GNU/Linux

Table of Contents

GNU/Linux refers to the operating system composed of the Linux kernel and the GNU softwares.

1. Bootup

1.1. Linux Startup Sequence

  1. Physical Power On
  2. Firmware
    • BIOS/UEFI
    • POST (Power-On Self Test)
  3. Bootloader
    • Load kernel image
    • Initialize kernel and root filesystem
  4. initramfs (Optional)
    • Load device drivers (kernel modules)
  5. Init System
    • Start services and units
  6. Display Manager (GUI) or Login (Terminal)
    • User authentication
    • Start user environment
  7. Display Server (and Desktop Environment)

1.2. Firmware

The startup codes that are built into the motherboard stored in a dedicated memory.

1.2.1. Devicetree

Data Structure for describing hardware.

Used by OpenFirmware, OpenPOWER Abstraction Layer (OPAL), Power Architecture Platform Requirements (PAPR) and in the standalone Flattened Device Tree (FDT) form

1.2.2. UEFI

Unified Extensible Firmware Interface.

A firmware architecture spec. Contains ACPI. Originally developed by Intel under the name of EFI.

UEFI or BIOS can be entered by tapping F1,2,7,9,10,12 or DEL on bootup.

1.3. Bootloader

1.3.1. GRUB

1.3.2. systemd-boot

See .

2. Linux Kernel

It contains generic information about the kernel. For detailed implementations see each sections about the subject.

  • A monolithic kernel.
  • It is a single executable named vmlinuz. vm means that it supports virtual memory and z at the end means that it

is compressed.

2.1. Initramdisk

Linux kernel uses initramfs archived as initcpio within initramdisk until the root is mounted.

2.1.1. mkinitcpio

Generate the ramdisk as specified in *.preset---linux.preset for linux package.

cpio is used

  • -P generate all presets
  • -p <preset> generate the preset specified in <preset>.preset

2.2. Executable and Linkable Format

ELF

The Unix file format for the executables.

2.2.1. Structure

  • ELF Header
    • Architecture
    • Endianness
    • Offset and number of Program Headers and Section Headers
  • Program Headers: How to load an executable or shared library into a memory?
    • The memory layout
    • Thread Local Storage(TLS)
    • Dynamic: Dynamic Linking(Load)
  • Data
  • Section Headers
    • Init Array
    • Symbol Table
    • Dynamic Symbol Table
    • Relocation
    • The request for the external parts to fill in the addresses for certain functions.

2.3. Processes

From core/procps-ng, ps pull the process informations, pstree create tree using PPIDs, top monitor processes.

  • /proc/sys/ It contains the global configurations.
  • /proc/<pid>/mem virtual memory of the process Getting up in another processes memory - YouTube
  • /proc/<pid>/maps is the page map of that memory.
  • /proc/<pid>/fd/ file descriptors
    • Each process has its own file descriptors.
    • which also can also be accessed by the symbolic link /dev/fd/ -> /proc/self/fd/
    • /dev/stdin -> /proc/self/0 -> /dev/pts/0 /dev/stdout -> /proc/self/1 -> \dev/pts/0 /dev/stderr -> /proc/self/2 -> /dev/pts/0
    • If a process is started by a shell, then
      • 0 is the shell if ran by itself, or a pipe object from the previous command if it is being piped.
      • 1 and 2 points to the virtual console or the pipe
      • 3 is the pipe object to the next command.
      • 255 is the source file itself.
  • /proc/<pid>/net/ exposes the network informations.
    • tcp and tcp6 contains every TCP sockets within the namespace, which is by default same for every process.
    • The local_address and rem_address are provided in hex. with the IPv4 address being in small endian.
    • See the official documentation
  • The inode of the socket is used to reference it with the file descriptor: fd -> socket:[inode]
  • /proc/<pid>/ns/ contains the references to the namespaces that the process is in.
    • They are special files cgroup:[<inode>], ipc:[<inode>], pid:[<inode>], …

2.3.1. Scheduling

  • sched(7)
    • The scheduling is done by the CFS(completely fair scheduler), since Linux 2.6.23.
  • The interrupt to the kernel is called after a set amount of period set by the kernel, preventing a process to loop forever.
2.3.1.1. Autogrouping
  • When autogrouping is enabled, the members of an autogroup are placed within the same task group.
2.3.1.2. Niceness
2.3.1.3. Priority

2.3.2. Flags

  • 4..1..+

2.3.3. Control Group

cgroup

  • Hierarchical group structure that can control a group of processes.
    • Features
    • Resource Limiting
    • Prioritization
    • Accounting
    • Crontrol
    • /sys/fs/cgroup/ contains the cgroup informations.

2.3.4. Debugging

  • ptrace(2) allows to look into other processes. The default policy only allows the root to access it.
    • In Python, use ctypes.CDLL for including external C libraries or, just use the python_ptrace package.
  • ftrace

2.4. System Calls

The system calls is a special kind of interrupt request. The kernel sets the request handler in a kernel mode, and the user mode process can call interrupt into it, while temporarily changing into kernel mode.

See How a Single Bit Inside Your Processor Shields Your Operating System's Integr…

2.5. Network

2.5.1. ip

ip(8) is used to interact with the kernel network stack.

  • $ ip
    • link active connection between two physical-layer interfaces.
      • add dev <device> type <type>
      • delete dev <device>
    • interface physical or virtual interface can be used to connect. IP addresses are assigned to interfaces.
    • device physical, such as hosts and routers, or virtual devices can have multiple interfaces.
    • address manage IP addresses of interfaces.
      • add <CIDR> dev <device>
      • delete <CIDR> dev <device>
      • show [dev <device>] [scope {host|link|global}]
    • tc traffic control
      • It configures the Linux kernel packet scheduler.
    • route, rule See routing.

Lower-layer devices like switches and repeaters don't use IP addresses for their basic function.

2.5.2. iptables

The simplified packet flow diagram:

                               XXXXXXXXXXXXXXXXXX
                             XXX     Network    XXX
                               XXXXXXXXXXXXXXXXXX
                                       +
                                       |
                                       v
 +-------------+              +------------------+
 |table: filter| <---+        | table: nat       |
 |chain: INPUT |     |        | chain: PREROUTING|
 +-----+-------+     |        +--------+---------+
       |             |                 |
       v             |                 v
 [local process]     |           ****************          +--------------+
       |             +---------+ Routing decision +------> |table: filter |
       v                         ****************          |chain: FORWARD|
\****************                                           +------+-------+
Routing decision                                                  |
\****************                                                  |
       |                                                          |
       v                        ****************                  |
+-------------+       +------>  Routing decision  <---------------+
|table: nat   |       |         ****************
|chain: OUTPUT|       |               +
+-----+-------+       |               |
      |               |               v
      v               |      +-------------------+
+--------------+      |      | table: nat        |
|table: filter | +----+      | chain: POSTROUTING|
|chain: OUTPUT |             +--------+----------+
+--------------+                      |
                                      v
                               XXXXXXXXXXXXXXXXXX
                             XXX    Network     XXX
                               XXXXXXXXXXXXXXXXXX

Userspace utility to interact with the kernel-level firewall.

  • $ iptables
    • -t [filter|nat|mangle|raw] table. filter by default
    • --list, -L [<chain>] list
      • -vL verbose: include packet and data count and interface names.
      • -nL numeric: print IP addresses and port numbers in numeric format.
    • --append, -A <chain> <rule spec> append at the end
    • --insert, -I <chain> <rule spec> insert at the start
    • --replace, -R <chain> N <rule spec> replace
    • --delete, -D <chain> N

<rule spec> include any of the following matches:

  • -p <proto> protocol
  • -s <source CIDR> source IP
  • --dport <port num> destination port
  • --sport <port num>
  • -i, -o in or out interface
  • -m <match> use extension modules
    • tcp
    • state

and the target:

  • -j <action>.
2.5.2.1. Actions
  • ACCEPT pass to the next chain
  • MASQUERADE override the source address of the packet with the IP address of interface.
    • The response packets are automatically redirected to the requestor, based on the conntrack managed by the kernel.
  • DNAT override the destination address
    • --to-destination IP:PORT
  • SNAT override the source address

2.5.3. nftables

The successor of the iptables.

part of Netfilter project, that combines {ip,ip6,arp,eb}tables.

2.5.4. Routing

Routing is performed in the kernel.

  • $ ip route
    • add <destination CIDR> [via <gateway ip>] dev <device> [table <table id>]
      • <table id> is main by default. Different tables are looked up depending on the context.
    • del ...

