Using the desktop environment in RHEL 8
Configuring and customizing the GNOME 3 desktop environment on RHEL 8
Abstract
Making open source more inclusive
Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.
Providing feedback on Red Hat documentation
We appreciate your input on our documentation. Please let us know how we could make it better. To do so:
For simple comments on specific passages:
- Make sure you are viewing the documentation in the Multi-page HTML format. In addition, ensure you see the Feedback button in the upper right corner of the document.
- Use your mouse cursor to highlight the part of text that you want to comment on.
- Click the Add Feedback pop-up that appears below the highlighted text.
- Follow the displayed instructions.
For submitting more complex feedback, create a Bugzilla ticket:
- Go to the Bugzilla website.
- As the Component, use Documentation.
- Fill in the Description field with your suggestion for improvement. Include a link to the relevant part(s) of documentation.
- Click Submit Bug.
Chapter 1. Getting started with GNOME
1.1. What GNOME 3 is
Red Hat Enterprise Linux 8 is shipped with the default desktop environment GNOME 3.
GNOME 3 represents a presentation layer that provides a graphical user interface as well as the focused working environment, which enables you to access all your work from one place.
1.2. GNOME environments, back ends, and display protocols
GNOME 3 provides two user environments:
- GNOME Standard
- GNOME Classic
Both environments can use two different protocols as their graphical back ends:
- The X11 protocol, which uses X.Org as the display server.
The Wayland protocol, which uses GNOME Shell as the Wayland compositor and display server.
This solution of display server is further referred as GNOME Shell on Wayland.
The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.
Additional resources
- For more information about graphics based on the Wayland protocol, see Section 2.6, “Key differences between the Wayland and X11 protocol”.
- For information on how to switch the environments, see Section 2.8, “Selecting GNOME environment and display protocol”.
1.3. Launching applications in GNOME
This section describes various approaches that you can use to launch available applications in GNOME 3.
1.3.1. Launching an application in GNOME Standard
This procedure launches a graphical application in the GNOME Standard user environment.
Prerequisites
- You are using the GNOME Standard environment.
Procedure
- Go to the Activities Overview screen.
Find the application using either of the following ways:
Click the Show Applications icon in the vertical bar on the left side.
Optionally, you can choose between displaying all or just the frequent applications by using the Frequent or All switch at the bottom of the screen.
- Start typing the name of the required application in the search entry.
- Click an application from the displayed list.
1.3.2. Launching an application in GNOME Classic
This procedure launches a graphical application in the GNOME Classic user environment.
Prerequisites
- You are using the GNOME Classic environment.
Procedure
- Go to the Applications menu.
Choose the required application from the available categories, which include:
- Favorites
- Accessories
- Internet
- Office
- Sound & Video
- Sundry
- System Tools
- Utilities
1.3.3. Launching an application in GNOME using a command
This procedure launches a graphical application in GNOME by entering a command.
Prerequisites
- You know the command that starts the application.
Procedure
Open a command prompt using either of the following ways:
- Open a terminal.
Press the Alt+F2 shortcut to open the Enter a Command screen.
- Write the command in the command prompt.
- Confirm the command by pressing Enter.
1.4. Managing desktop icons
You can enable the desktop icons functionality and move files to the desktop.
1.4.1. Desktop icons in RHEL 8
In RHEL 8, the Files application no longer provides the desktop icons functionality. Instead, desktop icons are provided by the Desktop icons GNOME Shell extension, which is available from the gnome-shell-extension-desktop-icons
package.
Desktop icons in GNOME Classic
The GNOME Classic environment includes the gnome-shell-extension-desktop-icons
package by default. Desktop icons are always on, and you cannot turn them off.
Desktop icons in GNOME Standard
In GNOME Standard, desktop icons are disabled by default.
If you have only the GNOME Standard environment available, and not GNOME Classic, you must install the gnome-shell-extension-desktop-icons
package.
1.4.2. Enabling desktop icons in GNOME Standard
This procedure enables the desktop icons functionality in the GNOME Standard environment.
Procedure
Install the
gnome-shell-extension-desktop-icons
package:# yum install gnome-shell-extension-desktop-icons
- Open the Tweaks application.
Select
→ , and enable the extension.
1.4.3. Creating a desktop icon for a file
This procedure creates a desktop icon for an existing file.
Prerequisites
- The Desktop icons extension is enabled.
Procedure
-
Move the selected file into the
~/Desktop/
directory.
Verification steps
- Check that the icon for the file appears on the desktop.
1.5. Disabling the hot corner functionality on GNOME Shell
The GNOME environment provides the hot corner functionality, which is enabled by default. This means that when you move the cursor to the area of the top left corner and press the cursor in this area, the Activities Overview menu opens automatically.
However, you may want to disable this feature to not open Activities Overview unintentionally.
To do so, you can use the following tools:
- The dconf Editor application
- The gsettings command-line utility
- The No topleft hot corner extension
The selection of the tool might depend on whether you want to disable the hot corner functionality for a single user or for all users on the system. By using dconf Editor or gsettings, you can disable hot corner only for a single user. To disable hot corner system-wide, use the No topleft hot corner extension.
1.5.1. Disabling the hot corner functionality for a single user
To disable the hot corner functionality for a single user, you can use either the dconf Editor application or the gsettings command-line utility.
1.5.1.1. Disabling hot corner using dconf Editor
To disable the hot corner functionality using the dconf Editor application, follow this procedure.
Prerequisites
The dconf Editor application is installed on the system:
# yum install dconf-editor
Procedure
- Open the dconf Editor application.
-
Choose the
org.gnome.desktop.interface
menu. Find the
enable-hot-corners
option.This option is by default set to
On
.Default settings of enable-hot-corners
Set
enable-hot-corners
toFalse
.You can do this either by:
-
Setting
enable-hot-corners
toOff
in the same window. Clicking the line with
enable-hot-corners
, and proceeding to a new window.In the new window, you can switch the hot corner feature off.
Switching the hot corner functionality off
-
Setting
Additional resources
- For more information on dconf Editor application, see Section 6.3, “Displaying GSettings values for desktop applications”.
1.5.1.2. Disabling hot corner using gsettings
To disable the hot corner functionality using the gsettings command-line utility, follow this procedure.
Procedure
Disable the hot corner feature:
$ gsettings set org.gnome.desktop.interface enable-hot-corners false
Verification steps
Optionally, verify that the hot corner feature is disabled:
$ gsettings get org.gnome.desktop.interface enable-hot-corners false
1.5.2. Disabling the hot corner functionality for all users
With the GNOME Shell extension called No topleft hot corner provided by the gnome-shell-extension-no-hot-corner
package, you can disable the hot corner feature system-wide.
Prerequisites
The
gnome-shell-extension-no-hot-corner
package is installed on the system:# yum install gnome-shell-extension-no-hot-corner
Procedure
Enable the No topleft hot corner extension by switching it on in the Tweaks tool.
For more information on how to use Tweaks, see Section 1.10, “Customizing GNOME Shell environment with the Tweaks tool”.
- Log out, and restart the user session so that the extension can take effect.
1.6. Configuring sound in GNOME
You can configure sound volume and other sound options in GNOME.
1.6.1. Sound configuration tools in GNOME
In RHEL 8, the PulseAudio sound server handles sound output and input. PulseAudio lets programs output the audio using the pulseaudio
daemon.
To configure sound, you can use one of the following graphical applications in GNOME:
- System menu
System menu is located in the top-right screen corner. It enables you only to set the intensity of the sound output or sound input through the sound bar. The sound bar for input sound is available only if you are running an application that is using an internal microphone (built-in audio), such as some teleconference tools.
- Tweaks
Tweaks enables you to configure only volume over-amplification.
- GNOME Control Center
- GNOME Control Center provides more options to configure sound.
Additional resources
-
For more information on PulseAudio, see the
pulseaudio
man page.
1.6.2. Accessing sound configuration in GNOME Control Center
This procedure opens the sound configuration screen in the GNOME Control Center application.
Procedure
Launch GNOME Control Center.
You can use one of the approaches described in Section 1.3, “Launching applications in GNOME”. Alternatively, you can also launch it from the System menu by clicking on its icon.
- In GNOME Control Center, choose from the left vertical bar.
1.6.3. Sound options in GNOME Control Center
Through the GNOME Control Center menu, you can configure the following sound options:
- Output and Input
The Output and Input menus show only the built-in audio devices unless you connect any external device that can handle sound.
The Output menu enables you to select the required profile from available analog or digital profiles that are displayed depending on available output devices.
- Sound Effects
- The Sound Effects menu sets the volume and theme of system audio alerts.
- Applications
- The Applications menu shows all currently running applications that can process sound, and allows you to amplify or lower the sound of a particular application.
The Output tab on the sound configuration screen
1.7. Handling graphics and photos
GNOME Shell provides multiple tools to handle graphics and photography.
You can check the available tools under the Graphics & Photography
menu in GNOME Software:
Open the GNOME software.
-
Go to
Graphics & Photography
.
The available tools include:
Photos
For accessing, organizing and sharing your photos.
GNU Image Manipulation Program
For creating images and editing photographs.
Inkspace
For creating and editing scalable vector graphics images.
XSane
For scanning images with a scanner.
LibreOffice Draw
For create and editing drawings, flow charts, and logos.
1.8. Handling printing
In GNOME, you can set up printing using the GNOME Control Center GUI.
1.8.1. Starting GNOME control center for setting up printing
Procedure
Use one of the approaches described in Section 1.3, “Launching applications in GNOME” to start the GNOME Control Center GUI.
Moreover, you can also start the GNOME Control center from the system menu in the top right corner by clicking on the "Settings" icon.
- When the GNOME Control center GUI appears, go to:
Devices
→ Printers
Figure 1.1. GNOME Control center configuration tool

1.8.2. Adding a new printer in GNOME Control Center
This section describes how to add a new printer using the GNOME Control Center GUI.
Prerequisites
To be able to add a new printer using the GNOME Control Center GUI, you must click on Unlock
, which appears on the right side of the top bar, and authenticate as one of the following users:
- Superuser
-
Any user with the administrative access provided by
sudo
(users listed within/etc/sudoers
) -
Any user belonging to the
printadmin
group in/etc/group

Procedure
Open the Add Printer dialog.
Select one of the available printers (including also network printers), or enter printer IP address or the hostname of a printer server.
1.8.3. Configuring a printer in GNOME Control Center
This section describes how to configure a new printer, and how to maintain a configuration of a printer using the GNOME Control Center GUI.
Displaying printer’s settings menu
Procedure
Click the "settings" button on the right to display a settings menu for the selected printer:
Displaying and modifying printer’s details
Procedure
Click
Printer Details
to display and modify selected printer’s settings:
With this menu you can:
Search for Drivers
GNOME Control Center communicates with PackageKit that searches for a suitable driver suitable in available repositories.
Select from Database
This option enables you to select a suitable driver from databases that have already been installed on the system.
Install PPD File
This option enables you to select from a list of available postscript printer description (PPD) files that can be used as a driver for your printer.

Setting the default printer
Procedure
Click
Use Printer by Default
to set the selected printer as the default printer:
Removing a printer
Procedure
Click
Remove Printer
to remove the selected printer:
1.8.4. Printing a test page in GNOME Control Center
This section describes how to print a test page to make sure that the printer functions properly.
You might want to print a test page if one of the below prerequisites is met.
Prerequisites
- A printer has been set up.
- A printer configuration has been changed.
Procedure
Click the "settings" button on the right to display a settings menu for the selected printer:
-
Click
Printing Options
→Test Page
1.8.5. Setting print options using GNOME Control Center
This section describes how to set print options using the GNOME Control Center GUI.
Procedure
Click the "settings" button on the right to display a settings menu for the selected printer:
-
Click
Printing Options
1.9. Sharing media between applications
Red Hat Enterprise Linux 8 includes the PipeWire media server, which ensures access to multimedia devices and media sharing between applications.
When running a remote desktop session on GNOME Shell on Wayland, PipeWire and the VNC server is used. The functionality of remote desktop session is provided by the gnome-remote-desktop
and pipewire
packages.
On X.Org, just VNC is needed to run a remote desktop session. This functionality on X.Org is provided by the vino
package.
PipeWire is used also with teleconference tools such as BlueJeans when running on GNOME Shell on Wayland. In such case, the pipewire service
is activated automatically when you start sharing your screen within the teleconference tool.
To check the status of the pipewire service
, run:
~]$ systemctl --user status pipewire
1.10. Customizing GNOME Shell environment with the Tweaks tool
You can customize the GNOME Shell environment for a particular user by using the Tweaks tool.
- Open Tweaks.
- To choose the required item that you want to customize, use the vertical menu on the left. For example you can choose the applications to start automatically when you log in by using the Startup Applications menu, or you can customize your top bar appearance by using the Top Bar menu.
The Tweaks tool
Customizing startup applications in Tweaks
Customizing the appearance of your top bar in Tweaks
Chapter 2. Overview of GNOME environments
You can switch between several user interfaces in GNOME. Additionally, GNOME can run on several different graphics back ends.
2.1. GNOME environments, back ends, and display protocols
GNOME 3 provides two user environments:
- GNOME Standard
- GNOME Classic
Both environments can use two different protocols as their graphical back ends:
- The X11 protocol, which uses X.Org as the display server.
The Wayland protocol, which uses GNOME Shell as the Wayland compositor and display server.
This solution of display server is further referred as GNOME Shell on Wayland.
The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.
Additional resources
- For more information about graphics based on the Wayland protocol, see Section 2.6, “Key differences between the Wayland and X11 protocol”.
- For information on how to switch the environments, see Section 2.8, “Selecting GNOME environment and display protocol”.
2.2. GNOME Standard
GNOME Standard user interface includes these major components:
- Top bar
- The horizontal bar at the top of the screen provides access to some of the basic functions of GNOME Standard, such as the Activities Overview, clock and calendar, system status icons, and the system menu.
- System menu
The system menu is located in the top right corner, and enables you:
- Updating settings
- Controlling the sound bar
- Finding information about your Wi-Fi connection
- Switching user
- Logging out
- Turning off the computer
- Activities Overview
The Activities Overview features windows and applications views that let the user run applications and windows and switch between them.
The search entry at the top allows for searching various items available on the desktop, including applications, documents, files, and configuration tools.
The vertical bar on the left side contains a list of favorite and running applications. You can add or remove applications from the default list of favorites according to your needs.
The workspace list displayed on the right side allows the user to switch between multiple workspaces, or move applications and windows from one workspace to another.
- Message tray
- The message tray provides access to pending notifications. The message tray shows when the user presses Super+M.
The GNOME 3 Standard Desktop
2.3. GNOME Classic
GNOME Classic represents a mode for users who prefer a more traditional desktop experience that is similar to GNOME 2 environment used with Red Hat Enterprise Linux 6. It is based on GNOME 3 technologies, and at the same time it includes multiple features similar to GNOME 2.
GNOME Classic user interface consists of these major components:
- Applications and Places
The Applications menu is displayed at the top left of the screen. It gives the user access to applications organized into categories. If you enable window overview, you can also open the Activities Overview from that menu.
The Places menu is displayed next to the Applications menu on the top bar. It gives the user quick access to important folders, for example Downloads or Pictures.
- Taskbar
The taskbar is displayed at the bottom of the screen, and features:
- A window list
- A notification icon displayed next to the window list
- A short identifier for the current workspace and total number of available workspaces displayed next to the notification icon
- Four available workspaces
- In GNOME Classic, the number of workspaces available to the user is by default set to 4.
- Minimize and maximize buttons
- Window titlebars in GNOME Classic feature the minimize and maximize buttons that let the user quickly minimize the windows to the window list, or maximize them to take up all of the space on the desktop.
- A traditional Super+Tab window switcher
- In GNOME Classic, windows in the Super+Tab window switcher are not grouped by application.
- System menu
The system menu is located in the top right corner, and enables the following actions:
- Updating settings
- Controlling the sound bar
- Finding information about your Wi-Fi connection
- Switching user
- Logging out
- Turning off the computer
The GNOME 3 Classic desktop with the Rhythmbox application and the Favorites submenu of the Applications menu
In GNOME Classic, the overview of windows that are open is not available by default. You can see the list of all open windows in the taskbar at the bottom of the screen. However, you can enable the windows overview similar to what is by default available in GNOME Standard by changing the default settings of the GNOME Classic environment as described in Section 2.4, “Enabling window overview in GNOME Classic”.
