MAME box using Arch Linux
Hi.
As explained in my introduction, I want to set up a MAME box for my arcade cabinet, and I think that Arch Linux will be the best way to achieve it, since I want a barebone system with the sole command line, the goal being that each time I fire up the system, it directly ends to the SDLMAME front end without having to go through such a thing as Gnome or KDE, and without having to use a physical keyboard at all, just the joystick control.
Also, I like the fact the system will autoupdate itself, especially since it will be connected to my network and that I will be using SSH for setting it up from my desktop computer and accessing it when needed.
So, I will use:
1. Arch Linux
2. SDLMAME
3. A front end, but I don't yet which one, maybe Wah!cade.
I would especially need help with the front end, to choose the right one for my needs, and also to know which components will be needed.
Also, if ever I would like to program my own, any guideline and suggestions are very welcomed. :-)
TIA!
qmc is a Qt based frontend for sdlmame, and aur has several packages for frontends.
If you want to write your own launcher, you'll also have to implement a way to select the games.
That basically suggests you have to design something, and probably need an IDE to develop it.
Best seems to choose a programming language you are familiar with.
For windowmanagers , look at https://wiki.archlinux.org/index.php/Window_Manager
Similar Messages
-
Installing/using Arch linux in Parallels on Mac OS X Lion MBP Retina
I am having a problem where I can't install or use Arch Linux as the same error always crops up at some point or another.
loading user-specifide modules [busy]
pc_ich: RCBA is disabled by hardware/BIOS, device disabled
pc_ich [some random numbers]: I/O space for GPIO uninitialized
BUG: soft lockup -- CPU#0 stuck for 22s [kworker/u:0:5]
Thanks for any ideas.I am pretty sure that Linux has some known serious issues with thre retina Macbook as well as some of the new Airs.
See this thread, it may help: https://bbs.archlinux.org/viewtopic.php?id=144255&p=1
Edit: Sorry i didn't read the "Parallels" in the title. Though I am not familiar with parallels, so I am not sure what kind of system it is actually trying to emulate. What happens if you use something else like virtualbox or some other free virtual machine software.
Last edited by WonderWoofy (2012-09-27 03:18:07) -
[SOLVED]Is there anybody using arch linux in coLinux?
Hei,guys!
I'm using arch linux in coLinux.I got the image file from sf and I successfully booted it on my machine,em,everything seemed to be OK.But when I tried to do this:
pacman -Syu
I got this message :
checking package integrity...
error: error while reading package /var/cache/pacman/pkg/gdbm-1.8.3-7-i686.pkg.tar.xz: Unrecognized archive format: Invalid or incomplete multibyte or wide character
error: failed to commit transaction (libarchive error)
Errors occurred, no packages were upgraded.
I think the pacman(maybe just libarchive) is too old to recognize the .pkg.tar.xz files. So dose someone have an idea to work out it?
Last edited by Cristie (2011-05-28 16:03:35)@twilight0:yeah,I acknowledge that,but it didn't work at all. I guess you didn't understand my problem. You know, the pacman coudn't upgrade (in fact I was unable to install any packages) just because the libarchive package was out of date (it meant that I could do nothing with the .tar.xz files downloaded from the mirrors).So I solved the problem by doing like this(Stupid it is, but it really works):
1.Download libarchive from any of the mirrors around the world.
2.Find a way to access to the files you just downloaded.
3.Replace the original libarchive files.
4.Mofify the local db.It is OK to do this:go to /var/lib/pacman/local,rename the libarchive-VERSION to current version.
Then I found that depences need openssl >= 1.0.0, so try the same proccess with it.
So,now everything is running very well.
Last edited by Cristie (2011-05-28 16:20:03) -
Trying to use Arch Linux with a T-Mobile HSPDA E1750 USB dongle
Hello all,
I have just installed Arch Linux on my desktop and need a way to either connect it to my LAN which is sharing the dongle connection from my laptop running ubuntu 10.04 via, ICS, DHCP3 and FIrestarter, Or simply plug in the dongle to my Arch Desktop. I have been researching commands to connect to networks with all day and have had no luck. My internet connection is being shared over ethernet through a DSL-2640R router.
I need this connection so i can install the GUI and make it fully functional. So if anyone has any ideas, guides or sites that may help me with this problem then please share.
Thank you,
SlashWannabe94Hello, I bought a Huawei E1750, too. Today I got it working.
The most important things I got from here.
However, my stick differs a bit from yours as it has product ID 1436.
There was no need for an udev-rule, I wouldn't even know where to put it in etc (there is no udev/rules.d folder in arch?).
You need "usb_modeswitch" and the "option" module. At first I wrote an usb_modeswitch configuration, but it seems not necessary as commenting it out had no influence. The option module is loaded for me if i plug the stick in, no need to care about it further. So, except for installing usb_modeswitch everything works out of the box.
If dmesg tells you something like:
[33750.443606] cdc_ether 2-1.5:1.1: wwan0: register 'cdc_ether' at usb-0000:00:1d.0-1.5, Mobile Broadband Network Device, 02:50:f3:00:00:00
[33750.443756] usbcore: registered new interface driver cdc_ether
[33750.455202] USB Serial support registered for GSM modem (1-port)
[33750.455286] option 2-1.5:1.0: GSM modem (1-port) converter detected
[33750.455665] usb 2-1.5: GSM modem (1-port) converter now attached to ttyUSB0
[33750.455692] option 2-1.5:1.3: GSM modem (1-port) converter detected
[33750.455823] usb 2-1.5: GSM modem (1-port) converter now attached to ttyUSB1
[33750.455839] option 2-1.5:1.4: GSM modem (1-port) converter detected
[33750.455967] usb 2-1.5: GSM modem (1-port) converter now attached to ttyUSB2
that should be the case for you, too. This means modeswitch did its job and you are ready to connect.
Now you have to tell your pin to the stick and connect. I'm doing this using "wvdial" and "pppd".
You'll need the "ppp_generic" module to proceed.
My /etc/wvdial.conf looks like this:
[Dialer Defaults]
Modem = /dev/ttyUSB0
Baud = 460800
[Dialer pin]
Init1 = AT+CPIN=1234
[Dialer provider]
Phone = *99#
Username = fonic
Password = fonic
Stupid Mode = 1
Dial Command = ATDT
Init2 = ATZ
Init3 = ATQ0 V1 E1 S0=0 &C1 &D2 +FCLASS=0
Init4 = AT+CGDCONT=1,"IP","pinternet.interkom.de"
Adopting the pin and the connection address should do. Then you can start your internet by typing:
wvdial pin
wvdial provider
I have to admit wvdial did not work at first(the device refused the AT commands). From frustration I started windows to see if it works there, it did, and the next day this whole configuration simply worked.
Success!
Last edited by stuffel (2011-07-20 22:36:12) -
First alternative skin for the Neuf Box 4 : Arch Linux skin !
Since the last firmware version of the Neuf Box 4, it is now possible to customize its web interface with skins.
As I've not seen any skin yet, I decided to make my own, base on the design of archlinux.org.
The result is here : Arch Linux skin for the NB4
with details on how to use it.
Tell me what you thinkWould you be willing to post a larger image? That one is so tiny that it is hard to see. It seems like a great project, and from what I can see, it looks good.
When I first read the description, "integrated access device" sounded like some corporate/marketing drivel. But, it seems like a great device: "DSL modem that supports ADSL, ADSL2+, and fiber connections. It also integrates a a WiFi access point and three-port Ethernet switch, an RJ-11 phone jack with analog-to-IP phone network adapter, a print server for USB printers (two host ports are provided), a USB device port for USB networking with a PC, and a special Ethernet port for connection to an available TV decoder box."
Wow. -
Why not use Arch Linux only?
Named as an Arch Linux "Linux Addict" (according to my upgraded user profile ), for some times I have asked myself why use other distros than AL, especially RedHat, SuSE and Mandrake. What do they provide what AL doesn't?
One of the roles of RedHat became clear reading Linux Today, though it may not be for the common users but have to admit its impressive (there are three major advances in the new RHEL3 product line....):
http://linuxtoday.com/it_management/2003102200926NWRHSW
PS.
