https://wiki.archlinux.org/api.php?action=feedcontributions&user=JimRees&feedformat=atomArchWiki - User contributions [en]2024-03-29T11:11:27ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=Convert_FLAC_to_MP3&diff=724656Convert FLAC to MP32022-03-28T01:19:42Z<p>JimRees: /* See also */ CUE splitting</p>
<hr />
<div>[[Category:Audio]]<br />
[[ja:Flac を Mp3 に変換]]<br />
{{Related articles start}}<br />
{{Related|Convert any Movie to DVD Video}}<br />
{{Related articles end}}<br />
<br />
This article outlines different ways to transcode from FLAC to MP3. FLAC is a lossless audio format, so it is better for archival purposes, but it also takes up more disk space. The idea is to compress the files without creating a perceived loss in fidelity.<br />
<br />
== Packages ==<br />
* {{AUR|audiotools}} - Transcode between different formats and keep tags with {{ic|track2track}}, can encode from CDDA with {{ic|cdda2track}}, has an optional Ncurses GUI.<br />
* {{AUR|flac2all}} - Multi-threaded conversion of flac to 70+ other formats retaining all tags and metadata.<br />
* {{AUR|whatmp3}} - A small Python script that accepts a list of directories containing FLAC files as arguments and converts them to MP3 with the specified options.<br />
<br />
== Graphical applications ==<br />
<br />
*{{App|SoundConverter|A dedicated audio transcoding utility built for the [[GNOME]] desktop and relying on GStreamer. It can make use of [https://help.gnome.org/users/gnome-audio-profiles/stable/gnome-audio-profiles-usage.html.en GNOME Audio Profiles] and features multithreaded conversions. It can also extract the audio from videos.|https://soundconverter.org/|{{Pkg|soundconverter}}}}<br />
*{{App|soundKonverter|A Qt graphical frontend to various audio manipulation programs. Features conversion, ripping and other audio manipulation functionalities.|https://github.com/HessiJames/soundkonverter/wiki|{{Pkg|soundkonverter}}}}<br />
*{{App|[[Wikipedia:FFmpeg#Projects_using_FFmpeg|WinFF]]|A GUI for the powerful multimedia converter FFmpeg. Features dedicated profiles for audio transcoding.|https://github.com/WinFF/winff//|{{AUR|winff}}}}<br />
<br />
== Scripts ==<br />
<br />
In these two examples, FLAC files in current directory are encoded by the LAME MP3 encoder. Both scripts pass the ID3 tags from the FLAC files to the resulting MP3 files, and encode to MP3 V0. V0 results in a variable bitrate usually between 220-260 kbps. The audio of a V0 file is transparent, meaning one cannot tell the difference between the lossy file and the original source (compact disc/lossless), but yet the file size is significantly reduced. For more information on LAME switches/settings such as V0, visit the [https://wiki.hydrogenaudio.org/index.php?title=LAME Hydrogenaudio LAME Wiki].<br />
<br />
The original {{ic|.flac}} files are not modified and the resulting {{ic|.mp3}}s will be in the same directory. All files with extensions not matching {{ic|*.flac}} in the working directory ({{ic|.nfo}}, images, {{ic|.sfv}}, etc.) are ignored.<br />
<br />
=== Usage ===<br />
<br />
For ease of use, add the script to your {{ic|PATH}}. Open up a terminal, {{ic|cd}} to the directory of FLAC files that you wish to convert, and invoke {{ic|flac2mp3}} (or whatever you named the script). You will see the verbose decoding/encoding process in the terminal which may take a few moments. Done! At this point, it is trivial to {{ic|mv *.mp3}} all your new MP3s wherever you wish.<br />
<br />
=== With FFmpeg ===<br />
<br />
Chances are, your system already has [[FFmpeg]] installed, which brings in the {{Pkg|flac}} and {{Pkg|lame}} packages. FFmpeg has all the encoding and decoding facilities built in to do the job.<br />
<br />
{{bc|<br />
#!/bin/bash<br />
<br />
for a in ./*.flac; do<br />
< /dev/null ffmpeg -i "$a" -qscale:a 0 "${a[@]/%flac/mp3}"<br />
done<br />
}}<br />
<br />
==== Parallel version ====<br />
<br />
Since LAME is a single-threaded encoder, conversion can be accelerated by encoding multiple files concurrently on multiple cores. To do this, [[install]] the {{Pkg|parallel}} package, and run:<br />
<br />
parallel ffmpeg -i {} -qscale:a 0 {.}.mp3 ::: ./*.flac<br />
<br />
==== Parallel with recursion ====<br />
<br />
Fd is a fast, user-friendly alternative to [[find]]. This one liner avoids the "while read" loop, which may have performance implications according to a response on Stack Exchange. [https://unix.stackexchange.com/questions/169716/why-is-using-a-shell-loop-to-process-text-considered-bad-practice/] <br />
<br />
[[Install]] {{Pkg|fd}} first, then run:<br />
<br />
fd -t f -e flac -x ffmpeg -i "{}" -qscale:a 0 "{.}.mp3"<br />
<br />
==== Makefile for incremental recursive transcoding ====<br />
<br />
{{Warning|1=Makefiles do not handle spaces correctly, see [https://bbs.archlinux.org/viewtopic.php?pid=1506405#p1506405] for details.}}<br />
<br />
Besides transcoding in parallel with {{ic|make -j$(nproc)}}, this has the added benefit of not regenerating transcoded files that already exist on subsequent executions:<br />
<br />
{{bc|<nowiki><br />
SOURCE_DIR := flacdir<br />
XCODE_MP3_DIR := mp3dir<br />
# NOTE: see lame -v option for quality meaning<br />
XCODE_MP3_QUALITY := 0<br />
<br />
# Find .flac sources and determine corresponding targets<br />
flac_srcs := $(shell find $(SOURCE_DIR) -type f -name '*.flac')<br />
flac_2_mp3_tgts := $(patsubst $(SOURCE_DIR)/%.flac, $(XCODE_MP3_DIR)/%.mp3, \<br />
$(flac_srcs))<br />
<br />
.PHONY: all mp3 flac_2_mp3<br />
<br />
all: mp3 <br />
<br />
mp3: flac_2_mp3<br />
<br />
flac_2_mp3: $(flac_2_mp3_tgts)<br />
<br />
$(XCODE_MP3_DIR)/%.mp3: $(SOURCE_DIR)/%.flac<br />
@echo "converting -> $@"<br />
@mkdir -p "$(@D)"<br />
@ffmpeg -v error -i "$<" -codec:a libmp3lame \<br />
-q:a $(XCODE_MP3_QUALITY) "$(@)"<br />
</nowiki>}}<br />
<br />
=== Without FFmpeg ===<br />
<br />
If for some reason FFmpeg is not installed and you do not want to install it, you still need to have {{Pkg|flac}} and {{Pkg|lame}} installed. Here, the tagging process is more explicit using the metadata utility that comes with {{Pkg|flac}} and passing the information to {{Pkg|lame}}. The process duration will slightly increase since FLACs must first be decoded to WAVE and then fed into the MP3 encoder.<br />
<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
<br />
for a in ./*.flac; do<br />
# give output correct extension<br />
OUTF="${a[@]/%flac/mp3}"<br />
<br />
# get the tags<br />
ARTIST=$(metaflac "$a" --show-tag=ARTIST | sed s/.*=//g)<br />
TITLE=$(metaflac "$a" --show-tag=TITLE | sed s/.*=//g)<br />
ALBUM=$(metaflac "$a" --show-tag=ALBUM | sed s/.*=//g)<br />
GENRE=$(metaflac "$a" --show-tag=GENRE | sed s/.*=//g)<br />
TRACKNUMBER=$(metaflac "$a" --show-tag=TRACKNUMBER | sed s/.*=//g)<br />
DATE=$(metaflac "$a" --show-tag=DATE | sed s/.*=//g)<br />
<br />
# stream flac into the lame encoder<br />
flac -c -d "$a" | lame -V0 --add-id3v2 --pad-id3v2 --ignore-tag-errors \<br />
--ta "$ARTIST" --tt "$TITLE" --tl "$ALBUM" --tg "${GENRE:-12}" \<br />
--tn "${TRACKNUMBER:-0}" --ty "$DATE" - "$OUTF"<br />
done<br />
</nowiki>}}<br />
<br />
=== Recursively ===<br />
<br />
A useful extension of the above scripts is to let them recurse into all subdirectories of the working directory. To do so, replace the first line ({{ic|for .... do}}) with:<br />
<br />
find -type f -name "*.flac" -print0 | while read -d $'\0' a; do<br />
<br />
== See also ==<br />
<br />
* https://www.xiph.org/flac/<br />
* [[wikipedia:FLAC]]<br />
* http://lame.sourceforge.net/<br />
* https://wiki.hydrogenaudio.org/index.php?title=Flac - More information on FLAC.<br />
* [[CUE Splitting]] to split a single flac with cue sheet into multiple audio files</div>JimReeshttps://wiki.archlinux.org/index.php?title=Firefox&diff=691662Firefox2021-08-13T19:35:11Z<p>JimRees: /* Multimedia playback */ see talk page</p>
<hr />
<div>[[Category:Web browser]]<br />
[[Category:Mozilla]]<br />
[[ar:Firefox]]<br />
[[de:Firefox]]<br />
[[es:Firefox]]<br />
[[fr:Firefox]]<br />
[[ja:Firefox]]<br />
[[ko:Firefox]]<br />
[[ru:Firefox]]<br />
[[zh-hans:Firefox]]<br />
[[zh-hant:Firefox]]<br />
{{Related articles start}}<br />
{{Related|Firefox/Tweaks}}<br />
{{Related|Firefox/Profile on RAM}}<br />
{{Related|Firefox/Privacy}}<br />
{{Related|Browser extensions}}<br />
{{Related|Chromium}}<br />
{{Related|Opera}}<br />
{{Related articles end}}<br />
[https://www.mozilla.org/firefox Firefox] is a popular open source graphical web browser from [https://www.mozilla.org Mozilla].<br />
<br />
== Installing ==<br />
<br />
Firefox can be [[install]]ed with the {{Pkg|firefox}} package.<br />
<br />
Other alternatives include:<br />
<br />
* {{App|Firefox Developer Edition|for developers|https://www.mozilla.org/firefox/developer/|{{Pkg|firefox-developer-edition}}}}<br />
* {{App|Firefox Extended Support Release|long-term supported version|https://www.mozilla.org/firefox/organizations/|{{AUR|firefox-esr}} or {{AUR|firefox-esr-bin}}}}<br />
* {{App|Firefox Beta|cutting-edge version|https://www.mozilla.org/firefox/channel/desktop/#beta|{{AUR|firefox-beta}} or {{AUR|firefox-beta-bin}}}}<br />
* {{App|Firefox Nightly|nightly builds for testing ([https://developer.mozilla.org/Firefox/Experimental_features experimental features])|https://www.mozilla.org/firefox/channel/desktop/#nightly|{{AUR|firefox-nightly}}}} <br />
* {{App|Firefox KDE|Version of Firefox that incorporates an OpenSUSE patch for better [[#KDE integration|KDE integration]] than is possible through simple Firefox plugins.|https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox|{{AUR|firefox-kde-opensuse}}}}<br />
* On top of the different Mozilla build channels, a number of forks exist with more or less special features; see [[List of applications#Gecko-based]].<br />
<br />
A number of language packs are available for Firefox, other than the standard English. Language packs are usually named as {{ic|firefox-i18n-''languagecode''}} (where {{ic|''languagecode''}} can be any language code, such as '''de''', '''ja''', '''fr''', etc.). For a list of available language packs see [https://archlinux.org/packages/extra/any/firefox-i18n/ firefox-i18n] for {{Pkg|firefox}},[https://archlinux.org/packages/community/any/firefox-developer-edition-i18n/ firefox-developer-edition-i18n] for {{Pkg|firefox-developer-edition}} and [https://aur.archlinux.org/packages/?K=firefox-nightly- firefox-nightly-] for {{AUR|firefox-nightly}}.<br />
<br />
== Add-ons ==<br />
<br />
Firefox is well known for its large library of add-ons which can be used to add new features or modify the behavior of existing features. Firefox's "Add-ons Manager" is used to manage installed add-ons or find new ones. <br />
<br />
For instructions on how to install add-ons and a list of add-ons, see [[Browser extensions]].<br />
<br />
=== Adding search engines ===<br />
<br />
Search engines may be added to Firefox by creating bookmarks with the {{ic|Location}} field using search URLs completed with %s in place of the query and the {{ic|Keyword}} field completed with user-defined characters:<br />
<br />
Location:<br />
https://duckduckgo.com/html/?q=%s<br />
Keyword:<br />
d<br />
<br />
Searches are performed by pre-pending the search term with the keyword of the specified search engine: {{ic|d archwiki}} will query DuckDuckGo using the search term {{ic|archwiki}}<br />
<br />
Search engines may also be added to Firefox through add-on extensions, see [https://addons.mozilla.org/firefox/search-tools/ this page] for a list of available search tools and engines.<br />
<br />
A very extensive list of search engines can be found at the [https://mycroftproject.com/ Mycroft Project].<br />
<br />
Also, you can use the [https://firefox.maltekraus.de/extensions/add-to-search-bar add-to-searchbar] extension to add a search to your search bar from any web site, by simply right clicking on the site's search field and selecting ''Add to Search Bar...''<br />
<br />
==== firefox-extension-arch-search ====<br />
<br />
[[Install]] the {{AUR|firefox-extension-arch-search}} package to add Arch-specific searches (AUR, wiki, forum, packages, etc) to the Firefox search toolbar.<br />
<br />
== Plugins ==<br />
<br />
Support for all plugins, including Flash Player, was removed in Firefox 85.[https://support.mozilla.org/kb/npapi-plugins][https://support.mozilla.org/kb/end-support-adobe-flash]<br />
<br />
== Configuration ==<br />
<br />
Firefox exposes a number of configuration options. To examine them, enter in the Firefox address bar:<br />
<br />
about:config<br />
<br />
Once set, these affect the user's current profile, and may be synchronized across all devices via [https://www.mozilla.org/firefox/sync/ Firefox Sync]. Please note that only a subset of the {{ic|about:config}} entries are synchronized by this method, and the exact subset may be found by searching for {{ic|services.sync.prefs}} in {{ic|about:config}}. Additional preferences and third party preferences may be synchronized by creating new boolean entries prepending the config value with [https://support.mozilla.org/en-US/kb/sync-custom-preferences services.sync.prefs.sync]. To synchronize the whitelist for the extension [https://addons.mozilla.org/firefox/addon/noscript/ NoScript]:<br />
<br />
services.sync.prefs.sync.capability.policy.maonoscript.sites<br />
<br />
The boolean {{ic|noscript.sync.enabled}} must be set to {{ic|true}} to synchronize the remainder of NoScript's preferences via Firefox Sync.<br />
<br />
=== Settings storage ===<br />
<br />
Firefox stores the configuration for a profile via a {{ic|prefs.js}} in the profile folder, usually {{ic|~/.mozilla/firefox/xxxxxxxx.default/}}. <br />
<br />
Firefox also allows configuration for a profile via a {{ic|user.js}} file: [http://kb.mozillazine.org/User.js_file user.js] kept also in the profile folder. A {{ic|user.js}} configuration supersedes a {{ic|prefs.js}}. For a useful starting point, see e.g [https://github.com/pyllyukko/user.js custom user.js] which is targeted at privacy/security conscious users.<br />
<br />
One drawback of the above approach is that it is not applied system-wide. Furthermore, this is not useful as a "pre-configuration", since the profile directory is created after first launch of the browser. You can, however, let ''firefox'' create a new profile and, after closing it again, [https://support.mozilla.org/en-US/kb/back-and-restore-information-firefox-profiles#w_restoring-a-profile-backup copy the contents] of an already created profile folder into it. <br />
<br />
Sometimes it may be desired to lock certain settings, a feature useful in widespread deployments of customized Firefox. In order to create a system-wide configuration, follow the steps outlined in [http://kb.mozillazine.org/Locking_preferences Locking preferences]:<br />
<br />
1. Create {{ic|/usr/lib/firefox/defaults/pref/local-settings.js}}:<br />
<br />
pref("general.config.obscure_value", 0);<br />
pref("general.config.filename", "mozilla.cfg");<br />
<br />
2. Create {{ic|/usr/lib/firefox/mozilla.cfg}} (this stores the actual configuration):<br />
<br />
//<br />
//...your settings...<br />
// e.g to disable Pocket, uncomment the following lines<br />
// lockPref("extensions.pocket.enabled", false);<br />
// lockPref("browser.newtabpage.activity-stream.feeds.section.topstories", false);<br />
<br />
Please note that the first line must contain exactly {{ic|//}}. The syntax of the file is similar to that of {{ic|user.js}}.<br />
<br />
=== Multimedia playback ===<br />
<br />
Firefox uses [[FFmpeg]] for playing multimedia inside HTML5 {{ic|<audio>}} and {{ic|<video>}} elements. Go to [http://demo.nimius.net/video_test/ video-test page] or [https://hpr.dogphilosophy.net/test/ audio-test page] to check which formats are actually supported.<br />
<br />
Firefox uses [[PulseAudio]] for audio playback and capture. If PulseAudio is not installed, Firefox uses [[alsa]] instead.<br />
<br />
==== HTML5 DRM/Widevine ====<br />
<br />
Widevine is a digital rights management tool that Netflix, Amazon Prime Video, and others use to protect their video content. It can be enabled in ''Preferences > General > Digital Rights Management (DRM) Content''. If you visit a Widevine-enabled page when this setting is disabled, Firefox will display a prompt below the address bar asking for permission to install DRM. Approve this and then wait for the "Downloading" bar to disappear, you are now able to watch videos from Widevine protected sites. <br />
<br />
Firefox can only play 720p video (or lower) with Widevine, due to not using [https://bugzilla.mozilla.org/show_bug.cgi?id=1700815 hardware DRM playback]. It is also required that the private mode browsing is disabled, for the window and in the preferences.<br />
<br />
==== Open With extension ====<br />
<br />
# Install [https://addons.mozilla.org/firefox/addon/open-with/ Open With] add-on.<br />
# Go to ''Add-ons > Open With > Preferences''.<br />
# Proceed with instructions to install a file in your system and test the installation. <br />
# Click ''Add browser''.<br />
# In the dialog write a name for this menu entry and command to start a video streaming capable player (e.g. [[mpv|/usr/bin/mpv]]).<br />
# (Optional step) Add needed arguments to the player (e.g. you may want {{ic|--force-window --ytdl}} for ''mpv'')<br />
# Right click on links or visit pages containing videos. Select newly created entry from Open With's menu and if the site is supported, the player will open as expected.<br />
<br />
The same procedure can be used to associate video downloaders such as ''youtube-dl''.<br />
<br />
==== Hardware video acceleration ====<br />
<br />
[[Hardware video acceleration]] via VA-API is available under [[Wayland]] [https://mastransky.wordpress.com/2020/06/03/firefox-on-fedora-finally-gets-va-api-on-wayland/] and X.org [https://bugzilla.mozilla.org/show_bug.cgi?id=1619523] [https://www.phoronix.com/scan.php?page=news_item&px=Firefox-80-VA-API-X11].<br />
<br />
To enable VA-API in Firefox:<br />
<br />
# Ensure that your video card is correctly configured for VA-API:<br />
#* See [[Hardware video acceleration]] for steps to verify and install VA-API drivers if required.<br />
# Use a compositor that supports hardware acceleration, either:<br />
#* WebRender from the new Servo browser engine, which can be enabled as explained in [[/Tweaks#Enable WebRender compositor]]. It is enabled by default in GNOME and other desktop environments [https://mastransky.wordpress.com/2021/01/10/firefox-were-finally-getting-hw-acceleration-on-linux/].<br />
#* Gecko's legacy OpenGL back-end, which can be enabled as explained in [[/Tweaks#Enable Legacy OpenGL compositor]].<br />
# Set the following flags in {{ic|about:config}}:<br />
#* {{ic|media.ffmpeg.vaapi.enabled}} to {{ic|true}} in order to enable the use of VA-API with FFmpeg.<br />
#* {{ic|media.ffvpx.enabled}} to {{ic|false}} to disable the internal decoders for VP8/VP9. This is necessary despite [https://bugzilla.mozilla.org/show_bug.cgi?id=1660336 this bug] being fixed [https://bugzilla.mozilla.org/show_bug.cgi?id=1720363#c6][https://bugzilla.mozilla.org/show_bug.cgi?id=1683808].<br />
#* {{ic|media.rdd-vpx.enabled}} to {{ic|false}} to disable the remote data decoder process for VP8/VP9. As of Firefox 85 its sandbox blocks VA-API access [https://bugzilla.mozilla.org/show_bug.cgi?id=1673184].<br />
#* {{ic|media.navigator.mediadatadecoder_vpx_enabled}} to {{ic|true}} to enable hardware VA-API decoding for WebRTC [https://bugzilla.mozilla.org/show_bug.cgi?id=1709009].<br />
#* If you experience page crashes, try setting {{ic|security.sandbox.content.level}} to {{ic|0}} when {{ic|media.rdd-vpx.enabled}} is set to {{ic|false}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1720363#c9].<br />
# Run Firefox with the following [[environment variable]] enabled:<br />
#* {{ic|1=MOZ_DISABLE_RDD_SANDBOX=1}} to disable RDD sandbox, see [https://mastransky.wordpress.com/2020/03/16/wayland-x11-how-to-run-firefox-in-mixed-environment/].<br />
#* In Wayland, with {{ic|1=MOZ_ENABLE_WAYLAND=1}}, see [[#Wayland]].<br />
#* In X.org, with {{ic|1=MOZ_X11_EGL=1}} or set {{ic|gfx.x11-egl.force-enabled}} to {{ic|true}} and {{ic|gfx.x11-egl.force-disabled}} to {{ic|false}} in {{ic|about:config}}.<br />
<br />
{{Tip|<br />
* As well as following [[Hardware video acceleration#Verification]], one can confirm VA-API usage by checking Firefox VA-API logs. Run Firefox with the {{ic|1=MOZ_LOG="PlatformDecoderModule:5"}} environment variable and check in the log output that VA-API is enabled and used (search for the "VA-API" string) when playing a video for example. Pay attention to these logs as they might indicate that only one of the two possible compositors described before (WebRender or OpenGL) works with VA-API on your particular setup.<br />
* To allow hardware decoding in YouTube, the video codec used must be supported by the hardware. The profiles supported by your GPU can be checked with [[Hardware video acceleration#Verifying VA-API]] and the YouTube codecs used can ''sometimes'' (if offered by YouTube!) be controlled with the [https://addons.mozilla.org/firefox/addon/h264ify/ h264ify] or [https://addons.mozilla.org/firefox/addon/enhanced-h264ify/ enhanced-h264ify] extensions. Alternatively, you can install {{AUR|firefox-h264ify}}.<br />
}}<br />
<br />
{{Note|1=<nowiki/><br />
* NVIDIA's proprietary driver potentially has support for DMA-BUF in the 470 drivers [https://bugs.kde.org/show_bug.cgi?id=428089#c2][https://www.phoronix.com/scan.php?page=news_item&px=NVIDIA-DMA-BUF-Wayland-KDE]. DMA-BUF is necessary for hardware video acceleration in Firefox [https://bugzilla.mozilla.org/show_bug.cgi?id=1669189#c4]. If DMA-BUF support is present {{Pkg|libva-vdpau-driver}} will be necessary as Firefox does not natively support [[VDPAU]].<br />
* Currently Firefox's VA-API implemention can decode H.264/AVC, VP8 & VP9 encoded video. AV1 support may be added in the future [https://bugzilla.mozilla.org/show_bug.cgi?id=1652958].<br />
* Multi-GPU systems should automatically choose a suitable GPU for VA-API according to this [https://bugzilla.mozilla.org/show_bug.cgi?id=1588904#c36 solved issue].<br />
* Some videos (e.g. YouTube VR) may show a black image after setting {{ic|media.ffvpx.enabled}} to {{ic|false}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1667537].<br />
* There are some lingering sandboxing issues which prevent this feature being enabled by default.<br />
** Older Firefox versions sometimes needed setting the {{ic|security.sandbox.content.level}} flag to {{ic|0}} (disabling sandbox protection), to use VA-API with the intel iHD driver {{Pkg|intel-media-driver}} due to [https://bugzilla.mozilla.org/show_bug.cgi?id=1619585]. Fortunately, this specific issue does not seem to exist now [https://bugzilla.mozilla.org/show_bug.cgi?id=1619585#c42].<br />
*** As of Firefox 88 both the Intel iHD {{Pkg|intel-media-driver}} and the i965 {{Pkg|libva-intel-driver}} drivers both work well with VA-API in Firefox, meaning one does not need to pick the correct driver anymore.<br />
** However, there are still RDD sandboxing bugs. Specifically, VP8/VP9 decoding is affected by this Intel and AMD [https://bugzilla.mozilla.org/show_bug.cgi?id=1683808 sandboxing bug]. As mentioned in the above instructions, setting {{ic|media.rdd-vpx.enabled}} to {{ic|false}} bypasses the sandboxed RDD process, solving the issue.<br />
** In the future VA-API should be properly sandboxed, since disabling sandboxes is generally not ideal, and this feature will not be shipped by default without sandboxing [https://bugzilla.mozilla.org/show_bug.cgi?id=1619585#c23].<br />
* [[AMDGPU]] users under {{Pkg|linux-hardened}} may need to rebuild ''linux-hardened'' with {{ic|1=CONFIG_CHECKPOINT_RESTORE=y}} due to {{Pkg|mesa}} [https://gitweb.gentoo.org/repo/gentoo.git/tree/media-libs/mesa/mesa-9999.ebuild requiring the kcmp syscall]. This may no longer be necessary due to this [https://bugzilla.mozilla.org/show_bug.cgi?id=1624743 bug being solved].<br />
}}<br />
<br />
=== Spell checking ===<br />
<br />
Firefox can use system-wide installed [[Hunspell]] dictionaries as well as dictionaries installed through its own extension system.<br />
<br />
To enable spell checking for a specific language right click on any text field and check the ''Check Spelling'' box. To select a language for spell checking to you have right click again and select your language from the ''Languages'' sub-menu.<br />
<br />
When your default language choice does not stick, see [[#Firefox does not remember default spell check language]].<br />
<br />
==== System-wide Hunspell dictionaries ====<br />
<br />
Install [[Hunspell]] and its dictionaries for the languages you require.<br />
<br />
==== Dictionaries as extensions ====<br />
<br />
To get more languages right click on any text field and just click ''Add Dictionaries...'' and select the dictionary you want to install from the [https://addons.mozilla.org/firefox/language-tools/ Dictionaries and Language Packs list].<br />
<br />
{{Tip|For Russian, the extension is packaged as {{Pkg|firefox-spell-ru}}.}}<br />
<br />
=== KDE integration ===<br />
<br />
* To bring the [[KDE]] look to GTK apps (including Firefox), install {{Pkg|breeze-gtk}} and {{Pkg|kde-gtk-config}}. Afterwards, go to System Settings and in ''Appearance > Application Style > Configure GNOME/GTK Application Style…'' choose 'Breeze'.<br />
* To use the KDE file selection and print dialogs in Firefox 64 or newer, install {{Pkg|xdg-desktop-portal}} and {{Pkg|xdg-desktop-portal-kde}}, then do one of the following:<br />
** Set {{ic|widget.use-xdg-desktop-portal}} to {{ic|true}} in {{ic|about:config}}.<br />
** Launch firefox with {{ic|1=GTK_USE_PORTAL=1}} [[environment variable]].<br />
* For integration with [[KDE]] MIME type system, proxy and file dialog, one can use {{AUR|firefox-kde-opensuse}} variant from AUR with OpenSUSE’s patches applied. Alternatively, integration with MIME types can be achieved by creating a symbolic link to the MIME database {{ic|~/.config/mimeapps.list}} from the deprecated {{ic|~/.local/share/applications/mimeapps.list}} that is used by Firefox. See [[XDG MIME Applications#mimeapps.list]].<br />
* Extensions/add-ons may provide additional integration, such as:<br />
** Browser integration in [[Plasma]]: requires {{Pkg|plasma-browser-integration}} and the [https://addons.mozilla.org/firefox/addon/plasma-integration/ Plasma Integration add-on].<br />
<br />
== Tips and tricks ==<br />
<br />
For general enhancements see [[Firefox/Tweaks]], for privacy related enhancements see [[Firefox/Privacy]].<br />
<br />
=== Dark themes ===<br />
<br />
If a dark [[GTK]] theme is in use (e.g. Arc Dark), it is recommended to start Firefox with a brighter one (e.g. Adwaita). See [[GTK#Themes]] and [[Firefox/Tweaks#Unreadable input fields with dark GTK themes]] for more information.<br />
<br />
Alternatively, starting with Firefox 68 you can make all the Firefox interfaces and even other websites respect dark themes, irrespective of the system GTK theme and Firefox theme. To do this, set {{ic|browser.in-content.dark-mode}} to {{ic|true}} and {{ic|ui.systemUsesDarkTheme}} to {{ic|1}} in {{ic|about:config}} [https://bugzilla.mozilla.org/show_bug.cgi?id=1488384#c23].<br />
<br />
=== Frame rate ===<br />
<br />
If Firefox is unable to automatically detect the right value, it will default to 60 fps. To manually correct this, set {{ic|layout.frame_rate}} to the refresh rate of your monitor (e.g. 144 for 144 Hz).<br />
<br />
=== Memory limit ===<br />
<br />
To prevent pages from abusing memory (and possible [[Wikipedia:Out_of_memory|OOM]]), we can use [[Firejail]] with the {{ic|rlimit-as}} option.<br />
<br />
=== New tabs position ===<br />
<br />
To control where new tabs appears (relative or absolute), use {{ic|browser.tabs.insertAfterCurrent}} and {{ic|browser.tabs.insertRelatedAfterCurrent}}. See [https://support.mozilla.org/en/questions/1229062] for more information.<br />
<br />
=== Screenshot of webpage ===<br />
<br />
You can ''Take a Screenshot'' by either clicking the ''Page actions'' button (the three horizontal dots) in the address bar or by right-clicking on the webpage. See [https://support.mozilla.org/en-US/kb/firefox-screenshots] for more information.<br />
<br />
As an alternative you can use the screenshot button in the [https://developer.mozilla.org/en-US/docs/Tools/Taking_screenshots Developer Tools].<br />
<br />
=== Wayland ===<br />
<br />
More recent versions of Firefox support opting into [[Wayland]] mode via an environment variable.<br />
<br />
$ MOZ_ENABLE_WAYLAND=1 firefox<br />
<br />
To make this permanent, see [[Environment variables#Graphical environment]] and start Firefox via the desktop launcher like you normally would. To verify it worked check the ''Window Protocol'' again.<br />
<br />
You may enter {{ic|about:support}} in the URL bar to check the ''Window Protocol''. It should say ''wayland'' instead of ''x11'' or ''xwayland''.<br />
<br />
On native Wayland Firefox rendering performance can be significantly improved by setting {{ic|gfx.webrender.compositor.force-enabled}} to true in {{ic|about:config}}. As of Firefox 89, this feature is experimental and Firefox Nightly is recommended for testing.<br />
<br />
All rendering is allowed to occur in native compositor surfaces, resulting in more efficient rendering, improving performance and battery life [https://bugzilla.mozilla.org/show_bug.cgi?id=1617498]. Ensure [[/Tweaks#Enable WebRender compositor]] is also enabled and working. GNOME 40.1/3.38.5 or KDE 5.22 or later are considered testable compositors [https://bugzilla.mozilla.org/show_bug.cgi?id=1617498#c13].<br />
<br />
=== Window manager rules ===<br />
<br />
To apply different configurations to Firefox windows, change the WM_CLASS string by using Firefox's {{ic|--class}} option, to a custom one.<br />
<br />
==== Profiles ====<br />
<br />
To start new Firefox instances, multiple profiles are required. To create a new profile:<br />
<br />
$ firefox [--new-instance] -P<br />
<br />
Class can be specified when launching Firefox with a not-in-use profile:<br />
<br />
$ firefox [--new-instance] -P ''profile_name'' --class=''class_name''<br />
<br />
=== Touchscreen gestures and pixel-perfect trackpad scrolling ===<br />
<br />
{{Merge|Firefox/Tweaks#Enable touchscreen gestures|Same solution.}}<br />
<br />
To enable touch gestures (like scrolling and pinch-to-zoom) and one-to-one trackpad scrolling (as can be witnessed with GTK3 applications like Nautilus), set the {{ic|1=MOZ_USE_XINPUT2=1}} [[environment variable]] before starting Firefox.<br />
<br />
=== Multiple home pages ===<br />
<br />
To have multiple tabs opened when starting Firefox open a new window and then open the sites you want to have as "home tabs".<br />
<br />
Now go to ''Preferences > Home'' and under ''Homepage and new windows'' click the ''Use Current Pages'' button.<br />
<br />
Alternatively go directly to ''Preferences > Home'' and now under ''Homepage and new windows'' set the first field to ''Custom URLs..'' and enter the pages you want as new home pages in the following format:<br />
<br />
<nowiki>https://url1.com|https://url2.com|https://url3.com</nowiki><br />
<br />
== Troubleshooting ==<br />
<br />
=== Safe Mode ===<br />
<br />
The command line switch {{ic|--safe-mode}} starts Firefox in [http://kb.mozillazine.org/Safe_Mode Safe Mode], which disables extensions, themes and some other features for this session.<br />
<br />
=== Disable hardware video acceleration ===<br />
<br />
To force disable hardware video acceleration in Firefox, e.g. in case of freezes, start Firefox in [[#Safe Mode|Safe Mode]] or set {{ic|layers.acceleration.disabled}} to {{ic|true}} in {{ic|about:config}}.<br />
<br />
=== Extension X does not work on some Mozilla owned domains ===<br />
<br />
By default extensions will not affect pages designated by {{ic|extensions.webextensions.restrictedDomains}}. If this is not desired, this field can be cleared (special pages such as {{ic|about:*}} will not be affected).<br />
<br />
=== Firefox startup takes very long ===<br />
<br />
If Firefox takes much longer to start up than other browsers, it may be due to lacking configuration of the localhost in {{ic|/etc/hosts}}. See [[Network configuration#Local network hostname resolution]] on how to set it up.<br />
<br />
=== Font troubleshooting ===<br />
<br />
See [[Font configuration]].<br />
<br />
Firefox has a setting which determines how many replacements it will allow from fontconfig. To allow it to use all your replacement-rules, change {{ic|gfx.font_rendering.fontconfig.max_generic_substitutions}} to {{ic|127}} (the highest possible value).<br />
<br />
Firefox ships with ''Twemoji Mozilla'' font. To use system emoji font set {{ic|font.name-list.emoji}} to {{ic|emoji}} in {{ic|about:config}}.<br />
<br />
Firefox has problems with [[Emoji]] presentation [https://bugzilla.mozilla.org/show_bug.cgi?id=1509988]. Set {{ic|gfx.font_rendering.fontconfig.max_generic_substitutions}} to {{ic|0}} as workaround.<br />
<br />
=== Setting an email client ===<br />
<br />
Inside the browser, {{ic|mailto}} links by default are opened by a web application such as Gmail or Yahoo Mail. To set an external email program, go to ''Preferences > Applications'' and modify the ''action'' corresponding to the {{ic|mailto}} content type; the file path will need to be designated (e.g. {{ic|/usr/bin/kmail}} for Kmail).<br />
<br />
Outside the browser, {{ic|mailto}} links are handled by the {{ic|x-scheme-handler/mailto}} mime type, which can be easily configured with [[xdg-mime]]. See [[Default applications]] for details and alternatives.<br />
<br />
=== File association ===<br />
<br />
See [[Default applications]].<br />
<br />
=== Firefox keeps creating ~/Desktop even when this is not desired ===<br />
<br />
Firefox uses {{ic|~/Desktop}} as the default place for download and upload files. To change it to another folder, set the {{ic|XDG_DESKTOP_DIR}} option as explained in [[XDG user directories]].<br />
<br />
=== Make plugins respect blocked pop-ups ===<br />
<br />
Some plugins can misbehave and bypass the default settings, such as the Flash plugin. You can prevent this by doing the following:<br />
<br />
# Type {{ic|about:config}} into the address bar.<br />
# Right-click on the page and select ''New > Integer''.<br />
# Name it {{ic|privacy.popups.disable_from_plugins}}.<br />
# Set the value to {{ic|2}}.<br />
<br />
The possible values are:<br />
<br />
* {{ic|'''0'''}}: Allow all popups from plugins.<br />
* {{ic|'''1'''}}: Allow popups, but limit them to {{ic|dom.popup_maximum}}.<br />
* {{ic|'''2'''}}: Block popups from plugins.<br />
* {{ic|'''3'''}}: Block popups from plugins, even on whitelisted sites.<br />
<br />
=== Changes to userChrome.css and userContent.css are ignored ===<br />
<br />
Set {{ic|toolkit.legacyUserProfileCustomizations.stylesheets}} to {{ic|true}} in {{ic|about:config}}<br />
<br />
=== Middle-click behavior ===<br />
<br />
To use the middle mouse button to paste whatever text has been highlighted/added to the clipboard, as is common in UNIX-like operating systems, set either {{ic|middlemouse.contentLoadURL}} or {{ic|middlemouse.paste}} to {{ic|true}} in {{ic|about:config}}. Having {{ic|middlemouse.contentLoadURL}} enabled was the default behaviour prior to Firefox 57.<br />
<br />
To scroll on middle-click (default for Windows browsers) set {{ic|general.autoScroll}} to {{ic|true}}.<br />
<br />
=== Backspace does not work as the 'Back' button ===<br />
<br />
According to [http://kb.mozillazine.org/Browser.backspace_action MozillaZine], the {{ic|Backspace}} key was mapped based on which platform the browser was running on. As a compromise, this preference was created to allow the {{ic|Backspace}} key to either go back/forward, scroll up/down a page, or do nothing.<br />
<br />
To make {{ic|Backspace}} go back one page in the tab's history and {{ic|Shift+Backspace}} go forward, set {{ic|browser.backspace_action}} to {{ic|0}} in {{ic|about:config}}.<br />
<br />
To have the {{ic|Backspace}} key scroll up one page and {{ic|Shift+Backspace}} scroll down one page, set {{ic|browser.backspace_action}} to {{ic|1}}. Setting this property to any other value will leave the key unmapped (Arch Linux defaults to {{ic|2}}, in other words, it is unmapped by default).<br />
<br />
=== Firefox does not remember login information ===<br />
<br />
It may be due to a corrupted {{ic|cookies.sqlite}} file in [https://support.mozilla.org/en-US/kb/profiles-where-firefox-stores-user-data Firefox's profile] folder. In order to fix this, just rename or remove {{ic|cookie.sqlite}} while Firefox is not running.<br />
<br />
Open a terminal of choice and type the following:<br />
<br />
$ rm -f ~/.mozilla/firefox/<profile id>.default/cookies.sqlite<br />
<br />
The profile id is a random 8 character string.<br />
<br />
Restart Firefox and see if it solved the problem.<br />
<br />
If it did not work, check if there exists a {{ic|cookies.sqlite.bak}} file that you could use to manually restore the cookies.<br />
<br />
=== Cannot enter/leave fullscreen ===<br />
<br />
If Firefox detects an [https://specifications.freedesktop.org/wm-spec/wm-spec-latest.html EWMH/ICCCM] compliant window manager, it will try to send a WM_STATE message to the root window to request Firefox be made to enter (or leave) full-screen mode (as defined by the window manager). Window managers are allowed to ignore it, but if they do, Firefox will assume the request got denied and propagate it to the end user which results in nothing happening. This may result in not being able to full screen a video. A general workaround is to set the {{ic|full-screen-api.ignore-widgets}} to {{ic|true}} in {{ic|about:config}}. <br />
<br />
Related bug reports: [https://bugzilla.mozilla.org/show_bug.cgi?id=1189622 Bugzilla 1189622].<br />
<br />
=== Firefox detects the wrong version of my plugin ===<br />
<br />
When you close Firefox, the latter saves the current timestamp and version of your plugins inside {{ic|pluginreg.dat}} located in your profile folder, typically in {{ic|~/.mozilla/firefox/''xxxxxxxx''.default/}}.<br />
<br />
If you upgraded your plugin when Firefox was still running, you will thus have the wrong information inside that file. The next time you will restart Firefox you will get that message {{ic|Firefox has prevented the outdated plugin "XXXX" from running on ...}} when you will be trying to open content dedicated to that plugin on the web. This problem often appears with the official [[Browser plugins#Adobe Flash Player|Adobe Flash Player plugin]] which has been upgraded while Firefox was still running.<br />
<br />
The solution is to remove the file {{ic|pluginreg.dat}} from your profile and that is it. Firefox will not complain about the missing file as it will be recreated the next time Firefox will be closed. [https://bugzilla.mozilla.org/show_bug.cgi?id=1109795#c16]<br />
<br />
=== JavaScript context menu does not appear on some sites ===<br />
<br />
You can try setting {{ic|dom.w3c_touch_events.enabled}} to {{ic|0}} in {{ic|about:config}}.<br />
<br />
=== Firefox does not remember default spell check language ===<br />
<br />
The default spell checking language can be set as follows:<br />
<br />
# Type {{ic|about:config}} in the address bar.<br />
# Set {{ic|spellchecker.dictionary}} to your language of choice, for instance {{ic|en_GB}}.<br />
# Notice that the for dictionaries installed as a Firefox plugin the notation is {{ic|en-GB}}, and for {{Pkg|hunspell}} dictionaries the notation is {{ic|en_GB}}.<br />
<br />
When you only have system wide dictionaries installed with {{Pkg|hunspell}}, Firefox might not remember your default dictionary language settings. This can be fixed by having at least one [https://addons.mozilla.org/firefox/language-tools/ dictionary] installed as a Firefox plugin. Notice that now you will also have a tab ''Dictionaries'' in ''Add-ons''. You may have to change the order of ''preferred language for displaying pages'' in {{ic|about:preferences#general}} to make the spell check default to the language of the addon dictionary.<br />
<br />
Related questions on the '''StackExchange''' platform: [https://stackoverflow.com/questions/26936792/change-firefox-spell-check-default-language/29446115], [https://stackoverflow.com/questions/21542515/change-default-language-on-firefox/29446353], [https://askubuntu.com/questions/184300/how-can-i-change-firefoxs-default-dictionary/576877]<br />
<br />
Related bug reports: [https://bugzilla.mozilla.org/show_bug.cgi?id=776028 Bugzilla 776028], [https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1026869 Ubuntu bug 1026869]<br />
<br />
=== Some MathML symbols are missing ===<br />
<br />
You need some Math fonts, namely Latin Modern Math and STIX (see this MDN page: [https://developer.mozilla.org/en-US/docs/Mozilla/MathML_Project/Fonts#Linux]), to display MathML correctly.<br />
<br />
In Arch Linux, these fonts are provided by {{Pkg|texlive-core}} '''and''' {{Pkg|texlive-fontsextra}}, but they are not available to fontconfig by default. See [[TeX Live#Making fonts available to Fontconfig]] for details. You can also try other [[Fonts#Math|Math fonts]]. In case you encounter this bug [https://bugzilla.mozilla.org/show_bug.cgi?id=1208776] installing {{Pkg|otf-latinmodern-math}} can help.<br />
<br />
=== Tearing video in fullscreen mode ===<br />
<br />
If you are using the Xorg Intel or Nouveau drivers and experience tearing video in fullscreen mode, try [[Firefox/Tweaks#Enable Legacy OpenGL compositor]].<br />
<br />
=== Tearing when scrolling ===<br />
<br />
Try disabling smooth scrolling in ''Preferences > Browsing''.<br />
<br />
=== Firefox WebRTC module cannot detect a microphone ===<br />
<br />
WebRTC applications for instance [https://mozilla.github.io/webrtc-landing/gum_test.html Firefox WebRTC getUserMedia test page] say that microphone cannot be found. Issue is reproducible for both ALSA or PulseAudio setup. Firefox debug logs show the following error:<br />
<br />
{{hc|1=$ NSPR_LOG_MODULES=MediaManager:5,GetUserMedia:5 firefox|2=<br />
...<br />
[Unnamed thread 0x7fd7c0654340]: D/GetUserMedia VoEHardware:GetRecordingDeviceName: Failed 1<br />
}}<br />
<br />
You can try setting {{ic|media.navigator.audio.full_duplex}} property to {{ic|false}} at {{ic|about:config}} Firefox page and restart Firefox.<br />
<br />
This can also help if you are using the PulseAudio [[PulseAudio#Microphone echo/noise cancellation|module-echo-cancel]] and Firefox does not recognise the virtual echo canceling source.<br />
<br />
=== Cannot login with my Chinese account ===<br />
<br />
Firefox provides a local service for Chinese users, with a local account totally different from the international one. Firefox installed with the {{Pkg|firefox}} package uses the international account system by default, to change into the Chinese local service, you should install the add-on manager on [http://mozilla.com.cn/thread-343905-1-1.html this page], then you can login with your Chinese account now.<br />
<br />
=== No audio on certain videos when using JACK and PulseAudio ===<br />
<br />
If you are using JACK in combination with PulseAudio and cannot hear any sound on some videos it could be because those videos have mono audio. This happens if your JACK setup uses more than just stereo, but you use normal headphones. To fix this you simply have to connect the {{ic|front-center}} port from the PulseAudio JACK Sink to both {{ic|playback_1}} and {{ic|playback_2}} ports of the system output.<br />
<br />
You can also do this automatically using a script:<br />
<br />
{{hc|jack-mono.sh<br />
|2=#!/bin/sh<br />
jack_connect "PulseAudio JACK Sink:front-center" "system:playback_1"<br />
jack_connect "PulseAudio JACK Sink:front-center" "system:playback_2"<br />
}}<br />
<br />
Keep in mind that the names for the sink and the ports might be different for you. You can check what your JACK setup looks like with a Patchbay like Catia from {{Pkg|cadence}}.<br />
<br />
=== Geolocation does not work ===<br />
<br />
Recently, Google limited the use of its location service with Arch Linux, which causes the following error when geolocation is enabled on a website: {{ic|Geolocation error: Unknown error acquiring position}}. Region-locked services such as [https://www.hulu.com/ Hulu] may display a similar error indicating that your location could not be determined even though you have allowed location services for the site.<br />
<br />
To avoid these problems, you can switch to use the [https://location.services.mozilla.com/ Mozilla Location Service]. In {{ic|about:config}} change the {{ic|geo.provider.network.url}} setting to:<br />
<br />
<nowiki>https://location.services.mozilla.com/v1/geolocate?key=%MOZILLA_API_KEY%</nowiki><br />
<br />
See {{Bug|65241}} for more details.<br />
<br />
=== Right mouse button instantly clicks the first option in window managers ===<br />
<br />
This problem has been observed in [[i3]], [[bspwm]] and [[xmonad]].<br />
<br />
To fix it, navigate to {{ic|about:config}} and change {{ic|ui.context_menus.after_mouseup}} to {{ic|true}}.<br />
<br />
See [https://www.reddit.com/r/i3wm/comments/88k0yt/right_mouse_btn_instantly_clicks_first_option_in/]<br />
<br />
=== Applications on Wayland can not launch Firefox ===<br />
<br />
Some applications running in XWayland mode try to launch the X11 edition of Firefox. If the browser already runs in Wayland native mode, the user will receive the error {{ic|Firefox is already running, but is not responding. To use Firefox, you must first close the existing Firefox process, restart your device, or use a different profile.}} while Firefox itself is fully operational. <br />
<br />
This can be worked around by setting the [[environment variable]] {{ic|1=MOZ_DBUS_REMOTE=1}}.<br />
<br />
{{Note|1=It is not sufficient to only set this variable in the ''.desktop'' file for Firefox, as it must be set for either the whole session or all XWayland applications. Consider additionally setting [[#Wayland]] globally. [https://bugzilla.mozilla.org/show_bug.cgi?id=1508803]}}<br />
<br />
=== Firefox window does not repaint after disabling or enabling compositing ===<br />
<br />
Unset the environment variable {{ic|MOZ_X11_EGL}}.<br />
<br />
Related bug report: [https://bugzilla.mozilla.org/show_bug.cgi?id=1711039 Bugzilla 1711039].<br />
<br />
=== Firefox continuously asks to be set as default browser upon launch ===<br />
<br />
There are a couple things you can try: if you are using a [[desktop environment]], check if Firefox is set as the default browser in your system settings. If it is not, then set it, otherwise you can run the following {{man|1|xdg-settings}} command, provided by the [[xdg-utils]] package, to query which browser is set as default on your system:<br />
<br />
$ xdg-settings get default-web-browser<br />
<br />
If no value is returned or it is not Firefox, then run this command to set it:<br />
<br />
$ xdg-settings set default-web-browser firefox.desktop<br />
<br />
If Firefox still asks to be set as the default browser, then it may be quieted if it is set to handle ''http'' and ''https'' URL schemes. To do so, run these {{man|1|xdg-mime}} commands: <br />
<br />
$ xdg-mime default firefox.desktop x-scheme-handler/http<br />
$ xdg-mime default firefox.desktop x-scheme-handler/https<br />
<br />
If those do not work either, check if you have set the environment variable {{ic|GTK_USE_PORTAL}} (all values trigger the bug), in which case, unset it. Related bug report: [https://bugzilla.mozilla.org/show_bug.cgi?id=1516290 Bugzilla 1516290]. If that does not work or you did not set it, navigate Firefox to {{ic|about:config}}, check if the variable {{ic|widget.use-xdg-desktop-portal}} is set to {{ic|true}} and, if so, set it to {{ic|false}}.<br />
<br />
=== Video stuttering ===<br />
<br />
If you experience video stuttering and you notice that Firefox is only hitting one core at 100% when watching videos (especially higher resolution videos), this might help you.<br />
<br />
Go into {{ic|about:config}} and search for {{ic|dom.ipc.processCount}} and change {{ic|dom.ipc.processCount.file}} from 1 to a higher number. An ad hoc method to find a good number is to increase it one at a time until you get good results, but 4 seems to be a good value.<br />
<br />
== See also ==<br />
<br />
* [https://www.mozilla.org/firefox/ Official website]<br />
* [https://www.mozilla.org/ Mozilla Foundation]<br />
* [[MozillaWiki:Firefox]]<br />
* [[Wikipedia:Mozilla Firefox]]<br />
* [https://addons.mozilla.org/ Firefox Add-ons]<br />
* [https://addons.mozilla.org/firefox/themes/ Firefox themes]<br />
* [https://ftp.mozilla.org/pub/firefox/releases/ Mozilla's FTP]<br />
* [http://forums.mozillazine.org/ mozillaZine] unofficial forums</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Firefox&diff=691661Talk:Firefox2021-08-13T19:31:07Z<p>JimRees: /* Firefox and Pulseaudio */</p>
<hr />
<div>== Multimedia playback ==<br />
<br />
possible to note (somewhere around [https://wiki.archlinux.org/index.php/Firefox#Open-with_extension Open-with extension]) that video playback can be handled via a window manager key binding or shortcut like {{ic|bindsym $mod+m exec mpv -- $(sselp)}} for i3wm or similar [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 05:11, 20 June 2018 (UTC)<br />
<br />
== Dictionaries for spell checking ==<br />
<br />
I'm using Firefox stable version (61.0-1) and it no longer creates symbolic links to the system dictionaries. <br />
<br />
Now it uses this about:config key: "spellchecker.dictionary_path"<br />
<br />
{{Unsigned|14:27, 27 June 2018 (UTC)|J1simon}}<br />
<br />
== Screenshot of webpage ==<br />
<br />
[[Special:Diff/531137]]<br />
<br />
:''no need to list every possible way''<br />
<br />
Why not? They're not the same, moz://a might remove the new one, it may not work for someone, etc. ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 10:04, 27 July 2018 (UTC)<br />
<br />
:Mozilla won't remove the main way, there is no reason it shouldn't work, the developer toolbar will be removed in Firefox 62.[https://developer.mozilla.org/en-US/docs/Tools/GCLI] --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 11:58, 27 July 2018 (UTC)<br />
<br />
::ok that explains the removal but was there really a need for the rewrite? ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 13:04, 27 July 2018 (UTC)<br />
<br />
:::The previous version was alright, I just made some slight improvements, like dropping irrelevant info ("Firefox 57", "Page actions") and elaborating why the Save button is misleading. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 13:51, 27 July 2018 (UTC)<br />
<br />
::::I can't call it an improvement when the reading entropy has increased. ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 14:52, 27 July 2018 (UTC)<br />
<br />
:::::How so? --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 15:21, 27 July 2018 (UTC)<br />
<br />
::::::It's repetitive and unclear. ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 15:56, 27 July 2018 (UTC)<br />
<br />
:::::::[[Special:Diff/531244|Fixed it.]] --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 16:33, 27 July 2018 (UTC)<br />
<br />
:::::::Please do not [[Special:Diff/531294|silently revert my edits without stating a reason]]. I thought I addressed your concern. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 10:46, 28 July 2018 (UTC)<br />
<br />
::::::::no not really, but respected your addition and it is there ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 11:00, 28 July 2018 (UTC)<br />
<br />
[[special:diff/536480]]<br />
<br />
:''The last sentence wrongly implies that the above method doesn't work when you block HTML canvas.''<br />
<br />
{{ic|1=about:config?filter=privacy.resistFingerprinting}} ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 06:44, 21 August 2018 (UTC)<br />
<br />
:You're right that does break it, contrary to [https://bugzilla.mozilla.org/show_bug.cgi?id=1412961 #1412961] being marked as fixed. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 06:54, 21 August 2018 (UTC)<br />
<br />
::please abstain from rewording ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 06:59, 21 August 2018 (UTC)<br />
<br />
:::Sorry, I just did. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 07:06, 21 August 2018 (UTC)<br />
<br />
::::[[special:diff/536510]] Enabling {{ic|privacy.resistFingerprinting}} does not break screen shooting but it does require per site confirmation, you might want to think more ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 07:18, 21 August 2018 (UTC)<br />
<br />
:::::On my system it breaks; please be a bit more [[Code of conduct#Respect|respectful]]. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 07:23, 21 August 2018 (UTC)<br />
<br />
::::::as i already wrote, it breaks on all systems and is unbroken on per site basis, also please don't accuse me of being not respectful in the same thread you gave me a middle finger just 17 minutes prior ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 07:30, 21 August 2018 (UTC)<br />
<br />
::::::and to be clear this wasn't an offence but an observation ― [[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 07:38, 21 August 2018 (UTC)<br />
<br />
:::::::I deselected ''Always remember my decision'' in the prompt which breaks screen shooting. I didn't intentionally neglect you, I just missed your message. --[[User:Larivact|Larivact]] ([[User talk:Larivact|talk]]) 08:20, 21 August 2018 (UTC)<br />
<br />
== Dark themes ==<br />
<br />
RE: [[Special:Diff/552276]]. How exactly is copying and editing a ''.desktop'' file less complex than simply adding a setting to about:config ? And what's so unreliable about changing the content process's theme? -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 07:02, 1 November 2018 (UTC)<br />
<br />
:The {{ic|.desktop}} file is optional, it's just a simple variable. I've used css before and found it did not work well sometimes. They are really two different solutions that give similar results but are not the same. We could have both. The css is rightfully in the tweaks page as it may even give more flexibility for those who choose to have it. The main page only hints a standard option. --[[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 07:21, 1 November 2018 (UTC)<br />
<br />
::I don't understand how a ''.desktop'' file is optional. Where else can you set {{ic|GTK_THEME}} so that it applies only to a specific application and not globally? [[Special:Diff/552275|My proposed solution]] wasn't to use the mostly non-working CSS workaround from [[Firefox/Tweaks#Unreadable input fields with dark GTK+ themes]], but to set the content process's theme with {{ic|widget.content.gtk-theme-override}}. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 07:37, 1 November 2018 (UTC)<br />
<br />
:::You can do {{ic|1=GTK_THEME=Adwaita firefox}} in your terminal emulator or bind {{ic|1=GTK_THEME=Adwaita firefox}} to a key in your window manager, for example. The {{ic|.desktop}} file is one of the options a user has. {{ic|widget.content.gtk-theme-override}} is already in the tweaks page and that's ok. --[[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 07:51, 1 November 2018 (UTC)<br />
<br />
::::Not everyone uses window managers. Anyway, I still think that [[Firefox#Dark themes]] should link to [[Firefox/Tweaks#Unreadable input fields with dark GTK+ themes]], otherwise readers might never think of looking there. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 08:04, 1 November 2018 (UTC)<br />
<br />
::::[[Special:Diff/559199|See what happens]] when there's no link from [[Firefox#Dark themes]] to [[Firefox/Tweaks#Unreadable input fields with dark GTK+ themes]]. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 14:03, 16 December 2018 (UTC)<br />
<br />
:::::I wonder if the links should be in reverse order. I understand you put the link there because it's a firefox page but my reasoning for this is 1/ the tweaks page has a lot more information so the gtk link could be quicker to give what some may want; and 2/ the link is quite long and kinda makes the sentence lose balance; or it maybe should be removed because it's already in the tweaks page --[[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 16:06, 22 December 2018 (UTC)<br />
<br />
::::::I think the link is needed, since most people would not think to look at [[Firefox/Tweaks]]. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 08:48, 23 December 2018 (UTC)<br />
<br />
:::::::no the other one --[[User:Ubone|Ubone]] ([[User talk:Ubone|talk]]) 13:00, 23 December 2018 (UTC)<br />
<br />
::::::::You mean "[[GTK#Themes]]"? I didn't remove it because I thought that you want to keep that link there. I have no objections to removing it. -- [[User:nl6720|nl6720]] ([[User talk:nl6720|talk]]) 16:23, 23 December 2018 (UTC)<br />
<br />
== Smooth scrolling ==<br />
<br />
Is [https://wiki.archlinux.org/index.php/Firefox#Smooth_Scrolling this] really relevant for recent releases of Firefox? I tried the tweaks and it actually made things worse.<br />
<br />
[[User:Shelter|Shelter]] ([[User talk:Shelter|talk]]) 09:46, 10 May 2020 (UTC)<br />
<br />
== GNOME keyring integration ==<br />
<br />
There is a broken package link in [[Firefox#KDE/GNOME integration]]. I researched a bit and I found out that [https://lists.archlinux.org/pipermail/aur-requests/2020-September/044979.html the AUR package has been deleted] because it is not compatible with a current Firefox/Thunderbird version. It is also not even available via addons.mozilla.org anymore.<br />
If the addon has been abandoned I would be in favor of removing this from the list.<br />
<br />
[[User:NetSysFire|NetSysFire]] ([[User talk:NetSysFire|talk]]) 00:41, 31 January 2021 (UTC)<br />
<br />
:Removed that bit and renamed that section to just "KDE integration". -- [[User:Svito|Svito]] ([[User talk:Svito|talk]]) 04:54, 31 January 2021 (UTC)<br />
<br />
== Firefox and Pulseaudio ==<br />
<br />
The Wiki says Firefox needs Pulseaudio package for audio playback. But I don't use Pulseaudio and don't have it installed on my system and Firefox plays audio just fine.<br />
Maybe we could edit that in the Wiki?<br />
[[User:Raphaelabb|Raphaelabb]] ([[User talk:Raphaelabb|talk]]) 07:05, 23 March 2021 (UTC)<br />
<br />
:Which framework do you use to play audio with Firefox ? [[User:Hdante|Hdante]] ([[User talk:Hdante|talk]]) 20:53, 22 March 2021 (UTC)<br />
<br />
:{{pkg|firefox}} depends on {{pkg|libpulse}} but not {{pkg|pulseaudio}} [https://www.memesmonkey.com/topic/works+on+my+machine <s>''on my machine''</s>] Darren "Un1Gfn" "[[User:PXf|PXf]]" Ng ([[User talk:PXf|talk]]) 02:08, 23 March 2021 (UTC)<br />
<br />
:I use {{pkg|libpulse}} only. I confirm that {{pkg|pulseaudio}} is not necessary. [[User:Raphaelabb|Raphaelabb]] ([[User talk:Raphaelabb|talk]]) 07:05, 23 March 2021 (UTC)<br />
:Pulseaudio is certainly not required, and I'm going to change the text. I don't think libpulse is required either, although it gets installed because it's listed as a dependency.<br />
:A bit of history: Around FF 53, alsa was disabled in the default Mozilla build of firefox. This caused a lot of trouble for many people, and the Arch maintainers re-enabled alsa in the Arch package, as can be seen in [https://github.com/archlinux/svntogit-packages/blob/packages/firefox/trunk/PKGBUILD the PKGBUILD]. So I believe when you run firefox and you don't have pulseaudio installed, it falls back to alsa, and libpulse is not used. At some point in the future Mozilla may decide to remove alsa support, and at that point we'll need to use some workaround like apulse. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 19:31, 13 August 2021 (UTC)<br />
<br />
== Hardware video acceleration ==<br />
<br />
The page states "Nvidia's proprietary driver does not support VA-API and DMA-BUF so this feature will not work on that driver," however [[Hardware video acceleration#Installation]] mentions {{pkg|libva-vdpau-driver}} providing a VDPAU backend for VA-API, so with {{pkg|nvidia}} supporting VDPAU surely this combination provides video acceleration in Firefox? [[User:Mbromilow|Mbromilow]] ([[User talk:Mbromilow|talk]]) 02:46, 18 May 2021 (UTC)<br />
<br />
:The problem is DMA-BUF, not VA-API. Rumors say NVIDIA driver 470 will have DMA-BUF and Wayland support so let's wait until then to add this back to wiki [[User:N0k0m3|N0k0m3]] ([[User talk:N0k0m3|talk]]) 16:21, 22 May 2021 (UTC)<br />
<br />
:: I agree with [[User:N0k0m3|N0k0m3]]. NVIDIA has confirmed they are working [https://bugs.kde.org/show_bug.cgi?id=428089#c2 on DMA-BUF support], for now we should wait. I will edit the page to clarify DMA-BUF support is the blocking issue. For now should we remove the "The factual accuracy of this article or section is disputed" banner? [[User:Vchernin|Vchernin]] ([[User talk:Vchernin|talk]]) 06:51, 1 June 2021 (UTC)<br />
<br />
::: I added all currently known nvidia dma-buf information to the tips area of that section. I removed the warning as all information that might be useful is contained, if there's anything else that should be mentioned for nvidia users feel free to add it. [[User:Vchernin|Vchernin]] ([[User talk:Vchernin|talk]]) 06:13, 2 July 2021 (UTC)<br />
<br />
Under environment variables it states "MOZ_DISABLE_RDD_SANDBOX=1 to disable RDD sandbox, see [9]." However this can be achieved by setting media.rdd-vpx.enabled to false. Furthermore, the [https://mastransky.wordpress.com/2020/03/16/wayland-x11-how-to-run-firefox-in-mixed-environment/ given link] does not actually mention the MOZ_DISABLE_RDD_SANDBOX=1 variable. I don't see a need for this bullet point in it's current form. [[User:Vchernin|Vchernin]] ([[User talk:Vchernin|talk]]) 06:52, 2 July 2021 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Dm-crypt/Mounting_at_login&diff=663841Dm-crypt/Mounting at login2021-04-23T19:50:17Z<p>JimRees: this workaround is no longer needed</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Data-at-rest encryption]]<br />
[[es:Dm-crypt (Español)/Mounting at login]]<br />
[[ja:Dm-crypt/ログイン時にマウント]]<br />
{{Related articles start}}<br />
{{Related|pam_mount}}<br />
{{Related articles end}}<br />
<br />
It is possible to configure [[PAM]] and [[systemd]] to automatically mount a [[dm-crypt]] encrypted home partition when its owner logs in, and to unmount it when they log out.<br />
<br />
This tutorial assumes you have already created your encrypted partition, as described in [[Dm-crypt/Encrypting a non-root file system]].<br />
<br />
{{Note|<br />
* You need to use the same password for your user account and for LUKS.<br />
* In all the examples, replace {{ic|''username''}} with your username, {{ic|''1000''}} with your user ID and {{ic|''PARTITION''}} with the name of your encrypted partition's device.<br />
}}<br />
<br />
== Unlocking at login ==<br />
<br />
''pam_exec'' can be used to unlock the device at login. Edit {{ic|/etc/pam.d/system-login}} and add the line below emphasized in bold after {{ic|auth include system-auth}}:<br />
<br />
{{Expansion|1=GDM, LightDM, and maybe other display managers might require {{ic|pam_exec}} for {{ic|session}} as well, see [[Talk:Dm-crypt/Mounting at login#pam_exec required for session & using script]].}}<br />
<br />
{{hc|/etc/pam.d/system-login|2=<br />
...<br />
<br />
auth include system-auth<br />
'''auth optional pam_exec.so expose_authtok /etc/pam_cryptsetup.sh<br />
<br />
...<br />
}}<br />
<br />
Then create the mentioned script.<br />
<br />
{{hc|/etc/pam_cryptsetup.sh|2=<br />
#!/usr/bin/env bash<br />
<br />
CRYPT_USER="''username''"<br />
PARTITION="/dev/sd''XY''"<br />
NAME="home-$CRYPT_USER"<br />
<br />
if <nowiki>[[ "$PAM_USER" == "$CRYPT_USER" && ! -e "/dev/mapper/$NAME" ]]</nowiki>; then<br />
/usr/bin/cryptsetup open "$PARTITION" "$NAME"<br />
fi<br />
}}<br />
<br />
Make the script [[executable]].<br />
<br />
== Mounting and unmounting automatically ==<br />
<br />
''systemd-logind'' maintains {{ic|user@''1000''.service}} for as long as at least one session is active for the user. It is started automatically after a first successful login and stopped after a logout from the last session. Hence, we can create and [[enable]] a {{man|5|systemd.mount}} unit for the mapped volume and connect it to {{ic|user@''1000''.service}} in order to make it mount and unmount automatically:<br />
<br />
{{hc|/etc/systemd/home-''username''.mount|2=<br />
[Unit]<br />
Requires=user@''1000''.service<br />
Before=user@''1000''.service<br />
<br />
[Mount]<br />
Where=/home/''username''<br />
What=/dev/mapper/home-''username''<br />
Type=btrfs<br />
Options=defaults,relatime,compress=zstd<br />
<br />
[Install]<br />
RequiredBy=user@''1000''.service<br />
}}<br />
<br />
== Locking after unmounting ==<br />
<br />
After unmounting, the device will still be unlocked, and it will be possible to mount it without re-entering password. You can create and [[enable]] a service that starts when the device gets unlocked ({{ic|1=BindsTo=dev-mapper-home\x2d''username''.device}}) and dies after the device gets unmounted ({{ic|1=Requires,Before=home-''username''.mount}}), locking the device in the process ({{ic|1=ExecStop=cryptsetup close}}):<br />
<br />
{{hc|/etc/systemd/system/cryptsetup-''username''.service|2=<br />
[Unit]<br />
DefaultDependencies=no<br />
BindsTo=dev-''PARTITION''.device<br />
After=dev-''PARTITION''.device<br />
BindsTo=dev-mapper-home\x2d''username''.device<br />
Requires=home-''username''.mount<br />
Before=home-''username''.mount<br />
Conflicts=umount.target<br />
Before=umount.target<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
TimeoutSec=0<br />
ExecStop=/usr/bin/cryptsetup close home-''username''<br />
<br />
[Install]<br />
RequiredBy=dev-mapper-home\x2d''username''.device<br />
}}<br />
<br />
{{Note|{{ic|dev-''PARTITION''}} is the result of {{ic|systemd-escape -p /dev/''PARTITION''}}}}</div>JimReeshttps://wiki.archlinux.org/index.php?title=Dm-crypt/Mounting_at_login&diff=657244Dm-crypt/Mounting at login2021-04-02T22:31:08Z<p>JimRees: note: tr command no longer needed?</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Data-at-rest encryption]]<br />
[[es:Dm-crypt (Español)/Mounting at login]]<br />
[[ja:Dm-crypt/ログイン時にマウント]]<br />
{{Related articles start}}<br />
{{Related|pam_mount}}<br />
{{Related articles end}}<br />
<br />
It is possible to configure [[PAM]] and [[systemd]] to automatically mount a [[dm-crypt]] encrypted home partition when its owner logs in, and to unmount it when they log out.<br />
<br />
This tutorial assumes you have already created your encrypted partition, as described in [[Dm-crypt/Encrypting a non-root file system]].<br />
<br />
{{Note|<br />
* You need to use the same password for your user account and for LUKS.<br />
* In all the examples, replace {{ic|''YOURNAME''}} with your username, {{ic|''1000''}} with your user ID and {{ic|''PARTITION''}} with the name of your encrypted partition's device.<br />
}}<br />
<br />
== Unlocking at login ==<br />
<br />
''pam_exec'' can be used to unlock the device at login. Edit {{ic|/etc/pam.d/system-login}} and add the line below emphasized in bold after {{ic|auth include system-auth}}:<br />
<br />
{{Note|1=GDM, LightDM, and maybe other display managers might require {{ic|pam_exec}} for {{ic|session}} as well, see [[Talk:Dm-crypt/Mounting at login#pam_exec required for session & using script]].}}<br />
<br />
{{hc|/etc/pam.d/system-login|2=<br />
...<br />
<br />
auth include system-auth<br />
'''auth optional pam_exec.so expose_authtok /etc/pam_cryptsetup.sh<br />
<br />
...<br />
}}<br />
<br />
Then create the mentioned script.<br />
<br />
{{hc|/etc/pam_cryptsetup.sh|2=<br />
#!/bin/bash<br />
<br />
CRYPT_USER="''username''"<br />
PARTITION="/dev/sd''XY''"<br />
NAME="home-$CRYPT_USER"<br />
<br />
if <nowiki>[[ "$PAM_USER" == "$CRYPT_USER" ]] && [[ ! -e "/dev/mapper/$NAME" ]]</nowiki>; then<br />
tr '\0' '\n' {{!}} /usr/bin/cryptsetup open "$PARTITION" "$NAME"<br />
fi<br />
}}<br />
<br />
Run {{ic|chmod +x /etc/pam_cryptsetup.sh}} to make it executable.<br />
<br />
{{Note|The {{ic|tr}} command is a workaround for a bug in expose_authtok and may no longer be needed.}}<br />
<br />
== Mounting and unmounting automatically ==<br />
<br />
''systemd-logind'' maintains {{ic|user@''1000''.service}} for as long as at least one session is active for the user. It is started automatically after a first successful login and stopped after a logout from the last session. Hence, we can create and [[enable]] a {{man|5|systemd.mount}} unit for the mapped volume and connect it to {{ic|user@''1000''.service}} in order to make it mount and unmount automatically:<br />
<br />
{{hc|/etc/systemd/home-''username''.mount|2=<br />
[Unit]<br />
Requires=user@''1000''.service<br />
Before=user@''1000''.service<br />
<br />
[Mount]<br />
Where=/home/''username''<br />
What=/dev/mapper/home-''username''<br />
Type=btrfs<br />
Options=defaults,relatime,compress=zstd<br />
<br />
[Install]<br />
RequiredBy=user@''1000''.service<br />
}}<br />
<br />
== Locking after unmounting ==<br />
<br />
After unmounting, the device will still be unlocked, and it will be possible to mount it without re-entering password. You can create and [[enable]] a service that starts when the device gets unlocked ({{ic|1=BindsTo=dev-mapper-home\x2d''username''.device}}) and dies after the device gets unmounted ({{ic|1=Requires,Before=home-''username''.mount}}), locking the device in the process ({{ic|1=ExecStop=cryptsetup close}}):<br />
<br />
{{hc|/etc/systemd/system/cryptsetup-close-''username''.service|2=<br />
[Unit]<br />
DefaultDependencies=no<br />
BindsTo=dev-''PARTITION''.device<br />
After=dev-''PARTITION''.device<br />
BindsTo=dev-mapper-home\x2d''username''.device<br />
Requires=home-''username''.mount<br />
Before=home-''username''.mount<br />
Conflicts=umount.target<br />
Before=umount.target<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
TimeoutSec=0<br />
ExecStop=/usr/bin/cryptsetup close home-''username''<br />
<br />
[Install]<br />
RequiredBy=dev-mapper-home\x2d''username''.device<br />
}}<br />
<br />
{{Note|{{ic|dev-''PARTITION''}} is the result of {{ic|systemd-escape -p /dev/''PARTITION''}}}}</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=657165Talk:Dm-crypt/Mounting at login2021-04-01T21:44:29Z<p>JimRees: /* Broken pam_cryptsetup.sh script */</p>
<hr />
<div>__TOC__<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
:I just tried this, and maybe I'm doing something wrong. Without automount, how is the partition supposed to get mounted? I had to add a mount command to /etc/pam_cryptsetup.sh. But that's not a complete fix, because there is nothing to close the mapper on logout. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:07, 28 June 2019 (UTC)<br />
<br />
== Lock and unlock with systemd services ==<br />
<br />
I was able to get this working with a systemd service.I'm pretty new to this, and unsure if this is done properly. So I didn't want to add it to the main page until someone who knows what they're doing looks over it at least.<br />
<br />
[Unit]<br />
Before=user@<userid>.service<br />
BindsTo=user@<userid>.service<br />
<br />
[Service]<br />
User=<username><br />
ExecStartPre=+/bin/cryptsetup open /dev/disk/by-uuid/<device-uuid> <device-label> --key-file=</path/to/key/file><br />
ExecStart=+/bin/mount /dev/mapper/<device-label> <mount-dir><br />
ExecStop=+/bin/umount <mount-dir><br />
ExecStopPost=+/bin/cryptsetup close <device-label><br />
Restart=always<br />
RemainAfterExit=yes<br />
<br />
[Install]<br />
WantedBy=user@<userid>.service<br />
<br />
It will unlock/mount immediately after entering your password and before gnome(or I'd assume whichever DE) loads, and unmount/lock roughly 30s after logging out, and then restart waiting for you to log back in to mount again. You may need to edit logind.conf and enable something like KillAllUserProcesses. Not sure if that's the name. I'll figure it out before editing the main page. :p --[[User:Gdishun|Gdishun]] ([[User talk:Gdishun|talk]]) 13:40, 12 July 2020 (UTC)<br />
<br />
:You forgot to sign <nowiki>("~~~~")</nowiki>.<br />
<br />
:Where does the key file come from? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:08, 12 July 2020 (UTC)<br />
<br />
::You make one. Here is a walkthrough. https://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile --[[User:Gdishun|Gdishun]] ([[User talk:Gdishun|talk]]) 13:40, 12 July 2020 (UTC)<br />
<br />
== Broken pam_cryptsetup.sh script ==<br />
<br />
Did anyone ever test the pam_cryptsetup.sh script? Cause it has multiple issues:<br />
* Shebang is /bin/sh but it assumes bash is used (build in "[").<br />
* `[ "$PAM_USER" == "$CRYPT_USER" ]` is invalid (should be `[ "$PAM_USER" = "$CRYPT_USER" ]`).<br />
* No path to `tr` given but pam_exec might not set the PATH.<br />
* Always giving `/etc/pam_cryptsetup.sh failed: exit code 8` and never unlocking the partition.<br />
<br />
I was able to solve some of the problems:<br />
<br />
#!/bin/bash<br />
<br />
PATH="/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin"<br />
<br />
CRYPT_USER="YOURNAME"<br />
MAPPER="home-${CRYPT_USER}"<br />
<br />
if [ "$PAM_USER" = "$CRYPT_USER" ] && [ ! -e "/dev/mapper/${MAPPER}" ]<br />
then<br />
tr '\0' '\n' | cryptsetup open /dev/disk/by-id/ata-HGST_HUS728T8TALE6L4_VGG0YH7G-part2 "$MAPPER"<br />
fi<br />
<br />
This works when invoked manually (`echo passwd | PAM_USER=user /etc/pam_cryptsetup.sh`) but still gives error 8 when invoked from pam_exec. So I tried to add debugging (a simple `echo test` after setting PATH + adding log to /etc/pam.d/system-login) but the log is empty:<br />
<br />
*** Wed Mar 3 08:20:52 2021<br />
<br />
{{Unsigned|07:45, 3 March 2021 (UTC)|V10lator}}<br />
<br />
<br />
//EDIT: Finally got it to work by changing the line at /etc/pam.d/system-login to<br />
<br />
auth optional pam_exec.so expose_authtok /bin/bash /etc/pam_cryptsetup.sh<br />
<br />
{{unsigned|16:36, 3 March 2021|V10lator}}<br />
<br />
:It's intended to be a /bin/sh script. It does not use the '[' builtin to bash, it uses the '[' command. This works for me.<br />
<br />
:I don't think the 'tr' command is needed any more. This was a workaround for a bug in expose_authtok that I believe has been fixed. But I have not tested without it. There was a discussion on this talk page about this but it's been removed.<br />
<br />
:For the record here is my script.<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="rees"<br />
MAPPER="/dev/mapper/home"<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
tr '\0' '\n' | /usr/bin/cryptsetup open /dev/sda3 home<br />
mount /home<br />
fi<br />
<br />
: [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 21:44, 1 April 2021 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=657164Talk:Dm-crypt/Mounting at login2021-04-01T21:30:15Z<p>JimRees: /* Broken pam_cryptsetup.sh script */</p>
<hr />
<div>__TOC__<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
:I just tried this, and maybe I'm doing something wrong. Without automount, how is the partition supposed to get mounted? I had to add a mount command to /etc/pam_cryptsetup.sh. But that's not a complete fix, because there is nothing to close the mapper on logout. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:07, 28 June 2019 (UTC)<br />
<br />
== Lock and unlock with systemd services ==<br />
<br />
I was able to get this working with a systemd service.I'm pretty new to this, and unsure if this is done properly. So I didn't want to add it to the main page until someone who knows what they're doing looks over it at least.<br />
<br />
[Unit]<br />
Before=user@<userid>.service<br />
BindsTo=user@<userid>.service<br />
<br />
[Service]<br />
User=<username><br />
ExecStartPre=+/bin/cryptsetup open /dev/disk/by-uuid/<device-uuid> <device-label> --key-file=</path/to/key/file><br />
ExecStart=+/bin/mount /dev/mapper/<device-label> <mount-dir><br />
ExecStop=+/bin/umount <mount-dir><br />
ExecStopPost=+/bin/cryptsetup close <device-label><br />
Restart=always<br />
RemainAfterExit=yes<br />
<br />
[Install]<br />
WantedBy=user@<userid>.service<br />
<br />
It will unlock/mount immediately after entering your password and before gnome(or I'd assume whichever DE) loads, and unmount/lock roughly 30s after logging out, and then restart waiting for you to log back in to mount again. You may need to edit logind.conf and enable something like KillAllUserProcesses. Not sure if that's the name. I'll figure it out before editing the main page. :p --[[User:Gdishun|Gdishun]] ([[User talk:Gdishun|talk]]) 13:40, 12 July 2020 (UTC)<br />
<br />
:You forgot to sign <nowiki>("~~~~")</nowiki>.<br />
<br />
:Where does the key file come from? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:08, 12 July 2020 (UTC)<br />
<br />
::You make one. Here is a walkthrough. https://www.howtoforge.com/automatically-unlock-luks-encrypted-drives-with-a-keyfile --[[User:Gdishun|Gdishun]] ([[User talk:Gdishun|talk]]) 13:40, 12 July 2020 (UTC)<br />
<br />
== Broken pam_cryptsetup.sh script ==<br />
<br />
Did anyone ever test the pam_cryptsetup.sh script? Cause it has multiple issues:<br />
* Shebang is /bin/sh but it assumes bash is used (build in "[").<br />
* `[ "$PAM_USER" == "$CRYPT_USER" ]` is invalid (should be `[ "$PAM_USER" = "$CRYPT_USER" ]`).<br />
* No path to `tr` given but pam_exec might not set the PATH.<br />
* Always giving `/etc/pam_cryptsetup.sh failed: exit code 8` and never unlocking the partition.<br />
<br />
I was able to solve some of the problems:<br />
<br />
#!/bin/bash<br />
<br />
PATH="/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin"<br />
<br />
CRYPT_USER="YOURNAME"<br />
MAPPER="home-${CRYPT_USER}"<br />
<br />
if [ "$PAM_USER" = "$CRYPT_USER" ] && [ ! -e "/dev/mapper/${MAPPER}" ]<br />
then<br />
tr '\0' '\n' | cryptsetup open /dev/disk/by-id/ata-HGST_HUS728T8TALE6L4_VGG0YH7G-part2 "$MAPPER"<br />
fi<br />
<br />
This works when invoked manually (`echo passwd | PAM_USER=user /etc/pam_cryptsetup.sh`) but still gives error 8 when invoked from pam_exec. So I tried to add debugging (a simple `echo test` after setting PATH + adding log to /etc/pam.d/system-login) but the log is empty:<br />
<br />
*** Wed Mar 3 08:20:52 2021<br />
<br />
{{Unsigned|07:45, 3 March 2021 (UTC)|V10lator}}<br />
<br />
<br />
//EDIT: Finally got it to work by changing the line at /etc/pam.d/system-login to<br />
<br />
auth optional pam_exec.so expose_authtok /bin/bash /etc/pam_cryptsetup.sh<br />
<br />
{{unsigned|16:36, 3 March 2021|V10lator}}<br />
<br />
:It's intended to be a /bin/sh script. It does not use the '[' builtin to bash, it uses the '[' command. This works for me.<br />
<br />
:I don't think the 'tr' command is needed any more. This was a workaround for a bug in expose_authtok that I believe has been fixed. But I have not tested without it. There was a discussion on this talk page about this but it's been removed. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 21:30, 1 April 2021 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Wicd&diff=656356Talk:Wicd2021-03-27T23:12:00Z<p>JimRees: /* About python2-dependence and python3-migration */</p>
<hr />
<div><br />
== <s>Pronunciation</s> ==<br />
From Ubuntu help page I found out that it's pronounced as 'wicked'. --[[User:Ottoshmidt|Ottoshmidt]] ([[User talk:Ottoshmidt|talk]]) 05:08, 24 December 2018 (UTC)<br />
<br />
:This page does not introduce pronunciation, close. -- [[User:Blackteahamburger|Blackteahamburger]] ([[User talk:Blackteahamburger|talk]]) 14:31, 30 June 2020 (UTC)<br />
<br />
== About python2-dependence and python3-migration ==<br />
<br />
Looking a reply[1], found: «attempting to migrate to python 3.x»[2]<br />
<br />
Thought it could be relevant.<br />
<br />
[1] https://bugs.launchpad.net/wicd/+bug/1842079<br />
<br />
[2] https://github.com/zeph/wicd<br />
<br />
[[User:Riveravaldez|Riveravaldez]] ([[User talk:Riveravaldez|talk]]) 12:26, 2 March 2020 (UTC)<br />
<br />
Also this:<br />
* https://bugs.launchpad.net/wicd/+bug/1858025<br />
<br />
Wicd still worked for me until just now, but it can no longer be installed because it depends on python2-dbus, which conflicts with dbus-python. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 23:11, 27 March 2021 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Xterm&diff=641847Talk:Xterm2020-11-18T17:13:36Z<p>JimRees: /* Those configuration don't work for me */ I don't know where you got "xt100". "XTerm.VT100.faceName" works for me. ~~~~</p>
<hr />
<div>=="some unusual features"==<br />
What is this referring to? I'm curious to know. [[User:Brianbaligad|Brianbaligad]] ([[User talk:Brianbaligad|talk]]) 06:07, 20 October 2013 (UTC)<br />
:The Tek terminal emulation, changing from Xlfd to xft type faces by a menu selection, and the Ctrl-Mouseclick pop-up menus, all seem unusual to me. Being able to customize the mouse-click text selections using regular expressions is a newer feature of xterm that might be considered unusual. Too bad the wiki article doesn't cover that how-to.<br />
:[[User:Thisoldman|Thisoldman]] ([[User talk:Thisoldman|talk]]) 14:06, 20 October 2013 (UTC)<br />
<br />
==trannset-df with xterm emulators==<br />
I use xfce-terminal. I think it emulates xterm when compatibility is needed, is it the same as being defined? 'Cause I'm getting errors. [[User:Lelele|Lelele]] ([[User talk:Lelele|talk]])<br />
:Xfce-terminal does not set or use the $TERM variable in the same way as xterm. Xfce-terminal man pages refer to termcap and Archlinux uses terminfo. See this [https://bbs.archlinux.org/viewtopic.php?id=175581 forum thread]. <br />
:--[[User:Thisoldman|Thisoldman]] ([[User talk:Thisoldman|talk]]) 14:51, 25 January 2014 (UTC)<br />
<br />
== Make 'Alt' key behave as on other terminal emulators ==<br />
<br />
Putting {{ic|XTerm.vt100.metaSendsEscape: true}} in my X resource file did not change anything about the behaviour of my xterm. However, {{ic|xterm*eightBitInput: false}} did the trick. Can anyone confirm my findings?<br />
--[[User:Genericaf|Genericaf]] ([[User talk:Genericaf|talk]]) 14:02, 28 April 2018 (UTC)<br />
<br />
== Fix the backspace key ==<br />
<br />
{{bc|XTerm.vt100.backarrowKey: false<br />
XTerm.ttyModes: erase ^?}} did not change anything. Typing "xterm" instead of "XTerm", however, fixed the issue: {{bc|xterm.vt100.backarrowKey: false<br />
xterm.ttyModes: erase ^?}} I do think the lowercase form is the correct one.<br />
--[[User:Genericaf|Genericaf]] ([[User talk:Genericaf|talk]]) 14:07, 28 April 2018 (UTC)<br />
<br />
== Those configuration don't work for me ==<br />
I have tried those configuration like {{bc|XTerm.xt100.***:***}} but nothing happens. However I use things like {{bc|xterm*faceName:***}} and it works fine.<br />
[[User:Sffred|Sffred]] ([[User talk:Sffred|talk]]) 15:14, 18 November 2020 (UTC)<br />
:I don't know where you got "xt100". "XTerm.VT100.faceName" works for me. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 17:13, 18 November 2020 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=624900Talk:Dm-crypt/Mounting at login2020-07-12T13:08:34Z<p>JimRees: /* Lock and unlock with systemd services */ Where does the key file come from?</p>
<hr />
<div>__TOC__<br />
== <s>pam_exec questions </s> ==<br />
<br />
Reading this interesting new contribution, I have three questions: <br />
# Exposing the passphrase: Are there any downsides of using expose_authtok (for the time of the user session)? Is it feasible to clear it after mounting succeeded at the end of /usr/local/bin/securemount? <br />
# Does this approach using pam_exec suffer from the same problem pam_mount has that a session is not closed due to pam_systemd.so (no consistent unmounting; see warning top of [[Pam_mount]])? <br />
# Since we don't have an fstab for the device, what about fsck-ing? <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:20, 27 February 2016 (UTC)<br />
<br />
# AFAIK expose_authtok exposes it only to the proces executed by pam_exec, and this process is short-lived - it only mounts the partition, and then quits.<br />
# No. Unmounting is not done in pam, it's done by systemd when user@.service gets stopped. And user@.service is usually stopped when the user logs out. (Usually? Because some daemons, like gpg-agent, may remain - and then it's not stopped. However, this is out of scope of this script, and should be solved in the systemd / DE configuration.)<br />
# We can add fscking to the securemount script. I think it can be done by passing -ofsck to mount - therefore we may simply add another argument to securemount for passing mount options.<br />
[[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 22:41, 27 February 2016 (UTC)<br />
<br />
:# Well, but the key @u stays active after mounting? Perhaps keyctl clear @u could be done upon unmounting. An alternative may be to add {{ic|timeout}} to keyctl padd, particularly if (2) is an issue. <br />
:# I agree it should be solved in systemd. However, systemd sees it as [https://bugs.freedesktop.org/show_bug.cgi?id=72759#c1 NOTOURBUG], effectively breaking production status for pam_mount and pam_ecryptfs for some years & counting.[https://wiki.archlinux.org/index.php?title=ECryptfs&diff=365591&oldid=362767] Nothing to do with your contribution. Yet, what I would like to avoid is that we add the user@.service method to a dm-crypt article and later figure it suffers from the same symptom, because this would break the whole concept of using it in the first place and users would be better off to stick with legacy mount helpers at login. You see the point? What do you think re the issue for the user service? (edit: It is not a consistent bug, but happens frequently. Simple way to test: login with the user, perform random tasks, log out again and check mounts with another user. If you do it 5-10 times and the user@.service always gets stopped/crypt unmounted, we're on a good path I'd say.)<br />
:# Hm, is that option alive? Anyway, e2fsck could be added by another optional ExecStart= in the mount service or something. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 04:19, 28 February 2016 (UTC)<br />
<br />
::# Password is stored in the kernel keyring of the root user until the computer gets turned of. I guess it's a good idea to add a timeout, and clear the key upon mounting successfuly (as it isn't needed anymore).<br />
::# pam_mount and pam_ecryptfs systemd-related bugs are different bugs. They unmount when PAM's session gets closed - and systemd does not close it correctly. I unmount when all the user's processes die - and unmounting before that happens is impossible, as they use the directory, and kernel wouldn't let it happen. Therefore, the thing that should get fixed, is stopping all user's services when he logs out. I guess I'll experiment a bit with it, and report results.<br />
:: [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 11:38, 28 February 2016 (UTC)<br />
<br />
:::Thanks in advance for looking into it. I think the main caveat of the bug affecting pam_mount is that it will try only once to unmount and if that fails, it stays mounted. Such behaviour should be much better controllable with a systemd unit, if we can stipulate the requisites for it regarding user processes. It is logical the user cannot expect any user processes to run once he chooses to unmounts /home (log out). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 07:56, 6 March 2016 (UTC)<br />
<br />
::::I close this, not useful to follow-up from the start - See item below. An fstab was added, so it can be fscked regularly as configured. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:02, 16 January 2019 (UTC)<br />
<br />
== <s>Article rewritten</s> ==<br />
<br />
I've rebuilt the solution from scratch, hopefully solving all the problems mentioned above. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 17:38, 24 January 2017 (UTC)<br />
<br />
