https://wiki.archlinux.org/api.php?action=feedcontributions&user=Jack-lijing&feedformat=atomArchWiki - User contributions [en]2024-03-28T10:15:27ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274641NetworkManager (简体中文)2013-09-08T01:34:02Z<p>Jack-lijing: /* Use OpenDNS servers */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''[[OpenNTPD[[''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动[[OpenNTPD]], 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== 将internet连接设置成WIFI网络共享 ===<br />
<br />
你可以适用nm分享你的internet连接(3G或有线),硬件上你需要有WIFI无线网卡(最好基于Atheros AR9xx or at least AR5xx)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== 在cron脚本中检查网络是否OK ===<br />
<br />
某些cron jobs需要在网络OK的状态下工作,你可能希望在网络无法连接时不启动这些cron. 你可以在脚本中使用<br />
NetworkManager's {{ic|nm-tool}} 查询网络状态。 笔记本经常在有线、无线中切换,以下脚本演示了如何处理这种状态 <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== 开启 OpenDNS 服务 ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274640NetworkManager (简体中文)2013-09-08T01:30:54Z<p>Jack-lijing: /* Checking if networking is up inside a cron job or script */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''[[OpenNTPD[[''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动[[OpenNTPD]], 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== 将internet连接设置成WIFI网络共享 ===<br />
<br />
你可以适用nm分享你的internet连接(3G或有线),硬件上你需要有WIFI无线网卡(最好基于Atheros AR9xx or at least AR5xx)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== 在cron脚本中检查网络是否OK ===<br />
<br />
某些cron jobs需要在网络OK的状态下工作,你可能希望在网络无法连接时不启动这些cron. 你可以在脚本中使用<br />
NetworkManager's {{ic|nm-tool}} 查询网络状态。 笔记本经常在有线、无线中切换,以下脚本演示了如何处理这种状态 <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274639NetworkManager (简体中文)2013-09-08T01:03:50Z<p>Jack-lijing: /* Sharing internet connection over wifi */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''[[OpenNTPD[[''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动[[OpenNTPD]], 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== 将internet连接设置成WIFI网络共享 ===<br />
<br />
你可以适用nm分享你的internet连接(3G或有线),硬件上你需要有WIFI无线网卡(最好基于Atheros AR9xx or at least AR5xx)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274638NetworkManager (简体中文)2013-09-08T00:49:30Z<p>Jack-lijing: /* 网络分配器 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''[[OpenNTPD[[''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动[[OpenNTPD]], 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274637NetworkManager (简体中文)2013-09-08T00:47:55Z<p>Jack-lijing: /* 启动 openntpd */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动[[OpenNTPD]], 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274636NetworkManager (简体中文)2013-09-08T00:46:53Z<p>Jack-lijing: /* 代理设置 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用[[GNOME]],你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274635NetworkManager (简体中文)2013-09-08T00:45:55Z<p>Jack-lijing: /* 缺少默认路由 route */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager [[Wireless_Setup_(简体中文)]]链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=274634NetworkManager (简体中文)2013-09-08T00:43:07Z<p>Jack-lijing: /* VPN not working in Gnome */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
{{注意|请使用 {{ic|1=systemctl --type=service}} 命令察看是否有其它网络配置相关的服务。多个网络配置服务之间会相互冲突。}}<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
===使用 resolv.conf.head 和 resolv.conf.tail ===<br />
<br />
请阅读 [[resolv.conf]] 并确保 NetworkManager 使用的是 {{Pkg|dhcpcd}} 而不是 {{Pkg|dhclient}}。如果要使用 {{Pkg|dhclient}},可以试试[[AUR]]里面的 {{AUR|networkmanager-dispatch-resolv}}。<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== GNOME VPN失效问题 ===<br />
<br />
在[[Gnome]]系统中用NetworkManager 设立[[OpenConnect]]或VPN链接,有时会无法跳出对话框,在/var/log/errors.log中会出现如下错误提示:<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
这是由于Gnome NM Applet在/usr/lib/gnome-shell中读取脚本, 而NetworkManager安装包将脚本安装/usr/lib/networkmanager中.<br />
临时解决方法可以文件夹中创建软连接<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
这种方法对其他类型的NM VPN插件也适用,不过上述两种VPN是最平常的。<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=272874NetworkManager (简体中文)2013-08-28T11:53:47Z<p>Jack-lijing: /* Forget hidden wireless network */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager 阻止 DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
此脚本可以从 [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] 直接获取<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== 删除隐蔽无线网络链接 ===<br />
<br />
因为隐蔽无线网络不出现在无线列表中,所以不能在GUI中删除,你可以试用以下命令:<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
此命令对所用所有连接有效<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=272871NetworkManager (简体中文)2013-08-28T11:49:02Z<p>Jack-lijing: /* Cannot edit connections as normal user */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager 阻止 DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
此脚本可以从 [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] 直接获取<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== 普通用户无法编辑链接 ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271970NetworkManager (简体中文)2013-08-21T12:13:18Z<p>Jack-lijing: /* Troubleshooting */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== 常见问题 ==<br />
<br />
常见问题.<br />
<br />
=== PPTP 通道中无流量 ===<br />
<br />
PPTP连接正常,可以正常看到VPN IP,但是不能ping通远端IP,这是由于Arch pppd缺少MPPE<br />
(Microsoft Point-to-Point Encryption) 支持. 推荐首先使用{{Pkg|ppp}}。<br />
<br />
同时安装 {{AUR|ppp-mppe}}<br />
<br />
=== 网络管理功能失效 ===<br />
<br />
有时NetworkManager关闭了,但对应的pid文件却没有移除,同时你得到提示<br />
'Network management disabled'. 你可以手工处理:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
假如在系统重启后,此现象依然,你可以在<br />
{{ic|/etc/rc.local}}启动过程中添加:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager 阻止 DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
此脚本可以从 [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] 直接获取<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== 静态 IP 设置 变成 DHCP ===<br />
<br />
这里有个BUG,当你将缺省链接设置成静态IP时,{{ic|nm-applet}} 可能不能保存你的IP配置,而自动转变为DHCP模式。<br />
<br />
对于这个问题,你不得不在首先在{{ic|nm-applet}}改变连接的名称(比如将"Auto eth0"变成“my eth0”),去掉“Available to all users”的勾号。输入你的配置IP地址,然后点击“Apply”,这样就能保存你的配置<br />
<br />
如果你不希望默认链接自动连接网络,运行<br />
{{ic|nm-connection-editor}} (''not'' as root). 在链接配置窗口,选中默认配置(eg "Auto eth0") 去掉"Connect automatically". 点击 '''Apply'''.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271967NetworkManager (简体中文)2013-08-21T11:44:57Z<p>Jack-lijing: /* 测试 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271966NetworkManager (简体中文)2013-08-21T11:41:34Z<p>Jack-lijing: /* 代理设置 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
NetworkManager不直接处理代理设置,但是如果你使用GNOME,你可以使用 [http://marin.jb.free.fr/proxydriver/ proxydriver]配合NetworkManager。 {{AUR|proxydriver}}软件包位于 [[AUR]].<br />
<br />
为使proxydriver设置代理,你需要在设置GNOME自动启动进程(<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
参照: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271964NetworkManager (简体中文)2013-08-21T11:36:40Z<p>Jack-lijing: /* 使用分配器在网络连接建立后连接 vpn */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
