi
  # Ask for a passphrase
  if [ ${dopassphrase} -gt 0 ]; then
  echo ""
  echo "A password is required to access the ${cryptname} volume:"
  #loop until we get a real password
  while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
  sleep 2;
  done
  fi
  if [ -e "/dev/mapper/${cryptname}" ]; then
  if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
  export root="/dev/mapper/root"
  fi
  else
  err "Password succeeded, but ${cryptname} creation failed, aborting..."
  exit 1
  fi
  elif [ -n "${crypto}" ]; then
  [ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
  msg "Non-LUKS encrypted device found..."
  if [ $# -ne 5 ]; then
  err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
  err "Non-LUKS decryption not attempted..."
  return 1
  fi
  exe="/sbin/cryptsetup create ${cryptname} ${cryptdev}"
  tmp=$(echo "${crypto}" | cut -d: -f1)
  [ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
  tmp=$(echo "${crypto}" | cut -d: -f2)
  [ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
  tmp=$(echo "${crypto}" | cut -d: -f3)
  [ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
  tmp=$(echo "${crypto}" | cut -d: -f4)
  [ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
  tmp=$(echo "${crypto}" | cut -d: -f5)
  [ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
  if [ -f ${ckeyfile} ]; then
  exe="${exe} --key-file ${ckeyfile}"
  else
  exe="${exe} --verify-passphrase"
  echo ""
  echo "A password is required to access the ${cryptname} volume:"
  fi
  eval "${exe} ${CSQUIET}"
  if [ $? -ne 0 ]; then
  err "Non-LUKS device decryption failed. verify format: "
  err " crypto=hash:cipher:keysize:offset:skip"
  exit 1
  fi
  if [ -e "/dev/mapper/${cryptname}" ]; then
  if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
  export root="/dev/mapper/root"
  fi
  else
  err "Password succeeded, but ${cryptname} creation failed, aborting..."
  exit 1
  fi
  else
  err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
  fi
  fi
  rm -f ${ckeyfile}
  fi
  Create /mnt/lib/initcpio/install/etwo:
  #!/bin/bash
  build() {
  local mod
  add_module dm-crypt
  if [[ $CRYPTO_MODULES ]]; then
  for mod in $CRYPTO_MODULES; do
  add_module "$mod"
  done
  else
  add_all_modules '/crypto/'
  fi
  add_dir "/dev/mapper"
  add_binary "cryptsetup"
  add_binary "dmsetup"
  add_binary "/usr/bin/gpg"
  add_file "/usr/lib/udev/rules.d/10-dm.rules"
  add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
  add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
  add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
  add_runscript
  help ()
  cat<<HELPEOF
  This hook allows for an encrypted root device with support for gpg encrypted key files.
  To use gpg, the key file must have the extension .gpg and you have to install gpg and add /usr/bin/gpg
  to your BINARIES var in /etc/mkinitcpio.conf.
  HELPEOF
  Edit /mnt/etc/mkinitcpio.conf (only relevant sections displayed):
  MODULES=”ext2 ext4” # not sure if this is really nessecary.
  BINARIES=”/usr/bin/gpg” # this could probably be done in install/etwo...
  HOOKS=”base udev usbinput keymap autodetect pata scsi sata usb etwo filesystems” # (usbinput is only needed if you have an usb keyboard)
  Copy the initcpio stuff over to the live cd:
  cp /mnt/lib/initcpio/hooks/etwo /lib/initcpio/hooks/
  cp /mnt/lib/initcpio/install/etwo /lib/initcpio/install/
  cp /mnt/etc/mkinitcpio.conf /etc/
  Verify your LOCALE, KEYMAP and TIMEZONE in /etc/rc.conf!
  Now reinstall the initcpio:
  mkinitcpio -g /mnt/boot/kernel26.img
  Make sure there were no errors and that all hooks were included.
  13. Decrypt the "var" key to the encrypted root
  mkdir /mnt/keys
  chmod 500 /mnt/keys
  gpg –output /mnt/keys/var -d /mnt/boot/var.gpg
  chmod 400 /mnt/keys/var
  14. Setup crypttab
  Edit /mnt/etc/crypttab:
  swap /dev/sda1 SWAP -c aes-cbc-essiv:sha256 -s 256 -h whirlpool
  var /dev/sda2 /keys/var
  15. Reboot
  We're done, you may reboot. Make sure you select the usb stick as the boot device in your bios and hope for the best. . If it didn't work, play with grub's settings or boot from the live cd, mount your encrypted devices and check all settings. You might also have less trouble by using uuid's instead of device names.  I chose device names to keep things as simple as possible, even though it's not the optimal way to do it.
  Make backups of your data and your usb stick and do not forget your password(s)! Or you can say goodbye to your data forever...
  Last edited by fabriceb (2013-01-15 22:36:23)

