Stable enough for my initial use-case, light-duty laptop for travel and presentations, running Linux all the time but retain a small ChromeOS volume for firmware updates and restoring settings.
1st attempt I wiped the drive and then found that when the machine attempted to suspect when the lid closed it wiped the NVRAM with no other option to boot into legacy mode than to restore ChromeOS and enable it again.
- Setup base system in ChromeOS
- Fully encrypted Btrfs root partition & ext4 boot
- Install Arch Linux
- Configure some basics
June 2nd 2018
- boots
- X + i3
- usb
- wifi
- touch screen
- bluetooth
- boot process requires password to be entered in a black screen
- trackpad
- sound (still fiddling)
- hibernate
- suspend
- suspend on lid close
From Chrome hit Ctrl-Alt-T to enter chrosh mode
chrosh
sudo bash
crossystem dev_boot_usb=1 dev_boot_legacy=1
Alternatively you can turn on debug mode at the start page and set a root password, select a wireless network and then ssh in without setting up an account in ChromeOS.
Install the latest SeaBIOS firmware (the stock firmware won't detect NVME hard drive) https://mrchromebox.tech/#fwscript
cd; curl -LO https://mrchromebox.tech/firmware-util.sh && sudo bash firmware-util.sh
Run the command in the terminal, and select:
- "Install/Update the RW_LEGACY firmware" option
- The script will prompt you to enable USB boot by default, select YES
You can now start SeaBIOS by pressing Ctrl + L at the white boot splash screen.
curl -O https://raw.githubusercontent.com/ethanmad/chromeos-resize/master/cros-resize.sh
sudo bash cros-resize.sh
Got /dev/nvme0n1 as the target drive.
WARNING! All data on this device will be wiped out! Continue at your own risk!
Press [Enter] to proceed on /dev/nvme0n1 or CTRL+C to quit
To resize the KERN-C and ROOT-C partitions, we will shrink the STATE
partition (Chrome OS's data partition). You will specify how much size to
allocate to the STATE partition and KERN-C, and the rest of the space will be
allocated to ROOT-C.
There are 480040 MiB (468.79 GiB) available to work with.
The sum of the following two partition sizes must be less than this amount.
You have the option of modifying your STATE partition using either MiB or GiB(default) precision.
Would you like to use MiB or GiB? [m/G] G
How big should the STATE partition be in GiB (default: 5)? 25
KERN-C is where you can store kernels and should be mounted at /boot.
More space means you can keep more copies of kernels for rolling back, in case
something goes wrong.
How big should the KERN-C partition be in MiB (default: 64)? 128
You chose to allocate 25 GiB for the state partition and 128 MiB for
the KERN-C partition. ROOT-C will be allocated to the remaining space available
space. The size of the STATE and KERN-C partitions must be integers.
Is everything correct? [y/N] y
STATE will be allocated 52428800 sectors, or 25600 MiB, or 25 GiB.
KERN-C will be allocated 262144 sectors, or 128 MiB, or 0.12 GiB.
ROOT-C will be allocated 930431631 sectors, or 454312 MiB, or 443.66 GiB.
Afer this point, your disk will be repartitioned and wiped.
Does this look good? [y/N] y
Unmounting stateful partition...
Editing partition table...
Zeroing stateful partition...
26198671360 bytes (26 GB, 24 GiB) copied, 19.0005 s, 1.4 GB/s
25600+0 records in
25600+0 records out
26843545600 bytes (27 GB, 25 GiB) copied, 19.586 s, 1.4 GB/s
Now reboot and allow Chrome OS to repair itself. You may have to run
this program again with the same values before they stick.
