03 February 2013

331. A full linux install on a USB stick: Arch and LXDE on a thumbdrive

Update 9 June 2013: I've updated the torrent URL for the current image. Note that you will likely have to do this every month or so. See https://www.archlinux.org/download/ for the latest image.

Original post:
Post 330 (How to install Arch linux) got me thinking: one of my most popular posts is post 70 ("Installing Debian on a USB stick -- live usb vs a true and full installation").

I'm new to Arch and LXDE and Openbox -- I normally run Debian with Gnome 3 -- so I'm probably not doing this the best way. But if you're also new to Arch and struggling with the beginner's wiki you may find some ideas here.

I admit: this post and post 330 aren't that different. Here I basically refine what I did in post 330, and adapt it for desktop use. I also don't have to worry about networking here since we're not talking about a headless box anymore, but an interactive system. There'll most likely be a third post at some point which will be a streamlined version of this post. Anyway.

Whatever I do here will obviously also apply to a desktop installation of Arch -- i.e. if you're struggling with LXDE/openbox on Arch, see here.

 Debian is fine and dandy, but the approach I describe there involves using a virtualbox to install debian on a thumbdrive.

In post 330 I learned how to use a chroot to set things up, which speeds things up significantly (you could of course just boot from a live CD etc., but that's too easy).

 Also, while I'm very happy with debian and it gives pretty small installs if done correctly, Arch might just give even leaner installs.[citation needed]

So here's how to install Arch linux and a graphical DE (LXDE -- I've never warmed to XCE for some reason).

We'll do 32 bit Arch here -- a reason to make a bootable linux drive is so that you can travel with your own safe desktop, and 32 bit linux will work on almost all hardware you're likely to encounter, while 64 bit linux is limited to more modern hardware. Note that if you really want to be secure you will need to encrypt the entire USB stick with e.g. truecrypt -- otherwise in particular your gpg/pgp keys are at risk. Ultimately, security is a matter of vigilance and risk reduction.

You do need a running linux machine  (or at least a live disk) -- I don't know how to do this from Windows.

1. Formatting the thumbdrive
2. Chrooting the drive and installing stuff with pacstrap
3. Arch-chroot to install the boot loader, setting up internet, and installing a desktop

Formatting the thumbdrive
Plug in your drive to your running linux machine
df -h
rootfs 28G 21G 5.7G 79% / udev 10M 0 10M 0% /dev tmpfs 397M 852K 396M 1% /run /dev/disk/by-uuid/d7479df8-0d84-4236-a92c-b05327b8fa3d 28G 21G 5.7G 79% / tmpfs 5.0M 0 5.0M 0% /run/lock tmpfs 2.3G 728K 2.3G 1% /run/shm /dev/sda5 112G 82G 25G 78% /home /dev/sdb2 937M 18M 872M 2% /media/ext /dev/sdb1 1014M 4.5M 1009M 1% /media/win32
sudo umount /dev/sdb1 /dev/sdb2

Time to start fdisk. First we delete any existing partitions (and data...), then we make one partition, and then we'll make it bootable. We won't bother with a swap disk -- we don't have the space and we want to keep disk i/o to a minimum.

sudo fdisk /dev/sdb
Command (m for help): p Disk /dev/sdb: 2063 MB, 2063597056 bytes 64 heads, 62 sectors/track, 1015 cylinders, total 4030463 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0x000cf539 Device Boot Start End Blocks Id System /dev/sdb1 62 2079231 1039585 e W95 FAT16 (LBA) /dev/sdb2 2079232 4027519 974144 83 Linux Command (m for help): d Partition number (1-4): 1 Command (m for help): d Selected partition 2 Command (m for help): n Partition type: p primary (0 primary, 0 extended, 4 free) e extended Select (default p): p Partition number (1-4, default 1): 1 First sector (2048-4030462, default 2048): Using default value 2048 Last sector, +sectors or +size{K,M,G} (2048-4030462, default 4030462): Using default value 4030462 Command (m for help): a Partition number (1-4): 1 Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. Syncing disks.
Create the filesystem:
sudo mkfs.ext4 /dev/sdb1
mke2fs 1.42.5 (29-Jul-2012) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 125952 inodes, 503551 blocks 25177 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=515899392 16 block groups 32768 blocks per group, 32768 fragments per group 7872 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376, 294912 Allocating group tables: done Writing inode tables: done Creating journal (8192 blocks): done Writing superblocks and filesystem accounting information: done
sudo fsck /dev/sdb1
fsck from util-linux 2.20.1 e2fsck 1.42.5 (29-Jul-2012) Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Pass 5: Checking group summary information /dev/sdb1: 11/125952 files (0.0% non-contiguous), 16846/503551 blocks
Make sure to verify you filesystem.