  I'm trying to run my install script that is based on https://bbs.archlinux.org/viewtopic.php?id=129885
  Decrypting the gpg key after grub works, but then "Devce root already exists." appears every second.
  any idea ?
  #!/bin/bash
  # This script is designed to be run in conjunction with a UEFI boot using Archboot intall media.
  # prereqs:
  # EFI "BIOS" set to boot *only* from EFI
  # successful EFI boot of Archboot USB
  # mount /dev/sdb1 /src
  set -o nounset
  #set -o errexit
  # Host specific configuration
  # this whole script needs to be customized, particularly disk partitions
  # and configuration, but this section contains global variables that
  # are used during the system configuration phase for convenience
  HOSTNAME=daniel
  USERNAME=user
  # Globals
  # We don't need to set these here but they are used repeatedly throughout
  # so it makes sense to reuse them and allow an easy, one-time change if we
  # need to alter values such as the install target mount point.
  INSTALL_TARGET="/install"
  HR="--------------------------------------------------------------------------------"
  PACMAN="pacman --noconfirm --config /tmp/pacman.conf"
  TARGET_PACMAN="pacman --noconfirm --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
  CHROOT_PACMAN="pacman --noconfirm --cachedir /var/cache/pacman/pkg --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
  FILE_URL="file:///packages/core-$(uname -m)/pkg"
  FTP_URL='ftp://mirrors.kernel.org/archlinux/$repo/os/$arch'
  HTTP_URL='http://mirrors.kernel.org/archlinux/$repo/os/$arch'
  # Functions
  # I've avoided using functions in this script as they aren't required and
  # I think it's more of a learning tool if you see the step-by-step
  # procedures even with minor duplciations along the way, but I feel that
  # these functions clarify the particular steps of setting values in config
  # files.
  SetValue () {
  # EXAMPLE: SetValue VARIABLENAME '\"Quoted Value\"' /file/path
  VALUENAME="$1" NEWVALUE="$2" FILEPATH="$3"
  sed -i "s+^#\?\(${VALUENAME}\)=.*$+\1=${NEWVALUE}+" "${FILEPATH}"
  CommentOutValue () {
  VALUENAME="$1" FILEPATH="$2"
  sed -i "s/^\(${VALUENAME}.*\)$/#\1/" "${FILEPATH}"
  UncommentValue () {
  VALUENAME="$1" FILEPATH="$2"
  sed -i "s/^#\(${VALUENAME}.*\)$/\1/" "${FILEPATH}"
  # Initialize
  # Warn the user about impending doom, set up the network on eth0, mount
  # the squashfs images (Archboot does this normally, we're just filling in
  # the gaps resulting from the fact that we're doing a simple scripted
  # install). We also create a temporary pacman.conf that looks for packages
  # locally first before sourcing them from the network. It would be better
  # to do either *all* local or *all* network but we can't for two reasons.
  # 1. The Archboot installation image might have an out of date kernel
  # (currently the case) which results in problems when chrooting
  # into the install mount point to modprobe efivars. So we use the
  # package snapshot on the Archboot media to ensure our kernel is
  # the same as the one we booted with.
  # 2. Ideally we'd source all local then, but some critical items,
  # notably grub2-efi variants, aren't yet on the Archboot media.
  # Warn
  timer=9
  echo -e "\n\nMAC WARNING: This script is not designed for APPLE MAC installs and will potentially misconfigure boot to your existing OS X installation. STOP NOW IF YOU ARE ON A MAC.\n\n"
  echo -n "GENERAL WARNING: This procedure will completely format /dev/sda. Please cancel with ctrl-c to cancel within $timer seconds..."
  while [[ $timer -gt 0 ]]
  do
  sleep 1
  let timer-=1
  echo -en "$timer seconds..."
  done
  echo "STARTING"
  # Get Network
  echo -n "Waiting for network address.."
  #dhclient eth0
  dhcpcd -p eth0
  echo -n "Network address acquired."
  # Mount packages squashfs images
  umount "/packages/core-$(uname -m)"
  umount "/packages/core-any"
  rm -rf "/packages/core-$(uname -m)"
  rm -rf "/packages/core-any"
  mkdir -p "/packages/core-$(uname -m)"
  mkdir -p "/packages/core-any"
  modprobe -q loop
  modprobe -q squashfs
  mount -o ro,loop -t squashfs "/src/packages/archboot_packages_$(uname -m).squashfs" "/packages/core-$(uname -m)"
  mount -o ro,loop -t squashfs "/src/packages/archboot_packages_any.squashfs" "/packages/core-any"
  # Create temporary pacman.conf file
  cat << PACMANEOF > /tmp/pacman.conf
  [options]
  Architecture = auto
  CacheDir = ${INSTALL_TARGET}/var/cache/pacman/pkg
  CacheDir = /packages/core-$(uname -m)/pkg
  CacheDir = /packages/core-any/pkg
  [core]
  Server = ${FILE_URL}
  Server = ${FTP_URL}
  Server = ${HTTP_URL}
  [extra]
  Server = ${FILE_URL}
  Server = ${FTP_URL}
  Server = ${HTTP_URL}
  #Uncomment to enable pacman -Sy yaourt
  [archlinuxfr]
  Server = http://repo.archlinux.fr/\$arch
  PACMANEOF
  # Prepare pacman
  [[ ! -d "${INSTALL_TARGET}/var/cache/pacman/pkg" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/cache/pacman/pkg"
  [[ ! -d "${INSTALL_TARGET}/var/lib/pacman" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/lib/pacman"
  ${PACMAN} -Sy
  ${TARGET_PACMAN} -Sy
  # Install prereqs from network (not on archboot media)
  echo -e "\nInstalling prereqs...\n$HR"
  #sed -i "s/^#S/S/" /etc/pacman.d/mirrorlist # Uncomment all Server lines
  UncommentValue S /etc/pacman.d/mirrorlist # Uncomment all Server lines
  ${PACMAN} --noconfirm -Sy gptfdisk btrfs-progs-unstable libusb-compat gnupg
  # Configure Host
  # Here we create three partitions:
  # 1. efi and /boot (one partition does double duty)
  # 2. swap
  # 3. our encrypted root
  # Note that all of these are on a GUID partition table scheme. This proves
  # to be quite clean and simple since we're not doing anything with MBR
  # boot partitions and the like.
  echo -e "format\n"
  # shred -v /dev/sda
  # disk prep
  sgdisk -Z /dev/sda # zap all on disk
  #sgdisk -Z /dev/mmcb1k0 # zap all on sdcard
  sgdisk -a 2048 -o /dev/sda # new gpt disk 2048 alignment
  #sgdisk -a 2048 -o /dev/mmcb1k0
  # create partitions
  sgdisk -n 1:0:+200M /dev/sda # partition 1 (UEFI BOOT), default start block, 200MB
  sgdisk -n 2:0:+4G /dev/sda # partition 2 (SWAP), default start block, 200MB
  sgdisk -n 3:0:0 /dev/sda # partition 3, (LUKS), default start, remaining space
  #sgdisk -n 1:0:1800M /dev/mmcb1k0 # root.gpg
  # set partition types
  sgdisk -t 1:ef00 /dev/sda
  sgdisk -t 2:8200 /dev/sda
  sgdisk -t 3:8300 /dev/sda
  #sgdisk -t 1:0700 /dev/mmcb1k0
  # label partitions
  sgdisk -c 1:"UEFI Boot" /dev/sda
  sgdisk -c 2:"Swap" /dev/sda
  sgdisk -c 3:"LUKS" /dev/sda
  #sgdisk -c 1:"Key" /dev/mmcb1k0
  echo -e "create gpg file\n"
  # create gpg file
  dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > /root/root.gpg
  echo -e "format LUKS on root\n"
  # format LUKS on root
  gpg -q -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- -c aes-xts-plain -s 512 --hash sha512 luksFormat /dev/sda3
  echo -e "open LUKS on root\n"
  gpg -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- luksOpen /dev/sda3 root
  # NOTE: make sure to add dm_crypt and aes_i586 to MODULES in rc.conf
  # NOTE2: actually this isn't required since we're mounting an encrypted root and grub2/initramfs handles this before we even get to rc.conf
  # make filesystems
  # following swap related commands not used now that we're encrypting our swap partition
  #mkswap /dev/sda2
  #swapon /dev/sda2
  #mkfs.ext4 /dev/sda3 # this is where we'd create an unencrypted root partition, but we're using luks instead
  echo -e "\nCreating Filesystems...\n$HR"
  # make filesystems
  mkfs.ext4 /dev/mapper/root
  mkfs.vfat -F32 /dev/sda1
  #mkfs.vfat -F32 /dev/mmcb1k0p1
  echo -e "mount targets\n"
  # mount target
  #mount /dev/sda3 ${INSTALL_TARGET} # this is where we'd mount the unencrypted root partition
  mount /dev/mapper/root ${INSTALL_TARGET}
  # mount target
  mkdir ${INSTALL_TARGET}
  # mkdir ${INSTALL_TARGET}/key
  # mount -t vfat /dev/mmcb1k0p1 ${INSTALL_TARGET}/key
  mkdir ${INSTALL_TARGET}/boot
  mount -t vfat /dev/sda1 ${INSTALL_TARGET}/boot
  # Install base, necessary utilities
  mkdir -p ${INSTALL_TARGET}/var/lib/pacman
  ${TARGET_PACMAN} -Sy
  ${TARGET_PACMAN} -Su base
  # curl could be installed later but we want it ready for rankmirrors
  ${TARGET_PACMAN} -S curl
  ${TARGET_PACMAN} -S libusb-compat gnupg
  ${TARGET_PACMAN} -R grub
  rm -rf ${INSTALL_TARGET}/boot/grub
  ${TARGET_PACMAN} -S grub2-efi-x86_64
  # Configure new system
  SetValue HOSTNAME ${HOSTNAME} ${INSTALL_TARGET}/etc/rc.conf
  sed -i "s/^\(127\.0\.0\.1.*\)$/\1 ${HOSTNAME}/" ${INSTALL_TARGET}/etc/hosts
  SetValue CONSOLEFONT Lat2-Terminus16 ${INSTALL_TARGET}/etc/rc.conf
  #following replaced due to netcfg
  #SetValue interface eth0 ${INSTALL_TARGET}/etc/rc.conf
  # write fstab
  # You can use UUID's or whatever you want here, of course. This is just
  # the simplest approach and as long as your drives aren't changing values
  # randomly it should work fine.
  cat > ${INSTALL_TARGET}/etc/fstab <<FSTAB_EOF
  # /etc/fstab: static file system information
  # <file system> <dir> <type> <options> <dump> <pass>
  tmpfs /tmp tmpfs nodev,nosuid 0 0
  /dev/sda1 /boot vfat defaults 0 0
  /dev/mapper/cryptswap none swap defaults 0 0
  /dev/mapper/root / ext4 defaults,noatime 0 1
  FSTAB_EOF
  # write etwo
  mkdir -p /lib/initcpio/hooks/
  mkdir -p /lib/initcpio/install/