:Thanks. Frankly, I forgot about looking into it again (others did & use your work, see talk items below). Closing. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:04, 16 January 2019 (UTC)<br />
<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
:I just tried this, and maybe I'm doing something wrong. Without automount, how is the partition supposed to get mounted? I had to add a mount command to /etc/pam_cryptsetup.sh. But that's not a complete fix, because there is nothing to close the mapper on logout. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:07, 28 June 2019 (UTC)<br />
<br />
== <s>pam LUKS partition auto mount on login returning exit code 2</s> ==<br />
<br />
These instructions no longer work. See https://bbs.archlinux.org/viewtopic.php?id=238477 . I don't know enough about how this works to say whether this is just a bug that needs to be fixed, or whether the workaround should be documented here. But this should get fixed somehow. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 20:48, 10 July 2018 (UTC)<br />
<br />
:I don't know how it used to be, but expose_authtok provides the password with a \0 at the end, which doesn't work. I currently use a translator script that I call from pam_exec to work around the issue: <code>cat - | tr '\0' '\n' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code> [[User:DarkShadow44|DarkShadow44]] ([[User talk:DarkShadow44|talk]]) 21:04, 13 July 2018 (UTC)<br />
::I haven't tried this, but I don't think you need the "cat", and it should be sufficient to just remove the nul byte: <code>tr -d '\0' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code><br />
::This seems like a bug in expose_authtok. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:25, 27 July 2018 (UTC)<br />
:Just tried the described instructions, and it worked like a charm. [[User:Mathieu.clabaut|Mathieu.clabaut]] ([[User talk:Mathieu.clabaut|talk]]) 14:49, 16 January 2019 (UTC)<br />
:I can confirm this as working too. I updated the section, striking this one. [[User:Dargmuesli|Dargmuesli]] ([[User talk:Dargmuesli|talk]]) 02:36, 29 March 2019 (UTC)<br />
<br />
== Lock and unlock with systemd services ==<br />
<br />
I was able to get this working with a systemd service.I'm pretty new to this, and unsure if this is done properly. So I didn't want to add it to the main page until someone who knows what they're doing looks over it at least.<br />
<br />
[Unit]<br />
Before=user@<userid>.service<br />
BindsTo=user@<userid>.service<br />
<br />
[Service]<br />
User=<username><br />
ExecStartPre=+/bin/cryptsetup open /dev/disk/by-uuid/<device-uuid> <device-label> --key-file=</path/to/key/file><br />
ExecStart=+/bin/mount /dev/mapper/<device-label> <mount-dir><br />
ExecStop=+/bin/umount <mount-dir><br />
ExecStopPost=+/bin/cryptsetup close <device-label><br />
Restart=always<br />
RemainAfterExit=yes<br />
<br />
[Install]<br />
WantedBy=user@<userid>.service<br />
<br />
It will unlock/mount immediately after entering your password and before gnome(or I'd assume whichever DE) loads, and unmount/lock roughly 30s after logging out, and then restart waiting for you to log back in to mount again. You may need to edit logind.conf and enable something like KillAllUserProcesses. Not sure if that's the name. I'll figure it out before editing the main page. :p<br />
<br />
:You forgot to sign <nowiki>("~~~~")</nowiki>.<br />
<br />
:Where does the key file come from? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:08, 12 July 2020 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Xterm&diff=611139Xterm2020-05-06T02:04:55Z<p>JimRees: remove warning; this has been fixed upstream</p>
<hr />
<div>{{lowercase title}}<br />
[[Category:Terminal emulators]]<br />
[[de:Xterm]]<br />
[[fr:Xterm]]<br />
[[ja:Xterm]]<br />
[[ru:Xterm]]<br />
'''xterm''' is the standard [[Wikipedia:Terminal emulator|terminal emulator]] for the [[X Window System]]. It is highly configurable and has many useful and some unusual features.<br />
<br />
== Installation ==<br />
<br />
[[Install]] the {{Pkg|xterm}} package.<br />
<br />
==Configuration==<br />
=== Resource file settings ===<br />
<br />
There are several options you can set in your [[X resources]] files that may make this terminal emulator much nicer to use. See {{man|1|xterm}}for a complete list.<br />
<br />
==== TERM Environmental Variable ====<br />
<br />
Allow xterm to report the TERM variable correctly. '''Do not '''set the TERM variable from your ''~/.bashrc'' or ''~/.bash_profile'' or similar file. The terminal itself should report the correct TERM to the system so that the proper ''terminfo'' file will be used. Two usable terminfo names are ''xterm'' and ''xterm-256color''. To set the name, use the resource<br />
<br />
XTerm.termName: xterm-256color<br />
<br />
You can check the result within xterm using either of these commands:<br />
<br />
$ echo $TERM<br />
$ tset -q<br />
<br />
==== UTF-8 ====<br />
<br />
Ensure that your [[locale]] is set up for UTF-8. If you do not use UTF-8, you may need to force xterm to more strictly follow your locale by setting<br />
<br />
XTerm.vt100.locale: true<br />
<br />
==== Make 'Alt' key behave as on other terminal emulators ====<br />
<br />
The default {{Ic|Alt}} key behavior in xterm is a modifier to send eight bit input characters e.g. to insert {{Ic|æ}} by pressing {{Ic|Alt+f}}. To make {{ic|Alt}} instead send a {{Ic|^[}} (escape) key (as in gnome-terminal and konsole), set<br />
<br />
XTerm.vt100.metaSendsEscape: true<br />
<br />
==== Fix the backspace key ====<br />
<br />
On Arch Linux, xterm sends {{ic|^H}} key when backspace is pressed. This breaks the {{ic|Ctrl+H}} key combination on [[Emacs]].<br />
The workaround is to send {{ic|^?}} when backspace is pressed by setting the resources<br />
<br />
XTerm.vt100.backarrowKey: false<br />
XTerm.ttyModes: erase ^?<br />
<br />
==== Key binding ====<br />
<br />
xterm defines a whole suite of "actions" for manipulating the terminal e.g. {{ic|copy-selection()}}, {{ic|hard-reset()}}, {{ic|scroll-back()}}, etc. These actions can be mapped to mouse/key combinations using the {{ic|translations}} resource. For example, you can map {{ic|Ctrl+M}} and {{ic|Ctrl+R}} to maximize/restore the window:<br />
<br />
XTerm.vt100.translations: #override \n\<br />
Ctrl <Key>M: maximize() \n\<br />
Ctrl <Key>R: restore()<br />
<br />
{{ic|#override}} indicates that these bindings should override any existing ones (you almost always want this for custom key bindings). Each binding must be separated by the escape sequence {{ic|\n}}. If you want to insert a literal newline, it also needs to be escaped (hence {{ic|\n\}}). See the '''KEY BINDINGS''' section of {{man|1|xterm}}for the full list of actions and many examples.<br />
<br />
{{Tip|You can also have separate sets of keybindings that you switch between. See the {{ic|keymap()}} action in the man page.}}<br />
<br />
=== Scrolling ===<br />
As new lines are written to the bottom of the xterm window, older lines disappear from the top. To scroll up and down through the off-screen lines one can use the mouse wheel, the key combinations {{ic|Shift+PageUp}} and {{ic|Shift+PageDown}}, or the scrollbar.<br />
<br />
By default, 1024 lines are saved. You can change the number of saved lines with the {{ic|saveLines}} resource,<br />
XTerm.vt100.saveLines: 4096<br />
<br />
Other X resources that affect scrolling are {{ic|jumpScroll}}, {{ic|multiScroll}}, and {{ic|fastScroll}} (all under {{ic|XTerm.vt100}}, see {{man|1|xterm}}). To scroll inside an [[#VT_Options_menu|#alternate screen]], set {{ic|alternateScroll}} to {{ic|true}}.<br />
<br />
==== Scrollbar ====<br />
<br />
The scrollbar is not shown by default. It can be enabled and its appearance tweaked through resource settings (note the differing capitalization of "scrollbar"!)<br />
<br />
XTerm.vt100.scrollBar: true<br />
XTerm.vt100.scrollbar.width: 8<br />
<br />
See {{man|1|xterm}}for other scrollbar resources.<br />
<br />
The scrollbar operates differently from what you may be accustomed to using.<br />
*To scroll down:<br />
:– Click on the scrollbar with the left mouse button, or<br />
:– Click on the scrollbar below the thumb with the middle mouse button.<br />
*To scroll up:<br />
:– Click on the scrollbar with the right mouse button, or<br />
:– Click on the scrollbar above the thumb with the middle mouse button.<br />
*To position text, moving in either direction:<br />
:– Grab the thumb and use "click-and-drag" with the middle mouse button.<br />
<br />
===Menus===<br />
{{pkg|xterm}} is compiled with the ''toolbar, ''or ''menubar, ''disabled. The menus are still available as ''popups ''when you press {{ic|Ctrl+MouseButton}} within the xterm window. The actions invoked by the menu items can often be accomplished using command line options or by setting resource values.<br />
<br />
{{Tip|If the popup menu windows show only as small boxes, it is probably because you have a line similar to this, {{ic|XTerm*geometry: 80x32}}, in your resources file. This ''does'' start xterm in an 80 column by 32 row main window, but it also forces the menu windows to be 80 pixels by 32 pixels! This is why you should fully specify the resource: {{bc|XTerm.vt100.geometry: 80x32}}}}<br />
<br />
Some of the menu options are discussed below.<br />
<br />
====Main Options menu====<br />
'''''Ctrl + LeftMouse'''''<br />
<br />
*{{ic|Secure Keyboard}} attempts to ensure only the xterm window, and no other application, receives your keystrokes. The display changes to reverse video when it is invoked. If the display is not in reverse video, the ''Secure Keyboard ''mode is not in effect. Please read the "SECURITY" section of the xterm man page for this option's limitations.<br />
<br />
*{{ic|Allow SendEvents}} allows other processes to send keypress and mouse events to the xterm window. Because of the security risk, do not enable this unless you are very sure you know what you are doing.<br />
<br />
*{{ic|Log to File}} – The log file will be named {{ic|Xterm.log.hostname.yyyy.mm.dd.hh.mm.ss.XXXXXX}}. This file will contain all the printed output ''and all cursor movements. ''Logging may be a security risk.<br />
<br />
*The six {{ic|Send *** Signal}} menu items are not often useful, except when your keyboard fails. {{ic|HUP}}, {{ic|TERM}} and {{ic|KILL}} will close the xterm window. {{ic|KILL}} should be avoided, as it does not allow any cleanup code to run.<br />
<br />
*The {{ic|Quit}} menu item will also close the xterm window – it is the same as sending a {{ic|HUP}} signal. Most users will use the keyboard combination {{ic|Ctrl+d}} or will type {{ic|exit}} to close an xterm instance.<br />
====VT Options menu====<br />
'''''Ctrl + MiddleMouse'''''<br />
*{{ic|Select to Clipboard}} – Normally, selected text is stored in PRIMARY, to be pasted with {{ic|Shift+Insert}} or by using the middle mouse button. By toggling this option to ''on, ''selected text will use CLIPBOARD, allowing you to paste the text selected in an xterm window into a GUI application using {{ic|Ctrl+v}}. The corresponding resource is {{ic|XTerm.vt100.selectToClipboard}}.<br />
<br />
*{{ic|Show Alternate Screen}} – When you use an a terminal application such as ''vim, ''or ''less, ''the alternate screen is opened. The main VT window, now hidden, remains in memory. You can view this main window, but not issue any commands in it, by toggling this menu option. You are able to select and copy text from this main window.<br />
<br />
{{Tip|Suspending the process running in the Alternate Screen and then resuming it provides more functionality than using {{ic|Show Alternate Screen}}. With a ''bash'' shell, pressing {{ic|Ctrl+z}} suspends the process; issuing the command {{ic|fg}} then resumes it.}}<br />
<br />
*{{ic|Show Tek Window}} and {{ic|Switch to Tek Mode}} – The [[Wikipedia:Tektronix 4010|Tektronix 4014]] was a graphics terminal from the 1970s used for CAD and plotting applications. The command line program {{ic|graph}}, from {{Pkg|plotutils}}, and the application {{Pkg|gnuplot}} can be made to use xterm's Tek emulation; most people will prefer more modern display options for charting data. See the [[#Tek 4014 demonstration]], below.<br />
<br />
====VT Fonts menu====<br />
'''''Ctrl + RightMouse'''''<br />
<br />
*When using XLFD fonts, the first seven menu items will change the font face and the font size used in the current xterm window. If you are using an Xft font, only the font size will change, the font face will not change with the different selections, .<br />
<br />
{{Tip|{{ic|Unreadable}} and {{ic|Tiny}} are useful if you wish to keep an eye on a process but do not want to devote a large amount of screen space to the terminal window. An example use might be a lengthy compilation process when you only want to see that the operation completes.}}<br />
<br />
*{{ic|Selection}}, when using XLFD font names, allows you to switch to the font name stored in the PRIMARY selection (or CLIPBOARD).<br />
<br />
====Tek Options menu==== <br />
From the '''Tek Window,''' '''''Ctrl + MiddleMouse'''''<br />
<br />
The first section's options allow you to change the Tek window font size. The second set of options are used to move the focus between the Tek emulation window and the main, or ''VT, ''window and to close or hide the Tek window.<br />
<br />
===Copy and paste===<br />
First, highlighting text using the mouse in an xterm (or alternatively another application) will select the text to copy, then clicking the mouse middle-button will paste that highlighted text. Also the key combination {{ic|Shift+Insert}} will paste highlighted text, but only within an xterm.<br />
<br />
====PRIMARY or CLIPBOARD====<br />
<br />
{{Expansion|Separate shortcuts for CLIPBOARD can be defined instead of using ''Select to clipboard'', similar to VTE-like terminals. See e.g [https://github.com/AladW/arch-i3/blob/master/.Xresources#L17]{{Dead link|2020|04|03|status=404}}}}<br />
<br />
By default, xterm, and many other applications running under X, copy highlighted text into a buffer called the [[PRIMARY]] selection. The PRIMARY selection is short-lived; the text is immediately replaced by a new PRIMARY selection as soon as another piece of text is highlighted. Some applications will allow you to paste PRIMARY selections by using the middle-mouse, but not {{ic|Shift+Insert}}, and some other applications may not allow pasting from PRIMARY entirely.<br />
<br />
There is another buffer used for copied text called the CLIPBOARD selection. The text in the CLIPBOARD is long-lived, remaining available until a user actively overwrites it. Applications that use {{ic|Ctrl+c}} and {{ic|Ctrl+x}} for text copying and cutting operations, and {{ic|Ctrl+v}} for pasting, are using the CLIPBOARD.<br />
<br />
The fleeting nature of the PRIMARY selection, where copied text is lost as soon as another selection is highlighted, annoys some users. xterm allows the user to switch between the use of PRIMARY and CLIPBOARD using {{ic|Select to Clipboard}} on the [[#VT Options menu]] or with the {{ic|XTerm.vt100.selectToClipboard}} resource.<br />
<br />
====PRIMARY and CLIPBOARD====<br />
<br />
With the above setting you can select if you want to use PRIMARY or CLIPBOARD, but you can also hack it to add the selection to both. Just override the [[#Key binding]] for releasing the left mouse button:<br />
<br />
<Btn1Up>: select-end(PRIMARY, CLIPBOARD, CUT_BUFFER0)<br />
<br />
You can add [[#Key binding|#Key bindings]] similar to other terminals' copy/paste behavior (such as gnome terminal):<br />
<br />
Ctrl Shift <Key>C: copy-selection(CLIPBOARD) \n\<br />
Ctrl Shift <Key>V: insert-selection(CLIPBOARD)<br />
<br />
====Selecting text====<br />
The new user usually discovers that text may be selected using a "click-and-drag" with the left mouse button. Double-clicking will select a word, where a word is defined as consecutive alphabetic characters plus the underscore, or the Basic Regular Expression (BRE) {{ic|[A-Za-z_]}}. Triple-clicking selects a line, with a "tab" character usually copied as multiple "space" characters.<br />
<br />
Another way of selecting text, especially useful when copying more than one full screen, is:<br />
#Left-click at the start of the intended selection.<br />
#Scroll to where the end of the selection is visible.<br />
#Right-click at the end of the selection.<br />
You do not have to be precise immediately with the right-click – any highlighted selection may be extended or shortened by using a right-click.<br />
<br />
You can clear any selected text by left-clicking once, anywhere within the xterm window.<br />
<br />
When a character-based application runs inside xterm, it is allowed to receive mouse events. This may be a problem if the program can not communicate with the X11 clipboard. In order to pass these events to the underlying xterm, they must be accompanied by the <code>Shift</code> key. For example, in {{Pkg|links}} (not <code>xlinks -g</code>), one can mouse-click on URLs and menu items, but not select or paste with a middle button. To do copy-paste, press the <code>Shift</code> key and then perform mouse clicks (the key needs to be pressed only during the click, so there is no need to hold it when dragging mouse to select, for instance, a text block).<br />
<br />
==Colors==<br />
<br />
xterm defaults to black text, the ''foreground'' color, on a white ''background.'' The foreground and background colors can be reversed by setting the resource<br />
<br />
XTerm.vt100.reverseVideo: true<br />
<br />
Alternatively, you can directly change the foreground and background colors (as well as the first sixteen terminal colors) using resources:<br />
<br />
XTerm.vt100.foreground: white<br />
XTerm.vt100.background: black<br />
XTerm.vt100.color0: rgb:28/28/28<br />
! ...<br />
XTerm.vt100.color15: rgb:e4/e4/e4<br />
<br />
{{Note|Colors for applications that use the X libraries may be specified in many different ways.<br />
<br />
Some colors can be specified by assigned names. If {{Pkg|emacs}} or {{Pkg|vim}} has been installed, you can examine {{ic|/usr/share/emacs/*/etc/rgb.txt}} or {{ic|/usr/share/vim/*/rgb.txt}} to view the list of color names with their decimal RGB values. Colors may also be specified using hexadecimal RGB values with the format {{ic|rgb:RR/GG/BB}}, or the older and not encouraged syntax {{ic|#RRGGBB}}.<br />
<br />
The color {{ic|PapayaWhip}} is the same as {{ic|rgb:ff/ef/d5}}, which is the same as {{ic|#ffefd5}}.<br />
<br />
See {{man|7|X}} from {{Pkg|xorg-docs}}, for a more complete description of color syntax.}}<br />
<br />
Many suggestions for color schemes can be viewed in the forum thread, [https://bbs.archlinux.org/viewtopic.php?id=51818&p=1 Terminal Colour Scheme Screenshots].<br />
<br />
{{Tip|Many people specify colors in their X resources files without specifying an application class or application instance:<br />
<br />
*foreground: rgb:b2/b2/b2<br />
*background: rgb:08/08/08<br />
<br />
The above example sets the foreground and background color values for all ''Xlib'' applications (xclock, xfontsel, and others) that use these resources. This is a nice, easy way to achieve a unified color scheme.}}<br />
<br />
==Fonts==<br />
===Default fonts===<br />
xterm's default font is the bitmap font named by the [[X Logical Font Description]] alias {{ic|fixed}}, often resolving to<br />
<br />
-misc-fixed-medium-r-semicondensed--13-120-75-75-c-60-iso8859-?<br />
<br />
This font, also aliased to the name {{ic|6x13}}, has remakably wide coverage for unicode glyphs. The default "TrueType" font is the 14‑point font matched by the name {{ic|mono}}. The ''FreeType ''font that will be used can be found with this command:<br />
<br />
$ fc-match mono<br />
<br />
Fonts can be specified in your resources, depending on whether the font is TrueType or not:<br />
<br />
XTerm.vt100.faceName: Liberation Mono:size=10:antialias=false<br />
XTerm.vt100.font: 7x13<br />
<br />
To test, you can also set the font on the command line: {{ic|-fa}} for {{ic|faceName}}, {{ic|-fn}} for {{ic|font}}. If you set both kinds of fonts, you can alternate between the two by toggling {{ic|TrueType Fonts}} from the [[#VT Fonts menu]]. You can also choose the default with the following resource<br />
<br />
! start with TrueType fonts disabled<br />
XTerm.vt100.renderFont: false<br />
<br />
===Bold and underlined fonts===<br />
Italic fonts are shown as underlined characters when using XLFD names in xterm. TrueType fonts should use an oblique typeface.<br />
<br />
If you do not specify a bold font at the command line, {{ic|-fb}}, or through the {{ic|XTerm.vt100.boldFont}} resource, xterm will attempt to find a bold font matching the normal font. If a matching font is not found, the bold font will be created by "overstriking" the normal font.<br />
<br />
===CJK Fonts===<br />
Many fonts do not contain glyphs for the double width Chinese, Japanese and Korean languages. Other terminal emulators such as [[urxvt]] may be better suited if you frequently work with these languages.<br />
<br />
Using bitmapped XLFD fonts with CJK has many pitfalls in xterm. It is much easier to use TrueType fonts for CJK display, using the {{ic|faceNameDoublesize}} resource. This example uses ''DejaVu Sans Mono'' as the normal font and ''WenQuanYi WenQuanYi Bitmap Song'' as the double width font:<br />
<br />
XTerm.vt100.faceName: DejaVu Sans Mono:style=Book:antialias=false<br />
XTerm.vt100.faceNameDoublesize: WenQuanYi WenQuanYi Bitmap Song<br />
XTerm.vt100.faceSize: 8<br />
<br />
==Tips and tricks==<br />
===Automatic transparency===<br />
Install the package {{AUR|transset-df}} and a [[Wikipedia:Compositing window manager|composite manager]] such as [[Xcompmgr]]. Then add the following line to your {{ic|~/.bashrc}}:<br />
[ -n "$XTERM_VERSION" ] && transset-df --id "$WINDOWID" >/dev/null<br />
<br />
Now, each time you launch a shell in an xterm and a composite manager is running, the xterm window will be transparent.<br />
The test in front of {{ic|transset-df}} keeps transet from executing if {{ic|XTERM_VERSION}} is not defined. Note that your terminal will not be transparent if you launch a program other than a shell this way. It is probably possible to work around this if you want the functionality.<br />
<br />
Also see [[Per-application transparency]].<br />
<br />
===Enable bell urgency===<br />
To make the bell character notify the window manager of urgency, set:<br />
<br />
XTerm.vt100.bellIsUrgent: true<br />
<br />
===Font tips===<br />
<br />
====Use color in place of bold and italics====<br />
When using small font sizes, bold or italic characters may be difficult to read. One solution is to turn off bolding and underlining or italics and use color instead. This example does just that:<br />
<br />
! disable bold font faces, instead make text light blue.<br />
XTerm.vt100.colorBDMode: true<br />
XTerm.vt100.colorBD: rgb:82/a4/d3<br />
! disable underlined text, instead make it white.<br />
XTerm.vt100.colorULMode: true<br />
XTerm.vt100.colorUL: rgb:e4/e4/e4<br />
! similarly use colorIT for italics<br />
<br />
See [[#Colors]] for formatting information.<br />
<br />
====Adjust line spacing====<br />
Lines of text can sometimes be too close together, or they may appear to be too widely spaced. For one example, using ''DejaVu Sans Mono, ''the low underscore glyph may butt against CJK glyphs or the cursor block in the line below. Line spacing, called ''leading ''by typographers, can be adjusted with the following resource, for example to widen the spacing:<br />
<br />
XTerm.scaleHeight: 1.01<br />
<br />
Valid values for range from {{ic|0.9}} to {{ic|1.5}}, with {{ic|1.0}} being the default.<br />
<br />
===Tek 4014 demonstration===<br />
If you have {{Pkg|plotutils}} installed, you can use xterm's Tektronix 4014 emulation to view some of the plotutils package's test files. Open the Tek window from the [[#VT Options menu]] menu item {{ic|Switch to Tek Mode}} or start a new xterm instance using this command:<br />
$ xterm -t -tn tek4014<br />
Your PS1 prompt will not render correctly, if it appears at all. In the new window, enter the command,<br />
cat /usr/share/tek2plot/dmerc.tek<br />
A world map will appear in the Tek window. You can also view other {{ic|*.tek}} files from that same directory. To close the Tek window, one can use the xterm menus.<br />
<br />
===Protect against X11 input snooping===<br />
It can be inconvenient to activate '''Secure Keyboard''' mode from the [[#Main Options menu]]. You can instead invoke the {{ic|secure()}} action with a [[#Key binding]]:<br />
<br />
Ctrl Alt <Key>S: secure()<br />
<br />
== Troubleshooting ==<br />
<br />
=== Flickering on scroll ===<br />
<br />
{{Warning|Double buffering may cause non-bitmap fonts to render incorrectly.}}<br />
<br />
Rebuild xterm using [[ABS]] and include the {{ic|--enable-double-buffer}} flag:<br />
<br />
./configure --prefix=/usr \<br />
...<br />
--with-utempter \<br />
--enable-double-buffer<br />
<br />
See [https://bbs.archlinux.org/viewtopic.php?id=146023 Xterm modifications] for details.<br />
<br />
== See also ==<br />
<br />
* [http://lukas.zapletalovi.com/2013/07/hidden-gems-of-xterm.html Hidden gems of Xterm]<br />
* [http://www.in-ulm.de/~mascheck/X11/XTerm Commented XTerm resources]<br />
* [http://www.futurile.net/2016/06/14/xterm-setup-and-truetype-font-configuration/ XTerm introduction and TrueType fonts configuration]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=578890Talk:Dm-crypt/Mounting at login2019-08-03T05:28:08Z<p>JimRees: /* system will stuck before login */ Are you sure you've got the "noauto" option?</p>
<hr />
<div>__TOC__<br />
== <s>pam_exec questions </s> ==<br />
<br />
Reading this interesting new contribution, I have three questions: <br />
# Exposing the passphrase: Are there any downsides of using expose_authtok (for the time of the user session)? Is it feasible to clear it after mounting succeeded at the end of /usr/local/bin/securemount? <br />
# Does this approach using pam_exec suffer from the same problem pam_mount has that a session is not closed due to pam_systemd.so (no consistent unmounting; see warning top of [[Pam_mount]])? <br />
# Since we don't have an fstab for the device, what about fsck-ing? <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:20, 27 February 2016 (UTC)<br />
<br />
# AFAIK expose_authtok exposes it only to the proces executed by pam_exec, and this process is short-lived - it only mounts the partition, and then quits.<br />
# No. Unmounting is not done in pam, it's done by systemd when user@.service gets stopped. And user@.service is usually stopped when the user logs out. (Usually? Because some daemons, like gpg-agent, may remain - and then it's not stopped. However, this is out of scope of this script, and should be solved in the systemd / DE configuration.)<br />
# We can add fscking to the securemount script. I think it can be done by passing -ofsck to mount - therefore we may simply add another argument to securemount for passing mount options.<br />
[[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 22:41, 27 February 2016 (UTC)<br />
<br />
:# Well, but the key @u stays active after mounting? Perhaps keyctl clear @u could be done upon unmounting. An alternative may be to add {{ic|timeout}} to keyctl padd, particularly if (2) is an issue. <br />
:# I agree it should be solved in systemd. However, systemd sees it as [https://bugs.freedesktop.org/show_bug.cgi?id=72759#c1 NOTOURBUG], effectively breaking production status for pam_mount and pam_ecryptfs for some years & counting.[https://wiki.archlinux.org/index.php?title=ECryptfs&diff=365591&oldid=362767] Nothing to do with your contribution. Yet, what I would like to avoid is that we add the user@.service method to a dm-crypt article and later figure it suffers from the same symptom, because this would break the whole concept of using it in the first place and users would be better off to stick with legacy mount helpers at login. You see the point? What do you think re the issue for the user service? (edit: It is not a consistent bug, but happens frequently. Simple way to test: login with the user, perform random tasks, log out again and check mounts with another user. If you do it 5-10 times and the user@.service always gets stopped/crypt unmounted, we're on a good path I'd say.)<br />
:# Hm, is that option alive? Anyway, e2fsck could be added by another optional ExecStart= in the mount service or something. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 04:19, 28 February 2016 (UTC)<br />
<br />
::# Password is stored in the kernel keyring of the root user until the computer gets turned of. I guess it's a good idea to add a timeout, and clear the key upon mounting successfuly (as it isn't needed anymore).<br />
::# pam_mount and pam_ecryptfs systemd-related bugs are different bugs. They unmount when PAM's session gets closed - and systemd does not close it correctly. I unmount when all the user's processes die - and unmounting before that happens is impossible, as they use the directory, and kernel wouldn't let it happen. Therefore, the thing that should get fixed, is stopping all user's services when he logs out. I guess I'll experiment a bit with it, and report results.<br />
:: [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 11:38, 28 February 2016 (UTC)<br />
<br />
:::Thanks in advance for looking into it. I think the main caveat of the bug affecting pam_mount is that it will try only once to unmount and if that fails, it stays mounted. Such behaviour should be much better controllable with a systemd unit, if we can stipulate the requisites for it regarding user processes. It is logical the user cannot expect any user processes to run once he chooses to unmounts /home (log out). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 07:56, 6 March 2016 (UTC)<br />
<br />
::::I close this, not useful to follow-up from the start - See item below. An fstab was added, so it can be fscked regularly as configured. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:02, 16 January 2019 (UTC)<br />
<br />
== <s>Article rewritten</s> ==<br />
<br />
I've rebuilt the solution from scratch, hopefully solving all the problems mentioned above. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 17:38, 24 January 2017 (UTC)<br />
<br />
:Thanks. Frankly, I forgot about looking into it again (others did & use your work, see talk items below). Closing. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:04, 16 January 2019 (UTC)<br />
<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
:I just tried this, and maybe I'm doing something wrong. Without automount, how is the partition supposed to get mounted? I had to add a mount command to /etc/pam_cryptsetup.sh. But that's not a complete fix, because there is nothing to close the mapper on logout. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:07, 28 June 2019 (UTC)<br />
<br />
== <s>pam LUKS partition auto mount on login returning exit code 2</s> ==<br />
<br />
These instructions no longer work. See https://bbs.archlinux.org/viewtopic.php?id=238477 . I don't know enough about how this works to say whether this is just a bug that needs to be fixed, or whether the workaround should be documented here. But this should get fixed somehow. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 20:48, 10 July 2018 (UTC)<br />
<br />
:I don't know how it used to be, but expose_authtok provides the password with a \0 at the end, which doesn't work. I currently use a translator script that I call from pam_exec to work around the issue: <code>cat - | tr '\0' '\n' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code> [[User:DarkShadow44|DarkShadow44]] ([[User talk:DarkShadow44|talk]]) 21:04, 13 July 2018 (UTC)<br />
::I haven't tried this, but I don't think you need the "cat", and it should be sufficient to just remove the nul byte: <code>tr -d '\0' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code><br />
::This seems like a bug in expose_authtok. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:25, 27 July 2018 (UTC)<br />
:Just tried the described instructions, and it worked like a charm. [[User:Mathieu.clabaut|Mathieu.clabaut]] ([[User talk:Mathieu.clabaut|talk]]) 14:49, 16 January 2019 (UTC)<br />
:I can confirm this as working too. I updated the section, striking this one. [[User:Dargmuesli|Dargmuesli]] ([[User talk:Dargmuesli|talk]]) 02:36, 29 March 2019 (UTC)<br />
<br />
<br />
== system will stuck before login ==<br />
Trying to setup following this guide, fstab get triggered *before* login. Not finding the _/dev/mapper_ device, it will get stuck and fall back in repair mode [ unsigned ]<br />
:Are you sure you've got the "noauto" option? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 05:28, 3 August 2019 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=576529Talk:Dm-crypt/Mounting at login2019-06-28T15:07:02Z<p>JimRees: /* Suggestion: Remove x-systemd.automount */ Without automount, how is the partition supposed to get mounted?</p>
<hr />
<div>__TOC__<br />
== <s>pam_exec questions </s> ==<br />
<br />
Reading this interesting new contribution, I have three questions: <br />
# Exposing the passphrase: Are there any downsides of using expose_authtok (for the time of the user session)? Is it feasible to clear it after mounting succeeded at the end of /usr/local/bin/securemount? <br />
# Does this approach using pam_exec suffer from the same problem pam_mount has that a session is not closed due to pam_systemd.so (no consistent unmounting; see warning top of [[Pam_mount]])? <br />
# Since we don't have an fstab for the device, what about fsck-ing? <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:20, 27 February 2016 (UTC)<br />
<br />
# AFAIK expose_authtok exposes it only to the proces executed by pam_exec, and this process is short-lived - it only mounts the partition, and then quits.<br />
# No. Unmounting is not done in pam, it's done by systemd when user@.service gets stopped. And user@.service is usually stopped when the user logs out. (Usually? Because some daemons, like gpg-agent, may remain - and then it's not stopped. However, this is out of scope of this script, and should be solved in the systemd / DE configuration.)<br />
# We can add fscking to the securemount script. I think it can be done by passing -ofsck to mount - therefore we may simply add another argument to securemount for passing mount options.<br />
[[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 22:41, 27 February 2016 (UTC)<br />
<br />
:# Well, but the key @u stays active after mounting? Perhaps keyctl clear @u could be done upon unmounting. An alternative may be to add {{ic|timeout}} to keyctl padd, particularly if (2) is an issue. <br />
:# I agree it should be solved in systemd. However, systemd sees it as [https://bugs.freedesktop.org/show_bug.cgi?id=72759#c1 NOTOURBUG], effectively breaking production status for pam_mount and pam_ecryptfs for some years & counting.[https://wiki.archlinux.org/index.php?title=ECryptfs&diff=365591&oldid=362767] Nothing to do with your contribution. Yet, what I would like to avoid is that we add the user@.service method to a dm-crypt article and later figure it suffers from the same symptom, because this would break the whole concept of using it in the first place and users would be better off to stick with legacy mount helpers at login. You see the point? What do you think re the issue for the user service? (edit: It is not a consistent bug, but happens frequently. Simple way to test: login with the user, perform random tasks, log out again and check mounts with another user. If you do it 5-10 times and the user@.service always gets stopped/crypt unmounted, we're on a good path I'd say.)<br />
:# Hm, is that option alive? Anyway, e2fsck could be added by another optional ExecStart= in the mount service or something. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 04:19, 28 February 2016 (UTC)<br />
<br />
::# Password is stored in the kernel keyring of the root user until the computer gets turned of. I guess it's a good idea to add a timeout, and clear the key upon mounting successfuly (as it isn't needed anymore).<br />
::# pam_mount and pam_ecryptfs systemd-related bugs are different bugs. They unmount when PAM's session gets closed - and systemd does not close it correctly. I unmount when all the user's processes die - and unmounting before that happens is impossible, as they use the directory, and kernel wouldn't let it happen. Therefore, the thing that should get fixed, is stopping all user's services when he logs out. I guess I'll experiment a bit with it, and report results.<br />
:: [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 11:38, 28 February 2016 (UTC)<br />
<br />
:::Thanks in advance for looking into it. I think the main caveat of the bug affecting pam_mount is that it will try only once to unmount and if that fails, it stays mounted. Such behaviour should be much better controllable with a systemd unit, if we can stipulate the requisites for it regarding user processes. It is logical the user cannot expect any user processes to run once he chooses to unmounts /home (log out). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 07:56, 6 March 2016 (UTC)<br />
<br />
::::I close this, not useful to follow-up from the start - See item below. An fstab was added, so it can be fscked regularly as configured. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:02, 16 January 2019 (UTC)<br />
<br />
== <s>Article rewritten</s> ==<br />
<br />
I've rebuilt the solution from scratch, hopefully solving all the problems mentioned above. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 17:38, 24 January 2017 (UTC)<br />
<br />
:Thanks. Frankly, I forgot about looking into it again (others did & use your work, see talk items below). Closing. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 21:04, 16 January 2019 (UTC)<br />
<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
:I just tried this, and maybe I'm doing something wrong. Without automount, how is the partition supposed to get mounted? I had to add a mount command to /etc/pam_cryptsetup.sh. But that's not a complete fix, because there is nothing to close the mapper on logout. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:07, 28 June 2019 (UTC)<br />
<br />
== <s>pam LUKS partition auto mount on login returning exit code 2</s> ==<br />
<br />
These instructions no longer work. See https://bbs.archlinux.org/viewtopic.php?id=238477 . I don't know enough about how this works to say whether this is just a bug that needs to be fixed, or whether the workaround should be documented here. But this should get fixed somehow. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 20:48, 10 July 2018 (UTC)<br />
<br />
:I don't know how it used to be, but expose_authtok provides the password with a \0 at the end, which doesn't work. I currently use a translator script that I call from pam_exec to work around the issue: <code>cat - | tr '\0' '\n' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code> [[User:DarkShadow44|DarkShadow44]] ([[User talk:DarkShadow44|talk]]) 21:04, 13 July 2018 (UTC)<br />
::I haven't tried this, but I don't think you need the "cat", and it should be sufficient to just remove the nul byte: <code>tr -d '\0' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code><br />
::This seems like a bug in expose_authtok. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:25, 27 July 2018 (UTC)<br />
:Just tried the described instructions, and it worked like a charm. [[User:Mathieu.clabaut|Mathieu.clabaut]] ([[User talk:Mathieu.clabaut|talk]]) 14:49, 16 January 2019 (UTC)<br />
:I can confirm this as working too. I updated the section, striking this one. [[User:Dargmuesli|Dargmuesli]] ([[User talk:Dargmuesli|talk]]) 02:36, 29 March 2019 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=531230Talk:Dm-crypt/Mounting at login2018-07-27T13:25:47Z<p>JimRees: /* pam LUKS partition auto mount on login returning exit code 2 */ I haven't tried this</p>
<hr />
<div>__TOC__<br />
== <s>Title</s> ==<br />
<br />
:''[Background: the article was originally created as [[Dm-crypt/Mounting at login]], then moved to [[pam_exec]], which generated this discussion. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 11:37, 27 February 2016 (UTC)]''<br />
<br />
I don't think this article should be called Pam_exec. While pam_mount is usable only for mounting, pam_exec can be used for everything. Also, it's not the most important part of this solution - kernel keyring and systemd service are somewhat more important. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 10:32, 27 February 2016 (UTC)<br />
<br />
:True, I've reverted my move, I did it because all [[dm-crypt]] subpages correspond to a section in the main article, so this was an exception, and also [[pam_mount]] doesn't talk about the module in general, but about the specific case of encryption, so I thought I'd give this article a similar title to better remark their relation.<br />
:At the moment I can't think of a title that solves both problems, unless we go for a third-level subpage, e.g. [[Dm-crypt/System configuration/Mounting at login]], but it doesn't look well, the only precedent is [[Kernels/Compilation/Traditional]] which however if it wasn't flagged for merging it would have already been moved to a simple subpage version.<br />
:Better ideas are welcome here. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 12:59, 27 February 2016 (UTC)<br />
<br />
::I don't think that not corresponding to a section in the main article is a real problem. I guess it could get merged into [[Dm-crypt/System configuration]] as a new section, however it's somewhat longer than others and probably most people don't mix the at-boot way with the at-login way. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 13:35, 27 February 2016 (UTC)<br />
<br />
:::I don't like adding it to [[Dm-crypt/System configuration]] as well. Reason for me is that at current that subpage concentrates the generic configuration (mkinitcpio, bootloader, crypttab) that comes with core repo packages. Adding non-standard scripts et al is out-of-scope, confusing imo. <br />
:::Looking at the article as is, the place it was linked in initially ([[Dm-crypt/Encrypting a non-root file system#On user login]]) makes most sense to me. Although, I would say not many users will use a separate blockdevice for a singular user (<s>when does this device get fsckd btw?</s>). <br />
:::Going forward I would, however, vote for splitting it into two parts at some point: <br />
:::# pam_exec <br />
:::# cryptsetup (u)mount + systemd unit (at [[Dm-crypt/Encrypting a non-root file system#On user login]]))<br />
:::As LEW21 says, pam_exec could serve many purposes. It would be synergetic if we had a [[pam]] article at some stage, with [[pam_mount]], the recently added [[pam_usb]], [[pam_exec]] and [[pam_abl]] being subpages (at least pam_mount) or subsections in it, depending on respective article/section size.<br />
:::--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 19:11, 27 February 2016 (UTC)<br />
<br />
::::Having an introductory article to [[PAM]] would be a good idea indeed, we have more information scattered throughout the wiki, e.g. [[Security#Enforcing_strong_passwords_using_pam_cracklib]] and other sections in that article. The remainder of this article could then more easily be merged directly into [[Dm-crypt/Encrypting a non-root file system#On user login]], as for example the three subheadings under [[Dm-crypt/Mounting_at_login#Helper_scripts]] aren't really necessary, the file names are already in the code templates' headers. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 01:15, 28 February 2016 (UTC)<br />
<br />
:::::Nice you agree. Yes, let's all see to streamline it a little together, so that it is not overly long when moved. I will start editing this article myself regarding style once I got round to trying/playing with it (which I want to do anyway). To my [[Dm-crypt/System configuration]] argument I would like to add that, of course, I agree that configuration methods which are somewhat generic might make sense to be added on that subpage too. For example, if the systemd unit contributed by LEW21 would be transformed into a generic one to crosslink/use it in other parts of the [[dm-crypt]] article. We should decide it case-by-case. The first generic unit content due to mention there may be the systemd package's units though. <br />
:::::For [[PAM]] I have added [[ArchWiki:Requests#PAM]] as a reminder. Tricky subject, hopefully it raises interest among contributors. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 08:41, 6 March 2016 (UTC)<br />
<br />
::::::Thank you Indigo, I'm not sure how much time I'll have to help with the new article though, but adding it to [[ArchWiki:Requests]] has been a great idea! — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:26, 7 March 2016 (UTC)<br />
<br />
:::::::I think we better close this to keep overview. Now these instructions use pam_mount, we added a PAM article, etc, so most above is not applicable anymore. Let's rather open a new one item if moving elsewhere is better. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:14, 17 April 2017 (UTC)<br />
<br />
== pam_exec questions ==<br />
<br />
Reading this interesting new contribution, I have three questions: <br />
# Exposing the passphrase: Are there any downsides of using expose_authtok (for the time of the user session)? Is it feasible to clear it after mounting succeeded at the end of /usr/local/bin/securemount? <br />
# Does this approach using pam_exec suffer from the same problem pam_mount has that a session is not closed due to pam_systemd.so (no consistent unmounting; see warning top of [[Pam_mount]])? <br />
# Since we don't have an fstab for the device, what about fsck-ing? <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:20, 27 February 2016 (UTC)<br />
<br />
# AFAIK expose_authtok exposes it only to the proces executed by pam_exec, and this process is short-lived - it only mounts the partition, and then quits.<br />
# No. Unmounting is not done in pam, it's done by systemd when user@.service gets stopped. And user@.service is usually stopped when the user logs out. (Usually? Because some daemons, like gpg-agent, may remain - and then it's not stopped. However, this is out of scope of this script, and should be solved in the systemd / DE configuration.)<br />
# We can add fscking to the securemount script. I think it can be done by passing -ofsck to mount - therefore we may simply add another argument to securemount for passing mount options.<br />
[[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 22:41, 27 February 2016 (UTC)<br />
<br />
:# Well, but the key @u stays active after mounting? Perhaps keyctl clear @u could be done upon unmounting. An alternative may be to add {{ic|timeout}} to keyctl padd, particularly if (2) is an issue. <br />
:# I agree it should be solved in systemd. However, systemd sees it as [https://bugs.freedesktop.org/show_bug.cgi?id=72759#c1 NOTOURBUG], effectively breaking production status for pam_mount and pam_ecryptfs for some years & counting.[https://wiki.archlinux.org/index.php?title=ECryptfs&diff=365591&oldid=362767] Nothing to do with your contribution. Yet, what I would like to avoid is that we add the user@.service method to a dm-crypt article and later figure it suffers from the same symptom, because this would break the whole concept of using it in the first place and users would be better off to stick with legacy mount helpers at login. You see the point? What do you think re the issue for the user service? (edit: It is not a consistent bug, but happens frequently. Simple way to test: login with the user, perform random tasks, log out again and check mounts with another user. If you do it 5-10 times and the user@.service always gets stopped/crypt unmounted, we're on a good path I'd say.)<br />
:# Hm, is that option alive? Anyway, e2fsck could be added by another optional ExecStart= in the mount service or something. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 04:19, 28 February 2016 (UTC)<br />
<br />
::# Password is stored in the kernel keyring of the root user until the computer gets turned of. I guess it's a good idea to add a timeout, and clear the key upon mounting successfuly (as it isn't needed anymore).<br />
::# pam_mount and pam_ecryptfs systemd-related bugs are different bugs. They unmount when PAM's session gets closed - and systemd does not close it correctly. I unmount when all the user's processes die - and unmounting before that happens is impossible, as they use the directory, and kernel wouldn't let it happen. Therefore, the thing that should get fixed, is stopping all user's services when he logs out. I guess I'll experiment a bit with it, and report results.<br />
:: [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 11:38, 28 February 2016 (UTC)<br />
<br />
:::Thanks in advance for looking into it. I think the main caveat of the bug affecting pam_mount is that it will try only once to unmount and if that fails, it stays mounted. Such behaviour should be much better controllable with a systemd unit, if we can stipulate the requisites for it regarding user processes. It is logical the user cannot expect any user processes to run once he chooses to unmounts /home (log out). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 07:56, 6 March 2016 (UTC)<br />
<br />
== <s>Questions</s> ==<br />
<br />
Thanks for these scripts—I agree that there should be a filesystem check.<br />
<br />
What should the passphrase be? Should we generate a random passphrase, or does it have to match our login?<br />
<br />
There is a typo in the [[Dm-crypt/Mounting_at_login#systemd_service]] section. The filename should be in the system subdirectory. I'll fix it.<br />
<br />
Should we make these scripts executable by root/everyone? --[[User:Kete|Kete]] ([[User talk:Kete|talk]]) 15:38, 14 March 2016 (UTC)<br />
<br />
:Hi, thanks for helping to troubleshoot this new section. For the passphrase I have added [https://wiki.archlinux.org/index.php?title=Dm-crypt%2FMounting_at_login&type=revision&diff=425842&oldid=425740] for now. I have not tried this method yet, but the scripts should only need chmod 700 (root:root). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 10:10, 15 March 2016 (UTC)<br />
:Closing; issues superceded. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:05, 17 April 2017 (UTC)<br />
<br />
==<s> archive</s> ==<br />
<br />
I've added an archive flag after fiddling to test the instructions. Instructions are incomplete anyway without a part explaining how to setup the blockdevice for a user in the first place. The whole solution appears hack-ish in current state, for example the pam_exec part will error any time another user logs in, other issues noted in above talk items not followed up by the author or anyone else, etc. <br />
This only leads to problems for our readers/users in current state. <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 11:50, 5 May 2016 (UTC)<br />
<br />
:Thanks, I haven't tried the instructions, so I can't reply about that, but if nobody objects to your proposal, I think that the title can be more useful as a redirect to [[pam_mount]] than archiving it. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 11:01, 6 May 2016 (UTC)<br />
<br />
::Closing, superceded by [[#Article_rewritten]]. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:07, 17 April 2017 (UTC)<br />
<br />
== <s>secureumount</s> ==<br />
<br />
I think there should be mentioned, that in Arch default value for 'KillUserProcesses' is 'no'. So due that fact, script 'secureumount' will not work. Device can't be unmounted if at least one process is using that device. [[User:Stricte|Stricte]] ([[User talk:Stricte|talk]])<br />
<br />
:This is mentioned in un-mounting note now. closing. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:09, 17 April 2017 (UTC)<br />
<br />
== Article rewritten ==<br />
<br />
I've rebuilt the solution from scratch, hopefully solving all the problems mentioned above. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 17:38, 24 January 2017 (UTC)<br />
<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
== pam LUKS partition auto mount on login returning exit code 2 ==<br />
<br />
These instructions no longer work. See https://bbs.archlinux.org/viewtopic.php?id=238477 . I don't know enough about how this works to say whether this is just a bug that needs to be fixed, or whether the workaround should be documented here. But this should get fixed somehow. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 20:48, 10 July 2018 (UTC)<br />
<br />
:I don't know how it used to be, but expose_authtok provides the password with a \0 at the end, which doesn't work. I currently use a translator script that I call from pam_exec to work around the issue: <code>cat - | tr '\0' '\n' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code> [[User:DarkShadow44|DarkShadow44]] ([[User talk:DarkShadow44|talk]]) 21:04, 13 July 2018 (UTC)<br />
::I haven't tried this, but I don't think you need the "cat", and it should be sufficient to just remove the nul byte: <code>tr -d '\0' | /usr/bin/cryptsetup open /dev/sda4 home-fabian</code><br />
::This seems like a bug in expose_authtok. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 13:25, 27 July 2018 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Dm-crypt/Mounting_at_login&diff=530555Dm-crypt/Mounting at login2018-07-21T02:41:59Z<p>JimRees: /* Mounting at login */ see talk page</p>
<hr />
<div>[[Category:Security]]<br />
[[ja:Dm-crypt/ログイン時にマウント]]<br />
{{Related articles start}}<br />
{{Related|pam_mount}}<br />
{{Related articles end}}<br />
<br />
It is possible to configure [[PAM]] and [[systemd]] to automatically mount a [[dm-crypt]] encrypted home partition when its owner logs in, and to unmount it when he logs out.<br />
<br />
This tutorial assumes you have already created your encrypted partition, as described in [[Dm-crypt/Encrypting a non-root file system]].<br />
<br />
{{Note|<br />
* You need to use the same password for your user account and for LUKS.<br />
* In all the examples, replace {{ic|''YOURNAME''}} with your username, {{ic|''1000''}} with your user ID and {{ic|''PARTITION''}} with the name of your encrypted partition's device.<br />
}}<br />
<br />
== Mounting at login ==<br />
<br />
''pam_exec'' can be used to unlock the device at login. Edit {{ic|/etc/pam.d/system-login}} and add the line below emphasized in bold after {{ic|auth include system-auth}}:<br />
<br />
{{Note|1=GDM, LightDM, and maybe other display managers might require {{ic|pam_exec}} for {{ic|session}} as well, see [[Talk:Dm-crypt/Mounting at login#pam_exec required for session & using script]].}}<br />
<br />
{{Note|These instructions no longer work. See the talk page for workarounds.}}<br />
<br />
{{hc|/etc/pam.d/system-login|2=<br />
...<br />
<br />
auth include system-auth<br />
'''auth optional pam_exec.so expose_authtok quiet /usr/bin/cryptsetup open /dev/''PARTITION'' home-''YOURNAME'''''<br />
<br />
...<br />
}}<br />
<br />
Now edit {{ic|/etc/fstab}} to mount the unlocked device using [[Fstab#Automount with systemd|systemd.automount]]:<br />
<br />
{{hc|/etc/fstab|2=<br />
...<br />
<br />
/dev/mapper/home-''YOURNAME'' /home/''YOURNAME'' ext4 rw,noatime,noauto,x-systemd.automount 0 2<br />
<br />
...<br />
}}<br />
<br />
Your home directory will be mounted automatically on the first access made by your desktop environment or shell.<br />
<br />
== Unmouting at logout ==<br />
After you log out of all your sessions, ''systemd-logind'' automatically shuts down {{ic|user@''1000''.service}}. Therefore, you can specify that your mountpoint requires it, and ''systemd'' will unmount it automatically:<br />
<br />
{{hc|/etc/systemd/system/home-''YOURNAME''.mount.d/logout.conf|2=<br />
[Unit]<br />
Requires=user@''1000''.service}}<br />
<br />
This will however create a circular dependency loop that cannot by resolved automatically by ''systemd'', so you need to describe the dependencies and ordering explicitly:<br />
<br />
{{hc|/etc/systemd/system/user@''1000''.service.d/homedir.conf|2=<br />
[Unit]<br />
Requires=home-''YOURNAME''.mount<br />
After=home-''YOURNAME''.mount}}<br />
<br />
{{Note|1=If your desktop environment or some other application does not kill all its processes on logout, you might need to set {{ic|1=KillUserProcesses=yes}} in {{ic|/etc/systemd/logind.conf}}.}}<br />
<br />
=== Locking ===<br />
<br />
After unmounting, the device will still be unlocked, and it will be possible to mount it without re-entering password. You can set up and [[enable]] a service that starts when the device gets unlocked ({{ic|1=BindsTo=dev-mapper-home\x2d''YOURNAME''.device}}) and dies after the device gets unmounted ({{ic|1=Requires,Before=home-''YOURNAME''.mount}}), locking the device in the process ({{ic|1=ExecStop=cryptsetup close}}):<br />
<br />
{{hc|/etc/systemd/system/cryptsetup-''YOURNAME''.service|2=<br />
[Unit]<br />
DefaultDependencies=no<br />
BindsTo=dev-''PARTITION''.device<br />
After=dev-''PARTITION''.device<br />
BindsTo=dev-mapper-home\x2d''YOURNAME''.device<br />
Requires=home-''YOURNAME''.mount<br />
Before=home-''YOURNAME''.mount<br />
Conflicts=umount.target<br />
Before=umount.target<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
TimeoutSec=0<br />
ExecStop=/usr/bin/cryptsetup close home-''YOURNAME''<br />
<br />
[Install]<br />
RequiredBy=dev-mapper-home\x2d''YOURNAME''.device<br />
}}<br />
{{Note|{{ic|dev-''PARTITION''}} is the result of {{ic|systemd-escape -p /dev/''PARTITION''}}}}</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dm-crypt/Mounting_at_login&diff=529254Talk:Dm-crypt/Mounting at login2018-07-10T20:48:52Z<p>JimRees: /* pam LUKS partition auto mount on login returning exit code 2 */ new section</p>
<hr />
<div>__TOC__<br />
== <s>Title</s> ==<br />
<br />
:''[Background: the article was originally created as [[Dm-crypt/Mounting at login]], then moved to [[pam_exec]], which generated this discussion. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 11:37, 27 February 2016 (UTC)]''<br />
<br />
I don't think this article should be called Pam_exec. While pam_mount is usable only for mounting, pam_exec can be used for everything. Also, it's not the most important part of this solution - kernel keyring and systemd service are somewhat more important. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 10:32, 27 February 2016 (UTC)<br />
<br />
:True, I've reverted my move, I did it because all [[dm-crypt]] subpages correspond to a section in the main article, so this was an exception, and also [[pam_mount]] doesn't talk about the module in general, but about the specific case of encryption, so I thought I'd give this article a similar title to better remark their relation.<br />
:At the moment I can't think of a title that solves both problems, unless we go for a third-level subpage, e.g. [[Dm-crypt/System configuration/Mounting at login]], but it doesn't look well, the only precedent is [[Kernels/Compilation/Traditional]] which however if it wasn't flagged for merging it would have already been moved to a simple subpage version.<br />
:Better ideas are welcome here. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 12:59, 27 February 2016 (UTC)<br />
<br />
::I don't think that not corresponding to a section in the main article is a real problem. I guess it could get merged into [[Dm-crypt/System configuration]] as a new section, however it's somewhat longer than others and probably most people don't mix the at-boot way with the at-login way. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 13:35, 27 February 2016 (UTC)<br />
<br />
:::I don't like adding it to [[Dm-crypt/System configuration]] as well. Reason for me is that at current that subpage concentrates the generic configuration (mkinitcpio, bootloader, crypttab) that comes with core repo packages. Adding non-standard scripts et al is out-of-scope, confusing imo. <br />
:::Looking at the article as is, the place it was linked in initially ([[Dm-crypt/Encrypting a non-root file system#On user login]]) makes most sense to me. Although, I would say not many users will use a separate blockdevice for a singular user (<s>when does this device get fsckd btw?</s>). <br />
:::Going forward I would, however, vote for splitting it into two parts at some point: <br />
:::# pam_exec <br />
:::# cryptsetup (u)mount + systemd unit (at [[Dm-crypt/Encrypting a non-root file system#On user login]]))<br />
:::As LEW21 says, pam_exec could serve many purposes. It would be synergetic if we had a [[pam]] article at some stage, with [[pam_mount]], the recently added [[pam_usb]], [[pam_exec]] and [[pam_abl]] being subpages (at least pam_mount) or subsections in it, depending on respective article/section size.<br />
:::--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 19:11, 27 February 2016 (UTC)<br />
<br />
::::Having an introductory article to [[PAM]] would be a good idea indeed, we have more information scattered throughout the wiki, e.g. [[Security#Enforcing_strong_passwords_using_pam_cracklib]] and other sections in that article. The remainder of this article could then more easily be merged directly into [[Dm-crypt/Encrypting a non-root file system#On user login]], as for example the three subheadings under [[Dm-crypt/Mounting_at_login#Helper_scripts]] aren't really necessary, the file names are already in the code templates' headers. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 01:15, 28 February 2016 (UTC)<br />
<br />
:::::Nice you agree. Yes, let's all see to streamline it a little together, so that it is not overly long when moved. I will start editing this article myself regarding style once I got round to trying/playing with it (which I want to do anyway). To my [[Dm-crypt/System configuration]] argument I would like to add that, of course, I agree that configuration methods which are somewhat generic might make sense to be added on that subpage too. For example, if the systemd unit contributed by LEW21 would be transformed into a generic one to crosslink/use it in other parts of the [[dm-crypt]] article. We should decide it case-by-case. The first generic unit content due to mention there may be the systemd package's units though. <br />
:::::For [[PAM]] I have added [[ArchWiki:Requests#PAM]] as a reminder. Tricky subject, hopefully it raises interest among contributors. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 08:41, 6 March 2016 (UTC)<br />
<br />
::::::Thank you Indigo, I'm not sure how much time I'll have to help with the new article though, but adding it to [[ArchWiki:Requests]] has been a great idea! — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:26, 7 March 2016 (UTC)<br />
<br />
:::::::I think we better close this to keep overview. Now these instructions use pam_mount, we added a PAM article, etc, so most above is not applicable anymore. Let's rather open a new one item if moving elsewhere is better. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:14, 17 April 2017 (UTC)<br />
<br />
== pam_exec questions ==<br />
<br />
Reading this interesting new contribution, I have three questions: <br />
# Exposing the passphrase: Are there any downsides of using expose_authtok (for the time of the user session)? Is it feasible to clear it after mounting succeeded at the end of /usr/local/bin/securemount? <br />
# Does this approach using pam_exec suffer from the same problem pam_mount has that a session is not closed due to pam_systemd.so (no consistent unmounting; see warning top of [[Pam_mount]])? <br />
# Since we don't have an fstab for the device, what about fsck-ing? <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:20, 27 February 2016 (UTC)<br />
<br />
# AFAIK expose_authtok exposes it only to the proces executed by pam_exec, and this process is short-lived - it only mounts the partition, and then quits.<br />
# No. Unmounting is not done in pam, it's done by systemd when user@.service gets stopped. And user@.service is usually stopped when the user logs out. (Usually? Because some daemons, like gpg-agent, may remain - and then it's not stopped. However, this is out of scope of this script, and should be solved in the systemd / DE configuration.)<br />
# We can add fscking to the securemount script. I think it can be done by passing -ofsck to mount - therefore we may simply add another argument to securemount for passing mount options.<br />
[[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 22:41, 27 February 2016 (UTC)<br />
<br />
:# Well, but the key @u stays active after mounting? Perhaps keyctl clear @u could be done upon unmounting. An alternative may be to add {{ic|timeout}} to keyctl padd, particularly if (2) is an issue. <br />
:# I agree it should be solved in systemd. However, systemd sees it as [https://bugs.freedesktop.org/show_bug.cgi?id=72759#c1 NOTOURBUG], effectively breaking production status for pam_mount and pam_ecryptfs for some years & counting.[https://wiki.archlinux.org/index.php?title=ECryptfs&diff=365591&oldid=362767] Nothing to do with your contribution. Yet, what I would like to avoid is that we add the user@.service method to a dm-crypt article and later figure it suffers from the same symptom, because this would break the whole concept of using it in the first place and users would be better off to stick with legacy mount helpers at login. You see the point? What do you think re the issue for the user service? (edit: It is not a consistent bug, but happens frequently. Simple way to test: login with the user, perform random tasks, log out again and check mounts with another user. If you do it 5-10 times and the user@.service always gets stopped/crypt unmounted, we're on a good path I'd say.)<br />
:# Hm, is that option alive? Anyway, e2fsck could be added by another optional ExecStart= in the mount service or something. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 04:19, 28 February 2016 (UTC)<br />
<br />
::# Password is stored in the kernel keyring of the root user until the computer gets turned of. I guess it's a good idea to add a timeout, and clear the key upon mounting successfuly (as it isn't needed anymore).<br />
::# pam_mount and pam_ecryptfs systemd-related bugs are different bugs. They unmount when PAM's session gets closed - and systemd does not close it correctly. I unmount when all the user's processes die - and unmounting before that happens is impossible, as they use the directory, and kernel wouldn't let it happen. Therefore, the thing that should get fixed, is stopping all user's services when he logs out. I guess I'll experiment a bit with it, and report results.<br />
:: [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 11:38, 28 February 2016 (UTC)<br />
<br />
:::Thanks in advance for looking into it. I think the main caveat of the bug affecting pam_mount is that it will try only once to unmount and if that fails, it stays mounted. Such behaviour should be much better controllable with a systemd unit, if we can stipulate the requisites for it regarding user processes. It is logical the user cannot expect any user processes to run once he chooses to unmounts /home (log out). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 07:56, 6 March 2016 (UTC)<br />
<br />
== <s>Questions</s> ==<br />
<br />
Thanks for these scripts—I agree that there should be a filesystem check.<br />
<br />
What should the passphrase be? Should we generate a random passphrase, or does it have to match our login?<br />
<br />
There is a typo in the [[Dm-crypt/Mounting_at_login#systemd_service]] section. The filename should be in the system subdirectory. I'll fix it.<br />
<br />
Should we make these scripts executable by root/everyone? --[[User:Kete|Kete]] ([[User talk:Kete|talk]]) 15:38, 14 March 2016 (UTC)<br />
<br />
:Hi, thanks for helping to troubleshoot this new section. For the passphrase I have added [https://wiki.archlinux.org/index.php?title=Dm-crypt%2FMounting_at_login&type=revision&diff=425842&oldid=425740] for now. I have not tried this method yet, but the scripts should only need chmod 700 (root:root). --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 10:10, 15 March 2016 (UTC)<br />
:Closing; issues superceded. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:05, 17 April 2017 (UTC)<br />
<br />
==<s> archive</s> ==<br />
<br />
I've added an archive flag after fiddling to test the instructions. Instructions are incomplete anyway without a part explaining how to setup the blockdevice for a user in the first place. The whole solution appears hack-ish in current state, for example the pam_exec part will error any time another user logs in, other issues noted in above talk items not followed up by the author or anyone else, etc. <br />
This only leads to problems for our readers/users in current state. <br />
--[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 11:50, 5 May 2016 (UTC)<br />
<br />
:Thanks, I haven't tried the instructions, so I can't reply about that, but if nobody objects to your proposal, I think that the title can be more useful as a redirect to [[pam_mount]] than archiving it. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 11:01, 6 May 2016 (UTC)<br />
<br />
::Closing, superceded by [[#Article_rewritten]]. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:07, 17 April 2017 (UTC)<br />
<br />
== <s>secureumount</s> ==<br />
<br />
I think there should be mentioned, that in Arch default value for 'KillUserProcesses' is 'no'. So due that fact, script 'secureumount' will not work. Device can't be unmounted if at least one process is using that device. [[User:Stricte|Stricte]] ([[User talk:Stricte|talk]])<br />
<br />
:This is mentioned in un-mounting note now. closing. --[[User:Indigo|Indigo]] ([[User talk:Indigo|talk]]) 18:09, 17 April 2017 (UTC)<br />
<br />
== Article rewritten ==<br />
<br />
I've rebuilt the solution from scratch, hopefully solving all the problems mentioned above. [[User:LEW21|LEW21]] ([[User talk:LEW21|talk]]) 17:38, 24 January 2017 (UTC)<br />
<br />
== pam_exec required for session & using script ==<br />
<br />
<br />
NOTE: Occurs with both GDM & LightDM, perhaps others.<br />
<br />
<br />
Was unable to login with GDM, unless I first logged in on another tty using default shell, kept session opened, and switched back to GDM. After some poking around i found:<br />
<br />
Default Shell ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:11:09 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:11:09 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 13:11:09 o0o login[3820]: '''pam_unix'''(login:session): session opened for user in0ni by LOGIN(uid=0)<br />
Apr 14 13:11:09 o0o systemd[3951]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:11:09 o0o systemd-logind[254]: New session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:11:09 o0o systemd[3951]: Reached target Timers.<br />
<br />
GDM Login ('''note''': order of pam_unix calls)<br />
<br />
Apr 14 13:10:03 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 13:10:03 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1994]: '''Failed to fully start up daemon: Permission denied'''<br />
Apr 14 13:10:03 o0o systemd-logind[260]: New session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o gdm-password][1955]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 13:10:03 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 13:10:03 o0o systemd[1994]: Reached target Timers.<br />
Apr 14 13:10:03 o0o systemd[1994]: Created slice Root Slice.<br />
<br />
Having previously played with original pam_mount suggested, I decided to move {{ic|pam_exec}} to {{ic|system-auth}}, and use for '''both''' {{ic|auth}} and {{ic|session}}:<br />
('''note''': removal of {{ic|expose_authtok}} in session)<br />
<br />
#%PAM-1.0<br />
<br />
auth [success=1 default=ignore] pam_unix.so try_first_pass nullok<br />
auth requisite pam_deny.so<br />
'''auth optional pam_exec.so expose_authtok quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
auth optional pam_permit.so<br />
auth required pam_env.so<br />
<br />
account required pam_unix.so<br />
account optional pam_permit.so<br />
account required pam_time.so<br />
<br />
password required pam_unix.so try_first_pass nullok sha512 shadow<br />
password optional pam_permit.so<br />
<br />
'''session optional pam_exec.so quiet''' /usr/bin/cryptsetup open /dev/sda2 home-USERNAME<br />
session required pam_limits.so<br />
session required pam_unix.so<br />
session optional pam_permit.so<br />
<br />
Now {{ic|pam_unix}} calls match that of the default shell<br />
<br />
Apr 14 15:38:34 o0o systemd[1]: Starting User Manager for UID 1000...<br />
Apr 14 15:38:34 o0o kernel: EXT4-fs (dm-0): mounted filesystem with ordered data mode. Opts: (null)<br />
Apr 14 15:38:34 o0o gdm-password][1867]: pam_exec(gdm-password:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o gdm-password][1867]: '''pam_unix'''(gdm-password:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd[1994]: pam_exec(systemd-user:session): /usr/bin/cryptsetup failed: exit code 5<br />
Apr 14 15:38:34 o0o systemd[1994]: '''pam_unix'''(systemd-user:session): session opened for user in0ni by (uid=0)<br />
Apr 14 15:38:34 o0o systemd-logind[246]: New session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1]: Started Session c2 of user in0ni.<br />
Apr 14 15:38:34 o0o systemd[1994]: Starting D-Bus User Message Bus Socket.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Paths.<br />
Apr 14 15:38:34 o0o systemd[1994]: Reached target Timers.<br />
<br />
'''Suggested Changes:'''<br />
<br />
To avoid several unnecessary calls to {{ic|cryptsetup}} create {{ic|/etc/pam_cryptsetup.sh}} (ensures it's called for the right user, and only if device not already open):<br />
<br />
#!/bin/sh<br />
<br />
CRYPT_USER="__INSERT_USER_NAME_HERE__"<br />
MAPPER="/dev/mapper/home-"$CRYPT_USER<br />
<br />
if [ "$PAM_USER" == "$CRYPT_USER" ] && [ ! -e $MAPPER ]<br />
then<br />
/usr/bin/cryptsetup open /dev/sda2 home-$PAM_USER<br />
fi<br />
<br />
changes to {{ic|system-auth}}:<br />
<br />
auth optional pam_exec.so expose_authtok quiet /etc/pam_cryptsetup.sh<br />
<br />
session optional pam_exec.so quiet /etc/pam_cryptsetup.sh<br />
<br />
[[User:In0ni|In0ni]] ([[User talk:In0ni|talk]]) 21:16, 14 April 2017 (UTC)<br />
<br />
== Suggestion: Remove x-systemd.automount ==<br />
<br />
Other units may trigger an automount request before you've logged in causing other programs to freeze. In my case both sddm and lightdm triggered automount requests to freeze for 1-2 minutes, even though I did as the article suggests by setting EnableAvatars to false in /etc/sddm.conf. Additionally NetworkManager triggered automount because, I assume, of connection configurations that refers to certificates and key-files in the home directory. I assume that other units may trigger autmount requests and freeze as well. In my case even logging in as another user and running vim (without referring to the automount point) triggered automount requests. [[User:Mapster|Mapster]] ([[User talk:Mapster|talk]]) 14:44, 14 October 2017 (UTC)<br />
<br />
<br />
This bug is caused by the use of x-systemd.automount: https://bugs.archlinux.org/task/55043<br />
The suggestions on this wiki page work without systemd automount. This may be a bug in x-systemd.automount. 00:55, 13 November 2017 (UTC)<br />
<br />
== pam LUKS partition auto mount on login returning exit code 2 ==<br />
<br />
These instructions no longer work. See https://bbs.archlinux.org/viewtopic.php?id=238477 . I don't know enough about how this works to say whether this is just a bug that needs to be fixed, or whether the workaround should be documented here. But this should get fixed somehow. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 20:48, 10 July 2018 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Linux_Containers&diff=493850Linux Containers2017-10-22T13:55:04Z<p>JimRees: /* Host network configuration */ another typo</p>
<hr />
<div>[[Category:Security]]<br />
[[Category:Virtualization]]<br />
[[ja:Linux Containers]]<br />
[[pt:Linux Containers]]<br />
{{Related articles start}}<br />
{{Related|AirVPN}}<br />
{{Related|ABS}}<br />
{{Related|Cgroups}}<br />
{{Related|Docker}}<br />
{{Related|LXD}}<br />
{{Related|OpenVPN}}<br />
{{Related|OpenVPN (client) in Linux containers}}<br />
{{Related|OpenVPN (server) in Linux containers}}<br />
{{Related|PeerGuardian Linux}}<br />
{{Related|systemd-nspawn}}<br />
{{Related articles end}}<br />
<br />
Linux Containers (LXC) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by [[Wikipedia:Linux namespaces|namespaces]] and [[cgroups]] features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.<br />
<br />
Alternatives for using containers are [[systemd-nspawn]], [[docker]] or also the {{Pkg|rkt}} package.<br />
<br />
== Privileged containers or unprivileged containers ==<br />
LXCs can be setup to run in either ''privileged'' or ''unprivileged'' configurations.<br />
<br />
In general, running an ''unprivileged'' container is [https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers considered safer] than running a ''privileged'' container since ''unprivileged'' containers have an increased degree of isolation by virtue of their design. Key to this is the mapping of the root UID in the container to a non-root UID on the host which makes it more difficult for a hack within the container to lead to consequences on host system. In other words, if an attacker manages to escape the container, he or she should find themselves with no rights on the host.<br />
<br />
The Arch packages currently provide out-of-the-box support for ''privileged'' containers only. This is due to the current Arch {{pkg|linux}} kernel '''not''' shipping with user namespaces configured. This article contains information for users to run either type of container, but additional setup is required to use ''unprivileged'' containers at this time.<br />
<br />
{{Note|A request has been filed to include user namespace support in the kernel: {{Bug|36969}}. However, the request has been closed because of the numerous security issues caused by user namespaces, which are frequently discovered.}}<br />
<br />
=== An example to illustrate unprivileged containers ===<br />
<br />
To illustrate the power of UID mapping, consider the output below from a running, ''unprivileged'' container. Therein, we see the containerized processes owned by the containerized root user in the output of {{ic|ps}}:<br />
<br />
[root@unprivileged_container /]# ps -ef | head -n 5<br />
UID PID PPID C STIME TTY TIME CMD<br />
root 1 0 0 17:49 ? 00:00:00 /sbin/init<br />
root 14 1 0 17:49 ? 00:00:00 /usr/lib/systemd/systemd-journald<br />
dbus 25 1 0 17:49 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation<br />
systemd+ 26 1 0 17:49 ? 00:00:00 /usr/lib/systemd/systemd-networkd<br />
<br />
On the host however, those containerized root processes are running as the mapped user (ID>100000) on the host, not as the root user on the host:<br />
[root@host /]# lxc-info -Ssip --name sandbox<br />
State: RUNNING<br />
PID: 26204<br />
CPU use: 10.51 seconds<br />
BlkIO use: 244.00 KiB<br />
Memory use: 13.09 MiB<br />
KMem use: 7.21 MiB<br />
<br />
[root@host /]# ps -ef | grep 26204 | head -n 5<br />
UID PID PPID C STIME TTY TIME CMD<br />
100000 26204 26200 0 12:49 ? 00:00:00 /sbin/init<br />
100000 26256 26204 0 12:49 ? 00:00:00 /usr/lib/systemd/systemd-journald<br />
100081 26282 26204 0 12:49 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation<br />
100000 26284 26204 0 12:49 ? 00:00:00 /usr/lib/systemd/systemd-logind<br />
<br />
== Setup ==<br />
=== Required software ===<br />
Installing {{Pkg|lxc}} and {{Pkg|arch-install-scripts}} will allow the host system to run privileged lxcs.<br />
<br />
==== Enable support to run unprivileged contains (optional) ====<br />
Users wishing to run ''unprivileged'' containers need to complete several additional setup steps.<br />
<br />
Firstly, a custom kernel is required that has support for User namespaces. This option is available under '''General setup>Namespaces support>User namespace''' from an nconfig, or by simply modifying the kernel [[PKGBUILD]] with the following line inserted prior to the "make prepare" line:<br />
sed -i -e 's/# CONFIG_USER_NS is not set/CONFIG_USER_NS=y/' ./.config<br />
<br />
See, [[ABS]] for more on compiling a custom kernel.<br />
<br />
Secondly, modify {{ic|/etc/lxc/default.conf}} to contain the following lines:<br />
lxc.idmap = u 0 100000 65536<br />
lxc.idmap = g 0 100000 65536<br />
<br />
Finally, create both {{ic|/etc/subuid}} and {{ic|/etc/subgid}} to contain the mapping to the containerized uid/gid pairs for each user who shall be able to run the containers. The example below is simply for the root user (and systemd system unit):<br />
<br />
{{hc|/etc/subuid|<nowiki><br />
root:100000:65536<br />
</nowiki>}}<br />
<br />
{{hc|/etc/subgid|<nowiki><br />
root:100000:65536<br />
</nowiki>}}<br />
<br />
=== Host network configuration ===<br />
LXCs support different virtual network types and devices (see [https://linuxcontainers.org/lxc/manpages//man5/lxc.container.conf.5.html lxc.container.conf(5)]). A bridge device on the host is required for most types of virtual networking.<br />
<br />
LXC comes with its own NAT Bridge (lxcbr0).<br />
{{Note|A NAT bridge is a standalone bridge with a private network that is not bridged to the host eth0 or a physical network. It exists as a private subnet in the host.}}<br />
{{Tip|This is quite useful when WIFI is the only option. There have bean various attempts of creating Bridges on WIFI without much success.}}<br />
<br />
To use LXC's NAT Bridge you need to create its configuration file:<br />
<br />
{{hc|/etc/default/lxc-net|<br />
2=# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your<br />
# containers. Set to "false" if you'll use virbr0 or another existing<br />
# bridge, or mavlan to your host's NIC.<br />
USE_LXC_BRIDGE="true"<br />
<br />
# If you change the LXC_BRIDGE to something other than lxcbr0, then<br />
# you will also need to update your /etc/lxc/default.conf as well as the<br />
# configuration (/var/lib/lxc/<container>/config) for any containers<br />
# already created using the default config to reflect the new bridge<br />
# name.<br />
# If you have the dnsmasq daemon installed, you'll also have to update<br />
# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon.<br />
LXC_BRIDGE="lxcbr0"<br />
LXC_ADDR="10.0.3.1"<br />
LXC_NETMASK="255.255.255.0"<br />
LXC_NETWORK="10.0.3.0/24"<br />
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"<br />
LXC_DHCP_MAX="253"<br />
# Uncomment the next line if you'd like to use a conf-file for the lxcbr0<br />
# dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have<br />
# container 'mail1' always get ip address 10.0.3.100.<br />
#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf<br />
<br />
# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc<br />
# domain. You can then add "server=/lxc/10.0.3.1' (or your actual $LXC_ADDR)<br />
# to your system dnsmasq configuration file (normally /etc/dnsmasq.conf,<br />
# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems that use NetworkManager).<br />
# Once these changes are made, restart the lxc-net and network-manager services.<br />
# 'container1.lxc' will then resolve on your host.<br />
#LXC_DOMAIN="lxc"<br />
}}<br />
<br />
{{Tip| Make sure the bridges ip-range does not interfere with your local network.}}<br />
<br />
Then we need to modify the LXC container template so our containers use our bridge:<br />
<br />
{{hc|/etc/lxc/default.conf|<br />
2=lxc.net.0.type = veth<br />
lxc.net.0.link = lxcbr0<br />
lxc.net.0.flags = up<br />
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx<br />
}}<br />
<br />
You also need to install [https://wiki.archlinux.org/index.php/Dnsmasq Dnsmasq] which is a dependency for lxcbr0.<br />
<br />
pacman -S dnsmasq<br />
<br />
Then we can start the bridge:<br />
<br />
systemctl start lxc-net<br />
<br />
If you want the bridge to start at boot-time<br />
<br />
systemctl enable lxc-net<br />
<br />
<br />
For further information including Host bridges users are referred to the [[Network bridge]] article.<br />
<br />
=== Container creation ===<br />
For ''privileged'' containers, simply select a template from {{ic|/usr/share/lxc/templates}} that matches the target distro to containerize. Users wishing to containerize non-Arch distros will need additional packages on the host depending on the target distro:<br />
* Debian-based: {{Pkg|debootstrap}}<br />
* Fedora-based: {{AUR|yum}}<br />
<br />
Run {{ic|lxc-create}} to create the container, which installs the root filesystem of the LXC to {{ic|/var/lib/lxc/CONTAINER_NAME/rootfs}} by default. Example creating an Arch Linux LXC named "playtime":<br />
# lxc-create -n playtime -t /usr/share/lxc/templates/lxc-archlinux<br />
<br />
Users wishing to run ''unprivileged'' containers should use the -t download directive and select from the images that are displayed. For example:<br />
# lxc-create -n playtime -t download<br />
<br />
Alternatively, create a ''privileged'' container, and see: [[#Converting a privileged container to an unprivileged container]].<br />
<br />
{{Tip|Users may optionally install {{Pkg|haveged}} and [[start]] {{ic|haveged.service}} to avoid a perceived hang during the setup process while waiting for system entropy to be seeded. Without it, the generation of private/GPG keys can add a lengthy wait to the process.}}<br />
<br />
{{Tip|Users of [[Btrfs]] can append {{ic|-B btrfs}} to create a Btrfs subvolume for storing containerized rootfs. This comes in handy if cloning containers with the help of {{ic|lxc-clone}} command. [[ZFS]] users may use {{ic|-B zfs}}, correspondingly.}}<br />
<br />
=== Container configuration ===<br />
The examples below can be used with ''privileged'' and ''unprivileged'' containers alike. Note that for unprivileged containers, additional lines will be present by default which are not shown in the examples, including the {{ic|1=lxc.idmap = u 0 100000 65536}} and the {{ic|1=lxc.idmap = g 0 100000 65536}} values optionally defined in the [[#Enable support to run unprivileged contains (optional)]] section.<br />
<br />
==== Basic config with networking ====<br />
{{Note|With the release of lxc-1:2.1.0-1, many of the configuration options have changed. Existing containers need to be updated; users are directed to the table of these changes in the [https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487 v2.1 release notes].}}<br />
<br />
System resources to be virtualized/isolated when a process is using the container are defined in {{ic|/var/lib/lxc/CONTAINER_NAME/config}}. By default, the creation process will make a minimum setup without networking support. Below is an example config with networking:<br />
<br />
{{hc|/var/lib/lxc/playtime/config|<nowiki><br />
# Template used to create this container: /usr/share/lxc/templates/lxc-archlinux<br />
# Parameters passed to the template:<br />
# For additional config options, please look at lxc.container.conf(5)<br />
<br />
## default values<br />
lxc.rootfs.path = /var/lib/lxc/playtime/rootfs<br />
lxc.uts.name = playtime<br />
lxc.arch = x86_64<br />
lxc.include = /usr/share/lxc/config/archlinux.common.conf<br />
<br />
## network<br />
lxc.net.0.type = veth<br />
lxc.net.0.link = br0<br />
lxc.net.0.flags = up<br />
lxc.net.0.name = eth0<br />
lxc.net.0.hwaddr = ee:ec:fa:e9:56:7d<br />
# uncomment the next two lines if static IP addresses are needed<br />
# leaving these commented will imply DHCP networking<br />
#<br />
#lxc.net.0.ipv4 = 192.168.0.3/24<br />
#lxc.net.0.ipv4.gateway = 192.168.0.1<br />
</nowiki>}}<br />
<br />
{{Note|The lxc.network.hwaddr entry is optional and if skipped, a random MAC address will be created automatically. It can be advantageous to define a MAC address for the container to allow the DHCP server to always assign the same IP to the container's NIC (beyond the scope of this article but worth mentioning).}}<br />
