Linux Installation and Configuration Notes

This page contains random notes about my experiences while installing and using Debian Linux (Version 3.0) on a Dell Poweredge 400SC machine. Installation notes for Sarge (Version 3.1) on a Dell Inspiron 8600 laptop are also available.

Since it's relevant, here are the specs for the box, some of which were determined using the lspci command:

• Dell Poweredge 400SC
• Pentinum 2.26 GHz processor
• 512 MB RAM
• Multimedia audio controller: Intel Corp.: Unknown device 24d5 (rev 02)
• VGA compatible controller: ATI Technologies Inc Rage XL (rev 27)
• Ethernet controller: Intel Corp.: Unknown device 100e (rev 02)

Note: I originally started out with the Debian 3.0 installation CD from linuxiso.org, but after getting everything installed I discovered that the kernel on this CD does not support my NIC, and a web server that can't connect to the network isn't terribly useful.

Installation Steps:

1. Download a Dell Debian installation ISO from http://linux.dell.com/distributions.shtml and burn it to CD.
2. Boot the server using the new CD image.
3. Follow the instructions on screen, noting the following:
   • You will probably want a swap partition that is the same size as the amount of system RAM.
   • Do not install any modules, they were included in the Dell installation ISO image.
   • When asked for apt sources, use http.
   • To get the network adapter working I had to do an ALT-F2 after rebooting and then edit the /etc/network/interfaces file to include the line auto eth0
   • I also initially got errors when apt tried to resolve the Debian host URL. After using ALT-F2 to get a new window and pinging the host there weren't any further issues.

This install seems to be using DHCP happily for networking, but in past installs I've had to set nameserver values by doing the following:

1. Update the /etc/resolv.conf file to contain the line "nameserver xx.xx.xx.xx" where xx.xx.xx.xx is the nameserver provided by your ISP.
2. Update the /etc/dhclient.conf file with the line "supersede domain-name-servers xx.xx.xx.xx" where xx.xx.xx.xx is the nameserver provided by your ISP. If this step is overlooked then the DHCP client will use the default router nameserver after every reboot.

If installing the Debian testing or unstable distributions, you will need to follow these steps after getting a basic system up and running:

1. Edit the /etc/apt/sources.list file to read:
   deb http://http.us.debian.org/debian testing main contrib non-free
#deb http://http.us.debian.org/debian stable main contrib non-free
#deb http://ftp.us.debian.org/debian/ stable main non-free contrib
#deb-src http://ftp.us.debian.org/debian/ stable main non-free contrib
deb http://non-us.debian.org/debian-non-US testing/non-US main contrib non-free
#deb http://non-us.debian.org/debian-non-US stable/non-US main contrib non-free
#deb http://security.debian.org/ stable/updates main contrib non-free
2. As root execute the command "apt-get dist-upgrade". Then go rent a video or something because this will take a while.
3. After the upgrade is complete, reboot and then as root run the "dselect" command to select and install the packages you want on your machine.

In order to get the latest fixes and drivers it will probably be necessary to upgrade kernels much more frequently than Debian makes releases. The process is surprisingly easy, although backups are a must. Note that after installation the Debian kernel configuration is listed in /boot/config-2.4.25-bf2.4 (note the name changes depending on kernel version). In addition, the list of currently installed modules can be retrieved with the lsmod command. Finally, http://oregonstate.edu/~kveton/kernel/ provides the following overview for using the Debian kernel package manager.

To upgrade from the default Debian install kernel:

1. Download the latest kernel source from kernel.org into the /usr/src/ directory.
2. Install the kernel-package, libncurses5, and libncurses5-dev packages using dselect.
3. From the /usr/src/ directory, do a "tar xvfz kernel-source" on the downloaded kernel source
4. To maintain your existing configuration, do a cp /boot/config-2.4.25-bf2.4 /usr/src/linux-2.4.25/.config, replacing the kernel versions as appropriate.
5. Execute the command make menuconfig.
6. Execute the command make-kpkg kernel-image.
7. Execute the command dpkg -i kernel-image-2.4.25_10.00.Custom_i386.deb.
8. Reboot.

To upgrade a previously upgraded kernel:

1. Download the latest kernel source from kernel.org into the /usr/src/ directory.
2. From the /usr/src/ directory, do a "tar xvfz kernel-source" on the downloaded kernel source
3. Copy the ".config" from the old /usr/src/linux-2.4.25 directory to the new /usr/src/linux-2.4.26 directory. Note: I tried just using make oldconfig and encountered errors, so I recommend copying the .config file and letting make-kpkg deal with configuration differences.
4. Change directory to the untarred kernel source directory (ie cd /usr/src/linux-2.4.26)
5. Execute the command make-kpkg kernel-image. This command will utilize your old configuration information and ask questions about any new configuration items.
6. Execute the command dpkg -i kernel-image-2.4.26_10.00.Custom_i386.deb.
7. Reboot.

