https://wiki.archlinux.org/api.php?action=feedcontributions&user=Wingsuit&feedformat=atomArchWiki - User contributions [en]2024-03-28T16:48:49ZUser contributionsMediaWiki 1.41.0https://wiki.archlinux.org/index.php?title=List_of_applications/Security&diff=615611List of applications/Security2020-05-25T03:29:18Z<p>Wingsuit: /* Hash checkers */ typo</p>
<hr />
<div><noinclude><br />
[[Category:Applications]]<br />
[[Category:Security]]<br />
[[Category:Lists of software]]<br />
[[es:List of applications (Español)/Security]]<br />
[[it:List of applications (Italiano)/Security]]<br />
[[ja:アプリケーション一覧/セキュリティ]]<br />
[[ru:List of applications (Русский)/Security]]<br />
[[zh-hans:List of applications (简体中文)/Security]]<br />
[[zh-hant:List of applications (正體中文)/Security]]<br />
{{List of applications navigation}}<br />
</noinclude><br />
== Security ==<br />
<br />
For detailed guides, see the main ArchWiki page, [[Security]].<br />
<br />
==== Network security ====<br />
<br />
See also [[Wikipedia:Comparison of packet analyzers]].<br />
<br />
* {{App|airgeddon|Multi-use bash script to audit wireless networks|https://github.com/v1s1t0r1sh3r3/airgeddon|{{AUR|airgeddon-git}}}}<br />
* {{App|[[Wikipedia:Arpwatch|Arpwatch]]|Tool that monitors ethernet activity and keeps a database of Ethernet/IP address pairings.|https://ee.lbl.gov/|{{Pkg|arpwatch}}}}<br />
* {{App|bettercap|Swiss army knife for network attacks and monitoring.|https://www.bettercap.org/|{{Pkg|bettercap}}}}<br />
* {{App|darkstat|Captures network traffic, calculates statistics about usage, and serves reports over HTTP.|https://unix4lyfe.org/darkstat/|{{Pkg|darkstat}}}}<br />
* {{App|[[Wikipedia:dSniff|dsniff]]|Collection of tools for network auditing and penetration testing.|https://www.monkey.org/~dugsong/dsniff/|{{Pkg|dsniff}}}}<br />
* {{App|[[Wikipedia:EtherApe|EtherApe]]|Graphical network monitor for Unix modeled after etherman. Featuring link layer, IP and TCP modes, it displays network activity graphically. Hosts and links change in size with traffic. Color coded protocols display.|https://etherape.sourceforge.io/|{{Pkg|etherape}}}}<br />
* {{App|[[Wikipedia:Ettercap (software)|Ettercap]]|Multipurpose Network sniffer/analyser/interceptor/logger.|https://ettercap.github.io/ettercap/|CLI: {{Pkg|ettercap}}, GUI: {{Pkg|ettercap-gtk}}}}<br />
* {{App|GNOME Network Tools|GNOME interface for various networking tools.|https://gitlab.gnome.org/GNOME/gnome-nettool|{{Pkg|gnome-nettool}}}}<br />
* {{App|[[Honeyd]]|Tool that allows the user to set up and run multiple virtual hosts on a computer network.|http://www.honeyd.org/|{{AUR|honeyd}}}}<br />
* {{App|hping|Command-line oriented TCP/IP packet assembler/analyzer.|http://hping.org/|{{Pkg|hping}}}}<br />
* {{App|IPTraf|Console-based network monitoring utility.|https://sourceforge.net/projects/iptraf-ng/|{{Pkg|iptraf-ng}}}}<br />
* {{App|jnettop|top-like console network traffic visualizer.|https://sourceforge.net/projects/jnettop/|{{Pkg|jnettop}}}}<br />
* {{App|[[Wikipedia:justniffer|justniffer]]|Network protocol analyzer that captures network traffic and produces logs in a customized way, can emulate Apache web server log files, track response times and extract all "intercepted" files from the HTTP traffic.|http://justniffer.sourceforge.net/|{{AUR|justniffer}}}}<br />
* {{App|Kismet|802.11 layer2 wireless network detector, sniffer, and intrusion detection system.|https://www.kismetwireless.net/|{{Pkg|kismet}}}}<br />
* {{App|LinSSID|Graphical wireless scanner.|https://sourceforge.net/projects/linssid/|{{Pkg|linssid}}}}<br />
* {{App|Nemesis|Command-line network packet crafting and injection utility.|http://nemesis.sourceforge.net/|{{AUR|nemesis}}}}<br />
* {{App|Net Activity Viewer|Graphical network connections viewer, similar in functionality with Netstat.|http://netactview.sourceforge.net/|{{AUR|netactview}}}}<br />
* {{App|[[Wikipedia:netsniff-ng|netsniff-ng]]|High performance Linux network sniffer for packet inspection.|http://netsniff-ng.org/|{{Pkg|netsniff-ng}}}}<br />
* {{App|[[Wikipedia:ngrep|ngrep]]|grep-like utility that allows you to search for network packets on an interface.|https://github.com/jpr5/ngrep|{{Pkg|ngrep}}}}<br />
* {{App|[[Nmap]]|Security scanner used to discover hosts and services on a computer network, thus creating a "map" of the network.|https://nmap.org/|CLI: {{Pkg|nmap}}, GUI: {{AUR|zenmap}}}}<br />
* {{App|[[Ntop]]|Network probe that shows network usage in a way similar to what top does for processes.|https://www.ntop.org/|{{Pkg|ntop}}}}<br />
* {{App|pyNeighborhood|GTK-based SMB/CIFS browsing utility.|https://launchpad.net/pyneighborhood|{{AUR|pyneighborhood}}}}<br />
* {{App|Smb4K|Advanced network neighborhood browser and Samba share mounting utility for KDE.|https://smb4k.sourceforge.io/|{{Pkg|smb4k}}}}<br />
* {{App|[[Snort]]|Network intrusion prevention and detection system.|https://www.snort.org/|{{AUR|snort}}}}<br />
* {{App|Spectools|A set of utilities for spectrum analyzer hardware including Wi-Spy devices.|https://www.kismetwireless.net/spectools/{{Dead link|2020|03|30|status=404}}|{{AUR|spectools}}}}<br />
* {{App|[[Sshguard]]|Daemon that protects SSH and other services against brute-force attacts, similar to Fail2ban.|https://www.sshguard.net/|{{Pkg|sshguard}}}}<br />
* {{App|[[Suricata]]|High performance Network IDS, IPS and Network Security Monitoring engine.|https://suricata-ids.org/|{{AUR|suricata}}}}<br />
* {{App|[[Wikipedia:tcpdump|Tcpdump]]|Common console-based packet analyzer that allows the user to intercept and display TCP/IP and other packets being transmitted or received over a network.|http://www.tcpdump.org/|{{Pkg|tcpdump}}}}<br />
* {{App|[[Wikipedia:tcptrace|tcptrace]]|TCP dump file analysis tool.|http://tcptrace.org/|{{Pkg|tcptrace}}}}<br />
* {{App|[[vnStat]]|Console-based network traffic monitor that keeps a log of network traffic for the selected interfaces.|https://humdi.net/vnstat/|{{Pkg|vnstat}}}}<br />
* {{App|wifiphisher|Fast automated phishing attacks against WPA networks.|https://github.com/wifiphisher/wifiphisher|{{AUR|wifiphisher}}}}<br />
* {{App|[[Wireshark]]|Network protocol analyzer that lets you capture and interactively browse the traffic running on a computer network.|https://www.wireshark.org/|CLI: {{Pkg|wireshark-cli}}, GUI: {{Pkg|wireshark-qt}}}}<br />
* {{App|[[Wikipedia:Xplico|Xplico]]|Network forensics analysis tool (NFAT), which is a software that reconstructs the contents of acquisitions performed with a packet sniffer.|https://www.xplico.org/|{{AUR|xplico}}}}<br />
* {{App|Zeek|Powerful network analysis framework that is much different from the typical IDS you may know.|https://zeek.org/|{{AUR|zeek}}}}<br />
<br />
==== Firewall management ====<br />
<br />
See [[iptables#Front-ends]].<br />
<br />
==== Threat and vulnerability detection ====<br />
<br />
* {{App|AFICK|Security tool that allows to monitor the changes on your files systems, and so can detect intrusions.|http://afick.sourceforge.net/|{{AUR|afick}}}}<br />
* {{App|[[Wikipedia:Lynis|Lynis]]|Security and system auditing tool to harden Unix/Linux systems.|https://cisofy.com/lynis/|{{Pkg|lynis}}}}<br />
* {{App|[[Metasploit Framework]]|An advanced open-source platform for developing, testing, and using exploit code.|https://www.metasploit.com/|{{Pkg|metasploit}}}}<br />
* {{App|[[Nessus]]|Comprehensive vulnerability scanning program.|https://www.tenable.com/products/nessus|{{AUR|nessus}}}}<br />
* {{App|[[OpenVAS]]|Framework of several services and tools offering a comprehensive and powerful vulnerability scanning and vulnerability management solution. FOSS Nessus fork.|http://www.openvas.org/|{{AUR|openvas}}}}<br />
* {{App|OSSEC|Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.|https://ossec.github.io/|{{AUR|ossec-agent}} {{AUR|ossec-local}} {{AUR|ossec-server}}}}<br />
* {{App|Samhain|Host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes. |https://www.la-samhna.de/samhain/index.html|{{AUR|samhain}}}}<br />
* {{App|[[Wikipedia:Tiger (security software)|Tiger]]|Security tool that can be use both as a security audit and intrusion detection system.|http://www.nongnu.org/tiger/|{{AUR|tiger}}}}<br />
* {{App|[[Wikipedia:Open Source Tripwire|Tripwire]]|Intrusion detection system.|https://github.com/Tripwire/tripwire-open-source|{{AUR|tripwire-git}}}}<br />
<br />
==== File security ====<br />
<br />
* {{App|[[AIDE]]|File and directory integrity checker.|https://aide.github.io|{{AUR|aide}}}}<br />
* {{App|Logcheck|Simple utility which is designed to allow a system administrator to view the logfiles which are produced upon hosts under their control.|https://logcheck.alioth.debian.org/{{Dead link|2020|02|25}}}}<br />
* {{App|[[Logwatch]]|Customizable log analysis system.|https://sourceforge.net/projects/logwatch/|{{Pkg|logwatch}}}}<br />
* {{App|OpenDLP|OpenDLP is a free and open source, agent- and agentless-based, centrally-managed, massively distributable data loss prevention tool.|https://code.google.com/archive/p/opendlp/}}<br />
<br />
==== Anti malware ====<br />
<br />
* {{App|[[ClamAV]]|Open source antivirus engine for detecting trojans, viruses, malware & other malicious threats.|http://www.clamav.net/|{{Pkg|clamav}}}}<br />
* {{App|ClamTk|Graphical front-end for ClamAV using Perl and Gtk libraries. It is designed to be an easy-to-use, lightweight, on-demand antivirus scanner for Linux systems.|https://dave-theunsub.github.io/clamtk/|{{Pkg|clamtk}}, Nautilus plugin: {{AUR|clamtk-gnome}}, MATE plugin: {{AUR|clamtk-mate}}, Thunar plugin: {{AUR|thunar-sendto-clamtk}}}}<br />
* {{App|Linux Malware Detect|Malware scanner designed around the threats faced in shared hosted environments.|https://www.rfxn.com/projects/linux-malware-detect/|{{AUR|maldet}}}}<br />
* {{App|Rootkit Hunter|Checks machines for the presence of rootkits and other unwanted tools.|http://rkhunter.sourceforge.net/|{{Pkg|rkhunter}}}}<br />
* {{App|Hostsblock|A script that downloads, sorts, and compiles multiple ad- and malware-blocking hosts files.|http://gaenserich.github.io/hostsblock/|{{AUR|hostsblock}}}}<br />
<br />
==== Backup programs ====<br />
<br />
See also [[Synchronization and backup programs#Incremental backups]] and [[Wikipedia:Comparison of backup software]].<br />
<br />
* {{App|Déjà Dup|Simple GTK backup program. It hides the complexity of doing backups the 'right way' (encrypted, off-site, and regular) and uses [[duplicity]] as the backend.|https://launchpad.net/deja-dup|{{Pkg|deja-dup}}}}<br />
* {{App|borg|Deduplicating backup program with compression and authenticated encryption that supports backing up over ssh|https://www.borgbackup.org|{{Pkg|borg}}}}<br />
* {{App|[[Wikipedia:Duplicati|Duplicati]]|Backup client that securely stores encrypted, incremental, compressed backups on cloud storage services and remote file servers.|https://www.duplicati.com/|{{AUR|duplicati-latest}}}}<br />
* {{App|[[duplicity]]|Simple command-line utility which allows encrypted compressed incremental backup to nearly any storage.|http://www.nongnu.org/duplicity/|{{Pkg|duplicity}}}}<br />
* {{App|[[Duply]]|Command-line front-end for [[duplicity]] which simplifies running it. It manages backup job settings in profiles and allows to batch execute commands.|http://www.duply.net/|{{AUR|duply}}}}<br />
* {{App|restic|Fast, secure, efficient backup program that supports backing up to many cloud services.|https://restic.net/|{{Pkg|restic}}}}<br />
* {{App|[[Wikipedia:Tarsnap|Tarsnap]]|Secure, efficient proprietary online backup service.|http://www.tarsnap.com/|{{Pkg|tarsnap}}}}<br />
<br />
==== Screen lockers ====<br />
<br />
See also [[Session lock]].<br />
<br />
{{Warning|Only ''sflock'', ''physlock'', ''Cinnamon Screensaver'', ''MATE Screensaver'' and ''GNOME Screensaver'' are able to block tty access. See [[Xorg#Block TTY access]] on how to manually block tty access.}}<br />
<br />
* {{App|betterlockscreen|''i3lock-color'' wrapper. Betterlockscreen allows you to cache images with different filters and lockscreen with blazing speed.|https://github.com/pavanjadhaw/betterlockscreen|{{Aur|betterlockscreen}}}}<br />
* {{App|Cinnamon Screensaver|Screen locker for the Cinnamon desktop.|https://github.com/linuxmint/cinnamon-screensaver|{{Pkg|cinnamon-screensaver}}}}<br />
* {{App|Deepin Screensaver|A lightweight Qt5 based screensaver.|https://github.com/linuxdeepin/deepin-screensaver|{{Pkg|deepin-screensaver}}}}<br />
* {{App|GNOME Screensaver|Screen locker for the GNOME Flashback desktop.|https://wiki.gnome.org/Projects/GnomeScreensaver|{{Pkg|gnome-screensaver}}}}<br />
* {{App|i3lock|A simple screen locker. Provides user feedback and uses PAM authentication. The background can be set to an image or solid color.|https://i3wm.org/i3lock/|{{Pkg|i3lock}}}}<br />
* {{App|i3lock-blur|Fork of ''i3lock'' which can use your desktop with the blur effect applied as a background.|https://github.com/karulont/i3lock-blur|{{Aur|i3lock-blur}}}}<br />
* {{App|i3lock-color|Fork of ''i3lock'' with color and positioning configuration support and can use your desktop with the blur effect applied as a background.|https://github.com/Raymo111/i3lock-color|{{Pkg|i3lock-color}}, {{AUR|i3lock-color-git}}}}<br />
* {{App|Light-locker|A simple locker (forked from ''gnome-screensaver'') that aims to have simple, sane, secure defaults and be well integrated with the desktop while not carrying any desktop-specific dependencies. It relies on [[LightDM]] for locking and unlocking your session via ConsoleKit/UPower or ''logind/systemd''.|https://github.com/the-cavalry/light-locker|{{Pkg|light-locker}}}}<br />
* {{App|MATE Screensaver|Screensaver and locker for MATE Desktop Environment.|https://github.com/mate-desktop/mate-screensaver|{{Pkg|mate-screensaver}}}}<br />
* {{App|physlock|Screen and console locker.|https://github.com/muennich/physlock|{{Pkg|physlock}}}}<br />
* {{App|sflock|Simple screen locker utility for X, based on slock. Provides a very basic user feedback.|https://github.com/benruijl/sflock|{{AUR|sflock-git}}}}<br />
* {{App|[[slock]]|Very simple and lightweight X screen locker. Offers only a black background when locked, there are no animations or text fields.|https://tools.suckless.org/slock/|{{Pkg|slock}}}}<br />
* {{App|sxlock|Fork of sflock with a few enhancements. Provides basic user feedback, uses PAM authentication, supports DPMS and RandR. Supports {{ic|sxlock.service}} to lock the screen on suspend/hibernation. See the [https://github.com/lahwaacz/sxlock/blob/master/README.md README] for more information.|https://github.com/lahwaacz/sxlock|{{AUR|sxlock-git}}}}<br />
* {{App|tsscreenlock|Screen locker used in theShell. Shows music controls, and if used with theShell, also shows desktop notifications.|https://github.com/vicr123/tsscreenlock|{{AUR|tsscreenlock}}}}<br />
* {{App|vlock|TTY locker. A mirror of the [https://lists.archlinux.org/pipermail/aur-general/2013-July/024662.html original vlock] is available at [https://github.com/WorMzy/vlock github].|http://kbd-project.org/|{{Pkg|kbd}}}}<br />
* {{App|xfce4-screensaver|A screen saver and locker that aims to have simple, sane, secure defaults and be well integrated with the xfce desktop.|https://git.xfce.org/apps/xfce4-screensaver/about/|{{Pkg|xfce4-screensaver}}}}<br />
* {{App|xlockmore|Simple X11 screen lock with PAM support.|http://sillycycle.com/xlockmore.html|{{Pkg|xlockmore}}}}<br />
* {{App|[[XScreenSaver]]|Screen saver and locker for the X Window System.|https://www.jwz.org/xscreensaver/|{{Pkg|xscreensaver}}}}<br />
* {{App|XSecureLock|X11 screen lock utility designed with the primary goal of security.|https://github.com/google/xsecurelock|{{Pkg|xsecurelock}}}}<br />
* {{App|xtrlock|Very lightweight X display locker. Keeps windows visible and displays lock icon instead of mouse cursor. Typing password followed by enter unlocks the screen.|https://packages.debian.org/sid/xtrlock|{{Pkg|xtrlock}}}}<br />
<br />
==== Password auditing ====<br />
<br />
* {{App|[[Wikipedia:John|John]]|John the Ripper password cracker.|https://www.openwall.com/john|{{Pkg|john}}}}<br />
* {{App|[[Hashcat]]|Multithreaded advanced password recovery utility.|https://hashcat.net/hashcat|{{Pkg|hashcat}}}}<br />
<br />
==== Password managers ====<br />
<br />
See also [[KeePass]].<br />
<br />
===== Console =====<br />
<br />
* {{App|gopass|Advanced console based password manager, supporting GnuPG and other backends.|https://github.com/justwatchcom/gopass|{{Pkg|gopass}}}}<br />
* {{App|KeePassC|Curses-based password manager compatible to KeePass v.1.x.|https://outerhaven.de/keepassc/|{{AUR|keepassc}}}}<br />
* {{App|LastPass|Hosted password manager. |https://www.lastpass.com/|{{Pkg|lastpass-cli}}}}<br />
* {{App|[[pass]]|Simple console-based password manager featuring flat text file organization and GnuPG encryption.|https://www.passwordstore.org/|{{Pkg|pass}}}}<br />
* {{App|pwsafe|Unix command-line program that manages encrypted password databases.|http://nsd.dyndns.org/pwsafe/|{{AUR|pwsafe}}}}<br />
* {{App|spm|Simple Password Manager written entirely in POSIX shell using PGP. Fast, lightweight and easily scriptable.|https://notabug.org/kl3/spm/|{{AUR|spm}}}}<br />
* {{App|tpm|tiny password manager, inspired by pass, written entirely in POSIX shell.|https://github.com/nmeum/tpm|{{AUR|tpm}}}}<br />
* {{App|Ylva|Command-line password manager, written in C, uses OpenSSL.|https://www.ylvapasswordmanager.com/|{{AUR|ylva}}}}<br />
<br />
===== Graphical =====<br />
<br />
* {{App|Bitwarden|Open source password manager with desktop, mobile, browser, and CLI versions. Cloud or self-hosted.|https://bitwarden.com/|{{AUR|bitwarden-bin}}, {{AUR|bitwarden-cli}}}}<br />
* {{App|Encryptr|Zero-knowledge, cloud-based password manager.|https://spideroak.com/encryptr/|{{AUR|encryptr}}}}<br />
* {{App|Enpass|A multiplatform password manager|https://www.enpass.io/|{{AUR|enpass-bin}}}}<br />
* {{App|Figaro's Password Manager 2|GTK2 port of [http://fpm.sourceforge.net/ Figaro's Password Manager] with some new enhancements.|https://als.regnet.cz/fpm2/|{{AUR|fpm2}}}}<br />
* {{App|GNOME Password Safe|Password manager for GNOME which makes use of the KeePass v.4 format.|https://gitlab.gnome.org/World/PasswordSafe|{{Pkg|gnome-passwordsafe}}}}<br />
* {{App|Ked Password Manager|A password manager that helps to manage large numbers of passwords.|http://kedpm.sourceforge.net|{{AUR|kedpm}}}}<br />
* {{App|[[KeePass|KeePass Password Safe]]|Mono-based password manager, which helps you to manage your passwords in a secure way.|https://keepass.info/|{{Pkg|keepass}}}}<br />
* {{App|KeePassX|Qt-based password manager. Compatible with KeePass v.1.x and KeePass v.2.x.|https://www.keepassx.org/|version 1: {{AUR|keepassx}}, version 2: {{AUR|keepassx2}}}} <br />
* {{App|KeePassXC|Community fork of KeePassX with more active development. Compatible with KeePass v.1.x (import only) and KeePass v.2.x.|https://keepassxc.org/|{{Pkg|keepassxc}}}} <br />
* {{App|[[KDE Wallet|KDE Wallet Manager]]|Tool to manage the passwords on your system. By using the KDE wallet subsystem it not only allows you to keep your own secrets but also to access and manage the passwords of every application that integrates with the wallet.|https://www.kde.org/applications/system/kwalletmanager/{{Dead link|2020|02|25}}|{{Pkg|kwalletmanager}}}} <br />
* {{App|OTPClient|Highly secure and easy to use GTK software for two-factor authentication that supports both Time-based One-time Passwords (TOTP) and HMAC-Based One-Time Passwords (HOTP).|https://github.com/paolostivanin/OTPClient|{{AUR|otpclient}}}}<br />
* {{App|Passbook|Modern password manager for GNOME.|https://wiki.gnome.org/Apps/Passbook|{{AUR|passbook}}}}<br />
* {{App|Password Gorilla|A cross-platform password manager.|https://github.com/zdia/gorilla/wiki|{{AUR|password-gorilla}}}}<br />
* {{App|Password Safe|Simple and secure password manager.|https://pwsafe.org/|{{AUR|passwordsafe}}}}<br />
* {{App|QPass|Easy to use password manager with built-in password generator.|http://qpass.sourceforge.net/|{{AUR|qpass}}}}<br />
* {{App|QtPass|GUI for pass, the standard unix password manager.|https://qtpass.org/|{{Pkg|qtpass}}}}<br />
* {{App|Revelation|Password manager for the GNOME desktop.|https://revelation.olasagasti.info/|{{AUR|revelation}}}}<br />
* {{App|[[Wikipedia:Seahorse (software)|Seahorse]]|GNOME application for managing encryption keys and passwords in the GNOME Keyring.|https://wiki.gnome.org/Apps/Seahorse|{{Pkg|seahorse}}}}<br />
* {{App|Universal Password Manager|Allows you to store usernames, passwords, URLs and generic notes in an encrypted database protected by one master password.|http://upm.sourceforge.net/|{{AUR|upm}}}}<br />
<br />
==== Cryptography ====<br />
<br />
===== Hash checkers =====<br />
<br />
* {{app|cfv|Tiny utility to both test and create checksum files, support {{ic|.sfv}}, {{ic|.csv}}, {{ic|.crc}}, {{ic|.md5}}, {{ic|md5sum}}, {{ic|sha1sum}}, {{ic|.torrent}}, {{ic|par}}, and {{ic|.par2}} files.| http://cfv.sourceforge.net/|{{AUR|cfv}}}}<br />
* {{App|GtkHash|A GTK utility for computing message digests or checksums|https://github.com/tristanheaven/gtkhash|{{AUR|gtkhash}}}}<br />
* {{App|hashdeep|A cross-platform tools to compute hashes, or message digests, for any number of files|http://md5deep.sourceforge.net/|{{Pkg|hashdeep}}}}<br />
* {{App|Parano|A GNOME frontend for creating/editing/checking MD5 and SFV files|https://sourceforge.net/projects/parano.berlios/|{{AUR|parano}}}}<br />
* {{App|Quick Hash GUI|A GUI to enable the rapid selection and subsequent hashing of files (individually or recursively throughout a folder structure) text and (on Linux) disks.|https://www.quickhash-gui.org/|{{AUR|quickhash-gui-bin}}}}<br />
* {{App|RHash|Utility for verifying hash sums (SFV, CRC, etc). Supports lots of algorithms.|https://github.com/rhash/RHash/|{{Pkg|rhash}}}}<br />
* {{App|MassHash|A set of file hashing tools (both CLI and GTK GUI) written in Python. Supported algorithms include MD5, SHA-1, SHA-224, SHA-256, SHA-384, SHA-512.|http://jdleicher.github.io/MassHash/|{{AUR|masshash}}}}<br />
* {{App|Parchive|Utility which creates and uses PAR2 files to detect damage in data files and repair them if necessary.|https://github.com/Parchive/par2cmdline|{{Pkg|par2cmdline}}}}<br />
<br />
===== Encryption, signing, steganography =====<br />
<br />
* {{app|ccrypt|A command-line utility for encrypting and decrypting files and streams based on [[Wikipedia:Advanced_Encryption_Standard|Rijndael]].|http://ccrypt.sourceforge.net/|{{AUR|ccrypt}}}}<br />
* {{App|[[Wikipedia:Enigmail|Enigmail]]|A security extension to Mozilla Thunderbird and Seamonkey. It enables you to write and receive email messages signed and/or encrypted with the OpenPGP standard.|https://enigmail.net|{{Pkg|thunderbird-extension-enigmail}}}}<br />
* {{App|GNOME Keysign|GTK/GNOME application to use GnuPG for signing other people's keys. Quickly, easily, and securely.|https://wiki.gnome.org/Apps/Keysign|{{AUR|gnome-keysign}}}}<br />
* {{App|[[GnuPG]]|The GNU project's complete and free implementation of the OpenPGP standard as defined by RFC4880. Free and Open Source replacement of PGP, mostly used for digital signing of packages.|https://gnupg.org/|{{Pkg|gnupg}}}}<br />
* {{App|GPG-Crypter|Graphical front-end to GnuPG(GPG) using the GTK3 toolkit and GPGME library.|https://sourceforge.net/projects/gpg-crypter/|{{Pkg|gpg-crypter}}}}<br />
* {{App|gzsteg|Utility that can hide data in gzip compressed files|http://www.nic.funet.fi/pub/crypt/steganography/}}<br />
* {{App|[[Keybase]]|Key directory mapping social media identities, with cross platform encrypted chat, cloud storage, and git repositories.|https://keybase.io/|{{Pkg|keybase}}}}<br />
* {{App|[[Wikipedia:KGPG|KGpg]]|Simple interface for GnuPG, for KDE.|https://www.kde.org/applications/utilities/kgpg/|{{Pkg|kgpg}}}}<br />
* {{App|Kleopatra|Certificate Manager and Unified Crypto GUI for KDE. It supports managing X.509 and OpenPGP certificates in the GpgSM keybox and retrieving certificates from LDAP servers.|https://www.kde.org/applications/utilities/kleopatra/|{{Pkg|kleopatra}}}}<br />
* {{app|minisign|Simple program that only inplements key signing|https://github.com/jedisct1/minisign|{{pkg|minisign}} }}<br />
* {{App|[[Wikipedia:Seahorse (software)|Seahorse]]|GNOME application for managing encryption keys and passwords in the GNOME Keyring.|https://wiki.gnome.org/Apps/Seahorse|{{Pkg|seahorse}}}}<br />
* {{App|scrypt|Command-line encryption utility featuring the memory-hardened {{ic|scrypt}} key derivation function.|https://www.tarsnap.com/scrypt.html|{{pkg|scrypt}}}}<br />
* {{App|steghide|A steganography utility that is able to hide data in various kinds of image and audio files.|http://steghide.sourceforge.net|{{AUR|steghide}}}}<br />
<br />
===== Data-at-rest encryption =====<br />
<br />
See [[Data-at-rest encryption]].<br />
<br />
==== Privilege elevation ====<br />
<br />
* {{App|[https://man.openbsd.org/doas.1 doas]|A portable version of OpenBSD's doas command, known for being substantially smaller in size compared to sudo.|https://github.com/Duncaen/OpenDoas|{{pkg|opendoas}}}}<br />
* {{App|[[su]]|Command used to assume the identity of another user on the system.|https://git.kernel.org/pub/scm/utils/util-linux/util-linux.git/about/|{{Pkg|util-linux}}}}<br />
* {{App|[[sudo]]|Command to delegate the ability to run commands as root or another user while providing an audit trail.|https://www.sudo.ws/sudo/|{{pkg|sudo}}}}</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Fail2ban&diff=566911Fail2ban2019-02-19T17:40:56Z<p>Wingsuit: Made the instructions more clear.</p>
<hr />
<div>[[Category:Firewalls]]<br />
[[Category:Secure Shell]]<br />
[[ja:Fail2ban]]<br />
[[ru:Fail2ban]]<br />
{{Related articles start}}<br />
{{Related|sshguard}}<br />
{{Related|Security}}<br />
{{Related articles end}}<br />
[http://www.fail2ban.org/wiki/index.php/Main_Page Fail2ban] scans log files (e.g. {{ic|/var/log/httpd/error_log}}) and bans IPs that show the malicious signs like too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. <br />
<br />
{{Warning|Using an IP banning software will stop trivial attacks but it relies on an additional daemon and successful logging. Additionally, if the attacker knows your IP address, they can send packets with a spoofed source header and get your IP address banned. Make sure to specify your IP in {{ic|ignoreip}}.}}<br />
<br />
== Installation ==<br />
<br />
[[Install]] {{Pkg|fail2ban}}.<br />
<br />
== Usage ==<br />
<br />
[[#Configuration|Configure]] fail2ban and [[enable]]/[[start]] {{ic|fail2ban.service}}.<br />
<br />
=== fail2ban-client ===<br />
<br />
The fail2ban-client allows monitoring jails (reload, restart, status, etc.), to view all available commands:<br />
<br />
$ fail2ban-client<br />
<br />
To view all enabled jails:<br />
<br />
# fail2ban-client status<br />
<br />
To check the status of a jail, e.g. for ''sshd'':<br />
<br />
{{hc|# fail2ban-client status sshd|<nowiki><br />
Status for the jail: sshd<br />
|- Filter<br />
| |- Currently failed: 1<br />
| |- Total failed: 9<br />
| `- Journal matches: _SYSTEMD_UNIT=sshd.service + _COMM=sshd<br />
`- Actions<br />
|- Currently banned: 1<br />
|- Total banned: 1<br />
`- Banned IP list: 0.0.0.0<br />
</nowiki>}}<br />
<br />
== Configuration ==<br />
<br />
Due to the possibility of the {{ic|/etc/fail2ban/jail.conf}} file being overwritten or improved during a distribution update, it is recommended to [[Create]] {{ic|/etc/fail2ban/jail.local}} file. <br />
<br />
# cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local <br />
<br />
To change default ban time to 1 day:<br />
<br />
{{hc|/etc/fail2ban/jail.local|<nowiki><br />
[DEFAULT]<br />
bantime = 1d<br />
</nowiki>}}<br />
<br />
Or create separate ''name.local'' files under the {{ic|/etc/fail2ban/jail.d}} directory, e.g. {{ic|/etc/fail2ban/jail.d/sshd.local}}.<br />
<br />
[[Restart]] {{ic|fail2ban.service}} to apply the configuration changes.<br />
<br />
=== Enabling jails ===<br />
By default all jails are disabled. [[Append]] {{ic|1=enabled = true}} to the jail you want to use, e.g. to enable the [[OpenSSH]] jail:<br />
<br />
{{hc|/etc/fail2ban/jail.local|2=<br />
[sshd]<br />
enabled = true<br />
}}<br />
<br />
See [[#Custom SSH jail]].<br />
<br />
=== Receive an alert e-mail ===<br />
<br />
If you want to receive an e-mail when someone has been banned, you have to configure an SMTP client (e.g. [[msmtp]]) and change default action, as given below.<br />
<br />
{{hc|/etc/fail2ban/jail.local|<nowiki><br />
[DEFAULT]<br />
destemail = yourname@example.com<br />
sender = yourname@example.com<br />
<br />
# to ban & send an e-mail with whois report to the destemail.<br />
action = %(action_mw)s<br />
<br />
# same as action_mw but also send relevant log lines<br />
#action = %(action_mwl)s<br />
</nowiki>}}<br />
<br />
=== Firewall and services ===<br />
<br />
Most [[firewalls]] and services should work out of the box. See {{ic|/etc/fail2ban/action.d/}} for examples, e.g. [https://github.com/fail2ban/fail2ban/blob/master/config/action.d/ufw.conf ufw.conf].<br />
<br />
== Tips and tricks ==<br />
<br />
=== Custom SSH jail ===<br />
<br />
{{Warning|If the attacker knows your IP address, they can send packets with a spoofed source header and get your IP address locked out of the server. [[SSH keys]] provide an elegant solution to the problem of brute forcing without these problems.}}<br />
<br />
Edit {{ic|/etc/fail2ban/jail.d/sshd.local}}, add this section and update the list of trusted IP addresses in {{ic|ignoreip}}.<br />
<br />
If your firewall is [[iptables]]:<br />
[sshd]<br />
enabled = true<br />
filter = sshd<br />
banaction = iptables<br />
backend = systemd<br />
maxretry = 5<br />
findtime = 1d<br />
bantime = 2w<br />
ignoreip = 127.0.0.1/8<br />
<br />
fail2ban has IPv6 support since version 0.10. Adapt your firewall accordingly, e.g. start and enable {{ic|ip6tables.service}}.<br />
<br />