<br />
==== Mounts within the container ====<br />
For ''privileged'' containers, one can select directories on the host to bind mount to the container. This can be advantageous for example if the same architecture is being containerize and one wants to share pacman packages between the host and container. Another example could be shared directories. The syntax is simple:<br />
<br />
lxc.mount.entry = /var/cache/pacman/pkg var/cache/pacman/pkg none bind 0 0<br />
<br />
{{Note|This will not work without filesystem permission modifications on the host if using ''unprivileged'' containers.}}<br />
==== Xorg program considerations (optional) ====<br />
In order to run programs on the host's display, some bind mounts need to be defined so that the containerized programs can access the host's resources. Add the following section to {{ic|/var/lib/lxc/playtime/config}}:<br />
## for xorg<br />
lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir<br />
lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir<br />
lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir,ro<br />
lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file<br />
<br />
If you still get a permission denied error in your LXC guest, then you may need to call {{ic|xhost +}} in your host to allow the guest to connect to the host's display server. Take note of the security concerns of opening up your display server by doing this.<br />
<br />
{{Note|This will not work if using ''unprivileged'' containers.}}<br />
<br />
==== OpenVPN considerations ====<br />
<br />
Users wishing to run [[OpenVPN]] within the container are direct to either [[OpenVPN (client) in Linux containers]] and/or [[OpenVPN (server) in Linux containers]].<br />
<br />
== Managing containers ==<br />
=== Basic usage ===<br />
To list all installed LXC containers:<br />
# lxc-ls -f<br />
<br />
Systemd can be used to [[start]] and to [[stop]] LXCs via {{ic|lxc@CONTAINER_NAME.service}}. [[Enable]] {{ic|lxc@CONTAINER_NAME.service}} to have it start when the host system boots.<br />
<br />
Users can also start/stop LXCs without systemd.<br />
Start a container:<br />
# lxc-start -n CONTAINER_NAME<br />
<br />
Stop a container:<br />
# lxc-stop -n CONTAINER_NAME<br />
<br />
To login into a container:<br />
# lxc-console -n CONTAINER_NAME<br />
<br />
If when login you get pts/0 and lxc/tty1 use:<br />
# lxc-console -n CONTAINER_NAME -t 0<br />
<br />
Once logged, treat the container like any other linux system, set the root password, create users, install packages, etc.<br />
<br />
To attach to a container:<br />
# lxc-attach -n CONTAINER_NAME<br />
<br />
It works nearly the same as lxc-console, but you are automatically accessing root prompt inside the container, bypassing login.<br />
<br />
=== Advanced usage ===<br />
<br />
==== LXC clones ====<br />
Users with a need to run multiple containers can simplify administrative overhead (user management, system updates, etc.) by using snapshots. The strategy is to setup and keep up-to-date a single base container, then, as needed, clone (snapshot) it. The power in this strategy is that the disk space and system overhead are truly minimized since the snapshots use an overlayfs mount to only write out to disk, only the differences in data. The base system is read-only but changes to it in the snapshots are allowed via the overlayfs.<br />
<br />
For example, setup a container as outlined above. We will call it "base" for the purposes of this guide. Now create 2 snapshots of "base" which we will call "snap1" and "snap2" with these commands:<br />
# lxc-copy -n base -N snap1 -B overlayfs -s<br />
# lxc-copy -n base -N snap2 -B overlayfs -s<br />
<br />
{{Note|If a static IP was defined for the "base" lxc, that will need to manually changed in the config for "snap1" and for "snap2" before starting them. If the process is to be automated, a script using sed can do this automatically although this is beyond the scope of this wiki section.}}<br />
<br />
The snapshots can be started/stopped like any other container. Users can optionally destroy the snapshots and all new data therein with the following command. Note that the underlying "base" lxc is untouched:<br />
# lxc-destroy -n snap1 -f<br />
<br />
Systemd units and wrapper scripts to manage snapshots for [[pi-hole]] and [[OpenVPN]] are available to automate the process in {{AUR|lxc-snapshots}}.<br />
<br />
=== Converting a privileged container to an unprivileged container ===<br />
Once the system has been configured to use unprivileged containers (see, [[#Enable support to run unprivileged contains (optional)]]), {{AUR|nsexec-bzr}} contains a utility called {{ic|uidmapshift}} which is able to convert an existing ''privileged'' container to an ''unprivileged'' container to avoid a total rebuild of the image.<br />
<br />
{{Warning|<br />
* It is recommended to backup the existing image before using this utility!<br />
* This utility will not shift UIDs and GIDs in [[ACL]], you will need to shift them on your own.<br />
}}<br />
<br />
Invoke the utility to convert over like so:<br />
# uidmapshift -b /var/lib/lxc/foo 0 100000 65536<br />
<br />
Additional options are available simply by calling {{ic|uidmapshift}} without any arguments.<br />
<br />
== Running Xorg programs ==<br />
Either attach to or [[SSH]] into the target container and prefix the call to the program with the DISPLAY ID of the host's X session. For most simple setups, the display is always 0.<br />
<br />
An example of running Firefox from the container in the host's display:<br />
$ DISPLAY=:0 firefox<br />
<br />
Alternatively, to avoid directly attaching to or connecting to the container, the following can be used on the host to automate the process:<br />
# lxc-attach -n playtime --clear-env -- sudo -u YOURUSER env DISPLAY=:0 firefox<br />
<br />
== Troubleshooting ==<br />
<br />
=== Root login fails ===<br />
<br />
If you get the following error when you try to login using lxc-console:<br />
<br />
login: root<br />
Login incorrect<br />
<br />
And the container's {{ic|journalctl}} shows:<br />
<br />
pam_securetty(login:auth): access denied: tty 'pts/0' is not secure !<br />
<br />
Add {{ic|pts/0}} to the list of terminal names in {{ic|/etc/securetty}} on the '''container''' filesystem, see [http://unix.stackexchange.com/questions/41840/effect-of-entries-in-etc-securetty/41939#41939]. You can also opt to delete {{ic|/etc/securetty}} on the '''container''' to allow always root to login, see [https://github.com/systemd/systemd/issues/852].<br />
<br />
Alternatively, create a new user in lxc-attach and use it for logging in to the system, then switch to root.<br />
<br />
# lxc-attach -n playtime<br />
[root@playtime]# useradd -m -Gwheel newuser<br />
[root@playtime]# passwd newuser<br />
[root@playtime]# passwd root<br />
[root@playtime]# exit<br />
# lxc-console -n playtime<br />
[newuser@playtime]$ su<br />
<br />
===No network-connection with veth in container config===<br />
<br />
If you cannot access your LAN or WAN with a networking interface configured as '''veth''' and setup through {{ic|/etc/lxc/''containername''/config}}.<br />
If the virtual interface gets the ip assigned and should be connected to the network correctly.<br />
ip addr show veth0 <br />
inet 192.168.1.111/24<br />
You may disable all the relevant static ip formulas and try setting the ip through the booted container-os like you would normaly do.<br />
<br />
Example {{ic|''container''/config}}<br />
<br />
...<br />
lxc.net.0.type = veth<br />
lxc.net.0.name = veth0<br />
lxc.net.0.flags = up<br />
lxc.net.0.link = {{ic|bridge}}<br />
...<br />
<br />
And then assign your IP through your preferred method '''inside''' the container, see also [[Network configuration#Configure the IP address]]{{Broken section link}}.<br />
<br />
===Cannot start unprivileged LXC due to newuidmap execution failure===<br />
<br />
{{Accuracy|See {{Bug|52560}}: it is unclear what the "current version" is, if there is any upstream bug report and where the patch is.}}<br />
<br />
Unprivileged LXC cannot start with the current {{Pkg|shadow}} package, because the ''newuidmap'' and ''newgidmap'' binaries do not have the ''setuid'' bit.<br />
<br />
$ chmod u+s /usr/bin/newuidmap<br />
$ chmod u+s /usr/bin/newgidmap<br />
<br />
This is a bug in upstream but still not cherry-picked in official repository<br />
<br />
== See also ==<br />
<br />
* [https://www.stgraber.org/2013/12/20/lxc-1-0-blog-post-series/ LXC 1.0 Blog Post Series]<br />
* [http://www.ibm.com/developerworks/linux/library/l-lxc-containers/ LXC@developerWorks]<br />
* [http://docs.docker.io/en/latest/installation/archlinux/ Docker Installation on ArchLinux]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Linux_Containers&diff=493849Linux Containers2017-10-22T13:54:11Z<p>JimRees: /* Host network configuration */ typo</p>
<hr />
<div>[[Category:Security]]<br />
[[Category:Virtualization]]<br />
[[ja:Linux Containers]]<br />
[[pt:Linux Containers]]<br />
{{Related articles start}}<br />
{{Related|AirVPN}}<br />
{{Related|ABS}}<br />
{{Related|Cgroups}}<br />
{{Related|Docker}}<br />
{{Related|LXD}}<br />
{{Related|OpenVPN}}<br />
{{Related|OpenVPN (client) in Linux containers}}<br />
{{Related|OpenVPN (server) in Linux containers}}<br />
{{Related|PeerGuardian Linux}}<br />
{{Related|systemd-nspawn}}<br />
{{Related articles end}}<br />
<br />
Linux Containers (LXC) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a single control host (LXC host). It does not provide a virtual machine, but rather provides a virtual environment that has its own CPU, memory, block I/O, network, etc. space and the resource control mechanism. This is provided by [[Wikipedia:Linux namespaces|namespaces]] and [[cgroups]] features in Linux kernel on LXC host. It is similar to a chroot, but offers much more isolation.<br />
<br />
Alternatives for using containers are [[systemd-nspawn]], [[docker]] or also the {{Pkg|rkt}} package.<br />
<br />
== Privileged containers or unprivileged containers ==<br />
LXCs can be setup to run in either ''privileged'' or ''unprivileged'' configurations.<br />
<br />
In general, running an ''unprivileged'' container is [https://www.stgraber.org/2014/01/17/lxc-1-0-unprivileged-containers considered safer] than running a ''privileged'' container since ''unprivileged'' containers have an increased degree of isolation by virtue of their design. Key to this is the mapping of the root UID in the container to a non-root UID on the host which makes it more difficult for a hack within the container to lead to consequences on host system. In other words, if an attacker manages to escape the container, he or she should find themselves with no rights on the host.<br />
<br />
The Arch packages currently provide out-of-the-box support for ''privileged'' containers only. This is due to the current Arch {{pkg|linux}} kernel '''not''' shipping with user namespaces configured. This article contains information for users to run either type of container, but additional setup is required to use ''unprivileged'' containers at this time.<br />
<br />
{{Note|A request has been filed to include user namespace support in the kernel: {{Bug|36969}}. However, the request has been closed because of the numerous security issues caused by user namespaces, which are frequently discovered.}}<br />
<br />
=== An example to illustrate unprivileged containers ===<br />
<br />
To illustrate the power of UID mapping, consider the output below from a running, ''unprivileged'' container. Therein, we see the containerized processes owned by the containerized root user in the output of {{ic|ps}}:<br />
<br />
[root@unprivileged_container /]# ps -ef | head -n 5<br />
UID PID PPID C STIME TTY TIME CMD<br />
root 1 0 0 17:49 ? 00:00:00 /sbin/init<br />
root 14 1 0 17:49 ? 00:00:00 /usr/lib/systemd/systemd-journald<br />
dbus 25 1 0 17:49 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation<br />
systemd+ 26 1 0 17:49 ? 00:00:00 /usr/lib/systemd/systemd-networkd<br />
<br />
On the host however, those containerized root processes are running as the mapped user (ID>100000) on the host, not as the root user on the host:<br />
[root@host /]# lxc-info -Ssip --name sandbox<br />
State: RUNNING<br />
PID: 26204<br />
CPU use: 10.51 seconds<br />
BlkIO use: 244.00 KiB<br />
Memory use: 13.09 MiB<br />
KMem use: 7.21 MiB<br />
<br />
[root@host /]# ps -ef | grep 26204 | head -n 5<br />
UID PID PPID C STIME TTY TIME CMD<br />
100000 26204 26200 0 12:49 ? 00:00:00 /sbin/init<br />
100000 26256 26204 0 12:49 ? 00:00:00 /usr/lib/systemd/systemd-journald<br />
100081 26282 26204 0 12:49 ? 00:00:00 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation<br />
100000 26284 26204 0 12:49 ? 00:00:00 /usr/lib/systemd/systemd-logind<br />
<br />
== Setup ==<br />
=== Required software ===<br />
Installing {{Pkg|lxc}} and {{Pkg|arch-install-scripts}} will allow the host system to run privileged lxcs.<br />
<br />
==== Enable support to run unprivileged contains (optional) ====<br />
Users wishing to run ''unprivileged'' containers need to complete several additional setup steps.<br />
<br />
Firstly, a custom kernel is required that has support for User namespaces. This option is available under '''General setup>Namespaces support>User namespace''' from an nconfig, or by simply modifying the kernel [[PKGBUILD]] with the following line inserted prior to the "make prepare" line:<br />
sed -i -e 's/# CONFIG_USER_NS is not set/CONFIG_USER_NS=y/' ./.config<br />
<br />
See, [[ABS]] for more on compiling a custom kernel.<br />
<br />
Secondly, modify {{ic|/etc/lxc/default.conf}} to contain the following lines:<br />
lxc.idmap = u 0 100000 65536<br />
lxc.idmap = g 0 100000 65536<br />
<br />
Finally, create both {{ic|/etc/subuid}} and {{ic|/etc/subgid}} to contain the mapping to the containerized uid/gid pairs for each user who shall be able to run the containers. The example below is simply for the root user (and systemd system unit):<br />
<br />
{{hc|/etc/subuid|<nowiki><br />
root:100000:65536<br />
</nowiki>}}<br />
<br />
{{hc|/etc/subgid|<nowiki><br />
root:100000:65536<br />
</nowiki>}}<br />
<br />
=== Host network configuration ===<br />
LXCs support different virtual network types and devices (see [https://linuxcontainers.org/lxc/manpages//man5/lxc.container.conf.5.html lxc.container.conf(5)]). A bridge device on the host is required for most types of virtual networking.<br />
<br />
LXC comes with its own NAT Bridge (lxcbr0).<br />
{{Note|A NAT bridge is a standalone bridge with a private network that is not bridged to the host eth0 or a physical network. It exists as a private subnet in the host.}}<br />
{{Tip|This is quite useful when WIFI is the only option. There have bean various attempts of creating Bridges on WIFI without much success.}}<br />
<br />
To use LXC's NAT Bridge you need to create it's configuration file:<br />
<br />
{{hc|/etc/default/lxc-net|<br />
2=# Leave USE_LXC_BRIDGE as "true" if you want to use lxcbr0 for your<br />
# containers. Set to "false" if you'll use virbr0 or another existing<br />
# bridge, or mavlan to your host's NIC.<br />
USE_LXC_BRIDGE="true"<br />
<br />
# If you change the LXC_BRIDGE to something other than lxcbr0, then<br />
# you will also need to update your /etc/lxc/default.conf as well as the<br />
# configuration (/var/lib/lxc/<container>/config) for any containers<br />
# already created using the default config to reflect the new bridge<br />
# name.<br />
# If you have the dnsmasq daemon installed, you'll also have to update<br />
# /etc/dnsmasq.d/lxc and restart the system wide dnsmasq daemon.<br />
LXC_BRIDGE="lxcbr0"<br />
LXC_ADDR="10.0.3.1"<br />
LXC_NETMASK="255.255.255.0"<br />
LXC_NETWORK="10.0.3.0/24"<br />
LXC_DHCP_RANGE="10.0.3.2,10.0.3.254"<br />
LXC_DHCP_MAX="253"<br />
# Uncomment the next line if you'd like to use a conf-file for the lxcbr0<br />
# dnsmasq. For instance, you can use 'dhcp-host=mail1,10.0.3.100' to have<br />
# container 'mail1' always get ip address 10.0.3.100.<br />
#LXC_DHCP_CONFILE=/etc/lxc/dnsmasq.conf<br />
<br />
# Uncomment the next line if you want lxcbr0's dnsmasq to resolve the .lxc<br />
# domain. You can then add "server=/lxc/10.0.3.1' (or your actual $LXC_ADDR)<br />
# to your system dnsmasq configuration file (normally /etc/dnsmasq.conf,<br />
# or /etc/NetworkManager/dnsmasq.d/lxc.conf on systems that use NetworkManager).<br />
# Once these changes are made, restart the lxc-net and network-manager services.<br />
# 'container1.lxc' will then resolve on your host.<br />
#LXC_DOMAIN="lxc"<br />
}}<br />
<br />
{{Tip| Make sure the bridges ip-range does not interfere with your local network.}}<br />
<br />
Then we need to modify the LXC container template so our containers use our bridge:<br />
<br />
{{hc|/etc/lxc/default.conf|<br />
2=lxc.net.0.type = veth<br />
lxc.net.0.link = lxcbr0<br />
lxc.net.0.flags = up<br />
lxc.net.0.hwaddr = 00:16:3e:xx:xx:xx<br />
}}<br />
<br />
You also need to install [https://wiki.archlinux.org/index.php/Dnsmasq Dnsmasq] which is a dependency for lxcbr0.<br />
<br />
pacman -S dnsmasq<br />
<br />
Then we can start the bridge:<br />
<br />
systemctl start lxc-net<br />
<br />
If you want the bridge to start at boot-time<br />
<br />
systemctl enable lxc-net<br />
<br />
<br />
For further information including Host bridges users are referred to the [[Network bridge]] article.<br />
<br />
=== Container creation ===<br />
For ''privileged'' containers, simply select a template from {{ic|/usr/share/lxc/templates}} that matches the target distro to containerize. Users wishing to containerize non-Arch distros will need additional packages on the host depending on the target distro:<br />
* Debian-based: {{Pkg|debootstrap}}<br />
* Fedora-based: {{AUR|yum}}<br />
<br />
Run {{ic|lxc-create}} to create the container, which installs the root filesystem of the LXC to {{ic|/var/lib/lxc/CONTAINER_NAME/rootfs}} by default. Example creating an Arch Linux LXC named "playtime":<br />
# lxc-create -n playtime -t /usr/share/lxc/templates/lxc-archlinux<br />
<br />
Users wishing to run ''unprivileged'' containers should use the -t download directive and select from the images that are displayed. For example:<br />
# lxc-create -n playtime -t download<br />
<br />
Alternatively, create a ''privileged'' container, and see: [[#Converting a privileged container to an unprivileged container]].<br />
<br />
{{Tip|Users may optionally install {{Pkg|haveged}} and [[start]] {{ic|haveged.service}} to avoid a perceived hang during the setup process while waiting for system entropy to be seeded. Without it, the generation of private/GPG keys can add a lengthy wait to the process.}}<br />
<br />
{{Tip|Users of [[Btrfs]] can append {{ic|-B btrfs}} to create a Btrfs subvolume for storing containerized rootfs. This comes in handy if cloning containers with the help of {{ic|lxc-clone}} command. [[ZFS]] users may use {{ic|-B zfs}}, correspondingly.}}<br />
<br />
=== Container configuration ===<br />
The examples below can be used with ''privileged'' and ''unprivileged'' containers alike. Note that for unprivileged containers, additional lines will be present by default which are not shown in the examples, including the {{ic|1=lxc.idmap = u 0 100000 65536}} and the {{ic|1=lxc.idmap = g 0 100000 65536}} values optionally defined in the [[#Enable support to run unprivileged contains (optional)]] section.<br />
<br />
==== Basic config with networking ====<br />
{{Note|With the release of lxc-1:2.1.0-1, many of the configuration options have changed. Existing containers need to be updated; users are directed to the table of these changes in the [https://discuss.linuxcontainers.org/t/lxc-2-1-has-been-released/487 v2.1 release notes].}}<br />
<br />
System resources to be virtualized/isolated when a process is using the container are defined in {{ic|/var/lib/lxc/CONTAINER_NAME/config}}. By default, the creation process will make a minimum setup without networking support. Below is an example config with networking:<br />
<br />
{{hc|/var/lib/lxc/playtime/config|<nowiki><br />
# Template used to create this container: /usr/share/lxc/templates/lxc-archlinux<br />
# Parameters passed to the template:<br />
# For additional config options, please look at lxc.container.conf(5)<br />
<br />
## default values<br />
lxc.rootfs.path = /var/lib/lxc/playtime/rootfs<br />
lxc.uts.name = playtime<br />
lxc.arch = x86_64<br />
lxc.include = /usr/share/lxc/config/archlinux.common.conf<br />
<br />
## network<br />
lxc.net.0.type = veth<br />
lxc.net.0.link = br0<br />
lxc.net.0.flags = up<br />
lxc.net.0.name = eth0<br />
lxc.net.0.hwaddr = ee:ec:fa:e9:56:7d<br />
# uncomment the next two lines if static IP addresses are needed<br />
# leaving these commented will imply DHCP networking<br />
#<br />
#lxc.net.0.ipv4 = 192.168.0.3/24<br />
#lxc.net.0.ipv4.gateway = 192.168.0.1<br />
</nowiki>}}<br />
<br />
{{Note|The lxc.network.hwaddr entry is optional and if skipped, a random MAC address will be created automatically. It can be advantageous to define a MAC address for the container to allow the DHCP server to always assign the same IP to the container's NIC (beyond the scope of this article but worth mentioning).}}<br />
<br />
==== Mounts within the container ====<br />
For ''privileged'' containers, one can select directories on the host to bind mount to the container. This can be advantageous for example if the same architecture is being containerize and one wants to share pacman packages between the host and container. Another example could be shared directories. The syntax is simple:<br />
<br />
lxc.mount.entry = /var/cache/pacman/pkg var/cache/pacman/pkg none bind 0 0<br />
<br />
{{Note|This will not work without filesystem permission modifications on the host if using ''unprivileged'' containers.}}<br />
==== Xorg program considerations (optional) ====<br />
In order to run programs on the host's display, some bind mounts need to be defined so that the containerized programs can access the host's resources. Add the following section to {{ic|/var/lib/lxc/playtime/config}}:<br />
## for xorg<br />
lxc.mount.entry = /dev/dri dev/dri none bind,optional,create=dir<br />
lxc.mount.entry = /dev/snd dev/snd none bind,optional,create=dir<br />
lxc.mount.entry = /tmp/.X11-unix tmp/.X11-unix none bind,optional,create=dir,ro<br />
lxc.mount.entry = /dev/video0 dev/video0 none bind,optional,create=file<br />
<br />
If you still get a permission denied error in your LXC guest, then you may need to call {{ic|xhost +}} in your host to allow the guest to connect to the host's display server. Take note of the security concerns of opening up your display server by doing this.<br />
<br />
{{Note|This will not work if using ''unprivileged'' containers.}}<br />
<br />
==== OpenVPN considerations ====<br />
<br />
Users wishing to run [[OpenVPN]] within the container are direct to either [[OpenVPN (client) in Linux containers]] and/or [[OpenVPN (server) in Linux containers]].<br />
<br />
== Managing containers ==<br />
=== Basic usage ===<br />
To list all installed LXC containers:<br />
# lxc-ls -f<br />
<br />
Systemd can be used to [[start]] and to [[stop]] LXCs via {{ic|lxc@CONTAINER_NAME.service}}. [[Enable]] {{ic|lxc@CONTAINER_NAME.service}} to have it start when the host system boots.<br />
<br />
Users can also start/stop LXCs without systemd.<br />
Start a container:<br />
# lxc-start -n CONTAINER_NAME<br />
<br />
Stop a container:<br />
# lxc-stop -n CONTAINER_NAME<br />
<br />
To login into a container:<br />
# lxc-console -n CONTAINER_NAME<br />
<br />
If when login you get pts/0 and lxc/tty1 use:<br />
# lxc-console -n CONTAINER_NAME -t 0<br />
<br />
Once logged, treat the container like any other linux system, set the root password, create users, install packages, etc.<br />
<br />
To attach to a container:<br />
# lxc-attach -n CONTAINER_NAME<br />
<br />
It works nearly the same as lxc-console, but you are automatically accessing root prompt inside the container, bypassing login.<br />
<br />
=== Advanced usage ===<br />
<br />
==== LXC clones ====<br />
Users with a need to run multiple containers can simplify administrative overhead (user management, system updates, etc.) by using snapshots. The strategy is to setup and keep up-to-date a single base container, then, as needed, clone (snapshot) it. The power in this strategy is that the disk space and system overhead are truly minimized since the snapshots use an overlayfs mount to only write out to disk, only the differences in data. The base system is read-only but changes to it in the snapshots are allowed via the overlayfs.<br />
<br />
For example, setup a container as outlined above. We will call it "base" for the purposes of this guide. Now create 2 snapshots of "base" which we will call "snap1" and "snap2" with these commands:<br />
# lxc-copy -n base -N snap1 -B overlayfs -s<br />
# lxc-copy -n base -N snap2 -B overlayfs -s<br />
<br />
{{Note|If a static IP was defined for the "base" lxc, that will need to manually changed in the config for "snap1" and for "snap2" before starting them. If the process is to be automated, a script using sed can do this automatically although this is beyond the scope of this wiki section.}}<br />
<br />
The snapshots can be started/stopped like any other container. Users can optionally destroy the snapshots and all new data therein with the following command. Note that the underlying "base" lxc is untouched:<br />
# lxc-destroy -n snap1 -f<br />
<br />
Systemd units and wrapper scripts to manage snapshots for [[pi-hole]] and [[OpenVPN]] are available to automate the process in {{AUR|lxc-snapshots}}.<br />
<br />
=== Converting a privileged container to an unprivileged container ===<br />
Once the system has been configured to use unprivileged containers (see, [[#Enable support to run unprivileged contains (optional)]]), {{AUR|nsexec-bzr}} contains a utility called {{ic|uidmapshift}} which is able to convert an existing ''privileged'' container to an ''unprivileged'' container to avoid a total rebuild of the image.<br />
<br />
{{Warning|<br />
* It is recommended to backup the existing image before using this utility!<br />
* This utility will not shift UIDs and GIDs in [[ACL]], you will need to shift them on your own.<br />
}}<br />
<br />
Invoke the utility to convert over like so:<br />
# uidmapshift -b /var/lib/lxc/foo 0 100000 65536<br />
<br />
Additional options are available simply by calling {{ic|uidmapshift}} without any arguments.<br />
<br />
== Running Xorg programs ==<br />
Either attach to or [[SSH]] into the target container and prefix the call to the program with the DISPLAY ID of the host's X session. For most simple setups, the display is always 0.<br />
<br />
An example of running Firefox from the container in the host's display:<br />
$ DISPLAY=:0 firefox<br />
<br />
Alternatively, to avoid directly attaching to or connecting to the container, the following can be used on the host to automate the process:<br />
# lxc-attach -n playtime --clear-env -- sudo -u YOURUSER env DISPLAY=:0 firefox<br />
<br />
== Troubleshooting ==<br />
<br />
=== Root login fails ===<br />
<br />
If you get the following error when you try to login using lxc-console:<br />
<br />
login: root<br />
Login incorrect<br />
<br />
And the container's {{ic|journalctl}} shows:<br />
<br />
pam_securetty(login:auth): access denied: tty 'pts/0' is not secure !<br />
<br />
Add {{ic|pts/0}} to the list of terminal names in {{ic|/etc/securetty}} on the '''container''' filesystem, see [http://unix.stackexchange.com/questions/41840/effect-of-entries-in-etc-securetty/41939#41939]. You can also opt to delete {{ic|/etc/securetty}} on the '''container''' to allow always root to login, see [https://github.com/systemd/systemd/issues/852].<br />
<br />
Alternatively, create a new user in lxc-attach and use it for logging in to the system, then switch to root.<br />
<br />
# lxc-attach -n playtime<br />
[root@playtime]# useradd -m -Gwheel newuser<br />
[root@playtime]# passwd newuser<br />
[root@playtime]# passwd root<br />
[root@playtime]# exit<br />
# lxc-console -n playtime<br />
[newuser@playtime]$ su<br />
<br />
===No network-connection with veth in container config===<br />
<br />
If you cannot access your LAN or WAN with a networking interface configured as '''veth''' and setup through {{ic|/etc/lxc/''containername''/config}}.<br />
If the virtual interface gets the ip assigned and should be connected to the network correctly.<br />
ip addr show veth0 <br />
inet 192.168.1.111/24<br />
You may disable all the relevant static ip formulas and try setting the ip through the booted container-os like you would normaly do.<br />
<br />
Example {{ic|''container''/config}}<br />
<br />
...<br />
lxc.net.0.type = veth<br />
lxc.net.0.name = veth0<br />
lxc.net.0.flags = up<br />
lxc.net.0.link = {{ic|bridge}}<br />
...<br />
<br />
And then assign your IP through your preferred method '''inside''' the container, see also [[Network configuration#Configure the IP address]]{{Broken section link}}.<br />
<br />
===Cannot start unprivileged LXC due to newuidmap execution failure===<br />
<br />
{{Accuracy|See {{Bug|52560}}: it is unclear what the "current version" is, if there is any upstream bug report and where the patch is.}}<br />
<br />
Unprivileged LXC cannot start with the current {{Pkg|shadow}} package, because the ''newuidmap'' and ''newgidmap'' binaries do not have the ''setuid'' bit.<br />
<br />
$ chmod u+s /usr/bin/newuidmap<br />
$ chmod u+s /usr/bin/newgidmap<br />
<br />
This is a bug in upstream but still not cherry-picked in official repository<br />
<br />
== See also ==<br />
<br />
* [https://www.stgraber.org/2013/12/20/lxc-1-0-blog-post-series/ LXC 1.0 Blog Post Series]<br />
* [http://www.ibm.com/developerworks/linux/library/l-lxc-containers/ LXC@developerWorks]<br />
* [http://docs.docker.io/en/latest/installation/archlinux/ Docker Installation on ArchLinux]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Firefox&diff=482440Firefox2017-07-20T16:10:05Z<p>JimRees: /* Multimedia playback */ typo</p>
<hr />
<div>[[Category:Web browser]]<br />
[[ar:Firefox]]<br />
[[cs:Firefox]]<br />
[[de:Firefox]]<br />
[[es:Firefox]]<br />
[[fr:Firefox]]<br />
[[it:Firefox]]<br />
[[ja:Firefox]]<br />
[[ko:Firefox]]<br />
[[ru:Firefox]]<br />
[[zh-hans:Firefox]]<br />
{{Related articles start}}<br />
{{Related|Browser plugins}}<br />
{{Related|Firefox/Tweaks}}<br />
{{Related|Firefox/Privacy}}<br />
{{Related|Chromium}}<br />
{{Related|Opera}}<br />
{{Related articles end}}<br />
[https://www.mozilla.org/firefox Firefox] is a popular open-source graphical web browser from [https://www.mozilla.org Mozilla].<br />
<br />
== Installing ==<br />
<br />
Firefox can be [[installed]] with the {{Pkg|firefox}} package. For printing support, install {{Pkg|gtk3-print-backends}}, which is an optional dependency of {{Pkg|gtk3}}.<br />
<br />
Other alternatives include:<br />
<br />
* {{App|Firefox Extended Support Release|long-term supported version|https://www.mozilla.org/firefox/organizations/|{{AUR|firefox-esr}} or {{AUR|firefox-esr-bin}}}}<br />
* {{App|Firefox Beta|cutting-edge version|https://www.mozilla.org/firefox/channel/desktop/#beta|{{AUR|firefox-beta}} or {{AUR|firefox-beta-bin}}}}<br />
* {{App|Firefox Developer Edition|for developers|https://www.mozilla.org/firefox/developer/|{{AUR|firefox-developer}}}}<br />
* {{App|Firefox Nightly|nightly builds for testing ([https://developer.mozilla.org/Firefox/Experimental_features experimental features])|https://www.mozilla.org/firefox/channel/desktop/#nightly|{{AUR|firefox-nightly}}}} <br />
* {{App|Firefox KDE|Version of Firefox that incorporates an OpenSUSE patch for better KDE integration than is possible through simple Firefox plugins.|https://build.opensuse.org/package/show/mozilla:Factory/MozillaFirefox|{{AUR|firefox-kde-opensuse}}}}<br />
* On top of the different Mozilla build channels, a number of forks exist with more or less special features; see [[List of applications#Gecko-based]].<br />
<br />
Here you can find an overview of Mozilla's [https://wiki.mozilla.org/Releases releases].<br />
<br />
There are a number of language packs available for Firefox, other than the standard English. Language packs are usually named as {{ic|firefox-i18n-''languagecode''}} (where {{ic|''languagecode''}} can be any language code, such as '''de''', '''ja''', '''fr''', etc.). For a list of available language packs see [https://www.archlinux.org/packages/?sort=&q=firefox-i18n&maintainer=&last_update=&flagged=&limit=100 this].<br />
<br />
== Add-ons ==<br />
<br />
Firefox is well known for its large library of add-ons which can be used to add new features or modify the behavior of existing features of Firefox. You can find new add-ons or manage installed add-ons with Firefox's "Add-ons Manager."<br />
<br />
For a list of popular add-ons, see [https://addons.mozilla.org/firefox/extensions/?sort=popular Mozilla's add-on list sorted by popularity]. See also [[Wikipedia:List of Firefox extensions|List of Firefox extensions]] on Wikipedia.<br />
<br />
=== Adding search engines ===<br />
<br />
Search engines can be added to Firefox through normal add-ons, see [https://addons.mozilla.org/firefox/search-tools/ this page] for a list of available search engines.<br />
<br />
A very extensive list of search engines can be found at the [http://mycroftproject.com/ Mycroft Project].<br />
<br />
Also, you can use the [https://firefox.maltekraus.de/extensions/add-to-search-bar add-to-searchbar] extension to add a search to your search bar from any web site, by simply right clicking on the site's search field and selecting ''Add to Search Bar...''<br />
<br />
==== arch-firefox-search ====<br />
<br />
Install the {{Pkg|arch-firefox-search}} package to add Arch-specific searches (AUR, wiki, forum, etc, as specified by user) to the Firefox search toolbar.<br />
<br />
== Configuration ==<br />
<br />
Firefox exposes a number of configuration options. To examine them, enter:<br />
<br />
about:config<br />
<br />
in the Firefox address bar.<br />
<br />
Once set, these affect the user's current profile, and may be synchronized across all devices via [https://www.mozilla.org/firefox/sync/ Firefox Sync]. Please note that only a subset of the {{ic|about:config}} entries are synchronized by this method, and the exact subset may be found by searching for {{ic|services.sync.prefs}} in {{ic|about:config}}. Additional preferences and 3rd party preferences may be synchronized by creating new boolean entries prepending the config value with {{ic|services.sync.prefs.sync}} ([https://developer.mozilla.org/en-US/docs/Archive/Mozilla/Firefox_Sync/Syncing_custom_preferences documentation] is still applicable.) To synchronize the whitelist for the extension [https://addons.mozilla.org/firefox/addon/noscript/ NoScript]:<br />
<br />
services.sync.prefs.sync.capability.policy.maonoscript.sites<br />
<br />
The boolean {{ic|noscript.sync.enabled}} must be set to {{ic|true}} to synchronize the remainder of NoScript's preferences via Firefox Sync.<br />
<br />
Firefox also allows configuration for a profile via a {{ic|user.js}} file: [http://kb.mozillazine.org/User.js_file user.js] kept in the profile folder, usually {{ic|~/.mozilla/firefox/''xxxxxxxx''.default/}}. For a useful starting point, see e.g [https://github.com/pyllyukko/user.js custom user.js] which is targeted at privacy/security conscious users.<br />
<br />
One drawback of the above approach is that it is not applied system-wide. Furthermore, this is not useful as a "pre-configuration", since the profile directory is created after first launch of the browser. You can, however, let ''firefox'' create a new profile and, after closing it again, [https://support.mozilla.org/en-US/kb/back-and-restore-information-firefox-profiles#w_restoring-a-profile-backup copy the contents] of an already created profile folder into it. <br />
<br />
Sometimes it may be desired to lock certain settings, a feature useful in widespread deployments of customized Firefox. In order to create a system-wide configuration, follow the steps outlined in [http://kb.mozillazine.org/Locking_preferences Locking preferences]:<br />
<br />
1. Create {{ic|/usr/lib/firefox/defaults/pref/local-settings.js}}:<br />
<br />
pref("general.config.obscure_value", 0);<br />
pref("general.config.filename", "mozilla.cfg");<br />
<br />
2. Create {{ic|/usr/lib/firefox/mozilla.cfg}} (this stores the actual configuration):<br />
<br />
//<br />
//...your settings...<br />
// e.g to disable Pocket, uncomment the following line<br />
// lockPref("browser.pocket.enabled", false);<br />
<br />
Please note that the first line must contain exactly {{ic|//}}. The syntax of the file is similar to that of {{ic|user.js}}.<br />
<br />
=== Multimedia playback ===<br />
<br />
Firefox uses [[FFmpeg]] for playing multimedia inside HTML5 {{ic|<audio>}} and {{ic|<video>}} elements. Go to [https://www.youtube.com/html5 YouTube's HTML5 page], [https://www.quirksmode.org/html5/tests/video.html video-test page] or [https://hpr.dogphilosophy.net/test/ audio-test page] to check which formats are actually supported.<br />
<br />
HTML5 DRM playback is supported by the Google Widevine CDM, it is however not enabled by default. See ''Preferences > Content > DRM content'' if you want to learn more.<br />
<br />
See [[Firefox tweaks#Enable additional media codecs]] for advanced configuration and enabling support for Widevine (Netflix, Amazon Video, etc.).<br />
<br />
Starting with version 54, Firefox uses [[PulseAudio]] for audio playback and capture. For sound to work, you need to install the {{Pkg|pulseaudio}} package.<br />
<br />
In case, for whatever reason, [[PulseAudio]] is not an option for you, you can use [[Advanced Linux Sound Architecture#PulseAudio compatibility|apulse]] instead. To make this work, it is necessary to exclude {{ic|/dev/snd/}} from Firefox' sandboxing by adding it to the comma-separated list in {{ic|about:config}}:<br />
<br />
security.sandbox.content.write_path_whitelist<br />
<br />
=== Dictionaries for spell checking ===<br />
<br />
To enable spell checking for a specific language right click on any text field and check the ''Check Spelling'' box. To select a language for spell checking to you have right click again and select your language from the ''Languages'' sub-menu.<br />
<br />
To get more languages just click ''Add Dictionaries...'' and select the dictionary you want to install from the list.<br />
<br />
Alternatively, you can install the {{Pkg|hunspell}} package. You also need to install dictionaries for your language, such as {{Pkg|hunspell-fr}} (for the French language) or {{Pkg|hunspell-he}} (for Hebrew).<br />
<br />
By default, Firefox will try to symlink all your hunspell dictionaries in {{ic|/usr/lib/firefox/dictionaries}}. If you want to have less dictionaries offered to you in Firefox, you can remove some of those links. Be aware that it may not stand an upgrade of Firefox.<br />
<br />
When your default language choice does not stick, see [[#Firefox does not remember default spell check language]].<br />
<br />
=== KDE/GNOME integration ===<br />
<br />
* To bring the [[KDE]] look to GTK apps (including Firefox), install {{Pkg|breeze-gtk}} and {{Pkg|kde-gtk-config}}. Afterwards, go to ''System Settings > Application Style > GTK''. Be sure to choose 'Breeze' in 'Select a GTK2/GTK3 Theme' and check 'Show icons in GTK buttons' and 'Show icons in GTK'.<br />
<br />
* For integration with KDE’s mime type system and file dialogs, one can use {{AUR|firefox-kde-opensuse}} variant from AUR with OpenSUSE’s patches applied.<br />
<br />
* Add-ons may provide some integration, such as [https://addons.mozilla.org/firefox/addon/kde5-wallet-password-integrati/ KWallet integration], [https://addons.mozilla.org/firefox/addon/gnotifier/ GNotifier], [https://addons.mozilla.org/firefox/addon/unityfox-revived/ Unityfox Revived] (or e10s compatible {{AUR|firefox-extension-unity-launcher-api-e10s}}), and [https://addons.mozilla.org/firefox/addon/plasmanotify/ Plasma notifications].<br />
<br />
* Install {{AUR|mozilla-extension-gnome-keyring-git}} (all-JavaScript implementation) to integrate Firefox with [[GNOME Keyring]]. To make firefox-gnome-keyring use your login keychain, set extensions.gnome-keyring.keyringName to "login" (without the double quotes) in about:config. Note the lowercase 'l' despite the the keychain name having an uppercase 'L' in Seahorse.<br />
<br />
* To make the left mouse button warp the scrollbar instead of the middle one on KDE, go to ''System Settings > Application Style > GTK'' and set the checkbox for "Left mouse button warps scrollbar".<br />
<br />
== Plugins ==<br />
<br />
{{Note|Firefox [https://support.mozilla.org/en-US/kb/npapi-plugins has removed support] for [[w:NPAPI|NPAPI]] plugins, except for Flash. Firefox ESR will support plugins until 2018.}}<br />
<br />
See the main article: [[Browser plugins]]<br />
<br />
To find out what plugins are installed/enabled, enter:<br />
<br />
about:plugins<br />
<br />
in the Firefox address bar or go to the ''Add-ons'' entry in the Firefox Menu and select the ''Plugins'' tab.<br />
<br />
== Tips and tricks ==<br />
<br />
For general enhancements see [[Firefox/Tweaks]], for privacy related enhancements see [[Firefox/Privacy]].<br />
<br />
=== Screenshot of webpage ===<br />
<br />
To use Firefox to take a screenshot of a webpage open the developer console using {{ic|Shift+F2}}. Then type in:<br />
<br />
screenshot ''filename''<br />
<br />
where ''filename'' is optional.<br />
<br />
To take a screenshot of the entire page, not just the section displayed on the screen, use the {{ic|--fullpage}} option:<br />
<br />
screenshot --fullpage ''filename''<br />
<br />
== Troubleshooting ==<br />
<br />
=== Firefox startup takes very long ===<br />
<br />
If Firefox takes much longer to start up than other browsers, it may be due to lacking configuration of the localhost in {{ic|/etc/hosts}}. See [[Network configuration#Local network hostname resolution]] on how to set it up. <br />
<br />
=== Font troubleshooting ===<br />
<br />
See [[Font configuration]].<br />
<br />
Firefox has a setting which determines how many replacements it will allow from fontconfig. To allow it to use all your replacement-rules, change {{ic|gfx.font_rendering.fontconfig.max_generic_substitutions}} to {{ic|127}} (the highest possible value).<br />
<br />
=== Setting an email client ===<br />
<br />
Inside the browser, {{ic|mailto}} links by default are opened by a web application such as Gmail or Yahoo Mail. To set an external email program, go to ''Preferences > Applications'' and modify the ''action'' corresponding to the {{ic|mailto}} content type; the file path will need to be designated (e.g. {{ic|/usr/bin/kmail}} for Kmail).<br />
<br />
Outside the browser, {{ic|mailto}} links are handled by the {{ic|x-scheme-handler/mailto}} mime type, which can be easily configured with [[xdg-mime]]. See [[Default applications]] for details and alternatives.<br />
<br />
=== File association ===<br />
<br />
See [[Default applications]].<br />
<br />
=== Firefox keeps creating ~/Desktop even when this is not desired ===<br />
<br />
Firefox uses {{ic|~/Desktop}} as the default place for download and upload files. To change it to another folder, set the {{ic|XDG_DESKTOP_DIR}} option as explained in [[XDG user directories]].<br />
<br />
=== Make plugins respect blocked pop-ups ===<br />
<br />
Some plugins can misbehave and bypass the default settings, such as the Flash plugin. You can prevent this by doing the following:<br />
<br />
# Type {{ic|about:config}} into the address bar.<br />
# Right-click on the page and select ''New > Integer''.<br />
# Name it {{ic|privacy.popups.disable_from_plugins}}.<br />
# Set the value to {{ic|2}}.<br />
<br />
The possible values are:<br />
<br />
* {{ic|'''0'''}}: Allow all popups from plugins.<br />
* {{ic|'''1'''}}: Allow popups, but limit them to {{ic|dom.popup_maximum}}.<br />
* {{ic|'''2'''}}: Block popups from plugins.<br />
* {{ic|'''3'''}}: Block popups from plugins, even on whitelisted sites.<br />
<br />
=== Middle-click errors ===<br />
<br />
A common error message you can get while using the middle mouse button in Firefox is:<br />
<br />
The URL is not valid and cannot be loaded.<br />
<br />
Another symptom is that middle-clicking results in unexpected behavior, like accessing a random web page.<br />
<br />
The reason stems from the use of the middle mouse buttons in UNIX-like operating systems. The middle mouse button is used to paste whatever text has been highlighted/added to the clipboard. Then there is the possibly conflicting feature in Firefox, which defaults to loading the URL of the corresponding text when the button is depressed. This can be easily disabled by going to {{ic|about:config}} and setting the {{ic|middlemouse.contentLoadURL}} option to {{ic|false}}.<br />
<br />
Alternatively, having the traditional scroll cursor on middle-click (default behavior on Windows browsers) can be achieved by searching for {{ic|general.autoScroll}} and setting it to {{ic|true}}.<br />
<br />
=== Backspace does not work as the 'Back' button ===<br />
<br />
As per [https://embraceubuntu.com/2006/12/21/fix-firefox-backspace-to-take-you-to-the-previous-page/ this article], the feature has been removed in order to fix a bug. To re-introduce the original behavior go to {{ic|about:config}} and set the {{ic|browser.backspace_action}} option to {{ic|0}} (zero).<br />
<br />
=== Firefox does not remember login information ===<br />
<br />
It may be due to a corrupted {{ic|cookies.sqlite}} file in [https://support.mozilla.org/t5/Firefox/Profiles-Where-Firefox-stores-your-bookmarks-passwords-and-other/ta-p/4608#w_how-do-i-find-my-profile Firefox's profile] folder. In order to fix this, just rename or remove {{ic|cookie.sqlite}} while Firefox is not running.<br />
<br />
Open a terminal of choice and type the following:<br />
<br />
$ rm -f ~/.mozilla/firefox/<profile id>.default/cookies.sqlite<br />
<br />
The profile id is a random 8 character string.<br />
<br />
Restart Firefox and see if it solved the problem.<br />
<br />
=== Unreadable input fields with dark GTK+ themes ===<br />
<br />
{{Merge|Firefox tweaks#Appearance|Anything on that page might be in troubleshooting section as well, so let us keep the info in one place.}}<br />
<br />
When using a dark [[GTK+]] theme, one might encounter Internet pages with unreadable input and text fields (e.g. Amazon can have white text on white background). This can happen because the site only sets either background or text color, and Firefox takes the other one from the theme. The extension [https://addons.mozilla.org/firefox/addon/text-contrast-for-dark-themes/ Text Contrast for Dark Themes] sets the other color as needed to maintain contrast.<br />
<br />
Another workaround is to explicitly setting standard colors for all web pages in {{ic|~/.mozilla/firefox/''xxxxxxxx''.default/chrome/userContent.css}} or using [https://addons.mozilla.org/firefox/addon/stylish/ stylish add-on].<br />
<br />
The following sets input fields to standard black text / white background; both can be overridden by the displayed site, so that colors are seen as intended:<br />
<br />
{{Note|If you want {{ic|urlbar}} and {{ic|searchbar}} to be {{ic|white}} remove the two first {{ic|:not}} css selectors.}}<br />
<br />
{{bc|1=<br />
input:not(.urlbar-input):not(.textbox-input):not(.form-control):not([type='checkbox']):not([type='radio']) {<br />
-moz-appearance: none !important;<br />
background-color: white;<br />
color: black;<br />
}<br />
<br />
#downloads-indicator-counter {<br />
color: white;<br />
}<br />
<br />
textarea {<br />
-moz-appearance: none !important;<br />
background-color: white;<br />
color: black;<br />
}<br />
<br />
select {<br />
-moz-appearance: none !important;<br />
background-color: white;<br />
color: black;<br />
}<br />
}}<br />
<br />
Alternatively, force Firefox to use a light theme (e.g. "Adwaita:light"):<br />
<br />
# Copy {{ic|/usr/share/applications/firefox.desktop}} to {{ic|~/.local/share/applications/firefox.desktop}} and replace all occurrences of {{ic|1=Exec=firefox}} with {{ic|1=Exec=env GTK_THEME=Adwaita:light firefox}}.<br />
# Close all running instances of Firefox and restart your window manager/desktop environment.<br />
<br />
=== "Do you want Firefox to save your tabs for the next time it starts?" dialog does not appear ===<br />
<br />
From the [https://support.mozilla.com/en-US/questions/767751 Mozilla support] site:<br />
<br />
# Type {{ic|about:config}} in the address bar.<br />
# Set {{ic|browser.warnOnQuit}} to {{ic|true}}.<br />
# Set {{ic|browser.showQuitWarning}} to {{ic|true}}.<br />
<br />
=== Silently fails when installing desktop apps from marketplace ===<br />
<br />
Installation of apps from Firefox OS Marketplace will silently fail if there is no {{ic|~/.local/share/applications}} folder.<br />
<br />
=== Firefox detects the wrong version of my plugin ===<br />
<br />
When you close Firefox, the latter saves the current timestamp and version of your plugins inside {{ic|pluginreg.dat}} located in your profile folder, typically in {{ic|~/.mozilla/firefox/''xxxxxxxx''.default/}}.<br />
<br />
If you upgraded your plugin when Firefox was still running, you will thus have the wrong information inside that file. The next time you will restart Firefox you will get that message {{ic|Firefox has prevented the outdated plugin "XXXX" from running on ...}} when you will be trying to open content dedicated to that plugin on the web. This problem often appears with the official [[Browser plugins#Flash Player|Adobe Flash Player plugin]] which has been upgraded while Firefox was still running.<br />
<br />
The solution is to remove the file {{ic|pluginreg.dat}} from your profile and that is it. Firefox will not complain about the missing file as it will be recreated the next time Firefox will be closed. [https://bugzilla.mozilla.org/show_bug.cgi?id=1109795#c16]<br />
<br />
=== Javascript context menu does not appear on some sites ===<br />
<br />
In {{ic|about:config}}, unset the {{ic|dom.w3c_touch_events.enabled}} setting.<br />
<br />
=== Firefox does not remember default spell check language ===<br />
<br />
The default spell checking language can be set as follows:<br />
<br />
# Type {{ic|about:config}} in the address bar.<br />
# Set {{ic|spellchecker.dictionary}} to your language of choice, for instance {{ic|en_GB}}.<br />
# Notice that the for dictionaries installed as a Firefox plugin the notation is {{ic|en-GB}}, and for {{Pkg|hunspell}} dictionaries the notation is {{ic|en_GB}}.<br />
<br />
When you only have system wide dictionaries installed with {{Pkg|hunspell}}, Firefox might not remember your default dictionary language settings. This can be fixed by having at least one [https://addons.mozilla.org/firefox/language-tools/ dictionary] installed as a Firefox plugin. Notice that now you will also have a tab '''Dictionaries''' in '''add-ons'''.<br />
<br />
Related questions on the '''StackExchange''' platform: [https://stackoverflow.com/questions/26936792/change-firefox-spell-check-default-language/29446115], [https://stackoverflow.com/questions/21542515/change-default-language-on-firefox/29446353], [https://askubuntu.com/questions/184300/how-can-i-change-firefoxs-default-dictionary/576877]<br />
<br />
Related bug reports: [https://bugzilla.mozilla.org/show_bug.cgi?id=776028 Bugzilla 776028], [https://bugs.launchpad.net/ubuntu/+source/firefox/+bug/1026869 Ubuntu bug 1026869]<br />
<br />
=== Some MathML symbols are missing ===<br />
<br />
You need some Math fonts, namely Latin Modern Math and STIX (see this MDN page: [https://developer.mozilla.org/en-US/docs/Mozilla/MathML_Project/Fonts#Linux]), to display MathML correctly.<br />
<br />
In Arch Linux, these fonts are provided by {{Pkg|texlive-core}} '''and''' {{Pkg|texlive-fontsextra}}, but they are not available to fontconfig by default. See [[TeX Live#Fonts]] for details. You can also try other [[Fonts#Math|Math fonts]].<br />
<br />
=== Picture flickers while scrolling ===<br />
<br />
{{Accuracy|Most likely a driver issue, useless without reference}}<br />
{{Note|Problem available in some MATE desktops}}<br />
<br />
Uncheck the "Use smooth scrolling" setting in ''Edit > Settings > Advanced > General''.<br />
<br />
=== Tearing video in fullscreen mode ===<br />
<br />
If you are using the Xorg Intel or Nouveau drivers and experience tearing video in fullscreen mode, try [[Firefox tweaks#Enable OpenGL Off-Main-Thread Compositing (OMTC)]].<br />
<br />
=== Firefox looks bad with GTK+ >=3.20 ===<br />
<br />
{{Note|Firefox has removed GTK2 support in version 53 and will support an ESR 52 version until mid 2018.}}<br />
<br />
Firefox (as of version 47) [https://bugzilla.mozilla.org/show_bug.cgi?id=1264079 does not support] GTK+ >=3.20 and may look unsightly as a result. A possible resolution is compiling Firefox against GTK2 instead, see {{AUR|firefox-esr-gtk2}}. Alternatively, you may use [[Unofficial_user_repositories#markzz|markzz's repository]] or [[Unofficial_user_repositories#archlinuxcn|archlinuxcn's]] (x86_64 only) for pre-built GTK2 Firefox packages.<br />
<br />
=== Firefox WebRTC module cannot detect a microphone ===<br />
<br />
WebRTC applications for instance [https://mozilla.github.io/webrtc-landing/gum_test.html Firefox WebRTC getUserMedia test page] say that microphone cannot be found. Issue is reproducible for both ALSA or Pulseaudio setup. Firefox debug logs show the following error:<br />
<br />
{{hc|1=$ NSPR_LOG_MODULES=MediaManager:5,GetUserMedia:5 firefox|2=<br />
...<br />
[Unnamed thread 0x7fd7c0654340]: D/GetUserMedia VoEHardware:GetRecordingDeviceName: Failed 1<br />
}}<br />
<br />
You can try setting {{ic|media.navigator.audio.full_duplex}} property to {{ic|false}} at {{ic|about:config}} Firefox page and restart Firefox.<br />
<br />
This can also help if you are using the PulseAudio [[PulseAudio/Troubleshooting#Enable Echo/Noise-Cancelation|module-echo-cancel]], and Firefox does not recognise the virtual echo canceling source.<br />
<br />
=== Make Firefox 54 use more than one "Web content" process ===<br />
<br />
{{Move|Firefox/Tweaks|Not a troubleshooting. Explain why 4 is better than 1 along the way.}}<br />
<br />
Firefox 54 supports multiple "Web Content" processes but the default installation uses only one. To solve that, go to {{ic|about:config}} and set {{ic|dom.ipc.processCount}} to {{ic|4}}. The recommended maximum is four, but you can set up to seven. [https://arstechnica.com/information-technology/2017/06/firefox-multiple-content-processes/] [https://support.mozilla.org/en-US/kb/performance-settings]<br />
<br />
With {{ic|dom.ipc.processCount}} set to {{ic|1}} (Default):<br />
<br />
{{hc|# ps -e {{!}} grep 'Web Content'|<br />
13421 tty1 00:00:14 Web Content<br />
}}<br />
<br />
With {{ic|dom.ipc.processCount}} set to {{ic|4}}:<br />
<br />
{{hc|# ps -e {{!}} grep 'Web Content'|<br />
13991 tty1 00:00:04 Web Content<br />
14027 tty1 00:00:09 Web Content<br />
14031 tty1 00:00:20 Web Content<br />
14040 tty1 00:00:26 Web Content<br />
}}<br />
<br />
== See also ==<br />
<br />
* [https://www.mozilla.org/firefox/ Official website]<br />
* [https://www.mozilla.org/ Mozilla Foundation]<br />
* [https://wiki.mozilla.org/Firefox Firefox wiki]<br />
* [https://addons.mozilla.org/ Firefox Add-ons]<br />
* [https://addons.mozilla.org/firefox/themes/ Firefox themes]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Pacman/Tips_and_tricks&diff=475491Talk:Pacman/Tips and tricks2017-04-29T23:15:55Z<p>JimRees: /* pacman cache */ new section</p>
<hr />
<div>== pacman-optimize on SSD ==<br />
<br />
:''[Moved from [[Talk:Improve pacman performance]] -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 05:05, 16 October 2015 (UTC)]''<br />
<br />
pacman-optimize only tries to reduce fragmentation of the files right? If that is the case perhaps we should include a note that this probably won't help much on an SSD. {{Unsigned|18:27, 29 March 2013|F4hy}}<br />
<br />
== pacman-optimize ==<br />
<br />
:''[Moved from [[Talk:Improve pacman performance]] -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 05:05, 16 October 2015 (UTC)]''<br />
<br />
Looks like the [https://aur.archlinux.org/packages/systemd-timer-pacman-optimize-git/ systemd-timer-pacman-optimize-git] package is no longer maintained. [https://lists.archlinux.org/pipermail/pacman-dev/2014-August/019337.html]<br />
<br />
Should the wiki no longer recommend this package? -- I'm guessing it shouldn't.<br />
<br />
Also, is pacman-optimize less important than in the past? -- I am genuinely unsure about this.<br />
<br />
--[[User:Matthew02|Matthew02]] ([[User talk:Matthew02|talk]]) 05:40, 2 March 2015 (UTC)<br />
<br />
:The maintenance of {{AUR|systemd-timer-pacman-optimize-git}} has nothing to do with that of {{Pkg|pacman}} itself, it is packaged separately and even in the AUR. Anyway, I'd keep the section until ''pacman-optimize'' is removed from {{Pkg|pacman}}.<br />
:The reasons why it is not very important nowadays are improvements in pacman itself (mentioned in the ML post linked above), increased speeds of HDDs and the advent of SSDs.<br />
:-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 22:18, 2 March 2015 (UTC)<br />
<br />
== Leading slash ==<br />
<br />
[[Pacman/Tips_and_tricks#aria2]] doesn't work without leading slash, i.e. {{ic|-d /}} turning file names to {{ic|//var/cache/...}}. The article mentions this, but it doesn't mention why. -- [[User:Alad|Alad]] ([[User talk:Alad|talk]]) 05:28, 16 October 2015 (UTC)<br />
<br />
:You would have to go [https://wiki.archlinux.org/index.php?title=Improve_pacman_performance&diff=32104&oldid=30674 way] [https://wiki.archlinux.org/index.php?title=Improve_pacman_performance&diff=next&oldid=115292 back] to track this. It seems to have worked without {{ic|-d /}} even in 2006: [https://wiki.archlinux.org/index.php?title=Faster_Pacman_Downloads&oldid=15627], [https://wiki.archlinux.org/index.php?title=Improve_pacman_performance&oldid=17759]. <s>I guess that simply nobody asked the right question...</s> -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 12:30, 16 October 2015 (UTC)<br />
:Oops, it does ''not'' work without {{ic|-d /}}. Then the problem must be on aria's side, which expects a file name for the {{ic|-o}} option, which is then catenated with {{ic|-d}} into the full path. Assuming that {{ic|-d}} defaults to the cwd, {{ic|/var/cache/}} would appear twice in the result. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 12:43, 16 October 2015 (UTC)<br />
<br />
== Listing optional dependencies of all installed packages ==<br />
<br />
To show a list of optional dependencies of all installed packages you can use this script (requires {{Pkg|expac}}). Usefull when you missed some scrolling by and the closed the terminal. Consider installing via {{ic|pacman --asdeps -S $p}} to mark them as dependecies and then orphans when the package they get installed for is removed.<br />
<br />
{{hc|op-debs.sh|<nowiki>#!/bin/bash<br />
if [[ -t 1 ]]; then<br />
packagename=$(tput bold)<br />
installed=$(tput setf 2)<br />
normal=$(tput sgr0)<br />
fi;<br />
<br />
(for p in $(expac %n);do # every installed package<br />
if [[ -n $(expac %o $p) ]]; then # that has optional dependencies<br />
echo $p<br />
fi;<br />
done;) | (while read p; do<br />
echo $packagename$p$normal: # echo package name<br />
expac -l "\n" "%O" $p | while read dep; do # every opt-dep<br />
echo -n " $dep"<br />
if [[ -n $(pacman -Q $(echo $dep | cut -d ":" -f 1) 2> /dev/null) ]]; then # if installed<br />
echo -n " $installed[Installed]$normal"<br />
fi<br />
echo<br />
done;<br />
done;)</nowiki>}}<br />
<br />
{{Note|To view optional dependencies for only one specific package use {{ic|pacman -Qi $p}}}}<br />
<br />
-- 08:38, 20 January 2017 M3t0r<br />
<br />
:Since the main interest is listing optional dependencies which are not installed, the above can be summarized to (also much faster):<br />
{{bc|<nowiki>#!/bin/bash<br />
join -v2 -o2.2,2.1 <(expac -Q '%n' | sort) <(expac -Qv '%n\t%o' -l '\t' | awk '$2 !~ /None/ { <br />
for(i = 2; i <= NF; ++i) printf("%s\t%s\n", $i, $1) | "sort -k1,1"<br />
}') | sort | column -t<br />
</nowiki><br />
}}<br />
:--[[User:Alad|Alad]] ([[User talk:Alad|talk]]) 12:40, 20 January 2017 (UTC)<br />
<br />
::Yes, it's faster, but less intuitive reading of the code and the output. It's also missing the description what they would enable.<br />
<br />
::--[[User:M3t0r|M3t0r]] ([[User talk:M3t0r|talk]]) 22:04, 20 January 2017 (UTC)<br />
<br />
== pacman cache ==<br />
<br />
I still think we should warn people not to symlink /var or anything under it. It leaves the whole system unusable because if the cache disappears during a pacman transaction, you're left with missing /usr/lib libraries, and nothing works, including pacman itself. This is a serious enough problem that it can take hours to figure out how to recover. If the wiki had mentioned this problem it would have saved me a lot of time and effort, and I'm not the only one who has run in to this. It is not, however, considered a bug. See https://bugs.archlinux.org/task/50298. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 23:15, 29 April 2017 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Pacman/Tips_and_tricks&diff=475455Pacman/Tips and tricks2017-04-29T17:17:40Z<p>JimRees: /* Read-write cache */ also corrupts pacman metadata</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Package management]]<br />
[[es:Pacman/Tips and tricks]]<br />
[[fa:Pacman tips]]<br />
[[fr:Astuces Pacman]]<br />
[[it:Pacman/Tips and tricks]]<br />
[[ja:Pacman ヒント]]<br />
[[ru:Pacman/Tips and tricks]]<br />
[[tr:Pacman ipuçları]]<br />
[[zh-hans:Pacman/Tips and tricks]]<br />
{{Related articles start}}<br />
{{Related|Mirrors}}<br />
{{Related|Creating packages}}<br />
{{Related articles end}}<br />
For general methods to improve the flexibility of the provided tips or pacman itself, see [[Core utilities]] and [[Bash]].<br />
<br />
== Cosmetic and convenience ==<br />
<br />
=== Graphical front-ends ===<br />
<br />
* {{App|Arch-Update| Update indicator for Gnome-Shell.|https://github.com/RaphaelRochet/arch-update|{{AUR|gnome-shell-extension-arch-update}}}}<br />
* {{App|Discover|A collection of package management tools for KDE, using PackageKit.|https://projects.kde.org/projects/kde/workspace/discover|{{Pkg|discover}}}}<br />
* {{App|GNOME packagekit|GTK based package management tool|http://www.freedesktop.org/software/PackageKit/|{{Pkg|gnome-packagekit}}}}<br />
* {{App|GNOME Software|Gnome Software App. (Curated selection for GNOME)|https://wiki.gnome.org/Apps/Software|{{pkg|gnome-software}}}}<br />
* {{App|kalu|A small application that will add an icon to your systray and sit there, regularly checking if there's anything new for you to upgrade.|https://jjacky.com/kalu/|{{aur|kalu}}}}<br />
* {{App|pcurses|Package management in a curses frontend|https://github.com/schuay/pcurses|{{Pkg|pcurses}}}}<br />
* {{App|tkPacman|Depends only on Tcl/Tk and X11, and interacts with the package database via the CLI of ''pacman''.|http://sourceforge.net/projects/tkpacman|{{AUR|tkpacman}}}}<br />
<br />
=== Utilities ===<br />
<br />
* {{App|Lostfiles|Script that identifies files not owned by any package.|https://github.com/graysky2/lostfiles|{{AUR|lostfiles}}}}<br />
* {{App|Pacmatic|Pacman wrapper to check Arch News before upgrading, avoid partial upgrades, and warn about configuration file changes.|http://kmkeen.com/pacmatic|{{Pkg|pacmatic}}}}<br />
* {{App|pacutils|Helper library for libalpm based programs.|https://github.com/andrewgregory/pacutils|{{Pkg|pacutils}}}}<br />
* {{App|[[pkgfile]]|Tool that finds what package owns a file.|http://github.com/falconindy/pkgfile|{{Pkg|pkgfile}}}}<br />
* {{App|pkgtools|Collection of scripts for Arch Linux packages.|https://github.com/Daenyth/pkgtools|{{AUR|pkgtools}}}}<br />
* {{App|repoctl|Tool to help manage local repositories.|https://github.com/cassava/repoctl|{{AUR|repoctl}}}}<br />
* {{App|repose|An Arch Linux repository building tool.|https://github.com/vodik/repose|{{Pkg|repose}}}}<br />
* {{App|[[Snapper#Wrapping_pacman_transactions_in_snapshots|snap-pac]]|Make pacman automatically use snapper to create pre/post snapshots like openSUSE's YaST.|https://github.com/wesbarnett/snap-pac|{{pkg|snap-pac}}}}<br />
* {{App|srcpac|Simple tool that automates rebuilding packages from source.|https://projects.archlinux.org/srcpac.git|{{Pkg|srcpac}}}}<br />
<br />
== Maintenance ==<br />
<br />
{{Expansion|{{ic|1=Usage=}} introduced with pacman 4.2, see [http://allanmcrae.com/2014/12/pacman-4-2-released/]}}<br />
<br />
{{Note|Instead of using ''comm'' (which requires sorted input with ''sort'') in the sections below, you may also use {{ic|grep -Fxf}} or {{ic|grep -Fxvf}}.}}<br />
<br />
See also [[System maintenance]].<br />
<br />
=== Listing packages ===<br />
<br />
You may want to get the list of installed packages with their version, which is useful when reporting bugs or discussing installed packages.<br />
<br />
* List all explicitly installed packages: {{ic|pacman -Qe}}.<br />
* List all explicitly installed native packages (i.e. present in the sync database) that are not direct or optional dependencies: {{ic|pacman -Qent}}.<br />
* List all foreign packages (typically manually downloaded and installed): {{ic|pacman -Qm}}.<br />
* List all native packages (installed from the sync database(s)): {{ic|pacman -Qn}}.<br />
* List packages by regex: {{ic|pacman -Qs ''regex''}}.<br />
* List packages by regex with custom output format: {{ic|expac -s "%-30n %v" ''regex''}} (needs {{Pkg|expac}}).<br />
<br />
==== With size ====<br />
<br />
To get a list of installed packages sorted by size, which may be useful when freeing space on your hard drive:<br />
<br />
* Install {{Pkg|expac}} and run {{ic|<nowiki>expac -H M '%m\t%n' | sort -h</nowiki>}}.<br />
* Run {{Pkg|pacgraph}} with the {{ic|-c}} option.<br />
<br />
To list the download size of several packages (leave {{ic|''packages''}} blank to list all packages):<br />
<br />
$ expac -S -H M '%k\t%n' ''packages''<br />
<br />
To list explicitly installed packages not in {{Grp|base}} nor {{Grp|base-devel}} with size and description:<br />
<br />
$ expac -H M "%011m\t%-20n\t%10d" $(comm -23 <(pacman -Qqen | sort) <(pacman -Qqg base base-devel | sort)) | sort -n<br />
<br />
==== By date ====<br />
<br />
To list the 20 last installed packages with {{Pkg|expac}}, run:<br />
<br />
$ expac --timefmt='%Y-%m-%d %T' '%l\t%n' | sort | tail -n 20<br />
<br />
or, with seconds since the epoch (1970-01-01 UTC):<br />
<br />
$ expac --timefmt=%s '%l\t%n' | sort -n | tail -n 20<br />
<br />
==== Not in a specified group or repository ====<br />
<br />
{{Note|To get a list of packages installed as dependencies but no longer required by any installed package, see [[#Removing unused packages (orphans)]].}}<br />
<br />
List explicitely installed packages not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qeq | sort) <(pacman -Qgq base base-devel | sort)<br />
<br />
List all installed packages unrequired by other packages, and which are not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qqt | sort) <(pacman -Sqg base base-devel | sort)<br />
<br />
As above, but with descriptions:<br />
<br />
$ expac -HM '%-20n\t%10d' $(comm -23 <(pacman -Qqt | sort) <(pacman -Qqg base base-devel | sort))<br />
<br />
List all installed packages that are ''not'' in the specified repository ''repo_name''<br />
<br />
$ comm -23 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
List all installed packages that are in the ''repo_name'' repository:<br />
<br />
$ comm -12 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
=== Listing files owned by a package with size ===<br />
<br />
This one might come in handy if you have found that a specific package uses a huge amount of space and you want to find out which files make up the most of that.<br />
<br />
$ pacman -Qlq ''package'' | grep -v '/$' | xargs du -h | sort -h<br />
<br />
=== Identify files not owned by any package ===<br />
<br />
If your system has stray files not owned by any package (a common case if you do not [[Enhance system stability#Use the package manager to install software|use the package manager to install software]]), you may want to find such files in order to clean them up. The general process for doing so is:<br />
<br />
# Create a sorted list of the files you want to check ownership of: {{bc|<nowiki>$ find /etc /opt /usr | sort > all_files.txt</nowiki>}}<br />
# Create a sorted list of the files tracked by pacman (and remove the trailing slashes from directories): {{bc|<nowiki>$ pacman -Qlq | sed 's|/$||' | sort > owned_files.txt</nowiki>}}<br />
# Find lines in the first list that are not in the second: {{bc|$ comm -23 all_files.txt owned_files.txt}}<br />
<br />
This process is tricky in practice because many important files are not part of any package (e.g. files generated at runtime, custom configs) and so will be included in the final output, making it difficult to pick out the files that can be safely deleted.<br />
<br />
{{Tip|The {{AUR|lostfiles}} script performs similar steps, but also includes an extensive blacklist to remove common false positives from the output. [https://github.com/CyberShadow/aconfmgr aconfmgr] ({{AUR|aconfmgr-git}}) also allows tracking orphaned files using a configuration script.}}<br />
<br />
=== Removing unused packages (orphans) ===<br />
<br />
For ''recursively'' removing orphans and their configuration files:<br />
<br />
# pacman -Rns $(pacman -Qtdq)<br />
<br />
If no orphans were found, pacman errors with {{ic|error: no targets specified}}. This is expected as no arguments were passed to {{ic|pacman -Rns}}.<br />
<br />
{{Note|The arguments {{ic|-Qt}} list only true orphans. To include packages which are ''optionally'' required by another package, pass the {{ic|-t}} flag twice (''i.e.'', {{ic|-Qtt}}).}}<br />
<br />
=== Removing everything but base group ===<br />
<br />
If it is ever necessary to remove all packages except the base group, try this one liner:<br />
<br />
# pacman -R $(comm -23 <(pacman -Qq | sort) <((for i in $(pacman -Qqg base); do pactree -ul "$i"; done) | sort -u))<br />
<br />
The one-liner was originally devised in [https://bbs.archlinux.org/viewtopic.php?id=130176 this discussion], and later improved in this article.<br />
<br />
=== Getting the dependencies list of several packages ===<br />
<br />
Dependencies are alphabetically sorted and doubles are removed.<br />
<br />
{{Note|To only show the tree of local installed packages, use {{ic|pacman -Qi}}.}}<br />
<br />
$ pacman -Si ''packages'' | awk -F'[:<=>]' '/^Depends/ {print $2}' | xargs -n1 | sort -u<br />
<br />
Alternatively, with {{Pkg|expac}}: <br />
<br />
$ expac -l '\n' %E -S ''packages'' | sort -u<br />
<br />
=== Listing changed backup files ===<br />
<br />
If you want to backup your system configuration files you could copy all files in {{ic|/etc/}}, but usually you are only interested in the files that you have changed. Modified [[Pacnew_and_Pacsave_files#Package_backup_files|backup files]] can be viewed with the following command:<br />
<br />
# pacman -Qii | awk '/^MODIFIED/ {print $2}'<br />
<br />
Running this command with root permissions will ensure that files readable only by root (such as {{ic|/etc/sudoers}}) are included in the output.<br />
<br />
{{Tip|See [[#Listing all changed files from packages]] to list all changed files pacman knows, not only backup files.}}<br />
<br />
=== Back-up the pacman database ===<br />
<br />
The following command can be used to back up the local pacman database:<br />
<br />
$ tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
The database can be restored by moving the {{ic|pacman_database.tar.bz2}} file into the {{ic|/}} directory and executing the following command:<br />
<br />
# tar -xjvf pacman_database.tar.bz2<br />
<br />
{{Note|If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult [[Pacman tips#Restore pacman's local database]].}}<br />
<br />
{{Tip|The {{AUR|pakbak-git}} package provides a script and a [[systemd]] service to automate the task. Configuration is possible in {{ic|/etc/pakbak.conf}}.}}<br />
<br />
=== Check changelogs easily ===<br />
<br />
When maintainers update packages, commits are often commented in a useful fashion. Users can quickly check these from the command line by installing {{AUR|pacolog}}. This utility lists recent commit messages for packages from the official repositories or the AUR, by using {{ic|pacolog <package>}}.<br />
<br />
== Installation and recovery ==<br />
<br />
Alternative ways of getting and restoring packages.<br />
<br />
=== Installing packages from a CD/DVD or USB stick ===<br />
<br />
{{Merge|#Custom local repository|Use as an example and avoid duplication}}<br />
<br />
To download packages, or groups of packages:<br />
<br />
# cd ~/Packages<br />
# pacman -Syw base base-devel grub-bios xorg gimp --cachedir .<br />
# repo-add ./custom.db.tar.gz ./*<br />
<br />
Then you can burn the "Packages" folder to a CD/DVD or transfer it to a USB stick, external HDD, etc.<br />
<br />
To install:<br />
<br />
'''1.''' Mount the media:<br />
<br />
# mkdir /mnt/repo<br />
# mount /dev/sr0 /mnt/repo #For a CD/DVD.<br />
# mount /dev/sdxY /mnt/repo #For a USB stick.<br />
<br />
'''2.''' Edit {{ic|pacman.conf}} and add this repository ''before'' the other ones (e.g. extra, core, etc.). This is important. Do not just uncomment the one on the bottom. This way it ensures that the files from the CD/DVD/USB take precedence over those in the standard repositories:<br />
<br />
{{hc|/etc/pacman.conf|2=<br />
[custom]<br />
SigLevel = PackageRequired<br />
Server = file:///mnt/repo/Packages}}<br />
<br />
'''3.''' Finally, synchronize the pacman database to be able to use the new repository:<br />
<br />
# pacman -Syu<br />
<br />
=== Custom local repository ===<br />
<br />
Use the ''repo-add'' script included with Pacman to generate a database for a personal repository. Use {{ic|repo-add --help}} for more details on its usage. Simply store all of the built packages to be included in the repository in one directory, and execute the following command (where ''repo'' is the name of the custom repository):<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/*.pkg.tar.xz<br />
<br />
{{Note|A package database is a tar file, optionally compressed. Valid extensions are “.db” or “.files” followed by an archive extension of “.tar”, “.tar.gz”, “.tar.bz2”, “.tar.xz”, or “.tar.Z”. The file does not need to exist, but all parent directories must exist.<br />
Furthermore when using {{ic|repo-add}} keep in mind that the database and the packages do not need to be in the same directory. But when using pacman with that database, they should be together.}}<br />
<br />
To add a new package to the database, or to replace the old version of an existing package in the database, run:<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/packagetoadd-1.0-1-i686.pkg.tar.xz<br />
<br />
''repo-remove'' is used in the exact same manner as ''repo-add'', except that the packages listed on the command line are removed from the repository database.<br />
<br />
Once the local repository database has been created, add the repository to {{ic|pacman.conf}} for each system that is to use the repository. An example of a custom repository is in {{ic|pacman.conf}}. The repository's name is the database filename with the file extension omitted. In the case of the example above the repository's name would simply be ''repo''. Reference the repository's location using a {{ic|file://}} url, or via FTP using ftp://localhost/path/to/directory.<br />
<br />
If willing, add the custom repository to the [[Unofficial user repositories|list of unofficial user repositories]], so that the community can benefit from it.<br />
<br />
=== Network shared pacman cache ===<br />
<br />
If you happen to run several Arch boxes on your LAN, you can share packages so that you can greatly decrease your download times. Keep in mind you should not share between different architectures (i.e. i686 and x86_64) or you will run into problems.<br />
<br />
==== Read-only cache ====<br />
<br />
If you are looking for a quick and dirty solution, you can simply run a standalone webserver which other computers can use as a first mirror: {{ic|darkhttpd /var/cache/pacman/pkg}}. Just add this server at the top of your mirror list. Be aware that you might get a lot of 404 errors, due to cache misses, depending on what you do, but pacman will try the next (real) mirrors when that happens.<br />
<br />
==== Read-write cache ====<br />
<br />
{{Tip|See [[pacserve]] for an alternative solution than what follows.}}<br />
<br />
In order to share packages between multiple computers, simply share {{ic|/var/cache/pacman/}} using any network-based mount protocol. This section shows how to use shfs or sshfs to share a package cache plus the related library-directories between multiple computers on the same local network. Keep in mind that a network shared cache can be slow depending on the file-system choice, among other factors.<br />
<br />
First, install any network-supporting filesystem; for example [[sshfs]], [[shfs]], ftpfs, [[smbfs]] or [[nfs]].<br />
<br />
{{Tip|<br />
* To use sshfs or shfs, consider reading [[Using SSH Keys]].<br />
* By default, smbfs does not serve filenames that contain colons, which results in the client downloading the offending package afresh. To prevent this, use the {{ic|mapchars}} mount option on the client.<br />
}}<br />
<br />
Then, to share the actual packages, mount {{ic|/var/cache/pacman/pkg}} from the server to {{ic|/var/cache/pacman/pkg}} on every client machine.<br />
<br />
Do not make {{ic|/var/cache/pacman/pkg}} or any of its ancestors a symlink. Pacman expects these to be directories. When pacman re-installs or upgrades itself, it will remove the symlinks and create empty directories instead. This can corrupt your pacman metadata and leave your system in an unbootable state.<br />
<br />
==== two-way with rsync ====<br />
<br />
Another approach in a local environment is [[rsync]]. Choose a server for caching and enable the [[Rsync#rsync_daemon]]. On clients synchronize two-way with this share via rsync protocol. Filenames that contain colons are no problem for the rsync protocol.<br />
<br />
Draft example for a client, uname -m in share name ensures architecture depended sync:<br />
# rsync rsync://server/share_$(uname -m)/ /var/cache/pacman/pkg/ ...<br />
# pacman ...<br />
# paccache ...<br />
# rsync /var/cache/pacman/pkg/ rsync://server/share_$(uname -m)/ ...<br />
<br />
==== Dynamic reverse proxy cache using nginx ====<br />
<br />
[[nginx]] can be used to proxy requests to official upstream mirrors and cache the results to local disk. All subsequent requests for that file will be served directly from the local cache, minimizing the amount of internet traffic needed to update a large number of servers with minimal effort. <br />
<br />
{{Warning| This method has a limitation. You must use mirrors that use the same relative path to package files and you must configure your cache to use that same path. In this example, we are using mirrors that use the relative path {{ic|/archlinux/$repo/os/$arch}} and our cache's {{ic|Server}} setting in {{ic|mirrorlist}} is configured similarly.}}<br />
<br />
In this example, we will run the cache server on {{ic|<nowiki>http://cache.domain.local:8080/</nowiki>}} and storing the packages in {{ic|/srv/http/pacman-cache/}}. <br />
<br />
Create the directory for the cache and adjust the permissions so nginx can write files to it:<br />
<br />
# mkdir /srv/http/pacman-cache<br />
# chown http:http /srv/http/pacman-cache<br />
<br />
Next, configure nginx as the [https://gist.github.com/anonymous/97ec4148f643de925e433bed3dc7ee7d dynamic cache] (read the comments for an explanation of the commands).<br />
<br />
Finally, update your other Arch Linux servers to use this new cache by adding the following line to the {{ic|mirrorlist}} file:<br />
<br />
{{hc|/etc/pacman.d/mirrorlist|<nowiki><br />
Server = http://cache.domain.local:8080/archlinux/$repo/os/$arch<br />
...<br />
</nowiki>}}<br />
<br />
{{Note| You will need to create a method to clear old packages, as this directory will continue to grow over time. {{ic|paccache}} (which is included with {{ic|pacman}}) can be used to automate this using retention criteria of your choosing. For example, {{ic|find /srv/http/pacman-cache/ -type d -exec paccache -v -r -k 2 -c {} \;}} will keep the last 2 versions of packages in your cache directory.}}<br />
<br />
==== Synchronize pacman package cache using synchronization programs ====<br />
<br />
Use [[Resilio Sync]] or [[Syncthing]] to synchronize the pacman cache folders (i.e. {{ic|/var/cache/pacman/pkg}}).<br />
<br />
==== Preventing unwanted cache purges ====<br />
<br />
By default, {{Ic|pacman -Sc}} removes package tarballs from the cache that correspond to packages that are not installed on the machine the command was issued on. Because pacman cannot predict what packages are installed on all machines that share the cache, it will end up deleting files that should not be.<br />
<br />
To clean up the cache so that only ''outdated'' tarballs are deleted, add this entry in the {{ic|[options]}} section of {{ic|/etc/pacman.conf}}:<br />
<br />
CleanMethod = KeepCurrent<br />
<br />
=== Recreate a package from the file system ===<br />
<br />
To recreate a package from the file system, use ''bacman'' (included with pacman). Files from the system are taken as they are, hence any modifications will be present in the assembled package. Distributing the recreated package is therefore discouraged; see [[ABS]] and [[Arch Rollback Machine]] for alternatives.<br />
<br />
{{Tip|''bacman'' honours the {{ic|PACKAGER}}, {{ic|PKGDEST}} and {{ic|PKGEXT}} options from {{ic|makepkg.conf}}. Custom options for the compression tools can be configured by exporting the relevant environment variable, for example {{ic|1=XZ_OPT="-T 0"}} will enable parallel compression for ''xz''.}}<br />
<br />
An alternative tool would be {{AUR|fakepkg}}. It supports parallelization and can handle multiple input packages in one command, which ''bacman'' both does not support.<br />
<br />
=== List of installed packages ===<br />
<br />
{{Tip|1=<nowiki></nowiki><br />
* These tasks can be automated. See {{AUR|bacpac}}, {{AUR|pacmanity}}, {{AUR|plist-gist}}, and {{AUR|pug}} for examples.<br />
* To skip already installed packages, use {{ic|--needed}}.<br />
}}<br />
<br />
Keeping a list of explicitly installed packages can be useful to speed up installation on a new system:<br />
<br />
$ pacman -Qqe > pkglist.txt<br />
<br />
{{Note|If you used {{ic|-Qqet}}, when reinstalling the list all the non-top-level packages would be set as dependencies.}}<br />
<br />
To install packages from the list backup, run:<br />
<br />
# pacman -S - < pkglist.txt<br />
<br />
{{Tip|Use {{ic|<nowiki>comm -13 <(pacman -Qqdt | sort) <(pacman -Qqdtt | sort) > optdeplist.txt</nowiki>}} to also create a list of the installed optional dependencies which can be reinstalled with {{ic|--asdeps}}.}}<br />
<br />
In case the list includes foreign packages, such as [[AUR]] packages, remove them first:<br />
<br />
# pacman -S $(comm -12 <(pacman -Slq | sort) <(sort pkglist.txt))<br />
<br />
To remove all the packages on your system that are not mentioned in the list:<br />
<br />
# pacman -Rsu $(comm -23 <(pacman -Qq | sort) <(sort pkglist.txt))<br />
<br />
=== Listing all changed files from packages ===<br />
<br />
If you are suspecting file corruption (e.g. by software/hardware failure), but are unsure if files were got corrupted, you might want to compare with the hash sums in the packages. This can be done with {{Pkg|pacutils}}:<br />
<br />
# paccheck --md5sum --quiet<br />
<br />
For recovery of the database see [[#Restore pacman's local database]]. The {{ic|mtree}} files can also be [[#Viewing a single file inside a .pkg file|extracted as {{ic|.MTREE}} from the respective package files]].<br />
<br />
{{Note|This should '''not''' be used as is when suspecting malicious changes! In this case security precautions such as using a live medium and an independent source for the hash sums are advised.}}<br />
<br />
=== Reinstalling all packages ===<br />
To reinstall all native packages, use:<br />
<br />
# pacman -Qnq | pacman -S -<br />
<br />
Foreign (AUR) packages must be reinstalled separately; you can list them with {{ic|pacman -Qmq}}.<br />
<br />
Pacman preserves the [[installation reason]] by default.<br />
<br />
=== Restore pacman's local database ===<br />
<br />
See [[Pacman/Restore_local_database]].<br />
<br />
=== Recovering a USB key from existing install ===<br />
<br />
If you have Arch installed on a USB key and manage to mess it up (e.g. removing it while it is still being written to), then it is possible to re-install all the packages and hopefully get it back up and working again (assuming USB key is mounted in /newarch)<br />
<br />
# pacman -S $(pacman -Qq --dbpath /newarch/var/lib/pacman) --root /newarch --dbpath /newarch/var/lib/pacman<br />
<br />
=== Viewing a single file inside a .pkg file ===<br />
<br />
For example, if you want to see the contents of {{ic|/etc/systemd/logind.conf}} supplied within the {{Pkg|systemd}} package:<br />
<br />
$ tar -xOf /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz etc/systemd/logind.conf<br />
<br />
Or you can use {{pkg|vim}} to browse the archive:<br />
<br />
$ vim /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz<br />
<br />
=== Find applications that use libraries from older packages ===<br />
<br />
Even if you installed a package the existing long-running programs (like daemons and servers) still keep using code from old package libraries. And it is a bad idea to let these programs running if the old library contains a security bug.<br />
<br />
Here is a way how to find all the programs that use old packages code:<br />
<br />
# lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | sort -u<br />
It will print running program name and old library that was removed or replaced with newer content.<br />
<br />
== Performance ==<br />
<br />
=== Database access speeds ===<br />
<br />
Pacman stores all package information in a collection of small files, one for each package. Improving database access speeds reduces the time taken in database-related tasks, e.g. searching packages and resolving package dependencies. The safest and easiest method is to run as root:<br />
<br />
# pacman-optimize<br />
<br />
This will attempt to put all the small files together in one (physical) location on the hard disk so that the hard disk head does not have to move so much when accessing all the data. This method is safe, but is not foolproof: it depends on your filesystem, disk usage and empty space fragmentation. Another, more aggressive, option would be to first remove uninstalled packages from cache and to remove unused repositories before database optimization:<br />
<br />
# pacman -Sc && pacman-optimize<br />
<br />
=== Download speeds ===<br />
<br />
{{Note|If your download speeds have been reduced to a crawl, ensure you are using one of the many [[mirrors]] and not ftp.archlinux.org, which is [https://www.archlinux.org/news/302/ throttled since March 2007].}}<br />
<br />
When downloading packages pacman uses the mirrors in the order they are in {{ic|/etc/pacman.d/mirrorlist}}. The mirror which is at the top of the list by default however may not be the fastest for you. To select a faster mirror, see [[Mirrors]].<br />
<br />
Pacman's speed in downloading packages can also be improved by using a different application to download packages, instead of Pacman's built-in file downloader.<br />