  cp /src/etwo_hooks /lib/initcpio/hooks/etwo
  cp /src/etwo_install /lib/initcpio/install/etwo
  mkdir -p ${INSTALL_TARGET}/lib/initcpio/hooks/
  mkdir -p ${INSTALL_TARGET}/lib/initcpio/install/
  cp /src/etwo_hooks ${INSTALL_TARGET}/lib/initcpio/hooks/etwo
  cp /src/etwo_install ${INSTALL_TARGET}/lib/initcpio/install/etwo
  # write crypttab
  # encrypted swap (random passphrase on boot)
  echo cryptswap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> ${INSTALL_TARGET}/etc/crypttab
  # copy configs we want to carry over to target from install environment
  mv ${INSTALL_TARGET}/etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf.orig
  cp /etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf
  mkdir -p ${INSTALL_TARGET}/tmp
  cp /tmp/pacman.conf ${INSTALL_TARGET}/tmp/pacman.conf
  # mount proc, sys, dev in install root
  mount -t proc proc ${INSTALL_TARGET}/proc
  mount -t sysfs sys ${INSTALL_TARGET}/sys
  mount -o bind /dev ${INSTALL_TARGET}/dev
  echo -e "umount boot\n"
  # we have to remount /boot from inside the chroot
  umount ${INSTALL_TARGET}/boot
  # Create install_efi script (to be run *after* chroot /install)
  touch ${INSTALL_TARGET}/install_efi
  chmod a+x ${INSTALL_TARGET}/install_efi
  cat > ${INSTALL_TARGET}/install_efi <<EFI_EOF
  # functions (these could be a library, but why overcomplicate things
  SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
  CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
  UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
  echo -e "mount boot\n"
  # remount here or grub et al gets confused
  mount -t vfat /dev/sda1 /boot
  # mkinitcpio
  # NOTE: intel_agp drm and i915 for intel graphics
  SetValue MODULES '\\"dm_mod dm_crypt aes_x86_64 ext2 ext4 vfat intel_agp drm i915\\"' /etc/mkinitcpio.conf
  SetValue HOOKS '\\"base udev pata scsi sata usb usbinput keymap consolefont etwo encrypt filesystems\\"' /etc/mkinitcpio.conf
  SetValue BINARIES '\\"/usr/bin/gpg\\"' /etc/mkinitcpio.conf
  mkinitcpio -p linux
  # kernel modules for EFI install
  modprobe efivars
  modprobe dm-mod
  # locale-gen
  UncommentValue de_AT /etc/locale.gen
  locale-gen
  # install and configure grub2
  # did this above
  #${CHROOT_PACMAN} -Sy
  #${CHROOT_PACMAN} -R grub
  #rm -rf /boot/grub
  #${CHROOT_PACMAN} -S grub2-efi-x86_64
  # you can be surprisingly sloppy with the root value you give grub2 as a kernel option and
  # even omit the cryptdevice altogether, though it will wag a finger at you for using
  # a deprecated syntax, so we're using the correct form here
  # NOTE: take out i915.modeset=1 unless you are on intel graphics
  SetValue GRUB_CMDLINE_LINUX '\\"cryptdevice=/dev/sda3:root cryptkey=/dev/sda1:vfat:/root.gpg add_efi_memmap i915.i915_enable_rc6=1 i915.i915_enable_fbc=1 i915.lvds_downclock=1 pcie_aspm=force quiet\\"' /etc/default/grub
  # set output to graphical
  SetValue GRUB_TERMINAL_OUTPUT gfxterm /etc/default/grub
  SetValue GRUB_GFXMODE 960x600x32,auto /etc/default/grub
  SetValue GRUB_GFXPAYLOAD_LINUX keep /etc/default/grub # comment out this value if text only mode
  # install the actual grub2. Note that despite our --boot-directory option we will still need to move
  # the grub directory to /boot/grub during grub-mkconfig operations until grub2 gets patched (see below)
  grub_efi_x86_64-install --bootloader-id=grub --no-floppy --recheck
  # create our EFI boot entry
  # bug in the HP bios firmware (F.08)
  efibootmgr --create --gpt --disk /dev/sda --part 1 --write-signature --label "ARCH LINUX" --loader "\\\\grub\\\\grub.efi"
  # copy font for grub2
  cp /usr/share/grub/unicode.pf2 /boot/grub
  # generate config file
  grub-mkconfig -o /boot/grub/grub.cfg
  exit
  EFI_EOF
  # Install EFI using script inside chroot
  chroot ${INSTALL_TARGET} /install_efi
  rm ${INSTALL_TARGET}/install_efi
  # Post install steps
  # anything you want to do post install. run the script automatically or
  # manually
  touch ${INSTALL_TARGET}/post_install
  chmod a+x ${INSTALL_TARGET}/post_install
  cat > ${INSTALL_TARGET}/post_install <<POST_EOF
  set -o errexit
  set -o nounset
  # functions (these could be a library, but why overcomplicate things
  SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
  CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
  UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
  # root password
  echo -e "${HR}\\nNew root user password\\n${HR}"
  passwd
  # add user
  echo -e "${HR}\\nNew non-root user password (username:${USERNAME})\\n${HR}"
  groupadd sudo
  useradd -m -g users -G audio,lp,optical,storage,video,games,power,scanner,network,sudo,wheel -s /bin/bash ${USERNAME}
  passwd ${USERNAME}
  # mirror ranking
  echo -e "${HR}\\nRanking Mirrors (this will take a while)\\n${HR}"
  cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
  mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.all
  sed -i "s/#S/S/" /etc/pacman.d/mirrorlist.all
  rankmirrors -n 5 /etc/pacman.d/mirrorlist.all > /etc/pacman.d/mirrorlist
  # temporary fix for locale.sh update conflict
  mv /etc/profile.d/locale.sh /etc/profile.d/locale.sh.preupdate || true
  # yaourt repo (add to target pacman, not tmp pacman.conf, for ongoing use)
  echo -e "\\n[archlinuxfr]\\nServer = http://repo.archlinux.fr/\\\$arch" >> /etc/pacman.conf
  echo -e "\\n[haskell]\\nServer = http://www.kiwilight.com/\\\$repo/\\\$arch" >> /etc/pacman.conf
  # additional groups and utilities
  pacman --noconfirm -Syu
  pacman --noconfirm -S base-devel
  pacman --noconfirm -S yaourt
  # sudo
  pacman --noconfirm -S sudo
  cp /etc/sudoers /tmp/sudoers.edit
  sed -i "s/#\s*\(%wheel\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
  sed -i "s/#\s*\(%sudo\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
  visudo -qcsf /tmp/sudoers.edit && cat /tmp/sudoers.edit > /etc/sudoers
  # power
  pacman --noconfirm -S acpi acpid acpitool cpufrequtils
  yaourt --noconfirm -S powertop2
  sed -i "/^DAEMONS/ s/)/ @acpid)/" /etc/rc.conf
  sed -i "/^MODULES/ s/)/ acpi-cpufreq cpufreq_ondemand cpufreq_powersave coretemp)/" /etc/rc.conf
  # following requires my acpi handler script
  echo "/etc/acpi/handler.sh boot" > /etc/rc.local
  # time
  pacman --noconfirm -S ntp
  sed -i "/^DAEMONS/ s/hwclock /!hwclock @ntpd /" /etc/rc.conf
  # wireless (wpa supplicant should already be installed)
  pacman --noconfirm -S iw wpa_supplicant rfkill
  pacman --noconfirm -S netcfg wpa_actiond ifplugd
  mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig
  echo -e "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=network\nupdate_config=1" > /etc/wpa_supplicant.conf
  # make sure to copy /etc/network.d/examples/wireless-wpa-config to /etc/network.d/home and edit
  sed -i "/^DAEMONS/ s/)/ @net-auto-wireless @net-auto-wired)/" /etc/rc.conf
  sed -i "/^DAEMONS/ s/ network / /" /etc/rc.conf
  echo -e "\nWIRELESS_INTERFACE=wlan0" >> /etc/rc.conf
  echo -e "WIRED_INTERFACE=eth0" >> /etc/rc.conf
  echo "options iwlagn led_mode=2" > /etc/modprobe.d/iwlagn.conf
  # sound
  pacman --noconfirm -S alsa-utils alsa-plugins
  sed -i "/^DAEMONS/ s/)/ @alsa)/" /etc/rc.conf
  mv /etc/asound.conf /etc/asound.conf.orig || true
  #if alsamixer isn't working, try alsamixer -Dhw and speaker-test -Dhw -c 2
  # video
  pacman --noconfirm -S base-devel mesa mesa-demos
  # x
  #pacman --noconfirm -S xorg xorg-xinit xorg-utils xorg-server-utils xdotool xorg-xlsfonts
  #yaourt --noconfirm -S xf86-input-wacom-git # NOT NEEDED? input-wacom-git
  #TODO: cut down the install size
  #pacman --noconfirm -S xorg-server xorg-xinit xorg-utils xorg-server-utils
  # TODO: wacom
  # environment/wm/etc.
  #pacman --noconfirm -S xfce4 compiz ccsm
  #pacman --noconfirm -S xcompmgr
  #yaourt --noconfirm -S physlock unclutter
  #pacman --noconfirm -S rxvt-unicode urxvt-url-select hsetroot
  #pacman --noconfirm -S gtk2 #gtk3 # for taffybar?
  #pacman --noconfirm -S ghc
  # note: try installing alex and happy from cabal instead
  #pacman --noconfirm -S haskell-platform haskell-hscolour
  #yaourt --noconfirm -S xmonad-darcs xmonad-contrib-darcs xcompmgr
  #yaourt --noconfirm -S xmobar-git
  # TODO: edit xfce to use compiz
  # TODO: xmonad, but deal with video tearing
  # TODO: xmonad-darcs fails to install from AUR. haskell dependency hell.
  # switching to cabal
  # fonts
  pacman --noconfirm -S terminus-font
  yaourt --noconfirm -S webcore-fonts
  yaourt --noconfirm -S fontforge libspiro
  yaourt --noconfirm -S freetype2-git-infinality
  # TODO: sed infinality and change to OSX or OSX2 mode
  # and create the sym link from /etc/fonts/conf.avail to conf.d
  # misc apps
  #pacman --noconfirm -S htop openssh keychain bash-completion git vim
  #pacman --noconfirm -S chromium flashplugin
  #pacman --noconfirm -S scrot mypaint bc
  #yaourt --noconfirm -S task-git stellarium googlecl
  # TODO: argyll
  POST_EOF
  # Post install in chroot
  #echo "chroot and run /post_install"
  chroot /install /post_install
  rm /install/post_install
  # copy grub.efi file to the default HP EFI boot manager path
  mkdir -p ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/
  mkdir -p ${INSTALL_TARGET}/boot/EFI/BOOT/
  cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/bootmgfw.efi
  cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/BOOT/BOOTX64.EFI
  cp /root/root.gpg ${INSTALL_TARGET}/boot/
  # NOTES/TODO

