The document as a pdf-file.
Contents
1. if touch SERRFILE 2 dev null amp amp w SERRFILE amp amp L SERRFILE then chmod 600 ERRFILE elif ERRFILE Te cm st n fi else fI tempfile 2 gt dev null then SERRFILE TMPDIR tmp xsession USER then message warning unable to symlink STMPDIR xsession SUSER to SERRFILE look for session log errors in STMPDIR xsession SUSER errormsg unable to create X session log error file aborting exec gt gt SERRFI LE 2 gt amp 1 And set in these two lines instead errfile dev null xec Serrfil 25 amp 1 Now you don t need to be afraid that xsession errors will fill up your entire hard drive 1 The thin clients must have their MAC address locked to an IP address in etc dhcp3 dhcpd conf in order to get a swapfile 2 The size of these swapfiles and whether they are enabled or not is defined in opt ltsp i3 86 etc lts conf Look for the lines SWAPFILE SIZ E 32m USE NFS SWAP eo 118 Chapter 8 Fine tuning 3 Unless you also make the corresponding changes to bind and DNS 119 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 1 Thinclient server 9 1 1 Adding a Printer to a Thin Client Warning Before you try to add a printer in Skolelinux Debian edu you should2. apach versatile high performance HTTP server apache common support files for all Apache webservers apache dbg debug versions of the Apache webservers apache dev development kit for the Apache webserver apache doc documentation for the Apache webserver apache perl versatile high performance HTTP server with Perl support apache ssl versatile high performance HTTP server with SSL support apache utils utility programs for webservers transitional package So you see there is much more related to apache than those few packages already installed on the system 8 9 5 Showing Available Information about a Package The commands apt cache showpkg lt packagename gt and apt cache policy lt packagename gt will give you detailed info about the package tjener apt cache showpkg kdissert Package kdissert Versions 0 3 8 1 var lib apt lists ftp debian org debian dists sarge main binary i386 Packages 104 Chapter 8 Fine tuning Reverse Depends Dependencies 0 3 8 1 kdelibs4 2 4 3 3 2 4 0 2 libc6 2 2 3 2 ds1 4 libgccl 2 1 3 4 1 3 libqt3c102 Provides 0 3 8 1 Reverse Provides tjener apt cache policy kdissert kdissert Installed none Candidate 0 3 8 1 Version Table 0 3 8 1 0 500 http ftp debian org sarge main Packages So you see the package kdissert is not installed but is available for installation in version 0 3 8 1 from http ftp debian org sarge main 8 9 6 Installing
3. 1tsp051 X MOUSE PROTOCOL Microsoft X MOUSE DEVICE dev ttySO X MOUSE RESOLUTION 400 X MOUSE BUTTONS 2 X_MOUSE_EMULATE3BTIN Y 8 7 5 3 Optical USB Mouse with Wheel Add these lines to opt 1tsp i386 etc lts conf X MOUSE PROTOCOL ImPS 2 X MOUSE DEVICE dev input mice 8 7 5 4 Scrolling Mouse Add the following to opt 1tsp 1386 etc lts conf if you have a scrolling mouse 1tsp052 X MOUSE PROTOCOL ImPS 2 It s not certain that this will make the wheel function it may make your mouse go absolutely crazy 8 7 5 5 Video Card Driver Some video cards cannot be configured automatically This is especially true of older video cards So it may often be necessary to specify which video card driver must be used Sometimes it may also be necessary to specify that an older version of XFree86 must be used For example with the Compaq Deskpro 4000 machine an older version of XFree86 must be used so for this type of video card we have to add the following lines to opt 1tsp 1386 etc lts conf 1tsp054 94 Chapter 8 Fine tuning XSERVER XF86 SVGA 8 7 5 6 Screen Resolution Sometimes it may be desirable to use a different resolution than 1024x768 which is normally the standard for thin clients Not every video card can manage that resolution It would also appear a little weird on 14 or 15 screens where 800x600 fits better These files in opt ltsp i386 etc lts
4. s cccssscecsssecessecesseececeeceseseeceeeeeeseecessesesenees 133 9 7 3 Printers imeem une epe mace ee ee aloe Be 134 9714 Thin Gent Servers eitis ate eh peii ER UE ERE R orbe veces 134 9 7 5 Changing the ip range used by thinclients on networkcard eth 134 ONS NTEP CIOCKSELVER e 136 9 9 CUPS printserver sees aia a POP eine oe tele a hoa he esse 136 9 10 DNS inro uke neha aes a E nei ai aaa ee 139 OLA Apache webserver ooo EEUU TG RERO UD gas eius 139 9 12 syslog server zn ese bee teeieeeptep ume eg CP 140 9 13 Webmnilit 42e Oe la et a C d elie t e A EC teres 143 9 14 Squid nt rte e e dpi RT Et de Rp PA E de poe 143 9 T5 NES Setver eet ine Seti adie acute dete DH teet i etes 144 10 Special Adaptations for your Users eee eese eese retener teen tn tn tata tatnen sin en stata stans tasas tanus 145 10 1 Deciding Which Directories the Users Should Have eee 145 10 2 Automatic Start of Program at Login ener 146 10 3 Message to Users zoe tet oe oh tee eter hack eos E c Er HP pe iecit 146 10 3 1 Message to Everyone who Logs in ener 146 10 3 2 Message to a Specific User who Logs in 147 10 3 3 Giving a Message to All Users That are Logged on sse 147 10 3 4 Automatic User Log In sees nennen ener nenne 148 10 3 5 Automatic Input of Username in the Login Window eee 149 10 4 Se
5. export LTSP KERNEL VERSION 2 4 26 1tsp 2 export LTSP TYPE 0 2 export LTSP TYPE 1 export LTSP TYPE 2 export LTSP DNS SERVER 192 168 0 254 export LTSP NFS SERVER 192 168 0 254 export LTSP SWAPFILE SIZE 32m export LTSP SYSLOG HOST 192 168 0 254 export LTSP SNMPD export LTSP SOUND export LTSP XDM SERVER 192 168 0 254 export LTSP XSERVER mga export LTSP DISABLE ACCESS CONTROL 2 N tjener ltspinfo proc modules h l1tsp040 usbkbd 3256 0 unused hid 14184 0 unused usbmouse 1912 0 unused mousedev 3924 1 keybdev 1952 0 unused input 2976 0 usbkbd hid usbmouse mousedev keybdev usb uhci 20844 0 unused usbcore 55520 0 usbkbd hid usbmouse usb uhci nfsswap 2524 1 8139too 13256 1 mii 2112 0 8139too crc32 2848 0 8139too tjener ltspinfo proc bus pci devices h ltsp040 cut c6 13 80867180 80867181 80867110 80867111 80867112 80867113 10ec8139 10201001 All these is useful commands for diagnostic purposes and for finetuning your thinclients 96 Chapter 8 Fine tuning Warning Be very careful when using ALLOW SHUTDOWN Y because everybody on your system can then reboot shutdown a thinclient regardless if someone is logged in at that thinclient If you just need this feature for testing on a particular thinclient then place the lines under ItspXXX instead of under Defa
6. Coyote Linux Gateway Configuration Menu 1 Edit main configuration file 2 Change system password 3 Edit rc local script file 4 Custom firewall rules file 5 Edit firewall configuration 6 Edit port forward configuration c Show running configuration f Reload firewall r Reboot system w Write configuration to disk q Exit Menu l Logout Selection The first thing you must do is change the root password Choose 2 Change system password do so by pressing 2 then press ENTER Figure 3 15 Changing the Password FIXME 18 description of image You choose a password minimum 5 characters maximum 8 characters which you type twice Be aware that there is no output to the screen when you type the password in case someone is looking over your shoulder Password changed Updating webadmin password Press ENTER to return to system menu If this is the feedback you get from Coyote Linux then you have successfully changed the root password Since Coyote Linux runs from floppy and stores everything in RAM which is lost when you reboot Coyote Linux you must save this new password to the floppy Do this by choosing w Write configuration to disk 27 Chapter 3 Firewall Router for Skolelinux Debian edu Your new password is saved to the Coyote Linux floppy when you see this Backup script complete Press ENTER to return to menu All changes you have made to Coyote Linux are now saved to the floppy
7. b bind address c cipher spec e escape char i identity file 1 login name m mac spec o option p port F configfile L port host hostport R port host hostport D port hostname user hostname command Chapter 1 Where and How to Get Help DESCRIPTION ssh SSH client is a program for logging into a remote machine and for executing commands on a remote machine It is intended to replace rlogin and rsh and provide secur ncrypted communications between two untrusted hosts over an insecure network X11 connections and arbitrary TCP IP ports can also be forwarded over the secure channel ssh connects and logs into the specified hostname The user must prove his her identity to the remote machine using one of several methods depending on the protocol version used They are also available graphically in Konqueror by writing in the address field man ssh Figure 1 1 Help Pages in Konqueror manual page for ssh in Konqueror 1 5 2 This Document as a pdf File The html document that you are currently reading is also available in other formats including pdf and plain text The document as plain text http www skolelinux no klaus sarge newdriftbok sarge en txt The document as a pdf file http www skolelinux no klaus sarge newdriftbok sarge en pdf The document as one long html file http ww w skolelinux no klaus sarge newdriftbok sarge en html 1 5 3 Skane Sjzelland Lin
8. l1tspserver00 intern address 10 0 2 10 use node name yes Now we need to tell the client that the server is allowed to gather statistics we do this by adding an extra line at the end of the file etc munin munin node conf on the client allow 10 0 2 2 Note When you have made changes to the file etc munin munin node conf on the client you must restart Munin with the command etc init d munin node restart 129 Chapter 9 Services Out of the Box in Skolelinux Debian edu After a few minutes you should see something like this Figure 9 12 Munin with Mainserver and Thin Client server Munin with two clients 9 6 1 SNMP Munin plugin Some devices are SNMP capable and there is no need for munin node to be installed on such a device SNMP capable devices include printers embedded firewalls routers and wireless accesspoints I personally use the FreeBSD based mOnOwallfirewall router as my Skolelinux Debian edu router to get Munin to monitor it I first enable SNMP on the firewall with the community string set to public Then you need to add a line to the file etc munin munin node conf on the server allow 10 0 2 2 And also these two lines to the file etc munin munin conf gateway intern address 10 0 2 2 Note Note that eventhough the address of the device you want to monitor in this case is 10 0 2 1 you still must use the address of the server here in this case 10 0 2 2 Now you must setup the Munin SN
9. AutoLoginUser test In this case the user test gets automatically logged in on the thin client Itsp058 148 Chapter 10 Special Adaptations for your Users Automatic User Log In Advanced Use The possibility to log in people without having to type in usernames or passwords is really great when you want to stress test a Skolelinux Debian edu installation You create a series of test users which are set up for automatic log in That way you can get find out how the system behaves when there are many users logging in at the same time If you combine this with automatic start see Section 10 2 of several of the heavier applications such as Gimp OpenOffice org Firefox KStars then this test will be even more effective 10 3 5 Automatic Input of Username in the Login Window If you have a thin client placed where there is always one single user who logs in such as in an office it may be fine to set things up so that the user doesn t have to type in their username but just their password You can do this by adding the following lines to the file etc kde3 kdm kdmrc X 1tsp059 0 Greeter PreselectUser Default DefaultUser perbart That way the thin client Itsp059 has already filled in perbart as username the only thing the user has to type in is his password If some other user than perbart wants to use that thin client they can easily do so by removing perbart from the login window and typing in their own username 10 4 Setting
10. You can now reboot Coyote Linux and you will see that the new password is in use You can reboot Coyote Linux by pressing the ON OFF button on your Coyote Linux machine or by choosing r Reboot system from the Coyote Linux Menu If you have managed to get both network cards working and Coyote Linux have a network connection then you don t need to login using the command line anymore In the future you can use your web browser to login to Coyote Linux look at Section 3 7 When choosing q quit you will end up at the command line in Coyote Linux If you need to go back to the Coyote Linux Menu then type menu and press ENTER See Section 3 9 for a list of a few useful commands you can use from the command line in Coyote Linux 3 7 Coyote Linux Web Administrator Coyote Linux has a nice and well functioning web administrator that lets you perform almost all day to day operations Point your web browser to the address http 10 0 2 1 8180 At this address you will be met by the Coyote Linux web administrator Click on the link and then write in the username root and the password you made refer to Figure 3 15 Figure 3 16 Coyote Linux Web Administrator FIXME 19 description of image All options and choices are done in the Main Menu to the left Figure 3 17 Coyote Linux Main Menu FIXME 20 description of image 1 Information Choosing this will give you the status of your network cards the IP addresses they have uptime of Coy
11. eb eie rr eo petiere uui ge He esce iyi 21 3 7 Static IP configuration see eee e eterne ee hee ee tte TH ree Ede cea venen Pese tones 21 3 8 Do not enable the Coyote Linux DHCP server eeesesseseseeseeeeen rennen eene ene 21 3 9 Choosing Driver Modules for Your Network Cards NIC sse 21 B10 Choose language une o HERE IE e EO RR enel qe tot stein unus 21 3 11 Creatng the DISK aoo gH ROGO RE REP EO I UH REI EHE 22 3 12 Coyote Linux Login 5 2 eoi eoe teo teme Deep pue eod rere 25 3 13 menu status of network COWND cccccesesccecessssceceecessececcesesceccecseececeecesseaeccesesceseeeseeaecceceeeeeeenes 25 3 14 menu status of network Up Ret RR P re ERR HER ERAT n Fe e ree P ERI R ette 25 3715 Changing the Password d Re eet i esi re ge ect etie Ree ero 27 3 16 Coyote Linux Web Administrator esses eene eret ener enne treten enne ene 28 3 17 Coyote Linux Main Menu ote tope e eod leet e e ie e pei Ero Eee 28 4 1 The different profiles on different servers ssssssssseseeeeeeeeeeeen enne entente 40 4 2 Combi SetVer cuc ee dr RR ERE REESE QURE UD Qua ERR RU 40 5 1 SMB greeting screen 5 eset pee ene epp ute PO ER p ERR 42 5 2 Saving changes secet I e e etd e ict eU e ED ite eset 42 5 3 System settings aient peer et pO OU ri tire EP d eite titres 43 5 4 Rescan all boot records i tee e eren Ro reete iei ge bee decet 43 6 1 Starting up Skolelin
12. tjener apt get install fix broken Reading Package Lists Done Building Dependency Tr Done Correcting dependencies Done The following extra packages wil l be installed libaudio2 liblcms1 libmngl libqt3c102 mt libxcursorl libxft2 Suggested packages nas The following NEW packages will be installed liblems utils libqt3c102 mt psql libqt3c102 mt mysql libqt3c102 mt odbc libaudio2 liblcms1 libmngl1 libqt3c102 mt libxcursorl libxft2 0 upgraded 1 not Need to get 3489kB of archives 6 newly installed fully installed or removed 0 to remove and 0 not upgraded After unpacking 8753kB of additional disk space will be used Do you want to continue Y n Get 1 http ftp debian org sarge main libaudio2 1 7 2 71 5kB Get 2 http ftp debian org sarge main liblcmsi1 1 13 1 123kB Get 3 http ftp debian org sarge main libmngl 1 0 8 1 171kB Get 4 http ftp debian org sarge main libxcursorl 1 1 3 1 23 7kB Get 5 http ftp debian org sarge main libxft2 2 1 7 1 54 4kB Get 6 http ftp debian org sarge main libqt3c102 mt 3 3 3 4 3 3045kB Fetched 3489kB in 16s 212kB s Selecting previously deselected package libaudic2 Reading database 33027 files and directories currently installed Unpacking libaudio2 from libaudio2 1 7 2 i386 deb Selecting previously deselected package liblomsl Unpacking liblcmsl1 from liblcemsl 1 13 1 i386 deb Selecting previously d
13. webmin quota icon This is the Webmin disk quota icon found under Systems Figure 8 13 Filesystems with quotas filesystems with quota Figure 8 14 quotas for home0 quotas for homeO Figure 8 15 Edit quota for user klaus Edit quota for user klaus 8 10 1 Stopping the File xsession error From Filling up Your Entire Hard Drive Sometimes a program can get very troublesome and start writing enormous amount of error messages to the file xsession errors ina user s home directory Some programs especially GIMP are fully 117 Notes capable in the space Chapter 8 Fine tuning of only a few minutes of creating such a large xsession errors file that the whole hard drive gets full So everything stops working Then the root user has to go in to the main server and find that file and delete it This is not exactly what you want to do on a regular schoolday So even if such error message files as xessions errors are surely useful to have when you need to diagnose a problem they are really more of a hassle in the schoolday So you need to get rid of it You can do this by redirecting all messages that would otherwise be written to this file right into the waste bin dev null By changing a few lines in the file etc X11 Xsession set a comment symbol in front of these lines in this way ERRF ILE SHOME Xsession errors amp amp 4 attempt to create an error file abort if we cannot
14. 000000 Interne CP UO C OS C3 KJ KW VOX X Or oO 00000000 00000000 11111111 00000000 00000001 11111110 11111111 00000000 00000000 11111111 00000000 00000001 11111110 11111111 Achieving this goal is a simple matter of replacing all instances of 192 168 with 172 16 in the following files opt ltsp i386 etc lts conf etc dhcp3 dhcpd conf etc bind debian edu db intern etc bind debian edu named bind9 conf etc exports 135 Chapter 9 Services Out of the Box in Skolelinux Debian edu etc init d enable nat etc network interfaces etc hosts allow etc squid squid conf Users of the editor vi can use s 192 168 172 16 ge which will search and replace asking for confirmation in the process Remember to take eth1 down up ifdown eth1 ifup eth1 Rename the file etc bind debian edu db 192 168 to etc bind debian edu db 172 16 This one is funny replace all instances of 168 192 with 16 172 in the file etc bind debian edu named bind9 conf Then you must restart bind enable nat dhcp exports and possibly also squid etc init d bind9 restart etc init d enable nat restart etc init d dhcp3 server restart exportfs ra etc init d squid restart 9 8 NTP clockserver 9 9 CUPS printserver Warning There is a bug in pr05 see bug 967 http bugs skolelinux no show_bug cgi id 967 You fix it by running the command In sf
15. 6 2 7 The Various Profiles in Skolelinux Debian edu see 52 6 2 8 Installation complete 5 iter e EEan E Tease 53 7 The Second Stage of Skolelinux Debian edu Installation eeeeee eerte eene teen tnan 54 T T Second Stage oun oe PORE E EE rT E EE da heehee ees 54 7 1 1 Something Went Wrong usisero ieee eiee re ron EE Er E E EEE EEE Eem ESTk 60 7 1 2 Turning off or Rebooting the Machine eene 62 3 3 B gzlla aho tu a aes aioe eects 63 FROM 64 8 1 The Famous Command Line esses eene nennen etre nnne en nnne ener inneren 64 8 1 T Shell Teriminal Renee eerte de Te EH ar ere d Tete dtt 64 8 2 How to Edit System Configuration Files esses en nennen 65 8 2 1 How to Edit System Configuration Files with kwrite eee 65 8 2 2 How to Edit System Configuration Files esee 65 8 3 The Pager application More sess enint nennen tee ner ener nne 66 8 4 Installing a Kernel with Support for up to 4GB RAM and Multi Processors 67 8 5 Changing the Size of the LVM Partitions essssseeeeseeeeeen eene eene nennen 70 8 5 T Resizing theJusrPat tion eet i ee e RS 72 8 5 2 Resizing skole tjener homeO esee 75 825237 Resizing skole backup iere tet e e ete ete n
16. Munin with SNMP firewall If you would like to test the SNMP capabilities of any of your devices try running snmpwalk v 1 c public 10 0 2 30 You might be rewarded with something rather meaningless like this which is a good sign tjener snmpwalk v 1 c public 10 0 2 30 SNMPv2 MIB sysDescr 0 STRING HP ETHERNET MULTI ENVIRONMENT ROM G 08 21 JETDIRECT JD33 E SNMPv2 MIB sysObjectID 0 OID SNMPv2 SMI enterprises 11 2 3 9 1 SNMPv2 MIB sysUpTime 0 Timeticks 9102780 1 day 1 17 07 80 SNMPv2 MIB sysContact 0 STRING Note If you when running munin node configure snmp see something like this Can t locate Net SNMP pm in INC INC contains etc perl usr local lib per1 5 8 4 usr local s usr lib perl5 usr share perl5 usr lib perl 5 8 usr share perl 5 8 usr local lib site perl at usr sbin munin node configure snmp line 29 BEGIN failed compilation aborted at usr sbin munin node configure snmp line 29 then you are quit possibly missing some necessary perl stuff I m sure apt get install libnet snmp perl will fix this Tip It s also possible to use Munin together with SNMP to monitor Windows machines 131 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 7 DHCP server Warning After you have made any changes to etc dhcp3 dhcpd conf either by editing the file directly or via Webmin you need to restart the DHCP3 server for the changes to take
17. Normally you can leave this one blank Install the Big Pond login software y n Ithink this refers to some extra stuff you need if you happen to get net access from the provider Big Pond but I m not really sure Anybody know 18 Chapter 3 Firewall Router for Skolelinux Debian edu h Do you want to enable the Coyote DHCP server y n n Here you must answer n i If you don t know what a DMZ is just answer NO Do you want to configure a De Militarized Zone Y N n Here can press just n j You now need to specify the module name and parameters for your network cards If you are using PCI or EISA cards leave the IO and IRQ lines blank Enter the module name for you local network card This is the tricky part knowing what type of driver modules to use for your network cards even knowing what type of network cards you have is sometimes difficult Have a look at Section 3 12 for an overview of available driver modules Remember to not use the ending o when writing what driver module to use I prefer newer cards from 3Com Almost all of them use the driver module 3c59x k The default language of the Coyote Web Administrator is English Do you like to configure a different language Y N n Use English it s much easier to get help and use Google when there is a problem l Syslog server address Here you can use the mainservers as syslog server use 10 0 2 2 3 You must now ins
18. That way in the future when I want to install these packages the command apt get will fetch the packages that I have already downloaded This goes more quickly mkdir var www dpkg cp var cache apt archives deb var www dpkg cd var www dpkg scanpackages dpkg dev null gzip 9c gt dpkg Packages gz After that a new line in the file etc apt sources list must be added to deb file var www dpkg Then you must as usual run the command apt get update in order to update your package database 8 9 13 Upgrade of OpenOffice org from 1 1 3 to 2 0 Skolelinux Debian eduis based on the version of Debian with the codename Stable that means the software that is included is thoroughly tested and therefor deemed Stable this is all well and nice because that means your server will not crash but it might mean that your users will crash your workday be demanding newer and uptodate software then you must upgrade Luckily you are not the only one with such demands coming from your users and for this reason there has been put in place a framework where it is possible to install newer software on Debian Stable which wasn t meant for it Welcome backports http www backports org Backports is a software repository holding such things as OpenOffice org 2 0 Tip Before you install OpenOffice org 2 0 it s vice to remove OpenOffice org 1 1 3 like this apt get remove openoffice org openoffice org bin openoffice org debian files
19. That will most likely remove most of the installed OpenOffice org packages to be sure use COLUMNS 160 dpkg I grep openoffice to see which is left then remove those as well If you want to install anything from backports the quickest way is to add this extra line to the file etc apt sources list deb http www backports org debian sarge backports main Then do the usual apt get update Then install OpenOffice org 2 0 and some extra packages with the command 112 Chapter 8 Fine tuning apt get install openoffice org openoffice org kde openoffice org 110n nb openoffice org 110n nn openoffice org 110n de openoffice org I10n fr simulate this will install just about all you need and possibly some more Warning Especially when it comes to installing software from unofficial repositories like Backports strongly suggest running apt get install with the simulate switch the first time just to see what actually will happen before it happens and when you are comfortable with what you see when using simulate or when you decide that you will try anyway then just remove simulate Running with simulate should yield something like this tjener apt get install openoffice org openoffice org kde openoffice org l10n nb openoffic openoffice org 110n de openoffice org 110n fr simulate Reading Package Lists Done Building Dependency Tree Done The following extra packages will be installed libgnujaxp
20. different columns At the top of each column you choose the name for its content as a minimum you should have first name and last name Figure 11 9 Result of File Import FIXME 80 description of image When you add users from file you get a nice list of the new users usernames and passwords in a format that is easy to print out and distribute to the user 11 1 4 Editing users disable enable login delete users Figure 11 10 List of Registered Users FIXME 81 description of image By clicking on Search without filling in the search field you get a list of all users who are registered By clicking on User Data you get the possibility of changing the password for that user as well as other things such as the name of the user If you want you can also choose to move the users home directory but you will need to personally move the files in question since this is not done by WLUS See manually move homedirectory Figure 11 11 FIXME 82 description of image When users are on the system there are some extra possibilities to choose from such as Delete user Disable Login and Enable Login 157 Chapter 11 Useradministration with WLUS in Webmin Figure 11 12 Disable Login FIXME 83 description of image By putting a cross in front of a user and choosing for example Disable Login that user will not be allowed to login If you had search based on groups you would have the possibility to disable a whole group of
21. etc cups cupsd debian edu conf etc cups cupsd conf 136 Chapter 9 Services Out of the Box in Skolelinux Debian edu Once that bug is ironed out adding printers and instantaneously making them available to all users and seen by all server is a mather of simply just installing the printer If the printer is placed in the backbone switch that is in the 10 0 2 0 23 network logon to your Thinclientserver or Combi server and use the built in printermanagement in KDE which is just a graphic frontend to CUPS Later you might opt for using a webbrowser and the address http tjener intern 631 or http ItspserverOO intern 631 depending where you actually installed you printer Note You must use Konqueror Firefox will not work Warning In the screenshots below notice that the Print system currently used is CUPS Make sure that it stays this way and do not use any of the other printsystems unless you really know what you are doing Figure 9 14 Konqueror with print FIXME 50 description of image First open Konqueror or just your filemanager and enter the address print from there choose Manager Note If you are lazy and a terminaljunkie start it from the commandline konqueror print Figure 9 15 kprint Add new printer FIXME 50 description of image Now go to Add and choose Add new printers classes You could of course just have started with the url print manager 137 Chapter 9 Services Out of t
22. 06 25 Kern log 4 gz E roo adm 12M 2006 04 19 20 23 Buth log rw r roo adm 13M 2006 04 16 06 25 Buth log O0 EWCIWNeE roo utmp 290M 2006 04 19 20 23 lastlog 0 here would delete the files Lastlog 0 and auth 10og 0 The mainserver in Skolelinux Debian edu is setup to receive the logfiles from the different machines in the Skolelinux Debian edu network other machines such as Thin Clientserver workstations Other machines can be configured to send their logfiles to the mainserver as well such as firewalls routers and printers this is achieved by specifying in the appropriate places on such devices the address 10 0 2 2 as remote syslog server In the case of the firewall router Coyote Linux configuring it to use mainserver as remove syslog server is done during the creation of the floppy but can also be done at a later time via http 10 0 2 1 8180 and there look for Optional Configurations and the field Remote Logging Host in this image Figure 9 31 Remote logging setup in Coyote Linux logging setup in Coyote Linux If you logon to your Coyote Linux firewall with ssh like ssh root 10 0 2 1 then you can setup the 141 remote logging host using Chapter 9 Services Out of the Box in Skolelinux Debian edu Coyote Linux Gateway Configuration Menu 1 Edit main configuration file 2 Change system password 3 Edit rc local script file 4 Custom firewall rules file 5 Edit fi
23. 1 init 1 74 Chapter 8 Fine tuning Q After I have mounted the partition and the machine starts up again from runlevel 1 it freezes with the message A The only solution I know of is to restart the machine hard which means to use the power button to turn the machine off and then on again This problem could have been avoided if you had used init 6 or reboot after you had resized the partition in runlevel 1 and not just used the exit 8 5 2 Resizing skole tjener homeO This lv belongs to vg data It s only present in the profile mainserver This is the partition where the users home directories are stored The resizing of skole t jener home0 is done pretty much the same way as with usr As a matter of fact it s much easier since it doesn t involve changing to runlevel 1 or changing the shell P11 briefly mention the relevant commands see resize usr for more info 1 Login as root and tell all your users they must logout 2 Check the current size of your partition df h skole tjener home0 3 Unmount the partition umount skole tjener home0 4 If you get tjener umount skole tjener home0 umount skole tjener home0 device is busy umount skole tjener home0 device is busy It might help stopping nfs since skole t jener home0 might be nfs mounted on thinclientserver and workstations tjener etc init d nfs common stop Stopping NFS common utilities statd tjener etc init d nf
24. 117 8 14 quotasifor homeO donee p tee rete p PR dee n ptite 117 8 15 Edit quota for user Klaus isisi eet et eee erre certi eie e sede deett 117 9 1 Webmin Servers oie senti eee ashes eect ask geni rei ote que iH erp 121 9 2 SIbackup General ceo ett ect erede e dee n cre REPE tere qued 121 9 3 Slbackup Backup Details neget ete ptite a eti pte 122 9 4 Slbackup Backup Details Backup Clients eene 122 9 5 Slbackup Backup Details Backup Server eene eene enne 122 9 6 Slbackup Restore ena rea e ac e is eie eh qt E Ad ates 123 9 7 Slbackup Restored Files er etrmpOU nni tpe Oni deep dre 123 9 8 Slbackup Maintenance etd te etre Pere hee e eter gite reed 123 9 0 Slbackup SSH Keys o senneeoee deeem dentur ote ao eR 124 9 10 Kompare gui based diff 1 tct ect entes ie ID DER RC RHI Errat trece quodi 124 9 11 Unconfigured MUNIN 2 nieto e eee e pO Reed ertet 129 9 12 Munin with Mainserver and Thin Client server eeesseseeeseeeeeeeneeeee ee nennen 130 9 13 Munin SNMP firewall nee treten eee ptite ea ere RR 131 9 14 Konqueror with print eee irte tte c ie Entre d Are eek ie qr ta eee qued 137 9 15 kprint Add new printet enee esee ae o NaS nE S eME PAATE IIE RESIES ESEE 137 9 16 KDE printwWelconie Scteen o eee ert ede deti to ed demens 137 9 17 Choose what type of connection you have oo cesses ceceseeeeeeeceseeeeecaecssesseeseceeseseeeaseaecseesaee
25. 21 Mar 2005 1 37 21 Mar 2005 Checking Checking Checking Checking Checking inodes blocks and sizes directory structure directory connectivity reference counts group summary information 76 Chapter 8 Fine tuning Logical volume lv home0 successfully resized tjener resize2fs dev vg data lv home0 resize2fs 1 37 21 Mar 2005 Resizing the filesystem on dev vg data lv home0 to 516096 1k blocks The filesystem on dev vg data lv home0 is now 516096 blocks long l Mount the partition mount skole tjener home0 oo Check the new size of the partition df h skole tjener home0 o Start nfs again if you had to stop it tjener etc init d nfs kernel server start tjener etc init d nfs common start 8 5 3 Resizing skole backup This lv belongs to vg data It s only present in the profile mainserver This is the default partition used for placing the backups made and administered with the Skolelinux Debian edu developed Webmin module slbackup Resizing this partition is very similar to resizing skole tjener homeO it belongs to the same vg group vg data If you want to increase skole backup with 600MB the command would be umount skole backup e2fsck fy dev vg data lv backup Ivextend size 600M dev vg data lv backup resize2fs dev vg data lv backup mount skole backup 8 5 4 Resizing var This lv belongs to vg system It s present in the profiles mainserver and thinclientserve
26. 32 Mozill Firefox i digo eo eie ee poeni 164 12 2 1 Acrobat Reader as Plugin for Firefox Konqueror see 165 12 2 2 Adding a Plugin to view NRK TV and other film clips on the Internet 165 12 2 3 Macromedia Flash Player Plugin for Firefox eee 165 13 Useful Programs that are not Included on the Skolelinux Debian edu CD 166 13 1 Acrobat Reader 3 5 5 he ert etd thee et te rte t peti ied t e pps 166 13 2 Mpl y t etie epr ects Gates Shah ee ee EPIO RR BEP PEIUS 166 vi A Integration of Other Linux Distributions into Skolelinux Debian edu with Idap and autofs 168 B Seamless Integration of Mac OS X Machines aeree escis eese eee eee eene tn etas tn sense tn stas to sesta sao 171 CrSmarttech Touchboard RRMRPURRA 172 Cal Setups pem SURE RH ERRORI DAR Rees ae 172 C 1 1 SmartBoard Icons for Users sse enne eene enne nnne nnne 173 D Various Homemade Solutions eere eee eee eee eee eee seen eene ta sense tns tas ettet ts teas tn sense ens en sees ettet ta sa 175 ISyDCui iore iei tee tiet ero ed UTERE ape E der Ye e EE AERE HERE ECL 175 D 2 Preventing Users from Logging onto Several Thin Clients Simultaneously 177 D 2 T Kicking Out a USGt 3er tet ctae re et eee ei Rcge eg Ee erede cin 177 D 3 Ensuring that all Processes Prog
27. Direct Editing of Files in the LDAP Database By using the command slapcat l root users ldif you will get a pure text file that contains the LDAP database In this case this is in the file named root users ldif This is a so called ldif file ergo the file type Idif You must stop the slapd LDAP daemon before you bring up this Idif file This is along with stopping nscd Name Service Cache Daemon is done with the commands etc init d slapd stop etc init d nscd stop slapcat l root users ldif Be aware the when you stop slapd no one can login Then you have to start it up again etc init d slapd start etc init d nscd start You can edit this file root userer 1dif with the help of your favourite text editor for example nano Section 8 2 2 In this file you can make changes in usernames home directories groups etc the same as when you use the user administration module in Webmin Chapter 11 The advantage of using an ldif file is that you can change several things at once This is the file you use if you have to reinstall and want to use the same usernames and passwords again it is a little tedious to have to hand out 1000 new usernames and passwords 11 1 8 1 Putting the Old LDAP Database in a New Installation Note This doesn t currently work as expected in Sarge due to some problematic Samba SID that changes across reinstallations 160 Chapter 11 Useradministration with WLUS in Webmin Sometimes you just
28. RUNNING MTU 16436 Metric 1 RX packets 269981 errors 0 dropped 0 overruns 0 frame 0 TX packets 269981 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 126747627 120 8 MiB TX bytes 126747627 120 8 MiB If what you see is similar to the above but you still can t get on the net then you may have to do something with your DNS setup Have a look at this section in the documentation about Coyote Linux Section 3 11 Sometimes someone tries to change the configuration of the network card eth0 on the Main server do not do that If you despite this advice have tried to change the ethO setup and things mysteriously stops working then most likely your etc resolv conf is messed up and wrong 96 Chapter 8 Fine tuning The file etc resolv conf should on a Main server look like this tjener f more etc resolv conf search intern nameserver 127 0 0 1 8 9 Administration of Packages In order to install packages you need to define where you want to get them from where your package reservoir is You define your package reservoir in the file etc apt sources list The format for the line in this file follows a specific syntax If you type a line wrong then you will get a pretty good error message when you try to update the database for the available packages It will give you a clear message about which line in the file is incorrect In this file you use the hash mark at the beginning of the line