{{Note|If your firewall is [[shorewall]], replace {{ic|iptables}} with {{ic|shorewall}}. You can also set {{ic|BLACKLIST}} to {{ic|ALL}} in {{ic|/etc/shorewall/shorewall.conf}}, otherwise the rule added to ban an IP address will affect only new connections.}}<br />
<br />
{{Note|It may be necessary to set {{ic|LogLevel VERBOSE}} in {{ic|/etc/ssh/sshd_config}} to allow full fail2ban monitoring as otherwise password failures may not be logged correctly.}}<br />
<br />
=== Service hardening ===<br />
<br />
Currently, fail2ban must be run as ''root''. Therefore, you may wish to consider hardening the process with [[systemd]].<br />
<br />
Create a [[Systemd#Drop-in files|drop-in]] configuration file for {{ic|fail2ban.service}}:<br />
<br />
{{hc|/etc/systemd/system/fail2ban.service.d/override.conf|2=<br />
[Service]<br />
PrivateDevices=yes<br />
PrivateTmp=yes<br />
ProtectHome=read-only<br />
ProtectSystem=strict<br />
NoNewPrivileges=yes<br />
ReadWritePaths=-/var/run/fail2ban<br />
ReadWritePaths=-/var/lib/fail2ban<br />
ReadWritePaths=-/var/log/fail2ban<br />
ReadWritePaths=-/var/spool/postfix/maildrop<br />
CapabilityBoundingSet=CAP_AUDIT_READ CAP_DAC_READ_SEARCH CAP_NET_ADMIN CAP_NET_RAW<br />
}}<br />
<br />
The {{ic|CapabilityBoundingSet}} parameters {{ic|CAP_DAC_READ_SEARCH}} will allow fail2ban full read access to every directory and file, {{ic|CAP_NET_ADMIN}} and {{ic|CAP_NET_RAW}} allow setting of firewall rules with [[iptables]]. See {{man|7|capabilities}} for more info.<br />
<br />
By using {{ic|1=ProtectSystem=strict}} the [[filesystem]] hierarchy will only be read-only, {{ic|ReadWritePaths}} allows fail2ban to have write access on required paths.<br />
<br />
[[Create]] {{ic|/etc/fail2ban/fail2ban.local}} with the correct {{ic|logtarget}} path:<br />
{{hc|/etc/fail2ban/fail2ban.local|<nowiki><br />
[Definition]<br />
logtarget = /var/log/fail2ban/fail2ban.log<br />
</nowiki>}}<br />
<br />
Finally, [[Systemd#Using_units|reload systemd daemon]] to apply the changes of the unit and [[restart]] {{ic|fail2ban.service}}.<br />
<br />
== See also ==<br />
<br />
* [http://www.the-art-of-web.com/system/fail2ban-action-whitelist/ Using a Fail2Ban Jail to Whitelist a User]<br />
* [http://www.the-art-of-web.com/system/fail2ban-filters/ Optimising your Fail2Ban filters]<br />
* [http://www.the-art-of-web.com/system/fail2ban-sendmail/ Fail2Ban and sendmail]<br />
* [http://www.the-art-of-web.com/system/fail2ban/ Fail2Ban and iptables]<br />
* [http://www.the-art-of-web.com/system/fail2ban-howto/ Fail2Ban 0.8.3 Howto]<br />
* [http://www.the-art-of-web.com/system/fail2ban-log/ Monitoring the fail2ban log]</div>Wingsuithttps://wiki.archlinux.org/index.php?title=LightDM&diff=362308LightDM2015-02-22T03:44:32Z<p>Wingsuit: Autologin needed one more line to work which has bee added.</p>
<hr />
<div>[[Category:Display managers]]<br />
[[es:LightDM]]<br />
[[fr:LightDM]]<br />
[[ja:LightDM]]<br />
[[zh-CN:LightDM]]<br />
{{Related articles start}}<br />
{{Related|Display manager}}<br />
{{Related|GDM}}<br />
{{Related|KDM}}<br />
{{Related|LXDM}}<br />
{{Related articles end}}<br />
<br />
[http://www.freedesktop.org/wiki/Software/LightDM LightDM] is a cross-desktop [[display manager]] that aims to be the standard display manager for the X server. Its key features are:<br />
* A lightweight codebase<br />
* Standards compliant (PAM, logind, etc)<br />
* A well defined interface between the server and the user interface.<br />
* Cross-desktop (user interfaces can be written in any toolkit).<br />
<br />
More details about LightDM's design can be found [http://www.freedesktop.org/wiki/Software/LightDM/Design here].<br />
<br />
== Installation ==<br />
<br />
Install {{Pkg|lightdm}} from the [[official repositories]]. Note that stable releases are even-numbered (1.8, 1.10) while development releases are odd-numbered (1.9, 1.11). These development releases are available with {{AUR|lightdm-devel}} from the [[AUR]]. Also available is {{AUR|lightdm-bzr}} from the [[AUR]].<br />
<br />
=== Greeter===<br />
<br />
You will also need to install a greeter (a user interface for LightDM). The reference greeter is ''lightdm-gtk-greeter'', which is provided by {{Pkg|lightdm-gtk2-greeter}} or {{Pkg|lightdm-gtk3-greeter}}. KDE users can install {{Pkg|lightdm-kde-greeter}}, a greeter based on Qt.<br />
<br />
Other greeters can be installed from the [[AUR]] as well:<br />
* {{AUR|lightdm-another-gtk-greeter}}: A GTK3 greeter with custom theme support<br />
* {{AUR|lightdm-webkit-greeter}}: A greeter that uses Webkit for theming.<br />
* {{AUR|lightdm-crowd-greeter}}: A 3D greeter that lets you select your profile from 3D characters walking around.<br />
* {{AUR|lightdm-unity-greeter}}: The greeter used by Ubuntu's [[Unity]].<br />
* {{AUR|lightdm-razor-greeter}}: A greeter for the [[Razor-qt]] desktop environment.<br />
* {{AUR|lightdm-pantheon-greeter}}: A greeter from the ElementaryOS Project.<br />
<br />
You can change the default greeter by changing the configuration file under the {{ic|[SeatDefaults]}} section, to state:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[SeatDefaults]<br />
...<br />
greeter-session=lightdm-yourgreeter-greeter<br />
}}<br />
<br />
== Enabling LightDM ==<br />
<br />
Make sure to enable {{ic|lightdm.service}} [[systemd#Using units|using systemctl]] so LightDM will be started at boot.<br />
<br />
== Command line tool ==<br />
<br />
LightDM offers a command line tool, {{ic|dm-tool}}, which can be used to lock the current seat, switch sessions, etc, which is useful with 'minimalist' window managers and for testing. To see a list of available commands, execute:<br />
$ dm-tool --help<br />
<br />
== Testing ==<br />
<br />
First, [[Pacman|install]] {{Pkg|xorg-server-xephyr}} from the [[official repositories]].<br />
<br />
Then, run LightDM as an X application:<br />
$ lightdm --test-mode --debug<br />
<br />
== Optional configuration and tweaks ==<br />
<br />
Some greeters have their own configuration files. For example, {{Pkg|lightdm-gtk2-greeter}} and {{Pkg|lightdm-gtk3-greeter}} have:<br />
/etc/lightdm/lightdm-gtk-greeter.conf<br />
and {{Pkg|lightdm-kde-greeter}} has:<br />
/etc/lightdm/lightdm-kde-greeter.conf<br />
as well as a section in KDE's System Settings (recommended).<br />
<br />
LightDM can be configured by directly modifying its configuration script or by using the {{ic|lightdm-set-defaults}} applications that can be found in {{ic|/usr/lib/lightdm/lightdm/}}. To see some of the options available, execute:<br />
$ man lightdm-set-defaults<br />
<br />
There are, however, a lot more variables to modify in the configuration file than by using the {{ic|lightdm-set-defaults}} application.<br />
<br />
=== Changing background images/colors ===<br />
<br />
Users wishing to have a flat color (no image) may simply set the {{ic|background}} variable to a hex color.<br />
<br />
Example:<br />
background=#000000<br />
<br />
If you want to use an image instead, see below.<br />
<br />
==== GTK+ greeter ====<br />
<br />
Users wishing to customize the wallpaper on the greeter screen need to edit {{ic|/etc/lightdm/lightdm-gtk-greeter.conf}} defining the {{ic|background}} variable.<br />
<br />
Example:<br />
background=/usr/share/pixmaps/black_and_white_photography-wallpaper-1920x1080.jpg<br />
<br />
==== Unity greeter ====<br />
<br />
Users using the {{AUR|lightdm-unity-greeter}} must edit the {{ic|/usr/share/glib-2.0/schemas/com.canonical.unity-greeter.gschema.xml}} file and then execute:<br />
# glib-compile-schemas /usr/share/glib-2.0/schemas/<br />
<br />
According to [https://bbs.archlinux.org/viewtopic.php?id=149945 this] page.<br />
<br />
{{Note|It is recommended to place the PNG or JPG file in {{ic|/usr/share/pixmaps}} since the LightDM user needs read access to the wallpaper file.}}<br />
<br />
==== KDE greeter ====<br />
<br />
Go to ''System Settings > Login Screen (LightDM)'' and change the background image for your theme.<br />
<br />
=== Changing your avatar ===<br />
<br />
==== The .face way ====<br />
<br />
Users wishing to customize their image on the greeter screen need to place an PNG image called {{ic|.face}} or {{ic|.face.icon}} in their home directory. Make sure it can be read by LightDM.<br />
<br />
{{Note|As of December 2013, some people have issues where the icon file does not get picked up. The preferred way is to install accountsservice and use the following AccountsService way.}}<br />
<br />
==== The AccountsService way ====<br />
<br />
The .face way is known to cause issues, fortunately LightDM is able to use AccountsService automatically. First make sure the {{pkg|accountsservice}} package from the [[official repositories]] is installed, then set it up as follows, replacing {{ic|''username''}} with the desired user's login name. The use of the ''.png'' file extension is presumably optional. If you are using KDE, you can also change your picture via the KDE System Settings.<br />
<br />
* Edit or create the file {{ic|/var/lib/AccountsService/users/''username''}}, and add the lines<br />
<br />
[User]<br />
Icon=/var/lib/AccountsService/icons/''username''.png<br />
<br />
* Create the file {{ic|/var/lib/AccountsService/icons/''username''.png}} using a 96x96 PNG icon file.<br />
<br />
{{Note|Make sure that both created files have 644 permissions, use [[chmod]] to correct them.}}<br />
<br />
=== Sources of Arch-centric 64x64 icons ===<br />
<br />
The {{AUR|archlinux-artwork}} package from the [[AUR]] contains some nice examples that install to {{ic|/usr/share/archlinux/icons}} and that can be copied to {{ic|/usr/share/icons/hicolor/64x64/devices}} as follows:<br />
<br />
# find /usr/share/archlinux/icons -name "*64*" -exec cp {} /usr/share/icons/hicolor/64x64/devices \;<br />
<br />
After copying, the {{AUR|archlinux-artwork}} package can be removed.<br />
<br />
=== Enabling autologin ===<br />
<br />
Edit the LightDM configuration file and ensure these lines are uncommented and correctly configured:<br />
<br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
[SeatDefaults]<br />
pam-service=lightdm-autologin<br />
autologin-user=''username''<br />
autologin-user-timeout=0<br />
session-wrapper=/etc/lightdm/Xsession<br />
}}<br />
<br />
LightDM goes through PAM even when {{ic|autologin}} is enabled. You must be part of the {{ic|autologin}} group to be able to login without entering your password:<br />
<br />
# groupadd autologin<br />
# gpasswd -a ''username'' autologin<br />
<br />
{{Note|GNOME users, and by extension any gnome-keyring user will have to set up a blank password to their keyring for it to be unlocked automatically.}}<br />
<br />
=== Hiding system and services users ===<br />
To prevent system users from showing-up in the login, install the optional dependency {{Pkg|accountsservice}}, or add the user names to {{ic|/etc/lightdm/users.conf}} under {{ic|hidden-users}}. The first option has the advantage of not needing to update the list when more users are added or removed.<br />
<br />
=== Migrating from SLiM ===<br />
<br />
Move the contents of [[xinitrc]] to [[xprofile]], removing the call to start the [[window manager]] or [[desktop environment]].<br />
<br />
=== NumLock on by default ===<br />
<br />
Install the {{Pkg|numlockx}} package and the edit {{ic|/etc/lightdm/lightdm.conf}} adding the following line:<br />
greeter-setup-script=/usr/bin/numlockx on<br />
<br />
=== User switching under Xfce4 ===<br />
<br />
If you use the [[Xfce]] desktop, the Switch User functionality of the Action Button found in your Application Launcher \ Whisker Menu specifically looks for the ''gdmflexiserver'' executable in order to enable itself. If you provide it with an executable shell script {{ic|/usr/bin/gdmflexiserver}} consisting of<br />
<br />
#!/bin/sh<br />
/usr/bin/dm-tool switch-to-greeter<br />
<br />
then user switching in Xfce should work with Lightdm.<br />
<br />
You can also switch users from the [[XScreenSaver]] lock screen - see [[XScreenSaver#Lightdm]].<br />
<br />
=== Default session ===<br />
<br />
Lightdm, like other DMs, stores the last-selected xsession in {{ic|~/.dmrc}}. See [[Display manager#Session_list]] for more info.<br />
<br />
== Troubleshooting ==<br />
If you encounter consistent screen flashing and ultimately no lightdm on boot, ensure that you have defined the greeter correctly in lightdm's config file. And if you have correctly defined the GTK greeter, make sure the {{ic|xsessions-directory}} (default: {{ic|/usr/share/xsessions}}) exists and contains at least one .desktop file.<br />
<br />
The same error can happen on lightdm startup if the last used session is not available anymore (eg. you last used gnome and then removed the gnome-session package): the easiest workaround is to temporarily restore the removed package. Another solution might be:<br />
<br />
# dbus-send --system --type=method_call --print-reply --dest=org.freedesktop.Accounts /org/freedesktop/Accounts/User1000 org.freedesktop.Accounts.User.SetXSession string:xfce<br />
<br />
This example sets the session "xfce" as default for the user 1000.<br />
<br />
=== Wrong locale displayed ===<br />
<br />
In case of your locale not being displayed correctly in Lightdm add your locale to {{ic|/etc/environment}}<br />
LANG=pt_PT.utf8<br />
<br />
=== Xresources not being parsed correctly ===<br />
<br />
{{Expansion|Link to a bug report.}}<br />
<br />
LightDM has an upstream bug where your [[Xresources]] file will not be loaded with a pre-processor. In practical terms, this means that variables set with {{ic|#define}} are not expanded when called later. You may see this reflected as an all-pink screen if using a custom color set with urxvt. To fix it, edit {{ic|/etc/lightdm/Xsession}} and search for the line:<br />
xrdb -nocpp -merge "$file"<br />
Change it to read:<br />
xrdb -merge "$file"<br />
Your Xresources will now be pre-processed so that variables are correctly expanded.<br />
<br />
=== Missing icons with GTK greeter ===<br />
<br />
If you're using {{Pkg|lightdm-gtk2-greeter}} as a greeter and it shows placeholder images as icons, make sure valid icon themes and themes are installed and configured. Check the following file:<br />
<br />
{{hc|/etc/lightdm/lightdm-gtk-greeter.conf|2=<br />
[greeter]<br />
theme-name=mate # this should be the name of a directory under /usr/share/themes/<br />
icon-theme-name=mate # this should be the name of a fully featured icons set directory under /usr/share/icons/<br />
}}<br />
<br />
=== LightDM freezes on login attempt ===<br />
<br />
You may find that after entering the correct username and password and attempting to log in, LightDM freezes and you are unable to continue to the desktop. To fix the issue, reinstall the {{Pkg|gdk-pixbuf2}} package. See [https://bbs.archlinux.org/viewtopic.php?id=179031 this forum thread].<br />
<br />
=== LigthDM displaying in wrong monitor ===<br />
<br />
If you are using multiple monitors, LightDM may display in the wrong one (eg: if primary monitor is on right side). To force LightDM login screen to display on a specific monitor, edit {{ic|/etc/lightdm/lightdm.conf}} and change the ''display-setup-script'' parameter like this : <br />
{{hc|/etc/lightdm/lightdm.conf|2=<br />
display-setup-script=xrandr --output ''HDMI1'' --primary<br />
}}<br />
<br />
Replace ''HDMI1'' by your real monitor ID, You can find it from '''xrandr''' command output.<br />
<br />
=== Pulseaudio not starting automatically ===<br />
<br />
See [[PulseAudio#Autostarting in unsupported desktop environments]].<br />
<br />
== See also ==<br />
<br />
* {{Pkg|light-locker}}, a screen locker using LightDM.<br />
* [https://wiki.ubuntu.com/LightDM Ubuntu Wiki article]<br />
* [http://wiki.gentoo.org/wiki/LightDM Gentoo Wiki article]<br />
* [https://launchpad.net/lightdm Launchpad Page]<br />
* [http://www.mattfischer.com/blog/?tag=lightdm LightDM blog]</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Improving_performance&diff=286440Improving performance2013-12-06T02:16:44Z<p>Wingsuit: Made a distinction between HDD and SSD partitioning differences.</p>
<hr />
<div>[[Category:Hardware]]<br />
[[Category:System administration]]<br />
[[ar:Maximizing Performance]]<br />
[[es:Maximizing Performance]]<br />
[[ja:Maximizing Performance]]<br />
[[ru:Maximizing Performance]]<br />
[[zh-CN:Maximizing Performance]]<br />
This article provides information on basic system diagnostics relating to performance as well as steps that may be taken to reduce resource consumption or to otherwise optimize the system with the end-goal being either perceived or documented improvements to a system's performance.<br />
<br />
==The basics==<br />
<br />
===Know your system===<br />
<br />
The best way to tune a system is to target the bottlenecks, that is the subsystems that limit the overall speed. They usually can be identified by knowing the specifications of the system, but there are some basic indications:<br />
<br />
* If the computer becomes slow when big applications, like OpenOffice.org and Firefox, are running at the same time, then there is a good chance the amount of RAM is insufficient. To verify available RAM, use this command, and check for the line beginning with -/+buffers:<br />
<br />
$ free -m<br />
<br />
* If boot time is really slow, and if applications take a lot of time to load the first time they are launched, but run fine afterwards, then the hard drive is probably too slow. The speed of a hard drive can be measured using the {{ic|hdparm}} command:<br />
<br />
$ hdparm -t /dev/sdx<br />
<br />
This is only the pure read speed of the hard drive, and is not a valid benchmark, but a value superior to 40MB/s (assuming drive tested while idle) can be considered decent on an average system. hdparm can be found in the [[Official Repositories]].<br />
* If the CPU load is consistently high even when RAM is available, then lowering CPU usage should be a priority. CPU load can be monitored in many ways, like using the {{ic|top}} command:<br />
<br />
$ top<br />
<br />
* If the only applications lagging are the ones using direct rendering, meaning they use the graphic card, like video players and games, then improving the graphic performance should help. First step would be to verify if direct rendering simply is not enabled. This is indicated by the {{ic|glxinfo}} command:<br />
<br />
$ glxinfo | grep direct<br />
<br />
{{ic|glxinfo}} is part of {{Pkg|mesa-demos}} package.<br />
<br />
===The first thing to do===<br />
<br />
The simplest and most efficient way of improving overall performance is to run lightweight environments and applications.<br />
* Use a [[Window Manager|window manager]] instead of a [[Desktop Environment]]. Choices include [[dwm]], [[wmii]], [[i3]], [[Awesome]], [[Openbox]], [[Fluxbox]] and [[JWM]].<br />
* Choose a minimal Desktop Environment over a heavier one like [[GNOME]] or [[KDE]]. Something like [[LXDE]] or [[Xfce]].<br />
* Using lightweight applications. Search [[List of Applications]] for console applications and the Light and Fast Applications Awards threads in the forum: [https://bbs.archlinux.org/viewtopic.php?id=41168 2007], [https://bbs.archlinux.org/viewtopic.php?id=67951 2008], [https://bbs.archlinux.org/viewtopic.php?id=78490 2009], [https://bbs.archlinux.org/viewtopic.php?id=88515 2010], [https://bbs.archlinux.org/viewtopic.php?id=111878 2011], and [https://bbs.archlinux.org/viewtopic.php?id=138281 2012].<br />
* Remove unnecessary [[daemons]].<br />
<br />
=== Compromise ===<br />
<br />
Almost all tuning brings drawbacks. Lighter applications usually come with less features and some tweaks may make a system unstable, or simply require time to implement and maintain. This page tries to highlight those drawbacks, but the final judgment rests on the user.<br />
<br />
=== Benchmarking ===<br />
<br />
The effects of optimization are often difficult to judge. They can however be measured by [[benchmarking]] tools.<br />
<br />
== Storage devices ==<br />
<br />
=== Device layout ===<br />
<br />
One of the biggest performance gains comes from having multiple storage devices in a layout that spreads the operating system work around. Having {{ic|/}} {{ic|/home}} {{ic|/var}} and {{ic|/usr}} on separate disks is dramatically faster than a single disk layout where they are all on the same hard drive.<br />
<br />
==== Swap files ====<br />
<br />
Creating your swap files on a separate disk can also help quite a bit, especially if your machine swaps frequently. It happens if you do not have enough RAM for your environment. Using KDE with all the features and applications that come along may require several GiB of memory, whereas a tiny window manager with console applications will perfectly fit in less than 512 MiB of memory.<br />
<br />
==== RAID benefits ====<br />
<br />
If you have multiple disks (2 or more) available, you can set them up as a software [[RAID]] for serious speed improvements. In a RAID 0 array there is no redundancy in case of drive failure, but for each additional disk you add to the array, the speed of the disk becomes that much faster. The smart choice is to use RAID 5 which offers both speed and data protection.<br />
<br />
==== Multiple hardware paths ====<br />
<br />
An internal hardware path is how the storage device is connected to your motherboard. There are different ways to connect to the motherboard such as TCP/IP through a NIC, plugged in directly using PCIe/PCI, Firewire, Raid Card, USB, etc. By spreading your storage devices across these multiple connection points you maximize the capabilities of your motherboard, for example 6 hard-drives connected via USB would be much much slower than 3 over USB and 3 over Firewire. The reason is that each entry path into the motherboard is like a pipe, and there is a set limit to how much can go through that pipe at any one time. The good news is that the motherboard usually has several pipes.<br />
<br />
More Examples<br />
# Directly to the motherboard using pci/PCIe/ata<br />
# Using an external enclosure to house the disk over USB/Firewire<br />
# Turn the device into a network storage device by connecting over tcp/ip<br />
<br />
Note also that if you have a 2 USB ports on the front of your machine, and 4 USB ports on the back, and you have 4 disks, it would probably be fastest to put 2 on front/2 on back or 3 on back/1 on front. This is because internally the front ports are likely a separate Root Hub than the back, meaning you can send twice as much data by using both than just 1. Use the following commands to determine the various paths on your machine.<br />
<br />
{{hc|USB Device Tree|$ lsusb -tv}}<br />
<br />
{{hc|PCI Device Tree|$ lspci -tv}}<br />
<br />
=== Partitioning ===<br />
<br />
If using a traditional spinning HDD, your partition layout can influence the system's performance. Sectors at the beginning of the drive (closer to the center of the disk) are faster than those at the end. Also, a smaller partition requires less movements from the drive's head, and so speed up disk operations. Therefore, it is advised to create a small partition (10GB, more or less depending on your needs) only for your system, as near to the beginning of the drive as possible. Other data (pictures, videos) should be kept on a separate partition, and this is usually achieved by separating the home directory ({{ic|/home/''user''}}) from the system ({{ic|/}}).<br />
<br />
=== Choosing and tuning your filesystem ===<br />
<br />
Choosing the best filesystem for a specific system is very important because each has its own strengths. The [[File Systems]] article provides a short summary of the most popular ones. You can also find relevant articles [[:Category:File systems|here]].<br />
<br />
==== Mount options====<br />
<br />
Mount options offer an easy way to improve speed without reformatting. They can be set using the mount command:<br />
<br />
$ mount -o option1,option2 /dev/partition /mnt/partition<br />
<br />
To set them permanently, you can modify {{ic|/etc/fstab}} to make the relevant line look like this:<br />
<br />
/dev/partition /mnt/partition partitiontype option1,option2 0 0<br />
<br />
The mount options {{Ic|noatime,nodiratime}} are known for improving performance on almost all file-systems. The former is a superset of the latter (which applies to directories only -- {{Ic|noatime}} applies to both files and directories). In rare cases, for example if you use mutt, it can cause minor problems. You can instead use the {{Ic|relatime}} option (NB relatime is the default in >2.6.30)<br />
<br />
==== Ext3 ====<br />
<br />
See [[Ext3]].<br />
<br />
==== Ext4 ====<br />
<br />
See [[Ext4#Tips_and_tricks | Ext4]].<br />
<br />
==== JFS ====<br />
<br />
See [[JFS Filesystem#Optimizations|JFS Filesystem]].<br />
<br />
==== XFS ====<br />
<br />
{{Merge|XFS}}<br />
For optimal speed, just create an XFS file system with:<br />
<br />
$ mkfs.xfs /dev/thetargetpartition<br />
<br />
Yep, so simple — since all of the [http://xfs.org/index.php/XFS_FAQ#Q:_I_want_to_tune_my_XFS_filesystems_for_.3Csomething.3E "boost knobs" are already "on" by default].<br />
<br />
==== Reiserfs ====<br />
<br />
{{Merge|Reiser4}}<br />
<br />
The {{Ic|1=data=writeback}} mount option improves speed, but may corrupt data during power loss. The {{Ic|notail}} mount option increases the space used by the filesystem by about 5%, but also improves overall speed. You can also reduce disk load by putting the journal and data on separate drives. This is done when creating the filesystem: <br />
<br />
# mkreiserfs –j /dev/sd'''a1''' /dev/sd'''b1'''<br />
<br />
Replace {{ic|/dev/sd'''a1'''}} with the partition reserved for the journal, and {{ic|/dev/sd'''b1'''}} with the partition for data. You can learn more about reiserfs with this [http://www.funtoo.org/en/articles/linux/ffg/2/ article].<br />
<br />
==== Btrfs ====<br />
<br />
See [[Btrfs#Defragmentation|defragmentation]] and [[Btrfs#Compression|compression]].<br />
<br />
=== Tuning kernel parameters ===<br />
<br />
{{Merge|sysctl|It already contains a section on TCP/IP stack hardening, why should it not contain virtual memory settings? Similar information would be kept in one place.}}<br />
<br />
There are several key tunables governing filesystems that users should consider adding to {{ic|[[sysctl|/etc/sysctl.d/99-sysctl.conf]]}} which is auto-loaded at boot by [[systemd]]:<br />
<br />
# Contains, as a percentage of total system memory, the number of pages at which<br />
# a process which is generating disk writes will start writing out dirty data.<br />
vm.dirty_ratio = 3<br />
<br />
# Contains, as a percentage of total system memory, the number of pages at which<br />
# the background kernel flusher threads will start writing out dirty data.<br />
vm.dirty_background_ratio = 2<br />
<br />
As noted in the comments, one needs to consider the total amount of RAM when setting these values. <br />
<br />
*'''vm.dirty_ratio''' defaults to 10 (percent of RAM). Consensus is that 10% of RAM when RAM is say half a GB (so 10% is ~50 MB) is a sane value on spinning disks, but it can be MUCH worse when RAM is larger, say 16 GB (10% is ~1.6 GB), as that's several seconds of writeback on spinning disks. A more sane value in this cause is 3 (16*0.03 ~ 491 MB).<br />
<br />
*'''vm.dirty_background_ratio''' similarly, 5 (% of RAM) by default may be just fine for small memory values, but again, consider and adjust accordingly for the amount of RAM on a particular system.<br />
<br />
=== Compressing /usr ===<br />
<br />
{{Note|As of version 3.0 of the Linux kernel, aufs2 is no longer supported.}}<br />
{{out of date|aufs is no longer in the official repos. Also, read the Note box above.}}<br />
A way to speed up reading from the hard drive is to compress the data, because there is less data to be read. It must however be decompressed, which means a greater CPU load. Some file systems support transparent compression, most notably Btrfs and reiserfs4, but their compression ratio is limited by the 4k block size. A good alternative is to compress {{ic|/usr}} in a squashfs file, with a 64k(128k) block size, as instructed in this [http://forums.gentoo.org/viewtopic-t-646289.html Gentoo forums thread]. What this tutorial does is basically to compress the {{ic|/usr}} folder into a compressed squashfs file-system, then mounts it with aufs. A lot of space is saved, usually two thirds of the original size of {{ic|/usr}}, and applications load faster. However, each time an application is installed or reinstalled, it is written uncompressed, so {{ic|/usr}} must be re-compressed periodically. Squashfs is already in the kernel, and aufs2 is in the official repositories, so no kernel compilation is needed if using the stock kernel.<br />
Since the linked guide is for Gentoo, the next commands outline the steps specifically for Arch. To get it working, [[pacman|install]] the packages {{pkg|aufs2}} and {{pkg|squashfs-tools}}. These packages provide the aufs-modules and some userspace-tools for the squash-filesystem.<br />
<br />
Now we need some extra directories where we can store the archive of {{ic|/usr}} as read-only and another folder where we can store the data changed after the last compression as writeable:<br />
# mkdir -p /squashed/usr/{ro,rw}<br />
Now that we got a rough setup you should perform a complete system-upgrade since every change of content in {{ic|/usr}} after the compression will be excluded from this speedup. If you use prelink you should also perform a complete prelink before creating the archive. Now it is time to invoke the command to compress {{ic|/usr}}:<br />
# mksquashfs /usr /squashed/usr/usr.sfs -b 65536<br />
These parameters/options are the ones suggested by the Gentoo link but there might be some room for improvement using some of the options described [http://www.tldp.org/HOWTO/SquashFS-HOWTO/mksqoverview.html#mksqusing here].<br />
Now to get the archive mounted together with the writeable folder it is necessary to edit {{ic|/etc/fstab}} and add the following lines:<br />
/squashed/usr/usr.sfs /squashed/usr/ro squashfs loop,ro 0 0 <br />
