Arch Linux - A comprehensive installation guide

Table of Contents

Introduction


What this guide is

This guide is a detailed explanation of the installation process and things relating to it. This is not a guide that takes you step by step through the commands you need to run to install Arch Linux. If you want that take a look at the "Recommended guides" section below. This guide is meant to help you understand the commands you are running allowing you to install Arch Linux (or any DIY distro) the way YOU want or the way that best suits your needs. This guide should be used as a collection of useful links and ideas. A lot of information here can carry over to other operating systems installations but the focus of this guide is Arch Linux. 

Arch Linux installtion scripts

People have created Arch Linux installation scripts plenty of times. However Arch Installer is the only official automated script. This installer is optional. If the user desires to install Arch Linux manually they can still do so. 

Recommended guides

Pre-installation


Requirements

This guide assumes you have a x86_64 1 computer which has 2GB of RAM, 20GB of disk space 2, an internet connection, a USB with at least 2GB of storage 3.

1  Arch Linux only supports x86_64 architecture, however a fork of it exists for ARM CPUs.

2 Arch Linux can be installed on a smaller disk space and use less RAM but you probably (and should) use more.

3 The USB is not needed if you Netboot into the live medium. An optical disc can also be used instead of a USB.

Arch Linux ISO

The first thing we must do is to get the ISO file and USB device. Head over to Arch Linux website to download the official ISO using either a magnet link or a torrent file.  To make use of the ISO file, we will need a bootable USB.

Verifying the signature

Verifying the signature of the file is important to make sure the ISO you have is not compromised, malicious, or broken. The Arch Linux wiki covers this pretty well thus going over it would be redundant.

Etching software

Most guides recommend tools like UNetBootin, Balena Etcher or Rufus to etch an ISO file onto a USB device. These tools are great but they uses the entire USB (which could be 16GB or more) to etch a single distro in which the ISO might be 2GB large. Arch Linux's disk image takes up less than 1GB of space! Even if you aren't going to use all that space, It is time consuming and tedious to rerun the etching software every time you want to use a different operating system. If you are distro-hopping or would like to keep multiple operating systems (not just different distributions!) on a single USB, this guide recommends using a tool called Ventoy

Bootable USB

To make a bootable USB we will need to create it using Ventoy. Ventoy has both a GUI and a CLI clients therefore its perfect for any user. When you run Ventoy on your desired USB device, It will create 2 partitions. We only need to worry about one of these partitions, the empty one, this is were we will be putting our image files. After downloading the Arch Linux ISO (or any other ISO file), just move it to the empty Ventoy partition and we will be able to boot into it. 

Booting into the Live medium

Reboot your machine and enter the BIOS/UEFI to disable "Secure Boot" if its enabled. Then boot into your USB device from the boot loader menu. Secure boot can be set up after the installation.

Installation


Partitioning

This is where things get interesting! Partitioning a disk is just dividing up your storage device into smaller chinks which may have different file systems. There is a plethora of partitioning tools you can use 1. The easiest non-GUI tool is "cfdisk". Some guides use "fdisk" which is more intimidating. There is multiple partitions you can make for many reasons. The simplest installation only requires 2 on a UEFI system, an EFI partition and a root partition. The EFI partition is needed to boot the system, it is your boot partition. The root partition is where everything else is stored. A BIOS system only need 1 root partition which contains everything. 

1 Some partitioning tools are parted, fdisk, cfdisk, sfdisk, gdisk, cgdisk, and sgdisk. More can be found here.

 Partition tables

A partition table describes how a disk is partitioned. There are 2 types of partition tables, the "Master Boot Record" (MBR) and "GUID Partition Table" (GPT). The GPT partitioning table is newer and is more feature rich than its predecessor. If you are installing an operating system you will want to use GPT unless you have a specific reason not to. GPT allows you  to create more partitions and supports disks larger than 2TB.

Storage device naming scheme

When you are formatting your drives, you probably want to know which device is being used. In Linux, storage devices can be found in "/dev". HDD and USB storage devices are usually labeled as sdX. Where "X" is a lower case letter starting in alphabetical order (sda, sdb, sdc, etc.). each of these is a separate storage device. 

An example list of storage devices names could look like this:

PATH           NAME
/dev/sda sda <-- HDD
/dev/sdb sdb <-- Secondary HDD
/dev/sdc sdc <-- USB drive
/dev/nvme0n1 nvme0n1 <-- SSD
/dev/nvme0n2 nvme0n2 <-- Secondary SSD

Number of partitions on a single disk is also taken into account. The number after the device name (sda1, nvme0n1p1) is the partition number. 