此部分示例演示如果自动连接到NetworkManager已定义的vpn-connection.首先创建调度脚本定义vpn连接之后的事务<br />
<br />
1、创建调度脚本<br />
{{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
记住,使用chmod +x命令赋予此文本可执行权限,使用正确账户代替username参数.<br />
<br />
2、创建文本<br />
{{ic|/etc/NetworkManager/vpn-up.py}} 将 '''network-ESSID''' 换成你自己的.<br />
<br />
现在NetworkManager可以尝试连接到你账户中定义的vpn了。<br />
<br />
最新版本的NetworkManager已经改变了上述脚本中的python接口,所以以上脚本可能失效。可选方案是使用nmcli命令:<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271934NetworkManager (简体中文)2013-08-21T07:19:32Z<p>Jack-lijing: /* Switching off WLAN on laptops */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== 在笔记本上切换网络 ===<br />
<br />
有时候, NetworkManager在你关闭和开启WIFI适配器后会无法工作,这常常是{{ic|rfkill}}的问题,请从[[official repositories]]安装{{Pkg|rfkill}}并使用<br />
$ watch -n1 rfkill list all<br />
检测驱动{{ic|rfkill}}是否上报无线适配器的状态. 如果你开启适配器后,其标识符仍然显示blocked,你可以尝试如下命令,手动unblock(X是前一条命令的identifier编号)<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271933NetworkManager (简体中文)2013-08-21T07:06:27Z<p>Jack-lijing: /* 没有探测到 3G 模块 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 这可以让NetworkManager支持默认数据库中缺失的硬件模块<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271932NetworkManager (简体中文)2013-08-21T07:03:23Z<p>Jack-lijing: /* 3G modem not detected */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 没有探测到 3G 模块 ===<br />
<br />
如果NetworkManager(从v0.7.999)没有探测到你的3G模块,但是你仍然可以使用[[wvdial]]连接, 可以尝试安装{{Pkg|modemmanager}},并使用{{ic|rc.d restart networkmanager}}重启服务,你可能需要重插或重启你的3G模块, 以支持NetworkManager默认数据库中缺失的硬件模块<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271930NetworkManager (简体中文)2013-08-21T06:49:52Z<p>Jack-lijing: /* Missing default route */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== 缺少默认路由 route ===<br />
<br />
至少在KDE4系统中,当使用NetworkManager建立无线链接时不会建立缺省路由. 可以通过在无线链接路由配置中移除"Use only for resources on this connection"部分解决问题<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271929NetworkManager (简体中文)2013-08-21T06:46:05Z<p>Jack-lijing: /* Hostname problems */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== 主机名 problems ===<br />
在/etc/NetworkManager/NetworkManager.conf加入:<br />
dhcp=dhcpcd<br />
重启服务.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271928NetworkManager (简体中文)2013-08-21T06:18:48Z<p>Jack-lijing: /* DHCP problems */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP 问题 ===<br />
<br />
如果你无法通过DHCP获取IP,尝试在{{ic|/etc/dhclient.conf}}添加如下配置:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
<br />
{{ic|aa:bb:cc:dd:ee:ff}} 是你网卡的MAC地址. MAC地址可以使用{{Pkg|iproute2}} 中的 {{ic|ip link show eth0}} 命令<br />
<br />
对某些不兼容的路由器,你必须在{{ic|/etc/dhcpcd.conf}} (注意此文件有别于{{ic|dhcpd.conf}})文件中注释<br />
require dhcp_server_identifier<br />
这样应该可以工作了,但是如果你的网络中不幸存在多个DHCP服务器的话,你还需要参照 [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] 获取更多信息.<br />
<br />
=== Hostname problems ===<br />
Add the following line to /etc/NetworkManager/NetworkManager.conf:<br />
dhcp=dhcpcd<br />
then restart.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271927NetworkManager (简体中文)2013-08-21T06:09:03Z<p>Jack-lijing: /* Preserving changes to resolv.conf */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== 在resolv.conf中保留改动 ===<br />
<br />
NetworkManager试图将DHCP中获取的DNS信息写入{{ic|/etc/resolv.conf}},导致原文件被覆盖,你可以在文件属性中设置i参数避免文件被修改<br />
# chattr +i /etc/resolv.conf<br />
<br />
如果你要修改此文件,移除i参数:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP problems ===<br />
<br />
If you have problems with getting an IP via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
Where {{ic|aa:bb:cc:dd:ee:ff}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show eth0}} command from the {{Pkg|iproute2}} package.<br />
<br />
For some (incompliant) routers, you will not be able to connect properly unless you comment the line<br />
require dhcp_server_identifier<br />
in {{ic|/etc/dhcpcd.conf}} (note that this file is distinct from {{ic|dhcpd.conf}}). This should not cause issues unless you have multiple DHCP servers on your network (not typical); see [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] for more information.<br />
<br />
=== Hostname problems ===<br />
Add the following line to /etc/NetworkManager/NetworkManager.conf:<br />
dhcp=dhcpcd<br />
then restart.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271926NetworkManager (简体中文)2013-08-21T06:03:31Z<p>Jack-lijing: /* Mount remote folder with sshfs */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== 使用sshfs挂载远程文件夹 ====<br />
以下文本需要在特定环境中运行,为了连接上SSH agent,你必须export SSH_AUTH_SOCK. 这里有几种不同方式, 参照[https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] 获取更多详细信息. 以下示例需要gnome-keyring, 如果gnome-keyring没解锁,将需要你输入密码. 如果networkmanager设置为登录后自动连接, 很有可能因为gnome-keyring还没启动导致失败(转入睡眠). 对应的UUID保持在/etc/NetworkManager/system-connections/<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== Preserving changes to resolv.conf ===<br />
<br />
NetworkManager will attempt to write DNS information from DHCP into {{ic|/etc/resolv.conf}}, overwriting the existing contents. To prevent this, you can set the immutable bit on the file:<br />
# chattr +i /etc/resolv.conf<br />
<br />
To modify the file in the future, first remove the immutable bit:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP problems ===<br />
<br />
If you have problems with getting an IP via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
Where {{ic|aa:bb:cc:dd:ee:ff}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show eth0}} command from the {{Pkg|iproute2}} package.<br />
<br />
For some (incompliant) routers, you will not be able to connect properly unless you comment the line<br />
require dhcp_server_identifier<br />
in {{ic|/etc/dhcpcd.conf}} (note that this file is distinct from {{ic|dhcpd.conf}}). This should not cause issues unless you have multiple DHCP servers on your network (not typical); see [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] for more information.<br />
<br />
=== Hostname problems ===<br />
Add the following line to /etc/NetworkManager/NetworkManager.conf:<br />
dhcp=dhcpcd<br />
then restart.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271925NetworkManager (简体中文)2013-08-21T05:44:36Z<p>Jack-lijing: /* Start openntpd */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== 启动 openntpd ====<br />
以下示例演示如何启动openntpd, 将此保存为文件{{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} ,并且它赋予执行权限<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export SSH_AUTH_SOCK in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] for more information. The example below works with gnome-keyring, and will ask you for the password if not unlocked already. In case networkmanager connects automaticaly on login, it is likely gnome-keyring has not yet started and the export will fail (hence the sleep). The UUID to match can be found in /etc/NetworkManager/system-connections/). <br />
<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== Preserving changes to resolv.conf ===<br />
