Menu Close
Settings Close

Using the desktop environment in RHEL 8

Red Hat Enterprise Linux 8

Configuring and customizing the GNOME 3 desktop environment on RHEL 8

Red Hat Customer Content Services

Abstract

This document describes how to customize and use GNOME 3, which is the only desktop environment available in RHEL 8. The basics of using GNOME Shell and displaying the graphics are given, as well as the instructions for system administrators for configuring GNOME on a low level and customizing the desktop environment for multiple users. The documentation also describes how to handle selected system administration tasks using the desktop environment.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. We are beginning with these four terms: master, slave, blacklist, and whitelist. Because of the enormity of this endeavor, these changes will be implemented gradually over several upcoming releases. For more details, see our CTO Chris Wright’s message.

Providing feedback on Red Hat documentation

We appreciate your feedback on our documentation. Let us know how we can improve it.

Submitting comments on specific passages

  1. View the documentation in the Multi-page HTML format and ensure that you see the Feedback button in the upper right corner after the page fully loads.
  2. Use your cursor to highlight the part of the text that you want to comment on.
  3. Click the Add Feedback button that appears near the highlighted text.
  4. Add your feedback and click Submit.

Submitting feedback through Bugzilla (account required)

  1. Log in to the Bugzilla website.
  2. Select the correct version from the Version menu.
  3. Enter a descriptive title in the Summary field.
  4. Enter your suggestion for improvement in the Description field. Include links to the relevant parts of the documentation.
  5. Click Submit Bug.

Chapter 1. Getting started with GNOME

1.1. What GNOME 3 is

Red Hat Enterprise Linux 8 is shipped with the default desktop environment GNOME 3.

GNOME 3 represents a presentation layer that provides a graphical user interface as well as the focused working environment, which enables you to access all your work from one place.

1.2. GNOME environments, back ends, and display protocols

GNOME 3 provides two user environments:

  • GNOME Standard
  • GNOME Classic

Both environments can use two different protocols as their graphical back ends:

  • The X11 protocol, which uses X.Org as the display server.

  • The Wayland protocol, which uses GNOME Shell as the Wayland compositor and display server.

    This solution of display server is further referred as GNOME Shell on Wayland.

The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.

Additional resources

1.3. Launching applications in GNOME

This section describes various approaches that you can use to launch available applications in GNOME 3.

1.3.1. Launching an application in GNOME Standard

This procedure launches a graphical application in the GNOME Standard user environment.

Prerequisites

  • You are using the GNOME Standard environment.

Procedure

  1. Go to the Activities Overview screen.

  2. Find the application using either of the following ways:

    • Click the Show Applications icon in the vertical bar on the left side.

      Optionally, you can choose between displaying all or just the frequent applications by using the Frequent or All switch at the bottom of the screen.

      launching applications new

    • Start typing the name of the required application in the search entry.
  3. Click an application from the displayed list.

1.3.2. Launching an application in GNOME Classic

This procedure launches a graphical application in the GNOME Classic user environment.

Prerequisites

  • You are using the GNOME Classic environment.

Procedure

  1. Go to the Applications menu.

  2. Choose the required application from the available categories, which include:

    • Favorites
    • Accessories
    • Internet
    • Office
    • Sound & Video
    • Sundry
    • System Tools
    • Utilities

1.3.3. Launching an application in GNOME using a command

This procedure launches a graphical application in GNOME by entering a command.

Prerequisites

  • You know the command that starts the application.

Procedure

  1. Open a command prompt using either of the following ways:

    • Open a terminal.

    • Press the Alt+F2 shortcut to open the Enter a Command screen.

      enter a command screen new

  2. Write the command in the command prompt.
  3. Confirm the command by pressing Enter.

1.4. Managing desktop icons

You can enable the desktop icons functionality and move files to the desktop.

1.4.1. Desktop icons in RHEL 8

In RHEL 8, the Files application no longer provides the desktop icons functionality. Instead, desktop icons are provided by the Desktop icons GNOME Shell extension, which is available from the gnome-shell-extension-desktop-icons package.

Desktop icons in GNOME Classic

The GNOME Classic environment includes the gnome-shell-extension-desktop-icons package by default. Desktop icons are always on, and you cannot turn them off.

Desktop icons in GNOME Standard

In GNOME Standard, desktop icons are disabled by default.

If you have only the GNOME Standard environment available, and not GNOME Classic, you must install the gnome-shell-extension-desktop-icons package.

1.4.2. Enabling desktop icons in GNOME Standard

This procedure enables the desktop icons functionality in the GNOME Standard environment.

Procedure

  1. Open the Tweaks application.

  2. Select ExtensionsDesktop icons, and enable the extension.

    desktop icons on

1.4.3. Creating a desktop icon for a file

This procedure creates a desktop icon for an existing file.

Prerequisites

  • The Desktop icons extension is enabled.

Procedure

  • Move the selected file into the ~/Desktop/ directory.

Verification steps

  • Check that the icon for the file appears on the desktop.

1.5. Disabling the hot corner functionality on GNOME Shell

The GNOME environment provides the hot corner functionality, which is enabled by default. This means that when you move the cursor to the area of the upper-left corner and push the cursor to the screen corner, the Activities Overview menu opens automatically.

However, you may want to disable this feature to not open Activities Overview unintentionally.

To do so, you can use the following tools:

  • The dconf Editor application
  • The gsettings command-line utility
  • The No topleft hot corner extension

The selection of the tool might depend on whether you want to disable the hot corner functionality for a single user or for all users on the system. By using dconf Editor or gsettings, you can disable hot corner only for a single user. To disable hot corner system-wide, use the No topleft hot corner extension.

1.5.1. Disabling the hot corner functionality for a single user

To disable the hot corner functionality for a single user, you can use either the dconf Editor application or the gsettings command-line utility.

1.5.1.1. Disabling hot corner using dconf Editor

To disable the hot corner functionality using the dconf Editor application, follow this procedure.

Note

This procedure disables the hot corner functionality for a single user.

Prerequisites

  • The dconf Editor application is installed on the system: 

    # yum install dconf-editor

Procedure

  1. Open the dconf Editor application.
  2. Choose the org.gnome.desktop.interface menu.

  3. Find the enable-hot-corners option.

    This option is by default set to On.

    Default settings of enable-hot-corners

    dconf enable hot corners 1

  4. Set enable-hot-corners to Off.

    You can do this either by:

    • Setting enable-hot-corners to Off in the same window.

    • Clicking the line with enable-hot-corners, and proceeding to a new window.

      In the new window, you can switch the hot corner feature off.

      Switching the hot corner functionality off

      dconf enable hot corners 2

Additional resources

1.5.1.2. Disabling hot corner using gsettings

To disable the hot corner functionality using the gsettings command-line utility, follow this procedure.

Note

This procedure disables the hot corner functionality for a single user.

Procedure

  • Disable the hot corner feature: 

    $ gsettings set org.gnome.desktop.interface enable-hot-corners false

Verification steps

  • Optionally, verify that the hot corner feature is disabled: 

    $ gsettings get org.gnome.desktop.interface enable-hot-corners

false

1.5.2. Disabling the hot corner functionality for all users

With the GNOME Shell extension called No topleft hot corner provided by the gnome-shell-extension-no-hot-corner package, you can disable the hot corner feature system-wide.

Prerequisites

  • The gnome-shell-extension-no-hot-corner package is installed on the system: 

    # yum install gnome-shell-extension-no-hot-corner

Procedure

  1. Enable the No topleft hot corner extension by switching it on in the Tweaks tool.

    For more information on how to use Tweaks, see Section 1.10, “Customizing GNOME Shell environment with the Tweaks tool”.

  2. Log out, and restart the user session so that the extension can take effect.

1.6. Configuring sound in GNOME

You can configure sound volume and other sound options in GNOME.

1.6.1. Sound configuration tools in GNOME

In RHEL 8, the PulseAudio sound server handles sound output and input. PulseAudio lets programs output the audio using the pulseaudio daemon.

To configure sound, you can use one of the following graphical applications in GNOME:

System menu

The system menu is located in the top-right screen corner. It enables you only to set the intensity of the sound output or sound input through the sound bar. The sound bar for input sound is available only if you are running an application that is using an internal microphone (built-in audio), such as some teleconference tools.

system menu sound new

GNOME Control Center

The GNOME Control Center (Settings) application provides other general options to configure sound.

Tweaks

The Tweaks application enables you to configure only volume over-amplification.

tweaks sound

Additional resources

  • For more information on PulseAudio, see the pulseaudio man page.

1.6.2. Accessing sound configuration in GNOME Control Center

This procedure opens the sound configuration screen in the GNOME Control Center application.

Procedure

  1. Launch GNOME Control Center.

    You can use one of the approaches described in Section 1.3, “Launching applications in GNOME”. Alternatively, you can also launch it from the system menu by clicking on its icon.

    system menu gcc new

  2. In GNOME Control Center, choose Sound from the left vertical bar.

1.6.3. Sound options in GNOME Control Center

Through the Sound menu in GNOME Control Center, you can configure the following sound options:

Output and Input

The Output and Input menus show only the built-in audio devices unless you connect any external device that can handle sound.

The Output menu enables you to select the required profile from available analog or digital profiles that are displayed depending on available output devices.

Sound Effects
The Sound Effects menu sets the volume and theme of system audio alerts.
Applications
The Applications menu shows all currently running applications that can process sound, and allows you to amplify or lower the sound of a particular application.

The Output tab on the sound configuration screen

gcc sound

1.7. Handling graphics and photos

GNOME provides multiple tools to handle graphics and photography.

You can check the available tools under the Graphics & Photography menu in GNOME Software.

Procedure

  1. Open GNOME Software.

    gnome software1

  2. Go to Graphics & Photography. gnome software graphics and photo

  3. Browse the available tools, such as the following:

    Photos
    For accessing, organizing and sharing your photos.
    GNU Image Manipulation Program
    For creating images and editing photographs.
    Inkspace
    For creating and editing scalable vector graphics images.
    XSane
    For scanning images with a scanner.
    LibreOffice Draw
    For create and editing drawings, flow charts, and logos.

1.8. Handling printing

In GNOME, you can set up printing using the Settings application.

1.8.1. Starting the Settings application for setting up printing

Procedure

  1. Use one of the approaches described in Section 1.3, “Launching applications in GNOME” to start the Settings application.

    Moreover, you can also start the Settings application from the system menu in the top right corner by clicking on the "Settings" icon.

    system menu gcc new

  2. When the Settings application appears, go to DevicesPrinters.

    Figure 1.1. Settings configuration tool

    gnome control center add printer

1.8.2. Adding a new printer in Settings

This section describes how to add a new printer using the Settings application.

Prerequisites

  • Click the Unlock button, which appears near the upper-right corner of the Printers screen, and authenticate as one of the following users:

    • Superuser
    • Any user with the administrative access provided by sudo (users listed within /etc/sudoers)
    • Any user belonging to the printadmin group in /etc/group
    add printer gcc unlock authenticate

Procedure

  1. Open the Add Printer dialog.

    gnome control center add printer

  2. Select one of the available printers (including also network printers), or enter printer IP address or the host name of a printer server.

    gnome control center select printer
    gnome control center add network printer

1.8.3. Configuring a printer in the Settings application

This section describes how to configure a new printer, and how to maintain a configuration of a printer using the Settings application.

Displaying printer’s settings menu

Procedure

  • Click the settings (⚙️) button on the right to display a settings menu for the selected printer:

    gnome control center printer settings
Displaying and modifying printer’s details

Procedure

  • Click Printer Details to display and modify selected printer’s settings:

    gnome control center printer details

    In this menu, you can select the following actions:

    Search for Drivers
    GNOME Control Center communicates with PackageKit that searches for a suitable driver suitable in available repositories.
    Select from Database
    This option enables you to select a suitable driver from databases that have already been installed on the system.
    Install PPD File
    This option enables you to select from a list of available postscript printer description (PPD) files that can be used as a driver for your printer.
gnome control center printer details more
Setting the default printer

Procedure

  • Click Use Printer by Default to set the selected printer as the default printer:

    gnome control center default printer
Removing a printer

Procedure

  • Click Remove Printer to remove the selected printer:

    gnome control center remove printer

1.8.4. Printing a test page in the Setting application

This section describes how to print a test page to make sure that the printer functions properly.

You might want to print a test page if one of the below prerequisites is met.

Prerequisites

  • A printer has been set up.
  • A printer configuration has been changed.

Procedure

  1. Click the settings (⚙️) button on the right to display a settings menu for the selected printer:

    gnome control center printer settings
  2. Click Printing OptionsTest Page.

1.8.5. Setting print options using the Settings application

This section describes how to set print options using the Settings application.

Procedure

  1. Click the settings (⚙️) button on the right to display a settings menu for the selected printer:

    gnome control center printer settings
  2. Click Printing Options.

1.9. Sharing media between applications

Red Hat Enterprise Linux 8 includes the PipeWire media server, which ensures access to multimedia devices and media sharing between applications.

When running a remote desktop session on GNOME Shell on Wayland, PipeWire and the VNC server is used. The functionality of remote desktop session is provided by the gnome-remote-desktop and pipewire packages.

On X.Org, just VNC is needed to run a remote desktop session. This functionality on X.Org is provided by the vino package.

PipeWire is used also with teleconference tools such as BlueJeans when running on GNOME Shell on Wayland. In such case, the pipewire service is activated automatically when you start sharing your screen within the teleconference tool.

To check the status of the pipewire service, run: 

~]$ systemctl --user status pipewire

1.10. Customizing GNOME Shell environment with the Tweaks tool

You can customize the GNOME Shell environment for a particular user by using the Tweaks tool.

Procedure

  1. Open Tweaks.

    The Tweaks tool

    tweaks tool

  2. Select the item that you want to customize in the left side bar.

    For example, you can set applications to start automatically when you log in by using the Startup Applications menu, or you can customize your top bar appearance by using the Top Bar menu.

    Customizing startup applications in Tweaks

    startup applications

    Customizing the appearance of your top bar in Tweaks

    tweaks top bar

Chapter 2. Overview of GNOME environments

You can switch between several user interfaces in GNOME. Additionally, GNOME can run on several different graphics back ends.

2.1. GNOME environments, back ends, and display protocols

GNOME 3 provides two user environments:

  • GNOME Standard
  • GNOME Classic

Both environments can use two different protocols as their graphical back ends:

  • The X11 protocol, which uses X.Org as the display server.

  • The Wayland protocol, which uses GNOME Shell as the Wayland compositor and display server.

    This solution of display server is further referred as GNOME Shell on Wayland.

The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.

Additional resources

2.2. GNOME Standard

GNOME Standard user interface includes these major components:

Top bar
The horizontal bar at the top of the screen provides access to some of the basic functions of GNOME Standard, such as the Activities Overview, clock and calendar, system status icons, and the system menu.
System menu

The system menu is located in the top right corner, and enables you:

  • Updating settings
  • Controlling the sound bar
  • Finding information about your Wi-Fi connection
  • Switching user
  • Logging out
  • Turning off the computer
Activities Overview

The Activities Overview features windows and applications views that let the user run applications and windows and switch between them.

The search entry at the top allows for searching various items available on the desktop, including applications, documents, files, and configuration tools.

The vertical bar on the left side contains a list of favorite and running applications. You can add or remove applications from the default list of favorites according to your needs.

The workspace list displayed on the right side allows the user to switch between multiple workspaces, or move applications and windows from one workspace to another.

Message tray
The message tray provides access to pending notifications. The message tray shows when the user presses Super+M.

The GNOME 3 Standard Desktop

gnome standard new

2.3. GNOME Classic

GNOME Classic represents a mode for users who prefer a more traditional desktop experience that is similar to GNOME 2 environment used with Red Hat Enterprise Linux 6. It is based on GNOME 3 technologies, and at the same time it includes multiple features similar to GNOME 2.

GNOME Classic user interface consists of these major components:

Applications and Places

The Applications menu is displayed at the top left of the screen. It gives the user access to applications organized into categories. If you enable window overview, you can also open the Activities Overview from that menu.

The Places menu is displayed next to the Applications menu on the top bar. It gives the user quick access to important folders, for example Downloads or Pictures.

Taskbar

The taskbar is displayed at the bottom of the screen, and features:

  • A window list
  • A notification icon displayed next to the window list
  • A short identifier for the current workspace and total number of available workspaces displayed next to the notification icon
Four available workspaces
In GNOME Classic, the number of workspaces available to the user is by default set to 4.
Minimize and maximize buttons
Window titlebars in GNOME Classic feature the minimize and maximize buttons that let the user quickly minimize the windows to the window list, or maximize them to take up all of the space on the desktop.
A traditional Super+Tab window switcher
In GNOME Classic, windows in the Super+Tab window switcher are not grouped by application.
System menu

The system menu is located in the top right corner, and enables the following actions:

  • Updating settings
  • Controlling the sound bar
  • Finding information about your Wi-Fi connection
  • Switching user
  • Logging out
  • Turning off the computer

The GNOME 3 Classic desktop with the Rhythmbox application and the Favorites submenu of the Applications menu

gnome classic new

In GNOME Classic, the overview of windows that are open is not available by default. You can see the list of all open windows in the taskbar at the bottom of the screen. However, you can enable the windows overview similar to what is by default available in GNOME Standard by changing the default settings of the GNOME Classic environment as described in Section 2.4, “Enabling window overview in GNOME Classic”.

2.4. Enabling window overview in GNOME Classic

In GNOME Classic, the overview of open windows is not available by default. This procedure enables the window overview for all users on the system.

Important

Enabling the window overview by this procedure is not a permanent change. Each update of the gnome-classic-session package overwrites the configuration file to the default settings, which disable the window overview.

To keep the window overview enabled, apply the procedure after each update of gnome-classic-session.

Procedure

  1. Open the /usr/share/gnome-shell/modes/classic.json file as the root user.

  2. Find the following line in the file: 

    "hasOverview": false

  3. Change the line to the following: 

    "hasOverview": true
  4. Save changes, and close the /usr/share/gnome-shell/modes/classic.json file.
  5. Restart the user session.

Verification steps

  1. In your GNOME Classic session, open multiple windows.
  2. Press the Super key to open the window overview.

  3. In the overview, check that:

    • The Dash (the vertical panel on the left side of the screen) is displayed.
    • The bottom panel is not displayed.

    • The workspace switcher is displayed on the right side of the screen.

      Window overview with "hasOverview": true

      Window overview with "hasOverview": true

    With the default settings ("hasOverview": false), the overview has the following features:

    • The Dash is not displayed.