usr /usr aufs udba=reval,br:/squashed/usr/rw:/squashed/usr/ro 0 0<br />
Now you should be done and able to reboot. The original author suggests to delete all the old content of {{ic|/usr}}, but this might cause some problems if anything goes wrong during some later re-compression. It is safer to leave the old files in place.<br />
<br />
A [https://bbs.archlinux.org/viewtopic.php?pid=714052 Bash script] has been created that will automate the process of re-compressing (read updating) the archive since the tutorial is meant for Gentoo and some options do not correlate to what they should be in Arch.<br />
<br />
=== Tuning for an SSD ===<br />
<br />
[[SSD#Tips_for_Maximizing_SSD_Performance]]<br />
<br />
=== RAM disks / tuning for really slow disks ===<br />
<br />
* [http://cs.joensuu.fi/~mmeri/usbraid/ USB stick RAID]<br />
* [https://bbs.archlinux.org/viewtopic.php?pid=493773#p493773 Combine RAM disk with disk in RAID]<br />
<br />
=== USB storage devices ===<br />
<br />
{{Expansion|provide better description, or at least some reference}}<br />
<br />
If you experienced slow copy speed to pendrive (mainly in KDE), then append these three lines in a [[systemd]] tmpfile:<br />
<br />
{{hc|/etc/tmpfiles.d/local.conf|<br />
w /sys/kernel/mm/transparent_hugepage/enabled - - - - madvise<br />
w /sys/kernel/mm/transparent_hugepage/defrag - - - - madvise<br />
w /sys/kernel/mm/transparent_hugepage/khugepaged/defrag - - - - 0<br />
}}<br />
<br />
See also [[#Tuning kernel parameters]].<br />
<br />
== CPU ==<br />
<br />
The only way to directly improve CPU speed is overclocking. As it is a complicated and risky task, it is not recommended for anyone except experts. The best way to overclock is through the BIOS. When purchasing your system, keep in mind that most Intel motherboards are notorious for disabling the capability to overclock.<br />
<br />
Many Intel i5 and i7 chips, even when overclocked properly through the BIOS or UEFI interface, will not report the correct clock frequency to acpi_cpufreq and most other utilities. This will result in excessive messages in dmesg about delays unless the module acpi_cpufreq is unloaded and blacklisted. The only tool known to correctly read the clock speed of these overclocked chips under Linux is i7z. The {{Pkg|i7z}} package is available in the community repo and {{AUR|i7z-git}} is available in the [[AUR]].<br />
<br />
A way to modify performance ([http://lkml.org/lkml/2009/9/6/136 ref]) is to use Con Kolivas' desktop-centric kernel patchset, which, among other things, replaces the Completely Fair Scheduler (CFS) with the Brain Fuck Scheduler (BFS).<br />
<br />
Kernel PKGBUILDs that include the BFS patch can be installed from the [[AUR]] or [[Unofficial User Repositories]]. See the respective pages for {{AUR|linux-ck}} and [[Linux-ck]] wiki page, {{AUR|linux-bfs}} or {{AUR|linux-pf}} for more information on their additional patches.<br />
<br />
{{Note|BFS/CK are designed for desktop/laptop use and not servers. They provide low latency and work well for 16 CPUs or less. Also, Con Kolivas suggests setting HZ to 1000. For more information, see the [http://ck.kolivas.org/patches/bfs/bfs-faq.txt BFS FAQ] and [http://users.on.net/~ckolivas/kernel/ Kernel patch homepage of Con Kolivas].}}<br />
<br />
=== Verynice ===<br />
<br />
[[Verynice]] is a daemon, available in the [[AUR]] as {{AUR|verynice}}, for dynamically adjusting the nice levels of executables. The nice level represents the priority of the executable when allocating CPU resources. Simply define executables for which responsiveness is important, like X or multimedia applications, as ''goodexe'' in {{ic|/etc/verynice.conf}}. Similarly, CPU-hungry executables running in the background, like make, can be defined as ''badexe''. This prioritization greatly improves system responsiveness under heavy load.<br />
<br />
=== Ulatencyd ===<br />
<br />
[[Ulatencyd]] is a daemon that controls how the Linux kernel will spend its resources on the running processes. It uses dynamic cgroups to give the kernel hints and limitations on processes. It supports prioritizing processes for disk I/O as well as CPU shares, and uses more clever heuristics than Verynice. In addition, it comes with a good set of configs out of the box.<br />
<br />
One note of warning, by default it changes the default scheduler of all block devices to cfq, to disable behavior see [[Ulatencyd]].<br />
<br />
== Graphics ==<br />
<br />
=== Xorg.conf configuration ===<br />
<br />
Graphic performance heavily depends on the settings in {{ic|/etc/X11/xorg.conf}}. There are tutorials for [[Nvidia]], [[ATI]] and [[Intel]] cards. Improper settings may stop Xorg from working, so caution is advised.<br />
<br />
=== Driconf ===<br />
<br />
{{Pkg|driconf}} is a small utility that can be found in the [[official repositories]] that allows you to change the direct rendering settings for open source drivers. Enabling HyperZ can drastically improve performance.<br />
<br />
=== GPU overclocking ===<br />
<br />
Overclocking a graphics card is typically more expedient than with a CPU, since there are readily accessible software packages which allow for on-the-fly GPU clock adjustments. For ATI users, get {{AUR|rovclock}} or {{AUR|amdoverdrivectrl}}, and NVIDIA users should get {{AUR|nvclock}} from the AUR. Intel chipsets users can install [http://www.gmabooster.com/ GMABooster] from with the {{AUR|gmabooster}} AUR package.<br />
<br />
The changes can be made permanent by running the appropriate command after X boots, for example by adding it to {{ic|~/.xinitrc}}. A safer approach would be to only apply the overclocked settings when needed.<br />
<br />
== RAM and swap ==<br />
<br />
=== Relocate files to tmpfs ===<br />
<br />
Relocate files, such as your browser profile, to a [[Wikipedia:tmpfs|tmpfs]] file system, including {{ic|/tmp}}, or {{ic|/dev/shm}} for improvements in application response as all the files are now stored in RAM.<br />
<br />
Use an active management script for maximal reliability and ease of use. <br />
<br />
Refer to the [[Profile-sync-daemon]] wiki article for more information on syncing browser profiles.<br />
<br />
Refer to the [[Anything-sync-daemon]] wiki article for more information on syncing any specified folder.<br />
<br />
=== Swappiness ===<br />
<br />
See [[Swap#Swappiness]].<br />
<br />
=== Compcache/Zram ===<br />
<br />
[https://code.google.com/p/compcache/ Compcache], nowadays replaced by the '''zram''' kernel module, creates a device in RAM and compresses it. If you use for swap means that part of the RAM can hold much more information but uses more CPU. Still, it is much quicker than swapping to a hard drive. If a system often falls back to swap, this could improve responsiveness. Zram is in mainline staging (therefore its not stable yet, use with caution).<br />
<br />
The AUR package {{AUR|zramswap}} provides an automated script fot setting up such swap devices with optimal settings for your system (such as RAM size and CPU core number). The script creates one zram device per CPU core with a total space equivalent to the RAM available. To do this automatically on every boot, enable {{ic|zramswap.service}} via [[systemd#Basic systemctl usage|systemctl]]. <br />
<br />
You will have a compressed swap with higher priority than your regular swap which will utilize multiple CPU cores for compessing data.<br />
<br />
{{Tip|Using zram is also a good way to reduce disk read/write cycles due to swap on SSDs.}}<br />
<br />
=== Using the graphic card's RAM ===<br />
<br />
In the unlikely case that you have very little RAM and a surplus of video RAM, you can use the latter as swap. See [[Swap on video ram]].<br />
<br />
=== Preloading ===<br />
<br />
Preloading is the action of putting and keeping target files into the RAM. The benefit is that preloaded applications start more quickly because reading from the RAM is always quicker than from the hard drive. However, part of your RAM will be dedicated to this task, but no more than if you kept the application open. Therefore preloading is best used with large and often-used applications like Firefox and LibreOffice.<br />
<br />
==== Go-preload ====<br />
<br />
{{AUR|gopreload-git}} is a small daemon created in the [http://forums.gentoo.org/viewtopic-t-789818-view-next.html?sid=5457cff93039fc7d4a3e445ef90f9821 Gentoo forum]. To use it, first run this command in a terminal for each program you want to preload at boot:<br />
# gopreload-prepare program<br />
<br />
For regular user take ownership of /usr/share/gopreload/enabled and /usr/share/gopreload/disabled<br />
# chown username:users /usr/share/gopreload/enabled /usr/share/gopreload/disabled<br />
and then gopreload each program you want to preload:<br />
$ gopreload-prepare program<br />
<br />
Then, as instructed, press Enter when the program is fully loaded. This will add a list of files needed by the program in {{ic|/usr/share/gopreload/enabled}}. To load all lists at boot, enable systemd service file:<br />
# systemctl enable gopreload.service<br />
<br />
To disable the loading of a program, remove the appropriate list in {{ic|/usr/share/gopreload/enabled}} or move it to {{ic|/usr/share/gopreload/disabled}}.<br />
<br />
==== Preload ====<br />
<br />
A more automated approach is used by [[Preload]]. All you have to do is enable it with this command:<br />
# systemctl enable preload<br />
It will monitor the most used files on your system, and with time build its own list of files to preload at boot.<br />
<br />
== Boot time ==<br />
<br />
You can find tutorials with good tips in the article [[Improve Boot Performance]].<br />
<br />
=== Suspend to RAM ===<br />
<br />
The best way to reduce boot time is not booting at all. Consider [[Suspend and Hibernate#Suspend to RAM|suspending your system to RAM]] instead.<br />
<br />
== Network ==<br />
<br />
Use a DNS caching server in your local network. Every time a connections is made, the TCP/IP stack must resolve a fully qualified donamin name to an IP address. Only then the connection can be done. To use a DNS caching server directly present in your local network will decreases the latency on new connections. Your DSL router should contain such server, if not you can install your own. See [[Dnsmasq]] for more details.<br />
<br />
== Application-specific tips ==<br />
<br />
=== Firefox ===<br />
<br />
See [[Firefox Tweaks#Performance]] and [[Firefox Ramdisk]].<br />
<br />
Firefox in the official repositories is built with the profile guided optimization flag enabled. You may want to use it in your custom build.<br />
To do this append:<br />
ac_add_options --enable-profile-guided-optimization<br />
to your {{ic|.mozconfig}} file.<br />
<br />
=== Gcc/Makepkg ===<br />
<br />
See [[Ccache]].<br />
<br />
=== Office suites ===<br />
<br />
See [[LibreOffice#Speed up LibreOffice|Speed up LibreOffice]] and [[Openoffice#Speed up OpenOffice|Speed up OpenOffice]].<br />
<br />
=== Pacman ===<br />
<br />
See [[Improve Pacman Performance]].<br />
<br />
=== SSH ===<br />
<br />
See [[SSH#Speeding up SSH|Speed up SSH]].<br />
<br />
== Laptops ==<br />
<br />
See [[Laptop]].</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Talk:Frequently_asked_questions&diff=274575Talk:Frequently asked questions2013-09-07T04:36:00Z<p>Wingsuit: /* Arch on ARM */</p>
<hr />
<div>== Arch on ARM ==<br />
<br />
Since the Arch ARM website links back to this wiki, I figured it would make sense to include support for ARM in the FAQ, do you agree? More specifically, I am referring to the section titled: Q) Why would I not want to use Arch? under the point: you require support for an architecture other than x86_64, i686 or ARM." [[User:Wingsuit|Wingsuit]] ([[User talk:Wingsuit|talk]]) 04:32, 7 September 2013 (UTC)</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Talk:Frequently_asked_questions&diff=274574Talk:Frequently asked questions2013-09-07T04:35:44Z<p>Wingsuit: /* Arch on ARM */</p>
<hr />
<div>== Arch on ARM ==<br />
<br />
Since the Arch ARM website links back to this wiki, I figured it would make sense to include support for ARM in the FAQ, do you agree? More specifically, I am referring to the sections titled: Q) Why would I not want to use Arch? under the point: you require support for an architecture other than x86_64, i686 or ARM." [[User:Wingsuit|Wingsuit]] ([[User talk:Wingsuit|talk]]) 04:32, 7 September 2013 (UTC)</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Talk:Frequently_asked_questions&diff=274573Talk:Frequently asked questions2013-09-07T04:32:45Z<p>Wingsuit: /* Arch on ARM */ new section</p>
<hr />
<div>== Arch on ARM ==<br />
<br />
Since the Arch ARM website links back to this wiki, I figured it would make sense to include support for ARM in the FAQ, do you agree? [[User:Wingsuit|Wingsuit]] ([[User talk:Wingsuit|talk]]) 04:32, 7 September 2013 (UTC)</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Frequently_asked_questions&diff=274572Frequently asked questions2013-09-07T04:28:13Z<p>Wingsuit: /* Added in that Arch supports ARM */</p>
<hr />
<div>[[Category:About Arch]]<br />
[[ar:FAQ]]<br />
[[bg:FAQ]]<br />
[[cs:FAQ]]<br />
[[da:FAQ]]<br />
[[de:FAQ]]<br />
[[es:FAQ]]<br />
[[fa:پرسش و پاسخ]]<br />
[[fr:FAQ]]<br />
[[hr:FAQ]]<br />
[[id:FAQ]]<br />
[[it:FAQ]]<br />
[[ja:FAQ]]<br />
[[ko:FAQ]]<br />
[[lt:FAQ]]<br />
[[nl:FAQ]]<br />
[[pt:FAQ]]<br />
[[ro:Întrebări frecvente]]<br />
[[ru:FAQ]]<br />
[[sk:FAQ]]<br />
[[sv:FAQ]]<br />
[[th:FAQ]]<br />
[[tr:Sss]]<br />
[[zh-CN:FAQ]]<br />
[[zh-TW:FAQ]]<br />
Besides the questions covered below, you may find [[The Arch Way]] and [[Arch Linux]] helpful. Both articles contain a good deal of information about Arch Linux.<br />
<br />
== General ==<br />
<br />
===Q) What is Arch Linux?===<br />
'''A)''' See the article entitled [[Arch Linux]].<br />
<br />
===Q) Why would I want to use Arch?===<br />
'''A)''' If, after reading about the [[The Arch Way]] philosophy, you wish to embrace the 'do-it-yourself' approach and require or desire a simple, elegant, highly customizable, bleeding edge, general purpose GNU/Linux distribution, you may like Arch.<br />
<br />
===Q) Why would I not want to use Arch?===<br />
'''A)''' You may '''not''' want to use Arch, if:<br />
<br />
* after reading [[The Arch Way]], you disagree with the philosophy.<br />
* you do not have the ability/time/desire for a 'do-it-yourself' GNU/Linux distribution.<br />
* you require support for an architecture other than x86_64, i686 or ARM.<br />
* you take a strong stand on using a distribution which only provides free software as defined by GNU.<br />
* you believe an operating system should configure itself, run out of the box, and include a complete default set of software and desktop environment on the installation media.<br />
* you do not want a bleeding edge, rolling release GNU/Linux distribution.<br />
* you are happy with your current OS.<br />
* you want an OS that targets a different userbase.<br />
* you are not insane enough to run an OS developed by Allan<br />
<br />
===Q) What distribution is Arch based on?===<br />
'''A)''' Arch is independently developed, was built from scratch and is not based on any other GNU/Linux distribution. Before creating Arch, Judd Vinet admired and used CRUX, a great, minimalist distribution created by Per Lidén. Originally inspired by ideas in common with CRUX, Arch was built from scratch, and pacman was then coded in C.<br />
<br />
===Q) I am a complete GNU/Linux beginner. Should I use Arch?===<br />
'''A)''' This question has had much debate. Arch is targeted more towards advanced GNU/Linux users, but some people feel that Arch is a good place to start for the motivated novice. If you are a beginner and want to use Arch, just be warned that you must be willing to invest significant time into learning a new system, as well as accept the fact that Arch is fundamentally designed as a DIY (Do-It-Yourself) distribution. It is the user who assembles the system and controls what it will become. Before asking for help, do your own independent research by Googling, searching the forum (and reading the rest of these FAQs) and searching the superb documentation provided by the Arch Wiki. ''There is a reason these resources were made available to you in the first place.'' Many thousands of ''volunteered'' hours have been spent compiling this excellent information.<br />
<br />
Recommended reading: The Arch Linux [[Beginners' Guide]].<br />
<br />
===Q) Arch requires too much time and effort to install and use. Also, the community keeps telling me to RTFM in so many words===<br />
'''A)''' Arch is designed for and used by a specifically targeted user base. Perhaps it is not right for you. See [[#Q)_I_am_a_complete_GNU/Linux_beginner._Should_I_use_Arch?|above]].<br />
<br />
===Q) Is Arch designed to be used as a server? A desktop? A workstation?===<br />
'''A)''' Arch is not designed for any particular type of use. Rather, it is designed for a particular type of ''user''. Arch targets competent users who enjoy its do-it-yourself nature, and who further exploit it to shape the system to fit their unique needs. Therefore, in the hands of its target user base, Arch can be used for virtually any purpose. Many use Arch on both their desktops and workstations. And of course, archlinux.org runs on Arch.<br />
<br />
===Q) I really like Arch, except the development team needs to implement ''"feature X"''===<br />
'''A)''' Before going further, did you read [[The Arch Way]]? Have you provided the feature/solution? Does it conform to the Arch philosophy of ''minimalism'' and ''code-correctness over convenience''? Get involved, contribute your code/solution to the community. If it is well regarded by the community and development team, perhaps it will be merged. The Arch community thrives on contribution and sharing of code and tools.<br />
<br />
===Q) When will the new release be made available?===<br />
'''A)''' Arch Linux releases are simply a snapshot of the [core] repository, and are issued usually in the first half of every month.<br />
<br />
The rolling release model keeps every Arch Linux system current and on the bleeding edge by issuing one command. For this reason, releases are not terribly important in Arch, because they become out of date as soon as a package has been updated. If you are looking to obtain the latest Arch Linux release, you do not need to reinstall. You simply run the {{ic|pacman -Syu}} command, and your system will be identical to what you would get with a brand-new install. For this same reason, new Arch Linux releases are not typically full of new and exciting features. New and exciting features are released as needed with the packages that are updated, and can be obtained immediately via {{ic|pacman -Syu}}.<br />
<br />
===Q) Is Arch Linux a stable distribution? Will I get frequent breakage?===<br />
'''A)''' The short answer is: It is largely as stable as ''you'' make it.<br />
<br />
''You'' assemble your own Arch system, atop the simple base environment, and ''you'' control system upgrades. Obviously, a larger, more complicated system incorporating multitudes of customized packages, and a plethora of toolkits and desktop environments would be more likely to experience configuration problems due to upstream changes than a slimmer, more simple system would. Arch is targeted at capable, proactive users. General UNIX competence and good system maintenance and upgrade practices also play a large role in system stability. Also recall that Arch packages are predominantly unpatched, so most application problems are inherently upstream.<br />
<br />
Therefore, it is ''the user'' who is ultimately responsible for the stability of his own rolling release system. The user decides when to upgrade, and merges necessary changes when required. If the user reaches out to the community for help, it is often provided in a timely manner. The difference between Arch and other distributions in this regard is that Arch is truly a 'do-it-yourself' distribution; complaints of breakage are misguided and unproductive, since upstream changes are not the responsibility of Arch devs.<br />
<br />
===Q) Arch needs more press (i.e. advertisement)===<br />
'''A)''' Arch gets plenty of press as it is. The goal of Arch Linux is not to be large, but rather, to provide an elegant, minimalist and bleeding edge distribution focused on simplicity and code-correctness. Organic, sustainable growth occurs naturally amongst the target user base.<br />
<br />
===Q) Arch needs more developers===<br />
'''A)''' Possibly so. Feel free to volunteer your time! Visit the [https://bbs.archlinux.org forums], [[IRC_Channel|IRC channels]], and [https://mailman.archlinux.org/mailman/listinfo/ mailing lists], and see what needs to be done. Getting involved in the Community Contributions subforum is a good way to start.<br />
<br />
===Q) Why is my internet so slow compared to other operating systems?===<br />
'''A)''' Is your network configured correctly? Have a look at [[Beginners' Guide#Hostname|Hostname]] and [[Beginners' Guide#Configure the network|Configure the network]] from the Beginners' Guide.<br />
<br />
Also note that Arch Linux does not come with [[Wikipedia:Traffic_shaping|traffic shaping]] enabled. Thus, it is possible that if a program on it somehow utilizes your internet connection to the full – regardless if it's over P2P or classic client-server connections – other local ones will find it clogged, resulting in severe lags and timeouts. Relief can be provided by [[firewalls]] such as Shorewall or Vuurmuur; there are also static scripts for {{Pkg|iproute2}} (such as [http://serendipity.ruwenzori.net/index.php/2008/06/01/modified-wondershaper-for-better-voip-qos this derivative] of Wondershaper), which allow shaping on the network layer.<br />
<br />
===Q) Why is Arch using all my RAM?===<br />
'''A)''' Essentially, unused RAM is wasted RAM.<br />
<br />
Many new users notice how the Linux kernel handles memory differently than they are used to. Since accessing data from RAM is much faster than from a storage drive, the kernel caches recently accessed data in memory. The cached data is only cleared when the system begins to run out of available memory and new data needs to be loaded.<br />
<br />
Perhaps the most common culprit of this confusion is the {{ic|free}} command:<br />
<br />
{{hc|$ free -m|<br />
total used free shared buffers cached<br />
Mem: 1009 741 267 0 104 359<br />
-/+ buffers/cache: 278 731<br />
Swap: 1537 0 1537}}<br />
<br />
It is important to note the {{ic|-/+ buffers/cache:}} line -- a representation of the amount of memory that is actually in "active use" and the amount of "available" memory, rather than "unused".<br />
<br />
In the above example, a laptop with 1G of total RAM appears to be using 741M of it, with naught but a few idling terminals and a web browser open! However, upon examining the emphasized line, see that only 278M of it is in "active use", and in fact 731M is "available" for new data. Apparently, 104M of that "used" memory contains buffered data and 359M contains cached data, both of which can be cleared away if needed. Only 267M of the total is truly "free" of the burden of data storage.<br />
<br />
The result of all this? Performance!<br />
<br />
See [http://www.linuxjournal.com/article/2770 this wonderful article] if your curiosity has been piqued! There's also a website dedicated to clearing this confusion: http://www.linuxatemyram.com/<br />
<br />
===Q) Where did all my free space go?===<br />
'''A)''' The answer to this question depends on your system. There are some [[Common Applications#Disk usage display programs|fine utilities]] that may help you find the answer.<br />
<br />
== Package Management ==<br />
<br />
===Q) In which package is X?===<br />
'''A)''' You can find out with [[pkgfile]].<br />
<br />
For example:<br />
<br />
$ pkgfile ''file_name''<br />
<br />
===Q) I've found an error with Package X. What should I do?===<br />
'''A)''' First, you need to figure out if this error is something the Arch team can fix. Sometimes it's not (e.g. Firefox crashes may be the fault of the Mozilla team); this is called an ''upstream error''. If it is an Arch problem, there is a series of steps you can take:<br />
<br />
# Search the forums for information. See if anyone else has noticed it.<br />
# Post a [[Reporting Bug Guidelines|bug report]] with detailed information at https://bugs.archlinux.org.<br />
# If you'd like, write a forum post detailing the problem and the fact that you have reported it already. This will help prevent a lot of people from reporting the same error.<br />
<br />
===Q) Arch packages need to use a unique naming convention. ".pkg.tar.gz" and ".pkg.tar.xz" are too long and/or confusing===<br />
'''A)''' This has been discussed on the Arch mailing list. Some proposed a {{ic|.pac}} file extension. As far as is currently known, there is no plan to change the package extension. As Tobias Kieslich, one of the Arch devs, put it, "''A package '''is''' a gzipped'' [xz] ''tarball! And it can be opened, investigated and manipulated by any tar-capable application. Moreover, the mime-type is automatically detected correctly by most applications.''"<br />
<br />
===Q) Pacman needs a library so other applications can easily access package information===<br />
'''A)''' Since version 3.0.0, pacman has been the front-end to libalpm, the "Arch Linux Package Management" library. This library allows alternative front-ends to be written (for instance, a GUI front-end).<br />
<br />
===Q) Why doesn't pacman have an official GUI front-end?===<br />
'''A)''' Please read [[The Arch Way]] and [[Arch Linux]]. Basically, the answer is that the Arch dev team will not be providing one. Feel free to use one developed by other users. A selective list can be found in [[Pacman GUI Frontends]].<br />
<br />
===Q) Pacman needs ''"feature X"!''===<br />
'''A)''' Please read [[The Arch Way]] and [[Arch Linux]]. The Arch philosophy is "Keep It Simple". If you think the idea has merit, and does not violate this simple litany, then you may choose to discuss it on the forum [https://bbs.archlinux.org/ here]. You might also like to check [https://bugs.archlinux.org here]; it is a place for feature requests if you find it is important.<br />
<br />
However, the best way to get a feature added to pacman or Arch Linux is to implement it yourself. The patch or code may or may not be officially accepted, but perhaps others will appreciate, test and contribute to your effort.<br />
<br />
===Q) Arch needs a stable package branch===<br />
'''A)''' Check out [http://www.archserver.org/ ArchServer].<br />
<br />
===Q) What is the difference between all these repositories?===<br />
'''A)''' See [[Official Repositories]].<br />
<br />
===Q) I just installed Package X. How do I start it?===<br />
'''A)''' If you're using a desktop environment like [[KDE]] or [[GNOME]], the program should automatically show up in your menu. If you're trying to run the program from a terminal and do not know the binary name, use:<br />
<br />
$ pacman -Qlq ''package_name'' | grep bin<br />
<br />
===Q) Why is there only a single version of each shared library in the official repositories?===<br />
'''A)''' Several distributions, such as Debian, have different versions of shared libraries packaged as different packages: {{ic|libfoo1}}, {{ic|libfoo2}}, {{ic|libfoo3}} and so on. In this way it is possible to have apps compiled against different versions of {{ic|libfoo}} installed on the same system.<br />
<br />
Unlike Debian, Arch is a rolling-release cutting-edge distribution. The most visible trait of a cutting-edge distribution is availability of the latest versions of software in the repositories; in case of a distribution like Arch, it also means that only the latest versions of all packages are officially supported. By dropping support for outdated software, package maintainers are able to spend more time ensuring that the newest versions work as expected. As soon as a new version of a shared library becomes available from upstream, it is added to the repositories and affected packages are rebuilt to utilize the new version.<br />
<br />
===Q) What if I run "pacman -Syu" and there will be an update for a shared library, but not for the apps that depend on it?===<br />
'''A)''' This scenario should not happen at all. Assuming an application called {{ic|foobaz}} is in one of the official repositories and builds successfully against a new version of a shared library called {{ic|libbaz}}, it will be updated along with {{ic|libbaz}}. If, however, it doesn't build successfully, {{ic|foobaz}} package will have a versioned dependency (e.g. ''libbaz 1.5''), and will be removed by pacman during {{ic|libbaz}} upgrade, due to a conflict.<br />
<br />
If {{ic|foobaz}} is a package that you built yourself and installed from AUR, you should try rebuilding {{ic|foobaz}} against the new version of {{ic|libbaz}}. If the build fails, report the bug to the {{ic|foobaz}} developers.<br />
<br />
===Q) Is it possible that there's a major kernel update in the repository, and that some of the driver packages haven't been updated?===<br />
'''A)''' No, it is not possible. Major kernel updates (e.g. ''linux 3.5.0-1'' to ''linux 3.6.0-1'') are always accompanied by rebuilds of all supported kernel driver packages. On the other hand, if you have an unsupported driver package installed on your system, such as {{AUR|catalyst}}, then a kernel update might break things for you if you do not rebuild it for the new kernel. Users are responsible for updating any unsupported driver packages that they have installed.<br />
<br />
===Q) Does Arch use package signing?===<br />
'''A)''' Yes. Package signing in [[pacman]] has been implemented since version 4. See [[package signing]] for more information.<br />
<br />
===Q) What to do before upgrading?===<br />