<br />
NetworkManager will attempt to write DNS information from DHCP into {{ic|/etc/resolv.conf}}, overwriting the existing contents. To prevent this, you can set the immutable bit on the file:<br />
# chattr +i /etc/resolv.conf<br />
<br />
To modify the file in the future, first remove the immutable bit:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP problems ===<br />
<br />
If you have problems with getting an IP via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
Where {{ic|aa:bb:cc:dd:ee:ff}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show eth0}} command from the {{Pkg|iproute2}} package.<br />
<br />
For some (incompliant) routers, you will not be able to connect properly unless you comment the line<br />
require dhcp_server_identifier<br />
in {{ic|/etc/dhcpcd.conf}} (note that this file is distinct from {{ic|dhcpd.conf}}). This should not cause issues unless you have multiple DHCP servers on your network (not typical); see [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] for more information.<br />
<br />
=== Hostname problems ===<br />
Add the following line to /etc/NetworkManager/NetworkManager.conf:<br />
dhcp=dhcpcd<br />
then restart.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=NetworkManager_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271924NetworkManager (简体中文)2013-08-21T05:36:13Z<p>Jack-lijing: /* 设置 PolicyKit 权限 */</p>
<hr />
<div>[[Category:Networking (简体中文)]]<br />
[[Category:简体中文]]<br />
[[cs:NetworkManager]]<br />
[[de:Networkmanager]]<br />
[[en:NetworkManager]]<br />
[[es:NetworkManager]]<br />
[[fr:NetworkManager]]<br />
[[it:NetworkManager]]<br />
[[pt:NetworkManager]]<br />
[[ru:NetworkManager]]<br />
[[tr:NetworkManager]]<br />
{{Article summary start}}<br />
{{Article summary text|网络管理器是简化网络管理的工具,本文介绍网络管理器的安装和配置。}}<br />
{{Article summary heading|概览}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary end}}<br />
{{translateme (简体中文)}}<br />
<br />
[http://projects.gnome.org/NetworkManager/ 网络管理器](NetworManager)是检测网络、自动连接网络的程序。无论是无线还是有线连接,它都可以令您轻松管理。对于无线网络,网络管理器可以自动切换到最可靠的无线网络。利用网络管理器的程序可以自由切换在线和离线模式。网络管理器可以优先选择有线网络,支持 VPN。网络管理器最初由 Redhat 公司开发,现在由 [[GNOME (简体中文)|GNOME]] 管理。<br />
<br />
== 安装 ==<br />
{{Pkg|NetworkManager}} 可以在接在 {{ic|[extra]}} 源中进行安装<br />
# pacman -S networkmanager<br />
<br />
需要 VNC 支持需要从[[official repositories|官方软件仓库]]安装:<br />
* {{Pkg|networkmanager-openvpn}}<br />
* {{Pkg|networkmanager-pptp}}<br />
* {{Pkg|networkmanager-vpnc}}<br />
<br />
== 图形前端 ==<br />
为了方便使用网络管理器进行管理和配置,通常需要安装托盘组件。图形前端往往显示在系统托盘(或通知区域),从而允许用户选择网络或者配置 NetworkManager。各种桌面环境的安装方法如下:<br />
<br />
=== Gnome环境 ===<br />
<br />
Gnome的{{Pkg|network-manager-applet}}是一个轻量级的全能组件,几乎可以运行在所有的桌面环境下。<br />
<br />
如果你想储存验证信息(Wireless/DSL),并提供给所有用户使用,那么您还需要安装和配置[[GNOME Keyring]]<br />
<br />
=== KDE4 ===<br />
<br />
目前已经提供对KDE4的支持<br />
<br />
# pacman -S kdeplasma-applets-networkmanagement<br />
<br />
{{注意|如果您是从另一个网络管理器改变过来的,比如WICD,请不要忘记在 System Settings -> Hardware -> Information Sources中将NetworkManager设置为默认的网络管理器。}}<br />
<br />
如果同时安装了 KNetworkManager 和 nm-applet,在使用 KDE 时不想使用 nm-applet,将下行加入 {{ic|/etc/xdg/autostart/nm-applet.desktop}}<br />
NotShowIn=KDE<br />
<br />
详情参阅 [http://userbase.kde.org/NetworkManagement Userbase 页面]。<br />
<br />
=== XFCE ===<br />
<br />
nm-applet 可以在 XFCE 下正常工作,但是为了可以显示通知信息,''包括错误信息'',<br />
nm-applet 需要一个 Freedesktop 桌面通知扩展(查阅 [http://www.galago-project.org/specs/notification/0.9/index.html])。xfce4-notifyd 就是这么一个扩展。<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd<br />
<br />
如果这个扩展没有运行守护进程,nm-applet 就会输出下面的错误到 stdout/stderr:<br />
<br />
(nm-applet:24209): libnotify-WARNING **: Failed to connect to proxy<br />
** (nm-applet:24209): WARNING **: get_all_cb: couldn't retrieve<br />
system settings properties: (25) Launch helper exited with unknown<br />
return code 1.<br />
** (nm-applet:24209): WARNING **: fetch_connections_done: error<br />
fetching connections: (25) Launch helper exited with unknown return<br />
code 1.<br />
** (nm-applet:24209): WARNING **: Failed to register as an agent:<br />
(25) Launch helper exited with unknown return code 1<br />
<br />
尽管没有通知系统,nm-applet 仍然会正常工作。<br />
<br />
=== Openbox ===<br />
GNOME applet 和 xfce4-notifyd 结合可以很好的工作:<br />
<br />
# pacman -S network-manager-applet xfce4-notifyd hicolor-icon-theme gnome-icon-theme<br />
<br />
如果你想储存验证信息(Wireless/DSL),请安装:<br />
<br />
# pacman -S gnome-keyring<br />
<br />
要让 Openbox {{ic|autostart}} 启动 nm-applet,需要删除文件{{ic|/etc/xdg/autostart/nm-applet.desktop}}。每次更新 network-manager-applet 都需要删除这个文件。<br />
在 {{ic|autostart}} 中加入:<br />
<br />
# (sleep 3 && /usr/bin/nm-applet --sm-disable) &<br />
<br />
=== 其它桌面和窗口管理器 ===<br />
<br />
推荐使用 GNOME 组件,需要安装 GNOME hicolor 主题:<br />
<br />
# pacman -S hicolor-icon-theme gnome-icon-theme<br />
<br />
不使用系统托盘,可以使用 trayer 或 stalonetray。例如,在路径中加入 "nmgui" 脚本:<br />
<br />
#!/bin/sh<br />
nm-applet > /dev/null 2>/dev/null &<br />
stalonetray > /dev/null 2>/dev/null<br />
killall nm-applet<br />
<br />
关闭 stalonetray 窗口时,将会同时关闭 nm-applet,所以完成网络设置后不会使用额外的内存。<br />
<br />
=== 命令行 ===<br />
<br />
网络管理器 0.8.1 版之后包含 [http://manpages.ubuntu.com/manpages/maverick/man1/nmcli.1.html nmcli]<br />
<br />
== 配置==<br />
<br />
NetworkManager 需要做这么几步保证正常运行。<br />
<br />
先验证 {{ic|/etc/hosts}} 配置正确,如果配置不正确,网络管理器可能修改它。示例:<br />
<br />
{{hc|/etc/hosts|<br />
127.0.0.1 localhost<br />
::1 localhost<br />
}}<br />
<br />
=== 禁用当前网络设置 ===<br />
<br />
为了更好测试 NetworkManager,先禁用原来的网络:<br />
<br />
先[[Daemon|禁用]] 网络服务:<br />
<br />
# systemctl stop net-auto-wireless.service<br />
<br />
然后停止当前的服务:<br />
<br />
# systemctl disable net-auto-wireless.service<br />
<br />
最后用 {{Pkg|iproute2}} 工具停用网络接口:<br />
<br />
# ip link set eth0 down<br />
# ip link set wlan0 down<br />
<br />
=== 启用 NetworkManager ===<br />
NetworkManager 守护进程启动后,会自动连接到已经配置的'''系统连接'''。'''用户连接'''或未配置的连接需要通过{{ic|nmcli}}或桌面工具进行配置和连接。 <br />
<br />
开机启用 NetworkManager:<br />
# systemctl enable NetworkManager<br />
<br />
立即启动 NetworkManager:<br />
# systemctl start NetworkManager<br />
<br />
{{注意|个别服务在网络建立前启动会出错,需要使用{{ic|NetworkManager-wait-online.service}}。}}<br />
<br />
=== 设置 PolicyKit 权限 ===<br />
<br />
参照[[General Troubleshooting#Session permissions]]建立一个工作会话. 在工作会话中,你有三种方式授予NetworkManager工作所必须的权限.<br />
<br />
''方式 1.'' 登录后运行[[PolicyKit]]认证代理,比如 {{ic|/usr/lib/polkit-gnome/polkit-gnome-authentication-agent-1}} (part of {{Pkg|polkit-gnome}}). 当你添加和删除一个网络链接时会提示输入密码.<br />
<br />
''方式 2.'' 将你的账户加入{{ic|wheel}}账户组. 管理网络时你将不需要输入密码,但注意你的账户同时被赋予了此账户组的其他权限,比如运行[[sudo]]命令是无需密码.<br />
<br />
''方式 3.'' 将你的账户加入{{ic|network}}账户组,同时创建以下文件:<br />
{{hc|/etc/polkit-1/localauthority/50-local.d/org.freedesktop.NetworkManager.pkla|<nowiki><br />
[nm-applet]<br />
Identity=unix-group:network<br />
Action=org.freedesktop.NetworkManager.*<br />
ResultAny=yes<br />
ResultInactive=no<br />
ResultActive=yes</nowiki>}}<br />
所有在{{ic|network}}账户群中的用户都能免密码管理网络. 但是如果你没有在[[Systemd#Using_systemd-logind|systemd-logind]]中拥有一个活跃会话的话, 在systemd下此方式将失效.<br />