Does it sound like I am addicted??... it feels natural :idea:maturity? stable? can't trust?
let me tell you something i learned by experience ...
i runed SuSE for long time (from 5.2 to 8.1) and what i know they do wrong is: if you have e.g. 6.0 (the most stable SuSE i know) then you can update your packages over internet, but after some time you will be "forced" to buy the next release that is totally differently constructed (7.1, because it uses YaST2 instead of the YaST and other stupid inovations that you cannot easily update from internet) ... and after a while again you have to upgrade by buying the next one ...
sure, you install it in about an hour and everything works, but hey, each package costs some money and this install is each time from quite 0 (because the integrated update often does not work) :-(
trusting?
i trust only in systems i configure myself ... and since SuSE 7.2 i lost the overview in where you can configure what and why ... and you are not sure that YaST2 will change your changed settings to default
archlinux is fully configureable and does not have a tool that changes files behind your back (well, there is one case: when you update init-scripts with packman without setting in pacman.conf to exclude some files you changed ... but also then you can restore the settings by mv'ing the original files to their right name-links :-)
why using also other distros?
well since arch 0.5 i removed all other linuces from my machine (to save space) and now have only arch and winXP ... xp is used only for watching tv (because hauppauge usb "usbvision" module cannot be compiled with a 2.4.x or 2.6.0tx kernel (but 2.5.x) and because of ebanking software that will not install on archlinux but easily on SuSE and WinXP (need the original sun's java vm, but have no time to construct a PKGBUILD for sun's jdk 1.4)
... and the needed other software i built packages of and installed on my local repository (and also copied in incoming) ... now i'm quite happy with archlinux as an OS (and i hope with a more advanced 2.6.x TV will come too, and java i will find one day time to build for ebanking)
-> "use an OS that works, use archlinux"
ps
and about "linux addict":
no, i dont think i'm addict, but i use this forum as a normal member (to help others switching to an os that works, to help people with problems i had myself often some time ago, to ask if i find something interessting or funny about something in arch, to inform that i built packages and put them in incoming :-) ... i would be much happier to have "regular user" instead of "linux addict", but that's something i cannot change -
Use Arch Linux Disc Just For GRUB?
I already installed Arch linux, and have it up and running just fine. I have a second hard drive that has no partitions or uses as of yet. Would it be possible for me to install Windows on /sdb, install GRUB with the Arch disk to /sda, uncomment out the WIndows entry in the GRUB .conf file, and get a working dualboot?
Let's clarify exactly what you want to do.
My understanding at this point is that sda is the main boot disk and that you currently have GRUB and Arch installed on it. You want to install Windows on sdb and you think that you have to overwrite GRUB on sda during the boot process to get Windows to boot properly. You therefore want to know how you can restore GRUB on sda after a successful installation of Windows on sdb.
If that's not the case, please clarify further.
If that is the case, then I don't think you need to do it that way. Set sdb to the main boot disk and then install Windows and the Windows boot loader normally on sdb. Once that's done, reset the main boot disk to sda and then edit GRUB to chainload sdb. This way you do not need to faff about with the Windows boot loader later if you decide to boot directly into Windows at a later date. The Windows installation remains independent on its own disk which is the easiest way to dualboot imo.
As for your question about installing GRUB from the liveCD, I think your actual question is whether you can overwrite the MBR of sda with GRUB from the liveCD (which is not the same as "installing" GRUB). I think you can by jumping to that step in the setup, but I am not sure and I suggest that you wait for confirmation from someone else who is.
Last edited by Xyne (2009-08-21 23:19:11) -
[SOLVED] Use Arch Linux as internet forwarding for wdr router
Hi
I'm trying to flash my wdr3600 with openwrt. Now, the problem is that I want to use my desktop to share my internet to this router.
But, when I'm trying to ping google on this device, I get an 'unknown host' error. I've already set up my default gw correctly. What am I missing?
Last edited by TheChosenOne (2014-07-14 12:20:20)Sorry, I cannot ping 8.8.8.8
My route -n is
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.1.10 0.0.0.0 UG 0 0 0 eth0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
With 192.168.1.10 the ip of my desktop that forwards.
Last edited by TheChosenOne (2014-07-10 07:43:05) -
System encryption using LUKS and GPG encrypted keys for arch linux
Update: As of 2012-03-28, arch changed from gnupg 1.4 to 2.x which uses pinentry for the password dialog. The "etwo" hook described here doesn't work with gnupg 2. Either use the openssl hook below or use a statically compiled version of gnupg 1.4.
Update: As of 2012-12-19, the mkinitcpio is not called during boot, unless the "install" file for the hook contains "add_runscript". This resulted in an unbootable system for me. Also, the method name was changed from install () to build ().
Update: 2013-01-13: Updated the hook files using the corrections by Deth.
Note: This guide is a bit dated now, in particular the arch installation might be different now. But essentially, the approach stays the same. Please also take a look at the posts further down, specifically the alternative hooks that use openssl.
I always wanted to set up a fully encrypted arch linux server that uses gpg encrypted keyfiles on an external usb stick and luks for root filesystem encryption. I already did it once in gentoo using this guide. For arch, I had to play alot with initcpio hooks and after one day of experimentation, I finally got it working. I wrote a little guide for myself which I'm going to share here for anyone that might be interested. There might be better or easier ways, like I said this is just how I did it. I hope it might help someone else. Constructive feedback is always welcome
Intro
Using arch linux mkinitcpio's encrypt hook, one can easily use encrypted root partitions with LUKS. It's also possible to use key files stored on an external drive, like an usb stick. However, if someone steals your usb stick, he can just copy the key and potentially access the system. I wanted to have a little extra security by additionally encrypting the key file with gpg using a symmetric cipher and a passphrase.
Since the encrypt hook doesn't support this scenario, I created a modifed hook called “etwo” (silly name I know, it was the first thing that came to my mind). It will simply look if the key file has the extension .gpg and, if yes, use gpg to decrypt it, then pipe the result into cryptsetup.
Conventions
In this short guide, I use the following disk/partition names:
/dev/sda: is the hard disk that will contain an encrypted swap (/dev/sda1), /var (/dev/sda2) and root (/dev/sda3) partition.
/dev/sdb is the usb stick that will contain the gpg encrypted luks keys, the kernel and grub. It will have one partition /dev/sdb1 formatted with ext2.
/dev/mapper/root, /dev/mapper/swap and /dev/mapper/var will be the encrypted devices.
Credits
Thanks to the authors of SECURITY_System_Encryption_DM-Crypt_with_LUKS (gentoo wiki), System Encryption with LUKS (arch wiki), mkinitcpio (arch wiki) and Early Userspace in Arch Linux (/dev/brain0 blog)!
Guide
1. Boot the arch live cd
I had to use a newer testing version, because the 2010.05 cd came with a broken gpg. You can download one here: http://releng.archlinux.org/isos/. I chose the “core“ version. Go ahead and boot the live cd, but don't start the setup yet.
2. Set keymap
Use km to set your keymap. This is important for non-qwerty keyboards to avoid suprises with passphrases...
3. Wipe your discs
ATTENTION: this will DELETE everything on /dev/sda and /dev/sdb forever! Do not blame me for any lost data!
Before encrypting the hard disc, it has to be completely wiped and overwritten with random data. I used shred for this. Others use badblocks or dd with /dev/urandom. Either way, this will take a long time, depending on the size of your disc. I also wiped my usb stick just to be sure.
shred -v /dev/sda
shred -v /dev/sdb
4. Partitioning
Fire up fdisk and create the following partitions:
/dev/sda1, type linux swap.
/dev/sda2: type linux
/dev/sda3: type linux
/dev/sdb1, type linux
Of course you can choose a different layout, this is just how I did it. Keep in mind that only the root filesystem will be decrypted by the initcpio. The rest will be decypted during normal init boot using /etc/crypttab, the keys being somewhere on the root filesystem.
5. Format and mount the usb stick
Create an ext2 filesystem on /dev/sdb1:
mkfs.ext2 /dev/sdb1
mkdir /root/usb
mount /dev/sdb1 /root/usb
cd /root/usb # this will be our working directory for now.
Do not mount anything to /mnt, because the arch installer will use that directory later to mount the encrypted root filesystem.
6. Configure the network (if not already done automatically)
ifconfig eth0 192.168.0.2 netmask 255.255.255.0
route add default gw 192.168.0.1
echo "nameserver 192.168.0.1" >> /etc/resolv.conf
(this is just an example, your mileage may vary)
7. Install gnupg
pacman -Sy
pacman -S gnupg
Verify that gnupg works by launching gpg.
8. Create the keys
Just to be sure, make sure swap is off:
cat /proc/swaps
should return no entries.
Create gpg encrypted keys (remember, we're still in our working dir /root/usb):
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > root.gpg
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > var.gpg
Choose a strong password!!
Don't do this in two steps, e.g don't do dd to a file and then gpg on that file. The key should never be stored in plain text on an unencrypted device, except if that device is wiped on system restart (ramfs)!
Note that the default cipher for gpg is cast5, I just chose to use a different one.
9. Create the encrypted devices with cryptsetup
Create encrypted swap:
cryptsetup -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -d /dev/urandom create swap /dev/sda1
You should see /dev/mapper/swap now. Don't format nor turn it on for now. This will be done by the arch installer.
Important: From the Cryptsetup 1.1.2 Release notes:
Cryptsetup can accept passphrase on stdin (standard input). Handling of new line (\n) character is defined by input specification:
if keyfile is specified as "-" (using --key-file=- or by positional argument in luksFormat and luksAddKey, like cat file | cryptsetup --key-file=- <action> ), input is processed
as normal binary file and no new line is interpreted.
if there is no key file specification (with default input from stdin pipe like echo passphrase | cryptsetup <action> ) input is processed as input from terminal, reading will
stop after new line is detected.
