jacobpascual/openzfs-docs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Arch Linux: Multiple fixes

Browse Source 
Signed-off-by: Maurice Zhou <ja@apvc.uk>
This commit is contained in:
Maurice Zhou
2021-02-22 12:24:44 +08:00
committed by Richard Laager
parent 904e7253a2
commit 13271f2467
5 changed files with 468 additions and 196 deletions
Download Patch File Download Diff File Expand all files Collapse all files

288
docs/Getting Started/Arch Linux/Arch Linux Root on ZFS.rst
View File

@@ -34,7 +34,7 @@ related to this HOWTO, please `file a new issue and mention @ne9z
Contributing Contributing
~~~~~~~~~~~~ ~~~~~~~~~~~~
#. Fork and clone: https://github.com/openzfs/openzfs-docs #. Fork and clone `this repo <https://github.com/openzfs/openzfs-docs>`__.
#. Install the tools:: #. Install the tools::
@@ -73,21 +73,36 @@ without the passphrase being entered at the console. Performance is
good. As the encryption happens in ZFS, even if multiple disks (mirror good. As the encryption happens in ZFS, even if multiple disks (mirror
or raidz topologies) are used, the data only has to be encrypted once. or raidz topologies) are used, the data only has to be encrypted once.
Preinstallation Preinstallation
---------------- ----------------
Download Arch Linux live image Download Arch Linux live image
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Choose a mirror #. Choose a mirror
https://archlinux.org/mirrorlist/all/ `Mirrorlist <https://archlinux.org/mirrorlist/all/>`__
#. Download Feb 2021 build. `File a new issue and mention @ne9z #. Download Feb 2021 build and signature. `File a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Arch%20Linux%20Root%20on <https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Arch%20Linux%20Root%20on
%20ZFS%20HOWTO:>`__ if it's %20ZFS%20HOWTO:>`__ if it's
no longer available. no longer available.
https://mirrors.dotsrc.org/archlinux/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso - `ISO (US mirror) <https://mirrors.ocf.berkeley.edu/archlinux/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso>`__
- `Signature <https://archlinux.org/iso/2021.02.01/archlinux-2021.02.01-x86_64.iso.sig>`__
#. Check live image against signature::
gpg --auto-key-retrieve --verify archlinux-2021.02.01-x86_64.iso.sig
If the file is authentic, output should be the following::
gpg: Signature made Mon 01 Feb 2021 03:23:39 PM UTC
gpg: using RSA key 4AA4767BBC9C4B1D18AE28B77F2D434B9741E8AC
gpg: Good signature from "Pierre Schmitz <pierre@archlinux.de>" [unknown]
...
Primary key fingerprint: 4AA4 767B BC9C 4B1D 18AE 28B7 7F2D 434B 9741 E8AC
Ensure ``Good signature`` and last 8 digits are ``9741 E8AC``,
as listed on `Arch Linux Developers <https://archlinux.org/people/developers/#pierre>`__ page.
#. Write the image to a USB drive or an optical disc. #. Write the image to a USB drive or an optical disc.
@@ -127,24 +142,18 @@ Prepare the Live Environment
#. Import keys of archzfs repository:: #. Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
pacman-key -a archzfs.gpg curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
#. Add archzfs repository:: #. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF' tee -a /etc/pacman.conf <<- 'EOF'
[archzfs] [archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Select mirror: #. Select mirror:
@@ -369,7 +378,7 @@ Create Root and Boot Pools
- Unencrypted:: - Unencrypted::
zpool create \ zpool create \
-o ashift=12 \ -o ashift=12 \
-O acltype=posixacl \ -O acltype=posixacl \
-O canmount=off \ -O canmount=off \
@@ -396,7 +405,7 @@ Create Root and Boot Pools
-O xattr=sa \ -O xattr=sa \
-O mountpoint=/ \ -O mountpoint=/ \
-R $INST_MNT \ -R $INST_MNT \
-O encryption=aes-256-gcm \ -O encryption=on \
-O keylocation=prompt \ -O keylocation=prompt \
-O keyformat=passphrase \ -O keyformat=passphrase \
rpool_$INST_UUID \ rpool_$INST_UUID \
@@ -502,10 +511,6 @@ Create Datasets
#. Optional user data datasets: #. Optional user data datasets:
If you use /opt on this system::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/opt
If this system will have games installed:: If this system will have games installed::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games
@@ -547,7 +552,6 @@ Format and Mount EFI System Partition
If you are using a multi-disk setup, this step will only install If you are using a multi-disk setup, this step will only install
bootloader to the first disk. Other disks will be handled later. bootloader to the first disk. Other disks will be handled later.