2.4. Enabling window overview in GNOME Classic
In GNOME Classic, the overview of open windows is not available by default. This procedure enables the window overview for all users on the system.
Enabling the window overview by this procedure is not a permanent change. Each update of the gnome-classic-session
package overwrites the configuration file to the default settings, which disable the window overview.
To keep the window overview enabled, apply the procedure after each update of gnome-classic-session
.
Procedure
-
Open the
/usr/share/gnome-shell/modes/classic.json
file as theroot
user. Find the following line in the file:
"hasOverview": false
Change the line to the following:
"hasOverview": true
-
Save changes, and close the
/usr/share/gnome-shell/modes/classic.json
file. - Restart the user session.
Verification steps
- In your GNOME Classic session, open multiple windows.
- Press the Super key to open the window overview.
In the overview, check that:
- The Dash (the vertical panel on the left side of the screen) is displayed.
- The bottom panel is not displayed.
The workspace switcher is displayed on the right side of the screen.
Window overview with "hasOverview": true
With the default settings (
"hasOverview": false
), the overview has the following features:- The Dash is not displayed.
The bottom panel is displayed. It includes the Window picker button in its left part and the workspace switcher in its right part.
Window overview with "hasOverview": false
2.5. Graphics back ends in RHEL 8
In RHEL 8, you can choose between two protocols to build a graphical user interface:
- X11
- The X11 protocol uses X.Org as the display server. Displaying graphics based on this protocol works the same way as in RHEL 7, where this was the only option.
- Wayland
- The Wayland protocol on RHEL 8 uses GNOME Shell as its compositor and display server, which is further referred as GNOME Shell on Wayland. Displaying graphics based on the Wayland protocol has some differences and limitation compared to X11.
New installations of RHEL 8 automatically select GNOME Shell on Wayland. However, you can switch to X.Org, or select the required combination of GNOME environment and display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.
Note that there are also a few environments where X.Org is preferred over GNOME Shell on Wayland, such as:
- Cirrus graphics used in a VM environment
- Matrox graphics
- Aspeed graphics
- QXL graphics used in a VM environment
- Nvidia graphics when used with the proprietary driver
The Nvidia graphics by default use nouveau
, which is an open source driver. nouveau
is supported on Wayland, hence you can use Nvidia graphics with nouveau
on GNOME Shell on Wayland without any limitations. However, using Nvidia graphics with proprietary Nvidia binary drivers is not supported on GNOME Shell on Wayland. In this case, you need to switch to X.Org as described in Section 2.8, “Selecting GNOME environment and display protocol”.
Additional resources
-
You can find the current list of environments for which Wayland is not available in the
/usr/lib/udev/rules.d/61-gdm.rules
file. - For additional information on the Wayland project, see Wayland documentation.
2.6. Key differences between the Wayland and X11 protocol
X11 applications
Client applications need to be ported to the Wayland protocol or use a graphical toolkit that has a Wayland backend, such as GTK, to be able to work natively with the compositor and display server based on Wayland.
Legacy X11 applications that cannot be ported to Wayland automatically use Xwayland as a proxy between the X11 legacy clients and the Wayland compositor. Xwayland functions both as an X11 server and a Wayland client. The role of Xwayland is to translate the X11 protocol into the Wayland protocol and reversely, so that X11 legacy applications can work with the display server based on Wayland.
On GNOME Shell on Wayland, Xwayland is started automatically at startup, which ensures that most X11 legacy applications work as expected when using GNOME Shell on Wayland. However, the X11 and Wayland protocols are different, and hence some clients relying on X11-specific features may behave differently under Xwayland. For such specific clients, you can switch to the X.Org display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.
libinput
Red Hat Enterprise Linux 8 uses a new unified input stack, libinput
, which manages all common device types, such as mice, touchpads, touchscreens, tablets, trackballs and pointing sticks. This unified stack is used both by the X.Org and by the GNOME Shell on Wayland compositor.
GNOME Shell on Wayland uses libinput
directly for all devices, and no switchable driver support is available. Under X.Org, libinput
is implemented as the X.Org libinput
driver, and driver support is outlined below.
- Mice, touchscreens, trackballs, pointing sticks
-
Red Hat Enterprise Linux 8 uses the X.Org
libinput
driver for these devices. TheX.Org evdev
driver, which was used in Red Hat Enterprise Linux 7, is available as fallback where required. - Touchpads
-
Red Hat Enterprise Linux 8 uses the X.Org
libinput
driver for touchpads. TheX.Org synaptics
driver, which was used for touchpads in Red Hat Enterprise Linux 7, is no longer available. - Graphics tablets
-
Red Hat Enterprise Linux 8 continues using the X.Org
wacom
driver, which was used for tablet devices in Red Hat Enterprise Linux 7. However, the X.Orglibinput
driver is available where required. - Other input devices
-
Red Hat Enterprise Linux 7 used the X.Org
evdev
driver for other input devices that are not included in the above categories. Red Hat Enterprise Linux 8 uses the X.Orglibinput
driver by default but can fall back to the X.Orgevdev
driver if a device is incompatible withlibinput
.
Gestures
GNOME Shell on Wayland supports new touchpad and touchscreen gestures. These gestures include:
- Switching workspaces by dragging up or down with four fingers.
- Opening the Activities overview by bringing three fingers closer together.
2.7. Current Wayland limitations
Nvidia drivers
Proprietary Nvidia binary drivers are not supported with GNOME Shell on Wayland. To avoid any complications while using the Nvidia GPU, GNOME Shell automatically falls back to X.Org, which means that the login screen does not provide any option based on the Wayland protocol.
The nouveau
driver is still supported and is the default driver for Nvidia graphics.
Remote desktop
With GNOME Shell on Wayland, VNC support is provided by the gnome-remote-desktop
package. Remote access using VNC via gnome-remote-desktop
currently requires an already logged in session, and only the primary monitor is accessible. Screen sharing with GNOME Shell on Wayland is possible using the PipeWire media server. For more details on the PipeWire media server, see PipeWire project.
For more advanced VNC usage, you need to switch to X.org, where traditional VNC tools are available. For more information, see Section 2.8, “Selecting GNOME environment and display protocol” .
X Display Manager
The X Display Manager Control Protocol (XDMCP) is not supported with GNOME Shell on Wayland.
Hence, it is not possible to use the X display manager to start a session on the X.Org display server from the same or another computer.
Additional limitations
The following additional limitations related to the Wayland protocol should be noted:
- X.Org screen manipulation utilities are not available.
-
The
xrandr
utility is not supported because Wayland handles layout, rotations, and resolutions differently. - GNOME Shell cannot be restarted using the Alt+F2 r shortcut.
-
Due to stability issues, using X.org instead of Wayland is recommended in virtual environments. The graphics based on the Wayland protocol are not available for virtual machines that use the
qxl
driver. -
Wayland does not support the custom or niche input devices that cannot be handled by the
libinput
driver.
Additional resources
-
You can find the current list of environments for which Wayland-based graphics are unavailable in the
/usr/lib/udev/rules.d/61-gdm.rules
file.
2.8. Selecting GNOME environment and display protocol
The default desktop environment for Red Hat Enterprise Linux 8 is GNOME Standard with GNOME Shell on Wayland as the display server. However, due to certain limitations of Wayland, you might want to switch the graphics protocol stack. You might also want to switch from GNOME Standard to GNOME Classic.
Procedure
From the login screen (GDM), click the cogwheel next to the Sign In button.
NoteYou cannot access this option from the lock screen. The login screen appears when you first start Red Hat Enterprise Linux 8 or when you log out of your current session.
From the drop-down menu that appears, select the option that you prefer.
NoteNote that in the menu that appears on the login screen, the X.Org display server is marked as X11 display server.
The change of GNOME environment and graphics protocol stack resulting from the above procedure is persistent across user logouts, and also when powering off or rebooting the computer.
Chapter 3. Installing applications in GNOME
This section describes various approaches that you can use to install a new application in GNOME 3.
Prerequisites
- You have administrator permissions on the system.
3.1. The GNOME Software application
GNOME Software is a utility that enables you to install and update applications and GNOME Shell extensions through a graphical environment.
GNOME Software is based on the PackageKit technology, which serves as its back end. GNOME Software offers mainly the desktop applications, which are the applications that include the *.desktop
file. The available applications are grouped into multiple categories according to their purpose.
3.2. Installing an application using GNOME Software
This procedure installs a graphical application using the GNOME Software installer.
Procedure
- Launch the GNOME Software application.
Find the application to be installed in the available categories:
- Audio & Video
- Communication & News
- Productivity
- Graphics & Photography
Add-ons
Add-ons include for example GNOME Shell extensions, codecs, or fonts.
- Developer Tools
- Utilities
Click the selected application.
Click the
button.
3.3. Installing an application to open a file type
This procedure installs an application that can open a given file type.
Procedure
- Try opening a file that is associated with an application that is currently not installed on your system.
- GNOME automatically identifies the suitable application that can open the file, and offers to download the application.
3.4. Installing an RPM package in GNOME
This paragraph is the procedure module introduction: a short description of the procedure.
Procedure
- Download the required RPM package.
In the Files application, open the directory that stores the downloaded RPM package.
NoteBy default, downloaded files are stored in the
/home/user/Downloads/
directory.- Double-click the icon of the RPM package to install it.
3.5. Installing an application from the application search in GNOME
This procedure installs a graphical application that you find in the GNOME application search.
Procedure
- Open the Activities Overview screen.
Start typing the name of the required application in the search entry.
GNOME automatically finds the application in a repository, and displays the application’s icon.
Click the application’s icon to open GNOME Software.
Click the icon of the application again.
- Click GNOME Software. to finish the installation in
3.6. Additional resources
- For installing software on the command line, see Installing software with yum.
Chapter 4. Registering the system for updates using GNOME
You must register your system in order to get software updates for your system.
This section explains how you can register your system using GNOME.
Prerequisites
A valid account with Red Hat customer portal
See the Create a Red Hat Login page for new user registration.
- Activation Key or keys, if you are registering the system with activation key
- A registration server, if you are registering system using the registration server
4.1. Registering a system using Red Hat account on GNOME
Follow the steps in this procedure to enroll your system with your Red Hat account.
Prerequisites
A valid account on Red Hat customer portal.
See the Create a Red Hat Login page for new user registration.
Procedure
- Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.
- In the → section, click .
- Select Registration Server.
- If you are not using the Red Hat server, enter the server address in the URL field.
- In the Registration Type menu, select Red Hat Account.
Under Registration Details:
- Enter your Red hat account user name in the Login field,
- Enter your Red hat account password in the Password field.
- Enter the name of your organization in the Organization field.
- Click .
4.2. Registering a system using an activation key on GNOME
Follow the steps in this procedure to register your system with an activation key. You can get the activation key from your organization administrator.
Prerequisites
Activation key or keys.
See the Activation Keys page for creating new activation keys.
Procedure
- Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.
- In the → section, click .
- Select Registration Server.
- Enter URL to the customized server, if you are not using the Red Hat server.
- In the Registration Type menu, select Activation Keys.
Under Registration Details:
Enter Activation Keys.
Separate multiple keys by a comma (,).
- Enter the name or ID of your organization in the Organization field.
- Click
4.3. Unregistering the system using GNOME
Follow the steps in this procedure to unregister your system. After unregistering, your system no longer receives software updates.
Procedure
- Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.
In the
→ section, click .The Registration Details screen appears.
Click
.A warning appears about the impact of unregistering the system.
- Click .
Chapter 5. Accessing the desktop remotely
You can connect to the desktop on a RHEL server from a remote client.
5.1. Remote desktop access options
RHEL provides several options for remotely connecting to the desktop. Each option fits a different use case:
- Single-user access using GNOME tools
This method enables remote access on the client and the server using graphical GNOME applications. It configures a Virtual Network Computing (VNC) session so that only a single user can connect to the desktop on the server at a given time.
Depending on the session type, this method uses different components to implement screen sharing:
-
In an X11 session, it uses the
vino
component. In a Wayland session, it uses the
gnome-remote-desktop
component.This method always uses display number 0. As a consequence, the VNC session always connects to the user who is logged into the server system.
The VNC client application must support
tls_anon
connections. For example, you can use the Remote Desktop Viewer (vinagre
) application on Linux systems. Before you can connect from Microsoft Windows clients, such as RealVNC, you must disable the VNC encryption on the server.
-
In an X11 session, it uses the
- Multi-user access using command-line tools
This method configures a VNC session so that multiple remote clients can connect to the server in parallel. You must first enable the VNC access on the client and the server using command-line tools.
Any VNC client application can connect to a server configured using this method.
- Accessing a single application using X11 forwarding over SSH
This method executes an SSH command on the client that launches an individual graphical on the server. The application window opens on the client.
This method is useful when you do not require a full remote desktop session.
5.2. Remotely accessing the desktop as a single user
You can remotely connect to the desktop on a RHEL server using graphical GNOME applications. Only a single user can connect to the desktop on the server at a given time.
5.2.1. Enabling desktop sharing on the server using GNOME
This procedure configures a RHEL server to enable a remote desktop connection from a single client.
Procedure
Configure a firewall rule to enable VNC access to the server:
# firewall-cmd --permanent --add-service=vnc-server
Reload firewall rules:
# firewall-cmd --reload
- Open Settings in GNOME.
Navigate to the Sharing menu:
Click Screen Sharing.
The screen sharing configuration opens:
Click the switch button in the window header to enable screen sharing:
- Select the Allow connections to control the screen check box.
- Under Access Options, select the Require a password option.
Set a password in the Password field.
Remote clients must enter this password when connecting to the desktop on the server.
5.2.3. Disabling encryption in GNOME VNC
You can disable encryption in the GNOME remote desktop solution. This enables VNC clients that do not support the encryption to connect to the server.
Procedure
As the server user, set the
/org/gnome/desktop/remote-desktop/vnc/encryption
GSettings key to['none']
:$ gsettings set org.gnome.desktop.remote-desktop.vnc encryption "['none']"
Optional: Red Hat recommends that you tunnel the VNC connection over SSH to your VNC port. As a result, the SSH tunnel keeps the connection encrypted.
For example:
On the client, configure the port forwarding:
# ssh -N -T -L 5901:server-ip-address:5901
-
Connect to the VNC session on the
localhost:5901
address.
5.3. Remotely accessing the desktop as multiple users
You can remotely connect to the desktop on a RHEL server and open multiple sessions as different users at the same time.
5.3.1. The mapping of port and display numbers to users in VNC
With VNC, the client can connect to the desktop sessions of different users on the server. A display number and a TCP port number are attached to each server user that exports a VNC session. The client uses the port number to specify which server user it connects to.
If several clients connect using the same port number, they all open a VNC session to the same server user.
You must configure a mapping for each server user that exports a VNC session. For every such user, you must pick a unique port and display number.
The recommended mapping
Red Hat recommends that you start with port number 5902 and display number 2 for the first user, and increment the numbers by one for each additional server user.
Port number 5900 and display number 0 represent the server user that is currently logged into the graphical session. You cannot start a VNC server for the user who is already logged into the graphical session.
Table 5.1. Port and display number pairs
Port number | Display number | Note |
---|---|---|
5900 | 0 | The logged-in user |
5901 | 1 | |
5902 | 2 | The first recommended VNC user |
5903 | 3 | |
… | … |
Red Hat recommends that you do not configure the root
user to export a VNC session. A root
VNC session is unsafe and certain elements of the session might not work as expected.
Firewall rules
You must open the selected ports in your firewall configuration. Allowing the vnc-server
service in your firewall opens ports from 5900 to 5903. If you need to enable access to additional server users, you must open ports above 5903 by manually specifying the port numbers.
5.3.2. VNC server configuration files
Several configuration files affect the behavior of the VNC server. You can configure the user mapping and various global options.
