Archboot

Archboot is an advanced, modular arch boot/install image creation utility to generate bootable media for CD/USB/PXE, designed for installation or rescue operation.

It only runs in RAM, without any special filesystems like squashfs, thus it is limited to the RAM which is installed in your system.

Archboot Image Releases

• Release schedule: on 10th, 20th and 30th of a month new images are released to the mirrors.
• Hybrid image files with torrents, kernel and initrds are provided.
• PGP KEY: 5B7E 3FB7 1B7F 1032 9A1C 03AB 771D F662 7EDF 681F for file verification is provided.
• SHA256SUM: Check before using the files.

Download image files

Features of the images

• If you have a fast internet connection with LAN connection, do not need Secure Boot and a running DHCP server, go for the "latest" image.

Burning release or writing to disk

Hybrid image file is a standard CD-burnable image and also a raw disk image.

• Can be burned to CD(RW) media using most CD Burning utilities.
• Can be raw-written to a drive using 'dd' or similar utilities. This method is intended for use with USB thumb drives.

'dd if=<imagefile> of=/dev/<yourdevice> bs=1M'

PXE booting / Rescue system

• Download kernel: vmlinuz_archboot_x86_64
• Download initrd: initramfs_archboot_x86_64.img or initramfs_archboot_latest_x86_64.img
• Download Microcode: intel-ucode.img or amd-ucode.img
• For PXE booting add the kernel and initrds to your TFTP setup, add rootfstype=ramfs to your kernel cmdline and you will get a running installation/rescue system.
• For Rescue booting add an entry to your bootloader pointing to the kernel and initrds, and add rootfstype=ramfs to your kernel cmdline.

Supported boot modes

• It supports MBR BIOS booting with syslinux.
• It supports UEFI/UEFI_CD booting with GRUB.
• It support UEFI_MIX_MODE booting with GRUB.
• It supports Secure Boot with included fedora signed shim.
• It supports GRUB's iso loopback support.

variables used (below for example):

iso_loop_dev=PARTUUID=12345678-1234-1234-1234-123456789ABC

iso_loop_path=/dirname/<basename of archboot.iso>

With GPT, the PARTUUID can be obtained from the Partition unique GUID line of the sgdisk --info=y /dev/sdx command output.

menuentry "Archboot" --class iso {
loopback loop (hdX,X)/<archboot.iso>
linux (loop)/boot/vmlinuz_x86_64 iso_loop_dev=/dev/sdXY iso_loop_path=/<archboot.iso>
initrd (loop)/boot/initramfs_x86_64.img
}

• It supports booting using syslinux's memdisk (only in MBR BIOS mode).

menuentry "Archboot Memdisk" {
   linux16 /memdisk iso
   initrd16 hd(X,X)/<archboot.iso>
}

Secure Boot support with shim package signed from fedora

• This method is intended to use for dual booting with Windows, without losing the Secure Boot benefits for Windows.
• Please read this guide first for initial shim setup.
• In order to boot in Secure Boot mode on first boot:
  • you need to add the hash of /EFI/BOOT/grubx64.efi to the MOK
  • you need to add the hash of /boot/vmlinuz_x86_64 to the MOK
• Tools included for key management: KeyTool, HashTool, mokutil, sbsigntools and mkkeys.sh
• setup script supports the following Secure Boot layout:
  • shim from fedora is copied
  • creating new keys is supported
  • using existing keys from /etc/secureboot/keys in layout secureboot-keys.sh produces
  • MOK setup is done with keys
  • adding pacman hook for automatic signing
  • On first reboot you need to enroll the used keys to the MOK then your installed system is secure boot ready.
• It has a support script for creating your own keys and backup the existing keys, which already include the 2 needed Microsoft certificates:

secureboot-keys.sh -name=<yournametoembed> <directory>

How to do a remote installation with OpenSSH?

• During boot all network interfaces will try to obtain an IP address through dhcpcd.
• root password is not set by default! If you need privacy during installation set a password.

'ssh root@<yourip>'

Interactive setup

You can run each point for doing the mentioned task. If you do a fresh install, it is recommended to run each point in the order as presented.

Changing keymap and console fonts

• Your keymap and console fonts will be set by km script.

Setup network

• Your network will be configured by netctl.

Select Source

• Latest pacman mirrors will be synced and you have to select your favourite mirror.
• You will be asked if you want to activate the testing repository.
• You can decide to load the latest archboot environment and cache packages for installation.

Changing timezone and date

• You set your timezone and date with the tz script.

