Difference between revisions of "Wicd"

From ArchWiki
Jump to: navigation, search
(Adding scripts section)
(Running Wicd)
(35 intermediate revisions by 18 users not shown)
Line 1: Line 1:
 +
[[de:Wicd]]
 
[[es:Wicd]]
 
[[es:Wicd]]
 
[[fr:Wicd]]
 
[[fr:Wicd]]
Line 14: Line 15:
 
[http://www.wicd.net/ Wicd] is a network connection manager that can manage wireless and wired interfaces, similar and an alternative to [[NetworkManager]]. Wicd is written in [[Python]] and [[GTK+]], requiring fewer dependencies than other network managers. Alternatively, a version of Wicd for [[KDE]], written in [[Qt]], is available from the [[Arch User Repository]]. Wicd can also run from the terminal in a curses interface, requiring no X server session or task panel (see [[#Running Wicd]]).
 
[http://www.wicd.net/ Wicd] is a network connection manager that can manage wireless and wired interfaces, similar and an alternative to [[NetworkManager]]. Wicd is written in [[Python]] and [[GTK+]], requiring fewer dependencies than other network managers. Alternatively, a version of Wicd for [[KDE]], written in [[Qt]], is available from the [[Arch User Repository]]. Wicd can also run from the terminal in a curses interface, requiring no X server session or task panel (see [[#Running Wicd]]).
  
==Installation==
+
== Installation ==
[[pacman|Install]] {{Pkg|wicd}}, available in the [[Official Repositories]].
+
  
{{Note | Since 20-3-2011 the "wicd" package from standard repositories was split:
+
=== Base package ===
wicd:      Includes everything needed to run the wicd daemon and the wicd-cli and wicd-curses interfaces.
+
  
wicd-gtk:  Includes everything needed to run the GTK interface of wicd and the autostart file for the client to appear in the systray.
+
[[pacman|Install]] {{Pkg|wicd}}, available in the [[official repositories]]. It includes everything needed to run the wicd daemon and the {{ic|wicd-cli}} and {{ic|wicd-curses}} interfaces.
}}
+
  
==== GTK client ====
+
=== GTK+ client ===
For a GTK front-end, install {{Pkg|wicd-gtk}}, available in the [[Official Repositories]].
+
  
==== KDE client ====
+
For a GTK+ front-end, install {{Pkg|wicd-gtk}}, available in the official repositories. It includes everything needed to run the GTK interface of wicd and the autostart file for the client to appear in the system tray.
For a KDE front-end, install {{AUR|wicd-kde}}, available in the [[Arch User Repository]].   
+
 
 +
=== KDE client ===
 +
 
 +
For a KDE front-end, install {{AUR|wicd-kde}}, available in the [[AUR]].   
 +
 
 +
=== Notifications ===
  
==== Notifications ====
 
 
To enable visual notifications about network status, you need to install the {{Pkg|notification-daemon}}.
 
To enable visual notifications about network status, you need to install the {{Pkg|notification-daemon}}.
  
If you are not using gnome, you will want to install {{Pkg|xfce4-notifyd}} instead of the notification-daemon, because it pulls a lot of unnecessary gnome packages.
+
If you are not using [[GNOME]], you will want to install {{Pkg|xfce4-notifyd}} instead of the notification-daemon, because it pulls a lot of unnecessary GNOME packages.
  
===Alternative===
+
=== Alternative ===
The {{AUR|wicd-bzr}} buildscript is available from [[AUR]], which should build the latest development branch.
+
 
 +
The {{AUR|wicd-bzr}} buildscript is available in the [[AUR]], which should build the latest development branch.
 
If you need an alternative version or you just want to roll your own package, you can easily build it using [[ABS]].
 
If you need an alternative version or you just want to roll your own package, you can easily build it using [[ABS]].
  
==Getting Started==
+
== Getting started ==
 +
 
 +
=== Initial setup ===
  
===Initial Setup===
 
 
Wicd provides a daemon that must be started.  
 
Wicd provides a daemon that must be started.  
  
 
{{Warning | Running multiple network managers ''will'' cause problems, so it is important to ''disable all other network management daemons''.}}
 
{{Warning | Running multiple network managers ''will'' cause problems, so it is important to ''disable all other network management daemons''.}}
  
First, stop all previously running network daemons:
+
First, stop all previously running network daemons (like netctl, netcfg, dhcpcd, NetworkManager).
  
