Freie Software für Schulen

Manchmal, wenn Sie wirklich nicht mehr weiter wissen und überhaupt keine Idee haben, wie Ihr Problem zu lösen ist oder wenn Sie nicht einmal wissen, wie Sie Ihr Problem beschreiben sollen, kann es sehr beruhigend sein, zu wissen, dass es zahlreiche Mailinglisten gibt, die sich der Aufgabe verschrieben haben, Leuten wie Ihnen zu helfen.

Die Mailinglisten existieren für viele verschiedene Sprachen und sind auf die jeweiligen Bedürfnisse unterschiedlicher Nutzergruppen ausgerichtet. Verschaffen Sie sich einen Überblick unter: http://developer.skolelinux.no/mailinglister.html.de

Wenn Sie Hilfe bei der Einrichtung Ihres Emailprogramms benötigen, werfen Sie einen Blick auf „Kmail“.

Eine weitere Möglichkeit Hilfe zu erhalten, stellen die IRC Chat Räume von Skolelinux/Debian-edu dar. Die Nutzer und Entwickler tummeln sich vornehmlich in den Räumen: #debian-edu, #skolelinux, #skolelinux.de auf dem Server irc.debian.org. Wobei in den beiden erstgenannten Räumen vornehmlich auf Englisch und im letztgenannten auf Deutsch kommuniziert wird.

Die norwegischen Entwickler und Nutzer finden Sie vornehmlich im Raum #skolelinux im IRCnet (irc.pvv.ntnu.no, irc.ifi.uio.no, irc.uib.no).

Wenn Sie Hilfe bei der Einrichtung Ihres Chatprogramms benötigen, werfen Sie einen Blick auf „KSirc“.

Sobald Ihr Skolelinux/Debian-edu Computer mit dem Internet verbunden ist, können Sie anderen Personen gestatten, sich per Remote Login über SSH von einem entfernten Rechner auf Ihrem Computer anzumelden, um Ihnen zu helfen.

Zunächst müssen Sie hierzu ein Benutzerkonto anlegen. Unter „wlus - Webmin Ldap User Simple“ können Sie nachlesen, wie das geht. Im Folgenden gehe ich davon aus, dass dieser neue Nutzer das Nutzerkennzeichen (username) sshhelp hat. Gleichzeitig müssen Sie die Möglichkeit haben, sich auf dem Rechner ihres Helfers anmelden zu können. Dazu muss Ihr Helfer Ihnen seinerseits ein Nutzerkennzeichen und ein Passwort mitteilen. Ich gehe davon aus, dass dieses Nutzerkennzeichen helper ist. Wenn die Person, die Ihnen hilft an einem Rechner angemeldet ist, dessen IP Nummer 127.217.148.238 lautet, können Sie den Befehl

verwenden, um einen SSH Tunnel über Port 2100 zu initiieren. Ihr Helfer kann dann diesen SSH Tunnel benutzen, um sich auf Ihrem Skolelinux/Debian-edu Rechner anzumelden und Ihnen zu helfen. Ihr Helfer bedient sich dazu einfach folgenden Befehls auf seiner Maschine

The authenticity of host 'bla bla (bla.bla)' can't be established.
RSA key fingerprint is 32:0e:ef:60:f9:26:41:78:75:10:56:a4:29:23:0a:3e.
Are you sure you want to continue connecting (yes/no)?

Konsultieren Sie bitte die Hilfe (man page) von SSH mittels des Befehls man ssh oder schreiben Sie man:ssh in die Adresszeile des Browsers/Dateimanagers Konqueror, um weitere ausführliche Erklärungen, des eben verwendeten Befehls und seiner verschiedenen Optionen zu erhalten. Wenn Sie dieses Dokument mit dem Konqueror lesen, genügt es, wenn Sie den folgenden Link anklicken man:ssh.

Es gibt Einrichtungen, deren Netzwerke für eingehende SSH Verbindungen blockiert sind und wo Ihnen die Rechte fehlen, dies zu ändern, etwa weil Sie nicht das Netzwerk betreuen. Da allerdings die Möglichkeit, sich von überall auf dem eigenen Server anmelden zu können, das Leben des Administrators erheblich erleichtert, gibt es in Skolelinux/Debian-edu ein Skript, um dieses Hindernis zu umgehen. Dieses Skript initiiert einen SSH Tunnel, ähnlich dem im Abschnitt „Laden Sie einen Skolelinux/Debian-edu Experten ein, Ihnen direkt auf Ihrem Computer zu helfen“, aber ohne dass ein Helfer auf der anderen Seite nötig ist. Das Skript erledigt das für uns. Dieses Skript ist Bestandteil des Paketes debian-edu-config und findet sich, sobald dieses Paket installiert ist im Verzeichnis /etc/init.d/open-backdoor. Damit dieses Skript korrekt funktionieren kann, benötigt es einige Angaben:

RPORT=Der Port, der vom entfernten Computer benutzt wird.
RHOST=Der DNS Name oder die IP Nummer des entfernten Computers.  
RUSER=Die Nutzerkennung, die Sie auf dem entfernten Computer verwenden.

