Red Hat Enterprise Linux 8 is shipped with the default desktop environment GNOME 3.

GNOME 3 represents a presentation layer that provides a graphical user interface as well as the focused working environment, which enables you to access all your work from one place.

GNOME 3 provides two user environments:

Both environments can use two different protocols as their graphical back ends:

The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.

This section describes various approaches that you can use to launch available applications in GNOME 3.

You can enable the desktop icons functionality and move files to the desktop.

The GNOME environment provides the hot corner functionality, which is enabled by default. This means that when you move the cursor to the area of the top left corner and press the cursor in this area, the Activities Overview menu opens automatically.

However, you may want to disable this feature to not open Activities Overview unintentionally.

To do so, you can use the following tools:

The selection of the tool might depend on whether you want to disable the hot corner functionality for a single user or for all users on the system. By using dconf Editor or gsettings, you can disable hot corner only for a single user. To disable hot corner system-wide, use the No topleft hot corner extension.

You can configure sound volume and other sound options in GNOME.

GNOME Shell provides multiple tools to handle graphics and photography.

You can check the available tools under the Graphics & Photography menu in GNOME Software:

The available tools include:

In GNOME, you can set up printing using the GNOME Control Center GUI.

1.8.1. Starting GNOME control center for setting up printing

Procedure

1. Use one of the approaches described in Section 1.3, “Launching applications in GNOME” to start the GNOME Control Center GUI.

   Moreover, you can also start the GNOME Control center from the system menu in the top right corner by clicking on the "Settings" icon.

   
2. When the GNOME Control center GUI appears, go to:

Devices → Printers

Figure 1.1. GNOME Control center configuration tool

1.8.2. Adding a new printer in GNOME Control Center

This section describes how to add a new printer using the GNOME Control Center GUI.

Prerequisites

To be able to add a new printer using the GNOME Control Center GUI, you must click on Unlock, which appears on the right side of the top bar, and authenticate as one of the following users:

• Superuser
• Any user with the administrative access provided by sudo (users listed within /etc/sudoers)
• Any user belonging to the printadmin group in /etc/group

Procedure

1. Open the Add Printer dialog.

   

2. Select one of the available printers (including also network printers), or enter printer IP address or the hostname of a printer server.

   
   

1.8.3. Configuring a printer in GNOME Control Center

This section describes how to configure a new printer, and how to maintain a configuration of a printer using the GNOME Control Center GUI.

Displaying printer’s settings menu

Procedure

• Click the "settings" button on the right to display a settings menu for the selected printer:

  

Displaying and modifying printer’s details

Procedure

• Click Printer Details to display and modify selected printer’s settings:

  

With this menu you can:

• Search for Drivers

  GNOME Control Center communicates with PackageKit that searches for a suitable driver suitable in available repositories.

• Select from Database

  This option enables you to select a suitable driver from databases that have already been installed on the system.

• Install PPD File

  This option enables you to select from a list of available postscript printer description (PPD) files that can be used as a driver for your printer.

Setting the default printer

Procedure

• Click Use Printer by Default to set the selected printer as the default printer:

  

Removing a printer

Procedure

• Click Remove Printer to remove the selected printer:

  

Red Hat Enterprise Linux 8 includes the PipeWire media server, which ensures access to multimedia devices and media sharing between applications.

When running a remote desktop session on GNOME Shell on Wayland, PipeWire and the VNC server is used. The functionality of remote desktop session is provided by the gnome-remote-desktop and pipewire packages.

On X.Org, just VNC is needed to run a remote desktop session. This functionality on X.Org is provided by the vino package.

PipeWire is used also with teleconference tools such as BlueJeans when running on GNOME Shell on Wayland. In such case, the pipewire service is activated automatically when you start sharing your screen within the teleconference tool.

To check the status of the pipewire service, run:

~]$ systemctl --user status pipewire

You can customize the GNOME Shell environment for a particular user by using the Tweaks tool.

GNOME 3 provides two user environments:

Both environments can use two different protocols as their graphical back ends:

The default combination in RHEL 8 is GNOME Standard environment using GNOME Shell on Wayland as the display server. However, due to certain Wayland limitations, you might want to switch the graphics protocol stack to X11. You may also want to switch from GNOME Standard to GNOME Classic.