Get the arch iso and set up your chroot:
Note that you will most likely have to update the torrent URL every month or so. Obviously you'll need to change the mount command as well according to the iso name.
sudo apt-get install bittorrent squashfs-tools
cd ~/Downloads/
btdownloadcurses https://www.archlinux.org/releng/releases/2013.06.01/torrent/
sudo mount -o loop archlinux-2013.06.01-dual.iso /mnt
unsquashfs -d arch /mnt/arch/i686/root-image.fs.sfs

If you want x86_64 do unsquashfs -d arch/ /mnt/arch/x86_64/root-image.fs.sfs instead

Time to get busy:
sudo umount /mnt
sudo mount -o loop arch/root-image.fs /mnt
sudo cp /etc/resolv.conf /mnt/etc/resolv.conf
sudo mount -o bind /proc /mnt/proc
sudo mount -o bind /sys /mnt/sys
sudo mount -o bind /dev /mnt/dev
sudo mount -o bind /dev/pts /mnt/dev/pts
sudo chroot /mnt
[root@lithium /]# 

The first chroot:
mount /dev/sdb1 /mnt
mkdir /run/shm
haveged -w 1024
pacman-key --init
pacman-key --populate archlinux

If you're installing i686 (i.e. 32 bit) linux from an x86_64 (i.e. 64 bit) linux, edit /etc/pacman.conf and set Architecture:
Architecture = i686
pacstrap /mnt base vim grub-bios openssh wicd lxde-common lxsession desktop-file-utils openbox upower
(196/196) installing openbox [#############] 100% Place menu.xml, rc.xml and autostart in ~/.config/openbox They can be found in /etc/xdg/openbox Optional dependencies for openbox pyxdg: for the xdg-autostart script
This will download a large number of packages (196 packages; ca 178 M download, ca 750 Mb installed), and will take a while. Make sure that all packages end with the architecture you want (e.g. -i686 or -x86_64) or '-any'. I've omitted base-devel above, since you might not need it.

Generate a proto-fstab:
genfstab -p /mnt >> /mnt/etc/fstab

and edit it (/mnt/etc/fstab) to read something like (the uuid will differ):
UUID=c540eff0-0e10-4e7a-9fb6-190a46f38203 / ext4 rw,relatime,data=ordered 0 1 /dev/scd0 /media/cdrom0 udf,iso9660 user,noauto 0 0 /dev/sdb1 /media/usb0 auto rw,user,noauto 0 0
The last two lines will automount CDs and usb sticks. It's not necessarily something you do want to allow -- so you may comment them out.

The second chroot:
arch-chroot /mnt

edit /etc/pacman.conf and change Architecture=auto to i686.

pacman -Syy
ln -s /usr/share/zoneinfo/Australia/Melbourne /etc/localtime
echo "kookaburra" > /etc/hostname

Edit /etc/locale.gen and uncomment the locales you want e.g.
en_GB.UTF-8 UTF-8
echo 'LANG="en_GB.UTF-8"'>/etc/locale
echo 'KEYMAP=us'> /etc/vconsole.conf
mkinitcpio -p linux
grub-mkconfig -o /boot/grub/grub.cfg
grub-install /dev/sdb

Don't screw up that last step! If you put the wrong device the arch install won't boot, and most likely not the system you chrooted it from either. i.e. don't accidentally type /dev/sda (or sdb is you have two disks -- it's not difficult to repair, but you'll need a live CD already prepared)

Continuing to set up LXDE/Openbox and network:

pacman -S ifplugd xorg-xinit xorg-server xorg-utils xorg-server-utils

I've only got nvidia boxes at home, but if you're travelling you're likely to run into intel and ati as well. You can probably skip the last package since we're pulling in nouveau

pacman -S xf86-video-nouveau xf86-video-ati xf86-video-intel xf86-video-nv nvidia

At this point startx would get you a black screen with a mouse cursor. Right-clicking on the background yields a menu, but you don't have anything installed.

There are a couple of services we want to run on boot:
systemctl enable wicd
systemctl enable sshd

Edit /etc/wicd/manager-settings.conf;change wired_interface to whatever you're using in udev.

The pc beep on tab is annoying me:
echo "blacklist pcspkr" > /etc/modprobe.d/nobeeep.conf

Create a user:
pacman -S sudo
useradd verahill -m
echo "verahill ALL=(ALL) ALL">> /etc/sudoers
su verahill
cd ~

mkdir ~/.config/openbox -p
cp /etc/xdg/openbox/*.xml ~/.config/openbox
cp /etc/xdg/openbox/* ~/.config/openbox
echo "exec startlxde" > ~/.xinitrc
echo "export DESKTOP_SESSION=LXDE">> ~/.bashrc

At this point we have a setup which supports both wired and wireless internet (depending on drivers) and which has a very rudimentary desktop. We're now using 1.4 Gb, out of which 231 M is the package cache.

The range of programs that you may want to install is probably fairly personal, and will also depend on the size of your USB stick. Here's a basic selection which fits me (install as root, or try sudo, although the latter option works best if you actually boot from your USB stick rather than chroot it):

pacman -S truecrypt firefox chromium thunderbird flashplugin

(when asked, ttf-bitstream-vera is fine)

Miscellaneous packages:
pacman -S conky guake leafpad gparted elinks mcabber mutt gajim screen mlocate xterm lxpanel menumaker obmenu obconf alsa-utils volwheel pulseaudio-alsa

To improve the functionality of screen and vim, see here and here. Setting up Mutt and Mcabber is described here and here. Conky is here (item 4).