'''A)''' It is important in Arch Linux, before upgrading to "Check the front page [https://www.archlinux.org/ Arch news], [https://mailman.archlinux.org/mailman/listinfo/arch-announce/ Announcement lists], and optionally the [https://bbs.archlinux.org/ forum] and [https://mailman.archlinux.org/mailman/listinfo/ Mailing Lists], before hitting enter." Any special instructions will be posted there.<br />
<br />
== Installation ==<br />
<br />
===Q) Arch needs an installer. Maybe a GUI installer===<br />
'''A)''' Since installation doesn't occur often (read the rest of this article to know more about what ''rolling release'' means), it is not a high priority for developers or users. The [[Installation Guide]] and [[Beginners' Guide]] have been fully updated to use the command-line method. If you're still interested in using an installer, consider using [[Archboot]].<br />
<br />
===Q) I installed Arch, and now I am at a shell! What now?===<br />
'''A)''' Have a look at the Arch Linux [[Beginners' Guide]].<br />
<br />
===Q) Which desktop environment or window manager should I use?===<br />
'''A)''' Since many are available to you, use the one you like the most to fit your needs. Have a look at the [[Desktop Environment]] and [[Window Manager]] articles.<br />
<br />
===Q) What makes Arch unique amongst other "minimal" distributions?===<br />
'''A)''' Some distributions may provide minimal installation methods, sharing some similarities to the Arch installation process. However, a few points must be noted:<br />
<br />
# Arch has been ''fundamentally designed'' as a lightweight, minimal base environment upon which to build.<br />
# The ''only'' way to install Arch is by building up from this minimal base.<br />
# The base system and the entire distribution are inherently a K.I.S.S. design approach, which makes it uniquely suitable for its target base of users.<br />
# Installing services and packages requires manual, interactive user configuration. Unlike other distributions which automatically configure services and startup behavior, the Arch philosophy puts emphasis on the power user's competence and prerogative to handle such responsibilities.<br />
# Arch packaging is designed to be minimal, and ''optional'' package dependencies are never automatically installed. Rather, the user is simply notified of their existence during package installation, resulting in a slimmer system.<br />
# Arch provides excellent, thorough documentation, aiding in the process of system assembly.<br />
<br />
== Other ==<br />
<br />
===Q) What is this AUR thing I keep hearing about?===<br />
'''A)''' See [[Arch User Repository#FAQ]].<br />
<br />
===Q) Why do I get a green screen whenever I try to watch a video?===<br />
'''A)''' Your color depth is set wrong. It may need to be 24 instead of 16, for example.<br />
<br />
===Q) Spellcheck is marking all of my text as incorrect!===<br />
'''A)''' Have you installed an {{Pkg|aspell}} dictionary? Use {{ic|pacman -Ss aspell}} to see available dictionaries for downloading.<br />
<br />
If installing the dictionary files did not resolve the problem, it is most likely a problem with {{ic|enchant}}. Check for known dictionary files:<br />
<br />
{{hc|$ aspell dicts|<br />
en<br />
en_GB<br />
...etc}}<br />
<br />
If your respective language dictionary is listed, add it to {{ic|/usr/share/enchant/enchant.ordering}}. From the above example, it would be:<br />
<br />
en_GB:aspell</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Enhance_system_stability&diff=271226Enhance system stability2013-08-15T07:08:43Z<p>Wingsuit: /* directory highlighting */</p>
<hr />
<div>[[Category:System administration]]<br />
[[fr:Enhancing Arch Linux Stability]]<br />
[[ja:Enhancing Arch Linux Stability]]<br />
[[zh-CN:Enhancing Arch Linux Stability]]<br />
The purpose of this wiki article is to provide tips on how to make an Arch Linux system as stable as possible. While Arch Developers and Trusted Users work hard to produce high quality packages, given Arch's rolling release system and rapid package turnover, an Arch system may not be suitable for a mission critical, commercial production environment.<br />
<br />
However, Arch is inherently stable due to its commitment to simplicity in configuration, coupled with a rapid bug-report/bug-fix cycle, and the use of unpatched upstream source code. Thus, by following the advice below on setting up and maintaining Arch, the user should be able enjoy a very stable system. Furthermore, advice is included that will ease system repair in the event of a major malfunction.<br />
<br />
How stable can Arch Linux really be? There are numerous reports in the Arch forums of skilled system administrators successfully using Arch for production servers. Archlinux.org is one such example. On the desktop, a properly configured and maintained Arch installation can offer excellent stability.<br />
<br />
== Setting Up Arch ==<br />
<br />
When first installing and configuring Arch Linux, the user has a variety of choices to make about configuration, software, and drivers. These choices will impact overall system stability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Keeping old packages in a large /var partition ====<br />
<br />
Pacman archives all of the previously installed packages in {{ic|/var/cache/pacman/pkg}}, which over time may grow to a few GB in size. If you are setting up separate partitions during installation, always be sure to allocate plenty of space for a large /var partition. 4 to 8 GB should do, although more may be required for some server uses. Retaining these packages is helpful in case a recent package upgrade causes instability, requiring a downgrade to an older, archived package. See the section below entitled, [[#Revert package upgrades that cause instability]].<br />
<br />
==== Use recommended configurations ====<br />
<br />
In the detailed Arch Linux installation and configuration documentation, there is often more than one way to configure a specific aspect of the system. Always choose the recommended, default configuration when setting up the system. The recommended, default configurations reflect best practices, chosen for optimum system stability and ease of system repair.<br />
<br />
==== Be careful with unofficial and less tested packages ====<br />
<br />
Avoid any use of the testing repository, or individual packages from testing. These experimental packages are for development and testing, and are not suitable for a stable system.<br />
<br />
Use precaution when using packages from AUR. Most of the packages in AUR are supplied by user and thus might not have the same packaging standard as those in official repositories. Always check AUR package's PKGBUILD for any signs of mistake or malicious code before you build and install them.<br />
<br />
Be careful with [[AUR helpers]] which highly simplify installation of AUR packages and could lead to user build and install package that have malformed or malicious PKGBUILD. You should '''always''' sanity check PKGBUILDs before building and/or installing the package.<br />
<br />
Finally, it is extremely unwise to ever run any [[AUR helpers]], or the [[makepkg]] command as root user.<br />
<br />
Only use 3rd party repository if absolutely necessary or if you know what you're doing. Always use 3rd party repository from a trusted source.<br />
<br />
==== Use up-to-date mirrors ====<br />
<br />
Use mirrors that are frequently updated with the latest packages from the main Arch FTP server. Review the [https://www.archlinux.org/mirrors/status/ Mirror Status webpage] to verify that your chosen mirror is up to date. By using recently rsync'd mirrors, this ensures that your system will always have the freshest packages and package databases available during the course of routine maintenance.<br />
<br />
Also, if it is used, edit the mirror list in {{ic|/etc/pacman.d}} by placing local mirrors, those within your country or region, at the top of the list. Refer to the [[Mirrors#Enabling_your_favorite_mirror| Enabling your favorite mirror]] Arch wikipage section for additional details, including the installation of the [[Mirrors#List_by_speed|rankmirrors]] script to enable the fastest mirrors. These steps will ensure that the system uses the fastest, most reliable mirrors.<br />
<br />
After changing the server mirror used for updates, ensure that your system is up-to-date by doing pacman -Syu.<br />
<br />
==== Avoid development packages ====<br />
<br />
To prevent serious breakage of the system, do not install any development packages, which are usually found in AUR and occasionally in community. These are packages taken directly from upstream development branches, and usually feature one of the following words appended to the package name: dev, devel, svn, cvs, git, hg, bzr, or darcs.<br />
<br />
Most especially, avoid installing any development version of crucial system packages such as the kernel or glibc.<br />
<br />
If building a custom package using makepkg, be sure that the PKGBUILD follows the [[Arch Packaging Standards]], including a provides array. Use namcap to check the final .tar.gz or PKGBUILD file.<br />
<br />
==== Install the linux-lts package ====<br />
<br />
The {{Pkg|linux-lts}} package is an alternative Arch kernel package based upon Linux kernel 3.0 and is available in the [core] repository. This particular kernel version enjoys '''l'''ong-'''t'''erm '''s'''upport (LTS) from upstream, including security fixes and some feature backports, especially useful for Arch users seeking to use such a kernel on a server, or who want a fallback kernel in case a new kernel version causes problems.<br />
<br />
To make it available as a boot option, you will need to update the bootloader's configuration file. For example, if you use [[Syslinux]], you have to edit {{ic|/boot/syslinux/syslinux.cfg}} and duplicate the current entries, except using {{ic|vmlinuz-linux-lts}} and {{ic|initramfs-linux-lts.img}}. For [[GRUB]], the recommended method is to automatically [[GRUB#Generate_GRUB2_BIOS_Config_file|re-generate the .cfg]].<br />
<br />
Some prefer to install the {{Pkg|linux-lts}} package in addition to the regular {{Pkg|linux}} package and edit the Fallback entry to use the LTS kernel.<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Use the package manager to install software ====<br />
<br />
The package manager (in Arch: [[pacman]]) does a much better job than you at keeping track of files. If you install things manually you ''will'', sooner or later forget what you did, where you installed to, install conflicting stuff, install to wrong locations etc.<br />
<br />
From a stability standpoint you should try to avoid unsupported package and custom software, but if you really need such things making a package is better than manually compiling and installing.<br />
<br />
You should also disable make install command (which is typical for beginning of all problems) in /root/.bashrc<br />
make() {<br />
[ "$1" == 'install' ] &&<br />
echo -e "WARNING:\nDON'T INSTALL SOFTWARE MANUALLY\nDON'T USE unset make TO OVERRIDE" &&<br />
echo "Tip: It's easy to make own custom package see: man PKGBUILD makepkg" &&<br />
return 1;<br />
/usr/bin/make $@;<br />
}<br />
<br />
==== Use proven, mainstream software packages ====<br />
<br />
Install mature, proven, mainstream software; while avoiding cutting edge software that is still buggy. Try to avoid installing "point-oh", aka x.y.0, software releases. For example, instead of installing Foobar 2.5.0, wait until Foobar 2.5.1 is available. Do not deploy newly developed software until it is proven to be reliable. For example, PulseAudio's early versions could be unreliable. Users interested in maximum stability would use the ALSA sound system instead. Finally, use software that has a strong and active development community.<br />
<br />
==== Choose open-source drivers ====<br />
<br />
Wherever possible, choose open source drivers. Try to avoid proprietary drivers. Most of the time, open source drivers are more stable and reliable than proprietary drivers. Open source driver bugs are fixed more easily and quickly. While proprietary drivers can offer more features and capabilities, this can come at the cost of stability. To avoid this dilemma, choose hardware components known to have mature open source driver support with full features. Information about hardware with open source Linux drivers is available at [http://www.linux-drivers.org/ linux-drivers.org].<br />
<br />
== Maintaining Arch ==<br />
<br />
In addition to configuring Arch for stability, there are steps one can take during maintenance which will enhance stability. Paying attention to a few SysAdmin details will help to ensure continued system reliability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Upgrade entire system with reasonable frequency ====<br />
<br />
Many Arch users update frequently, even upgrading their systems daily using {{Ic|pacman -Syu}}. While updating so frequently is not necessary, one should upgrade fairly often to enjoy the latest bugfix and security updates. Weekly or biweekly upgrades are thus a good idea.<br />
<br />
If the system has packages from the AUR, carefully upgrade all AUR packages.<br />
<br />
==== Read before upgrading the system ====<br />
<br />
Before upgrading Arch, always read the latest [https://www.archlinux.org/news/ Arch News] to find out if there are any major software or configuration changes with the latest packages. Before upgrading fundamental software, such as the kernel, xorg, or glibc to a new version; look over the appropriate [https://bbs.archlinux.org/ webforum] to see if there have been any reported problems.<br />
<br />
==== Act on alerts during an upgrade ====<br />
<br />
When upgrading the system, be sure to pay attention to the alert notices provided by pacman. If any additional actions are required by the user, be sure to take care of them right away. If a pacman alert is confusing, search the forums and the recent news posts for more detailed instructions.<br />
<br />
==== Deal promptly with .pacnew, .pacsave, and .pacorig files ====<br />
<br />
When pacman removes a package that has a configuration file, it normally creates a backup copy of that config file and appends .pacsave to the name of the file. Likewise, when pacman upgrades a package which includes a new config file created by the maintainer differing from the currently installed file, it writes a .pacnew config file. Occasionally, under special circumstances, a .pacorig file is created. Pacman provides notice when these files are written.<br />
<br />
Users must deal with these files promptly when pacman creates them, in order to ensure optimum system stability. Users are referred to the [[Pacnew and Pacsave Files]] wiki page for detailed instructions.<br />
<br />
==== Consider using pacmatic ====<br />
<br />
[http://kmkeen.com/pacmatic/index.html Pacmatic] is a pacman wrapper which automates the process of checking Arch News prior to upgrading. Pacmatic also ensures that the local pacman database is correctly synchronized with online mirrors, thus avoiding potential problems with botched pacman -Sy database updates. Finally, it provides more stringent warnings about updated or obsolete config files. pacman can be aliased to pacmatic, and various [[AUR helpers]] can be configured to use it instead of pacman.<br />
<br />
==== Avoid certain pacman commands ====<br />
<br />
Arch being a rolling release distribution, it can be dangerous to refresh pacman databases without doing a full system upgrade immediately after. Avoid using {{Ic|pacman -Sy package}} to install a package, but always use {{Ic|pacman -S package}} instead. And upgrade your system regularly with {{Ic|pacman -Syu}}.<br />
<br />
Avoid using the {{ic|-f}} option with pacman, '''especially''' in commands such as {{Ic|pacman -Syuf}} involving more than one package. The {{ic|--force}} option ignores file conflicts and can even cause file loss when files are relocated between different packages! In a properly maintained system, it should never need to be used.<br />
<br />
Do not use {{Ic|pacman -Rdd package}}. Using the -d flag skips dependency checks during package removal. As a result, a package providing a critical dependency could be removed, resulting in a broken system.<br />
<br />
Never run {{Ic|pacman -Scc}} unless there is a desperate need for the disk space, and little or no need for archived package files. It is safer to keep older packages available in the cache archives in the event a package upgrade causes problems, requiring a package reversion. Instead, just use {{ic|pacman -Sc}} to clean out the archived packages in the pacman cache, of packages previously removed from the pacman database.<br />
<br />
Make sure to only use this command if there is no intention of re-installing recently removed packages. If such packages are re-installed after this command has been executed, there will be no older, archived versions of the packages in the pacman cache.<br />
<br />
In the event that /var disk space becomes scarce, move '''all''' archived packages to the home directory using the [http://www.3111skyline.com/download/Archlinux/scripts/ fduparch.sh script]. Use the [http://www.3111skyline.com/download/Archlinux/scripts/fduppkg fduppkg script] to move all but the last previously installed package versions in the pacman cache archives, to the home directory.<br />
<br />
==== Revert package upgrades that cause instability ====<br />
<br />
In the event that a particular package upgrade results in system instability, install the last known stable version of the package from the local pacman cache using the following command:<br />
<br />
pacman -U /var/cache/pacman/pkg/Package-Name.pkg.tar.gz<br />
<br />
For more detailed information on reverting to older packages, consult the Arch wikipage, [[Downgrading Packages]].<br />
<br />
Once the package is reverted, temporarily add it to the [[Pacman#Skip_package_from_being_upgraded|IgnorePkg section of pacman.conf]], until the difficulty with the updated package is resolved. Consult the Arch wiki and/or webforums for advice, and file a bug report if necessary.<br />
<br />
==== Regularly backup a list of installed packages ====<br />
<br />
At regular intervals, create a list of installed packages and store a copy on one or more offline media, such as a USB stick, external hard drive, or CD-R. Use the following command to create a pkglist:<br />
<br />
pacman -Qqne > /path/to/chosen/directory/pkg.list<br />
<br />
In the event of a catastrophic system failure requiring a complete re-installation, these packages can be quickly reinstalled using the command:<br />
<br />
pacman -S --needed $(< /path/to/chosen/directory/pkg.list )<br />
<br />
==== Regularly backup the pacman database ====<br />
<br />
The following command can be used to backup the local pacman database, and can be run as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/pacman-database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
Restore the backup pacman database file by moving the pacman-database.tar.bz2 file into the / directory and executing the following command:<br />
<br />
tar -xjvf pacman-database.tar.bz2<br />
<br />
If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult the Arch wikipage, [[Pacman_Tips#Restore_pacman.27s_local_database|How To Restore Pacman's Local Database]].<br />
<br />
===== Systemd Automation =====<br />
<br />
You can configure [https://wiki.archlinux.org/index.php/Systemd systemd] to backup the pacman database everytime a new package is installed or updated, save and run the following scripts. See [[Pacman Tips#Backing up Local database with Systemd|here]].<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Subscribe to NVD/CVE alerts and only upgrade on a security alert ====<br />
<br />
Subscribe to the Common Vulnerabilities and Exposure Security Alert updates, made available by National Vulnerability Database, and found on the [http://nvd.nist.gov/download.cfm NVD Download webpage]. Only update the Arch system when a security alert is issued for a package installed on that particular system.<br />
<br />
This is the alternative to upgrading the entire system frequently. It ensures that security problems in various packages are resolved promptly, while keeping all the rest of the packages frozen in a known, stable configuration. However, reviewing the frequent CVE Alerts to see if any apply to installed Arch packages can be tedious and time consuming.<br />
<br />
==== Test updates on a non-critical system ====<br />
<br />
If possible, test changes to configuration files, as well as updates to software packages, on a non-critical duplicate system first. Then, if no problems arise, roll out the changes to the production system.<br />
<br />
==== Always backup config files before editing ====<br />
<br />
Before editing any configuration file, always back up a known working version of that config file. In the event that changes in the config file cause problems, one can revert to the previous stable config file. Do this from a text editor by first saving the file to a backup copy before making any alterations; or execute the following command:<br />
<br />
cp config config.bak<br />
<br />
Using ''.bak'' will ensure there is a readily distinguishable human-made backup conf file if pacman creates a .pacnew, .pacsave, or .pacorig file using the active config file.<br />
<br />
{{AUR|etckeeper}} can help dealing with config files. It keeps the whole /etc directory in a version control.<br />
<br />
==== Regularly backup the /etc, /home, /srv, and /var directories ====<br />
<br />
Since /etc, /home, /srv and /var directories contain important system files and configs, it is advisable to keep backup of these folders on a regular interval. The following is a simple guide line on how to go about it.<br />
<br />
* '''/etc:''' Backup the /etc directory by executing the following command as root or as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/etc-backup.tar.bz2 /etc<br />
<br />
Store the /etc backup file on one or more offline media, such as a USB stick, external hard drive, or CD-R. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
Restore corrupted /etc files by extracting the etc-backup.tar.bz2 file in a temporary working directory, and copying over individual files and directories as needed. To restore the entire /etc directory with all its contents, move the etc-backup.tar.bz2 files into the / directory. As root, execute the following command:<br />
<br />
tar -xvjf etc-backup.tar.bz2<br />
<br />
* '''/home:''' At regular intervals, backup the /home directory to an external hard drive, Network Attached Server, or online backup service. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
* '''/srv:''' Server installations should have the /srv directory regularly backed up.<br />
<br />
* '''/var:''' Additional directories in /var, such a /var/spool/mail or /var/lib, which also require backup and occasional verification.<br />
<br />
If you want to backup much faster (using parallel compression, SMP), you should use pbzip2 (Parallel bzip2). The steps are slightly different, but not by much.<br />
<br />
First we will backup the files to a plain tarball with no compression:<br />
<br />
tar -cvf /path/to/chosen/directory/etc-backup.tar /etc<br />
<br />
Then we will use pbzip2 to compress it in parallel (Make sure you install it with '''pacman -S pbzip2''')<br />
<br />
pbzip2 /path/to/chosen/directory/etc-backup.tar.bz2<br />
<br />
and that's it. Your files should be backing up using all of your cores.</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Enhance_system_stability&diff=271225Enhance system stability2013-08-15T07:06:36Z<p>Wingsuit: /* Changed title */</p>
<hr />
<div>[[Category:System administration]]<br />
[[fr:Enhancing Arch Linux Stability]]<br />
[[ja:Enhancing Arch Linux Stability]]<br />
[[zh-CN:Enhancing Arch Linux Stability]]<br />
The purpose of this wiki article is to provide tips on how to make an Arch Linux system as stable as possible. While Arch Developers and Trusted Users work hard to produce high quality packages, given Arch's rolling release system and rapid package turnover, an Arch system may not be suitable for a mission critical, commercial production environment.<br />
<br />
However, Arch is inherently stable due to its commitment to simplicity in configuration, coupled with a rapid bug-report/bug-fix cycle, and the use of unpatched upstream source code. Thus, by following the advice below on setting up and maintaining Arch, the user should be able enjoy a very stable system. Furthermore, advice is included that will ease system repair in the event of a major malfunction.<br />
<br />
How stable can Arch Linux really be? There are numerous reports in the Arch forums of skilled system administrators successfully using Arch for production servers. Archlinux.org is one such example. On the desktop, a properly configured and maintained Arch installation can offer excellent stability.<br />
<br />
== Setting Up Arch ==<br />
<br />
When first installing and configuring Arch Linux, the user has a variety of choices to make about configuration, software, and drivers. These choices will impact overall system stability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Keeping old packages in a large /var partition ====<br />
<br />
Pacman archives all of the previously installed packages in /var/cache/pacman/pkg, which over time may grow to a few GB in size. If you are setting up separate partitions during installation, always be sure to allocate plenty of space for a large /var partition. 4 to 8 GB should do, although more may be required for some server uses. Retaining these packages is helpful in case a recent package upgrade causes instability, requiring a downgrade to an older, archived package. See the section below entitled, [[#Revert package upgrades that cause instability]].<br />
<br />
==== Use recommended configurations ====<br />
<br />
In the detailed Arch Linux installation and configuration documentation, there is often more than one way to configure a specific aspect of the system. Always choose the recommended, default configuration when setting up the system. The recommended, default configurations reflect best practices, chosen for optimum system stability and ease of system repair.<br />
<br />
==== Be careful with unofficial and less tested packages ====<br />
<br />
Avoid any use of the testing repository, or individual packages from testing. These experimental packages are for development and testing, and are not suitable for a stable system.<br />
<br />
Use precaution when using packages from AUR. Most of the packages in AUR are supplied by user and thus might not have the same packaging standard as those in official repositories. Always check AUR package's PKGBUILD for any signs of mistake or malicious code before you build and install them.<br />
<br />
Be careful with [[AUR helpers]] which highly simplify installation of AUR packages and could lead to user build and install package that have malformed or malicious PKGBUILD. You should '''always''' sanity check PKGBUILDs before building and/or installing the package.<br />
<br />
Finally, it is extremely unwise to ever run any [[AUR helpers]], or the [[makepkg]] command as root user.<br />
<br />
Only use 3rd party repository if absolutely necessary or if you know what you're doing. Always use 3rd party repository from a trusted source.<br />
<br />
==== Use up-to-date mirrors ====<br />
<br />
Use mirrors that are frequently updated with the latest packages from the main Arch FTP server. Review the [https://www.archlinux.org/mirrors/status/ Mirror Status webpage] to verify that your chosen mirror is up to date. By using recently rsync'd mirrors, this ensures that your system will always have the freshest packages and package databases available during the course of routine maintenance.<br />
<br />
Also, if it is used, edit the mirror list in {{ic|/etc/pacman.d}} by placing local mirrors, those within your country or region, at the top of the list. Refer to the [[Mirrors#Enabling_your_favorite_mirror| Enabling your favorite mirror]] Arch wikipage section for additional details, including the installation of the [[Mirrors#List_by_speed|rankmirrors]] script to enable the fastest mirrors. These steps will ensure that the system uses the fastest, most reliable mirrors.<br />
<br />
After changing the server mirror used for updates, ensure that your system is up-to-date by doing pacman -Syu.<br />
<br />
==== Avoid development packages ====<br />
<br />
To prevent serious breakage of the system, do not install any development packages, which are usually found in AUR and occasionally in community. These are packages taken directly from upstream development branches, and usually feature one of the following words appended to the package name: dev, devel, svn, cvs, git, hg, bzr, or darcs.<br />
<br />
Most especially, avoid installing any development version of crucial system packages such as the kernel or glibc.<br />
<br />
If building a custom package using makepkg, be sure that the PKGBUILD follows the [[Arch Packaging Standards]], including a provides array. Use namcap to check the final .tar.gz or PKGBUILD file.<br />
<br />
==== Install the linux-lts package ====<br />
<br />
The {{Pkg|linux-lts}} package is an alternative Arch kernel package based upon Linux kernel 3.0 and is available in the [core] repository. This particular kernel version enjoys '''l'''ong-'''t'''erm '''s'''upport (LTS) from upstream, including security fixes and some feature backports, especially useful for Arch users seeking to use such a kernel on a server, or who want a fallback kernel in case a new kernel version causes problems.<br />
<br />
To make it available as a boot option, you will need to update the bootloader's configuration file. For example, if you use [[Syslinux]], you have to edit {{ic|/boot/syslinux/syslinux.cfg}} and duplicate the current entries, except using {{ic|vmlinuz-linux-lts}} and {{ic|initramfs-linux-lts.img}}. For [[GRUB]], the recommended method is to automatically [[GRUB#Generate_GRUB2_BIOS_Config_file|re-generate the .cfg]].<br />