• Parallels and Arch Linux

  I am running windows xp on my laptop. Its a work laptop so i am sorta stuck with xp. It has parallels on it. Can i run Arch Linux successfully under parallels? I kow its not on the approved guest os list, but then again, the only ones they list are the "for noobs" distros. I dont see why it wouldn't work but i just thought i would check it out before going through the install and being disappointed. I wish my company would just go linux already and stop all the evil!

  Following the wise words of the good people over on this thread:
  http://bbs.archlinux.org:80/viewtopic.php?id=65114
  who think that I (and all the others who suggested using virtualbox) are complete .... lets say ... dorks, I will repost with what I hope you (the op) might consider a more helpful (and they, a more acceptable) response. So here it is, my revised response.
  I have absolutely no idea if it will work. I've never tried installing arch with parallels, But I have tried installing quite a few dozen other flavours of linux on parallels and never had a problem getting them to install. Despite the fact that there is no explicit mention of arch on the 'approved guest os list', I imagine it would work just fine like all the other linux distros that ARE explicitly mentioned.
  If you do decide to put your cd/dvd in the drive and try and install arch under parallels, then please post back here so that the next person that asks the same question can be given an explicit yes or no answer.
  @Allan (Forum Moderator from the unhappy thread) Please don't ban me for my unacceptable original response. I promise I wont ever say anything ever again.
  Last edited by tim (2009-02-11 14:01:46)

• Pygrub and arch linux

  I had install xen on arch linux and now I am attempting to install arch linux as guest. Archlinux works fine as hvm but when I try to use pygrub I get this error message.
  Traceback (most recent call last):
    File "/usr/lib/xen/bin/pygrub", line 876, in <module>
      raise RuntimeError, "Unable to find partition containing kernel"
  RuntimeError: Unable to find partition containing kernel
  I found this https://caffeine-powered.net/tech/debia … with-xvda/
  Can someone share their grub.cfg
  When I try to usy py by config kernel and ram drive location It claims that it cant find xvda1

  Following the wise words of the good people over on this thread:
  http://bbs.archlinux.org:80/viewtopic.php?id=65114
  who think that I (and all the others who suggested using virtualbox) are complete .... lets say ... dorks, I will repost with what I hope you (the op) might consider a more helpful (and they, a more acceptable) response. So here it is, my revised response.
  I have absolutely no idea if it will work. I've never tried installing arch with parallels, But I have tried installing quite a few dozen other flavours of linux on parallels and never had a problem getting them to install. Despite the fact that there is no explicit mention of arch on the 'approved guest os list', I imagine it would work just fine like all the other linux distros that ARE explicitly mentioned.
  If you do decide to put your cd/dvd in the drive and try and install arch under parallels, then please post back here so that the next person that asks the same question can be given an explicit yes or no answer.
  @Allan (Forum Moderator from the unhappy thread) Please don't ban me for my unacceptable original response. I promise I wont ever say anything ever again.
  Last edited by tim (2009-02-11 14:01:46)

• Arch Linux MailServer, Point the Way, Please

  Hi guys,
  Hope you still remember me, long time no write,
  I have been using Arch Linux as a Desktop for years, but have never played much with using it as a server. Now I have my own company and so since I work in the Technology area who better to make the servers for my company than I?
  Here is the thing, I have already an Arch Linux WebServer running, and I want to have a MailServer too running on the same machine, just because I have always wanted to, and because the SSL certification I'm trying to get requires an @mydomain.com email for it to be the approver of the SSL, thats why I need to do this. I have two options:
  This wiki entry, for Postfix or this entry of a simple mail server
  Guys, since I'm new to this, can you point the way that I should follow?
  -Thanks in advance,

  They both look pretty similar... For a 'simple' / 'traditional' mail server, you can't go wrong with Postfix and friends. I have been running an Arch-based mail server for a couple of years now (hosted @Linode) using Postfix (PostgreSQL Virtual Users) and Dovecot. SQLGrey is pretty much the only anti-spam I have on it and we get very few spam across the 30 or so domains the server handles.
  OTOH, if this is just for the SSL Certificate stuff, why not Google Apps (or similar) the domain? https://www.google.com/a/cpanel/standard/new3

• Arch Linux Newsletter December 2009?