If I understand this correctly, since the randomly generated key can contain a newline early on, piping the key into cryptsetup without specifying --key-file=- could result in a big part of the key to be ignored by cryptsetup. Example: if the random key was "foo\nandsomemorebaratheendofthekey", piping it directly into cryptsetup without --key-file=- would result in cryptsetup using only "foo" as key which would have big security implications. We should therefor ALWAYS pipe the key into cryptsetup using --key-file=- which ignores newlines.
gpg -q -d root.gpg 2>/dev/null | cryptsetup -v -–key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool luksFormat /dev/sda3
gpg -q -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- -c aes-cbc-essiv:sha256 -s 256 -h whirlpool -v luksFormat /dev/sda2
Check for any errors.
10. Open the luks devices
gpg -d root.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda3 root
gpg -d var.gpg 2>/dev/null | cryptsetup -v –-key-file=- luksOpen /dev/sda2 var
If you see /dev/mapper/root and /dev/mapper/var now, everything is ok.
11. Start the installer /arch/setup
Follow steps 1 to 3.
At step 4 (Prepare hard drive(s), select “3 – Manually Configure block devices, filesystems and mountpoints. Choose /dev/sdb1 (the usb stick) as /boot, /dev/mapper/swap for swap, /dev/mapper/root for / and /dev/mapper/var for /var.
Format all drives (choose “yes” when asked “do you want to have this filesystem (re)created”) EXCEPT for /dev/sdb1, choose “no”. Choose the correct filesystem for /dev/sdb1, ext2 in my case. Use swap for /dev/mapper/swap. For the rest, I chose ext4.
Select DONE to start formatting.
At step 5 (Select packages), select grub as boot loader. Select the base group. Add mkinitcpio.
Start step 6 (Install packages).
Go to step 7 (Configure System).
By sure to set the correct KEYMAP, LOCALE and TIMEZONE in /etc/rc.conf.
Edit /etc/fstab:
/dev/mapper/root / ext4 defaults 0 1
/dev/mapper/swap swap swap defaults 0 0
/dev/mapper/var /var ext4 defaults 0 1
# /dev/sdb1 /boot ext2 defaults 0 1
Configure the rest normally. When you're done, setup will launch mkinitcpio. We'll manually launch this again later.
Go to step 8 (install boot loader).
Be sure to change the kernel line in menu.lst:
kernel /vmlinuz26 root=/dev/mapper/root cryptdevice=/dev/sda3:root cryptkey=/dev/sdb1:ext2:/root.gpg
Don't forget the :root suffix in cryptdevice!
Also, my root line was set to (hd1,0). Had to change that to
root (hd0,0)
Install grub to /dev/sdb (the usb stick).
Now, we can exit the installer.
12. Install mkinitcpio with the etwo hook.
Create /mnt/lib/initcpio/hooks/etwo:
#!/usr/bin/ash
run_hook() {
/sbin/modprobe -a -q dm-crypt >/dev/null 2>&1
if [ -e "/sys/class/misc/device-mapper" ]; then
if [ ! -e "/dev/mapper/control" ]; then
/bin/mknod "/dev/mapper/control" c $(cat /sys/class/misc/device-mapper/dev | sed 's|:| |')
fi
[ "${quiet}" = "y" ] && CSQUIET=">/dev/null"
# Get keyfile if specified
ckeyfile="/crypto_keyfile"
usegpg="n"
if [ "x${cryptkey}" != "x" ]; then
ckdev="$(echo "${cryptkey}" | cut -d: -f1)"
ckarg1="$(echo "${cryptkey}" | cut -d: -f2)"
ckarg2="$(echo "${cryptkey}" | cut -d: -f3)"
if poll_device "${ckdev}" ${rootdelay}; then
case ${ckarg1} in
*[!0-9]*)
# Use a file on the device
# ckarg1 is not numeric: ckarg1=filesystem, ckarg2=path
if [ "${ckarg2#*.}" = "gpg" ]; then
ckeyfile="${ckeyfile}.gpg"
usegpg="y"
fi
mkdir /ckey
mount -r -t ${ckarg1} ${ckdev} /ckey
dd if=/ckey/${ckarg2} of=${ckeyfile} >/dev/null 2>&1
umount /ckey
# Read raw data from the block device
# ckarg1 is numeric: ckarg1=offset, ckarg2=length
dd if=${ckdev} of=${ckeyfile} bs=1 skip=${ckarg1} count=${ckarg2} >/dev/null 2>&1
esac
fi
[ ! -f ${ckeyfile} ] && echo "Keyfile could not be opened. Reverting to passphrase."
fi
if [ -n "${cryptdevice}" ]; then
DEPRECATED_CRYPT=0
cryptdev="$(echo "${cryptdevice}" | cut -d: -f1)"
cryptname="$(echo "${cryptdevice}" | cut -d: -f2)"
else
DEPRECATED_CRYPT=1
cryptdev="${root}"
cryptname="root"
fi
warn_deprecated() {
echo "The syntax 'root=${root}' where '${root}' is an encrypted volume is deprecated"
echo "Use 'cryptdevice=${root}:root root=/dev/mapper/root' instead."
if poll_device "${cryptdev}" ${rootdelay}; then
if /sbin/cryptsetup isLuks ${cryptdev} >/dev/null 2>&1; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
dopassphrase=1
# If keyfile exists, try to use that
if [ -f ${ckeyfile} ]; then
if [ "${usegpg}" = "y" ]; then
# gpg tty fixup
if [ -e /dev/tty ]; then mv /dev/tty /dev/tty.backup; fi
cp -a /dev/console /dev/tty
while [ ! -e /dev/mapper/${cryptname} ];
do
sleep 2
/usr/bin/gpg -d "${ckeyfile}" 2>/dev/null | cryptsetup --key-file=- luksOpen ${cryptdev} ${cryptname} ${CSQUIET}
dopassphrase=0
done
rm /dev/tty
if [ -e /dev/tty.backup ]; then mv /dev/tty.backup /dev/tty; fi
else
if eval /sbin/cryptsetup --key-file ${ckeyfile} luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; then
dopassphrase=0
else
echo "Invalid keyfile. Reverting to passphrase."
fi
fi
fi
# Ask for a passphrase
if [ ${dopassphrase} -gt 0 ]; then
echo ""
echo "A password is required to access the ${cryptname} volume:"
#loop until we get a real password
while ! eval /sbin/cryptsetup luksOpen ${cryptdev} ${cryptname} ${CSQUIET}; do
sleep 2;
done
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
elif [ -n "${crypto}" ]; then
[ ${DEPRECATED_CRYPT} -eq 1 ] && warn_deprecated
msg "Non-LUKS encrypted device found..."
if [ $# -ne 5 ]; then
err "Verify parameter format: crypto=hash:cipher:keysize:offset:skip"
err "Non-LUKS decryption not attempted..."
return 1
fi
exe="/sbin/cryptsetup create ${cryptname} ${cryptdev}"
tmp=$(echo "${crypto}" | cut -d: -f1)
[ -n "${tmp}" ] && exe="${exe} --hash \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f2)
[ -n "${tmp}" ] && exe="${exe} --cipher \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f3)
[ -n "${tmp}" ] && exe="${exe} --key-size \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f4)
[ -n "${tmp}" ] && exe="${exe} --offset \"${tmp}\""
tmp=$(echo "${crypto}" | cut -d: -f5)
[ -n "${tmp}" ] && exe="${exe} --skip \"${tmp}\""
if [ -f ${ckeyfile} ]; then
exe="${exe} --key-file ${ckeyfile}"
else
exe="${exe} --verify-passphrase"
echo ""
echo "A password is required to access the ${cryptname} volume:"
fi
eval "${exe} ${CSQUIET}"
if [ $? -ne 0 ]; then
err "Non-LUKS device decryption failed. verify format: "
err " crypto=hash:cipher:keysize:offset:skip"
exit 1
fi
if [ -e "/dev/mapper/${cryptname}" ]; then
if [ ${DEPRECATED_CRYPT} -eq 1 ]; then
export root="/dev/mapper/root"
fi
else
err "Password succeeded, but ${cryptname} creation failed, aborting..."
exit 1
fi
else
err "Failed to open encryption mapping: The device ${cryptdev} is not a LUKS volume and the crypto= paramater was not specified."
fi
fi
rm -f ${ckeyfile}
fi
Create /mnt/lib/initcpio/install/etwo:
#!/bin/bash
build() {
local mod
add_module dm-crypt
if [[ $CRYPTO_MODULES ]]; then
for mod in $CRYPTO_MODULES; do
add_module "$mod"
done
else
add_all_modules '/crypto/'
fi
add_dir "/dev/mapper"
add_binary "cryptsetup"
add_binary "dmsetup"
add_binary "/usr/bin/gpg"
add_file "/usr/lib/udev/rules.d/10-dm.rules"
add_file "/usr/lib/udev/rules.d/13-dm-disk.rules"
add_file "/usr/lib/udev/rules.d/95-dm-notify.rules"
add_file "/usr/lib/initcpio/udev/11-dm-initramfs.rules" "/usr/lib/udev/rules.d/11-dm-initramfs.rules"
add_runscript
help ()
cat<<HELPEOF
This hook allows for an encrypted root device with support for gpg encrypted key files.
