The following sections describe the configuration of some packages.
16.1. acoc
In order to use acoc you should start it with
for example, or you can create an alias like this:
alias pacman='acoc pacman'
16.2. amavisd-new
For the first initial setup you may want to use our amavisconf utility.
From amavisd-new-2.5.2-1 we no longer use a random uid/gid, but dedicated
ones. Because of this amavis service will not start if you have it installed
before, so you have to correct this by issuing these commands:
groupmod -g 40 amavis
usermod -u 40 -g 40 amavis
chown -R amavis:amavis /var/lib/amavis
chown -R amavis:amavis /var/lock/amavis
You should chown any other amavis-owned stuff you may have lying around, these
are only the default ones.
16.3. apache
-
These steps require root privileges, so use su - to get a root shell.
-
The Apache server isn’t started by default. You can change this with the
-
We don’t want to reboot, so start it manually:
# service httpd start
Starting Apache web server (no SSL) [ OK ]
You have finished if you don’t need SSL support.
16.3.2. Setting up SSL support for Apache
-
Creating the certifications:
# cd /etc/httpd/conf/
# sh mkcert.sh
Signature Algorithm ((R)SA or (D)SA) [R]:
Here we can accept the default RSA signature algorithm first. Then
we have to fill out some fields. There are quite a few fields but
you can leave most of them blank. If you enter '.', the field will
be left blank.
1) Country Name (2 letter code) [XY]:
Give the 2-letter code of our contry (for example US)
2) State or Province Name (full name) [Snake Desert]:
We type our state.
3) Locality Name (eg, city) [Snake Town]:
The name of our city.
4) Organization Name (eg, company) [Snake Oil, Ltd]:
Our organization's name.
5) Organizational Unit Name (eg, section) [Webserver Team]:
Our section's name.
6) Common Name (eg, FQDN) [www.snakeoil.com]:
Important: Give a real address here, otherwise you'll get
warnings in your browser!
7) Email Address (eg, `name@FQDN') [`www@snakeoil.com']:
I usually give the email address of the webmaster here.
(webmaster@domain.com)
8) Certificate Validity (days) [365]:
In most cases, one year will be good.
Then, we should choose the version of our certificate:
Certificate Version (1 or 3) [3]:
The default 3 will be good, so just hit enter. In the next
step we can encrypt our private key:
Encrypt the private key now? [Y/n]:
The keys will not be readable by users, so we can leave this
step out.
So the following files are created:
/etc/httpd/conf/ssl.key/server.key (keep this file private!)
/etc/httpd/conf/ssl.crt/server.crt
/etc/httpd/conf/ssl.csr/server.csr
-
Enable SSL in /etc/httpd/conf/httpd.conf:
Open the file with your favorite editor, and search the followings
at about line 1040:
# Uncomment this if you want SSL support!
#<IfModule mod_ssl.c>
# Include /etc/httpd/conf/ssl.conf
#</IfModule>
-
Now we should restart Apache:
-
Then we can check if the task was successful:
$ elinks https://localhost/
This should show the default homapage, received via SSL :)
16.3.3. Self-signed Apache certificate
This must be done as root.
# openssl genrsa -des3 -out server.key 1024
Enter "foobar" twice as passphrase.
# openssl req -new -key server.key -out server.csr
Enter "foobar" when asked for passphrase, answer the questions. Leave
"challenge password" "and optional company name" empty.
# cp server.key server.key.org
# openssl rsa -in server.key.org -out server.key
Enter "foobar" when asked for passphrase.
# openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
# cp server.crt /etc/httpd/conf/ssl.crt/
# cp server.key /etc/httpd/conf/ssl.key/
# service httpd stop
# vi /etc/httpd/conf/httpd.conf
Uncomment the marked three lines around line 1044 (look for "SSL support").
16.4. asciidoc
Asciidoc has a number of configuration files under /etc/asciidoc and
it’s easy to get lost in that directory.
Regarding pdf (dblatex) generation, here are some options you can set:
<xsl:param name="doc.publisher.show">0</xsl:param>
<xsl:param name="latex.output.revhistory">0</xsl:param>
<xsl:param name="doc.toc.show">0</xsl:param>
\def\maketitle{
\def\edhead{}
\DBKdomitete
}
16.5. avahi
|
Warning
|
If you have rlocate installed on your system, Avahi will not run
and therefore Zeroconf functionality in programs will be disabled. If you
want this functionality, then please uninstall rlocate. |
Also, If you are using iptables, please uncomment this line in
/etc/sysconfig/firewall:
#-A INPUT -p udp -m udp --dport 5353 -j ACCEPT
After that do not forget to restart iptables with:
# service firewall restart
16.6. b2evolution
After installing this package, please run
16.7. b43-fwcutter
Since version 2.6.24, the bcm43xx driver is deprecated, replaced by the
b43 and b43legacy modules.
The module should be loaded automatically, in case it isn’t, you can
load it manually:
You must bring the device up with ifconfig before doing any other
configuration steps.
Since the channel must be set manually, first do a scan:
# iwconfig ethX channel Y
# iwconfig ethX essid "myessid"
16.8. barpanel
Some tips and trick for use with barpanel:
-
Remember, various parts of barpanel are split into separate packages. Currently
this is the various plugins that draw in extra dependencies to function and the
extra themes that are not used by the default configuration.
-
Barpanel themes are simply gtk2 themes, so if you want it to match your own
gtk theme, a simple way you can try is this:
cd ~/.barpanel/themes
ln -s (path to your gtk theme)/gtk-2.0 (name of theme)
Then, change the theme in your ~/.barpanel/config.xml configuration file.
16.9. bitlbee-skype
Please read the README file in the documentation directory of the package on
how to fine-tune the configuration file of skyped and on how to generate the
SSL certificates for it.
16.10. cairo-clock
Cairo-Clock requires the Composite option to be enabled in your Xorg
configuration. To enable it, add the following lines to
/etc/X11/xorg.conf:
Section "Extensions"
Option "Composite" "Enable"
EndSection
16.11. ccache
After you installed ccache, it won’t be enabled by default.
First, you need to determine who is allowed to use ccache. You have to
add each user to the ccache group. If you want to allow using ccache
from chrooted builds, then you need to add the fst user:
# usermod -a -G ccache fst
Second, you need to somehow let the build system to use ccache, and
not the compiler directly. If you use makepkg, this is enabled by
default (you can disable it with the -B option). If you build
manually, then you are on your own, though usually there are two ways to
do so:
$ CC=/usr/bin/ccache ./configure
export PATH=/usr/lib/ccache/bin:$PATH
16.12. cpuspeed
After installing cpuspeed, make sure you edit the configuration file
before starting it. The configuration file is located in /etc/cpuspeed.conf.
Set the correct CPUFreq driver name in the confiuration file by setting the DRIVER value.
for eg: if you want to use the p4-clockmod driver, your cpuspeed configuration file
should contain:
For a list of drivers, check this directory
/lib/modules/your_kernel_version/kernel/arch/i386/kernel/cpu/cpufreq
16.13. cryptsetup-luks
Follow these steps to when using cryptsetup-luks:
16.13.1. Creating
# cryptsetup luksFormat /dev/partition
# cryptsetup luksOpen /dev/partition label
# mke2fs -j /dev/mapper/label
# mount /dev/mapper/label /mnt/label
16.13.2. Mounting
Of course later you don’t have to use luksFormat and mke2fs:
# cryptsetup luksOpen /dev/partition label
# mount /dev/mapper/label /mnt/label
16.13.3. Umounting
# umount /mnt/label
# cryptsetup luksClose label
16.13.4. Encrypting your home partition
|
Note
|
You have need to install the sharutils package to do the followings! |
aes
aes-i586
sha256
dm-crypt
# cp -arvx /home /media/sda1/
# umount /home
# dd if=/dev/urandom of=/dev/hda6
# cryptsetup -y luksFormat /dev/hda6
Here we will be asked for a password which will be necessary to access /home
at boot time.
# cryptsetup luksOpen /dev/hda6 home
# mkfs.ext3 /dev/mapper/home
# mount /dev/mapper/home /home
# cp -arvx /media/sda1/home /home
/dev/mapper/home /home ext3 noatime 0 0
#!/bin/sh
/usr/sbin/cryptsetup luksOpen /dev/hda6 home
/bin/mount /dev/mapper/home /home
# ln -s /etc/rc.d/rc.crypt /etc/rc.d/rcS.d/S15rc.crypt
You have to delay the splash screen, so that you can type your password before
the splash appears:
# mv /etc/rc.d/rcS.d/S03rc.splash /etc/rc.d/rcS.d/S15rc.splash
(It will ask the password between the lvm and the splash service.)
Now the system can be restarted and the password will be asked to access home
partition boot-time.
|
Note
|
The English keyboard map will be used at that point of the boot process. |
16.14. cwiid
16.14.1. Module loading
To use your wiimote you have to load module uninput with:
To load this module at every start-up, just add uninput in /etc/sysconfig/modules file.
16.15. cyrus-sasl
16.15.1. Configuring
This mini-howto helps you to install the saslauthd server using postfix which
will authenticate using users and passwords from /etc/{passwd,shadow}.
First install the necessary packages:
# pacman-g2 -S postfix saslauthd
Enable sasl in postfix’s config by appending the following lines to
/etc/postfix/main.cf:
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
Put the following lines to /usr/lib/sasl2/smtpd.conf:
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN
Edit /etc/sysconfig/saslauthd by changing the following lines:
Now you can start saslauthd by
as well as enabled in by default on startup:
Issue id postfix and see if the daemon group is listed. If not, then add
postfix to the daemon group:
usermod -G daemon postfix
16.15.2. Verifying
We test it using telnet. We need perl to generate the string for the SASL
authentication:
$ perl -MMIME::Base64 -e 'print encode_base64("vmiklos\0vmiklos\0secret");'
dm1pa2xvcwB2bWlrbG9zAHNlY3JldA==
$ telnet host.com 25
Trying ip...
Connected to host.com.
Escape character is '^]'.
220 host.com ESMTP Postfix
ehlo my.dhcp
250-host.com
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH LOGIN PLAIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
AUTH PLAIN dm1pa2xvcwB2bWlrbG9zAHNlY3JldA==
235 2.0.0 Authentication successful
quit
221 2.0.0 Bye
Connection closed by foreign host.
16.16. dante
16.16.1. Configuration
In most cases you have a socks server (you can create one easily using ssh, see
the documentation of the openssh package), and you want to route all traffic
through it. Here is the config you need:
route {
from: 0.0.0.0/0 to: 0.0.0.0/0 via: 127.0.0.1 port = 8080
proxyprotocol: socks_v4
}
16.16.2. Testing it
When you connect to a server, others will see that you’re connecting from the
server, not from your own host.
16.17. darcs
First, please note that darcs comes with a very good HTML documentation, which
is available under the /usr/share/doc/darcs-*/manual dir. That’s the
place where everything is properly documented, not the manpage. Using darcs
[subcommand] -h is usable only as a reference, too.
If you’re completely new to darcs, then start at
/usr/share/doc/darcs-*/manual/node4.html.
Please also note that in order for the darcs send command to work properly,
you must properly configure your mail transport agent to relay outgoing mail.
For example, if you are using postfix, you need to edit /etc/postfix/main.cf,
see the Using a relay host part of the postfix package documentation for more
info.
16.18. dazuko
If you got errors saying:
dazuko: failed to register
# rmmod capability
# modprobe dazuko
# modprobe capability
16.19. ddclient
Please configure /etc/ddclient/ddclient.conf before running ddclient!
Samples for common configurations can be found in:
/usr/share/doc/ddclient-$package_version/sample*
Additional details and instructions can be found in:
/usr/share/doc/ddclient-$package_version/README
Once you have finished configuring the ddclient.conf file,
you can start ddclient as a daemon by running as root, the following
command:
16.20. dhcp
If you are in trouble setting up your dhclient, use the
following options. These are quite good defaults:
request subnet-mask, broadcast-address, time-offset, \
routers, domain-name, domain-name-servers, \
host-name, netbios-name-servers, netbios-scope;
timeout 20;
script "/sbin/dhclient-script";
16.21. dillo
Dillo is moving to FLTK2. As of 2006-04-29 it is unstable
(both unreleased and has some random erratic bugs, but upstream
is working on it), and some KDE stuff has fltk dep, so not a good idea
to mess with.
Dillo is now "crippled" by removing the new FLTK based download GUI, as it
is only this needs FLTK2, but for the next release more FLTK2 expected.
16.22. drupal
After installing this package, please run /usr/bin/drupalsetup as root
to setup Drupal
16.23. drupal6
To be able to use this package as intended, you will have to:
-
set up apache to access /var/www/drupal6 from the web the way you like;
-
install and set up your favourite SQL database (mysql or postgresql; this
package DOES NOT depend on any of them);
-
create and/or grant access to a mysql or postgresql database;
-
set up your drupal installation itself by entering the correct credentials
at the install screen to be able to reach the above-mentioned database.
16.24. drupal-jquery_update
According to this module’s documentation (available eg. at
/var/www/drupal/sites/all/modules/jquery_update/README.txt), some of
Drupal’s own .js files must be overwritten with the ones shipped with this
module. This is done automatically when installing/upgrading this package, but
upgrading the drupal package will revert those files (and Drupal will whine
at the administration area). Reinstalling this package (or copy the files over
by hand) should stop the whining.
16.25. dspam
To populate the DSPAM database, you need to follow several steps.
-
First create a database. Login to the mysql command prompt.
$ mysql -u root -p
mysql> CREATE database dspam;
-
Next, you need to create a dspam user. At the same MySQL prompt:
mysql> GRANT ALL PRIVILEGES ON dspam.* TO dspam@'localhost' IDENTIFIED BY 'passwd';
Replacing passwd with your chosen password.
-
Optimizing the datebase:
If you want a space optimized db do:
$ mysql -u dspam dspam -p < /var/lib/dspam/mysql/mysql_objects-space.sql
If you want a speed optimized db do:
$ mysql -u dspam dspam -p < /var/lib/dspam/mysql/mysql_objects-speed.sql
Enter the password you set in the previous step, and the database should be populated.
-
Remember to edit /etc/dspam/dspam.conf accordenly
If you want to use the postgresql, sqlite3 or Berekely DB4 backends you can
find instructions in the dspam documentation.
16.26. eaccelerator
16.26.1. Setting up eaccelerator
In order to use eAccelerator, you must add the following lines to your
/etc/php.ini file:
extension="extensions/no-debug-non-zts-20060613/eaccelerator.so"
eaccelerator.shm_size="16"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
Do not forget to create the cache directory as well:
mkdir /tmp/eaccelerator
chmod 0777 /tmp/eaccelerator
16.26.2. Configuration Options:
eaccelerator.shm_size
The amount of shared memory (in megabytes) that eAccelerator will use.
"0" means OS default. Default value is "0".
eaccelerator.cache_dir
The directory that is used for disk cache. eAccelerator stores precompiled
code, session data, content and user entries here. The same data can be
stored in shared memory also (for more quick access). Default value is
"/tmp/eaccelerator".
eaccelerator.enable
Enables or disables eAccelerator. Should be "1" for enabling or "0" for
disabling. Default value is "1".
eaccelerator.optimizer
Enables or disables internal peephole optimizer which may speed up code
execution. Should be "1" for enabling or "0" for disabling. Default value
is "1".
eaccelerator.debug
Enables or disables debug logging. Should be "1" for enabling or "0" for
disabling. Default value is "0".
eaccelerator.check_mtime
Enables or disables PHP file modification checking . Should be "1" for
enabling or "0" for disabling. You should set it to "1" if you want to
recompile PHP files after modification. Default value is "1".
eaccelerator.filter
Determine which PHP files must be cached. You may specify the number of
patterns (for example "*.php *.phtml") which specifies to cache or not to
cache. If pattern starts with the character "!", it means to ignore files
which are matched by the following pattern. Default value is "" that means
all PHP scripts will be cached.
eaccelerator.shm_max
Disables putting large values into shared memory by " eaccelerator_put() "
function. It indicates the largest allowed size in bytes (10240, 10K, 1M).
The "0" disables the limit. Default value is "0".
eaccelerator.shm_ttl
When eaccelerator fails to get shared memory for new script it removes all
scripts which were not accessed at last "shm_ttl" seconds from shared
memory. Default value is "0" that means - don't remove any files from
shared memory.
eaccelerator.shm_prune_period
When eaccelerator fails to get shared memory for new script it tryes to
remove old script if the previous try was made more then
"shm_prune_period" seconds ago. Default value is "0" that means - don't
try to remove any files from shared memory.
eaccelerator.shm_only
Enables or disables caching of compiled scripts on disk. It has no effect
on session data and content caching. Default value is "0" that means - use
disk and shared memory for caching.
eaccelerator.compress
Enables or disables cached content compression. Default value is "1" that
means enable compression.
eaccelerator.compress_level
Compression level used for content caching. Default value is "9" which is
the maximum value
eaccelerator.keys
eaccelerator.sessions
eaccelerator.content
Determine where keys, session data and content will be cached. The possible
values are:
"shm_and_disk" - cache data in shared memory and on disk (default value)
"shm" - cache data in shared memory or on disk if shared memory
is full or data size greater then "eaccelerator.shm_max"
"shm_only" - cache data in shared memory
"disk_only" - cache data on disk
"none" - don't cache data
eAccelerator API:
eaccelerator_put($key, $value, $ttl=0)
puts the $value into shard memory for $ttl seconds.
eaccelerator_get($key)
returns the value from shared memory which was stored by eaccelerator_put()
or null if it is not exists or was expired.
eaccelerator_rm($key)
removres the $key from shared memory
eaccelerator_gc()
removes all expired keys from shared memory
eaccelerator_lock($lock)
creates a lock with specified name. The lock can be released by function
eaccelerator_unlock() or automatic on the end of request.
For Example:
<?php
eaccelerator_lock("count");
eaccelerator_put("count",eaccelerator_get("count")+1));
?>
eaccelerator_unlock($lock)
release lock with specified name
eaccelerator_set_session_handlers()
install the eaccelerator session handlers.
Since PHP 4.2.0 you can install eaccelerator session handlers
in "php.ini" by "session.save_handler=eaccelerator".
eaccelerator_cache_output($key, $eval_code, $ttl=0)
caches the output of $eval_code in shared memory for $ttl seconds.
Output can be removed from cache by calling mmcach_rm() with the same $key.
For Example:
<?php eaccelerator_cache_output('test', 'echo time(); phpinfo();', 30); ?>
eaccelerator_cache_result($key, $eval_code, $ttl=0)
caches the result of $eval_code in shared memory for $ttl seconds.
Result can be removed from cache by calling mmcach_rm() with the same $key.
For Example:
<?php eaccelerator_cache_output('test', 'time()." Hello";', 30); ?>
eaccelerator_cache_page($key, $ttl=0)
caches the full page for $ttl seconds.
For Example:
<?php
eaccelerator_cache_page($_SERVER['PHP_SELF'].'?GET='.serialize($_GET),30);
echo time();
phpinfo();
?>
eaccelerator_rm_page($key)
removes the page which was cached by eaccelerator_cache_page() with the same
$key from cache
eaccelerator_encode($filename)
returns the encoded bytecode of compiled file $filename
eaccelerator_load($code)
loads script which was encoded by eaccelerator_encode()
16.27. egroupware
To be able to use this package as intended, you will have to:
-
set up apache to access /var/www/egroupware from the web the way you like
-
install and set up your favourite SQL database (mysql, postgresql or
oracle), this package DOES NOT depend on any of them)
-
create and/or grant access to the database
-
set up your eGroupware installation itself by entering the correct credentials
at the install screen to be able to reach the above-mentioned database.
16.28. ejabberd
16.28.1. Creating your SSL keys
# cd /etc/jabberd
# openssl req -new -x509 -newkey rsa:1024 -days 3650 -keyout privkey.pem -out server.pem
|
Note
|
You should enter your domain name as the Common Name for your
certificate. |
# openssl rsa -in privkey.pem -out privkey.pem
Combine the Private and Public Key:
# cat privkey.pem >> server.pem
# chown root:ejabberd server.pem
# chmod 640 server.pem
Finally update the config file:
16.28.2. Creating an administrator
Register an account on your ejabberd deployment. An account can be created
using a jabber client like pidgin.
Add the following lines to you config:
{acl, admins, {user, "admin", "example.org"}}.
{access, configure, [{allow, admins}]}.
This will promote the account created in the previous step to an account with
administrator rights.
16.28.3. Testing
Add the following line to your /etc/sysconfig/firewall, for example after
mysql:
# ejabberd
-A INPUT -p tcp -m tcp --dport 5222 -j ACCEPT
Now you should be able to connect to ejabberd remotely. Start your favourite
jabber client on a remote machine (ie. pidgin) and register another account.
You should be able to talk to the admin now and vica versa.
For more info, please read the Installation and Operation Guide, which can be
found at /usr/share/doc/ejabberd-*/guide.html.
16.29. enemy-territory
If you got disconnected from servers and getting some #20004 errors, then
run as pbweb AS ROOT!!!
16.30. entrace
If your keyboard doesn’t work that can be because wrong
virtual terminal number set in entrance config.
Use the following command to set the proper value:
# ecore_config -c /etc/entrance_config.cfg -k /entranced/xserver -s "/usr/X11R6/bin/X -quiet -nolisten tcp vt7"
In this example you want to run entrance on vt7.
16.31. festival
$ echo "Frugalware can speak" | festival --tts
16.31.1. To test it with kttsd:
-
Start KTTSD (if not already running): kttsd
-
Send "Frugalware can speak" to KTTSD for speaking in English:
$ dcop kttsd KSpeech setText "Frugalware can speak" "en"
-
Speak the text:
$ dcop kttsd KSpeech startText 0
16.32. fglrx
If hardware acceleration does not work
make sure you have something similar in /etc/fstab:
tmpfs /dev/shm tmpfs defaults 0 0
If xv output doesn’t work in mplayer add the following line
to /etx/X11/xorg.conf's Device section:
Option "VideoOverlay" "on"
On the following page you can find some useful solutions for
different fglrx problems:
Thinkwiki fglrx.
16.33. firestarter
This version comes with a system init script now. You have to run the
firestarter executable from the command line (in an X driven console)
first to generate the initial start-up scripts.
To add it to startup, run this:
# chkconfig --del rc.firewall
# chkconfig --add rc.firestarter
To remove it from startup:
# chkconfig --del rc.firestarter
# chkconfig --add rc.firewall
16.34. flowplayer
Once you have the .flv file you want to share, you need to symlink
flowplayer.controls.swf, flowplayer.min.js and flowplayer.swf from
/usr/share/flowplayer and the code sniplet from
/usr/share/flowplayer/example/index.html.
16.35. foo2zjs
This driver is under constant change, therefore no "stable" branch exists.
Also, communications with the author led nowhere, that might explain some
weirdness of building it, getting the latest stable version number etc.
Mail
16.36. freenx
-
Installation
-
Configuration
On the server setup a fake password for the nx user:
Now allow the client to connect to the server by copying the file
/usr/NX/home/nx/id_dsa from the server to /usr/share/knx/client.id_dsa.key
on the client. Also make sure about it’s readable by users:
# chmod 644 /usr/share/knx/client.id_dsa.key
Also don’t forget to allow incoming ssh connections (by default port 22) in
/etc/sysconfig/firwall, then load the config with the
# service firewall restart
-
Users
By default shell accounts are not allowed to connect to th nx server, you can
allow a user to do so by
# nxserver --adduser <username>
then set a separate (for nx) password for the user:
# nxserver --passwd <username>
-
The client
Now start knx, the usage of that application is self-explaining.
16.37. fudforum
After installing this package, please run /usr/bin/fudforumsetup as root
to setup FUDforum
16.38. fuse
Fuse is a virtual filesystem "helper" which makes possible to mount unusual
things as a filesystem. It is achieved by using a simple program, which runs in
user space, to provide data that can be represented by the fuse kernel module
as a filesystem. The interpreter program is a less complex one than a
kernel-space module, which is much harder to write. In
Frugalware, regular users of a given box can mount filesystems by fuse.
First as root, let’s install the tools needed:
Then you have to add the fuse service to the startup list and start it
manually for now:
# service fuse add
# service fuse start
Now, having the base of fuse, we need to install the programs for each
specific filesystem type. To get a hint on what is available, you can issue the
following command:
The two most used (ftp, ssh) plugins can be installed by running the following
command. Beware, the ftp fs is a perl module, and it seems a bit
memory hungry / buggy / slow so therefore it might be replaced by CurlFtpFS
in the future.
# pacman-g2 -S fuseftp sshfs-fuse
Then, you can mount a remote dir with sftp access as a regular user doing:
$ /sbin/mount.fuse sshfs#YOURUSERNAME@SERVER:/REMOTEDIR /LOCALDIR -o rw,OTHEROPTIONS
You can also unmount it as a regular user doing:
$ fusermount -u /LOCALDIR
16.39. gammu
16.39.1. Configuring
You need to create your ~/.gammurc:
[gammu]
port = /dev/ttyUSB0
connection = fbus
Replace /dev/ttyUSB0 with your serial port device and fbus with the
appropriate protocol name if you are not a Nokia user. Check if you have write
access to the device, you need to be a member of the uucp group.
Once you think you’re done, check your setup:
It should print your IMEI number so that you’ll be able to check if gammu
really found your phone or there is a problem.
16.39.2. Creating a backup
You probably use gammu to make a backup of your phone.
-
Backing up your SMSes
$ gammu --backupsms backupsms.txt
-
The rest of your phone.
$ gammu --backup backup.txt
You may find an alternative format more human-readable for SMSes:
$ gammu --geteachsms > eachsms.txt
See the manual page for more tricks!
16.40. gcc
16.40.1. libstdc++
I have heard I should never remove the gcc package. Is this still true?
“No, since we split the gcc package, the standard C++ library is a separate
package, you have to install gcc only in case you really need a C compiler.”
16.40.2. gcjwebplugin
gcjwebplugin is a Firefox plugin for running Java applets. It is now
included in the libgcj sub-package, though it is not enabled by
default.
GNU Classpath and libgcj’s security implementation is under active
development, but it is not ready to be declared secure. Specifically,
it cannot run untrusted applets safely.
When gcjwebplugin is enabled, it prompts you with a dialog before
loading an applet. The dialog tells you that a certain URL would like
to load an applet, and asks if you trust the applet. Be aware though
that this dialog is mostly informative and doesn’t provide much
protection:
-
http and DNS can be spoofed meaning that the URL named in the
warning dialog cannot be trusted
-
someone could create a browser denial-of-service attack by creating a
page with hundreds of applet tags, causing gcjwebplugin to create
warning dialog after warning dialog. The browser would have to be
closed to eliminate the latest dialog
-
the whitelist is provided as a convenience, but it is unsafe because a
domain may change hands from a trusted owner to an untrusted owner.
If that domain is in the whitelist then the warning dialog will not
appear when loading the new malicious applet.
CURRENTLY GCJWEBPLUGIN RUNS WITH NO SECURITY MANAGER. THIS MEANS THAT
APPLETS CAN DO ANYTHING A JAVA APPLICATION THAT YOU DOWNLOAD AND RUN
COULD DO. BE VERY CAREFUL WHICH APPLETS YOU RUN. DO NOT USE
GCJWEBPLUGIN ON YOUR SYSTEM IF YOUR SYSTEM STORES IMPORTANT DATA.
THIS DATA CAN BE DESTROYED OR STOLEN.
The same warning applies to gappletviewer, which also runs with no
security manager (in fact, gcjwebplugin spawns gappletviewer to do the
applet loading). When run on the command line, gappletviewer issues a
warning on startup and asks you if you want to continue.
Even considering the risks involved, you may still want to try
gcjwebplugin. GNU Classpath’s AWT and Swing implementations are now
sufficiently mature that they’re able to run many applets deployed on
the web. If you’re interested in trying gcjwebplugin, you can do so
by creating a symbolic link in ~/.mozilla/plugins like so:
ln -s /usr/lib/gcj-*/libgcjwebplugin.so ~/.mozilla/plugins/
Type about:plugins in Firefox’s URL bar to confirm that the plugin has
been loaded. To see gcjwebplugin debugging output, run:
then at the GDB prompt, type
16.41. git
16.41.1. gitweb
If you want to set up a web interface for your git repositories, then:
-
install the gitweb package
-
edit /etc/gitweb.conf so that $projectroot will point to the
repository directory
-
restart apache so that the gitweb configuration will be included.
16.42. gnome-applets
The Mini Commander applet has been replaced by Deskbar. If you want the
functionality provided by the Mini Commander applet, please install the
deskbar-applet package with pacman
16.43. help2man
The most common usage of this applications is something like this:
$ help2man -n "<oneliner description>" -S Frugalware -N ./<binary> |sed 's/\\(co/(c)/' ><binary>.1
16.44. horde-webmail
This app does not have any webserver, SQL server nor IMAP server in its
depends, which is intentional. Anyway, if you plan to use it, you should set
up a webserver and an IMAP server. The SQL server is optional, but it’s the
most easiest-to-use preferences container.
Additionally this app is not configured in any way: there are far too many
customizable settings, so the packager cannot know how to set them for your
particular needs. Installation instructions can be found in the INSTALL file.
16.45. httpircproxy
Don’t forget to open port 8080 on your firewall!
To do this, add the following two lines to your /etc/sysconfig/firewall:
# httpircproxy
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
for example after MySQL’s entry.
16.46. hylafax
Welcome to the README! Thanks for taking the time to find it ;-)
For an introduction to the wonderful world of HylaFAX(tm), please see
http://www.hylafax.org/. Beginners should head directly to the docs:
http://www.hylafax.org/content/Documentation
If you have a question which you think relates only to the FPM version
of HylaFAX post a bug to the Frugalware BTS:
http://bugs.frugalware.org/
You should also be aware of the following system modification: FaxMaster is
added to /etc/postfix/aliases after installation automatically.
The default configuration files can be found under
/var/spool/hylafax/config/defaults/. You can copy these files to the
/var/spool/hylafax/etc/ directory and modify them there.
16.47. icewm
I have included a custom shell script called icewm-menus, for use with the icewm
menu file. An example menus file is also include at /usr/share/icewm/menus. It
uses standard shell syntax, so you can easily use shell variables, etc, to
create dynamic menus in icewm through my script and the usage of your local
$HOME/.icewm/menus file. To use it, use the following syntax in your menu file:
menuprog "(folder name)" (icon name) icewm-menus (menu switch to use)
If setup correctly, you’ll wind up with menus generated by the output of the
shell script. Have fun configuring icewm.
16.48. joomla
After installing this package, please run /usr/bin/joomlasetup as root
to setup Joomla
16.49. k3b
If you want to rip a video DVD, install the transcode package as well.
16.50. kbstick
If you do not know the keycodes for the keys you wish to remap the joystick events
to, then please install the xev program. It will help you to identify them. Moving
on, the /etc/kbstick.conf is the system level configuration file the shell script
reads from if the user does not have a .kbstickrc in their home directory. Syntax
is the same in both cases, and the configuration file has some comments to give you
an idea of what each variable does. I have set the default up/down/left/right key
mappings to what my laptop uses for them and the buttons will have to be manually
defined to their proper keycodes. If you need any further help, please email the
maintainer of this package.
|
Warning
|
kexec works just like reboot, so please save your data before using it! |
# kexec -l /boot/vmlinuz-2.6.18-fw1 --append="ro root=/dev/hda3 quiet vga=792 resume=/dev/hda2"
16.52. keytouch
In order to use keytouch, you must start the keytouch daemon. This can
be done by executing the following command (as root):
To start it automatically everytime your system boots, just type
Now, before you can use keytouch, you need to start one more daemon
(this time as user) called keytouchd. You might even want to add
keytouchd to the list of startup programs in your respective Desktop
Environment. For e.g.: In GNOME, point to System→Preferences→Personal and
open Sessions to open the session preferences. Now you can add keytouchd to the
list of startup programs.
16.53. kiax
If you want to test this package, you can use for example the server of
VoipBuster.
First, you should register a user name and password with their native
(Windows-only) client. After that give iax.voipbuster.com as the server and
your just registered username and password.
Now you should able to dial (currently the first minute is for free).
16.54. knb
To use knb, you need a config file like this:
nick idlenick
realname Knb
nicks keepnick
server irc.server.com 6667
channel #channel
where idlenick is used till keepnick is used by someone else. The bot will
join to #channel on irc.server.com.
You need to register that you’re the owner for the first time. To do this, join
#channel and
to give access someone to the bot.
Once keepnick is no longer used and knb switched to that nick, you can use
to change knb’s nick back to idlenick, so that you can change your nick back
to keepnick.
See the scripts directory on how to re-start your knb from cron
automatically.
16.55. kqemu
If you want to use kqemu, you need to mount tmpfs on /dev/shm. This is not
problematic, qemu prints a usable error message if you miss that. The problem
is that you have to do this again and again after each reboot. If you hate
this, then just add the following line to your /etc/fstab:
tmpfs /dev/shm tmpfs defaults,size=144m 0 0
16.56. kvpnc
Howto setup KVpnc for use without root password - sudo
-
Install sudo
-
Edit /etc/sudoers: add an command alias
# Cmnd alias specification
Cmnd_Alias KVPNC = /usr/bin/kvpnc
# User privilege specification
ALL ALL=NOPASSWD:KVPNC
|
Warning
|
Do it gently! (As always, when you edit /etc/sudoers.) |
16.57. lastfmsubmitd
16.57.1. Configuring Lastfmsubmitd
Change your LastFM username and password in /etc/lastfmsubmitd.conf and the
MPD server settings in /etc/lastmp.conf before starting the LastFM submit
daemon.
16.57.2. Starting the daemon(s)
After configuring lastfmsubmitd, you should run the following commands to
start the daemons:
# service lastfmsubmitd start
# service lastmp start
16.58. lilo
So, you feel like using lilo, do you? Well, here you will find
instructions for configuring lilo to work with Frugalware. Some things
to keep in mind:
-
lilo must be rerun every time you upgrade the kernel
-
lilo must also be rerun if you change configuration for it to take effect
-
only lilo or grub can be installed to your boot sector at the same
time, however they do not conflict while simply residing on your system
You will find an example lilo.conf in /etc/lilo.conf already. You will need to
tweak it in order for it to match your system’s booting setup. The default
structure is designed to reflect the most common setup I know of, but may
still require a lot of modifications. For more information on lilo, please
refer to man lilo and man lilo.conf.
16.59. lineakd
After installing lineakd, make sure you create a configuration file
before starting it.
Example configuration files are located in /usr/share/doc/lineakd-*/.
Don’t forget to copy the configuration file to /etc/lineakd after you
create it.