<br />
In all cases, make sure you have the latest Pacman before doing any modifications.<br />
<br />
# pacman -Syu<br />
<br />
==== Powerpill ====<br />
<br />
[[Powerpill]] is a Pacman wrapper that uses parallel and segmented downloading to try to speed up downloads for Pacman.<br />
<br />
==== wget ====<br />
<br />
This is also very handy if you need more powerful proxy settings than pacman's built-in capabilities. <br />
<br />
To use {{ic|wget}}, first [[install]] the {{Pkg|wget}} package then modify {{ic|/etc/pacman.conf}} by uncommenting the following line in the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/wget -c -q --show-progress --passive-ftp -O %o %u<br />
<br />
Instead of uncommenting the {{ic|wget}} parameters in {{ic|/etc/pacman.conf}}, you can also modify the {{ic|wget}} configuration file directly (the system-wide file is {{ic|/etc/wgetrc}}, per user files are {{ic|$HOME/.wgetrc}}.<br />
<br />
==== aria2 ====<br />
<br />
[[aria2]] is a lightweight download utility with support for resumable and segmented HTTP/HTTPS and FTP downloads. aria2 allows for multiple and simultaneous HTTP/HTTPS and FTP connections to an Arch mirror, which should result in an increase in download speeds for both file and package retrieval.<br />
<br />
{{Note|Using aria2c in Pacman's XferCommand will '''not''' result in parallel downloads of multiple packages. Pacman invokes the XferCommand with a single package at a time and waits for it to complete before invoking the next. To download multiple packages in parallel, see [[Powerpill]].}}<br />
<br />
Install {{Pkg|aria2}}, then edit {{ic|/etc/pacman.conf}} by adding the following line to the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/aria2c --allow-overwrite=true --continue=true --file-allocation=none --log-level=error --max-tries=2 --max-connection-per-server=2 --max-file-not-found=5 --min-split-size=5M --no-conf --remote-time=true --summary-interval=60 --timeout=5 --dir=/ --out %o %u<br />
<br />
{{Tip|1=[https://bbs.archlinux.org/viewtopic.php?pid=1491879#p1491879 This alternative configuration for using pacman with aria2] tries to simplify configuration and adds more configuration options.}}<br />
<br />
See [http://aria2.sourceforge.net/manual/en/html/aria2c.html#options OPTIONS] in {{ic|man aria2c}} for used aria2c options.<br />
<br />
* {{ic|-d, --dir}} :The directory to store the downloaded file(s) as specified by [[pacman]].<br />
* {{ic|-o, --out}}: The output file name(s) of the downloaded file(s). <br />
* {{ic|%o}}: Variable which represents the local filename(s) as specified by pacman.<br />
*{{ic|%u}}: Variable which represents the download URL as specified by pacman.<br />
<br />
==== Other applications ====<br />
<br />
There are other downloading applications that you can use with Pacman. Here they are, and their associated XferCommand settings:<br />
<br />
* {{ic|snarf}}: {{ic|1=XferCommand = /usr/bin/snarf -N %u}}<br />
* {{ic|lftp}}: {{ic|1=XferCommand = /usr/bin/lftp -c pget %u}}<br />
* {{ic|axel}}: {{ic|1=XferCommand = /usr/bin/axel -n 2 -v -a -o %o %u}}<br />
* {{ic|hget}}: {{ic|1=XferCommand = /usr/bin/hget %u -n 2 -skip-tls false}} (please read the [https://github.com/huydx/hget documentation on the Github project page] for more info)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Pacman/Tips_and_tricks&diff=475454Pacman/Tips and tricks2017-04-29T17:16:59Z<p>JimRees: /* Read-write cache */ or ancestors</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Package management]]<br />
[[es:Pacman/Tips and tricks]]<br />
[[fa:Pacman tips]]<br />
[[fr:Astuces Pacman]]<br />
[[it:Pacman/Tips and tricks]]<br />
[[ja:Pacman ヒント]]<br />
[[ru:Pacman/Tips and tricks]]<br />
[[tr:Pacman ipuçları]]<br />
[[zh-hans:Pacman/Tips and tricks]]<br />
{{Related articles start}}<br />
{{Related|Mirrors}}<br />
{{Related|Creating packages}}<br />
{{Related articles end}}<br />
For general methods to improve the flexibility of the provided tips or pacman itself, see [[Core utilities]] and [[Bash]].<br />
<br />
== Cosmetic and convenience ==<br />
<br />
=== Graphical front-ends ===<br />
<br />
* {{App|Arch-Update| Update indicator for Gnome-Shell.|https://github.com/RaphaelRochet/arch-update|{{AUR|gnome-shell-extension-arch-update}}}}<br />
* {{App|Discover|A collection of package management tools for KDE, using PackageKit.|https://projects.kde.org/projects/kde/workspace/discover|{{Pkg|discover}}}}<br />
* {{App|GNOME packagekit|GTK based package management tool|http://www.freedesktop.org/software/PackageKit/|{{Pkg|gnome-packagekit}}}}<br />
* {{App|GNOME Software|Gnome Software App. (Curated selection for GNOME)|https://wiki.gnome.org/Apps/Software|{{pkg|gnome-software}}}}<br />
* {{App|kalu|A small application that will add an icon to your systray and sit there, regularly checking if there's anything new for you to upgrade.|https://jjacky.com/kalu/|{{aur|kalu}}}}<br />
* {{App|pcurses|Package management in a curses frontend|https://github.com/schuay/pcurses|{{Pkg|pcurses}}}}<br />
* {{App|tkPacman|Depends only on Tcl/Tk and X11, and interacts with the package database via the CLI of ''pacman''.|http://sourceforge.net/projects/tkpacman|{{AUR|tkpacman}}}}<br />
<br />
=== Utilities ===<br />
<br />
* {{App|Lostfiles|Script that identifies files not owned by any package.|https://github.com/graysky2/lostfiles|{{AUR|lostfiles}}}}<br />
* {{App|Pacmatic|Pacman wrapper to check Arch News before upgrading, avoid partial upgrades, and warn about configuration file changes.|http://kmkeen.com/pacmatic|{{Pkg|pacmatic}}}}<br />
* {{App|pacutils|Helper library for libalpm based programs.|https://github.com/andrewgregory/pacutils|{{Pkg|pacutils}}}}<br />
* {{App|[[pkgfile]]|Tool that finds what package owns a file.|http://github.com/falconindy/pkgfile|{{Pkg|pkgfile}}}}<br />
* {{App|pkgtools|Collection of scripts for Arch Linux packages.|https://github.com/Daenyth/pkgtools|{{AUR|pkgtools}}}}<br />
* {{App|repoctl|Tool to help manage local repositories.|https://github.com/cassava/repoctl|{{AUR|repoctl}}}}<br />
* {{App|repose|An Arch Linux repository building tool.|https://github.com/vodik/repose|{{Pkg|repose}}}}<br />
* {{App|[[Snapper#Wrapping_pacman_transactions_in_snapshots|snap-pac]]|Make pacman automatically use snapper to create pre/post snapshots like openSUSE's YaST.|https://github.com/wesbarnett/snap-pac|{{pkg|snap-pac}}}}<br />
* {{App|srcpac|Simple tool that automates rebuilding packages from source.|https://projects.archlinux.org/srcpac.git|{{Pkg|srcpac}}}}<br />
<br />
== Maintenance ==<br />
<br />
{{Expansion|{{ic|1=Usage=}} introduced with pacman 4.2, see [http://allanmcrae.com/2014/12/pacman-4-2-released/]}}<br />
<br />
{{Note|Instead of using ''comm'' (which requires sorted input with ''sort'') in the sections below, you may also use {{ic|grep -Fxf}} or {{ic|grep -Fxvf}}.}}<br />
<br />
See also [[System maintenance]].<br />
<br />
=== Listing packages ===<br />
<br />
You may want to get the list of installed packages with their version, which is useful when reporting bugs or discussing installed packages.<br />
<br />
* List all explicitly installed packages: {{ic|pacman -Qe}}.<br />
* List all explicitly installed native packages (i.e. present in the sync database) that are not direct or optional dependencies: {{ic|pacman -Qent}}.<br />
* List all foreign packages (typically manually downloaded and installed): {{ic|pacman -Qm}}.<br />
* List all native packages (installed from the sync database(s)): {{ic|pacman -Qn}}.<br />
* List packages by regex: {{ic|pacman -Qs ''regex''}}.<br />
* List packages by regex with custom output format: {{ic|expac -s "%-30n %v" ''regex''}} (needs {{Pkg|expac}}).<br />
<br />
==== With size ====<br />
<br />
To get a list of installed packages sorted by size, which may be useful when freeing space on your hard drive:<br />
<br />
* Install {{Pkg|expac}} and run {{ic|<nowiki>expac -H M '%m\t%n' | sort -h</nowiki>}}.<br />
* Run {{Pkg|pacgraph}} with the {{ic|-c}} option.<br />
<br />
To list the download size of several packages (leave {{ic|''packages''}} blank to list all packages):<br />
<br />
$ expac -S -H M '%k\t%n' ''packages''<br />
<br />
To list explicitly installed packages not in {{Grp|base}} nor {{Grp|base-devel}} with size and description:<br />
<br />
$ expac -H M "%011m\t%-20n\t%10d" $(comm -23 <(pacman -Qqen | sort) <(pacman -Qqg base base-devel | sort)) | sort -n<br />
<br />
==== By date ====<br />
<br />
To list the 20 last installed packages with {{Pkg|expac}}, run:<br />
<br />
$ expac --timefmt='%Y-%m-%d %T' '%l\t%n' | sort | tail -n 20<br />
<br />
or, with seconds since the epoch (1970-01-01 UTC):<br />
<br />
$ expac --timefmt=%s '%l\t%n' | sort -n | tail -n 20<br />
<br />
==== Not in a specified group or repository ====<br />
<br />
{{Note|To get a list of packages installed as dependencies but no longer required by any installed package, see [[#Removing unused packages (orphans)]].}}<br />
<br />
List explicitely installed packages not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qeq | sort) <(pacman -Qgq base base-devel | sort)<br />
<br />
List all installed packages unrequired by other packages, and which are not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qqt | sort) <(pacman -Sqg base base-devel | sort)<br />
<br />
As above, but with descriptions:<br />
<br />
$ expac -HM '%-20n\t%10d' $(comm -23 <(pacman -Qqt | sort) <(pacman -Qqg base base-devel | sort))<br />
<br />
List all installed packages that are ''not'' in the specified repository ''repo_name''<br />
<br />
$ comm -23 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
List all installed packages that are in the ''repo_name'' repository:<br />
<br />
$ comm -12 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
=== Listing files owned by a package with size ===<br />
<br />
This one might come in handy if you have found that a specific package uses a huge amount of space and you want to find out which files make up the most of that.<br />
<br />
$ pacman -Qlq ''package'' | grep -v '/$' | xargs du -h | sort -h<br />
<br />
=== Identify files not owned by any package ===<br />
<br />
If your system has stray files not owned by any package (a common case if you do not [[Enhance system stability#Use the package manager to install software|use the package manager to install software]]), you may want to find such files in order to clean them up. The general process for doing so is:<br />
<br />
# Create a sorted list of the files you want to check ownership of: {{bc|<nowiki>$ find /etc /opt /usr | sort > all_files.txt</nowiki>}}<br />
# Create a sorted list of the files tracked by pacman (and remove the trailing slashes from directories): {{bc|<nowiki>$ pacman -Qlq | sed 's|/$||' | sort > owned_files.txt</nowiki>}}<br />
# Find lines in the first list that are not in the second: {{bc|$ comm -23 all_files.txt owned_files.txt}}<br />
<br />
This process is tricky in practice because many important files are not part of any package (e.g. files generated at runtime, custom configs) and so will be included in the final output, making it difficult to pick out the files that can be safely deleted.<br />
<br />
{{Tip|The {{AUR|lostfiles}} script performs similar steps, but also includes an extensive blacklist to remove common false positives from the output. [https://github.com/CyberShadow/aconfmgr aconfmgr] ({{AUR|aconfmgr-git}}) also allows tracking orphaned files using a configuration script.}}<br />
<br />
=== Removing unused packages (orphans) ===<br />
<br />
For ''recursively'' removing orphans and their configuration files:<br />
<br />
# pacman -Rns $(pacman -Qtdq)<br />
<br />
If no orphans were found, pacman errors with {{ic|error: no targets specified}}. This is expected as no arguments were passed to {{ic|pacman -Rns}}.<br />
<br />
{{Note|The arguments {{ic|-Qt}} list only true orphans. To include packages which are ''optionally'' required by another package, pass the {{ic|-t}} flag twice (''i.e.'', {{ic|-Qtt}}).}}<br />
<br />
=== Removing everything but base group ===<br />
<br />
If it is ever necessary to remove all packages except the base group, try this one liner:<br />
<br />
# pacman -R $(comm -23 <(pacman -Qq | sort) <((for i in $(pacman -Qqg base); do pactree -ul "$i"; done) | sort -u))<br />
<br />
The one-liner was originally devised in [https://bbs.archlinux.org/viewtopic.php?id=130176 this discussion], and later improved in this article.<br />
<br />
=== Getting the dependencies list of several packages ===<br />
<br />
Dependencies are alphabetically sorted and doubles are removed.<br />
<br />
{{Note|To only show the tree of local installed packages, use {{ic|pacman -Qi}}.}}<br />
<br />
$ pacman -Si ''packages'' | awk -F'[:<=>]' '/^Depends/ {print $2}' | xargs -n1 | sort -u<br />
<br />
Alternatively, with {{Pkg|expac}}: <br />
<br />
$ expac -l '\n' %E -S ''packages'' | sort -u<br />
<br />
=== Listing changed backup files ===<br />
<br />
If you want to backup your system configuration files you could copy all files in {{ic|/etc/}}, but usually you are only interested in the files that you have changed. Modified [[Pacnew_and_Pacsave_files#Package_backup_files|backup files]] can be viewed with the following command:<br />
<br />
# pacman -Qii | awk '/^MODIFIED/ {print $2}'<br />
<br />
Running this command with root permissions will ensure that files readable only by root (such as {{ic|/etc/sudoers}}) are included in the output.<br />
<br />
{{Tip|See [[#Listing all changed files from packages]] to list all changed files pacman knows, not only backup files.}}<br />
<br />
=== Back-up the pacman database ===<br />
<br />
The following command can be used to back up the local pacman database:<br />
<br />
$ tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
The database can be restored by moving the {{ic|pacman_database.tar.bz2}} file into the {{ic|/}} directory and executing the following command:<br />
<br />
# tar -xjvf pacman_database.tar.bz2<br />
<br />
{{Note|If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult [[Pacman tips#Restore pacman's local database]].}}<br />
<br />
{{Tip|The {{AUR|pakbak-git}} package provides a script and a [[systemd]] service to automate the task. Configuration is possible in {{ic|/etc/pakbak.conf}}.}}<br />
<br />
=== Check changelogs easily ===<br />
<br />
When maintainers update packages, commits are often commented in a useful fashion. Users can quickly check these from the command line by installing {{AUR|pacolog}}. This utility lists recent commit messages for packages from the official repositories or the AUR, by using {{ic|pacolog <package>}}.<br />
<br />
== Installation and recovery ==<br />
<br />
Alternative ways of getting and restoring packages.<br />
<br />
=== Installing packages from a CD/DVD or USB stick ===<br />
<br />
{{Merge|#Custom local repository|Use as an example and avoid duplication}}<br />
<br />
To download packages, or groups of packages:<br />
<br />
# cd ~/Packages<br />
# pacman -Syw base base-devel grub-bios xorg gimp --cachedir .<br />
# repo-add ./custom.db.tar.gz ./*<br />
<br />
Then you can burn the "Packages" folder to a CD/DVD or transfer it to a USB stick, external HDD, etc.<br />
<br />
To install:<br />
<br />
'''1.''' Mount the media:<br />
<br />
# mkdir /mnt/repo<br />
# mount /dev/sr0 /mnt/repo #For a CD/DVD.<br />
# mount /dev/sdxY /mnt/repo #For a USB stick.<br />
<br />
'''2.''' Edit {{ic|pacman.conf}} and add this repository ''before'' the other ones (e.g. extra, core, etc.). This is important. Do not just uncomment the one on the bottom. This way it ensures that the files from the CD/DVD/USB take precedence over those in the standard repositories:<br />
<br />
{{hc|/etc/pacman.conf|2=<br />
[custom]<br />
SigLevel = PackageRequired<br />
Server = file:///mnt/repo/Packages}}<br />
<br />
'''3.''' Finally, synchronize the pacman database to be able to use the new repository:<br />
<br />
# pacman -Syu<br />
<br />
=== Custom local repository ===<br />
<br />
Use the ''repo-add'' script included with Pacman to generate a database for a personal repository. Use {{ic|repo-add --help}} for more details on its usage. Simply store all of the built packages to be included in the repository in one directory, and execute the following command (where ''repo'' is the name of the custom repository):<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/*.pkg.tar.xz<br />
<br />
{{Note|A package database is a tar file, optionally compressed. Valid extensions are “.db” or “.files” followed by an archive extension of “.tar”, “.tar.gz”, “.tar.bz2”, “.tar.xz”, or “.tar.Z”. The file does not need to exist, but all parent directories must exist.<br />
Furthermore when using {{ic|repo-add}} keep in mind that the database and the packages do not need to be in the same directory. But when using pacman with that database, they should be together.}}<br />
<br />
To add a new package to the database, or to replace the old version of an existing package in the database, run:<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/packagetoadd-1.0-1-i686.pkg.tar.xz<br />
<br />
''repo-remove'' is used in the exact same manner as ''repo-add'', except that the packages listed on the command line are removed from the repository database.<br />
<br />
Once the local repository database has been created, add the repository to {{ic|pacman.conf}} for each system that is to use the repository. An example of a custom repository is in {{ic|pacman.conf}}. The repository's name is the database filename with the file extension omitted. In the case of the example above the repository's name would simply be ''repo''. Reference the repository's location using a {{ic|file://}} url, or via FTP using ftp://localhost/path/to/directory.<br />
<br />
If willing, add the custom repository to the [[Unofficial user repositories|list of unofficial user repositories]], so that the community can benefit from it.<br />
<br />
=== Network shared pacman cache ===<br />
<br />
If you happen to run several Arch boxes on your LAN, you can share packages so that you can greatly decrease your download times. Keep in mind you should not share between different architectures (i.e. i686 and x86_64) or you will run into problems.<br />
<br />
==== Read-only cache ====<br />
<br />
If you are looking for a quick and dirty solution, you can simply run a standalone webserver which other computers can use as a first mirror: {{ic|darkhttpd /var/cache/pacman/pkg}}. Just add this server at the top of your mirror list. Be aware that you might get a lot of 404 errors, due to cache misses, depending on what you do, but pacman will try the next (real) mirrors when that happens.<br />
<br />
==== Read-write cache ====<br />
<br />
{{Tip|See [[pacserve]] for an alternative solution than what follows.}}<br />
<br />
In order to share packages between multiple computers, simply share {{ic|/var/cache/pacman/}} using any network-based mount protocol. This section shows how to use shfs or sshfs to share a package cache plus the related library-directories between multiple computers on the same local network. Keep in mind that a network shared cache can be slow depending on the file-system choice, among other factors.<br />
<br />
First, install any network-supporting filesystem; for example [[sshfs]], [[shfs]], ftpfs, [[smbfs]] or [[nfs]].<br />
<br />
{{Tip|<br />
* To use sshfs or shfs, consider reading [[Using SSH Keys]].<br />
* By default, smbfs does not serve filenames that contain colons, which results in the client downloading the offending package afresh. To prevent this, use the {{ic|mapchars}} mount option on the client.<br />
}}<br />
<br />
Then, to share the actual packages, mount {{ic|/var/cache/pacman/pkg}} from the server to {{ic|/var/cache/pacman/pkg}} on every client machine.<br />
<br />
Do not make {{ic|/var/cache/pacman/pkg}} or any of its ancestors a symlink. Pacman expects these to be directories. When pacman re-installs or upgrades itself, it will remove the symlinks and create empty directories instead. This can leave your system in an unbootable state.<br />
<br />
==== two-way with rsync ====<br />
<br />
Another approach in a local environment is [[rsync]]. Choose a server for caching and enable the [[Rsync#rsync_daemon]]. On clients synchronize two-way with this share via rsync protocol. Filenames that contain colons are no problem for the rsync protocol.<br />
<br />
Draft example for a client, uname -m in share name ensures architecture depended sync:<br />
# rsync rsync://server/share_$(uname -m)/ /var/cache/pacman/pkg/ ...<br />
# pacman ...<br />
# paccache ...<br />
# rsync /var/cache/pacman/pkg/ rsync://server/share_$(uname -m)/ ...<br />
<br />
==== Dynamic reverse proxy cache using nginx ====<br />
<br />
[[nginx]] can be used to proxy requests to official upstream mirrors and cache the results to local disk. All subsequent requests for that file will be served directly from the local cache, minimizing the amount of internet traffic needed to update a large number of servers with minimal effort. <br />
<br />
{{Warning| This method has a limitation. You must use mirrors that use the same relative path to package files and you must configure your cache to use that same path. In this example, we are using mirrors that use the relative path {{ic|/archlinux/$repo/os/$arch}} and our cache's {{ic|Server}} setting in {{ic|mirrorlist}} is configured similarly.}}<br />
<br />
In this example, we will run the cache server on {{ic|<nowiki>http://cache.domain.local:8080/</nowiki>}} and storing the packages in {{ic|/srv/http/pacman-cache/}}. <br />
<br />
Create the directory for the cache and adjust the permissions so nginx can write files to it:<br />
<br />
# mkdir /srv/http/pacman-cache<br />
# chown http:http /srv/http/pacman-cache<br />
<br />
Next, configure nginx as the [https://gist.github.com/anonymous/97ec4148f643de925e433bed3dc7ee7d dynamic cache] (read the comments for an explanation of the commands).<br />
<br />
Finally, update your other Arch Linux servers to use this new cache by adding the following line to the {{ic|mirrorlist}} file:<br />
<br />
{{hc|/etc/pacman.d/mirrorlist|<nowiki><br />
Server = http://cache.domain.local:8080/archlinux/$repo/os/$arch<br />
...<br />
</nowiki>}}<br />
<br />
{{Note| You will need to create a method to clear old packages, as this directory will continue to grow over time. {{ic|paccache}} (which is included with {{ic|pacman}}) can be used to automate this using retention criteria of your choosing. For example, {{ic|find /srv/http/pacman-cache/ -type d -exec paccache -v -r -k 2 -c {} \;}} will keep the last 2 versions of packages in your cache directory.}}<br />
<br />
==== Synchronize pacman package cache using synchronization programs ====<br />
<br />
Use [[Resilio Sync]] or [[Syncthing]] to synchronize the pacman cache folders (i.e. {{ic|/var/cache/pacman/pkg}}).<br />
<br />
==== Preventing unwanted cache purges ====<br />
<br />
By default, {{Ic|pacman -Sc}} removes package tarballs from the cache that correspond to packages that are not installed on the machine the command was issued on. Because pacman cannot predict what packages are installed on all machines that share the cache, it will end up deleting files that should not be.<br />
<br />
To clean up the cache so that only ''outdated'' tarballs are deleted, add this entry in the {{ic|[options]}} section of {{ic|/etc/pacman.conf}}:<br />
<br />
CleanMethod = KeepCurrent<br />
<br />
=== Recreate a package from the file system ===<br />
<br />
To recreate a package from the file system, use ''bacman'' (included with pacman). Files from the system are taken as they are, hence any modifications will be present in the assembled package. Distributing the recreated package is therefore discouraged; see [[ABS]] and [[Arch Rollback Machine]] for alternatives.<br />
<br />
{{Tip|''bacman'' honours the {{ic|PACKAGER}}, {{ic|PKGDEST}} and {{ic|PKGEXT}} options from {{ic|makepkg.conf}}. Custom options for the compression tools can be configured by exporting the relevant environment variable, for example {{ic|1=XZ_OPT="-T 0"}} will enable parallel compression for ''xz''.}}<br />
<br />
An alternative tool would be {{AUR|fakepkg}}. It supports parallelization and can handle multiple input packages in one command, which ''bacman'' both does not support.<br />
<br />
=== List of installed packages ===<br />
<br />
{{Tip|1=<nowiki></nowiki><br />
* These tasks can be automated. See {{AUR|bacpac}}, {{AUR|pacmanity}}, {{AUR|plist-gist}}, and {{AUR|pug}} for examples.<br />
* To skip already installed packages, use {{ic|--needed}}.<br />
}}<br />
<br />
Keeping a list of explicitly installed packages can be useful to speed up installation on a new system:<br />
<br />
$ pacman -Qqe > pkglist.txt<br />
<br />
{{Note|If you used {{ic|-Qqet}}, when reinstalling the list all the non-top-level packages would be set as dependencies.}}<br />
<br />
To install packages from the list backup, run:<br />
<br />
# pacman -S - < pkglist.txt<br />
<br />
{{Tip|Use {{ic|<nowiki>comm -13 <(pacman -Qqdt | sort) <(pacman -Qqdtt | sort) > optdeplist.txt</nowiki>}} to also create a list of the installed optional dependencies which can be reinstalled with {{ic|--asdeps}}.}}<br />
<br />
In case the list includes foreign packages, such as [[AUR]] packages, remove them first:<br />
<br />
# pacman -S $(comm -12 <(pacman -Slq | sort) <(sort pkglist.txt))<br />
<br />
To remove all the packages on your system that are not mentioned in the list:<br />
<br />
# pacman -Rsu $(comm -23 <(pacman -Qq | sort) <(sort pkglist.txt))<br />
<br />
=== Listing all changed files from packages ===<br />
<br />
If you are suspecting file corruption (e.g. by software/hardware failure), but are unsure if files were got corrupted, you might want to compare with the hash sums in the packages. This can be done with {{Pkg|pacutils}}:<br />
<br />
# paccheck --md5sum --quiet<br />
<br />
For recovery of the database see [[#Restore pacman's local database]]. The {{ic|mtree}} files can also be [[#Viewing a single file inside a .pkg file|extracted as {{ic|.MTREE}} from the respective package files]].<br />
<br />
{{Note|This should '''not''' be used as is when suspecting malicious changes! In this case security precautions such as using a live medium and an independent source for the hash sums are advised.}}<br />
<br />
=== Reinstalling all packages ===<br />
To reinstall all native packages, use:<br />
<br />
# pacman -Qnq | pacman -S -<br />
<br />
Foreign (AUR) packages must be reinstalled separately; you can list them with {{ic|pacman -Qmq}}.<br />
<br />
Pacman preserves the [[installation reason]] by default.<br />
<br />
=== Restore pacman's local database ===<br />
<br />
See [[Pacman/Restore_local_database]].<br />
<br />
=== Recovering a USB key from existing install ===<br />
<br />
If you have Arch installed on a USB key and manage to mess it up (e.g. removing it while it is still being written to), then it is possible to re-install all the packages and hopefully get it back up and working again (assuming USB key is mounted in /newarch)<br />
<br />
# pacman -S $(pacman -Qq --dbpath /newarch/var/lib/pacman) --root /newarch --dbpath /newarch/var/lib/pacman<br />
<br />
=== Viewing a single file inside a .pkg file ===<br />
<br />
For example, if you want to see the contents of {{ic|/etc/systemd/logind.conf}} supplied within the {{Pkg|systemd}} package:<br />
<br />
$ tar -xOf /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz etc/systemd/logind.conf<br />
<br />
Or you can use {{pkg|vim}} to browse the archive:<br />
<br />
$ vim /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz<br />
<br />
=== Find applications that use libraries from older packages ===<br />
<br />
Even if you installed a package the existing long-running programs (like daemons and servers) still keep using code from old package libraries. And it is a bad idea to let these programs running if the old library contains a security bug.<br />
<br />
Here is a way how to find all the programs that use old packages code:<br />
<br />
# lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | sort -u<br />
It will print running program name and old library that was removed or replaced with newer content.<br />
<br />
== Performance ==<br />
<br />
=== Database access speeds ===<br />
<br />
Pacman stores all package information in a collection of small files, one for each package. Improving database access speeds reduces the time taken in database-related tasks, e.g. searching packages and resolving package dependencies. The safest and easiest method is to run as root:<br />
<br />
# pacman-optimize<br />
<br />
This will attempt to put all the small files together in one (physical) location on the hard disk so that the hard disk head does not have to move so much when accessing all the data. This method is safe, but is not foolproof: it depends on your filesystem, disk usage and empty space fragmentation. Another, more aggressive, option would be to first remove uninstalled packages from cache and to remove unused repositories before database optimization:<br />
<br />
# pacman -Sc && pacman-optimize<br />
<br />
=== Download speeds ===<br />
<br />
{{Note|If your download speeds have been reduced to a crawl, ensure you are using one of the many [[mirrors]] and not ftp.archlinux.org, which is [https://www.archlinux.org/news/302/ throttled since March 2007].}}<br />
<br />
When downloading packages pacman uses the mirrors in the order they are in {{ic|/etc/pacman.d/mirrorlist}}. The mirror which is at the top of the list by default however may not be the fastest for you. To select a faster mirror, see [[Mirrors]].<br />
<br />
Pacman's speed in downloading packages can also be improved by using a different application to download packages, instead of Pacman's built-in file downloader.<br />
<br />
In all cases, make sure you have the latest Pacman before doing any modifications.<br />
<br />
# pacman -Syu<br />
<br />
==== Powerpill ====<br />
<br />
[[Powerpill]] is a Pacman wrapper that uses parallel and segmented downloading to try to speed up downloads for Pacman.<br />
<br />
==== wget ====<br />
<br />
This is also very handy if you need more powerful proxy settings than pacman's built-in capabilities. <br />
<br />
To use {{ic|wget}}, first [[install]] the {{Pkg|wget}} package then modify {{ic|/etc/pacman.conf}} by uncommenting the following line in the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/wget -c -q --show-progress --passive-ftp -O %o %u<br />
<br />
Instead of uncommenting the {{ic|wget}} parameters in {{ic|/etc/pacman.conf}}, you can also modify the {{ic|wget}} configuration file directly (the system-wide file is {{ic|/etc/wgetrc}}, per user files are {{ic|$HOME/.wgetrc}}.<br />
<br />
==== aria2 ====<br />
<br />
[[aria2]] is a lightweight download utility with support for resumable and segmented HTTP/HTTPS and FTP downloads. aria2 allows for multiple and simultaneous HTTP/HTTPS and FTP connections to an Arch mirror, which should result in an increase in download speeds for both file and package retrieval.<br />
<br />
{{Note|Using aria2c in Pacman's XferCommand will '''not''' result in parallel downloads of multiple packages. Pacman invokes the XferCommand with a single package at a time and waits for it to complete before invoking the next. To download multiple packages in parallel, see [[Powerpill]].}}<br />
<br />
Install {{Pkg|aria2}}, then edit {{ic|/etc/pacman.conf}} by adding the following line to the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/aria2c --allow-overwrite=true --continue=true --file-allocation=none --log-level=error --max-tries=2 --max-connection-per-server=2 --max-file-not-found=5 --min-split-size=5M --no-conf --remote-time=true --summary-interval=60 --timeout=5 --dir=/ --out %o %u<br />
<br />
{{Tip|1=[https://bbs.archlinux.org/viewtopic.php?pid=1491879#p1491879 This alternative configuration for using pacman with aria2] tries to simplify configuration and adds more configuration options.}}<br />
<br />
See [http://aria2.sourceforge.net/manual/en/html/aria2c.html#options OPTIONS] in {{ic|man aria2c}} for used aria2c options.<br />
<br />
* {{ic|-d, --dir}} :The directory to store the downloaded file(s) as specified by [[pacman]].<br />
* {{ic|-o, --out}}: The output file name(s) of the downloaded file(s). <br />
* {{ic|%o}}: Variable which represents the local filename(s) as specified by pacman.<br />
*{{ic|%u}}: Variable which represents the download URL as specified by pacman.<br />
<br />
==== Other applications ====<br />
<br />
There are other downloading applications that you can use with Pacman. Here they are, and their associated XferCommand settings:<br />
<br />
* {{ic|snarf}}: {{ic|1=XferCommand = /usr/bin/snarf -N %u}}<br />
* {{ic|lftp}}: {{ic|1=XferCommand = /usr/bin/lftp -c pget %u}}<br />
* {{ic|axel}}: {{ic|1=XferCommand = /usr/bin/axel -n 2 -v -a -o %o %u}}<br />
* {{ic|hget}}: {{ic|1=XferCommand = /usr/bin/hget %u -n 2 -skip-tls false}} (please read the [https://github.com/huydx/hget documentation on the Github project page] for more info)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Pacman/Tips_and_tricks&diff=475438Pacman/Tips and tricks2017-04-29T14:57:24Z<p>JimRees: /* Read-write cache */ say why the cache directories should not be symlinks</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Package management]]<br />
[[es:Pacman/Tips and tricks]]<br />
[[fa:Pacman tips]]<br />
[[fr:Astuces Pacman]]<br />
[[it:Pacman/Tips and tricks]]<br />
[[ja:Pacman ヒント]]<br />
[[ru:Pacman/Tips and tricks]]<br />
[[tr:Pacman ipuçları]]<br />
[[zh-hans:Pacman/Tips and tricks]]<br />
{{Related articles start}}<br />
{{Related|Mirrors}}<br />
{{Related|Creating packages}}<br />
{{Related articles end}}<br />
For general methods to improve the flexibility of the provided tips or pacman itself, see [[Core utilities]] and [[Bash]].<br />
<br />
== Cosmetic and convenience ==<br />
<br />
=== Graphical front-ends ===<br />
<br />
* {{App|Arch-Update| Update indicator for Gnome-Shell.|https://github.com/RaphaelRochet/arch-update|{{AUR|gnome-shell-extension-arch-update}}}}<br />
* {{App|Discover|A collection of package management tools for KDE, using PackageKit.|https://projects.kde.org/projects/kde/workspace/discover|{{Pkg|discover}}}}<br />
* {{App|GNOME packagekit|GTK based package management tool|http://www.freedesktop.org/software/PackageKit/|{{Pkg|gnome-packagekit}}}}<br />
* {{App|GNOME Software|Gnome Software App. (Curated selection for GNOME)|https://wiki.gnome.org/Apps/Software|{{pkg|gnome-software}}}}<br />
* {{App|kalu|A small application that will add an icon to your systray and sit there, regularly checking if there's anything new for you to upgrade.|https://jjacky.com/kalu/|{{aur|kalu}}}}<br />
* {{App|pcurses|Package management in a curses frontend|https://github.com/schuay/pcurses|{{Pkg|pcurses}}}}<br />
* {{App|tkPacman|Depends only on Tcl/Tk and X11, and interacts with the package database via the CLI of ''pacman''.|http://sourceforge.net/projects/tkpacman|{{AUR|tkpacman}}}}<br />
<br />
=== Utilities ===<br />
<br />
* {{App|Lostfiles|Script that identifies files not owned by any package.|https://github.com/graysky2/lostfiles|{{AUR|lostfiles}}}}<br />
* {{App|Pacmatic|Pacman wrapper to check Arch News before upgrading, avoid partial upgrades, and warn about configuration file changes.|http://kmkeen.com/pacmatic|{{Pkg|pacmatic}}}}<br />
* {{App|pacutils|Helper library for libalpm based programs.|https://github.com/andrewgregory/pacutils|{{Pkg|pacutils}}}}<br />
* {{App|[[pkgfile]]|Tool that finds what package owns a file.|http://github.com/falconindy/pkgfile|{{Pkg|pkgfile}}}}<br />
* {{App|pkgtools|Collection of scripts for Arch Linux packages.|https://github.com/Daenyth/pkgtools|{{AUR|pkgtools}}}}<br />
* {{App|repoctl|Tool to help manage local repositories.|https://github.com/cassava/repoctl|{{AUR|repoctl}}}}<br />
* {{App|repose|An Arch Linux repository building tool.|https://github.com/vodik/repose|{{Pkg|repose}}}}<br />
* {{App|[[Snapper#Wrapping_pacman_transactions_in_snapshots|snap-pac]]|Make pacman automatically use snapper to create pre/post snapshots like openSUSE's YaST.|https://github.com/wesbarnett/snap-pac|{{pkg|snap-pac}}}}<br />
* {{App|srcpac|Simple tool that automates rebuilding packages from source.|https://projects.archlinux.org/srcpac.git|{{Pkg|srcpac}}}}<br />
<br />
== Maintenance ==<br />
<br />
{{Expansion|{{ic|1=Usage=}} introduced with pacman 4.2, see [http://allanmcrae.com/2014/12/pacman-4-2-released/]}}<br />
<br />
{{Note|Instead of using ''comm'' (which requires sorted input with ''sort'') in the sections below, you may also use {{ic|grep -Fxf}} or {{ic|grep -Fxvf}}.}}<br />
<br />
See also [[System maintenance]].<br />
<br />
=== Listing packages ===<br />
<br />
You may want to get the list of installed packages with their version, which is useful when reporting bugs or discussing installed packages.<br />
<br />
* List all explicitly installed packages: {{ic|pacman -Qe}}.<br />
* List all explicitly installed native packages (i.e. present in the sync database) that are not direct or optional dependencies: {{ic|pacman -Qent}}.<br />
* List all foreign packages (typically manually downloaded and installed): {{ic|pacman -Qm}}.<br />
* List all native packages (installed from the sync database(s)): {{ic|pacman -Qn}}.<br />
* List packages by regex: {{ic|pacman -Qs ''regex''}}.<br />
* List packages by regex with custom output format: {{ic|expac -s "%-30n %v" ''regex''}} (needs {{Pkg|expac}}).<br />
<br />
==== With size ====<br />
<br />
To get a list of installed packages sorted by size, which may be useful when freeing space on your hard drive:<br />
<br />
* Install {{Pkg|expac}} and run {{ic|<nowiki>expac -H M '%m\t%n' | sort -h</nowiki>}}.<br />
* Run {{Pkg|pacgraph}} with the {{ic|-c}} option.<br />
<br />
To list the download size of several packages (leave {{ic|''packages''}} blank to list all packages):<br />
<br />
$ expac -S -H M '%k\t%n' ''packages''<br />
<br />
To list explicitly installed packages not in {{Grp|base}} nor {{Grp|base-devel}} with size and description:<br />
<br />
$ expac -H M "%011m\t%-20n\t%10d" $(comm -23 <(pacman -Qqen | sort) <(pacman -Qqg base base-devel | sort)) | sort -n<br />
<br />
==== By date ====<br />
<br />
To list the 20 last installed packages with {{Pkg|expac}}, run:<br />
<br />
$ expac --timefmt='%Y-%m-%d %T' '%l\t%n' | sort | tail -n 20<br />
<br />
or, with seconds since the epoch (1970-01-01 UTC):<br />
<br />
$ expac --timefmt=%s '%l\t%n' | sort -n | tail -n 20<br />
<br />
==== Not in a specified group or repository ====<br />
<br />
{{Note|To get a list of packages installed as dependencies but no longer required by any installed package, see [[#Removing unused packages (orphans)]].}}<br />
<br />
List explicitely installed packages not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qeq | sort) <(pacman -Qgq base base-devel | sort)<br />
<br />
List all installed packages unrequired by other packages, and which are not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qqt | sort) <(pacman -Sqg base base-devel | sort)<br />
<br />
As above, but with descriptions:<br />
<br />
$ expac -HM '%-20n\t%10d' $(comm -23 <(pacman -Qqt | sort) <(pacman -Qqg base base-devel | sort))<br />
<br />
List all installed packages that are ''not'' in the specified repository ''repo_name''<br />
<br />
$ comm -23 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
List all installed packages that are in the ''repo_name'' repository:<br />
<br />
$ comm -12 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
=== Listing files owned by a package with size ===<br />
<br />
This one might come in handy if you have found that a specific package uses a huge amount of space and you want to find out which files make up the most of that.<br />
<br />
$ pacman -Qlq ''package'' | grep -v '/$' | xargs du -h | sort -h<br />
<br />
=== Identify files not owned by any package ===<br />
<br />
If your system has stray files not owned by any package (a common case if you do not [[Enhance system stability#Use the package manager to install software|use the package manager to install software]]), you may want to find such files in order to clean them up. The general process for doing so is:<br />
<br />
# Create a sorted list of the files you want to check ownership of: {{bc|<nowiki>$ find /etc /opt /usr | sort > all_files.txt</nowiki>}}<br />
# Create a sorted list of the files tracked by pacman (and remove the trailing slashes from directories): {{bc|<nowiki>$ pacman -Qlq | sed 's|/$||' | sort > owned_files.txt</nowiki>}}<br />
# Find lines in the first list that are not in the second: {{bc|$ comm -23 all_files.txt owned_files.txt}}<br />
<br />
This process is tricky in practice because many important files are not part of any package (e.g. files generated at runtime, custom configs) and so will be included in the final output, making it difficult to pick out the files that can be safely deleted.<br />
<br />
{{Tip|The {{AUR|lostfiles}} script performs similar steps, but also includes an extensive blacklist to remove common false positives from the output. [https://github.com/CyberShadow/aconfmgr aconfmgr] ({{AUR|aconfmgr-git}}) also allows tracking orphaned files using a configuration script.}}<br />
<br />
=== Removing unused packages (orphans) ===<br />
<br />
For ''recursively'' removing orphans and their configuration files:<br />
<br />
# pacman -Rns $(pacman -Qtdq)<br />
<br />
If no orphans were found, pacman errors with {{ic|error: no targets specified}}. This is expected as no arguments were passed to {{ic|pacman -Rns}}.<br />
<br />
{{Note|The arguments {{ic|-Qt}} list only true orphans. To include packages which are ''optionally'' required by another package, pass the {{ic|-t}} flag twice (''i.e.'', {{ic|-Qtt}}).}}<br />
<br />
=== Removing everything but base group ===<br />
<br />
If it is ever necessary to remove all packages except the base group, try this one liner:<br />
<br />
# pacman -R $(comm -23 <(pacman -Qq | sort) <((for i in $(pacman -Qqg base); do pactree -ul "$i"; done) | sort -u))<br />
<br />
The one-liner was originally devised in [https://bbs.archlinux.org/viewtopic.php?id=130176 this discussion], and later improved in this article.<br />
<br />
=== Getting the dependencies list of several packages ===<br />
<br />
Dependencies are alphabetically sorted and doubles are removed.<br />
<br />
{{Note|To only show the tree of local installed packages, use {{ic|pacman -Qi}}.}}<br />
<br />
$ pacman -Si ''packages'' | awk -F'[:<=>]' '/^Depends/ {print $2}' | xargs -n1 | sort -u<br />
<br />
Alternatively, with {{Pkg|expac}}: <br />
<br />
$ expac -l '\n' %E -S ''packages'' | sort -u<br />
<br />
=== Listing changed backup files ===<br />
<br />
If you want to backup your system configuration files you could copy all files in {{ic|/etc/}}, but usually you are only interested in the files that you have changed. Modified [[Pacnew_and_Pacsave_files#Package_backup_files|backup files]] can be viewed with the following command:<br />
<br />
# pacman -Qii | awk '/^MODIFIED/ {print $2}'<br />
<br />
Running this command with root permissions will ensure that files readable only by root (such as {{ic|/etc/sudoers}}) are included in the output.<br />
<br />
{{Tip|See [[#Listing all changed files from packages]] to list all changed files pacman knows, not only backup files.}}<br />
<br />
=== Back-up the pacman database ===<br />
<br />
The following command can be used to back up the local pacman database:<br />
<br />
$ tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
The database can be restored by moving the {{ic|pacman_database.tar.bz2}} file into the {{ic|/}} directory and executing the following command:<br />
<br />
# tar -xjvf pacman_database.tar.bz2<br />
<br />
{{Note|If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult [[Pacman tips#Restore pacman's local database]].}}<br />
<br />
{{Tip|The {{AUR|pakbak-git}} package provides a script and a [[systemd]] service to automate the task. Configuration is possible in {{ic|/etc/pakbak.conf}}.}}<br />
<br />
=== Check changelogs easily ===<br />
<br />
When maintainers update packages, commits are often commented in a useful fashion. Users can quickly check these from the command line by installing {{AUR|pacolog}}. This utility lists recent commit messages for packages from the official repositories or the AUR, by using {{ic|pacolog <package>}}.<br />
<br />
== Installation and recovery ==<br />
<br />
Alternative ways of getting and restoring packages.<br />
<br />
=== Installing packages from a CD/DVD or USB stick ===<br />
<br />
{{Merge|#Custom local repository|Use as an example and avoid duplication}}<br />
<br />
To download packages, or groups of packages:<br />
<br />
# cd ~/Packages<br />
# pacman -Syw base base-devel grub-bios xorg gimp --cachedir .<br />
# repo-add ./custom.db.tar.gz ./*<br />
<br />
Then you can burn the "Packages" folder to a CD/DVD or transfer it to a USB stick, external HDD, etc.<br />
<br />
To install:<br />
<br />
'''1.''' Mount the media:<br />
<br />
# mkdir /mnt/repo<br />
# mount /dev/sr0 /mnt/repo #For a CD/DVD.<br />
# mount /dev/sdxY /mnt/repo #For a USB stick.<br />
<br />
'''2.''' Edit {{ic|pacman.conf}} and add this repository ''before'' the other ones (e.g. extra, core, etc.). This is important. Do not just uncomment the one on the bottom. This way it ensures that the files from the CD/DVD/USB take precedence over those in the standard repositories:<br />
<br />
{{hc|/etc/pacman.conf|2=<br />
[custom]<br />
SigLevel = PackageRequired<br />
Server = file:///mnt/repo/Packages}}<br />
<br />
'''3.''' Finally, synchronize the pacman database to be able to use the new repository:<br />
<br />
# pacman -Syu<br />
<br />
=== Custom local repository ===<br />
<br />
Use the ''repo-add'' script included with Pacman to generate a database for a personal repository. Use {{ic|repo-add --help}} for more details on its usage. Simply store all of the built packages to be included in the repository in one directory, and execute the following command (where ''repo'' is the name of the custom repository):<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/*.pkg.tar.xz<br />
<br />
{{Note|A package database is a tar file, optionally compressed. Valid extensions are “.db” or “.files” followed by an archive extension of “.tar”, “.tar.gz”, “.tar.bz2”, “.tar.xz”, or “.tar.Z”. The file does not need to exist, but all parent directories must exist.<br />
Furthermore when using {{ic|repo-add}} keep in mind that the database and the packages do not need to be in the same directory. But when using pacman with that database, they should be together.}}<br />
<br />
To add a new package to the database, or to replace the old version of an existing package in the database, run:<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/packagetoadd-1.0-1-i686.pkg.tar.xz<br />
<br />
''repo-remove'' is used in the exact same manner as ''repo-add'', except that the packages listed on the command line are removed from the repository database.<br />
<br />
Once the local repository database has been created, add the repository to {{ic|pacman.conf}} for each system that is to use the repository. An example of a custom repository is in {{ic|pacman.conf}}. The repository's name is the database filename with the file extension omitted. In the case of the example above the repository's name would simply be ''repo''. Reference the repository's location using a {{ic|file://}} url, or via FTP using ftp://localhost/path/to/directory.<br />
<br />
If willing, add the custom repository to the [[Unofficial user repositories|list of unofficial user repositories]], so that the community can benefit from it.<br />
<br />
=== Network shared pacman cache ===<br />
<br />
If you happen to run several Arch boxes on your LAN, you can share packages so that you can greatly decrease your download times. Keep in mind you should not share between different architectures (i.e. i686 and x86_64) or you will run into problems.<br />
<br />
==== Read-only cache ====<br />
<br />
If you are looking for a quick and dirty solution, you can simply run a standalone webserver which other computers can use as a first mirror: {{ic|darkhttpd /var/cache/pacman/pkg}}. Just add this server at the top of your mirror list. Be aware that you might get a lot of 404 errors, due to cache misses, depending on what you do, but pacman will try the next (real) mirrors when that happens.<br />
<br />
==== Read-write cache ====<br />
<br />
{{Tip|See [[pacserve]] for an alternative solution than what follows.}}<br />
<br />
In order to share packages between multiple computers, simply share {{ic|/var/cache/pacman/}} using any network-based mount protocol. This section shows how to use shfs or sshfs to share a package cache plus the related library-directories between multiple computers on the same local network. Keep in mind that a network shared cache can be slow depending on the file-system choice, among other factors.<br />
<br />
First, install any network-supporting filesystem; for example [[sshfs]], [[shfs]], ftpfs, [[smbfs]] or [[nfs]].<br />
<br />
{{Tip|<br />
* To use sshfs or shfs, consider reading [[Using SSH Keys]].<br />
* By default, smbfs does not serve filenames that contain colons, which results in the client downloading the offending package afresh. To prevent this, use the {{ic|mapchars}} mount option on the client.<br />
}}<br />
<br />
Then, to share the actual packages, mount {{ic|/var/cache/pacman/pkg}} from the server to {{ic|/var/cache/pacman/pkg}} on every client machine.<br />
<br />
Do not make either {{ic|/var/cache/pacman/}} or {{ic|/var/cache/pacman/pkg}} a symlink. Pacman expects these to be directories. When pacman re-installs or upgrades itself, it will remove the symlinks and create empty directories instead. This can leave your system in an unbootable state.<br />
<br />
==== two-way with rsync ====<br />
<br />
Another approach in a local environment is [[rsync]]. Choose a server for caching and enable the [[Rsync#rsync_daemon]]. On clients synchronize two-way with this share via rsync protocol. Filenames that contain colons are no problem for the rsync protocol.<br />
<br />
Draft example for a client, uname -m in share name ensures architecture depended sync:<br />
# rsync rsync://server/share_$(uname -m)/ /var/cache/pacman/pkg/ ...<br />
# pacman ...<br />
# paccache ...<br />
# rsync /var/cache/pacman/pkg/ rsync://server/share_$(uname -m)/ ...<br />
<br />
==== Dynamic reverse proxy cache using nginx ====<br />
<br />
[[nginx]] can be used to proxy requests to official upstream mirrors and cache the results to local disk. All subsequent requests for that file will be served directly from the local cache, minimizing the amount of internet traffic needed to update a large number of servers with minimal effort. <br />
<br />
{{Warning| This method has a limitation. You must use mirrors that use the same relative path to package files and you must configure your cache to use that same path. In this example, we are using mirrors that use the relative path {{ic|/archlinux/$repo/os/$arch}} and our cache's {{ic|Server}} setting in {{ic|mirrorlist}} is configured similarly.}}<br />
<br />
In this example, we will run the cache server on {{ic|<nowiki>http://cache.domain.local:8080/</nowiki>}} and storing the packages in {{ic|/srv/http/pacman-cache/}}. <br />
<br />
Create the directory for the cache and adjust the permissions so nginx can write files to it:<br />
<br />
# mkdir /srv/http/pacman-cache<br />
# chown http:http /srv/http/pacman-cache<br />
<br />
Next, configure nginx as the [https://gist.github.com/anonymous/97ec4148f643de925e433bed3dc7ee7d dynamic cache] (read the comments for an explanation of the commands).<br />
<br />
Finally, update your other Arch Linux servers to use this new cache by adding the following line to the {{ic|mirrorlist}} file:<br />
<br />
{{hc|/etc/pacman.d/mirrorlist|<nowiki><br />
Server = http://cache.domain.local:8080/archlinux/$repo/os/$arch<br />
...<br />
</nowiki>}}<br />
<br />
{{Note| You will need to create a method to clear old packages, as this directory will continue to grow over time. {{ic|paccache}} (which is included with {{ic|pacman}}) can be used to automate this using retention criteria of your choosing. For example, {{ic|find /srv/http/pacman-cache/ -type d -exec paccache -v -r -k 2 -c {} \;}} will keep the last 2 versions of packages in your cache directory.}}<br />
<br />
==== Synchronize pacman package cache using synchronization programs ====<br />
<br />
Use [[Resilio Sync]] or [[Syncthing]] to synchronize the pacman cache folders (i.e. {{ic|/var/cache/pacman/pkg}}).<br />
<br />
==== Preventing unwanted cache purges ====<br />
<br />
By default, {{Ic|pacman -Sc}} removes package tarballs from the cache that correspond to packages that are not installed on the machine the command was issued on. Because pacman cannot predict what packages are installed on all machines that share the cache, it will end up deleting files that should not be.<br />
<br />
To clean up the cache so that only ''outdated'' tarballs are deleted, add this entry in the {{ic|[options]}} section of {{ic|/etc/pacman.conf}}:<br />
<br />
CleanMethod = KeepCurrent<br />
<br />
=== Recreate a package from the file system ===<br />
<br />
To recreate a package from the file system, use ''bacman'' (included with pacman). Files from the system are taken as they are, hence any modifications will be present in the assembled package. Distributing the recreated package is therefore discouraged; see [[ABS]] and [[Arch Rollback Machine]] for alternatives.<br />
<br />
{{Tip|''bacman'' honours the {{ic|PACKAGER}}, {{ic|PKGDEST}} and {{ic|PKGEXT}} options from {{ic|makepkg.conf}}. Custom options for the compression tools can be configured by exporting the relevant environment variable, for example {{ic|1=XZ_OPT="-T 0"}} will enable parallel compression for ''xz''.}}<br />
<br />
An alternative tool would be {{AUR|fakepkg}}. It supports parallelization and can handle multiple input packages in one command, which ''bacman'' both does not support.<br />
<br />
=== List of installed packages ===<br />
<br />
{{Tip|1=<nowiki></nowiki><br />
* These tasks can be automated. See {{AUR|bacpac}}, {{AUR|pacmanity}}, {{AUR|plist-gist}}, and {{AUR|pug}} for examples.<br />
* To skip already installed packages, use {{ic|--needed}}.<br />
}}<br />
<br />
Keeping a list of explicitly installed packages can be useful to speed up installation on a new system:<br />
<br />
$ pacman -Qqe > pkglist.txt<br />
<br />
{{Note|If you used {{ic|-Qqet}}, when reinstalling the list all the non-top-level packages would be set as dependencies.}}<br />
<br />
To install packages from the list backup, run:<br />
<br />
# pacman -S - < pkglist.txt<br />
<br />
{{Tip|Use {{ic|<nowiki>comm -13 <(pacman -Qqdt | sort) <(pacman -Qqdtt | sort) > optdeplist.txt</nowiki>}} to also create a list of the installed optional dependencies which can be reinstalled with {{ic|--asdeps}}.}}<br />
<br />
In case the list includes foreign packages, such as [[AUR]] packages, remove them first:<br />
<br />
# pacman -S $(comm -12 <(pacman -Slq | sort) <(sort pkglist.txt))<br />
<br />
To remove all the packages on your system that are not mentioned in the list:<br />
<br />
# pacman -Rsu $(comm -23 <(pacman -Qq | sort) <(sort pkglist.txt))<br />
<br />
=== Listing all changed files from packages ===<br />
<br />
If you are suspecting file corruption (e.g. by software/hardware failure), but are unsure if files were got corrupted, you might want to compare with the hash sums in the packages. This can be done with {{Pkg|pacutils}}:<br />
<br />
# paccheck --md5sum --quiet<br />
<br />
For recovery of the database see [[#Restore pacman's local database]]. The {{ic|mtree}} files can also be [[#Viewing a single file inside a .pkg file|extracted as {{ic|.MTREE}} from the respective package files]].<br />
<br />
{{Note|This should '''not''' be used as is when suspecting malicious changes! In this case security precautions such as using a live medium and an independent source for the hash sums are advised.}}<br />
<br />
=== Reinstalling all packages ===<br />
To reinstall all native packages, use:<br />
<br />
# pacman -Qnq | pacman -S -<br />
<br />
Foreign (AUR) packages must be reinstalled separately; you can list them with {{ic|pacman -Qmq}}.<br />
<br />
Pacman preserves the [[installation reason]] by default.<br />
<br />
=== Restore pacman's local database ===<br />
<br />
See [[Pacman/Restore_local_database]].<br />
<br />
=== Recovering a USB key from existing install ===<br />
<br />
If you have Arch installed on a USB key and manage to mess it up (e.g. removing it while it is still being written to), then it is possible to re-install all the packages and hopefully get it back up and working again (assuming USB key is mounted in /newarch)<br />
<br />
# pacman -S $(pacman -Qq --dbpath /newarch/var/lib/pacman) --root /newarch --dbpath /newarch/var/lib/pacman<br />
<br />
=== Viewing a single file inside a .pkg file ===<br />
<br />
For example, if you want to see the contents of {{ic|/etc/systemd/logind.conf}} supplied within the {{Pkg|systemd}} package:<br />
<br />
$ tar -xOf /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz etc/systemd/logind.conf<br />
<br />
Or you can use {{pkg|vim}} to browse the archive:<br />
<br />
$ vim /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz<br />
<br />
=== Find applications that use libraries from older packages ===<br />
<br />
Even if you installed a package the existing long-running programs (like daemons and servers) still keep using code from old package libraries. And it is a bad idea to let these programs running if the old library contains a security bug.<br />
<br />
Here is a way how to find all the programs that use old packages code:<br />
<br />
# lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | sort -u<br />
It will print running program name and old library that was removed or replaced with newer content.<br />
<br />
== Performance ==<br />
<br />
=== Database access speeds ===<br />
<br />
Pacman stores all package information in a collection of small files, one for each package. Improving database access speeds reduces the time taken in database-related tasks, e.g. searching packages and resolving package dependencies. The safest and easiest method is to run as root:<br />
<br />
# pacman-optimize<br />
<br />
This will attempt to put all the small files together in one (physical) location on the hard disk so that the hard disk head does not have to move so much when accessing all the data. This method is safe, but is not foolproof: it depends on your filesystem, disk usage and empty space fragmentation. Another, more aggressive, option would be to first remove uninstalled packages from cache and to remove unused repositories before database optimization:<br />
<br />
# pacman -Sc && pacman-optimize<br />
<br />
=== Download speeds ===<br />
<br />
{{Note|If your download speeds have been reduced to a crawl, ensure you are using one of the many [[mirrors]] and not ftp.archlinux.org, which is [https://www.archlinux.org/news/302/ throttled since March 2007].}}<br />
<br />
When downloading packages pacman uses the mirrors in the order they are in {{ic|/etc/pacman.d/mirrorlist}}. The mirror which is at the top of the list by default however may not be the fastest for you. To select a faster mirror, see [[Mirrors]].<br />
<br />
Pacman's speed in downloading packages can also be improved by using a different application to download packages, instead of Pacman's built-in file downloader.<br />
<br />
In all cases, make sure you have the latest Pacman before doing any modifications.<br />
<br />
# pacman -Syu<br />
<br />
==== Powerpill ====<br />
<br />
[[Powerpill]] is a Pacman wrapper that uses parallel and segmented downloading to try to speed up downloads for Pacman.<br />
<br />
==== wget ====<br />
<br />
This is also very handy if you need more powerful proxy settings than pacman's built-in capabilities. <br />
<br />
To use {{ic|wget}}, first [[install]] the {{Pkg|wget}} package then modify {{ic|/etc/pacman.conf}} by uncommenting the following line in the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/wget -c -q --show-progress --passive-ftp -O %o %u<br />
<br />
Instead of uncommenting the {{ic|wget}} parameters in {{ic|/etc/pacman.conf}}, you can also modify the {{ic|wget}} configuration file directly (the system-wide file is {{ic|/etc/wgetrc}}, per user files are {{ic|$HOME/.wgetrc}}.<br />
<br />
==== aria2 ====<br />
<br />
[[aria2]] is a lightweight download utility with support for resumable and segmented HTTP/HTTPS and FTP downloads. aria2 allows for multiple and simultaneous HTTP/HTTPS and FTP connections to an Arch mirror, which should result in an increase in download speeds for both file and package retrieval.<br />
<br />
{{Note|Using aria2c in Pacman's XferCommand will '''not''' result in parallel downloads of multiple packages. Pacman invokes the XferCommand with a single package at a time and waits for it to complete before invoking the next. To download multiple packages in parallel, see [[Powerpill]].}}<br />
<br />
Install {{Pkg|aria2}}, then edit {{ic|/etc/pacman.conf}} by adding the following line to the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/aria2c --allow-overwrite=true --continue=true --file-allocation=none --log-level=error --max-tries=2 --max-connection-per-server=2 --max-file-not-found=5 --min-split-size=5M --no-conf --remote-time=true --summary-interval=60 --timeout=5 --dir=/ --out %o %u<br />
<br />
{{Tip|1=[https://bbs.archlinux.org/viewtopic.php?pid=1491879#p1491879 This alternative configuration for using pacman with aria2] tries to simplify configuration and adds more configuration options.}}<br />
<br />
See [http://aria2.sourceforge.net/manual/en/html/aria2c.html#options OPTIONS] in {{ic|man aria2c}} for used aria2c options.<br />
<br />
* {{ic|-d, --dir}} :The directory to store the downloaded file(s) as specified by [[pacman]].<br />
* {{ic|-o, --out}}: The output file name(s) of the downloaded file(s). <br />
* {{ic|%o}}: Variable which represents the local filename(s) as specified by pacman.<br />
*{{ic|%u}}: Variable which represents the download URL as specified by pacman.<br />
<br />
==== Other applications ====<br />
<br />
There are other downloading applications that you can use with Pacman. Here they are, and their associated XferCommand settings:<br />
<br />
* {{ic|snarf}}: {{ic|1=XferCommand = /usr/bin/snarf -N %u}}<br />
* {{ic|lftp}}: {{ic|1=XferCommand = /usr/bin/lftp -c pget %u}}<br />
* {{ic|axel}}: {{ic|1=XferCommand = /usr/bin/axel -n 2 -v -a -o %o %u}}<br />
* {{ic|hget}}: {{ic|1=XferCommand = /usr/bin/hget %u -n 2 -skip-tls false}} (please read the [https://github.com/huydx/hget documentation on the Github project page] for more info)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Pacman/Tips_and_tricks&diff=475234Pacman/Tips and tricks2017-04-27T14:40:02Z<p>JimRees: /* Read-write cache */ Do not replace the directory /var/cache/pacman/ with a symlink</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Package management]]<br />
[[es:Pacman/Tips and tricks]]<br />
[[fa:Pacman tips]]<br />
[[fr:Astuces Pacman]]<br />
[[it:Pacman/Tips and tricks]]<br />
[[ja:Pacman ヒント]]<br />
[[ru:Pacman/Tips and tricks]]<br />
[[tr:Pacman ipuçları]]<br />
[[zh-hans:Pacman/Tips and tricks]]<br />
{{Related articles start}}<br />
{{Related|Mirrors}}<br />
{{Related|Creating packages}}<br />
{{Related articles end}}<br />
For general methods to improve the flexibility of the provided tips or pacman itself, see [[Core utilities]] and [[Bash]].<br />
<br />
== Cosmetic and convenience ==<br />
<br />
=== Graphical front-ends ===<br />
<br />
* {{App|Arch-Update| Update indicator for Gnome-Shell.|https://github.com/RaphaelRochet/arch-update|{{AUR|gnome-shell-extension-arch-update}}}}<br />
* {{App|Discover|A collection of package management tools for KDE, using PackageKit.|https://projects.kde.org/projects/kde/workspace/discover|{{Pkg|discover}}}}<br />
* {{App|GNOME packagekit|GTK based package management tool|http://www.freedesktop.org/software/PackageKit/|{{Pkg|gnome-packagekit}}}}<br />
* {{App|GNOME Software|Gnome Software App. (Curated selection for GNOME)|https://wiki.gnome.org/Apps/Software|{{pkg|gnome-software}}}}<br />
* {{App|kalu|A small application that will add an icon to your systray and sit there, regularly checking if there's anything new for you to upgrade.|https://jjacky.com/kalu/|{{aur|kalu}}}}<br />
* {{App|pcurses|Package management in a curses frontend|https://github.com/schuay/pcurses|{{Pkg|pcurses}}}}<br />
* {{App|tkPacman|Depends only on Tcl/Tk and X11, and interacts with the package database via the CLI of ''pacman''.|http://sourceforge.net/projects/tkpacman|{{AUR|tkpacman}}}}<br />
<br />
=== Utilities ===<br />
<br />
* {{App|Lostfiles|Script that identifies files not owned by any package.|https://github.com/graysky2/lostfiles|{{AUR|lostfiles}}}}<br />
* {{App|Pacmatic|Pacman wrapper to check Arch News before upgrading, avoid partial upgrades, and warn about configuration file changes.|http://kmkeen.com/pacmatic|{{Pkg|pacmatic}}}}<br />
* {{App|pacutils|Helper library for libalpm based programs.|https://github.com/andrewgregory/pacutils|{{Pkg|pacutils}}}}<br />
* {{App|[[pkgfile]]|Tool that finds what package owns a file.|http://github.com/falconindy/pkgfile|{{Pkg|pkgfile}}}}<br />
* {{App|pkgtools|Collection of scripts for Arch Linux packages.|https://github.com/Daenyth/pkgtools|{{AUR|pkgtools}}}}<br />
* {{App|repoctl|Tool to help manage local repositories.|https://github.com/cassava/repoctl|{{AUR|repoctl}}}}<br />
* {{App|repose|An Arch Linux repository building tool.|https://github.com/vodik/repose|{{Pkg|repose}}}}<br />
* {{App|[[Snapper#Wrapping_pacman_transactions_in_snapshots|snap-pac]]|Make pacman automatically use snapper to create pre/post snapshots like openSUSE's YaST.|https://github.com/wesbarnett/snap-pac|{{pkg|snap-pac}}}}<br />
* {{App|srcpac|Simple tool that automates rebuilding packages from source.|https://projects.archlinux.org/srcpac.git|{{Pkg|srcpac}}}}<br />
<br />
== Maintenance ==<br />
<br />
{{Expansion|{{ic|1=Usage=}} introduced with pacman 4.2, see [http://allanmcrae.com/2014/12/pacman-4-2-released/]}}<br />
<br />
{{Note|Instead of using ''comm'' (which requires sorted input with ''sort'') in the sections below, you may also use {{ic|grep -Fxf}} or {{ic|grep -Fxvf}}.}}<br />
<br />
See also [[System maintenance]].<br />
<br />
=== Listing packages ===<br />
<br />
You may want to get the list of installed packages with their version, which is useful when reporting bugs or discussing installed packages.<br />
<br />
* List all explicitly installed packages: {{ic|pacman -Qe}}.<br />
* List all explicitly installed native packages (i.e. present in the sync database) that are not direct or optional dependencies: {{ic|pacman -Qent}}.<br />
* List all foreign packages (typically manually downloaded and installed): {{ic|pacman -Qm}}.<br />
* List all native packages (installed from the sync database(s)): {{ic|pacman -Qn}}.<br />
* List packages by regex: {{ic|pacman -Qs ''regex''}}.<br />
* List packages by regex with custom output format: {{ic|expac -s "%-30n %v" ''regex''}} (needs {{Pkg|expac}}).<br />
<br />
==== With size ====<br />
<br />
To get a list of installed packages sorted by size, which may be useful when freeing space on your hard drive:<br />
<br />
* Install {{Pkg|expac}} and run {{ic|<nowiki>expac -H M '%m\t%n' | sort -h</nowiki>}}.<br />
* Run {{Pkg|pacgraph}} with the {{ic|-c}} option.<br />
<br />
To list the download size of several packages (leave {{ic|''packages''}} blank to list all packages):<br />
<br />
$ expac -S -H M '%k\t%n' ''packages''<br />
<br />
To list explicitly installed packages not in {{Grp|base}} nor {{Grp|base-devel}} with size and description:<br />
<br />
$ expac -H M "%011m\t%-20n\t%10d" $(comm -23 <(pacman -Qqen | sort) <(pacman -Qqg base base-devel | sort)) | sort -n<br />
<br />
==== By date ====<br />
<br />
To list the 20 last installed packages with {{Pkg|expac}}, run:<br />
<br />
$ expac --timefmt='%Y-%m-%d %T' '%l\t%n' | sort | tail -n 20<br />
<br />
or, with seconds since the epoch (1970-01-01 UTC):<br />
<br />
$ expac --timefmt=%s '%l\t%n' | sort -n | tail -n 20<br />
<br />
==== Not in a specified group or repository ====<br />
<br />
{{Note|To get a list of packages installed as dependencies but no longer required by any installed package, see [[#Removing unused packages (orphans)]].}}<br />
<br />
List explicitely installed packages not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qeq | sort) <(pacman -Qgq base base-devel | sort)<br />
<br />
List all installed packages unrequired by other packages, and which are not in the {{Grp|base}} or {{Grp|base-devel}} groups:<br />
<br />
$ comm -23 <(pacman -Qqt | sort) <(pacman -Sqg base base-devel | sort)<br />
<br />
As above, but with descriptions:<br />
<br />
$ expac -HM '%-20n\t%10d' $(comm -23 <(pacman -Qqt | sort) <(pacman -Qqg base base-devel | sort))<br />
<br />
List all installed packages that are ''not'' in the specified repository ''repo_name''<br />
<br />
$ comm -23 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
List all installed packages that are in the ''repo_name'' repository:<br />
<br />
$ comm -12 <(pacman -Qtq | sort) <(pacman -Slq ''repo_name'' | sort)<br />
<br />
=== Listing files owned by a package with size ===<br />
<br />
This one might come in handy if you have found that a specific package uses a huge amount of space and you want to find out which files make up the most of that.<br />
<br />
$ pacman -Qlq ''package'' | grep -v '/$' | xargs du -h | sort -h<br />
<br />
=== Identify files not owned by any package ===<br />
<br />
If your system has stray files not owned by any package (a common case if you do not [[Enhance system stability#Use the package manager to install software|use the package manager to install software]]), you may want to find such files in order to clean them up. The general process for doing so is:<br />
<br />
# Create a sorted list of the files you want to check ownership of: {{bc|<nowiki>$ find /etc /opt /usr | sort > all_files.txt</nowiki>}}<br />
# Create a sorted list of the files tracked by pacman (and remove the trailing slashes from directories): {{bc|<nowiki>$ pacman -Qlq | sed 's|/$||' | sort > owned_files.txt</nowiki>}}<br />
# Find lines in the first list that are not in the second: {{bc|$ comm -23 all_files.txt owned_files.txt}}<br />
<br />
This process is tricky in practice because many important files are not part of any package (e.g. files generated at runtime, custom configs) and so will be included in the final output, making it difficult to pick out the files that can be safely deleted.<br />
<br />
{{Tip|The {{AUR|lostfiles}} script performs similar steps, but also includes an extensive blacklist to remove common false positives from the output. [https://github.com/CyberShadow/aconfmgr aconfmgr] ({{AUR|aconfmgr-git}}) also allows tracking orphaned files using a configuration script.}}<br />
<br />
=== Removing unused packages (orphans) ===<br />
<br />
For ''recursively'' removing orphans and their configuration files:<br />
<br />
# pacman -Rns $(pacman -Qtdq)<br />
<br />
If no orphans were found, pacman errors with {{ic|error: no targets specified}}. This is expected as no arguments were passed to {{ic|pacman -Rns}}.<br />
<br />
{{Note|The arguments {{ic|-Qt}} list only true orphans. To include packages which are ''optionally'' required by another package, pass the {{ic|-t}} flag twice (''i.e.'', {{ic|-Qtt}}).}}<br />
<br />
=== Removing everything but base group ===<br />
<br />
If it is ever necessary to remove all packages except the base group, try this one liner:<br />
<br />
# pacman -R $(comm -23 <(pacman -Qq | sort) <((for i in $(pacman -Qqg base); do pactree -ul "$i"; done) | sort -u))<br />
<br />
The one-liner was originally devised in [https://bbs.archlinux.org/viewtopic.php?id=130176 this discussion], and later improved in this article.<br />
<br />
=== Getting the dependencies list of several packages ===<br />
<br />
Dependencies are alphabetically sorted and doubles are removed.<br />
<br />
{{Note|To only show the tree of local installed packages, use {{ic|pacman -Qi}}.}}<br />
<br />
$ pacman -Si ''packages'' | awk -F'[:<=>]' '/^Depends/ {print $2}' | xargs -n1 | sort -u<br />
<br />
Alternatively, with {{Pkg|expac}}: <br />
<br />
$ expac -l '\n' %E -S ''packages'' | sort -u<br />
<br />
=== Listing changed backup files ===<br />
<br />
If you want to backup your system configuration files you could copy all files in {{ic|/etc/}}, but usually you are only interested in the files that you have changed. Modified [[Pacnew_and_Pacsave_files#Package_backup_files|backup files]] can be viewed with the following command:<br />
<br />
# pacman -Qii | awk '/^MODIFIED/ {print $2}'<br />
<br />
Running this command with root permissions will ensure that files readable only by root (such as {{ic|/etc/sudoers}}) are included in the output.<br />
<br />
{{Tip|See [[#Listing all changed files from packages]] to list all changed files pacman knows, not only backup files.}}<br />
<br />
=== Back-up the pacman database ===<br />
<br />
The following command can be used to back up the local pacman database:<br />
<br />
$ tar -cjf pacman_database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
The database can be restored by moving the {{ic|pacman_database.tar.bz2}} file into the {{ic|/}} directory and executing the following command:<br />
<br />
# tar -xjvf pacman_database.tar.bz2<br />
<br />
{{Note|If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult [[Pacman tips#Restore pacman's local database]].}}<br />
<br />
{{Tip|The {{AUR|pakbak-git}} package provides a script and a [[systemd]] service to automate the task. Configuration is possible in {{ic|/etc/pakbak.conf}}.}}<br />
<br />
=== Check changelogs easily ===<br />
<br />
When maintainers update packages, commits are often commented in a useful fashion. Users can quickly check these from the command line by installing {{AUR|pacolog}}. This utility lists recent commit messages for packages from the official repositories or the AUR, by using {{ic|pacolog <package>}}.<br />
<br />
== Installation and recovery ==<br />
<br />
Alternative ways of getting and restoring packages.<br />
<br />
=== Installing packages from a CD/DVD or USB stick ===<br />
<br />
{{Merge|#Custom local repository|Use as an example and avoid duplication}}<br />
<br />
To download packages, or groups of packages:<br />
<br />
# cd ~/Packages<br />
# pacman -Syw base base-devel grub-bios xorg gimp --cachedir .<br />
# repo-add ./custom.db.tar.gz ./*<br />
<br />
Then you can burn the "Packages" folder to a CD/DVD or transfer it to a USB stick, external HDD, etc.<br />
<br />
To install:<br />
<br />
'''1.''' Mount the media:<br />
<br />
# mkdir /mnt/repo<br />
# mount /dev/sr0 /mnt/repo #For a CD/DVD.<br />
# mount /dev/sdxY /mnt/repo #For a USB stick.<br />
<br />
'''2.''' Edit {{ic|pacman.conf}} and add this repository ''before'' the other ones (e.g. extra, core, etc.). This is important. Do not just uncomment the one on the bottom. This way it ensures that the files from the CD/DVD/USB take precedence over those in the standard repositories:<br />
<br />
{{hc|/etc/pacman.conf|2=<br />
[custom]<br />
SigLevel = PackageRequired<br />
Server = file:///mnt/repo/Packages}}<br />
<br />
'''3.''' Finally, synchronize the pacman database to be able to use the new repository:<br />
<br />
# pacman -Syu<br />
<br />
=== Custom local repository ===<br />
<br />
Use the ''repo-add'' script included with Pacman to generate a database for a personal repository. Use {{ic|repo-add --help}} for more details on its usage. Simply store all of the built packages to be included in the repository in one directory, and execute the following command (where ''repo'' is the name of the custom repository):<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/*.pkg.tar.xz<br />
<br />
{{Note|A package database is a tar file, optionally compressed. Valid extensions are “.db” or “.files” followed by an archive extension of “.tar”, “.tar.gz”, “.tar.bz2”, “.tar.xz”, or “.tar.Z”. The file does not need to exist, but all parent directories must exist.<br />
Furthermore when using {{ic|repo-add}} keep in mind that the database and the packages do not need to be in the same directory. But when using pacman with that database, they should be together.}}<br />
<br />
To add a new package to the database, or to replace the old version of an existing package in the database, run:<br />
<br />
$ repo-add /path/to/repo.db.tar.gz /path/to/packagetoadd-1.0-1-i686.pkg.tar.xz<br />
<br />
''repo-remove'' is used in the exact same manner as ''repo-add'', except that the packages listed on the command line are removed from the repository database.<br />
<br />
Once the local repository database has been created, add the repository to {{ic|pacman.conf}} for each system that is to use the repository. An example of a custom repository is in {{ic|pacman.conf}}. The repository's name is the database filename with the file extension omitted. In the case of the example above the repository's name would simply be ''repo''. Reference the repository's location using a {{ic|file://}} url, or via FTP using ftp://localhost/path/to/directory.<br />
<br />
If willing, add the custom repository to the [[Unofficial user repositories|list of unofficial user repositories]], so that the community can benefit from it.<br />
<br />
=== Network shared pacman cache ===<br />
<br />
If you happen to run several Arch boxes on your LAN, you can share packages so that you can greatly decrease your download times. Keep in mind you should not share between different architectures (i.e. i686 and x86_64) or you will run into problems.<br />
<br />
==== Read-only cache ====<br />
<br />
If you are looking for a quick and dirty solution, you can simply run a standalone webserver which other computers can use as a first mirror: {{ic|darkhttpd /var/cache/pacman/pkg}}. Just add this server at the top of your mirror list. Be aware that you might get a lot of 404 errors, due to cache misses, depending on what you do, but pacman will try the next (real) mirrors when that happens.<br />
<br />
==== Read-write cache ====<br />
<br />
{{Tip|See [[pacserve]] for an alternative solution than what follows.}}<br />
<br />
In order to share packages between multiple computers, simply share {{ic|/var/cache/pacman/}} using any network-based mount protocol. This section shows how to use shfs or sshfs to share a package cache plus the related library-directories between multiple computers on the same local network. Keep in mind that a network shared cache can be slow depending on the file-system choice, among other factors.<br />
<br />
First, install any network-supporting filesystem; for example [[sshfs]], [[shfs]], ftpfs, [[smbfs]] or [[nfs]].<br />
<br />
{{Tip|<br />
* Do not replace the directory {{ic|/var/cache/pacman/}} with a symlink.<br />
* To use sshfs or shfs, consider reading [[Using SSH Keys]].<br />
* By default, smbfs does not serve filenames that contain colons, which results in the client downloading the offending package afresh. To prevent this, use the {{ic|mapchars}} mount option on the client.<br />
}}<br />
<br />
Then, to share the actual packages, mount {{ic|/var/cache/pacman/pkg}} from the server to {{ic|/var/cache/pacman/pkg}} on every client machine.<br />
<br />
==== two-way with rsync ====<br />
<br />
Another approach in a local environment is [[rsync]]. Choose a server for caching and enable the [[Rsync#rsync_daemon]]. On clients synchronize two-way with this share via rsync protocol. Filenames that contain colons are no problem for the rsync protocol.<br />
<br />
Draft example for a client, uname -m in share name ensures architecture depended sync:<br />
# rsync rsync://server/share_$(uname -m)/ /var/cache/pacman/pkg/ ...<br />
# pacman ...<br />
# paccache ...<br />
# rsync /var/cache/pacman/pkg/ rsync://server/share_$(uname -m)/ ...<br />
<br />
==== Dynamic reverse proxy cache using nginx ====<br />
<br />
[[nginx]] can be used to proxy requests to official upstream mirrors and cache the results to local disk. All subsequent requests for that file will be served directly from the local cache, minimizing the amount of internet traffic needed to update a large number of servers with minimal effort. <br />
<br />
{{Warning| This method has a limitation. You must use mirrors that use the same relative path to package files and you must configure your cache to use that same path. In this example, we are using mirrors that use the relative path {{ic|/archlinux/$repo/os/$arch}} and our cache's {{ic|Server}} setting in {{ic|mirrorlist}} is configured similarly.}}<br />
<br />
In this example, we will run the cache server on {{ic|<nowiki>http://cache.domain.local:8080/</nowiki>}} and storing the packages in {{ic|/srv/http/pacman-cache/}}. <br />
<br />
Create the directory for the cache and adjust the permissions so nginx can write files to it:<br />
<br />
# mkdir /srv/http/pacman-cache<br />
# chown http:http /srv/http/pacman-cache<br />
<br />
Next, configure nginx as the [https://gist.github.com/anonymous/97ec4148f643de925e433bed3dc7ee7d dynamic cache] (read the comments for an explanation of the commands).<br />
<br />
Finally, update your other Arch Linux servers to use this new cache by adding the following line to the {{ic|mirrorlist}} file:<br />
<br />
{{hc|/etc/pacman.d/mirrorlist|<nowiki><br />
Server = http://cache.domain.local:8080/archlinux/$repo/os/$arch<br />
...<br />
</nowiki>}}<br />
<br />
{{Note| You will need to create a method to clear old packages, as this directory will continue to grow over time. {{ic|paccache}} (which is included with {{ic|pacman}}) can be used to automate this using retention criteria of your choosing. For example, {{ic|find /srv/http/pacman-cache/ -type d -exec paccache -v -r -k 2 -c {} \;}} will keep the last 2 versions of packages in your cache directory.}}<br />
<br />
==== Synchronize pacman package cache using synchronization programs ====<br />
<br />
Use [[Resilio Sync]] or [[Syncthing]] to synchronize the pacman cache folders (i.e. {{ic|/var/cache/pacman/pkg}}).<br />
<br />
==== Preventing unwanted cache purges ====<br />
<br />
By default, {{Ic|pacman -Sc}} removes package tarballs from the cache that correspond to packages that are not installed on the machine the command was issued on. Because pacman cannot predict what packages are installed on all machines that share the cache, it will end up deleting files that should not be.<br />
<br />
To clean up the cache so that only ''outdated'' tarballs are deleted, add this entry in the {{ic|[options]}} section of {{ic|/etc/pacman.conf}}:<br />
<br />
CleanMethod = KeepCurrent<br />
<br />
=== Recreate a package from the file system ===<br />
<br />
To recreate a package from the file system, use ''bacman'' (included with pacman). Files from the system are taken as they are, hence any modifications will be present in the assembled package. Distributing the recreated package is therefore discouraged; see [[ABS]] and [[Arch Rollback Machine]] for alternatives.<br />
<br />
{{Tip|''bacman'' honours the {{ic|PACKAGER}}, {{ic|PKGDEST}} and {{ic|PKGEXT}} options from {{ic|makepkg.conf}}. Custom options for the compression tools can be configured by exporting the relevant environment variable, for example {{ic|1=XZ_OPT="-T 0"}} will enable parallel compression for ''xz''.}}<br />
<br />
An alternative tool would be {{AUR|fakepkg}}. It supports parallelization and can handle multiple input packages in one command, which ''bacman'' both does not support.<br />
<br />
=== List of installed packages ===<br />
<br />
{{Tip|1=<nowiki></nowiki><br />
* These tasks can be automated. See {{AUR|bacpac}}, {{AUR|pacmanity}}, {{AUR|plist-gist}}, and {{AUR|pug}} for examples.<br />
* To skip already installed packages, use {{ic|--needed}}.<br />
}}<br />
<br />
Keeping a list of explicitly installed packages can be useful to speed up installation on a new system:<br />
<br />
$ pacman -Qqe > pkglist.txt<br />
<br />
{{Note|If you used {{ic|-Qqet}}, when reinstalling the list all the non-top-level packages would be set as dependencies.}}<br />
<br />
To install packages from the list backup, run:<br />
<br />
# pacman -S - < pkglist.txt<br />
<br />
{{Tip|Use {{ic|<nowiki>comm -13 <(pacman -Qqdt | sort) <(pacman -Qqdtt | sort) > optdeplist.txt</nowiki>}} to also create a list of the installed optional dependencies which can be reinstalled with {{ic|--asdeps}}.}}<br />
<br />
In case the list includes foreign packages, such as [[AUR]] packages, remove them first:<br />
<br />
# pacman -S $(comm -12 <(pacman -Slq | sort) <(sort pkglist.txt))<br />
<br />
To remove all the packages on your system that are not mentioned in the list:<br />
<br />
# pacman -Rsu $(comm -23 <(pacman -Qq | sort) <(sort pkglist.txt))<br />
<br />
=== Listing all changed files from packages ===<br />
<br />
If you are suspecting file corruption (e.g. by software/hardware failure), but are unsure if files were got corrupted, you might want to compare with the hash sums in the packages. This can be done with {{Pkg|pacutils}}:<br />
<br />
# paccheck --md5sum --quiet<br />
<br />
For recovery of the database see [[#Restore pacman's local database]]. The {{ic|mtree}} files can also be [[#Viewing a single file inside a .pkg file|extracted as {{ic|.MTREE}} from the respective package files]].<br />
<br />
{{Note|This should '''not''' be used as is when suspecting malicious changes! In this case security precautions such as using a live medium and an independent source for the hash sums are advised.}}<br />
<br />
=== Reinstalling all packages ===<br />
To reinstall all native packages, use:<br />
<br />
# pacman -Qnq | pacman -S -<br />
<br />
Foreign (AUR) packages must be reinstalled separately; you can list them with {{ic|pacman -Qmq}}.<br />
<br />
Pacman preserves the [[installation reason]] by default.<br />
<br />
=== Restore pacman's local database ===<br />
<br />
See [[Pacman/Restore_local_database]].<br />
<br />
=== Recovering a USB key from existing install ===<br />
<br />
If you have Arch installed on a USB key and manage to mess it up (e.g. removing it while it is still being written to), then it is possible to re-install all the packages and hopefully get it back up and working again (assuming USB key is mounted in /newarch)<br />
<br />
# pacman -S $(pacman -Qq --dbpath /newarch/var/lib/pacman) --root /newarch --dbpath /newarch/var/lib/pacman<br />
<br />
=== Viewing a single file inside a .pkg file ===<br />
<br />
For example, if you want to see the contents of {{ic|/etc/systemd/logind.conf}} supplied within the {{Pkg|systemd}} package:<br />
<br />
$ tar -xOf /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz etc/systemd/logind.conf<br />
<br />
Or you can use {{pkg|vim}} to browse the archive:<br />
<br />
$ vim /var/cache/pacman/pkg/systemd-204-3-x86_64.pkg.tar.xz<br />
<br />
=== Find applications that use libraries from older packages ===<br />
<br />
Even if you installed a package the existing long-running programs (like daemons and servers) still keep using code from old package libraries. And it is a bad idea to let these programs running if the old library contains a security bug.<br />
<br />
Here is a way how to find all the programs that use old packages code:<br />
<br />
# lsof +c 0 | grep -w DEL | awk '1 { print $1 ": " $NF }' | sort -u<br />
It will print running program name and old library that was removed or replaced with newer content.<br />
<br />
== Performance ==<br />
<br />
=== Database access speeds ===<br />
<br />