<br />
=== 网络分配器===<br />
<br />
有些服务只有联网时才有意义,例如 '''openntpd''' 网络文件系统挂载('''netfs''')。网络管理器可以在连接网络后启动这些服务,并在网络关闭时停止它们。<br />
<br />
要使用这个功能,可以将脚本加到 {{ic|/etc/NetworkManager/dispatcher.d}} 目录。这些脚本需要有可执行和用户权限。为了安全,可以设置为属于 '''root:root''' 并且只有用户可写。禁用组和其它的写权限,使用 755 mask。否则可能无法执行脚本,在 {{ic|/var/log/messages.log}} 报<br />
nm-dispatcher.action: Script could not be executed: writable by group or other, or set-UID<br />
<br />
脚本将在连接网络时按字母表顺序运行,并在网络停止时反向停止。要保证启动顺序,可以在前面加数字,例如 {{ic|10_portmap}} 或 {{ic|30_netfs}} 这样就能保证 portmapper 在 NFS 挂载之前启动。<br />
<br />
下面脚本启动 openntpd,保存为文件 {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} 并加上执行权限。<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
{{警告|如果没有连接到外部网络,请注意启动的服务和需要它们的程序。如果连接公共网络时启动了错误的服务,可能导致安全问题。}}<br />
<br />
==== Start openntpd ====<br />
The following example starts openntpd when an interface is brought up. Save the file as {{ic|/etc/NetworkManager/dispatcher.d/20_openntpd}} and make it executable.<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
INTERFACE=$1 # The interface which is brought up or down<br />
STATUS=$2 # The new state of the interface<br />
<br />
case "$STATUS" in<br />
'up') # $INTERFACE is up<br />
exec /etc/rc.d/openntpd start<br />
;;<br />
'down') # $INTERFACE is down<br />
# Check for active interface and down if no one active<br />
if [ ! `nm-tool|grep State|cut -f2 -d' '` = "connected" ]; then<br />
exec /etc/rc.d/openntpd stop<br />
fi<br />
;;<br />
esac<br />
</nowiki>}}<br />
<br />
==== Mount remote folder with sshfs ====<br />
<br />
As the script is run in a very restrictive environment, you have to export SSH_AUTH_SOCK in order to connect to your SSH agent. There are different ways to accomplish this, see [https://bbs.archlinux.org/viewtopic.php?pid=1042030#p1042030 here] for more information. The example below works with gnome-keyring, and will ask you for the password if not unlocked already. In case networkmanager connects automaticaly on login, it is likely gnome-keyring has not yet started and the export will fail (hence the sleep). The UUID to match can be found in /etc/NetworkManager/system-connections/). <br />
<br />
#!/bin/bash<br />
USER=<your sshfs user><br />
if [ $CONNECTION_UUID == <connection UUID> ]; then<br />
case "$2" in<br />
<br />
up)<br />
#sleep 10<br />
export SSH_AUTH_SOCK=$(find /tmp/keyring-*/ -type s -user $USER -group users -name ssh)<br />
su $USER -c "/usr/bin/sshfs user@host:/remote/folder /local/folder/"<br />
;;<br />
<br />
down)<br />
fusermount -u /local/folder<br />
;;<br />
esac<br />
fi<br />
<br />
==== 使用分配器在网络连接建立后连接 vpn ====<br />
<br />
In this example we want to connect automatically to a vpn-connection we defined previously with NetworkManager. First thing to to is to create the dispatcher-script that defines what to do after we connected to the network.<br />
<br />
1. Create the dispatcher script in {{ic|/etc/NetworkManager/dispatcher.d/vpn-up}}<br />
<br />
case "$2" in<br />
up)<br />
sudo -u username DISPLAY=:0 /usr/bin/python /etc/NetworkManager/vpn-up.py<br />
;;<br />
esac<br />
<br />
Remember to make it executable with chmod +x and change '''username''' to the right one.<br />
<br />
2. Create the {{ic|/etc/NetworkManager/vpn-up.py}} and change '''network-ESSID''' to the desired one.<br />
<br />
Now NetworkManager should try to connect to your vpn which you had defined in your profile.<br />
<br />
More recent versions of NetworkManager have seen a change in the python interface used in the above script, so it may no longer function. An alternative solution, however, can be found in clever use of nmcli.<br />
<br />
{{bc|<nowiki><br />
#! /bin/bash<br />
<br />
REQUIRED_CONNECTION_NAME=""<br />
VPN_CONNECTION_NAME=""<br />
<br />
<br />
activ_con=$(nmcli con status | grep "${REQUIRED_CONNECTION_NAME}")<br />
activ_vpn=$(nmcli con status | grep "${VPN_CONNECTION_NAME}")<br />
if [ "${activ_con}" -a ! "${activ_vpn}" ];<br />
then<br />
nmcli con up id "${VPN_CONNECTION_NAME}"<br />
fi<br />
</nowiki>}}<br />
<br />
=== 代理设置 ===<br />
<br />
Network Manager does not directly handle proxy settings, but if you are using GNOME, you could use [http://marin.jb.free.fr/proxydriver/ proxydriver] wich handles proxy settings using Network Manager's informations. Package {{AUR|proxydriver}} is in the [[AUR]].<br />
<br />
In order for proxydriver to be able to change the proxy settings, you would need to execute this command, as part of the GNOME startup process (<br />
System->Preferences->Startup Applications):<br />
<br />
{{bc|<br />
xhost +si:localuser:your_username<br />
}}<br />
<br />
See: [[Proxy settings]]<br />
<br />
== 测试 ==<br />
<br />
NetworkManager 托盘组件被设计成开机自动启动,所以对大部分用户来说,并不需要过多配置。<br />
但是如果你手动停用旧有的网络设置断网,你需要测试一下 NetworkManager 是否正常工作。<br />
首先启动守护进程:<br />
<br />
/etc/rc.d/networkmanager start<br />
<br />
有些托盘组件会提供给你一个 .desktop 文件以便通过系统菜单运行。<br />
如果没有,那你就需要通过命令或者注销重登录系统来让托盘组件运行。<br />
一旦托盘组件运行了,它会自动请求网络连接并通过 DHCP 服务器来进行网络配置。<br />
<br />
<br />
在一些 non-xdg-compliant 窗口系统,比如 Awesome 中启动 GNOME applet:<br />
<br />
nm-applet --sm-disable &<br />
<br />
For static IPs you will have to configure NetworkManager to understand them. The process usually involves right-clicking the applet and selecting something like 'Edit Connections'.<br />
<br />
如果需要静态 IP,你需要配置 NetworkManager。一般来说,在托盘图标上面点击右键,<br />
选择「编辑连接」即可。<br />
<br />
== Troubleshooting ==<br />
<br />
Some fixes to common problems.<br />
<br />
=== No traffic via PPTP tunnel ===<br />
<br />
PPTP connection logins successfully, you see ppp0 interface with correct VPN IP, but you cannot even ping remote IP. It is due to lack of MPPE (Microsoft Point-to-Point Encryption) support in stock Arch pppd. It is recommended to first try with the stock Arch {{Pkg|ppp}} as it may work as intended.<br />
<br />
To solve the problem it should be sufficient to install {{AUR|ppp-mppe}} from the [[AUR]].<br />
<br />
=== Network management disabled ===<br />
<br />
Sometimes when NetworkManager shuts down but the pid (state) file does not get removed and you will get a 'Network management disabled' message. If this happens, you'll have to remove it manually:<br />
<br />
# rm /var/lib/NetworkManager/NetworkManager.state<br />
<br />
If this happens upon reboot, you can add an action to your {{ic|/etc/rc.local}} to have it removed upon bootup:<br />
<br />
{{bc|<nowiki>nmpid=/var/lib/NetworkManager/NetworkManager.state<br />
[ -f $nmpid ] && rm $nmpid</nowiki>}}<br />
<br />
=== NetworkManager prevents DHCPCD from using resolv.conf.head and resolv.conf.tail ===<br />
<br />
Sometimes it is problematic to add static items to {{ic|resolv.conf}} when it is constantly rewritten by NetworkManager and {{ic|dhcpcd}}. A simple solution is using the following script:<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