To use gpg, the key file must have the extension .gpg and you have to install gpg and add /usr/bin/gpg
to your BINARIES var in /etc/mkinitcpio.conf.
HELPEOF
Edit /mnt/etc/mkinitcpio.conf (only relevant sections displayed):
MODULES=”ext2 ext4” # not sure if this is really nessecary.
BINARIES=”/usr/bin/gpg” # this could probably be done in install/etwo...
HOOKS=”base udev usbinput keymap autodetect pata scsi sata usb etwo filesystems” # (usbinput is only needed if you have an usb keyboard)
Copy the initcpio stuff over to the live cd:
cp /mnt/lib/initcpio/hooks/etwo /lib/initcpio/hooks/
cp /mnt/lib/initcpio/install/etwo /lib/initcpio/install/
cp /mnt/etc/mkinitcpio.conf /etc/
Verify your LOCALE, KEYMAP and TIMEZONE in /etc/rc.conf!
Now reinstall the initcpio:
mkinitcpio -g /mnt/boot/kernel26.img
Make sure there were no errors and that all hooks were included.
13. Decrypt the "var" key to the encrypted root
mkdir /mnt/keys
chmod 500 /mnt/keys
gpg –output /mnt/keys/var -d /mnt/boot/var.gpg
chmod 400 /mnt/keys/var
14. Setup crypttab
Edit /mnt/etc/crypttab:
swap /dev/sda1 SWAP -c aes-cbc-essiv:sha256 -s 256 -h whirlpool
var /dev/sda2 /keys/var
15. Reboot
We're done, you may reboot. Make sure you select the usb stick as the boot device in your bios and hope for the best. . If it didn't work, play with grub's settings or boot from the live cd, mount your encrypted devices and check all settings. You might also have less trouble by using uuid's instead of device names. I chose device names to keep things as simple as possible, even though it's not the optimal way to do it.
Make backups of your data and your usb stick and do not forget your password(s)! Or you can say goodbye to your data forever...
Last edited by fabriceb (2013-01-15 22:36:23)I'm trying to run my install script that is based on https://bbs.archlinux.org/viewtopic.php?id=129885
Decrypting the gpg key after grub works, but then "Devce root already exists." appears every second.
any idea ?
#!/bin/bash
# This script is designed to be run in conjunction with a UEFI boot using Archboot intall media.
# prereqs:
# EFI "BIOS" set to boot *only* from EFI
# successful EFI boot of Archboot USB
# mount /dev/sdb1 /src
set -o nounset
#set -o errexit
# Host specific configuration
# this whole script needs to be customized, particularly disk partitions
# and configuration, but this section contains global variables that
# are used during the system configuration phase for convenience
HOSTNAME=daniel
USERNAME=user
# Globals
# We don't need to set these here but they are used repeatedly throughout
# so it makes sense to reuse them and allow an easy, one-time change if we
# need to alter values such as the install target mount point.
INSTALL_TARGET="/install"
HR="--------------------------------------------------------------------------------"
PACMAN="pacman --noconfirm --config /tmp/pacman.conf"
TARGET_PACMAN="pacman --noconfirm --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
CHROOT_PACMAN="pacman --noconfirm --cachedir /var/cache/pacman/pkg --config /tmp/pacman.conf -r ${INSTALL_TARGET}"
FILE_URL="file:///packages/core-$(uname -m)/pkg"
FTP_URL='ftp://mirrors.kernel.org/archlinux/$repo/os/$arch'
HTTP_URL='http://mirrors.kernel.org/archlinux/$repo/os/$arch'
# Functions
# I've avoided using functions in this script as they aren't required and
# I think it's more of a learning tool if you see the step-by-step
# procedures even with minor duplciations along the way, but I feel that
# these functions clarify the particular steps of setting values in config
# files.
SetValue () {
# EXAMPLE: SetValue VARIABLENAME '\"Quoted Value\"' /file/path
VALUENAME="$1" NEWVALUE="$2" FILEPATH="$3"
sed -i "s+^#\?\(${VALUENAME}\)=.*$+\1=${NEWVALUE}+" "${FILEPATH}"
CommentOutValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^\(${VALUENAME}.*\)$/#\1/" "${FILEPATH}"
UncommentValue () {
VALUENAME="$1" FILEPATH="$2"
sed -i "s/^#\(${VALUENAME}.*\)$/\1/" "${FILEPATH}"
# Initialize
# Warn the user about impending doom, set up the network on eth0, mount
# the squashfs images (Archboot does this normally, we're just filling in
# the gaps resulting from the fact that we're doing a simple scripted
# install). We also create a temporary pacman.conf that looks for packages
# locally first before sourcing them from the network. It would be better
# to do either *all* local or *all* network but we can't for two reasons.
# 1. The Archboot installation image might have an out of date kernel
# (currently the case) which results in problems when chrooting
# into the install mount point to modprobe efivars. So we use the
# package snapshot on the Archboot media to ensure our kernel is
# the same as the one we booted with.
# 2. Ideally we'd source all local then, but some critical items,
# notably grub2-efi variants, aren't yet on the Archboot media.
# Warn
timer=9
echo -e "\n\nMAC WARNING: This script is not designed for APPLE MAC installs and will potentially misconfigure boot to your existing OS X installation. STOP NOW IF YOU ARE ON A MAC.\n\n"
echo -n "GENERAL WARNING: This procedure will completely format /dev/sda. Please cancel with ctrl-c to cancel within $timer seconds..."
while [[ $timer -gt 0 ]]
do
sleep 1
let timer-=1
echo -en "$timer seconds..."
done
echo "STARTING"
# Get Network
echo -n "Waiting for network address.."
#dhclient eth0
dhcpcd -p eth0
echo -n "Network address acquired."
# Mount packages squashfs images
umount "/packages/core-$(uname -m)"
umount "/packages/core-any"
rm -rf "/packages/core-$(uname -m)"
rm -rf "/packages/core-any"
mkdir -p "/packages/core-$(uname -m)"
mkdir -p "/packages/core-any"
modprobe -q loop
modprobe -q squashfs
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_$(uname -m).squashfs" "/packages/core-$(uname -m)"
mount -o ro,loop -t squashfs "/src/packages/archboot_packages_any.squashfs" "/packages/core-any"
# Create temporary pacman.conf file
cat << PACMANEOF > /tmp/pacman.conf
[options]
Architecture = auto
CacheDir = ${INSTALL_TARGET}/var/cache/pacman/pkg
CacheDir = /packages/core-$(uname -m)/pkg
CacheDir = /packages/core-any/pkg
[core]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
[extra]
Server = ${FILE_URL}
Server = ${FTP_URL}
Server = ${HTTP_URL}
#Uncomment to enable pacman -Sy yaourt
[archlinuxfr]
Server = http://repo.archlinux.fr/\$arch
PACMANEOF
# Prepare pacman
[[ ! -d "${INSTALL_TARGET}/var/cache/pacman/pkg" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/cache/pacman/pkg"
[[ ! -d "${INSTALL_TARGET}/var/lib/pacman" ]] && mkdir -m 755 -p "${INSTALL_TARGET}/var/lib/pacman"
${PACMAN} -Sy
${TARGET_PACMAN} -Sy
# Install prereqs from network (not on archboot media)
echo -e "\nInstalling prereqs...\n$HR"