In order to access my Windows partitions from Linux I found this site and this site invaluable.

1. Create a new directory in Linux (ie /mnt/windows) under which the Windows partition should be visible in Linux.
2. Determine the Windows partition information by running the command fdisk -l. This command will list all partitions available to the system.
3. Mount the partition using the information determined from fdisk, ie mount /dev/hda5 /mnt/windows.
4. Update the /etc/fstab file with information for the Windows partition:
   
   For VFAT: /dev/hda6 /mnt/windows vfat umask=0,quiet 0 0
   
   For NTFS: /dev/hda6 /mnt/windows ntfs ro,noauto,user 0 0
   
   What the above line says is that the partition should be mounted in the /mnt/windows directory and that permission should be granted to all users.

Dynamic DNS.org provides a way to have a static web address (ie mountaininterval.org) even though the ISP is continually changing the IP address. To make this service work I run a client called ddclient. I've had troubles with the Debian package for this client, so I simply downloaded and installed it on my own. The steps to get this client running are:

1. Download and unzip the package
2. Read the README file
3. Copy the "ddclient" executable to /usr/sbin/.
4. Update the sample-etc_ddclient.conf file and copy it to /etc/ddclient.conf. My configuration file looks something like the following:
   daemon=300 # check every 300 seconds
syslog=yes # log update msgs to syslog
mail=root # mail all msgs to root
mail-failure=root # mail failed update msgs to root
pid=/var/run/ddclient.pid # record PID in file.
use=web, web=checkip.dyndns.org/, web-skip='IP Address'
protocol=dyndns2 # default protocol
server=members.dyndns.org # default server
login=login
password=password

server=members.dyndns.org, \
protocol=dyndns2 \
otterson.dyndns.org

custom=yes, \
server=members.dyndns.org, \
protocol=dyndns2 \
mountaininterval.org

5. Copy the sample-etc_rc.d_init.d_ddclient file to /etc/init.d/ddclient.
6. From the command line (as root) enter the command "update-rc.d ddclient defaults". This command will insure that ddclient is always started after reboots.

In order to keep my logs free from filling up with hits from the various Microsoft worms floating around the net I added the following lines to the /etc/apache/httpd.conf file:

Aliases:

Other values that I changed in the httpd.conf file:

• ServerName - Changed to www.mountaininterval.org
• DocumentRoot - Changed to the server location that I put all of the site's HTML files into.
• <Directory> - Changed to match the DocumentRoot value.
• HostnameLookups - Changed to "on" since I like to know where people are coming from

Also of note is that the command to restart Apache is "/usr/sbin/apachectl restart".

By default Debian rotates logs weekly. To change this update the /etc/logrotate.d/apache file.

This one took me a long time to solve: when installing Apache, the document root and ALL parent directories must have proper permissions. If one parent directory has restrictive permissions, no pages can be served.

The first step required to get Tomcat running is to install a JDK:

1. Download a Linux JDK package from Sun.
2. Make the downloaded file executable by executing the command "chmod 755 filename".
3. Execute the file, which will uncompress it into the current directory. If you would prefer to have it in a different directory simply move the uncompressed files (ie "mv jdk1.5.0 /usr/share/jdk1.5.0/").
4. Update environment variables:
   • In /etc/profile add the line JAVA_HOME=/JDK-install-folder/. In addition, update the PATH variable to contain the /JDK-install-folder/bin/ directory.
   • If Tomcat is installed, update the /etc/default/tomcat4 file to contain the line JAVA_HOME=/JDK-install-folder/.

Once the JDK is installed Tomcat can be installed by doing the following:

1. Using dselect, install the following packages:
   • tomcat4
   • libtomcat4-java
   • tomcat4-webapps - Sample Tomcat applications (optional)
   • libapache-mod-jk - Apache connector module for Tomcat (optional)
2. Once installed, the Tomcat configuration information will be in the /etc/tomcat4/ directory. Webapps are installed into the /var/lib/tomcat4/webapps/ directory.
3. To test the installation try viewing the http://localhost:8180/ page. If the page comes up, Tomcat is installed successfully. If the page does not come up, try running "/usr/bin/tomcat4 start" to view any error messages.

