The following keys and their combinations can be used in the installer:
<F1> — view the installer help;
<Space> — open a drop-down list, select an option, press a button;
<Esc> — close a drop-down list or a window;
<↑>, <↓> — move between the installer interface elements (if the focus is not on a drop-down list) or between the list items (if the focus is on a drop-down list);
<Tab> — move between interface elements sequentially;
<Ctrl+left Alt+FN> (where <FN> — <F1> – <F6> function keys) — switch to the respective console:
The installer starting window contains the text of the license agreement the OS is shipped under, the I accept the License agreement terms checkbox, and allows to select the OS security level.
To continue the installation:
select the installer language;
select the security level as per the purchased license:
base security level;
advanced security level;
maximum security level.
Note. The respective security functions will be available depending on the selected security level;
read the license conditions;
check the I accept the License agreement terms box to accept the license conditions;
press [Next].
The License Agreement is also available at the developer's official website https://astra.ru/info/law.
To select the method of switching between the national and the standard Latin keyboard layouts, in the Regional settings section, select from the Layout switching drop-down list the required key combination.
To select the installed OS interface language, in the Regional settings section, select from the System language drop-down list the required language.
The "UTC+03:00 Russia (Moscow)" time zone is set by default. To change the time zone, in the Regional settings section, select from the Time zone drop-down list the required time zone.
To change the system time:
in the installer main window, press [Setup the date and time];
in the opened window, in the Date and time field, enter the current date and time in the "DD.MM.YYYY HH.MM.SS" format. Alternatively, to select the date, open the drop-down list and select the desired date using the calendar;
In the Authorization settings section, set the administrator account password. The administrator username, the computer name and the bootloader password can be also set.
To setup the administrator account, in the Authorization settings section, enter to the Password and Confirm password fields the administrator password. The password must be at least 8 characters long. It is recommended to use a complex password containing characters from at least three of the following groups:
uppercase and/or lowercase Latin letters;
digits;
punctuation characters;
math characters;
special characters.
The default name for the administrator account is "administrator". To change the administrator account name, edit the value in the Administrator username field. The administrator account name must meet the following requirements:
the 1st character — a lowercase Latin letter;
subsequent characters — any combination of the following characters:
lowercase Latin letters;
digits;
dashes ("-");
the name must be 1-32 characters long.
The PC name can be used for its network identification. The PC name is stated in the Hostname field. The default PC name is "astra".
To change the PC name, edit it in the Hostname field. The PC name must meet the following requirements:
must not start or end with a dash ("-");
may contain the following characters:
lowercase and/or uppercase Latin letters;
digits;
dashes ("-");
the name must be 1-63 characters long.
The bootloader password is the same as the administrator's password by default. To change the bootloader password:
in the Authorization settings section, press [Edit settings];
in the opened window, check the Setup the bootloader (GRUB) password box;
in the Password and Password confirmation fields, enter the bootloader password (the requirements are identical to those for the administrator account password);
press [Apply].
To setup the bootloader without a password:
in the Authorization settings section, press [Edit settings];
in the opened window, uncheck the Setup the bootloader (GRUB) password box;
To select the installed OS components, in the OS components section, check the required software suites:
Fly GUI — desktop and Fly software graphics environment. The box is checked by default. If the box is unchecked, the installed OS will only work in console mode.
Internet suite — internet browsers, email clients, etc The box is checked by default;
Office applications — LibreOffice software and additional text editing tools, printing and scanning software. The box is checked by default;
Graphics tools — graphic editors for vector and raster graphics. The box is checked by default;
Multimedia — audio and video players. The box is checked by default;
Virtualization tools — virtualization environment creation tools and virtual machines basic management software. The box is unchecked by default. If the Virtualization tools box is checked, the Network packets filtering tool ufw box is inactive.
Games — a game suite. The box is unchecked by default;
Console utilities — text interface software. The box is checked by default;
Network packets filtering tool ufw — ufw firewall software with preset profiles. The box is checked by default. The box is inactive if the Virtualization tools box is checked.
Touchscreen support — various touchscreen software;
SSH server — an OpenSSH server for remote connections via SSH. The box is unchecked by default;
To configure the OS security parameters, the automatic network configuration, and to set the system clock type, in the Additional settings section, check the required security features.
The available security features depend on the selected security level. Each security level includes security features of the lower security level.