  For those of you who didn't see my email on the Arch General mailing list, here's the situation with the Arch Linux Newsletter/Arch Linux Magazine. As many of you know, Kensai recently moved and got married and I recently moved and have been trying to find a job. My situation led to me having difficulty finding the time to dedicate to the Newsletter/Magazine that I have in the past. Combined with Kensai's absence (and as such, our inability to post anything even if we had a completed issue), this caused the lack of our great publication for the last few months. Thankfully, the situation has been rectified and we are now preparing for our next issue. Unfortunately, this solution has come at a cost. Our fearless leader has decided to step down from his position in order to dedicate more time to his new-found family and I can't say I blame him. As such, we wish Kensai the best and hope that once his life calms down him start contributing again, even if in just a small way.
  After much deliberation (alright, so maybe I'm exaggerating a little bit), the Arch Linux development team has graciously decided that they want to keep me on as editor of our official publication. As such, I am preparing for the release of our next issue! I would like to see us make a comeback to where we left off and then some. I want to see more community contributions and writers, and I want to get the Schwag report back. I want more sections and special features and I even have a few surprises in store for you all down the road a bit.
  This improvement is going to be a big project and I can't do it alone. If any of you, our loyal readers, are willing to contribute please step up and say so. Leave a message here, join me in #archlinux-magazine on freenode, or send me an email at [email protected]. You don't have to have a mass media background or immense technical knowledge, I can find a way for anyone to contribute. Help us make the new Arch Linux Newsletter/Arch Linux Magazine the best one yet!

  kensai wrote:Is so hard to say good bye, guys thanks for all the support you have given me all this time, without this wonderful community I would have never done all I did. I hope one day I will come back, when things get more stable, cause you know, when starting something new the start is a mess most of the time until things settle down.
  Don't think of it as a "good bye", but as a "See you soon".  I'll bet you'll be back once you're settled in (which may or may not happen faster than you expect).  Either way, best of luck for now and the future, and don't sweat the small things, chances are time will fix most of the small messes.
  and to ghost: Do you have a rough estimate of when we might be getting started on the newsletter and such?

• [GUIDE] How to get MapleStory working in Arch Linux

  MapleStory is a free-of-charge, 2D, side-scrolling massively multiplayer online role-playing game developed by the South Korean company Wizet. Several versions of the game are available for specific countries or regions, and each is published by various companies such as Wizet and Nexon. Although playing the game is free, character appearances and gameplay enhancements can be purchased from the "Cash Shop" using real money. MapleStory has a combined total of over 50 million subscriber accounts in all of its versions. MapleStory North America (Global), for players mainly in North America and outside of East Asia, Southeast Asia and Europe, has over three million players.
  In the game, players travel the "Maple World", defeating monsters and developing their characters' skills and abilities as is typical in role-playing games. Players can interact with others in many ways, such as through chatting, trading, and playing minigames. Groups of players can band together in parties to hunt monsters and share the rewards. Players can also join a guild to interact more easily with each other.
  I am an avid mapler myself, however, I am also an avid archer! For some time, I have wanted to get MapleStory working on Arch Linux in some way, but nothing seemed to work. As you might have guessed by now, recently, while playing around with VirtualBox, I discovered a method to get MapleStory working on it! Though in this method you won't actually have MapleStory running on Arch Linux, you'll have it running on a VirtualBox Windows virtual machine, that is still pretty good compared to other people's experiences.
  I hope there are at least a few maplers on this forum, and if there aren't, I hope that someone will port this post over to other Linux, or even MapleStory, forums. Anyways, let's begin.
  1. Download and install a version of Virtual Box that is version 3.0+. The reason for this is that, only versions 3.0+ support an experimental DirectX Driver with 3D acceleration that is required for MapleStory to run.
  2. Create a Windows Virtual Machine, add a hard disk to it, and install and update Windows on it(preferably Windows XP, as it uses less resources than other contemporary Windows installations).
  3. Once you have done all you needed and wanted on that Windows installation, restart it, boot it into safe mode by holding F8 at the boot, and wait until the desktop is fully loaded.
  4. After you are at the desktop, go to "Devices" at the top of the menu of the Windows virtual machine, and select "Install Guest Additions...". Wait until Guest Additions finishes installing, and when VirtualBox asks you if you want to mount the disk containing the Guest Additions on the virtual machine, say "Yes".
  5. Run the main executable on the disk that doesn't have amd64 or x86 following its name. Follow the instructions it gives you, and when it asks you what components to install, make sure both of the boxes it shows you are checked.
  6. After the install is completed, the virtual machine will restart. After it restarts, shut it down.
  7. Congratulations! You now have DirectX installed on your VirtualBox virtual machine! Now you need to activate the "3D Acceleration", that enables it.
  8. In the VirtualBox main window, make sure you have your machine with Windows selected. Then, click on "Machine", and then "Settings...", at the top. A new window should pop up. On the left hand side, click on the display panel, and in the new settings section, tick Enable 3D Acceleration. Click "OK", to save the settings.
  9. Start your Windows virtual machine, install MapleStory just as you would on a normal windows computer, and run MapleStory.
  Notes: This way of running MapleStory is slower than by running it normally, on a normal windows computer. Also, try to not interact with your Linux desktop while playing MapleStory, because this can cause HackShield to shut down MapleStory, due to the fact that it believes there is a hacking attempt.
  If any of you port this guide to any other place on the web, please, credit me, neovaysburd5.
  For any further questions or inquiries, this goes to all of you, please contact me at [email protected].
  Last edited by neovaysburd5 (2009-08-19 16:51:31)

  Alright, I've posted it in the wiki. I don't know if it meets the Arch Linux wiki standards, so if there is absolutely anything wrong with it, please fix it right away. Don't even ask my permission.
  http://wiki.archlinux.org/index.php/MapleStory

• [SOLVED]System Hang in Arch Linux

  I have tried distributions like ubuntu and fedora in hope for finding a stable system . So I move on to Arch Linux
  But this problem also exist on Arch. While using my Arch Linux (including ubuntu and fedora) my system hangs with a black screen with something written on the whole screen which cannot be pasted here as my system hangs and I have to push power button to restart.
  So I check my errors.log file and found these errors
  Jul  8 22:59:24 localhost kernel: [    1.680013] ata3: softreset failed (device not ready)
  Jul  8 22:59:24 localhost kernel: [    7.298612] SP5100 TCO timer: mmio address 0xfec000f0 already in use
  Jul  8 22:59:31 localhost kdm_greet[792]: Cannot load /usr/share/apps/kdm/faces/.default.face: No such file or directory
  I have a HCL K21 pdc notebook
  Note: In Ubuntu my notebook start with ata1: softreset failed error at boot time
  Most often this error occur while watching videos or listening music with VLC
  Last edited by Manuj19 (2011-07-09 10:13:24)

