LDP
/
LDP
mirror of https://github.com/tLDP/LDP
0
1
Fork 0
Code Releases Activity

updated

This commit is contained in:
gferg 2001-12-03 14:45:14 +00:00
parent 38b3412f75
commit 1525aa9c6b
2 changed files with 403 additions and 104 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

84
LDP/howto/linuxdoc/Chroot-BIND-HOWTO.sgml
View File

@ -6,7 +6,7 @@
<title>Chroot-BIND HOWTO
<author>Scott Wunsch, <tt>scott at wunsch.org</>
<date>v1.4, 1 July 2001
<date>v1.5, 1 December 2001
<abstract>
This document describes installing the BIND 9 nameserver to run in a chroot
jail and as a non-root user, to provide added security and minimise the
@ -87,12 +87,12 @@ url="http://www.linux.or.jp/JF/JFdocs/Chroot-BIND-HOWTO.html">.
BIND is available from <url url="http://www.isc.org/" name="the Internet
Software Consortium"> at <url url="http://www.isc.org/bind.html">. As of this
writing, the current version of BIND 9 is 9.1.2. BIND 9 has been out for some
time now, and many people are using it in production. Nevertheless, if you
are the conservative sort, you may prefer to remain with BIND 8. If this is
the case, please see my Chroot-BIND8 HOWTO (available from the same loation)
for details on chrooting it. Be warned that BIND 8 is much messier to chroot
though.
writing, the current version of BIND 9 is 9.2.0. BIND 9 has been out for some
time now, and many people are using it in production. Nevertheless, some more
conservative sorts still prefer to remain with BIND 8. If you are such a
person, please see my Chroot-BIND8 HOWTO (available from the same location)
for details on chrooting it, but be warned that BIND 8 is much messier to
chroot.
Keep in mind that there are <bf>known</> security holes in many earlier
versions of BIND, so make very sure that you're running the latest version!
@ -124,7 +124,9 @@ was the first way that I tried that worked, so I wrote it down.
My BIND experience to date has been installing on Linux servers. However, most
of the instructions in this document should be easily applicable to other
flavours of UNIX as well, and I shall try to point out differences of which I am
aware.
aware. I've also received suggestions from people using other distributions
and other platforms, and I've tried to incorporate their comments where
possible.
If you run Linux, you need to make sure that you're running a 2.4 kernel before
attempting this. The <tt>-u</> switch (to run as a non-root user) requires
@ -174,6 +176,15 @@ structure:
+-- run
</verb></tscreen>
If you use GNU <tt>mkdir</> (such as on a Linux system), you can create this
directory structure like this:
<tscreen><verb>
# mkdir -p /chroot/named
# cd /chroot/named
# mkdir -p dev etc/namedb/slave var/run
</verb></tscreen>
<sect1>Placing the BIND Data
<p>
@ -216,10 +227,20 @@ although not nearly as many as BIND 8 did.
One file that BIND will need inside its jail is good ol' <tt>/dev/null</>.
Note that the exact command necessary to create this device node may vary from
system to system; check your <tt>/dev/MAKEDEV</> script to be sure. Some
systems may also require <tt>/dev/zero</>, which can created similarly. For
most Linux systems, we can use the following command:
systems may also require <tt>/dev/zero</>, which can created similarly. It's
reported that the BIND 9.2.0 release candidates now require <tt>/dev/random</>
as well. For most Linux systems, we can use the following commands:
<tscreen><verb>
# mknod /chroot/named/dev/null c 1 3
# mknod /chroot/named/dev/random c 1 8
# chmod 666 /chroot/named/dev/{null,random}
</verb></tscreen>
For FreeBSD 4.3, this is:
<tscreen><verb>
# mknod /chroot/named/dev/null c 2 2
# mknod /chroot/named/dev/random c 2 3
# chmod 666 /chroot/named/dev/{null,random}
</verb></tscreen>
You also need another file in the <tt>/etc</> directory inside the jail. You
@ -261,6 +282,10 @@ to
daemon syslogd -m 0 -a /chroot/named/dev/log
</verb></tscreen>
Interestingly, as of Red Hat 7.2, Red Hat has apparently made this process
even easier. There is now a file called <tt>/etc/sysconfig/syslog</> in which
extra parameters for syslogd can be defined.
On Caldera OpenLinux systems, they use a daemon launcher called <tt>ssd</>,
which reads configuration from <tt>/etc/sysconfig/daemons/syslog</>. You
simply need to modify the options line to look like this:
@ -279,6 +304,14 @@ SYSLOGD_PARAMS="-a /chroot/named/dev/log"
</verb></tscreen>
should do the trick.
And, last but not least, for FreeBSD 4.3 you can apparently just edit the
<tt>rc.conf</> file and put in the following:
<tscreen><verb>
syslogd_flags="-s -l /chroot/named/dev/log"
</verb></tscreen>
The <tt>-s</> is for security reasons, and is part of the default settings.
The <tt>-l</> is a local path on which to put another logging node.
Once you've figured out how to make this change for your system, simply
restart <tt>syslogd</>, either by killing it and launching it again (with
the extra parameters), or by using the SysV-init script to do it for you:
@ -334,6 +367,13 @@ directories immutable, using the <tt>chattr</> tool on ext2 filesystems.
# chattr +i etc etc/localtime var
</verb></tscreen>
Equivalently, on FreeBSD 4.3, you want to look into <tt>chflags</> if you
wish to make things immutable. As an example, the following should change
everything in the <tt>/chroot/named/etc</> directory to immutable:
<tscreen><verb>
# chflags schg /chroot/named/etc/*(*).
</verb></tscreen>
It would be nice to do this for the <tt>dev</> directory too, but unfortunately
that would prevent <tt>syslogd</> from creating its <tt>dev/log</> socket.