# rc.d stop network
+
Disable any existing network management services, including {{ic|netctl}}, {{ic|netcfg}}, {{ic|dhcpcd}}, and {{ic|networkmanager}}. Refer to [[Systemd#Using_units]].
# rc.d stop dhcpcd
+
# rc.d stop networkmanager
+
  
Now, edit {{ic|/etc/rc.conf}} as root:
+
{{Note|You might need to stop and disable the '''network''' daemon instead of '''netctl''', which is a current replacement for '''network''' service. If unsure, try disabling both.}}
  
# nano /etc/rc.conf
+
Start the '''wicd''' [[systemd ]] [[daemon]] and enable it at system start up.
  
Disable (!) any existing network management daemons in the DAEMONS array, including '''network''', '''dhcpcd''', and '''networkmanager'''.
+
Add your account to '''users''' group:
  
Now, add '''dbus''' (if not already present) and '''wicd''' to the DAEMONS array, in that order. The DAEMONS array should now look something like this:
+
# gpasswd -a USERNAME users
  
DAEMONS=(syslog-ng '''dbus''' !network !dhcpcd !networkmanager '''wicd''' ...)
+
{{Note|The Unix group that dbus allows to access '''wicd''' is subject to change, and may be different than ''users''. Check which policy group is specified in {{ic|/etc/dbus-1/system.d/wicd.conf}}, and add your user to that group.}}
  
Save and close.  
+
If you added your user to a new group, log out and then log in.
  
Add your account to '''network''' group:
+
=== Running Wicd in Desktop Environment===
  
# gpasswd -a USERNAME network
+
If you have installed the {{pkg|wicd-gtk}} and entered the desktop environment. Open a virtual terminal to run one of the following commands.
  
{{Note | The Unix group that dbus allows to access '''wicd''' is subject to change, and may be different than ''network''.  Check which policy group is specified in {{ic|/etc/dbus-1/system.d/wicd.conf}}, and add your user to that group.}}
+
* To start Wicd as system service, run:
  
Reboot your computer or start the daemons:
+
  $ systemctl start wicd.service
  # rc.d start dbus
+
and finally
+
# rc.d start wicd
+
  
If you added your user to a new group, logout and then login.
+
* To load Wicd, run:
 
+
===Running Wicd===
+
To load Wicd, run:
+
  
 
  $ wicd-client
 
  $ wicd-client
  
To force it to start minimized in the notification area, run:
+
* To force it to start minimized in the notification area, run:
  
 
  $ wicd-client --tray
 
  $ wicd-client --tray
  
If your desktop environment does not have a notification area, run:
+
* If your desktop environment does not have a notification area, or if you don't want wicd to show tray icon, run:
  
 
  $ wicd-client -n
 
  $ wicd-client -n
  
{{Note | The above commands will only work if you have installed the wicd-gtk package. If you did not install wicd-gtk then use wicd-cli or wicd-curses}}
+
=== Running Wicd in Text Mode===
  
You can add '''wicd-client''' to your DE/WM startup to have the application start when you log in.
+
If you did not install {{pkg|wicd-gtk}} then use wicd-cli or wicd-curses:
{{Note | Some users have had an issue with two {{ic|wicd-client}} processes when using this method. There has been discussion about this in the Arch forums and Arch bug reports (see [[#External_links]]). It appears that the wicd package puts a file in {{ic|/etc/xdg/autostart/wicd-tray.desktop}}, which will autostart {{ic|wicd-client}} upon login to your DE/WM. If this is the case, you will have two {{ic|wicd-client}}s running if you add an additional {{ic|wicd-client}} to your DE/WM startup file. Should that occur, confirm that the {{ic|wicd-tray.desktop}} file exists in {{ic|/etc/xdg/autostart}}; if so, having wicd in the daemons list of {{ic|/etc/rc.conf}} is sufficient.}}
+
 
+
You can also run wicd as a curses application from the terminal like so:
+
  
 
  $ wicd-curses
 
  $ wicd-curses
Line 100: Line 92:
 
{{Note | Wicd does not prompt you for a passkey. To use encrypted connections (WPA/WEP), expand the network you want to connect to, click '''Advanced''' and enter the needed info.}}
 
{{Note | Wicd does not prompt you for a passkey. To use encrypted connections (WPA/WEP), expand the network you want to connect to, click '''Advanced''' and enter the needed info.}}
  
===Scripts===
+
=== Autostart ===
 +
 
 +
The {{Pkg|wicd-gtk}} package puts a file in {{ic|/etc/xdg/autostart/wicd-tray.desktop}}, which will autostart {{ic|wicd-client}} upon login to your DE/WM. If so, enabling the wicd system service is enough:
 +
 
 +
$ systemctl enable wicd.service
 +
 
 +
If {{ic|/etc/xdg/autostart/wicd-tray.desktop}} does not exist, you can add '''wicd-client''' to your DE/WM startup to have the application start when you log in.
 +
 
 +
{{Note|If '''wicd-client''' is added to DE/WM startup when {{ic|/etc/xdg/autostart/wicd-tray.desktop}} exists, you will have an issue of two {{ic|wicd-client}} instances running.}}
 +
 
 +
=== Scripts ===
 +
 
 
Wicd has the ability to run scripts during all stages of the connection process (post/pre connect/disconnect).
 