After rebooting lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT
loop0 7:0 0 7.4G 0 loop
`-encstateful 253:1 0 7.4G 0 dm /mnt/stateful_partition/encrypted
loop1 7:1 0 683.3M 1 loop /opt/google/containers/android/rootfs/ro
loop2 7:2 0 4K 1 loop /opt/google/containers/arc-removable-med
loop3 7:3 0 4K 1 loop /opt/google/containers/arc-sdcard/mountp
loop4 7:4 0 4K 1 loop /opt/google/containers/arc-obb-mounter/m
loop5 7:5 0 91.3M 1 loop
zram0 252:0 0 22.8G 0 disk [SWAP]
nvme0n1 259:0 0 477G 0 disk
|-nvme0n1p1 259:1 0 25G 0 part /mnt/stateful_partition
|-nvme0n1p2 259:2 0 16M 0 part
|-nvme0n1p3 259:3 0 4G 0 part /
|-nvme0n1p4 259:4 0 16M 0 part
|-nvme0n1p5 259:5 0 4G 0 part
|-nvme0n1p6 259:6 0 128M 0 part
|-nvme0n1p7 259:7 0 443.7G 0 part
|-nvme0n1p8 259:8 0 16M 0 part /usr/share/oem
|-nvme0n1p9 259:9 0 512B 0 part
|-nvme0n1p10 259:10 0 512B 0 part
|-nvme0n1p11 259:11 0 8M 0 part
`-nvme0n1p12 259:12 0 32M 0 part
sudo dd if=archlinux-2018.05.01-x86_64.iso of=/dev/sda bs=4M
iwctl station wlan0 connect <SSID>
- Set a root password
passwd root
- Enable sshd
systemctl start sshd
Now you should be able ssh to this box from another one which has a font which you can see.
- Create BTRFS on cryptdata volume
mkfs.btrfs -L data /dev/nvme0n1p7
- Mount BTRFS with flags
mount /dev/nvme0n1p7 /mnt -t btrfs -o defaults,noatime,nodiratime,discard,autodefrag,ssd,compress=lzo,space_cache
- Create subvolumes
btrfs subvolume create /mnt/@
btrfs subvolume create /mnt/@home
btrfs subvolume create /mnt/@snapshots
- Create boot partition
mkfs.ext4 /dev/nvme0n1p6
- Mount sub-volumes and boot partition
umount /mnt
mount -o defaults,noatime,nodiratime,discard,autodefrag,ssd,compress=lzo,space_cache,subvol=@ /dev/nvme0n1p7 /mnt
mkdir /mnt/home
mount -o defaults,noatime,nodiratime,discard,autodefrag,ssd,compress=lzo,space_cache,subvol=@home /dev/nvme0n1p7 /mnt/home
mkdir /mnt/.snapshots
mount -o compress=lzo,discard,noatime,nodiratime,subvol=@snapshots /dev/nvme0n1p7 /mnt/.snapshots
mkdir /mnt/boot
mount /dev/nvme0n1p6 /mnt/boot
- create nested subvolumes for special folders
mkdir -p /mnt/var/cache/pacman
btrfs subvolume create /mnt/var/cache/pacman/pkg
btrfs subvolume create /mnt/var/log
btrfs subvolume create /mnt/var/tmp
- use reflector to speed up install (optional)
pacman -Syy reflector
reflector -p https --verbose --latest 5 --sort rate --save /etc/pacman.d/mirrorlist
- synchronize clock
timedatectl set-ntp true
- install base packages
pacstrap /mnt base base-devel btrfs-progs openssh linux linux-firmware gvim syslinux intel-ucode gptfdisk base-devel git iw wpa_supplicant dialog sudo reflector vim iwd systemd-swap tlp x86_energy_perf_policy tlp-rdw bluez bluez-utils blueman xf86-input-synaptics alsa-utils alsa-plugins alsa-lib pavucontrol
- generate fstab
genfstab -Up /mnt >> /mnt/etc/fstab
- optional: add ramdisk tmp
echo "tmpfs /tmp tmpfs defaults,noatime,mode=1777 0 0" >> /mnt/etc/fstab
- change into installation root
arch-chroot /mnt
- There is only SSD, so we want to reduce swapping as much as possible
echo "vm.swappiness=10" > /etc/sysctl.d/99-sysctl.conf
- add modules, binaries, files, and hooks to mkinitcpio.conf
vim /etc/mkinitcpio.conf
... MODULES=(btrfs loop) ... BINARIES=(/usr/bin/btrfs) ...
