https://wiki.archlinux.org/api.php?action=feedcontributions&user=Entidi&feedformat=atomArchWiki - User contributions [en]2024-03-28T11:20:58ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=GNOME/Keyring&diff=212748GNOME/Keyring2012-07-12T18:49:13Z<p>Entidi: /* Use Without GNOME */ Xfce silently loads gpg-agent/ssh-agent</p>
<hr />
<div>[[Category:Daemons and system services]]<br />
[[Category:Desktop environments]]<br />
{{stub}}<br />
<br />
The GNOME Keyring stores passwords in an encrypted file that can be accessed by applications.<br />
<br />
== Manage using GUI ==<br />
pacman -S seahorse<br />
It is possible to leave the GNOME keyring password blank. In seahorse, on the Passwords tab, right click on "Passwords: login" and pick "Change password." Enter the old password and leave empty the new password. You will be warned about using unencrypted storage; continue by pushing "Use Unsafe Storage."<br />
<br />
== Use Without GNOME ==<br />
It is possible to use GNOME Keyring without the rest of the GNOME desktop. To do this, add the following to your {{ic|~/.xinitrc}} file:<br />
# Start a D-Bus session<br />
source /etc/X11/xinit/xinitrc.d/30-dbus<br />
# Start GNOME Keyring<br />
eval $(/usr/bin/gnome-keyring-daemon --start --components=gpg,pkcs11,secrets,ssh)<br />
# You probably need to do this too:<br />
export SSH_AUTH_SOCK<br />
export GPG_AGENT_INFO<br />
export GNOME_KEYRING_CONTROL<br />
export GNOME_KEYRING_PID<br />
See {{bug|13986}} for more info.<br />
<br />
On [[Xfce]] you may need to disable {{ic|gpg-agent}}, silently [http://docs.xfce.org/xfce/xfce4-session/advanced loaded at startup] by {{ic|xfce4-session}}, otherwise the above environment variables will be overwritten. Execute the following command, then log out and log in again:<br />
xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -n -t bool -s false<br />
<br />
== SSH Keys ==<br />
To add your SSH key:<br />
<br />
$ ssh-add ~/.ssh/id_dsa<br />
Enter passphrase for /home/mith/.ssh/id_dsa:<br />
<br />
To list automatically loaded keys:<br />
<br />
$ ssh-add -L<br />
<br />
To disable all keys;<br />
<br />
$ ssh-add -D<br />
<br />
Now when you connect to a server, the key will be found and a dialog will popup asking you for the passphrase. It has an option to automatically unlock the key when you login. If you check this you will not need to enter your passphrase again!<br />
<br />
== The gnome-keyring dialog does not appear in some terminals when connecting with SSH ==<br />
Solution:<br />
<br />
Add the following lines to your {{ic|~/.bashrc}}<br />
<br />
SSH_AUTH_SOCK=`netstat -xl | grep -o "$HOME"'/.cache/keyring-.*/ssh$'`<br />
[ -z "$SSH_AUTH_SOCK" ] || export SSH_AUTH_SOCK<br />
<br />
If you run on your terminal the following:<br />
<br />
echo $SSH_AUTH_SOCK<br />
<br />
will return something like the following:<br />
<br />
/home/USER/.cache/keyring-ABCDEF/ssh<br />
<br />
Now when you connect with ssh, gnome-keyring dialog will launch the "entry of the passphrase"<br />
<br />
== Unlock at Startup ==<br />
GNOME's login manager ({{pkg|gdm}}) will automatically unlock the keyring once you log in; for others it is not so easy.<br />
<br />
For SLiM, see [[SLiM#SLiM_and_Gnome_Keyring]], This method works for KDM as well, but you need to edit {{ic|/etc/pam.d/kde}} instead of {{ic|/etc/pam.d/slim}}.<br />
<br />
If you are using automatic login, then you can disable the keyring manager by setting a blank password on the login keyring. '''Note''': your passwords will be stored unencrypted if you do this.<br />
<br />
== Useful Tools ==<br />
=== gnome-keyring-query ===<br />
{{AUR|gnome-keyring-query}} from the AUR provides a simple command-line tool for querying passwords from the password store of the GNOME Keyring.</div>Entidihttps://wiki.archlinux.org/index.php?title=Apache_HTTP_Server&diff=72041Apache HTTP Server2009-07-14T23:37:24Z<p>Entidi: /* MySQL */ To specify a user, mysql and mysqladmin expect -u, not -U</p>
<hr />
<div>[[Category:Networking (English)]]<br />
[[Category:HOWTOs (English)]]<br />
{{i18n_links_start}}<br />
{{i18n_entry|English|LAMP}}<br />
{{i18n_entry|Español|LAMP (Español)}}<br />
{{i18n_entry|Italiano|LAMP (Italiano)}}<br />
{{i18n_entry|Türkçe|LAMP_(Türkçe)}}<br />
{{i18n_entry|Русский|LAMP (russian)}}<br />
{{i18n_entry|Česky|LAMP_(Česky)}}<br />
{{i18n_entry|简体中文|LAMP(简体中文)}}<br />