<br />
Some prefer to install the {{Pkg|linux-lts}} package in addition to the regular {{Pkg|linux}} package and edit the Fallback entry to use the LTS kernel.<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Use the package manager to install software ====<br />
<br />
The package manager (in Arch: [[pacman]]) does a much better job than you at keeping track of files. If you install things manually you ''will'', sooner or later forget what you did, where you installed to, install conflicting stuff, install to wrong locations etc.<br />
<br />
From a stability standpoint you should try to avoid unsupported package and custom software, but if you really need such things making a package is better than manually compiling and installing.<br />
<br />
You should also disable make install command (which is typical for beginning of all problems) in /root/.bashrc<br />
make() {<br />
[ "$1" == 'install' ] &&<br />
echo -e "WARNING:\nDON'T INSTALL SOFTWARE MANUALLY\nDON'T USE unset make TO OVERRIDE" &&<br />
echo "Tip: It's easy to make own custom package see: man PKGBUILD makepkg" &&<br />
return 1;<br />
/usr/bin/make $@;<br />
}<br />
<br />
==== Use proven, mainstream software packages ====<br />
<br />
Install mature, proven, mainstream software; while avoiding cutting edge software that is still buggy. Try to avoid installing "point-oh", aka x.y.0, software releases. For example, instead of installing Foobar 2.5.0, wait until Foobar 2.5.1 is available. Do not deploy newly developed software until it is proven to be reliable. For example, PulseAudio's early versions could be unreliable. Users interested in maximum stability would use the ALSA sound system instead. Finally, use software that has a strong and active development community.<br />
<br />
==== Choose open-source drivers ====<br />
<br />
Wherever possible, choose open source drivers. Try to avoid proprietary drivers. Most of the time, open source drivers are more stable and reliable than proprietary drivers. Open source driver bugs are fixed more easily and quickly. While proprietary drivers can offer more features and capabilities, this can come at the cost of stability. To avoid this dilemma, choose hardware components known to have mature open source driver support with full features. Information about hardware with open source Linux drivers is available at [http://www.linux-drivers.org/ linux-drivers.org].<br />
<br />
== Maintaining Arch ==<br />
<br />
In addition to configuring Arch for stability, there are steps one can take during maintenance which will enhance stability. Paying attention to a few SysAdmin details will help to ensure continued system reliability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Upgrade entire system with reasonable frequency ====<br />
<br />
Many Arch users update frequently, even upgrading their systems daily using {{Ic|pacman -Syu}}. While updating so frequently is not necessary, one should upgrade fairly often to enjoy the latest bugfix and security updates. Weekly or biweekly upgrades are thus a good idea.<br />
<br />
If the system has packages from the AUR, carefully upgrade all AUR packages.<br />
<br />
==== Read before upgrading the system ====<br />
<br />
Before upgrading Arch, always read the latest [https://www.archlinux.org/news/ Arch News] to find out if there are any major software or configuration changes with the latest packages. Before upgrading fundamental software, such as the kernel, xorg, or glibc to a new version; look over the appropriate [https://bbs.archlinux.org/ webforum] to see if there have been any reported problems.<br />
<br />
==== Act on alerts during an upgrade ====<br />
<br />
When upgrading the system, be sure to pay attention to the alert notices provided by pacman. If any additional actions are required by the user, be sure to take care of them right away. If a pacman alert is confusing, search the forums and the recent news posts for more detailed instructions.<br />
<br />
==== Deal promptly with .pacnew, .pacsave, and .pacorig files ====<br />
<br />
When pacman removes a package that has a configuration file, it normally creates a backup copy of that config file and appends .pacsave to the name of the file. Likewise, when pacman upgrades a package which includes a new config file created by the maintainer differing from the currently installed file, it writes a .pacnew config file. Occasionally, under special circumstances, a .pacorig file is created. Pacman provides notice when these files are written.<br />
<br />
Users must deal with these files promptly when pacman creates them, in order to ensure optimum system stability. Users are referred to the [[Pacnew and Pacsave Files]] wiki page for detailed instructions.<br />
<br />
==== Consider using pacmatic ====<br />
<br />
[http://kmkeen.com/pacmatic/index.html Pacmatic] is a pacman wrapper which automates the process of checking Arch News prior to upgrading. Pacmatic also ensures that the local pacman database is correctly synchronized with online mirrors, thus avoiding potential problems with botched pacman -Sy database updates. Finally, it provides more stringent warnings about updated or obsolete config files. pacman can be aliased to pacmatic, and various [[AUR helpers]] can be configured to use it instead of pacman.<br />
<br />
==== Avoid certain pacman commands ====<br />
<br />
Arch being a rolling release distribution, it can be dangerous to refresh pacman databases without doing a full system upgrade immediately after. Avoid using {{Ic|pacman -Sy package}} to install a package, but always use {{Ic|pacman -S package}} instead. And upgrade your system regularly with {{Ic|pacman -Syu}}.<br />
<br />
Avoid using the {{ic|-f}} option with pacman, '''especially''' in commands such as {{Ic|pacman -Syuf}} involving more than one package. The {{ic|--force}} option ignores file conflicts and can even cause file loss when files are relocated between different packages! In a properly maintained system, it should never need to be used.<br />
<br />
Do not use {{Ic|pacman -Rdd package}}. Using the -d flag skips dependency checks during package removal. As a result, a package providing a critical dependency could be removed, resulting in a broken system.<br />
<br />
Never run {{Ic|pacman -Scc}} unless there is a desperate need for the disk space, and little or no need for archived package files. It is safer to keep older packages available in the cache archives in the event a package upgrade causes problems, requiring a package reversion. Instead, just use {{ic|pacman -Sc}} to clean out the archived packages in the pacman cache, of packages previously removed from the pacman database.<br />
<br />
Make sure to only use this command if there is no intention of re-installing recently removed packages. If such packages are re-installed after this command has been executed, there will be no older, archived versions of the packages in the pacman cache.<br />
<br />
In the event that /var disk space becomes scarce, move '''all''' archived packages to the home directory using the [http://www.3111skyline.com/download/Archlinux/scripts/ fduparch.sh script]. Use the [http://www.3111skyline.com/download/Archlinux/scripts/fduppkg fduppkg script] to move all but the last previously installed package versions in the pacman cache archives, to the home directory.<br />
<br />
==== Revert package upgrades that cause instability ====<br />
<br />
In the event that a particular package upgrade results in system instability, install the last known stable version of the package from the local pacman cache using the following command:<br />
<br />
pacman -U /var/cache/pacman/pkg/Package-Name.pkg.tar.gz<br />
<br />
For more detailed information on reverting to older packages, consult the Arch wikipage, [[Downgrading Packages]].<br />
<br />
Once the package is reverted, temporarily add it to the [[Pacman#Skip_package_from_being_upgraded|IgnorePkg section of pacman.conf]], until the difficulty with the updated package is resolved. Consult the Arch wiki and/or webforums for advice, and file a bug report if necessary.<br />
<br />
==== Regularly backup a list of installed packages ====<br />
<br />
At regular intervals, create a list of installed packages and store a copy on one or more offline media, such as a USB stick, external hard drive, or CD-R. Use the following command to create a pkglist:<br />
<br />
pacman -Qqne > /path/to/chosen/directory/pkg.list<br />
<br />
In the event of a catastrophic system failure requiring a complete re-installation, these packages can be quickly reinstalled using the command:<br />
<br />
pacman -S --needed $(< /path/to/chosen/directory/pkg.list )<br />
<br />
==== Regularly backup the pacman database ====<br />
<br />
The following command can be used to backup the local pacman database, and can be run as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/pacman-database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
Restore the backup pacman database file by moving the pacman-database.tar.bz2 file into the / directory and executing the following command:<br />
<br />
tar -xjvf pacman-database.tar.bz2<br />
<br />
If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult the Arch wikipage, [[Pacman_Tips#Restore_pacman.27s_local_database|How To Restore Pacman's Local Database]].<br />
<br />
===== Systemd Automation =====<br />
<br />
You can configure [https://wiki.archlinux.org/index.php/Systemd systemd] to backup the pacman database everytime a new package is installed or updated, save and run the following scripts. See [[Pacman Tips#Backing up Local database with Systemd|here]].<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Subscribe to NVD/CVE alerts and only upgrade on a security alert ====<br />
<br />
Subscribe to the Common Vulnerabilities and Exposure Security Alert updates, made available by National Vulnerability Database, and found on the [http://nvd.nist.gov/download.cfm NVD Download webpage]. Only update the Arch system when a security alert is issued for a package installed on that particular system.<br />
<br />
This is the alternative to upgrading the entire system frequently. It ensures that security problems in various packages are resolved promptly, while keeping all the rest of the packages frozen in a known, stable configuration. However, reviewing the frequent CVE Alerts to see if any apply to installed Arch packages can be tedious and time consuming.<br />
<br />
==== Test updates on a non-critical system ====<br />
<br />
If possible, test changes to configuration files, as well as updates to software packages, on a non-critical duplicate system first. Then, if no problems arise, roll out the changes to the production system.<br />
<br />
==== Always backup config files before editing ====<br />
<br />
Before editing any configuration file, always back up a known working version of that config file. In the event that changes in the config file cause problems, one can revert to the previous stable config file. Do this from a text editor by first saving the file to a backup copy before making any alterations; or execute the following command:<br />
<br />
cp config config.bak<br />
<br />
Using ''.bak'' will ensure there is a readily distinguishable human-made backup conf file if pacman creates a .pacnew, .pacsave, or .pacorig file using the active config file.<br />
<br />
{{AUR|etckeeper}} can help dealing with config files. It keeps the whole /etc directory in a version control.<br />
<br />
==== Regularly backup the /etc, /home, /srv, and /var directories ====<br />
<br />
Since /etc, /home, /srv and /var directories contain important system files and configs, it is advisable to keep backup of these folders on a regular interval. The following is a simple guide line on how to go about it.<br />
<br />
* '''/etc:''' Backup the /etc directory by executing the following command as root or as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/etc-backup.tar.bz2 /etc<br />
<br />
Store the /etc backup file on one or more offline media, such as a USB stick, external hard drive, or CD-R. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
Restore corrupted /etc files by extracting the etc-backup.tar.bz2 file in a temporary working directory, and copying over individual files and directories as needed. To restore the entire /etc directory with all its contents, move the etc-backup.tar.bz2 files into the / directory. As root, execute the following command:<br />
<br />
tar -xvjf etc-backup.tar.bz2<br />
<br />
* '''/home:''' At regular intervals, backup the /home directory to an external hard drive, Network Attached Server, or online backup service. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
* '''/srv:''' Server installations should have the /srv directory regularly backed up.<br />
<br />
* '''/var:''' Additional directories in /var, such a /var/spool/mail or /var/lib, which also require backup and occasional verification.<br />
<br />
If you want to backup much faster (using parallel compression, SMP), you should use pbzip2 (Parallel bzip2). The steps are slightly different, but not by much.<br />
<br />
First we will backup the files to a plain tarball with no compression:<br />
<br />
tar -cvf /path/to/chosen/directory/etc-backup.tar /etc<br />
<br />
Then we will use pbzip2 to compress it in parallel (Make sure you install it with '''pacman -S pbzip2''')<br />
<br />
pbzip2 /path/to/chosen/directory/etc-backup.tar.bz2<br />
<br />
and that's it. Your files should be backing up using all of your cores.</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Enhance_system_stability&diff=271224Enhance system stability2013-08-15T07:05:18Z<p>Wingsuit: /* Move some sentences around */</p>
<hr />
<div>[[Category:System administration]]<br />
[[fr:Enhancing Arch Linux Stability]]<br />
[[ja:Enhancing Arch Linux Stability]]<br />
[[zh-CN:Enhancing Arch Linux Stability]]<br />
The purpose of this wiki article is to provide tips on how to make an Arch Linux system as stable as possible. While Arch Developers and Trusted Users work hard to produce high quality packages, given Arch's rolling release system and rapid package turnover, an Arch system may not be suitable for a mission critical, commercial production environment.<br />
<br />
However, Arch is inherently stable due to its commitment to simplicity in configuration, coupled with a rapid bug-report/bug-fix cycle, and the use of unpatched upstream source code. Thus, by following the advice below on setting up and maintaining Arch, the user should be able enjoy a very stable system. Furthermore, advice is included that will ease system repair in the event of a major malfunction.<br />
<br />
How stable can Arch Linux really be? There are numerous reports in the Arch forums of skilled system administrators successfully using Arch for production servers. Archlinux.org is one such example. On the desktop, a properly configured and maintained Arch installation can offer excellent stability.<br />
<br />
== Setting Up Arch ==<br />
<br />
When first installing and configuring Arch Linux, the user has a variety of choices to make about configuration, software, and drivers. These choices will impact overall system stability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Keeping old packages in large /var partition ====<br />
<br />
Pacman archives all of the previously installed packages in /var/cache/pacman/pkg, which over time may grow to a few GB in size. If you are setting up separate partitions during installation, always be sure to allocate plenty of space for a large /var partition. 4 to 8 GB should do, although more may be required for some server uses. Retaining these packages is helpful in case a recent package upgrade causes instability, requiring a downgrade to an older, archived package. See the section below entitled, [[#Revert package upgrades that cause instability]].<br />
<br />
==== Use recommended configurations ====<br />
<br />
In the detailed Arch Linux installation and configuration documentation, there is often more than one way to configure a specific aspect of the system. Always choose the recommended, default configuration when setting up the system. The recommended, default configurations reflect best practices, chosen for optimum system stability and ease of system repair.<br />
<br />
==== Be careful with unofficial and less tested packages ====<br />
<br />
Avoid any use of the testing repository, or individual packages from testing. These experimental packages are for development and testing, and are not suitable for a stable system.<br />
<br />
Use precaution when using packages from AUR. Most of the packages in AUR are supplied by user and thus might not have the same packaging standard as those in official repositories. Always check AUR package's PKGBUILD for any signs of mistake or malicious code before you build and install them.<br />
<br />
Be careful with [[AUR helpers]] which highly simplify installation of AUR packages and could lead to user build and install package that have malformed or malicious PKGBUILD. You should '''always''' sanity check PKGBUILDs before building and/or installing the package.<br />
<br />
Finally, it is extremely unwise to ever run any [[AUR helpers]], or the [[makepkg]] command as root user.<br />
<br />
Only use 3rd party repository if absolutely necessary or if you know what you're doing. Always use 3rd party repository from a trusted source.<br />
<br />
==== Use up-to-date mirrors ====<br />
<br />
Use mirrors that are frequently updated with the latest packages from the main Arch FTP server. Review the [https://www.archlinux.org/mirrors/status/ Mirror Status webpage] to verify that your chosen mirror is up to date. By using recently rsync'd mirrors, this ensures that your system will always have the freshest packages and package databases available during the course of routine maintenance.<br />
<br />
Also, if it is used, edit the mirror list in {{ic|/etc/pacman.d}} by placing local mirrors, those within your country or region, at the top of the list. Refer to the [[Mirrors#Enabling_your_favorite_mirror| Enabling your favorite mirror]] Arch wikipage section for additional details, including the installation of the [[Mirrors#List_by_speed|rankmirrors]] script to enable the fastest mirrors. These steps will ensure that the system uses the fastest, most reliable mirrors.<br />
<br />
After changing the server mirror used for updates, ensure that your system is up-to-date by doing pacman -Syu.<br />
<br />
==== Avoid development packages ====<br />
<br />
To prevent serious breakage of the system, do not install any development packages, which are usually found in AUR and occasionally in community. These are packages taken directly from upstream development branches, and usually feature one of the following words appended to the package name: dev, devel, svn, cvs, git, hg, bzr, or darcs.<br />
<br />
Most especially, avoid installing any development version of crucial system packages such as the kernel or glibc.<br />
<br />
If building a custom package using makepkg, be sure that the PKGBUILD follows the [[Arch Packaging Standards]], including a provides array. Use namcap to check the final .tar.gz or PKGBUILD file.<br />
<br />
==== Install the linux-lts package ====<br />
<br />
The {{Pkg|linux-lts}} package is an alternative Arch kernel package based upon Linux kernel 3.0 and is available in the [core] repository. This particular kernel version enjoys '''l'''ong-'''t'''erm '''s'''upport (LTS) from upstream, including security fixes and some feature backports, especially useful for Arch users seeking to use such a kernel on a server, or who want a fallback kernel in case a new kernel version causes problems.<br />
<br />
To make it available as a boot option, you will need to update the bootloader's configuration file. For example, if you use [[Syslinux]], you have to edit {{ic|/boot/syslinux/syslinux.cfg}} and duplicate the current entries, except using {{ic|vmlinuz-linux-lts}} and {{ic|initramfs-linux-lts.img}}. For [[GRUB]], the recommended method is to automatically [[GRUB#Generate_GRUB2_BIOS_Config_file|re-generate the .cfg]].<br />
<br />
Some prefer to install the {{Pkg|linux-lts}} package in addition to the regular {{Pkg|linux}} package and edit the Fallback entry to use the LTS kernel.<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Use the package manager to install software ====<br />
<br />
The package manager (in Arch: [[pacman]]) does a much better job than you at keeping track of files. If you install things manually you ''will'', sooner or later forget what you did, where you installed to, install conflicting stuff, install to wrong locations etc.<br />
<br />
From a stability standpoint you should try to avoid unsupported package and custom software, but if you really need such things making a package is better than manually compiling and installing.<br />
<br />
You should also disable make install command (which is typical for beginning of all problems) in /root/.bashrc<br />
make() {<br />
[ "$1" == 'install' ] &&<br />
echo -e "WARNING:\nDON'T INSTALL SOFTWARE MANUALLY\nDON'T USE unset make TO OVERRIDE" &&<br />
echo "Tip: It's easy to make own custom package see: man PKGBUILD makepkg" &&<br />
return 1;<br />
/usr/bin/make $@;<br />
}<br />
<br />
==== Use proven, mainstream software packages ====<br />
<br />
Install mature, proven, mainstream software; while avoiding cutting edge software that is still buggy. Try to avoid installing "point-oh", aka x.y.0, software releases. For example, instead of installing Foobar 2.5.0, wait until Foobar 2.5.1 is available. Do not deploy newly developed software until it is proven to be reliable. For example, PulseAudio's early versions could be unreliable. Users interested in maximum stability would use the ALSA sound system instead. Finally, use software that has a strong and active development community.<br />
<br />
==== Choose open-source drivers ====<br />
<br />
Wherever possible, choose open source drivers. Try to avoid proprietary drivers. Most of the time, open source drivers are more stable and reliable than proprietary drivers. Open source driver bugs are fixed more easily and quickly. While proprietary drivers can offer more features and capabilities, this can come at the cost of stability. To avoid this dilemma, choose hardware components known to have mature open source driver support with full features. Information about hardware with open source Linux drivers is available at [http://www.linux-drivers.org/ linux-drivers.org].<br />
<br />
== Maintaining Arch ==<br />
<br />
In addition to configuring Arch for stability, there are steps one can take during maintenance which will enhance stability. Paying attention to a few SysAdmin details will help to ensure continued system reliability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Upgrade entire system with reasonable frequency ====<br />
<br />
Many Arch users update frequently, even upgrading their systems daily using {{Ic|pacman -Syu}}. While updating so frequently is not necessary, one should upgrade fairly often to enjoy the latest bugfix and security updates. Weekly or biweekly upgrades are thus a good idea.<br />
<br />
If the system has packages from the AUR, carefully upgrade all AUR packages.<br />
<br />
==== Read before upgrading the system ====<br />
<br />
Before upgrading Arch, always read the latest [https://www.archlinux.org/news/ Arch News] to find out if there are any major software or configuration changes with the latest packages. Before upgrading fundamental software, such as the kernel, xorg, or glibc to a new version; look over the appropriate [https://bbs.archlinux.org/ webforum] to see if there have been any reported problems.<br />
<br />
==== Act on alerts during an upgrade ====<br />
<br />
When upgrading the system, be sure to pay attention to the alert notices provided by pacman. If any additional actions are required by the user, be sure to take care of them right away. If a pacman alert is confusing, search the forums and the recent news posts for more detailed instructions.<br />
<br />
==== Deal promptly with .pacnew, .pacsave, and .pacorig files ====<br />
<br />
When pacman removes a package that has a configuration file, it normally creates a backup copy of that config file and appends .pacsave to the name of the file. Likewise, when pacman upgrades a package which includes a new config file created by the maintainer differing from the currently installed file, it writes a .pacnew config file. Occasionally, under special circumstances, a .pacorig file is created. Pacman provides notice when these files are written.<br />
<br />
Users must deal with these files promptly when pacman creates them, in order to ensure optimum system stability. Users are referred to the [[Pacnew and Pacsave Files]] wiki page for detailed instructions.<br />
<br />
==== Consider using pacmatic ====<br />
<br />
[http://kmkeen.com/pacmatic/index.html Pacmatic] is a pacman wrapper which automates the process of checking Arch News prior to upgrading. Pacmatic also ensures that the local pacman database is correctly synchronized with online mirrors, thus avoiding potential problems with botched pacman -Sy database updates. Finally, it provides more stringent warnings about updated or obsolete config files. pacman can be aliased to pacmatic, and various [[AUR helpers]] can be configured to use it instead of pacman.<br />
<br />
==== Avoid certain pacman commands ====<br />
<br />
Arch being a rolling release distribution, it can be dangerous to refresh pacman databases without doing a full system upgrade immediately after. Avoid using {{Ic|pacman -Sy package}} to install a package, but always use {{Ic|pacman -S package}} instead. And upgrade your system regularly with {{Ic|pacman -Syu}}.<br />
<br />
Avoid using the {{ic|-f}} option with pacman, '''especially''' in commands such as {{Ic|pacman -Syuf}} involving more than one package. The {{ic|--force}} option ignores file conflicts and can even cause file loss when files are relocated between different packages! In a properly maintained system, it should never need to be used.<br />
<br />
Do not use {{Ic|pacman -Rdd package}}. Using the -d flag skips dependency checks during package removal. As a result, a package providing a critical dependency could be removed, resulting in a broken system.<br />
<br />
Never run {{Ic|pacman -Scc}} unless there is a desperate need for the disk space, and little or no need for archived package files. It is safer to keep older packages available in the cache archives in the event a package upgrade causes problems, requiring a package reversion. Instead, just use {{ic|pacman -Sc}} to clean out the archived packages in the pacman cache, of packages previously removed from the pacman database.<br />
<br />
Make sure to only use this command if there is no intention of re-installing recently removed packages. If such packages are re-installed after this command has been executed, there will be no older, archived versions of the packages in the pacman cache.<br />
<br />
In the event that /var disk space becomes scarce, move '''all''' archived packages to the home directory using the [http://www.3111skyline.com/download/Archlinux/scripts/ fduparch.sh script]. Use the [http://www.3111skyline.com/download/Archlinux/scripts/fduppkg fduppkg script] to move all but the last previously installed package versions in the pacman cache archives, to the home directory.<br />
<br />
==== Revert package upgrades that cause instability ====<br />
<br />
In the event that a particular package upgrade results in system instability, install the last known stable version of the package from the local pacman cache using the following command:<br />
<br />
pacman -U /var/cache/pacman/pkg/Package-Name.pkg.tar.gz<br />
<br />
For more detailed information on reverting to older packages, consult the Arch wikipage, [[Downgrading Packages]].<br />
<br />
Once the package is reverted, temporarily add it to the [[Pacman#Skip_package_from_being_upgraded|IgnorePkg section of pacman.conf]], until the difficulty with the updated package is resolved. Consult the Arch wiki and/or webforums for advice, and file a bug report if necessary.<br />
<br />
==== Regularly backup a list of installed packages ====<br />
<br />
At regular intervals, create a list of installed packages and store a copy on one or more offline media, such as a USB stick, external hard drive, or CD-R. Use the following command to create a pkglist:<br />
<br />
pacman -Qqne > /path/to/chosen/directory/pkg.list<br />
<br />
In the event of a catastrophic system failure requiring a complete re-installation, these packages can be quickly reinstalled using the command:<br />
<br />
pacman -S --needed $(< /path/to/chosen/directory/pkg.list )<br />
<br />
==== Regularly backup the pacman database ====<br />
<br />
The following command can be used to backup the local pacman database, and can be run as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/pacman-database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
Restore the backup pacman database file by moving the pacman-database.tar.bz2 file into the / directory and executing the following command:<br />
<br />
tar -xjvf pacman-database.tar.bz2<br />
<br />
If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult the Arch wikipage, [[Pacman_Tips#Restore_pacman.27s_local_database|How To Restore Pacman's Local Database]].<br />
<br />
===== Systemd Automation =====<br />
<br />
You can configure [https://wiki.archlinux.org/index.php/Systemd systemd] to backup the pacman database everytime a new package is installed or updated, save and run the following scripts. See [[Pacman Tips#Backing up Local database with Systemd|here]].<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Subscribe to NVD/CVE alerts and only upgrade on a security alert ====<br />