    • The bottom panel is displayed. It includes the Window picker button in its left part and the workspace switcher in its right part.

      Window overview with "hasOverview": false

      Window overview with "hasOverview": false

2.5. Graphics back ends in RHEL 8

In RHEL 8, you can choose between two protocols to build a graphical user interface:

X11
The X11 protocol uses X.Org as the display server. Displaying graphics based on this protocol works the same way as in RHEL 7, where this was the only option.
Wayland
The Wayland protocol on RHEL 8 uses GNOME Shell as its compositor and display server, which is further referred as GNOME Shell on Wayland. Displaying graphics based on the Wayland protocol has some differences and limitation compared to X11.

New installations of RHEL 8 automatically select GNOME Shell on Wayland. However, you can switch to X.Org, or select the required combination of GNOME environment and display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.

Note that there are also a few environments where X.Org is preferred over GNOME Shell on Wayland, such as:

  • Cirrus graphics used in a VM environment
  • Matrox graphics
  • Aspeed graphics
  • QXL graphics used in a VM environment
  • Nvidia graphics when used with the proprietary driver
Important

The Nvidia graphics by default use nouveau, which is an open source driver. nouveau is supported on Wayland, hence you can use Nvidia graphics with nouveau on GNOME Shell on Wayland without any limitations. However, using Nvidia graphics with proprietary Nvidia binary drivers is not supported on GNOME Shell on Wayland. In this case, you need to switch to X.Org as described in Section 2.8, “Selecting GNOME environment and display protocol”.

Additional resources

  • You can find the current list of environments for which Wayland is not available in the /usr/lib/udev/rules.d/61-gdm.rules file.
  • For additional information on the Wayland project, see Wayland documentation.

2.6. Key differences between the Wayland and X11 protocol

X11 applications

Client applications need to be ported to the Wayland protocol or use a graphical toolkit that has a Wayland backend, such as GTK, to be able to work natively with the compositor and display server based on Wayland.

Legacy X11 applications that cannot be ported to Wayland automatically use Xwayland as a proxy between the X11 legacy clients and the Wayland compositor. Xwayland functions both as an X11 server and a Wayland client. The role of Xwayland is to translate the X11 protocol into the Wayland protocol and reversely, so that X11 legacy applications can work with the display server based on Wayland.

On GNOME Shell on Wayland, Xwayland is started automatically at startup, which ensures that most X11 legacy applications work as expected when using GNOME Shell on Wayland. However, the X11 and Wayland protocols are different, and hence some clients relying on X11-specific features may behave differently under Xwayland. For such specific clients, you can switch to the X.Org display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.

libinput

Red Hat Enterprise Linux 8 uses a new unified input stack, libinput, which manages all common device types, such as mice, touchpads, touchscreens, tablets, trackballs and pointing sticks. This unified stack is used both by the X.Org and by the GNOME Shell on Wayland compositor.

GNOME Shell on Wayland uses libinput directly for all devices, and no switchable driver support is available. Under X.Org, libinput is implemented as the X.Org libinput driver, and driver support is outlined below.

Mice, touchscreens, trackballs, pointing sticks
Red Hat Enterprise Linux 8 uses the X.Org libinput driver for these devices. The X.Org evdev driver, which was used in Red Hat Enterprise Linux 7, is available as fallback where required.
Touchpads
Red Hat Enterprise Linux 8 uses the X.Org libinput driver for touchpads. The X.Org synaptics driver, which was used for touchpads in Red Hat Enterprise Linux 7, is no longer available.
Graphics tablets
Red Hat Enterprise Linux 8 continues using the X.Org wacom driver, which was used for tablet devices in Red Hat Enterprise Linux 7. However, the X.Org libinput driver is available where required.
Other input devices
Red Hat Enterprise Linux 7 used the X.Org evdev driver for other input devices that are not included in the above categories. Red Hat Enterprise Linux 8 uses the X.Org libinput driver by default but can fall back to the X.Org evdev driver if a device is incompatible with libinput.

Gestures

GNOME Shell on Wayland supports new touchpad and touchscreen gestures. These gestures include:

  • Switching workspaces by dragging up or down with four fingers.
  • Opening the Activities overview by bringing three fingers closer together.

2.7. Current Wayland limitations

Nvidia drivers

Proprietary Nvidia binary drivers are not supported with GNOME Shell on Wayland. To avoid any complications while using the Nvidia GPU, GNOME Shell automatically falls back to X.Org, which means that the login screen does not provide any option based on the Wayland protocol.

Note

The nouveau driver is still supported and is the default driver for Nvidia graphics.

Remote desktop

With GNOME Shell on Wayland, VNC support is provided by the gnome-remote-desktop package. Remote access using VNC via gnome-remote-desktop currently requires an already logged in session, and only the primary monitor is accessible. Screen sharing with GNOME Shell on Wayland is possible using the PipeWire media server. For more details on the PipeWire media server, see PipeWire project.

For more advanced VNC usage, you need to switch to X.org, where traditional VNC tools are available. For more information, see Overview of GNOME environments .

X Display Manager

The X Display Manager Control Protocol (XDMCP) is not supported with GNOME Shell on Wayland.

Hence, it is not possible to use the X display manager to start a session on the X.Org display server from the same or another computer.

Additional limitations

The following additional limitations related to the Wayland protocol should be noted:

  • X.Org screen manipulation utilities are not available.
  • The xrandr utility is not supported because Wayland handles layout, rotations, and resolutions differently.
  • GNOME Shell cannot be restarted using the Alt+F2 r shortcut.
  • Due to stability issues, using X.org instead of Wayland is recommended in virtual environments. The graphics based on the Wayland protocol are not available for virtual machines that use the qxl driver.
  • Wayland does not support the custom or niche input devices that cannot be handled by the libinput driver.

Additional resources

  • You can find the current list of environments for which Wayland-based graphics are unavailable in the /usr/lib/udev/rules.d/61-gdm.rules file.

2.8. Selecting GNOME environment and display protocol

The default desktop environment for Red Hat Enterprise Linux 8 is GNOME Standard with GNOME Shell on Wayland as the display server. However, due to certain limitations of Wayland, you might want to switch the graphics protocol stack. You might also want to switch from GNOME Standard to GNOME Classic.

Procedure

  1. From the login screen (GDM), click the cogwheel next to the Sign In button.

    Note

    You cannot access this option from the lock screen. The login screen appears when you first start Red Hat Enterprise Linux 8 or when you log out of your current session.

    gnome environments new

  2. From the drop-down menu that appears, select the option that you prefer.

    Note

    Note that in the menu that appears on the login screen, the X.Org display server is marked as X11 display server.

Important

The change of GNOME environment and graphics protocol stack resulting from the above procedure is persistent across user logouts, and also when powering off or rebooting the computer.

Chapter 3. Installing applications in GNOME

This section describes various approaches that you can use to install a new application in GNOME 3.

Prerequisites

  • Administrator priveleges.

3.1. The GNOME Software application

GNOME Software is an utility that enables you to install and update applications, software components, and GNOME Shell extensions in a graphical interface.

GNOME Software provides a catalog of graphical applications, which are the applications that include a *.desktop file. The available applications are grouped into multiple categories according to their purpose.

GNOME Software uses the PackageKit and Flatpak technologies as its back ends.

3.2. Installing an application using GNOME Software

This procedure installs a graphical application using the GNOME Software installer.

Procedure

  1. Launch the GNOME Software application.

  2. Find the application to be installed in the available categories:

    • Audio & Video
    • Communication & News
    • Productivity
    • Graphics & Photography

    • Add-ons

      Add-ons include for example GNOME Shell extensions, codecs, or fonts.

    • Developer Tools
    • Utilities

    gnome software new

  3. Click the selected application.

    gnome software install photos1 new

  4. Click the Install button.

    gnome software install photos2 new

3.3. Installing an application to open a file type

This procedure installs an application that can open a given file type.

Prerequisites

  • You can access a file of the required file type in your file system.

Procedure

  1. Try opening a file that is associated with an application that is currently not installed on your system.
  2. GNOME automatically identifies the suitable application that can open the file, and offers to download the application.

3.4. Installing an RPM package in GNOME

This procedure installs an RPM software package that you manually downloaded as a file.

Procedure

  1. Download the required RPM package.

  2. In the Files application, open the directory that stores the downloaded RPM package.

    Note

    By default, downloaded files are stored in the /home/user/Downloads/ directory.

  3. Double-click the icon of the RPM package to install it.

3.5. Installing an application from the application search in GNOME

This procedure installs a graphical application that you find in the GNOME application search.

Procedure

  1. Open the Activities Overview screen.

  2. Start typing the name of the required application in the search entry.

    install gimp 1 new

    GNOME automatically finds the application in a repository, and displays the application’s icon.

  3. Click the application’s icon to open GNOME Software.

    install gimp 2

  4. Click the icon of the application again.

    install gimp 3

  5. Click Install to finish the installation in GNOME Software.

3.6. Additional resources

Chapter 4. Registering the system for updates using GNOME

You must register your system in order to get software updates for your system.

This section explains how you can register your system using GNOME.

Prerequisites

  • A valid account with Red Hat customer portal

    See the Create a Red Hat Login page for new user registration.

  • Activation Key or keys, if you are registering the system with activation key
  • A registration server, if you are registering system using the registration server

4.1. Registering a system using Red Hat account on GNOME

Follow the steps in this procedure to enroll your system with your Red Hat account.

Prerequisites

Procedure

  1. Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.
  2. In the DetailsAbout section, click Register.
  3. Select Registration Server.
  4. If you are not using the Red Hat server, enter the server address in the URL field.
  5. In the Registration Type menu, select Red Hat Account.

  6. Under Registration Details:

    • Enter your Red Hat account user name in the Login field.
    • Enter your Red Hat account password in the Password field.
    • Enter the name of your organization in the Organization field.
  7. Click Register.

4.2. Registering a system using an activation key on GNOME

Follow the steps in this procedure to register your system with an activation key. You can get the activation key from your organization administrator.

Prerequisites

  • Activation key or keys.

    See the Activation Keys page for creating new activation keys.

Procedure

  1. Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.
  2. In the DetailsAbout section, click Register.
  3. Select Registration Server.
  4. Enter URL to the customized server, if you are not using the Red Hat server.
  5. In the Registration Type menu, select Activation Keys.

  6. Under Registration Details:

    • Enter Activation Keys.

      Separate multiple keys by a comma (,).

    • Enter the name or ID of your organization in the Organization field.
  7. Click Register

4.3. Unregistering the system using GNOME

Follow the steps in this procedure to unregister your system. After unregistering, your system no longer receives software updates.

Procedure

  1. Go to the system menu, which is accessible from the top-right screen corner and click the Settings icon.

  2. In the DetailsAbout section, click Details.

    The Registration Details screen appears.

  3. Click Unregister.

    A warning appears about the impact of unregistering the system.

  4. Click Unregister.

4.4. Additional resources

Chapter 5. Accessing the desktop remotely

You can connect to the desktop on a RHEL server from a remote client.

5.1. Remote desktop access options

RHEL provides several options for remotely connecting to the desktop. Each option fits a different use case:

Single-user access using GNOME tools

This method enables remote access on the client and the server using graphical GNOME applications. It configures a Virtual Network Computing (VNC) session so that only a single user can connect to the desktop on the server at a given time.

Depending on the session type, this method uses different components to implement screen sharing:

  • In an X11 session, it uses the vino component.

  • In a Wayland session, it uses the gnome-remote-desktop component.

    This method always uses display number 0. As a consequence, the VNC session always connects to the user who is logged into the server system.

    The VNC client application must support tls_anon connections. For example, you can use the Remote Desktop Viewer (vinagre) application on Linux systems. Before you can connect from Microsoft Windows clients, such as RealVNC, you must disable the VNC encryption on the server.

Multi-user access using command-line tools

This method configures a VNC session so that multiple remote clients can connect to the server in parallel. You must first enable the VNC access on the client and the server using command-line tools.

Any VNC client application can connect to a server configured using this method.

Accessing a single application using X11 forwarding over SSH

This method executes an SSH command on the client that launches an individual graphical on the server. The application window opens on the client.

This method is useful when you do not require a full remote desktop session.

5.2. Remotely accessing the desktop as a single user

You can remotely connect to the desktop on a RHEL server using graphical GNOME applications. Only a single user can connect to the desktop on the server at a given time.

5.2.1. Enabling desktop sharing on the server using GNOME

This procedure configures a RHEL server to enable a remote desktop connection from a single client.

Procedure

  1. Configure a firewall rule to enable VNC access to the server: 

    # firewall-cmd --permanent --add-service=vnc-server

  2. Reload firewall rules: 

    # firewall-cmd --reload
  3. Open Settings in GNOME.

  4. Navigate to the Sharing menu:

    screen sharing 0

  5. Click Screen Sharing.

    The screen sharing configuration opens:

    screen sharing 1 off

  6. Click the switch button in the window header to enable screen sharing:

    screen sharing 2 on highlight

  7. Select the Allow connections to control the screen check box.
  8. Under Access Options, select the Require a password option.

  9. Set a password in the Password field.

    Remote clients must enter this password when connecting to the desktop on the server.

    screen sharing 4 password

5.2.2. Connecting to a shared desktop using GNOME

This procedure connects to a remote desktop session using the Remote Desktop Viewer application (vinagre). It connects to the graphical session of the user that is currently logged in on the server.

Prerequisites

Procedure

  1. Install the Remote Desktop Viewer application on the client: 

    # yum install vinagre
  2. Launch the Remote Desktop Viewer application (vinagre).

  3. Click Connect.

    vinagre connect

  4. In the Protocol menu, select VNC.

  5. In the Host field, enter the IP address of the server.

    vinagre vnc

  6. Click Connect.

Verification steps

  1. On the client, check that you can see the shared server desktop.

  2. On the server, a screen sharing indicator appears on the right side of the top panel:

    screen sharing indicator

    You can control the screen sharing in the system menu.

5.2.3. Disabling encryption in GNOME VNC

You can disable encryption in the GNOME remote desktop solution. This enables VNC clients that do not support the encryption to connect to the server.

Procedure

  1. As the server user, set the /org/gnome/desktop/remote-desktop/vnc/encryption GSettings key to ['none']: 

    $ gsettings set org.gnome.desktop.remote-desktop.vnc encryption "['none']"

  2. Optional: Red Hat recommends that you tunnel the VNC connection over SSH to your VNC port. As a result, the SSH tunnel keeps the connection encrypted.

    For example:

    1. On the client, configure the port forwarding: 

      # ssh -N -T -L 5901:server-ip-address:5901
    2. Connect to the VNC session on the localhost:5901 address.

5.3. Remotely accessing the desktop as multiple users

You can remotely connect to the desktop on a RHEL server and open multiple sessions as different users at the same time.

5.3.1. The mapping of port and display numbers to users in VNC

With VNC, the client can connect to the desktop sessions of different users on the server. A display number and a TCP port number are attached to each server user that exports a VNC session. The client uses the port number to specify which server user it connects to.

If several clients connect using the same port number, they all open a VNC session to the same server user.

You must configure a mapping for each server user that exports a VNC session. For every such user, you must pick a unique port and display number.

The recommended mapping

Red Hat recommends that you start with port number 5902 and display number 2 for the first user, and increment the numbers by one for each additional server user.

Port number 5900 and display number 0 represent the server user that is currently logged into the graphical session. You cannot start a VNC server for the user who is already logged into the graphical session.

Table 5.1. Port and display number pairs

Port numberDisplay numberNote

5900

0

The logged-in user

5901

1

 

5902

2

The first recommended VNC user

5903

3

 

 
Important

Red Hat recommends that you do not configure the root user to export a VNC session. A root VNC session is unsafe and certain elements of the session might not work as expected.

Firewall rules

You must open the selected ports in your firewall configuration. Allowing the vnc-server service in your firewall opens ports from 5900 to 5903. If you need to enable access to additional server users, you must open ports above 5903 by manually specifying the port numbers.

5.3.2. VNC server configuration files

Several configuration files affect the behavior of the VNC server. You can configure the user mapping and various global options.

General options

You can configure general options of the VNC server in the /etc/tigervnc/vncserver-config-defaults configuration file. The file uses the following format: 

option1=value
option2

For example: 

session=gnome
alwaysshared
securitytypes=vncauth,tlsvnc
desktop=sandbox
geometry=2000x1200

The priority of configuration files

The VNC server reads the following files for general options, in order from most important to least important:

  1. /etc/tigervnc/vncserver-config-mandatory

    This file replaces the default configuration and has a higher priority than the per-user configuration. It is intended for system administrators who want to enforce particular VNC options.

  2. $HOME/.vnc/config

    Individual users can override the default VNC configuration in this file.

  3. /etc/tigervnc/vncserver-config-defaults

    This file stores the default VNC configuration.

User mapping

You can configure the mapping between users and their associated port and display numbers in the /etc/tigervnc/vncserver.users configuration file. The file uses the following format: 

:number=user

For example: 

:2=test
:3=vncuser

Additional resources

  • For a list of available configuration options, see the Xvnc(1) man page.

5.3.3. Enabling multi-user VNC access on the server

This procedure configures a RHEL server so that multiple users can open VNC sessions on it at the same time.

Prerequisites

  • If you previously configured VNC using systemd unit files, remove any outdated VNC configuration: 

    [root]# rm /etc/systemd/system/vncserver@.service

Procedure

  1. Install the VNC server: 

    [root]# yum install tigervnc-server

  2. Map users to display and port numbers.

    In the /etc/tigervnc/vncserver.users configuration file, add a line for each server user that will export a VNC session: 

    :user-number=user-name
    • Replace user-number with the port and display number mapped to the selected existing user.
    • Replace user-name with the user name of the selected existing user.

    For example: 

    :2=vncuser

  3. Open TCP ports 5900 to 5903 in the firewall: 

    [root]# firewall-cmd --permanent --add-service=vnc-server

  4. Reload the firewall rules: 

    [root]# firewall-cmd --reload

  5. Add the following lines to the /etc/tigervnc/vncserver-config-defaults configuration file: 

    session=gnome
alwaysshared

    This configuration has the following effects:

    • The VNC server starts the GNOME session when a remote user logs in.
    • Multiple users can connect to the VNC server at the same time.

  6. As each server user that exports a VNC session, set the VNC password for the user: 

    [regular-user]$ vncpasswd

    Remote clients must enter this password when connecting to the desktop on the server.

