jacobpascual/openzfs-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Arch Linux: Multiple fixes

Browse Source 
Signed-off-by: Maurice Zhou <ja@apvc.uk>
This commit is contained in:
Maurice Zhou
2021-02-22 12:24:44 +08:00
committed by Richard Laager
parent 904e7253a2
commit 13271f2467
5 changed files with 468 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

288
docs/Getting Started/Arch Linux/Arch Linux Root on ZFS.rst
View File

@@ -34,7 +34,7 @@ related to this HOWTO, please `file a new issue and mention @ne9z
Contributing
~~~~~~~~~~~~
#. Fork and clone: https://github.com/openzfs/openzfs-docs
#. Fork and clone `this repo <https://github.com/openzfs/openzfs-docs>`__.
#. Install the tools::
@@ -73,21 +73,36 @@ without the passphrase being entered at the console. Performance is
good. As the encryption happens in ZFS, even if multiple disks (mirror
or raidz topologies) are used, the data only has to be encrypted once.
Preinstallation
----------------
Download Arch Linux live image
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Choose a mirror
https://archlinux.org/mirrorlist/all/
`Mirrorlist <https://archlinux.org/mirrorlist/all/>`__
#. Download Feb 2021 build. `File a new issue and mention @ne9z
#. Download Feb 2021 build and signature. `File a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Arch%20Linux%20Root%20on
%20ZFS%20HOWTO:>`__ if it's
no longer available.
https://mirrors.dotsrc.org/archlinux/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso
- `ISO (US mirror) <https://mirrors.ocf.berkeley.edu/archlinux/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso>`__
- `Signature <https://archlinux.org/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso.sig>`__
#. Check live image against signature::
gpg --auto-key-retrieve --verify archlinux-2021.02.01-x86_64.iso.sig
If the file is authentic, output should be the following::
gpg: Signature made Mon 01 Feb 2021 03:23:39 PM UTC
gpg: using RSA key 4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC
gpg: Good signature from "Pierre Schmitz <pierre@archlinux.de>" [unknown]
...
Primary key fingerprint: 4AA4 767B BC9C 4B1D 18AE 28B7 7F2D 434B 9741 E8AC
Ensure ``Good signature`` and last 8 digits are ``9741 E8AC``,
as listed on `Arch Linux Developers <https://archlinux.org/people/developers/#pierre>`__ page.
#. Write the image to a USB drive or an optical disc.
@@ -127,24 +142,18 @@ Prepare the Live Environment
#. Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg
pacman-key -a archzfs.gpg
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Select mirror:
@@ -369,7 +378,7 @@ Create Root and Boot Pools
- Unencrypted::
zpool create \
zpool create \
-o ashift=12 \
-O acltype=posixacl \
-O canmount=off \
@@ -396,7 +405,7 @@ Create Root and Boot Pools
-O xattr=sa \
-O mountpoint=/ \
-R $INST_MNT \
-O encryption=aes-256-gcm \
-O encryption=on \
-O keylocation=prompt \
-O keyformat=passphrase \
rpool_$INST_UUID \
@@ -502,10 +511,6 @@ Create Datasets
#. Optional user data datasets:
If you use /opt on this system::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/opt
If this system will have games installed::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games
@@ -547,7 +552,6 @@ Format and Mount EFI System Partition
If you are using a multi-disk setup, this step will only install
bootloader to the first disk. Other disks will be handled later.
