Category: LINUX


Updating VSAN HCL
https://partnerweb.vmware.com/service/vsan/all.json
(右键单击,另存为all.json)。如果无法保存文件,则必须复制整个内容并创建扩展名为 “*.json". 的新文件。

Updating VSAN Release Catalog
https://vcsa.vmware.com/ph/api/v1/results?deploymentId=2d02e861-7e93-4954-9a73-b08692a330d1&collectorId=VsanCloudHealth.6_5&objectId=0c3e9009-ba5d-4e5f6-bae8-f25ec506d219&type=vsan-updates-json
(右键单击,另存为results.json)。如果无法保存文件,则必须复制整个内容并创建扩展名为 “*.json". 的新文件。

PS:
https://kb.vmware.com/s/article/2145116?lang=zh_cn
https://kb.vmware.com/kb/58891

首先声明:不需要升级KERNEL内核。centos8自带BBR功能,只是未开启。

1、正在运行的系统生效:
sysctl -w net.ipv4.tcp_congestion_control=bbr

2、重启后也能生效:
echo “net.ipv4.tcp_congestion_control = bbr" >> /etc/sysctl.conf

3、验证当前设置:
sysctl -a | egrep -e congestion
net.ipv4.tcp_allowed_congestion_control = reno cubic bbr
net.ipv4.tcp_available_congestion_control = reno cubic bbr
net.ipv4.tcp_congestion_control = bbr

PS:开启BBR对新建立链接立即生效,对已建立链接的,需要重新建立链接才能生效。

显示当前链接使用的拥塞控制算法:
ss -tin

https://access.redhat.com/solutions/3713681

一、环境初始化
# 开启Ubuntu’s universe 更新源
sudo apt-add-repository universe
# 更新源最新的包版本信息
apt update
# 改主机名
sudo hostnamectl set-hostname meet.example.org
# 改主机名文件设置Fully Qualified Domain Name (FQDN)
vi /etc/hosts
127.0.0.1 localhost meet.example.org
# 测试主机名解析
ping “$(hostname)"
# 添加Jitsi 更新源
curl https://download.jitsi.org/jitsi-key.gpg.key | sudo sh -c ‘gpg –dearmor > /usr/share/keyrings/jitsi-keyring.gpg’
echo ‘deb [signed-by=/usr/share/keyrings/jitsi-keyring.gpg] https://download.jitsi.org stable/’ | sudo tee /etc/apt/sources.list.d/jitsi-stable.list > /dev/null
# 更新源最新包信息
sudo apt update
# 开通防火墙权限
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 4443/tcp
sudo ufw allow 10000/udp
sudo ufw allow 22/tcp
sudo ufw enable
# 检验防火墙策略是否生效
sudo ufw status verbose

二、安装、部署、优化、排错、附加组件
# 安装Jitsi Meet
sudo apt install jitsi-meet
# 免费证书自动续期,选装,非必须
sudo /usr/share/jitsi-meet/scripts/install-letsencrypt-cert.sh
# 修改内核参数
/etc/systemd/system.conf
DefaultLimitNOFILE=65000
DefaultLimitNPROC=65000
DefaultTasksMax=65000
# 检验内核参数是否生效
systemctl show –property DefaultLimitNPROC
systemctl show –property DefaultLimitNOFILE
systemctl show –property DefaultTasksMax
# 排错时,常用日志路径
/var/log/jitsi/jvb.log
/var/log/jitsi/jicofo.log
/var/log/prosody/prosody.log
# 附加功能安装sip-gateway,安装时将提示输入SIP的帐号密码
sudo apt install jigasi

======================
1、JITSI所用端口说明
80 TCP – for SSL certificate verification / renewal with Let’s Encrypt
443 TCP – for general access to Jitsi Meet
4443 TCP – for fallback network video/audio communications (when UDP is blocked for example)
10000 UDP – for general network video/audio communications
22 TCP – if you access you server using SSH (change the port accordingly if it’s not 22)

2、更换个性设置
Logos Change
/usr/share/jitsi-meet/images/watermark.png
Favicon Change
/usr/share/jitsi-meet/images/favicon.ico
Change welcome page content
/usr/share/jitsi-meet/libs/app.bundle.min.js

PS:
https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-quickstart
https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-manual
https://gitlab.talview.com/meet/lib-jitsi-meet-v1/tree/59fc3642a6bc612ac0366d118718e942153b85c5
http://www.xmanong.com/project/12272