Base security level features:
Disable bootloader menu — GRUB2 menu will not be displayed. The OS kernel will be booted as per the default settings. The box is unchecked by default;
Disable ptrace capability — code tracing and debugging capability will be disabled. The box is checked by default;
Enable sudo password — sudo password will be required. The box is checked by default;
Disable non-execution bit setup — disable execution bit setting to prevent unauthorized creation of executable shell scripts; The box is unchecked by default;
Enable interpreters lock — the user will not be able to use interpreters. The box is unchecked by default;
Enable macros lock — standard applications will not be able to run macros. The box is unchecked by default;
Enable console lock — users will not be able to use console login or launch console from a GUI session. The box is unchecked by default;
Enable system limits — enable ulimits setting capability. The box is unchecked by default;
Disable automatic network configuration — automatic network configuration will be disabled during the OS setup. The network will have to be set up manually. The box is unchecked by default;
System clock in local time — set the system clock to local time. This option is recommended on dual-boot PCs with Windows family operating systems. The box is unchecked by default.
The Advanced security level includes all the features of the Base security level, as well as the following ones:
Mandatory integrity control — enables mandatory integrity control. The box is checked by default;
Enable ELF signature check — check digital signatures of files to ensure they are authentic and unmodified. The box is unchecked by default;
Enable freeing regions cleanup on EXT partitions — file system blocks are cleaned up immediately upon their freeing, paging partitions can be erased; The box is unchecked by default.
The Maximum security level includes all the features of the Advanced security level, as well as Mandatory access control — mandatory access control is enabled. The box is checked by default.
The default partitioning layout utilized the whole disk and creates the minimum amount of partitions.
To change the partitioning layout, in the Disk layout section, press [Edit layout]. The disk and partitioning layout selection window will be opened.
From the Disk partitioning config drop-down list, select a predefined layout template or the "Custom template" option. All partitioning templates may be edited.
The following partitioning templates are available:
"Use all space on disk and setup LVM" — the default partitioning template for large disks (over 40 GB). EXT4 file system is used for the system partition;
"Use protective transformation on LVM" — the partitioning template similar to "Use all space on disk and setup LVM", but with the protective transformation of the system partition. A passphrase is requested when this option is selected;
"Use all space on disk" — the partitioning template for small disks (under 40 GB), e.g. for a virtual machine. EXT4 file system is used for the system partition;
"Use all space on disk and setup XFS" — the partitioning template similar to "Use all space on disk". XFS file system is used for the system partition;
"Use protective transformation on XFS" — the partitioning template similar to "Use all space on disk and setup XFS", but with the protective transformation of the system partition. A passphrase is requested when this option is selected;
"Use "Red Book" as disk layout" — the partitioning template as per the information security recommendations and with the disk protective transformation. This template creates the following additional partitions:
/boot — boot data;
/home — user home directories;
/tmp — temporary files deleted after a reboot;
/var/tmp — temporary files preserved after a reboot.
EXT4 file system is used for the created partitions. A passphrase is requested when this option is selected;
"Separate home partition" — the partitioning template with a home directory in a separate partition. EXT4 file system is used for the created partitions;
"Custom template" — an empty template to manually create the required partitions.
The passphrase for the protective conversion must meet the same requirements as the administrator's password.
From the Disk on which the system will be installed drop-down list, select the disk for the OS installation.
To display the partitioning program interface, press [Show details].
In the the disk partitioning window, the following actions can be performed:
select the partitioning table — GPT or MBR (msdos);
change the partitions file systems;
set or change partition labels;
set or change partition mount points;
delete partitions;
create new partitions within the disk space freed up after other partitions deletion.
ATTENTION! If the disk contains data and should not be formated, the partition table must not be created. In this case free space must be allocated for the OS installation. After free space allocation partitions required for the OS should be created.
If the disk contains LVM volumes or volume groups with applied protective transformation, these must be unlocked to be used. To unlock volumes:
select the required device;
press [Unlock/Open selected device];
in the opened window in the Password field, enter the keyphrase used for protective transformation;
press [ОK].
Locked devices can only be formatted or deleted.
If a disk is unpartitioned or has been formatted, a partition table must be created for the OS installation. To create the partition table:
select the required device;
press [Edit selected device];
from the drop-down menu, select "Set partition table";
in the partitioning window, select the partition table type (GPT or msdos);
press [OK].
Note. The msdos partition table is supported on all PCs, but it cannot contain more than four primary partitions. The example describes partitioning using the GPT partition table.
When an LVM volume group partition is created all the remaining free disk space is recommended to be used. The disk space size may be set manually meeting the following requirements:
root partition — at least 40 GB;
/home and other partitions — as per the suggested use scenario.