Package Installation
~~~~~~~~~~~~~~~~~~~~
@@ -604,20 +608,20 @@ System Configuration
mkdir -p $INST_MNT/etc/zfs/zfs-list.cache
zfs list -H -t filesystem -o $PROPS -r rpool_$INST_UUID \
> $INST_MNT/etc/zfs/zfs-list.cache/rpool_$INST_UUID
zfs list -H -t filesystem -o $PROPS -r rpool_$INST_UUID > $INST_MNT/etc/zfs/zfs-list.cache/rpool_$INST_UUID
sed -Ei "s|$INST_MNT/?|/|" $INST_MNT/etc/zfs/zfs-list.cache/*
#. Generate fstab::
echo bpool_$INST_UUID/BOOT/default /boot zfs rw,xattr,posixacl 0 0 >> $INST_MNT/etc/fstab
echo UUID=$(blkid -s UUID -o value ${DISK}-part1) /boot/efi vfat umask=0022,fmask=0022,dmask=0022 0 1 >> $INST_MNT/etc/fstab
echo bpool_$INST_UUID/BOOT/default /boot zfs rw,xattr,posixacl 0 0 >> $INST_MNT/etc/fstab
echo UUID=$(blkid -s UUID -o value ${DISK}-part1) /boot/efi vfat \
x-systemd.idle-timeout=1min,x-systemd.automount,noauto,umask=0022,fmask=0022,dmask=0022 0 1 >> $INST_MNT/etc/fstab
If a swap partition has been created::
echo crypt-swap ${DISK}-part4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 >> $INST_MNT/etc/crypttab
echo /dev/mapper/crypt-swap none swap defaults 0 0 >> $INST_MNT/etc/fstab
echo crypt-swap ${DISK}-part4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 >> $INST_MNT/etc/crypttab
echo /dev/mapper/crypt-swap none swap defaults 0 0 >> $INST_MNT/etc/fstab
#. Configure mkinitcpio::
@@ -660,21 +664,6 @@ System Configuration
ln -sf $INST_TZ $INST_MNT/etc/localtime
hwclock --systohc
#. archzfs repository::
tee -a $INST_MNT/etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a $INST_MNT/etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
#. Locale::
echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen
@@ -690,6 +679,21 @@ System Configuration
locale-gen
#. Import keys of archzfs repository::
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Enable networking::
systemctl enable systemd-networkd systemd-resolved
@@ -701,7 +705,7 @@ System Configuration
#. Generate zpool.cache
Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``.
This cache file will be embedded in ``initramfs``.
This cache file will be embedded in initramfs.
::
@@ -723,29 +727,34 @@ Currently GRUB has multiple compatibility problems with ZFS,
especially with regards to newer ZFS features.
Workarounds have to be applied.
grub-probe fails to get canonical path of root partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
grub-probe fails to get canonical path
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Solution::
echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile
source /etc/profile
**Notes:**
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Pool name missing if the pool has unsupported features
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pool name missing
~~~~~~~~~~~~~~~~~
See `this bug report <https://savannah.gnu.org/bugs/?59614>`__.
Root pool name is missing from ``root=ZFS=rpool/ROOT/default``
in generated ``grub.cfg`` file.
A workaround is to replace the pool name detection with ``zdb``
command::
sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux
If you forgot to apply this workaround and
followed this guide to use ``rpool_$INST_UUID`` and ``bpool_$INST_UUID``,
``$INST_UUID`` can be found out with `Load grub.cfg in GRUB command line`_.
GRUB Installation
~~~~~~~~~~~~~~~~~
@@ -768,7 +777,11 @@ GRUB Installation
grub-install $DISK
If this is a multi-disk setup,
install to other disks as well.
install to other disks as well::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Generate GRUB Boot Menu
~~~~~~~~~~~~~~~~~~~~~~~
@@ -804,38 +817,24 @@ After Reboot
------------
Mirror EFI System Partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Format redundant EFI partitions::
mkfs.vfat -n EFI2 /dev/disk/by-id/target_disk2-part1
mkfs.vfat -n EFI3 /dev/disk/by-id/target_disk3-part1
#. Check disk name::
#. Create mountpoints::
ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
mkdir -p /boot/efis/{2,3}
#. Mirror EFI ssystem partition::
#. Mount redundant EFI partitions::
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk2-part1 /boot/efis/2
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk3-part1 /boot/efis/3
#. Add fstab entries::
pacman -S --needed arch-install-scripts rsync
genfstab / | grep efis >> /etc/fstab
#. Sync EFI system partition contents::
for i in /boot/efis/*; do
/usr/bin/rsync -a /boot/efi/ $i/
done
#. Add EFI boot entries::
efibootmgr -cgd /dev/disk/by-id/target_disk2-part1 \
-p 1 -L "arch-2" -l "\EFI\arch\grubx64.efi"
efibootmgr -cgd /dev/disk/by-id/target_disk3-part1 \
-p 1 -L "arch-3" -l "\EFI\arch\grubx64.efi"
for i in {target_disk2,target_disk3}; do
mkfs.vfat /dev/disk/by-id/$i-part1
mkdir -p /boot/efis/$i
echo UUID=$(blkid -s UUID -o value /dev/disk/by-id/$i-part1) /boot/efis/$i vfat \
x-systemd.idle-timeout=1min,x-systemd.automount,noauto,umask=0022,fmask=0022,dmask=0022 \
0 1 >> /etc/fstab
mount /boot/efis/$i
cp -r /boot/efi/EFI/ /boot/efis/$i
efibootmgr -cgp 1 -l "\EFI\arch\grubx64.efi" \
-L "arch-$i" -d /dev/disk/by-id/$i-part1
done
#. Create a service to monitor and sync EFI partitions::
@@ -856,15 +855,106 @@ Mirror EFI System Partition
[Service]
Type=oneshot
ExecStart=/usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/rsync -a /boot/efi/ $i/; done'
ExecStart=/usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/cp -r /boot/efi/EFI/ $i/; done'
EOF
systemctl enable --now efis-sync.path
#. If EFI system partition failed, promote one backup
to ``/boot/efi`` by editing ``/etc/fstab``.