  ewaller wrote:It might be better to just post the output of lspci -nn  It will tell us a great deal more about the hardware related to the PCI bus, including specific chip set identifiers.
  Thanks for suggestion
  Here is output of lspci -nn
  00:00.0 Host bridge [0600]: ATI Technologies Inc Device [1002:5a31] (rev 01)
  00:01.0 PCI bridge [0604]: ATI Technologies Inc RS480 PCI Bridge [1002:5a3f]
  00:04.0 PCI bridge [0604]: ATI Technologies Inc RS480 PCI Bridge [1002:5a36]
  00:05.0 PCI bridge [0604]: ATI Technologies Inc RS480 PCI Bridge [1002:5a37]
  00:06.0 PCI bridge [0604]: ATI Technologies Inc RS480 PCI Bridge [1002:5a38]
  00:07.0 PCI bridge [0604]: ATI Technologies Inc RS480 PCI Bridge [1002:5a39]
  00:12.0 SATA controller [0106]: ATI Technologies Inc SB600 Non-Raid-5 SATA [1002:4380]
  00:13.0 USB Controller [0c03]: ATI Technologies Inc SB600 USB (OHCI0) [1002:4387]
  00:13.1 USB Controller [0c03]: ATI Technologies Inc SB600 USB (OHCI1) [1002:4388]
  00:13.2 USB Controller [0c03]: ATI Technologies Inc SB600 USB (OHCI2) [1002:4389]
  00:13.3 USB Controller [0c03]: ATI Technologies Inc SB600 USB (OHCI3) [1002:438a]
  00:13.4 USB Controller [0c03]: ATI Technologies Inc SB600 USB (OHCI4) [1002:438b]
  00:13.5 USB Controller [0c03]: ATI Technologies Inc SB600 USB Controller (EHCI) [1002:4386]
  00:14.0 SMBus [0c05]: ATI Technologies Inc SBx00 SMBus Controller [1002:4385] (rev 13)
  00:14.1 IDE interface [0101]: ATI Technologies Inc SB600 IDE [1002:438c]
  00:14.2 Audio device [0403]: ATI Technologies Inc SBx00 Azalia (Intel HDA) [1002:4383]
  00:14.3 ISA bridge [0601]: ATI Technologies Inc SB600 PCI to LPC Bridge [1002:438d]
  00:14.4 PCI bridge [0604]: ATI Technologies Inc SBx00 PCI to PCI Bridge [1002:4384]
  01:05.0 VGA compatible controller [0300]: ATI Technologies Inc RC410 [Radeon Xpress 200M] [1002:5a62]
  02:00.0 Ethernet controller [0200]: Atheros Communications Inc. AR5001 Wireless Network Adapter [168c:001c] (rev 01)
  08:01.0 CardBus bridge [0607]: Ricoh Co Ltd RL5c476 II [1180:0476] (rev b3)
  08:01.1 FireWire (IEEE 1394) [0c00]: Ricoh Co Ltd R5C552 IEEE 1394 Controller [1180:0552] (rev 08)
  08:01.2 SD Host controller [0805]: Ricoh Co Ltd R5C822 SD/SDIO/MMC/MS/MSPro Host Adapter [1180:0822] (rev 17)
  08:01.3 System peripheral [0880]: Ricoh Co Ltd R5C592 Memory Stick Bus Host Adapter [1180:0592] (rev 08)
  08:07.0 Ethernet controller [0200]: Realtek Semiconductor Co., Ltd. RTL-8139/8139C/8139C+ [10ec:8139] (rev 10)
  Last edited by Manuj19 (2011-07-09 07:20:08)

• [SOLVED] Arch Linux Duke (2007) Fails to Boot

  Folks, I have a unique and challenging problem that has exhausted my Arch Linux skills, and so I am now turning to you.
  I have a vintage Pentium Pro 200 system (that’s 200 MHz folks! – 200 MHz 686 architecture – the original 686!), two CPUs, running a dual boot between Windows NT 4.0 and Arch Linux Duke (2007). It has 512 MB of RAM and a 120 GB hard drive, partitioned up between Windows NT and Linux. I built this system new in 2007, hence the dated version of Arch.  It has run like a charm all these years, granted not getting that much use. After about a year of no use at all, I fired the system up last week to help with a little research for a blog post I was writing on networking Windows NT 4.0 and Mac OS 8.6. Windows NT 4.0 fired right up with no issue, and after I was done testing what needed to be tested I tried to boot over to Arch.
  After a year of disuse, Arch unexpectedly and stubbornly refused to boot. The boot process started up just fine, but towards the end, it declared that it could not mount the root file system on the root device and took a kernel panic and stopped. My Arch skills have gotten a bit rusty in the last few years, but I dusted them off and went to work. My guess was a file system or superblock error. Arch wouldn’t boot, but I dragged out my trusty RIPLinux 2.9 Rescue Live CD and fired it up. It came right up and ran, and I was able to mount the Arch partition and view all the files… everything seemed to be there; it just wouldn’t boot. Windows NT 4.0 AND RIPLinux both boot and run on the machine, so the hardware is fine as well.
  A little information on the disk layout. Windows NT 4.0 is in the first partition on the hard drive. The extended partition has a second Windows NT 4.0 partition (sort of a /home partition for Windows NT 4.0), followed by the main Arch partition (the one I am trying to boot), followed by a swap partition and then the largest partition, which I use to share data between Arch and Windows NT 4.0 (I have loaded an ext2/3 driver into Windows NT 4.0 and it happily accesses the Linux partitions on the box).
  RIPLinux’s e2fsck did find some issues with the Arch partition and I had it repair them all. I checked again afterwards that all the files were still there, and they were. With the partition now known to be clean, and the superblock repaired from one of the backups, all should have been well. However, Arch still wouldn’t (and still won’t) boot.
  RIPLinux has a kind of a chain loader function, so I had it attempt to start up Arch for me. However, this was flummoxed by the fact that Arch addresses all my hard drive partitions as /dev/sdax and RIPLinux addresses them as /dev/hdax. Hence, without a common language, it was hard to get the one to start the other. Still, using this function, I have been able to get a crippled version of Arch running on the machine again. No modules had been loaded, and so it couldn’t do almost anything, but there it was (and is), Arch Linux Duke, at the CLI level. From there, I can see all the files, I can move freely in and out of my user account and the root account, but I can’t make the thing actually boot properly.
  If you have read this far, you are a trooper.  Summarizing what I know, the hardware is good, the file system is clean, the superblock is good, I can mount it cleanly from a live CD and I can chain load a crippled version of Arch. Here is the boot process blow-by-blow. When I try to do a normal boot, the Windows NT 4.0 loader passes control to the Lilo boot sector I have placed on hda1 (sda1 in Duke’s parlance). Lilo takes over, present a menu and when I select Duke, takes off. Arch Linux Duke starts to boot. It gets a good long way along, all the way along to:
  :: Loading udev events                [Pass]
  :: Mount root Read-only
  :: Checking file systems
  This is where it stops.
  The next thing I see is:
  /dev/sda6
  The superblock could not be read or does not describe a correct ext2 filesystem. If the device is valid and it really contains an ext2 filesystem (and not swap or ufs or something else) then the superblock is corrupt and you might try running e2fsck with an alternate superblock:
      E2fsck –b 8193 <device>
  I then get a sort of character based splash screen that says
  **********FILE SYSTEM CHECK FAILED ****************************
  *   Please repair manually and reboot. Note that the root file system
  *   is currently mounted read-only. To remount it read-write, type:
  *   mount –n –o remount,rw /.  When you exit the maintenance
  *   shell, the system will reboot automatically
  Give root password for maintenance
  At this point, I give the root password and enter the maintenance shell as root. I typed in “mount” and the first entry I got back is
  /dev/sda6 on / type ext3 (rw)
  This is exactly the root partition that the start up complains about. It is clearly there.  I can see it, I can walk around it… it is clearly there. Why won’t it boot? Despite the message, the superblock is fine – it passes every test e2fsck can throw at it.
  At this point, I did a “e2fsck /dev/hda6 (which is how RIPLinux would have passed it into Arch” and it says it is “clean”. I suspect that the Superblock message is because Arch sees root as sda6, while RIP passed it in as hda6...
  Deciding to see what Arch would be seeing as it tried to set things up in the boot sequence, I tried the following next:
  # mknod “/dev/root2” b 3 6   
  (“3” because RIPLinux refers to my hard drive as IDE, while Arch refers to it by major number “8”, which is SCSI. By the way, it IS an IDE drive – not sure why Arch insists on using the sdx nomenclature instead of hdx)
  Then I entered “mount /dev/root2 /mnt/hda6” and “ls /mnt/hda6”
  All was well. I can make the node, I can mount it, and I can see the contents. All is clearly well, but something is clearly wrong enough that Arch can’t boot.
  I am totally out of ideas. I have tried every trick I know and am out of tricks. I would welcome any insights as to what I could try to get this venerable Arch installation back on its legs.
  By the way, the key section of the /etc/lilo.conf file (lest anyone want to know) is:
  image = /boot/vmlinuz26
     root = /dev/sda6
     label = ArchLinux-Duke
     initrd = /boot/kernel26.img
     read-only
  I am stumped. Thanks in advance for any and all pointers you may be able to offer.
  Last edited by mac57 (2014-06-02 17:42:21)