29. Technologies Inc Rage XL rev 27 0000 00 03 0 Ethernet controller Intel Corp 82540EM Gigabit Ethernet Controller rev 02 Have a look at the line mentioning Ethernet controller if I want more info about it I use lspci vn and pick out the stanza involving the pciid 0000 00 03 0 tjener flspc vn 0000 00 03 0 0200 8086 100e rev 02 Subsystem 1734 1107 61 Chapter 7 The Second Stage of Skolelinux Debian edu Installation Flags bus master 66MHz medium devsel latency 32 IRQ 177 Memory at fcde0000 32 bit non prefetchable size 128K I O ports at 4400 size 64 Capabilities dc Power Management version 2 Capabilities e4 PCI X non bridge device Capabilities f0 Message Signalled Interrupts 64bit Queue 0 0 Enable With this info which might seem pointless to you a search on Google or any of the Skolelinux Debian edu related helpchannels see Chapter 1 will surely be able to help you 7 1 2 Turning off or Rebooting the Machine If your video card was correctly automatically configured and you have a nice blue KDM login screen then you can reboot and shutdown your machine by choosing menu shutdown and there choose either shutdown or reboot Figure 7 12 reboot shutdown from kdm reboot shutdown from kdm Note Luckily this is not an option in the KDM for thin clients otherwise anybody could reboot shutdown the server If you have a machine installed only with
30. a Package When you have found the package you want install it with the command apt get install lt packagename gt If you want to see what will happen when you install it you can first run a simulation with the command apt get install lt packagename gt simulate tjener apt get install aterm simulate Reading Package Lists Done Building Dependency Tree Done The following NEW packages will be installed aterm 0 upgraded 1 newly installed 0 to remove and 0 not upgraded Inst aterm 0 4 2 11 Debian 3 1r0 stable Conf aterm 0 4 2 11 Debian 3 1r0 stable tjener apt get install aterm Reading Package Lists Done Building Dependency Tree Done The following NEW packages will be installed aterm 0 upgraded 1 newly installed 0 to remove and 0 not upgraded Need to get 91 6kB of archives After unpacking 287kB of additional disk space will be used Get 1 http ftp debian org sarge main aterm 0 4 2 11 91 6kB Fetched 91 6kB in 1s 71 0kB s Selecting previously deselected package aterm 105 Chapter 8 Fine tuning Reading database 32924 files and directories currently installed Unpacking aterm from aterm 0 4 2 11 i386 deb Setting up aterm 0 4 2 11 8 9 7 Removing an Installed Package To find the specific package that you want to remove use the commands that were mentioned earlier for finding the name of the package When you know the name of the package then you can
31. aaa eaae eaae eaae eaae eee eaae eaae aee de aee WARNING REMOTE HOST IDENTIFICATION HAS CHANGED IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY Someone could be eavesdropping on you right now man ifp the middle attack ba bc 68 4c 0b 72 4b 89 d3 04 00 c3 ab 85b 08 98 Please contact your system administrator Add correct host key in home klausade ssh known hostfs to get rid of this me Offending key in home klausade ssh known hosts 2 RSA host key for localhost has changed and you have rdquested strict checking Host key verification failed This is nothing to get scared about It just means that you must delete in this case line 2 the line in the file home k1ausade ssh known hosts containing localhost 1 5 More In Depth Linux Documentation There is an enormous amount of written material about every aspect concerning Linux and GNU Online you ll find full in depth books with 1000 pages and shorter 1 2 DIN A4 pages Your local bookstore should probably have at least 100 Linux relevant book titles available 1 5 1 Documentation and Help Pages Already Installed Almost all programs and commands on your system come with a help page These pages are available from the command line like man ssh which gives you this SSH 1 System General Commands Manual SSH 1 NAME ssh OpenSSH SSH client remote login program SYNOPSIS ssh 1 login name hostname user hostname command ssh afgknqstvxACNPTX1246
32. access can have disastrous results Note that you will not be able to see the password as you type it Please enter the same root password again to verify you have typed it correctly Figure 7 6 Type in password password Figure 7 7 Repeat password password You must type it twice the same way both times If you do it wrong you get another chance Changing the Root Password The root password can be changed from the command line with the command passwd when you are logged in as root you can also use the graphical tool kdepasswd found in K menu Tools Change Password Have a look at Chapter 11 to find out how to change the other administrative password LDAP administrator 58 Chapter 7 The Second Stage of Skolelinux Debian edu Installation After you have created the root password the installation of packages in the second stage starts Remember to insert the CD in the CD ROM drive you will be prompted to do so if you have forgotten The rest of the installation takes about 15 45 minutes depending on how fast your machine is Note You may now leave the machine and take a well deserved break Have a refreshing drink The installation will be completed without any further input from you t s now possible to login as user root in one of the VT by pressing ALT F2 or ALT F3 and poke around the system a bit Figure 7 8 Installation is Complete the Necessary Reboot Thank you for choosing Debian Afte
33. aeons 155 11 5 Result of New User soni herren prie te priore iei nter eee 156 11 6 The format of the importfile in a spreadsheet essere enne 156 11 7 File Import aote eee une de ak esata bone ne eter doe SOR seats 156 11 8 Importing Users from File socne eies orisii eira soe ekono CSEE EREE ete nen tren 157 11 9 Result of File IMPort c nepote etr re E RI EE rE Eer aE 157 11 10 List of Registered Usets uH UI QUERER REP RERO Rieti ade 157 LED E E E eS Heb ope ghetto eee eet 157 11 12 Disable LO Sime xut ete tee toe di eq tr RE ed teres 157 11 13 Re enabling Login eun cien eter eR tert RO Erie E i TE 158 11 14 Change a users password e ete eere teinte Rer tine tectae ene eee S 158 11 15 Users logins into Webmin as himself sese nenne ener enne 158 11 I6 WEUS for the user i see eere ec erede e ite rn needs REP I IHR 158 11 17 Users changes his password nie terre tie het pbi rep tte 159 1 18 Change was successful uere Sero p aO E DURER e ede 159 12 1 File Manager Home Icon 5t een prete p Hp HR TER Ote ri 164 Preface This document is written mainly because nobody else did it and because it had to be done This document is NOT a general Linux book It is not a document about Linux but about Skolelinux Debian edu You must supplement reading this document with material from Section 1 5 Warning You use this document at your own risk It is to be
34. affect This is either done from the command line with etc init d dhcp3 server restart or in Webmin by pressing the button labeled Apply Changes All servers in Skolelinux Debian edu mainserver and thinclientserver run DHCP servers This means that any machine workstation thinclient and other machines laptops Windows Mac machines will get a dynamic IP address that is the IP address given to the individual machine is likely to be different every time that machine connects In order to make your life easier you should make these machines have a static IP address Add their MAC addresses to the right group in the DHCP setup Note To reduce complexity the dhcp configuration file et c dhcp3 dhcpd conf is identical on both profiles that has a dhcp server running Main server and Thinclient server and also therefor also on the Combi server Therefor make sure that you use the correct url for webmin when editing the different stanzas in etc dhcp3 dhcpd conf 9 7 1 Thin Clients host 1tsp010 hardware ethernet 00 00 00 00 00 00 fixed address ltsp010 filename tftpboot lts vmlinuz 2 4 26 1tsp 2 filename tftpboot lts pxelinux 0 option option 128 e4 45 74 68 00 00 option option 129 NIC 3c509 There are already 100 places set aside for 100 thin clients in the file etc dhcp3 dhcpd conf Note Thinclients must be attached to the networkcard with the name eth It is defined in the configuration of bind and
35. any kind of PC but it s not optimalized for dual processors or more ram than 940MB If you want a kernel for the newer servers with plenty of RAM and multi processors you must download and install it afterward which thanks to the genius package system of Debian is very easy to do Have a look at Section 8 9 for a more detailed description of apt get and dpkg The keyword to look for when you want a Linux kernel with support for more RAM than LOWMEM 940M and more than one CPU is SMP aka Symmetric Multi Processors This command issued from a shell will list available Linux kernels ready for installation apt cache search kernel image grep smp At the time this is being written this returns kernel image 2 4 686 smp Linux kernel image for version 2 4 on PPro Celeron PII PIII P4 SMP kernel image 2 4 k7 smp Linux kernel image for version 2 4 on AMD K7 SMP kernel image 2 4 27 2 686 smp Linux kernel image for version 2 4 27 on PPro Celeron PII PIII P4 SMP kernel image 2 4 27 2 k7 smp Linux kernel image for version 2 4 27 on AMD K7 SMP kernel image 2 6 686 smp Linux kernel image for version 2 6 on PPro Celeron PII PIII P4 SMP kernel image 2 6 amd64 k8 smp Linux kernel image for version 2 6 on AMD64 SMP systems kernel image 2 6 em64t p4 smp Linux kernel image for version 2 6 on Intel EM64T SMP systems kernel image 2 6 k7 smp Linux kernel image for version 2 6 on AMD K7 SMP kernel image 2 6 8 11 amd64 k8 smp Linux kernel imag
36. are the necessary packages to install tjener f apt cache search acrobat acroread Adobe Acrobat Reader Portable Document Format file viewer acroread plugins Plugins for Adobe Acrobat R Reader mozilla acroread Adobe Acrobat R Reader plugin for mozilla Konqueror These can be installed with the command apt get install acroread acroread plugins mozilla acroread 13 2 Mplayer This is a super multimedia player which you can use to play DVD AVI MPEG WMV etc This program is not included with Skolelinux Debian edu it must be downloaded To do this you have to add the following line to the file etc apt sources list deb ftp ftp nerim net debian marillat sarge main and then complete the installation process with the command apt get update apt get install mplayer 166 Chapter 13 Useful Programs that are not Included on the Skolelinux Debian edu CD Of course you can use your favourite package manage instead such as 5 or 10 167 Appendix A Integration of Other Linux Distributions into Skolelinux Debian edu with Idap and autofs These are some short notes I ll use Ubuntu 5 10 and plain Debian Sarge as examples The server is based on Skolelinux debian edu pr05 which is Sarge based First on the Ubuntu machine you must enable the universe package repository by adding uncommenting these lines to your etc apt sources list deb http no archive ubuntu com ubuntu breezy universe deb http security ubun
37. as the user root ssh root tjener intern nano etc modules There is more about ssh in Section 9 3 8 3 The Pager application More Sometimes when you issue a command such as dpkg l or try to view a file in a Virtual Terminal or in a shell the output is too much for one screen display To make it easier to read you can pipe it through the application more like this dpkg l more and use the SPACEBAR to display the next screen and q to quit The pipe is a key 1 on the keyboard that has two vertical lines one above the other It often looks like a one full vertical line Have a look at the keyboardlauoyt in Section 6 2 1 3 66 G AT Chapter 8 Fine tuning You can pipe the output of almost all command through more 8 4 Installing a Kernel with Support for up to 4GB RAM and Multi Processors Due to the limited amount of space available on one CD there is only one Linux kernel available on the Skolelinux Debian edu CD So the chosen Linux kernel is based on the lowest common denominator which means that it should work on most kinds of hardware You can find out what kind of kernel you are running at the moment with the command uname a use this command later to verify that you have changed to a different kernel if you choose to do so tjener funame a Linux tjener intern 2 6 8 2 386 1 Thu May 19 17 40 50 JST 2005 i686 GNU Linux In this case I m running a 386 kernel which should work on just about
38. boot linux mem 64m when you install Skolelinux Debian edu This way the installer only sees 64MB of RAM and will only make a 128MB big swap partition see Figure 6 1 It is only during the first stage of installation that this low amount of RAM is seen by the system Later all available RAM is visible and in use but maybe you need to install a HIGHMEM enabled kernel see Section 8 4 Tip It s also possible during installation to decide what size partitions the automatic partitioning will make Have a look in directory etc autopartkit during install use ALT F2 and the editor nano to edit those files Note this is for advanced users only 2 6 Laptop The main focus of Skolelinux Debian edu is servers not laptops I suggest you have a look at plain Debian Knoppix or any other Linux distribution If any other Linux distribution is out of the question you must have Skolelinux Debian edu installed then choose the profiles Standalone and Standalone Extra 2 7 Combined profiles At the moment there is 5 profiles available when installing Skolelinux Debian edu see Section 5 2 some of these can be combined some of these can not be combined 2 7 1 Combi server mainserver ltspserver It s perfectly possible to combine the profiles mainserver Section 2 2 and Itspserver Section 2 3 so that you can have a fully functional Skolelinux Debian edu network with only two machines combi server Section 2 7 and a firewall router Section 2 1 Such
39. conf make that possible 1tsp060 X MODE 0 2800x600 8 7 5 7 Using the package Itps utils The package Itsp utils is a great tool when it comes to administrating the thinclients without to much footjob With it you can reboot shutdown the clients and query the contents of their proc filesystem which contains plenty of useful stuff First you must activate it you have the choice of activating the reading of proc and the possibility to reboot shutdown It s configured in the file opt ltsp i386 etc lts conf placed it under the section Default ALLOW SHUTDOWN EOM ALLOW PROCREAD a With ALLOW_SHUTDOWN Y you may reboot shutdown your thinclients using the commands Itspinfo reboot h Itsp040 Itspinfo shutdown h Itsp040 If you have ALLOW PROCREAD Y you may query the proc filesystem on the thinclients like this tjener f ltspinfo proc meminfo h ltsp040 total used free shared buffers cached Mem 130322432 20234240 110088192 0 65536 11264000 Swap 33550336 0 33550336 tjener ltspinfo proc cpuinfo h l1tsp040 processor 2 0 vendor_id GenuineIntel cpu family 76 model i6 model name Celeron Mendocino stepping 220 95 Chapter 8 Fine tuning cpu MHz o392 290w tjener ltspinfo cfg ALL h ltsp040 export LTSP LOCAL APPS N export LTSP USE NFS SWAP Y export LTSP HOSTNAME 1tsp040 export LTSP DEFAULT SERVER 192 168 0 254 lt
40. easiest thing to do If that happens with LDAP there is a simpler way to start from scratch than to reinstall the whole system You can delete your LDAP database that doesn t function the way you want it to and then put in a new and unused one in the same condition as it was right after installation This means that all of your current users will be deleted The first thing you have to do is to make a copy of your current LDAP database no matter whether it functions or not Stop slapd daemon and nscd 161 Chapter 11 Useradministration with WLUS in Webmin etc init d slapd stop etc init d nscd stop Make a copy of the old LDAP database that is create a so called Idif file slapcat l root Idap old ldif Delete the old LDAP database mkdir root dbb old mv var lib Idap root dbb old Now you can put in a new clean LDAP database with the command Idap debian edu install Delete the home directories for the users whom you have just thrown out rm rf deletes the entire directory without asking any questions Be careful rm rf skole tjener home user1 rm rf skole tjener home user2 Be aware that you are now permanently deleting these home directories Just in case you might regret this action later it s wise to take a backup before you delete them See Section 9 4 If this doesn t work you can put in the old LDAP database again etc init d slapd stop etc init d nscd stop mkdir root db
41. edu network is called LAN eth0 LAN network This card is connected either directly to the Skolelinux Debian edu mainserver with a crossover cable for small networks or via a switch making a so called 10 0 2 23 backbone network Warning Don t mix up the different roles of ethO and eth1 in Coyote Linux and Skolelinux Debian edu 15 Chapter 3 Firewall Router for Skolelinux Debian edu Figure 3 1 An Overview of Placement of the firewall router in Skolelinux Debian edu Layout of small medium network A similar diagram with an overview of a complete Skolelinux Debian edu network is available in Chapter 4 3 3 Creation of a Coyote Linux Floppy I will briefly outline this procedure on a Windows machine in Section 3 3 1 Basic Configuration of the firewall router Regardless if you choose to create the Coyote Linux floppy on a Linux or Windows machine the following configuration must be used This also applies to any other firewall router than Coyote Linux A local network interface IP Address 10 0 2 1 Netmask 255 255 254 0 Broadcast 10 0 3 255 Network 10 0 2 0 B Install the Big Pond login software y n n Wow Press n Ithink this refers to some extra stuff you need if you happen to get net access from the provider Big Pond but I m not really sure Anybody know C Do you want to enable the Coyote DHCP server y n n Wow Press n Warning Since Skolelinux Debian edu already has a DHCP
42. for Users Now that the SmartBoard driver has been installed and the proper permissions have been set up for the serial port the only thing you need now is a nice little icon for your users to click on You need two files if you want your users to be able to start the Smartboard easily one icon on their desktop together with a little script centrally located in the machine Make sure that the users who are going to use the Smartboard have this file in their Desktop directory in their home directory The file should be named Smartboard desktop and have this content Desktop Entry Comment Smartboard Comment nb Smartboard Encoding UTF 8 Exec usr local bin smartboard sh 173 Appendix C Smarttech Touchboard GenericName Smartboard GenericName nb Smartboard Icon usr bin SMARTBoard lib pixmaps board256 xpm MimeType Name SMartBoard Name nb SMartBoard Path ServiceTypes SwallowExec SwallowTitle Smartboard Terminal false TerminalOptions Type Application X KDE SubstituteUID false X KDE Username P Hi You also need this script which gets called up by Smartboard desktop If you put this script in a different location than usr local bin smartboard sh you will need to change this also in Smartboard desktop This is the contents of the file usr local bin smartboard sh bin bash Save as something like usr local bin smartboard sh export SBOARD_INSTALL_PATH usr bin SMART
43. have to do a reinstallation In order not to inconvenience the users too much it s nice to let them keep using their old passwords and usernames If you have that specific Idif file from LDAP then you can just put it in the new installation and your users will be able to continue to use their old usernames and passwords Recipe for Carrying Over the LDAP Database On the old server before you do the reinstallation take out an Idif file from LDAP etc init slapd stop slapcat l root users ldif Remember that whenslapd is stopped no one can login Move this file root users ldif over to the new installation either by using a USB pendrive or by using a CD In order to be able to put in the old LDAP database with the help of your users 1dif you have to delete the one that is already there The database files are found in var 1ib 1dap A good way to get rid of them is to move them to another directory just in case you need them later mkdir root dbb etc init slapd stop etc init d nscd stop mv var lib Idap root dbb slapadd l users ldif etc init slapd start etc init d nscd start Now it s possible to use the old usernames and passwords Remember that the old Webmin root password is the one to use 11 1 9 How to Start with a New Fresh LDAP Database Sometimes you can get in a situation where someone has experimented a little too much with various configurations maybe so much that reinstallation would be the
44. helping you There are various mailing lists out there targeted at different types of users and in different languages Have a look at the web page http developer skolelinux no mailinglister html Have a look at 9 for help on setting up and configuring the mail client KMail 1 2 IRC Chat Channel Skolelinux Debian edu Another place to get help is via IRC channel debian edu IRCnet irc pvv ntnu no irc ifi uio no irc uib no Have a look at Section 1 2 for help on setting up and configuring the an IRC client 1 3 Inviting a Skolelinux Debian edu Knowledgeable Person into Your Computer Note The two ways ssh l help localhost ssh help localhost are equal As long as your Skolelinux Debian edu computer has network connection it possible for someone else to remotely login to your computer with SSH and help you First you need to create a user Refer to Chapter 11 for creating one In the following I assume that this newly created user for this purpose has the username sshhelp On the machine where your helping hand is logged in you must also be able to login Your helping hand must supply you with a username for this purpose I will assume this username is helper If the person that is going to help you is logged into a machine with the IP number 127 217 148 238 then you use the command Chapter 1 Where and How to Get Help ssh helper 127 217 148 238 R 2100 localhost 22 to setup and start an SSH tunnel on port 21
45. install quota quotatool tjener apt get install quota quotatool simulate tjener apt get install quota quotatool Then we must umount the partition we want to apply quota on tjener umount skole tjener home0 Note If you are using a 2 4 kernel and not a 2 6 kernel see booting with 2 6 you must manually insert the necessary module modprobe quota_v2 tjener modprobe quota v2 Warning loading lib modules 2 4 27 2 386 kernel fs quota v2 0 will taint the kernel no license See http www tux org lkml export tainted for information about tainted modules Module quota_v2 loaded with warnings You should add it to the file etc modules so that it gets loaded automatically at boot echo quota_v2 gt gt etc modules 114 Chapter 8 Fine tuning You might have to stopping nfs first see resizing homeO You could probably also just run mount o remount usrquota grpquota skole tjener home0 Then we must mark that partition in etc fstab as having quotas modify the homeO line so it looks like dev vg data 1lv homeO skole tjener home0 xt3 defaults usrquota grpquota 0 2 Then we may mount skole t jener home0 tjener mount skole tjener home0 Then we create the quota database files and give the appropriate permissions tjener touch skole tjener home0 aquota user tjener touch skole tjener home0 aquota group tjener chmod 600 skole tjener home0 aquota user tjener chmod 600 skole tjener home0
46. iso Further information about where to download the CD and which version is the latest stable one can be found at http www skolelinux org portal get_started download document_view 6 1 2 Get the latest CD sent by snail mail According to http www skolelinux org portal get_started cd document_view you can have the cd send to you for the cost of the CD and shipping Send an email to lt cd skolelinux no gt remember to include the address you want the CD sent to in the email 6 2 First Stage The installation of Skolelinux Debian edu is divided into two stages referred to as firststage and secondstage The first stage starts when the machine boots from the Skolelinux Debian edu CD and ends with the first reboot The second stage starts when the machine boots from GRUB and ends when the installation is finished and the machine reboots for all services to properly restart It s during the second stage that you type the root password firststage usually takes about 10 minutes on a relatively fast machine while secondstage takes a bit more about 15 45 minutes The Different Steps in the First Stage of Installation 1 Power up your machine making sure it is able to boot from the CD ROM See Section 5 1 46 Chapter 6 The First Stage of Skolelinux Debian edu Installation If your machine is able to boot from the CD ROM then you will be met by this picture Important Throughout the installation you will only use the keyboard n
47. knowledge not possible yet with the provided software from Smarttech to use the USB cable on Linux although the Linux kernel recognises the device when plugged in with USB cabel my advice is to demand a fix for this C 1 Setup A touchboard is a big touch sensitive board which together with a video projector makes it possible to stand up by the board and press and write on it about the same as you would do with a regular whiteboard Warning have only got experience with connecting it via PS 2 Mouse and not USB If your Smartboard has a USB connection to your computer then this recipe may not be very helpful for you You will then need to get in touch with the dealer importer for help In order to get a Smarttech Touchboard to function you need to download and install the SMART Board software The latest version is SMART Board software version 8 0 0 which can be downloaded from smarttech com http www smarttech com support software unix asp where you will find versions for Red Hat Linux 7 1 or higher Mandrake Linux 9 1 and SuSE Linux 8 2 all of these versions are identical No versions are available for Debian or Skolelinux Debian edu Fortunately the ones that are available also work for Skolelinux Debian edu right out of the box The program to be downloaded is called Linux_SMART_Board_Software bin In order to install it you need to make it ready to run with this command chmod 755 Linux SMART Board Software bi
48. longer have any use for or place for Figure 9 9 Slbackup SSH Keys slbackup ssh keys In order to be able to take a backup over the network from other machines without being asked each time for a password SSH has been set up in such a way so that you only type in the password once See ssh for more about ssh 9 4 1 Comparison of Various Versions of the Same File If you have destroyed the format of a file for example etc stab but you know that you have a backup of that file which is good then you can use on of several programs to compare the various versions of that file If you have chosen to restore then the old version of the file etc fstab will be placed in the directory tmp lt machinename gt etc fstab A command line based program is included to do a comparison of the files The program is called diff and is used in this fashion diff etc fstab tmp lt machinename gt etc fstab In this example I have two examples of the file fstab There is an error in one of them it has two spellingmistakes This is the result of running the command diff with these two files tjener diff etc fstab tmp tjener etc fstab 7 8c7 8 lt dev vg data lv home skole tjener home0 x3 defaults 0 2 lt dev vg_data lv_bakup skole backup ext3 defaults 0 2 gt dev vg data lv home0 skole tjener home0 xt3 defaults 02 gt dev vg data lv backup Skole backup ext3 defaults Fortunately there are other programs that do t
49. on how many users you have You should opt for SCSI disks or SATA Only use IDE disks for small networks with few users Chapter 2 Getting the Right Hardware The size of the disk or the RAID is dictated by how many users you have and how much space you give each of them See TODOSection 8 10 A network card of good quality 100Mbit or 1000Mbit The CPU doesn t need to be very fast about 500 1000MHz should do fine This profile is mainly a file server profile 512MB 1GB RAM should be enough Warning The hardware specifications listed here are based on my own experience your mileage may vary 2 3 Thin Client Server The function of this profile is further described in TODO Section 5 2 The most important absolutely important thing is plenty of high quality ECC RAM The amount of RAM you need depends on how many thin clients you have and the pattern of use see TODO the sidebar To do The rule of thumb says 64 124MB RAM on the thin client server for each thin client you have and about 256MB for the server itself For about 40 50 thin clients 4GB of RAM is sufficient which is also the maximum amount of RAM that a ready compiled Linux kernel for Skolelinux Debian edu supports See TODO Section 8 4 how to install a kernel with support for up to 4GB of RAM and multiprocessor SMP If you have more than 4GB of RAM in your server then you must compile your own kernel with support for that That is not yet the scope o
50. or hosts in Internet lingo It can also keep track of other netgroups and this simplifies administration of for example access to the Internet or to a file server It is much easier to administer groups of hosts than specifying every single host everywhere You have to use netgroups correctly to avoid extra administration For example it is useless to have a netgroup named workstation hosts with 250 different hosts in it It is better to use subgroups The on workstations could be grouped into computerlab01 hosts computerlab02 hosts and teachers hosts and these could be subgroups to another netgroup named workstation hosts In the future Skolelinux will probably use netgroups for various other tasks Today they are used to prevent access of unwanted guests to the file server 8 6 1 The Netgroup Module To edit netgroups you have to use Webmin The module is named Edit host netgroups and is found under the System tab Figure 8 4 Overview of Netgroups FIXME 39 description of image On a newly installed Skolelinux server the following netgroups are added Itsp server hosts All of the thin client servers in the network 86 Chapter 8 Fine tuning printer hosts All of the printers in the network server hosts All of the servers in the network This is primarily tjener but if you move for example the backup service to another host add that host here workstation hosts All of the groups
51. security debian org sarge updates non fr Release ftp debian org sarge main Release 95B ftp debian org sarge contrib Packages 56 2kB ftp debian org sarge contrib Release 98B ftp debian org sarge non free Packages 58 4kB ftp debian org sarge non fr Release 99B tched 3635kB in 23s 157kB s Reading Package Lists Done You should always run this command before you upgrade or add new packages 538B 13B 20B 114B 101 Chapter 8 Fine tuning 8 9 2 Upgrading All Installed Packages to a Newer Version Sometimes you will see a message concerning changes Changelog that concerns the packages that you are about to install upgrade such as unzip 5 50 1woody4 oldstable security urgency low Fixed CAN 2005 2475 again Patch backported from 5 52 5 Changed unzip banner line This is a modified release Use the SPACEBAR on the keyboard to page through to the end of the message where you will see Fixed toctou vulnerability CAN 2005 2475 END Press the Q key for Quit and then you will see Fetched 60 2MB in 11m24s 87 9kB s Reading changelogs Done apt listchanges Do you want to continue Y n In order to continue you must press Y for Yes All of the packages that have already been installed can be upgraded to a newer version with the command apt get upgrade tjener f apt get upgrade Reading Package Lists Done Building Dependency Tree Done
52. t work with your network card then you can visit rom o matic com http www rom o matic com and follow the online instructions there for making boot floppies These boot floppies can be created from a Windows Linux or Mac machine You need a minimum of 32MB RAM in the thin client In Skolelinux Debian edu there is the possibility to use swap over NFS to the thin client This is done automatically if you add the MAC address of your thin client in etc dhcp3 dhcpd cont Have a look at Section 8 7 4 ll Chapter 2 Getting the Right Hardware The option to use or not to use swap over NFS to the thin client is set in the opt ltsp i386 etc lts conf look out for this USE NFS SWAP mox SWAPFILE SIZE 32m In this case swap over NFS is turned on and the swapfilesize is 32MB this swapfile is created on the thinclientserver make sure you have enough space in the partition var opt ltsp swapfiles if not have a look at Section 8 5 5 for increasing it Your processor doesn t need to be faster than 100MHz There is absolutely no need for a hard drive It just makes noise generates heat and uses unnecessary power Remove it or disable it physically A floppy drive if you want to use it in the thin client see TODO 7 A connector for USB if you want to use it in the thin client see TODO 6 A PCI sound card if you want to use sound on your thin client only advisable if you have enough bandwidth available Sound
53. taking away the simulate It s also a good thing to consider using aptitude dist upgrade in combination with apt get upgrade or instead of Once you are done with the upgrade you should delete the packages that have been downloaded and placed in var cache apt archives you delete these with the command apt get clean If you don t do this regularly the partition var will fill up 8 9 3 Overview of Installed Packages You can get an overview of installed packages using the command dpkg list more niin Be aware that the first two letters indicate the status of the package ii means that it is fully installed If you are looking for a specific package to find out if it is installed or what version you have installed use grep to search for it tjener dpkg list grep apache ii apache 1 3 2936 versatile high performance HTTP server 103 Chapter 8 Fine tuning ii apache common 1 3 33 6 support files for all Apache webservers ii apache2 utils 2 0 54 4 utility programs for webservers 8 9 4 Finding the Name of a Specific Package If you don t remember the name of a package you can do a search of the database with the command apt cache search lt packagename gt If there is too much text on the screen then you can try apt cache search lt packagename gt more The two symbols and gt must not be used They are only used in this example tjener apt cache search apache
54. tftpd atftpd ooo oogoo ooo vy 22121 22121 22121 22121 22121 22121 22129 22121 22124 22121 22121 22121 Serving Serving Serving Serving Serving Serving Serving Serving Serving Serving Serving Serving n EE C S Fh Fh Fh Fh Fh Fh Fh Fh Fh Eh Fh Fh 0 10 pboo pboo pboo pboo pboo pboo pboo pboo pboo pboo pboo pboo to 00 t pxe t pxe t pxe t pxe t pxe t pxe t pxe t pxe t pxe t pxe t pxe t pxe 01 02 4c 85 fb via ethl linux linux linux linux linux linux linux linux linux linux linux linux 0 to 192 2 0 cbDo 192 cfg 01 0 cfg C0A8 Cf g C0A8 cfg C0A8 cfg C0A8 cfg C0A8 cfg COA cfg C to 142 168 0 10 20 168 0 10 20 0 01 02 4c 8 000A to 192 000 to 192 1 00 to 192 16 0 to 192 168 to 192 168 to 192 168 0 cfg CO to 192 168 0 192 168 0 1 cfg default to 192 1 Chapter 9 Services Out of the Box in Skolelinux Debian edu Note You must be root to be allowed to read most of the files in var 1og If you are logged on as a normal user then you may become root with the command su 9 13 Webmin 9 14 Squid Squid is a high performance proxy caching server for web clients What it actually does is to try to prevent different users from fetching the same file several times instead it keeps a copy of that file in it s cache and the users get that copy instead That is a lot faster than downloading the file
55. the profile mainserver then you have to login to reboot shutdown the machine as in Figure 7 9 then you login as user root Then you can shutdown your machine with either of the commands halt init 0 or shutdown h now and reboot with reboot shutdown r now or init 6 If your machine stops with the message Power Down on the screen when you want to turn it off you can try to see if loading the module apm helps Be warned that not all servers like the module apm especially machines with several processors Run the command modprobe apm if the machine doesn t complain and the machine turns itself completely off then you can permanently add the module by running the program modconf from the command line Figure 7 13 Now you may turn of the machine turn of the machine modconf 62 Notes Chapter 7 The Second Stage of Skolelinux Debian edu Installation Then find the line towards the bottom kernel arch i386 kernel and there choose apm Figure 7 14 modconf apm modconf apm Just press ENTER when asked any questions You know that the machine accepts apm when you see this Installation succeeded Please press ENTER when you are ready to continue Now it should turn itself off completely Warning Just remember that not all machines like apm Why do you want to turn off your server anyway Note You could also just have used nano etc modules and there added apm 7 1 3 Bugzilla Skolelinux Debian edu has a bug