Wenn wir hier dieselben Werte nehmen wie im Abschnitt „Laden Sie einen Skolelinux/Debian-edu Experten ein, Ihnen direkt auf Ihrem Computer zu helfen“, müsste das Skript folgendermaßen aussehen:

RPORT=2100
RHOST=127.217.148.238
RUSER=helper

Nachdem Sie die benötigten Parameter RPORT, RHOST und RUSER gesetzt haben müssen sie die vom Skript benötigten SSH keys einrichten, damit das Skript den SSH Tunnel automatisch initiieren kann, ohne dass der Benutzer eingreifen muss. Sie müssen sich als Benutzer root (Systemadministrator) auf dem Computer anmelden, auf dem das Hintertürskript läuft; dies kann entweder ein Server, eine Workstation oder ein Thin-Client server sein, ganz nach Belieben. Führen Sie dann den Befehl

aus. Wenn Sie nach einer passphrase gefragt werden, beantworten Sie dies durch eine leere Eingabe. Nachdem Sie die SSH Schlüssel erzeugt haben, müssen Sie den öffentlichen Schlüssel auf den entfernten Rechner übertragen und in die Datei .ssh/authorized_keys eintragen. Stellen Sie sicher, dass Sie dies auf einem sicheren Übertragungskanal tun, also beispielsweise nicht durch einen Hotmail account oder per unverschlüsselter Email. Als sichere Lösung bietet sich beispielsweise das SSH Äquivalent scp an. Sie können dies von der Maschine aus, auf der das Hintertürskript läuft mit diesen Befehlen tun

Danach melden Sie sich auf dem entfernten Computer an und führen folgenden Befehl aus

Jetzt sollten Sie über den Befehl /etc/init.d/open-backdoor start das Hintertürskript starten können und mit dem Befehl

in der Lage sein, sich von dem entfernten Computer auf Ihrem Skolelinux/Debian-edu Rechner komfortabel anzumelden.

@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
ba:bc:68:4c:0b:72:4b:89:d3:04:00:c3:ab:8b:b8:98.
Please contact your system administrator.
Add correct host key in /home/klausade/.ssh/known_hosts to get rid of this message.
Offending key in /home/klausade/.ssh/known_hosts:2
RSA host key for localhost has changed and you have requested strict checking.
Host key verification failed

Zu Linux und GNU gibt es zahlreiche Bücher und Dokumente in gedruckter und elektronischer Form. Im Internet werden Sie vollständige Handbücher mit oftmals über 1000 Seiten finden, aber auch kurze Anleitungen, die weniger als ½ DIN A4 Seite füllen. Ihr örtlicher Buchhändler wird sicherlich hunderte Bücher über Linux besorgen können.

Dokumentation und Hilfen auf Ihrem System

Beinahe jedes Programm und jeder Befehl Ihres Linuxsystems bringt seine eigene Onlinehilfe mit. Oft sind diese Hilfen durch Aufruf eines Befehls, wie man ssh erreichbar; man ssh sollte zur Anzeige der folgendem Manpage (Handbuchseite) führen:

SSH(1)                  System General Commands Manual                  SSH(1)

NAME
     ssh - OpenSSH SSH client (remote login program)

SYNOPSIS
     ssh [-l login_name] hostname | user@hostname [command]

     ssh [-afgknqstvxACNPTX1246] [-b bind_address] [-c cipher_spec]
         [-e escape_char] [-i identity_file] [-l login_name] [-m mac_spec]
         [-o option] [-p port] [-F configfile] [-L port:host:hostport] [-R
         port:host:hostport] [-D port] hostname | user@hostname [command]

DESCRIPTION
     ssh (SSH client) is a program for logging into a remote machine and for
     executing commands on a remote machine.  It is intended to replace rlogin
     and rsh, and provide secure encrypted communications between two
     untrusted hosts over an insecure network.  X11 connections and arbitrary
     TCP/IP ports can also be forwarded over the secure channel.

     ssh connects and logs into the specified hostname.  The user must prove
     his/her identity to the remote machine using one of several methods
     depending on the protocol version used:

Die Manpages können auch von grafischen Oberflächen dargestellt werden, etwa durch Konqueror indem Sie in der Adresszeile man:ssh eingeben.