An example output of the command "lsblk -o NAME,TYPE" is this:

$ lsblk -o NAME,TYPE
NAME          TYPE
sda           disk
├─sda1        part <-- EFI - boot partition
├─sda2        part <-- ext4 - root partition
└─sda3        part <-- swap - swap partition
sdb           disk
└─sda1        part <-- FAT32 - extra storage partition
nvme0n1       disk
└─nvme0n1p1   part <-- ext4 - home partition

Home partition

Creating more partitions allows you to better organize or even backup your data. A home partition will only hold the user(s) files (all of "/home"). The root partition will contain everything else (packages, operating system files, etc.).

Swap

Swap can be used to off load data from RAM, essentially giving you more ram at the cost of disk space using a process called paging. You can create either a swap file or a swap partition. Swap is also used for hibernation 1 of your system. Hibernation allows you to completely power off your computer which is why its more useful than normal sleep which keep the system on 2. Restoring from hibernation is slower compared to restoration from sleep. Having swap is recommended for lower end systems which may have less memory.

1 Hibernation is like entering sleep mode, however the data is stored in the swap partition/file. `Normal` sleep just keeps the data in RAM.

2 Sleep powers off all of the computers hardware (networking, display, etc.) with the exception of RAM. If RAM was powered off, nothing would be saved.

File systems

After creating your partitions you have to format them. There is multiple file system types. Different operating systems tend to use different file systems usually because these systems are proprietary. A variant of the FAT file system, FAT32, is widely used in storage devices of computers, cameras, embedded systems and game systems. Windows uses FAT32 for a boot partition and NTFS for its root partition. MacOS uses APFS. Most guides tell you to format the EFI partition has FAT32 1 and the root partition as ext4. Some guides use BTRFS file system for the root partition, because it is faster than ext4 and has more features, however it comes at the cost of stability.  XFS and ZFS can also be used instead of ext4 for a root partition. If you created a swap partition you want to format it as such. 

1 If you are using a BIOS system you only have 1 partition which typically is formatted as ext4.

Encryption

If you plan on encrypting one or more partitions you should do so using the "cryptsetup" command. To setup encryption on a partition, format that partition as "LUKS" (either LUKS1 or LUKS2) using the command "cryptsetup --type luks1 luksFormat <path to partition>". Then you will be prompted to type a passphrase, make sure to memorize this passphrase because without it you will not be able to boot into your operating system 1. Before you can use the partition, you will need to create and form the virtual disk. To access the encrypted partition, type the command "cryptsetup luksOpen <path to partition> <name>" (the example below uses "crypthome" as the name). Then you can mount the virtual drive and use it. The path of the virtual drive is "/dev/mapper/<name>". 

Example of an encrypted partition.

$ lsblk -o NAME,TYPE,MOUNTPOINTS
NAME          TYPE  MOUNTPOINTS
sda           disk  
├─sda1        part  /boot
├─sda2        part  /
└─sda3        part
└─crypthome crypt /home <-- full path is "/dev/mapper/crypthome/home"

A more detailed explanation of how to encrypt your drives can be found on the Arch Linux wiki.

1 You will be prompted to enter this passphrase every time you boot your system (assuming the partition will get mounted by the bootloader).

Unix/Linux file system structure

In a Unix/Linux system, everything is a file. If you wanted to know the specifications of your CPU, you can just look at the file in "/proc/cpuinfo". On a windows system, you would need to make an API call to get this information. In a Unix/Linux system, there is a single folder that contains everything. This folder is called root "/". Running processes can be found in "/proc" (notice that "proc" is inside "/"). Linux Journey explains the different directories well.

Mounting

After partitioning and creating the needed file systems you need to mount them to write data to them. Mounting allows you to attach other partitions onto your root partition. For example, when you plug in a USB storage device into a Linux system the OS will automatically mount it to a specific directory such as "/run/media/<user's name>". To install Arch Linux, you will need to manually mount the created partitions on to the live system to install the necessary programs. You would need to mount "/dev/<root partition>" on to "/mnt" to install the system programs and you will also need to mount "/dev/<EFI partition>" on to "/mnt/boot" to be able to boot. The "/mnt" directory will become the new root directory once the installation is finished. Files located at "/mnt/var" in the live environment will be at "/var" on the new system. 