  7. If you previously configured VNC for the user, ensure that the configuration files have the correct SELinux context: 

    [regular-user]$ restorecon -RFv ~/.vnc

  8. Enable and start the VNC server unit for the regular user: 

    [root]# systemctl enable --now vncserver@:user-number

  9. If the server uses the proprietary Nvidia driver, disable Wayland:

    1. Uncomment the WaylandEnable=False line in the /etc/gdm/custom.conf configuration file.
    2. Add the DefaultSession=gnome-xorg.desktop option to the [daemon] section of the configuration file.
    3. Reboot the server.

Additional resources

5.3.4. Connecting to the VNC server as multiple users

This procedure connects to a remote desktop session using the vncviewer application. You can open multiple connections to the remote desktop at the same time.

Prerequisites

Procedure

  1. Install the VNC client: 

    # yum install tigervnc

  2. Connect to the VNC server: 

    $ vncviewer --shared server-ip:display
    • Replace server-ip with the IP address of the server that you are connecting to.
    • Replace display with the display number where the server user exports the VNC session.

5.4. Remotely accessing an individual application

You can remotely launch a graphical application on a RHEL server and use it from the remote client.

5.4.1. Enabling X11 forwarding on the server

This procedure configures a RHEL server so that remote clients can use graphical applications on the server over SSH.

Procedure

  1. Install basic X11 packages: 

    # yum install xorg-x11-xauth xorg-x11-fonts-\* xorg-x11-utils dbus-x11
    Note

    Your applications might rely on additional graphical libraries.

  2. Check that the X11Forwarding option is enabled in the /etc/sshd/sshd_config configuration file: 

    X11Forwarding yes

    The option is enabled by default in RHEL. Your organization might have disabled it.

  3. Restart the sshd service: 

    # systemctl restart sshd.service

5.4.2. Launching an application remotely using X11 forwarding

This procedure accesses a graphical application on a RHEL server from a remote client using SSH.

Prerequisites

  • X11 forwarding over SSH is enabled on the server. For details, see Section 5.4.1, “Enabling X11 forwarding on the server”.

  • Ensure that an X11 display server is running on your system:

    • On RHEL, X11 is available by default in the graphical interface.
    • On Microsoft Windows, install an X11 server such as Xming.
    • On macOS, install the XQuartz X11 server.

Procedure

  1. Log in to the server using SSH: 

    [local-user]$ ssh -X -Y remote-server

  2. Launch the application from the command line: 

    [remote-user]$ application-binary

Chapter 6. Configuring GNOME at low level

6.1. Introduction to configuring GNOME

To be able to configure the GNOME Desktop Environment, you need to understand these basic terms:

  • dconf
  • GSettings
  • gsettings

dconf has two different meanings.

Firstly, dconf is a key-based Binary Large Object (BLOB) database for storing GNOME configurations. dconf manages user settings such as GDM, application, and proxy settings, and serves as the back end for GSettings.

Secondly, dconf is a command-line utility which is used for reading and writing individual values or entire directories from and to a dconf database.

GSettings is a high-level API for application settings which serves as the front end for dconf.

gsettings is a command-line tool which is used to view and change user settings.

6.2. Managing user and system GNOME settings

dconf allows system administrators and users several levels of control over GNOME configuration:

  • Administrators can define default settings that apply to all users.
  • Users can override the defaults with their own settings.
  • Administrators can also lock settings to prevent users from overriding them.

6.3. Displaying GSettings values for desktop applications

Viewing and editing of the GSettings values can be achieved with one of the following tools:

  • dconf-editor GUI tool
  • gsettings command-line utility

The dconf-editor application and gsettings utility have the following in common:

  • allow browsing and changing options for system and application preferences
  • allow to change preferences
  • can be run by regular users, because both tools are intended to browse and modify the current user’s GSettings database

The dconf-editor provides a GUI for browsing the settings and their editing. It presents the hierarchy of settings in a tree-view and also displays additional information about each setting, including the description, type and default value.

The gsettings utility can be used to display and set dconf values. gsettings utility supports Bash completion for commands and settings. This tools also allows you to automate configuration in shell scripts. ⁠

Figure 6.1. dconf-editor showing org.gnome.desktop.background GSettings keys

dconf editor screenshot new

Prerequisites

  • The dconf-editor is not installed on the system by default. To install it, run the following command as the root user: 

    # yum install dconf-editor

Procedure

  • To list GSettings values in the GUI, open the dconf-editor application.

  • To list a specific GSettings value on the command line, use the following command: 

    $ gsettings get schema key

    For example: 

$ gsettings get org.gnome.desktop.background picture-uri

Additional resources

  • For more information on the dconf-editor tool, see the dconf-editor(1) man page and the dconf-editor Project documentation.
  • For more information on the gsettings utility, see the gsettings(1) man page.

6.4. Using dconf profiles

The dconf system stores configuration in several different databases. You can configure dconf profiles, which specify the databases that dconf uses.

6.4.1. Introduction to dconf profiles

A dconf profile is a list of system’s hardware and software configuration databases, which the dconf system collects.

The dconf profiles allow you to compare identical systems to troubleshoot hardware or software problems.

The dconf system stores its profiles in the text files which can be located either within the /etc/dconf/profile/ directory or elsewhere. The $DCONF_PROFILE environment variable can specify a relative path to the file from /etc/dconf/profile/, or an absolute path, such as in a user’s home directory.

Note that key pairs which are set in a dconf profile override the default settings.

6.4.2. Selecting a dconf profile

On startup, dconf consults the $DCONF_PROFILE environment to find the name of the dconf profile to open. The result depends on whether the variable is set or not:

  • If set, dconf attempts to open the profile named in the variable and aborts if this step fails.
  • If not set, dconf attempts to open the profile named user and uses an internal hard-wired configuration if this step fails.

Each line in a dconf profile specifies one dconf database.

The first line indicates the database used to write changes. The remaining lines show read-only databases.

The following is a sample profile stored in /etc/dconf/profile/user: 

user-db:user
system-db:local
system-db:site

In this example, the dconf profile specifies three databases. user is the name of the user database which can be found in ~/.config/dconf, and local and site are system databases, located in /etc/dconf/db/.

Note

To apply a new dconf user profile to the user’s session, you need to log out and log in, because the dconf profile for a session is determined at login.

Warning

As a user or application developer, do not manipulate dconf directly. To manipulate dconf, always use the dconf-editor or the gsettings utility. The only exception to use dconf directly is when setting system-wide default configurations, because the aforementioned tools do not allow to manipulate such configurations.

6.5. Configuring custom default values

Machine-wide default settings can be set by providing a default for a key in a dconf profile. These defaults can be overridden by the user.

Prerequisites

  • the user profile exists
  • the value for the key was added to a dconf database

Procedure

For example, to set the default background:

  1. Create the user profile in /etc/dconf/profile/user: 

    user-db:user
system-db:local

    where local is the name of a dconf database.

  2. Create a keyfile for the local database in /etc/dconf/db/local.d/01-background, which contains the following default settings: 

    # dconf path

[org/gnome/desktop/background]

# GSettings key names and their corresponding values
picture-uri='file:///usr/local/share/backgrounds/wallpaper.jpg'
picture-options='scaled'
primary-color='000000'
secondary-color='FFFFFF'

    In the default setting of the keyfile, the following GSettings keys are used:

    Table 6.1. org.gnome.desktop.background schemas GSettings Keys

    Key NamePossible ValuesDescription

    picture-options

    "none", "wallpaper", "centered", "scaled", "stretched", "zoom", "spanned"

    Determines how the image set by wallpaper_filename is rendered.

    picture-uri

    filename with the path

    URI to use for the background image. Note that the backend only supports local file:// URIs.

    primary-color

    default: 000000

    Left or Top color when drawing gradients, or the solid color.

    secondary-color

    default: FFFFFF

    Right or Bottom color when drawing gradients, not used for solid color.

  3. Edit the keyfile according to your preferences.

    For more information, see Section 6.3, “Displaying GSettings values for desktop applications”.

  4. Update the system databases: 

    ~]# dconf update

When the user profile is created or changed, the user needs to log out and log in again before the changes will be applied.

Additional resources

  • If you want to avoid creating a user profile, you can use the dconf command-line utility to read and write individual values or entire directories from and to a dconf database. For more information, see the dconf(1) man page.

6.6. Locking down specific settings

By using the lockdown mode in dconf, you can prevent users from changing specific settings.

Without enforcing the system settings using a lockdown, any settings that users make take precedence over the system settings. User can thus override the system settings with their own.

Procedure

To lock down a GSettings key:

  1. Create a locks subdirectory in the keyfile directory such as /etc/dconf/db/local.d/locks/.
  2. Add any number of files with keys that you want to lock into this directory.

Example 6.1. Locking the settings for the default wallpaper

  1. Set a default wallpaper.
  2. Create a new /etc/dconf/db/local.d/locks/ directory.

  3. Create a new file in /etc/dconf/db/local.d/locks/00-default-wallpaper with the following contents, listing one key per line: 

    # Prevent users from changing values for the following keys:
/org/gnome/desktop/background/picture-uri
/org/gnome/desktop/background/picture-options
/org/gnome/desktop/background/primary-color
/org/gnome/desktop/background/secondary-color

  4. Update the system databases: 

    ~]# dconf update

6.7. Storing user settings over NFS

For dconf to work correctly when using Network File System (NFS) home directories, the dconf keyfile back end must be used.

Note that dconf keyfile back end only works properly if the glib2-fam package is installed. Without this package, notifications on configuration changes made on remote machines are not displayed properly.

With Red Hat Enterprise Linux 8, glib2-fam is available in the BaseOs repository.

To set the dconf keyfile back end:

  1. Ensure that the glib2-fam package is installed on the system.

    To verify whether the package is installed on the system: 

    ~]#  yum list installed

    If glib2-fam is not in the list of installed packages, install it by running: 

    ~]# yum install glib2-fam
  2. Create or edit the /etc/dconf/profile/user file on every client.

  3. At the very beginning of /etc/dconf/profile/user file, add the following line: 

    service-db:keyfile/user

The dconf keyfile back end takes effect the next time that the user logs in. It polls the keyfile to determine whether updates have been made, so settings may not be updated immediately.

6.8. Setting GSettings keys properties

This section describes how to set GSettings keys properties for a single-logged user.

Each GSettings key can have only one value in a dconf database. Setting the same key to a different value at a different place of the dconf database overrides the previous value.

Values of some keys are of array type. For array type, you can specify the value of the key as a list of multiple elements separated by a comma.

To set a GSettings key of array type, follow this syntax: 

key=['option1', 'option2']

The following example shows setting of the org.gnome.desktop.input-sources.xkb-options GSettings key whose value is of array type: ⁠

Example settings of the org.gnome.desktop.input-sources.xkb-options GSettings Key

[org/gnome/desktop/input-sources]
# Enable Ctrl-Alt-Backspace for all users
# Set the Right Alt key as the Compose key and enable it
xkb-options=['terminate:ctrl_alt_bksp', 'compose:ralt']

6.9. Working with GSettings keys on command line

This section focuses on using of the gsettings command to configure, manipulate and manage the GSettings keys. The most frequent use cases that can be resolved by using the gsettings command are shown.

6.9.1. Setting key value

To set a value of a key: 

gsettings set SCHEMA [:PATH] KEY

Note that the value is specified as a serialised GVariant.

Example 6.2. Adding selected applications into the favorite applications key

To add selected applications among your favorite applications: 

$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop', 'org.gnome.clocks.desktop']"

If the operation succeeds, no return code is shown. As a result, all listed applications are added to favorite applications. The change is valid immediately.

6.9.2. Monitoring key changes

To monitor a key for changes and print values that changed: 

gsettings monitor SCHEMA [:PATH] [KEY]

Note that if the KEY argument is not specified, all keys in the schema are monitored. Monitoring continues until the process is terminated.

Example 6.3. Monitoring changes of the favorite applications key

To monitor the changes of the favorite applications key, open two terminals and run:

In the first terminal: 

$ gsettings monitor org.gnome.shell favorite-apps

In the second terminal: 

$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']"

As a result, a notification whether and how favorite applications changed is displayed in the first terminal: 

favorite-apps: ['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']

6.9.3. Checking whether key is writable

To check whether a key is writable: 

gsettings writable SCHEMA [:PATH] KEY

Example 6.4. Checking whether the favorite applications key is writable

To check whether the favorite applications key is writable: 

$ gsettings writable org.gnome.shell favorite-apps

As a result, the return code shows True.

6.9.4. Checking key valid values

To check the range of valid values for a key: 

gsettings range SCHEMA [:PATH] KEY

Example 6.5. Checking the range of valid values for the remember-mount-password key

To check valid values for the remember-mount-password key: 

$ gsettings range org.gnome.shell remember-mount-password

As a result, the return code displays type of the key value, which is type b in this particular case. For more information, see GNOME developer.

6.9.5. Checking description of valid key values

To check the description of valid values for a key: 

gsettings describe SCHEMA [:PATH] KEY

Example 6.6. Checking the description of valid values for the picture-uri key

To check the description of valid values for the picture-uri key: 

$ gsettings describe org.gnome.desktop.screensaver picture-uri

As a result, the following output is displayed: 

URI to use for the background image. Note that the backend only supports local file:// URIs.

6.9.6. Querying key value

To get the value of a key: 

gsettings get SCHEMA [:PATH] KEY VALUE

Note that the value is displayed as a serialised GVariant.

Example 6.7. Querying value of the remember-mount-password key

To get value of the remember-mount-password key: 

$ gsettings get org.gnome.shell remember-mount-password

As a result, the return code displays false.

6.9.7. Resetting key value

To reset the value of a key: 

gsettings reset SCHEMA [:PATH] KEY

If resetting succeeds, no return code is displayed. Default values are in stored dconf and gsettings-desktop-schemas files.

Example 6.8. Resetting the lock-delay key to its default value

The default value of the lock-delay key is 0, and it is stored in the /usr/share/glib-2.0/schemas/org.gnome.desktop.screensaver.gschema.xml file.

Users can set the value of lock-delay as needed.

For example, to set the lock-delay key for screensaver to 200: 

$ gsettings set org.gnome.desktop.screensaver lock-delay 200

To reset the lock-delay key for screensaver to its default value: 

$ gsettings reset org.gnome.desktop.screensaver lock-delay

As a result, the value of lock-delay value is set to 0.

6.9.8. Resetting schema

To reset a schema: 

gsettings reset-recursively SCHEMA [:PATH]

Example 6.9. Resetting the org.gnome.desktop.screensaver schema to its defaults

To reset the org.gnome.desktop.screensaver schema to its defaults: 

$ gsettings reset-recursively org.gnome.desktop.screensaver

As a result, the lock-delay value is reset to 0, and other keys within the org.gnome.desktop.screensaver schema that were changed by user are reset to their defaults as well.

6.9.9. Listing installed non-relocatable schemas

To list installed schemas that are non-relocatable: 

gsettings list-schemas [--print-paths]

If the [--print-paths] argument is specified , the path where each schema is mapped is printed as well.

Example 6.10. Listing installed non-relocatable schemas

To list all schemas installed on your system that are non-relocatable: 

$ gsettings list-schemas

As a result, a full list of schemas is returned. The following list is truncated. 

org.gnome.rhythmbox.library
org.gnome.shell.overrides
org.gnome.system.proxy.https
org.gnome.clocks
org.gnome.eog.fullscreen
org.gnome.login-screen
org.gnome.eog.view

6.9.10. Listing schema keys

To list the keys that are in the selected schema: 

gsettings list-keys SCHEMA [:PATH]

Example 6.11. Listing keys in the org.gnome.shell schema

To list keys in the org.gnome.shell schema: 

$ gsettings list-keys org.gnome.shell

As a result, a list of keys is returned. The following list is truncated. 

enabled-extensions
command-history
remember-mount-password
always-show-log-out
had-bluetooth-devices-setup
looking-glass-history
disable-user-extensions
app-picker-view
disable-extension-version-validation
development-tools
favorite-apps

6.9.11. Listing schema children

To list children of a selected schema: 

gsettings list-children SCHEMA [:PATH]

Note that the list is empty if there are no children.

Example 6.12. Listing children of the org.gnome.shell schema

To list children of the org.gnome.shell schema: 

$ gsettings list-children org.gnome.shell

As a result, the following output is returned: 

keyboard org.gnome.shell.keyboard
keybindings org.gnome.shell.keybindings

6.9.12. Listing schema’s keys and values

To list keys and values of a selected schema recursively: 

gsettings list-recursively [SCHEMA [:PATH]]

Note that if the schema whose keys you want to list is not specified, all keys within all schemas are listed.

Example 6.13. Listing keys and values recursively

To list keys and values in all schemas recursively: 

$ gsettings list-recursively

As a result, all key and values in all schemas on system are listed, as shown below. Note that the following list is truncated. 

org.gnome.nautilus.desktop network-icon-visible false
org.gnome.nautilus.desktop font ''
org.gnome.nautilus.desktop network-icon-name 'Network Servers'
org.gnome.nautilus.desktop home-icon-name 'Home'
org.gnome.nautilus.desktop volumes-visible true
org.gnome.Vinagre always-enable-listening false
org.gnome.Vinagre always-show-tabs false
org.gnome.Vinagre show-accels false
org.gnome.Vinagre history-size 15
org.gnome.Vinagre shared-flag true

6.10. Acknowledgements

Certain portions of this text first appeared in the GNOME Desktop System Administration Guide. Copyright © 2014 The GNOME Project, Michael Hill, Jim Campbell, Jeremy Bicha, Ekaterina Gerasimova, minnie_eg, Aruna Sankaranarayanan, Sindhu S, Shobha Tyagi, Shaun McCance, David King, and others. Licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

The editors of this Red Hat Enterprise Linux 8 documentation would like to thank the GNOME community members for their valuable contributions to the GNOME Desktop System Administration Guide.

Chapter 7. Configuring file associations

This section provides information on configuring RHEL to open or access files with different formats.

In GNOME, MIME (Multipurpose Internet Mail Extension) types help to identify the format of a file and applications to use to open these files.

7.1. Multipurpose Internet Mail Extension types

The GNOME desktop uses MIME types to:

  • Determine which application should open a specific file format by default.
  • Register other applications that can open files of a specific format.
  • Set a string describing the type of a file, for example, in a file properties dialog of the files application.
  • Set an icon representing a specific file format, for example, in a file properties dialog of the files application.

MIME type names follow a given format: 

media-type/subtype-identifier

For example, image/jpeg.

Here image is a media type and jpeg is the subtype identifier.

GNOME follows Multipurpose Internet Mail Extension (MIME) info specification from the Freedesktop.org to determine:

  • The machine-wide and user-specific location to store all the MIME type specification files.
  • How to register a MIME type so that the desktop environment knows which application you can use to open a specific file format.
  • How users can change which applications should open with what file formats.