#sed -i "s/^#S/S/" /etc/pacman.d/mirrorlist # Uncomment all Server lines
UncommentValue S /etc/pacman.d/mirrorlist # Uncomment all Server lines
${PACMAN} --noconfirm -Sy gptfdisk btrfs-progs-unstable libusb-compat gnupg
# Configure Host
# Here we create three partitions:
# 1. efi and /boot (one partition does double duty)
# 2. swap
# 3. our encrypted root
# Note that all of these are on a GUID partition table scheme. This proves
# to be quite clean and simple since we're not doing anything with MBR
# boot partitions and the like.
echo -e "format\n"
# shred -v /dev/sda
# disk prep
sgdisk -Z /dev/sda # zap all on disk
#sgdisk -Z /dev/mmcb1k0 # zap all on sdcard
sgdisk -a 2048 -o /dev/sda # new gpt disk 2048 alignment
#sgdisk -a 2048 -o /dev/mmcb1k0
# create partitions
sgdisk -n 1:0:+200M /dev/sda # partition 1 (UEFI BOOT), default start block, 200MB
sgdisk -n 2:0:+4G /dev/sda # partition 2 (SWAP), default start block, 200MB
sgdisk -n 3:0:0 /dev/sda # partition 3, (LUKS), default start, remaining space
#sgdisk -n 1:0:1800M /dev/mmcb1k0 # root.gpg
# set partition types
sgdisk -t 1:ef00 /dev/sda
sgdisk -t 2:8200 /dev/sda
sgdisk -t 3:8300 /dev/sda
#sgdisk -t 1:0700 /dev/mmcb1k0
# label partitions
sgdisk -c 1:"UEFI Boot" /dev/sda
sgdisk -c 2:"Swap" /dev/sda
sgdisk -c 3:"LUKS" /dev/sda
#sgdisk -c 1:"Key" /dev/mmcb1k0
echo -e "create gpg file\n"
# create gpg file
dd if=/dev/urandom bs=512 count=4 | gpg -v --cipher-algo aes256 --digest-algo sha512 -c -a > /root/root.gpg
echo -e "format LUKS on root\n"
# format LUKS on root
gpg -q -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- -c aes-xts-plain -s 512 --hash sha512 luksFormat /dev/sda3
echo -e "open LUKS on root\n"
gpg -d /root/root.gpg 2>/dev/null | cryptsetup -v --key-file=- luksOpen /dev/sda3 root
# NOTE: make sure to add dm_crypt and aes_i586 to MODULES in rc.conf
# NOTE2: actually this isn't required since we're mounting an encrypted root and grub2/initramfs handles this before we even get to rc.conf
# make filesystems
# following swap related commands not used now that we're encrypting our swap partition
#mkswap /dev/sda2
#swapon /dev/sda2
#mkfs.ext4 /dev/sda3 # this is where we'd create an unencrypted root partition, but we're using luks instead
echo -e "\nCreating Filesystems...\n$HR"
# make filesystems
mkfs.ext4 /dev/mapper/root
mkfs.vfat -F32 /dev/sda1
#mkfs.vfat -F32 /dev/mmcb1k0p1
echo -e "mount targets\n"
# mount target
#mount /dev/sda3 ${INSTALL_TARGET} # this is where we'd mount the unencrypted root partition
mount /dev/mapper/root ${INSTALL_TARGET}
# mount target
mkdir ${INSTALL_TARGET}
# mkdir ${INSTALL_TARGET}/key
# mount -t vfat /dev/mmcb1k0p1 ${INSTALL_TARGET}/key
mkdir ${INSTALL_TARGET}/boot
mount -t vfat /dev/sda1 ${INSTALL_TARGET}/boot
# Install base, necessary utilities
mkdir -p ${INSTALL_TARGET}/var/lib/pacman
${TARGET_PACMAN} -Sy
${TARGET_PACMAN} -Su base
# curl could be installed later but we want it ready for rankmirrors
${TARGET_PACMAN} -S curl
${TARGET_PACMAN} -S libusb-compat gnupg
${TARGET_PACMAN} -R grub
rm -rf ${INSTALL_TARGET}/boot/grub
${TARGET_PACMAN} -S grub2-efi-x86_64
# Configure new system
SetValue HOSTNAME ${HOSTNAME} ${INSTALL_TARGET}/etc/rc.conf
sed -i "s/^\(127\.0\.0\.1.*\)$/\1 ${HOSTNAME}/" ${INSTALL_TARGET}/etc/hosts
SetValue CONSOLEFONT Lat2-Terminus16 ${INSTALL_TARGET}/etc/rc.conf
#following replaced due to netcfg
#SetValue interface eth0 ${INSTALL_TARGET}/etc/rc.conf
# write fstab
# You can use UUID's or whatever you want here, of course. This is just
# the simplest approach and as long as your drives aren't changing values
# randomly it should work fine.
cat > ${INSTALL_TARGET}/etc/fstab <<FSTAB_EOF
# /etc/fstab: static file system information
# <file system> <dir> <type> <options> <dump> <pass>
tmpfs /tmp tmpfs nodev,nosuid 0 0
/dev/sda1 /boot vfat defaults 0 0
/dev/mapper/cryptswap none swap defaults 0 0
/dev/mapper/root / ext4 defaults,noatime 0 1
FSTAB_EOF
# write etwo
mkdir -p /lib/initcpio/hooks/
mkdir -p /lib/initcpio/install/
cp /src/etwo_hooks /lib/initcpio/hooks/etwo
cp /src/etwo_install /lib/initcpio/install/etwo
mkdir -p ${INSTALL_TARGET}/lib/initcpio/hooks/
mkdir -p ${INSTALL_TARGET}/lib/initcpio/install/
cp /src/etwo_hooks ${INSTALL_TARGET}/lib/initcpio/hooks/etwo
cp /src/etwo_install ${INSTALL_TARGET}/lib/initcpio/install/etwo
# write crypttab
# encrypted swap (random passphrase on boot)
echo cryptswap /dev/sda2 SWAP "-c aes-xts-plain -h whirlpool -s 512" >> ${INSTALL_TARGET}/etc/crypttab
# copy configs we want to carry over to target from install environment
mv ${INSTALL_TARGET}/etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf.orig
cp /etc/resolv.conf ${INSTALL_TARGET}/etc/resolv.conf
mkdir -p ${INSTALL_TARGET}/tmp
cp /tmp/pacman.conf ${INSTALL_TARGET}/tmp/pacman.conf
# mount proc, sys, dev in install root
mount -t proc proc ${INSTALL_TARGET}/proc
mount -t sysfs sys ${INSTALL_TARGET}/sys
mount -o bind /dev ${INSTALL_TARGET}/dev
echo -e "umount boot\n"
# we have to remount /boot from inside the chroot
umount ${INSTALL_TARGET}/boot
# Create install_efi script (to be run *after* chroot /install)
touch ${INSTALL_TARGET}/install_efi
chmod a+x ${INSTALL_TARGET}/install_efi
cat > ${INSTALL_TARGET}/install_efi <<EFI_EOF
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
echo -e "mount boot\n"
# remount here or grub et al gets confused
mount -t vfat /dev/sda1 /boot
# mkinitcpio
# NOTE: intel_agp drm and i915 for intel graphics
SetValue MODULES '\\"dm_mod dm_crypt aes_x86_64 ext2 ext4 vfat intel_agp drm i915\\"' /etc/mkinitcpio.conf
SetValue HOOKS '\\"base udev pata scsi sata usb usbinput keymap consolefont etwo encrypt filesystems\\"' /etc/mkinitcpio.conf
SetValue BINARIES '\\"/usr/bin/gpg\\"' /etc/mkinitcpio.conf
mkinitcpio -p linux
# kernel modules for EFI install
modprobe efivars
modprobe dm-mod
# locale-gen
UncommentValue de_AT /etc/locale.gen
locale-gen
# install and configure grub2
# did this above
#${CHROOT_PACMAN} -Sy
#${CHROOT_PACMAN} -R grub
#rm -rf /boot/grub
#${CHROOT_PACMAN} -S grub2-efi-x86_64
# you can be surprisingly sloppy with the root value you give grub2 as a kernel option and
# even omit the cryptdevice altogether, though it will wag a finger at you for using
# a deprecated syntax, so we're using the correct form here
# NOTE: take out i915.modeset=1 unless you are on intel graphics
SetValue GRUB_CMDLINE_LINUX '\\"cryptdevice=/dev/sda3:root cryptkey=/dev/sda1:vfat:/root.gpg add_efi_memmap i915.i915_enable_rc6=1 i915.i915_enable_fbc=1 i915.lvds_downclock=1 pcie_aspm=force quiet\\"' /etc/default/grub
# set output to graphical
SetValue GRUB_TERMINAL_OUTPUT gfxterm /etc/default/grub
SetValue GRUB_GFXMODE 960x600x32,auto /etc/default/grub
SetValue GRUB_GFXPAYLOAD_LINUX keep /etc/default/grub # comment out this value if text only mode
# install the actual grub2. Note that despite our --boot-directory option we will still need to move
# the grub directory to /boot/grub during grub-mkconfig operations until grub2 gets patched (see below)
grub_efi_x86_64-install --bootloader-id=grub --no-floppy --recheck
# create our EFI boot entry
# bug in the HP bios firmware (F.08)
efibootmgr --create --gpt --disk /dev/sda --part 1 --write-signature --label "ARCH LINUX" --loader "\\\\grub\\\\grub.efi"
# copy font for grub2
cp /usr/share/grub/unicode.pf2 /boot/grub
# generate config file
grub-mkconfig -o /boot/grub/grub.cfg
exit
EFI_EOF
# Install EFI using script inside chroot
chroot ${INSTALL_TARGET} /install_efi
rm ${INSTALL_TARGET}/install_efi
