- Page 2 and 3:
The Debian Administrator's Handbook
- Page 4 and 5:
3.1.3 Integration with Other Linux/
- Page 6 and 7:
6.5 Checking Package Authenticity .
- Page 8 and 9:
9.4.1 Administrating On a Web Inter
- Page 10 and 11:
11.5 Seing Up Windows Shares with S
- Page 12 and 13:
14.2 Firewall or Packet Filtering .
- Page 14 and 15:
B.2.2 The User's Home Directory . .
- Page 17 and 18:
Foreword Linux has been garnering s
- Page 19 and 20:
Book Structure Following the struct
- Page 21 and 22:
While we were obviously satisfied w
- Page 23 and 24:
Tobias Gruetzmacher, Tournier Simon
- Page 26 and 27:
Keywords Objective Means Operation
- Page 28 and 29:
1.1. What Is Debian? CULTURE Origin
- Page 30 and 31:
TOOL Installer debian-installer is
- Page 32 and 33:
COMMUNITY Upstream author, or Debia
- Page 34 and 35:
➨ http://www.opensource.org/licen
- Page 36 and 37:
1.3.1. The Debian Developers Debian
- Page 38 and 39:
with the changelog.gz file (or equi
- Page 40 and 41:
were only lile challenges at the be
- Page 42 and 43:
can always fine-tune these paramete
- Page 44 and 45:
PERSPECTIVE Debian for multimedia A
- Page 46 and 47:
Each specific service has its own s
- Page 48 and 49: tool. Whether used in graphical or
- Page 50 and 51: Figure 1.2 Compilation of a package
- Page 52 and 53: their work. The next step is the in
- Page 54 and 55: 28 The Debian Administrator's Handb
- Page 56 and 57: Keywords Falcot Corp SMB Strong Gro
- Page 58 and 59: We have envisioned this case study
- Page 60 and 61: Several factors have dictated this
- Page 62: • A survey of several French serv
- Page 65 and 66: Chapter Analyzing the Existing Setu
- Page 67 and 68: Figure 3.1 Coexistence of Debian wi
- Page 69 and 70: Figure 3.2 Database backups Each se
- Page 71 and 72: HARDWARE Next-generation PC Most re
- Page 74 and 75: Keywords Installation Partitioning
- Page 76 and 77: BACK TO BASICS A catch-up course in
- Page 78 and 79: copy the previously downloaded ISO
- Page 80 and 81: of the two, and GRUB, a more modern
- Page 82 and 83: Figure 4.3 Selecting the country 4.
- Page 84 and 85: 4.2.9. Configuring the Clock If the
- Page 86 and 87: (swap) will be stored. This task is
- Page 88 and 89: Figure 4.9 Guided partitioning The
- Page 90 and 91: IN PRACTICE Shrinking a Windows par
- Page 92 and 93: “Create a volume group”, to whi
- Page 94 and 95: Figure 4.12 Selecting a Debian mirr
- Page 96 and 97: accessible from the boot menu. You
- Page 100 and 101: Keywords Binary package Source pack
- Page 102 and 103: This chapter describes the structur
- Page 104 and 105: • control.tar.gz. This archive fi
- Page 106 and 107: “or”, as opposed to meaning “
- Page 108 and 109: Providing a “Service” Let us di
- Page 110 and 111: virtual packages and it is likely t
- Page 112 and 113: 6. dpkg will update the configurati
- Page 114 and 115: the file; --force-confnew will use
- Page 116 and 117: 0EnvMTfMpeQOA68ZqsNpUjomv5r/EGwdCbA
- Page 118 and 119: 5.4. Manipulating Packages with dpk
- Page 120 and 121: -force-* option. In this case, if t
- Page 122 and 123: csplit cut date dd df dir dircolors
- Page 124 and 125: above all, to keep a history of the
- Page 126 and 127: Keywords apt-get apt-cache aptitude
- Page 128 and 129: APT is the abbreviation for Advance
- Page 130 and 131: TIP /etc/apt/sources.list.d/ *.list
- Page 132 and 133: ➨ http://www.apt-get.org/ The men
- Page 134 and 135: # aptitude remove package1+ package
