1
0
mirror of https://github.com/tommytran732/Arch-Setup-Script synced 2024-11-09 12:11:33 -05:00

Update README.md

This commit is contained in:
TommyTran732 2021-05-11 06:07:21 -04:00 committed by tommytran732
parent c73adbaa75
commit 5f6aeee92f
No known key found for this signature in database
GPG Key ID: 060B29EB996BD9F2

View File

@ -18,17 +18,17 @@ The partition layout I use rallows us to replicate the behavior found in openSUS
1. Snapper rollback <number> works! You will no longer need to manually rollback from a live USB like you would with the @ and @home layout suggested in the Arch Wiki.
2. You can boot into a readonly snapshot! GDM and other services will start normally so you can get in and verify that everything works before rolling back.
3. Automatic snapshots on pacman install/update operations
4. /boot/grub and /boot/efi are 2 seperate subvolumes which will not be rolled back with snapper. The kernel and initramfs are part of the snapshot.
4. /boot and /boot/efi are 2 seperate subvolumes which will not be rolled back with snapper.
5. For consistency with pacman's database, I deviate from SUSE's partition layout leave /usr/local/ and /opt as part of the snapshot. When you rollback, everything in those 2 directories rollback as well.
6. GRUB will boot into the default BTRFS snapshot set by snapper. Like on SUSE, your running system will always be a read-write snapshot in @/.snapshots/X/snapshot.
### Changes to the original project
1. Enabled AppArmor
1. Encrypted /boot (This was previously present on EasyArch, but Tommaso changed his script to use LUKS2 and have unencrypted /boot. Personally I would not do this, since encrypting /boot is the only way to protect the initramfs from being tampered with. GRUB will only validate the kernel if Secure Boot is used, not the initramfs).
2. SUSE - like partition layout
3. Snapper snapshots & rollback
4. Default umask to 077
5. Firewalld is enabled by default
6. Minimally setup GNOME 40
6. Minimally setup GNOME 40 with pipewire
7. Better mount options
### Why so many @var_xxx subvolumes?
@ -46,7 +46,7 @@ I only use GNOME and I know that I have to explicitly create a seperate a subvol
|---------------------|------------------------------|--------------------------|-----------------------------|
| 1 | ESP | /boot/efi | Unencrypted FAT32 |
| 2 | @/.snapshots/X/snapshot | / | Encrypted BTRFS |
| 3 | @/grub | /boot/grub | Encrypted BTRFS (nodatacow) |
| 3 | @/boot | /boot/ | Encrypted BTRFS (nodatacow) |
| 4 | @/root | /root | Encrypted BTRFS |
| 5 | @/home | /home | Encrypted BTRFS |
| 6 | @/.snapshots | /.snapshots | Encrypted BTRFS |