GNOME Standard user interface includes these major components:

GNOME Classic represents a mode for users who prefer a more traditional desktop experience that is similar to GNOME 2 environment used with Red Hat Enterprise Linux 6. It is based on GNOME 3 technologies, and at the same time it includes multiple features similar to GNOME 2.

GNOME Classic user interface consists of these major components:

In GNOME Classic, the overview of windows that are open is not available by default. You can see the list of all open windows in the taskbar at the bottom of the screen. However, you can enable the windows overview similar to what is by default available in GNOME Standard by changing the default settings of the GNOME Classic environment as described in Section 2.4, “Enabling window overview in GNOME Classic”.

In GNOME Classic, the overview of open windows is not available by default. This procedure enables the window overview for all users on the system.

In RHEL 8, you can choose between two protocols to build a graphical user interface:

New installations of RHEL 8 automatically select GNOME Shell on Wayland. However, you can switch to X.Org, or select the required combination of GNOME environment and display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.

Note that there are also a few environments where X.Org is preferred over GNOME Shell on Wayland, such as:

Legacy X11 applications that cannot be ported to Wayland automatically use Xwayland as a proxy between the X11 legacy clients and the Wayland compositor. Xwayland functions both as an X11 server and a Wayland client. The role of Xwayland is to translate the X11 protocol into the Wayland protocol and reversely, so that X11 legacy applications can work with the display server based on Wayland.

On GNOME Shell on Wayland, Xwayland is started automatically at startup, which ensures that most X11 legacy applications work as expected when using GNOME Shell on Wayland. However, the X11 and Wayland protocols are different, and hence some clients relying on X11-specific features may behave differently under Xwayland. For such specific clients, you can switch to the X.Org display server as described in Section 2.8, “Selecting GNOME environment and display protocol”.

GNOME Shell on Wayland uses libinput directly for all devices, and no switchable driver support is available. Under X.Org, libinput is implemented as the X.Org libinput driver, and driver support is outlined below.

Nvidia drivers

Proprietary Nvidia binary drivers are not supported with GNOME Shell on Wayland. To avoid any complications while using the Nvidia GPU, GNOME Shell automatically falls back to X.Org, which means that the login screen does not provide any option based on the Wayland protocol.

Remote desktop

With GNOME Shell on Wayland, VNC support is provided by the gnome-remote-desktop package. Remote access using VNC via gnome-remote-desktop currently requires an already logged in session, and only the primary monitor is accessible. Screen sharing with GNOME Shell on Wayland is possible using the PipeWire media server. For more details on the PipeWire media server, see PipeWire project.

For more advanced VNC usage, you need to switch to X.org, where traditional VNC tools are available. For more information, see Section 2.8, “Selecting GNOME environment and display protocol” .

X Display Manager

The X Display Manager Control Protocol (XDMCP) is not supported with GNOME Shell on Wayland.

Hence, it is not possible to use the X display manager to start a session on the X.Org display server from the same or another computer.

Additional limitations

The following additional limitations related to the Wayland protocol should be noted:

The default desktop environment for Red Hat Enterprise Linux 8 is GNOME Standard with GNOME Shell on Wayland as the display server. However, due to certain limitations of Wayland, you might want to switch the graphics protocol stack. You might also want to switch from GNOME Standard to GNOME Classic.

GNOME Software is a utility that enables you to install and update applications and GNOME Shell extensions through a graphical environment.

GNOME Software is based on the PackageKit technology, which serves as its back end. GNOME Software offers mainly the desktop applications, which are the applications that include the *.desktop file. The available applications are grouped into multiple categories according to their purpose.

This procedure installs a graphical application using the GNOME Software installer.

This procedure installs an application that can open a given file type.

This paragraph is the procedure module introduction: a short description of the procedure.

This procedure installs a graphical application that you find in the GNOME application search.

Follow the steps in this procedure to enroll your system with your Red Hat account.

Follow the steps in this procedure to register your system with an activation key. You can get the activation key from your organization administrator.

Follow the steps in this procedure to unregister your system. After unregistering, your system no longer receives software updates.

