https://wiki.archlinux.org/api.php?action=feedcontributions&user=DarioP&feedformat=atomArchWiki - User contributions [en]2024-03-29T05:25:33ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=Talk:Dovecot&diff=625359Talk:Dovecot2020-07-15T14:35:17Z<p>DarioP: /* Need to clarify assumptions */ new section</p>
<hr />
<div>== SNI ==<br />
Can someone describe a working SNI configuration? If i try to do it, dovecot won't start.<br />
[[User:Schrottfresse|Schrottfresse]] ([[User talk:Schrottfresse|talk]]) 09:25, 30 July 2015 (UTC)<br />
<br />
:A little late, but I've not tried using SNI with services outside of HTTP. Is there a need outside of using multiple hostnames for the same instance? Perhaps using a SAN (UCC) certificate and just having multiple user sources would be more appropriate. You can get free SAN certs, with five hostnames from StartCom now if cost is the issue. [[User:DJ L|DJ L]] ([[User talk:DJ L|talk]]) 05:39, 6 May 2016 (UTC)<br />
<br />
== Refactoring article for multiple user sources ==<br />
<br />
Any objection to refactoring this article to cover more topics? I've not come up with a preferred layout just yet, but virtual user examples should be covered for common setups. I was thinking of taking the PostfixAdmin example from the [[Virtual_user_mail_system]] article for users in MariaDB, and ripping my own configs out of the [[SOGo]] article for an AD example (those articles can both link here), and moving the TLS and Seive configurations to their own sections, also adding LMTP and SASL configs. We'd end up with much more complete information, but it would, by nature, kill the current start to finish configuration example. I'd like to do the same for [[Postfix]] as well. I think leaving the existing article alone (with the exception of TLS and Seive), just dropping it into a "Local" section, then add a "Virtual" section, and sub-divide that for AD (OpenLDAP too?) and SQL, with the other four at the bottom. Comments/Suggestions? [[User:DJ L|DJ L]] ([[User talk:DJ L|talk]]) 05:33, 6 May 2016 (UTC)<br />
<br />
== Minor correction for ManageSieve Server ==<br />
<br />
IMHO the note "Add sieve to protocols in dovecot.conf" can be dropped. ''protocols'' is (by default) expanded with ''sieve'' in /etc/dovecot/conf.d/20-managesieve.conf. But it should be mentioned that <code>cp /usr/share/doc/dovecot/example-config/conf.d/20-managesieve.conf /etc/dovecot/conf.d/20-managesieve.conf</code> is necessary. - [[User:Langen|Langen]] ([[User talk:Langen|talk]]) 10:01, 21 October 2017 (UTC)<br />
<br />
== Missing default configuration files ==<br />
<br />
Article states there should be some configuration available here: `/usr/share/doc/dovecot`. I installed dovecot today and found this directory missing.<br />
<br />
I checked at the source (https://www.dovecot.org/download) and doc folder with example configs is there.<br />
<br />
[[User:Gregosky|Gregosky]] ([[User talk:Gregosky|talk]]) 19:04, 1 May 2020 (UTC)<br />
<br />
== Need to clarify assumptions ==<br />
<br />
In particular the last point:<br />
<br />
* A [[Wikipedia:Mail delivery agent|MDA]] has already been set up to deliver mail to the local users.<br />
<br />
as Dovecot itself is listed as a MDA in the linked wikipedia page.</div>DarioPhttps://wiki.archlinux.org/index.php?title=Android_Debug_Bridge&diff=609929Android Debug Bridge2020-05-02T17:20:31Z<p>DarioP: Improved and generalized troubleshooting section</p>
<hr />
<div>[[Category:Android]]<br />
[[es:Android Debug Bridge]]<br />
[[pt:Android Debug Bridge]]<br />
The [https://developer.android.com/studio/command-line/adb Android Debug Bridge] (ADB) is a command-line tool that can be used to install, uninstall and debug apps, transfer files and access the device's shell.<br />
<br />
== Installation ==<br />
<br />
ADB is part of the Platform-Tools [[Android#SDK packages|SDK package]] and the {{Pkg|android-tools}} package.<br />
<br />
== Usage ==<br />
<br />
=== Connect device ===<br />
<br />
{{Tip|<br />
* For some devices, you may have to enable [[MTP]] on the device, before ADB will work. Some other devices require enable PTP mode to work.<br />
* Many devices' [[udev]] rules are included in {{Pkg|libmtp}}, so if you have this installed, the following steps may not be necessary.<br />
* Make sure your USB cable is capable of both charge and data. Many USB cables bundled with mobile devices do not include the USB data pin.<br />
}}<br />
<br />
To connect to a real device or phone via ADB under Arch, you must:<br />
<br />
# You might want to install {{Pkg|android-udev}} if you wish to connect the device to the proper {{ic|/dev/}} entries.<br />
# plug in your android device via USB.<br />
# Enable USB Debugging on your phone or device:<br />
#* Jelly Bean (4.2) and newer: Go to ''Settings > About Phone'' tap ''Build Number'' 7 times until you get a popup that you have become a developer. Build number may be under a menu called ''Software info'' on newer Android OS versions. Then go to ''Settings > Developer > USB debugging'' and enable it. The device will ask to allow the computer with its fingerprint to connect. Allowing it permanently will copy {{ic|~/.android/adbkey.pub}} onto the devices {{ic|/data/misc/adb/adb_keys}} folder.<br />
#* Older versions: This is usually done from ''Settings > Applications > Development > USB debugging''. Reboot the phone after checking this option to make sure USB debugging is enabled.<br />
<br />
If [[#Detect the device|ADB recognizes your device]] ({{ic|adb devices}} shows it as {{ic|"device" and not as "unauthorized"}}, or it is visible and accessible in IDE), you are done. Otherwise see the instructions below.<br />
<br />
=== Figure out device IDs ===<br />
<br />
Each Android device has a USB vendor/product ID. An example for HTC Evo is:<br />
<br />
vendor id: 0bb4<br />
product id: 0c8d<br />
<br />
Plug in your device and execute:<br />
<br />
$ lsusb<br />
<br />
It should come up something like this:<br />
<br />
Bus 002 Device 006: ID 0bb4:0c8d High Tech Computer Corp.<br />
<br />
=== Adding udev rules ===<br />
<br />
Use the rules from {{Pkg|android-udev}} (or {{Aur|android-udev-git}}), install them manually from [https://source.android.com/source/initializing#configuring-usb-access Android developer], or use the following template for your [[udev rules]], just replace {{ic|[VENDOR ID]}} and {{ic|[PRODUCT ID]}} with yours. Copy these rules into {{ic|/etc/udev/rules.d/51-android.rules}}:<br />
<br />
{{hc|/etc/udev/rules.d/51-android.rules|2=<nowiki><br />
SUBSYSTEM=="usb", ATTR{idVendor}=="[VENDOR ID]", MODE="0660", GROUP="adbusers"<br />
SUBSYSTEM=="usb",ATTR{idVendor}=="[VENDOR ID]",ATTR{idProduct}=="[PRODUCT ID]",SYMLINK+="android_adb"<br />
SUBSYSTEM=="usb",ATTR{idVendor}=="[VENDOR ID]",ATTR{idProduct}=="[PRODUCT ID]",SYMLINK+="android_fastboot"<br />
</nowiki>}}<br />
<br />
Then, to reload your new udev rules, execute:<br />
<br />
# udevadm control --reload-rules<br />
<br />
Make sure you are member of {{ic|adbusers}} [[user group]] to access {{ic|adb}} devices.<br />
<br />
=== Detect the device ===<br />
<br />
After you have setup the udev rules, unplug your device and replug it.<br />
<br />
After running:<br />
<br />
$ adb devices<br />
<br />
you should see something like:<br />
<br />
List of devices attached <br />
HT07VHL00676 device<br />
<br />
If ''adb'' still does not detect the device after plugging your device back in, kill and restart the ''adb'' server as root and check devices again:<br />
<br />
# adb kill-server<br />
# adb start-server<br />
$ adb devices<br />
<br />
=== Transferring files ===<br />
<br />
You can now use adb to transfer files between the device and your computer. To transfer files to the device, use<br />
<br />
$ adb push ''<what-to-copy>'' ''<where-to-place>''<br />
<br />
To transfer files from the device, use<br />
<br />
$ adb pull ''<what-to-pull>'' ''<where-to-place>''<br />
<br />
Also see [[#Tools building on ADB]].<br />
<br />
=== Backup and restore ===<br />
<br />
You can also backup and restore your device with ''adb''. Moreover, no root is required to follow the process. The commands below led to backup your device to a single file which can also be successively restored.<br />
<br />
The command to create a backup is<br />
<br />
$ adb backup -apk -shared -all -f backupFileName.ab<br />
<br />
The command parameters list is<br />
<br />
adb backup [-f <file>] [-apk|-noapk] [-shared|-noshared] [-all] [-system|nosystem] [<packages...>]<br />
<br />
Then confirm the process on your device's display and provide a password whether a backup password has been set before.<br />
<br />
The command to restore a previous backup is<br />
<br />
$ adb restore mybackup.ab<br />
<br />
{{Note|Remember that restoring replaces your device contents with the backup.}}<br />
<br />
== Tools building on ADB ==<br />
<br />
* {{aur|adbfs-rootless-git}} - a [[FUSE]] filesystem over ADB<br />
* [https://github.com/google/adb-sync adb-sync] (available as {{AUR|adb-sync-git}}) – a tool to synchronize files between a PC and an Android device using the ADB protocol.<br />
* [http://xsavikx.github.io/AndroidScreencast AndroidScreencast] (available as {{aur|androidscreencast-bin}}) – view and control your Android device from a PC (via ADB).<br />
* {{aur|logcat-color}} - a colorful and highly configurable alternative to the standard {{ic|adb logcat}} command.<br />
* [https://github.com/Genymobile/scrcpy scrcpy] (available as {{aur|scrcpy}}) – display and control your Android device<br />
<br />
== Troubleshooting ==<br />
<br />
=== Empty device list ===<br />
A possible cause for your device not showing up is not having enabled USB debugging on your device. You can do that by going to ''Settings > Applications > Development'' and enabling USB debugging. Since Android 4.2 (Jelly Bean), the development menu is hidden; to enable it go to ''Settings > About phone'' and tap Build number 7 times.<br />
<br />
=== No permissions error === <br />
If the device shows up with a "no permissions" label, it probably has a different vendor/product ID with respect to the ones collected by {{Pkg|android-udev}}.<br />
<br />
This can happen for instance when the device uses a custom ROM, or when it is switched from MTP to USB tethering mode, sideload and/or fastboot mode.<br />
Verify the actual device's ID with [[#Figure out device IDs|lsusb]] and add the appropriate udev rules as described [[#Adding udev rules|above]].</div>DarioPhttps://wiki.archlinux.org/index.php?title=NetworkManager&diff=599353NetworkManager2020-02-27T13:22:16Z<p>DarioP: /* Running in a network namespace */ clarification</p>
<hr />
<div>[[Category:Network managers]]<br />
[[Category:Red Hat]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[zh-hans:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related articles end}}<br />
[https://wiki.gnome.org/Projects/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text, see [[#Encrypted Wi-Fi passwords]].}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}, which contains a daemon, a command line interface ({{ic|nmcli}}) and a curses‐based interface ({{ic|nmtui}}). After installation, you should [[#Enable NetworkManager|enable the daemon]].<br />
<br />
Additional interfaces:<br />
<br />
* {{Pkg|nm-connection-editor}} for a graphical user interface,<br />
* {{Pkg|network-manager-applet}} for a system tray applet ({{ic|nm-applet}}).<br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== Mobile broadband support ===<br />
<br />
[[Install]] {{Pkg|modemmanager}}, {{Pkg|mobile-broadband-provider-info}} and {{Pkg|usb_modeswitch}} packages for mobile broadband connection support. See [[USB 3G Modem#NetworkManager]] for details.<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{Pkg|rp-pppoe}} package for PPPoE / DSL connection support. To actually add PPPoE connection, use {{ic|1=nm-connection-editor}} and add new DSL/PPPoE connection.<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager since version 1.16 has native support for [[WireGuard]], all it needs is the {{ic|wireguard}} kernel module. Read the [https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/ WireGuard in NetworkManager blog post] for details.<br />
<br />
Support for other VPN types is based on a plug-in system. They are provided in the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}} for [[OpenConnect]]<br />
* [[networkmanager-openvpn]] for [[OpenVPN]]<br />
* {{Pkg|networkmanager-pptp}} for [[PPTP Client]]<br />
* {{Pkg|networkmanager-vpnc}} for [[Vpnc]]<br />
* {{Pkg|networkmanager-strongswan}} for [[strongSwan]]<br />
* {{AUR|networkmanager-fortisslvpn-git}}<br />
* {{AUR|networkmanager-iodine-git}}<br />
* {{AUR|networkmanager-libreswan}}<br />
* {{AUR|networkmanager-l2tp}}<br />
* {{AUR|networkmanager-ssh-git}}<br />
* {{Pkg|network-manager-sstp}}<br />
<br />
{{Warning|1=There are a lot of [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues?search=VPN&state=opened bugs] (and [https://bugzilla.gnome.org/buglist.cgi?bug_status=__open__&content=VPN&product=NetworkManager old bugs]) related to VPN support. Check the daemon processes options set via the GUI correctly and double-check with each package release.}}<br />
<br />
{{Note|To have fully functioning DNS resolution when using VPN, you should set up [[#DNS caching and conditional forwarding|conditional forwarding]].}}<br />
<br />
== Usage ==<br />
<br />
NetworkManager comes with {{man|1|nmcli}} and {{man|1|nmtui}}.<br />
<br />
=== nmcli examples ===<br />
<br />
List nearby wifi networks:<br />
<br />
$ nmcli device wifi list<br />
<br />
Connect to a wifi network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password''<br />
<br />
Connect to a hidden network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' hidden yes<br />
<br />
Connect to a wifi on the {{ic|wlan1}} wifi interface:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' ifname wlan1 ''profile_name''<br />
<br />
Disconnect an interface:<br />
<br />
$ nmcli device disconnect ifname eth0<br />
<br />
Reconnect an interface marked as disconnected:<br />
<br />
$ nmcli connection up uuid ''UUID''<br />
<br />
Get a list of UUIDs:<br />
<br />
$ nmcli connection show<br />
<br />
See a list of network devices and their state:<br />
<br />
$ nmcli device<br />
<br />
Turn off wifi:<br />
<br />
$ nmcli radio wifi off<br />
<br />
=== Edit a connection ===<br />
<br />
For a comprehensive list of settings, see {{man|5|nm-settings}}.<br />
<br />
Firstly you need to get list of connections:<br />
<br />
{{hc|$ nmcli connection|<nowiki><br />
NAME UUID TYPE DEVICE<br />
Wired connection 2 e7054040-a421-3bef-965d-bb7d60b7cecf ethernet enp5s0<br />
Wired connection 1 997f2782-f0fc-301d-bfba-15421a2735d8 ethernet enp0s25<br />
MY-HOME-WIFI-5G 92a0f7b3-2eba-49ab-a899-24d83978f308 wifi --<br />
</nowiki>}}<br />
<br />
Here you can use the first column as connection-id used later. In this example we pick {{ic|Wired connection 2}} as a connection-id.<br />
<br />
You have three methods to configure a connection {{ic|Wired connection 2}} after it has been created:<br />
<br />
; nmcli interactive editor<br />
: {{ic|nmcli connection edit 'Wired connection 2'}}.<br> Usage is well documented from the editor.<br />
<br />
; nmcli command line interface<br />
: {{ic|nmcli connection modify 'Wired connection 2' ''setting''.''property'' ''value''}}. See {{man|1|nmcli}} for usage. For example you can change its IPv4 route metric to 200 using {{ic|nmcli connection modify 'Wired connection 2' ipv4.route-metric 200}} command.<br />
<br />
; Connection file<br />
: In {{ic|/etc/NetworkManager/system-connections/}}, modify the corresponding {{ic|Wired connection 2.nmconnection}} file .<br> Do not forget to reload the configuration file with {{ic|nmcli connection reload}}.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various desktop environments have their own applet. Otherwise you can use [[#nm-applet]].<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]] has a built-in tool, accessible from the Network settings.<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} package. After that, add it to the KDE taskbar via the ''Panel options > Add widgets > Networks'' menu.<br />
<br />
=== nm-applet ===<br />
<br />
{{Pkg|network-manager-applet}} is a GTK 3 front-end which works under Xorg environments with a systray.<br />
<br />
To store connection secrets install and configure [[GNOME/Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
The applet can show notifications for events such as connecting to or disconnecting from a WiFi network. For these notifications to display, ensure that you have a notification server installed - see [[Desktop notifications]]. If you use the applet without a notification server, you might see some messages in stdout/stderr, and the app might hang. See [https://bugzilla.gnome.org/show_bug.cgi?id=788313].<br />
<br />
In order to run {{ic|nm-applet}} with such notifications disabled, start the applet with the following command:<br />
<br />
$ nm-applet --no-agent<br />
<br />
{{Tip|{{ic|nm-applet}} might be started automatically with a [[XDG Autostart|autostart desktop file]], to add the --no-agent option modify the Exec line there, i.e.<br />
<br />
{{bc|1=Exec=nm-applet --no-agent}}<br />
<br />
}}<br />
<br />
{{Warning|On [[i3]], if nm-applet is started with the {{ic|--no-agent}} option, it is not possible to connect to a new encrypted WiFi network by clicking on the item list because no password input dialogue window will pop out. [[journal]] will show {{ic|no secrets: No agents were available for this request}}.}}<br />
<br />
==== Appindicator ====<br />
<br />
Appindicator support is available in ''nm-applet'' however it is not compiled into the official package, see {{Bug|51740}}. To use nm-applet in an Appindicator environment, replace {{Pkg|network-manager-applet}} with {{AUR|network-manager-applet-indicator}} and then start the applet with the following command:<br />
<br />
$ nm-applet --indicator<br />
<br />
=== networkmanager-dmenu ===<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with [[dmenu]] or [[rofi]] instead of {{ic|nm-applet}}. It provides all essential features such as connection to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI, connect to Bluetooth networks.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] with the {{ic|NetworkManager.service}} [[systemd]] unit. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Addition configuration files can be placed in {{ic|/etc/NetworkManager/conf.d/}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
After editing a configuration file, the changes can be applied by running:<br />
<br />
# nmcli general reload<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
{{Out of date|{{ic|NetworkManager.service}} has {{ic|1=Also=NetworkManager-wait-online.service}} in the {{ic|[Install]}} section.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/167e42a87e97ed7fb26a4263c22f1774716ac51b] If {{ic|NetworkManager.service}} was [[enable]]d before the change, it needs to be [[enable|reenabled]].}}<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using [[GNOME]] or [[KDE]], you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] which handles proxy settings using NetworkManager's information. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (see [[GNOME#Autostart]]).<br />
<br />
xhost +si:localuser:''username''<br />
<br />
See also [[Proxy settings]].<br />
<br />
=== Checking connectivity ===<br />
<br />
NetworkManager can try to reach a page on Internet when connecting to a network. {{Pkg|networkmanager}} is configured by default in {{ic|/usr/lib/NetworkManager/conf.d/20-connectivity.conf}} to check connectivity to archlinux.org. To use a different webserver or disable connectivity checking create {{ic|/etc/NetworkManager/conf.d/20-connectivity.conf}}, see {{man|5|NetworkManager.conf|CONNECTIVITY SECTION}}. Below is an example of using GNOME servers (it does not require the use of [[GNOME]]):<br />
<br />
{{hc|/etc/NetworkManager/conf.d/20-connectivity.conf|<nowiki><br />
[connectivity]<br />
uri=http://nmcheck.gnome.org/check_network_status.txt<br />
</nowiki>}}<br />
<br />
=== Captive portals ===<br />
<br />
{{Style|Complex scripts should not be maintained on the wiki.}}<br />
<br />
For those behind a [[Wikipedia:Captive portal|captive portal]], the desktop manager may automatically open a window asking for credentials. If your desktop does not, you can use {{Pkg|capnet-assist}} package (however, it currently it has a broken NetworkManager dispatcher script). Alternatively, you can create a NetworkManager dispatcher script with the following content:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/90-open_captive_portal|<nowiki><br />
#!/bin/sh -e<br />
# Script to dispatch NetworkManager events<br />
#<br />
# Runs shows a login webpage on walled garden networks.<br />
# See NetworkManager(8) for further documentation of the dispatcher events.<br />
<br />
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin<br />
<br />
if [ -x "/usr/bin/logger" ]; then<br />
logger="/usr/bin/logger -s -t captive-portal"<br />
else<br />
logger=":"<br />
fi<br />
<br />
wait_for_process() {<br />
PNAME=$1<br />
while [ -z "$(/usr/bin/pgrep $PNAME)" ]; do<br />
sleep 3;<br />
done<br />
}<br />
<br />
#launch the browser, but on boot we need to wait that nm-applet starts<br />
start_browser() {<br />
local user="$1"<br />
local display="$2"<br />
<br />
export DISPLAY="$display"<br />
wait_for_process nm-applet<br />
<br />
export XAUTHORITY="/home/$user/.Xauthority"<br />
<br />
$logger "Running browser as '$user' with display '$display' to login in captive portal"<br />
sudo -u "$user" --preserve-env=DISPLAY,XAUTHORITY -H xdg-open http://capnet.elementary.io 2>&1 > /dev/null<br />
}<br />
<br />
# Run the right scripts<br />
case "$2" in<br />
connectivity-change)<br />
$logger -p user.debug "dispatcher script triggered on connectivity change: $CONNECTIVITY_STATE"<br />
if [ "$CONNECTIVITY_STATE" = "PORTAL" ]; then<br />
# Match last column of who's output with ' :[at least one digit] '<br />
who | awk '$NF ~ /\(:[0-9]+\)/ { print $1 " " substr($NF, 2, length($NF)-2) };' | \<br />
while read user display; do<br />
start_browser $user $display || $logger -p user.err "Failed for user: '$user' display: '$display'"<br />
done<br />
fi<br />
;;<br />
*)<br />
# In a down phase<br />
exit 0<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
You will need to [[restart]] {{ic|NetworkManager.service}} or reboot for this to start working. Once you do, the dispatcher script should open a login window once it detects you are behind a captive portal.<br />
<br />
Another solution is {{AUR|captive-browser-git}} based on Google Chrome.<br />
<br />
=== DHCP client ===<br />
<br />
By default NetworkManager uses its internal DHCP client. The internal DHCPv4 plugin is based on the [https://nettools.github.io/n-dhcp4/ nettools' n-dhcp4] library, while the internal DHCPv6 plugin is made from code based on systemd-networkd.<br />
<br />
To use a different DHCP client [[install]] one of the alternatives:<br />
<br />
* {{Pkg|dhclient}} - ISC’s DHCP client.<br />
* {{Pkg|dhcpcd}} - [[dhcpcd]]. <br />
<br />
{{Note|<br />
* NetworkManger does not support using dhcpcd for IPv6. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/5 NetworkManager issue #5]. If dhcpcd is set as the DHCP client, NetworkManager will use the internal DHCP client for DHCPv6.<br />
* Do not enable the systemd units shipped with the {{Pkg|dhclient}} and {{Pkg|dhcpcd}} packages. They will conflict with NetworkManager, see the note in [[#Installation]] for details.<br />
}}<br />
<br />
To change the DHCP client backend, set the option {{ic|1=main.dhcp=''dhcp_client_name''}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}. E.g.:<br />
<br />
{{hc|1=/etc/NetworkManager/conf.d/dhcp-client.conf|2=<br />
[main]<br />
dhcp=dhclient<br />
}}<br />
<br />
=== DNS management ===<br />
<br />
NetworkManager's DNS management is described in the GNOME project's wiki page—[https://wiki.gnome.org/Projects/NetworkManager/DNS Projects/NetworkManager/DNS].<br />
<br />
==== DNS caching and conditional forwarding ====<br />
<br />
NetworkManager has a plugin to enable DNS caching and conditional forwarding ([https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/143 previously] called "split DNS" in NetworkManager's documentation) using [[dnsmasq]] or [[systemd-resolved]]. The advantages of this setup is that DNS lookups will be cached, shortening resolve times, and DNS lookups of VPN hosts will be routed to the relevant VPN's DNS servers. This is especially useful if you are connected to more than one VPN.<br />
<br />
===== dnsmasq =====<br />
<br />
Make sure {{Pkg|dnsmasq}} has been installed. Then set {{ic|1=main.dns=dnsmasq}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=dnsmasq<br />
}}<br />
<br />
Now run {{ic|nmcli general reload}} as root. NetworkManager will automatically start dnsmasq and add {{ic|127.0.0.1}} to {{ic|/etc/resolv.conf}}. The original DNS servers can be found in {{ic|/run/NetworkManager/no-stub-resolv.conf}}. You can verify dnsmasq is being used by doing the same DNS lookup twice with {{ic|drill example.com}} and verifying the server and query times.<br />
<br />
{{Note|<br />
* You do not need to start {{ic|dnsmasq.service}} or edit {{ic|/etc/dnsmasq.conf}}. NetworkManager will start dnsmasq without using the systemd service and without reading the dnsmasq's default configuration file(s).<br />
* The dnsmasq instance started by NetworkManager will bind to {{ic|127.0.0.1:53}}, you cannot run any other software (including {{ic|dnsmasq.service}}) on the same address and port.<br />
}}<br />
<br />
====== Custom dnsmasq configuration ======<br />
<br />
Custom configurations can be created for ''dnsmasq'' by creating configuration files in {{ic|/etc/NetworkManager/dnsmasq.d/}}. For example, to change the size of the DNS cache (which is stored in RAM):<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/cache.conf|2=<br />
cache-size=1000<br />
}}<br />
<br />
{{Tip|Check the configuration file syntax with {{ic|1=dnsmasq --test --conf-file=/dev/null --conf-dir=/etc/NetworkManager/dnsmasq.d}}.}}<br />
<br />
See {{man|8|dnsmasq}} for all available options.<br />
<br />
====== IPv6 ======<br />
<br />
{{Accuracy|This does not solve the issue because NetworkManager does not add {{ic|::1}} to {{ic|/etc/resolv.conf}}. Unless {{ic|@::1}} is manually passed to drill, it will still fail with {{ic|Error: error sending query: No (valid) nameservers defined in the resolver}}.}}<br />
<br />
Enabling {{ic|dnsmasq}} in NetworkManager may break IPv6-only DNS lookups (i.e. {{ic|drill -6 [hostname]}}) which would otherwise work. In order to resolve this, creating the following file will configure ''dnsmasq'' to also listen to the IPv6 loopback:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/ipv6-listen.conf|2=<br />
listen-address=::1<br />
}}<br />
<br />
In addition, {{ic|dnsmasq}} also does not prioritize upstream IPv6 DNS. Unfortunately NetworkManager does not do this ([https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/936712 Ubuntu Bug]). A workaround would be to disable IPv4 DNS in the NetworkManager config, assuming one exists<br />
<br />
====== DNSSEC ======<br />
<br />
The dnsmasq instance started by NetworkManager by default will not validate [[DNSSEC]] since it is started with the {{ic|--proxy-dnssec}} option. It will trust whatever DNSSEC information it gets from the upstream DNS server.<br />
<br />
For dnsmasq to properly validate DNSSEC, thus breaking DNS resolution with name servers that do not support it, create the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/dnssec.conf|2=<br />
conf-file=/usr/share/dnsmasq/trust-anchors.conf<br />
dnssec<br />
}}<br />
<br />
===== systemd-resolved =====<br />
<br />
{{Expansion|NetworkManager 1.16 adds a new setting {{ic|main.systemd-resolved}}[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383] (enabled by default). It unconditionally sends DNS configuration to systemd-resolved. Related to "Preserving resolv.conf" from [[systemd-resolved#DNS]]?}}<br />
<br />
NetworkManager can use [[systemd-resolved]] as a DNS resolver and cache. Make sure that ''systemd-resolved'' is properly configured and that {{ic|systemd-resolved.service}} is [[started]] before using it.<br />
<br />
systemd-resolved will be used automatically if {{ic|/etc/resolv.conf}} is a [[Systemd-resolved#DNS|symlink]] to {{ic|/run/systemd/resolve/stub-resolv.conf}}, {{ic|/run/systemd/resolve/resolv.conf}} or {{ic|/usr/lib/systemd/resolv.conf}}.<br />
<br />
You can enable it explicitly by setting {{ic|1=main.dns=systemd-resolved}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=systemd-resolved<br />
}}<br />
<br />
===== DNS resolver with an openresolv subscriber =====<br />
<br />
If [[openresolv]] has a subscriber for your local [[DNS resolver]], set up the subscriber and [[#Use openresolv|configure NetworkManager to use openresolv]].<br />
<br />
Because NetworkManager advertises a single "interface" to ''resolvconf'', it is not possible to implement conditional forwarding between to NetworkManager connections. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 NetworkManager issue 153].<br />
<br />
This can be partially mitigated if you set {{ic|1=private="*"}} in {{ic|/etc/resolvconf.conf}}[https://roy.marples.name/projects/openresolv/configuration.html]. Any queries for domains that are not in search domain list will not get forwarded. They will be handled according to the local resolver's configuration, for example, forwarded to another DNS server or resolved recursively from the DNS root.<br />
<br />
==== Custom DNS servers ====<br />
<br />
===== Setting custom global DNS servers =====<br />
<br />
To set DNS servers for all connections, specify them in {{man|5|NetworkManager.conf}} using the syntax {{ic|1=servers=''serveripaddress1'',''serveripaddress2'',''serveripaddress3''}} in a section named {{ic|[global-dns-domain-*]}}. For example:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns-servers.conf|2=<br />
[global-dns-domain-*]<br />
servers=::1,127.0.0.1<br />
}}<br />
<br />
{{Note|<br />
* If you use [[#DNS caching and conditional forwarding|NetworkManager's dnsmasq or systemd-resolved plugin]] or [[#DNS resolver with an openresolv subscriber|openresolv subscribers]], then do not specify loopback addresses with the {{ic|1=servers=}} option, it can break DNS resolution.<br />
* The specified servers do not get sent to [[systemd-resolved]], the connection's DNS servers are used instead.<br />
}}<br />
<br />
===== Setting custom DNS servers in a connection =====<br />
<br />
====== Setting custom DNS servers in a connection (GUI) ======<br />
<br />
Setup will depend on the type of front-end used; the process usually involves right-clicking on the applet, editing (or creating) a profile, and then choosing DHCP type as ''Automatic (specify addresses)''. The DNS addresses will need to be entered and are usually in this form: {{ic|127.0.0.1, ''DNS-server-one'', ...}}.<br />
<br />
====== Setting custom DNS servers in a connection (nmcli / connection file) ======<br />
<br />
To setup DNS Servers per connection, you can use the {{ic|dns}} field (and the associated {{ic|dns-search}} and {{ic|dns-options}}) in the [[#Edit a connection|connection settings]]. <br />
<br />
If {{ic|method}} is set to {{ic|auto}} (when you use DHCP), you need to set {{ic|ignore-auto-dns}} to {{ic|yes}}.<br />
<br />
==== /etc/resolv.conf ====<br />
<br />
By default {{ic|/etc/resolv.conf}} is managed by ''NetworkManager'' unless it is a symlink.<br />
<br />
It can be configured to write it through [[#Use openresolv|openresolv]] or to [[#Unmanaged /etc/resolv.conf|not touch it at all]].<br />
<br />
Using openresolv allows NetworkManager to coexists with other ''resolvconf'' supporting software or, for example, to run a local DNS caching and split-DNS resolver for which openresolv has a [[openresolv#Subscribers|subscriber]].<br />
<br />
{{Note|Conditional forwarding is [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 not yet fully supported] when using NetworkManager with openresolv.}}<br />
<br />
''NetworkManager'' also offers hooks via so called dispatcher scripts that can be used to alter the {{ic|/etc/resolv.conf}} after network changes. See [[#Network services with NetworkManager dispatcher]] and {{man|8|NetworkManager}} for more information.<br />
<br />
{{Note|<br />
* If NetworkManager is configured to use either [[#dnsmasq|dnsmasq]] or [[#systemd-resolved|systemd-resolved]], then the appropriate loopback addresses will be written to {{ic|/etc/resolv.conf}}.<br />
* The {{ic|resolv.conf}} file NetworkManager writes or would write to {{ic|/etc/resolv.conf}} can be found at {{ic|/run/NetworkManager/resolv.conf}}.<br />
* A {{ic|resolv.conf}} file with the acquired name servers and search domains can be found at {{ic|/run/NetworkManager/no-stub-resolv.conf}}.<br />
}}<br />
<br />
===== Unmanaged /etc/resolv.conf =====<br />
<br />
To stop NetworkManager from touching {{ic|/etc/resolv.conf}}, set {{ic|1=main.dns=none}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=none<br />
}}<br />
<br />
{{Tip|You might also want to set {{ic|1=main.systemd-resolved=false}}, so that NetworkManager does not send the DNS configuration to [[systemd-resolved]].}}<br />
<br />
{{Note|See [[#DNS caching and conditional forwarding]], to configure NetworkManager using other DNS backends like [[dnsmasq]] and [[systemd-resolved]], instead of using {{ic|1=main.dns=none}}.}}<br />
<br />
After that {{ic|/etc/resolv.conf}} might be a broken symlink that you will need to remove. Then, just create a new {{ic|/etc/resolv.conf}} file.<br />
<br />
===== Use openresolv =====<br />
<br />
{{Note|Do not set {{ic|1=rc-manager=resolvconf}} when {{Pkg|systemd-resolvconf}} is installed. ''systemd-resolved'' provides limited support for the ''resolvconf'' interface and NetworkManager supports communicating with systemd-resolved through D-Bus without using ''resolvconf''.}}<br />
<br />
To configure NetworkManager to use [[openresolv]], set {{ic|1=main.rc-manager=resolvconf}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/rc-manager.conf|2=<br />
[main]<br />
rc-manager=resolvconf<br />
}}<br />
<br />
=== Firewall ===<br />
<br />
You can assign a [[firewalld]] zone based on your current connection. For example a restrictive firewall when at work, and a less restrictive one when at home.<br />
<br />
This can also be done with [[#Network services with NetworkManager dispatcher|NetworkManager dispatcher]].<br />
<br />
== Network services with NetworkManager dispatcher ==<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. NetworkManager has the ability to start services when you connect to a network and stop them when you disconnect (e.g. when using [[NFS]], [[SMB]] and [[NTPd]]).<br />
<br />
To activate the feature you need to [[enable]] and [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the service is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory.<br />
<br />
Scripts must be owned by '''root''', otherwise the dispatcher will not execute them. For added security, set group [[ownership]] to root as well:<br />
<br />
# chown root:root /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
Make sure the file has correct permissions:<br />
<br />
# chmod 755 /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10-portmap}} or {{ic|30-netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
Scripts will receive the following arguments:<br />
<br />
* '''Interface name:''' e.g. {{ic|eth0}}<br />
* '''Interface status:''' ''up'' or ''down''<br />
* '''VPN status:''' ''vpn-up'' or ''vpn-down''<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network.}}<br />
<br />
=== Avoiding the dispatcher timeout ===<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service.d/remain_after_exit.conf|2=<br />
[Service]<br />
RemainAfterExit=yes<br />
}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
=== Dispatcher examples ===<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli connection status}} or {{ic|nmcli connection list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
export SSH_AUTH_SOCK<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Mounting of SMB shares ====<br />
<br />
Some [[SMB]] shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount SMB shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-mount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
# Find the connection UUID with "nmcli connection show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
if [ "$2" = "up" ]; then<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
The following script will unmount all SMB shares before a software initiated disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/30-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|Make sure this script is located in the {{ic|pre-down.d}} sub-directory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
<br />
The following script will attempt to unmount all SMB shares following an unexpected disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/40-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
if [ "$2" = "down" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* Since NetworkManager 0.9.8, the ''pre-down'' and ''down'' events are not executed on shutdown or restart, see [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.<br />
* The previous ''umount'' scripts are still prone to leaving applications actually accessing the mount to 'hang'.<br />
}}<br />
<br />
An alternative is to use the script as seen in [[NFS#Using a NetworkManager dispatcher]]:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-smb.sh|<nowiki><br />
#!/bin/bash<br />
<br />
# Find the connection UUID with "nmcli con show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
WANTED_CON_UUID="CHANGE-ME-NOW-9c7eff15-010a-4b1c-a786-9b4efa218ba9"<br />
<br />
if [[ "$CONNECTION_UUID" == "$WANTED_CON_UUID" ]]; then<br />
<br />
# Script parameter $1: NetworkManager connection name, not used<br />
# Script parameter $2: dispatched event<br />
<br />
case "$2" in<br />
"up")<br />
mount -a -t cifs<br />
;;<br />
"pre-down");&<br />
"vpn-pre-down")<br />
umount -l -a -t cifs >/dev/null<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|This script ignores mounts with the {{ic|noauto}} option, remove this mount option or use {{ic|auto}} to allow the dispatcher to manage these mounts.}}<br />
<br />
Create a symlink inside {{ic|/etc/NetworkManager/dispatcher.d/pre-down/}} to catch the {{ic|pre-down}} events:<br />
<br />
# ln -s ../30-smb.sh /etc/NetworkManager/dispatcher.d/pre-down.d/30-smb.sh<br />
<br />
==== Mounting of NFS shares ====<br />
<br />
See [[NFS#Using a NetworkManager dispatcher]].<br />
<br />
==== Use dispatcher to automatically toggle wireless depending on LAN cable being plugged in ====<br />
<br />
The idea is to only turn Wi-Fi on when the LAN cable is unplugged (for example when detaching from a laptop dock), and for Wi-Fi to be automatically disabled, once a LAN cable is plugged in again. <br />
<br />
Create the following dispatcher script[https://superuser.com/questions/233448/disable-wlan-if-wired-cable-network-is-available], replacing {{ic|1=LAN_interface}} with yours.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/wlan_auto_toggle.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$1" = "LAN_interface" ]; then<br />
case "$2" in<br />
up)<br />
nmcli radio wifi off<br />
;;<br />
down)<br />
nmcli radio wifi on<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|You can get a list of interfaces using [[#nmcli examples|nmcli]]. The ethernet (LAN) interfaces start with {{ic|en}}, e.g. {{ic|1=enp0s5}}}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
{{Note|This script will require {{Pkg|wireless_tools}} in order to use {{ic|iwgetid}}.}}<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
Trying to connect with the above script may still fail with {{ic|NetworkManager-dispatcher.service}} complaining about 'no valid VPN secrets', because of [https://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored]. Fortunately, there are different options to give the above script access to your VPN password.<br />
<br />
1: One of them requires editing the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
If that alone does not work, you may have to create a {{ic|passwd-file}} in a safe location with the same permissions and ownership as the dispatcher script, containing the following:<br />
<br />
{{hc|/path/to/passwd-file|<br />
vpn.secrets.password:YOUR_PASSWORD<br />
}}<br />
<br />
The script must be changed accordingly, so that it gets the password from the file:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME" passwd-file /path/to/passwd-file<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
2: Alternatively, change the {{ic|password-flags}} and put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to disable IPv6 on VPN provider connections ====<br />
<br />
Many [[:Category:VPN providers|commercial VPN providers]] support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, dispatcher can be used to disable all IPv6 traffic for the time a VPN connection is up.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/10-vpn-ipv6|<nowiki><br />
#!/bin/sh<br />
<br />
case "$2" in<br />
vpn-up)<br />
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
vpn-down)<br />
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== OpenNTPD ====<br />
<br />
See [[OpenNTPD#Using NetworkManager dispatcher]].<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -r '^psk=' /etc/NetworkManager/system-connections/<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
It is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
==== Using GNOME Keyring ====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password only for this user}}.<br />
<br />
==== Using KDE Wallet ====<br />
<br />
Using KDE's {{Pkg|plasma-nm}}, click the applet, click on the top right {{ic|Settings}} icon, click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again.<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks. Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
You will need a Wi-Fi card which supports AP mode, see [[Software access point#Wi-Fi device must support AP mode]] for details.<br />
<br />
[[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
<br />
Create the shared connection:<br />
<br />
* Click on applet and choose ''Create new wireless network''.<br />
* Follow wizard (chose WPA2 or higher, be sure to use at least 8 character long password, lower lengths will fail).<br />
** Choose either [[Fedora:Features/RealHotspot|Hotspot]] or Ad-hoc as Wi-Fi mode.<br />
<br />
The connection will be saved and remain stored for the next time you need it.<br />
<br />
{{Note|Android does not support connecting to Ad-hoc networks. To share a connection with Android use infrastructure mode (i.e. set Wi-Fi mode to "Hotspot").}}<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
<br />
{{Style|{{Pkg|nm-connection-editor}} is not a dependency of {{Pkg|networkmanager}} and needs to be installed separately.}}<br />
<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
{{Out of date|''nm-tool'' was remove from NetworkManager for long time now[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/bb8c75bd536d4f8fb80a4366025a279078f0ec81]. ''nmcli'' should be used instead.}}<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
{{Remove|Out of scope of this article.}}<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it is not, and NetworkManager is not connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Merge|GNOME/Keyring|Out of scope of the NetworkManager article.}}<br />
<br />
{{Out of date|The following method is dated and known not to work on at least one machine.}}<br />
<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
{{Remove|A note in [[SLiM#Gnome Keyring]] says that staring with slim 1.3.5-1 no configuration is required.}}<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
=== OpenConnect with password in KWallet ===<br />
<br />
While you may type both values at connection time, {{Pkg|plasma-nm}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from [[KWallet]].<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them. You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/conf.d/unmanaged.conf}}:<br />
<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
<br />
After editing the file, run {{ic|nmcli general reload}} as root. Afterwards you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Configuring MAC address randomization ===<br />
<br />
{{Note|1=Disabling MAC address randomization may be needed to get (stable) link connection [https://bbs.archlinux.org/viewtopic.php?id=220101] and/or networks that restrict devices based on their MAC Address or have a limit network capacity.}}<br />
<br />
MAC randomization can be used for increased privacy by not disclosing your real MAC address to the network.<br />
<br />
NetworkManager supports two types MAC Address Randomization: randomization during scanning, and for network connections. Both modes can be configured by modifying {{ic|/etc/NetworkManager/NetworkManager.conf}} or by creating a separate configuration file in {{ic|/etc/NetworkManager/conf.d/}} which is recommended since the aforementioned config file may be overwritten by NetworkManager.<br />
<br />
Randomization during Wi-Fi scanning is enabled by default, but it may be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}} or a dedicated configuration file under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
}}<br />
<br />
MAC randomization for network connections can be set to different modes for both wireless and ethernet interfaces. See the [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details on the different modes. <br />
<br />
In terms of MAC randomization the most important modes are {{ic|stable}} and {{ic|random}}. {{ic|stable}} generates a random MAC address when you connect to a new network and associates the two permanently. This means that you will use the same MAC address every time you connect to that network. In contrast, {{ic|random}} will generate a new MAC address every time you connect to a network, new or previously known. You can configure the MAC randomization by adding the desired configuration under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device-mac-randomization]<br />
# "yes" is already the default for scanning<br />
wifi.scan-rand-mac-address=yes<br />
<br />
[connection-mac-randomization]<br />
# Randomize MAC for every ethernet connection<br />
ethernet.cloned-mac-address=random<br />
# Generate a random MAC for each WiFi and associate the two permanently.<br />
wifi.cloned-mac-address=stable<br />
}}<br />
<br />
See the following [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details.<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]].<br />
<br />
=== Working with wired connections ===<br />
<br />
By default, NetworkManager generates a connection profile for each wired ethernet connection it finds. At the point when generating the connection, it does not know whether there will be more ethernet adapters available. Hence, it calls the first wired connection "Wired connection 1". You can avoid generating this connection, by configuring {{ic|no-auto-default}} (see {{man|5|NetworkManager.conf}}), or by simply deleting it. Then NetworkManager will remember not to generate a connection for this interface again.<br />
<br />
You can also edit the connection (and persist it to disk) or delete it. NetworkManager will not re-generate a new connection. Then you can change the name to whatever you want. You can use something like nm-connection-editor for this task.<br />
<br />
=== Using iwd as the Wi-Fi backend ===<br />
<br />
Install {{AUR|networkmanager-iwd}} or enable the experimental [[iwd]] backend creating the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_backend.conf|2=<br />
[device]<br />
wifi.backend=iwd<br />
}}<br />
<br />
=== Running in a network namespace ===<br />
<br />
If you would like to run NetworkManager inside a network namespace (eg to manage a specific device which should be use by selected applications), bring the device down before moving it to the namespace:<br />
<br />
$ ip link set dev $MY_DEVICE down<br />
$ ip link set dev $MY_DEVICE netns $MY_NAMESPACE<br />
$ ip netns exec $MY_NAMESPACE NetworkManager<br />
.<br />
.<br />
.<br />
$ ip netns exec $MY_NAMESPACE killall NetworkManager<br />
<br />
otherwise NetworkManager will later fail to establish the connection with a {{ic|device is strictly unmanaged}} error.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider using another DHCP client, see [[#DHCP client]] for instructions. This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:''aa:bb:cc:dd:ee:ff'';<br />
}<br />
<br />
Where {{ic|''aa:bb:cc:dd:ee:ff''}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#NetworkManager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. To check if the driver notifies ''rfkill'' about the wireless adapter's status, use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the GNOME keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
=== Unable to turn on wi-fi with Lenovo laptop (IdeaPad, Legion, etc.) ===<br />
<br />
There is an issue with the {{ic|ideapad_laptop}} module on some Lenovo models due to the wi-fi driver incorrectly reporting a soft block. The card can still be manipulated with {{ic|netctl}}, but managers like NetworkManager break. You can verify that this is the problem by checking the output of {{ic|rfkill list}} after toggling your hardware switch and seeing that the soft block persists.<br />
<br />
{{Accuracy|Try to use {{ic|rfkill.default_state}} and {{ic|rfkill.master_switch_mode}} (see [https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/kernel-parameters.txt kernel-parameters.txt]) to fix the rfkill problem.}}<br />
<br />
[[modprobe|Unloading]] the {{ic|ideapad_laptop}} module should fix this. ('''warning''': this may disable the laptop keyboard and touchpad also!).<br />
<br />
=== Turn off hostname sending ===<br />
<br />
NetworkManager by default sends the hostname to the DHCP server. Hostname sending can only be disabled per connection not globally ([https://bugzilla.gnome.org/show_bug.cgi?id=768076 GNOME Bug 768076]).<br />
<br />
To disable sending your hostname to the DHCP server for a specific connection, add the following to your network connection file:<br />
<br />
{{hc|/etc/NetworkManager/system-connections/''your_connection_file''|2=<br />
...<br />
[ipv4]<br />
dhcp-send-hostname=false<br />
...<br />
[ipv6]<br />
dhcp-send-hostname=false<br />
...<br />
}}<br />
<br />
=== nm-applet disappears in i3wm ===<br />
<br />
If you use the {{ic|xfce4-notifyd.service}} for notifications you must [[edit]] the unit and add the following:<br />
<br />
{{hc|/etc/systemd/user/xfce4-notifyd.service.d/display_env.conf|2=<br />
[Service]<br />
Environment="DISPLAY=:0.0"<br />
}}<br />
<br />
After reloading the daemons [[restart]] {{ic|xfce4-notifyd.service}}. Exit i3 and start it back up again and the applet should show on the tray.<br />
<br />
=== nm-applet tray icons display wrongly ===<br />
<br />
Currently the tray icons of nm-applet are drawn on top of one another, i.e. the icon displaying wireless strength might show on top of the icon indicating no wired connection.<br />
This is apparently a GTK3 bug/problem: https://gitlab.gnome.org/GNOME/gtk/issues/1280 .<br />
<br />
A patched version of GTK3 exists in AUR, which apparently fixes the tray icon bug: {{AUR|gtk3-mushrooms}} .<br />
<br />
=== Unit dbus-org.freedesktop.resolve1.service not found ===<br />
<br />
If {{ic|systemd-resolved.service}} is not started, NetworkManager will try to start it using D-Bus and fail:<br />
<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
dbus-daemon[991]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.resolve1.service': Unit dbus-org.freedesktop.resolve1.service not found.<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
<br />
This is because NetworkManager will try to send DNS information to [[systemd-resolved]] regardless of the {{ic|1=main.dns=}} setting in {{man|5|NetworkManager.conf}}.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383]<br />
<br />
This can be disabled with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/no-systemd-resolved.conf|2=<br />
[main]<br />
systemd-resolved=false<br />
}}<br />
<br />
See {{Bug|62138}}.<br />
<br />
== See also ==<br />
<br />
* [https://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]<br />
* [[Wikipedia:NetworkManager]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=NetworkManager&diff=599352NetworkManager2020-02-27T13:21:00Z<p>DarioP: /* Running in a network namespace */ clarification with example</p>
<hr />
<div>[[Category:Network managers]]<br />
[[Category:Red Hat]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[zh-hans:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related articles end}}<br />
[https://wiki.gnome.org/Projects/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text, see [[#Encrypted Wi-Fi passwords]].}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}, which contains a daemon, a command line interface ({{ic|nmcli}}) and a curses‐based interface ({{ic|nmtui}}). After installation, you should [[#Enable NetworkManager|enable the daemon]].<br />
<br />
Additional interfaces:<br />
<br />
* {{Pkg|nm-connection-editor}} for a graphical user interface,<br />
* {{Pkg|network-manager-applet}} for a system tray applet ({{ic|nm-applet}}).<br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== Mobile broadband support ===<br />
<br />
[[Install]] {{Pkg|modemmanager}}, {{Pkg|mobile-broadband-provider-info}} and {{Pkg|usb_modeswitch}} packages for mobile broadband connection support. See [[USB 3G Modem#NetworkManager]] for details.<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{Pkg|rp-pppoe}} package for PPPoE / DSL connection support. To actually add PPPoE connection, use {{ic|1=nm-connection-editor}} and add new DSL/PPPoE connection.<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager since version 1.16 has native support for [[WireGuard]], all it needs is the {{ic|wireguard}} kernel module. Read the [https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/ WireGuard in NetworkManager blog post] for details.<br />
<br />
Support for other VPN types is based on a plug-in system. They are provided in the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}} for [[OpenConnect]]<br />
* [[networkmanager-openvpn]] for [[OpenVPN]]<br />
* {{Pkg|networkmanager-pptp}} for [[PPTP Client]]<br />
* {{Pkg|networkmanager-vpnc}} for [[Vpnc]]<br />
* {{Pkg|networkmanager-strongswan}} for [[strongSwan]]<br />
* {{AUR|networkmanager-fortisslvpn-git}}<br />
* {{AUR|networkmanager-iodine-git}}<br />
* {{AUR|networkmanager-libreswan}}<br />
* {{AUR|networkmanager-l2tp}}<br />
* {{AUR|networkmanager-ssh-git}}<br />
* {{Pkg|network-manager-sstp}}<br />
<br />
{{Warning|1=There are a lot of [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues?search=VPN&state=opened bugs] (and [https://bugzilla.gnome.org/buglist.cgi?bug_status=__open__&content=VPN&product=NetworkManager old bugs]) related to VPN support. Check the daemon processes options set via the GUI correctly and double-check with each package release.}}<br />
<br />
{{Note|To have fully functioning DNS resolution when using VPN, you should set up [[#DNS caching and conditional forwarding|conditional forwarding]].}}<br />
<br />
== Usage ==<br />
<br />
NetworkManager comes with {{man|1|nmcli}} and {{man|1|nmtui}}.<br />
<br />
=== nmcli examples ===<br />
<br />
List nearby wifi networks:<br />
<br />
$ nmcli device wifi list<br />
<br />
Connect to a wifi network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password''<br />
<br />
Connect to a hidden network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' hidden yes<br />
<br />
Connect to a wifi on the {{ic|wlan1}} wifi interface:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' ifname wlan1 ''profile_name''<br />
<br />
Disconnect an interface:<br />
<br />
$ nmcli device disconnect ifname eth0<br />
<br />
Reconnect an interface marked as disconnected:<br />
<br />
$ nmcli connection up uuid ''UUID''<br />
<br />
Get a list of UUIDs:<br />
<br />
$ nmcli connection show<br />
<br />
See a list of network devices and their state:<br />
<br />
$ nmcli device<br />
<br />
Turn off wifi:<br />
<br />
$ nmcli radio wifi off<br />
<br />
=== Edit a connection ===<br />
<br />
For a comprehensive list of settings, see {{man|5|nm-settings}}.<br />
<br />
Firstly you need to get list of connections:<br />
<br />
{{hc|$ nmcli connection|<nowiki><br />
NAME UUID TYPE DEVICE<br />
Wired connection 2 e7054040-a421-3bef-965d-bb7d60b7cecf ethernet enp5s0<br />
Wired connection 1 997f2782-f0fc-301d-bfba-15421a2735d8 ethernet enp0s25<br />
MY-HOME-WIFI-5G 92a0f7b3-2eba-49ab-a899-24d83978f308 wifi --<br />
</nowiki>}}<br />
<br />
Here you can use the first column as connection-id used later. In this example we pick {{ic|Wired connection 2}} as a connection-id.<br />
<br />
You have three methods to configure a connection {{ic|Wired connection 2}} after it has been created:<br />
<br />
; nmcli interactive editor<br />
: {{ic|nmcli connection edit 'Wired connection 2'}}.<br> Usage is well documented from the editor.<br />
<br />
; nmcli command line interface<br />
: {{ic|nmcli connection modify 'Wired connection 2' ''setting''.''property'' ''value''}}. See {{man|1|nmcli}} for usage. For example you can change its IPv4 route metric to 200 using {{ic|nmcli connection modify 'Wired connection 2' ipv4.route-metric 200}} command.<br />
<br />
; Connection file<br />
: In {{ic|/etc/NetworkManager/system-connections/}}, modify the corresponding {{ic|Wired connection 2.nmconnection}} file .<br> Do not forget to reload the configuration file with {{ic|nmcli connection reload}}.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various desktop environments have their own applet. Otherwise you can use [[#nm-applet]].<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]] has a built-in tool, accessible from the Network settings.<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} package. After that, add it to the KDE taskbar via the ''Panel options > Add widgets > Networks'' menu.<br />
<br />
=== nm-applet ===<br />
<br />
{{Pkg|network-manager-applet}} is a GTK 3 front-end which works under Xorg environments with a systray.<br />
<br />
To store connection secrets install and configure [[GNOME/Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
The applet can show notifications for events such as connecting to or disconnecting from a WiFi network. For these notifications to display, ensure that you have a notification server installed - see [[Desktop notifications]]. If you use the applet without a notification server, you might see some messages in stdout/stderr, and the app might hang. See [https://bugzilla.gnome.org/show_bug.cgi?id=788313].<br />
<br />
In order to run {{ic|nm-applet}} with such notifications disabled, start the applet with the following command:<br />
<br />
$ nm-applet --no-agent<br />
<br />
{{Tip|{{ic|nm-applet}} might be started automatically with a [[XDG Autostart|autostart desktop file]], to add the --no-agent option modify the Exec line there, i.e.<br />
<br />
{{bc|1=Exec=nm-applet --no-agent}}<br />
<br />
}}<br />
<br />
{{Warning|On [[i3]], if nm-applet is started with the {{ic|--no-agent}} option, it is not possible to connect to a new encrypted WiFi network by clicking on the item list because no password input dialogue window will pop out. [[journal]] will show {{ic|no secrets: No agents were available for this request}}.}}<br />
<br />
==== Appindicator ====<br />
<br />
Appindicator support is available in ''nm-applet'' however it is not compiled into the official package, see {{Bug|51740}}. To use nm-applet in an Appindicator environment, replace {{Pkg|network-manager-applet}} with {{AUR|network-manager-applet-indicator}} and then start the applet with the following command:<br />
<br />
$ nm-applet --indicator<br />
<br />
=== networkmanager-dmenu ===<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with [[dmenu]] or [[rofi]] instead of {{ic|nm-applet}}. It provides all essential features such as connection to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI, connect to Bluetooth networks.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] with the {{ic|NetworkManager.service}} [[systemd]] unit. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Addition configuration files can be placed in {{ic|/etc/NetworkManager/conf.d/}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
After editing a configuration file, the changes can be applied by running:<br />
<br />
# nmcli general reload<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
{{Out of date|{{ic|NetworkManager.service}} has {{ic|1=Also=NetworkManager-wait-online.service}} in the {{ic|[Install]}} section.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/167e42a87e97ed7fb26a4263c22f1774716ac51b] If {{ic|NetworkManager.service}} was [[enable]]d before the change, it needs to be [[enable|reenabled]].}}<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using [[GNOME]] or [[KDE]], you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] which handles proxy settings using NetworkManager's information. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (see [[GNOME#Autostart]]).<br />
<br />
xhost +si:localuser:''username''<br />
<br />
See also [[Proxy settings]].<br />
<br />
=== Checking connectivity ===<br />
<br />
NetworkManager can try to reach a page on Internet when connecting to a network. {{Pkg|networkmanager}} is configured by default in {{ic|/usr/lib/NetworkManager/conf.d/20-connectivity.conf}} to check connectivity to archlinux.org. To use a different webserver or disable connectivity checking create {{ic|/etc/NetworkManager/conf.d/20-connectivity.conf}}, see {{man|5|NetworkManager.conf|CONNECTIVITY SECTION}}. Below is an example of using GNOME servers (it does not require the use of [[GNOME]]):<br />
<br />
{{hc|/etc/NetworkManager/conf.d/20-connectivity.conf|<nowiki><br />
[connectivity]<br />
uri=http://nmcheck.gnome.org/check_network_status.txt<br />
</nowiki>}}<br />
<br />
=== Captive portals ===<br />
<br />
{{Style|Complex scripts should not be maintained on the wiki.}}<br />
<br />
For those behind a [[Wikipedia:Captive portal|captive portal]], the desktop manager may automatically open a window asking for credentials. If your desktop does not, you can use {{Pkg|capnet-assist}} package (however, it currently it has a broken NetworkManager dispatcher script). Alternatively, you can create a NetworkManager dispatcher script with the following content:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/90-open_captive_portal|<nowiki><br />
#!/bin/sh -e<br />
# Script to dispatch NetworkManager events<br />
#<br />
# Runs shows a login webpage on walled garden networks.<br />
# See NetworkManager(8) for further documentation of the dispatcher events.<br />
<br />
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin<br />
<br />
if [ -x "/usr/bin/logger" ]; then<br />
logger="/usr/bin/logger -s -t captive-portal"<br />
else<br />
logger=":"<br />
fi<br />
<br />
wait_for_process() {<br />
PNAME=$1<br />
while [ -z "$(/usr/bin/pgrep $PNAME)" ]; do<br />
sleep 3;<br />
done<br />
}<br />
<br />
#launch the browser, but on boot we need to wait that nm-applet starts<br />
start_browser() {<br />
local user="$1"<br />
local display="$2"<br />
<br />
export DISPLAY="$display"<br />
wait_for_process nm-applet<br />
<br />
export XAUTHORITY="/home/$user/.Xauthority"<br />
<br />
$logger "Running browser as '$user' with display '$display' to login in captive portal"<br />
sudo -u "$user" --preserve-env=DISPLAY,XAUTHORITY -H xdg-open http://capnet.elementary.io 2>&1 > /dev/null<br />
}<br />
<br />
# Run the right scripts<br />
case "$2" in<br />
connectivity-change)<br />
$logger -p user.debug "dispatcher script triggered on connectivity change: $CONNECTIVITY_STATE"<br />
if [ "$CONNECTIVITY_STATE" = "PORTAL" ]; then<br />
# Match last column of who's output with ' :[at least one digit] '<br />
who | awk '$NF ~ /\(:[0-9]+\)/ { print $1 " " substr($NF, 2, length($NF)-2) };' | \<br />
while read user display; do<br />
start_browser $user $display || $logger -p user.err "Failed for user: '$user' display: '$display'"<br />
done<br />
fi<br />
;;<br />
*)<br />
# In a down phase<br />
exit 0<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
You will need to [[restart]] {{ic|NetworkManager.service}} or reboot for this to start working. Once you do, the dispatcher script should open a login window once it detects you are behind a captive portal.<br />
<br />
Another solution is {{AUR|captive-browser-git}} based on Google Chrome.<br />
<br />
=== DHCP client ===<br />
<br />
By default NetworkManager uses its internal DHCP client. The internal DHCPv4 plugin is based on the [https://nettools.github.io/n-dhcp4/ nettools' n-dhcp4] library, while the internal DHCPv6 plugin is made from code based on systemd-networkd.<br />
<br />
To use a different DHCP client [[install]] one of the alternatives:<br />
<br />
* {{Pkg|dhclient}} - ISC’s DHCP client.<br />
* {{Pkg|dhcpcd}} - [[dhcpcd]]. <br />
<br />
{{Note|<br />
* NetworkManger does not support using dhcpcd for IPv6. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/5 NetworkManager issue #5]. If dhcpcd is set as the DHCP client, NetworkManager will use the internal DHCP client for DHCPv6.<br />
* Do not enable the systemd units shipped with the {{Pkg|dhclient}} and {{Pkg|dhcpcd}} packages. They will conflict with NetworkManager, see the note in [[#Installation]] for details.<br />
}}<br />
<br />
To change the DHCP client backend, set the option {{ic|1=main.dhcp=''dhcp_client_name''}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}. E.g.:<br />
<br />
{{hc|1=/etc/NetworkManager/conf.d/dhcp-client.conf|2=<br />
[main]<br />
dhcp=dhclient<br />
}}<br />
<br />
=== DNS management ===<br />
<br />
NetworkManager's DNS management is described in the GNOME project's wiki page—[https://wiki.gnome.org/Projects/NetworkManager/DNS Projects/NetworkManager/DNS].<br />
<br />
==== DNS caching and conditional forwarding ====<br />
<br />