Package Installation Package Installation
~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~
@@ -604,20 +608,20 @@ System Configuration
mkdir -p $INST_MNT/etc/zfs/zfs-list.cache mkdir -p $INST_MNT/etc/zfs/zfs-list.cache
zfs list -H -t filesystem -o $PROPS -r rpool_$INST_UUID \ zfs list -H -t filesystem -o $PROPS -r rpool_$INST_UUID > $INST_MNT/etc/zfs/zfs-list.cache/rpool_$INST_UUID
> $INST_MNT/etc/zfs/zfs-list.cache/rpool_$INST_UUID
sed -Ei "s|$INST_MNT/?|/|" $INST_MNT/etc/zfs/zfs-list.cache/* sed -Ei "s|$INST_MNT/?|/|" $INST_MNT/etc/zfs/zfs-list.cache/*
#. Generate fstab:: #. Generate fstab::
echo bpool_$INST_UUID/BOOT/default /boot zfs rw,xattr,posixacl 0 0 >> $INST_MNT/etc/fstab echo bpool_$INST_UUID/BOOT/default /boot zfs rw,xattr,posixacl 0 0 >> $INST_MNT/etc/fstab
echo UUID=$(blkid -s UUID -o value ${DISK}-part1) /boot/efi vfat umask=0022,fmask=0022,dmask=0022 0 1 >> $INST_MNT/etc/fstab echo UUID=$(blkid -s UUID -o value ${DISK}-part1) /boot/efi vfat \
x-systemd.idle-timeout=1min,x-systemd.automount,noauto,umask=0022,fmask=0022,dmask=0022 0 1 >> $INST_MNT/etc/fstab
If a swap partition has been created:: If a swap partition has been created::
echo crypt-swap ${DISK}-part4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 >> $INST_MNT/etc/crypttab echo crypt-swap ${DISK}-part4 /dev/urandom swap,cipher=aes-cbc-essiv:sha256,size=256 >> $INST_MNT/etc/crypttab
echo /dev/mapper/crypt-swap none swap defaults 0 0 >> $INST_MNT/etc/fstab echo /dev/mapper/crypt-swap none swap defaults 0 0 >> $INST_MNT/etc/fstab
#. Configure mkinitcpio:: #. Configure mkinitcpio::
@@ -660,21 +664,6 @@ System Configuration
ln -sf $INST_TZ $INST_MNT/etc/localtime ln -sf $INST_TZ $INST_MNT/etc/localtime
hwclock --systohc hwclock --systohc
#. archzfs repository::
tee -a $INST_MNT/etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a $INST_MNT/etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
#. Locale:: #. Locale::
echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen
@@ -690,6 +679,21 @@ System Configuration
locale-gen locale-gen
#. Import keys of archzfs repository::
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Enable networking:: #. Enable networking::
systemctl enable systemd-networkd systemd-resolved systemctl enable systemd-networkd systemd-resolved
@@ -701,7 +705,7 @@ System Configuration
#. Generate zpool.cache #. Generate zpool.cache
Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``. Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``.
This cache file will be embedded in ``initramfs``. This cache file will be embedded in initramfs.
:: ::
@@ -723,29 +727,34 @@ Currently GRUB has multiple compatibility problems with ZFS,
especially with regards to newer ZFS features. especially with regards to newer ZFS features.
Workarounds have to be applied. Workarounds have to be applied.
grub-probe fails to get canonical path of root partition grub-probe fails to get canonical path
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Solution:: Solution::
echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile
source /etc/profile source /etc/profile
**Notes:** Pool name missing
~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Pool name missing if the pool has unsupported features
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
See `this bug report <https://savannah.gnu.org/bugs/?59614>`__. See `this bug report <https://savannah.gnu.org/bugs/?59614>`__.
Root pool name is missing from ``root=ZFS=rpool/ROOT/default``
in generated ``grub.cfg`` file.
A workaround is to replace the pool name detection with ``zdb`` A workaround is to replace the pool name detection with ``zdb``
command:: command::
sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux
If you forgot to apply this workaround and
followed this guide to use ``rpool_$INST_UUID`` and ``bpool_$INST_UUID``,
``$INST_UUID`` can be found out with `Load grub.cfg in GRUB command line`_.