$ routel or $ ip route list [table main|local|global|all] lists the routing table that looks like <dest> via <nexthop ip> dev <device> proto <proto> scope <scope> src <source ip> metric <num>, each meaning the following:

  • protocol specifies the protocol that installed this route.
    • boot during bootup
    • kernel during kernel autoconfiguration
    • static by the administrator
    • dhcp by DHCP
    • redirect due to ICMP redirect
    • ra by Router Discovery protocol
  • scope host for local routing within the system, and link for direct unicast and broadcast.
  • $ ip rule set the rules for which table to look up.
    • add <selector> <action> action can include looking up specific table, doing NAT.
      • Selector can be fwmark (firewall mark) of the packet, which allows different routing rule for a specific process.
    • del <selector <action>
    • show [<selector>]

2.6. Kernel Modules

  • kmod is the package containing module management tools.
  • modinfo <modname> to see information about a module.
  • modprobe {<mod_name> | <mod_alias>} or insmod <mod_filename> to load a module and modprobe -r <modname> or rmmod <modname> to unload a module.
  • An .o, object file is linked to the kernel, producing .ko, kernel object file which can be executed through insmod command.
  • The list of currently running modules is shown by lsmod command.

2.6.1. Modalias

Modalias - ArchWiki

Module Alias

  • A device provides hardware information and it is exposed in /sys/devices/.../modalias
    • pci:v00008086d000024DBsv0000103Csd0000006Abc01sc01i8A
    • v: Vender ID, d: Device ID
      • Specify the device. Rendered as xxxx:xxxx - sv: Subsystem Vender ID, sd: Subsystem Device ID
    • bc: Base Calss, sc: Subclass
      • Specify the functionality of the device. Rendered as xxxx
    • i: Programming Interface
  • depmod collects the modalias from each device drivers and make a list in /lib/modules/$(uname -r)/, in

particular modules.alias, so that depmod can matched the modalias of the hardware to when modprobe is executed.

2.6.2. Device Drivers

A driver kernel module exposes implementations of systemcalls for specific devices to the kernel.

2.6.3. DKMS

Dynamic Kernel Module Support.

  • Framwork for incorporating modules outside of kernel. Automatically

recompiles DKMs when kernel recomplies, to keep things working.

  • linux-headers is required to build the module against.
  • dkms
  • status
  • install
  • remove

2.7. Configuration

  • sysctl can be used to configure kernel

3. Init System

3.1. systemd

  • systemd(1)
  • System and service manager for Linux operating systems.
  • It is the init system when run as the first process — PID 1.

3.1.1. Initialization

  • systemd-analyze command can be used to track the bootup time.
3.1.1.1. System Manager Bootup
  • They are installed in /etc/systemd/system/
  • It activates all dependencies of default.target. This is done in parallel.

    • default.target is a symlink to graphical.target or

    multi-user.target.

    • display-manager.service is also a symlink for the desktop

    managers

    • e.g. gdm.service, sddm.service.
                             cryptsetup-pre.target veritysetup-pre.target
                                                  |
(various low-level                                v
 API VFS mounts:             (various cryptsetup/veritysetup devices...)
 mqueue, configfs,                                |    |
 debugfs, ...)                                    v    |
 |                                  cryptsetup.target  |
 |  (various swap                                 |    |    remote-fs-pre.target
 |   devices...)                                  |    |     |        |
 |    |                                           |    |     |        v
 |    v                       local-fs-pre.target |    |     |  (network file systems)
 |  swap.target                       |           |    v     v                 |
 |    |                               v           |  remote-cryptsetup.target  |
 |    |  (various low-level  (various mounts and  |  remote-veritysetup.target |
 |    |   services: udevd,    fsck services...)   |             |              |
 |    |   tmpfiles, random            |           |             |    remote-fs.target
 |    |   seed, sysctl, ...)          v           |             |              |
 |    |      |                 local-fs.target    |             | _____________/
 |    |      |                        |           |             |/
 \____|______|_______________   ______|___________/             |
                             \ /                                |
                              v                                 |
                       sysinit.target                           |
                              |                                 |
       ______________________/|\_____________________           |
      /              |        |      |               \          |
      |              |        |      |               |          |
      v              v        |      v               |          |
 (various       (various      |  (various            |          |
  timers...)      paths...)   |   sockets...)        |          |
      |              |        |      |               |          |
      v              v        |      v               |          |
timers.target  paths.target   |  sockets.target      |          |
      |              |        |      |               v          |
      v              \_______ | _____/         rescue.service   |
                             \|/                     |          |
                              v                      v          |
                          basic.target         *rescue.target*  |
                              |                                 |
                      ________v____________________             |
                     /              |              \            |
                     |              |              |            |
                     v              v              v            |
                 display-    (various system   (various system  |
             manager.service     services        services)      |
                     |         required for        |            |
                     |        graphical UIs)       v            v
                     |              |            *multi-user.target*
emergency.service    |              |              |
        |            \_____________ | _____________/
        v                          \|/
*emergency.target*                  v
                              *graphical.target*
3.1.1.2. User Manager Startup
  • The services are mainly stored in /etc/systemd/user/ and ~/.config/systemd/user/
  • They are installed in
  • Starts the unprivileged user@uid.service units. The user@.service file does not contain uid itself.
  • It also activates units that default.target is depending on. The login manager will start the graphical-session.target when the user logs into a graphical session.
   (various           (various         (various
    timers...)         paths...)        sockets...)    (sound devices)
        |                  |                 |               |
        v                  v                 v               v
  timers.target      paths.target     sockets.target    sound.target
        |                  |                 |
        \______________   _|_________________/         (bluetooth devices)
                       \ /                                   |
                        V                                    v
                  basic.target                          bluetooth.target
                        |
             __________/ \_______                      (smartcard devices)
            /                    \                           |
            |                    |                           v
            |                    v                      smartcard.target
            v            graphical-session-pre.target
(various user services)          |                       (printers)
            |                    v                           |
            |       (services for the graphical session)     v
            |                    |                       printer.target
            v                    v
     *default.target*      graphical-session.target

3.1.2. Units

  • .service, .socket, .device, .mount, .automount, .swap, .target, .path, .timer, .slice, .scope.
  • Special units are provided by the systemd. Many of them cannot be renamed.
3.1.2.1. Services
  • A service unit looks as follows:

    [Unit]
    Description=<description>
    
    [Service]
    Type=oneshot
    ExecStart=<shell command> # executed when the service starts
    ExecStartPre=<shell command> # it might be `sleep`
    
3.1.2.2. Timers
  • Showing every timers. $ systemctl list-timers
  • A timer unit looks as follows:

    [Unit]
    Description=<description>
    
    [Timer]
    OnActiveSec=10sec # 10 second after the timer activates
    OnBootSec=10m # 10 min after boot
    OnStartupSec=10m # 10 min after the systemd starts
    OnUnitActiveSec=300s # 300 sec from last activation of the unit the timer unit is activating
    OnUnitInactiveSec=1w # 1 week after the last deactivation of the unit the timer unit is activating
    RandomizeDelaySec=300s # add up to 300 sec to OnUnitActiveSec.
    
    [Install]
    WantedBy=timers.target # specify to create symlink under either
                           # /etc/systemd/system/timers.target.wants/
                           # ~/.config/systemd/user/timers.target.wants/
                           # when enabled.
    
  • A timer unit runs a service unit with the same name. This service doesn't need Install section, as it is ran directly from timer.
3.1.2.3. Path
  • System Units
Path Description  
/etc/systemd/system.control Persistent and transient configuration created using the dbus API  
/run/systemd/system.control    
/run/systemd/transient Dynamic configuration for transient units  
/run/systemd/generator.early Generated units with high priority (see early-dir in systemd.generator(7))  
/etc/systemd/system System units created by the administrator  
/run/systemd/system Runtime units  
/run/systemd/generator Generated units with medium priority (see normal-dir in systemd.generator(7))  
/usr/local/lib/systemd/system System units installed by the administrator  
/usr/lib/systemd/system System units installed by the distribution package manager  
/run/systemd/generator.late Generated units with low priority (see late-dir in systemd.generator(7))  
  • User Units
Path Description
$XDG_CONFIG_HOME/systemd/user.control or ~/.config/systemd/user.control Persistent and transient configuration created using the dbus API ($XDG_CONFIG_HOME is used if set, ~/.config otherwise)
$XDG_RUNTIME_DIR/systemd/user.control  
$XDG_RUNTIME_DIR/systemd/transient Dynamic configuration for transient units
$XDG_RUNTIME_DIR/systemd/generator.early Generated units with high priority (see early-dir in systemd.generator(7))
$XDG_CONFIG_HOME/systemd/user or $HOME/.config/systemd/user User configuration ($XDG_CONFIG_HOME is used if set, ~/.config otherwise)
$XDG_CONFIG_DIRS/systemd/user or /etc/xdg/systemd/user Additional configuration directories as specified by the XDG base directory specification ($XDG_CONFIG_DIRS is used if set, /etc/xdg otherwise)
/etc/systemd/user User units created by the administrator
$XDG_RUNTIME_DIR/systemd/user Runtime units (only used when $XDGRUNTIMEDIR is set)
/run/systemd/user Runtime units
$XDG_RUNTIME_DIR/systemd/generator Generated units with medium priority (see normal-dir in systemd.generator(7)
$XDG_DATA_HOME/systemd/user or $HOME/.local/share/systemd/user Units of packages that have been installed in the home directory ($XDG_DATA_HOME is used if set, ~/.local/share otherwise)
$XDG_DATA_DIRS/systemd/user or /usr/local/share/systemd/user and /usr/share/systemd/user Additional data directories as specified by the XDG base directory specification ($XDG_DATA_DIRS is used if set, /usr/local/share and /usr/share otherwise)
$dir/systemd/user for each $dir in $XDG_DATA_DIRS Additional locations for installed user units, one for each entry in $XDG_DATA_DIRS
/usr/local/lib/systemd/user User units installed by the administrator
/usr/lib/systemd/user User units installed by the distribution package manager
$DG_RUNTIME_DIR/systemd/generator.late Generated units with low priority (see late-dir in systemd.generator(7))
3.1.2.4. Utility
  • Reload the newly created daemons.
    • sh systemctl daemon-reload
  • Create and edit a unit.
    • sh systemctl edit --force --full <name.unitname>
    • It's created under /etc/systemd/system/.
  • Enable and start a daemon.
    • sh systemctl enable --now <daemon>
  • Enable userspace daemon.
    • sh systemctl enable --user <daemon> # it enables <daemon>@<uid>
    • Creates symlink under ~/.config/systemd/user/*.target.wants/
      • default.target.wants
      • socket.target.wants
      • timer.target.wants