General options
You can configure general options of the VNC server in the /etc/tigervnc/vncserver-config-defaults
configuration file. The file uses the following format:
option1=value option2
For example:
session=gnome alwaysshared securitytypes=vncauth,tlsvnc desktop=sandbox geometry=2000x1200
The priority of configuration files
The VNC server reads the following files for general options, in order from most important to least important:
/etc/tigervnc/vncserver-config-mandatory
This file replaces the default configuration and has a higher priority than the per-user configuration. It is intended for system administrators who want to enforce particular VNC options.
$HOME/.vnc/config
Individual users can override the default VNC configuration in this file.
/etc/tigervnc/vncserver-config-defaults
This file stores the default VNC configuration.
User mapping
You can configure the mapping between users and their associated port and display numbers in the /etc/tigervnc/vncserver.users
configuration file. The file uses the following format:
:number=user
For example:
:2=test :3=vncuser
Additional resources
-
For a list of available configuration options, see the
Xvnc(1)
man page.
5.3.3. Enabling multi-user VNC access on the server
This procedure configures a RHEL server so that multiple users can open VNC sessions on it at the same time.
Prerequisites
If you previously configured VNC using systemd unit files, remove any outdated VNC configuration:
[root]# rm /etc/systemd/system/vncserver@.service
Procedure
Install the VNC server:
[root]# yum install tigervnc-server
Map users to display and port numbers.
In the
/etc/tigervnc/vncserver.users
configuration file, add a line for each server user that will export a VNC session::user-number=user-name
- Replace user-number with the port and display number mapped to the selected existing user.
- Replace user-name with the user name of the selected existing user.
For example:
:2=vncuser
Open TCP ports 5900 to 5903 in the firewall:
[root]# firewall-cmd --permanent --add-service=vnc-server
Reload the firewall rules:
[root]# firewall-cmd --reload
Add the following lines to the
/etc/tigervnc/vncserver-config-defaults
configuration file:session=gnome alwaysshared
This configuration has the following effects:
- The VNC server starts the GNOME session when a remote user logs in.
- Multiple users can connect to the VNC server at the same time.
As each server user that exports a VNC session, set the VNC password for the user:
[regular-user]$ vncpasswd
Remote clients must enter this password when connecting to the desktop on the server.
If you previously configured VNC for the user, ensure that the configuration files have the correct SELinux context:
[regular-user]$ restorecon -RFv ~/.vnc
Enable and start the VNC server unit for the regular user:
[root]# systemctl enable --now vncserver@:user-number
If the server uses the proprietary Nvidia driver, disable Wayland:
-
Uncomment the
WaylandEnable=False
line in the/etc/gdm/custom.conf
configuration file. -
Add the
DefaultSession=gnome-xorg.desktop
option to the[daemon]
section of the configuration file. - Reboot the server.
-
Uncomment the
Additional resources
- To enable VNC access to more than two server users, open TCP ports above 5903. For details, see Controlling ports using CLI or Opening ports using GUI.
5.3.4. Connecting to the VNC server as multiple users
This procedure connects to a remote desktop session using the vncviewer
application. You can open multiple connections to the remote desktop at the same time.
Prerequisites
- Remote desktop access for multiple users is enabled on the server. For details, see Section 5.3.3, “Enabling multi-user VNC access on the server”.
Procedure
Install the VNC client:
# yum install tigervnc
Connect to the VNC server:
$ vncviewer --shared server-ip:display
- Replace server-ip with the IP address of the server that you are connecting to.
- Replace display with the display number where the server user exports the VNC session.
5.4. Remotely accessing an individual application
You can remotely launch a graphical application on a RHEL server and use it from the remote client.
5.4.1. Enabling X11 forwarding on the server
This procedure configures a RHEL server so that remote clients can use graphical applications on the server over SSH.
Procedure
Install basic X11 packages:
# yum install xorg-x11-xauth xorg-x11-fonts-\* xorg-x11-utils dbus-x11
NoteYour applications might rely on additional graphical libraries.
Check that the
X11Forwarding
option is enabled in the/etc/sshd/sshd_config
configuration file:X11Forwarding yes
The option is enabled by default in RHEL. Your organization might have disabled it.
Restart the
sshd
service:# systemctl restart sshd.service
5.4.2. Launching an application remotely using X11 forwarding
This procedure accesses a graphical application on a RHEL server from a remote client using SSH.
Prerequisites
- X11 forwarding over SSH is enabled on the server. For details, see Section 5.4.1, “Enabling X11 forwarding on the server”.
Ensure that an X11 display server is running on your system:
- On RHEL, X11 is available by default in the graphical interface.
- On Microsoft Windows, install an X11 server such as Xming.
- On macOS, install the XQuartz X11 server.
Procedure
Log in to the server using SSH:
[local-user]$ ssh -X -Y remote-server
Launch the application from the command line:
[remote-user]$ application-binary
Chapter 6. Configuring GNOME at low level
6.1. Introduction to configuring GNOME
To be able to configure the GNOME Desktop Environment, you need to understand these basic terms:
- dconf
- GSettings
- gsettings
dconf has two different meanings.
Firstly, dconf is a key-based Binary Large Object (BLOB) database for storing GNOME configurations. dconf manages user settings such as GDM, application, and proxy settings, and serves as the back end for GSettings.
Secondly, dconf is a command-line utility which is used for reading and writing individual values or entire directories from and to a dconf database.
GSettings is a high-level API for application settings which serves as the front end for dconf.
gsettings is a command-line tool which is used to view and change user settings.
6.2. Managing user and system GNOME settings
dconf allows system administrators and users several levels of control over GNOME configuration:
- Administrators can define default settings that apply to all users.
- Users can override the defaults with their own settings.
- Administrators can also lock settings to prevent users from overriding them.
6.3. Displaying GSettings values for desktop applications
Viewing and editing of the GSettings values can be achieved with one of the following tools:
- dconf-editor GUI tool
- gsettings command-line utility
The dconf-editor application and gsettings utility have the following in common:
- allow browsing and changing options for system and application preferences
- allow to change preferences
- can be run by regular users, because both tools are intended to browse and modify the current user’s GSettings database
The dconf-editor provides a GUI for browsing the settings and their editing. It presents the hierarchy of settings in a tree-view and also displays additional information about each setting, including the description, type and default value.
The gsettings utility can be used to display and set dconf values. gsettings utility supports Bash completion for commands and settings. This tools also allows you to automate configuration in shell scripts.
Figure 6.1. dconf-editor showing org.gnome.destop.background GSettings keys

Prerequisites
The dconf-editor is not installed on the system by default. To install it, run the following command as the
root
user:~]# yum install dconf-editor
Procedure
- To list GSettings values in the GUI, open the dconf-editor application.
To list a specific GSettings value on the command line, use the following command:
$ gsettings get schema key
For example:
$ gsettings get org.gnome.desktop.background picture-uri
Additional resources
-
For more information on the dconf-editor tool, see the
dconf-editor(1)
man page and the dconf-editor Project documentation. -
For more information on the gsettings utility, see the
gsettings(1)
man page.
6.4. Using dconf profiles
The dconf system stores configuration in several different databases. You can configure dconf profiles, which specify the databases that dconf uses.
6.4.1. Introduction to dconf profiles
A dconf profile is a list of system’s hardware and software configuration databases, which the dconf system collects.
The dconf profiles allow you to compare identical systems to troubleshoot hardware or software problems.
The dconf system stores its profiles in the text files which can be located either within the /etc/dconf/profile/
directory or elsewhere. The $DCONF_PROFILE
environment variable can specify a relative path to the file from /etc/dconf/profile/
, or an absolute path, such as in a user’s home directory.
Note that key pairs which are set in a dconf profile override the default settings.
6.4.2. Selecting a dconf profile
On startup, dconf consults the $DCONF_PROFILE
environment to find the name of the dconf profile to open. The result depends on whether the variable is set or not:
- If set, dconf attempts to open the profile named in the variable and aborts if this step fails.
-
If not set, dconf attempts to open the profile named
user
and uses an internal hard-wired configuration if this step fails.
Each line in a dconf profile specifies one dconf database.
The first line indicates the database used to write changes. The remaining lines show read-only databases.
The following is a sample profile stored in /etc/dconf/profile/user
:
user-db:user system-db:local system-db:site
In this example, the dconf profile specifies three databases. user
is the name of the user database which can be found in ~/.config/dconf
, and local
and site
are system databases, located in /etc/dconf/db/
.
To apply a new dconf user profile to the user’s session, you need to log out and log in, because the dconf profile for a session is determined at login.
As a user or application developer, do not manipulate dconf directly. To manipulate dconf, always use the dconf-editor or the gsettings utility. The only exception to use dconf directly is when setting system-wide default configurations, because the aforementioned tools do not allow to manipulate such configurations.
6.5. Configuring custom default values
Machine-wide default settings can be set by providing a default for a key in a dconf profile. These defaults can be overridden by the user.
Prerequisites
- the user profile exists
- the value for the key was added to a dconf database
Procedure
For example, to set the default background:
Create the user profile in
/etc/dconf/profile/user
:user-db:user system-db:local
where
local
is the name of a dconf database.Create a keyfile for the local database in
/etc/dconf/db/local.d/01-background
, which contains the following default settings:# dconf path [org/gnome/desktop/background] # GSettings key names and their corresponding values picture-uri='file:///usr/local/share/backgrounds/wallpaper.jpg' picture-options='scaled' primary-color='000000' secondary-color='FFFFFF'
In the default setting of the keyfile, the following GSettings keys are used:
Table 6.1. org.gnome.desktop.background schemas GSettings Keys
Key Name Possible Values Description picture-options
"none", "wallpaper", "centered", "scaled", "stretched", "zoom", "spanned"
Determines how the image set by wallpaper_filename is rendered.
picture-uri
filename with the path
URI to use for the background image. Note that the backend only supports local
file://
URIs.primary-color
default: 000000
Left or Top color when drawing gradients, or the solid color.
secondary-color
default: FFFFFF
Right or Bottom color when drawing gradients, not used for solid color.
Edit the keyfile according to your preferences.
For more information, see Section 6.3, “Displaying GSettings values for desktop applications”.
Update the system databases:
~]# dconf update
When the user profile is created or changed, the user needs to log out and log in again before the changes will be applied.
Additional resources
-
If you want to avoid creating a user profile, you can use the dconf command-line utility to read and write individual values or entire directories from and to a dconf database. For more information, see the
dconf(1)
man page.
6.6. Locking down specific settings
By using the lockdown mode in dconf, you can prevent users from changing specific settings.
Without enforcing the system settings using a lockdown, any settings that users make take precedence over the system settings. User can thus override the system settings with their own.
Procedure
To lock down a GSettings key:
-
Create a locks subdirectory in the keyfile directory such as
/etc/dconf/db/local.d/locks/
. - Add any number of files with keys that you want to lock into this directory.
Example 6.1. Locking the settings for the default wallpaper
- Set a default wallpaper.
-
Create a new
/etc/dconf/db/local.d/locks/
directory. Create a new file in
/etc/dconf/db/local.d/locks/00-default-wallpaper
with the following contents, listing one key per line:# Prevent users from changing values for the following keys: /org/gnome/desktop/background/picture-uri /org/gnome/desktop/background/picture-options /org/gnome/desktop/background/primary-color /org/gnome/desktop/background/secondary-color
Update the system databases:
~]# dconf update
6.7. Storing user settings over NFS
For dconf to work correctly when using Network File System (NFS) home directories, the dconf keyfile back end must be used.
Note that dconf keyfile back end only works properly if the glib2-fam
package is installed. Without this package, notifications on configuration changes made on remote machines are not displayed properly.
With Red Hat Enterprise Linux 8, glib2-fam
is available in the BaseOs repository.
To set the dconf keyfile back end:
Ensure that the
glib2-fam
package is installed on the system.To verify whether the package is installed on the system:
~]# yum list installed
If
glib2-fam
is not in the list of installed packages, install it by running:~]# yum install glib2-fam
-
Create or edit the
/etc/dconf/profile/user
file on every client. At the very beginning of
/etc/dconf/profile/user file
, add the following line:service-db:keyfile/user
The dconf keyfile back end takes effect the next time that the user logs in. It polls the keyfile to determine whether updates have been made, so settings may not be updated immediately.
6.8. Setting GSettings keys properties
This section describes how to set GSettings keys properties for a single-logged user.
Each GSettings key can have only one value in a dconf database. Setting the same key to a different value at a different place of the dconf database overrides the previous value.
Values of some keys are of array type. For array type, you can specify the value of the key as a list of multiple elements separated by a comma.
To set a GSettings key of array type, follow this syntax:
key=['option1', 'option2']
The following example shows setting of the org.gnome.desktop.input-sources.xkb-options GSettings
key whose value is of array type:
Example settings of the org.gnome.desktop.input-sources.xkb-options GSettings Key
[org/gnome/desktop/input-sources] # Enable Ctrl-Alt-Backspace for all users # Set the Right Alt key as the Compose key and enable it xkb-options=['terminate:ctrl_alt_bksp', 'compose:ralt']
6.9. Working with GSettings keys on command line
This section focuses on using of the gsettings
command to configure, manipulate and manage the GSettings keys. The most frequent use cases that can be resolved by using the gsettings
command are shown.
6.9.1. Setting key value
To set a value of a key:
gsettings set SCHEMA [:PATH] KEY
Note that the value is specified as a serialised GVariant.
Example 6.2. Adding selected applications into the favorite applications key
To add selected applications among your favorite applications:
$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop', 'org.gnome.clocks.desktop']"
If the operation succeeds, no return code is shown. As a result, all listed applications are added to favorite applications. The change is valid immediately.
6.9.2. Monitoring key changes
To monitor a key for changes and print values that changed:
gsettings monitor SCHEMA [:PATH] [KEY]
Note that if the KEY argument is not specified, all keys in the schema are monitored. Monitoring continues until the process is terminated.
Example 6.3. Monitoring changes of the favorite applications key
To monitor the changes of the favorite applications
key, open two terminals and run:
In the first terminal:
$ gsettings monitor org.gnome.shell favorite-apps
In the second terminal:
$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']"
As a result, a notification whether and how favorite applications
changed is displayed in the first terminal:
favorite-apps: ['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']
6.9.3. Checking whether key is writable
To check whether a key is writable:
gsettings writable SCHEMA [:PATH] KEY
Example 6.4. Checking whether the favorite applications key is writable
To check whether the favorite applications
key is writable:
$ gsettings writable org.gnome.shell favorite-apps
As a result, the return code shows True
.
6.9.4. Checking key valid values
To check the range of valid values for a key:
gsettings range SCHEMA [:PATH] KEY
Example 6.5. Checking the range of valid values for the remember-mount-password key
To check valid values for the remember-mount-password key
:
$ gsettings range org.gnome.shell remember-mount-password
As a result, the return code displays type of the key value, which is type b
in this particular case. For more information, see GNOME developer.
6.9.5. Checking description of valid key values
To check the description of valid values for a key:
gsettings describe SCHEMA [:PATH] KEY
Example 6.6. Checking the description of valid values for the picture-uri key
To check the description of valid values for the picture-uri
key:
$ gsettings describe org.gnome.desktop.screensaver picture-uri
As a result, the following output is displayed:
URI to use for the background image. Note that the backend only supports local file://
URIs.
6.9.6. Querying key value
To get the value of a key:
gsettings get SCHEMA [:PATH] KEY VALUE
Note that the value is displayed as a serialised GVariant.
Example 6.7. Querying value of the remember-mount-password key
To get value of the remember-mount-password
key:
$ gsettings get org.gnome.shell remember-mount-password
As a result, the return code displays false
.
6.9.7. Resetting key value
To reset the value of a key:
gsettings reset SCHEMA [:PATH] KEY
If resetting succeeds, no return code is displayed. Default values are in stored dconf and gsettings-desktop-schemas files.
Example 6.8. Resetting the lock-delay key to its default value
The default value of the lock-delay
key is 0, and it is stored in the /usr/share/glib-2.0/schemas/org.gnome.desktop.screensaver.gschema.xml
file.
Users can set the value of lock-delay
as needed.
For example, to set the lock-delay
key for screensaver to 200:
$ gsettings set org.gnome.desktop.screensaver lock-delay 200
To reset the lock-delay
key for screensaver to its default value:
$ gsettings reset org.gnome.desktop.screensaver lock-delay
As a result, the value of lock-delay
value is set to 0.