Wicd has the ability to run scripts during all stages of the connection process (post/pre connect/disconnect).
Simply place a script inside the relevant stage folder within /etc/wicd/scripts/ and make it executable.
+
Simply place a script inside the relevant stage folder within {{ic|/etc/wicd/scripts/}} and make it executable.
  
 
The scripts are able to receive three parameters, these being:  
 
The scripts are able to receive three parameters, these being:  
Line 109: Line 112:
 
  $3 - the BSSID (gateway MAC).
 
  $3 - the BSSID (gateway MAC).
  
As an example, the script below can be used to set a static ARP, to stop ARP spoofing attacks.
+
==== Stop ARP spoofing attacks ====
Simply change the values within the case statement to match those of the networks you want to set static ARP entries for.
+
 
 +
The script below can be used to set a static ARP, to stop ARP spoofing attacks.
 +
Simply change the values within the case statement to match those of the networks you want to set static ARP entries for. Launch it as root:
  
 
  #!/bin/bash
 
  #!/bin/bash
Line 120: Line 125:
 
  if [ "${connection_type}" == "wireless" ]; then
 
  if [ "${connection_type}" == "wireless" ]; then
 
   
 
   
        #Change below to match your networks.
+
        #Change below to match your networks.
        case "$essid" in
+
        case "$essid" in
                YOUR-NETWORK-NAME-ESSID)
+
        YOUR-NETWORK-NAME-ESSID)
                        sudo arp -s 192.168.0.1 00:11:22:33:44:55
+
                arp -s 192.168.0.1 00:11:22:33:44:55
                        ;;
+
          ;;
                Netgear01923)
+
          Netgear01923)
                        sudo arp -s 192.168.0.1 10:11:20:33:40:50
+
                arp -s 192.168.0.1 10:11:20:33:40:50
                        ;;
+
          ;;
                ANOTHER-ESSID)
+
          ANOTHER-ESSID)
                        sudo arp -s 192.168.0.1 11:33:55:77:99:00
+
                arp -s 192.168.0.1 11:33:55:77:99:00
                        ;;
+
          ;;
                *)
+
          *)
                        echo "Static ARP not set. No network defined."
+
                echo "Static ARP not set. No network defined."
                        ;;
+
          ;;
 
         esac
 
         esac
 
  fi
 
  fi
  
 +
==== Change MAC using macchanger ====
  
 +
See the [[MAC_Address_Spoofing#Systemd_unit_using_random_address|relative article]].
  
==Troubleshooting==
+
The script below can be used to change the MAC address of your network interfaces.
 +
 
 +
To change the MAC whenever you connect to a network, place this script under {{ic|/etc/wicd/scripts/preconnect/}}.
 +
 
 +
Take a look at {{ic|macchanger --help}} to adjust the macchanger command to your liking.
 +
 
 +
{{bc|<nowiki>
 +
#!/usr/bin/env bash
 +
 
 +
connection_type="$1"
 +
 
 +
if [[ "${connection_type}" == "wireless" ]]; then
 +
        ip link set wlp2s0 down
 +
        macchanger -A wlp2s0
 +
        ip link set wlp2s0 up
 +
elif [[ "${connection_type}" == "wired" ]]; then
 +
        ip link set enp1s0 down
 +
        macchanger -A enp1s0
 +
        ip link set enp1s0 up
 +
fi
 +
</nowiki>}}
 +
 
 +
== Troubleshooting ==
  
 
=== Failed to get IP address ===
 
=== Failed to get IP address ===
If wicd repeatedly fails to get an IP address using the default dhcpcd client, try installing and using '''dhclient''' instead:
+
 
# pacman -S dhclient
+
If wicd repeatedly fails to get an IP address using the default dhcpcd client, try installing and using {{Pkg|dhclient}} instead. Do not forget to select dhclient as the primary dhcp client in wicd options afterwards!
Do not forget to select dhclient as the primary dhcp client in wicd options afterwards!
+
  
 
If wicd can get an IP address for a wired interface and is unable to get an IP address for a wireless interface, try disabling the wireless card's powersaving features:
 
If wicd can get an IP address for a wired interface and is unable to get an IP address for a wireless interface, try disabling the wireless card's powersaving features:
  # iwconfig wlan0 power off
+
  # iwconfig wlp2s0 power off
  