3.1.3. Login

  • systemd-logind

Manages sessions that are registered by getty, display manager, and terminal emulator.

  • Responsibility
    • Keeping track of users and sessions, their processes and their idle state. This is implemented by allocating a systemd slice unit for each user below user.slice, and a scope unit below it for each concurrent session of a user. Also, a per-user service manager is started as system service instance of user@.service for each logged in user.
    • Generating and managing session IDs. If auditing is available and an audit session ID is already set for a session, then this ID is reused as the session ID. Otherwise, an independent session counter is used.
    • Providing polkit[1]-based access for users for operations such as system shutdown or sleep
    • Implementing a shutdown/sleep inhibition logic for applications
    • Handling of power/sleep hardware keys
    • Multi-seat management
    • Session switch management
    • Device access management for users
    • Automatic spawning of text logins (gettys) on virtual console activation and user runtime directory management
    • Scheduled shutdown
    • Sending "wall" messages
  • It uses pam_systemd.so
  • /etc/systemd/logind.conf customize the session behavior
    • IdleAction=ignore|suspend|hibernate|poweroff|...
    • IdleActionSec=30min|30s|...

4. Storage

Disk/Drive -> Volume -> Partition -> File System -> Virtual File System

4.1. Volume

4.1.1. Logical Volume

  • lvm Logical Volume Manager
    • It creates volume groups in which a logical volume can be allocated.
      • The root file system can be on logical volume in Linux.

4.2. Partition

4.2.1. MBR

4.2.2. GPT

4.2.3. fdisk

  • g GPT partition table
  • n new partition
  • t set type for the partition

4.3. File System

  • mkfs.FS to install
  • Filesystem can be labeled

4.3.1. ext4

  • It uses extents in order to allocate pages to a file. ext3 allocated each pages

individually, making the file tree larger.

4.3.2. btrfs

  • Copy on Write (COW) (Implicit Sharing, Shadowing). A change of a file is saved in a separate

location on write, with journal tracking the history.

  • It may add an extra load, but it keeps the integrity of the system.

4.3.3. ZFS

4.3.3.2. SPA
  • Storage Pool Allocator
  • Write to the physical disks and return block pointer to the DMU
4.3.3.3. DMU

Data Management Unit

  • Translate into actual file location
4.3.3.4. ZPL

ZFS POSIX Layer

  • Handles the file interface from VFS.
4.3.3.5. ZVOL

ZFS Volume

Expose a plain block of storage.

4.4. Automount

  • File systems are mounted on bootup according to the /etc/fstab (file system table).
  • Options
    • Device specification.
      • LABEL, UUID, device filename
    • mount point
    • File system type
    • Mount options. It is specific for each file systems.
    • Dump number. The order in which the dump occurs.
      • Does not dump if 0.
    • passno. fsck order.
      • 0: Does not check
      • 1: Root file system
      • 2: Others

4.5. udisks

udisksd(8)

  • Provided by udisks2 package
  • D-bus interface that query or manipulates storage devices, in particular it can mount devices.

4.5.1. udisksctl

CLI tool

4.6. Archive

4.6.1. Compression

  • gzip compress the file in place .gz
    • -k keep the original file
    • -c --stdout
    • -d decompress
    • -r recursively compresses the files in the directory
    • -f force
  • xz
    • .xz
  • bzip2
    • .bzip
  • ziptool zipcmp
    • .zip
4.6.1.1. Tarball
4.6.1.2. cpio
  • cpio
  • It stores the file table in ASCII format, (in the new format)

4.7. File Management

  • The shell points to the file inode?, that it moves along when the current

working directory moves.

  • rm directly unlink the inode?

4.7.1. Trash

  • The GUI puts them in ~/.local/share/Trash

4.7.2. Dot Files

Dot files came around unintentionally. When the Unix file system were being developed, either Ken or Dennis decided to check for the dot in the beginning of the filename in order to hide the . and .. file. This functionality then became adopted to create hidden files.

Linux Dot Files Were Never Meant To Exist - YouTube

5. Network

5.1. Network Managers

5.1.1. systemd-networkd

5.1.2. NetworkManager

A monolith network controller. It takes care of DNS, DHCP, Wi-Fi.

  • $ nmcli
    • connection
      • show
      • modify CONNECTION_NAME (OPTION_NAME OPTION_VALUE)...
        • The CNNECTION_NAME can be found in the first column of nmcli connection show.
        • ipv4.method (manual), ipv4.address, ipv4.gateway, ipv4.dns
  • nmtui

5.2. iwd

Wifi client.

  • $ iwctl

5.3. Firewalls

5.3.1. ufw

  • It modifies the filter iptable in the kernel firewall, so that it can

directly manages the packets?

  • allow <start_port>:<end_port>/<protocol>
  • reload

Examples

sudo ufw allow 1714:1764/udp
sudo ufw allow 1714:1764/tcp
sudo ufw reload

KDE setting can configure it.

5.3.2. firewalld

5.4. Utilities

  • ss dump socket statistics.
  • netstat from core/net-tools

5.5. ssh

  • Secure Shell

5.5.1. Authentication

Authentication is done via password by default. Set

PasswordAuthentication no # modify, not add

The public key authentication can be set up with following tools.

  • ssh-keygen generate key pair. They are stored in ~/.ssh/ by default.
  • ssh-copy-id copy the public key to the ssh server to register the client.
  • ssh-agent the authentication agent
    • ssh-add add private key identites to the agent. Run eval $(ssh-agent -s) beforehand.

When connecting to a server, ssh tests the following identities by default:

  • ~/.ssh/id_rsa
  • ~/.ssh/id_dsa
  • ~/.ssh/id_ecdsa
  • ~/.ssh/id_ed25519

Additionally, ssh -i <key file> <user>@<host> to use external identity file not registered to the agent. All registered identity files are tested, unless -o IdentitiesOnly=yes option is given.

5.5.2. Configuration

Stored in ~/.ssh/config

The format looks like:

<Var> <val> # global option

Host <alias>
    Hostname <domain/ip address>
    User <username>
    IdentityFile <path to private key>
    IdentitiesOnly yes  # test only the files given in IdentityFile

6. Graphics

6.1. BIOS

  • It can use graphics by directly accessing the graphics card via older "INT 10h BIOS calls" or "VESA BIOS Extensions"

6.2. UEFI

  • Differing from BIOS, It uses UEFI GOP(Graphics Output Protocol)

6.3. Splash Screen

  • Displayed by plymouth which is part of initramfs, and called by bootloader with kernel option splash.
  • It will use KMS if it can, otherwise it uses UEFI framebuffer.

6.4. Framebuffer

  • The framebuffer is exposed through /dev/fb0 by the kernel.

6.5. KMS

Kernel Mode Setting. A kernel module.

  • Display resolution and deth is set in kernel space.
  • Controls low-level graphics.

6.6. DRM

Direct Rendering Manager. A kernel subsystem.

  • Directly controls GPU. Accessed by some form of libDRM.

6.7. Mesa3D

  • Userspace
  • Translation layer from various graphics APIs to DRMs.
  • Do the heavy lifting, specified by OpenGL, Vulkan and others.

6.8. GPU

  • GPU driver and wayland compositor must use the same buffer API.

6.8.1. Driver

A driver is a set of software that "drives", in other words "makes it work", specific hardwares. It can be firmware, kernel BLOB, Mesa-like translation layer, and everything in between.

