Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save MakuSensei/b45e2a7565d92e1f7bd7b47fd8e406d1 to your computer and use it in GitHub Desktop.
Save MakuSensei/b45e2a7565d92e1f7bd7b47fd8e406d1 to your computer and use it in GitHub Desktop.
Custom Arch Linux live USB

Custom Arch Linux live USB

Setup

Install the dependencies for the archiso package:

(root): pacman -S make squashfs-tools libisoburn dosfstools patch lynx devtools git

I recommend archiso getting them from git, there is a package in the repositories, however, at this time of writing, it will not work with the instructions below. So, grab the most recent version from git and install it:

(user): git clone git://projects.archlinux.org/archiso.git && cd archiso
(root): make install && cd .. && rm -rf archiso

Create a directory to work in. Within this tutorial I will be using ~/livecd. Copy archiso scripts:

(root): cp -r /usr/share/archiso/configs/releng/* ~/livecd && cd ~/livecd

If you were to execute the build command, you will be presented with a bare minimum ISO file you can boot from. But where is the fun in that? You could’ve just downloaded the Arch Linux install medium.

Customising the Live System

Packages

Inside the ~/livecd/ directory there are a number of files, most of which can be ignored; however, what is of importance to us are the packages.x86_64, packages.i686, packages.both files; and the airootfs directory. I’ve not had much luck in creating a single architecture system, so I recommend you list all the files you want inside the packages.both file, and leave the other two alone. You will notice there are a few packages listed in there by default, it’s probably best you keep them in there (unless you know you don’t need them) and add your own to the end.

You will want to be able to boot into X so you can have a pretty GUI and all, for this you will need to list the relevant Xorg packages (xorg-server, xorg-xinit, xorg-server-utils); a desktop environment, or window manager; you may also want to include all the xf86-video drivers so you can boot the USB on any computer regardless of what video chipset is in use. Don’t forgot about sound (alsa-utils), networking (wicd), fonts, a file manager, a terminal emulator, and sudo.

To give you some ideas, you can get a full list of what you currently have installed on your host machine, by executing the following and picking out what you need.

(root): pacman -Qqe

I wouldn’t recommend copying everything from there into your packages file, as this may result in a huge ISO file that may not fit onto your USB, just select sparingly the main programs you want.

Files & Configs

To customize your system further, you place any files/configurations you want your image to contain inside the root-image directory: ~/livecd/airootfs. Again, I will state that all the files within the whole ~livecd/ directory must be root owned. In this directory there’s an etc where you can place system files and a root folder (which is the root users home folder, do not delete this, it contains an important file [customize_airootfs.sh]).

You can simply copy over files from your host system to here, for e.g., I want my iptables scripts, so I create the directory iptables within ~/livecd/airootfs/etc/ and copy the file from my host to this directory, ie:

(root): mkdir ~/livecd/airootfs/etc/iptables
(root): cp /etc/iptables/iptables.rules ~/livecd/airootfs/etc/iptables/

I also want my live system to have a copy of all the fonts I’ve been collecting over the years, which live in /usr/share/fonts, so I create the relevant directory structure and copy the fonts over:

(root): mkdir -p ~/livecd/airootfs/usr/share/fonts
(root): cp -r /usr/share/fonts/* ~/livecd/airootfs/usr/share/fonts/

Adding Users

  • Create the directory airootfs/home, and within “home” create another directory with the same name as the new user. E.g. I want to add the user “jak”, so I execute (as root remember): (root): mkdir -p ~/livecd/airootfs/home/jak

  • Populate the user’s home directory using the same process as above. For example, I want to have my GTK configuration files and themes copied over, so I execute: (root): cp /home/jak/.gtkrc-2.0 ~/livecd/airootfs/home/jak/ (root): cp -r /home/jak/.themes ~/livecd/airootfs/home/jak/

  • Now to move on to actually adding the user account: The easiest way I’ve found to do this is by copying over /etc/passwd, /etc/shadow, and /etc/group from your host system to ~/livecd/airootfs/etc. (root): cp /etc/{shadow,passwd,group} ~/livecd/airootfs/etc/ You can, instead, simply add the relavent useradd command to the customize_airootfs.sh script we’ll see in a second, but doing this doesn’t allow you to password protect the account (which is what I want).

  • Once copied over, the new live system will then have the same user accounts and associated passwords that your host system does; if you’d prefer to use a different password (or username), change it first on your host system, copy the files over as described above, and then change your password back. Make sure that the username within those three files matches up with the new user’s home folder you just created in the previous step.

Final customisations

Inside root’s home folder (~/livecd/airootfs/root), there is a simple shell script called customize_airootfs.sh. Whilst your system is being built, this script will be executed. We can use it to our advantage to make further changes to the system, such as setting the live system to auto login and start X server, starting specific services, and sorting out proper permissions on the files we have been copying over.

Here is my customize_airootfs.sh, I’d recommend using this one instead of the one provided. I’ve added the necessary commands to set the correct permissions on home files, and start services. Make sure you edit this file to change the username value to the user you have been setting up. Take a look at it, and modify it to your needs.

Building the ISO

That should be it. Now you move on to actually building the ISO file and copying it to a USB. Within the ~/livecd directory there is a bash script which will take care of everything for you. Simply make it executable (chmod +x build.sh), and run it:

(root): ./build.sh -v

The build process can be slow depending on how many packages you’ve installed. This will output an ISO file in the ~/livecd/out directory which you can then simply dd onto your USB.

(root): dd if=~/livecd/out/<iso_name> of=/dev/sdX

If you get any errors during the build process (the first few attempts will be trial and error) or you ever want to update the live system with any changes/updates, simply remove the “work” folder (~/livecd/work), and re-run the build command.

