oe7drt-website/content/notes/archlinux/index.md

513 lines
14 KiB
Markdown

---
title: Archlinux
date: 2023-11-29T20:33:48+0100
lastmod: 2024-10-26T11:51:51+0000
tags:
- archlinux
- systemd
#showDate: false
showReadingTime: false
showWordCount: false
showPagination: false
#showAuthor: false
showBreadcrumbs: true
feed_exclude: true
# site_exclude: true
---
Arch Linux
## Systemd Unit files
A nice and informative article about unit files.
<https://www.digitalocean.com/community/tutorials/understanding-systemd-units-and-unit-files>
## Unlock locked user accounts
If your user account is locked, wait 15 minutes (usually) and you can try again.
If you need to unlock your account immediately: run this command (if you have another user
that can login on the box):
```console
$ sudo faillock --user dominic --reset
```
Calling `faillock` without arguments show an overview.
## Predictable network interfaces
Get back the "old" interface names like `eth0` or `wlan0` with
{{< man systemd.link 5 >}}.
### Ethernet
This makes my ethernet interface be called **eth0** again.
Create `/usr/lib/systemd/network/80-ether.link` with this content:
```systemd
[Match]
Type=ether
[Link]
NamePolicy=keep kernel
```
Reboot.
### Wireless
This makes my wireless interface be called **wlan0** again.
Create `/usr/lib/systemd/network/80-wlan.link` with this content:
```systemd
[Match]
Type=wlan
[Link]
NamePolicy=keep kernel
```
Reboot.
## Setup WiFi networks
### Using **iwctl**
```console
$ iwctl device list
$ iwctl station wlan0 scan
$ iwctl station wlan0 get-networks
$ iwctl station wlan0 connect {ssid}
```
### Using **nmcli** (NetworkManager)
```console
$ nmcli device wifi list
$ nmcli device wifi rescan
$ nmcli device wifi connect {ssid} --ask
$ nmcli device wifi show-password
```
Last command shows the connected SSID and a QR-code within the terminal.
### Using NetworkManager
We create some files in `/etc/NetworkManager/conf.d`:
#### Using `iwd` as the WiFi backend
`wifi_backend.conf`:
```ini
[device]
wifi.backend=iwd
```
#### Using `dhcpcd` as DHCP client
`dhcp-client.conf`:
```ini
[main]
dhcp=dhcpcd
```
### Using **systemd-networkd**
```console
# wpa_passphrase MyNetwork SuperSecretPassphrase > /etc/wpa_supplicant/wpa_supplicant-wlan0.conf
# systemctl enable wpa_supplicant@wlan0
```
Create `/etc/systemd/network/00-wireless-dhcp.network` and fill it with:
```systemd
[Match]
Name=wlan0
[Network]
DHCP=yes
```
Enable <kbd>systemd-networkd</kbd>:
```console
# systemctl enable systemd-networkd.service
```
Reboot.
## Using the CPU with hashcat
```console
$ hashcat -I
hashcat (v6.2.6) starting in backend information mode
OpenCL Info:
============
OpenCL Platform ID #1
Vendor..: Intel(R) Corporation
Name....: Intel(R) OpenCL Graphics
Version.: OpenCL 3.0
Backend Device ID #1
Type...........: GPU
Vendor.ID......: 8
Vendor.........: Intel(R) Corporation
Name...........: Intel(R) UHD Graphics 620
Version........: OpenCL 3.0 NEO
Processor(s)...: 24
Clock..........: 1150
Memory.Total...: 14368 MB (limited to 2047 MB allocatable in one block)
Memory.Free....: 7136 MB
Local.Memory...: 64 KB
OpenCL.Version.: OpenCL C 1.2
Driver.Version.: 24.31.30508
```
This is what I've seen on `hashcat -I` for a long time now but I never dig myself
into this "problem" -- but today I tried to find the reason why there is no CPU
listed on my Carbon X1 Gen7 laptop.
After a few minutes doing some trial & error I finally got the CPU listed after
installing _pocl_.