Abbildung 1.1. Manpages in Konqueror

Eine kurze Zusammenfassung der benötigten Hardware für einen Coyote Linux Firewall/Router unter Skolelinux/Debian-edu finden Sie im Abschnitt „Firewall/Router“.

Der Firewall/Router hat eine genau Rolle im Skolelinux/Debian-edu Netzwerk. Ohne Firewall/Router wird das Skolelinux/Debian-edu System nicht optimal laufen.

Coyote Linux hat zwei Netzwerkkarten, jede mit einer anderen Aufgabe. Die eine Netzwerkkarte wird mit dem vorhandenen Netz verbunden, so dass eine Internetverbindung besteht. Unter Coyote Linux wird diese Netzwerkschnittstelle WAN, eth1, Internet genannt. Die andere Netzwerkkarte, die mit Ihrem Skolelinux/Debian-edu Netzwerk verbunden wird, wird LAN, eth0, LAN Netzwerk bezeichnet. Diese Karte ist entweder direkt, über ein crossover-kabel, mit dem Skolelinux/Debian-edu Mainserver verbunden, oder über einen Switch mit dem so genannten 10.0.2/23-backbone Netzwerk.

Abbildung 3.1. Übersicht über die Einbindung eines Firewall/Router unter Skolelinux/Debian-edu

Ein ähnliches Diagramm mit einer Übersicht eines kompletten Skolelinux/Debian-edu Netzwerkes ist im Abschnitt „Netzwerk Architektur“ verfügbar.

Coyote Linux, wie auch Skolelinux/Debian-edu, ist ein Produkt, welches ständiger Entwicklung und Wartung unterliegt. Das bedeutet, es werden relativ häufig neue Versionen veröffentlicht, die Erweiterungen und neue Sicherheitslösungen beinhalten. Besonders wegen der Sicherheitslösungen sollten Sie immer die aktuell stabile Version von Coyote Linux verwenden.

Weil Coyote Linux nur von Diskette läuft, wird es wohl auch in Zukunft keinen Automatismus zur Aktualisierung geben. Sie müssen eine völlig neue Diskette erstellen. Die Vorgehensweise zur Erstellung einer Coyote Linux-Diskete ist im Abschnitt „Erstellung einer Coyote Linux Diskette“ beschrieben. Um den Ablauf so einfach wie möglich zu halten, sind ein paar Dinge zu beachten.

64 bytes from 10.0.2.1: icmp_seq=1 ttl=64 time=1.84 ms

LAN network: UP

WAN network: down

Stellen Sie sicher das die Coyote Linux Diskette im Diskettenlaufwerk ist und der Rechner über das BIOS so eingestellt ist, daß zuerst von Diskette gestartet wird. Starten Sie Ihren Coyote Linux Rechner.

Abbildung 3.13. Starten von Coyote Linux

Das Erzeugen von Zufallszahlenschlüsseln kann auf langsamen Systemen ein paar Minuten in Anspruch nehmen.

Abbildung 3.14. Erzeugen von Zufallszahlenschlüsseln

Wenn alles korrekt gelaufen ist, sehen Sie nun den textbasierten Coyote Linux Anmeldeschirm. Sie werden wissen das alles in Ordnung ist, wenn Sie die folgende magischen Worte sehen:

LAN network: UP
WAN network: UP

Im hier verwendeten Bild sind beide Netzwerkkarten defekt.

Dieses Bild ist mit einem Screenshot zu ersetzen, in dem die Netzwerkkarten korrekt arbeiten.

Abbildung 3.15. Coyote Linux Anmeldung

Sie können sich nun auf der Kommandozeile mit dem Systemadministrator root ohne Passwort anmelden. Der Systemadministrator ist der einzige verfügbare Benutzer unter Coyote Linux. Als erstes müssen Sie ein Passwort für den Systemadministrator vergeben.^[8]

Wenn Sie unter Coyote Linux angemeldet sind, sehen Sie folgendes Menü:

Abbildung 3.16. Coyote Linux Menü

Als erstes müssen Sie das Passwort des Systemadministrators (root) ändern. Wählen Sie dazu Menüpunkt 2) Change system password, indem Sie "2" eingeben und dies mit Enter bestätigen.

