[~bandali/bndl.org] / content / post / arch-macbook-air.md

+++
title = "Arch GNU/Linux on MacBook Air 2013"
date = 2016-11-01
tags = ["arch", "macbook"]
draft = false
[menu.main]
  weight = 2001
  identifier = "arch-gnu-linux-on-macbook-air-2013"
+++

This post summarizes how I install and dual-boot Arch GNU/Linux with
Full-Disk Encryption alongside macOS.  It is not meant to be a
replacement for the [Installation Guide](https://wiki.archlinux.org/index.php/installation%5Fguide) or the former [Beginner's Guide](https://csdietz.github.io/arch-beginner-guide/).
Rather, it mostly serves as a small summary with a few useful notes
about the gotchas.

So, make sure you understand what you type into your terminal.  If you
don't, checking out the Arch wiki should probably be your first step.

_Note:_ you will need internet access throughout the installation and
the MacBook Air's WiFi doesn't work out of the box on Arch.  I
recommend using your phone's USB Tethering (if it does support it), or
using an Ethernet-USB adapter.


## Shrinking the macOS partition {#shrinking-the-macos-partition}

The first step I take is resizing the HFS+ macOS partition to make
room for the new <abbr>GNU/Linux</abbr> installation.  There are plenty
of tutorials on how to do this using macOS's Disk Utility, so do that
and then come back!


## Creating a bootable Arch Installer USB {#creating-a-bootable-arch-installer-usb}

There are different ways of creating a bootable Arch USB, all
documented on the [USB flash installation media](https://wiki.archlinux.org/index.php/USB%5Fflash%5Finstallation%5Fmedia) page on the Arch wiki,
but the simplest one is using `dd` if you already have access to
another UNIX system.

<span class="red">Warning:</span> make sure you backup the data on your flash
drive, as `dd` will irrevocably destroy all data on it.

Use `lsblk` to find the name (block device) of your USB drive, then
run `dd` (as root) as shown below:

```bash
dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress && sync
```

Replace `/path/to/archlinux.iso` with the path to the Arch image you
have downloaded, and `/dev/sdx` with your drive.


## Booting up from the USB {#booting-up-from-the-usb}

After creating the install USB, reboot your laptop and hold the alt
key and boot into the USB.

When booting is complete and you're presented with the prompt, it's a
good time to make sure you're connected to the internet (see the
_note_ at the top of this post).

Use `ping` to verify that you've established a connection:

```bash
ping archlinux.org
```


## Updating the system clock {#updating-the-system-clock}

Once you're connected to the internet, make sure the system clock is
accurate:

```bash
timedatectl set-ntp true  # start and enable systemd-timesyncd
```

You can check the service status using `timedatectl status`.


## Partitioning {#partitioning}

I won't dive into partitioning and instead, I'll refer you to the
[Partitioning](https://wiki.archlinux.org/index.php/Partitioning) page of Arch wiki. Of the available partitioning tools, I
personally prefer `cfdisk`.


## Setting up LVM & LUKS {#setting-up-lvm-and-luks}

I use a [LVM on LUKS](https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting%5Fan%5Fentire%5Fsystem#LVM%5Fon%5FLUKS) setup, where I set up LVM on top of the encrypted
partition.

First, let's set up the underlying encrypted partition:

```bash
cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 \
           --iter-time 5000 --use-urandom -y luksFormat /dev/sdaX
```

where `/dev/sdaX` is the partition you created in the last step
(e.g. `/dev/sda4`). For more information about the `cryptsetup`
options, see the [LUKS encryption options](https://wiki.archlinux.org/index.php/Dm-crypt/Device%5Fencryption#Encryption%5Foptions%5Ffor%5FLUKS%5Fmode).

Then we open the container:

```bash
cryptsetup open --type luks /dev/sdaX lvm
```

Now it's time to use lvm and prepare the logical volume(s):

```bash
pvcreate /dev/mapper/lvm
vgcreate vg /dev/mapper/lvm
lvcreate --extents +100%FREE -n root vg
```

This will create a physical volume on the mapping we just opened,
create a volume group named `vg` on the physical volume, and create a
logical volume named `root` that spans the entire volume group. More
complex setups are possible thanks to the great flexibility of lvm.