# Post install steps
# anything you want to do post install. run the script automatically or
# manually
touch ${INSTALL_TARGET}/post_install
chmod a+x ${INSTALL_TARGET}/post_install
cat > ${INSTALL_TARGET}/post_install <<POST_EOF
set -o errexit
set -o nounset
# functions (these could be a library, but why overcomplicate things
SetValue () { VALUENAME="\$1" NEWVALUE="\$2" FILEPATH="\$3"; sed -i "s+^#\?\(\${VALUENAME}\)=.*\$+\1=\${NEWVALUE}+" "\${FILEPATH}"; }
CommentOutValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^\(\${VALUENAME}.*\)\$/#\1/" "\${FILEPATH}"; }
UncommentValue () { VALUENAME="\$1" FILEPATH="\$2"; sed -i "s/^#\(\${VALUENAME}.*\)\$/\1/" "\${FILEPATH}"; }
# root password
echo -e "${HR}\\nNew root user password\\n${HR}"
passwd
# add user
echo -e "${HR}\\nNew non-root user password (username:${USERNAME})\\n${HR}"
groupadd sudo
useradd -m -g users -G audio,lp,optical,storage,video,games,power,scanner,network,sudo,wheel -s /bin/bash ${USERNAME}
passwd ${USERNAME}
# mirror ranking
echo -e "${HR}\\nRanking Mirrors (this will take a while)\\n${HR}"
cp /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.orig
mv /etc/pacman.d/mirrorlist /etc/pacman.d/mirrorlist.all
sed -i "s/#S/S/" /etc/pacman.d/mirrorlist.all
rankmirrors -n 5 /etc/pacman.d/mirrorlist.all > /etc/pacman.d/mirrorlist
# temporary fix for locale.sh update conflict
mv /etc/profile.d/locale.sh /etc/profile.d/locale.sh.preupdate || true
# yaourt repo (add to target pacman, not tmp pacman.conf, for ongoing use)
echo -e "\\n[archlinuxfr]\\nServer = http://repo.archlinux.fr/\\\$arch" >> /etc/pacman.conf
echo -e "\\n[haskell]\\nServer = http://www.kiwilight.com/\\\$repo/\\\$arch" >> /etc/pacman.conf
# additional groups and utilities
pacman --noconfirm -Syu
pacman --noconfirm -S base-devel
pacman --noconfirm -S yaourt
# sudo
pacman --noconfirm -S sudo
cp /etc/sudoers /tmp/sudoers.edit
sed -i "s/#\s*\(%wheel\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
sed -i "s/#\s*\(%sudo\s*ALL=(ALL)\s*ALL.*$\)/\1/" /tmp/sudoers.edit
visudo -qcsf /tmp/sudoers.edit && cat /tmp/sudoers.edit > /etc/sudoers
# power
pacman --noconfirm -S acpi acpid acpitool cpufrequtils
yaourt --noconfirm -S powertop2
sed -i "/^DAEMONS/ s/)/ @acpid)/" /etc/rc.conf
sed -i "/^MODULES/ s/)/ acpi-cpufreq cpufreq_ondemand cpufreq_powersave coretemp)/" /etc/rc.conf
# following requires my acpi handler script
echo "/etc/acpi/handler.sh boot" > /etc/rc.local
# time
pacman --noconfirm -S ntp
sed -i "/^DAEMONS/ s/hwclock /!hwclock @ntpd /" /etc/rc.conf
# wireless (wpa supplicant should already be installed)
pacman --noconfirm -S iw wpa_supplicant rfkill
pacman --noconfirm -S netcfg wpa_actiond ifplugd
mv /etc/wpa_supplicant.conf /etc/wpa_supplicant.conf.orig
echo -e "ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=network\nupdate_config=1" > /etc/wpa_supplicant.conf
# make sure to copy /etc/network.d/examples/wireless-wpa-config to /etc/network.d/home and edit
sed -i "/^DAEMONS/ s/)/ @net-auto-wireless @net-auto-wired)/" /etc/rc.conf
sed -i "/^DAEMONS/ s/ network / /" /etc/rc.conf
echo -e "\nWIRELESS_INTERFACE=wlan0" >> /etc/rc.conf
echo -e "WIRED_INTERFACE=eth0" >> /etc/rc.conf
echo "options iwlagn led_mode=2" > /etc/modprobe.d/iwlagn.conf
# sound
pacman --noconfirm -S alsa-utils alsa-plugins
sed -i "/^DAEMONS/ s/)/ @alsa)/" /etc/rc.conf
mv /etc/asound.conf /etc/asound.conf.orig || true
#if alsamixer isn't working, try alsamixer -Dhw and speaker-test -Dhw -c 2
# video
pacman --noconfirm -S base-devel mesa mesa-demos
# x
#pacman --noconfirm -S xorg xorg-xinit xorg-utils xorg-server-utils xdotool xorg-xlsfonts
#yaourt --noconfirm -S xf86-input-wacom-git # NOT NEEDED? input-wacom-git
#TODO: cut down the install size
#pacman --noconfirm -S xorg-server xorg-xinit xorg-utils xorg-server-utils
# TODO: wacom
# environment/wm/etc.
#pacman --noconfirm -S xfce4 compiz ccsm
#pacman --noconfirm -S xcompmgr
#yaourt --noconfirm -S physlock unclutter
#pacman --noconfirm -S rxvt-unicode urxvt-url-select hsetroot
#pacman --noconfirm -S gtk2 #gtk3 # for taffybar?
#pacman --noconfirm -S ghc
# note: try installing alex and happy from cabal instead
#pacman --noconfirm -S haskell-platform haskell-hscolour
#yaourt --noconfirm -S xmonad-darcs xmonad-contrib-darcs xcompmgr
#yaourt --noconfirm -S xmobar-git
# TODO: edit xfce to use compiz
# TODO: xmonad, but deal with video tearing
# TODO: xmonad-darcs fails to install from AUR. haskell dependency hell.
# switching to cabal
# fonts
pacman --noconfirm -S terminus-font
yaourt --noconfirm -S webcore-fonts
yaourt --noconfirm -S fontforge libspiro
yaourt --noconfirm -S freetype2-git-infinality
# TODO: sed infinality and change to OSX or OSX2 mode
# and create the sym link from /etc/fonts/conf.avail to conf.d
# misc apps
#pacman --noconfirm -S htop openssh keychain bash-completion git vim
#pacman --noconfirm -S chromium flashplugin
#pacman --noconfirm -S scrot mypaint bc
#yaourt --noconfirm -S task-git stellarium googlecl
# TODO: argyll
POST_EOF
# Post install in chroot
#echo "chroot and run /post_install"
chroot /install /post_install
rm /install/post_install
# copy grub.efi file to the default HP EFI boot manager path
mkdir -p ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/
mkdir -p ${INSTALL_TARGET}/boot/EFI/BOOT/
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/Microsoft/BOOT/bootmgfw.efi
cp ${INSTALL_TARGET}/boot/grub/grub.efi ${INSTALL_TARGET}/boot/EFI/BOOT/BOOTX64.EFI
cp /root/root.gpg ${INSTALL_TARGET}/boot/
# NOTES/TODO -
I'm a DIY guy... with more than just computers. In the near future I am planning to use Arch Linux 64bit for a professional use environment. I'll also be building a new system after the new upcoming standards go mainstream. All the programs I'll be using will be heavily extended and modified versions. Windows (retail license) has far too much bloat, but I'll dual boot it on a separate HDD. Photoshop, Coldfusion and/or etc... are nice except for the added cost. I am trying to decide on a shell and solid programs to perform my needs. Any recommendations regarding additional open source platforms/programs, modified versions, superior alternatives or extensions? Opinions are welcome too.
Photography -> GIMP
3D Rendering -> Blender
I'm searching for modified versions plus extensions to create ultra realistic images and models. Not for creating games.
2/3D CAD -> ?
I have my doubts about what I have seen thus far. I'd rather have a commercial grade program available on Linux than deal with a bunch of time wasting hassle when trying to create models. Maybe someone in who has been down this road can curb my appetite.
Office Suite -> LibreOffice
I write on a regular basis. Out-of-box it has a lot of nice features. Microsoft Office 2010 is what I am using now. I am hoping to find extensions to add the missing features found in the newest Microsoft Office.
Pro E-mail Client -> ?
I'm looking for an Outlook replacement. Thunderbird is not something I am too akin to after my numerous issues with Mozilla's FireFox on several (5+) computers.
Web Development -> Notepad++ w/ Aptana Studio
I own a website with several domains. For the past few months it has been blank as I decide on the layout. It will feature a pro online portfolio, blog and etc... Not for general or family usage. Pre-made templates are a no-go. I'm experienced with some CSS, HTML and etc...
Etc...
Last edited by carolinabranden (2011-10-05 22:54:36)carolinabranden wrote:3D Rendering -> Blender
I'm searching for modified versions plus extensions to create ultra realistic images and models. Not for creating games.