NetworkManager has a plugin to enable DNS caching and conditional forwarding ([https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/143 previously] called "split DNS" in NetworkManager's documentation) using [[dnsmasq]] or [[systemd-resolved]]. The advantages of this setup is that DNS lookups will be cached, shortening resolve times, and DNS lookups of VPN hosts will be routed to the relevant VPN's DNS servers. This is especially useful if you are connected to more than one VPN.<br />
<br />
===== dnsmasq =====<br />
<br />
Make sure {{Pkg|dnsmasq}} has been installed. Then set {{ic|1=main.dns=dnsmasq}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=dnsmasq<br />
}}<br />
<br />
Now run {{ic|nmcli general reload}} as root. NetworkManager will automatically start dnsmasq and add {{ic|127.0.0.1}} to {{ic|/etc/resolv.conf}}. The original DNS servers can be found in {{ic|/run/NetworkManager/no-stub-resolv.conf}}. You can verify dnsmasq is being used by doing the same DNS lookup twice with {{ic|drill example.com}} and verifying the server and query times.<br />
<br />
{{Note|<br />
* You do not need to start {{ic|dnsmasq.service}} or edit {{ic|/etc/dnsmasq.conf}}. NetworkManager will start dnsmasq without using the systemd service and without reading the dnsmasq's default configuration file(s).<br />
* The dnsmasq instance started by NetworkManager will bind to {{ic|127.0.0.1:53}}, you cannot run any other software (including {{ic|dnsmasq.service}}) on the same address and port.<br />
}}<br />
<br />
====== Custom dnsmasq configuration ======<br />
<br />
Custom configurations can be created for ''dnsmasq'' by creating configuration files in {{ic|/etc/NetworkManager/dnsmasq.d/}}. For example, to change the size of the DNS cache (which is stored in RAM):<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/cache.conf|2=<br />
cache-size=1000<br />
}}<br />
<br />
{{Tip|Check the configuration file syntax with {{ic|1=dnsmasq --test --conf-file=/dev/null --conf-dir=/etc/NetworkManager/dnsmasq.d}}.}}<br />
<br />
See {{man|8|dnsmasq}} for all available options.<br />
<br />
====== IPv6 ======<br />
<br />
{{Accuracy|This does not solve the issue because NetworkManager does not add {{ic|::1}} to {{ic|/etc/resolv.conf}}. Unless {{ic|@::1}} is manually passed to drill, it will still fail with {{ic|Error: error sending query: No (valid) nameservers defined in the resolver}}.}}<br />
<br />
Enabling {{ic|dnsmasq}} in NetworkManager may break IPv6-only DNS lookups (i.e. {{ic|drill -6 [hostname]}}) which would otherwise work. In order to resolve this, creating the following file will configure ''dnsmasq'' to also listen to the IPv6 loopback:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/ipv6-listen.conf|2=<br />
listen-address=::1<br />
}}<br />
<br />
In addition, {{ic|dnsmasq}} also does not prioritize upstream IPv6 DNS. Unfortunately NetworkManager does not do this ([https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/936712 Ubuntu Bug]). A workaround would be to disable IPv4 DNS in the NetworkManager config, assuming one exists<br />
<br />
====== DNSSEC ======<br />
<br />
The dnsmasq instance started by NetworkManager by default will not validate [[DNSSEC]] since it is started with the {{ic|--proxy-dnssec}} option. It will trust whatever DNSSEC information it gets from the upstream DNS server.<br />
<br />
For dnsmasq to properly validate DNSSEC, thus breaking DNS resolution with name servers that do not support it, create the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/dnssec.conf|2=<br />
conf-file=/usr/share/dnsmasq/trust-anchors.conf<br />
dnssec<br />
}}<br />
<br />
===== systemd-resolved =====<br />
<br />
{{Expansion|NetworkManager 1.16 adds a new setting {{ic|main.systemd-resolved}}[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383] (enabled by default). It unconditionally sends DNS configuration to systemd-resolved. Related to "Preserving resolv.conf" from [[systemd-resolved#DNS]]?}}<br />
<br />
NetworkManager can use [[systemd-resolved]] as a DNS resolver and cache. Make sure that ''systemd-resolved'' is properly configured and that {{ic|systemd-resolved.service}} is [[started]] before using it.<br />
<br />
systemd-resolved will be used automatically if {{ic|/etc/resolv.conf}} is a [[Systemd-resolved#DNS|symlink]] to {{ic|/run/systemd/resolve/stub-resolv.conf}}, {{ic|/run/systemd/resolve/resolv.conf}} or {{ic|/usr/lib/systemd/resolv.conf}}.<br />
<br />
You can enable it explicitly by setting {{ic|1=main.dns=systemd-resolved}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=systemd-resolved<br />
}}<br />
<br />
===== DNS resolver with an openresolv subscriber =====<br />
<br />
If [[openresolv]] has a subscriber for your local [[DNS resolver]], set up the subscriber and [[#Use openresolv|configure NetworkManager to use openresolv]].<br />
<br />
Because NetworkManager advertises a single "interface" to ''resolvconf'', it is not possible to implement conditional forwarding between to NetworkManager connections. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 NetworkManager issue 153].<br />
<br />
This can be partially mitigated if you set {{ic|1=private="*"}} in {{ic|/etc/resolvconf.conf}}[https://roy.marples.name/projects/openresolv/configuration.html]. Any queries for domains that are not in search domain list will not get forwarded. They will be handled according to the local resolver's configuration, for example, forwarded to another DNS server or resolved recursively from the DNS root.<br />
<br />
==== Custom DNS servers ====<br />
<br />
===== Setting custom global DNS servers =====<br />
<br />
To set DNS servers for all connections, specify them in {{man|5|NetworkManager.conf}} using the syntax {{ic|1=servers=''serveripaddress1'',''serveripaddress2'',''serveripaddress3''}} in a section named {{ic|[global-dns-domain-*]}}. For example:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns-servers.conf|2=<br />
[global-dns-domain-*]<br />
servers=::1,127.0.0.1<br />
}}<br />
<br />
{{Note|<br />
* If you use [[#DNS caching and conditional forwarding|NetworkManager's dnsmasq or systemd-resolved plugin]] or [[#DNS resolver with an openresolv subscriber|openresolv subscribers]], then do not specify loopback addresses with the {{ic|1=servers=}} option, it can break DNS resolution.<br />
* The specified servers do not get sent to [[systemd-resolved]], the connection's DNS servers are used instead.<br />
}}<br />
<br />
===== Setting custom DNS servers in a connection =====<br />
<br />
====== Setting custom DNS servers in a connection (GUI) ======<br />
<br />
Setup will depend on the type of front-end used; the process usually involves right-clicking on the applet, editing (or creating) a profile, and then choosing DHCP type as ''Automatic (specify addresses)''. The DNS addresses will need to be entered and are usually in this form: {{ic|127.0.0.1, ''DNS-server-one'', ...}}.<br />
<br />
====== Setting custom DNS servers in a connection (nmcli / connection file) ======<br />
<br />
To setup DNS Servers per connection, you can use the {{ic|dns}} field (and the associated {{ic|dns-search}} and {{ic|dns-options}}) in the [[#Edit a connection|connection settings]]. <br />
<br />
If {{ic|method}} is set to {{ic|auto}} (when you use DHCP), you need to set {{ic|ignore-auto-dns}} to {{ic|yes}}.<br />
<br />
==== /etc/resolv.conf ====<br />
<br />
By default {{ic|/etc/resolv.conf}} is managed by ''NetworkManager'' unless it is a symlink.<br />
<br />
It can be configured to write it through [[#Use openresolv|openresolv]] or to [[#Unmanaged /etc/resolv.conf|not touch it at all]].<br />
<br />
Using openresolv allows NetworkManager to coexists with other ''resolvconf'' supporting software or, for example, to run a local DNS caching and split-DNS resolver for which openresolv has a [[openresolv#Subscribers|subscriber]].<br />
<br />
{{Note|Conditional forwarding is [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 not yet fully supported] when using NetworkManager with openresolv.}}<br />
<br />
''NetworkManager'' also offers hooks via so called dispatcher scripts that can be used to alter the {{ic|/etc/resolv.conf}} after network changes. See [[#Network services with NetworkManager dispatcher]] and {{man|8|NetworkManager}} for more information.<br />
<br />
{{Note|<br />
* If NetworkManager is configured to use either [[#dnsmasq|dnsmasq]] or [[#systemd-resolved|systemd-resolved]], then the appropriate loopback addresses will be written to {{ic|/etc/resolv.conf}}.<br />
* The {{ic|resolv.conf}} file NetworkManager writes or would write to {{ic|/etc/resolv.conf}} can be found at {{ic|/run/NetworkManager/resolv.conf}}.<br />
* A {{ic|resolv.conf}} file with the acquired name servers and search domains can be found at {{ic|/run/NetworkManager/no-stub-resolv.conf}}.<br />
}}<br />
<br />
===== Unmanaged /etc/resolv.conf =====<br />
<br />
To stop NetworkManager from touching {{ic|/etc/resolv.conf}}, set {{ic|1=main.dns=none}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=none<br />
}}<br />
<br />
{{Tip|You might also want to set {{ic|1=main.systemd-resolved=false}}, so that NetworkManager does not send the DNS configuration to [[systemd-resolved]].}}<br />
<br />
{{Note|See [[#DNS caching and conditional forwarding]], to configure NetworkManager using other DNS backends like [[dnsmasq]] and [[systemd-resolved]], instead of using {{ic|1=main.dns=none}}.}}<br />
<br />
After that {{ic|/etc/resolv.conf}} might be a broken symlink that you will need to remove. Then, just create a new {{ic|/etc/resolv.conf}} file.<br />
<br />
===== Use openresolv =====<br />
<br />
{{Note|Do not set {{ic|1=rc-manager=resolvconf}} when {{Pkg|systemd-resolvconf}} is installed. ''systemd-resolved'' provides limited support for the ''resolvconf'' interface and NetworkManager supports communicating with systemd-resolved through D-Bus without using ''resolvconf''.}}<br />
<br />
To configure NetworkManager to use [[openresolv]], set {{ic|1=main.rc-manager=resolvconf}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/rc-manager.conf|2=<br />
[main]<br />
rc-manager=resolvconf<br />
}}<br />
<br />
=== Firewall ===<br />
<br />
You can assign a [[firewalld]] zone based on your current connection. For example a restrictive firewall when at work, and a less restrictive one when at home.<br />
<br />
This can also be done with [[#Network services with NetworkManager dispatcher|NetworkManager dispatcher]].<br />
<br />
== Network services with NetworkManager dispatcher ==<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. NetworkManager has the ability to start services when you connect to a network and stop them when you disconnect (e.g. when using [[NFS]], [[SMB]] and [[NTPd]]).<br />
<br />
To activate the feature you need to [[enable]] and [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the service is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory.<br />
<br />
Scripts must be owned by '''root''', otherwise the dispatcher will not execute them. For added security, set group [[ownership]] to root as well:<br />
<br />
# chown root:root /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
Make sure the file has correct permissions:<br />
<br />
# chmod 755 /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10-portmap}} or {{ic|30-netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
Scripts will receive the following arguments:<br />
<br />
* '''Interface name:''' e.g. {{ic|eth0}}<br />
* '''Interface status:''' ''up'' or ''down''<br />
* '''VPN status:''' ''vpn-up'' or ''vpn-down''<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network.}}<br />
<br />
=== Avoiding the dispatcher timeout ===<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service.d/remain_after_exit.conf|2=<br />
[Service]<br />
RemainAfterExit=yes<br />
}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
=== Dispatcher examples ===<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli connection status}} or {{ic|nmcli connection list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
export SSH_AUTH_SOCK<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Mounting of SMB shares ====<br />
<br />
Some [[SMB]] shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount SMB shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-mount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
# Find the connection UUID with "nmcli connection show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
if [ "$2" = "up" ]; then<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
The following script will unmount all SMB shares before a software initiated disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/30-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|Make sure this script is located in the {{ic|pre-down.d}} sub-directory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
<br />
The following script will attempt to unmount all SMB shares following an unexpected disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/40-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
if [ "$2" = "down" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* Since NetworkManager 0.9.8, the ''pre-down'' and ''down'' events are not executed on shutdown or restart, see [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.<br />
* The previous ''umount'' scripts are still prone to leaving applications actually accessing the mount to 'hang'.<br />
}}<br />
<br />
An alternative is to use the script as seen in [[NFS#Using a NetworkManager dispatcher]]:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-smb.sh|<nowiki><br />
#!/bin/bash<br />
<br />
# Find the connection UUID with "nmcli con show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
WANTED_CON_UUID="CHANGE-ME-NOW-9c7eff15-010a-4b1c-a786-9b4efa218ba9"<br />
<br />
if [[ "$CONNECTION_UUID" == "$WANTED_CON_UUID" ]]; then<br />
<br />
# Script parameter $1: NetworkManager connection name, not used<br />
# Script parameter $2: dispatched event<br />
<br />
case "$2" in<br />
"up")<br />
mount -a -t cifs<br />
;;<br />
"pre-down");&<br />
"vpn-pre-down")<br />
umount -l -a -t cifs >/dev/null<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|This script ignores mounts with the {{ic|noauto}} option, remove this mount option or use {{ic|auto}} to allow the dispatcher to manage these mounts.}}<br />
<br />
Create a symlink inside {{ic|/etc/NetworkManager/dispatcher.d/pre-down/}} to catch the {{ic|pre-down}} events:<br />
<br />
# ln -s ../30-smb.sh /etc/NetworkManager/dispatcher.d/pre-down.d/30-smb.sh<br />
<br />
==== Mounting of NFS shares ====<br />
<br />
See [[NFS#Using a NetworkManager dispatcher]].<br />
<br />
==== Use dispatcher to automatically toggle wireless depending on LAN cable being plugged in ====<br />
<br />
The idea is to only turn Wi-Fi on when the LAN cable is unplugged (for example when detaching from a laptop dock), and for Wi-Fi to be automatically disabled, once a LAN cable is plugged in again. <br />
<br />
Create the following dispatcher script[https://superuser.com/questions/233448/disable-wlan-if-wired-cable-network-is-available], replacing {{ic|1=LAN_interface}} with yours.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/wlan_auto_toggle.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$1" = "LAN_interface" ]; then<br />
case "$2" in<br />
up)<br />
nmcli radio wifi off<br />
;;<br />
down)<br />
nmcli radio wifi on<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|You can get a list of interfaces using [[#nmcli examples|nmcli]]. The ethernet (LAN) interfaces start with {{ic|en}}, e.g. {{ic|1=enp0s5}}}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
{{Note|This script will require {{Pkg|wireless_tools}} in order to use {{ic|iwgetid}}.}}<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
Trying to connect with the above script may still fail with {{ic|NetworkManager-dispatcher.service}} complaining about 'no valid VPN secrets', because of [https://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored]. Fortunately, there are different options to give the above script access to your VPN password.<br />
<br />
1: One of them requires editing the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
If that alone does not work, you may have to create a {{ic|passwd-file}} in a safe location with the same permissions and ownership as the dispatcher script, containing the following:<br />
<br />
{{hc|/path/to/passwd-file|<br />
vpn.secrets.password:YOUR_PASSWORD<br />
}}<br />
<br />
The script must be changed accordingly, so that it gets the password from the file:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME" passwd-file /path/to/passwd-file<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
2: Alternatively, change the {{ic|password-flags}} and put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to disable IPv6 on VPN provider connections ====<br />
<br />
Many [[:Category:VPN providers|commercial VPN providers]] support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, dispatcher can be used to disable all IPv6 traffic for the time a VPN connection is up.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/10-vpn-ipv6|<nowiki><br />
#!/bin/sh<br />
<br />
case "$2" in<br />
vpn-up)<br />
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
vpn-down)<br />
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== OpenNTPD ====<br />
<br />
See [[OpenNTPD#Using NetworkManager dispatcher]].<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -r '^psk=' /etc/NetworkManager/system-connections/<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
It is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
==== Using GNOME Keyring ====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password only for this user}}.<br />
<br />
==== Using KDE Wallet ====<br />
<br />
Using KDE's {{Pkg|plasma-nm}}, click the applet, click on the top right {{ic|Settings}} icon, click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again.<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks. Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
You will need a Wi-Fi card which supports AP mode, see [[Software access point#Wi-Fi device must support AP mode]] for details.<br />
<br />
[[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
<br />
Create the shared connection:<br />
<br />
* Click on applet and choose ''Create new wireless network''.<br />
* Follow wizard (chose WPA2 or higher, be sure to use at least 8 character long password, lower lengths will fail).<br />
** Choose either [[Fedora:Features/RealHotspot|Hotspot]] or Ad-hoc as Wi-Fi mode.<br />
<br />
The connection will be saved and remain stored for the next time you need it.<br />
<br />
{{Note|Android does not support connecting to Ad-hoc networks. To share a connection with Android use infrastructure mode (i.e. set Wi-Fi mode to "Hotspot").}}<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
<br />
{{Style|{{Pkg|nm-connection-editor}} is not a dependency of {{Pkg|networkmanager}} and needs to be installed separately.}}<br />
<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
{{Out of date|''nm-tool'' was remove from NetworkManager for long time now[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/bb8c75bd536d4f8fb80a4366025a279078f0ec81]. ''nmcli'' should be used instead.}}<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
{{Remove|Out of scope of this article.}}<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it is not, and NetworkManager is not connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Merge|GNOME/Keyring|Out of scope of the NetworkManager article.}}<br />
<br />
{{Out of date|The following method is dated and known not to work on at least one machine.}}<br />
<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
{{Remove|A note in [[SLiM#Gnome Keyring]] says that staring with slim 1.3.5-1 no configuration is required.}}<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
=== OpenConnect with password in KWallet ===<br />
<br />
While you may type both values at connection time, {{Pkg|plasma-nm}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from [[KWallet]].<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them. You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/conf.d/unmanaged.conf}}:<br />
<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
<br />
After editing the file, run {{ic|nmcli general reload}} as root. Afterwards you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Configuring MAC address randomization ===<br />
<br />
{{Note|1=Disabling MAC address randomization may be needed to get (stable) link connection [https://bbs.archlinux.org/viewtopic.php?id=220101] and/or networks that restrict devices based on their MAC Address or have a limit network capacity.}}<br />
<br />
MAC randomization can be used for increased privacy by not disclosing your real MAC address to the network.<br />
<br />
NetworkManager supports two types MAC Address Randomization: randomization during scanning, and for network connections. Both modes can be configured by modifying {{ic|/etc/NetworkManager/NetworkManager.conf}} or by creating a separate configuration file in {{ic|/etc/NetworkManager/conf.d/}} which is recommended since the aforementioned config file may be overwritten by NetworkManager.<br />
<br />
Randomization during Wi-Fi scanning is enabled by default, but it may be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}} or a dedicated configuration file under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
}}<br />
<br />
MAC randomization for network connections can be set to different modes for both wireless and ethernet interfaces. See the [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details on the different modes. <br />
<br />
In terms of MAC randomization the most important modes are {{ic|stable}} and {{ic|random}}. {{ic|stable}} generates a random MAC address when you connect to a new network and associates the two permanently. This means that you will use the same MAC address every time you connect to that network. In contrast, {{ic|random}} will generate a new MAC address every time you connect to a network, new or previously known. You can configure the MAC randomization by adding the desired configuration under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device-mac-randomization]<br />
# "yes" is already the default for scanning<br />
wifi.scan-rand-mac-address=yes<br />
<br />
[connection-mac-randomization]<br />
# Randomize MAC for every ethernet connection<br />
ethernet.cloned-mac-address=random<br />
# Generate a random MAC for each WiFi and associate the two permanently.<br />
wifi.cloned-mac-address=stable<br />
}}<br />
<br />
See the following [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details.<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]].<br />
<br />
=== Working with wired connections ===<br />
<br />
By default, NetworkManager generates a connection profile for each wired ethernet connection it finds. At the point when generating the connection, it does not know whether there will be more ethernet adapters available. Hence, it calls the first wired connection "Wired connection 1". You can avoid generating this connection, by configuring {{ic|no-auto-default}} (see {{man|5|NetworkManager.conf}}), or by simply deleting it. Then NetworkManager will remember not to generate a connection for this interface again.<br />
<br />
You can also edit the connection (and persist it to disk) or delete it. NetworkManager will not re-generate a new connection. Then you can change the name to whatever you want. You can use something like nm-connection-editor for this task.<br />
<br />
=== Using iwd as the Wi-Fi backend ===<br />
<br />
Install {{AUR|networkmanager-iwd}} or enable the experimental [[iwd]] backend creating the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_backend.conf|2=<br />
[device]<br />
wifi.backend=iwd<br />
}}<br />
<br />
=== Running in a network namespace ===<br />
<br />
If you would like to run NetworkManager inside a network namespace (eg to only manage a specific device), bring the device down before moving it to the namespace:<br />
<br />
$ ip link set dev $MY_DEVICE down<br />
$ ip link set dev $MY_DEVICE netns $MY_NAMESPACE<br />
$ ip netns exec $MY_NAMESPACE NetworkManager<br />
.<br />
.<br />
.<br />
$ ip netns exec $MY_NAMESPACE killall NetworkManager<br />
<br />
otherwise NetworkManager will later fail to establish the connection with a {{ic|device is strictly unmanaged}} error.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider using another DHCP client, see [[#DHCP client]] for instructions. This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:''aa:bb:cc:dd:ee:ff'';<br />
}<br />
<br />
Where {{ic|''aa:bb:cc:dd:ee:ff''}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#NetworkManager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. To check if the driver notifies ''rfkill'' about the wireless adapter's status, use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the GNOME keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
=== Unable to turn on wi-fi with Lenovo laptop (IdeaPad, Legion, etc.) ===<br />
<br />
There is an issue with the {{ic|ideapad_laptop}} module on some Lenovo models due to the wi-fi driver incorrectly reporting a soft block. The card can still be manipulated with {{ic|netctl}}, but managers like NetworkManager break. You can verify that this is the problem by checking the output of {{ic|rfkill list}} after toggling your hardware switch and seeing that the soft block persists.<br />
<br />
{{Accuracy|Try to use {{ic|rfkill.default_state}} and {{ic|rfkill.master_switch_mode}} (see [https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/kernel-parameters.txt kernel-parameters.txt]) to fix the rfkill problem.}}<br />
<br />
[[modprobe|Unloading]] the {{ic|ideapad_laptop}} module should fix this. ('''warning''': this may disable the laptop keyboard and touchpad also!).<br />
<br />
=== Turn off hostname sending ===<br />
<br />
NetworkManager by default sends the hostname to the DHCP server. Hostname sending can only be disabled per connection not globally ([https://bugzilla.gnome.org/show_bug.cgi?id=768076 GNOME Bug 768076]).<br />
<br />
To disable sending your hostname to the DHCP server for a specific connection, add the following to your network connection file:<br />
<br />
{{hc|/etc/NetworkManager/system-connections/''your_connection_file''|2=<br />
...<br />
[ipv4]<br />
dhcp-send-hostname=false<br />
...<br />
[ipv6]<br />
dhcp-send-hostname=false<br />
...<br />
}}<br />
<br />
=== nm-applet disappears in i3wm ===<br />
<br />
If you use the {{ic|xfce4-notifyd.service}} for notifications you must [[edit]] the unit and add the following:<br />
<br />
{{hc|/etc/systemd/user/xfce4-notifyd.service.d/display_env.conf|2=<br />
[Service]<br />
Environment="DISPLAY=:0.0"<br />
}}<br />
<br />
After reloading the daemons [[restart]] {{ic|xfce4-notifyd.service}}. Exit i3 and start it back up again and the applet should show on the tray.<br />
<br />
=== nm-applet tray icons display wrongly ===<br />
<br />
Currently the tray icons of nm-applet are drawn on top of one another, i.e. the icon displaying wireless strength might show on top of the icon indicating no wired connection.<br />
This is apparently a GTK3 bug/problem: https://gitlab.gnome.org/GNOME/gtk/issues/1280 .<br />
<br />
A patched version of GTK3 exists in AUR, which apparently fixes the tray icon bug: {{AUR|gtk3-mushrooms}} .<br />
<br />
=== Unit dbus-org.freedesktop.resolve1.service not found ===<br />
<br />
If {{ic|systemd-resolved.service}} is not started, NetworkManager will try to start it using D-Bus and fail:<br />
<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
dbus-daemon[991]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.resolve1.service': Unit dbus-org.freedesktop.resolve1.service not found.<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
<br />
This is because NetworkManager will try to send DNS information to [[systemd-resolved]] regardless of the {{ic|1=main.dns=}} setting in {{man|5|NetworkManager.conf}}.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383]<br />
<br />
This can be disabled with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/no-systemd-resolved.conf|2=<br />
[main]<br />
systemd-resolved=false<br />
}}<br />
<br />
See {{Bug|62138}}.<br />
<br />
== See also ==<br />
<br />
* [https://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]<br />
* [[Wikipedia:NetworkManager]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=NetworkManager&diff=599351NetworkManager2020-02-27T13:17:12Z<p>DarioP: /* Running in a network namespace */ formatting</p>
<hr />
<div>[[Category:Network managers]]<br />
[[Category:Red Hat]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[zh-hans:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related articles end}}<br />
[https://wiki.gnome.org/Projects/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text, see [[#Encrypted Wi-Fi passwords]].}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}, which contains a daemon, a command line interface ({{ic|nmcli}}) and a curses‐based interface ({{ic|nmtui}}). After installation, you should [[#Enable NetworkManager|enable the daemon]].<br />
<br />
Additional interfaces:<br />
<br />
* {{Pkg|nm-connection-editor}} for a graphical user interface,<br />
* {{Pkg|network-manager-applet}} for a system tray applet ({{ic|nm-applet}}).<br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== Mobile broadband support ===<br />
<br />
[[Install]] {{Pkg|modemmanager}}, {{Pkg|mobile-broadband-provider-info}} and {{Pkg|usb_modeswitch}} packages for mobile broadband connection support. See [[USB 3G Modem#NetworkManager]] for details.<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{Pkg|rp-pppoe}} package for PPPoE / DSL connection support. To actually add PPPoE connection, use {{ic|1=nm-connection-editor}} and add new DSL/PPPoE connection.<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager since version 1.16 has native support for [[WireGuard]], all it needs is the {{ic|wireguard}} kernel module. Read the [https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/ WireGuard in NetworkManager blog post] for details.<br />
<br />
Support for other VPN types is based on a plug-in system. They are provided in the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}} for [[OpenConnect]]<br />
* [[networkmanager-openvpn]] for [[OpenVPN]]<br />
* {{Pkg|networkmanager-pptp}} for [[PPTP Client]]<br />
* {{Pkg|networkmanager-vpnc}} for [[Vpnc]]<br />
* {{Pkg|networkmanager-strongswan}} for [[strongSwan]]<br />
* {{AUR|networkmanager-fortisslvpn-git}}<br />
* {{AUR|networkmanager-iodine-git}}<br />
* {{AUR|networkmanager-libreswan}}<br />
* {{AUR|networkmanager-l2tp}}<br />
* {{AUR|networkmanager-ssh-git}}<br />
* {{Pkg|network-manager-sstp}}<br />
<br />
{{Warning|1=There are a lot of [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues?search=VPN&state=opened bugs] (and [https://bugzilla.gnome.org/buglist.cgi?bug_status=__open__&content=VPN&product=NetworkManager old bugs]) related to VPN support. Check the daemon processes options set via the GUI correctly and double-check with each package release.}}<br />
<br />
{{Note|To have fully functioning DNS resolution when using VPN, you should set up [[#DNS caching and conditional forwarding|conditional forwarding]].}}<br />
<br />
== Usage ==<br />
<br />
NetworkManager comes with {{man|1|nmcli}} and {{man|1|nmtui}}.<br />
<br />
=== nmcli examples ===<br />
<br />
List nearby wifi networks:<br />
<br />
$ nmcli device wifi list<br />
<br />
Connect to a wifi network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password''<br />
<br />
Connect to a hidden network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' hidden yes<br />
<br />
Connect to a wifi on the {{ic|wlan1}} wifi interface:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' ifname wlan1 ''profile_name''<br />
<br />
Disconnect an interface:<br />
<br />
$ nmcli device disconnect ifname eth0<br />
<br />
Reconnect an interface marked as disconnected:<br />
<br />
$ nmcli connection up uuid ''UUID''<br />
<br />
Get a list of UUIDs:<br />
<br />
$ nmcli connection show<br />
<br />
See a list of network devices and their state:<br />
<br />
$ nmcli device<br />
<br />
Turn off wifi:<br />
<br />
$ nmcli radio wifi off<br />
<br />
=== Edit a connection ===<br />
<br />
For a comprehensive list of settings, see {{man|5|nm-settings}}.<br />
<br />
Firstly you need to get list of connections:<br />
<br />
{{hc|$ nmcli connection|<nowiki><br />
NAME UUID TYPE DEVICE<br />
Wired connection 2 e7054040-a421-3bef-965d-bb7d60b7cecf ethernet enp5s0<br />
Wired connection 1 997f2782-f0fc-301d-bfba-15421a2735d8 ethernet enp0s25<br />
MY-HOME-WIFI-5G 92a0f7b3-2eba-49ab-a899-24d83978f308 wifi --<br />
</nowiki>}}<br />
<br />
Here you can use the first column as connection-id used later. In this example we pick {{ic|Wired connection 2}} as a connection-id.<br />
<br />
You have three methods to configure a connection {{ic|Wired connection 2}} after it has been created:<br />
<br />
; nmcli interactive editor<br />
: {{ic|nmcli connection edit 'Wired connection 2'}}.<br> Usage is well documented from the editor.<br />
<br />
; nmcli command line interface<br />
: {{ic|nmcli connection modify 'Wired connection 2' ''setting''.''property'' ''value''}}. See {{man|1|nmcli}} for usage. For example you can change its IPv4 route metric to 200 using {{ic|nmcli connection modify 'Wired connection 2' ipv4.route-metric 200}} command.<br />
<br />
; Connection file<br />
: In {{ic|/etc/NetworkManager/system-connections/}}, modify the corresponding {{ic|Wired connection 2.nmconnection}} file .<br> Do not forget to reload the configuration file with {{ic|nmcli connection reload}}.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various desktop environments have their own applet. Otherwise you can use [[#nm-applet]].<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]] has a built-in tool, accessible from the Network settings.<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} package. After that, add it to the KDE taskbar via the ''Panel options > Add widgets > Networks'' menu.<br />
<br />
=== nm-applet ===<br />
<br />
{{Pkg|network-manager-applet}} is a GTK 3 front-end which works under Xorg environments with a systray.<br />
<br />
To store connection secrets install and configure [[GNOME/Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
The applet can show notifications for events such as connecting to or disconnecting from a WiFi network. For these notifications to display, ensure that you have a notification server installed - see [[Desktop notifications]]. If you use the applet without a notification server, you might see some messages in stdout/stderr, and the app might hang. See [https://bugzilla.gnome.org/show_bug.cgi?id=788313].<br />
<br />
In order to run {{ic|nm-applet}} with such notifications disabled, start the applet with the following command:<br />
<br />
$ nm-applet --no-agent<br />
<br />
{{Tip|{{ic|nm-applet}} might be started automatically with a [[XDG Autostart|autostart desktop file]], to add the --no-agent option modify the Exec line there, i.e.<br />
<br />
{{bc|1=Exec=nm-applet --no-agent}}<br />
<br />
}}<br />
<br />
{{Warning|On [[i3]], if nm-applet is started with the {{ic|--no-agent}} option, it is not possible to connect to a new encrypted WiFi network by clicking on the item list because no password input dialogue window will pop out. [[journal]] will show {{ic|no secrets: No agents were available for this request}}.}}<br />
<br />
==== Appindicator ====<br />
<br />
Appindicator support is available in ''nm-applet'' however it is not compiled into the official package, see {{Bug|51740}}. To use nm-applet in an Appindicator environment, replace {{Pkg|network-manager-applet}} with {{AUR|network-manager-applet-indicator}} and then start the applet with the following command:<br />
<br />
$ nm-applet --indicator<br />
<br />
=== networkmanager-dmenu ===<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with [[dmenu]] or [[rofi]] instead of {{ic|nm-applet}}. It provides all essential features such as connection to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI, connect to Bluetooth networks.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] with the {{ic|NetworkManager.service}} [[systemd]] unit. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Addition configuration files can be placed in {{ic|/etc/NetworkManager/conf.d/}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
After editing a configuration file, the changes can be applied by running:<br />
<br />
# nmcli general reload<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
{{Out of date|{{ic|NetworkManager.service}} has {{ic|1=Also=NetworkManager-wait-online.service}} in the {{ic|[Install]}} section.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/167e42a87e97ed7fb26a4263c22f1774716ac51b] If {{ic|NetworkManager.service}} was [[enable]]d before the change, it needs to be [[enable|reenabled]].}}<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using [[GNOME]] or [[KDE]], you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] which handles proxy settings using NetworkManager's information. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (see [[GNOME#Autostart]]).<br />
<br />
xhost +si:localuser:''username''<br />
<br />
See also [[Proxy settings]].<br />
<br />
=== Checking connectivity ===<br />
<br />
NetworkManager can try to reach a page on Internet when connecting to a network. {{Pkg|networkmanager}} is configured by default in {{ic|/usr/lib/NetworkManager/conf.d/20-connectivity.conf}} to check connectivity to archlinux.org. To use a different webserver or disable connectivity checking create {{ic|/etc/NetworkManager/conf.d/20-connectivity.conf}}, see {{man|5|NetworkManager.conf|CONNECTIVITY SECTION}}. Below is an example of using GNOME servers (it does not require the use of [[GNOME]]):<br />
<br />
{{hc|/etc/NetworkManager/conf.d/20-connectivity.conf|<nowiki><br />
[connectivity]<br />
uri=http://nmcheck.gnome.org/check_network_status.txt<br />
</nowiki>}}<br />
<br />
=== Captive portals ===<br />
<br />
{{Style|Complex scripts should not be maintained on the wiki.}}<br />
<br />
For those behind a [[Wikipedia:Captive portal|captive portal]], the desktop manager may automatically open a window asking for credentials. If your desktop does not, you can use {{Pkg|capnet-assist}} package (however, it currently it has a broken NetworkManager dispatcher script). Alternatively, you can create a NetworkManager dispatcher script with the following content:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/90-open_captive_portal|<nowiki><br />
#!/bin/sh -e<br />
# Script to dispatch NetworkManager events<br />
#<br />
# Runs shows a login webpage on walled garden networks.<br />
# See NetworkManager(8) for further documentation of the dispatcher events.<br />
<br />
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin<br />
<br />
if [ -x "/usr/bin/logger" ]; then<br />
logger="/usr/bin/logger -s -t captive-portal"<br />
else<br />
logger=":"<br />
fi<br />
<br />
wait_for_process() {<br />
PNAME=$1<br />
while [ -z "$(/usr/bin/pgrep $PNAME)" ]; do<br />
sleep 3;<br />
done<br />
}<br />
<br />
#launch the browser, but on boot we need to wait that nm-applet starts<br />
start_browser() {<br />
local user="$1"<br />
local display="$2"<br />
<br />
export DISPLAY="$display"<br />
wait_for_process nm-applet<br />
<br />
export XAUTHORITY="/home/$user/.Xauthority"<br />
<br />
$logger "Running browser as '$user' with display '$display' to login in captive portal"<br />
sudo -u "$user" --preserve-env=DISPLAY,XAUTHORITY -H xdg-open http://capnet.elementary.io 2>&1 > /dev/null<br />
}<br />
<br />
# Run the right scripts<br />
case "$2" in<br />
connectivity-change)<br />
$logger -p user.debug "dispatcher script triggered on connectivity change: $CONNECTIVITY_STATE"<br />
if [ "$CONNECTIVITY_STATE" = "PORTAL" ]; then<br />
# Match last column of who's output with ' :[at least one digit] '<br />
who | awk '$NF ~ /\(:[0-9]+\)/ { print $1 " " substr($NF, 2, length($NF)-2) };' | \<br />
while read user display; do<br />
start_browser $user $display || $logger -p user.err "Failed for user: '$user' display: '$display'"<br />
done<br />
fi<br />
;;<br />
*)<br />
# In a down phase<br />
exit 0<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
You will need to [[restart]] {{ic|NetworkManager.service}} or reboot for this to start working. Once you do, the dispatcher script should open a login window once it detects you are behind a captive portal.<br />
<br />
Another solution is {{AUR|captive-browser-git}} based on Google Chrome.<br />
<br />
=== DHCP client ===<br />
<br />
By default NetworkManager uses its internal DHCP client. The internal DHCPv4 plugin is based on the [https://nettools.github.io/n-dhcp4/ nettools' n-dhcp4] library, while the internal DHCPv6 plugin is made from code based on systemd-networkd.<br />
<br />
To use a different DHCP client [[install]] one of the alternatives:<br />
<br />
* {{Pkg|dhclient}} - ISC’s DHCP client.<br />
* {{Pkg|dhcpcd}} - [[dhcpcd]]. <br />
<br />
{{Note|<br />
* NetworkManger does not support using dhcpcd for IPv6. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/5 NetworkManager issue #5]. If dhcpcd is set as the DHCP client, NetworkManager will use the internal DHCP client for DHCPv6.<br />
* Do not enable the systemd units shipped with the {{Pkg|dhclient}} and {{Pkg|dhcpcd}} packages. They will conflict with NetworkManager, see the note in [[#Installation]] for details.<br />
}}<br />
<br />
To change the DHCP client backend, set the option {{ic|1=main.dhcp=''dhcp_client_name''}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}. E.g.:<br />
<br />
{{hc|1=/etc/NetworkManager/conf.d/dhcp-client.conf|2=<br />
[main]<br />
dhcp=dhclient<br />
}}<br />
<br />
=== DNS management ===<br />
<br />
NetworkManager's DNS management is described in the GNOME project's wiki page—[https://wiki.gnome.org/Projects/NetworkManager/DNS Projects/NetworkManager/DNS].<br />
<br />
==== DNS caching and conditional forwarding ====<br />
<br />
NetworkManager has a plugin to enable DNS caching and conditional forwarding ([https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/143 previously] called "split DNS" in NetworkManager's documentation) using [[dnsmasq]] or [[systemd-resolved]]. The advantages of this setup is that DNS lookups will be cached, shortening resolve times, and DNS lookups of VPN hosts will be routed to the relevant VPN's DNS servers. This is especially useful if you are connected to more than one VPN.<br />
<br />
===== dnsmasq =====<br />
<br />
Make sure {{Pkg|dnsmasq}} has been installed. Then set {{ic|1=main.dns=dnsmasq}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=dnsmasq<br />
}}<br />
<br />
Now run {{ic|nmcli general reload}} as root. NetworkManager will automatically start dnsmasq and add {{ic|127.0.0.1}} to {{ic|/etc/resolv.conf}}. The original DNS servers can be found in {{ic|/run/NetworkManager/no-stub-resolv.conf}}. You can verify dnsmasq is being used by doing the same DNS lookup twice with {{ic|drill example.com}} and verifying the server and query times.<br />
<br />
{{Note|<br />
* You do not need to start {{ic|dnsmasq.service}} or edit {{ic|/etc/dnsmasq.conf}}. NetworkManager will start dnsmasq without using the systemd service and without reading the dnsmasq's default configuration file(s).<br />
* The dnsmasq instance started by NetworkManager will bind to {{ic|127.0.0.1:53}}, you cannot run any other software (including {{ic|dnsmasq.service}}) on the same address and port.<br />
}}<br />
<br />
====== Custom dnsmasq configuration ======<br />
<br />
Custom configurations can be created for ''dnsmasq'' by creating configuration files in {{ic|/etc/NetworkManager/dnsmasq.d/}}. For example, to change the size of the DNS cache (which is stored in RAM):<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/cache.conf|2=<br />
cache-size=1000<br />
}}<br />
<br />
{{Tip|Check the configuration file syntax with {{ic|1=dnsmasq --test --conf-file=/dev/null --conf-dir=/etc/NetworkManager/dnsmasq.d}}.}}<br />
<br />
See {{man|8|dnsmasq}} for all available options.<br />
<br />
====== IPv6 ======<br />
<br />
{{Accuracy|This does not solve the issue because NetworkManager does not add {{ic|::1}} to {{ic|/etc/resolv.conf}}. Unless {{ic|@::1}} is manually passed to drill, it will still fail with {{ic|Error: error sending query: No (valid) nameservers defined in the resolver}}.}}<br />
<br />
Enabling {{ic|dnsmasq}} in NetworkManager may break IPv6-only DNS lookups (i.e. {{ic|drill -6 [hostname]}}) which would otherwise work. In order to resolve this, creating the following file will configure ''dnsmasq'' to also listen to the IPv6 loopback:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/ipv6-listen.conf|2=<br />
listen-address=::1<br />
}}<br />
<br />
In addition, {{ic|dnsmasq}} also does not prioritize upstream IPv6 DNS. Unfortunately NetworkManager does not do this ([https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/936712 Ubuntu Bug]). A workaround would be to disable IPv4 DNS in the NetworkManager config, assuming one exists<br />
<br />
====== DNSSEC ======<br />
<br />
The dnsmasq instance started by NetworkManager by default will not validate [[DNSSEC]] since it is started with the {{ic|--proxy-dnssec}} option. It will trust whatever DNSSEC information it gets from the upstream DNS server.<br />
<br />
For dnsmasq to properly validate DNSSEC, thus breaking DNS resolution with name servers that do not support it, create the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/dnssec.conf|2=<br />
conf-file=/usr/share/dnsmasq/trust-anchors.conf<br />
dnssec<br />
}}<br />
<br />
===== systemd-resolved =====<br />
<br />
{{Expansion|NetworkManager 1.16 adds a new setting {{ic|main.systemd-resolved}}[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383] (enabled by default). It unconditionally sends DNS configuration to systemd-resolved. Related to "Preserving resolv.conf" from [[systemd-resolved#DNS]]?}}<br />
<br />
NetworkManager can use [[systemd-resolved]] as a DNS resolver and cache. Make sure that ''systemd-resolved'' is properly configured and that {{ic|systemd-resolved.service}} is [[started]] before using it.<br />
<br />
systemd-resolved will be used automatically if {{ic|/etc/resolv.conf}} is a [[Systemd-resolved#DNS|symlink]] to {{ic|/run/systemd/resolve/stub-resolv.conf}}, {{ic|/run/systemd/resolve/resolv.conf}} or {{ic|/usr/lib/systemd/resolv.conf}}.<br />
<br />
You can enable it explicitly by setting {{ic|1=main.dns=systemd-resolved}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=systemd-resolved<br />
}}<br />
<br />
===== DNS resolver with an openresolv subscriber =====<br />
<br />
If [[openresolv]] has a subscriber for your local [[DNS resolver]], set up the subscriber and [[#Use openresolv|configure NetworkManager to use openresolv]].<br />
<br />
Because NetworkManager advertises a single "interface" to ''resolvconf'', it is not possible to implement conditional forwarding between to NetworkManager connections. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 NetworkManager issue 153].<br />
<br />
This can be partially mitigated if you set {{ic|1=private="*"}} in {{ic|/etc/resolvconf.conf}}[https://roy.marples.name/projects/openresolv/configuration.html]. Any queries for domains that are not in search domain list will not get forwarded. They will be handled according to the local resolver's configuration, for example, forwarded to another DNS server or resolved recursively from the DNS root.<br />
<br />
==== Custom DNS servers ====<br />
<br />
===== Setting custom global DNS servers =====<br />
<br />
To set DNS servers for all connections, specify them in {{man|5|NetworkManager.conf}} using the syntax {{ic|1=servers=''serveripaddress1'',''serveripaddress2'',''serveripaddress3''}} in a section named {{ic|[global-dns-domain-*]}}. For example:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns-servers.conf|2=<br />
[global-dns-domain-*]<br />
servers=::1,127.0.0.1<br />
}}<br />
<br />
{{Note|<br />
* If you use [[#DNS caching and conditional forwarding|NetworkManager's dnsmasq or systemd-resolved plugin]] or [[#DNS resolver with an openresolv subscriber|openresolv subscribers]], then do not specify loopback addresses with the {{ic|1=servers=}} option, it can break DNS resolution.<br />
* The specified servers do not get sent to [[systemd-resolved]], the connection's DNS servers are used instead.<br />
}}<br />
<br />
===== Setting custom DNS servers in a connection =====<br />
<br />
====== Setting custom DNS servers in a connection (GUI) ======<br />
<br />
Setup will depend on the type of front-end used; the process usually involves right-clicking on the applet, editing (or creating) a profile, and then choosing DHCP type as ''Automatic (specify addresses)''. The DNS addresses will need to be entered and are usually in this form: {{ic|127.0.0.1, ''DNS-server-one'', ...}}.<br />
<br />
====== Setting custom DNS servers in a connection (nmcli / connection file) ======<br />
<br />
To setup DNS Servers per connection, you can use the {{ic|dns}} field (and the associated {{ic|dns-search}} and {{ic|dns-options}}) in the [[#Edit a connection|connection settings]]. <br />
<br />
If {{ic|method}} is set to {{ic|auto}} (when you use DHCP), you need to set {{ic|ignore-auto-dns}} to {{ic|yes}}.<br />
<br />
==== /etc/resolv.conf ====<br />
<br />
By default {{ic|/etc/resolv.conf}} is managed by ''NetworkManager'' unless it is a symlink.<br />
<br />
It can be configured to write it through [[#Use openresolv|openresolv]] or to [[#Unmanaged /etc/resolv.conf|not touch it at all]].<br />
<br />
Using openresolv allows NetworkManager to coexists with other ''resolvconf'' supporting software or, for example, to run a local DNS caching and split-DNS resolver for which openresolv has a [[openresolv#Subscribers|subscriber]].<br />
<br />
{{Note|Conditional forwarding is [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 not yet fully supported] when using NetworkManager with openresolv.}}<br />
<br />
''NetworkManager'' also offers hooks via so called dispatcher scripts that can be used to alter the {{ic|/etc/resolv.conf}} after network changes. See [[#Network services with NetworkManager dispatcher]] and {{man|8|NetworkManager}} for more information.<br />
<br />
{{Note|<br />
* If NetworkManager is configured to use either [[#dnsmasq|dnsmasq]] or [[#systemd-resolved|systemd-resolved]], then the appropriate loopback addresses will be written to {{ic|/etc/resolv.conf}}.<br />
* The {{ic|resolv.conf}} file NetworkManager writes or would write to {{ic|/etc/resolv.conf}} can be found at {{ic|/run/NetworkManager/resolv.conf}}.<br />
* A {{ic|resolv.conf}} file with the acquired name servers and search domains can be found at {{ic|/run/NetworkManager/no-stub-resolv.conf}}.<br />
}}<br />
<br />
===== Unmanaged /etc/resolv.conf =====<br />
<br />
To stop NetworkManager from touching {{ic|/etc/resolv.conf}}, set {{ic|1=main.dns=none}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=none<br />
}}<br />
<br />
{{Tip|You might also want to set {{ic|1=main.systemd-resolved=false}}, so that NetworkManager does not send the DNS configuration to [[systemd-resolved]].}}<br />
<br />
{{Note|See [[#DNS caching and conditional forwarding]], to configure NetworkManager using other DNS backends like [[dnsmasq]] and [[systemd-resolved]], instead of using {{ic|1=main.dns=none}}.}}<br />
<br />
After that {{ic|/etc/resolv.conf}} might be a broken symlink that you will need to remove. Then, just create a new {{ic|/etc/resolv.conf}} file.<br />
<br />
===== Use openresolv =====<br />
<br />
{{Note|Do not set {{ic|1=rc-manager=resolvconf}} when {{Pkg|systemd-resolvconf}} is installed. ''systemd-resolved'' provides limited support for the ''resolvconf'' interface and NetworkManager supports communicating with systemd-resolved through D-Bus without using ''resolvconf''.}}<br />
<br />
To configure NetworkManager to use [[openresolv]], set {{ic|1=main.rc-manager=resolvconf}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/rc-manager.conf|2=<br />
[main]<br />
rc-manager=resolvconf<br />
}}<br />
<br />
=== Firewall ===<br />
<br />
You can assign a [[firewalld]] zone based on your current connection. For example a restrictive firewall when at work, and a less restrictive one when at home.<br />
<br />
This can also be done with [[#Network services with NetworkManager dispatcher|NetworkManager dispatcher]].<br />
<br />
== Network services with NetworkManager dispatcher ==<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. NetworkManager has the ability to start services when you connect to a network and stop them when you disconnect (e.g. when using [[NFS]], [[SMB]] and [[NTPd]]).<br />
<br />
To activate the feature you need to [[enable]] and [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the service is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory.<br />
<br />
Scripts must be owned by '''root''', otherwise the dispatcher will not execute them. For added security, set group [[ownership]] to root as well:<br />
<br />
# chown root:root /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
Make sure the file has correct permissions:<br />
<br />
# chmod 755 /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10-portmap}} or {{ic|30-netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
Scripts will receive the following arguments:<br />
<br />
* '''Interface name:''' e.g. {{ic|eth0}}<br />
* '''Interface status:''' ''up'' or ''down''<br />
* '''VPN status:''' ''vpn-up'' or ''vpn-down''<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network.}}<br />
<br />
=== Avoiding the dispatcher timeout ===<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service.d/remain_after_exit.conf|2=<br />
[Service]<br />
RemainAfterExit=yes<br />
}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
=== Dispatcher examples ===<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli connection status}} or {{ic|nmcli connection list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
export SSH_AUTH_SOCK<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Mounting of SMB shares ====<br />
<br />
Some [[SMB]] shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount SMB shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-mount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
# Find the connection UUID with "nmcli connection show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
if [ "$2" = "up" ]; then<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
The following script will unmount all SMB shares before a software initiated disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/30-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|Make sure this script is located in the {{ic|pre-down.d}} sub-directory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
<br />
The following script will attempt to unmount all SMB shares following an unexpected disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/40-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
if [ "$2" = "down" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* Since NetworkManager 0.9.8, the ''pre-down'' and ''down'' events are not executed on shutdown or restart, see [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.<br />
* The previous ''umount'' scripts are still prone to leaving applications actually accessing the mount to 'hang'.<br />
}}<br />
<br />
An alternative is to use the script as seen in [[NFS#Using a NetworkManager dispatcher]]:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-smb.sh|<nowiki><br />
#!/bin/bash<br />
<br />
# Find the connection UUID with "nmcli con show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
WANTED_CON_UUID="CHANGE-ME-NOW-9c7eff15-010a-4b1c-a786-9b4efa218ba9"<br />
<br />
if [[ "$CONNECTION_UUID" == "$WANTED_CON_UUID" ]]; then<br />
<br />
# Script parameter $1: NetworkManager connection name, not used<br />
# Script parameter $2: dispatched event<br />
<br />
case "$2" in<br />
"up")<br />
mount -a -t cifs<br />
;;<br />
"pre-down");&<br />
"vpn-pre-down")<br />
umount -l -a -t cifs >/dev/null<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|This script ignores mounts with the {{ic|noauto}} option, remove this mount option or use {{ic|auto}} to allow the dispatcher to manage these mounts.}}<br />
<br />
Create a symlink inside {{ic|/etc/NetworkManager/dispatcher.d/pre-down/}} to catch the {{ic|pre-down}} events:<br />
<br />
# ln -s ../30-smb.sh /etc/NetworkManager/dispatcher.d/pre-down.d/30-smb.sh<br />
<br />
==== Mounting of NFS shares ====<br />
<br />
See [[NFS#Using a NetworkManager dispatcher]].<br />
<br />
==== Use dispatcher to automatically toggle wireless depending on LAN cable being plugged in ====<br />
<br />
The idea is to only turn Wi-Fi on when the LAN cable is unplugged (for example when detaching from a laptop dock), and for Wi-Fi to be automatically disabled, once a LAN cable is plugged in again. <br />
<br />
Create the following dispatcher script[https://superuser.com/questions/233448/disable-wlan-if-wired-cable-network-is-available], replacing {{ic|1=LAN_interface}} with yours.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/wlan_auto_toggle.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$1" = "LAN_interface" ]; then<br />
case "$2" in<br />
up)<br />
nmcli radio wifi off<br />
;;<br />
down)<br />
nmcli radio wifi on<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|You can get a list of interfaces using [[#nmcli examples|nmcli]]. The ethernet (LAN) interfaces start with {{ic|en}}, e.g. {{ic|1=enp0s5}}}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
{{Note|This script will require {{Pkg|wireless_tools}} in order to use {{ic|iwgetid}}.}}<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
Trying to connect with the above script may still fail with {{ic|NetworkManager-dispatcher.service}} complaining about 'no valid VPN secrets', because of [https://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored]. Fortunately, there are different options to give the above script access to your VPN password.<br />
<br />
1: One of them requires editing the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
If that alone does not work, you may have to create a {{ic|passwd-file}} in a safe location with the same permissions and ownership as the dispatcher script, containing the following:<br />
<br />
{{hc|/path/to/passwd-file|<br />
vpn.secrets.password:YOUR_PASSWORD<br />
}}<br />
<br />
The script must be changed accordingly, so that it gets the password from the file:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME" passwd-file /path/to/passwd-file<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
2: Alternatively, change the {{ic|password-flags}} and put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to disable IPv6 on VPN provider connections ====<br />
<br />
Many [[:Category:VPN providers|commercial VPN providers]] support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, dispatcher can be used to disable all IPv6 traffic for the time a VPN connection is up.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/10-vpn-ipv6|<nowiki><br />
#!/bin/sh<br />
<br />
case "$2" in<br />
vpn-up)<br />
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
vpn-down)<br />
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== OpenNTPD ====<br />
<br />
See [[OpenNTPD#Using NetworkManager dispatcher]].<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -r '^psk=' /etc/NetworkManager/system-connections/<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
It is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
==== Using GNOME Keyring ====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password only for this user}}.<br />
<br />
==== Using KDE Wallet ====<br />
<br />
Using KDE's {{Pkg|plasma-nm}}, click the applet, click on the top right {{ic|Settings}} icon, click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again.<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks. Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
You will need a Wi-Fi card which supports AP mode, see [[Software access point#Wi-Fi device must support AP mode]] for details.<br />
<br />
[[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
<br />
Create the shared connection:<br />
<br />
* Click on applet and choose ''Create new wireless network''.<br />
* Follow wizard (chose WPA2 or higher, be sure to use at least 8 character long password, lower lengths will fail).<br />
** Choose either [[Fedora:Features/RealHotspot|Hotspot]] or Ad-hoc as Wi-Fi mode.<br />
<br />
The connection will be saved and remain stored for the next time you need it.<br />
<br />
{{Note|Android does not support connecting to Ad-hoc networks. To share a connection with Android use infrastructure mode (i.e. set Wi-Fi mode to "Hotspot").}}<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
<br />
{{Style|{{Pkg|nm-connection-editor}} is not a dependency of {{Pkg|networkmanager}} and needs to be installed separately.}}<br />
<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
{{Out of date|''nm-tool'' was remove from NetworkManager for long time now[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/bb8c75bd536d4f8fb80a4366025a279078f0ec81]. ''nmcli'' should be used instead.}}<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
{{Remove|Out of scope of this article.}}<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it is not, and NetworkManager is not connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Merge|GNOME/Keyring|Out of scope of the NetworkManager article.}}<br />
<br />
{{Out of date|The following method is dated and known not to work on at least one machine.}}<br />
<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
{{Remove|A note in [[SLiM#Gnome Keyring]] says that staring with slim 1.3.5-1 no configuration is required.}}<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
=== OpenConnect with password in KWallet ===<br />
<br />
While you may type both values at connection time, {{Pkg|plasma-nm}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from [[KWallet]].<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them. You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/conf.d/unmanaged.conf}}:<br />
<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
<br />
After editing the file, run {{ic|nmcli general reload}} as root. Afterwards you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Configuring MAC address randomization ===<br />
<br />
{{Note|1=Disabling MAC address randomization may be needed to get (stable) link connection [https://bbs.archlinux.org/viewtopic.php?id=220101] and/or networks that restrict devices based on their MAC Address or have a limit network capacity.}}<br />
<br />
MAC randomization can be used for increased privacy by not disclosing your real MAC address to the network.<br />
<br />
NetworkManager supports two types MAC Address Randomization: randomization during scanning, and for network connections. Both modes can be configured by modifying {{ic|/etc/NetworkManager/NetworkManager.conf}} or by creating a separate configuration file in {{ic|/etc/NetworkManager/conf.d/}} which is recommended since the aforementioned config file may be overwritten by NetworkManager.<br />
<br />
Randomization during Wi-Fi scanning is enabled by default, but it may be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}} or a dedicated configuration file under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
}}<br />
<br />
MAC randomization for network connections can be set to different modes for both wireless and ethernet interfaces. See the [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details on the different modes. <br />
<br />
In terms of MAC randomization the most important modes are {{ic|stable}} and {{ic|random}}. {{ic|stable}} generates a random MAC address when you connect to a new network and associates the two permanently. This means that you will use the same MAC address every time you connect to that network. In contrast, {{ic|random}} will generate a new MAC address every time you connect to a network, new or previously known. You can configure the MAC randomization by adding the desired configuration under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device-mac-randomization]<br />
# "yes" is already the default for scanning<br />
wifi.scan-rand-mac-address=yes<br />
<br />
[connection-mac-randomization]<br />
# Randomize MAC for every ethernet connection<br />
ethernet.cloned-mac-address=random<br />
# Generate a random MAC for each WiFi and associate the two permanently.<br />
wifi.cloned-mac-address=stable<br />
}}<br />
<br />
See the following [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details.<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]].<br />
<br />
=== Working with wired connections ===<br />
<br />
By default, NetworkManager generates a connection profile for each wired ethernet connection it finds. At the point when generating the connection, it does not know whether there will be more ethernet adapters available. Hence, it calls the first wired connection "Wired connection 1". You can avoid generating this connection, by configuring {{ic|no-auto-default}} (see {{man|5|NetworkManager.conf}}), or by simply deleting it. Then NetworkManager will remember not to generate a connection for this interface again.<br />
<br />
You can also edit the connection (and persist it to disk) or delete it. NetworkManager will not re-generate a new connection. Then you can change the name to whatever you want. You can use something like nm-connection-editor for this task.<br />
<br />
=== Using iwd as the Wi-Fi backend ===<br />
<br />
Install {{AUR|networkmanager-iwd}} or enable the experimental [[iwd]] backend creating the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_backend.conf|2=<br />
[device]<br />
wifi.backend=iwd<br />
}}<br />
<br />
=== Running in a network namespace ===<br />
<br />
If you would like to run NetworkManager inside a network namespace (eg to only manage a specific device), bring down the network interface before moving it to the namespace:<br />
<br />
$ ip link set dev $MY_DEVICE down<br />
<br />
otherwise NetworkManager will later fail to establish the connection with a {{ic|device is strictly unmanaged}} error.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider using another DHCP client, see [[#DHCP client]] for instructions. This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:''aa:bb:cc:dd:ee:ff'';<br />
}<br />
<br />