Mirror BIOS boot sector
~~~~~~~~~~~~~~~~~~~~~~~
This need to be manually applied when GRUB is updated.
#. Check disk name::
ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
#. Install GRUB to every disk::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Change encryption method
~~~~~~~~~~~~~~~~~~~~~~~~
By default the root pool is encrypted with a key file,
created at installation.
Password
^^^^^^^^
After installation, encryption by password can be enabled with::
zfs change-key -l -o keylocation=prompt -o keyformat=passphrase rpool_$INST_UUID
See ``man 8 zfs-change-key``.
If password is enabled, the system will require this password to boot.
Password can be entered locally with keyboard or remotely with SSH.
Supply password with SSH
^^^^^^^^^^^^^^^^^^^^^^^^
#. Install mkinitcpio tools::
pacman -S mkinitcpio-netconf mkinitcpio-dropbear
#. Store authorized keys in ``/etc/dropbear/root_key``::
vi /etc/dropbear/root_key
Note that dropbear only supports RSA keys.
#. Edit mkinitcpio::
tee /etc/mkinitcpio.conf <<- 'EOF'
HOOKS=(base udev autodetect modconf block keyboard netconf dropbear zfsencryptssh zfs filesystems)
EOF
#. Add ``ip=`` to kernel command line::
# example DHCP
echo 'GRUB_CMDLINE_LINUX="ip=::::::dhcp"' >> /etc/default/grub
Details for ``ip=`` can be found at
`here <https://www.kernel.org/doc/html/latest/admin-guide/nfs/nfsroot.html#kernel-command-line>`__.
#. If using OpenSSH as SSH server, convert host keys to PEM format::
for i in {rsa,dsa,ecdsa,ed25519}; do
ssh-keygen -p -m PEM -f /etc/ssh/ssh_host_${i}_key -qN ""
done
#. Regenerate initramfs::
mkinitcpio -P
#. Update GRUB menu::
grub-mkconfig -o /boot/grub/grub.cfg
Key file
^^^^^^^^
You can also set a new key file for root pool and
store the key file on an external drive::
zfs change-key -l -o keylocation=file:///path/to/keyfile -o keyformat=raw rpool_$INST_UUID
Boot Environment Manager
~~~~~~~~~~~~~~~~~~~~~~~~
Optional: install ``rozb3-pac`` pacman hook and ``bieaz`` from AUR to
create boot environments.
Optional: install
`rozb3-pac <https://gitlab.com/m_zhou/rozb3-pac/-/releases>`__
pacman hook and
`bieaz <https://gitlab.com/m_zhou/bieaz/-/releases>`__
from AUR to create boot environments.
Prebuilt packages are also available
in the links above.
Post installation
~~~~~~~~~~~~~~~~~
@@ -939,8 +1029,9 @@ Following are the steps to load the correct ``grub.cfg``,
Rescue in Live Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Repeat `Prepare the Live Environment
<#prepare-the-live-environment>`__.
#. `Download Arch Linux live image <#download-arch-linux-live-image>`__.
#. `Prepare the Live Environment <#prepare-the-live-environment>`__.
#. Check the ``INST_UUID`` with ``zpool import``.