MIME database

The MIME database is a collection of all the MIME type specification files that GNOME uses to store information about known MIME types.

The most important part of the MIME database from the system administrator’s point of view is the /usr/share/mime/packages/ directory, where the MIME type-related files specifying information on known MIME types are stored. One example of such a file is /usr/share/mime/packages/freedesktop.org.xml, specifying information about the standard MIME types available on the system, by default. The shared-mime-info package provides this file.

Additional resources

  • For detailed information describing the MIME type system, see Shared MIME Info specifications on the Freedesktop website.

7.2. Adding a custom MIME type for all users

You must create a new MIME type specification file in the /usr/share/mime/packages/ directory and a .desktop file in the /usr/share/applications/ directory to add a custom MIME type for all the users on the system and register a default application for that MIME type.

Procedure

  1. Create the /usr/share/mime/packages/application-x-newtype.xml file with following content: 

    <?xml version="1.0" encoding="UTF-8"?>

<mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info">
  <mime-type type="application/x-newtype">
    <comment>new mime type</comment>
    <glob pattern="*.xyz"/>
  </mime-type>
</mime-info>

    The sample application-x-newtype.xml file here defines a new MIME type application/x-newtype and assigns file names with the .xyz extension to that MIME type.

  2. Create a new .desktop file named, for example, myapplication1.desktop in the /usr/share/applications/ with following content: 

    [Desktop Entry]
Type=Application
MimeType=application/x-newtype
Name=My Application 1
Exec=myapplication1

    The sample myapplication1.desktop file here associates the application/x-newtype MIME type with an application named My Application 1. It is run by a command myapplication1.

  3. As a root user, update the MIME database for your changes to take effect. 

    # update-mime-database /usr/share/mime

  4. As a root user, update the application database. 

    # update-desktop-database /usr/share/applications

Verification steps

  1. To verify that you have successfully associated *.xyz files with the application/x-newtype MIME type, first create an empty file, for example test.xyz and execute the following commands: 

    $ touch test.xyz

$ gvfs-info test.xyz | grep "standard::content-type"
  standard::content-type: application/x-newtype

  2. To verify myapplication1.desktop is correctly set as the default registered application for the application/x-newtype MIME type, execute following command: 

    $ gio mime --query application/x-newtype
Default application for 'application/x-newtype': myapplication1.desktop
Registered applications:
	myapplication1.desktop
Recommended applications:
	myapplication1.desktop

7.3. Adding a custom MIME type for individual users

You must create a new MIME type specification file in the ~/.local/share/mime/packages/ directory and a .desktop file in the ~/.local/share/applications/ directory to add a custom MIME type for individual users and register a default application for that MIME type.

Procedure

  1. Create the ~/.local/share/mime/packages/application-x-newtype.xml file with following content: 

    <?xml version="1.0" encoding="UTF-8"?>
<mime-info xmlns="http://www.freedesktop.org/standards/shared-mime-info">
  <mime-type type="application/x-newtype">
    <comment>new mime type</comment>
    <glob pattern="*.xyz"/>
  </mime-type>
</mime-info>

    The sample application-x-newtype.xml file here defines a new MIME type application/x-newtype and assigns file names with the .xyz extension to that MIME type.

  2. Create a new .desktop file named, for example, myapplication1.desktop, and place it in the ~/.local/share/applications/ directory with following content: 

    [Desktop Entry]
Type=Application
MimeType=application/x-newtype
Name=My Application 1
Exec=myapplication1

    The sample myapplication1.desktop file above associates the application/x-newtype MIME type with an application named My Application 1. It is run by a command myapplication1.

  3. Update the MIME database for your changes to take effect: 

    $ update-mime-database ~/.local/share/mime

  4. Update the application database: 

    $ update-desktop-database ~/.local/share/applications

Verification steps

  1. To verify that you have successfully associated *.xyz files with the application/x-newtype MIME type, first create an empty file, for example, test.xyz and execute the following commands: 

    $ touch test.xyz

$ gvfs-info test.xyz | grep "standard::content-type"
  standard::content-type: application/x-newtype

  2. To verify that myapplication1.desktop is correctly set as the default registered application for the application/x-newtype MIME type, execute following command: 

    $ gio mime --query application/x-newtype
Default application for 'application/x-newtype': myapplication1.desktop
Registered applications:
	myapplication1.desktop
Recommended applications:
	myapplication1.desktop

7.4. Options to override default MIME types

By default, the package-installed /usr/share/applications/mimeapps.list and /usr/share/applications/gnome-mimeapps.list files specify which application is registered to open specific MIME types.

System administrators can create the /etc/xdg/mimeapps.list or /etc/xdg/gnome-mimeapps.list file with a list of MIME types they want to override with the default registered application.

Local users can create the ~/.local/share/applications/mimeapps.list or ~/.local/share/applications/gnome-mimeapps.list file with a list of MIME types for which they want to override the default registered application.

Configurations are applied in the following order:

  1. /usr/share/applications/
  2. /etc/xdg/
  3. ~/.local/share/application/

Within a particular location, the configurations are applied in the following order:

  1. mimeapps.list
  2. gnome-mimeapps.list

7.5. Overriding default registered application for all the users

As a system administer, you can update the configuration based on the requirements. System administrator’s configuration takes precedence over default package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.

Procedure

  1. Consult the /usr/share/applications/mimeapps.list file to determine the MIME types for which you want to change the default registered application. For example, the following sample of the mimeapps.list file specifies the default registered application for the text/html and application/xhtml+xml MIME types: 

    [Default Applications]
text/html=firefox.desktop
application/xhtml+xml=firefox.desktop

    This example above specifies default application (Firefox) by specifying its corresponding .desktop file (firefox.desktop). You can find .desktop files for other applications in the /usr/share/applications/ directory.

  2. Create the /etc/xdg/mimeapps.list file and specify the MIME types and their corresponding default registered applications in this file. 

    [Default Applications]
text/html=myapplication1.desktop
application/xhtml+xml=myapplication2.desktop

    This example above sets the default registered application for the text/html MIME type to myapplication1.desktop and application/xhtml+xml MIME type to myapplication2.desktop.

Verification steps

  • For these settings to function correctly, ensure that both the myapplication1.desktop and myapplication2.desktop files are placed in the /usr/share/applications/ directory.

  • Execute the gio mime query command to verify that the default registered application is set correctly. 

    $ gio mime text/html
Default application for 'text/html': myapplication1.desktop
Registered applications:
	myapplication1.desktop
	firefox.desktop
Recommended applications:
	myapplication1.desktop
	firefox.desktop

7.6. Overriding default registered application for individual users

Individual users can also update the configuration based on the requirements. This configuration takes precedence over the system administrator’s configuration and the system administrator’s configuration takes precedence over the package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.

Procedure

  1. Consult the /usr/share/applications/mimeapps.list file to determine the MIME types for which you want to change the default registered application. For example, the following sample of the mimeapps.list file specifies the default registered application for the text/html and application/xhtml+xml MIME types: 

    [Default Applications]
text/html=firefox.desktop
application/xhtml+xml=firefox.desktop

    This example above specifies default application (Firefox) by specifying its corresponding .desktop file (firefox.desktop). You can find .desktop files for other applications in the /usr/share/applications/ directory.

  2. Create the ~/.local/share/applications/mimeapps.list file and specify the MIME types and their corresponding default registered applications in this file. 

    [Default Applications]
text/html=myapplication1.desktop
application/xhtml+xml=myapplication2.desktop

    This example above sets the default registered application for the text/html MIME type to myapplication1.desktop and application/xhtml+xml MIME type to myapplication2.desktop.

Verification steps

  • For these settings to function correctly, ensure that both the myapplication1.desktop and myapplication2.desktop files are placed in the /usr/share/applications/ directory.

  • Execute the gio mime query command to verify that the default registered application is set correctly. 

    $ gio mime text/html
Default application for 'text/html': myapplication1.desktop
Registered applications:
	myapplication1.desktop
	firefox.desktop
Recommended applications:
	myapplication1.desktop
	firefox.desktop

Chapter 8. Customizing desktop appearance

This section explains how system administrators can customize appearance of the desktop environment for different users of the system.

8.1. Customizing desktop backgrounds

As a system administrator, you can configure the default desktop background, add extra backgrounds, or add multiple backgrounds using the dconf utility.

If the users of the system are not permitted to change background from the defaults, system administrator needs to lock the settings using the locks directory. Otherwise, each user can customize the background according to their preferences.

8.1.1. Customizing the default desktop background

You can configure the default desktop background and its appearance by setting the relevant GSettings keys in the org.gnome.desktop.background schema.

For more information about GSettings, see Section 6.1, “Introduction to configuring GNOME”.

Use the following procedure to set the default background:

Procedure

  1. Create a local database for machine-wide settings in /etc/dconf/db/local.d/00-background: 

    # Specify the dconf path
[org/gnome/desktop/background]

# Specify the path to the desktop background image file
picture-uri='file:///usr/local/share/backgrounds/wallpaper.jpg'
# Specify one of the rendering options for the background image:
# 'none', 'wallpaper', 'centered', 'scaled', 'stretched', 'zoom', 'spanned'
picture-options='scaled'
# Specify the left or top color when drawing gradients or the solid color
primary-color='000000'
# Specify the right or bottom color when drawing gradients
secondary-color='FFFFFF'

  2. Optionally, if you want a user to not be able to change the default background, override the user’s setting in the /etc/dconf/db/local.d/locks/background file: 

    # List the keys used to configure the desktop background
/org/gnome/desktop/background/picture-uri
/org/gnome/desktop/background/picture-options
/org/gnome/desktop/background/primary-color
/org/gnome/desktop/background/secondary-color

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

8.1.2. Adding extra backgrounds

You can make extra backgrounds available to users on your system.

Procedure

  1. Use the org.gnome.desktop.background schemas to create a file in the xml format specifying your extra background’s appearance.

    Table 8.1. Frequently used org.gnome.desktop.background schemas GSettings Keys

    Key NamePossible ValuesDescription

    picture-options

    "none", "wallpaper", "centered", "scaled", "stretched", "zoom", "spanned"

    Determines how the image set by wallpaper_filename is rendered.

    color-shading-type

    "horizontal", "vertical", and "solid"

    Determines shade the background color.

    primary-color

    default: #023c88

    Left or Top color when drawing gradients, or the solid color.

    secondary-color

    default: #5789ca

    Right or Bottom color when drawing gradients, not used for solid color.

    The full range of options can be found in the dconf-editor GUI or the gsettings command-line utility. For more information, see Section 6.3, “Displaying GSettings values for desktop applications”.

  2. Store the *.xml file under the /usr/share/gnome-background-properties/ directory.

When a user clicks their name in the top right corner, chooses Settings, and in the Personal section of the table selects Background, they will see the new background available.

Example implementation of org.gnome.desktop.background GSettings keys

An example extra backgrounds file with one <wallpaper> element

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd">
<wallpapers>
  <wallpaper deleted="false">
    <name>Company Background</name>
    <name xml:lang="de">Firmenhintergrund</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ffffff</pcolor>
    <scolor>#000000</scolor>
  </wallpaper>
</wallpapers>

In one configuration file, you can specify multiple <wallpaper> elements to add more backgrounds as shown in the following example with two <wallpaper> elements, adding two different backgrounds.

An example extra backgrounds file with two <wallpaper> elements

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd">
<wallpapers>
  <wallpaper deleted="false">
    <name>Company Background</name>
    <name xml:lang="de">Firmenhintergrund</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ffffff</pcolor>
    <scolor>#000000</scolor>
  </wallpaper>
  <wallpaper deleted="false">
    <name>Company Background 2</name>
    <name xml:lang="de">Firmenhintergrund 2</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper-2.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ff0000</pcolor>
    <scolor>#00ffff</scolor>
  </wallpaper>
</wallpapers>

8.1.3. Setting the screen shield

Screen shield is the screen that quickly slides down when the system is locked. It is controlled by the org.gnome.desktop.screensaver.picture-uri GSettings key. GDM uses its own dconf profile, so you can set the default background by changing the settings in that profile.

For more information on GSettings and dconf, see Section 6.1, “Introduction to configuring GNOME”.

Procedure

  1. Create a gdm database for machine-wide settings in /etc/dconf/db/gdm.d/01-screensaver: 

    [org/gnome/desktop/screensaver]
picture-uri='file:///opt/corp/background.jpg'

    Replace /opt/corp/background.jpg with the path to the image file you want to use as the screen shield. Supported formats are PNG, JPG, JPEG, and TGA. Note that the image will be scaled if necessary to fit the screen.

  2. Update the system databases: 

    # dconf update
  3. Users must log out and back in again before the system-wide settings take effect.
Troubleshooting

If the screen shield does not update, you can:

  1. Make sure that you have updated the system databases by running the dconf update command as the root user.
  2. Try restarting GDM.

8.2. Using GNOME Shell extensions to customize desktop environment

GNOME Shell extensions allow for the customization of the default GNOME Shell interface and its parts, such as window management and application launching.

Important

Before deploying third-party GNOME Shell extensions on Red Hat Enterprise Linux, make sure to read the following document to learn about the Red Hat support policy for third-party software: How does Red Hat Global Support Services handle third-party software, drivers, and/or uncertified hardware/hypervisors?

8.2.1. Overview of GNOME Shell extensions

This section provides an overview of GNOME Shell extensions available on RHEL 8, including the name of the package providing a particular extension, and the description of what each extension does.

Table 8.2. Overview of available GNOME Shell extensions

Package nameExtension nameDescription

gnome-shell-extension-apps-menu

apps-menu

Applications menu for GNOME Shell

gnome-shell-extension-top-icons

Top Icons

Show legacy icons on top

gnome-shell-extension-user-theme

user-theme

Support for custom themes in GNOME Shell

gnome-shell-extension-drive-menu

drive-menu

Drive status menu for GNOME Shell

gnome-shell-extension-window-list

window-list

Display a window list at the bottom of the screen in GNOME Shell

gnome-shell-extension-dash-to-dock

Dash to Dock

Dock for the Gnome Shell by micxgx.gmail.com

gnome-shell-extension-desktop-icons

Desktop Icons

Desktop icons support for the GNOME Classic experience

gnome-shell-extension-no-hot-corner

nohotcorner

Disable the hot corner in GNOME Shell

gnome-shell-extension-systemMonitor

systemMonitor

System Monitor for GNOME Shell

gnome-shell-extension-updates-dialog

Updates Dialog

Show a modal dialog when there are software updates

gnome-shell-extension-window-grouper

window-grouper

Keep windows that belong to the same process on the same workspace

gnome-shell-extension-panel-favorites

panel-favorites

Favorite launchers in GNOME Shell’s top bar

gnome-shell-extension-windowsNavigator

windowNavigator

Support for keyboard selection of windows and workspaces in GNOME shell

gnome-shell-extension-auto-move-windows

Autom Move Windows

Assign specific workspaces to applications in GNOME Shell

gnome-shell-extension-launch-new-instance

launch-new-instance

Always launch a new application instance for GNOME Shell

gnome-shell-extension-workspace-indicator

workspace-indicator

Workspace indicator for GNOME Shell

gnome-shell-extension-disable-screenshield

Disable Screen Shield

Disable GNOME Shell screen shield if lock is disabled

gnome-shell-extension-native-window-placement

native-window-placement

Native window placement for GNOME Shell

gnome-shell-extension-screenshot-window-sizer

screenshot-window-sizer

Screenshot window sizer for GNOME Shell

gnome-shell-extension-horizontal-workspaces

horizontal-workspaces

Desktop icons support for the GNOME Classic experience

gnome-shell-extension-places-menu

places-menu

Places status menu for GNOME Shell

gnome-classic-session

GNOME Classic mode session

8.2.2. Enabling machine-wide extensions

Prerequisites

To make extensions available to all users on the system, install them in the /usr/share/gnome-shell/extensions directory.

Procedure

  1. Create a local database file for machine-wide settings in /etc/dconf/db/local.d/00-extensions: 

    [org/gnome/shell]
# List all extensions that you want to have enabled for all users
enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']

    The enabled-extensions key specifies the enabled extensions using the extensions' UUID (myextension1@myname.example.com and myextension2@myname.example.com).

  2. Update the system databases: 

    # dconf update

  3. Users must log out and back in again before the system-wide settings take effect.

    Note

    There is currently no way to enable additional extensions for users who have already logged in. This does not apply for existing users who have installed and enabled their own GNOME extensions.

8.2.3. Locking down enabled extensions

You can prevent the user from enabling or disabling extensions by locking down the org.gnome.shell.enabled-extensions key.

Procedure

  1. Create a local database file for machine-wide settings in /etc/dconf/db/local.d/00-extensions: 

    [org/gnome/shell]
# List all extensions that you want to have enabled for all users
enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']

    The enabled-extensions key specifies the enabled extensions using the extensions' UUID (myextension1@myname.example.com and myextension2@myname.example.com).

  2. Override the user’s setting and prevent the user from changing it in /etc/dconf/db/local.d/locks/extensions: 

    # Lock the list of mandatory extensions
/org/gnome/shell/enabled-extensions

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

After locking down the org.gnome.shell.enabled-extensions, any extensions installed in ~/.local/share/gnome-shell/extensions or /usr/share/gnome-shell/extensions that are not listed in the org.gnome.shell.enabled-extensions key will not be loaded by GNOME Shell, thus preventing the user from using them.

8.2.4. Setting up mandatory extensions

In GNOME Shell, you can provide a set of extensions that the user has to use.

Prerequisites

The extensions must be installed under the /usr/share/gnome-shell/extensions directory.

Procedure

  1. Create a local database file for machine-wide settings in /etc/dconf/db/local.d/00-extensions-mandatory: 

    [org/gnome/shell]
# List all mandatory extensions
enabled-extensions=['myextension1@myname.example.com', 'myextension2@myname.example.com']

    The enabled-extensions key specifies the enabled extensions using the extensions' UUID (myextension1@myname.example.com and myextension2@myname.example.com).

  2. Override the user’s setting and prevent the user from changing it in /etc/dconf/db/local.d/locks/extensions-mandatory: 

    # Lock the list of mandatory extensions
/org/gnome/shell/enabled-extensions

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

Chapter 9. Customizing GNOME desktop features

9.1. Changing the language using desktop GUI

This section describes how to change the system language using the desktop GUI.