GRUB Installation GRUB Installation
~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~
@@ -768,7 +777,11 @@ GRUB Installation
grub-install $DISK grub-install $DISK
If this is a multi-disk setup, If this is a multi-disk setup,
install to other disks as well. install to other disks as well::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Generate GRUB Boot Menu Generate GRUB Boot Menu
~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
@@ -804,38 +817,24 @@ After Reboot
------------ ------------
Mirror EFI System Partition Mirror EFI System Partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Format redundant EFI partitions::
mkfs.vfat -n EFI2 /dev/disk/by-id/target_disk2-part1 #. Check disk name::
mkfs.vfat -n EFI3 /dev/disk/by-id/target_disk3-part1
#. Create mountpoints:: ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
mkdir -p /boot/efis/{2,3} #. Mirror EFI ssystem partition::
#. Mount redundant EFI partitions:: for i in {target_disk2,target_disk3}; do
mkfs.vfat /dev/disk/by-id/$i-part1
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk2-part1 /boot/efis/2 mkdir -p /boot/efis/$i
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk3-part1 /boot/efis/3 echo UUID=$(blkid -s UUID -o value /dev/disk/by-id/$i-part1) /boot/efis/$i vfat \
x-systemd.idle-timeout=1min,x-systemd.automount,noauto,umask=0022,fmask=0022,dmask=0022 \
#. Add fstab entries:: 0 1 >> /etc/fstab
mount /boot/efis/$i
pacman -S --needed arch-install-scripts rsync cp -r /boot/efi/EFI/ /boot/efis/$i
efibootmgr -cgp 1 -l "\EFI\arch\grubx64.efi" \
genfstab / | grep efis >> /etc/fstab -L "arch-$i" -d /dev/disk/by-id/$i-part1
done
#. Sync EFI system partition contents::
for i in /boot/efis/*; do
/usr/bin/rsync -a /boot/efi/ $i/
done
#. Add EFI boot entries::
efibootmgr -cgd /dev/disk/by-id/target_disk2-part1 \
-p 1 -L "arch-2" -l "\EFI\arch\grubx64.efi"
efibootmgr -cgd /dev/disk/by-id/target_disk3-part1 \
-p 1 -L "arch-3" -l "\EFI\arch\grubx64.efi"
#. Create a service to monitor and sync EFI partitions:: #. Create a service to monitor and sync EFI partitions::
@@ -856,15 +855,106 @@ Mirror EFI System Partition
[Service] [Service]
Type=oneshot Type=oneshot
ExecStart=/usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/rsync -a /boot/efi/ $i/; done' ExecStart=/usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/cp -r /boot/efi/EFI/ $i/; done'
EOF EOF
systemctl enable --now efis-sync.path systemctl enable --now efis-sync.path
#. If EFI system partition failed, promote one backup
to ``/boot/efi`` by editing ``/etc/fstab``.
Mirror BIOS boot sector
~~~~~~~~~~~~~~~~~~~~~~~
This need to be manually applied when GRUB is updated.
#. Check disk name::
ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
#. Install GRUB to every disk::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Change encryption method
~~~~~~~~~~~~~~~~~~~~~~~~
By default the root pool is encrypted with a key file,
created at installation.
Password
^^^^^^^^
After installation, encryption by password can be enabled with::
zfs change-key -l -o keylocation=prompt -o keyformat=passphrase rpool_$INST_UUID
See ``man 8 zfs-change-key``.
If password is enabled, the system will require this password to boot.
Password can be entered locally with keyboard or remotely with SSH.
Supply password with SSH
^^^^^^^^^^^^^^^^^^^^^^^^
#. Install mkinitcpio tools::
pacman -S mkinitcpio-netconf mkinitcpio-dropbear
#. Store authorized keys in ``/etc/dropbear/root_key``::
vi /etc/dropbear/root_key
Note that dropbear only supports RSA keys.
#. Edit mkinitcpio::
tee /etc/mkinitcpio.conf <<- 'EOF'
HOOKS=(base udev autodetect modconf block keyboard netconf dropbear zfsencryptssh zfs filesystems)
EOF
#. Add ``ip=`` to kernel command line::
# example DHCP
echo 'GRUB_CMDLINE_LINUX="ip=::::::dhcp"' >> /etc/default/grub
Details for ``ip=`` can be found at
`here <https://www.kernel.org/doc/html/latest/admin-guide/nfs/nfsroot.html#kernel-command-line>`__.
#. If using OpenSSH as SSH server, convert host keys to PEM format::
for i in {rsa,dsa,ecdsa,ed25519}; do
ssh-keygen -p -m PEM -f /etc/ssh/ssh_host_${i}_key -qN ""
done
#. Regenerate initramfs::
mkinitcpio -P
#. Update GRUB menu::
grub-mkconfig -o /boot/grub/grub.cfg
Key file
^^^^^^^^
You can also set a new key file for root pool and
store the key file on an external drive::
zfs change-key -l -o keylocation=file:///path/to/keyfile -o keyformat=raw rpool_$INST_UUID
Boot Environment Manager Boot Environment Manager
~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~
Optional: install ``rozb3-pac`` pacman hook and ``bieaz`` from AUR to
create boot environments. Optional: install
`rozb3-pac <https://gitlab.com/m_zhou/rozb3-pac/-/releases>`__
pacman hook and
`bieaz <https://gitlab.com/m_zhou/bieaz/-/releases>`__
from AUR to create boot environments.