@@ -948,17 +1039,28 @@ Rescue in Live Environment
INST_MNT=$(mktemp -d)
INST_UUID=abc123
RPOOL_PWD='rootpool'
#. If using other keyfile::
KEYFILE=/path/to/keyfile
#. Import and unlock root and boot pool::
zpool import -N -R $INST_MNT rpool_$INST_UUID
zpool import -N -R $INST_MNT bpool_$INST_UUID
echo $RPOOL_PWD | zfs load-key rpool_$INST_UUID
If using password::
zfs load-key rpool_$INST_UUID
If using keyfile::
zfs load-key -L file://$KEYFILE rpool_$INST_UUID
#. Find the current boot environment::
zfs list
BE=default
#. Mount boot and root filesystem::

276
docs/Getting Started/Arch Linux/Artix Linux Root on ZFS.rst
View File

@@ -38,7 +38,7 @@ related to this HOWTO, please `file a new issue and mention @ne9z
Contributing
~~~~~~~~~~~~
#. Fork and clone: https://github.com/openzfs/openzfs-docs
#. Fork and clone `this repo <https://github.com/openzfs/openzfs-docs>`__.
#. Install the tools::
@@ -88,14 +88,30 @@ Change the service commands to the equivalent commands.
#. Choose a mirror:
https://artixlinux.org/download.php
`Mirrorlist <https://artixlinux.org/download.php>`__
#. Download January 2021 build. `File a new issue and mention @ne9z
#. Download January 2021 build and signature. `File a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Artix%20Linux%20Root%20on
%20ZFS%20HOWTO:>`__ if it's
no longer available.
https://eu-mirror.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso
- `ISO (US mirror) <https://iso.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso>`__
- `Signature <https://iso.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso.sig>`__
#. Check live image against signature::
gpg --auto-key-retrieve --verify artix-base-openrc-20210101-x86_64.iso.sig
If the file is authentic, output should be the following::
gpg: Signature made Sun 03 Jan 2021 09:30:42 PM UTC
gpg: using RSA key A574A1915CEDE31A3BFF5A68606520ACB886B428
gpg: Good signature from "Christos Nouskas <nous@artixlinux.org>" [unknown]
...
Primary key fingerprint: A574 A191 5CED E31A 3BFF 5A68 6065 20AC B886 B428
Ensure ``Good signature`` and last 8 digits are ``B886 B428``,
as listed on `Artix Linux Download <https://artixlinux.org/download.php>`__ page.
#. Write the image to a USB drive or an optical disc.
@@ -145,9 +161,8 @@ Prepare the Live Environment
#. Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg
pacman-key -a archzfs.gpg
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
@@ -155,14 +170,9 @@ Prepare the Live Environment
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Select mirror:
@@ -366,7 +376,7 @@ Create Root and Boot Pools
- Unencrypted::
zpool create \
zpool create \
-o ashift=12 \
-O acltype=posixacl \
-O canmount=off \
@@ -393,7 +403,7 @@ Create Root and Boot Pools
-O xattr=sa \
-O mountpoint=/ \
-R $INST_MNT \
-O encryption=aes-256-gcm \
-O encryption=on \
-O keylocation=prompt \
-O keyformat=passphrase \
rpool_$INST_UUID \
@@ -499,10 +509,6 @@ Create Datasets
#. Optional user data datasets:
If you use /opt on this system::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/opt
If this system will have games installed::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games
@@ -567,10 +573,13 @@ Package Installation
Visit OpenZFS release page::
curl https://github.com/openzfs/zfs/releases/zfs-${DKMS_VER} \
curl -L https://github.com/openzfs/zfs/raw/zfs-${DKMS_VER}/META \
| grep Linux
# Linux: compatible with 3.10 - 5.10 kernels
echo $INST_LINVER
# Linux-Maximum: 5.10
# Linux-Minimum: 3.10
# compare with the output of the following command
echo ${INST_LINVER%%-*}
# 5.10.17 # supported
If the kernel is supported:
@@ -585,7 +594,7 @@ Package Installation
DKMS_DATE=$(pacman -Syi zfs-dkms \
| grep 'Build Date' \
| sed 's/.*: //' \
| LC_ALL=C xargs -i{} date -d {} +%Y/%m/%d)
| LC_ALL=C xargs -i{} date -d {} -u +%Y/%m/%d)
- Check kernel version::
@@ -668,21 +677,6 @@ System Configuration
ln -sf $INST_TZ $INST_MNT/etc/localtime
hwclock --systohc
#. archzfs repository::
tee -a $INST_MNT/etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a $INST_MNT/etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
#. Locale::
echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen
@@ -714,10 +708,28 @@ System Configuration
rc-update add zfs-mount boot
Other ZFS services, such as ``zed``
can be ported from ``/usr/lib/systemd/system/zfs*``.