让xscreensaver随机自启

1、安装
sudo pacman -S xscreensaver

2、配置屏保
xscreensaver-demo

3、编辑启动文件
vi ~/.config/systemd/user/xscreensaver.service
[Unit]
Description=XScreenSaver
[Service]
ExecStart=/usr/bin/xscreensaver -nosplash
[Install]
WantedBy=default.target

4、加入自启动项
systemctl –user enable xscreensaver

#!/bin/bash
i=1

# 硬盘数量,除系统盘之外是12块
while [ $i -lt 13 ]
do
# 若不足2位数,则左侧补0
k=`printf “%02d" $i`
# ready for convert ascii value to char
u=$((97+$i))
# 系统盘是sda,%c格式化为单个字符
#j=`echo $i|awk ‘{printf “%c",97+$i}’`
#j=echo $u|awk ‘{printf(“%c",$1)}’
j=$(printf \\x`printf %x $u`)

# 每个物理硬盘整块分成一个区
parted -s /dev/sd$j mklabel gpt
parted /dev/sd$j mkpart primary ext4 0% 100%
# 格式化磁盘
mkfs.ext4 /dev/sd${j}1

# 建立挂载点目录
mkdir /mnt/disk${k}
# 导入挂载硬盘信息
mountfs="/dev/sd${j}1 /mnt/disk${k} ext4 defaults 0 0″

# 写入分区表
echo $mountfs >>/etc/fstab

i=$(($i+1))
done
echo “It’s mounting all of the disk, wait a min, plz"
# 挂载fstab里所有的磁盘
mount -a
echo “SUCCESS, CONGRATULATIONS!"

#!/bin/bash
# 业务IP
IP=10.131.0.117
GW=10.131.0.251
# 心跳IP
HB=172.17.0.117
# 业务网卡
ETH1=eno1
ETH2=ens6f0
# 心跳网卡
ETH3=eno2
ETH4=ens6f1

modprobe –first-time bonding
#modprobe bonding

cd /etc/sysconfig/network-scripts/
mkdir bak
mv ifcfg-$ETH1 ifcfg-$ETH2 ifcfg-$ETH3 ifcfg-$ETH4 bak/

cat < /etc/sysconfig/network-scripts/ifcfg-bond0
DEVICE=bond0
#NAME=bond0
TYPE=Bond
BONDING_MASTER=yes
IPADDR=$IP
PREFIX=24
GATEWAY=$GW
ONBOOT=yes
BOOTPROTO=none
BONDING_OPTS="mode=6 miimon=100"
NM_CONTROLLED="no"
USERCTL=no
EOF

cat < /etc/sysconfig/network-scripts/ifcfg-bond1
DEVICE=bond1
#NAME=bond1
TYPE=Bond
BONDING_MASTER=yes
IPADDR=$HB
PREFIX=24
ONBOOT=yes
BOOTPROTO=none
BONDING_OPTS="mode=6 miimon=100"
NM_CONTROLLED="no"
USERCTL=no
EOF

cat < /etc/sysconfig/network-scripts/ifcfg-$ETH1
DEVICE=$ETH1
#NAME=bond0-slave1
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
NM_CONTROLLED="no"
EOF

cat < /etc/sysconfig/network-scripts/ifcfg-$ETH2
DEVICE=$ETH2
#NAME=bond0-slave2
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond0
SLAVE=yes
NM_CONTROLLED="no"
EOF

cat < /etc/sysconfig/network-scripts/ifcfg-$ETH3
DEVICE=$ETH3
#NAME=bond1-slave1
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
NM_CONTROLLED="no"
EOF

cat < /etc/sysconfig/network-scripts/ifcfg-$ETH4
DEVICE=$ETH4
#NAME=bond1-slave2
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
MASTER=bond1
SLAVE=yes
NM_CONTROLLED="no"
EOF

systemctl restart network
echo $IP
ping -c 3 $GW

Centos7安装openmeetings4

vi /etc/selinux/config
selinux=disable

# epel repo
yum install -y epel-release

# rpmfusion repo
sudo yum localinstall –nogpgcheck https://download1.rpmfusion.org/free/el/rpmfusion-free-release-7.noarch.rpm https://download1.rpmfusion.org/nonfree/el/rpmfusion-nonfree-release-7.noarch.rpm

# nux repo
rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm

# Adobe repo 64-bit x86_64 For Flash player
rpm -ivh http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm
rpm –import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux

# JDK11. icedtea-web for can access to record and share desktop
yum install -y java-11-openjdk-devel icedtea-web wget

# 选择JDK版本
update-alternatives –config java

# OpenMeetings will need LibreOffice to convert to pdf the uploaded office files
yum -y install libreoffice libreoffice-headless

# Installation of Ghostscript, necessary packages and libraries
yum install -y ghostscript libjpeg libjpeg-devel freetype freetype-devel unzip gcc gcc-c++ ncurses ncurses-devel make zlib zlib-devel libtool bison bison-devel openssl-devel bzip2 bzip2-devel file-roller git autoconf automake pkgconfig tomcat-native nmap vlc

# ImageMagick, work the images files jpg, png, gif. Sox, work the sound
yum install -y ImageMagick sox giflib giflib-devel giflib-utils

# OpenMeetings even need Adobe Flash Player for cam and audio
yum install -y flash-plugin

# FFmpeg work with video
yum install -y glibc alsa-lib-devel faac faac-devel faad2 faad2-devel gsm gsm-devel imlib2 imlib2-devel lame-devel vorbis-tools theora-tools libvpx-devel vlc autoconf automake cmake freetype-devel gcc gcc-c++ git libtool make mercurial pkgconfig zlib-devel curl

# Installation MariaDB data server
yum install -y mariadb-server
# 启动,设置
systemctl start mariadb.service
mysqladmin -u root password YOUR-password
mysql -u root -p
# create a user with all permission on this meetdb database. name of the database:meetdb; user for that database:meetuser; password of that user:meetuser
> CREATE DATABASE meetdb DEFAULT CHARACTER SET ‘utf8’;
> CREATE USER meetuser;
> GRANT ALL PRIVILEGES ON meetdb.* TO ‘meetuser’@’localhost’ IDENTIFIED BY ‘1a2B3c4D’ WITH GRANT OPTION;
> FLUSH PRIVILEGES;
> \q

# Installation of OpenMeetings
mkdir /opt/meeting
cd /opt/meeting
wget http://archive.apache.org/dist/openmeetings/4.0.10/bin/apache-openmeetings-4.0.10.tar.gz
tar xzvf apache-openmeetings-4.0.10.tar.gz
mv apache-openmeetings-4.0.10.tar.gz /opt

# Download and install the connector between OpenMeetings and MariaDB:
cd /opt
wget https://repo1.maven.org/maven2/mysql/mysql-connector-java/5.1.48/mysql-connector-java-5.1.48.jar
cp /opt/mysql-connector-java-5.1.48.jar /opt/meeting/webapps/openmeetings/WEB-INF/lib

# Script to launch red5-OpenMeetings
cd /opt
wget https://cwiki.apache.org/confluence/download/attachments/27838216/red5-2
cp red5-2 /etc/init.d/
chmod +x /etc/init.d/red5-2
vi /etc/init.d/red5-2
RED5_HOME=/opt/red54010
…to
RED5_HOME=/your-path-installation

# Run red5-OpenMeetings
systemctl restart mariadb.service
/etc/init.d/red5-2 start

# go with your browser to:
http://localhost:5080/openmeetings

# 配置openmeetings
打开的网页,下一步,
第2页配置 Choose DB type to MySQL
mysql
localhost
3306
meetdb
meetuser
your-password
第3页,创建管理员用户
第4页,下一步,
第5页,配置IMAGEMAGICK,FFMPEG,SOX,LIBREOFFICE路径
ImageMagick Path == /usr/bin
FFMPEG Path == /usr/bin
FFMPEG Path == /usr/bin
OpenOffice/LibreOffice Path for
jodconverter == /usr/lib64/libreoffice
第6页,下一步,
第7页,Finish
# 重启应用
/etc/init.d/red5-2 restart
第8页,Enter the Application

# 防火墙开启如下端口
1935 5080

=========================
# 编译安装Ghostscript 9.27
cd /opt
wget https://cwiki.apache.org/confluence/download/attachments/27838216/ghostscript.sh
chmod +x ghostscript.sh
…and run it:
./ghostscript.sh
…when be finished will announce it: GhostScript compilation is Finished!
rm -Rf /opt/ghostscript-9.27

# 编译安装SOX
wget http://ftp.icm.edu.pl/packages/sox/14.4.2/sox-14.4.2.tar.gz
tar xzvf sox-14.4.2.tar.gz
cd /opt/sox-14.4.2
./configure
make && make install
cd /op

