From ArchWiki
Revision as of 12:13, 8 September 2014 by Progandy (talk | contribs) (Technologies: add warning about greedy rfkill grab)
Jump to: navigation, search

ConnMan is a command-line network manager designed for use with embedded devices. ConnMan is light on resources, making it ideal for netbooks and other mobile devices. It is modular through its use of a plugin system, as opposed to having all functionality built in. Plugins are currently available for:

  • Wi-Fi (Through wpa_supplicant
  • Ethernet
  • Bluetooth (Through bluez)
  • WiMAX
  • VPN's (Through the connman-vpn.service)

It is extremely fast at resolving connections as well as in its startup time. After the initial setup, you may wish to check for yourself with systemd-analyze blame to see the difference in startup time compared to other network managers.


Install the connman package from the official repositories. wpa_supplicant and bluez are optional dependencies required for Wi-Fi and Bluetooth functionality respectively.

Start and enable connman.service. If present, stop and disable other networking services to prevent conflicts (e.g netctl.service).

Desktop clients

  • cmst — Qt GUI for ConnMan. || cmstAUR
  • EConnman — Enlightenment desktop panel applet. || econnmanAUR
  • ConnMan-UI — GTK+ client applet. || connman-ui-gitAUR
  • connman_dmenu — Client/frontend for dmenu. || connman_dmenu-gitAUR
  • connman-notify — Connman event notification client || not packaged? search in AUR

Currently the GTK client is not 100% stable, however it is good enough for day-to-day usage. To use it just add connman-ui-gtk to one of your startup files, e.g: autostart for Openbox.


Tango-view-fullscreen.pngThis article or section needs expansion.Tango-view-fullscreen.png

Reason: Only Wired and Wi-Fi plugins are described. (Discuss in Talk:ConnMan#)

ConnMan has a standard command line client connmanctl. It can run in 2 modes:

  • In command mode commands are entered as arguments to connmanctl command, just like systemctl.
  • Interactive mode is started by typing connmanctl without arguments. Prompt will change to connmanctl> to indicate it is waiting for user commands, just like python interactive mode.


ConnMan will automatically handle wired connections.


{{Note|Make sure the Wi-Fi device is listed in the output of ip link show up. If it is not listed that means it is not powered on. Use Fn keys on the laptop to turn it on. You may need to run connmanctl enable wifi.

Connecting to an open access point

The commands in this section show how to run connmanctl in command mode.

To scan the network connmanctl accepts simple names called technologies. To scan for nearby Wi-Fi networks:

$ connmanctl scan wifi

To list the available networks found after a scan run (example output):

$ connmanctl services
*AO MyNetwork               wifi_dc85de828967_68756773616d_managed_psk
    OtherNET                wifi_dc85de828967_38303944616e69656c73_managed_psk 
    AnotherOne              wifi_dc85de828967_3257495245363836_managed_wep
    FourthNetwork           wifi_dc85de828967_4d7572706879_managed_wep
    AnOpenNetwork           wifi_dc85de828967_4d6568657272696e_managed_none

To connect to an open network simple use the enter the second field beginning with wifi_:

$ connmanctl connect wifi_dc85de828967_4d6568657272696e_managed_none

You should now be connected to the network. Check using ip addr or connmanctl state.

Connecting to a protected access point

For protected access points you will need to provide some information to the ConnMan daemon, at the very least a password or a passphrase.

The commands in this section show how to run connmanctl in interactive mode, it is required for running the agent command. To start interactive mode simply type:

$ connmanctl

You then proceed almost as above, first scan for any Wi-Fi technologies:

connmanctl> scan wifi

To list services:

connmanctl> services

Now you need to register the agent to handle user requests. The command is:

connmanctl> agent on

You now need to connect to one of the protected services. To do this it is very handy to have a terminal that allows cut and paste. If you were connecting to OtherNET in the example above you would type:

connmanctl> connect wifi_dc85de828967_38303944616e69656c73_managed_psk

The agent will then ask you to provide any information the daemon needs to complete the connection. The information requested will vary depending on the type of network you are connecting to. The agent will also print additional data about the information it needs as shown in the example below.

Agent RequestInput wifi_dc85de828967_38303944616e69656c73_managed_psk
  Passphrase = [ Type=psk, Requirement=mandatory ]

Provide the information requested, in this example the passphrase, and then type:

connmanctl> quit

If the information you provided is correct you should now be connected to the protected access point.


Settings and profiles are automatically created for networks the user connects to often. They contain feilds for the passphrase, essid and other information. Profile settings are stored in directories under /var/lib/connman/ by their service name. To view all network profiles run this command from root shell:

# cat /var/lib/connman/*/settings
Note: VPN settings can be found in /var/lib/connman-vpn/.


Various hardware interfaces are referred to as Technologies by ConnMan.

To list available technologies run:

$ connmanctl technologies

To get just the types by their name one can use this one liner:

$ connmanctl technologies | awk '/Type/ { print $NF }'
Note: The field Type = tech_name provides the technology type used with connmanctl commands

To interact with them one must refer to the technology by type. Technologies can be toggled on/off with:

$ connmanctl enable technology_type


$ connmanctl disable technology_type

For example to toggle off wifi:

$ connmanctl disable wifi
Warning: connman grabs all rfkill events. It is most likely impossible to use rfkill or bluetoothctl to (un)block devices. Always use connmanctl enable|disable

Tips and tricks

Automatic switching between wired and wireless

ConnMan supports automatic switching of saved profiles with PreferredTechnologies option. This works great, but can leave you with both wireless and wired enabled at the same time. To circumvent this you need to enable the SingleConnectedTechnology option. The result of the new configuration file you need to add at /etc/connman/main.conf is:


And make sure to restart the connman.service.

For testing purposes it is recommended to watch the journal and plug the network cable a few times to see the action.

Prevent ConnMan from changing hostname

By default, ConnMan changes the transient hostname on a per network basis. To disable this behavior, add the following to /etc/connman/main.conf:


Connecting to eduroam

If you are connecting to an eduroam, you will need to manually create a configuration file before you can call connmanctl connect .... Thankfully the process is simple, and an example eduroam config is even included in the connman git repository.

Here is a more fleshed out config that should work with most eduroam networks:

Type = wifi
Name = eduroam
EAP = peap
CACertFile = /etc/ssl/certs/ca-certificates.crt
Phase2 = MSCHAPV2
Identity =
Passphrase = yourpassword

Put this in a file at /var/lib/connman/wifi_eduroam.config. After a restart, you should be able to connect.

See also

For further detailed information on ConnMan you may refer to the documentation in its git repo at [1].