Install Kali Linux as a Primary OS & BTRFS Install for Snapshot

Installing Kali Linux (Single boot) on our computer is an very easy process. This guide will cover the basic install (which can be done on bare metal or guest VM), with the option of encrypting the partition. At times, we may have sensitive data we would prefer to encrypt using Full Disk Encryption (FDE). During the setup process we can initiate an LVM encrypted install on either Hard Disk or USB drives.

First, we’ll need compatible computer hardware. Kali Linux is supported on amd64 (x86_64/64-Bit) and i386 (x86/32-Bit) platforms. Where possible, we would recommend using the amd64 images. The hardware requirements are minimal as listed in the section below, although better hardware will naturally provide better performance. We should be able to use Kali Linux on newer hardware with UEFI and older systems with BIOS.

Kali's i386 images, by default use a PAE kernel, so we can run them on systems with over 4GB of RAM.

install kali linux BTRFS and Snapshots

In our example, we will be install Kali Linux in a fresh guest VM, without any existing operating systems pre-installed. We will explain other possible scenarios throughout the guide. If we want to install Kali Linux BTRFS for snapshot, Then we need to read the full article first before start installing Kali Linux as our guide.

System Requirements

The installation requirements for Kali Linux will vary depending on what we would like to install and our setup. For system requirements:

  • On the low end, we can set up Kali Linux as a basic Secure Shell (SSH) server with no desktop, using as little as 128 MB of RAM (512 MB recommended) and 2 GB of disk space.
  • On the higher end, if we opt to install the default Xfce4 desktop and the kali-linux-default metapackage, you should really aim for at least 2048 MB of RAM and 20 GB of disk space.

Installation Prerequisites

This guide will make also the following assumptions when installing Kali Linux:

  • Using the amd64 installer image.
  • CD/DVD drive / USB boot support.
  • Single disk to install to.
  • Connected to a network (with DHCP & DNS enabled) which has outbound Internet access.

We will be wiping any existing data on the hard disk, so we should backup any important information on the device to an external media.

Preparing for the Installation

  1. Download Kali Linux (We recommend the image marked Installer).

  2. Burn The Kali Linux ISO to DVD or image Kali Linux Live to USB drive. (If we cannot, we can check out the Kali Linux Network Install).

  3. Backup any important information on the device to an external media.

  4. Ensure that your computer is set to boot from CD/DVD/USB in our BIOS/UEFI.

Kali Linux Installation Procedure

Boot

  1. To start your installation, boot with our chosen installation medium. We should be greeted with the Kali Linux Boot screen. Choose either Graphical install or Install (Text-Mode). In this example, we chose the Graphical install.

kali linux install

In the case we’re using the live image instead, we will see another mode, Live, which is also the default boot option.
Kali Linux Live Image

Language

  1. We need to select our preferred language. This will be used for both the setup process and once we are using Kali Linux.

Kali Linux choosing Language


  1. Specify our geographic location.

Selecting our location


  1. Select our keyboard layout.

selecting our keyboard language

Network

  1. The setup will now probe our network interfaces, looks for a DHCP service, and then prompt we to enter a hostname for your system. In the example below, we’ve entered kali as our hostname.

If there is no network access with DHCP service detected, we may need to manually configure the network information or do not configure the network at this time.

  • If there isn’t a DHCP service running on the network, it will ask we to manually enter the network information after probing for network interfaces, or you can skip.
  • If Kali Linux doesn’t detect our NIC, you either need to include the drivers for it when prompted, or generate a custom Kali Linux ISO with them pre-included.
  • If the setup detects multiple NICs, it may prompt we which one to use for the install.
  • If the chosen NIC is 802.11 based, we will be asked for your wireless network information before being prompted for a hostname.

Kali Linux install configure the network


  1. We may optionally provide a default domain name for this system to use (values may be pulled in from DHCP or if there is an existing operating systems pre-existing).

KAli Linux install domain

User Accounts

  1. Next, create the user account for the system (Full name, username and a strong password).

Kali Linux setting name Kali Linux install username setup Setting root password for Kali LInux

Clock

  1. Next, we need to set our time zone.

Kali Linux install configuring the time zone

Disk

  1. The installer will now probe our disks and offer we various choices, depending on the setup.

In our guide, we are using a clean disk, so we have four options to pick from. We will select Guided - the entire disk, as this is the single boot installation for Kali Linux, so we do not want any other operating systems installed, so we are happy to wipe the disk.

If there is an pre-existing data on the disk, we will have have an extra option (Guided - use the largest continuous free space) than the example below. This would instruct the setup not to alter any existing data, which is perfect for for dual-booting into another operating system. As this is not the case in this example, it is not visible.