- Page 136 and 137: users who work daily with the Debia
- Page 138 and 139: tories). It also gives the name of
- Page 140 and 141: ut the version available in Stable
- Page 142 and 143: category). u updates the lists of a
- Page 144 and 145: When you select the former for inst
- Page 146 and 147: provides a tamper-proof seal to gua
- Page 148 and 149:
# deborphan | xargs aptitude remove
- Page 150 and 151:
packages are not in the latest avai
- Page 152 and 153:
6.8.2. Configuring APT The case of
- Page 154 and 155:
For more complex searches, a more p
- Page 156 and 157:
Keywords Documentation Solving prob
- Page 158 and 159:
7.1. Documentation Sources Before y
- Page 160 and 161:
$ apropos "copy file" cp (1) - copy
- Page 162 and 163:
TIPS From error to solution If the
- Page 164 and 165:
example is specific to a particular
- Page 166:
(hp://bugs.debian.org/package) to e
- Page 169 and 170:
Chapter Basic Configuration: Networ
- Page 171 and 172:
length. This allows encoding all Un
- Page 173 and 174:
with Asian languages due to their n
- Page 175 and 176:
8.2.1. Ethernet Interface If the co
- Page 177 and 178:
8.2.3.2. Modems Supporting PPTP The
- Page 179 and 180:
8.3.1. Name Resolution The mechanis
- Page 181 and 182:
• password: this is a password en
- Page 183 and 184:
BACK TO BASICS Working with several
- Page 185 and 186:
For bash, it is useful to activate
- Page 187 and 188:
BACK TO BASICS Master boot record T
- Page 189 and 190:
lrwxrwxrwx 1 root root 10 23 jul. 0
- Page 191 and 192:
stores correspondences that it dete
- Page 193 and 194:
# last kernel installed image=/vmli
- Page 195 and 196:
8.9.2. Time Synchronization Time sy
- Page 197 and 198:
8.9.5. List of Mount Points BACK TO
- Page 199 and 200:
GOING FURTHER Auto-mounting The am-
- Page 201 and 202:
$ mkdir ~/kernel; cd ~/kernel $ tar
- Page 203 and 204:
As you can see, the package is crea
- Page 205 and 206:
NOTE make-kpkg --added-patches Unti
- Page 208 and 209:
Keywords System boot Initscripts SS
- Page 210 and 211:
9.1. System Boot When you boot the
- Page 212 and 213:
therefore no longer taken into cons
- Page 214 and 215:
which are stored in /etc/init.d/. T
- Page 216 and 217:
$ scp file machine:/tmp/ sftp is an
- Page 218 and 219:
eview. He also did not clearly iden
- Page 220 and 221:
Figure 9.3 Forwarding a remote port
- Page 222 and 223:
• reading (symbolized by r as in
- Page 224 and 225:
If you give it a new octal value, t
- Page 226 and 227:
DEBIAN POLICY Preserving changes Th
- Page 228 and 229:
sign (=), it corresponds to precise
- Page 230 and 231:
talk dgram udp wait nobody.tty /usr
- Page 232 and 233:
Be careful, however, if the order i
- Page 234 and 235:
9.8. Scheduling Asynchronous Tasks:
- Page 236 and 237:
GOING FURTHER Seing up a default qu
- Page 238 and 239:
the expiration date associated with
- Page 240 and 241:
characteristics may vary after a re
- Page 242 and 243:
• $major or %M: the kernel major
- Page 244 and 245:
9.12. Power Management The topic of
- Page 246 and 247:
Keywords Network Gateway TCP/IP IPv
- Page 248 and 249:
10.1. Gateway A gateway is a system
- Page 250 and 251:
net.ipv4.conf.default.forwarding =
- Page 252 and 253:
export KEY_DIR="$EASY_RSA/keys" ech
- Page 254 and 255:
Data Base Updated $ ./build-dh Gene
- Page 256 and 257:
Section 8.2.4, “Automatic Network
- Page 258 and 259:
# vpn.falcot.com is the PPTP server
- Page 260 and 261:
# # 4. If you give a single localIP
- Page 262 and 263:
It is also possible to alter the pr
- Page 264 and 265:
zebra daemon collects information f
- Page 266 and 267:
e restricted, in the same fashion a
- Page 268 and 269:
zone "internal.falcot.com" { type m
- Page 270 and 271:
address and the network where the m
- Page 272 and 273:
10.8.1. Local Diagnosis: netstat Le
- Page 274 and 275:
As expected, the SSH and Exim4 appl
- Page 276 and 277:
Keywords Postfix Apache NFS Samba S
- Page 278 and 279:
11.1. Mail Server The Falcot Corp a
- Page 280 and 281:
EXTRA erying the MX records When th
- Page 282 and 283:
virtual_alias_domains = falcotsbran
- Page 284 and 285:
11.1.3.1. IP-Based Access Restricti
- Page 286 and 287:
11.1.3.3. Accepting or Refusing Bas
- Page 288 and 289:
those applying to the email body. h
- Page 290 and 291:
efore Postgrey. If the client is no
- Page 292 and 293:
This new configuration is taken int
- Page 294 and 295:
11.2. Web Server (HTTP) The Falcot
- Page 296 and 297:
QUICK LOOK Apache supports SNI Star
- Page 298 and 299:
• MultiViews enables content nego
- Page 300 and 301:
information it contains; SiteDomain
- Page 302 and 303:
perfectly correct, the clients do a
- Page 304 and 305:
options lockd nlm_udpport=2045 nlm_
- Page 306 and 307:
11.5.1. Samba Server The samba pack
- Page 308 and 309:
# If you are using encrypted passwo
- Page 310 and 311:
Two extra shares, and their associa
- Page 312 and 313:
11.6. HTTP/FTP Proxy An HTTP/FTP pr
- Page 314 and 315:
11.7.1. Installing The slapd packag
- Page 316 and 317:
Question Answer X.500 naming contex
- Page 318 and 319:
11.7.3.2. Configuring PAM This sect
- Page 320 and 321:
SLURPD_START=auto # slapd normally
- Page 322 and 323:
Keywords RAID LVM FAI Preseeding Mo
- Page 324 and 325:
12.1. RAID and LVM Chapter 4, Insta
- Page 326 and 327:
a logical volume of the same size a
- Page 328 and 329:
• finally, a sdh disk, still 4 GB
- Page 330 and 331:
# mdadm --detail /dev/md1 /dev/md1:
- Page 332 and 333:
UUID : 20a8419b:41612750:b9171cfe:0
- Page 334 and 335:
again due to having been probed dur
- Page 336 and 337:
e clustered into one VG and the slo
- Page 338 and 339:
VG Access read/write VG Status resi
- Page 340 and 341:
# ls -l /dev/dm-* brw-rw---- 1 root
- Page 342 and 343:
# df -h /srv/files/ Filesystem Size
- Page 344 and 345:
to be reconstructed, thereby limiti
- Page 346 and 347:
12.2. Virtualization Virtualization
- Page 348 and 349:
• The hypervisor itself. Accordin
- Page 350 and 351:
RSA Fingerprint : Root Password : 5
- Page 352 and 353:
TIP Geing the console straight away
- Page 354 and 355:
LXC also requires the control group
- Page 356 and 357:
oot@scouzmir:~# Note that the files
- Page 358 and 359:
We haven't described all the availa
- Page 360 and 361:
Cannot open display: Run 'virt-view
- Page 362 and 363:
• resume to unpause it; • autos
- Page 364 and 365:
• installing the base system; •
- Page 366 and 367:
Booting From the Network When a com
- Page 368 and 369:
Note also that the commands will ne
- Page 370 and 371:
a feature that each plugin must pro
- Page 372 and 373:
was displayed during installation,
- Page 374 and 375:
define host{ use generic-host ; Nam
- Page 376:
350 The Debian Administrator's Hand
- Page 379 and 380:
Chapter Workstation13 Contents Conf
- Page 381 and 382:
(==) Matched vesa as autoconfigured
- Page 383 and 384:
administrator makes explicit change
- Page 385 and 386:
Figure 13.1 The GNOME desktop For a
- Page 387 and 388:
Figure 13.3 The Xfce desktop 13.4.