We now format the logical volume with `ext4`:

```bash
mkfs.ext4 /dev/mapper/vg-root
```


## Installing the base system {#installing-the-base-system}

Let's mount the logical volume, make a directory for the mount point
of the boot partition, and mount the boot partition (`/dev/sda1`):

```bash
mount /dev/mapper/vg-root /mnt
mkdir /mnt/boot
mount /dev/sda1 /mnt/boot
```

Finally, let's install the base system (and optionally `base-devel`):

```bash
pacstrap /mnt base base-devel
```


## Configuring the system {#configuring-the-system}

Let's generate the fstab:

```bash
genfstab -U /mnt >> /mnt/etc/fstab
```

Use your favorite terminal-based editor, edit the fstab file and add
the `discard` option for the root partition to enable TRIM on the SSD.

Now we change root into our newly installed system and will configure
it. Adjust these according to your own setup.

```bash
arch-chroot /mnt /bin/bash
passwd  # set the root password
echo myhostname > /etc/hostname  # set the hostname
ln -s /usr/share/zoneinfo/Canada/Eastern /etc/localtime  # time zone
hwclock --systohc --utc   # write system clock to hardware clock (UTC)
useradd -m -G wheel -s /bin/bash myuser  # create myuser
passwd myuser  # set the password for myuser
echo "myuser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/myuser
# uncomment en_US.UTF-8 UTF-8 and other needed locales in /etc/locale.gen
locale-gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
export LANG=en_US.UTF-8
```

Then adjust the initramfs hooks in `/etc/mkinitcpio.conf` and enable
the `encrypt` and `lvm2` hooks, and make sure `keyboard` is available
before `encrypt` so you can actually type in the LUKS password when
booting. Your `HOOKS` line should look similar to this:

```nil
HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
```

After adjusting the hooks, build the initramfs:

```bash
mkinitcpio -p linux
```

Now, install the `intel-ucode` package. We'll configure the bootloader
to enable intel microcode updates.

```bash
pacman -S intel-ucode
```

Create the `/boot/loader/loader.conf` with the following content
(adjust the timeout to your liking):

```nil
default arch
timeout 3
```

Then create the entry for Arch:

```bash
mkdir -p /boot/loader/entries
touch /boot/loader/entries/arch.conf
```

Now edit `/boot/loader/entries/arch.conf` to specify the Arch entry:

```nil
title    Arch GNU/Linux
linux    /vmlinuz-linux
initrd   /intel-ucode.img
initrd   /initramfs-linux.img
options  cryptdevice=/dev/sdaX:vg:allow-discards root=/dev/mapper/vg-root rw
```

Again, `/dev/sdaX` is the partition you created in the [partitioning](#partitioning)
step as the underlying encrypted partition.

Finally, install the bootloader, exit the chroot, umount and reboot!

```bash
bootctl install
exit
umount -R /mnt
reboot
```


## Post-installation recommendations {#post-installation-recommendations}

Congratulations! You now have a minimal Arch installation.

At this point, I usually install my favorite AUR helper, [pacaur](https://aur.archlinux.org/packages/pacaur/), then
I install the [broadcom-wl-dkms](https://aur.archlinux.org/packages/broadcom-wl-dkms/) wireless driver and [mba6x\_bl-dkms](https://aur.archlinux.org/packages/mba6x%5Fbl-dkms/)
backlight driver to fix the post suspend/resume issue where three's no
brightness after waking up from suspend, and the only available
brightness would be 100%.

```bash
pacaur -S linux-headers dkms  # linux-headers is required for dkms
pacaur -S broadcom-wl-dkms
pacaur -S mba6x_bl-dkms
```

Then, I'd like to install

-   input, graphics, and sound drivers,
-   a desktop environment (I prefer Xfce or LXQt),
-   a display manager for login screen (lightdm or sddm), and
-   a network manager (NetworkManager or ConnMan).

Check out the [General recommendations](https://wiki.archlinux.org/index.php/General%5Frecommendations) for more details.