```console
$ paru -S pocl
```
Or, on my gaming laptop running a cheap clone of Ubuntu:
```console
$ sudo apt install pocl-opencl-icd
```
Now my `hashcat -I` looks like this:
```console
$ hashcat -I took 6s
hashcat (v6.2.6) starting in backend information mode
OpenCL Info:
============
OpenCL Platform ID #1
Vendor..: Intel(R) Corporation
Name....: Intel(R) OpenCL Graphics
Version.: OpenCL 3.0
Backend Device ID #1
Type...........: GPU
Vendor.ID......: 8
Vendor.........: Intel(R) Corporation
Name...........: Intel(R) UHD Graphics 620
Version........: OpenCL 3.0 NEO
Processor(s)...: 24
Clock..........: 1150
Memory.Total...: 14368 MB (limited to 2047 MB allocatable in one block)
Memory.Free....: 7136 MB
Local.Memory...: 64 KB
OpenCL.Version.: OpenCL C 1.2
Driver.Version.: 24.31.30508
OpenCL Platform ID #2
Vendor..: The pocl project
Name....: Portable Computing Language
Version.: OpenCL 3.0 PoCL 6.0 Linux, Release, RELOC, LLVM 18.1.8, SLEEF, DISTRO, POCL_DEBUG
Backend Device ID #2
Type...........: CPU
Vendor.ID......: 128
Vendor.........: GenuineIntel
Name...........: cpu-haswell-Intel(R) Core(TM) i7-8665U CPU @ 1.90GHz
Version........: OpenCL 3.0 PoCL HSTR: cpu-x86_64-pc-linux-gnu-haswell
Processor(s)...: 8
Clock..........: 4800
Memory.Total...: 13716 MB (limited to 2048 MB allocatable in one block)
Memory.Free....: 6826 MB
Local.Memory...: 256 KB
OpenCL.Version.: OpenCL C 1.2 PoCL
Driver.Version.: 6.0
```
## Paru / Pacman
Found on [andreas-mausch.de](https://cheatsheets.andreas-mausch.de/paru) and
I had to copy this to my notes archive here...
<!-- paru start -->
### Install
#### install
```console
$ paru -S <package>
```
#### Edit PKGBUILD and skip checksum check
```console
$ paru -S gnucash-xbt --fm helix --mflags "--skipchecksums"
```
#### uninstall (-n: no backup files; -s: remove dependencies)
```console
$ paru -Rns <package>
```
#### system update
```console
$ paru -Syu
```
### Mirrors
#### select fastest
```console
$ sudo pacman-mirrors --fasttrack
```
#### select by country
```console
$ sudo pacman-mirrors --country Germany,France,Austria
```
### Search repo
#### search package
```console
$ paru -Ss <package>
```
#### package details
```console
$ paru -Si <package>
```
#### list files
```console
$ paru -Fl <package>
```
#### find package for file
```console
$ pkgfile <filename>
```
#### search command
```console
$ paru -F glxinfo
```
### Installed packages
#### search package
```console
$ paru -Qs <package>
```
#### package details
```console
$ paru -Qii <package>
```
#### list files
```console
$ paru -Ql <package>
```
#### orphans
```console
$ paru -Qdt
```
#### manually installed (list all aur)
```console
$ pacman -Qm
```
### Clean-up
#### clear cache
```console
$ paru -Sc
```
### Official repo vs. AUR
#### repo
```console
$ paru -[...] --repo
```
#### aur
```console
$ paru -[...] --aur
```
<!-- paru end -->
## Blocking IPs from a list with ipset
Using [ipset](https://wiki.archlinux.org/title/Ipset) should increase performance
on the box, also using the raw table should not create useless states as for what
I understand from the source article on
[serverfault.com](https://serverfault.com/a/823336).
```console
$ sudo ipset -N badips iphash
$ while read ip; do sudo ipset -A badips "$ip"; done < blocked.txt
$ sudo iptables -t raw -I PREROUTING -m set --match-set badips src,dst -j DROP
$ sudo iptables-save -f /etc/iptables/iptables.rules
```
Enable iptables in case it is not running yet.
