My Pinebook Pro came in last week and yesterday I finally got a chance to really play with it. The first thing I wanted to do was get Arch installed on it with an encrypted root partition. I need these notes as a reference to use the next time I do this, so I figured I’d post them up to help anyone else out that may be trying to achieve the same thing. This post ignores post installation configuration. It just gets you booting into the terminal of your LUKS encrypted partition. From there it’s up to you to setup users, install your desktop manager, etc.
Preperation
This may not be anyone else’s preference, but I chose to flash the eMMC with the archiso, and install Arch onto the SD card. I don’t have much use for the internal eMMC to be honest. I was more excited that the Pinebook can run an OS off the microSD. For now I figure I’ll just keep the archiso on the eMMC to use for recovery when I need it. I’m going to skip the steps required to flash the ISO to the eMMC and the SD card. If you’re to the point of installing and using Arch you won’t need these steps, and you’ll likely not want to do exactly what I did anyway.
Note: At the time of posting this Pre-built image 2020-07-02 just wouldn’t boot for me, so I used Pre-built image 2020-06-16.
Installation
Remember /dev/mmcblk1 is the SD card, and /dev/mmcblk2 is eMMC, so adjust the steps accordingly to install this where you’re intending to.
- Boot from ArchISO.
wifi-menuand select wireless network.- Set your clock so pacman doesn’t get ssl errors,
timedatectl set-ntp true - Partition boot on SD card
fdisk /dev/mmcblk1np1- First sector
65536 - +128M
- Check partitions with
pand note last sector of first partition. np2- First sector is right after the last sector of the first.
- Size for the rest of the drive.
wwrite the changes
- Write an EXT4 file system to the boot partition
mkfs.ext4 /dev/mmcblk1p1. - Encrypt the second partition with LUKS
cryptsetup -y -v luksFormat /dev/mmcblk1p2. - Open the encrypted partition
cryptsetup open /dev/mmcblk1p2 cryptroot. - Write the EXT4 file system to the partition we’ve just opened (our encrypted root)
mkfs.ext4 /dev/mapper/cryptroot. - Mount the new partition
- First make the mnt directory with
mkdir /mnt. - Now mount the encrypted root partition there,
mount /dev/mapper/cryptroot /mnt. - Create a
/mnt/bootdirectory and mount the first partition (boot partition) to the new boot directory. mkdir /mnt/bootmount /dev/mmcblk1p1 /mnt/boot- Install everything with pacstrap via
pacstrap /mnt base base-devel linux-pbp pbp-keyboard-hwdb ap6256-firmware vimadd whatever else you know you want here. - Use
genfstab -U /mntto create a new fstab at/mnt/etc/fstab. arch-chroot /mntto get into your installation.- Edit
/etc/locale.gen, uncommenting what you need. For me this wasen_US.UTF-8 UTF-8. - Execute
locale-gento generate the locales. - Create
/etc/locale.confand addLANG=en_US.UTF-8(or whatever other languages you need). - Modify
/etc/mkinitcpio.confto include modules,MODULES=(panfrost rockchipdrm drm_kms_helper hantro_vpu analogix_dp rockchip_rga panel_simple arc_uart cw2015_battery i2c-hid iscsi_boot_sysfs jsm pwm_bl uhid) - Modify
/etc/mkinitcpio.confto include hooks,HOOKS=(base udev autodetect keyboard keymap modconf block encrypt filesystems fsck) - Make the
extlinuxdirectorymkdir /boot/extlinuxand create the file belowvim /boot/extlinux/extlinux.conf(use blkid to find your UUID). Tip for UUID, I did ablk >> /boot/extlinux/extlinux.confto write the UUID’s into the file so I could actually see them as I was in VIM, then just deleted the lines before saving.LABEL Arch Linux ARM KERNEL /Image FDT /dtbs/rockchip/rk3399-pinebook-pro.dtb APPEND initrd=/initramfs-linux.img console=tty1 rootwait cryptdevice=UUID=YOUR-UUID:cryptroot root=/dev/mapper/cryptroot rw - Enable the network manager
systemctl enable NetworkManager. - Set root password with
passwd. - Reboot, and continue to setup things how you’d like.
Comments