Where {{ic|''aa:bb:cc:dd:ee:ff''}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#NetworkManager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. To check if the driver notifies ''rfkill'' about the wireless adapter's status, use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the GNOME keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
=== Unable to turn on wi-fi with Lenovo laptop (IdeaPad, Legion, etc.) ===<br />
<br />
There is an issue with the {{ic|ideapad_laptop}} module on some Lenovo models due to the wi-fi driver incorrectly reporting a soft block. The card can still be manipulated with {{ic|netctl}}, but managers like NetworkManager break. You can verify that this is the problem by checking the output of {{ic|rfkill list}} after toggling your hardware switch and seeing that the soft block persists.<br />
<br />
{{Accuracy|Try to use {{ic|rfkill.default_state}} and {{ic|rfkill.master_switch_mode}} (see [https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/kernel-parameters.txt kernel-parameters.txt]) to fix the rfkill problem.}}<br />
<br />
[[modprobe|Unloading]] the {{ic|ideapad_laptop}} module should fix this. ('''warning''': this may disable the laptop keyboard and touchpad also!).<br />
<br />
=== Turn off hostname sending ===<br />
<br />
NetworkManager by default sends the hostname to the DHCP server. Hostname sending can only be disabled per connection not globally ([https://bugzilla.gnome.org/show_bug.cgi?id=768076 GNOME Bug 768076]).<br />
<br />
To disable sending your hostname to the DHCP server for a specific connection, add the following to your network connection file:<br />
<br />
{{hc|/etc/NetworkManager/system-connections/''your_connection_file''|2=<br />
...<br />
[ipv4]<br />
dhcp-send-hostname=false<br />
...<br />
[ipv6]<br />
dhcp-send-hostname=false<br />
...<br />
}}<br />
<br />
=== nm-applet disappears in i3wm ===<br />
<br />
If you use the {{ic|xfce4-notifyd.service}} for notifications you must [[edit]] the unit and add the following:<br />
<br />
{{hc|/etc/systemd/user/xfce4-notifyd.service.d/display_env.conf|2=<br />
[Service]<br />
Environment="DISPLAY=:0.0"<br />
}}<br />
<br />
After reloading the daemons [[restart]] {{ic|xfce4-notifyd.service}}. Exit i3 and start it back up again and the applet should show on the tray.<br />
<br />
=== nm-applet tray icons display wrongly ===<br />
<br />
Currently the tray icons of nm-applet are drawn on top of one another, i.e. the icon displaying wireless strength might show on top of the icon indicating no wired connection.<br />
This is apparently a GTK3 bug/problem: https://gitlab.gnome.org/GNOME/gtk/issues/1280 .<br />
<br />
A patched version of GTK3 exists in AUR, which apparently fixes the tray icon bug: {{AUR|gtk3-mushrooms}} .<br />
<br />
=== Unit dbus-org.freedesktop.resolve1.service not found ===<br />
<br />
If {{ic|systemd-resolved.service}} is not started, NetworkManager will try to start it using D-Bus and fail:<br />
<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
dbus-daemon[991]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.resolve1.service': Unit dbus-org.freedesktop.resolve1.service not found.<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
<br />
This is because NetworkManager will try to send DNS information to [[systemd-resolved]] regardless of the {{ic|1=main.dns=}} setting in {{man|5|NetworkManager.conf}}.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383]<br />
<br />
This can be disabled with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/no-systemd-resolved.conf|2=<br />
[main]<br />
systemd-resolved=false<br />
}}<br />
<br />
See {{Bug|62138}}.<br />
<br />
== See also ==<br />
<br />
* [https://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]<br />
* [[Wikipedia:NetworkManager]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=NetworkManager&diff=599350NetworkManager2020-02-27T13:16:24Z<p>DarioP: /* Running in a network namespace */ added command to bring down interface</p>
<hr />
<div>[[Category:Network managers]]<br />
[[Category:Red Hat]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[zh-hans:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related articles end}}<br />
[https://wiki.gnome.org/Projects/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text, see [[#Encrypted Wi-Fi passwords]].}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}, which contains a daemon, a command line interface ({{ic|nmcli}}) and a curses‐based interface ({{ic|nmtui}}). After installation, you should [[#Enable NetworkManager|enable the daemon]].<br />
<br />
Additional interfaces:<br />
<br />
* {{Pkg|nm-connection-editor}} for a graphical user interface,<br />
* {{Pkg|network-manager-applet}} for a system tray applet ({{ic|nm-applet}}).<br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== Mobile broadband support ===<br />
<br />
[[Install]] {{Pkg|modemmanager}}, {{Pkg|mobile-broadband-provider-info}} and {{Pkg|usb_modeswitch}} packages for mobile broadband connection support. See [[USB 3G Modem#NetworkManager]] for details.<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{Pkg|rp-pppoe}} package for PPPoE / DSL connection support. To actually add PPPoE connection, use {{ic|1=nm-connection-editor}} and add new DSL/PPPoE connection.<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager since version 1.16 has native support for [[WireGuard]], all it needs is the {{ic|wireguard}} kernel module. Read the [https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/ WireGuard in NetworkManager blog post] for details.<br />
<br />
Support for other VPN types is based on a plug-in system. They are provided in the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}} for [[OpenConnect]]<br />
* [[networkmanager-openvpn]] for [[OpenVPN]]<br />
* {{Pkg|networkmanager-pptp}} for [[PPTP Client]]<br />
* {{Pkg|networkmanager-vpnc}} for [[Vpnc]]<br />
* {{Pkg|networkmanager-strongswan}} for [[strongSwan]]<br />
* {{AUR|networkmanager-fortisslvpn-git}}<br />
* {{AUR|networkmanager-iodine-git}}<br />
* {{AUR|networkmanager-libreswan}}<br />
* {{AUR|networkmanager-l2tp}}<br />
* {{AUR|networkmanager-ssh-git}}<br />
* {{Pkg|network-manager-sstp}}<br />
<br />
{{Warning|1=There are a lot of [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues?search=VPN&state=opened bugs] (and [https://bugzilla.gnome.org/buglist.cgi?bug_status=__open__&content=VPN&product=NetworkManager old bugs]) related to VPN support. Check the daemon processes options set via the GUI correctly and double-check with each package release.}}<br />
<br />
{{Note|To have fully functioning DNS resolution when using VPN, you should set up [[#DNS caching and conditional forwarding|conditional forwarding]].}}<br />
<br />
== Usage ==<br />
<br />
NetworkManager comes with {{man|1|nmcli}} and {{man|1|nmtui}}.<br />
<br />
=== nmcli examples ===<br />
<br />
List nearby wifi networks:<br />
<br />
$ nmcli device wifi list<br />
<br />
Connect to a wifi network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password''<br />
<br />
Connect to a hidden network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' hidden yes<br />
<br />
Connect to a wifi on the {{ic|wlan1}} wifi interface:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' ifname wlan1 ''profile_name''<br />
<br />
Disconnect an interface:<br />
<br />
$ nmcli device disconnect ifname eth0<br />
<br />
Reconnect an interface marked as disconnected:<br />
<br />
$ nmcli connection up uuid ''UUID''<br />
<br />
Get a list of UUIDs:<br />
<br />
$ nmcli connection show<br />
<br />
See a list of network devices and their state:<br />
<br />
$ nmcli device<br />
<br />
Turn off wifi:<br />
<br />
$ nmcli radio wifi off<br />
<br />
=== Edit a connection ===<br />
<br />
For a comprehensive list of settings, see {{man|5|nm-settings}}.<br />
<br />
Firstly you need to get list of connections:<br />
<br />
{{hc|$ nmcli connection|<nowiki><br />
NAME UUID TYPE DEVICE<br />
Wired connection 2 e7054040-a421-3bef-965d-bb7d60b7cecf ethernet enp5s0<br />
Wired connection 1 997f2782-f0fc-301d-bfba-15421a2735d8 ethernet enp0s25<br />
MY-HOME-WIFI-5G 92a0f7b3-2eba-49ab-a899-24d83978f308 wifi --<br />
</nowiki>}}<br />
<br />
Here you can use the first column as connection-id used later. In this example we pick {{ic|Wired connection 2}} as a connection-id.<br />
<br />
You have three methods to configure a connection {{ic|Wired connection 2}} after it has been created:<br />
<br />
; nmcli interactive editor<br />
: {{ic|nmcli connection edit 'Wired connection 2'}}.<br> Usage is well documented from the editor.<br />
<br />
; nmcli command line interface<br />
: {{ic|nmcli connection modify 'Wired connection 2' ''setting''.''property'' ''value''}}. See {{man|1|nmcli}} for usage. For example you can change its IPv4 route metric to 200 using {{ic|nmcli connection modify 'Wired connection 2' ipv4.route-metric 200}} command.<br />
<br />
; Connection file<br />
: In {{ic|/etc/NetworkManager/system-connections/}}, modify the corresponding {{ic|Wired connection 2.nmconnection}} file .<br> Do not forget to reload the configuration file with {{ic|nmcli connection reload}}.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various desktop environments have their own applet. Otherwise you can use [[#nm-applet]].<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]] has a built-in tool, accessible from the Network settings.<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} package. After that, add it to the KDE taskbar via the ''Panel options > Add widgets > Networks'' menu.<br />
<br />
=== nm-applet ===<br />
<br />
{{Pkg|network-manager-applet}} is a GTK 3 front-end which works under Xorg environments with a systray.<br />
<br />
To store connection secrets install and configure [[GNOME/Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
The applet can show notifications for events such as connecting to or disconnecting from a WiFi network. For these notifications to display, ensure that you have a notification server installed - see [[Desktop notifications]]. If you use the applet without a notification server, you might see some messages in stdout/stderr, and the app might hang. See [https://bugzilla.gnome.org/show_bug.cgi?id=788313].<br />
<br />
In order to run {{ic|nm-applet}} with such notifications disabled, start the applet with the following command:<br />
<br />
$ nm-applet --no-agent<br />
<br />
{{Tip|{{ic|nm-applet}} might be started automatically with a [[XDG Autostart|autostart desktop file]], to add the --no-agent option modify the Exec line there, i.e.<br />
<br />
{{bc|1=Exec=nm-applet --no-agent}}<br />
<br />
}}<br />
<br />
{{Warning|On [[i3]], if nm-applet is started with the {{ic|--no-agent}} option, it is not possible to connect to a new encrypted WiFi network by clicking on the item list because no password input dialogue window will pop out. [[journal]] will show {{ic|no secrets: No agents were available for this request}}.}}<br />
<br />
==== Appindicator ====<br />
<br />
Appindicator support is available in ''nm-applet'' however it is not compiled into the official package, see {{Bug|51740}}. To use nm-applet in an Appindicator environment, replace {{Pkg|network-manager-applet}} with {{AUR|network-manager-applet-indicator}} and then start the applet with the following command:<br />
<br />
$ nm-applet --indicator<br />
<br />
=== networkmanager-dmenu ===<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with [[dmenu]] or [[rofi]] instead of {{ic|nm-applet}}. It provides all essential features such as connection to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI, connect to Bluetooth networks.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] with the {{ic|NetworkManager.service}} [[systemd]] unit. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Addition configuration files can be placed in {{ic|/etc/NetworkManager/conf.d/}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
After editing a configuration file, the changes can be applied by running:<br />
<br />
# nmcli general reload<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
{{Out of date|{{ic|NetworkManager.service}} has {{ic|1=Also=NetworkManager-wait-online.service}} in the {{ic|[Install]}} section.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/167e42a87e97ed7fb26a4263c22f1774716ac51b] If {{ic|NetworkManager.service}} was [[enable]]d before the change, it needs to be [[enable|reenabled]].}}<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using [[GNOME]] or [[KDE]], you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] which handles proxy settings using NetworkManager's information. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (see [[GNOME#Autostart]]).<br />
<br />
xhost +si:localuser:''username''<br />
<br />
See also [[Proxy settings]].<br />
<br />
=== Checking connectivity ===<br />
<br />
NetworkManager can try to reach a page on Internet when connecting to a network. {{Pkg|networkmanager}} is configured by default in {{ic|/usr/lib/NetworkManager/conf.d/20-connectivity.conf}} to check connectivity to archlinux.org. To use a different webserver or disable connectivity checking create {{ic|/etc/NetworkManager/conf.d/20-connectivity.conf}}, see {{man|5|NetworkManager.conf|CONNECTIVITY SECTION}}. Below is an example of using GNOME servers (it does not require the use of [[GNOME]]):<br />
<br />
{{hc|/etc/NetworkManager/conf.d/20-connectivity.conf|<nowiki><br />
[connectivity]<br />
uri=http://nmcheck.gnome.org/check_network_status.txt<br />
</nowiki>}}<br />
<br />
=== Captive portals ===<br />
<br />
{{Style|Complex scripts should not be maintained on the wiki.}}<br />
<br />
For those behind a [[Wikipedia:Captive portal|captive portal]], the desktop manager may automatically open a window asking for credentials. If your desktop does not, you can use {{Pkg|capnet-assist}} package (however, it currently it has a broken NetworkManager dispatcher script). Alternatively, you can create a NetworkManager dispatcher script with the following content:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/90-open_captive_portal|<nowiki><br />
#!/bin/sh -e<br />
# Script to dispatch NetworkManager events<br />
#<br />
# Runs shows a login webpage on walled garden networks.<br />
# See NetworkManager(8) for further documentation of the dispatcher events.<br />
<br />
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin<br />
<br />
if [ -x "/usr/bin/logger" ]; then<br />
logger="/usr/bin/logger -s -t captive-portal"<br />
else<br />
logger=":"<br />
fi<br />
<br />
wait_for_process() {<br />
PNAME=$1<br />
while [ -z "$(/usr/bin/pgrep $PNAME)" ]; do<br />
sleep 3;<br />
done<br />
}<br />
<br />
#launch the browser, but on boot we need to wait that nm-applet starts<br />
start_browser() {<br />
local user="$1"<br />
local display="$2"<br />
<br />
export DISPLAY="$display"<br />
wait_for_process nm-applet<br />
<br />
export XAUTHORITY="/home/$user/.Xauthority"<br />
<br />
$logger "Running browser as '$user' with display '$display' to login in captive portal"<br />
sudo -u "$user" --preserve-env=DISPLAY,XAUTHORITY -H xdg-open http://capnet.elementary.io 2>&1 > /dev/null<br />
}<br />
<br />
# Run the right scripts<br />
case "$2" in<br />
connectivity-change)<br />
$logger -p user.debug "dispatcher script triggered on connectivity change: $CONNECTIVITY_STATE"<br />
if [ "$CONNECTIVITY_STATE" = "PORTAL" ]; then<br />
# Match last column of who's output with ' :[at least one digit] '<br />
who | awk '$NF ~ /\(:[0-9]+\)/ { print $1 " " substr($NF, 2, length($NF)-2) };' | \<br />
while read user display; do<br />
start_browser $user $display || $logger -p user.err "Failed for user: '$user' display: '$display'"<br />
done<br />
fi<br />
;;<br />
*)<br />
# In a down phase<br />
exit 0<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
You will need to [[restart]] {{ic|NetworkManager.service}} or reboot for this to start working. Once you do, the dispatcher script should open a login window once it detects you are behind a captive portal.<br />
<br />
Another solution is {{AUR|captive-browser-git}} based on Google Chrome.<br />
<br />
=== DHCP client ===<br />
<br />
By default NetworkManager uses its internal DHCP client. The internal DHCPv4 plugin is based on the [https://nettools.github.io/n-dhcp4/ nettools' n-dhcp4] library, while the internal DHCPv6 plugin is made from code based on systemd-networkd.<br />
<br />
To use a different DHCP client [[install]] one of the alternatives:<br />
<br />
* {{Pkg|dhclient}} - ISC’s DHCP client.<br />
* {{Pkg|dhcpcd}} - [[dhcpcd]]. <br />
<br />
{{Note|<br />
* NetworkManger does not support using dhcpcd for IPv6. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/5 NetworkManager issue #5]. If dhcpcd is set as the DHCP client, NetworkManager will use the internal DHCP client for DHCPv6.<br />
* Do not enable the systemd units shipped with the {{Pkg|dhclient}} and {{Pkg|dhcpcd}} packages. They will conflict with NetworkManager, see the note in [[#Installation]] for details.<br />
}}<br />
<br />
To change the DHCP client backend, set the option {{ic|1=main.dhcp=''dhcp_client_name''}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}. E.g.:<br />
<br />
{{hc|1=/etc/NetworkManager/conf.d/dhcp-client.conf|2=<br />
[main]<br />
dhcp=dhclient<br />
}}<br />
<br />
=== DNS management ===<br />
<br />
NetworkManager's DNS management is described in the GNOME project's wiki page—[https://wiki.gnome.org/Projects/NetworkManager/DNS Projects/NetworkManager/DNS].<br />
<br />
==== DNS caching and conditional forwarding ====<br />
<br />
NetworkManager has a plugin to enable DNS caching and conditional forwarding ([https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/143 previously] called "split DNS" in NetworkManager's documentation) using [[dnsmasq]] or [[systemd-resolved]]. The advantages of this setup is that DNS lookups will be cached, shortening resolve times, and DNS lookups of VPN hosts will be routed to the relevant VPN's DNS servers. This is especially useful if you are connected to more than one VPN.<br />
<br />
===== dnsmasq =====<br />
<br />
Make sure {{Pkg|dnsmasq}} has been installed. Then set {{ic|1=main.dns=dnsmasq}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=dnsmasq<br />
}}<br />
<br />
Now run {{ic|nmcli general reload}} as root. NetworkManager will automatically start dnsmasq and add {{ic|127.0.0.1}} to {{ic|/etc/resolv.conf}}. The original DNS servers can be found in {{ic|/run/NetworkManager/no-stub-resolv.conf}}. You can verify dnsmasq is being used by doing the same DNS lookup twice with {{ic|drill example.com}} and verifying the server and query times.<br />
<br />
{{Note|<br />
* You do not need to start {{ic|dnsmasq.service}} or edit {{ic|/etc/dnsmasq.conf}}. NetworkManager will start dnsmasq without using the systemd service and without reading the dnsmasq's default configuration file(s).<br />
* The dnsmasq instance started by NetworkManager will bind to {{ic|127.0.0.1:53}}, you cannot run any other software (including {{ic|dnsmasq.service}}) on the same address and port.<br />
}}<br />
<br />
====== Custom dnsmasq configuration ======<br />
<br />
Custom configurations can be created for ''dnsmasq'' by creating configuration files in {{ic|/etc/NetworkManager/dnsmasq.d/}}. For example, to change the size of the DNS cache (which is stored in RAM):<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/cache.conf|2=<br />
cache-size=1000<br />
}}<br />
<br />
{{Tip|Check the configuration file syntax with {{ic|1=dnsmasq --test --conf-file=/dev/null --conf-dir=/etc/NetworkManager/dnsmasq.d}}.}}<br />
<br />
See {{man|8|dnsmasq}} for all available options.<br />
<br />
====== IPv6 ======<br />
<br />
{{Accuracy|This does not solve the issue because NetworkManager does not add {{ic|::1}} to {{ic|/etc/resolv.conf}}. Unless {{ic|@::1}} is manually passed to drill, it will still fail with {{ic|Error: error sending query: No (valid) nameservers defined in the resolver}}.}}<br />
<br />
Enabling {{ic|dnsmasq}} in NetworkManager may break IPv6-only DNS lookups (i.e. {{ic|drill -6 [hostname]}}) which would otherwise work. In order to resolve this, creating the following file will configure ''dnsmasq'' to also listen to the IPv6 loopback:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/ipv6-listen.conf|2=<br />
listen-address=::1<br />
}}<br />
<br />
In addition, {{ic|dnsmasq}} also does not prioritize upstream IPv6 DNS. Unfortunately NetworkManager does not do this ([https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/936712 Ubuntu Bug]). A workaround would be to disable IPv4 DNS in the NetworkManager config, assuming one exists<br />
<br />
====== DNSSEC ======<br />
<br />
The dnsmasq instance started by NetworkManager by default will not validate [[DNSSEC]] since it is started with the {{ic|--proxy-dnssec}} option. It will trust whatever DNSSEC information it gets from the upstream DNS server.<br />
<br />
For dnsmasq to properly validate DNSSEC, thus breaking DNS resolution with name servers that do not support it, create the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/dnssec.conf|2=<br />
conf-file=/usr/share/dnsmasq/trust-anchors.conf<br />
dnssec<br />
}}<br />
<br />
===== systemd-resolved =====<br />
<br />
{{Expansion|NetworkManager 1.16 adds a new setting {{ic|main.systemd-resolved}}[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383] (enabled by default). It unconditionally sends DNS configuration to systemd-resolved. Related to "Preserving resolv.conf" from [[systemd-resolved#DNS]]?}}<br />
<br />
NetworkManager can use [[systemd-resolved]] as a DNS resolver and cache. Make sure that ''systemd-resolved'' is properly configured and that {{ic|systemd-resolved.service}} is [[started]] before using it.<br />
<br />
systemd-resolved will be used automatically if {{ic|/etc/resolv.conf}} is a [[Systemd-resolved#DNS|symlink]] to {{ic|/run/systemd/resolve/stub-resolv.conf}}, {{ic|/run/systemd/resolve/resolv.conf}} or {{ic|/usr/lib/systemd/resolv.conf}}.<br />
<br />
You can enable it explicitly by setting {{ic|1=main.dns=systemd-resolved}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=systemd-resolved<br />
}}<br />
<br />
===== DNS resolver with an openresolv subscriber =====<br />
<br />
If [[openresolv]] has a subscriber for your local [[DNS resolver]], set up the subscriber and [[#Use openresolv|configure NetworkManager to use openresolv]].<br />
<br />
Because NetworkManager advertises a single "interface" to ''resolvconf'', it is not possible to implement conditional forwarding between to NetworkManager connections. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 NetworkManager issue 153].<br />
<br />
This can be partially mitigated if you set {{ic|1=private="*"}} in {{ic|/etc/resolvconf.conf}}[https://roy.marples.name/projects/openresolv/configuration.html]. Any queries for domains that are not in search domain list will not get forwarded. They will be handled according to the local resolver's configuration, for example, forwarded to another DNS server or resolved recursively from the DNS root.<br />
<br />
==== Custom DNS servers ====<br />
<br />
===== Setting custom global DNS servers =====<br />
<br />
To set DNS servers for all connections, specify them in {{man|5|NetworkManager.conf}} using the syntax {{ic|1=servers=''serveripaddress1'',''serveripaddress2'',''serveripaddress3''}} in a section named {{ic|[global-dns-domain-*]}}. For example:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns-servers.conf|2=<br />
[global-dns-domain-*]<br />
servers=::1,127.0.0.1<br />
}}<br />
<br />
{{Note|<br />
* If you use [[#DNS caching and conditional forwarding|NetworkManager's dnsmasq or systemd-resolved plugin]] or [[#DNS resolver with an openresolv subscriber|openresolv subscribers]], then do not specify loopback addresses with the {{ic|1=servers=}} option, it can break DNS resolution.<br />
* The specified servers do not get sent to [[systemd-resolved]], the connection's DNS servers are used instead.<br />
}}<br />
<br />
===== Setting custom DNS servers in a connection =====<br />
<br />
====== Setting custom DNS servers in a connection (GUI) ======<br />
<br />
Setup will depend on the type of front-end used; the process usually involves right-clicking on the applet, editing (or creating) a profile, and then choosing DHCP type as ''Automatic (specify addresses)''. The DNS addresses will need to be entered and are usually in this form: {{ic|127.0.0.1, ''DNS-server-one'', ...}}.<br />
<br />
====== Setting custom DNS servers in a connection (nmcli / connection file) ======<br />
<br />
To setup DNS Servers per connection, you can use the {{ic|dns}} field (and the associated {{ic|dns-search}} and {{ic|dns-options}}) in the [[#Edit a connection|connection settings]]. <br />
<br />
If {{ic|method}} is set to {{ic|auto}} (when you use DHCP), you need to set {{ic|ignore-auto-dns}} to {{ic|yes}}.<br />
<br />
==== /etc/resolv.conf ====<br />
<br />
By default {{ic|/etc/resolv.conf}} is managed by ''NetworkManager'' unless it is a symlink.<br />
<br />
It can be configured to write it through [[#Use openresolv|openresolv]] or to [[#Unmanaged /etc/resolv.conf|not touch it at all]].<br />
<br />
Using openresolv allows NetworkManager to coexists with other ''resolvconf'' supporting software or, for example, to run a local DNS caching and split-DNS resolver for which openresolv has a [[openresolv#Subscribers|subscriber]].<br />
<br />
{{Note|Conditional forwarding is [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 not yet fully supported] when using NetworkManager with openresolv.}}<br />
<br />
''NetworkManager'' also offers hooks via so called dispatcher scripts that can be used to alter the {{ic|/etc/resolv.conf}} after network changes. See [[#Network services with NetworkManager dispatcher]] and {{man|8|NetworkManager}} for more information.<br />
<br />
{{Note|<br />
* If NetworkManager is configured to use either [[#dnsmasq|dnsmasq]] or [[#systemd-resolved|systemd-resolved]], then the appropriate loopback addresses will be written to {{ic|/etc/resolv.conf}}.<br />
* The {{ic|resolv.conf}} file NetworkManager writes or would write to {{ic|/etc/resolv.conf}} can be found at {{ic|/run/NetworkManager/resolv.conf}}.<br />
* A {{ic|resolv.conf}} file with the acquired name servers and search domains can be found at {{ic|/run/NetworkManager/no-stub-resolv.conf}}.<br />
}}<br />
<br />
===== Unmanaged /etc/resolv.conf =====<br />
<br />
To stop NetworkManager from touching {{ic|/etc/resolv.conf}}, set {{ic|1=main.dns=none}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=none<br />
}}<br />
<br />
{{Tip|You might also want to set {{ic|1=main.systemd-resolved=false}}, so that NetworkManager does not send the DNS configuration to [[systemd-resolved]].}}<br />
<br />
{{Note|See [[#DNS caching and conditional forwarding]], to configure NetworkManager using other DNS backends like [[dnsmasq]] and [[systemd-resolved]], instead of using {{ic|1=main.dns=none}}.}}<br />
<br />
After that {{ic|/etc/resolv.conf}} might be a broken symlink that you will need to remove. Then, just create a new {{ic|/etc/resolv.conf}} file.<br />
<br />
===== Use openresolv =====<br />
<br />
{{Note|Do not set {{ic|1=rc-manager=resolvconf}} when {{Pkg|systemd-resolvconf}} is installed. ''systemd-resolved'' provides limited support for the ''resolvconf'' interface and NetworkManager supports communicating with systemd-resolved through D-Bus without using ''resolvconf''.}}<br />
<br />
To configure NetworkManager to use [[openresolv]], set {{ic|1=main.rc-manager=resolvconf}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/rc-manager.conf|2=<br />
[main]<br />
rc-manager=resolvconf<br />
}}<br />
<br />
=== Firewall ===<br />
<br />
You can assign a [[firewalld]] zone based on your current connection. For example a restrictive firewall when at work, and a less restrictive one when at home.<br />
<br />
This can also be done with [[#Network services with NetworkManager dispatcher|NetworkManager dispatcher]].<br />
<br />
== Network services with NetworkManager dispatcher ==<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. NetworkManager has the ability to start services when you connect to a network and stop them when you disconnect (e.g. when using [[NFS]], [[SMB]] and [[NTPd]]).<br />
<br />
To activate the feature you need to [[enable]] and [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the service is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory.<br />
<br />
Scripts must be owned by '''root''', otherwise the dispatcher will not execute them. For added security, set group [[ownership]] to root as well:<br />
<br />
# chown root:root /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
Make sure the file has correct permissions:<br />
<br />
# chmod 755 /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10-portmap}} or {{ic|30-netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
Scripts will receive the following arguments:<br />
<br />
* '''Interface name:''' e.g. {{ic|eth0}}<br />
* '''Interface status:''' ''up'' or ''down''<br />
* '''VPN status:''' ''vpn-up'' or ''vpn-down''<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network.}}<br />
<br />
=== Avoiding the dispatcher timeout ===<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service.d/remain_after_exit.conf|2=<br />
[Service]<br />
RemainAfterExit=yes<br />
}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
=== Dispatcher examples ===<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli connection status}} or {{ic|nmcli connection list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
export SSH_AUTH_SOCK<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Mounting of SMB shares ====<br />
<br />
Some [[SMB]] shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount SMB shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-mount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
# Find the connection UUID with "nmcli connection show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
if [ "$2" = "up" ]; then<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
The following script will unmount all SMB shares before a software initiated disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/30-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|Make sure this script is located in the {{ic|pre-down.d}} sub-directory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
<br />
The following script will attempt to unmount all SMB shares following an unexpected disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/40-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
if [ "$2" = "down" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* Since NetworkManager 0.9.8, the ''pre-down'' and ''down'' events are not executed on shutdown or restart, see [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.<br />
* The previous ''umount'' scripts are still prone to leaving applications actually accessing the mount to 'hang'.<br />
}}<br />
<br />
An alternative is to use the script as seen in [[NFS#Using a NetworkManager dispatcher]]:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-smb.sh|<nowiki><br />
#!/bin/bash<br />
<br />
# Find the connection UUID with "nmcli con show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
WANTED_CON_UUID="CHANGE-ME-NOW-9c7eff15-010a-4b1c-a786-9b4efa218ba9"<br />
<br />
if [[ "$CONNECTION_UUID" == "$WANTED_CON_UUID" ]]; then<br />
<br />
# Script parameter $1: NetworkManager connection name, not used<br />
# Script parameter $2: dispatched event<br />
<br />
case "$2" in<br />
"up")<br />
mount -a -t cifs<br />
;;<br />
"pre-down");&<br />
"vpn-pre-down")<br />
umount -l -a -t cifs >/dev/null<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|This script ignores mounts with the {{ic|noauto}} option, remove this mount option or use {{ic|auto}} to allow the dispatcher to manage these mounts.}}<br />
<br />
Create a symlink inside {{ic|/etc/NetworkManager/dispatcher.d/pre-down/}} to catch the {{ic|pre-down}} events:<br />
<br />
# ln -s ../30-smb.sh /etc/NetworkManager/dispatcher.d/pre-down.d/30-smb.sh<br />
<br />
==== Mounting of NFS shares ====<br />
<br />
See [[NFS#Using a NetworkManager dispatcher]].<br />
<br />
==== Use dispatcher to automatically toggle wireless depending on LAN cable being plugged in ====<br />
<br />
The idea is to only turn Wi-Fi on when the LAN cable is unplugged (for example when detaching from a laptop dock), and for Wi-Fi to be automatically disabled, once a LAN cable is plugged in again. <br />
<br />
Create the following dispatcher script[https://superuser.com/questions/233448/disable-wlan-if-wired-cable-network-is-available], replacing {{ic|1=LAN_interface}} with yours.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/wlan_auto_toggle.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$1" = "LAN_interface" ]; then<br />
case "$2" in<br />
up)<br />
nmcli radio wifi off<br />
;;<br />
down)<br />
nmcli radio wifi on<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|You can get a list of interfaces using [[#nmcli examples|nmcli]]. The ethernet (LAN) interfaces start with {{ic|en}}, e.g. {{ic|1=enp0s5}}}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
{{Note|This script will require {{Pkg|wireless_tools}} in order to use {{ic|iwgetid}}.}}<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
Trying to connect with the above script may still fail with {{ic|NetworkManager-dispatcher.service}} complaining about 'no valid VPN secrets', because of [https://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored]. Fortunately, there are different options to give the above script access to your VPN password.<br />
<br />
1: One of them requires editing the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
If that alone does not work, you may have to create a {{ic|passwd-file}} in a safe location with the same permissions and ownership as the dispatcher script, containing the following:<br />
<br />
{{hc|/path/to/passwd-file|<br />
vpn.secrets.password:YOUR_PASSWORD<br />
}}<br />
<br />
The script must be changed accordingly, so that it gets the password from the file:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME" passwd-file /path/to/passwd-file<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
2: Alternatively, change the {{ic|password-flags}} and put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to disable IPv6 on VPN provider connections ====<br />
<br />
Many [[:Category:VPN providers|commercial VPN providers]] support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, dispatcher can be used to disable all IPv6 traffic for the time a VPN connection is up.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/10-vpn-ipv6|<nowiki><br />
#!/bin/sh<br />
<br />
case "$2" in<br />
vpn-up)<br />
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
vpn-down)<br />
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== OpenNTPD ====<br />
<br />
See [[OpenNTPD#Using NetworkManager dispatcher]].<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -r '^psk=' /etc/NetworkManager/system-connections/<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
It is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
==== Using GNOME Keyring ====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password only for this user}}.<br />
<br />
==== Using KDE Wallet ====<br />
<br />
Using KDE's {{Pkg|plasma-nm}}, click the applet, click on the top right {{ic|Settings}} icon, click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again.<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks. Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
You will need a Wi-Fi card which supports AP mode, see [[Software access point#Wi-Fi device must support AP mode]] for details.<br />
<br />
[[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
<br />
Create the shared connection:<br />
<br />
* Click on applet and choose ''Create new wireless network''.<br />
* Follow wizard (chose WPA2 or higher, be sure to use at least 8 character long password, lower lengths will fail).<br />
** Choose either [[Fedora:Features/RealHotspot|Hotspot]] or Ad-hoc as Wi-Fi mode.<br />
<br />
The connection will be saved and remain stored for the next time you need it.<br />
<br />
{{Note|Android does not support connecting to Ad-hoc networks. To share a connection with Android use infrastructure mode (i.e. set Wi-Fi mode to "Hotspot").}}<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
<br />
{{Style|{{Pkg|nm-connection-editor}} is not a dependency of {{Pkg|networkmanager}} and needs to be installed separately.}}<br />
<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
{{Out of date|''nm-tool'' was remove from NetworkManager for long time now[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/bb8c75bd536d4f8fb80a4366025a279078f0ec81]. ''nmcli'' should be used instead.}}<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
{{Remove|Out of scope of this article.}}<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it is not, and NetworkManager is not connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Merge|GNOME/Keyring|Out of scope of the NetworkManager article.}}<br />
<br />
{{Out of date|The following method is dated and known not to work on at least one machine.}}<br />
<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
{{Remove|A note in [[SLiM#Gnome Keyring]] says that staring with slim 1.3.5-1 no configuration is required.}}<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
=== OpenConnect with password in KWallet ===<br />
<br />
While you may type both values at connection time, {{Pkg|plasma-nm}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from [[KWallet]].<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them. You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/conf.d/unmanaged.conf}}:<br />
<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
<br />
After editing the file, run {{ic|nmcli general reload}} as root. Afterwards you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Configuring MAC address randomization ===<br />
<br />
{{Note|1=Disabling MAC address randomization may be needed to get (stable) link connection [https://bbs.archlinux.org/viewtopic.php?id=220101] and/or networks that restrict devices based on their MAC Address or have a limit network capacity.}}<br />
<br />
MAC randomization can be used for increased privacy by not disclosing your real MAC address to the network.<br />
<br />
NetworkManager supports two types MAC Address Randomization: randomization during scanning, and for network connections. Both modes can be configured by modifying {{ic|/etc/NetworkManager/NetworkManager.conf}} or by creating a separate configuration file in {{ic|/etc/NetworkManager/conf.d/}} which is recommended since the aforementioned config file may be overwritten by NetworkManager.<br />
<br />
Randomization during Wi-Fi scanning is enabled by default, but it may be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}} or a dedicated configuration file under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
}}<br />
<br />
MAC randomization for network connections can be set to different modes for both wireless and ethernet interfaces. See the [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details on the different modes. <br />
<br />
In terms of MAC randomization the most important modes are {{ic|stable}} and {{ic|random}}. {{ic|stable}} generates a random MAC address when you connect to a new network and associates the two permanently. This means that you will use the same MAC address every time you connect to that network. In contrast, {{ic|random}} will generate a new MAC address every time you connect to a network, new or previously known. You can configure the MAC randomization by adding the desired configuration under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device-mac-randomization]<br />
# "yes" is already the default for scanning<br />
wifi.scan-rand-mac-address=yes<br />
<br />
[connection-mac-randomization]<br />
# Randomize MAC for every ethernet connection<br />
ethernet.cloned-mac-address=random<br />
# Generate a random MAC for each WiFi and associate the two permanently.<br />
wifi.cloned-mac-address=stable<br />
}}<br />
<br />
See the following [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details.<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]].<br />
<br />
=== Working with wired connections ===<br />
<br />
By default, NetworkManager generates a connection profile for each wired ethernet connection it finds. At the point when generating the connection, it does not know whether there will be more ethernet adapters available. Hence, it calls the first wired connection "Wired connection 1". You can avoid generating this connection, by configuring {{ic|no-auto-default}} (see {{man|5|NetworkManager.conf}}), or by simply deleting it. Then NetworkManager will remember not to generate a connection for this interface again.<br />
<br />
You can also edit the connection (and persist it to disk) or delete it. NetworkManager will not re-generate a new connection. Then you can change the name to whatever you want. You can use something like nm-connection-editor for this task.<br />
<br />
=== Using iwd as the Wi-Fi backend ===<br />
<br />
Install {{AUR|networkmanager-iwd}} or enable the experimental [[iwd]] backend creating the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_backend.conf|2=<br />
[device]<br />
wifi.backend=iwd<br />
}}<br />
<br />
=== Running in a network namespace ===<br />
<br />
If you would like to run NetworkManager inside a network namespace (eg to only manage a specific device), bring down the network interface before moving it to the namespace:{{bc|ip link set dev $MY_DEVICE down}} otherwise NetworkManager will later fail to establish the connection with a {{ic|device is strictly unmanaged}} error.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider using another DHCP client, see [[#DHCP client]] for instructions. This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:''aa:bb:cc:dd:ee:ff'';<br />
}<br />
<br />
Where {{ic|''aa:bb:cc:dd:ee:ff''}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#NetworkManager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. To check if the driver notifies ''rfkill'' about the wireless adapter's status, use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the GNOME keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
=== Unable to turn on wi-fi with Lenovo laptop (IdeaPad, Legion, etc.) ===<br />
<br />
There is an issue with the {{ic|ideapad_laptop}} module on some Lenovo models due to the wi-fi driver incorrectly reporting a soft block. The card can still be manipulated with {{ic|netctl}}, but managers like NetworkManager break. You can verify that this is the problem by checking the output of {{ic|rfkill list}} after toggling your hardware switch and seeing that the soft block persists.<br />
<br />
{{Accuracy|Try to use {{ic|rfkill.default_state}} and {{ic|rfkill.master_switch_mode}} (see [https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/kernel-parameters.txt kernel-parameters.txt]) to fix the rfkill problem.}}<br />
<br />
[[modprobe|Unloading]] the {{ic|ideapad_laptop}} module should fix this. ('''warning''': this may disable the laptop keyboard and touchpad also!).<br />
<br />
=== Turn off hostname sending ===<br />
<br />
NetworkManager by default sends the hostname to the DHCP server. Hostname sending can only be disabled per connection not globally ([https://bugzilla.gnome.org/show_bug.cgi?id=768076 GNOME Bug 768076]).<br />
<br />
To disable sending your hostname to the DHCP server for a specific connection, add the following to your network connection file:<br />
<br />
{{hc|/etc/NetworkManager/system-connections/''your_connection_file''|2=<br />
...<br />
[ipv4]<br />
dhcp-send-hostname=false<br />
...<br />
[ipv6]<br />
dhcp-send-hostname=false<br />
...<br />
}}<br />
<br />
=== nm-applet disappears in i3wm ===<br />
<br />
If you use the {{ic|xfce4-notifyd.service}} for notifications you must [[edit]] the unit and add the following:<br />
<br />
{{hc|/etc/systemd/user/xfce4-notifyd.service.d/display_env.conf|2=<br />
[Service]<br />
Environment="DISPLAY=:0.0"<br />
}}<br />
<br />
After reloading the daemons [[restart]] {{ic|xfce4-notifyd.service}}. Exit i3 and start it back up again and the applet should show on the tray.<br />
<br />
=== nm-applet tray icons display wrongly ===<br />
<br />
Currently the tray icons of nm-applet are drawn on top of one another, i.e. the icon displaying wireless strength might show on top of the icon indicating no wired connection.<br />
This is apparently a GTK3 bug/problem: https://gitlab.gnome.org/GNOME/gtk/issues/1280 .<br />
<br />
A patched version of GTK3 exists in AUR, which apparently fixes the tray icon bug: {{AUR|gtk3-mushrooms}} .<br />
<br />
=== Unit dbus-org.freedesktop.resolve1.service not found ===<br />
<br />
If {{ic|systemd-resolved.service}} is not started, NetworkManager will try to start it using D-Bus and fail:<br />
<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
dbus-daemon[991]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.resolve1.service': Unit dbus-org.freedesktop.resolve1.service not found.<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
<br />
This is because NetworkManager will try to send DNS information to [[systemd-resolved]] regardless of the {{ic|1=main.dns=}} setting in {{man|5|NetworkManager.conf}}.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383]<br />
<br />
This can be disabled with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/no-systemd-resolved.conf|2=<br />
[main]<br />
systemd-resolved=false<br />
}}<br />
<br />
See {{Bug|62138}}.<br />
<br />
== See also ==<br />
<br />
* [https://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]<br />
* [[Wikipedia:NetworkManager]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=NetworkManager&diff=599347NetworkManager2020-02-27T13:12:55Z<p>DarioP: /* Tips and tricks */ how to allow for managed devices inside network namespace</p>
<hr />
<div>[[Category:Network managers]]<br />
[[Category:Red Hat]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[ja:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[zh-hans:NetworkManager]]<br />
{{Related articles start}}<br />
{{Related|Network configuration}}<br />
{{Related|Wireless network configuration}}<br />
{{Related articles end}}<br />
[https://wiki.gnome.org/Projects/NetworkManager/ NetworkManager] is a program for providing detection and configuration for systems to automatically connect to networks. NetworkManager's functionality can be useful for both wireless and wired networks. For wireless networks, NetworkManager prefers known wireless networks and has the ability to switch to the most reliable network. NetworkManager-aware applications can switch from online and offline mode. NetworkManager also prefers wired connections over wireless ones, has support for modem connections and certain types of VPN. NetworkManager was originally developed by Red Hat and now is hosted by the [[GNOME]] project.<br />
<br />
{{Warning|By default, Wi-Fi passwords are stored in clear text, see [[#Encrypted Wi-Fi passwords]].}}<br />
<br />
== Installation ==<br />
<br />
NetworkManager can be [[install]]ed with the package {{Pkg|networkmanager}}, which contains a daemon, a command line interface ({{ic|nmcli}}) and a curses‐based interface ({{ic|nmtui}}). After installation, you should [[#Enable NetworkManager|enable the daemon]].<br />
<br />
Additional interfaces:<br />
<br />
* {{Pkg|nm-connection-editor}} for a graphical user interface,<br />
* {{Pkg|network-manager-applet}} for a system tray applet ({{ic|nm-applet}}).<br />
<br />
{{Note|You must ensure that no other service that wants to configure the network is running; in fact, multiple networking services will conflict. You can find a list of the currently running services with {{ic|1=systemctl --type=service}} and then [[stop]] them. See [[#Configuration]] to enable the NetworkManager service.}}<br />
<br />
=== Mobile broadband support ===<br />
<br />
[[Install]] {{Pkg|modemmanager}}, {{Pkg|mobile-broadband-provider-info}} and {{Pkg|usb_modeswitch}} packages for mobile broadband connection support. See [[USB 3G Modem#NetworkManager]] for details.<br />
<br />
=== PPPoE / DSL support ===<br />
<br />
[[Install]] {{Pkg|rp-pppoe}} package for PPPoE / DSL connection support. To actually add PPPoE connection, use {{ic|1=nm-connection-editor}} and add new DSL/PPPoE connection.<br />
<br />
=== VPN support ===<br />
<br />
NetworkManager since version 1.16 has native support for [[WireGuard]], all it needs is the {{ic|wireguard}} kernel module. Read the [https://blogs.gnome.org/thaller/2019/03/15/wireguard-in-networkmanager/ WireGuard in NetworkManager blog post] for details.<br />
<br />
Support for other VPN types is based on a plug-in system. They are provided in the following packages:<br />
<br />
* {{Pkg|networkmanager-openconnect}} for [[OpenConnect]]<br />
* [[networkmanager-openvpn]] for [[OpenVPN]]<br />
* {{Pkg|networkmanager-pptp}} for [[PPTP Client]]<br />
* {{Pkg|networkmanager-vpnc}} for [[Vpnc]]<br />
* {{Pkg|networkmanager-strongswan}} for [[strongSwan]]<br />
* {{AUR|networkmanager-fortisslvpn-git}}<br />
* {{AUR|networkmanager-iodine-git}}<br />
* {{AUR|networkmanager-libreswan}}<br />
* {{AUR|networkmanager-l2tp}}<br />
* {{AUR|networkmanager-ssh-git}}<br />
* {{Pkg|network-manager-sstp}}<br />
<br />
{{Warning|1=There are a lot of [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues?search=VPN&state=opened bugs] (and [https://bugzilla.gnome.org/buglist.cgi?bug_status=__open__&content=VPN&product=NetworkManager old bugs]) related to VPN support. Check the daemon processes options set via the GUI correctly and double-check with each package release.}}<br />
<br />
{{Note|To have fully functioning DNS resolution when using VPN, you should set up [[#DNS caching and conditional forwarding|conditional forwarding]].}}<br />
<br />
== Usage ==<br />
<br />
NetworkManager comes with {{man|1|nmcli}} and {{man|1|nmtui}}.<br />
<br />
=== nmcli examples ===<br />
<br />
List nearby wifi networks:<br />
<br />
$ nmcli device wifi list<br />
<br />
Connect to a wifi network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password''<br />
<br />
Connect to a hidden network:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' hidden yes<br />
<br />
Connect to a wifi on the {{ic|wlan1}} wifi interface:<br />
<br />
$ nmcli device wifi connect ''SSID'' password ''password'' ifname wlan1 ''profile_name''<br />
<br />
Disconnect an interface:<br />
<br />
$ nmcli device disconnect ifname eth0<br />
<br />
Reconnect an interface marked as disconnected:<br />
<br />
$ nmcli connection up uuid ''UUID''<br />
<br />
Get a list of UUIDs:<br />
<br />
$ nmcli connection show<br />
<br />
See a list of network devices and their state:<br />
<br />
$ nmcli device<br />
<br />
Turn off wifi:<br />
<br />
$ nmcli radio wifi off<br />
<br />
=== Edit a connection ===<br />
<br />
For a comprehensive list of settings, see {{man|5|nm-settings}}.<br />
<br />
Firstly you need to get list of connections:<br />
<br />
{{hc|$ nmcli connection|<nowiki><br />
NAME UUID TYPE DEVICE<br />
Wired connection 2 e7054040-a421-3bef-965d-bb7d60b7cecf ethernet enp5s0<br />
Wired connection 1 997f2782-f0fc-301d-bfba-15421a2735d8 ethernet enp0s25<br />
MY-HOME-WIFI-5G 92a0f7b3-2eba-49ab-a899-24d83978f308 wifi --<br />
</nowiki>}}<br />
<br />
Here you can use the first column as connection-id used later. In this example we pick {{ic|Wired connection 2}} as a connection-id.<br />
<br />
You have three methods to configure a connection {{ic|Wired connection 2}} after it has been created:<br />
<br />
; nmcli interactive editor<br />
: {{ic|nmcli connection edit 'Wired connection 2'}}.<br> Usage is well documented from the editor.<br />
<br />
; nmcli command line interface<br />
: {{ic|nmcli connection modify 'Wired connection 2' ''setting''.''property'' ''value''}}. See {{man|1|nmcli}} for usage. For example you can change its IPv4 route metric to 200 using {{ic|nmcli connection modify 'Wired connection 2' ipv4.route-metric 200}} command.<br />
<br />
; Connection file<br />
: In {{ic|/etc/NetworkManager/system-connections/}}, modify the corresponding {{ic|Wired connection 2.nmconnection}} file .<br> Do not forget to reload the configuration file with {{ic|nmcli connection reload}}.<br />
<br />
== Front-ends ==<br />
<br />
To configure and have easy access to NetworkManager, most users will want to install an applet. This GUI front-end usually resides in the system tray (or notification area) and allows network selection and configuration of NetworkManager. Various desktop environments have their own applet. Otherwise you can use [[#nm-applet]].<br />
<br />
=== GNOME ===<br />
<br />
[[GNOME]] has a built-in tool, accessible from the Network settings.<br />
<br />
=== KDE Plasma ===<br />
<br />
[[Install]] the {{Pkg|plasma-nm}} package. After that, add it to the KDE taskbar via the ''Panel options > Add widgets > Networks'' menu.<br />
<br />
=== nm-applet ===<br />
<br />
{{Pkg|network-manager-applet}} is a GTK 3 front-end which works under Xorg environments with a systray.<br />
<br />
To store connection secrets install and configure [[GNOME/Keyring]].<br />
<br />
Be aware that after enabling the tick-box option {{ic|Make available to other users}} for a connection, NetworkManager stores the password in plain-text, though the respective file is accessible only to root (or other users via {{ic|nm-applet}}). See [[#Encrypted Wi-Fi passwords]].<br />
<br />
In order to run {{ic|nm-applet}} without a systray, you can use {{Pkg|trayer}} or {{Pkg|stalonetray}}. For example, you can add a script like this one in your path:<br />
<br />
{{hc|nmgui|<nowiki><br />
#!/bin/sh<br />
nm-applet 2>&1 > /dev/null &<br />
stalonetray 2>&1 > /dev/null<br />
killall nm-applet<br />
</nowiki>}}<br />
<br />
When you close the ''stalonetray'' window, it closes {{ic|nm-applet}} too, so no extra memory is used once you are done with network settings.<br />
<br />
The applet can show notifications for events such as connecting to or disconnecting from a WiFi network. For these notifications to display, ensure that you have a notification server installed - see [[Desktop notifications]]. If you use the applet without a notification server, you might see some messages in stdout/stderr, and the app might hang. See [https://bugzilla.gnome.org/show_bug.cgi?id=788313].<br />
<br />
In order to run {{ic|nm-applet}} with such notifications disabled, start the applet with the following command:<br />
<br />
$ nm-applet --no-agent<br />
<br />
{{Tip|{{ic|nm-applet}} might be started automatically with a [[XDG Autostart|autostart desktop file]], to add the --no-agent option modify the Exec line there, i.e.<br />
<br />
{{bc|1=Exec=nm-applet --no-agent}}<br />
<br />
}}<br />
<br />
{{Warning|On [[i3]], if nm-applet is started with the {{ic|--no-agent}} option, it is not possible to connect to a new encrypted WiFi network by clicking on the item list because no password input dialogue window will pop out. [[journal]] will show {{ic|no secrets: No agents were available for this request}}.}}<br />
<br />
==== Appindicator ====<br />
<br />
Appindicator support is available in ''nm-applet'' however it is not compiled into the official package, see {{Bug|51740}}. To use nm-applet in an Appindicator environment, replace {{Pkg|network-manager-applet}} with {{AUR|network-manager-applet-indicator}} and then start the applet with the following command:<br />
<br />
$ nm-applet --indicator<br />
<br />
=== networkmanager-dmenu ===<br />
<br />
Alternatively there is {{AUR|networkmanager-dmenu-git}} which is a small script to manage NetworkManager connections with [[dmenu]] or [[rofi]] instead of {{ic|nm-applet}}. It provides all essential features such as connection to existing NetworkManager wifi or wired connections, connect to new wifi connections, requests passphrase if required, connect to existing VPN connections, enable/disable networking, launch ''nm-connection-editor'' GUI, connect to Bluetooth networks.<br />
<br />
== Configuration ==<br />
<br />
NetworkManager will require some additional steps to be able run properly. Make sure you have configured {{ic|/etc/hosts}} as described in [[Network configuration#Set the hostname]] section.<br />
<br />
=== Enable NetworkManager ===<br />
<br />
NetworkManager is [[systemd#Using units|controlled]] with the {{ic|NetworkManager.service}} [[systemd]] unit. Once the NetworkManager daemon is started, it will automatically connect to any available "system connections" that have already been configured. Any "user connections" or unconfigured connections will need ''nmcli'' or an applet to configure and connect.<br />
<br />
NetworkManager has a global configuration file at {{ic|/etc/NetworkManager/NetworkManager.conf}}. Addition configuration files can be placed in {{ic|/etc/NetworkManager/conf.d/}}. Usually no configuration needs to be done to the global defaults.<br />
<br />
After editing a configuration file, the changes can be applied by running:<br />
<br />
# nmcli general reload<br />
<br />
=== Enable NetworkManager Wait Online ===<br />
<br />
{{Out of date|{{ic|NetworkManager.service}} has {{ic|1=Also=NetworkManager-wait-online.service}} in the {{ic|[Install]}} section.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/167e42a87e97ed7fb26a4263c22f1774716ac51b] If {{ic|NetworkManager.service}} was [[enable]]d before the change, it needs to be [[enable|reenabled]].}}<br />
<br />
If you have services which fail if they are started before the network is up, you may use {{ic|NetworkManager-wait-online.service}} in addition to {{ic|NetworkManager.service}}. This is, however, rarely necessary because most networked daemons start up okay, even if the network has not been configured yet.<br />
<br />
In some cases, the service will still fail to start successfully on boot due to the timeout setting in {{ic|/usr/lib/systemd/system/NetworkManager-wait-online.service}} being too short. Change the default timeout from 30 to a higher value.<br />
<br />
=== Set up PolicyKit permissions ===<br />
<br />
See [[General troubleshooting#Session permissions]] for setting up a working session.<br />
<br />
With a working session, you have several options for granting the necessary privileges to NetworkManager:<br />
<br />
* ''Option 1.'' Run a [[Polkit]] authentication agent when you log in, such as {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). You will be prompted for your password whenever you add or remove a network connection.<br />
* ''Option 2.'' [[Users and groups#Group management|Add]] yourself to the {{ic|wheel}} group. You will not have to enter your password, but your user account may be granted other permissions as well, such as the ability to use [[sudo]] without entering the root password.<br />
* ''Option 3.'' [[Users and groups#Group management|Add]] yourself to the {{ic|network}} group and create the following file:<br />
<br />
{{hc|/etc/polkit-1/rules.d/50-org.freedesktop.NetworkManager.rules|<nowiki><br />
polkit.addRule(function(action, subject) {<br />
if (action.id.indexOf("org.freedesktop.NetworkManager.") == 0 && subject.isInGroup("network")) {<br />
return polkit.Result.YES;<br />
}<br />
});<br />
</nowiki>}}<br />
<br />
: All users in the {{ic|network}} group will be able to add and remove networks without a password. This will not work under [[systemd]] if you do not have an active session with ''systemd-logind''.<br />
<br />
=== Proxy settings ===<br />
<br />
NetworkManager does not directly handle proxy settings, but if you are using [[GNOME]] or [[KDE]], you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] which handles proxy settings using NetworkManager's information. proxydriver is found in the package {{AUR|proxydriver}}.<br />
<br />
In order for ''proxydriver'' to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (see [[GNOME#Autostart]]).<br />
<br />
xhost +si:localuser:''username''<br />
<br />
See also [[Proxy settings]].<br />
<br />
=== Checking connectivity ===<br />
<br />
NetworkManager can try to reach a page on Internet when connecting to a network. {{Pkg|networkmanager}} is configured by default in {{ic|/usr/lib/NetworkManager/conf.d/20-connectivity.conf}} to check connectivity to archlinux.org. To use a different webserver or disable connectivity checking create {{ic|/etc/NetworkManager/conf.d/20-connectivity.conf}}, see {{man|5|NetworkManager.conf|CONNECTIVITY SECTION}}. Below is an example of using GNOME servers (it does not require the use of [[GNOME]]):<br />
<br />
{{hc|/etc/NetworkManager/conf.d/20-connectivity.conf|<nowiki><br />
[connectivity]<br />
uri=http://nmcheck.gnome.org/check_network_status.txt<br />
</nowiki>}}<br />
<br />
=== Captive portals ===<br />
<br />
{{Style|Complex scripts should not be maintained on the wiki.}}<br />
<br />
For those behind a [[Wikipedia:Captive portal|captive portal]], the desktop manager may automatically open a window asking for credentials. If your desktop does not, you can use {{Pkg|capnet-assist}} package (however, it currently it has a broken NetworkManager dispatcher script). Alternatively, you can create a NetworkManager dispatcher script with the following content:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/90-open_captive_portal|<nowiki><br />
#!/bin/sh -e<br />
# Script to dispatch NetworkManager events<br />
#<br />
# Runs shows a login webpage on walled garden networks.<br />
# See NetworkManager(8) for further documentation of the dispatcher events.<br />
<br />
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin<br />
<br />
if [ -x "/usr/bin/logger" ]; then<br />
logger="/usr/bin/logger -s -t captive-portal"<br />
else<br />
logger=":"<br />
fi<br />
<br />
wait_for_process() {<br />
PNAME=$1<br />
while [ -z "$(/usr/bin/pgrep $PNAME)" ]; do<br />
sleep 3;<br />
done<br />
}<br />
<br />
#launch the browser, but on boot we need to wait that nm-applet starts<br />
start_browser() {<br />
local user="$1"<br />
local display="$2"<br />
<br />
export DISPLAY="$display"<br />
wait_for_process nm-applet<br />
<br />
export XAUTHORITY="/home/$user/.Xauthority"<br />
<br />
$logger "Running browser as '$user' with display '$display' to login in captive portal"<br />
sudo -u "$user" --preserve-env=DISPLAY,XAUTHORITY -H xdg-open http://capnet.elementary.io 2>&1 > /dev/null<br />
}<br />
<br />
# Run the right scripts<br />
case "$2" in<br />
connectivity-change)<br />
$logger -p user.debug "dispatcher script triggered on connectivity change: $CONNECTIVITY_STATE"<br />
if [ "$CONNECTIVITY_STATE" = "PORTAL" ]; then<br />
# Match last column of who's output with ' :[at least one digit] '<br />
who | awk '$NF ~ /\(:[0-9]+\)/ { print $1 " " substr($NF, 2, length($NF)-2) };' | \<br />
while read user display; do<br />
start_browser $user $display || $logger -p user.err "Failed for user: '$user' display: '$display'"<br />
done<br />
fi<br />
;;<br />
*)<br />
# In a down phase<br />
exit 0<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
You will need to [[restart]] {{ic|NetworkManager.service}} or reboot for this to start working. Once you do, the dispatcher script should open a login window once it detects you are behind a captive portal.<br />
<br />
Another solution is {{AUR|captive-browser-git}} based on Google Chrome.<br />
<br />
=== DHCP client ===<br />
<br />
By default NetworkManager uses its internal DHCP client. The internal DHCPv4 plugin is based on the [https://nettools.github.io/n-dhcp4/ nettools' n-dhcp4] library, while the internal DHCPv6 plugin is made from code based on systemd-networkd.<br />
<br />
To use a different DHCP client [[install]] one of the alternatives:<br />
<br />
* {{Pkg|dhclient}} - ISC’s DHCP client.<br />
* {{Pkg|dhcpcd}} - [[dhcpcd]]. <br />
<br />
{{Note|<br />
* NetworkManger does not support using dhcpcd for IPv6. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/5 NetworkManager issue #5]. If dhcpcd is set as the DHCP client, NetworkManager will use the internal DHCP client for DHCPv6.<br />
* Do not enable the systemd units shipped with the {{Pkg|dhclient}} and {{Pkg|dhcpcd}} packages. They will conflict with NetworkManager, see the note in [[#Installation]] for details.<br />
}}<br />
<br />
To change the DHCP client backend, set the option {{ic|1=main.dhcp=''dhcp_client_name''}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}. E.g.:<br />
<br />
{{hc|1=/etc/NetworkManager/conf.d/dhcp-client.conf|2=<br />
[main]<br />
dhcp=dhclient<br />
}}<br />
<br />
=== DNS management ===<br />
<br />
NetworkManager's DNS management is described in the GNOME project's wiki page—[https://wiki.gnome.org/Projects/NetworkManager/DNS Projects/NetworkManager/DNS].<br />
<br />
==== DNS caching and conditional forwarding ====<br />
<br />
NetworkManager has a plugin to enable DNS caching and conditional forwarding ([https://gitlab.freedesktop.org/NetworkManager/NetworkManager/merge_requests/143 previously] called "split DNS" in NetworkManager's documentation) using [[dnsmasq]] or [[systemd-resolved]]. The advantages of this setup is that DNS lookups will be cached, shortening resolve times, and DNS lookups of VPN hosts will be routed to the relevant VPN's DNS servers. This is especially useful if you are connected to more than one VPN.<br />
<br />
===== dnsmasq =====<br />
<br />
Make sure {{Pkg|dnsmasq}} has been installed. Then set {{ic|1=main.dns=dnsmasq}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=dnsmasq<br />
}}<br />
<br />
Now run {{ic|nmcli general reload}} as root. NetworkManager will automatically start dnsmasq and add {{ic|127.0.0.1}} to {{ic|/etc/resolv.conf}}. The original DNS servers can be found in {{ic|/run/NetworkManager/no-stub-resolv.conf}}. You can verify dnsmasq is being used by doing the same DNS lookup twice with {{ic|drill example.com}} and verifying the server and query times.<br />
<br />
{{Note|<br />
* You do not need to start {{ic|dnsmasq.service}} or edit {{ic|/etc/dnsmasq.conf}}. NetworkManager will start dnsmasq without using the systemd service and without reading the dnsmasq's default configuration file(s).<br />
* The dnsmasq instance started by NetworkManager will bind to {{ic|127.0.0.1:53}}, you cannot run any other software (including {{ic|dnsmasq.service}}) on the same address and port.<br />
}}<br />
<br />
====== Custom dnsmasq configuration ======<br />
<br />
Custom configurations can be created for ''dnsmasq'' by creating configuration files in {{ic|/etc/NetworkManager/dnsmasq.d/}}. For example, to change the size of the DNS cache (which is stored in RAM):<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/cache.conf|2=<br />
cache-size=1000<br />
}}<br />
<br />
{{Tip|Check the configuration file syntax with {{ic|1=dnsmasq --test --conf-file=/dev/null --conf-dir=/etc/NetworkManager/dnsmasq.d}}.}}<br />