#. Apply locales::
locale-gen
#. Import keys of archzfs repository::
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Enable networking::
rc-update add connmand default
@@ -725,7 +737,7 @@ System Configuration
#. Generate zpool.cache
Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``.
This cache file will be embedded in ``initramfs``.
This cache file will be embedded in initramfs.
::
@@ -747,29 +759,34 @@ Currently GRUB has multiple compatibility problems with ZFS,
especially with regards to newer ZFS features.
Workarounds have to be applied.
grub-probe fails to get canonical path of root partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
grub-probe fails to get canonical path
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Solution::
echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile
source /etc/profile
**Notes:**
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Pool name missing if the pool has unsupported features
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Pool name missing
~~~~~~~~~~~~~~~~~
See `this bug report <https://savannah.gnu.org/bugs/?59614>`__.
Root pool name is missing from ``root=ZFS=rpool/ROOT/default``
in generated ``grub.cfg`` file.
A workaround is to replace the pool name detection with ``zdb``
command::
sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux
If you forgot to apply this workaround and
followed this guide to use ``rpool_$INST_UUID`` and ``bpool_$INST_UUID``,
``$INST_UUID`` can be found out with `Load grub.cfg in GRUB command line`_.
GRUB Installation
~~~~~~~~~~~~~~~~~
@@ -792,7 +809,11 @@ GRUB Installation
grub-install $DISK
If this is a multi-disk setup,
install to other disks as well.
install to other disks as well::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Generate GRUB Boot Menu
~~~~~~~~~~~~~~~~~~~~~~~
@@ -829,43 +850,126 @@ After Reboot
Mirror EFI System Partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Format redundant EFI partitions::
#. Check disk name::
mkfs.vfat -n EFI2 /dev/disk/by-id/target_disk2-part1
mkfs.vfat -n EFI3 /dev/disk/by-id/target_disk3-part1
ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
#. Create mountpoints::
#. Mirror EFI ssystem partition::
mkdir -p /boot/efis/{2,3}
for i in {target_disk2,target_disk3}; do
mkfs.vfat /dev/disk/by-id/$i-part1
mkdir -p /boot/efis/$i
echo UUID=$(blkid -s UUID -o value /dev/disk/by-id/$i-part1) /boot/efis/$i vfat \
umask=0022,fmask=0022,dmask=0022 0 1 >> /etc/fstab
mount /boot/efis/$i
cp -r /boot/efi/EFI/ /boot/efis/$i
efibootmgr -cgp 1 -l "\EFI\artix\grubx64.efi" \
-L "artix-$i" -d /dev/disk/by-id/$i-part1
done
#. Mount redundant EFI partitions::
#. Enable cron and set up cron job to sync EFI system partition contents::
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk2-part1 /boot/efis/2
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk3-part1 /boot/efis/3
rc-update add cronie default
crontab -u root -e
# @hourly /usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/cp -r /boot/efi/EFI/ $i/; done'
#. Add fstab entries::
Alternatively, monitor ``/boot/efi/EFI/artix`` with ``inotifywait``.
pacman -S --needed artools-base rsync
#. If EFI system partition failed, promote one backup
to ``/boot/efi`` by editing ``/etc/fstab``.
fstabgen / | grep efis >> /etc/fstab
Mirror BIOS boot sector
~~~~~~~~~~~~~~~~~~~~~~~
#. Sync EFI system partition contents::
This need to be manually applied when GRUB is updated.
for i in /boot/efis/*; do
/usr/bin/rsync -a /boot/efi/ $i/
done
#. Check disk name::
#. Add EFI boot entries::
ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
efibootmgr -cgd /dev/disk/by-id/target_disk2-part1 \
-p 1 -L "artix-2" -l "\EFI\arch\grubx64.efi"
efibootmgr -cgd /dev/disk/by-id/target_disk3-part1 \
-p 1 -L "artix-3" -l "\EFI\arch\grubx64.efi"
#. Install GRUB to every disk::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Change encryption method
~~~~~~~~~~~~~~~~~~~~~~~~
By default the root pool is encrypted with a key file,
created at installation.