RHEL provides several options for remotely connecting to the desktop. Each option fits a different use case:

You can remotely connect to the desktop on a RHEL server using graphical GNOME applications. Only a single user can connect to the desktop on the server at a given time.

You can remotely connect to the desktop on a RHEL server and open multiple sessions as different users at the same time.

option1=value
option2

session=gnome
alwaysshared
securitytypes=vncauth,tlsvnc
desktop=sandbox
geometry=2000x1200

:number=user

:2=test
:3=vncuser

You can remotely launch a graphical application on a RHEL server and use it from the remote client.

To be able to configure the GNOME Desktop Environment, you need to understand these basic terms:

dconf has two different meanings.

Firstly, dconf is a key-based Binary Large Object (BLOB) database for storing GNOME configurations. dconf manages user settings such as GDM, application, and proxy settings, and serves as the back end for GSettings.

Secondly, dconf is a command-line utility which is used for reading and writing individual values or entire directories from and to a dconf database.

GSettings is a high-level API for application settings which serves as the front end for dconf.

gsettings is a command-line tool which is used to view and change user settings.

dconf allows system administrators and users several levels of control over GNOME configuration:

Viewing and editing of the GSettings values can be achieved with one of the following tools:

The dconf-editor application and gsettings utility have the following in common:

The dconf-editor provides a GUI for browsing the settings and their editing. It presents the hierarchy of settings in a tree-view and also displays additional information about each setting, including the description, type and default value.

The gsettings utility can be used to display and set dconf values. gsettings utility supports Bash completion for commands and settings. This tools also allows you to automate configuration in shell scripts. ⁠

Figure 6.1. dconf-editor showing org.gnome.destop.background GSettings keys

$ gsettings get org.gnome.desktop.background picture-uri

The dconf system stores configuration in several different databases. You can configure dconf profiles, which specify the databases that dconf uses.

user-db:user
system-db:local
system-db:site

Machine-wide default settings can be set by providing a default for a key in a dconf profile. These defaults can be overridden by the user.

When the user profile is created or changed, the user needs to log out and log in again before the changes will be applied.

By using the lockdown mode in dconf, you can prevent users from changing specific settings.

Without enforcing the system settings using a lockdown, any settings that users make take precedence over the system settings. User can thus override the system settings with their own.

For dconf to work correctly when using Network File System (NFS) home directories, the dconf keyfile back end must be used.

Note that dconf keyfile back end only works properly if the glib2-fam package is installed. Without this package, notifications on configuration changes made on remote machines are not displayed properly.

With Red Hat Enterprise Linux 8, glib2-fam is available in the BaseOs repository.

To set the dconf keyfile back end:

The dconf keyfile back end takes effect the next time that the user logs in. It polls the keyfile to determine whether updates have been made, so settings may not be updated immediately.

This section describes how to set GSettings keys properties for a single-logged user.

Each GSettings key can have only one value in a dconf database. Setting the same key to a different value at a different place of the dconf database overrides the previous value.

Values of some keys are of array type. For array type, you can specify the value of the key as a list of multiple elements separated by a comma.

To set a GSettings key of array type, follow this syntax:

key=['option1', 'option2']

The following example shows setting of the org.gnome.desktop.input-sources.xkb-options GSettings key whose value is of array type: ⁠

[org/gnome/desktop/input-sources]
# Enable Ctrl-Alt-Backspace for all users
# Set the Right Alt key as the Compose key and enable it
xkb-options=['terminate:ctrl_alt_bksp', 'compose:ralt']

This section focuses on using of the gsettings command to configure, manipulate and manage the GSettings keys. The most frequent use cases that can be resolved by using the gsettings command are shown.

gsettings set SCHEMA [:PATH] KEY

$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop', 'org.gnome.clocks.desktop']"

gsettings monitor SCHEMA [:PATH] [KEY]