Prepare Storage drive

• You setup your storage drive, filesystems and define your mountpoints.
• auto-prepare mode, manual partitioning, GUID (gpt) support, MBR (bios) support, Advanced Format 4k sector drive support etc.
• Creation of software RAID/RAID partitions, LVM devices and LUKS encrypted devices
• Supports standard linux,RAID/RAID_partitions,dmraid/fakeraid,LVM and LUKS encrypted devices
• Filesystem support: ext2/ext3/ext4, btrfs, F2FS, nilfs2, reiserfs,XFS,JFS,NTFS-3G,VFAT
• Persistent block device naming support: PARTUUID, PARTLABEL, UUID, LABEL and KERNEL

Install Packages

• Pacman will install the packages for the first boot to your storage drive.

Configure System

• hwdetect script is used for preconfiguration
• Auto/Preconfiguration of fstab, KMS mode, SSD, mkinitcpio.conf, systemd, crypttab and mdadm.conf
• You will be asked to copy the pacman GPG keyring to the installed system
• Configuration of basic system files: hostname,Linux console,locale.conf,fstab,mkinitcpio.conf,modprobe.conf,resolv.conf,hosts,Locale,mirrors,pacman.conf
• Setting root password

Install Bootloader

• You setup your preferred bootloader from this menu point.
• GPT UEFI supported bootloaders: GRUB, refind-efi, systemd-boot, syslinux
• MBR BIOS supported bootloaders: GRUB, syslinux
• Secure Boot supports only shim signed by fedora with GRUB
• The selected bootloader will be installed to your system and you can modify the config file afterwards.

Keep your image up to date

• This way you can always bump your image to latest available possibilities.

Update archboot scripts

• Gets latest archboot scripts from git repository: setup, quickinst, km, tz and other helpers.

update-installer.sh -u

Update archboot environment and package cache

• This will create a complete new environment with latest packages and relaunch it through kexec immediatly.
• You get restarted in 5 minutes on a fast internet connection.

Update only archboot environment (3 GB RAM)

update-installer.sh -latest

Update environment and keep package cache for installation (4 GB RAM)

update-installer.sh -latest-install

Create new image release (4 GB RAM)

• This will create a new image release with latest packages in /archboot directory.

update-installer.sh -latest-image

Tools for backup and copying of an existing system

Archboot provides 2 additional scripts for doing those tasks.

• internal backup / copying you can use:

archboot-copy-mountpoint.sh

• internal or external backup / copying with rsync you can use:

archboot-rsync-backup.sh

Restoring an USB device to its original state

• When you have used the .iso image to create an USB installer, your USB stick is no longer useful for anything else.
• Any remaining space on the stick (supposing you used a larger-than the .img file) is inaccessible.
• Fortunately, it is easy to re-create a FAT32 partition on the stick so that the USB stick again becomes available for carrying around your data.
• Take care about which device actually is your USB stick. The next commands will render all data on <device> inaccessible:

archboot-restore-usbstick.sh <device>

FAQ, Known Issues and limitations

• Please check the forum threads for posted fixes and workarounds.
• Please run this script to get latest fixes from git:

update-installer.sh -u

• Package XYZ is missing in archboot environment.

Install missing package with:

pacman -Sy <package>

• Why screen stays blank or other weird screen issues happen?

Some hardware does not like the KMS activation, use radeon.modeset=0, i915.modeset=0 or nouveau.modeset=0 on boot prompt.

• dmraid/fakeraid might be broken on some boards, support is not perfect here.

The reason is there are so many different hardware components out there. At the moment 1.0.0rc16 is included, with latest fedora patchset, development has been stopped.

mdadm supports some isw and ddf fakeraid chipsets, but assembling during boot is deactivated in /etc/mdadm.conf!

• GRUB cannot detect correct bios boot order:

It may happen that hd(x,x) entries are not correct, thus first reboot may not work.

Reason: grub cannot detect bios boot order.

Fix: Either change bios boot order or change menu.lst to correct entries after successful boot. This cannot be fixed it is a restriction in grub2!

• efibootmgr setup entries are not working:

It may happen that UEFI boot entries are not correct, thus first reboot may not work eg. Ovmf UEFI is affected by this.

Reason: The UEFI implementation does not support how setup created the efibootmgr entries.

Fix: Add manual entries and delete wrong entries from your UEFI implementation.

• How much RAM is needed to boot?

It's an initramdisk which includes everything. Calculated size to boot the image:

initramdisk+kernelimage+unpackedinitramdisk=minimum RAM to boot

• What is the difference to the archiso install image?
  • It supports UEFI mixed mode (32bit UEFI / 64bit running system) booting.
  • It supports Secure Boot with fedora signed shim
  • It provides an additional interactive setup and quickinst script.
  • It runs a modified Arch Linux system in initramfs.
  • It is restricted to RAM usage, everything which is not necessary like man or info pages etc. is not provided.
  • It does not mount anything during boot process.
  • It uses netctl for network setup.
  • It can update itself to latest available packages
  • It offers 2 different types of images
  • It is smaller in file size

Development: GIT repository

GIT repository can be found here.

