Introduction

Description

Archlinux is a lightweight Linux distribution based on the rolling release model. It requires understanding of system's operations. It relies on the pacman package manager which is fast and reliable. A community repository (AUR) is also available to increase the number of packages.

Installation

• Manual installation: https://www.archlinux.org/download/
• Architect: https://sourceforge.net/projects/architect-linux/

Packages/managers

Package managers

pacman

pkgfile <name>
pkgfile --update

apt-file search
apt-file update

Yaourt (AUR)

$ sudo pacman -S base-devel git
$ git clone https://aur.archlinux.org/package-query.git
$ cd package-query
$ makepkg -si
$ cd ..
$ git clone https://aur.archlinux.org/yaourt.git
$ cd yaourt
$ makepkg -si
$ cd ..

Some useful packages

Screen locker (slock)

Simple lock screen (when the screen is locked, it's just showing a black screen. Enter your password to unlock the screen)

$ sudo pacman -S slock

To automatically lock the screen when the lid is closed (provided you have set it up to enter into suspend mode), create the following script:

$ cat /etc/systemd/system/lidlock.service
[Unit]
Description=Lock the screen on resume from suspend

[Service]
User=your_username
Environment=DISPLAY=:0
ExecStart=/usr/bin/slock

[Install]
WantedBy=suspend.target

Then enable the service and start it.

$ sudo systemctl daemon-reload
$ sudo systemctl enable lidlock.service
$ sudo systemctl start lidlock.service

Calculator (galculator)

Simple calculator:

$ sudo pacman -S galculator

PDF viewer (evince)

$ sudo pacman -S evince

Sogo inverse connector

Sogo inverse connector for remote CARDDAV in thunderbird can be installed from the official site directly (recommended):

http://sogo.nu/download.html#/frontends

or from the AUR repositories:

$ yaourt -S thunderbird-sogo-connector-bin

Fonts

By default, few fonts are installed. Additional fonts can be installed with pacman.

To install Courier 10 Pitch:

$ sudo pacman -S xorg-fonts-type1

MariaDB

MariaDB is the default implementation of MySQL in Archlinux.

Installation:

$ sudo pacman -S mariadb
$ sudo mysql_install_db --user=mysql --basedir=/usr --datadir=/var/lib/mysql
$ /usr/bin/mysqladmin -u root password 'new-password' 

To secure the installation:

$ sudo mysql_secure_installation

By default, MariaDB is not automatically started. To enable automatic start, do:

$ sudo systemctl enable mysqld.service

To start and stop it:

$ sudo systemctl <start|stop> mysqld.service

64/32bit

Enable multi-arch

• Uncommment following lines in /etc/pacman.conf

[multilib]
Include = /etc/pacman.d/mirrorlist

• Then update:

$ sudo pacman -Syu

Chroot

Install chroot

Source: https://wiki.archlinux.org/index.php/Install_bundled_32-bit_system_in_64-bit_system

# mkdir /opt/arch32
# sed -e 's/\$arch/i686/g' /etc/pacman.d/mirrorlist > /opt/arch32/mirrorlist
# sed -e 's@/etc/pacman.d/mirrorlist@/opt/arch32/mirrorlist@g' -e '/Architecture/ s,auto,i686,'  /etc/pacman.conf > /opt/arch32/pacman.conf
# mkdir -p /opt/arch32/var/{cache/pacman/pkg,lib/pacman}

Warning

At this stage, ensure you comment out the multilib repository from /opt/arch32/pacman.conf:

#[multilib]
#Include = /etc/pacman.d/mirrorlist

# pacman --root /opt/arch32 --cachedir /opt/arch32/var/cache/pacman/pkg --config /opt/arch32/pacman.conf -Sy
# pacman --root /opt/arch32 --cachedir /opt/arch32/var/cache/pacman/pkg --config /opt/arch32/pacman.conf -S base base-devel sudo vim
# mv /opt/arch32/mirrorlist /opt/arch32/etc/pacman.d
# cd /etc/
# for i in passwd* shadow* group* sudoers resolv.conf localtime locale.gen vimrc mtab inputrc profile.d/locale.sh; do cp -p /etc/"$i" /opt/arch32/etc/; done