Prebuilt packages are also available
in the links above.
Post installation Post installation
~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~
@@ -939,8 +1029,9 @@ Following are the steps to load the correct ``grub.cfg``,
Rescue in Live Environment Rescue in Live Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Repeat `Prepare the Live Environment #. `Download Arch Linux live image <#download-arch-linux-live-image>`__.
<#prepare-the-live-environment>`__.
#. `Prepare the Live Environment <#prepare-the-live-environment>`__.
#. Check the ``INST_UUID`` with ``zpool import``. #. Check the ``INST_UUID`` with ``zpool import``.
@@ -948,17 +1039,28 @@ Rescue in Live Environment
INST_MNT=$(mktemp -d) INST_MNT=$(mktemp -d)
INST_UUID=abc123 INST_UUID=abc123
RPOOL_PWD='rootpool'
#. If using other keyfile::
KEYFILE=/path/to/keyfile
#. Import and unlock root and boot pool:: #. Import and unlock root and boot pool::
zpool import -N -R $INST_MNT rpool_$INST_UUID zpool import -N -R $INST_MNT rpool_$INST_UUID
zpool import -N -R $INST_MNT bpool_$INST_UUID zpool import -N -R $INST_MNT bpool_$INST_UUID
echo $RPOOL_PWD | zfs load-key rpool_$INST_UUID
If using password::
zfs load-key rpool_$INST_UUID
If using keyfile::
zfs load-key -L file://$KEYFILE rpool_$INST_UUID
#. Find the current boot environment:: #. Find the current boot environment::
zfs list zfs list
BE=default
#. Mount boot and root filesystem:: #. Mount boot and root filesystem::

276
docs/Getting Started/Arch Linux/Artix Linux Root on ZFS.rst
View File

@@ -38,7 +38,7 @@ related to this HOWTO, please `file a new issue and mention @ne9z
Contributing Contributing
~~~~~~~~~~~~ ~~~~~~~~~~~~
#. Fork and clone: https://github.com/openzfs/openzfs-docs #. Fork and clone `this repo <https://github.com/openzfs/openzfs-docs>`__.
#. Install the tools:: #. Install the tools::
@@ -88,14 +88,30 @@ Change the service commands to the equivalent commands.
#. Choose a mirror: #. Choose a mirror:
https://artixlinux.org/download.php `Mirrorlist <https://artixlinux.org/download.php>`__
#. Download January 2021 build. `File a new issue and mention @ne9z #. Download January 2021 build and signature. `File a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Artix%20Linux%20Root%20on <https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20Update%20Live%20Image%20Artix%20Linux%20Root%20on
%20ZFS%20HOWTO:>`__ if it's %20ZFS%20HOWTO:>`__ if it's
no longer available. no longer available.
https://eu-mirror.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso - `ISO (US mirror) <https://iso.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso>`__
- `Signature <https://iso.artixlinux.org/iso/artix-base-openrc-20210101-x86_64.iso.sig>`__
#. Check live image against signature::
gpg --auto-key-retrieve --verify artix-base-openrc-20210101-x86_64.iso.sig
If the file is authentic, output should be the following::
gpg: Signature made Sun 03 Jan 2021 09:30:42 PM UTC
gpg: using RSA key A574A1915CEDE31A3BFF5A68606520ACB886B428
gpg: Good signature from "Christos Nouskas <nous@artixlinux.org>" [unknown]
...
Primary key fingerprint: A574 A191 5CED E31A 3BFF 5A68 6065 20AC B886 B428
Ensure ``Good signature`` and last 8 digits are ``B886 B428``,
as listed on `Artix Linux Download <https://artixlinux.org/download.php>`__ page.
#. Write the image to a USB drive or an optical disc. #. Write the image to a USB drive or an optical disc.