Prerequisites

  • Required language packages are installed on your system

Procedure

  1. Open the GNOME Control Center from the System menu by clicking on its icon.

    cs system menu

  2. In the GNOME Control Center, choose Region & Language from the left vertical bar.

  3. Click the Language menu.

    cs language menu

  4. Select the required region and language from the menu.

    cs select region language

    If your region and language are not listed, scroll down, and click More to select from available regions and languages.

    cs available region language

  5. Click Done.

  6. Click Restart for changes to take effect.

    cs restart region language

Note

Some applications do not support certain languages. The text of an application that cannot be translated into the selected language remains in US English.

Additional resources

9.2. Enabling the CTRL+ALT+BACKSPACE shortcut

The Ctrl+Alt+Backspace shortcut key combination is used for terminating the X.Org display server.

You might want to terminate X.Org especially when:

  • A program caused X.Org to stop working.
  • You need to switch from your logged-in session quickly.
  • You have launched a program that failed.
  • You cannot operate in the current session.
  • Your screen freezes.

To enable the Ctrl+Alt+Backspace shortcut to forcibly terminate X.Org by default for all users, you need to set the org.gnome.desktop.input-sources.xkb-options GSettings key.

Procedure

  1. Create a local database for machine-wide settings in /etc/dconf/db/local.d/00-input-sources: 

    [org/gnome/desktop/input-sources]
# Enable Ctrl-Alt-Backspace for all users
xkb-options=['terminate:ctrl_alt_bksp']

  2. Override the user’s setting, and prevent the user from changing it in /etc/dconf/db/local.d/locks/input-sources: 

    # Lock the list of enabled XKB options
/org/gnome/desktop/input-sources/xkb-options

  3. Update the system databases for the changes to take effect: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

If the Ctrl+Alt+Backspace key combination is enabled, all users can terminate X.Org , which brings them back to the login prompt.

9.3. Disabling command-line access

To disable command-line access for a desktop user, you need to make configuration changes in a number of different contexts:

Note

The following steps do not remove the desktop user’s permissions to access a command line, but rather remove the ways that the desktop user could access command line.

9.3.1. Setting the org.gnome.desktop.lockdown.disable-command-line Key

This approach prevents the user from:

  • Accessing the terminal
  • Specifying a command line to be executed by using the Alt+F2 command prompt

Procedure

  1. Create a local database for machine-wide settings in /etc/dconf/db/local.d/00-lockdown: 

    [org/gnome/desktop/lockdown]
# Disable command-line access
disable-command-line=true

  2. Override the user’s setting and prevent the user from changing it in /etc/dconf/db/local.d/locks/lockdown: 

    # Lock the disabled command-line access
/org/gnome/desktop/lockdown

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

9.3.2. Disabling virtual terminal switching on X.Org

With the X.Org display server, users can normally use the Ctrl+Alt+function key shortcuts to switch from the GNOME Desktop and X.Org to a virtual terminal. You can disable access to all virtual terminals by modifying the X.Org configuration. The X.Org configuration should be modified by adding the DontVTSwitch option to the Serverflags section of an X configuration file in the /etc/X11/xorg.conf.d/ directory, as shown by the following procedure.

Important

You cannot apply the procedure if GNOME Shell on Wayland is used as the display server.

Procedure

  1. Create or edit an X configuration file in the /etc/X11/xorg.conf.d/ directory:

    Note

    By convention, these host-specific configuration file names start with two digits and a hyphen and always have the .conf extension. Thus, the following file name can be /etc/X11/xorg.conf.d/10-xorg.conf. 

    Section "Serverflags"

Option "DontVTSwitch" "yes"

EndSection
  2. Restart the X.Org display server for the changes to take effect.

9.4. Preventing the computer from suspending when closing the lid

When closing the lid of your laptop, the computer by default suspends in order to save power. You can prevent the computer from suspending when closing the lid by changing the setting for that behavior.

Warning

Some laptops can overheat if they are left running with the lid closed, especially if they are in a confined place. Therefore, consider whether changing the default setting from suspend to an other option is beneficial in your case.

Procedure

  1. Open the /etc/systemd/logind.conf file for editing.

  2. Find the HandleLidSwitch=suspend line in the file.

    If it is quoted out with the # character at the start, unquote it by removing #.

    If the line is not present in the file, add it.

  3. Replace the default suspend parameter with:

    • lock for the screen to lock
    • ignore for nothing to happen
    • poweroff for the computer to switch off

    For example: 

    [Login]
HandleLidSwitch=lock
  4. Save your changes, and close the editor.

  5. Run the following command so that your changes preserve the next restart of the system: 

    # systemctl restart systemd-logind.service
    Warning

    Restarting the service forcibly interrupts any currently running GNOME session of any desktop user who is logged in. This can result in users losing unsaved data.

For more information on the /etc/systemd/logind.conf file, see the logind.conf man page.

9.5. Changing behavior when pressing the power button in graphical target mode

When the machine is booted to a graphical login screen or user session, hitting the power button makes the machine suspend by default. This happens both in cases when the user presses the power button physically or when pressing a virtual power button from a remote console. To achieve a different behavior when pressing the power button, set the function of this button with dconf.

For example, if you want the system to shutdown after pressing the power button, use the following procedure:

Procedure

  1. Create a local database for system-wide settings in the /etc/dconf/db/local.d/01-power file: 

    [org/gnome/settings-daemon/plugins/power]
power-button-action='interactive'

  2. Override the user’s setting, and prevent the user from changing it in the /etc/dconf/db/local.d/locks/01-power file: 

    /org/gnome/settings-daemon/plugins/power/power-button-action

  3. Update the system databases: 

    # dconf update
  4. Log out and back in again before the system-wide settings take effect.

This configuration initiates a system shutdown after pressing the power button. To configure the system differently, you can set the behavior of particular buttons.

Options for particular buttons:

  • nothing

    does nothing

  • suspend

    suspends the system

  • hibernate

    hibernates the system

  • interactive

    shows a pop-up query asking the user what to do

    With interactive mode, the system powers off automatically after 60 seconds when hitting the power button. However, you can choose a different behavior from the pop-up query as shown in the figure below.

    Pop-up query for interactive mode

    interactive power

Chapter 10. Displaying the system security classification

As an administrator of deployments where the user must be aware of the security classification of the system, you can set up a notification of the security classification. This can be either a permanent banner or a temporary notification, and it can appear on login screen, in the GNOME session, and on the lock screen.

10.1. Enabling system security classification banners

You can create a permanent classification banner to state the overall security classification level of the system. This is useful for deployments where the user must always be aware of the security classification level of the system that they are logged into.

The permanent classification banner can appear within the running session, the lock screen, and login screen, and customize its background color, its font, and its position within the screen.

This procedure creates a red banner with a white text placed on both the top and bottom of the login screen.

Procedure

  1. Install the gnome-shell-extension-classification-banner package: 

    # yum install gnome-shell-extension-classification-banner
    Note

    The package is only available in RHEL 8.6 and later.

  2. Create the 99-class-banner file at either of the following locations:

    • To configure a notification at the login screen, create /etc/dconf/db/gdm.d/99-class-banner.
    • To configure a notification in the user session, create /etc/dconf/db/local.d/99-class-banner.

  3. Enter the following configuration in the created file: 

    [org/gnome/shell]
enabled-extensions=['classification-banner@gnome-shell-extensions.gcampax.github.com']

[org/gnome/shell/extensions/classification-banner]
background-color='rgba(200,16,46,0.75)'
message='TOP SECRET'
top-banner=true
bottom-banner=true
system-info=true
color='rgb(255,255,255)'
    Warning

    This configuration overrides similar configuration files that also enable an extension, such as Notifying of the system security classification.

    To enable multiple extensions, specify all of them in the enabled-extensions list. For example: 

    enabled-extensions=['heads-up-display@gnome-shell-extensions.gcampax.github.com', 'classification-banner@gnome-shell-extensions.gcampax.github.com']

  4. Update the dconf database: 

    # dconf update
  5. Reboot the system.

Troubleshooting

  • If the classification banners are not displayed for an existing user, log in as the user and enable the Classification banner extension using the Tweaks application.

10.2. Notifying of the system security classification

You can set up a notification that contains a predefined message in an overlay banner. This is useful for deployments where the user is required to read the security classification of the system before logging in.

Depending on your configuration, the notification can appear at the login screen, after logging in, on the lock screen, or after a longer time with no user activity. You can always dismiss the notification when it appears.

Procedure

  1. Install the gnome-shell-extension-heads-up-display package: 

    # yum install gnome-shell-extension-heads-up-display

  2. Create the 99-hud-message file at either of the following locations:

    • To configure a notification at the login screen, create /etc/dconf/db/gdm.d/99-hud-message.
    • To configure a notification in the user session, create /etc/dconf/db/local.d/99-hud-message.

  3. Enter the following configuration in the created file: 

    [org/gnome/shell]
enabled-extensions=['heads-up-display@gnome-shell-extensions.gcampax.github.com']

[org/gnome/shell/extensions/heads-up-display]
message-heading="Security classification title"
message-body="Security classification description"
# The following options control when the notification appears:
show-when-locked=true
show-when-unlocking=true
show-when-unlocked=true

    Replace the following values with text that describes the security classification of your system:

    Security classification title
    A short heading that identifies the security classification.
    Security classification description
    A longer message that provides additional details, such as references to various guidelines.
    Warning

    This configuration overrides similar configuration files that also enable an extension, such as Enabling system security classification banners.

    To enable multiple extensions, specify all of them in the enabled-extensions list. For example: 

    enabled-extensions=['heads-up-display@gnome-shell-extensions.gcampax.github.com', 'classification-banner@gnome-shell-extensions.gcampax.github.com']

  4. Update the dconf database: 

    # dconf update
  5. Reboot the system.

Troubleshooting

  • If the notifications are not displayed for an existing user, log in as the user and enable the Heads-up display message extension using the Tweaks application.

Chapter 11. Enabling Chinese, Japanese, or Korean text input

If you write with Chinese, Japanese, or Korean characters, you can configure RHEL to input text in your language.

11.1. Input methods

Certain scripts, such as Chinese, Japanese, or Korean, require keyboard input to go through an Input Method Engine (IME) to enter native text.

An input method is a set of conversion rules between the text input and the selected script. An IME is a software that performs the input conversion specified by the input method.

To input text in these scripts, you must set up an IME. If you installed the system in your native language and selected your language at the GNOME Initial Setup screen, the input method for your language is enabled by default.

11.2. Available input method engines

The following input method engines (IMEs) are available on RHEL from the listed packages:

Table 11.1. Available input method engines

LanguagesScriptsIME namePackage

Chinese

Simplified Chinese

Intelligent Pinyin

ibus-libpinyin

Chinese

Traditional Chinese

New Zhuyin

ibus-libzhuyin

Japanese

Kanji, Hiragana, Katakana

Kana Kanji

ibus-kkc

Korean

Hangul

Hangul

ibus-hangul

Other

Various

M17N

ibus-m17n

11.3. Installing input method engines

This procedure installs input method engines (IMEs) that you can use to input Chinese, Japanese, and Korean text.

Procedure

  • Install all available input method packages: 

    # yum install @input-methods

11.4. Switching the input method in GNOME

This procedure sets up the input method for your script, such as for Chinese, Japanese, or Korean scripts.

Prerequisites

  • The input method packages are installed.

Procedure

  1. Go to the system menu, which is accessible from the top-right screen corner, and click Settings.
  2. Select the Region & Language section.

  3. In the Input Sources list, review the currently enabled input methods.

    Input Sources

  4. If your input method is missing:

    1. Click the + button under the Input Sources list.

      Add an Input Source

    2. Select your language.

      Languages menu
      Note

      If you cannot find your language in the menu, click the three dots icon (More…) at the end of the menu.

    3. Select the input method that you want to use. A cog wheel icon marks all input methods to distinguish them from simple keyboard layouts.

      Input methods menu
    4. Confirm your selection by clicking Add.

  5. Switch the active input method using one of the following ways:

    • Click the input method indicator on the right side of the top panel and select your input method.

      Input methods indicator
    • Switch between the enabled input methods using the Super+Space keyboard shortcut.

Verification

  1. Open a text editor.
  2. Type text in your language.
  3. Verify that the text appears in your native script.

Chapter 12. Inputting uncommon characters using the Compose key

The Compose key is a feature that enables you to type special symbols or characters which are missing on your keyboard. In GNOME Desktop, you can define one of the existing keys on your keyboard as the Compose key. You can use the Compose key in combination with other keys, known as Compose key sequences, to enter special characters you type frequently.

12.1. Enabling the Compose key

You can enable the Compose key either for an individual user or for all users.

12.1.1. Enabling the Compose key for an individual user with the Tweaks application

To enable the Compose key for an individual user by Tweaks application follow these steps.

Prerequisites

  • The Tweaks application is installed on your system. 

    # yum install gnome-tweaks

Procedure

  1. Open the Tweaks application.
  2. Select Keyboard & Mouse in the side bar.
  3. Enable Compose Key.

  4. Choose which key from the listed keys triggers the Compose functionality.

    enabling compose key

12.1.2. Enabling the Compose key for an individual user using GSettings

To enable the Compose key for an individual user using the gsettings utility, follow these steps.

Procedure

  • Enable the Compose key: 

    $ gsettings set \
            org.gnome.desktop.input-sources \
            xkb-options \
            "['compose:selected-key']"

    Replace selected-key with the key that triggers Compose. For example, use ralt to set the right Alt key.

Additional resources

  • See the xkeyboard-config(7) man page for the names of other keys.

12.1.3. Enabling the Compose key for all users

To enable the Compose key for all users, follow these steps.

Procedure

  1. Open the /etc/dconf/db/local.d/00-input-sources file as the root user.

  2. Enter the following content in the file: 

    [org/gnome/desktop/input-sources]
# Enable the Compose key
xkb-options=['compose:selected-key']

    Replace selected-key with the key that triggers Compose. For example, use ralt to set the right Alt key.

  3. To override the user’s Compose settings and prevent the user from changing them, create the /etc/dconf/db/local.d/locks/input-sources file and enter the following: 

    # Lock the list of enabled XKB options
/org/gnome/desktop/input-sources/xkb-options

  4. Update the system databases for the changes to take effect: 

    # dconf update
  5. Users must log out and back in again before the system-wide settings take effect.

Additional resources

  • See the xkeyboard-config(7) man page for the names of other keys.

12.2. Using the Compose key to input characters

This procedure shows how to use the Compose key.

Prerequisites

  • The Compose key is enabled on your system.

Procedure

  1. Press and release the Compose key.
  2. Type the key combination to get the specific symbol. For example, type A E (in capitals) to get Æ, or in lowercase to get æ.

12.3. The Compose key sequences

This section lists some of the Compose key sequences and their resulting characters.

Table 12.1. Common sequences

First keySecond keyThird keyResult

o

c

 

©

d

h

 

ð

,

a

 

ą

s

s

 

ß

<

<

 

«

?

?

 

¿

-

-

-

^

_

a

ª

=

c

 

1

4

 

¼

Additional resources

  • For more key sequences, see the X.Org webpage.

Chapter 13. Typing emoji characters

You can type emoji characters using several different methods in GNOME, depending on the type of the application.

13.1. Typing emoji characters in GTK applications

This procedure inserts an emoji character in an application that uses the GTK graphical toolkit, such as in native GNOME applications.

Prerequisites

  • Make sure that the application is built on the GTK toolkit.

Procedure

  1. Open a GTK application.
  2. Make sure that a text field is active.

  3. Press Ctrl+..

    The emoji selection menu opens.

  4. Browse the emoji characters or type a keyword that identifies the emoji character that you want to insert, such as smile.

    For the full list of keywords associated with emoji characters, see the Other Keywords column on the Emoji List page.

  5. Click the selected character, or navigate to it using the cursor keys and press Enter.

Verification

  • Check that the intended emoji character now appears at your cursor.

13.2. Typing emoji characters in any applications

This procedure inserts an emoji character in any application, regardless of the graphical toolkit that the application uses.

Procedure

  1. Open an application.
  2. Make sure that a text field is active.

  3. Press Ctrl+Shift+e.

    The underscored letter e appears at your cursor.

  4. Type a keyword that identifies the emoji character that you want to insert, such as smile.

    For the full list of keywords associated with emoji characters, see the Other Keywords column on the Emoji List page.

  5. Repeatedly press Space to browse the emoji characters that match your keyword.
  6. Confirm the selected emoji character by pressing Enter.

Verification

  • Check that the intended emoji character now appears at your cursor.

Chapter 14. Managing storage volumes in GNOME

This section describes how you can manage storage volumes in GNOME with a virtual file system. GNOME Virtual File System (GVFS) is an extension of the virtual file system interface provided by the libraries the GNOME desktop is built on.

14.1. The GVFS system

This section introduces GVFS and explains how GVFS works.

GVFS provides complete virtual file system infrastructure and handles storage in the GNOME desktop. It uses addresses for full identification based on the Uniform Resource Identifier (URI) standard, syntactically similar to URL addresses in web browsers. These addresses in the form of schema://user@server/path are the key information determining the kind of service.

GVFS helps to mount the resources. These mounts are shared between multiple applications. Resources are tracked globally within the running desktop session, which means that even if you quit an application that triggered the mount, the mount continues to be available for any other application. Multiple applications can access the mount at the same time unless it is limited by a back end. Some protocols by design permit only a single channel.

GVFS mounts removable media in the /run/media/ directory.

14.2. The format of the GVFS URI string

This section explains what the GVFS URI string is and demonstrates how to form one.

You must form a URI string to use back end services. This string is a basic identifier used in GVFS, which carries all necessary information needed for unique identification, such as type of service, back end ID, absolute path, or user name if required. You can see this information in the Files address bar and GTK+ open or save file dialog.

The following example is a very basic form of the URI string, which points to a root directory (/) of the File Transfer Protocol (FTP) server running at the ftp.myserver.net domain:

Example 14.1. A URI string pointing to the root FTP directory

ftp://ftp.myserver.net/

Example 14.2. A URI string pointing to a text file on FTP

ssh://joe@ftp.myserver.net/home/joe/todo.txt

14.3. Mounting a storage volume in GNOME

In virtual file systems, particular resources are set to be mounted automatically, but the most common way is to trigger mounts manually.

Procedure

  1. Open the Files application.
  2. Click Other Locations in the side bar.
  3. Enter the URI string in the Connect to Server field.
  4. Press Connect.
  5. If the dialog asks you for login credentials, enter your name and password into the relevant entry boxes.
  6. When the mounting process finishes, you can start working with the storage volume.

14.4. Unmounting a storage volume in GNOME

You can unmount storage volumes or resources using the following procedure.

Procedure

  1. Open the Files application.
  2. In the side bar, click the Unmount (⏏) icon next to the chosen mount.
  3. Wait until the mount disappears or notification about the safe removal appears.