Experienced users can use the “Manual” partitioning method for more granular configuration options, which is covered more in our BTRFS guide.

If we want to encrypt Kali Linux, you can enable Full Disk Encryption (FDE), by selecting Guided - used entire disk and setup encrypted LVM. When selected, later on in the setup (not in this guide) prompt you to enter a password (twice). We will have to enter this password every time we start up Kali Linux.

Kali Linux partition disk


  1. Select the disk to be partitioned.

Kali Linux full disk


  1. Depending on our needs, we can choose to keep all your files in a single partition — the default — or to have separate partitions for one or more of the top-level directories.

If not sure which we want, we should choose “All files in one partition”.

Kali Linux all file on one disk partition Kali Linux install finish disk partition


  1. Next, we’ll have one last chance to review your disk configuration before the installer makes irreversible changes. After we click Continue, the installer will go to work and you’ll have an almost finished installation.

Kali Linux checking disk configuration

Encrypted LVM

If enabled in the previous step, Kali Linux will now start to perform a secure wipe of the hard disk, before asking we for a LVM password.

Please sure a strong password, else you will have to agree to the warning about a weak passphrase.

This wipe may take “a while” (hours) depending on the size and speed of the drive.
If we wish to risk it, we can skip it.

Proxy Information

  1. Kali Linux uses a central repository to distribute applications. We’ll need to enter any appropriate proxy information as needed.

Kali Linux http proxy

Metapackages

If network access was not setup, we will want to continue with setup when prompt.

If we are using the Live image, we will not have the following stage

  1. Next we can select which metapackages we would like to install. The default selections will install a standard Kali Linux system and we don’t really have to change anything here. Please refer to this guide if we prefer to change the default selections.

Kali Linux software and DE selection

Boot Information

  1. Next confirm to install the GRUB boot loader.

Kali Linux install GRUB boot loader


  1. Select the hard drive to install the GRUB bootloader in (it does not by default select any drive).

Kali Linux install GRUB boot loader

Reboot

  1. Finally, click Continue to reboot into our new Kali Linux installation.

Post Installation

Now that you’ve completed installing Kali Linux, it’s time to customize our system.

Kali Linux BTRFS Install for Snapshot

BTRFS is a modern Copy on Write (CoW) filesystem for Linux aimed at implementing advanced features such as pooling, snapshots, checksums, and integrated multi-device spanning. In particular, the snapshot support is what makes Btrfs attractive for Kali installations on bare metal. Virtualization solutions such as VMWare and Virtualbox provide their own snapshotting functionality and using btrfs in those environments is not really required.

The snapshotting strategy of this walkthrough centres around a tool called “apt-btrfs-snapshot” from the Ubuntu repositories, which is a wrapper around “apt”. This wrapper transparently hooks into the apt workflow and automatically creates snapshots before and after any apt operation. This neat little feature allows to easily rollback a system after a botched upgrade.

Snapper is another useful utility to create snapshots. We are preparing the Kali system for the use of snapper by creating a separate subvolume for its snapshots but we are not including the installation and usage of snapper in this walkthrough. Details about snapper can be found on the following website: snapper.io/

Installation Overview

Installing Kali Linux with snapshotting functionality is very similar to a standard installation with the following exceptions:

  1. We pause the installation midway to set up a btrfs partition and btrfs subvolumes on the command line using the tool “partman” before continuing the installation
  2. We adjust the fstab and move some folders to the new subvolumes before we reboot into the newly installed system

Partitioning Scheme

We are going to use the following layout:

Mount Point         | Subvolume         | Description
-------------------------------------------------------------------------
/                   | @                 | The root filesystem incl. /boot
/home               | @home             | User home directories
/root               | @root             | The root user's home directory
/var/log            | @log              | Log files
/.snapshots         | @snapshots        | Snapper's snapshot directory

Kali Linux BTRFS Installation Steps

Installation Prerequisites

  • A minimum of 20 GB disk space for the Kali Linux install.
  • RAM for i386 and amd64 architectures, minimum: 1GB, recommended: 2GB or more.
  • CD/DVD Drive / USB boot support

Preparing for the Installation

  1. Download Kali Linux.
  2. Burn the Kali Linux ISO to DVD or Image Kali Linux Live to USB.
  3. Ensure that our computer is set to boot from CD/DVD/USB in your BIOS.

Kali Linux BTRFS Installation Procedure 

To start our installation, boot with our chosen installation medium. We should be greeted with the Kali Linux Boot screen. Choose Graphical Install.

The installation steps are identical to a standard Kali installation except a pause during the step where we choose a domain name as seen below.