  Folks, thanks for all your helpful comments, and I wanted to report back to you that I finally overcame the issue, and ArchLinux-Duke (2007) is once again executing flawlessly on my old Pentium Pro 200 system. I won't bother reporting here all the blind allies I went down as I tried to figure out what was wrong, but in the end, literally moments before I was about to give up and overwrite my Arch installation with a new Linux variant (antiX seemed well suited for such old and low power hardware), my attention was drawn to a note I had made in my files back in 2007 about a problem with similar symptoms. In that case, I had just deleted ZenWalk Linux from the hard drive (both Arch and Zen had been on the drive), and merged several partitions to make use of the newly free space. This had changed Arch's view of the drive lettering, and what had been its /dev/sddx root device was now /dev/sdcx. Arch failed to boot, throwing off the same errors I was seeing now. I wish I had recalled that note a month or so ago! It would have saved me a lot of work and a lot of frustration.
  At any rate, as a last step, and testing the idea that maybe the drive lettering had changed for some reason, I repeatedly manually booted Arch, specifying root=/dev/sda6, then /dev/sdb6, then /dev/sdd6, and finally, /dev/sdc6. Eureka! Arch now considered itself to be on /dev/sdc6 whereas previously it had been on /dev/sda6. This got me part way there, but the boot failed at the filesystem check stage and threw me into root. I disabled the file system check in /etc/rc.sysinit and got farther. Then I cleaned up /etc/fstab to agree with the new sdc naming, and I was back on the air fully.
  So, what had happened was that Arch had changed its view of the drive it was on from sda6 to sdc6. While I could not understand why this "sudden" change had occurred, at least I had a solution, and had Arch back up and running.
  Trolling through the rest of my notes, I found the answer. In 2012, the Tekram SCSI card in the machine failed, and I ultimately replaced it with an Adaptec card. The Tekram card did not have a BIOS segment on it. The Adaptec card did. My guess is that this caused the two internal SCSI devices I have built into the system (Iomega ZIP and Jaz respectively) to be enumerated first, claiming the "sda" and "sdb". device names. That left "sdc" for the root device, and that is where Arch went next.  This is my guess anyway.
  I should have caught this issue back in 2012, at the time, but from my notes, I can see that I tested the new card thoroughly using the  Windows NT 4.0 side of the machine, but never thought to bring up Arch as well. Hence, this problem lay dormant for two years, before I attempted to fire up Arch last month and blundered right into it.
  It has not all been bad. I have learned more about the ext2 and ext3 file systems and superblocks in the intervening time than I will ever need to use. I have learned how to manually boot Linux on a machine whose BIOS is so old that it cannot address the disk cylinder that the kernel is on and I have completely refreshed the many general Linux skills that used to just flow from my finger tips. It has been a frustrating experience, but ultimately a successful and useful one.
  Just wanted to let everyone know that this is now [SOLVED]. I would mark the post as such, but I don't see any obvious way to do that. Thanks again everyone.

• [Solved]How can I create a bootable backup of my arch linux partition?

  I'm trying to get my arch linux installation to have a gui, specifically KDE. I downloaded Xorg and the nvidia proprietary driver 340.24. After installing the nvidia driver and rebooting, my screen stays black and I can't see my console. I can still login and reboot but I just can't see my screen. I've also tried booting into the arch linux fallback listed in the grub bootloader but that also had a black screen. At this point, I just reinstalled Arch Linux since I didn't really have anything on it anyway but this time I hope not to run into this problem. I will try installing a different driver but if I do run into the same problem, I want to be able to just copy over a backup of my OS and just boot off of that instead of completely reinstalling the system. Thanks in advance.
  Edit: I read up a bit on the dd command and learned that it can effectively copy an entire partition including the master boot record. Could this be the possible solution? I just wanted to post this edit here to make sure.
  Last edited by Firephyz (2014-07-19 20:06:00)

  Backing up using dd
  When you clone your entire disk the MBR will also be copied over. The wiki just states you can back up just the MBR itself if need be.
  I strongly do not recommend just reinstalling your system in the future unless it's needed, you learn nothing from it and it can drive away other users from helping you. Especially if its just and issue to do with Xorg.
  Last edited by Kartious (2014-07-18 10:20:23)

• Arch Linux Beginners Guide

  Remembering the days when I installed Arch Linux for the first time I still feel that Arch misses a guide for beginners. I started one at the Wiki. Its intention is to show how you install and configure Arch Linux until you have a fully working desktop system for multimedia and office purpose. I'm still heavily improving it. If you have any suggestions or critics feel free to drop me a note or add the content to the wiki. If you find some spelling or grammar errors do the same or fix them, I'm no native speaker

  iphitus wrote:article is too big. provide links to existing wiki pages and documentation. If things change and you dont know, your article will be broken.
  Sure...but you will have this problem with all wiki pages. If you don't have a maintainer for bigger articles, the whole idea of the wiki won't work well.
  iphitus wrote:For example, change the install documentation to the install guide. Same goes for network, link to existing pages, and if there isnt one, create one.
  I disagree with this one. I personally like the idea of having one basic guide which will led in most cases to a fully working system and does not stop right after the installation, which will leave you with a single prompt. I tried to explain the "basic things" and give links for digging deeper (I may have failed at this, but I tried and will try again).
  Therefore you are right about linking, but as you may have seen I tried to link to existing pages if they exist and give more than just a basic information. As far as I know no install guide for voodoo exists yet.
  What I really don't want to do, is to create just a meta page that only links to other pages, for three reasons:
  * It's annoying to read if you have to follow a link, get back and follow the next link...
  * Because there is no single maintainer for all the sub pages, you can only link to pages that are known stable, otherwise the beginner will be totally lost fast
  * Some of the other pages are way too technically for a beginner, they quickly start with special things for exotic purposes (mainly because experienced people don't like writing about basic things I believe)
  iphitus wrote:Some of it seems a bit overkill too, you give a newbie style how to for tiny things, but completely gloss over even a basic description of what the "daemons line" is. Newbies using this beginners guide learn bugger all, as they just copy from the beginner guide. When things go wrong, they come to the forums rather than use initiative. I guess the installation and configuration acts as a form of natural selection.
  I think we have a different opinion how a wiki works, I always thought you start with something and improve it over time, when questions or suggestions arrive.
  A wiki will get better if more than one people is involved, therefore sharing and discussing at an early point of time is reasonable.
  On the other hand you are absolutely right about the daemons line, which should be explained for a beginner (EDIT: I added a paragraph about daemons a few moments ago).
  But I think differently about the natural selection. I never felt that Arch Linux aims to be an elitist distribution and that an acceptance test is needed if you want to use it...what I have seen from the community so far, Arch seems in fact to be the opposite. I like Arch for being clean, simple and logical constructed, not for being complicated. I'm too old to get     self-confidence just from installing an operating system.
  If users use the forum to ask the same questions again and again, our beginners guide is incomplete and we should fix it.
  iphitus wrote:Things like:
  http://wiki.archlinux.org/index.php/Arc … or_newbies
  and a better FAQ, would be more useful than yet another blow by blow install tutorial that falls out of date in 6 months.
  James
  This may not be representative, but a better FAQ and Jargon for Newbies (damn, I really love this elite attitude ) wouldn't helped him:
  Someone at my blog wrote:Thanks for the guide! I tried installing Arch over Christmas and had the worst time trying to figure that out. So I of course went back to my trusty Gentoo. I always liked Gentoo because even though its an "advanced distro" they provide you with plenty of documentation. Arch on the other hand does not and that really bothered me. But now that I have a Gentoo style guide, I think I'll try it again!
  Don't get me wrong, I really appreciate your criticism because it makes me think twice about some things and will most probably lead to a better guide.