14.5. Access to GVFS mounts in the file system

This section introduces FUSE, the main daemon for the GVFS virtual file system.

Applications built with the GIO library can access GVFS mounts. In addition, GVFS provides a FUSE daemon which exposes active GVFS mounts. Any application can access active GVFS mounts using the standard POSIX APIs as though mounts were regular file systems.

In certain applications, additional library dependency and new virtual file system (VFS) subsystem specifics might be unsuitable or too complicated. For such reasons and to boost compatibility, GVFS provides a File System in Userspace (FUSE) daemon, which exposes active mounts through its mount for standard Portable Operating System Interface (POSIX) access. This daemon transparently translates incoming requests to imitate a local file system for applications.

Important

You might experience difficulties with certain combinations of applications and GVFS back ends.

The FUSE daemon starts automatically with the main gvfs daemon and mounts volumes either in the /run/user/UID/gvfs/ or ~/.gvfs/ directories as a fallback.

Manual browsing shows individual directories for each GVFS mount. The system passes the transformed path as an argument when you are opening documents from GVFS locations with non-native applications. Note that native GIO applications automatically translate this path back to a native URI.

14.6. Available GIO commands

GIO provides several commands that might be useful for scripting or testing.

Here is a set of POSIX commands counterparts as follows:

CommandDescription

gio cat

Displays the content of a file.

gio mkdir

Creates a new directory.

gio rename

Renames a file.

gio mount

Provides access to various aspects of the gio mounting functionality.

gio set

Sets a file attribute on a file.

gio copy

Makes a copy of a file.

gio list

Lists directory contents.

gio move

Moves a file from one location to another.

gio remove

Removes a file.

gio trash

Sends files or directories to the Trashcan. This can be a different folder depending on where the file is located, and not all file systems support this concept. In the common case that the file lives inside a user’s home directory, the trash folder is $XDG_DATA_HOME/Trash.

gio info

Displays information of the given locations.

gio save

Reads from standard input and saves the data to the given location.

gio tree

Lists the contents of the given locations recursively, in a tree-like format. If no location is given, it defaults to the current directory.

Following additional commands provide more control of GIO specifics:

CommandDescription

gio monitor

Monitors files or directories for changes, such as creation, deletion, content and attribute changes, and mount and unmount operations affecting the monitored locations.

gio mime

Lists the registered and recommended applications for the mimetype if no handler is given, else, it is set as the default handler for the mimetype.

gio open

Opens files with the default application that is registered to handle files of this type.

Note

For user convenience, bash completion is provided as a part of the package.

All these commands are native GIO clients, there is no need for the fallback FUSE daemon to be running. Their purpose is not to be drop-in replacements for POSIX commands, in fact, a very little range of switches is supported. In their basic form, these commands take an URI string as an argument instead of a local path.

Additional resources

  • The gio(1) man page.

14.7. Sample GIO commands

The following section provides a few examples of the GIO commands usage.

Example 14.3. List all files in the local /tmp directory

$ gio list file:///tmp

Example 14.4. List the content of a text file from a remote system

$ gio cat ssh://joe@ftp.myserver.net/home/joe/todo.txt

Example 14.5. Copy the previous text file to a local /tmp directory

$ gio copy ssh://joe@ftp.myserver.net/home/joe/todo.txt /tmp/

Additional resources

  • The gio man page.

14.8. Overview of GVFS metadata

This section provides information on the GVFS metadata and provides instruction on how to view and manipulate them.

The GVFS metadata storage is implemented as a set of key-and-value pairs that bind information to a particular file. Thus, there is a tool for a user or application to save small data designed for runtime information such as icon position, last-played location, position in a document, emblems, notes, and so on.

Whenever you move a file or directory, GVFS moves the metadata accordingly so that metadata stays connected to the respective file. The GVFS stores all metadata privately, so metadata is available only on the machine. However, GVFS tracks mounts and removable media as well.

Note

GVFS mounts removable media in the /run/media/ directory.

To view and manipulate with metadata, you can use:

  • the gio info command,
  • the gio set command, or
  • any other native GIO way of working with attributes.

Additional resources

  • The gio man page.

14.9. Setting custom GIO metadata attribute

This procedure describes how to set a custom metadata attribute.

Notice the differences between particular gio info calls and data persistence after a move or rename. Note the gio info command output.

Procedure

  1. Create an empty file: 

    $ touch /tmp/myfile

  2. View the metadata of this file: 

    $ gio info -a 'metadata::*' /tmp/myfile
uri: file:///tmp/myfile
attributes:

  3. Set a string to this file: 

    $ gio set -t string /tmp/myfile 'metadata::mynote' 'Please remember to delete this file!'

  4. View the metadata: 

    $ gio info -a 'metadata::*' /tmp/myfile
uri: file:///tmp/myfile
attributes:
  metadata::mynote: Please remember to delete this file!

  5. Move this file to a new location: 

    $ gio move /tmp/myfile /tmp/newfile

  6. View the metadata: 

    $ gio info -a 'metadata::*' /tmp/newfile
uri: file:///tmp/newfile
attributes:
  metadata::mynote: Please remember to delete this file!

The metadata persists when you move the file using the GIO API.

Additional resources

  • The gio man page.

14.10. Password management of GVFS mounts

This section focuses on the GVFS mount authentication.

A typical GVFS mount authenticates on its activation unless the resource allows anonymous authentication or does not require any authentication at all.

In a standard GTK+ dialog, you can choose whether to store the password.

When you select the persistent storage, the password is stored in the user keyring. GNOME Keyring is a central place for secrets storage. The password is encrypted and automatically unlocked on desktop session start using the password provided on login. For protecting it by a different password, you can set the password at the first use.

The Passwords and Keys application helps to manage the stored password and GNOME Keyring. It allows removing individual records or changing passwords.

14.11. GVFS back ends

Back ends in GVFS provide access to a specific type of resource. This section provides a list of available GVFS back ends and their specifications.

Note

Some back ends are packaged separately and not installed by default. For installing additional back ends, use the yum package manager.

Table 14.1. Available back ends

Back endDescription

afc

Similar to Media Transfer Protocol (MTP), exposes files on your Apple iDevice connected through USB.

afp

An Apple Filing Protocol (AFP) client to access file services of macOS and the original Mac operation system.

archive

Handles various archiving files (ZIP, TAR) in read-only way.

admin

Provides administrator access to the local file system.

burn

A virtual back end that burning applications use as a temporary storage for new CD, DVD, or BD medium content.

cdda

Exposes Audio CD through separate Waveform Audio File Format (WAV) files.

computer

A virtual back end consolidating active mounts and physical volumes. Acts similarly to a signpost. Previously used by Files for its Computer view.

dav, davs

A WebDAV client, including secure variant. Authentication is possible only during mount. The back end does not support later re-authentication on per-folder basis.

dns-sd

DNS Service Discovery: An Avahi client, used during network browsing, forms persistent URIs to discovered services.

ftp

A fully featured File Transfer Protocol (FTP) client. Supports passive transfers by default. Also, handles secure mode over ftps (explicit mode) and ftpis (implicit mode) schemes.

gphoto2

A Picture Transfer Protocol (PTP) client to access your camera attached by USB or FireWire.

google

Provides access to Google Drive. The Google Drive account needs to be configured in the Online Accounts settings.

http

Handles all HTTP requests. Useful for easy downloading files from web in client applications.

locatest

A simple testing back end that proxies the file:// URI. The back end supports error injection.

mtp

A Media Transfer Protocol (MTP) back end for accessing media player and smart phone memory.

network

Allows you to browse Window Network and show shares discovered over Avahi.

recent

A back end used in the file chooser dialog to list recent files used by GNOME applications.

sftp

A fully-featured SSH File Transfer Protocol (SFTP) client.

smb

Accesses Samba and Windows shares.

trash

A trash back end that allows to restore deleted files.

Chapter 15. Troubleshooting volume management in GNOME

Following are some common errors of volume management in GNOME and ways to resolve them.

15.1. Troubleshooting access to GVFS locations from non-GIO clients

If you have problems accessing GVFS locations from your application, it might mean that it is not native GIO client. Native GIO clients are typically all GNOME applications using GNOME libraries (glib, gio). The gvfs-fuse service is provided as a fallback for non-GIO clients.

Prerequisite

  • The gvfs-fuse package is installed. 

    $ yum install gvfs-fuse

Procedure

  1. Ensure that gvfs-fuse is running. 

    $ ps ax | grep gvfsd-fuse

    If gvfs-fuse is not running, log out and log back in. Red Hat does not recommend starting gvfs-fuse manually.

  2. Find the system user ID (UID) for the /run/user/UID/gvfs/ path.

    The gvfsd-fuse daemon requires a path where it can expose its services. When the /run/user/UID/gvfs/ path is unavailable, gvfsd-fuse uses the ~/.gvfs path. 

    $ id -u

  3. If gvfsd-fuse is still not running, start the gvfsd-fuse daemon: 

    $ /usr/libexec/gvfsd-fuse -f /run/user/_UID_/gvfs

    Now, the FUSE mount is available, and you can manually browse for the path in your application.

  4. Find the GVFS mounts under the /run/user/UID/gvfs/ or ~/.gvfs locations.

15.2. Troubleshooting an invisible connected USB disk

Under certain circumstances, when you connect a flash drive, the GNOME Desktop might not display it. If your flash drive is not visible in Files, but you can see it in the Disks application, you can attempt to set the Show in user interface option in Disks.

Procedure

  1. Open the Disks application.
  2. Select the disk in the side bar.
  3. Below Volumes, Click Additional partition options (⚙)Edit Mount Options…​.
  4. Click Show in user interface.
  5. Confirm by clicking OK.
  6. If the flash drive is still not visible, you can try to physically remove the drive and try connecting it again.

15.3. Troubleshooting unknown or unwanted partitions listed in Files

Sometimes, you might see unknown or unwanted partitions when you plug a disk in. For example, when you plug in a flash disk, it is automatically mounted and its volumes are shown in the Files side bar. Some devices have a special partition with backups or help files, which you might not want to see each time you plug in the device.

Procedure

  1. Open the Disks application.
  2. Select the disk in the side bar.
  3. Below Volumes, Click Additional partition options (⚙)Edit Mount Options…​.
  4. Uncheck Show in user interface.
  5. Confirm by clicking OK.

15.4. Troubleshooting if a connection to the remote GVFS file system is unavailable

There are number of situations in which the client is unexpectedly and unwillingly disconnected from a virtual file system or a remote disk mount and is not reconnected automatically.

You might see the error messages in such situations. Several causes trigger such situations:

  • The connection is interrupted. For example, your laptop is disconnected from the Wi-Fi.
  • The user is inactive for some time and is disconnected by the server (idle timeout).
  • The computer is resumed from sleep mode.

Procedure

  1. Unmount file system.
  2. Mount it again.
  3. If the connection is getting disabled more often, check the settings in the Network panel in the GNOME Settings.

15.5. Troubleshooting a busy disk in GNOME

If you receive a notification about your disk being busy, determine the programs that are accessing the disk. Then, you can end the programs that are running. You can also use the System Monitor application to kill the programs forcefully.

Prerequisites

  • The iotop utility is installed: 

    # yum install iotop

Procedure

  1. Examine the list of open files.

    • Run the lsof command to get the list of open files.
    • If lsof is not available, run the ps ax command.
    • You can use System Monitor to display the running processes in a GUI.

  2. When you have determined the programs, terminate them using any of the following methods:

    • On the command line, execute the kill command.
    • In System Monitor, right-click the line with the program process name, and click End or Kill from the context menu.

Additional resources

  • The kill man page.

Chapter 16. Managing bookmarks in GNOME

In GNOME, you can edit the bookmarks that are displayed in applications and dialogs that manage files.

16.1. Bookmarks in GNOME

Bookmarks integrate into GTK+ and in the GNOME desktop. Every application that presents a standard GTK+ Open and Save dialog (GtkFileChooser) lists bookmarks in the left panel of the dialog. Also, Files and its clones present bookmarks in a sidebar.

Besides bookmarks, GtkFileChooser lists all other available GVFS volumes and mounts in the sidebar.

While activating a bookmark for the first time, the GVFS subsystem looks for existing mounts and tries to mount the location if the mount does not exist yet. This way, you can authenticate even within the Open or Save dialog.

Bookmarks are located in the ~/.config/gtk-3.0/bookmarks file. In the following example, the bookmarked locations are ~/Music, ~/Pictures, ~/Videos, ~/Downloads, and ~/bin, so the content of the ~/.config/gtk-3.0/bookmarks file looks as follows: 

file:///home/username/Music
file:///home/username/Pictures
file:///home/username/Videos
file:///home/username/Downloads
file:///home/username/bin
Note

Replace username with the user name you are logged in.

You can use this file to edit bookmarks based on your requirements.

16.2. Adding a bookmark in Files

You can save a reference to a location by bookmarking it.

Procedure

  1. Select the folder or file you want to bookmark.

  2. Do one of the following:

    • Press Ctrl+D or
    • Drag and drop the file or folder to the sidebar.

16.3. Bookmarks for all GNOME users

System administrators can set a group of bookmarks for all users at once by allowing access to file shares for the users. GNOME stores a list of file-sharing servers in the ~/.config/gtk-3.0/servers file in the XBEL format. XML Bookmark Exchange Language (XBEL) is an XML standard that allows you share URIs (Uniform Resource Identifiers). It is possible to add the list of file-sharing servers to that file to make file-shares easily accessible to multiple users.

In GNOME, XBEL is used to share desktop bookmarks in applications like Files. Here is an example of creating a bookmark titled GNOME FTP with the URI ftp://ftp.gnome.org/ in the ~/.config/gtk-3.0/servers file. 

<?xml version="1.0" encoding="UTF-8"?>
<xbel version="1.0"
      xmlns:bookmark="http://www.freedesktop.org/standards/desktop-bookmarks"
      xmlns:mime="http://www.freedesktop.org/standards/shared-mime-info">
   <bookmark href="ftp://ftp.gnome.org/">
      <title>GNOME FTP</title>
   </bookmark>
</xbel>

Chapter 17. Customizing default favorite applications

You can customize frequently used applications as your favorite applications. You can see these favorite applications on the GNOME Shell dash in the Activities overview. You can use dconf to set the favorite applications for an individual user or for all users.

17.1. Setting different favorite applications for individual users

You can set the default favorite applications for individual users.

Procedure

  1. Open the Activities overview by clicking Activities at the top left of the screen.

  2. Add applications into your favorite list using any of the following methods:

    • Click the grid button to find the application you want, right-click the application icon, and select Add to Favorites.
    • Click-and-drag the icon into the dash.

  3. View all the applications that exists in the favorite list: 

    $ dconf read /org/gnome/shell/favorite-apps
Note

If you want to lock down the above settings to prevent users from changing them, see Chapter 19, Locking down selected tasks.

17.2. Setting the same favorite applications for all users

You can modify system database files using dconf keyfiles to set the same favorites for all users. The following steps edit the dconf profile and then create a keyfile to set default favorite applications for all users in the local configuration database.

Procedure

  1. Create the key file /etc/dconf/db/local.d/00-favorite-apps to provide information for the local database. /etc/dconf/db/local.d/00-favorite-apps contents: 

    # Snippet sets gedit, terminal and nautilus as default favorites for all users
[org/gnome/shell]
favorite-apps = ['gedit.desktop', 'gnome-terminal.desktop', 'nautilus.desktop']

  2. To prevent users from overriding these settings, create the file /etc/dconf/db/local.d/locks/favorite-apps with the following content: 

    # Lock default favorite applications
/org/gnome/shell/favorite-apps
  3. Run the dconf update command to incorporate your changes into the system databases.
  4. Logout and login again for system-wide changes to take effect.

Chapter 18. Authenticating the user in the desktop environment

You can perform the following operations:

  • Configure enterprise login options in GNOME,
  • Enable smart card authentication, and
  • Enable fingerprint authentication.

18.1. Using enterprise credentials to authenticate in GNOME

You can use your enterprise domain credentials to access your system. This section explains how to log in using enterprise credentials in GNOME, configure enterprise credentials at the GNOME welcome screen, and add an authenticated user with enterprise credentials in GNOME.

18.1.1. Logging in with Enterprise Credentials in GNOME

You can use your domain credentials to login to GNOME if your network has an Active Directory or Identity Management domain available, and you have a domain account.

Prerequisites

Procedure

  • While logging in, enter the domain user name followed by an @ sign, and then your domain name.

    For example, if your domain name is example.com and the user name is User, enter: 

    User@example.com
    Note

    If the machine is already configured for domain accounts, you should see a helpful hint describing the login format.

18.1.2. Configuring enterprise credentials at the GNOME welcome screen

Perform the following steps to configure workstation for enterprise credentials using the welcome screen that belongs to the GNOME Initial Setup program.

The initial setup runs only when you create a new user and log into that account for the first time.

Procedure

  1. At the login welcome screen, choose Use Enterprise Login.
  2. Enter your domain name into the Domain field.
  3. Enter your domain account user name and password.
  4. Click Next.
  5. Depending on the domain configuration, a pop up prompts for the domain administrator’s credentials.

18.1.3. Adding an authenticated user with enterprise credentials in GNOME

This procedure helps to create a new user through the GNOME Settings application. The user is authenticated using enterprise credentials.

Prerequisites

Procedure

  1. Open the Settings window clicking icons in the top right corner of the screen.
  2. From the list of items, select Details > Users.
  3. Click Unlock and enter the administrator’s password.
  4. Click Add user…​
  5. Click Enterprise Login.
  6. Fill out the Domain, Username, and Password fields for your enterprise account.
  7. Click Add.
  8. Depending on the domain configuration, a pop up prompts for the domain administrator’s credentials.

18.1.4. Troubleshooting enterprise login in GNOME

You can use the realm utility and its various sub-commands to troubleshoot the enterprise login configuration.

Procedure

  • To see whether the machine is configured for enterprise logins, run the following command: 

    $ realm list
Note

Network administrators can configure and pre-join workstations to the relevant domains using the kickstart realm join command, or running realm join in an automated fashion from a script.

Additional resources

  • The realm man page.

18.2. Enabling smart card authentication

You can enable workstations to authenticate using smart cards. In order to do so, you must configure GDM to allow prompting for smart cards and configure operating system to log in using a smart card.

You can use two ways to configure the GDM to allow prompting for smart card authentication with GUI or using the command line.

18.2.1. Configuring smart card authentication in GDM using the GUI

You can enable smart card authentication using dconf editor GUI. The dconf Editor application helps to update the configuration-related values on a dconf database.