# 编译安装FFMPEG
https://trac.ffmpeg.org/wiki/CompilationGuide/Centos
cd /opt
wget https://cwiki.apache.org/confluence/download/attachments/27838216/ffmpeg_centos7.sh
…concede execution permission to it:
chmod +x ffmpeg_centos7.sh
…and run it (be connected to Internet). The compilation will spend about 30 minutes:
./ffmpeg_centos7.sh
All the compiled files will be installed in: /usr/local/bin

一、环境介绍
UEFI-GPT
arch linux
/dev/sdb

BIOS-MBR
win7
/dev/sda

二、GHOST WIN7后现象:
ARCH LINUX已无法引导,无法找到系统。哪怕是把安装WIN7的SATA硬盘禁用掉,ARCH LINUX也无法引导启动。
WIN7系统无论从哪块硬盘都可以引导启动。(非常奇怪。GHOST的时候是在BIOS里面禁用ARCH LINUX所在SATA硬盘的)

三、排错过程
1、用ARCH LINUX安装U盘引导UEFI模式,进入arch emergency shell
查看磁盘分区信息
lsblk -f
直接挂载
mount /dev/sdb3 new_root
mount /dev/sdb1 /boot
安装GRUB
grub-install –target=x86_64-efi –efi-directory=/boot –bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg

2、如果进入的是GRUB>提示符模式,请按如下操作恢复引导
find (hd1,0)/vmlinuz-(找到内核所在分区。按TAB键补齐命令,若能补齐命令,则内核在此分区)
root (hd1,0)
kernel /vmlinuz-按TAB键补齐命令
initrd /initramfs-按TAB键补齐命令
boot
或者
set root=(hd1,2)
linux (hd1,0)/vmlinuz-按TAB键补齐命令 root=/dev/sdb3
initrd (hd1,0)/initramfs-按TAB键补齐命令
boot

进入系统后
查看磁盘分区信息
lsblk -f
mount /dev/sdb3 /mnt/
mount /dev/sdb1 /mnt/boot
arch-chroot /mnt
重装GRUB
grub-install –target=x86_64-efi –efi-directory=/boot –bootloader-id=GRUB
grub-mkconfig -o /boot/grub/grub.cfg
reboot

—————-
错误的步骤:
EASYbcd安装WINPE双系统引导程序
a、添加新条目——操作系统——LINUX/BSD——添加条目
b、编辑引导菜单——USE METRO BOOTloader(去掉打勾选项)——保存设置
重启电脑,卡在GRUB>提示符,因为BIOS未强制使用UEFI引导,所以efivar-tester的时候报错UEFI variables not supported on this machine
截止此处已无解。毕竟ARCH LINUX是在UEFI+GTP下面安装使用的,而WINDOWS是BIOS+MBR。

===========================
PS:创建ARCH安装U盘
1、找到U盘的盘符
lsblk -f
2、若U盘自动挂载了,请卸载
umount /xxx/udisk
3、做启动U盘
sudo dd bs=4M if=/home/xxx/Downloads/archlinux-2020.02.01-x86_64.iso of=/dev/sdc status=progress && sync

————-
BTW:双系统引导菜单
所有版本的 Windows 都不支持 BIOS 引导 GPT 分区上的 Windows 或 UEFI 引导 MBR 分区上的 Windows.目前官方 (Microsoft) 没有在 UEFI-MBR 或 BIOS-GPT 上运行 Windows 的方法.因此 Windows 只支持 UEFI-GPT 或 BIOS-MBR 启动.参阅 http://support.microsoft.com/kb/2581408
安装在 BIOS 模式下的 Arch Linux 的启动管理器也无法加载位于另一个 UEFI-GPT 硬盘上的 Windows.反之亦然

win7菜单引导archlinux
arch linux shell
dd if=/dev/sdb1 of=/mnt/archboot.bin bs=512 count=1

win7 cmd
新建启动菜单,生成{ID}
bcdedit /create /d “arch” /application bootsector
bcdedit /set {ID} device partition=c:
bcdedit /set {ID} path c:\archboot.bin
加入启动菜单
bcdedit /displayorder {ID} /addlast
bcdedit /timeout 3
删除启动菜单项
bcdedit /delete {ID}

————-
若想ARCH自动生产GRUB双系统引导菜单,就使用如下命令
pacman -S os-prober
mount /dev/sda1 /mnt
os-prober
grub-mkconfig -o /boot/grub/grub.cfg