 
=== Random disconnecting ===
 
=== Random disconnecting ===
If dmesg says {{ic|1=wlan0: deauthenticating from MAC by local choice (reason=3)}} and you lose your wifi connection, it is likely that you have a bit too agressive powersaving on your wifi card[http://us.generation-nt.com/answer/gentoo-user-wireless-deauthenticating-by-local-choice-help-204640041.html]. Try disabling the wireless card's powersaving features:
 
# iwconfig wlan0 power off
 
  
If you have the package '''pm-utils''' installed, it may be the reason powersaving is on in your system[http://uselessuseofcat.com/?p=67]. You can put {{bc|#!/bin/sh
+
==== Cause #1 ====
/sbin/iwconfig wlan0 power off}} into the file /etc/pm/power.d/wireless (create it if it does not exist and make it executable) and see if things get better.
+
  
If your card does not support "iwconfig wlan0 power off", check the '''BIOS''' for power management options. Disabling PCI-Express power management in bios on a Lenovo W520 resolved this issue.
+
If dmesg says {{ic|1=wlp2s0: deauthenticating from MAC by local choice (reason=3)}} and you lose your Wi-Fi connection, it is likely that you have a bit too aggressive power-saving on your Wi-Fi card[http://us.generation-nt.com/answer/gentoo-user-wireless-deauthenticating-by-local-choice-help-204640041.html]. Try disabling the wireless card's power-saving features:
 +
# iwconfig wlp2s0 power off
  
=== Importing pynotify failed, notifications disabled ===
+
If you have the package {{Pkg|pm-utils}} installed, it may be the reason power-saving is on in your system[http://uselessuseofcat.com/?p=67]. You can put:
In case the package did not get installed automatically -- the package's name is "python-notify":
+
# pacman -S python-notify
+
  
=== Dbus connection error message ===
+
{{bc|
Make sure to use the following command for your .xinitrc:
+
#!/bin/sh
exec ck-launch-session [your environment here]
+
/usr/bin/iwconfig wlp2s0 power off
 +
}}
  
As an example, mine reads:
+
into the file {{ic|/etc/pm/power.d/wireless}} (create it if it does not exist and make it executable) and see if things get better.
exec ck-launch-session openbox-session
+
  
Otherwise you will get dbus error messages and not be able to connect to networks.
+
If your card does not support {{ic|# iwconfig wlp2s0 power off}}, check the '''BIOS''' for power management options. Disabling PCI-Express power management in the BIOS of a Lenovo W520 resolved this issue.
 +
 
 +
==== Cause #2 ====
 +
 
 +
If you are experiencing frequent disconnections with wireless and dmesg shows messages such as
 +
 
 +
{{ic|1=ieee80211 phy0: wlp2s0: No probe response from AP xx:xx:xx:xx:xx:xx after 500ms, disconnecting}}
 +
 
 +
try changing the channel bandwidth to {{ic|20MHz}} through your router's settings page.
 +
 
 +
=== Importing pynotify failed, notifications disabled ===
 +
 
 +
In case the {{pkg|python2-notify}} package did not get installed automatically. You can [[pacman|install]] it from [[Official Repositories]].
 +
 
 +
=== Dbus connection error message ===
  
* '''NOTE:''' If wicd suddenly stopped working and it complains about dbus, it is quite likely that you just need to remove wicd fully, including and all its configuration files, and re-install it from scratch:
+
If wicd suddenly stopped working and it complains about dbus, it is quite likely that you just need to remove wicd fully, including and all its configuration files, and re-install it from scratch:
  pacman -R wicd
+
  # pacman -R wicd
  rm -Rf /etc/wicd /var/log/wicd /etc/dbus-1/system.d/wicd*
+
  # rm -rf /etc/wicd /var/log/wicd /etc/dbus-1/system.d/wicd*
  pacman -S wicd
+
  # pacman -S wicd
Check this link for more details: http://bbs.archlinux.org/viewtopic.php?pid=577141#p577141
+
Check this link for more details: https://bbs.archlinux.org/viewtopic.php?pid=577141#p577141
  
 
Wicd-client also throws a dbus connection error message ("Could not connect to wicd's D-Bus interface.") when wicd is not running due to a problem with a config file. It seems that sometimes an empty account gets added to /etc/wicd/wired-settings.conf in which case you simply have to remove the
 
Wicd-client also throws a dbus connection error message ("Could not connect to wicd's D-Bus interface.") when wicd is not running due to a problem with a config file. It seems that sometimes an empty account gets added to /etc/wicd/wired-settings.conf in which case you simply have to remove the
Line 181: Line 219:
 
and restart wicd.
 
and restart wicd.
  