{{i18n_links_end}}<br />
<br />
== Introduction ==<br />
This document describes how to set up the Apache web server on an Arch Linux system. It also tells how to optionally install PHP and MySQL and integrate these in the Apache server. This combination is commonly referred to as LAMP (Linux Apache MySQL PHP).<br />
<br />
If you only need a web server for development and testing, [[Xampp]] might be a better and easier option.<br />
<br />
== Installation ==<br />
# pacman -S apache php mysql<br />
<br />
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.<br />
{{Box Note | New default user and group: Instead of group "nobody" apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}<br />
<br />
== Configuration ==<br />
=== Apache ===<br />
* Create the user http (this account may already exist):<br />
# useradd http<br />
* Add this line to {{Filename|/etc/hosts}} (If the file doesn't exist, create it.):<br />
127.0.0.1 localhost.localdomain localhost<br />
'''Note:''' If you want a different hostname, append it to the end:<br />
127.0.0.1 localhost.localdomain localhost myhostname<br />
<br />
* Edit {{Filename|/etc/[[rc.conf]]}}: If you set a hostname, the {{Codeline|HOSTNAME}} variable should be the same; otherwise, use {{Codeline|"localhost"}}:<br />
#<br />
# Networking<br />
#<br />
HOSTNAME="localhost"<br />
<br />
* Make sure the hostname appears in /etc/hosts or apache will fail to start. Alternatively, you can<br />
edit {{Filename|/etc/httpd/conf/httpd.conf}} as root and comment the following module:<br />
LoadModule unique_id_module modules/mod_unique_id.so<br />
It should now appear as:<br />
#LoadModule unique_id_module modules/mod_unique_id.so<br />
<br />
<br />
* Run the following in a terminal as root to start the HTTP server:<br />
# /etc/rc.d/httpd start<br />
<br />
* Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page.<br />
<br />
* To start Apache automatically at boot, edit {{Filename|/etc/rc.conf}} as root and add the '''httpd''' daemon:<br />
DAEMONS=(... '''httpd''' ...)<br />
'''Or''' add this line to {{Filename|/etc/rc.local}}:<br />
/etc/rc.d/httpd start<br />
<br />
* If you want to use user directories (i.e. <tt>~/public_html</tt> on the machine is accessed as <tt>http://localhost/~user/</tt>) to be available on the web, uncomment the following lines in {{Filename|/etc/httpd/conf/extra/httpd-userdir.conf}}:<br />
UserDir public_html<br />
and<br />
<Directory /home/*/public_html><br />
AllowOverride FileInfo AuthConfig Limit Indexes<br />
Options MultiViews Indexes SymLinksIfOwnerMatch ExecCGI<br />
<Limit GET POST OPTIONS PROPFIND><br />
Order allow,deny<br />
Allow from all<br />
</Limit><br />
<LimitExcept GET POST OPTIONS PROPFIND><br />
Order deny,allow<br />
Deny from all<br />
</LimitExcept><br />
</Directory><br />
<br />
You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and <tt>~/public_html/</tt> must be executable for others ("rest of the world"). This seems to be enough:<br />
$ chmod o+x ~<br />
$ chmod o+x ~/public_html<br />
<br />
There may be some other, more-secure ways of setting the permissions by creating a special group and allowing only Apache and you to enter there... You know how paranoid you are.<br />
<br />
==== Advanced Options====<br />
<br />
These options in {{Filename|/etc/httpd/conf/httpd.conf}} might be interesting for you:<br />
<br />
# Listen 80<br />
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.<br />
<br />
# ServerAdmin sample@sample.com<br />
This is the admin's email-address which can be found on error-pages e.g.<br />
<br />
# DocumentRoot "/srv/http"<br />
This is the directory where you should put your web pages. Change it, if you want to, but don't forget to change the<br />
<br />
<Directory "/srv/http"><br />
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root.<br />
<br />
=== PHP ===<br />
PHP is practically available out of the box now.<br />
<br />
* Add these line in {{Filename|/etc/httpd/conf/httpd.conf}}:<br />
LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf<br />
<br />
* If your {{Codeline|DocumentRoot}} is outside of <tt>/home/</tt>, add it to {{Codeline|open_basedir}} in {{Filename|/etc/php/php.ini}} as such:<br />
open_basedir = /home/:/tmp/:/usr/share/pear/:/path/to/documentroot<br />
<br />
Suggestion - Add your document root as follows: this is the default<br />