Configure the network


When prompted, pause the installation and switch to the second VT via Ctrl + Alt + F2.

console

Press enter to activate that console and run partman to partition the hard disk.

partman on console


First we create two partitions: swap and root. Choose manual under “Partitioning method” and press enter.

partition manual


We need to choose our hard disk:

choosing hard disk


Confirm to create a new partition table

confirm partition table


Next, select the newly defined “free space”:

newly defined free space


Select Create a new partition:

create new partition


Pick the desired size for the swap partition:

swap partition


We choose the preferred partition type:

partition type


The location of the swap partition is personal preference, we choose “end” here so it’s out of the way

partition type


Choose “Done setting up the partition”:

Done setting up the partition


Next we repeat the procedure to setup the maim BTRFS partition:

setting up the partition


Let’s create a new partition:

create new partition


Use the rest of the available space:

Use the rest of the available space


Choose “Primary” as partition type:

Choose “Primary” as partition type


Configure the following parameters and select Done setting up the partition:
Use as:          btrfs journaling file system
Mount point:     /
Bootable flag:   on

Finished setting up partition


Finish the partitioning and confirming to write the partition table to disk:

partitioning and confirming to write the partition table to disk

partitioning and confirming to write the partition table to disk


We return to the command line and can confirm that the new BTRFS partition is mounted at /target:

BTRFS partition is mount


Next we create the desired subvolumes:
kali@kali:~$ btrfs subvolume create /target/@
kali@kali:~$ btrfs subvolume create /target/@home
kali@kali:~$ btrfs subvolume create /target/@log
kali@kali:~$ btrfs subvolume create /target/@root
kali@kali:~$ btrfs subvolume create /target/@snapshots

create the desired subvolumes


Lastly we obtain the subvolume id from our new root subvolume “@” via
kali@kali:~$ btrfs subvolume list /target

here “257” - and we set that as out new default and unmount the partition

kali@kali:~$ btrfs subvolume set-default 257 /target
kali@kali:~$ umount /target

default and unmount the partition


Now we can switch back to the graphical install via Ctrl + Alt + F5 and continue with the installation:

switch back to the graphical install


When we get to the partitioning phase, just skip through it and confirm that we are happy to use the existing file system:

finish disk paritioning

no partition table changes


If we wish we can switch back to VT 2 and confirm that the installer has indeed mounted our “@” subvolume as the temporary root for the installation “/target”:

BTRFS subvolume


Returning back to VT 5 we can continue with our installation until we hit the final screen were we pause for one last time:

installation complete


Pressing Ctrl + Alt + F2 we can return to VT2 and perform our post-installation steps:
  • Create temporary mount points
  • mount the subvolumes
  • move “/home”, “/var/log”, “/root” to their dedicated subvolumes:
kali@kali:~$ mkdir -p /target/mnt/{root,home,log} /target/.snapshots
kali@kali:~$
kali@kali:~$ mount -t btrfs -o subvol=@root /dev/sda2 /target/mnt/root
kali@kali:~$ mount -t btrfs -o subvol=@home /dev/sda2 /target/mnt/home
kali@kali:~$ mount -t btrfs -o subvol=@log /dev/sda2 /target/mnt/log
kali@kali:~$
kali@kali:~$ mv /target/root/.* /target/mnt/root/
kali@kali:~$ mv /target/home/* /target/mnt/home/
kali@kali:~$ mv /target/var/log/* /target/mnt/log/
kali@kali:~$
kali@kali:~$ vim /target/etc/fstab

After that we can edit fstab to mount each subvolume via nano /target/etc/fstab:
UUID=<UUID of btrfs partition> /               btrfs   defaults,subvol=@             0       0
UUID=<UUID of btrfs partition> /home           btrfs   defaults,subvol=@home         0       0
UUID=<UUID of btrfs partition> /var/log        btrfs   defaults,subvol=@log          0       0
UUID=<UUID of btrfs partition> /root           btrfs   defaults,subvol=@root         0       0
UUID=<UUID of btrfs partition> /.snapshots     btrfs   defaults,subvol=@snapshots    0       0

e.g.:

edit fstab


Optionally we can configure “locate” to ignore the .snapshot folder used by snapper (if installed later) Add PRUNENAMES = ".snapshots" to /target/etc/updatedb.conf:

editing updatedb.config


As the last step we have to reset the “default-subvolume” to 5, as that is a requirement for “apt-btrfs-snapshot” to work properly:

apt-btrfs-snapshot


Installation is finished now and we can switch back to VT5 (Ctrl + Alt + F5) and reboot.

Now install of Kali ins Complete


After the reboot we can log in and install some more tools we need.