# <br />
# /etc/NetworkManager/dispatcher.d/99-resolv.conf-head_and_tail<br />
# Include /etc/resolv.conf.head and /etc/resolv.conf.tail to /etc/resolv.conf<br />
#<br />
# scripts in the /etc/NetworkManager/dispatcher.d/ directory<br />
# are called alphabetically and are passed two parameters:<br />
# $1 is the interface name, and $2 is “up” or “down” as the<br />
# case may be.<br />
<br />
resolvconf='/etc/resolv.conf';<br />
cat "$resolvconf"{.head,,.tail} 2>/dev/null > "$resolvconf".tmp<br />
mv -f "$resolvconf".tmp "$resolvconf"<br />
</nowiki>}}<br />
<br />
This script is also available in the [https://aur.archlinux.org/packages/networkmanager-dispatch-resolv AUR] for convenience<br />
<br />
=== Preserving changes to resolv.conf ===<br />
<br />
NetworkManager will attempt to write DNS information from DHCP into {{ic|/etc/resolv.conf}}, overwriting the existing contents. To prevent this, you can set the immutable bit on the file:<br />
# chattr +i /etc/resolv.conf<br />
<br />
To modify the file in the future, first remove the immutable bit:<br />
# chattr -i /etc/resolv.conf<br />
<br />
=== DHCP problems ===<br />
<br />
If you have problems with getting an IP via DHCP, try to add the following to your {{ic|/etc/dhclient.conf}}:<br />
interface "eth0" {<br />
send dhcp-client-identifier 01:aa:bb:cc:dd:ee:ff;<br />
}<br />
Where {{ic|aa:bb:cc:dd:ee:ff}} is the MAC address of this NIC. The MAC address can be found using the {{ic|ip link show eth0}} command from the {{Pkg|iproute2}} package.<br />
<br />
For some (incompliant) routers, you will not be able to connect properly unless you comment the line<br />
require dhcp_server_identifier<br />
in {{ic|/etc/dhcpcd.conf}} (note that this file is distinct from {{ic|dhcpd.conf}}). This should not cause issues unless you have multiple DHCP servers on your network (not typical); see [http://technet.microsoft.com/en-us/library/cc977442.aspx this page] for more information.<br />
<br />
=== Hostname problems ===<br />
Add the following line to /etc/NetworkManager/NetworkManager.conf:<br />
dhcp=dhcpcd<br />
then restart.<br />
systemctl restart NetworkManager<br />
source https://bbs.archlinux.org/viewtopic.php?id=152376<br />
=== Missing default route ===<br />
<br />
On at least one KDE4 system, no default route was created when establishing wireless connections with NetworkManager. Changing the route settings of the wireless connection to remove the default selection "Use only for resources on this connection" solved the issue.<br />
<br />
=== 3G modem not detected ===<br />
<br />
If NetworkManager (from v0.7.999) does not detect your 3G modem, but you still can connect using [[wvdial]], try installing <br />
{{Pkg|modemmanager}} and restart NetworkManager daemon with {{ic|rc.d restart networkmanager}}. It may also be necessary to replug or restart your modem. This utility provides support for hardware not in NetworkManager's default database.<br />
<br />
=== Switching off WLAN on laptops ===<br />
<br />
Sometimes NetworkManager will not work when you disable your WiFi adapter with a switch on your laptop and try to enable it again afterwards. This is often a problem with {{ic|rfkill}}. Install {{Pkg|rfkill}} from the [[official repositories]] and use <br />
<br />
$ watch -n1 rfkill list all<br />
<br />
to check if the driver notifies {{ic|rfkill}} about the wireless adapter's status.<br />
If one identifier stays blocked after you switch on the adapter you could try to manually unblock it with (where X is the number of the identifier provided by the above output):<br />
<br />
# rfkill event unblock X<br />
<br />
=== Static IP settings revert to DHCP ===<br />
<br />
Due to an unresolved bug, when changing default connections to static IP, {{ic|nm-applet}} may not properly store the configuration change, and will revert to automatic DHCP.<br />
<br />
To work around this issue you have to edit the default connection (e.g. "Auto eth0") in {{ic|nm-applet}}, change the connection name (e.g. "my eth0"), uncheck the "Available to all users" checkbox, change your static IP settings as desired, and click '''Apply'''. This will save a new connection with the given name.<br />
<br />
Next, you will want to make the default connection not connect automatically. To do so, run {{ic|nm-connection-editor}} (''not'' as root). In the connection editor, edit the default connection (eg "Auto eth0") and uncheck "Connect automatically". Click '''Apply''' and close the connection editor.<br />
<br />
=== Cannot edit connections as normal user ===<br />
<br />
See [[#Set_up_PolicyKit_permissions]].<br />
<br />
=== Forget hidden wireless network ===<br />
<br />
Since hidden network are not displayed in the selection list of the Wireless view, they cannot be forgotten (removed) with the GUI. You can delete one with the following command:<br />
<br />
# rm /etc/NetworkManager/system-connections/[SSID]<br />
<br />
This works for any other connection.<br />
<br />
=== VPN not working in Gnome ===<br />
<br />
When setting up openconnect or vpnc connections in NetworkManager while using Gnome, you'll sometimes never see the dialog box pop up and the following error appears in /var/log/errors.log:<br />
<br />
localhost NetworkManager[399]: <error> [1361719690.10506] [nm-vpn-connection.c:1405] get_secrets_cb(): Failed to request VPN secrets #3: (6) No agents were available for this request.<br />
<br />
This is caused by the Gnome NM Applet expecting dialog scripts to be at /usr/lib/gnome-shell, when NetworkManager's packages put them in /usr/lib/networkmanager.<br />
As a "temporary" fix (this bug has been around for a while now), make the following symlink(s):<br />
<br />
# For OpenConnect<br />
ln -s /usr/lib/networkmanager/nm-openconnect-auth-dialog /usr/lib/gnome-shell/ <br />
<br />
# For VPNC (i.e. Cisco VPN)<br />
ln -s /usr/lib/networkmanager/nm-vpnc-auth-dialog /usr/lib/gnome-shell/<br />
<br />
This may need to be done for any other NM VPN plugins as well, but these are the two most common.<br />
<br />
== Tips and tricks ==<br />
<br />
=== Sharing internet connection over wifi ===<br />
<br />
You can share your internet connection (eg.: 3G or wired) by few clicks using nm. You will need supported wifi card (Cards based on Atheros AR9xx or at least AR5xx are probably best choice)<br />
<br />
==== Ad-hoc ====<br />
<br />
* pacman -S dnsmasq<br />
* custom dnsmasq.conf may interfere with nm (not sure about this, but i think so)<br />
* Click on nm-applet -> Create new wireless network<br />
* Follow wizard (if using WEP be sure to use 5 or 13 charactes long password, different lengths will fail)<br />
* Settings will remain stored for next time you'll need it<br />
<br />
==== Real AP ====<br />
<br />
Support of infrastructure mode (which is needed by Andoid phones as they don't intentionally support ad-hoc) is not currently supported by NetworkManager, but is in active development...<br />
<br />
See: http://fedoraproject.org/wiki/Features/RealHotspot<br />
