Debian GNU/Linux
links:
HP & Debian
Network tips
Interface bonding
/etc/network/interfaces
auto bond0 iface bond0 inet static address xxx.xxx.xxx.xxx netmask 255.255.255.0 network xxx.xxx.xxx.0 broadcast xxx.xxx.xxx.255 gateway xxx.xxx.xxx.1 up /sbin/ifenslave bond0 eth0 eth1
bridge setup
/etc/network/interfaces
auto br0 iface br0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 bridge_ports eth0 eth1 bridge_fd 0 bridge_hello 0 bridge_stp off
Perfect Debian Server Setup
Base instalation
Requirements
To install such a system you will need the following:
- A Debian Sarge Netinstall CD (available here)
- an internet connection since I will describe a network installation in this document
- Insert your Sarge Netinstall CD into your system and boot from it (enter
linux26
at the boot prompt to install a 2.6 kernel) - install only base system
- for RAID see: Setting SWRAID
- use lilo if plan to boot from raid devices
- use grub if you have hardware raid
Install/Remove Some Software
Now let's install some software we need later on and remove some packages that we do not need:
apt-get install wget bzip2 rdate nmap ssh taceroute-nanog links-ssl lynx fileutils iptaf iproute less tcpdump ntp-simple apt-get remove lpr nfs-common portmap pidentd pcmcia-cs
update-rc.d -f exim remove update-inetd --remove daytime update-inetd --remove telnet update-inetd --remove time update-inetd --remove finger update-inetd --remove talk update-inetd --remove ntalk update-inetd --remove ftp update-inetd --remove discard <- Yes
/etc/init.d/inetd reload
Configure The Network
Because the Debian Sarge installer has configured our system to get its network settings via DHCP, we have to change that now because a server should have a static IP address. Edit /etc/network/interfaces and adjust it to your needs.
# /etc/network/interfaces -- configuration file for ifup(8), ifdown(8) # The loopback interface auto lo iface lo inet loopback # The first network card - this entry was created during the Debian installation # (network, broadcast and gateway are optional) auto eth0 iface eth0 inet static address 192.168.0.100 netmask 255.255.255.0 network 192.168.0.0 broadcast 192.168.0.255 gateway 192.168.0.1 up /path/to/your/firewall.sh # up /sbin/ifconfig eth0 txqueuelen 1000 # 1000Mbits force
Use this firewall.sh as an example.
Edit /etc/resolv.conf
and add some nameservers:
search server nameserver xxx.xxx.xxx.xxx nameserver xxx,xxx,xxx,yyy
Edit /etc/hosts
and add your new IP addresses:
127.0.0.1 localhost.localdomain localhost server1 192.168.0.100 server1.example.com server1
Configuration optimization
/etc/syslog.conf
/etc/issue
/etc/host.conf
/etc/issue.net
/etc/motd
/etc/ntp.conf
/etc/sysctl.conf
- see this
/etc/default/rcS
# Set EDITMOTD to "no" if you don't want /etc/motd to be editted automatically EDITMOTD=no # Set FSCKFIX to "yes" if you want to add "-y" to the fsck at startup. FSCKFIX=yes
/etc/hosts.deny
ALL:ALL
/etc/hosts.allow
sshd: trusted-network/netmask
/etc/fstab
# /etc/fstab: static file system information. # # <file system> <mount point> <type> <options> <dump> <pass> /dev/md1 none swap sw 0 0 /dev/md2 /tmp reiserfs defaults,nodev,nosuid,noexec 0 0 /dev/md3 / ext3 errors=remount-ro 0 1 /dev/md4 /home reiserfs defaults,noatime 0 0 /dev/md0 /var reiserfs defaults,noatime 0 0
/etc/modules.conf - (e100 extra)
#options e100 e100_speed_duplex=2 #Valid Range: 0-4 (1=10half;2=10full;3=100half;4=100full) #Default Value: 0 # The default value of 0 sets the adapter to auto-negotiate. Other values # set the adapter to forced speed and duplex. # Example usage: insmod e100.o e100_speed_duplex=4,4 (for two adapters)
## #
Some dpkg-hacks
dpkg-query -W --showformat='${Package}\n' dpkg-query -W --showformat='${Installed-Size} ${Status} ${Package}\n' | sort -n dpkg --get-selections | awk '{ print $1; }'| tr "\n" " "
Sorting debian packages installed by size
dpkg-query --show --showformat='${Package;-50}\t${Installed-Size}\n' | sort -k2 -n
How to disable IPv6 in debian linux
/etc/modprobe.d/aliases
net ipv-10 off
net ipv6 off
Tips & troubleshooting
'apt-get' (Debian) says "E: Dynamic MMap ran out of room" and bails out
Create a file /etc/apt/apt.conf and put something like:
Apt::Cache-Limit 67108864;
in it. If it still fails, make that number higher.
apt-get (from Debian) suddenly segfaults
Delete the file '/var/cache/apt/pkgcache.bin' and re-run 'apt-get update'.
Create a backup list of packages and resinstall
sudo dpkg --get-selections > package_list.txt
Save the text file on a thumb drive, format the drive, reinstall Ubuntu/Debian, then to a
sudo dpkg --set-selections < package_list.txt sudo apt-get -y update sudo apt-get dselect-upgrade