<br />
See {{man|8|dnsmasq}} for all available options.<br />
<br />
====== IPv6 ======<br />
<br />
{{Accuracy|This does not solve the issue because NetworkManager does not add {{ic|::1}} to {{ic|/etc/resolv.conf}}. Unless {{ic|@::1}} is manually passed to drill, it will still fail with {{ic|Error: error sending query: No (valid) nameservers defined in the resolver}}.}}<br />
<br />
Enabling {{ic|dnsmasq}} in NetworkManager may break IPv6-only DNS lookups (i.e. {{ic|drill -6 [hostname]}}) which would otherwise work. In order to resolve this, creating the following file will configure ''dnsmasq'' to also listen to the IPv6 loopback:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/ipv6-listen.conf|2=<br />
listen-address=::1<br />
}}<br />
<br />
In addition, {{ic|dnsmasq}} also does not prioritize upstream IPv6 DNS. Unfortunately NetworkManager does not do this ([https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/936712 Ubuntu Bug]). A workaround would be to disable IPv4 DNS in the NetworkManager config, assuming one exists<br />
<br />
====== DNSSEC ======<br />
<br />
The dnsmasq instance started by NetworkManager by default will not validate [[DNSSEC]] since it is started with the {{ic|--proxy-dnssec}} option. It will trust whatever DNSSEC information it gets from the upstream DNS server.<br />
<br />
For dnsmasq to properly validate DNSSEC, thus breaking DNS resolution with name servers that do not support it, create the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/dnsmasq.d/dnssec.conf|2=<br />
conf-file=/usr/share/dnsmasq/trust-anchors.conf<br />
dnssec<br />
}}<br />
<br />
===== systemd-resolved =====<br />
<br />
{{Expansion|NetworkManager 1.16 adds a new setting {{ic|main.systemd-resolved}}[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383] (enabled by default). It unconditionally sends DNS configuration to systemd-resolved. Related to "Preserving resolv.conf" from [[systemd-resolved#DNS]]?}}<br />
<br />
NetworkManager can use [[systemd-resolved]] as a DNS resolver and cache. Make sure that ''systemd-resolved'' is properly configured and that {{ic|systemd-resolved.service}} is [[started]] before using it.<br />
<br />
systemd-resolved will be used automatically if {{ic|/etc/resolv.conf}} is a [[Systemd-resolved#DNS|symlink]] to {{ic|/run/systemd/resolve/stub-resolv.conf}}, {{ic|/run/systemd/resolve/resolv.conf}} or {{ic|/usr/lib/systemd/resolv.conf}}.<br />
<br />
You can enable it explicitly by setting {{ic|1=main.dns=systemd-resolved}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=systemd-resolved<br />
}}<br />
<br />
===== DNS resolver with an openresolv subscriber =====<br />
<br />
If [[openresolv]] has a subscriber for your local [[DNS resolver]], set up the subscriber and [[#Use openresolv|configure NetworkManager to use openresolv]].<br />
<br />
Because NetworkManager advertises a single "interface" to ''resolvconf'', it is not possible to implement conditional forwarding between to NetworkManager connections. See [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 NetworkManager issue 153].<br />
<br />
This can be partially mitigated if you set {{ic|1=private="*"}} in {{ic|/etc/resolvconf.conf}}[https://roy.marples.name/projects/openresolv/configuration.html]. Any queries for domains that are not in search domain list will not get forwarded. They will be handled according to the local resolver's configuration, for example, forwarded to another DNS server or resolved recursively from the DNS root.<br />
<br />
==== Custom DNS servers ====<br />
<br />
===== Setting custom global DNS servers =====<br />
<br />
To set DNS servers for all connections, specify them in {{man|5|NetworkManager.conf}} using the syntax {{ic|1=servers=''serveripaddress1'',''serveripaddress2'',''serveripaddress3''}} in a section named {{ic|[global-dns-domain-*]}}. For example:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns-servers.conf|2=<br />
[global-dns-domain-*]<br />
servers=::1,127.0.0.1<br />
}}<br />
<br />
{{Note|<br />
* If you use [[#DNS caching and conditional forwarding|NetworkManager's dnsmasq or systemd-resolved plugin]] or [[#DNS resolver with an openresolv subscriber|openresolv subscribers]], then do not specify loopback addresses with the {{ic|1=servers=}} option, it can break DNS resolution.<br />
* The specified servers do not get sent to [[systemd-resolved]], the connection's DNS servers are used instead.<br />
}}<br />
<br />
===== Setting custom DNS servers in a connection =====<br />
<br />
====== Setting custom DNS servers in a connection (GUI) ======<br />
<br />
Setup will depend on the type of front-end used; the process usually involves right-clicking on the applet, editing (or creating) a profile, and then choosing DHCP type as ''Automatic (specify addresses)''. The DNS addresses will need to be entered and are usually in this form: {{ic|127.0.0.1, ''DNS-server-one'', ...}}.<br />
<br />
====== Setting custom DNS servers in a connection (nmcli / connection file) ======<br />
<br />
To setup DNS Servers per connection, you can use the {{ic|dns}} field (and the associated {{ic|dns-search}} and {{ic|dns-options}}) in the [[#Edit a connection|connection settings]]. <br />
<br />
If {{ic|method}} is set to {{ic|auto}} (when you use DHCP), you need to set {{ic|ignore-auto-dns}} to {{ic|yes}}.<br />
<br />
==== /etc/resolv.conf ====<br />
<br />
By default {{ic|/etc/resolv.conf}} is managed by ''NetworkManager'' unless it is a symlink.<br />
<br />
It can be configured to write it through [[#Use openresolv|openresolv]] or to [[#Unmanaged /etc/resolv.conf|not touch it at all]].<br />
<br />
Using openresolv allows NetworkManager to coexists with other ''resolvconf'' supporting software or, for example, to run a local DNS caching and split-DNS resolver for which openresolv has a [[openresolv#Subscribers|subscriber]].<br />
<br />
{{Note|Conditional forwarding is [https://gitlab.freedesktop.org/NetworkManager/NetworkManager/issues/153 not yet fully supported] when using NetworkManager with openresolv.}}<br />
<br />
''NetworkManager'' also offers hooks via so called dispatcher scripts that can be used to alter the {{ic|/etc/resolv.conf}} after network changes. See [[#Network services with NetworkManager dispatcher]] and {{man|8|NetworkManager}} for more information.<br />
<br />
{{Note|<br />
* If NetworkManager is configured to use either [[#dnsmasq|dnsmasq]] or [[#systemd-resolved|systemd-resolved]], then the appropriate loopback addresses will be written to {{ic|/etc/resolv.conf}}.<br />
* The {{ic|resolv.conf}} file NetworkManager writes or would write to {{ic|/etc/resolv.conf}} can be found at {{ic|/run/NetworkManager/resolv.conf}}.<br />
* A {{ic|resolv.conf}} file with the acquired name servers and search domains can be found at {{ic|/run/NetworkManager/no-stub-resolv.conf}}.<br />
}}<br />
<br />
===== Unmanaged /etc/resolv.conf =====<br />
<br />
To stop NetworkManager from touching {{ic|/etc/resolv.conf}}, set {{ic|1=main.dns=none}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/dns.conf|2=<br />
[main]<br />
dns=none<br />
}}<br />
<br />
{{Tip|You might also want to set {{ic|1=main.systemd-resolved=false}}, so that NetworkManager does not send the DNS configuration to [[systemd-resolved]].}}<br />
<br />
{{Note|See [[#DNS caching and conditional forwarding]], to configure NetworkManager using other DNS backends like [[dnsmasq]] and [[systemd-resolved]], instead of using {{ic|1=main.dns=none}}.}}<br />
<br />
After that {{ic|/etc/resolv.conf}} might be a broken symlink that you will need to remove. Then, just create a new {{ic|/etc/resolv.conf}} file.<br />
<br />
===== Use openresolv =====<br />
<br />
{{Note|Do not set {{ic|1=rc-manager=resolvconf}} when {{Pkg|systemd-resolvconf}} is installed. ''systemd-resolved'' provides limited support for the ''resolvconf'' interface and NetworkManager supports communicating with systemd-resolved through D-Bus without using ''resolvconf''.}}<br />
<br />
To configure NetworkManager to use [[openresolv]], set {{ic|1=main.rc-manager=resolvconf}} with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/rc-manager.conf|2=<br />
[main]<br />
rc-manager=resolvconf<br />
}}<br />
<br />
=== Firewall ===<br />
<br />
You can assign a [[firewalld]] zone based on your current connection. For example a restrictive firewall when at work, and a less restrictive one when at home.<br />
<br />
This can also be done with [[#Network services with NetworkManager dispatcher|NetworkManager dispatcher]].<br />
<br />
== Network services with NetworkManager dispatcher ==<br />
<br />
There are quite a few network services that you will not want running until NetworkManager brings up an interface. NetworkManager has the ability to start services when you connect to a network and stop them when you disconnect (e.g. when using [[NFS]], [[SMB]] and [[NTPd]]).<br />
<br />
To activate the feature you need to [[enable]] and [[start]] the {{ic|NetworkManager-dispatcher.service}}.<br />
<br />
Once the service is active, scripts can be added to the {{ic|/etc/NetworkManager/dispatcher.d}} directory.<br />
<br />
Scripts must be owned by '''root''', otherwise the dispatcher will not execute them. For added security, set group [[ownership]] to root as well:<br />
<br />
# chown root:root /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
Make sure the file has correct permissions:<br />
<br />
# chmod 755 /etc/NetworkManager/dispatcher.d/''10-script.sh''<br />
<br />
The scripts will be run in alphabetical order at connection time, and in reverse alphabetical order at disconnect time. To ensure what order they come up in, it is common to use numerical characters prior to the name of the script (e.g. {{ic|10-portmap}} or {{ic|30-netfs}} (which ensures that the ''portmapper'' is up before NFS mounts are attempted).<br />
<br />
Scripts will receive the following arguments:<br />
<br />
* '''Interface name:''' e.g. {{ic|eth0}}<br />
* '''Interface status:''' ''up'' or ''down''<br />
* '''VPN status:''' ''vpn-up'' or ''vpn-down''<br />
<br />
{{Warning|If you connect to foreign or public networks, be aware of what services you are starting and what servers you expect to be available for them to connect to. You could make a security hole by starting the wrong services while connected to a public network.}}<br />
<br />
=== Avoiding the dispatcher timeout ===<br />
<br />
If the above is working, then this section is not relevant. However, there is a general problem related to running dispatcher scripts which take longer to be executed. Initially an internal timeout of three seconds only was used. If the called script did not complete in time, it was killed. Later the timeout was extended to about 20 seconds (see the [https://bugzilla.redhat.com/show_bug.cgi?id=982734 Bugtracker] for more information). If the timeout still creates the problem, a work around may be to modify the dispatcher service file {{ic|/usr/lib/systemd/system/NetworkManager-dispatcher.service}} to remain active after exit: <br />
<br />
{{hc|/etc/systemd/system/NetworkManager-dispatcher.service.d/remain_after_exit.conf|2=<br />
[Service]<br />
RemainAfterExit=yes<br />
}}<br />
<br />
Now start and enable the modified {{ic|NetworkManager-dispatcher}} service.<br />
<br />
{{Warning|Adding the {{ic|RemainAfterExit}} line to it will prevent the dispatcher from closing. Unfortunately, the dispatcher '''has''' to close before it can run your scripts again. With it the dispatcher will not time out but it also will not close, which means that the scripts will only run once per boot. Therefore, do not add the line unless the timeout is definitely causing a problem.}}<br />
<br />
=== Dispatcher examples ===<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export {{ic|SSH_AUTH_SOCK}} in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 this message] for more information. The example below works with [[GNOME Keyring]], and will ask you for the password if not unlocked already. In case NetworkManager connects automatically on login, it is likely ''gnome-keyring'' has not yet started and the export will fail (hence the sleep). The {{ic|UUID}} to match can be found with the command {{ic|nmcli connection status}} or {{ic|nmcli connection list}}. <br />
<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
USER='username'<br />
REMOTE='user@host:/remote/path'<br />
LOCAL='/local/path'<br />
<br />
interface=$1 status=$2<br />
if [ "$CONNECTION_UUID" = "</nowiki>''uuid''<nowiki>" ]; then<br />
case $status in<br />
up)<br />
SSH_AUTH_SOCK=$(find /tmp -maxdepth 1 -type s -user "$USER" -name 'ssh')<br />
export SSH_AUTH_SOCK<br />
su "$USER" -c "sshfs $REMOTE $LOCAL"<br />
;;<br />
down)<br />
fusermount -u "$LOCAL"<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
==== Mounting of SMB shares ====<br />
<br />
Some [[SMB]] shares are only available on certain networks or locations (e.g. at home). You can use the dispatcher to only mount SMB shares that are present at your current location.<br />
<br />
The following script will check if we connected to a specific network and mount shares accordingly:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-mount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
# Find the connection UUID with "nmcli connection show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
if [ "$2" = "up" ]; then<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
mount /your/mount/point & <br />
# add more shares as needed<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
The following script will unmount all SMB shares before a software initiated disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/pre-down.d/30-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|Make sure this script is located in the {{ic|pre-down.d}} sub-directory as shown above, otherwise it will unmount all shares on any connection state change.}}<br />
<br />
The following script will attempt to unmount all SMB shares following an unexpected disconnect from a specific network:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/40-umount-smb.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$CONNECTION_UUID" = "uuid" ]; then<br />
if [ "$2" = "down" ]; then<br />
umount -a -l -t cifs<br />
fi<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|<br />
* Since NetworkManager 0.9.8, the ''pre-down'' and ''down'' events are not executed on shutdown or restart, see [https://bugzilla.gnome.org/show_bug.cgi?id&#61;701242 this bug report] for more info.<br />
* The previous ''umount'' scripts are still prone to leaving applications actually accessing the mount to 'hang'.<br />
}}<br />
<br />
An alternative is to use the script as seen in [[NFS#Using a NetworkManager dispatcher]]:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/30-smb.sh|<nowiki><br />
#!/bin/bash<br />
<br />
# Find the connection UUID with "nmcli con show" in terminal.<br />
# All NetworkManager connection types are supported: wireless, VPN, wired...<br />
WANTED_CON_UUID="CHANGE-ME-NOW-9c7eff15-010a-4b1c-a786-9b4efa218ba9"<br />
<br />
if [[ "$CONNECTION_UUID" == "$WANTED_CON_UUID" ]]; then<br />
<br />
# Script parameter $1: NetworkManager connection name, not used<br />
# Script parameter $2: dispatched event<br />
<br />
case "$2" in<br />
"up")<br />
mount -a -t cifs<br />
;;<br />
"pre-down");&<br />
"vpn-pre-down")<br />
umount -l -a -t cifs >/dev/null<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|This script ignores mounts with the {{ic|noauto}} option, remove this mount option or use {{ic|auto}} to allow the dispatcher to manage these mounts.}}<br />
<br />
Create a symlink inside {{ic|/etc/NetworkManager/dispatcher.d/pre-down/}} to catch the {{ic|pre-down}} events:<br />
<br />
# ln -s ../30-smb.sh /etc/NetworkManager/dispatcher.d/pre-down.d/30-smb.sh<br />
<br />
==== Mounting of NFS shares ====<br />
<br />
See [[NFS#Using a NetworkManager dispatcher]].<br />
<br />
==== Use dispatcher to automatically toggle wireless depending on LAN cable being plugged in ====<br />
<br />
The idea is to only turn Wi-Fi on when the LAN cable is unplugged (for example when detaching from a laptop dock), and for Wi-Fi to be automatically disabled, once a LAN cable is plugged in again. <br />
<br />
Create the following dispatcher script[https://superuser.com/questions/233448/disable-wlan-if-wired-cable-network-is-available], replacing {{ic|1=LAN_interface}} with yours.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/wlan_auto_toggle.sh|<nowiki><br />
#!/bin/sh<br />
<br />
if [ "$1" = "LAN_interface" ]; then<br />
case "$2" in<br />
up)<br />
nmcli radio wifi off<br />
;;<br />
down)<br />
nmcli radio wifi on<br />
;;<br />
esac<br />
fi<br />
</nowiki>}}<br />
<br />
{{Note|You can get a list of interfaces using [[#nmcli examples|nmcli]]. The ethernet (LAN) interfaces start with {{ic|en}}, e.g. {{ic|1=enp0s5}}}}<br />
<br />
==== Use dispatcher to connect to a VPN after a network connection is established ====<br />
<br />
In this example we want to connect automatically to a previously defined VPN connection after connecting to a specific Wi-Fi network. First thing to do is to create the dispatcher script that defines what to do after we are connected to the network.<br />
<br />
{{Note|This script will require {{Pkg|wireless_tools}} in order to use {{ic|iwgetid}}.}}<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME"<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
If you would like to attempt to automatically connect to VPN for all Wi-Fi networks, you can use the following definition of the ESSID: {{ic|1=ESSID=$(iwgetid -r)}}. Remember to set the script's permissions [[#Network services with NetworkManager dispatcher|accordingly]]. <br />
<br />
Trying to connect with the above script may still fail with {{ic|NetworkManager-dispatcher.service}} complaining about 'no valid VPN secrets', because of [https://developer.gnome.org/NetworkManager/0.9/secrets-flags.html the way VPN secrets are stored]. Fortunately, there are different options to give the above script access to your VPN password.<br />
<br />
1: One of them requires editing the VPN connection configuration file to make NetworkManager store the secrets by itself rather than inside a keyring [https://bugzilla.redhat.com/show_bug.cgi?id=710552 that will be inaccessible for root]: open up {{ic|/etc/NetworkManager/system-connections/''name of your VPN connection''}} and change the {{ic|password-flags}} and {{ic|secret-flags}} from {{ic|1}} to {{ic|0}}.<br />
<br />
If that alone does not work, you may have to create a {{ic|passwd-file}} in a safe location with the same permissions and ownership as the dispatcher script, containing the following:<br />
<br />
{{hc|/path/to/passwd-file|<br />
vpn.secrets.password:YOUR_PASSWORD<br />
}}<br />
<br />
The script must be changed accordingly, so that it gets the password from the file:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/vpn-up|<nowiki><br />
#!/bin/sh<br />
VPN_NAME="name of VPN connection defined in NetworkManager"<br />
ESSID="Wi-Fi network ESSID (not connection name)"<br />
<br />
interface=$1 status=$2<br />
case $status in<br />
up|vpn-down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
nmcli connection up id "$VPN_NAME" passwd-file /path/to/passwd-file<br />
fi<br />
;;<br />
down)<br />
if iwgetid | grep -qs ":\"$ESSID\""; then<br />
if nmcli connection show --active | grep "$VPN_NAME"; then<br />
nmcli connection down id "$VPN_NAME"<br />
fi<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
2: Alternatively, change the {{ic|password-flags}} and put the password directly in the configuration file adding the section {{ic|vpn-secrets}}:<br />
<br />
[vpn]<br />
....<br />
password-flags=0<br />
<br />
[vpn-secrets]<br />
password=''your_password''<br />
<br />
{{Note|It may now be necessary to re-open the NetworkManager connection editor and save the VPN passwords/secrets again.}}<br />
<br />
==== Use dispatcher to disable IPv6 on VPN provider connections ====<br />
<br />
Many [[:Category:VPN providers|commercial VPN providers]] support only IPv4. That means all IPv6 traffic bypasses the VPN and renders it virtually useless. To avoid this, dispatcher can be used to disable all IPv6 traffic for the time a VPN connection is up.<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/10-vpn-ipv6|<nowiki><br />
#!/bin/sh<br />
<br />
case "$2" in<br />
vpn-up)<br />
echo 1 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
vpn-down)<br />
echo 0 > /proc/sys/net/ipv6/conf/all/disable_ipv6<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== OpenNTPD ====<br />
<br />
See [[OpenNTPD#Using NetworkManager dispatcher]].<br />
<br />
== Testing ==<br />
<br />
NetworkManager applets are designed to load upon login so no further configuration should be necessary for most users. If you have already disabled your previous network settings and disconnected from your network, you can now test if NetworkManager will work. The first step is to [[start]] {{ic|NetworkManager.service}}.<br />
<br />
Some applets will provide you with a {{ic|.desktop}} file so that the NetworkManager applet can be loaded through the application menu. If it does not, you are going to either have to discover the command to use or logout and login again to start the applet. Once the applet is started, it will likely begin polling network connections with for auto-configuration with a DHCP server.<br />
<br />
To start the GNOME applet in non-xdg-compliant window managers like [[awesome]]:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IP addresses, you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted Wi-Fi passwords ===<br />
<br />
By default, NetworkManager stores passwords in clear text in the connection files at {{ic|/etc/NetworkManager/system-connections/}}. To print the stored passwords, use the following command:<br />
<br />
# grep -r '^psk=' /etc/NetworkManager/system-connections/<br />
<br />
The passwords are accessible to the root user in the filesystem and to users with access to settings via the GUI (e.g. {{ic|nm-applet}}). <br />
<br />
It is preferable to save the passwords in encrypted form in a keyring instead of clear text. The downside of using a keyring is that the connections have to be set up for each user.<br />
<br />
==== Using GNOME Keyring ====<br />
<br />
The keyring daemon has to be started and the keyring needs to be unlocked for the following to work.<br />
<br />
Furthermore, NetworkManager needs to be configured not to store the password for all users. Using GNOME {{ic|nm-applet}}, run {{ic|nm-connection-editor}} from a terminal, select a network connection, click {{ic|Edit}}, select the {{ic|Wifi-Security}} tab and click on the right icon of password and check {{ic|Store the password only for this user}}.<br />
<br />
==== Using KDE Wallet ====<br />
<br />
Using KDE's {{Pkg|plasma-nm}}, click the applet, click on the top right {{ic|Settings}} icon, click on a network connection, in the {{ic|General settings}} tab, untick {{ic|all users may connect to this network}}. If the option is ticked, the passwords will still be stored in clear text, even if a keyring daemon is running.<br />
<br />
If the option was selected previously and you un-tick it, you may have to use the {{ic|reset}} option first to make the password disappear from the file. Alternatively, delete the connection first and set it up again.<br />
<br />
=== Sharing internet connection over Wi-Fi ===<br />
<br />
You can share your internet connection (e.g. 3G or wired) with a few clicks. Please note that a [[firewall]] may interfere with internet sharing.<br />
<br />
You will need a Wi-Fi card which supports AP mode, see [[Software access point#Wi-Fi device must support AP mode]] for details.<br />
<br />
[[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
<br />
Create the shared connection:<br />
<br />
* Click on applet and choose ''Create new wireless network''.<br />
* Follow wizard (chose WPA2 or higher, be sure to use at least 8 character long password, lower lengths will fail).<br />
** Choose either [[Fedora:Features/RealHotspot|Hotspot]] or Ad-hoc as Wi-Fi mode.<br />
<br />
The connection will be saved and remain stored for the next time you need it.<br />
<br />
{{Note|Android does not support connecting to Ad-hoc networks. To share a connection with Android use infrastructure mode (i.e. set Wi-Fi mode to "Hotspot").}}<br />
<br />
=== Sharing internet connection over Ethernet ===<br />
<br />
Scenario: your device has internet connection over wi-fi and you want to share the internet connection to other devices over ethernet.<br />
<br />
Requirements:<br />
<br />
* [[Install]] the {{Pkg|dnsmasq}} package to be able to actually share the connection.<br />
* Your internet connected device and the other devices are connected over a suitable ethernet cable (this usually means a cross over cable or a switch in between).<br />
* Internet sharing is not blocked by a [[firewall]].<br />
<br />
Steps:<br />
<br />
{{Style|{{Pkg|nm-connection-editor}} is not a dependency of {{Pkg|networkmanager}} and needs to be installed separately.}}<br />
<br />
* Run {{ic|nm-connection-editor}} from terminal.<br />
* Add a new ethernet connection.<br />
* Give it some sensible name. For example "Shared Internet"<br />
* Go to "IPv4 Settings".<br />
* For "Method:" select "Shared to other computers".<br />
* Save<br />
<br />
Now you should have a new option "Shared Internet" under the Wired connections in NetworkManager.<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
{{Out of date|''nm-tool'' was remove from NetworkManager for long time now[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/bb8c75bd536d4f8fb80a4366025a279078f0ec81]. ''nmcli'' should be used instead.}}<br />
<br />
Some ''cron'' jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's ''nm-tool'' and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network.<br />
<br />
{{bc|<nowiki><br />
if [ $(nm-tool|grep State|cut -f2 -d' ') == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
</nowiki>}}<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs ''fpupdate'' for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from ''nm-tool''; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Connect to network with secret on boot ===<br />
<br />
By default, NetworkManager will not connect to networks requiring a secret automatically on boot. This is because it locks such connections to the user who makes it by default, only connecting after they have logged in. To change this, do the following:<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
{{Remove|Out of scope of this article.}}<br />
<br />
NetworkManager requires access to the login keyring to connect to networks requiring a secret. Under most circumstances, this keyring is unlocked automatically at login, but if it is not, and NetworkManager is not connecting on login, you can try the following.<br />
<br />
==== GNOME ====<br />
<br />
{{Merge|GNOME/Keyring|Out of scope of the NetworkManager article.}}<br />
<br />
{{Out of date|The following method is dated and known not to work on at least one machine.}}<br />
<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== SLiM login manager ====<br />
<br />
{{Remove|A note in [[SLiM#Gnome Keyring]] says that staring with slim 1.3.5-1 no configuration is required.}}<br />
<br />
See [[SLiM#Gnome Keyring]].<br />
<br />
=== OpenConnect with password in KWallet ===<br />
<br />
While you may type both values at connection time, {{Pkg|plasma-nm}} 0.9.3.2-1 and above are capable of retrieving OpenConnect username and password directly from [[KWallet]].<br />
<br />
Open "KDE Wallet Manager" and look up your OpenConnect VPN connection under "Network Management|Maps". Click "Show values" and <br />
enter your credentials in key "VpnSecrets" in this form (replace ''username'' and ''password'' accordingly):<br />
<br />
form:main:username%SEP%''username''%SEP%form:main:password%SEP%''password''<br />
<br />
Next time you connect, username and password should appear in the "VPN secrets" dialog box.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them. You can quickly and easily ignore devices by MAC or interface-name by using the following in {{ic|/etc/NetworkManager/conf.d/unmanaged.conf}}:<br />
<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4;interface-name:eth0<br />
<br />
After editing the file, run {{ic|nmcli general reload}} as root. Afterwards you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
=== Configuring MAC address randomization ===<br />
<br />
{{Note|1=Disabling MAC address randomization may be needed to get (stable) link connection [https://bbs.archlinux.org/viewtopic.php?id=220101] and/or networks that restrict devices based on their MAC Address or have a limit network capacity.}}<br />
<br />
MAC randomization can be used for increased privacy by not disclosing your real MAC address to the network.<br />
<br />
NetworkManager supports two types MAC Address Randomization: randomization during scanning, and for network connections. Both modes can be configured by modifying {{ic|/etc/NetworkManager/NetworkManager.conf}} or by creating a separate configuration file in {{ic|/etc/NetworkManager/conf.d/}} which is recommended since the aforementioned config file may be overwritten by NetworkManager.<br />
<br />
Randomization during Wi-Fi scanning is enabled by default, but it may be disabled by adding the following lines to {{ic|/etc/NetworkManager/NetworkManager.conf}} or a dedicated configuration file under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device]<br />
wifi.scan-rand-mac-address=no<br />
}}<br />
<br />
MAC randomization for network connections can be set to different modes for both wireless and ethernet interfaces. See the [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details on the different modes. <br />
<br />
In terms of MAC randomization the most important modes are {{ic|stable}} and {{ic|random}}. {{ic|stable}} generates a random MAC address when you connect to a new network and associates the two permanently. This means that you will use the same MAC address every time you connect to that network. In contrast, {{ic|random}} will generate a new MAC address every time you connect to a network, new or previously known. You can configure the MAC randomization by adding the desired configuration under {{ic|/etc/NetworkManager/conf.d}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_rand_mac.conf|2=<br />
[device-mac-randomization]<br />
# "yes" is already the default for scanning<br />
wifi.scan-rand-mac-address=yes<br />
<br />
[connection-mac-randomization]<br />
# Randomize MAC for every ethernet connection<br />
ethernet.cloned-mac-address=random<br />
# Generate a random MAC for each WiFi and associate the two permanently.<br />
wifi.cloned-mac-address=stable<br />
}}<br />
<br />
See the following [https://blogs.gnome.org/thaller/2016/08/26/mac-address-spoofing-in-networkmanager-1-4-0/ GNOME blog post] for more details.<br />
<br />
=== Enable IPv6 Privacy Extensions ===<br />
<br />
See [[IPv6#NetworkManager]].<br />
<br />
=== Working with wired connections ===<br />
<br />
By default, NetworkManager generates a connection profile for each wired ethernet connection it finds. At the point when generating the connection, it does not know whether there will be more ethernet adapters available. Hence, it calls the first wired connection "Wired connection 1". You can avoid generating this connection, by configuring {{ic|no-auto-default}} (see {{man|5|NetworkManager.conf}}), or by simply deleting it. Then NetworkManager will remember not to generate a connection for this interface again.<br />
<br />
You can also edit the connection (and persist it to disk) or delete it. NetworkManager will not re-generate a new connection. Then you can change the name to whatever you want. You can use something like nm-connection-editor for this task.<br />
<br />
=== Using iwd as the Wi-Fi backend ===<br />
<br />
Install {{AUR|networkmanager-iwd}} or enable the experimental [[iwd]] backend creating the following configuration file:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/wifi_backend.conf|2=<br />
[device]<br />
wifi.backend=iwd<br />
}}<br />
<br />
=== Running in a network namespace ===<br />
<br />
If you would like to run NetworkManager inside a network namespace (eg to only manage a specific device), bring down the network interface before moving it to the namespace, otherwise NetworkManager will fail to establish the connection with a {{ic|device is strictly unmanaged}} error.<br />
<br />
== Troubleshooting ==<br />
<br />
=== No prompt for password of secured Wi-Fi networks ===<br />
<br />
When trying to connect to a secured Wi-Fi network, no prompt for a password is shown and no connection is established. This happens when no keyring package is installed. An easy solution is to install {{Pkg|gnome-keyring}}. If you want the passwords to be stored in encrypted form, follow [[GNOME Keyring]] to set up the ''gnome-keyring-daemon''.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully; you see a ppp0 interface with the correct VPN IP address, but you cannot even ping the remote IP address. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install the {{AUR|ppp-mppe}}{{Broken package link|{{aur-mirror|ppp-mppe}}}} package.<br />
<br />
See also [[WPA2 Enterprise#MS-CHAPv2]].<br />
<br />
=== Network management disabled ===<br />
<br />
When NetworkManager shuts down but the pid (state) file is not removed, you will see a {{ic|Network management disabled}} message. If this happens, remove the file manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
=== Problems with internal DHCP client ===<br />
<br />
If you have problems with getting an IP address using the internal DHCP client, consider using another DHCP client, see [[#DHCP client]] for instructions. This workaround might solve problems in big wireless networks like eduroam.<br />
<br />
=== DHCP problems with dhclient ===<br />
<br />
If you have problems with getting an IP address via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:''aa:bb:cc:dd:ee:ff'';<br />
}<br />
<br />
Where {{ic|''aa:bb:cc:dd:ee:ff''}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show ''interface''}} command from the {{Pkg|iproute2}} package.<br />
<br />
=== 3G modem not detected ===<br />
<br />
See [[USB 3G Modem#NetworkManager]].<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your Wi-Fi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with ''rfkill''. To check if the driver notifies ''rfkill'' about the wireless adapter's status, use:<br />
<br />
$ watch -n1 rfkill list all<br />
<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP address settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to a static IP address, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP address settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} ('''not''' as root). In the connection editor, edit the default connection (e.g. "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set up PolicyKit permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden networks are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/''SSID''<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in GNOME ===<br />
<br />
When setting up OpenConnect or vpnc connections in NetworkManager while using GNOME, you will sometimes never see the dialog box pop up and the following error appears in {{ic|/var/log/errors.log}}:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the GNOME NM Applet expecting dialog scripts to be at {{ic|/usr/lib/gnome-shell}}, when NetworkManager's packages put them in {{ic|/usr/lib/networkmanager}}.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
* For OpenConnect: {{ic|ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/}}<br />
* For VPNC (i.e. Cisco VPN): {{ic|ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/}}<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
=== Unable to connect to visible European wireless networks ===<br />
<br />
WLAN chips are shipped with a default [[Wireless network configuration#Respecting the regulatory domain|regulatory domain]]. If your access point does not operate within these limitations, you will not be able to connect to the network. Fixing this is easy:<br />
<br />
# [[Install]] {{Pkg|crda}}<br />
# Uncomment the correct Country Code in {{ic|/etc/conf.d/wireless-regdom}}<br />
# Reboot the system, because the setting is only read on boot<br />
<br />
=== Automatic connect to VPN on boot is not working ===<br />
<br />
The problem occurs when the system (i.e. NetworkManager running as the root user) tries to establish a VPN connection, but the password is not accessible because it is stored in the GNOME keyring of a particular user. <br />
<br />
A solution is to keep the password to your VPN in plaintext, as described in step (2.) of [[#Use dispatcher to connect to a VPN after a network connection is established]]. <br />
<br />
You do not need to use the dispatcher described in step (1.) to auto-connect anymore, if you use the new "auto-connect VPN" option from the {{ic|nm-applet}} GUI.<br />
<br />
=== Systemd Bottleneck ===<br />
<br />
Over time the log files ({{ic|/var/log/journal}}) can become very large. This can have a big impact on boot performance when using NetworkManager, see: [[Systemd#Boot time increasing over time]].<br />
<br />
=== Regular network disconnects, latency and lost packets (WiFi) ===<br />
<br />
NetworkManager does a scan every 2 minutes.<br />
<br />
Some WiFi drivers have issues when scanning for base stations whilst connected/associated. Symptoms include VPN disconnects/reconnects and lost packets, web pages failing to load and then refresh fine.<br />
<br />
Running {{ic|journalctl -f}} will indicate that this is taking place, messages like the following will be contained in the logs at regular intervals.<br />
<br />
NetworkManager[410]: <info> (wlp3s0): roamed from BSSID 00:14:48:11:20:CF (my-wifi-name) to (none) ((none))<br />
<br />
There is a patched version of NetworkManager which should prevent this type of scanning: {{AUR|networkmanager-noscan}}.<br />
<br />
Alternatively, if roaming is not important, the periodic scanning behavior can be disabled by locking the BSSID of the access point in the WiFi connection profile.<br />
<br />
=== Unable to turn on wi-fi with Lenovo laptop (IdeaPad, Legion, etc.) ===<br />
<br />
There is an issue with the {{ic|ideapad_laptop}} module on some Lenovo models due to the wi-fi driver incorrectly reporting a soft block. The card can still be manipulated with {{ic|netctl}}, but managers like NetworkManager break. You can verify that this is the problem by checking the output of {{ic|rfkill list}} after toggling your hardware switch and seeing that the soft block persists.<br />
<br />
{{Accuracy|Try to use {{ic|rfkill.default_state}} and {{ic|rfkill.master_switch_mode}} (see [https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/kernel-parameters.txt kernel-parameters.txt]) to fix the rfkill problem.}}<br />
<br />
[[modprobe|Unloading]] the {{ic|ideapad_laptop}} module should fix this. ('''warning''': this may disable the laptop keyboard and touchpad also!).<br />
<br />
=== Turn off hostname sending ===<br />
<br />
NetworkManager by default sends the hostname to the DHCP server. Hostname sending can only be disabled per connection not globally ([https://bugzilla.gnome.org/show_bug.cgi?id=768076 GNOME Bug 768076]).<br />
<br />
To disable sending your hostname to the DHCP server for a specific connection, add the following to your network connection file:<br />
<br />
{{hc|/etc/NetworkManager/system-connections/''your_connection_file''|2=<br />
...<br />
[ipv4]<br />
dhcp-send-hostname=false<br />
...<br />
[ipv6]<br />
dhcp-send-hostname=false<br />
...<br />
}}<br />
<br />
=== nm-applet disappears in i3wm ===<br />
<br />
If you use the {{ic|xfce4-notifyd.service}} for notifications you must [[edit]] the unit and add the following:<br />
<br />
{{hc|/etc/systemd/user/xfce4-notifyd.service.d/display_env.conf|2=<br />
[Service]<br />
Environment="DISPLAY=:0.0"<br />
}}<br />
<br />
After reloading the daemons [[restart]] {{ic|xfce4-notifyd.service}}. Exit i3 and start it back up again and the applet should show on the tray.<br />
<br />
=== nm-applet tray icons display wrongly ===<br />
<br />
Currently the tray icons of nm-applet are drawn on top of one another, i.e. the icon displaying wireless strength might show on top of the icon indicating no wired connection.<br />
This is apparently a GTK3 bug/problem: https://gitlab.gnome.org/GNOME/gtk/issues/1280 .<br />
<br />
A patched version of GTK3 exists in AUR, which apparently fixes the tray icon bug: {{AUR|gtk3-mushrooms}} .<br />
<br />
=== Unit dbus-org.freedesktop.resolve1.service not found ===<br />
<br />
If {{ic|systemd-resolved.service}} is not started, NetworkManager will try to start it using D-Bus and fail:<br />
<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
dbus-daemon[991]: [system] Activation via systemd failed for unit 'dbus-org.freedesktop.resolve1.service': Unit dbus-org.freedesktop.resolve1.service not found.<br />
dbus-daemon[991]: [system] Activating via systemd: service name='org.freedesktop.resolve1' unit='dbus-org.freedesktop.resolve1.service' requested by ':1.23' (uid=0 pid=1012 comm="/usr/bin/NetworkManager --no-daemon ")<br />
<br />
This is because NetworkManager will try to send DNS information to [[systemd-resolved]] regardless of the {{ic|1=main.dns=}} setting in {{man|5|NetworkManager.conf}}.[https://gitlab.freedesktop.org/NetworkManager/NetworkManager/commit/d4eb4cb45f41b1751cacf71da558bf8f0988f383]<br />
<br />
This can be disabled with a configuration file in {{ic|/etc/NetworkManager/conf.d/}}:<br />
<br />
{{hc|/etc/NetworkManager/conf.d/no-systemd-resolved.conf|2=<br />
[main]<br />
systemd-resolved=false<br />
}}<br />
<br />
See {{Bug|62138}}.<br />
<br />
== See also ==<br />
<br />
* [https://blogs.gnome.org/dcbw/2015/02/16/networkmanager-for-administrators-part-1/ NetworkManager for Administrators Part 1]<br />
* [[Wikipedia:NetworkManager]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=Talk:Anything-sync-daemon&diff=592284Talk:Anything-sync-daemon2019-12-20T20:47:44Z<p>DarioP: add question</p>
<hr />
<div>I find the content of the "Asd or Psd" section a bit disturbing, I think that it should be expanded in order to address questions such as:<br />
<br />
- What are the suggested sanity checks?<br />
<br />
- In which cases they are *really* required?<br />
<br />
- Does this only affect browsers or potentially other applications too?<br />
<br />
- What exactly can be safely synced and what not?<br />
<br />
[[User:DarioP|DarioP]] ([[User talk:DarioP|talk]]) 20:47, 20 December 2019 (UTC)</div>DarioPhttps://wiki.archlinux.org/index.php?title=Talk:Anything-sync-daemon&diff=592283Talk:Anything-sync-daemon2019-12-20T20:42:32Z<p>DarioP: Initiated talk about Asd or Psd section</p>
<hr />
<div>I find the content of the "Asd or Psd" section a bit disturbing, I think that it should be expanded in order to address questions such as:<br />
<br />
- What are the suggested sanity checks?<br />
<br />
- In which cases they are *really* required?<br />
<br />
- Does this only affect browsers or potentially other applications too?<br />
<br />
[[User:DarioP|DarioP]] ([[User talk:DarioP|talk]]) 20:42, 20 December 2019 (UTC)</div>DarioPhttps://wiki.archlinux.org/index.php?title=X11vnc&diff=562120X11vnc2019-01-06T21:51:00Z<p>DarioP: Added SDDM section</p>
<hr />
<div>[[Category:Security]]<br />
[[Category:Remote desktop]]<br />
[[ja:X11vnc]]<br />
[[zh-hans:X11vnc]]<br />
{{Related articles start}}<br />
{{Related|TigerVNC}}<br />
{{Related articles end}}<br />
[[Wikipedia:x11vnc|x11vnc]] is a VNC server, it allows one to view remotely and interact with real X displays (i.e. a display corresponding to a physical monitor, keyboard, and mouse) with any VNC viewer. While it is not developed any longer by its original author Karl Runge, ''LibVNC'' and the GitHub community have taken over the development.<br />
<br />
''x11vnc'' does not create an extra display (or X desktop) for remote control. Instead, it shows in real time the existing X11 display, unlike ''Xvnc'', part of [[TigerVNC]], which is an alternatives VNC server available in the [[official repositories]].<br />
<br />
== Setting up x11vnc ==<br />
<br />
=== Installation ===<br />
<br />
Install {{Pkg|x11vnc}} from the official repositories.<br />
<br />
=== Starting ===<br />
<br />
First, start X either by ''startx'' or through a [[display manager]]. You may need to set up X to [[Headless With X|run headless]] too.<br />
<br />
Then, run the following command, all available options are explained in {{man|1|x11vnc}}.<br />
$ x11vnc -display :0<br />
<br />
Another option is to place the x11vnc command line in a script which is called at login, for example:<br />
<br />
x11vnc -wait 50 -noxdamage -passwd PASSWORD -display :0 -forever -o /var/log/x11vnc.log -bg<br />
<br />
{{Note|The password "PASSWORD" above is not secured; anyone who can run {{ic|ps}} on the machine will see it. Also note that {{ic|/var/log/x11vnc.log}} needs to be created manually and its ownership needs to match that of the user who will run it.}}<br />
<br />
==== Setting X authority ====<br />
<br />
You may set an X authority file for the VNC server. This is accomplished by using the {{ic|-auth}} argument followed by the appropriate file, which will depend on how your X server was started. Generally, assigning an X authority file requires running ''x11vnc'' as root.<br />
<br />
===== Start X =====<br />
<br />
$ x11vnc -display :0 -auth ~/.Xauthority<br />
If that fails, you may have to run instead (as root):<br />
# x11vnc -display :0 -auth /home/''user''/.Xauthority<br />
Where ''user'' is the username of the user who is running the X server.<br />
<br />
===== GDM =====<br />
<br />
{{Note|Newer GDM packages ship with Xwayland as the default display server backend. The following instructions, however, only apply when using Xorg (else {{ic|.Xauthority}} is not created, and ''x11vnc'' fails to start). You are therefore advised to uncomment {{ic|<nowiki>#WaylandEnable=false</nowiki>}} setting in {{ic|/etc/gdm/custom.conf}} in order to proceed.}} <br />
<br />
# x11vnc -display :0 -auth /var/lib/gdm/:0.Xauth<br />
<br />
Newer versions of GDM uses /run/user. Example for user 120 (gdm), used for login screen.<br />
<br />
# x11vnc -display :0 -auth /run/user/120/gdm/Xauthority<br />
<br />
or see [[#Troubleshooting|Troubleshooting]] section below<br />
<br />
===== SLIM =====<br />
<br />
# x11vnc -display :0 -auth /var/run/slim.auth<br />
<br />
{{Warning|This will set up VNC with NO PASSWORD. This means that ANYBODY who has access to the network the computer is on CAN SEE YOUR XSERVER. It is a fairly simple matter to tunnel your VNC connection through SSH to avoid this. Or, simply set a password, as described below.}}<br />
<br />
{{Note|The password will only encrypt the login process itself. The transmission is still unencrypted[http://security.web.cern.ch/security/ssh/encrypt_vnc.htm].}}<br />
<br />
===== LXDM =====<br />
<br />
# x11vnc -display :0 -auth /var/run/lxdm/lxdm-\:0.auth<br />
<br />
===== SDDM =====<br />
<br />
SDDM uses an unpredictable UUID for the auth file [https://github.com/sddm/sddm/issues/622] therefore one needs to:<br />
<br />
# x11vnc -display :0 -auth $(find /var/run/sddm/ -type f)<br />
<br />
Embedding this into a systemd .service file will require a trick to evaluate the find command as shown here [https://gist.github.com/nickjacob/9909574].<br />
<br />
=== Setting a password ===<br />
<br />
$ mkdir ~/.x11vnc<br />
$ x11vnc -storepasswd ''password'' ~/.x11vnc/passwd<br />
<br />
To connect using the stored password use the {{ic|-rfbauth}} argument and point to the passwd file you created, like so:<br />
$ x11vnc -display :0 -rfbauth ~/.x11vnc/passwd <br />
Your viewer should prompt for a password when connecting.<br />
<br />
=== Running constantly ===<br />
By default, x11vnc will accept the first VNC session and shutdown when the session disconnects.<br />
In order to avoid that, start x11vnc with either the {{ic|-many}} or the {{ic|-forever}} argument, like this:<br />
$ x11vnc -many -display :0<br />
<br />
It is also possible to use the following command :<br />
<br />
$ x11vnc --loop<br />
<br />
this will restart the server once the session is finished<br />
<br />
=== Accessing ===<br />
<br />
Get a VNC client on another computer, and type in the IP address of the computer running x11vnc. Hit connect, and you should be set.<br />
<br />
If you are attempting to access a VNC server / computer (running x11vnc) from outside of its network then you will need to ensure that it has port 5900 forwarded.<br />
<br />
== SSH Tunnel ==<br />
<br />
You need to have [[SSH]] installed and configured.<br />
<br />
Use the {{ic|-localhost}} flag with x11vnc for it to bind to the local interface. Once that is done, you can use SSH to tunnel the port; then, connect to VNC through SSH.<br />
<br />
Simple example (from http://www.karlrunge.com/x11vnc/index.html#tunnelling ):<br />
$ ssh -t -L 5900:localhost:5900 remote_host 'x11vnc -localhost -display :0'<br />
<br />
(You will likely have to provide passwords/passphrases to login from your current location into your remote_host Unix account; we assume you have a login account on remote_host and it is running the SSH server)<br />
<br />
And then in another terminal window on your current machine run the command:<br />
<br />
$ vncviewer -PreferredEncoding=ZRLE localhost:0<br />
<br />
== Troubleshooting ==<br />
<br />
1. You can check your ip address and make sure port 5900 is forwarded by visiting [http://www.realvnc.com/cgi-bin/nettest.cgi this] website.<br />
<br />
{{Accuracy}}<br />
<br />
2. Tested only on [[GNOME]] + [[GDM]]<br />
<br />
If you cannot start the tunnel, and get error like XOpenDisplay(":0") failed,<br />
Check if you have a {{ic|~/.Xauthority}} directory.<br />
If that does not exist, You can create one easily (Actually a symlink to actual one) by running command given below as normal user NOT ROOT OR USING [[Sudo]] as below:<br />
<br />
$ ln -sv $(dirname $(xauth info | awk '/Authority file/{print $3}')) ~/.Xauthority<br />
<br />
then try above [[#SSH Tunnel|tunneling]] example and it should work fine.<br />
Further if you want this to be automatically done each time [[Xorg]] is restarted, create the [[Xprofile]] file & make is executable as below<br />
<br />
$ ln -sf $(dirname $(xauth info | awk '/Authority file/{print $3}')) ~/.Xauthority<br />
<br />
3.''' GNOME 3''' and '''x11vnc'''<br />
<br />
If you are using GNOME 3 and x11vnc and you get the following errors<br />
<br />
*** XOpenDisplay failed (:0) <br />
<br />
*** x11vnc was unable to open the X DISPLAY: ":0", it cannot continue.<br />
<br />
Try running x11vnc like<br />
<br />
$ x11vnc -noxdamage -many -display :0 -auth /var/run/gdm/$(sudo ls /var/run/gdm | grep $(whoami))/database -forever -bg<br />
<br />
Please update if this works / not works for any other [[display manager]] or [[desktop environment]].<br />
<br />
4. Screensaver problem<br />
<br />
If screensaver starts every 1-2 second, start x11vnc with -nodpms key.<br />
<br />
==See also==<br />
* [http://www.karlrunge.com/x11vnc/ original author site]<br />
* https://github.com/LibVNC/x11vnc<br />
* [[Wikipedia:x11vnc]]</div>DarioPhttps://wiki.archlinux.org/index.php?title=Tinc&diff=549410Tinc2018-10-21T10:40:50Z<p>DarioP: </p>
<hr />
<div>[[Category:Virtual Private Network]]<br />
[[ja:Tinc]]<br />
{{Warning|Vulnerabilities have been discovered in version 1.0.34 [http://tinc-vpn.org/security/]. A newer version is already available in the repository, make sure to upgrade!}}<br />
{{Expansion|Explain (or link to) network basics, tun/tap devices, ... for a better understanding. Add explanation how to expand the configuration to add another host.}}<br />
{{Style|See [[Help:Style]] and related.}}<br />
<br />
[http://tinc-vpn.org/ tinc] is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet.<br />
<br />
== Installation ==<br />
<br />
[[Install]] the {{Pkg|tinc}} package.<br />
<br />
== Configuring a private network ==<br />
<br />
In this example, we will create a virtual private network ''vpnname'' between two hosts ''alpha'' and ''beta'', where the former is the entry point for the latter, so that beta tries to connect to alpha on startup.<br />
<br />
For each virtual private network you have to create a separate directory {{ic|/etc/tinc/''network''}}.<br />
<br />
You can also start by copying the sample configuration<br />
# cp -r /usr/share/tinc/examples/sample-config/* /etc/tinc/''vpnname''<br />
<br />
In /etc/tinc/''vpnname''/tinc.conf you specify the name of the hostmachine (which can differ from the actual hostname of the system) and the location of the tun/tap device.<br />
<br />
=== Configuration of alpha ===<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc.conf|2=<br />
Name = alpha<br />
Device = /dev/net/tun<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-up|<br />
#!/bin/sh<br />
ip link set $INTERFACE up<br />
ip addr add 192.168.0.1/24 dev $INTERFACE<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-down|<br />
#!/bin/sh<br />
ip addr del 192.168.0.1/24 dev $INTERFACE<br />
ip link set $INTERFACE down<br />
}}<br />
<br />
{{ic|tinc-up}} and {{ic|tinc-down}} need to be made [[executable]].<br />
<br />
=== Configuration of beta ===<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc.conf|2=<br />
Name = beta<br />
Device = /dev/net/tun<br />
ConnectTo = alpha<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-up|<br />
#!/bin/sh<br />
ip link set $INTERFACE up<br />
ip addr add 192.168.0.2/24 dev $INTERFACE<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-down|<br />
#!/bin/sh<br />
ip addr del 192.168.0.2/24 dev $INTERFACE<br />
ip link set $INTERFACE down<br />
}}<br />
<br />
{{ic|tinc-up}} and {{ic|tinc-down}} need to be made [[executable]].<br />
<br />
=== Setting up the hosts ===<br />
<br />
The configuration files for the different hosts are stored in /etc/tinc/''vpnname''/hosts/ directory. In this example we need the two files on each machine.<br />
<br />
{{hc|/etc/tinc/''vpnname''/hosts/alpha|2=<br />
Address = 10.0.0.1<br />
Port = 655<br />
Subnet = 192.168.0.1/32<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/hosts/beta|2=<br />
Port = 655<br />
Subnet = 192.168.0.2/32<br />
}}<br />
<br />
After creating a file for each host, you have to generate a key pair using<br />
# tincd -n ''vpnname'' -K<br />
which creates the private key in /etc/tinc/''vpnname''/tinc.rsa_key.priv and the public key in the corresponding host-file.<br />
<br />
In the last step you need to exchange the host configuration files, so that you have both alpha and beta in /etc/tinc/''vpnname''/hosts/ on each host.<br />
<br />
== Starting a private network ==<br />
<br />
After having created the appropriate configuration in /etc/tinc/''vpnname'', you can test the the new private network with<br />
# tincd -n ''vpnname''<br />
<br />
If you want to enable it at startup you can enable the appropriate service<br />
# systemctl enable tinc@''vpnname''<br />
<br />
== Using TAP devices and bridges ==<br />
Sometimes it is reasonable to use TAP devices instead of TUN devices. For example if you want to add the tinc device to an already existing bridge. Just add the "Mode" option to your tinc.conf.<br />
<br />
Remember to do that on '''every''' host.<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc.conf|2=<br />
Name = ''node''<br />
Mode = switch<br />
Device = /dev/net/tun<br />
ConnectTo = ''other''<br />
}}<br />
<br />
Possible tinc-up/down files could look like that:<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-up|<br />
#!/bin/sh<br />
ip link set $INTERFACE up<br />
brctl addif ''br0'' $INTERFACE<br />
}}<br />
<br />
{{hc|/etc/tinc/''vpnname''/tinc-down|<br />
#!/bin/sh<br />
brctl delif ''br0'' $INTERFACE<br />
ip link set $INTERFACE down<br />
}}<br />
<br />
And finally [[restart]] your tinc daemon: {{ic|tinc@''vpnname''}}.<br />
<br />
== Automatically Starting Tinc at boot ==<br />
<br />
Tinc can be configured to automatically start at boot time using systemd units.<br />
<br />
If you want to be able to start, stop or reload all of your networks at once, you have to enable the tinc service<br />
# systemctl enable tinc<br />
<br />
Then for each network that you want to automatically start, enable it individually<br />
# systemctl enable tinc@''vpnname''<br />
# systemctl enable tinc@''another_vpnname''<br />
...<br />
<br />
== Troubleshooting ==<br />
<br />
=== I've updated my system and now tinc won't start. ===<br />
In case of a linux kernel update you have to either restart your system or reinstall the running kernel package.<br />
<br />
=== I'm running a custom kernel and tinc won't start. ===<br />
<br />
Make sure you have [[OpenVPN#Kernel configuration|TUN/TAP support]] enabled.<br />
<br />
== See also ==<br />
<br />
* {{man|8|tincd}}<br />
* [https://tinc-vpn.org/docs/ tinc documentation]</div>DarioPhttps://wiki.archlinux.org/index.php?title=Steam&diff=355053Steam2015-01-02T22:50:32Z<p>DarioP: /* Launching games with custom commands, such as Bumblebee/Primus */</p>
<hr />
<div>[[Category:Gaming]]<br />
[[ja:Steam]]<br />
[[ru:Steam]]<br />
[[zh-CN:Steam]]<br />
{{Related articles start}}<br />
{{Related|Steam/Wine}}<br />
{{Related|Steam/Game-specific troubleshooting}}<br />
{{Related articles end}}<br />
From [[Wikipedia:Steam (software)|Wikipedia]]:<br />
: ''Steam is a digital distribution, digital rights management, multiplayer and communications platform developed by Valve Corporation. It is used to distribute games and related media online, from small independent developers to larger software houses.''<br />
<br />
[http://store.steampowered.com/about/ Steam] is best known as the platform needed to play Source Engine games (e.g. Half-Life 2, Counter-Strike). Today it offers many games from many other developers.<br />
<br />
== Installation ==<br />
<br />
{{Note|<br />
* Arch Linux is '''not''' [https://support.steampowered.com/kb_article.php?ref&#61;1504-QHXN-8366 officially supported].<br />
* Because the Steam client is a 32-bit application, you will need to enable the [[multilib]] repository if you have a 64-bit system. It may also make sense to install {{Grp|multilib-devel}} to provide some important multilib libraries.<br />
}}<br />
<br />
Steam can be installed with the package {{Pkg|steam}}, available in the [[official repositories]]. If you have a 64-bit system, enable the [[multilib]] repository first.<br />
<br />
Steam is not supported on this distribution. As such some fixes are needed on the users part to get things functioning properly:<br />
<br />
*Steam makes heavy usage of the Arial font. A decent Arial font to use is {{Pkg|ttf-liberation}} or [[#Text is corrupt or missing|the fonts provided by Steam]]. Asian languages require {{Pkg|wqy-zenhei}} to display properly.<br />
<br />
*'''If you have a 64-bit system, you will need to install [[Xorg#Driver installation|the 32-bit version of your graphics driver]] (the package in the ''Multilib Package'' column) to run 32-bit games'''.<br />
<br />
*If you have a 64-bit system, you will need to install {{pkg|lib32-alsa-plugins}} to enable sound in 32-bit games.<br />
<br />
*Several games have dependencies which may be missing from your system. If a game fails to launch (often without error messages) then make sure all of the libraries listed in [[Steam/Game-specific troubleshooting]] are installed.<br />
<br />
== Starting Steam ==<br />
<br />
=== Big Picture Mode (with a Display Manager) ===<br />
<br />
To start Steam in Big Picture Mode from a Display Manager (such as LightDM), create a {{ic|/usr/share/xsessions/steam-big-picture.desktop}} file with the following content:<br />
<br />
{{hc|/usr/share/xsessions/steam-big-picture.desktop|<nowiki><br />
[Desktop Entry]<br />
Name=Steam Big Picture Mode<br />
Comment=Start Steam in Big Picture Mode<br />
Exec='/usr/bin/steam -bigpicture'<br />
TryExec='/usr/bin/steam -bigpicture'<br />
Icon=<br />
Type=Application</nowiki>}}<br />
<br />
Alternatively, under Steam > Settings > Interface, check 'Start Steam in Big Picture Mode' and start Steam normally. This can behave slightly better with certain window managers than the command line option.<br />
<br />
=== Silent Mode ===<br />
<br />
If your steam main window is showing at startup, you can add the {{ic|-silent}} parameter to your startup command to hide the window:<br />
/usr/bin/steam -silent %U<br />
<br />
alternatively, you can edit the following desktop file, and manually add the parameter:<br />
<br />
{{hc|~/.config/autostart/steam.desktop|<nowiki><br />
[Desktop Entry]<br />
Name=Steam<br />
Comment=Application for managing and playing games on Steam<br />
Exec=/usr/bin/steam -silent %U<br />
Icon=steam<br />
Terminal=false<br />
Type=Application<br />
Categories=Network;FileTransfer;Game;<br />
MimeType=x-scheme-handler/steam;<br />
Actions=Store;Community;Library;Servers;Screenshots;News;Settings;BigPicture;Friends;<br />
...</nowiki>}}<br />
<br />
== Troubleshooting ==<br />
<br />
{{Note|In addition to being documented here, any bug/fix/error should be, if not already, reported on Valve's bug tracker on their [https://github.com/ValveSoftware/steam-for-linux GitHub page].}}<br />
<br />
=== Steam runtime issues ===<br />
<br />
[https://github.com/ValveSoftware/steam-runtime/issues/13 Upstream GitHub issue tracker]<br />
<br />
Steam ships with its own versions of some libraries (the "Steam Runtime") in an attempt to emulate the Ubuntu 12.04 environment in later versions of Ubuntu.<br />
<br />
However, some core libraries included in the Steam Runtime will often conflict with the newer versions of other libraries included in Arch Linux (such as drivers, and specifically the open-source [[ATI]] driver).<br />
<br />
You can work around this by deleting the Steam Runtime versions of these libraries, forcing Steam to fall back to the up-to-date system versions (the ones installed by [[pacman]]).<br />
<br />
Note that Steam will frequently re-install these runtime libraries when Steam is updated, so until [https://github.com/ValveSoftware/steam-runtime/issues/13 ValveSoftware/steam-runtime#13] is resolved, whenever Steam updates, you should exit, remove the libraries, and restart it again.<br />
<br />
Run this command to remove the runtime libraries known to cause issues on Arch Linux:<br />
<br />
{{bc|<br />
find ~/.steam/root/ \( -name "libgcc_s.so*" -o -name "libstdc++.so*" -o -name "libxcb.so*" \) -print -delete<br />
}}<br />
<br />
Examples of issues / error messages known to occur if these libraries are present:<br />
<br />
* {{ic|Failed to load libGL: undefined symbol: xcb_send_fd}}<br />
* {{ic|ERROR: ld.so: object '~/.local/share/Steam/ubuntu12_32/gameoverlayrenderer.so' from LD_PRELOAD cannot be preloaded (wrong ELF class: ELFCLASS32): ignored.}}<br />
* Problems with 64-bit games like XCOM<br />
* "OpenGL GLX context is not using direct rendering, which may cause performance problems." [[#OpenGL not using direct rendering / Steam crashes Xorg|(see below)]]<br />
* "Could not find required OpenGL entry point 'glGetError'! Either your video card is unsupported or your OpenGL driver needs to be updated."<br />
* The Steam client itself crashing<br />
<br />
Forum threads:<br />
<br />
* https://bbs.archlinux.org/viewtopic.php?id=181171<br />
* https://bbs.archlinux.org/viewtopic.php?id=183141<br />
<br />
See also [[#Using native runtime]] below.<br />
<br />
=== The close button only minimizes the window ===<br />
<br />
: Valve GitHub [https://github.com/ValveSoftware/steam-for-linux/issues/1025 issue 1025]<br />
<br />
To close the Steam window (and remove it from the taskbar) when you press '''x''', but keep Steam running in the tray, set the environment variable {{ic|STEAM_FRAME_FORCE_CLOSE}} to {{ic|1}}. You can do this by launching Steam using the following command.<br />
$ STEAM_FRAME_FORCE_CLOSE=1 steam<br />
<br />
If you start steam with the .desktop file, you need to replace the {{ic|Exec}} with following line:<br />
Exec=sh -c 'STEAM_FRAME_FORCE_CLOSE=1 steam' %U<br />
<br />
=== Flash not working on 64-bit systems ===<br />
<br />
: Steam Support [https://support.steampowered.com/kb_article.php?ref=1493-GHZB-7612 article]<br />
<br />
First ensure {{Pkg|lib32-flashplugin}} is installed. It should be working at this point, if not create a local Steam Flash plugin folder:<br />
$ mkdir ~/.steam/bin32/plugins/<br />
and set a symbolic link to the global lib32 flash plugin file in your upper new folder<br />
$ ln -s /usr/lib32/mozilla/plugins/libflashplayer.so ~/.steam/bin32/plugins/<br />
<br />
=== Flash audio not working on 64-bit systems ===<br />
<br />
If you don't have audio in the videos which play within the Steam Client and you're sure you have lib32-flashplugin installed correctly, it's possible Steam is using packaged ALSA libs which aren't working.<br />
<br />
If launching Steam from a terminal and attempting to playback a video within the steam client results in an error similar to the following:<br />
<br />
ALSA lib pcm_dmix.c:1018:(snd_pcm_dmix_open) unable to open slave<br />
<br />
There is a workaround which involves renaming or deleting some Steam Runtime folders and library files. The bugs have already been reported here: [https://github.com/ValveSoftware/steam-for-linux/issues/3376 #3376] and [https://github.com/ValveSoftware/steam-for-linux/issues/3504 #3504]<br />
<br />
The solution is to rename or delete the alsa-lib folder and the libasound.so.* files. They can be found within {{bc|~/.steam/steam/ubuntu12_32/steam-runtime/i386/usr/lib/i386-linux-gnu/}}<br />
<br />
=== Text is corrupt or missing ===<br />
<br />
The Steam Support [https://support.steampowered.com/kb_article.php?ref=1974-YFKL-4947 instructions] for Windows seem to work on Linux also.<br />
<br />
You can install them via {{AUR|steam-fonts}} from the [[AUR]], or manually by downloading and [[fonts#Manual installation|installing]] [https://support.steampowered.com/downloads/1974-YFKL-4947/SteamFonts.zip SteamFonts.zip].<br />
<br />
=== SetLocale('en_US.UTF-8') fails at game startup ===<br />
<br />
Uncomment {{ic|en_US.UTF-8 UTF-8}} in {{ic|/etc/locale.gen}} and then run {{ic|locale-gen}} as root.<br />
<br />
=== The game crashes immediately after start ===<br />
<br />
If your game crashes immediately, try disabling: ''"Enable the Steam Overlay while in-game"'' in game ''Properties''.<br />
<br />
=== OpenGL not using direct rendering / Steam crashes Xorg ===<br />