<br />
Subscribe to the Common Vulnerabilities and Exposure Security Alert updates, made available by National Vulnerability Database, and found on the [http://nvd.nist.gov/download.cfm NVD Download webpage]. Only update the Arch system when a security alert is issued for a package installed on that particular system.<br />
<br />
This is the alternative to upgrading the entire system frequently. It ensures that security problems in various packages are resolved promptly, while keeping all the rest of the packages frozen in a known, stable configuration. However, reviewing the frequent CVE Alerts to see if any apply to installed Arch packages can be tedious and time consuming.<br />
<br />
==== Test updates on a non-critical system ====<br />
<br />
If possible, test changes to configuration files, as well as updates to software packages, on a non-critical duplicate system first. Then, if no problems arise, roll out the changes to the production system.<br />
<br />
==== Always backup config files before editing ====<br />
<br />
Before editing any configuration file, always back up a known working version of that config file. In the event that changes in the config file cause problems, one can revert to the previous stable config file. Do this from a text editor by first saving the file to a backup copy before making any alterations; or execute the following command:<br />
<br />
cp config config.bak<br />
<br />
Using ''.bak'' will ensure there is a readily distinguishable human-made backup conf file if pacman creates a .pacnew, .pacsave, or .pacorig file using the active config file.<br />
<br />
{{AUR|etckeeper}} can help dealing with config files. It keeps the whole /etc directory in a version control.<br />
<br />
==== Regularly backup the /etc, /home, /srv, and /var directories ====<br />
<br />
Since /etc, /home, /srv and /var directories contain important system files and configs, it is advisable to keep backup of these folders on a regular interval. The following is a simple guide line on how to go about it.<br />
<br />
* '''/etc:''' Backup the /etc directory by executing the following command as root or as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/etc-backup.tar.bz2 /etc<br />
<br />
Store the /etc backup file on one or more offline media, such as a USB stick, external hard drive, or CD-R. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
Restore corrupted /etc files by extracting the etc-backup.tar.bz2 file in a temporary working directory, and copying over individual files and directories as needed. To restore the entire /etc directory with all its contents, move the etc-backup.tar.bz2 files into the / directory. As root, execute the following command:<br />
<br />
tar -xvjf etc-backup.tar.bz2<br />
<br />
* '''/home:''' At regular intervals, backup the /home directory to an external hard drive, Network Attached Server, or online backup service. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
* '''/srv:''' Server installations should have the /srv directory regularly backed up.<br />
<br />
* '''/var:''' Additional directories in /var, such a /var/spool/mail or /var/lib, which also require backup and occasional verification.<br />
<br />
If you want to backup much faster (using parallel compression, SMP), you should use pbzip2 (Parallel bzip2). The steps are slightly different, but not by much.<br />
<br />
First we will backup the files to a plain tarball with no compression:<br />
<br />
tar -cvf /path/to/chosen/directory/etc-backup.tar /etc<br />
<br />
Then we will use pbzip2 to compress it in parallel (Make sure you install it with '''pacman -S pbzip2''')<br />
<br />
pbzip2 /path/to/chosen/directory/etc-backup.tar.bz2<br />
<br />
and that's it. Your files should be backing up using all of your cores.</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Dovecot&diff=271217Dovecot2013-08-15T06:40:39Z<p>Wingsuit: /* Simple addition for new users */</p>
<hr />
<div>[[Category:Mail Server]]<br />
<br />
This article describes how to set up a mail server suitable for personal or small office use.<br />
<br />
[http://www.dovecot.org/ Dovecot] is an open source [[Wikipedia:IMAP|IMAP]] and [[Wikipedia:POP3|POP3]] server for Linux/UNIX-like systems, written primarily with security in mind. Developed by Timo Sirainen, Dovecot was first released in July 2002. Dovecot primarily aims to be a lightweight, fast and easy to set up open source mailserver. For more detailed information, please see the official [http://wiki2.dovecot.org/ Dovecot Wiki].<br />
<br />
==Installation==<br />
<br />
[[pacman|Install]] the packages {{Pkg|dovecot}} and {{Pkg|pam}} from the [[Official Repositories|official repositories]].<br />
<br />
==Configuration==<br />
<br />
===Assumptions===<br />
<br />
* Each mail account served by Dovecot, has a local user account defined on the server.<br />
* The server uses [[Wikipedia:Pluggable authentication module|PAM]] to authenticate the user against the local user database (/etc/passwd).<br />
* [[Wikipedia:Transport_Layer_Security|SSL]] is used to encrypt the authentication password.<br />
* The common [[Wikipedia:Maildir|Maildir]] format is used to store the mail in the user's home directory.<br />
* A [[Wikipedia:Mail delivery agent|MDA]] has already been set up to deliver mail to the local users.<br />
<br />
===Create the SSL certificate===<br />
<br />
The {{Pkg|dovecot}} package contains a script to generate the server SSL certificate.<br />
<br />
* Copy the configuration file from the sample file: {{ic|# cp /etc/ssl/dovecot-openssl.cnf{.sample,} }}.<br />
* Edit {{ic|/etc/ssl/dovecot-openssl.cnf}} to configure the certificate.<br />
<br />
* Execute {{ic|# /usr/lib/dovecot/mkcert.sh}} to generate the certificate.<br />
<br />
The certificate/key pair is created as {{ic|/etc/ssl/certs/dovecot.pem}} and {{ic|/etc/ssl/private/dovecot.pem}}.<br />
<br />
===PAM Authentication===<br />
<br />
* To configure PAM for dovecot, create {{ic|/etc/pam.d/dovecot}} with the following content:<br />
{{hc|/etc/pam.d/dovecot|<br />
auth required pam_unix.so nullok<br />
account required pam_unix.so <br />
}}<br />
<br />
===Dovecot configuration===<br />
<br />
* Copy the dovecot.conf and conf.d/* configuration files from {{ic|/usr/share/doc/dovecot/example-config}} to {{ic|/etc/dovecot}}:<br />
{{bc|<br />
# cp /usr/share/doc/dovecot/example-config/dovecot.conf /etc/dovecot<br />
# cp -r /usr/share/doc/dovecot/example-config/conf.d /etc/dovecot<br />
}}<br />
<br />
The default configuration is ok for most systems, but make sure to read through the configuration files to see what options are available. See the [http://wiki2.dovecot.org/QuickConfiguration quick configuration guide] and [http://wiki2.dovecot.org/#Dovecot_configuration dovecot configuration] for more instructions.<br />
<br />
By default dovecot will try to detect what mail storage system is in use on the system. To use the Maildir format edit {{ic|/etc/dovecot/conf.d/10-mail.conf}} to set {{ic|1=mail_location = maildir:~/Maildir}}.<br />
<br />
===Sieve===<br />
<br />
[http://en.wikipedia.org/wiki/Sieve_%28mail_filtering_language%29 Sieve] is a programming language that can be used to create filters for email on mail server.<br />
<br />
* Install pigeonhole<br />
* Add "managesieve sieve" to "protocols" in dovecot.conf<br />
* Add minimal 80-sieve.conf<br />
<pre><br />
service managesieve-login {<br />
inet_listener sieve {<br />
port = 4190<br />
}<br />
}<br />
<br />
service managesieve {<br />
}<br />
<br />
protocol sieve {<br />
}<br />
</pre><br />
* Specify sieve storage location in "plugin" section:<br />
sieve=/var/mail/%u/dovecot.sieve<br />
sieve_storage=/var/mail/%u/sieve<br />
<br />
* Ensure that your MTA uses dovecot for delivery. For example: postfix's main.cf and dovecot-lda:<br />
mailbox_command = /usr/lib/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT"<br />
* Add "sieve" to "mail_plugins" in "protocol lda" section<br />
<br />
==Starting the server==<br />
<br />
Use the standard [[systemd]] syntax to control the {{ic|dovecot.service}} [[daemon]].<br />
# systemctl start dovecot.service<br />
<br />
To have it start on boot<br />
# systemctl enable dovecot.service</div>Wingsuithttps://wiki.archlinux.org/index.php?title=Enhance_system_stability&diff=266679Enhance system stability2013-07-17T02:03:52Z<p>Wingsuit: /* Set up a large /var partition and keep old packages */</p>
<hr />
<div>[[Category:System administration]]<br />
[[fr:Enhancing Arch Linux Stability]]<br />
[[ja:Enhancing Arch Linux Stability]]<br />
[[zh-CN:Enhancing Arch Linux Stability]]<br />
The purpose of this wiki article is to provide tips on how to make an Arch Linux system as stable as possible. While Arch Developers and Trusted Users work hard to produce high quality packages, given Arch's rolling release system and rapid package turnover, an Arch system may not be suitable for a mission critical, commercial production environment.<br />
<br />
However, Arch is inherently stable due to its commitment to simplicity in configuration, coupled with a rapid bug-report/bug-fix cycle, and the use of unpatched upstream source code. Thus, by following the advice below on setting up and maintaining Arch, the user should be able enjoy a very stable system. Furthermore, advice is included that will ease system repair in the event of a major malfunction.<br />
<br />
How stable can Arch Linux really be? There are numerous reports in the Arch forums of skilled system administrators successfully using Arch for production servers. Archlinux.org is one such example. On the desktop, a properly configured and maintained Arch installation can offer excellent stability.<br />
<br />
== Setting Up Arch ==<br />
<br />
When first installing and configuring Arch Linux, the user has a variety of choices to make about configuration, software, and drivers. These choices will impact overall system stability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Set up a large /var partition and keep old packages ====<br />
<br />
If setting up separate partitions during installation, always be sure to allocate plenty of space for a large /var partition. A /var partition should have a generous 6 to 8 GB of space - more for some server uses. Pacman archives all of the previously installed packages in /var/cache/pacman/pkg, which requires significant amounts of storage space. Retaining these packages is helpful if a recent package upgrade causes instability, requiring a downgrade to an older, archived package. See the section below entitled, [[#Revert package upgrades that cause instability]].<br />
<br />
==== Use recommended configurations ====<br />
<br />
In the detailed Arch Linux installation and configuration documentation, there is often more than one way to configure a specific aspect of the system. Always choose the recommended, default configuration when setting up the system. The recommended, default configurations reflect best practices, chosen for optimum system stability and ease of system repair.<br />
<br />
==== Be careful with unofficial and less tested packages ====<br />
<br />
Avoid any use of the testing repository, or individual packages from testing. These experimental packages are for development and testing, and are not suitable for a stable system.<br />
<br />
Use precaution when using packages from AUR. Most of the packages in AUR are supplied by user and thus might not have the same packaging standard as those in official repositories. Always check AUR package's PKGBUILD for any signs of mistake or malicious code before you build and install them.<br />
<br />
Be careful with [[AUR helpers]] which highly simplify installation of AUR packages and could lead to user build and install package that have malformed or malicious PKGBUILD. You should '''always''' sanity check PKGBUILDs before building and/or installing the package.<br />
<br />
Finally, it is extremely unwise to ever run any [[AUR helpers]], or the [[makepkg]] command as root user.<br />
<br />
Only use 3rd party repository if absolutely necessary or if you know what you're doing. Always use 3rd party repository from a trusted source.<br />
<br />
==== Use up-to-date mirrors ====<br />
<br />
Use mirrors that are frequently updated with the latest packages from the main Arch FTP server. Review the [https://www.archlinux.org/mirrors/status/ Mirror Status webpage] to verify that your chosen mirror is up to date. By using recently rsync'd mirrors, this ensures that your system will always have the freshest packages and package databases available during the course of routine maintenance.<br />
<br />
Also, if it is used, edit the mirror list in {{ic|/etc/pacman.d}} by placing local mirrors, those within your country or region, at the top of the list. Refer to the [[Mirrors#Enabling_your_favorite_mirror| Enabling your favorite mirror]] Arch wikipage section for additional details, including the installation of the [[Mirrors#List_by_speed|rankmirrors]] script to enable the fastest mirrors. These steps will ensure that the system uses the fastest, most reliable mirrors.<br />
<br />
After changing the server mirror used for updates, ensure that your system is up-to-date by doing pacman -Syu.<br />
<br />
==== Avoid development packages ====<br />
<br />
To prevent serious breakage of the system, do not install any development packages, which are usually found in AUR and occasionally in community. These are packages taken directly from upstream development branches, and usually feature one of the following words appended to the package name: dev, devel, svn, cvs, git, hg, bzr, or darcs.<br />
<br />
Most especially, avoid installing any development version of crucial system packages such as the kernel or glibc.<br />
<br />
If building a custom package using makepkg, be sure that the PKGBUILD follows the [[Arch Packaging Standards]], including a provides array. Use namcap to check the final .tar.gz or PKGBUILD file.<br />
<br />
==== Install the linux-lts package ====<br />
<br />
The {{Pkg|linux-lts}} package is an alternative Arch kernel package based upon Linux kernel 3.0 and is available in the [core] repository. This particular kernel version enjoys '''l'''ong-'''t'''erm '''s'''upport (LTS) from upstream, including security fixes and some feature backports, especially useful for Arch users seeking to use such a kernel on a server, or who want a fallback kernel in case a new kernel version causes problems.<br />
<br />
To make it available as a boot option, you will need to update the bootloader's configuration file. For example, if you use [[Syslinux]], you have to edit {{ic|/boot/syslinux/syslinux.cfg}} and duplicate the current entries, except using {{ic|vmlinuz-linux-lts}} and {{ic|initramfs-linux-lts.img}}. For [[GRUB]], the recommended method is to automatically [[GRUB#Generate_GRUB2_BIOS_Config_file|re-generate the .cfg]].<br />
<br />
Some prefer to install the {{Pkg|linux-lts}} package in addition to the regular {{Pkg|linux}} package and edit the Fallback entry to use the LTS kernel.<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Use the package manager to install software ====<br />
<br />
The package manager (in Arch: [[pacman]]) does a much better job than you at keeping track of files. If you install things manually you ''will'', sooner or later forget what you did, where you installed to, install conflicting stuff, install to wrong locations etc.<br />
<br />
From a stability standpoint you should try to avoid unsupported package and custom software, but if you really need such things making a package is better than manually compiling and installing.<br />
<br />
You should also disable make install command (which is typical for beginning of all problems) in /root/.bashrc<br />
make() {<br />
[ "$1" == 'install' ] &&<br />
echo -e "WARNING:\nDON'T INSTALL SOFTWARE MANUALLY\nDON'T USE unset make TO OVERRIDE" &&<br />
echo "Tip: It's easy to make own custom package see: man PKGBUILD makepkg" &&<br />
return 1;<br />
/usr/bin/make $@;<br />
}<br />
<br />
==== Use proven, mainstream software packages ====<br />
<br />
Install mature, proven, mainstream software; while avoiding cutting edge software that is still buggy. Try to avoid installing "point-oh", aka x.y.0, software releases. For example, instead of installing Foobar 2.5.0, wait until Foobar 2.5.1 is available. Do not deploy newly developed software until it is proven to be reliable. For example, PulseAudio's early versions could be unreliable. Users interested in maximum stability would use the ALSA sound system instead. Finally, use software that has a strong and active development community.<br />
<br />
==== Choose open-source drivers ====<br />
<br />
Wherever possible, choose open source drivers. Try to avoid proprietary drivers. Most of the time, open source drivers are more stable and reliable than proprietary drivers. Open source driver bugs are fixed more easily and quickly. While proprietary drivers can offer more features and capabilities, this can come at the cost of stability. To avoid this dilemma, choose hardware components known to have mature open source driver support with full features. Information about hardware with open source Linux drivers is available at [http://www.linux-drivers.org/ linux-drivers.org].<br />
<br />
== Maintaining Arch ==<br />
<br />
In addition to configuring Arch for stability, there are steps one can take during maintenance which will enhance stability. Paying attention to a few SysAdmin details will help to ensure continued system reliability.<br />
<br />
=== Arch Specific Tips ===<br />
<br />
==== Upgrade entire system with reasonable frequency ====<br />
<br />
Many Arch users update frequently, even upgrading their systems daily using {{Ic|pacman -Syu}}. While updating so frequently is not necessary, one should upgrade fairly often to enjoy the latest bugfix and security updates. Weekly or biweekly upgrades are thus a good idea.<br />
<br />
If the system has packages from the AUR, carefully upgrade all AUR packages.<br />
<br />
==== Read before upgrading the system ====<br />
<br />
Before upgrading Arch, always read the latest [https://www.archlinux.org/news/ Arch News] to find out if there are any major software or configuration changes with the latest packages. Before upgrading fundamental software, such as the kernel, xorg, or glibc to a new version; look over the appropriate [https://bbs.archlinux.org/ webforum] to see if there have been any reported problems.<br />
<br />
==== Act on alerts during an upgrade ====<br />
<br />
When upgrading the system, be sure to pay attention to the alert notices provided by pacman. If any additional actions are required by the user, be sure to take care of them right away. If a pacman alert is confusing, search the forums and the recent news posts for more detailed instructions.<br />
<br />
==== Deal promptly with .pacnew, .pacsave, and .pacorig files ====<br />
<br />
When pacman removes a package that has a configuration file, it normally creates a backup copy of that config file and appends .pacsave to the name of the file. Likewise, when pacman upgrades a package which includes a new config file created by the maintainer differing from the currently installed file, it writes a .pacnew config file. Occasionally, under special circumstances, a .pacorig file is created. Pacman provides notice when these files are written.<br />
<br />
Users must deal with these files promptly when pacman creates them, in order to ensure optimum system stability. Users are referred to the [[Pacnew and Pacsave Files]] wiki page for detailed instructions.<br />
<br />
==== Consider using pacmatic ====<br />
<br />
[http://kmkeen.com/pacmatic/index.html Pacmatic] is a pacman wrapper which automates the process of checking Arch News prior to upgrading. Pacmatic also ensures that the local pacman database is correctly synchronized with online mirrors, thus avoiding potential problems with botched pacman -Sy database updates. Finally, it provides more stringent warnings about updated or obsolete config files. pacman can be aliased to pacmatic, and various [[AUR helpers]] can be configured to use it instead of pacman.<br />
<br />
==== Avoid certain pacman commands ====<br />
<br />
Arch being a rolling release distribution, it can be dangerous to refresh pacman databases without doing a full system upgrade immediately after. Avoid using {{Ic|pacman -Sy package}} to install a package, but always use {{Ic|pacman -S package}} instead. And upgrade your system regularly with {{Ic|pacman -Syu}}.<br />
<br />
Avoid using the {{ic|-f}} option with pacman, '''especially''' in commands such as {{Ic|pacman -Syuf}} involving more than one package. The {{ic|--force}} option ignores file conflicts and can even cause file loss when files are relocated between different packages! In a properly maintained system, it should never need to be used.<br />
<br />
Do not use {{Ic|pacman -Rdd package}}. Using the -d flag skips dependency checks during package removal. As a result, a package providing a critical dependency could be removed, resulting in a broken system.<br />
<br />
Never run {{Ic|pacman -Scc}} unless there is a desperate need for the disk space, and little or no need for archived package files. It is safer to keep older packages available in the cache archives in the event a package upgrade causes problems, requiring a package reversion. Instead, just use {{ic|pacman -Sc}} to clean out the archived packages in the pacman cache, of packages previously removed from the pacman database.<br />
<br />
Make sure to only use this command if there is no intention of re-installing recently removed packages. If such packages are re-installed after this command has been executed, there will be no older, archived versions of the packages in the pacman cache.<br />
<br />
In the event that /var disk space becomes scarce, move '''all''' archived packages to the home directory using the [http://www.3111skyline.com/download/Archlinux/scripts/ fduparch.sh script]. Use the [http://www.3111skyline.com/download/Archlinux/scripts/fduppkg fduppkg script] to move all but the last previously installed package versions in the pacman cache archives, to the home directory.<br />
<br />
==== Revert package upgrades that cause instability ====<br />
<br />
In the event that a particular package upgrade results in system instability, install the last known stable version of the package from the local pacman cache using the following command:<br />
<br />
pacman -U /var/cache/pacman/pkg/Package-Name.pkg.tar.gz<br />
<br />
For more detailed information on reverting to older packages, consult the Arch wikipage, [[Downgrading Packages]].<br />
<br />
Once the package is reverted, temporarily add it to the [[Pacman#Skip_package_from_being_upgraded|IgnorePkg section of pacman.conf]], until the difficulty with the updated package is resolved. Consult the Arch wiki and/or webforums for advice, and file a bug report if necessary.<br />
<br />
==== Regularly backup a list of installed packages ====<br />
<br />
At regular intervals, create a list of installed packages and store a copy on one or more offline media, such as a USB stick, external hard drive, or CD-R. Use the following command to create a pkglist:<br />
<br />
pacman -Qqne > /path/to/chosen/directory/pkg.list<br />
<br />
In the event of a catastrophic system failure requiring a complete re-installation, these packages can be quickly reinstalled using the command:<br />
<br />
pacman -S --needed $(< /path/to/chosen/directory/pkg.list )<br />
<br />
==== Regularly backup the pacman database ====<br />
<br />
The following command can be used to backup the local pacman database, and can be run as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/pacman-database.tar.bz2 /var/lib/pacman/local<br />
<br />
Store the backup pacman database file on one or more offline media, such as a USB stick, external hard drive, or CD-R.<br />
<br />
Restore the backup pacman database file by moving the pacman-database.tar.bz2 file into the / directory and executing the following command:<br />
<br />
tar -xjvf pacman-database.tar.bz2<br />
<br />
If the pacman database files are corrupted, and there is no backup file available, there exists some hope of rebuilding the pacman database. Consult the Arch wikipage, [[Pacman_Tips#Restore_pacman.27s_local_database|How To Restore Pacman's Local Database]].<br />
<br />
===== Systemd Automation =====<br />
<br />
You can configure [https://wiki.archlinux.org/index.php/Systemd systemd] to backup the pacman database everytime a new package is installed or updated, save and run the following scripts. See [[Pacman Tips#Backing up Local database with Systemd|here]].<br />
<br />
=== Generic Best Practices ===<br />
<br />
==== Subscribe to NVD/CVE alerts and only upgrade on a security alert ====<br />
<br />
Subscribe to the Common Vulnerabilities and Exposure Security Alert updates, made available by National Vulnerability Database, and found on the [http://nvd.nist.gov/download.cfm NVD Download webpage]. Only update the Arch system when a security alert is issued for a package installed on that particular system.<br />
<br />
This is the alternative to upgrading the entire system frequently. It ensures that security problems in various packages are resolved promptly, while keeping all the rest of the packages frozen in a known, stable configuration. However, reviewing the frequent CVE Alerts to see if any apply to installed Arch packages can be tedious and time consuming.<br />
<br />
==== Test updates on a non-critical system ====<br />
<br />
If possible, test changes to configuration files, as well as updates to software packages, on a non-critical duplicate system first. Then, if no problems arise, roll out the changes to the production system.<br />
<br />
==== Always backup config files before editing ====<br />
<br />
Before editing any configuration file, always back up a known working version of that config file. In the event that changes in the config file cause problems, one can revert to the previous stable config file. Do this from a text editor by first saving the file to a backup copy before making any alterations; or execute the following command:<br />
<br />
cp config config.bak<br />
<br />
Using ''.bak'' will ensure there is a readily distinguishable human-made backup conf file if pacman creates a .pacnew, .pacsave, or .pacorig file using the active config file.<br />
<br />
{{AUR|etckeeper}} can help dealing with config files. It keeps the whole /etc directory in a version control.<br />
<br />
==== Regularly backup the /etc, /home, /srv, and /var directories ====<br />
<br />
Since /etc, /home, /srv and /var directories contain important system files and configs, it is advisable to keep backup of these folders on a regular interval. The following is a simple guide line on how to go about it.<br />
<br />
* '''/etc:''' Backup the /etc directory by executing the following command as root or as a cronjob:<br />
<br />
tar -cjf /path/to/chosen/directory/etc-backup.tar.bz2 /etc<br />
<br />
Store the /etc backup file on one or more offline media, such as a USB stick, external hard drive, or CD-R. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
Restore corrupted /etc files by extracting the etc-backup.tar.bz2 file in a temporary working directory, and copying over individual files and directories as needed. To restore the entire /etc directory with all its contents, move the etc-backup.tar.bz2 files into the / directory. As root, execute the following command:<br />
<br />
tar -xvjf etc-backup.tar.bz2<br />
<br />
* '''/home:''' At regular intervals, backup the /home directory to an external hard drive, Network Attached Server, or online backup service. Occasionally verify the integrity of the backup process by comparing original files and directories with their backups.<br />
<br />
* '''/srv:''' Server installations should have the /srv directory regularly backed up.<br />
<br />
* '''/var:''' Additional directories in /var, such a /var/spool/mail or /var/lib, which also require backup and occasional verification.<br />
<br />
If you want to backup much faster (using parallel compression, SMP), you should use pbzip2 (Parallel bzip2). The steps are slightly different, but not by much.<br />
<br />
First we will backup the files to a plain tarball with no compression:<br />
<br />
tar -cvf /path/to/chosen/directory/etc-backup.tar /etc<br />
<br />
Then we will use pbzip2 to compress it in parallel (Make sure you install it with '''pacman -S pbzip2''')<br />
<br />
pbzip2 /path/to/chosen/directory/etc-backup.tar.bz2<br />
<br />
and that's it. Your files should be backing up using all of your cores.</div>Wingsuithttps://wiki.archlinux.org/index.php?title=List_of_applications/Other&diff=265140List of applications/Other2013-07-05T05:20:47Z<p>Wingsuit: /* Integrated Development Environments */</p>
<hr />
<div><noinclude><br />
[[Category:Applications]]<br />
[[it:List of Applications/Other]]<br />
[[ja:List of Applications/Other]]<br />
[[zh-CN:List of Applications/Other]]<br />
{{List of Applications navigation}}<br />
</noinclude><br />
== Others ==<br />
<br />
=== Note Taking Organizers ===<br />
<br />
{{Wikipedia|Comparison of notetaking software}}<br />
<br />
==== Console ====<br />
<br />
* {{App|hnb (hierarchical notebook)|Program to organize many kinds of data (addresses, to-do lists, ideas, book reviews, etc.) in one place using the XML format.|http://hnb.sourceforge.net/|{{AUR|hnb}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Wikipedia:BasKet Note Pads|BasKet]]|Application for organizing, sharing, and taking notes. It can manage various types of information such as to-do lists, links, pictures, and other types, similar to a scrapbook.|http://basket.kde.org/|{{Pkg|basket}}}}<br />