First let’s install “btrfs-progs”:

kali@kali:~$ sudo apt install -y btrfs-progs

Now we can download and install the “apt-btrfs-snapshot” tool from the Ubuntu repository
kali@kali:~$ wget https://launchpad.net/ubuntu/+archive/primary/+files/apt-btrfs-snapshot_3.5.2_all.deb
kali@kali:~$ sudo apt install ./apt-btrfs-snapshot_3.5.2_all.deb

Congratulations, you have just installed a Kali system with automatic snapshotting functionality! Next, we will cover some basic usage examples.

Usage

Create snapshots

Snapshots are automatically created during apt operations. There are no additional steps required, e.g.:

installing htop


List snapshots

Firstly, a snapshot is also a subvolume, thus all snapshots also show up when listing btrfs subvolumes, e.g. via

kali@kali:~$ sudo btrfs subvolume list /

subvolume list

To list only the snapshots, we can use the following command:

sudo apt-btrfs-snapshot list

btrfs-snapshot list


Delete snapshots

The easiest way to delete a snapshot is by using the following command:

sudo apt-btrfs-snapshot delete

delete snapshot

Voila, it’s gone:

snapshot list

There are more sophisticated ways to delete multiple snapshots, e.g. the following deletes all snapshots older than 2 days:

sudo apt-btrfs-snapshot delete-older-than 2d

Refer to the help output for all the different features of “apt-btrfs-snapshot”

Rollback

To roll back to a previous snapshot we have to remember two things:

  • The root “/” of the file system has been installed in a subvolume “/@” and not the root of the btrfs partition “/”
  • A snapshot is treated like just another subvolume

Thus all we have to do is mount the btrfs partition and replace the current root subvolume “@” with the last snapshot. To be safe we’ll backup the curent root ("@") subvolume. E.g.:

kali@kali:~$ # mount your root partition (replace "/dev/mmcblk2p2" with yours):
kali@kali:~$ sudo mount /dev/mmcblk2p2 /mnt

kali@kali:~$ # Move the old root away:
kali@kali:~$ sudo mv /mnt/@ /mnt/@_badroot

kali@kali:~$ # Roll back to a previous snapshot:
kali@kali:~$ sudo mv /mnt/@ /mnt/@apt-snapshot-2019-10-13_18:07:40 /mnt/@
kali@kali:~$
kali@kali:~$ sudo reboot -f

Full walkthrough from apt full-upgrade to rollback

full-upgrade

After a new installation we don’t have any snapshots yet as we can see via: sudo apt-btrfs-snapshot list

snapshot list

Let’s do a full system upgrade:

kali@kali:~$ sudo apt update
kali@kali:~$ sudo apt full-upgrade -y

Kali Linux  full upgrade

We can observe that a snapshot is being created before any packages are installed:

upgrading Kali

Once finished we can confirm that there are no more updates available:

updates are done

If we list the snapshots again we can see the one that has just been created:

created snapshot

Rollback

Remember that “/” itself is the subvolume “@”. To rollback to a snapshot, all we have to do is replace “@” with the snapshot we want.

  1. First we have to mount the btrfs partition via:

sudo mount /dev/<your btrfs partition> /mnt

If we list the content of that partition we can see all the subvolumes, including the snapshots:

subvolumes, including the snapshots


  1. Before we replace the current root with our snapshot, let’s move “@” away just to be safe:

sudo mv /mnt/@ /mnt/@_badroot

replace our snapshot


  1. Now we can pick the snapshot from before the last upgrade and rename it to “@":

sudo mv /mnt/@apt-snapshot-2019-10-21_23:50:26 /mnt/@

replace our snapshot

And that’s all there is to it, here’s the new “@":

Kali Linux snapshot done

Let’s reboot for the rollback to take effect:

reboot


Confirming that the rollback worked

After the reboot, we can see that the snapshot is gone, because we rolled back to it:

Snapshot is gone

And if we issue another sudo apt update, we can see that we are back to where we were before the snapshot:

update

Once you confirmed that the system works we can delete the old “root” by mounting the btrfs partition and using the “btrfs subvolume delete” command:

kali@kali:~$ sudo mount /dev/<your btrfs partition> /mnt
kali@kali:~$ sudo btrfs subvolume delete /mnt/@_badroot

btrfs subvolume delete

This is how we can install Kali Linux and Snapshot for it. Snapshots are very important if we did anything wrong then we can easily get back to our previous state by using snapshots.

This article is heavily inspired from Kali Linux's original documentation. All the images are copyrighted to kali.org.

Love our articles? Then make sure to follow our email subscription to get all our articles directly on inbox. We are also available on Twitter and GitHub, we post article updates there.

For anything we always happy to help everyone on the comment section. As we know our comment section is always open to everyone. We read each and every comment and we always reply.

To join our family, join our Telegram Group. We are trying to build a community for Linux and Cybersecurity.
author-img
Kali Linux

Comments

No comments
Post a Comment
    google-playkhamsatmostaqltradent