Then create following files:

#!/bin/bash

## User variables.
MOUNTPOINT=/opt/arch32

## Set MANAGEPARTITION to any value if /opt/arch32 resides on a separate
## partition and not mounted by /etc/fstab or some other means.
## If /opt/arch32 is part of your rootfs, leave this empty.
MANAGEPARTITION=

## Leave USEDISTCC empty unless you wish to use distccd from within the chroot.
USEDISTCC=
DISTCC_SUBNET='10.9.8.0/24'

## PIDFILE shouldn't need to ba changed from this default.
PIDFILE=/run/arch32

start_distccd() {
	[[ ! -L "$MOUNTPOINT"/usr/bin/distccd-chroot ]] &&
		ln -s /usr/bin/distccd "$MOUNTPOINT"/usr/bin/distccd-chroot 
	DISTCC_ARGS="--user nobody --allow $DISTCC_SUBNET --port 3692 --log-level warning --log-file /tmp/distccd-i686.log"

	[[ -z "$(pgrep distccd-chroot)" ]] &&
		linux32 chroot "$MOUNTPOINT" /bin/bash -c "/usr/bin/distccd-chroot --daemon $DISTCC_ARGS"
}

stop_distccd() {
	[[ -n "$(pgrep distccd-chroot)" ]] &&
		linux32 chroot "$MOUNTPOINT" /bin/bash -c "pkill -SIGTERM distccd-chroot"
}

case $1 in
	start)
		[[ -f "$PIDFILE" ]] && exit 1

		if [[ -n "$MANAGEPARTITION" ]]; then
			mountpoint -q $MOUNTPOINT || mount LABEL="arch32" $MOUNTPOINT
		fi

		dirs=(/tmp /dev /dev/pts /home)
		for d in "${dirs[@]}"; do
			mount -o bind $d "$MOUNTPOINT"$d
		done

		mount -t proc none "$MOUNTPOINT/proc"
		mount -t sysfs none "$MOUNTPOINT/sys"
		touch "$PIDFILE"
		[[ -n "$USEDISTCC" ]] && start_distccd
		;;

	stop)
		[[ ! -f "$PIDFILE" ]] && exit 1
		[[ -n "$USEDISTCC" ]] && stop_distccd

		if [[ -n "$MANAGEPARTITION" ]]; then
			umount -R -A -l "$MOUNTPOINT"
		else
			dirs=(/home /dev/pts /dev /tmp)
			[[ -n "$USEDISTCC" ]] && stop_distccd
			umount "$MOUNTPOINT"/{sys,proc}
			for d in "${dirs[@]}"; do
				umount -l "$MOUNTPOINT$d"
			done
		fi
		
		rm -f "$PIDFILE"
		;;
	*)
		echo "usage: $0 (start|stop)"
		exit 1
esac

Remember to make the file executable:

$ sudo chmod +x /usr/local/bin/arch32

[Unit]
Description=32-bit chroot

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=/usr/local/bin/arch32 start
ExecStop=/usr/local/bin/arch32 stop

[Install]
WantedBy=multi-user.target

Enable the service:

$ sudo systemctl daemon-reload
$ sudo systemctl enable arch32.service

Initialization

$ sudo /usr/local/bin/arch32 start
$ xhost +SI:localuser:username_to_give_access_to
# chroot /opt/arch32

Now that you are in the chroot:

(chroot) # /usr/bin/locale-gen
(chroot) # sed -i 's/CheckSpace/#CheckSpace/' /etc/pacman.conf
(chroot) # pacman-key --init && pacman-key --populate archlinux

Enter the chroot from your Archlinux 64bit

Once your chroot environment created, you may want to enter it from your 64bit archlinux:

$ sudo linux32 chroot /opt/arch32/
(chroot) # su <username>

From here you can install packages in your chroot as if you were on your 64bit archlinux:

(chroot) $ sudo pacman -S htop

Execute commands in your 32bit chroot from your 64bit archlinux

Install and configure schroot

Install schroot:

$ sudo pacman -S schroot

Edit /etc/schroot/schroot.conf, and create an [Arch32] section as follows:

[Arch32]
type=directory
profile=arch32
description=Arch32
directory=/opt/arch32
users=user1,user2,user3
groups=users
root-groups=root
personality=linux32
aliases=32,default

Note

Remember to replace user1,user2,user3 by the list of allowed users

Use schroot

The following command will execute htop installed in the chroot environment:

$ schroot -p htop

If you have install Lotus Notes in your chroot:

$ schroot -p /opt/ibm/notes/notes

Check whether you are in the chroot

The following command will output chroot whenever run in a chroot:

# if [ "$(stat -c %d:%i /)" != "$(stat -c %d:%i /proc/1/root/.)" ]; then echo "chroot";fi

You can also (recommended) customize your ~/.bashrc file so that it will tell you're in a chroot:

PS1='\[$(tput bold)\]\[\033[48;5;196m\](chroot)\[$(tput sgr0)\]\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '

It will make your prompt look like this:

(chroot)username@hostname:~$ cd /foo/bar/
(chroot)username@hostname:/foo/bar$ pwd
/foo/bar

Shared directory

If you need to share a local directory (e.g. /data/lotus) between your machine and your chroot (e.g. /opt/arch32/data/lotus), add the lines highlighted in yellow in /etc/schroot/arch32/mount:

$ cat /etc/schroot/arch32/mount 
# mount.defaults: static file system information for chroots.
# Note that the mount point will be prefixed by the chroot path
# (CHROOT_PATH)
#
# <file system>	<mount point>	<type>	<options>	<dump>	<pass>
proc		/proc		proc	defaults	0	0
/dev		/dev		none	rw,bind		0	0
#/dev/pts	/dev/pts	none	rw,bind		0	0
tmpfs		/dev/shm	tmpfs	defaults	0	0
/sys		/sys		none	rw,bind		0	0
/tmp		/tmp		none	rw,bind		0	0
/home		/home		none	rw,bind		0	0
# Lotus Notes chroot shared directory
/data/lotus     /data/lotus  none    bind

Note

If you wish to make the share only read only, replace bind by bind,ro

Container (systemd-nspawn)

Description

This section describes the way you can create a container (in our example a basic 32bit arch linux environment) like docker would do.

systemd-nspawn may be used to run a command or OS in a light-weight namespace container. In many ways it is similar to chroot(1), but more powerful since it fully virtualizes the file system hierarchy, as well as the process tree, the various IPC subsystems and the host and domain name.

systemd-nspawn limits access to various kernel interfaces in the container to read-only, such as /sys, /proc/sys or /sys/fs/selinux. Network interfaces and the system clock may not be changed from within the container. Device nodes may not be created. The host system cannot be rebooted and kernel modules may not be loaded from within the container.

Build a container

Warning

If you plan to automatically start your container on boot, create it in /var/lib/machines/

First create your chroot environment as follows:

$ sudo mkdir /opt/arch32/
$ sudo cp /etc/pacman.conf /opt/arch32/

Then modify /opt/arch32/pacman.conf as follows:

• Replace Architecture = auto by Architecture = i686
• Comment out sections related to multiarch (multiarch and multiarch-testing)

Now, let's create a minimalistic container:

$ sudo pacstrap -i -c -d -C /opt/arch32/pacman.conf /opt/arch32/ base

If you want to be able to use graphical applications from your chroot, you will need to do:

$ xhost +local:

Note

Notice that the above command is only persistent for the session and you will need to do it each time you login. To get rid of it, you can add xhost + >/dev/null to ~/.bashrc

Start/stop

Manually

Start your chroot and login with root without password:

$ sudo systemd-nspawn --personality=x86 -b -D /opt/arch32/ --bind=/tmp/.X11-unix:/tmp/.X11-unix

To stop the chroot, enter poweroff

Start container on boot

To automatically start the container on boot, do as follows:

$ sudo systemctl enable machines.target
$ sudo systemctl start machines.target

Then create the following file:

$ cat /usr/lib/systemd/system/[email protected]
[Unit]
Description=Container %I
Documentation=man:systemd-nspawn(1)
PartOf=machines.target
Before=machines.target
After=network.target

[Service]
ExecStart=/usr/bin/systemd-nspawn -b --personality=x86 \
    -D /var/lib/machines/arch32/ \
    --bind=/tmp/.X11-unix:/tmp/.X11-unix \
    --bind=/data/lotus:/data/lotus \
    --setenv=DISPLAY=:0 \
    --machine=%I
KillMode=mixed
Type=notify
RestartForceExitStatus=133
SuccessExitStatus=133
Slice=machine.slice
Delegate=yes
TasksMax=8192

# Enforce a strict device policy, similar to the one nspawn configures
# when it allocates its own scope unit. Make sure to keep these
# policies in sync if you change them!
DevicePolicy=strict
DeviceAllow=/dev/null rwm
DeviceAllow=/dev/zero rwm
DeviceAllow=/dev/full rwm
DeviceAllow=/dev/random rwm
DeviceAllow=/dev/urandom rwm
DeviceAllow=/dev/tty rwm
DeviceAllow=/dev/net/tun rwm
DeviceAllow=/dev/pts/ptmx rw
DeviceAllow=char-pts rw

# nspawn itself needs access to /dev/loop-control and /dev/loop, to
# implement the --image= option. Add these here, too.
DeviceAllow=/dev/loop-control rw
DeviceAllow=block-loop rw
DeviceAllow=block-blkext rw

[Install]
WantedBy=machines.target

Then enable the service as follows:

$ sudo systemctl daemon-reload
$ sudo systemctl enable [email protected]

Create users

Within the chroot, create a user:

(container) # useradd -g users -G users -m yourusername
(container) # passwd yourusername

Now, login as the standard user and export the DISPLAY environment variable:

(container) # su yourusername
(container) $ export DISPLAY=:0

Control containers

List active containers

machinectl list

Login to container

machinectl login container

Reboot container

machinectl reboot container

Power off container

machinectl poweroff container

Run application

sudo systemd-run -M container --uid=username --setenv=DISPLAY=:0 /absolute/path/to/application

Java/Flash

Java

Same procedure as for Debian

If you want to use Java 32bit installed in your 64bit archlinux (provided you have multilib enabled), you also need following dependencies:

$ sudo pacman -S lib32-libxtst lib32-gcc-libs lib32-libxrender

FlashPlayer

$ sudo pacman -S flashplugin

Note

This plugin was discontinued (stuck at version 11.2) but security patches are still applied

Juniper Network Connect

prerequisites:

$ sudo pacman -S lib32-libxext lib32-libxrender lib32-libxtst lib32-gcc-libs lib32-zlib net-tools

Installation: same as for Debian. Then, fix permissions:

$ sudo chown root:root ~/.juniper_networks/network_connect/ncsvc
$ sudo chmod 6711 ~/.juniper_networks/network_connect/ncsvc
$ chmod 744 ~/.juniper_networks/network_connect/ncdiag

References

http://www.scc.kit.edu/scc/net/juniper-vpn/linux/

https://wiki.archlinux.org/index.php/Juniper_VPN

Lotus Notes

Prerequisites

Build a 32bit chroot or container as described previously (see 64/32bit section).

Enter the chroot:

$ sudo linux32 chroot /opt/arch32/
$ su your_username

Or if you are using a container, login:

$ sudo machinectl login arch32

Export VISUAL environment variable:

$ echo 'export VISUAL="vim"' >>  ~/.bashrc

Install following dependencies (not available via pacman). Notice that we also install the rpm utility to be able to install Lotus Notes rpm packages.