To sort out sound you might need to create ~/.asoundrc and fill it with:

pcm.!default.type pulse
ctl.!default.type pulse

(Not everyone is a fan of pulseaudio though)

And see this post for a bit more on encrypting communication and files (I travel in China so these things do matter)): http://verahill.blogspot.com.au/2012/05/encrypting-your-email-chat-and-phone-in.html

Some basic science packages that let's me do basic work on the road:
pacman -S octave gnuplot maxima gummi texlive-science gimp

If you pull in all those packages you'll need a pretty big USB drive though (albeit you actually have a small build environment installed) -- it comes in at about 3.4 Gb. Skip the science stuff to save space.

And I think that's that. Time to safely umount:
umount /mnt
sudo umount /mnt/proc
sudo umount /mnt/sys
sudo umount /mnt/dev/pts
sudo umount /mnt/dev
sudo umount /mnt

To boot:
Plug in your USB stick and hit whatever key or key-combination during BIOS start up is necessary to interrupt boot and allow you to select your boot device. Sometimes it's F9, F2, F12 or del.

On boot:
Your first task  will be to get your internet up and running. Assuming that you haven't already played with /etc/udev/rules.d you need to find out what the interfaces are called. Do ifconfig -a, note the names, and then start wicd-curses. Select Preferences and enter the name of e.g. the wired interface.

Then start your desktop by running startx. There'll be plenty of menu options, but most programs will be missing, but that's what your ~/.config/openbox/menu.xml is for. And that's how far I've gotten. Time to explore.

Potential issues:
It doesn't always work on first try -- for some reason. I had to start from scratch twice before everything worked without a hitch. Often it's easier starting from scratch than trying to fix a basic installation.

You might not be able to run the systemctl commands until you've actually booted from the usb stick.

If you're on a laptop and the mouse/touchpad isn't working, install xf86-input-synaptics.

Consider installing wicd-gtk if you'll be working a desktop environment a lot.


  1. How much disk space is it required?

  2. Anyway, 1.3G? That's small enough for me!
    I like an exotic distro with more customizeration. and that fit on my 3.6GB USB!
    Thanks a lot!

  3. After cd ~/Downloads/, Ubuntu ignored me to work after that. After that, the process was failed, as the .iso file cannot be mounted.

    (Using Ubuntu 12.04 LTS 64bit,currently formatted my 8GB USB drive)

    1. You can use transmission or any other torrent client instead of bt

  4. cd ~/Downloads/command did not work. That was what I said ignored. The download has been completed, though.

    1. so you don't have a ~/Downloads folder. Anyway, it's of no importance. Does the rest work? And if not, WHAT doesn't work? And in what way?

    2. Of the last work, the .iso file does not mount and I cannot do the other works properly.
      sudo mount -o loop archlinux-2013.01.04-dual.iso /mnt(this is where the problem begins)
      unsquashfs -d arch /mnt/arch/i686/root-image.fs.sfs
      (Following step. as for mounting, I cannot do this step.)

    3. If the image is not mounted you can't unsquash it.

      So what's the error message when you try to mount the iso?

    4. I've updated the instructions for the current iso. Are you sure you downloaded it correctly before? Note that you obviously need to change the other commands too according to the iso version you are using.

    5. I downloaded it correctly. and I tried to mount. but It didn't made it.
      Can I install it with a debian-based distro like ubuntu?

    6. Yes, debian based is fine -- should work under just about any distro. I did it on Wheezy above, and I tried Jessie yesterday. Everything is fine, although the old torrent link didn't work, which makes me wonder if you really downloaded the iso correctly -- if you look at https://www.archlinux.org/download/ there are md5 checksums that you may want to compare with.

      Anyway: "and I tried to mount. but It didn't made it."
      Exactly WHAT happens? Any messages?

      Again, I've tried it on several different machines and it all works. I'm also surprised that you didn't have a ~/Downloads directory, although that may have more to do with your choice of desktop (maybe e.g. unity doesn't create those directories?)

  5. It's probably seen that it does not get into the ~/Download directory. I have tried on multiple distros like Linux Mint Debian Edition(When I tried to download Cinnamon spices, than it does not goes into the download directory) and also even Debian(When I try to unzip the Virtualbox folder, It's not there!)

    1. Again, I'm a bit confused. You download something but don't know where it ends up?
      And it doesn't matter what files you download? Is that your problem?

    2. And what is the connection with virtualbox?

  6. Why not installing with 86-64+-multilib support rather than simple i686 architecture? I don't know. The Arch Forum said that 86-64 has the highest versatility.

    1. You can't run a 64 bit OS on 32 bit hardware. Multilib may allow you to run 32 bit binaries on a 64 bit OS, but it won't turn it into a 32 bit OS.