<br />
=== Checking if networking is up inside a cron job or script ===<br />
<br />
Some cron jobs require networking to be up to succeed. You may wish to avoid running these jobs when the network is down. To accomplish this, add an '''if''' test for networking that queries NetworkManager's {{ic|nm-tool}} and checks the state of networking. The test shown here succeeds if any interface is up, and fails if they are all down. This is convenient for laptops that might be hardwired, might be on wireless, or might be off the network. <br />
if [ `nm-tool|grep State|cut -f2 -d' '` == "connected" ]; then<br />
#Whatever you want to do if the network is online<br />
else<br />
#Whatever you want to do if the network is offline - note, this and the else above are optional<br />
fi<br />
<br />
This useful for a {{ic|cron.hourly}} script that runs {{ic|fpupdate}} for the F-Prot virus scanner signature update, as an example. Another way it might be useful, with a little modification, is to differentiate between networks using various parts of the output from {{ic|nm-tool}}; for example, since the active wireless network is denoted with an asterisk, you could grep for the network name and then grep for a literal asterisk.<br />
<br />
=== Automatically unlock keyring after login ===<br />
<br />
==== GNOME ====<br />
<br />
# Right click on the {{ic|nm-applet}} icon in your panel and select Edit Connections and open the Wireless tab<br />
# Select the connection you want to work with and click the Edit button<br />
# Check the boxes “Connect Automatically” and “Available to all users”<br />
Log out and log back in to complete.<br />
<br />
{{Note|The following method is dated and known not to work on at least one machine!}}<br />
* In {{ic|/etc/pam.d/gdm}} (or your corresponding daemon in {{ic|/etc/pam.d}}), add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
* In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
==== KDE ====<br />
{{Note|See http://live.gnome.org/GnomeKeyring/Pam for reference, and if you are using KDE with KDM, you can use {{AUR|pam-keyring-tool}} from the [[AUR]].}}<br />
<br />
Put a script like the following in {{ic|~/.kde4/Autostart}}:<br />
#!/bin/sh<br />
echo PASSWORD | /usr/bin/pam-keyring-tool --unlock --keyring=default -s<br />
Similar should work with Openbox, LXDE, etc.<br />
<br />
==== SLiM login manager ====<br />
<br />
*In {{ic|/etc/pam.d/slim}}, add these lines at the end of the "auth" and "session" blocks if they do not exist already: <br />
auth optional pam_gnome_keyring.so<br />
session optional pam_gnome_keyring.so auto_start<br />
<br />
*In {{ic|/etc/pam.d/passwd}}, use this line for the 'password' block:<br />
password optional pam_gnome_keyring.so<br />
<br />
*In {{ic|~/.xinitrc}}, add this at the very top, before launching your window manager and other applications:<br />
# test for an existing bus daemon, just to be safe<br />
if test -z "$DBUS_SESSION_BUS_ADDRESS" ; then<br />
# if not found, launch a new one<br />
eval `dbus-launch --sh-syntax --exit-with-session`<br />
echo "D-Bus per-session daemon address is: $DBUS_SESSION_BUS_ADDRESS"<br />
fi<br />
<br />
:Next time you log in, you should be asked if you want the password to be unlocked automatically on login.<br />
<br />
=== Ignore specific devices ===<br />
<br />
Sometimes it may be desired that NetworkManager ignores specific devices and does not try to configure addresses and routes for them.<br />
<br />
:1. You can quickly and easily ignore devices by MAC by using the following in {{ic|/etc/NetworkManager/NetworkManager.conf}} :<br />
[keyfile]<br />
unmanaged-devices=mac:00:22:68:1c:59:b1;mac:00:1E:65:30:D1:C4<br />
:After you have put this in, [[Daemon|restart]] NetworkManager, and you should be able to configure interfaces without NetworkManager altering what you have set.<br />
<br />
:2. If that is not appropriate, you could ignore by HAL.<br />
::* First you have to find out the Hal UDI (e.g. with {{ic|lshal}}):<br />
...<br />
info.product = 'Networking Interface' (string)<br />
info.subsystem = 'net' (string)<br />
info.udi = '/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55' (string)<br />
linux.hotplug_type = 2 (0x2) (int)<br />
linux.subsystem = 'net' (string)<br />
...<br />
<br />
::* Add the udi to {{ic|/etc/NetworkManager/nm-system-settings.conf}}:<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55<br />
<br />
:Multiple devices can be specified, delimited by semicolons:<br />
<br />
[keyfile]<br />
unmanaged-devices=/org/freedesktop/Hal/devices/net_00_1f_11_01_06_55;/org/freedesktop/Hal/devices/net_00_2c_6d_e2_08_af<br />
<br />
:You do not need to restart NetworkManager for the changes to take effect.<br />
<br />
:3. Devices could also be ignored at boot time by using following script (change {{ic|NetworkManager.conf}} with {{ic|nm-system-settings.conf}} if using a version of NetworkManager smaller than 0.8.1):<br />
#!/bin/sh<br />
# author: tim noise <darknoise@drkns.net><br />
COUNT=0<br />
TARGET_FILE="/etc/NetworkManager/NetworkManager.conf"<br />
for i in `lshal | grep -A6 'Networking Interface' | awk -F "'" '/info.udi = / {print $2}'`; do<br />
if [ $COUNT = 0 ]; then<br />
COUNT=$COUNT+1;<br />
echo "unmanaged-devices=$i" >> $TARGET_FILE<br />
else<br />
echo -n ";$i" >> $TARGET_FILE<br />
fi<br />
done<br />
printf "\n" >> $TARGET_FILE<br />
<br />
:It can be changed to ignore WiFi devices, etc. being used on a non-persistant filesystem.<br />
<br />
=== Connect faster ===<br />
<br />
==== Disabling IPv6 ====<br />
<br />
Slow connection or reconnection to the network may be due to superfluous IPv6 queries in NetworkManager. If there is no IPv6 support on the local network, connecting to a network may take longer than normal while NetworkManager tries to establish an IPv6 connection that eventually times out. The solution is to disable IPv6 within NetworkManager which will make network connection faster. This has to be done once for every network you connect to.<br />
<br />
* Right-click on the network status icon.<br />
* Click on "Edit Connections".<br />
* Go to the "Wired" or "Wireless" tab, as appropriate.<br />
* Select the name of the network.<br />
* Click on "Edit".<br />
* Go to the "IPv6 Settings" tab.<br />
* In the "Method" dropdown, choose "Ignore/Disabled".<br />
* Click on "Save".<br />
<br />
==== Speed up DHCP by disabling ARP probing in DHCPCD ====<br />
<br />
{{ic|dhcpcd}} contains an implementation of a recommendation of the DHCP standard ([http://www.ietf.org/rfc/rfc2131.txt RFC2131] section 2.2) to check via ARP if the assigned IP address is really not taken. This seems mostly useless in home networks, so you can save about 5 seconds on every connect by adding the following line to {{ic|/etc/dhcpcd.conf}}:<br />
<br />
noarp<br />
<br />
This is equivalent to passing {{ic|--noarp}} to {{ic|dhcpcd}}, and disables the described ARP probing, speeding up connections to networks with DHCP.<br />