You may also choose to set the immutable bit on other files in the jail as
@ -466,6 +506,12 @@ esac
exit 0
</code></tscreen>
As with syslogd, as of Red Hat 7.2 this process is now even easier. There is
a file called <tt>/etc/sysconfig/named</> in which extra parameters for syslogd
can be defined. The default <tt>/etc/rc.d/init.d/named</> on Red Hat 7.2,
however, will check for the existance of <tt>/etc/named.conf</> before
starting. You will need to correct this path.
On Caldera OpenLinux systems, you simply need to modify the variables defined
at the top, and it will apparently take care of the rest for you:
<tscreen><verb>
@ -474,6 +520,14 @@ DAEMON=/usr/local/sbin/$NAME
OPTIONS="-t /chroot/named -u named -c /etc/named.conf"
</verb></tscreen>
And for FreeBSD 4.3, you can edit the <tt>rc.conf</> file and put in the
following:
<tscreen><verb>
named_enable="YES"
named_program="chroot/named/bin/named"
named_flags="-u named -t /chroot/named -c /etc/namedb/named.conf"
</verb></tscreen>
<sect1>Configuration Changes
<p>
@ -544,6 +598,16 @@ better.
<tt>&lt;brian at zerobelow.org&gt;</> for providing good suggestions for
further tightening the jail.
<item>Robert Dalton <tt>&lt;support at accesswest.com&gt;</> for suggesting
a couple more example commands, and pointing out BIND 9.2.0's need of
<tt>/dev/random</>.
<item>Eric McCormick <tt>&lt;hostmaster at cybertime.net&gt;</> for the FreeBSD
4.3 information.
<item>Tan Zheng Da <tt>&lt;tzd at pobox.com&gt;</> for the details about the
changes in Red Hat 7.2 that make this a little easier.
</itemize>
And last but certainly not least, I'd like to thank Nakano Takeo <tt>&lt;nakano

423
LDP/howto/linuxdoc/Keyboard-and-Console-HOWTO.sgml
View File

@ -4,7 +4,7 @@
<title>The Linux keyboard and console HOWTO
<author>Andries Brouwer, <tt/aeb@cwi.nl/
<date>v2.8, 25 February 1998
<date>v2.12, 2001-09-21
<abstract>This note contains some information about the Linux keyboard
and console, and the use of non-ASCII characters.
@ -23,27 +23,39 @@ It describes Linux 2.0.
The following packages contain keyboard or console related programs.
<p>
<tt/kbd-0.95.tar.gz/ contains <tt/loadkeys/, <tt/dumpkeys/, <tt/showkey/,
<tt/kbd-1.06.tar.gz/ contains <tt/loadkeys/, <tt/dumpkeys/, <tt/showkey/,
<tt/setmetamode/, <tt/setleds/, <tt/setfont/, <tt/showfont/, <tt/mapscrn/,
<tt/kbd_mode/, <tt/loadunimap/, <tt/chvt/, <tt/resizecons/, <tt/deallocvt/,
<tt/getkeycodes/, <tt/setkeycodes/.
<tt/kbd_mode/, <tt/kbdrate/, <tt/loadunimap/, <tt/chvt/, <tt/resizecons/,
<tt/deallocvt/, <tt/getkeycodes/, <tt/setkeycodes/.
It also contains <tt/openvt/, formerly called <tt/open/.
<p>
<tt/util-linux-2.6/ contains <tt/setterm/, <tt/kbdrate/.
(Yes, the <tt/more/ in <tt/util-linux-2.6/ dumps core due to a name
conflict. Preserve your old copy, or use <tt/util-linux-2.5/, or
change `savetty' to `my_savetty' in <tt/more.c/.)
There exists a clone of the kbd package, namely <tt/console-tools/,
that contains more or less the same stuff. The latest version,
<tt/console-tools-0.3.3/ is roughly up-to-date with <tt/kbd-0.99/.
<p>
<tt/SVGATextMode-1.10/ contains <tt/SVGATextMode/, a program that
obsoletes <tt/resizecons/.
<p>
<tt/util-linux-2.11/ contains <tt/setterm/, <tt/kbdrate/.
<p>
<tt/sh-utils-1.12/ contains <tt/stty/.
<p>
<tt/open-1.4.tgz/ contains <tt/open/ (that should be renamed to
<tt/openvt/). (See also <tt/dynamic-vc-1.1.tar.gz/.)
<tt/SVGATextMode-1.8.tar.gz/ contains <tt/SVGATextMode/, a program that
obsoletes <tt/resizecons/.
See also <tt/dynamic-vc-1.2.tar.gz/ and <tt/consd-1.3.tgz/ for
programs that exploit the `Keyboard Signal' key. Very primitive
versions are <tt/spawn_login/ or <tt/spawn_console/ found in the kbd package.
<p>
See <htmlurl name="font.tgz" url="http://www.cix.co.uk/~mayday/font.tgz">
for a package that handles console fonts.
<p>
Packages like <tt/recode/ and <tt/konwert-1.8/ allow one to convert
between different character encodings.
<p>
The X distribution contains <tt/xmodmap/, <tt/xset/, <tt/kbd_mode/.
(See also X386keybd(1) for the situation under XFree86 1.3,
and Xserver(1) for the XKEYBOARD extension under X11R6.)
A handy interface to <tt/xmodmap/ is <tt/xkeycaps/, see
<htmlurl name="http://www.jwz.org/xkeycaps/" url="www.jwz.org/xkeycaps/">.
<tt/termcap-2.0.8.tar.gz/ contains <tt/termcap/, an old terminal
capabilities data base. <tt/ncurses-1.9.9e.tar.gz/ contains the
@ -71,22 +83,27 @@ See terminfo(5). Terminfo files are compiled
by the terminfo compiler <tt>/usr/lib/terminfo/tic</tt>, see tic(1).
Their contents can be examined using the program <tt/infocmp/,
see infocmp(1).
The Linux console sequences are documented in console_codes(4).
<sect>Keyboard generalities<p>
<nidx>keyboard!theory of operation</nidx>
You press a key, and the keyboard controller sends scancodes to the
kernel keyboard driver. Some keyboards can be programmed, but usually
the scancodes corresponding to your keys are fixed.
You press a key, and the keyboard controller sends
<htmlurl name="scancodes"
url="http://www.win.tue.nl/~aeb/linux/kbd/scancodes.html">
to the kernel keyboard driver. Some keyboards can be programmed,
but usually the scancodes corresponding to your keys are fixed.
The kernel keyboard driver just transmits whatever it receives
to the application program when it is in <em>scancode mode</em>,
like when <tt/X/ is running. Otherwise, it parses the stream of scancodes
into keycodes, corresponding to key press or key release events.
(A single key press can generate up to 6 scancodes.)
These keycodes are transmitted to the application program when it is
in <em>keycode mode</em> (as used, for example, by <tt/showkey/).
in <em>keycode mode</em> (as used, for example, by <tt/showkey/
and some X servers).
Otherwise, these keycodes are looked up in the keymap, and the character
or string found there is transmitted to the application, or the action
described there is performed.
@ -100,12 +117,12 @@ a US keyboard and a default keymap. An example of a key combination to which
an action is assigned is Ctrl-Alt-Del.)
<P>
The translation between unusual scancodes and keycodes can be set using the
utility <tt/setkeycodes/ - only very few people will need it.
utility <tt/setkeycodes/ - only few people will need it.
The translation between keycodes and characters or strings or actions, that is,
the keymap, is set using the utilities <tt/loadkeys/ and <tt/setmetamode/.
For details, see getkeycodes(8), setkeycodes(8), dumpkeys(1), loadkeys(1),
setmetamode(1). The format of the files output by <tt/dumpkeys/ and read
by <tt/loadkeys/ is described in keytables(5).
by <tt/loadkeys/ is described in keymaps(5).
<P>
Where it says `transmitted to the application' in the above description,
this really means `transmitted to the terminal driver'. That is, further
@ -126,10 +143,10 @@ the correspondence between Unicode values and font positions,
and the obtained 8- or 9-bit font indices are then written to video memory,
where they cause the display of character shapes found in the video card's
character ROM.
One can load one's own fonts into character ROM using
<tt/setfont/, load the corresponding Unicode map with <tt/loadunimap/,
and load a user mapping table using <tt/mapscrn/.
More details will be given below.
One can load one's own fonts into character ROM using <tt/setfont/.
The obsolete programs <tt/loadunimap/ and <tt/mapscrn/ can be used
to manipulate the Unicode map belonging to the font, or the mapping
table of the console. More details will be given below.
There are many consoles (called <it/Virtual Consoles/ or
<it/Virtual Terminals/, abbreviated VCs or VTs) that share the same
@ -148,7 +165,7 @@ switch between them.
There is garbage on the screen, or all your keystrokes are echoed
as line drawing characters. What to do?
Many programs will redraw the screen when &circ;L is typed. This might
Many programs will redraw the screen when Ctrl-L is typed. This might
help when there is some modem noise or broadcast message on your screen.
The command <tt/clear/ will clear the screen.
@ -175,8 +192,12 @@ If this happens on <tt>/dev/tty2</tt> then typing
</verb></tscreen>
on some other VT (where 4 symbols are typed to <tt/cat/: ESC, c, ENTER,
Ctrl-D) and refreshing the screen on <tt>/dev/tty2</tt>
(perhaps using &circ;L) will fix things. Of course the permanent fix
(perhaps using Ctrl-L) will fix things. Of course the permanent fix
is to use the right termcap or terminfo entry.
A command that only changes the number of lines is
<tscreen><verb>
% echo -e "\033[1;25r"
</verb></tscreen>
Why is it that you sometimes get a lot of line-drawing characters,
e.g., after catting a binary to the screen?
@ -198,7 +219,7 @@ Now do (typing blindly)
^D
</verb></tscreen>
and all is well again. (Three symbols typed to each <tt/cat/:
&circ;N (or &circ;O), ENTER, Ctrl-D.) To understand what is happening,
Ctrl-N (or Ctrl-O), ENTER, Ctrl-D.) To understand what is happening,
see `The console character sets' below.
If you loaded some strange font, and want to return to the default,
@ -243,19 +264,23 @@ commands may be replaced by
<tscreen><verb>
% setfont -u def
</verb></tscreen>
The Ethiopian fonts and the <tt/lat1u*.psf/ fonts have embedded
Unicode code map. Most of the others don't.
These days most fonts have embedded Unicode maps (often this is
indicated by the extension <tt/.psfu/), and none of this nonsense
is needed anymore.
On old terminals output involving tabs may require a delay, and you
have to say
On very old terminals output involving tabs may require a delay,
and you have to say
<tscreen><verb>
% stty tab3
</verb></tscreen>
(see stty(1)).
You can change the video mode using <tt/resizecons/ or
<tt/SVGATextMode/.
<tt/SVGATextMode/. Or by rebooting and having "vga=ask"
in the LILO configuration file.
This usually settles the output side.
On the input side there are many things that might be wrong. If <tt/X/ or
<tt/DOOM/ or some other program using raw mode crashed, your keyboard may
still be in raw (or mediumraw) mode, and it is difficult to give commands.
@ -277,6 +302,10 @@ Compared to QWERTY, the QWERTZ map interchanges Y and Z.
Compared to QWERTY, the AZERTY map interchanges Q and A, W and Z, and has
its M right of the L, at the semicolon position.
DVORAK has an entirely different letter ordering.
There are two types of Turkish keyboard. The so-called `Q'-keyboard
has a QWERTY layout, while the `F'-keyboard has an entirely
different layout, let us say fgGIod, where G stands for Gbreve
and I for dotlessi.