$ gsettings monitor org.gnome.shell favorite-apps

$ gsettings set org.gnome.shell favorite-apps "['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']"

favorite-apps: ['firefox.desktop', 'evolution.desktop', 'rhythmbox.desktop', 'shotwell.desktop', 'org.gnome.Nautilus.desktop', 'org.gnome.Software.desktop', 'yelp.desktop', 'org.gnome.Terminal.desktop']

gsettings writable SCHEMA [:PATH] KEY

$ gsettings writable org.gnome.shell favorite-apps

gsettings range SCHEMA [:PATH] KEY

$ gsettings range org.gnome.shell remember-mount-password

gsettings describe SCHEMA [:PATH] KEY

$ gsettings describe org.gnome.desktop.screensaver picture-uri

URI to use for the background image. Note that the backend only supports local file:// URIs.

gsettings get SCHEMA [:PATH] KEY VALUE

$ gsettings get org.gnome.shell remember-mount-password

gsettings reset SCHEMA [:PATH] KEY

$ gsettings set org.gnome.desktop.screensaver lock-delay 200

$ gsettings reset org.gnome.desktop.screensaver lock-delay

gsettings reset-recursively SCHEMA [:PATH]

$ gsettings reset-recursively org.gnome.desktop.screensaver

gsettings list-schemas [--print-paths]

$ gsettings list-schemas

org.gnome.rhythmbox.library
org.gnome.shell.overrides
org.gnome.system.proxy.https
org.gnome.clocks
org.gnome.eog.fullscreen
org.gnome.login-screen
org.gnome.eog.view

gsettings list-keys SCHEMA [:PATH]

$ gsettings list-keys org.gnome.shell

enabled-extensions
command-history
remember-mount-password
always-show-log-out
had-bluetooth-devices-setup
looking-glass-history
disable-user-extensions
app-picker-view
disable-extension-version-validation
development-tools
favorite-apps

gsettings list-children SCHEMA [:PATH]

$ gsettings list-children org.gnome.shell

keyboard org.gnome.shell.keyboard
keybindings org.gnome.shell.keybindings

gsettings list-recursively [SCHEMA [:PATH]]

$ gsettings list-recursively

org.gnome.nautilus.desktop network-icon-visible false
org.gnome.nautilus.desktop font ''
org.gnome.nautilus.desktop network-icon-name 'Network Servers'
org.gnome.nautilus.desktop home-icon-name 'Home'
org.gnome.nautilus.desktop volumes-visible true
org.gnome.Vinagre always-enable-listening false
org.gnome.Vinagre always-show-tabs false
org.gnome.Vinagre show-accels false
org.gnome.Vinagre history-size 15
org.gnome.Vinagre shared-flag true

Certain portions of this text first appeared in the GNOME Desktop System Administration Guide. Copyright © 2014 The GNOME Project, Michael Hill, Jim Campbell, Jeremy Bicha, Ekaterina Gerasimova, minnie_eg, Aruna Sankaranarayanan, Sindhu S, Shobha Tyagi, Shaun McCance, David King, and others. Licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

The editors of this Red Hat Enterprise Linux 8 documentation would like to thank the GNOME community members for their valuable contributions to the GNOME Desktop System Administration Guide.

The GNOME desktop uses MIME types to:

MIME type names follow a given format:

media-type/subtype-identifier

For example, image/jpeg.

Here image is a media type and jpeg is the subtype identifier.

GNOME follows Multipurpose Internet Mail Extension (MIME) info specification from the Freedesktop.org to determine:

MIME database

The MIME database is a collection of all the MIME type specification files that GNOME uses to store information about known MIME types.

The most important part of the MIME database from the system administrator’s point of view is the /usr/share/mime/packages/ directory, where the MIME type-related files specifying information on known MIME types are stored. One example of such a file is /usr/share/mime/packages/freedesktop.org.xml, specifying information about the standard MIME types available on the system, by default. The shared-mime-info package provides this file.

You must create a new MIME type specification file in the /usr/share/mime/packages/ directory and a .desktop file in the /usr/share/applications/ directory to add a custom MIME type for all the users on the system and register a default application for that MIME type.

You must create a new MIME type specification file in the ~/.local/share/mime/packages/ directory and a .desktop file in the ~/.local/share/applications/ directory to add a custom MIME type for individual users and register a default application for that MIME type.

By default, the package-installed /usr/share/applications/mimeapps.list and /usr/share/applications/gnome-mimeapps.list files specify which application is registered to open specific MIME types.