@@ -145,9 +161,8 @@ Prepare the Live Environment
#. Import keys of archzfs repository:: #. Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
pacman-key -a archzfs.gpg curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
#. Add archzfs repository:: #. Add archzfs repository::
@@ -155,14 +170,9 @@ Prepare the Live Environment
[archzfs] [archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Select mirror: #. Select mirror:
@@ -366,7 +376,7 @@ Create Root and Boot Pools
- Unencrypted:: - Unencrypted::
zpool create \ zpool create \
-o ashift=12 \ -o ashift=12 \
-O acltype=posixacl \ -O acltype=posixacl \
-O canmount=off \ -O canmount=off \
@@ -393,7 +403,7 @@ Create Root and Boot Pools
-O xattr=sa \ -O xattr=sa \
-O mountpoint=/ \ -O mountpoint=/ \
-R $INST_MNT \ -R $INST_MNT \
-O encryption=aes-256-gcm \ -O encryption=on \
-O keylocation=prompt \ -O keylocation=prompt \
-O keyformat=passphrase \ -O keyformat=passphrase \
rpool_$INST_UUID \ rpool_$INST_UUID \
@@ -499,10 +509,6 @@ Create Datasets
#. Optional user data datasets: #. Optional user data datasets:
If you use /opt on this system::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/opt
If this system will have games installed:: If this system will have games installed::
zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games zfs create -o canmount=on rpool_$INST_UUID/DATA/default/var/games
@@ -567,10 +573,13 @@ Package Installation
Visit OpenZFS release page:: Visit OpenZFS release page::
curl https://github.com/openzfs/zfs/releases/zfs-${DKMS_VER} \ curl -L https://github.com/openzfs/zfs/raw/zfs-${DKMS_VER}/META \
| grep Linux | grep Linux
# Linux: compatible with 3.10 - 5.10 kernels # Linux-Maximum: 5.10
echo $INST_LINVER # Linux-Minimum: 3.10
# compare with the output of the following command
echo ${INST_LINVER%%-*}
# 5.10.17 # supported
If the kernel is supported: If the kernel is supported:
@@ -585,7 +594,7 @@ Package Installation
DKMS_DATE=$(pacman -Syi zfs-dkms \ DKMS_DATE=$(pacman -Syi zfs-dkms \
| grep 'Build Date' \ | grep 'Build Date' \
| sed 's/.*: //' \ | sed 's/.*: //' \
| LC_ALL=C xargs -i{} date -d {} +%Y/%m/%d) | LC_ALL=C xargs -i{} date -d {} -u +%Y/%m/%d)
- Check kernel version:: - Check kernel version::
@@ -668,21 +677,6 @@ System Configuration
ln -sf $INST_TZ $INST_MNT/etc/localtime ln -sf $INST_TZ $INST_MNT/etc/localtime
hwclock --systohc hwclock --systohc
#. archzfs repository::
tee -a $INST_MNT/etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
tee -a $INST_MNT/etc/pacman.d/mirrorlist-archzfs <<- 'EOF'
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
#. Locale:: #. Locale::
echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen echo "en_US.UTF-8 UTF-8" >> $INST_MNT/etc/locale.gen
@@ -714,10 +708,28 @@ System Configuration
rc-update add zfs-mount boot rc-update add zfs-mount boot
Other ZFS services, such as ``zed``
can be ported from ``/usr/lib/systemd/system/zfs*``.
#. Apply locales:: #. Apply locales::
locale-gen locale-gen
#. Import keys of archzfs repository::
curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
#. Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF'
[archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs
EOF
curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
#. Enable networking:: #. Enable networking::
rc-update add connmand default rc-update add connmand default
@@ -725,7 +737,7 @@ System Configuration
#. Generate zpool.cache #. Generate zpool.cache
Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``. Pools are imported by initramfs with the information stored in ``/etc/zfs/zpool.cache``.
This cache file will be embedded in ``initramfs``. This cache file will be embedded in initramfs.
:: ::
@@ -747,29 +759,34 @@ Currently GRUB has multiple compatibility problems with ZFS,
especially with regards to newer ZFS features. especially with regards to newer ZFS features.
Workarounds have to be applied. Workarounds have to be applied.
grub-probe fails to get canonical path of root partition grub-probe fails to get canonical path
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Solution:: Solution::
echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile echo 'export ZPOOL_VDEV_NAME_PATH=YES' >> /etc/profile
source /etc/profile source /etc/profile
**Notes:** Pool name missing
~~~~~~~~~~~~~~~~~
When persistent device names ``/dev/disk/by-id/*`` are used
with ZFS, GRUB will fail to resolve the path of the boot pool
device. Error::
# /usr/bin/grub-probe: error: failed to get canonical path of `/dev/virtio-pci-0000:06:00.0-part3'.
Pool name missing if the pool has unsupported features
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
See `this bug report <https://savannah.gnu.org/bugs/?59614>`__. See `this bug report <https://savannah.gnu.org/bugs/?59614>`__.
Root pool name is missing from ``root=ZFS=rpool/ROOT/default``
in generated ``grub.cfg`` file.
A workaround is to replace the pool name detection with ``zdb`` A workaround is to replace the pool name detection with ``zdb``
command:: command::
sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux sed -i "s|rpool=.*|rpool=\`zdb -l \${GRUB_DEVICE} \| grep -E '[[:blank:]]name' \| cut -d\\\' -f 2\`|" /etc/grub.d/10_linux
If you forgot to apply this workaround and
followed this guide to use ``rpool_$INST_UUID`` and ``bpool_$INST_UUID``,
``$INST_UUID`` can be found out with `Load grub.cfg in GRUB command line`_.