You can then start the lineak daemon by running the following command:
16.60. lirc
After installing lirc you need to take the following steps:
-
Find a lird.conf for your remote control on remotes
You can also take a look on /usr/share/remotes directory if you do not have an internet connection.
If you do not find your remote controller, try irrecord myremote command.
-
Copy your lircd.conf to /etc/ directory as root.
-
Add evdev to /etc/sysconfig/modules.
-
Load the module with modprobe evdev.
-
Edit /etc/sysconfig/lirc if necessary.
$ cat /proc/bus/input/devices | grep -e N -e H
will show you the event# you should use. (Default is 2.)
-
Start lircd and lircmd with sudo service lirc start.
16.61. lmsensors
Lmsensors is a hardware monitoring tool which is able to read thermal and
voltage values and fan speeds from the sensor chips of your motherboard.
Before running sensors you have to run sensors-detect as root to initialize
them. It will autodetect your hardware and define which kernel modules you
need to get it working properly, and tell you how to autoload them during
boot.
So if you want to use lmsensors try to run
and say YES at end of sensors-detect to write /etc/sysconfig/lm_sensors.
# service lmsensors start
16.62. lvm2
16.62.1. Creating
Here is a mini-HOWTO, a longer one is available
here.
First if you are on a setup cd, you need to
The first loads the device-mapper support for the kernel, the later enables the
existing volume groups. This is automatically done for you on an installed
Frugalware system.
You need to decide what physical partitions to use for LVM. In this mini-HOWTO
/ is /dev/hda1 and we create a big /home partition using /dev/hda2 and
/dev/hdc1.
Let’s initialize them for use by LVM:
pvcreate /dev/hda2 /dev/hdc1
Create a volume group titled vg:
Extend it with /dev/hdb1:
Then we can create a logical volume with a size of 400G titled home:
lvcreate -L400G -nhome vg
Create a filesystem on it as usual, ie. for ext3:
And now the only task is to mount it as usual, ie:
mount /dev/vg/home /mnt/target/home
16.62.2. Extending
You already saw how to extend a volume group. Extending a logical volume is a
bit more complex, but still easy.
umount /mnt/target/home
lvextend -L+900M /dev/vg/home
resize2fs /dev/vg/home
mount /dev/vg/home /mnt/target/home
|
Note
|
According to the manpage of resize2fs, it would have support resizing
without umounting, but this does not seem to work. |
lvextend -L+900M /dev/vg/home
resize_reiserfs /dev/vg/home
16.62.3. Removing
To remove a logical volume:
To remove a physical volume from a volume group:
To remove a volume group:
16.63. mailman
There is no any kind of http server in mailman’s depends.
It’s because they are not needed to get a working mailman.
Of cource if you want to provide archives and so don’t
forget to install a http server.
16.64. man
If you like coloured man-pages then you can enable that feature by issuing
# chmod +x /etc/profile.d/man-colors.sh
It is handled as a configuration file, so feel free to edit the colors in that
file if you want.
16.65. mantis
You have to GRANT some privileges (at least for the operating user) to be able
to use this package, as the installer does not GRANT them. The operating user
requires ALTER, SELECT, INSERT, UPDATE and even DELETE privileges, regardless
that the latter is not mentioned by upstream. For installation, INDEX, CREATE,
DELETE, and DROP privileges are also required - this can be carried out if you
provide the (MySQL) superuser’s credentials to the installer.
Do not forget to rm -rf /var/www/mantis/admin after a successful install to
prevent hijacking your bugtracker, and chage the default administrator’s
password.
16.66. mb2md
How to convert each users mbox from /var/mail to Maildir (under /home/$user)?
If you are too lazy to read the complete documentation:
cd /var/mail
for i in *
do
echo $i
su - $i -c "mb2md -m"
rm -v $i
done
After installing this package, please run /usr/bin/mediawikisetup as root
to setup MediaWiki
16.68. midpssh-http-server
Do not forget to open port 8080 on your firewall!
To do this, add the following two lines to your /etc/sysconfig/firewall:
# midpssh-http-server
-A INPUT -p tcp -m tcp --dport 8080 -j ACCEPT
for example after MySQL’s entry.
16.69. monit
You can set up Monit by adding these lines to /etc/inittab:
# Run monit in standard run-levels
mo:2345:respawn:/usr/sbin/monit -Ic /etc/monit/monitrc
16.70. motion
You should edit the settings: videodevice, input, norm,
frequency, width, height and target_dir in /etc/motion.conf
If the file already exists, it wont be overwritten by the package
while upgrading. You can refer /etc/motion-dist.conf for configuring motion.
16.71. munin
From munin-1.2.5-2 we no longer use a random uid/gid, but dedicated
ones. Because of this munin service will not start if you have it installed
before, so you have to correct this by issuing these commands:
groupmod -g 47 munin
usermod -u 47 -g 47 munin
chown -R munin:munin /var/lib/munin
chown -R munin:munin /var/www/html/munin
chown -R munin:munin /var/log/munin
chown -R munin:munin /var/run/munin
You should chown any other munin-owned stuff you may have lying around, these
are only the default ones.
16.72. mythtv
You can configure MythTV this way:
-
Start mysql service and setup mysql database password with mysqladmin -u root password mysqlpassword.
-
Set up the initial database with mysql -u root -p < /usr/share/mythtv/mc.sql and enter mysqlpassword.
-
Run sudo mythtv-setup for tune your tvcard.
-
Start mythtv backend with sudo service mythtv start.
-
Use mythfilldatabase to fill in your database.
-
Finally run mythfrontend and have fun!
16.73. nautilus-share
Here is an excerpt from the Samba documentation explaining what you need to
do to make this work:
USERSHARE
Starting with version 3.0.23, a Samba server now supports the ability
for non-root users to add user define shares to be exported using the
"net usershare" commands.
To set this up, first set up your smb.conf by adding to the [global]
section:
usershare path = /home/usershares
Next create the directory /home/usershares, change the owner to
root and set the group owner to the UNIX group who should have the
ability to create usershares, for example the "users" group. Set the
permissions on /home/usershares to 01770. (Owner and group all access,
no access for others, plus the sticky bit, which means that a file in
that directory can be renamed or deleted only by the owner of the file).
Finally, tell smbd how many usershares you will allow by adding to the
[global] section of smb.conf a line such as:
usershare max shares = 100
to allow 100 usershare definitions. Now, members of the UNIX group "users"
can create user defined shares on demand using the commands below.
The usershare commands are:
net usershare add sharename path [comment] [acl] [guest_ok=[y|n]] - to add or change a user defined share.
net usershare delete sharename - to delete a user defined share.
net usershare info [-l|--long] [wildcard sharename] - to print info about a user defined share.
net usershare list [-l|--long] [wildcard sharename] - to list user defined shares.
16.74. ndiswrapper
Ndiswrapper requires .inf and .sys files from a Windows(tm) driver to function.
Download these to /root for example, then run:
# ndiswrapper -i /root/foo.inf
After that you can delete them. They will be copied to the proper location. Once
done, please run:
Check this list of drivers.
You can get your possible hadware with:
# lspci -n | egrep 'Class (0280|0200):' | cut -d' ' -f4
Look for that on the above page for your driver.
Please have a look at the wiki for the FAQ,
HowTos, Tips, Configuration, and installation information.
16.75. nessus-core
Install script has generated default certificate use:
# /usr/sbin/nessus-mkcert
if you need to make a personalized one.
Remember to create a user with:
# /usr/sbin/nessus-adduser
Use /etc/sysconfig/nessusd for setting nessusd starting arguments.
16.76. nessus-core-gtk
Install script has generated default certificate use:
# /usr/sbin/nessus-mkcert
if you need to make a personalized one.
Remember to create a user with:
# /usr/sbin/nessus-adduser
Use /etc/sysconfig/nessusd for setting nessusd starting arguments.
16.77. nss-mdns
To enable IPv4 multicast DNS lookups, append mdns4 to the hosts line
in /etc/nsswitch.conf. Use mdns6 for IPv6 or mdns for both.
Please add /usr/lib/ooextras to your template paths in OpenOffice.org!
You can do this under:
Tools > Options > OpenOffice.org > Paths
Enjoy the new templates! :-)
16.79. openssh
16.79.1. Forwarding ports
# ssh -L 8000:localhost:80 server.com
After this you can access server.com:80 at localhost:8000 even if server.com:80
is not accessible from your machine.
16.79.2. Socks proxy
Many mobile users have the following problem: they have to use an unencrypted
wireless lan and they want to access webservers which does not support https.
There is an easy solution for this: you transfer data to a server in an ssh
tunnel then the data can be transferred to the server unencrypted in a wired
network. This is much more secure. Set up the socks proxy on localhost:8080:
Then configure your webbrowser to use the proxy, for example in firefox, select
Manual proxy configuration and then set SOCKS Host to localhost, Port to
8080.
|
Note
|
Don’t forget to clear other proxy fields! (HTTP, SSL, FTP, etc.) |
16.80. openttd
You require the data files of the original Transport Tycoon Deluxe
for Windows to play the game. You have to manually copy the following
files to /usr/share/openttd/data/
sample.cat
trg1r.grf
trgcr.grf
trghr.grf
trgir.grf
trgtr.grf
If you want to use the included scenarios, run openttd with the
following command:
$ openttd -g openttd -g /usr/share/openttd/scenario/<scenario_name>
16.81. pawm
Copy /etc/pawm.conf to $HOME/.pawm for your own local changes. If you want
icons on your desktop, add a file to your $HOME/.pawm directory that starts
with "app" and append an alphanumerical phrase of your choice to it. Then,
write the file structure as follows:
<icon name>
<x position> <y position>
<name to display>
<command>
firefox.xpm
40 40
firefox
firefox
Other things to remember, you can only use xpm files for this method, and it
takes the files from /usr/share/pixmaps. If I knew how to change this path to
a directory the user has, I would.
16.82. pekwm
Be sure to make your own file at $HOME/.pekwm/autostart if you use pekwm-session
to auto-launch commands when you startup. I know pekwm has a start file for
this, but my method launches it only at the start of your session, while the
method pekwm uses starts everytime you restart/start pekwm. Use it well. You can
find an example below:
dbus-session --exit-with-session --sh-syntax &
feh --bg-scale "$HOME/.foo/bar" &
16.83. perlpanel
I have purposely left out a few perl modules from the dependencies array,
because they are not needed to run perlpanel and drag in a lot of GNOME or
other stuff you may not want. Below, you will find a list of these modules and
what they do. If you find errors in this documentation, then please report it
and I will look into it.
perl-xmms - perlpanel plugin interface to xmms
perl-gnome2-vfs - various gnome plugin interfaces for perlpanel
libgnomeui - for full libglade support in perlpanel
16.84. php
in /etc/php.ini in order to use php-cgi.
16.85. phpbb
After installing this package, please run /usr/bin/phpbbsetup as root
to setup phpBB
After upgrading, make sure to run the database update script
16.86. pootle
16.86.1. Introduction
Pootle provides a separate webserver, after starting it, you should be able to
reach it at http://127.0.0.1:8080/.
16.86.2. Creating users
No-one can login to Pootle by default. You should edit
/usr/lib/python2.5/site-packages/Pootle/users.prefs, and uncomment the
startup user. Its password is startup, too. Then login via the web
interface, create an account. Finally edit the configuration file again and
comment the startup user.
16.87. postfix
16.87.1. Using a relay host
These are the basic steps to set up Postfix to use SMTP Authentication to send
mail through a relay host.