6.8.1.1. NVIDIA
  • Nouveau: Kernel Driver and Userspace Driver
  • NVK: Part of Mesa. Use Nouveau kernel driver.
  • NVIDIA Linux Open GPU Kernel Module: Open Driver by NVIDIA
  • NVIDIA Driver: Proprietary One.
6.8.1.2. AMD
  • AMDGPU: Kernel Driver by AMD.
  • AMDGPU-PRO: Proprietary userspace driver that uses AMDGPU as the kernel driver.
  • RADEON SI, RADV: Part of Mesa. OpenGL and Vulkan repectively.
  • AMDVLK: Copy of the proprietary driver.
6.8.1.3. Intel
  • i915: Kernel Driver
  • i965, ANV: Part of Mesa. Userspace Driver for OpenGL and Vulkan respectively.
  • Xe: New Kernel Driver

6.8.2. Buffer API

6.8.2.1. GBM
6.8.2.2. EGLStreams

6.8.3. libva

  • Accelerated video encoding/decoding.
  • Provided by the libva and used alongside with a driver.
  • AMD: libva-mesa-driver (VA-API), mesa-vdpau (VDPAU).
    • libva-utils provides vainfo that inspects the current setup.

6.8.4. General-Purpose Computing

6.8.4.1. ROCm

The recent versions (>6.1.0) does not officially support RDNA2 and below (≤Radeon RX 6000 series), but the compatibility is not fully broken yet (<6.4.1). Try setting the environment variable HSA_OVERRIDE_GFX_VERSION to matchs the RDNA version.

export HSA_OVERRIDE_GFX_VERSION=10.1.0  # RDNA
export HSA_OVERRIDE_GFX_VERSION=10.3.0  # RDNA2

Run rocminfo to see if the device is recognized correctly.

  • rocm-smi-lib
    • System Management Interface
    • Interact with the GPU, and monitor them with rocm-smi command.
6.8.4.2. CUDA
  • NVIDIA

6.9. GUI Framework and Toolkit

6.9.1. GTK

  • Cross-platform GUI widget toolkit.
6.9.1.1. Architecture

The_GTK_toolkit.png

Figure 1: GTK toolkit

6.9.1.2. Pango
  • Stylized as Παν語. It is a text layout engine that includes HarfBuzz, the text shaping engine.
6.9.1.2.1. Markup

6.10. Display Manager

6.10.1. sddm

SDDM, Simple Desktop Display Manager

  • The configuration file is in /etc/sddm.conf and /etc/sddm.conf.d/, and the default setting is in /usr/lib/sddm/sddm.conf.d/default.conf
  • The scripts and the themes are stored under /usr/share/sddm/.

6.11. Display Server

6.11.1. Wayland

  • It is a successor of Xorg for modern systems. It is minimal by design, delegating much of the desktop specific stuff to compositors. wlroots library is developed to prevent fragmentation of effort.
  • The entries for sessions are stored in /usr/share/wayland-sessions/ as .desktop entries.
6.11.1.1. Compositor
  • Wayland compositor is a combination of Xorg window manager and compositor.
  • Most of wayland compositors requires KMS enabled.
  • It takes inputs from evdev via libinput, and deals with wayland clients, and displays the graphics using KMS or Mesa.
6.11.1.1.1. Mutter
  • Compositor of GNOME desktop environment.
6.11.1.1.2. KWin
  • Compositor of KDE plasma. Does not use wlroots as of Sep. 2023.
  • See KWin.
6.11.1.1.3. hyprland
  • Based on wlroots
  • waybar, wofi, dunst are used alongside to complement the functionalities.
6.11.1.1.3.1. Utility
  • hyprctl
    • clients Show all the window(client) information
6.11.1.1.3.2. Configuration
  • The overall configuration is done in the user config, ~/.config/hypr/hyprland.conf.
  • Add kb_options = caps:swapescape to swap the escape key and caps lock key.
  • The input method is available by simply autostarting fcitx5. The keyboard event is redirected to Wayland by text-input.
    • For the XWayland applications, the environment variables GTK_IM_MODULE=fcitx and QT_IM_MODULE=fcitx might be specified.
    • It works fine without it, until now.
6.11.1.1.3.3. Animation
  • animation = NAME, ENABLED, TIME(ds), CURVE
6.11.1.1.3.4. Keybindings
  • Dispatcher
    • The command that delivers specific signals.
  • bind = MOD, KEY, DISPATCHER, ARGUMENT
6.11.1.1.3.5. Window Rule
  • windowrule = RULE, WINDOW
6.11.1.1.3.6. QT Theme
  • KDE Theme is controlled using qt6ct (qt5ct for legacy), which then uses the color scheme set by the kvantum.
    • It is enabled by QT_QPA_PLATFORMTHEME=qt6ct
      • Further QT_QPA_PLATFORM=wayland when using wayland
      • Additionally
        • QT_WAYLAND_DISABLE_WINDOWDECORATION=1
  • kvantum can directly modify the style with the environment variable QT_STYLE_OVERRIDE=kvantum. It should not be set when qt6ct is used.
6.11.1.1.3.7. wofi
  • style.css
6.11.1.1.3.8. waybar
  • config.jsonc
    • custom/...
      • The result of exec is displayed within {} set by the format.
        • {} is broken. Use {0}.
      • return-type can be set to json for the result of the exec
      • The exec can be set to a command that runs continuously.
  • style.css
* {
    border: none;
    font-family: Font Awesome, Roboto, Arial, sans-serif;
    font-size: 13px;
    color: #ffffff;
    border-radius: 20px;
}

window {
    /*font-weight: bold;*/
}
window#waybar {
    background: rgba(0, 0, 0, 0);
}
/*-----module groups----*/
.modules-right {
    background-color: rgba(0,43,51,0.85);
    margin: 2px 10px 0 0;
}
.modules-center {
    background-color: rgba(0,43,51,0.85);
    margin: 2px 0 0 0;
}
.modules-left {
    margin: 2px 0 0 5px;
    background-color: rgba(0,119,179,0.6);
}
/*-----modules indv----*/
#workspaces button {
    padding: 1px 5px;
    background-color: transparent;
}
#workspaces button:hover {
    box-shadow: inherit;
    background-color: rgba(0,153,153,1);
}

#workspaces button.focused {
    background-color: rgba(0,43,51,0.85);
}

#clock,
#battery,
#cpu,
#memory,
#temperature,
#network,
#pulseaudio,
#custom-media,
#tray,
#mode,
#custom-power,
#custom-menu,
#idle_inhibitor {
    padding: 0 10px;
}
#mode {
    color: #cc3436;
    font-weight: bold;
}
#custom-power {
    background-color: rgba(0,119,179,0.6);
    border-radius: 100px;
    margin: 5px 5px;
    padding: 1px 1px 1px 6px;
}
/*-----Indicators----*/
#idle_inhibitor.activated {
    color: #2dcc36;
}
#pulseaudio.muted {
    color: #cc3436;
}
#battery.charging {
    color: #2dcc36;
}
#battery.warning:not(.charging) {
    color: #e6e600;
}
#battery.critical:not(.charging) {
    color: #cc3436;
}
#temperature.critical {
    color: #cc3436;
}
/*-----Colors----*/
/*
 *rgba(0,85,102,1),#005566 --> Indigo(dye)
 *rgba(0,43,51,1),#002B33 --> Dark Green 
 *rgba(0,153,153,1),#009999 --> Persian Green 
 *
 */
6.11.1.1.4. sway
  • It is a i3 port. Most of the configuration in the i3 is directly transportable to sway.

6.11.2. X.Org

  • First released in 2004.
  • Implementation of the X11 protocol, the 11th version of X.
6.11.2.1. History
6.11.2.2. Configuration
  • The config file is /etc/X11/xorg.conf or /etc/X11/xorg.conf.d/ or /etc/xorg.conf.
    • The config file can be generated automatically via # Xorg :0 -configure, and the new config file will be stored in /root/xorg.conf.new.
  • The X sessions are stored in /usr/share/xsessions/
6.11.2.3. Keyboard Configuration
  • https://wiki.archlinux.org/title/Xorg/Keyboard_configuration
  • Xorg server uses X Keyboard Extension(XKB) to define keyboard layouts. ((669f0999-e2de-48bd-b186-c4ffddd75df8)) also defaults to use this.
  • xmodmap directly access the internal keymap table.
  • localectl can be used to define to the keyboard layout for both the Xorg server and the virtual console.
6.11.2.4. Compose Key