System administrators can create the /etc/xdg/mimeapps.list or /etc/xdg/gnome-mimeapps.list file with a list of MIME types they want to override with the default registered application.

Local users can create the ~/.local/share/applications/mimeapps.list or ~/.local/share/applications/gnome-mimeapps.list file with a list of MIME types for which they want to override the default registered application.

Configurations are applied in the following order:

Within a particular location, the configurations are applied in the following order:

As a system administer, you can update the configuration based on the requirements. System administrator’s configuration takes precedence over default package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.

Individual users can also update the configuration based on the requirements. This configuration takes precedence over the system administrator’s configuration and the system administrator’s configuration takes precedence over the package configuration. Within each, the desktop-specific configuration takes precedence over the configuration that does not specify the desktop environment.

As a system administrator, you can configure the default desktop background, add extra backgrounds, or add multiple backgrounds using the dconf utility.

If the users of the system are not permitted to change background from the defaults, system administrator needs to lock the settings using the locks directory. Otherwise, each user can customize the background according to their preferences.

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd">
<wallpapers>
  <wallpaper deleted="false">
    <name>Company Background</name>
    <name xml:lang="de">Firmenhintergrund</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ffffff</pcolor>
    <scolor>#000000</scolor>
  </wallpaper>
</wallpapers>

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE wallpapers SYSTEM "gnome-wp-list.dtd">
<wallpapers>
  <wallpaper deleted="false">
    <name>Company Background</name>
    <name xml:lang="de">Firmenhintergrund</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ffffff</pcolor>
    <scolor>#000000</scolor>
  </wallpaper>
  <wallpaper deleted="false">
    <name>Company Background 2</name>
    <name xml:lang="de">Firmenhintergrund 2</name>
    <filename>/usr/local/share/backgrounds/company-wallpaper-2.jpg</filename>
    <options>zoom</options>
    <shade_type>solid</shade_type>
    <pcolor>#ff0000</pcolor>
    <scolor>#00ffff</scolor>
  </wallpaper>
</wallpapers>

GNOME Shell extensions allow for the customization of the default GNOME Shell interface and its parts, such as window management and application launching.

This section describes how to change the system language using the desktop GUI.

The Ctrl+Alt+Backspace shortcut key combination is used for terminating the X.Org display server.

You might want to terminate X.Org especially when:

To enable the Ctrl+Alt+Backspace shortcut to forcibly terminate X.Org by default for all users, you need to set the org.gnome.desktop.input-sources.xkb-options GSettings key.

If the Ctrl+Alt+Backspace key combination is enabled, all users can terminate X.Org , which brings them back to the login prompt.

To disable command-line access for a desktop user, you need to make configuration changes in a number of different contexts:

When closing the lid of your laptop, the computer by default suspends in order to save power. You can prevent the computer from suspending when closing the lid by changing the setting for that behavior.

For more information on the /etc/systemd/logind.conf file, see the logind.conf man page.

When the machine is booted to a graphical login screen or user session, hitting the power button makes the machine suspend by default. This happens both in cases when the user presses the power button physically or when pressing a virtual power button from a remote console. To achieve a different behavior when pressing the power button, set the function of this button with dconf.

For example, if you want the system to shutdown after pressing the power button, use the following procedure:

This configuration initiates a system shutdown after pressing the power button. To configure the system differently, you can set the behavior of particular buttons.

Options for particular buttons:

You can enable the Compose key either for an individual user or for all users.

This procedure shows how to use the Compose key.

This section shows some of the Compose key sequences.

The GVFS provides complete virtual file system infrastructure and handles storage in the GNOME desktop. It uses addresses for full identification based on the URI (Uniform Resource Identifier) standard, syntactically similar to URL addresses in web browsers. These addresses in the form of schema://user@server/path are the key information determining the kind of service.

The GVFS helps to mount the resources. These mounts are shared between multiple applications. Resources are tracked globally within the running desktop session, which means that even if you quit an application that triggered the mount, it continues to be available for any other application. Multiple applications can access the mount at the same time unless it is limited by a back end. Some protocols by design permit only a single channel.

GVFS mounts removable media in the /run/media/ directory.