Set up a password maps file (/etc/postfix/sasl_passwd) as follows:
mail.ispserver.com username:password
# chown root:root /etc/postfix/sasl_passwd
# chmod 600 /etc/postfix/sasl_passwd
# postmap /etc/postfix/sasl_passwd
Append the following lines to /etc/postfix/main.cf:
relayhost = mail.ispserver.com
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =
16.88. postfixadmin
This package relies on correct install of postfix’s virtual tables and it
needs to be configured before usage. Be sure to read upstream’s
/var/www/postfixadmin/INSTALL.TXT in order to accomplish the setup
or upgrade. You should also take care of configuring apache to be able to
use the web-based interface.
16.89. postgrey
To use postgrey, put something along the lines of
smtpd_recipient_restrictions =
...
reject_unauth_destination
check_policy_service inet:127.0.0.1:60000
in your /etc/postfix/main.cf (postfix 2.1 or newer is required.)
16.90. pptpd
-
Preface
I was asked to set up VPN using PPTP. A much secure way to setup it up is using
IPSec, more details
here.
Also you could use ssh+pppd, but that’s rather problematic on platforms
other than Unix.
-
Setting up the server
The big problem here is that most outdated HOWTO starts with patching your
kernel and ppp. This is no longer needed!
Requiements: You need kernel>=2.6.15 or newer (Frugalware 0.4 or higher is OK).
Also you need ppp>=2.4.2.
Also probably these are already installed on your system, let’s see the new
package: pptpd. Install it with the usual
Probably this is done if you’re reading this HOWTO :-)
Here comes my /etc/pptp.conf:
$ grep -v '^\(#\|$\)' /etc/pptpd.conf
option /etc/ppp/options.pptpd
logwtmp
localip 10.0.0.88
remoteip 10.0.0.89-127
10.0.0.88 is the internal address of the server, 10.0.0.89-127 is the range
that can be used by the pptp clients.
Then let’s see that referred /etc/ppp/options.pptpd:
$ grep -v '^\(#\|$\)' /etc/ppp/options.pptpd
name pptpd
refuse-pap
refuse-chap
refuse-mschap
require-mschap-v2
require-mppe-128
proxyarp
debug
lock
nobsdcomp
novj
novjccomp
nologfd
After everything works fine, you can remove the "debug" line from the config.
Then add at least one user:
# cat /etc/ppp/chap-secrets
## client server secret IP addresses
mylogin * stupidpassword *
The rest is about to allow pptp on the firewall (I’m assuming that you use the
default Frugalware configuration: INPUT is on DROP by default, but FORWARD is
allowed, OUTPUT too.)
Add the following 2 lines to the filter section of /etc/sysconfig/firewall:
-A INPUT -p gre -j ACCEPT
-A INPUT -p tcp -m tcp --dport 1723 -j ACCEPT
If you want to allow a client to access Internet via this pptp server, add the
following line to the nat section of the same file (change ethX to the correct
network interface):
-A POSTROUTING -o ethX -j MASQUERADE
Then check if you have PPP support in the kernel enabled:
# lsmod | grep ppp_generic
If there is no output, enable it:
# modprobe ppp_generic
# echo "ppp_generic" >> /etc/sysconfig/modules
Now we’re ready to start:
# pptpd -f -o /etc/ppp/options.pptpd
If no error messages are reported, omit the -f option so it will go background.
Later you can put this to your /etc/rc.d/rc.local. Debug messages will appear
in /var/log/messages if you’re interested in them.
-
Client side
Install the necessary "pptp" package:
Most howto suggets the pptpconfig (http://pptpclient.sourceforge.net/) tool,
it’s written in PHP and uses GTK+2. You don’t want to use graphical tools
locally (and install XOrg) for administrating your machine, do you?
We can do it by hand, not too complicated.
You can name every tunnel you create, I’ll use here the "mytunnel" name.
Fire up your favorite editor and create the /etc/ppp/peers/mytunnel file with
the following contents:
$ grep -v '^\(#\|$\)' /etc/ppp/peers/mytunnel
name mylogin
remotename PPTP
file /etc/ppp/options.pptp
pty "pptp IP_OF_THE_SERVER --nolaunchpppd "
require-mppe
Your /etc/ppp/chap-secrets should contain the following line:
We’re ready to start the client:
# pppd pty 'pptp server --nolaunchpppd' call mytunnel debug dump logfd 2 nodetach
A lot of debug messages will be printed, check on an other console if you got a new pppx interface or not:
# ifconfig ppp0
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.0.0.89 P-t-P:10.0.0.88 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:996 Metric:1
RX packets:7 errors:0 dropped:0 overruns:0 frame:0
TX packets:7 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:70 (70.0 b) TX bytes:76 (76.0 b)
If it seems to be ok, you no longer need the debug messages and pppd can go
backround:
# pppd pty 'pptp server --nolaunchpppd' call mytunnel
That was all. Not so simple but anyone can do it :-)
-
Resources
16.91. psx
Note: You must find a PSX bios on your own, and place it in ~/.pSX/bios.
16.92. pyro
You’ll find pyro’s scripts in /usr/lib/python2.5/site-packages/Pyro/bin
16.93. qemu
16.93.1. QuickStart
If you are completely new to qemu, you may find the big list of switches a
bit confusing. Most users want to install an operating system from a cdrom
image to a virtual harddisk. Here is what you need:
$ qemu-img create foo.img 8G
$ wget http://server.com/bar.iso
$ qemu -hda foo.img -cdrom bar.iso
16.93.2. Tricks
It worth to read the full documentation at
/usr/share/doc/qemu-*/qemu-doc.html, it really worth to do so.
To demonstrate how powerfull qemu is, here are a few cheap tricks:
If you want to be able to ssh to the machine, you can use port derirection. For
example using the -redir tcp:1022::22 option, qemu:22 will be available at
localhost:1022.
|
Note
|
This requires root privileges. |
You can create a unix socket to control your virtual machine. For example if
you are not able to ssh to the machine, you can still properly shut it down:
Use the -monitor unix:/tmp/qemu,server,nowait option, then send the sendkey
ctrl-alt-delete string to the socket, for example using python:
python -c "import socket; sock = socket.socket(socket.AF_UNIX, socket.SOCK_STREAM); \
sock.connect('/tmp/qemu'); \
sock.send('sendkey ctrl-alt-delete\n')"
Finally a trick about vnc: using for example the -vnc 0 option, it’s possible
to reach qemu’s display via vnc. This is quite handy if you run qemu on a
server (for example in screen), then you can freely attach to and detach from
it whenever you want to do so.
Really, read the full documentation! :)
16.94. quagga
The config files have to be in the /etc/quagga dir and have to be writeable
by the quagga user (to be able to save config from the daemon’s shell).
Neither of the daemons will start till you edit the config files and
rename/move them from *.conf.sample to *.conf (be careful to the uid/gid).
You have to enable explicitly the routing daemons to get started from the
init script. The config file is /etc/sysconfig/quagga
If you have a working firewall, the OSPF daemon will not get working, you
have to enable it in the firewall with this rule (maybe other routing
daemons also have to be enabled, if you use it, but i could not find
anything about that):
iptables -A INPUT -p 89 -m state --state NEW -j ACCEPT
To really activate quotas, you’ll need to add usrquota to the appropriate
partitions as listed in /etc/fstab. Here’s an example:
/dev/hda2 /home ext2 defaults,usrquota 1 1
When you want quota support for a given partition, some special files have to
be created boot-time. This is not done by default. To do so, you need to
# touch /var/lib/quota/new
then, reboot to create those files.
To edit user quotas, use edquota. See man edquota.
16.96. r8169
16.96.1. About the driver
This is the r8169 driver from Realtek. This in not the same r8169
presented in Linux kernel.
This driver supports: RTL8169S/8110S, RTL8169SB/8110SB, RTL8110SC
16.96.2. Using the driver
To use this driver you have to remove the official r8169 if loaded.
You can load this module with
It might be a good idea to blacklist r8169 and add realtek-r8169 to
/etc/sysconfig/modules, so you do not have to play this game after
every reboot.
16.97. rox-filer
Use the included desktop2appfile shell script, if you want an automatic way of
converting system installed desktop files in /usr/share/applications to a ROX
appdir.
Create a new feed database:
$ r2e new you@yourdomain.com
$ r2e add http://www.aaronsw.com/2002/rss2email/updates.rss
(That’s the feed to be notified when there’s a new version of rss2email.)
Repeat this for each feed you want to subscribe to.
When you run rss2email, it emails you about every story it hasn’t seen before.
But the first time you run it, that will be every story. To avoid this, you
can ask rss2email not to send you any stories the first time you run it:
Then later, you can ask it to email you new stories:
You probably want to set this up as a cron job or something.
16.98.2. Customize:
There are a few options, described at the top of rss2email.py. If you want to
change something, add it to config.py. For example, to be notified every time
a post changes, instead of just once per post:
$ echo "TRUST_GUID = 0" >>~/.rss2email/config.py
And you can ask rss2email to make the emails look as if they were sent when the item was actually posted:
$ echo "DATE_HEADER = 1" >>~/.rss2email/config.py
16.99. sawfish
I have included a simple script called sawfish-session which sources
$HOME/.sawfish/startup, if it exists. It is setup so you can easily run your
own commands before sawfish is launched. You can find an example file at
/usr/share/sawfish/startup. Also, there is a sawfish-aplay script as well,
which is a wrapper to aplay with the -q argument so your logs aren’t spammed by
a bunch of useless messages if you choose to use sound events. To use sound
events in sawfish, run sawfish-ui and goto the Sound tab, and enable sounds.
Then, close the program, run it again, and there should a greyed out box at the
bottom for entering a command to for playing sounds. I have disabled ESD
support in favor of this. Check the box to enable it, and enter either
sawfish-aplay or another program of your choice. However, keep in mind this box
cannot accept arguments, it can only accept the path to an executable of some
sort, which is the whole reason I included an aplay wrapper. Also, be sure to
visit http://sawfish.wikia.com if you want to find stuff to supplement sawfish,
like scripts, themes, etc. And, finally, you will an example piece of lisp code
you can put in your $HOME/.sawfishrc and edit to your heart’s content to get
the right root menu for you. This is also where you put lisp code that you want
to become active every time you restart sawfish. Use sawfish-client if you want
to test it, and remember to put it in your rc file if you wish to retain it.
Happy hacking!
(setq root-menu '(
("Editors"
("Abiword" (system "abiword &"))
("Leafpad" (system "leafpad &"))
)
("Terminals"
("Sakura" (system "sakura &"))
("xterm" (system "xterm &"))
)
("Multimedia"
("Audacious" (system "audacious &"))
("VLC" (system "vlc &"))
)
("Network"
("Firefox" (system "firefox &"))
("Pidgin" (system "pidgin &"))
)
("Restart" restart)
("Quit" quit)
))
16.100. scratchbox
You need to complete the install, running:
# /usr/lib/scratchbox/run_me_first.sh
Do not forget to create a scratchbox user:
# /usr/lib/scratchbox/sbin/sbox_adduser <user>
For further documentation about how to setup scratchbox for your development
needs have a look at
scratchbox documentation.
Also note that when you reboot and before trying to run scratchbox, you should run:
# service scratchbox start
You can also add it to the default runlevel:
Then to start scratchbox, run:
$ /usr/lib/scratchbox/login
|
Note
|
In order to run scratchbox, you have to be in the sbox group. |
16.101. screen
16.101.1. Keeping your screen running across reboots
You may want to restart your screen session automatically after a reboot. This
is the case, for example, when we seed the Frugalware ISOs using a torrent
client. Here is what you need:
screen -t seed 0 /bin/sh -c 'cd $HOME/frugalware-torrents; rtorrent'
16.102. speedtouch
Driver for the SpeedTouch USB and SpeedTouch 330
The binaries (modem_run and pppoax) have been installed in /usr/sbin.
You will find the documentation and example script files in: /usr/share/doc/speedtouch-pkgver
You can start configuring your modem by running
/usr/bin/speedtouch-setup
|
Note
|
Read the documentation (/usr/share/doc/speedtouch-pkgver/howto)
carefully to use this driver correctly! |
16.103. squirrelmail
Please start the configure script in the /var/www/squirrelmail directory!
16.104. squirrelmail-check_quota
You have to install this plugin with squirrelmail’s own ./configure tool.
16.105. squirrelmail-login_notes
You have to install this plugin with squirrelmail’s own ./configure tool.
16.106. stunnel
You need some additional configuration before stunnel will be functional:
Adjust the configuration file:
# cp /etc/stunnel/stunnel.conf-sample /etc/stunnel/stunnel.conf
# vi /etc/stunnel/stunnel.conf
|
Note
|
If something goes wrong, try setting sslVersion to all. |
Genrate your certificate:
# openssl req -new -x509 -days 365 -nodes -config /etc/stunnel/stunnel.cnf -out \
/etc/stunnel/mail.pem -keyout /etc/stunnel/mail.pem
Hide the certificate from users:
# chmod 600 /etc/stunnel/mail.pem
Now you can enable and start the service:
# service stunnel add
# service stunnel start
16.107. sugarcrm
In order to use the sugarcrm, you have to symlink it to somewhere. For example, if
you want to use it under http://localhost/sugarcrm, then use:
# ln -s /var/www/SugarSuite /var/www/html/sugarcrm
16.108. trac
After installing trac you need a few steps to set it up.
First of all do not forget to install postgresql/mysql/sqlite
according to which database backend you want to use.
To create a new trac project, just use the command:
$ trac-admin /path/to/myproject initenv
You can check the result with:
tracd --port 8000 /path/to/myproject
For further documentation on trac, how to set up with
different HTTP daemons see
TracGuide
16.109. udev
/lib/udev/devices is the directory where packages or you can place real
device nodes, which get copied over to /dev at every boot. This replaces
our previous /etc/sysconfig/udev solution. (The change was recommended by
upstream.)
16.110. user-mode-linux
16.110.1. Creating a root image
# dd if=/dev/zero of=root_fs bs=1M count=1000
# mkdir uml
# mount root_fs -o loop uml
# cd uml
Install base and openssh:
# mkdir -p var/log tmp
# pacman-g2 -Sy base openssh -r ./
Create etc/fstab with the following contents:
none /proc proc defaults 0 0
none /sys sysfs defaults 0 0
devpts /dev/pts devpts gid=5,mode=620 0 0
/dev/ubda / ext3 defaults 1 1
Create etc/sysconfig/keymap with the following contents:
Create etc/profile.d/lang.sh with the following contents:
export LANG=en_US
export LC_ALL=$LANG
We want networking, put the followings to etc/sysconfig/network/default:
[eth0]
options = 192.168.0.1
gateway = default gw 192.168.0.254
If you want to use multiple virtual machines, use 192.168.0.2, 192.168.0.3
and so on instead.
Let’s copy in the terminal device and change our root:
# cp -a /dev/tty dev/
# chroot ./
Remove unnecessary services and enable ssh:
# service keymap del
# service time del
# rm /etc/rc.d/rcS.d/S18rc.time
# service sshd add
Remove unnecessary packages:
# pacman-g2 -R gpm kernel
Change /etc/inittab so that ctrl-alt-del will halt (and not reboot the
system). Change the line
ca::ctrlaltdel:/sbin/shutdown -t5 -r now
ca::ctrlaltdel:/sbin/shutdown -t5 -h now
Exit from the chroot and umount:
# exit
# cd ..
# umount uml
You’re ready, let’s register it!
16.110.2. Configuration file
You should edit /etc/sysconfig/uml. Each item in the machines array defines a
virtual machine. Here is an example:
machines=('ubd0=/home/uml/root_fs_0 eth0=tuntap,,,192.168.0.254 mem=128MB con0=null,fd:1 con=null')
-
root fs will be /home/uml/root_fs_0
-
the IP of the host will be 192.168.0.254
-
allocate 128MB of memory
-
disable console input, console output will be stdout (that’ll be logged to /var/log)
-
disable other consoles (we don’t need them, we can use ssh)
16.110.3. Configuring the host network
First you need the tun kernel module:
# modprobe tun
# echo tun >> /etc/sysconfig/module
Second, you need NAT. Let’s assume you access the external network via the
eth0 interface, then edit /etc/sysconfig/network/default and search the end
of the [eth0] section. Just append
post_up = iptables -t nat -A POSTROUTING -j MASQUERADE
Now you can easily start/stop your machines using the usual service uml
start/stop command.
16.111. util-linux-ng
16.111.1. Using tmpfs for /tmp
Frugalware does not use tmpfs for /tmp by default. However on servers this
can cause problems: if you do not reboot for months, then cleaning /tmp can
take some time. Using tmpfs can solve your problem: it’s a ramdisk so its
content not preserved during a reboot. All you need is to add the following
line to your /etc/fstab:
tmpfs /tmp tmpfs defaults 0 0
|
Note
|
You need util-linux >= 2.12-31 for this, otherwise X may not start. |
16.112. vavoom
16.112.1. Before you play
To be able to play, you must have the IWAD files of the original games
and copy it in ~/.vavoom or in /usr/share/vavoom. You can find this IWAD
file on the original game CD or in the net. You can use shareware game’s
IWAD, too.
16.113. vim
If you want to enable spell check support, you need to:
# pacman-g2 -S vim-spell-xx
where xx is code of the requested language.
:setlocal spell spelllang=xx_yy
Some languages need correctly set encoding. If you get a message like:
Warning: Cannot find word list "hu.latin1.spl" or "hu.ascii.spl"
then you need to set your encoding as well:
The incorrect words are coloured red by default. You can reach a list of
suggested words by pressing z= when the cursor is at the given word.
If you want to disable the spell check support, type:
It may be handy to have map function keys in ~/.vimrc to enable / disable the
spell check support:
set encoding=latin2
map <F5> <Esc>:setlocal spell spelllang=en_gb<CR>
map <F6> <Esc>:setlocal spell spelllang=hu<CR>
map <F7> <Esc>:setlocal nospell<CR>
|
Note
|
The language code is sometimes in an xx and sometimes is in an xx_yy
form. This is something you need to figure out for your language. |
See the upstream documentation for more info about spell check support:
16.114. virtualbox
If you want to be able to use the VirtualBox guest additions, run
this command as root to get the Additions ISO (requires an active
Internet connection):
# /usr/bin/get-vbox-additions
16.115. wifi-radar
Don’t forget to change the wifi interface name in /etc/wifi-radar.conf!
16.116. x11vnc
Running x11vnc without a password is not recommended. To create one, type:
Then you can start the VNC server using
x11vnc -display :0 -rfbauth ~/.vnc/passwd -forever
16.117. xcache
16.117.1. Installing As PHP Extension?
-
Check /etc/php.ini
# cat /usr/share/doc/xcache-$pkgver/xcache.ini >> /etc/php.ini
-
Modify php.ini for your needs:
-
Restart php
|
Warning
|
Use >> with cat, not simply > |
16.118. xchat
How should I remote control xmms from xchat?
First make sure you really need it - some people think it’s a security hole.
You need
XChat-XMMS plugin
from
XChat’s Scripts + Plugins
section,
and some other packages (mostly Perl modules) which I’m too lazy to search for,
but are available in fpm. Unpack the tarball, copy the .pl script to your
XChat dir, and (try to) load it. If it complains about missing Perl modules,
install them and try again. (This script has some minor bugs, but was found
to be the most useful one amongst the kind. The documentation is a German PDF,
which is to be translated to English/Hungarian.)
16.119. xdm-frugalware
To use this theme, please add -config /etc/X11/xdm/frugalware/xdm-config
to your xdm environmental variable in /etc/sysconfig/desktop and restart
xdm.
16.120. xen
|
Warning
|
Xen is unstable software, meaning that it should not be used on your
main PC, it may destroy your data. As an example, I destroyed my file system
during testing. |
First of all, read the INSTALL file for the instructions.
For lazy users, here’s what i had to do to get the driver working:
-
Make sure you have the evdev kernel module loaded before the x server
started (or restart it after you loaded the module).
-
Now open your /etc/X11/xorg.conf and add the following:
-
Replace the content of your "InputDevice" section to the followings:
Section "InputDevice"
Identifier "Synaptics Mouse"
Driver "synaptics"
Option "Device" "/dev/psaux"
Option "Protocol" "auto-dev"
Option "LeftEdge" "1700"
Option "RightEdge" "5300"
Option "TopEdge" "1700"
Option "BottomEdge" "4200"
Option "FingerLow" "25"
Option "FingerHigh" "30"
Option "MaxTapTime" "180"
Option "MaxTapMove" "220"
Option "VertScrollDelta" "100"
Option "MinSpeed" "0.09"
Option "MaxSpeed" "0.18"
Option "AccelFactor" "0.0015"
Option "SHMConfig" "on"
# Option "Repeater" "/dev/ps2mouse"
EndSection
-
Add this line to the "ServerLayout" Section:
InputDevice "Synaptics Mouse" "CorePointer"
16.122. xgl
-
Xgl server
Xgl is a hardware accelerated X server. It renders everything that gets drawn
to the screen with OpenGL to allow for fancy effects like wobbly windows,
translucency, etc. The disadvantage to Xgl is that programs that already use
OpenGL will not work on it. Xgl is only recommended if you do not have a
graphics card that supports GLX_EXT_texture_from_pixmap.
-
AIGLX
Accelerated Indirect GLX ("AIGLX") is an open source project founded by Red Hat
and the Fedora Linux community to allow accelerated indirect GLX rendering
capabilities to X.Org and DRI drivers. This allows remote X clients to get fully
hardware accelerated rendering over the GLX protocol; coincidentally, this development
was required for OpenGL compositing window managers (such as Compiz) to function with
hardware acceleration.
-
Compiz Fusion
Compiz Fusion is the result of a merge between the well-known Beryl composite window
manager and Compiz Extras, a community set of improvements to the Compiz composite window
manager. Compiz Fusion aims to provide an easy and fun-to-use windowed environment,
allowing use of the graphics hardware to render each individual window and the entire
screen, to provide some impressive effects, speed and usefulness.
|
Note
|
Before starting with installing compiz fusion, make sure you remove all
beryl packages installed on your system. Beryl is now merged with compiz-fusion
and is no longer supported on frugalware. |
16.122.1. Setting it up
This section describes how to setup Xgl or AIGLX depending on which graphics card you have.
Intel Graphics Cards (i810)
This section describes how to setup Xgl/AIGLX on computers having Intel Graphics Cards.
First, make sure that the Intel Xorg drivers are installed. You can install it using:
# pacman-g2 -S xf86-video-i810
I would recommend using AIGLX and NOT xgl for intel users. This is because Xgl works extremely slow on
such cards. On the other hand, AIGLX is much faster than Xgl and is easier to setup. This section
describes how to setup AIGLX for Intel GMA series cards.
You have to edit the /etc/X11/xorg.conf as root.
Look for Section "Module" and make sure that the following lines exist in that section
Load "dri"
Load "glx"
Load "dbe"
Now, look for Section "Device" and add the following lines to it
Option "XAANoOffscreenPixmaps" "true"
Option "DRI" "true"
And add this to Section "ServerLayout"
Now look for Section "DRI". Create it if it doesn’t exist and make sure it looks like the following
Section "DRI"
Group "video"
Mode 0660
EndSection
|
Note
|
Also please make sure you are in the video group. |
Finally, add this line to Section "Extensions"
"Option" "Composite" "Enable"
Save the file and exit the editor. Reboot your system. Your system should now be set up to use Compiz Fusion.
Now read on to the Window Manager setup section!
NVIDIA Graphics Cards
If you have an nVidia card, you’re in luck - you can use all the fancy effects without the need for Xgl.
This means you’ll get much better performance. First of all, you’ll need the latest nVidia drivers (100.14.11-6).
Install them if you haven’t already done it.
Now, as i stated earlier, you can use it with or without Xgl. Both the ways are described below.
You have to edit the /etc/X11/xorg.conf as root.
First find the Device section for your nVidia card. Add the following line to it:
Option "XAANoOffscreenPixmaps" "false"
Now go to the Screen section. Make sure the following lines are there:
Option "AddARGBGLXVisuals" "True"
Option "RenderAccel" "true"
Option "Coolbits" "1"
Option "TripleBuffer" "true"
Option "AllowGLXWithComposite" "True"
Finally, make sure the Composite extension is enabled. If it’s not, add these lines to the bottom of the file:
Section "Extensions"
Option "Composite" "Enable"
EndSection
Save the file, and then reboot. Your system should now be set up to use Compiz Fusion.
This section describes how to use Xgl on a system with an Nvidia card.
First of all, you’ll need to install Xgl. This can be done by running:
Once installed, xgl can be enabled by initiating the following command (as root) :
# fw-xgl-control --enable
To disable Xgl, run the following command (as root) :
# fw-xgl-control --disable
Every time xgl is enabled or disabled, you need to restart GDM. This can be
done by running the following command (as root) :
Now read on to the Window Manager setup section!
16.122.2. Window Manager Setup
Now you need to install a window manager to be able to get all these fancy effects. Frugalware currently has
compiz-fusion window manager that can be used with XGL or AIGLX.
Note that Frugalware no longer supports Beryl.
Compiz Fusion
This section describes how to setup / use Compiz Fusion as the window manager with XGL / AIGLX depending
on your Desktop environment.
Run the following command (as root) to install the necessary packages:
# pacman-g2 -Sy compiz compiz-emerald compiz-emerald-themes fusion-icon ccsm
Now you can simply fire up Fusion Icon from your Xfce menu. An icon should appear in your system tray.
Right click it and go to Select Window Manager. Choose "Compiz" from the list. If at any time you wish to
return to your normal window manager, just select it from the fusion icon.
If it works, you should add fusion-icon to the startup programs in your desktop environment. This can be
done by going to Settings → Autostarted Applications in your Xfce menu.
Run the following command (as root) to install the necessary packages:
# pacman-g2 -Sy compiz-gnome fusion-icon ccsm
Now you can simply fire up Fusion Icon from your GNOME menu. An icon should appear in your system tray.
Right click it and go to Select Window Manager. Choose "Compiz" from the list. If at any time you wish to
return to your normal window manager, just select it from the fusion icon.
If it works, you should add fusion-icon to the startup programs so that it automatically starts everytime
you login into GNOME. This can be done by going to System → Preferences → Sessions → Startup Programs
in your Gnome menu.
By default, compiz-gnome is shipped with gtk-window-decorator. Gnome users can also use Emerald as
a window decorator with compiz. To install emerald, run (as root):
# pacman-g2 -Sy compiz-emerald compiz-emerald-themes
Once installed, you can switch to emerald as the window decorator. To do this, just right click the Fusion icon,
navigate to "Select Window Decorator" and select "emerald" from the list.
Run the following command (as root) to install the necessary packages:
# pacman-g2 -Sy compiz-kde fusion-icon ccsm taskbar-compiz kicker-compiz
You can now use compiz by starting Fusion Icon from the KDE menu.
By default, compiz-kde is shipped with kde-window-decorator. Kde users can also use Emerald as
a window decorator with compiz. To install emerald, run (as root):
# pacman-g2 -Sy compiz-emerald compiz-emerald-themes
Once installed, you can switch to emerald as the window decorator. To do this, just right click the Fusion icon,
navigate to "Select Window Decorator" and select "emerald" from the list.
16.123. xpenguinsapplet
If no penguins appear on your desktop after you hit the launch button,
go in KDE Control Center → LookNFeel → Behavior
and make sure Allow programs in desktop window is checked.
20.1. Introduction
Frugalware consists of thousands of packages. Each files in the distribution
belong to some package. You can easily query which package does the specified
file belong to. If you want to know which package contains
/etc/frugalware-release, you should use:
$ pacman-g2 -Qo /etc/frugalware-release
/etc/frugalware-release is owned by frugalware 0.6rc1-1
If you browse the FST (Frugalware Source Tree), you can see, that in the
source directory there are category and category-extra dirs. The dirs without
-extra tag contains the basic packages of the given category and the
dependencies of the basic packages. So a package in these directories can not
depend on a package in extra directories.
The same true for console/graphical applications: if your applications/library
is graphical, then use xapps/xlib, if not then use apps/lib.
For each task there is a default package. For example postfix is our
default MTA, so exim, sendmail, etc must be in some extra dir.
The repo has a source and a binary directory. The frugalware repo’s
directories are source/ and frugalware-$arch/. The binary packages are in
the binary directory of the repo. The sources of packages are a little
bit more complex. Each package has a category, and each category and
package has its own directory in the source dir.
Let’s see an example. You are searching for the cabextract package.
The binary package is named
frugalware-<arch>/cabextract-<version>-<release>-<arch>.fpm and its
source is placed in the source/apps/cabextract dir.
In the package’s own dir, we store everything required to compile the package.
You may say we should store only the patches and so, but in our opinion, it’s
very annoying when you want to recompile a package and the original server is
slow or even unreachable, due to some other reasons. Also it may be illegal
that we would provide only binary packages without storing the source (since
then it may be possible that we are not able to send the source to you even if
you ask us by mail).
Besides, there is a FrugalBuild file in each package’s source directory.
This is a simple bash shell script, that will be included by makepkg.
So in the FrugalBuild script you can use everything that can be used
in a shell script.
|
Note
|
During the package database generation we source all the FrugalBuilds, so
it must be a very short time to do so for each FrugalBuild. Because of this,
you should not use something like: |
sha1sums=(`lynx -dump http://foo.com/bar.sha1`)
# http://foo.com/bar.sha1
sha1sums=('094e3afb2fe8dfe82f63731cdcd3b999f4856cff')
This way gensync will be fast even if reaching foo.com takes a lot of time.
Also using the -u option an offline build is possible.
Briefly, packaging means collecting the sources, adding additional
files (for example init scripts or config files) and writing the
FrugalBuild script.
20.2. Recompiling packages
Before creating a new package, first we will recompile an existing package in
this howto. It’s very simple. In our example we will recompile the mplayer
package.
First, you have to download the current FST.
Before building the chroot environment, you should make sure about that the
fst user exists on your system. Check your /etc/passwd file. If not, then
please check your /etc/passwd.pacnew file, that contains the relevant entry,
just copy that line to /etc/passwd.
Now that you have the fst user, continue with
$ cd $fst_root/source/xapps/mplayer
$ sudo makepkg [<options>]
|
Note
|
If you are using stable, you probably want to use the -t stable option! |
First we enter the directory of mplayer then (like make and Makefile)
we run makepkg that will build the package according to the parameters
described in FrugalBuild. We used use the -R option to build the package
in a chroot-ed environment. Since 0.5 building in chroot is the default
methot, you have to use -H if you want to build on the host system.
Chroot requires root privileges. To allow group (for example the devels
group) to use sudo makepkg, start visudo as root, and add the following line:
%devels ALL=NOPASSWD:/usr/bin/makepkg
The chroot will be placed by default in /var/chroot. Only one package
can be built in a chroot at a time, so maybe you’ll want to specify
a separate chroot for each user. In order to do this, set
the $CHROOTDIR variable in your /etc/makepkg.conf from:
export CHROOTDIR="/var/chroot"
‘export CHROOTDIR="/var/chroot.echo $HOME|sed 's|.*/\(.*\)$|\1|’"`
This way the one parallel build / one system limit is increased to one
parallel build / one user.
(See man makepkg for more info about the benefits of building in a chroot).
20.3. Use variables
You can alter the result of the build process using environment variables
without touching the FrugalBuild itself. The git package is a good example.
Using
$ USE_DEVEL=y sudo makepkg [<options>]
for that package results in a build of git’s development version. Here is what
you need if you want so for your package:
# set the variable to false by default
USE_DEVEL=${USE_DEVEL:-"n"}
(...)
# these commands will be evaluated only in case USE_DEVEL is set to true
if Fuse $USE_DEVEL; then
_F_scm_type="git"
_F_scm_url="git://git.kernel.org/pub/scm/git/git.git"
Finclude scm
fi
In the next section we will see an example for a simple FrugalBuild script.
20.4. A simple example
Let’s see a simple example, the FrugalBuild script of the cabextract package.
# Compiling Time: 0.06 SBU
# Maintainer: VMiklos <vmiklos@frugalware.org>
pkgname=cabextract
pkgver=1.2
pkgrel=1
pkgdesc="a program to extract Microsoft Cabinet files"
url="http://www.kyz.uklinux.net/cabextract.php"
depends=('glibc')
groups=('apps')
archs=('i686' 'x86_64')
up2date="lynx -dump http://www.kyz.uklinux.net/cabextract.php |grep 'cabextract \
source code'|tr -s ' '|cut -d ' ' -f 6"
source=(http://www.kyz.uklinux.net/downloads/$pkgname-$pkgver.tar.gz)
sha1sums=('871b3db4bc2629eb5726659c147aecea1af6a6d0')
# optimization OK
And here comes the description for each line:
# Compiling Time: 0.06 SBU
You should write here how much time did it take to build the package.
Of course, it depends on your hardware, so we use SBUs instead of
minutes as a unit.
SBU is the Static Binutils Unit, which means the time repoman merge
binutils takes on your machine. By default makepkg will print out
how many seconds the build took. After you built binutils, you should
update your /etc/makepkg.conf:
The line above means compiling binutils on your machine took 257 seconds.
From this point, makepkg will print out SBUs instead of seconds after
successful builds, and this SBU value will be equal on anyone’s machine.
If you are the maintainer of the package, write your name or nick and
e-mail address here. If you probably you won’t maintain the package,
write Contributor instead of Maintainer, and then the Maintainer will
add his/her line later. A package may have only one contributor: the first
person who wrote FrugalBuild for it. The maintainer is the current maintainer.
The other names should not be included in the FrugalBuild, anyone can use the
version control features to look for them.
This will be the name of the package. It’s allowed to include numbers,
hyphens (-), etc., and should be lowercase.
The package’s version. Hyphens are not allowed, so a 1.0-6111 will be
usually converted to 1.0_6111.
Release number marks Frugalware-specific changes. If you recompile a package,
you should increase this number. If you upgrade to a newer version, don’t
forget to reset this number back to 1. If you design a new package,
set this to 1.
pkgdesc="a program to extract Microsoft Cabinet files"
A short one-line description for the package. Usually taken from the project’s
homepage or manpage.
url="http://www.kyz.uklinux.net/cabextract.php"
The website of the project.
List of dependencies of the package, defined in a bash array.
Usually you should compile a package at least two times: first
with depends=(), then you should run chkdep -p foo.fpm that will
suggest the dependencies, but handle that information with caution!
Reading the README, INSTALL and configure.ac files is also a good
idea to find out dependencies.
It is needed to know where, in which category the package belongs.
The most important thing: don’t put your package in apps, base, devel,
lib, multimedia or network, if it depends on X (or on a pkg depending on
X, of course). Packages in the extra repository get the -extra suffix
to the group name.
You should use groups for creating metapackages. The method is the following:
put each package to an existing group (group without a hyphen or with the
-extra suffix), then add the packages to a new group, something like foo-suite
or whatever your want, provided that the name is not an existing group.