Prerequisites

  • Install the dconf-editor package: 

    # yum install dconf-editor

Procedure

  1. Open the dconf-Editor application and navigate to /org/gnome/login-screen.
  2. Turn on the enable-password-authentication option.
  3. Turn on the enable-smartcard-authentication option.

Additional resources

  • The dconf-editor man page.
  • The dconf man page.

18.2.2. Configuring smart card authentication in GDM using the command line

You can use the dconf command-line utility to enable the GDM login screen to recognize smart card authentication.

Procedure

  1. Create a keyfile for the GDM database in /etc/dconf/db/gdm.d/login-screen, which contains the following content: 

    [org/gnome/login-screen]
enable-password-authentication='false'
enable-smartcard-authentication='true'

  2. Update the system dconf databases: 

    # dconf update

Additional resources

  • The dconf man page.

18.2.3. Enabling the smart card authentication method in the system

For smart card authentication you can use the system-config-authentication tool to configure the system to allow you to use smart cards. Thus, you can avail GDM as a valid authentication method for the graphical environment. The tool is provided by the authconfig-gtk package.

Prerequisites

  • Install authconfig-gtk package
  • Configure GDM for smart card authentication

Additional resources

18.3. Fingerprint authentication

You can use the system-config-authentication tool to enable fingerprint authentication to allow users to login using their enrolled fingerprints. The tool is provided by the authconfig-gtk package.

Additional resources

Chapter 19. Locking down selected tasks

This section describes how to lock down for users the following tasks:

  • Printing
  • File saving on disk
  • Repartitioning
  • User logout and user switching

19.1. Locking down printing

You can disable the print dialog from being shown to users. This can be useful if you are giving temporary access to a user or you do not want the user to print to network printers.

Important

The feature only works in applications which support it. Not all GNOME and third party applications have this feature enabled. The changes do not have effect on applications which do not support this feature.

To prevent applications from printing, lock down the org.gnome.desktop.lockdown.disable-printing key:

Procedure

  1. Create the user profile in /etc/dconf/profile/user unless it already exists: 

    user-db:user
system-db:local

  2. Create a local database for machine-wide settings in the etc/dconf/db/local.d/00-lockdown file: 

    [org/gnome/desktop/lockdown]

# Prevent applications from printing
disable-printing=true

  3. Override the user’s setting and prevent the user from changing it in the /etc/dconf/db/local.d/locks/lockdown file: 

    # List the keys used to configure lockdown
/org/gnome/desktop/lockdown/disable-printing

  4. Update the system databases: 

    # dconf update

Having followed these steps, applications supporting this lockdown key, such as Evolution, Evince, or Gedit, will disable printing.

19.2. Locking file saving on disk

You can disable the Save and Save As dialogs. This can be useful if you are giving temporary access to a user or you do not want the user to save files to the computer.

Important

The feature only works in applications which support it. Not all GNOME and third party applications have this feature enabled. The changes will have no effect on applications which do not support this feature.

To prevent applications from file saving, lock down the org.gnome.desktop.lockdown.disable-save-to-disk key:

Procedure

  1. Create the user profile in /etc/dconf/profile/user unless it already exists: 

    user-db:user
system-db:local

  2. Create a local database for machine-wide settings in the /etc/dconf/db/local.d/00-lockdown file: 

    [org/gnome/desktop/lockdown]

# Prevent the user from saving files on disk
disable-save-to-disk=true

  3. Override the user’s setting and prevent the user from changing it in the /etc/dconf/db/local.d/locks/lockdown file: 

    # Lock this key to disable saving files on disk
/org/gnome/desktop/lockdown/disable-save-to-disk

  4. Update the system databases: 

    # dconf update

Having followed these steps, applications supporting this lockdown key, for example Videos, Image Viewer, Evolution, Document Viewer, or GNOME Shell, will disable their Save As dialogs.

19.3. Locking repartitioning

polkit enables you to set permissions for individual operations. For udisks2, the utility for disk management services, the configuration is located at /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy. This file contains a set of actions and default values, which can be overridden by system administrator.

Important

polkit configuration stored in /etc overrides the configuration shipped by packages in /usr/share/.

Procedure

  1. Create a file with the same content as in /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy: 

    cp /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy /etc/share/polkit-1/actions/org.freedesktop.udisks2.policy

    Do not change the /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy file, your changes will be overwritten by the next package update.

  2. Delete the action you do not need, and add the following lines to the /etc/polkit-1/actions/org.freedesktop.udisks2.policy file: 

    <action id="org.freedesktop.udisks2.modify-device">
  <message>Authentication is required to modify the disks settings</message>
     <defaults>
        <allow_any>no</allow_any>
        <allow_inactive>no</allow_inactive>
        <allow_active>yes</allow_active>
      </defaults>
 </action>

    Replace no by auth_admin if you want to ensure only the root user is able to perform the action.

  3. Save the changes.

When the user tries to change the disks settings, the following message is returned: 

Authentication is required to modify the disks settings.

19.4. Locking down user logout and user switching

To prevent the user from logging out, use the following procedure.

Procedure

  1. Create the /etc/dconf/profile/user profile, which contains the following lines: 

    user-db:user
system-db:local

    where local is the name of a dconf database

  2. Create the /etc/dconf/db/local.d/ directory if it does not already exist.

  3. Create the /etc/dconf/db/local.d/00-logout key file to provide information for the local database: 

    [org/gnome/desktop/lockdown]
# Prevent the user from user switching
disable-log-out=true

  4. Override the user’s setting, and prevent the user from changing it in the /etc/dconf/db/local.d/locks/lockdown file: 

    # Lock this key to disable user logout
/org/gnome/desktop/lockdown/disable-log-out

  5. Update the system databases: 

    # dconf update
  6. Users must log out and back in again before the system-wide settings take effect.
Important

Users can evade the logout lockdown by switching to a different user. To prevent such scenario, lock down user switching as well.

To lock down user switching, use the following procedure:

Procedure

  1. Create the /etc/dconf/profile/user profile, which contains the following lines: 

    user-db:user
system-db:local

    where local is the name of a dconf database

  2. Create the /etc/dconf/db/local.d/ directory if it does not already exist.

  3. Create the /etc/dconf/db/local.d/00-user-switching key file to provide information for the local database: 

    # Prevent the user from user switching
[org/gnome/desktop/lockdown]
disable-user-switching=true

[org/gnome/desktop/screensaver]
user-switch-enabled=false

  4. Override the user’s setting, and prevent the user from changing it in the /etc/dconf/db/local.d/locks/lockdown file: 

    # Lock this key to disable user switching
/org/gnome/desktop/lockdown/disable-user-switching
/org/gnome/desktop/screensaver/user-switch-enabled

  5. Update the system databases: 

    # dconf update
  6. Users must log out and back in again before the system-wide settings take effect.

Chapter 20. Restricting the session to a single application

You can start the GNOME session in single-application mode, also known as kiosk mode. In this session, GNOME displays only a full-screen window of the application that you have selected.

20.1. Single-application mode

Single-application mode is a modified GNOME session that reconfigures the Mutter window manager into an interactive kiosk. This session locks down certain behavior to make the standard desktop more restrictive. The user can interact only with a single application selected by the administrator.

You can set up single-application mode in a number of fields, from communication to entertainment or education, and use it as a self-serve machine, an event manager, a registration point, and so on.

The single-application mode configuration is available from the gnome-session-kiosk-session package.

20.2. Enabling single-application mode

This procedure installs and enables single-application mode, which restricts the GNOME session to a single application.

Procedure

  1. Install the gnome-session-kiosk-session package: 

    # yum install gnome-session-kiosk-session

  2. As the user that will open the single-application session, create the /home/user/.local/bin/redhat-kiosk file: 

    [user]$ mkdir -p ~/.local/bin

[user]$ touch ~/.local/bin/redhat-kiosk

  3. Edit the /home/user/.local/bin/redhat-kiosk file and enter the executable name of the application that you want to launch in single-application mode.

    For example, to launch the Firefox browser in single-application mode, enter the following content: 

    #!/bin/sh

while true; do
    firefox --kiosk https://example.org
done

    The while true loop ensures that the application restarts if it terminates for any reason.

  4. Make the file executable: 

    [user]$ chmod +x ~/.local/bin/redhat-kiosk

  5. If you created the file or its containing directories as a different user than the single-application user, such as root, ensure that the file has the correct permissions: 

    # chown -R user:group ~user/.local
  6. At the GNOME login screen, select the Kiosk session from the cogwheel button menu and log in as the single-application user.

Chapter 21. Managing user sessions

21.1. What GDM is

The GNOME Display Manager (GDM) is a graphical login program running in the background that runs and manages the X.Org display servers for both local and remote logins.

GDM is a replacement for XDM, the X Display Manager. However, GDM is not derived from XDM and does not contain any original XDM code. In addition, there is no support for a graphical configuration tool in GDM, so editing the /etc/gdm/custom.conf configuration file is necessary to change the GDM settings.

21.2. Restarting GDM

When you make changes to the system configuration such as setting up the login screen banner message, login screen logo, or login screen background, restart GDM for your changes to take effect.

Warning

Restarting the service forcibly interrupts any currently running GNOME session of any desktop user who is logged in. This can result in users losing unsaved data.

Procedure

  • To restart the GDM service, run the following command: 

    # systemctl restart gdm.service

Procedure

  • To display results of the GDM configuration, run the following command: 

    $ DCONF_PROFILE=gdm gsettings list-recursively org.gnome.login-screen

21.3. Adding an autostart application for all users

You can set application to start automatically when any user logs into the GNOME environment.

Procedure

  1. Create a .desktop file in the /etc/xdg/autostart/ directory, such as /etc/xdg/autostart/nautilus.desktop. Enter the following content in the file: 

    [Desktop Entry]
Type=Application
Name=Files
Exec=/usr/bin/nautilus -n
OnlyShowIn=GNOME;
X-GNOME-Autostart-enabled=true
    • Replace Files with the name of the application.
    • Replace /usr/bin/nautilus -n with the command that starts the application. Use the full file path.

  2. Optionally, configure the application to start only when a selected GSettings key is enabled. GNOME then runs the application automatically if the key’s value is true. If the key’s value changes in the running session, GNOME starts or stops the application to match the new value.

    Add the following line in the .desktop file: 

    AutostartCondition=GSettings org.gnome.desktop.background show-desktop-icons
    • Replace org.gnome.desktop.background show-desktop-icons with the GSettings schema and key that the automatic start depends on.

Additional resources

  • You can also configure an autostart application for a specific user. Use the Tweaks application, which is available from the gnome-tweaks package.

21.4. Configuring automatic login

As an administrator, you can enable automatic login from the Users panel in GNOME Settings, or you can set up automatic login manually in the GDM custom configuration file, as follows.

Run the following procedure to set up automatic login for a user john.

Procedure

  • Edit the /etc/gdm/custom.conf file, and make sure that the [daemon] section in the file specifies the following: 

    [daemon]
AutomaticLoginEnable=True
AutomaticLogin=john

    Replace john with the user that you want to be automatically logged in.

21.5. Configuring automatic logout

User sessions that have been idle for a specific period of time can be ended automatically. You can set different behavior based on whether the machine is running from a battery or from mains power by setting the corresponding GSettings key, then locking it.

Warning

Users can potentially lose unsaved data if an idle session is automatically ended.

To set automatic logout for a mains powered machine:

Procedure

  1. Create a local database for machine-wide settings in the /etc/dconf/db/local.d/00-autologout file: 

    [org/gnome/settings-daemon/plugins/power]
# Set the timeout to 900 seconds when on mains power
sleep-inactive-ac-timeout=900
# Set action after timeout to be logout when on mains power
sleep-inactive-ac-type='logout'

  2. Override the user’s setting, and prevent the user from changing it in the /etc/dconf/db/local.d/locks/autologout file: 

    # Lock automatic logout settings
/org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-timeout
/org/gnome/settings-daemon/plugins/power/sleep-inactive-ac-type

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

The following GSettings keys are of interest:

  • org.gnome.settings-daemon.plugins.power.sleep-inactive-ac-timeout

    The number of seconds that the computer needs to be inactive before it goes to sleep if it is running from AC power.

  • org.gnome.settings-daemon.plugins.power.sleep-inactive-ac-type

    What should happen when the timeout has passed if the computer is running from AC power.

  • org.gnome.settings-daemon.plugins.power.sleep-inactive-battery-timeout

    The number of seconds that the computer needs to be inactive before it goes to sleep if it is running from power.

  • org.gnome.settings-daemon.plugins.power.sleep-inactive-battery-type

    What should happen when the timeout has passed if the computer is running from battery power.

If you want to list available values for a key, use the following procedure:

Procedure

  • Run the gsettings range command on the required key. For example: 
$ gsettings range org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type
enum
'blank'
'suspend'
'shutdown'
'hibernate'
'interactive'
'nothing'
'logout'

21.6. Setting a default desktop session for all users

You can configure a default desktop session that is preselected for all users that have not logged in yet.

If a user logs in using a different session than the default, their selection persists to their next login.

Procedure

  1. Copy the configuration file template: 

    # cp /usr/share/accountsservice/user-templates/standard \
     /etc/accountsservice/user-templates/standard
  2. Edit the new /etc/accountsservice/user-templates/standard file. On the Session=gnome line, replace gnome with the session that you want to set as the default.

  3. Optional: To configure an exception to the default session for a certain user, follow these steps:

    1. Copy the template file to /var/lib/AccountsService/users/user-name: 

      # cp /usr/share/accountsservice/user-templates/standard \
     /var/lib/AccountsService/users/user-name
    2. In the new file, replace variables such as ${USER} and ${ID} with the user values.
    3. Edit the Session value.

21.7. Setting screen brightness and idle time

This section describes how to:

  • Configure the drop in the brightness level
  • Set brightness level
  • Set idle time

Configuring the drop in the brightness level

To set the drop in the brightness level when the device has been idle for some time:

Procedure

  1. Create a local database for machine-wide settings in the /etc/dconf/db/local.d/00-power file including these lines: 

    [org/gnome/settings-daemon/plugins/power]
idle-dim=true

  2. Update the system databases: 

    # dconf update
  3. Users must log out and back in again before the system-wide settings take effect.

Setting brightness level

To set brightness level:

Procedure

  1. Create a local database for machine-wide settings in the /etc/dconf/db/local.d/00-power file, as in the following example: 

    [org/gnome/settings-daemon/plugins/power]
idle-brightness=30

    Replace 30 with the integer value you want to use.

  2. Update the system databases: 

    # dconf update
  3. Users must log out and back in again before the system-wide settings take effect.

Setting idle time

To set idle time after which the screen is blanked and the default screensaver is displayed:

Procedure

  1. Create a local database for machine-wide settings in /etc/dconf/db/local.d/00-session, as in the following example: 

    [org/gnome/desktop/session]
idle-delay=uint32 900

    Replace 900 with the integer value you want to use.

    You must include the uint32 along with the integer value as shown.

  2. Update the system databases: 

    # dconf update
  3. Users must log out and back in again before the system-wide settings take effect.

21.8. Locking the screen when the user is idle

To enable the screensaver and make the screen lock automatically when the user is idle, follow this procedure:

Procedure

  1. Create a local database for system-wide settings in the etc/dconf/db/local.d/00-screensaver file: 

    [org/gnome/desktop/session]
# Set the lock time out to 180 seconds before the session is considered idle
idle-delay=uint32 180
[org/gnome/desktop/screensaver]
# Set this to true to lock the screen when the screensaver activates
lock-enabled=true
# Set the lock timeout to 180 seconds after the screensaver has been activated
lock-delay=uint32 180

    You must include the uint32 along with the integer key values as shown.

  2. Override the user’s setting, and prevent the user from changing it in the /etc/dconf/db/local.d/locks/screensaver file: 

    # Lock desktop screensaver settings
/org/gnome/desktop/session/idle-delay
/org/gnome/desktop/screensaver/lock-enabled
/org/gnome/desktop/screensaver/lock-delay

  3. Update the system databases: 

    # dconf update
  4. Users must log out and back in again before the system-wide settings take effect.

21.9. Screencast recording

GNOME Shell features a built-in screencast recorder. The recorder allows users to record desktop or application activity during their session and distribute the recordings as high-resolution video files in the webm format.

To make a screencast:

Procedure

  1. To start the recording, press the Ctrl+Alt+Shift+R shortcut.

    When the recorder is capturing the screen activity, it displays a red circle in the top-right corner of the screen.

  2. To stop the recording, press the Ctrl+Alt+Shift+R shortcut.

    The red circle in the top-right corner of the screen disappears.

  3. Navigate to the ~/Videos directory where you can find the recorded video with a file name that starts with Screencast and includes the date and time of the recording.
Note

The built-in recorder always captures the entire screen, including all monitors in multi-monitor setups.

Chapter 22. Configuring the screen rotation

22.1. Configuring the screen rotation for a single user

This procedure sets screen rotation for the current user.

Procedure

  1. Go to the system menu, which is accessible from the top-right screen corner, and click the Settings icon.
  2. In the SettingsDevices section, choose Displays.
  3. Configure the rotation using the Orientation field.
  4. Confirm your choice by clicking Apply.
  5. If you are satisfied with the new setup preview, click on Keep changes.

The setting persists to your next login.

Additional resources

22.2. Configuring the screen rotation for all users

This procedure sets a default screen rotation for all users on a system and is suitable for mass deployment of homogenized display configuration.

Procedure

  1. Prepare the preferable setup for a single user as in Configuring the screen rotation for a single user.

  2. Copy the transform section of the ~/.config/monitors.xml configuration file, which configures the screen rotation. An example portrait orientation: 

    <?xml version="1.0" encoding="UTF-8"?>

<transform>
  <rotation>left</rotation>
  <flipped>no</flipped>
</transform>
  3. Paste the content in the /etc/xdg/monitors.xml file that stores system-wide configuration.
  4. Save the changes.

The new setup takes effect for all the users the next time they log in in the system.

Additional resources

Chapter 23. Configuring the desktop environment for accessibility

As a system administrator, you can configure the desktop environment to support users with a visual impairment.

To enable accessibility, perform the following procedures.

23.1. Components that provide accessibility features

Accessibility for users with a visual impairment is ensured by the Orca screen reader on the Red Hat Enterprise Linux 8 desktop. Orca is included in the default RHEL installation.

Orca reads information from the screen and communicates it to you using the following components:

Speech synthesizer
Provides a speech output. The default speech synthesizer on RHEL 8 is eSpeak-NG.
Braille display
Provides a tactile output. The BRLTTY service enables this functionality.