Pacman stores all package information in a collection of small files, one for each package. Improving database access speeds reduces the time taken in database-related tasks, e.g. searching packages and resolving package dependencies. The safest and easiest method is to run as root:<br />
<br />
# pacman-optimize<br />
<br />
This will attempt to put all the small files together in one (physical) location on the hard disk so that the hard disk head does not have to move so much when accessing all the data. This method is safe, but is not foolproof: it depends on your filesystem, disk usage and empty space fragmentation. Another, more aggressive, option would be to first remove uninstalled packages from cache and to remove unused repositories before database optimization:<br />
<br />
# pacman -Sc && pacman-optimize<br />
<br />
=== Download speeds ===<br />
<br />
{{Note|If your download speeds have been reduced to a crawl, ensure you are using one of the many [[mirrors]] and not ftp.archlinux.org, which is [https://www.archlinux.org/news/302/ throttled since March 2007].}}<br />
<br />
When downloading packages pacman uses the mirrors in the order they are in {{ic|/etc/pacman.d/mirrorlist}}. The mirror which is at the top of the list by default however may not be the fastest for you. To select a faster mirror, see [[Mirrors]].<br />
<br />
Pacman's speed in downloading packages can also be improved by using a different application to download packages, instead of Pacman's built-in file downloader.<br />
<br />
In all cases, make sure you have the latest Pacman before doing any modifications.<br />
<br />
# pacman -Syu<br />
<br />
==== Powerpill ====<br />
<br />
[[Powerpill]] is a Pacman wrapper that uses parallel and segmented downloading to try to speed up downloads for Pacman.<br />
<br />
==== wget ====<br />
<br />
This is also very handy if you need more powerful proxy settings than pacman's built-in capabilities. <br />
<br />
To use {{ic|wget}}, first [[install]] the {{Pkg|wget}} package then modify {{ic|/etc/pacman.conf}} by uncommenting the following line in the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/wget -c -q --show-progress --passive-ftp -O %o %u<br />
<br />
Instead of uncommenting the {{ic|wget}} parameters in {{ic|/etc/pacman.conf}}, you can also modify the {{ic|wget}} configuration file directly (the system-wide file is {{ic|/etc/wgetrc}}, per user files are {{ic|$HOME/.wgetrc}}.<br />
<br />
==== aria2 ====<br />
<br />
[[aria2]] is a lightweight download utility with support for resumable and segmented HTTP/HTTPS and FTP downloads. aria2 allows for multiple and simultaneous HTTP/HTTPS and FTP connections to an Arch mirror, which should result in an increase in download speeds for both file and package retrieval.<br />
<br />
{{Note|Using aria2c in Pacman's XferCommand will '''not''' result in parallel downloads of multiple packages. Pacman invokes the XferCommand with a single package at a time and waits for it to complete before invoking the next. To download multiple packages in parallel, see [[Powerpill]].}}<br />
<br />
Install {{Pkg|aria2}}, then edit {{ic|/etc/pacman.conf}} by adding the following line to the {{ic|[options]}} section:<br />
<br />
XferCommand = /usr/bin/aria2c --allow-overwrite=true --continue=true --file-allocation=none --log-level=error --max-tries=2 --max-connection-per-server=2 --max-file-not-found=5 --min-split-size=5M --no-conf --remote-time=true --summary-interval=60 --timeout=5 --dir=/ --out %o %u<br />
<br />
{{Tip|1=[https://bbs.archlinux.org/viewtopic.php?pid=1491879#p1491879 This alternative configuration for using pacman with aria2] tries to simplify configuration and adds more configuration options.}}<br />
<br />
See [http://aria2.sourceforge.net/manual/en/html/aria2c.html#options OPTIONS] in {{ic|man aria2c}} for used aria2c options.<br />
<br />
* {{ic|-d, --dir}} :The directory to store the downloaded file(s) as specified by [[pacman]].<br />
* {{ic|-o, --out}}: The output file name(s) of the downloaded file(s). <br />
* {{ic|%o}}: Variable which represents the local filename(s) as specified by pacman.<br />
*{{ic|%u}}: Variable which represents the download URL as specified by pacman.<br />
<br />
==== Other applications ====<br />
<br />
There are other downloading applications that you can use with Pacman. Here they are, and their associated XferCommand settings:<br />
<br />
* {{ic|snarf}}: {{ic|1=XferCommand = /usr/bin/snarf -N %u}}<br />
* {{ic|lftp}}: {{ic|1=XferCommand = /usr/bin/lftp -c pget %u}}<br />
* {{ic|axel}}: {{ic|1=XferCommand = /usr/bin/axel -n 2 -v -a -o %o %u}}<br />
* {{ic|hget}}: {{ic|1=XferCommand = /usr/bin/hget %u -n 2 -skip-tls false}} (please read the [https://github.com/huydx/hget documentation on the Github project page] for more info)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=466268Fortune2017-01-23T05:56:52Z<p>JimRees: /* Default cow with fortune */ this is the output I get when I run these commands</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
<br />
[[wikipedia:Fortune (Unix)|fortune]] is a simple program that displays random poignant, inspirational, silly or snide phrase from a database of quotations. The ''fortune'' command-line utility is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Installation==<br />
[[Install]] {{Pkg|fortune-mod}} or {{AUR|fortune-mod-git}}. <br />
<br />
{{Tip|Meta packages which provide quotes from specific sources are available in the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes. You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}.}}<br />
<br />
== Usage ==<br />
* Command-line in a terminal:<br />
$ fortune<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
<br />
* To display a random quote when launching an interactive terminal, add the ''fortune'' command to the rc configuration file of your preferred shell:<br />
#!/bin/bash<br />
# ~/.bashrc<br />
fortune<br />
<br />
#!/bin/dash<br />
# ~/.dashrc<br />
fortune<br />
<br />
* To display a random quote when logging into a login terminal, add the ''fortune'' command to the profile configuration file of your preferred shell: <br />
#!/bin/mksh<br />
# ~/.profile<br />
fortune<br />
<br />
{{Note|''fortune'' displays quotes and phrases deemed by its maintainer to be [https://github.com/shlomif/fortune-mod/blob/master/fortune-mod/Offensive non-offensive]. Aphorisms can be enabled as a mix of offensive/non-offensive or as potentially offensive output only. See {{ic|man fortune}} for more information.}}<br />
<br />
=== Cowsay ===<br />
==== Default cow with fortune ====<br />
* Combined with the program {{Pkg|cowsay}}:<br />
<br />
$ cowthink $(fortune)<br />
________________________________________ <br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
<br />
* Display a potentially offensive fortune:<br />
$ cowsay $(fortune -o)<br />
_________________________________ <br />
< Chastity is its own punishment. ><br />
--------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
==== Random cow with fortune ====<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)<br />
___________________________________________<br />
( (computers) % A language that doesn't )<br />
( affect the way you think about )<br />
( programming is not worth knowing. )<br />
------------------------------------------------------<br />
o (__)<br />
o /oo|<br />
o (_"_)*+++++++++*<br />
//I#\ \ \ \ \ \ \ \ I \<br />
I[I|I | | | | | I I `<br />
I`I ' / / / ' ' I I<br />
I I I I<br />
~ ~ ~ ~<br />
Scowleton<br />
<br />
==== Random custom cow with fortune ====<br />
<br />
Complex commands can be chained to produce detailed ASCII art sych as this [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ Futurama example].<br />
* Display a random cow with a random facial expression and wrap long lines of fortune text:<br />
{{Note|The randomly selected cow is actually a toad chosen from a database with custom ASCII art}}<br />
$ fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n<br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
-------------------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
===Ponysay===<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony. To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
<br />
== See also ==<br />
* [https://github.com/shlomif/fortune-mod fortune-mod GitHub project page]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=465588Fortune2017-01-17T03:39:29Z<p>JimRees: /* Configuration */ move Note after setup</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
{{Expansion|Mention other shells such as [[Zsh]]}}<br />
[[Wikipedia:Fortune (Unix)|Fortune]] is a simple program that displays a random poignant, inspirational, silly or snide phrase from a database of quotations. It is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Example ==<br />
<br />
{{hc|$ fortune|<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
}}<br />
<br />
== Configuration ==<br />
<br />
To have a random phrase displayed when logging into a terminal, use:<br />
<br />
{{hc|~/.bashrc|<br />
fortune<br />
}}<br />
<br />
{{Note|<br />
By default, {{ic|fortune}} displays quotes and phrases that are rather innocuous. However, the package does contain a set of comments some people will find offensive, located in {{ic|/usr/share/fortune/off/}}. See the [http://manpages.ubuntu.com/manpages/quantal/en/man6/fortune.6.html man page] ({{ic|man fortune}}) for more info on these.<br />
}}<br />
<br />
{{Tip|<br />
You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}. You can find fortune files made this way on the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes.<br />
}}<br />
<br />
These two features can be combined, using the program {{Pkg|cowsay}}:<br />
<br />
{{hc|command cowsay $(fortune)|<nowiki><br />
The earth is like a tiny grain of sand, <br />
only much, much heavier. <br />
----------------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{hc|command cowthink $(fortune)|<nowiki><br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
This can produce some nice eye candy, and the commands used can be more complex. For a specialized example, take a look [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ here.] Another example, to use a random cow, random facial expression, and nicely wrap the text of long fortunes:<br />
<br />
{{hc|<nowiki>command fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n</nowiki>|<nowiki><br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
---------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{Note|<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony.<br />
To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
}}<br />
<br />
== Random Cow with fortune ==<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=465587Fortune2017-01-17T03:39:03Z<p>JimRees: /* Configuration */ I don't use bash but I'm pretty sure this is wrong</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
{{Expansion|Mention other shells such as [[Zsh]]}}<br />
[[Wikipedia:Fortune (Unix)|Fortune]] is a simple program that displays a random poignant, inspirational, silly or snide phrase from a database of quotations. It is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Example ==<br />
<br />
{{hc|$ fortune|<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
}}<br />
<br />
== Configuration ==<br />
<br />
{{Note|<br />
By default, {{ic|fortune}} displays quotes and phrases that are rather innocuous. However, the package does contain a set of comments some people will find offensive, located in {{ic|/usr/share/fortune/off/}}. See the [http://manpages.ubuntu.com/manpages/quantal/en/man6/fortune.6.html man page] ({{ic|man fortune}}) for more info on these.<br />
}}<br />
<br />
To have a random phrase displayed when logging into a terminal, use:<br />
<br />
{{hc|~/.bashrc|<br />
fortune<br />
}}<br />
<br />
{{Tip|<br />
You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}. You can find fortune files made this way on the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes.<br />
}}<br />
<br />
These two features can be combined, using the program {{Pkg|cowsay}}:<br />
<br />
{{hc|command cowsay $(fortune)|<nowiki><br />
The earth is like a tiny grain of sand, <br />
only much, much heavier. <br />
----------------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{hc|command cowthink $(fortune)|<nowiki><br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
This can produce some nice eye candy, and the commands used can be more complex. For a specialized example, take a look [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ here.] Another example, to use a random cow, random facial expression, and nicely wrap the text of long fortunes:<br />
<br />
{{hc|<nowiki>command fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n</nowiki>|<nowiki><br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
---------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{Note|<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony.<br />
To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
}}<br />
<br />
== Random Cow with fortune ==<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=465586Fortune2017-01-17T03:38:08Z<p>JimRees: this is an example, not configuration</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
{{Expansion|Mention other shells such as [[Zsh]]}}<br />
[[Wikipedia:Fortune (Unix)|Fortune]] is a simple program that displays a random poignant, inspirational, silly or snide phrase from a database of quotations. It is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Example ==<br />
<br />
{{hc|$ fortune|<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
}}<br />
<br />
== Configuration ==<br />
<br />
{{Note|<br />
By default, {{ic|fortune}} displays quotes and phrases that are rather innocuous. However, the package does contain a set of comments some people will find offensive, located in {{ic|/usr/share/fortune/off/}}. See the [http://manpages.ubuntu.com/manpages/quantal/en/man6/fortune.6.html man page] ({{ic|man fortune}}) for more info on these.<br />
}}<br />
<br />
To have a random phrase displayed when logging into a terminal, use:<br />
<br />
{{hc|~/.bashrc|<br />
command fortune<br />
}}<br />
<br />
{{Tip|<br />
You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}. You can find fortune files made this way on the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes.<br />
}}<br />
<br />
These two features can be combined, using the program {{Pkg|cowsay}}:<br />
<br />
{{hc|command cowsay $(fortune)|<nowiki><br />
The earth is like a tiny grain of sand, <br />
only much, much heavier. <br />
----------------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{hc|command cowthink $(fortune)|<nowiki><br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
This can produce some nice eye candy, and the commands used can be more complex. For a specialized example, take a look [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ here.] Another example, to use a random cow, random facial expression, and nicely wrap the text of long fortunes:<br />
<br />
{{hc|<nowiki>command fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n</nowiki>|<nowiki><br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
---------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{Note|<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony.<br />
To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
}}<br />
<br />
== Random Cow with fortune ==<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=465585Fortune2017-01-17T03:37:24Z<p>JimRees: /* Configuration */ this has nothing to do with the fortune command</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
{{Expansion|Mention other shells such as [[Zsh]]}}<br />
[[Wikipedia:Fortune (Unix)|Fortune]] is a simple program that displays a random poignant, inspirational, silly or snide phrase from a database of quotations. It is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Configuration ==<br />
<br />
{{hc|$ fortune|<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
}}<br />
<br />
{{Note|<br />
By default, {{ic|fortune}} displays quotes and phrases that are rather innocuous. However, the package does contain a set of comments some people will find offensive, located in {{ic|/usr/share/fortune/off/}}. See the [http://manpages.ubuntu.com/manpages/quantal/en/man6/fortune.6.html man page] ({{ic|man fortune}}) for more info on these.<br />
}}<br />
<br />
To have a random phrase displayed when logging into a terminal, use:<br />
<br />
{{hc|~/.bashrc|<br />
command fortune<br />
}}<br />
<br />
{{Tip|<br />
You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}. You can find fortune files made this way on the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes.<br />
}}<br />
<br />
These two features can be combined, using the program {{Pkg|cowsay}}:<br />
<br />
{{hc|command cowsay $(fortune)|<nowiki><br />
The earth is like a tiny grain of sand, <br />
only much, much heavier. <br />
----------------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{hc|command cowthink $(fortune)|<nowiki><br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
This can produce some nice eye candy, and the commands used can be more complex. For a specialized example, take a look [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ here.] Another example, to use a random cow, random facial expression, and nicely wrap the text of long fortunes:<br />
<br />
{{hc|<nowiki>command fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n</nowiki>|<nowiki><br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
---------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{Note|<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony.<br />
To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
}}<br />
<br />
== Random Cow with fortune ==<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Fortune&diff=465584Fortune2017-01-17T03:35:59Z<p>JimRees: technically the phrases are in the package, but better to note what the command does; the messages aren't random, they are selected randomly</p>
<hr />
<div>[[Category:Eye candy]]<br />
[[Category:Command shells]]<br />
[[ja:Fortune]]<br />
{{Expansion|Mention other shells such as [[Zsh]]}}<br />
[[Wikipedia:Fortune (Unix)|Fortune]] is a simple program that displays a random poignant, inspirational, silly or snide phrase from a database of quotations. It is part of the {{Pkg|fortune-mod}} package.<br />
<br />
== Configuration ==<br />
<br />
Along with colors, system info and ASCII symbols, [[Bash]] can be made to display a piece of ASCII art on login. ASCII images can be found online and pasted into a text file, or generated from scratch. To set the image to display in a terminal on login, use:<br />
<br />
{{hc|~/.bashrc|<br />
cat ''/path/to/text/file''<br />
}}<br />
<br />
{{hc|$ fortune|<br />
It is Texas law that when two trains meet each other at a railroad crossing,<br />
each shall come to a full stop, and neither shall proceed until the other has gone.<br />
}}<br />
<br />
{{Note|<br />
By default, {{ic|fortune}} displays quotes and phrases that are rather innocuous. However, the package does contain a set of comments some people will find offensive, located in {{ic|/usr/share/fortune/off/}}. See the [http://manpages.ubuntu.com/manpages/quantal/en/man6/fortune.6.html man page] ({{ic|man fortune}}) for more info on these.<br />
}}<br />
<br />
To have a random phrase displayed when logging into a terminal, use:<br />
<br />
{{hc|~/.bashrc|<br />
command fortune<br />
}}<br />
<br />
{{Tip|<br />
You can use {{AUR|wikiquote-fortune}} to generate fortune files from [http://en.wikiquote.org wikiquote] pages, using the syntax {{ic|wikiquote-fortune X}}, where X is the page's name. To use these files, run {{ic|$ fortune /path/to/quote}}. You can find fortune files made this way on the [[AUR]]. For example, {{AUR|fortune-mod-archlinux}} contains Arch related quotes.<br />
}}<br />
<br />
These two features can be combined, using the program {{Pkg|cowsay}}:<br />
<br />
{{hc|command cowsay $(fortune)|<nowiki><br />
The earth is like a tiny grain of sand, <br />
only much, much heavier. <br />
----------------------------------------- <br />
\ ^__^<br />
\ (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{hc|command cowthink $(fortune)|<nowiki><br />
( The best cure for insomnia is to get a )<br />
( lot of sleep. -W.C. Fields )<br />
---------------------------------------- <br />
o ^__^<br />
o (oo)\_______<br />
(__)\ )\/\<br />
||----w |<br />
|| ||<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
The ASCII images are generated by {{ic|.cow}} text files located in {{ic|/usr/share/cows}}, and all themes can be listed with the {{ic|cowsay -l}}. These files can be edited to the user's liking; custom images can also be created from scratch or found on the net. The easiest way create a custom cow file is to use an existing one as a template. To test the custom file:<br />
<br />
$ cowsay -f ''/path/to/file'' $(fortune)<br />
<br />
This can produce some nice eye candy, and the commands used can be more complex. For a specialized example, take a look [http://bambambambam.wordpress.com/2009/07/04/futurama-ascii-with-slashdot-header-quotes-in-your-terminal/ here.] Another example, to use a random cow, random facial expression, and nicely wrap the text of long fortunes:<br />
<br />
{{hc|<nowiki>command fortune -a | fmt -80 -s | $(shuf -n 1 -e cowsay cowthink) -$(shuf -n 1 -e b d g p s t w y) -f $(shuf -n 1 -e $(cowsay -l | tail -n +2)) -n</nowiki>|<nowiki><br />
________________________________________ <br />
( Fry: I must be a robot. Why else would )<br />
( human women refuse to date me? )<br />
---------------------------------------- <br />
o<br />
o<br />
o <br />
,'``.._ ,'``.<br />
:,--._:)\,:,._,.:<br />
:`--,''@@@:`...';\ <br />
`,'@@@@@@@`---'@@`. <br />
/@@@@@@@@@@@@@@@@@:<br />
/@@@@@@@@@@@@@@@@@@@\<br />
,'@@@@@@@@@@@@@@@@@@@@@:\.___,-.<br />
`...,---'``````-..._@@@@|:@@@@@@@\<br />
( )@@@;:@@@@)@@@\ _,-.<br />
`. (@@@//@@@@@@@@@@`'@@@@\<br />
: `.//@@)@@@@@@)@@@@@,@;<br />
|`. _,'/@@@@@@@)@@@@)@,'@,'<br />
:`.`-..____..=:.-':@@@@@.@@@@@_,@@,'<br />
,'\ ``--....-)=' `._,@@\ )@@@'``._<br />
/@_@`. (@) /@@@@@) ; / \ \`-.'<br />
(@@@`-:`. `' ___..'@@_,-' |/ `.)<br />
`-. `.`.``-----``--,@@.'<br />
|/`.\`' ,',');<br />
` (/ (/<br />
</nowiki>'''<span style<nowiki>=</nowiki>"color: red;">(</span><span style<nowiki>=</nowiki>"color: green;">user@host</span><span style<nowiki>=</nowiki>"color: red;">)-(</span><span style<nowiki>=</nowiki>"color: green;">10:10 AM Wed Dec 22</span>'''<span style<nowiki>=</nowiki>"color: red;">''')'''<br />
--(</span><span style<nowiki>=</nowiki>"color: green;">~</span>)<span style<nowiki>=</nowiki>"color: red;">)---></span><br />
}}<br />
<br />
{{Note|<br />
For full 256-colored cowsay-like art use {{Pkg|ponysay}} (version 3.0 has 422 ponies). The syntax is the same, meaning {{ic|$ ponysay ''message''}} to say something and {{ic|ponysay -l}} for a complete list of ponies. To select a pony to display, run {{ic|$ ponysay --pony x "message"}}, where x is a pony.<br />
To create more ponies use {{AUR|util-say-git}} and store them in {{ic|~/.local/share/ponysay/ponies}} and {{ic|~/.local/share/ponysay/ttyponies/}} for desktop and TTY, respectively.<br />
}}<br />
<br />
== Random Cow with fortune ==<br />
<br />
$ fortune -c | cowthink -f $(find /usr/share/cows -type f | shuf -n 1)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dynamic_Kernel_Module_Support&diff=434729Talk:Dynamic Kernel Module Support2016-05-12T11:43:53Z<p>JimRees: /* systemd service not found */</p>
<hr />
<div>== systemd service not found ==<br />
<br />
The {{ic|dkms}} systemd service is no longer contained in the {{Pkg|dkms}} package, it seems:<br />
<br />
<nowiki>$ pacman --query dkms<br />
dkms 2.2.0.3+git151023-5<br />
$ sudo systemctl start dkms.service<br />
Failed to start dkms.service: Unit dkms.service not found. </nowiki><br />
<br />
Is the service obsolete now with the alpm hooks provided since pacman 5?<br />
<br />
[[User:Cdo|Cdo]] ([[User talk:Cdo|talk]]) 21:30, 28 February 2016 (UTC)<br />
<br />
<br />
:Hi. It's seems like you are right. On a fresh Arch Linux install, I checked the files that have "dkms" in their filename and only found that:<br />
:{{bc|<nowiki><br />
[root@localhost user]# find / -name "*dkms*"<br />
/var/cache/pacman/pkg/dkms-2.2.0.3+git151023-5-any.pkg.tar.xz<br />
/var/lib/dkms<br />
/var/lib/dkms/dkms_dbversion<br />
/var/lib/pacman/local/dkms-2.2.0.3+git151023-5<br />
/usr/bin/dkms<br />
/usr/lib/dkms<br />
/usr/lib/dkms/dkms_autoinstaller<br />
/usr/share/libalpm/hooks/70-dkms-install.hook<br />
/usr/share/libalpm/hooks/70-dkms-remove.hook<br />
/usr/share/man/man8/dkms.8.gz<br />
/usr/share/bash-completion/completions/dkms<br />
/etc/dkms</nowiki>}}<br />
<br />
:Same for <br />
:{{bc|<nowiki><br />
[root@localhost user]# pacman -Ql dkms<br />
dkms /etc/<br />
dkms /etc/dkms/<br />
dkms /etc/dkms/framework.conf<br />
dkms /usr/<br />
dkms /usr/bin/<br />
dkms /usr/bin/dkms<br />
dkms /usr/lib/<br />
dkms /usr/lib/dkms/<br />
dkms /usr/lib/dkms/alpm-hook<br />
dkms /usr/lib/dkms/common.postinst<br />
dkms /usr/lib/dkms/dkms_autoinstaller<br />
dkms /usr/share/<br />
dkms /usr/share/bash-completion/<br />
dkms /usr/share/bash-completion/completions/<br />
dkms /usr/share/bash-completion/completions/dkms<br />
dkms /usr/share/libalpm/<br />
dkms /usr/share/libalpm/hooks/<br />
dkms /usr/share/libalpm/hooks/70-dkms-install.hook<br />
dkms /usr/share/libalpm/hooks/70-dkms-remove.hook<br />
dkms /usr/share/man/<br />
dkms /usr/share/man/man8/<br />
dkms /usr/share/man/man8/dkms.8.gz<br />
dkms /var/<br />
dkms /var/lib/<br />
dkms /var/lib/dkms/<br />
dkms /var/lib/dkms/dkms_dbversion</nowiki>}}<br />
<br />
:Since you are looking more familiar with these changes, how could we update this wiki article? -- [[User:wget|wget]] ([[User talk:wget|talk]]) 23:21, 28 February 2016 (UTC)<br />
::What is this mysterious alpm? I can't find anything on the wiki about it. I'm trying to figure out how to disable automatic dkms rebuilds. I think the key is 70-dkms-install.hook? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 02:05, 7 March 2016 (UTC)<br />
::: See [[Pacman#Hooks]], but I do not know how to disable a hook though. --[[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 06:06, 12 May 2016 (UTC)<br />
::::I played around with pacman hooks quite a bit and couldn't figure it out. I ended up replacing /usr/lib/dkms/alpm-hook with /usr/bin/true, but there must be a better way, and it should be documented here. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 11:43, 12 May 2016 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Dynamic_Kernel_Module_Support&diff=424470Dynamic Kernel Module Support2016-03-07T02:06:24Z<p>JimRees: /* Installation */ no such service; see discussion</p>
<hr />
<div>[[Category:Kernel]]<br />
[[ja:Dynamic Kernel Module Support]]<br />
[[ru:Dynamic Kernel Module Support]]<br />
[[zh-cn:Dynamic Kernel Module Support]]<br />
From [[wikipedia:Dynamic_Kernel_Module_Support|Wikipedia]]:<br />
<br />
: '''Dynamic Kernel Module Support''' ('''DKMS''') is a program/framework that enables generating Linux kernel modules whose sources generally reside outside the kernel source tree. The concept is to have DKMS modules automatically rebuilt when a new kernel is installed.<br />
<br />
== Effects ==<br />
<br />
The ''positive effect'' of using DKMS is that modules are often able to be rebuilt when the kernel is upgrading. This means that a user does not have to wait for a company, project, or package maintainer to release a new version of the module.<br />
<br />
The ''negative effect'' of using DKMS is that DKMS breaks the Pacman database. The problem is that the resulting modules do not belong to the package anymore, so Pacman cannot track them. Theoretically though, support could be added through hooks (see: {{Bug|2985}}).<br />
<br />
== Installation ==<br />
<br />
[[Install]] the {{Pkg|dkms}} package.<br />
<br />
A good number of modules that lie outside the kernel source tree have a DKMS variant; a few are hosted in the [https://www.archlinux.org/packages/?&q=dkms official repositories], most are found in the [https://aur.archlinux.org/packages/?SeB=n&K=dkms AUR]. Listed below are a few of the software packages that have a DKMS variant with additional links to dedicated sections where available:<br />
<br />
* [[AMD Catalyst]]: {{AUR|catalyst-dkms}}{{Broken package link|{{aur-mirror|catalyst-dkms}}}}<br />
* [[NVIDIA]]:<br />
** {{Pkg|nvidia-dkms}}<br />
** {{Pkg|nvidia-304xx-dkms}}<br />
** {{AUR|nvidia-173xx-dkms}}<br />
** {{AUR|nvidia-96xx-dkms}}<br />
* [[VirtualBox]], section [[VirtualBox#Hosts running a custom kernel]]<br />
* [[VMware]], section [[VMware#Using DKMS to manage the modules]]<br />
<br />
== Upgrades ==<br />
<br />
Though modules are able to be rebuilt usually through a good number of kernel upgrades, at times the package will need to get upgraded. To deal with changes in the kernel, fix bugs, or add necessary features consider upgrading the DKMS package before rebooting.<br />
<br />
== Usage ==<br />
<br />
Usage for invoking DKMS manually.<br />
<br />
Tab-completion is available by doing:<br />
<br />
# source /usr/share/bash-completion/completions/dkms<br />
<br />
=== List modules ===<br />
<br />
To list the current status of modules, versions and kernels within the tree:<br />
<br />
$ dkms status<br />
<br />
=== Rebuild modules ===<br />
<br />
Rebuild all modules for the currently running kernel:<br />
<br />
# dkms autoinstall<br />
<br />
or for a specific kernel:<br />
<br />
# dkms autoinstall -k 3.16.4-1-ARCH<br />
<br />
To build a ''specific'' module for the currently running kernel:<br />
<br />
# dkms install -m nvidia -v 334.21<br />
<br />
or simply:<br />
<br />
# dkms install nvidia/334.21<br />
<br />
To build a module for ''all'' kernels:<br />
<br />
# dkms install nvidia/334.21 --all<br />
<br />
=== Remove modules ===<br />
<br />
To remove a module (old ones are not automatically removed):<br />
<br />
# dkms remove -m nvidia -v 331.49 --all<br />
<br />
or simply:<br />
<br />
# dkms remove nvidia/331.49 --all<br />
<br />
If the package {{Pkg|dkms}} is removed the information regarding previous module build files is lost. If this is the case, go through {{ic|/usr/lib/modules/KERNELVERSION-ARCH}} and delete or files and directories no longer in use.<br />
<br />
== DKMS package creation ==<br />
<br />
Here are some guidelines to follow when creating a DKMS package.<br />
<br />
=== Package name ===<br />
<br />
DKMS packages are named by appending "''-dkms''" to the original package name.<br />
<br />
The variable {{ic|$_pkgname}} is often used below {{ic|$pkgname}} to describe the package name minus the "''-dkms''" suffix (e.g. {{ic|<nowiki>_pkgname=${pkgname%-*}</nowiki>}}). This is useful to help keep similarities between the original package PKGBUILD and the DKMS variant.<br />
<br />
=== Dependencies ===<br />
<br />
Dependencies should be inherited from the original version with {{Pkg|dkms}} added and {{Pkg|linux-headers}} removed (as it is listed by the dkms pacakge as ''optional'').<br />
<br />
=== Build source location ===<br />
<br />
Build sources should go into (this is the default build directory for DKMS):<br />
<br />
/usr/src/''PACKAGE_NAME''-''PACKAGE_VERSION''<br />
<br />
In the package directory, a DKMS configuration tells DKMS how to build the module ({{ic|dkms.conf}}), including the variables {{ic|PACKAGE_NAME}} and {{ic|PACKAGE_VERSION}}.<br />
<br />
* {{ic|PACKAGE_NAME}} - the actual project name (usually {{ic|$_pkgname}} or {{ic|$_pkgbase}}). <br />
* {{ic|PACKAGE_VERSION}} - by convention this should also be the {{ic|$pkgver}}.<br />
<br />
=== Patching ===<br />
<br />
The sources can be patched either directly in the PKGBUILD or through {{ic|dkms.conf}}.<br />
<br />
=== Module loading automatically in .install ===<br />
<br />
Loading and unloading modules should be left to the user. Consider the possibility a module may crash when loaded.<br />
<br />
=== namcap output ===<br />
<br />
[[namcap]] (which attempts to check for common mistakes and non-standard decisions in a package) is good practice to use at least once on ''any'' package; however, it has not yet been updated for DKMS specific guidelines.<br />
<br />
For example, DKMS uses {{ic|/usr/src/}} by default, but Namcap believes this to be a non-standard directory, a little contrary to its [[Wikipedia:Filesystem Hierarchy Standard|reference]].<br />
<br />
=== Example ===<br />
<br />
Here is an example package that edits {{ic|dkms.conf}} according to the package name and version.<br />
<br />
==== PKGBUILD ====<br />
<br />
{{hc|PKGBUILD|2=<br />
# Maintainer: foo <foo(at)gmail(dot)com><br />
# Contributor: bar <bar(at)gmai(dot)com><br />
<br />
_pkgbase=amazing<br />
pkgname=amazing-dkms<br />
pkgver=1<br />
pkgrel=1<br />
pkgdesc="The Amazing kernel modules (DKMS)"<br />
arch=('i686' 'x86_64')<br />
url="https://www.amazing.com/"<br />
license=('GPL2')<br />
depends=('dkms')<br />
conflicts=("${_pkgbase}")<br />
install=${pkgname}.install<br />
source=("${url}/files/tarball.tar.gz"<br />
'dkms.conf'<br />
'linux-3.14.patch')<br />
md5sums=(''use <nowiki>'</nowiki>updpkgsums''')<br />
<br />
build() {<br />
cd ${_pkgbase}-${pkgver}<br />
<br />
# Patch<br />
patch -p1 -i "${srcdir}"/linux-3.14.patch<br />
<br />
# Build<br />
msg2 "Starting ./configure..."<br />
./configure<br />
<br />
msg2 "Starting make..."<br />
make<br />
}<br />
<br />
package() {<br />
# Install<br />
msg2 "Starting make install..."<br />
make DESTDIR="${pkgdir}" install<br />
<br />
# Copy dkms.conf<br />
install -Dm644 dkms.conf "${pkgdir}"/usr/src/${_pkgbase}-${pkgver}/dkms.conf<br />
<br />
# Set name and version<br />
sed -e "s/@_PKGBASE@/${_pkgbase}/" \<br />
-e "s/@PKGVER@/${pkgver}/" \<br />
-i "${pkgdir}"/usr/src/${_pkgbase}-${pkgver}/dkms.conf<br />
<br />
# Copy sources (including Makefile)<br />
cp -r ${_pkgbase}/* "${pkgdir}"/usr/src/${_pkgbase}-${pkgver}/<br />
}<br />
}}<br />
<br />
==== dkms.conf ====<br />
<br />
{{hc|dkms.conf|2=<br />
PACKAGE_NAME="@_PKGBASE@"<br />
PACKAGE_VERSION="@PKGVER@"<br />
MAKE[0]="make --uname_r=$kernelver"<br />
CLEAN="make clean"<br />
BUILT_MODULE_NAME[0]="@_PKGBASE@"<br />
DEST_MODULE_LOCATION[0]="/kernel/drivers/misc"<br />
AUTOINSTALL="yes"<br />
}}<br />
<br />
==== .install ====<br />
<br />
Instead of {{ic|depmod}} now {{ic|dkms install}} can be used (it depends on {{ic|dkms build}}, which depends on {{ic|dkms add}}):<br />
<br />
{{hc|amazing-dkms.install|<br />
# old version (without -$pkgrel): ${1%%-*}<br />
# new version (without -$pkgrel): ${2%%-*}<br />
<br />
post_install() {<br />
dkms install ''amazing''/${1%%-*}<br />
}<br />
<br />
pre_upgrade() {<br />
pre_remove ${2%%-*}<br />
}<br />
<br />
post_upgrade() {<br />
post_install ${1%%-*}<br />
}<br />
<br />
pre_remove() {<br />
dkms remove ''amazing''/${1%%-*} --all<br />
}<br />
}}<br />
<br />
{{Tip|To keep DKMS packages closer to their non-DKMS counterparts: avoid cluttering up package files with DKMS-specific stuff (e.g. version numbers that need updating).}}<br />
<br />
== See also ==<br />
<br />
* [http://www.linuxjournal.com/article/6896 Linux Journal: Exploring Dynamic Kernel Module Support]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Dynamic_Kernel_Module_Support&diff=424469Talk:Dynamic Kernel Module Support2016-03-07T02:05:46Z<p>JimRees: /* systemd service not found */</p>
<hr />
<div>== systemd service not found ==<br />
<br />
The {{ic|dkms}} systemd service is no longer contained in the {{Pkg|dkms}} package, it seems:<br />
<br />
<nowiki>$ pacman --query dkms<br />
dkms 2.2.0.3+git151023-5<br />
$ sudo systemctl start dkms.service<br />
Failed to start dkms.service: Unit dkms.service not found. </nowiki><br />
<br />
Is the service obsolete now with the alpm hooks provided since pacman 5?<br />
<br />
[[User:Cdo|Cdo]] ([[User talk:Cdo|talk]]) 21:30, 28 February 2016 (UTC)<br />
<br />
<br />
:Hi. It's seems like you are right. On a fresh Arch Linux install, I checked the files that have "dkms" in their filename and only found that:<br />
:{{bc|<nowiki><br />
[root@localhost user]# find / -name "*dkms*"<br />
/var/cache/pacman/pkg/dkms-2.2.0.3+git151023-5-any.pkg.tar.xz<br />
/var/lib/dkms<br />
/var/lib/dkms/dkms_dbversion<br />
/var/lib/pacman/local/dkms-2.2.0.3+git151023-5<br />
/usr/bin/dkms<br />
/usr/lib/dkms<br />
/usr/lib/dkms/dkms_autoinstaller<br />
/usr/share/libalpm/hooks/70-dkms-install.hook<br />
/usr/share/libalpm/hooks/70-dkms-remove.hook<br />
/usr/share/man/man8/dkms.8.gz<br />
/usr/share/bash-completion/completions/dkms<br />
/etc/dkms</nowiki>}}<br />
<br />
:Same for <br />
:{{bc|<nowiki><br />
[root@localhost user]# pacman -Ql dkms<br />
dkms /etc/<br />
dkms /etc/dkms/<br />
dkms /etc/dkms/framework.conf<br />
dkms /usr/<br />
dkms /usr/bin/<br />
dkms /usr/bin/dkms<br />
dkms /usr/lib/<br />
dkms /usr/lib/dkms/<br />
dkms /usr/lib/dkms/alpm-hook<br />
dkms /usr/lib/dkms/common.postinst<br />
dkms /usr/lib/dkms/dkms_autoinstaller<br />
dkms /usr/share/<br />
dkms /usr/share/bash-completion/<br />
dkms /usr/share/bash-completion/completions/<br />
dkms /usr/share/bash-completion/completions/dkms<br />
dkms /usr/share/libalpm/<br />
dkms /usr/share/libalpm/hooks/<br />
dkms /usr/share/libalpm/hooks/70-dkms-install.hook<br />
dkms /usr/share/libalpm/hooks/70-dkms-remove.hook<br />
dkms /usr/share/man/<br />
dkms /usr/share/man/man8/<br />
dkms /usr/share/man/man8/dkms.8.gz<br />
dkms /var/<br />
dkms /var/lib/<br />
dkms /var/lib/dkms/<br />
dkms /var/lib/dkms/dkms_dbversion</nowiki>}}<br />
<br />
:Since you are looking more familiar with these changes, how could we update this wiki article? -- [[User:wget|wget]] ([[User talk:wget|talk]]) 23:21, 28 February 2016 (UTC)<br />
::What is this mysterious alpm? I can't find anything on the wiki about it. I'm trying to figure out how to disable automatic dkms rebuilds. I think the key is 70-dkms-install.hook? [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 02:05, 7 March 2016 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=User_talk:Kynikos&diff=412465User talk:Kynikos2015-12-16T03:23:40Z<p>JimRees: /* Weewx */ new section</p>
<hr />
<div>Feel free to leave here your comments on my edits or anything else you want to talk about: I'll reply as soon as I can!<br />
<br />
==Xyne-related page edits after Powerpill, Bauerbill... discontinuation==<br />
See [[User_talk:Kynikos/Xyne-related pages|Xyne-related page edits after Powerpill, Bauerbill... discontinuation]].<br />
<br />
== Where should translations go? ==<br />
Hi! I'm wondering where the Archwiki team wants new translations to go? On the page [[ArchWiki Translation Team]] I get the feeling that translations should be placed under archlinux.org. At the same time there are national wikis as well, at different stages of development. In my case this is archlinux.se, which only contains a few articles, and is generally lacking links to the main Wiki from what I can see. What is the policy on where to put translations?<br />
:Hi and welcome! I'm glad to know that the Swedish website has come back to life :) Since MediaWiki is _not_ designed to handle internationalization (it requires resorting to workarounds like the suffix one we're using here) the ideal goal would be to move each language to its own separate wiki, for ease of maintenance. So, in your case, all Swedish articles should now be moved to wiki.archlinux.se and replaced with interwiki links on at least the English page, e.g. {{ic|<nowiki>[[sv:Huvudsida]]</nowiki>}}. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 15:23, 4 May 2012 (UTC)<br />
:Ah, I forgot to mention that if you want to add an interlanguage link to a protected English page, you can just ask on its talk page, and it will be added by one of us admins as soon as possible! -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 15:28, 4 May 2012 (UTC)<br />
<br />
On a secondary note - poorly developed regional wikis might work as a black hole for new users (turned off from arch due to lack of documentation) if they do not link to the main wiki for untranslated topics. Ideally they should cover the entire topic tree, and link to the anglish main wiki for untranslated articles. Granted, most potential new users that find a poor regional wiki probably continue searching and eventually find wiki.archlinux.org, but not necessarily all of them.<br />
:That's why we must exploit as much as we can the native tool that MediaWiki offers for keeping the various local wikis linked with each other: [http://meta.wikimedia.org/wiki/Help:Interwiki_linking#Interlanguage_links interlanguage links] (example above).<br />
:Until the Swedish wiki lacks important articles, at least its Main Page if not also other important articles should instruct Swedish users to search for missing content on the English wiki.<br />
:-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 15:23, 4 May 2012 (UTC)<br />
<br />
== Text shift in discussion answers ==<br />
I noticed that the discussion pages of the wiki, in order to indicate that the piece of text written actually answers a comment from a guy above, we are using colon to shift our answer. The problem appears on long discussions page (like the beginner guide, I'm coming from), when we answer to answers answering answers... <br />
<br />
I think it would be better to use a @name statement: this indicates we are answering directly to the guy whose name is written. And this avoid left space waste (especially on mobile phones, I couldn't even read the whole thread on mine yesterday, because of the so long shift).<br />
-- [[User:Wget|Wget]] ([[User talk:Wget|talk]]) 13:10, 5 August 2013 (UTC)<br />
<br />
:Well, about indentation we're just following Wikipedia's standards: [[Wikipedia:Help:Using_talk_pages#Indentation]], [[Wikipedia:Wikipedia:Indentation]].<br />
:About long discussions, outdenting can be used, [[Wikipedia:Wikipedia:Indentation#Outdenting]].<br />
:I admit that the @ method wouldn't be such a silly idea, it would work with short discussions, but it wouldn't allow branching out long discussions. On wide screens the "left space waste" is negligible, and on my phones (Android) the browser correctly manages to fit long discussions to the screen width, I don't understand why your phone can't do that ^^<br />
:-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 13:41, 6 August 2013 (UTC)<br />
<br />
== Integrating Google searches into ArchWiki ==<br />
<br />
Re-reading the discussion on my talk page ([[User_talk:Jstjohn#Unused_redirects]]) made me think that we should try improving the search functionality of the ArchWiki. Native MediaWiki search is really awful in my experience, and I'm guessing many others feel the same way.<br />
<br />
The easiest way to improve it would be to integrate Google search directly into ArchWiki. A brief search on Google led me to [https://www.mediawiki.org/wiki/Extension:GoogleCustomWikiSearch] and [http://www.mediawiki.org/wiki/Extension:Google], which are two ways to integrate Google search into MediaWiki. Even if those two aren't ideal solutions&mdash;I haven't looked at them in-depth&mdash;there are likely to be several other ways of integrating Google search into MediaWiki. So consider this a very nascent proposal for extending/improving search quality on ArchWiki without necessarily proposing a certain implementation.<br />
<br />
I don't think that we should completely replace native MediaWiki search (yet?); however, integrated Google search would be a very useful alternative search feature that everyone can use.<br />
<br />
-- [[User:Jstjohn|Jstjohn]] ([[User talk:Jstjohn|talk]]) 00:15, 5 December 2013 (UTC)<br />
<br />
:I don't have a particular preference for one search engine or the other, however extensions can only be installed by the Devs, who have access to the [https://projects.archlinux.org/vhosts/wiki.archlinux.org.git/ repo], so a bug report should be opened for these things. In particular [[User:Pierre]] is the one who takes care of the wiki, and '''*IIRC*''' he tends to be against installing new extensions. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 09:18, 5 December 2013 (UTC)<br />
<br />
== Crazy idea about interlanguage links ==<br />
<br />
If [https://www.mediawiki.org/wiki/Extension:ParserFunctions ParserFunctions] extension was installed on ArchWiki, it would be possible to implement an (almost) fully automatic solution to the problem of interlanguage links, similar to mediawiki.org: [https://www.mediawiki.org/wiki/Template:Languages], [https://www.mediawiki.org/wiki/Template:Languages/Lang]. I think it would be possible to adjust it to the layout currently used on ArchWiki, so no mass renaming would be required.<br />
<br />
Intended layout is that we would have single central template to be used on all pages, similar to [[Template:i18n]], that would include the {{ic|<nowiki>[[subtag:Page Name]]</nowiki>}} links for all languages. There would also be checking if the localized page exists (using the {{ic|#ifexist}} function from ParserFunctions) to avoid links to non-existent pages.<br />
<br />
Manual intervention would still be required in several cases:<br />
* the localized article is on external wiki - the link would have to be added manually<br />
* the localized article has different base name than the English page ([[Network configuration]] vs. [[Configuring Network (Italiano)]]) - best solution would be moving the localized pages to match the English page (this would be good anyway)<br />
* there are possible problems with redirects, I did not think of it yet<br />
<br />
Disadvantages:<br />
* slower rendering of pages, higher server load ({{ic|#ifexist}} is considered an "expensive parser function" [https://www.mediawiki.org/wiki/Help:Extension:ParserFunctions#ifexist_limits])<br />
<br />
Anyway, what do you think of it? Is it a viable solution?<br />
<br />
-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 13:53, 8 December 2013 (UTC)<br />
<br />
:The short answer would be the same I've given to Jstjohn in [[#Integrating Google searches into ArchWiki]], however even if we could easily install extensions, maybe we should consider [[Help_talk:I18n#MediaWiki_translation_extension]] before this idea. I think you've never seen our [[Template:i18n]] on this wiki, which was practically the same except for the #ifexist check. It was in use before June 2012 and was deprecated by [https://wiki.archlinux.org/index.php?title=Help_talk:I18n&oldid=209375#.22Dummy.22_interlanguage_links_and_deprecation_of_Template:i18n]: that discussion is full of arguments against its reintegration :D -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 04:44, 9 December 2013 (UTC)<br />
<br />
::I like automatic solutions, I'm sure there are plenty of extensions that make this possible. The current solution is by no means automatic, even considering the Wiki Monkey bot plugin. We should at least have a solution to automatically check all pages on the wiki (or at least some specific namespace). The current solution relies on lists like [[Special:MostLinkedPages]], which tend to overlap, and also in my opinion the plugin does not cover all cases. I already have several ideas on how to improve the algorithm, it's just the matter of putting it "on paper" - I think I'll open an issue about this on github... -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 18:54, 9 December 2013 (UTC)<br />
<br />
:::I have written a quite long post about redesigning the bot algorithm, but unfortunately it seems that I can't post it on github because markdown apparently supports only two levels of bullet lists :( -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 07:41, 10 December 2013 (UTC)<br />
<br />
::::No worries, we can easily discuss it here, after all we're doing it for this wiki's sake, it's nothing extraneous. Maybe you (or I) can create a bug report with a link to this discussion, just as a reminder for myself. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 14:35, 10 December 2013 (UTC)<br />
<br />
:::::Alright, I've started the discussion in [[Talk:Wiki_Monkey#Improvements_to_the_interlanguage_syncing_algorithm]] - feels like the right place for it... -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 20:02, 10 December 2013 (UTC)<br />
<br />
== MediaWiki and help pages centralization ==<br />
<br />
MediaWiki tries to [[mw:MediaWiki_1.23#Help_pages|centralize help pages]], many links in the interface now lead to https://mediawiki.org (using {{ic|Special:MyLanguage}} from [[mw:Extension:Translate|Extension:Translate]] to detect the language; btw see also [https://bugzilla.wikimedia.org/show_bug.cgi?id=66762]). As we do many things differently, I think that we should keep linking to our pages by overriding the new defaults in ''MediaWiki:'' namespace.<br />
<br />
For example, the "Editing help" link in edit pages now links to mediawiki.org ([[MediaWiki:Edithelppage]]).<br />
<br />
-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 22:21, 5 July 2014 (UTC)<br />
<br />
:Thanks for the heads up, I'm not sure yet what to do here, because we do many things differently indeed style-wise, but relying more on the upstream docs for syntax guidelines and generic instructions on how a wiki works could be taken into consideration. I'll have a deeper look into that, and maybe start a discussion somewhere. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 05:00, 6 July 2014 (UTC)<br />
<br />
== External links ==<br />
<br />
There is something wrong with [[Special:LinkSearch]]:<br />
<br />
* The two links from [[ArchWiki:Contributing#Use internal links]] ([https://wiki.archlinux.org/index.php?title=Special%3ALinkSearch&target=http%3A%2F%2Fwiki.archlinux.org&namespace=0 http links] and [https://wiki.archlinux.org/index.php?title=Special%3ALinkSearch&target=https%3A%2F%2Fwiki.archlinux.org&namespace=0 https links]) don't show anything. When they are changed to match on all namespaces, the [https://wiki.archlinux.org/index.php?title=Special%3ALinkSearch&target=http%3A%2F%2Fwiki.archlinux.org&namespace= first] shows something, but for the [https://wiki.archlinux.org/index.php?title=Special%3ALinkSearch&target=https%3A%2F%2Fwiki.archlinux.org&namespace= second] there is only one positive!<br />
* [https://wiki.archlinux.org/index.php?title=Special:LinkSearch&target=https%3A%2F%2F*.archlinux.org This query] is cluttered with links to AUR packages, most of which go over templates and still there is only one link to the wiki.<br />
<br />
There are ''many'' links to wiki that should be matched: links to diffs or history, [[Template:Out of date]] etc. use full url to talk pages, and there are even links to articles [https://wiki.archlinux.org/index.php?title=ArchWiki:Requests&diff=prev&oldid=323008] (I bet there are some even in the main namespace). It seems that MediaWiki treats all external links starting with {{ic|<nowiki>https://wiki.archlinux.org/api.php</nowiki>}} or {{ic|<nowiki>https://wiki.archlinux.org/index.php</nowiki>}} as internal, which is very unfortunate.<br />
<br />
-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 07:26, 6 July 2014 (UTC)<br />
<br />
:I'd even say that every http'''s'''://wiki.archlinux.org link is ignored: it could be that, in order to indicize the external links, MediaWiki must first process the wiki markup (internal links, interwiki links, transclusions...), so then it has to ignore the urls that point to the wiki itself, otherwise they would be too many (?!?). The only problem is [[User talk:Karlswab]], I can't really explain why its https link is shown... I've tried to reproduce it on [[User talk:Kynikos.bot]] but to no avail, really weird. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 05:52, 7 July 2014 (UTC)<br />
<br />
::Found it! See [https://meta.wikimedia.org/wiki/Help:Linksearch#Links_in_external_link_style_to_the_same_wiki] and the linked [https://www.mediawiki.org/wiki/Special:Code/MediaWiki/53104 commit]. We could submit a feature request to set $wgRegisterInternalExternals to true, but it has been disabled [https://bugzilla.wikimedia.org/show_bug.cgi?id=19637#c0 for a reason] (at least on bit Wikimedia projects, the 50GB value is too much for Arch wiki). -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 08:20, 7 July 2014 (UTC)<br />
<br />
:::Uh good job! However it's not clear whether setting $wgRegisterInternalExternals to true would only record the internal links formatted as external, or all the internal links regardless of their wikitext form. In the latter case, turning it on would be useless as it wouldn't help fixing the wrong-formatted ones.<br />
:::Then there's still [[User talk:Karlswab]]: $wgRegisterInternalExternals was apparently introduced in 1.16.0, which we installed in [https://projects.archlinux.org/vhosts/wiki.archlinux.org.git/log/?ofs=50 2010], however the link in that talk page was added in 2012, so in theory it should have not been recorded...<br />
:::What we can do:<br />
:::# Ask about the exact functionality of $wgRegisterInternalExternals<br />
:::#* Possibly open a bug report to enable it here (still having {{Bug|35545}}<sup>which from now on I will refer to as simply "The Bug"</sup> fixed would help)<br />
:::# Update/remove [[ArchWiki:Contributing#Use internal links]]<br />
:::-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 12:59, 7 July 2014 (UTC)<br />
<br />
::::I'd say that this would definitely affect only the external links (syntax sense). From the quick look at the code, the {{ic|addExternalLink}} method is called only from parts of the parser responsible for formatting the external links; then there is {{ic|addLink}} for the internal (and interwiki) links. See also [https://bugzilla.wikimedia.org/show_bug.cgi?id=19637#c4] which talks specifically about [[Special:LinkSearch]].<br />
::::About [[User talk:Karlswab]], it is possible that for Arch wiki the $wgRegisterInternalExternals variable was first set to true and later set to default. We could try to find some older links not being registered to confirm this paradox :P<br />
::::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 14:02, 7 July 2014 (UTC)<br />
<br />
:::::Yeah, you're right, and these two observations put together would also explain why a link to a search like those has been in my public task list for ages, also allowing me in 2012 to do [https://wiki.archlinux.org/index.php?title=Special:Contributions&offset=20121205120000&contribs=user&target=Kynikos.bot this series of edits] with my bot, which was clearly launched on [[Special:LinkSearch]], actually also fixing some wiki.archlinux.org links (some of which I had to revert then, teaching me that links cannot be converted automatically).<br />
:::::I've [https://wiki.archlinux.org/index.php?title=ArchWiki%3AContributing&diff=324048&oldid=324003 removed] the section in [[ArchWiki:Contributing]] for the moment. We could also open the report for $wgRegisterInternalExternals, but I'm not sure how lucky it could be, considering the age of the other open wiki bugs; maybe this one can wait for the resolution of The Bug, which at a certain point we'll probably have to bump somehow, being a very quick fix in practice. This discussion will also remind to re-add the section in [[ArchWiki:Contributing]] then.<br />
:::::PS: I'd also be curious to re-save [[User talk:Karlswab]] and see if the link in the search really disappears :P<br />
:::::-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 14:44, 8 July 2014 (UTC)<br />
<br />
::::::I have tested this on [[User:Lahwaacz/LocalArchWiki|LocalArchWiki]], and the ''externallinks'' table (with 1565 links to wiki.archlinux.org domain) takes 36.2MiB. Since wiki.archlinux.org is not a local domain for LocalArchWiki, I did not even have to set $wgRegisterInternalExternals to true, which also means that I can't determine the increase in space, but for ArchWiki it is surely in order of MiB, not GiB.<br />
::::::'''Edit:''' After the $wgRegisterInternalExternals is set to true, it will be necessary to run the [[mw:Manual:RefreshLinks.php|RefreshLinks.php]] maintenance script to update the database; this should be noted in the bug report/feature request.<br />
::::::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 14:23, 22 December 2014 (UTC)<br />
<br />
== Redirections are visible in search ==<br />
<br />
Hi Kynikos.<br />
<br />
I noticed all pages which are redirections to others are visible in search results. For example, search for Android, and you will get Android-sdk and Android as results where Android-sdk points to the main Android article. The same with the VirtualBox article I'm currently maintaining. Virtualbox --> VirtualBox, Installing Arch Linux in VirtualBox --> VirtualBox, VirtualBox Extras --> VirtualBox,... I think such redirections shouldn't appear in search results, like it is on Wikimedia/Wikipedia.<br />
<br />
Also, I wonder if the translation titles are really needed in search results too e.g. VirtualBox (简体中文). Why not provide only English versions as result, then if the user wants the translated (and outdated) content, he can click on the links on the left. -- [[User:wget|wget]] ([[User talk:wget|talk]]) 19:34, 2 August 2014 (UTC)<br />
<br />
: Uncheck 'List redirects' search option. -- [[User:Karol|Karol]] ([[User talk:Karol|talk]]) 22:57, 2 August 2014 (UTC)<br />
<br />
:: Ok. but this checkbox should be unchecked by default. -- [[User:wget|wget]] ([[User talk:wget|talk]]) 23:06, 2 August 2014 (UTC)<br />
<br />
:::There doesn't seem to be an option in the user preferences, and I don't think it's possible to uncheck it globally, see [[mw:Manual:Configuration settings#Search]] (and anyway that would require {{Bug|35545}} to be fixed). However I'd be against unchecking it by default because if somebody searches for "android sdk" he has to get the redirect as a result, and this is one of the main reasons why we create redirects in the first place.<br />
:::About results in other languages, MediaWiki is completely unaware of our language tagging system, which is regulated by [[Help:i18n]], but it's worth mentioning that implementing [[Help talk:i18n#Language namespace(s) in place of suffixes?]] would solve the problem.<br />
:::-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 04:06, 3 August 2014 (UTC)<br />
<br />
== Smart cards ==<br />
<br />
Hi Kynikos. Just after some updates on the VirtualBox Arch Linux article, I'll write a complete documentation for the Belgian eID (identity card) requiring me to link to the official website and some posts from blogs belonging to Arch Linux enthusiasts. I'm also gonna upstream to Wikipedia some information I discovered in very hidden PDFs on the website (hardware specifications, etc. which are not really related to Arch Linux). I don't know how I'll proceed yet: maybe write a complete Arch Linux article then upstreaming or the reverse order. I don't know. -- [[User:wget|wget]] ([[User talk:wget|talk]]) 01:07, 10 December 2014 (UTC)<br />
<br />
:Sounds great, however I can't help you plan this :) There is however [[Estonian ID-card]] already, maybe it can inspire you. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 05:49, 10 December 2014 (UTC)<br />
<br />
::Thanks for the hint. I see we have the [[Common Access Card]] article too. In order to avoid duplication, since both CAD, the Estonia and Belgian eID are all smart cards, I'm gonna merge these articles together and make a meta article called [[Smart card]] (no need to create a Java Card article, the vast majority are Java cards any way). -- [[User:wget|wget]] ([[User talk:wget|talk]]) 12:00, 11 December 2014 (UTC)<br />
<br />
:::This could be a good idea, anything that avoids duplication is always welcome. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 14:12, 12 December 2014 (UTC)<br />
<br />
== Arch Development category is dead ==<br />
<br />
Hi Kynikos.<br />
<br />
Reading my mailing list messages, I was wondering how official repositories signoffs were actually performed. I decided to browse the wiki to answer my question and realized the [https://wiki.archlinux.org/index.php/Category:Arch_development] category was completely outdated, not being able to find a clear answer. I would like to move all articles from that category to the DeveloperWiki: where already a bunch of updated information are available. I really meant MOVING not creating a redirection: my aim is to clean this wiki as much as I can. And creating redirection is counterproductive: this doesn't clean category list and table of content.<br />
<br />
I already made that suggestion to you [[#Redirections are visible in search]].<br />
<br />
Also, with information I get from IRC today, I'ld like to provide a big DeveloperWiki:Website page where we will put all information I gleaned about our the ArchLinux website structure is working.<br />
I meant gleaned because I'm subscribed to all ArchLinux mailing list and am reading them daily.-- [[User:wget|wget]] ([[User talk:wget|talk]]) 14:11, 8 January 2015 (UTC)<br />
<br />
:As its name says, the so-called "DeveloperWiki" should be maintained by Developers, but they don't, so of course those articles have become obsolete. Right today I've marked some more for deletion. I haven't understood where you'd move those articles though. Redirects shouldn't be categorized, so they shouldn't appear in Category pages, nor increase the count numbers in [[Table of contents]].<br />
:You've already found [[DeveloperWiki:Archweb]], you can <s>move it to [[DeveloperWiki:Website]] and</s> expand it if you want, I don't have any objections :) (actually, scrap renaming the article, "Archweb" does seem to be the official name of the project[https://projects.archlinux.org/])<br />
:-- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 15:28, 9 January 2015 (UTC) (Edit: 06:51, 14 January 2015 (UTC))<br />
<br />
== Highlighting whitespace in diffs ==<br />
<br />
If I remember correctly, MediaWiki used to highlight whitespace in the diffs, e.g. when a space was added/removed it used to be highlighted with blue background. This is no longer the case and sometimes it is rather annoying, see e.g. [https://wiki.archlinux.org/index.php?title=Talk:PKGBUILD&diff=next&oldid=359603]. Have you also noticed the change or is it just my imagination? -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 09:21, 6 February 2015 (UTC)<br />
<br />
:Look at this diff [https://wiki.archlinux.org/index.php?title=User:Blackx/Help:Style_draft&diff=prev&oldid=354441], you'll see a whitespace here.<br />
:Regretfully, whitespace/tab changes aren't highlighted <s>when they're placed at ''the end of a line''</s> sometimes (ughh, I can't realize now when it is happening) neither with old 1.22 engine nor with 1.24 :( — [[User:Blackx|blackx]] ([[User_talk:Blackx|talk]]|[[Special:Contributions/Blackx|contribs]]) 10:19, 6 February 2015 (UTC)<br />
<br />
::I don't remember if whitespace changes were always highlighted before the recent software upgrades; however the fact that I never noticed this behavior either might indicate that it's indeed a new bug?<br />
::In any case it's clearly a bug in the diff engine, so it should be reported upstream, hopefully one day it will be fixed... (but don't sit there and wait in the meanwhile eh ;) )<br />
::One reason this bug may happen could be linked to the fact that the diff engine outputs differences with &lt;ins> and &lt;del> tags, and this may clash with some whitespace-related XML/HTML behavior.<br />
::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 07:36, 7 February 2015 (UTC)<br />
<br />
:::Considering that adding a single space is the recommended way to make a [[wikipedia:dummy edit|dummy edit]], there might indeed be a connection with rendering and the result is probably very buggy. At least changes that make difference in rendering seem to be highlighted consistently, e.g. [https://wiki.archlinux.org/index.php?title=ArchWiki:Sandbox&diff=359928&oldid=359482].<br />
:::I'll see what can be found upstream, until then [http://en.wikipedia.org/wiki/User:Cacycle/wikEdDiff wikEdDiff] seems to be a viable alternative (but has to be run with Greasemonkey).<br />
:::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 12:43, 7 February 2015 (UTC)<br />
<br />
== Minor bot edits ==<br />
<br />
Hi, I've noticed that I'm not getting any email notification for bot edits marked as minor, e.g. [https://wiki.archlinux.org/index.php?title=ArchWiki:Maintainers&curid=14417&diff=363136&oldid=358971]. It does not seem to be a bug, it's more likely a feature. To exploit it, maybe all bot edits with an edit summary like "automatic update" should be marked as minor. What do you think? -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 20:51, 1 March 2015 (UTC)<br />
<br />
:Since I patrol the recent changes, I don't use notifications: is that behavior independent of ''Email me also for minor edits of pages and files'' in [[Special:Preferences#mw-prefsection-personal]] and ''Hide bot edits from the watchlist'' in [[Special:Preferences#mw-prefsection-watchlist]]?<br />
:Anyway, currently I think all the "automatic updates" that I do regularly are:<br />
:* [[Table of Contents]]: normal user, normal edit (I'm going to change it to minor).<br />
:* [[ArchWiki:Statistics]]: bot user, normal edit (not marked as bot, I'm going to change it to minor though)<br />
:* Sorting [[ArchWiki:Administrators]] and [[ArchWiki:Maintainers]]: bot user, bot/minor edit.<br />
:In general, I think marking edits done with a bot account as "bot" and/or "minor" should be decided case by case, primarily considering the effects on [[Special:RecentChanges]], and only then on notifications. You may want to also consider solving the problem on your end by setting custom filters in your email client.<br />
:This said, I'm open for discussing each of these cases separately, or any others I might have omitted, of course.<br />
:— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:59, 2 March 2015 (UTC)<br />
<br />
::Yes, I have ''Email me also for minor edits of pages and files'' checked and ''Hide bot edits from the watchlist'' unchecked. Btw, I didn't find an option for ''Show bot edits in RecentChanges by default'', I think there is none.<br />
::As for the email client, I already have filters to mark notifications of my bot account as read and check the edits from the list of contributions, which includes also pages not present in my watchlist. This way I can avoid checking an edit twice. I could add another bot account to the filter, but I think it's better to mark the edits as minor instead, because this will apply to all users and not just me :)<br />
::Edit: I've modified [https://github.com/lahwaacz/wiki-scripts/commit/a4b3bce1dc6649039408e90f85ba80bfe4fa55c5 statistics.py] to make properly marked bot edits. Since the past edits were already being performed by a bot account, I assume it was a bug -- or would you like to complicate things and let bots do regular non-bot edits?<br />
::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 18:15, 2 March 2015 (UTC)<br />
<br />
:::Eheh honestly I originally didn't put the "bot" parameter in that query on purpose, thinking there was no reason not to show the edit in the RecentChanges (I reason in a "show-all-except" way instead of "hide-all-except", and I don't mind seeing bot accounts acting as normal users), but I don't feel strongly about it at all, and I'll take your concerns about notifications as a valid argument in favor of hiding it, so I've pulled the new version and will use it from now on :)<br />
:::Are you ok with me updating [[Table of contents]] as a normal user?<br />
:::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 14:08, 3 March 2015 (UTC)<br />
<br />
::::Well, bot edits are included in the RecentChanges, only hidden by default. Unfortunately there is no way to configure MediaWiki to show them by default, neither per-user nor globally. I think that the decision whether to mark edits as bot or not should be driven by the way they were performed (manual or automatic), not by the intention to hide or show them in some list by default, which should be only the incidence (and ideally configurable). Of course all this decision making would be much simpler if regular users could mark some edits as bot, if only via API, and ideally supply a tag indicating the software that made the edit. Then we would not need the dual accounts at all...<br />
::::As for [[Table of contents]], it is not updated daily, so my argument with notifications does not stand. I'll leave this up to you.<br />
::::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 20:48, 3 March 2015 (UTC)<br />
<br />
:::::Interesting discussion, I've never really thought in depth about whether there's a general rule that makes me decide when to use a bot account (and possibly the "bot" tag) or not to perform some edits. I think I've always seen bot accounts as a means of not polluting the (default) recent changes with ''numerous'', ''similar'', ''minor'', ''automatically-saved'' changes that theoretically nobody should care too much about (except for the bot operator who is supposed to check them, at least by sample) (yes, there's also the advantage of having higher query rates allowed from the server). There are exceptions though, like the sorting of admins/maintainers pages, which I see as only a technicality of no consequence that can easily stay behind the scenes; also, I tend to use the bot account when testing something technical, like the behavior of templates etc.<br />
:::::I'm wondering what you exactly mean with "the way [edits] were performed (manual or automatic)": is "automatic" as in "the text has been ''modified'' with other means than pressing character keys on a keyboard", or as in "the changed text has been ''saved'' with other means than pressing the Save page button in an editor's page"? In the former case I'd disagree it could be a ''sufficient'' test to distinguish between bot and non-bot edits, think for example of editor assistants like Wiki Monkey or external editors like vim; in the latter case, quick edits that I do with Wiki Monkey e.g. when fixing a few double redirects, updating ToC articles, or fixing the backlinks of an article would require me to switch to the bot account, even though I'd see such edits as more human-like than bot-like.<br />
:::::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 07:15, 4 March 2015 (UTC)<br />
<br />
::::::Well, ''semi-automatic'' is, by definition, between ''automatic'' and ''manual''. Obviously the bot/non-bot distinction is too strict, unfortunately MediaWiki does not provide anything better. There is an attempt to implement revision tagging (see [[mw:Manual:Tags]]), but it does not behave as I'd suspect. We have [[Special:Tags]] on ArchWiki, but the {{ic|managechangetags}} right mentioned in the manual as "given to administrators by default" is not listed in [[Special:ListGroupRights]] nor [[mw:Manual:User rights]]. Hence I think that these tags are usable only from extensions, perhaps a special extension is necessary to edit the tags.<br />
::::::Anyway, I haven't done many ''semi-automatic'' edits in a while, but I'm inclined to mark them as normal/non-bot (i.e. not mark them at all) and reserve the "bot" mark only for ''automatic'' edits. After all, we don't require other users to make a bot account to do ''semi-automatic'' edits.<br />
::::::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 14:24, 7 March 2015 (UTC)<br />
<br />
:::::::So, can I infer that your definition of "manual" vs "automatic" is based on the saving method, i.e. click on ''Save page'' vs API query (see the second paragraph of my previous post)? In this case Wiki Monkey's bot and special plugins (e.g. updating ToCs or double redirects) are "illegal" when run with a normal account, if we want to apply this rule strictly. What we call "semi-automatic" edits are in fact "manual" ones, under this definition, it makes it pretty obvious to me :) If we really need a definition, I think that is the only clear one we can give.<br />
:::::::However I was thinking: why is it that we need a separate account for bot edits after all? I think that for MediaWiki that's only a difference in rights, but when it comes to distinguishing the single edits, MediaWiki only looks if the query has the ''bot'' parameter set, which can be set only by accounts in the ''bots'' group. In practice, this means that I could simply add our "normal" accounts to the ''bots'' group too, and nothing would change when we do normal, manual edits, but we would be able to control when the ''bot'' parameter is added by just properly setting it in the script queries that need it, without the need to switch account too (I hope I've made it clear enough).<br />
:::::::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:47, 8 March 2015 (UTC)<br />
<br />
::::::::Yes, I think that the following definition is natural: if the text is both modified and saved manually, it is ''manual''; if it is modified automatically and saved manually then it is ''semi-automatic''; and if it is both modified and saved automatically, then it is ''automatic''.<br />
::::::::If I remember correctly, the edits of bot accounts which were saved via clicking on "Save page" in the web UI are automatically tagged as bot edits. Or is there a way to change this absurd default?<br />
::::::::-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 07:59, 8 March 2015 (UTC)<br />
<br />
:::::::::Well, the definition is ok, but applying it strictly would make maintenance harder in some instances, for example a few hours ago I fixed a bunch of double redirects with Wiki Monkey's plugin, which qualifies them as automatic edits: if I had to switch to the bot account it would have taken too long and alomost defeated the purpose of having a quick button for that. That's why in practice I think I'll keep just deciding case by case.<br />
:::::::::About manual edits with bot accounts you're right, I completely forgot that, so the idea is discarded of course, as I don't know of a way to change that behavior either.<br />
:::::::::I'll keep this discussion around for a while, just to see if after re-reading it in the future I'll be able to come up with a better conclusion.<br />
:::::::::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 10:05, 9 March 2015 (UTC)<br />
<br />
:::::::Update: Since 1.25.X users and bots are supposed to be able to apply certain tags by themselves, see [[mw:Help:Tags]]. The page is unfortunately still empty; the API [https://wiki.archlinux.org/api.php?action=help&modules=edit edit module] takes a new ''tags'' parameter (unfortunately not described in [[mw:API:Edit]] yet), but it is not clear if it will be possible to set tags also from the web interface. I will try this sometimes... -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 21:39, 1 September 2015 (UTC)<br />
<br />
== Wiki Registration AntiSpam box "FunnyAnswer" Bash Note required ==<br />
<br />
Just registered and already contacting an admin (u_u), in any case, While registering after I was amused by the AntiSpam "FunnyAnswer" box, I copied the text to my terminal, and pasted the code. It was apparently wrong! , did it 3 more times, all the same result....<br />
Then, for no good reason, I decided to try [[Bash]], as I normally use "[[fish]]", and surprisingly enough it gave another result, which was easily accepted.<br />
Apparently fish got "date -u +%V`uname`" translated into "14`uname`", instead of "14Linux".<br />
<br />
I understand that most users wouldn't replace Bash, but I think it is worth a mention to use it for the challenge. Additionally, while we are at it, maybe add a newbie friendly <br />
<br />
"What is the output of the following line in the Bash terminal"<br />
[code][/code]<br />
<br />
With a possible link to the Bash wiki page, for a toddler user, who just decided for some reason to edit the marvellous ArchWiki, instead of the soulless<br />
<br />
"What is the output of "date -u +%V`uname`|sha256sum|sed 's/\W//g'"?"<br />
<br />
>>> Challenge form field is;<br />
<input type="text" class="mw-ui-input" name="FunnyAnswer" tabindex="9" value="" id="FunnyAnswer"><br />
<br />
{{Unsigned|4 April 2015|Serag4000}}<br />
<br />
:Thank you for the feedback and welcome to the ArchWiki!<br />
:Yes, backticks don't work in fish [http://fishshell.com/docs/current/faq.html#faq-subcommand] [https://github.com/fish-shell/fish-shell/issues/1159] [https://github.com/fish-shell/fish-shell/issues/1481] :)<br />
:It happens frequently that new users report registration difficulties in the forums, although I'm not sure if somebody's ever proposed to explicitly mention Bash in the question, actually I don't think it would be a bad idea. In any case though, patching the captcha is beyond the powers of a wiki admin, and a request in the bug tracker should be opened for that, so you may want to go that way on your own, or I'll just put this in my ''TodoList''&trade; and discuss it at some point in time.<br />
:— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:08, 5 April 2015 (UTC)<br />
<br />
== File uploads? ==<br />
<br />
Forgive me for asking this dumb question, but are file uploads enabled on this Wiki? According to [https://www.mediawiki.org/wiki/Help:Managing_files this] there should be an "Upload File" link under "tools", but I don't see it. Some files have obviously been [[Special:ListFiles|uploaded]], but the most recent was in 2008, and I'm wondering if file uploads were disabled since then. I would like to upload some diagrams now and then, but I can't figure out how. Am I just looking in the wrong place? [[User:EscapedNull|EscapedNull]] ([[User talk:EscapedNull|talk]]) 15:43, 18 April 2015 (UTC)<br />
<br />
:It's not a "dumb question", don't be afraid of asking anything you want :) File uploads are deliberately disabled on this wiki for regular users, the reasoning being in [[Help:Style#Non-pertinent content]]. [[Disk encryption]] has some examples of beautiful Unicode diagrams by [[User:Sas]], who explained how he made them in [[Talk:Disk encryption#Unicode graphs.2Fpatterns]]: do you think that's a viable solution for you? — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:56, 19 April 2015 (UTC)<br />
<br />
::Thanks for the reply. I've used ASCII Flow before and its functionality is pretty limited, and I don't use Kate, but it did give me the idea to search for Vim plugins, where I found [http://www.vim.org/scripts/script.php?script_id=173 this one] right off the bat. I'll give it a try soon and see about using it instead. I asked about file uploads because I like the [http://www.graphviz.org/Documentation/dotguide.pdf dot] language, which only supports exporting SVG and simple image formats. Maybe someday Arch Wiki will support [https://www.mediawiki.org/wiki/Extension:GraphViz Extension:GraphViz]? [[User:EscapedNull|EscapedNull]] ([[User talk:EscapedNull|talk]]) 11:03, 20 April 2015 (UTC)<br />
<br />
:::Nice, if you make it to draw those diagrams with the boxdraw plugin they will also be more examples we will be able to show to users who will come with the same question! About the GraphViz extension, never say never, but I don't see it as something happening in the foreseeable future :) — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 13:56, 21 April 2015 (UTC)<br />
<br />
==<s> Broken page </s>==<br />
<br />
Hi, regarding this page: [[Window_Manager_(%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9)]]<br />
<br />
There seems to be an error which breaks the rendering of the MediaWiki interface on that page, e.g. the page/discussion/edit buttons at the top are rendered improperly. It's possibly caused by the dir=rtl divs interleaving the Article summary templates, do you have an idea how to fix that?<br />
<br />
-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 16:35, 19 July 2015 (UTC)<br />
<br />
:I think [https://wiki.archlinux.org/index.php?title=Window_Manager_%28%D8%A7%D9%84%D8%B9%D8%B1%D8%A8%D9%8A%D8%A9%29&diff=385510&oldid=384390 this] fixed it, there were 3 non-closed divs and MW didn't like it (and for once I agree :P ). – [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 03:50, 20 July 2015 (UTC)<br />
<br />
::Oh, thanks, it's fixed indeed. [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 07:25, 20 July 2015 (UTC)<br />
<br />
==<s> Yocto </s>==<br />
<br />
Thank you for helping me with my style issues on the [[Yocto]] page [[User:Soderstrom|Soderstrom]] ([[User talk:Soderstrom|talk]]) 08:59, 6 August 2015 (UTC)<br />
<br />
:No worries, thank you for your work :) — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 19:24, 6 August 2015 (UTC)<br />
<br />
== <s>ToC oops</s> ==<br />
<br />
I'm sorry for causing [https://github.com/kynikos/wiki-monkey/commit/53b96922c56103dde94d6ecaa400262f9b400147 this]. I've managed to foresee only the ''ToC -> Toc'' change, but haven't got around the ''* has been updated too recently'' message.<br />
<br />
In a few days I will continue the work and renaming will not be limited to capitalization changes only (localized pages will be moved to match the English page based on interlanguage links), so the next <s>ToC</s> Toc update should be careful as well. There is at least [[:Category:Email Client (Italiano)]] to be moved to the plural form, could this be somehow detected automatically as well?<br />
<br />
-- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 07:04, 30 August 2015 (UTC)<br />
<br />
:You didn't "caus[e]" that of course, you've done yet another good job which just happened to bring a WM bug to light, which has taken me 5 minutes to fix ^^<br />
:The ''* has been updated too recently'' message is due to [https://github.com/kynikos/wiki-monkey/blob/develop/plugins/UpdateCategoryTree.js#L77 UpdateCategoryTree.js#L77], so next time you run into it you can bypass that test by e.g. adding {{ic|<nowiki>true ||</nowiki>}} ;)<br />
:Yes, detecting simple plural changes could be done in theory, but I don't have time to spend on that, so just go on with the renaming and we'll decide what to do, probably just restore the lost translations manually if they're not too many, or leaving it to translators.<br />
:— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 02:44, 31 August 2015 (UTC)<br />
<br />
::Update: it hasn't gone too bad after all: [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28%C4%8Cesky%29&diff=prev&oldid=398508], [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28Espa%C3%B1ol%29&diff=prev&oldid=398510], [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28Italiano%29&diff=prev&oldid=398511], [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28%D0%A0%D1%83%D1%81%D1%81%D0%BA%D0%B8%D0%B9%29&diff=prev&oldid=398514], [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28%E7%AE%80%E4%BD%93%E4%B8%AD%E6%96%87%29&diff=prev&oldid=398516], [https://wiki.archlinux.org/index.php?title=Table_of_contents_%28%E6%AD%A3%E9%AB%94%E4%B8%AD%E6%96%87%29&diff=prev&oldid=398518]. Probably a manual fix is easier than spending time to implement support for plurals. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 12:15, 6 September 2015 (UTC)<br />
<br />
:::Indeed; I've fixed these 6 edits so I guess this can be closed... -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 11:29, 7 September 2015 (UTC)<br />
<br />
::::Cheers ^^ — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 13:11, 8 September 2015 (UTC)<br />
<br />
== Concept of non-English TOC ==<br />
<br />
Hello, Kynikos!<br />
At [[Talk:Table of contents#Place two lists side by side|this]] discussion I offered to placing two table of contents side by side in non English Tables of categories, but nobody answered. It is important, because there are for example some articles only in English, but Russian people may be still interested in them (for example, pages about Laptops). Also, doing so will solve problem of out-of-sync numbering in English and non-English table of content.<br />
<br />
Sorry for contacting you directly, but maybe you can help me with that? I think we need to create/edit your script, that do automatic updates. I have made a [https://wiki.archlinux.org/index.php?title=User:Agent0/Test&oldid=398409 concept] of ToC for non-English pages. Is something like that possible?<br />
— [[User:Agent0|Agent0]] ([[User_talk:Agent0|talk]]|[[Special:Contributions/Agent0|contribs]]) 17:03, 5 September 2015 (UTC)<br />
<br />
:I might be able to look at this after my BS exams in a few days. In the meantime, if keeping the corresponding numbers on the same line isn't important, you could take a look at [[User:Lahwaacz/ToC test]] for a simple solution: on the real [[Table of contents (Русский)]] you need to transclude only the English version. If the content is wrapped into the divs properly, Wiki Monkey should preserve the layout and only update the left column. -- [[User:Lahwaacz|Lahwaacz]] ([[User talk:Lahwaacz|talk]]) 17:23, 5 September 2015 (UTC)<br />
<br />
::Lahwaacz, thank you for answer. Good luck passing exams =).<br />
::Interesting solution. But ideally, I want corresponding categories to be side by side. In that case it would be easy to detect how much pages are translated and what is total number. — [[User:Agent0|Agent0]] ([[User_talk:Agent0|talk]]|[[Special:Contributions/Agent0|contribs]]) 17:39, 5 September 2015 (UTC)<br />
<br />
:::Hey Agent0, I'm aware of the discussion you reference, but unfortunately at the moment I don't have the time to follow complex discussions, so that's why I'm delaying answering :) Of course something like that would be possible, but I can't work on it now, sorry...<br />
:::And thank you Lahwaacz for trying to help, if you want to implement the idea go ahead of course, this is probably something more suited for wiki-scripts after all :) Good luck from me too!<br />
:::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 12:07, 6 September 2015 (UTC)<br />
<br />
==<s> Mailman 3 Page </s>==<br />
<br />
''[Moved to [[Talk:Mailman#Mailman 3 Page]]. — [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 08:31, 18 September 2015 (UTC)]''<br />
<br />
== <s>How to start using a bot</s> ==<br />
<br />
Hello again Kynikos! I've noticed your bot sorting maintainers in according to their activity, and I would like to use it in the same manner for [[ArchWiki Translation Team (Русский)#Команда|members of ru translation team]]. Please, can you write a short step-by-step algorithm of actions I must do?<br />
<br />
I've already installed wiki-monkey and arch-wiki in my browser, and also there's no need to provide code changes (I'm sure I'll find what I must change). Thanks in advance.<br />
<br />
-- [[User:Kycok|Kycok]] ([[User talk:Kycok|talk]]) 20:38, 4 October 2015 (UTC)<br />
<br />
:Hey Kycok, actually the sorting plugin wasn't designed to be used by other users than me, so it's not even installed in the official Wiki Monkey release. However I've tried to patch it so it can be configured for other uses, try the following:<br />
:# Uninstall the version of Wiki Monkey that you've installed<br />
:# Install [https://github.com/kynikos/wiki-monkey/raw/2.0.5/scripts/WikiMonkey-ArchWiki.user.js this version]<br />
:# Add the {{ic|&lt;!--START AUTO LIST ...}} comments above and below the user list in [[ArchWiki Translation Team (Русский)]], you can copy-paste them from e.g. [[ArchWiki:Maintainers]]<br />
:# Visit [[Special:Preferences#wiki-monkey]] and search for "040ASCC" in the configuration object.<br />
:# Change the following:<br />
{{bc|<br />
"040ASCC": [<br />
"ArchWikiSortContacts",<br />
null,<br />
null<br />
],<br />
}}<br />
::To:<br />
{{bc|<br />
"040ASCC": [<br />
"ArchWikiSortContacts",<br />
[<br />
"Sort translators"<br />
],<br />
[<br />
"ArchWiki Translation Team (Русский)",<br />
30,<br />
30,<br />
"The following Translators are currently inactive (less than 30 edits in the last 30 days):",<br />
"automatically sort translators list according to recent activity"<br />
]<br />
],<br />
}}<br />
::Then click on "Save"<br />