I don't know exactly what you mean with 'modified versions', as for extensions/plugins/addons I've heard great things about BSurfaces. As for creating ultra-realistic models, certainly Blender is capable of that, but obviously your own skill will be the determining factor. These days most character-focused modeling is done using 3d sculpting methodology and Blender has good support for this. I've been doing some spare time sculpturing myself from time to time using Blender and while it's obviously not near as powerful as commercial 'sculpting-dedicated' offerings such as ZBrush, or Mudbox, it's still very capable. Here's some old (2+ years) stuff I sculpted in Blender back when I was playing around with lots of 3d sculpting in my spare time:
http://img3.imageshack.us/img3/3204/geek1g.jpg
http://img846.imageshack.us/img846/2580 … dertes.jpg
http://img810.imageshack.us/img810/3412/pig1.jpg
http://img97.imageshack.us/img97/6084/pig2y.jpg
http://img855.imageshack.us/img855/180/leela2.jpg
http://img844.imageshack.us/img844/6782/dogjk.jpg
So if you have any questions pertaining to Blender sculpting I'd be happy to share what I know. As for rendering, it seems the new Cycles renderer is the future but I haven't had any real experience with it so I can't help you there (and I really suck at rendering anyways). -
Have Installed Arch Linux and Xmonad on 2013 15" MacBook Pro Retina
I just recieved the latest stunning MacBook Pro Retina 15" (ME665) released in Feb 2013, couldn't wait to install the Arch Linux 2013.02.01 on it, dual boot with Mac OSX.
I'm impressed by the performance of this device after working with the combo of Arch Linux and Xmonad for several days, everything works out of the box, including touchpad, audio, video, wireless network, bluetooth, etc. Even the apperance of most apps are compatible with the high resolution of Retina display.
Another important thing is the battery life, 5 hours! Program and compile, listen music, download AOSP through Wi-Fi, watch YouTube videos with Flash hardware accelaration on.
For the installtion details, see my long blog post at http://vec.io/posts/use-arch-linux-and- … na-display
-- mod edit: read the Forum Etiquette and only post thumbnails http://wiki.archlinux.org/index.php/For … s_and_Code [jwr] --
Last edited by vecio (2013-02-28 02:22:38)Can you tell me what your /sys/class/backlight/gmux_backlight/brightness and max_brightness values are? This has not worked out of the box for me.
-
Hi,
I've been using Arch linux on my main machine for a few months now, and really like it. I like the "currentness" of it, as well as it's minimalist approach.
I have an old 80486DX2 66Mhz with 20MB of RAM which I occasionally fire up to play with networking things, as I work as a network engineer. I'd really like to be able to install a minimal copy of Arch Linux on it. Of course I can't, because the Arch Linux distro is i686 or greater. I've got a 10GB hard drive in it, so disk space isn't an issue. I currently have an old version of Debian on it.
I'd like to suggest creating "base-line PC" Arch distro, that is compiled only using i386 CPU instructions, allowing it to run on all generation 32 bit PCs. This would allow us Arch fans to run Arch on older computers we might have lying around.
Regards,
Mark.deficite wrote:I really like how you have no option to disagree with you at all, you either have to agree with you or vote that you don't know what a 486 is (Which is quite odd, because I know of quite a few rednecks in my school who even know what a 486 is)
Was having a small amount of fun with the poll option.:-) Having used Linux since early 1993, and having come across people in another forum asking what version of Linux would run on such as slow machine as a P3 550, I was amused to ask if people knew what an 80486 was.
Anyway, I think it's a waste of effort IMHO. A computer that old would probably not have a large HDD, and Arch requires >90MB for a full base install (of course you COULD strip things out). I remember the 486DX-33 we had only had like a 150MB hard drive or something, if even that much, and it came with 4MB of RAM (I upped it to 32MB after my dad found a broken computer in a storage unit next to ours a few years ago )
It's possible to run large HDDs in machines that old, I have a 10GB drive in the 80486 I have. Once Linux starts, it talks directly to the disk, so BIOS limitations disappear. All you need to do is configure the BIOS with the largest sized HDD it supports, and make sure the bootloader and the kernel reside within that part of the disk. This was the technique we used to use to get around the 512MB limit in the BIOS. I think actual IDE hardware limits kick in once you require LBA access to the disk, and from very rusty memory, that is something like 37GB.
20MB of RAM, which was also popular enough (4 x 1MB SIMMs, 4x4MB SIMMs), should be is enough to run a base Linux install(plenty actually, I used to run Linux on a 486 with 8MB of RAM, with X windows. I'd have 0.5MB left to run applications, however with fast swapping to a SCSI disk, it was quite useable).
I guess you could run a server or two on it or something, but do you really want to spend all that effort porting Arch to 386 when you could just run another distro. There are distros made specifically for running servers on old hardware.
Yes, but then it wouldn't be running Arch, would it. :-) -
Trouble with a wired connection on my fresh Arch Linux Install
I am a new Arch Linux user. I used to use Ubuntu exclusively, but I'm to the point where I can no longer stand a lot of the issues with the new development and Canonical. Anyways....
I have a Dell Inspiron 1440 laptop with an RTL8110SC (Module R8169) Ethernet port. (Pardon me if my terminology is wrong; please correct me if it is so I can learn? ) During the install process with the CD that I made, I had no issues connecting to the Internet. However, whenever I boot into my install, there is no connection. I've tried pinging various web pages and nothing will happen. I know that my hardware is compatible, but I do not know what to do next. I've tried everything under the Wiki's Beginner's Guide and the Network Configuration Guide.
I just realised after I wrote this top portion that it no longer is connecting via CD, either. Pinging is giving me errors about no packets being received.
Please help me with this matter? I would love to start using Arch Linux!Ping is a very basic command that is fundamental to debugging networks at the lowest levels.
ewaller@odin:~ 1002 %ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=50 time=42.7 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=50 time=36.7 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=50 time=36.8 ms
^C
--- 8.8.8.8 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 36.721/38.782/42.768/2.819 ms
ewaller@odin:~ 1003 %
What we can tell so far..
You have an Ethernet Interface.
You have an Ethernet Address.
You cannot look up domain names (bad)
We are trying to see if you can see other computers if you know their address. This will tell us if it is a DNS or a routing problem
Last edited by ewaller (2012-10-26 22:58:32) -
Arch Linux 0.7.1 - my feedback
please read the post before vote
Well, I've used Arch linux for many months in late 2004 / early 2005 and then I've switched to Ubuntu...
some days ago I've installed version 0.7.1 and updated it with pacman -Syu
I've seen a lot of improvement since the last time I used it and I was near to think "ok let's switch back to Arch" until I found I that thing I really hate :!: is still here..
You can't install old versions of some packages. For example, kernel.. or.. php (ok there is one in Aur that is maybe "too" old) and mysql..
in the php/mysql example it's true that version 5 is the latest one but they (at least php) still develope the 4.x version for security and many server still have it and also many scripts supports only php4 and 5.
also, as I am a php developer, I need to test scripts with old versions.
but as I said this is just an example. I think that while you can't think to have a big repository of binaries it would be great to be able to install old versions via source.
and recompiling software by hand using old PKGBUILDS is a problem case you don't have a tool that tells you wich packaged were "aligned" with wich.. I mean.. the new php works only with the mysql5 extension so even if you build mysql by yourself it won't work with php.. and so on for apache..
anyway.. if a user is able to block a package and prevent the automatic update he should also be able to use the non-latest version of it.
I know that arch is a bleeding edge distro but this shouldn't mean that you have only the bleeding things. (see gentoo for example)
Another thing that will help a lot in my opinion is to have in the wiki 2 lists:
- one very detailed with available daemons and their use.. for example.. ok.. fam is the file alteration monitor.. but why you need it and wich are the main programs that takes advantage from it and what happens if you doesn't run it? and so on for hal, etc. ..
- one list with all available standard groups that tells user to wich group subscribe in order to be able to performe a specific action
imho this 2 lists will help the (new) user understand better what is doing and why The arch philosophy of "do it yourself and learn doing it" is great but have to be encouraged, and in fact there already is a very good documentation.
Just my 2 cents. And sorry if some one else already said this before; in this case take my post as an underline mark btw.. I'll attach a poll to it.
bye,
Giovanni.iphitus wrote:To me this thread looks more like "i dont want to make a second package for myself, so let's get the devs to do it".
hmm.. this sounds a bit offenisve to me. Cause I don't actually need that packages as I'm not using Arch as main distro. This post was meant to give a feedback..
iphitus wrote:Especially as there isnt a huge demand for such a package, and you are most likely to be one of a very small minority to use that duplicate package.
ok I agree with this. but from my point of view it is because users that needed it too already switched to another distro..
and this leads us to this:
tomk wrote:I voted "No, there is no need", because I think this is simply an indication that Arch is not the right distro for you - it doesn't meet your requirements.