Optional

It is possible to have the Arch Linux operating system load entirely into RAM, meaning that once system has booted you are able to remove the USB stick and carry on using the system.

This is great if, for some reason, you’d like to boot the live system onto multiple computers but don’t have a handful of flash drives to hand, or, if like me, you value your security/privacy: booting into RAM will mean nothing is ever cached (great for SSD drive life too), and any malware that makes it on to your live system will only live for the current boot. A reboot will restore the system to the same static state.

To accomplish this: when you are presented with the boot loader (grub/EFI shell), press e and append the following parameter copytoram=y to the kernel line.


Outcome: To make changes to a previous Arch Linux live system with relative ease, and install a display manager.

There have been a number of people posting comments on one of my previous posts, Creating a custom Arch Linux live USB, asking how to further configure the system once the base system has been built, with most questioning how to update the live system without doing a complete rebuild, and auto starting a display manager/desktop environment.

Updating the system

Updating the live system is, at some point, going to become necessary if you rely on the bootable device for general use; however, it is a time consuming and a relatively resource intensive task to keep rebuilding the system from scratch (removing the ‘work’ folder and executing the build script). Unfortunately, the live system is immutable, as ISO files are read only by design, so it is not possible to simply mount the live file system and make changes.

Although it’s not my goal here, but I do want to cover it soon, it is possible to use a form of persistence so that any changes made to the live system once booted will remain (using another squashfs/overlay); however, I much prefer the live system to restore to its previous state once I have finished with it.

The method I use is to chroot into the relevant directory architecture within the ‘work’ folder, and then re-run the ‘build’ script to only perform the ISO file generation, whilst it is still not the speediest approach for those with large live systems, it does cut the time in half compared to completely rebuilding from scratch. If you have followed the last tutorial to the end, you will have the correct directory structure and necessary files in place, as shown below:

(root): ls -l ~/livecd
-rw-r--r-- 1 root root   228 Feb  6 02:29 aitab
-rwxr-xr-x 1 root root 11186 Feb  6 07:06 build.sh
drwxr-xr-x 3 root root  4096 Feb  6 02:29 efiboot
drwxr-xr-x 2 root root  4096 Feb  6 02:29 isolinux
-rw-r--r-- 1 root root   199 Feb  6 02:29 mkinitcpio.conf
drwxr-xr-x 2 root root  4096 Feb  6 06:49 out
-rw-r--r-- 1 root root  1555 Feb  6 06:04 packages.both
-rw-r--r-- 1 root root     0 Feb  6 02:29 packages.i686
-rw-r--r-- 1 root root    35 Feb  6 02:29 packages.x86_64
-rw-r--r-- 1 root root  2702 Feb  6 02:29 pacman.conf
drwxr-xr-x 5 root root  4096 Feb  6 03:02 root-image
drwxr-xr-x 2 root root  4096 Feb  6 02:29 syslinux
drwxr-xr-x 7 root root  4096 Feb  6 06:49 work

Once you have built the system (by running the build script command), the ‘livecd’ directory should contain a few extra files; the only one we need to be interested in is the ‘work’ folder, this contains the complete live system laid out, and not in an ISO file. Simply ‘chrooting’ into either one is all that is needed:

(root): arch-chroot ~/livecd/work/x86_64/root-image

You will then have a shell inside the live system. From here, you can perform any updates or changes to the system. Once finished ‘chrooting’ into both systems (the i686 and x64) and making changes, you can exit the chroot and recreate the ISO file (see the ‘Building the ISO’ section below).

Booting to a graphical environment

If you wish to use a display manger, first install your preferred one; my preference is SLiM, so inside the chroot execute the install command. (If this is your first time ever inside the system, you have to first update pacman’s key database and package list):

(chroot): pacman-key –init && pacman-key –populate
(chroot): pacman -Sy slim

By default, the live system automatically logs into the root account, let’s prevent this by deleting the relevant configuration:

(chroot): rm /etc/systemd/system/[email protected]/autologin.conf

In order to have SLiM start when the system is first booted, the service needs to be enabled; however, inside a chroot we can’t interact with systemd (on a typical system, ‘systemctl enable slim’, would have done the trick). This means we need to manually enable the service, which is quite simple:

  • Change to the systemd directory:

    (chroot): cd /etc/systemd/system/
    
  • Remove the ‘default.target’ symbolic link (if it exists) and recreate it so it points to graphical.target:

    rm /etc/systemd/system/default.target
    ln -s /usr/lib/systemd/system/graphical.target /etc/systemd/system/default.target
    
  • Do the same for ‘display-manager.service': remove it if it exists and then point it to slim.service

    rm /etc/systemd/system/display-manager.service
    ln -s /usr/lib/systemd/system/slim.service /etc/systemd/system/display-manager.service
    

When the live system is created again, it should now boot straight to SLiM where you can proceed to login. If you have a desktop environment installed (i3, gnome, openbox), SLiM should automatically start it once successfully logged in.

Building the ISO

To recreate the new ISO file, first exit out of the chroot if you are still within it (CTRL+D, or typing exit until you return to your normal shell prompt). As it stands, the default build.sh script (~/livecd/build.sh) will not work if it sees a previous live system in tact (the work folder), so, in order to get around this we need to simply modify the build.sh file and force it to generate a new ISO file only. Open up this file with your editor of choice, and at the very bottom of the script, remove run_once from the beginning of make_prepare and make_iso. It should now look like this:

[...]
run_once make_syslinux
run_once make_isolinux
run_once make_aitab
for arch in i686 x86_64; do make_prepare done
make_iso

Now, it’s just a case of running the modified script:

(root): ./build -v

Once complete (~ 10-25 minutes) the ISO file within the out folder can be dd’d back on to the USB.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment