--- title: Archlinux date: 2023-11-29T20:33:48+0100 lastmod: 2025-01-18T21:19:27+0000 tags: - archlinux - systemd #showDate: false showReadingTime: false showWordCount: false showPagination: false #showAuthor: false showBreadcrumbs: true feed_exclude: true # site_exclude: true --- Arch Linux ## Systemd Unit files A nice and informative article about unit files. ## Unlock locked user accounts If your user account is locked, wait 15 minutes (usually) and you can try again. If you need to unlock your account immediately: run this command (if you have another user that can login on the box): ```console $ sudo faillock --user dominic --reset ``` Calling `faillock` without arguments show an overview. ## Predictable network interfaces Get back the "old" interface names like `eth0` or `wlan0` with {{< man systemd.link 5 >}}. ### Ethernet This makes my ethernet interface be called **eth0** again. Create `/usr/lib/systemd/network/80-ether.link` with this content: ```systemd [Match] Type=ether [Link] NamePolicy=keep kernel ``` Reboot. ### Wireless This makes my wireless interface be called **wlan0** again. Create `/usr/lib/systemd/network/80-wlan.link` with this content: ```systemd [Match] Type=wlan [Link] NamePolicy=keep kernel ``` Reboot. ## Setup WiFi networks ### Using **iwctl** ```console $ iwctl device list $ iwctl station wlan0 scan $ iwctl station wlan0 get-networks $ iwctl station wlan0 connect {ssid} ``` ### Using **nmcli** (NetworkManager) ```console $ nmcli device wifi list $ nmcli device wifi rescan $ nmcli device wifi connect {ssid} --ask $ nmcli device wifi show-password ``` Last command shows the connected SSID and a QR-code within the terminal. ### Using NetworkManager We create some files in `/etc/NetworkManager/conf.d`: #### Using `iwd` as the WiFi backend `wifi_backend.conf`: ```ini [device] wifi.backend=iwd ``` #### Using `dhcpcd` as DHCP client `dhcp-client.conf`: ```ini [main] dhcp=dhcpcd ``` ### Using **systemd-networkd** ```console # wpa_passphrase MyNetwork SuperSecretPassphrase > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf # systemctl enable wpa_supplicant@wlan0 ``` Create `/etc/systemd/network/00-wireless-dhcp.network` and fill it with: ```systemd [Match] Name=wlan0 [Network] DHCP=yes ``` Enable systemd-networkd: ```console # systemctl enable systemd-networkd.service ``` Reboot. ## Using the CPU with hashcat ```console $ hashcat -I hashcat (v6.2.6) starting in backend information mode OpenCL Info: ============ OpenCL Platform ID #1 Vendor..: Intel(R) Corporation Name....: Intel(R) OpenCL Graphics Version.: OpenCL 3.0 Backend Device ID #1 Type...........: GPU Vendor.ID......: 8 Vendor.........: Intel(R) Corporation Name...........: Intel(R) UHD Graphics 620 Version........: OpenCL 3.0 NEO Processor(s)...: 24 Clock..........: 1150 Memory.Total...: 14368 MB (limited to 2047 MB allocatable in one block) Memory.Free....: 7136 MB Local.Memory...: 64 KB OpenCL.Version.: OpenCL C 1.2 Driver.Version.: 24.31.30508 ``` This is what I've seen on `hashcat -I` for a long time now but I never dig myself into this "problem" -- but today I tried to find the reason why there is no CPU listed on my Carbon X1 Gen7 laptop. After a few minutes doing some trial & error I finally got the CPU listed after installing _pocl_. ```console $ paru -S pocl ``` Or, on my gaming laptop running a cheap clone of Ubuntu: ```console $ sudo apt install pocl-opencl-icd ``` Now my `hashcat -I` looks like this: ```console $ hashcat -I took 6s hashcat (v6.2.6) starting in backend information mode OpenCL Info: ============ OpenCL Platform ID #1 Vendor..: Intel(R) Corporation Name....: Intel(R) OpenCL Graphics Version.: OpenCL 3.0 Backend Device ID #1 Type...........: GPU Vendor.ID......: 8 Vendor.........: Intel(R) Corporation Name...........: Intel(R) UHD Graphics 620 Version........: OpenCL 3.0 NEO Processor(s)...: 24 Clock..........: 1150 Memory.Total...: 14368 MB (limited to 2047 MB allocatable in one block) Memory.Free....: 7136 MB Local.Memory...: 64 KB OpenCL.Version.: OpenCL C 1.2 Driver.Version.: 24.31.30508 OpenCL Platform ID #2 Vendor..: The pocl project Name....: Portable Computing Language Version.: OpenCL 3.0 PoCL 6.0 Linux, Release, RELOC, LLVM 18.1.8, SLEEF, DISTRO, POCL_DEBUG Backend Device ID #2 Type...........: CPU Vendor.ID......: 128 Vendor.........: GenuineIntel Name...........: cpu-haswell-Intel(R) Core(TM) i7-8665U CPU @ 1.90GHz Version........: OpenCL 3.0 PoCL HSTR: cpu-x86_64-pc-linux-gnu-haswell Processor(s)...: 8 Clock..........: 4800 Memory.Total...: 13716 MB (limited to 2048 MB allocatable in one block) Memory.Free....: 6826 MB Local.Memory...: 256 KB OpenCL.Version.: OpenCL C 1.2 PoCL Driver.Version.: 6.0 ``` ## Paru / Pacman Found on [andreas-mausch.de](https://cheatsheets.andreas-mausch.de/paru) and I had to copy this to my notes archive here... ### Install #### install ```console $ paru -S ``` #### Edit PKGBUILD and skip checksum check ```console $ paru -S gnucash-xbt --fm helix --mflags "--skipchecksums" ``` #### uninstall (-n: no backup files; -s: remove dependencies) ```console $ paru -Rns ``` #### system update ```console $ paru -Syu ``` ### Mirrors #### select fastest ```console $ sudo pacman-mirrors --fasttrack ``` #### select by country ```console $ sudo pacman-mirrors --country Germany,France,Austria ``` ### Search repo #### search package ```console $ paru -Ss ``` #### package details ```console $ paru -Si ``` #### list files ```console $ paru -Fl ``` #### find package for file ```console $ pkgfile ``` #### search command ```console $ paru -F glxinfo ``` ### Installed packages #### search package ```console $ paru -Qs ``` #### package details ```console $ paru -Qii ``` #### list files ```console $ paru -Ql ``` #### orphans ```console $ paru -Qdt ``` #### manually installed (list all aur) ```console $ pacman -Qm ``` ### Clean-up #### clear cache ```console $ paru -Sc ``` ### Official repo vs. AUR #### repo ```console $ paru -[...] --repo ``` #### aur ```console $ paru -[...] --aur ``` ## Blocking IPs from a list with ipset Using [ipset](https://wiki.archlinux.org/title/Ipset) should increase performance on the box, also using the raw table should not create useless states as for what I understand from the source article on [serverfault.com](https://serverfault.com/a/823336). ```console $ sudo ipset -N badips iphash $ while read ip; do sudo ipset -A badips "$ip"; done < blocked.txt $ sudo iptables -t raw -I PREROUTING -m set --match-set badips src,dst -j DROP $ sudo iptables-save -f /etc/iptables/iptables.rules ``` Enable iptables in case it is not running yet. ```console $ sudo systemctl enable --now iptables.service ``` Also make the ipset configuration persistent: ```console $ sudo ipset save -file /etc/ipset.conf $ sudo systemctl enable ipset.service ``` Reboot to test its persistency. ## Do not manage one specific USB dongle `99-unmanaged-devices.conf`: ```ini [keyfile] unmanaged-devices=mac:xx:xx:xx:xx:xx:xx ``` ## Prefer local DNS instead of systemd-resolved defaults ## CPU frequency scaling ## YubiKeys ## LunarVim custom key mappings I know, this is an Arch Linux post but hey, I don't care. ## Mounting nfs shares with systemd ## Arch Linux ARM installation on a Raspberry Pi 2 The wiki page is for Raspberry Pi 4. ## Create a 32-bit Wine prefix I create my wine prefixes usually like this: ```console $ export WINEPREFIX=/home/dominic/.wine-winlink $ export WINEARCH=win32 $ wine wineboot ``` ## Installing multiple ruby versions I came to the point to test an older website from me and it was made with Jekyll which I had to install quickly. Problems occured with OpenSSL and I finally managed to install ruby version 2.7.1 and 3.0.0 in my home directory. ```console $ rvm pkg install openssl $ rvm install "ruby-3.0.0" --with-openssl-dir=$HOME/.rvm/usr $ rvm install "ruby-2.7.1" --with-openssl-dir=$HOME/.rvm/usr ``` Later in the desired directory, I re-installed the gems because with ruby 2.7.1 I got another "Directory not found" error. I had to do this because I used ruby 2.7.1 on one website. ```console $ bundle install --force ``` ## Bigger font for systemd-boot Edit `/boot/loader/loader.conf`: ``` console-mode 0 ``` Possible settings are: | Value | Description | | :---- | :------------------------------------------------------------------ | | 0 | Standard UEFI 80x25 mode | | 1 | 80x50 mode, not supported by all devices | | 2 | the first non-standard mode provided by the device firmware, if any | | auto | Pick a suitable mode automatically using heuristics | | max | Pick the highest-numbered available mode | | keep | Keep the mode selected by firmware (the default) | More details can be found in {{< man loader.conf 5 >}}. ## Manual sections | Section | Description | | :------ | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | 1 | Section 1 of the manual describes **user commands** and tools, for example, file manipulation tools, shells, compilers, web browsers, file and image viewers and editors, and so on | | 2 | Section 2 of the manual describes the Linux **system calls**. A system call is an entry point into the Linux kernel. Usually, system calls are not invoked directly: instead, most system calls have corresponding C library wrapper functions which perform the steps required (e.g., trapping to kernel mode) in order to invoke the system call. Thus, making a system call looks the same as invoking a normal library function. | | 3 | Section 3 of the manual describes all **library functions** excluding the library functions (system call wrappers) described in Section 2, which implement system calls. | | 4 | Section 4 of the manual describes **special files (devices)**. | | 5 | Section 5 of the manual describes various **file formats**, as well as the **corresponding C structures**, if any. | | 6 | Section 6 of the manual describes the **games** and funny little programs available on the system. | | 7 | Section 7 of the manual provides **overviews on various topics**, and describes conventions and protocols, character set standards, the standard filesystem layout, and miscellaneous other things. |