若不想安装os-prober,那么就直接编辑GRUB菜单
vi /boot/grub/custom.cfg

if [ “${grub_platform}" == “pc" ]; then
menuentry “Microsoft Windows Vista/7/8/8.1/10 BIOS/MBR" {
insmod part_msdos
insmod ntfs
insmod ntldr
search –no-floppy –fs-uuid –set=root –hint-bios=hd0,msdos1 –hint-efi=hd0,msdos1 –hint-baremetal=ahci0,msdos1 XXXXXXXXXXXXXXXX
ntldr /bootmgr
}
fi

XXXXXXXXXXXXXXXX是指文件系统的 UUID,可以通过 lsblk –fs 命令查看,或者用blkid查看

grafana与prometheus安装部署

1、prometheus安装
# 新建用户,下载GO语言的2进制执行软件包
useradd prometheus; passwd prometheus
wget https://github.com/prometheus/prometheus/releases/download/v2.15.2/prometheus-2.15.2.linux-amd64.tar.gz
wget https://github.com/prometheus/node_exporter/releases/download/v0.18.1/node_exporter-0.18.1.linux-amd64.tar.gz
tar -xvzf prometheus*.tar.gz
tar -xvzf node_exporter*.tar.gz

# 编辑监控本机自启动配置文件
vi /etc/systemd/system/node_exporter.service
[Unit]
Description=Node Exporter
Wants=network-online.target
After=network-online.target

[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/home/prometheus/node_exporter/node_exporter

[Install]
WantedBy=multi-user.target

# 设置成为自启动
systemctl enable node_exporter

————————-
# 文件尾部添加node_exporter本机监控模块
vi home/prometheus/prometheus.yml
– job_name: ‘node_exporter’
scrape_interval: 15s
static_configs:
– targets: [‘localhost:9100’]

# 编辑时序DB自启动配置文件
vi /etc/systemd/system/prometheus.service
[Unit]
Description=Prometheus Monitoring
Wants=network-online.target
After=network-online.target

[Service]
User=prometheus
Group=prometheus
Type=simple
ExecStart=/home/prometheus/prometheus/prometheus \
–config.file /home/prometheus/prometheus/prometheus.yml \
–storage.tsdb.path /home/prometheus/prometheus/ \
–web.console.templates=/home/prometheus/prometheus/consoles \
–web.console.libraries=/home/prometheus/prometheus/console_libraries
ExecReload=/bin/kill -HUP $MAINPID

[Install]
WantedBy=multi-user.target

# 设置成为自启动
systemctl enable prometheus

2、安装Grafana
# 编辑源
vi /etc/yum.repos.d/grafana.repo
[grafana]
name=grafana
baseurl=https://packages.grafana.com/oss/rpm
repo_gpgcheck=1
enabled=1
gpgcheck=1
gpgkey=https://packages.grafana.com/gpg.key
sslverify=1
sslcacert=/etc/pki/tls/certs/ca-bundle.crt

# 在线安装
yum install grafana

# 设置成为自启动
systemctl enable grafana-server.service

# 添加数据源
点击Grafana logo打开侧边栏
点击 “Data Sources”
选择 “Add New”
选择 “Prometheus” 作为数据源
设置Prometheus服务的URL (例如本机: http://localhost:9090/)
点击 “Add” 测试连通性并保存数据源

pacman使用技巧

查询已安装的软件包
pacman -Qs

显示软件包的详尽的信息
pacman -Si

获取已安装软件包所包含文件的列表
pacman -Ql

查询远程库中软件包包含的文件
pacman -Fl

显示软件包的依赖树
pactree

检查一个安装的软件包被那些包依赖
whoneeds

检查一个安装的软件包被那些包依赖
whoneeds
pactree -r

清除未安装软件包的缓存,会保留软件包的当前有效版本
pacman -Sc

清理所有缓存。除非空间不足,否则不应这么做
pacman -Scc

默认会删除近3个版本前的软件包
paccache -r

下载包而不安装它
pacman -Sw

安装一个本地包(不从源里下载)
pacman -U /path/xxx.pkg.tar.xz

同步文件数据库
pacman -Fy
查询包含某个文件的包名
pacman -Fs pacman

将所有软件包按占用空间大小排序
expac -H M ‘%m\t%n’ | sort -h

递归删除孤立软件包
pacman -Rs $(pacman -Qtdq)
如果没有孤立软件包,将显示错误 error: no targets specified. 这个是正常的,因为 pacman -Rns 没有收到任何参数.