<sect1>Keyboard hardware reset<p>
<nidx>keyboard!resetting</nidx>
@ -341,8 +370,9 @@ How come this is not right by default? It is, if you use the right
<tt/getty/.
Note that many programs (like <tt/bash/, <tt/emacs/ etc.) have their own
keybindings (defined in <tt>&tilde;/.inputrc</tt>, <tt>&tilde;/.emacs</tt> etc.) and
are unaffected by the setting of the erase character.
keybindings (defined in <tt>&tilde;/.inputrc</tt>,
<tt>&tilde;/.emacs</tt> etc.) and are unaffected by the setting
of the erase character.
The standard Unix tty driver does not recognize a cursor, or keys
(like the arrow keys) to move the current position, and hence does not
@ -388,7 +418,7 @@ when initialising the X keymap. Although the two systems are not
<tt/xmodmap/ has become superfluous.
For example, suppose that you would like the Backspace key
to send a BackSpace (&circ;H, octal 010) and the grey Delete key
to send a BackSpace (Ctrl-H, octal 010) and the grey Delete key
a DEL (octal 0177). Add the following to <tt>/etc/rc.local</tt>
(or wherever you keep your local boot-time stuff):
<tscreen><verb>
@ -411,6 +441,34 @@ But what character sequence is MetaX?
That is determined (per-tty) by the Meta flag, set by the command
<tt/setmetamode/. The two choices are: ESC X or X or-ed with 0200.
Many distributions have a <tt/loadkeys/ command somewhere in the
bootup sequence. For example, one may have the name of the desired
keymap in <tt>/etc/sysconfig/keyboard</tt> and the <tt/loadkeys/
command that loads it in <tt>/etc/rc.d/init.d/keytable</tt>.
Or one may have the actual default keymap in <tt>/etc/default.keytab</tt>
and the loadkeys command that loads it in <tt>/etc/rc.d/boot</tt>.
Etc. Instead of adding a local modification to the default, one can
of course change the default by editing the default keymap or changing
the name of the keymap to be loaded at boot time. Note that <tt/loadkeys/
itself has default keymap <tt/defkeymap.map/ located somewhere under
<tt>/usr/lib/kbd</tt> or <tt>/usr/share/kbd</tt> (just like all other
keymaps) and this may not yet be available in single user boot before
<tt>/usr</tt> has been mounted.
<sect2>`How do I get a dvorak keyboard?'<p>
<nidx>dvorak keyboard</nidx>
The command
<tscreen><verb>
% loadkeys dvorak
</verb></tscreen>
will give you a dvorak layout, probably by loading
something like <tt>/usr/lib/kbd/keymaps/i386/dvorak/dvorak.map.gz</tt>.
Under <tt/X/, put
<tscreen><verb>
XkbLayout "dvorak"
</verb></tscreen>
in <tt>XF86Config</tt>.
<sect2>`Why doesn't the Backspace key generate BackSpace by default?'<p>
<nidx>backspace key!not generating correct keycode</nidx>
@ -452,7 +510,7 @@ For example, in incremental search mode one finds the code
</verb></tscreen>
This means that it may be a bad idea to use the above two
global-set-key commands. There are too many places where
there are built-in assumptions about &circ;H = help and DEL = delete.
there are built-in assumptions about Ctrl-H = help and DEL = delete.
That doesn't mean that you have to setup keys so that Backspace
generates DEL. But if it doesn't then it is easiest to remap
them at the lowest possible level in emacs.
@ -480,7 +538,7 @@ Note that under X emacs can distinguish between Ctrl-h and the
Backspace key (regardless of what codes these produce on the console),
and by default emacs will view the Backspace key as DEL
(and do deletion things, as bound to that character, rather than
help things, bound to &circ;H). One can distinguish Backspace and Delete,
help things, bound to Ctrl-H). One can distinguish Backspace and Delete,
e.g. by
<tscreen><verb>
(global-unset-key [backspace] )
@ -498,6 +556,14 @@ Put in your <tt/.kermrc/ file the lines
set key \8 \127
</verb></tscreen>
<sect1>How to tell xterm to interchange Delete and Backspace<p>
<nidx>xterm!swapping DEL, BS</nidx>
<tscreen><verb>
XTerm*VT100.Translations: #override\n\
<KeyPress> BackSpace : string(0x7f)\n\
<KeyPress> Delete : string(0x08)\n
</verb></tscreen>
<sect1>How to tell xterm about your favourite tty modes<p>
<nidx>xterm!setting tty modes for</nidx>
@ -512,10 +578,19 @@ If you don't like that, you might put something like
in <tt>/usr/lib/X11/app-defaults/XTerm</tt> or in
<tt>&dollar;HOME/.Xresources</tt>, assuming that you have a line
<tscreen><verb>
xrdb $HOME/.Xresources
xrdb -merge $HOME/.Xresources
</verb></tscreen>
in your <tt>&dollar;HOME/.xinitrc</tt> or <tt>&dollar;HOME/.xsession</tt>.
<sect1>How to tell non-Motif X applications that the Del key deletes forward<p>
Put
<tscreen><verb>
*Text.translations: #override \
~Shift ~Meta <Key>Delete: delete-next-character()
</verb></tscreen>
into <tt>.Xresources</tt> to make non-Motif X applications such as
<tt>xfig</tt>, <tt>xedit</tt>, etc., work correctly. (Daniel T. Cobra)
<sect1>How to tell xmosaic that the Backspace key generates a DEL<p>
<nidx>xmosaic!remapping BS key</nidx>
<nidx>Netscape!remapping BS</nidx>
@ -527,7 +602,10 @@ Putting
*XmTextField.translations: #override\n\
<Key>osfDelete: delete-previous-character()
</verb></tscreen>
in your <tt>&dollar;HOME/.Xresources</tt> helps.
in your <tt>&dollar;HOME/.Xdefaults</tt> or
<tt>&dollar;HOME/.Xresources</tt> helps.