<br />
==== Use OpenDNS servers ====<br />
<br />
Create {{ic|/etc/resolv.conf.opendns}} with the nameservers:<br />
<br />
nameserver 208.67.222.222<br />
nameserver 208.67.220.220<br />
<br />
And have the dispatcher replace the discovered DHCP servers with the OpenDNS ones:<br />
<br />
{{hc|/etc/NetworkManager/dispatcher.d/dns-servers-opendns|<nowiki><br />
#!/bin/bash<br />
# Use OpenDNS servers over DHCP discovered servers<br />
<br />
cp -f /etc/resolv.conf.opendns /etc/resolv.conf</nowiki>}}<br />
<br />
Make the script executable:<br />
<br />
# chmod +x /etc/NetworkManager/dispatcher.d/dns-servers-opendns<br />
<br />
== 其它资源 ==<br />
*[[Wireless Setup]] -- 无线配置(wiki)<br />
*[http://www.gnome.org/projects/NetworkManager/ NetworkManager] - 网络管理器的官方主页</div>Jack-lijinghttps://wiki.archlinux.org/index.php?title=ArchWiki:Translation_Team_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&diff=271921ArchWiki:Translation Team (简体中文)2013-08-21T04:42:06Z<p>Jack-lijing: /* 页面维护列表 */</p>
<hr />
<div>[[Category:简体中文]]<br />
[[Category:ArchWiki (简体中文)]]<br />
[[en:ArchWiki Translation Team]]<br />
[[es:ArchWiki Translation Team]]<br />
[[hr:ArchWiki Translation Team]]<br />
[[it:ArchWiki Translation Team]]<br />
[[pl:ArchWiki Translation Team]]<br />
[[tr:ArchWiki_Çeviri_Ekibi]]<br />
Arch Wiki 上有许多中文页面,这些页面是无数中文志愿者劳动的结晶。随着时间推移,有些页面因为没有及时维护,内容严重过时。而目前的翻译工作缺少组织,效率偏低。所以参照西班牙和意大利翻译组的做法,添加这个页面。<br />
<br />
如果希望进行翻译和维护,只需要编辑下面的[[#页面维护列表]],将自己加为页面的维护者。如果列表中还没有要认领翻译的页面,请自行添加。如果因为时间原因无法再维护页面,请及时将自己从维护者列表中删除。<br />
<br />
== 创建翻译 ==<br />
{{注意|如果不准备翻译页面的大部分内容,请尽量不要新建简体中文页面。检查英文页面的更新需要花费不少精力,没有翻译的页面会增加维护负担。}}<br />
# 如果还不知道如何编辑 wiki,请阅读 [[Help:Editing (简体中文)|编辑帮助]]。<br />
# 阅读 [[Help:i18n (简体中文)|i18n帮助]],文章给出了 ArchWiki 国际化和本地化的指南。<br />
# [[Special:UserLogin |登录]] 以进行编辑。<br />
# 选择要翻译的页面,例如从 [[Special:Random|随机页面]] 或[[#页面维护列表 | 页面维护列表]] 中选择一个未翻译完成的页面。假设要翻译 [[Some Page]].<br />
# 进入选择的英文页面,点击页面顶部的 '''编辑'''。<br />
# 添加要翻译文件的语言间链接 (参见[[Help:i18n#Interlanguage links]])。<br />
# 复制所有页面代码。<br />
# 保存页面 (新加了语言链接)<br />
# 访问页面左边新添加的语言链接,应该会进到 [[Some Page (简体中文)]] : {{ic|<nowiki>https://wiki.archlinux.org/index.php/Some_Page_(</nowiki>''简体中文'')}}<br />
# 因为页面不存在,点击 '''创建'''。<br />
# 将显示一个编辑器 - 粘贴复制的英文页面。<br />
# 将文章分类修改为本地化版本,例如将 {{ic|<nowiki>[[Category:Internationalization]]</nowiki>}} 修改为 {{ic|<nowiki>[[Category:Internationalization (简体中文)]]</nowiki>}},参阅[[Help:Category (简体中文)]].<br />
# 修改语言间链接,指向英文页面(将 {{ic|zh-CN}} 修改为 {{ic|en}},并将英文页面移到文章顶部。<br />
# 翻译页面,进行保存。<br />
# (推荐)给翻译完成的页面加上[[Template:TranslationStatus (简体中文)|翻译状态]],后有详细介绍。<br />
# 更新所有其它语言页面,加入刚翻译文章的语言间链接。<br />
# (可选)创建一个简体中文名称的页面,指向新创建的页面:访问 {{ic|<nowiki>https://wiki.archlinux.org/index.php/</nowiki>''页面的中文名称''}}.<br />
# (可选)建立新页面,并加入:{{bc|<nowiki>#REDIRECT [[Some Page (简体中文)</nowiki>]]}}<br />
<br />
== 完善翻译 ==<br />
[https://wiki.archlinux.org/index.php?title=Special:WhatLinksHere/Template:Translateme_(%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87)&limit=100 这个页面] 包含了需要完善翻译的简体中文页面。完善翻译的基本步骤:<br />
# 选择自己比较熟悉的文章进行翻译<br />
# 先检查英文页面的对应段落,更新成最新的英文后再翻译,避免翻译过时的内容,减少信息遗漏。<br />
# 翻译完成后删除页面中的 <nowiki>{{translateme (简体中文)}}</nowiki> 标记<br />
# (推荐)给翻译完成的页面加上[[Template:TranslationStatus (简体中文)|翻译状态]],后有详细介绍。<br />
<br />
== 更新过期页面 == <br />
如果发现有 Wiki 页面过期或错误:<br />
* 小的改动,有时间可以立即进行修改同步,维护者并不控制页面的编辑权限,越多的人参与维护越好。如果改动较大,请先联系维护者,避免重复劳动。<br />
* 没有时间查看更改,请给页面加上 {{ic|<nowiki>{{out of date}}</nowiki>}} 模版,这样其他贡献者更容易发现需要更新的页面,而读者看到过期标记就可以直接查看英文页面,以免被错误内容误导,白白耽误时间。<br />
* 没有时间翻译,请将过期的中文部分删去,从英文页面中复制更改的部分到中文页面的相应部分,去掉{{ic|<nowiki>{{out of date}}</nowiki>}}模板(如果页面上有的话)并加上{{ic|<nowiki>{{translateme (简体中文)}}</nowiki>}}模板,这样其他贡献者就更容易发现需要翻译的页面,而读者也不会被过期的内容误导。<br />
如果发现有页面未翻译:<br />
* 有时间的话,请将页面中的英文部分翻译为中文,并去掉{{ic|<nowiki>{{translateme (简体中文)}}</nowiki>}}模板。<br />
* 没有时间翻译,请为页面添加{{ic|<nowiki>{{translateme (简体中文)}}</nowiki>}}模板,这样其他的贡献者就能更容易发现需要翻译的页面。<br />
{{注意|在修改页面上的模板时,请同时更新页面维护列表的翻译状态。}}<br />
<br />
== 维护翻译 ==<br />
完成页面的翻译只是初步完成任务,即时同步英文页面改动、更新翻译是一个持续性的工作,可能会耗费更多的时间。<br />
<br />
=== 页面认领 ===<br />
所有人都可以认领页面。认领后的责任包括进行翻译,关注英文页面的改动,及时同步翻译。<br />
<br />
为了更好的跟踪英文页面的修改,请务必在设置中启用监视列表邮件通知,并监视对应的英文页面(从设置中找到监视列表,加入英文页面。或者直接到英文页面点击页面顶端的监视标签。这样只要有改动,就会收到邮件通知)。<br />
<br />
{{小贴士|如果收到邮件通知后没有访问页面或者访问了页面却没有登录用户,下次页面改动时就不会再发邮件通知。可以点击监视列表中的'''标记所有页面为已读'''再次获取更新。}}<br />
<br />
如果页面有维护者但长期得不到更新,将会在维护列表中删除维护者。<br />
<br />
=== 翻译状态模板 ===<br />
Arch 作为滚动发行版,软件变化比较快,对应的文档变化也比较快。许多翻译的文章由于缺乏更新,会产生命令运行出错或不起作用等问题。而由于这些过期页面没有及时标记出来,所以用户无法及时获得更新。[[Template:TranslationStatus (简体中文)|翻译状态模板]]就是为了解决这个问题而创建。<br />
<br />
此模板可以起到如下作用:<br />
* 为用户提供翻译状况,包括翻译时间、英文页面的最后版本等<br />
* 用户可以点击查看翻译后,英文页面的改动,这样英文不是很好的用户可以只查看很小一部分英文内容,并判断出是否影响操作。<br />
* 翻译人员可以跟踪页面状况,通过[https://wiki.archlinux.org/index.php/Special:WhatLinksHere/Template:TranslationStatus_(简体中文) 模板的反向链接]可以查找到所有标记页面,查看需要更新翻译的部分。<br />
<br />
[[Template:TranslationStatus (简体中文)|模板页面]]有详细的使用方法。<br />
<br />
=== 页面维护列表 ===<br />
{{注意|请按照拉丁字母顺序添加页面。}}<br />
<br />
需要优先翻译的页面:<br />
* [[Systemd/User]]<br />
* [[netctl]]<br />
<br />
{| class="wikitable sortable collapsible" border="1"<br />
|-<br />
! 页面<br />
! 翻译状态<br />
! 维护者<br />
! class="unsortable" width="30%" | 备注<br />
|-<br />
| [[acpid (简体中文)]]<br />
| 过期<br />
| Cael<br />
| <br />
|-<br />
| [[ACPI modules (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Activating Numlock on Bootup (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Ad-hoc networking (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Advanced Linux Sound Architecture (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 部分未翻译<br />
|-<br />
| [[AHCI (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Allow Users to Shutdown (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[aMule (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Android (简体中文)]]<br />
| 完成<br />
| Stlt1sean<br />
| 无<br />
|-<br />
| [[Apache, suEXEC and Virtual Hosts (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Arch Based Distributions (Active) (简体中文)]]<br />
| 完成<br />
| acgtyrant<br />
| 无<br />
|-<br />
| [[Arch Build System (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[ArchWiki:About (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[ATI (简体中文)]]<br />
| 过期<br />
| 无<br />
| 请优先翻译此文<br />
|-<br />
| [[AUR Helpers (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[Avant Window Navigator (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[awesome (简体中文)]]<br />
| 进行中<br />
| Cael<br />
| 无<br />
|-<br />
| [[Bash (简体中文)]]<br />
| 完成<br />
| Jaurung<br />
| 无<br />
|-<br />
| [[BIND (简体中文)]]<br />
| 翻译中<br />
| SteamedFish<br />
| 无<br />
|-<br />
| [[Bumblebee (简体中文)]]<br />
| 完成<br />
| Peter<br />
| 无<br />
|-<br />
| [[AMD Catalyst (简体中文)]]<br />
| 过期<br />
| Shibao Zhao<br />
| 无<br />
|-<br />
| [[Common Applications (简体中文)]]<br />
| 翻译中<br />
| DavidChen<br />
| 翻译中<br />
|-<br />
| [[Common Applications/Science (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[Compiz (简体中文)]]<br />