You must form a URI string to use back end services. This string is a basic identifier used in GVFS, which carries all necessary information needed for unique identification, such as type of service, back end ID, absolute path, or user name if required. You can see this information in the Files address bar and GTK+ open or save file dialog.

The following example is a very basic form of the URI string and points to a root directory (/) of the FTP (File Transfer Protocol) server running at ftp.myserver.net domain:

Example: URI string pointing to the root FTP directory

ftp://ftp.myserver.net/

Example: URI string pointing to a text file

ssh://joe@ftp.myserver.net/home/joe/todo.txt

In virtual file systems, particular resources are set to be mounted automatically, but the most common way is to trigger mounts manually.

You can eject or unmount resources using the following procedure.

Applications built with the GIO library can access GVFS mounts. In addition, GVFS provides a FUSE daemon which exposes active GVFS mounts. Any application can access active GVFS mounts using the standard POSIX APIs as though mounts were regular file systems.

In certain applications, additional library dependency and new virtual file system (VFS) subsystem specifics might be unsuitable or too complicated. For such reasons and to boost compatibility, GVFS provides a File System in Userspace (FUSE) daemon, which exposes active mounts through its mount for standard Portable Operating System Interface (POSIX) access. This daemon transparently translates incoming requests to imitate a local file system for applications.

The FUSE daemon starts automatically with the gvfs master daemon and places its mount either in the /run/user/UID/gvfs/ or ~/.gvfs/ files as a fallback. Manual browsing shows individual directories for each GVFS mount. The system passes the transformed path as an argument when you are opening documents from GVFS locations with non-native applications. Note that native GIO applications automatically translate this path back to a native URI.

GIO provides several commands that might be useful for scripting or testing. Here is a set of POSIX commands counterparts as follows:

Following additional commands provide more control of GIO specifics:

All these commands are native GIO clients, there is no need for the fallback FUSE daemon to be running. Their purpose is not to be drop-in replacements for POSIX commands, in fact, a very little range of switches is supported. In their basic form, these commands take an URI string as an argument instead of a local path.

This all allows GNOME to be well-supported within xdg-tools, a freedesktop.org interoperability project. For example, the xdg-open utility calls gio open when a running GNOME session is detected, and reads the file type associations from the correct location.

The following are a few examples of the GIO commands usage:

The GVFS metadata storage is implemented as a set of key-and-value pairs that bind information to a particular file. Thus, there is a tool for a user or application to save small data designed for runtime information such as icon position, last-played location, position in a document, emblems, notes, and so on.

Whenever you move a file or directory, GVFS moves the metadata accordingly so that metadata stays connected to the respective file. The GVFS stores all metadata privately, so metadata is available only on the machine. However, GVFS tracks mounts and removable media as well.

To view and manipulate with metadata, you can use:

This procedure describes how to set a custom metadata attribute.

Notice the differences between particular gio info calls and data persistence after a move or rename (note the gio info command output):

A typical GVFS mount authenticates on its activation unless the resource allows anonymous authentication or does not require any authentication at all. In a standard GTK+ dialog, you can choose to store or not to store the password.

When you select the persistent storage, the password is stored in the user keyring. GNOME Keyring is a central place for secrets storage. The password is encrypted and automatically unlocked on desktop session start using the password provided on login. For protecting it by a different password, you can set the password at the first use.

The Passwords and Keys application helps to manage the stored password and GNOME Keyring. It allows removing individual records or changing passwords.

This procedure describes how you can access GVFS mounts using authentication.

Back ends in GVFS provide access to a specific type of resource. The following is a list of available GVFS back ends and their specifications:

Following are some common errors of volume management in GNOME and ways to resolve them.

# yum install iotop

Bookmarks integrate into GTK+ and in the GNOME desktop. Every application that presents a standard GTK+ Open and Save dialog (GtkFileChooser) lists bookmarks in the left panel of the dialog. Also, Files and its clones present bookmarks in a sidebar.

Besides bookmarks, GtkFileChooser lists all other available GVFS volumes and mounts in the sidebar.

While activating a bookmark for the first time, the GVFS subsystem looks for existing mounts and tries to mount the location if the mount does not exist yet. This way, you can authenticate even within the Open or Save dialog.