(What file? The file that is fed to <tt>xrdb</tt>, for example
in <tt>.xinitrc</tt>.)
The netscape FAQ, however, says:
<verb>
@ -607,6 +685,41 @@ particular program only, probably the fault is elsewhere.
Of course it is a good idea anyway to correct your termcap (terminfo) entry.
See also below under "The TERM variable".
<sect1>A complete solution<p>
There are many possibilities to get a functioning system.
Can't you give one complete set of settings that works?
<nidx>delete key!a solution</nidx>
<nidx>backspace key!a solution</nidx>
<p>
One way of getting a setup that works in all contexts
is to have the Backspace key generate DEL when on the
console (or xterm), and BackSpace when under X.
Maybe that is most convenient - there are too many X utilities
that expect BackSpace, and emacs on the console or xterm
expects DEL, while emacs under X can distinguish [BackSpace]
from Ctrl-H and does the right thing.
<p>
What is needed?
No loadkeys changes, since the Backspace key already generates
DEL by default. No stty settings, they are OK by default.
No X settings, they are OK by default.
One just has to tell xterm that the Backspace key should generate DEL:
put
<tscreen><verb>
XTerm*VT100.Translations: #override\n\
<KeyPress> BackSpace : string(0x7f)\n\
</verb></tscreen>
in <tt/.Xresources/, and
<tscreen><verb>
xrdb -merge .Xresources
</verb></tscreen>
in <tt/.xinitrc/, and you are settled.
For a much more extensive discussion of these things, and
alternative solutions, see
<htmlurl url="http://www.ibbnet.nl/~anne/keyboard.html"
name="Anne Baretta's page">.
<sect>The console character sets<p>
<nidx>console character sets</nidx>
<nidx>character sets, console</nidx>
@ -617,15 +730,15 @@ user byte, and next where this symbol is located in the current font.
The kernel knows about 5 translations of bytes into console-screen symbols.
In Unicode (UTF-8) mode, the UTF-8 code is just converted directly into
Unicode. The assumption is that almost all symbols one needs are present
in Unicode, and for the cases where this does not hold the codes 0xff**
are reserved for direct font access.
in Unicode, and for the cases where this does not hold the codes
0xf000-0xf1ff are reserved for direct font access.
When not in Unicode mode, one of four translation tables is used.
The four tables are: a) Latin1 -&gt; Unicode, b) VT100 graphics -&gt; Unicode,
c) PC -&gt; Unicode, d) user-defined.
There are two character sets, called G0 and G1, and one of them
is the current character set. (Initially G0.)
Typing &circ;N causes G1 to become current, &circ;O causes G0 to become current.
Typing Ctrl-N causes G1 to become current, Ctrl-O causes G0 to become current.
These variables G0 and G1 point at a translation table, and can be changed
by the user. Initially they point at tables a) and b), respectively.
@ -635,8 +748,8 @@ The sequences ESC ) B and ESC ) 0 and ESC ) U and ESC ) K cause G1 to point
at translation table a), b), c) and d), respectively.
The sequence ESC c causes a terminal reset, which is what you want if the
screen is all garbled. The oft-advised <tt/echo &circ;V&circ;O/ will only make G0
current, but there is no guarantee that G0 points at table a).
screen is all garbled. The oft-advised <tt/echo &circ;V&circ;O/ will only
make G0 current, but there is no guarantee that G0 points at table a).
In some distributions there is a program reset(1) that just does
<tt>echo &circ;&lsqb;c</tt>.
If your termcap entry for the console is correct (and has an entry
@ -716,7 +829,7 @@ command.
Fortunately it is possible to create a new console upon a single
keystroke, regardless of what is happening at the current console.
If you have <tt/spawn_login/ from <tt/kbd-0.95.tar.gz/ and you put
If you have <tt/spawn_login/ from <tt/kbd-1.04.tar.gz/ and you put
<tscreen><verb>
loadkeys << EOF
alt keycode 103 = Spawn_Console
@ -760,8 +873,8 @@ to also add entries for them in these files.
If you press Ctrl-Alt-Del (or whatever key was assigned the keysym Boot by
loadkeys) then either the machine reboots immediately (without sync), or
<tt/init/ is sent a SIGINT. The former behaviour is the default. The default can
be changed by root, using the system call reboot(), see ctrlaltdel(8).
<tt/init/ is sent a SIGINT. The former behaviour is the default. The default
can be changed by root, using the system call reboot(), see ctrlaltdel(8).
Some <tt/init/'s change the default. What happens when <tt/init/ gets SIGINT depends
on the version of <tt/init/ used - often it will be determined by the pf entry in
<tt>/etc/inittab</tt> (which means that you can run an arbitrary program
@ -849,11 +962,11 @@ combinations are user-settable. Today there are 68 combinations
defined by default; you can see them by saying "dumpkeys | grep compose".
<item>
Then there are `Sticky' modifier keys (since 1.3.33). For example,
one can type &circ;C as SControl, C and Ctrl-Alt-BackSpace as SControl, SAlt,
BackSpace.
one can type Ctrl-C as SControl, C and Ctrl-Alt-BackSpace as SControl,
SAlt, BackSpace.
</itemize>
Note that there are at least three such composition mechanisms:
Note that there are at least four such composition mechanisms:
<enum>
<item>
The Linux keyboard driver mechanism, used in conjunction with loadkeys.
@ -866,12 +979,16 @@ name="http://wauug.erols.com/~balsa/linux/deadkeys/index.html">.
<item>
The emacs mechanism obtained by loading "iso-insert.el" or
calling `iso-accents-mode'.
<item>
The vim mechanism: insert a composed symbol by pressing Ctrl-K
followed by two symbols. A list of the possible combinations is
obtained by the command <tt>:digraphs</tt>.
</enum>
For X the order of the two symbols is arbitrary: both Compose-,-c and
Compose-c-, yield a c-cedilla; for Linux and emacs only the former sequence
works by default. For X the list of compose combinations is fixed. Linux
and emacs are flexible.
The three default lists are somewhat similar, but the details are different.
works by default. For X and vim the list of compose combinations is fixed.
Linux and emacs are flexible.
The default lists are somewhat similar, but the details are different.
<sect1>The SysRq key<p>
<nidx>SysRq key</nidx>
@ -912,7 +1029,31 @@ of your keymap, or even of the entire kernel, is uncertain.
If you use a dvorak keyboard - bad luck! Most other people will
be able to survive: the dangerous letters A,M,Q,W,Y,Z that are
differently placed on English, French and German keyboards, are
not used for actions.
not used for actions. (But if your finger slips and you hit L
instead of K - bye bye to your system.)
<p>
In Linux 2.3.13 the possibility to enable/disable SysRq was added.
<tscreen><verb>
echo 0 > /proc/sys/kernel/sysrq
</verb></tscreen>
will disable it (if the kernel was compiled with CONFIG_MAGIC_SYSRQ).
<sect1>Problems<p>
A good keyboard accurately reports multiple key presses.
Especially for people using a keyboard as Braille input device,
where they have to be able to press up to six keys simultaneously,
this is important. Many modern keyboards fail here due to sloppy
design and testing - they misreport or fail in other ways when
four or more keys are pressed simultaneously, sometimes already
when two non-modifier keys are pressed simultaneously.
This affects Linux users a bit: the SysRq key is not a modifier key,
and people report problems using Alt-SysRq-<it>X</it> for various
letters or digits <it>X</it>.
<p>
Long ago a similar problem (`ghosting') was caused by the design
of the scan matrix: when three keys were pressed a fourth was
also seen. That problem was solved by the use of diodes.
Today it is the interface logic that is deficient.
<sect>How to get out of raw mode<p>
<nidx>raw mode, exiting</nidx>
@ -1135,9 +1276,6 @@ D. For <tt/bash/ (version 1.13.*), put
<tscreen><verb>
set meta-flag on
set convert-meta off
</verb></tscreen>
and, according to the Danish HOWTO,
<tscreen><verb>
set output-meta on
</verb></tscreen>
into your <tt>&dollar;HOME/.inputrc</tt>.
@ -1175,7 +1313,7 @@ J. For <tt/col/, make sure 1) that it is fixed so as to do
K. For <tt/rlogin/, use option <tt/-8/.
L. For <tt/joe/,
<tt>sunsite.unc.edu:/pub/Linux/apps/editors/joe-1.0.8-linux.tar.gz</tt>
<tt>metalab.unc.edu:/pub/Linux/apps/editors/joe-1.0.8-linux.tar.gz</tt>
is said to work after editing the configuration file. Someone else said:
<tt/joe/: Put the <tt/-asis/ option in <tt>/isr/lib/joerc</tt> in the
first column.
@ -1184,23 +1322,54 @@ M. For LaTeX: <tt>&bsol;documentstyle&lsqb;isolatin&rsqb;{article}</tt>.
For LaTeX2e: <tt>&bsol;documentclass{article}&bsol;usepackage{isolatin}</tt>
where <tt>isolatin.sty</tt> is available from
<htmlurl url="ftp://ftp.vlsivie.tuwien.ac.at/pub/8bit"
name="ftp://ftp.vlsivie.tuwien.ac.at/pub/8bit">.
name="ftp.vlsivie.tuwien.ac.at/pub/8bit">.
A nice discussion on the topic of ISO-8859-1 and how to manage 8-bit
characters is contained in the file <tt>grasp.insa-lyon.fr:/pub/faq/fr/accents</tt>
(in French). Another fine discussion (in English) can be found in
<htmlurl url="ftp.vlsivie.tuwien.ac.at:/pub/8bit/FAQ-ISO-8859-1"
name="ftp.vlsivie.tuwien.ac.at:/pub/8bit/FAQ-ISO-8859-1">, which
is mirrored in
<htmlurl url="rtfm.mit.edu:pub/usenet-by-group/comp.answers/character-sets/iso-8859-1-faq"
name="rtfm.mit.edu:pub/usenet-by-group/comp.answers/character-sets/iso-8859-1-faq">.
<htmlurl
url="ftp://rtfm.mit.edu/pub/usenet-by-group/comp.answers/internationalization/iso-8859-1-charset"
name="rtfm.mit.edu:pub/usenet-by-group/comp.answers/internationalization/iso-8859-1-charset">.
If you need to fix a program that behaves badly with 8-bit characters,
one thing to keep in mind is that if you have a signed char type then
characters may be negative, and using them as an array index will fail.
Several programs can be fixed by judiciously adding (unsigned char) casts.
<sect>What precisely does XFree86-2.1 do when it initializes its keymap?<p>
<sect>X<p>
This FAQ/HOWTO is about the Linux keyboard and console, not about X,
which substitutes its own handling. However, it seems useful to
document some of the Linux keyboard and console related properties
of X.
First of all, when X is started (say using <tt/startx/ or <tt/xinit/)
it opens the first unused console, unless the desired console has been
indicated explicitly, as in <tt/xinit -- vt12/.
Note that this will fail when there is no device file <tt>/dev/tty12</tt>,
but that it will not fail when the indicated console was in use already.
When X finishes, it will return to the original console.
While it is running one can use Ctrl-Alt-Fn to switch to VTn.
<p>
The XFree86 keymap mechanism is much poorer than the Linux mechanism.
For each keycode there are at most 4 symbols defined, namely for the
4 keymaps plain, shift, mod, mod+shift. What is the modifier mod?
It is the one designated by the symbol <tt/Mode_switch/.
For example, the command <tt/xmodmap keys.dk/, where the file
<tt/keys.dk/ contains
<tscreen><verb>
keycode 64 = Mode_switch
keycode 113 = Mode_switch
keycode 38 = a A aring Aring
keycode 26 = e E ae AE
keycode 32 = o O oslash Ooblique
</verb></tscreen>
will make both Alt keys into mod keys, so that Alt+a gives å (a-ring), etc.
(Note the illogical naming of oslash and Ooblique.)
Such an <tt/xmodmap/ command can be placed in the <tt/.xinitrc/
shell script that is executed by default when X is started.
<sect1>What precisely does XFree86-2.1 do when it initializes its keymap?<p>
<nidx>keymap!initialization by XFree86</nidx>
<nidx>XFree86!keymap initialization</nidx>
@ -1229,7 +1398,8 @@ Caps_On and Boot are ignored, as are the dead diacriticals, and the locks
(except for ShiftLock), and the "ASCII-x" keys.
Next, the definitions in the <tt/Xconfig/ file are used. (Thus, a definition
of Compose in <tt/Xconfig/ will override its value as found in the Linux keymap.)
of Compose in <tt/Xconfig/ will override its value as found in the Linux
keymap.)
What happens to the strings associated with the function keys? Nothing,
X does not have such a concept. (But it is possible to define strings
@ -1251,14 +1421,41 @@ have two keycodes: the former has keycode 84 when Alt is pressed
simultaneously, and keycode 99 otherwise; the latter has keycode
101 when Ctrl is pressed simultaneously, and keycode 119 otherwise.
(Thus, it makes no sense to bind functions to Alt keycode 99 or
Ctrl keycode 119.)
Ctrl keycode 119.) The Pause/Break key is also special in another way:
it does not generate key-up scancodes, but generates the entire
6-scancode sequence on key-down.
If you have strange keys, that do not generate any code under Linux
(or generate messages like "unrecognized scancode"), and your kernel
is 1.1.63 or later, then you can use setkeycodes(1) to tell the kernel
about them. They won't work under X, however.
Once they have gotten a keycode from <tt/setkeycodes/, they can be assigned
a function by <tt/loadkeys/.
about them. Once they have gotten a keycode from <tt/setkeycodes/,
they can be assigned a function by <tt/loadkeys/.
For example, using <tt/showkey -s/ one sees that Microsoft keyboards
use the scancode sequences (in hexadecimal) e0 5b (left Windows key),
e0 5c (right Windows key), e0 5d (Menu key).
Microsoft Internet keyboard also uses e0 6a (Back), e0 69 (Forward),
e0 68 (Stop), e0 6c (Mail), e0 65 (Search), e0 66 (Favorites),
e0 32 (Web/Home), e0 6b (My Computer), e0 21 (Calculator), e0 5f (Sleep).
Use <tt>dumpkeys</tt> to see what keycodes are still unused.
Typically values like 89-95 and 112-118 and 120-127 are free.
Now
<tscreen><verb>
% setkeycodes e05b 125
% setkeycodes e05c 126
% setkeycodes e05d 127
</verb></tscreen>
assigns keycodes to these scancode sequences, and
<tscreen><verb>
% loadkeys
keycode 125 = Decr_Console
keycode 126 = Incr_Console
keycode 127 = KeyboardSignal
%
</verb></tscreen>
would make these Windows keys go to the previous or next virtual console,
and let the Menu key create a fresh virtual console (in case you have
something like <tt/spawn_console/ running).
<sect>Examples of use of loadkeys and xmodmap<p>
<nidx>loadkeys!example using</nidx>
@ -1312,7 +1509,7 @@ will do this. More explicitly, the procedure is like this:
%
</verb></tscreen>
The format of the table can be guessed by looking at the output
of <tt/dumpkeys/, and is documented in keytables(5).
of <tt/dumpkeys/, and is documented in keymaps(5).
When the new keymap functions as desired, you can put an invocation
<tscreen><verb>
loadkeys my_new_keymap
@ -1321,10 +1518,13 @@ in <tt>/etc/rc.local</tt> or so, to execute it automatically at boot-up.
Note that changing modifier keys is tricky, and a newbie can easily
get into a situation only an expert can get out of.
<p>
The default directory for keymaps is <tt>/usr/lib/kbd/keytables</tt>.
The default directory for keymaps is <tt>/usr/lib/kbd/keymaps</tt>.
The default extension for keymaps is <tt>.map</tt>.
Thus, <tt>loadkeys uk</tt> would probably load
<tt>/usr/lib/kbd/keytables/uk.map</tt>.
For example, <tt>loadkeys uk</tt> would probably load
<tt>/usr/lib/kbd/keymaps/i386/qwerty/uk.map</tt>.
(With kbd-0.95 and older this would be <tt>/usr/lib/kbd/keytables</tt>
and <tt>/usr/lib/kbd/keytables/uk.map</tt>.)
<p>
(On my machine) <tt>/dev/console</tt> is a symbolic link to <tt>/dev/tty0</tt>,
and the kernel regards <tt>/dev/tty0</tt> as a synonym for the current VT.
@ -1359,19 +1559,7 @@ Since version 1.3.33, the kernel knows about `sticky' modifier keys.
These act on the next key pressed. So, where one earlier needed
the 3-symbol sequence Shift_Lock a Shift_Lock to type `A', one
can now use the 2-symbol sequence SShift_Lock a.
Versions of the kbd package older than 0.93 do not yet include code
for these sticky modifiers, and have to invoke them
using their hexadecimal codes. For example,
<tscreen><verb>
% loadkeys
keymaps 0-15
keycode 54 = 0x0c00
keycode 97 = 0x0c02
keycode 100 = 0x0c03
%
</verb></tscreen>
will make the right Shift, Ctrl, Alt sticky versions of the left ones.