6.9.8. Resetting schema
To reset a schema:
gsettings reset-recursively SCHEMA [:PATH]
Example 6.9. Resetting the org.gnome.desktop.screensaver schema to its defaults
To reset the org.gnome.desktop.screensaver
schema to its defaults:
$ gsettings reset-recursively org.gnome.desktop.screensaver
As a result, the lock-delay
value is reset to 0, and other keys within the org.gnome.desktop.screensaver
schema that were changed by user are reset to their defaults as well.
6.9.9. Listing installed non-relocatable schemas
To list installed schemas that are non-relocatable:
gsettings list-schemas [--print-paths]
If the [--print-paths]
argument is specified , the path where each schema is mapped is printed as well.
Example 6.10. Listing installed non-relocatable schemas
To list all schemas installed on your system that are non-relocatable:
$ gsettings list-schemas
As a result, a full list of schemas is returned. The following list is truncated.
org.gnome.rhythmbox.library org.gnome.shell.overrides org.gnome.system.proxy.https org.gnome.clocks org.gnome.eog.fullscreen org.gnome.login-screen org.gnome.eog.view
6.9.10. Listing schema keys
To list the keys that are in the selected schema:
gsettings list-keys SCHEMA [:PATH]
Example 6.11. Listing keys in the org.gnome.shell schema
To list keys in the org.gnome.shell
schema:
$ gsettings list-keys org.gnome.shell
As a result, a list of keys is returned. The following list is truncated.
enabled-extensions command-history remember-mount-password always-show-log-out had-bluetooth-devices-setup looking-glass-history disable-user-extensions app-picker-view disable-extension-version-validation development-tools favorite-apps
6.9.11. Listing schema children
To list children of a selected schema:
gsettings list-children SCHEMA [:PATH]
Note that the list is empty if there are no children.
Example 6.12. Listing children of the org.gnome.shell schema
To list children of the org.gnome.shell
schema:
$ gsettings list-children org.gnome.shell
As a result, the following output is returned:
keyboard org.gnome.shell.keyboard keybindings org.gnome.shell.keybindings
6.9.12. Listing schema’s keys and values
To list keys and values of a selected schema recursively:
gsettings list-recursively [SCHEMA [:PATH]]
Note that if the schema whose keys you want to list is not specified, all keys within all schemas are listed.
Example 6.13. Listing keys and values recursively
To list keys and values in all schemas recursively:
$ gsettings list-recursively
As a result, all key and values in all schemas on system are listed, as shown below. Note that the following list is truncated.
org.gnome.nautilus.desktop network-icon-visible false org.gnome.nautilus.desktop font '' org.gnome.nautilus.desktop network-icon-name 'Network Servers' org.gnome.nautilus.desktop home-icon-name 'Home' org.gnome.nautilus.desktop volumes-visible true org.gnome.Vinagre always-enable-listening false org.gnome.Vinagre always-show-tabs false org.gnome.Vinagre show-accels false org.gnome.Vinagre history-size 15 org.gnome.Vinagre shared-flag true
6.10. Acknowledgements
Certain portions of this text first appeared in the GNOME Desktop System Administration Guide. Copyright © 2014 The GNOME Project, Michael Hill, Jim Campbell, Jeremy Bicha, Ekaterina Gerasimova, minnie_eg, Aruna Sankaranarayanan, Sindhu S, Shobha Tyagi, Shaun McCance, David King, and others. Licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.
The editors of this Red Hat Enterprise Linux 8 documentation would like to thank the GNOME community members for their valuable contributions to the GNOME Desktop System Administration Guide.
Chapter 7. Configuring file associations
This section provides information on configuring RHEL to open or access files with different formats.
In GNOME, MIME (Multipurpose Internet Mail Extension) types help to identify the format of a file and applications to use to open these files.
7.1. Multipurpose Internet Mail Extension types
The GNOME desktop uses MIME types to:
- Determine which application should open a specific file format by default.
- Register other applications that can open files of a specific format.
- Set a string describing the type of a file, for example, in a file properties dialog of the files application.
- Set an icon representing a specific file format, for example, in a file properties dialog of the files application.
MIME type names follow a given format:
media-type/subtype-identifier
For example, image/jpeg
.
Here image
is a media type and jpeg
is the subtype identifier.
GNOME follows Multipurpose Internet Mail Extension (MIME) info specification from the Freedesktop.org to determine:
- The machine-wide and user-specific location to store all the MIME type specification files.
- How to register a MIME type so that the desktop environment knows which application you can use to open a specific file format.
- How users can change which applications should open with what file formats.
MIME database
The MIME database is a collection of all the MIME type specification files that GNOME uses to store information about known MIME types.
The most important part of the MIME database from the system administrator’s point of view is the /usr/share/mime/packages/
directory, where the MIME type-related files specifying information on known MIME types are stored. One example of such a file is /usr/share/mime/packages/freedesktop.org.xml
, specifying information about the standard MIME types available on the system, by default. The shared-mime-info package provides this file.
Additional resources
- For detailed information describing the MIME type system, see Shared MIME Info specifications on the Freedesktop website.
7.2. Adding a custom MIME type for all users
You must create a new MIME type specification file in the /usr/share/mime/packages/
directory and a .desktop
file in the /usr/share/applications/
directory to add a custom MIME type for all the users on the system and register a default application for that MIME type.
Procedure
Create the
/usr/share/mime/packages/application-x-newtype.xml
file with following content:<?xml version="1.0" encoding="UTF-8"?> <mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info"> <mime-type type="application/x-newtype"> <comment>new mime type</comment> <glob pattern="*.xyz"/> </mime-type> </mime-info>
The sample application-x-newtype.xml file here defines a new MIME type application/x-newtype and assigns file names with the .xyz extension to that MIME type.
Create a new
.desktop
file named, for example,myapplication1.desktop
in the/usr/share/applications/
with following content:[Desktop Entry] Type=Application MimeType=application/x-newtype Name=My Application 1 Exec=myapplication1
The sample
myapplication1.desktop
file here associates theapplication/x-newtype
MIME type with an application namedMy Application 1
. It is run by a commandmyapplication1
.As a root user, update the MIME database for your changes to take effect.
# update-mime-database /usr/share/mime
As a root user, update the application database.
# update-desktop-database /usr/share/applications
Verification steps
To verify that you have successfully associated
*.xyz
files with theapplication/x-newtype
MIME type, first create an empty file, for example test.xyz and execute the following commands:$ touch test.xyz $ gvfs-info test.xyz | grep "standard::content-type" standard::content-type: application/x-newtype
To verify
myapplication1.desktop
is correctly set as the default registered application for theapplication/x-newtype
MIME type, execute following command:$ gio mime --query application/x-newtype Default application for 'application/x-newtype': myapplication1.desktop Registered applications: myapplication1.desktop Recommended applications: myapplication1.desktop
7.3. Adding a custom MIME type for individual users
You must create a new MIME type specification file in the ~/.local/share/mime/packages/
directory and a .desktop
file in the ~/.local/share/applications/
directory to add a custom MIME type for individual users and register a default application for that MIME type.
Procedure
Create the
~/.local/share/mime/packages/application-x-newtype.xml
file with following content:<?xml version="1.0" encoding="UTF-8"?> <mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info"> <mime-type type="application/x-newtype"> <comment>new mime type</comment> <glob pattern="*.xyz"/> </mime-type> </mime-info>
The sample
application-x-newtype.xml
file here defines a new MIME typeapplication/x-newtype
and assigns file names with the.xyz
extension to that MIME type.Create a new .desktop file named, for example,
myapplication1.desktop
, and place it in the~/.local/share/applications/
directory with following content:[Desktop Entry] Type=Application MimeType=application/x-newtype Name=My Application 1 Exec=myapplication1
The sample
myapplication1.desktop
file above associates theapplication/x-newtype
MIME type with an application named My Application 1. It is run by a commandmyapplication1
.Update the MIME database for your changes to take effect:
$ update-mime-database ~/.local/share/mime
Update the application database:
$ update-desktop-database ~/.local/share/applications
Verification steps
To verify that you have successfully associated
*.xyz
files with theapplication/x-newtype
MIME type, first create an empty file, for example, test.xyz and execute the following commands:$ touch test.xyz $ gvfs-info test.xyz | grep "standard::content-type" standard::content-type: application/x-newtype
To verify that
myapplication1.desktop
is correctly set as the default registered application for theapplication/x-newtype
MIME type, execute following command:$ gio mime --query application/x-newtype Default application for 'application/x-newtype': myapplication1.desktop Registered applications: myapplication1.desktop Recommended applications: myapplication1.desktop
7.4. Options to override default MIME types
By default, the package-installed /usr/share/applications/mimeapps.list
and /usr/share/applications/gnome-mimeapps.list
files specify which application is registered to open specific MIME types.
System administrators can create the /etc/xdg/mimeapps.list
or /etc/xdg/gnome-mimeapps.list
file with a list of MIME types they want to override with the default registered application.
Local users can create the ~/.local/share/applications/mimeapps.list
or ~/.local/share/applications/gnome-mimeapps.list
file with a list of MIME types for which they want to override the default registered application.
Configurations are applied in the following order:
-
/usr/share/applications/
-
/etc/xdg/
-
~/.local/share/application/
Within a particular location, the configurations are applied in the following order:
- mimeapps.list
- gnome-mimeapps.list
7.5. Overriding default registered application for all the users
As a system administer, you can update the configuration based on the requirements. System administrator’s configuration takes precedence over default package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.
Procedure
Consult the
/usr/share/applications/mimeapps.list
file to determine the MIME types for which you want to change the default registered application. For example, the following sample of themimeapps.list
file specifies the default registered application for thetext/html
andapplication/xhtml+xml
MIME types:[Default Applications] text/html=firefox.desktop application/xhtml+xml=firefox.desktop
This example above specifies default application (Firefox) by specifying its corresponding
.desktop
file (firefox.desktop
). You can find.desktop
files for other applications in the/usr/share/applications/
directory.Create the
/etc/xdg/mimeapps.list
file and specify the MIME types and their corresponding default registered applications in this file.[Default Applications] text/html=myapplication1.desktop application/xhtml+xml=myapplication2.desktop
This example above sets the default registered application for the
text/html
MIME type tomyapplication1.desktop
andapplication/xhtml+xml
MIME type tomyapplication2.desktop
.
Verification steps
-
For these settings to function correctly, ensure that both the
myapplication1.desktop
andmyapplication2.desktop
files are placed in the/usr/share/applications/
directory. Execute the
gio mime query
command to verify that the default registered application is set correctly.$ gio mime text/html Default application for 'text/html': myapplication1.desktop Registered applications: myapplication1.desktop firefox.desktop Recommended applications: myapplication1.desktop firefox.desktop
7.6. Overriding default registered application for individual users
Individual users can also update the configuration based on the requirements. This configuration takes precedence over the system administrator’s configuration and the system administrator’s configuration takes precedence over the package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.
Procedure
Consult the
/usr/share/applications/mimeapps.list
file to determine the MIME types for which you want to change the default registered application. For example, the following sample of themimeapps.list
file specifies the default registered application for thetext/html
andapplication/xhtml+xml
MIME types:[Default Applications] text/html=firefox.desktop application/xhtml+xml=firefox.desktop
This example above specifies default application (Firefox) by specifying its corresponding
.desktop
file (firefox.desktop
). You can find.desktop
files for other applications in the/usr/share/applications/
directory.Create the
~/.local/share/applications/mimeapps.list
file and specify the MIME types and their corresponding default registered applications in this file.[Default Applications] text/html=myapplication1.desktop application/xhtml+xml=myapplication2.desktop
This example above sets the default registered application for the
text/html
MIME type tomyapplication1.desktop
andapplication/xhtml+xml
MIME type tomyapplication2.desktop
.
Verification steps
-
For these settings to function correctly, ensure that both the
myapplication1.desktop
andmyapplication2.desktop
files are placed in the/usr/share/applications/
directory. Execute the
gio mime query
command to verify that the default registered application is set correctly.$ gio mime text/html Default application for 'text/html': myapplication1.desktop Registered applications: myapplication1.desktop firefox.desktop Recommended applications: myapplication1.desktop firefox.desktop
Chapter 8. Customizing desktop appearance
This section explains how system administrators can customize appearance of the desktop environment for different users of the system.
8.1. Customizing desktop backgrounds
As a system administrator, you can configure the default desktop background, add extra backgrounds, or add multiple backgrounds using the dconf utility.
If the users of the system are not permitted to change background from the defaults, system administrator needs to lock the settings using the locks
directory. Otherwise, each user can customize the background according to their preferences.
8.1.1. Customizing the default desktop background
You can configure the default desktop background and its appearance by setting the relevant GSettings keys in the org.gnome.desktop.background
schema.
For more information about GSettings, see Section 6.1, “Introduction to configuring GNOME”.
Use the following procedure to set the default background:
Procedure
Create a local database for machine-wide settings in
/etc/dconf/db/local.d/00-background
:# Specify the dconf path [org/gnome/desktop/background] # Specify the path to the desktop background image file picture-uri='file:///usr/local/share/backgrounds/wallpaper.jpg' # Specify one of the rendering options for the background image: # 'none', 'wallpaper', 'centered', 'scaled', 'stretched', 'zoom', 'spanned' picture-options='scaled' # Specify the left or top color when drawing gradients or the solid color primary-color='000000' # Specify the right or bottom color when drawing gradients secondary-color='FFFFFF'
Optionally, if you want a user to not be able to change the default background, override the user’s setting in the
/etc/dconf/db/local.d/locks/background
file:# List the keys used to configure the desktop background /org/gnome/desktop/background/picture-uri /org/gnome/desktop/background/picture-options /org/gnome/desktop/background/primary-color /org/gnome/desktop/background/secondary-color
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
8.1.2. Adding extra backgrounds
You can make extra backgrounds available to users on your system.
Procedure
Use the
org.gnome.desktop.background
schemas to create a file in thexml
format specifying your extra background’s appearance.Table 8.1. Frequently used org.gnome.desktop.background schemas GSettings Keys
Key Name Possible Values Description picture-options
"none", "wallpaper", "centered", "scaled", "stretched", "zoom", "spanned"
Determines how the image set by wallpaper_filename is rendered.
color-shading-type
"horizontal", "vertical", and "solid"
Determines shade the background color.
primary-color
default: #023c88
Left or Top color when drawing gradients, or the solid color.
secondary-color
default: #5789ca
Right or Bottom color when drawing gradients, not used for solid color.
The full range of options can be found in the dconf-editor GUI or the gsettings command-line utility. For more information, see Section 6.3, “Displaying GSettings values for desktop applications”.
-
Store the *.xml file under the
/usr/share/gnome-background-properties/
directory.
When a user clicks their name in the top right corner, chooses Settings
, and in the Personal
section of the table selects Background
, they will see the new background available.
Example implementation of org.gnome.desktop.background GSettings keys
An example extra backgrounds file with one <wallpaper>
element
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd"> <wallpapers> <wallpaper deleted="false"> <name>Company Background</name> <name xml:lang="de">Firmenhintergrund</name> <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename> <options>zoom</options> <shade_type>solid</shade_type> <pcolor>#ffffff</pcolor> <scolor>#000000</scolor> </wallpaper> </wallpapers>
In one configuration file, you can specify multiple <wallpaper>
elements to add more backgrounds as shown in the following example with two <wallpaper>
elements, adding two different backgrounds.
An example extra backgrounds file with two <wallpaper>
elements
<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd"> <wallpapers> <wallpaper deleted="false"> <name>Company Background</name> <name xml:lang="de">Firmenhintergrund</name> <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename> <options>zoom</options> <shade_type>solid</shade_type> <pcolor>#ffffff</pcolor> <scolor>#000000</scolor> </wallpaper> <wallpaper deleted="false"> <name>Company Background 2</name> <name xml:lang="de">Firmenhintergrund 2</name> <filename>/usr/local/share/backgrounds/company-wallpaper-2.jpg</filename> <options>zoom</options> <shade_type>solid</shade_type> <pcolor>#ff0000</pcolor> <scolor>#00ffff</scolor> </wallpaper> </wallpapers>
8.1.3. Setting the screen shield
Screen shield is the screen that quickly slides down when the system is locked. It is controlled by the org.gnome.desktop.screensaver.picture-uri
GSettings key. GDM uses its own dconf profile, so you can set the default background by changing the settings in that profile.
