Testing the installation of Archlinux: Manjaro XFCE 8.7.1
Creating Manjaro Live Installation Media
diskutil list
diskutil unmountDisk /dev/disk2 //flash is connected to disk2
dd of=/dev/disk2 if=/path/to/manjaro-xfce-0.8.7.1-x86_64.iso
diskutil eject /dev/disk2
Installing Manjaro XFCE 8.7.1 via Installation Wizard
- Boot from the USB Drive.
- When prompted type in ‘stat’ press enter to select Manjaro Live.
- Click on the Manjaro installation manager icon on the Desktop and walk through the installation process.
- When prompted for a username, choose one that is NOT your SOE login! For example "elnaz_local" rather than my SOE login of "elnaz". Otherwise you will not be able to login to your computer after you setup LDAP.
- When prompted for a machine name, enter the name that machine is supposed to be (mascd11, omelette, quiche, etc)
- Selecting 'Edit Partitioning' will launch gparted which will allow you to delete current partitions and/or add new partitions.
- At least 3 partitions are needed.
- ~2G storage for /boot and select ‘ext2’ as the format.
- At least 8-10G for swap and select ‘linux-swap’ as the format.
- The rest of the storage space can be partitioned as root ‘/‘ with the ‘ext4’ format.
- You can add other partition such as home directory.
- Click on 'Edit' and select 'Apply All Partitions' to save the changes. And quit the program.
- Right click on ~2G partition and mount it as /boot. The format should be 'ext2'.
- Right click on the largest partition (i.e. root) and mount is as '/'. Click Forward.
- Note to install 'grub' in the /boot partition.
- Deselect Plymouth login manager. You should install a different login manager later, for instance SLiM.
- Review the summary of the changes you have made. And click on 'install'.
- Installation wizard should complete as normal.
NOTE: when partitioning the disk, make sure root and boot partitions are on one disk. Otherwise, you will not be able to boot from hard drive.
Account Setup
Enable root account. Open a terminal window. And enter your new root password for the machine
sudo su -
passwd
Add your local and SOE logins to the list of sudoers:
vi /etc/sudoers
Update all the installed packages on your system.
pacman -Syu
Expand this section to view the list of packages to be installed.
accountsservice ack acl alsa-lib alsa-plugins apr apr-util apvlv archlinux-keyring ascii aspell aspell-en at-spi2-atk at-spi2-core atk atkmm attr audit autoconf automake avahi awesome babl bash binutils-multilib bison blas boost boost-libs bzip2 ca-certificates ca-certificates-java cairo cairomm cantarell-fonts cdparanoia chromium cifs-utils cloog clucene clusterssh clutter cmake cogl colord compiz-core compositeproto coreutils cppcheck cpupower cracklib cronie cryptsetup ctags cups-pk-helper curl damageproto db dbus dbus-glib dconf desktop-file-utils device-mapper dhclient dhcpcd diffutils dirmngr djvulibre dnssec-anchors dnsutils docbook-xml docbook-xsl dosfstools dotconf e2fsprogs e_dbus ecore edje eet eeze efreet eina eio elementary elfutils embryo emotion enca enchant eog epdfview ethumb evas evas_generic_loaders exempi exiv2 exo expat fakeroot feh ffmpeg fftw file filesystem findutils fixesproto flac flex font-bh-ttf fontconfig fontsproto fpc freeglut freeimage freetype2 fribidi ftgl fuse garcon gawk gc gcc gcc-libs gd gdb gdbm gdk-pixbuf gdk-pixbuf2 gegl geoclue gettext ghostscript giblib giflib gimp girara-common girara-gtk2 git gjs glew glib glib-networking glib2 glibc glibmm glu gmp gnome-desktop gnome-icon-theme gnome-icon-theme-symbolic gnome-menus gnome-themes-standard gnupg gnuplot gnutls gobject-introspection gource gpart gparted gpgme gpm graphite graphviz grep groff grub gsettings-desktop-schemas gsfonts gsl gsm gstreamer0.10 gstreamer0.10-base gstreamer0.10-base-plugins gtk gtk-chtheme gtk-engines gtk-update-icon-cache