删除孤立软件包
pacman -Rns xxx

删除base软件包组以外的所有软件包
pacman -Rs $(comm -23 <(pacman -Qeq|sort) <((for i in $(pacman -Qqg base); do pactree -ul $i; done)|sort -u|cut -d ' ' -f 1))

避免过度清理缓存
vi /etc/pacman.conf的[options]段
CleanMethod = KeepCurrent

备份已安装软件包列表
comm -23 <(pacman -Qeq|sort) pkglist

安装列表中所有软件包
pacman -S $(< pkglist)

要是备份的软件包列表包含非官方软件包(从AUR或其他什么地方下载的),就得使用下面这个吓人的命令了,不然pacman会出错:
pacman -S –needed $(diff <(cat badpkglist|sort) <(diff <(cat badpkglist|sort) <(pacman -Slq|sort)|grep \<|cut -f2 -d' ')|grep \<|cut -f2 -d' ')

要是你的系统遭到了大规模破坏(比如rm -rf什么的),可以通过pacman重新安装所有软件包来挽救。
pacman -Qeq | pacman -S –
pacman -Qdq | pacman -S –asdeps –
如果安装了外来软件包,使用上面的命令会出错。下面的命令先生成所有软件包列表,再用pacman -Qmq剔除外来软件包,即重新安装所有仓库中可以找到的软件包,同时保留依赖安装、手动安装标志:
comm -23 <(pacman -Qeq) <(pacman -Qmq) | pacman -S –
comm -23 <(pacman -Qdq) “$db"

find /bin /etc /lib /sbin /usr \
! -name lost+found \
\( -type d -printf ‘%p/\n’ -o -print \) | sort > “$fs"

comm -23 “$fs" “$db"

要生成不属于任何软件包的文件列表:
pacman-disowned.sh > non-db.txt

递归删除孤立软件包:
pacman -Rs $(pacman -Qtdq)

列出所有不属于base或base-devel的已安装软件包
comm -23 <(pacman -Qeq|sort) <(pacman -Qgq base base-devel|sort)

———————–
回滚
cd /var/cache/pacman/pkg/
pacman -U networkmanager-qt-5.63.0-1-x86_64.pkg.tar.xz

以后不再更新此不稳定的软件组
vi /etc/pacman.conf
IgnoreGroup = networkmanager

添加第三方源
vi /etc/pacman.conf
[archlinuxcn]
Server = https://repo.archlinuxcn.org/$arch
倒入PGP密钥
sudo pacman -Syy && sudo pacman -S archlinuxcn-keyring

————————-
升级时遇到问题: "file exists in filesystem"(conflicting files)!
pacman -Qo 文件的完整路径 检查哪个软件包提供了文件

Signature from "User " is unknown trust, installation failed
更新已知密钥
pacman-key –refresh-keys
手动升级archlinux-keyring软件包
pacman -Sy archlinux-keyring && pacman -Su

“failed to commit transaction (invalid or corrupted package" 错误
find /var/cache/pacman/pkg/ -iname “*.part" -exec rm {} \;

“error: failed to init transaction (unable to lock database)" 错误
rm /var/lib/pacman/db.lck

升级系统重启后,出现"unable to find root device"错误,无法登陆
如果系统可以启动,运行如下命令可以生产原始内核 linux 的 initramfs:
# mkinitcpio -p linux
如果上面方法不行,请下载最新的安装程序进行启动,执行:
# mount /dev/sdxY /mnt #Your root partition.
# mount /dev/sdxZ /mnt/boot #If you use a separate /boot partition.
# arch-chroot /mnt
# pacman -Syu mkinitcpio systemd-tools linux
重新安装内核(linux 软件包)将会自动运行 mkinitcpio -p linux 重新生成 initramfs 镜像,不需要单独生成。
之后建议执行 exit, umount /mnt/{boot,} 然后 reboot.
Note: 如果无法进入 arch-chroot 或 chroot 环境,但是需要重新安装软件包,可以使用 pacman -r /mnt -Syu foo bar

PowerpillError: aria2c exited with 8
powerpill -Syyu

===========================
https://wiki.archlinux.org/index.php/Pacman
https://wiki.archlinux.org/index.php/Pacman/Tips_and_tricks