Bookmarks are located in the ~/.config/gtk-3.0/bookmarks file. In the following example, the bookmarked locations are ~/Music, ~/Pictures, ~/Videos, ~/Downloads, and ~/bin, so the content of the ~/.config/gtk-3.0/bookmarks file looks as follows:

file:///home/username/Music
file:///home/username/Pictures
file:///home/username/Videos
file:///home/username/Downloads
file:///home/username/bin

You can use this file to edit bookmarks based on your requirements.

You can save a reference to a location by bookmarking it.

System administrators can set a group of bookmarks for all users at once by allowing access to file shares for the users. GNOME stores a list of file-sharing servers in the ~/.config/gtk-3.0/servers file in the XBEL format. XML Bookmark Exchange Language (XBEL) is an XML standard that allows you share URIs (Uniform Resource Identifiers). It is possible to add the list of file-sharing servers to that file to make file-shares easily accessible to multiple users.

In GNOME, XBEL is used to share desktop bookmarks in applications like Files. Here is an example of creating a bookmark titled GNOME FTP with the URI ftp://ftp.gnome.org/ in the ~/.config/gtk-3.0/servers file.

<?xml version="1.0" encoding="UTF-8"?>
<xbel version="1.0"
      xmlns:bookmark="http://www.freedesktop.org/standards/desktop-bookmarks"
      xmlns:mime="http://www.freedesktop.org/standards/shared-mime-info">
   <bookmark href="ftp://ftp.gnome.org/">
      <title>GNOME FTP</title>
   </bookmark>
</xbel>

You can set the default favorite applications for individual users. You can add applications into your favorite list easily using any of the methods mentioned below.

Run the following command to view all the applications that exists in the favorite list:

dconf read /org/gnome/shell/favorite-apps

You can modify system database files using dconf keyfiles to set the same favorites for all users. The following steps edit the dconf profile and then create a keyfile to set default favorite applications for all users in the local configuration database.

You can use your enterprise domain credentials to access your system. This section explains how to log in using enterprise credentials in GNOME, configure enterprise credentials at the GNOME welcome screen, and add an authenticated user with enterprise credentials in GNOME.

You can enable workstations to authenticate using smart cards. In order to do so, you must configure GDM to allow prompting for smart cards and configure operating system to log in using a smart card.

You can use two ways to configure the GDM to allow prompting for smart card authentication with GUI or using the command line.

You can use the system-config-authentication tool to enable fingerprint authentication to allow users to login using their enrolled fingerprints. The tool is provided by the authconfig-gtk package.

You can disable the print dialog from being shown to users. This can be useful if you are giving temporary access to a user or you do not want the user to print to network printers.

To prevent applications from printing, lock down the org.gnome.desktop.lockdown.disable-printing key:

Having followed these steps, applications supporting this lockdown key, such as Evolution, Evince, or Gedit, will disable printing.

You can disable the Save and Save As dialogs. This can be useful if you are giving temporary access to a user or you do not want the user to save files to the computer.

To prevent applications from file saving, lock down the org.gnome.desktop.lockdown.disable-save-to-disk key:

Having followed these steps, applications supporting this lockdown key, for example Videos, Image Viewer, Evolution, Document Viewer, or GNOME Shell, will disable their Save As dialogs.

polkit enables you to set permissions for individual operations. For udisks2, the utility for disk management services, the configuration is located at /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy. This file contains a set of actions and default values, which can be overridden by system administrator.

When the user tries to change the disks settings, the following message is returned:

Authentication is required to modify the disks settings.

To prevent the user from logging out, use the following procedure.

To lock down user switching, use the following procedure:

The GNOME Display Manager (GDM) is a graphical login program running in the background that runs and manages the X.Org display servers for both local and remote logins.

GDM is a replacement for XDM, the X Display Manager. However, GDM is not derived from XDM and does not contain any original XDM code. In addition, there is no support for a graphical configuration tool in GDM, so editing the /etc/gdm/custom.conf configuration file is necessary to change the GDM settings.

When you make changes to the system configuration such as setting up the login screen banner message, login screen logo, or login screen background, restart GDM for your changes to take effect.