56. these profiles in this document 44 Notes Chapter 5 Skolelinux Debian edu Installation Standalone and standalone extras The two profiles standalone and standalone extras cannot be installed on the same machine together with any of the profiles main server workstation and thin client server The standalone profile is experimental and not yet functioning Machines running the standalone profile are meant to be run outside the Skolelinux Debian edu network e g in the homes of pupils and teachers as a standalone machine The standalone extras profile is complementary to the standalone profile providing extra programs for it 1 Maybe someone in the future will add the possibility to play Solitaire during installation 2 Seethe sidebar GUI for a short explanation on GUI 45 Chapter 6 The First Stage of Skolelinux Debian edu Installation 6 1 Where to get the Skolelinux Debian edu CD ROM There are basically two ways of getting the Skolelinux Debian edu CD ROM Either you download it yourself or you get someone else to do it for you 6 1 1 Downloading the Skolelinux Debian eduCD ROM The version Skolelinux Debian edu that this document is aimed at is the Sarge based pr05 ftp ftp skolelinux no skolelinux cd debian edu_sarge i386 pr05 iso The most recent testing version released after the writing of this document is located at ftp ftp skolelinux no skolelinux cd debian edu_sarge i386 current
57. to the overview when you are finished making your changes Notice the actions in the action queue When you are done enter your LDAP password and click on Execute actions The changes are sent to the catalogue server and you get a new window showing the replies from the server For every successful action the server replies Success You can remove actions you regret or made by mistake Select the actions you want to remove from the queue and click on Delete selected actions Actions depending on those removed will not be executed If you remove for example the action Add netgroup computerlabO1 hosts then the action Add host s dhcp123 dhcp124 dhcp125 will not be executed Figure 8 7 Changes are Saved FIXME 42 description of image 8 6 4 Adding a New Netgroup Enter the name of the new netgroup in the Name of group text field in the New group area and click on Create group The name has to be between 9 and 40 characters and contain only alphanumeric characters and hyphens Figure 8 8 Adding a New Netgroup FIXME 43 description of image The new netgroup is now listed together with the other groups 88 Chapter 8 Fine tuning Figure 8 9 New Group Added FIXME 44 description of image 8 6 5 Adding a Subgroup In the overview click on the group to which you want to add subgroups If you want to add computerlab01 hosts as a subgroup to workstation hosts click on workstation hosts Figure 8 1
58. up Desktop Menu bar etc the Same for Everyone When the User is Created There are some people who think that the appearance of the desktop which accompanies Skolelinux Debian edu is not totally optimal Maybe you would like to give all of your users another background picture other icons on the desktop other icons on the K menu and taskbar in KDE It would be great if that could be done in such a way that everything was done once and for all in a simple fashion The secret lies in placing the files that you want all of your users to get when each user is created in the correct directory in this case in the directory named etc skel If your users already exist then see 7 og Section D 4 Everything that is placed in the directory etc skel1 will get copied to the user s home directory when the user is created For example if a file test t xt is placed there then it will be put in the home directory with the correct permissions and ownership 149 Chapter 10 Special Adaptations for your Users What we want is for everyone from the start should get a predefined setup of background desktop K menu etc in KDE The way this is done is to make a user which serves as a template Call this user for example golden see Chapter 11 to find out how to create a user Now log in as this user and set up thing the way you want them to be Then copy the directory that contains all of the relevant KDE configuration files into etc skel1 You find th
59. users with just one click The result of having chosen Disable Login is seen as a fine red cross for that user Figure 11 13 Re enabling Login FIXME 85 description of image By putting a cross in front of the user and clicking on Enable Login you will see a green cross reappear in front of that user The user can login again 11 1 5 Changing a User s Password You first search for the users in question either by his fullname or by his loginname once you have found him click on User Data this will bring up a interface where you can change the users password Figure 11 14 Change a users password FIXME 89 description of image 11 1 5 1 User changing his own password If the users knows his password his can himself change it to something else also using any webbrowser and the address https tjener intern 10000 ldap users Figure 11 15 Users logins into Webmin as himself FIXME 89 description of image The users uses his own username and password to login to Webmin 158 Chapter 11 Useradministration with WLUS in Webmin Figure 11 16 WLUS for the user FIXME 89 description of image When an ordinary user logins into webmin he only has access to wlus and only to the part concerning himself Figure 11 17 Users changes his password FIXME 89 description of image The new desired password must be entered twice once in the field User s Password and again the same in Reconfirm User s Password a
60. while others have a graphical interface like kwrite Tip Everybody should learn how to use the command line based editor nano sooner or later preferably sooner For starters try using kwrite you ll find it in K rmenu Editors Text editor you could also just write kwrite in Run command This is what kwrite looks like with the file etc modules opened Figure 8 3 kwrite kwrite 8 2 2 How to Edit System Configuration Files The same file as in Section 8 2 1 opened with the textbased commandline editor nano the command used is nano etc modules 65 Chapter 8 Fine tuning GNU nano 1 2 4 File etc modules etc modules kernel modules to load at boot time This file should contain the names of kernel modules that are to be loaded at boot time one per line Comments begin with f a t and everything on the line after them are ignored ide cd ide detect ide disk psmouse apm Read 11 lines G Get Help O WriteOut R Read File Y Prev Page K Cut Text X Exit J Justify W Where Is V Next Page U UnCut Txt Note What you should realize is that you can always use nano while kwrite needs a GUI to work Tip If you need to edit a file on a different machine say you sit on a thinclient and want to edit some file on the fileserver assuming you don t have a combi server then the following command which involves ssh will do that This will open the file in question on the fileserver
61. would use apt get install kernel image 2 6 k7 smp When you install the new kernel you may see something like this tjener apt get update tjener apt get install kernel image 2 6 686 smp Reading Package Lists Done Building Dependency Tree Done The following extra packages will be installed kernel image 2 6 8 2 686 smp Suggested packages lilo kernel doc 2 6 8 kernel source 2 6 8 Recommended packages 68 Chapter 8 Fine tuning irqbalance The following NEW packages will be installed kernel image 2 6 686 smp kernel image 2 6 8 2 686 smp 0 upgraded 2 newly installed 0 to remove and 0 not upgraded Need to get 15 3MB of archives After unpacking 44 9MB of additional disk space will be used Do you want to continue Y n Get 1 http ftp debian org sarge main kernel image 2 6 8 2 686 smp 2 6 8 16 15 3MB Get 2 http ftp debian org sarge main kernel image 2 6 686 smp 101 2154B Fetched 15 3MB in 1m13s 208kB s Selecting previously deselected package kernel image 2 6 8 2 686 smp Reading database 80762 files and directories currently installed Unpacking kernel image 2 6 8 2 686 smp from kernel image 2 6 8 2 686 smp 2 6 8 16 i386 Selecting previously deselected package kernel image 2 6 686 smp Unpacking kernel image 2 6 686 smp from kernel image 2 6 686 smp 101 i386 deb Setting up kernel image 2 6 8 2 686 smp 2 6 8 16 File descript
62. 0 Adding a Subgroup FIXME 45 description of image Select the group you want to add as a subgroup and click on Add selected groups The subgroups are now listed as a subgroup Figure 8 11 Subgroup Added FIXME 46 description of image Remember to save your changes 8 6 6 Deleting a Netgroup In the overview select the netgroups you want to remove and click on Delete selected groups Remember to save your changes 8 6 7 Removing Hosts from a Netgroup In the overview click on the group you want to change Select the hosts you want to remove and click on Remove selected hosts Remember to save your changes 8 6 8 Removing a Subgroup In the overview click on the group you want to change Select the subgroups you want to remove and click on Remove selected subgroups 89 Chapter 8 Fine tuning Remember to save your changes 8 7 Thin Client Setup Each thin client has a wide range of options that can be changed on an individual thin client basis Video card PXE network card or regular network card Will it act as a print server Serial PS 2 USB or scrollmouse A really useful program is the package Itsp utils With that installed you can reboot or shutdown the thinclients from the server and query info such as amount of memory type of videocard processor and so on all without having to go to where the thinclients are placed physically Install in with apt get install Itsp utils Al
63. 0 684 0 0 agnes E 7860 0 0 563 0 0 kristof 7856 0 0 606 0 0 matthias 11044 0 0 668 0 0 sven 14848 0 0 650 0 0 gustav m 8360 0 0 608 0 0 eli 10412 0 0 678 0 0 anna 7972 0 0 565 0 0 linemar 7804 0 0 564 O 0 marcus m 15344 0 0 719 0 0 karl 7244 0 0 570 0 0 regine 9700 0 0 700 0 0 Now we are ready to put some quotas on our users First we setup quotas for one user then we use those settings for all our other users Lets setup for the user klaus like this EDITOR nano edquota u klaus This will use the well known editor nano for setting up the quota Disk quotas for user klaus uid 10011 Filesystem blocks soft hard inodes soft hard dev mapper vg_data lv_home0 5252 6252 7252 275 0 Read 3 lines G Get Help X Exit O WriteOut J Justify R Read File W Where Is Y Prev Page V Next Page K Cut Text U UnCut Txt C Cur Pos T To Spell 116 Chapter 8 Fine tuning Once you are done setting up quotas for one user in this case the user klaus you use the command edquota p klaus someone This will give the user with the username someone the same quota as the user klaus There is also a Webmin module available for quotas apt get install webmin quota The new Webmin quota module is available in the System section of Webmin same place as the Idap user module The url is Webmin Disk Quotas https tjener intern 10000 quota Figure 8 12 Webmin disk quota icon
64. 0 Metric 1 RX packets 307395 errors 0 dropped 0 overruns 0 frame 0 TX packets 281202 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 272404311 259 7 MiB TX bytes 47880640 45 6 MiB Interrupt 10 Base address 0xb800 Memory e3000000 e3000038 lo Link encap Local Loopback inet addr 127 0 0 1 Mask 255 0 0 0 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 14565 errors 0 dropped 0 overruns 0 frame 0 TX packets 14565 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 1290756 1 2 MiB TX bytes 1290756 1 2 MiB Ismod 33 Chapter 3 Firewall Router for Skolelinux Debian edu This command lists loaded driver modules useful to see which driver modules are used by the network cards coyote lsmod Module Size Used by eeprol100 17516 1 3c59x 24408 li mii 1852 0 eepro100 ip nat quake3 1608 0 unused ip nat mms 2448 0 unused ip nat h323 2044 O0 unused ip nat amanda 1020 0 unused In this listing you ll see that the network card driver modules Intel pro100 and 3com series 3c59x which include 3c590 3c595 3c900 3c905 are loaded See Section 3 12 route traceroute Useful to trace the route a network packet takes a nice way to find out where the problem really lies showcfg Another command that gives information about the state of the network cards Coyote running configuration display utility Internet eth1 UP LAN network eth0 UP Inte
65. 00 Your helping hand can use this SSH tunnel to log into your Skolelinux Debian edu machine and help you Now after you have started the SSH tunnel with the command above your helper will be able to login to your machine with this command issued on his machine ssh p 2100 sshhelp localhost It s normal that you see something like this the first time you connect to a machine via SSH The authenticity of host bla bla bla bla can t be established RSA key fingerprint is 32 0e ef 60 9 26 41 78 75 10 56 a4 29 23 0a 3p Are you sure you want to continue connecting yes no Just answer yes here Please have a look at the manual page for SSH man ssh or write man ssh in the address field in the browser file manager Konqueror so that you understand the different options used in the commands above If you are reading this document online with Konqueror then just click here man ssh 1 4 Permanent Backdoor into a Skolelinux Debian edu Machine with a SSH Tunnel There are places where the one in charge of the network is not you and where this someone who is in charge of the network has blocked incoming SSH connections If we could login to our server from anywhere then our life as administrator would be very comfortable indeed To overcome such showstoppers in the network we have included in Skolelinux Debian edu a script that sets up an SSH tunnel similar to the one in Section 1 3 but with an added feature no need for a helper on the
66. 00 00 86 4A 58 5A which are 91 Chapter 8 Fine tuning numbers given in the hexadecimal system If you don t see anything like that printed on the card then you can have a look at the file var log syslog where the thin client S MAC address is registered when it tries to start up To see what is being logged at the time the thin client starts up use the command tail f var log syslog then you will see something like Jan 4 19 04 44 tjener dhcpd 2 2 x DHCPDISCOVER from 00 00 86 4a 58 5a via ethl Jan 4 19 04 44 tjener dhcpd 2 2 x DHCPOFFER on 192 168 0 201 to 00 00 86 4a 58 5a via eth Jan 4 19 04 45 tjener dhcpd 2 2 x DHCPREQUEST for 192 168 0 201 from 00 00 86 4a 58 5a vi Jan 4 19 04 45 tjener dhcpd 2 2 x DHCPACK on 192 168 0 201 to 00 00 86 4a 58 5a via ethl Here you can see the MAC address together with the IP number given to each thin client If you have enabled a shell on the thinclient you can use the command ifconfig directly on the thinclient to see that MAC address it have To enable a shell on the thinclient you must have this line in your opt ltsp i386 etc ltsp conf put it under the section Default SCREEN 02 shell After you have added this line to opt 1tsp 1386 etc ltsp conf you must reboot the thinclient Then you access the shell directly on the thinclient with the keyboard combination ALT F2 and use ALT F1 to return Once in the shell directly on the thinclient use the command i
67. 10M 652K 9 4M 7 dev 6 If you found when checking the space available in vg system something like this vgdisplay dev vg system Free PE Size 175 5 47 GB then you have 5 47GB free space that you can use to extend 1v usr If you want to increase the size with 1GB then this is the commands to use e2fsck fy dev vg system Iv usr Ivextend size 1G dev vg system lv usr resize2fs dev vg system lv usr If you want to increase the size with 100MB then this is the commands to use e2fsck fy dev vg system Iv usr Ivextend size 100M dev vg_system lv_usr resize2fs dev vg system lv usr If the resize was successful then you can mount the partition with mount usr Then check the new size of the partition with df h usr In this case it should look something like Filesystem Size Used Avail Use Mounted on dev vg system lv usr 2 0G 400M 1 6G 20 usr 7 Now you can restart the machine with init 6 and your users can logon 8 5 1 1 Problems and Solutions Q When I try to unmount a partition it fails with the error device busy A This is most likely due to the fact that a user or a program is using that partition If you are trying to unmount skole t jener homeO then it is possible that not all of your users have logged out If you are trying to unmount var then you must first unmount the partition var opt ltsp swapfiles lf the device is still busy then if possible try to bring the machine down to runlevel
68. 2005 09 24T22 45 23 402 00 dir Sat Sep 24 21 45 23 increments 2005 09 25T22 45 22 02 00 dir Sun Sep 25 21 45 22 increments 2005 09 26T22 48 25 02 00 dir Mon Sep 26 21 48 25 increments 2005 09 27T22 45 23 02 00 dir Tue Sep 27 21 45 23 increments 2005 09 28T22 48 23 02 00 dir Wed Sep 28 21 48 23 increments 2005 09 29T23 15 18 02 00 dir Thu Sep 29 22 15 18 increments 2005 09 30T23 14 56 02 00 dir Fri Sep 30 22 14 56 increments 2005 10 017T23 14 07 02 00 dir Sat Oct 1 22 14 07 increments 2005 10 02T23 13 02 02 00 dir Sun Oct 2 22 13 02 increments 2005 10 03T23 14 12 02 00 dir Mon Oct 3 22 14 12 increments 2005 10 04T23 14 58 02 00 dir Tue Oct 4 22 14 58 increments 2005 10 06T00 00 44 02 00 dir Wed Oct 5 23 00 44 increments 2005 10 06T23 56 501 02 00 dir Thu Oct 6 22 56 50 Current mirror Fri Oct 7 22 59 53 2005 If you now want to restore some files say from the date 2005 10 04T23 14 58 the files in etc network interfaces and place them in tmp intefaces you could use rdiff backup restore as of 2005 10 04T23 14 58 tjener skole backup tjener etc network interfaces tmp interfaces 20 20 20 20 20 20 20 20 20 20 20 20 20 OOO GOGO G OOO G OO OS CO10101 01010101 010101 O1 O1 wo If you rather have the newest available file from the backup you use the keyword now for date like this rdiff backup restore as of now tjener skole backup tjener etc network interfaces tmp interfaces 127 Chapter 9 Servic
69. 40 4 1 1 The different profiles on different servers ssesseeeeneneenen 40 4 1 2 The two profiles Main server and Thinclientserver combined to make Combiserver 40 5 Skolelinux Debian edu Installation eese eee eere esent ne einen atn tn stata tatnen neta inta sin en sata suain 41 5 1 Preparing the Machine to Boot from CD ROM ceseesecesceeceeeseeecaeesaesaeceeceseeseeeaseneeaee 41 5 1 1 Using Smart Boot manager SBM sess enne 42 5 2 A Short Description of the Profiles in Skolelinux Debian edu esses 43 6 The First Stage of Skolelinux Debian edu Installation eere eee eee ee setenta tatnen 46 6 1 Where to get the Skolelinux Debian edu CD ROM serene 46 6 1 1 Downloading the Skolelinux Debian eduCD ROM sene 46 6 1 2 Get the latest CD sent by snail mail sese 46 6 2 Burst Stage suoecteg a PRU ENTER Edita 46 6 2 1 Different bootoptions ect mem REDE d ree er rere eR dy 47 6 2 2 Choosing language ee punte e etre prd 49 6 2 3 Virtual terminal VT emet Rec alii aie besos 49 6 2 4 The special case of SATA disks and the missing cdrom sess 50 6 2 5 Information about profiles sese eere en nennen 50 6 2 6 Manually adjusting the partition size for automatic partitioning sess 50
70. 48 69 Here I have trimmed the output a bit removed the unnecessary output ltspserver00 4 cat proc cpuinfo processor 0 vendor id GenuineIntel cpu family To model 2 model name Intel R Xeon TM CPU 2 66GHz processor 1 vendor_id GenuineIntel cpu family 15 model 2 model name Intel R Xeon TM CPU 2 66GHz processor 2 vendor id GenuineIntel cpu family 15 model 2 model name Intel R Xeon TM CPU 2 66GHz processor 3 vendor id GenuineIntel cpu family 15 model 2 Chapter 8 Fine tuning model name Intel R Xeon TM CPU 2 66GHz Need more than 4GB of RAM If you need support for more than 4GB of RAM in your kernel then you have to compile your own kernel or get someone else to do it for you If you now run uname a after you have installed a new kernel you will see tjener uname a Linux tjener intern 2 6 8 2 686 smp 1 SMP Thu May 19 17 27 55 JST 2005 i686 GNU Linux 8 5 Changing the Size of the LVM Partitions Remember to reduce the size of the filesystem You must remember to reduce the size of the filesystem that is on the volume before you shrink the volume itself otherwise you will lose data When shrinking the size of the filesystem you must know the knew size of the volume in blocks 70 Chapter 8 Fine tuning Remember backing up your data before trying to resize your filesystems It s always smart to read the manual pages regarding the commands you use The manual page f
71. 5 d 5 10019 10019 4096 2005 11 21 17 47 demo d 5 10020 10020 4096 2005 11 21 17 47 demo8 d 5 10021 10021 4096 2005 11 21 17 47 demo9 The just deleted users homedirectories are still there but notice the permissions they are ownerless and without any permissions at all If you relay want to remove and delete this users from the system remove their homedirectories and usernames from the LDAP database then there is a script that will do that for you usr share debian edu config tools ldap user clean attic sh lets run it without any arguments see what it expects tjener usr share debian edu config tools ldap user clean attic sh usage usr share debian edu config tools ldap user clean attic sh NUMBER OF DAYS where NUMBER OF DAYS is the limit of which to delete users users will be delete from the attic and their home directory will be removed So running it with the argument 0 will delete all deleted users tjener usr share debian edu config tools ldap user clean attic sh 0 Enter LDAP Password 163 Chapter 12 Configuration Use of the Most Used Programs 12 1 Konqueror File Manager You find the file manager in K menu Home Directory Your home directory is that part of the hard drive where your files are stored The symbol for your home directory is a house The file manager is in fact a web browser called Konqueror In its current v
72. 7 Resizing var spool squid This lv belongs to vg system and it s only present in the profile mainserver This partition hold the cache belonging to squid which is a FTP HTTP and HTTPS proxy cache This partition is changed the same way as swapfiles Make sure you stop squid before you try to resize etc init d squid stop 80 Chapter 8 Fine tuning otherwise you only end up with umount var spool squid device is busy The maximum size of this cache is default set to 100MB look in the file etc squid squid conf for the line number 699 cache dir ufs var spool squid 100 16 256 If you need a bigger squid cache remove the in front of the line and change the 100 to desired size Then you must stop squid resize the squid cache and finally start squid again If you need 500MB for your squid cache this line will do that cache dir ufs var spool squid 500 32 256 etc init d squid stop squid z etc init d squid start 8 5 8 Adding a New Volume lv For things such as video and picture as well as users that need extra file space you might need to create anew volume Let s pretend you need a volume for our video footage Let us name it video and place it in vg data as dev vg_data lv_video and mount it at skole video First you need to find out how much space you have available in vg_data vgdisplay dev vg data or maybe there is more space in vg system vgdisplay dev vg system Another option that displays
73. 768 800x600 640x480 MONITOR MODE 1024x768 70Hz MONITOR DEFAULT DEPTH 16 tjener dexconft tjener dpkg reconfigure xserver xfree86 If this didn t help then use the output from Ispci and write a bugreport You might also have some success editing the file etc X11 XF86Config 4 7 1 1 2 Networkcards not found Sometimes the installer doesn t recognise your networkcard you will then see such a message Figure 7 11 Missing networkcard Missing nic If you are missing some of your networkcards then it might just be that it s so new that Linux doesn t know about it yet and are at loss when it comes to knowing which driver to use sometimes it then helps to manually load the driver but first you must find out what kind of networkcard you have and what driver you need A useful command is lspci and lspci vn the later is much more verbose once you know what driver you need then load it manually with the command modprobe driver name to have it permanently loaded every time you boot have a look at the file etc modules it might also be that you just need to add the PCIID that you got from lspci to the file usr share discover pci lst or maybe usr share discover pci 26 1st The output of Ispci might look like this tjener lspci 0000 00 00 0 Host bridge ServerWorks GCNB LE Host Bridge rev 32 0000 00 00 1 Host bridge ServerWorks GCNB LE Host Bridge 0000 00 02 0 VGA compatible controller ATI
74. A type which means their IO IRQ and such must be configured by hand not automatically which can be quite a challenge especially if you use two of them in a machine 38 Chapter 3 Firewall Router for Skolelinux Debian edu The IO and IRQ on these cards must be configured with a old DOS configuration program which can be a bit hard to find these days This DOS configuration program is called 3c5x9cfg exe and you use it like this 1 Boot the machine into DOS either MS DOS or Freedos or any other DOS variant Using a W95 or W98 boot floppy is one way of doing it 2 Once the machine is in DOS insert the floppy with the program 3c5x9c g exe and run it by typing 3c5x9cfg exe using the DOS command line 3 Once 3c5x9cfg exe is started then with each of your 3c509 network card configure them with the option auto Note There have been reports of problems with two 3c509 s in the same machine when one of the cards is a combo type which is a type of card that has several different types of network connectors It s possible to find 3c5x9cfg exe here Ruprecht Karls Universitat Heidelberg http www urz uni heidelberg de Netzdienste nm misc 3comnic 3 13 Further Information about Coyote Linux Coyote Linux homepage http www coyotelinux com Coyote Linux userforum high activity http www vortech net phorums list php 8 Coyote Linux FAQ choose 2 x General http www coyotelinux com faq Another FAQ by Tod
75. Board export PATH S SBOARD INSTALL PATH bin PATH export BROWSER konqueror if SLD LIBRARY PATH then export LD LIBRARY PATH usr X11R6 lib LD LIBRARY PATH SBOARD INSTALL PATH lib else export LD LIBRARY PATH usr X11R6 1lib SBOARD INSTALL PATH lib fi if SXFILESEARCHPATH then export XFILESEARCHPATH usr X11R6 lib locale L T SN S usr X11R6 lib T N S XFILESEARCH else export XFILESEARCHPATH usr X11R6 lib locale L T N S usr X11R6 lib T N S SBOARD_INST fa eval exec usr bin SMARTBoard bin SMARTService The file HOME SMARTBoard SMARTBoardService log should contain useful information if your board doesn t function mine says Board on port dev ttyS0 has been opened successfully Board on port dev ttyS0 hardware version 7 29 Board on port dev ttyS0 check sum 0x664B664B Board on port dev ttyS0 hardware model 4 133 5 174 Appendix D Various Homemade Solutions D 1 Downloading New Versions of Skolelinux Debian edu CD in a Smart Way with the Help of rsync There are constantly new versions available of the Skolelinux Debian edu CD An entire CD is about 650MB which with a normal ADSL line takes 2 3 hours to download even longer time with ISDN If you want to keep up with the latest version of the Skolelinux Debian edu CD you either have to download it yourself or get someone else to download it and burn i
76. Debian edu is purely text based no use for a mouse This means that all choices are marked and done using the keyboard only Let me remind you of the placement of the keys used during installation and their purpose 1 SPACE is the very long key at the bottom of the keyboard During installation this is used to mark a choice 2 ENTER is the big key to the right on the keyboard which is used during installation to execute your choice It s sometimes referred to as RETURN 3 TAB is to the left on your keyboard Normally it has two arrows pointing in opposite directions It is used during installation to jump between different menu choices in the installer 4 BACKSPACE is not used during installation but it s nice to know where it is It s normally placed above ENTER It normally has a picture of a rubber with a X inside Have a look at Section 6 2 1 3 for an image of a keyboard The installation of the different Skolelinux Debian edu profiles mainserver Thinclientserver and workstation are almost identical during the first and second stages of installation Note will not go into the details about the last two available profiles in Skolelinux Debian edu standalone and standalone extras They are not really part of the Skolelinux Debian edu network but are meant for home use First you need to make sure the machine is able to boot from the CD ROM see Section 5 1 5 1 Preparing the Machine to Boot from CD ROM Maybe your m
77. Free Software at Schools Installing and Maintaining a Skolelinux Debian edu Network Based on Debian Sarge prerelease pr05 Klaus Ade Johnstad Norway Oslo klaus inout no klaus skolelinux no Free Software at Schools Installing and Maintaining a Skolelinux Debian edu Network Based on Debian Sarge prerelease pr05 by Klaus Ade Johnstad Copyright 2002 2003 2004 2005 2006 by Klaus Ade Johnstad This document is licensed under GNU General Public License Note There is currently no author approved translation of this document Revision History Revision 0 1 01 December 2005 Revised by Klaus Ade Johnstad Start Revision 0 2 11 April 2006 Revised by Klaus Ade Johnstad Added Smartboard and some notes on Munin Table of Contents j i 1 Where and How to Get Help 1 1 Mailing lists Belonging to the Skolelinux Debian edu Project sse 1 1 2 IRC Chat Channel Skolelinux Debian edu oo eee eee esee nennen enne 1 1 3 Inviting a Skolelinux Debian edu Knowledgeable Person into Your Computer 1 1 4 Permanent Backdoor into a Skolelinux Debian edu Machine with a SSH Tunnel 2 1 5 More In Depth Linux Documentation eese ener en nennen nennen 4 1 5 1 Documentation and Help Pages Already Installed sees 4 1 5 2 This Document
78. If you delete these swapfiles they will be created again next time the thin client boots If you want to increase var opt ltsp swapfiles with 600MB the command would be umount var opt Itsp swapfiles e2fsck fy dev vg system lv ltsp swap Ivextend size 600M dev vg system lv Itsp swap 78 Chapter 8 Fine tuning resize2fs dev vg system Iv ltsp swap mount var opt Itsp swapfiles If there is already thinclients running using such a swapfile you might have to stop nfs before you manage to umount var opt ltsp swapfiles etc init d nfs common stop etc init d nfs kernel server stop And then when you are done resize start nfs again etc init d nfs kernel server start etc init d nfs common start 8 5 6 Swap This lv belongs to vg system It s present in the profiles mainserver workstation and thinclientserver Resize the swap partition is a bit different than the other partitions mainly because there is no ext2 filesystem on this partition First use free to see the current size of swap ltspserver05 free total used free shared buffers cached Mem 256968 96684 160284 0 5536 48500 buffers cache 42648 214320 Swap 524280 0 524280 Then turn swap off with the command swapoff ltspserver05 swapoff dev vg system lv swap Then resize the swap partition as usual ltspserver05 lvextend size 200M dev vg system lv swap Extending logical volume lv swap to 712 00 MB Logical volume lv swap successfully r
79. MP plugins you do this easiest with the included command munin node configure snmp gateway In my case when run against my firewall I get this in return tjener munin node configure snmp gateway ln s usr share munin plugins snmp if err etc munin plugins snmp gateway if err 1 In s usr share munin plugins snmp if err etc munin plugins snmp gateway if err 2 ln s usr share munin plugins snmp if etc munin plugins snmp gateway if 1 In s usr share munin plugins snmp if etc munin plugins snmp gateway if 2 You are now supposed to copy and paste these four lines above but make sure than you modify it a little bit so that it includes the domain intern like this tjener ln s usr share munin plugins snmp if err etc munin plugins snmp_gateway inte tjener ln s usr share munin plugins snmp if err etc munin plugins snmp_gateway inte 130 Chapter 9 Services Out of the Box in Skolelinux Debian edu tjener ln s usr share munin plugins snmp if etc munin plugins snmp gateway intern i tjener ln s usr share munin plugins snmp if etc munin plugins snmp gateway intern i After you have made changes to the file etc munin munin node conf you must restart munin node with etc init d munin node restart After a few minutes sometimes it takes as much as 10 minutes before anything happens you should see something like this at http tjener intern munin intern gateway intern html Figure 9 13 Munin SNMP firewall
80. Skolelinux Debian edu unused In this listing of loaded modules you see that the network card 3Com500 is in use twice For a list of supported modules look in Section 3 12 It would be best to write down somewhere what network cards you use in the machine What kind of port forwarding do you have Information about your port forwarding rules if you have made any is in the file etc coyote portforwards coyote more etc coyote portforwards port Y 10 0 2 2 tcp 2333 22 Example Secondary SSH 23 Chapter 3 Firewall Router for Skolelinux Debian edu 3 5 Coyote Linux Bootup There are two network card in your Coyote Linux one LAN is connected to the Skolelinux Debian edu server either directly with a crossover cable or via a switch the other WAN is your network connection Sometimes it can be a bit difficult to determine which of your network cards is which especially if they are both of the same brand The procedure I use to determine which card is which is to use a crossover cable and connect it to the network card in the Skolelinux Debian edu main server 1 First I start the Coyote Linux without any cable in the network cards 2 Then I use the crossover cable to connect Coyote Linux with the Skolelinux Debian edu main server make sure it goes into the NIC labeled ethO if the mainserver is setup as a combi server 3 Then I login to the main server and try to ping the Coyote Linux machine with the command p
81. The following packages will be upgraded apache apache common apache2 utils bsdutils cfengine cfengine doc courier authdaemon cour courier ssl cpio debian edu config debian edu install education common education main ser libmysqlclient12 libpam ldap libpcre3 libsensors3 libsm6 libsnmp base libsnmp5 libssl10 9 libxp6 libxpm4 libxrandr2 libxt6 libxtrap6 libxtst6 localization config lynx mount mysql slbackup snmp squid squid common tcpdump util linux xdebconfigurator xfree86 common xlibs 62 upgraded 0 newly installed 0 to remove and 0 not upgraded Need to get 23 7MB of archives After unpacking 225kB disk space will be freed 102 Chapter 8 Fine tuning Do you want to continue Y n Just pressing Enter or pressing Y and then Enter will download all these packages and automatically install them for you Maybe there will be a changelog displayed before the upgrade will start Warning Sometimes it s really nice to know what is actually going to happen before you start to upgrade all installed packages It s possible that it s not the right moment for you to start downloading several large packages Maybe you need to wait until there is more bandwidth available If you run apt get upgrade simulate then nothing will actually happen the upgrade will only be simulated If there is too much information on the screen then you can try apt get upgrade simulate more If it looks fine then you run the above command again
82. Versions of Coyote Linux Note This chapter should be moved to after the introductions to available commands in Coyote Linux Coyote Linux is a product that is in active development and maintenance just like Skolelinux Debian edu That means that new versions are released quite often with new features and security fixes Especially because of the security fixes you should always use the latest stable version of Coyote Linux Since Coyote Linux runs solely from floppy there is no system per se to upgrade You must create a totally new floppy as in Section 3 3 To make this process as easy as possible there are some simple things to keep in mind 1 Finding out what kind of network cards you have If you have forgotten what kind of network cards you use and didn t write it down somewhere then you can use the command lsmod to list all loaded driver modules that are in use Maybe that way you ll remember which network cards you have coyote lsmod Module Size Used by 3c509 7732 2 ip nat quake3 1768 0 unused ip nat mms 2608 0 unused ip nat h323 2060 0 unused ip nat amanda 876 O0 unused ip nat irc 1904 O0 unused ip nat ftp 2384 0 unused 22 p conn p conn p conn p conn p conn p conn H H H H H H H p_conn crac Crac Crac Crac Crac Crac Crac k quake3 k mms k h323 K egg k amanda k irc Kk EEDB 1848 2704 2065 2280 1488 2672 3440 0 Chapter 3 Firewall Router for
83. a As you can see dpkg is not as powerful as apt get because it doesn t manage to install all extra packages that is needed If we now immediately run apt get with some extra options apt get fix broken things will improve tjener apt get install fix broken simulate Reading Package Lists Done Building Dependency Tree Done Correcting dependencies Done The following extra packages will be installed 108 Chapter 8 Fine tuning libaudio2 liblcms1 libmngl libqt3c102 mt libxcursorl libxft2 Suggested packages nas liblcms util The following NEW ls libqt3c102 mt psql libqt3c102 mt mysql libqt3c102 mt odbc packages will be installed libaudio2 liblcms1 libmngl libqt3c102 mt libxcursorl libxft2 0 upgraded 6 newly installed 0 to remove and 0 not upgraded 1 not fully installed or removed Inst libaudio2 1 7 2 Debian 3 1r0 stable opera Inst liblcms1 1 13 1 Debian 3 1r0 stable opera Inst libmngl 1 0 8 1 Debian 3 1r0 stable opera Inst libxcursorl 1 1 3 1 Debian 3 1r0 stable opera Inst libxft2 2 1 7 1 Debian 3 1r0 stable opera Inst libqt3c102 mt 3 3 3 4 3 Debian 3 1r0 stable Conf libaudio2 1 7 2 Debian 3 1r0 stable Conf liblcms1 1 13 1 Debian 3 1r0 stable Conf libmngl 1 0 8 1 Debian 3 1r0 stable Conf libxcursorl 1 1 3 1 Debian 3 1r0 stable Conf libxft2 2 1 7 1 Debian 3 1r0 stable Conf libqt3c102 mt 3 3 3 4 3 Debian 3 1r0 stable Conf opera 8 51 20051114 5
84. a combination of profiles naturally means that you need two networkcards and plenty of harddrive space 2 7 2 mainserver with GUI mainserver workstation If the thought of having a mainserver without a GUI see the sidebar GUI scares you then you can have it your way with a GUI if you install both the mainserver Section 2 2 and workstation Section 2 5 13 Chapter 2 Getting the Right Hardware 2 7 3 Not all can be combined Warning Do not mix any of the network profiles mainserver Itspserver or workstation with any of the standalone profiles standalone and standalone extra 1 These are the hardware requirements for Coyote Linux version 2 24 22 1 2004 Support for machines without a math co processor was removed with version 2 11 2 This assumes a small Skolelinux Debian edu network with only one machine on the 10 0 2 23 backbone network For bigger installations this crossover cable is replaced with a straight cable connected to a switch Refer to network map at FIXME the sidebar To do The reference to 10 0 2 0 23 indicates a subnet mask format that you may not be familiar with I will use this notation throughout this document as it is easier and in my opinion more practical I will in section the sidebar To do discuss this subnet mask format 3 It s possible in theory to get it to work with as little as 12MB of RAM but it s not advisable It goes rather slowly 14 Chapter 3 Firewall Router for Skoleli
85. achine is already configured to boot from the CD ROM Start your machine with the Skolelinux Debian edu CD in the CD ROM If you then see something similar to the screenshot in Figure 6 1 then you can skip straight to Section 6 2 otherwise keep on reading 4l Chapter 5 Skolelinux Debian edu Installation If your machine has the BIOS option to boot from CD ROM then setting the CD ROM as the first boot option in the BIOS may help Later when the first stage of installation is over you should change it back so that the machine will boot from the hard drive Normally when you turn the computer on you will see how to enter the BIOS setup It s usually one of the keys F1 INS F10 or maybe DEL Refer to your manual or the supplier of the computer if you aren t able to get the machine to boot from the CD ROM 5 1 1 Using Smart Boot manager SBM Another option when the machine will not boot directly from CD ROM or you can t gain access to the BIOS is to use SBM Smart Boot Manager This is a floppy that you boot from which makes it possible to choose to boot from the CD ROM SBM is included on the Skolelinux Debian edu CD Have a look in the directory install on the CD There you will find a file called som in Transfer this file to a floppy using the utility rawrite In Windows you ll find rawrite in the directory install as well Have a look at the file rawrite2 txt for further info about rawrite Warning Do not try to simply c
86. aeens 138 9 1873333333393339 e deo Qo ee Ire em ett P e pete bote Um e eie teilte tueri 138 9 19 33333333333 uoi Sh RURSUS SERERE SEE e SER E Es 138 9 20 33333333333 4 eiit eter qe d REIR EORR AT EENQ AES REE CEN EIE EURERABL OR VEA 138 9 21 33333333339 os tede sep eo eoa a Gee OPERE eT 138 9 22 333933339933 c dios eed EU ente iu RO EO et bte E E e p Ee s 138 9 23 33333333333 ue too een du bo epa 138 9 24 33333333333 item ted det a i tede eh eite i t due et edet 138 9 25 333333333339 4 0 aria eer R Caria aD eee Ep ESO ed er Re ORTI OS 138 9 26 3333333222 I Ca c doo ee P eR haus oa leo Pee peo t sd eee dise eee 139 9 21 33333333333 i GREEN SER ERR SERERE Ets 139 9228 33333333333 55 UG OBIECTA I ES I cs 139 9 29 33333333333 iss eee tdt a ee bee et b ed ee pedet te Med dene 139 9 30 33333333333 obese de Gare an nep os ea A cepa s 139 9 3 Remote logging setup in Coyote Linux seseeeseeseeseeeeneeer eene nennen nennen ennt nennen 141 9 32 Remote logging setup in mOnOwall eseeeeseseeeeeeeeeen eene nennen nennen erre enne nenne 142 10 1 Message to Everyone Logged m 5er eie re n ree RU STR ER VEN 148 10 27 Kireker zoe epe eee eiie eee etait e TE 150 11 1 Webmm Logimn ien pert Oa nep metoteie m a ode 153 11 2 Welcome Screen Webmin LDAP User Simple WLUS eese 153 11 3 Configuration of WLEUS 35 eesee tiim beo re pre ea E Pet e ERE 153 11 4 NEW USE aie eei Pide teeters ated ora eae
87. ains more and better hardware support Press F1 for help or Enter to boot linux26 If you want to combine a 2 6 kernel and reduce the amount of ram you use Press F1 for help or Enter to boot linux26 mem 256m If you have SATA disks in your machine and boot without a 2 6 kernel you most likely will end up with the installer not seeing your harddisks like this Figure 6 2 Disks not found No disks found The solution is to use a 2 6 kernel and then some have a look at Section 6 2 4 You might also end up with the dreaded No disks found if you have a raidcontroller or scsi controller that doesn t support Linux in you machine In such a case you should search Google for possible answers in many such cases you solve the problem by manually loading the necessary modules during installation have a look at Section 6 2 3 6 2 1 3 Less automatic installation expert mode It s possible to choose a less automatic installation by booting with the option Press F1 for help or Enter to boot expert If you want to boot in expert mode with a 2 6 kernel you use Press F1 for help or Enter to boot expert26 Note Note that the keyboard layout at this stage is set to US which means that the keys might be placed differently than what you are used to The equal sign 2 key is 1 key to the left of the 48 Chapter 6 The First Stage of Skolelinux Debian edu Installation BACKSPACE and the plus sign key is SHIFT plus the equal
88. ame Recipe for Upgrading with rsync First you have to install the package rsync apt get install rsync Say you have a CD with debian edu sarge i386 pr04 iso which you want to upgrade to a newer version for example pr44 175 Appendix D Various Homemade Solutions The first thing you have to do is to copy the contents of that CD over to your hard drive You put the CD into the CD ROM and then mount cdrom Youcan check if the CD is mounted with the command df h Look at the line dev cdrom 692M 692M 0 100 cdrom After that you copy the old version from the CD over to you hard drive with the command dd if dev cdrom of skole tjener home0 iso debian edu_sarge i386 pr05 iso Replace the pr05 with the number of the new version that you want to download Now all you have to do is execute the rsync command If everything works the way it s supposed to do you will see the following on the screen klaus tjener skole tjener home0 iso rsync no whole file N progress vv stats Ndeveloper skolelinux no skolelinux cd debian edu sarge i386 pr05 iso skole tjener home0 iso skolelinux i386 pr44 iso opening tcp connection to developer skolelinux no port 873 skole tjener home0 iso woody i386 1 raw 679182336 100 1 96MB s 0 20 5 3 0 rsync 1396 receiver heap statistics arena 115288 bytes from sbrk ordblks 2 chunks not in use smblks 0 hblks 0 chunks from mmap hblkhd 0 bytes from mma
89. an Internet connection to download Coyote Linux this can either be a Linux machine or a Windows machine Coyote Linux Source files exist for Linux and Windows both produce a workable Coyote Linux floppy The procedure for making this Coyote Linux floppy is similar on Linux and Windows except that it s a command line script in Linux and a click amp point thing in Windows Download a copy of Coyote Linux from coyotelinux com http www coyotelinux com look in the section Downloads thenlookin Coyote Linux Floppy Firewall I keep a modified version of Coyote Linux on my Skolelinux Debian edu homepage In that one I have set up the IP addresses correctly according to the Skolelinux Debian edu network Get it from http www skolelinux no klaus coyote 2 24 slx tar gz What you are looking for exists in mainly two versions one for Linux Linux Floppy Creator Scripts and the other one for Windows Coyote Linux Windows Disk Creator Choose the one that suits you best the resulting floppy will be the same Warning The hardware specifications listed here are based on my own experience yours may vary 2 2 Main Server The function of this profile is further described in Section 5 2 It is perfectly possible to combine different profile to some extent doing so naturally make the hardware requirement different than those mentioned here Have a look at Section 2 7 The hardware specification for this profile depends mainly
90. and the HTML editor These manuals can be downloaded individually or together 211 pages from the Board of Education s web page at OpenOffice org user manual http skolenettet 1s no imaker id 171547 amp malgruppe 0 amp trinn 0 amp omr 153 amp mal snarvei Tip This kind of OpenOffice org material also exists in your language Chapter 1 Where and How to Get Help 1 5 6 LTSP Linux Thin Client Server Project LTSP The cornerstone to a well functioning Skolelinux Debian edu is the thin client In order to get these thin clients running smoothly there is a good piece of documentation which is already translated into several languages Linux Terminal Server Project http www ltsp org documentation index php Chapter 2 Getting the Right Hardware Skolelinux Debian edu Friendly Suppliers There are suppliers of new and used hardware tested with and sold pre installed with Skolelinux Debian edu This means that for a small amount of money you can save a lot of time fiddling with incompatible hardware and spend more time on improving Skolelinux Debian edu One such supplier in Norway is In Out http www inout no skolelinux 2 1 Firewall Router Warning The latest and final version of Coyote Linux is 2 24 The Coyote Linux Floppy Firewall Development has been discontinued see Coyote Linux Floppy Firewall Development Discontinued http Awww coyotelinux com news php article 202 Note that it is the floppy version of Co
91. aquota group See that they have zero size tjener ls lh skole tjener home0 aquota rw 1 root root 0 2005 12 09 15 54 skole tjener home0 aquota group rw 1 root root 0 2005 12 09 15 54 skole tjener home0 aquota user Now we populate the database files and notice afterward that they no longer are of zerosize tjener f quotacheck avug quotacheck WARNING Quotafile skole tjener home0 aquota user was probably truncated Can quotacheck WARNING Quotafile skole tjener home0 aquota group was probably truncated Ca quotacheck Scanning dev mapper vg data lv home0 skole tjener home0 don quotacheck Checked 3 directories and 3 files tjener ls lh skole tjener home0 aquota rw 1 root root 32 2005 12 09 15 54 skole tjener home0 aquota group rw 1 root root 32 2005 12 09 15 54 skole tjener home0 aquota user Note Note that if you have lots of data on skole t jener homeO the scanning process might take a long time 115 Chapter 8 Fine tuning Then we activate quotas tjener quotaon a We still haven t given any users any quotas but we may see what they are using tjener repquota skole tjener homeO Report for user quotas on device dev mapper vg_data lv_home0 Block grace time 7days Inode grace time Block limits 7days File limits User used soft hard grace used soft hard grace ronja 7164 0 0 569 0 0 henrik 8328 0 0 569 0 0 anna 13232 0
92. as a pdf File sees ener eene 5 1 5 3 Skane Sj lland Linux User Group Friheden til at skrive boger Freedom to Write hime 5 1 5 4 The Linux Documentation Project esessesesseeeeeeee nennen ener nennen 5 1 5 5 Manuals for OpenOffice org eee ener nre 6 1 5 6 LTSP Linux Thin Client Server Project LTSP eeeseeeeeeeenenre 6 2 Getting the Right Hardware eee eee eee eese ee ete ete setae tn etas tn aetas ttes tette stata sepa tasto esset ts etos tn sen 8 2 T1 Firewall Routet eerie tei e beer td eee eet I cene eee 8 22 EWiRISICNE ND EE 9 2 3 Thin Client Servers eg PO RER Betis E R E dites 10 2 4 The Thin Clienten UEEEMBEIQ Uu nDROQH PENIS inte 11 2 5 Workstation i eth benc eu oe endi eee besito 12 2 6 La pto Pi ceret ere et eed IR UE etes e e t IO LR eie eei 13 2 7 Combined profiles retener n pete EE erede 13 2 7 1 Combi server mainserver Itspserver eese eene nennen 13 2 7 2 mainserver with GUI mainserver workstation ccccsscccccesessceceecesseceecessnsseeeeeneaees 13 2 7 3 Not all can be combined oo eee nsei oiaoi aeee e Eea as 13 3 Firewall Router for Skolelinux Debian edu sscscscscsccsssssssscescssssscssssscsssceseesessscssssssesssseesseees 15 SS i eTR DYTE l n p EE 15 3 1 1 The Latest Version of Coyote Linux eese nennen nenne 15 3 2 Placement of the firewall router in a Skolelinux De
93. as a signal that this line is only a comment that is that this line should be skipped This technique of commenting out is typical for most configuration files in Linux other symbols used for this purpose are the semicolon and the double slash You can either work with package administration via the command line or with the help of a graphical application such as KPackage 5 or Webmin 10 A quick introduction to the use of the command line for working with package administration is given in this section This is the content of the file that contains the information about your package reservoir deb file cdrom sarge main local deb cdrom Debian GNU Linux edu Sarge Unofficial i386 Binary 1 20050808 unstable co deb http security debian org stable updates main contrib non free deb http security debian org sarge updates main contrib non free Use by uncommenting either http or ftp NOT both http based apt source deb http ftp debian org debian sarge main contrib non free deb http non us debian org debian non US sarge non US main contrib non free deb http ftp skolelinux no skolelinux sarge local ftp based apt source 99 Chapter 8 Fine tuning deb ftp ftp debian org debian sarge main contrib non free deb ftp non us debian org debian non US sarge non US main contrib non free deb ftp ftp skolelinux no skolelinux sarge local Notice that the on
94. available versions tjener apt cache policy webmin slbackup webmin slbackup Installed 0 0 10 1 Candidate 0 0 10 1 Version Table PE 0s LOST o0 00 http ftp skolelinux no sarge local Packages 00 var lib dpkg status 0 0 9 1 0 00 http ftp debian org sarge main Packages Poo C Here you can see that there are two versions available 0 0 9 1 and 0 0 10 1 If you want to install version 0 0 9 1 you can do that with the command apt get install webmin slbackup 0 0 9 1 tjener apt get install webmin slbackup 0 0 9 1 simulate Reading Package Lists Done Building Dependency Tree Done The following packages will be DOWNGRADED webmin slbackup 0 upgraded 0 newly installed 1 downgraded 0 to remove and 0 not upgraded Inst webmin slbackup 0 0 10 1 0 0 9 1 Debian 3 1r0 stable Conf webmin slbackup 0 0 9 1 Debian 3 1r0 stable tjener apt get install webmin slbackup 0 0 9 1 Reading Package Lists Done Building Dependency Tree Done The following packages will be DOWNGRADED webmin slbackup 0 upgraded 0 newly installed 1 downgraded 0 to remove and 0 not upgraded Need to get 22 0kB of archives After unpacking 131kB of additional disk space will be used Do you want to continue Y n 107 Chapter 8 Fine tuning Get 1 http ftp debian org sarge main webmin slbackup 0 0 9 1 22 0kB Fetched 22 0kB in Os 23 6kB s dpkg warning downgrading webmin slbackup from 0 0 10 1 t
95. b Physical volume dev hdb successfully created 83 Chapter 8 Fine tuning Then we add the whole disk dev hdb to the volume group vg data using the command tjener dev vgextend vg data dev hdb Volume group vg data successfully extended Then we use pvscan again to verify that we indeed have managed to successfully add dev hdb to vg data tjener dev pvscan PV dev hda6 VG vg data lvm2 1 94 GB 800 00 MB free PV dev hdb VG vg data lvm2 6 83 GB 6 83 GB free PV dev hda5 VG vg system lvm2 2 73 GB 692 00 MB free Total 3 11 50 GB in use 3 11 50 GB in no VG O 0 That looks nice now we may resize any of the lv groups Iv home or lv backup with more than the original 800MB that we had free Lets se if we can manage to increase skole backup with 1000M which should then make skole backup span across two different disks tjener umount skole backup tjener e2fsck fy dev vg data lv backup tjener resize2fs dev vg data lv backup tjener lvextend size 1000M dev vg data lv backup tjener mount skole backup tjener df h skole backup Filesystem Size Used Avail Use Mounted on dev mapper vg data lv backup 1 7G 17M 1 6G skole backup tjener f pvscan PV dev hda6 VG vg data lvm2 1 94 GB 0 free PV dev hdb VG vg data lvm2 6 83 GB 6 64 GB free PV dev hda5 VG vg system lvm2 2 73 GB 692 00 MB free Total 3 11 50 GB in use 3 11 50 GB in no VG O 0 As you can see
96. b2 old mv var lib Idap root dbb2 old slapadd l root Idap old ldif etc init d slapd start etc init d nscd start Onceina while it s wise to make a copy of the LDAP database etc init d slapd stop slapcat l root Idap TodaysDate ldif etc init d slapd start 162 Chapter 11 Useradministration with WLUS in Webmin 11 1 10 Delete a user or group of users If you want to delete users you have to choice of deleting one by one or deleting a whole group of users at once When you just want to delete one user you first find that user then place a mark in the selection box and delete him simple If you want to delete a whole group of users then you search based on groups you then see a new option Delete Selected and all users in groups this will delete that group and all users in that group as well Notice that when you delete a user in WLUS it doesn t relay get deleted it is more like a permanent form of disabling The user is still in the LDAP database and the homedirectory is still there This makes it not possible to re create a user with the same username because it s already there but disabled Have a look at the contents of skole tjener home0 d 5 10013 10013 4096 2005 11 21 17 47 demol d 5 10022 10022 4096 2005 11 21 17 47 demo10 d 5 10014 10014 4096 2005 11 21 17 47 demo2 do 222 5 10015 10015 4096 2005 11 21 17 47 demo3 d 5 10017 10017 4096 2005 11 21 17 47 demo
97. bian edu Network 15 3 3 Creation of a Coyote Linux Floppy eene ete enint teinte peti cene 16 3 3 1 Creating a Coyote Linux Floppy on a Windows Machine sess 20 3 4 Upgrading to Newer Versions of Coyote Linux ene neeenen 22 3 5 Coyote Linux Bootu p ete et ER ee ges tribe e ERR LER He eol 23 3 6 Coyote Linux Command Line Login eese nennen nennen nenne 26 3 7 Coyote Linux Web Administrator esses enne entree nenne nennen 28 3 8 Login via SSH iisoite cere d EO HERR RED HO EE Rettore EUIS 31 3 9 Useful Commands in Coyote Linux eese enne enee nene 32 3 10 Coyote Linux as an Ordinary DHCP Server in a Non Skolelinux Debian edu Network 35 3 11 Coyote Linux and different ISP eesssseseseeeeeeeeee enne nennen nenne enne nennen 36 3 12 Supported network card and Driver Modules Used see 37 3 12 1 Supported network card and Driver Modules Used sss 38 3 12 2 The Special Case of 3Com 509 ISA network card see 38 3 13 Further Information about Coyote Linux eene 39 iii A Network Architecture eue cess ccs eese tene sek evo ee eve ee sseni en Po sep ee veadi videiras eV ea aep ssoi ea so ere PN pace Va Pea Ue gea us 40 4 1 Useful diagram for placement of server according to choice of profiles
98. considered a constant work in progress Note There is currently no author approved translation of this document The Strategy Behind Writing This Document This document contains a rather large amount of screenshots simply because I like to write according to the saying A picture can say more than a 1000 words To do The main focus of this Sarge based version of the Newdriftbok is to make sure all that is written in the Woody based http www skolelinux no klaus newnotater version still functions The second focus is to include new material that newer made it into the Woody version of this document then to include totally new thing that wasn t easy available for the Woody release of Debian such as FreeNX Lessdisks Ltsp5 OpenOffice org 2 0 etc There will be a list toward the end of the document listing some items that will be included in future versions of this document See todo list Contributions to This Document don t intend nor do have the time to maintain this document alone please read the chapter on how to contribute by translating fixing typos code cleanup etc Chapter 1 Where and How to Get Help 1 1 Mailing lists Belonging to the Skolelinux Debian edu Project Sometimes when you are really stuck and have no idea how to solve your problem or maybe you don t even know how to formulate your problem then it can be very comforting to know that there are several mailing lists out there dedicated to
99. consumes plenty of bandwidth see TODO 8 Warning Plenty of people have wanted and tried to get the CD ROM to work in a thin client but without success If you have managed to get it to work please let me know 2 5 Workstation The function of this profile is further described in Section 5 2 The hardware requirement for this profile all depends on what you have available the intended use of the machine and how fast you want the machine to do things Unlike the other server profiles such as main server and Thin client server this profile is mainly to be used by one user at a time so making a bad hardware choice will only affect one user You will need a hard drive with a minimum size of about 1700MB plus 4 times the amount of RAM in the machine There is no need for a big hard drive in this machine unless you plan to use it as an external backup server TODO the sidebar To do If you do have a really big hard drive in this machine and would like to put it to good use you could add another lv to the machine and use it to save big files such as video images ISO images see Section 8 5 8 Tip If you have a rather small hard drive but plenty of RAM maybe as much as 940MB then the swap partition alone would end up being almost 2GB big If you think this is too much then you can lower the amount of RAM that the installer sees by booting with the option 12 Chapter 2 Getting the Right Hardware Press F1 for help or Enter to
100. containing workstations or all of the workstations in a small network all hosts This group contains no individual hosts but all of the other netgroups Naming Conventions Note that all of the netgroup names end with hosts This is to make it easier to distinguish netgroups from other groups whenever necessary We suggest you use the same naming convention 8 6 2 Adding Hosts to a Netgroup In the overview click on the netgroup you want to change A new window appears showing hosts subgroups and netgroups available to add as subgroups and an area for adding new hosts Figure 8 5 Adding Hosts to a Netgroup FIXME 40 description of image Enter the name on a line of its own for every host you want to add to the netgroup If you check the Verify validity of hosts box every hostname will be tested but only valid ones will be added Note this may slow down the process 87 Chapter 8 Fine tuning If you check the Make sure the hostnames can be used by the file server box every hostname will be tested but only those usable to the file server will be added Note this may slow down the process Click on Add to add the entered hosts to the netgroup You will see the same page but with the new hosts included in the list Figure 8 6 New hosts Added to the Netgroup FIXME 41 description of image Click on Back when you are finished editing the netgroup Remember to save your changes 8 6 3 Saving Changes Return
101. d VerBeek http rzero com coyote faq html Notes 1 If you made the Coyote Linux floppy on Windows then you have already set the root password So you don t need to do so now but you must use this password to login to Coyote Linux 2 This is actually a symbolic link to etc bind debian edu named bind9 conf 39 Chapter 4 Network Architecture This is in part based on http developer skolelinux no arkitektur arkitektur html http developer skolelinux no arkitektur arkitektur html en 4 1 Useful diagram for placement of server according to choice of profiles 4 1 1 The different profiles on different servers Figure 4 1 The different profiles on different servers System settings 4 1 2 The two profiles Main server and Thinclientserver combined to make Combiserver Figure 4 2 Combi server System settings In arelatively small setup with just a handful small or large you can easily bypass using a dedicated backbone switch and just use a crossovercable to connect the firewall with the combi server Note Just beware that when you put the printer on a thinclient 192 168 0 0 24 network the hostname printer00 doesn t work Also make sure to edit the KDE Printwizard so that it searches the 192 168 0 0 24 network for printers not it s default 10 0 2 0 23 network 40 Chapter 5 Skolelinux Debian edu Installation Keyboard Layout FIXME Should add a keyboard map here The installation of Skolelinux
102. database and tracking system it s based on the Mozilla bug system and lots of people find it very strange to use You don t necessarily need to get yourself an account in our Bugzilla although it is handy when reporting bugs but you should know about it and it s location The url is http bugs skolelinux no if you want to query existing bug reports the url is http bugs skolelinux no query cgi 1 GRUB is the bootloader used in Skolelinux Debian edu Another often used bootloader is LILO which you can choose to install if you have chosen the expert installation method or later after the installation of Skolelinux Debian edu is finished 2 You can find the contents of these messages with the command dmesg and by looking in the files var log dmesg and var log daemon log 63 Chapter 8 Fine tuning 8 1 The Famous Command Line As with most other common operating systems almost all of your day to day tasks can be carried out with the mouse by click and point In addition to that you can use the famous command line to do them as well Why would you want to use the command line Well it s faster and you have more control over what is going on behind the buttons so it s an alternative Besides sometimes the command line is all you have 8 1 1 Shell Terminal This is the easiest way of getting to the command line when you are in a graphical modus Just start if from K menu Run command konsole and there you write konso
103. de only a few basic services is started no GUI Booting with recovery mode is the same as Runlevel 1 which also can be reached from the command line by typing init 1 See man init Password Protecting Grub If you have a workstation or a laptop that many users have access to then it is advisable to set a password on GRUB so that the users can t easily boot various unwanted kernels or do mischief with the machine By changing some options in the file boot grub menu 1st you can tighten up the security when booting the machine You can disable the possibility to boot the option recovery mode and also refuse your users access to the GRUB command line unless they have the GRUB password FIXME add examples from menu lst See man grub md5 crypt for how to encrypt a password in MD5 format Password Protecting your BIOS Remember to also put a password on your BIOS so that it s not possible to change the boot order and boot from floppy CD ROM or only from the hard drive 55 Chapter 7 The Second Stage of Skolelinux Debian edu Installation Is your Server Placed in a Public Place If you have placed your server against all sane advice in a room with public access where everybody has physical access to the machine then advise you to immediately set a password on GRUB grub md5 crypt tjener grub md5 crypt Password Retype password 1 xZBDT0 8u0CO9XOGpBeXKnhUoUS5A This encrypted password is now ready for use in b
104. e KDE configuration files in the directories under kde First create the directory etc skel kde with the command mkdir etc skel kde then do the copying with the command cp ar skole tjener home0 golden kde etc skel kde Everything you see in your KDE desktop environment is a setting in one or another KDE configuration file For example the attributes for your shortcut icons are covered in the file Desktop something or other desktop The following is part of the contents in the shortcut for OpenOffice org Writer Desktop Entry Version 1 0 Encoding UTF 8 Terminal false Categories Application Office Icon ooo writer Exec usr bin oowriter U Type Application ame OpenOffice org Writer Comment OpenOffice org Text Document StartupNotify false Here you can see clearly how you can make changes to attributes such as the file path to where the program is stored what kind of picture that is to be used for the icon etc 10 4 1 The Kicker the Bottom Menu Line Figure 10 2 Kicker FIXME 52 description of image Another important directory for KDE configuration files is kde share config This is where you find almost all of the configuration files for KDE programs The niftiest one to know about is the file kde share config kickerrc which determines the appearance of the panel at the bottom of your screen 150 Chapter 10 Special Adaptations for your Users 10 4 2 Desktop Icons Background What
105. e Used Avail Use Mounted on dev vg system lv usr 1 0G 400M 600M 40 usr 3 Then have a look at how much free space there is in vg_system vgdisplay dev vg_system Look for a line such as Free PE Size 175 5 47 GB 4 The machine is now in runlevel 1 Login as user root and switch to another shell exec bin ash You will recognize that you are using a different shell by the prompt which looks like n w If you make a typo in the shell ash you have to start writing the command all over again because the BACKSPACE and Arrow keys don t work here You start all over with CTRL C 5 Before you can unmount the partition usr you must unmount all other partitions tjener f exec bin ash h wS df h Filesystem Size Used Avail Use Mounted on dev hdal 206 70 126 36 tmpfs 126 O0 126 0 dev shm dev mapper vg_system lv_usr 933 409 486 46 usr dev mapper vg system lv var 388 37 335 10 var dev mapper vg_data lv_home0 489 8 1 461 2 skole tjener homeO dev mapper vg_data lv_backup 669 T7 619 3 skole backup dev mapper vg_system lv_squid 237 8 1 217 4 var spool squid none 126 0 126 0 tmp tmpfs 10 652K 9 4 7 dev h w umount var spool squid h w umount skole backup h wS umount skole tjener home0d h wS umount var h wS umount usr h w df h 73 Chapter 8 Fine tuning Filesystem Size Used Avail Use Mounted on dev hdal 206M 70M 126M 36 tmpfs
106. e for version 2 6 8 on AMD64 SMP systems kernel image 2 6 8 11 em64t p4 smp Linux kernel image for version 2 6 8 on Intel EM64T SMP systems kernel image 2 6 8 2 686 smp Linux kernel image for version 2 6 8 on PPro Celeron PII PIII P4 SMP kernel image 2 6 8 2 k7 smp Linux kernel image for version 2 6 8 on AMD K7 SMP 67 Chapter 8 Fine tuning There is no need to explicit specify the kernelversion like 2 4 27 or 2 6 8 just use 2 4 or 2 6 so the above then boils down to kernel image 2 4 686 smp Linux kernel image for version 2 4 on PPro Celeron PII PIII P4 SMP kernel image 2 4 k7 smp Linux kernel image for version 2 4 on AMD K7 SMP kernel image 2 6 686 smp Linux kernel image for version 2 6 on PPro Celeron PII PIII P4 SMP kernel image 2 6 amd64 k8 smp Linux kernel image for version 2 6 on AMD64 SMP systems kernel image 2 6 em64t p4 smp Linux kernel image for version 2 6 on Intel EM64T SMP systems kernel image 2 6 k7 smp Linux kernel image for version 2 6 on AMD K7 SMP Now you just need to know what kind of processor you have 686 Intel k7 AMD AMD64 or EM64T Once you know which kernel is the correct one for your machine you can install it with the command apt get install kernel image 2 6 your cpu smp If you have Intel Xeon you would use apt get install kernel image 2 6 686 smp Or if you use 2 4 kernel apt get install kernel image 2 4 your cpu smp If you have AMD Athlon TM MP 2000 you
107. e in Figure 6 6 comes from the file src debian edu install debian debian edu install templates at alioth debian org GUI You will repeatedly see references to GUI and Graphical User Interface In short that means a computer mode where you can use the mouse to point and click The opposite of a GUI mode is the pure command line This is a very short explanation of GUI A Short Summary of the Different Profiles in Skolelinux Debian edu and How They can be Combined 1 Main server Warning All Skolelinux Debian edu networks must have one and only one machine with this profile installed You can combine this with workstation or thin client server if you like 43 Chapter 5 Skolelinux Debian edu Installation Every Skolelinux network needs one and only one machine running the Main Server profile This machine provides the network services mainly file network and LDAP so without this machine the network does not work Since this machine will hold all data files it will need a lot of hard disk space Installing this option solely results in a machine without a Graphical User Interface GUI If you want a GUI you ll need to include the workstation profile or thinclientserver Workstation Machines running the Workstation profile are normal machines Users logging on to a workstation are authenticated by the machine running the mainserver profile and have their documents and personal settings stored in home directories o
108. e thin client that has an attached printer choose that one and the rest of the process of choosing printer and driver should be pretty easy I hope When you try to print out a test page you may find that the printer reacts but still nothing gets printed out The printer s resolution may be set too high Try it again with 150 ppt 120 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 2 Ldap server 9 3 SSH server 9 4 rdiff backup server There is a backup module included in Webmin You find it under the tab Servers and Skolelinux Backup or https tjener intern 10000 slbackup Warning You should try running a few restores from your backup before it becomes seriously necessary Figure 9 1 Webmin Servers Webmin slbackup icon This is the place in Webmin where you find slbackup Figure 9 2 Slbackup General slbackup general Slbackup has 5 modes of operation General Figure 9 2 Backup details Figure 9 3 Restore Figure 9 6 Maintenance Figure 9 8 121 Chapter 9 Services Out of the Box in Skolelinux Debian edu SSH keys Figure 9 9 Figure 9 3 Slbackup Backup Details slbackup details This is where you set the time that you want the backup to be done which will then take place at that time every day Slbackup Expert Tips If you want you can set slbackup so that it does a backup more often than once a day This is done by changing the file etc cron d
109. ee cs TI 8 544 ResizingJ Var euet eade esnspetateeleveeierenuspscstenenunsem TI 8 5 5 Resizing var opt Itsp swapfiles esseeeseseeeseeeen eene rennen ene 78 8 5 6 9 Wap cists epe ERI REIR TEE Re tee tds 79 8 5 7 R suing var spool squid cesses e tei tni dett iet s 80 8 5 8 Adding a New Volumev lv eeeeseeeseeeseeseeeee eene eene enne nnne nen nene nennen 81 8 5 9 Adding a New Disk to LVM in Skolelinux Debian edu esses 83 8 5 10 Activating the lvm volumes from a KNOPPIX cd sse 84 8 6 Editing Host NetgrOo ps i etate et ee Bei ee eit p eee e e nec etes 85 8 6 1 The Netgroup Module sseeseeseeeeneeeeeennenr ener nennen oroare rennen 86 8 6 2 Adding Hosts to a Netgroup sss aea eie iaeaea ener enne 87 8 6 3 Saving Changes ies aca eapite ee hea eee up 88 8 6 4 Adding a New Netgroup eie iet Ree e iere e e seii d 88 8 6 5 Adding a Subgroup s seseeseeesserererserstsrerereererersrserseerereeserenseeensesrerersenersrsreeessererereerere 89 8 6 6 Deleting a Netgtolp cue te eet rer i reete tente eds 89 8 6 7 Removing Hosts from a Netgroup eee ceseesseesceeceeeeeeecaeesaesaeceeceeeeseeeeesneesaesaecnees 89 8 6 8 Removing a Subgroup eiit eher sso epebede teer eei rait o regere 89 8 7 Thin Chent Setup poe Dieter ERE RUE e aee E er eus 90 8 7 1 Assigning a thinclient a Static IP address ssse
110. enoffice org help nn 2 0 1 openoffice The following packages will be REMOVED openoffice org help el openoffice org help en openoffice org help es openoffice org help fr openoff The following NEW packages will be installed libgnujaxp java libgnujaxp jni libneon24 libnspr4 libnss3 libsndfilel libwpd8 libxt java openoffice openoffice org common openoffice org core openoffice org draw openoffice org impress openoffice org openoffice org 110n en us openoffice org math openoffice org writer python uno The following packages will be upgraded openoffice org 110n ca openoffice org 110n de openoffice org 110n el openoffice org 110n es openoff openoffice org 110n nl openoffice org l10n nn 8 upgraded 21 newly installed 5 to remove and 258 not upgraded 113 Chapter 8 Fine tuning Warning Pay closely attention to what will be Hemoved If what you see looks like what I see then you can remove simulate and install OpenOffice org Warning Once you are done with installing OpenOffice org 2 0 you should must remove the line in etc apt sources list that referees to backports if you forget that and run apt get upgrade with those lines included the consequence can be dire 8 9 14 Upgrade OpenClipart One very good companion to OpenOffice org is openclipart I recommend using the one from Debian Testing 8 10 The Quota System for Hard Drive Space First we need some additional packages install them with apt get