For more information on GSettings and dconf, see Section 6.1, “Introduction to configuring GNOME”.
Procedure
Create a gdm database for machine-wide settings in
/etc/dconf/db/gdm.d/01-screensaver
:[org/gnome/desktop/screensaver] picture-uri='file:///opt/corp/background.jpg'
Replace
/opt/corp/background.jpg
with the path to the image file you want to use as the screen shield. Supported formats are PNG, JPG, JPEG, and TGA. Note that the image will be scaled if necessary to fit the screen.Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Troubleshooting
If the screen shield does not update, you can:
-
Make sure that you have updated the system databases by running the
dconf update
command as theroot
user. - Try restarting GDM.
8.2. Using GNOME Shell extensions to customize desktop environment
GNOME Shell extensions allow for the customization of the default GNOME Shell interface and its parts, such as window management and application launching.
Before deploying third-party GNOME Shell extensions on Red Hat Enterprise Linux, make sure to read the following document to learn about the Red Hat support policy for third-party software: How does Red Hat Global Support Services handle third-party software, drivers, and/or uncertified hardware/hypervisors?
8.2.1. Overview of GNOME Shell extensions
This section provides an overview of GNOME Shell extensions available on RHEL 8, including the name of the package providing a particular extension, and the description of what each extension does.
Table 8.2. Overview of available GNOME Shell extensions
Package name | Extension name | Description |
---|---|---|
gnome-shell-extension-apps-menu | apps-menu | Applications menu for GNOME Shell |
gnome-shell-extension-top-icons | Top Icons | Show legacy icons on top |
gnome-shell-extension-user-theme | user-theme | Support for custom themes in GNOME Shell |
gnome-shell-extension-drive-menu | drive-menu | Drive status menu for GNOME Shell |
gnome-shell-extension-window-list | window-list | Display a window list at the bottom of the screen in GNOME Shell |
gnome-shell-extension-dash-to-dock | Dash to Dock | Dock for the Gnome Shell by micxgx.gmail.com |
gnome-shell-extension-desktop-icons | Desktop Icons | Desktop icons support for the GNOME Classic experience |
gnome-shell-extension-no-hot-corner | nohotcorner | Disable the hot corner in GNOME Shell |
gnome-shell-extension-systemMonitor | systemMonitor | System Monitor for GNOME Shell |
gnome-shell-extension-updates-dialog | Updates Dialog | Show a modal dialog when there are software updates |
gnome-shell-extension-window-grouper | window-grouper | Keep windows that belong to the same process on the same workspace |
gnome-shell-extension-panel-favorites | panel-favorites | Favorite launchers in GNOME Shell’s top bar |
gnome-shell-extension-windowsNavigator | windowNavigator | Support for keyboard selection of windows and workspaces in GNOME shell |
gnome-shell-extension-auto-move-windows | Autom Move Windows | Assign specific workspaces to applications in GNOME Shell |
gnome-shell-extension-launch-new-instance | launch-new-instance | Always launch a new application instance for GNOME Shell |
gnome-shell-extension-workspace-indicator | workspace-indicator | Workspace indicator for GNOME Shell |
gnome-shell-extension-disable-screenshield | Disable Screen Shield | Disable GNOME Shell screen shield if lock is disabled |
gnome-shell-extension-native-window-placement | native-window-placement | Native window placement for GNOME Shell |
gnome-shell-extension-screenshot-window-sizer | screenshot-window-sizer | Screenshot window sizer for GNOME Shell |
gnome-shell-extension-horizontal-workspaces | horizontal-workspaces | Desktop icons support for the GNOME Classic experience |
gnome-shell-extension-places-menu | places-menu | Places status menu for GNOME Shell |
gnome-classic-session | – | GNOME Classic mode session |
8.2.2. Enabling machine-wide extensions
Prerequisites
To make extensions available to all users on the system, install them in the /usr/share/gnome-shell/extensions
directory.
Procedure
Create a local database file for machine-wide settings in
/etc/dconf/db/local.d/00-extensions
:[org/gnome/shell] # List all extensions that you want to have enabled for all users enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']
The
enabled-extensions
key specifies the enabled extensions using the extensions' uuid (myextension1@myname.example.com
andmyextension2@myname.example.com
).Update the system databases:
# dconf update
Users must log out and back in again before the system-wide settings take effect.
NoteThere is currently no way to enable additional extensions for users who have already logged in. This does not apply for existing users who have installed and enabled their own GNOME extensions.
8.2.3. Locking down enabled extensions
You can prevent the user from enabling or disabling extensions by locking down the org.gnome.shell.enabled-extensions
key.
Procedure
Create a local database file for machine-wide settings in
/etc/dconf/db/local.d/00-extensions
:[org/gnome/shell] # List all extensions that you want to have enabled for all users enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']
The
enabled-extensions
key specifies the enabled extensions using the extensions' uuid (myextension1@myname.example.com
andmyextension2@myname.example.com
).Override the user’s setting and prevent the user from changing it in
/etc/dconf/db/local.d/locks/extensions
:# Lock the list of mandatory extensions /org/gnome/shell/enabled-extensions
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
After locking down the org.gnome.shell.enabled-extensions
, any extensions installed in ~/.local/share/gnome-shell/extensions
or /usr/share/gnome-shell/extensions
that are not listed in the org.gnome.shell.enabled-extensions
key will not be loaded by GNOME Shell, thus preventing the user from using them.
8.2.4. Setting up mandatory extensions
In GNOME Shell, you can provide a set of extensions that the user has to use.
Prerequisites
The extensions must be installed under the /usr/share/gnome-shell/extensions
directory.
Procedure
Create a local database file for machine-wide settings in
/etc/dconf/db/local.d/00-extensions-mandatory
:[org/gnome/shell] # List all mandatory extensions enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']
The
enabled-extensions
key specifies the enabled extensions using the extensions' uuid (myextension1@myname.example.com
andmyextension2@myname.example.com
).Override the user’s setting and prevent the user from changing it in
/etc/dconf/db/local.d/locks/extensions-mandatory
:# Lock the list of mandatory extensions /org/gnome/shell/enabled-extensions
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Chapter 9. Customizing GNOME desktop features
9.1. Changing the language using desktop GUI
This section describes how to change the system language using the desktop GUI.
Prerequisites
- Required language packages are installed on your system
Procedure
Open the
GNOME Control Center
from theSystem menu
by clicking on its icon.-
In the
GNOME Control Center
, chooseRegion & Language
from the left vertical bar. Click the Language menu.
Select the required region and language from the menu.
If your region and language are not listed, scroll down, and click More to select from available regions and languages.
- Click Done.
Click Restart for changes to take effect.
Some applications do not support certain languages. The text of an application that cannot be translated into the selected language remains in US English.
Additional resources
-
For more information on how to launch the
GNOME Control Center
, see approaches described in Launching applications
9.2. Enabling the CTRL+ALT+BACKSPACE shortcut
The Ctrl+Alt+Backspace
shortcut key combination is used for terminating the X.Org display server.
You might want to terminate X.Org especially when:
- A program caused X.Org to stop working.
- You need to switch from your logged-in session quickly.
- You have launched a program that failed.
- You cannot operate in the current session.
- Your screen freezes.
To enable the Ctrl+Alt+Backspace
shortcut to forcibly terminate X.Org by default for all users, you need to set the org.gnome.desktop.input-sources.xkb-options
GSettings key.
Procedure
Create a local database for machine-wide settings in
/etc/dconf/db/local.d/00-input-sources
:[org/gnome/desktop/input-sources] # Enable Ctrl-Alt-Backspace for all users xkb-options=['terminate:ctrl_alt_bksp']
Override the user’s setting, and prevent the user from changing it in
/etc/dconf/db/local.d/locks/input-sources
:# Lock the list of enabled XKB options /org/gnome/desktop/input-sources/xkb-options
Update the system databases for the changes to take effect:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
If the Ctrl+Alt+Backspace
key combination is enabled, all users can terminate X.Org , which brings them back to the login prompt.
9.3. Disabling command-line access
To disable command-line access for a desktop user, you need to make configuration changes in a number of different contexts:
- Section 9.3.1, “Setting the org.gnome.desktop.lockdown.disable-command-line Key”
- Section 9.3.2, “Disabling virtual terminal switching on X.Org”
-
Remove Terminal and any other application that provides access to the terminal from the
Applications menu
andActivities Overview
in GNOME Shell. This is done by removing menu items for those applications.
The following steps do not remove the desktop user’s permissions to access a command line, but rather remove the ways that the desktop user could access command line.
9.3.1. Setting the org.gnome.desktop.lockdown.disable-command-line Key
This approach prevents the user from:
- Accessing the terminal
-
Specifying a command line to be executed by using the
Alt+F2
command prompt
Procedure
Create a local database for machine-wide settings in
/etc/dconf/db/local.d/00-lockdown
:[org/gnome/desktop/lockdown] # Disable command-line access disable-command-line=true
Override the user’s setting and prevent the user from changing it in
/etc/dconf/db/local.d/locks/lockdown
:# Lock the disabled command-line access /org/gnome/desktop/lockdown
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
9.3.2. Disabling virtual terminal switching on X.Org
With the X.Org display server, users can normally use the Ctrl+Alt+function
key shortcuts to switch from the GNOME Desktop and X.Org to a virtual terminal. You can disable access to all virtual terminals by modifying the X.Org configuration. The X.Org configuration should be modified by adding the DontVTSwitch
option to the Serverflags
section of an X configuration file in the /etc/X11/xorg.conf.d/
directory, as shown by the following procedure.
You cannot apply the procedure if GNOME Shell on Wayland is used as the display server.
Procedure
Create or edit an X configuration file in the
/etc/X11/xorg.conf.d/
directory:NoteBy convention, these host-specific configuration file names start with two digits and a hyphen and always have the
.conf
extension. Thus, the following file name can be/etc/X11/xorg.conf.d/10-xorg.conf
.Section "Serverflags" Option "DontVTSwitch" "yes" EndSection
- Restart the X.Org display server for the changes to take effect.
9.4. Preventing the computer from suspending when closing the lid
When closing the lid of your laptop, the computer by default suspends in order to save power. You can prevent the computer from suspending when closing the lid by changing the setting for that behavior.
Some laptops can overheat if they are left running with the lid closed, especially if they are in a confined place. Therefore, consider whether changing the default setting from suspend to an other option is beneficial in your case.
Procedure
-
Open the
/etc/systemd/logind.conf
file for editing. Find the
HandleLidSwitch=suspend
line in the file.If it is quoted out with the
#
character at the start, unquote it by removing#
.If the line is not present in the file, add it.
Replace the default
suspend
parameter with:-
lock
for the screen to lock -
ignore
for nothing to happen -
poweroff
for the computer to switch off
For example:
[Login] HandleLidSwitch=lock
-
- Save your changes, and close the editor.
Run the following command so that your changes preserve the next restart of the system:
# systemctl restart systemd-logind.service
WarningRestarting the service forcibly interrupts any currently running GNOME session of any desktop user who is logged in. This can result in users losing unsaved data.
For more information on the /etc/systemd/logind.conf
file, see the logind.conf
man page.
9.5. Changing behavior when pressing the power button in graphical target mode
When the machine is booted to a graphical login screen or user session, hitting the power
button makes the machine suspend by default. This happens both in cases when the user presses the power
button physically or when pressing a virtual power
button from a remote console. To achieve a different behavior when pressing the power
button, set the function of this button with dconf
.
For example, if you want the system to shutdown after pressing the power
button, use the following procedure:
Procedure
Create a local database for system-wide settings in the
/etc/dconf/db/local.d/01-power
file:[org/gnome/settings-daemon/plugins/power] power-button-action='interactive'
Override the user’s setting, and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/01-power
file:/org/gnome/settings-daemon/plugins/power/power-button-action
Update the system databases:
# dconf update
- Log out and back in again before the system-wide settings take effect.
This configuration initiates a system shutdown after pressing the power
button. To configure the system differently, you can set the behavior of particular buttons.
Options for particular buttons:
nothing
does nothing
suspend
suspends the system
hibernate
hibernates the system
interactive
shows a pop-up query asking the user what to do
With interactive mode, the system powers off automatically after 60 seconds when hitting the power button. However, you can choose a different behavior from the pop-up query as shown in the figure below.
Pop-up query for interactive mode
Chapter 10. Inputting uncommon characters using the Compose key
The Compose key is a feature that enables you to type special symbols or characters which are missing on your keyboard. In GNOME Desktop, you can define one of the existing keys on your keyboard as the Compose key. You can use the Compose key in combination with other keys, known as Compose key sequences, to enter special characters you type frequently.
10.1. Enabling the Compose key
You can enable the Compose key either for an individual user or for all users.
10.1.1. Enabling the Compose key for an individual user with the Tweaks application
To enable the Compose key for an individual user by Tweaks application follow these steps.
Prerequisites
The Tweaks application is installed on your system.
# yum install gnome-tweaks
Procedure
- Open the Tweaks application.
- Navigate into Keyboard & Mouse - Compose Key, and enable it.
Choose which key will be used as the Compose key from the listed keys.
10.1.2. Enabling the Compose key for an individual user using GSettings
To enable the Compose key for an individual user by gsettings command follow these steps.
Procedure
Enable the Compose key and set the compose character to right alt.
$ gsettings set org.gnome.desktop.input-sources xkb-options "['compose:ralt']"
If you want to set a different key than right alt, replace ralt with the name of the key as specified in the
man xkeyboard-config(7)
.
10.1.3. Enabling the Compose key for all users
To enable the Compose key for all users follow these steps.
Procedure
Create a
local
database for machine-wide settings and enter the following:# vim /etc/dconf/db/local.d/00-input-sources
[org/gnome/desktop/input-sources] # Set the Right Alt key as the Compose key and enable it xkb-options=['compose:ralt']
If you want to set a different key than right alt, replace ralt with the name of the key as specified in the
man xkeyboard-config(7)
.To override the user’s settings and prevent the user from changing it, create a file
/etc/dconf/db/local.d/locks/input-sources
and enter the following:# vim /etc/dconf/db/local.d/locks/input-sources
# Lock the list of enabled XKB options /org/gnome/desktop/input-sources/xkb-options
Update the system databases for changes to take effect:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
10.2. Using the Compose key to input characters
This procedure shows how to use the Compose key.
Prerequisites
- The Compose key is enabled on your system.
Procedure
- Press and release the Compose key.
- Type the key combination to get the specific symbol. For example, type A E (in capitals) to get Æ, or in lowercase to get æ.
10.3. The Compose key sequences
This section shows some of the Compose key sequences.
Table 10.1. Common sequences
First key | Second key | Third key | Result |
---|---|---|---|
o | c | © | |
d | h | ð | |
, | a | ą | |
s | s | ß | |
< | < | « | |
? | ? | ¿ | |
- | - | - | — |
^ | _ | a | ª |
= | c | € | |
1 | 4 | ¼ |
Additional resources
For more sequences refer to the X.Org webpage.
Chapter 11. Managing storage volumes in GNOME
This section describes how you can manage storage volumes in GNOME with a virtual file system. GNOME Virtual File System (GVFS) is an extension of the virtual file system interface provided by the libraries the GNOME desktop is built on.
11.1. The GVFS system
The GVFS provides complete virtual file system infrastructure and handles storage in the GNOME desktop. It uses addresses for full identification based on the URI (Uniform Resource Identifier) standard, syntactically similar to URL addresses in web browsers. These addresses in the form of schema://user@server/path
are the key information determining the kind of service.
The GVFS helps to mount the resources. These mounts are shared between multiple applications. Resources are tracked globally within the running desktop session, which means that even if you quit an application that triggered the mount, it continues to be available for any other application. Multiple applications can access the mount at the same time unless it is limited by a back end. Some protocols by design permit only a single channel.