- Generate initial ramdisk image
mkinitcpio -p linux
syslinux-install_update -iam
Syslinux BIOS install successful Attribute Legacy Bios Bootable Set - /dev/nvme0n1p6 Installed MBR (/usr/lib/syslinux/bios/gptmbr.bin) to /dev/nvme0n1
vim /boot/syslinux/syslinux.cfg
LABEL arch
MENU LABEL Arch Linux
LINUX ../vmlinuz-linux
APPEND rootflags=subvol=@ root=/dev/nvme0n1p7 zswap.enabled=1 rw
INITRD ../intel-ucode.img,../initramfs-linux.img
LABEL archfallback
MENU LABEL Arch Linux Fallback
LINUX ../vmlinuz-linux
APPEND rootflags=subvol=@ root=/dev/nvme0n1p7 rw
INITRD ../initramfs-linux-fallback.img
- synchronize clock
timedatectl set-ntp true
- Set locale
cat >/etc/locale.gen <<END
en_US.UTF-8 UTF-8
END
locale-gen
echo LANG=en_US.UTF-8 > /etc/locale.conf
- Set timezone
ln -sf /usr/share/zoneinfo/America/Toronto /etc/localtime
hwclock --systohc --utc
- set hostname
echo eve-arch > /etc/hostname
- add a new user account
useradd -m -g users -G wheel,storage,power -s /bin/bash damoon
passwd damoon
- enable sudo for your user account
uncomment the following line
%wheel ALL=(ALL) ALL
- disable root account
passwd -l root
- get fastest mirrors
reflector -p https --verbose --latest 5 --sort rate --save /etc/pacman.d/mirrorlist
I'm not a huge fan of swap these days, and let OOM killer do it's job. It's not safe to run a swapfile in the event that you find yourself needing swap for some reason so zmem provides a nice way to turn a bit of memory into swap.
vi /etc/systemd/swap.conf
zswap_enabled=0 zram_enabled=1
exit
umount -R /mnt
swapoff -a
reboot
Hit Ctrl+L at the developer screen and it should boot to syslinux, the menu has some screen tearing but the arrow navigation works, press enter on the first entry and you should be promoted to decrypt your root drive and then boot right to the login prompt.
git clone https://aur.archlinux.org/yay.git /tmp/yay
pushd /tmp/yay
makepkg -si --noconfirm
popd
sudo rm -r /tmp/yaysudo pacman -Sy --noconfirm snapper
sudo umount /.snapshots
sudo rm -r /.snapshots
sudo mkdir -p /.snapshots
sudo snapper -c root create-config /
sudo mount -o compression=lzo,discard,noatime,nodiratime,subvol=@snapshots /dev/nvme0n1p7 /.snapshots
sudo systemctl enable --now snapper-timeline.timer
sudo systemctl enable tlp.service
sudo systemctl enable tlp-sleep.service
sudo systemctl enable NetworkManager-dispatcher.service
sudo systemctl mask systemd-rfkill.service
sudo systemctl mask systemd-rfkill.socket
git clone https://aur.archlinux.org/bluez-firmware.git
pushd /tmp/bluez-firmware
makepkg -si --noconfirm
popd
sudo rm -r /tmp/bluez-firmware
sudo systemctl enable --now bluetooth.serviceThe trackpad is funky out of the box and is still in need of some fine-tuning.