>From 0.93 on you can say
You can say
<tscreen><verb>
% loadkeys
keymaps 0-15
@ -1380,7 +1568,7 @@ will make the right Shift, Ctrl, Alt sticky versions of the left ones.
keycode 100 = SAlt
%
</verb></tscreen>
to obtain the same result.
to make the right Shift, Ctrl, Alt sticky versions of the left ones.
This will allow you to type Ctrl-Alt-Del in three keystrokes with one hand.
The keymaps line in these examples should cover all keymaps you have in use.
@ -1389,6 +1577,37 @@ You find what keymaps you have in use by
% dumpkeys | head -1
</verb></tscreen>
<sect1>Sticky keys under <tt/X/<p>
The following text was contributed by Piotr Mitros.
XFree86 supports an accessibility option which allows disabled users
to type single-handed. With sticky keys enabled, the user can hit a
modifier key (ctrl, alt, shift) followed by another key, rather than
having to hold the modifier key while hitting the letter.
To enable sticky keys, first make sure the xkb extension is enabled
(this is done during initial <tt/X/ server configuration and is usually
enabled by default). Next, run the <tt/X/ server with the <tt/+accessx/
option. If you use <tt/startx/, either run <tt/startx -- +accessx/ or
add <tt/+accessx/ to the serverargs line in the <tt/startx/ script.
If you use <tt/xdm/, add <tt/+accessx/ to the appropriate server line
in <tt>/etc/X11/xdm/Xservers</tt>.
It is also possible to enable <tt/X/ accessibility with some end-user
utilities with a running <tt/X/ server.
Once <tt/X/ accessibility is enabled, press the shift key five times in a
row to enable sticky keys. To disable sticky keys, either press the
shift key five times again, or press a key while holding a modifier
key.
XFree86 also supports Slow Keys, Repeat Keys, Bounce Keys and an
audible bell. <tt/xkbcomp/ can be used to generate a <tt/.xkm/ file
to enable these. The appropriate <tt/xkbcomp/ commands are listed in
<tt>/usr/X11R6/lib/X11/xkb/compat/accessx</tt>.
Unfortunately, the exact process is still undocumented.
<sect>Changing the video mode<p>
<nidx>console!changing video modes</nidx>
<nidx>video modes, changing</nidx>
@ -1458,6 +1677,14 @@ that doesn't help, edit or remove the section
</code>
of <tt>/usr/src/linux/&lsqb;arch/i386/&rsqb;boot/setup.S</tt>.
Scott Johnston (<tt/sj@zule.com/) reports: `To program the
repeat rate of a Gateway AnyKey keyboard all one has to do
is press the "Repeat Rate" key, then a function key
F1-F8, then "Repeat Rate" again. F1 is the slowest possible repeat rate,
and F8 is really fast. If you somehow manage to mess up your AnyKey
keyboard doing this, simply press Ctrl-Alt-SuspndMacro to reset
your keyboard to factory default settings.'
<sect>Scrolling<p>
<nidx>console!scrolling</nidx>
<nidx>scrolling, console</nidx>
@ -1526,7 +1753,7 @@ can be accessed using the device <tt>/dev/vcs</tt><it/N/
(where `vcs' stands for `virtual console screen').
For example, you could have a clock program that displays the
current time in the upper right hand corner of the console screen
(see the program <tt/vcstime/ in <tt/kbd-0.95.tar.gz/).
(see the program <tt/vcstime/ in <tt/kbd-1.04.tar.gz/).
Just dumping the contents goes with <tt>cat /dev/vcs</tt><it/N/.
These device files <tt>/dev/vcs</tt><it/N/ do not contain
newlines, and do not contain attributes, like colors. From a program
@ -1570,9 +1797,6 @@ clears it again.
Several people have noticed that they lose typed characters when
a floppy disk is active. It seems that this might be a problem with
Uni-486WB motherboards.
(Please mail me (<tt/aeb@cwi.nl/) to confirm &lsqb;yes, I have the same
problem&rsqb;, deny &lsqb;no, nothing wrong with my Uni-486WB&rsqb;,
modify &lsqb;My Xyzzy machine has the same problem&rsqb;.)
Tjalling Tjalkens (<tt/tjalling@ei.ele.tue.nl/) reports very similar problems
with "a no-brand GMB-486 UNP Vesa motherboard with AMD 486DX2-66 CPU" -
@ -1593,11 +1817,21 @@ parameter to "chipset" (if you have that option). Whenever I have had
that parameter set to any of the other options on my machine
("fast", "both", "disabled") I have had frequent keyboard lockups.'
There may be a relation between keyboard problems and the video card in use.
Shawn K. Quinn (<tt/skquinn@wt.net/) wrote:
`I have a Zeos Pantera Pentium-90 that originally came with a Diamond Stealth
64 S3-based video card. Under X I frequently got q's inserted into my text
(how annoying) especially if I typed very fast (during Netrek for instance,
even more annoying because guess what that does :-( ).
Switching to a Creative Labs Graphics Blaster MA202 solved the problem.
I'm assuming the Stealth 64 did something funny with the timings.'
<sect>Copyright<p>
Copyright (c) 1993-1998 by Andries Brouwer. This document may be
Copyright (c) 1993-2001 by Andries Brouwer. This document may be
distributed under the terms set forth in the LDP license
at <htmlurl url="http://sunsite.unc.edu/LDP/COPYRIGHT.html"
name="http://sunsite.unc.edu/LDP/COPYRIGHT.html"> or
at <htmlurl url="http://metalab.unc.edu/LDP/COPYRIGHT.html"
name="http://metalab.unc.edu/LDP/COPYRIGHT.html"> or
<htmlurl url="ftp://www.win.tue.nl/pub/linux/LDP/COPYRIGHT.txt"
name="ftp://www.win.tue.nl/pub/linux/LDP/COPYRIGHT.txt">.
@ -1605,3 +1839,4 @@ Additions and corrections are welcome.
Andries Brouwer - <tt/aeb@cwi.nl/
</article>