Imho, the point is that Arch have a lot of great features. The one I'd like to have is a feature that I think will just increase the number of great features Arch already have and will make Arch the right distro for more users. So users that switch to another distro will lose a lot of features that they like to get one or two that they need..
tomk wrote:This "thing that you really hate" is still there because firstly the Arch devs, and secondly Arch users, have not needed to change it. If you want to work "from within" to change that, with polls like this, feature requests, etc, I wish you the best of luck, but I think your poll result so far should tell you something about the support you can expect.
the poll was mainly for myself to get an idea of the users opinion not to change the things. And as I said it is not a change from my point of view, but just a new feature. About Arch devs I agree but about users I don't.. how you can say it if you say to me that I should change distro? In this way people that thinks like me will always remain a minority in arch community. And I don't think that having a old version of a "core" package would be against the Arch philosophy.
tomk wrote:Finally a general point, and this applies to wiki entries as well - you will get a better response if you do something, and then ask "what do you think?" instead of asking "Why doesn't Arch do this?"
I did it for the software thing with the poll and anyway also for the wiki I didn't wrote it but I thought it was clear.. For the wiki I posted my idea and there was no need for the question "what do you think" cause is a discussion forum Also please keep in mind that I wrote the original post in late night and that I'm italian so my english isn't so good :oops:
anyway.. thanks for the tip about subit a feature request and for your answers.
bye,
Giovanni. -
Arch Linux and Splashy, a big update
edit 2:
If you don't want to build from sources have a look at this post: http://bbs.archlinux.org/viewtopic.php? … 03#p371403
edit:
UPDATED LINK:
http://slexiw.netsons.org/files/splashy-stuff7.tar.gz
About me:
I'm a professional developer (mainly c/c++) with 10 years of development experience. I've never programmed in bash before so this is my first experience. My Linux knowledge isn't good either but i learned a lot thanks to Arch Linux.
About the thread:
I need a boot splash for a mini-pc I'm building and i want, of course, use Arch Linux. The current status is pretty depressive, initscripts-splash are outdated and there is no real support for user-mode boot splashing system (like splashy).
A few suggestions (IMHO) for the Arch Linux developers:
-Integrate the splash system in the official initscripts. If you write a wrapper like start_daemon and stop_daemon to be used in /etc/rc.multi and /etc/rc.shutdown, we can limit the changes to just /etc/rc.d/functions and at least the initscripts-splash will be more maintainable and the whole code more clean.
-Patch killall5 to add the support to ignore pids. The patch is really small and the one used by Ubuntu is http://patches.ubuntu.com/s/sysvinit/ex … ids.dpatch. There is a package in AUR that uses a different patch: http://aur.archlinux.org/packages.php?ID=16445. I tested it and so far it worked fine, no problems to be reported.
Why do we need a patched killall5? Splashy gets killed early during the shutdown process and the whole purpose of having a splash system is defeated. Currently Splashy cannot handle the reboot/shutdown.
Enough talking, now back to the real stuff. I've modified the initscript-splash package (completely rewritten) and the splashy package (almost completely rewritten).
I've also written a new package to support splashy themes. I'm using these packages for my system and i never had any problem so far.
initscripts-splash:
Rewritten to fit my needs for Splashy. Based on initscripts-2008.05-1 (in testing, if you are not using the testing repo you should better wait till the package hits core).
It only supports MY Splashy package, no other splash system is supported, not even the "old" Splashy package from AUR.
splashy:
Based on the great work done by the maintainers and the contributors of the package in AUR. A lot has been rewritten and it's actually a lot different.
splashy-themes:
Simple package with just 1 theme (for now), depends on archlinux-wallpaper and uses a little hack to use the wallpapers provided. I will provide new themes as soon as i have time.
Splashy now supports:
Progress bar
Text output
Shutdown/Reboot
Still working on resume/suspend and "verbose on error".
Installation tutorial:
-Download, compile and install sysvinit-mod from aur: http://aur.archlinux.org/packages.php?ID=16445
-Remove your old initscripts or initscripts-splash package, remember to back /etc/rc.conf and /etc/inittab before.
-Download, build and install initscripts-splash from http://slexiw.netsons.org/files/initscr … ash.tar.gz
-Download, build and install splashy from http://slexiw.netsons.org/files/splashy.tar.gz
-Download, build and install splashy-themes from http://slexiw.netsons.org/files/splashy-themes.tar.gz
-You may want to restore your old /etc/rc.conf and /etc/inittab now.
-Add SPLASH="splashy" to the end of /etc/rc.conf.
-Edit /etc/splashy/config.xml to select the theme you want (to list the installed themes do "ls /usr/share/splashy/themes/", use the directory name as the theme name).
-Add the "splashy" hook to /etc/mkinitcpio.conf (mine is after v86d and before autodetect)
-Rebuild your initramfs: mkinitcpio -g /boot/kernel26.img
-Add "splash" to the kernel command line, if you are not using uvesafb (v86d hook) add vga=791 too. You should also add "quiet".
If you are still confused follow this guide: http://wiki.archlinux.org/index.php/Splashy
Looking for suggestions, bug reports and patches!
Thank you for reading this, you've done what i couldn't do, i can't believe i wrote all that cr*p.
Last edited by lexiw (2008-05-29 15:28:49)phrakture wrote:
lexiw wrote:-Integrate the splash system in the official initscripts. If you write a wrapper like start_daemon and stop_daemon to be used in /etc/rc.multi and /etc/rc.shutdown, we can limit the changes to just /etc/rc.d/functions and at least the initscripts-splash will be more maintainable and the whole code more clean.
Now, we've gone through this a couple of times, and I don't actually want to integrate splash SPECIFIC stuff in the initscripts.
However, we have the ability to override functions used by the initscripts. All we need to do is extrapolate out the pieces that you would need so that you can override them.
So, if you would be willing to provide a patch against git (http://projects.archlinux.org/?p=initsc … ;a=summary) which extrapolates the pieces you need, we could get that applied, and you simply need to dump your overriding functions in /etc/rc.d/functions.d/. NOTE: submit the patch to the bug tracker, it will get lost if you just post it on the forums.
Alternatively, you can just tell us (http://bugs.archlinux.org/) which pieces you want extrapolated, but this will take much longer, as I don't think anyone dealing with this stuff is really gung-ho about splash support.
I will probably provide a patch after i studied the code a little deeper The /etc/rc.d/functions.d/ solution seems the right way to implement it.
phrakture wrote:
lexiw wrote:-Patch killall5 to add the support to ignore pids. The patch is really small and the one used by Ubuntu is http://patches.ubuntu.com/s/sysvinit/ex … ids.dpatch. There is a package in AUR that uses a different patch: http://aur.archlinux.org/packages.php?ID=16445. I tested it and so far it worked fine, no problems to be reported.
Why do we need a patched killall5? Splashy gets killed early during the shutdown process and the whole purpose of having a splash system is defeated. Currently Splashy cannot handle the reboot/shutdown.
This seems a little silly to me. I'm sure there's 10 or 20 other ways you could implement the same functionality without needing to patch a quasi-critical binary just for splash support. The patch affects all users. Splashy does not.
I could not find an alternative solution by myself, as i stated my Linux knowledge isn't more than average. If you could provide me some hints I'll be happy to do some further research on the issue and provide a patch. I'll be glad to drop the sysvinit-mod dependency.
Without the right know-how i just went the "mainstream way" and did what Debian/Ubuntu did.
Edit:
I didn't know you could ovveride functions, this will be a great boost for the initscripts-splash project Thank you!
Last edited by lexiw (2008-05-22 17:35:15)
Maybe you are looking for
-
IMac 27" late 2009 Hard Drive Crashed, How do i recover my hard drive?
So i tried using "Target Disk Mode" by holding down "T' when it starts up. The firewire symbol comes on and its bouncing around. Then I hooked up a firewire 800 to my mac book pro via firewire 800. My mac book pro is not detecting it! It's not showi
-
Save as Plug-in dialog box doesn't allow me to select anything but "Finder"
I'm trying to make a folder action that takes any images and imports them to iPhoto. Automator isn't letting me save my script as as anything but a Finder plug-in. Is this normal?
-
Iweb 1.1.2 and iWeb 2.0 on the same machine?
Is it possible/safe to run both versions on the same machine? If so how does one do this? If this has already been covered, would someone be so kind as to point me the way? I cannot trust 2.0 for serious work, but I think that it would be good to hav
-
Hi experts, I want to generate a report where,BI has to raise a alert if there is a shortage of certain purchase amount to get the rebate.(for a set of conditions) I want to know by using which data source i can load data related to rebares . And wha
-
Image quality issue - Canon HG10
When importing content from my HG10 canon I get horrible horizontal lines through everything when the camera is moving, if the camera is still the images are fine? Do I have setting incorrect or is there a compatibility issue? JT