Bugs

Arch Linux Bugtracker

Create image files

Installation

Install the archboot package.

Requirements

• ~ 3GB free space on disk

Create image files without modifications

archboot-x86_64-release.sh

This script creates installation media with latest available core/extra packages and boot/ directory with kernel and initrds.

• Run as root:

archboot-x86_64-release.sh <directory>

• Finished you get the image and boot/ files in <directory>.

Create image files with modifications:

Explanation of the archboot image tools.

archboot-create-container.sh

This script will create an archboot container for image creation.

• Run as root:

create-container.sh <directory>

• You get an archboot container in directory.
• To enter the container run as root:

systemd-nspawn -D <directory>

Modify your container to your needs. Then run archboot-x86_64-iso.sh for image creation in container.

archboot-x86_64-iso.sh

Script for image creation from running system or for use in archboot container.

Normal image

• For tarball creation run as root:

archboot-x86_64-iso.sh -t

This tarball contains kernel and initrds.

• For iso creation run as root:

archboot-x86_64-iso.sh -g -T=<tarball>

This creates a normal iso image.

Latest image

• For tarball creation run as root:

archboot-x86_64-iso.sh -t -p=x86_64-latest

This tarball contains kernel and initrds.

• For iso creation run as root:

archboot-x86_64-iso.sh -g -T=<tarball> -p=x86_64-latest

This creates a latest iso image.

Config files for image creation:

There are 4 main config files for iso creation:

/etc/archboot/x86_64.conf
/etc/archboot/x86_64-latest.conf

These config files contain the HOOKS, which are used for the initramdisks. Modify it to your needs.

/etc/archboot/presets/x86_64 
/etc/archboot/presets/x86_64-latest

The main config file for the images, defines which kernel and mkinitcpio.conf is used and bootloader options.

Testing image and files with QEMU:

You can run QEMU tests at different stages of ISO creation:

kernel and initramdisk testing

qemu-system-x86_64 -kernel <yourkernel> -initrd <yourinitramdisk> -append "cgroup_disable=memory rootfstype=ramfs" --enable-kvm -usb -usbdevice tablet

BIOS MBR mode

qemu-system-x86_64 -cdrom <yourisofile> -usb -usbdevice tablet --enable-kvm -boot d --enable-kvm

UEFI GPT mode

64bit UEFI / 64bit running system

qemu-system-x86_64 -cdrom <yourisofile> -usb -usbdevice tablet --enable-kvm -boot d --bios /usr/share/edk2-ovmf/x64/OVMF.fd

32bit UEFI / 64bit running system

qemu-system-x86_64 -cdrom <yourisofile> -usb -usbdevice tablet --enable-kvm -boot d --bios /usr/share/edk2-ovmf/ia32/OVMF.fd

UEFI GPT Secure Boot

• Copy OVMF_VARS.secboot.fd to a place the user has access to it.
• The file already includes a basic set of keys from fedora ovmf package.

cp /usr/share/archboot/ovmf/OVMF_VARS.secboot.fd <directory>

• Replace the bios option, with the following additional commands:

64bit UEFI / 64bit running system

-drive if=pflash,format=raw,readonly=on,file=/usr/share/ovmf/x64/OVMF_CODE.secboot.fd -drive if=pflash,format=raw,file=./OVMF_VARS.secboot.fd -global driver=cfi.pflash01,property=secure,value=on -machine q35,smm=on,accel=kvm -global ICH9-LPC.disable_s3=1

32bit UEFI / 64bit running system

-drive if=pflash,format=raw,readonly=on,file=/usr/share/ovmf/ia32/OVMF_CODE.secboot.fd -drive if=pflash,format=raw,file=./OVMF_VARS.secboot.fd -global driver=cfi.pflash01,property=secure,value=on -machine q35,smm=on,accel=kvm -global ICH9-LPC.disable_s3=1

Addtional qemu parameters

• You can test how much RAM is needed to bootup, eg. -m 1024 for 1GB RAM usage.

-m <memory>

• KVM virtio network for tap0:

-net nic,model=virtio -net tap,ifname=tap0,script=no,downscript=no

• KVM virtio harddisk:

-drive file=<yourimagefile>,if=virtio,format=raw

• normal harddisk:

-hda <yourimagefile>

Tips and tricks

Re display the Welcome to Arch Linux message

The Welcome to Arch Linux (archboot environment) message is displayed once, before the user takes any action. To reread it, either:

1. Switch to a virtual console [ALT + F(1-6)] you have not used so far.
2. Or run cat /etc/motd from within a shell prompt.

See also

• Archboot project page