GRUB Installation GRUB Installation
~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~
@@ -792,7 +809,11 @@ GRUB Installation
grub-install $DISK grub-install $DISK
If this is a multi-disk setup, If this is a multi-disk setup,
install to other disks as well. install to other disks as well::
for i in {target_disk2,target_disk3}; do
grub-install /dev/disk/by-id/$i
done
Generate GRUB Boot Menu Generate GRUB Boot Menu
~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~
@@ -829,43 +850,126 @@ After Reboot
Mirror EFI System Partition Mirror EFI System Partition
~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Format redundant EFI partitions:: #. Check disk name::
mkfs.vfat -n EFI2 /dev/disk/by-id/target_disk2-part1 ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
mkfs.vfat -n EFI3 /dev/disk/by-id/target_disk3-part1
#. Create mountpoints:: #. Mirror EFI ssystem partition::
mkdir -p /boot/efis/{2,3} for i in {target_disk2,target_disk3}; do
mkfs.vfat /dev/disk/by-id/$i-part1
mkdir -p /boot/efis/$i
echo UUID=$(blkid -s UUID -o value /dev/disk/by-id/$i-part1) /boot/efis/$i vfat \
umask=0022,fmask=0022,dmask=0022 0 1 >> /etc/fstab
mount /boot/efis/$i
cp -r /boot/efi/EFI/ /boot/efis/$i
efibootmgr -cgp 1 -l "\EFI\artix\grubx64.efi" \
-L "artix-$i" -d /dev/disk/by-id/$i-part1
done
#. Mount redundant EFI partitions:: #. Enable cron and set up cron job to sync EFI system partition contents::
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk2-part1 /boot/efis/2 rc-update add cronie default
mount -o umask=0022,fmask=0022,dmask=0022 /dev/disk/by-id/target_disk3-part1 /boot/efis/3 crontab -u root -e
# @hourly /usr/bin/bash -c 'for i in /boot/efis/*; do /usr/bin/cp -r /boot/efi/EFI/ $i/; done'
#. Add fstab entries:: Alternatively, monitor ``/boot/efi/EFI/artix`` with ``inotifywait``.
pacman -S --needed artools-base rsync #. If EFI system partition failed, promote one backup
to ``/boot/efi`` by editing ``/etc/fstab``.
fstabgen / | grep efis >> /etc/fstab Mirror BIOS boot sector
~~~~~~~~~~~~~~~~~~~~~~~
#. Sync EFI system partition contents:: This need to be manually applied when GRUB is updated.
for i in /boot/efis/*; do #. Check disk name::
/usr/bin/rsync -a /boot/efi/ $i/
done
#. Add EFI boot entries:: ls -1 /dev/disk/by-id/ | grep -v '\-part[0-9]'
efibootmgr -cgd /dev/disk/by-id/target_disk2-part1 \ #. Install GRUB to every disk::
-p 1 -L "artix-2" -l "\EFI\arch\grubx64.efi"
efibootmgr -cgd /dev/disk/by-id/target_disk3-part1 \ for i in {target_disk2,target_disk3}; do
-p 1 -L "artix-3" -l "\EFI\arch\grubx64.efi" grub-install /dev/disk/by-id/$i
done
Change encryption method
~~~~~~~~~~~~~~~~~~~~~~~~
By default the root pool is encrypted with a key file,
created at installation.
Password
^^^^^^^^
After installation, encryption by password can be enabled with::
zfs change-key -l -o keylocation=prompt -o keyformat=passphrase rpool_$INST_UUID
See ``man 8 zfs-change-key``.
If password is enabled, the system will require this password to boot.
Password can be entered locally with keyboard or remotely with SSH.
Supply password with SSH
^^^^^^^^^^^^^^^^^^^^^^^^
#. Install mkinitcpio tools::
pacman -S mkinitcpio-netconf mkinitcpio-dropbear
#. Store authorized keys in ``/etc/dropbear/root_key``::
vi /etc/dropbear/root_key
Note that dropbear only supports RSA keys.
#. Edit mkinitcpio::
tee /etc/mkinitcpio.conf <<- 'EOF'
HOOKS=(base udev autodetect modconf block keyboard netconf dropbear zfsencryptssh zfs filesystems)
EOF
#. Add ``ip=`` to kernel command line::
# example DHCP
echo 'GRUB_CMDLINE_LINUX="ip=::::::dhcp"' >> /etc/default/grub
Details for ``ip=`` can be found at
`here <https://www.kernel.org/doc/html/latest/admin-guide/nfs/nfsroot.html#kernel-command-line>`__.