There is quite a bit of dislike for synaptics driver, but it does the job better than anything else I tested (mtrack and libinput)
cat << EOF | tee /etc/X11/xorg.conf.d/70-synaptics.conf
Section "InputClass"
Identifier "touchpad"
Driver "synaptics"
MatchIsTouchpad "on"
Option "TapButton1" "1"
Option "TapButton2" "3"
Option "TapButton3" "2"
Option "VertEdgeScroll" "on"
Option "VertTwoFingerScroll" "on"
Option "HorizEdgeScroll" "on"
Option "HorizTwoFingerScroll" "on"
Option "EmulateTwoFingerMinZ" "40"
Option "EmulateTwoFingerMinW" "8"
Option "CoastingSpeed" "0"
Option "MaxTapTime" "125"
# Enable clickpad/multitouch support
Option "ClickPad" "true"
# Middle-button emulation is not supported
Option "EmulateMidButtonTime" "0"
# Define right soft button at the bottom
Option "SoftButtonAreas" "50% 0 82% 0 0 0 0 0"
EndSection
EOF
yay -S --noconfirm snapd
sudo systemctl enable --now snapd.socket
sudo ln -s /var/lib/snapd/snap /snap
sudo snap install snap-store core- install i3 and xorg server
sudo pacman -Sy --noconfirm xorg-server xorg-apps xorg-xinit i3 numlockx- install lightdm display manager
sudo pacman -Sy --noconfirm --needed lightdm lightdm-gtk-greeter- install additional fonts
sudo pacman -Sy --noconfirm --needed noto-fonts ttf-ubuntu-font-family ttf-dejavu ttf-freefont ttf-liberation ttf-droid ttf-inconsolata ttf-roboto terminus-font ttf-font-awesome- Installing additional tools for i3 productivity
sudo pacman -Sy --noconfirm --needed rxvt-unicode ranger rofi conky dmenu urxvt-perls perl-anyevent-i3 perl-json-xs- Install additional tools for shell and ranger
sudo pacman -Sy --noconfirm --needed atool highlight elinks mediainfo w3m ffmpegthumbnailer mupdf- install firefox
sudo pacman -Sy --noconfirm firefox - install some additional aur packages
yay -S --noconfirm urxvt-font-size-git python-pdftotext- setup auto login
grep 'autologin-user=\|autologin-session=\|greeter-session=' /etc/lightdm/lightdm.conf && \
sudo sed -i "s/#autologin-user=/autologin-user=$USER/g" /etc/lightdm/lightdm.conf && \
sudo sed -i 's/#autologin-session=/autologin-session=i3/g' /etc/lightdm/lightdm.conf && \
sudo sed -i 's/#greeter-session=example-gtk-gnome/greeter-session=lightdm-gtk-greeter/g' /etc/lightdm/lightdm.conf && \
grep 'autologin-user=\|autologin-session=\|greeter-session=' /etc/lightdm/lightdm.conf- enable lightdm to start during boot and edit ~/.Xresources to allow rofi and urxvt to work properly
cat << EOF | tee ~/.Xresources
!--------------------------
! ROFI Color theme
! -------------------------
rofi.color-enabled: true
!rofi.color-window: argb:ee273238, #273238, argb:3a1e2529
rofi.color-window: #000, #000, #000
rofi.color-normal: argb:00273238, #c1c1c1, argb:3a273238, #394249, #ffffff
rofi.color-active: argb:00273238, #80cbc4, argb:3a273238, #394249, #80cbc4
rofi.color-urgent: argb:00273238, #ff1844, argb:3a273238, #394249, #ff1844
rofi.hide-scrollbar: true
!---------------------------------
! Xft settings
! --------------------------------
!Xft.dpi: 110
Xft.dpi: 109
Xft.antialias: true
Xft.rgba: rgb
Xft.hinting: true
Xft.hintstyle: hintslight
Xft.autohint: false
Xft.lcdfilter: lcddefault