When running wicd daemon with `rc.d` it won't print error that `pid` file is created. If you are sure wicd isn't running remove this file:
+
=== Problems after package update ===
  rm /var/run/wicd/wicd.pid
+
  
===Problems after package update===
+
Sometimes the wicd client fails to load after a package update due to D-Bus errors.  
Sometimes the wicd client fails to load after a package update due to dbus errors.  
+
  
A solution is to remove the config files in the /etc/wicd/ directory.  
+
A solution is to remove the config files in the {{ic|/etc/wicd/}} directory.  
  # rc.d stop wicd
+
  # systemctl stop wicd
 
  # rm /etc/wicd/*.conf
 
  # rm /etc/wicd/*.conf
  # rc.d start wicd
+
  # systemctl start wicd
 +
 
 +
=== Note about graphical sudo programs ===
 +
 
 +
If you are receiving an error about wicd failing to find a graphical sudo program, install one of {{Pkg|gksu}}, {{AUR|ktsuss}}, or {{Pkg|kdebase-runtime}}, then use the relative command:
  
===Note about graphical sudo programs===
 
If you are receiving an error about wicd failing to find a graphical sudo program, run one of the following commands:
 
 
  $ ktsuss wicd-client -n
 
  $ ktsuss wicd-client -n
  
Line 200: Line 238:
 
  $ kdesu wicd-client -n
 
  $ kdesu wicd-client -n
  
These programs require the ktsuss (found in the AUR), gksu, and kdesu packages, respectively.
+
=== Making eduroam work with wicd ===
 
+
===Making eduroam work with wicd===
+
  
 
{{Note|You may try the AUR package {{AUR|wicd-eduroam}} first. It will appear in wicd as "eduroam". If it does not work for you, try the following.}}
 
{{Note|You may try the AUR package {{AUR|wicd-eduroam}} first. It will appear in wicd as "eduroam". If it does not work for you, try the following.}}
  
This profile will only work for eduroam institutions which use TTLS and will not work for PEAP.
+
This profile will only work for eduroam institutions which use TTLS and will not work for PEAP (you can find a PEAP profile here: [http://csclub.uwaterloo.ca/~mtahmed/article/eduroam_wicd Eduroam wicd]).
  
Save the following as /etc/wicd/encryption/templates/ttls-80211
+
Save the following as {{ic|/etc/wicd/encryption/templates/ttls-80211}}
 +
{{hc|/etc/wicd/encryption/templates/ttls-80211|<nowiki>
 +
name = TTLS for Wireless
 +
author = Alexander Clouter
 +
version = 1
 +
require anon_identity *Anonymous_Username identity *Identity password *Password
 +
protected password *Password
 +
optional ca_cert *Path_to_CA_Cert cert_subject *Certificate_Subject
 +
-----
 +
ctrl_interface=/var/run/wpa_supplicant
 +
network={
 +
      ssid="$_ESSID"
 +
      scan_ssid=$_SCAN
  
name = TTLS for Wireless
+
      key_mgmt=WPA-EAP
author = Alexander Clouter
+
      eap=TTLS
version = 1
+
 
require anon_identity *Anonymous_Username identity *Identity password *Password
+
      ca_cert="$_CA_CERT"
optional ca_cert *Path_to_CA_Cert cert_subject *Certificate_Subject
+
      subject_match="$_CERT_SUBJECT"
-----
+
ctrl_interface=/var/run/wpa_supplicant
+
network={
+
        ssid="$_ESSID"
+
        scan_ssid=$_SCAN
+
+
        key_mgmt=WPA-EAP
+
        eap=TTLS
+
 
   
 
   
        ca_cert="$_CA_CERT"
+
      phase2="auth=MSCHAPv2 auth=PAP"
        subject_match="$_CERT_SUBJECT"
+
 
 
+
      anonymous_identity="$_ANON_IDENTITY"
        phase2="auth=MSCHAPv2 auth=PAP"
+
      identity="$_IDENTITY"
+
      password="$_PASSWORD"
        anonymous_identity="$_ANON_IDENTITY"
+
}
        identity="$_IDENTITY"
+
</nowiki>}}
        password="$_PASSWORD"
+
}
+
  
 
Open a terminal
 
Open a terminal
  
  cd /etc/wicd/encryption/templates
+
  # echo ttls-80211 >> /etc/wicd/encryption/templates/active
echo ttls-80211 >> active
+
  
 
Open wicd, choose TTLS for Wireless in the properties of eduroam, and enter the appropriate settings for your institution. The format of the subject match should be something like "/CN=server.example.com".
 