‘groups=('lib-extra’ 'foo-suite\')`
‘archs=('i686’ 'x86_64\')`
This array defines for which architectures the given package is available.
If it’s not available, it means that gensync will skip it when generating
package databases. If you are not able to provide a binary package for a
given arch, don’t include that in archs()! For example, no matter if the
package could be compiled in x86_64, if you haven’t compiled it
ourself, don’t include it.
up2date="lynx -dump http://www.kyz.uklinux.net/cabextract.php |grep 'cabextract \
source code' |sed 's/.*-\(.*\).t.*/\1/'"
A short command that will give us the latest stable version of the package.
This helps maintainers to keep the FST up to date. Usually this string
consists of three parts: a lynx -dump someurl, a grep foo, and a sed
command. We use the http protocol if possible, but sometimes we have to
use ftp. In that case instead of lynx -dump you should use
wget -O - -q. Of course, you could use wget all the time,
but lynx is simpler. The sed command could be replaced with the
combination of tr and cut if you prefer them instead of sed.
The example used above would be the following with cut and tr:
up2date="lynx -dump http://www.kyz.uklinux.net/cabextract.php |grep \
'cabextractsource code'|tr -s ' '|cut -d ' ' -f 6"
Here you define the sources of the package in a bash array.
You can use simple filenames for patches, or additional files
when you place them in the same directory where the FrugalBuild
script is. You can use URLs if you want makepkg to download them
automatically. It’s important to place all sources in the package’s
directory including the source files that you can download from a site.
Also when dowloading from sourceforge, please use Finclude sourceforge!
If you use various random patches from unknown sources, don’t expect that
somebody else will port those patches to a newer version. You will have to
do the work yourself. You have been warned! Actually try to avoid patches
unless they are really necessary (eg: secfix, bugfix).
A few words about the size of the sources. If you use an URL then the size is
almost unlimited, but if the source is not an url then the source will be added
to the FST when the package will be accepted. We don’t allow files bigger than
100KB in FST. To solve this problem, the sources for a given package are placed
in the /pub/other/sources/pkgname dir for each package. If the source is not
compressed, we use gzip or bzip2 to compess it first. After this one can use a
http://ftp.frugalware.org/pub/other/sources/pkgname/foo-styled URL for those
big sources.
‘sha1sums=('094e3afb2fe8dfe82f63731cdcd3b999f4856cff\’)`
Another bash array to prevent compiling from wrong sources. Of course this
is useless if you just run sha1sum foo.tar.gz after download. Try fetching
original sha1sums from the projects website, if possible. It’s a good idea
to leave a comment above this line about where to find these sha1sums.
As you can see there in no build() function in this FB. It’s because we have
wrote some F* functions to make our work easier. It’s somethin similar you can
see in gentoo for example. These functions can be found in source/include/util.sh
file inside the FST. An empty build actually means:
build() {
Fpatchall
Fmake "$@"
Fmakeinstall
if echo ${source[@]}|grep -q README.Frugalware; then
Fdoc README.Frugalware
fi
}
So Fpatchall will apply all the patches in source() array, then Fmake
calls the configure script and make command, then Fmakeinstall acts like
make install, finally if a README.Frugalware file is given it will also
add that to the package. For details see the utils.sh file, it’s well documented.
|
Note
|
You don’t have to use these F* commands, but we highly recommend it.
Also if you use simple commands do not forget to add || return 1 after
each command, so the build will stop on error! |
This line will be added automatically to the end of the FrugalBuild
if the build() function used your $CFLAGS or $CXXFLAGS. This is handy
if you want to cross-compile on a faster machine for a slower architecture.
Until the package doesn’t use our $CFLAGS we can’t cross-compile it,
so please try to avoid creating "unoptimized" packages. If the package
doesn’t contain any architecture-dependent file, then you can add this
line manually as makepkg will not detect this.
20.5. Full reference
Now here is a full list of directives available.
First, let’s start with the install directive. Here you can refer to an
install file (usually $pkgname.install) to use. If there is a $pkgname.install
in the FrugalBuild’s directory, it will be used automatically. In the
install file, you can define actions to be executed before/after
installing/upgrading/removing the package. A skeleton of this file can be found
under /docs/skel in FST.
Of course, you probably will not need all of these functions, just remove
what you don’t need. If you want to do exactly the same after upgrading as
after installing, feel free to use post_install $1 in the post_upgrade() function.
Save this file as $pkgname.install, thus makepkg will automatically use it.
You should not specify the install script in the source array as it is not used
in build().
The pkgname, pkgver, pkgrel, url, source and sha1sums directives were discussed
in the previous section.
The backup array is used to make some files in the package as config files.
If possible, we don’t modify config files during an upgrade. Example:
‘backup=('etc/pacman-g2.conf\’)`
Note that the leading slash is missing!
For more information about this, see the handling config files section in the
pacman-g2 manpage.
The depends array has been discussed already, except I haven’t mentioned
before that the elements may include version information, for example:
pkgname=kdewebdev
depends=('kdelibs=3.3.0')
Here you can use <>, ⇐, >= or = operators.
The makedepends array defines packages required only in build time. For example
if the source is in SRPM format, probably alien is a build-time requirement.
The rodepends array defines packages required only in runtime. It must be
used in any case when putting the given package to depends() would causecircular
dependency.
In the conflicts array, you can define a list of packages that shouldn’t be
installed if you want to install this package. Let’s see an another example:
pkgname=mutt-devel
conflicts=('mutt')
It is necessary as the two package almost the same, but the binaries differs.
In this case the mutt package must also contain this line: ‘conflicts=('mutt-devel\’)`.
Of course, if two or more packages conflict each other, only one of them can be
placed in a non-extra group.
The provides array is used to create virtual dependencies. It means both
postfix and sendmail provides mta, so we can do:
pkgname=mailman
rodepends=('mta')
The user has a choice between postfix and sendmail.
The last one in this list is the replaces directive. The module-init-tools
package is a good example:
pkgname=module-init-tools
replaces=('modutils')
conflicts=('modutils')
As you can see, we often make such new packages which also conflict with each
other. Using the replaces directive when users use pacman-g2 -Su next time, if
modutils is installed (probably :)), they will be asked to remove modutils
and install module-init-tools.
This directive is optional. At the moment, you may add such a field, but copy
the LICENSE field from the source root to the packages’s documentation dir, so
this isn’t really necessary.
20.6. Subpackages
Since 0.5 makepkg can also create subpackages. It is very useful when your
package has graphical parts based on qt for example. It’s a pain for gnome
users as they want the package, but they do not want the qt part. So you create
a subpackage for qt part and both side is happy. Let’s see an example:
# Compiling Time: 1.43 SBU
# Maintainer: crazy <crazy@frugalware.org>
pkgname=djvulibre
pkgver=3.5.18
pkgrel=2
pkgdesc="DjVu is a web-centric format for distributing documents and images."
depends=('libtiff' 'libjpeg')
makedepends=('kdelibs' 'gnome-mime-data' 'gnome-icon-theme' 'htop')
rodepends=('xdg-utils')
groups=('xapps')
archs=('i686' 'x86_64')
options=('scriptlet')
_F_sourceforge_dirname="djvu"
_F_sourceforge_broken_up2date=1
Finclude sourceforge
url="http://djvulibre.djvuzone.org/"
source=(${source[@]} head_-n1.patch no-OPTS-FLAGS-thx.patch)
subpkgs=('djview')
subdescs=('DjVu viewer for qt and mozilla plugins.')
subdepends=('libxi libgl qt libxmu')
subrodepends=('djvulibre')
subgroups=('xapps-extra')
subarchs=('i686 x86_64')
build()
{
Fcd
Fpatchall
Fautoreconf
export CFLAGS="$CFLAGS"
export CXXFLAGS="$CXXFLAGS"
Fconf \
--enable-threads \
--disable-desktopfiles \
--enable-xmltools \
--enable-djview
make depend || Fdie
make || Fdie
Fmakeinstall
Fln /usr/lib/netscape/plugins/nsdejavu.so \
/usr/lib/mozilla/plugins/nsdejavu.so
Fln djview3.1.gz usr/share/man/man1/djview.1
Fsplit djview usr/bin/djview
Fsplit djview usr/bin/djview3
Fsplit djview usr/lib/mozilla
Fsplit djview usr/lib/netscape
for i in . ja; do
[[ $i == . ]] && Fsplit djview usr/share/man/$i/man1/djview.1
Fsplit djview usr/share/man/$i/man1/djview3.1
Fsplit djview usr/share/man/$i/man1/nsdejavu.1
done
Fsplit djview usr/share/djvu/djview3
}
Here you can see the djvulibre FrugalBuild. Note subpkgs, subdescs, subdepends,
subgroups and subarchs. These 5 value is lethal for a subpackage. There are
other subpackage variables too of course. See man FrugalBuild for details.
Also note that bash does not support two-dimensional arrays, so when defining
the array of arrays, then quotes are the major separators and spaces are the minor ones.
Defining the subpackage is only the first part of creating a subpackage. You have
to tell makepkg which files you want to put in the subpackage. We use Fsplit command
for this. First parameter is the subpackage name, second is the file you want to move.
Please never use a trailing slash when defining file patterns, especially if you use
wildcards in it!
If you need more example just take a look on avahi FrugalBuild in network group.
|
Note
|
Use subpackages when they are necessary, but do not start making foo-devel, foo-common,
foo-not-so-common, foo-quite-common-but-not-that-common packages :) Making too
much subpackage makes maintaining too hard and simplicity is the frugal way. |
20.7. Compiling the package
That’s fairly simple. In the package directory you should do exactly the same
as described in the Recompiling packages section. If you want to contribute
this package to the Frugalware project, then go to BTS,
open a feature request and upload each non-downloadable file (ie. FrugalBuild,
install scriptlet, patches) as an attachement.
Please do not forget to check your FrugalBuild with fblint command before uploading
it. Fblint is available in pacman-tools package.
20.8. Kernel modules
A few words about kernel modules. They’re special as even if you installed the
correct version of the kernel (and kernel-source) package, sometimes the modules
are compiled for the running kernel, so you have to check if compiling against
other kernel version than the running one works or not. You can use the modinfo
command for this. If crosscompiling does not work always add Fcheckkernel to the
build(). So here is the list of conditions a kernel module package have to
satisfy:
1) Should depend on kernel=version, where version is the version of the kernel
defined in $fst_root/source/include/kernel-module.sh. (Always use up-to-date FST!)
2) Should Finclude the kernel-module scheme.
3) If you want to use a custom install script (saying running just depmod -a
after the install/upgrade is not enough for you) then the install script
should run depmod -a. Otherwise the scheme will provide so a scriptlet which
does so.
4) build() should call Fcheckkernel to ensure the module will be compiled for
the right kernel version or it should be commented if you have checked the
compiling for other kernel version. It is good for out build servers as they
may not run the kernel provided by the given package tree. (They can’t run
-stable and -current kernels at the same time :) ).
5) Kernel modules may be installed for the not-currently-running kernel. To
ensure they are registered properly, you need to use the
Fbuild_kernelmod_scriptlet function. It generates the proper install scriptlet
for you.
See man kernel-module.sh for more info.
20.9. Repoman
Repoman is simple tool to download all packages' buildscript and compile
programs from source.
The most commonly used repoman commands are the followings:
builds a package from source and installs it. You can configure the build
options in the makepkg_opts directive of /etc/repoman.conf.
By default repoman will install the missing dependencies with pacman, clean up
the leftover work files, install the package, and write the resulting package
to the current working directory.
updates FST in /var/fst (or the directory set in ~/.repoman.conf). First time
repoman will download it (it may take some time!).