!---------------------------------
! URXVT Terminal config
! --------------------------------
URxvt.depth: 32
URxvt*termName: screen-256color
URxvt*geometry: 240x84
URxvt.loginShell: true
URxvt*scrollColor: #777777
URxvt.scrollStyle: rxvt
URxvt*scrollTtyKeypress: true
URxvt*scrollTtyOutput: false
URxvt*scrollWithBuffer: true
URxvt*skipScroll: true
URxvt*scrollBar: false
URxvt*fading: 30
URxvt*urgentOnBell: false
URxvt*visualBell: true
URxvt*mapAlert: true
URxvt*mouseWheelScrollPage: true
URxvt.foreground: #eeeeee
URxvt.background: #000000
URxvt*colorUL: yellow
URxvt*underlineColor: yellow
URxvt.saveLines: 65535
URxvt.cursorBlink: false
URxvt.utf8: true
URxvt.locale: true
URxvt.letterSpace: -1
URxvt.font: xft:monospace:pixelsize=16:style=regular
URxvt.boldFont: xft:monospace:pixelsize=14:style=bold
! Perl extensions
URxvt.perl-ext-common: default,matcher
URxvt.matcher.button: 1
URxvt.urlLauncher: chromium
URxvt.perl-ext-common: ...,font-size
URxvt.keysym.C-Up: perl:font-size:increase
URxvt.keysym.C-Down: perl:font-size:decrease
URxvt.keysym.C-S-Up: perl:font-size:incglobal
URxvt.keysym.C-S-Down: perl:font-size:decglobal
URxvt.keysym.Home: \033[1~
URxvt.keysym.End: \033[4~
URxvt.keysym.KP_Home: \033[1~
URxvt.keysym.KP_End: \033[4~
! Colors
URxvt*background: #000000
URxvt*foreground: #B2B2B2
! black
URxvt*color0: #000000
URxvt*color8: #686868
! red
URxvt*color1: #B21818
URxvt*color9: #FF5454
! green
URxvt*color2: #18B218
URxvt*color10: #54FF54
! yellow
URxvt*color3: #B26818
URxvt*color11: #FFFF54
! blue
URxvt*color4: #1818B2
URxvt*color12: #5454FF
! purple
URxvt*color5: #B218B2
URxvt*color13: #FF54FF
! cyan
URxvt*color6: #18B2B2
URxvt*color14: #54FFFF
! white
URxvt*color7: #B2B2B2
URxvt*color15: #FFFFFF
EOF- Enable Start lightdm
sudo systemctl enable --now lightdm- make i3 start when we are starting Xserve
cat << EOF | tee ~/.xinit.rc
#!/bin/sh
# ~/.xinit.rc
userresources=\$HOME/.Xresources
usermodmap=\$HOME/.Xmodmap
sysresources=/etc/X11/xinit/.Xresources
sysmodmap=/etc/X11/xinit/.Xmodmap
# merge in defaults and keymaps
if [ -f \$sysresources ]; then
xrdb -merge \$sysresources
fi
if [ -f \$sysmodmap ]; then
xmodmap \$sysmodmap
fi
if [ -f "\$userresources" ]; then
xrdb -merge "\$userresources"
fi
if [ -f "\$usermodmap" ]; then
xmodmap "\$usermodmap"
fi
if [ -d /etc/X11/xinit/xinitrc.d ] ; then
for f in /etc/X11/xinit/xinitrc.d/?*.sh ; do
[ -x "\$f" ] && . "\$f"
done
unset f
fi
exec i3
EOFhttps://gist.github.com/JindrichPilar/e22ed9c316f7dc1e4f20 https://github.com/markitoxs/pixelbook https://github.com/EmbeddedAndroid/linux-eve https://www.syslinux.org/wiki/index.php?title=Filesystem https://github.com/bparmentier/www/blob/master/posts/how-to-install-arch-linux-on-an-encrypted-btrfs-partition.md https://bbs.archlinux.org/viewtopic.php?id=222985 https://wiki.archlinux.org/index.php/microcode -- syslinux microcode https://github.com/GalliumOS/galliumos-skylake -- skylake bits and bobs https://www.codentium.com/category/chromebooks.html -- audio bits https://medium.com/@mudrii/arch-linux-installation-on-hw-with-i3-windows-manager-part-2-x-window-system-and-i3-installation-86735e55a0a0 -- i3