## References {#references}

Here are some resources I've come across each with lots of useful bits
and pieces, about installing Arch on a MacBook:

-   [pandeiro/arch-on-air](https://github.com/pandeiro/arch-on-air)
-   [Arch Linux on MacBook Pro Retina 2014 with DM-Crypt, LVM and suspend to disk](https://loicpefferkorn.net/2015/01/arch-linux-on-macbook-pro-retina-2014-with-dm-crypt-lvm-and-suspend-to-disk/)
-   [Installing Archlinux on Macbook Air 2013](http://frankshin.com/installing-archlinux-on-macbook-air-2013/)
-   [Arch Linux Installation with OS X on Macbook Air (Dual Boot)](http://panks.me/posts/2013/06/arch-linux-installation-with-os-x-on-macbook-air-dual-boot/)
-   [Installing (encrypted) Arch Linux on an Apple MacBook Pro](https://visual-assault.org/2016/03/05/install-encrypted-arch-linux-on-apple-macbook-pro/)
-   [Installing Arch Linux on a MacBook Air 2013](http://alexeyzabelin.com/arch-on-mac)
-   [Arch Linux running on my MacBook](https://medium.com/phils-thought-bubble-of-recent-stuff/arch-linux-running-on-my-macbook-2ea525ebefe3)
-   [Dual boot Arch Linux on MacBook Pro Installation](http://codylittlewood.com/arch-linux-on-macbook-pro-installation/)