:If everything went well, you should now see a "Sort translators" button in [[Special:SpecialPages]] that might or might not do what you suggested (I haven't tried it :P )<br />
:Note that the version I've made you install is not an official release, and 1) I haven't tested it and 2) I don't think it's going to be updated automatically the next time I make an official release. Hopefully I'll remember to inform you to uninstall it and install the next stable version when I get to release it.<br />
:If it doesn't work I'll test it better when I find some time.<br />
:— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 10:30, 5 October 2015 (UTC)<br />
<br />
::Yup! It's working! :) Thank you a lot.<br />
::Just one important question, because I don't know all ArchWiki '''rules'''. Should I register a bot as a new user (''Kycok.bot''), or I can launch it as ''Kycok'' with word "BOT" added in the edit summary?<br />
:: -- [[User:Kycok|Kycok]] ([[User talk:Kycok|talk]]) 17:02, 5 October 2015 (UTC)<br />
<br />
:::Wow, working at the first attempt!!? There ''has'' to be something wrong somewhere... :D<br />
:::Nope, you don't need a bot account for sporadic automatic edits like sorting the list of translators. If however you're intentioned to use the bot to do large series of automatic edits on several articles (like dozens of them), then yes, it's better if you explain your plans first and then we decide whether to give you a bot account.<br />
:::— [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 07:32, 6 October 2015 (UTC)<br />
<br />
::::Ok, thank you again. Closing -- [[User:Kycok|Kycok]] ([[User talk:Kycok|talk]]) 12:22, 6 October 2015 (UTC)<br />
<br />
== Weewx ==<br />
<br />
I didn't intend to remove the "style" template, just the "stub". Thanks for fixing that. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 03:23, 16 December 2015 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=MIDI&diff=365042MIDI2015-03-11T14:17:45Z<p>JimRees: rm 404</p>
<hr />
<div>[[Category:Audio/Video]]<br />
[[ja:MIDI]]<br />
[[ru:MIDI]]<br />
MIDI itself, which stands for "Musical Instrument Digital Interface", is just a protocol and standard for communication between musical instruments and any device that understands the language. It can be used to control an array of synthesizers, make a tin can sound like a drum, or even operate industrial equipments.<br />
<br />
The scope of this article, however, will mainly focus on the usage of MIDI in computer systems for playback of files that contain MIDI data. These files usually come with the '''.mid''' extension, and were hugely popular in the golden days of multimedia computing to share music. In professional music composition/arrangement, it still plays a vital role.<br />
<br />
== MIDI File ==<br />
<br />
Without going into the details of what the format is composed of, you just need to understand that a MIDI file eg. '''foobar.mid''' does not contain any digital audio data, hence no "PCM stream". It is a common misconception that MIDI is a sound file format, and as such you usually see people complaining that music players like Amarok cannot play the file. Here is a very newbie-friendly outline of what a MIDI/MID file contains:<br />
<br />
'''# FOOBAR.MID'''<br />
Note ON<br />
''Use Instrument #1''<br />
''Play Note C1''<br />
''Set Volume at 100''<br />
''Set Pitch at 50''<br />
<br />
In order for such a file to be useful, there needs to be an "engine" that can translate the data to music. This engine will have a "tone generator", and this is what we call a "synthesizer". So any player that can play back a MIDI file without MIDI-capable hardware (your computer's sound device), has a synthesizer built-in or uses an external one. A typical keyboard (not the thing you are typing on) is actually made up of two components - a MIDI "controller" (the keys) and a synthesizer (tone generator/module; the thing that makes sound).<br />
<br />
So up to this point, you should be able to understand that:<br />
<br />
* There needs to be a synthesizer to play a MIDI file.<br />
* A synthesizer can be hardware or software.<br />
* Most computer soundcards/chipsets do NOT have synthesizers.<br />
* You need a synthesizer with a proper "bank" (collection of sounds) to be able to enjoy all the glory of MIDI files.<br />
* If a certain instrument is not in the bank, your synthesizer will not play anything for notes using that instrument.<br />
* If a certain instrument in the file corresponds to a different one in the bank, your synthesizer will play a different sound (obviously).<br />
<br />
== GM Bank ==<br />
<br />
General MIDI (GM) is a specification to standardise numerous MIDI-related matters, particularly that of instruments layout in a collection of sounds. A "soundbank" which is GM-compatible means that it meets the criteria of General MIDI, and as long as the MIDI file is also GM-compatible (as in nothing extraordinary is defined - such as introducing a new instrument or having one in a different location of the bank), the playback will be as intended since the bank has the correct instrument/handler for the MIDI message/event. One of the most popular soundbank formats is that of '''SoundFont''', particularly ''SF2''.<br />
<br />
* If you have a soundcard which can make use of soundfonts, you can load a '''.sf2''' file onto it.<br />
<br />
* If you do not have a soundcard which can make use of soundfonts (basically no hardware synthesizer), you can use a software synthesizer and load the SF2 file. In turn, you can find some way to globally make use of this synthesizer.<br />
<br />
== Playback ==<br />
<br />
"Why can I play MIDI with Windows Media Player, then?"<br />
<br />
Well, because Windows has a default software synthesizer which acts globally. Even then, it lacks the quality which should be expected of modern computers. If there were a way to do it on Linux, you would be able to play back MIDI from any player too. Perhaps a MIDI server (which will hold a synthesizer of choice like {{Pkg|timidity++}} or {{Pkg|fluidsynth}}) that sits within the sound server, like Phonon or PulseAudio. Nevertheless, nothing of this sort has been implemented and you can only play MIDI with a player that has a plug-in to source a synthesizer (for example {{AUR|xmms}} or {{Pkg|audacious}} or has a synthesizer itself.<br />
<br />
=== Hardware ===<br />
<br />
''(More details on soundcards and MIDI, possibly links to SBLive MIDI here...)''<br />
<br />
==== SB Audigy 1 - Emu10k1 WaveTable ====<br />
<br />
First, make sure that the '''Synth''' mixer control is not muted and that '''Audigy Analog/Digital output Jack''' is set to '''[Off]'''.<br />
<br />
To check and adjust them, use {{ic|alsamixer}} or your mixer of choice.<br />
<br />
Next, build and install the {{AUR|awesfx}} package from the [[AUR]]. Then, load a SoundFont file on the Emux WaveTable, like so:<br />
$ asfxload /path/to/any/file.sf2<br />
The .SF2 file can be any SoundFont. If you have access to ''2GMGSMT.SF2'' on Windows, you can use that one.<br />
<br />
You should be all set now. If you want to play your .mid files in [[Audacious]], you will need to configure it as follows:<br />
* ''File > Preferences > Plugins > Input > AMIDI-Plug > Preferences''<br />
** ''AMIDI PLug (tab) > Backend selection > ALSA Backend''<br />
** ALSA Backend (tab)<br />
*** 17:0 Emu10k1 WaveTable Emu10k1 Port 0<br />
*** 17:1 Emu10k1 WaveTable Emu10k1 Port 1<br />
*** 17:2 Emu10k1 WaveTable Emu10k1 Port 2<br />
*** 17:3 Emu10k1 WaveTable Emu10k1 Port 3<br />
*** ''Mixer settings > Soundcard > SB Audigy 1 [SB0092]''<br />
*** ''Mixer control > Synth''<br />
<br />
=== Software ===<br />
<br />
==== GStreamer-based players like Totem (GNOME Videos) or Rhythmbox ====<br />
<br />
You can play MIDI files on GNOME Videos and all other players using gstreamer as backend after having installed {{Pkg|gst-plugins-bad}} (which provides {{Pkg|fluidsynth}} as a dependency) and correctly configured Fluidsynth with a [[Timidity#SoundFonts|sound sample]]. See [[FluidSynth]] for more info.<br />
<br />
==== VLC ====<br />
<br />
You can play MIDI files on [[VLC]] if you configure the location of the Sound Font file. Previously you need to install a [[Timidity#SoundFonts|sound sample]], as well as the {{Pkg|fluidsynth}} package.<br />
<br />
On VLC:<br />
Tools > Preferences<br />
<br />
You have to show all settings. Then, go to ''Input/Codecs -> Audio codecs -> FluidSynth''.<br />
<br />
And, if you installed e.g. fluidr3 as wiki says, set the location to:<br />
<br />
/usr/share/soundfonts/fluidr3/FluidR3GM.SF2<br />
{{Note|Read the [https://mailman.archlinux.org/pipermail/aur-general/2014-February/027378.html mailing list thread] about merging fluidr3 with {{Pkg| soundfont-fluid}}.}}<br />
<br />
==== TiMidity++ ====<br />
<br />
MIDI to WAVE converter and player. See [[Timidity|TiMidity++]].<br />
<br />
==== FluidSynth ====<br />
<br />
MIDI player and a daemon adding MIDI support to ALSA. See [[FluidSynth]].</div>JimReeshttps://wiki.archlinux.org/index.php?title=Syslog-ng&diff=356970Syslog-ng2015-01-18T16:23:43Z<p>JimRees: /* syslog-ng and systemd journal */ syslog now automatically finds the correct source</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Daemons and system services]]<br />
[[ja:Syslog-ng]]<br />
{{Related articles start}}<br />
{{Related|rsyslog}}<br />
{{Related articles end}}<br />
<br />
{{Note|After upgrading to systemd, syslog-ng is unnecessary for most users and can be uninstalled, since the systemd journal provides this functionality.}}<br />
<br />
== Overview ==<br />
<br />
syslog-ng takes incoming log messages from defined '[[#Sources|sources]]' and forwards them to the appropriate [[#Destinations|destinations]], based on powerful [[#Creating Filters for Messages|filter]] directives. In a typical simple set-up, syslog-ng will read messages from three sources:<br />
<br />
# the default {{ic|/dev/log}} device, where most logs are sent<br />
# syslog-ng "internal" log messages<br />
# {{ic|/proc/kmsg}} kernel messages<br />
<br />
Sources are defined using the "source" directive. These incoming messages are then filtered according to defined filters ("filter" keyword), i.e. according to originating program or log level, and sent to the appropriate "destination". Destinations include log files (e.g. {{ic|/var/log/messages.log}}), printing messages on a console and remote servers. The pivotal function is [[#Log Paths|log]]. This function defines which filters should be applied to a certain source, and where the resulting messages should be sent to.<br />
<br />
[[Enable]] syslog-ng with the {{ic|syslog-ng.service}} service file. As of ''systemd'' 216, messages are no longer forwarded to syslog by default. Syslog-ng did not become journald aware until months later with the release of syslog-ng 3.6. This meant that if you were running systemd 216 or greater and syslog-ng you needed to set the option {{ic|1=ForwardToSyslog=yes}} in {{ic|/etc/systemd/journald.conf}} to actually use ''syslog-ng'' with ''journald''. <br />
<br />
If you use a current {{Pkg|syslog-ng}}, it is not necessary to change the option because [[syslog-ng]] pulls the messages from the journal. If you have set {{ic|1=ForwardToSyslog=yes}} you should revert it to {{ic|1=ForwardToSyslog=no}} in order to avoid the overhead associated with the socket and to avoid [https://github.com/balabit/syslog-ng/issues/314 needless error messages in the log].<br />
<br />
== Sources ==<br />
syslog-ng receives log messages from a source. To define a source you should follow the following syntax:<br />
source <identifier> { source-driver(params); source-driver(params); ... };<br />
<br />
You can look at the identifiers and source-drivers in the [http://www.balabit.com/support/documentation/ official manuals]. <br />
This will follow the manual to explain the configuration file above. The unix-stream() source-driver opens the given AF_UNIX<br />
[[wikipedia:Berkeley_sockets|socket]] and starts listening on it for messages. <br />
The internal() source-driver gets messages generated by syslog-ng.<br />
<br />
Therefore, the following means: {{ic|src}} gets messages from the {{ic|/dev/log}} socket and syslog-ng.<br />
source src { unix-stream("/dev/log"); internal(); };<br />
<br />
The kernel sends log messages to {{ic|/proc/kmsg}} and the file() driver reads log messages from files. Therefore, the following means:<br />
kernsrc gets messages from file {{ic|/proc/kmsg}}<br />
source kernsrc { file("/proc/kmsg"); };<br />
<br />
In the default configuration file after emerging syslog-ng, the source is defined as:<br />
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };<br />
<br />
Reading messages by {{ic|pipe("/proc/kmsg")}} gives a better performance but because it opens its argument in read-write mode can be a security<br />
hazard as the [http://www.balabit.com/sites/default/files/documents/syslog-ng-v3.0-guide-admin-en.html/index.html-single.html#configuring_sources_pipe syslog-ng admin guide] states in section 3.3.3:<br />
<br />
"Pipe is very similar to the file() driver, but there are a few differences, for example pipe() opens its argument in read-write mode, therefore it is not recommended to be used on special files like {{ic|/proc/kmsg}}." (You can follow this discussion in [http://forums.gentoo.org/viewtopic-t-558161.html this post].)<br />
<br />
To open a port to read data from a remote server a source must be defined with this syntax:<br />
source s_net { udp(); };<br />
<br />
for UDP or<br />
source s_net { tcp(); };<br />
<br />
to receive log messages via TCP. Both listen on port 514.<br />
<br />
=== syslog-ng and systemd journal===<br />
Starting with syslog-ng version 3.6.1 the default {{ic|system()}} source on Linux systems using systemd uses journald as its standard {{ic|system()}} source.<br />
<br />
If you wish to use both the journald and syslog-ng files, ensure the following settings are in effect. For systemd-journald, in the {{ic|/etc/systemd/journald.conf}} file, {{ic|1=Storage=}} either set to {{ic|auto}} or unset (which defaults to auto) and {{ic|1=ForwardToSyslog=}} set to {{ic|no}} or unset (defaults to no). For {{ic|/etc/syslog-ng/syslog-ng.conf}}, you need the following {{ic|source}} stanza:<br />
<br />
{{bc|<nowiki><br />
source src {<br />
system();<br />
internal();<br />
};</nowiki>}}<br />
<br />
If, on the other hand, you wish ''not'' to retain the journald logs, but only syslog-ng's text logs, set {{ic|<nowiki>Storage=none</nowiki>}} and {{ic|1=ForwardToSyslog=yes}} in {{ic|/etc/systemd/journald.conf}}.<br />
<br />
After the change [[Restart|restart]] the {{ic|systemd-journald.service}} and {{ic|syslog-ng.service}} daemons.<br />
<br />
== Destinations ==<br />
In syslog-ng, log messages are sent to files. The syntax is very similar to sources:<br />
destination <identifier> {destination-driver(params); destination-driver(params); ... };<br />
<br />
You will be normally logging to a file, but you could log to a different destination-driver: pipe, Unix socket, TCP-UDP ports,<br />
terminals or to specific programs. Therefore, this means sending authlog messages to {{ic|/var/log/auth.log}}:<br />
destination authlog { file("/var/log/auth.log"); };<br />
<br />
If the user is logged in, {{ic|usertty()}} sends messages to the terminal of the specified user. If you want to send console messages<br />
to root's terminal if it is logged in:<br />
destination console { usertty("root"); };<br />
<br />
Messages can be sent to a pipe with {{ic|pipe()}}. The following sends xconsole messages to the pipe {{ic|/dev/xconsole}}.<br />
This needs some more configuration, so you could look at the sub-section xconsole below.<br />
destination xconsole { pipe("/dev/xconsole"); };<br />
<br />
To send messages on the network, use {{ic|udp()}}. The following will send your log data out to another server.<br />
destination remote_server { udp("10.0.0.2" port(514)); };<br />
<br />
== Creating Filters for Messages ==<br />
The syntax for the filter statement is:<br />
filter <identifier> { expression; };<br />
<br />
Functions can be used in the expression, such as the function {{ic|facility()}} which selects messages based on the facility codes. <br />
The Linux kernel has a few facilities you can use for logging. Each facility has a log-level; where debug is the most verbose,<br />
and panic only shows serious errors. You can find the facilities, log levels and priority names in {{ic|/usr/include/sys/syslog.h}}.<br />
To filter those messages coming from authorization, like <br />
''<nowiki>May 11 23:42:31 mimosinnet su(pam_unix)[18569]: session opened for user root by (uid=1000)</nowiki>'', use the following:<br />
filter f_auth { facility(auth); };<br />
<br />
The facility expression can use the boolean operators {{ic|and}}, {{ic|or}}, and {{ic|not}}, so the following filter<br />
selects those messages not coming from authorization, network news or mail:<br />
filter f_debug { not facility(auth, authpriv, news, mail); };<br />
<br />
The function {{ic|level()}} selects messages based on its priority level, so if you want to select informational levels:<br />
filter f_info { level(info); };<br />
<br />
Functions and boolean operators can be combined in more complex expressions. The following line filters messages with a priority level from<br />
informational to warning not coming from auth, authpriv, mail and news facilities:<br />
filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news); };<br />
<br />
Messages can also be selected by matching a regular expression in the message with the function {{ic|match("regex" value("TEMPLATE"))}}. For example:<br />
filter f_failed { match("failed" value("MESSAGE")); };<br />
<br />
here is a list of templates : <br />
"AMPM", "BSDTAG", "DATE, C_DATE, R_DATE, S_DATE", "DAY, C_DAY, R_DAY, S_DAY", "FACILITY", "FACILITY_NUM", "FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE", "FULLHOST", "FULLHOST_FROM", "HOUR, C_HOUR, R_HOUR, S_HOUR", "HOUR12, C_HOUR12, R_HOUR12, S_HOUR12", "HOST", "HOST_FROM", "ISODATE, C_ISODATE, R_ISODATE, S_ISODATE", "LEVEL_NUM", "LOGHOST", "MIN, C_MIN, R_MIN, S_MIN", "MONTH, C_MONTH, R_MONTH, S_MONTH", "MONTH_ABBREV, C_MONTH_ABBREV, R_MONTH_ABBREV, S_MONTH_ABBREV", "MONTH_NAME, C_MONTH_NAME, R_MONTH_NAME, S_MONTH_NAME", "MONTH_WEEK, C_MONTH_WEEK, R_MONTH_WEEK, S_MONTH_WEEK", "MSEC, C_MSEC, R_MSEC, S_MSEC", "MSG or MESSAGE", "MSGHDR", "MSGID", "MSGONLY", "PID", "PRI", "PRIORITY or LEVEL", "PROGRAM", "SDATA, .SDATA.SDID.SDNAME", "SEC, C_SEC, R_SEC, S_SEC", "SOURCEIP", "SEQNUM", "STAMP, R_STAMP, S_STAMP", "SYSUPTIME", "TAG", "TAGS", "TZ, C_TZ, R_TZ, S_TZ", "TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET", "UNIXTIME, C_UNIXTIME, R_UNIXTIME, S_UNIXTIME", "USEC, C_USEC, R_USEC, S_USEC", "YEAR, C_YEAR, R_YEAR, S_YEAR", "WEEK, C_WEEK, R_WEEK, S_WEEK", "WEEK_ABBREV, C_WEEK_ABBREV, R_WEEK_ABBREV, S_WEEK_ABBREV", "WEEK_DAY, C_WEEK_DAY, R_WEEK_DAY, S_WEEK_DAY", "WEEKDAY, C_WEEKDAY, R_WEEKDAY, S_WEEKDAY", "WEEK_DAY_NAME, C_WEEK_DAY_NAME, R_WEEK_DAY_NAME, S_WEEK_DAY_NAME".<br />
<br />
To filter messages received from a particular remote host, the {{ic|host()}} function must be used:<br />
filter f_host { host( "192.168.1.1" ); };<br />
<br />
== Log Paths ==<br />
syslog-ng connects sources, filters and destinations with log statements. The syntax is:<br />
log {source(s1); source(s2); ...<br />
filter(f1); filter(f2); ...<br />
destination(d1); destination(d2); ...<br />
flags(flag1[, flag2...]); };<br />
<br />
The following for example sends messages from {{ic|src}} source to {{ic|mailinfo}} destination filtered by {{ic|f_info}} filter.<br />
log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };<br />
<br />
== Tips and Tricks ==<br />
After understanding the logic behind syslog-ng, many possible and complex configuration are possible. Here there are some examples.<br />
<br />
=== Have syslog-ng reload the configuration file ===<br />
<br />
You can make syslog-ng re-evaluate the configuration file. You can do so manually by sending a {{ic|SIGHUP}} to the process, or call the reload function with systemctl:<br />
# systemctl reload syslog-ng<br />
<br />
=== Failover Logging to Remote Host ===<br />
This setup shows how to send the default unencrypted syslog packets across both TCP and UDP protocols, using the standard port (514) and an alternate port. This is sending the same output to the same machine 4 different ways to try and make sure packets make it. Mostly useful if you are debugging a remote server that fails to reboot. The different ports and protocols are to make it past any firewall filters or other network problems. Also useful for port-forwarding and using tunnels. Something like this setup is ideal to tunnel across an ssh connection that the prone-to-failover host initiates through a reverse connection.<br />
<br />
{{bc|<nowiki>#sending to a remote syslog server on TCP and UDP ports (not encrypted)<br />
destination askapache_failover_loghost {<br />
tcp("208.86.158.195" port(25214));<br />
udp("208.86.158.195" port(25214));<br />
udp("mysyslog1.dyndns.org" port(514));<br />
};<br />
log { <br />
source(src); <br />
destination(askapache_failover_loghost);<br />
};</nowiki><br />
}}<br />
<br />
And then on the loghost receiving these logs:<br />
<br />
{{bc|<nowiki>#a USB redirected console for flexible viewing<br />
destination debugging_console {<br />
file("/dev/ttyU1");<br />
};<br />
<br />
# listens on IP addresses and ports, sets the incoming settings<br />
source prone_to_failover_host {<br />
tcp(ip(208.86.158.195),port(25214));<br />
udp(ip(208.86.158.195) port(25214));<br />
<br />
udp(default-facility(syslog) default-priority(emerg));<br />
tcp(default-facility(syslog) default-priority(emerg));<br />
}<br />
<br />
# log it<br />
log {<br />
source(prone_to_failover_host); <br />
destination(debugging_console);<br />
};</nowiki><br />
}}<br />
<br />
=== Move log to another file ===<br />
In order to move some log from {{ic|/var/log/messages}} to another file:<br />
<br />
{{bc|<nowiki>#sshd configuration<br />
destination ssh { file("/var/log/ssh.log"); };<br />
filter f_ssh { program("sshd"); };<br />
log { source(src); filter(f_ssh); destination(ssh); };</nowiki><br />
}}<br />
<br />
=== Configuring as a loghost ===<br />
Configuring your system to be a loghost is quite simple. Drop the following into your configuration, and create the needed directory.<br />
With this simple configuration, log filenames will be based on the [[Wikipedia:FQDN|FQDN]] of the remote host,<br />
and located in {{ic|/var/log/remote/}}. After creating the remote directory, reload your syslog-ng configuration.<br />
<br />
{{bc|<nowiki>source net { udp(); };<br />
destination remote { file("/var/log/remote/${FULLHOST}-log"); };<br />
log { source(net); destination(remote); };</nowiki><br />
}}<br />
<br />
=== Improve Performance ===<br />
syslog-ng's performance can be improved in different ways:<br />
<br />
==== Write every so often ====<br />
It seems that the old {{ic|sync(X)}} '''option''' is called {{ic|flush_lines(X)}} now, where the writing to the file is buffered for {{ic|X}} lines. Default is 0 (no buffering).<br />
<br />
==== Avoid redundant processing and disk space ====<br />
A single log message can be sent to different log files several times. For example, in the initial configuration file, we have the following definitions:<br />
<br />
{{bc|<nowiki>destination cron { file("/var/log/cron.log"); };<br />
destination messages { file("/var/log/messages"); };<br />
filter f_cron { facility(cron); };<br />
filter f_messages { level(info..warn) <br />
and not facility(auth, authpriv, mail, news); };<br />
log { source(src); filter(f_cron); destination(cron); };<br />
log { source(src); filter(f_messages); destination(messages); };</nowiki><br />
}}<br />
<br />
The same message from the {{ic|cron}} facility will end up in both the {{ic|cron.log}} and {{ic|messages}} files. To change this behavior we can use the {{ic|final}} flag, <br />
ending up further processing with the message. Therefore, in this example, if we want messages from the {{ic|cron}} facility not ending up in the<br />
messages file, we should change the cron's log sentence by:<br />
<br />
log { source(src); filter(f_cron); destination(cron); flags(final); };<br />
<br />
another way is to exclude the {{ic|cron}} facility from {{ic|f_messages}} filter:<br />
filter f_messages { level(info..warn) and not facility(cron, auth, authpriv, mail, news); };<br />
<br />
=== PostgreSQL Destination ===<br />
This section will use two roles: {{ic|syslog}} and {{ic|logwriter}}. {{ic|syslog}} will be the administrator of the database {{ic|syslog}} and {{ic|logwriter}} will only be able to add records to the {{ic|logs}} table.<br />
<br />
No longer needed to create table for logs. syslog-ng will create automatically.<br />
psql -U postgres<br />
<br />
postgres=# CREATE ROLE syslog WITH LOGIN;<br />
postgres=# \password syslog # Using the \password function is secure because<br />
postgres=# \password logwriter # the password is not saved in history.<br />
postgres=# CREATE DATABASE syslog OWNER syslog;<br />
postgres=# \q # You are done here for the moment<br />
<br />
Edit {{ic|pg_hba.conf}} to allow {{ic|syslog}} and {{ic|logwriter}} to establish a connection to PostgreSQL.<br />
<br />
{{hc|/var/lib/postgresql/data/pg_hba.conf|<br />
# TYPE DATABASE USER CIDR-ADDRESS METHOD<br />
<br />
host syslog logwriter 192.168.0.1/24 md5<br />
host syslog syslog 192.168.0.10/32 md5<br />
}}<br />
<br />
Tell PostgreSQL to reload the configuration files:<br />
<br />
# systemctl reload postgresql<br />
<br />
Edit {{ic|/etc/syslog-ng.conf}} so that it knows where and how to write to PostgreSQL. syslog-ng will utilize the {{ic|logwriter}} role.<br />
<br />
{{bc|<nowiki>...<br />
#<br />
# SQL logging support<br />
#<br />
<br />
destination d_pgsql {<br />
sql(type(pgsql)<br />
host("127.0.0.1") username("logwriter") password("password")<br />
database("syslog")<br />
table("logs_${HOST}_${R_YEAR}${R_MONTH}${R_DAY}") #or whatever you want, example ${HOST}" for hosts, ${LEVEL}" for levels.. etc<br />
columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message varchar(200)")<br />
values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG")<br />
indexes("datetime", "host", "program", "pid", "message"));<br />
};<br />
<br />
log { source(src); destination(d_pgsql); };</nowiki><br />
}}<br />
<br />
Finally, restart syslog-ng.<br />
# systemctl restart syslog-ng<br />
<br />
And check to see if things are being logged.<br />
psql -U logwriter -d syslog<br />
syslog=> SELECT * FROM <your table name> ORDER BY datetime DESC LIMIT 10;<br />
<br />
=== ISO 8601 timestamps ===<br />
'''Before''' :<br />
#logger These timestamps are not optimal.<br />
#tail -n 1 /var/log/messages.log<br />
Feb 18 14:25:01 hostname logger: These timestamps are not optimal.<br />
#<br />
<br />
Add {{ic|ts_format(iso);}} to {{ic|/etc/syslog-ng/syslog-ng.conf}} in the options section. Example:<br />
options {<br />
stats_freq (0);<br />
flush_lines (0);<br />
time_reopen (10);<br />
log_fifo_size (1000);<br />
long_hostnames(off); <br />
use_dns (no);<br />
use_fqdn (no);<br />
create_dirs (no);<br />
keep_hostname (yes);<br />
perm(0640);<br />
group("log");<br />
ts_format(iso); #make ISO-8601 timestamps<br />
};<br />
<br />
Then:<br />
# systemctl reload syslog-ng<br />
<br />
'''After''' :<br />
#logger Now THAT is a timestamp!<br />
#tail -n 2 /var/log/messages.log<br />
Feb 18 14:25:01 hostname logger: These timestamps are not optimal.<br />
2010-02-18T20:23:58-05:00 electron logger: Now THAT is a timestamp!<br />
#<br />
<br />
=== RFC 3339 timestamps ===<br />
Same as above, except use {{ic|rfc3339}} instead of {{ic|iso}} for {{ic|ts_format}}<br />
<br />
=== Log Levels ===<br />
<br />
Log levels are defined separately for each logged facility in syslog-ng config. Available log levels are listed in /usr/include/sys/syslog.h :<br />
<br />
define LOG_EMERG 0 /* system is unusable */<br />
define LOG_ALERT 1 /* action must be taken immediately */<br />
define LOG_CRIT 2 /* critical conditions */<br />
define LOG_ERR 3 /* error conditions */<br />
define LOG_WARNING 4 /* warning conditions */<br />
define LOG_NOTICE 5 /* normal but significant condition */<br />
define LOG_INFO 6 /* informational */<br />
define LOG_DEBUG 7 /* debug-level messages */<br />
<br />
=== Macros and Variables ===<br />
Macros can be used in both templates, and in destination file names. [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/reference-macros.html Macros of syslog-ng OSE].<br />
<br />
The following code will write the log lines to {{ic|/var/log/test.log}} in the format of {{ic|<nowiki>macroname=value@</nowiki>}}. <br />
<br />
{{bc|<nowiki>template t_test { template("PROGRAM=$PROGRAM@PID=$PID@BSDTAG=$BSDTAG@TAG=$TAG@TAGS=$TAGS@FACILITY=$FACILITY@FACILITY_NUM=$FACILITY_NUM@LEVEL=$LEVEL@LEVEL_NUM=$LEVEL_NUM@PRI=$PRI@PRIORITY=$PRIORITY@FULLHOST=$FULLHOST@FULLHOST_FROM=$FULLHOST_FROM@HOST=$HOST@HOST_FROM=$HOST_FROM@LOGHOST=$LOGHOST@MSGHDR=$MSGHDR@MSGID=$MSGID@MSGONLY=$MSGONLY@MSG=$MSG@MESSAGE=$MESSAGE@SOURCE=$SOURCE@SOURCEIP=$SOURCEIP@SOURCE_IP=$SOURCE_IP@SEQNUM=$SEQNUM@UNIXTIME=$UNIXTIME@FULLDATE=$FULLDATE@ISODATE=$ISODATE@DATE=$DATE@STAMP=$STAMP@TZ=$TZ@TZOFFSET=$TZOFFSET@SEC=$SEC@MIN=$MIN@HOUR=$HOUR@HOUR12=$HOUR12@DAY=$DAY@WEEK=$WEEK@WEEK_DAY=$WEEK_DAY@WEEK_DAY_ABBREV=$WEEK_DAY_ABBREV@WEEK_DAY_NAME=$WEEK_DAY_NAME@MONTH=$MONTH@MONTH_ABBREV=$MONTH_ABBREV@MONTH_NAME=$MONTH_NAME@MONTH_WEEK=$MONTH_WEEK@YEAR=$YEAR@YEAR_DAY=$YEAR_DAY<br />
\n"); template_escape(no); };<br />
<br />
destination d_test { file("/var/log/test.log" template(t_test)); };<br />
<br />
log { source(s_local); destination(d_test); flags(final); };<br />
</nowiki>}}<br />
<br />
You can create your own value list as below once syslog-ng is restarted with:<br />
{{ic|<nowiki>tail /var/log/test.log|tr "@" "\n"</nowiki>}}<br />
<br />
{{bc|<nowiki><br />
PROGRAM=kernel<br />
PID=<br />
BSDTAG=4A<br />
TAG=04<br />
TAGS=.source.s_local<br />
FACILITY=kern<br />
FACILITY_NUM=0<br />
LEVEL=warning<br />
LEVEL_NUM=4<br />
PRI=4<br />
PRIORITY=warning<br />
FULLHOST=www.askapache.com<br />
FULLHOST_FROM=www.askapache.com<br />
HOST=www.askapache.com<br />
HOST_FROM=www.askapache.com<br />
LOGHOST=<br />
MSGHDR=kernel: <br />
MSGID=<br />
MSGONLY=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
MSG=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
MESSAGE=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
SOURCE=s_local<br />
SOURCEIP=127.0.0.1<br />
SOURCE_IP=<br />
UNIXTIME=1369742458<br />
FULLDATE=2013 May 28 08:00:58<br />
ISODATE=2013-05-28T08:00:58-04:00<br />
DATE=May 28 08:00:58<br />
STAMP=2013-05-28T08:00:58-04:00<br />
TZ=-04:00<br />
TZOFFSET=-04:00<br />
SEC=58<br />
MIN=00<br />
HOUR=08<br />
HOUR12=<br />
DAY=28<br />
WEEK=21<br />
WEEK_DAY=3<br />
WEEK_DAY_ABBREV=Tue<br />
WEEK_DAY_NAME=Tuesday<br />
MONTH=05<br />
MONTH_ABBREV=May<br />
MONTH_NAME=May<br />
MONTH_WEEK=4<br />
YEAR=2013<br />
YEAR_DAY=148<br />
</nowiki>}}<br />
<br />
=== See Also ===<br />
* [[Netconsole]] A kernel module that sends all kernel log messages (i.e. dmesg) over the network to another computer, without involving user space (e.g. syslogd).<br />
<br />
== External Links ==<br />
* [http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/overview syslog-ng OSE Project Page]<br />
* [http://www.balabit.com/support/documentation/ Portal to syslog-ng Documentation]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/index.html The syslog-ng 3.4 Administrator Guide]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/syslog-ng-parameter-index.html List of syslog-ng 3.4 Parameters]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/reference-macros.html List of syslog-ng 3.4 Macros]<br />
* [http://freshmeat.net/projects/syslog-ng/ syslog-ng Project Page on Freshmeat]<br />
* [http://en.gentoo-wiki.com/wiki/Syslog-ng Gentoo syslog-ng wiki]<br />
* [http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=3 Gentoo Security Handbook on Logging]<br />
* [http://www.kdough.net/docs/syslog_postgresql/ Syslog Logging with PostgreSQL HOWTO]<br />
* [[wikipedia:ISO_8601|ISO_8601]] Wikipedia page for ISO 8601<br />
* [http://tools.ietf.org/html/rfc3164 RFC 3164] - The BSD syslog Protocol<br />
* [http://tools.ietf.org/html/rfc3164 RFC 5424] - The Syslog Protocol<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5425] - Transport Layer Security (TLS) Transport Mapping for Syslog<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5426] - Transmission of Syslog Messages over UDP<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5427] - Textual Conventions for Syslog Management<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5428] - MIB for PacketCable and IPCablecom-Compliant Devices<br />
* [http://tools.ietf.org/html/rfc3339 RFC 3339] - Date and Time on the Internet: Timestamps</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Syslog-ng&diff=356966Talk:Syslog-ng2015-01-18T16:06:51Z<p>JimRees: /* syslog-ng example doesn't work */ new section</p>
<hr />
<div>after the example syslog-ng.conf, and aside from the timestamps and remote loghost tips, most of this article has been adapted from the gentoo wiki page for syslog-ng.conf .. FYI<br />
<br />
So yes it needs updating for arch please <br />
<br />
[[User:AskApache|AskApache]] 22:19, 14 September 2010 (EDT)<br />
<br />
== Is match() example right? ==<br />
<br />
The example:<br />
filter f_failed { match("regex" value("failed")); };<br />
is in my opinion bad.<br />
<br />
List of supported values in value() should be: "HOST", "HOST_FROM", "MESSAGE", "PROGRAM", "PID", "MSGID" and "SOURCE".<br />
<br />
More info: https://lists.balabit.hu/pipermail/syslog-ng/2009-April/012789.html<br />
<br />
Better example could be:<br />
<br />
filter f_grsecurity { match("^grsec" value("MESSAGE")); };<br />
''This is real/working example from my syslog-ng config.''<br />
<br />
[[User:Tojaj|Tojaj]] 16:39, 8 February 2011 (EST)<br />
<br />
<br />
<br />
I'm Confirming what [[User:Tojaj|Tojaj]] said. It's not only bad, it doesn't work. I looked into [http://www.balabit.com/support/documentation/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/pdf/syslog-ng-ose-v3.4-guide-admin.pdf this documentation] to find a description and a list of supported values.<br />
<br />
This is an extract of the documentation : <br />
{{hc|match()|<br />
Description: Match a regular expression to the headers and the message itself (that is, the values returned by the<br />
MSGHDR and MSG macros). Note that in syslog-ng version 2.1 and earlier, the match() filter was applied only to<br />
the text of the message, excluding the headers. This functionality has been moved to the message() filter.<br />
<br />
To limit the scope of the match to a specific part of the message (identified with a macro), use the match(regexp<br />
value("MACRO")) syntax. Do not include the $ sign in the parameter of the value() option.<br />
<br />
The value() parameter accepts both built-in macros and user-defined ones created with a parser or using a pattern<br />
database. For details on macros and parsers, see Section 11.1.2, Templates and macros (p. 212), Section 12.2, Parsing<br />
messages (p. 234), and Section 13.2.1, Using parser results in filters and templates (p. 244).}}<br />
<br />
<br />
So the complete list of supported values is : <br />
"AMPM", "BSDTAG", "DATE, C_DATE, R_DATE, S_DATE", "DAY, C_DAY, R_DAY, S_DAY", "FACILITY", "FACILITY_NUM", "FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE", "FULLHOST", "FULLHOST_FROM", "HOUR, C_HOUR, R_HOUR, S_HOUR", "HOUR12, C_HOUR12, R_HOUR12, S_HOUR12", "HOST", "HOST_FROM", "ISODATE, C_ISODATE, R_ISODATE, S_ISODATE", "LEVEL_NUM", "LOGHOST", "MIN, C_MIN, R_MIN, S_MIN", "MONTH, C_MONTH, R_MONTH, S_MONTH", "MONTH_ABBREV, C_MONTH_ABBREV, R_MONTH_ABBREV, S_MONTH_ABBREV", "MONTH_NAME, C_MONTH_NAME, R_MONTH_NAME, S_MONTH_NAME", "MONTH_WEEK, C_MONTH_WEEK, R_MONTH_WEEK, S_MONTH_WEEK", "MSEC, C_MSEC, R_MSEC, S_MSEC", "MSG or MESSAGE", "MSGHDR", "MSGID", "MSGONLY", "PID", "PRI", "PRIORITY or LEVEL", "PROGRAM", "SDATA, .SDATA.SDID.SDNAME", "SEC, C_SEC, R_SEC, S_SEC", "SOURCEIP", "SEQNUM", "STAMP, R_STAMP, S_STAMP", "SYSUPTIME", "TAG", "TAGS", "TZ, C_TZ, R_TZ, S_TZ", "TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET", "UNIXTIME, C_UNIXTIME, R_UNIXTIME, S_UNIXTIME", "USEC, C_USEC, R_USEC, S_USEC", "YEAR, C_YEAR, R_YEAR, S_YEAR", "WEEK, C_WEEK, R_WEEK, S_WEEK", "WEEK_ABBREV, C_WEEK_ABBREV, R_WEEK_ABBREV, S_WEEK_ABBREV", "WEEK_DAY, C_WEEK_DAY, R_WEEK_DAY, S_WEEK_DAY", "WEEKDAY, C_WEEKDAY, R_WEEKDAY, S_WEEKDAY", "WEEK_DAY_NAME, C_WEEK_DAY_NAME, R_WEEK_DAY_NAME, S_WEEK_DAY_NAME".<br />
<br />
[[User:Nrm|Nrm]] ([[User talk:Nrm|talk]]) 07:57, 20 August 2013 (UTC)<br />
<br />
== Reversal typo in Shorewall examples ==<br />
<br />
The example:<br />
filter f_shorewall { not match("regex" value("Shorewall")); }; # Filter everything except regex keyword Shorewall<br />
filter f_noshorewall { match("regex" value("Shorewall")); }; # Filter regex keyword Shorewall<br />
I believe the identifiers are switched. I have switched them to what I think they are intended to be.<br />
[[User:nuclearsandwich|nuclearsandwich]] 14:58, 26 February 2011 (PST)<br />
<br />
== Directly to SQL ==<br />
<br />
I notice that we still aren't running syslog-ng with --enable-sql (should be a trivial change at some point) but thought I would populate some basic options that will work well in the wiki when available.<br />
<br />
This config is only valid for 3.2 and up (Current as of this writing in Arch is 3.3.4.5).<br />
<br />
Taken directly from http://pzolee.blogs.balabit.com/2010/10/syslog-ng-example-configurations/<br />
<br />
<pre><br />
@version: 3.2<br />
source s_file{file("/var/log/inputfile*.log" follow-freq(1));};<br />
destination d_sql {<br />
sql(<br />
type("mysql")<br />
host("10.100.20.46")<br />
username("test_user")<br />
password("password")<br />
database("test_db")<br />
table("testtable-$YEAR-$MONTH-$DAY")<br />
columns("insert_time int", "date_time varchar(32)", "facility int", "priority int", "host varchar(255)", "program varchar(64)", "pid int", "message varchar(4000)")<br />
values("${R_UNIXTIME}", "${S_YEAR}-${S_MONTH}-${S_DAY} ${S_HOUR}:${S_MIN}:${S_SEC}", "$FACILITY_NUM", "$LEVEL_NUM", "$HOST", "$PROGRAM", "${PID:-0}", "$MSGONLY")<br />
indexes("insert_time", "date_time", "facility", "host", "program")<br />
);<br />
};<br />
log{<br />
source (s_file);<br />
destination (d_sql);<br />
};<br />
</pre><br />
<br />
- Provided by HRabbit (2012-04-26)<br />
<br />
== Example configuration file is outdated ==<br />
The used /etc/syslog-ng/syslog-ng.conf file is outdated. It generates these errors when restarting syslog-ng:<br />
<pre>$ sudo rc.d restart syslog-ng<br />
:: Stopping Syslog-NG [DONE] <br />
:: Starting Syslog-NG [BUSY] <br />
<br />
WARNING: Configuration file format is too old, please update it to use the 3.3 format as some constructs might operate inefficiently;<br />
WARNING: global: the default value of log_fifo_size() has changed to 10000 in version 3.3 to reflect log_iw_size() changes for tcp()/udp() window size changes;<br />
Error parsing config, syntax error, unexpected KW_LOG in /etc/syslog-ng/syslog-ng.conf at line 30, column 10:<br />
<br />
group(log);<br />
^^^<br />
<br />
syslog-ng documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<br />
mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng</pre><br />
[[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 01:04, 2 July 2012 (UTC)<br />
:I'm using syslog-ng 3.3.5-1 and I get no warnings.<br />
:For solving such issues, I think forums, IRC or the arch-general mailing list is better than the wiki. - [[User:Karol|Karol]] ([[User talk:Karol|talk]]) 08:59, 2 July 2012 (UTC)<br />
::Thanks for your response.<br />
::I'm not searching for answes to my problems but merely warning the Wiki article might to be out of date. For starters the @version tag in line 1 should read <br />
::<pre>@version: major.minor</pre><br />
::and reflect the current version of syslog-ng used in Arch. I haven't investigated the error I got but probably the original author of this section could have a look.<br />
::[[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 19:00, 2 July 2012 (UTC)<br />
:::I may have misunderstood you. If you're referring to the [https://wiki.archlinux.org/index.php/Syslog-ng#Example_configuration_file Example configuration file] then yes, it is outdated as the current version is 3.3. I think we should replace it with a link to [https://projects.archlinux.org/svntogit/packages.git/plain/trunk/syslog-ng.conf?h=packages/syslog-ng the current one]. What do you think? -- [[User:Karol|Karol]] ([[User talk:Karol|talk]]) 20:30, 2 July 2012 (UTC)<br />
::::The author -who uses the description 'my own personal preferences'- has a point providing a more detailed example of the configuration file other than the current one which is already in /etc/syslog-ng/. However, I would like him to update this one so at least it works. [[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 23:42, 2 July 2012 (UTC)<br />
<br />
== journald.conf.d ==<br />
<br />
I wonder if the examples that suggest editing journald.conf should instead suggest adding override files under journald.conf.d. This has the advantage of not needing a merge when journald is updated. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:53, 18 January 2015 (UTC)<br />
<br />
== syslog-ng example doesn't work ==<br />
<br />
Setting the source to /dev/log doesn't work:<br />
Using /dev/log Unix socket with systemd is not possible. Changing to systemd-syslog source, which supports socket activation.;<br />
Failed to acquire /run/systemd/journal/syslog socket, disabling systemd-syslog source;<br />
I will try to figure out how to fix this and update the wiki. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 16:06, 18 January 2015 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:Syslog-ng&diff=356965Talk:Syslog-ng2015-01-18T15:53:05Z<p>JimRees: /* journald.conf.d */ new section</p>
<hr />
<div>after the example syslog-ng.conf, and aside from the timestamps and remote loghost tips, most of this article has been adapted from the gentoo wiki page for syslog-ng.conf .. FYI<br />
<br />
So yes it needs updating for arch please <br />
<br />
[[User:AskApache|AskApache]] 22:19, 14 September 2010 (EDT)<br />
<br />
== Is match() example right? ==<br />
<br />
The example:<br />
filter f_failed { match("regex" value("failed")); };<br />
is in my opinion bad.<br />
<br />
List of supported values in value() should be: "HOST", "HOST_FROM", "MESSAGE", "PROGRAM", "PID", "MSGID" and "SOURCE".<br />
<br />
More info: https://lists.balabit.hu/pipermail/syslog-ng/2009-April/012789.html<br />
<br />
Better example could be:<br />
<br />
filter f_grsecurity { match("^grsec" value("MESSAGE")); };<br />
''This is real/working example from my syslog-ng config.''<br />
<br />
[[User:Tojaj|Tojaj]] 16:39, 8 February 2011 (EST)<br />
<br />
<br />
<br />
I'm Confirming what [[User:Tojaj|Tojaj]] said. It's not only bad, it doesn't work. I looked into [http://www.balabit.com/support/documentation/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/pdf/syslog-ng-ose-v3.4-guide-admin.pdf this documentation] to find a description and a list of supported values.<br />
<br />
This is an extract of the documentation : <br />
{{hc|match()|<br />
Description: Match a regular expression to the headers and the message itself (that is, the values returned by the<br />
MSGHDR and MSG macros). Note that in syslog-ng version 2.1 and earlier, the match() filter was applied only to<br />
the text of the message, excluding the headers. This functionality has been moved to the message() filter.<br />
<br />
To limit the scope of the match to a specific part of the message (identified with a macro), use the match(regexp<br />
value("MACRO")) syntax. Do not include the $ sign in the parameter of the value() option.<br />
<br />
The value() parameter accepts both built-in macros and user-defined ones created with a parser or using a pattern<br />
database. For details on macros and parsers, see Section 11.1.2, Templates and macros (p. 212), Section 12.2, Parsing<br />
messages (p. 234), and Section 13.2.1, Using parser results in filters and templates (p. 244).}}<br />
<br />
<br />
So the complete list of supported values is : <br />
"AMPM", "BSDTAG", "DATE, C_DATE, R_DATE, S_DATE", "DAY, C_DAY, R_DAY, S_DAY", "FACILITY", "FACILITY_NUM", "FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE", "FULLHOST", "FULLHOST_FROM", "HOUR, C_HOUR, R_HOUR, S_HOUR", "HOUR12, C_HOUR12, R_HOUR12, S_HOUR12", "HOST", "HOST_FROM", "ISODATE, C_ISODATE, R_ISODATE, S_ISODATE", "LEVEL_NUM", "LOGHOST", "MIN, C_MIN, R_MIN, S_MIN", "MONTH, C_MONTH, R_MONTH, S_MONTH", "MONTH_ABBREV, C_MONTH_ABBREV, R_MONTH_ABBREV, S_MONTH_ABBREV", "MONTH_NAME, C_MONTH_NAME, R_MONTH_NAME, S_MONTH_NAME", "MONTH_WEEK, C_MONTH_WEEK, R_MONTH_WEEK, S_MONTH_WEEK", "MSEC, C_MSEC, R_MSEC, S_MSEC", "MSG or MESSAGE", "MSGHDR", "MSGID", "MSGONLY", "PID", "PRI", "PRIORITY or LEVEL", "PROGRAM", "SDATA, .SDATA.SDID.SDNAME", "SEC, C_SEC, R_SEC, S_SEC", "SOURCEIP", "SEQNUM", "STAMP, R_STAMP, S_STAMP", "SYSUPTIME", "TAG", "TAGS", "TZ, C_TZ, R_TZ, S_TZ", "TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET", "UNIXTIME, C_UNIXTIME, R_UNIXTIME, S_UNIXTIME", "USEC, C_USEC, R_USEC, S_USEC", "YEAR, C_YEAR, R_YEAR, S_YEAR", "WEEK, C_WEEK, R_WEEK, S_WEEK", "WEEK_ABBREV, C_WEEK_ABBREV, R_WEEK_ABBREV, S_WEEK_ABBREV", "WEEK_DAY, C_WEEK_DAY, R_WEEK_DAY, S_WEEK_DAY", "WEEKDAY, C_WEEKDAY, R_WEEKDAY, S_WEEKDAY", "WEEK_DAY_NAME, C_WEEK_DAY_NAME, R_WEEK_DAY_NAME, S_WEEK_DAY_NAME".<br />
<br />
[[User:Nrm|Nrm]] ([[User talk:Nrm|talk]]) 07:57, 20 August 2013 (UTC)<br />
<br />
== Reversal typo in Shorewall examples ==<br />
<br />
The example:<br />
filter f_shorewall { not match("regex" value("Shorewall")); }; # Filter everything except regex keyword Shorewall<br />
filter f_noshorewall { match("regex" value("Shorewall")); }; # Filter regex keyword Shorewall<br />
I believe the identifiers are switched. I have switched them to what I think they are intended to be.<br />
[[User:nuclearsandwich|nuclearsandwich]] 14:58, 26 February 2011 (PST)<br />
<br />
== Directly to SQL ==<br />
<br />
I notice that we still aren't running syslog-ng with --enable-sql (should be a trivial change at some point) but thought I would populate some basic options that will work well in the wiki when available.<br />
<br />
This config is only valid for 3.2 and up (Current as of this writing in Arch is 3.3.4.5).<br />
<br />
Taken directly from http://pzolee.blogs.balabit.com/2010/10/syslog-ng-example-configurations/<br />
<br />
<pre><br />
@version: 3.2<br />
source s_file{file("/var/log/inputfile*.log" follow-freq(1));};<br />
destination d_sql {<br />
sql(<br />
type("mysql")<br />
host("10.100.20.46")<br />
username("test_user")<br />
password("password")<br />
database("test_db")<br />
table("testtable-$YEAR-$MONTH-$DAY")<br />
columns("insert_time int", "date_time varchar(32)", "facility int", "priority int", "host varchar(255)", "program varchar(64)", "pid int", "message varchar(4000)")<br />
values("${R_UNIXTIME}", "${S_YEAR}-${S_MONTH}-${S_DAY} ${S_HOUR}:${S_MIN}:${S_SEC}", "$FACILITY_NUM", "$LEVEL_NUM", "$HOST", "$PROGRAM", "${PID:-0}", "$MSGONLY")<br />
indexes("insert_time", "date_time", "facility", "host", "program")<br />
);<br />
};<br />
log{<br />
source (s_file);<br />
destination (d_sql);<br />
};<br />
</pre><br />
<br />
- Provided by HRabbit (2012-04-26)<br />
<br />
== Example configuration file is outdated ==<br />
The used /etc/syslog-ng/syslog-ng.conf file is outdated. It generates these errors when restarting syslog-ng:<br />
<pre>$ sudo rc.d restart syslog-ng<br />
:: Stopping Syslog-NG [DONE] <br />
:: Starting Syslog-NG [BUSY] <br />
<br />
WARNING: Configuration file format is too old, please update it to use the 3.3 format as some constructs might operate inefficiently;<br />
WARNING: global: the default value of log_fifo_size() has changed to 10000 in version 3.3 to reflect log_iw_size() changes for tcp()/udp() window size changes;<br />
Error parsing config, syntax error, unexpected KW_LOG in /etc/syslog-ng/syslog-ng.conf at line 30, column 10:<br />
<br />
group(log);<br />
^^^<br />
<br />
syslog-ng documentation: http://www.balabit.com/support/documentation/?product=syslog-ng<br />
mailing list: https://lists.balabit.hu/mailman/listinfo/syslog-ng</pre><br />
[[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 01:04, 2 July 2012 (UTC)<br />
:I'm using syslog-ng 3.3.5-1 and I get no warnings.<br />
:For solving such issues, I think forums, IRC or the arch-general mailing list is better than the wiki. - [[User:Karol|Karol]] ([[User talk:Karol|talk]]) 08:59, 2 July 2012 (UTC)<br />
::Thanks for your response.<br />
::I'm not searching for answes to my problems but merely warning the Wiki article might to be out of date. For starters the @version tag in line 1 should read <br />
::<pre>@version: major.minor</pre><br />
::and reflect the current version of syslog-ng used in Arch. I haven't investigated the error I got but probably the original author of this section could have a look.<br />
::[[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 19:00, 2 July 2012 (UTC)<br />
:::I may have misunderstood you. If you're referring to the [https://wiki.archlinux.org/index.php/Syslog-ng#Example_configuration_file Example configuration file] then yes, it is outdated as the current version is 3.3. I think we should replace it with a link to [https://projects.archlinux.org/svntogit/packages.git/plain/trunk/syslog-ng.conf?h=packages/syslog-ng the current one]. What do you think? -- [[User:Karol|Karol]] ([[User talk:Karol|talk]]) 20:30, 2 July 2012 (UTC)<br />
::::The author -who uses the description 'my own personal preferences'- has a point providing a more detailed example of the configuration file other than the current one which is already in /etc/syslog-ng/. However, I would like him to update this one so at least it works. [[User:Foppe|Foppe]] ([[User talk:Foppe|talk]]) 23:42, 2 July 2012 (UTC)<br />
<br />
== journald.conf.d ==<br />
<br />
I wonder if the examples that suggest editing journald.conf should instead suggest adding override files under journald.conf.d. This has the advantage of not needing a merge when journald is updated. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 15:53, 18 January 2015 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Syslog-ng&diff=356963Syslog-ng2015-01-18T15:46:34Z<p>JimRees: /* syslog-ng and systemd journal */ no such file, I think this was intended</p>
<hr />
<div>{{Lowercase title}}<br />
[[Category:Daemons and system services]]<br />
[[ja:Syslog-ng]]<br />
{{Related articles start}}<br />
{{Related|rsyslog}}<br />
{{Related articles end}}<br />
<br />
{{Note|After upgrading to systemd, syslog-ng is unnecessary for most users and can be uninstalled, since the systemd journal provides this functionality.}}<br />
<br />
== Overview ==<br />
<br />
syslog-ng takes incoming log messages from defined '[[#Sources|sources]]' and forwards them to the appropriate [[#Destinations|destinations]], based on powerful [[#Creating Filters for Messages|filter]] directives. In a typical simple set-up, syslog-ng will read messages from three sources:<br />
<br />
# the default {{ic|/dev/log}} device, where most logs are sent<br />
# syslog-ng "internal" log messages<br />
# {{ic|/proc/kmsg}} kernel messages<br />
<br />
Sources are defined using the "source" directive. These incoming messages are then filtered according to defined filters ("filter" keyword), i.e. according to originating program or log level, and sent to the appropriate "destination". Destinations include log files (e.g. {{ic|/var/log/messages.log}}), printing messages on a console and remote servers. The pivotal function is [[#Log Paths|log]]. This function defines which filters should be applied to a certain source, and where the resulting messages should be sent to.<br />
<br />
[[Enable]] syslog-ng with the {{ic|syslog-ng.service}} service file. As of ''systemd'' 216, messages are no longer forwarded to syslog by default. Syslog-ng did not become journald aware until months later with the release of syslog-ng 3.6. This meant that if you were running systemd 216 or greater and syslog-ng you needed to set the option {{ic|1=ForwardToSyslog=yes}} in {{ic|/etc/systemd/journald.conf}} to actually use ''syslog-ng'' with ''journald''. <br />
<br />
If you use a current {{Pkg|syslog-ng}}, it is not necessary to change the option because [[syslog-ng]] pulls the messages from the journal. If you have set {{ic|1=ForwardToSyslog=yes}} you should revert it to {{ic|1=ForwardToSyslog=no}} in order to avoid the overhead associated with the socket and to avoid [https://github.com/balabit/syslog-ng/issues/314 needless error messages in the log].<br />
<br />
== Sources ==<br />
syslog-ng receives log messages from a source. To define a source you should follow the following syntax:<br />
source <identifier> { source-driver(params); source-driver(params); ... };<br />
<br />
You can look at the identifiers and source-drivers in the [http://www.balabit.com/support/documentation/ official manuals]. <br />
This will follow the manual to explain the configuration file above. The unix-stream() source-driver opens the given AF_UNIX<br />
[[wikipedia:Berkeley_sockets|socket]] and starts listening on it for messages. <br />
The internal() source-driver gets messages generated by syslog-ng.<br />
<br />
Therefore, the following means: {{ic|src}} gets messages from the {{ic|/dev/log}} socket and syslog-ng.<br />
source src { unix-stream("/dev/log"); internal(); };<br />
<br />
The kernel sends log messages to {{ic|/proc/kmsg}} and the file() driver reads log messages from files. Therefore, the following means:<br />
kernsrc gets messages from file {{ic|/proc/kmsg}}<br />
source kernsrc { file("/proc/kmsg"); };<br />
<br />
In the default configuration file after emerging syslog-ng, the source is defined as:<br />
source src { unix-stream("/dev/log"); internal(); pipe("/proc/kmsg"); };<br />
<br />
Reading messages by {{ic|pipe("/proc/kmsg")}} gives a better performance but because it opens its argument in read-write mode can be a security<br />
hazard as the [http://www.balabit.com/sites/default/files/documents/syslog-ng-v3.0-guide-admin-en.html/index.html-single.html#configuring_sources_pipe syslog-ng admin guide] states in section 3.3.3:<br />
<br />
"Pipe is very similar to the file() driver, but there are a few differences, for example pipe() opens its argument in read-write mode, therefore it is not recommended to be used on special files like {{ic|/proc/kmsg}}." (You can follow this discussion in [http://forums.gentoo.org/viewtopic-t-558161.html this post].)<br />
<br />
To open a port to read data from a remote server a source must be defined with this syntax:<br />
source s_net { udp(); };<br />
<br />
for UDP or<br />
source s_net { tcp(); };<br />
<br />
to receive log messages via TCP. Both listen on port 514.<br />
<br />
=== syslog-ng and systemd journal===<br />
Starting with syslog-ng version 3.6.1 the default {{ic|system()}} source on Linux systems using systemd uses journald as its standard {{ic|system()}} source.<br />
<br />
If you wish to use both the journald and syslog-ng files, ensure the following settings are in effect. For systemd-journald, in the {{ic|/etc/systemd/journald.conf}} file, {{ic|1=Storage=}} either set to {{ic|auto}} or unset (which defaults to auto) and {{ic|1=ForwardToSyslog=}} set to {{ic|no}} or unset (defaults to no). For {{ic|/etc/syslog-ng/syslog-ng.conf}}, you need the following {{ic|source}} stanza:<br />
<br />
{{bc|<nowiki><br />
source src {<br />
system();<br />
internal();<br />
};</nowiki>}}<br />
<br />
If, on the other hand, you wish ''not'' to retain the journald logs, but only syslog-ng's text logs, set {{ic|<nowiki>Storage=none</nowiki>}} in {{ic|/etc/systemd/journald.conf}}. However, if you do this syslog-ng will be unable to receive system log from journald using the {{ic|system()}} source. Instead it will need to revert to using a socket. To fix it, you have to set {{ic|1=ForwardToSyslog=yes}} in {{ic|/etc/systemd/journald.conf}} and edit {{ic|/etc/syslog-ng/syslog-ng.conf}} by replacing:<br />
{{bc|<nowiki><br />
source src {<br />
system();<br />
internal();<br />
};</nowiki>}}<br />
with the following:<br />
{{bc|<nowiki><br />
source src {<br />
#system();<br />
unix-dgram("/dev/log");<br />
internal();<br />
};</nowiki>}}<br />
<br />
After the change [[Restart|restart]] the {{ic|systemd-journald.service}} and {{ic|syslog-ng.service}} daemons.<br />
<br />
== Destinations ==<br />
In syslog-ng, log messages are sent to files. The syntax is very similar to sources:<br />
destination <identifier> {destination-driver(params); destination-driver(params); ... };<br />
<br />
You will be normally logging to a file, but you could log to a different destination-driver: pipe, Unix socket, TCP-UDP ports,<br />
terminals or to specific programs. Therefore, this means sending authlog messages to {{ic|/var/log/auth.log}}:<br />
destination authlog { file("/var/log/auth.log"); };<br />
<br />
If the user is logged in, {{ic|usertty()}} sends messages to the terminal of the specified user. If you want to send console messages<br />
to root's terminal if it is logged in:<br />
destination console { usertty("root"); };<br />
<br />
Messages can be sent to a pipe with {{ic|pipe()}}. The following sends xconsole messages to the pipe {{ic|/dev/xconsole}}.<br />
This needs some more configuration, so you could look at the sub-section xconsole below.<br />
destination xconsole { pipe("/dev/xconsole"); };<br />
<br />
To send messages on the network, use {{ic|udp()}}. The following will send your log data out to another server.<br />
destination remote_server { udp("10.0.0.2" port(514)); };<br />
<br />
== Creating Filters for Messages ==<br />
The syntax for the filter statement is:<br />
filter <identifier> { expression; };<br />
<br />
Functions can be used in the expression, such as the function {{ic|facility()}} which selects messages based on the facility codes. <br />
The Linux kernel has a few facilities you can use for logging. Each facility has a log-level; where debug is the most verbose,<br />
and panic only shows serious errors. You can find the facilities, log levels and priority names in {{ic|/usr/include/sys/syslog.h}}.<br />
To filter those messages coming from authorization, like <br />
''<nowiki>May 11 23:42:31 mimosinnet su(pam_unix)[18569]: session opened for user root by (uid=1000)</nowiki>'', use the following:<br />
filter f_auth { facility(auth); };<br />
<br />
The facility expression can use the boolean operators {{ic|and}}, {{ic|or}}, and {{ic|not}}, so the following filter<br />
selects those messages not coming from authorization, network news or mail:<br />
filter f_debug { not facility(auth, authpriv, news, mail); };<br />
<br />
The function {{ic|level()}} selects messages based on its priority level, so if you want to select informational levels:<br />
filter f_info { level(info); };<br />
<br />
Functions and boolean operators can be combined in more complex expressions. The following line filters messages with a priority level from<br />
informational to warning not coming from auth, authpriv, mail and news facilities:<br />
filter f_messages { level(info..warn) and not facility(auth, authpriv, mail, news); };<br />
<br />
Messages can also be selected by matching a regular expression in the message with the function {{ic|match("regex" value("TEMPLATE"))}}. For example:<br />
filter f_failed { match("failed" value("MESSAGE")); };<br />
<br />
here is a list of templates : <br />
"AMPM", "BSDTAG", "DATE, C_DATE, R_DATE, S_DATE", "DAY, C_DAY, R_DAY, S_DAY", "FACILITY", "FACILITY_NUM", "FULLDATE, C_FULLDATE, R_FULLDATE, S_FULLDATE", "FULLHOST", "FULLHOST_FROM", "HOUR, C_HOUR, R_HOUR, S_HOUR", "HOUR12, C_HOUR12, R_HOUR12, S_HOUR12", "HOST", "HOST_FROM", "ISODATE, C_ISODATE, R_ISODATE, S_ISODATE", "LEVEL_NUM", "LOGHOST", "MIN, C_MIN, R_MIN, S_MIN", "MONTH, C_MONTH, R_MONTH, S_MONTH", "MONTH_ABBREV, C_MONTH_ABBREV, R_MONTH_ABBREV, S_MONTH_ABBREV", "MONTH_NAME, C_MONTH_NAME, R_MONTH_NAME, S_MONTH_NAME", "MONTH_WEEK, C_MONTH_WEEK, R_MONTH_WEEK, S_MONTH_WEEK", "MSEC, C_MSEC, R_MSEC, S_MSEC", "MSG or MESSAGE", "MSGHDR", "MSGID", "MSGONLY", "PID", "PRI", "PRIORITY or LEVEL", "PROGRAM", "SDATA, .SDATA.SDID.SDNAME", "SEC, C_SEC, R_SEC, S_SEC", "SOURCEIP", "SEQNUM", "STAMP, R_STAMP, S_STAMP", "SYSUPTIME", "TAG", "TAGS", "TZ, C_TZ, R_TZ, S_TZ", "TZOFFSET, C_TZOFFSET, R_TZOFFSET, S_TZOFFSET", "UNIXTIME, C_UNIXTIME, R_UNIXTIME, S_UNIXTIME", "USEC, C_USEC, R_USEC, S_USEC", "YEAR, C_YEAR, R_YEAR, S_YEAR", "WEEK, C_WEEK, R_WEEK, S_WEEK", "WEEK_ABBREV, C_WEEK_ABBREV, R_WEEK_ABBREV, S_WEEK_ABBREV", "WEEK_DAY, C_WEEK_DAY, R_WEEK_DAY, S_WEEK_DAY", "WEEKDAY, C_WEEKDAY, R_WEEKDAY, S_WEEKDAY", "WEEK_DAY_NAME, C_WEEK_DAY_NAME, R_WEEK_DAY_NAME, S_WEEK_DAY_NAME".<br />
<br />
To filter messages received from a particular remote host, the {{ic|host()}} function must be used:<br />
filter f_host { host( "192.168.1.1" ); };<br />
<br />
== Log Paths ==<br />
syslog-ng connects sources, filters and destinations with log statements. The syntax is:<br />
log {source(s1); source(s2); ...<br />
filter(f1); filter(f2); ...<br />
destination(d1); destination(d2); ...<br />
flags(flag1[, flag2...]); };<br />
<br />
The following for example sends messages from {{ic|src}} source to {{ic|mailinfo}} destination filtered by {{ic|f_info}} filter.<br />
log { source(src); filter(f_mail); filter(f_info); destination(mailinfo); };<br />
<br />
== Tips and Tricks ==<br />
After understanding the logic behind syslog-ng, many possible and complex configuration are possible. Here there are some examples.<br />
<br />
=== Have syslog-ng reload the configuration file ===<br />
<br />
You can make syslog-ng re-evaluate the configuration file. You can do so manually by sending a {{ic|SIGHUP}} to the process, or call the reload function with systemctl:<br />
# systemctl reload syslog-ng<br />
<br />
=== Failover Logging to Remote Host ===<br />
This setup shows how to send the default unencrypted syslog packets across both TCP and UDP protocols, using the standard port (514) and an alternate port. This is sending the same output to the same machine 4 different ways to try and make sure packets make it. Mostly useful if you are debugging a remote server that fails to reboot. The different ports and protocols are to make it past any firewall filters or other network problems. Also useful for port-forwarding and using tunnels. Something like this setup is ideal to tunnel across an ssh connection that the prone-to-failover host initiates through a reverse connection.<br />
<br />
{{bc|<nowiki>#sending to a remote syslog server on TCP and UDP ports (not encrypted)<br />
destination askapache_failover_loghost {<br />
tcp("208.86.158.195" port(25214));<br />
udp("208.86.158.195" port(25214));<br />
udp("mysyslog1.dyndns.org" port(514));<br />
};<br />
log { <br />
source(src); <br />
destination(askapache_failover_loghost);<br />
};</nowiki><br />
}}<br />
<br />
And then on the loghost receiving these logs:<br />
<br />
{{bc|<nowiki>#a USB redirected console for flexible viewing<br />
destination debugging_console {<br />
file("/dev/ttyU1");<br />
};<br />
<br />
# listens on IP addresses and ports, sets the incoming settings<br />
source prone_to_failover_host {<br />
tcp(ip(208.86.158.195),port(25214));<br />
udp(ip(208.86.158.195) port(25214));<br />
<br />
udp(default-facility(syslog) default-priority(emerg));<br />
tcp(default-facility(syslog) default-priority(emerg));<br />
}<br />
<br />
# log it<br />
log {<br />
source(prone_to_failover_host); <br />
destination(debugging_console);<br />
};</nowiki><br />
}}<br />
<br />
=== Move log to another file ===<br />
In order to move some log from {{ic|/var/log/messages}} to another file:<br />
<br />
{{bc|<nowiki>#sshd configuration<br />
destination ssh { file("/var/log/ssh.log"); };<br />
filter f_ssh { program("sshd"); };<br />
log { source(src); filter(f_ssh); destination(ssh); };</nowiki><br />
}}<br />
<br />
=== Configuring as a loghost ===<br />
Configuring your system to be a loghost is quite simple. Drop the following into your configuration, and create the needed directory.<br />
With this simple configuration, log filenames will be based on the [[Wikipedia:FQDN|FQDN]] of the remote host,<br />
and located in {{ic|/var/log/remote/}}. After creating the remote directory, reload your syslog-ng configuration.<br />
<br />
{{bc|<nowiki>source net { udp(); };<br />
destination remote { file("/var/log/remote/${FULLHOST}-log"); };<br />
log { source(net); destination(remote); };</nowiki><br />
}}<br />
<br />
=== Improve Performance ===<br />
syslog-ng's performance can be improved in different ways:<br />
<br />
==== Write every so often ====<br />
It seems that the old {{ic|sync(X)}} '''option''' is called {{ic|flush_lines(X)}} now, where the writing to the file is buffered for {{ic|X}} lines. Default is 0 (no buffering).<br />
<br />
==== Avoid redundant processing and disk space ====<br />
A single log message can be sent to different log files several times. For example, in the initial configuration file, we have the following definitions:<br />
<br />
{{bc|<nowiki>destination cron { file("/var/log/cron.log"); };<br />
destination messages { file("/var/log/messages"); };<br />
filter f_cron { facility(cron); };<br />
filter f_messages { level(info..warn) <br />
and not facility(auth, authpriv, mail, news); };<br />
log { source(src); filter(f_cron); destination(cron); };<br />
log { source(src); filter(f_messages); destination(messages); };</nowiki><br />
}}<br />
<br />
The same message from the {{ic|cron}} facility will end up in both the {{ic|cron.log}} and {{ic|messages}} files. To change this behavior we can use the {{ic|final}} flag, <br />
ending up further processing with the message. Therefore, in this example, if we want messages from the {{ic|cron}} facility not ending up in the<br />
messages file, we should change the cron's log sentence by:<br />
<br />
log { source(src); filter(f_cron); destination(cron); flags(final); };<br />
<br />
another way is to exclude the {{ic|cron}} facility from {{ic|f_messages}} filter:<br />
filter f_messages { level(info..warn) and not facility(cron, auth, authpriv, mail, news); };<br />
<br />
=== PostgreSQL Destination ===<br />
This section will use two roles: {{ic|syslog}} and {{ic|logwriter}}. {{ic|syslog}} will be the administrator of the database {{ic|syslog}} and {{ic|logwriter}} will only be able to add records to the {{ic|logs}} table.<br />
<br />
No longer needed to create table for logs. syslog-ng will create automatically.<br />
psql -U postgres<br />
<br />
postgres=# CREATE ROLE syslog WITH LOGIN;<br />
postgres=# \password syslog # Using the \password function is secure because<br />
postgres=# \password logwriter # the password is not saved in history.<br />
postgres=# CREATE DATABASE syslog OWNER syslog;<br />
postgres=# \q # You are done here for the moment<br />
<br />
Edit {{ic|pg_hba.conf}} to allow {{ic|syslog}} and {{ic|logwriter}} to establish a connection to PostgreSQL.<br />
<br />
{{hc|/var/lib/postgresql/data/pg_hba.conf|<br />
# TYPE DATABASE USER CIDR-ADDRESS METHOD<br />
<br />
host syslog logwriter 192.168.0.1/24 md5<br />
host syslog syslog 192.168.0.10/32 md5<br />
}}<br />
<br />
Tell PostgreSQL to reload the configuration files:<br />
<br />
# systemctl reload postgresql<br />
<br />
Edit {{ic|/etc/syslog-ng.conf}} so that it knows where and how to write to PostgreSQL. syslog-ng will utilize the {{ic|logwriter}} role.<br />
<br />
{{bc|<nowiki>...<br />
#<br />
# SQL logging support<br />
#<br />
<br />
destination d_pgsql {<br />
sql(type(pgsql)<br />
host("127.0.0.1") username("logwriter") password("password")<br />
database("syslog")<br />
table("logs_${HOST}_${R_YEAR}${R_MONTH}${R_DAY}") #or whatever you want, example ${HOST}" for hosts, ${LEVEL}" for levels.. etc<br />
columns("datetime timestamp with time zone", "host varchar(32)", "program varchar(16)", "pid varchar(16)", "message varchar(200)")<br />
values("$R_ISODATE", "$HOST", "$PROGRAM", "$PID", "$MSG")<br />
indexes("datetime", "host", "program", "pid", "message"));<br />
};<br />
<br />
log { source(src); destination(d_pgsql); };</nowiki><br />
}}<br />
<br />
Finally, restart syslog-ng.<br />
# systemctl restart syslog-ng<br />
<br />
And check to see if things are being logged.<br />
psql -U logwriter -d syslog<br />
syslog=> SELECT * FROM <your table name> ORDER BY datetime DESC LIMIT 10;<br />
<br />
=== ISO 8601 timestamps ===<br />
'''Before''' :<br />
#logger These timestamps are not optimal.<br />
#tail -n 1 /var/log/messages.log<br />
Feb 18 14:25:01 hostname logger: These timestamps are not optimal.<br />
#<br />
<br />
Add {{ic|ts_format(iso);}} to {{ic|/etc/syslog-ng/syslog-ng.conf}} in the options section. Example:<br />
options {<br />
stats_freq (0);<br />
flush_lines (0);<br />
time_reopen (10);<br />
log_fifo_size (1000);<br />
long_hostnames(off); <br />
use_dns (no);<br />
use_fqdn (no);<br />
create_dirs (no);<br />
keep_hostname (yes);<br />
perm(0640);<br />
group("log");<br />
ts_format(iso); #make ISO-8601 timestamps<br />
};<br />
<br />
Then:<br />
# systemctl reload syslog-ng<br />
<br />
'''After''' :<br />
#logger Now THAT is a timestamp!<br />
#tail -n 2 /var/log/messages.log<br />
Feb 18 14:25:01 hostname logger: These timestamps are not optimal.<br />
2010-02-18T20:23:58-05:00 electron logger: Now THAT is a timestamp!<br />
#<br />
<br />
=== RFC 3339 timestamps ===<br />
Same as above, except use {{ic|rfc3339}} instead of {{ic|iso}} for {{ic|ts_format}}<br />
<br />
=== Log Levels ===<br />
<br />
Log levels are defined separately for each logged facility in syslog-ng config. Available log levels are listed in /usr/include/sys/syslog.h :<br />
<br />
define LOG_EMERG 0 /* system is unusable */<br />
define LOG_ALERT 1 /* action must be taken immediately */<br />
define LOG_CRIT 2 /* critical conditions */<br />
define LOG_ERR 3 /* error conditions */<br />
define LOG_WARNING 4 /* warning conditions */<br />
define LOG_NOTICE 5 /* normal but significant condition */<br />
define LOG_INFO 6 /* informational */<br />
define LOG_DEBUG 7 /* debug-level messages */<br />
<br />
=== Macros and Variables ===<br />
Macros can be used in both templates, and in destination file names. [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/reference-macros.html Macros of syslog-ng OSE].<br />
<br />
The following code will write the log lines to {{ic|/var/log/test.log}} in the format of {{ic|<nowiki>macroname=value@</nowiki>}}. <br />
<br />
{{bc|<nowiki>template t_test { template("PROGRAM=$PROGRAM@PID=$PID@BSDTAG=$BSDTAG@TAG=$TAG@TAGS=$TAGS@FACILITY=$FACILITY@FACILITY_NUM=$FACILITY_NUM@LEVEL=$LEVEL@LEVEL_NUM=$LEVEL_NUM@PRI=$PRI@PRIORITY=$PRIORITY@FULLHOST=$FULLHOST@FULLHOST_FROM=$FULLHOST_FROM@HOST=$HOST@HOST_FROM=$HOST_FROM@LOGHOST=$LOGHOST@MSGHDR=$MSGHDR@MSGID=$MSGID@MSGONLY=$MSGONLY@MSG=$MSG@MESSAGE=$MESSAGE@SOURCE=$SOURCE@SOURCEIP=$SOURCEIP@SOURCE_IP=$SOURCE_IP@SEQNUM=$SEQNUM@UNIXTIME=$UNIXTIME@FULLDATE=$FULLDATE@ISODATE=$ISODATE@DATE=$DATE@STAMP=$STAMP@TZ=$TZ@TZOFFSET=$TZOFFSET@SEC=$SEC@MIN=$MIN@HOUR=$HOUR@HOUR12=$HOUR12@DAY=$DAY@WEEK=$WEEK@WEEK_DAY=$WEEK_DAY@WEEK_DAY_ABBREV=$WEEK_DAY_ABBREV@WEEK_DAY_NAME=$WEEK_DAY_NAME@MONTH=$MONTH@MONTH_ABBREV=$MONTH_ABBREV@MONTH_NAME=$MONTH_NAME@MONTH_WEEK=$MONTH_WEEK@YEAR=$YEAR@YEAR_DAY=$YEAR_DAY<br />
\n"); template_escape(no); };<br />
<br />
destination d_test { file("/var/log/test.log" template(t_test)); };<br />
<br />
log { source(s_local); destination(d_test); flags(final); };<br />
</nowiki>}}<br />
<br />
You can create your own value list as below once syslog-ng is restarted with:<br />
{{ic|<nowiki>tail /var/log/test.log|tr "@" "\n"</nowiki>}}<br />
<br />
{{bc|<nowiki><br />
PROGRAM=kernel<br />
PID=<br />
BSDTAG=4A<br />
TAG=04<br />
TAGS=.source.s_local<br />
FACILITY=kern<br />
FACILITY_NUM=0<br />
LEVEL=warning<br />
LEVEL_NUM=4<br />
PRI=4<br />
PRIORITY=warning<br />
FULLHOST=www.askapache.com<br />
FULLHOST_FROM=www.askapache.com<br />
HOST=www.askapache.com<br />
HOST_FROM=www.askapache.com<br />
LOGHOST=<br />
MSGHDR=kernel: <br />
MSGID=<br />
MSGONLY=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
MSG=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
MESSAGE=Firewall: *INVALID* IN=eth0 OUT= MAC=00:00 SRC=x.x.x.x DST=198.101.159.98 LEN=40 TOS=0x00 PREC=0x00 TTL=113 ID=7730 DF PROTO=TCP SPT=52369 DPT=80 WINDOW=0 RES=0x00 ACK RST URGP=0 <br />
SOURCE=s_local<br />
SOURCEIP=127.0.0.1<br />
SOURCE_IP=<br />
UNIXTIME=1369742458<br />
FULLDATE=2013 May 28 08:00:58<br />
ISODATE=2013-05-28T08:00:58-04:00<br />
DATE=May 28 08:00:58<br />
STAMP=2013-05-28T08:00:58-04:00<br />
TZ=-04:00<br />
TZOFFSET=-04:00<br />
SEC=58<br />
MIN=00<br />
HOUR=08<br />
HOUR12=<br />
DAY=28<br />
WEEK=21<br />
WEEK_DAY=3<br />
WEEK_DAY_ABBREV=Tue<br />
WEEK_DAY_NAME=Tuesday<br />
MONTH=05<br />
MONTH_ABBREV=May<br />
MONTH_NAME=May<br />
MONTH_WEEK=4<br />
YEAR=2013<br />
YEAR_DAY=148<br />
</nowiki>}}<br />
<br />
=== See Also ===<br />
* [[Netconsole]] A kernel module that sends all kernel log messages (i.e. dmesg) over the network to another computer, without involving user space (e.g. syslogd).<br />
<br />
== External Links ==<br />
* [http://www.balabit.com/network-security/syslog-ng/opensource-logging-system/overview syslog-ng OSE Project Page]<br />
* [http://www.balabit.com/support/documentation/ Portal to syslog-ng Documentation]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/index.html The syslog-ng 3.4 Administrator Guide]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/syslog-ng-parameter-index.html List of syslog-ng 3.4 Parameters]<br />
** [http://www.balabit.com/sites/default/files/documents/syslog-ng-ose-3.4-guides/en/syslog-ng-ose-v3.4-guide-admin/html/reference-macros.html List of syslog-ng 3.4 Macros]<br />
* [http://freshmeat.net/projects/syslog-ng/ syslog-ng Project Page on Freshmeat]<br />
* [http://en.gentoo-wiki.com/wiki/Syslog-ng Gentoo syslog-ng wiki]<br />
* [http://www.gentoo.org/doc/en/security/security-handbook.xml?part=1&chap=3 Gentoo Security Handbook on Logging]<br />
* [http://www.kdough.net/docs/syslog_postgresql/ Syslog Logging with PostgreSQL HOWTO]<br />
* [[wikipedia:ISO_8601|ISO_8601]] Wikipedia page for ISO 8601<br />
* [http://tools.ietf.org/html/rfc3164 RFC 3164] - The BSD syslog Protocol<br />
* [http://tools.ietf.org/html/rfc3164 RFC 5424] - The Syslog Protocol<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5425] - Transport Layer Security (TLS) Transport Mapping for Syslog<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5426] - Transmission of Syslog Messages over UDP<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5427] - Textual Conventions for Syslog Management<br />
** [http://tools.ietf.org/html/rfc5425 RFC 5428] - MIB for PacketCable and IPCablecom-Compliant Devices<br />
* [http://tools.ietf.org/html/rfc3339 RFC 3339] - Date and Time on the Internet: Timestamps</div>JimReeshttps://wiki.archlinux.org/index.php?title=GNOME&diff=307838GNOME2014-03-31T22:10:01Z<p>JimRees: /* Starting GNOME */ guess I should say why</p>
<hr />
<div>[[Category:GNOME]]<br />
[[cs:GNOME]]<br />
[[de:GNOME]]<br />
[[es:GNOME]]<br />
[[fr:GNOME]]<br />
[[it:GNOME]]<br />
[[ja:GNOME]]<br />
[[nl:GNOME]]<br />
[[pl:GNOME]]<br />
[[pt:GNOME]]<br />
[[ru:GNOME]]<br />
[[sr:GNOME]]<br />
[[th:GNOME]]<br />
[[tr:Gnome Masaüstü Ortamı]]<br />
[[uk:GNOME]]<br />
[[zh-CN:GNOME]]<br />
[[zh-TW:GNOME]]<br />
{{Related articles start}}<br />
{{Related|Desktop environment}}<br />
{{Related|Display manager}}<br />
{{Related|Window manager}}<br />
{{Related|GTK+}}<br />
{{Related|GDM}}<br />
{{Related|Nautilus}}<br />
{{Related|Gedit}}<br />
{{Related|Epiphany}}<br />
{{Related|GNOME Flashback}}<br />
{{Related articles end}}<br />
<br />
[http://www.gnome.org/ GNOME] is a [[desktop environment]] developed by The GNOME Project.<br />
<br />
GNOME 3 has ''two'' sessions:<br />
<br />
*'''GNOME''' is the default, innovative layout.<br />
*'''GNOME Classic''' is a traditional desktop layout, similar to the GNOME 2 user interface whilst using GNOME 3 technologies. It does so through the use of pre-activated extensions and parameters (see [http://worldofgnome.org/welcome-to-gnome-3-8-flintstones-mode/ here] for a list). Hence it is more of a customized GNOME Shell than a truly distinct mode.<br />
<br />
Both of them use GNOME Shell, a desktop shell and plugin of the Mutter window manager. Mutter acts as a composite manager for the desktop, employing hardware graphics acceleration to provide effects aimed at reducing screen clutter. GNOME session manager automatically detects if your video driver is capable of running GNOME Shell and if not, falls back to software rendering using llvmpipe.<br />
<br />
== Installation ==<br />
<br />
GNOME 3 is available in the [[official repositories]] and can be [[pacman|installed]] with one of the following:<br />
*The {{Pkg|gnome-shell}} package provides a minimal desktop shell.<br />
*The {{Grp|gnome}} group contains the core desktop environment and applications required for the standard GNOME experience.<br />
*The {{Grp|gnome-extra}} group contains various optional tools such as an editor, an archive manager, a disk burner, a mail client, games, development tools and other non-critical applications that integrate well with the GNOME desktop. Installing just the {{Grp|gnome-extra}} group will not pull in the whole {{Grp|gnome}} group via dependencies. If you want to install all GNOME packages then you will need to explicitly install both groups.<br />
<br />
== Starting GNOME ==<br />
<br />
'''Graphical log-in'''<br />
<br />
For the best desktop integration, [[GDM]] (the GNOME [[Display manager]]) is recommended. GDM is installed as part of the {{grp|gnome}} group and can be used by enabling {{ic|gdm.service}} [[systemd#Using units|using systemd]].<br />
<br />
Other display managers can be used in place of GDM if desired.<br />
<br />
{{note|Native support for screenlocking in GNOME is provided by GDM. If you choose to not use GDM you will need to use a different screenlocking program such as [[Xscreensaver]].}} <br />
<br />
'''Starting GNOME manually'''<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file:<br />
{{hc|~/.xinitrc|<nowiki><br />
exec gnome-session<br />
</nowiki>}}<br />
<br />
Or {{ic|exec gnome-session --session&#61;gnome-classic}} for GNOME Classic. After editing your {{ic|~/.xinitrc}}, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
See [[xinitrc]] for details, such as preserving the logind session.<br />
<br />
After setting up your {{ic|~/.xinitrc}} file you can also arrange to [[Start X at Login]] so that you don't have to run {{ic|startx}} manually.<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME cheat sheet ===<br />
<br />
The GNOME web site has a <s>helpful</s> '''outdated''' [https://live.gnome.org/GnomeShell/CheatSheet GNOME Shell cheat sheet] explaining task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{ic|Alt}} + {{ic|F2}} then {{ic|r}} then {{ic|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
{{note|Valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart however there is a risk that data could be lost if documents are not saved.}}<br />
<br />
=== Shell freezes ===<br />
<br />
Sometimes shell extensions freeze the GNOME Shell. In this case a possible strategy is to switch to another terminal via {{ic|Ctrl+Alt+F2}} through {{ic|Ctrl+Alt+F6}}, log in, and restart gnome-shell with:<br />
<br />
# pkill -HUP gnome-shell<br />
<br />
All open applications will still be available after restarting the shell.<br />
<br />
Sometimes, however, merely restarting the shell might not be enough. Then you will have to restart X, losing all work in progress. You can restart X by:<br />
<br />
# pkill X<br />
<br />
The GNOME Shell then restarts automatically.<br />
<br />
If this does not work, you can try to restart your login manager. For instance, if you use GDM, try:<br />
<br />
# systemctl restart gdm.service<br />
<br />
{{Tip|You can also use '''htop''' in tty; press ''t'', select the ''gnome-shell'' tree, press ''k'' and send ''SIGKILL''.}}<br />
<br />
== Pacman integration: GNOME PackageKit ==<br />
<br />
GNOME has its own Pacman GUI: {{Pkg|gnome-packagekit}}.<br />
<br />
Using the [https://www.archlinux.org/pacman/libalpm.3.html alpm] backend, it supports the following features:<br />
<br />
* Install and remove packages from the repos.<br />
* Periodically refresh package databases and prompt for updates.<br />
* Install packages from tarballs.<br />
* Search for packages by name, description, category or file.<br />
* Show package dependencies, files and reverse dependencies.<br />
* Ignore IgnorePkgs and hold HoldPkgs.<br />
* Report optional dependencies, .pacnew files, etc.<br />
<br />
You can change the {{ic|remove}} operation from -Rc to -Rsc by setting the DConf key {{ic|org.gnome.packagekit.enable-autoremove}}.<br />
<br />
=== Packages updates notifications ===<br />
<br />
If you want GNOME to check automatically for updates, you must install {{Pkg|gnome-settings-daemon-updates}} from the official repository.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
The ''Systems Settings'' tool (provided by {{pkg|gnome-control-center}}) is a simple and streamlined panel which covers most basic settings. <br />
<br />
More elaborate graphical customization (such as modifying fonts, themes, titlebar buttons and such) can be done using the graphical ''GNOME tweak tool''. {{Pkg|gnome-tweak-tool}} is available from the [[official repositories]]. See [[#Theming]] below for more information about the subject.<br />
<br />
More extensive customisation may require more low-level configuration, using [[#gsettings and dconf]].<br />
<br />
==== Theming ====<br />
<br />
To install a new theme or icon set, put it in {{ic|~/.themes}} or {{ic|~/.icons}}. You can then activate it using ''GNOME tweak tool'', that is described above.<br />
<br />
Alternatively, you can set a GTK (icon) theme via {{ic|~/.config/gtk-3.0/settings.ini}}. In this file you can set the GTK theme ({{ic|gtk-theme-name}}), the icon theme ({{ic|gtk-icon-theme-name}}), the font ({{ic|gtk-font-name}}) and more.<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of {{pkg|gnome-themes-standard}}. Additional GTK3 themes can be found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site.] For example:<br />
{{hc|~/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to restart the GNOME shell for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation.]<br />
<br />
==== gsettings and dconf ====<br />
<br />
dconf is a data store used by GNOME to store its settings. It can be edited with the graphical {{ic|dconf-editor}} or the command line {{ic|gsettings}} tool. See [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] for a tutorial on using gsettings.<br />
<br />
=== Customize top bar ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.desktop.interface clock-show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When installing GNOME, some unwanted icons might appear in the panel. These icons can be removed by manually editing the GNOME panel script.<br />
<br />
For example, to remove the keyboard button, comment out the {{ic|'keyboard'}} line in {{ic|PANEL_ITEM_IMPLEMENTATIONS}}:<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const PANEL_ITEM_IMPLEMENTATIONS = {<br />
'activities': ActivitiesButton,<br />
'aggregateMenu': AggregateMenu,<br />
'appMenu': AppMenuButton,<br />
'dateMenu': imports.ui.dateMenu.DateMenuButton,<br />
'a11y': imports.ui.status.accessibility.ATIndicator,<br />
'a11yGreeter': imports.ui.status.accessibility.ATGreeterIndicator,<br />
//'keyboard': imports.ui.status.keyboard.InputSourceIndicator,<br />
};<br />
</nowiki>}}<br />
<br />
Then, save your results and restart the shell:<br />
<br />
#{{ic|Alt+F2}}<br />
#{{ic|r}}<br />
#{{ic|Enter}}<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command.<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
The [https://extensions.gnome.org/extension/120/system-monitor/ system-monitor] extension is included in the {{pkg|gnome-shell-extensions}} package. The git version is available as {{AUR|gnome-shell-system-monitor-applet-git}} in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
The [https://extensions.gnome.org/extension/613/weather/ Weather] extension can be installed from [https://extensions.gnome.org/extension/613/weather/ the official extension website]. The git version is available as {{AUR|gnome-shell-extension-weather-git}} in the [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like most desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are located in the '''{{ic|/usr/share/applications}}''' folder. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries. You will need root privileges to edit the .desktop files.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. <br />
<br />
{{Note|Removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.}}<br />
<br />
To hide an application launcher open its .desktop file in a text editor and add the following line:<br />
<br />
NoDisplay=true<br />
<br />
==== Change application icon size ====<br />
<br />
To change the application icon size it is necessary to edit the GNOME-Shell theme.<br />
<br />
You can edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. <br />
* For the '''default''' theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
* For '''user themes''', edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting the shell|restart the GNOME shell.]]<br />
{{hc|gnome-shell.css|<nowiki><br />
...<br />
/* Application Launchers and Grid */<br />
<br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-horizontal-item-size: 82px;<br />
-shell-grid-vertical-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
...<br />
</nowiki>}}<br />
<br />
==== Change dash icon size ====<br />
GNOME's Activities view has a dash on the left hand side, the size of the icons in this dash will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/dash.js}}.<br />
<br />
{{hc|dash.js|<nowiki><br />
...<br />
<br />
let iconSizes = [ 16, 22, 24, 32, 48, 64 ];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Change switcher (alt-tab) icon size ====<br />
GNOME comes with a built in task switcher, the size of the icons in this task switcher will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/altTab.js}}<br />
<br />
{{hc|altTab.js|<nowiki><br />
...<br />
<br />
const iconSizes = [96, 64, 48, 32, 22];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Change system tray icon size ====<br />
GNOME comes with a built in system tray, visible when the mouse is hovered over the bottom right corner of the screen. The size of the icons in this tray is set to a fixed value of 24. To change this value, edit {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}<br />
{{hc|messageTray.js|<nowiki><br />
...<br />
<br />
ICON_SIZE: 24,<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Disable Activity hot corner hovering ====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit {{ic|/usr/share/gnome-shell/js/ui/layout.js}} (that was ''panel.js'' in GNOME 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set {{ic|reactive}} to {{ic|false}}. GNOME Shell needs to be restarted.<br />
<br />
{{tip|There are also [[GNOME#GNOME_shell_extensions|GNOME Shell extensions]] that can be installed which will modify this behaviour.}}<br />
<br />
==== Disable Message Tray hovering ====<br />
<br />
The message tray is shown when the mouse hovers at the bottom of the screen for one second. To disable this behavior, comment out the following line in {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}:<br />