* {{App|Cherrytree|Hierarchical note taking application, featuring rich text and syntax highlighting, storing data in a single xml or sqlite file.|http://giuspen.com/cherrytree/|{{Pkg|cherrytree}}}}<br />
* {{App|[[Wikipedia:Gnote|Gnote]]|Experimental port of Tomboy to C++.|http://live.gnome.org/Gnote|{{Pkg|gnote}}}}<br />
* {{App|KeepNote|Cross-platform GTK+ note-taking application with rich text formatting.|http://keepnote.org|{{Pkg|keepnote}}}}<br />
* {{App|[[Wikipedia:KJots|KJots]]|Small program which is handy for keeping and organizing miscellaneous notes, part of {{Grp|kdepim}}.|http://www.kde.org/applications/utilities/kjots/|{{Pkg|kdepim-kjots}}}}<br />
* {{App|NoteCase|Portable hierarchical note manager, coded in C++ using bindings to the GTK+ toolkit.|http://notecase.sourceforge.net|{{AUR|notecase}}}}<br />
* {{App|[[Wikipedia:org-mode|org-mode]]|[[Emacs]] mode for notes, project planning and authoring.|http://orgmode.org|{{AUR|emacs-org-mode}}}}<br />
* {{App|[[Wikipedia:Tomboy (software)|Tomboy]]|Desktop note-taking application for Linux and Unix with a wiki-like linking system to connect notes together.|http://projects.gnome.org/tomboy/|{{Pkg|tomboy}}}}<br />
* {{App|[[zim]]|WYSIWYG text editor that aims at bringing the concept of a wiki to the desktop.|http://zim-wiki.org/|{{Pkg|zim}}}}<br />
<br />
=== Time Management ===<br />
<br />
==== Console ====<br />
<br />
* {{App|Calcurse|Text-based ncurses calendar and scheduling system.|http://calcurse.org/|{{Pkg|calcurse}}}}<br />
* {{App|Doneyet|Ncurses-based hierarchical To-do list manager written in C++.|https://code.google.com/p/doneyet/|{{AUR|doneyet}}}}<br />
* {{App|Pal|Very lightweight calendar with both interactive and non-interactive interfaces.|http://palcal.sourceforge.net/|{{AUR|pal}}}}<br />
* {{App|Remind|Highly sophisticated text-based calendaring and notification system.|http://roaringpenguin.com/products/remind|{{Pkg|remind}}}}<br />
* {{App|[[Wikipedia:Taskwarrior|Taskwarrior]]|Command-line To-do list application with support for lua customization and more.|http://taskwarrior.org/|{{Pkg|task}}}}<br />
* {{App|Todo.txt|Small command-line To-do manager.|http://ginatrapani.github.com/todo.txt-cli/|{{AUR|todotxt}}}}<br />
* {{App|TuDu|Ncurses-based hierarchical To-do list manager with vim-like keybindings.|http://code.meskio.net/tudu/|{{AUR|tudu}}}}<br />
* {{App|When|Simple personal calendar program.|http://lightandmatter.com/when/when.html|{{Pkg|when}}}}<br />
* {{App|Wyrd|Text-based front-end to Remind, a calendar and alarm program used on UNIX and Linux computers.|http://pessimization.com/software/wyrd/|{{Pkg|wyrd}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|etm (Event and Task Manager)|Simple application with a "Getting Things Done!" approach to handling events, tasks, activities, reminders and projects.|http://duke.edu/~dgraham/ETM/|{{AUR|etm}}}}<br />
* {{App|Glista|Simple GTK+ To-do list manager with notes support.|http://prematureoptimization.org/glista/|{{AUR|glista}}}}<br />
* {{App|GTG (Getting Things GNOME!)|Personal tasks and To-do list items organizer for the GNOME desktop.|http://gtg.fritalk.com|{{AUR|gtg}}}}<br />
* {{App|[[Wikipedia:Kontact#Organizer|KOrganizer]]|Calendar and scheduling program, part of {{Grp|kdepim}}.|http://www.kde.org/applications/office/korganizer/|{{Pkg|kdepim-korganizer}}}}<br />
* {{App|[[Wikipedia:Lightning (software)|Lightning]]|Extension to Mozilla Thunderbird that provides calendar and task support.|http://www.mozilla.org/projects/calendar/lightning/|{{AUR|lightning}}}}<br />
* {{App|Orage|GTK+ calendar and task manager often seen integrated with Xfce.|http://www.xfce.org/projects|{{Pkg|orage}}}}<br />
* {{App|Osmo|GTK+ personal organizer, which includes calendar, tasks manager and address book modules.|http://clayo.org/osmo/|{{Pkg|osmo}}}}<br />
* {{App|Rachota|Portable time tracker for personal projects.|http://rachota.sourceforge.net/|{{AUR|rachota}}}}<br />
* {{App|Task Coach|Simple open source To-do manager to manage personal tasks and To-do lists.|http://taskcoach.org|{{AUR|taskcoach}}}}<br />
* {{App|Tasks|Simple To-do list application that uses libecal.|https://pimlico-project.org/tasks.html{{linkrot|2013|05|19}}|{{AUR|tasks}}}}<br />
* {{App|TkRemind|Sophisticated calendar and alarm program.|http://www.roaringpenguin.com/products/remind|{{Pkg|remind}}}}<br />
* {{App|wxRemind|Python text and graphical frontend to Remind.|http://duke.edu/~dgraham/wxRemind/|{{AUR|wxremind}}}}<br />
<br />
=== Translation and localisation ===<br />
<br />
* {{App|[[Wikipedia:Apertium|Apertium]]|Free and open source rule-based machine translation platform with available language data. It supports the following formats: HTML, Microsoft Office 2007 XML, OpenDocument, TMX, MediaWiki and others.|http://apertium.org/|{{AUR|apertium}}}}<br />
* {{App|[[Wikipedia:Lokalize|Lokalize]]|Standard [[KDE]] tool for software translation. It includes basic editing of PO files, support for glossary, translation memory, project managing, etc. It belongs to {{Grp|kdesdk}}|http://userbase.kde.org/Lokalize|{{Pkg|kdesdk-lokalize}}}}<br />
* {{App|[[Wikipedia:Moses (machine translation)|Moses]]|Statistical machine translation tool (language data not included).|http://statmt.org/moses|{{AUR?|Moses}}}}<br />
* {{App|[[Wikipedia:OmegaT|OmegaT]]|General translator's tool which contains a lot of translation memory features and can give suggestions from Google Translate. It supports the following formats: HTML, Microsoft Office 2007 XML, OpenDocument, XLIFF/Okapi, MediaWiki, plain text, TMX and others.|http://omegat.org|{{AUR|omegat}}}}<br />
* {{App|[[Wikipedia:Poedit|Poedit]]|Simple gettext/po-based translation tool.|http://poedit.net|{{Pkg|poedit}}}}<br />
* {{App|Pology|Set of Python tools for dealing with gettext/po-files.|http://techbase.kde.org/Localization/Tools/Pology|{{AUR|pology}}}}<br />
* {{App|[[Wikipedia:Virtaal|Virtaal]]|Editor for translation of both software and other text, based on [[Wikipedia:Translate Toolkit|Translate Toolkit]]. It supports the following formats: [[Wikipedia:gettext|gettext]], [[Wikipedia:XLIFF|XLIFF]] , TMX, TBX, [[Wikipedia:WordFast|Wordfast]], Qt Linguist , Qt Phrase Book, [[Wikipedia:OmegaT|OmegaT glossary]] and others. It can also show suggestions from [[Wikipedia:Apertium|Apertium]], [[Wikipedia:Google Translate|Google Translate]], [[Wikipedia:Bing Translator|Bing Translator]], [[Wikipedia:Moses (machine translation)|Moses]] and others.|http://translate.sourceforge.net/wiki/virtaal|{{AUR|virtaal}}}}<br />
<br />
=== Work environment ===<br />
<br />
The default installation of Arch does not contain any Desktop Environment and therefore forces users to choose one themselves. Most Arch boxes run some X11 Window Manager and/or Desktop Environment, but of course there are still people who prefer doing everyday tasks in bare console.<br />
<br />
==== Desktop environments ====<br />
<br />
{{Wikipedia|Comparison of X Window System desktop environments}}<br />
<br />
{{Box||See the main article: [[Desktop Environment#List of desktop environments]]|#E5E5FF|#FCFCFC}}<br />
<br />
==== Window managers ====<br />
<br />
===== Console =====<br />
<br />
* {{App|dvtm|[[dwm]]-style window manager in the console.|http://brain-dump.org/projects/dvtm/|{{Pkg|dvtm}}}}<br />
<br />
===== Graphical =====<br />
<br />
{{Wikipedia|Comparison of X window managers}}<br />
<br />
{{Box||See the main article: [[Window Manager#List of window managers]]|#E5E5FF|#FCFCFC}}<br />
<br />
==== Support applications ====<br />
<br />
===== Login managers =====<br />
<br />
{{Box||See the main article: [[Display Manager#List of display managers]]|#E5E5FF|#FCFCFC}}<br />
<br />
===== Terminal multiplexers =====<br />
<br />
* {{App|dtach|Program that emulates the detach feature of [[screen]].|http://dtach.sourceforge.net/|{{Pkg|dtach}}}}<br />
* {{App|[[screen|GNU Screen]]|Full-screen window manager that multiplexes a physical terminal.|https://gnu.org/s/screen/|{{Pkg|screen}}}}<br />
* {{App|[[Wikipedia:Tmux|tmux]]|BSD licensed terminal multiplexer.|http://tmux.sourceforge.net/|{{Pkg|tmux}}}}<br />
<br />
=== System Monitoring ===<br />
<br />
* {{App|adesklet SystemMonitor|Collection of modular stackable system monitors for [[Wikipedia:Adesklets|adesklets]].|http://adesklets.sourceforge.net/desklets.html|{{AUR|adesklet-systemmonitor}}}}<br />
* {{App|[[Conky]]|Lightweight, scriptable system monitor.|http://conky.sourceforge.net/|{{Pkg|conky}}}}<br />
* {{App|[[Wikipedia:GKrellM|GKrellM]]|Simple, flexible system monitor package for GTK+ with many plug-ins.|http://members.dslextreme.com/users/billw/gkrellm/gkrellm.html|{{Pkg|gkrellm}}}}<br />
* {{App|[[Wikipedia:Htop|htop]]|Simple, ncurses interactive process viewer.|http://htop.sourceforge.net/|{{Pkg|htop}}}}<br />
* {{App|LXTask|Lightweight task manager for [[LXDE]].|http://wiki.lxde.org/en/LXTask|{{Pkg|lxtask}}}}<br />
* {{App|dstat|Versatile resource statistics tool.|http://dag.wieers.com/home-made/dstat/|{{Pkg|dstat}}}}<br />
<br />
=== Terminal emulators ===<br />
<br />
{{Wikipedia|List of terminal emulators}}<br />
<br />
Power users use terminal emulators quite often, so unsurprisingly lots of X11 terminal emulators exist. Most of them emulate Xterm that emulates VT102, which emulates typewriter, so you will have to read the [[Wikipedia:Terminal emulator|Wikipedia article]] and [https://google.com/search?q=linux+terminal+emulators other sources] to get a hold on these things.<br />
<br />
* {{App|[[Wikipedia:aterm|aterm]]|Xterm replacement with transparency support.|http://aterm.sourceforge.net/|{{Pkg|aterm}}}}<br />
* {{App|Eterm|Terminal emulator intended as a replacement for xterm and designed for the [[Enlightenment]] desktop.|http://eterm.org|{{AUR|eterm}}}}<br />
* {{App|[[Wikipedia:Konsole|Konsole]]|Terminal emulator included in the [[KDE]] desktop.|http://kde.org/applications/system/konsole/|{{Pkg|kdebase-konsole}}}}<br />
* {{App|[[Wikipedia:mrxvt|Mrxvt]]|Tabbed X terminal emulator based on rxvt.|http://materm.sourceforge.net/index.html|{{AUR|mrxvt}}}}<br />
* {{App|[[Wikipedia:Rxvt|rxvt]]|Popular replacement for the xterm|http://rxvt.sourceforge.net/|{{Pkg|rxvt}}}}<br />
* {{App|[[st]]|Simple terminal implementation for X.|http://st.suckless.org|{{AUR|st}}}}<br />
* {{App|[[terminator]]|Terminal emulator supporting multiple resizable terminal panels.|http://tenshu.net/p/terminator.html|{{Pkg|terminator}}}}<br />
* {{App|Terminology|Terminal emulator by the Enlightenment project team with innovative features: file thumbnails and media play like a media player. It belongs to {{Grp|e17-extra}}.|http://enlightenment.org/p.php?p&#61;about/terminology|{{AUR|terminology}}}}<br />
* {{App|[[Wikipedia:Tilda (software)|Tilda]]|Terminal inspired by many classic terminals from first person shooter games such as Quake, Doom and Half-Life.|http://sourceforge.net/projects/tilda/files/|{{Pkg|tilda}}}}<br />
* {{App|[[urxvt]]|Highly extendable (with Perl) unicode enabled rxvt-clone terminal emulator featuring tabbing, url launching, a Quake style drop-down mode and pseudo-transparency.|http://software.schmorp.de/pkg/rxvt-unicode|{{Pkg|rxvt-unicode}}}}<br />
* {{App|[[Xterm|xterm]]|Simple terminal emulator for the X Window System. It provides DEC VT102 and Tektronix 4014 compatible terminals for programs that can't use the window system directly.|http://invisible-island.net/xterm/|{{Pkg|xterm}}}}<br />
* {{App|[[Wikipedia:Yakuake|Yakuake]]|Drop-down terminal (Quake style) emulator based on Konsole.|http://yakuake.kde.org/|{{Pkg|yakuake}}}}<br />
<br />
==== VTE-based ====<br />
<br />
[http://developer.gnome.org/vte/unstable/ VTE] (Virtual Terminal Emulator) is a widget developed during early GNOME days for use in the GNOME Terminal. It has since given birth to many terminals with similar capabilities.<br />
<br />
* {{App|[[Wikipedia:Evilvte|evilvte]]|Very lightweight and highly customizable terminal emulator with support for tabs, auto-hiding and different encodings.|http://calno.com/evilvte/|{{AUR|evilvte}}}}<br />
* {{App|[[Wikipedia:GNOME Terminal|GNOME Terminal]]|A terminal emulator included in the [[GNOME]] desktop with support for Unicode and pseudo-transparency.|http://invisible-island.net/xterm/xterm.faq.html#bug_gnometerm|{{Pkg|gnome-terminal}}}}<br />
* {{App|[[Guake]]|Drop-down terminal for the GNOME desktop.|http://guake.org/|{{AUR|guake-git}}}}<br />
* {{App|[[LilyTerm]]|Very light and easy to use X Terminal Emulator|http://lilyterm.luna.com.tw/|{{Pkg|lilyterm}}}}<br />
* {{App|LXTerminal|Desktop independent terminal emulator for [[LXDE]].|http://wiki.lxde.org/en/LXTerminal|{{Pkg|lxterminal}}}}<br />
* {{App|mt (multi-terminal)|Terminal emulator written as more lightweight replacement for Sakura while keeping most of its functionality.|https://github.com/mutantturkey/mt/|{{AUR|mt}}}}<br />
* {{App|ROXTerm|Tabbed terminal emulator with a small footprint.|http://roxterm.sourceforge.net/|{{Pkg|roxterm}}}}<br />
* {{App|sakura|Terminal emulator based on GTK+ and VTE.|http://www.pleyades.net/david/projects/sakura|{{Pkg|sakura}}}}<br />
* {{App|[[Stjerm]]|GTK+-based drop-down terminal emulator that provides a minimalistic interface combined with a small file size, lightweight memory usage and easy integration with composite window managers such as Compiz.|https://code.google.com/p/stjerm-terminal-emulator/|{{AUR|stjerm-git}}}}<br />
* {{App|[[Wikipedia:Terminal (Xfce)|Terminal]]|Terminal emulator included in the [[Xfce]] desktop with support for a colorized prompt and a tabbed interface.|http://docs.xfce.org/apps/terminal/start|{{Pkg|xfce4-terminal}}}}<br />
* {{App|Termit|Simple terminal emulator based on the vte library that includes tabs, bookmarks, and the ability to switch encodings.|https://wiki.github.com/nonstop/termit/|{{AUR|termit}}}}<br />
* {{App|Termite|A keyboard-centric VTE-based terminal, aimed at use within a window manager with tiling and/or tabbing support.|https://github.com/thestinger/termite|{{AUR|termite}}}}<br />
<br />
=== Text editors ===<br />
<br />
{{Wikipedia|Comparison of text editors}}<br />
<br />
==== Console ====<br />
<br />
* {{App|dex|Small and easy to use text editor with support for ctags and parsing compiler errors.|https://github.com/tihirvon/dex|{{AUR|dex-editor-git}}}}<br />
* {{App|[[Wikipedia:ed (text editor)|ed]]|Line-oriented text editor, the original editor for Unix.|https://gnu.org/s/ed/|{{Pkg|ed}}}}<br />
* {{App|[[Emacs|GNU Emacs]]|Somewhat intimidating but famously extensible text editor with hundreds of tricks and add-ons.|https://gnu.org/s/emacs|{{Pkg|emacs}}}}<br />
* {{App|[[Wikipedia:JED (text editor)|JED]]|Text editor that makes extensive use of the [[Wikipedia:S-Lang (programming library)|S-Lang library]].|http://jedsoft.org/jed/|{{AUR|jed}}}}<br />
* {{App|[[Joe]] (Joe's Own Editor)|Terminal-based text editor designed to be easy to use.|http://joe-editor.sourceforge.net/|{{AUR|joe}}}}<br />
* {{App|[[nano]]|Console text editor based on pico with on-screen key bindings help.|http://nano-editor.org/|{{Pkg|nano}}}}<br />
* {{App|[[Vim]] (Vi IMproved)|Advanced text editor that seeks to provide the power of the de-facto Unix editor 'vi', with a more complete feature set.|http://www.vim.org/|{{Pkg|vim}}}}<br />
* {{App|[[Wikipedia:Zile (editor)|Zile]]|A lightweight Emacs clone.|https://gnu.org/s/zile/|{{Pkg|zile}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Wikipedia:Acme (text editor)|Acme]]|Minimalist and flexible programming environment developed by Rob Pike for the Plan 9 operating system.|http://acme.cat-v.org|{{Pkg|plan9port}}}}<br />
* {{App|[[Beaver]]|A GTK+ editor designed to be modular, lightweight and stylish.|http://beaver-editor.sourceforge.net/|{{Pkg|beaver}}}}<br />
* {{App|cssed|GTK+-based Cascading Style Sheets (CSS) editor.|http://cssed.sourceforge.net/|{{AUR?|cssed}}}}<br />
* {{App|Edile|PyGTK code and scripting editor implemented in one file.|https://code.google.com/p/edile/|{{AUR|edile}}}}<br />
* {{App|[[Wikipedia:Gedit|Gedit]]|GTK+ editor for the GNOME desktop with syntax highlighting, automatic indentation, matching brackets, etc., and a number of add-ons to increase functionality.|http://projects.gnome.org/gedit/|{{Pkg|gedit}}}}<br />
* {{App|[[gVim]]|Graphical interface for Vim.|http://vim.org/|{{Pkg|gvim}}}}<br />
* {{App|[[Wikipedia:JuffEd|JuffEd]]|Simple tabbed text editor with syntax highlighting, written in Qt.|http://juffed.com/en/index.html|{{AUR|juffed}}}}<br />
* {{App|[[Wikipedia:Kate (text editor)|Kate]]|Full-featured programmer's editor for the KDE desktop with MDI and a filesystem browser.|http://kate-editor.org/|{{Pkg|kdesdk-kate}}}}<br />
* {{App|[[Wikipedia:KWrite|KWrite]]|Lightweight text editor for the KDE desktop that uses the same editor widget as Kate.|http://kde.org/applications/utilities/kwrite/|{{Pkg|kdebase-kwrite}}}}<br />
* {{App|[[Wikipedia:Leafpad|Leafpad]]|Notepad clone for GTK+ that emphasizes simplicity.|http://tarot.freeshell.org/leafpad/|{{Pkg|leafpad}}}}<br />
* {{App|medit|Programming and around-programming text editor.|http://mooedit.sourceforge.net/|{{Pkg|medit}}}}<br />
* {{App|[[Wikipedia:Xfce#Mousepad|Mousepad]]|Fast text editor for the Xfce Desktop Environment.|http://www.xfce.org/|{{Pkg|mousepad}}}}<br />
* {{App|[[Wikipedia:PyRoom|PyRoom]]|Great distractionless PyGTK text editor, a clone of the infamous WriteRoom.|http://pyroom.org/|{{AUR|pyroom}}}}<br />
* {{App|QSciTE|Qt clone of the SciTE text and code editor.|http://code.google.com/p/qscite/|{{AUR|qscite}}}}<br />
* {{App|QXmlEdit|Simple Qt XML editor and XSD viewer.|http://code.google.com/p/qxmledit/|{{AUR|qxmledit}}}}<br />
* {{App|[[Wikipedia:Sam (text editor)|Sam]]|Minimalist text editor with a graphical user interface, a very powerful command language and remote editing capabilities, developed by Rob Pike.|http://sam.cat-v.org|{{Pkg|plan9port}} or {{Pkg|9base}}}}<br />
* {{App|[[Wikipedia:SciTE|SciTE]]|Generally useful editor with facilities for building and running programs.|http://scintilla.org/SciTE.html|{{Pkg|scite}}}}<br />
* {{App|[[Wikipedia:Sublime Text|Sublime Text 2]]|Closed-source C++ and Python-based editor with many advanced features and plugins while staying lightweight and pretty.|http://sublimetext.com|{{AUR|sublime-text}}}}<br />
* {{App|Tea|Qt-based feature rich text editor.|http://tea-editor.sourceforge.net/|{{Pkg|tea}}}}<br />
<br />
=== Integrated Development Environments ===<br />
<br />
{{Wikipedia|Comparison of integrated development environments}}<br />
<br />
* {{App|[[Anjuta]]|Versatile IDE with project management, an application wizard, an interactive debugger, a source editor, version control support and many more tools.|http://www.anjuta.org/|{{Pkg|anjuta}}}}<br />
* {{App|[[Wikipedia:Aptana#Aptana_Studio|Aptana Studio]]|IDE based on Eclipse, but geared towards web development, with support for HTML, CSS, Javascript, Ruby on Rails, PHP, Adobe AIR and others.|http://www.aptana.org/|{{AUR|aptana-studio}}}}<br />
* {{App|[[Wikipedia:Bluefish (text editor)|Bluefish]]|GTK+ editor/IDE with an MDI interface, syntax highlighting and support for Python plugins.|http://bluefish.openoffice.nl/|{{Pkg|bluefish}}}}<br />
* {{App|[[Wikipedia:Bluej|Bluej]]|Fully featured Java IDE used mainly for educational and beginner purposes.|http://bluej.org/|{{AUR|bluej}}}}<br />
* {{App|[[Wikipedia:Code::Blocks|Code::Blocks]]|Open source and cross-platform C/C++ IDE.|http://www.codeblocks.org/|{{Pkg|codeblocks}}}}<br />
* {{App|[[Wikipedia:Cloud9|Cloud9]]|State-of-the-art IDE that runs in your browser and lives in the cloud, allowing you to run, debug and deploy applications from anywhere, anytime.|https://c9.io/|{{AUR|cloud9}}}}<br />
* {{App|[[Eclipse]]|Open source community project, which aims to provide a universal development platform.|http://eclipse.org/|{{Pkg|eclipse}}}}<br />
* {{App|[[Wikipedia:Editra|Editra]]|Multi-platform text editor with an implementation that focuses on creating an easy to use interface and features that aid in code development.|http://www.editra.org|{{AUR|editra}}}}<br />
* {{App|[[Wikipedia:Eric Python IDE|Eric]]|Full-featured Python 3.x and Ruby IDE in PyQt4.|http://eric-ide.python-projects.org/|{{Pkg|eric}}}}<br />
* {{App|[[Gambas]]|Free development environment based on a Basic interpreter with object extensions.|http://gambas.sourceforge.net/en/main.html|{{Pkg|gambas3-ide}}}}<br />
* {{App|[[Wikipedia:Geany|Geany]]|Text editor using the GTK+ toolkit with basic features of an integrated development environment.|https://geany.org|{{Pkg|geany}}}}<br />
* {{App|[[Wikipedia:IntelliJ IDEA|IntelliJ IDEA]]|IDE for Java, Groovy and other programming languages with advanced refactoring features.|http://www.jetbrains.com/idea/|{{Pkg|intellij-idea-community-edition}}}}<br />
* {{App|[[Wikipedia:KDevelop|KDevelop]]|Feature-full, plugin extensible IDE for C/C++ and other programming languages.|http://kdevelop.org/|{{Pkg|kdevelop}}}}<br />
* {{App|[[Wikipedia:Lazarus_(IDE)|Lazarus]]|Cross-platform IDE for Object Pascal.|http://lazarus.freepascal.org/|{{Pkg|lazarus}}}}<br />
* {{App|[[Wikipedia:MonoDevelop|MonoDevelop]]|Cross-platform IDE targeted for the Mono and .NET frameworks.|http://monodevelop.com/|{{Pkg|monodevelop}}}}<br />
* {{App|[[Netbeans|NetBeans]]|Integrated development environment (IDE) for developing with Java, JavaScript, PHP, Python, Ruby, Groovy, C, C++, Scala, Clojure, and other languages.|http://netbeans.org/|{{Pkg|netbeans}}}}<br />
* {{App|[[Wikipedia:PyCharm|PyCharm]]|IDE used for programming in Python with support for code analysis, debugging, unit testing, version control and web development with Django.|http://www.jetbrains.com/pycharm/|{{AUR|pycharm}}}}<br />
* {{App|[[Wikipedia:QDevelop|QDevelop]]|Free and cross-platform IDE for Qt.|http://biord-software.org/qdevelop/|{{AUR?|qdevelop}}}}<br />
* {{App|[[Wikipedia:Qt Creator|Qt Creator]]|Lightweight, cross-platform C++ integrated development environment with a focus on Qt.|http://qt.nokia.com/products/developer-tools|{{Pkg|qtcreator}}}}<br />
<br />
=== Pagers ===<br />
<br />
{{Wikipedia|Terminal pager}}<br />
<br />
* [[Wikipedia:More_(command)|more]] &mdash; A simple and feature-light pager. It is a part of the {{Pkg|util-linux}} package.<br />
* {{App|[[Wikipedia:Less_(Unix)|less]]|A program similar to more, but with support for both forward and backward scrolling, as well as partial loading of files.|http://www.gnu.org/software/less|{{Pkg|less}}}}<br />
* '''less-mouse''' &mdash; less with mouse scrolling support. It is present in the AUR as {{Aur|less-mouse}}.<br />
* {{App|[[Wikipedia:Most_(Unix)|most]]|A pager with support for multiple windows, left and right scrolling, and built-in colour support|http://www.jedsoft.org/most/|{{Pkg|most}}}}<br />
* {{App|mcview|A pager with mouse and colour support. It is bundled with midnight commander.|http://www.midnight-commander.org|{{Pkg|mc}}}}<br />
* {{App|vimpager|A script that turns vim into a pager. As a result, you get various vim features such as colour schemes, mouse support, split screens, etc.|https://github.com/rkitover/vimpager|{{Pkg|vimpager}}}}<br />
<br />
=== Application Launchers ===<br />
<br />
{{Wikipedia|Comparison of desktop application launchers}}<br />
<br />
* {{App|ADeskBar|Easy, simple and unobtrusive application launcher for Openbox.|http://adeskbar.tuxfamily.org/|{{AUR|adeskbar}}}}<br />
* {{App|[[dmenu]]|Fast and lightweight dynamic menu for X which is also useful as an application launcher.|http://tools.suckless.org/dmenu/|{{Pkg|dmenu}}}}<br />
* {{App|Fehlstart|Small GTK+-based application launcher.|https://gitorious.org/fehlstart|{{AUR|fehlstart-git}}}}<br />
* {{App|[[gmrun|Gmrun]]|Lightweight GTK+-based application launcher, with the ability to run programs inside a terminal and other handy features.|http://sourceforge.net/projects/gmrun/|{{Pkg|gmrun}}}}<br />
* {{App|[[Wikipedia:GNOME Do|GNOME Do]]|Application launcher inspired by [[Wikipedia:Quicksilver_(software)|Quicksilver]] with many plugins, originally developed for the GNOME desktop.|http://do.davebsd.com/|{{Pkg|gnome-do}}}}<br />
* {{App|Kupfer|Convenient command and access tool for the GNOME desktop that can launch applications, open documents and access different types of objects and act on them.|https://live.gnome.org/Kupfer|{{AUR|kupfer}}}}<br />
* {{App|[[Wikipedia:Launchy|Launchy]]|Very popular cross-platform application launcher with a plugin-based system used to provide extra functionality.|http://www.launchy.net/|{{Pkg|launchy}}}}<br />
<br />
=== Amateur radio ===<br />
<br />
{{Wikipedia|List of software-defined radios}}<br />
{{Box||See the main article: [[Amateur Radio#Software list]]|#E5E5FF|#FCFCFC}}<br />
<br />
=== Finance ===<br />
<br />
{{Wikipedia|Comparison of accounting software}}<br />
<br />
* {{App|esniper|Simple, lightweight tool for [[Wikipedia:Auction_sniping|sniping]] eBay auctions.|http://esniper.sourceforge.net/|{{AUR|esniper}}}}<br />
* {{App|[[Wikipedia:GnuCash|GnuCash]]|Financial application that implements a double-entry book-keeping system with features for small business accounting.|http://www.gnucash.org/|{{Pkg|gnucash}}}}<br />
* {{App|[[Wikipedia:Grisbi|Grisbi]]|Personal finance system which manages third party, expenditure and receipt categories, as well as budgetary lines, financial years, and other information that makes it suitable for associations.|http://www.grisbi.org/|{{AUR|grisbi}}}}<br />
* {{App|[[Wikipedia:HomeBank|HomeBank]]|Easy to use finance manager that can analyse your personal finance in detail using powerful filtering tools and graphs.|http://homebank.free.fr/|{{Pkg|homebank}}}}<br />
* {{App|[[Wikipedia:KMyMoney|KMyMoney]]|Personal finance manager that operates in a similar way to [[Wikipedia:Microsoft Money|Microsoft Money]]. It supports different account types, categorisation of expenses and incomes, reconciliation of bank accounts and import/export to the “QIF” file format.|http://kmymoney2.sourceforge.net/index-home.html|{{Pkg|kmymoney}}}}<br />
* {{App|Skrooge|Personal finances manager for the KDE desktop.|http://skrooge.org/|{{Pkg|skrooge}}}}<br />
* {{App|openerp|Open source erp system purely in python.|http://openerp.com/|{{AUR|openerp}}}}</div>Wingsuithttps://wiki.archlinux.org/index.php?title=List_of_applications/Internet&diff=265139List of applications/Internet2013-07-05T05:08:50Z<p>Wingsuit: /* MSN clients */</p>
<hr />
<div><noinclude><br />
[[Category:Internet Applications]]<br />
[[cs:List of Applications/Internet]]<br />
[[it:List of Applications/Internet]]<br />
[[ja:List of Applications/Internet]]<br />
[[zh-CN:List of Applications/Internet]]<br />
{{List of Applications navigation}}<br />
</noinclude><br />
<br />
== Internet ==<br />
<br />
{{Note|1=For possibly more up to date selection of applications, try checking the [https://aur.archlinux.org/packages.php?O=0&K=&do_Search=Go&detail=1&C=13&SeB=nd&SB=n&SO=a&PP=50 AUR 'network' category]}}<br />
<br />
=== BitTorrent Clients ===<br />
<br />
{{Wikipedia|Comparison of BitTorrent clients}}<br />
<br />
==== Console ====<br />
<br />
* {{App|[[aria2]]|Lightweight download utility that supports simultaneous adaptive downloading via HTTP(S), FTP, BitTorrent (DHT, PEX, MSE/PE) protocols and Metalink. It can run as a daemon controlled via a built-in JSON-RPC or XML-RPC interface.|http://aria2.sourceforge.net/|{{Pkg|aria2}}}}<br />
* {{App|[[Deluge]]|User-friendly BitTorrent client written in PyGTK that can run as a daemon.|http://deluge-torrent.org/|{{Pkg|deluge}}}}<br />
* {{App|[[Wikipedia:MLDonkey|MLDonkey]]|Multi-protocol P2P client that supports BitTorrent, HTTP, FTP, eDonkey and Direct Connect.|http://mldonkey.sourceforge.net/|{{AUR|mldonkey}}}}<br />
* {{App|[[rTorrent]]|Simple and lightweight ncurses BitTorrent client.|http://libtorrent.rakshasa.no/|{{Pkg|rtorrent}}}}<br />
* {{App|[[Transmission]]|Simple and easy-to-use BitTorrent client with a daemon version, GTK+, Qt GUI, web and CLI front-ends.|http://transmissionbt.com/|{{Pkg|transmission-cli}}}} {{Pkg|transmission-remote-cli}} {{AUR|transmission-remote-gtk}} (remote clients work with the daemon in the -cli package)<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Wikipedia:KGet|KGet]]|Download manager for KDE that supports HTTP(S), FTP and BitTorrent. Part of {{Grp|kdenetwork}}.|http://www.kde.org/applications/internet/kget/|{{Pkg|kdenetwork-kget}}}}<br />
* {{App|[[Wikipedia:KTorrent|KTorrent]]|Feature-rich BitTorrent client for KDE|http://ktorrent.org/|{{Pkg|ktorrent}}}}<br />
* {{App|[[Wikipedia:qBittorrent|qBittorrent]]|Open source (GPLv2) BitTorrent client that strongly resembles µtorrent.|http://qbittorrent.sourceforge.net/|{{AUR|qbittorrent}}}}<br />
* {{App|QTorrent|BitTorrent client written in PyQt.|http://thegraveyard.org/qtorrent.php{{Linkrot|2012|09|20}}|{{Pkg|qtorrent}}}}<br />
* {{App|[[Transmission]]|Simple and easy-to-use BitTorrent client with daemon version, GTK+, Qt GUI, web and CLI front-ends.|http://transmissionbt.com/|{{Pkg|transmission-gtk}} {{Pkg|transmission-qt}}}}<br />
* {{App|[[Wikipedia:Tribler|Tribler]]|4th generation file sharing system bittorrent client.|http://www.tribler.org|{{AUR|tribler}}}}<br />
* {{App|[[Wikipedia:Vuze|Vuze]]|Feature-rich BitTorrent client written in Java (formerly Azureus).|https://www.vuze.com/|{{AUR|vuze}}}}<br />
<br />
=== eDonkey Clients ===<br />
<br />
eDonkey is still the second-largest p2p network (see [http://ipoque.com/en/resources/internet-studies Internet Study 2008/2009]).<br />
{{Wikipedia|Comparison of eDonkey software}}<br />
<br />
* {{App|[[aMule]]|Well-known eDonkey/Kad client with a daemon version and GTK+, web, and CLI front-ends.|http://www.amule.org/|{{Pkg|amule}}}}<br />
* {{App|KaMule|KDE graphical front-end for aMule.|http://kde-apps.org/content/show.php?content&#61;150270|{{AUR|kamule}}}}<br />
<br />
=== eMoney ===<br />
<br />
{{Stub}}<br />
<br />
==== Bitcoin ====<br />
<br />
{{Box||See the main article: [[Bitcoin]]|#E5E5FF|#FCFCFC}}<br />
<br />
* {{App|Armory|Bitcoin client with with features such as support for multiple wallets, importing keys and backups.|https://github.com/etotheipi/BitcoinArmory|{{AUR|armory-git}}}}<br />