To start an application automatically when any user logs in, create a .desktop file for that application in the /etc/xdg/autostart/ directory.

As an administrator, you can enable automatic login from the Users panel in GNOME Settings, or you can set up automatic login manually in the GDM custom configuration file, as follows.

Run the following procedure to set up automatic login for a user john.

User sessions that have been idle for a specific period of time can be ended automatically. You can set different behavior based on whether the machine is running from a battery or from mains power by setting the corresponding GSettings key, then locking it.

To set automatic logout for a mains powered machine:

The following GSettings keys are of interest:

If you want to list available values for a key, use the following procedure:

$ gsettings range org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type
enum
'blank'
'suspend'
'shutdown'
'hibernate'
'interactive'
'nothing'
'logout'

This section describes how to:

Configuring the drop in the brightness level

To set the drop in the brightness level when the device has been idle for some time:

Setting brightness level

To set brightness level:

Setting idle time

To set idle time after which the screen is blanked and the default screensaver is displayed:

To enable the screensaver and make the screen lock automatically when the user is idle, follow this procedure:

GNOME Shell features a built-in screencast recorder. The recorder allows users to record desktop or application activity during their session and distribute the recordings as high-resolution video files in the webm format.

To make a screencast:

The Braille display is a device that uses the brltty service to provide tactile output for visually impaired users.

In order that a Braille display works correctly, system administrators must:

braille-device	serial:ttyS0	                # First serial device
braille-device	usb:	                        # First USB device matching braille driver
braille-device	usb:nnnnn	                # Specific USB device by serial number
braille-device	bluetooth:xx:xx:xx:xx:xx:xx	# Specific Bluetooth device by address

serial:ttyUSB0

# dmesg | fgrep ttyUSB0

To activate the Orca screen reader, switch on Always Show Universal Access Menu as described in the following procedure.

Alternatively, you can switch the Orca screen reader on by pressing the Super+Alt+S key combination. As a result, the Universal Access Menu icon is displayed on the top bar.

By default, Orca uses the eSpeak speech synthesizer, but it also supports the Festival speech synthesis system. Both eSpeak and Festival synthesize voice differently. Some users might prefer Festival to the default eSpeak synthesizer.

The libwacom tablet client library needs a definition file for the tablet that you want to add.

To ensure that the tablet definition file exists, follow this procedure.

To add support for a new tablet into the libwacom tablet information client library, follow this procedure.

Configuration for your Wacom tablet is stored in GSettings in the /org/gnome/settings-daemon/peripherals/wacom/machine-id-device-id key, where machine-id is a D-Bus machine ID, and device-id is a tablet device ID.

The configuration schema for the tablet is org.gnome.settings-daemon.peripherals.wacom.

Stylus configuration is stored in the /org/gnome/settings-daemon/peripherals/wacom/device-id/tool-id key, where tool-id is the identifier for the stylus used for professional ranges. For the consumer ranges with no support for tool-id, a generic identifier is used instead.

The configuration schema for the stylus is org.gnome.settings-daemon.peripherals.wacom.stylus. The configuration schema for the eraser is org.gnome.settings-daemon.peripherals.wacom.eraser.

To get the full list of tablet configuration paths used on a particular machine, use the gsd-list-wacom tool, which is provided by the gnome-settings-daemon package.

Flatpak provides sandbox environment for application building, deployment, distribution, and installation. Applications you run using Flatpak have minimum access to the host system, which protects the system installation against third-party applications. Flatpak provides application stability regardless of your Linux kernel architecture, name, version, or release. Flatpak allows you to install and run multiple versions of the same application simultaneously.

The details of the application packaged with Flatpak are stored in the flatpakref file that uses the .flatpakref extension. Each flatpakref file contains information enabling it to add the remote and install the application. You can access flatpakref files remotely in a remote repository, or you can download and manage them locally on your computer.

Flatpak can be used in combination with third party centralized repositories for applications packaged with Flatpak. Note that Red Hat supports Flatpak as a method of installing applications. Applications from third-party repositories are not supported by Red Hat.

The following section describes how to search for, install, launch, and update Flatpak applications in the graphical interface.

The following section describes how to search for, install, launch, and update Flatpak applications from the command-line.