gtk2 gtk2-xfce-engine gtk2_prefs gtk3 gtkmm gtksourceview2 gtkspell gts gvfs gvim gzip harfbuzz harfbuzz-icu hdparm heirloom-mailx hicolor-icon-theme hspell hsqldb-java htop hunspell hwids hyphen iana-etc icon-naming-utils icu idnkit ilmbase imagemagick imlib2 inetutils inkscape inkscape-tikz-hg inputproto intltool iotop iperf iproute2 iptables iputils isl iso-codes jack jasper jbig2dec jdk7-openjdk jfsutils jre7-openjdk jre7-openjdk-headless js js185 json-c json-glib kbd kbproto keyutils kmod krb5 lame lapack lcms lcms2 ldb ldns less lib32-gcc-libs lib32-glibc lib32-zlib libarchive libart-lgpl libass libassuan libasyncns libatasmart libbluray libbsd libburn libcanberra libcanberra-pulse libcap libcap-ng libcddb libcdio libcdio-paranoia libcl libcroco libcups libdaemon libdatrie libdmtx libdrm libedit libev libevent libexif libffi libfontenc libgcrypt libgdm libgee libglade libgnome-keyring libgpg-error libgssglue libgtop libgusb libgxps libical libice libid3tag libidn libimobiledevice libiodbc libisofs libjpeg-turbo libkeybinder2 libksba libldap liblqr libltdl libmbim libmikmod libmng libmodplug libmpc libmpd libmysqlclient libnewt libnl libnotify liboauth libogg libotf libpcap libpciaccess libpeas libpipeline libplist libpng libproxy libpulse libpwquality libqmi libraw libreoffice-base libreoffice-calc libreoffice-common libreoffice-draw libreoffice-en-US libreoffice-impress libreoffice-math libreoffice-postgresql-connector libreoffice-writer librpcsecgss librsvg librsync libsamplerate libsasl libsecret libsigc++ libsigsegv libsm libsndfile libsoup libspectre libssh libssh2 libtasn1 libthai libtheora libtiff libtirpc libtraceevent libunique libunwind libusb-compat libusbx libutempter libva libvdpau libvisual libvorbis libvpx libwacom libwbclient libwebp libwmf libwnck libwpd libwps libx11 libxau libxaw libxcb libxcomp libxcomposite libxcursor libxdamage libxdg-basedir libxdmcp libxext libxfce4ui libxfce4util libxfcegui4 libxfixes libxfont libxft libxi libxinerama libxkbcommon libxkbfile libxklavier libxml2 libxmu libxp libxpm libxrandr libxrender libxres libxslt libxss libxt libxtst libxv libxxf86vm libyaml licenses linux linux-api-headers linux-firmware llvm llvm-amdgpu-lib-snapshot llvm-libs lm_sensors logrotate lpsolve lsof lua lua-lgi lua51 lvm2 lxappearance lxrandr lzo lzo2 m4 make man-db man-pages mash mcpp mdadm media-player-info mesa mesa-libgl miniupnpc mkinitcpio mkinitcpio-busybox mobile-broadband-provider-info modemmanager mousepad mpfr mtdev mtools muparser mupdf mysql mysql-clients nano ncftp ncurses neon net-tools netctl nettle networkmanager nfs-utils nfsidmap ngspice nspr nss nx-common nxclient openal opencore-amr openexr openjpeg opennx openresolv openssh openssl opus orage orc oxygen-icons p11-kit pacgraph package-query pacman pacman-mirrorlist pam pambase pango pangomm parted patch pciutils pcmciautils pcre perf perl perl-app-clusterssh perl-class-data-inheritable perl-class-errorhandler perl-convert-asn1 perl-crypt-blowfish perl-crypt-des perl-data-dump perl-dbi-shell perl-devel-stacktrace perl-devel-symdump perl-digest-hmac perl-digest-sha1 perl-error perl-exception-class perl-file-next perl-file-which perl-io-tee perl-module-manifest perl-net-ssh perl-params-util perl-pod-coverage perl-readonly perl-shell perl-sub-uplevel perl-test-distmanifest perl-test-exception perl-test-nowarnings perl-test-pod perl-test-pod-coverage perl-test-tester perl-test-trap perl-test-warn perl-text-reform perl-tk perl-tree-dag-node perl-try-tiny perl-x11-protocol perl-xml-parser perl-xml-simple phonon-gstreamer pinentry pixman pkg-config pm-quirks pm-utils polkit poppler poppler-data poppler-glib popt postgresql-libs powertop ppp printproto procps-ng psmisc psutils pth pulseaudio pulseaudio-alsa pygobject-devel pygobject2-devel pygtk python python-lxml python-pip