Create an LVM volume group:
in the partitioning window, in the Logical View section, click on the free space;
press [+] to open the partition creation window;
in the partition creation window:
from the Device type drop-down-list, select "LVM2 Volume Group";
set the new LVM volume group size:
from the Available devices table, select the required disk or several disks, e.g. "sda";
from the drop-down list, select the unit of measure, e.g. "GiB";
in the Size field, enter the required size, e.g. "929,9";
optionally fill-in the Name field, e.g. enter "astra_lvm" (if left empty, the created LVM volume group will receive a default name);
if an LVM volume group requires protective transformation:
check the Use protective transformation box;
in the Passphrase field, enter the passphrase and repeat it in the Repeate Passphrase field;
if required, from the Sector size drop-down list, select the sector size. The default option is "Automatic";
to select the smallest logical LVM block:
click Show advanced options;
from the PE size drop-down list, select the required physical extent size value;
press [OK].
The LVM volume group named astra_lvm will be added to the list of disks in the partitioning window.
The root partition is required for the OS correct installation. The root partition ("/") is created within the LVM volume group.
Create the root partition:
in the partitioning window, on the sidebar, select the created LVM volume group;
press [+] to open the partition creation window;
in the partition creation window:
set the new partition size:
from the drop-down list, select the unit of measure, e.g. "GiB";
in the Size field, enter the required size, e.g. "50";
from the File system drop-down list, select "ext4";
optionally fill-in the Label field, e.g. enter "system";
optionally fill-in the Name field, e.g. enter "sys". If the field is filled in, the root partition is named astra_lvm-sys (<LVM_group_name-<partition_name>). If this field is left empty, the name of the created root partition will follow the pattern of <LVM_group_name>-<number>;
in the Mountpoint field, enter "/";
if the partition protective transformation is required:
check the Use protective transformation box;
in the Passphrase field, enter the passphrase and repeat it in the Repeate Passphrase field;
if required, from the Sector size drop-down list, select the sector size. The default option is "Automatic";
press [OK].
The created partition will be displayed in the partitioning window.
The home partition is not required for the OS correct installation, but it is recommended to be created, e.g. for a smoother transition to another Linux-based OS. The /home partition is created within the LVM volume group.
Create the home partition:
in the partitioning window, in the Logical View section, click on the free space within the LVM volume group;
press [+] to open the partition creation window;
in the partition creation window:
set the new partition size:
from the drop-down list, select the unit of measure, e.g. "GiB";
in the Size field, enter the required size, e.g. "100";
from the File system drop-down list, select "ext4";
optionally fill-in the Label field, e.g. enter "home";
optionally fill-in the Name field, e.g. enter "home". If the field is filled in, the /home partition is named astra_lvm-home (<LVM_group_name-<partition_name>). If this field is left empty, the name of the created /home partition will follow the pattern of <LVM_group_name>-<number>;
in the Mountpoint field, enter "/home";
if the partition protective transformation is required:
check the Use protective transformation box;
in the Passphrase field, enter the passphrase and repeat it in the Repeate Passphrase field;
if required, from the Sector size drop-down list, select the sector size. The default option is "Automatic";
press [OK].
The created partition will be displayed in the partitioning window.
All the disk partitioning actions for any partitioning template are queued. When a partitioning template is selected, the action queue is formed automatically.
To view the action queue, in the partitioning window, click N pending action(s). To undo the last action, on the Logical View, press the Undo button [⮪]. When partitioning is performed the queue actions will be performed one by one.
Apply the partitioning changes using one of the following methods:
before the OS installation:
in the partitioning window, press the partitioning actions selection button [≡];
in the menu, select "Write configuration on disk";
in the queued actions confirmation window, press OK;
press [Close].
during the OS installation - press [Close]. Partitioning will be performed during the OS installation.
To perform the OS installation, press [Install] to open the installation confirmation window. To display the disk partitioning actions queue, press [Show details]. To confirm and start the installation process, press [Yes]. To close the confirmation window and return to the installer, press [No].
After the installation confirmation, the window will open with the OS installation progress bar.
To open the installation log with the progress and error messages, press [Open log]. The installation log will open.
After the OS installation the progress and error messages log is available in the /var/log/astra-installer.log file.
To automatically reboot the PC after the OS successful installation, check the Reboot after installation finished box.
If the Reboot after installation finished box is unchecked, after the OS installation completion, press [Reboot] to reboot the PC.