https://man.archlinux.org/man/Compose.5

  • *a aa å, ss ß, ae æ, oe œ, o/ ø, !a ạ, ?a ả, c, ç
  • -> →, ?? ¿, — —, oo °, .. …, fi fi, 0~ ⍬, <> ⋄, |- † (dagger), |= ‡(double dagger), PP ¶, So §, [] ⌷, :) ☺, ? ☭, .= •, .^ .- ·, !^ ¦, <” ", <' ', ," „, <3 ♥,
  • ,
  • ## ♯, #b ♭, #f ♮, #q ♩, #e ♪, #E ♫, #S ♬
  • or ®, oc ©, L- £, S| $, W= ₩, Y= ¥, P= ₽, %o ‰, 12 ½, tm ™, sm ℠
  • xx ×,:- ÷, {} ∅, +- ±, = ≠, =_ ≡, ~~ ≈, 88 ∞, RR ℝ, .: ∵, :. ∴, -, ¬, v
  • ^1 ¹, /1 ₁, ^( ⁽, /( ₍, ^n ⁿ, ^a ª, ^o º, ^i ⁱ, (1) ①, mu µ(micro sign)
  • The full compose options are specified in /usr/share/X11/locale/en_US.UTF-8/Compose.
6.11.2.4.1. Configuration
6.11.2.4.1.1. Multi-Key
  • The compose key can be set by the desktop environment, or passing compose:<substitute> to XkbOptions, or $ setxkbmap -option compose:<substitute>.
    • Available substitution is specified in /usr/share/X11/xkb/rules/base.lst.
6.11.2.4.1.2. Key Combinations
  • The key combinations are locale dependent.
  • The definition file is set to ~/.XCompose if it exists.
    • Either include all the key combinations form the default, or import the default one with include "%L"
6.11.2.5. Window Manager

WM

  • Window manager is a special X client that manages other clients' graphics.
6.11.2.5.1. Xmonad
6.11.2.5.2. Qtile
6.11.2.5.3. i3
6.11.2.5.4. Awesome

6.12. Desktop Environment

6.12.1. XDG

X Desktop Group, Freedesktop

  • XDG is a standard for desktop environments.
6.12.1.1. Desktop Entries
  • Files with .desktop extension name. It is a TOML file with specification.
  • To be displayed in application menu, It needs to be in
    • /usr/share/applications/ or /usr/local/share/applications/ (system-wide)
    • ~/.local/share/applications/ (user-wide)
    • Entries in user-wide folder will override the system-wide ones.
    • The icons need to be either PNG or SVG format and stored in $XDG_DATA_DIRS/icons or /usr/share/pixmaps.
6.12.1.1.1. Specification
[Desktop Entry]
Name=DISPLAYED_NAME
Exec=COMMAND
Terminal=false
Path=WORKING_DIRECTORY
Icon=BASE_FILE_NAME
Type=Application
MimeType=LIST;OF;MIME_TYPES;
Actions=SEMICOLON;SEPERATED;ACTION_NAME;

[Desktop Action ACTION_NAME]
Name=DISPLAYED_NAME
Exec=COMMAND
6.12.1.2. XDG Autostart
  • Autostart desktop entries in
    • ~/.config/autostart/ (user-wide)
    • /etc/xdg/autostart (system-wide)
  • The automatic placement is the job of the specific window manager.
6.12.1.3. XDG Desktop Portal

XDG Desktop Portal - ArchWiki

  • It is the standard for the D-Bus interface for various functionalities.
  • It was designed to, but not limited to, support the sandbox environment of Flatpak.
  • There is different implementation for the backend, such as xdg-desktop-portal-gtk, xdg-desktop-portal-kde, xdg-desktop-portal-wlr.
  • The backends are chosen based on the XDG_CURRENT_DESKTOP environment variable, which is provided by the desktop environments themselves.
    • /usr/share/xdg-desktop-portal/$XDG_CURRENT_DESKTOP-portals.conf is used by xdg-desktop-portal daemon (systemd user service) on requests.
    • ~/.config/xdg-desktop-portal/portals.conf for any desktop environment, and ~/.config/xdg-desktop-portal/$DE-portals.conf for a specific desktop environment.
  • On Wayland org.freedesktop.portal.GlobalShortcuts and org.freedesktop.portal.ScreenCast are used to compensate for the gap from the X11.
6.12.1.4. XDG Environmen Variables

These variables are set between the login? and the profile.sh script.

  • $XDG_DATA_DIRS
    • /usr/share/, /usr/local/share/ by default
    • I have added $HOME/.local/share as well.

6.12.2. GNOME

  • GNU Network Object Model Environment.
  • Based on GTK and XDG-compatible.
6.12.2.1. Gsettings
  • The user settings are stored in ~/.config/dconf/user which is a dconf database.
  • dconf database is focused on fast reads which is good for settings database that is read frequently but not written as much.
  • The settings are accessed with gsettings in command line and dconf-editor in GUI.
6.12.2.1.1. User default settings

Create /etc/dconf/profile/user with

user-db:user
system-db:<local:database name>

and create /etc/dconf/db/<local:database name>.d/00-<setting name> with specified format:

[path/to/dconf/section]
key1='value1'
key2='value2'
...

Lock the values so that users cannot override it by creating /etc/dconf/db/local.d/locks/<setting name> with

/path/to/dconf/key1
/path/to/dconf/key2
...

Update the system database with

$ dconf update
6.12.2.1.2. GDM settings

GDM uses its own profile gdm. Therefore, create /etc/dconf/profile/gdm with

user-db:user
system-db:<gdm:database name>
file-db:/usr/share/gdm/greeter-dconf-defaults

and create database under /etc/dconf/db/<gdm:database name>/.

  • GDM background: /org/gnome/desktop/screensaver/picture-uri
6.12.2.2. GDM
  • GNOME Display Manager.
  • It bootstraps GUI environment.
6.12.2.3. Shell
6.12.2.3.1. Background
  • Specified by the xml files in /usr/share/gnome-background-properties/. The image files are in /usr/share/backgrounds/
6.12.2.3.2. Extension
  • Provided by gnome-shell-extensions package.
  • Controlled via gnome-extensions in command line.
  • Extension files are stored in ~/.local/share/gnome-shell/extensions/.
  • extension.js is a module instead of a script, from GNOME 45 on.
6.12.2.3.2.1. Integration
  1. GNOME Shell integration
    • Browser extension for the GNOME Shell extensions page to control extensions within itself.
    • It sends native messages as requested from the website.
  2. gnome-browser-connector
    • Provide the backend for GNOME Shell integration.
    • It takes the native messages and executes it.
6.12.2.3.2.2. Extensions
  1. auto-move-windows
    • move apps to specified workspace on launch.
6.12.2.4. Apps
  • GNOME developed its own UI library libadvaita. Advaita means nonduality in Sanskrit.
6.12.2.4.1. Nautilus
  • gnome-disk-utility: disk image mounter and writer
6.12.2.4.1.1. Add-ons
  • nautilus-sushi: Preview by pressing spacebar.
  • nautilus-image-converter: Resize and rotate within nautilus.
6.12.2.4.2. GNOME Boxes
6.12.2.5. Others
  • Alt+F2=(run modal) =r to reload gnome-shell on Xorg.
  • Super+LMB moves the window and Super+MMB resizes the window, and Super+RMB opens the window menu.

6.12.3. KDE Plasma

6.12.3.1. KWin
  • The compositor (window manager in X.Org)
  • Meta-T sets the custom tiling layout
  • S-<drag> place a window into a tiling zone
6.12.3.1.1. KWin Scripts
  • Krohnkite
    • M-[S]-\ rotate through layouts
6.12.3.2. KRunner
  • The quick launcher. Equivalent to Spotlight in MacOS.
  • Keywords can be used to invoke specific functionalities.
6.12.3.2.1. Keywords
  • define dictionary
  • # special character
  • <keyword>: web search
  • spell spell check
  • kill kill a process
6.12.3.3. Template
  • KDE expects the template files in ~/.local/share/templates/ as a .desktop files.

6.12.4. COSMIC DE

  • A Wayland desktop environment developed independent of GNOME or KDE by Pop!OS team.

6.13. Font

6.13.1. Format

  • .ttf
  • .otf
  • .woff2
  • metafont

6.13.2. Font Families

6.13.2.1. Nerd Fonts
  • nerd-fonts https://www.nerdfonts.com
  • Ligature Support
    • FiraCode Nerd Font firacode-nerd
    • Hasklug Nerd Font hasklig-nerd
    • Cascadia Mono Nerd Font cascadia-mono-nerd
    • Iosevka Nerd Font, IosevkaTerm Nerd Font, IosevkaTermSlab Nerd Font iosevka-nerd, iosevkaterm-nerd, iosevkatermslab-nerd
    • JetBrainsMono Nerd Font, JetBrainsMonoNL Nerd Font jetbrains-mono-nerd
    • Monoid Nerd Font monoid-nerd
6.13.2.2. Internationalization
  • Japanese
    • adobe-source-han
  • Indic fonts
    • ttf-indic-otf
  • Arabic fonts
    • ttf-arabeyes-fonts
6.13.2.3. Math fonts
  • STIX (installed)
  • XITS: a fork of STIX
6.13.2.4. Installed
  • Nerd Fonts (Group)
  • noto-fonts-cjk
  • Korean fonts: ttf-kopub (AUR), ttf-nanum (AUR)

6.13.3. Configuration

6.13.3.1. Directories
  • Fonts are saved under
    • /usr/local/share/fonts/ (system-wide)
    • /usr/share/fonts/ (package manager)
    • ~/.local/share/fonts/ (user)
    • ~/.fonts/ (deprecated).
  • Run fc-cache after putting a font in one of the directories, to make it usable.
6.13.3.2. Fontconfig
  • fc: The infrastructure that manages fonts
  • $ fc-list to view all installed fonts.