111. ersion Konqueror is not a very good web browser However it does function great as a file manager Figure 12 1 File Manager Home Icon FIXME 109 description of image I think it s nice to see what I ve got in my files by going to the menuView Preview and by clicking on for example Images then you can see things a bit more clearly You can create new directories folders by right clicking somewhere in the background of the file manager Then a menu pops up where you then choose Create New and Directory If you want to move a file into another directory then you can simply drag it over to the directory in question by holding the left mouse button down while moving the file over to the directory then releasing the button when you are over the directory Alternatively you can press the right mouse button that is right click on the file you want to move and a menu pops up Click on Cut then find the directory you want to move the file to right click on that directory and another menu pops up Choose Paste and the file is transferred Sometimes it s good to be able to see the contents of two directories simultaneously You can make this happen by choosing Window Split View Left Right Then you can easily move files in a clear manner between directories 12 2 Mozilla Firefox The version of Mozilla Firefox that officially accompanies Debian Woody Skolelinux is version 1 0 4 I 164 Chapter 12 Configuration U
112. ert a floppy in the machine Remember to turn the write protection off The creation of the floppy will take a few minutes 19 Chapter 3 Firewall Router for Skolelinux Debian edu Warning Make sure that you don t get any error messages related to unknown NIC modules like this Checking module deps for wrong bad Copying module drivers wrong o Unable to copy module drivers wrong o No such file Jor directory Make sure you see something like this instead Checking module deps for e100 3c59x Module 3c59x dep Module e100 dep Copying module drivers el00 0o Copying module drivers 3c59x o 3 3 1 Creating a Coyote Linux Floppy on a Windows Machine If you create the floppy on a Windows machine it s almost the same procedure as with Linux Download the Source Files for Windows probably from Windows Disk Creation Wizard v2 24 0 http www coyotelinux com downloads channel php ChannelID 5 Figure 3 2 Coyote Linux Windows Creator Welcome Image Coyote Linux Windows Creator Welcome Image Here you just press Next Figure 3 3 Local Network Setup LAN Local Network Setup Here you must fill in the necessary network information see A Filling in the correct values for IP address and Netmask will make Coyote Linux correctly calculate the values for Broadcast address and Network address 20 Chapter 3 Firewall Router for Skolelinux Debian edu Figure 3 4 Setting a Password on the Coyote Linux Flo
113. ervices Out of the Box in Skolelinux Debian edu Once that is changed you need to stop squid and resize it s swapfiles then start squid again etc init d squid stop squid z etc init d squid start tjener etc init d squid stop Stopping proxy server waiting done squid tjener squid z 2005 11 21 16 10 14 Creating Swap Directories tjener etc init d squid start Starting proxy server squid 9 15 NFS server 144 Chapter 10 Special Adaptations for your Users There are many things you can do for your users so that their experience of working with a Skolelinux Debian edu machine will exceed anything they have known previously believe me 10 1 Deciding Which Directories the Users Should Have To start with every users get two directories created when the user is created drwxrwx klaus klaus priv drwXrWXr x klaus klaus pub that is a directory that is open for everyone to view pub and one that is closed to other users priv If you aren t comfortable with the idea that your users are supposed to understand the concept of a closed priv and an open directory pub in their home directories you can change this You can either lock the directories at the top level after the users are created chmod 700 skole tjener home0 or you can open them a little chmod 711 skole tjener home0 If you want your users to have several directories from the start for example the directories mathematics Englis
114. es Out of the Box in Skolelinux Debian edu 9 4 4 Slbackup Log Files You find the log files for slbackup in var 10g slbackup slbackup log This is where information is logged about when the last backup was done how much was changed etc Session statistics an StartTime 1086202803 00 Wed Jun 2 21 00 03 2004 EndTime 1086204514 88 Wed Jun 2 21 28 34 2004 ElapsedTime 1711 88 28 minutes 31 88 seconds SourceFiles 56607 SourceFileSize 1625082476 1 51 GB irrorFiles 41244 irrorFileSize 1060012665 1011 MB ewFiles 15372 ewFileSize 564463215 538 MB DeletedFiles 9 DeletedFileSize 65488 64 0 KB ChangedFiles 344 ChangedSourceSize 667575185 637 MB ChangedMirrorSize 666903101 636 MB IncrementFiles 15725 IncrementFileSize 1936873 1 85 MB TotalDestinationSizeChange 567006684 541 MB Errors 0 Jun 02 21 28 36 Successfully finished backing up client tjener Jun 02 21 28 36 Finished slbackup It pays once in a while to have a look at this file check that you have Successfully finished backing up 9 4 5 Use of slbackup in real life Go to Restore and choose full restore make sure you have enough space in the directory where you place the files temporarily If there is something wrong with your backup you ll find out now 9 5 Samba server windows file and print In order to be able to add windows machines to the Skolelinux Debian edu domain you need a samba root password you generate t
115. eselected package libmngl Unpacking libmngl from libmngl 1 0 8 1 i386 deb Selecting previously deselected package libxcursorl Unpacking libxcursorl from libxcursorl 1 1 3 1 i386 deb Selecting previously deselected package libxft2 Unpacking libxft2 from libxft2 2 1 7 1 i386 deb 109 Selecting previously deselected package libqt3c102 mt Unpacking libqt3cl02 mt from libqt3c102 mt 3 3a3 3 4 3 i386 deb Setting up libaudio2 1 7 2 Setting up liblcms1 1 13 1 Setting up libmngl 1 0 8 1 Setting up libxcursorl 1 1 3 1 Setting up libxft2 2 1 7 1 Setting up libqt3c102 mt 3 3 4 3 Setting up opera 8 51 20051114 5 Chapter 8 Fine tuning Armed with the different commands from earlier in this chapter we can now verify that Opera really is installed tjener apt cache policy opera opera Installed 8 51 20051114 5 Candidate 8 51 20051114 5 Version Table 8 51 20051114 5 0 100 var lib dpkg status tjener dpkg list grep opera ii opera 8 51 20051114 The Opera Web Browser 8 9 10 Searching Through Files that were Installed by a Specific Package Sometimes it s nice to know exactly which files came from a specific package You can get that overview with the command dpkg listfiles lt packagename gt tjener dpkg listfiles opera usr bin usr bin opera 110 Chapter 8 Fine tuning etc etc opera6rc etc opera6rc fixed 8 9 11 Find
116. esized Then make new swap with the mkswap 79 Chapter 8 Fine tuning ltspserver05 4 mkswap dev vg system lv swap Setting up swapspace version 1 size 746582 kB no label UUID fd634991 e5ca 4aac 9fe8 a000bde60c38 Then turn on swap again with the command swapon ltspserver05 swapon dev vg system lv swap Then check if you now have a different swapsize ltspserver05 free total used free shared buffers cached Mem 256968 97036 159932 0 5768 48520 buffers cache 42748 214220 Swap 729080 0 729080 As you can see 200MB more swap Probably the most interesting would be to make the swap partition smaller for that use the same commands as above but use Ivresize L 300M dev vg system lv swap to reduce the size by 300MB ltspserver05 swapoff dev vg system lv swap ltspserver05 lvreduce size 300M dev vg system lv swap WARNING Reducing active logical volume to 412 00 MB THIS MAY DESTROY YOUR DATA filesystem etc Do you really want to reduce lv swap y n y Reducing logical volume lv swap to 412 00 MB Logical volume lv swap successfully resized ltspserver05 4 mkswap dev vg system lv swap Setting up swapspace version 1 size 432009 kB no label UUID 9db01ef6 7623 4e5b 956e b6fe607aec4f ltspserver05 swapon dev vg system lv swap ltspserver05 free total used free shared buffers cached Mem 256968 97576 159392 0 6456 48544 buffers cache 42576 214392 Swap 421880 0 421880 8 5
117. ete no KDM uu ec cece ceseeseesecesceseeeeecaecssesaeceeceeeseseaeesessaesaecsssseeseeeaseneeags 59 7 10 Installation as Complete KDM v s 54 eade idee eee edens 59 7 11 Missing networkcard sssseeseeeseeeee eene nne enne eth ene entre E etre ERA 61 7212 sreboot shutdown trom kdm eer cement bb Uer E ees 62 7 13 Now you may turn of the MACHINE eee esse eee ceeceeeeeeecaecesesaecueceeceseseaecaaesaesaecseceseeseeeaseneeaes 62 7 14 100dconf apim oett ti onte iet impe cedet p p d oer atre 63 8 1 Tin command e oo chiseled a Aah Senseo eiie oia eei roS 64 8 2 Konsole nni ree e E REOR Er Ea E E GR RI ETES 64 8 3 RWI cce 65 8 4 Overview Of Netgroups ertet retro ob ER DP MER Heo Ge sans rere lI Ren 86 8 5 Adding Hosts to a Netgro ps iessen o sa eree eee enne ie tente enne trennen street tet EOE rE rennen 87 8 6 New hosts Added to the Netgroup sees nennen ier nenne ns i rene 88 8 7 Changes are Saved e dU eto delevit Pe ge cerei ripe aces E tease Pe ds 88 8 8 Adding New Netgroup 6 uueeo doce ceno ree elite e HS RES 88 8 9 New Group Added 5 icu tec b cese Ero P E ER IRR RU REI Y ien 88 8 10 Adding a Subgroup i eter teet tee RD EE ee rb reper puis 89 8 11 Subgroup Added uio RU RO Bae RII E Oque Grp i e o 89 8 12 Webmin disk quot icon 5 iterete tt petet D HERO EG EUER ERR 117 8 13 Filesystems with quotas itd tee ree E eee te e e ERI Edi see i
118. ever you have on the desktop in the way of icons and other types of shortcuts is determined by the contents of the directory Desktop Everything in the directory etc skel Desktop winds up on the desktop for all new users Copy shortcuts that you want everyone to have into this directory see Section D 4 to find out how these desktop files can be copied 151 Chapter 11 Useradministration with WLUS in Webmin 11 1 During the installation of Skolelinux Debian edu see Figure 7 6 you were asked to set a password This password is the basis for 2 different passwords One of them you use to login to Webmin at the same time it is also the root password The other is the LDAP password To change the root Webmin password you can either use the command line with the command passwd or you can use the program kdepasswd which you find in K menu Run command kdepasswd tjener passwd Enter new UNIX password Retype new UNIX password passwd password updated successfully To change the LDAP admin password aka the one you use once inside Webmin when you want do add delete modify users you use a script from the commandline tjener usr share debian edu config tools passwd admin Enter new password for user admin Reenter new password Enter LDAP Password Note You could also use this script to change the password of users Note This should later be moved to Services out of the box There are several systems for user
119. every time it s especially clear when you work with apt get The squid server runs on the machine with the hostname webcache which by default is the Main server Try to ping ping c4 webcache and you will see which machine responds tjener ping c3 webcache PING tjener intern 10 0 2 2 56 84 bytes of data 64 bytes from tjener intern 10 0 2 2 icmp seq 1 ttl 64 time 0 117 ms 64 bytes from tjener intern 10 0 2 2 icmp seq 2 ttl 64 time 0 153 ms 64 bytes from tjener intern 10 0 2 2 icmp seq 3 ttl1 64 time 0 126 ms tjener intern ping statistics 3 packets transmitted 3 received 0 packet loss time 1999ms rtt min avg max mdev 0 117 0 132 0 153 0 015 ms The most obvious thing to adjust when it comes to how the Squid server works out of the box is the size of it s swapfiles The default size is 100MB while it s dedicated partition var spool squid is in most cased far bigger than that Like in this case tjener d h var spool squid Filesystem Size Used Avail Use Mounted on dev mapper vg system lv squid 469M 95M 349M 22 var spool squid In this case it would make sense setting the swapfiles size to something near 469M you achieve this by editing the line about number 699 in the file etc squid squid conf remove the comment sign in front of the line and adjust it to look like this creating a 400M size for the swapfiles cache dir ufs var spool squid 400 32 256 143 Chapter 9 S
120. f this document but the clue is to have in your kernel config file CONFIG HIGHMEM64G Y You definitely want to have two processors that way one user can start a heavy process such as Gimp and lock up one CPU and there will still be one easily available for the other users on the system It s not crucial to have the fastest CPU available on the market having two is more important Onamachine with the thin client server profile installed no user data or home directories will be saved All user data will be NFS mounted from the machine with the profile main server There is no need for a large disk on this machine unless you choose to also use it as an external backup machine see TODO the sidebar To do A 9GB disk is enough for such a machine but it should be SCSI because of the heavy load with many thin clients You must have two network cards of good quality One card eth0 will connect to the main server to get home directories the other eth1 will connect to the thin client switch this card should have 1000mbit speed and the switch should have a 1000mbit uplink port 10 Chapter 2 Getting the Right Hardware Warning Remember that each thin client uses about 2Mbit of network bandwidth which means that on a 100Mbit network you can t have more than about 50 thin clients If you need more than that you must get more thin client servers or invest in a 1Gbit network would choose more thin client servers Warni
121. fconfig look for something similar to HWaddr 00 00 86 4A 58 5A Now that you know the MAC address you can type it in the file etc dhcp3 dhcpd conf for example host ltsp010 hardware ethernet 00 00 86 4a 58 5a fixed address 192 168 0 10 ffilename tftpboot lts vmlinuz 2 4 19 1tsp 1 filename tftpboot lts pxelinux 0 option option 128 e4 45 74 68 00 00 option option 129 NIC 3c509 After you have typed in the MAC address then you must restart the DHCP server which is done with the command etc init d dhep3 server restart 92 Chapter 8 Fine tuning In this case I have decided that the thin client with the MAC address 00 00 86 4a 58 5a should be named Itsp010 and be given the IP number 192 168 0 10 The names ItspXXX cannot be changed to something else for example room203 It won t work Remember that a hash mark before a line in a file etc dhcp3 dhcpd conf is used as a comment symbol which means that this line is just a comment In this case I have put a comment symbol at the start of the line ffilename tftpboot lts vmlinuz 2 4 26 1tsp 2 while at the start of the line filename tftpboot lts pxelinux 0 there is no comment symbol This means that this thin client has a network card of the type PXE so it must have an image when it starts up pxelinux 0O Ifit didn t have a PXE network card but instead a normal card that needs an Etherboot floppy see Section 2 4 then it would need the start up ima
122. fter 5 seconds in this concrete screenshot the counter has reached 3 seconds The countdown can be stopped by pressing one of the Arrow keys The arrow keys are also used to choose which of the available Linux kernels you want to boot The automatic boot is very handy for booting the system unattended In the GRUB configuration file boot grub menu 1st you can choose to change the default value for the countdown the appearance of the GRUB menu the name of the different kernels to boot set a password etc In this screenshot you have two boot choices Debian GNU Linux kernel 2 6 8 2 386 Debian GNU Linux kernel 2 6 8 2 386 recovery mode Note All this about GRUB should be moved to a later chapter probably finetuning 54 Chapter 7 The Second Stage of Skolelinux Debian edu Installation Note Notice here that the system is using 2 6 kernels that is because this installation was done with the boot option linux26 see linux26 You choose by highlighting the kernel you want to boot move between the different kernels with the Arrow UP DOWN keys and boot the chosen kernel by pressing ENTER Usually you would just boot the default kernel without making any active choices that is the line that does not contain recovery mode Theline containing recovery mode is used when you need to either do some repair or maintenance on the system like when you need to resize the lv partition usr When booting with the option recovery mo
123. g 69 6kB of additional disk space will be used Selecting previously deselected package ash Reading database 33386 files and directories currently installed Unpacking ash from d dash ash 0 5 2 5 all deb Setting up ash 0 5 2 5 8 5 1 Resizing the usr Partition This lv belongs to vg system It s present in the profiles mainserver workstation and thinclientserver All installed programs are placed in this partition If this partition is full you can t add new packages to the system other than that the system will function just fine The resizing of this partition is a bit tricky 1 The tricky part about resizing this partition is that you have to unmount the partition that you are using which is kind of like sawing off a tree branch that you are sitting on However we can manage it by using a neat little trick switching to the shell ash First you need to bring the machine down to runlevel 1 with the command init 1 First of all you need to tell all your users that they have to logout otherwise they will be forcibly logged out then type init 1 from the command line You can verify that you now are running under a different runlevel with the command runlevel tjener runlevel LS 72 Chapter 8 Fine tuning You might also see Unknown instead of 1 S 2 First you need to notice the current size of usr before you change it use the command df h usr tjener d h usr Filesystem Siz
124. g NEW packages will be installed librsyncl rdiff rdiff backup 0 upgraded 3 newly installed 0 to remove and 119 not upgraded Need to get 0B 197kB of archives After unpacking 770kB of additional disk space will be used Do you want to continue Y n Selecting previously deselected package librsyncl Reading database 69270 files and directories currently installed Unpacking librsyncl from librsyncl 0 9 7 1 i386 deb Selecting previously deselected package rdiff Unpacking rdiff from rdiff 0 9 7 1 i386 deb Selecting previously deselected package rdiff backup Unpacking rdiff backup from rdiff backup 0 13 4 5 i386 deb Setting up librsyncl 0 9 7 1 Setting up rdiff 0 9 7 1 Setting up rdiff backup 0 13 4 5 125 Chapter 9 Services Out of the Box in Skolelinux Debian edu When combined with making a backup volume see Section 8 5 8 this is a fine way to do backups of files all the time To add a dedicated backupvolume run this command Ivcreate size 1G name Iv backup vg system mkdir backup mke2fs j dev vg system lv backup Don t forget to add a corresponding entry in etc fstab in this case it would be dev vg system lv backup backup ext3 defaults 0 Warning You must make sure that this machine has a locked ip address have a look at dhcp server Also make sure that you under the tab Backup details specify that the backup server it external and remember to use the c
125. ge vmlinuz 2 4 26 1tsp 2 Another choice you can make for each single thin client in this file is to activate that is remove the comment symbol at the beginning of option option 128 e4 45 74 68 00 00 option option 129 NIC 3c509 if and only if you have a 3com509 ISA network card in your thin client 8 7 5 Customising Thin Clients In the file opt 1tsp i386 etc 1ts conf you have the possibility to specially customize each individual thin client You can also make adaptations that cover all of the clients at once Here I want you to note that there is already a large document which describes how to set up thin clients Itsp org http www ltsp org Look in the documentation menu Ihave only mentioned the most important changes you can make in opt 1tsp 1i386 etc lts conf I recommend that everyone should read the documentation that is found at http www ltsp org 8 7 5 1 Printer Connected to a Thin Client In order to specify that you have a printer connected to the parallel port of a thin client the following lines must be added to the file opt 1tsp i386 etc lts conf 1tsp050 PRINTER 0 DEVICE dev lpO 93 Chapter 8 Fine tuning PRINTER 0 TYPE P exchange Itsp050 with the correct name of your thin client See part Section 9 1 1 8 7 5 2 Serial Mouse Add the following to the file opt 1tsp i386 etc lts conf if you have a serial mouse connected to the COM port
126. h German French this can be done by changing a bit of the file usr share webmin ldap users createhomedir by adding these lines Make a directory related to the subject mathematics mkdir homedir mathematics chmod 0770 Shomedir mathematics 3k Make a directory related to the subject English 3 kdir Shomedir English chmod 0770 Shomedir English Make a directory related to the subject German mkdir Shomedir German chmod 0770 Shomedir German Make a directory related to the subject French mkdir Shomedir French hmod 0770 Shomedir French Q 145 Chapter 10 Special Adaptations for your Users 10 2 Automatic Start of Program at Login There are some programs that your users surely use every time they login So it would be nice to be able to automatically start them up at login instead of having to do it manually every time This can be done by copying shortcuts to the program into the directory kde Autostart which is stored in the user s home directory The Autostart directory is within a hidden directory to be able to see this you must go to the menu line in the Filemanager click on View and then on Show Hidden Files When you are done you turn off the Show hidden files An easy way to get a hold of these short cuts is to first drag them from the K menu by holding down the left mouse button and then releasing them on the desktop background choosing Copy here Then you
127. hat with command smbpasswd root 128 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 6 Munin systemstatistics server Note It might take 5 10 minutes before changes to the Munin configurationsfiles are taken into effect If you point your browser to the url http tjener intern munin you will see that Munin is already running on your albeit not yet properly configured You should see something like this Figure 9 11 Unconfigured Munin Munin as in out of the box I use the following convention Server is the machine that gathers and displays the statistics in a Skolelinux Debian edu network that is usually the Mainserver clients are the machines that we want to monitor There is two things we need to configure setting up the clients so that the Mainserver can be allowed to gather the data and telling the Mainserver which clients it should monitor We should also make Munin use a more appropriate name than localhost replace the following stanza in the file etc munin munin conf localhost localdomain address 127 0 0 1 use_node_name yes with something like tjener intern address 127 0 0 1 use node name yes Now that we have meaningful names lets tell Munin which clients it should monitor If you have a Thin Client server with the correct ip address of 10 0 2 10 then adding the following stanza to the file etc munin munin conf on the Mainserver will make Munin start monitoring that client
128. have a so called shortcut file in the directory Desktop You copy this file into the directory kde Autostart which will automatically start the program when the user logs on 10 3 Message to Users 10 3 1 Message to Everyone who Logs in There is a program xmotd message of the day browser that makes it possible to show the contents of a file when a user logs in to the system This is useful for example when you want to give information about a new printer planned down time etc If you don t have xmotd installed then you can install it with apt get install xmotd Then you have to enable the program xmotd to be able to show a file when the user logs in Add these lines to the file etc X11 Xsession xmotd popdown 25 geometry 500x500 usr local motd xrm title label Today s Message always This will then show the contents of the file usr 1ocal motd when the user logs in popdown 25 means that the message will disappear after 25 seconds while always means that the message will be shown every time a user logs in 146 Chapter 10 Special Adaptations for your Users Have a look at the manual page for xmotd for a description of the other choices You can view the manual page from the command line with the command man xmotd 10 3 2 Message to a Specific User who Logs in Sometimes it s necessary amp desirable to give a message to a specific user when they log in for example when the user has used too much space o
129. he Box in Skolelinux Debian edu Figure 9 16 KDE print welcome screen FIXME 50 description of image Here you just press Next Figure 9 17 Choose what type of connection you have FIXME 50 description of image Here you choose what kind of connection your printer has I strongly recommend using a network printer so in this case you must choose Network printer TCP then choose Next Figure 9 18 33333333333 FIXME 50 description of image Figure 9 19 33333333333 FIXME 50 description of image Figure 9 20 33333333333 FIXME 50 description of image Figure 9 21 33333333333 FIXME 50 description of image Figure 9 22 33333333333 FIXME 50 description of image Figure 9 23 33333333333 FIXME 50 description of image Figure 9 24 33333333333 FIXME 50 description of image 138 Chapter 9 Services Out of the Box in Skolelinux Debian edu Figure 9 25 33333333333 FIXME 50 description of image Figure 9 26 33333333333 FIXME 50 description of image Figure 9 27 33333333333 FIXME 50 description of image Figure 9 28 33333333333 FIXME 50 description of image Figure 9 29 33333333333 FIXME 50 description of image Figure 9 30 33333333333 FIXME 50 description of image 9 10 DNS 9 11 Apache webserver Skolelinux Debian edu comes with the Apache webserver it almost works out of the bugs It s just one small thing missing telling the configuration file that the users home d
130. he same job One of them kompare can be installed with apt get install kompare see Section 8 9 for how to add new packages kompare has a graphical interface GUI If I start kompare and open the two files in this program this is what I see 124 Chapter 9 Services Out of the Box in Skolelinux Debian edu Figure 9 10 Kompare gui based diff FIXME 62 description of image 9 4 2 Dedicated machine to hold the backups By setting up a machine with a workstation profile Section 2 5 and installing the necessary rdiff applications you can quickly set up a very user friendly and powerful backup machine apt get install rdiff backup ltspserver05 apt get install rdiff backup simulate Reading Package Lists Done Building Dependency Tree Done The following extra packages will be installed librsyncl rdiff rhe following NEW packages will be installed librsyncl rdiff rdiff backup 0 upgraded 3 newly installed 0 to remove and 119 not upgraded Inst librsyncl 0 9 7 1 Debian 3 1r0 stable Inst rdiff 0 9 7 1 Debian 3 1r0 stable Inst rdiff backup 0 13 4 5 Debian 3 1r0 stable Conf librsyncl 0 9 7 1 Debian 3 1r0 stable Conf rdiff 0 9 7 1 Debian 3 1r0 stable Conf rdiff backup 0 13 4 5 Debian 3 1r0 stable ltspserver05 4 apt get install rdiff backup Reading Package Lists Done Building Dependency Tree Done The following extra packages will be installed librsyncl rdiff rhe followin
131. hp Figure 7 3 Fancy Skolelinux Debian edu Boot in Progress Fancy Boot in progress Naturally such a fancy bootup screen is not something you want to use on a server but maybe on a laptop or a normal workstation Note Remember to insert the CD Figure 7 4 Welcome to your new Debian System Welcome to your new Debian System If the machine managed to boot then you should now be greeted by base config which in Skolelinux Debian edu only is a matter of deciding the root password Figure 7 5 The Root Password root password The password you are about to create is the famous root password With this password you will be able to do anything Please read carefully the information provided on screen 57 Chapter 7 The Second Stage of Skolelinux Debian edu Installation Note This text is from skolelinux src rebuilds shadow debian po Before proceeding you need to set a password for root the system administrative account The root password shouldn t be easy to guess and it shouldn t be a word found in the dictionary or a word that could be easily associated with you like your middle name A good password will contain a mixture of letters numbers and punctuation and will be changed at regular intervals The root password is changed by running the passwd program as root Why such caution The root account doesn t have the restrictions that normal user accounts have A malicious or unqualified user with root
132. id getpwuid 1 homedir Suid if S display if fork 0 SENV DISPLAY Sdisplay SENV XAUTHORITY Shomedir Xauthority xec xmessag center timeout S timeout Smessage This script is then saved as xwall p1 and used in the following manner perl xwall pl alarmd 10 Hi You will see this message for 10 seconds Sometimes it can be a bit tricky to find a process that can be used as a keyword that covers all logged in users I have had good experience with using the process alarmd as a keyword Try the command ps auxwlgrep alarm then you will see if this keyword works for you Figure 10 1 Message to Everyone Logged in FIXME 51 description of image 10 3 4 Automatic User Log In Warning This is not smart security wise but very nice if for example you have a Skolelinux Debian edu network at home and you are the only user Be aware that the user in question will be able to log in without being asked to give a password It is possible to automatically log in a specific user on a specific thin client when it gets turned on This is done in the file etc kde3 kdm kdmrc where the following lines are added X 1tsp010 0 Core AutoLoginEnable true AutoLoginUser klaus Here the user klaus gets automatically logged in to the thin client Itsp010 when it gets turned on In order for this to work you need to lock the MAC address to the IP address X 1tsp058 0 Core AutoLoginEnable true
133. if you do this in a network with the profile installed in different machines then you might have to edit some additional files maybe not just haven t tested that Sometimes you need due to the rest of your network to change the ip range that is used for the thinclients The default ip range is 192 168 0 0 24 which according to ipcalc gives this So you see 192 168 0 1 upto 192 168 0 254 Lets assume you prefer to use 172 16 0 0 24 instead tjener ipcalc 172 16 0 0 24 Address 172 16 0 0 10101100 etmask 255 255 255 0 24 11111111 Wildcard 0 0 0 255 00000000 gt etwork 172 16 0 0 24 10101100 HostMin 172 16 0 1 10101100 HostMax 172 16 0 254 10101100 Broadcast 172 16 0 255 10101100 Hosts Net 254 Class B TX tjener apt get install ipcalc tjener ipcalc 192 168 0 0 24 Address 192 168 0 0 11000000 etmask 255 255 255 0 24 11111111 Wildcard 0 0 0 255 00000000 gt etwork 192 168 0 0 24 11000000 1 HostMin 192 168 0 1 11000000 1 HostMax 192 168 0 254 11000000 Broadcast 192 168 0 255 11000000 Hosts Net 254 Class C LO LO 10 LO P 10 101000 ITITLL 00000000 L01000 L01000 L01000 L01000 rivate 00010000 11111111 00000000 00010 00010000 00010 000 000 00010000 Private 0000000 1111111 00000 Ono e 00 00 00 00 Interne 00000 11111 0000000 C3 E 000000 000000 000000
134. in qemu Allowing some users to change password in ldap of other users 2 3 4 5 6 7 8 9 kpackage as gui tool for managing packages Make usbstick work on thinclients Maybe make floppy work on thinclients Make sound work on thinclients Documenting setting up a mail client connecting to postoffice More on the different services of webmin Adding a printer via kprint print Add a section on installing via netboot Should have new gloassry list in each chaper section Installing Skolelinux Debian edu on Fujitsu Siemens SATA based Econell50 and Econell200 using Linux software raid Installing Skolelinux Debian edu on Fujitsu Siemens SCSI based Primergy TX150 TX200 RX300 including monitoring of onboard raid Using digital camera 184
135. ine usr lvm vg system lv usr default 448 4096 meaning that the partition usr will be minimum 448MB big and maximum 4096MB big if the overall harddisk size allows this If you want usr to be 8000MB big then you would edit the line to look like this usr lvm vg system lv usr default 448 8000 If you would like to have a backup partition on a machine installed with the profile Workstation maybe when you have setup a simple backup machine like described in Section 9 4 then you would in VT2 write nano etc autopartkit Workstation table and add this line backup lvm vg system lv backup default 10000 20000 that would create a backup partition withe min max size of 10000MB 20000MB Tip You can of course add delete and change this later as you wish have a look at Section 8 5 51 Chapter 6 The First Stage of Skolelinux Debian edu Installation 6 2 7 The Various Profiles in Skolelinux Debian edu Figure 6 8 The Various Profiles in Skolelinux Debian edu The various profiles Have a look at Section 5 2 for a short description of the various profiles Have a look at the sidebar Keyboard Layout for a brief explanation of the different keyboard keys used during installation You choose the profiles you want to install by placing a mark in front of the desired profile by using the SPACEBAR to place the mark To navigate between the different fields you use TAB and when you are done move to OK and install by pressing ENTER If yo
136. information and administration in Skolelinux Debian edu but now we use LDAP and the utility WLUS and not etc passwd and its accompanying commands such as adduser useradd etc To get access to Webmin point your favourite web browser to the address https tjener intern 10000 dap users https tjener intern 10000 ldap users You can use any webbrowser you want You can also connect a Mac machine and run it from there as long as the machine is within either of the 152 Chapter 11 Useradministration with WLUS in Webmin Skolelinux Debian edu networks 10 0 2 0 23 or one of the 192 168 0 0 24 otherwise you need some advanced portforwarding on your firewall router Note In the rare case that the link above doesn t take you directly to the correct Webmin module Administrate users in Idap but rather to the general Webmin startpage then you find it under the tab System Figure 11 1 Webmin Login Login to Webmin The first thing you see is a dialogue box where you log yourself in as the user root with the password you created during installation see Figure 7 6 If you login as a regular user you may change your own password This is actually the only way a users password should be changed do not use the command passwd to change a users password Warning Never let the webbrowser remember this password Figure 11 2 Welcome Screen Webmin LDAP User Simple WLUS Opening screen of Webmin LDAP User Simple WLUS After
137. ing c10 10 0 2 1 or alternatively try to ping the main server from Coyote Linux with the command ping c10 10 0 2 2 4 When you get an answer like ping c10 10 0 2 1 PING 10 0 2 1 10 0 2 1 56 data bytes 64 bytes from 10 0 2 1 icmp seq 0 ttl1 263 time 0 6 ms 64 bytes from 10 0 2 1 icmp seq 1 ttl1 263 time 0 3 ms 64 bytes from 10 0 2 1 icmp seq 2 ttl 263 time 0 3 ms then you have found the network card on the Coyote Linux that is to be labelled as LAN Then we know that the other network card is WAN This procedure will only work as long as you have managed to configure the LAN network card properly as indicated during boot by the line LAN network UP Note It s normal that you see WAN network down at this point since you have booted without any cables in the network cards Once you have determined the role of each network card then you reboot with all the cables connected 24 Chapter 3 Firewall Router for Skolelinux Debian edu Different Names Used for the network cards The two network cards are called various names in Coyote Linux It s a bit confusing and inconsistent Here is an overview Table 3 1 The Various Names Used for the network cards in Coyote Linux This one goes to the existing Internet eth1 WAN network This one goes to the LAN network thO LAN Skolelinux Debian edu network Boot your Coyote Linux making sure the Coyote Linux floppy is in the floppy dri
138. ing Which Package a File Came From If you want to know which package a specific package came from the command dpkg search filename will help you find out tjener dpkg search etc opera6rc fixed opera etc opera6rc fixed 8 9 11 1 Unpacking the Files from a Package Without Installing Them Maybe you have accidentally erased an important systems file and you do not have any backup of it What then If you use the command dpkg search filename you will find out which package the file originally comes from That way you can unpack the package and get back the missing systems file First you have to get the relevant deb package When you have done that you place it in the tmp directory You unpack the files in that directory with the command dpkg vextract packagename tmp which will then create the necessary directories in the tmp directory and then place the files there Warning Never unpack the package directly in the root directory 8 9 12 Making Your Own Local Mirror for Deb Packages There are some packages which I often install as well as some packages that I wish I didn t have to download from the Internet every time Even if the command apt get makes it easier to install packages from the Internet unfortunately apt get won t increase the speed of my Internet connection However I 111 Chapter 8 Fine tuning can use apt get to make my own mirror of the packages that I have downloaded