open_basedir = /srv/http:/home/:/tmp/:/usr/share/pear/<br />
<br />
* Restart the Apache service to make changes take effect (as root):<br />
# /etc/rc.d/httpd restart<br />
<br />
* Test PHP with a simple, but very informative script:<br />
<html><br />
<head><br />
<title>PHP Test Page</title><br />
</head><br />
<body><br />
This is Arch Linux, running PHP.<br />
<?php<br />
phpinfo();<br />
?><br />
</body><br />
</html><br />
<br />
Save this file as {{Filename|test.php}} and copy to <tt>/srv/http/</tt> or to <tt>~/public_html</tt> if you permitted such a configuration.<!-- Also, remember to make it executable ({{Codeline|chmod o+x test.php}}).--><br />
<br />
* Test PHP: http://localhost/test.php or http://localhost/~myname/test.php<br />
<br />
==== Advanced options ====<br />
* Remember to add a file handler for .phtml if you need it in {{Filename|/etc/httpd/conf/extra/php5_module.conf}}:<br />
DirectoryIndex index.php index.phtml index.html<br />
<br />
* If you want the libGD module, uncomment in {{Filename|/etc/php/php.ini}}:<br />
;extension=gd.so<br />
to<br />
extension=gd.so<br />
Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.<br />
<br />
* If you want to display errors to debug your php code, change this line of {{Filename|/etc/php/php.ini}}:<br />
display_errors = Off<br />
to<br />
display_errors = On<br />
<br />
* If you want the mcrypt module, uncomment in {{Filename|/etc/php/php.ini}}:<br />
;extension=mcrypt.so<br />
to<br />
extension=mcrypt.so<br />
Make sure you have libmcrypt installed:<br />
# pacman -S libmcrypt<br />
Also, there have been issues with getting mcrypt to work with php if you don't have libtool installed:<br />
# pacman -S libtool<br />
<br />
=== MySQL ===<br />
* Configure MySQL as described at the [[MySQL]] wiki.<br />
<br />
* Edit {{Filename|/etc/php/php.ini}} (this is in <tt>/usr/etc</tt> on older systems) to uncomment the following line (''By removing {{Codeline|;}}''):<br />
;extension=mysql.so<br />
<br />
* Caution: Some users have reported typos on this line. Please make sure that it reads {{Codeline|;extension&#61;mysql.so}} and not {{Codeline|;extension&#61;msql.so}}.<br />
<br />
* You can add minor privileged users for your web scripts by editing the tables found in the <tt>mysql</tt> database. You have to restart MySQL for changes to take effect. Don't forget to check the {{Codeline|mysql/users}} table. If there's a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.<br />
<br />
* Run in terminal (as root):<br />
# /etc/rc.d/mysqld start<br />
<br />
* You may also need to restart Apache. Run in terminal (as root):<br />
# /etc/rc.d/httpd restart<br />
<br />
* MySQL should now be running. Set the root password and test it by running<br />
# mysqladmin -uroot password ''password''<br />
# mysql -uroot -p''password''<br />
<br />
Type ''exit'' to exit from the CLI MySQL client<br />
<br />
* Edit {{Filename|/etc/rc.conf}} (to start MySQL at boot):<br />
DAEMONS=(... '''mysqld''' ...)<br />
'''Or''' add this line to {{Filename|rc.local}}:<br />
/etc/rc.d/mysqld start<br />
<br />
* You can get the {{Codeline|"error no. 2013: Lost Connection to mysql server during query"}} message instantly whenever you try to connect to the MySQL daemon by TCP/IP. This is the TCP wrappers system (tcpd), which uses the <tt>hosts_access(5)</tt> system to allow or disallow connections.<br />
<br />
* If you're running into this problem, be sure to add this to your {{Filename|/etc/hosts.allow}} file:<br />
# mysqld : ALL : ALLOW<br />
# mysqld-max : ALL : ALLOW<br />
# and similar for the other MySQL daemons.<br />
<br />
* Notes: The examples above are the simplest case, telling tcpd to allow connections from anywhere. You may wish to use a more-appropriate choice of permissible sources instead of ALL. Just make sure that localhost and the IP address (numeric or DNS) of the interface by which you connect are specified.<br />
<br />
* You might also need to edit {{Filename|/etc/my.cnf}} and comment out the {{Codeline|skip-networking}} line as such:<br />
skip-networking<br />
to<br />
#skip-networking<br />
<br />
== More Resources ==<br />
* [[MySQL]] - Arch wiki article for MySQL<br />
* [[Xampp]] - Self contained web-server that supports PHP, Perl, and MySQL<br />
* http://www.apache.org/<br />
* http://www.php.net/<br />
* http://www.mysql.com/</div>Entidi