Open wicd, choose TTLS for Wireless in the properties of eduroam, and enter the appropriate settings for your institution. The format of the subject match should be something like "/CN=server.example.com".
  
NB. This only works in my institution by commenting subject_match, which is not secure, but at least it connects.
+
NB. This only works in my institution by commenting {{ic|subject_match}}, which is not secure, but at least it connects.
  
===Problem changing from wicd to another network manager===
+
=== Two instances of wicd-client (and possibly two icons in tray) ===
  
When I tried to switch back to the knetworkmanager, without uninstalling wicd, I edited /etc/rc.conf and put a '!' in front of wicd, removed it from networkmanager, rebooted and obviously wicd did not load. When I started KDE though I got a message saying that wicd-client could not start normally because wicd was not running. Wicd-client should not have started as it is not in autostart. The trick stop it from loading is to go to /etc/xdg/autostart and do:
+
See the note in [[Wicd#Running_Wicd]] about the autostart file in {{ic|/etc/xdg/autostart}} and the forum post and bug report provided in [[Wicd#External_Links]]. Essentially, if {{ic|/etc/xdg/autostart/wicd-tray.desktop}} exists, remove it.  You only need the {{ic|wicd}} service enabled in systemd.
  
$ sudo nano wicd-tray.desktop
+
=== Bad password using PEAP with TKIP/MSCHAPV2 ===
  
and make it hidden on startup, or if you are not planning to autostart wicd-client again just remove the file.
+
The connection template PEAP with TKIP/MSCHAPV2 requires the user to enter the path to a CA certificate besides entering username and password. However this can cause troubles resulting in a error message of a bad password [https://bbs.archlinux.org/viewtopic.php?pid=990385 *]. A possible solution is the usage of PEAP with GTC instead of TKIP/MSCHAPV2 which does not require to enter the path of the CA cert.
  
===Two instances of wicd-client (and possibly two icons in tray)===
+
=== Wicd skips obtaining IP address on wlp ===
See the note in [[Wicd#Running_Wicd]] about the autostart file in /etc/xdg/autostart and the forum post and bug report provided in [[Wicd#External_Links]]. Essentially, if /etc/xdg/autostart/wicd-tray.desktop exists, you only need wicd in /etc/rc.conf daemons and should remove it from your DE/WM autostart file.
+
  
===Bad password using PEAP with TKIP/MSCHAPV2===
+
This can be caused by dhcpcd running alongside wicd as systemd service. A solution would be to stop/disable '''dhcpcd'''.
The connection template PEAP with TKIP/MSCHAPV2 requires the user to enter the path to a CA certificate besides entering username and password. However this can cause troubles resulting in a error message of a bad password [https://bbs.archlinux.org/viewtopic.php?pid=990385 *]. A possible solution is the usage of PEAP with GTC instead of TKIP/MSCHAPV2 which does not require to enter the path of the CA cert.
+
 
 +
== See also ==
  
==External links==
+
* [http://www.wicd.net/download.php Note on interfaces at the official site]
*[http://www.wicd.net/download.php Note on interfaces at the official site]
+
* [https://bbs.archlinux.org/viewtopic.php?id=114803 Forum post] about two instances of wicd-client and {{ic|/etc/xdg/autostart}}
*[https://bbs.archlinux.org/viewtopic.php?id=114803 Forum post about two instances of wicd-client and /etc/xdg/autostart]
+
* [https://bugs.archlinux.org/task/22423 Bug report mentioning /etc/xdg/autostart and wicd-client behavior]
*[https://bugs.archlinux.org/task/22423 Bug report mentioning /etc/xdg/autostart and wicd-client behavior]
+

Revision as of 14:48, 14 July 2013

Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary text Template:Article summary end

Wicd is a network connection manager that can manage wireless and wired interfaces, similar and an alternative to NetworkManager. Wicd is written in Python and GTK+, requiring fewer dependencies than other network managers. Alternatively, a version of Wicd for KDE, written in Qt, is available from the Arch User Repository. Wicd can also run from the terminal in a curses interface, requiring no X server session or task panel (see #Running Wicd).

Installation

Base package

Install wicd, available in the official repositories. It includes everything needed to run the wicd daemon and the wicd-cli and wicd-curses interfaces.

GTK+ client

For a GTK+ front-end, install wicd-gtk, available in the official repositories. It includes everything needed to run the GTK interface of wicd and the autostart file for the client to appear in the system tray.

KDE client

For a KDE front-end, install wicd-kdeAUR, available in the AUR.

Notifications

To enable visual notifications about network status, you need to install the notification-daemon.

If you are not using GNOME, you will want to install xfce4-notifyd instead of the notification-daemon, because it pulls a lot of unnecessary GNOME packages.