<br />
Sometimes presented with the error message "OpenGL GLX context is not using direct rendering, which may cause performance problems." [https://support.steampowered.com/kb_article.php?ref=9938-EYZB-7457]<br />
<br />
If you still encounter this problem after addressing [[#Steam runtime issues]], you have probably not installed your 32-bit graphics driver correctly. See [[Xorg#Driver installation]] for which packages to install.<br />
<br />
You can check/test if it is installed correctly by installing {{Pkg|lib32-mesa-demos}} and running the following command:<br />
<br />
$ glxinfo32 | grep OpenGL.<br />
<br />
=== No audio in certain games ===<br />
<br />
If there is no audio in certain games, and the suggestions provided in [[Steam/Game-specific troubleshooting]] do not fix the problem, [[#Using native runtime]] may provide a successful workaround. (See the note about "Steam Runtime issues" at the top of this section.)<br />
<br />
=== You are missing the following 32-bit libraries, and Steam may not run: libGL.so.1 ===<br />
<br />
You may encounter this error when you launch Steam at first time. Make sure you have installed the {{ic|lib32}} version of all your video drivers as described in [[#Installation]]<br />
<br />
In some cases, if you get this error after reinstalling your Nvidia proprietary drivers, or switching from a version to another, [[reinstall]] {{Pkg|lib32-nvidia-utils}} and {{Pkg|lib32-nvidia-libgl}}.<br />
<br />
=== Games do not launch on older intel hardware ===<br />
<br />
On older Intel hardware, if the game immediately crashes when run, it may be because your hardware does not directly support the latest OpenGL. It appears as a gameoverlayrenderer.so error in /tmp/dumps/mobile_stdout.txt, but looking in /tmp/gameoverlayrenderer.log it shows a GLXBadFBConfig error. <br />
<br />
This can be fixed, however, by forcing the game to use a later version of OpenGL than it wants. Right click on the game, select Properties. Then, click "Set Launch Options" in the "General" tab and paste the following:<br />
<br />
MESA_GL_VERSION_OVERRIDE=3.1 MESA_GLSL_VERSION_OVERRIDE=140 %command%<br />
<br />
== Launching games with custom commands, such as Bumblebee/Primus ==<br />
<br />
Steam has fortunately added support for launching games using your own custom command. To do so, navigate to the Library page, right click on the selected game, click Properties, and Set Launch Options. Steam replaces the tag {{ic|%command%}} with the command it actually wishes to run. For example, to launch Team Fortress 2 with primusrun and at resolution 1920x1080, you would enter:<br />
<br />
primusrun %command% -w 1920 -h 1080<br />
<br />
On some systems optirun gives better performances than primusrun, however some games may crash shortly after the launch. This may be fixed preloading the correct version of libGL. Use:<br />
<br />
locate libGL<br />
<br />
to find out the available implementations. For a 64 bits game you may want to preload the nvidia 64 bits libGL, then use the launch command:<br />
<br />
LD_PRELOAD=/usr/lib/nvidia/libGL.so optirun %command%<br />
<br />
If you are running the [[Linux-ck]] kernel, you may have some success in reducing overall latencies and improving performance by launching the game in SCHED_ISO (low latency, avoid choking CPU) via {{Pkg|schedtool}}<br />
<br />
# schedtool -I -e %command% ''other arguments''<br />
<br />
=== Killing standalone compositors when launching games ===<br />
<br />
Further to this, utilising the {{ic|%command%}} switch, you can kill standalone compositors (such as Xcompmgr or [[Compton]]) - which can cause lag and tearing in some games on some systems - and relaunch them after the game ends by adding the following to your game's launch options.<br />
<br />
killall compton && %command%; nohup compton &<br />
<br />
Replace {{ic|compton}} in the above command with whatever your compositor is. You can also add -options to {{ic|%command%}} or {{ic|compton}}, of course.<br />
<br />
Steam will latch on to any processes launched after {{ic|%command%}} and your Steam status will show as in game. So in this example, we run the compositor through {{ic|nohup}} so it is not attached to Steam (it will keep running if you close Steam) and follow it with an ampersand so that the line of commands ends, clearing your Steam status.<br />
<br />
== Using native runtime ==<br />
<br />
Steam, by default, ships with a copy of every library it uses, packaged within itself, so that games can launch without issue. This can be a resource hog, and the slightly out-of-date libraries they package may be missing important features (Notably, the OpenAL version they ship lacks HRTF and surround71 support). To use your own system libraries, you can run Steam with:<br />
<br />
$ STEAM_RUNTIME=0 steam<br />
<br />
However, if you are missing any libraries Steam makes use of, this will fail to launch properly. An easy way to find the missing libraries is to run the following commands:<br />
<br />
$ cd ~/.local/share/Steam/ubuntu12_32<br />
$ LD_LIBRARY_PATH=".:${LD_LIBRARY_PATH}" ldd $(file *|sed '/ELF/!d;s/:.*//g')|grep 'not found'|sort|uniq<br />
<br />
{{Note|The libraries will have to be 32-bit, which means you may have to download some from the AUR if on x86_64, such as NetworkManager.}}<br />
<br />
Once you have done this, run steam again with {{ic|1=STEAM_RUNTIME=0 steam}} and verify it is not loading anything outside of the handful of steam support libraries:<br />
<br />
$ cat /proc/$(pidof steam)/maps|sed '/\.local/!d;s/.* //g'|sort|uniq<br />
<br />
'''Convenience repository'''<br />
<br />
The unofficial [[Unofficial_user_repositories#alucryd-multilib|alucryd-multilib]] repository contains all libraries needed to run native steam on x86_64. Please note that, for some reason, steam does not pick up sdl2 or libav* even if you have them installed. It will still use the ones it ships with.<br />
<br />
All you need to install is the meta-package {{ic|steam-libs}}, it will pull all the libs for you. Please report if there is any missing library, the maintainer already had some lib32 packages installed so a library may have been overlooked.<br />
<br />
== Skins for Steam ==<br />
<br />
{{Note|Using skins that are not up-to-date with the version of the Steam client may cause visual errors.}}<br />
<br />
The Steam interface can be fully customized by copying its various interface files in its skins directory and modifying them.<br />
<br />
An extensive list of skins can be found on [http://forums.steampowered.com/forums/showthread.php?t=1161035 Steam's forums].<br />
<br />
=== Steam skin manager ===<br />
<br />
The process of applying a skin to Steam can be greatly simplified using {{AUR|steam-skin-manager}} from the AUR. The package also comes with a hacked version of the Steam launcher which allows the window manager to draw its borders on the Steam window.<br />
<br />
As a result, skins for Steam will come in two flavors, one with and one without window buttons. The skin manager will prompt you whether you use the hacked version or not, and will automatically apply the theme corresponding to your GTK+ theme if it is found. You can of course still apply another skin if you want.<br />
<br />
The package ships with two themes for the default Ubuntu themes, Ambiance and Radiance.<br />
<br />
== Changing the Steam friends notification placement ==<br />
<br />
{{Note|A handful of games do not support this, for example this can not work with XCOM: Enemy Unknown.}}<br />
<br />
=== Use a skin ===<br />
<br />
You can create a skin that does nothing but change the notification corner. First you need to create the directories:<br />
<br />
$ mkdir -p $HOME/Top-Right/resource<br />
$ cp -R $HOME/.steam/steam/resource/styles $HOME/Top-Right/resource/<br />
$ mv $HOME/Top-Right $HOME/.local/share/Steam/skins/<br />
$ cd .local/share/Steam/skins/<br />
$ cp -R Top-Right Top-Left && cp -R Top-Right Bottom-Right<br />
<br />
Then modify the correct files. {{ic|Top-Right/resource/styles/gameoverlay.style}} will change the corner for the in-game overlay whereas {{ic|steam.style}} will change it for your desktop.<br />
<br />
Now find the entry: {{ic|Notifications.PanelPosition}} in whichever file you opened and change it to the appropriate value, for example for Top-Right:<br />
<br />
Notifications.PanelPosition "TopRight"<br />
<br />
This line will look the same in both files. Repeat the process for all the 3 variants ({{ic|Top-Right}}, {{ic|Top-Left}} and {{ic|Bottom-Left}}) and adjust the corners for the desktop and in-game overlay to your satisfaction for each skin, then save the files.<br />
<br />
To finish you will have to select the skin in Steam: ''Settings > Interface'' and ''<default skin>'' in the drop-down menu.<br />
<br />
You can use these files across distributions and even between Windows and Linux (OS X has its own entry for the desktop notification placement)<br />
<br />
=== On The fly patch ===<br />
<br />
This method is more compatible with future updates of Steams since the files in the skins above are updated as part of steam and as such if the original files change, the skin will not follow the graphics update to steam and will have to be re-created every time something like that happens. Doing things this way will also give you the ability to use per-game notification locations as you can run a patch changing the location of the notifications by specifying it in the launch options for games.<br />
<br />
Steam updates the files we need to edit everytime it updates (which is everytime it is launched) so the most effective way to do this is patching the file after Steam has already been launched.<br />
<br />
First you will need a patch:<br />
<br />
{{hc|$HOME/.steam/topright.patch|<nowiki><br />
--- A/steam/resource/styles/gameoverlay.styles 2013-06-14 23:49:36.000000000 +0000<br />
+++ B/steam/resource/styles/gameoverlay.styles 2014-07-08 23:13:15.255806000 +0000<br />
@@ -7,7 +7,7 @@<br />
mostly_black "0 0 0 240"<br />
semi_black "0 0 0 128"<br />
semi_gray "32 32 32 220"<br />
- Notifications.PanelPosition "BottomRight"<br />
+ Notifications.PanelPosition "TopRight"<br />
}<br />
<br />
styles<br />
<br />
</nowiki>}}<br />
<br />
{{Note|The patch file should have all above lines, including the newline at the end.}}<br />
<br />
You can edit the entry and change it between "BottomRight"(default), "TopRight" "TopLeft" and "BottomLeft": the following will assume you used "TopRight" as in the original file.<br />
<br />
Next create an alias in {{ic|$HOME/.bashrc}}:<br />
<br />
alias steam_topright='pushd $HOME/.steam/ && patch -p1 -f -r - --no-backup-if-mismatch < topright.patch && popd'<br />
<br />
Log out and back in to refresh the aliases. Launch Steam and wait for it to fully load, then run the alias <br />
<br />
$ steam_topright<br />
<br />
And most games you launch after this will have their notification in the upper right corner.<br />
<br />
You can also duplicate the patch and make more aliases for the other corners if you do not want all games to use the same corner so you can switch back.<br />
<br />
To automate the process you will need a script file as steam launch options cannot read your aliases. The location and name of the file could for example be '''$HOME/.scripts/steam_topright.sh''', and assuming that is the path you used, it needs to be executable:<br />
<br />
$ chmod +755 $HOME/.scripts/steam_topright.sh<br />
<br />
The contents of the file should be the following:<br />
<br />
#!/bin/sh<br />
pushd $HOME/.steam/ && patch -p1 -f -r - --no-backup-if-mismatch < topright.patch && popd<br />
<br />
And the launch options should be something like the following.<br />
<br />
$HOME/.scripts/steam_topright.sh && %command%<br />
<br />
There is another file in the same folder as '''gameoverlay.style''' folder called '''steam.style''' which has an entry with the exact same function as the file we patched and will change the notification corner for the desktop only (not in-game), but for editing this file to actually work it has to be set before steam is launched and the folder set to read-only so steam cannot re-write the file. Therefore the only two ways to modify that file is to make the directory read only so steam cannot change it when it is launched (can break updates) or making a skin like in method 1.<br />
<br />
== See also ==<br />
<br />
* https://wiki.gentoo.org/wiki/Steam</div>DarioPhttps://wiki.archlinux.org/index.php?title=GNOME&diff=314915GNOME2014-05-13T06:49:56Z<p>DarioP: /* Gnome System Icons are not loaded properly */</p>
<hr />
<div>[[Category:GNOME]]<br />
[[cs:GNOME]]<br />
[[de:GNOME]]<br />
[[es:GNOME]]<br />
[[fr:GNOME]]<br />
[[it:GNOME]]<br />
[[ja:GNOME]]<br />
[[nl:GNOME]]<br />
[[pl:GNOME]]<br />
[[pt:GNOME]]<br />
[[ru:GNOME]]<br />
[[sr:GNOME]]<br />
[[th:GNOME]]<br />
[[tr:Gnome Masaüstü Ortamı]]<br />
[[uk:GNOME]]<br />
[[zh-CN:GNOME]]<br />
[[zh-TW:GNOME]]<br />
{{Related articles start}}<br />
{{Related|Desktop environment}}<br />
{{Related|Display manager}}<br />
{{Related|Window manager}}<br />
{{Related|GTK+}}<br />
{{Related|GDM}}<br />
{{Related|Nautilus}}<br />
{{Related|Gedit}}<br />
{{Related|GNOME Web}}<br />
{{Related|GNOME Flashback}}<br />
{{Related articles end}}<br />
<br />
[http://www.gnome.org/ GNOME] is a [[desktop environment]] developed by The GNOME Project.<br />
<br />
GNOME 3 has ''two'' sessions:<br />
<br />
*'''GNOME''' is the default, innovative layout.<br />
*'''GNOME Classic''' is a traditional desktop layout, similar to the GNOME 2 user interface whilst using GNOME 3 technologies. It does so through the use of pre-activated extensions and parameters (see [http://worldofgnome.org/welcome-to-gnome-3-8-flintstones-mode/ here] for a list). Hence it is more of a customized GNOME Shell than a truly distinct mode.<br />
<br />
Both of them use GNOME Shell, a desktop shell and plugin of the Mutter window manager. Mutter acts as a composite manager for the desktop, employing hardware graphics acceleration to provide effects aimed at reducing screen clutter. GNOME session manager automatically detects if your video driver is capable of running GNOME Shell and if not, falls back to software rendering using llvmpipe.<br />
<br />
== Installation ==<br />
<br />
GNOME 3 is available in the [[official repositories]] and can be [[pacman|installed]] with one of the following:<br />
*The {{Pkg|gnome-shell}} package provides a minimal desktop shell.<br />
*The {{Grp|gnome}} group contains the core desktop environment and applications required for the standard GNOME experience.<br />
*The {{Grp|gnome-extra}} group contains various optional tools such as an editor, an archive manager, a disk burner, a mail client, games, development tools and other non-critical applications that integrate well with the GNOME desktop. Installing just the {{Grp|gnome-extra}} group will not pull in the whole {{Grp|gnome}} group via dependencies. If you want to install all GNOME packages then you will need to explicitly install both groups.<br />
<br />
== Starting GNOME ==<br />
<br />
'''Graphical log-in'''<br />
<br />
For the best desktop integration, [[GDM]] (the GNOME [[Display manager]]) is recommended. GDM is installed as part of the {{grp|gnome}} group and can be used by enabling {{ic|gdm.service}} [[systemd#Using units|using systemd]].<br />
<br />
Other display managers can be used in place of GDM if desired.<br />
<br />
{{note|Native support for screenlocking in GNOME is provided by GDM. If you choose to not use GDM you will need to use a different screenlocking program such as [[XScreenSaver]].}} <br />
<br />
'''Starting GNOME manually'''<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file:<br />
{{hc|~/.xinitrc|<nowiki><br />
exec gnome-session<br />
</nowiki>}}<br />
<br />
Or {{ic|exec gnome-session --session&#61;gnome-classic}} for GNOME Classic. After editing your {{ic|~/.xinitrc}}, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
See [[xinitrc]] for details, such as preserving the logind session.<br />
<br />
After setting up your {{ic|~/.xinitrc}} file you can also arrange to [[Start X at Login]] so that you don't have to run {{ic|startx}} manually.<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME Cheat Sheet ===<br />
<br />
The [https://wiki.gnome.org/Projects/GnomeShell/CheatSheet GNOME Shell Cheat Sheet] on the GNOME Wiki explains task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{ic|Alt}} + {{ic|F2}} then {{ic|r}} then {{ic|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
{{note|Valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart however there is a risk that data could be lost if documents are not saved.}}<br />
<br />
=== Shell freezes ===<br />
<br />
Sometimes shell extensions freeze the GNOME Shell. In this case a possible strategy is to switch to another terminal via {{ic|Ctrl+Alt+F2}} through {{ic|Ctrl+Alt+F6}}, log in, and restart gnome-shell with:<br />
<br />
# pkill -HUP gnome-shell<br />
<br />
All open applications will still be available after restarting the shell.<br />
<br />
Sometimes, however, merely restarting the shell might not be enough. Then you will have to restart X, losing all work in progress. You can restart X by:<br />
<br />
# pkill X<br />
<br />
The GNOME Shell then restarts automatically.<br />
<br />
If this does not work, you can try to restart your login manager. For instance, if you use GDM, try:<br />
<br />
# systemctl restart gdm.service<br />
<br />
{{Tip|You can also use '''htop''' in tty; press ''t'', select the ''gnome-shell'' tree, press ''k'' and send ''SIGKILL''.}}<br />
<br />
== Pacman integration: GNOME PackageKit ==<br />
{{Warning|1=As of Gnome 3.12 the pacman integration with packagekit is very outdated. See [https://bbs.archlinux.org/viewtopic.php?pid=1334848#p1334848 this forum thread] and [http://worldofgnome.org/gnome-software-on-arch/ this article] for more information.}}<br />
<br />
GNOME has its own Pacman GUI: {{Pkg|gnome-packagekit}}.<br />
<br />
Using the [https://www.archlinux.org/pacman/libalpm.3.html alpm] backend, it supports the following features:<br />
<br />
* Install and remove packages from the repos.<br />
* Periodically refresh package databases and prompt for updates.<br />
* Install packages from tarballs.<br />
* Search for packages by name, description, category or file.<br />
* Show package dependencies, files and reverse dependencies.<br />
* Ignore IgnorePkgs and hold HoldPkgs.<br />
* Report optional dependencies, .pacnew files, etc.<br />
<br />
You can change the {{ic|remove}} operation from -Rc to -Rsc by setting the DConf key {{ic|org.gnome.packagekit.enable-autoremove}}.<br />
<br />
=== Packages updates notifications ===<br />
<br />
If you want GNOME to check automatically for updates, you must install {{Pkg|gnome-settings-daemon-updates}} from the official repository.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
The ''Systems Settings'' tool (provided by {{pkg|gnome-control-center}}) is a simple and streamlined panel which covers most basic settings. <br />
<br />
More elaborate graphical customization (such as modifying fonts, themes, titlebar buttons and such) can be done using the graphical ''GNOME tweak tool''. {{Pkg|gnome-tweak-tool}} is available from the [[official repositories]]. See [[#Theming]] below for more information about the subject.<br />
<br />
More extensive customisation may require more low-level configuration, using [[#gsettings and dconf]].<br />
<br />
==== Theming ====<br />
<br />
To install a new theme or icon set, put it in {{ic|~/.local/share/themes}} or {{ic|~/.local/share/icons}}. You can then activate it using ''GNOME tweak tool'', that is described above.<br />
<br />
Alternatively, you can set a GTK (icon) theme via {{ic|~/.config/gtk-3.0/settings.ini}}. In this file you can set the GTK theme ({{ic|gtk-theme-name}}), the icon theme ({{ic|gtk-icon-theme-name}}), the font ({{ic|gtk-font-name}}) and more.<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of {{pkg|gnome-themes-standard}}. Additional GTK3 themes can be found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site]. For example:<br />
{{hc|~/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to restart the GNOME shell for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation].<br />
<br />
==== gsettings and dconf ====<br />
<br />
dconf is a data store used by GNOME to store its settings. It can be edited with the graphical {{ic|dconf-editor}} or the command line {{ic|gsettings}} tool. See [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] for a tutorial on using gsettings.<br />
<br />
=== Customize top bar ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.desktop.interface clock-show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When installing GNOME, some unwanted icons might appear in the panel. These icons can be removed by manually editing the GNOME panel script.<br />
<br />
For example, to remove the keyboard button, comment out the {{ic|'keyboard'}} line in {{ic|PANEL_ITEM_IMPLEMENTATIONS}}:<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const PANEL_ITEM_IMPLEMENTATIONS = {<br />
'activities': ActivitiesButton,<br />
'aggregateMenu': AggregateMenu,<br />
'appMenu': AppMenuButton,<br />
'dateMenu': imports.ui.dateMenu.DateMenuButton,<br />
'a11y': imports.ui.status.accessibility.ATIndicator,<br />
'a11yGreeter': imports.ui.status.accessibility.ATGreeterIndicator,<br />
//'keyboard': imports.ui.status.keyboard.InputSourceIndicator,<br />
};<br />
</nowiki>}}<br />
<br />
Then, save your results and restart the shell:<br />
<br />
#{{ic|Alt+F2}}<br />
#{{ic|r}}<br />
#{{ic|Enter}}<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command:<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
The [https://extensions.gnome.org/extension/120/system-monitor/ system-monitor] extension is included in the {{pkg|gnome-shell-extensions}} package. The git version is available as {{AUR|gnome-shell-system-monitor-applet-git}} in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
The [https://extensions.gnome.org/extension/613/weather/ Weather] extension can be installed from [https://extensions.gnome.org/extension/613/weather/ the official extension website]. The git version is available as {{AUR|gnome-shell-extension-weather-git}} in the [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like most desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are located in the '''{{ic|/usr/share/applications}}''' folder. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries. You will need root privileges to edit the .desktop files.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. <br />
<br />
{{Note|Removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.}}<br />
<br />
To hide an application launcher open its .desktop file in a text editor and add the following line:<br />
<br />
NoDisplay=true<br />
<br />
==== Sort applications into folders ====<br />
<br />
Gnome 3.12 allows the user to sort applications into folders. A GUI for this is provided by Gnome Software, which Arch does not package (due to PackageKit incompatibilities). However, applications can still be sorted into folders manually via dconf. To add a folder, navigate via dconf to '''{{ic|org.gnome.desktop.app-folders}}''' and set the value of '''{{ic|folder-children}}''' to an array of comma separated folder names:<br />
<br />
['Utilities', 'Sundry']<br />
<br />
To add applications to these folders, use '''{{ic|gsettings}}''':<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ apps "['alacarte.desktop', 'dconf-editor.desktop']"<br />
<br />
This adds the applications corresponding to '''{{ic|alacarte.desktop}}''' and '''{{ic|dconf-editor.desktop}}'''' to the Sundry folder.<br />
<br />
This will also create the folder '''{{ic|org.gnome.desktop.app-folders.folders.Sundry}}'''. The constituents of the folder can be updated from dconf or from '''{{ic|gsettings}}''', by appending applications to the list.<br />
<br />
To name the folder (if it has no name it will simply appear at the top of the applications), set the name key via '''{{ic|gsettings}}''':<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ name "Sundry"<br />
<br />
Applications can also be sorted by their category (specified in their '''{{ic|.desktop}}''' file):<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ categories "['Office']"<br />
<br />
If certain applications matching a category are not wanted in a certain folder, exclusions can be set:<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ excluded-apps "['libreoffice-draw.desktop']"<br />
<br />
For further information, refer to the [https://git.gnome.org/browse/gsettings-desktop-schemas/tree/schemas/org.gnome.desktop.app-folders.gschema.xml.in.in app-folders schema].<br />
<br />
==== Change icon size ====<br />
<br />
===== For applications in activity view =====<br />
<br />
To change the application icon size it is necessary to edit the GNOME-Shell theme.<br />
<br />
You can edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. <br />
* For the '''default''' theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
* For '''user themes''', edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting the shell|restart the GNOME shell]].<br />
<br />
{{hc|gnome-shell.css|<nowiki><br />
...<br />
/* Application Launchers and Grid */<br />
<br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-horizontal-item-size: 82px;<br />
-shell-grid-vertical-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
...<br />
</nowiki>}}<br />
<br />
===== In dash =====<br />
<br />
GNOME's Activities view has a dash on the left hand side, the size of the icons in this dash will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/dash.js}}.<br />
<br />
{{hc|dash.js|<nowiki><br />
...<br />
<br />
let iconSizes = [ 16, 22, 24, 32, 48, 64 ];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
===== For switcher (alt-tab) =====<br />
<br />
GNOME comes with a built in task switcher, the size of the icons in this task switcher will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/altTab.js}}<br />
<br />
{{hc|altTab.js|<nowiki><br />
...<br />
<br />
const iconSizes = [96, 64, 48, 32, 22];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
===== For system tray =====<br />
<br />
GNOME comes with a built in system tray, visible when the mouse is hovered over the bottom right corner of the screen. The size of the icons in this tray is set to a fixed value of 24. To change this value, edit {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}<br />
{{hc|messageTray.js|<nowiki><br />
...<br />
<br />
ICON_SIZE: 24,<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Disable hot corner hovering ====<br />
<br />
===== Activity view =====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit {{ic|/usr/share/gnome-shell/js/ui/layout.js}} (that was ''panel.js'' in GNOME 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set {{ic|reactive}} to {{ic|false}}. GNOME Shell needs to be restarted.<br />
<br />
{{tip|There are also [[GNOME#GNOME_shell_extensions|GNOME Shell extensions]] that can be installed which will modify this behaviour.}}<br />
<br />
===== Message Tray =====<br />
<br />
The message tray is shown when the mouse hovers at the bottom of the screen for one second. To disable this behavior, comment out the following line in {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}:<br />
{{hc|messageTray.js|<nowiki><br />
//pointerWatcher.addWatch(TRAY_DWELL_CHECK_INTERVAL, Lang.bind(this, this._checkTrayDwell));<br />
</nowiki>}}<br />
GNOME Shell needs to be restarted. The message tray is still visible in activity view.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
<br />
* ''' global''' - edit {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
* '''user-only''' - copy {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}} to {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
<br />
Then restart the GNOME shell. <br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[official repositories]] or remove {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}.<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting can be changed through '''dconf-editor.'''<br />
<br />
For example, to move the close and minimize buttons to the left side of the titlebar, open '''dconf-editor''' and locate the '''''org.gnome.shell.overrides.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (colon symbol designates the spacer between left side and right side of the titlebar). Place the buttons in your preferred order. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. Restart the shell to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
The command below will hide the titlebar when windows are maximised:<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
After entering the command restart the GNOME shell. After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{ic|Alt+F5}}, {{ic|Alt+F10}} or {{ic|Alt+Space}} to remedy the situation.<br />
<br />
To prevent {{ic|metacity-theme-3.xml}} from being overwritten each time package {{pkg|gnome-themes-standard}} is upgraded, add its name to {{ic|/etc/pacman.conf}} with {{ic|NoUpgrade}}:<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman will not upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values, install the {{pkg|gnome-themes-standard}} package.<br />
<br />
== Miscellaneous settings ==<br />
<br />
=== Power Management ===<br />
<br />
==== Turn off Suspend-To-RAM (S3) when closing the LID ====<br />
This setting is not available in GNOME, ''gnome-control-center'' and ''dconf'' make this available. The current approach is to manage this on the level of [[systemd]]. Edit {{ic|/etc/systemd/logind.conf}}, uncomment the {{ic|HandleLidSwitch}} line and set it to {{ic|ignore}}:<br />
<br />
{{hc|/etc/systemd/logind.conf|HandleLidSwitch&#61;ignore}}<br />
<br />
See the [[Power management#ACPI_events]] article for more information.<br />
<br />
==== No reaction on lid close ====<br />
<br />
When configuring the lid close events via [[Power management#ACPI_events]], the settings may seem to have no effect. If you have an external monitor connected to your laptop, this is default GNOME behaviour. Disconnect the monitor and the settings should work, otherwise your {{ic|/etc/systemd/logind.conf}} may be incorrect.<br />
To change default behaviour open the {{ic|dconf-editor}} and change {{ic|org.gnome.settings-daemon.plugins.xrandr.default-monitors-setup}} to {{ic|"do-nothing"}}.<br />
<br />
==== Change Critical Battery Level Action (for Laptops) ====<br />
<br />
The ''System Settings'' panel only allows the user to choose between ''Suspend'' or ''Hibernate''. To choose another option such as ''Do Nothing'' open the {{ic|dconf-editor}} and navigate to {{ic|org.gnome.settings-daemon.plugins.power}}. Edit the {{ic|"critical-battery-action"}} value to {{ic|"nothing"}}.<br />
<br />
=== Switch back scrolling behavior ===<br />
If you do not like the new scrollbar behavior just put {{ic|<nowiki>gtk-primary-button-warps-slider = false</nowiki>}} under the {{ic|<nowiki>[Settings]</nowiki>}} section in {{ic|~/.config/gtk-3.0/settings.ini}}:<br />
<br />
{{hc|~/.config/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-primary-button-warps-slider = false<br />
...<br />
</nowiki>}}<br />
<br />
=== Autostarting / Automatic program launch upon logging in ===<br />
<br />
As of Gnome 3.12 {{ic|gnome-session-properties}} is deprecated. Specify which programs start automatically after logging in using {{ic|gnome-tweak-tool}}.<br />
<br />
=== Editing applications menu ===<br />
<br />
{{pkg|alacarte}} provides a more complete menu editor for adding/editing menu entries.<br />
<br />
=== Gnome Terminal ===<br />
<br />
==== Inner padding ====<br />
<br />
To move the terminal output away from the window borders create the stylesheet {{ic|~/.config/gtk-3.0/gtk.css}} with the following setting:<br />
<br />
TerminalScreen {<br />
-VteTerminal-inner-border: 10px 10px 10px 10px;<br />
}<br />
<br />
==== Disable blinking cursor ====<br />
<br />
Since Gnome 3.8 and the migration to gsettings and dconf the key required to modify in order to disable the blinking cursor in the Terminal differs slightly in contrast to the old gconf key. To disable the blinking cursor in Gnome 3.8 use:<br />
<br />
gsettings set org.gnome.desktop.interface cursor-blink false<br />
<br />
If you prefer dconf to the gsettings CLI then open {{ic|dconf-editor}}, go to org -> gnome -> desktop -> interface and untick the option labelled '''cursor-blink'''.<br />
<br />
To disable the blinking cursor in Terminal only use (make sure profile uid is correct one):<br />
<br />
dconf write /org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9/cursor-blink-mode "'off'"<br />
<br />
==== Make new tabs inherit current directory (for Gnome Terminal 3.8+) ====<br />
<br />
In Gnome 3.8, the behaviour of how current directories are tracked has changed. To restore this behaviour, you need to source the {{ic|/etc/profile.d/vte.sh}} file, put this in your {{ic|~/.bashrc}} or {{ic|~/.zshrc}} for zsh users:<br />
<br />
source /etc/profile.d/vte.sh<br />
<br />
For more information refer to the [https://wiki.gnome.org/action/show/Apps/Terminal/FAQ?action=show&redirect=Terminal%252FFAQ#How_can_I_make_new_terminals_start_in_the_working_directory_of_the_current_terminal.3F Gnome wiki].<br />
<br />
=== Move dialog windows ===<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions. These provide features such as a dock or a widget for changing the theme.<br />
<br />
Many extensions are collected and hosted by [https://extensions.gnome.org/ extensions.gnome.org]. They can be browsed and installed simply activating them in the browser. More information about gnome shell extensions can be found [https://extensions.gnome.org/about/ here].<br />
<br />
See [[#When an extension breaks GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default Applications ===<br />
<br />
While one can right click any file and set the default applications in 'Preferences', the settings are actually saved in {{ic | $HOME/.local/share/applications/mimeapps.list}} and {{ic| $HOME/.local/share/applications/mimeinfo.cache}}.<br />
<br />
{{tip|If you are making the change systemwide you may to create the {{ic|/usr/share/applications/mimeapps.list}} file yourself.}}<br />
<br />
==== File browser/replace Nautilus ====<br />
<br />
You can specify a different file manager in the ''mimeapps.list'' file as shown below:<br />
<br />
'''User only''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|~/.local/share/applications/mimeapps.list}}<br />
<br />
'''Systemwide''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|/usr/share/applications/mimeapps.list}}<br />
<br />
Where my filemanager.desktop is the correct .desktop file for the file manager of your choice.<br />
<br />
Alternatively you can trick GNOME into using another file browser by editing the {{ic|Exec}} line in {{ic|/usr/share/applications/nautilus.desktop}}. See the correct parameters in the {{ic|.desktop}} file of the file manager of your choice, e.g.:<br />
<br />
{{hc|/usr/share/applications/nautilus.desktop|<br />
2=[...]<br />
Exec=thunar %F<br />
OR<br />
Exec=pcmanfm %U<br />
OR<br />
Exec=nemo %U<br />
[...]<br />
}}<br />
<br />
==== PDF viewer ====<br />
<br />
In some cases when you have installed Inkscape or other graphic programs Evince Document Viewer might no longer be selected as the default PDF application. If it is not available in the '''Open With''' entry which would be the GUI solution, you can use the following user command to make it the default application again:<br />
<br />
xdg-mime default evince.desktop application/pdf<br />
<br />
==== Terminal ====<br />
<br />
{{ic|gsettings}} (which replaces {{ic|gconftool-2}}) is used to set the default terminal. The setting affects ''nautilus-open-terminal'' (a Nautilus extension).<br />
To make [[rxvt-unicode|urxvt]] the default, run:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|The {{ic|-e}} flag is for executing a command. When ''nautilus-open-terminal'' invokes {{ic|urxvtc}}, it puts a {{ic|cd}} command at the end of the command line so that the new terminal starts in the directory you opened it from. Other terminals will require a different (perhaps empty) {{ic|exec-arg}}.}}<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== Display dimming ===<br />
<br />
By default GNOME 3 has a ten second idle timeout to dim the screen regardless of the battery and AC state:<br />
<br />
# gsettings get org.gnome.settings-daemon.plugins.power idle-dim-time<br />
<br />
To set a new value type the following<br />
<br />
# gsettings set org.gnome.settings-daemon.plugins.power idle-dim-time <int><br />
<br />
where <int> is the value in seconds.<br />
<br />
=== Changing hotkeys ===<br />
Certain hotkeys cannot be changed directly via the ''System Settings'' panel. In order to change these keys, use dconf-editor. An example of particular note is the hotkey Alt-Above_Tab. On US keyboards, this is Alt-`: is a hotkey often used in the [[Emacs]] editor. It can be changed by opening dconf-editor and modifying the ''switch-group'' key found in {{ic|org.gnome.desktop.wm.keybindings}}.<br />
<br />
It is possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at ~/.config/Thunar/accels.scm, whereas Nautilus's is located at ~/.config/nautilus/accels and ~/.gnome2/accels/nautilus on old release.<br />
<br />
The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
For example to replace the hotkey used by Nautilus to move files to the trash folder, change the line:<br />
<br />
; (gtk_accel_path "<Actions>/DirViewActions/Trash" "<Primary>Delete")<br />
to this:<br />
<br />
(gtk_accel_path "<Actions>/DirViewActions/Trash" "Delete")<br />
<br />
The file is regenerated regularly so do not comment the file. The uncommented line will stay but every comment you add will be lost.<br />
<br />
==== Hotkeys in Nautilus 3.4 and older ====<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
The default assignment is a somewhat-awkward {{ic|Ctrl+Delete}}.<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{ic|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{ic|Delete}} to make the new accelerator be the Delete key.<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Screencast recording ===<br />
<br />
Gnome features the built-in possbility to create screencasts easily. Thereby Control+Shift+Alt+R keybinding starts and stops the recording. A red circle is displayed in the bottom right corner of the screen when the recording is in progress. After the recording is finished, a file named 'Screencast from %d%u-%c.webm' is saved in the Videos directory. In order to use the screencast feature you need to have installed the gst plugins which are:<br />
<br />
$ pacman -Qs gst<br />
<br />
=== Modify Keyboard with XkbOptions ===<br />
<br />
Using the '''dconf-editor''', navigate to the key named {{ic|org.gnome.desktop.input-sources.xkb-options}} and add desired XkbOptions (e.g. ''caps:swapescape'') to the list.<br />
<br />
See {{ic|/usr/share/X11/xkb/rules/xorg}} for all XkbOptions and {{ic|/usr/share/X11/xkb/symbols/*}} for the respective descriptions.<br />
<br />
{{Note|To enable the {{ic|Ctrl+Alt+Backspace}} combination to terminate Xorg, use the {{Pkg|gnome-tweak-tool}} from [[official repositories]]. Within the '''Tweak Tool''', navigate to ''Typing > Terminate'' and select the option {{ic|Ctrl+Alt+Backspace}} from the dropdown menu.}}<br />
<br />
=== Toggle keyboard layouts ===<br />
Since Gnome does not consider any configuration in {{ic|/etc/X11/conf.d/*.conf}} you have to set the command for layout switching either via the control center with the options ''Switch to previous source'' and ''Switch to next source'' or if you want to use Alt - Shift combination you have to use the Gnome-Tweak-Tool and set ''Typing -> Modifiers-only input sources -> select Alt-shift''. For more information see also the forum [https://bbs.archlinux.org/viewtopic.php?id=152127 thread].<br />
<br />
=== HiDPI Support (Retina Screens) ===<br />
<br />
See [[HiDPI]].<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Tracker (search program) ==<br />
The {{Pkg|tracker}} provides the Tracker program, an indexing application. You can configure it with {{ic|tracker-preferences}}, and monitor status with {{ic|tracker-control}}. Once installed, indexing should start automatically when you log in. You can explicitly start indexing with {{ic|tracker-control -s}}. Search settings can also be configured in the ''System Settings'' panel.<br />
<br />
== Totem (movie player) ==<br />
<br />
Totem is a movie player based on [[GStreamer]]. For information about adding codecs or hardware acceleration, see [[GStreamer]].<br />
<br />
== Empathy (integrated messaging) and GNOME Online Accounts ==<br />
<br />
Empathy, the engine behind integrated messaging, GNOME Online Accounts, and all other system settings based on messaging accounts will not function correctly unless the {{grp|telepathy}} group of packages or at least one of the backends ({{pkg|telepathy-gabble}}, or {{pkg|telepathy-haze}}, for example) is installed.<br />
<br />
These packages are '''not''' included in either the {{grp|gnome}} or {{grp|gnome-extra}} groups . You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the {{ic|/usr/bin/empathy-accounts}} application can remain running and will need to be killed before you can add any new accounts. Likewise, without telepathy installed, the 'Add an online account' button in GNOME Online Accounts will do nothing.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components freedesktop.org telepathy wiki].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Cannot change settings in dconf-editor ===<br />
<br />
When one cannot set settings in {{pkg|dconf}}, it is possible their dconf user settings are corrupt. In this case it is best to delete the user dconf files in {{ic|~/.config/dconf/user*}} and set the settings in dconf-editor after.<br />
<br />
=== Extensions ===<br />
<br />
==== When an extension breaks GNOME ====<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of {{ic|~/.local/share/gnome‑shell/extensions}}, {{ic|/usr/share/gnome‑shell/extensions}} or {{ic|/usr/local/share/gnome‑shell/extensions}}. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on GNOME Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
==== Extensions do not work after GNOME 3 update ====<br />
<br />
Locate the folder where your extensions are installed. It might be {{ic|~/.local/share/gnome-shell/extensions}} or {{ic|/usr/share/gnome-shell/extensions}}.<br />
<br />
Edit each occurrence of {{ic|metadata.json}} which appears in each extension sub-folder.<br />
<br />
{| border="0"<br />
| Insert: || {{ic|"shell-version": ["3.6"]}}<br />
|-<br />
| Instead of (for example): || {{ic|"shell-version": ["3.4"]}}<br />
|}<br />
<br />
{{ic|"3.x"}} indicates the extension works with every shell version. If it breaks, you will know to change it back.<br />
<br />
==== Remove Gnome Shell Extensions ====<br />
<br />
If you have trouble with uninstalling Gnome Extensions via https://extensions.gnome.org/local/, then probably they have been installed as system-wide extensions with {{ic|pacman -S gnome-shell-extensions}} before. To remove them, you have to be careful, because the following instruction removes all extensions from other user's, too:<br />
<br />
# pacman -R gnome-shell-extensions<br />
<br />
Following that, you refresh Gnome Shell by pressing ALT+F2 and entering {{ic|restart}}.<br />
<br />
Then go to https://extensions.gnome.org/local/ again and have a look for your installed extensions list. It should have changed.<br />
<br />
All other extensions should be removable by pressing the red X icon to the right. If not, something may be broken. <br />
<br />
As a final step, you can remove them manually from {{ic|~/.local/share/gnome-shell/extensions/*}} and/or {{ic|/usr/share/gnome-shell/extensions}}. Restart Gnome Shell again and you should be fine.<br />
<br />
=== The "Windows" key ===<br />
By default, this key is mapped to the "overlay-key" to launch the Overview. You can remove this key mapping to free up your {{ic|Windows Key}} (also called {{ic|Mod4}}), which GNOME calls {{ic|Super_L}}, by utilizing {{ic|gsettings}}.<br />
<br />
Example:<br />
{{ic| gsettings set org.gnome.mutter overlay-key 'Foo';}}.<br />
You can leave out '''Foo''' to simply remove any binding to that function.<br />
<br />
{{Note| GNOME also uses {{ic|Alt+F1}} to launch the Overview.}}<br />
<br />
=== Keyboard Shortcut do not work with only conky running ===<br />
The gnome-shell keyboard shortcuts like {{ic|Alt+F2}}, {{ic|Alt+F1}}, and the media key shortcuts do not work if conky is the only program running. However if another application like gedit is running, then the keyboard shortcuts work.<br />
<br />
solution: edit .conkyrc <br />
<br />
own_window yes<br />
own_window_transparent yes<br />
own_window_argb_visual yes<br />
own_window_type dock<br />
own_window_class Conky<br />
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in GNOME Shell which causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit {{ic|/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js}} and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Navigation --> Hide all normal windows<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it cannot unlock it. If the touchpad gets locked you can do the following to unlock it:<br />
<br />
# Start a terminal. You can do this by pressing {{ic|Alt+F2}}, then typing {{ic|gnome-terminal}} followed by pressing {{ic|Enter}}.<br />
# Type in the following command:<br />
<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== Consistent cursor theme ===<br />
<br />
You may find that the cursor theme used in GNOME is not consistent. For example, it may change when moving the cursor across different application windows. To fix this problem, set the cursor theme by creating an {{ic|index.theme}} file which defines the cursor theme according to the XDG icon theme specification. See the following section of the [[Cursor Themes]] article: [[Cursor_Themes#Using_an_index.theme_file_.28recommended.29]].<br />
<br />
=== Tracker & Documents do not list any local files ===<br />
<br />
In order for Tracker (and, therefore, Documents) to detect your local files, they must be stored in directories that it knows of. If your documents are contained in one of the usual XDG standard directories (i.e. "Documents" or "Music"), you should install {{Pkg|xdg-user-dirs}} and run:<br />
<br />
# xdg-user-dirs-update<br />
<br />
This will create all of the usual XDG home directories if they do not already exist and it will create the config file definining these directories that Tracker and Documents depend upon.<br />
<br />
=== Passwords are not remembered ===<br />
<br />
If you get a password prompt every time you login, and you find password are not saved, you might need to create/set a default keyring.<br />
<br />
Install {{pkg|seahorse}}. Open "Passwords and Keys" from the menu or run {{ic|seahorse}}. Select View > By Keyring. If there is no keyring in the left column (it will be marked with a lock icon), go to File > New > Password Keyring and give it a nice name. You will be asked to enter a password. If you do not give it a password it will be unlocked automatically even when using autologin, but passwords will not be stored securely. Finally, right-click on the keyring you just created and select "Set as default".<br />
<br />
=== Windows cannot be modified with Alt-Key + Mouse-Button ===<br />
<br />
Change the dconf-setting "org.gnome.desktop.wm.preferences.mouse-button-modifier" from <Super> back to <Alt>. It is not possible to change this with ''System Settings'' > "Keyboard" > "Shortcuts", you will find there only the regular keybindings. The developers of GNOME decided to change this from 3.4 to 3.6 because of this bug report https://bugzilla.gnome.org/show_bug.cgi?id=607797<br />
<br />
=== Gnome-shell 3.8.x fails to load with a black screen + cursor ===<br />
<br />
If you have a non-UTF8 language enabled, Gnome 3 can fail to load. Disable non-UTF-8 locales and perform a locale-gen until this is resolved.<br />
For more information see [https://bugzilla.gnome.org/show_bug.cgi?id=698952 this bug report].<br />
<br />
Additionally, if multiple locales of different languages are enabled, it may be necessary to disable all locales except for one (which is UTF-8).<br />
<br />
=== UI elements scale incorrectly ===<br />
<br />
Gnome introduced HDPI support in version 3.10. If your display does not provide the correct screen size through EDID, this can lead to incorrectly scaled UI elements. As a workaround you can open dconf-editor and find the key {{ic|scaling-factor}} in {{ic|org.gnome.desktop.interface}}. Set it to {{ic|1}} to get the standard scale.<br />
<br />
=== Tear-free video with Intel HD Graphics ===<br />
Enabling the [[Intel _Graphics#Tear-free_video|Xorg Intel TearFree option]] is a known workaround to tearing problems on Intel adapters, however the way this option acts makes it redundant with the use of a compositor (adds up memory consumption and lowers performance, see [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c123 the original bug report's final comment]).<br />
<br />
On the other hand, GNOME Shell uses Mutter as a compositor which has a tweak known to address tearing problems (see [https://bugzilla.gnome.org/show_bug.cgi?id=657071#c1 the original suggestion for this fix] and its mention in [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c59 the Freedesktop bug report]): the line {{ic|1=CLUTTER_PAINT=disable-clipped-redraws:disable-culling}} must be appended to {{ic|/etc/environment}} and Xorg server restarted. This tweak solved tearing problems.<br />
<br />
=== Logging in through GDM or lightdm quickly returns to the login screen without any feedback ===<br />
As discovered by the person in [http://forums.debian.net/viewtopic.php?f=6&t=84115 this] thread, some aspect of checking for the existence of and then sourcing a bash_completion script seems to cause this issue. In addition to the bash completion setup in package {{Pkg|bash-completion}}, the Ruby Version Manager (RVM) includes the invocation of a bash completion script as part of it's init. It's worth keeping in mind that whatever causes this issue likely exists outside the exclusive realm of bash completion scripts, and that /etc/profile* is still worth poking around in while debugging even if a completion script isn't found.<br />
<br />
=== Gnome System Icons are not loaded properly ===<br />
Problems with the loading of system icons, such the ones in the title bar of Nautilus, might be solved by (re)installing the package {{Pkg|gdk-pixbuf2}}:<br />
<br />
# pacman -S gdk-pixbuf2<br />
<br />
This may also fix the "oh no" screen and/or very slow loading and login with GDM as described in [https://bbs.archlinux.org/viewtopic.php?pid=1414157 this] thread.<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* [http://extensions.gnome.org/ Extensions for GNOME-shell]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>DarioPhttps://wiki.archlinux.org/index.php?title=GNOME&diff=314914GNOME2014-05-13T06:48:44Z<p>DarioP: /* Troubleshooting */</p>
<hr />
<div>[[Category:GNOME]]<br />
[[cs:GNOME]]<br />
[[de:GNOME]]<br />
[[es:GNOME]]<br />
[[fr:GNOME]]<br />
[[it:GNOME]]<br />
[[ja:GNOME]]<br />
[[nl:GNOME]]<br />
[[pl:GNOME]]<br />
[[pt:GNOME]]<br />
[[ru:GNOME]]<br />
[[sr:GNOME]]<br />
[[th:GNOME]]<br />
[[tr:Gnome Masaüstü Ortamı]]<br />
[[uk:GNOME]]<br />
[[zh-CN:GNOME]]<br />
[[zh-TW:GNOME]]<br />
{{Related articles start}}<br />
{{Related|Desktop environment}}<br />
{{Related|Display manager}}<br />
{{Related|Window manager}}<br />
{{Related|GTK+}}<br />
{{Related|GDM}}<br />
{{Related|Nautilus}}<br />
{{Related|Gedit}}<br />
{{Related|GNOME Web}}<br />
{{Related|GNOME Flashback}}<br />
{{Related articles end}}<br />
<br />
[http://www.gnome.org/ GNOME] is a [[desktop environment]] developed by The GNOME Project.<br />
<br />
GNOME 3 has ''two'' sessions:<br />
<br />
*'''GNOME''' is the default, innovative layout.<br />
*'''GNOME Classic''' is a traditional desktop layout, similar to the GNOME 2 user interface whilst using GNOME 3 technologies. It does so through the use of pre-activated extensions and parameters (see [http://worldofgnome.org/welcome-to-gnome-3-8-flintstones-mode/ here] for a list). Hence it is more of a customized GNOME Shell than a truly distinct mode.<br />
<br />
Both of them use GNOME Shell, a desktop shell and plugin of the Mutter window manager. Mutter acts as a composite manager for the desktop, employing hardware graphics acceleration to provide effects aimed at reducing screen clutter. GNOME session manager automatically detects if your video driver is capable of running GNOME Shell and if not, falls back to software rendering using llvmpipe.<br />
<br />
== Installation ==<br />
<br />
GNOME 3 is available in the [[official repositories]] and can be [[pacman|installed]] with one of the following:<br />
*The {{Pkg|gnome-shell}} package provides a minimal desktop shell.<br />
*The {{Grp|gnome}} group contains the core desktop environment and applications required for the standard GNOME experience.<br />
*The {{Grp|gnome-extra}} group contains various optional tools such as an editor, an archive manager, a disk burner, a mail client, games, development tools and other non-critical applications that integrate well with the GNOME desktop. Installing just the {{Grp|gnome-extra}} group will not pull in the whole {{Grp|gnome}} group via dependencies. If you want to install all GNOME packages then you will need to explicitly install both groups.<br />
<br />
== Starting GNOME ==<br />
<br />
'''Graphical log-in'''<br />
<br />
For the best desktop integration, [[GDM]] (the GNOME [[Display manager]]) is recommended. GDM is installed as part of the {{grp|gnome}} group and can be used by enabling {{ic|gdm.service}} [[systemd#Using units|using systemd]].<br />
<br />
Other display managers can be used in place of GDM if desired.<br />
<br />
{{note|Native support for screenlocking in GNOME is provided by GDM. If you choose to not use GDM you will need to use a different screenlocking program such as [[XScreenSaver]].}} <br />
<br />
'''Starting GNOME manually'''<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file:<br />
{{hc|~/.xinitrc|<nowiki><br />
exec gnome-session<br />
</nowiki>}}<br />
<br />
Or {{ic|exec gnome-session --session&#61;gnome-classic}} for GNOME Classic. After editing your {{ic|~/.xinitrc}}, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
See [[xinitrc]] for details, such as preserving the logind session.<br />
<br />
After setting up your {{ic|~/.xinitrc}} file you can also arrange to [[Start X at Login]] so that you don't have to run {{ic|startx}} manually.<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME Cheat Sheet ===<br />
<br />
The [https://wiki.gnome.org/Projects/GnomeShell/CheatSheet GNOME Shell Cheat Sheet] on the GNOME Wiki explains task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{ic|Alt}} + {{ic|F2}} then {{ic|r}} then {{ic|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
{{note|Valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart however there is a risk that data could be lost if documents are not saved.}}<br />
<br />
=== Shell freezes ===<br />
<br />
Sometimes shell extensions freeze the GNOME Shell. In this case a possible strategy is to switch to another terminal via {{ic|Ctrl+Alt+F2}} through {{ic|Ctrl+Alt+F6}}, log in, and restart gnome-shell with:<br />
<br />
# pkill -HUP gnome-shell<br />
<br />
All open applications will still be available after restarting the shell.<br />
<br />
Sometimes, however, merely restarting the shell might not be enough. Then you will have to restart X, losing all work in progress. You can restart X by:<br />
<br />
# pkill X<br />
<br />
The GNOME Shell then restarts automatically.<br />
<br />
If this does not work, you can try to restart your login manager. For instance, if you use GDM, try:<br />
<br />
# systemctl restart gdm.service<br />
<br />
{{Tip|You can also use '''htop''' in tty; press ''t'', select the ''gnome-shell'' tree, press ''k'' and send ''SIGKILL''.}}<br />
<br />
== Pacman integration: GNOME PackageKit ==<br />
{{Warning|1=As of Gnome 3.12 the pacman integration with packagekit is very outdated. See [https://bbs.archlinux.org/viewtopic.php?pid=1334848#p1334848 this forum thread] and [http://worldofgnome.org/gnome-software-on-arch/ this article] for more information.}}<br />
<br />
GNOME has its own Pacman GUI: {{Pkg|gnome-packagekit}}.<br />
<br />
Using the [https://www.archlinux.org/pacman/libalpm.3.html alpm] backend, it supports the following features:<br />
<br />
* Install and remove packages from the repos.<br />
* Periodically refresh package databases and prompt for updates.<br />
* Install packages from tarballs.<br />
* Search for packages by name, description, category or file.<br />
* Show package dependencies, files and reverse dependencies.<br />
* Ignore IgnorePkgs and hold HoldPkgs.<br />
* Report optional dependencies, .pacnew files, etc.<br />
<br />
You can change the {{ic|remove}} operation from -Rc to -Rsc by setting the DConf key {{ic|org.gnome.packagekit.enable-autoremove}}.<br />
<br />
=== Packages updates notifications ===<br />
<br />
If you want GNOME to check automatically for updates, you must install {{Pkg|gnome-settings-daemon-updates}} from the official repository.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
The ''Systems Settings'' tool (provided by {{pkg|gnome-control-center}}) is a simple and streamlined panel which covers most basic settings. <br />
<br />
More elaborate graphical customization (such as modifying fonts, themes, titlebar buttons and such) can be done using the graphical ''GNOME tweak tool''. {{Pkg|gnome-tweak-tool}} is available from the [[official repositories]]. See [[#Theming]] below for more information about the subject.<br />
<br />
More extensive customisation may require more low-level configuration, using [[#gsettings and dconf]].<br />
<br />
==== Theming ====<br />
<br />
To install a new theme or icon set, put it in {{ic|~/.local/share/themes}} or {{ic|~/.local/share/icons}}. You can then activate it using ''GNOME tweak tool'', that is described above.<br />
<br />
Alternatively, you can set a GTK (icon) theme via {{ic|~/.config/gtk-3.0/settings.ini}}. In this file you can set the GTK theme ({{ic|gtk-theme-name}}), the icon theme ({{ic|gtk-icon-theme-name}}), the font ({{ic|gtk-font-name}}) and more.<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of {{pkg|gnome-themes-standard}}. Additional GTK3 themes can be found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site]. For example:<br />
{{hc|~/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to restart the GNOME shell for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation].<br />
<br />
==== gsettings and dconf ====<br />
<br />
dconf is a data store used by GNOME to store its settings. It can be edited with the graphical {{ic|dconf-editor}} or the command line {{ic|gsettings}} tool. See [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] for a tutorial on using gsettings.<br />
<br />
=== Customize top bar ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.desktop.interface clock-show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When installing GNOME, some unwanted icons might appear in the panel. These icons can be removed by manually editing the GNOME panel script.<br />
<br />
For example, to remove the keyboard button, comment out the {{ic|'keyboard'}} line in {{ic|PANEL_ITEM_IMPLEMENTATIONS}}:<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const PANEL_ITEM_IMPLEMENTATIONS = {<br />
'activities': ActivitiesButton,<br />
'aggregateMenu': AggregateMenu,<br />
'appMenu': AppMenuButton,<br />
'dateMenu': imports.ui.dateMenu.DateMenuButton,<br />
'a11y': imports.ui.status.accessibility.ATIndicator,<br />
'a11yGreeter': imports.ui.status.accessibility.ATGreeterIndicator,<br />
//'keyboard': imports.ui.status.keyboard.InputSourceIndicator,<br />
};<br />
</nowiki>}}<br />
<br />
Then, save your results and restart the shell:<br />
<br />
#{{ic|Alt+F2}}<br />
#{{ic|r}}<br />
#{{ic|Enter}}<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command:<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
The [https://extensions.gnome.org/extension/120/system-monitor/ system-monitor] extension is included in the {{pkg|gnome-shell-extensions}} package. The git version is available as {{AUR|gnome-shell-system-monitor-applet-git}} in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
The [https://extensions.gnome.org/extension/613/weather/ Weather] extension can be installed from [https://extensions.gnome.org/extension/613/weather/ the official extension website]. The git version is available as {{AUR|gnome-shell-extension-weather-git}} in the [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like most desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are located in the '''{{ic|/usr/share/applications}}''' folder. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries. You will need root privileges to edit the .desktop files.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. <br />
<br />
{{Note|Removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.}}<br />
<br />
To hide an application launcher open its .desktop file in a text editor and add the following line:<br />
<br />
NoDisplay=true<br />
<br />
==== Sort applications into folders ====<br />
<br />
Gnome 3.12 allows the user to sort applications into folders. A GUI for this is provided by Gnome Software, which Arch does not package (due to PackageKit incompatibilities). However, applications can still be sorted into folders manually via dconf. To add a folder, navigate via dconf to '''{{ic|org.gnome.desktop.app-folders}}''' and set the value of '''{{ic|folder-children}}''' to an array of comma separated folder names:<br />
<br />
['Utilities', 'Sundry']<br />
<br />
To add applications to these folders, use '''{{ic|gsettings}}''':<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ apps "['alacarte.desktop', 'dconf-editor.desktop']"<br />
<br />
This adds the applications corresponding to '''{{ic|alacarte.desktop}}''' and '''{{ic|dconf-editor.desktop}}'''' to the Sundry folder.<br />
<br />
This will also create the folder '''{{ic|org.gnome.desktop.app-folders.folders.Sundry}}'''. The constituents of the folder can be updated from dconf or from '''{{ic|gsettings}}''', by appending applications to the list.<br />
<br />
To name the folder (if it has no name it will simply appear at the top of the applications), set the name key via '''{{ic|gsettings}}''':<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ name "Sundry"<br />
<br />
Applications can also be sorted by their category (specified in their '''{{ic|.desktop}}''' file):<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ categories "['Office']"<br />
<br />
If certain applications matching a category are not wanted in a certain folder, exclusions can be set:<br />
<br />
gsettings set org.gnome.desktop.app-folders.folder:/org/gnome/desktop/app-folders/folders/Sundry/ excluded-apps "['libreoffice-draw.desktop']"<br />
<br />
For further information, refer to the [https://git.gnome.org/browse/gsettings-desktop-schemas/tree/schemas/org.gnome.desktop.app-folders.gschema.xml.in.in app-folders schema].<br />
<br />
==== Change icon size ====<br />
<br />
===== For applications in activity view =====<br />
<br />
To change the application icon size it is necessary to edit the GNOME-Shell theme.<br />
<br />
You can edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. <br />
* For the '''default''' theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
* For '''user themes''', edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting the shell|restart the GNOME shell]].<br />
<br />
{{hc|gnome-shell.css|<nowiki><br />
...<br />
/* Application Launchers and Grid */<br />
<br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-horizontal-item-size: 82px;<br />
-shell-grid-vertical-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
...<br />
</nowiki>}}<br />
<br />
===== In dash =====<br />
<br />
GNOME's Activities view has a dash on the left hand side, the size of the icons in this dash will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/dash.js}}.<br />
<br />
{{hc|dash.js|<nowiki><br />
...<br />
<br />
let iconSizes = [ 16, 22, 24, 32, 48, 64 ];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
===== For switcher (alt-tab) =====<br />
<br />
GNOME comes with a built in task switcher, the size of the icons in this task switcher will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/altTab.js}}<br />
<br />
{{hc|altTab.js|<nowiki><br />
...<br />
<br />
const iconSizes = [96, 64, 48, 32, 22];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
===== For system tray =====<br />
<br />
GNOME comes with a built in system tray, visible when the mouse is hovered over the bottom right corner of the screen. The size of the icons in this tray is set to a fixed value of 24. To change this value, edit {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}<br />
{{hc|messageTray.js|<nowiki><br />
...<br />
<br />
ICON_SIZE: 24,<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Disable hot corner hovering ====<br />
<br />
===== Activity view =====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit {{ic|/usr/share/gnome-shell/js/ui/layout.js}} (that was ''panel.js'' in GNOME 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set {{ic|reactive}} to {{ic|false}}. GNOME Shell needs to be restarted.<br />
<br />
{{tip|There are also [[GNOME#GNOME_shell_extensions|GNOME Shell extensions]] that can be installed which will modify this behaviour.}}<br />
<br />
===== Message Tray =====<br />
<br />
The message tray is shown when the mouse hovers at the bottom of the screen for one second. To disable this behavior, comment out the following line in {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}:<br />
{{hc|messageTray.js|<nowiki><br />
//pointerWatcher.addWatch(TRAY_DWELL_CHECK_INTERVAL, Lang.bind(this, this._checkTrayDwell));<br />
</nowiki>}}<br />
GNOME Shell needs to be restarted. The message tray is still visible in activity view.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
<br />
* ''' global''' - edit {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
* '''user-only''' - copy {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}} to {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
<br />
