Create your own Arch installation on WSL2 using Docker
I’ve been using WSL2 for quite some time now but I’m really unhappy with how Ubuntu handles upgrades in this environment. So I decided to try something different: Running Arch Linux inside WSL2.
Building a custom Linux distribution for WSL2 can be a difficult task, but it turns out it’s pretty doable
when you base your Linux installation of a Docker container and then export it to WSL2.
Let’s jump in, and take a look at what it takes to turn a Docker container into a WSL2 Linux distribution.
Start arch in a docker container
Start by booting up a new docker container based on the archlinux image. We’ll name it arch
so it’s easily found
later when we’re going to export its root file system for WSL2.
docker run -it --name arch archlinux:latest /bin/bash
You’ll be greeted by a bash terminal running under the root user.
Create a new user account
It’s recommended to create a new user account instead of using the root account for daily tasks. This minimizes the risk of accidental system changes and enhances security by limiting administrative privileges.
Let’s add a new user to the linux installation that’s a member of the wheel usergroup. This is the group that’s allowed to use sudo
to execute administrative commands later on.
useradd -m -G wheel -s /bin/bash wmeints
Note: Replace wmeints
with your own username.
You’ll need to set a password for the new user before you can use it. Use the following command
to set a password for the new user:
passwd wmeints
Note: Replace wmeints
with your own username.
Harden the image by setting up sudo
By default there’s a passwordless root account in the arch installation. This will cause issues so we need
to harden the system so that nobody can use the root account directly.
Start by installing sudo
, visudo
and vi
into the environment:
pacman -Syu
pacman -S sudo visudo vi
After installing the packages, run visudo
and uncomment the line where it says
## Uncomment to allow members of group wheel to execute any command
# %wheel ALL=(ALL:ALL) ALL
So that it looks like this:
## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL:ALL) ALL
You can remove the comment by using the cursor keys to go to the line, and pressing x
to remove the #
character. Press Escape
and type :wq
to save and quit the editor.
Next, make sure to lock the root account so hackers can’t use it against you.
passwd -l root
The system is now hardened. Let’s configure it for use in WSL2.
Make the container suitable for use in WSL2
Execute the following command to configure the user as the default user in WSL2:
echo -e "[user]\ndefault=wmeints\n" >> /etc/wsl.conf
Note: Replace wmeints
with your own username.
You’ll also want to enable systemd inside the environment by running the following command:
echo -e "[boot]\nsystemd=true" >> /etc/wsl.conf
At this point you can install additional tools in the linux distribution that you’ll use.
For example, I prefer to have base-devel, the openssh client, neovim, and git pre-installed so I ran the following
commands to install those:
pacman -S base-devel openssh git neovim
After you’re done installing your favorite tools, let’s export the docker container and
use it in WSL2. Exit the terminal in the container and stop the docker container using
the following command:
docker stop arch
Extracting the root file system from the docker container
Run the following command to export the root file system for the docker container:
docker export arch > D:\arch.tar
Note: Change the path to where you want to export the root file system.
Next, import the root file system as a new distribution in WSL2 by executing the following
command:
wsl --import Arch D:\WSL2\Arch D:\arch.tar
You can now start the new distribution by running
wsl -d Arch
It should start the new distribution under your new user. Happy hacking!