Additional resources

23.2. Configuring the brltty service

The Braille display is a device that uses the brltty service to provide tactile output for visually impaired users.

In order for the Braille display to work correctly, perform the following procedures.

23.2.1. Enabling the brltty service

To enable the Braille display, enable the brltty service to start automatically on boot. By default, brltty is disabled.

Prerequisites

  • Ensure that brltty and speech synthesis for brltty are installed: 

    # yum install brltty brltty-espeak-ng

Procedure

  • Enable the brltty service to start on boot: 

    # systemctl enable --now brltty

Verification steps

  1. Reboot the system.

  2. Check that the brltty service is running: 

    # systemctl status brltty
● brltty.service - Braille display driver for Linux/Unix
   Loaded: loaded (/usr/lib/systemd/system/brltty.service; enabled; vendor pres>
   Active: active (running) since Tue 2019-09-10 14:13:02 CEST; 39s ago
  Process: 905 ExecStart=/usr/bin/brltty (code=exited, status=0/SUCCESS)
 Main PID: 914 (brltty)
    Tasks: 3 (limit: 11360)
   Memory: 4.6M
   CGroup: /system.slice/brltty.service
           └─914 /usr/bin/brltty

23.2.2. Authorizing users of a Braille display device

To set the users who are authorized to use a Braille display device, you can choose one of the following methods, which have an equal effect:

Authorization using the /etc/brlapi.key file is suitable only for the file systems where users or groups can be assigned to a file.

Authorization using the /etc/brltty.conf file is suitable even for the file systems where users or groups cannot be assigned to a file.

23.2.2.1. Authorizing users of a Braille display device with brltty.conf

Procedure

  1. Open the /etc/brltty.conf file, and find the section called Application Programming Interface Parameters.

  2. Specify the users.

    • To specify one or more individual users, list the users on the following line: 

      api-parameters Auth=user:user_1, user_2, ...    # Allow some local user

    • To specify a user group, enter its name on the following line: 

      api-parameters Auth=group:group    # Allow some local group

23.2.2.2. Authorizing users of a Braille display device with brlapi.key

Authorization using the /etc/brlapi.key file is suitable only for the file systems where users or groups can be assigned to a file.

Prerequisites

  • Your system must use a file system where users or groups can be assigned to a file.

Procedure

  1. Create the /etc/brlapi.key file. 

    # mcookie > /etc/brlapi.key

  2. Change ownership of the /etc/brlapi.key to particular user or group.

    • To specify an individual user: 

      # chown user_1 /etc/brlapi.key

    • To specify a group: 

      # chown group_1 /etc/brlapi.key

  3. Adjust the content of /etc/brltty.conf by including the following line: 

    api-parameters Auth=keyfile:/etc/brlapi.key

23.2.3. Setting the driver for a Braille display device

The braille-driver directive in /etc/brltty.conf file specifies a two-letter driver identification code of the driver for the Braille display device.

Procedure

  • Decide whether you want to use the autodetection for finding the appropriate driver for your Braille display device.

    • To use autodetection, use the default option as follows: 

      braille-driver	auto	 # autodetect
      Warning

      Autodetection tries all drivers. Therefore, it might take a long time or even fail. For this reason, setting up a particular driver is recommended.

    • If you do not want to use the autodetection, specify the identification code of the required driver in the braille-driver directive.

      Choose the identification code of required driver from the list provided in /etc/brltty.conf, for example: 

      braille-driver	xw	 # XWindow

      You can also set multiple drivers, separated by commas, and autodetection is then performed among them.

23.2.4. Configuring a Braille display device

The braille-device directive in the /etc/brltty.conf file specifies the device to which the Braille display device is connected.

23.2.4.1. Supported types of Braille display device

This section describes which types of Braille display devices are supported.

Table 23.1. Braille display device types and the corresponding syntax

Braille device typeSyntax of the typeNote

Serial device

serial:path

Relative paths are at /dev.

USB device

[serial-number]

The brackets ([]) here indicate optionality.

Bluetooth device

bluetooth:address

 

Example 23.1. Settings for particular Braille display devices

# First serial device
braille-device	serial:ttyS0
# First USB device matching braille driver
braille-device	usb:
# Specific USB device by serial number
braille-device	usb:nnnnn
# Specific Bluetooth device by address
braille-device	bluetooth:xx:xx:xx:xx:xx:xx

You can also set multiple devices, separated by commas, and each of them will be probed in turn.

Important

If the device is connected by a serial-to-USB adapter, setting braille-device to usb: does not work. In this case, identify the virtual serial device that the kernel has created for the adapter. The virtual serial device can look like this: 

serial:ttyUSB0

You can find the actual device name in the kernel messages on the device plug with the following command: 

# dmesg | fgrep ttyUSB0

23.2.4.2. Setting specific parameters for Braille display devices

To set specific parameters for particular Braille display devices, use the braille-parameters directive in /etc/brltty.conf file. The braille-parameters directive passes non-generic parameters through to the braille driver. Choose the required parameters from the list in /etc/brltty.conf.

23.2.4.2.1. Setting the text table

The text-table directive in /etc/brltty.conf specifies which text table is used to encode the symbols. Relative paths to text tables are stored within the /etc/brltty/Text/ directory.

Procedure

  1. Decide whether you want to use the autoselection for finding the appropriate text table.

  2. If you want to use the autoselection, leave text-table specified to auto, which is the default option. 

    text-table	auto	 # locale-based autoselection

    This ensures that local-based autoselection with fallback to en-nabcc is performed.

    For example, to use the text table for American English: 

    text-table	en_US	 # English (United States)
23.2.4.2.2. Setting the contraction table

The contraction-table directive in the /etc/brltty.conf file specifies which table is used to encode the abbreviations. Relative paths to particular contraction tables are stored within the /etc/brltty/Contraction/ directory.

Procedure

  • Choose the required contraction-table from the list in /etc/brltty.conf.

    For example, to use the contraction table for American English, grade 2: 

    contraction-table	en-us-g2	 # English (US, grade 2)
Warning

If not specified, no contraction table is used.

23.3. Switching on Always Show Universal Access Menu

To activate the Orca screen reader, enable the Always Show Universal Access Menu option as described in the following procedure.

Procedure

  1. Open the Gnome Settings menu.
  2. Select Universal Access.

  3. Enable the Always Show Universal Access Menu item.

    Enabling the Always Show Universal Access Menu option in GNOME Settings

    always show univ acces menu new

Verification steps

  • Check that the Universal Access Menu icon is displayed on the top bar even when all options from this menu are switched off.

    universal access menu

Alternatively, you can enable the Orca screen reader by pressing the Super+Alt+S keyboard shortcut. As a result, the Universal Access Menu icon is displayed on the top bar.

Warning

If you activate Orca by pressing the keyboard shortcut, the icon disappears in case that the user disables all of the provided options from the Universal Access Menu. The missing icon might cause difficulties to users with a visual impairment.

You can prevent the inaccessibility of the icon by switching on the Always Show Universal Access Menu option as described in the above procedure. When the Always Show Universal Access Menu option is enabled, the icon is displayed on the top bar even when all options from this menu are disabled.

Chapter 24. Tablets

To manage Wacom tablets connected to your system, use the following tools:

  • The gnome-settings-daemon service

  • The Wacom Tablet settings panel in the GNOME environment

    The Wacom Tablet settings panel for a tablet

    Wacon tablet settings

    The Wacom Tablet settings panel for a grip pen

    Wacom tablet grip pen

Both these tools, as well as the libinput stack, use the libwacom tablet client library, which stores the data about Wacom tablets.

If you want to add support for a new tablet into the libwacom library, you must ensure that a definition file for this new tablet exists.

24.1. Preparing a tablet definition file

The libwacom tablet client library needs a definition file for the tablet that you want to add.

To ensure that the tablet definition file exists, follow this procedure.

Prerequisites

  • List all local devices recognized by libwacom: 

    $ libwacom-list-local-devices

    Make sure that your device is recognized in the output.

    If your device is not listed, the device is missing from the libwacom database. However, the device might still be visible as an event device in the kernel under /proc/bus/input/devices, and if you use the X.Org display server, in the X11 session on the xinput list.

Procedure

  1. Install the package that provides tablet definition files: 

    # yum install libwacom-data

    The package installs tablet definitions in the /usr/share/libwacom/ directory.

  2. Check whether the definition file is available in the /usr/share/libwacom/ directory.

    To use the screen mapping correctly, support for your tablet must be included in the libwacom database and in the udev rules file.

    Important

    A common indicator that a device is not supported by libwacom is that it works normally in a GNOME session, but the device is not correctly mapped to the screen.

  3. If the definition file for your device is not available in /usr/share/libwacom/, you have these options:

    • The required definition file may already be available in the linuxwacom/libwacom upstream repository. You can try to find the definition file there. If you find your tablet model in the list, copy the file to the local machine.

    • You can create a new tablet definition file. Use the data/wacom.example file below, and edit particular lines based on the characteristics of your device.

      Example 24.1. Example model file description for a tablet

      [Device]

# The product is the product name announced by the kernel
Product=Intuos 4 WL 6x9

# Vendor name of this tablet
Vendor=Wacom

# DeviceMatch includes the bus (usb, serial), the vendor ID and the actual
# product ID
DeviceMatch=usb:056a:00bc

# Class of the tablet. Valid classes include Intuos3, Intuos4, Graphire, Bamboo, Cintiq
Class=Intuos4

# Exact model of the tablet, not including the size.
Model=Intuos 4 Wireless

# Width in inches, as advertised by the manufacturer
Width=9

# Height in inches, as advertised by the manufacturer
Height=6

# Optional features that this tablet supports
# Some features are dependent on the actual tool used, e.g. not all styli
# have an eraser and some styli have additional custom axes (e.g. the
# airbrush pen). These features describe those available on the tablet.
#
# Features not set in a file default to false/0

[Features]
# This tablet supports styli (and erasers, if present on the actual stylus)
Stylus=true

# This tablet supports touch.
Touch=false

# This tablet has a touch ring (Intuos4 and Cintiq 24HD)
Ring=true
# This tablet has a second touch ring (Cintiq 24HD)
Ring2=false

# This tablet has a vertical/horizontal scroll strip
VStrip=false
HStrip=false

# Number of buttons on the tablet
Buttons=9

# This tablet is built-in (most serial tablets, Cintiqs)
BuiltIn=false

24.2. Adding support for a new tablet

To add support for a new tablet into the libwacom tablet information client library, follow this procedure.

Prerequisites

Procedure

  1. Add and install the definition file with the .tablet suffix: 

    # cp the-new-file.tablet /usr/share/libwacom/

    Once installed, the tablet is part of the libwacom database. The tablet is then available through libwacom-list-local-devices.

  2. Create a new /etc/udev/rules/99-libwacom-override.rules file with the following content so that your settings are not overwritten: 

    ACTION!="add|change", GOTO="libwacom_end"
KERNEL!="event[0-9]*", GOTO="libwacom_end"

[new tablet match entries go here]

LABEL="libwacom_end"
  3. Reboot your system.

24.3. Where is the Wacom tablet configuration stored

Configuration for your Wacom tablet is stored in GSettings in the /org/gnome/settings-daemon/peripherals/wacom/machine-id-device-id key, where machine-id is a D-Bus machine ID, and device-id is a tablet device ID.

The configuration schema for the tablet is org.gnome.settings-daemon.peripherals.wacom.

Stylus configuration is stored in the /org/gnome/settings-daemon/peripherals/wacom/device-id/tool-id key, where tool-id is the identifier for the stylus used for professional ranges. For the consumer ranges with no support for tool-id, a generic identifier is used instead.

The configuration schema for the stylus is org.gnome.settings-daemon.peripherals.wacom.stylus. The configuration schema for the eraser is org.gnome.settings-daemon.peripherals.wacom.eraser.

24.4. Listing available Wacom tablet configuration paths

To get the full list of tablet configuration paths used on a particular machine, use the gsd-list-wacom tool, which is provided by the gnome-settings-daemon package.

Prerequisites

  • Make sure that the gnome-settings-daemon package is installed on your system. 

    # yum install gnome-settings-daemon

Procedure

  • To get the full list of tablet configuration paths used on your machine, run the following command: 

    $ /usr/libexec/gsd-list-wacom
Important

Using machine-id, device-id, and tool-id in configuration paths allows for shared home directories with independent tablet configuration per machine. However, when sharing home directories between Machines, the Wacom settings apply only to one machine.

This is because the machine-id for your Wacom tablet is included in the configuration path of the /org/gnome/settings-daemon/peripherals/wacom/machine-id-device-id GSettings key, which stores your tablet settings.

Chapter 25. Installing applications using Flatpak

You can install certain applications using the Flatpak package manager. The following sections describe how to search for, install, launch, and update Flatpak applications on the command line and in the graphical interface.

Important

Red Hat provides Flatpak applications only as a Technology Preview feature. Technology Preview features are not supported with Red Hat production service level agreements (SLAs) and might not be functionally complete. Red Hat does not recommend using them in production. These features provide early access to upcoming product features, enabling customers to test functionality and provide feedback during the development process. For more information about the support scope of Red Hat Technology Preview features, see https://access.redhat.com/support/offerings/techpreview.

The Flatpak package manager itself is fully supported.

25.1. The Flatpak technology

Flatpak provides a sandbox environment for application building, deployment, distribution, and installation.

Applications that you launch using Flatpak have minimum access to the host system, which protects the system installation against third-party applications. Flatpak provides application stability regardless of the versions of libraries installed on the host system.

Flatpak applications are distributed from repositories called remotes. Red Hat provides a remote with RHEL applications. Additionally, third-party remotes are available as well. Red Hat does not support applications from third-party remotes.

25.2. Setting up Flatpak

This procedure installs the Flatpak package manager.

Procedure

  • Install the flatpak package: 

    # yum install flatpak

25.3. Enabling the Red Hat Flatpak remote

This procedure configures the Red Hat Container Catalog as a Flatpak remote on your system.

Prerequisites

  • You have an account on the Red Hat Customer Portal.

    Note

    For large-scale deployments where the users do not have Customer Portal accounts, Red Hat recommends using registry service accounts. For details, see Registry Service Accounts.

Procedure

  1. Enable the rhel Flatpak remote: 

    $ flatpak remote-add \
          --if-not-exists \
          rhel \
          https://flatpaks.redhat.io/rhel.flatpakrepo

  2. Log into the Red Hat Container Catalog: 

    $ podman login registry.redhat.io

Username: your-user-name
Password: your-password

    Provide the credentials to your Red Hat Customer Portal account or your registry service account tokens.

    By default, Podman saves the credentials only until you log out.

  3. Optional: Save your credentials permanently. Use one of the following options:

    • Save the credentials for the current user: 

      $ cp $XDG_RUNTIME_DIR/containers/auth.json \
     $HOME/.config/flatpak/oci-auth.json

    • Save the credentials system-wide: 

      # cp $XDG_RUNTIME_DIR/containers/auth.json \
     /etc/flatpak/oci-auth.json

      For best practices, Red Hat recommends that you log into the Red Hat Container Catalog using registry account tokens when installing credentials system-wide.

Verification

  • List the enabled Flatpak remotes: 

    $ flatpak remotes

Name    Options
rhel    system,oci,no-gpg-verify

25.4. Searching for Flatpak applications

This procedure searches for an application in the enabled Flatpak remotes on the command line. The search uses the application name and description.

Prerequisites

  • Flatpak is installed.
  • The Red Hat Flatpak repository is enabled.

Procedure

  • Search for an application by name: 

    $ flatpak search application-name

    For example, to search for the LibreOffice application, use: 

    $ flatpak search LibreOffice

    The search results include the ID of the application: 

    Application ID               Version  Branch  Remotes  Description

org.libreoffice.LibreOffice           stable  rhel     The LibreOffice productivity suite

25.5. Installing Flatpak applications

This procedure installs a selected application from the enabled Flatpak remotes on the command line.

Prerequisites

  • Flatpak is installed.
  • The Red Hat Flatpak remote is enabled.

Procedure

  • Install an application from the rhel remote: 

    $ flatpak install rhel application-id

    Replace application-id with the ID of the application. For example: 

    $ flatpak install rhel org.libreoffice.LibreOffice

25.6. Launching Flatpak applications

This procedure launches an installed Flatpak application from the command line.

Prerequisites

  • Flatpak is installed.
  • The selected Flatpak application is installed.

Procedure

  • Launch the application: 

    $ flatpak run application-id

    Replace application-id with the ID of the application. For example: 

    $ flatpak run org.libreoffice.LibreOffice

25.7. Updating Flatpak applications

This procedure updates one or more installed Flatpak applications to the most recent version in the corresponding Flatpak remote.

Prerequisites

  • Flatpak is installed.
  • A Flatpak remote is enabled.

Procedure

  • Update one or more Flatpak applications:

    • To update a specific Flatpak application, specify the application ID: 

      $ flatpak update application-id

    • To update all Flatpak applications, specify no application ID: 

      $ flatpak update

25.8. Installing Flatpak applications in the graphical interface

This procedure searches for Flatpak applications using the Software application.

Prerequisites

  • Flatpak is installed.
  • The Red Hat Flatpak remote is enabled.

Procedure

  1. Open the Software application.
  2. Make sure that the Explore tab is active.
  3. Click the search button in the upper-left corner of the window.
  4. In the input box, type the name of the application that you want to install, such as LibreOffice.

  5. Select the correct application in the search results.

    If the application is listed several times, select the version where the Source field in the Details section reports flatpaks.redhat.io.

  6. Click the Install button.
  7. If Software asks you to log in, enter your Customer Portal credentials or your registry service account tokens.
  8. Wait for the installation process to complete.
  9. Optional: Click the Launch button to launch the application.

25.9. Updating Flatpak applications in the graphical interface

This procedure updates one or more installed Flatpak applications using the Software application.

Prerequisites

  • Flatpak is installed.
  • A Flatpak remote is enabled.

Procedure

  1. Open the Software application.
  2. Select the Updates tab.
  3. In the Application Updates section, you can find all available updates to Flatpak applications.

  4. Update one or more applications:

    • To apply all available updates, click the Update All button.
    • To update only a specific application, click the Update button next to the application item.

  5. Optional: Enable automatic application updates.

    1. Click the menu button in the upper-right corner of the window.
    2. Select Update Preferences.

    3. Enable Automatic Updates.

      Flatpak applications now update automatically.

Legal Notice

Copyright © 2022 Red Hat, Inc.
The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, the Red Hat logo, JBoss, OpenShift, Fedora, the Infinity logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.