Mounting encrypted partition

If you encrypted your root partition you would need to mount "/dev/mapper/root" to "/mnt". If you created a separate home partition and is also encrypted you would need to mount it to its corresponding mounting point. each encrypted partition will need its own passphrase 1.

1 If you got an encrypted root and home partitions you will need to type 2 passphrase to actually use your system.

Pacstrap

Pacstrap is a script which you will need to install the base system, Linux kernel 1, and the kernel's firmware. The pacstrap is essentially the "pacman" command but installs packages to a different root partition. The script can also be used to install programs into the new root partition. It is a good idea to install a text editor when you run this command because it will make life easier later. 

1 There are different kernels officially supported by Arch Linux. 

Linux kernels

There are 4 variants of the Linux kernel. The "Stable kernel" is the main vanilla Linux kernel. The "Hardened kernel" is more security orientated and mitigates exploits better. The "Long term kernel" is aimed at providing long term support (LTS). The LTS kernel is better suited for servers and for older hardware.  The "Zen kernel" is optimized for performance and speed.

File system table

The new operating system will need to know where each partition is located and where to mount it. The command "genfstab" will generate a file system table to define where those partitions mount. 

Configuration

This section is not necessary for the installation process 1, however some programs might not work properly without them. To configure the new system you will need to run the "arch-chroot" command on the new root partition "/mnt". Chroot is an important command to keep in mind in case the system breaks in the future. This command will change the root user of the live system into the root user of the new system. Inside the chroot environment you can set up the timezone, locale and networking, but this can be done after installation. One thing you should do in the chroot environment is setting up the bootloader. You should give the new root user a password using the "passwd" command.

1 If you consider the bootloader unnecessary.

Bootloader

Most guides use GRUB as the bootloader however you can use other bootloaders such as systemd-boot which comes with systemd. A list of bootloaders can be found here. Inside the chroot environment you want to configure the bootloader because you can not boot into the operating system to configure it there (there no bootloader yet!). Setting up the bootloader on a UEFI system will need a package called "efibootmgr" and (obviously) your bootloader of choice. For a GRUB installation, you will want to create a directory inside"/boot" the name doesn't matter (in our example we will use "/boot/efi"). The following sections will assume you are using GRUB. GRUB configuration file is located at "/etc/default/grub" and after editing it you will need to run "grub-install" 1.

1 When running "grub-install" make sure to point it to the efi directory you created earlier.

Bootloader - encrypted system 

The bootloader will need to know which partition is encrypted to it can open it properly. You need to tell GRUB what partition is encrypted using "cryptdevice". You will also need to allow GRUB to boot from a LUKS device.

GRUB_CMDLINE_LINUX="cryptdevice=/dev/<partition>:<virtual device name>"
GRUB_ENABLE_CRYPTODISK="y"

This is an example of what the above lines may look like:

GRUB_CMDLINE_LINUX="cryptdevice=/dev/sda3:crypthome"
GRUB_ENABLE_CRYPTODISK="y"

Bootloader - multibooting

If you have multiple operating systems you will need to run "os-prober" so GRUB can detect other OSes. Also you should enable "GRUB_DISABLE_OS_PROBER" in your GRUB config.

Bootloader - hibernation

To be able to restore from hibernating you will need to add "resume" and point it to your swap partition/file. You should also add it to "GRUB_CMDLINE_LINUX_DEFAULT".

GRUB_CMDLINE_LINUX_DEFAULT="resume=/dev/<location to swap>"
resume=/dev/<location to swap>

Init systems

The most used init system is systemd however many people consider it bloated. Arch Linux uses systemd. Other init systems are openrc, runit, s6, sysvinit, dinit, sinit, epoch, upstart and GNU Shepherd. If you do not wish to use systemd but still want a DIY distribution then consider using an alternative operating system such as Artix Linux, Void Linux, Gentoo Linux, Linux from scratch (LFS) or even a BSD distro.

Post-installation


Desktop Environments

There are many desktop environments (DEs) for Linux and BSD systems. Most commonly used are Gnome and KDE. A DE is just collection of packages which setup the GUI and install some user applications 1 that share a common graphical framework 2 to reduce bloat and graphical inconsistency. All DEs install with a window manager however you can install a window manager without installing a DE. A list of all DEs can be found here and for officially supported DEs on Arch Linux here. The Arch Linux wiki has a desktop environment comparison page.

1 The applications installed vary with each DE but usually include an application center, terminal, file manager, settings application, screenshot utility, text editor, web browser, office suite, and similar applications.