GVFS mounts removable media in the /run/media/
directory.
11.2. The format of the GVFS URI string
You must form a URI string to use back end services. This string is a basic identifier used in GVFS, which carries all necessary information needed for unique identification, such as type of service, back end ID, absolute path, or user name if required. You can see this information in the Files address bar and GTK+ open or save file dialog.
The following example is a very basic form of the URI string and points to a root directory (/) of the FTP (File Transfer Protocol) server running at ftp.myserver.net domain:
Example: URI string pointing to the root FTP directory
ftp://ftp.myserver.net/
Example: URI string pointing to a text file
ssh://joe@ftp.myserver.net/home/joe/todo.txt
11.3. Mounting a storage volume in GNOME
In virtual file systems, particular resources are set to be mounted automatically, but the most common way is to trigger mounts manually.
Procedure
- Open the Files application.
- Press Ctrl+L to view the location bar.
Enter a well-formed URI string.
Alternatively, Files provides the Connect to server dialog, which you can find in Other locations → Connect to server.
- When asked for login credentials, enter your name and password into the relevant entry boxes.
- When the mounting process finishes, you can start working with the storage volume.
11.4. Unmounting a storage volume in GNOME
You can eject or unmount resources using the following procedure.
Procedure
- Click the Eject icon on the chosen mount.
- Wait until the mount disappears or notification about the safe removal appears.
11.5. Overview of FUSE daemon in GVFS
Applications built with the GIO library can access GVFS mounts. In addition, GVFS provides a FUSE daemon which exposes active GVFS mounts. Any application can access active GVFS mounts using the standard POSIX APIs as though mounts were regular file systems.
In certain applications, additional library dependency and new virtual file system (VFS) subsystem specifics might be unsuitable or too complicated. For such reasons and to boost compatibility, GVFS provides a File System in Userspace (FUSE) daemon, which exposes active mounts through its mount for standard Portable Operating System Interface (POSIX) access. This daemon transparently translates incoming requests to imitate a local file system for applications.
You might experience difficulties with certain combinations of applications and GVFS back ends.
The FUSE daemon starts automatically with the gvfs
master daemon and places its mount either in the /run/user/UID/gvfs/
or ~/.gvfs/
files as a fallback. Manual browsing shows individual directories for each GVFS mount. The system passes the transformed path as an argument when you are opening documents from GVFS locations with non-native applications. Note that native GIO applications automatically translate this path back to a native URI.
11.6. GIO tools and xdg-utils in GNOME
GIO provides several commands that might be useful for scripting or testing. Here is a set of POSIX commands counterparts as follows:
Commands | Description |
| Displays the content of a file. |
| Creates a new directory. |
| Renames a file. |
|
Provides access to various aspects of the |
| Sets a file attribute on a file. |
| Makes a copy of a file. |
| Lists directory contents. |
| Moves a file from one location to another. |
| Removes a file. |
|
Sends files or directories to the |
| Displays information of the given locations. |
| Reads from standard input and saves the data to the given location. |
| Lists the contents of the given locations recursively, in a tree-like format. If no location is given, it defaults to the current directory. |
Following additional commands provide more control of GIO specifics:
| Monitors files or directories for changes, such as creation, deletion, content and attribute changes, and mount and unmount operations affecting the monitored locations. |
| Lists the registered and recommended applications for the mimetype if no handler is given, else, it is set as the default handler for the mimetype. |
| Opens files with the default application that is registered to handle files of this type. |
For user convenience, bash
completion is provided as a part of the package.
All these commands are native GIO clients, there is no need for the fallback FUSE daemon to be running. Their purpose is not to be drop-in replacements for POSIX commands, in fact, a very little range of switches is supported. In their basic form, these commands take an URI string as an argument instead of a local path.
This all allows GNOME to be well-supported within xdg-tools
, a freedesktop.org interoperability project. For example, the xdg-open
utility calls gio open
when a running GNOME session is detected, and reads the file type associations from the correct location.
Additional resources
-
The
gio(1)
man page.
11.7. Executing the GIO commands
The following are a few examples of the GIO commands usage:
To lists all files in /tmp on a local file system, run:
$ gio list file:///tmp
To list contents of a text file from a remote machine:
$ gio cat ssh://joe@ftp.myserver.net/home/joe/todo.txt
To copy the referenced text file to a local /tmp directory, run:
$ gio copy ssh://joe@ftp.myserver.net/home/joe/todo.txt /tmp/
Additional resources
-
The
gio
man page.
11.8. Overview of GVFS Metadata
The GVFS metadata storage is implemented as a set of key-and-value pairs that bind information to a particular file. Thus, there is a tool for a user or application to save small data designed for runtime information such as icon position, last-played location, position in a document, emblems, notes, and so on.
Whenever you move a file or directory, GVFS moves the metadata accordingly so that metadata stays connected to the respective file. The GVFS stores all metadata privately, so metadata is available only on the machine. However, GVFS tracks mounts and removable media as well.
GVFS mounts removable media in the /run/media/
directory.
To view and manipulate with metadata, you can use:
-
the
gio info
command, -
the
gio set
command, or - any other native GIO way of working with attributes.
Additional resources
-
The
gio
man page.
11.9. Setting custom GIO metadata attribute
This procedure describes how to set a custom metadata attribute.
Notice the differences between particular gio info
calls and data persistence after a move or rename (note the gio info
command output):
Procedure
Create an empty file.
$ touch /tmp/myfile
View the metadata of this file.
$ gio info -a 'metadata::*' /tmp/myfile uri: file:///tmp/myfile attributes:
Set a string to this file.
$ gio set -t string /tmp/myfile 'metadata::mynote' 'Please remember to delete this file!'
View the metadata.
$ gio info -a 'metadata::*' /tmp/myfile uri: file:///tmp/myfile attributes: metadata::mynote: Please remember to delete this file!
Move this file to a new location.
$ gio move /tmp/myfile /tmp/newfile
View the metadata.
$ gio info -a 'metadata::*' /tmp/newfile uri: file:///tmp/newfile attributes: metadata::mynote: Please remember to delete this file!
The metadata persists when you move the file using the GIO API.
Additional resources
-
The
gio
man page.
11.10. Password management of GVFS mounts
A typical GVFS mount authenticates on its activation unless the resource allows anonymous authentication or does not require any authentication at all. In a standard GTK+ dialog, you can choose to store or not to store the password.
When you select the persistent storage, the password is stored in the user keyring
. GNOME Keyring is a central place for secrets storage. The password is encrypted and automatically unlocked on desktop session start using the password provided on login. For protecting it by a different password, you can set the password at the first use.
The Passwords and Keys application helps to manage the stored password and GNOME Keyring
. It allows removing individual records or changing passwords.
Additional resources
- For more information on Passwords and Keys, see the help manual for Passwords and Keys embedded directly in the desktop.
11.11. Accessing GVFS mounts that require authentication
This procedure describes how you can access GVFS mounts using authentication.
Procedure
- Open Files
- Activate the address bar by pressing Ctrl+L
Enter a well-formed URI string of a service that needs authentication (for example,
sftp://localhost/
).The credentials dialog appears asking for a user name, password, and password storage options.
- Fill in the credentials and confirm.
11.12. GVFS back ends
Back ends in GVFS provide access to a specific type of resource. The following is a list of available GVFS back ends and their specifications:
Some back ends are packaged separately and not installed by default. For installing additional back ends, use the yum
package manager.
Table 11.1. Available back ends
Back end | Description |
---|---|
| Similar to MTP (Media Transfer Protocol), exposes files on your Apple iDevice (connected through USB). |
| Apple Filing Protocol (AFP) client to access file services of macOS X and original Mac operation system. |
| Handles various archiving files (ZIP, TAR) in read-only way. |
| Provides admin access to the local file system. |
| A virtual back end that burning applications use as a temporary storage for new CD, DVD, or BD medium contents. |
| Exposes Audio CD through separate Waveform Audio File Format (WAV) files. |
| Virtual back end consolidating active mounts and physical volumes. Acts similarly to a signpost. Previously used by Nautilus for its Computer view. |
| WebDAV client, including secure variant. Authentication is possible only during mount. The back end does not support later re-authentication on per-folder basis. |
| DNS Service Discovery – Avahi client, used during network browsing, forms persistent URIs to discovered services. |
|
A fully featured File Transfer Protocol (FTP) client. Supports passive transfers by default. Also, handles secure mode over |
| A Picture Transfer Protocol (PTP) client to access your camera attached by USB or FireWire. |
| Provides access to Google Drive. The Google Drive account needs to be configured over Gnome online accounts. |
| Handles all HTTP requests; useful for easy downloading files from web in client applications. |
|
Simple testing back end that proxies the |
| Media Transfer Protocol back end for accessing media player and smart phone memory. |
| Allows you to browse Window Network and show shares discovered over Avahi. |
| A back end used in the file chooser dialog to list recent files used by GNOME applications. |
| A fully-featured SSH File Transfer Protocol (SFTP) client. |
| Access Samba and Windows shares. |
| A trash back end which allows to restore deleted files. |
11.13. Troubleshooting volume management in GNOME
Following are some common errors of volume management in GNOME and ways to resolve them.
11.13.1. Troubleshooting access to GVFS locations from non-GIO clients
If you have problems accessing GVFS locations from your application, it might mean that it is not native GIO client. Native GIO clients are typically all GNOME applications using GNOME libraries (glib, gio
). The gvfs-fuse
service is provided as a fallback for non-GIO clients.
Prerequisite
You have
gvfs-fuse
package installed.$ dnf install gvfs-fuse
Procedure
Ensure that
gvfs-fuse
is running.$ ps ax | grep gvfsd-fuse
Since
gvfs-fuse
runs automatically and it is not recommended to start it by yourself, try logging out and logging in, ifgvfs-fuse
is not running.Find the system user ID (UID) for the
/run/user/UID/gvfs/
path by running theid
command, thegvfsd-fuse
daemon requires a path it is supposed to expose its services at, or, when the/run/user/UID/gvfs/
path is unavailable,gvfsd-fuse
uses a.gvfs
path in your home directory.$ id -u
If
gvfsd-fuse
is still not running, start thegvfsd-fuse
daemon:$ /usr/libexec/gvfsd-fuse -f /run/user/UID/gvfs
Now, the FUSE mount is available, and you can manually browse for the path in your application.
- Find the GVFS mounts under the /run/user/UID/gvfs/ or .gvfs locations.
11.13.2. Troubleshooting an invisible connected USB disk
Under certain circumstances, when you connect a flash drive, the GNOME Desktop might not display it. If your flash drive is not visible in Files, but you can see it in Disks application, you can attempt to set the Show in user interface flag in Disks.
Procedure
- Open the Disks application.
- Go to the Additional partition option actions menu clicking the cogwheel icon and click Edit Mount Options…
- Click Show in user interface and confirm by clicking OK.
- If the flash drive is still not visible, you can try to physically remove the drive and try connecting it again.
11.13.3. Troubleshooting unknown or unwanted partitions listed in Files
Sometimes, you might see unknown or unwanted partitions when you plug a disk in. For example, when you plug in a flash disk, it is automatically mounted and its volumes are shown in the sidebar. Some devices have a special partition with backups, or help files which you might not want to see each time you plug in the device.
Procedure
- Open the Disks application.
- Go to the Additional partition option actions menu clicking the cogwheel icon and click Edit Mount Options…
- Uncheck Show in user interface.
- Confirm by clicking OK.
11.13.5. Troubleshooting a busy disk in GNOME
If you receive a notification about your disk being busy, determine the programs that are accessing the disk. Then, you can end the programs that are running. You can also use the System Monitor to kill the programs forcefully.
Prerequisites
-
You have
iotop
installed. You can install it by running as a root user:
# yum install iotop
Procedure
Examine the list of open files.
-
Run the
lsof
command to get the list of open files. -
If
lsof
is not available, run theps ax
command. - You can use the System Monitor application to display the running processes in a GUI.
-
Run the
When you have determined the programs, end or kill them as follows:
-
On the command line, execute the
kill
command. - In the System Monitor, right-click the line with the program process name, and click End or Kill from the context menu.
-
On the command line, execute the
Additional resources
-
The
kill
man page.
Chapter 12. Managing bookmarks in GNOME
In GNOME, you can edit the bookmarks that are displayed in applications and dialogs that manage files.
12.1. Bookmarks in GNOME
Bookmarks integrate into GTK+ and in the GNOME desktop. Every application that presents a standard GTK+ Open and Save dialog (GtkFileChooser
) lists bookmarks in the left panel of the dialog. Also, Files and its clones present bookmarks in a sidebar.
Besides bookmarks, GtkFileChooser
lists all other available GVFS volumes and mounts in the sidebar.
While activating a bookmark for the first time, the GVFS subsystem looks for existing mounts and tries to mount the location if the mount does not exist yet. This way, you can authenticate even within the Open or Save dialog.
Bookmarks are located in the ~/.config/gtk-3.0/bookmarks
file. In the following example, the bookmarked locations are ~/Music
, ~/Pictures
, ~/Videos
, ~/Downloads
, and ~/bin
, so the content of the ~/.config/gtk-3.0/bookmarks
file looks as follows:
file:///home/username/Music file:///home/username/Pictures file:///home/username/Videos file:///home/username/Downloads file:///home/username/bin
Replace username with the user name you are logged in.
You can use this file to edit bookmarks based on your requirements.
12.2. Adding a bookmark in Files
You can save a reference to a location by bookmarking it.
Procedure
- Select the folder or file you want to bookmark.
Do one of the following:
- Press Ctrl+D or
- Drag and drop the file or folder to the sidebar.
12.3. Bookmarks for all GNOME users
System administrators can set a group of bookmarks for all users at once by allowing access to file shares for the users. GNOME stores a list of file-sharing servers in the ~/.config/gtk-3.0/servers
file in the XBEL format. XML Bookmark Exchange Language (XBEL) is an XML standard that allows you share URIs (Uniform Resource Identifiers). It is possible to add the list of file-sharing servers to that file to make file-shares easily accessible to multiple users.
In GNOME, XBEL is used to share desktop bookmarks in applications like Files. Here is an example of creating a bookmark titled GNOME FTP with the URI ftp://ftp.gnome.org/
in the ~/.config/gtk-3.0/servers
file.
<?xml version="1.0" encoding="UTF-8"?> <xbel version="1.0" xmlns:bookmark="http://www.freedesktop.org/standards/desktop-bookmarks" xmlns:mime="http://www.freedesktop.org/standards/shared-mime-info"> <bookmark href="ftp://ftp.gnome.org/"> <title>GNOME FTP</title> </bookmark> </xbel>
Chapter 13. Customizing default favorite applications
You can customize frequently used applications as your favorite applications. You can see these favorite applications on the GNOME Shell dash in the Activities overview. You can use dconf
to set the favorite applications for an individual user or for all users.
13.1. Setting different favorite applications for individual users
You can set the default favorite applications for individual users. You can add applications into your favorite list easily using any of the methods mentioned below.
- Open the Activities overview and click Activities at the top left of the screen.
- Click the grid button to find the application you want and right-click the application icon and select Add to Favorites.
- Click-and-drag the icon into the dash.
Run the following command to view all the applications that exists in the favorite list:
dconf read /org/gnome/shell/favorite-apps
If you want to lock down the above settings to prevent users from changing them. See Chapter 15, Locking down selected tasks for more information.
13.2. Setting the same favorite applications for all users
You can modify system database files using dconf
keyfiles to set the same favorites for all users. The following steps edit the dconf
profile and then create a keyfile to set default favorite applications for all users in the local configuration database.
Procedure
Create the key file
/etc/dconf/db/local.d/00-favorite-apps
to provide information for the local database./etc/dconf/db/local.d/00-favorite-apps
contents:# Snippet sets gedit, terminal and nautilus as default favorites for all users [org/gnome/shell] favorite-apps = ['gedit.desktop', 'gnome-terminal.desktop', 'nautilus.desktop']
To prevent users from overriding these settings, create the file
/etc/dconf/db/local.d/locks/favorite-apps
with the following content:# Lock default favorite applications /org/gnome/shell/favorite-apps
-
Run the
dconf update
command to incorporate your changes into the system databases. - Logout and login again for system-wide changes to take effect.