The libapache-mod-jk package allows Tomcat applications to be served using Apache as part of a normal web site (ie you don't need to specify port 8180 in the URL). To use libapache-mod-jk:

1. Update the /var/lib/tomcat/conf/mod_jk.conf file as follows:
   JkMount /*.jsp ajp13
JkMount /examples/* ajp13 # only if tomcat4-webapps was also installed

   If any other webapps are deployed then an additional entry is required in the mod_jk.conf file of the form "JkMount /myapp/* ajp13.
2. The /etc/tomcat4/server.xml must be updated to uncomment the "Ajp13Connector" section (see http://jakarta.apache.org/tomcat/tomcat-4.0-doc/config/ajp.html).
3. View http://your-site/examples/jsp/ and verify that the example servlets are running.

Once everything is running the following is worth noting:

• Tomcat logs are found in /var/log/tomcat4/.
• I kept getting a Java error about a missing file "/usr/bin/kaffe". I've got no clue what the hell that is, but some package installed a /usr/bin/java script that was calling /etc/java-vm. Modifying that file to contain only the line /JDK-install-folder/bin/java solved the problem. Note that this must be the topmost and ONLY line in the file.

See http://www.postgresql.org/docs/7.2/static/index.html or /usr/share/doc/postgresql-doc/.

By default postgres installs with permissions for user postgres, so most commands can only be run after doing a "su postgres".

To create a new database user run (as postgres) "/usr/lib/postgresql/bin/createuser" Note that by default the postgres user is set up without a password, so you may want to do a "passwd postgres" from the command line to set one.

To see a list of previously created databases run (as postgres) "/usr/lib/postgresql/bin/psql -l"

To create a database: /usr/lib/postgresql/bin/createdb dbname

To access the database: /usr/lib/postgresql/bin/psql dbname (\q to quit)

JDBC: Install the libpgjava package. Make sure that tcpip_socket in /etc/postgresql/postgresql.conf is either "1" or "true". The JDBC jar file is in /usr/share/java/postgresql.jar

For TCP/IP connections from the local host, modify the /etc/postgresql/pg_hba.conf file to contain the line:

See http://www.postgresql.org/docs/7.4/interactive/client-authentication.html for a discussion of Postgres access permissions.

To create a database user, execute the following commands:

/var/lib/postgres/.profile is the profile info for the postgres user.

To start the database: /etc/init.d/postgresql start

This drove me insane: I could connect to the database using psql database-name but would get the message "Password authentication failed for user user-name". The problem was finally analyzed by executing psql -h 127.0.0.1 database-name, revealing that the database user password wasn't set. To set this password, connect to the database with psql database-name and then execute the command alter user user-name with password 'password;.

Analog is a web server analysis tool. Install it using dselect, after which you will need to modify the /etc/analog.conf file. By default Debian does not install this file to create HTML output, so I made the following changes:

See also http://www.oreillynet.com/pub/a/security/2004/04/22/nessus.html.

I'm a bit paranoid about security, so I installed Nessus, which is a security auditing tool. To get this bad dog running, fire up the Debian dselect tool, then search for "nessus". Install the client and the server. By default the nessus server configuration file is installed into /etc/nessus/nessusd.conf. I did not change any of the server defaults.

To run nessus for the first time, do the following:

1. Start the nessus server daemon using nessusd -D &
2. Create a user using the nessus-adduser command.
3. Create a target file that contains only the address of the host being checked (ex. 127.0.0.1).
4. From the command line, type nessus -T html_graph -qx localhost 1241 username password target-file-location output-html-directory
5. The scan may take several hours. When the program finishes the results will be in the output directory specified.
6. Shut down the nessus server daemon by determining the process id (ps -ef | grep nessusd) and then killing the process (kill -9 process-id).

The wu-ftpd program was installed using dselect with no changes required.

For security reasons root login was disabled from SSH by updating the /etc/ssh/sshd_config file with:

To set the date and time, use the date command (as root):

Took me a while to figure this one out, but the command dpkg-reconfigure package-name provides a way to use the Debian package manager to reinstall a broken package.

I noticed that the syslog was filling up with all sorts of information from cron jobs, so I modified the /etc/syslog.conf file as follows:

Updating packages in Debian is a simple matter of executing the following two commands as root:

Other useful UNIX commands:

• df -k Shows the amount of disk space used on each disk.
• du -sk Shows the size of the current directory.

For a while, every time after I rebooted I got an email like the following:

Deleting the vi.eJGdOr file specified in the email headers finally solved this problem.