| 过期<br />
| 无<br />
| 无<br />
|-<br />
| [[Configuring Network (简体中文)]]<br />
| 完成<br />
| Stlt1sean<br />
| 无<br />
|-<br />
| [[Core Utilities (简体中文)]]<br />
| 完成<br />
| acgtyrant<br />
| 无<br />
|-<br />
| [[CPU Frequency Scaling (简体中文)]]<br />
| 完成<br />
| Flockyrocky<br />
| <br />
|-<br />
| [[Creating Packages (简体中文)]]<br />
| 完成<br />
| Cael<br />
| 无<br />
|-<br />
| [[Disabling IPv6 (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Downgrading Packages (简体中文)]]<br />
| 完成<br />
| Cael<br />
| 无<br />
|-<br />
| [[E17 (简体中文)]]<br />
| 完成<br />
| Aaron_chen<br />
| 同步翻译至2012年12月24日18:00英文页面<br />
|-<br />
| [[Emacs (简体中文)]]<br />
| 翻译中<br />
| Jaurung yuanhang<br />
| 未完成<br />
|-<br />
|-<br />
| [[Font Configuration (简体中文)]]<br />
| 翻译中<br />
| Jaurung<br />
| 完善中<br />
|-<br />
| [[Fonts (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[Fstab (简体中文)]]<br />
| 完成<br />
| Fengchao<br />
| 无<br />
|-<br />
| [[GRUB (简体中文)]]<br />
| 翻译中<br />
| 无<br />
| 无<br />
|-<br />
| [[Help:Style (简体中文)]]<br />
| 完成<br />
| Fengchao<br />
| 无<br />
|-<br />
| [[i3 (简体中文)]]<br />
| 完成<br />
| acgtyrant<br />
| 无<br />
|-<br />
| [[IBus (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 请优先翻译此文<br />
|-<br />
| [[Improve_Pacman_Performance_(简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[Intel Graphics (简体中文)]]<br />
| 完成<br />
| Shibao Zhao<br />
| 无<br />
|-<br />
| [[KDE (简体中文)]]<br />
| 完成<br />
| Stlt1sean<br />
| 无<br />
|-<br />
| [[Kernel Compilation (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Kernel Compilation/Arch Build System (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[LAMP (简体中文)]]<br />
| 完成<br />
| Liuzhengyi<br />
| 勘误中<br />
|-<br />
| [[Laptop Mode Tools (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[Lenovo ThinkPad T420 (简体中文)]]<br />
| 完成<br />
| Flockyrocky<br />
| 无<br />
|-<br />
| [[LibreOffice (简体中文)]]<br />
| 过期<br />
| 无<br />
| 无<br />
|-<br />
| [[Local Mirror (简体中文)]]<br />
| 完成<br />
| Jason Zhang<br />
| 完善中<br />
|-<br />
| [[Makepkg (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[mkinitcpio (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[NetworkManager (简体中文)]] || 部分翻译 || Jack-lijing || 请优先翻译<br />
|-<br />
| [[Network Time Protocol daemon (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 部分未翻译<br />
|-<br />
| [[Official Repositories (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Openbox (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[OpenOffice (简体中文)]]<br />
| 过期<br />
| 无<br />
| 无<br />
|-<br />
| [[Pacman (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Pacman GUI Frontends (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|-<br />
| [[pacman Tips (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无<br />
|-<br />
| [[Pidgin (简体中文)]]<br />
| 进行中<br />
| Cael<br />
| 无 <br />
|- <br />
| [[Plasma (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 无<br />
|- <br />
| [[Polipo (简体中文)]]<br />
| 完成<br />
| 无<br />
| 无 <br />
|-<br />
| [[Python (简体中文)]]<br />
| 完成<br />
| Fengchao<br />
| 无 <br />
|-<br />
| [[ranger (简体中文)]]<br />
| 完成<br />
| Jason Zhang<br />
| 完善中<br />
|-<br />
| [[Reporting_Bug_Guidelines_(简体中文)]]<br />
| 翻译中<br />
| Jason Zhang<br />
| <br />
|-<br />
| [[Smart Common Input Method platform (简体中文)]]<br />
| 过期<br />
| 无<br />
| 无<br />
|-<br />
| [[Secure Shell (简体中文)]]<br />
| 未翻译<br />
| 无<br />
| 部分未翻译<br />
|-<br />
| [[Systemd (简体中文)]]<br />
| 完成<br />
| cuihao<br />
| 无<br />
|-<br />
| [[TeXLive (简体中文)]]<br />
| 完成<br />
| reverland<br />
| 无<br />
|-<br />
| [[USB Installation Media (简体中文)]]<br />
| 完成<br />
| Stlt1sean <br />
| 无<br />
|-<br />
| [[Vim (简体中文)]]<br />
| 完成<br />
| yukirock<br />
| 无<br />
|-<br />
| [[VirtualBox (简体中文)]]<br />
| 翻译中<br />
| Carl X. Su<br />
| 请优先翻译此文<br />
|-<br />
| [[VMware (简体中文)]]<br />
| 翻译中<br />
| Jason Zhang<br />
| 无<br />
|-<br />
| [[Wine (简体中文)]]<br />
| 完成<br />
| cuihao<br />
| 无<br />
|- <br />
| [[Xfce (简体中文)]] || 翻译中 || ZaticWu || 请优先翻译<br />
|-<br />
| [[Xmonad (简体中文)]]<br />
| 未翻译<br />
| Rns<br />
| 翻译中<br />
|-<br />
| [[Xrandr (简体中文)]]<br />
| 完成<br />
| acgtyrant<br />
| 无<br />
|-<br />
| [[Xscreensaver (简体中文)]]<br />
| 完成<br />
| liuyix<br />
| 无<br />
|-<br />
| [[LXDE (简体中文)]]<br />
| 翻译中<br />
| Tuxzz<br />
| 无<br />
|}<br />
<br />
翻译状态说明:<br />
;过期:页面内容未与英文页面同步,对应{{ic|<nowiki>{{out of date}}</nowiki>}} 模版<br />
;未翻译:页面中含有英文内容,对应{{ic|<nowiki>{{translateme (简体中文)}}</nowiki>}}模板<br />
;完成:页面已与英文页面同步<br />
<br />
== 贡献列表 ==<br />
为翻译做出贡献的用户请加入列表,感谢所有人做出的贡献。<br />
* [[User:Fengchao|Fengchao]] &ndash; [[Special:Contributions/Fengchao|贡献]] &ndash; [[Special:EmailUser/Fengchao|Send Email]] &ndash; [[ArchWiki:Administrators|ArchWiki Administrators]]<br />
* [[User:Skydiver|Skydiver]] &ndash; [[Special:Contributions/Skydiver|贡献]] &ndash; [[Special:EmailUser/Skydiver|Send Email]] &ndash; [[ArchWiki:Maintainers|ArchWiki Maintainers]]<br />
* [[User:Alswl|Alswl]] &ndash; [[Special:Contributions/Alswl|贡献]] &ndash; [[Special:EmailUser/Alswl|Send Email]]<br />
* [[User:Reverland|Reverland]] &ndash; [[Special:Contributions/Reverland|贡献]] &ndash; [[Special:EmailUser/Reverland|Send Email]]<br />
* [[User:Cuihao|cuihao]] &ndash; [[Special:Contributions/Cuihao|贡献]] &ndash; [[Special:EmailUser/Cuihao|Send Email]]<br />
* [[User:Cael|Cael]] &ndash; [[Special:Contributions/Cael|贡献]] &ndash; [[Special:EmailUser/Cael|Send Email]]<br />
* [[User:Flockyrocky|Flockyrocky]] &ndash; [[Special:Contributions/Flockyrocky|贡献]] &ndash; [[Special:EmailUser/Flockyrocky|Send Email]]<br />
* [[User:Tuxzz|Tuxzz]] &ndash; [[Special:Contributions/Tuxzz|贡献]] &ndash; [[Special:EmailUser/Tuxzz|Send Email]]<br />
* [[User:Aaron_chen|Aaron_chen]] &ndash; [[Special:Contributions/Aaron_chen|贡献]] &ndash; [[Special:E17/Aaron_chen|Send Email]]<br />
* [[User:Shibao Zhao|Shibao Zhao]] &ndash; [[Special:Contributions/Shibao Zhao|贡献]] &ndash; [[Special:EmailUser/Shibao Zhao|Send Email]] &ndash;<br />
* [[User:Radflum|Yk]] &ndash; [[Special:Contributions/Radflum|贡献]] &ndash; [[Special:EmailUser/Radflum|Send Email]]<br />
* [[User:Hang yan|Hang yan]] &ndash; [[Special:Contributions/Hang yan|贡献]] &ndash; [[Special:EmailUser/Hang yan|Send Email]]<br />
* [[User:Acgtyrant|Acgtyrant]] &ndash; [[Special:Contributions/Acgtyrant|贡献]] &ndash; [[Special:EmailUser/Acgtyrant|Send Email]]<br />
* [[User:Xuchunyang|Xuchunyang]] &ndash; [[Special:Contributions/Acgtyrant|贡献]] &ndash; [[Special:EmailUser/Acgtyrant|Send Email]]<br />
* [[User:Stlt1sean|Stlt1sean]] &ndash; [[Special:Contributions/Stlt1sean|贡献]] &ndash; [[Special:EmailUser/Stlt1sean|Send Email]]<br />
* [[User:Carl_tw|Carl X. Su]] &ndash; [[Special:Contributions/Carl_tw|贡献]] &ndash; [[Special:EmailUser/Carl_tw|Send Email]]<br />
* [[User:SteamedFish|SteamedFish]] &ndash; [[Special:Contributions/SteamedFish|贡献]] &ndash; [[Special:EmailUser/SteamedFish|Send Email]]</div>Jack-lijing