* {{App|[[Bitcoin]]|Official tool to manage Bitcoins, a P2P currency.|http://bitcoin.org/|{{Pkg|bitcoin-daemon}} {{Pkg|bitcoin-qt}}}}<br />
<br />
=== Chat Clients ===<br />
<br />
{{Wikipedia|Comparison of instant messaging clients}}<br />
<br />
==== Multi-Protocol Clients ====<br />
<br />
{{Wikipedia|Comparison of instant messaging clients#Multiprotocol clients}}<br />
<br />
{{Box||All messengers, that support several networks by means of direct connections to them, belong to this section.|#E5E5FF|#FCFCFC}}<br />
<br />
Many clients listed here (including Pidgin and all it's forks) support multiple IM networks via [[Wikipedia:libpurple|libpurple]]. The number of networks supported by these clients is very large but they (like any multiprotocol clients) usually have very limited or no support for network-specific features.<br />
<br />
===== Console =====<br />
<br />
* {{App|BarnOwl|Ncurses-based chat client with support for the Zephyr, AIM, Jabber, IRC, and Twitter protocols.|http://barnowl.mit.edu/|{{AUR|barnowl}}}}<br />
* {{App|[[Bitlbee]]|IRC client that provides a gateway to popular chat networks (XMPP, MSN, Yahoo, AIM, ICQ and Twitter).|http://bitlbee.org/|{{Pkg|bitlbee}}}}<br />
* {{App|[[Wikipedia:Centericq|CenterIM]]|Fork of CenterICQ, a text mode menu- and window-driven IM interface.|http://centerim.org/|{{Pkg|centerim}}}}<br />
* {{App|[[Pidgin|Finch]]|Ncurses-based chat client that uses libpurple and supports all its protocols.|http://developer.pidgin.im/wiki/Using%20Finch|{{Pkg|finch}}}}<br />
* {{App|[[Wikipedia:naim (software)|naim]]|Ncurses chat client with support for AOL, ICQ, IRC and the Lily CMC.|http://naim.n.ml.org/|{{Pkg|naim}}}}<br />
* {{App|pork|Programmable, ncurses-based AIM and IRC client that mostly looks and feels like ircII.|http://dev.ojnk.net/|{{Pkg|pork}}}}<br />
<br />
===== Graphical =====<br />
<br />
* {{App|Carrier|Pidgin fork providing minor GUI enhancements (formerly FunPidgin).|http://funpidgin.sourceforge.net/|{{AUR|carrier}}}}<br />
* {{App|[[Wikipedia:Emesene|Emesene]]|PyGTK instant messenger for the Windows Live Messenger network, also compatible with Jabber, Facebook and Google Talk.|http://emesene.org/|{{Pkg|emesene}}}}<br />
* {{App|[[Wikipedia:Empathy (software)|Empathy]]|GNOME instant messaging client using the [[Wikipedia:Telepathy (software)|Telepathy]] framework.|http://live.gnome.org/Empathy|{{Pkg|empathy}}}}<br />
* {{App|Galaxium Messenger|Messenger application designed for the GNOME desktop.|https://code.google.com/p/galaxium/|{{AUR|galaxium}}}}<br />
* {{App|[[Wikipedia:Instantbird|Instantbird]]|Multi-protocol chat client using Mozilla's XUL and libpurple.|http://instantbird.com/|{{AUR|instantbird}}}}<br />
* {{App|[[Wikipedia:Kopete|Kopete]]|User-friendly IM supporting AIM, ICQ, Windows Live Messenger, Yahoo, Jabber, Gadu-Gadu, Novell GroupWise Messenger, and other IM networks. Part of {{Grp|kdenetwork}}.|http://kopete.kde.org/|{{Pkg|kdenetwork-kopete}}}}<br />
* {{App|[[Kde#KDE_Telepathy|KDE Telepathy]]|KDE instant messaging client using the [[Wikipedia:Telepathy (software)|Telepathy]] framework. Meant as a replacement for Kopete.|http://community.kde.org/Real-Time_Communication_and_Collaboration/|{{Pkg|kde-telepathy-meta}}}}<br />
* {{App|Licq|Instant messaging client for UNIX supporting multiple protocols (currently ICQ, MSN and Jabber).|http://www.licq.org|{{Pkg|licq}}}}<br />
* {{App|[[Pidgin]]|Multi-protocol instant messaging client.|http://pidgin.im/|{{Pkg|pidgin}}}}<br />
* {{App|Pidgin Light|Light Pidgin version without GStreamer, Tcl/Tk or XScreenSaver support.|http://pidgin.im/|{{AUR|pidgin-light}}}}<br />
* {{App|qutIM|Simple and user-friendly IM supporting ICQ, Jabber, Mail.Ru, IRC and VKontakte messaging.|http://qutim.org/|{{AUR|qutim-stable}}}}<br />
<br />
==== Jabber/XMPP Clients ====<br />
<br />
{{Wikipedia|Comparison of instant messaging clients#XMPP clients}}<br />
<br />
===== Console =====<br />
<br />
* {{App|Freetalk|Console-based Jabber client.|https://gnu.org/s/freetalk/|{{Pkg|freetalk}}}}<br />
* {{App|jabber.el|Minimal Jabber client for [[Emacs]].|http://emacs-jabber.sourceforge.net/|{{AUR|emacs-jabber}}}}<br />
* {{App|[[Wikipedia:MCabber|MCabber]]|Small Jabber console client, includes features: SSL, PGP, MUC, OTR, and UTF8.|http://mcabber.com/|{{Pkg|mcabber}}}}<br />
<br />
===== Graphical =====<br />
<br />
* {{App|[[Wikipedia:Gajim|Gajim]]|Jabber client written in PyGTK.|https://gajim.org/|{{Pkg|gajim}}}}<br />
* {{App|Jabbim|Jabber client written in PyQt.|http://www.jabbim.com/|{{AUR|jabbim-svn}}}}<br />
* {{App|[[Wikipedia:Psi (instant messaging client)|Psi]]|Qt-based Jabber client.|http://psi-im.org/|{{Pkg|psi}}}}<br />
* {{App|Psi+|Enhanced version of the Psi Jabber client with many new [http://psi-plus.com/wiki/en:features#differences_between_psi_beta_version_and_the_official_psi_015-dev_version features].|https://code.google.com/p/psi-dev/|{{AUR|psi-plus}}}}<br />
* {{App|[[Wikipedia:Tkabber|Tkabber]]|Easy to hack feature-rich XMPP client by the author of the ejabberd XMPP server.|http://tkabber.jabber.ru/|{{Pkg|tkabber}}}}<br />
<br />
==== MSN clients ====<br />
<br />
{{Note|Consider that MSN protocol will be shut down soon}}<br />
* {{App|[[Wikipedia:AMSN|aMSN]]|MSN client written in Tcl/Tk with webcam and conferencing support.|http://amsn-project.net/|{{Pkg|amsn}}}}<br />
* {{App|[[Wikipedia:Emesene|Emesene]]|PyGTK MSN Messenger client.|http://blog.emesene.org/|{{Pkg|emesene}}}}<br />
* {{App|[[Wikipedia:Kmess|KMess]]|MSN Messenger client for Linux with support for custom emoticons, nudges, winks, file transfers and many others.|http://kmess.org/|{{Pkg|kmess}}}}<br />
<br />
==== IRC Clients ====<br />
<br />
{{Wikipedia|Comparison of Internet Relay Chat clients}}<br />
<br />
===== Console =====<br />
<br />
* {{App|[[Wikipedia:BitchX|BitchX]]|Console-based IRC client developed from the popular [[Wikipedia:ircII|ircII]].|http://www.bitchx.org/|{{Pkg|bitchx-svn}}}}<br />
* {{App|ERC|Powerful, modular, and extensible IRC client for [[Emacs]].|http://savannah.gnu.org/projects/erc/|{{AUR|erc-git}}}}<br />
* {{App|[[Wikipedia:Ii (IRC client)|ii]]|Featherweight IRC client, literally {{ic|tail -f}} the conversation and {{ic|echo}} back your replies to a file.|http://tools.suckless.org/ii|{{AUR|ii}}}}<br />
* {{App|Ircfs|File system interface to IRC written in [http://limbo.cat-v.org Limbo].|http://www.ueber.net/code/r/ircfs|{{AUR?|ircfs}}}}<br />
* {{App|[[Irssi]]|Highly-configurable ncurses-based IRC client.|http://irssi.org/|{{Pkg|irssi}}}}<br />
* {{App|ScrollZ|Advanced IRC client based on [[Wikipedia:ircII|ircII]].|http://www.scrollz.com/|{{AUR|scrollz}}}}<br />
* {{App|sic|Extremely simple IRC client, similar to [[Wikipedia:Ii (IRC client)|ii]].|http://tools.suckless.org/sic|{{AUR|sic}}}}<br />
* {{App|[[Wikipedia:WeeChat|WeeChat]]|Modular, lightweight ncurses-based IRC client.|http://weechat.org/|{{Pkg|weechat}}}}<br />
<br />
===== Graphical =====<br />
<br />
* {{App|HexChat|Fork of XChat for Linux and Windows.|http://hexchat.org/|{{Pkg|hexchat}}}}<br />
* {{App|[[Wikipedia:Konversation|Konversation]]|Qt-based IRC client for the KDE desktop.|http://konversation.kde.org/|{{Pkg|konversation}}}}<br />
* {{App|[[Wikipedia:KVIrc|KVIrc]]|Qt-based IRC client featuring extensive themes support.|http://kvirc.net/|{{Pkg|kvirc}}}}<br />
* {{App|Loqui|GTK+ IRC client with only one dependency: [https://live.gnome.org/GNetLibrary GNet].|https://launchpad.net/loqui|{{AUR|loqui}}}}<br />
* {{App|LostIRC|Simple GTK+ IRC client with tab-autocompletion, multiple server support, logging and others.|http://lostirc.sourceforge.net|{{AUR|lostirc}}}}<br />
* {{App|pcw|Frontend for [http://tools.suckless.org/ii ii] that opens a new terminal for each channel.|https://bitbucket.org/emg/pcw|{{AUR|pcw-hg}}}}<br />
* {{App|[[Wikipedia:Quassel IRC|Quassel]]|Modern, cross-platform, distributed IRC client.|http://quassel-irc.org/|{{Pkg|quassel}}}}<br />
* {{App|[[Wikipedia:Smuxi|Smuxi]]|Cross-platform IRC client for the GNOME desktop inspired by [[Irssi]].|http://smuxi.org/|{{Pkg|smuxi}}}}<br />
* {{App|[[Wikipedia:XChat|XChat]]|GTK-based IRC client that works on both Linux and Windows.|http://xchat.org/|{{Pkg|xchat}}}}<br />
<br />
=== Softphone ===<br />
<br />
{{Wikipedia|Comparison of VoIP software}}<br />
{{Wikipedia|List of SIP software}}<br />
<br />
==== Clients ====<br />
<br />
* {{App|[[Wikipedia:Blink (software)|Blink]]|State of the art, easy to use SIP client.|http://www.icanblink.com/|{{AUR|blink-darcs}}}}<br />
* {{App|[[Wikipedia:Ekiga|Ekiga]]|VoIP and video conferencing application with full SIP and H.323 support (formerly known as GNOME Meeting).|http://www.ekiga.org/|{{Pkg|ekiga}}}}<br />
* {{App|[[Wikipedia:Empathy (software)|Empathy]]|GNOME instant messenger client using the Telepathy framework with SIP support (using the Sofia-SIP library).|https://live.gnome.org/Empathy|{{Pkg|empathy}}}}<br />
* {{App|iaxComm|Open source softphone for the Asterisk PBX (using the IAX protocol).|http://iaxclient.sourceforge.net/iaxcomm/|{{AUR?|iaxcomm}}}}<br />
* {{App|[[Wikipedia:Jitsi|Jitsi]]|Audio/video SIP VoIP phone and instant messenger written in Java (formerly SIP-Communicator).|https://jitsi.org/|{{AUR|jitsi}}}}<br />
* {{App|Kiax|Qt-based IAX/2 Softphone.|http://www.forschung-direkt.eu/projects/kiax2/|{{AUR|kiax}}}}<br />
* {{App|[[Wikipedia:KPhone|KPhone]]|Qt SIP User Agent with voice, video and text messaging support.|http://sourceforge.net/projects/kphone/|{{AUR?|kphone}}}}<br />
* {{App|[[Wikipedia:Linphone|Linphone]]|VoIP phone application that allows you to to communicate freely with people over the internet, with voice, video, and text instant messaging.|http://www.linphone.org/|{{Pkg|linphone}}}}<br />
* {{App|Minisip|SIP User Agent with focus on security (supports TLS, end-to-end security, SRTP, MIKEY (DH, PSK, PKE)).|http://www.minisip.org/|{{AUR|minisip-svn}}}}<br />
* {{App|[[Wikipedia:Mumble (software)|Mumble]]|Voice chat application similar to TeamSpeak.|http://mumble.sourceforge.net/|{{pkg|mumble}}}}<br />
* {{App|[[Wikipedia:Psi (instant messaging client)|Psi]]|Qt-based Jabber client which supports video conferencing (since version 0.13).|http://psi-im.org/|{{Pkg|psi}} {{AUR|psi-plus}}}}<br />
* {{App|[[Wikipedia:QuteCom|QuteCom]]|Softphone which allows you to make free PC to PC video and voice calls, and to integrate all your IM contacts in one place (formerly Wengo Phone).|http://trac.qutecom.org/|{{AUR|qutecom}}}}<br />
* {{App|[[Wikipedia:SFLphone|SFLPhone]]|Open-source SIP/IAX2 compatible softphone with PulseAudio support.|http://sflphone.org/|{{AUR|sflphone}}}}<br />
* {{App|[[Skype]]|Popular P2P application for high-quality voice communication.|http://www.skype.com/|{{Pkg|skype}}}}<br />
* {{App|[[TeamSpeak]]|Proprietary VoIP application with gamers as its target audience.|http://www.teamspeak.com/|{{Pkg|teamspeak3}}}}<br />
* {{App|[[Wikipedia:Twinkle (software)|Twinkle]]|Qt softphone for VoIP and IM communication using SIP.|http://www.twinklephone.com/|{{AUR|twinkle}}}}<br />
* {{App|[[Wikipedia:X-Lite|X-Lite]]|Proprietary freeware VoIP soft phone that uses SIP.|http://www.counterpath.net/x-lite|{{AUR|xlite_bin}}}}<br />
* {{App|[[Wikipedia:Zfone|Zfone]]|Softphone application for secure voice communication over the Internet (VoIP), using the ZRTP protocol.|http://zfoneproject.com/|{{AUR|zfone}}}}<br />
<br />
==== Utilities ====<br />
<br />
* {{App|Gladstone|Educational ITU-T G.729 compliant codec with a GStreamer plugin.|http://code.google.com/p/gladstone/|{{AUR|gladstone-drizztbsd-git}}}}<br />
* {{App|SIPp|Open source test tool and traffic generator for the SIP protocol.|http://sipp.sourceforge.net/|{{AUR|sipp}}}}<br />
* {{App|Sipsak|Small command-line tool for developers and administrators of SIP applications.|http://sipsak.org/|{{AUR|sipsak}}}}<br />
<br />
=== Pastebin clients ===<br />
<br />
{{wikipedia|Pastebin}}<br />
Pastebin services are often used to paste information into [[IRC_Channel|IRC channels]] to help with troubleshooting. There are services for both text (e.g. [http://sprunge.us/ sprunge.org], [http://pastie.org/ pastie.org], [http://codepad.org/ codepad.org]) and images (e.g. [http://imgur.com/ imgur.com], [http://picpaste.com/ picpaste.com]). Pastebin clients allow you to post directy from the cli without using a web browser.<br />
<br />
{{Tip|The sprunge pastebin can be accessed directly via curl: {{bc|<nowiki><command> | curl -F 'sprunge=<-' http://sprunge.us</nowiki>}}<br />
There is also a [https://github.com/robbyrussell/oh-my-zsh/wiki/Usage-of-the-%22sprunge%22-command sprunge plugin] for [https://github.com/robbyrussell/oh-my-zsh/wiki oh-my-zsh] (a configuration tool for the [[Zsh]] command shell).}}<br />
<br />
{{Warning|Do not use [http://pastebin.com/ pastebin.com]. It appears to be the most popular site but it is slow, full of adverts, formats the text badly (it will mess up your code) and many people can not even open the site due to aggressive spam filters.}}<br />
<br />
* {{App|Curlpaste|Utility to post text files to a number of pastebin sites using curl and Lua. Servers: [http://pastebin.ca/ pastebin.ca], [http://codepad.org/ codepad.org], [http://dpaste.com/ dpaste.com] and [http://fpaste.org/ fpaste.org].|https://github.com/Kiwi/curlpaste/|{{Pkg|curlpaste}}}}<br />
* {{App|Elmer|Pastebin client similar to wgetpaste and curlpaste, except written in Perl and usable with wget or curl. Servers: [http://codepad.org/ codepad.org], [http://rafb.me/ rafb.me], [http://sprunge.us/ sprunge.us], [http://ompldr.org/ ompldr.org].|https://github.com/sudokode/elmer|{{AUR|elmer}}}}<br />
* {{App|Fb-client|Client for the [http://paste.xinu.at/ paste.xinu.at] pastebin.|http://paste.xinu.at|{{Pkg|fb-client}}}}<br />
* {{App|Gist|Command-line interface for the [https://gist.github.com/ gist.github.com] pastebin service.|http://github.com/defunkt/gist|{{AUR|gist}}}}<br />
* {{App|Haste|Universal pastebin tool, written in Haskell. Servers: [http://hpaste.org/ hpaste.org], [http://paste2.org/ paste2.org], [http://pastebin.com/ pastebin.com] and others.|http://hackage.haskell.org/package/haste|{{AUR?|haste}}}}<br />
* {{App|Hg-paste|Pastebin extension for Mercurial which can send diffs to various pastebin websites for easy sharing. Servers: [http://dpaste.com/ dpaste.com] and [http://dpaste.org/ dpaste.org].|http://bitbucket.org/sjl/hg-paste|{{AUR|hg-paste}}}}<br />
* {{App|Ix|Client for the ix.io pastebin.|http://ix.io|{{Pkg|ix}}}}<br />
* {{App|Npaste-client|Client for the [http://npaste.de/ npaste.de] pastebin.|http://npaste.de|{{AUR|npaste-client}}}}<br />
* {{App|Pastebinit|Really small Python script that acts as a Pastebin client. Servers: [http://pastie.org/ pastie.org], [http://paste.kde.org/ paste.kde.org], [http://paste.debian.net/ paste.debian.net], [http://paste.ubuntu.com/ paste.ubuntu.com] and others (for a full list see {{ic|pastebinit -l}}).|http://launchpad.net/pastebinit|{{Pkg|pastebinit}}}}<br />
* {{App|Vim-gist|Vim script for [https://gist.github.com/ gist.github.com].| http://www.vim.org/scripts/script.php?script_id&#61;2423 |{{AUR|vim-gist}}}}<br />
* {{App|Vim-paster|Vim plugin to paste to any pastebin service using curl.|http://eugeneciurana.com/site.php?page&#61;tools|{{AUR|vim-paster}}}}<br />
* {{App|Wgetpaste|Bash script that automates pasting to a number of pastebin services. Servers: [http://pastebin.ca/ pastebin.ca], [http://codepad.org/ codepad.org], [http://dpaste.com/ dpaste.com] and [http://pastebin.osuosl.org/ pastebin.osuosl.org].|http://wgetpaste.zlin.dk/|{{Pkg|wgetpaste}}}}<br />
<br />
=== Email clients ===<br />
<br />
{{Wikipedia|Comparison of e-mail clients}}<br />
<br />
==== Console ====<br />
<br />
* {{App|[[Alpine]]|Fast, easy-to-use and Apache-licensed email client based on [[Wikipedia:Pine (email client)|Pine]].|https://washington.edu/alpine|{{AUR|alpine}}}}<br />
* {{App|[[Wikipedia:Gnus|Gnus]]|Email, NNTP and RSS client for Emacs.|http://gnus.org/|{{AUR|emacs-gnus-git}}}}<br />
* {{App|[[Wikipedia:mailx|Heirloom mailx]]|Full-featured command-line Mail User Agent derived from Berkeley Mail.|http://heirloom.sourceforge.net/mailx.html|{{Pkg|heirloom-mailx}}}}<br />
* {{App|mu/mu4e|Email indexer (mu) and client for emacs (mu4e). Xapian based for fast searches.|http://www.djcbsoftware.nl/code/mu/mu4e.html|{{AUR|mu}}}}<br />
* {{App|[[Mutt]]|Small but very powerful text-based mail client.|http://www.mutt.org/|{{Pkg|mutt}}}}<br />
* {{App|[[Sup]]|CLI mail client with very fast searching, tagging, threading and GMail like operation.|http://sup.rubyforge.org/|{{AUR|sup}}}}<br />
* {{App|[[Wikipedia:Wanderlust (software)|Wanderlust]]|Email client and news reader for Emacs.|http://www.gohome.org/wl/|{{Pkg|wanderlust}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Balsa]]|Simple and light email client that is part of the Gnome project.|http://pawsa.fedorapeople.org/balsa/|{{Pkg|balsa}}}}<br />
* {{App|[[Wikipedia:Claws Mail|Claws Mail]]|Lightweight GTK-based email client and news reader.|http://claws-mail.org/|{{Pkg|claws-mail}}}}<br />
* {{App|[[Evolution]]|Mature and feature-rich e-mail client used in GNOME by default. Part of {{Grp|gnome-extra}}.|http://projects.gnome.org/evolution/|{{Pkg|evolution}}}}<br />
* {{App|Geary|Simple desktop mail client built in [[Wikipedia:Vala (programming language)|Vala]].|http://redmine.yorba.org/projects/geary/wiki|{{Pkg|geary}}}}<br />
* {{App|[[Wikipedia:Kmail|Kmail]]|Mature and feature-rich email client. Part of {{Grp|kdepim}}.|http://kde.org/applications/internet/kmail/|{{Pkg|kdepim-kmail}}}}<br />
* {{App|Manitou Mail|Database-driven email system.|http://www.manitou-mail.org/|{{AUR|manitou-mdx}} {{AUR|manitou-ui}}}}<br />
* {{App|[[Wikipedia:Sylpheed|Sylpheed]]|Lightweight and user-friendly GTK+ email client.|http://sylpheed.sraoss.jp/en/|{{Pkg|sylpheed}}}}<br />
* {{App|[[Thunderbird]]|Feature-rich email client from Mozilla written in GTK+.|http://www.mozilla.org/thunderbird/|{{Pkg|thunderbird}}}}<br />
* {{App|Trojitá|Qt IMAP email client.|http://trojita.flaska.net/|{{AUR|trojita}}}}<br />
<br />
=== Network Managers ===<br />
<br />
* {{App|[[Connman]]|Daemon for managing internet connections within embedded devices running the Linux operating system. The Connection Manager is designed to be slim and to use as few resources as possible, so it can be easily integrated.|https://connman.net/|{{Pkg|connman}}}}<br />
* {{App|[[netcfg]]|Simple and robust network configuration application that uses profile scripts.|https://projects.archlinux.org/netcfg.git/|{{AUR|netcfg}}}}<br />
* {{App|[[netctl]]|Netcfg replacement that works well with systemd.|https://projects.archlinux.org/netctl.git/|{{Pkg|netctl}}}}<br />
* {{App|[[NetworkManager]]|Manager that provides wired, wireless, mobile broadband and OpenVPN detection with configuration and automatic connection.|http://projects.gnome.org/NetworkManager/|{{Pkg|networkmanager}}}}<br />
* {{App|[[Wicd]]|Wireless and wired connection manager with few dependencies and GTK+, KDE and command-line interfaces.|http://wicd.sourceforge.net/|{{Pkg|wicd}}}}<br />
<br />
=== News Aggregators ===<br />
<br />
{{Wikipedia|Comparison of feed aggregators}}<br />
<br />
==== Console ====<br />
<br />
* {{App|[[Wikipedia:Canto (news aggregator)|Canto]]|Ncurses RSS aggregator.|http://codezen.org/canto/|{{AUR|canto}}}}<br />
* {{App|[[Wikipedia:Gnus|Gnus]]|Email, NNTP and RSS client for Emacs.|http://gnus.org/|{{AUR|emacs-gnus-git}}}}<br />
* {{App|Newsbeuter|Ncurses RSS aggregator with layout and keybinding similar to the [[Mutt]] email client.|http://newsbeuter.org|{{Pkg|newsbeuter}}}}<br />
* {{App|Rawdog|"RSS Aggregator Without Delusions Of Grandeur" that parses RSS/CDF/Atom feeds into a static HTML page of articles in chronological order.|http://offog.org/code/rawdog.html|{{AUR|rawdog}}}}<br />
* {{App|Snownews|Text mode RSS news reader.|http://kiza.kcore.de/software/snownews/|{{Pkg|snownews}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Wikipedia:Kontact#News Feed Aggregator|Akregator]]|News aggregator for KDE, part of {{Grp|kdepim}}.|http://kde.org/applications/internet/akregator/|{{Pkg|kdepim-akregator}}}}<br />
* {{App|[[Wikipedia:BlogBridge|BlogBridge]]|Excellent Java-based aggregator, which gives users the option to synchronize their feeds across multiple computers.|http://blogbridge.com|{{AUR|blogbridge}}}}<br />
* {{App|[[Wikipedia:Liferea|Liferea]]|GTK+ news aggregator for online news feeds and weblogs.| http://liferea.sourceforge.net|{{Pkg|liferea}}}}<br />
* {{App|RSS Guard|Very tiny RSS and Atom news reader developed using Qt framework.|https://code.google.com/p/rss-guard/|{{AUR|rss-guard}}}}<br />
* {{App|[[Wikipedia:RSSOwl|RSSOwl]]|Powerful aggregator for RSS and Atom feeds, written in Java using Eclipse Rich Client Platform and SWT as a widget toolkit.|http://boreal.rssowl.org|{{AUR|rssowl}}}}<br />
* {{App|[[Thunderbird]]|Email client from Mozilla which also functions as a pretty nice news aggregator.|http://www.mozilla.org/thunderbird/|{{Pkg|thunderbird}}}}<br />
* {{App|Tickr (formerly News)|GTK-based RSS Reader that displays feeds as a smooth scrolling line on your Desktop, as known from TV stations.|http://newsrssticker.com/|{{AUR|tickr}}}}<br />
* {{App|Urssus|Cross platform GUI news aggregator.|https://code.google.com/p/urssus/|{{AUR|urssus}}}}<br />
<br />
=== Web Browsers ===<br />
<br />
{{Wikipedia|Comparison of web browsers}}<br />
<br />
==== Console ====<br />
<br />
* {{App|[[Wikipedia:ELinks|ELinks]]|Advanced and well-established feature-rich text mode web browser (Links fork, barely supported since 2009).|http://elinks.or.cz/|{{Pkg|elinks}}}}<br />
* {{App|[[Wikipedia:Links (web browser)|Links]]|Text WWW browser, similar to Lynx, but with CSS-based rendering. It is much more advanced and includes detailed menus, similiar to GUI.|http://links.twibright.com/|{{Pkg|links}}}}<br />
* {{App|[[Wikipedia:Lynx (web browser)|Lynx]]|Text browser for the World Wide Web.|http://lynx.isc.org|{{Pkg|lynx}}}}<br />
* {{App|retawq|Interactive, multi-threaded network client (web browser) for text terminals.|http://retawq.sourceforge.net/|{{AUR|retawq}}}}<br />
* {{App|[[Wikipedia:W3m|w3m]]|Pager/text-based web browser. It has vim-like keybindings, and is able to display images. It has javascript support too.|http://w3m.sourceforge.net/|{{Pkg|w3m}}}}<br />
<br />
==== Graphical ====<br />
<br />
* {{App|[[Wikipedia:Abaco (web browser)|Abaco]]|Multi-page graphical web browser for the Plan 9 OS.|http://lab-fgb.com/abaco/{{linkrot|2013|05|19}}|{{AUR|abaco}}}}<br />
* {{App|[[Wikipedia:Arora (browser)|Arora]]|Cross-platform web browser built using QtWebKit. Development stopped in January 2012.|https://code.google.com/p/arora/|{{Pkg|arora}}}}<br />
* {{App|[[Chromium]]|Web browser developed by Google that uses the WebKit layout engine and application framework, the open source project behind Google Chrome.|http://www.chromium.org/|{{Pkg|chromium}}}}<br />
* {{App|[[Wikipedia:Conkeror|Conkeror]]|Highly programmable web browser, with Emacs-like keybindings, based on Mozilla's XULRunner.|http://conkeror.org/|{{AUR|conkeror-git}}}}<br />
* {{App|[[Wikipedia:Dillo|Dillo]]|Small, fast graphical web browser built on [[Wikipedia:Fltk|FLTK]].|http://dillo.org/|{{Pkg|dillo}}}}<br />
* {{App|[[dwb]]|Lightweight, highly customizable web browser based on the WebKit engine with vi-like shortcuts and tiling layouts.|http://portix.bitbucket.org/dwb/|{{Pkg|dwb}}}}<br />
* {{App|[[Epiphany]]|Browser which uses the WebKit rendering engine, part of {{Grp|gnome}}.|http://projects.gnome.org/epiphany/|{{Pkg|epiphany}}}}<br />
* {{App|[[Firefox]]|Extensible browser from Mozilla based on Gecko with fast rendering.|https://mozilla.com/firefox|{{Pkg|firefox}}}}<br />
* {{App|Hv3|Minimalist web browser based on [[Wikipedia:Tkhtml|Tkhtml3]].|http://tkhtml.tcl.tk/hv3.html|{{AUR|hv3}}}}<br />
* {{App|[[Jumanji]]|Highly customizable and functional web browser.|http://pwmt.org/projects/jumanji|{{AUR|jumanji}}}}<br />
* {{App|[[Wikipedia:Kazehakase|Kazehakase]]|Much lighter, but rather feature-lacking alternative to other browsers, based on GTK+ and Gecko.|http://kazehakase.sourceforge.jp/|{{AUR?|kazehakase}}}}<br />
* {{App|[[Wikipedia:Konqueror|Konqueror]]|Web browser based on Qt and KHTML, part of {{Grp|kdebase}}.|http://konqueror.org/|{{Pkg|kdebase-konqueror}}}}<br />
* {{App|[[Luakit]]|Highly configurable, micro-browser framework based on the WebKit engine and the GTK+ toolkit. It is very fast, extensible by Lua and licensed under the GNU GPLv3 license.|http://mason-larobina.github.com/luakit/|{{Pkg|luakit}}}}<br />
* {{App|[[Wikipedia:Midori (web browser)|Midori]]|Lightweight web browser based on GTK+ and WebKit.|http://twotoasts.de/index.php/midori/|{{Pkg|midori}}}}<br />
* {{App|[[Wikipedia:NetSurf|NetSurf]]|Featherweight browser written in C, notable for its lack of JavaScript support and fast rendering through its own custom rendering engine.|http://netsurf-browser.org|{{Pkg|netsurf}}}}<br />
* {{App|[[Opera]]|Highly customizable browser with focuses on an adherence to web rendering standards.|http://opera.com|{{Pkg|opera}}}}<br />
* {{App|[[Wikipedia:QupZilla|QupZilla]]|New and very fast open source browser based on WebKit core, written in Qt framework.| http://www.qupzilla.com |{{pkg|qupzilla}}}} <br />
* {{App|[[wikipedia:Rekonq|Rekonq]]|WebKit-based web browser for KDE.|http://rekonq.kde.org/|{{Pkg|rekonq}}}}<br />
* {{App|Sb|Very lightweight WebKit-based browser that uses keybindings to perform most things the URL bar would usually do.|https://github.com/mutantturkey/sb/|{{AUR|sb-git}}}} <br />
* {{App|Surf|Lightweight WebKit-based browser, which follows the [http://suckless.org/philosophy suckless ideology] (basically, the browser itself is a single C source file).|http://surf.suckless.org|{{Pkg|surf}}}}<br />
* {{App|[[Wikipedia:Uzbl|Uzbl]]|Group of web interface tools which adhere to the Unix philosophy.|http://uzbl.org/|{{Pkg|uzbl-browser}}}}<br />
* {{App|[[Vimprobable]]|Browser that behaves like the Vimperator plugin available for Mozilla Firefox. It is based on the WebKit engine and uses the GTK+ bindings.|http://sourceforge.net/apps/trac/vimprobable/{{linkrot|2013|05|19}}|{{AUR|vimprobable-git}}}}<br />
* {{App|[[Wikipedia:Xombrero|Xombrero]]|Webkit minimalist web browser with sophisticated security features designed-in, BSD style.|https://opensource.conformal.com/wiki/xombrero|{{AUR|xombrero-git}}}}<br />
<br />
=== Microblogging Clients ===<br />
<br />
{{Wikipedia|List of Twitter services and applications}}<br />
<br />
* {{App|Choqok|Microblogging client for KDE that supports Twitter.com, Identi.ca and opendesktop.org services.|http://choqok.gnufolks.org/|{{Pkg|choqok}}}}<br />
* {{App|[[Wikipedia:Gwibber|Gwibber]]|GTK-based microblogging client with support for Twitter, Identi.ca, StatusNet, Facebook, FriendFeed, Digg, Flikr and Qaiku.|http://gwibber.com/|{{Pkg|gwibber}}}}<br />
* {{App|[[Wikipedia:Hotot (program)|Hotot]]|Lightweight and open source microblogging client with support for Twitter and Identi.ca and integration with various image sharing services and URL shorteners.|http://hotot.org|{{AUR|hotot}}}}<br />
* {{App|Pino|Simple and fast client for Twitter and Identi.ca. written in [[Wikipedia:Vala (programming language)|Vala]].|http://pino-app.appspot.com/|{{AUR|pino}}}}<br />
* {{App|Polly|Linux Twitter client designed for multiple columns of multiple accounts.|https://launchpad.net/polly/|{{AUR|polly}}}}<br />
* {{App|Qwit|Cross-platform client for Twitter using the Qt toolkit.|http://code.google.com/p/qwit/|{{AUR|qwit}}}}<br />
* {{App|ttytter|Easily scriptable twitter client written in Perl.|http://www.floodgap.com/software/ttytter/|{{Pkg|ttytter}}}}<br />
* {{App|Turpial|Multi-interface Twitter client written in Python.|http://turpial.org.ve/|{{Pkg|turpial}}}}<br />
* {{App|tyrs|Simple client for for Twitter and Identi.ca supporting virtually all its features with nice console UI (unmaintained).|http://tyrs.nicosphere.net/|{{AUR|tyrs}}}}<br />
* {{App|turses|Twitter client for the console based off {{AUR|tyrs}} with mayor improvements.|http://turses.rtfd.org/|{{AUR|turses}}}}<br />
<br />
=== FTP ===<br />
<br />
==== FTP Clients ====<br />
<br />
{{Wikipedia|Comparison of FTP client software}}<br />
<br />
* {{App|CurlFtpFS|Filesystem for acessing FTP hosts based on FUSE and libcurl.|http://curlftpfs.sourceforge.net/|{{Pkg|curlftpfs}}}}<br />
* {{App|[[Wikipedia:FatRat|FatRat]]|Download manager with support for HTTP, FTP, SFTP, BitTorrent, RapidShare and more.|http://fatrat.dolezel.info/|{{Pkg|fatrat}}}}<br />
* {{App|[[Wikipedia:FileZilla|FileZilla]]|Fast and reliable FTP, FTPS and SFTP client.|http://filezilla-project.org/|{{Pkg|filezilla}}}}<br />
* {{App|fuseftp|FTP filesystem written in Perl, using [[Wikipedia:Filesystem in Userspace|FUSE]].|http://freshmeat.net/projects/fuseftp/|{{AUR|fuseftp}}}}<br />
* {{App|[[Wikipedia:gFTP|gFTP]]|Multithreaded FTP client for Linux.|http://gftp.seul.org/|{{Pkg|gftp}}}}<br />
* {{App|[[Wikipedia:Lftp|LFTP]]|Sophisticated command-line FTP client.|http://lftp.yar.ru/|{{Pkg|lftp}}}}<br />
* {{App|[[Wikipedia:tnftp|tnftp]]|FTP client with several advanced features for [[Wikipedia:NetBSD|NetBSD]].|http://freecode.com/projects/tnftp|{{Pkg|tnftp}}}}<br />
Some file managers like Dolphin, [[Nautilus]] and [[Thunar]] also provide FTP functionality.<br />
<br />
==== FTP Servers ====<br />
<br />
* {{App|[[Wikipedia:Pure-FTPd|Pure-FTPd]]|Free (BSD-licensed), secure, production-quality and standard-compliant FTP server.|http://www.pureftpd.org/project/pure-ftpd|{{AUR|pure-ftpd}}}}<br />
* {{App|[[Very Secure FTP Daemon|vsftpd]]|Lightweight, stable and secure FTP server for UNIX-like systems.|https://security.appspot.com/vsftpd.html|{{Pkg|vsftpd}}}}<br />
<br />
=== Others ===<br />
<br />
* {{App|[[Wikipedia:Sharelin|Sharelin]]|Gnutella2 only client with a web UI.|http://sourceforge.net/apps/mediawiki/sharelin|{{AUR|Sharelin}}}}</div>Wingsuit