Config files are in

  • /etc/fonts (System)
  • /usr/share/fontconfig (List)
  • ~/.config/fontconfig (User)
  • /etc/fonts/conf.d contains the list of paths to each fonts, which is managed by the fc.
  • /usr/share/fontconfig/conf.avail
    • The directory for the list of all fonts available.
    • TeX Live expose every fonts it contains here.
    • make a link to a file in this directory, in the /etc/fonts/conf.d makes it globally accessible.
      • # ln -s /usr/share/fontconfig/conf.avail/09-texlive-fonts.conf /etc/fonts/conf.d/09-texlive-fonts.conf
  • Pango uses fontconfig library to access fonts, with the config files in /etc/fonts/ and ~/.config/fontconfig
  • Older applications does not support fontconfig, so the index needs to be created
    • Such as, GTK 1.x and xfontsel
    • Use mkfontscale, mkfontdir

7. Audio

7.1. Sound Driver

Interact with physical sound cards.

7.1.1. ALSA

  • Advanced Linux Sound Architecture
  • It is a kernel components that provides sound devices in a form of sound cards, both physical and virtual, to the usermode programs.
  • Although it is possible for a program to connect directly to a sound card via ALSA, It only connect them one to one. If multiplexing is needed, a sound server is required.

7.2. Sound Server

7.2.1. pulseaudio

  • It takes multiple sources and multiplexes it, but no more than that.
  • Packages: pulseaudio, pulseaudio-alsa, pulseaudio-bluetooth
  • pactl
    • stat
    • info
    • list
    • {upload|play|remove}-sample
    • {load|unload}-module
    • {set|get}-{sink|source}-{port|volume|mute}
    • @DEFAULT_SINK@ @DEFAULT_SOURCE@ @DEFAULT_MONITOR@ can be used.

7.2.2. pipewire

  • It manages each source and sink in separate sessions, which gets rid of complicated workarounds. It is fully compatible with pulseaudio, and provides flexibility of jack.
  • It also multiplexes a stream of video.
  • Packages
    • pipewire It provides the user service pipewire. It is often triggered by socket.
    • pipewire-pulse Drop-in replacement for pulseaudio
    • pipewire-jack
    • pipewire-alsa
    • pipewire-roc ROC is the framework for remote audio streaming. This provides the ROC sink and source.
7.2.2.1. wireplumber
  • pipewire session manager.
  • It replaces and improve upon the default pipewire-session-manager.
  • wpctl
    • status
7.2.2.2. qpwgraph
  • Qt based pipewire GUI patchbay.
7.2.2.3. helvum
  • GTK based pipewire GUI patchbay.

7.3. Player

7.3.1. mpd

Music Player Daemon

  • The user daemon is provided.
  • It communicates through the port 6600 by default.
  • Database -> Playlists -> Current Playlist (Queue) -> Play
  • The frontend includes mpc (CLI), ario (GTK)

mdpris2 or mpd-mpris provides MPRIS support.

7.3.1.1. Configurations
  • music_directory
  • playlist_directory set to ~/.config/mpd/playlists/
  • db_file set to ~/.config/mpd/database
  • audio_input
  • audio_output
    • type: pulse, pipewire, …
    • name: the alias for the output. It can be anything.

See Music Player Daemon — Music Player Daemon documentation, Music Player Daemon - ArchWiki

7.4. MPRIS

Media Player Remote Interfacing Specification

Standard D-Bus interface for controlling media players.

7.4.1. playerctl

Utility to send commands to MPRIS clients.

8. Device

8.1. Input Subsystem

1. Introduction — The Linux Kernel documentation

  • Collection of drivers that is designed to support all input devices under Linux
  • The core is the input module, that enables the communication between event handlers and device drivers.

8.1.1. Event Handlers

8.1.1.1. evdev
  • Kernel Interface
  • evdev is the generic input event interface. It passes the events generated in the kernel straight to the program, with timestamps. The event codes are the same on all architectures and are hardware independent.
  • It handles the events generated by the various device drivers, and pass them via various interfaces, keystrokes to the kernel, mouse movements to the display server, etc.
8.1.1.2. keyboard
  • In-Kernel Input Handler
  • Part of VT code, and it handles keyboard keystrokes and user inputs for VT consoles.

8.1.2. Device Drivers

  • Kernel modules that generate events.
  • usbkbd, usbmouse, atkbd=(PS/2), =psmouse

8.1.3. uinput

7. uinput module — The Linux Kernel documentation

  • Kernel module for emulating evdev devices exposed through /dev/input/uinput in the userspace.
8.1.3.1. libevdev
  • Wrapper library for creating uinput devices and sending events.

8.2. udev

  • It also takes part in managing the device files, alongside with the kernel.
  • See

8.3. Keyboard

Keyboard input - ArchWiki

  1. Keyboard sends a scancode

    • Keycodes and scancodes can be examined through evtest or showkey utility.

    Note that they only works in virtual consoles.

  2. Kernel maps it to a keycode
    • udev rule can specify the map.
    • setkeycodes can be used to modify the mapping table in the kernel temporarily.
  3. And it is mapped to keysym by keymaps
    • The keymaps are stored under /usr/share/kbd/keymaps/
    • Use localectl, or add KEYMAP=<keymap> to /etc/vconsole.conf for the case of virtual console. loadkeys is also available to set it for a session.
    • loadkeys, dumpkeys are used to directly access the keyboard translation table.

8.4. Input Method

8.4.1. Ibus

  • GNOME focused
  • ibus
GTK_IM_MODULE=ibus
QT_IM_MODULE=ibus
XMODIFIERS=@im=ibus
  • ibus-hangul

8.4.2. fcitx

  • KDE focused
  • fcitx5-im group includes fcitx5, fcitx5-gtk, fcitx5-qt, fcitx5-configtool
    • fcitx is no more being on development.
  • fcitx5 provide the basic framework only giving English support. It is an interface in the place of the keyboard, for the input method engine (IME) to input texts.
  • Input method modules support is provided by fcitx5-qt, fcitx5-gtk.
    • It is not necessary for Wayland native protocol.
    • KWin handle input methods with a "virtual keyboard", and it requires both. fcitx5-gtk is needed for chromium and vscode.
  • C-M-h toggles the completion
    • It clashes with Evil mode
8.4.2.1. Addons
  • Unicode
    • <C-S-u>: Insert unicode by codepoint
    • <C-A-S-u>: Insert unicode by name
8.4.2.2. Configuration
  • Input Method Engines: fcitx5-hangul, fcitx5-anthy, fcitx5-mozc, …
  • Addons: clipboard, quickphrase, …
    • fcitx5-configtool includes the kcm-fcitx5 module for the Plasma settings, and fcitx5-config-qt is an independent GUI tool.

8.5. Input Remaps

8.5.1. interception

  • keyd
  • interception-tools
    • It grabs from an input stream and release it after modifying it.

8.6. Printer

  • cups

8.7. Customizations

8.7.1. Razer Keyboard and Mouse

  • OpenRazer
    • The openrazer-daemon provides the dymanic kernel module and the daemon that can interact with it.
    • User must be added to the plugdev group via gpasswd -a $USER plugdev.
    • The daemon can be accessed through D-Bus.
    • RazerGenie is the Qt frontend that is available on FlatHub (limitedly, on AUR).

8.7.2. Keychrone

  • VIA is available on the web. It interacts with the hardware directly through /dev/hidrawX.
  • The file permission to read and write needs to be granted.

9. CLI

Shell is software, and terminal is hardware.

  • Console is a restricted version of terminal, using a predefined protocol and format.

9.1. Terminal

  • Back in the days, there was a device called the terminal, a separate device to interact with the system, in the early days teletype, and from 1969 onward a teletype that has display. But nowadays in GUI environments, we use terminal emulator instead, which is a program that simulates the environment of terminal. And within the terminal environment, we see the interactive texts which is the shell.
  • The terminal in the GUI environment is actually a terminal emulator.
  • Terminal was often a teletype, or tty.

9.1.1. Virtual Terminal

  • VT
  • /dev/ttyN

Console managed by the kernel.

Switch between them by C-M-<fN>.

9.1.2. Pseudo-terminal

  • PTY
  • /dev/pts/ptmx, /dev/pts/N

/dev/pts/ptmx is the multiplexer (manager) for pseudo-terminals. A pseudo-terminal consists of master and slave, where the master is accessed via file descriptor returned from /dev/ptmx and the slave is accessed via /dev/pts/N.