#. If using OpenSSH as SSH server, convert host keys to PEM format::
for i in {rsa,dsa,ecdsa,ed25519}; do
ssh-keygen -p -m PEM -f /etc/ssh/ssh_host_${i}_key -qN ""
done
#. Regenerate initramfs::
mkinitcpio -P
#. Update GRUB menu::
grub-mkconfig -o /boot/grub/grub.cfg
Key file
^^^^^^^^
You can also set a new key file for root pool and
store the key file on an external drive::
zfs change-key -l -o keylocation=file:///path/to/keyfile -o keyformat=raw rpool_$INST_UUID
Boot Environment Manager Boot Environment Manager
~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~
Optional: install ``rozb3-pac`` pacman hook and ``bieaz`` from AUR to
create boot environments. Optional: install
`rozb3-pac <https://gitlab.com/m_zhou/rozb3-pac/-/releases>`__
pacman hook and
`bieaz <https://gitlab.com/m_zhou/bieaz/-/releases>`__
from AUR to create boot environments.
Prebuilt packages are also available
in the links above.
Post installation Post installation
~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~
@@ -940,8 +1044,9 @@ Following are the steps to load the correct ``grub.cfg``,
Rescue in Live Environment Rescue in Live Environment
~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~
#. Repeat `Prepare the Live Environment #. `Download Artix Linux live image <#download-artix-linux-live-image>`__.
<#prepare-the-live-environment>`__.
#. `Prepare the Live Environment <#prepare-the-live-environment>`__.
#. Check the ``INST_UUID`` with ``zpool import``. #. Check the ``INST_UUID`` with ``zpool import``.
@@ -949,17 +1054,28 @@ Rescue in Live Environment
INST_MNT=$(mktemp -d) INST_MNT=$(mktemp -d)
INST_UUID=abc123 INST_UUID=abc123
RPOOL_PWD='rootpool'
#. If using other keyfile::
KEYFILE=/path/to/keyfile
#. Import and unlock root and boot pool:: #. Import and unlock root and boot pool::
zpool import -N -R $INST_MNT rpool_$INST_UUID zpool import -N -R $INST_MNT rpool_$INST_UUID
zpool import -N -R $INST_MNT bpool_$INST_UUID zpool import -N -R $INST_MNT bpool_$INST_UUID
echo $RPOOL_PWD | zfs load-key rpool_$INST_UUID
If using password::
zfs load-key rpool_$INST_UUID
If using keyfile::
zfs load-key -L file://$KEYFILE rpool_$INST_UUID
#. Find the current boot environment:: #. Find the current boot environment::
zfs list zfs list
BE=default
#. Mount boot and root filesystem:: #. Mount boot and root filesystem::
@@ -967,7 +1083,7 @@ Rescue in Live Environment
#. chroot into the system:: #. chroot into the system::
artix-chroot $INST_MNT /bin/bash --login arch-chroot $INST_MNT /bin/bash --login
mount /boot mount /boot
mount /boot/efi mount /boot/efi
zfs mount -a zfs mount -a

1
docs/Getting Started/Arch Linux/archzfs/key-id Normal file
View File

@@ -0,0 +1 @@
DDF7DB817396A49B2A2723F7403BD972F75D9D76

12
docs/Getting Started/Arch Linux/archzfs/mirrorlist-archzfs Normal file
View File

@@ -0,0 +1,12 @@
## France
Server = https://archzfs.com/$repo/$arch
## Germany
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
## India
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
## United States
Server = https://zxcvfdsa.com/archzfs/$repo/$arch

87
docs/Getting Started/Arch Linux/index.rst
View File

@@ -6,6 +6,15 @@ Arch Linux
.. contents:: Table of Contents .. contents:: Table of Contents
:local: :local:
Support
-------
If you need help, reach out to the community using the :ref:`mailing_lists` or IRC at
`#zfsonlinux <irc://irc.freenode.net/#zfsonlinux>`__ on `freenode
<https://freenode.net/>`__. If you have a bug report or feature request
related to this HOWTO, please `file a new issue and mention @ne9z
<https://github.com/openzfs/openzfs-docs/issues/new?body=@ne9z,%20I%20have%20the%20following%20issue%20with%20the%20Arch%20Linux%20ZFS%20HOWTO:>`__.
Installation Installation
------------ ------------
@@ -19,31 +28,38 @@ ZFS packages are provided by the third-party
`archzfs repository <https://github.com/archzfs/archzfs>`__. `archzfs repository <https://github.com/archzfs/archzfs>`__.
You can use it as follows. You can use it as follows.