Alternative

The wicd-bzrAUR buildscript is available in the AUR, which should build the latest development branch. If you need an alternative version or you just want to roll your own package, you can easily build it using ABS.

Getting started

Initial setup

Wicd provides a daemon that must be started.

Warning: Running multiple network managers will cause problems, so it is important to disable all other network management daemons.

First, stop all previously running network daemons (like netctl, netcfg, dhcpcd, NetworkManager).

Disable any existing network management services, including netctl, netcfg, dhcpcd, and networkmanager. Refer to Systemd#Using_units.

Note: You might need to stop and disable the network daemon instead of netctl, which is a current replacement for network service. If unsure, try disabling both.

Start the wicd systemd daemon and enable it at system start up.

Add your account to users group:

# gpasswd -a USERNAME users
Note: The Unix group that dbus allows to access wicd is subject to change, and may be different than users. Check which policy group is specified in /etc/dbus-1/system.d/wicd.conf, and add your user to that group.

If you added your user to a new group, log out and then log in.

Running Wicd in Desktop Environment

If you have installed the wicd-gtk and entered the desktop environment. Open a virtual terminal to run one of the following commands.

  • To start Wicd as system service, run:
$ systemctl start wicd.service
  • To load Wicd, run:
$ wicd-client
  • To force it to start minimized in the notification area, run:
$ wicd-client --tray
  • If your desktop environment does not have a notification area, or if you don't want wicd to show tray icon, run:
$ wicd-client -n

Running Wicd in Text Mode

If you did not install wicd-gtk then use wicd-cli or wicd-curses:

$ wicd-curses
Note: Wicd does not prompt you for a passkey. To use encrypted connections (WPA/WEP), expand the network you want to connect to, click Advanced and enter the needed info.

Autostart

The wicd-gtk package puts a file in /etc/xdg/autostart/wicd-tray.desktop, which will autostart wicd-client upon login to your DE/WM. If so, enabling the wicd system service is enough:

$ systemctl enable wicd.service

If /etc/xdg/autostart/wicd-tray.desktop does not exist, you can add wicd-client to your DE/WM startup to have the application start when you log in.

Note: If wicd-client is added to DE/WM startup when /etc/xdg/autostart/wicd-tray.desktop exists, you will have an issue of two wicd-client instances running.

Scripts

Wicd has the ability to run scripts during all stages of the connection process (post/pre connect/disconnect). Simply place a script inside the relevant stage folder within /etc/wicd/scripts/ and make it executable.

The scripts are able to receive three parameters, these being:

$1 - the connection type (wireless/wired).
$2 - the ESSID (network name).
$3 - the BSSID (gateway MAC).

Stop ARP spoofing attacks

The script below can be used to set a static ARP, to stop ARP spoofing attacks. Simply change the values within the case statement to match those of the networks you want to set static ARP entries for. Launch it as root:

#!/bin/bash
#Set the parameters passed to this script to meaningful variable names.
connection_type="$1"
essid="$2"
bssid="$3"

if [ "${connection_type}" == "wireless" ]; then

        #Change below to match your networks.
        case "$essid" in
        YOUR-NETWORK-NAME-ESSID)
                arp -s 192.168.0.1 00:11:22:33:44:55
         ;;
         Netgear01923)
                arp -s 192.168.0.1 10:11:20:33:40:50
         ;;
         ANOTHER-ESSID)
                arp -s 192.168.0.1 11:33:55:77:99:00
         ;;
         *)
                echo "Static ARP not set. No network defined."
         ;;
       esac
fi

Change MAC using macchanger

See the relative article.

The script below can be used to change the MAC address of your network interfaces.

To change the MAC whenever you connect to a network, place this script under /etc/wicd/scripts/preconnect/.

Take a look at macchanger --help to adjust the macchanger command to your liking.

#!/usr/bin/env bash

connection_type="$1"

if [[ "${connection_type}" == "wireless" ]]; then
        ip link set wlp2s0 down
        macchanger -A wlp2s0
        ip link set wlp2s0 up
elif [[ "${connection_type}" == "wired" ]]; then
        ip link set enp1s0 down
        macchanger -A enp1s0
        ip link set enp1s0 up
fi

Troubleshooting

Failed to get IP address

If wicd repeatedly fails to get an IP address using the default dhcpcd client, try installing and using dhclient instead. Do not forget to select dhclient as the primary dhcp client in wicd options afterwards!