{{hc|messageTray.js|<nowiki><br />
//pointerWatcher.addWatch(TRAY_DWELL_CHECK_INTERVAL, Lang.bind(this, this._checkTrayDwell));<br />
</nowiki>}}<br />
GNOME Shell needs to be restarted. The message tray is still visible in activity view.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
* ''' global''' - edit {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and and reduce its value to a minimum of {{ic|0}}.<br />
* '''user-only''' - copy {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}} to {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
<br />
Then restart the GNOME shell. <br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[official repositories]] or remove {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting can be changed through '''dconf-editor.'''<br />
<br />
For example, to move the close and minimize buttons to the left side of the titlebar, open '''dconf-editor''' and locate the '''''org.gnome.shell.overrides.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (Colon symbol designates the spacer between left side and right side of the titlebar.) Place the buttons in your preferred order. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. Restart the shell to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
The command below will hide the titlebar when windows are maximised:<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
After entering the command restart the GNOME shell. After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{ic|Alt+F5}}, {{ic|Alt+F10}} or {{ic|Alt+Space}} to remedy the situation.<br />
<br />
To prevent {{ic|metacity-theme-3.xml}} from being overwritten each time package {{pkg|gnome-themes-standard}} is upgraded, add its name to {{ic|/etc/pacman.conf}} with {{ic|NoUpgrade}}.<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman will not upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values, install the {{pkg|gnome-themes-standard}} package.<br />
<br />
== Miscellaneous settings ==<br />
<br />
=== Power Management ===<br />
<br />
==== Prevent Suspend-To-RAM (S3) when closing the LID ====<br />
This setting is not exposed in GNOME's ''System Settings'' or in ''dconf''. The current approach is to manage this on the level of [[systemd]]. Edit {{ic|/etc/systemd/logind.conf}}, uncomment the {{ic|HandleLidSwitch}} line and set it to {{ic|ignore}}:<br />
<br />
{{hc|/etc/systemd/logind.conf|HandleLidSwitch&#61;ignore}}<br />
<br />
See the [[Power management#ACPI_events]] article for more information.<br />
<br />
==== No reaction on lid close ====<br />
<br />
When configuring the lid close events via [[systemd#ACPI power management]], the settings may seem to have no effect. If you have an external monitor connected to your laptop, this is default GNOME behaviour. Disconnect the monitor and the settings should work, otherwise your {{ic|/etc/systemd/logind.conf}} may be incorrect.<br />
To change default behaviour open the {{ic|dconf-editor}} and change {{ic|org.gnome.settings-daemon.plugins.xrandr.default-monitors-setup}} to {{ic|"do-nothing"}}.<br />
<br />
==== Change Critical Battery Level Action (for Laptops) ====<br />
<br />
The ''System Settings'' panel only allows the user to choose between ''Suspend'' or ''Hibernate''. To choose another option such as ''Do Nothing'' open the {{ic|dconf-editor}} and navigate to {{ic|org.gnome.settings-daemon.plugins.power}}. Edit the {{ic|"critical-battery-action"}} value to {{ic|"nothing"}}.<br />
<br />
=== Switch back scrolling behavior ===<br />
If you do not like the new scrollbar behavior just put {{ic|<nowiki>gtk-primary-button-warps-slider = false</nowiki>}} under the {{ic|<nowiki>[Settings]</nowiki>}} section in {{ic|~/.config/gtk-3.0/settings.ini}}:<br />
<br />
{{hc|~/.config/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-primary-button-warps-slider = false<br />
...<br />
</nowiki>}}<br />
<br />
=== Autostarting / Automatic program launch upon logging in ===<br />
<br />
Specify which programs start automatically after logging in using {{ic|gnome-session-properties}}. This tool is part of the {{Pkg|gnome-session}} package.<br />
<br />
$ gnome-session-properties<br />
<br />
=== Editing applications menu ===<br />
<br />
{{pkg|alacarte}} provides a more complete menu editor for adding/editing menu entries.<br />
<br />
=== Inner padding in Gnome Terminal===<br />
To move the terminal output away from the window borders create the stylesheet {{ic|~/.config/gtk-3.0/gtk.css}} with the following setting:<br />
<br />
TerminalScreen {<br />
-VteTerminal-inner-border: 10px 10px 10px 10px;<br />
}<br />
<br />
=== Disable blinking cursor in Terminal ===<br />
Since Gnome 3.8 and the migration to gsettings and dconf the key required to modify in order to disable the blinking cursor in the Terminal differs slightly in contrast to the old gconf key. To disable the blinking cursor in Gnome 3.8 use:<br />
<br />
gsettings set org.gnome.desktop.interface cursor-blink false<br />
<br />
If you prefer dconf to the gsettings CLI then open {{ic|dconf-editor}} and expand expand org -> gnome -> desktop -> interface and untick the option labelled '''cursor-blink'''.<br />
<br />
=== Make new tabs inherit current directory in Gnome Terminal (3.8+) ===<br />
In Gnome 3.8, the behaviour of how current directories are tracked has changed. To restore this behaviour, you need to source the {{ic|/etc/profile.d/vte.sh}} file, put this in your {{ic|~/.bashrc}} or {{ic|~/.zshrc}} for zsh users:<br />
<br />
source /etc/profile.d/vte.sh<br />
<br />
For more information refer to the [https://wiki.gnome.org/action/show/Apps/Terminal/FAQ?action=show&redirect=Terminal%252FFAQ#How_can_I_make_new_terminals_start_in_the_working_directory_of_the_current_terminal.3F Gnome wiki]<br />
<br />
=== Move dialog windows ===<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions. These provide features such as a dock or a widget for changing the theme.<br />
<br />
Many extensions are collected and hosted by [https://extensions.gnome.org/ extensions.gnome.org]. They can be browsed and installed simply activating them in the browser. More information about gnome shell extensions can be found [https://extensions.gnome.org/about/ here].<br />
<br />
See [[#When an extension breaks GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default Applications ===<br />
<br />
While one can right click any file and set the default applications in 'Preferences', the settings are actually saved in {{ic | $HOME/.local/share/applications/mimeapps.list}} and {{ic| $HOME/.local/share/applications/mimeinfo.cache}}<br />
<br />
For systemwide preferences create or edit the file {{ic|/usr/share/applications/mimeapps.list}}.<br />
<br />
{{tip|If you are making the change systemwide you may to create the {{ic|/usr/share/applications/mimeapps.list}} file yourself.}}<br />
<br />
==== Default file browser/replace Nautilus ====<br />
You can specify a different file manager in the ''mimeapps.list'' file as shown below:<br />
<br />
'''User only''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|~/.local/share/applications/mimeapps.list}}<br />
<br />
'''Systemwide''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|/usr/share/applications/mimeapps.list}}<br />
<br />
Where my filemanager.desktop is the correct .desktop file for the file manager of your choice.<br />
<br />
<br />
Alternatively you can trick GNOME into using another file browser by editing the {{ic|Exec}} line in {{ic|/usr/share/applications/nautilus.desktop}}. See the correct parameters in the {{ic|.desktop}} file of the file manager of your choice, e.g.:<br />
{{hc|/usr/share/applications/nautilus.desktop|<br />
2=[...]<br />
Exec=thunar %F<br />
OR<br />
Exec=pcmanfm %U<br />
OR<br />
Exec=nemo %U<br />
[...]<br />
}}<br />
<br />
==== Default PDF viewer ====<br />
In some cases when you have installed Inkscape or other graphic programs Evince Document Viewer might no longer be selected as the default PDF application. If it is not available in the '''Open With''' entry which would be the GUI solution, you can use the following user command to make it the default application again.<br />
<br />
xdg-mime default evince.desktop application/pdf<br />
<br />
==== Default terminal ====<br />
<br />
{{ic|gsettings}} (which replaces {{ic|gconftool-2}}) is used to set the default terminal. The setting affects ''nautilus-open-terminal'' (a Nautilus extension).<br />
To make [[rxvt-unicode|urxvt]] the default, run:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|The {{ic|-e}} flag is for executing a command. When ''nautilus-open-terminal'' invokes {{ic|urxvtc}}, it puts a {{ic|cd}} command at the end of the command line so that the new terminal starts in the directory you opened it from. Other terminals will require a different (perhaps empty) {{ic|exec-arg}}.}}<br />
<br />
==== Default web browser for gnome-gmail-notifier ====<br />
<br />
To configure the web browser used by the AUR package {{AUR|gnome-gmail-notifier}}, open gconf-editor<br />
and edit the {{ic|/desktop/gnome/url-handlers/http/}} key. You may want to change {{ic|https/}}, {{ic|about/}}, and {{ic|unknown/}} keys while you are at it.<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== Display dimming ===<br />
<br />
By default GNOME 3 has a ten second idle timeout to dim the screen regardless of the battery and AC state:<br />
<br />
# gsettings get org.gnome.settings-daemon.plugins.power idle-dim-time<br />
<br />
To set a new value type the following<br />
<br />
# gsettings set org.gnome.settings-daemon.plugins.power idle-dim-time <int><br />
<br />
where <int> is the value in seconds<br />
<br />
=== Changing hotkeys ===<br />
Certain hotkeys cannot be changed directly via the ''System Settings'' panel. In order to change these keys, use dconf-editor. An example of particular note is the hotkey Alt-Above_Tab. On US keyboards, this is Alt-`: is a hotkey often used in the [[Emacs]] editor. It can be changed by opening dconf-editor and modifying the ''switch-group'' key found in {{ic|org.gnome.desktop.wm.keybindings}}.<br />
<br />
It is possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at ~/.config/Thunar/accels.scm, whereas Nautilus's is located at ~/.config/nautilus/accels and ~/.gnome2/accels/nautilus on old release.<br />
<br />
The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
For example to replace the hotkey used by Nautilus to move files to the trash folder, change the line :<br />
; (gtk_accel_path "<Actions>/DirViewActions/Trash" "<Primary>Delete")<br />
to this :<br />
(gtk_accel_path "<Actions>/DirViewActions/Trash" "Delete")<br />
<br />
The file is regenerated regularly so do not comment the file. The uncommented line will stay but every comment you add will be lost.<br />
<br />
==== Hotkeys in Nautilus 3.4 and older ====<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
The default assignment is a somewhat-awkward {{ic|Ctrl+Delete}}.<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{ic|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{ic|Delete}} to make the new accelerator be the Delete key.<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Screencast recording ===<br />
<br />
Gnome features the built-in possbility to create screencasts easily. Thereby Control+Shift+Alt+R keybinding starts and stops the recording. A red circle is displayed in the bottom right corner of the screen when the recording is in progress. After the recording is finished, a file named 'Screencast from %d%u-%c.webm' is saved in the Videos directory. In order to use the screencast feature you need to have installed the gst plugins which are:<br />
<br />
$ pacman -Qs gst<br />
<br />
=== Modify Keyboard with XkbOptions ===<br />
<br />
Using the '''dconf-editor''', navigate to the key named ''org.gnome.desktop.input-sources.xkb-options'' and add desired XkbOptions (e.g. 'caps:swapescape') to the list.<br />
<br />
See /usr/share/X11/xkb/rules/xorg for all XkbOptions and then /usr/share/X11/xkb/symbols/* for the respective descriptions.<br />
<br />
{{Note|To enable the {{ic|Ctrl+Alt+Backspace}} combination to terminate Xorg, use the {{Pkg|gnome-tweak-tool}} from [[official repositories]]. Within the Gnome Tweak Tool, navigate to ''Typing > Terminate'' and select the option {{ic|Ctrl+Alt+Backspace}} from the dropdown menu.}}<br />
<br />
=== Toggle keyboard layouts ===<br />
Since Gnome does not consider any configuration in {{ic|/etc/X11/conf.d/*.conf}} you have to set the command for layout switching either via the control center with the options ''Switch to previous source'' and ''Switch to next source'' or if you want to use Alt - Shift combination you have to use the Gnome-Tweak-Tool and set ''Typing -> Modifiers-only input sources -> select Alt-shift''. For more information see also the forum [https://bbs.archlinux.org/viewtopic.php?id=152127 thread].<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Tracker (search program) ==<br />
The {{Pkg|tracker}} provides the Tracker program, an indexing application. You can configure it with {{ic|tracker-preferences}}, and monitor status with {{ic|tracker-control}}. Once installed, indexing should start automatically when you log in. You can explicitly start indexing with {{ic|tracker-control -s}}. Search settings can also be configured in the ''System Settings'' panel.<br />
<br />
== Totem (movie player) ==<br />
<br />
Totem is a movie player based on [[GStreamer]]. For information about adding codecs or hardware acceleration, see [[GStreamer]].<br />
<br />
== Empathy (integrated messaging) and Gnome Online Accounts ==<br />
<br />
Empathy, the engine behind integrated messaging, and all system settings based on messaging accounts will not show up unless the {{grp|telepathy}} group of packages or at least one of the backends ({{pkg|telepathy-gabble}}, or {{pkg|telepathy-haze}}, for example) is installed. You will also need to install the {{grp|telepathy}} group to add accounts in the ''GNOME Online Accounts'' interface found in the ''System Settings'' panel.<br />
<br />
These packages are '''not''' included in either the {{grp|gnome}} or {{grp|gnome-extra}} groups . You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the {{ic|/usr/bin/empathy-accounts}} application can remain running and will need to be killed before you can add any new accounts.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components freedesktop.org telepathy wiki].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Cannot change settings in dconf-editor ===<br />
<br />
When one cannot set settings in {{pkg|dconf}}, it is possible their dconf user settings are corrupt. In this case it is best to delete the user dconf files in {{ic|~/.config/dconf/user*}} and set the settings in dconf-editor after.<br />
<br />
=== When an extension breaks GNOME ===<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of {{ic|~/.local/share/gnome‑shell/extensions}}, {{ic|/usr/share/gnome‑shell/extensions}} or {{ic|/usr/local/share/gnome‑shell/extensions}}. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on GNOME Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
=== Extensions do not work after GNOME 3 update ===<br />
<br />
Locate the folder where your extensions are installed. It might be {{ic|~/.local/share/gnome-shell/extensions}} or {{ic|/usr/share/gnome-shell/extensions}}.<br />
<br />
Edit each occurrence of {{ic|metadata.json}} which appears in each extension sub-folder.<br />
<br />
{| border="0"<br />
| Insert: || {{ic|"shell-version": ["3.6"]}}<br />
|-<br />
| Instead of (for example): || {{ic|"shell-version": ["3.4"]}}<br />
|}<br />
<br />
{{ic|"3.x"}} indicates the extension works with every shell version. If it breaks, you will know to change it back.<br />
<br />
=== Remove Gnome Shell Extensions ===<br />
<br />
If you have trouble with uninstalling Gnome Extensions via https://extensions.gnome.org/local/, then probably they have been installed as system-wide extensions with {{ic|pacman -S gnome-shell-extensions}} before. To remove them, you have to be careful, because the following instruction removes all extensions from other user's, too.<br />
{{ic|pacman -R gnome-shell-extensions}}<br />
Following that, you refresh Gnome Shell by pressing ALT+F2 and entering {{ic|restart}}<br />
<br />
Then go to https://extensions.gnome.org/local/ again and have a look for your installed extensions list. It should have changed.<br />
<br />
All other extensions should be removable by pressing the red X icon to the right. If not, something may be broken. <br />
<br />
As a final step, you can remove them manually from {{ic|~/.local/share/gnome-shell/extensions/*}} and/or {{ic|/usr/share/gnome-shell/extensions}}. Restart Gnome Shell again and you should be fine.<br />
<br />
=== The "Windows" key ===<br />
By default, this key is mapped to the "overlay-key" to launch the Overview. You can remove this key mapping to free up your {{ic|Windows Key}} (also called {{ic|Mod4}}), which GNOME calls {{ic|Super_L}}, by utilizing {{ic|gsettings}}.<br />
<br />
Example:<br />
{{ic| gsettings set org.gnome.mutter overlay-key 'Foo';}}.<br />
You can leave out '''Foo''' to simply remove any binding to that function.<br />
<br />
{{Note| GNOME also uses {{ic|Alt+F1}} to launch the Overview.}}<br />
<br />
=== Keyboard Shortcut do not work with only conky running ===<br />
The gnome-shell keyboard shortcuts like {{ic|Alt+F2}}, {{ic|Alt+F1}}, and the media key shortcuts do not work if conky is the only program running. However if another application like gedit is running, then the keyboard shortcuts work.<br />
<br />
solution: edit .conkyrc <br />
<br />
own_window yes<br />
own_window_transparent yes<br />
own_window_argb_visual yes<br />
own_window_type dock<br />
own_window_class Conky<br />
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in GNOME Shell which causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit {{ic|/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js}} and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Navigation --> Hide all normal windows<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it cannot unlock it. If the touchpad gets locked you can do the following to unlock it.<br />
# Start a terminal. You can do this by pressing {{ic|Alt+F2}}, then typing {{ic|gnome-terminal}} followed by pressing {{ic|Enter}}.<br />
# Type in the following command<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== GDM and GNOME use X11 cursors ===<br />
<br />
To fix this problem, become root and put the following into {{ic|/usr/share/icons/default/index.theme}} (creating the directory {{ic|/usr/share/icons/default}} if necessary):<br />
{{hc|/usr/share/icons/default/index.theme|<nowiki><br />
[Icon Theme]<br />
Inherits=Adwaita<br />
</nowiki>}}<br />
<br />
Note: Instead of "Adwaita", you can choose another cursor theme (e.g. Human).<br />
<br />
=== Tracker & Documents do not list any local files ===<br />
<br />
In order for Tracker (and, therefore, Documents) to detect your local files, they must be stored in directories that it knows of. If your documents are contained in one of the usual XDG standard directories (i.e. "Documents" or "Music"), you should install {{Pkg|xdg-user-dirs}} and run:<br />
<br />
# xdg-user-dirs-update<br />
<br />
This will create all of the usual XDG home directories if they do not already exist and it will create the config file definining these directories that Tracker and Documents depend upon.<br />
<br />
=== Passwords are not remembered ===<br />
<br />
If you get a password prompt every time you login, and you find password are not saved, you might need to create/set a default keyring:<br />
<br />
Install {{pkg|seahorse}}. Open "Passwords and Keys" from the menu or run {{ic|seahorse}}. Select View > By Keyring. If there is no keyring in the left column (it will be marked with a lock icon), go to File > New > Password Keyring and give it a nice name. You will be asked to enter a password. If you do not give it a password it will be unlocked automatically even when using autologin, but passwords will not be stored securely. Finally, right-click on the keyring you just created and select "Set as default".<br />
<br />
=== Windows cannot be modified with Alt-Key + Mouse-Button ===<br />
<br />
Change the dconf-setting "org.gnome.desktop.wm.preferences.mouse-button-modifier" from <Super> back to <Alt>. It is not possible to change this with ''System Settings'' > "Keyboard" > "Shortcuts", you will find there only the regular keybindings. The developers of GNOME decided to change this from 3.4 to 3.6 because of this bug report https://bugzilla.gnome.org/show_bug.cgi?id=607797<br />
<br />
=== Gnome-shell 3.8.x fails to load with a black screen + cursor ===<br />
<br />
If you have a non-UTF8 language enabled, Gnome 3 can fail to load. Disable non-UTF-8 locales and perform a locale-gen until this is resolved.<br />
For more information see this bug report: https://bugzilla.gnome.org/show_bug.cgi?id=698952<br />
<br />
Additionally, if multiple locales of different languages are enabled, it may be necessary to disable all locales except for one (which is UTF-8).<br />
<br />
=== UI elements scale incorrectly ===<br />
<br />
Gnome introduced HDPI support in version 3.10. If your display does not provide the correct screen size through EDID, this can lead to incorrectly scaled UI elements. As a workaround you can open dconf-editor and find the key {{ic|scaling-factor}} in {{ic|org.gnome.desktop.interface}}. Set it to {{ic|1}} to get the standard scale.<br />
<br />
=== Tear-free video with Intel HD Graphics ===<br />
Enabling the [[Intel _Graphics#Tear-free_video|Xorg Intel TearFree option]] is a known workaround to tearing problems on Intel adapters, however the way this option acts makes it redundant with the use of a compositor (adds up memory consumption and lowers performance, see [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c123 the original bug report's final comment]).<br />
<br />
On the other hand, GNOME Shell uses Mutter as a compositor which has a tweak known to address tearing problems (see [https://bugzilla.gnome.org/show_bug.cgi?id=657071#c1 the original suggestion for this fix] and its mention in [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c59 the Freedesktop bug report]): the line {{ic|1=CLUTTER_PAINT=disable-clipped-redraws:disable-culling}} must be appended to {{ic|/etc/environment}} and Xorg server restarted. This tweak solved tearing problems.<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* [http://extensions.gnome.org/ Extensions for GNOME-shell]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>JimReeshttps://wiki.archlinux.org/index.php?title=GNOME&diff=307837GNOME2014-03-31T22:09:01Z<p>JimRees: /* Starting GNOME */ Start X at Login</p>
<hr />
<div>[[Category:GNOME]]<br />
[[cs:GNOME]]<br />
[[de:GNOME]]<br />
[[es:GNOME]]<br />
[[fr:GNOME]]<br />
[[it:GNOME]]<br />
[[ja:GNOME]]<br />
[[nl:GNOME]]<br />
[[pl:GNOME]]<br />
[[pt:GNOME]]<br />
[[ru:GNOME]]<br />
[[sr:GNOME]]<br />
[[th:GNOME]]<br />
[[tr:Gnome Masaüstü Ortamı]]<br />
[[uk:GNOME]]<br />
[[zh-CN:GNOME]]<br />
[[zh-TW:GNOME]]<br />
{{Related articles start}}<br />
{{Related|Desktop environment}}<br />
{{Related|Display manager}}<br />
{{Related|Window manager}}<br />
{{Related|GTK+}}<br />
{{Related|GDM}}<br />
{{Related|Nautilus}}<br />
{{Related|Gedit}}<br />
{{Related|Epiphany}}<br />
{{Related|GNOME Flashback}}<br />
{{Related articles end}}<br />
<br />
[http://www.gnome.org/ GNOME] is a [[desktop environment]] developed by The GNOME Project.<br />
<br />
GNOME 3 has ''two'' sessions:<br />
<br />
*'''GNOME''' is the default, innovative layout.<br />
*'''GNOME Classic''' is a traditional desktop layout, similar to the GNOME 2 user interface whilst using GNOME 3 technologies. It does so through the use of pre-activated extensions and parameters (see [http://worldofgnome.org/welcome-to-gnome-3-8-flintstones-mode/ here] for a list). Hence it is more of a customized GNOME Shell than a truly distinct mode.<br />
<br />
Both of them use GNOME Shell, a desktop shell and plugin of the Mutter window manager. Mutter acts as a composite manager for the desktop, employing hardware graphics acceleration to provide effects aimed at reducing screen clutter. GNOME session manager automatically detects if your video driver is capable of running GNOME Shell and if not, falls back to software rendering using llvmpipe.<br />
<br />
== Installation ==<br />
<br />
GNOME 3 is available in the [[official repositories]] and can be [[pacman|installed]] with one of the following:<br />
*The {{Pkg|gnome-shell}} package provides a minimal desktop shell.<br />
*The {{Grp|gnome}} group contains the core desktop environment and applications required for the standard GNOME experience.<br />
*The {{Grp|gnome-extra}} group contains various optional tools such as an editor, an archive manager, a disk burner, a mail client, games, development tools and other non-critical applications that integrate well with the GNOME desktop. Installing just the {{Grp|gnome-extra}} group will not pull in the whole {{Grp|gnome}} group via dependencies. If you want to install all GNOME packages then you will need to explicitly install both groups.<br />
<br />
== Starting GNOME ==<br />
<br />
'''Graphical log-in'''<br />
<br />
For the best desktop integration, [[GDM]] (the GNOME [[Display manager]]) is recommended. GDM is installed as part of the {{grp|gnome}} group and can be used by enabling {{ic|gdm.service}} [[systemd#Using units|using systemd]].<br />
<br />
Other display managers can be used in place of GDM if desired.<br />
<br />
{{note|Native support for screenlocking in GNOME is provided by GDM. If you choose to not use GDM you will need to use a different screenlocking program such as [[Xscreensaver]].}} <br />
<br />
'''Starting GNOME manually'''<br />
<br />
If you prefer to start GNOME manually from the console, add the following line to your {{ic|~/.xinitrc}} file:<br />
{{hc|~/.xinitrc|<nowiki><br />
exec gnome-session<br />
</nowiki>}}<br />
<br />
Or {{ic|exec gnome-session --session&#61;gnome-classic}} for GNOME Classic. After editing your {{ic|~/.xinitrc}}, GNOME can be launched by typing {{ic|startx}}.<br />
<br />
See [[xinitrc]] for details, such as preserving the logind session.<br />
<br />
After setting up your {{ic|~/.xinitrc}} file you can also arrange to [[Start X at Login]].<br />
<br />
== Using the shell ==<br />
<br />
=== GNOME cheat sheet ===<br />
<br />
The GNOME web site has a <s>helpful</s> '''outdated''' [https://live.gnome.org/GnomeShell/CheatSheet GNOME Shell cheat sheet] explaining task switching, keyboard use, window control, the panel, overview mode, and more.<br />
<br />
=== Restarting the shell ===<br />
<br />
After appearance tweaks you are often asked to restart the GNOME shell. You could log out and log back in, but it is simpler and faster to issue the following keyboard command. Restart the shell by pressing {{ic|Alt}} + {{ic|F2}} then {{ic|r}} then {{ic|Enter}}<br />
<br />
=== Shell crashes ===<br />
<br />
Certain tweaks and/or repeated shell restarts may cause the shell to crash when a restart is attempted. In this case, you are informed about the crash and then forced to log out. Some shell changes cannot be accomplished via a keyboard restart; you must log out and log back in to effect them.<br />
<br />
{{note|Valuable documents should be saved (and perhaps closed) before attempting a shell restart. It is not strictly necessary; open windows and documents usually remain intact after a shell restart however there is a risk that data could be lost if documents are not saved.}}<br />
<br />
=== Shell freezes ===<br />
<br />
Sometimes shell extensions freeze the GNOME Shell. In this case a possible strategy is to switch to another terminal via {{ic|Ctrl+Alt+F2}} through {{ic|Ctrl+Alt+F6}}, log in, and restart gnome-shell with:<br />
<br />
# pkill -HUP gnome-shell<br />
<br />
All open applications will still be available after restarting the shell.<br />
<br />
Sometimes, however, merely restarting the shell might not be enough. Then you will have to restart X, losing all work in progress. You can restart X by:<br />
<br />
# pkill X<br />
<br />
The GNOME Shell then restarts automatically.<br />
<br />
If this does not work, you can try to restart your login manager. For instance, if you use GDM, try:<br />
<br />
# systemctl restart gdm.service<br />
<br />
{{Tip|You can also use '''htop''' in tty; press ''t'', select the ''gnome-shell'' tree, press ''k'' and send ''SIGKILL''.}}<br />
<br />
== Pacman integration: GNOME PackageKit ==<br />
<br />
GNOME has its own Pacman GUI: {{Pkg|gnome-packagekit}}.<br />
<br />
Using the [https://www.archlinux.org/pacman/libalpm.3.html alpm] backend, it supports the following features:<br />
<br />
* Install and remove packages from the repos.<br />
* Periodically refresh package databases and prompt for updates.<br />
* Install packages from tarballs.<br />
* Search for packages by name, description, category or file.<br />
* Show package dependencies, files and reverse dependencies.<br />
* Ignore IgnorePkgs and hold HoldPkgs.<br />
* Report optional dependencies, .pacnew files, etc.<br />
<br />
You can change the {{ic|remove}} operation from -Rc to -Rsc by setting the DConf key {{ic|org.gnome.packagekit.enable-autoremove}}.<br />
<br />
=== Packages updates notifications ===<br />
<br />
If you want GNOME to check automatically for updates, you must install {{Pkg|gnome-settings-daemon-updates}} from the official repository.<br />
<br />
== Customizing GNOME appearance ==<br />
<br />
The ''Systems Settings'' tool (provided by {{pkg|gnome-control-center}}) is a simple and streamlined panel which covers most basic settings. <br />
<br />
More elaborate graphical customization (such as modifying fonts, themes, titlebar buttons and such) can be done using the graphical ''GNOME tweak tool''. {{Pkg|gnome-tweak-tool}} is available from the [[official repositories]]. See [[#Theming]] below for more information about the subject.<br />
<br />
More extensive customisation may require more low-level configuration, using [[#gsettings and dconf]].<br />
<br />
==== Theming ====<br />
<br />
To install a new theme or icon set, put it in {{ic|~/.themes}} or {{ic|~/.icons}}. You can then activate it using ''GNOME tweak tool'', that is described above.<br />
<br />
Alternatively, you can set a GTK (icon) theme via {{ic|~/.config/gtk-3.0/settings.ini}}. In this file you can set the GTK theme ({{ic|gtk-theme-name}}), the icon theme ({{ic|gtk-icon-theme-name}}), the font ({{ic|gtk-font-name}}) and more.<br />
<br />
''Adwaita,'' the default GNOME 3 theme, is a part of {{pkg|gnome-themes-standard}}. Additional GTK3 themes can be found at [http://browse.deviantart.com/customization/skins/linuxutil/desktopenv/gnome/gtk3/ Deviantart web site.] For example:<br />
{{hc|~/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-theme-name = Adwaita<br />
# next option is applicable only if selected theme supports it<br />
gtk-application-prefer-dark-theme = true<br />
# set font name and dimension<br />
gtk-font-name = Sans 10<br />
</nowiki>}}<br />
<br />
It is necessary to restart the GNOME shell for settings to be applied. More GTK options are found at [http://developer.gnome.org/gtk3/3.0/GtkSettings.html#GtkSettings.properties GNOME developer documentation.]<br />
<br />
==== gsettings and dconf ====<br />
<br />
dconf is a data store used by GNOME to store its settings. It can be edited with the graphical {{ic|dconf-editor}} or the command line {{ic|gsettings}} tool. See [http://blog.fpmurphy.com/2011/03/customizing-the-gnome-3-shell.html Customizing the GNOME Shell] for a tutorial on using gsettings.<br />
<br />
=== Customize top bar ===<br />
<br />
==== Show date in top bar ====<br />
<br />
By default GNOME displays only the weekday and time in the top bar. This can be changed with the following command. Changes take effect immediately. <br />
<br />
# gsettings set org.gnome.desktop.interface clock-show-date true<br />
<br />
==== Hiding icons in the top bar ====<br />
<br />
When installing GNOME, some unwanted icons might appear in the panel. These icons can be removed by manually editing the GNOME panel script.<br />
<br />
For example, to remove the keyboard button, comment out the {{ic|'keyboard'}} line in {{ic|PANEL_ITEM_IMPLEMENTATIONS}}:<br />
<br />
{{hc|/usr/share/gnome-shell/js/ui/panel.js|<nowiki><br />
const PANEL_ITEM_IMPLEMENTATIONS = {<br />
'activities': ActivitiesButton,<br />
'aggregateMenu': AggregateMenu,<br />
'appMenu': AppMenuButton,<br />
'dateMenu': imports.ui.dateMenu.DateMenuButton,<br />
'a11y': imports.ui.status.accessibility.ATIndicator,<br />
'a11yGreeter': imports.ui.status.accessibility.ATGreeterIndicator,<br />
//'keyboard': imports.ui.status.keyboard.InputSourceIndicator,<br />
};<br />
</nowiki>}}<br />
<br />
Then, save your results and restart the shell:<br />
<br />
#{{ic|Alt+F2}}<br />
#{{ic|r}}<br />
#{{ic|Enter}}<br />
<br />
==== Eliminate delay when logging out ====<br />
<br />
The following tweak removes the confirmation dialog and sixty second delay for logging out.<br />
<br />
This dialog normally appears when you log out with the status menu. This tweak affects the '''''Power Off''''' dialog as well. This is not a system-wide change; it affects only the user who enters this command. The change takes effect immediately after entering the command.<br />
<br />
$ gsettings set org.gnome.SessionManager logout-prompt 'false'<br />
<br />
==== Show system monitor ====<br />
<br />
The [https://extensions.gnome.org/extension/120/system-monitor/ system-monitor] extension is included in the {{pkg|gnome-shell-extensions}} package. The git version is available as {{AUR|gnome-shell-system-monitor-applet-git}} in the [[AUR]].<br />
<br />
==== Show weather information ====<br />
<br />
The [https://extensions.gnome.org/extension/613/weather/ Weather] extension can be installed from [https://extensions.gnome.org/extension/613/weather/ the official extension website]. The git version is available as {{AUR|gnome-shell-extension-weather-git}} in the [[AUR]].<br />
<br />
=== Activity view ===<br />
<br />
==== Remove entries from Applications view ====<br />
<br />
Like most desktop environments, GNOME uses .desktop files to populate its Applications view. These text files are located in the '''{{ic|/usr/share/applications}}''' folder. It is not possible to edit these files from a folder view ‒ Nautilus does not treat their icons as text files. Use a terminal to display or edit .desktop file entries. You will need root privileges to edit the .desktop files.<br />
<br />
# ls /usr/share/applications<br />
# nano /usr/share/applications/foo.desktop<br />
<br />
For system wide changes, edit files in '''{{ic|/usr/share/applications}}'''. For local changes, make a copy of ''foo.desktop'' in your home folder.<br />
<br />
$ cp /usr/share/applications/foo.desktop ~/.local/share/applications/<br />
<br />
Edit .desktop files to fit your wishes. <br />
<br />
{{Note|Removing a .desktop file does not uninstall an application, but instead removes its desktop integration: MIME types, shortcuts, and so forth.}}<br />
<br />
To hide an application launcher open its .desktop file in a text editor and add the following line:<br />
<br />
NoDisplay=true<br />
<br />
==== Change application icon size ====<br />
<br />
To change the application icon size it is necessary to edit the GNOME-Shell theme.<br />
<br />
You can edit system files directly (make a backup first) or copy theme files to your local folder and edit these files. <br />
* For the '''default''' theme, edit '''{{ic|/usr/share/gnome-shell/theme/gnome-shell.css}}'''<br />
<br />
* For '''user themes''', edit '''{{ic|/usr/share/themes/<UserTheme>/gnome-shell/gnome-shell.css}}'''<br />
<br />
Edit ''gnome-shell.css'' and replace the following values. Afterward, [[#Restarting the shell|restart the GNOME shell.]]<br />
{{hc|gnome-shell.css|<nowiki><br />
...<br />
/* Application Launchers and Grid */<br />
<br />
.icon-grid {<br />
spacing: 18px;<br />
-shell-grid-horizontal-item-size: 82px;<br />
-shell-grid-vertical-item-size: 82px;<br />
}<br />
<br />
.icon-grid .overview-icon {<br />
icon-size: 48px;<br />
}<br />
...<br />
</nowiki>}}<br />
<br />
==== Change dash icon size ====<br />
GNOME's Activities view has a dash on the left hand side, the size of the icons in this dash will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/dash.js}}.<br />
<br />
{{hc|dash.js|<nowiki><br />
...<br />
<br />
let iconSizes = [ 16, 22, 24, 32, 48, 64 ];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Change switcher (alt-tab) icon size ====<br />
GNOME comes with a built in task switcher, the size of the icons in this task switcher will scale depending on the amount of icons set to display. The scaling can be manipulated or set to a constant icon size. To do so, edit {{ic|/usr/share/gnome-shell/js/ui/altTab.js}}<br />
<br />
{{hc|altTab.js|<nowiki><br />
...<br />
<br />
const iconSizes = [96, 64, 48, 32, 22];<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Change system tray icon size ====<br />
GNOME comes with a built in system tray, visible when the mouse is hovered over the bottom right corner of the screen. The size of the icons in this tray is set to a fixed value of 24. To change this value, edit {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}<br />
{{hc|messageTray.js|<nowiki><br />
...<br />
<br />
ICON_SIZE: 24,<br />
<br />
...<br />
</nowiki>}}<br />
<br />
==== Disable Activity hot corner hovering ====<br />
<br />
To disable automatic activity view when the hot corner is hovered, edit {{ic|/usr/share/gnome-shell/js/ui/layout.js}} (that was ''panel.js'' in GNOME 3.0.x) :<br />
{{hc|layout.js|<nowiki><br />
this._corner = new Clutter.Rectangle({ name: 'hot-corner',<br />
width: 1,<br />
height: 1,<br />
opacity: 0,<br />
reactive: true });icon-size: 48px;<br />
}<br />
</nowiki>}}<br />
and set {{ic|reactive}} to {{ic|false}}. GNOME Shell needs to be restarted.<br />
<br />
{{tip|There are also [[GNOME#GNOME_shell_extensions|GNOME Shell extensions]] that can be installed which will modify this behaviour.}}<br />
<br />
==== Disable Message Tray hovering ====<br />
<br />
The message tray is shown when the mouse hovers at the bottom of the screen for one second. To disable this behavior, comment out the following line in {{ic|/usr/share/gnome-shell/js/ui/messageTray.js}}:<br />
{{hc|messageTray.js|<nowiki><br />
//pointerWatcher.addWatch(TRAY_DWELL_CHECK_INTERVAL, Lang.bind(this, this._checkTrayDwell));<br />
</nowiki>}}<br />
GNOME Shell needs to be restarted. The message tray is still visible in activity view.<br />
<br />
=== Titlebar ===<br />
<br />
==== Reduce title bar height ====<br />
* ''' global''' - edit {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and and reduce its value to a minimum of {{ic|0}}.<br />
* '''user-only''' - copy {{ic|/usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}} to {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}, search for {{ic|title_vertical_pad}} and reduce its value to a minimum of {{ic|0}}.<br />
<br />
Then restart the GNOME shell. <br />
<br />
To restore the original values, [[pacman|install]] the package {{Pkg|gnome-themes-standard}} from the [[official repositories]] or remove {{ic|/home/$USER/.local/share/themes/Adwaita/metacity-1/metacity-theme-3.xml}}<br />
<br />
==== Reorder titlebar buttons ====<br />
<br />
At present this setting can be changed through '''dconf-editor.'''<br />
<br />
For example, to move the close and minimize buttons to the left side of the titlebar, open '''dconf-editor''' and locate the '''''org.gnome.shell.overrides.button_layout''''' key. Change its value to '''{{ic|close,minimize:}}''' (Colon symbol designates the spacer between left side and right side of the titlebar.) Place the buttons in your preferred order. You cannot use a button more than once. Also, keep in mind that certain buttons are deprecated. Restart the shell to see your new button arrangement.<br />
<br />
==== Hide titlebar when maximized ====<br />
The command below will hide the titlebar when windows are maximised:<br />
<br />
# sed -i -r 's|(<frame_geometry name="max")|\1 has_title="false"|' /usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml<br />
<br />
After entering the command restart the GNOME shell. After this tweak, you may find it difficult to un-maximize a window when there is no titlebar to grab.<br />
<br />
With suitable keybindings, you should be able to use {{ic|Alt+F5}}, {{ic|Alt+F10}} or {{ic|Alt+Space}} to remedy the situation.<br />
<br />
To prevent {{ic|metacity-theme-3.xml}} from being overwritten each time package {{pkg|gnome-themes-standard}} is upgraded, add its name to {{ic|/etc/pacman.conf}} with {{ic|NoUpgrade}}.<br />
<br />
{{hc|/etc/pacman.conf|<nowiki>... previous lines ...<br />
<br />
# Pacman will not upgrade packages listed in IgnorePkg and members of IgnoreGroup<br />
# IgnorePkg =<br />
# IgnoreGroup =<br />
<br />
NoUpgrade = usr/share/themes/Adwaita/metacity-1/metacity-theme-3.xml # Do not add a leading slash to the path<br />
<br />
... more lines ...</nowiki>}}<br />
<br />
To restore original Adwaita theme values, install the {{pkg|gnome-themes-standard}} package.<br />
<br />
== Miscellaneous settings ==<br />
<br />
=== Power Management ===<br />
<br />
==== Prevent Suspend-To-RAM (S3) when closing the LID ====<br />
This setting is not exposed in GNOME's ''System Settings'' or in ''dconf''. The current approach is to manage this on the level of [[systemd]]. Edit {{ic|/etc/systemd/logind.conf}}, uncomment the {{ic|HandleLidSwitch}} line and set it to {{ic|ignore}}:<br />
<br />
{{hc|/etc/systemd/logind.conf|HandleLidSwitch&#61;ignore}}<br />
<br />
See the [[Power management#ACPI_events]] article for more information.<br />
<br />
==== No reaction on lid close ====<br />
<br />
When configuring the lid close events via [[systemd#ACPI power management]], the settings may seem to have no effect. If you have an external monitor connected to your laptop, this is default GNOME behaviour. Disconnect the monitor and the settings should work, otherwise your {{ic|/etc/systemd/logind.conf}} may be incorrect.<br />
To change default behaviour open the {{ic|dconf-editor}} and change {{ic|org.gnome.settings-daemon.plugins.xrandr.default-monitors-setup}} to {{ic|"do-nothing"}}.<br />
<br />
==== Change Critical Battery Level Action (for Laptops) ====<br />
<br />
The ''System Settings'' panel only allows the user to choose between ''Suspend'' or ''Hibernate''. To choose another option such as ''Do Nothing'' open the {{ic|dconf-editor}} and navigate to {{ic|org.gnome.settings-daemon.plugins.power}}. Edit the {{ic|"critical-battery-action"}} value to {{ic|"nothing"}}.<br />
<br />
=== Switch back scrolling behavior ===<br />
If you do not like the new scrollbar behavior just put {{ic|<nowiki>gtk-primary-button-warps-slider = false</nowiki>}} under the {{ic|<nowiki>[Settings]</nowiki>}} section in {{ic|~/.config/gtk-3.0/settings.ini}}:<br />
<br />
{{hc|~/.config/gtk-3.0/settings.ini|<nowiki><br />
[Settings]<br />
gtk-primary-button-warps-slider = false<br />
...<br />
</nowiki>}}<br />
<br />
=== Autostarting / Automatic program launch upon logging in ===<br />
<br />
Specify which programs start automatically after logging in using {{ic|gnome-session-properties}}. This tool is part of the {{Pkg|gnome-session}} package.<br />
<br />
$ gnome-session-properties<br />
<br />
=== Editing applications menu ===<br />
<br />
{{pkg|alacarte}} provides a more complete menu editor for adding/editing menu entries.<br />
<br />
=== Inner padding in Gnome Terminal===<br />
To move the terminal output away from the window borders create the stylesheet {{ic|~/.config/gtk-3.0/gtk.css}} with the following setting:<br />
<br />
TerminalScreen {<br />
-VteTerminal-inner-border: 10px 10px 10px 10px;<br />
}<br />
<br />
=== Disable blinking cursor in Terminal ===<br />
Since Gnome 3.8 and the migration to gsettings and dconf the key required to modify in order to disable the blinking cursor in the Terminal differs slightly in contrast to the old gconf key. To disable the blinking cursor in Gnome 3.8 use:<br />
<br />
gsettings set org.gnome.desktop.interface cursor-blink false<br />
<br />
If you prefer dconf to the gsettings CLI then open {{ic|dconf-editor}} and expand expand org -> gnome -> desktop -> interface and untick the option labelled '''cursor-blink'''.<br />
<br />
=== Make new tabs inherit current directory in Gnome Terminal (3.8+) ===<br />
In Gnome 3.8, the behaviour of how current directories are tracked has changed. To restore this behaviour, you need to source the {{ic|/etc/profile.d/vte.sh}} file, put this in your {{ic|~/.bashrc}} or {{ic|~/.zshrc}} for zsh users:<br />
<br />
source /etc/profile.d/vte.sh<br />
<br />
For more information refer to the [https://wiki.gnome.org/action/show/Apps/Terminal/FAQ?action=show&redirect=Terminal%252FFAQ#How_can_I_make_new_terminals_start_in_the_working_directory_of_the_current_terminal.3F Gnome wiki]<br />
<br />
=== Move dialog windows ===<br />
The default configuration for dialogs will not allow you to move them which causes problems in some cases. To change this you will need to use gconf-editor and change this setting:<br />
<br />
/desktop/gnome/shell/windows/attach_modal_dialogs<br />
<br />
After the change you will need to restart the shell for it to take affect.<br />
<br />
=== GNOME shell extensions ===<br />
<br />
GNOME Shell can be customized with extensions. These provide features such as a dock or a widget for changing the theme.<br />
<br />
Many extensions are collected and hosted by [https://extensions.gnome.org/ extensions.gnome.org]. They can be browsed and installed simply activating them in the browser. More information about gnome shell extensions can be found [https://extensions.gnome.org/about/ here].<br />
<br />
See [[#When an extension breaks GNOME|when an extension breaks GNOME]] for troubleshooting information.<br />
<br />
=== Default Applications ===<br />
<br />
While one can right click any file and set the default applications in 'Preferences', the settings are actually saved in {{ic | $HOME/.local/share/applications/mimeapps.list}} and {{ic| $HOME/.local/share/applications/mimeinfo.cache}}<br />
<br />
For systemwide preferences create or edit the file {{ic|/usr/share/applications/mimeapps.list}}.<br />
<br />
{{tip|If you are making the change systemwide you may to create the {{ic|/usr/share/applications/mimeapps.list}} file yourself.}}<br />
<br />
==== Default file browser/replace Nautilus ====<br />
You can specify a different file manager in the ''mimeapps.list'' file as shown below:<br />
<br />
'''User only''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|~/.local/share/applications/mimeapps.list}}<br />
<br />
'''Systemwide''': add the line {{ic|<nowiki>inode/directory=myfilemanager.desktop</nowiki>}} to {{ic|/usr/share/applications/mimeapps.list}}<br />
<br />
Where my filemanager.desktop is the correct .desktop file for the file manager of your choice.<br />
<br />
<br />
Alternatively you can trick GNOME into using another file browser by editing the {{ic|Exec}} line in {{ic|/usr/share/applications/nautilus.desktop}}. See the correct parameters in the {{ic|.desktop}} file of the file manager of your choice, e.g.:<br />
{{hc|/usr/share/applications/nautilus.desktop|<br />
2=[...]<br />
Exec=thunar %F<br />
OR<br />
Exec=pcmanfm %U<br />
OR<br />
Exec=nemo %U<br />
[...]<br />
}}<br />
<br />
==== Default PDF viewer ====<br />
In some cases when you have installed Inkscape or other graphic programs Evince Document Viewer might no longer be selected as the default PDF application. If it is not available in the '''Open With''' entry which would be the GUI solution, you can use the following user command to make it the default application again.<br />
<br />
xdg-mime default evince.desktop application/pdf<br />
<br />
==== Default terminal ====<br />
<br />
{{ic|gsettings}} (which replaces {{ic|gconftool-2}}) is used to set the default terminal. The setting affects ''nautilus-open-terminal'' (a Nautilus extension).<br />
To make [[rxvt-unicode|urxvt]] the default, run:<br />
<br />
gsettings set org.gnome.desktop.default-applications.terminal exec urxvtc<br />
gsettings set org.gnome.desktop.default-applications.terminal exec-arg "'-e'"<br />
<br />
{{Note|The {{ic|-e}} flag is for executing a command. When ''nautilus-open-terminal'' invokes {{ic|urxvtc}}, it puts a {{ic|cd}} command at the end of the command line so that the new terminal starts in the directory you opened it from. Other terminals will require a different (perhaps empty) {{ic|exec-arg}}.}}<br />
<br />
==== Default web browser for gnome-gmail-notifier ====<br />
<br />
To configure the web browser used by the AUR package {{AUR|gnome-gmail-notifier}}, open gconf-editor<br />
and edit the {{ic|/desktop/gnome/url-handlers/http/}} key. You may want to change {{ic|https/}}, {{ic|about/}}, and {{ic|unknown/}} keys while you are at it.<br />
<br />
=== Middle mouse button ===<br />
<br />
By default, GNOME 3 disables middle mouse button emulation regardless of [[Xorg]] settings ('''Emulate3Buttons'''). To enable middle mouse button emulation use:<br />
<br />
$ gsettings set org.gnome.settings-daemon.peripherals.mouse middle-button-enabled true<br />
<br />
=== Display dimming ===<br />
<br />
By default GNOME 3 has a ten second idle timeout to dim the screen regardless of the battery and AC state:<br />
<br />
# gsettings get org.gnome.settings-daemon.plugins.power idle-dim-time<br />
<br />
To set a new value type the following<br />
<br />
# gsettings set org.gnome.settings-daemon.plugins.power idle-dim-time <int><br />
<br />
where <int> is the value in seconds<br />
<br />
=== Changing hotkeys ===<br />
Certain hotkeys cannot be changed directly via the ''System Settings'' panel. In order to change these keys, use dconf-editor. An example of particular note is the hotkey Alt-Above_Tab. On US keyboards, this is Alt-`: is a hotkey often used in the [[Emacs]] editor. It can be changed by opening dconf-editor and modifying the ''switch-group'' key found in {{ic|org.gnome.desktop.wm.keybindings}}.<br />
<br />
It is possible to manually change the keys via an application's so-called accel map file. Where it is to be found is up to the application: For instance, Thunar's is at ~/.config/Thunar/accels.scm, whereas Nautilus's is located at ~/.config/nautilus/accels and ~/.gnome2/accels/nautilus on old release.<br />
<br />
The file should contain a list of possible hotkeys, each unchanged line commented out with a leading ";" that has to be removed for a change to become active.<br />
For example to replace the hotkey used by Nautilus to move files to the trash folder, change the line :<br />
; (gtk_accel_path "<Actions>/DirViewActions/Trash" "<Primary>Delete")<br />
to this :<br />
(gtk_accel_path "<Actions>/DirViewActions/Trash" "Delete")<br />
<br />
The file is regenerated regularly so do not comment the file. The uncommented line will stay but every comment you add will be lost.<br />
<br />
==== Hotkeys in Nautilus 3.4 and older ====<br />
Firstly, use '''dconf-editor''' to place a checkmark next to {{ic|can-change-accels}} in the key named ''org.gnome.desktop.interface.''<br />
<br />
We will replace the hotkey — a.k.a. keyboard shortcut, keyboard accelerator — used by Nautilus to move files to the trash folder.<br />
The default assignment is a somewhat-awkward {{ic|Ctrl+Delete}}.<br />
* Open Nautilus, select any file, and click '''Edit''' on the menu bar.<br />
* Hover over the ''Move to Trash'' menu item.<br />
* While hovering, press {{ic|Delete}}. The current accelerator is now unset.<br />
* Press the key that you wish to become the new keyboard accelerator.<br />
* Press {{ic|Delete}} to make the new accelerator be the Delete key.<br />
Unless you select a file or folder, ''Move to Trash'' will be grayed-out. Finally, disable {{ic|can-change-accels}} to prevent accidental hotkey changes.<br />
<br />
=== Screencast recording ===<br />
<br />
Gnome features the built-in possbility to create screencasts easily. Thereby Control+Shift+Alt+R keybinding starts and stops the recording. A red circle is displayed in the bottom right corner of the screen when the recording is in progress. After the recording is finished, a file named 'Screencast from %d%u-%c.webm' is saved in the Videos directory. In order to use the screencast feature you need to have installed the gst plugins which are:<br />
<br />
$ pacman -Qs gst<br />
<br />
=== Modify Keyboard with XkbOptions ===<br />
<br />
Using the '''dconf-editor''', navigate to the key named ''org.gnome.desktop.input-sources.xkb-options'' and add desired XkbOptions (e.g. 'caps:swapescape') to the list.<br />
<br />
See /usr/share/X11/xkb/rules/xorg for all XkbOptions and then /usr/share/X11/xkb/symbols/* for the respective descriptions.<br />
<br />
{{Note|To enable the {{ic|Ctrl+Alt+Backspace}} combination to terminate Xorg, use the {{Pkg|gnome-tweak-tool}} from [[official repositories]]. Within the Gnome Tweak Tool, navigate to ''Typing > Terminate'' and select the option {{ic|Ctrl+Alt+Backspace}} from the dropdown menu.}}<br />
<br />
=== Toggle keyboard layouts ===<br />
Since Gnome does not consider any configuration in {{ic|/etc/X11/conf.d/*.conf}} you have to set the command for layout switching either via the control center with the options ''Switch to previous source'' and ''Switch to next source'' or if you want to use Alt - Shift combination you have to use the Gnome-Tweak-Tool and set ''Typing -> Modifiers-only input sources -> select Alt-shift''. For more information see also the forum [https://bbs.archlinux.org/viewtopic.php?id=152127 thread].<br />
<br />
=== Other tips ===<br />
See [[GNOME Tips]].<br />
<br />
== Tracker (search program) ==<br />
The {{Pkg|tracker}} provides the Tracker program, an indexing application. You can configure it with {{ic|tracker-preferences}}, and monitor status with {{ic|tracker-control}}. Once installed, indexing should start automatically when you log in. You can explicitly start indexing with {{ic|tracker-control -s}}. Search settings can also be configured in the ''System Settings'' panel.<br />
<br />
== Totem (movie player) ==<br />
<br />
Totem is a movie player based on [[GStreamer]]. For information about adding codecs or hardware acceleration, see [[GStreamer]].<br />
<br />
== Empathy (integrated messaging) and Gnome Online Accounts ==<br />
<br />
Empathy, the engine behind integrated messaging, and all system settings based on messaging accounts will not show up unless the {{grp|telepathy}} group of packages or at least one of the backends ({{pkg|telepathy-gabble}}, or {{pkg|telepathy-haze}}, for example) is installed. You will also need to install the {{grp|telepathy}} group to add accounts in the ''GNOME Online Accounts'' interface found in the ''System Settings'' panel.<br />
<br />
These packages are '''not''' included in either the {{grp|gnome}} or {{grp|gnome-extra}} groups . You can install the Telepathy and optionally any backends with:<br />
<br />
# pacman -S telepathy<br />
<br />
Without telepathy, Empathy will not open the account management dialog and can get stuck in this state. If this happens -- even after quitting Empathy cleanly -- the {{ic|/usr/bin/empathy-accounts}} application can remain running and will need to be killed before you can add any new accounts.<br />
<br />
View descriptions of telepathy components on the [http://telepathy.freedesktop.org/wiki/Components freedesktop.org telepathy wiki].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Cannot change settings in dconf-editor ===<br />
<br />
When one cannot set settings in {{pkg|dconf}}, it is possible their dconf user settings are corrupt. In this case it is best to delete the user dconf files in {{ic|~/.config/dconf/user*}} and set the settings in dconf-editor after.<br />
<br />
=== When an extension breaks GNOME ===<br />
<br />
When enabling shell extensions causes GNOME breakage, you should first remove the ''user-theme'' and ''auto-move-windows'' extensions from their installation directory.<br />
<br />
The installation directory could be one of {{ic|~/.local/share/gnome‑shell/extensions}}, {{ic|/usr/share/gnome‑shell/extensions}} or {{ic|/usr/local/share/gnome‑shell/extensions}}. Removing these two extension-containing folders may fix the breakage. Otherwise, isolate the problem extension with trial‑and‑error.<br />
<br />
Removing or adding an extension-containing folder to the aforementioned directories removes or adds the corresponding extension to your system. Details on GNOME Shell extensions are available at the [https://live.gnome.org/GnomeShell/Extensions GNOME web site.]<br />
<br />
=== Extensions do not work after GNOME 3 update ===<br />
<br />
Locate the folder where your extensions are installed. It might be {{ic|~/.local/share/gnome-shell/extensions}} or {{ic|/usr/share/gnome-shell/extensions}}.<br />
<br />
Edit each occurrence of {{ic|metadata.json}} which appears in each extension sub-folder.<br />
<br />
{| border="0"<br />
| Insert: || {{ic|"shell-version": ["3.6"]}}<br />
|-<br />
| Instead of (for example): || {{ic|"shell-version": ["3.4"]}}<br />
|}<br />
<br />
{{ic|"3.x"}} indicates the extension works with every shell version. If it breaks, you will know to change it back.<br />
<br />
=== Remove Gnome Shell Extensions ===<br />
<br />
If you have trouble with uninstalling Gnome Extensions via https://extensions.gnome.org/local/, then probably they have been installed as system-wide extensions with {{ic|pacman -S gnome-shell-extensions}} before. To remove them, you have to be careful, because the following instruction removes all extensions from other user's, too.<br />
{{ic|pacman -R gnome-shell-extensions}}<br />
Following that, you refresh Gnome Shell by pressing ALT+F2 and entering {{ic|restart}}<br />
<br />
Then go to https://extensions.gnome.org/local/ again and have a look for your installed extensions list. It should have changed.<br />
<br />
All other extensions should be removable by pressing the red X icon to the right. If not, something may be broken. <br />
<br />
As a final step, you can remove them manually from {{ic|~/.local/share/gnome-shell/extensions/*}} and/or {{ic|/usr/share/gnome-shell/extensions}}. Restart Gnome Shell again and you should be fine.<br />
<br />
=== The "Windows" key ===<br />
By default, this key is mapped to the "overlay-key" to launch the Overview. You can remove this key mapping to free up your {{ic|Windows Key}} (also called {{ic|Mod4}}), which GNOME calls {{ic|Super_L}}, by utilizing {{ic|gsettings}}.<br />
<br />
Example:<br />
{{ic| gsettings set org.gnome.mutter overlay-key 'Foo';}}.<br />
You can leave out '''Foo''' to simply remove any binding to that function.<br />
<br />
{{Note| GNOME also uses {{ic|Alt+F1}} to launch the Overview.}}<br />
<br />
=== Keyboard Shortcut do not work with only conky running ===<br />
The gnome-shell keyboard shortcuts like {{ic|Alt+F2}}, {{ic|Alt+F1}}, and the media key shortcuts do not work if conky is the only program running. However if another application like gedit is running, then the keyboard shortcuts work.<br />
<br />
solution: edit .conkyrc <br />
<br />
own_window yes<br />
own_window_transparent yes<br />
own_window_argb_visual yes<br />
own_window_type dock<br />
own_window_class Conky<br />
own_window_hints undecorated,below,sticky,skip_taskbar,skip_pager<br />
<br />
=== Window opens behind other windows when using multiple monitors ===<br />
<br />
This is possibly a bug in GNOME Shell which causes new windows to open behind others.<br />
Unchecking "workspaces_only_on_primary" in desktop/gnome/shell/windows using gconf-editor solves this problem.<br />
<br />
=== Multiple monitors and dock extension ===<br />
<br />
If you have multiple monitors configured using Nvidia Twinview, the dock extension may get sandwiched in-between the monitors. You can edit the source of this extension to reposition the dock to a position of your choosing.<br />
<br />
Edit {{ic|/usr/share/gnome-shell/extensions/dock@gnome-shell-extensions.gnome.org/extension.js}} and locate this line in the source:<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-2, (primary.height-height)/2);<br />
<br />
The first parameter is the X position of the dock display, by subtracting 15 pixels as opposed to 2 pixels from this it correctly positioned on my primary monitor, you can play around with any X,Y coordinate pair to position it correctly.<br />
<br />
this.actor.set_position(primary.width-this._item_size-this._spacing-15, (primary.height-height)/2);<br />
<br />
=== "Show Desktop" keyboard shortcut does not work ===<br />
<br />
GNOME developers treated the corresponding binding as bug (see https://bugzilla.gnome.org/show_bug.cgi?id=643609) due to Minimization being deprecated. To show the desktop again assign ALT+STRG+D to the following setting:<br />
<br />
System Settings --> Keyboard --> Shortcuts --> Navigation --> Hide all normal windows<br />
<br />
=== Unable to apply stored configuration for monitors ===<br />
<br />
If you encounter this message try to disable the xrandr gnome-settings-daemon plugin :<br />
<br />
$ dconf write /org/gnome/settings-daemon/plugins/xrandr/active false<br />
<br />
=== Lock button fails to re-enable touchpad ===<br />
<br />
Some laptops have a touchpad lock button that disables the touchpad so that users can type without worrying about touching the touchpad. It appears currently that although GNOME can lock the touchpad by pressing this button, it cannot unlock it. If the touchpad gets locked you can do the following to unlock it.<br />
# Start a terminal. You can do this by pressing {{ic|Alt+F2}}, then typing {{ic|gnome-terminal}} followed by pressing {{ic|Enter}}.<br />
# Type in the following command<br />
$ xinput set-prop "SynPS/2 Synaptics TouchPad" "Device Enabled" 1<br />
<br />
=== GDM and GNOME use X11 cursors ===<br />
<br />
To fix this problem, become root and put the following into {{ic|/usr/share/icons/default/index.theme}} (creating the directory {{ic|/usr/share/icons/default}} if necessary):<br />
{{hc|/usr/share/icons/default/index.theme|<nowiki><br />
[Icon Theme]<br />
Inherits=Adwaita<br />
</nowiki>}}<br />
<br />
Note: Instead of "Adwaita", you can choose another cursor theme (e.g. Human).<br />
<br />
=== Tracker & Documents do not list any local files ===<br />
<br />
In order for Tracker (and, therefore, Documents) to detect your local files, they must be stored in directories that it knows of. If your documents are contained in one of the usual XDG standard directories (i.e. "Documents" or "Music"), you should install {{Pkg|xdg-user-dirs}} and run:<br />
<br />
# xdg-user-dirs-update<br />
<br />
This will create all of the usual XDG home directories if they do not already exist and it will create the config file definining these directories that Tracker and Documents depend upon.<br />
<br />
=== Passwords are not remembered ===<br />
<br />
If you get a password prompt every time you login, and you find password are not saved, you might need to create/set a default keyring:<br />
<br />
Install {{pkg|seahorse}}. Open "Passwords and Keys" from the menu or run {{ic|seahorse}}. Select View > By Keyring. If there is no keyring in the left column (it will be marked with a lock icon), go to File > New > Password Keyring and give it a nice name. You will be asked to enter a password. If you do not give it a password it will be unlocked automatically even when using autologin, but passwords will not be stored securely. Finally, right-click on the keyring you just created and select "Set as default".<br />
<br />
=== Windows cannot be modified with Alt-Key + Mouse-Button ===<br />
<br />
Change the dconf-setting "org.gnome.desktop.wm.preferences.mouse-button-modifier" from <Super> back to <Alt>. It is not possible to change this with ''System Settings'' > "Keyboard" > "Shortcuts", you will find there only the regular keybindings. The developers of GNOME decided to change this from 3.4 to 3.6 because of this bug report https://bugzilla.gnome.org/show_bug.cgi?id=607797<br />
<br />
=== Gnome-shell 3.8.x fails to load with a black screen + cursor ===<br />
<br />
If you have a non-UTF8 language enabled, Gnome 3 can fail to load. Disable non-UTF-8 locales and perform a locale-gen until this is resolved.<br />
For more information see this bug report: https://bugzilla.gnome.org/show_bug.cgi?id=698952<br />
<br />
Additionally, if multiple locales of different languages are enabled, it may be necessary to disable all locales except for one (which is UTF-8).<br />
<br />
=== UI elements scale incorrectly ===<br />
<br />
Gnome introduced HDPI support in version 3.10. If your display does not provide the correct screen size through EDID, this can lead to incorrectly scaled UI elements. As a workaround you can open dconf-editor and find the key {{ic|scaling-factor}} in {{ic|org.gnome.desktop.interface}}. Set it to {{ic|1}} to get the standard scale.<br />
<br />
=== Tear-free video with Intel HD Graphics ===<br />
Enabling the [[Intel _Graphics#Tear-free_video|Xorg Intel TearFree option]] is a known workaround to tearing problems on Intel adapters, however the way this option acts makes it redundant with the use of a compositor (adds up memory consumption and lowers performance, see [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c123 the original bug report's final comment]).<br />
<br />
On the other hand, GNOME Shell uses Mutter as a compositor which has a tweak known to address tearing problems (see [https://bugzilla.gnome.org/show_bug.cgi?id=657071#c1 the original suggestion for this fix] and its mention in [https://bugs.freedesktop.org/show_bug.cgi?id=37686#c59 the Freedesktop bug report]): the line {{ic|1=CLUTTER_PAINT=disable-clipped-redraws:disable-culling}} must be appended to {{ic|/etc/environment}} and Xorg server restarted. This tweak solved tearing problems.<br />
<br />
== External links ==<br />
* [http://www.gnome.org/ The Official Website of GNOME]<br />
* [http://extensions.gnome.org/ Extensions for GNOME-shell]<br />
* Themes, icons, and backgrounds:<br />
** [http://art.gnome.org/ GNOME Art]<br />
** [http://www.gnome-look.org/ GNOME Look]<br />
* GTK/GNOME programs:<br />
** [http://www.gnomefiles.org/ GNOME Files]<br />
** [http://www.gnome.org/projects/ GNOME Project Listing]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Lenovo_ThinkPad_T400&diff=305551Lenovo ThinkPad T4002014-03-19T02:56:41Z<p>JimRees: /* Synaptic, UltraNav */ typo</p>
<hr />
<div>[[Category:Lenovo]]<br />
{{Poor writing|Numerous spelling, grammar, and style issues.}}<br />
{{Related articles start}}<br />
{{Related|Lenovo ThinkPad T400s}}<br />
{{Related articles end}}<br />
Installation instructions for the Lenovo ThinkPad T400.<br />
<br />
==System Specification==<br />
<br />
Note, [http://en.wikipedia.org/wiki/ThinkPad_T_Series ThinkPad T400] is available in a few hardware variants. Check the [http://www.thinkwiki.org ThinkWiki] where details of hardware specification are discussed in the [http://www.thinkwiki.org/wiki/Category:T400 T400] category.<br />
<br />
Below is an overview of the T400 specifications as originally used to start this article:<br />
<br />
*CPU : Intel® Core™2 Duo Processor T9400 (6M Cache, 2.53 GHz, 1066 MHz FSB)<br />
*Memory : 3GB PC3-8500 DDR3<br />
*WiFi : Intel WiFi Link 5300<br />
*Hard-Drive : 160GB, 7200rpm<br />
*Optical Drive : DVD Recordable<br />
*Integrated Graphics : Intel 4500MHD<br />
*Discrete Graphics : AMD M82XT Hybrid 256 MB (ATI Mobility Radeon HD 3470)<br />
*Screen : 14.1" WXGA+ TFT with LED Backlight<br />
*Gigabit Ethernet, Modem<br />
*Express Card & PC Card Slots<br />
*Integrated Bluetooth PAN<br />
*No camera<br />
*No fingerprint reader<br />
*No Intel Turbo Memory<br />
<br />
==Network==<br />
===Ethernet===<br />
The [[kernel module]] to get the network card to work is {{ic|e1000e}}.<br />
<br />
===Wireless===<br />
Lenovo offers different options in wireless hardware:<br />
<br />
====Intel chipset====<br />
*Wifi link 5100 and 5300<br />
<br />
The drivers are included in the 2.6.27 kernel. However, it's important to make sure that you have the correct firmware. I installed the iwlwifi-5000-ucode. See [[Wireless#iwl3945.2C_iwl4965_and_iwl5000-series|this section]] for more details.<br />
<br />
Since the 2.6.34 kernel update, the firmware files were moved to the {{ic|linux-firmware}} package. Manually installing other firmware packages is not required.<br />
<br />
====Realtek chipset====<br />
<br />
*Rtl8192SE<br />
11b/g/n Wireless Lan Mini-PCI Express Adapter II<br />
03:00.0 Network controller: Realtek Semiconductor Co., Ltd. Device 8172 (rev 10)<br />
<br />
See http://www.thinkwiki.org/wiki/ThinkPad_11b/g/n_Wireless_LAN_Mini-PCI_Express_Adapter_II for more details.<br />
<br />
See [[Wireless network configuration#rtl8192s]].<br />
<br />
===Modem===<br />
There is a module "hsfmodem" provided by http://www.linuxant.com/.<br />
<br />
===Bluetooth===<br />
<br />
If you have [http://www.thinkwiki.org/wiki/Thinkpad-acpi thinkpad-acpi] kernel module loaded, you can enable and disable Bluetooth from command line. To enable:<br />
<br />
{{bc|# echo 1 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable:<br />
<br />
{{bc|# echo 0 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable or enable Bluetooth at startup, add one of the above commands to {{ic|/etc/rc.local}}.<br />
<br />
The bluetooth module requires {{ic|uhci_hcd}}. Make sure {{ic|/etc/modprobe.d/modprobe.conf}} does not blacklist it.<br />
<br />
For everything else related to Bluetooth, follow the procedure described in [[Bluetooth]] section of the Arch Wiki.<br />
<br />
==Graphics/Xorg Configuration==<br />
Note that it's possible to switch the graphics adapter by only restarting X, but It's quite useless since you can't power up/down a graphic-card without rebooting. So it's either both graphic-card on at all times, or do the switching in the BIOS.<br />
<br />
So please press the ThinkVantag-button» during boot up and enable either the Integrated or the Discrete graphics cards in your BIOS's "Config->Display" menu.<br />
<br />
===Integrated Graphics===<br />
After installing [[Xorg#Installation|xorg]], I installed the [[Intel|xf86-video-intel drivers]].<br />
<br />
===Discrete Graphics===<br />
All 3 ATI drivers worked. That is both [[ATI#Open-Source_ATI_Drivers|open-source drivers]] (<code>xf86-video-ati</code> and <code>xf86-video-radeonhd</code>) and [[ATI#ATI_Catalyst_proprietary_driver|fglrx]] (the <code>catalyst</code> proprietary drivers).<br />
<br />
I could not get the <code>xf86-video-radeonhd</code> drivers to detect my external monitor, but <code>xf86-video-ati</code> worked fine. Remember to remove <code>catalyst</code> and <code>catalyst-utils</code> and reboot before using an [[ATI#Open-Source_ATI_Drivers|open source ATI drivers]]. ATI uses its own OpenGL library in its proprietary drivers, which is included in <code>catalyst-utils</code> and conflicts with libgl. As it did with the integrated graphics, running '''X -configure''' generated a working xorg.conf.<br />
<br />
To get the [[ATI#ATI_Catalyst_proprietary_driver|catalyst drivers]] working, you do have to [[ATI#Configuration|configure]] your xorg.conf properly. I used '''aticonfig --initial''' to generate a working xorg.conf. I did encounter a problem that I have not been able to solve yet : resizing a window in a compositing window manager takes 1-2 seconds. This makes the drivers pretty much unusable.<br />
<br />
===Switchable Graphics===<br />
Is currently not supported by the kernel. You can enable switchable-graphics in the BIOS and make Xorg do the switching, but then both cards will always use power and generate lots of heat. See the [http://en.gentoo-wiki.com/wiki/Lenovo_ThinkPad_T400#Getting_both_to_work| gentoo-wiki] to keep up too date on the issue.<br />
<br />
You can also try David Arlile's patch to power off the unused card. See http://airlied.livejournal.com/71434.html and http://linux-hybrid-graphics.blogspot.com/.<br />
<br />
===Synaptic, UltraNav===<br />
You may need to install the {{ic|xf86-input-synaptics}} package.<br />
<br />
If you want to be able to use horizontal and vertical scroll with your touchpad add this lines to your xorg.conf<br />
<br />
Section "Module"<br />
......<br />
Load "synaptics"<br />
EndSection<br />
<br />
Section "InputDevice"<br />
Identifier "Touchpad"<br />
Driver "synaptics"<br />
Option "AlwaysCore"<br />
Option "Device" "/dev/input/mouse1"<br />
Option "Protocol" "auto-dev"<br />
Option "SendCoreEvents" "true"<br />
Option "LeftEdge" "1632"<br />
Option "RightEdge" "5312"<br />
Option "TopEdge" "1575"<br />
Option "BottomEdge" "4281"<br />
Option "FingerLow" "25"<br />
Option "FingerHigh" "30"<br />
Option "MaxTapTime" "180"<br />
Option "MaxTapMove" "220"<br />
Option "VertScrollDelta" "100"<br />
Option "MinSpeed" "0.06"<br />
Option "MaxSpeed" "0.12"<br />
Option "AccelFactor" "0.0010"<br />
Option "VertEdgeScroll" "on"<br />
Option "HorizEdgeScroll" "on"<br />
# Option HorizScrollDelta""0" <br />
Option "SHMConfig" "on"<br />
EndSection <br />
<br />
for trackpoint with third button paste & scroll add these few lines to xorg.conf too<br />
<br />
Section "InputDevice"<br />
Identifier "Trackpoint"<br />
Driver "mouse"<br />
Option "CorePointer"<br />
Option "Device" "/dev/input/mice"<br />
Option "Protocol" "Auto"<br />
Option "Emulate3Buttons"<br />
Option "Emulate3Timeout" "50"<br />
Option "EmulateWheel" "on"<br />
Option "EmulateWheelTimeout" "200" # adjust third button paste timeout. <br />
Option "EmulateWheelButton" "2"<br />
Option "YAxisMapping" "4 5"<br />
Option "XAxisMapping" "6 7"<br />
Option "YAxisMapping" "4 5"<br />
EndSection<br />
<br />
finally update your layout<br />
<br />
Section "ServerLayout"<br />
InputDevice "Trackpoint" "CorePointer"<br />
InputDevice "Touchpad"<br />
InputDevice "Keyboard0" "CoreKeyboard"<br />
EndSection<br />
<br />
==Audio==<br />
Once you have [[ALSA]] installed, fire up alsamixer and make sure that sound is not muted. You might also want to press the Volume Up or Volume Down button. It seems than the Mute button mutes everything, even system beeps. Pressing the Volume Up or Volume Down button can unmute, but not pressing the Mute button again.<br />
<br />
Here's the modules I have loaded that are relevant to sound :<br />
$ lsmod | grep snd<br />
snd_seq_oss 35584 0<br />
snd_seq_midi_event 9344 1 snd_seq_oss<br />
snd_seq 58336 4 snd_seq_oss,snd_seq_midi_event<br />
snd_seq_device 9364 2 snd_seq_oss,snd_seq<br />
snd_hda_intel 474672 2<br />
snd_hwdep 10632 1 snd_hda_intel<br />
snd_pcm_oss 45568 0<br />
snd_pcm 82440 2 snd_hda_intel,snd_pcm_oss<br />
snd_timer 24720 2 snd_seq,snd_pcm<br />
snd_page_alloc 10640 2 snd_hda_intel,snd_pcm<br />
snd_mixer_oss 18944 1 snd_pcm_oss<br />
snd 64840 16 snd_seq_oss,snd_seq,snd_seq_device,snd_hda_intel,snd_hwdep,snd_pcm_oss,snd_pcm,snd_timer,snd_mixer_oss<br />
soundcore 9632 1 snd<br />
<br />
Additionally, there is a patch for the audio driver for conexant's chipsets provided by http://www.linuxant.com which can be downloaded at http://www.linuxant.com/alsa-driver/.<br />
<br />
==Multimedia Keys==<br />
The screen brightness controls and the flashlight work without any tweaking. The other keys can be mapped using [[Extra_Keyboard_Keys#In_Xorg|xev]] and xbindkeys. By following [http://wiki.linuxquestions.org/wiki/Configuring_keyboards#Enabling_Keyboard_Multimedia_Keys this guide] you should be able to get everything working, but here's summary :<br />
<br />
*First, open a terminal and type <code>xev</code>. This starts the "Event tester".<br />
*Place your cursor on the "Event tester" window.<br />
*When you press a key on your keyboard or move your mouse, it should get displayed in a terminal. For instance, this is what shows up if you press Fn+F2 <br />
KeyRelease event, serial 33, synthetic NO, window 0x3000001,<br />
root 0x86, subw 0x0, time 5537544, (76,110), root:(81,938),<br />
state 0x0, '''keycode 146''' (keysym 0x0, '''NoSymbol'''), same_screen YES,<br />
XLookupString gives 0 bytes:<br />
XFilterEvent returns: False<br />
It basically says that '''keycode 146''' is not bound ('''NoSymbol''').<br />
Here are all the keycodes of all multimedia buttons:<br />
<br />
Volume Down : keycode 174<br />
Volume Up : keycode 176<br />
Fn+F2 : keycode 146<br />
Fn+F3 : keycode 241<br />
Fn+F4 : keycode 223<br />
Fn+F5 : Not responding to events ??<br />
Fn+F7 : keycode 214<br />
Fn+F8 : keycode 249<br />
Fn+F9 : keycode 207<br />
Fn+F12 : keycode 165<br />
Fn+Up : keycode 164<br />
Fn+Down : keycode 162<br />
Fn+Left : keycode 144<br />
Fn+Right : keycode 153<br />
Fn+Home : keycode 212<br />
Fn+End : keycode 101<br />
*Type <code>xmodmap -pke > ~/.Xmodmap</code> in a terminal. This creates a file, <code>.Xmodmap</code>, containing your current keyboard mapping.<br />
*Now open the file with a text editor and find the keycodes you're interested in. You can map any keycode with a symbol from [http://wiki.linuxquestions.org/wiki/XF86_keyboard_symbols this list].<br />
*To get your new <code>.Xmodmap</code> loaded when you start X, just add <code>xmodmap ~/.Xmodmap</code> to your .xinitrc.<br />
*To get your new <code>.Xmodmap</code> loaded immediately, type <code>xmodmap ~/.Xmodmap</code> in a terminal.<br />
<br />
You can now assign functions to your newly bound keys by using [[Extra_Keyboard_Keys_in_Xorg#Using_your_Desktop_Environment_tools|facilities provided by your window desktop environment]] or by using <code>xbindkeys</code>.<br />
<br />
To use <code>xbindkeys</code>,<br />
*Start by installing it<br />
pacman -S xbindkeys<br />
*Then add <code>xbindkeys &</code> to your .xinitrc.<br />
*And finally, in your home directory, create a file called <code>.xbindkeysrc.scm</code> with content that would look something like <br />
(xbindkey '("XF86Standby") "sudo killall dhcpcd && sudo pm-suspend")<br />
(xbindkey '("XF86AudioRaiseVolume") "amixer set Master 2dB+ unmute")<br />
(xbindkey '("XF86AudioLowerVolume") "amixer set Master 2dB- unmute")<br />
<br />
Note, in more recent Arch (kernel 3.4.2, xorg-server 1.12.2, laptop-mode-tools 1.61), on the T400, related keys combinations binding seems to be:<br />
*Fn+2 → XF86ScreenSaver<br />
*Fn+4 → XF86Sleep & XF86Wakeup<br />
*Fn+12 → XF86Suspend<br />
<br />
Now, the actual action will performed on XF86Sleep or XF86Suspend is configurable in session policy, so it may vary (e.g. depending on desktop environment).<br />
If nomenclature of XF86Standby, XF86Hibernate or XF86Sleep is confusing, check the thread [http://thread.gmane.org/gmane.linux.acpi.devel/37554 suspend / hibernate nomenclature] for in-depth explanation.<br />
<br />
===Mute===<br />
To get the mute button to work, it is necessary to pass the string <code>acpi_osi="Linux"</code> to the kernel as a boot parameter. In GRUB2, add it to the "linux" line. See [http://www.thinkwiki.org/wiki/Mute_button here] for more details.<br />
<br />
With the 3.1 bios, it seems that the mute button works normally (set it up the same as the volume buttons with, for instance, "amixer set Master toggle").<br />
<br />
==ACPI==<br />
To enable the fan speed control, it's necessary to load the thinkpad_acpi with option fan_control=1. After the thinkpad_acpi module is loaded with this option, you can monitor and adjust the fan speed via /proc/acpi/ibm/fan.<br />
<br />
==SUSPEND-RESUME==<br />
People have been having issues with suspend resume with the current intel xf86-video-intel 2.4.3.1 drivers in combination with the 4500mhd chipset. This is apparently an issue with concurrency as adding the following script (with mod 755) in /etc/pm/sleep.d fixes things. to some extent...<br />
<br />
#!/bin/sh<br />
# Workaround for concurrency bug in xserver-xorg-video-intel 2:2.4.1-1ubuntu10.<br />
# Save this as /etc/pm/sleep.d/00CPU <br />
<br />
. "/usr/lib/pm-utils/functions"<br />
<br />
case "$1" in<br />
hibernate|suspend)<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 0 >$i<br />
done<br />
;;<br />
thaw|resume) <br />
sleep 10 # run with one core for 10 secs<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 1 >$i<br />
done<br />
;;<br />
*)<br />
;;<br />
esac<br />
<br />
<br />
From http://ubuntu-virginia.ubuntuforums.org/showpost.php?p=6105510&postcount=12 petri4 on the ubuntu forums.</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:VirtualBox&diff=278149Talk:VirtualBox2013-10-10T00:22:42Z<p>JimRees: /* Access to shared folders hangs */</p>
<hr />
<div>== vmware ==<br />
Anybody, any experience with how to use existing vmware virtual machine in virtualbox? I tried, but without success. I'll retry using: http://liquidat.wordpress.com/2007/11/23/howto-transform-a-qemu-image-to-a-virtualbox-image/ and post my findings. -- [[User:Drakosha|Drakosha]] [[User talk:Drakosha|(talk)]] 08:38, 24 June 2007 (UTC)<br />
: I'm currently rewriting/restructuring the article and I'm gonna add this information. I'm quite accustomed to use VmWare VMs on VirtualBox. -- [[User:wget|wget]] ([[User talk:wget|talk]]) 09:10, 9 October 2013 (UTC)<br />
<br />
== Removal of VBoxClient-all ==<br />
<br />
Why is there no mention of /usr/bin/VBoxClient-all script? It is imporant for getting the final touches for an archlinux guest to work correctly.<br />
<br />
== vboxusers group ==<br />
It would be nice if someone explained why you might need to add your user to {{Ic|vboxusers}} group. I did not add my user to this group and everything worked as expected. --[[User:Bhobbit|Bhobbit]] 19:11, 12 April 2010 (EDT)<br />
<br />
== vbox-service ==<br />
<br />
In section "Synchronise guest date with host" it should be noted that starting ''vbox-service'' is also required for the auto mounting feature to work. For example, creating a ''Shared Folder'' with the options ''Make Permanent'' and ''Auto-Mount'' selected will NOT auto mount in ''/media/sf_<SHARE_NAME>'' if ''vbox-service'' has not been started. --[[User:Sjroe|sjroe]] 19:13, 30 December 2011 (EST)<br />
<br />
:With ''systemd'', running ''sudo systemd enable vboxservice.service'' makes ''VBoxService'' run on every install. Or, running ''VBoxService'' as root at boot works too. --[[User:Meatcar|Meatcar]] ([[User talk:Meatcar|talk]]) 17:34, 17 October 2012 (UTC)<br />
<br />
== vboxnetflt ==<br />
<br />
I had to modprobe vboxnetflt and add it in /etc/modules-load.d to be able to run the virtualbox GUI application.<br />
-- [[User:erlhel|erlhel]] ([[User talk:erlhel|talk]]) 12:21, 25 September 2012 (UTC)<br />
<br />
== vdfuse ==<br />
<br />
The tool [https://aur.archlinux.org/packages.php?ID=31200 vdfuse] (if it works with archlinux) could be suggested in the [[VirtualBox#Mounting_.vdi_Images|Mounting .vdi Images]] section instead of telling that it's impossible. -- [[User:Heinrich5991|Heinrich5991]] ([[User talk:Heinrich5991|talk]]) 11:01, 3 October 2012 (UTC)<br />
: Since you use vdfuse and familiar with it, you can add these info yourself. See [[Help:Editing]] and [[Help:Style]] for a guide. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 12:17, 5 October 2012 (UTC)<br />
<br />
== USB on Win7 Guest ==<br />
<br />
In my experience I have found that USB devices will not be detected/installed correctly on a Windows 7 guest without enabling the USB 2.0 (EHCI) Controller which requires the full blown VirtualBox Extensions available from here: https://www.virtualbox.org/wiki/Downloads [[User:AdmiralAkber|AdmiralAkber]] ([[User talk:AdmiralAkber|talk]]) 02:59, 20 February 2013 (UTC)<br />
<br />
== Arch Linux Guests and .xinitrc ==<br />
<br />
The Arch Linux Guests section directs users to create a ~/.xinitrc file if one does not exist. If a user has just setup his system, this will break X. Can we put in a note about that? [[User:Benash|Benash]] ([[User talk:Benash|talk]]) 00:13, 15 June 2013 (UTC)<br />
<br />
:The best thing would be just link to [[Xinitrc]] without duplicating information. However the second best thing would be instructing to copy .xinitrc from /etc/skel first. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 04:07, 16 June 2013 (UTC)<br />
<br />
== Access to shared folders hangs ==<br />
<br />
I don't see how it's an improvement to remove the actual pacman commands needed to fix this issue. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 16:35, 8 October 2013 (UTC)<br />
<br />
: Because your method isn't platform generic. You actually wrote the command to downgrade your kernel for a 32 bits architecture (i686) and assuming the kernel .pkg.tar.xz is still in the {{ic||/var/cache/pacman/pkg}} directory which might not be the case (if the user cleans his cache for example). If the reader doesn't know how to downgrade a package (or more specifically his kernel), he could read the [[Downgrade#Downgrading_the_kernel |dedicated article for that]]. There is no need to put the downgrading instruction here.<br />
<br />
: Btw, FYI, this problem is now fixed, I asked to port the fix from upstream and the latter has been integrated in the current revision of the virtualbox additions packaged by the ArchLinux TU. I'll remove this section when the next official VirtualBox maintenance version (4.2.20) or the new 4.3 is released. -- [[User:wget|wget]] ([[User talk:wget|talk]]) 09:00, 9 October 2013 (UTC)<br />
<br />
::That makes sense. Thanks. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 00:22, 10 October 2013 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=Talk:VirtualBox&diff=278051Talk:VirtualBox2013-10-08T16:35:59Z<p>JimRees: /* Access to shared folders hangs */ new section</p>
<hr />
<div>== vmware ==<br />
Anybody, any experience with how to use existing vmware virtual machine in virtualbox? I tried, but without success. I'll retry using: http://liquidat.wordpress.com/2007/11/23/howto-transform-a-qemu-image-to-a-virtualbox-image/ and post my findings.<br />
<br />
== Removal of VBoxClient-all ==<br />
<br />
Why is there no mention of /usr/bin/VBoxClient-all script? It is imporant for getting the final touches for an archlinux guest to work correctly.<br />
<br />
== vboxusers group ==<br />
It would be nice if someone explained why you might need to add your user to {{Ic|vboxusers}} group. I did not add my user to this group and everything worked as expected. --[[User:Bhobbit|Bhobbit]] 19:11, 12 April 2010 (EDT)<br />
<br />
== vbox-service ==<br />
<br />
In section "Synchronise guest date with host" it should be noted that starting ''vbox-service'' is also required for the auto mounting feature to work. For example, creating a ''Shared Folder'' with the options ''Make Permanent'' and ''Auto-Mount'' selected will NOT auto mount in ''/media/sf_<SHARE_NAME>'' if ''vbox-service'' has not been started. --[[User:Sjroe|sjroe]] 19:13, 30 December 2011 (EST)<br />
<br />
:With ''systemd'', running ''sudo systemd enable vboxservice.service'' makes ''VBoxService'' run on every install. Or, running ''VBoxService'' as root at boot works too. --[[User:Meatcar|Meatcar]] ([[User talk:Meatcar|talk]]) 17:34, 17 October 2012 (UTC)<br />
<br />
== vboxnetflt ==<br />
<br />
I had to modprobe vboxnetflt and add it in /etc/modules-load.d to be able to run the virtualbox GUI application.<br />
-- [[User:erlhel|erlhel]] ([[User talk:erlhel|talk]]) 12:21, 25 September 2012 (UTC)<br />
<br />
== vdfuse ==<br />
<br />
The tool [https://aur.archlinux.org/packages.php?ID=31200 vdfuse] (if it works with archlinux) could be suggested in the [[VirtualBox#Mounting_.vdi_Images|Mounting .vdi Images]] section instead of telling that it's impossible. -- [[User:Heinrich5991|Heinrich5991]] ([[User talk:Heinrich5991|talk]]) 11:01, 3 October 2012 (UTC)<br />
: Since you use vdfuse and familiar with it, you can add these info yourself. See [[Help:Editing]] and [[Help:Style]] for a guide. -- [[User:Fengchao|Fengchao]] ([[User talk:Fengchao|talk]]) 12:17, 5 October 2012 (UTC)<br />