python-psutil python-pyudev python-setuptools python-xdg python2 python2-atspi python2-beaker python2-boto python2-cairo python2-crypto python2-gnupginterface python2-gobject python2-gobject2 python2-keybinder2 python2-lxml python2-mako python2-markupsafe python2-notify python2-paramiko python2-powerline-git python2-pyudev python2-setuptools python2-xdg qiv qrencode qt4 r randrproto raptor rasqal readline recode recordproto redland redland-storage-virtuoso reiserfsprogs renderproto rest ristretto rpcbind rsync rtkit rtmpdump rubber ruby run-parts sbc scala schroedinger scrnsaverproto sdl sdl_image sdl_mixer sdl_net sdl_ttf sed serf sg3_utils shadow shared-color-profiles shared-color-targets shared-desktop-ontologies shared-mime-info slang slim smpeg snappy sound-theme-freedesktop speech-dispatcher speex sqlite sshfs startup-notification strace strigi subversion sudo swig sysfsutils syslinux systemd systemd-sysvcompat sysvinit-tools t1lib taglib talloc tar tcl tcsh tdb terminator tevent texinfo texlive-bibtexextra texlive-bin texlive-core texlive-fontsextra texlive-formatsextra texlive-games texlive-genericextra texlive-htmlxml texlive-humanities texlive-latexextra texlive-music texlive-pictures texlive-plainextra texlive-pstricks texlive-publishers texlive-science thunar thunar-archive-plugin thunar-media-tags-plugin thunar-volman time tk tmux tre ttf-dejavu ttf-droid ttf-freefont ttf-inconsolata ttf-liberation ttf-linux-libertine tumbler tzdata udisks udisks2 unixodbc unrar unzip upower usbip usbmuxd usbutils util-linux v4l-utils vi videoproto vim-a vim-bufexplorer vim-buftabs vim-colorsamplerpack vim-doxygentoolkit vim-guicolorscheme vim-nerdcommenter vim-nerdtree vim-netrw vim-omnicppcomplete vim-project vim-runtime vim-taglist vim-vcscommand vim-workspace virtualbox-guest-modules virtualbox-guest-utils virtuoso-base vpnc vte vte-common wayland webrtc-audio-processing wget which wpa_supplicant wxgtk x264 x86_energy_perf_policy xbitmaps xcb-proto xcb-util xcb-util-image xcb-util-keysyms xcb-util-wm xdg-utils xextproto xf86-input-evdev xf86vidmodeproto xfburn xfce4-appfinder xfce4-artwork xfce4-battery-plugin xfce4-clipman-plugin xfce4-cpufreq-plugin xfce4-cpugraph-plugin xfce4-datetime-plugin xfce4-dict xfce4-diskperf-plugin xfce4-eyes-plugin xfce4-fsguard-plugin xfce4-genmon-plugin xfce4-mailwatch-plugin xfce4-mixer xfce4-mount-plugin xfce4-mpc-plugin xfce4-netload-plugin xfce4-notes-plugin xfce4-notifyd xfce4-panel xfce4-power-manager xfce4-quicklauncher-plugin xfce4-screenshooter xfce4-sensors-plugin xfce4-session xfce4-settings xfce4-smartbookmark-plugin xfce4-systemload-plugin xfce4-taskmanager xfce4-terminal xfce4-time-out-plugin xfce4-timer-plugin xfce4-verve-plugin xfce4-wavelan-plugin xfce4-weather-plugin xfce4-xkb-plugin xfconf xfdesktop xfsprogs xfwm4 xfwm4-themes xineramaproto xkeyboard-config xorg-bdftopcf xorg-font-util xorg-font-utils xorg-fonts-alias xorg-fonts-encodings xorg-fonts-misc xorg-iceauth xorg-luit xorg-mkfontdir xorg-mkfontscale xorg-server xorg-server-common xorg-server-utils xorg-sessreg xorg-setxkbmap xorg-xauth xorg-xbacklight xorg-xcmsdb xorg-xev xorg-xgamma xorg-xhost xorg-xinit xorg-xinput xorg-xkbcomp xorg-xlsfonts xorg-xmessage xorg-xmodmap xorg-xrandr xorg-xrdb xorg-xrefresh xorg-xset xorg-xsetroot xproto xterm xvidcore xz yajl yaourt zathura zathura-djvu zathura-pdf-poppler zathura-ps zip zlib zziplib
Firewall Setup
Setup the firewall:
ufw default deny
ufw reject auth
ufw limit ssh/tcp
ufw logging off
The next line is only needed the first time you install the package.
ufw enable
Follow it by enabling ufw with systemctl.
systemctl enable ufw.service
Finally, query the rules being applied via the status command.
ufw status
NVIDIA Driver Installation
By default, video-nvidia-nouveau is installed. Remove it and install video-nvidia instead.