[//]: # "Exported with love from a post written in Org mode"
[//]: # "- https://github.com/kaushalmodi/ox-hugo"
Commit	Line	Data
caf3b78c AB	1	+++
	2	title = "Arch GNU/Linux on MacBook Air 2013"
	3	date = 2016-11-01
	4	tags = ["arch", "macbook"]
	5	draft = false
	6	[menu.main]
	7	weight = 2001
	8	identifier = "arch-gnu-linux-on-macbook-air-2013"
	9	+++
	10
	11	This post summarizes how I install and dual-boot Arch GNU/Linux with
	12	Full-Disk Encryption alongside macOS. It is not meant to be a
	13	replacement for the [Installation Guide](https://wiki.archlinux.org/index.php/installation%5Fguide) or the former [Beginner's Guide](https://csdietz.github.io/arch-beginner-guide/).
	14	Rather, it mostly serves as a small summary with a few useful notes
	15	about the gotchas.
	16
	17	So, make sure you understand what you type into your terminal. If you
	18	don't, checking out the Arch wiki should probably be your first step.
	19
	20	_Note:_ you will need internet access throughout the installation and
	21	the MacBook Air's WiFi doesn't work out of the box on Arch. I
	22	recommend using your phone's USB Tethering (if it does support it), or
	23	using an Ethernet-USB adapter.
	24
	25
	26	## Shrinking the macOS partition {#shrinking-the-macos-partition}
	27
	28	The first step I take is resizing the HFS+ macOS partition to make
	29	room for the new <abbr>GNU/Linux</abbr> installation. There are plenty
	30	of tutorials on how to do this using macOS's Disk Utility, so do that
	31	and then come back!
	32
	33
	34	## Creating a bootable Arch Installer USB {#creating-a-bootable-arch-installer-usb}
	35
	36	There are different ways of creating a bootable Arch USB, all
	37	documented on the [USB flash installation media](https://wiki.archlinux.org/index.php/USB%5Fflash%5Finstallation%5Fmedia) page on the Arch wiki,
	38	but the simplest one is using `dd` if you already have access to
	39	another UNIX system.
	40
	41	<span class="red">Warning:</span> make sure you backup the data on your flash
	42	drive, as `dd` will irrevocably destroy all data on it.
	43
	44	Use `lsblk` to find the name (block device) of your USB drive, then
	45	run `dd` (as root) as shown below:
	46
	47	```bash
	48	dd bs=4M if=/path/to/archlinux.iso of=/dev/sdx status=progress && sync
	49	```
	50
	51	Replace `/path/to/archlinux.iso` with the path to the Arch image you
	52	have downloaded, and `/dev/sdx` with your drive.
	53
	54
	55	## Booting up from the USB {#booting-up-from-the-usb}
	56
	57	After creating the install USB, reboot your laptop and hold the alt
	58	key and boot into the USB.
	59
	60	When booting is complete and you're presented with the prompt, it's a
	61	good time to make sure you're connected to the internet (see the
	62	_note_ at the top of this post).
	63
	64	Use `ping` to verify that you've established a connection:
65
66	```bash
67	ping archlinux.org
68	```
69
70
71	## Updating the system clock {#updating-the-system-clock}
72
73	Once you're connected to the internet, make sure the system clock is
74	accurate:
75
76	```bash
77	timedatectl set-ntp true # start and enable systemd-timesyncd
78	```
79
80	You can check the service status using `timedatectl status`.
81
82
83	## Partitioning {#partitioning}
84
85	I won't dive into partitioning and instead, I'll refer you to the
86	[Partitioning](https://wiki.archlinux.org/index.php/Partitioning) page of Arch wiki. Of the available partitioning tools, I
87	personally prefer `cfdisk`.
88
89
90	## Setting up LVM & LUKS {#setting-up-lvm-and-luks}
91
92	I use a [LVM on LUKS](https://wiki.archlinux.org/index.php/Dm-crypt/Encrypting%5Fan%5Fentire%5Fsystem#LVM%5Fon%5FLUKS) setup, where I set up LVM on top of the encrypted
93	partition.
94
95	First, let's set up the underlying encrypted partition:
96
97	```bash
98	cryptsetup -v --cipher aes-xts-plain64 --key-size 512 --hash sha512 \
99	--iter-time 5000 --use-urandom -y luksFormat /dev/sdaX
100	```
101
102	where `/dev/sdaX` is the partition you created in the last step
103	(e.g. `/dev/sda4`). For more information about the `cryptsetup`
104	options, see the [LUKS encryption options](https://wiki.archlinux.org/index.php/Dm-crypt/Device%5Fencryption#Encryption%5Foptions%5Ffor%5FLUKS%5Fmode).
105
106	Then we open the container:
107
108	```bash
109	cryptsetup open --type luks /dev/sdaX lvm
110	```
111
112	Now it's time to use lvm and prepare the logical volume(s):
113
114	```bash
115	pvcreate /dev/mapper/lvm
116	vgcreate vg /dev/mapper/lvm
117	lvcreate --extents +100%FREE -n root vg
118	```
119
120	This will create a physical volume on the mapping we just opened,
121	create a volume group named `vg` on the physical volume, and create a
122	logical volume named `root` that spans the entire volume group. More
123	complex setups are possible thanks to the great flexibility of lvm.
124
125	We now format the logical volume with `ext4`:
126
127	```bash
128	mkfs.ext4 /dev/mapper/vg-root
129	```
130
131
132	## Installing the base system {#installing-the-base-system}
133
134	Let's mount the logical volume, make a directory for the mount point
135	of the boot partition, and mount the boot partition (`/dev/sda1`):
136
137	```bash
138	mount /dev/mapper/vg-root /mnt
139	mkdir /mnt/boot
140	mount /dev/sda1 /mnt/boot
141	```
142
143	Finally, let's install the base system (and optionally `base-devel`):
144
145	```bash
146	pacstrap /mnt base base-devel
147	```
148
149
150	## Configuring the system {#configuring-the-system}
151
152	Let's generate the fstab:
153
154	```bash
155	genfstab -U /mnt >> /mnt/etc/fstab
156	```
157
158	Use your favorite terminal-based editor, edit the fstab file and add
159	the `discard` option for the root partition to enable TRIM on the SSD.
160
161	Now we change root into our newly installed system and will configure
162	it. Adjust these according to your own setup.
163
164	```bash
165	arch-chroot /mnt /bin/bash
166	passwd # set the root password
167	echo myhostname > /etc/hostname # set the hostname
168	ln -s /usr/share/zoneinfo/Canada/Eastern /etc/localtime # time zone
169	hwclock --systohc --utc # write system clock to hardware clock (UTC)
170	useradd -m -G wheel -s /bin/bash myuser # create myuser
171	passwd myuser # set the password for myuser
172	echo "myuser ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers.d/myuser
173	# uncomment en_US.UTF-8 UTF-8 and other needed locales in /etc/locale.gen
174	locale-gen
175	echo LANG=en_US.UTF-8 > /etc/locale.conf
176	export LANG=en_US.UTF-8
177	```
178
179	Then adjust the initramfs hooks in `/etc/mkinitcpio.conf` and enable
180	the `encrypt` and `lvm2` hooks, and make sure `keyboard` is available
181	before `encrypt` so you can actually type in the LUKS password when
182	booting. Your `HOOKS` line should look similar to this:
183
184	```nil
185	HOOKS="base udev autodetect modconf block keyboard encrypt lvm2 filesystems fsck"
186	```
187
188	After adjusting the hooks, build the initramfs:
189
190	```bash
191	mkinitcpio -p linux
192	```
193
194	Now, install the `intel-ucode` package. We'll configure the bootloader
195	to enable intel microcode updates.
196
197	```bash
198	pacman -S intel-ucode
199	```
200
201	Create the `/boot/loader/loader.conf` with the following content
202	(adjust the timeout to your liking):
203
204	```nil
205	default arch
206	timeout 3
207	```
208
209	Then create the entry for Arch:
210
211	```bash
212	mkdir -p /boot/loader/entries
213	touch /boot/loader/entries/arch.conf
214	```
215
216	Now edit `/boot/loader/entries/arch.conf` to specify the Arch entry:
217
218	```nil
219	title Arch GNU/Linux
220	linux /vmlinuz-linux
221	initrd /intel-ucode.img
222	initrd /initramfs-linux.img
223	options cryptdevice=/dev/sdaX:vg:allow-discards root=/dev/mapper/vg-root rw
224	```
225
226	Again, `/dev/sdaX` is the partition you created in the [partitioning](#partitioning)
227	step as the underlying encrypted partition.
228
229	Finally, install the bootloader, exit the chroot, umount and reboot!
230
231	```bash
232	bootctl install
233	exit
234	umount -R /mnt
235	reboot
236	```
237
238
239	## Post-installation recommendations {#post-installation-recommendations}
240
241	Congratulations! You now have a minimal Arch installation.
242
243	At this point, I usually install my favorite AUR helper, [pacaur](https://aur.archlinux.org/packages/pacaur/), then
244	I install the [broadcom-wl-dkms](https://aur.archlinux.org/packages/broadcom-wl-dkms/) wireless driver and [mba6x\_bl-dkms](https://aur.archlinux.org/packages/mba6x%5Fbl-dkms/)
245	backlight driver to fix the post suspend/resume issue where three's no
246	brightness after waking up from suspend, and the only available
247	brightness would be 100%.
248
249	```bash
250	pacaur -S linux-headers dkms # linux-headers is required for dkms
251	pacaur -S broadcom-wl-dkms
252	pacaur -S mba6x_bl-dkms
253	```
254
255	Then, I'd like to install
256
257	- input, graphics, and sound drivers,
258	- a desktop environment (I prefer Xfce or LXQt),
259	- a display manager for login screen (lightdm or sddm), and
260	- a network manager (NetworkManager or ConnMan).
261
262	Check out the [General recommendations](https://wiki.archlinux.org/index.php/General%5Frecommendations) for more details.
263
264
265	## References {#references}
266
267	Here are some resources I've come across each with lots of useful bits
268	and pieces, about installing Arch on a MacBook:
269
270	- [pandeiro/arch-on-air](https://github.com/pandeiro/arch-on-air)
271	- [Arch Linux on MacBook Pro Retina 2014 with DM-Crypt, LVM and suspend to disk](https://loicpefferkorn.net/2015/01/arch-linux-on-macbook-pro-retina-2014-with-dm-crypt-lvm-and-suspend-to-disk/)
272	- [Installing Archlinux on Macbook Air 2013](http://frankshin.com/installing-archlinux-on-macbook-air-2013/)
273	- [Arch Linux Installation with OS X on Macbook Air (Dual Boot)](http://panks.me/posts/2013/06/arch-linux-installation-with-os-x-on-macbook-air-dual-boot/)
274	- [Installing (encrypted) Arch Linux on an Apple MacBook Pro](https://visual-assault.org/2016/03/05/install-encrypted-arch-linux-on-apple-macbook-pro/)
275	- [Installing Arch Linux on a MacBook Air 2013](http://alexeyzabelin.com/arch-on-mac)
276	- [Arch Linux running on my MacBook](https://medium.com/phils-thought-bubble-of-recent-stuff/arch-linux-running-on-my-macbook-2ea525ebefe3)
277	- [Dual boot Arch Linux on MacBook Pro Installation](http://codylittlewood.com/arch-linux-on-macbook-pro-installation/)
278
279	[//]: # "Exported with love from a post written in Org mode"
280	[//]: # "- https://github.com/kaushalmodi/ox-hugo"