- Page 389 and 390:
Figure 13.5 The KMail email soware
- Page 391 and 392:
them in its main section. Rather th
- Page 393 and 394:
Since the IRC protocol is very old,
- Page 395 and 396:
ing on these formats, only the ones
- Page 398 and 399:
Keywords Firewall Netfilter IDS/NID
- Page 400 and 401:
14.1. Defining a Security Policy CA
- Page 402 and 403:
BACK TO BASICS Firewall A firewall
- Page 404 and 405:
➨ http://www.faqs.org/rfcs/rfc777
- Page 406 and 407:
The previous section lists availabl
- Page 408 and 409:
of the /etc/network/interfaces file
- Page 410 and 411:
The gnome-system-monitor and qps gr
- Page 412 and 413:
# debsums -p /var/cache/apt/archive
- Page 414 and 415:
a desktop machine is far from being
- Page 416 and 417:
Figure 14.4 Automatic transitions b
- Page 418 and 419:
➨ http://wiki.debian.org/SELinux
- Page 420 and 421:
Similarly, TCP/UDP ports are labele
- Page 422 and 423:
## Domain allowed to transition. ##
- Page 424 and 425:
1 3 Those interfaces define the mya
- Page 426 and 427:
e confined. In any case, you will h
- Page 428 and 429:
possible, but if the web applicatio
- Page 430 and 431:
14.5.6. Physical Security There is
- Page 432 and 433:
following sections), then isolating
- Page 434 and 435:
www.falcot.com 200.58.141.84 - - [2
- Page 436 and 437:
Keywords Backport Rebuild Source pa
- Page 438 and 439:
15.1. Rebuilding a Package from its
- Page 440 and 441:
TOOL fakeroot In essence, the packa
- Page 442 and 443:
the package is created in the curre
- Page 444 and 445:
- contacts for each department. . T
- Page 446 and 447:
The second entry matches the first
- Page 448 and 449:
means that signatures need not be v
- Page 450 and 451:
• In a similar fashion, debc allo
- Page 452 and 453:
documents; this is no longer the ca
- Page 454 and 455:
Keywords Future Improvements Opinio
- Page 456 and 457:
16.1. Upcoming Developments Weeks (
- Page 459 and 460:
Appendix Derivative Distributions A
- Page 461 and 462:
➨ http://www.knopper.net/knoppix/
- Page 463 and 464:
Appendix Short Remedial Course B Co
- Page 465 and 466:
B.1.3. Searching for Files and with
- Page 467 and 468:
• /usr/: applications; this direc
- Page 469 and 470:
TOOL Setup, the BIOS configuration
- Page 471 and 472:
These programs have a -v option, th
- Page 473 and 474:
B.4.5. Rights Management Unix-like
- Page 475 and 476:
IN PRACTICE A concrete example Let'
- Page 477 and 478:
Index _ .d, 110 .desktop, 357 .htac
- Page 479 and 480:
BackupPC, 210 bash, 158 Basic Input
- Page 481 and 482:
Debian Maintainer, 425 Debian Polic
- Page 483 and 484:
GECOS, 154 General Public License,
- Page 485 and 486:
Kopete, 367 krdc, 194 krfb, 194 Kub
- Page 487 and 488:
kernel modules, 185 mondo, 212 moni
- Page 489 and 490:
ping, 378 pipe, 448 pipe, named pip
- Page 491 and 492:
name, 240 NTP, 169 SMTP, 252 web, 2
- Page 493 and 494:
V Venema, Wietse, 204 version, comp