139. ing this new information to a file and then adding the contents of this file to our LDAP database Let s call this file root video 1dif with these contents 82 Chapter 8 Fine tuning dn cn video ou tjener ou skole ou Automount dc skole dc skolelinux dc no objectClass top objectClass automount cn video automountInformation rw rsize 8192 wsize 8192 intr tjener skole video description skole video mount point This is the info that you want to add like this etc init d slapd stop etc init d nscd stop slapadd l root video ldif etc init d slapd start etc init d nscd start In addition this partition must be added to the export file by adding the following line to the file etc exports skole video ltsp server hosts rw async workstation hosts rw async server hosts rw asy After that you must run exportfs ra 8 5 9 Adding a New Disk to LVM in Skolelinux Debian edu Hook up the new disk to the system In this example it becomes dev hdb and we will add it to the volume group vg_data We will add the whole disk without partitioning it first First lets use the command pvscan to se what we have tjener dev pvscan PV dev hda6 VG vg data lvm2 1 94 GB 800 00 MB free PV dev hda5 VG vg system lvm2 2 73 GB 692 00 MB free Total 2 4 67 GB in use 2 4 67 GB in no VG O 0 Then we create a volume group descriptor on the disk using the command pvcreate tjener dev pvcreate dev hd
140. irectory is not in home but rather in skole t jener homeO This has been reported as a bug see bug 639 http bugs skolelinux no show_bug cgi id 639 You must fix the config file etc apache httpd conf at about line 342 replace home public html with 139 Chapter 9 Services Out of the Box in Skolelinux Debian edu skole tjener home0 public html Then Apache must be restarted etc init d apache restart Then make sure the the user has a directory called public html with permissions 775 mkdir username public html chmod 755 username public html If you don t feel like manually creating these public html directories then you can add them to usr share webmin ldap users createhomedir like this Make directory for public_html files readable for everybody mkdir homedir public html chmod 0775 homedir public html have a look at default directories for your users If you already have created your users this little one liner will create public html for all users for dir in getent passwd grep home Icut d f6 do mkdir dir public html chmod 775 dir public html chown reference dir dir dir public html done Once the Apache config file has been fixed and the user has a directory public html with correct permissions then it s time to create a html file save itin public html and see if this works Create a document in e g OpenOffice org save it in html format and save it i
141. java libgnujaxp jni libneon24 libnspr4 libnss3 libsndfilel libwpd8 libxt java openoffice openoffice org core openoffice org draw openoffice org impress openoffice org java common openoffic openoffice org ll10n en us openoffice org 110n es openoffice org 110n nl openoffice org math openoff Suggested packages libservlet2 2 java libservlet2 3 java openoffice org help ooqstart gnome oooqs kde unixodbc ttf dej openoffice org2 thesaurus msttcorefonts openoffice org gnome mozilla browser openoffice org officeb openoffice org filter so52 openclipart openoffice org openoffice org thesaurus openoffice org mimeli odbc postgresql tdsodbc mdbtools libmysql java libpg java libsapdbc java kaddressbook openoffice or openoffice org help ca 2 0 1 openoffice org thesaurus ca openoffice org help ca openoffice org hyph openoffice org help de 2 0 1 openoffice org thesaurus de openoffice org help de openoffice org hyph openoffice org help el 2 0 1 openoffice org thesaurus el myspell dictionary en us openoffice org hy openoffice org help en us 2 0 1 openoffice org hyphenation es openoffice org2 thesaurus es openoffi openoffice org hyphenation fr openoffice org2 thesaurus fr openoffice org help fr 2 0 1 openoffice openoffice org2 thesaurus nb openoffice org help nb 2 0 1 openoffice org thesaurus nb openoffice or openoffice org hyphenation nl openoffice org2 thesaurus nl openoffice org help nl 2 0 1 openoffice openoffice org hyphenation nn openoffice org2 thesaurus nn op
142. key The minus key is placed 2 keys to the left of BACKSPACE The underscore key is SHIFT plus the minus key Figure 6 3 Keyboard with US layout as seen from somewhere within Gnome controlpanel US keyboard layout 6 2 2 Choosing language Figure 6 4 Choosing Language Choose language Here you must choose the language you want to use during installation This language will be the pre selected language for the all users This doesn t exclude the use of any of the other available and supported languages in Skolelinux Debian edu If you later want to change the default pre selected language have a look at the files etc environment etc kde3 system kdeglobals opt ltsp i386 etc lts conf and etc X11 XF86Config 4 and the command update locale config The command man update locale config will give you more information about this command and supported languages The command dpkg reconfigure locales might also be helpful Notice to the right in this screenshot the sign This indicates that there is more text available but that it s not possible to display all of it in one screen Use the Arrow UP DOWN or PageDown and PageUp keys to scroll through the whole text At this point in the installation it s possible to jump to a Virtual Terminal VT with the key combination ALT Arrow LEFT RIGHT or ALT F1 F2 F3 F4 On F2 you have a VT where you can edit files during installation 6 2 3 Virtual terminal VT Sometimes it s neces
143. l these options are specified in the file opt 1tsp 1386 etc lts conf but you need to assign each thin client a static IP address You do this by adding the MAC address of the network card in your thin client all done in the file etc dhcp3 dhcpd conf There is also a Webmin module for this operation https tjener intern 10000 dhcpd3 index cgi 8 7 1 Assigning a thinclient a Static IP address 8 7 2 Creating Etherboot ROM Images for Ordinary non PXE network cards I strongly advise you to use PXE cards which eliminate the need for the use of failure prone media such as floppy disks But if you have to use floppy disks to boot your thin clients then there are some small tricks to learn The floppy disks you need are ready and available for download at rom o matic com http rom o matic com The latest stable version that is known to work well with Skolelinux Debian edu is 5 0 11 which is the recommended one There are two things you need to do 90 Chapter 8 Fine tuning Find the correct ROM for your network card There are over 250 on the list of available network cards which makes the whole point of PXE very appealing Once you have managed to find the correct ROM for your network card you need to put it on a floppy disk on a Linux machine as root cat eb 5 2 5 yournic zdsk gt dev fd0 8 7 3 Special Floppy Disk with Support for 30 network cards This floppy disk image contains the ROM for the 30 most popular a
144. le after you have pressed Run Figure 8 1 run command run command you should see a white windowapplication that is konsole Figure 8 2 konsole konsole Notice the square that means you are running this konsole as root user if you run konsole as an ordinary user you wouldn t have the square there but a dollar sign Note The behaviour of the so called bash prompt can be changed via the file bashrc If you change the line export PS1 h w into the line export PS1 FUSI h w then the prompt would look like this FUSI tjener instead of 64 Chapter 8 Fine tuning tjener this first comes into effect next time you start konsole For more fun you can do with the bash prompt have a look at http www tidp org HOWTO Bash Prompt HOWTO From this commandline you can do all you need to do but in most cases that can also be achieved via some GUI based program 8 2 How to Edit System Configuration Files 8 2 1 How to Edit System Configuration Files with kwrite It s often nice to be able to edit system configuration files like with GRUB or bothersome videocard For this purpose you need a tool a text editor We do not use things such as bold underlining or fancy fonts in these files so for this purpose we don t need a huge fancy application There are already several such applications installed with your Skolelinux Debian edu system Some of these are command line based vi vim nano
145. led what kind of icon is used etc For example if you want everyone to have the icon for OpenOffice org on their desktop as a shortcut the file in this case is called textdoc desktop then you have to do the following as root A File Distributed to All Users Simultaneously First you have to manually add this shortcut to the desktop of one user for example the user test The shortcut will then be found in the directory Skole tjener home0 test Desktop textdoc desktop The next thing you do is create a script that does the following 1 Copies the file textdoc desktop over to theDeskt op directory for all of your users 2 Ensures that the permissions for this file are correct that is they are set up so that they are owned by the user and not by root bin sh Saved as e g spread desktop used as follows spread desktop path to target desktop remember to make the script executeable with chmod 755 spread desktop If the users are stored somewhere other than home0 then you must change the variable HOMEDIRS below accordingly If your home directories are in different directories on Skole tjener home0 e g skole tjener home0 2004 A then you need to add them all to HOMEDIRS using the spacebar to separate them For example HOMEDIRS skole tjener home0 2004 B skole tjener home0 2004 A HOMEDIRS skole tjener home0 If there is a Desktop directory then we copy into i
146. ll of the driver modules for network cards are also listed tjener coyote ls data kernel drivers 3c501 0 ethl6i o ne o 3c503 o ewrk3 o ni5010 o 3050570 fealnx o ni52 0 3c507 0 forcedeth o ni65 o 3c509 0 hp100 0o pcnet32 o 3c515 0 hp o ppp_async o 3c59x o hp plus o ppp deflate o 8139cp o ip conntrack amanda o ppp generic o 8139too o ip conntrack egg o pppoe o 82596 0 ip conntrack ftp o pppox o 8390 0 ip conntrack h323 o ppp synctty o ac3200 o ip conntrack irc o sch Htb o amd8111e o ip conntrack mms o Sch ingress o at1700 0 ip conntrack quake3 o sch sfq o b44 0 ip conntrack rtsp o sis900 o bridge o ip conntrack tftp o slhc o bsd comp o ip nat amanda o smc9194 0 cls_fw o ip_nat_cuseeme o smc ultra o cls u32 o ip nat ftp o softdog o cs89x0 o6 ip nat h323 o starfire o de4x5 0o ip nat irc o sundance o depca o ip nat mms o tlan o dgrs o ip nat quake3 o tulip o dmfe o ip nat rtsp o typhoon o e100 0 ip nat tftp o via rhine o e2100 0 lance o wd o eeprol00 0 1p486e o winbond 840 0 eepro o mii o zlib deflate o eexpress o natsemi o zlib inflate o epicli00 o ne2k pci o 3 12 2 The Special Case of 3Com 509 ISA network card This is a very popular network card My Coyote Linux has two of them both produced in 1989 and running continuously for about 3 years in my Coyote Linux Once you have managed to get them running they will probably run for a long time It s just a bit difficult sometimes to get them running They are IS
147. ly choose option 1 c Configuring system for Ethernet based Internet connection By default Coyote uses the following settings for the local network interface IP Address 192 168 0 1 Netmask 299 299220950 17 Chapter 3 Firewall Router for Skolelinux Debian edu Broadcast 192 168 0 255 etwork 192 168 0 0 Would you like to change these settings Y N y Enter local IP Address 192 168 0 1 10 0 2 1 Enter local Netmask 255 255 255 0 255 255 254 0 Enter local Broadcast 192 168 0 255 10 0 3 255 Enter local network number 192 168 0 0 10 0 2 0 These network settings for the local network must be changed see A If you use my version of Coyote Linux from http www skolelinux no klaus coyote 2 24 slx tar gz http www skolelinux no kl aus coyote 2 24 slx tar gz then you will see this screen where the correct network values already is there IP Address 10 0 2 1 Netmask 255 255 254 0 Broadcast 10 0 3 255 Network 10 0 2 0 Does your Internet connection get its IP via DHCP y n Answer yes y or no n according to you network configuration If you do not get IP via DHCP you need to fill in some information Pleas nter the information for your static IP configuration Internet IP Address Internet Subnet Mask 255 255 255 0 Internet Broadcast Enter Default Internet Gateway Address Domain Name DNS Server 1 DNS Server 2 optional f Enter your DHCP hostname
148. ly line without a sign in the front is the line that says to use the cdrom that you used during installation No other reservoir are activated The first thing you should do is to activate the line that enables security upgrades then some more reservoirs so that you can install additional packages For a start you can make it look like this deb file cdrom sarge main local deb cdrom Debian GNU Linux edu _Sarge_ Unofficial i386 Binary 1 20050808 unstable c deb http security debian org stable updates main contrib non free deb LE http based apt source http security debian org sarge updates main contrib non free U h deb http ftp debian org debian sarge main contrib non free h h se by uncommenting either http or ftp NOT both deb deb ftp based apt source deb ftp ftp debian org debian sarge main contrib non free ttp non us debian org debian non US sarge non US main contrib non free ttp ftp skolelinux no skolelinux sarge local deb ftp non us debian org debian non US sarge non US main contrib non free deb ftp ftp skolelinux no skolelinux sarge local Notice that I placed a sign in front of the line containing deb cdrom no need to install from cdrom when you have it available from the Internet If you add new lines to this file then you have to update the database that contains information about what is available See Chapter 13 for other lines that yo
149. n After that you can install it with JLinux SMART Board Software bin 172 Appendix C Smarttech Touchboard You may see a message complaining that you haven t installed the package libstdc 2 9 glibc2 1 If so you can install that with this command apt get install libstdc 2 9 glibce2 1 The board is usually connected to the computer via the serial port dev tts 0 To start with the port is set up this way stat dev tts 0 File dev tts 0 Size 0 Blocks 0 IO Block 1024 Character Device Device 6h 6d Inode 347 Links 1 Device type 4 40 Access 0660 crw rw Uid 0 root Gid 20 dialout Access Thu Jan 1 01 00 00 1970 Modify Wed Feb 4 16 00 48 2004 Change Wed Feb 4 15 56 32 2004 which means that normal users cannot use it A simple but temporary solution which is gone as soon as you restart the machine is chmod 0666 dev tts 0 If you want to make the change permanent you need to use your favorite text editor to change a line in the file etc devfs perms By changing this line REGISTER tts cua S PERMISSIONS root dialout 0660 to REGISTER tts cua PERMISSIONS root dialout 0666 the serial port will be accessible to all users If you aren t comfortable with having absolutely everybody being able to use the serial port you can establish a group and then add to that group those users whom you want to be able to use the SMARTBoard C 1 1 SmartBoard Icons
150. n the directory public html under the name index html If everything works you should be able to see that file in the url http tjener intern username 140 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 12 syslog server Warning Be aware that of the fact that the logfiles sometimes can become really really huge and since they are placed in the directory var 1og which has limited space they might fill up this partition 10096 and then you will see services such as dhcp server proxy server ldap authentication simply stop functioning since they can t write to any logfile Therefor make sure var 1log is big enough for all your logfiles If var log suddenly becomes 100 full then you can either resize it according to resize of vg system lv var or if you are in a hurry delete some old logfiles Look for files in var 1og with the a numeric extension like syslog 0 these files can be deleted of course any information they might contain will be lost quick way to find 10 potential big files in var 1og is done like this tjener cd var log tjener var log ls lrSh tail n 10 rw r r root root 255K 2005 10 26 base config log 1 rw r roo adm 561K 2006 04 19 i syslog 0 rw r roo adm 694K 2006 04 19 i syslog rw r roo adm 702K 2006 04 19 daemon log rw r roo adm 805K 2006 04 16 daemon log 0 rw r roo adm 11M 2006 03 03 06 25 Hebug 4 ogz rw r roo adm 12M 2006 03 03
151. n the hard drive This is done by adding a few lines to the file etc X11 Xsession if e usr local message SUSER then exec usr X11R6 bin xmessage file usr local message SUSER amp Lg By creating a file with the name klaus in the directory usr local message then this file will be shown when the user klaus logs in 10 3 3 Giving a Message to All Users That are Logged on Warning This has not yet been verified to work with Sarge If you have a machine where you have installed both main server and thin client server then you can use a little Perl script to give a message to all users that are logged on usr bin perl w if ARGV 3 print Use n txwall pl keyword time message n print t keyword is the word you search with n print t time is the time in seconds you want the message to be visible n print t message is the message should be written inside quotation marks n exit 1 SSIG CHLD IGNORE in the unlikely event a child exits before the parent my procmatch timeout message SARGV 0 SARGV 1 SARGV 2 foreach Spid split s bin pidof procmatch my Sdisplay xauthority Shomedir foreach envvar split 00 cat proc pid environ if Senvvar DISPLAY Sdisplay 1 147 Chapter 10 Special Adaptations for your Users foreach Svar split Nn cat proc pid status if var Uid s d st my Qu
152. n the machine running the mainserver profile If you want access to peripherals such as CD DVD players burners digital cameras scanners then this is the profile you want to install Thin client server Machines running the thin client server profile are able to accept thin client connections This profile also includes the workstation profile To prevent network congestion machines running this profile need to have two network cards All three profiles named so far main server workstation and thin client server can be installed on the same machine This profile also includes the profile workstation Main server thin client server including workstation This combination of profiles also called a combi profile makes it possible to setup a complete Skolelinux Debian edu network with Workstations and thinclients using only one server This is an acceptable solution if you only intend to run a small Skolelinux Debian edu network maybe about 10 15 thin clients and a few workstations For bigger installations this is definitely not advisable Main server workstation This combination of profiles mainly gives you a main server with a GUI If you don t like the idea of administering your main server from the command line then this is the combination you should choose Note These two profiles standalone and standalone extras are not a part of the Skolelinux Debian edu network For this reason will not yet deal with
153. nd also the old password in the field Old Password and also do not forget to press Commit User Data Changes Figure 11 18 Change was successful FIXME 89 description of image Look out for the feedback written in red at the top saying Change was successful If you don t see this something went wrong 11 1 6 Changing a User s Password from the Command Line You can change the password for a user from the command line if you know the person s username usr share debian edu config tools passwd username You will be asked to type in a new password twice and then finally you must type in the LDAP administrator password 11 1 7 Changing the LDAP Admin Password In order to make changes in LDAP such as adding users changing passwords etc you must give a password the so called LDAP admin password This password is created during installation see Figure 7 6 This password is one of 2 administrative passwords The other is the root password see Figure 7 6 which also is the one you use to login to Webmin with The LDAP admin password is changed from the command line with this command usr share debian edu config tools passwd admin Then you will be asked to provide the new password twice as well as to type in the old one 159 Chapter 11 Useradministration with WLUS in Webmin usr share debian edu config tools passwd admin Enter new password for user admin Reenter new password Enter bind password 11 1 8
154. nd instructions there as to how this script should be started It is started by creating a so called flag file with the command tjener touch etc debian edu limit logins D 2 1 Kicking Out a User Sometimes it is necessary to kick a user out This is the little script that takes care of that logoutkill sh The script is already installed on your server and is used in this way to kick out the user named klaus usr share debian edu config tools logoutkill sh klaus 177 Appendix D Various Homemade Solutions D 3 Ensuring that all Processes Programs are Really Finished When Logging Out It s a bit of a problem when OpenOffice org often freezes when ending the program even after the user has logged out It seems as if shutting off OpenOffice by clicking on the x up in the right corner doesn t really do the job right And if OpenOffice freezes that way it may not start again when the next user logs on There is a way to ensure that all processes really are finished when a user logs out Ensuring that all Processes are Finished This is the script that does the job It is already installed on your server and is called 1ogoutkill sh To make sure that this script is run every time the user logs out use a text editor to add this line usr share debian edu config tools logoutkill sh SUSER to the file etc kde3 kdm Xreset in such a way that it looks like this afterwards bin sh Xreset run as root after session e
155. nd widely used network cards which means that there is a big chance that you don t need to fiddle around trying to figure out what kind of network card you have This floppy disk is a part of the project Thinstation http sourceforge net projects thinstation from there you download Universal boot floppy The file you have downloaded should be BootDisk522b zip In Windows you use a zip program to unpack it In Skolelinux Debian edu you unpack it with unzip BootDisk522b zip you may need to install unzip apt get install unzip While unzipping the file you should see something like this tjener BootDisk522b zipunzip BootDisk522b zip Archive BootDisk522b zip inflating rawrite2 exe inflating ebnet522 dsk inflating Readme txt In the file Readme t xt you will find detailed information about how the universal boot floppy is made together with how you can make one yourself As root you can make one with the command cp ebnet522 dsk dev fd0 8 7 4 Using the MAC Address to Assign a Fixed IP Number to a Thin Client In order to be able to specially customize your various thin clients you have to be able to identify each of them separately You can do this with the help of each thin client s network card and its unique MAC address which every network card has Most but not all network cards have their respective MAC addresses printed on them somewhere It often looks something like 0000864A585A or 00 00 86 4A 58 5A or
156. ng The hardware specifications listed here are based on my own experience your mileage may vary 2 4 The Thin Client The function of this profile is further described in Section 5 2 You need a machine with a video card that is possible to configure automatically otherwise you must manually configure the video card by hand You do not want to use old onboard ISA based video cards they are just trouble You want to have a network card that is capable of a so called PXE boot That means you won t need to make any boot floppies for the thin client which is a bothersome thing Boot floppies are bothersome to create and they get lost You need them every time you boot the thin client With a PXE card it s just plug amp play you turn on the machine and that s it PXE network cards do cost a little bit more than normal network cards but they re worth it definitely My Experience Says I ve too often seen that the money saved by not buying PXE network cards is wasted many times when trying to get ordinary network cards to work in thin clients As a minimum I recommend that you buy a couple of them just to test and to use when you just want to get a thin client up and running quickly If you don t have PXE network cards you must create boot floppies for your cards You should first have a look at Section 8 7 3 that is a kind of universal boot floppy with support for the 30 most common network cards If that one doesn
157. nsIKT schools 36 Chapter 3 Firewall Router for Skolelinux Debian edu Due to a strange network policy at the Department of Education in Oslo you must make the following changes at your mainserver In the file etc bind named conf change the following stanza def ee change it to hf forwarders th By special request from the good people insid Oslo 193 156 192 40 193 156 192 50 Dept of Education in Oslo end of block 0 0 0 0 un forwarders Dept of By special request from the good people insid Oslo 193 156 192 40 193 156 192 50 Dept of Education in Oslo end of block 0 0 0 0 That means removing the comment slashes in front of forwarders th Dept of Education in Education in If you don t do this you will not be able to connect to the Internet due to DNS problems and some BSD network guy at the Department of Education will bite your head off After you have made this change in etc bind named conf you must restart bind with etc init d bind9 restart Telenor ADSL Norway H gskolen i Oslo Oslo College You must make the same bind changes as with the Department of Education Oslo 37 Chapter 3 Firewall Router for Skolelinux Debian edu 3 12 Supported network card and Driver Modules Used 3 12 1 Supported network card and Driver Modules Used This is the list of driver modules included with Coyote Linux A
158. nstaller http wiki debian org DebianInstallerGUD 2 No matter which language you use during installation your users can choose another language French German English Spanish etc 3 For the brave and foolish there is always a way If you answer no here two times you will be taken to a menu like in expert mode see Section 6 2 1 3 where you can manually partition the harddisk This is done with partman use the c able files in etc autopartkit for reference 53 Chapter 7 The Second Stage of Skolelinux Debian edu Installation 7 1 Second Stage The installation of Skolelinux Debian edu is divided into two stages referred to as firststage and secondstage The first stage starts when the machine boots from the Skolelinux Debian edu CD and ends at the first reboot The second stage starts when the machine boots from GRUB and ends when the installation is finished and the machine reboots for all services to properly restart It s in the second stage that you type the root password firststage usually takes about 10 minutes on a relatively fast machine while secondstage takes a bit more time about 15 45 minutes Note The second stage of the Skolelinux Debian edu installation starts now Figure 7 1 Starting Skolelinux Debian edu from the Hard Drive with GRUB FIXME 30 description of image Notice the countdown in the last line in this screenshot GRUB is configured to automatically boot Skolelinux Debian edu a
159. ntserver works Everything that happens during installation is logged in the file var log installer 1log There is also plenty of useful information logged in the files in var 10g debian installer When you need help with a problem that has occurred during installation these files are very handy to have ready for diagnosing the problem Always include instaler log in your bug reports See Chapter 1 to get help If you use a different monitor during installation than the machine normally will use you might have to reconfigure the xserver one fast way of doing that is with the commands xdebconfigurator and dexconf Like this tjener xdebconfigurator usr sbin ddcprobe NOT found usr sbin de VIDEO CARD VIDEO CARD Cirrus EVICE tect NOT Logic GD 5446 found VIDEO DRIVE cirrus D VIDEO CARD VENDOR R R VIDEO DRIVE VIDEO EMORY POSSIBLE XSERVER xfree86 XSERVER 3 XSERVER 4 xfree86 BIAN PACKAGE xserver xfree86 USE DEVICE dev psaux USE PROTOCOL PS 2 USE WHEEL 0 YBOARD RULES xfree86 R Xdebc Monitor ITOR ID GGESTED METHOD Simple ITOR SIZE 15 inches 380 mm ITOR HOR SYNC 28 50 SRC discover is OOGdOoOoHOOO tH H O 2 n 60 Chapter 7 The Second Stage of Skolelinux Debian edu Installation MONITOR VER REFR 43 75 MONITOR MODES 1024x
160. nux Debian edu 3 1 Hardware A short summary of needed hardware for making Coyote Linux for Skolelinux Debian edu 3 1 1 The Latest Version of Coyote Linux Coyote Linux is a product that did undergo continuously development with several new releases each year it is now discontinued see Coyote Linux Floppy Firewall Development Discontinued http www coyotelinux com news php article 202 But I do feel that the last version 2 24 should be useful for quit some time 3 2 Placement of the firewall router in a Skolelinux Debian edu Network Note Although keep mentioning the necessary firewall router and Coyote Linux in the same sentences that doesn t mean that you must use Coyote Linux for this purpose You can use a dedicated router from any commercial manufacturer you like or something similar to Coyote Linux such as FloppyFirewall Gibraltar MOnOwall or even Debian It s just that personally prefer Coyote Linux You must just remember that whatever firewall router you use it must be configured like A The firewall router has a defined role in the Skolelinux Debian edu network Without it the network will not function optimally Coyote Linux has two network cards each having different roles One network card is to be connected to the existing network so that it gets connected to the Internet In Coyote Linux this network interface is called WAN eth1 Internet The other card which is to be connected to your Skolelinux Debian
161. o 0 0 9 1 Reading database 32924 files and directories currently installed Preparing to replace webmin slbackup 0 0 10 1 using webmin slbackup 0 0 9 1 all deb Unpacking replacement webmin slbackup Setting up webmin slbackup 0 0 9 1 8 9 9 Installing a Package with the Help of dpkg Sometimes you want to manually download a package from somewhere such as from Opera s web page Then you get a so called deb package in your own home directory You can install it by using the command dpkg i lt gt If you first want to do a simulation run the command dpkg no act i lt packagename gt tjener dpkg install no act opera 8 51 20051114 5 shared qt en sarge i386 deb Selecting previously deselected package opera Reading database 32924 files and directories currently installed Unpacking opera from opera 8 51 20051114 5 shared qt en sarge i386 deb tjener dpkg install opera 8 51 20051114 5 shared qt en sarge i386 deb Selecting previously deselected package opera Reading database 32924 files and directories currently installed Unpacking opera from opera 8 51 20051114 5 shared qt en sarge i386 deb dpkg dependency problems prevent configuration of opera opera depends on libqt3cl02 mt however Package libqt3c102 mt is not installed dpkg error processing opera install dependency problems leaving unconfigured Errors wer ncountered while processing oper
162. o mouse You use TAB button to move between fields and the SPACE button to make a selection and to remove a selection you use the UP DOWN LEFT RIGHT arrows to move up and down in a selection list You use ENTER to continue Have a look at the keyboard layout image in Section 6 2 1 3 for an overview of the placement of these buttons Figure 6 1 Starting up Skolelinux Debian edu from the CD Installation welcome screen There s not that much to do here at least not under normal circumstances other than pressing ENTER Although you might want to investigate the possible different boot options you can use 6 2 1 Different bootoptions Under certain circumstances it might be useful to know about some of the different bootoptions you can use when installing Skolelinux Debian edu 6 2 1 1 Reduce the amount of visible ram to the installer The automatic partitioning that is used in Skolelinux Debian edu creates a swap partition equal to 2 times the visible amount of ram if you have 900MB or more of ram then that swap files becomes 1800MB in size If this in your opinion is a waste of harddrive then you can use the boot option mem Press F1 for help or Enter to boot linux mem 256m 47 Chapter 6 The First Stage of Skolelinux Debian edu Installation 6 2 1 2 Use a 2 6 kernel for better hardware support especially for SATA disks If you have a machine with some very new hardware you might want to use a 2 6 kernel which cont
163. of the Box in Skolelinux Debian edu If you want to edit any of the mac ip address for workstations then you must use the url https tjener intern 10000 9 7 3 Printers host printer00 hardware ethernet 00 00 00 00 00 00 fixed address printer00 host printer01 hardware ethernet 00 00 00 00 00 00 fixed address printer01 Note Printers should be attached to the networkcard with the name ethO if you have a combi server or to the same switch as other servers It is defined in the configuration of bind and that the name printerOO translates to the ip address 10 0 2 30 and same with the name printer01 translating to 10 0 2 31 If you want to edit any of the mac ip address for printers then you must use the url https tjener intern 10000 Note Obviously if you must place your printer in a thinclient network e g ip range 192 168 0 0 24 then you must add it s mac address under the stanza belonging to the thinclients 9 7 4 Thin Client Servers group host ltspserver00 hardware ethernet 00 00 00 00 00 00 fixed address ltspserver00 If you want to edit any of the mac ip address for thinclientserver then you must use the url https tjener intern 10000 134 Chapter 9 Services Out of the Box in Skolelinux Debian edu 9 7 5 Changing the ip range used by thinclients on networkcard eth1 Note In this example the machine is a Combi server one with both the profiler Main server and Thinclient server installed
164. onf etc default autofs N etc init d autofs etc ldap etc pam ldap conf etc auto master It s almost the same way for copying these files from the Skolelinux Debian edu machine means one long line tar zcvf skolelinux ldap autofs tgz etc pam d etc nsswitch conf N etc libnss ldap conf etc nscd conf etc default autofs N etc init d autofs etc ldap etc pam ldap conf etc auto master Transfer this archive Skolelinux ldap autofs tgz over to the Ubuntu machine somehow maybe with scp scp skolelinux ldap autofs tgz username ubuntumachine Become root then unpack the archive skolelinux ldap autofs tgz tar zvxf skolelinux ldap autofs tgz C Create the automount point on Ubuntu mkdir skole Unless you add your Ubuntu machine to the Skolelinux debian edu netgroups it s won t be able to mount your home dirs have a look at http www skolelinux no klaus newnotater x2097 html When this is all done reboot the Ubuntu machine When it starts again you should be able to verify that ldap is working in Ubuntu by running getent passwd and seeing all your Skolelinux debian edu ldap users Running su username 169 Appendix A Integration of Other Linux Distributions into Skolelinux Debian edu with ldap and autofs should let you become that user and that users home dir should now automatically be mounted from Skolelinux debian edu You should now be able to login with you username
165. ons even passing SSH it s nice to be able to use port forwarding and that way still get past Coyote Linux with incoming SSH connection to the Skolelinux Debian edu network With this port forwarding rule Yes TCP Any 22 10 0 2 2 22 No SSH straight into Mainserver all SSH connections coming to Coyote Linux will be redirected to the Skolelinux Debian edu main server If this is advisable in your network you must decide Simplified Firewall Configuration Here you can setup and configure the firewall rules in Coyote Linux There are plenty of ready made rules that you can use as examples Advanced Firewall Configuration lt QOS Configuration Here you can setup bandwidth limitations System password Here you can change the root password also known as the system password in Coyote Linux just like you did using the command line in Section 3 6 Configuration files This is the files that contains all your configurations Diagnostic tools Here you have useful tools such as ping gateway test DNS server test status of network Backup now If you have made any changes in Coyote Linux then you must remember to write them to floppy by choosing this Main Menu item otherwise your changes will be gone when you reboot Coyote Linux There is a red warning at the bottom of the screen whenever you make changes to Coyote Linux without having them written to the floppy 30 Chapter 3 Firewall Router for Skolelinux Debian edu
166. oot grub menu lst To set a password on GRUB you open the file boot grub menu 1st with your favourite editor and add the options password and lock in appropriate places like password md5 1 xZBDTO0 8uoCO9XOGpBeXKnhUOU5A title Debian GNU Linux kernel 2 6 8 2 386 root hd0 0 kernel boot vmlinuz 2 6 8 2 386 root dev hdal ro initrd boot initrd img 2 6 8 2 386 savedefault boot title Debian GNU Linux kernel 2 6 8 2 386 recovery mode lock root hd0 0 kernel boot vmlinuz 2 6 8 2 386 root dev hqa1 ro single initrd boot initrd img 2 6 8 2 386 savedefault boot In this example it s not possible to boot any other kernel than the normal kernel Starting the GRUB command line is also not possible without first providing the password of course not in encrypted form Remember to put appropriate access rights on the file boot grub menu l1st SO that ordinary users can t read it chmod 600 boot grub menu Ist 56 Chapter 7 The Second Stage of Skolelinux Debian edu Installation Figure 7 2 Skolelinux Debian edu Boot in Progress Boot in progress While booting Skolelinux Debian edu you will see a lot of seemingly cryptic messages scrolling by on your screen These are useful messages from the Linux kernel It is perfectly possible to hide these seemingly cryptic messages behind a nice image that is accomplished with the application splashy see splashy http splashy alioth debian org wiki doku p