9.1.3. Terminal Emulator

GUI program that creates a new pseudo-terminal, displays it, and interact with it

It register keystrokes and send conrol characters to the master.

9.1.4. getty

getty (get tty) program initialize virtual terminal and prompt the user for login. After that, login is invoked to set up the environment.

login uses PAM to authenticate as well.

9.1.4.1. agetty
  • Almquist getty
  • Part of util-linux package.

getty on Arch Linux

9.1.5. Controlling Terminal

  • CTTY

The kernel receives the key stroke, and send to terminal emulator or virtual terminal.

If the terminal emulator receives a key combination (e.g. C-c), it sends the control characters (e.g. ^C) to the pseudo terminal

The pseudo-terminal (or virtual terminal) then send signals (e.g. SIGINT) to the processes in the foreground process group it controls.

  • C-c (SIGINT) terminate the process by default
  • C-d inputs EOT(End of Transmission) 0x04
    • EOF(End of File)
      • It is implementation dependent and must be negative.
      • -1 is commonly used, such as in glibc.
    • cat closes the file when encountered EOT twice in a row.
  • C-s suspend, C-q continue
    • It was used to control the terminal itself.

9.2. Shell

  • /usr/bin/sh is the symlink to the fallback shell?.
  • The default shell can be configured using the usermod -s SHELL USER or chsh -s SHELL. It modifies the /etc/passwd. Other programs use this information.

Shell passes the command that it does not recognize to execvp system call.

9.2.1. bash

  • The default shell from base.

See Bash.

9.2.2. fish

9.2.3. zsh

Zsh - ArchWiki

Z Shell

  • Configured in ~/.zshrc
  • It does not use ((66bc32ae-22af-4fdf-9ad4-5a2eb51532c6)), it uses Zsh Line Editor (ZLE) instead.
  • It is configured with bindkey builtin command.
  • -v vi, -e Emacs
  • Completion
    • zsh-completions provides extra completion functions.
    • autoload -Uz compinit; compinit;
  • Plugins
    • Stored in /usr/share/zsh/plugins/
    • zsh-autosuggestions source .../zsh-autosuggestions.zsh
    • zsh-syntax-highlighting source .../zsh-syntax-highlighting.zsh
  • The zsh syntax is compatible with Bash
  • Shell Built-ins
    • where similar to which
    • r N redo last command (or the N th command in this session)

9.3. Commands

9.4. Shebang

A script file can be executed by itself, if #!PROGRAM [OPTION] is in the first line of the file.

The exec system call recognize the #! in the beginning of file, and execute current file by calling PROGRAM [OPTION] <filename>. Note that only a single argument can be passed.

The mode needs to be set to executable. Hint: chmod +x <filename>

10. Access Control

  • Users, groups, and privileged processes are built into the kernel. Though they are not managed.

10.1. Management

10.1.1. shadow

Package in base

10.1.1.1. User
  • useradd, usermod, userdel to manage users.
  • The shell for a user is set by the -s flag.
  • The user information is stored in /etc/passwd.
10.1.1.2. Password

passwd <user> sets password for the specified user.

  • Passwords are stored in /etc/shadow, encrypted.
10.1.1.3. Group

groupadd, groupmod, groupdel to manage groups.

  • The group information is stored in /etc/group.

10.1.2. File

  • chown to change it.
  • chmod change file mode
    • {u|g|o|a}{+|-}{r|w|x|X|s|t|u|g|o}=
    • = add and remove other
    • X execute/search if directory, or it has execute permission for some user.
    • s set user or group ID on execution
    • t restricted deletion flag or sticky bit
    • u g o set it equal to this.
    • [NN]NNN the octal code for the premission
    • = rwx

10.2. Shell

10.2.1. login

  • The command that begin a session on the system

10.2.2. sudo

  • It gives users in sudo group, privilege to execute as root.
10.2.2.1. visudo
  • It modifies /etc/sudoers, the sudo configuration file, with syntax checking.
  • It uses the editor specified by EDITOR shell variable. To use vim, export EDITOR=vim
10.2.2.2. sudoedit
  • Edit a file with privilege.

10.3. systemd-logind

10.4. PAM

  • Pluggable Authentication Modules
  • PAM - ArchWiki
  • System of libraries for dynamically configured authentications, to be used by restricted services.
  • It can controls detailed application-wise authentications.
    • Such as, KDE Wallet, GNOME Keyring
    • For example, to automatically authenticate kwallet, add pam_kwallet5.so the auth section of the sddm, after installing the PAM compatible module, kwallet-pam. See KDE Wallet - ArchWiki

10.4.1. Configuration Files

  • /etc/pam.conf
  • /etc/pam.d: Linux-PAM configuration
  • /usr/lib/pam.d: Linux-PAM vendor configuration
  • system-auth: The authentication
  • system-login: Perform authentication with system-auth, and setup sessions.
  • system-local-login, system-remote-login: Wrapper of system-login to enable specific operations.

PAM-aware applications install their policy in this folder, for them to execute it on demand.

10.4.2. Modules

  • PAM modules are installed under /usr/lib/security exclusively.
  • The configuration files for individual modules are in /etc/security/.
10.4.2.1. pam_systemd.so
  • Register user sessions in the systemd login manager
10.4.2.2. pam_env.so
  • The default configuration file is /etc/security/pam_env.conf
  • Source the /etc/environment
    • And then read the file specified by the user_envfile option, which is, by default, $HOME/.pam_environment
10.4.2.3. pam_autologin.so
  • AUR
  • It must be in the beginning of the auth section.
  • /etc/security/autologin.conf must be manually created, for it to store the password.
  • Once the password is stored, the login happens automatically.

Use shred to delete the file

10.5. polkit

polkit - ArchWiki

  • toolkit for defining and handling the policy that allows unprivileged processes to speak to privileged processes

10.5.1. Authentication Agent

  • Agent program for each graphical environment that handles the on-demand authentication.

10.5.2. Configuration

  • Allowed actions or authorization rules can be defined.
  • They are stored in
    • /usr/share/polkit-1/actions/
    • /usr/share/polkit-1/rules.d/ (package), /etc/polkit-1/rules.d/ (user)

10.6. keyrings

  • In-kernel key management and retention facility

10.6.1. keyutils

  • keyctl CLI tool
  • library and set of utilities for accessing the kernel keyrings facility.

10.6.2. GNOME Keyring

gnome-keyring keyrings frontend for GNOME

10.7. Environment Variables

Environment variables - ArchWiki

  • printenv to list the variables
  • env <KEY=VAL> <command> to run command with modified environment
  • Each process stores their environment in the /proc/$PID/environ
    • /proc/$UID/environ contains most of the environment variables.
  • They need to be exported to be set globally.

10.7.1. Config Files

  • /etc/environment: Global environment variables, set by the pam_env.so
  • /etc/profile: The initial variables for the login shell only.
    • ~/.profile, ~/.bash_profile, …: Per user startup script
    • $ZDOTDIR/.zshenv, $ZDOTDIR/.zprofile, contains user profile and environment.
    • $ZDOTDIR/.zlogin, $ZDOTDIR/.zlogout contains terminal login shell configurations.
  • ~/.bashrc, ~/.zshrc, … : Shell specific configurations which is sourced by non-login interactive shells.

10.7.2. Graphical Session

  • Create a .desktop file to execute a shell script within ~/.config/autostart/.
  • Add .sh file under $HOME/.config/plasma-workspace/env/

11. Bluetooth

11.1. bluez

  • Bluetooth protocol stack. Manages bluetooth directly.
  • bluetoothctl
    • Provided by bluez-utils to interact with bluez.
  • gnome-bluetooth
    • It enables users to graphically interact with bluez in GNOME.

12. Virtualization

12.1. Harware Support

  • Named VT-x or vmx on Intel processors, and AMD-V or svm on AMD processors.

12.2. Hypervisor

12.2.1. Type-1

  • Native or baremetal hypervisor
12.2.1.1. Xen
  • Thin layer of software between hardware and operating systems
  • Require kernel support on top
  • Built into Arch Linux kernel.
  • Provided by xen package

12.2.2. Type-2

  • Hosted Hypervisor
12.2.2.1. KVM
  • Kernel-based Virtual Machine
  • Kernel modules kvm and either kvm_intel or kvm_amd
  • Provided by the Arch Linux kernel

12.3. Emulation

12.3.1. QEMU

  • Provided by qemu-full package
  • Does not provide any GUI or persistancy.
  • Add -enable-kvm flag to use KVM.
  • Default to the User-mode networking.
12.3.1.1. CLI
  • qemu-system-<arch> to run the virtual machine of a given architectrue
  • -cdrom <file> to insert a cd. It could be the /dev/... or an ISO file.
  • -m <size> to specify the RAM size. Default to few megabytes.
  • -boot d to specify how to boot.
  • -drive <file> to attach a virtual or physical drive.