```console
$ sudo systemctl enable --now iptables.service
```
Also make the ipset configuration persistent:
```console
$ sudo ipset save -file /etc/ipset.conf
$ sudo systemctl enable ipset.service
```
Reboot to test its persistency.
## Do not manage one specific USB dongle
`99-unmanaged-devices.conf`:
```ini
[keyfile]
unmanaged-devices=mac:xx:xx:xx:xx:xx:xx
```
## Prefer local DNS instead of systemd-resolved defaults
<https://unix.stackexchange.com/a/442599>
## CPU frequency scaling
<https://wiki.archlinux.org/title/CPU_frequency_scaling>
## YubiKeys
<https://wiki.archlinux.org/title/YubiKey>
## LunarVim custom key mappings
I know, this is an Arch Linux post but hey, I don't care.
<https://github.com/LunarVim/LunarVim/issues/2602>
## Mounting nfs shares with systemd
<https://wiki.archlinux.org/title/NFS#Mount_using_/etc/fstab_with_systemd>
## Arch Linux ARM installation on a Raspberry Pi 2
The wiki page is for Raspberry Pi 4.
<https://archlinuxarm.org/platforms/armv8/broadcom/raspberry-pi-4>
## Create a 32-bit Wine prefix
I create my wine prefixes usually like this:
```console
$ export WINEPREFIX=/home/dominic/.wine-winlink
$ export WINEARCH=win32
$ wine wineboot
```
## Installing multiple ruby versions
I came to the point to test an older website from me and it was made with
Jekyll which I had to install quickly. Problems occured with OpenSSL and I
finally managed to install ruby version 2.7.1 and 3.0.0 in my home directory.
```console
$ rvm pkg install openssl
$ rvm install "ruby-3.0.0" --with-openssl-dir=$HOME/.rvm/usr
$ rvm install "ruby-2.7.1" --with-openssl-dir=$HOME/.rvm/usr
```
Later in the desired directory, I re-installed the gems because with ruby 2.7.1
I got another "Directory not found" error.
I had to do this because I used ruby 2.7.1 on one website.
```console
$ bundle install --force
```
## Bigger font for systemd-boot
Edit `/boot/loader/loader.conf`:
```
console-mode 0
```
Possible settings are:
| Value | Description |
| :---- | :------------------------------------------------------------------ |
| 0 | Standard UEFI 80x25 mode |
| 1 | 80x50 mode, not supported by all devices |
| 2 | the first non-standard mode provided by the device firmware, if any |
| auto | Pick a suitable mode automatically using heuristics |
| max | Pick the highest-numbered available mode |
| keep | Keep the mode selected by firmware (the default) |
More details can be found in {{< man loader.conf 5 >}}.
## Manual sections
| Section | Description |
| :------ | :----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| 1 | Section 1 of the manual describes **user commands** and tools, for example, file manipulation tools, shells, compilers, web browsers, file and image viewers and editors, and so on |
| 2 | Section 2 of the manual describes the Linux **system calls**. A system call is an entry point into the Linux kernel. Usually, system calls are not invoked directly: instead, most system calls have corresponding C library wrapper functions which perform the steps required (e.g., trapping to kernel mode) in order to invoke the system call. Thus, making a system call looks the same as invoking a normal library function. |
| 3 | Section 3 of the manual describes all **library functions** excluding the library functions (system call wrappers) described in Section 2, which implement system calls. |
| 4 | Section 4 of the manual describes **special files (devices)**. |
| 5 | Section 5 of the manual describes various **file formats**, as well as the **corresponding C structures**, if any. |
| 6 | Section 6 of the manual describes the **games** and funny little programs available on the system. |
| 7 | Section 7 of the manual provides **overviews on various topics**, and describes conventions and protocols, character set standards, the standard filesystem layout, and miscellaneous other things. |
## Encoding videos with ffmpeg
This is not an Arch way of encoding videos, but since I do this on my...
```console
$ ffmpeg -i <input> -c:v libx264 -b:v 1M -maxrate 1M -bufsize 2M -pass 1 -f null /dev/null
$ ffmpeg -i <input> -c:v libx264 -b:v 1M -maxrate 1M -bufsize 2M -pass 2 <output>
```