<br />
== USB on Win7 Guest ==<br />
<br />
In my experience I have found that USB devices will not be detected/installed correctly on a Windows 7 guest without enabling the USB 2.0 (EHCI) Controller which requires the full blown VirtualBox Extensions available from here: https://www.virtualbox.org/wiki/Downloads [[User:AdmiralAkber|AdmiralAkber]] ([[User talk:AdmiralAkber|talk]]) 02:59, 20 February 2013 (UTC)<br />
<br />
== Arch Linux Guests and .xinitrc ==<br />
<br />
The Arch Linux Guests section directs users to create a ~/.xinitrc file if one does not exist. If a user has just setup his system, this will break X. Can we put in a note about that? [[User:Benash|Benash]] ([[User talk:Benash|talk]]) 00:13, 15 June 2013 (UTC)<br />
<br />
:The best thing would be just link to [[Xinitrc]] without duplicating information. However the second best thing would be instructing to copy .xinitrc from /etc/skel first. -- [[User:Kynikos|Kynikos]] ([[User talk:Kynikos|talk]]) 04:07, 16 June 2013 (UTC)<br />
<br />
== Access to shared folders hangs ==<br />
<br />
I don't see how it's an improvement to remove the actual pacman commands needed to fix this issue. [[User:JimRees|JimRees]] ([[User talk:JimRees|talk]]) 16:35, 8 October 2013 (UTC)</div>JimReeshttps://wiki.archlinux.org/index.php?title=VirtualBox&diff=276713VirtualBox2013-09-26T20:24:53Z<p>JimRees: /* Access to shared folders hangs */ the fix that worked for me</p>
<hr />
<div>[[Category:Emulators]]<br />
[[Category:Virtualization]]<br />
[[cs:VirtualBox]]<br />
[[de:VirtualBox]]<br />
[[es:VirtualBox]]<br />
[[fr:VirtualBox]]<br />
[[hu:VirtualBox]]<br />
[[it:VirtualBox]]<br />
[[ja:VirtualBox]]<br />
[[pt:VirtualBox]]<br />
[[ru:VirtualBox]]<br />
[[zh-CN:VirtualBox]]<br />
{{Article summary start}}<br />
{{Article summary text|This article is about basic usage of VirtualBox, including running the VirtualBox software within an Arch ''host'', and running an Arch ''guest'' inside a VirtualBox virtual machine.}}<br />
{{Article summary heading|Required software}}<br />
{{Article summary link|VirtualBox|https://www.virtualbox.org}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|VirtualBox Extras}}<br />
{{Article summary wiki|PhpVirtualBox}}<br />
{{Article summary wiki|VirtualBox Arch Linux Guest On Physical Drive}}<br />
{{Article summary wiki|Installing Arch Linux from VirtualBox}}<br />
{{Article summary wiki|Moving an existing install into (or out of) a virtual machine}}<br />
{{Article summary end}}<br />
<br />
'''VirtualBox''' is a virtual PC emulator like [[VMware]]. It is in constant development and new features are implemented all the time. e.g. version 2.2 introduced OpenGL 3D acceleration support for Linux and Solaris guests. It has a [[Qt]] GUI interface, as well as headless and [[Wikipedia:SDL|SDL]] command line tools for managing and running virtual machines. It includes ''guest additions'' for some guest operating systems, which integrate functions of the guest and host systems, including sharing files, the clipboard, video acceleration and a “seamless” window integration mode.<br />
<br />
{{Wikipedia|VirtualBox}}<br />
<br />
== Installation on host ==<br />
<br />
The basic GPL-licensed VirtualBox suite can be [[pacman|installed]] with the {{Pkg|virtualbox}} package from the [[official repositories]].<br />
<br />
The {{pkg|virtualbox-host-modules}} package, which contains the precompiled modules for the stock archlinux kernel, should be installed with it. If you are using the {{pkg|linux-lts}} kernel you should also install the {{pkg|virtualbox-host-modules-lts}} package. For custom kernels, read [[#Hosts running a custom kernel|the section below]].<br />
<br />
In order to use the graphical interface, based on [[Qt]] ({{ic|VirtualBox}} command), you will also need to install the {{Pkg|qt4}} package. This is not required for the simpler SDL-only GUI ({{ic|VBoxSDL}} command) nor for the {{ic|VBoxHeadless}} command.<br />
<br />
=== Hosts running a custom kernel ===<br />
<br />
VirtualBox works fine with custom kernels such as [[Linux-ck]] ''without'' the need to keep any of the official Arch kernel packages on the system. As these official kernel packages are dependencies of {{ic|virtualbox-host-modules}}, if you want to prevent pacman from installing these unneeded packages, please install the {{Pkg|virtualbox-host-dkms}} package instead. The latter comes bundled with the source of the virtualbox kernel modules that will be used to generate these modules for your kernel. See {{Bug|26721}} for further explanations.<br />
<br />
Once {{Pkg|virtualbox-host-dkms}} is installed, simply generate the kernel modules for your custom kernel by running:<br />
# dkms install vboxhost/<virtualbox-host-source version> -k <your custom kernel's version>/<your architecture><br />
<br />
or use this automatic command:<br />
# dkms install vboxhost/$(pacman -Q virtualbox|awk {'print $2'}|sed 's/\-.\+//') -k $(uname -rm|sed 's/\ /\//')<br />
<br />
{{Note|If you are getting an error like {{ic|Your kernel headers for kernel <your custom kernel's version> cannot be found at/usr/lib/modules/<your custom kernel's version>/build or /usr/lib/modules/<your custom kernel's version>/source}}, you're probably missing {{Pkg|linux-headers}}.}}<br />
<br />
After the VirtualBox module has been created, load it:<br />
# modprobe vboxdrv<br />
<br />
To load/compile the virtualbox module automatically at startup you can enable {{ic|dkms.service}}:<br />
# systemctl enable dkms.service<br />
<br />
==== Automatic re-compilation of the virtualbox host modules with every update of any kernel====<br />
<br />
This is possible thanks to {{AUR|vboxhost-hook}} from the [[AUR]]. In '''vboxhost-hook''', the 'automatic re-compilation' functionality is done by a '''vboxhost hook''' on [[mkinitcpio]] after forcing to update the {{Pkg|linux-headers}} package. You will need to add 'vboxhost' to the HOOKS array in {{ic|/etc/mkinitcpio.conf}}, as well as 'linux-headers' and your custom kernel(s) headers to the SyncFirst array in {{ic|/etc/pacman.conf}} for this to work.<br />
<br />
{{Warning|The SyncFirst option is no longer available as of pacman 4.1. Use<br />
<br />
# pacman -Sy linux-headers && pacman -Su<br />
<br />
instead to manually cause linux-headers to be updated first. See [https://mailman.archlinux.org/pipermail/arch-general/2013-April/033297.html This explanation].}}<br />
<br />
The hook will call the '''dkms''' command to update the virtualbox host modules for the version of your new kernel.<br />
<br />
{{Note|If you are using this functionality it's '''important''' to look at the installation process of the linux (or any other kernel) package. vboxhost hook will tell you if anything goes wrong.}}<br />
<br />
== Setup ==<br />
<br />
===Add usernames to the vboxusers group===<br />
Add the desired usernames to the {{ic|'''vboxusers'''}} [[group]]. Everything may work fine without this step but shared folders and possibly some other optional stuffs require it to work. The new group does not automatically apply to existing sessions; the user has to log in again or start a new environment with a command like {{Ic|newgrp}} or {{ic|sudo -u $USER -s}}.<br />
<br />
# gpasswd -a $USER vboxusers<br />
<br />
=== Loading Kernel Modules ===<br />
VirtualBox running on Linux uses its own [[kernel modules]], including a mandatory module named {{ic|vboxdrv}}, which must be loaded before virtual machines can run. It can be automatically loaded when ArchLinux starts up, or it can be loaded manually when necessary.<br />
<br />
To load the module manually:<br />
<br />
# modprobe vboxdrv<br />
<br />
To load the VirtualBox driver at startup, create a {{ic|*.conf}} file (e.g. {{ic|virtualbox.conf}}) in {{ic|/etc/[[Kernel_modules#Loading|modules-load.d]]}} that contains all modules that should be loaded:<br />
<br />
{{hc|/etc/modules-load.d/virtualbox.conf|vboxdrv}}<br />
<br />
{{Note|In order to avoid {{ic|no such file or directory}} error when loading {{ic|vboxdrv}}, you may need to update the kernel modules db with {{ic|depmod -a}}.}}<br />
<br />
To start the VirtualBox graphical manager:<br />
<br />
$ VirtualBox<br />
<br />
To ensure full functionality of bridged networking, ensure that the {{ic|vboxnetadp}}, {{ic|vboxnetflt}} and {{ic|vboxpci}} [[Kernel modules|kernel modules]] are loaded as well as the {{pkg|net-tools}} package.<br />
<br />
=== Guest additions disc ===<br />
<br />
The {{Pkg|virtualbox}} package also suggests installing {{Pkg|virtualbox-guest-iso}} on the ArchLinux host running VirtualBox. It is a disc image that can be used to install the guest additions onto guest systems. Make it available to the running guest by going to Devices and clicking ''Install Guest Additions... Host+D'', then run the guest additions installation from inside the guest.<br />
<br />
=== Booting a live disc ===<br />
<br />
Click the ''New'' button to create a new virtual environment. Name it appropriately and select Operating System type and version. Select base memory size (note: most operating systems will need at least 512&nbsp;MB to function properly). Create a new hard disk image (a hard disk image is a file that will contain the operating system's filesystem and files).<br />
<br />
When the new image has been created, click ''Settings'', then ''CD/DVD-ROM'', check ''Mount CD/DVD Drive'' then select an ISO image.<br />
<br />
=== Starting virtual machines with a service ===<br />
<br />
See [[Systemd/Services#VirtualBox virtual machines]] for details on how to setup a systemd service for each virtual machine.<br />
<br />
=== Advanced setup ===<br />
<br />
See [[VirtualBox Extras]] for advanced configuration.<br />
<br />
== Arch Linux as a guest in a Virtual Machine ==<br />
<br />
Installing Arch under VirtualBox is straightforward, and additions should be installed through pacman (following the instructions below), and not through the "Install Guest Additions" menu item in VirtualBox on your host machine, nor from a mounted ISO image.<br />
<br />
=== Install the Guest Additions ===<br />
<br />
Install the {{Pkg|virtualbox-guest-utils}} package. Manually load the modules with:<br />
<br />
# modprobe -a vboxguest vboxsf vboxvideo<br />
<br />
Create a {{ic|*.conf}} file (e.g. {{ic|virtualbox.conf}}) in {{ic|/etc/modules-load.d/}} with these lines:<br />
<br />
{{hc|/etc/modules-load.d/virtualbox.conf|<br />
vboxguest<br />
vboxsf<br />
vboxvideo}}<br />
<br />
Add the following line to the top of {{ic|~/.xinitrc}} above any {{ic|exec}} options. (create a new file if it does not exist):<br />
<br />
{{hc|~/.xinitrc|<br />
/usr/bin/VBoxClient-all}}<br />
<br />
{{Note|If you are creating a new {{ic|~/.xinitrc}} file you ''must'' also include a [[window manager]] or [[desktop environment]].}}<br />
<br />
=== Automatic re-compilation of the VirtualBox guest modules with every update of any kernel ===<br />
<br />
This is possible thanks to {{AUR|vboxguest-hook}} from the [[AUR]]. In '''vboxguest-hook''', the 'automatic re-compilation' functionality is done by a '''vboxguest hook''' on [[mkinitcpio]] after forcing to update the {{pkg|linux-headers}} package. You will need to add {{ic|vboxguest}} to the HOOKS array in {{ic|/etc/mkinitcpio.conf}}. You may need to manually recreate the initramfs after an upgrade of the {{pkg|linux-headers}} package.<br />
<br />
The hook will call the {{ic|dkms}} command to update the VirtualBox guest modules for the version of your new kernel.<br />
<br />
{{Note|If you are using this functionality, it is '''important''' to look at the installation process of the {{pkg|linux}} (or any other kernel) package. vboxguest hook will tell you if anything goes wrong.}}<br />
<br />
=== Start the sharing services ===<br />
After installing {{Pkg|virtualbox-guest-utils}} above, you should start {{ic|VBoxClient-all}} to start services for sharing the clipboard, resizing the screen, etc.<br />
* If you are running something that launches {{Ic|/etc/xdg/autostart/vboxclient.desktop}}, such as GNOME or KDE, then nothing needs to be done. <br />
* If you use {{Ic|.xinitrc}} to launch things instead, you must add the following to your {{Ic|.xinitrc}} before launching your WM.<br />
<br />
# VBoxClient-all &<br />
<br />
=== Using USB webcam / microphone ===<br />
<br />
{{Note|You will need to have VirtualBox extension pack installed before following the steps below. See [[VirtualBox_Extras#Extension_pack]] for details.}}<br />
<br />
# Make sure the virtual machine is not running and your webcam / microphone is not being used.<br />
# Bring up the main VirtualBox window and go to settings for Arch machine. Go to USB section.<br />
# Make sure "Enable USB Controller" is selected. Also make sure that "Enable USB 2.0 (EHCI) Controller" is selected too.<br />
# Click the "Add filter from device" button (the cable with the '+' icon).<br />
# Select your USB webcam/microphone device from the list.<br />
# Now click OK and start your VM.<br />
<br />
=== Using Arch under Virtualbox EFI mode ===<br />
<br />
My experience with this configuration was pretty terrible, but it does work.<br />
<br />
''UPD. Using efibootmgr has the same effect as using VirtualBox boot menu (see the note below): settings [https://www.virtualbox.org/ticket/11177 disappear] after VM shutdown.'' First, {{ic|efibootmgr}} does *not* work. It will appear to work, but all changes it makes appear to be overwritten on reboot. After performing a standard UEFI/GPT installation, reboot and you should get dumped to the EFI shell. Type exit and you will get a menu. Select the Boot Management Manager, Boot Options, Add Boot Option. Use the file browser to find the grub efi file and select it. Add a label if you want. Afterwards, select Change Boot Order from the menu, use arrow keys to select your Arch option, and {{ic|+}} to move it up to the top. GRUB should boot by default now.<br />
<br />
Other options are: 1) move your loader to {{ic|\EFI\boot\bootx64.efi}}, 2) create {{ic|\startup.nsh}} script, which executes desirable loader, like this:<br />
<br />
{{hc|\startup.nsh|<br />
HD16a0a1:\EFI\refind\refindx64.efi}}<br />
<br />
Here I'm using consistent mapping name (HD16a0a1). It is probably a good idea, because they do survive configuration changes.<br />
<br />
{{Note|Another useful way to get back to the EFI menu after autobooting is working is to press the {{ic|C}} key inside GRUB and type {{ic|exit}}. Obviously, this will only work with {{ic|grub-efi}}, not {{ic|grub-bios}}.<br><br />
Regenerating the {{ic|grub.cfg}} file may also be required to fix broken UUIDs. Check with the {{ic|lsblk -f}} command that they match.<br><br />
Yet another useful way to get to VirtualBox boot menu is pressing {{ic|F12}} right after starting virtual machine. It comes in handy when using rEFInd + EFISTUB, for example.}}<br />
<br />
=== Synchronise guest date with host ===<br />
<br />
To keep sync date and time, make sure you have {{Pkg|virtualbox-guest-utils}} installed in your host (see [[#Install the Guest Additions|above]]). Then run<br />
# systemctl enable vboxservice.service<br />
<br />
To enable the service for next boot. To start immediately, run<br />
# systemctl start vboxservice.service<br />
<br />
You also need run this daemon in order to use auto-mounting feature of shared folders that are mentioned above.<br />
<br />
=== Enable shared folders ===<br />
<br />
Shared folders are managed via the VirtualBox program on the host. They may be added, auto-mounted and made read-only from there.<br />
<br />
If automounting is enabled, and the {{ic|vboxservice}} is enabled, creating a shared folder from the VirtualBox program on the host will mount that folder in {{ic|/media/sf_''SHAREDFOLDERNAME''}} on the guest. To have that folder created on the Arch Guest, after the Guest Additions have been installed, you need to add your username to the {{ic|vboxsf}} group.<br />
<br />
# groupadd vboxsf<br />
# gpasswd -a $USER vboxsf<br />
<br />
{{Note|For '''automounting''' to work, you have to enable the '''vboxservice''' service.}}<br />
<br />
If you want a shared folder (e.g {{ic|/media/sd_Dropbox}}) to be symlinked to another folder in your home directory for easy access, you can type on the guest:<br />
<br />
$ ln -s /media/sf_Dropbox/* ~/dropbox<br />
<br />
The {{ic|VBoxLinuxAdditions.run}} script provided in the Guest Additions iso does this for you, however, Arch does not recommend using it.<br />
<br />
If shared folders are not auto-mounted, try [https://bbs.archlinux.org/viewtopic.php?id=70780 manually mount].<br />
<br />
To prevent startup problems when you're using [[systemd]], you should add {{ic|1=comment=systemd.automount}} to your {{ic|/etc/fstab}}. This way, they are mounted only when you access those mount points and not during startup. Otherwise your system might become unusable after a kernel upgrade (if you install your guest additions manually).<br />
<br />
desktop /media/desktop vboxsf uid=user,gid=group,rw,dmode=700,fmode=600,comment=systemd.automount 0 0<br />
<br />
Don't waste your time to test the {{ic|nofail}} option. {{ic|mount.vboxsf}} is not able to handle this (2012-08-20).<br />
<br />
desktop /media/desktop vboxsf uid=user,gid=group,rw,dmode=700,fmode=600,nofail 0 0<br />
<br />
== Troubleshooting ==<br />
<br />
=== modprobe Exec format error ===<br />
<br />
Make sure your system is up-to-date:<br />
pacman -Syu<br />
<br />
=== VBOX_E_INVALID_OBJECT_STATE (0x80BB0007) ===<br />
This can occur if a VM is exited ungracefully. The solution to unlock the VM is trivial:<br />
VBoxManage controlvm nArch poweroff<br />
<br />
=== USB subsystem is not working on the host or guest ===<br />
<br />
Sometimes the USB subsystem is not auto-detected resulting in an error (eg: Could not load the Host USB Proxy service: VERR_NOT_FOUND) or in a not visible USB drive on the host, even when the user is in the '''vboxusers''' group. See this topic [https://bbs.archlinux.org/viewtopic.php?id=125785] for details.<br />
<br />
USB subsystem will work if you add<br />
<br />
VBOX_USB=usbfs<br />
<br />
to {{Ic|~/.bashrc}} and reboot your system or open a new bash instance.<br />
<br />
Also make sure that your user is a member of the '''storage''' group.<br />
<br />
=== Failed to create the host-only network interface ===<br />
<br />
To be able to create a Host-Only Network Adapter or a Bridged Network Adapter the kernel modules {{ic|vboxnetadp}} and {{ic|vboxnetflt}} need to be loaded, you also need to make sure the {{pkg|net-tools}} package is installed. It's possible to load these kernel modules manually with<br />
<br />
# modprobe -a vboxnetadp vboxnetflt<br />
<br />
To load them automatically at boot, add a new line for each module to {{ic|/etc/modules-load.d/virtualbox.conf}}:<br />
<br />
vboxdrv<br />
vboxnetadp<br />
vboxnetflt<br />
<br />
{{Note|These used to be added to the {{ic|MODULES}} array in {{ic|/etc/rc.conf}}. This is now deprecated.}}<br />
<br />
More information in [https://bbs.archlinux.org/viewtopic.php?id=130581 this] topic.<br />
<br />
=== WinXP: Bit-depth cannot be greater than 16 ===<br />
<br />
If you are running at 16-bit color depth, then the icons may appear fuzzy/choppy. However, upon attempting to change the color depth to a higher level, the system may restrict you to a lower resolution or simply not enable you to change the depth at all. To fix this, run {{ic|regedit}} add the following key to the Virtual Windows XP registry:<br />
<br />
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]<br />
"ColorDepth"=dword:00000004<br />
<br />
Then update the color depth in the desktop properties window. If nothing happens, force the screen to redraw through some method (i.e. {{ic|Host+F}} to redraw/enter full screen).<br />
<br />
=== Mounting .vdi Images ===<br />
<br />
This just work with '''static''' size vdi images! '''Dynamic size won't''' be easy mountable! First we need one information from your .vdi image:<br />
<br />
$ VBoxManage internalcommands dumphdinfo Arch_64min.vdi |grep offData<br />
Header: offBlocks=4096 offData=69632<br />
<br />
Now, '''add to your''' {{ic|offData}} 32256. e.g. 32256 + 69632 = 101888<br />
<br />
Now you can mount your vdi image:<br />
<br />
# mount -t ext4 -o rw,noatime,noexec,loop,offset=101888 Arch_64min.vdi /mnt/<br />
<br />
=== Startup problems because of mount failures ===<br />
<br />
If you experience problems in a [[systemd]] setup after a kernel upgrade, you should start the system with {{ic|1=init=/bin/bash}} (if the emergency shell does not work for you).<br />
<br />
root=/dev/mapper/vg_main-lv_root ro vga=792 resume=/dev/mapper/vg_main-lv_swap init=/bin/bash<br />
<br />
Then mount the ''root''-filesystem with write access:<br />
<br />
# mount / -o remount,rw<br />
<br />
Change {{ic|/etc/fstab}} according to [[#Shared Folders as Arch Linux Guest]]. Then exec systemd within the Bash shell:<br />
<br />
# exec /bin/systemd<br />
<br />
=== Copy&Paste not working on Arch Linux Guest ===<br />
<br />
Since updating {{ic|virtualbox-guest-additions}} to version {{ic|4.2.0-2}} copy&paste from Host OS to Arch Linux Guest stopped working. It seems to be due to {{ic|VBoxClient-all}} requiring ''root'' access. In previous versions adding ''VBoxClient-all &'' to ''~/.xinitrc'' was sufficient to make copy&paste work. Update ''~/.xinitrc'' to match {{ic|sudo VBoxClient-all &}} and add the line {{ic|, NOPASSWD: /usr/bin/VBoxClient-all}} to your username in the sudoers file and restart X. It should all work again. The line in the sudoers file should look similar to this:<br />
<br />
# Allow sudo for user 'you' and let him run VBoxClient-all without requiring a password<br />
you ALL = PASSWD: ALL, NOPASSWD: /usr/bin/VBoxClient-all<br />
<br />
{{Note|Use {{ic|visudo}} to edit the sudoers file. This will check for syntax errors when saving.}}<br />
<br />
=== Use Serial port in guest OS ===<br />
Check you permission in Serial port<br />
$ /bin/ls -l /dev/ttyS*<br />
crw-rw---- 1 root uucp 4, 64 Feb 3 09:12 /dev/ttyS0<br />
crw-rw---- 1 root uucp 4, 65 Feb 3 09:12 /dev/ttyS1<br />
crw-rw---- 1 root uucp 4, 66 Feb 3 09:12 /dev/ttyS2<br />
crw-rw---- 1 root uucp 4, 67 Feb 3 09:12 /dev/ttyS3<br />
<br />
Add you user in '''uucp''' group.<br />
# gpasswd -a $USER uucp <br />
and relogin.<br />
<br />
=== Abort on resume ===<br />
There is a known bug that causes abort on resume: https://www.virtualbox.org/ticket/11289. The workaround is simple: always use Host+q or the menu to close the VM.<br />
<br />
=== System Images in Btrfs ===<br />
In 2010 there were reports that OS disk images would not start if they were attached via a virtual SATA device. It was reportedly fixed, and seemed to be. But as of around March 2013, that particular bug report has been [https://www.virtualbox.org/ticket/6905 repoened]. This can be fixed by enabling the use of the host I/O cache, which is disabled by default with virtual SATA interfaces.<br />
<br />
=== vagrant up Issue ===<br />
With the latest version of Virtualbox(4.2.14-1) the {{ic|vagrant up}} command end up in a failure:<br />
<br />
Command: ["import", <br />
"/Users/username/.vagrant.d/boxes/precise32/virtualbox/box.ovf"]<br />
Stderr: 0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%<br />
Interpreting <br />
/Users/username/.vagrant.d/boxes/precise32/virtualbox/box.ovf...<br />
OK.<br />
0%...<br />
Progress object failure: NS_ERROR_CALL_FAILED<br />
<br />
Until the [https://www.virtualbox.org/ticket/11895 fix] makes it into a release you will need to workaround or downgrade VirtualBox.<br />
<br />
Workaround by creating manifests for each box in {{ic|~/.vagrant.d/boxes/BoxName/virtualbox}}:<br />
<br />
openssl sha1 *.vmdk *.ovf > box.mf<br />
<br />
You can downgrade Virtualbox. If you have the old package file inside your cache just downgrade it via:<br />
<br />
sudo pacman -U /var/cache/pacman/pkg/virtualbox-4.2.12-3-x86_64.pkg.tar.xz<br />
<br />
This error seems to appear on all platforms: http://www.marshut.com/pzisi/progress-object-failure-ns-error-call-failed-when-running-vagrant-up-in-getting-started-guide.html#qhihz<br />
<br />
It's unclean for the moment. It could be regression inside Virtualbox or a issue inside Vagrant. When you delete the cache you can downgrade via ArchLinux [https://aur.archlinux.org/packages/downgrader/ downgrader ] (I didn't test it correctly, but I assume this works, else<br />
check the wiki page for downgrading: https://wiki.archlinux.org/index.php/Downgrading_Packages)<br />
<br />
For more Information, check the issue page on github [https://github.com/mitchellh/vagrant/issues/1847 Clean install on OS X 10.8.4 w/ latest VirtualBox not working]<br />
<br />
According to the [https://twitter.com/mitchellh/status/348886504728305664 Vagrant creator on Twitter], this is a VirtualBox bug. On 2013-06-25, he said that they fixed the bug in SVN, and he's waiting on a release. Also, I can confirm that this is a multi-platform issue, 4.2.14 was broken for me on Win7.<br />
<br />
This issue has been solved inside the virtualbox release virtualbox-4.2.16-1<br />
<br />
===Access to shared folders hangs===<br />
Access to a shared folder on the host from a guest running 3.11 kernel can hang. There is a fix upstream, but it has not yet (as of 26 Sept 2013) made its way to the guest additions package. Here's the fix:<br />
<br />
[https://www.virtualbox.org/changeset/48529/vbox Changeset 48529 in vbox]<br />
<br />
See also:<br />
<br />
[https://forums.virtualbox.org/viewtopic.php?f=8&t=57487 Mounted folders hang since last kernel upgrade]<br />
<br />
I was able to fix this by downgrading my kernel and modules:<br />
<br />
# pacman -U /var/cache/pacman/pkg/linux-3.9.5-1-i686.pkg.tar.xz /var/cache/pacman/pkg/virtualbox-guest-modules-4.2.12-7-i686.pkg.tar.xz<br />
<br />
== External links ==<br />
<br />
* [http://www.virtualbox.org/manual/UserManual.html VirtualBox User Manual]</div>JimReeshttps://wiki.archlinux.org/index.php?title=VirtualBox&diff=276706VirtualBox2013-09-26T19:21:53Z<p>JimRees: Access to shared folders hangs</p>
<hr />
<div>[[Category:Emulators]]<br />
[[Category:Virtualization]]<br />
[[cs:VirtualBox]]<br />
[[de:VirtualBox]]<br />
[[es:VirtualBox]]<br />
[[fr:VirtualBox]]<br />
[[hu:VirtualBox]]<br />
[[it:VirtualBox]]<br />
[[ja:VirtualBox]]<br />
[[pt:VirtualBox]]<br />
[[ru:VirtualBox]]<br />
[[zh-CN:VirtualBox]]<br />
{{Article summary start}}<br />
{{Article summary text|This article is about basic usage of VirtualBox, including running the VirtualBox software within an Arch ''host'', and running an Arch ''guest'' inside a VirtualBox virtual machine.}}<br />
{{Article summary heading|Required software}}<br />
{{Article summary link|VirtualBox|https://www.virtualbox.org}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|VirtualBox Extras}}<br />
{{Article summary wiki|PhpVirtualBox}}<br />
{{Article summary wiki|VirtualBox Arch Linux Guest On Physical Drive}}<br />
{{Article summary wiki|Installing Arch Linux from VirtualBox}}<br />
{{Article summary wiki|Moving an existing install into (or out of) a virtual machine}}<br />
{{Article summary end}}<br />
<br />
'''VirtualBox''' is a virtual PC emulator like [[VMware]]. It is in constant development and new features are implemented all the time. e.g. version 2.2 introduced OpenGL 3D acceleration support for Linux and Solaris guests. It has a [[Qt]] GUI interface, as well as headless and [[Wikipedia:SDL|SDL]] command line tools for managing and running virtual machines. It includes ''guest additions'' for some guest operating systems, which integrate functions of the guest and host systems, including sharing files, the clipboard, video acceleration and a “seamless” window integration mode.<br />
<br />
{{Wikipedia|VirtualBox}}<br />
<br />
== Installation on host ==<br />
<br />
The basic GPL-licensed VirtualBox suite can be [[pacman|installed]] with the {{Pkg|virtualbox}} package from the [[official repositories]].<br />
<br />
The {{pkg|virtualbox-host-modules}} package, which contains the precompiled modules for the stock archlinux kernel, should be installed with it. If you are using the {{pkg|linux-lts}} kernel you should also install the {{pkg|virtualbox-host-modules-lts}} package. For custom kernels, read [[#Hosts running a custom kernel|the section below]].<br />
<br />
In order to use the graphical interface, based on [[Qt]] ({{ic|VirtualBox}} command), you will also need to install the {{Pkg|qt4}} package. This is not required for the simpler SDL-only GUI ({{ic|VBoxSDL}} command) nor for the {{ic|VBoxHeadless}} command.<br />
<br />
=== Hosts running a custom kernel ===<br />
<br />
VirtualBox works fine with custom kernels such as [[Linux-ck]] ''without'' the need to keep any of the official Arch kernel packages on the system. As these official kernel packages are dependencies of {{ic|virtualbox-host-modules}}, if you want to prevent pacman from installing these unneeded packages, please install the {{Pkg|virtualbox-host-dkms}} package instead. The latter comes bundled with the source of the virtualbox kernel modules that will be used to generate these modules for your kernel. See {{Bug|26721}} for further explanations.<br />
<br />
Once {{Pkg|virtualbox-host-dkms}} is installed, simply generate the kernel modules for your custom kernel by running:<br />
# dkms install vboxhost/<virtualbox-host-source version> -k <your custom kernel's version>/<your architecture><br />
<br />
or use this automatic command:<br />
# dkms install vboxhost/$(pacman -Q virtualbox|awk {'print $2'}|sed 's/\-.\+//') -k $(uname -rm|sed 's/\ /\//')<br />
<br />
{{Note|If you are getting an error like {{ic|Your kernel headers for kernel <your custom kernel's version> cannot be found at/usr/lib/modules/<your custom kernel's version>/build or /usr/lib/modules/<your custom kernel's version>/source}}, you're probably missing {{Pkg|linux-headers}}.}}<br />
<br />
After the VirtualBox module has been created, load it:<br />
# modprobe vboxdrv<br />
<br />
To load/compile the virtualbox module automatically at startup you can enable {{ic|dkms.service}}:<br />
# systemctl enable dkms.service<br />
<br />
==== Automatic re-compilation of the virtualbox host modules with every update of any kernel====<br />
<br />
This is possible thanks to {{AUR|vboxhost-hook}} from the [[AUR]]. In '''vboxhost-hook''', the 'automatic re-compilation' functionality is done by a '''vboxhost hook''' on [[mkinitcpio]] after forcing to update the {{Pkg|linux-headers}} package. You will need to add 'vboxhost' to the HOOKS array in {{ic|/etc/mkinitcpio.conf}}, as well as 'linux-headers' and your custom kernel(s) headers to the SyncFirst array in {{ic|/etc/pacman.conf}} for this to work.<br />
<br />
{{Warning|The SyncFirst option is no longer available as of pacman 4.1. Use<br />
<br />
# pacman -Sy linux-headers && pacman -Su<br />
<br />
instead to manually cause linux-headers to be updated first. See [https://mailman.archlinux.org/pipermail/arch-general/2013-April/033297.html This explanation].}}<br />
<br />
The hook will call the '''dkms''' command to update the virtualbox host modules for the version of your new kernel.<br />
<br />
{{Note|If you are using this functionality it's '''important''' to look at the installation process of the linux (or any other kernel) package. vboxhost hook will tell you if anything goes wrong.}}<br />
<br />
== Setup ==<br />
<br />
===Add usernames to the vboxusers group===<br />
Add the desired usernames to the {{ic|'''vboxusers'''}} [[group]]. Everything may work fine without this step but shared folders and possibly some other optional stuffs require it to work. The new group does not automatically apply to existing sessions; the user has to log in again or start a new environment with a command like {{Ic|newgrp}} or {{ic|sudo -u $USER -s}}.<br />
<br />
# gpasswd -a $USER vboxusers<br />
<br />
=== Loading Kernel Modules ===<br />
VirtualBox running on Linux uses its own [[kernel modules]], including a mandatory module named {{ic|vboxdrv}}, which must be loaded before virtual machines can run. It can be automatically loaded when ArchLinux starts up, or it can be loaded manually when necessary.<br />
<br />
To load the module manually:<br />
<br />
# modprobe vboxdrv<br />
<br />
To load the VirtualBox driver at startup, create a {{ic|*.conf}} file (e.g. {{ic|virtualbox.conf}}) in {{ic|/etc/[[Kernel_modules#Loading|modules-load.d]]}} that contains all modules that should be loaded:<br />
<br />
{{hc|/etc/modules-load.d/virtualbox.conf|vboxdrv}}<br />
<br />
{{Note|In order to avoid {{ic|no such file or directory}} error when loading {{ic|vboxdrv}}, you may need to update the kernel modules db with {{ic|depmod -a}}.}}<br />
<br />
To start the VirtualBox graphical manager:<br />
<br />
$ VirtualBox<br />
<br />
To ensure full functionality of bridged networking, ensure that the {{ic|vboxnetadp}}, {{ic|vboxnetflt}} and {{ic|vboxpci}} [[Kernel modules|kernel modules]] are loaded as well as the {{pkg|net-tools}} package.<br />
<br />
=== Guest additions disc ===<br />
<br />
The {{Pkg|virtualbox}} package also suggests installing {{Pkg|virtualbox-guest-iso}} on the ArchLinux host running VirtualBox. It is a disc image that can be used to install the guest additions onto guest systems. Make it available to the running guest by going to Devices and clicking ''Install Guest Additions... Host+D'', then run the guest additions installation from inside the guest.<br />
<br />
=== Booting a live disc ===<br />
<br />
Click the ''New'' button to create a new virtual environment. Name it appropriately and select Operating System type and version. Select base memory size (note: most operating systems will need at least 512&nbsp;MB to function properly). Create a new hard disk image (a hard disk image is a file that will contain the operating system's filesystem and files).<br />
<br />
When the new image has been created, click ''Settings'', then ''CD/DVD-ROM'', check ''Mount CD/DVD Drive'' then select an ISO image.<br />
<br />
=== Starting virtual machines with a service ===<br />
<br />
See [[Systemd/Services#VirtualBox virtual machines]] for details on how to setup a systemd service for each virtual machine.<br />
<br />
=== Advanced setup ===<br />
<br />
See [[VirtualBox Extras]] for advanced configuration.<br />
<br />
== Arch Linux as a guest in a Virtual Machine ==<br />
<br />
Installing Arch under VirtualBox is straightforward, and additions should be installed through pacman (following the instructions below), and not through the "Install Guest Additions" menu item in VirtualBox on your host machine, nor from a mounted ISO image.<br />
<br />
=== Install the Guest Additions ===<br />
<br />
Install the {{Pkg|virtualbox-guest-utils}} package. Manually load the modules with:<br />
<br />
# modprobe -a vboxguest vboxsf vboxvideo<br />
<br />
Create a {{ic|*.conf}} file (e.g. {{ic|virtualbox.conf}}) in {{ic|/etc/modules-load.d/}} with these lines:<br />
<br />
{{hc|/etc/modules-load.d/virtualbox.conf|<br />
vboxguest<br />
vboxsf<br />
vboxvideo}}<br />
<br />
Add the following line to the top of {{ic|~/.xinitrc}} above any {{ic|exec}} options. (create a new file if it does not exist):<br />
<br />
{{hc|~/.xinitrc|<br />
/usr/bin/VBoxClient-all}}<br />
<br />
{{Note|If you are creating a new {{ic|~/.xinitrc}} file you ''must'' also include a [[window manager]] or [[desktop environment]].}}<br />
<br />
=== Automatic re-compilation of the VirtualBox guest modules with every update of any kernel ===<br />
<br />
This is possible thanks to {{AUR|vboxguest-hook}} from the [[AUR]]. In '''vboxguest-hook''', the 'automatic re-compilation' functionality is done by a '''vboxguest hook''' on [[mkinitcpio]] after forcing to update the {{pkg|linux-headers}} package. You will need to add {{ic|vboxguest}} to the HOOKS array in {{ic|/etc/mkinitcpio.conf}}. You may need to manually recreate the initramfs after an upgrade of the {{pkg|linux-headers}} package.<br />
<br />
The hook will call the {{ic|dkms}} command to update the VirtualBox guest modules for the version of your new kernel.<br />
<br />
{{Note|If you are using this functionality, it is '''important''' to look at the installation process of the {{pkg|linux}} (or any other kernel) package. vboxguest hook will tell you if anything goes wrong.}}<br />
<br />
=== Start the sharing services ===<br />
After installing {{Pkg|virtualbox-guest-utils}} above, you should start {{ic|VBoxClient-all}} to start services for sharing the clipboard, resizing the screen, etc.<br />
* If you are running something that launches {{Ic|/etc/xdg/autostart/vboxclient.desktop}}, such as GNOME or KDE, then nothing needs to be done. <br />
* If you use {{Ic|.xinitrc}} to launch things instead, you must add the following to your {{Ic|.xinitrc}} before launching your WM.<br />
<br />
# VBoxClient-all &<br />
<br />
=== Using USB webcam / microphone ===<br />
<br />
{{Note|You will need to have VirtualBox extension pack installed before following the steps below. See [[VirtualBox_Extras#Extension_pack]] for details.}}<br />
<br />
# Make sure the virtual machine is not running and your webcam / microphone is not being used.<br />
# Bring up the main VirtualBox window and go to settings for Arch machine. Go to USB section.<br />
# Make sure "Enable USB Controller" is selected. Also make sure that "Enable USB 2.0 (EHCI) Controller" is selected too.<br />
# Click the "Add filter from device" button (the cable with the '+' icon).<br />
# Select your USB webcam/microphone device from the list.<br />
# Now click OK and start your VM.<br />
<br />
=== Using Arch under Virtualbox EFI mode ===<br />
<br />
My experience with this configuration was pretty terrible, but it does work.<br />
<br />
''UPD. Using efibootmgr has the same effect as using VirtualBox boot menu (see the note below): settings [https://www.virtualbox.org/ticket/11177 disappear] after VM shutdown.'' First, {{ic|efibootmgr}} does *not* work. It will appear to work, but all changes it makes appear to be overwritten on reboot. After performing a standard UEFI/GPT installation, reboot and you should get dumped to the EFI shell. Type exit and you will get a menu. Select the Boot Management Manager, Boot Options, Add Boot Option. Use the file browser to find the grub efi file and select it. Add a label if you want. Afterwards, select Change Boot Order from the menu, use arrow keys to select your Arch option, and {{ic|+}} to move it up to the top. GRUB should boot by default now.<br />
<br />
Other options are: 1) move your loader to {{ic|\EFI\boot\bootx64.efi}}, 2) create {{ic|\startup.nsh}} script, which executes desirable loader, like this:<br />
<br />
{{hc|\startup.nsh|<br />
HD16a0a1:\EFI\refind\refindx64.efi}}<br />
<br />
Here I'm using consistent mapping name (HD16a0a1). It is probably a good idea, because they do survive configuration changes.<br />
<br />
{{Note|Another useful way to get back to the EFI menu after autobooting is working is to press the {{ic|C}} key inside GRUB and type {{ic|exit}}. Obviously, this will only work with {{ic|grub-efi}}, not {{ic|grub-bios}}.<br><br />
Regenerating the {{ic|grub.cfg}} file may also be required to fix broken UUIDs. Check with the {{ic|lsblk -f}} command that they match.<br><br />
Yet another useful way to get to VirtualBox boot menu is pressing {{ic|F12}} right after starting virtual machine. It comes in handy when using rEFInd + EFISTUB, for example.}}<br />
<br />
=== Synchronise guest date with host ===<br />
<br />
To keep sync date and time, make sure you have {{Pkg|virtualbox-guest-utils}} installed in your host (see [[#Install the Guest Additions|above]]). Then run<br />
# systemctl enable vboxservice.service<br />
<br />
To enable the service for next boot. To start immediately, run<br />
# systemctl start vboxservice.service<br />
<br />
You also need run this daemon in order to use auto-mounting feature of shared folders that are mentioned above.<br />
<br />
=== Enable shared folders ===<br />
<br />
Shared folders are managed via the VirtualBox program on the host. They may be added, auto-mounted and made read-only from there.<br />
<br />
If automounting is enabled, and the {{ic|vboxservice}} is enabled, creating a shared folder from the VirtualBox program on the host will mount that folder in {{ic|/media/sf_''SHAREDFOLDERNAME''}} on the guest. To have that folder created on the Arch Guest, after the Guest Additions have been installed, you need to add your username to the {{ic|vboxsf}} group.<br />
<br />
# groupadd vboxsf<br />
# gpasswd -a $USER vboxsf<br />
<br />
{{Note|For '''automounting''' to work, you have to enable the '''vboxservice''' service.}}<br />
<br />
If you want a shared folder (e.g {{ic|/media/sd_Dropbox}}) to be symlinked to another folder in your home directory for easy access, you can type on the guest:<br />
<br />
$ ln -s /media/sf_Dropbox/* ~/dropbox<br />
<br />
The {{ic|VBoxLinuxAdditions.run}} script provided in the Guest Additions iso does this for you, however, Arch does not recommend using it.<br />
<br />
If shared folders are not auto-mounted, try [https://bbs.archlinux.org/viewtopic.php?id=70780 manually mount].<br />
<br />
To prevent startup problems when you're using [[systemd]], you should add {{ic|1=comment=systemd.automount}} to your {{ic|/etc/fstab}}. This way, they are mounted only when you access those mount points and not during startup. Otherwise your system might become unusable after a kernel upgrade (if you install your guest additions manually).<br />
<br />
desktop /media/desktop vboxsf uid=user,gid=group,rw,dmode=700,fmode=600,comment=systemd.automount 0 0<br />
<br />
Don't waste your time to test the {{ic|nofail}} option. {{ic|mount.vboxsf}} is not able to handle this (2012-08-20).<br />
<br />
desktop /media/desktop vboxsf uid=user,gid=group,rw,dmode=700,fmode=600,nofail 0 0<br />
<br />
== Troubleshooting ==<br />
<br />
=== modprobe Exec format error ===<br />
<br />
Make sure your system is up-to-date:<br />
pacman -Syu<br />
<br />
=== VBOX_E_INVALID_OBJECT_STATE (0x80BB0007) ===<br />
This can occur if a VM is exited ungracefully. The solution to unlock the VM is trivial:<br />
VBoxManage controlvm nArch poweroff<br />
<br />
=== USB subsystem is not working on the host or guest ===<br />
<br />
Sometimes the USB subsystem is not auto-detected resulting in an error (eg: Could not load the Host USB Proxy service: VERR_NOT_FOUND) or in a not visible USB drive on the host, even when the user is in the '''vboxusers''' group. See this topic [https://bbs.archlinux.org/viewtopic.php?id=125785] for details.<br />
<br />
USB subsystem will work if you add<br />
<br />
VBOX_USB=usbfs<br />
<br />
to {{Ic|~/.bashrc}} and reboot your system or open a new bash instance.<br />
<br />
Also make sure that your user is a member of the '''storage''' group.<br />
<br />
=== Failed to create the host-only network interface ===<br />
<br />
To be able to create a Host-Only Network Adapter or a Bridged Network Adapter the kernel modules {{ic|vboxnetadp}} and {{ic|vboxnetflt}} need to be loaded, you also need to make sure the {{pkg|net-tools}} package is installed. It's possible to load these kernel modules manually with<br />
<br />
# modprobe -a vboxnetadp vboxnetflt<br />
<br />
To load them automatically at boot, add a new line for each module to {{ic|/etc/modules-load.d/virtualbox.conf}}:<br />
<br />
vboxdrv<br />
vboxnetadp<br />
vboxnetflt<br />
<br />
{{Note|These used to be added to the {{ic|MODULES}} array in {{ic|/etc/rc.conf}}. This is now deprecated.}}<br />
<br />
More information in [https://bbs.archlinux.org/viewtopic.php?id=130581 this] topic.<br />
<br />
=== WinXP: Bit-depth cannot be greater than 16 ===<br />
<br />
If you are running at 16-bit color depth, then the icons may appear fuzzy/choppy. However, upon attempting to change the color depth to a higher level, the system may restrict you to a lower resolution or simply not enable you to change the depth at all. To fix this, run {{ic|regedit}} add the following key to the Virtual Windows XP registry:<br />
<br />
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services]<br />
"ColorDepth"=dword:00000004<br />
<br />
Then update the color depth in the desktop properties window. If nothing happens, force the screen to redraw through some method (i.e. {{ic|Host+F}} to redraw/enter full screen).<br />
<br />
=== Mounting .vdi Images ===<br />
<br />
This just work with '''static''' size vdi images! '''Dynamic size won't''' be easy mountable! First we need one information from your .vdi image:<br />
<br />
$ VBoxManage internalcommands dumphdinfo Arch_64min.vdi |grep offData<br />
Header: offBlocks=4096 offData=69632<br />
<br />
Now, '''add to your''' {{ic|offData}} 32256. e.g. 32256 + 69632 = 101888<br />
<br />
Now you can mount your vdi image:<br />
<br />
# mount -t ext4 -o rw,noatime,noexec,loop,offset=101888 Arch_64min.vdi /mnt/<br />
<br />
=== Startup problems because of mount failures ===<br />
<br />
If you experience problems in a [[systemd]] setup after a kernel upgrade, you should start the system with {{ic|1=init=/bin/bash}} (if the emergency shell does not work for you).<br />
<br />
root=/dev/mapper/vg_main-lv_root ro vga=792 resume=/dev/mapper/vg_main-lv_swap init=/bin/bash<br />
<br />
Then mount the ''root''-filesystem with write access:<br />
<br />
# mount / -o remount,rw<br />
<br />
Change {{ic|/etc/fstab}} according to [[#Shared Folders as Arch Linux Guest]]. Then exec systemd within the Bash shell:<br />
<br />
# exec /bin/systemd<br />
<br />
=== Copy&Paste not working on Arch Linux Guest ===<br />
<br />
Since updating {{ic|virtualbox-guest-additions}} to version {{ic|4.2.0-2}} copy&paste from Host OS to Arch Linux Guest stopped working. It seems to be due to {{ic|VBoxClient-all}} requiring ''root'' access. In previous versions adding ''VBoxClient-all &'' to ''~/.xinitrc'' was sufficient to make copy&paste work. Update ''~/.xinitrc'' to match {{ic|sudo VBoxClient-all &}} and add the line {{ic|, NOPASSWD: /usr/bin/VBoxClient-all}} to your username in the sudoers file and restart X. It should all work again. The line in the sudoers file should look similar to this:<br />
<br />
# Allow sudo for user 'you' and let him run VBoxClient-all without requiring a password<br />
you ALL = PASSWD: ALL, NOPASSWD: /usr/bin/VBoxClient-all<br />
<br />
{{Note|Use {{ic|visudo}} to edit the sudoers file. This will check for syntax errors when saving.}}<br />
<br />
=== Use Serial port in guest OS ===<br />
Check you permission in Serial port<br />
$ /bin/ls -l /dev/ttyS*<br />
crw-rw---- 1 root uucp 4, 64 Feb 3 09:12 /dev/ttyS0<br />
crw-rw---- 1 root uucp 4, 65 Feb 3 09:12 /dev/ttyS1<br />
crw-rw---- 1 root uucp 4, 66 Feb 3 09:12 /dev/ttyS2<br />
crw-rw---- 1 root uucp 4, 67 Feb 3 09:12 /dev/ttyS3<br />
<br />
Add you user in '''uucp''' group.<br />
# gpasswd -a $USER uucp <br />
and relogin.<br />
<br />
=== Abort on resume ===<br />
There is a known bug that causes abort on resume: https://www.virtualbox.org/ticket/11289. The workaround is simple: always use Host+q or the menu to close the VM.<br />
<br />
=== System Images in Btrfs ===<br />
In 2010 there were reports that OS disk images would not start if they were attached via a virtual SATA device. It was reportedly fixed, and seemed to be. But as of around March 2013, that particular bug report has been [https://www.virtualbox.org/ticket/6905 repoened]. This can be fixed by enabling the use of the host I/O cache, which is disabled by default with virtual SATA interfaces.<br />
<br />
=== vagrant up Issue ===<br />
With the latest version of Virtualbox(4.2.14-1) the {{ic|vagrant up}} command end up in a failure:<br />
<br />
Command: ["import", <br />
"/Users/username/.vagrant.d/boxes/precise32/virtualbox/box.ovf"]<br />
Stderr: 0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%<br />
Interpreting <br />
/Users/username/.vagrant.d/boxes/precise32/virtualbox/box.ovf...<br />
OK.<br />
0%...<br />
Progress object failure: NS_ERROR_CALL_FAILED<br />
<br />
Until the [https://www.virtualbox.org/ticket/11895 fix] makes it into a release you will need to workaround or downgrade VirtualBox.<br />
<br />
Workaround by creating manifests for each box in {{ic|~/.vagrant.d/boxes/BoxName/virtualbox}}:<br />
<br />
openssl sha1 *.vmdk *.ovf > box.mf<br />
<br />
You can downgrade Virtualbox. If you have the old package file inside your cache just downgrade it via:<br />
<br />
sudo pacman -U /var/cache/pacman/pkg/virtualbox-4.2.12-3-x86_64.pkg.tar.xz<br />
<br />
This error seems to appear on all platforms: http://www.marshut.com/pzisi/progress-object-failure-ns-error-call-failed-when-running-vagrant-up-in-getting-started-guide.html#qhihz<br />
<br />
It's unclean for the moment. It could be regression inside Virtualbox or a issue inside Vagrant. When you delete the cache you can downgrade via ArchLinux [https://aur.archlinux.org/packages/downgrader/ downgrader ] (I didn't test it correctly, but I assume this works, else<br />
check the wiki page for downgrading: https://wiki.archlinux.org/index.php/Downgrading_Packages)<br />
<br />
For more Information, check the issue page on github [https://github.com/mitchellh/vagrant/issues/1847 Clean install on OS X 10.8.4 w/ latest VirtualBox not working]<br />
<br />
According to the [https://twitter.com/mitchellh/status/348886504728305664 Vagrant creator on Twitter], this is a VirtualBox bug. On 2013-06-25, he said that they fixed the bug in SVN, and he's waiting on a release. Also, I can confirm that this is a multi-platform issue, 4.2.14 was broken for me on Win7.<br />
<br />
This issue has been solved inside the virtualbox release virtualbox-4.2.16-1<br />
<br />
===Access to shared folders hangs===<br />
Access to a shared folder on the host from a guest running 3.11 kernel can hang. There is a fix upstream, but it has not yet (as of 26 Sept 2013) made its way to the guest additions package. Here's the fix:<br />
<br />
[https://www.virtualbox.org/changeset/48529/vbox Changeset 48529 in vbox]<br />
<br />
See also:<br />
<br />
[https://forums.virtualbox.org/viewtopic.php?f=8&t=57487 Mounted folders hang since last kernel upgrade]<br />
<br />
== External links ==<br />
<br />
* [http://www.virtualbox.org/manual/UserManual.html VirtualBox User Manual]</div>JimReeshttps://wiki.archlinux.org/index.php?title=Lenovo_ThinkPad_T400&diff=258058Lenovo ThinkPad T4002013-05-20T19:37:15Z<p>JimRees: /* Synaptic, UltraNav */ xf86-input-synaptics package</p>
<hr />
<div>[[Category:Lenovo]]<br />
{{Article summary start}}<br />
{{Article summary text|Installation instructions for the Lenovo ThinkPad T400}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Lenovo ThinkPad T400s}}<br />
{{Article summary end}}<br />
{{Poor writing|Numerous spelling, grammar, and style issues.}}<br />
<br />
==System Specification==<br />
<br />
Note, [http://en.wikipedia.org/wiki/ThinkPad_T_Series ThinkPad T400] is available in a few hardware variants. Check the [http://www.thinkwiki.org ThinkWiki] where details of hardware specification are discussed in the [http://www.thinkwiki.org/wiki/Category:T400 T400] category.<br />
<br />
Below is an overview of the T400 specifications as originally used to start this article:<br />
<br />
*CPU : Intel® Core™2 Duo Processor T9400 (6M Cache, 2.53 GHz, 1066 MHz FSB)<br />
*Memory : 3GB PC3-8500 DDR3<br />
*WiFi : Intel WiFi Link 5300<br />
*Hard-Drive : 160GB, 7200rpm<br />
*Optical Drive : DVD Recordable<br />
*Integrated Graphics : Intel 4500MHD<br />
*Discrete Graphics : AMD M82XT Hybrid 256 MB (ATI Mobility Radeon HD 3470)<br />
*Screen : 14.1" WXGA+ TFT with LED Backlight<br />
*Gigabit Ethernet, Modem<br />
*Express Card & PC Card Slots<br />
*Integrated Bluetooth PAN<br />
*No camera<br />
*No fingerprint reader<br />
*No Intel Turbo Memory<br />
<br />
==Network==<br />
===Ethernet===<br />
The [[kernel module]] to get the network card to work is {{ic|e1000e}}.<br />
<br />
===Wireless===<br />
Lenovo offers different options in wireless hardware:<br />
<br />
====Intel chipset====<br />
*Wifi link 5100 and 5300<br />
<br />
The drivers are included in the 2.6.27 kernel. However, it's important to make sure that you have the correct firmware. I installed the iwlwifi-5000-ucode. See [[Wireless#iwl3945.2C_iwl4965_and_iwl5000-series|this section]] for more details.<br />
<br />
Since the 2.6.34 kernel update, the firmware files were moved to the {{ic|linux-firmware}} package. Manually installing other firmware packages is not required.<br />
<br />
====Realtek chipset====<br />
<br />
*Rtl8192SE<br />
11b/g/n Wireless Lan Mini-PCI Express Adapter II<br />
03:00.0 Network controller: Realtek Semiconductor Co., Ltd. Device 8172 (rev 10)<br />
<br />
See http://www.thinkwiki.org/wiki/ThinkPad_11b/g/n_Wireless_LAN_Mini-PCI_Express_Adapter_II for more details.<br />
<br />
See [[Wireless Setup#rtl8192s]].<br />
<br />
===Modem===<br />
There is a module "hsfmodem" provided by http://www.linuxant.com/.<br />
<br />
===Bluetooth===<br />
<br />
If you have [http://www.thinkwiki.org/wiki/Thinkpad-acpi thinkpad-acpi] kernel module loaded, you can enable and disable Bluetooth from command line. To enable:<br />
<br />
{{bc|# echo 1 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable:<br />
<br />
{{bc|# echo 0 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable or enable Bluetooth at startup, add one of the above commands to {{ic|/etc/rc.local}}.<br />
<br />
The bluetooth module requires {{ic|uhci_hcd}}. Make sure {{ic|/etc/modprobe.d/modprobe.conf}} does not blacklist it.<br />
<br />
For everything else related to Bluetooth, follow the procedure described in [[Bluetooth]] section of the Arch Wiki.<br />
<br />
==Graphics/Xorg Configuration==<br />
Note that it's possible to switch the graphics adapter by only restarting X, but It's quite useless since you can't power up/down a graphic-card without rebooting. So it's either both graphic-card on at all times, or do the switching in the BIOS.<br />
<br />
So please press the ThinkVantag-button» during boot up and enable either the Integrated or the Discrete graphics cards in your BIOS's "Config->Display" menu.<br />
<br />
===Integrated Graphics===<br />
After installing [[Xorg#Installing_Xorg|xorg]], I installed the [[Intel|xf86-video-intel drivers]].<br />
<br />
===Discrete Graphics===<br />
All 3 ATI drivers worked. That is both [[ATI#Open-Source_ATI_Drivers|open-source drivers]] (<code>xf86-video-ati</code> and <code>xf86-video-radeonhd</code>) and [[ATI#ATI_Catalyst_proprietary_driver|fglrx]] (the <code>catalyst</code> proprietary drivers).<br />
<br />
I could not get the <code>xf86-video-radeonhd</code> drivers to detect my external monitor, but <code>xf86-video-ati</code> worked fine. Remember to remove <code>catalyst</code> and <code>catalyst-utils</code> and reboot before using an [[ATI#Open-Source_ATI_Drivers|open source ATI drivers]]. ATI uses its own OpenGL library in its proprietary drivers, which is included in <code>catalyst-utils</code> and conflicts with libgl. As it did with the integrated graphics, running '''X -configure''' generated a working xorg.conf.<br />
<br />
To get the [[ATI#ATI_Catalyst_proprietary_driver|catalyst drivers]] working, you do have to [[ATI#Configuration|configure]] your xorg.conf properly. I used '''aticonfig --initial''' to generate a working xorg.conf. I did encounter a problem that I have not been able to solve yet : resizing a window in a compositing window manager takes 1-2 seconds. This makes the drivers pretty much unusable.<br />
<br />
===Switchable Graphics===<br />
Is currently not supported by the kernel. You can enable switchable-graphics in the BIOS and make Xorg do the switching, but then both cards will always use power and generate lots of heat. See the [http://en.gentoo-wiki.com/wiki/Lenovo_ThinkPad_T400#Getting_both_to_work| gentoo-wiki] to keep up too date on the issue.<br />
<br />
You can also try David Arlile's patch to power off the unused card. See http://airlied.livejournal.com/71434.html and http://linux-hybrid-graphics.blogspot.com/.<br />
<br />
===Hotplugging===<br />
If you want to enable [[Xorg_input_hotplugging|hotplugging]] you probably do not need a xorg.conf. But if you are using xf86-video-ati you might temporarely need to disable [[KMS]], by adding "nomodeset" to your kernel-line in "/boot/grub/menu.lst". If you do not want to disable KMS you can probably install some radeon firmware, see the [[Ati#Kernel_mode-setting_.28KMS.29|Ati-wiki]].<br />
<br />
Since all the mouse/keyboard configuration is taken care of by [[HAL]] you will need some config files in "/etc/hal/fdi/policy/"<br />
For instant "mouse-wheel.fdi" to enable TrackPoint-scrolling:<br />
<br />
<match key="info.product" string="TPPS/2 IBM TrackPoint"><br />
<merge key="input.x11_options.EmulateWheel" type="string">true</merge><br />
<merge key="input.x11_options.EmulateWheelButton" type="string">2</merge><br />
<merge key="input.x11_options.YAxisMapping" type="string">4 5</merge><br />
<merge key="input.x11_options.XAxisMapping" type="string">6 7</merge><br />
<merge key="input.x11_options.Emulate3Buttons" type="string">true</merge><br />
<merge key="input.x11_options.EmulateWheelTimeout" type="string">200</merge><br />
</match><br />
<br />
More information in the TrackPoint can be found here: http://www.thinkwiki.org/wiki/How_to_configure_the_TrackPoint.<br />
The Keyboard layout is controlled by "/etc/hal/fdi/policy/10-keymap.fdi" Modify it like [[Xorg_input_hotplugging#Modifying_hal_configuration|this]] to<br />
change your layout. If you have any more questions on hotplugging (like how to enable [[Touchpad_Synaptics#Configuration_via_HAL_policies_.28hotplugging_enabled.29|tapping]]), take a look at it's [[Xorg_input_hotplugging|wiki page]].<br />
<br />
===Synaptic, UltraNav===<br />
You may need to install the {{ic|xf86-input-synaptics}} package.<br />
<br />
If you want to be able to use horizontal and vertical scroll with your touchpad add this lines to your xorg.conf<br />
<br />
Section "Module"<br />
......<br />
Load "synaptics"<br />
EndSection<br />
<br />
Section "InputDevice"<br />
Identifier "Touchpad"<br />
Driver "synaptics"<br />
Option "AlwaysCore"<br />
Option "Device" "/dev/input/mouse1"<br />
Option "Protocol" "auto-dev"<br />
Option "SendCoreEvents" "true"<br />
Option "LeftEdge" "1632"<br />
Option "RightEdge" "5312"<br />
Option "TopEdge" "1575"<br />
Option "BottomEdge" "4281"<br />
Option "FingerLow" "25"<br />
Option "FingerHigh" "30"<br />
Option "MaxTapTime" "180"<br />
Option "MaxTapMove" "220"<br />
Option "VertScrollDelta" "100"<br />
Option "MinSpeed" "0.06"<br />
Option "MaxSpeed" "0.12"<br />
Option "AccelFactor" "0.0010"<br />
Option "VertEdgeScroll" "on"<br />
Option "HorizEdgeScroll" "on"<br />
# Option HorizScrollDelta""0" <br />
Option "SHMConfig" "on"<br />
EndSection <br />
<br />
for trakpoint with third button paste & scroll add this few lines to xorg.conf too<br />
<br />
Section "InputDevice"<br />
Identifier "Trackpoint"<br />
Driver "mouse"<br />
Option "CorePointer"<br />
Option "Device" "/dev/input/mice"<br />
Option "Protocol" "Auto"<br />
Option "Emulate3Buttons"<br />
Option "Emulate3Timeout" "50"<br />
Option "EmulateWheel" "on"<br />
Option "EmulateWheelTimeout" "200" # adjust third button paste timeout. <br />
Option "EmulateWheelButton" "2"<br />
Option "YAxisMapping" "4 5"<br />
Option "XAxisMapping" "6 7"<br />
Option "YAxisMapping" "4 5"<br />
EndSection<br />
<br />
finally update your layout<br />
<br />
Section "ServerLayout"<br />
InputDevice "Trackpoint" "CorePointer"<br />
InputDevice "Touchpad"<br />
InputDevice "Keyboard0" "CoreKeyboard"<br />
EndSection<br />
<br />
==Audio==<br />
Once you have [[ALSA]] installed, fire up alsamixer and make sure that sound is not muted. You might also want to press the Volume Up or Volume Down button. It seems than the Mute button mutes everything, even system beeps. Pressing the Volume Up or Volume Down button can unmute, but not pressing the Mute button again.<br />
<br />
Here's the modules I have loaded that are relevant to sound :<br />
$ lsmod | grep snd<br />
snd_seq_oss 35584 0<br />
snd_seq_midi_event 9344 1 snd_seq_oss<br />
snd_seq 58336 4 snd_seq_oss,snd_seq_midi_event<br />
snd_seq_device 9364 2 snd_seq_oss,snd_seq<br />
snd_hda_intel 474672 2<br />
snd_hwdep 10632 1 snd_hda_intel<br />
snd_pcm_oss 45568 0<br />
snd_pcm 82440 2 snd_hda_intel,snd_pcm_oss<br />
snd_timer 24720 2 snd_seq,snd_pcm<br />
snd_page_alloc 10640 2 snd_hda_intel,snd_pcm<br />
snd_mixer_oss 18944 1 snd_pcm_oss<br />
snd 64840 16 snd_seq_oss,snd_seq,snd_seq_device,snd_hda_intel,snd_hwdep,snd_pcm_oss,snd_pcm,snd_timer,snd_mixer_oss<br />
soundcore 9632 1 snd<br />
<br />
Additionally, there is a patch for the audio driver for conexant's chipsets provided by http://www.linuxant.com which can be downloaded at http://www.linuxant.com/alsa-driver/.<br />
<br />
==Multimedia Keys==<br />
The screen brightness controls and the flashlight work without any tweaking. The other keys can be mapped using [[Extra_Keyboard_Keys#Using_xev|xev]] and xbindkeys. By following [http://wiki.linuxquestions.org/wiki/Configuring_keyboards#Enabling_Keyboard_Multimedia_Keys this guide] you should be able to get everything working, but here's summary :<br />
<br />
*First, open a terminal and type <code>xev</code>. This starts the "Event tester".<br />
*Place your cursor on the "Event tester" window.<br />
*When you press a key on your keyboard or move your mouse, it should get displayed in a terminal. For instance, this is what shows up if you press Fn+F2 <br />
KeyRelease event, serial 33, synthetic NO, window 0x3000001,<br />
root 0x86, subw 0x0, time 5537544, (76,110), root:(81,938),<br />
state 0x0, '''keycode 146''' (keysym 0x0, '''NoSymbol'''), same_screen YES,<br />
XLookupString gives 0 bytes:<br />
XFilterEvent returns: False<br />
It basically says that '''keycode 146''' is not bound ('''NoSymbol''').<br />
Here are all the keycodes of all multimedia buttons:<br />
<br />
Volume Down : keycode 174<br />
Volume Up : keycode 176<br />
Fn+F2 : keycode 146<br />
Fn+F3 : keycode 241<br />
Fn+F4 : keycode 223<br />
Fn+F5 : Not responding to events ??<br />
Fn+F7 : keycode 214<br />
Fn+F8 : keycode 249<br />
Fn+F9 : keycode 207<br />
Fn+F12 : keycode 165<br />
Fn+Up : keycode 164<br />
Fn+Down : keycode 162<br />
Fn+Left : keycode 144<br />
Fn+Right : keycode 153<br />
Fn+Home : keycode 212<br />
Fn+End : keycode 101<br />
*Type <code>xmodmap -pke > ~/.Xmodmap</code> in a terminal. This creates a file, <code>.Xmodmap</code>, containing your current keyboard mapping.<br />
*Now open the file with a text editor and find the keycodes you're interested in. You can map any keycode with a symbol from [http://wiki.linuxquestions.org/wiki/XF86_keyboard_symbols this list].<br />
*To get your new <code>.Xmodmap</code> loaded when you start X, just add <code>xmodmap ~/.Xmodmap</code> to your .xinitrc.<br />
*To get your new <code>.Xmodmap</code> loaded immediately, type <code>xmodmap ~/.Xmodmap</code> in a terminal.<br />
<br />
You can now assign functions to your newly bound keys by using [[Extra_Keyboard_Keys_in_Xorg#Using_your_Desktop_Environment_tools|facilities provided by your window desktop environment]] or by using <code>xbindkeys</code>.<br />
<br />
To use <code>xbindkeys</code>,<br />
*Start by installing it<br />
pacman -S xbindkeys<br />
*Then add <code>xbindkeys &</code> to your .xinitrc.<br />
*And finally, in your home directory, create a file called <code>.xbindkeysrc.scm</code> with content that would look something like <br />
(xbindkey '("XF86Standby") "sudo killall dhcpcd && sudo pm-suspend")<br />
(xbindkey '("XF86AudioRaiseVolume") "amixer set Master 2dB+ unmute")<br />
(xbindkey '("XF86AudioLowerVolume") "amixer set Master 2dB- unmute")<br />
<br />
Note, in more recent Arch (kernel 3.4.2, xorg-server 1.12.2, laptop-mode-tools 1.61), on the T400, related keys combinations binding seems to be:<br />
*Fn+2 → XF86ScreenSaver<br />
*Fn+4 → XF86Sleep & XF86Wakeup<br />
*Fn+12 → XF86Suspend<br />
<br />
Now, the actual action will performed on XF86Sleep or XF86Suspend is configurable in session policy, so it may vary (e.g. depending on desktop environment).<br />
If nomenclature of XF86Standby, XF86Hibernate or XF86Sleep is confusing, check the thread [http://thread.gmane.org/gmane.linux.acpi.devel/37554 suspend / hibernate nomenclature] for in-depth explanation.<br />
<br />
===Mute===<br />
To get the mute button to work, it is necessary to pass the string <code>acpi_osi="Linux"</code> to the kernel as a boot parameter. In GRUB2, add it to the "linux" line. See [http://www.thinkwiki.org/wiki/Mute_button here] for more details.<br />
<br />
With the 3.1 bios, it seems that the mute button works normally (set it up the same as the volume buttons with, for instance, "amixer set Master toggle").<br />
<br />
==ACPI==<br />
To enable the fan speed control, it's necessary to load the thinkpad_acpi with option fan_control=1. After the thinkpad_acpi module is loaded with this option, you can monitor and adjust the fan speed via /proc/acpi/ibm/fan.<br />
<br />
==SUSPEND-RESUME==<br />
People have been having issues with suspend resume with the current intel xf86-video-intel 2.4.3.1 drivers in combination with the 4500mhd chipset. This is apparently an issue with concurrency as adding the following script (with mod 755) in /etc/pm/sleep.d fixes things. to some extent...<br />
<br />
#!/bin/sh<br />
# Workaround for concurrency bug in xserver-xorg-video-intel 2:2.4.1-1ubuntu10.<br />
# Save this as /etc/pm/sleep.d/00CPU <br />
<br />
. "/usr/lib/pm-utils/functions"<br />
<br />
case "$1" in<br />
hibernate|suspend)<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 0 >$i<br />
done<br />
;;<br />
thaw|resume) <br />
sleep 10 # run with one core for 10 secs<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 1 >$i<br />
done<br />
;;<br />
*)<br />
;;<br />
esac<br />
<br />
<br />
From http://ubuntu-virginia.ubuntuforums.org/showpost.php?p=6105510&postcount=12 petri4 on the ubuntu forums.<br />
<br />
==7-1 Media Card Reader==<br />
{{out of date|reason=rc.conf}}<br />
Tested for SD cards only. Works after loading modules sdhci and ricoh_mmc in /etc/rc.conf. Sometimes there are problems initializing the SD card (check dmesg) after inserting it. In such cases, try re-inserting it again.</div>JimReeshttps://wiki.archlinux.org/index.php?title=Lenovo_ThinkPad_T400&diff=258057Lenovo ThinkPad T4002013-05-20T19:31:11Z<p>JimRees: /* Intel chipset */ just need linux-firmware now</p>
<hr />
<div>[[Category:Lenovo]]<br />
{{Article summary start}}<br />
{{Article summary text|Installation instructions for the Lenovo ThinkPad T400}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Lenovo ThinkPad T400s}}<br />
{{Article summary end}}<br />
{{Poor writing|Numerous spelling, grammar, and style issues.}}<br />
<br />
==System Specification==<br />
<br />
Note, [http://en.wikipedia.org/wiki/ThinkPad_T_Series ThinkPad T400] is available in a few hardware variants. Check the [http://www.thinkwiki.org ThinkWiki] where details of hardware specification are discussed in the [http://www.thinkwiki.org/wiki/Category:T400 T400] category.<br />
<br />
Below is an overview of the T400 specifications as originally used to start this article:<br />
<br />
*CPU : Intel® Core™2 Duo Processor T9400 (6M Cache, 2.53 GHz, 1066 MHz FSB)<br />
*Memory : 3GB PC3-8500 DDR3<br />
*WiFi : Intel WiFi Link 5300<br />
*Hard-Drive : 160GB, 7200rpm<br />
*Optical Drive : DVD Recordable<br />
*Integrated Graphics : Intel 4500MHD<br />
*Discrete Graphics : AMD M82XT Hybrid 256 MB (ATI Mobility Radeon HD 3470)<br />
*Screen : 14.1" WXGA+ TFT with LED Backlight<br />
*Gigabit Ethernet, Modem<br />
*Express Card & PC Card Slots<br />
*Integrated Bluetooth PAN<br />
*No camera<br />
*No fingerprint reader<br />
*No Intel Turbo Memory<br />
<br />
==Network==<br />
===Ethernet===<br />
The [[kernel module]] to get the network card to work is {{ic|e1000e}}.<br />
<br />
===Wireless===<br />
Lenovo offers different options in wireless hardware:<br />
<br />
====Intel chipset====<br />
*Wifi link 5100 and 5300<br />
<br />
The drivers are included in the 2.6.27 kernel. However, it's important to make sure that you have the correct firmware. I installed the iwlwifi-5000-ucode. See [[Wireless#iwl3945.2C_iwl4965_and_iwl5000-series|this section]] for more details.<br />
<br />
Since the 2.6.34 kernel update, the firmware files were moved to the {{ic|linux-firmware}} package. Manually installing other firmware packages is not required.<br />
<br />
====Realtek chipset====<br />
<br />
*Rtl8192SE<br />
11b/g/n Wireless Lan Mini-PCI Express Adapter II<br />
03:00.0 Network controller: Realtek Semiconductor Co., Ltd. Device 8172 (rev 10)<br />
<br />
See http://www.thinkwiki.org/wiki/ThinkPad_11b/g/n_Wireless_LAN_Mini-PCI_Express_Adapter_II for more details.<br />
<br />
See [[Wireless Setup#rtl8192s]].<br />
<br />
===Modem===<br />
There is a module "hsfmodem" provided by http://www.linuxant.com/.<br />
<br />
===Bluetooth===<br />
<br />
If you have [http://www.thinkwiki.org/wiki/Thinkpad-acpi thinkpad-acpi] kernel module loaded, you can enable and disable Bluetooth from command line. To enable:<br />
<br />
{{bc|# echo 1 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable:<br />
<br />
{{bc|# echo 0 > /sys/devices/platform/thinkpad_acpi/bluetooth_enable}}<br />
<br />
To disable or enable Bluetooth at startup, add one of the above commands to {{ic|/etc/rc.local}}.<br />
<br />
The bluetooth module requires {{ic|uhci_hcd}}. Make sure {{ic|/etc/modprobe.d/modprobe.conf}} does not blacklist it.<br />
<br />
For everything else related to Bluetooth, follow the procedure described in [[Bluetooth]] section of the Arch Wiki.<br />
<br />
==Graphics/Xorg Configuration==<br />
Note that it's possible to switch the graphics adapter by only restarting X, but It's quite useless since you can't power up/down a graphic-card without rebooting. So it's either both graphic-card on at all times, or do the switching in the BIOS.<br />
<br />
So please press the ThinkVantag-button» during boot up and enable either the Integrated or the Discrete graphics cards in your BIOS's "Config->Display" menu.<br />
<br />
===Integrated Graphics===<br />
After installing [[Xorg#Installing_Xorg|xorg]], I installed the [[Intel|xf86-video-intel drivers]].<br />
<br />
===Discrete Graphics===<br />
All 3 ATI drivers worked. That is both [[ATI#Open-Source_ATI_Drivers|open-source drivers]] (<code>xf86-video-ati</code> and <code>xf86-video-radeonhd</code>) and [[ATI#ATI_Catalyst_proprietary_driver|fglrx]] (the <code>catalyst</code> proprietary drivers).<br />
<br />
I could not get the <code>xf86-video-radeonhd</code> drivers to detect my external monitor, but <code>xf86-video-ati</code> worked fine. Remember to remove <code>catalyst</code> and <code>catalyst-utils</code> and reboot before using an [[ATI#Open-Source_ATI_Drivers|open source ATI drivers]]. ATI uses its own OpenGL library in its proprietary drivers, which is included in <code>catalyst-utils</code> and conflicts with libgl. As it did with the integrated graphics, running '''X -configure''' generated a working xorg.conf.<br />
<br />
To get the [[ATI#ATI_Catalyst_proprietary_driver|catalyst drivers]] working, you do have to [[ATI#Configuration|configure]] your xorg.conf properly. I used '''aticonfig --initial''' to generate a working xorg.conf. I did encounter a problem that I have not been able to solve yet : resizing a window in a compositing window manager takes 1-2 seconds. This makes the drivers pretty much unusable.<br />
<br />
===Switchable Graphics===<br />
Is currently not supported by the kernel. You can enable switchable-graphics in the BIOS and make Xorg do the switching, but then both cards will always use power and generate lots of heat. See the [http://en.gentoo-wiki.com/wiki/Lenovo_ThinkPad_T400#Getting_both_to_work| gentoo-wiki] to keep up too date on the issue.<br />
<br />
You can also try David Arlile's patch to power off the unused card. See http://airlied.livejournal.com/71434.html and http://linux-hybrid-graphics.blogspot.com/.<br />
<br />
===Hotplugging===<br />
If you want to enable [[Xorg_input_hotplugging|hotplugging]] you probably do not need a xorg.conf. But if you are using xf86-video-ati you might temporarely need to disable [[KMS]], by adding "nomodeset" to your kernel-line in "/boot/grub/menu.lst". If you do not want to disable KMS you can probably install some radeon firmware, see the [[Ati#Kernel_mode-setting_.28KMS.29|Ati-wiki]].<br />
<br />
Since all the mouse/keyboard configuration is taken care of by [[HAL]] you will need some config files in "/etc/hal/fdi/policy/"<br />
For instant "mouse-wheel.fdi" to enable TrackPoint-scrolling:<br />
<br />
<match key="info.product" string="TPPS/2 IBM TrackPoint"><br />
<merge key="input.x11_options.EmulateWheel" type="string">true</merge><br />
<merge key="input.x11_options.EmulateWheelButton" type="string">2</merge><br />
<merge key="input.x11_options.YAxisMapping" type="string">4 5</merge><br />
<merge key="input.x11_options.XAxisMapping" type="string">6 7</merge><br />
<merge key="input.x11_options.Emulate3Buttons" type="string">true</merge><br />
<merge key="input.x11_options.EmulateWheelTimeout" type="string">200</merge><br />
</match><br />
<br />
More information in the TrackPoint can be found here: http://www.thinkwiki.org/wiki/How_to_configure_the_TrackPoint.<br />
The Keyboard layout is controlled by "/etc/hal/fdi/policy/10-keymap.fdi" Modify it like [[Xorg_input_hotplugging#Modifying_hal_configuration|this]] to<br />
change your layout. If you have any more questions on hotplugging (like how to enable [[Touchpad_Synaptics#Configuration_via_HAL_policies_.28hotplugging_enabled.29|tapping]]), take a look at it's [[Xorg_input_hotplugging|wiki page]].<br />
<br />
===Synaptic, UltraNav===<br />
If you want to be able to use horizontal and vertical scroll with your touchpad add this lines to your xorg.conf<br />
<br />
Section "Module"<br />
......<br />
Load "synaptics"<br />
EndSection<br />
<br />
Section "InputDevice"<br />
Identifier "Touchpad"<br />
Driver "synaptics"<br />
Option "AlwaysCore"<br />
Option "Device" "/dev/input/mouse1"<br />
Option "Protocol" "auto-dev"<br />
Option "SendCoreEvents" "true"<br />
Option "LeftEdge" "1632"<br />
Option "RightEdge" "5312"<br />
Option "TopEdge" "1575"<br />
Option "BottomEdge" "4281"<br />
Option "FingerLow" "25"<br />
Option "FingerHigh" "30"<br />
Option "MaxTapTime" "180"<br />
Option "MaxTapMove" "220"<br />
Option "VertScrollDelta" "100"<br />
Option "MinSpeed" "0.06"<br />
Option "MaxSpeed" "0.12"<br />
Option "AccelFactor" "0.0010"<br />
Option "VertEdgeScroll" "on"<br />
Option "HorizEdgeScroll" "on"<br />
# Option HorizScrollDelta""0" <br />
Option "SHMConfig" "on"<br />
EndSection <br />
<br />
for trakpoint with third button paste & scroll add this few lines to xorg.conf too<br />
<br />
Section "InputDevice"<br />
Identifier "Trackpoint"<br />
Driver "mouse"<br />
Option "CorePointer"<br />
Option "Device" "/dev/input/mice"<br />
Option "Protocol" "Auto"<br />
Option "Emulate3Buttons"<br />
Option "Emulate3Timeout" "50"<br />
Option "EmulateWheel" "on"<br />
Option "EmulateWheelTimeout" "200" # adjust third button paste timeout. <br />
Option "EmulateWheelButton" "2"<br />
Option "YAxisMapping" "4 5"<br />
Option "XAxisMapping" "6 7"<br />
Option "YAxisMapping" "4 5"<br />
EndSection<br />
<br />
finally update your layout<br />
<br />
Section "ServerLayout"<br />
InputDevice "Trackpoint" "CorePointer"<br />
InputDevice "Touchpad"<br />
InputDevice "Keyboard0" "CoreKeyboard"<br />
EndSection<br />
<br />
==Audio==<br />
Once you have [[ALSA]] installed, fire up alsamixer and make sure that sound is not muted. You might also want to press the Volume Up or Volume Down button. It seems than the Mute button mutes everything, even system beeps. Pressing the Volume Up or Volume Down button can unmute, but not pressing the Mute button again.<br />
<br />
Here's the modules I have loaded that are relevant to sound :<br />
$ lsmod | grep snd<br />
snd_seq_oss 35584 0<br />
snd_seq_midi_event 9344 1 snd_seq_oss<br />
snd_seq 58336 4 snd_seq_oss,snd_seq_midi_event<br />
snd_seq_device 9364 2 snd_seq_oss,snd_seq<br />
snd_hda_intel 474672 2<br />
snd_hwdep 10632 1 snd_hda_intel<br />
snd_pcm_oss 45568 0<br />
snd_pcm 82440 2 snd_hda_intel,snd_pcm_oss<br />
snd_timer 24720 2 snd_seq,snd_pcm<br />
snd_page_alloc 10640 2 snd_hda_intel,snd_pcm<br />
snd_mixer_oss 18944 1 snd_pcm_oss<br />
snd 64840 16 snd_seq_oss,snd_seq,snd_seq_device,snd_hda_intel,snd_hwdep,snd_pcm_oss,snd_pcm,snd_timer,snd_mixer_oss<br />
soundcore 9632 1 snd<br />
<br />
Additionally, there is a patch for the audio driver for conexant's chipsets provided by http://www.linuxant.com which can be downloaded at http://www.linuxant.com/alsa-driver/.<br />
<br />
==Multimedia Keys==<br />
The screen brightness controls and the flashlight work without any tweaking. The other keys can be mapped using [[Extra_Keyboard_Keys#Using_xev|xev]] and xbindkeys. By following [http://wiki.linuxquestions.org/wiki/Configuring_keyboards#Enabling_Keyboard_Multimedia_Keys this guide] you should be able to get everything working, but here's summary :<br />
<br />
*First, open a terminal and type <code>xev</code>. This starts the "Event tester".<br />
*Place your cursor on the "Event tester" window.<br />
*When you press a key on your keyboard or move your mouse, it should get displayed in a terminal. For instance, this is what shows up if you press Fn+F2 <br />
KeyRelease event, serial 33, synthetic NO, window 0x3000001,<br />
root 0x86, subw 0x0, time 5537544, (76,110), root:(81,938),<br />
state 0x0, '''keycode 146''' (keysym 0x0, '''NoSymbol'''), same_screen YES,<br />
XLookupString gives 0 bytes:<br />
XFilterEvent returns: False<br />
It basically says that '''keycode 146''' is not bound ('''NoSymbol''').<br />
Here are all the keycodes of all multimedia buttons:<br />
<br />
Volume Down : keycode 174<br />
Volume Up : keycode 176<br />
Fn+F2 : keycode 146<br />
Fn+F3 : keycode 241<br />
Fn+F4 : keycode 223<br />
Fn+F5 : Not responding to events ??<br />
Fn+F7 : keycode 214<br />
Fn+F8 : keycode 249<br />
Fn+F9 : keycode 207<br />
Fn+F12 : keycode 165<br />
Fn+Up : keycode 164<br />
Fn+Down : keycode 162<br />
Fn+Left : keycode 144<br />
Fn+Right : keycode 153<br />
Fn+Home : keycode 212<br />
Fn+End : keycode 101<br />
*Type <code>xmodmap -pke > ~/.Xmodmap</code> in a terminal. This creates a file, <code>.Xmodmap</code>, containing your current keyboard mapping.<br />
*Now open the file with a text editor and find the keycodes you're interested in. You can map any keycode with a symbol from [http://wiki.linuxquestions.org/wiki/XF86_keyboard_symbols this list].<br />
*To get your new <code>.Xmodmap</code> loaded when you start X, just add <code>xmodmap ~/.Xmodmap</code> to your .xinitrc.<br />
*To get your new <code>.Xmodmap</code> loaded immediately, type <code>xmodmap ~/.Xmodmap</code> in a terminal.<br />
<br />
You can now assign functions to your newly bound keys by using [[Extra_Keyboard_Keys_in_Xorg#Using_your_Desktop_Environment_tools|facilities provided by your window desktop environment]] or by using <code>xbindkeys</code>.<br />
<br />
To use <code>xbindkeys</code>,<br />
*Start by installing it<br />
pacman -S xbindkeys<br />
*Then add <code>xbindkeys &</code> to your .xinitrc.<br />
*And finally, in your home directory, create a file called <code>.xbindkeysrc.scm</code> with content that would look something like <br />
(xbindkey '("XF86Standby") "sudo killall dhcpcd && sudo pm-suspend")<br />
(xbindkey '("XF86AudioRaiseVolume") "amixer set Master 2dB+ unmute")<br />
(xbindkey '("XF86AudioLowerVolume") "amixer set Master 2dB- unmute")<br />
<br />
Note, in more recent Arch (kernel 3.4.2, xorg-server 1.12.2, laptop-mode-tools 1.61), on the T400, related keys combinations binding seems to be:<br />
*Fn+2 → XF86ScreenSaver<br />
*Fn+4 → XF86Sleep & XF86Wakeup<br />
*Fn+12 → XF86Suspend<br />
<br />
Now, the actual action will performed on XF86Sleep or XF86Suspend is configurable in session policy, so it may vary (e.g. depending on desktop environment).<br />
If nomenclature of XF86Standby, XF86Hibernate or XF86Sleep is confusing, check the thread [http://thread.gmane.org/gmane.linux.acpi.devel/37554 suspend / hibernate nomenclature] for in-depth explanation.<br />
<br />
===Mute===<br />
To get the mute button to work, it is necessary to pass the string <code>acpi_osi="Linux"</code> to the kernel as a boot parameter. In GRUB2, add it to the "linux" line. See [http://www.thinkwiki.org/wiki/Mute_button here] for more details.<br />
<br />
With the 3.1 bios, it seems that the mute button works normally (set it up the same as the volume buttons with, for instance, "amixer set Master toggle").<br />
<br />
==ACPI==<br />
To enable the fan speed control, it's necessary to load the thinkpad_acpi with option fan_control=1. After the thinkpad_acpi module is loaded with this option, you can monitor and adjust the fan speed via /proc/acpi/ibm/fan.<br />
<br />
==SUSPEND-RESUME==<br />
People have been having issues with suspend resume with the current intel xf86-video-intel 2.4.3.1 drivers in combination with the 4500mhd chipset. This is apparently an issue with concurrency as adding the following script (with mod 755) in /etc/pm/sleep.d fixes things. to some extent...<br />
<br />
#!/bin/sh<br />
# Workaround for concurrency bug in xserver-xorg-video-intel 2:2.4.1-1ubuntu10.<br />
# Save this as /etc/pm/sleep.d/00CPU <br />
<br />
. "/usr/lib/pm-utils/functions"<br />
<br />
case "$1" in<br />
hibernate|suspend)<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 0 >$i<br />
done<br />
;;<br />
thaw|resume) <br />
sleep 10 # run with one core for 10 secs<br />
for i in /sys/devices/system/cpu/cpu*/online ; do<br />
echo 1 >$i<br />
done<br />
;;<br />
*)<br />
;;<br />
esac<br />
<br />
<br />
From http://ubuntu-virginia.ubuntuforums.org/showpost.php?p=6105510&postcount=12 petri4 on the ubuntu forums.<br />
<br />
==7-1 Media Card Reader==<br />
{{out of date|reason=rc.conf}}<br />
Tested for SD cards only. Works after loading modules sdhci and ricoh_mmc in /etc/rc.conf. Sometimes there are problems initializing the SD card (check dmesg) after inserting it. In such cases, try re-inserting it again.</div>JimReeshttps://wiki.archlinux.org/index.php?title=Raspberry_Pi&diff=258056Raspberry Pi2013-05-20T19:27:39Z<p>JimRees: /* Article Preface */ sp/typo</p>
<hr />
<div>[[Category:Getting and installing Arch]]<br />
[[ru:Raspberry Pi]]<br />
{{Article summary start}}<br />
{{Article summary text|Raspberry Pi (RPi) is a minimalist computer built for the [[Wikipedia:ARMv6|ARMv6 architecture]]. [http://www.raspberrypi.org/ More information about this project] and [http://uk.farnell.com/raspberry-pi technical specification].}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Beginners' Guide}}<br />
<br />
[http://elinux.org/RPiconfig RPi Config] - Excellent source of info relating to under-the-hood tweaks.<br />
<br />
[http://elinux.org/RPI_vcgencmd_usage RPi vcgencmd usage] - Overview of firmware command vcgencmd.<br />
{{Article summary end}}<br />
<br />
== Article Preface ==<br />
This article is not meant to be an exhaustive setup guide and assumes that the reader has setup an Arch system before. Arch newbies are encouraged to read the [[Beginners' Guide]] if unsure how to preform standard tasks such as creating users, managing the system, etc.<br />
<br />
{{Note|Support for the ARM architecture is provided on http://archlinuxarm.org not through posts to the official Arch Linux Forum. Any posts related to ARM specific issues will be promptly closed per the [https://wiki.archlinux.org/index.php/Forum_Etiquette#Arch_Linux_Distribution_Support_ONLY Arch Linux Distribution Support ONLY] policy.}}<br />
<br />
== Installing Arch Linux ARM ==<br />
<br />
See the [http://archlinuxarm.org/platforms/armv6/raspberry-pi#qt-platform_tabs-ui-tabs2 archlinuxarm documentation].<br />
<br />
== Audio ==<br />
{{Note| The requisite module '''snd-bcm2835''' should be autoloaded by default.}}<br />
<br />
Install the needed packages:<br />
pacman -S alsa-utils alsa-firmware alsa-lib alsa-plugins<br />
<br />
Optionally adjust the default volume using `alsamixer` and ensure that the sole source "PCM" is not muted (denoted by double MM if muted).<br />
<br />
Select an audio source for output:<br />
amixer cset numid=3 x<br />
<br />
Where 'x' corresponds to:<br />
*0 for Auto<br />
*1 for Analog out<br />
*3 for HDMI<br />
<br />
=== Caveats for HDMI Audio ===<br />
Some applications require a setting in {{ic|/boot/config.txt}} to force audio over HDMI:<br />
hdmi_drive=2<br />
<br />
== Onboard Hardware Sensors ==<br />
=== Temperature ===<br />
Temperatures sensors for the board itself are including as part of the '''raspberrypi-firmware-tools''' package. The RPi offers a sensor on the BCM2835 SoC (CPU/GPU):<br />
<br />
/opt/vc/bin/vcgencmd measure_temp<br />
temp=49.8'C<br />
<br />
Alternatively, simply read from the filesystem:<br />
% cat /sys/class/thermal/thermal_zone0/temp <br />
49768<br />
<br />
=== Voltage ===<br />
Four different voltages can be monitored via {{ic|/opt/vc/bin/vcgencmd}} as well:<br />
<br />
% /opt/vc/bin/vcgencmd measure_volts <id><br />
<br />
*core for core voltage<br />
*sdram_c for sdram Core voltage<br />
*sdram_i for sdram I/O voltage<br />
*sdram_p for sdram PHY voltage<br />
<br />
=== Lightweight Monitoring Suite ===<br />
{{AUR|Monitorix}} has specific support for the RPi since v3.2.0. Screenshots available [[http://www.monitorix.org/screenshots.html here]].<br />
<br />
== Overclocking/Underclocking ==<br />
The RPi can be overclocked by editing {{ic|/boot/config.txt}}, for example:<br />
<br />
arm_freq=800<br />
arm_freq_min=100<br />
core_freq=300<br />
core_freq_min=75<br />
sdram_freq=400<br />
over_voltage=0<br />
<br />
The optional xxx_min lines define the min usage of their respective settings. When the system is not under load, the values will drop down to those specified. Consult the [http://elinux.org/RPiconfig#Overclocking Overclocking] article on elinux for additional options and examples.<br />
<br />
A reboot is needed for new settings to take effect.<br />
<br />
{{Note|The overclocked setting for CPU clock applies only when the governor throttles up the CPU, i.e. under load.}}<br />
<br />
Users may query the current frequency of the CPU via this command:<br />
cat /sys/devices/system/cpu/cpu0/cpufreq/scaling_cur_freq<br />
<br />
== Serial Console ==<br />
Edit the default /boot/cmdline.txt<br />
<br />
Change loglevel to 5 to see boot messages<br />
loglevel=5<br />
<br />
Change speed from 115200 to 38400<br />
console=ttyAMA0,38400 kgdboc=ttyAMA0,38400<br />
<br />
Start getty service<br />
systemctl start getty@ttyAMA0<br />
<br />
Enable on boot<br />
systemctl enable getty@ttyAMA0.service<br />
<br />
Creating the proper service link:<br />
ln -s /usr/lib/systemd/system/getty@.service /etc/systemd/system/getty.target.wants/getty@ttyAMA0.service<br />
<br />
Then connect :)<br />
screen /dev/ttyUSB0 38400<br />
<br />
== Video ==<br />
pacman -S xf86-video-fbdev<br />
<br />
Adjustments are likely required to correct proper overscan/underscan and are easily achieved in {{ic|boot/config.txt}} in which many tweaks are set. To fix, simply uncomment the corresponding lines and setup per the commented instructions:<br />
<br />
# uncomment the following to adjust overscan. Use positive numbers if console<br />
# goes off screen, and negative if there is too much border<br />
#overscan_left=16<br />
overscan_right=8<br />
overscan_top=-16<br />
overscan_bottom=-16<br />
<br />
Users wishing to use the analog video out should consult [https://raw.github.com/Evilpaul/RPi-config/master/config.txt this] config file which contains options for non-NTSC outputs.<br />
<br />
A reboot is needed for new settings to take effect.</div>JimRees