167. opy sbm bin to a floppy That will not work You have to use the utility rawrite For further information about what SBM is you should read the file README sbm you ll find that file in the directory install as well If you have a running Linux system then you mount your CD and transfer sbm bin with the command mount cdrom dd if cdrom install sbm bin of dev fd0 You may need to change the mount point used for your CD ROM and possibly also for the floppy Once you have managed to create a bootable SMB floppy this is what greets you Figure 5 1 SMB greeting screen SMB greeting screen Under normal circumstances you may now just use the DOWN UP arrow on your keyboard to choose CD ROM end then just press ENTER It doesn t matter whether you answer yes or no to the question about saving the changes 42 Chapter 5 Skolelinux Debian edu Installation Figure 5 2 Saving changes Saving changes Figure 5 3 System settings System settings If you don t see any cd rom entries then you might have to rescan you computer for it Press TAB to get the SBM menu choose System Settings then Rescan all boot records Figure 5 4 Rescan all boot records Rescan all boot records Further info about SMB Smart Boot Manager can be found at the projects homepage http btmgr webframe org 5 2 A Short Description of the Profiles in Skolelinux Debian edu Note The profile description you see during installation lik
168. or 3 left open File descriptor 4 left open File descriptor 5 left open File descriptor 6 left open File descriptor 7 left open Finding all volume groups Finding volume group vg data Finding volume group vg system Searching for GRUB installation directory found boot grub Testing for an existing GRUB menu list file found boot grub menu lst Searching for splash image none found skipping Found kernel boot vmlinuz 2 6 8 2 686 smp Found kernel boot vmlinuz 2 6 8 2 386 Updating boot grub menu lst done Setting up kernel image 2 6 686 smp 101 You see here that I asked for the installation of kernel image 2 6 686 smp and it automatically translated that into installing kernel kernel image 2 6 8 2 686 smp and it also suggests some other packages to install You Need to Reboot In order for the newly installed kernel to be taken into use you must reboot This is the only time you ever need to reboot your Skolelinux Debian edu machine while installing other programs There is no need for a reboot except when installing a new kernel After you have installed a SMP enabled kernel and have rebooted your machine you can use the commands free and cat proc cpuinfo to see if the newly installed kernel sees all of your processors and RAM ltspserver00 free total used free shared buffers cached Mem 4074752 4045556 29196 0 339248 2327780 buffers cache 1378528 2696224 Swap 1835000 5852 18291
169. or Ivreduce says it all tjener man lvreduce lvreduce allows you to reduce the size of a logical voflume Be careful when reducing a logical volume s size because data in the reduced part Se Ao sitet al You should therefore ensure that any filesystem Jon the volume is resized before running lvreduce so that the extents hat are to be removed are not in use Tip You should definitely supplement this short introduction to Ivm with the full in depth documentation on LVM which is available from The Linux Documentation Project http www tldp org under the link LYM HOWTO http www tldp org HOWTO LVM HOWTO At the moment there are 7 partitions of the lvm type in Skolelinux Debian edu They are grouped in two different vg s vg system and vg data 1 usr see Section 8 5 1 2 skole tjener home0 see Section 8 5 2 3 skole backup see Section 8 5 3 4 var see Section 8 5 4 5 vat opt Itsp swapfiles see Section 8 5 5 6 swap see Section 8 5 6 7 var spool squid see Section 8 5 7 71 Chapter 8 Fine tuning Installing ash You might want to have ash installed on your system for this exercise ash is on the cd but is not installed by default tjener f apt get install ash Reading Package Lists Done Building Dependency Tree Done The following NEW packages will be installed ash 0 upgraded 1 newly installed 0 to remove and 0 not upgraded Need to get 0B 14 9kB of archives After unpackin
170. or setting up things exactly the way you want things to be for all of your users Have a look at Chapter 10 There are two different ways to add new users either one at a time or a whole bunch at once using a fileimport with a so called semicolon separated file By clicking on New User s you get up a rather long page At the top is the possibility to add users manually one by one by providing first last name together with password if desired A little farther down the page you find the possibility to add several users at once Add users from file When you add a user in this way the computer provides the username and if you want the password as well But you can override this by ticking Common password Yes and then typing in the password you want 155 Chapter 11 Useradministration with WLUS in Webmin Remember to also choose what kind of role you want the new user to have Warning Be very careful with whom you add to the group admin there will one day be in place a regime where those who are members of that group will be able to change the password of other users Note Make sure that a normal user doesn t get the role admin that user may then possibly in the future be able to change passwords of other users Figure 11 5 Result of New User FIXME 67 description of image When new users have been added using WLUS you get a receipt with information about name username and password in a format that makes it eas
171. orrect ip address in the field Hostname or IP address you could also stick with using the hostname backup provided that you have made the correct changes to the DNS server see DNS 9 4 3 Slbackup from the Command Line There are commands that can be run from the command line so you don t need to start a webbrowser and Webmin The command to list times backup is available from rdiff backup list increments tjener skole backup tjener If you have the backups placed on a external machine like described in then substitute tjener with the hostname or ip address of that machine and the path to where you have placed the backups it might look like this rdiff backup list increments 10 0 2 50 backup tjener Note If you are logged in on the machine that holds the backup you don t need to specify any hostname ip address if you are logged in on the fileserver you could just use 126 Chapter 9 Services Out of the Box in Skolelinux Debian edu rdiff backup list increments skole backup tjener tjener rdiff backup list increments tjener skole backup tjener Password Detected abilities for archive read write file system Characters needing quoting d Ownership changing On Hard linking On fsync directories On Directory inc permissions On Access control lists Off Extended attributes Off ac OS X style resource forks Off ac OS X Finder information Off Found 13 increments increments
172. ortion of the homedirectory Lets now restart the name service caching daemon to speedup the updating of this new userinformation tjener etc init d nscd restart 154 Chapter 11 Useradministration with WLUS in Webmin Now lets see if this user has a new location of it s homedir and that this information also is reflected in the Idap database tjener ls lh skole tjener home0 2006 total 4 0K drwxr xr x 5 demo4 demo4 4 0K 2005 11 21 17 47 demo4 The homedirectory has been moved tjener getent passwd demo4 demo4 x 10016 10016 Test User skole tjener home0 2006 demo4 bin bash The info has been updated in the Idap database as well Warning Although this seemed relatively easy to do the implication of doing something wrong is huge If you type the wrong password the homedirectory will be moved but the info in the Idap database will not change you are then left with a user where the system thinks the homedirectory is somewhere else than it actually is The solution call someone who can hack your Idap database or delete and add that user again The script itself contains these calming words This tools take 2 parameters User name and the location of the new home director use at own risk 11 1 2 New user Figure 11 4 New User FIXME 66 description of image Now you should be ready to create new users The first thing you should do is to create a test user This is a user that you use as a template f
173. ote Linux load and such 28 Chapter 3 Firewall Router for Skolelinux Debian edu ii LAN configuration Here you have the option of changing the configuration of the LAN network card the one that goes to the Skolelinux Debian edu network Warning Don t change anything here Doing so will severely reduce the performance of your Skolelinux Debian edu network FIXME Should parse the contents of change ip setup in here later Leave the values as they are refer to A iii Internet configuration Here you have the chance of changing the values of your WAN network card the one that goes to Internet If you get a new ISP or go from getting your IP address assigned by DHCP to having a static IP address then this is the place to change that kind of information with no need for creating a new Coyote Linux floppy from scratch See 2 b iv DHCP configuration This gives you the chance to configure the DHCP server that comes with Coyote Linux Warning Do not enable the DHCP server in Coyote Linux See 2 h v Administrative Configurations Here you can enable disable services such as DNS SSH webadmin vi Port Forwarding Here you can change and enable port forwarding on Coyote Linux This is a very practical and neat feature in a Skolelinux Debian edu network Since Coyote Linux stops and blocks most 29 vii viii 1X Xi xii xiii Chapter 3 Firewall Router for Skolelinux Debian edu connecti
174. other side the script handles this for us This script is located in the package debian edu config and once this package is installed the script is found in etc init d open backdoor This script needs some information from you to run correctly RPORT this is the port that you will be using on the remote machine that you use RHOST this is the DNS name or IP number to the remote machine that you use RUSER this is the username on the remote machine that you use If we take the values from Section 1 3 the script will look like this RPORT 2100 RHOST 127 217 148 238 RUSER help Chapter 1 Where and How to Get Help When you have supplied the necessary parameters RPORT RHOST and RUSER you need to setup and configure the necessary SSH keys for the script so that the script can setup the SSH tunnel automatically for you without the intervention by a helping hand in Section 1 3 You must login as the user root on the machine where the backdoor script is running this can be a server workstation or thin client server your choice Then you must run the command ssh keygen t dsa tjener ssh keygen t dsa Generating public private dsa key pair Enter file in which to save the key root ssh id_dsa Created directory root ssh Enter passphrase empty for no passphrase Enter same passphrase again Your identification has been saved in root ssh id dsa Your public key has been saved in root ssh id dsa p
175. out if the network is working This command will see if there is any connection to Skolelinux Debian edu main server coyote ping c5 10 0 2 2 PING 10 0 2 2 10 0 2 2 56 data bytes 64 bytes from 10 0 2 2 icmp seq 0 ttl 264 time 0 9 ms 64 bytes from 10 0 2 2 icmp_seq 1 ttl 264 time 0 5 ms uptime This command gives you the time Coyote Linux has been running since last boot 32 Chapter 3 Firewall Router for Skolelinux Debian edu coyote uptime 2 37pm up 80 days 7 55 load average 0 00 0 00 0 00 dmesg This command prints the information that the Linux kernel has found on your machine things such as amount of RAM CPU network cards If the output from dmesg is too much for the size of your screen then you can pipe the output to the pager more and use SPACE to read it all dmesglmore ifconfig Shows verbose information about your network cards coyote ifconfig eth0 Link encap Ethernet HWaddr 00 50 FC F8 D2 44 inet addr 10 0 2 1 Bcast 10 0 3 255 Mask 255 255 254 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 314723 errors 0 dropped 0 overruns 0 frame 0 TX packets 312105 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 53700845 51 2 MiB TX bytes 277496136 264 6 MiB Interrupt 11 Base address 0x7000 ethl Link encap Ethernet HWaddr 00 E0 18 A8 B1 BA inet addr 192 168 100 133 Bcast 192 168 100 255 Mask 255 255 255 0 UP BROADCAST RUNNING MULTICAST MTU 150
176. p usmblks 0 fsmblks 0 uordblks 101336 bytes used fordblks 13952 bytes free keepcost 13904 bytes in releasable chunk Number of files 1 Number of files transferred 1 Total file size 679182336 bytes Total transferred file size 679182336 bytes Literal data 21512192 bytes Matched data 657670144 bytes File list size 35 Total bytes written 248397 Total bytes read 16827778 wrote 248397 bytes read 16827778 bytes 42007 81 bytes sec total size is 679182336 speedup is 39 77 176 Appendix D Various Homemade Solutions Warning Make certain that you have at least 650MB free space when you download using rsync because rsync creates a temporary file while it is downloading This file grows and becomes equally large as the CD When it s finished downloading the temporary file gets deleted D 2 Preventing Users from Logging onto Several Thin Clients Simultaneously This can be a real problem when a user logs onto several thin clients at the same time for example if he tries to change the background picture in both places The solution is to set up a little test when a user logs on to check if he is already logged on If he is then he is prevented from logging on again The script that makes this possible or rather makes it impossible for one user to log on to several thin clients simultaneously is found in the file etc X11 Xsession d 10skolelinux one login per host You will also fi
177. password and homedir from Skolelinux debian edu 170 Appendix B Seamless Integration of Mac OS X Machines Warning This might might not work haven t had a Mac machine to test for almost some years In L 97 the current Norwegian National School Curriculum there are some goals that would be more easily facilitated through the use of Mac OS X machines especially in the areas of Art and Crafts So it would be great if these machines could be integrated with the rest of the Skolelinux Debian edunetwork same password username and home directory I used KT driftshandbok for Skolelinux http developer skolelinux no dokumentasjon IKT bok en html id2497724 as a starting point with the following changes Onthe Skolelinux Debian edu Main server I did NOT put in insecure in the exports file etc exports In order to get automount to function I created this file on the Mac name mounts CHILDREN Optis 1G SPM name tjener skole tjener homeO type nfs dir skole tjener homeO and named it the mounts table Then run the command sudo niload r mounts lt mounts table 171 Appendix C Smarttech Touchboard Warning It is to my knowledge not possible to setup Smartboard on a LTSP based thinclient it might be theoretically possible since some touchscreens are indeed supported but haven t managed or even tried that with Smartboard It is also to my
178. ppy Setting password Without this password you can t logon your Coyote Linux machine later see Section 3 6 Figure 3 5 Syslog Server Setting mainserver as syslog server Just leave this blank or have a look at 2 1 Figure 3 6 Type of Internet Connection WAN Internet connection Choose whatever is most appropriate for you If you get a DHCP assigned address then it is likely that you will not need to give any more information about your connection Figure 3 7 Static IP configuration Static ip on WAN If you have a static address then fill in the appropriate values here Figure 3 8 Do not enable the Coyote Linux DHCP server Do not enable the DHCP server Do not enable the Coyote Linux DHCP server There is already one running on the mainserver Figure 3 9 Choosing Driver Modules for Your Network Cards NIC Modules for NIC s Drag and drop to choose the correct network cards in your Coyote Linux machine In this particular screenshot I m using a 3com NIC for my LAN card and an Intel pro 100 card for my WAN card 21 Chapter 3 Firewall Router for Skolelinux Debian edu Figure 3 10 Choose language Choose language In order to best get support from the Internet choose English Figure 3 11 Creating the Disk Create the disk Place a floppy in the floppy drive and press Next Tip strongly advise creating 2 or more floppies it s very handy having a spare copy 3 4 Upgrading to Newer
179. r 77 Chapter 8 Fine tuning The resizing of this partition is done in a similar way to the resizing of usr except that you don t need to switch to another shell But you must remember to unmount the partition var opt ltsp swapfiles if this is done a machine with the profile Thinclientserver installed See swapfiles You must also remember to umount the partition var spool squid before trying to umount var otherwise you just get tjener umount var umount var device is busy umount var device is busy This means you should be in runlevel 1 use the command init 1 If you want to increase var with 400MB the command would be umount var e2fsck fy dev vg_system lv_var Ivextend size 400M dev vg_system lv_var resize2fs dev vg_system lv_var mount var 8 5 5 Resizing var opt Itsp swapfiles This lv belongs to vg system It s only present in the profile thinclientserver This partition contains the swapfiles for the thinclients The size of each of these swapfiles is 32MB This partition is resized similarly to skole t jener home0 A reasonable size for this partition would be 32MB times the number of thin clients you plan to have If you try to boot more thin clients with swapfiles than you have space for in var opt ltsp swapfiles then the thin client will not boot These swapfiles will be placed in var opt ltsp swapfiles with the file names 192 168 0 10 swap 192 168 0 11 swap 192 168 0 12 swap
180. r Mac 35 Chapter 3 Firewall Router for Skolelinux Debian edu The only thing you have to configure differently is to enable the DHCP server See 2 h A short summary of making a Coyote Linux DHCP server Coyote Linux as an Ordinary DHCP server Remember to answer Yes to the question Do you want to enable the Coyote DHCP server y n Once you have your Coyote Linux DHCP server running you will probably need to use a different address to login to it if you didn t change the default LAN configuration Configuring system for Ethernet based Internet connection By default Coyote uses the following settings for the local network interface IP Address 192 168 0 1 Netmask 255 255 255 0 Broadcast 192 168 0 255 Network 192 168 0 0 Would you like to change these settings Y N n then you ll have to use the address 192 168 0 1 instead of 10 0 2 1 when logging in to the Coyote Linux web administrator see Section 3 7 and Section 3 8 The new addresses are in this case ssh l root 192 168 0 1 http 192 168 0 1 8180 3 11 Coyote Linux and different ISP Note have not yet encountered an ISP that didn t work with Coyote Linux Please tell me if you know of one This is list of ISP s that I know work well with Coyote Linux Nextgentel Norway Tele2 ADSL Privat Norway Tele2 ADSL Bedrift Norway UPC Chello Classis Norway Utdanningsetaten The Department of Education in Oslo Not yet tested on In
181. r qemu disk than your physical disk Before you create the qemu disk you can check your available space with df h and do the same after you have created a 6GB qemu disk you will see the same space is available The space is not used before you start installing something into qemu very nice Either download a iso image to you harddrive or use a real cdrom qemu m 128 boot d cdrom tmp debian edu_sarge i386 pr05 iso hda mnt qemu disk monitor stdio which will start a Skolelinux Debian edu install with 128MB ram onto qemu disk mnt qemu disk if you are going to try a Thinclient install you will need two network cards in your qemu add the option nics 2 like this qemu m 128 boot d cdrom tmp debian edu_sarge i386 pr05 iso hda mnt qemu disk monitor stdio nics 2 182 Appendix F Contribute to this document and Skolelinux Debian edu Once you are done with firststage in qemu you need to start secondstage with qemu m 128 cdrom tmp debian edu sarge i386 pr05 iso hda tmp qemu disk otherwise it will not boot from the hard drive but from the CD ROM again If you wish to use a real cdrom then the command looks like thins qemu m 128 boot d cdrom dev hdc hda mnt qemu disk monitor stdio nics 2 183 Appendix G To do list ra 10 More on bind DNS 12 13 14 15 1 1 eN 17 Installing FreeNX Adding info about using ssh into a qemu image Adding info about booting ltsp client
182. r the installation is complete a reboot is necessary in order to restart all services such as LDAP DHCP etc See services for a list of services that works out of the box with Skolelinux Debian edu Upgrade your machine First thing you should to now is upgrading your machine have a look at howto update and upgrade your machine Figure 7 9 Installation is Complete no KDM console based login If you have chosen to install only the profile mainserver which has no GUI then you will also have no KDM just a text based login You actually have 6 such text based loginscreens available through ALT F1 upto ALT F6 Figure 7 10 Installation is Complete KDM kdm based login If you have chosen to install a machine that includes one of the profiles workstation or thinclientserver then you will be met by kdm Here you login with Username root Password 59 Chapter 7 The Second Stage of Skolelinux Debian edu Installation You can use TAB to move between the fields Username and Password and then press ENTER to login instead of using the mouse 7 1 1 Something Went Wrong 7 1 1 1 Videocard not working Sometimes something goes wrong during installation The most frequent error is the failure to automatically configure the video card when you have chosen to install a machine that includes one of the profiles workstation or thinclientserver Note It is not necessary for the thinclients that the videocard in the thinclie
183. r when you want users placed elsewhere If you forget to use the right prefix in the configuration you have the possibility of running a script on the commandline that will rectify that error Lets take as example the user demo4 let s say we would like him to have homedirectory in Skole tjener home0 2006 but we forgot to change the prefix parameter in the config file so we must do it manually later Fist we must create the directory 2006 in skole tjener homeO then we must move the users homedir and update the info in the Idap database First lets see what kind of info we have on the user demo4 tjener getent passwd demo4 demo4 x 10016 10016 Test User skole tjener home0 demo4 bin bash Here we clearly see that the users have homedirectory in skole t jener home0 demo4 Then we run the script without any arguments so that it tells us what arguments it expects tjener usr share debian edu config tools movehome usage n t usr share debian edu config tools movehome username lt newhome gt Now that we know the arguments it expects lets use that tjener usr share debian edu config tools movehome demo4 skole t jener home0 2006 ldap_initialize ldaps ldap Enter LDAP Password replace homeDirectory skole tjener home0 2006 demo4 modifying entry uid demo4 ou People dc skole dc skolelinux dc no modify complete Notice that the argument lt newhome gt doesn t include the username p
184. rams are Really Finished When Logging Out 177 D 4 Placing Desktop Icons for Several Users Simultaneously eee 178 E Various Nice Little Scripts 4 eere ee eee esee e eese ee eene te seen etae tasa aetas tasse teet ta sens ense tosta esos esteso 181 E 1 Little Scripts ve o neant e er Eea COT EEE ep OO Cete ie HP EOD renee 181 E 1 1 Remove Comment Lines oie eei pte tegi 181 E 1 2 Making Changes in Several Files Simultaneously eee 181 F Contribute to this document and Skolelinux Debian edu eere eene reete 182 Ls Translate 5t Re DUE ERU qa UD quesiti ien ets 182 F2 Test Skolelinux Debian edu on your computer with an emulator qemu 182 nn 184 vii List of Tables List of Figures 1 1 Help Pag s 1n Konquerotr uento e e e etie a e ete tede iet een 5 3 1 An Overview of Placement of the firewall router in Skolelinux Debian edu 15 3 2 Coyote Linux Windows Creator Welcome Image eese nennen 20 3 3 Local Network Setup LAN ree e oeni eE EEEE E Ee Ari enne nennen E entente enne nnne 20 3 4 Setting a Password on the Coyote Linux Floppy eee 20 3 5 Syslog Servera csse nepos ea a in eel aie a ee ee ae e 21 3 6 Type of Internet Connection WAN
185. really think about this before you get a printer So check out the web pages on linuxprinting org http www linuxprinting org to find out if your printer is supported out of the box by Linux If you have a printer that is classified as a paperweight then get rid of it or use it as a door stopper Recipe for Setting up a Printer on a Thin Client Plug the printer into the thin client This example is for a printer on a parallel port so we use dev 1p0 Add the MAC address of this thin client in Webmin for example Itsp050 have a look at for howto lock a mac address to a specific ip address hostname Use a text editor to open the file opt 1tsp i386 etc 1ts 1ts conf and add these lines 1tsp050 PRINTER 0 DEVICE dev 1p0 PRINTER 0 TYPE P If this thin client needs other configuration lines add them here as well maybe its video card does not allow autodetection etc Go to K menu gt Control Center gt System gt Printing Manager and click on the magic wand icon to add a printer Click on Next Then for backend selection choose Network printer TCP Click on Next Click on Settings Instead of 10 2 0 type 192 168 0 if the printer is connected to a thin client leave the other values as they are Click OK Click on the button Scan and it will then search for your printer which will take about 30 60 seconds In the large frame on the left you will soon see information about th
186. remove it simply with the command apt get remove lt packagename gt If you want to see what is going to happen when you remove the package you can run a simulation first with the command apt get remove lt packagename gt simulate tjener apt get remove aterm simulate Reading Package Lists Done Building Dependency Tree Done The following packages will be REMOVED aterm 0 upgraded 0 newly installed 1 to remove and 0 not upgraded Remv aterm 0 4 2 11 Debian 3 1r0 stable tjener f apt get remove aterm Reading Package Lists Done Building Dependency Tree Done The following packages will be REMOVED aterm 0 upgraded 0 newly installed 1 to remove and 0 not upgraded Need to get OB of archives After unpacking 287kB disk space will be freed Do you want to continue Y n Reading database 32936 files and directories currently installed Removing aterm 8 9 8 Installing one Specific Version of a Package When you install a package with the command apt get install lt packagename gt 106 Chapter 8 Fine tuning the newest version will be automatically installed Sometimes you don t want to install the newest version just a little older version apt get install packagename older versions number If you think that the older version of the backup module of Webmin is better then you should run apt cache showpkg webmin slbackup to get an overview of
187. rewall configuration 6 Edit port forward configuration c Show running configuration f Reload firewall r Reboot system w Write configuration to disk q quit e Exit Selection 1 and there add 10 0 2 2 to the line LOGGING HOST 10 0 2 2 If you are using mOnOwall http mOnO ch wall then you do that under Diagnostics Logs Settings and there add 10 0 2 2 to IP address of remote syslog server like this Figure 9 32 Remote logging setup in mOn0wall logging setup in mOnOwall Once you have all machines and devices sending their syslog info to Mainserver it s time to have a look at what is reported The most important logfile is probably syslog and looking at it in realtime as things are written to it is possible with tail follow var log syslog here you see the log send by a Thin Clientserver as a thinclient boots up tjener tail follow var log syslog DHCPACK on 192 168 Dec Dec Dec Dec Dec Dec Dec Dec Deo Dec Dec Dec Dec 1 9 1 9 1 9 r9 19 19 19 19 19 K9 19 1 9 1 9 PRPRPRPRPRPRPP RPP HEB LET 153 s15 SESS SSS sips sips I5s SIES siS 052 MESH 2533 LB 52 52 52 52 52 52 52 52 52 52 52 52 52 tspserver0 tspserver tspserver tspserver tspserver tspserver tspserver tspserver tspserver tspserver tspserver tspserver tspserver 1 PRPPRPRPRPRPP RPP PB dhcpd tftpd tftpd tftpd tftpd tftpd tftpd tftpd tftpd tftpd tftpd
188. rnet configuration IP Address 192 168 100 133 Static Netmask 255 255 255 0 Gateway 192 168 100 2 z LAN configuration IP Address T0052 Netmask 255 255 254 0 Broadcast 10 0 3 255 DNS configuration domain localdomain nameserver 213 184 200 1 nameserver 213 184 200 2 10 51am up 7 days 20 53 load average 0 00 0 00 0 00 Press enter to return to system menu free 34 Chapter 3 Firewall Router for Skolelinux Debian edu Use this command to see how much RAM you have in the machine and how much is being used This machine has 32MB of RAM coyote free total used free shared buffers Mem 30860 6004 24856 0 0 Swap 0 0 0 Total 30860 6004 24856 menu This commands starts the Coyote Linux Menu Coyote Linux Gateway Configuration Menu 1 Edit main configuration file 2 Change system password 3 Edit rc local script file 4 Custom firewall rules file 5 Edit firewall configuration 6 Edit port forward configuration c Show running configuration f Reload firewall r Reboot system w Write configuration to disk reboot coyote reboot This will reboot your Coyote Linux shutdown coyote halt This will turn off your Coyote Linux 3 10 Coyote Linux as an Ordinary DHCP Server in a Non Skolelinux Debian edu Network Coyote Linux is a perfect candidate if you just need a DHCP server for your network regardless of what type of machines you have in your network Linux Windows o
189. ror for Deb Packages seseee 111 8 9 13 Upgrade of OpenOffice org from 1 1 3 to 2 0 sssseeeenerne 112 8 9 14 Upgrade OpenClipatt det ete entier ees 114 8 10 The Quota System for Hard Drive Space enne 114 8 10 1 Stopping the File xsession error From Filling up Your Entire Hard Drive 117 9 Services Out of the Box in Skolelinux Debian edu eee ee eee eee ee eee eese ee eene tenes a sno 120 9 T Thinchlient Server eis Eabb ned 120 9 1 1 Adding a Printer to a Thin Client isvis eppen ieaie a EY 120 9 2 Ldap Server zoo rsen etel PER Ee eiie e ERE eR 120 9 3 S SEL SERVER Aue iiie E tudin EU aite uites tutte ie iibi vss 121 9 A rdift backup Server esee depen need 121 9 4 1 Comparison of Various Versions of the Same File eee 124 9 4 2 Dedicated machine to hold the backups eene 125 9 4 3 Slbackup from the Command Line eese 126 9 4 4 Slbackup Log Files eet epe eee e tee 127 9 4 5 Useof Slbackup im real Dfe inerte mop rr eere tei nce e t 128 9 5 Samba server windows file and print esee ennemi 128 9 6 Muni systemstatistlcs SeEVet scene e e E eee bte UE epe EE 128 9 6 1 SNMP Munin plugin sese eere en treten entren enne 130 OT DHCP SEV EE pae ee ete e thi idee rit ede 131 9 7 1 Thm Clients one Ra AI IURE 132 9 7 2 Workstation Linux Windows Mac
190. s kernel server stop Stopping NFS kernel daemon mountd nfsd Unexporting directories for NFS kernel daemon done Then try again to unmount 75 Chapter 8 Fine tuning Note If you have stopped nfs remember to start it afterwards once you are done with resizing and have mounted it again 5 Check the amount of available space in the volume group vgdisplay dev vg data tjener vgdisplay dev vg data Volume group VG Name System ID Format Cur Open LV ax PV etadata Areas etadata Sequence No 6 VG Access VG Status AX LV LV Cur PV Act PV VG Size PE Total PI Alloc PI Size Free VG UUID t rd rd P You can also use pvscan tjener pvscan PV dev hda6 PV dev hda5 Total 2 4 67 Size Size vg data lvm2 1 read write resizable rFONN O 1 1 94 GB 4 00 MB 496 296 1 16 GB 200 800 00 MB XplJyV 3xRB H3FU jO9Q 8CrV R8mL ZWXb2R VG vg data lvm2 1 94 GB 800 00 MB free VG vg system lvm2 2 73 GB 692 00 MB free GB in use 2 4 67 GB in no VG O 0 6 Resize the partition in this example it s increased with 100M fsck Pass Pass Pass Pass Pass 1 e2fsck Ty BC N Ds dev vg_data lv_home0 22 103632 files 0 0 non contiguous 21334 413696 blocks tjener lvextend size 100M dev vg_data lv_home0 Extending logical volume lv_home0 to 504 00 MB tjener e2fsck fy dev vg_data lv_home0 37
191. sary to manually load driver modules during installation in order to get certain hardware working such as for certain Compaq HP RAID controllers cciss and some 3ware controllers 3w xxxx You reach this VT by pressing ALT F2 And to return to the original screen you use ALT F1 49 Chapter 6 The First Stage of Skolelinux Debian edu Installation Figure 6 5 Virtual terminal VT VT 6 2 4 The special case of SATA disks and the missing cdrom 6 2 5 Information about profiles Figure 6 6 Information about the Various Profiles 1 Information about profiles As you can see from the slider to the right there is more text than fits one screen use the UP DOWN arrows to scroll down and read the rest Figure 6 7 Information about the Various Profiles 2 Information about profiles 6 2 6 Manually adjusting the partition size for automatic partitioning If you know that the partitions that the automatic partitioning tool autopartkit will make are either too small or too big or you need more or fewer partitions and you don t want to fiddle with resizing them afterwards like in Section 8 5 2 then you have to choice of altering the tables that autopartkit uses This is achieved in a virtual terminal VT 2 using preferably the editor nano The files are located in the directory etc autopartkit during installation If you want to change any of these than you must do so before you choose what profile to install switch over to VT when
192. se of the Most Used Programs will refer to it as Firefox 12 2 1 Acrobat Reader as Plugin for Firefox Konqueror By having the line deb ftp ftp nerim net debian marillat sarge main in etc apt sources list then you can use the command apt get install mozilla acroread acroread plugins to add a plugin that starts Acrobat Reader when you want to view a pdf file using Firefox 12 2 2 Adding a Plugin to view NRK TV and other film clips on the Internet You need to install mplayer first The you add a so called plugin that starts mplayer in the web browser when it is needed You will find instructions for the installation of mplayer here Section 13 2 The plugin is called mplayerplug in and can be installed with apt get install mozilla mplayer 12 2 3 Macromedia Flash Player Plugin for Firefox This package comes from the same place as mplayer and Acrobat Reader that is ftp nerim net Make certain that that line is active in the file etc apt sources list Then you just install it with apt get install flashplayer mozilla 165 Chapter 13 Useful Programs that are not Included on the Skolelinux Debian edu CD 13 1 Acrobat Reader By using your favourite text editor to add the line deb ftp ftp nerim net debian marillat sarge main to the file etc apt sources list see Section 8 2 1 and then updating the database you can then use your favourite package manager see Section 8 9 or 5 to install Acrobat Reader These
193. server running you must disable the DHCP server on your firewall router and on any other machines you want to integrate into your Skolelinux Debian edu network Having two DHCP servers on the same network usually doesn t work very well 16 Chapter 3 Firewall Router for Skolelinux Debian edu D Use 10 0 2 2 as syslog server this ip address is your mainserver 1 After you have downloaded the Coyote Linux source files you need to unpack them You must be superuser root to unpack them tar zvxf coyote 2 24 tar gz cd coyote makefloppysh Note If a new version of Coyote Linux exists at the time you read this then you must replace the version 2 24 in the commands above with the version number you have downloaded 2 When creating a Coyote Linux on a Linux machine these are the questions asked and the answers you should give a Coyote floppy builder script v2 9 Please choose the desired capacity for the created floppy 1 1 44MB Safest and most reliable but may lack space needed for some options 2 1 68MB Good reliability with extra space recommended 3 1 72MB Most space but may not work on all systems or with all diskettes Enter selection 2 Choose here what is recommended 1 68MB b Please select the type of Internet connection that your system uses 1 Standard Ethernet Connection 2 PPP over Ethernet Connection 3 PPP Dialup Connection Enter Selection Here you would normal
194. skole backup is now 1G bigger and there is 0 Free in dev hda while there is still place in dev hdb for vg data to grow 8 5 10 Activating the Ivm volumes from a KNOPPIX cd Sometimes things go horribly wrong and your system ends up being really hosed In such a case it is very often lifesaving having a KNOPPIX cd lying about I trust you did download order a KNOPPIX cd as I suggest you do in Section 6 1 Iuse KNOPPIX_V4 0 in this example but any other recent version of KNOPPIX or any similar live cd should probably also work just as well 84 Chapter 8 Fine tuning Boot up your non optimal working system I prefer to just use runlevel 2 no GUI that boots much faster than a full GUI and I don t need any mouse So you can either just press Enter to boot full GUI KNOPPIX Once you have booted KNOPPIX make sure you have Internet connectivity the command ifconfig will tell If you don t have any ip address then run the command netcardconfig and just follow the instructions You need a functional network because we need to download some packages apt get update You might see a few error messages at this point something relating to Ndiswrapper never mind those apt get install lvm2 Ivm common Now we may activate the Ivm groups and volumes modprode dm mod Indir lib Ivm 200 usr sbin vgscan vgchange a y If everything went well you should see some info about KNOPPIX having found your lvm groups Lets assume tha