Password
^^^^^^^^
After installation, encryption by password can be enabled with::
zfs change-key -l -o keylocation=prompt -o keyformat=passphrase rpool_$INST_UUID
See ``man 8 zfs-change-key``.
If password is enabled, the system will require this password to boot.
Password can be entered locally with keyboard or remotely with SSH.
Supply password with SSH
^^^^^^^^^^^^^^^^^^^^^^^^
#. Install mkinitcpio tools::
pacman -S mkinitcpio-netconf mkinitcpio-dropbear
#. Store authorized keys in ``/etc/dropbear/root_key``::
vi /etc/dropbear/root_key
Note that dropbear only supports RSA keys.
#. Edit mkinitcpio::
tee /etc/mkinitcpio.conf <<- 'EOF'
HOOKS=(base udev autodetect modconf block keyboard netconf dropbear zfsencryptssh zfs filesystems)
EOF
#. Add ``ip=`` to kernel command line::
# example DHCP
echo 'GRUB_CMDLINE_LINUX="ip=::::::dhcp"' >> /etc/default/grub
Details for ``ip=`` can be found at
`here <https://www.kernel.org/doc/html/latest/admin-guide/nfs/nfsroot.html#kernel-command-line>`__.
#. If using OpenSSH as SSH server, convert host keys to PEM format::
for i in {rsa,dsa,ecdsa,ed25519}; do
ssh-keygen -p -m PEM -f /etc/ssh/ssh_host_${i}_key -qN ""
done
#. Regenerate initramfs::
mkinitcpio -P
#. Update GRUB menu::
grub-mkconfig -o /boot/grub/grub.cfg
Key file
^^^^^^^^
You can also set a new key file for root pool and
store the key file on an external drive::
zfs change-key -l -o keylocation=file:///path/to/keyfile -o keyformat=raw rpool_$INST_UUID
Boot Environment Manager
~~~~~~~~~~~~~~~~~~~~~~~~
Optional: install ``rozb3-pac`` pacman hook and ``bieaz`` from AUR to
create boot environments.
Optional: install
`rozb3-pac <https://gitlab.com/m_zhou/rozb3-pac/-/releases>`__
pacman hook and
`bieaz <https://gitlab.com/m_zhou/bieaz/-/releases>`__
from AUR to create boot environments.
Prebuilt packages are also available
in the links above.
Post installation
~~~~~~~~~~~~~~~~~
@@ -940,8 +1044,9 @@ Following are the steps to load the correct ``grub.cfg``,
Rescue in Live Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Repeat `Prepare the Live Environment
<#prepare-the-live-environment>`__.
#. `Download Artix Linux live image <#download-artix-linux-live-image>`__.
#. `Prepare the Live Environment <#prepare-the-live-environment>`__.
#. Check the ``INST_UUID`` with ``zpool import``.
@@ -949,17 +1054,28 @@ Rescue in Live Environment
INST_MNT=$(mktemp -d)
INST_UUID=abc123
RPOOL_PWD='rootpool'
#. If using other keyfile::
KEYFILE=/path/to/keyfile
#. Import and unlock root and boot pool::
zpool import -N -R $INST_MNT rpool_$INST_UUID
zpool import -N -R $INST_MNT bpool_$INST_UUID
echo $RPOOL_PWD | zfs load-key rpool_$INST_UUID
If using password::
zfs load-key rpool_$INST_UUID
If using keyfile::
zfs load-key -L file://$KEYFILE rpool_$INST_UUID
#. Find the current boot environment::
zfs list
BE=default
#. Mount boot and root filesystem::
@@ -967,7 +1083,7 @@ Rescue in Live Environment
#. chroot into the system::
artix-chroot $INST_MNT /bin/bash --login
arch-chroot $INST_MNT /bin/bash --login
mount /boot
mount /boot/efi
zfs mount -a

1
docs/Getting Started/Arch Linux/archzfs/key-id Normal file
View File

@@ -0,0 +1 @@
DDF7DB817396A49B2A2723F7403BD972F75D9D76

12
docs/Getting Started/Arch Linux/archzfs/mirrorlist-archzfs Normal file
View File

@@ -0,0 +1,12 @@
## France
Server = https://archzfs.com/$repo/$arch
## Germany
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
## India
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
## United States
Server = https://zxcvfdsa.com/archzfs/$repo/$arch

87
docs/Getting Started/Arch Linux/index.rst
View File

@@ -6,6 +6,15 @@ Arch Linux
.. contents:: Table of Contents
:local:
Support
-------
If you need help, reach out to the community using the :ref:`mailing_lists` or IRC at
`#zfsonlinux <irc://irc.freenode.net/#zfsonlinux>`__ on `freenode
<https://freenode.net/>`__. If you have a bug report or feature request
related to this HOWTO, please `file a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20I%20have%20the%20following%20issue%20with%20the%20Arch%20Linux%20ZFS%20HOWTO:>`__.