$ yaourt -S libgnomeprint libgnomeprintui esound rpm-org

Install following dependencies with pacman:

$ sudo pacman -S gdb tcsh libart-lgpl alsa-lib atk libbonobo libbonoboui gconf gtk2 libgnome libgnomecanvas libgnomeui gvfs libice libjpeg orbit2 pango libpng libsm libx11 libxcursor libxext libxft libxi libxkbfile libxml2 libxrender libxss libxt libxtst font-bh-ttf audiofile gnome-menus startup-notification gnome-desktop gtk-xfce-engine xterm unzip pangox-compat

You also need to install following fonts (AUR):

$ yaourt -S aur/fontconfig-ttf-ms-fonts

Installation of Lotus Notes

At this stage, get NOTES_9.0.1_LINUX_RPM_EN_EVALUATION.tar, uncompress and install packages without dependencies:

$ tar xf NOTES_9.0.1_LINUX_RPM_EN_EVALUATION.tar
$ sudo rpm -ivh --nodeps ibm_notes-9.0.1.i586.rpm
$ sudo rpm -ivh --nodeps ibm_sametime-9.0.1.i586.rpm

References

• https://bbs.archlinux.org/viewtopic.php?id=94894
• https://wiki.archlinux.org/index.php/Install_bundled_32-bit_system_in_64-bit_system

Network

Disable ipv6

1. Remove all lines mentioning ipv6 in /etc/hosts

2. Create following file: /etc/sysctl.d/40-ipv6.conf

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.ens33.disable_ipv6 = 1
net.ipv6.conf.tun0.disable_ipv6 = 1

3. If you're using NetworkManager (instead of Wicd), also disable ipv6 for all network interfaces from the NetworkManager:

ntp

Install package

$ sudo pacman -S ntp

Synchronization

$ sudo ntpd -q

Automatic start

$ systemctl enable ntpd.service

$ systemctl start ntpd.service

Common network commands and packages

Uncomplicated FireWall (UFW)

To install ufw:

$ sudo pacman -S ufw

Then enable it:

$ sudo ufw enable

And enable it in systemd:

$ sudo systemctl daemon-reload
$ sudo systemctl enable ufw.service
$ sudo systemctl start ufw.service

VMware

Prerequisites

$ sudo pacman -S fuse gtkmm linux-headers

Installer

When installing VMware workstation, provide the installer with default /etc/init.d as startup scripts when asked. The installer will then claim that it can't be installed; don't worry, we will manually install systemd scripts.

systemd

Create following files:

$ cat /etc/systemd/system/vmware.service
[Unit]
Description=VMware daemon
Requires=vmware-usbarbitrator.service
Before=vmware-usbarbitrator.service
After=network.target

[Service]
ExecStart=/etc/init.d/vmware start
ExecStop=/etc/init.d/vmware stop
PIDFile=/var/lock/subsys/vmware
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

$ cat /etc/systemd/system/vmware-usbarbitrator.service
[Unit]
Description=VMware USB Arbitrator
Requires=vmware.service
After=vmware.service

[Service]
ExecStart=/usr/bin/vmware-usbarbitrator
ExecStop=/usr/bin/vmware-usbarbitrator --kill
RemainAfterExit=yes

[Install]
WantedBy=multi-user.target

Enable services:

$ sudo systemctl daemon-reload
$ sudo systemctl enable vmware.service
$ sudo systemctl enable vmware-usbarbitrator.service

Issues

Compilation issue with kernel 4.6.1-2

If VMWare Workstation 12.1.1 fails to compile with kernel 4.6.1-2, it's because there has been a change in the get_user_pages function. To fix that, do as follows (scripted from this post):

# cd /usr/lib/vmware/modules/source/
# tar xf vmmon.tar
# sed -i "s/get_user_pages/get_user_pages_remote/g" vmmon-only/linux/hostif.c
# tar cf vmmon.tar vmmon-only
# rm -fR vmmon-only

Then

# cd /usr/lib/vmware/modules/source/
# tar xf vmnet.tar
# sed -i "s/get_user_pages/get_user_pages_remote/g" vmnet-only/userif.c
# tar cf vmnet.tar vmnet-only
# rm -fR vmnet-only