12.4. libvirt

Virtualization management softwares.

  • Proveded by libvirt
  • dnsmasq and dmidecode needs to be installed separately.
  • dmidecode decodes the dmi file /sys/firmware/dmi/tables/smbios_entry_point

12.4.1. libvirtd

  • Daemon for libvirt server.

12.4.2. virsh

  • Command line libvirt client provided by libvirt.
  • virsh -c qemu+unix:///session to start on arch

12.4.3. GUI Client

  • The libvirtd need to be running.
12.4.3.1. GNOME Boxes
12.4.3.2. Virt-Manager
  • virt-manager
  • Require dnsmasq

12.5. VirtIO

  • Kernel module for guest OS for paravirtualization of devices.
  • virtio_win ISO is available.

12.6. SPICE

  • Paravirtualization of devices solution
  • spicewebdavd is required for file sharing in GNOME Boxes.

12.7. Waydroid

A fork of Anbox, that uses containerized approach to run as close to the hardware as possible.

  • binder-linux-dkms kernel module
  • lxc container
  • dnsmasq network
    • /etc/resolv.conf is the configuration file that must contain at least one nameserver.
  • waydroid-container.service it needs to be running for Waydroid to work.
  • The GAPPS image of Android include google services, and the device can be registered.

12.7.1. Configuration

  • wayland prop set persist.waydroid.multi_windows the floating windows within the waydroid.
  • wayland prop set persist.waydroid.fake_wifi APP_ID it appears connected to wifi for the app.
  • See Setting up a shared folder | Waydroid

12.8. Wine

Wine Is Not an Emulator

Translation layer from the Windows system calls to the Linux ones. Proton is well-known to be based on Wine.

wineprefix is the folder that contains the Windows environment. The location of the folder is passed to the wine by setting the environment variable WINEPREFIX=/pathto/window/environment wine some.exe.

WINEDEBUG environment variable is used for activating debugging messages.

12.8.1. wineserver

The Wine server starts automatically when the fisrt wine instance is created. It functions as the kernel for .exe programs, handling the scheduling, interprocess communication and so on.

13. Power

13.1. tlp

14. Programs

14.1. Installation

14.1.1. Package Manager

14.1.1.1. pacman
  • Arch Linux.
  • -S install
    • yu to update the core and upgrade all.
    • s search in the remote repository
    • c clean stale caches (the cache of older versions of programs)
    • cc purge all caches
  • -R remove
    • d skip dependency check, dd skip all checks
    • n purge the config data (User configs are not purged)
  • -Q query among what's installed
    • i show the detailed information, including dependencies.
    • m list foreign packages, which is not in the sync db
    • l files that are installed by the package
  • -F find in which package a file or a binary is.
14.1.1.2. Hooks
  • The vendor specification for hooks are in /usr/share/libalpm/hooks/,
  • and user specification can be stored in /etc/pacman.d/hooks/.

14.1.2. Flatpak

  • Part of GNOME project which includes GNOME desktop environment.
  • Main repository is Flathub, the official repository of Flatpak.
  • Apps are stored in /var/lib/flatpak/app/ and the desktop entries are in <appID>/current/stable/export/share/applications/.
  • App data are under ~/.var/app/.
  • It has its own set of dependencies that are independent of distros.
  • The list are accessible from flatpak list
  • flatpak
    • install
    • run
    • override
    • --env=ENVIRONMENT_VARIABLE=VALUE
    • --filesystem=FILEPATH
      • Flatseal can be used instead.
    • build

14.1.3. Appimage

14.1.4. Snap

14.1.5. Arch User Repository

  • AUR
  • base-devel is required.
  • Download the package in the aur. Possibly through git clone
14.1.5.1. makepkg
  • Arch packages are generated by makepkg, run it in the directory.
  • -i install on build completion
  • -c clean build files
  • Install via pacman -U <package>.pkg.tar.zst, or use -i option
    • It is installed as foreign package.
14.1.5.2. aurutils
  • It provides aur command that manages a separate repo for pacman.
  • The repository is registered to pacman, in the /etc/pacman.conf. aur automatically use the first added repository.
  • The repository directory is created with install and the database file with repo-add command.
    • A repository is a directory with REPO.db.tar.gz file.
    • See aur(1)
  • aur
    • sync fetch and build
    • search

14.2. MIME Type

  • Multipurpose Internet Mail Extension, Media Type
  • It describes file formats on the internet.
  • Origianlly defined in 1996, and IANA manages it.

14.2.1. Types

  • type/[tree.]subsype[+suffix]*[; parameter]
    • type: application, audio, image, message, multipart, text, video, font, example or model
    • tree: vnd. vender, prs. personal, x. unregistered (originally x- in 1993)
    • suffix: Augmentation of media type for the structure
  • The default application for a file type is determined by looking up the MIME type in mimeinfo.cache which located in /usr/share/applications/ (and /var/lib/flatpak/exports/share/applications in the case of flatpak applications)
  • mime.cache is also present in ~/.local/share/mime/, /var/lib/flatpak/exports/share/mime/, /usr/share/mime/

14.3. Inter-Process Communication

14.3.1. D-Bus

Message bus system that provides inter-process communication

  • It consists of system-wide or user-wise daemon, and and libraries to make use of that.
    • The user-wise daemon is started in a session created by pam_systemd(8) and systemd-logind. The session bus is started alongside with the systemd --user.
14.3.1.1. Implementation
14.3.1.1.1. Address
  • Bus: unix:path=/var/run/dbus/sys_bus_socket logseq.order-list-type:: number
  • Connection: :34-907 which assigned by D-Bus, or com.mycompany.TextEditor which is determined by a well-known program. logseq.order-list-type:: number
  • Object: /com/mycompany/TextFileManager logseq.order-list-type:: number
    • busctl --user tree to see the objects
  • Interface: org.freedesktop.Hal.Manager logseq.order-list-type:: number
    • busctl --user SERVICE OBJECT to see all the interfaces and methods.
  • Member: ListNames logseq.order-list-type:: number
14.3.1.1.2. Signatures
  • The methods is annotated by an XML file with signatures. The signature manifests the argument and return types.
14.3.1.2. Utility
14.3.1.2.1. dbus-send
14.3.1.2.2. busctl
  • Part of systemd
  • --user, --system show the session bus or the system bus.
  • list list the connections. Service is the connection that is running?
  • tree show the object tree.
  • introspect see the interfaces and methods of an object

14.4. Major Programs

  • TeX
  • QEMU
  • Docker
  • Vim
  • Emacs
  • Visual Studio Code
  • KeepassXC
  • Chromium
  • Syncthing
  • Godot
  • LibreOffice
  • MuseScore
  • LMMS
  • pandoc

14.5. Others

15. Internationalization

15.1. Locale

Locale system is part of the glibc that programs can use.

15.1.1. Binary Locale File

For the system to use the locale data, binary files needs to be in /usr/lib/locale/. They contains various locale data such as datetime format (LC_TIME), currenty symbols (LC_MOENTARY) , and character classifications (LC_CTYPE).

The locale data is written as plain text in /usr/share/i18n/locales/, and they are compiled on demand by locale-gen command.

15.1.2. System Locale

The system locale is determined by the default environment variables, such as LANG, LC_CTYPE. It is stored in /etc/locale.conf, and the file can be directly modified or indirectly (and more robustly) by localectl command.

15.1.3. Local Locale

Locale can be changed locally in a session or a program by overriding the environment variable.

16. Documentations

16.1. man

  • man [options] [[section] page]
    • man man.7 man 7 man
  • man-db contain the program, and man-pages contains additional pages.

16.1.1. Options

  • -t --troff Use groff -mandoc to format the man page. Implied when -T -H are used.
  • -T[device] change the groff output suitable for device, which includes dvi, latin1, pdf, ps, utf8, X75, X100
  • -H Let groff produce HTML output.

16.1.2. Sections

  • (1): User Command
    • (2): System Call
    • (3): Library Function
    • (4): Special File — Device Files
    • (5): File Format and Filesystem
    • (6): Game and Funny Things
    • (7): Overview and Miscellaneous
    • (8): Administration and Privileged Command

16.1.3. Documentation Format

  • .pod is used.

16.2. info

  • texinfo is the package for the GNU info
  • The file format is also called Texinfo.

16.3. tldr

17. Distributions

So-called distro.

17.1. Arch-Based

17.1.1. Arch Linux

17.1.1.1. Installation

17.1.2. Artix

17.1.3. Manjaro

17.2. Debian-Based

17.2.1. Debian

17.2.2. Ubuntu

17.2.3. Linux Mint

17.3. RedHat-Based

17.3.1. RedHat

17.3.2. Fedora

17.4. OpenSUSE

17.5. Gentoo

17.6. Slackware

18. References

Created: 2025-09-14 Sun 20:13