2 The most used Libraries are GTK, QT however others exist such as Enlightenment. More libraries can be found here.

Window Managers

Window managers (WMs) are programs that work with the window server 1 to produce a graphical interface. Window managers control the behavior and appearance of the windows running inside it. There are 3 types of window managers, floating/stacking, tiling, and dynamic. Floating window managers are what Windows and MacOS use. In a floating WM, the windows may overlap other windows. Floating window managers require the mouse to resize and move the windows. Tiling WM is where windows are automatically organized into tiles to maximize the screen real estate. These tiles do not over lap. Tiling window managers are minimal in nature and do not depend on the mouse to move and resize windows. Dynamic window managers are a combination of Floating and tiling WMs. A list of window managers can be found here.

1 The window server usually is either X.Org or Wayland. Other window servers can be found here.

Display Managers

The graphical interface where you login to a specific user is the display manager 1 (DM). From it you can choose which desktop environment or window manager to use. DE tend to ship their own DMs for example, Gnome uses the Gnome Display Manager (GDM) and KDE uses Simple Desktop Display Manager (SDDM). DM are usually graphical but CLI/TUI DMs exist. The Arch Linux wiki has a list of display managers you can use.

1 Also referred to as the login/session manager.

Users

Limiting access to certain commands is needed for good security. You can create a new user account using the command "useradd -g <name>", the "-g" flag is for creating a home directory for that user. You can assign a password to that user using the "passwd" command. Add a user to a group using the "usermod" command. To allow user accounts to elevate their privlages to root, add them to the "wheel" group 1.

1 The "wheel" group isn't necessary for privilege escalation but its widely used. Other groups or manually giving a user privilege also works. More information about the "wheel" group here.

Privilege Escalation

To change the privilege of a user or group you edit the file "/etc/sudoers" using the command "visudo" 1. Other commands commands like "sudo" exists such as "su" and "doas". "su" is the predecessor of "sudo". "doas" is alot simpler than "sudo" also it is significantly smaller in size. The "doas" config is alot nicer and less intimidating than "sudo"'s. I can not recommend "doas" for beginners because "makepkg" fails (requires a patch to work with "doas"). If don't plan on using "makepkg" then replace sudo!

1 Why use "visudo" instead of manually editing the file directly?

Permissions

Files and directories have specific permissions based on certain criteria. Using a command like "ls" 1 we can see the permissions of a file or directory: 

$ ls -l
drwxr-xr-x linux linux 4.0 KB Wed Mar 16 14:15:14 2022 Documents
-rw-r--r-- linux linux 143 B  Thu Nov 11 17:30:07 2021 file.txt
^^^ ^^^ ^^^
│ | |
| | Group.
│ |
| Owner of file/directory.
|
These are the permissions.

To better understand this we will split the sting into 4 smaller strings:


╭───────────────── Tells us if entry is a directory or a file.

│ ╭────────────── Tells us the permission of the file's owner. (Think "Can the owner of this file read/write/execute it?")
│ │
│ │ ╭────────── Tells us the permission of users in the assigned group.
│ │ │
│ │ │ ╭────── Tells us the permission of every other user.
│ │ │ │
d rwx r-x r-x

The letter "r" means read, "w" means write, and "x" means execute. The lack of a letter "-" means no permission is given.

- rwx   r-x   r--
│ │ │
│ │ ╰───── Any other user (not the owner or in the group) can only read the file.
│ │
│ │
│ │
│ ╰─────────── Users in the group can only read and execute the file.



╰───────────────── The owner of this file can read, write and execute it.

Keep in mind that the root user has read, write and execute permissions to everything. This is one of the reasons why using root for everything is dangerous.

1 The command "namei" can be used to follow the path of a file/directory and list permissions of its parent directories.  

Arch User Repository

There are 2 main repositories to install packages from, the official stable repo and the AUR.  The AUR is a collection of user submitted packages while the official repo are selected and verified by the Arch Linux developers and repo maintainers. Since the AUR is based on user submissions, you should inspect the "PKGBUILD" of a program before installing it (in case it is malicious or broken). The are more repositories you can download software from but often it is unneeded and may break package dependencies. List of official and unofficial repositories. Anyone can create a repository, instructions on how to do so can be found here.

AUR helpers

Using an AUR helper is not needed but makes installing packages easier. A list of them can be found here. To manually install an AUR package you should download it from the AUR site and then compile it's "makepkg" after inspecting the "PKGBUILD". A list of AUR helpers can be found on the Arch Linux wiki 1.

1 I have contribuited the one of the AUR helpers, Aura!