Chapter 14. Authenticating the user in the desktop environment
You can perform the following operations:
- Configure enterprise login options in GNOME,
- Enable smart card authentication, and
- Enable fingerprint authentication.
14.1. Using enterprise credentials to authenticate in GNOME
You can use your enterprise domain credentials to access your system. This section explains how to log in using enterprise credentials in GNOME, configure enterprise credentials at the GNOME welcome screen, and add an authenticated user with enterprise credentials in GNOME.
14.1.1. Logging in with Enterprise Credentials in GNOME
You can use your domain credentials to login to GNOME if your network has an Active Directory or Identity Management domain available, and you have a domain account.
Prerequisites
System is configured to use enterprise domain accounts
For more information, see Joining the RHEL 8 system to the IdM domain using the web console
Procedure
While logging in, enter the domain user name followed by an @ sign, and then your domain name.
For example, if your domain name is example.com and the user name is User, enter:
User@example.com
NoteIf the machine is already configured for domain accounts, you should see a helpful hint describing the login format.
14.1.2. Configuring enterprise credentials at the GNOME welcome screen
Perform the following steps to configure workstation for enterprise credentials using the welcome screen that belongs to the GNOME Initial Setup program.
The initial setup runs only when you create a new user and log into that account for the first time.
Procedure
- At the login welcome screen, choose Use Enterprise Login.
- Enter your domain name into the Domain field.
- Enter your domain account user name and password.
- Click Next.
- Depending on the domain configuration, a pop up prompts for the domain administrator’s credentials.
14.1.3. Adding an authenticated user with enterprise credentials in GNOME
This procedure helps to create a new user through the GNOME Settings application. The user is authenticated using enterprise credentials.
Prerequisites
- Configured enterprise credentials at the GNOME welcome screen. For more information, see Section 14.1.2, “Configuring enterprise credentials at the GNOME welcome screen”.
Procedure
- Open the Settings window clicking icons in the top right corner of the screen.
- From the list of items, select Details > Users.
- Click Unlock and enter the administrator’s password.
- Click Add user…
- Click Enterprise Login.
- Fill out the Domain, Username, and Password fields for your enterprise account.
- Click Add.
- Depending on the domain configuration, a pop up prompts for the domain administrator’s credentials.
14.1.4. Troubleshooting enterprise login in GNOME
You can use the realm utility and its various sub-commands to troubleshoot the enterprise login configuration.
Procedure
To see whether the machine is configured for enterprise logins, run the following command:
$ realm list
Network administrators can configure and pre-join workstations to the relevant domains using the kickstart realm join
command, or running realm join
in an automated fashion from a script.
Additional resources
-
The
realm
man page.
14.2. Enabling smart card authentication
You can enable workstations to authenticate using smart cards. In order to do so, you must configure GDM to allow prompting for smart cards and configure operating system to log in using a smart card.
You can use two ways to configure the GDM to allow prompting for smart card authentication with GUI or using the command line.
14.2.1. Configuring smart card authentication in GDM using the GUI
You can enable smart card authentication using dconf
editor GUI. The dconf
Editor application helps to update the configuration-related values on a dconf database.
Prerequisites
Install the dconf-editor package:
# yum install dconf-editor
Procedure
-
Open the dconf-Editor application and navigate to
/org/gnome/login-screen
. - Turn on the enable-password-authentication option.
- Turn on the enable-smartcard-authentication option.
Additional resources
-
The
dconf-editor
man page. -
The
dconf
man page.
14.2.2. Configuring smart card authentication in GDM using the command line
You can use the dconf
command-line utility to enable the GDM login screen to recognize smart card authentication.
Procedure
Create a keyfile for the GDM database in /
etc/dconf/db/gdm.d/login-screen
, which contains the following content:[org/gnome/login-screen] enable-password-authentication='false' enable-smartcard-authentication='true'
Update the system
dconf
databases:# dconf update
Additional resources
-
The
dconf
man page.
14.2.3. Enabling the smart card authentication method in the system
For smart card authentication you can use the system-config-authentication
tool to configure the system to allow you to use smart cards. Thus, you can avail GDM as a valid authentication method for the graphical environment. The tool is provided by the authconfig-gtk package.
Prerequisites
-
Install
authconfig-gtk
package - Configure GDM for smart card authentication
Additional resources
- For details about configuring system to allow smart card authentication and the system-config-authentication tool, see Configuring smart cards using authselect
14.3. Fingerprint authentication
You can use the system-config-authentication
tool to enable fingerprint authentication to allow users to login using their enrolled fingerprints. The tool is provided by the authconfig-gtk package.
Additional resources
-
For more information about fingerprint authentication and the
system-config-authentication
tool, see the Configuring user authentication using authselect.
Chapter 15. Locking down selected tasks
This section describes how to lock down for users the following tasks:
- Printing
- File saving on disk
- Repartitioning
- User logout and user switching
15.1. Locking down printing
You can disable the print dialog from being shown to users. This can be useful if you are giving temporary access to a user or you do not want the user to print to network printers.
The feature only works in applications which support it. Not all GNOME and third party applications have this feature enabled. The changes do not have effect on applications which do not support this feature.
To prevent applications from printing, lock down the org.gnome.desktop.lockdown.disable-printing
key:
Procedure
Create the user profile in
/etc/dconf/profile/user
unless it already exists:user-db:user system-db:local
Create a local database for machine-wide settings in the
etc/dconf/db/local.d/00-lockdown
file:[org/gnome/desktop/lockdown] # Prevent applications from printing disable-printing=true
Override the user’s setting and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/lockdown
file:# List the keys used to configure lockdown /org/gnome/desktop/lockdown/disable-printing
Update the system databases:
# dconf update
Having followed these steps, applications supporting this lockdown key, such as Evolution, Evince, or Gedit, will disable printing.
15.2. Locking file saving on disk
You can disable the Save and Save As dialogs. This can be useful if you are giving temporary access to a user or you do not want the user to save files to the computer.
The feature only works in applications which support it. Not all GNOME and third party applications have this feature enabled. The changes will have no effect on applications which do not support this feature.
To prevent applications from file saving, lock down the org.gnome.desktop.lockdown.disable-save-to-disk
key:
Procedure
Create the user profile in
/etc/dconf/profile/user
unless it already exists:user-db:user system-db:local
Create a local database for machine-wide settings in the
/etc/dconf/db/local.d/00-lockdown
file:[org/gnome/desktop/lockdown] # Prevent the user from saving files on disk disable-save-to-disk=true
Override the user’s setting and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/lockdown
file:# Lock this key to disable saving files on disk /org/gnome/desktop/lockdown/disable-save-to-disk
Update the system databases:
# dconf update
Having followed these steps, applications supporting this lockdown key, for example Videos, Image Viewer, Evolution, Document Viewer, or GNOME Shell, will disable their Save As dialogs.
15.3. Locking repartitioning
polkit
enables you to set permissions for individual operations. For udisks2, the utility for disk management services, the configuration is located at /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy
. This file contains a set of actions and default values, which can be overridden by system administrator.
polkit
configuration stored in /etc
overrides the configuration shipped by packages in /usr/share/
.
Procedure
Create a file with the same content as in
/usr/share/polkit-1/actions/org.freedesktop.udisks2.policy
:cp /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy /etc/share/polkit-1/actions/org.freedesktop.udisks2.policy
Do not change the
/usr/share/polkit-1/actions/org.freedesktop.udisks2.policy
file, your changes will be overwritten by the next package update.Delete the action you do not need, and add the following lines to the
/etc/polkit-1/actions/org.freedesktop.udisks2.policy
file:<action id="org.freedesktop.udisks2.modify-device"> <message>Authentication is required to modify the disks settings</message> <defaults> <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> <allow_active>yes</allow_active> </defaults> </action>
Replace
no
byauth_admin
if you want to ensure only theroot
user is able to perform the action.- Save the changes.
When the user tries to change the disks settings, the following message is returned:
Authentication is required to modify the disks settings.
15.4. Locking down user logout and user switching
To prevent the user from logging out, use the following procedure.
Procedure
Create the
/etc/dconf/profile/user
profile, which contains the following lines:user-db:user system-db:local
where
local
is the name of a dconf database-
Create the
/etc/dconf/db/local.d/
directory if it does not already exist. Create the
/etc/dconf/db/local.d/00-logout
key file to provide information for the local database:[org/gnome/desktop/lockdown] # Prevent the user from user switching disable-log-out=true
Override the user’s setting, and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/lockdown
file:# Lock this key to disable user logout /org/gnome/desktop/lockdown/disable-log-out
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Users can evade the logout lockdown by switching to a different user. To prevent such scenario, lock down user switching as well.
To lock down user switching, use the following procedure:
Procedure
Create the
/etc/dconf/profile/user
profile, which contains the following lines:user-db:user system-db:local
where
local
is the name of a dconf database-
Create the
/etc/dconf/db/local.d/
directory if it does not already exist. Create the
/etc/dconf/db/local.d/00-user-switching
key file to provide information for the local database:[org/gnome/desktop/lockdown] # Prevent the user from user switching disable-user-switching=true
Override the user’s setting, and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/lockdown
file:# Lock this key to disable user switching /org/gnome/desktop/lockdown/disable-user-switching
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Chapter 16. Managing user sessions
16.1. What GDM is
The GNOME Display Manager (GDM) is a graphical login program running in the background that runs and manages the X.Org display servers for both local and remote logins.
GDM is a replacement for XDM, the X Display Manager. However, GDM is not derived from XDM and does not contain any original XDM code. In addition, there is no support for a graphical configuration tool in GDM, so editing the /etc/gdm/custom.conf
configuration file is necessary to change the GDM settings.
16.2. Restarting GDM
When you make changes to the system configuration such as setting up the login screen banner message, login screen logo, or login screen background, restart GDM for your changes to take effect.
Restarting the service forcibly interrupts any currently running GNOME session of any desktop user who is logged in. This can result in users losing unsaved data.
Procedure
To restart the GDM service, run the following command:
# systemctl restart gdm.service
Procedure
To display results of the GDM configuration, run the following command:
$ DCONF_PROFILE=gdm gsettings list-recursively org.gnome.login-screen
16.3. Adding an autostart application for all users
To start an application automatically when any user logs in, create a .desktop
file for that application in the /etc/xdg/autostart/
directory.
Procedure
Create a
.desktop
file in the/etc/xdg/autostart/
directory:[Desktop Entry] Type=Application Name=Files Exec=nautilus -n OnlyShowIn=GNOME; AutostartCondition=GSettings org.gnome.desktop.background show-desktop-icons
Replace
Files
with the name of the application.Replace
nautilus -n
with the command you want to use to run the application.Use the
AutostartCondition
key to check for a value of a GSettings key.The session manager runs the application automatically if the key’s value is true. If the key’s value changes in the running session, the session manager starts or stops the application, depending on what the previous value for the key was.
Additional resources
-
You can also configure autostart applications for an individual user through a graphical interface. Use the Tweaks application, which is available from the
gnome-tweaks
package.
16.4. Configuring automatic login
As an administrator, you can enable automatic login from the Users panel in GNOME Settings, or you can set up automatic login manually in the GDM custom configuration file, as follows.
Run the following procedure to set up automatic login for a user john
.
Procedure
Edit the
/etc/gdm/custom.conf
file, and make sure that the[daemon]
section in the file specifies the following:[daemon] AutomaticLoginEnable=True AutomaticLogin=john
Replace
john
with the user that you want to be automatically logged in.
16.5. Configuring automatic logout
User sessions that have been idle for a specific period of time can be ended automatically. You can set different behavior based on whether the machine is running from a battery or from mains power by setting the corresponding GSettings key, then locking it.
Users can potentially lose unsaved data if an idle session is automatically ended.
To set automatic logout for a mains powered machine:
Procedure
Create a local database for machine-wide settings in the
/etc/dconf/db/local.d/00-autologout
file:[org/gnome/settings-daemon/plugins/power] # Set the timeout to 900 seconds when on mains power sleep-inactive-ac-timeout=900 # Set action after timeout to be logout when on mains power sleep-inactive-ac-type='logout'
Override the user’s setting, and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/autologout
file:# Lock automatic logout settings /org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-timeout /org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-type
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
The following GSettings keys are of interest:
org.gnome.settings-daemon.plugins.power.sleep-inactive-ac-timeout
The number of seconds that the computer needs to be inactive before it goes to sleep if it is running from AC power.
org.gnome.settings-daemon.plugins.power.sleep-inactive-ac-type
What should happen when the timeout has passed if the computer is running from AC power.
org.gnome.settings-daemon.plugins.power.sleep-inactive-battery-timeout
The number of seconds that the computer needs to be inactive before it goes to sleep if it is running from power.
org.gnome.settings-daemon.plugins.power.sleep-inactive-battery-type
What should happen when the timeout has passed if the computer is running from battery power.
If you want to list available values for a key, use the following procedure:
Procedure
-
Run the
gsettings range
command on the required key. For example:
$ gsettings range org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type enum 'blank' 'suspend' 'shutdown' 'hibernate' 'interactive' 'nothing' 'logout'
16.6. Setting screen brightness and idle time
This section describes how to:
- Configure the drop in the brightness level
- Set brightness level
- Set idle time
Configuring the drop in the brightness level
To set the drop in the brightness level when the device has been idle for some time:
Procedure
Create a local database for machine-wide settings in the
/etc/dconf/db/local.d/00-power
file including these lines:[org/gnome/settings-daemon/plugins/power] idle-dim=true
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Setting brightness level
To set brightness level:
Procedure
Create a local database for machine-wide settings in the
/etc/dconf/db/local.d/00-power
file, as in the following example:[org/gnome/settings-daemon/plugins/power] idle-brightness=30
Replace
30
with the integer value you want to use.Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
Setting idle time
To set idle time after which the screen is blanked and the default screensaver is displayed:
Procedure
Create a local database for machine-wide settings in
/etc/dconf/db/local.d/00-session
, as in the following example:[org/gnome/desktop/session] idle-delay=uint32 900
Replace
900
with the integer value you want to use.You must include the
uint32
along with the integer value as shown.Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
16.7. Locking the screen when the user is idle
To enable the screensaver and make the screen lock automatically when the user is idle, follow this procedure:
Procedure
Create a local database for system-wide settings in the
etc/dconf/db/local.d/00-screensaver
file:[org/gnome/desktop/session] # Set the lock time out to 180 seconds before the session is considered idle idle-delay=uint32 180 [org/gnome/desktop/screensaver] # Set this to true to lock the screen when the screensaver activates lock-enabled=true # Set the lock timeout to 180 seconds after the screensaver has been activated lock-delay=uint32 180
You must include the
uint32
along with the integer key values as shown.Override the user’s setting, and prevent the user from changing it in the
/etc/dconf/db/local.d/locks/screensaver
file:# Lock desktop screensaver settings /org/gnome/desktop/session/idle-delay /org/gnome/desktop/screensaver/lock-enabled /org/gnome/desktop/screensaver/lock-delay
Update the system databases:
# dconf update
- Users must log out and back in again before the system-wide settings take effect.
16.8. Screencast recording
GNOME Shell features a built-in screencast recorder. The recorder allows users to record desktop or application activity during their session and distribute the recordings as high-resolution video files in the webm
format.
To make a screencast:
Procedure
To start the recording, press the Ctrl+Alt+Shift+R shortcut.
When the recorder is capturing the screen activity, it displays a red circle in the top-right corner of the screen.
To stop the recording, press the Ctrl+Alt+Shift+R shortcut.
The red circle in the top-right corner of the screen disappears.
-
Navigate to the
~/Videos
directory where you can find the recorded video with a file name that starts with Screencast and includes the date and time of the recording.
The built-in recorder always captures the entire screen, including all monitors in multi-monitor setups.
Chapter 17. Configuring the desktop environment for accessibility
As a system administrator, you can configure a system with the desktop environment to support users with a visual impairment.
Accessibility in Red Hat Enterprise Linux 8 desktop for the blind users is ensured by the Orca screen reader, which is included in the default installation of the operating system.
Orca reads information from the screen and communicates it to the user using:
- Speech synthesizer - provides a speech output
- Braille display - provides a tactile output
For more information on Orca settings, see Orca’s help page.