• Dual-Booting Arch Linux and Windows 7

  Hello,
  I am attempting to set up a dual-boot configuration with Windows 7 (installed first), and Arch Linux. When I went to install, I read in the documentation that the AIF doesn't support installing GRUB to a separate partition other than the MBR on the drive. I want to install GRUB separate from the Windows MBR so I can use Easy BCD to chainload the two bootloaders (i.e. installing GRUB on /dev/sda5 instead of /dev/sda). I went through the installation process and tried to install GRUB manually via the instructions given in the documentation. But when I went to boot Arch, I was greeted with the GRUB shell instead of the boot menu. What did I do wrong? And is there any easier way to install Arch this way given that I do not want to overwrite the Windows bootloader? I went ahead and wiped the Linux partitions on my drive, so I am going to do the install again once I have some suggestions.
  Thanks!

  joshuawagner147 wrote:
  hyperreal_logic wrote:
  To the original poster: 
  If you want to chainload both Windows and Arch Linux using your preferred boot manager, you'd have to create a separate 'boot' partition when installing Arch Linux.  When you are in the Arch installation, create a separate partition of about 500 MB, then create the root partition of whatever size you need, and then create swap partition if necessary.  So your HD would resemble something like this:  /dev/sda5=boot partition of 500 MB; /dev/sda6=root partition of ## MB/GB; and /dev/sda7=swap partition of (RAM * 2) GB.  Then continue with the Arch installation procedure until you get to the end where you are prompted to install a boot loader.  Choose GRUB, and install it to the 'boot' partition on /dev/sda5.  This will allow you to chainload Arch via Easy BCD.  What happens is Easy BCD will pass the message to GRUB on /dev/sda5, and GRUB will then load your Arch root system on /dev/sda6. 
  I hope this helps.  I support your choice in using Easy BCD to chainload Windows and Linux.  Software is, after all, about choice.  Furthermore, you've presented a good reason to use Easy BCD as the main boot loader, which is to save you from unnecessary tinkering with the GRUB shell or Live CDs and whatnot.  However, if you don't want to create the separate 'boot' partition, then you'll have no other choice but to use GRUB or syslinux on the MBR.
  Thanks. Yes...I followed the procedure just like you described. I figured that my problem was that I didn't create a separate /boot partition, so I reformatted the partitions I created and redid the install. However, I was not able to install GRUB in the AIF; I had to reboot into the Live CD and install GRUB to my boot partition manually. All is good now as I have a working dual-boot now. Arch Linux has been a sort of learning curve for me, but I have gained valuable knowledge and experience by using this distro.
  Yes. I didn't want to mess with GRUB or NTLDR. I know that reinstalling NTLDR is not that difficult, but I didn't want to mess with it at all. It just seemed easier to chainload GRUB to NTLDR using EasyBCD. I'm a sort of "distro-hopper" anyhow, and using this method allows me to cleanly remove any distro I install without having to mess with GRUB or reinstalling NTLDR.
  Thanks!
  Glad to hear!  Yes, Arch Linux is a wonderful distribution, and one of my favorites.  It's great for not-so-newbie beginners to learn from.  pacman is one of my favorite package managers, as there is always the latest stable software available in the Arch repos.  Glad everything worked out.  Have fun with Arch!

• [SOLVED] VirtualBox: Arch Linux host unable to reach guest over NA...

  Hello everyone,
  I recently installed VirtualBox on my Arch Linux install to tinker with GitLab on a Debian VM. I've set up a standard VM running Debian (wheezy) and made sure it's network settings were set to "NAT". However, I am unable to ping or ssh to this VM (which is running an ssh server among other things). Where this gets a bit weirder is that I'm perfectly able to ping and ssh to my host machine (running Arch).
  I installed the version of VirtualBox available on the official repos and I'm running on the default kernel too.
  I've install VirutalBox by following the infos posted on the wiki. My current user is part of the vboxusers group :
  % groups duane
  disk lp wheel uucp locate rfkill games network video audio optical floppy storage scanner power users vboxusers
  I've added the proper kernel modules to /etc/modules-load.d/virtualbox.conf so that they are loaded automatically on boot time :
  vboxdrv
  vboxnetadp
  vboxnetflt
  vboxpci
  % lsmod | grep vbox
  vboxpci 14581 0
  vboxnetflt 17612 0
  vboxnetadp 18355 0
  vboxdrv 264794 5 vboxnetadp,vboxnetflt,vboxpci
  I must also note that the net-tools package is installed.
  Now, I get the ip adress of my host :
  % ip addr
  1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default
  link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
  inet 127.0.0.1/8 scope host lo
  valid_lft forever preferred_lft forever
  inet6 ::1/128 scope host
  valid_lft forever preferred_lft forever
  2: enp9s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
  link/ether f0:4d:a2:48:5b:38 brd ff:ff:ff:ff:ff:ff
  3: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
  link/ether 5c:ac:4c:09:d3:f3 brd ff:ff:ff:ff:ff:ff
  inet 192.168.1.22/24 brd 192.168.1.255 scope global wlp4s0
  valid_lft forever preferred_lft forever
  inet6 fe80::5eac:4cff:fe09:d3f3/64 scope link
  valid_lft forever preferred_lft forever
  Then I try to ping it from my Debian guest.
  user@debian:~% ping 192.168.1.22 -c 3
  PING 192.168.1.22 (192.168.1.22) 56(84) bytes of data.
  64 bytes from 192.168.1.22: icmp_req=1 ttl=63 time=0.961 ms
  64 bytes from 192.168.1.22: icmp_req=2 ttl=63 time=0.722 ms
  64 bytes from 192.168.1.22: icmp_req=3 ttl=63 time=0.680 ms
  --- 192.168.1.22 ping statistics ---
  3 packets transmitted, 3 received, 0% packet loss, time 2001ms
  rtt min/avg/max/mdev = 0.680/0.787/0.961/0.127 ms
  Now I get the ip adress of my guest :
  eth0 Link encap:Ethernet HWaddr 08:00:27:77:0e:48
  inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
  inet6 addr: fe80::a00:27ff:fe77:e48/64 Scope:Link
  UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
  RX packets:69 errors:0 dropped:0 overruns:0 frame:0
  TX packets:93 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1000
  RX bytes:11577 (11.3 KiB) TX bytes:15395 (15.0 KiB)
  lo Link encap:Local Loopback
  inet addr:127.0.0.1 Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING MTU:16436 Metric:1
  RX packets:0 errors:0 dropped:0 overruns:0 frame:0
  TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:0
  RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
  And I try to ping my guest from my host :
  % ping 10.0.2.15 -c 3
  PING 10.0.2.15 (10.0.2.15) 56(84) bytes of data.
  --- 10.0.2.15 ping statistics ---
  3 packets transmitted, 0 received, 100% packet loss, time 2007ms
  There. I hope I didn't give too much information.
  I don't really understand what's going on there, usually that workfow works immediately in all the distributions I tried before, and on windows as well. I think I followed all the steps to make this work and yet it doesn't, and I'm not sure this problem is related to VirtualBox itself.
  Thanks in advance for any tip or comment on that.
  Last edited by Marneus68 (2014-01-24 10:19:39)

  What I do for all my VB guest VM's is to set 2 network interfaces, one the normal (default) NAT, and the other a host-only interface. That way your guests are completely hidden from the local lan which may be desirable if e.g., your host is a laptop which you move around various places. The guests can access anything outbound and you can still ssh to them from the host (and also, using ssh ProxyCommand via that host if you want to access them remotely).