Then restart the GNOME shell. <br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[official repositories]] or remove {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}.<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting can be changed through '''dconf-editor.'''<br />
<br />
For example, to move the close and minimize buttons to the left side of the titlebar, open '''dconf-editor''' and locate the '''''org.gnome.shell.overrides.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (colon symbol designates the spacer between left side and right side of the titlebar). Place the buttons in your preferred order. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. Restart the shell to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
The command below will hide the titlebar when windows are maximised:<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
After entering the command restart the GNOME shell. After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{ic|Alt+F5}}, {{ic|Alt+F10}} or {{ic|Alt+Space}} to remedy the situation.<br />
<br />
To prevent {{ic|metacity-theme-3.xml}} from being overwritten each time package {{pkg|gnome-themes-standard}} is upgraded, add its name to {{ic|/etc/pacman.conf}} with {{ic|NoUpgrade}}:<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman will not upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values, install the {{pkg|gnome-themes-standard}} package.<br />
<br />
== Miscellaneous settings ==<br />
<br />
=== Power Management ===<br />
<br />
==== Turn off Suspend-To-RAM (S3) when closing the LID ====<br />
This setting is not available in GNOME, ''gnome-control-center'' and ''dconf'' make this available. The current approach is to manage this on the level of [[systemd]]. Edit {{ic|/etc/systemd/logind.conf}}, uncomment the {{ic|HandleLidSwitch}} line and set it to {{ic|ignore}}:<br />
<br />
{{hc|/etc/systemd/logind.conf|HandleLidSwitch&#61;ignore}}<br />
<br />
See the [[Power management#ACPI_events]] article for more information.<br />
<br />
==== No reaction on lid close ====<br />
<br />
When configuring the lid close events via [[Power management#ACPI_events]], the settings may seem to have no effect. If you have an external monitor connected to your laptop, this is default GNOME behaviour. Disconnect the monitor and the settings should work, otherwise your {{ic|/etc/systemd/logind.conf}} may be incorrect.<br />
To change default behaviour open the {{ic|dconf-editor}} and change {{ic|org.gnome.settings-daemon.plugins.xrandr.default-monitors-setup}} to {{ic|"do-nothing"}}.<br />
<br />
==== Change Critical Battery Level Action (for Laptops) ====<br />
<br />
The ''System Settings'' panel only allows the user to choose between ''Suspend'' or ''Hibernate''. To choose another option such as ''Do Nothing'' open the {{ic|dconf-editor}} and navigate to {{ic|org.gnome.settings-daemon.plugins.power}}. Edit the {{ic|"critical-battery-action"}} value to {{ic|"nothing"}}.<br />
<br />
=== Switch back scrolling behavior ===<br />
If you do not like the new scrollbar behavior just put {{ic|<nowiki>gtk-primary-button-warps-slider = false</nowiki>}} under the {{ic|<nowiki>[Settings]</nowiki>}} section in {{ic|~/.config/gtk-3.0/settings.ini}}:<br />
<br />
{{hc|~/.config/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-primary-button-warps-slider = false<br />
...<br />
</nowiki>}}<br />
<br />
=== Autostarting / Automatic program launch upon logging in ===<br />
<br />
As of Gnome 3.12 {{ic|gnome-session-properties}} is deprecated. Specify which programs start automatically after logging in using {{ic|gnome-tweak-tool}}.<br />
<br />
=== Editing applications menu ===<br />
<br />
{{pkg|alacarte}} provides a more complete menu editor for adding/editing menu entries.<br />
<br />
=== Gnome Terminal ===<br />
<br />
==== Inner padding ====<br />
<br />
To move the terminal output away from the window borders create the stylesheet {{ic|~/.config/gtk-3.0/gtk.css}} with the following setting:<br />
<br />
TerminalScreen {<br />
-VteTerminal-inner-border: 10px 10px 10px 10px;<br />
}<br />
<br />
==== Disable blinking cursor ====<br />
<br />
Since Gnome 3.8 and the migration to gsettings and dconf the key required to modify in order to disable the blinking cursor in the Terminal differs slightly in contrast to the old gconf key. To disable the blinking cursor in Gnome 3.8 use:<br />
<br />
gsettings set org.gnome.desktop.interface cursor-blink false<br />
<br />
If you prefer dconf to the gsettings CLI then open {{ic|dconf-editor}}, go to org -> gnome -> desktop -> interface and untick the option labelled '''cursor-blink'''.<br />
<br />
To disable the blinking cursor in Terminal only use (make sure profile uid is correct one):<br />
<br />
dconf write /org/gnome/terminal/legacy/profiles:/:b1dcc9dd-5262-4d8d-a863-c897e6d979b9/cursor-blink-mode "'off'"<br />
<br />
==== Make new tabs inherit current directory (for Gnome Terminal 3.8+) ====<br />
<br />
In Gnome 3.8, the behaviour of how current directories are tracked has changed. To restore this behaviour, you need to source the {{ic|/etc/profile.d/vte.sh}} file, put this in your {{ic|~/.bashrc}} or {{ic|~/.zshrc}} for zsh users:<br />
<br />
source /etc/profile.d/vte.sh<br />
<br />
For more information refer to the [https://wiki.gnome.org/action/show/Apps/Terminal/FAQ?action=show&redirect=Terminal%252FFAQ#How_can_I_make_new_terminals_start_in_the_working_directory_of_the_current_terminal.3F Gnome wiki].<br />
<br />
=== Move dialog windows ===<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions. These provide features such as a dock or a widget for changing the theme.<br />
<br />
Many extensions are collected and hosted by [https://extensions.gnome.org/ extensions.gnome.org]. They can be browsed and installed simply activating them in the browser. More information about gnome shell extensions can be found [https://extensions.gnome.org/about/ here].<br />
<br />
See [[#When an extension breaks GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default Applications ===<br />
<br />
While one can right click any file and set the default applications in 'Preferences', the settings are actually saved in {{ic | $HOME/.local/share/applications/mimeapps.list}} and {{ic| $HOME/.local/share/applications/mimeinfo.cache}}.<br />
<br />
{{tip|If you are making the change systemwide you may to create the {{ic|/usr/share/applications/mimeapps.list}} file yourself.}}<br />
<br />
==== File browser/replace Nautilus ====<br />
<br />
You can specify a different file manager in the ''mimeapps.list'' file as shown below:<br />
<br />
'''User only''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|~/.local/share/applications/mimeapps.list}}<br />
<br />
'''Systemwide''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|/usr/share/applications/mimeapps.list}}<br />
<br />
Where my filemanager.desktop is the correct .desktop file for the file manager of your choice.<br />
<br />
Alternatively you can trick GNOME into using another file browser by editing the {{ic|Exec}} line in {{ic|/usr/share/applications/nautilus.desktop}}. See the correct parameters in the {{ic|.desktop}} file of the file manager of your choice, e.g.:<br />
<br />
{{hc|/usr/share/applications/nautilus.desktop|<br />
2=[...]<br />
Exec=thunar %F<br />
OR<br />
Exec=pcmanfm %U<br />
OR<br />
Exec=nemo %U<br />
[...]<br />
}}<br />
<br />
==== PDF viewer ====<br />
<br />
In some cases when you have installed Inkscape or other graphic programs Evince Document Viewer might no longer be selected as the default PDF application. If it is not available in the '''Open With''' entry which would be the GUI solution, you can use the following user command to make it the default application again:<br />
<br />
xdg-mime default evince.desktop application/pdf<br />
<br />
==== Terminal ====<br />
<br />
{{ic|gsettings}} (which replaces {{ic|gconftool-2}}) is used to set the default terminal. The setting affects ''nautilus-open-terminal'' (a Nautilus extension).<br />
To make [[rxvt-unicode|urxvt]] the default, run:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|The {{ic|-e}} flag is for executing a command. When ''nautilus-open-terminal'' invokes {{ic|urxvtc}}, it puts a {{ic|cd}} command at the end of the command line so that the new terminal starts in the directory you opened it from. Other terminals will require a different (perhaps empty) {{ic|exec-arg}}.}}<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== Display dimming ===<br />
<br />
By default GNOME 3 has a ten second idle timeout to dim the screen regardless of the battery and AC state:<br />
<br />
# gsettings get org.gnome.settings-daemon.plugins.power idle-dim-time<br />
<br />
To set a new value type the following<br />
<br />
# gsettings set org.gnome.settings-daemon.plugins.power idle-dim-time <int><br />
<br />
where <int> is the value in seconds.<br />
<br />
=== Changing hotkeys ===<br />
Certain hotkeys cannot be changed directly via the ''System Settings'' panel. In order to change these keys, use dconf-editor. An example of particular note is the hotkey Alt-Above_Tab. On US keyboards, this is Alt-`: is a hotkey often used in the [[Emacs]] editor. It can be changed by opening dconf-editor and modifying the ''switch-group'' key found in {{ic|org.gnome.desktop.wm.keybindings}}.<br />
<br />
It is possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at ~/.config/Thunar/accels.scm, whereas Nautilus's is located at ~/.config/nautilus/accels and ~/.gnome2/accels/nautilus on old release.<br />
<br />
The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
For example to replace the hotkey used by Nautilus to move files to the trash folder, change the line:<br />
<br />
; (gtk_accel_path "<Actions>/DirViewActions/Trash" "<Primary>Delete")<br />
to this:<br />
<br />
(gtk_accel_path "<Actions>/DirViewActions/Trash" "Delete")<br />
<br />
The file is regenerated regularly so do not comment the file. The uncommented line will stay but every comment you add will be lost.<br />
<br />
==== Hotkeys in Nautilus 3.4 and older ====<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
The default assignment is a somewhat-awkward {{ic|Ctrl+Delete}}.<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{ic|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{ic|Delete}} to make the new accelerator be the Delete key.<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Screencast recording ===<br />
<br />
Gnome features the built-in possbility to create screencasts easily. Thereby Control+Shift+Alt+R keybinding starts and stops the recording. A red circle is displayed in the bottom right corner of the screen when the recording is in progress. After the recording is finished, a file named 'Screencast from %d%u-%c.webm' is saved in the Videos directory. In order to use the screencast feature you need to have installed the gst plugins which are:<br />
<br />
$ pacman -Qs gst<br />
<br />
=== Modify Keyboard with XkbOptions ===<br />
<br />
Using the '''dconf-editor''', navigate to the key named {{ic|org.gnome.desktop.input-sources.xkb-options}} and add desired XkbOptions (e.g. ''caps:swapescape'') to the list.<br />
<br />
See {{ic|/usr/share/X11/xkb/rules/xorg}} for all XkbOptions and {{ic|/usr/share/X11/xkb/symbols/*}} for the respective descriptions.<br />
<br />
{{Note|To enable the {{ic|Ctrl+Alt+Backspace}} combination to terminate Xorg, use the {{Pkg|gnome-tweak-tool}} from [[official repositories]]. Within the '''Tweak Tool''', navigate to ''Typing > Terminate'' and select the option {{ic|Ctrl+Alt+Backspace}} from the dropdown menu.}}<br />
<br />
=== Toggle keyboard layouts ===<br />
Since Gnome does not consider any configuration in {{ic|/etc/X11/conf.d/*.conf}} you have to set the command for layout switching either via the control center with the options ''Switch to previous source'' and ''Switch to next source'' or if you want to use Alt - Shift combination you have to use the Gnome-Tweak-Tool and set ''Typing -> Modifiers-only input sources -> select Alt-shift''. For more information see also the forum [https://bbs.archlinux.org/viewtopic.php?id=152127 thread].<br />
<br />
=== HiDPI Support (Retina Screens) ===<br />
<br />
See [[HiDPI]].<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Tracker (search program) ==<br />
The {{Pkg|tracker}} provides the Tracker program, an indexing application. You can configure it with {{ic|tracker-preferences}}, and monitor status with {{ic|tracker-control}}. Once installed, indexing should start automatically when you log in. You can explicitly start indexing with {{ic|tracker-control -s}}. Search settings can also be configured in the ''System Settings'' panel.<br />
<br />
== Totem (movie player) ==<br />
<br />
Totem is a movie player based on [[GStreamer]]. For information about adding codecs or hardware acceleration, see [[GStreamer]].<br />
<br />
== Empathy (integrated messaging) and GNOME Online Accounts ==<br />
<br />
Empathy, the engine behind integrated messaging, GNOME Online Accounts, and all other system settings based on messaging accounts will not function correctly unless the {{grp|telepathy}} group of packages or at least one of the backends ({{pkg|telepathy-gabble}}, or {{pkg|telepathy-haze}}, for example) is installed.<br />
<br />
These packages are '''not''' included in either the {{grp|gnome}} or {{grp|gnome-extra}} groups . You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the {{ic|/usr/bin/empathy-accounts}} application can remain running and will need to be killed before you can add any new accounts. Likewise, without telepathy installed, the 'Add an online account' button in GNOME Online Accounts will do nothing.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components freedesktop.org telepathy wiki].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Cannot change settings in dconf-editor ===<br />
<br />
When one cannot set settings in {{pkg|dconf}}, it is possible their dconf user settings are corrupt. In this case it is best to delete the user dconf files in {{ic|~/.config/dconf/user*}} and set the settings in dconf-editor after.<br />
<br />
=== Extensions ===<br />
<br />
==== When an extension breaks GNOME ====<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of {{ic|~/.local/share/gnome‑shell/extensions}}, {{ic|/usr/share/gnome‑shell/extensions}} or {{ic|/usr/local/share/gnome‑shell/extensions}}. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on GNOME Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
==== Extensions do not work after GNOME 3 update ====<br />
<br />
Locate the folder where your extensions are installed. It might be {{ic|~/.local/share/gnome-shell/extensions}} or {{ic|/usr/share/gnome-shell/extensions}}.<br />
<br />
Edit each occurrence of {{ic|metadata.json}} which appears in each extension sub-folder.<br />
<br />
{| border="0"<br />
| Insert: || {{ic|"shell-version": ["3.6"]}}<br />
|-<br />
| Instead of (for example): || {{ic|"shell-version": ["3.4"]}}<br />
|}<br />
<br />
{{ic|"3.x"}} indicates the extension works with every shell version. If it breaks, you will know to change it back.<br />
<br />
==== Remove Gnome Shell Extensions ====<br />
<br />
If you have trouble with uninstalling Gnome Extensions via https://extensions.gnome.org/local/, then probably they have been installed as system-wide extensions with {{ic|pacman -S gnome-shell-extensions}} before. To remove them, you have to be careful, because the following instruction removes all extensions from other user's, too:<br />
<br />
# pacman -R gnome-shell-extensions<br />
<br />
Following that, you refresh Gnome Shell by pressing ALT+F2 and entering {{ic|restart}}.<br />
<br />
Then go to https://extensions.gnome.org/local/ again and have a look for your installed extensions list. It should have changed.<br />
<br />
All other extensions should be removable by pressing the red X icon to the right. If not, something may be broken. <br />
<br />
As a final step, you can remove them manually from {{ic|~/.local/share/gnome-shell/extensions/*}} and/or {{ic|/usr/share/gnome-shell/extensions}}. Restart Gnome Shell again and you should be fine.<br />
<br />
=== The "Windows" key ===<br />
By default, this key is mapped to the "overlay-key" to launch the Overview. You can remove this key mapping to free up your {{ic|Windows Key}} (also called {{ic|Mod4}}), which GNOME calls {{ic|Super_L}}, by utilizing {{ic|gsettings}}.<br />
<br />
Example:<br />
{{ic| gsettings set org.gnome.mutter overlay-key 'Foo';}}.<br />
You can leave out '''Foo''' to simply remove any binding to that function.<br />
<br />
{{Note| GNOME also uses {{ic|Alt+F1}} to launch the Overview.}}<br />
<br />
=== Keyboard Shortcut do not work with only conky running ===<br />
The gnome-shell keyboard shortcuts like {{ic|Alt+F2}}, {{ic|Alt+F1}}, and the media key shortcuts do not work if conky is the only program running. However if another application like gedit is running, then the keyboard shortcuts work.<br />
<br />
solution: edit .conkyrc <br />
<br />
own_window yes<br />
own_window_transparent yes<br />
own_window_argb_visual yes<br />
own_window_type dock<br />
own_window_class Conky<br />
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in GNOME Shell which causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit {{ic|/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js}} and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Navigation --> Hide all normal windows<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it cannot unlock it. If the touchpad gets locked you can do the following to unlock it:<br />
<br />
# Start a terminal. You can do this by pressing {{ic|Alt+F2}}, then typing {{ic|gnome-terminal}} followed by pressing {{ic|Enter}}.<br />
# Type in the following command:<br />
<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== Consistent cursor theme ===<br />
<br />
You may find that the cursor theme used in GNOME is not consistent. For example, it may change when moving the cursor across different application windows. To fix this problem, set the cursor theme by creating an {{ic|index.theme}} file which defines the cursor theme according to the XDG icon theme specification. See the following section of the [[Cursor Themes]] article: [[Cursor_Themes#Using_an_index.theme_file_.28recommended.29]].<br />
<br />
=== Tracker & Documents do not list any local files ===<br />
<br />
In order for Tracker (and, therefore, Documents) to detect your local files, they must be stored in directories that it knows of. If your documents are contained in one of the usual XDG standard directories (i.e. "Documents" or "Music"), you should install {{Pkg|xdg-user-dirs}} and run:<br />
<br />
# xdg-user-dirs-update<br />
<br />
This will create all of the usual XDG home directories if they do not already exist and it will create the config file definining these directories that Tracker and Documents depend upon.<br />
<br />
=== Passwords are not remembered ===<br />
<br />
If you get a password prompt every time you login, and you find password are not saved, you might need to create/set a default keyring.<br />
<br />
Install {{pkg|seahorse}}. Open "Passwords and Keys" from the menu or run {{ic|seahorse}}. Select View > By Keyring. If there is no keyring in the left column (it will be marked with a lock icon), go to File > New > Password Keyring and give it a nice name. You will be asked to enter a password. If you do not give it a password it will be unlocked automatically even when using autologin, but passwords will not be stored securely. Finally, right-click on the keyring you just created and select "Set as default".<br />
<br />
=== Windows cannot be modified with Alt-Key + Mouse-Button ===<br />
<br />
Change the dconf-setting "org.gnome.desktop.wm.preferences.mouse-button-modifier" from <Super> back to <Alt>. It is not possible to change this with ''System Settings'' > "Keyboard" > "Shortcuts", you will find there only the regular keybindings. The developers of GNOME decided to change this from 3.4 to 3.6 because of this bug report https://bugzilla.gnome.org/show_bug.cgi?id=607797<br />
<br />
=== Gnome-shell 3.8.x fails to load with a black screen + cursor ===<br />
<br />
If you have a non-UTF8 language enabled, Gnome 3 can fail to load. Disable non-UTF-8 locales and perform a locale-gen until this is resolved.<br />
For more information see [https://bugzilla.gnome.org/show_bug.cgi?id=698952 this bug report].<br />
<br />
Additionally, if multiple locales of different languages are enabled, it may be necessary to disable all locales except for one (which is UTF-8).<br />
<br />
=== UI elements scale incorrectly ===<br />
<br />
Gnome introduced HDPI support in version 3.10. If your display does not provide the correct screen size through EDID, this can lead to incorrectly scaled UI elements. As a workaround you can open dconf-editor and find the key {{ic|scaling-factor}} in {{ic|org.gnome.desktop.interface}}. Set it to {{ic|1}} to get the standard scale.<br />
<br />
=== Tear-free video with Intel HD Graphics ===<br />
Enabling the [[Intel _Graphics#Tear-free_video|Xorg Intel TearFree option]] is a known workaround to tearing problems on Intel adapters, however the way this option acts makes it redundant with the use of a compositor (adds up memory consumption and lowers performance, see [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c123 the original bug report's final comment]).<br />
<br />
On the other hand, GNOME Shell uses Mutter as a compositor which has a tweak known to address tearing problems (see [https://bugzilla.gnome.org/show_bug.cgi?id=657071#c1 the original suggestion for this fix] and its mention in [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c59 the Freedesktop bug report]): the line {{ic|1=CLUTTER_PAINT=disable-clipped-redraws:disable-culling}} must be appended to {{ic|/etc/environment}} and Xorg server restarted. This tweak solved tearing problems.<br />
<br />
=== Logging in through GDM or lightdm quickly returns to the login screen without any feedback ===<br />
As discovered by the person in [http://forums.debian.net/viewtopic.php?f=6&t=84115 this] thread, some aspect of checking for the existence of and then sourcing a bash_completion script seems to cause this issue. In addition to the bash completion setup in package {{Pkg|bash-completion}}, the Ruby Version Manager (RVM) includes the invocation of a bash completion script as part of it's init. It's worth keeping in mind that whatever causes this issue likely exists outside the exclusive realm of bash completion scripts, and that /etc/profile* is still worth poking around in while debugging even if a completion script isn't found.<br />
<br />
=== Gnome System Icons are not loaded properly ===<br />
Problems with the loading of system icons such the ones in the title bar of Nautilus might be solved by (re)installing the package {{Pkg|gdk-pixbuf2}}:<br />
<br />
# pacman -S gdk-pixbuf2<br />
<br />
This may also fix the "oh no" screen and/or very slow loading and login with GDM as described in [https://bbs.archlinux.org/viewtopic.php?pid=1414157 this] thread.<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* [http://extensions.gnome.org/ Extensions for GNOME-shell]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>DarioPhttps://wiki.archlinux.org/index.php?title=Wine&diff=270700Wine2013-08-11T12:32:33Z<p>DarioP: /* Installing Microsoft Office */</p>
<hr />
<div>[[Category:Wine]]<br />
[[cs:Wine]]<br />
[[de:Wine]]<br />
[[es:Wine]]<br />
[[fr:Wine]]<br />
[[it:Wine]]<br />
[[ja:Wine]]<br />
[[ru:Wine]]<br />
[[zh-CN:Wine]]<br />
[[zh-TW:Wine]]<br />
{{Article summary start}}<br />
{{Article summary text|[[Wikipedia:Wine (software)|Wine]] is a ''compatibility layer'' capable of running Microsoft Windows applications on Unix-like operating systems. Programs running in Wine act as native programs would, without the performance/memory penalties of an emulator.}}<br />
<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Steam}}<br />
{{Article summary wiki|CrossOver}}<br />
{{Article summary end}}<br />
<br />
See the [http://www.winehq.org/ official project home] and [http://wiki.winehq.org/ wiki] pages for longer introduction. <br />
<br />
== Installation ==<br />
{{Warning|If you can access a file or resource with your user account, programs running in Wine can too. Wine prefixes are not [[wikipedia:Sandbox (computer security)|sandboxes]]. Consider using [[wikipedia:Virtualization|virtualization]] if security is important.}}<br />
<br />
Wine can be [[pacman|installed]] with the package {{Pkg|wine}}, available in the [[official repositories]]. If you are running a 64-bit system, you will need to enable the [[Multilib]] repository first.<br />
<br />
You may also want to install {{pkg|wine_gecko}} and {{pkg|wine-mono}} for applications that need support for Internet Explorer and .NET, respectively. These packages are not strictly required as Wine will download the relevant files as needed. However, having the files downloaded in advance allows you to work off-line and makes it so Wine does not download the files for each WINEPREFIX needing them.<br />
<br />
'''Architectural differences'''<br />
<br />
The default Wine is 32-bit, as is the i686 Arch package. As such, it is unable to execute any 64-bit Windows applications (which are still fairly rare at this point anyway).<br />
<br />
The Wine package for x86_64, however, is currently built with {{ic| --enable-win64}}. This activates the Wine version of [[Wikipedia:WoW64|WoW64]]. <br />
*In Windows, this complicated subsystem allows the user to use 32-bit and 64-bit Windows programs concurrently and even in the same directory. <br />
*In Wine, the user will have to make separate directories/prefixes. The support for this feature in Wine is currently experimental and users are recommended to use a win32 {{ic|WINEPREFIX}}. See [http://wiki.winehq.org/Wine64 Wine64] for specific information on this.<br />
<br />
To summarize, using the Arch 64-bit Wine package with {{ic|1=WINEARCH=win32}} should have the same behaviour as using the i686 Wine package.<br />
<br />
{{Note|If you run into problems with {{ic|winetricks}} or programs with a 64-bit environment, try creating a new 32-bit {{ic|WINEPREFIX}}. See below: [[#Using WINEARCH]]}}<br />
<br />
== Configuration ==<br />
By default, Wine stores its configuration files and installed Windows programs in {{ic|~/.wine}}. This directory is commonly called a "Wine prefix" or "Wine bottle" It is created/updated automatically whenever you run a Windows program or one of Wine's bundled programs such as {{ic|winecfg}}. The prefix directory also contains a tree which your Windows programs will see as {{ic | C:\}} (C-drive)<br />
<br />
You can override the location Wine uses for a prefix with the {{ic|WINEPREFIX}} environment variable. This is useful if you want to use separate configurations for different Windows programs. <br />
<br />
For example, if you run one program with: {{ic |1= $ env WINEPREFIX=~/.win-a wine program-a.exe}}, and another with {{ic |1= $ env WINEPREFIX=~/.win-b wine program-b.exe}}, the two programs will each have separate "C:\" and registries.<br />
<br />
To create a default prefix without running a Windows program or other GUI tool you can use:<br />
$ env WINEPREFIX=~/.customprefix wineboot -u<br />
<br />
Configuring Wine is typically accomplished using:<br />
* [http://wiki.winehq.org/winecfg winecfg] is a GUI configuration tool for Wine. You can run it from a console window with: {{ic|$ winecfg}}, or {{ic|1=$ WINEPREFIX=~/.some_prefix winecfg}}.<br />
<br />
* [http://wiki.winehq.org/control control.exe] is Wine's implementation of Windows' Control Panel which can be accessed with: {{ic|$ wine control}}<br />
<br />
* [http://wiki.winehq.org/regedit regedit] is Wine's registry editing tool. If winecfg and the Control Panel were not enough, see [http://wiki.winehq.org/UsefulRegistryKeys WineHQ's article on Useful Registry Keys]<br />
<br />
=== Using WINEARCH ===<br />
If you are using wine from [multilib], you will notice that {{ic|winecfg}} will get you a 64-bit wine environment by default. You can change this behavior using the {{ic|WINEARCH}} environment variable. Rename your {{ic|~/.wine}} directory and create a new wine environment by running: <br />
{{ic |1=$ WINEARCH=win32 winecfg}} This will get you a 32-bit wine environment. Not setting {{ic|WINEARCH}} will get you a 64-bit one.<br />
<br />
You can combine this with {{ic|WINEPREFIX}} to make a separate win32 and win64 environment:<br />
$ WINEARCH=win32 WINEPREFIX=~/win32 winecfg <br />
$ WINEPREFIX=~/win64 winecfg<br />
<br />
{{Note|During prefix creation, the 64-bit version of wine treats all folders as 64-bit prefixes and will not create a 32-bit in any existing folder. To create a 32-bit prefix you have to let wine create the folder specified in {{ic|WINEPREFIX}}.}}<br />
<br />
You can also use winetricks and {{ic|WINEARCH}} in one command for installing something from winetricks like this (using Steam as an example):<br />
env WINEARCH=win32 WINEPREFIX=~/.local/share/wineprefixes/steam winetricks steam<br />
{{Tip| You can make variables like WINEPREFIX or WINEARCH constant by using [[Bash#Shell_and_environment_variables|~/.bashrc]]. }}<br />
{{Note|You do not have create the steam subdirectory in the {{ic|wineprefixes}} directory, it will create for you. See the Bottles section below for more information.}}<br />
<br />
=== Graphics drivers ===<br />
<br />
For most games, Wine requires high performance accelerated graphics drivers. This likely means using proprietary [[NVIDIA]] or [[AMD Catalyst]] drivers. [[Intel]] drivers should mostly work as well as they are going to out of the box.<br />
<br />
A good sign that your drivers are inadequate or not properly configured is when Wine reports the following in your terminal window:<br />
Direct rendering is disabled, most likely your OpenGL drivers have not been installed correctly<br />
<br />
For x86-64 systems, additional [[multilib]] or [[AUR]] packages are required:<br />
<br />
* '''NVIDIA''': {{Pkg|lib32-nvidia-libgl}} For older cards search the AUR for '''lib32-nvidia-utils''' (e.g. -173xx).<br />
* '''NVIDIA (open driver)''': {{Pkg|lib32-nouveau-dri}}.<br />
* '''Intel''': {{Pkg|lib32-intel-dri}}. Run Wine with: {{ic|1=LIBGL_DRIVERS_PATH=/usr/lib32/xorg/modules/dri}}.<br />
* '''AMD/ATI''': {{Pkg|lib32-catalyst-utils}}.<br />
* '''AMD/ATI (open driver)''': {{Pkg|lib32-ati-dri}}.<br />
<br />
{{Note|You might need to restart X after having installed the correct library.}}<br />
<br />
=== Sound ===<br />
<br />
By default sound issues may arise when running Wine applications. Ensure only one sound device is selected in {{ic|winecfg}}. Currently, the [[Alsa]] driver is the most supported.<br />
<br />
If you want to use [[Alsa]] driver in Wine, and are using x86_64, you'll need to install the {{Pkg|lib32-alsa-lib}}. If you are also using PulseAudio, you will need to install {{Pkg|lib32-libpulse}}.<br />
<br />
If you want to use [[OSS]] driver in Wine, you will need to install the {{Pkg|lib32-alsa-oss}} package. The OSS driver in the kernel will not suffice.<br />
<br />
If {{ic|winecfg}} '''still''' fails to detect the audio driver (Selected driver: (none)), [http://wiki.jswindle.com/index.php/Wine_Registry#Configuring_Sound configure it via the registry].<br />
<br />
Games that use advanced sound systems may require installations of {{Pkg|lib32-openal}}.<br />
<br />
=== Other libraries ===<br />
<br />
Some applications (e.g. Office 2003) require ability to parse HTML or XML (they use MSXML library), in such case you need to install {{Pkg|lib32-libxml2}}.<br />
<br />
Applications that play music may require {{Pkg|lib32-mpg123}}.<br />
<br />
For application that use native image manipulation libraries installation of {{Pkg|lib32-giflib}} and {{Pkg|lib32-libpng}} may be required.<br />
<br />
For encryption support on x86_64 you need to install {{Pkg|lib32-gnutls}}.<br />
<br />
=== Fonts ===<br />
<br />
If Wine applications are not showing easily readable fonts, you may not have Microsoft's Truetype fonts installed. See [[MS Fonts]]. If this does not help, try running {{ic|winetricks allfonts}}.<br />
<br />
After running such programs, kill all wine servers and run {{ic|winecfg}}. Fonts should be legible now.<br />
<br />
If the fonts look somehow smeared, import the following text file into the Wine registry with [http://wiki.winehq.org/regedit regedit]:<br />
[HKEY_CURRENT_USER\Software\Wine\X11 Driver]<br />
"ClientSideWithRender"="N"<br />
<br />
=== Desktop launcher menus ===<br />
<br />
By default, installation of Wine does not create desktop menus/icons for the software which comes with Wine (e.g. for {{ic|winecfg}}, {{ic|winebrowser}}, etc). However, installing Windows programs with Wine, in most cases, should result in the appropriate menu/desktop icons being created. For example, if the installation program (e.g. {{ic|setup.exe}}) would normally add an icon to your Desktop or "Start Menu" on Windows, then Wine should create corresponding freedesktop.org style {{ic|.desktop}} files for launching your programs with Wine.<br />
<br />
{{Tip|If menu items were ''not'' created while installing software or have been lost, [http://wiki.winehq.org/winemenubuilder winemenubuilder] may be of some use.}}<br />
<br />
If you wish to add on to the menu to create an Ubuntu-like Wine sub-menu, then follow these instructions:<br />
<br />
==== Creating menu entries ====<br />
<br />
First, install a Windows program using Wine to create the base menu. After the base menu is created, you can start to add the menu entries. In GNOME, right-click on the desktop and select {{ic|"Create Launcher..."}}. The steps might be different for KDE/Xfce. Make three launchers using these settings:<br />
'''Type''': Application<br />
'''Name''': Configuration<br />
'''Command''': winecfg<br />
'''Comment''': Configure the general settings for Wine<br />
<br />
'''Type''': Application<br />
'''Name''': Uninstall Programs<br />
'''Command''': wine uninstaller<br />
'''Comment''': Uninstall Windows programs under Wine properly<br />
<br />
'''Type''': Application<br />
'''Name''': Browse C:\<br />
'''Command''': wine winebrowser c:\\<br />
'''Comment''': Browse the files in the virtual Wine C:\ drive<br />
Now that you have these three launchers on your desktop, it is time to put them into the menu. But, first you should change the launchers to dynamically change icons when a new icon set is installed. To do this, open the launchers that you just made in your favorite text editor. Change the following settings to these new values:<br />
<br />
{{ic|Configuration}} launcher:<br />
Icon[en_US]=wine-winecfg<br />
Icon=wine-winecfg<br />
{{ic|Uninstall Programs}} launcher:<br />
Icon[en_US]=wine-uninstaller<br />
Icon=wine-uninstaller<br />
{{ic|Browse C:\}} launcher:<br />
Icon[en_US]=wine-winefile<br />
Icon=wine-winefile<br />
If these settings produce a ugly/non-existent icon, it means that there are no icons for these launchers in the icon set that you have enabled. You should replace the icon settings with the explicit location of the icon that you want. Clicking the icon in the launcher's properties menu will have the same effect. A great icon set that supports these shortcuts is [http://www.gnome-look.org/content/show.php/GNOME-colors?content=82562 GNOME-colors].<br />
<br />
Now that you have the launchers fully configured, now it is time to put them in the menu. Copy them into {{ic|~/.local/share/applications/wine/}}.<br />
<br />
Wait a second, they are not in the menu yet! There is one last step. Create the following text file: {{hc|~/.config/menus/applications-merged/wine-utilities.menu|<nowiki><br />
<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"<br />
"http://www.freedesktop.org/standards/menu-spec/menu-1.0.dtd"><br />
<Menu><br />
<Name>Applications</Name><br />
<Menu><br />
<Name>wine-wine</Name><br />
<Directory>wine-wine.directory</Directory><br />
<Include><br />
<Filename>wine-Configuration.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Browse C:\.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Uninstall Programs.desktop</Filename><br />
</Include><br />
</Menu><br />
</Menu><br />
</nowiki>}}<br />
Go check in the menu and there should be the minty fresh options waiting to be used!<br />
<br />
==== Remove Wine launcher menus in Gnome3 ====<br />
<br />
System wide launcher menus are located in {{ic|/usr/share/applications/}}. Remove the program's ".desktop" entry to remove the launcher system wide.<br />
<br />
If this does not solve the problem, it is likely the wine launchers are located in<br />
{{ic|~/.local/share/applications/wine/Programs/}}. In the directories corresponding to the program files are the ".desktop" launcher files. Remove these files to remove the launchers. Remove the entire program's directory to easily remove the launcher files.<br />
<br />
==== KDE 4 menu fix ====<br />
<br />
The Wine menu items [https://bugs.launchpad.net/ubuntu/+source/wine/+bug/263041 may appear] in {{ic|"Lost & Found"}} instead of the Wine menu in KDE 4. This is because {{ic|kde-applications.menu}} is missing the {{ic|MergeDir}} option.<br />
<br />
Edit {{ic|/etc/xdg/menus/kde-applications.menu}}<br />
<br />
At the end of the file add {{ic|<MergeDir>applications-merged</MergeDir>}} after {{ic|<DefaultMergeDirs/>}}, it should look like this:<br />
<Menu><br />
<Include><br />
<And><br />
<Category>KDE</Category><br />
<Category>Core</Category><br />
</And><br />
</Include><br />
<DefaultMergeDirs/><br />
'''<MergeDir>applications-merged</MergeDir>'''<br />
<MergeFile>applications-kmenuedit.menu</MergeFile><br />
</Menu><br />
<br />
Alternatively you can create a symlink to a folder that KDE does see:<br />
ln -s ~/.config/menus/applications-merged ~/.config/menus/kde-applications-merged<br />
<br />
This has the added bonus that an update to KDE won't change it, but is per user instead of system wide.<br />
<br />
== Running Windows applications ==<br />
<br />
{{Warning|Do not run or install Wine applications as root! See [http://wiki.winehq.org/FAQ#run_as_root Running Wine as root] for the official statement.}}<br />
To run a windows application:<br />
$ wine <path to exe><br />
<br />
To install using an MSI installer, use the included msiexec utility:<br />
$ msiexec installername.msi<br />
<br />
== Tips and tricks ==<br />
<br />
{{Tip|In addition to the links provided in the beginning of the article the following may be of interest:<br />
* [http://appdb.winehq.org/ The Wine Application Database (AppDB)] - Information about running specific Windows applications (Known issues, ratings, guides, etc tailored to specific applications)<br />
* [http://forum.winehq.org/ The WineHQ Forums] - A great place to ask questions ''after'' you have looked through the FAQ and AppDB<br />
}}<br />
<br />
These tools will assist in the installation of typical Windows components. In most cases they should be used as a last effort, as it may severely alter your wine configuration.<br />
<br />
=== Installing Microsoft Office ===<br />
<br />
UPDATE: 09-Apr, 2013: With Wine 1.5.27, none of the below "tweaks" are necessary. Ensure winbind is installed (the samba package has it). Then<br />
<br />
$ export WINEPREFIX="<path to a writable folder on your home directory>"<br />
$ export WINEARCH="win32"<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
You could also put the above exports into your bashrc. <br />
Once installation completes, open Word or Excel to activate over the internet. Once done, close the application. Then run '''winecfg''', and set riched20 (under libraries) to Native (Windows). This will enable Powerpoint to work.<br />
(tested with Office Home/Student 2010 and wine 1.5.27. Activation over Internet also works)<br />
<br />
A small tweak is needed to install the office suite. Follow these steps to accomplish it:<br />
<br />
$ export WINEPREFIX=/path/to/wineprefix && export WINEARCH=win32 && winecfg # Then click ok<br />
# pacman -S winetricks<br />
$ winetricks msxml3 # For MS Office 2007<br />
$ winetricks msxml3 msxml6 # For MS Office 2010<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
For additional info, see the [http://appdb.winehq.org/appview.php?iVersionId=4992 WineHQ] article.<br />
<br />
{{note|{{Pkg|playonlinux}} provides custom installer scripts that make the installation of Office 2003, 2007 and 2010 an ease. You just have to provide the setup.exe or ISO and the installer will guide you seamlessly through the installation procedure. You do not have to deal with the underlying Wine at all.}}<br />
<br />
=== OpenGL modes ===<br />
<br />
Many games have an OpenGL mode which ''may'' perform better than their default DirectX mode. While the steps to enable OpenGL rendering is ''application specific'', many games accept the {{Ic|-opengl}} parameter.<br />
$ wine /path/to/3d_game.exe -opengl<br />
<br />
You should of course refer to your application's documentation and Wine's [http://appdb.winehq.org AppDB] for such application specific information.<br />
<br />
=== Using Wine as an interpreter for Win16/Win32 binaries ===<br />
<br />
It is also possible to tell the kernel to use wine as an interpreter for all Win16/Win32 binaries.<br />
The process for setting this up depends on whether you boot using [[systemd]] or [[initscripts]].<br />
<br />
==== Systemd ====<br />
<br />
Tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
To make the setting permanent, create a configuration file in {{ic|/etc/tmpfiles.d}} with the following contents:<br />
{{hc|/etc/tmpfiles.d/enable-doswin-exe.conf|<br />
w /proc/sys/fs/binfmt_misc/register - - - - :DOSWin:M::MZ::/usr/bin/wine:}}<br />
<br />
Note that, in contrast to initscripts,<br />
systemd will automatically mount {{ic|/proc/sys/fs/binfmt_misc}} on use by default.<br />
Thus adding the tmpfiles rule should be sufficient for most users.<br />
<br />
For more info on tmpfiles, see [[Systemd#Temporary_files]].<br />
<br />
==== Initscripts ====<br />
<br />
First mount the {{ic|binfmt_misc}} filesystem:<br />
# mount -t binfmt_misc none /proc/sys/fs/binfmt_misc<br />
Or you can add this line to your {{ic|/etc/fstab}}:<br />
none /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0<br />
Then, tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
You can add this line to {{ic|/etc/rc.local}} to make this setting permanent.<br />
In this case you may want to ignore stderr to avoid error messages when changing runlevels:<br />
{ echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register; } 2>/dev/null<br />
<br />
==== Test the setup ====<br />
<br />
Now try to run a Windows program:<br />
chmod 755 exefile.exe<br />
./exefile.exe<br />
<br />
If all went well, exefile.exe should run.<br />
<br />
=== Wineconsole ===<br />
<br />
Often you may need to run {{ic|.exes}} to patch game files, for example a widescreen mod for an old game, and running the {{ic|.exe}} normally through wine might yield nothing happening. In this case, you can open a terminal and run the following command:<br />
<br />
$ wineconsole cmd<br />
<br />
Then navigate to the directory and run the {{ic|.exe}} file from there.<br />
<br />
=== Winetricks ===<br />
<br />
[http://wiki.winehq.org/winetricks Winetricks] is a script to allow one to install base requirements needed to run Windows programs. Installable components include DirectX 9.x, MSXML (required by Microsoft Office 2007 and Internet Explorer), Visual Runtime libraries and many more.<br />
<br />
You can install {{pkg|winetricks}} via [[pacman]] or use the {{AUR|winetricks-svn}} package available in the [[AUR]]. Then run it with:<br />
$ winetricks<br />
<br />
== Third-party interfaces ==<br />
<br />
These have their own sites, and are not supported in the Wine forums.<br />
<br />
=== CrossOver ===<br />
<br />
[http://www.codeweavers.com/about/ CrossOver] Has its own [[CrossOver|wiki page]].<br />
<br />
=== PlayOnLinux/PlayOnMac ===<br />
<br />
[http://www.playonlinux.com/ PlayOnLinux] is a graphical Windows and DOS program manager. It contains scripts to assist the configuration and running of programs, it can manage multiple Wine versions and even use a specific version for each executable (eg. because of regressions). If you need to know which Wine version works best for a certain game, try the [http://appdb.winehq.org/ Wine Application Database]. You can find the {{Pkg|playonlinux}} package in [[community]].<br />
<br />
=== PyWinery ===<br />
<br />
[http://code.google.com/p/pywinery/ PyWinery] is a graphical and simple wine-prefix manager which allows you to launch apps and manage configuration of separate prefixes, also have a button to open winetricks in the same prefix, to open prefix dir, {{ic|winecfg}}, application uninstaller and wineDOS. You can install [https://aur.archlinux.org/packages.php?ID=48382 PyWinery from AUR]. It is especially useful for having differents settings like DirectX games, office, programming, etc, and choose which prefix to use before you open an application or file.<br />
<br />
It's recommended using winetricks by default to open '''.exe''' files, so you can choose between any wine configuration you have.<br />
<br />
=== Q4wine ===<br />
<br />
[http://q4wine.brezblock.org.ua/ Q4Wine] is a graphical wine-prefix manager which allows you to manage configuration of prefixes. Notably it allows exporting QT themes into the wine configuration so that they can integrate nicely. You can find the {{Pkg|q4wine}} package in [[multilib]].<br />
<br />
== See also ==<br />
<br />
* [http://www.winehq.com/ Official Wine website]<br />
* [http://appdb.winehq.org/ Wine application database]<br />
* [http://linuxgamingtoday.wordpress.com/2008/02/16/quick-tips-to-speed-up-your-gaming-in-wine/ Advanced configuring your gfx card and OpenGL settings on wine; Speed up wine]<br />
* [http://wiki.gotux.net/code:perl:fileinfo FileInfo] - Find Win32 PE/COFF headers in EXE/DLL/OCX files under linux/unix environment.</div>DarioPhttps://wiki.archlinux.org/index.php?title=Wine&diff=270699Wine2013-08-11T12:32:10Z<p>DarioP: /* Installing Microsoft Office */</p>
<hr />
<div>[[Category:Wine]]<br />
[[cs:Wine]]<br />
[[de:Wine]]<br />
[[es:Wine]]<br />
[[fr:Wine]]<br />
[[it:Wine]]<br />
[[ja:Wine]]<br />
[[ru:Wine]]<br />
[[zh-CN:Wine]]<br />
[[zh-TW:Wine]]<br />
{{Article summary start}}<br />
{{Article summary text|[[Wikipedia:Wine (software)|Wine]] is a ''compatibility layer'' capable of running Microsoft Windows applications on Unix-like operating systems. Programs running in Wine act as native programs would, without the performance/memory penalties of an emulator.}}<br />
<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Steam}}<br />
{{Article summary wiki|CrossOver}}<br />
{{Article summary end}}<br />
<br />
See the [http://www.winehq.org/ official project home] and [http://wiki.winehq.org/ wiki] pages for longer introduction. <br />
<br />
== Installation ==<br />
{{Warning|If you can access a file or resource with your user account, programs running in Wine can too. Wine prefixes are not [[wikipedia:Sandbox (computer security)|sandboxes]]. Consider using [[wikipedia:Virtualization|virtualization]] if security is important.}}<br />
<br />
Wine can be [[pacman|installed]] with the package {{Pkg|wine}}, available in the [[official repositories]]. If you are running a 64-bit system, you will need to enable the [[Multilib]] repository first.<br />
<br />
You may also want to install {{pkg|wine_gecko}} and {{pkg|wine-mono}} for applications that need support for Internet Explorer and .NET, respectively. These packages are not strictly required as Wine will download the relevant files as needed. However, having the files downloaded in advance allows you to work off-line and makes it so Wine does not download the files for each WINEPREFIX needing them.<br />
<br />
'''Architectural differences'''<br />
<br />
The default Wine is 32-bit, as is the i686 Arch package. As such, it is unable to execute any 64-bit Windows applications (which are still fairly rare at this point anyway).<br />
<br />
The Wine package for x86_64, however, is currently built with {{ic| --enable-win64}}. This activates the Wine version of [[Wikipedia:WoW64|WoW64]]. <br />
*In Windows, this complicated subsystem allows the user to use 32-bit and 64-bit Windows programs concurrently and even in the same directory. <br />
*In Wine, the user will have to make separate directories/prefixes. The support for this feature in Wine is currently experimental and users are recommended to use a win32 {{ic|WINEPREFIX}}. See [http://wiki.winehq.org/Wine64 Wine64] for specific information on this.<br />
<br />
To summarize, using the Arch 64-bit Wine package with {{ic|1=WINEARCH=win32}} should have the same behaviour as using the i686 Wine package.<br />
<br />
{{Note|If you run into problems with {{ic|winetricks}} or programs with a 64-bit environment, try creating a new 32-bit {{ic|WINEPREFIX}}. See below: [[#Using WINEARCH]]}}<br />
<br />
== Configuration ==<br />
By default, Wine stores its configuration files and installed Windows programs in {{ic|~/.wine}}. This directory is commonly called a "Wine prefix" or "Wine bottle" It is created/updated automatically whenever you run a Windows program or one of Wine's bundled programs such as {{ic|winecfg}}. The prefix directory also contains a tree which your Windows programs will see as {{ic | C:\}} (C-drive)<br />
<br />
You can override the location Wine uses for a prefix with the {{ic|WINEPREFIX}} environment variable. This is useful if you want to use separate configurations for different Windows programs. <br />
<br />
For example, if you run one program with: {{ic |1= $ env WINEPREFIX=~/.win-a wine program-a.exe}}, and another with {{ic |1= $ env WINEPREFIX=~/.win-b wine program-b.exe}}, the two programs will each have separate "C:\" and registries.<br />
<br />
To create a default prefix without running a Windows program or other GUI tool you can use:<br />
$ env WINEPREFIX=~/.customprefix wineboot -u<br />
<br />
Configuring Wine is typically accomplished using:<br />
* [http://wiki.winehq.org/winecfg winecfg] is a GUI configuration tool for Wine. You can run it from a console window with: {{ic|$ winecfg}}, or {{ic|1=$ WINEPREFIX=~/.some_prefix winecfg}}.<br />
<br />
* [http://wiki.winehq.org/control control.exe] is Wine's implementation of Windows' Control Panel which can be accessed with: {{ic|$ wine control}}<br />
<br />
* [http://wiki.winehq.org/regedit regedit] is Wine's registry editing tool. If winecfg and the Control Panel were not enough, see [http://wiki.winehq.org/UsefulRegistryKeys WineHQ's article on Useful Registry Keys]<br />
<br />
=== Using WINEARCH ===<br />
If you are using wine from [multilib], you will notice that {{ic|winecfg}} will get you a 64-bit wine environment by default. You can change this behavior using the {{ic|WINEARCH}} environment variable. Rename your {{ic|~/.wine}} directory and create a new wine environment by running: <br />
{{ic |1=$ WINEARCH=win32 winecfg}} This will get you a 32-bit wine environment. Not setting {{ic|WINEARCH}} will get you a 64-bit one.<br />
<br />
You can combine this with {{ic|WINEPREFIX}} to make a separate win32 and win64 environment:<br />
$ WINEARCH=win32 WINEPREFIX=~/win32 winecfg <br />
$ WINEPREFIX=~/win64 winecfg<br />
<br />
{{Note|During prefix creation, the 64-bit version of wine treats all folders as 64-bit prefixes and will not create a 32-bit in any existing folder. To create a 32-bit prefix you have to let wine create the folder specified in {{ic|WINEPREFIX}}.}}<br />
<br />
You can also use winetricks and {{ic|WINEARCH}} in one command for installing something from winetricks like this (using Steam as an example):<br />
env WINEARCH=win32 WINEPREFIX=~/.local/share/wineprefixes/steam winetricks steam<br />
{{Tip| You can make variables like WINEPREFIX or WINEARCH constant by using [[Bash#Shell_and_environment_variables|~/.bashrc]]. }}<br />
{{Note|You do not have create the steam subdirectory in the {{ic|wineprefixes}} directory, it will create for you. See the Bottles section below for more information.}}<br />
<br />
=== Graphics drivers ===<br />
<br />
For most games, Wine requires high performance accelerated graphics drivers. This likely means using proprietary [[NVIDIA]] or [[AMD Catalyst]] drivers. [[Intel]] drivers should mostly work as well as they are going to out of the box.<br />
<br />
A good sign that your drivers are inadequate or not properly configured is when Wine reports the following in your terminal window:<br />
Direct rendering is disabled, most likely your OpenGL drivers have not been installed correctly<br />
<br />
For x86-64 systems, additional [[multilib]] or [[AUR]] packages are required:<br />
<br />
* '''NVIDIA''': {{Pkg|lib32-nvidia-libgl}} For older cards search the AUR for '''lib32-nvidia-utils''' (e.g. -173xx).<br />
* '''NVIDIA (open driver)''': {{Pkg|lib32-nouveau-dri}}.<br />
* '''Intel''': {{Pkg|lib32-intel-dri}}. Run Wine with: {{ic|1=LIBGL_DRIVERS_PATH=/usr/lib32/xorg/modules/dri}}.<br />
* '''AMD/ATI''': {{Pkg|lib32-catalyst-utils}}.<br />
* '''AMD/ATI (open driver)''': {{Pkg|lib32-ati-dri}}.<br />
<br />
{{Note|You might need to restart X after having installed the correct library.}}<br />
<br />
=== Sound ===<br />
<br />
By default sound issues may arise when running Wine applications. Ensure only one sound device is selected in {{ic|winecfg}}. Currently, the [[Alsa]] driver is the most supported.<br />
<br />
If you want to use [[Alsa]] driver in Wine, and are using x86_64, you'll need to install the {{Pkg|lib32-alsa-lib}}. If you are also using PulseAudio, you will need to install {{Pkg|lib32-libpulse}}.<br />
<br />
If you want to use [[OSS]] driver in Wine, you will need to install the {{Pkg|lib32-alsa-oss}} package. The OSS driver in the kernel will not suffice.<br />
<br />
If {{ic|winecfg}} '''still''' fails to detect the audio driver (Selected driver: (none)), [http://wiki.jswindle.com/index.php/Wine_Registry#Configuring_Sound configure it via the registry].<br />
<br />
Games that use advanced sound systems may require installations of {{Pkg|lib32-openal}}.<br />
<br />
=== Other libraries ===<br />
<br />
Some applications (e.g. Office 2003) require ability to parse HTML or XML (they use MSXML library), in such case you need to install {{Pkg|lib32-libxml2}}.<br />
<br />
Applications that play music may require {{Pkg|lib32-mpg123}}.<br />
<br />
For application that use native image manipulation libraries installation of {{Pkg|lib32-giflib}} and {{Pkg|lib32-libpng}} may be required.<br />
<br />
For encryption support on x86_64 you need to install {{Pkg|lib32-gnutls}}.<br />
<br />
=== Fonts ===<br />
<br />
If Wine applications are not showing easily readable fonts, you may not have Microsoft's Truetype fonts installed. See [[MS Fonts]]. If this does not help, try running {{ic|winetricks allfonts}}.<br />
<br />
After running such programs, kill all wine servers and run {{ic|winecfg}}. Fonts should be legible now.<br />
<br />
If the fonts look somehow smeared, import the following text file into the Wine registry with [http://wiki.winehq.org/regedit regedit]:<br />
[HKEY_CURRENT_USER\Software\Wine\X11 Driver]<br />
"ClientSideWithRender"="N"<br />
<br />
=== Desktop launcher menus ===<br />
<br />
By default, installation of Wine does not create desktop menus/icons for the software which comes with Wine (e.g. for {{ic|winecfg}}, {{ic|winebrowser}}, etc). However, installing Windows programs with Wine, in most cases, should result in the appropriate menu/desktop icons being created. For example, if the installation program (e.g. {{ic|setup.exe}}) would normally add an icon to your Desktop or "Start Menu" on Windows, then Wine should create corresponding freedesktop.org style {{ic|.desktop}} files for launching your programs with Wine.<br />
<br />
{{Tip|If menu items were ''not'' created while installing software or have been lost, [http://wiki.winehq.org/winemenubuilder winemenubuilder] may be of some use.}}<br />
<br />
If you wish to add on to the menu to create an Ubuntu-like Wine sub-menu, then follow these instructions:<br />
<br />
==== Creating menu entries ====<br />
<br />
First, install a Windows program using Wine to create the base menu. After the base menu is created, you can start to add the menu entries. In GNOME, right-click on the desktop and select {{ic|"Create Launcher..."}}. The steps might be different for KDE/Xfce. Make three launchers using these settings:<br />
'''Type''': Application<br />
'''Name''': Configuration<br />
'''Command''': winecfg<br />
'''Comment''': Configure the general settings for Wine<br />
<br />
'''Type''': Application<br />
'''Name''': Uninstall Programs<br />
'''Command''': wine uninstaller<br />
'''Comment''': Uninstall Windows programs under Wine properly<br />
<br />
'''Type''': Application<br />
'''Name''': Browse C:\<br />
'''Command''': wine winebrowser c:\\<br />
'''Comment''': Browse the files in the virtual Wine C:\ drive<br />
Now that you have these three launchers on your desktop, it is time to put them into the menu. But, first you should change the launchers to dynamically change icons when a new icon set is installed. To do this, open the launchers that you just made in your favorite text editor. Change the following settings to these new values:<br />
<br />
{{ic|Configuration}} launcher:<br />
Icon[en_US]=wine-winecfg<br />
Icon=wine-winecfg<br />
{{ic|Uninstall Programs}} launcher:<br />
Icon[en_US]=wine-uninstaller<br />
Icon=wine-uninstaller<br />
{{ic|Browse C:\}} launcher:<br />
Icon[en_US]=wine-winefile<br />
Icon=wine-winefile<br />
If these settings produce a ugly/non-existent icon, it means that there are no icons for these launchers in the icon set that you have enabled. You should replace the icon settings with the explicit location of the icon that you want. Clicking the icon in the launcher's properties menu will have the same effect. A great icon set that supports these shortcuts is [http://www.gnome-look.org/content/show.php/GNOME-colors?content=82562 GNOME-colors].<br />
<br />
Now that you have the launchers fully configured, now it is time to put them in the menu. Copy them into {{ic|~/.local/share/applications/wine/}}.<br />
<br />
Wait a second, they are not in the menu yet! There is one last step. Create the following text file: {{hc|~/.config/menus/applications-merged/wine-utilities.menu|<nowiki><br />
<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"<br />
"http://www.freedesktop.org/standards/menu-spec/menu-1.0.dtd"><br />
<Menu><br />
<Name>Applications</Name><br />
<Menu><br />
<Name>wine-wine</Name><br />
<Directory>wine-wine.directory</Directory><br />
<Include><br />
<Filename>wine-Configuration.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Browse C:\.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Uninstall Programs.desktop</Filename><br />
</Include><br />
</Menu><br />
</Menu><br />
</nowiki>}}<br />
Go check in the menu and there should be the minty fresh options waiting to be used!<br />
<br />
==== Remove Wine launcher menus in Gnome3 ====<br />
<br />
System wide launcher menus are located in {{ic|/usr/share/applications/}}. Remove the program's ".desktop" entry to remove the launcher system wide.<br />
<br />
If this does not solve the problem, it is likely the wine launchers are located in<br />
{{ic|~/.local/share/applications/wine/Programs/}}. In the directories corresponding to the program files are the ".desktop" launcher files. Remove these files to remove the launchers. Remove the entire program's directory to easily remove the launcher files.<br />
<br />
==== KDE 4 menu fix ====<br />
<br />
The Wine menu items [https://bugs.launchpad.net/ubuntu/+source/wine/+bug/263041 may appear] in {{ic|"Lost & Found"}} instead of the Wine menu in KDE 4. This is because {{ic|kde-applications.menu}} is missing the {{ic|MergeDir}} option.<br />
<br />
Edit {{ic|/etc/xdg/menus/kde-applications.menu}}<br />
<br />
At the end of the file add {{ic|<MergeDir>applications-merged</MergeDir>}} after {{ic|<DefaultMergeDirs/>}}, it should look like this:<br />
<Menu><br />
<Include><br />
<And><br />
<Category>KDE</Category><br />
<Category>Core</Category><br />
</And><br />
</Include><br />
<DefaultMergeDirs/><br />
'''<MergeDir>applications-merged</MergeDir>'''<br />
<MergeFile>applications-kmenuedit.menu</MergeFile><br />
</Menu><br />
<br />
Alternatively you can create a symlink to a folder that KDE does see:<br />
ln -s ~/.config/menus/applications-merged ~/.config/menus/kde-applications-merged<br />
<br />
This has the added bonus that an update to KDE won't change it, but is per user instead of system wide.<br />
<br />
== Running Windows applications ==<br />
<br />
{{Warning|Do not run or install Wine applications as root! See [http://wiki.winehq.org/FAQ#run_as_root Running Wine as root] for the official statement.}}<br />
To run a windows application:<br />
$ wine <path to exe><br />
<br />
To install using an MSI installer, use the included msiexec utility:<br />
$ msiexec installername.msi<br />
<br />
== Tips and tricks ==<br />
<br />
{{Tip|In addition to the links provided in the beginning of the article the following may be of interest:<br />
* [http://appdb.winehq.org/ The Wine Application Database (AppDB)] - Information about running specific Windows applications (Known issues, ratings, guides, etc tailored to specific applications)<br />
* [http://forum.winehq.org/ The WineHQ Forums] - A great place to ask questions ''after'' you have looked through the FAQ and AppDB<br />
}}<br />
<br />
These tools will assist in the installation of typical Windows components. In most cases they should be used as a last effort, as it may severely alter your wine configuration.<br />
<br />
=== Installing Microsoft Office ===<br />
<br />
UPDATE: 09-Apr, 2013: With Wine 1.5.27, none of the below "tweaks" are necessary. Ensure winbind is installed (the samba package has it). Then<br />
<br />
$ export WINEPREFIX="<path to a writable folder on your home directory>"<br />
$ export WINEARCH="win32"<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
You could also put the above exports into your bashrc. <br />
Once installation completes, open Word or Excel to activate over the internet. Once done, close the application. Then run '''winecfg''', and set riched20 (under libraries) to Native (Windows). This will enable Powerpoint to work.<br />
(tested with Office Home/Student 2010 and wine 1.5.27. Activation over Internet also works)<br />
<br />
A small tweak is needed to install the office suite. Follow these steps to accomplish it:<br />
<br />
$ export WINEPREFIX=/path/to/wineprefix && export WINEARCH=win32 && winecfg #then click ok<br />
# pacman -S winetricks<br />
$ winetricks msxml3 # For MS Office 2007<br />
$ winetricks msxml3 msxml6 # For MS Office 2010<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
For additional info, see the [http://appdb.winehq.org/appview.php?iVersionId=4992 WineHQ] article.<br />
<br />
{{note|{{Pkg|playonlinux}} provides custom installer scripts that make the installation of Office 2003, 2007 and 2010 an ease. You just have to provide the setup.exe or ISO and the installer will guide you seamlessly through the installation procedure. You do not have to deal with the underlying Wine at all.}}<br />
<br />
=== OpenGL modes ===<br />
<br />
Many games have an OpenGL mode which ''may'' perform better than their default DirectX mode. While the steps to enable OpenGL rendering is ''application specific'', many games accept the {{Ic|-opengl}} parameter.<br />
$ wine /path/to/3d_game.exe -opengl<br />
<br />
You should of course refer to your application's documentation and Wine's [http://appdb.winehq.org AppDB] for such application specific information.<br />
<br />
=== Using Wine as an interpreter for Win16/Win32 binaries ===<br />
<br />
It is also possible to tell the kernel to use wine as an interpreter for all Win16/Win32 binaries.<br />
The process for setting this up depends on whether you boot using [[systemd]] or [[initscripts]].<br />
<br />
==== Systemd ====<br />
<br />
Tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
To make the setting permanent, create a configuration file in {{ic|/etc/tmpfiles.d}} with the following contents:<br />
{{hc|/etc/tmpfiles.d/enable-doswin-exe.conf|<br />
w /proc/sys/fs/binfmt_misc/register - - - - :DOSWin:M::MZ::/usr/bin/wine:}}<br />
<br />
Note that, in contrast to initscripts,<br />
systemd will automatically mount {{ic|/proc/sys/fs/binfmt_misc}} on use by default.<br />
Thus adding the tmpfiles rule should be sufficient for most users.<br />
<br />
For more info on tmpfiles, see [[Systemd#Temporary_files]].<br />
<br />
==== Initscripts ====<br />
<br />
First mount the {{ic|binfmt_misc}} filesystem:<br />
# mount -t binfmt_misc none /proc/sys/fs/binfmt_misc<br />
Or you can add this line to your {{ic|/etc/fstab}}:<br />
none /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0<br />
Then, tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
You can add this line to {{ic|/etc/rc.local}} to make this setting permanent.<br />
In this case you may want to ignore stderr to avoid error messages when changing runlevels:<br />
{ echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register; } 2>/dev/null<br />
<br />
==== Test the setup ====<br />
<br />
Now try to run a Windows program:<br />
chmod 755 exefile.exe<br />
./exefile.exe<br />
<br />
If all went well, exefile.exe should run.<br />
<br />
=== Wineconsole ===<br />
<br />
Often you may need to run {{ic|.exes}} to patch game files, for example a widescreen mod for an old game, and running the {{ic|.exe}} normally through wine might yield nothing happening. In this case, you can open a terminal and run the following command:<br />
<br />
$ wineconsole cmd<br />
<br />
Then navigate to the directory and run the {{ic|.exe}} file from there.<br />
<br />
=== Winetricks ===<br />
<br />
[http://wiki.winehq.org/winetricks Winetricks] is a script to allow one to install base requirements needed to run Windows programs. Installable components include DirectX 9.x, MSXML (required by Microsoft Office 2007 and Internet Explorer), Visual Runtime libraries and many more.<br />
<br />
You can install {{pkg|winetricks}} via [[pacman]] or use the {{AUR|winetricks-svn}} package available in the [[AUR]]. Then run it with:<br />
$ winetricks<br />
<br />
== Third-party interfaces ==<br />
<br />
These have their own sites, and are not supported in the Wine forums.<br />
<br />
=== CrossOver ===<br />
<br />
[http://www.codeweavers.com/about/ CrossOver] Has its own [[CrossOver|wiki page]].<br />
<br />
=== PlayOnLinux/PlayOnMac ===<br />
<br />