The following command will list the basic information of all the drivers currently installed on your system.
mhwd -li -d
Filter the drivers used on a hardware with a PCI connection:
mhwd -li -d --pci
To remove the installed driver for nvidia graphics card use the following command.
mhwd -r pci video-nvidia-nouveau
You will also need to manually remove nouveau from the conf file.
Edit /etc/mkinitcpio.conf by commenting out the following line.
MODULES=" nouveau"
And install video-nvidia driver
mhwd -i pci video-nvidia
MADA Related Installations
autofs
Install autofs.
pacman -S autofs
Create a mada directory.
mkdir /mada
Configure.
scp <username>@mada0:/etc/auto.mada /etc/autofs/
scp <username>@mada0:/etc/auto.master /etc/autofs/
When you are done configuring, launch the AutoFS daemon as root:
systemctl start autofs
To start the daemon on boot:
systemctl enable autofs
Edit /etc/autofs/auto.mada
users -rw,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/users
software -ro,intr,soft,noquota,noatime,fstype=nfs4 mada0.cse.ucsc.edu:/mada/software
Mount /mada/users/ and /mada/software. If you have a new motherboard, make sure that your current ethernet address is assigned to your computer hostname. Otherwise you will not have permission to mount.
mount -o sec=none,vers=4 mada0.cse.ucsc.edu:/mada/users /mnt/
mount -o sec=none,vers=4 mada0.cse.ucsc.edu:/mada/software /mnt/
SSH
To enable X forwarding.
vi /etc/ssh/sshd_config
Make sure X11 forwarding option is set to yes
X11Forwarding yes
LDAP
Install the following packages.
pacman -S openldap nss nss_ldap pam_ldap cyrus-sasl-ldap lib32-libldap
yourt -A nss_updatedb
You have already set your host name as mascdx. Check:
vi /etc/hostname
If it is not set, set it using the following command.
hostnamectl set-hostname mascdx
Now mascdx is in /etc/hostname
Disable Modem Manager.
systemctl disable ModemManager
To get a list of current NIC names use:
ls /sys/class/net
Output example:
eno1 lo
You can use either dhcpcd or NetworkManager to configure the network, but make sure you use either a generic or the other type of ethernet device. Do not leave both 'active'.
Copy LDAP certificates.
scp <username>@mascd5:/etc/ssl/certs/* /etc/ssl/certs/
Copy LDAP configuration file.
scp <username>@mascd5:/etc/openldap/ldap.conf /etc/openldap/ldap.conf
Copy kerberos config file.
scp <username>@mascd5:/etc/krb5.conf /etc/.
Now you should be able to execute the following command.
ldapsearch -x LLL
Copy imapd configuration file.
scp <username>@mascd5:/etc/idmapd.conf /etc/.
Restrict access to your machine by copying and editing /etc/security/access.conf.
scp <username>@mascd5:/etc/security/access.conf /etc/security/.
You will need to add your local login to the machine, or you will lock yourself out.
vi /etc/security/access.conf
Go to very bottom of file and add your local user account to the list below root. Example of the last lines of my file (Replace "elnaz_local" with your local login).
+ : root : ALL
+ : elnaz_local : ALL
+ : nx : ALL
+ : gitosis : ALL
+ : (masc) : ALL
+ : (vlsi) : ALL
+ : (mada0) : ALL
- : ALL : ALL
Calling "su - other_username" should say "permission denied", but, calling "su - your_user_name" should work.
Copy nss switch configuration file.
scp <username>@mascd5:/etc/nsswitch.conf /etc/.
Copy pam LDAP configuration file.
scp <username>@mascd5:/etc/pam_ldap.conf /etc/.
Synopsys Tools Required Libraries
Having installed xorg-server xorg-server-common, I still had to install the following.
pacman -S xorg-server-devel
Install more and more fonts. Some of them are required by the Synopsys tools.
pacman -S $(pacman -Ssq font)
pacman -S $(pacman -Ssq ttf)
Copy libtermcap which needed by Synopsys simulator.
scp username@mada1:/usr/lib/libtermcap.so.2.0.8 /lib/. /lib/.
ln -s /usr/lib/libtermcap.so.2.0.8 /lib/libtermcap.so.2
Update All Packages
Frequently update all of your installed packages.
pacman -Syu