Import archzfs GPG key:: Import keys of archzfs repository::
curl -O https://archzfs.com/archzfs.gpg curl -L https://archzfs.com/archzfs.gpg | pacman-key -a -
pacman-key -a archzfs.gpg curl -L https://git.io/JtQpl | xargs -i{} pacman-key --lsign-key {}
pacman-key --lsign-key DDF7DB817396A49B2A2723F7403BD972F75D9D76
Add the archzfs repository:: Add archzfs repository::
tee -a /etc/pacman.conf <<- 'EOF' tee -a /etc/pacman.conf <<- 'EOF'
[archzfs] [archzfs]
Include = /etc/pacman.d/mirrorlist-archzfs Include = /etc/pacman.d/mirrorlist-archzfs
EOF
EOF
tee -a /etc/pacman.d/mirrorlist-archzfs <<- 'EOF' curl -L https://git.io/JtQp4 > /etc/pacman.d/mirrorlist-archzfs
Server = https://archzfs.com/$repo/$arch
Server = https://mirror.sum7.eu/archlinux/archzfs/$repo/$arch
Server = https://mirror.biocrafting.net/archlinux/archzfs/$repo/$arch
Server = https://mirror.in.themindsmaze.com/archzfs/$repo/$arch
EOF
Update pacman database:: Update pacman database::
pacman -Sy pacman -Sy
testing repo
^^^^^^^^^^^^
Testing repo provides newer packages than stable repo,
but may contain unknown bugs.
Use at your own risk::
tee -a /etc/pacman.conf <<- 'EOF'
# uncomment if you really want to use testing
#[archzfs-testing]
#Include = /etc/pacman.d/mirrorlist-archzfs
EOF
archzfs package archzfs package
~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~
@@ -94,10 +110,13 @@ Check zfs-dkms package version::
Visit OpenZFS release page :: Visit OpenZFS release page ::
curl https://github.com/openzfs/zfs/releases/zfs-${DKMS_VER} \ curl -L https://github.com/openzfs/zfs/raw/zfs-${DKMS_VER}/META \
| grep Linux | grep Linux
# Linux: compatible with 3.10 - 5.10 kernels # Linux-Maximum: 5.10
echo $INST_LINVER # Linux-Minimum: 3.10
# compare with the output of the following command
echo ${INST_LINVER%%-*}
# 5.10.17 # supported
If it's not supported, see `Install zfs-dkms compatible kernel`_. If it's not supported, see `Install zfs-dkms compatible kernel`_.
Otherwise, continue to next step. Otherwise, continue to next step.
@@ -135,7 +154,7 @@ Install kernels available when the package was built. Check build date::
DKMS_DATE=$(pacman -Syi zfs-dkms \ DKMS_DATE=$(pacman -Syi zfs-dkms \
| grep 'Build Date' \ | grep 'Build Date' \
| sed 's/.*: //' \ | sed 's/.*: //' \
| LC_ALL=C xargs -i{} date -d {} +%Y/%m/%d) | LC_ALL=C xargs -i{} date -d {} -u +%Y/%m/%d)
Check kernel version:: Check kernel version::
@@ -178,6 +197,25 @@ If compatible, update kernel and headers with::
Do not update if the kernel is not compatible Do not update if the kernel is not compatible
with OpenZFS. with OpenZFS.
-git packages
~~~~~~~~~~~~~
Normal packages are built from
`latest OpenZFS stable release <https://github.com/openzfs/zfs/releases/latest>`__
which may not contain the newest features.
``-git`` packages are directly built from
`OpenZFS master branch <https://github.com/openzfs/zfs/commits/master>`__,
which may contain unknown bugs.
To use ``-git`` packages, attach ``-git`` suffix to package names, example::
# zfs-dkms
zfs-dkms-git
# zfs-${INST_LINVAR}
zfs-${INST_LINVAR}-git
Check Live Image Compatibility Check Live Image Compatibility
------------------------------ ------------------------------
Choose a mirror:: Choose a mirror::
@@ -204,9 +242,12 @@ Check latest archzfs package version::
# zfs-dkms-2.0.1-1-x86_64.pkg.tar.zst # zfs-dkms-2.0.1-1-x86_64.pkg.tar.zst
# zfs-linux-2.0.1_5.10.10.arch1.1-1-x86_64.pkg.tar.zst # zfs-linux-2.0.1_5.10.10.arch1.1-1-x86_64.pkg.tar.zst
Visit OpenZFS release page https://github.com/openzfs/zfs/releases/tag/zfs-2.0.1:: Visit OpenZFS release page::
# Linux: compatible with 3.10 - 5.10 kernels curl -L https://github.com/openzfs/zfs/raw/zfs-2.0.1/META \
| grep Linux
# Linux-Maximum: 5.10
# Linux-Minimum: 3.10
- If compatible, download the latest live image:: - If compatible, download the latest live image::