[http://www.playonlinux.com/ PlayOnLinux] is a graphical Windows and DOS program manager. It contains scripts to assist the configuration and running of programs, it can manage multiple Wine versions and even use a specific version for each executable (eg. because of regressions). If you need to know which Wine version works best for a certain game, try the [http://appdb.winehq.org/ Wine Application Database]. You can find the {{Pkg|playonlinux}} package in [[community]].<br />
<br />
=== PyWinery ===<br />
<br />
[http://code.google.com/p/pywinery/ PyWinery] is a graphical and simple wine-prefix manager which allows you to launch apps and manage configuration of separate prefixes, also have a button to open winetricks in the same prefix, to open prefix dir, {{ic|winecfg}}, application uninstaller and wineDOS. You can install [https://aur.archlinux.org/packages.php?ID=48382 PyWinery from AUR]. It is especially useful for having differents settings like DirectX games, office, programming, etc, and choose which prefix to use before you open an application or file.<br />
<br />
It's recommended using winetricks by default to open '''.exe''' files, so you can choose between any wine configuration you have.<br />
<br />
=== Q4wine ===<br />
<br />
[http://q4wine.brezblock.org.ua/ Q4Wine] is a graphical wine-prefix manager which allows you to manage configuration of prefixes. Notably it allows exporting QT themes into the wine configuration so that they can integrate nicely. You can find the {{Pkg|q4wine}} package in [[multilib]].<br />
<br />
== See also ==<br />
<br />
* [http://www.winehq.com/ Official Wine website]<br />
* [http://appdb.winehq.org/ Wine application database]<br />
* [http://linuxgamingtoday.wordpress.com/2008/02/16/quick-tips-to-speed-up-your-gaming-in-wine/ Advanced configuring your gfx card and OpenGL settings on wine; Speed up wine]<br />
* [http://wiki.gotux.net/code:perl:fileinfo FileInfo] - Find Win32 PE/COFF headers in EXE/DLL/OCX files under linux/unix environment.</div>DarioPhttps://wiki.archlinux.org/index.php?title=Wine&diff=270698Wine2013-08-11T12:31:00Z<p>DarioP: /* Installing Microsoft Office */</p>
<hr />
<div>[[Category:Wine]]<br />
[[cs:Wine]]<br />
[[de:Wine]]<br />
[[es:Wine]]<br />
[[fr:Wine]]<br />
[[it:Wine]]<br />
[[ja:Wine]]<br />
[[ru:Wine]]<br />
[[zh-CN:Wine]]<br />
[[zh-TW:Wine]]<br />
{{Article summary start}}<br />
{{Article summary text|[[Wikipedia:Wine (software)|Wine]] is a ''compatibility layer'' capable of running Microsoft Windows applications on Unix-like operating systems. Programs running in Wine act as native programs would, without the performance/memory penalties of an emulator.}}<br />
<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Steam}}<br />
{{Article summary wiki|CrossOver}}<br />
{{Article summary end}}<br />
<br />
See the [http://www.winehq.org/ official project home] and [http://wiki.winehq.org/ wiki] pages for longer introduction. <br />
<br />
== Installation ==<br />
{{Warning|If you can access a file or resource with your user account, programs running in Wine can too. Wine prefixes are not [[wikipedia:Sandbox (computer security)|sandboxes]]. Consider using [[wikipedia:Virtualization|virtualization]] if security is important.}}<br />
<br />
Wine can be [[pacman|installed]] with the package {{Pkg|wine}}, available in the [[official repositories]]. If you are running a 64-bit system, you will need to enable the [[Multilib]] repository first.<br />
<br />
You may also want to install {{pkg|wine_gecko}} and {{pkg|wine-mono}} for applications that need support for Internet Explorer and .NET, respectively. These packages are not strictly required as Wine will download the relevant files as needed. However, having the files downloaded in advance allows you to work off-line and makes it so Wine does not download the files for each WINEPREFIX needing them.<br />
<br />
'''Architectural differences'''<br />
<br />
The default Wine is 32-bit, as is the i686 Arch package. As such, it is unable to execute any 64-bit Windows applications (which are still fairly rare at this point anyway).<br />
<br />
The Wine package for x86_64, however, is currently built with {{ic| --enable-win64}}. This activates the Wine version of [[Wikipedia:WoW64|WoW64]]. <br />
*In Windows, this complicated subsystem allows the user to use 32-bit and 64-bit Windows programs concurrently and even in the same directory. <br />
*In Wine, the user will have to make separate directories/prefixes. The support for this feature in Wine is currently experimental and users are recommended to use a win32 {{ic|WINEPREFIX}}. See [http://wiki.winehq.org/Wine64 Wine64] for specific information on this.<br />
<br />
To summarize, using the Arch 64-bit Wine package with {{ic|1=WINEARCH=win32}} should have the same behaviour as using the i686 Wine package.<br />
<br />
{{Note|If you run into problems with {{ic|winetricks}} or programs with a 64-bit environment, try creating a new 32-bit {{ic|WINEPREFIX}}. See below: [[#Using WINEARCH]]}}<br />
<br />
== Configuration ==<br />
By default, Wine stores its configuration files and installed Windows programs in {{ic|~/.wine}}. This directory is commonly called a "Wine prefix" or "Wine bottle" It is created/updated automatically whenever you run a Windows program or one of Wine's bundled programs such as {{ic|winecfg}}. The prefix directory also contains a tree which your Windows programs will see as {{ic | C:\}} (C-drive)<br />
<br />
You can override the location Wine uses for a prefix with the {{ic|WINEPREFIX}} environment variable. This is useful if you want to use separate configurations for different Windows programs. <br />
<br />
For example, if you run one program with: {{ic |1= $ env WINEPREFIX=~/.win-a wine program-a.exe}}, and another with {{ic |1= $ env WINEPREFIX=~/.win-b wine program-b.exe}}, the two programs will each have separate "C:\" and registries.<br />
<br />
To create a default prefix without running a Windows program or other GUI tool you can use:<br />
$ env WINEPREFIX=~/.customprefix wineboot -u<br />
<br />
Configuring Wine is typically accomplished using:<br />
* [http://wiki.winehq.org/winecfg winecfg] is a GUI configuration tool for Wine. You can run it from a console window with: {{ic|$ winecfg}}, or {{ic|1=$ WINEPREFIX=~/.some_prefix winecfg}}.<br />
<br />
* [http://wiki.winehq.org/control control.exe] is Wine's implementation of Windows' Control Panel which can be accessed with: {{ic|$ wine control}}<br />
<br />
* [http://wiki.winehq.org/regedit regedit] is Wine's registry editing tool. If winecfg and the Control Panel were not enough, see [http://wiki.winehq.org/UsefulRegistryKeys WineHQ's article on Useful Registry Keys]<br />
<br />
=== Using WINEARCH ===<br />
If you are using wine from [multilib], you will notice that {{ic|winecfg}} will get you a 64-bit wine environment by default. You can change this behavior using the {{ic|WINEARCH}} environment variable. Rename your {{ic|~/.wine}} directory and create a new wine environment by running: <br />
{{ic |1=$ WINEARCH=win32 winecfg}} This will get you a 32-bit wine environment. Not setting {{ic|WINEARCH}} will get you a 64-bit one.<br />
<br />
You can combine this with {{ic|WINEPREFIX}} to make a separate win32 and win64 environment:<br />
$ WINEARCH=win32 WINEPREFIX=~/win32 winecfg <br />
$ WINEPREFIX=~/win64 winecfg<br />
<br />
{{Note|During prefix creation, the 64-bit version of wine treats all folders as 64-bit prefixes and will not create a 32-bit in any existing folder. To create a 32-bit prefix you have to let wine create the folder specified in {{ic|WINEPREFIX}}.}}<br />
<br />
You can also use winetricks and {{ic|WINEARCH}} in one command for installing something from winetricks like this (using Steam as an example):<br />
env WINEARCH=win32 WINEPREFIX=~/.local/share/wineprefixes/steam winetricks steam<br />
{{Tip| You can make variables like WINEPREFIX or WINEARCH constant by using [[Bash#Shell_and_environment_variables|~/.bashrc]]. }}<br />
{{Note|You do not have create the steam subdirectory in the {{ic|wineprefixes}} directory, it will create for you. See the Bottles section below for more information.}}<br />
<br />
=== Graphics drivers ===<br />
<br />
For most games, Wine requires high performance accelerated graphics drivers. This likely means using proprietary [[NVIDIA]] or [[AMD Catalyst]] drivers. [[Intel]] drivers should mostly work as well as they are going to out of the box.<br />
<br />
A good sign that your drivers are inadequate or not properly configured is when Wine reports the following in your terminal window:<br />
Direct rendering is disabled, most likely your OpenGL drivers have not been installed correctly<br />
<br />
For x86-64 systems, additional [[multilib]] or [[AUR]] packages are required:<br />
<br />
* '''NVIDIA''': {{Pkg|lib32-nvidia-libgl}} For older cards search the AUR for '''lib32-nvidia-utils''' (e.g. -173xx).<br />
* '''NVIDIA (open driver)''': {{Pkg|lib32-nouveau-dri}}.<br />
* '''Intel''': {{Pkg|lib32-intel-dri}}. Run Wine with: {{ic|1=LIBGL_DRIVERS_PATH=/usr/lib32/xorg/modules/dri}}.<br />
* '''AMD/ATI''': {{Pkg|lib32-catalyst-utils}}.<br />
* '''AMD/ATI (open driver)''': {{Pkg|lib32-ati-dri}}.<br />
<br />
{{Note|You might need to restart X after having installed the correct library.}}<br />
<br />
=== Sound ===<br />
<br />
By default sound issues may arise when running Wine applications. Ensure only one sound device is selected in {{ic|winecfg}}. Currently, the [[Alsa]] driver is the most supported.<br />
<br />
If you want to use [[Alsa]] driver in Wine, and are using x86_64, you'll need to install the {{Pkg|lib32-alsa-lib}}. If you are also using PulseAudio, you will need to install {{Pkg|lib32-libpulse}}.<br />
<br />
If you want to use [[OSS]] driver in Wine, you will need to install the {{Pkg|lib32-alsa-oss}} package. The OSS driver in the kernel will not suffice.<br />
<br />
If {{ic|winecfg}} '''still''' fails to detect the audio driver (Selected driver: (none)), [http://wiki.jswindle.com/index.php/Wine_Registry#Configuring_Sound configure it via the registry].<br />
<br />
Games that use advanced sound systems may require installations of {{Pkg|lib32-openal}}.<br />
<br />
=== Other libraries ===<br />
<br />
Some applications (e.g. Office 2003) require ability to parse HTML or XML (they use MSXML library), in such case you need to install {{Pkg|lib32-libxml2}}.<br />
<br />
Applications that play music may require {{Pkg|lib32-mpg123}}.<br />
<br />
For application that use native image manipulation libraries installation of {{Pkg|lib32-giflib}} and {{Pkg|lib32-libpng}} may be required.<br />
<br />
For encryption support on x86_64 you need to install {{Pkg|lib32-gnutls}}.<br />
<br />
=== Fonts ===<br />
<br />
If Wine applications are not showing easily readable fonts, you may not have Microsoft's Truetype fonts installed. See [[MS Fonts]]. If this does not help, try running {{ic|winetricks allfonts}}.<br />
<br />
After running such programs, kill all wine servers and run {{ic|winecfg}}. Fonts should be legible now.<br />
<br />
If the fonts look somehow smeared, import the following text file into the Wine registry with [http://wiki.winehq.org/regedit regedit]:<br />
[HKEY_CURRENT_USER\Software\Wine\X11 Driver]<br />
"ClientSideWithRender"="N"<br />
<br />
=== Desktop launcher menus ===<br />
<br />
By default, installation of Wine does not create desktop menus/icons for the software which comes with Wine (e.g. for {{ic|winecfg}}, {{ic|winebrowser}}, etc). However, installing Windows programs with Wine, in most cases, should result in the appropriate menu/desktop icons being created. For example, if the installation program (e.g. {{ic|setup.exe}}) would normally add an icon to your Desktop or "Start Menu" on Windows, then Wine should create corresponding freedesktop.org style {{ic|.desktop}} files for launching your programs with Wine.<br />
<br />
{{Tip|If menu items were ''not'' created while installing software or have been lost, [http://wiki.winehq.org/winemenubuilder winemenubuilder] may be of some use.}}<br />
<br />
If you wish to add on to the menu to create an Ubuntu-like Wine sub-menu, then follow these instructions:<br />
<br />
==== Creating menu entries ====<br />
<br />
First, install a Windows program using Wine to create the base menu. After the base menu is created, you can start to add the menu entries. In GNOME, right-click on the desktop and select {{ic|"Create Launcher..."}}. The steps might be different for KDE/Xfce. Make three launchers using these settings:<br />
'''Type''': Application<br />
'''Name''': Configuration<br />
'''Command''': winecfg<br />
'''Comment''': Configure the general settings for Wine<br />
<br />
'''Type''': Application<br />
'''Name''': Uninstall Programs<br />
'''Command''': wine uninstaller<br />
'''Comment''': Uninstall Windows programs under Wine properly<br />
<br />
'''Type''': Application<br />
'''Name''': Browse C:\<br />
'''Command''': wine winebrowser c:\\<br />
'''Comment''': Browse the files in the virtual Wine C:\ drive<br />
Now that you have these three launchers on your desktop, it is time to put them into the menu. But, first you should change the launchers to dynamically change icons when a new icon set is installed. To do this, open the launchers that you just made in your favorite text editor. Change the following settings to these new values:<br />
<br />
{{ic|Configuration}} launcher:<br />
Icon[en_US]=wine-winecfg<br />
Icon=wine-winecfg<br />
{{ic|Uninstall Programs}} launcher:<br />
Icon[en_US]=wine-uninstaller<br />
Icon=wine-uninstaller<br />
{{ic|Browse C:\}} launcher:<br />
Icon[en_US]=wine-winefile<br />
Icon=wine-winefile<br />
If these settings produce a ugly/non-existent icon, it means that there are no icons for these launchers in the icon set that you have enabled. You should replace the icon settings with the explicit location of the icon that you want. Clicking the icon in the launcher's properties menu will have the same effect. A great icon set that supports these shortcuts is [http://www.gnome-look.org/content/show.php/GNOME-colors?content=82562 GNOME-colors].<br />
<br />
Now that you have the launchers fully configured, now it is time to put them in the menu. Copy them into {{ic|~/.local/share/applications/wine/}}.<br />
<br />
Wait a second, they are not in the menu yet! There is one last step. Create the following text file: {{hc|~/.config/menus/applications-merged/wine-utilities.menu|<nowiki><br />
<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"<br />
"http://www.freedesktop.org/standards/menu-spec/menu-1.0.dtd"><br />
<Menu><br />
<Name>Applications</Name><br />
<Menu><br />
<Name>wine-wine</Name><br />
<Directory>wine-wine.directory</Directory><br />
<Include><br />
<Filename>wine-Configuration.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Browse C:\.desktop</Filename><br />
</Include><br />
<Include><br />
<Filename>wine-Uninstall Programs.desktop</Filename><br />
</Include><br />
</Menu><br />
</Menu><br />
</nowiki>}}<br />
Go check in the menu and there should be the minty fresh options waiting to be used!<br />
<br />
==== Remove Wine launcher menus in Gnome3 ====<br />
<br />
System wide launcher menus are located in {{ic|/usr/share/applications/}}. Remove the program's ".desktop" entry to remove the launcher system wide.<br />
<br />
If this does not solve the problem, it is likely the wine launchers are located in<br />
{{ic|~/.local/share/applications/wine/Programs/}}. In the directories corresponding to the program files are the ".desktop" launcher files. Remove these files to remove the launchers. Remove the entire program's directory to easily remove the launcher files.<br />
<br />
==== KDE 4 menu fix ====<br />
<br />
The Wine menu items [https://bugs.launchpad.net/ubuntu/+source/wine/+bug/263041 may appear] in {{ic|"Lost & Found"}} instead of the Wine menu in KDE 4. This is because {{ic|kde-applications.menu}} is missing the {{ic|MergeDir}} option.<br />
<br />
Edit {{ic|/etc/xdg/menus/kde-applications.menu}}<br />
<br />
At the end of the file add {{ic|<MergeDir>applications-merged</MergeDir>}} after {{ic|<DefaultMergeDirs/>}}, it should look like this:<br />
<Menu><br />
<Include><br />
<And><br />
<Category>KDE</Category><br />
<Category>Core</Category><br />
</And><br />
</Include><br />
<DefaultMergeDirs/><br />
'''<MergeDir>applications-merged</MergeDir>'''<br />
<MergeFile>applications-kmenuedit.menu</MergeFile><br />
</Menu><br />
<br />
Alternatively you can create a symlink to a folder that KDE does see:<br />
ln -s ~/.config/menus/applications-merged ~/.config/menus/kde-applications-merged<br />
<br />
This has the added bonus that an update to KDE won't change it, but is per user instead of system wide.<br />
<br />
== Running Windows applications ==<br />
<br />
{{Warning|Do not run or install Wine applications as root! See [http://wiki.winehq.org/FAQ#run_as_root Running Wine as root] for the official statement.}}<br />
To run a windows application:<br />
$ wine <path to exe><br />
<br />
To install using an MSI installer, use the included msiexec utility:<br />
$ msiexec installername.msi<br />
<br />
== Tips and tricks ==<br />
<br />
{{Tip|In addition to the links provided in the beginning of the article the following may be of interest:<br />
* [http://appdb.winehq.org/ The Wine Application Database (AppDB)] - Information about running specific Windows applications (Known issues, ratings, guides, etc tailored to specific applications)<br />
* [http://forum.winehq.org/ The WineHQ Forums] - A great place to ask questions ''after'' you have looked through the FAQ and AppDB<br />
}}<br />
<br />
These tools will assist in the installation of typical Windows components. In most cases they should be used as a last effort, as it may severely alter your wine configuration.<br />
<br />
=== Installing Microsoft Office ===<br />
<br />
UPDATE: 09-Apr, 2013: With Wine 1.5.27, none of the below "tweaks" are necessary. Ensure winbind is installed (the samba package has it). Then<br />
<br />
$ export WINEPREFIX="<path to a writable folder on your home directory>"<br />
$ export WINEARCH="win32"<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
You could also put the above exports into your bashrc. <br />
Once installation completes, open Word or Excel to activate over the internet. Once done, close the application. Then run '''winecfg''', and set riched20 (under libraries) to Native (Windows). This will enable Powerpoint to work.<br />
(tested with Office Home/Student 2010 and wine 1.5.27. Activation over Internet also works)<br />
<br />
A small tweak is needed to install the office suite. Follow these steps to accomplish it:<br />
<br />
$ export WINEPREFIX=/path/to/wineprefix && export WINEARCH=win32 && winecfg<br />
# pacman -S winetricks<br />
$ winetricks msxml3 # For MS Office 2007<br />
$ winetricks msxml3 msxml6 # For MS Office 2010<br />
$ wine /path/to/office_cd/setup.exe<br />
<br />
For additional info, see the [http://appdb.winehq.org/appview.php?iVersionId=4992 WineHQ] article.<br />
<br />
{{note|{{Pkg|playonlinux}} provides custom installer scripts that make the installation of Office 2003, 2007 and 2010 an ease. You just have to provide the setup.exe or ISO and the installer will guide you seamlessly through the installation procedure. You do not have to deal with the underlying Wine at all.}}<br />
<br />
=== OpenGL modes ===<br />
<br />
Many games have an OpenGL mode which ''may'' perform better than their default DirectX mode. While the steps to enable OpenGL rendering is ''application specific'', many games accept the {{Ic|-opengl}} parameter.<br />
$ wine /path/to/3d_game.exe -opengl<br />
<br />
You should of course refer to your application's documentation and Wine's [http://appdb.winehq.org AppDB] for such application specific information.<br />
<br />
=== Using Wine as an interpreter for Win16/Win32 binaries ===<br />
<br />
It is also possible to tell the kernel to use wine as an interpreter for all Win16/Win32 binaries.<br />
The process for setting this up depends on whether you boot using [[systemd]] or [[initscripts]].<br />
<br />
==== Systemd ====<br />
<br />
Tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
To make the setting permanent, create a configuration file in {{ic|/etc/tmpfiles.d}} with the following contents:<br />
{{hc|/etc/tmpfiles.d/enable-doswin-exe.conf|<br />
w /proc/sys/fs/binfmt_misc/register - - - - :DOSWin:M::MZ::/usr/bin/wine:}}<br />
<br />
Note that, in contrast to initscripts,<br />
systemd will automatically mount {{ic|/proc/sys/fs/binfmt_misc}} on use by default.<br />
Thus adding the tmpfiles rule should be sufficient for most users.<br />
<br />
For more info on tmpfiles, see [[Systemd#Temporary_files]].<br />
<br />
==== Initscripts ====<br />
<br />
First mount the {{ic|binfmt_misc}} filesystem:<br />
# mount -t binfmt_misc none /proc/sys/fs/binfmt_misc<br />
Or you can add this line to your {{ic|/etc/fstab}}:<br />
none /proc/sys/fs/binfmt_misc binfmt_misc defaults 0 0<br />
Then, tell the kernel how to interpret Win16 and Win32 binaries:<br />
echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register<br />
You can add this line to {{ic|/etc/rc.local}} to make this setting permanent.<br />
In this case you may want to ignore stderr to avoid error messages when changing runlevels:<br />
{ echo ':DOSWin:M::MZ::/usr/bin/wine:' > /proc/sys/fs/binfmt_misc/register; } 2>/dev/null<br />
<br />
==== Test the setup ====<br />
<br />
Now try to run a Windows program:<br />
chmod 755 exefile.exe<br />
./exefile.exe<br />
<br />
If all went well, exefile.exe should run.<br />
<br />
=== Wineconsole ===<br />
<br />
Often you may need to run {{ic|.exes}} to patch game files, for example a widescreen mod for an old game, and running the {{ic|.exe}} normally through wine might yield nothing happening. In this case, you can open a terminal and run the following command:<br />
<br />
$ wineconsole cmd<br />
<br />
Then navigate to the directory and run the {{ic|.exe}} file from there.<br />
<br />
=== Winetricks ===<br />
<br />
[http://wiki.winehq.org/winetricks Winetricks] is a script to allow one to install base requirements needed to run Windows programs. Installable components include DirectX 9.x, MSXML (required by Microsoft Office 2007 and Internet Explorer), Visual Runtime libraries and many more.<br />
<br />
You can install {{pkg|winetricks}} via [[pacman]] or use the {{AUR|winetricks-svn}} package available in the [[AUR]]. Then run it with:<br />
$ winetricks<br />
<br />
== Third-party interfaces ==<br />
<br />
These have their own sites, and are not supported in the Wine forums.<br />
<br />
=== CrossOver ===<br />
<br />
[http://www.codeweavers.com/about/ CrossOver] Has its own [[CrossOver|wiki page]].<br />
<br />
=== PlayOnLinux/PlayOnMac ===<br />
<br />
[http://www.playonlinux.com/ PlayOnLinux] is a graphical Windows and DOS program manager. It contains scripts to assist the configuration and running of programs, it can manage multiple Wine versions and even use a specific version for each executable (eg. because of regressions). If you need to know which Wine version works best for a certain game, try the [http://appdb.winehq.org/ Wine Application Database]. You can find the {{Pkg|playonlinux}} package in [[community]].<br />
<br />
=== PyWinery ===<br />
<br />
[http://code.google.com/p/pywinery/ PyWinery] is a graphical and simple wine-prefix manager which allows you to launch apps and manage configuration of separate prefixes, also have a button to open winetricks in the same prefix, to open prefix dir, {{ic|winecfg}}, application uninstaller and wineDOS. You can install [https://aur.archlinux.org/packages.php?ID=48382 PyWinery from AUR]. It is especially useful for having differents settings like DirectX games, office, programming, etc, and choose which prefix to use before you open an application or file.<br />
<br />
It's recommended using winetricks by default to open '''.exe''' files, so you can choose between any wine configuration you have.<br />
<br />
=== Q4wine ===<br />
<br />
[http://q4wine.brezblock.org.ua/ Q4Wine] is a graphical wine-prefix manager which allows you to manage configuration of prefixes. Notably it allows exporting QT themes into the wine configuration so that they can integrate nicely. You can find the {{Pkg|q4wine}} package in [[multilib]].<br />
<br />
== See also ==<br />
<br />
* [http://www.winehq.com/ Official Wine website]<br />
* [http://appdb.winehq.org/ Wine application database]<br />
* [http://linuxgamingtoday.wordpress.com/2008/02/16/quick-tips-to-speed-up-your-gaming-in-wine/ Advanced configuring your gfx card and OpenGL settings on wine; Speed up wine]<br />
* [http://wiki.gotux.net/code:perl:fileinfo FileInfo] - Find Win32 PE/COFF headers in EXE/DLL/OCX files under linux/unix environment.</div>DarioPhttps://wiki.archlinux.org/index.php?title=Talk:Systemd&diff=235895Talk:Systemd2012-11-18T12:47:27Z<p>DarioP: /* Should the section "writing a custom .service" be expanded? */</p>
<hr />
<div>== Should the section "writing a custom .service" be expanded? ==<br />
<br />
I think so.. as long as I got, this is necessary to run self-made scripts during the boot process, but this is not clear and the structure of the files is not well presented.<br />
<br />
Moreover, when explain how to transit from the initscript, some referrals on how to move the old custom hooks in /etc/rc.d/functions.d to be executed by systemd, should be made.<br />
<br />
--[[User:DarioP|DarioP]] ([[User talk:DarioP|talk]]) 12:42, 18 November 2012 (UTC)<br />
<br />
== Display manager fails to load with fast SSD ==<br />
<br />
I was having a problem with my display manager (LXDM) not loading on my laptop, which has a Sandisk Extreme SSD.<br />
Xorg.log would show errors like "No screens found."<br />
<br />
I eventually figured out that the problem was that my computer was booting so fast that KMS didn't have enough time to kick in before X was started. I solved by adding the KMS driver (i915 in my case) to the initramfs.<br />
<br />
Just a tip for SSD users, not sure if it should be added to the page or not.<br> --[[User:Steev|Steev]] ([[User talk:Steev|talk]]) 16:59, 2 September 2012 (UTC)<br />
:This is a general problem that needs to be solved in the display manager. GDM already implements the bits for the [http://cgit.freedesktop.org/systemd/systemd/commit/?id=f1a8e221ecacea23 CanGraphical] flag.<br />
:-- [[User:Falconindy|Falconindy]] ([[User talk:Falconindy|talk]]) 21:34, 2 September 2012 (UTC)<br />
<br />
== <s> Hibernation with systemd </s> ==<br />
<br />
The hibernation section should be considered a hack since systemd does not directly handle the backend that handles power management. Systemd uses the Upower interface to handle such requests<br>-- [[User:Yungtrizzle|Yungtrizzle]] ([[User talk:Yungtrizzle|talk]]) 06:25, 10 October 2012<br />
<br />
:I talked about hibernation process with Lennart Poettering and he said that systemd-hibernate does only "echo disk > /sys/power/state" . As far as i can see, it works perfectly with tuxonice, since it seems it is now using the same userspace API as kernel hibernation; so it works even without hibernate-script installed (i use it without that package). <br />
:-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 13:54, 24 October 2012<br />
<br />
:: what is the #Hibernation section all about anyway? It makes it sound like you need to use uswsusp to hibernate while it should work out of the box just fine. It doesn't explain at all why you would want to use uswsusp instead of the default command. I don't use hibernate nor do I know what uswsusp actually does, so what am I missing here? <br />
::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 15:12, 25 October 2012 (UTC)<br />
<br />
:::I agree with 65kid. In fact, systemctl hibernate works out of the box (it only does an "echo disk...", nothing else). We don't need uswsusp at all. I tried with stock arch kernel and it works.<br />
:::-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 11:24, 26 October 2012<br />
<br />
::::Then I suggest that - unless someone explains why you would want to use uswsusp - we remove this whole section because it is nothing but confusing. This article is already way too big to waste text on something that doesn't seem to make any sense.<br />
::::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 10:10, 26 October 2012 (UTC)<br />
<br />
::::: I went ahead and removed the irrelevant information from the page, moving it to [[Uswsusp]]. I also added a note pointing readers there if they want to use another backend for suspending or hibernating.<br />
:::::-- [[User:Ifaigios|Ifaigios]] ([[User talk:Ifaigios|talk]]) 18:16, 26 October 2012 (UTC)<br />
<br />
:::::: Hey [[User:Nierro|Nierro]], do {{ic|systemctl hibernate}} and {{ic|systemctl suspend}} really do different things on your box? In my setup (linux-pf, systemd 195-2), if I do the latter, my box is also in suspend mode, meaning that my power button is glowing on and off and I don't see grub after pressing the power button again but are back to my desktop almost immediately. To me, it rather seems as if {{ic|systemctl hibernate}} goes into hybrid mode?<br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 10:07, 29 October 2012 (UTC)<br />
<br />
:::::: Got an answer to the question on the systemd mailing list now: [http://lists.freedesktop.org/archives/systemd-devel/2012-October/007245.html Link] <br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 17:56, 30 October 2012 (UTC)<br />
<br />
== <s> GNOME 3.6 issues inhibited commands </s> ==<br />
It seems that GNOME 3.6 now issues the necessary "inhibited" commands, at my system now doesn't suspend twice with the standard configuration anymore. However I'm not familiar enough with the whole concept to be absolutely sure, so I won't update the page itself. Maybe someone with more competence regarding the inhibited commands can confirm this and edit the page?<br><br />
-- [[User:Johnpatcher|Johnpatcher]] ([[User_talk:Johnpatcher|talk]]) 00:34, 31 October 2012 (UTC)<br />
: Inhibited note is added. Close. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 01:42, 12 November 2012 (UTC)<br />
<br />
== Should we add a note about CUPS under 'Transitioning from initscripts to systemd'? ==<br />
Are there any more sockets that change?<br />
<br />
Copied from the CUPS wiki:<br />
<br />
...<br />
<br />
Systemd uses a different CUPS socket file located at:<br />
<br />
/usr/lib/systemd/system/cups.socket<br />
<br />
The default CUPS socket file is located at:<br />
<br />
/var/run/cups/cups.sock<br />
<br />
Edit {{ic|/etc/cups/cupsd.conf}} and {{ic|/etc/cups/client.conf}} as root to use the systemd socket instead of the default. Make sure to restart CUPS when you are done:<br />
<br />
# systemctl restart cups<br />
<br />
...<br />
<br><br />
-- [[User:JKAbrams|JKAbrams]] 5 November 2012<br />
:This sounds more like a {{pkg|cups}} packaging bug that should just be fixed.<br />
:-- [[User:Jstjohn|Jstjohn]] ([[User talk:Jstjohn|talk]]) 01:11, 8 November 2012 (UTC)<br />
::It sounds like someone who doesn't have a clue about systemd. That cups.socket file is a systemd unit file of type socket, which contains the location of the socket file for CUPS (and that is still /var/run/cups/cups.sock).<br />
::[[User:Raynman|Raynman]] ([[User talk:Raynman|talk]]) 22:49, 9 November 2012 (UTC)</div>DarioPhttps://wiki.archlinux.org/index.php?title=Talk:Systemd&diff=235893Talk:Systemd2012-11-18T12:42:45Z<p>DarioP: /* Should the section "writing a custom .service" be expanded? */</p>
<hr />
<div>== Should the section "writing a custom .service" be expanded? ==<br />
<br />
I think so.. as long as I got, this is necessary to run self-made scripts during the boot process, but this is not clear and the structure of the files is not well presented.<br />
<br />
--[[User:DarioP|DarioP]] ([[User talk:DarioP|talk]]) 12:42, 18 November 2012 (UTC)<br />
<br />
== Display manager fails to load with fast SSD ==<br />
<br />
I was having a problem with my display manager (LXDM) not loading on my laptop, which has a Sandisk Extreme SSD.<br />
Xorg.log would show errors like "No screens found."<br />
<br />
I eventually figured out that the problem was that my computer was booting so fast that KMS didn't have enough time to kick in before X was started. I solved by adding the KMS driver (i915 in my case) to the initramfs.<br />
<br />
Just a tip for SSD users, not sure if it should be added to the page or not.<br> --[[User:Steev|Steev]] ([[User talk:Steev|talk]]) 16:59, 2 September 2012 (UTC)<br />
:This is a general problem that needs to be solved in the display manager. GDM already implements the bits for the [http://cgit.freedesktop.org/systemd/systemd/commit/?id=f1a8e221ecacea23 CanGraphical] flag.<br />
:-- [[User:Falconindy|Falconindy]] ([[User talk:Falconindy|talk]]) 21:34, 2 September 2012 (UTC)<br />
<br />
== <s> Hibernation with systemd </s> ==<br />
<br />
The hibernation section should be considered a hack since systemd does not directly handle the backend that handles power management. Systemd uses the Upower interface to handle such requests<br>-- [[User:Yungtrizzle|Yungtrizzle]] ([[User talk:Yungtrizzle|talk]]) 06:25, 10 October 2012<br />
<br />
:I talked about hibernation process with Lennart Poettering and he said that systemd-hibernate does only "echo disk > /sys/power/state" . As far as i can see, it works perfectly with tuxonice, since it seems it is now using the same userspace API as kernel hibernation; so it works even without hibernate-script installed (i use it without that package). <br />
:-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 13:54, 24 October 2012<br />
<br />
:: what is the #Hibernation section all about anyway? It makes it sound like you need to use uswsusp to hibernate while it should work out of the box just fine. It doesn't explain at all why you would want to use uswsusp instead of the default command. I don't use hibernate nor do I know what uswsusp actually does, so what am I missing here? <br />
::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 15:12, 25 October 2012 (UTC)<br />
<br />
:::I agree with 65kid. In fact, systemctl hibernate works out of the box (it only does an "echo disk...", nothing else). We don't need uswsusp at all. I tried with stock arch kernel and it works.<br />
:::-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 11:24, 26 October 2012<br />
<br />
::::Then I suggest that - unless someone explains why you would want to use uswsusp - we remove this whole section because it is nothing but confusing. This article is already way too big to waste text on something that doesn't seem to make any sense.<br />
::::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 10:10, 26 October 2012 (UTC)<br />
<br />
::::: I went ahead and removed the irrelevant information from the page, moving it to [[Uswsusp]]. I also added a note pointing readers there if they want to use another backend for suspending or hibernating.<br />
:::::-- [[User:Ifaigios|Ifaigios]] ([[User talk:Ifaigios|talk]]) 18:16, 26 October 2012 (UTC)<br />
<br />
:::::: Hey [[User:Nierro|Nierro]], do {{ic|systemctl hibernate}} and {{ic|systemctl suspend}} really do different things on your box? In my setup (linux-pf, systemd 195-2), if I do the latter, my box is also in suspend mode, meaning that my power button is glowing on and off and I don't see grub after pressing the power button again but are back to my desktop almost immediately. To me, it rather seems as if {{ic|systemctl hibernate}} goes into hybrid mode?<br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 10:07, 29 October 2012 (UTC)<br />
<br />
:::::: Got an answer to the question on the systemd mailing list now: [http://lists.freedesktop.org/archives/systemd-devel/2012-October/007245.html Link] <br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 17:56, 30 October 2012 (UTC)<br />
<br />
== <s> GNOME 3.6 issues inhibited commands </s> ==<br />
It seems that GNOME 3.6 now issues the necessary "inhibited" commands, at my system now doesn't suspend twice with the standard configuration anymore. However I'm not familiar enough with the whole concept to be absolutely sure, so I won't update the page itself. Maybe someone with more competence regarding the inhibited commands can confirm this and edit the page?<br><br />
-- [[User:Johnpatcher|Johnpatcher]] ([[User_talk:Johnpatcher|talk]]) 00:34, 31 October 2012 (UTC)<br />
: Inhibited note is added. Close. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 01:42, 12 November 2012 (UTC)<br />
<br />
== Should we add a note about CUPS under 'Transitioning from initscripts to systemd'? ==<br />
Are there any more sockets that change?<br />
<br />
Copied from the CUPS wiki:<br />
<br />
...<br />
<br />
Systemd uses a different CUPS socket file located at:<br />
<br />
/usr/lib/systemd/system/cups.socket<br />
<br />
The default CUPS socket file is located at:<br />
<br />
/var/run/cups/cups.sock<br />
<br />
Edit {{ic|/etc/cups/cupsd.conf}} and {{ic|/etc/cups/client.conf}} as root to use the systemd socket instead of the default. Make sure to restart CUPS when you are done:<br />
<br />
# systemctl restart cups<br />
<br />
...<br />
<br><br />
-- [[User:JKAbrams|JKAbrams]] 5 November 2012<br />
:This sounds more like a {{pkg|cups}} packaging bug that should just be fixed.<br />
:-- [[User:Jstjohn|Jstjohn]] ([[User talk:Jstjohn|talk]]) 01:11, 8 November 2012 (UTC)<br />
::It sounds like someone who doesn't have a clue about systemd. That cups.socket file is a systemd unit file of type socket, which contains the location of the socket file for CUPS (and that is still /var/run/cups/cups.sock).<br />
::[[User:Raynman|Raynman]] ([[User talk:Raynman|talk]]) 22:49, 9 November 2012 (UTC)</div>DarioPhttps://wiki.archlinux.org/index.php?title=Talk:Systemd&diff=235891Talk:Systemd2012-11-18T12:41:58Z<p>DarioP: </p>
<hr />
<div>== Should the section "writing a custom .service" be expanded? ==<br />
<br />
I think so.. as long as I got, this is necessary to run self-made scripts during the boot process, but this is not clear and the structure of the files is not well presented.<br />
<br />
== Display manager fails to load with fast SSD ==<br />
<br />
I was having a problem with my display manager (LXDM) not loading on my laptop, which has a Sandisk Extreme SSD.<br />
Xorg.log would show errors like "No screens found."<br />
<br />
I eventually figured out that the problem was that my computer was booting so fast that KMS didn't have enough time to kick in before X was started. I solved by adding the KMS driver (i915 in my case) to the initramfs.<br />
<br />
Just a tip for SSD users, not sure if it should be added to the page or not.<br> --[[User:Steev|Steev]] ([[User talk:Steev|talk]]) 16:59, 2 September 2012 (UTC)<br />
:This is a general problem that needs to be solved in the display manager. GDM already implements the bits for the [http://cgit.freedesktop.org/systemd/systemd/commit/?id=f1a8e221ecacea23 CanGraphical] flag.<br />
:-- [[User:Falconindy|Falconindy]] ([[User talk:Falconindy|talk]]) 21:34, 2 September 2012 (UTC)<br />
<br />
== <s> Hibernation with systemd </s> ==<br />
<br />
The hibernation section should be considered a hack since systemd does not directly handle the backend that handles power management. Systemd uses the Upower interface to handle such requests<br>-- [[User:Yungtrizzle|Yungtrizzle]] ([[User talk:Yungtrizzle|talk]]) 06:25, 10 October 2012<br />
<br />
:I talked about hibernation process with Lennart Poettering and he said that systemd-hibernate does only "echo disk > /sys/power/state" . As far as i can see, it works perfectly with tuxonice, since it seems it is now using the same userspace API as kernel hibernation; so it works even without hibernate-script installed (i use it without that package). <br />
:-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 13:54, 24 October 2012<br />
<br />
:: what is the #Hibernation section all about anyway? It makes it sound like you need to use uswsusp to hibernate while it should work out of the box just fine. It doesn't explain at all why you would want to use uswsusp instead of the default command. I don't use hibernate nor do I know what uswsusp actually does, so what am I missing here? <br />
::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 15:12, 25 October 2012 (UTC)<br />
<br />
:::I agree with 65kid. In fact, systemctl hibernate works out of the box (it only does an "echo disk...", nothing else). We don't need uswsusp at all. I tried with stock arch kernel and it works.<br />
:::-- [[User:Nierro|Nierro]] ([[User talk:Nierro|talk]]) 11:24, 26 October 2012<br />
<br />
::::Then I suggest that - unless someone explains why you would want to use uswsusp - we remove this whole section because it is nothing but confusing. This article is already way too big to waste text on something that doesn't seem to make any sense.<br />
::::-- [[User:65kid|65kid]] ([[User talk:65kid|talk]]) 10:10, 26 October 2012 (UTC)<br />
<br />
::::: I went ahead and removed the irrelevant information from the page, moving it to [[Uswsusp]]. I also added a note pointing readers there if they want to use another backend for suspending or hibernating.<br />
:::::-- [[User:Ifaigios|Ifaigios]] ([[User talk:Ifaigios|talk]]) 18:16, 26 October 2012 (UTC)<br />
<br />
:::::: Hey [[User:Nierro|Nierro]], do {{ic|systemctl hibernate}} and {{ic|systemctl suspend}} really do different things on your box? In my setup (linux-pf, systemd 195-2), if I do the latter, my box is also in suspend mode, meaning that my power button is glowing on and off and I don't see grub after pressing the power button again but are back to my desktop almost immediately. To me, it rather seems as if {{ic|systemctl hibernate}} goes into hybrid mode?<br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 10:07, 29 October 2012 (UTC)<br />
<br />
:::::: Got an answer to the question on the systemd mailing list now: [http://lists.freedesktop.org/archives/systemd-devel/2012-October/007245.html Link] <br />
::::::-- [[User:Jakobh|jakobh]] [[User talk:Jakobh|✉]] 17:56, 30 October 2012 (UTC)<br />
<br />
== <s> GNOME 3.6 issues inhibited commands </s> ==<br />
It seems that GNOME 3.6 now issues the necessary "inhibited" commands, at my system now doesn't suspend twice with the standard configuration anymore. However I'm not familiar enough with the whole concept to be absolutely sure, so I won't update the page itself. Maybe someone with more competence regarding the inhibited commands can confirm this and edit the page?<br><br />
-- [[User:Johnpatcher|Johnpatcher]] ([[User_talk:Johnpatcher|talk]]) 00:34, 31 October 2012 (UTC)<br />
: Inhibited note is added. Close. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 01:42, 12 November 2012 (UTC)<br />
<br />
== Should we add a note about CUPS under 'Transitioning from initscripts to systemd'? ==<br />
Are there any more sockets that change?<br />
<br />
Copied from the CUPS wiki:<br />
<br />
...<br />
<br />
Systemd uses a different CUPS socket file located at:<br />
<br />
/usr/lib/systemd/system/cups.socket<br />
<br />
The default CUPS socket file is located at:<br />
<br />
/var/run/cups/cups.sock<br />
<br />
Edit {{ic|/etc/cups/cupsd.conf}} and {{ic|/etc/cups/client.conf}} as root to use the systemd socket instead of the default. Make sure to restart CUPS when you are done:<br />
<br />
# systemctl restart cups<br />
<br />
...<br />
<br><br />
-- [[User:JKAbrams|JKAbrams]] 5 November 2012<br />
:This sounds more like a {{pkg|cups}} packaging bug that should just be fixed.<br />
:-- [[User:Jstjohn|Jstjohn]] ([[User talk:Jstjohn|talk]]) 01:11, 8 November 2012 (UTC)<br />
::It sounds like someone who doesn't have a clue about systemd. That cups.socket file is a systemd unit file of type socket, which contains the location of the socket file for CUPS (and that is still /var/run/cups/cups.sock).<br />
::[[User:Raynman|Raynman]] ([[User talk:Raynman|talk]]) 22:49, 9 November 2012 (UTC)</div>DarioPhttps://wiki.archlinux.org/index.php?title=Tor&diff=202889Tor2012-05-26T12:47:01Z<p>DarioP: /* Chromium */</p>
<hr />
<div>[[Category:Internet Applications]]<br />
[[Category:Proxy servers]]<br />
[[Category:Daemons and system services]]<br />
{{i18n|Tor}}<br />
<br />
{{Article summary start}}<br />
{{Article summary text|This article will explain how to install and configure Tor alongside HTTP proxies like [[Privoxy]] and [[Polipo]].}}<br />
{{Article summary heading|Required software}}<br />
{{Article summary link|Tor|https://www.torproject.org}}<br />
{{Article summary link|Privoxy|http://privoxy.org/}}<br />
{{Article summary link|Polipo|http://www.pps.jussieu.fr/~jch/software/polipo/}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Gnunet}}<br />
{{Article summary end}}<br />
<br />
'''Tor''' is an open source implementation of 2nd generation [[Wikipedia:Onion routing|onion routing]] that provides free access to an anonymous proxy network. Its primary goal is to enable [[Wikipedia:internet anonymity|online anonymity]] by protecting against [[Wikipedia:Traffic analysis|traffic analysis]] attacks.<br />
<br />
==Introduction==<br />
Users of the Tor network run an onion proxy on their machine. This software connects out to Tor, periodically negotiating a virtual circuit through the Tor network. Tor employs cryptography in a layered manner (hence the 'onion' analogy), ensuring perfect forward secrecy between routers. At the same time, the onion proxy software presents a SOCKS interface to its clients. SOCKS-aware applications may be pointed at Tor, which then multiplexes the traffic through a Tor virtual circuit.<br />
<br />
{{Warning|Tor by itself is ''not'' all you need to maintain your anonymity. There are several major pitfalls to watch out for (see: [https://www.torproject.org/download/download.html#warning Want Tor to really work?]).}}<br />
<br />
Through this process the onion proxy manages networking traffic for end-user anonymity. It keeps a user anonymous by encrypting traffic, sending it through other nodes of the Tor network, and decrypting it at the last node to receive your traffic before forwarding it to the server you specified. Although Tor is considerably safer than the commonly used direct DNS connections (i.e. without a proxy), it can be considerably slower due to the large amount of traffic re-routing. Additionally, although Tor provides protection against traffic analysis it cannot prevent traffic confirmation at the boundaries of the Tor network (i.e. the traffic entering and exiting the network).<br />
<br />
{{Wikipedia|Tor (anonymity network)}}<br />
<br />
==Installation==<br />
[[pacman|Install]] {{Pkg|tor}}, available in the [[official repositories]]. <br />
<br />
Additionally, there is a [[Qt]] frontend for Tor in package {{Pkg|vidalia}}. In addition to controlling the Tor process, Vidalia allows you to view and configure the status of Tor, monitor bandwidth usage, and view, filter, and search log messages.<br />
<br />
==Configuration==<br />
To get a better understanding of Tor review the {{ic|/etc/tor/torrc}} configuration file. The configuration options are explained in {{Ic|man tor}} and the [https://torproject.org/docs/tor-manual.html.en Tor website]. The default configuration should work fine for most Tor users.<br />
<br />
You can set custom [[Wikipedia:File descriptor|file descriptor]] ulimits for Tor in {{ic|/etc/conf.d/tor}} using the {{Ic|TOR_MAX_FD}} variable. This sets a limit on the maximum number of open files.<br />
<br />
By default Tor logs to [[Wikipedia:Stdout#Standard output (stdout)|stdout]] with a log-level of "notice". If system logging is enabled in the {{ic|torrc}} configuration file, it will default to {{Ic|/usr/local/var/log/tor/}}.<br />
<br />
==Usage==<br />
You can launch it from command line or via a GUI like '''vidalia'''.<br />
Start the '''tor''' [[daemon]] and add it to the {{ic|DAEMONS}} array to have it connect always.<br />
To use a program over tor, configure it to use 127.0.0.1 or localhost as SOCKS5 proxy, with port 9050 (plain tor with standard settings) or port 9051 (configuration with '''vidalia''', standard settings).<br />
To check if Tor is functioning properly visit the [https://check.torproject.org/ Tor], [http://serifos.eecs.harvard.edu/cgi-bin/ipaddr.pl?tor=1 Harvard] or [https://torcheck.xenobite.eu/ Xenobite.eu] websites.<br />
<br />
==Web browsing==<br />
Tor primarily supports [[Firefox]], but can also be used with [[Chromium]].<br />
<br />
===Firefox===<br />
In ''Preferences > Advanced > Network tab > Settings'' manually set Firefox to use the SOCKS proxy {{ic|localhost}} with port {{ic|9050}}.<br />
<br />
Alternatively, install the [https://www.torproject.org/projects/torbrowser.html Tor Browser Bundle]. This will allow you to toggle very easily between Tor navigation and normal navigation instead of changing the preferences.<br />
<br />
===Chromium===<br />
You can simply run:<br />
$ chromium --proxy-server="socks://localhost:9050"<br />
<br />
As for Firefox you can setup a fast switch for example through [https://chrome.google.com/webstore/detail/dpplabbmogkhghncfbfdeeokoefdjegm Proxy SwitchySharp].<br />
<br />
Once installed enter in its configuration page. Under the tab ''Proxy Profiles'' add a new profile ''Tor'', if ticked untick the option ''Use the same proxy server for all protocols'', then add ''localhost'' as SOCKS Host, ''9050'' to the respective port and select ''SOCKS v5''.<br />
<br />
Optionally you can enable the quick switch under the ''General'' tab to be able to switch beetween normal navigation and Tor network just by left-clicking on the Proxy SwitchySharp's icon.<br />
<br />
==HTTP Proxy==<br />
Tor can be used with an HTTP proxy like [[Polipo]] or [[Privoxy]].<br />
<br />
{{note|Polipo is recommended over Privoxy by the Tor dev team. [https://trac.torproject.org/projects/tor/wiki/doc/TorFAQ#WhydoweneedPolipoorPrivoxywithTorWhichisbetter]}}<br />
<br />
===Firefox===<br />
The [https://addons.mozilla.org/en-us/firefox/addon/foxyproxy-standard/ FoxyProxy] add-on allows you to specify multiple proxies for different URLs or for all your browsing. After restarting Firefox manually set Firefox to port {{ic|8118}} on {{ic|localhost}}, which is where [[Polipo]] or [[Privoxy]] are running. These settings can be access under ''Add > Standard proxy type''. Select a proxy label (e.g Tor) and enter the port and host into the ''HTTP Proxy'' and ''SSL Proxy'' fields. To check if Tor is functioning properly visit the [https://check.torproject.org/ Tor Check] website and toggle Tor.<br />
<br />
===Polipo===<br />
The Tor Project has created a custom [https://gitweb.torproject.org/torbrowser.git/blob_plain/HEAD:/build-scripts/config/polipo.conf Polipo configuration file] to prevent potential problems with Polipo as well to provide better anonymity.<br />
<br />
Keep in mind that Polipo is not required if you can use a SOCKS 5 proxy, which Tor starts automatically on port 9050. If you want to use [[Chromium]] with Tor, you do not need the Polipo package (see: [[#Chromium]]).<br />
<br />
===Privoxy===<br />
You can also use this setup in other applications like messaging (e.g. Jabber, IRC). Applications that support HTTP proxies you can connect to Privoxy (i.e. {{ic|127.0.0.1:8118}}). To use SOCKS proxy directly, you can point your application at Tor (i.e. {{ic|127.0.0.1:9050}}). A problem with this method though is that applications doing DNS resolves by themselves may leak information. Consider using Socks4A (e.g. with Privoxy) instead.<br />
<br />
==Instant Messaging==<br />
In order to use an IM client with tor, we do not need an http proxy like [[polipo]]/[[privoxy]]. We will be using tor's daemon directly which listens to port 9050 by default. <br />
<br />
===Pidgin===<br />
Browse through preferences -> proxy and edit it to look like<br />
Proxy type SOCKS5<br />
Host 127.0.0.1<br />
Port 9050<br />
<br />
From now on [[pidgin]] will be using Tor. In some cases, depending on how different accounts are configured in IM services you have set up, you might want to change their proxy settings. Go to Accounts -> Manage Accounts and modify the account you wish, in Proxy tab to read<br />
Proxy type Use Global Proxy Settings<br />
<br />
==Irssi==<br />
Freenode does not recommend that you use Privoxy with [[Irssi]]. Instead they recommend using the {{Ic|mapaddress}} approach and running {{Ic|torify irssi}} to start it up. Therefore, add the following to {{ic|/etc/tor/torrc}}:<br />
mapaddress 10.40.40.40 p4fsi4ockecnea7l.onion<br />
<br />
Freenode requires charybdis and ircd-seven's SASL mechanism for identifying to nickserv during<br />
connection. Download {{ic|cap_sasl.pl}}, which enables SASL in Irssi, from the Freenode website (i.e. http://www.freenode.net/sasl/cap_sasl.pl) and save it to {{Ic|~/.irssi/scripts/cap_sasl.pl}}<br />
<br />
Then install {{Pkg|perl-crypt-openssl-bignum}}, {{Pkg|perl-crypt-blowfish}} and then {{AUR|perl-crypt-dh}} from the [[AUR]].<br />
<br />
Alternatively, you can install the modules using perl:<br />
$ perl -MCPAN -e 'install Crypt::OpenSSL::Bignum Crypt::DH Crypt::Blowfish'<br />
<br />
Start irssi <br />
$ torify irssi<br />
<br />
Load the script that will employ the SASL mechanism.<br />
/script load cap_sasl.pl<br />
<br />
Set your identification to nickserv, which will be read when connecting. Supported mechanisms are PLAIN and DH-BLOWFISH. <br />
/sasl set <network> <username> <password> <mechanism><br />
<br />
Connect to Freenode:<br />
/connect -network <network> 10.40.40.40<br />
<br />
For more information check [http://freenode.net/irc_servers.shtml#tor Accessing freenode Via Tor] and the [http://freenode.net/sasl/README.txt SASL README] at freenode.net or the [https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO/IrcSilc IRC/SILC Wiki article] at torproject.org.<br />
<br />
If you are receiving errors check the ''[https://bbs.archlinux.org/viewtopic.php?pid=956467 Cannot Connect to Freenode IRC using Irssi & Tor]'' thread on the Arch Linux forums.<br />
<br />
==Pacman==<br />
Pacman download operations (repository DBs, packages, and public keys) can be done using the Tor network. Though relatively extreme, this measure is useful to prevent an adversary (most likely at one's LAN or the mirror) from knowing a subset of the packages you have installed, at the cost of longer latency, lower throughput, possible suspicion, and possible failure (if Tor is being filtered via the current connection).<br />
<br />
{{Warning|It would be arguably simpler for an adversary, specifically one who desires to indiscriminately disseminate malware, to perform his/her activity by deploying malicious Tor exit node(s). Always use signed packages and verify new public keys by out-of-band means.}}<br />
<br />
{{hc|/etc/pacman.conf|<br />
...<br />
<nowiki>XferCommand = /usr/bin/curl --socks5-hostname localhost:9050 -C - -f %u > %o</nowiki><br />
...}}<br />
<br />
==Running a Tor Server==<br />
===Configuration===<br />
You should at least share 20kb/s:<br />
Nickname <tornickname><br />
ORPort 9001<br />
BandwidthRate 20 KB # Throttle traffic to 20KB/s<br />
BandwidthBurst 50 KB # But allow bursts up to 50KB/s<br />
<br />
Allow irc ports 6660-6667 to exit from node:<br />
ExitPolicy accept *:6660-6667,reject *:* # Allow irc ports but no more<br />
<br />
Run Tor as an exit node:<br />
ExitPolicy accept *:119 # Accept nntp as well as default exit policy<br />
<br />
Run Tor as middleman ( a relay):<br />
ExitPolicy reject *:*<br />
<br />
==Running a Tor bridge==<br />
===Configuration===<br />
According to https://www.torproject.org/docs/bridges , make your torrc be just these four lines:<br />
<br />
SocksPort 0<br />
ORPort 443<br />
BridgeRelay 1<br />
Exitpolicy reject *:*<br />
<br />
===Troubleshooting===<br />
If you get "Could not bind to 0.0.0.0:443: Permission denied" errors on startup, you'll need to pick a higher ORPort (e.g. 8080), or perhaps [http://www.portforward.com/ forward the port] in your router.<br />
<br />
==TorDNS==<br />
The Tor 0.2.x series provides a built-in DNS forwarder. To enable it add the following lines to the Tor configuration file:<br />
{{hc|/etc/tor/torrc|<br />
DNSPort 9053<br />
AutomapHostsOnResolve 1<br />
AutomapHostsSuffixes .exit,.onion<br />
}}<br />
And restart Tor to load the updated configuration file:<br />
# rc.d restart tor<br />
<br />
This will allow Tor to accept DNS requests (listening on port 9053 in this example) like a regular DNS server, and resolve the domain via the Tor network. A downside is that it's only able to resolve DNS queries for A-records; MX and NS queries are never answered. For more information see this [https://techstdout.boum.org/TorDns/ Debian-based introduction].<br />
<br />
DNS queries can also be performed through a command line interface by using {{Ic|<nowiki>tor-resolve</nowiki>}}. For example:<br />
{{bc|<br />
$ tor-resolve archlinux.org<br />
66.211.214.131<br />
}}<br />
<br />
==Torify==<br />
'''torify''' will allow you use an application via the Tor network without the need to make configuration changes to the application involved. From the man page:<br />
<br />
''torify is a simple wrapper that calls tsocks with a tor specific configuration file. tsocks itself is a wrapper between the tsocks library and the application that you would like to run socksified''<br />
<br />
Usage example:<br />
{{bc|<nowiki><br />
$ torify elinks checkip.dyndns.org<br />
$ torify wget -qO- https://check.torproject.org/ | grep -i congratulations<br />
</nowiki>}}<br />
<br />
Torify ''will not'', however, perform DNS lookups through the Tor network. A workaround is to use it in conjunction with {{Ic|<nowiki>tor-resolve</nowiki>}} (described above). In this case, the procedure for the first of the above examples would look like this:<br />
{{bc|<br />
$ tor-resolve checkip.dyndns.org<br />
208.78.69.70<br />
$ torify elinks 208.78.69.70<br />
}}<br />
<br />
==Troubleshooting==<br />
===Problem with User value===<br />
If the '''tor''' daemon failed to start, then run the following command as root (or use sudo)<br />
<br />
# tor<br />
<br />
If you get the following error<br />
<br />
May 23 00:27:24.624 [warn] Error setting groups to gid 43: "Operation not permitted".<br />
May 23 00:27:24.624 [warn] If you set the "User" option, you must start Tor as root.<br />
May 23 00:27:24.624 [warn] Failed to parse/validate config: Problem with User value. See logs for details.<br />
May 23 00:27:24.624 [err] Reading config failed--see warnings above.<br />
<br />
Then it means that the problem is with the User value. So proceed with the following steps.<br />
<br />
Check the permissions of the directory {{ic|/var/lib/tor}} by running<br />
<br />
# ls -l /var/lib/<br />
<br />
If the permission for {{ic|/var/lib/tor}} is as shown below<br />
<br />
drwx------ 2 tor tor 4096 May 12 21:03 tor<br />
<br />
This means that the directory is owned by the user ''tor'' and the group ''tor''.<br />
Change the owner to the user ''root'', and the group ''root'' with the command:<br />
<br />
# chown -R root:root /var/lib/tor<br />
<br />
If you check the permissions again, it should now show<br />
<br />
drwx------ 2 root root 4096 May 12 21:03 tor<br />
<br />
Now open {{ic|/etc/tor/torrc}} and find the following lines<br />
<br />
## Uncomment this to start the process in the background... or use<br />
## --runasdaemon 1 on the command line.<br />
RunAsDaemon 1<br />
User tor<br />
Group tor<br />
<br />
Comment out the lines ''User tor'' and ''Group tor'', so that the lines read as <br />
<br />
## Uncomment this to start the process in the background... or use<br />
## --runasdaemon 1 on the command line.<br />
RunAsDaemon 1<br />
#User tor<br />
#Group tor<br />
<br />
Save the changes and restart the '''tor''' daemon, it should now work.<br />
<br />
# rc.d restart tor<br />
<br />
===Daemon fails on restart===<br />
<br />
If after issuing {{Ic|/etc/rc.d/tor restart}} you have log entries similar to<br />
<br />
Interrupt: we have stopped accepting new connections, and will shut down in 30 seconds. Interrupt again to exit now<br />
<br />
and the daemon fails to start back up, a simple workaround is to open {{Ic|/etc/rc.d/tor}} in your favourite editor and increase the time waited between the shutting down and starting up again of the daemon. For example:<br />
<br />
{{hc|/etc/rc.d/tor| ;;<br />
restart)<br />
$0 stop<br />
sleep 35<br />
$0 start<br />
;;}}<br />
<br />
This will allow Tor to shutdown cleanly, and restart after a safe period of time. Remember that this file may be overwritten by upgrades.<br />
<br />
==See Also==<br />
* [https://www.torproject.org/docs/tor-doc-unix.html.en Running the Tor client on Linux/BSD/Unix]<br />
* [https://trac.torproject.org/projects/tor/wiki#Unixish Unix-based Tor Articles]<br />
* [https://trac.torproject.org/projects/tor/wiki/doc/SupportPrograms Software commonly integrated with Tor]<br />
* [https://www.torproject.org/docs/tor-hidden-service.html.en How to set up a Tor ''Hidden Service'']</div>DarioPhttps://wiki.archlinux.org/index.php?title=GNOME&diff=172353GNOME2011-12-04T18:36:29Z<p>DarioP: /* GNOME shell extensions */</p>
<hr />
<div>[[Category:Desktop environments (English)]]<br />
{{i18n|GNOME 3|GNOME}}<br />
[[de:GNOME]]<br />
[[fr:GNOME]]<br />
[[pl:GNOME]]<br />
<br />
{{Article summary start}}<br />
{{Article summary text|GNOME 3 provides a modern desktop, rewritten from scratch, using the GTK3+ toolkit.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Graphical user interface overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|GTK+}}<br />
{{Article summary end}}<br />
<br />
The GNOME Project started from scratch and created a completely new desktop called GNOME 3. It has:<br />
<br />
* A modern visual theme and font<br />
* An activities view providing access to all windows and applications<br />
* A subtle notifications system and a discreet top panel<br />
* Integration with an improved Nautilus file manager<br />
* Integrated desktop services for messaging<br />
* A new system settings application <br />
* An activities search feature<br />
* Features such as snap-like window tiling<br />
<br />
Additional explanations are found on the [http://www.gnome3.org/ official GNOME3 website.]<br />
<br />
== Introduction ==<br />
<br />
GNOME 3 has ''two'' interfaces: '''GNOME Shell,''' the new standard layout; and '''fallback mode.''' Gnome-session automatically detects when your computer is incapable of running Gnome Shell and starts fallback mode when appropriate. <br />
<br />
'''Fallback mode''' is similar to GNOME 2. (Fallback mode uses gnome-panel/Metacity instead of gnome-shell/Mutter.)<br />
<br />
When you are on fallback mode you can still replace GNOME's default window manager with your preferred one.<br />
<br />
==Installation==<br />
<br />
GNOME 3 is in the [extra] repository. The '''gnome''' group contains the core desktop environment and applications, and gnome-extra contains the rest. You likely do not want all of the packages installed, so consider reading the package descriptions before installing them (or just remove them later).<br />
<br />
'''You must install the gnome group'''. gnome-extra does not imply that you want everything in gnome.<br />
<br />
Example:<br />
<br />
# pacman -S gnome<br />
<br />
Chose what applications you are using from gnome-extra. Is not mandatory to install the whole group.<br />
<br />
# pacman -S gnome-extra<br />
<br />
===D-Bus daemon===<br />
The GNOME desktop requires the [[D-Bus]] daemon. Refer to the [[dbus]] article for setup instructions.<br />
<br />
=== Running GNOME ===<br />
<br />
For the best desktop integration, login manager '''GDM''' is recommended. Other login managers (a.k.a. display managers) such as SLiM can be used in place of GDM. Check out the [[Display_Manager|wiki article on display managers]] to learn how desktop environments are started.<br />
<br />
The login manager is a limited process entrusted with duties that impact the system. The [[PolicyKit|PolicyKit wiki article]] addresses the topic of system‑wide access control.<br />
<br />
# pacman -S gdm<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file. Make sure it is the only line (remove the {{ic|if/fi}} block from the standard {{ic|~/.xinitrc}} since the {{ic|if/fi}} block can cause problems) and the only command starting with {{ic|exec}}. See the [[xinitrc| xinitrc wiki article]].<br />
{{hc|~/.xinitrc|<nowiki><br />
#ONLY THIS LINE<br />
exec ck-launch-session gnome-session<br />
</nowiki>}}<br />
<br />
After the {{ic|exec}} command is placed, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME cheat sheet ===<br />
<br />
The GNOME web site has a helpful [https://live.gnome.org/GnomeShell/CheatSheet GNOME Shell cheat sheet] explaining task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{Keypress|Alt}} + {{Keypress|F2}} then {{Keypress|r}} then {{Keypress|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes, such as switching between '''''GNOME Shell''''' and '''''fallback mode,''''' cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
It is common sense — but worth repeating — that valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
=== Overall appearance ===<br />
<br />
GNOME 3 may have "started from scratch", but like most large software projects it is assembled from parts dating to different eras. There is not '''one''' all-encompassing configuration tool. The new ''Systems Settings'' tool is a big improvement over previous control panels. ''System Settings'' is well-organized, but you may find yourself wishing for more control over system appearance.<br />
<br />
You may be familiar with existing configuration tools: some of these still work; many will not. Some settings are not readily exposed for you to change. Indubitably, many settings will migrate to newer tools and/or become exposed as time progresses and the wider community embraces and extends the latest GNOME desktop.<br />
<br />
==== Gsettings ====<br />
<br />
A new command-line tool '''gsettings''' stores data in a binary format, unlike previous tools using XML text. A tutorial [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] explores the power of gsettings.<br />
<br />
==== GNOME tweak tool ====<br />
<br />
This graphical tool customizes fonts, themes, titlebar buttons and other settings. <br />
<br />
# pacman -S gnome-tweak-tool<br />
<br />
Version 3.0.3 only works when gnome-shell is installed (OK if forced to fallback mode). [https://bugzilla.gnome.org/show_bug.cgi?id=647132 Bugzilla bug report here.]<br />
<br />
==== GTK3 theme via settings.ini ====<br />
<br />
Like '''{{ic|~/.gtkrc-2.0}}''' with GTK2+, it is possible to set a GTK3 theme via '''{{ic|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini}}'''.<br />