Installation
------------
@@ -19,31 +28,38 @@ ZFS packages are provided by the third-party
`archzfs repository <https://github.com/archzfs/archzfs>`__.
You can use it as follows.
Import archzfs GPG key::
Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg
pacman-key -a archzfs.gpg
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
Add the archzfs repository::
Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
Update pacman database::
pacman -Sy
testing repo
^^^^^^^^^^^^
Testing repo provides newer packages than stable repo,
but may contain unknown bugs.
Use at your own risk::
tee -a /etc/pacman.conf <<- 'EOF'
# uncomment if you really want to use testing
#[archzfs-testing]
#Include = /etc/pacman.d/mirrorlist-archzfs
EOF
archzfs package
~~~~~~~~~~~~~~~
@@ -94,10 +110,13 @@ Check zfs-dkms package version::
Visit OpenZFS release page ::
curl https://github.com/openzfs/zfs/releases/zfs-${DKMS_VER} \
curl -L https://github.com/openzfs/zfs/raw/zfs-${DKMS_VER}/META \
| grep Linux
# Linux: compatible with 3.10 - 5.10 kernels
echo $INST_LINVER
# Linux-Maximum: 5.10
# Linux-Minimum: 3.10
# compare with the output of the following command
echo ${INST_LINVER%%-*}
# 5.10.17 # supported
If it's not supported, see `Install zfs-dkms compatible kernel`_.
Otherwise, continue to next step.
@@ -135,7 +154,7 @@ Install kernels available when the package was built. Check build date::
DKMS_DATE=$(pacman -Syi zfs-dkms \
| grep 'Build Date' \
| sed 's/.*: //' \
| LC_ALL=C xargs -i{} date -d {} +%Y/%m/%d)
| LC_ALL=C xargs -i{} date -d {} -u +%Y/%m/%d)
Check kernel version::
@@ -178,6 +197,25 @@ If compatible, update kernel and headers with::
Do not update if the kernel is not compatible
with OpenZFS.
-git packages
~~~~~~~~~~~~~
Normal packages are built from
`latest OpenZFS stable release <https://github.com/openzfs/zfs/releases/latest>`__
which may not contain the newest features.
``-git`` packages are directly built from
`OpenZFS master branch <https://github.com/openzfs/zfs/commits/master>`__,
which may contain unknown bugs.
To use ``-git`` packages, attach ``-git`` suffix to package names, example::
# zfs-dkms
zfs-dkms-git
# zfs-${INST_LINVAR}
zfs-${INST_LINVAR}-git
Check Live Image Compatibility
------------------------------
Choose a mirror::
@@ -204,9 +242,12 @@ Check latest archzfs package version::
# zfs-dkms-2.0.1-1-x86_64.pkg.tar.zst
# zfs-linux-2.0.1_5.10.10.arch1.1-1-x86_64.pkg.tar.zst
Visit OpenZFS release page https://github.com/openzfs/zfs/releases/tag/zfs-2.0.1::
Visit OpenZFS release page::
# Linux: compatible with 3.10 - 5.10 kernels
curl -L https://github.com/openzfs/zfs/raw/zfs-2.0.1/META \
| grep Linux
# Linux-Maximum: 5.10
# Linux-Minimum: 3.10
- If compatible, download the latest live image::