If wicd can get an IP address for a wired interface and is unable to get an IP address for a wireless interface, try disabling the wireless card's powersaving features:

# iwconfig wlp2s0 power off

Random disconnecting

Cause #1

If dmesg says wlp2s0: deauthenticating from MAC by local choice (reason=3) and you lose your Wi-Fi connection, it is likely that you have a bit too aggressive power-saving on your Wi-Fi card[1]. Try disabling the wireless card's power-saving features:

# iwconfig wlp2s0 power off

If you have the package pm-utils installed, it may be the reason power-saving is on in your system[2]. You can put:

#!/bin/sh
/usr/bin/iwconfig wlp2s0 power off

into the file /etc/pm/power.d/wireless (create it if it does not exist and make it executable) and see if things get better.

If your card does not support # iwconfig wlp2s0 power off, check the BIOS for power management options. Disabling PCI-Express power management in the BIOS of a Lenovo W520 resolved this issue.

Cause #2

If you are experiencing frequent disconnections with wireless and dmesg shows messages such as

ieee80211 phy0: wlp2s0: No probe response from AP xx:xx:xx:xx:xx:xx after 500ms, disconnecting

try changing the channel bandwidth to 20MHz through your router's settings page.

Importing pynotify failed, notifications disabled

In case the python2-notify package did not get installed automatically. You can install it from Official Repositories.

Dbus connection error message

If wicd suddenly stopped working and it complains about dbus, it is quite likely that you just need to remove wicd fully, including and all its configuration files, and re-install it from scratch:

# pacman -R wicd
# rm -rf /etc/wicd /var/log/wicd /etc/dbus-1/system.d/wicd*
# pacman -S wicd

Check this link for more details: https://bbs.archlinux.org/viewtopic.php?pid=577141#p577141

Wicd-client also throws a dbus connection error message ("Could not connect to wicd's D-Bus interface.") when wicd is not running due to a problem with a config file. It seems that sometimes an empty account gets added to /etc/wicd/wired-settings.conf in which case you simply have to remove the

[] 

and restart wicd.

Problems after package update

Sometimes the wicd client fails to load after a package update due to D-Bus errors.

A solution is to remove the config files in the /etc/wicd/ directory.

# systemctl stop wicd
# rm /etc/wicd/*.conf
# systemctl start wicd

Note about graphical sudo programs

If you are receiving an error about wicd failing to find a graphical sudo program, install one of gksu, ktsussAUR, or kdebase-runtime, then use the relative command:

$ ktsuss wicd-client -n
$ gksudo wicd-client -n
$ kdesu wicd-client -n

Making eduroam work with wicd

Note: You may try the AUR package wicd-eduroamAUR first. It will appear in wicd as "eduroam". If it does not work for you, try the following.

This profile will only work for eduroam institutions which use TTLS and will not work for PEAP (you can find a PEAP profile here: Eduroam wicd).

Save the following as /etc/wicd/encryption/templates/ttls-80211

/etc/wicd/encryption/templates/ttls-80211
name = TTLS for Wireless
author = Alexander Clouter
version = 1
require anon_identity *Anonymous_Username identity *Identity password *Password 
protected password *Password
optional ca_cert *Path_to_CA_Cert cert_subject *Certificate_Subject
-----
ctrl_interface=/var/run/wpa_supplicant
network={
       ssid="$_ESSID"
       scan_ssid=$_SCAN

       key_mgmt=WPA-EAP
       eap=TTLS

       ca_cert="$_CA_CERT"
       subject_match="$_CERT_SUBJECT"
 
       phase2="auth=MSCHAPv2 auth=PAP"

       anonymous_identity="$_ANON_IDENTITY"
       identity="$_IDENTITY"
       password="$_PASSWORD"
}

Open a terminal

# echo ttls-80211 >> /etc/wicd/encryption/templates/active

Open wicd, choose TTLS for Wireless in the properties of eduroam, and enter the appropriate settings for your institution. The format of the subject match should be something like "/CN=server.example.com".

NB. This only works in my institution by commenting subject_match, which is not secure, but at least it connects.

Two instances of wicd-client (and possibly two icons in tray)

See the note in Wicd#Running_Wicd about the autostart file in /etc/xdg/autostart and the forum post and bug report provided in Wicd#External_Links. Essentially, if /etc/xdg/autostart/wicd-tray.desktop exists, remove it. You only need the wicd service enabled in systemd.

Bad password using PEAP with TKIP/MSCHAPV2

The connection template PEAP with TKIP/MSCHAPV2 requires the user to enter the path to a CA certificate besides entering username and password. However this can cause troubles resulting in a error message of a bad password *. A possible solution is the usage of PEAP with GTC instead of TKIP/MSCHAPV2 which does not require to enter the path of the CA cert.

Wicd skips obtaining IP address on wlp

This can be caused by dhcpcd running alongside wicd as systemd service. A solution would be to stop/disable dhcpcd.

See also