Installing ArchLinux inside an Alpine chroot: Difference between revisions

It's sometimes useful to have another Linux system installed inside a chroot on an Alpine system. This page explains how to install a recent version of ArchLinux (either x86 or x86_64) inside an existing Alpine system (assumed to have the same architecture).

1. Inside your Alpine system install the following packages as BusyBox wget is inadequate:

   # apk add bash zstd curl wget $ wget --no-check-certificate https://raw.github.com/tokland/arch-bootstrap/master/arch-bootstrap.sh # mkdir chroot64 # bash arch-bootstrap.sh -a x86_64 chroot64

2. Then chroot into the newly-created Arch system. I use the following script to do this:

   Contents of /usr/local/bin/start-chroot

   #!/bin/sh -e user=`whoami` if [ "$user" != "root" ]; then echo "This script needs root access" >&2 exit 1 fi if ! [ -d "$1" ]; then echo "Usage: $0 <chroot directory>" >&2 exit 1 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chmod` ]; then echo "Warning: can't suid/sgid inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_chroot` ]; then echo "Warning: can't chroot inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mknod` ]; then echo "Warning: can't mknod inside chroot" >&2 fi if [ x1 = x`sysctl -ne kernel.grsecurity.chroot_deny_mount` ]; then echo "Warning: can't mount inside chroot" >&2 fi cd "$1" shift cp -L /etc/resolv.conf ./etc/ || true mount -t proc proc ./proc mount -t sysfs sys ./sys mount -o bind /dev ./dev # next line is said to be important for pacman's signature check mount -o bind /dev/pts ./dev/pts case $1 in -l) shift;; -l*) one=${1#-l}; shift; set -- -$one "$@";; esac chroot . /bin/sh -l "$@" umount ./dev/pts umount ./dev ./sys ./proc
3. At least when setting the Arch system up, you'll want to disable Alpine's grsecurity prohibition against suid/sgid:

   # sysctl -w kernel.grsecurity.chroot_deny_chmod=0

4. Inside the Arch chroot, do the following. (The first step may take a long time, especially if you're connected to the system in question by ssh. See this link for more info, and tips about how to speed the process up.)

   [chroot]# pacman-key --init [chroot]# pacman-key --populate archlinux [chroot]# pacman -Syyu [chroot]# pacman -Rs systemd # inside a chroot, we don't need an init system (nor a kernel) [chroot]# pacman -S sudo

5. You can also install any other packages you want. I use:

   [chroot]# pacman -S less licenses man-db man-pages procps-ng psmisc sysfsutils base-devel openssh cpio elfutils rsync unzip vim wget zip

6. Still inside the Arch chroot, assign a root password and create a non-root user:

   [chroot]# passwd [chroot]# useradd -m -g users -G wheel -s /usr/bin/bash myuser [chroot]# passwd myuser [chroot]# export VISUAL=/usr/bin/vim [chroot]# visudo

7. Uncomment this line in /etc/sudoers, then save the file:

   Contents of /etc/sudoers

   ... ## Uncomment to allow members of group wheel to execute any command %wheel ALL=(ALL) ALL ...
8. Now you're done. You can switch to the non-root user with:

   [chroot]# su - myuser

9. Alternately, to exit the chroot hit Ctrl+D.
10. If you'll want to install any packages from the Arch User Repository, you may want to install a richer package manager, such as Yaourt. Do this as the non-root user:

    $ curl -O https://aur.archlinux.org/packages/pa/package-query/package-query.tar.gz $ tar -xzf package-query.tar.gz && cd package-query && makepkg -si $ cd .. $ curl -O https://aur.archlinux.org/packages/ya/yaourt/yaourt.tar.gz $ tar -xzf yaourt.tar.gz && cd yaourt [chroot]# makepkg -si

See also

• https://wiki.archlinux.org/title/Remote_Arch_Linux_Install
• https://wiki.archlinux.org/title/Install_from_Existing_Linux
• https://wiki.archlinux.org/title/Installation_Guide
• What's the proper way to prepare chroot to recover a broken Linux installation?
• https://en.wikibooks.org/wiki/Grsecurity
• https://www.gentoo.org/proj/en/hardened/grsecurity.xml