<br />
Variable {{ic|$XDG_CONFIG_HOME}} is usually set to '''~/.config'''<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of '''gnome-themes-standard.''' Additional GTK3 themes are found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site.] For example:<br />
{{hc|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
gtk-fallback-icon-theme = gnome<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to [[#Restarting_the_shell|restart GNOME shell]] for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation.]<br />
<br />
==== Icon theme ====<br />
<br />
Using gnome-tweak-tool v. 3.0.3 and later, you can place any icon theme you wish to use inside '''{{ic|~/.icons}}'''.<br />
<br />
Usefully, GNOME 3 is compatible with GNOME 2 icon themes, which means you're not stuck with the default icons. To install a new set of icons, copy your desired icon theme's directory to '''{{ic|~/.icons}}'''. As an example:<br />
<br />
$ cp -R /home/user/Desktop/my_icon_theme ~/.icons<br />
<br />
The new theme ''my_icon_theme'' is now selectable using '''gnome-tweak-tool''' under '''''interface.'''''<br />
<br />
Alternatively, you may textually select your icon theme with no need for gnome-tweak-tool. Add the GTK icon theme name to '''{{ic|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini}}'''. Please note, not to use "" as your settings would not be recognised then.<br />
<br />
{{hc|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini|<nowiki>... previous lines ...<br />
<br />
gtk-icon-theme-name = my_new_icon_theme</nowiki>}}<br />
<br />
=== Nautilus ===<br />
<br />
==== Remove folders from the places sidebar ====<br />
<br />
The displayed folders are specified in {{ic|~/.config/user-dirs.dirs}} and can be altered with any editor. An execution of {{ic|xdg-user-dirs-update}} will change them again, thus it may be advisable to set the file permissions to read-only.<br />
<br />
==== Always show text-entry location ====<br />
<br />
The standard Nautilus toolbar shows a button bar interface for path navigation. To enter path locations using the ''keyboard'' you must expose the location text-entry field. This is done by pressing {{Keypress|Ctrl}} + {{Keypress|L}}<br />
<br />
To make the location text-entry field always present, use gsettings as shown. <br />
<br />
$ gsettings set org.gnome.nautilus.preferences always-use-location-entry true<br />
<br />
{{Note| after changing this setting you will not be able to expose the button bar. Only when the setting is '''false''' can both forms of location navigation be employed.}}<br />
<br />
=== GNOME panel ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.shell.clock show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When doing a gnome install, some unwanted icons might appear in the panel. To remove the icons, edit the gnome panel script.<br />
<br />
For example, to remove the '''universal access icon'''. Remove 'ally' from the AREA_ORDER line and comment out the 'ally' line in AREA_SHELL_IMPLEMENTATION<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const STANDARD_STATUS_AREA_ORDER = ['ally', 'keyboard', 'volume', 'network', 'bluetooth', 'battery', 'userMenu'];<br />
const STANDARD_STATUS_AREA_SHELL_IMPLEMENTATION = {<br />
'a11y': imports.ui.status.accessibility.ATIndicator<br />
'volume': imports.ui.status.volume.Indicator,<br />
'battery': imports.ui.status.power.Indicator,<br />
'keyboard': imports.ui.status.keyboard.XKBIndicator,<br />
'userMenu': imports.ui.userMenu.UserMenuButton<br />
};<br />
</nowiki>}}<br />
<br />
to<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const STANDARD_STATUS_AREA_ORDER = ['keyboard', 'volume', 'network', 'bluetooth' 'battery', 'userMenu'];<br />
const STANDARD_STATUS_AREA_SHELL_IMPLEMENTATION = {<br />
//'a11y': imports.ui.status.accessibility.ATIndicator<br />
'volume': imports.ui.status.volume.Indicator,<br />
'battery': imports.ui.status.power.Indicator,<br />
'keyboard': imports.ui.status.keyboard.XKBIndicator,<br />
'userMenu': imports.ui.userMenu.UserMenuButton<br />
};<br />
</nowiki>}}<br />
<br />
save your results and restart the shell to see results<br />
<br />
#alt + F2<br />
#r<br />
#enter<br />
<br />
==== Disable "Suspend" in the status menu ====<br />
<br />
A quick way to do it system-wide for GNOME 3.2 is to change line 539 of {{ic|/usr/share/gnome-shell/js/ui/userMenu.js}}. (For GNOME versions prior to 3.2, look at line 153 of {{ic|/usr/share/gnome-shell/js/ui/statusMenu.js}}.) This change takes effect the next time GNOME Shell is started.<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/userMenu.js|<nowiki><br />
// this._haveSuspend = this._upClient.get_can_suspend(); // Comment this line out.<br />
this._haveSuspend = false; // Use this line instead.<br />
</nowiki>}}<br />
<br />
The above change does not persist after a GNOME version update, however. A more perennial solution is to install the GNOME shell extension {{ic|alternative status menu}} in package {{Pkg|gnome-shell-extension-alternative-status-menu}}.<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command.<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
Install the {{AUR|gnome-shell-system-monitor-applet-git}} extension available in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
Install {{AUR|gnome-shell-extension-weather-git}} from [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like other desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are in '''{{ic|/usr/share/applications}}'''. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. '''Note:''' removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.<br />
<br />
The following command appends one line to a .desktop file and hides its associated icon from Applications view:<br />
<br />
$ echo "NoDisplay=true" >> foo.desktop<br />
<br />
==== Reduce application icon size ====<br />
<br />
One awkward selection of the GNOME designers is their choice of large icons for Applications view. This view is painful when working with a small screen containing many large application icons. There is a way to reduce the icon size. It is done by editing the Gnome-Shell theme.<br />
<br />
Edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. For the default theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
For user themes, edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting_the_shell|restart the GNOME shell.]]<br />
{{hc|gnome-shell.css|<nowiki><br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
<br />
A cloned GNOME Shell theme with smaller icons is available [http://aur.archlinux.org/packages.php?ID=51586 on the AUR].<br />
<br />
==== Disable Activity hot corner hovering ====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit '''{{ic|/usr/share/gnome-shell/js/ui/layout.js}}''' (that was ''panel.js'' in Gnome 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set ''reactive'' to ''false''. Gnome Shell needs to be restarted.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
<br />
# sed -i '/title_vertical_pad/s|value="[0-9]\{1,2\}"|value="0"|g' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
[[#Restarting_the_shell|Restart the GNOME shell.]] This changes vertical padding from 14 to 0, which gives windows a sleeker look.<br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[Official Repositories|official repositories]].<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting is changeable only through '''gconf-editor.'''<br />
<br />
For example, we move the close and minimize buttons to the left side of the titlebar. Open '''gconf-editor''' and locate the '''''desktop.gnome.shell.windows.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (Colon symbol designates the spacer between left side and right side of the titlebar.) Use whichever buttons in whatever order you prefer. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. [[#Restarting_the_shell|Restart the shell]] to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
[[#Restarting_the_shell|Restart the GNOME shell.]] After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{Keypress|Alt}} + {{Keypress|F5}}, {{Keypress|Alt}} + {{Keypress|F10}} or {{Keypress|Alt}} + {{Keypress|Space}} to remedy the situation.<br />
<br />
To prevent '''{{ic|metacity-theme-3.xml}}''' from being overwritten each time package "gnome-themes-standard" is upgraded, add its name to '''{{ic|/etc/pacman.conf}}''' with {{ic|NoUpgrade}}.<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values:<br />
<br />
# pacman -S gnome-themes-standard<br />
<br />
=== Login screen ===<br />
<br />
To modify characteristics of the login screen (GDM, the GNOME display manager) the following lines can be executed. The first command allows all users, including "gdm", to access X settings (albeit temporarily). This command creates a temporary vulnerability, so be advised. The second command opens a bash session with the credentials of user "gdm". '''Note:''' for exposition, user gdm's terminal prompt is shown as '''$'''. In actuality, it shows something like -bash-4.2$.<br />
<br />
# xhost +<br />
# su - gdm -s /bin/bash<br />
$ dbus-launch<br />
<br />
The third command prints DBUS_SESSION_BUS_ADDRESS and DBUS_SESSION_BUS_PID. We must export these variables. Either manually export the below two variables shown in the output of dbus-launch like this:<br />
<br />
$ export DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-Jb433gMQHS,guid=fc14d4bf3d000e38276a5a2200000d38<br />
$ export DBUS_SESSION_BUS_PID=4283<br />
<br />
Or use the follow command:<br />
<br />
$ `dbus-launch | sed "s/^/export /"`<br />
<br />
Check to see if dconf-service is running and if not, start it like this<br />
<br />
$ /usr/lib/dconf/dconf-service &<br />
<br />
==== Login background image ====<br />
<br />
Once session variables have been exported as explained above, you may issue commands to retrieve or set items used by GDM. <br />
<br />
The easiest way to changes all the settings is by launching the Configuration Editor gui with the command<br />
<br />
$ dconf-editor<br />
<br />
The location of each setting is the same as in the command line style of configuration shown below:<br />
<br />
The following is the command-line approach to retrieve or set the file name used for GDM's wallpaper.<br />
{{bc|<nowiki><br />
$ GSETTINGS_BACKEND=dconf gsettings get org.gnome.desktop.background picture-uri<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.background picture-uri 'file:///usr/share/backgrounds/gnome/SundownDunes.jpg'<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.background picture-options 'zoom'<br />
## Possible values: centered, none, scaled, spanned, stretched, wallpaper, zoom</nowiki>}}<br />
Note: You must specify a file which user "gdm" has permission to read. GDM cannot read files in your home directory.<br />
<br />
An alternative graphical interface to changing themes (gtk3, icons and cursor), the wallpaper and minor other settings of the GDM login screen, you can install [https://aur.archlinux.org/packages.php?ID=50232 gdm3setup] from AUR.<br />
<br />
==== Larger font for login ====<br />
<br />
This tweak enlarges the login font with a scaling factor. It is the same method employed by ''Accessibility Manager'' on the desktop.<br />
<br />
You must [[#Login_screen|export the GDM session variables]] before performing this tweak.<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.interface text-scaling-factor '1.25'<br />
<br />
==== Turning off the sound ====<br />
<br />
This tweak disables the audible feedback heard when the system volume is adjusted (via keyboard) on the login screen. You must first export the GDM session variables.<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.sound event-sounds 'false'<br />
<br />
If the above tweak does not work for you or you are unable to export the GDM session variables, there is always the easiest solution to the "ready sound" problem: mute or lower the sound while in GDM login screen using the media keys (if available) of your keyboard.<br />
<br />
==== Make the power button interactive ====<br />
<br />
The default installation sets the power button to suspend the system. '''''Power off''''' or '''''Show dialog''''' is a better choice. You must first export the GDM session variables as [[#Login_screen|outlined previously.]]<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.settings-daemon.plugins.power button-power 'interactive'<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.settings-daemon.plugins.power button-hibernate 'interactive'<br />
$ gsettings list-recursively org.gnome.settings-daemon.plugins.power<br />
<br />
==== GDM keyboard layout ====<br />
<br />
GDM does not know about your GNOME 3 desktop keyboard settings. To change keyboard settings used by GDM, set your layout using Xorg configuration. Refer to this section of the [[Beginners'_Guide#Non-US_keyboard|Beginner's Guide.]]<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Miscellaneous settings ==<br />
<br />
==== Automatic program launch upon logging in ====<br />
<br />
Specify which programs start automatically after logging in using {{ic|gnome-session-properties}}. This tool is part of the {{Pkg|gnome-session}} package.<br />
<br />
$ gnome-session-properties<br />
<br />
==== Activate NumLock upon logging in ====<br />
<br />
[[pacman|Install]] {{Pkg|numlockx}} from the [[Official Repositories|official repositories]]. Then, add a start-up command to launch {{ic|numlockx}}.<br />
$ gnome-session-properties<br />
<br />
The above command opens the '''Startup Applications Preferences''' applet. Click '''''Add''''' and enter the following:<br />
<br />
{| border="0"<br />
| Name: || ''Numlockx''<br />
|-<br />
| Command: || ''/usr/bin/numlockx on''<br />
|-<br />
| Comment: || ''Turns on numlock.''<br />
|}<br />
<br />
This is not a system-wide appearance tweak. Repeat these steps for each user wishing to activate NumLock after logging in.<br />
<br />
==== Move dialog windows ====<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions written by others. These provide features such as a dock or a widget for changing the theme. <br />
<br />
Many extensions are collected and hosted by [https://extensions.gnome.org/ gnome.org]. They can be browsed and installed simply activating them in the browser.<br />
<br />
Other details on available extensions are found at the [http://www.webupd8.org/2011/04/gnome-shell-extensions-additional.html WEBUPD8] site. The most recent articles can be found using this [http://www.webupd8.org/search/label/gnome%20shell%20extensions?max-results=20 WEBUPD8 search link.]<br />
<br />
The [[Official Repositories|official repositories]] have a dozen extensions which can be installed individually. (The latest version of a given extension may be installed using its code snapshot, if preferred.) [http://www.archlinux.org/packages/?sort=&q=gnome-shell-extension&maintainer=&last_update=&flagged=&limit=50 List here.]<br />
<br />
$ pacman -Ss gnome-shell-extension<br />
<br />
Other useful extensions provided in the [[AUR]]:<br />
<br />
{| border="1"<br />
| {{AUR|gnome-shell-extension-presentation-mode-git}} || Adds option to inhibit screensaver in the power menu (battery icon).<br />
|-<br />
| {{AUR|gnome-shell-extension-weather-git}} || Displays weather notifications.<br />
|-<br />
| {{AUR|gnome-shell-extension-alternative-status-menu-git}} || Adds "Hibernate" and "Power Off" to the status menu.<br />
|-<br />
| {{AUR|gnome-shell-extension-theme-selector}} || Select a theme in the Activities overview.<br />
To install a custom theme with GNOME Tweak Tool, you need to install the {{Pkg|gnome-shell-extension-user-theme}} package from the [[Official Repositories|official repositories]].<br />
|-<br />
|{{AUR|gnome-shell-frippery}} || An unofficial extension pack providing GNOME2 like features for GNOME3.<br />
|}<br />
<br />
[[#Restarting_the_shell|Restart the GNOME Shell]] after installing an extension. See [[#When_an_extension_breaks_GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default terminal ===<br />
<br />
{{ic|gsettings}}, which replaces {{ic|gconftool-2}} in GNOME 3, is used to set e.g. the default terminal manually. The setting is relevant for ''nautilus-open-terminal''.<br />
The commands for [[rxvt-unicode|urxvt]] run as daemon:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|For ''nautilus-open-terminal'', you may need a flag (e.g. {{ic|-e}}) to indicate that a command will follow: ''nautilus-open-terminal'' passes a {{ic|cd}} command in order to change directories to the appropriate location.}}<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== xmonad ===<br />
<br />
[[xmonad]] is a tiling window manager.<br />
<br />
Upgrading to GNOME 3 will likely break your xmonad setup. You can use xmonad again by [[#Enabling_fallback_mode|forcing fallback mode]] and creating two files:<br />
<br />
{{hc|/usr/share/gnome-session/sessions/xmonad.session|<nowiki>[GNOME Session]<br />
Name=Xmonad session<br />
RequiredComponents=gnome-panel;gnome-settings-daemon;<br />
RequiredProviders=windowmanager;notifications;<br />
DefaultProvider-windowmanager=xmonad<br />
DefaultProvider-notifications=notification-daemon</nowiki>}}<br />
<br />
{{hc|/usr/share/xsessions/xmonad-gnome-session.desktop|<nowiki>[Desktop Entry]<br />
Name=Xmonad GNOME<br />
Comment=Tiling window manager<br />
TryExec=/usr/bin/gnome-session<br />
Exec=gnome-session --session=xmonad<br />
Type=XSession</nowiki>}}<br />
<br />
The next time you log in, you should have the ability to choose ''Xmonad GNOME'' as your session.<br />
<br />
=== wmii ===<br />
<br />
[[wmii]] is a tiling window manager.<br />
<br />
You can use wmii with gnome by [[#Enabling_fallback_mode|forcing fallback mode]] and creating three files:<br />
<br />
{{hc|/usr/share/applications/wmii.desktop|<nowiki><br />
[Desktop Entry]<br />
Version=1.0<br />
Type=Application<br />
Name=wmii<br />
TryExec=wmii<br />
Exec=wmii</nowiki>}}<br />
<br />
{{hc|/usr/share/xsessions/gnome-wmii.desktop|<nowiki><br />
[Desktop Entry]<br />
Name=GNOME-wmii<br />
Comment=GNOME with wmii as window manager<br />
TryExec=gnome-session<br />
Exec=gnome-session --session=wmii<br />
Type=Application</nowiki>}}<br />
<br />
{{hc|/usr/share/gnome-session/sessions/wmii.session|<nowiki><br />
[GNOME Session]<br />
Name=wmii<br />
RequiredComponents=gnome-panel;gnome-settings-daemon;<br />
RequiredProviders=windowmanager;notifications;<br />
DefaultProvider-windowmanager=wmii<br />
DefaultProvider-notifications=notification-daemon</nowiki>}}<br />
<br />
The next time you log in, you should have the ability to choose ''GNOME-wmii'' as your session.<br />
<br />
The original info was taken from [http://makandra.com/notes/1367-running-the-awesome-window-manager-within-gnome running-the-awesome-window-manager-within-gnome], go there for info on awesome-gnome.<br />
<br />
Also it has info on how to:<br />
<br />
- create a per session (wmii, GNOME, GNOME-wmii, etc.) dconf database (useful if you ever plan on using regular GNOME)<br />
<br />
- Remove the bottom GNOME panel (with the task list)<br />
<br />
- Move the top panel (with the menus) to the bottom<br />
<br />
- Untick the expand option<br />
<br />
- Set it to autohide<br />
<br />
== Hidden features ==<br />
<br />
GNOME 3 hides many useful options which you can customize with '''dconf-editor.''' GNOME 3 also supports '''gconf-editor''' for settings that have not yet migrated to dconf.<br />
<br />
=== Changing hotkeys ===<br />
<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
<br />
The default assignment is a somewhat-awkward {{Keypress|Ctrl}} + {{Keypress|Delete}}.<br />
<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{Keypress|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{Keypress|Delete}} to make the new accelerator be the Delete key.<br />
<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Shutdown via the status menu ===<br />
<br />
Currently, the GNOME designers have hidden the ''Shutdown'' option inside the status menu. To shut down your system with the status menu, click the menu and hold down the {{Keypress|Alt}} key so that the '''''Suspend''''' item changes to '''''Power Off'''''. The subsequent dialog allows you to shut down or restart your system.<br />
<br />
If you disable the Suspend menu item system-wide as described [[#Disable_"Suspend"_in_the_status_menu|elsewhere in this document]] you do not have to go through these motions.<br />
<br />
Another option is to install the ''Alternative Status Menu'' extension. See the section on shell extensions. The alternative menu extension installs a new status menu with a non-hidden '''''Power Off''''' entry.<br />
<br />
== Integrated messaging (Empathy) ==<br />
<br />
Empathy, the engine behind integrated messaging, and all system settings based on messaging accounts will not show up unless the '''telepathy''' group of packages or at least one of the backends ('''telepathy-gabble''', or '''telepathy-haze''', for example) is installed.<br />
<br />
These packages are not included in default Arch GNOME installs. You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the /usr/bin/empathy-accounts application can remain running and will need to be killed before you can add any new accounts.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components Freedesktop.org Telepathy Wiki.]<br />
<br />
== Enabling fallback mode ==<br />
<br />
Your session automatically starts in fallback mode when '''gnome-shell''' is not present, or when your hardware cannot handle graphics acceleration — such as running within a virtual machine or running on old hardware.<br />
<br />
If you wish to enable fallback mode while still having '''gnome-shell''' installed, make the following system change:<br />
<br />
Open '''gnome-control-center.''' Click the ''System Info'' icon. Click Graphics. Change ''Forced Fallback Mode'' to {{ic|ON.}}<br />
<br />
You can alternatively choose the type of session from a terminal with a ''gsettings'' command:<br />
<br />
$ gsettings set org.gnome.desktop.session session-name 'gnome-fallback'<br />
<br />
You may want to log out after making the change. You will see the chosen type of session upon your next login.<br />
<br />
To disable forced-fallback mode (that is, launch the normal GNOME Shell) use a value of 'gnome' instead of 'gnome-fallback'.<br />
<br />
== Troubleshooting ==<br />
<br />
=== GNOME login takes a very long time ===<br />
<br />
See if you enabled ''PulseAudio Network'' settings in '''paprefs'''. When any network audio settings are enabled, GNOME hangs about a minute after logging in.<br />
<br />
One solution is to create a new user account and log in to that account. Another solution is to move your {{ic|~/.gconf}}, {{ic|~/.gconfd}} and {{ic|~/.conf/dconf}} folders to a holding area. Log in again to see if the delay is gone.<br />
<br />
If the excessive delay is gone, determine which setting causes the delay using trial-and-error.<br />
<br />
=== When an extension breaks GNOME ===<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of '''{{ic|~/.local/share/gnome‑shell/extensions,}}''' '''{{ic|/usr/share/gnome‑shell/extensions,}}''' or '''{{ic|/usr/local/share/gnome‑shell/extensions}}'''. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on Gnome Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
=== Extensions do not work after GNOME 3 update ===<br />
<br />
Locate the folder where your extensions are installed. It might be '''{{ic|~/.local/share/gnome-shell/extensions}}''' or '''{{ic|/usr/share/gnome-shell/extensions}}'''.<br />
<br />
Edit each occurrence of '''{{ic|metadata.json}}''' which appears in each extension sub-folder. <br />
<br />
{| border="0"<br />
| Insert: || '''{{ic|"shell-version": ["3.0"]}}'''<br />
|-<br />
| Instead of (for example): || '''{{ic|"shell-version": ["3.0.1"]}}'''<br />
|-<br />
| You might instead use: || '''{{ic|"shell-version": ["3.0.0", "3.0.1", "3.0.2"]}}'''<br />
|}<br />
<br />
<br />
'''"3.0"''' is the best solution. It indicates the extension works with every '''''3.0.x''''' GNOME Shell version.<br />
<br />
=== Screen is not locked after resume ===<br />
<br />
Screen lock only works when you suspend through GNOME's status menu. If you suspend or hibernate using the power button, your screen is not locked after resume. The problem is a configuration failure in dconf.<br />
<br />
Open ''dconf-editor'' and uncheck '''{{ic|lock-use-screensaver}}''' in the key named ''org.gnome.power-manager.''<br />
<br />
# gsettings set org.gnome.power-manager lock-use-screensaver 'false'<br />
<br />
Your screen should now be locked after resume whether you used the status menu, the power button, or a key combination. Bug report: [https://bugzilla.redhat.com/show_bug.cgi?id=698135#c8 Screen gets no more locked after suspend #Comment 8]<br />
<br />
=== GTK2+ apps show segfaults and fail to launch ===<br />
<br />
That usually happens when '''oxygen-gtk''' is installed. This theme appears to conflict with GNOME 3 or GTK3 settings. When '''oxygen-gtk''' has been set as a GTK2 theme, GTK2 apps segfault with errors like these:<br />
<br />
{{bc| (firefox-bin:14345): GLib-GObject-WARNING **: invalid (NULL) pointer instance<br />
<br />
(firefox-bin:14345): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_default_colormap: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_colormap_get_visual: assertion `GDK_IS_COLORMAP (colormap)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_default_colormap: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_root_window: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_root_window: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_window_new: assertion `GDK_IS_WINDOW (parent)' failed<br />
Segmentation fault<br />
}}<br />
<br />
The current workaround is to remove '''oxygen-gtk''' from the system and use a different theme for applications.<br />
<br />
=== ATI Catalyst driver creates glitches and artifacts ===<br />
<br />
For the moment, Catalyst is not proposed to be used while running GNOME Shell. The opensource ATI driver, xf86-video-ati, however, seems to be working properly with the GNOME 3 composited desktop.<br />
<br />
Note: Fix is promised with Catalyst 11.9. See http://ati.cchtml.com/show_bug.cgi?id=99<br />
<br />
=== xf86-video-ati driver: flickers from time to time ===<br />
<br />
If you use that driver, your desktop might flicker a lot when you hover the bottom right corner, and also when you start up gdm.<br />
Write the following in your '''{{ic|/etc/X11/xorg.conf.d/20-radeon.conf}}''' and see if it works then:<br />
<br />
Section "Device"<br />
Identifier "Radeon"<br />
Driver "radeon"<br />
Option "EnablePageFlip" "off"<br />
EndSection<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in gnome shell, and causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit '''/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js''' and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== No event sounds for Empathy and other programs ===<br />
<br />
If you are using [[OSS]], you may want to install {{AUR|libcanberra-oss}} from the [[AUR]].<br />
<br />
=== Editing hotkeys via can-change-accels fails ===<br />
<br />
It is also possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at {{ic|~/.config/Thunar/accels.scm}}, whereas Nautilus's is located at {{ic|~/.gnome2/accels/nautilus}}. The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
<br />
=== Panels do not respond to right-click in fallback mode ===<br />
<br />
Check Configuration Editor: /apps/metacity/general/mouse_button_modifier. This modifier key ({{Keypress|Alt}}, {{Keypress|Super}}, etc) used for normal windows is also used by panels and their applets.<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Windows --> Hide all normal windows<br />
<br />
=== Nautilus does not start ===<br />
<br />
# Press {{keypress|ALT}}+{{keypress|F2}}<br />
# Enter {{ic|gnome-tweak-tool}}<br />
# Select the ''File Manager'' tab.<br />
# Locate option ''Have file manager handle the desktop'' and assure it is toggled '''off'''.<br />
<br />
=== Epiphany does not play Flash videos ===<br />
<br />
Adobe Flash Player is buggy and does not work directly in Epiphany. See [[Epiphany#Flash]] for a workaround involving nspluginwrapper.<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it can't unlock it. If the touchpad gets locked you can do the following to unlock it.<br />
# Start a terminal. You can do this by pressing {{keypress|ALT}}+{{keypress|F2}} , then typing {{ic|gnome-terminal}} and then pressing {{keypress|ENTER}}<br />
# Type in the following command<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== Ctrl+V pastes path instead of file in Nautilus ===<br />
<br />
If you are affected by this issue, edit {{ic|~/.gnome2/accels/nautilus}} where you can find two lines for {{Keypress|Ctrl}}+{{Keypress|V}}:<br />
{{hc|~/.gnome2/accels/nautilus|<nowiki><br />
(gtk_accel_path "<Actions>/DirViewActions/Paste" "<Control>v")<br />
...<br />
(gtk_accel_path "<Actions>/ClipboardActions/Paste" "<Control>v")<br />
</nowiki>}}<br />
<br />
The issue appears to stem from the second entry. Deleting that line may fix the issue temporarily. You might have to re-apply this fix after an update.<br />
<br />
An alternative is to assign a different key combination to one of the actions.<br />
<br />
'''Edit:''' this issue seems to be fixed since Gnome 3.2.x.<br />
<br />
=== Unable to connect to secured Wi-Fi networks ===<br />
<br />
You can see the network connections listing, but choosing an encrypted network fails to show a dialog for key entry. You may need to [[pacman|install]] {{Pkg|network-manager-applet}}. See [[NetworkManager#GNOME|GNOME NetworkManager setup]].<br />
<br />
=== "Any command has been defined 33" ===<br />
<br />
When you press the {{Keypress|Print Screen}} key (sometimes labeled {{Keypress|PrntScr}} or {{Keypress|PrtSc}}) to take a screenshot, and you got "Any command has been defined 33", [[pacman|install]] {{Pkg|metacity}}.<br />
<br />
=== GDM and GNOME use X11 cursors ===<br />
<br />
To fix this issue, you will have to copy and paste these lines as root in a terminal:<br />
# mkdir /usr/share/icons/default<br />
# cd /usr/share/icons/default<br />
# echo "[Icon Theme]" >> index.theme<br />
# echo "Inherits=Adwaita" >> index.theme<br />
<br />
Alternatively, you can install {{AUR|gnome-cursors-fix}} from the [[AUR]].<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>DarioPhttps://wiki.archlinux.org/index.php?title=GNOME&diff=172352GNOME2011-12-04T18:34:04Z<p>DarioP: /* GNOME shell extensions */</p>
<hr />
<div>[[Category:Desktop environments (English)]]<br />
{{i18n|GNOME 3|GNOME}}<br />
[[de:GNOME]]<br />
[[fr:GNOME]]<br />
[[pl:GNOME]]<br />
<br />
{{Article summary start}}<br />
{{Article summary text|GNOME 3 provides a modern desktop, rewritten from scratch, using the GTK3+ toolkit.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Graphical user interface overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|GTK+}}<br />
{{Article summary end}}<br />
<br />
The GNOME Project started from scratch and created a completely new desktop called GNOME 3. It has:<br />
<br />
* A modern visual theme and font<br />
* An activities view providing access to all windows and applications<br />
* A subtle notifications system and a discreet top panel<br />
* Integration with an improved Nautilus file manager<br />
* Integrated desktop services for messaging<br />
* A new system settings application <br />
* An activities search feature<br />
* Features such as snap-like window tiling<br />
<br />
Additional explanations are found on the [http://www.gnome3.org/ official GNOME3 website.]<br />
<br />
== Introduction ==<br />
<br />
GNOME 3 has ''two'' interfaces: '''GNOME Shell,''' the new standard layout; and '''fallback mode.''' Gnome-session automatically detects when your computer is incapable of running Gnome Shell and starts fallback mode when appropriate. <br />
<br />
'''Fallback mode''' is similar to GNOME 2. (Fallback mode uses gnome-panel/Metacity instead of gnome-shell/Mutter.)<br />
<br />
When you are on fallback mode you can still replace GNOME's default window manager with your preferred one.<br />
<br />
==Installation==<br />
<br />
GNOME 3 is in the [extra] repository. The '''gnome''' group contains the core desktop environment and applications, and gnome-extra contains the rest. You likely do not want all of the packages installed, so consider reading the package descriptions before installing them (or just remove them later).<br />
<br />
'''You must install the gnome group'''. gnome-extra does not imply that you want everything in gnome.<br />
<br />
Example:<br />
<br />
# pacman -S gnome<br />
<br />
Chose what applications you are using from gnome-extra. Is not mandatory to install the whole group.<br />
<br />
# pacman -S gnome-extra<br />
<br />
===D-Bus daemon===<br />
The GNOME desktop requires the [[D-Bus]] daemon. Refer to the [[dbus]] article for setup instructions.<br />
<br />
=== Running GNOME ===<br />
<br />
For the best desktop integration, login manager '''GDM''' is recommended. Other login managers (a.k.a. display managers) such as SLiM can be used in place of GDM. Check out the [[Display_Manager|wiki article on display managers]] to learn how desktop environments are started.<br />
<br />
The login manager is a limited process entrusted with duties that impact the system. The [[PolicyKit|PolicyKit wiki article]] addresses the topic of system‑wide access control.<br />
<br />
# pacman -S gdm<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file. Make sure it is the only line (remove the {{ic|if/fi}} block from the standard {{ic|~/.xinitrc}} since the {{ic|if/fi}} block can cause problems) and the only command starting with {{ic|exec}}. See the [[xinitrc| xinitrc wiki article]].<br />
{{hc|~/.xinitrc|<nowiki><br />
#ONLY THIS LINE<br />
exec ck-launch-session gnome-session<br />
</nowiki>}}<br />
<br />
After the {{ic|exec}} command is placed, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME cheat sheet ===<br />
<br />
The GNOME web site has a helpful [https://live.gnome.org/GnomeShell/CheatSheet GNOME Shell cheat sheet] explaining task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{Keypress|Alt}} + {{Keypress|F2}} then {{Keypress|r}} then {{Keypress|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes, such as switching between '''''GNOME Shell''''' and '''''fallback mode,''''' cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
It is common sense — but worth repeating — that valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
=== Overall appearance ===<br />
<br />
GNOME 3 may have "started from scratch", but like most large software projects it is assembled from parts dating to different eras. There is not '''one''' all-encompassing configuration tool. The new ''Systems Settings'' tool is a big improvement over previous control panels. ''System Settings'' is well-organized, but you may find yourself wishing for more control over system appearance.<br />
<br />
You may be familiar with existing configuration tools: some of these still work; many will not. Some settings are not readily exposed for you to change. Indubitably, many settings will migrate to newer tools and/or become exposed as time progresses and the wider community embraces and extends the latest GNOME desktop.<br />
<br />
==== Gsettings ====<br />
<br />
A new command-line tool '''gsettings''' stores data in a binary format, unlike previous tools using XML text. A tutorial [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] explores the power of gsettings.<br />
<br />
==== GNOME tweak tool ====<br />
<br />
This graphical tool customizes fonts, themes, titlebar buttons and other settings. <br />
<br />
# pacman -S gnome-tweak-tool<br />
<br />
Version 3.0.3 only works when gnome-shell is installed (OK if forced to fallback mode). [https://bugzilla.gnome.org/show_bug.cgi?id=647132 Bugzilla bug report here.]<br />
<br />
==== GTK3 theme via settings.ini ====<br />
<br />
Like '''{{ic|~/.gtkrc-2.0}}''' with GTK2+, it is possible to set a GTK3 theme via '''{{ic|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini}}'''.<br />
<br />
Variable {{ic|$XDG_CONFIG_HOME}} is usually set to '''~/.config'''<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of '''gnome-themes-standard.''' Additional GTK3 themes are found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site.] For example:<br />
{{hc|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
gtk-fallback-icon-theme = gnome<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to [[#Restarting_the_shell|restart GNOME shell]] for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation.]<br />
<br />
==== Icon theme ====<br />
<br />
Using gnome-tweak-tool v. 3.0.3 and later, you can place any icon theme you wish to use inside '''{{ic|~/.icons}}'''.<br />
<br />
Usefully, GNOME 3 is compatible with GNOME 2 icon themes, which means you're not stuck with the default icons. To install a new set of icons, copy your desired icon theme's directory to '''{{ic|~/.icons}}'''. As an example:<br />
<br />
$ cp -R /home/user/Desktop/my_icon_theme ~/.icons<br />
<br />
The new theme ''my_icon_theme'' is now selectable using '''gnome-tweak-tool''' under '''''interface.'''''<br />
<br />
Alternatively, you may textually select your icon theme with no need for gnome-tweak-tool. Add the GTK icon theme name to '''{{ic|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini}}'''. Please note, not to use "" as your settings would not be recognised then.<br />
<br />
{{hc|${XDG_CONFIG_HOME}/gtk-3.0/settings.ini|<nowiki>... previous lines ...<br />
<br />
gtk-icon-theme-name = my_new_icon_theme</nowiki>}}<br />
<br />
=== Nautilus ===<br />
<br />
==== Remove folders from the places sidebar ====<br />
<br />
The displayed folders are specified in {{ic|~/.config/user-dirs.dirs}} and can be altered with any editor. An execution of {{ic|xdg-user-dirs-update}} will change them again, thus it may be advisable to set the file permissions to read-only.<br />
<br />
==== Always show text-entry location ====<br />
<br />
The standard Nautilus toolbar shows a button bar interface for path navigation. To enter path locations using the ''keyboard'' you must expose the location text-entry field. This is done by pressing {{Keypress|Ctrl}} + {{Keypress|L}}<br />
<br />
To make the location text-entry field always present, use gsettings as shown. <br />
<br />
$ gsettings set org.gnome.nautilus.preferences always-use-location-entry true<br />
<br />
{{Note| after changing this setting you will not be able to expose the button bar. Only when the setting is '''false''' can both forms of location navigation be employed.}}<br />
<br />
=== GNOME panel ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.shell.clock show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When doing a gnome install, some unwanted icons might appear in the panel. To remove the icons, edit the gnome panel script.<br />
<br />
For example, to remove the '''universal access icon'''. Remove 'ally' from the AREA_ORDER line and comment out the 'ally' line in AREA_SHELL_IMPLEMENTATION<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const STANDARD_STATUS_AREA_ORDER = ['ally', 'keyboard', 'volume', 'network', 'bluetooth', 'battery', 'userMenu'];<br />
const STANDARD_STATUS_AREA_SHELL_IMPLEMENTATION = {<br />
'a11y': imports.ui.status.accessibility.ATIndicator<br />
'volume': imports.ui.status.volume.Indicator,<br />
'battery': imports.ui.status.power.Indicator,<br />
'keyboard': imports.ui.status.keyboard.XKBIndicator,<br />
'userMenu': imports.ui.userMenu.UserMenuButton<br />
};<br />
</nowiki>}}<br />
<br />
to<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const STANDARD_STATUS_AREA_ORDER = ['keyboard', 'volume', 'network', 'bluetooth' 'battery', 'userMenu'];<br />
const STANDARD_STATUS_AREA_SHELL_IMPLEMENTATION = {<br />
//'a11y': imports.ui.status.accessibility.ATIndicator<br />
'volume': imports.ui.status.volume.Indicator,<br />
'battery': imports.ui.status.power.Indicator,<br />
'keyboard': imports.ui.status.keyboard.XKBIndicator,<br />
'userMenu': imports.ui.userMenu.UserMenuButton<br />
};<br />
</nowiki>}}<br />
<br />
save your results and restart the shell to see results<br />
<br />
#alt + F2<br />
#r<br />
#enter<br />
<br />
==== Disable "Suspend" in the status menu ====<br />
<br />
A quick way to do it system-wide for GNOME 3.2 is to change line 539 of {{ic|/usr/share/gnome-shell/js/ui/userMenu.js}}. (For GNOME versions prior to 3.2, look at line 153 of {{ic|/usr/share/gnome-shell/js/ui/statusMenu.js}}.) This change takes effect the next time GNOME Shell is started.<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/userMenu.js|<nowiki><br />
// this._haveSuspend = this._upClient.get_can_suspend(); // Comment this line out.<br />
this._haveSuspend = false; // Use this line instead.<br />
</nowiki>}}<br />
<br />
The above change does not persist after a GNOME version update, however. A more perennial solution is to install the GNOME shell extension {{ic|alternative status menu}} in package {{Pkg|gnome-shell-extension-alternative-status-menu}}.<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command.<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
Install the {{AUR|gnome-shell-system-monitor-applet-git}} extension available in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
Install {{AUR|gnome-shell-extension-weather-git}} from [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like other desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are in '''{{ic|/usr/share/applications}}'''. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. '''Note:''' removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.<br />
<br />
The following command appends one line to a .desktop file and hides its associated icon from Applications view:<br />
<br />
$ echo "NoDisplay=true" >> foo.desktop<br />
<br />
==== Reduce application icon size ====<br />
<br />
One awkward selection of the GNOME designers is their choice of large icons for Applications view. This view is painful when working with a small screen containing many large application icons. There is a way to reduce the icon size. It is done by editing the Gnome-Shell theme.<br />
<br />
Edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. For the default theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
For user themes, edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting_the_shell|restart the GNOME shell.]]<br />
{{hc|gnome-shell.css|<nowiki><br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
<br />
A cloned GNOME Shell theme with smaller icons is available [http://aur.archlinux.org/packages.php?ID=51586 on the AUR].<br />
<br />
==== Disable Activity hot corner hovering ====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit '''{{ic|/usr/share/gnome-shell/js/ui/layout.js}}''' (that was ''panel.js'' in Gnome 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set ''reactive'' to ''false''. Gnome Shell needs to be restarted.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
<br />
# sed -i '/title_vertical_pad/s|value="[0-9]\{1,2\}"|value="0"|g' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
[[#Restarting_the_shell|Restart the GNOME shell.]] This changes vertical padding from 14 to 0, which gives windows a sleeker look.<br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[Official Repositories|official repositories]].<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting is changeable only through '''gconf-editor.'''<br />
<br />
For example, we move the close and minimize buttons to the left side of the titlebar. Open '''gconf-editor''' and locate the '''''desktop.gnome.shell.windows.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (Colon symbol designates the spacer between left side and right side of the titlebar.) Use whichever buttons in whatever order you prefer. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. [[#Restarting_the_shell|Restart the shell]] to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
[[#Restarting_the_shell|Restart the GNOME shell.]] After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{Keypress|Alt}} + {{Keypress|F5}}, {{Keypress|Alt}} + {{Keypress|F10}} or {{Keypress|Alt}} + {{Keypress|Space}} to remedy the situation.<br />
<br />
To prevent '''{{ic|metacity-theme-3.xml}}''' from being overwritten each time package "gnome-themes-standard" is upgraded, add its name to '''{{ic|/etc/pacman.conf}}''' with {{ic|NoUpgrade}}.<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman won't upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values:<br />
<br />
# pacman -S gnome-themes-standard<br />
<br />
=== Login screen ===<br />
<br />
To modify characteristics of the login screen (GDM, the GNOME display manager) the following lines can be executed. The first command allows all users, including "gdm", to access X settings (albeit temporarily). This command creates a temporary vulnerability, so be advised. The second command opens a bash session with the credentials of user "gdm". '''Note:''' for exposition, user gdm's terminal prompt is shown as '''$'''. In actuality, it shows something like -bash-4.2$.<br />
<br />
# xhost +<br />
# su - gdm -s /bin/bash<br />
$ dbus-launch<br />
<br />
The third command prints DBUS_SESSION_BUS_ADDRESS and DBUS_SESSION_BUS_PID. We must export these variables. Either manually export the below two variables shown in the output of dbus-launch like this:<br />
<br />
$ export DBUS_SESSION_BUS_ADDRESS=unix:abstract=/tmp/dbus-Jb433gMQHS,guid=fc14d4bf3d000e38276a5a2200000d38<br />
$ export DBUS_SESSION_BUS_PID=4283<br />
<br />
Or use the follow command:<br />
<br />
$ `dbus-launch | sed "s/^/export /"`<br />
<br />
Check to see if dconf-service is running and if not, start it like this<br />
<br />
$ /usr/lib/dconf/dconf-service &<br />
<br />
==== Login background image ====<br />
<br />
Once session variables have been exported as explained above, you may issue commands to retrieve or set items used by GDM. <br />
<br />
The easiest way to changes all the settings is by launching the Configuration Editor gui with the command<br />
<br />
$ dconf-editor<br />
<br />
The location of each setting is the same as in the command line style of configuration shown below:<br />
<br />
The following is the command-line approach to retrieve or set the file name used for GDM's wallpaper.<br />
{{bc|<nowiki><br />
$ GSETTINGS_BACKEND=dconf gsettings get org.gnome.desktop.background picture-uri<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.background picture-uri 'file:///usr/share/backgrounds/gnome/SundownDunes.jpg'<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.background picture-options 'zoom'<br />
## Possible values: centered, none, scaled, spanned, stretched, wallpaper, zoom</nowiki>}}<br />
Note: You must specify a file which user "gdm" has permission to read. GDM cannot read files in your home directory.<br />
<br />
An alternative graphical interface to changing themes (gtk3, icons and cursor), the wallpaper and minor other settings of the GDM login screen, you can install [https://aur.archlinux.org/packages.php?ID=50232 gdm3setup] from AUR.<br />
<br />
==== Larger font for login ====<br />
<br />
This tweak enlarges the login font with a scaling factor. It is the same method employed by ''Accessibility Manager'' on the desktop.<br />
<br />
You must [[#Login_screen|export the GDM session variables]] before performing this tweak.<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.interface text-scaling-factor '1.25'<br />
<br />
==== Turning off the sound ====<br />
<br />
This tweak disables the audible feedback heard when the system volume is adjusted (via keyboard) on the login screen. You must first export the GDM session variables.<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.desktop.sound event-sounds 'false'<br />
<br />
If the above tweak does not work for you or you are unable to export the GDM session variables, there is always the easiest solution to the "ready sound" problem: mute or lower the sound while in GDM login screen using the media keys (if available) of your keyboard.<br />
<br />
==== Make the power button interactive ====<br />
<br />
The default installation sets the power button to suspend the system. '''''Power off''''' or '''''Show dialog''''' is a better choice. You must first export the GDM session variables as [[#Login_screen|outlined previously.]]<br />
<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.settings-daemon.plugins.power button-power 'interactive'<br />
$ GSETTINGS_BACKEND=dconf gsettings set org.gnome.settings-daemon.plugins.power button-hibernate 'interactive'<br />
$ gsettings list-recursively org.gnome.settings-daemon.plugins.power<br />
<br />
==== GDM keyboard layout ====<br />
<br />
GDM does not know about your GNOME 3 desktop keyboard settings. To change keyboard settings used by GDM, set your layout using Xorg configuration. Refer to this section of the [[Beginners'_Guide#Non-US_keyboard|Beginner's Guide.]]<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Miscellaneous settings ==<br />
<br />
==== Automatic program launch upon logging in ====<br />
<br />
Specify which programs start automatically after logging in using {{ic|gnome-session-properties}}. This tool is part of the {{Pkg|gnome-session}} package.<br />
<br />
$ gnome-session-properties<br />
<br />
==== Activate NumLock upon logging in ====<br />
<br />
[[pacman|Install]] {{Pkg|numlockx}} from the [[Official Repositories|official repositories]]. Then, add a start-up command to launch {{ic|numlockx}}.<br />
$ gnome-session-properties<br />
<br />
The above command opens the '''Startup Applications Preferences''' applet. Click '''''Add''''' and enter the following:<br />
<br />
{| border="0"<br />
| Name: || ''Numlockx''<br />
|-<br />
| Command: || ''/usr/bin/numlockx on''<br />
|-<br />
| Comment: || ''Turns on numlock.''<br />
|}<br />
<br />
This is not a system-wide appearance tweak. Repeat these steps for each user wishing to activate NumLock after logging in.<br />
<br />
==== Move dialog windows ====<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions written by others. These provide features such as a dock or a widget for changing the theme. <br />
<br />
Many extensions are collected hosted at [https://extensions.gnome.org/ gnome.org]. They can be browsed and installed simply activating them in the browser.<br />
<br />
Other details on available extensions are found at the [http://www.webupd8.org/2011/04/gnome-shell-extensions-additional.html WEBUPD8] site. The most recent articles can be found using this [http://www.webupd8.org/search/label/gnome%20shell%20extensions?max-results=20 WEBUPD8 search link.]<br />
<br />
The [[Official Repositories|official repositories]] have a dozen extensions which can be installed individually. (The latest version of a given extension may be installed using its code snapshot, if preferred.) [http://www.archlinux.org/packages/?sort=&q=gnome-shell-extension&maintainer=&last_update=&flagged=&limit=50 List here.]<br />
<br />
$ pacman -Ss gnome-shell-extension<br />
<br />
Other useful extensions provided in the [[AUR]]:<br />
<br />
{| border="1"<br />
| {{AUR|gnome-shell-extension-presentation-mode-git}} || Adds option to inhibit screensaver in the power menu (battery icon).<br />
|-<br />
| {{AUR|gnome-shell-extension-weather-git}} || Displays weather notifications.<br />
|-<br />
| {{AUR|gnome-shell-extension-alternative-status-menu-git}} || Adds "Hibernate" and "Power Off" to the status menu.<br />
|-<br />
| {{AUR|gnome-shell-extension-theme-selector}} || Select a theme in the Activities overview.<br />
To install a custom theme with GNOME Tweak Tool, you need to install the {{Pkg|gnome-shell-extension-user-theme}} package from the [[Official Repositories|official repositories]].<br />
|-<br />
|{{AUR|gnome-shell-frippery}} || An unofficial extension pack providing GNOME2 like features for GNOME3.<br />
|}<br />
<br />
[[#Restarting_the_shell|Restart the GNOME Shell]] after installing an extension. See [[#When_an_extension_breaks_GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default terminal ===<br />
<br />
{{ic|gsettings}}, which replaces {{ic|gconftool-2}} in GNOME 3, is used to set e.g. the default terminal manually. The setting is relevant for ''nautilus-open-terminal''.<br />
The commands for [[rxvt-unicode|urxvt]] run as daemon:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|For ''nautilus-open-terminal'', you may need a flag (e.g. {{ic|-e}}) to indicate that a command will follow: ''nautilus-open-terminal'' passes a {{ic|cd}} command in order to change directories to the appropriate location.}}<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== xmonad ===<br />
<br />
[[xmonad]] is a tiling window manager.<br />
<br />
Upgrading to GNOME 3 will likely break your xmonad setup. You can use xmonad again by [[#Enabling_fallback_mode|forcing fallback mode]] and creating two files:<br />
<br />
{{hc|/usr/share/gnome-session/sessions/xmonad.session|<nowiki>[GNOME Session]<br />
Name=Xmonad session<br />
RequiredComponents=gnome-panel;gnome-settings-daemon;<br />
RequiredProviders=windowmanager;notifications;<br />
DefaultProvider-windowmanager=xmonad<br />
DefaultProvider-notifications=notification-daemon</nowiki>}}<br />
<br />
{{hc|/usr/share/xsessions/xmonad-gnome-session.desktop|<nowiki>[Desktop Entry]<br />
Name=Xmonad GNOME<br />
Comment=Tiling window manager<br />
TryExec=/usr/bin/gnome-session<br />
Exec=gnome-session --session=xmonad<br />
Type=XSession</nowiki>}}<br />
<br />
The next time you log in, you should have the ability to choose ''Xmonad GNOME'' as your session.<br />
<br />
=== wmii ===<br />
<br />
[[wmii]] is a tiling window manager.<br />
<br />
You can use wmii with gnome by [[#Enabling_fallback_mode|forcing fallback mode]] and creating three files:<br />
<br />
{{hc|/usr/share/applications/wmii.desktop|<nowiki><br />
[Desktop Entry]<br />
Version=1.0<br />
Type=Application<br />
Name=wmii<br />
TryExec=wmii<br />
Exec=wmii</nowiki>}}<br />
<br />
{{hc|/usr/share/xsessions/gnome-wmii.desktop|<nowiki><br />
[Desktop Entry]<br />
Name=GNOME-wmii<br />
Comment=GNOME with wmii as window manager<br />
TryExec=gnome-session<br />
Exec=gnome-session --session=wmii<br />
Type=Application</nowiki>}}<br />
<br />
{{hc|/usr/share/gnome-session/sessions/wmii.session|<nowiki><br />
[GNOME Session]<br />
Name=wmii<br />
RequiredComponents=gnome-panel;gnome-settings-daemon;<br />
RequiredProviders=windowmanager;notifications;<br />
DefaultProvider-windowmanager=wmii<br />
DefaultProvider-notifications=notification-daemon</nowiki>}}<br />
<br />
The next time you log in, you should have the ability to choose ''GNOME-wmii'' as your session.<br />
<br />
The original info was taken from [http://makandra.com/notes/1367-running-the-awesome-window-manager-within-gnome running-the-awesome-window-manager-within-gnome], go there for info on awesome-gnome.<br />
<br />
Also it has info on how to:<br />
<br />
- create a per session (wmii, GNOME, GNOME-wmii, etc.) dconf database (useful if you ever plan on using regular GNOME)<br />
<br />
- Remove the bottom GNOME panel (with the task list)<br />
<br />
- Move the top panel (with the menus) to the bottom<br />
<br />
- Untick the expand option<br />
<br />
- Set it to autohide<br />
<br />
== Hidden features ==<br />
<br />
GNOME 3 hides many useful options which you can customize with '''dconf-editor.''' GNOME 3 also supports '''gconf-editor''' for settings that have not yet migrated to dconf.<br />
<br />
=== Changing hotkeys ===<br />
<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
<br />
The default assignment is a somewhat-awkward {{Keypress|Ctrl}} + {{Keypress|Delete}}.<br />
<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{Keypress|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{Keypress|Delete}} to make the new accelerator be the Delete key.<br />
<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Shutdown via the status menu ===<br />
<br />
Currently, the GNOME designers have hidden the ''Shutdown'' option inside the status menu. To shut down your system with the status menu, click the menu and hold down the {{Keypress|Alt}} key so that the '''''Suspend''''' item changes to '''''Power Off'''''. The subsequent dialog allows you to shut down or restart your system.<br />
<br />
If you disable the Suspend menu item system-wide as described [[#Disable_"Suspend"_in_the_status_menu|elsewhere in this document]] you do not have to go through these motions.<br />
<br />
Another option is to install the ''Alternative Status Menu'' extension. See the section on shell extensions. The alternative menu extension installs a new status menu with a non-hidden '''''Power Off''''' entry.<br />
<br />
== Integrated messaging (Empathy) ==<br />
<br />
Empathy, the engine behind integrated messaging, and all system settings based on messaging accounts will not show up unless the '''telepathy''' group of packages or at least one of the backends ('''telepathy-gabble''', or '''telepathy-haze''', for example) is installed.<br />
<br />
These packages are not included in default Arch GNOME installs. You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the /usr/bin/empathy-accounts application can remain running and will need to be killed before you can add any new accounts.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components Freedesktop.org Telepathy Wiki.]<br />
<br />
== Enabling fallback mode ==<br />
<br />
Your session automatically starts in fallback mode when '''gnome-shell''' is not present, or when your hardware cannot handle graphics acceleration — such as running within a virtual machine or running on old hardware.<br />
<br />
If you wish to enable fallback mode while still having '''gnome-shell''' installed, make the following system change:<br />
<br />
Open '''gnome-control-center.''' Click the ''System Info'' icon. Click Graphics. Change ''Forced Fallback Mode'' to {{ic|ON.}}<br />
<br />
You can alternatively choose the type of session from a terminal with a ''gsettings'' command:<br />
<br />
$ gsettings set org.gnome.desktop.session session-name 'gnome-fallback'<br />
<br />
You may want to log out after making the change. You will see the chosen type of session upon your next login.<br />
<br />
To disable forced-fallback mode (that is, launch the normal GNOME Shell) use a value of 'gnome' instead of 'gnome-fallback'.<br />
<br />
== Troubleshooting ==<br />
<br />
=== GNOME login takes a very long time ===<br />
<br />
See if you enabled ''PulseAudio Network'' settings in '''paprefs'''. When any network audio settings are enabled, GNOME hangs about a minute after logging in.<br />
<br />
One solution is to create a new user account and log in to that account. Another solution is to move your {{ic|~/.gconf}}, {{ic|~/.gconfd}} and {{ic|~/.conf/dconf}} folders to a holding area. Log in again to see if the delay is gone.<br />
<br />
If the excessive delay is gone, determine which setting causes the delay using trial-and-error.<br />
<br />
=== When an extension breaks GNOME ===<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of '''{{ic|~/.local/share/gnome‑shell/extensions,}}''' '''{{ic|/usr/share/gnome‑shell/extensions,}}''' or '''{{ic|/usr/local/share/gnome‑shell/extensions}}'''. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on Gnome Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
=== Extensions do not work after GNOME 3 update ===<br />
<br />
Locate the folder where your extensions are installed. It might be '''{{ic|~/.local/share/gnome-shell/extensions}}''' or '''{{ic|/usr/share/gnome-shell/extensions}}'''.<br />
<br />
Edit each occurrence of '''{{ic|metadata.json}}''' which appears in each extension sub-folder. <br />
<br />
{| border="0"<br />
| Insert: || '''{{ic|"shell-version": ["3.0"]}}'''<br />
|-<br />
| Instead of (for example): || '''{{ic|"shell-version": ["3.0.1"]}}'''<br />
|-<br />
| You might instead use: || '''{{ic|"shell-version": ["3.0.0", "3.0.1", "3.0.2"]}}'''<br />
|}<br />
<br />
<br />
'''"3.0"''' is the best solution. It indicates the extension works with every '''''3.0.x''''' GNOME Shell version.<br />
<br />
=== Screen is not locked after resume ===<br />
<br />
Screen lock only works when you suspend through GNOME's status menu. If you suspend or hibernate using the power button, your screen is not locked after resume. The problem is a configuration failure in dconf.<br />
<br />
Open ''dconf-editor'' and uncheck '''{{ic|lock-use-screensaver}}''' in the key named ''org.gnome.power-manager.''<br />
<br />
# gsettings set org.gnome.power-manager lock-use-screensaver 'false'<br />
<br />
Your screen should now be locked after resume whether you used the status menu, the power button, or a key combination. Bug report: [https://bugzilla.redhat.com/show_bug.cgi?id=698135#c8 Screen gets no more locked after suspend #Comment 8]<br />
<br />
=== GTK2+ apps show segfaults and fail to launch ===<br />
<br />
That usually happens when '''oxygen-gtk''' is installed. This theme appears to conflict with GNOME 3 or GTK3 settings. When '''oxygen-gtk''' has been set as a GTK2 theme, GTK2 apps segfault with errors like these:<br />
<br />
{{bc| (firefox-bin:14345): GLib-GObject-WARNING **: invalid (NULL) pointer instance<br />
<br />
(firefox-bin:14345): GLib-GObject-CRITICAL **: g_signal_connect_data: assertion `G_TYPE_CHECK_INSTANCE (instance)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_default_colormap: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_colormap_get_visual: assertion `GDK_IS_COLORMAP (colormap)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_default_colormap: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_root_window: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_screen_get_root_window: assertion `GDK_IS_SCREEN (screen)' failed<br />
(firefox-bin:14345): Gdk-CRITICAL **: IA__gdk_window_new: assertion `GDK_IS_WINDOW (parent)' failed<br />
Segmentation fault<br />
}}<br />
<br />
The current workaround is to remove '''oxygen-gtk''' from the system and use a different theme for applications.<br />
<br />
=== ATI Catalyst driver creates glitches and artifacts ===<br />
<br />
For the moment, Catalyst is not proposed to be used while running GNOME Shell. The opensource ATI driver, xf86-video-ati, however, seems to be working properly with the GNOME 3 composited desktop.<br />
<br />
Note: Fix is promised with Catalyst 11.9. See http://ati.cchtml.com/show_bug.cgi?id=99<br />
<br />
=== xf86-video-ati driver: flickers from time to time ===<br />
<br />
If you use that driver, your desktop might flicker a lot when you hover the bottom right corner, and also when you start up gdm.<br />
Write the following in your '''{{ic|/etc/X11/xorg.conf.d/20-radeon.conf}}''' and see if it works then:<br />
<br />
Section "Device"<br />
Identifier "Radeon"<br />
Driver "radeon"<br />
Option "EnablePageFlip" "off"<br />
EndSection<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in gnome shell, and causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit '''/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js''' and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== No event sounds for Empathy and other programs ===<br />
<br />
If you are using [[OSS]], you may want to install {{AUR|libcanberra-oss}} from the [[AUR]].<br />
<br />
=== Editing hotkeys via can-change-accels fails ===<br />
<br />
It is also possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at {{ic|~/.config/Thunar/accels.scm}}, whereas Nautilus's is located at {{ic|~/.gnome2/accels/nautilus}}. The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
<br />
=== Panels do not respond to right-click in fallback mode ===<br />
<br />
Check Configuration Editor: /apps/metacity/general/mouse_button_modifier. This modifier key ({{Keypress|Alt}}, {{Keypress|Super}}, etc) used for normal windows is also used by panels and their applets.<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Windows --> Hide all normal windows<br />
<br />
=== Nautilus does not start ===<br />
<br />
# Press {{keypress|ALT}}+{{keypress|F2}}<br />
# Enter {{ic|gnome-tweak-tool}}<br />
# Select the ''File Manager'' tab.<br />
# Locate option ''Have file manager handle the desktop'' and assure it is toggled '''off'''.<br />
<br />
=== Epiphany does not play Flash videos ===<br />
<br />
Adobe Flash Player is buggy and does not work directly in Epiphany. See [[Epiphany#Flash]] for a workaround involving nspluginwrapper.<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it can't unlock it. If the touchpad gets locked you can do the following to unlock it.<br />
# Start a terminal. You can do this by pressing {{keypress|ALT}}+{{keypress|F2}} , then typing {{ic|gnome-terminal}} and then pressing {{keypress|ENTER}}<br />
# Type in the following command<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== Ctrl+V pastes path instead of file in Nautilus ===<br />
<br />
If you are affected by this issue, edit {{ic|~/.gnome2/accels/nautilus}} where you can find two lines for {{Keypress|Ctrl}}+{{Keypress|V}}:<br />
{{hc|~/.gnome2/accels/nautilus|<nowiki><br />
(gtk_accel_path "<Actions>/DirViewActions/Paste" "<Control>v")<br />
...<br />
(gtk_accel_path "<Actions>/ClipboardActions/Paste" "<Control>v")<br />
</nowiki>}}<br />
<br />
The issue appears to stem from the second entry. Deleting that line may fix the issue temporarily. You might have to re-apply this fix after an update.<br />
<br />
An alternative is to assign a different key combination to one of the actions.<br />
<br />
'''Edit:''' this issue seems to be fixed since Gnome 3.2.x.<br />
<br />
=== Unable to connect to secured Wi-Fi networks ===<br />
<br />
You can see the network connections listing, but choosing an encrypted network fails to show a dialog for key entry. You may need to [[pacman|install]] {{Pkg|network-manager-applet}}. See [[NetworkManager#GNOME|GNOME NetworkManager setup]].<br />
<br />
=== "Any command has been defined 33" ===<br />
<br />
When you press the {{Keypress|Print Screen}} key (sometimes labeled {{Keypress|PrntScr}} or {{Keypress|PrtSc}}) to take a screenshot, and you got "Any command has been defined 33", [[pacman|install]] {{Pkg|metacity}}.<br />
<br />
=== GDM and GNOME use X11 cursors ===<br />
<br />
To fix this issue, you will have to copy and paste these lines as root in a terminal:<br />
# mkdir /usr/share/icons/default<br />
# cd /usr/share/icons/default<br />
# echo "[Icon Theme]" >> index.theme<br />
# echo "Inherits=Adwaita" >> index.theme<br />
<br />
Alternatively, you can install {{AUR|gnome-cursors-fix}} from the [[AUR]].<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>DarioP