Webex

1. Install java
2. Install (with pacman) packages returned by the following command:

$ for i in `ldd ~/.webex/1524/*.so | grep 'not found' | awk '{ print $1 }' | uniq`;do pkgfile $i | grep multilib;done
multilib/lib32-gtk2
multilib/lib32-gtk2
multilib/lib32-glib2
multilib/lib32-libxmu
multilib/lib32-libxt
multilib/lib32-alsa-lib
multilib/lib32-libxmu
multilib/lib32-pango
multilib/lib32-libxft
multilib/lib32-pango
multilib/lib32-pango
multilib/lib32-fontconfig
multilib/lib32-freetype2
multilib/lib32-glib2
multilib/lib32-glib2
multilib/lib32-glib2
multilib/lib32-libxv
multilib/lib32-util-linux

In a nutshell, here is how you can install required dependencies:

$ sudo pacman -S lib32-alsa-lib lib32-fontconfig lib32-freetype2 lib32-glib2 lib32-gtk2 lib32-libxft lib32-libxmu lib32-libxt lib32-libxv lib32-pango lib32-util-linux

Issues

No sound (alsa)

If you have no sound, try modifying the default card in /usr/share/alsa/alsa.conf:

-defaults.ctl.card 0
-defaults.pcm.card 0
+defaults.ctl.card 1
+defaults.pcm.card 1

AptanaStudio3 claiming it can't find java

Provide path to java binary as follows:

$ ./AptanaStudio3 -vm /usr/java/jre-x64/bin

Can't format a USB to FAT32

$ sudo pacman -S core/dosfstools

Xfce-flat theme

If like me you choose the Xfce-flat theme, and you would like to change the color of the button in the taskbar when it blinks (e.g. when you receive a pidgin notification), here is how you could do:

Edit /usr/share/themes/Xfce-flat/gtk-2.0/gtkrc and modify as follows:

style "panel" = "default"
{
    xthickness = 1
    ythickness = 1

    bg[ACTIVE]        = shade (1.6, @panel_bg)
    bg[NORMAL]        = @panel_bg
    bg[PRELIGHT]      = shade (0.88, @selected_bg_color)
    -bg[SELECTED]      = shade (1.6, @panel_bg)
    +bg[SELECTED]      = "#256F89"

    fg[ACTIVE]        = @base_color
    fg[NORMAL]        = @base_color
    fg[PRELIGHT]      = @base_color
    fg[SELECTED]      = @base_color

    text[ACTIVE]      = @base_color
    text[NORMAL]      = @base_color
    text[PRELIGHT]    = @base_color
    text[SELECTED]    = @base_color

    engine "xfce"
    {
        flat_border = true
        smooth_edge = false
    }
}

No suitable archive manager found

In thunar, while trying to uncompress an archive, you may have the following message: "No suitable archive manager found". To fix it:

$ sudo pacman -S xarchiver
$ sudo update-desktop-database

Then restart.

Tricks

~/.bashrc

Example of ~/.bashrc file:

# If not running interactively, don't do anything
[[ $- != *i* ]] && return

alias ls='ls --color=auto'
alias ll='ls -l --color=auto'

alias rm='rm -i'
alias mv='mv -i'
alias cp='cp -i'

alias ccat='pygmentize -g -O style=colorful,linenos=1'

PS1='\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
[[ $SCHROOT_CHROOT_NAME ]] && PS1="(chroot: $SCHROOT_CHROOT_NAME) $PS1"

export VISUAL="vim"
export BROWSER="opera"

export PATH=$PATH:/usr/java/jre-x64/bin
export JAVA_HOME=/usr/java/jre-x64

#necessary for arch32 container
xhost + > /dev/null

# Python virtualenv
export WORKON_HOME=/data/development/virtualenvs
mkdir -p $WORKON_HOME
source /usr/bin/virtualenvwrapper.sh

Set default browser

To set firefox as default browser, do as follows:

$ xdg-mime default firefox.desktop x-scheme-handler/http
$ xdg-mime default firefox.desktop x-scheme-handler/https
$ xdg-settings set default-web-browser firefox.desktop

To verify if the URLs opens correctly:

$ xdg-open https://www.aldeid.com

Comments