For Orca’s communication outputs to function properly, the system administrator must:
-
Configure the
brltty
service - Switch on the Always Show Universal Access Menu option
- Enable the Festival speech synthesizer
17.1. Configuring the brltty service
The Braille display is a device that uses the brltty
service to provide tactile output for visually impaired users.
In order that a Braille display works correctly, system administrators must:
17.1.1. Enabling the brltty service
The Braille display cannot work unless the brltty
service is running. By default, brltty
is disabled.
To enable brltty
to be started on boot, use the following procedure.
Procedure
To enable the
brltty
service on boot, run:# systemctl enable --now brltty
Verification steps
- Reboot the system.
Make sure that the
brltty
service is running:# systemctl status brltty ● brltty.service - Braille display driver for Linux/Unix Loaded: loaded (/usr/lib/systemd/system/brltty.service; enabled; vendor pres> Active: active (running) since Tue 2019-09-10 14:13:02 CEST; 39s ago Process: 905 ExecStart=/usr/bin/brltty (code=exited, status=0/SUCCESS) Main PID: 914 (brltty) Tasks: 3 (limit: 11360) Memory: 4.6M CGroup: /system.slice/brltty.service └─914 /usr/bin/brltty
17.1.2. Authorizing users of a Braille display device
To set the users who are authorized to use a Braille display device, you can choose one of the following methods, which have an equal effect:
Authorization using the /etc/brlapi.key
file is suitable only for the file systems where users or groups can be assigned to a file.
Authorization using the /etc/brltty.conf
file is suitable even for the file systems where users or groups cannot be assigned to a file.
17.1.2.1. Authorizing users of a Braille display device with brltty.conf
Procedure
-
Open the
/etc/brltty.conf
file, and find the section calledApplication Programming Interface Parameters
. Specify the users.
To specify one or more individual users, list the users on the following line:
api-parameters Auth=user:user_1, user_2, ... # Allow some local user
To specify a user group, enter its name on the following line:
api-parameters Auth=group:group # Allow some local group
17.1.2.2. Authorizing users of a Braille display device with brlapi.key
Authorization using the /etc/brlapi.key
file is suitable only for the file systems where users or groups can be assigned to a file.
Prerequisites
- Your system must use a file system where users or groups can be assigned to a file.
Procedure
Create the
/etc/brlapi.key
file.# mcookie > /etc/brlapi.key
Change ownership of the
/etc/brlapi.key
to particular user or group.To specify an individual user:
# chown user_1 /etc/brlapi.key
To specify a group:
# chown group_1 /etc/brlapi.key
Adjust the content of
/etc/brltty.conf
by including the following line:api-parameters Auth=keyfile:/etc/brlapi.key
17.1.3. Setting the driver for a Braille display device
The braille-driver
directive in /etc/brltty.conf
file specifies a two-letter driver identification code of the driver for the Braille display device.
Procedure
Decide whether you want to use the autodetection for finding the appropriate driver for your Braille display device.
To use autodetection, use the default option as follows:
braille-driver auto # autodetect
WarningAutodetection tries all drivers. Therefore, it might take a long time or even fail. For this reason, setting up a particular driver is recommended.
If you do not want to use the autodetection, specify the identification code of the required driver in the
braille-driver
directive.Choose the identification code of required driver from the list provided in
/etc/brltty.conf
, for example:braille-driver xw # XWindow
You can also set multiple drivers, separated by commas, and autodetection is then performed among them.
17.1.4. Configuring a Braille display device
The braille-device
directive in the /etc/brltty.conf
file specifies the device to which the Braille display device is connected.
17.1.4.1. Supported types of Braille display device
This section describes which types of Braille display devices are supported.
Table 17.1. Braille display device types and the corresponding syntax
Braille device type | Syntax of the type |
---|---|
Serial device | serial:path [a] |
USB device | [serial-number] [b] |
Bluetooth device | bluetooth:address |
[a] Relative paths are at /dev
.
[b] The brackets ([]) here indicate optionality.
Example settings for particular Braille display devices:
braille-device serial:ttyS0 # First serial device braille-device usb: # First USB device matching braille driver braille-device usb:nnnnn # Specific USB device by serial number braille-device bluetooth:xx:xx:xx:xx:xx:xx # Specific Bluetooth device by address
You can also set multiple devices, separated by commas, and each of them will be probed in turn.
If the device is connected by a serial-to-USB adapter, setting braille-device
to usb:
does not work. In this case, identify the virtual serial device that the kernel has created for the adapter. The virtual serial device can look like this:
serial:ttyUSB0
You can find the actual device name in the kernel messages on the device plug with the following command:
# dmesg | fgrep ttyUSB0
17.1.4.2. Setting specific parameters for Braille display devices
To set specific parameters for particular Braille display devices, use the braille-parameters
directive in /etc/brltty.conf
file. The braille-parameters
directive passes non-generic parameters through to the braille driver. Choose the required parameters from the list in /etc/brltty.conf
.
17.1.4.2.1. Setting the text table
The text-table
directive in /etc/brltty.conf
specifies which text table is used to encode the symbols. Relative paths to text tables are stored within the /etc/brltty/Text/
directory.
Procedure
- Decide whether you want to use the autoselection for finding the appropriate text table.
If you want to use the autoselection, leave
text-table
specified to auto, which is the default option.text-table auto # locale-based autoselection
This ensures that local-based autoselection with fallback to
en-nabcc
is performed.For example, to use the text table for American English:
text-table en_US # English (United States)
17.1.4.2.2. Setting the contraction table
The contraction-table
directive in the /etc/brltty.conf
file specifies which table is used to encode the abbreviations. Relative paths to particular contraction tables are stored within the /etc/brltty/Contraction/
directory.
Procedure
Choose the required contraction-table from the list in
/etc/brltty.conf
.For example, to use the contraction table for American English, grade 2:
contraction-table en-us-g2 # English (US, grade 2)
If not specified, no contraction table is used.
17.3. Enabling the Festival speech synthesis system
By default, Orca uses the eSpeak speech synthesizer, but it also supports the Festival speech synthesis system. Both eSpeak and Festival synthesize voice differently. Some users might prefer Festival to the default eSpeak synthesizer.
17.3.1. Enabling Festival
To enable Festival to be automatically started on boot, follow this procedure.
Prerequisites
All packages that are necessary for the Festival stack are installed on the system:
# yum install festival festival-freebsoft-utils
Procedure
Create a new systemd unit file in the
/etc/systemd/system/
directory, and make the file executable:# touch /etc/systemd/system/festival.service # chmod 664 /etc/systemd/system/festival.service
Ensure that the script in the
/usr/bin/festival_server
file is used to run Festival by adding the following content to the/etc/systemd/system/festival.service
file:[Unit] Description=Festival speech synthesis server [Service] ExecStart=/usr/bin/festival_server Type=simple
Notify systemd that a new
festival.service
file exists:# systemctl daemon-reload
Start and enable the
festival
service:# systemctl enable --now festival
17.3.2. Enabling the required voice
Festival offers multiples voices provided in these packages:
-
festvox-awb-arctic-hts
-
festvox-bdl-arctic-hts
-
festvox-clb-arctic-hts
-
festvox-kal-diphone
-
festvox-rms-arctic-hts
-
festvox-slt-arctic-hts
-
hispavoces-pal-diphone
-
hispavoces-sfl-diphone
To make a particular voice or voices that users require available, follow this procedure.
Prerequisites
You know which voices are available and which voices the users of the system prefer. For detailed information about a particular voice, run:
# yum info package_name
Procedure
To make the required voice available, install the package with this voice:
# yum install package_name
Reboot the system to apply changes:
# reboot
Chapter 18. Tablets
To manage Wacom tablets connected to your system, use the following tools:
-
The
gnome-settings-daemon
service The
Wacom Tablet
settings panel in the GNOME environmentThe Wacom Tablet settings panel for a tablet
The Wacom Tablet settings panel for a grip pen
Both these tools, as well as the libinput
stack, use the libwacom
tablet client library, which stores the data about Wacom tablets.
If you want to add support for a new tablet into the libwacom
library, you must ensure that a definition file for this new tablet exists.
18.1. Preparing a tablet definition file
The libwacom
tablet client library needs a definition file for the tablet that you want to add.
To ensure that the tablet definition file exists, follow this procedure.
Prerequisites
List all local devices recognized by
libwacom
:$ libwacom-list-local-devices
Make sure that your device is recognized in the output.
If your device is not listed, the device is missing from the
libwacom
database. However, the device might still be visible as an event device in the kernel under/proc/bus/input/devices
, and if you use the X.Org display server, in the X11 session on thexinput
list.
Procedure
Install the package that provides tablet definition files:
# yum install libwacom-data
The package installs tablet definitions in the
/usr/share/libwacom/
directory.Check whether the definition file is available in the
/usr/share/libwacom/
directory.To use the screen mapping correctly, support for your tablet must be included in the
libwacom
database and in theudev
rules file.ImportantA common indicator that a device is not supported by
libwacom
is that it works normally in a GNOME session, but the device is not correctly mapped to the screen.If the definition file for your device is not available in
/usr/share/libwacom/
, you have these options:- The required definition file may already be available in the linuxwacom/libwacom upstream repository. You can try to find the definition file there. If you find your tablet model in the list, copy the file to the local machine.
You can create a new tablet definition file. Use the
data/wacom.example
file below, and edit particular lines based on the characteristics of your device.Example 18.1. Example model file description for a tablet
[Device] # The product is the product name announced by the kernel Product=Intuos 4 WL 6x9 # Vendor name of this tablet Vendor=Wacom # DeviceMatch includes the bus (usb, serial), the vendor ID and the actual # product ID DeviceMatch=usb:056a:00bc # Class of the tablet. Valid classes include Intuos3, Intuos4, Graphire, Bamboo, Cintiq Class=Intuos4 # Exact model of the tablet, not including the size. Model=Intuos 4 Wireless # Width in inches, as advertised by the manufacturer Width=9 # Height in inches, as advertised by the manufacturer Height=6 # Optional features that this tablet supports # Some features are dependent on the actual tool used, e.g. not all styli # have an eraser and some styli have additional custom axes (e.g. the # airbrush pen). These features describe those available on the tablet. # # Features not set in a file default to false/0 [Features] # This tablet supports styli (and erasers, if present on the actual stylus) Stylus=true # This tablet supports touch. Touch=false # This tablet has a touch ring (Intuos4 and Cintiq 24HD) Ring=true # This tablet has a second touch ring (Cintiq 24HD) Ring2=false # This tablet has a vertical/horizontal scroll strip VStrip=false HStrip=false # Number of buttons on the tablet Buttons=9 # This tablet is built-in (most serial tablets, Cintiqs) BuiltIn=false
18.2. Adding support for a new tablet
To add support for a new tablet into the libwacom
tablet information client library, follow this procedure.
Prerequisites
The definition file for the tablet that you want to add exists.
For more information on ensuring that the definition file exists, see Section 18.1, “Preparing a tablet definition file”.
Procedure
Add and install the definition file with the
.tablet
suffix:# cp the-new-file.tablet /usr/share/libwacom/
Once installed, the tablet is part of the
libwacom
database. The tablet is then available throughlibwacom-list-local-devices
.Create a new
/etc/udev/rules/99-libwacom-override.rules
file with the following content so that your settings are not overwritten:ACTION!="add|change", GOTO="libwacom_end" KERNEL!="event[0-9]*", GOTO="libwacom_end" [new tablet match entries go here] LABEL="libwacom_end"
- Reboot your system.
18.3. Where is the Wacom tablet configuration stored
Configuration for your Wacom tablet is stored in GSettings in the /org/gnome/settings-daemon/peripherals/wacom/machine-id-device-id
key, where machine-id
is a D-Bus machine ID, and device-id
is a tablet device ID.
The configuration schema for the tablet is org.gnome.settings-daemon.peripherals.wacom
.
Stylus configuration is stored in the /org/gnome/settings-daemon/peripherals/wacom/device-id/tool-id
key, where tool-id
is the identifier for the stylus used for professional ranges. For the consumer ranges with no support for tool-id
, a generic identifier is used instead.
The configuration schema for the stylus is org.gnome.settings-daemon.peripherals.wacom.stylus
. The configuration schema for the eraser is org.gnome.settings-daemon.peripherals.wacom.eraser
.
18.4. Listing available Wacom tablet configuration paths
To get the full list of tablet configuration paths used on a particular machine, use the gsd-list-wacom
tool, which is provided by the gnome-settings-daemon
package.
Prerequisites
Make sure that the
gnome-settings-daemon
package is installed on your system.# yum install gnome-settings-daemon
Procedure
To get the full list of tablet configuration paths used on your machine, run the following command:
$ /usr/libexec/gsd-list-wacom
Using machine-id
, device-id
, and tool-id
in configuration paths allows for shared home directories with independent tablet configuration per machine. However, when sharing home directories between Machines, the Wacom settings apply only to one machine.
This is because the machine-id
for your Wacom tablet is included in the configuration path of the /org/gnome/settings-daemon/peripherals/wacom/machine-id-device-id GSettings
key, which stores your tablet settings.
Chapter 19. Installing applications using Flatpak
19.1. The Flatpak technology
Flatpak provides sandbox environment for application building, deployment, distribution, and installation. Applications you run using Flatpak have minimum access to the host system, which protects the system installation against third-party applications. Flatpak provides application stability regardless of your Linux kernel architecture, name, version, or release. Flatpak allows you to install and run multiple versions of the same application simultaneously.
The details of the application packaged with Flatpak are stored in the flatpakref file that uses the .flatpakref
extension. Each flatpakref file contains information enabling it to add the remote and install the application. You can access flatpakref files remotely in a remote repository, or you can download and manage them locally on your computer.
Flatpak can be used in combination with third party centralized repositories for applications packaged with Flatpak. Note that Red Hat supports Flatpak as a method of installing applications. Applications from third-party repositories are not supported by Red Hat.
19.2. Setting up Flatpak
Procedure:
To install Flatpak, use:
$ sudo yum install flatpak
19.3. Managing applications packaged with Flatpak in the graphical interface
The following section describes how to search for, install, launch, and update Flatpak applications in the graphical interface.
Prerequisites
- Installed Flatpak.
19.3.1. Installing Flatpak applications in the graphical interface
The following section describes hoe to search for applications packaged with Flatpak.
Procedure
- Go to the remote repository that hosts applications packaged with Flatpak.
- Download the flatpakref file for the application.
- Open the flatpakref file with the Software Installer.
- Click the button and wait for the installation process to be complete.
- Click the button to launch the application.
19.3.2. Updating Flatpak applications in the graphical interface
The following section describes how to make all applications update automatically.
Procedure
- Open the Software application.
Click the icon in the top left corner.
The pop-up menu appears.
Click on
.The pop-up menu appears.
- Enable Automatic Updates and Automatic Update Notifications.
19.4. Managing applications using Flatpak on the command-line
The following section describes how to search for, install, launch, and update Flatpak applications from the command-line.
Prerequisites
- Installed Flatpak.
19.4.1. Adding a remote repository
If the flatpakref file is not stored locally on your computer, it is necessary to enable the remote repository.
Procedure
To enable the remote repository, use:
$ flatpak remote-add --if-not-exists remote-repository path-to-the-remote-repository
Replace remote-repository with the name of the remote repository that hosts applications packaged with Flatpak, and path-to-the-remote-repository with the path to the remote repository.
19.4.2. Searching for Flatpak applications
Prerequisites
- Enabled remote repository.
Procedure
To search for an applications, use:
$ flatpak search application-name
The search returns the ID of the application and the remote repository that hosts the application.
19.4.3. Installing Flatpak applications
Prerequisites
- Enabled remote repository.
Procedure
To install an application, use:
$ flatpak install remote-repository application-id
Replace remote-repository with the name of the remote that hosts the application, and replace application-id with the ID of the application.
19.4.4. Launching Flatpak applications
Procedure
To launch the application, use:
$ flatpak run application-id
Replace application-id with the ID of the application.
19.4.5. Updating Flatpak applications
Procedure
To update all applications installed with Flatpak, use:
$ flatpak update