195. slbackup read about further options in the manual page of cron man cron Figure 9 4 Slbackup Backup Details Backup Clients slbackup details client Here you configure which machine you want to backup You specify the IP address or use the hostname together with the directories that you want to backup and how long you want to keep a copy of the backup Figure 9 5 Slbackup Backup Details Backup Server slbackup details server Here you set up the details for the machine that is going to do the backup The most important detail is where the backup is going to be stored The default backup partition is the LVM partition Skole backup see section Section 8 5 3 But there is nothing to stop you from setting in an extra hard drive and storing your backup there instead 122 Chapter 9 Services Out of the Box in Skolelinux Debian edu If you are observant you may have noticed that we place the backup on the same hard drive as the one we take backup of Stupid Not so if we take backups as an extra service for our users in case they accidentally delete a file It is of course stupid to store your backup on the same hard drive if the purpose is to guard against a drive getting broken Then it is wiser to set up a machine with a workstation profile see Section 2 5 and install some really large capacity hard drives and use slbackup to make the backup external Figure 9 6 Slbackup Restore slbackup restore What good is i
196. ssssere 90 8 7 2 Creating Etherboot ROM Images for Ordinary non PXE network cards 90 8 7 3 Special Floppy Disk with Support for 30 network cards sess 91 8 7 4 Using the MAC Address to Assign a Fixed IP Number to a Thin Client 91 8 7 5 Customising Thin Chents n eosenncehenemee dem gei t REUS EHP DEUS 93 8 8 Do the Network Cards Work essere enne nennen Ere nennen nennen rennen 97 8 9 Administration of Packages sisisi eea eni e nn EE ei a hee eee epe i ene eie 99 8 9 1 Updating the Database with Info About Available Packages sess 100 8 9 2 Upgrading All Installed Packages to a Newer Version seseeee 101 8 9 3 Overview of Installed Packages enne enne 103 8 9 4 Finding the Name of a Specific Package sssssseeeeeenrn ene 104 8 9 5 Showing Available Information about a Package sseeeee 104 8 9 6 Installing a Package ssc eee eot eei 105 8 9 7 Removing an Installed Package eene eene ener 106 8 9 8 Installing one Specific Version of a Package sssssseeeeenen ee 106 8 9 9 Installing a Package with the Help of dpkg seseeee 108 8 9 10 Searching Through Files that were Installed by a Specific Package 110 8 9 11 Finding Which Package a File Came From eee 111 8 9 12 Making Your Own Local Mir
197. static one then there must be a physical connection with a network cable between Coyote Linux and the connection n You have chosen the wrong driver module for this network card You could try to login to Coyote Linux and then first choose q quit to get out of the Coyote Linux menu then issue the command dmesglmore use SPACE to page Look for references to eth0 and eth1 Look at the sidebar Different Names Used for the network cards for a reminder about what ethO and eth means There is usually an indicator there as to what the problem is Q I have tried several different driver modules for my network cards but I still haven t found the correct driver A Have you had a look at this web page containing info about network card and corresponding driver modules for Coyote Linux http www dalantech com 3 6 Coyote Linux Command Line Login You can now login using the command line with the username root and empty password which is the only user available in Coyote Linux The first thing you must do is to set the root password for your Coyote Linux Note If you don t set any password on your Coyote Linux then anybody can gain access to it by going to the address http 10 0 2 1 8180 26 Chapter 3 Firewall Router for Skolelinux Debian edu Warning You must set the root password also called the system password immediately for Coyote Linux coyote login root This what you see when login to Coyote Linux the Menu
198. t copykde if d U Desktop then cp a SFILE U Desktop DEST2 basename SFILE chown reference U U Desktop S DEST fi while S gt 0 179 Appendix D Various Homemade Solutions do FILE S 1 lf qp f o USEILE then find all folders under home for H in SHOMEDIRS do USERLIST 1s ad H if SUSERLIST then for each user for U in SUSERLIST do copykde done Cd done ti shift done You can save this script in the root home directory In this example the file text doc desktop is found under the user test so the command to copy this file over to all of your uses will be spread desktop skole tjener home0 test Desktop textdoc desktop 180 Appendix E Various Nice Little Scripts E 1 Little Scripts E 1 1 Remove Comment Lines Most system files are full of comment lines that is lines with a symbol in front These are lines that the program disregards Sometimes we aren t interested in viewing these comment lines We only want to see the lines that work The command egrep v I filename will filter out these comment lines when viewing the file they won t actually be removed from the file itself E 1 2 Making Changes in Several Files Simultaneously Sometimes you have the need to make the same change to several different files for example the configuration files for your users Either you open them one by one and
199. t for you If you choose to download it yourself there is a program that makes it possible to use as a starting point an existing CD that you have already downloaded and only download the files that are different in the newer version In this way you can download a new version for example pr05 in a short time if you have the previous version for example pr04 even using ISDN The command that makes this possible is rsync no whole file progress vv stats developer skolelinux no skolelinux cd debian edu sarge i386 pr05 iso skole tjener home0 iso debian edu_sarge i386 pr05 iso What happens here is that the local file Skole tjener home0 iso debian edu sarge i386 pr05 iso gets updated so that it becomes identical with the file debian edu sarge i386 pr05 iso that is stored on the Skolelinux ftp server But before you do this you have to have a local copy on your computer that you want to update In this example the name of the copy is debian edu sarge i386 pr05 iso and it is stored in the directory Skole tjener home0 iso lf your local copy is called something else and is placed in another directory you will need to remember to take that into account when you run the rsync command You may be wondering why I upgrade a local file debian edu_sarge i386 pr05 iso with a file by the same name from Skolelinux That s because my local file debian edu_sarge i386 pr05 iso is really debian edu sarge i386 pr04 iso but with a different n
200. t to have a backup utility if you can t put the files back that have been deleted By choosing Restore you have the possibility to choose which machine you want to get the files from as well as which file or entire directory you want to get You can also use everything that you have taken a backup of on the machine in question Figure 9 7 Slbackup Restored Files slbackup restore When you have chosen which machine you want to get the backup from then you will get to make several more choices among which the date time you want to restore the backup and where you want the files to be placed To start with it s wise to use the directory tmp lt machinename gt It s smart to place the files being restored in the directory tmp lt machinename gt Everything that is stored in this directory gets deleted when the machine reboots In addition by placing the files there in this temporary directory you make sure that you don t accidentally write over the wrong files when you replace an old file with a new one that has the same name After you have taken out the files that you need to restore then you must go into this directory tmp machinename and use a file manager see Section 12 1 to get out the files that you want Figure 9 8 SIbackup Maintenance slbackup maintenance 123 Chapter 9 Services Out of the Box in Skolelinux Debian edu By choosing maintenance you get the possibility to delete old backups that you no
201. t you have an IDE disk as master on channel 1 which would you make your disk a nda We need to mount it but first we must make a mountpoint mkdir mnt lvm mount dev hdal mnt lvm Now you may begin mounting those Ivm partitions you have like mount dev vg data lv home0 mnt lvm skole tjener home0 Now you can use tools such as scp ssh and tar to transfer files over to another machine Have a look at Section 9 3 for more info about how to use these tools For now I ll just say that if you want to transfer the whole content of skole tjener home0 which holds all you users files over to another linux machine with ip address 10 0 2 50 and there place it in backup this command will do that tar czvf mnt lvm skole tjener home0 ssh root 10 0 2 50 cat 2 backup homeQ tgz 85 Chapter 8 Fine tuning 8 6 Editing Host Netgroups Authors Knut Yrvin lt knuty skolelinux no gt and Alex Brasetvik lt alex skolelinux no gt A host netgroup hence netgroup can be compared to a guest list when you are inviting people to a party You have made the guest list to avoid unwanted guests for instance crooks In a computer network the guests are a bit different They are Internet hosts e g printers thin client servers or workstations If these hosts are on the guest list they are welcome to do their task on the network If they are not they are automatically kept out by the doorkeeper A netgroup thus keeps track of the guests
202. ter 8 Fine tuning Link encap Local Loopback inet addr 127 0 0 1 Mask 255 0 0 0 UP LOOPBACK RUNNING MTU 16436 Metric 1 RX packets 44174 errors 0 dropped 0 overruns 0 frame 0 TX packets 44174 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 0 RX bytes 11789085 11 2 MiB TX bytes 11789085 11 2 MiB While the output from ifconfig should look like this on a thinclient server etho ethl lo Link encap Ethernet HWaddr 00 30 05 75 95 5E inet addr 10 0 2 10 Bcast 10 0 3 255 Mask 255 255 254 0 inet6 addr fe80 230 5ff fe75 955e 64 Scope Link UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 9749550 errors 0 dropped 0 overruns 0 frame 0 TX packets 12174337 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 851989409 812 5 MiB TX bytes 3820253778 3 5 GiB Interrupt 169 e E 0C 59 5E 84 Link encap Ethernet HWaddr 00 inet addr 192 168 0 254 Bcast 192 168 0 255 Mask 255 255 255 0 inet6 addr fe80 20e cff fe59 5e84 64 Scope Link UP BROADCAST RUNNING MULTICAST TU 1500 Metric 1 RX packets 430966587 errors 0 dropped 0 overruns 0 frame 0 Or TX packets 511993119 errors 0 dropped 0 overruns 0 carrier 0 collisions 0 txqueuelen 1000 RX bytes 584433596 557 3 MiB TX bytes 361859667 345 0 MiB Base address 0x2800 Memory fc420000 fc440000 Link encap Local Loopback inet addr 127 0 0 1 Mask 255 0 0 0 inet6 addr 1 128 Scope Host UP LOOPBACK
203. that the name Itsp010 translates to the ip address 192 168 0 10 and same with the name Itsp011 translating to 192 168 0 11 132 Chapter 9 Services Out of the Box in Skolelinux Debian edu If you want to edit any of the mac ip address for thinclients then you must use the url https ip of thinclientserver 10000 if you have a dedicated Thinclient server or use https tjener intern 10000 if you have a Combi server 9 7 2 Workstation Linux Windows Mac host static00 hardware ethernet 00 00 00 00 00 00 fixed address static00 host staticOl hardware ethernet 00 00 00 00 00 00 fixed address staticO01 host static02 hardware ethernet 00 00 00 00 00 00 fixed address static02 host static03 hardware ethernet 00 00 00 00 00 00 fixed address static03 There is 4 places set aside for machines with a static IP address in the file etc dhcp3 dhcpd conf If you need more then make more by using the ones provided there as a template The next one you make yourself will then look like this host static04 hardware ethernet 00 00 00 00 00 00 fixed address static04 Note Workstation should be attached to the networkcard with the name ethO if you have a combi server or to the same switch as other servers It is defined in the configuration of bind and that the name staticOO translates to the ip address 10 0 2 50 and same with the name staticO1 translating to 10 0 2 51 133 Chapter 9 Services Out
204. the different choices When choosing q quit you will end up at the command line in Coyote Linux if you need to go back to the Coyote Linux Menu then type menu and press ENTER If you see this when trying to login to Coyote Linux klaus tjener ssh 10 0 2 1 1 root Gaga aea aaa a e Ge e e WARNING REMOTE HOST IDENTIFICATION HAS CHANGED Gaga eaae aa e Ge e e IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY Someone could be eavesdropping on you right now man in the middle attack It is also possible that the RSA host key has just been changed The fingerprint for the RSA key sent by the remote host is 34 b7 a3 9b 06 4c e2 30 1b 0d 03 45 7b 22 b7 dd Please contact your system administrator Add correct host key in skole tjener home0 klaus ssh known hosts to get rid of this messa Offending key in skole tjener home0 klaus ssh known hosts 27 RSA host key for 10 0 2 1 has changed and you have requested strict checking Host key verification failed Then it is most likely because you had previously logged into a different machine with the IP address 10 0 2 1 or you have changed a network card in Coyote Linux or it is really a man in the middle attack The solution is to remove the offending key in this case it s line number 27 in file Skole tjener home0 klaus ssh known hosts 3 9 Useful Commands in Coyote Linux Useful commands in Coyote Linux ping Useful to find
205. the same kind of information is pvscan 1 Chapter 8 Fine tuning You must create the mount point skole video mkdir skole video Then you create the new volume Ivcreate size 2G name lv video vg data In this example the size is 2GB Have a look at Ivm homeo to find out how to resize this Then you need to make a file system mke2fs j dev vg data lv video Then add this new partition using your favourite texteditor to etc fstab otherwise this new partition won t be mounted automatically at boot In our example you add this line at the end of etc fstab dev vg data lv video skole video ext3 defaults 0 Now you test your new partition by mounting it manually with mount skole video Have a look at the size with df h skole video 8 5 8 1 Adding the New Volume to autofs Not tested with Sarge This has not yet been tested with Sarge This warning will go away once it has been tested Skolelinux Debian edu uses autofs to export partitions to machines that might need them workstation and thinclientserver needs to be able to mount the users home directories So if you have made another home partition for example skole tjener homel and skole t jener home2 then you must make sure that they are also exported along with skole t jener home0 via autofs to the needed machines The necessary information lies in the LDAP database so we must add this new information the LDAP database This is most easily done by add
206. tting up Desktop Menu bar etc the Same for Everyone When the User is Created 149 10 4 1 The Kicker the Bottom Menu Line eeeeesssseseeseeeeenneenn nennen 150 10 4 2 Desktop Icons Background essent nennen 150 11 Useradministration with WLUS in Webmin eese eese ener enean tatnen ntn tn statu stata tatus tnn sao 152 TT 135 eret ie mutet tr e eter ep Wa ques irr te de ote EE ee Ger nda edet aes 152 11 1 1 Manually move homedirectory and update info in ldap sess 154 11 12 New USER tet ed nee eee e GU eS 155 11 1 3 New Usets iere eB epe Oe Pee ree PP 156 11 1 4 Editing users disable enable login delete users sese 157 11 1 5 Changing a User s Password seeseseeeeeeseeeeeeee nennen 158 11 1 6 Changing a User s Password from the Command Line sees 159 11 1 7 Changing the LDAP Admin Password sese 159 11 1 8 Direct Editing of Files in the LDAP Database eee 160 11 1 9 How to Start with a New Fresh LDAP Database sese 161 11 1 10 Delete a user or group of users sseeeeeeeenener nennen emen nre 162 12 Configuration Use of the Most Used Programs 4 eese eese ee eene eene eee eee etnia etas ta sense ta etas to aeo 164 12 1 Konqueror File Managers eec iore yer eee ers genet cede REE teet ede 164 12
207. tu com ubuntu breezy security universe Then do your apt get update You need some packages installed on Ubuntu for all this to work apt get install autofs ldap Idap utils libldap2 libnss Idap libpam Idap nscd nfs common Also install ssh as that is very handy to have installed and Ubuntu doesn t install it as default apt get install ssh Just press Enter and accept whatever default you are presented with regarding ldap and so on we will take care of the configuration files later From a Skolelinux Debian edu in this case based on pr05 workstation take the following files directories etc pam d etc nsswitch conf etc libnss ldap conf etc nscd conf etc default autofs etc init d autofs etc ldap etc pam ldap conf etc auto master There might be files included here that is not necessary for making ldap autofs work someone should comment on that please For those without a Skolelinux debian edu workstation I ve uploaded these files to http www skolelinux no klaus skolelinux ldap autofs tgz You should also take a backup copy of these files on your Ubuntu machine before installing these files from Skolelinux Debian edu this is a handy way of doing that means one long line 168 Appendix A Integration of Other Linux Distributions into Skolelinux Debian edu with ldap and autofs tar zcvf Ubuntu ldap autofs backup tgz etc pam d N etc nsswitch conf N etc libnss ldap conf etc nscd c
208. u can add as sources for packages 8 9 1 Updating the Database with Info About Available Packages The selection of available packages changes constantly New packages become available newer versions of packages appear etc So it is necessary to make sure that the database that contains information about the packages is kept constantly up to date This is done with the command apt get update tjener apt get update Get 1 http ftp skolelinux no sarge local Packages 17 4kB Ign http ftp skolelinux no sarge local Release Get 2 http non us debian org sarge non US main Packages 20B Get 3 http non us debian org sarge non US main Release 102B 100 Fe o0 2 0 0 poo poo 18 19 ht ht ht ht ht ht htt htt htt htt ttp ttp ttp ttp LLpt ttp Chapter 8 Fine tuning non us debian org sarge non US contrib Packages 20B non us debian org sarge non US contrib Release 105B non us debian org sarge non US non fr Packages non us debian org sarge non US non fr Releas ftp debian org sarge main Packages 3347kB Oe to tO fg Ono TO g ng p security debian org sarge updates main Packages security debian org sarge updates main Release security debian org sarge updates contrib Packages 20B 106B 155kB 110B security debian org sarge updates contrib Release 1 security debian org sarge updates non fr Packages
209. ub The key fingerprint is 81 12 31 59 04 10c d0 da 23 1a 72 56 38 87 12 a5 root tjener intern When asked for a passphrase just leave that empty and when asked for file to save key on just press Enter accepting the default After you have generated the SSH keys you must transfer the public part of this key to the machine on the outside and on this machine place it in the file ssh authorized keys Make sure you do this in a safe way not via a Hotmail account The best would be to use the SSH equivalent scp You achieve this with the commands from the machine with the backdoor script running where you just generated the SSH keys issue the command ssh copy id i root ssh id_dsa pub RUSER RHOST Now you should be able to start the backdoor script with the command etc init d open backdoor start and with the command ssh p RPORT RUSER G localhost you should be able to login from the remote machine to your Skolelinux Debian edu machine very comfortably In the above commands you must replace the values for RPORT RUSER and RHOST with those that apply to your situation Tip Now is definitely the time to brush up your knowledge of scp man scp or write man scp in the address field in Konqueror Chapter 1 Where and How to Get Help Man in the Middle Attack If you have a backdoor script running on many different Skolelinux Debian edu machines then you will experience a frequent warning when trying to login to localhost
210. ult 8 8 Do the Network Cards Work With the command ifconfig you can see the current condition of the network cards Tip This command is also good for finding out which IP address the machine has as well as its MAC address which is called HWaddr Another way to collect MAC addresses is to have a look at the syslog file at the time that you start up the machine whose MAC address you want to find Then all you have to do is cut and paste Use the command as root tail f var log syslog then you will see something like Jun Jun Jun Jun N NNN 22 52 28 tjener dhcpd 2 22 52 28 tjener dhcpd 2 22 52 29 tjener dhcpd 2 22 52 29 tjener dhcpd 2 DHCPDISCOVER from 00 02 b3 8f 66 76 via eth1 DHCPOFFER on 192 168 0 13 to 00 02 53 8 66 76 via ethl DHCPREQUEST for 192 168 0 13 from 00 02 53 8f 66 76 via ethl DHCPACK on 192 168 0 13 to 00 02 53 8 66 76 via ethl NS MN DS X x XX Use CTRL C to stop the process This is what the output from the ifconfig on a mainserver should look tjener ifconfig etho Link encap Ethernet HWaddr 00 04 75 81 AA 78 inet addr 10 0 2 2 Bcast 10 0 3 255 Mask 255 255 254 0 UP BROADCAST RUNNING MULTICAST MTU 1500 Metric 1 RX packets 27892 errors 0 dropped 0 overruns 0 frame 0 TX packets 26194 errors 0 dropped 0 overruns 0 carrier 0 collisions 5 txqueuelen 100 RX bytes 23495725 22 4 MiB TX bytes 2810447 2 6 MiB Interrupt 11 Base address 0xdc00 97 lo Chap
211. ur hard drive is not recognised then you may need to manually load the driver module for your hard drive SCSI controller or your RAID controller do this in VT 2 see Section 6 2 3 Figure 6 9 Combining different profiles Combining different profiles As mentioned in Section 2 7 it is fully possible to combine different profiles in this case the machine will be installed with Main server and Thinclientserver After you have chosen which profile to install the necessary packages are installed Hopefully you have only chosen hardware that works out of the box with Skolelinux Debian edu Figure 6 10 Warning The contents of all your hard drives will be erased Erase all disks 52 Chapter 6 The First Stage of Skolelinux Debian edu Installation Warning Everything you have on your hard drives will be deleted when installing Skolelinux Debian edu don t try to avoid it Skolelinux Debian edu will not easily co exist together with any other operative system To continue with the installation you must choose Yes 6 2 8 Installation complete Figure 6 11 Installation complete Installation complete Make sure that the CD is not in the CD ROM when you restart the machine If you forget to remove it the installation will start all over again The first stage of installation is now complete well done Notes 1 There will be a GUI based installer available for the next stable release of Debian see GUI for DebianI
212. use the entire day on the job or you can use a nice combination of Perl and shell scripting The following little bit will replace every reference to kde2 with kde3 in all files that have the file type txt for F in txt do perl pi bak e s kde2 kde3 g F done What s fine about this command is that the original file is left untouched neither written over or deleted rather it is given an extra ending that is t xt bak This is nice especially when you find out that your change wasn t the right thing to do after all but you did do a backup anyway right See Section 8 5 3 181 Appendix F Contribute to this document and Skolelinux Debian edu F 1 Translate Once I m done with the rewrite and crude translation to English the tools sgml2xml and poxml will be used so that this file easily can be translated to any language The id tags in the titles will be removed when I m done with the rewrite they are there so that I can better organise the layout of the document the TODO notes will also be fixed later F 2 Test Skolelinux Debian edu on your computer with an emulator qemu Get latest version from http fabrice bellard free fr qemu at the time of writing that is 0 8 0 Unpack and create a disk that is big enough qemu img create mnt qemu disk 6000 This will create a 6GB disk the funny thing is that this size is not real before you start filling it up inside qemu That means you can actually create a bigge
213. ux Debian edu from the CD sese 47 6 2 DISKS not Tound ecco ettet tete Pn etr eR Hein Rode o das EE EO ER eo eio e 48 6 4 Choosing Language repete iO rtt i eere berries 49 6 5 Virtual terminal VT uten UR DU REDOU RE E aod ERR Sates 49 6 6 Information about the Various Profiles 1 sess enne 50 6 7 Information about the Various Profiles 2 esses eene nennen 50 6 8 The Various Profiles in Skolelinux Debian edu seen 52 6 9 Combining different profiles 20 0 eee eee eececeeeeseeseceeceeeeseecaecaeesaecaecsecseeeseaseseesaecaecaeseseeeeeaseaes 52 6 10 Warning The contents of all your hard drives will be erased ssesseees 52 6 11 Installation complete pedet eee er boa utet iet Ite tes Ea 53 7 1 Starting Skolelinux Debian edu from the Hard Drive with GRUB sssssssseeeee 54 7 2 Skolelinux Debian edu Boot in Progress essent nennen eene entrent 7 3 Fancy Skolelinux Debian edu Boot in Progress eee nennen 57 7 4 Welcome to your new Debian System sessi nee etr enne nennen 57 7 5 The Root Password enr eed ri etre OE PR EU Eir EEEN Ter PEETS E 57 7 65 Type Tn passwords eh bo teilt eed def rtp cte reddentes 58 7 1 Repeat password 45 aso bue asientos 58 7 8 Installation is Complete the Necessary Reboot ssseseeeeeeeenen enne 59 viii 7 9 Installation is Compl
214. ux User Group Friheden til at skrive boger Freedom to Write Books This is a Danish Linux User Group LUG Linux User Group They have about 1830 pages of very well written Linux documentation all in Danish All of these pages can be downloaded or read online in various formats such as html ps pdf Palm Pilot These pages are organised into 15 different books all available from Skane Sj lland Linux User Group http www linuxbog dk Chapter 1 Where and How to Get Help 1 5 4 The Linux Documentation Project More in depth books and guides are located in The Linux Documentation Project all in English as well as other languages The Linux Documentation Project http www tldp org Tip A lot of already available documentation is ready to be installed on your Skolelinux Debian edu machine Have a look at what is available with apt cache search Idp and also apt cache search documentation more scroll down the list with the spacebar and install what you find interesting with the command apt get install packagename if wanted to install the package doc linux html would issue the command apt get install doc linux html look at section Section 8 9 for more on howto install additional packages 1 5 5 Manuals for OpenOffice org The Norwegian Board of Education L ringssenteret have published small handy manuals in Norwegian for the different components of OpenOffice org such as Writer Impress Calc Draw
215. ve and that the machine has been configured in BIOS to boot from floppy Figure 3 12 Coyote Linux Login Coyote Linux console You may now login use the username root and the password you set when you created the floppy if you did this from Windows or just press Enter empty password to login if you made the floppy on Linux Note It s quit common that there is absolutely no visual feedback when you type in a password in Linux system this is in order to reveal as little information about your password as possible Figure 3 13 menu status of network down menu status of network Once inside press c to get the status of your network In this case we have a problem Figure 3 14 menu status of network up menu status of network If all has gone well they will both be up 25 Chapter 3 Firewall Router for Skolelinux Debian edu Q It appears that the network card LAN that goes to the Skolelinux Debian edu network is not working DOWN A If you have configured your network card according to A but it s still not working then maybe you have chosen the wrong driver module for your network card Q It appears that the network card WAN that is connected to the Internet is not working DOWN A There are two obvious reasons why the WAN network card is not UP 1 You are trying to connect using the wrong Internet connection type Have a look again at 2 b If you have a connection with a DHCP assigned address and not a
216. xits Reassign ownership of the console to root this should disallow assignment of console output to any random users s xterm See Xstartup chown root dev console chmod 622 dev console usr share debian edu config tools logoutkill sh SUSER if grep qs use sessreg etc kde3 kdm kdm options amp amp which sessreg gt dev null 2 gt amp 1 then xec sessreg d 1 SDISPLAY u var run utmp x etc kde3 kdm Xservers SUSER NOTREACHED This script will make certain that all processes currently run by a user will really be terminated when he logs out with the exception of root processes D 4 Placing Desktop Icons for Several Users Simultaneously For more information about desktop icons and menus see Chapter 10 Sometimes it can be nice for all users to have a specific desktop icon If you have 1000 users then it s even nicer if you can place that icon on everyone s desktop in one sweep 178 Appendix D Various Homemade Solutions All shortcuts are really a file These files are stored in the directory Desktop in the user s home directory For example the file that represents the shortcut to the web browser Mozilla is Mozilla Navigator desktop the contents of the file start with Desktop Entry Type Application Exec mozilla ame Mozilla Navigator Comment Mozilla Navigator Icon usr share pixmaps mozilla xpm This is where you find information about where the program is instal
217. xiv Reboot system When you need to reboot Coyote Linux you can do so from this Main Menu item You will have to reconfirm this option Figure 3 18 Reboot or shutdown Coyote Linux FIXME 19 description of image 3 8 Login via SSH Sometimes it might be necessary to login to Coyote Linux when there is no web browser available or if you prefer to use the command line Then you can use ssh to connect to Coyote Linux If you are logged in to a machine in the Skolelinux Debian edu network then you use ssh 1 root 10 0 2 1 to login to Coyote Linux If you are outside of the Skolelinux Debian edu network you must replace the value 10 0 2 1 with the appropriate value as seen for network card WAN in i In this case it would be ssh l root 192 168 1 10 You will be met by almost the same choices as when logged into the Coyote Linux web administrator but presented in a text based menu Coyote Linux Gateway Configuration Menu 1 Edit main configuration file 2 Change system password 3 Edit rc local script file 4 Custom firewall rules file 5 Edit firewall configuration 6 Edit port forward configuration c Show running configuration f Reload firewall r Reboot system w Write configuration to disk q quit e Exit Selection 3l Chapter 3 Firewall Router for Skolelinux Debian edu You have almost the same options as when logged into the Coyote Linux web administrator see Section 3 7 for a brief description of
218. y to print it out clip it up and give it to the user 11 1 3 New users Figure 11 6 The format of the importfile in a spreadsheet 10 users in a spreadsheet It is also possible to add an entire class of users or even a whole school By using the other way of adding users that is the so called semicolon separated file You can use a spreadsheet to create your batch of users and then save as csv comma separated value 10 users with username first name last name and password might look like this This file is formatted with the different fields separated by a semicolon You can create this file by exporting it to a semicolon separated file from the school s database of attending pupils or by exporting from OpenOffice org Calc Excel or by using a regular simple text editor such as nano Most schooladministrative systems also have option of exporting to csv format Figure 11 7 File Import FIXME 69 description of image 156 Chapter 11 Useradministration with WLUS in Webmin In order to use the file import function you have to scroll down to the bottom of the page where you find a dialogue box for adding users from file Click on browse to find your file with the semicolon separated users When you have found that file click on Add users from file Figure 11 8 Importing Users from File FIXME 70 description of image When you have got the file with the users you will see the different semicolon separated items listed in
219. yote Linux that is discontinued there will be a replacement based on installation to harddrive available instead A short summary on things you need to create a Coyote Linux firewall router for Skolelinux Debian edu Just about any old computer anything from Pentium 133MHz CPU and upward with 16MB of RAM or more no need for a hard drive or CD ROM Two network cards they can be type ISA or PCI A mix is possible 10Mbit or LOOMbit support for 1Gbit should be available Any type of network card supported by the Linux kernel is usable but since there is no automatic detection of what kind of network card you are using you must specify yourself when creating the Coyote Linux floppy which drivers your network card uses This means that it might be a bit troublesome to use no name network cards Personally I prefer to use network cards from the manufacturer 3Com as almost all PCI network cards from them use the module 3c59x Short List of Network cards I use with Success in my Coyote Linux Machines and Their Corresponding Driver Modules 1 3Com509 Module 3c509 2 3Com900 Module 3c59x 3 Intel Ethernet Pro 100 Module eepro100 4 3Com590 Module 3c59x 5 RTL8139 Module 8139cp or 8139too Chapter 2 Getting the Right Hardware 2 diskettes preferably new and unused 1 crossover network cable to connect Coyote Linux via the LAN network card to the Skolelinux Debian edu eth0 network card A machine with a floppy drive and
220. you have logged in to Webmin you will see this welcome screen for WLUS Because we haven t added any users yet it would be natural for us to choose New User s But before we do that we may want to adapt WLUS to our needs Figure 11 3 Configuration of WLUS Configuration of WLUS By clicking on Module Config we can change how strict we want our password policy to be as well as where we want to put our users home directories plus other things When you are done making your changes click on Save Then you are ready to create new users The first thing you need to do is make a test user This is a user that functions as a template for setting up things exactly the way you want it to be for all of your users Have a look at Chapter 10 153 Chapter 11 Useradministration with WLUS in Webmin Note All these configuration is stored in the file etc webmin 1ldap users config which you can edit directly with a texteditor such as nano 11 1 1 Manually move homedirectory and update info in Idap If you prefer to have you users grouped into different directories maybe according to which group they belong to then you change that here in the files with The prefix of the user home directory Make sure you first create that sub directory with mkdir skole tjener home0 2006 then you can use in the prefix field skole t jener home0 2006 From then on all users that you create will be placed in Skole t jener home0 2006 change that late
221. you see the screen that describes the different profiles 50 Chapter 6 The First Stage of Skolelinux Debian edu Installation There is plenty of editor available I ve standardized on the one called nano throughout this document It is installed by default and it contains helptext and is rather easy to use unlike others which is generally more powerful but nano suffices There is more about nano in Section 8 2 2 For now now I just say that when you start nano you ll see at the bottom something like this G Get Help O WriteOut R Read File Y Prev Page X Exit J Justify W Where Is V Next Page The symbol means that you should press CTRL in combination with the letter e g CTRLand X is Exit The different table files corresponds to different profiles like this Main Server table corresponds to the profile Mainserver see Section 2 2 e Workstation Thin Client Server table corresponds to the profile Thinclient server see Section 2 3 Workstation table corresponds to the profile Workstation see Section 2 5 Main Server4 Workstation table corresponds to a combination of Mainserver and Workstation see Section 2 7 Main Server Thin Client Server table corresponds to a combination of Mainserver and Thinclient server see Section 2 7 If you wanted to increase the size of usr when installing the profile Mainserver you would in VT2 write nano etc autopartkit Main Server table there you will see the l
Download Pdf Manuals
Related Search