Abbildung 3.17. Passwort ändern

Geben Sie ein Passwort mit mindestens 5 und maximal 8 Zeichen an und bestätigen Sie mit Enter. Wiederholen Sie das neue Passwort und bestätigen Sie die Eingabe wieder. Da Ihnen jemand dabei über die Schulter sehen könnte, erfolgt keine Anzeige des Passwortes auf dem Bildschirm.

Password changed.
Updating webadmin password...

Press enter to return to system menu.

Wenn Sie den obigen Hinweis erhalten, wurde das Systemadministratorpasswort erfolgreich geändert.

Sie müssen das neue Passwort auf der Coyote Linux Diskette speichern, da Coyote Linux von Diskette läuft und damit alle Informationen nur im Hauptspeicher vorhanden sind. Die Daten im Hauptspeicher gehen bei einem Neustart des Coyote Linux Rechners verloren. Sichern Sie das Passwort indem Sie den Punkt w) Write configuration to disk auswählen.

Ihr neues Passwort wurde auf der Coyote Linux Diskette gespeichert wenn Sie folgendes Bild sehen:

Backup script complete. Press ENTER to return to menu.

Alle Änderungen, die Sie an Ihrem Coyote Linux System vorgenommen haben, sind nun auf der Diskette gespeichert.

Sie können Ihren Coyote Linux Rechner neu starten und Sie werden sehen, dass das neue Passwort benutzt wird. Sie können Coyote Linux neu starten indem Sie entweder den Ein-/Aus-Schalter an Ihrem Coyote Linux Rechner drücken, oder Sie wählen r) Reboot system vom Coyote Linux Menü.

Wenn Sie es geschafft haben, beide Netzwerkkarten zum laufen zu bringen und Coyote Linux hat eine Netzwerkverbindung, brauchen Sie sich nicht mehr auf der Kommandozeile des Coyote Linux Rechners anmelden. In Zukunft können Sie einen Webbrowser benutzen um sich am Coyote Linux System anzumelden. Nähere Informationen finden Sie im Abschnitt „Coyote Linux Web Administrator“.

Wenn Sie q) quit im Menü wählen, wird dieses beendet und Sie gelangen in die Kommandozeile. Wenn Sie in das Menü zurückkehren wollen geben Sie den Befehl menu ein und bestätigen Sie mit Enter.

Für eine Liste nützlicher Befehle konsultieren Sie den Abschnitt „Nützliche Befehle unter Coyote Linux“.

Coyote Linux hat ein gut funktionierendes und komfortables Webinterface, dass Sie zur alltäglichen Administration einsetzen können. Unter der Adresse http://10.0.2.1:8180 können Sie das Interface mit Ihrem Webbrowser aufrufen.

Unter dieser Adresse findet sich das Coyote Linux Webinterface, klicken Sie den Link an, tragen Sie dann als Benutzernamen root ein und geben Sie das Passwort ein, welches Sie zuvor eingerichtet haben, siehe: Abbildung 3.16, „Coyote Linux Menü“

Abbildung 3.18. Coyote Linux Web Administrator

Alle Optionen und Einstellungen können über das Menü auf der linken Seite vorgenommen werden.

Abbildung 3.19. Coyote Linux Hauptmenu

Manchmal ist es notwendig sich am Coyote Linux System anzumelden ohne das ein Webbrowser verfügbar ist, oder Sie favorisieren die Anmeldung per Kommandozeile, dann können Sie ssh zur Anmeldung benutzen.

Wenn Sie auf einem Rechner des Skolelinux/Debian-edu Netzwerkes angemeldet sind, dann benutzen Sie

um sich am Coyote Linux anzumelden.

Außerhalb des Skolelinux/Debian-edu Netzwerks müssen Sie den Wert 10.0.2.1 mit dem entsprechenden Wert, wie er für die Netzwerkkarte WAN unter i angegeben ist, ersetzen. In unserem Fall wäre das:

Sie haben fast die gleichen Auswahlen zur Verfügung, als wenn Sie über das Coyote Linux Webinterface angemeldet sind. Der Unterschied besteht nur darin, das Ihnen die Optionen in einem textbasierten Menü präsentiert werden.

                Coyote Linux Gateway -- Configuration Menu


  1) Edit main configuration file         2) Change system password
  3) Edit rc.local script file            4) Custom firewall rules file
  5) Edit firewall configuration          6) Edit port forward configuration

  c) Show running configuration           f) Reload firewall
  r) Reboot system                        w) Write configuration to disk

  q) quit                                 e) Exit
  ----------------------------------------------------------------------------
  Selection:

Sie haben fast die gleichen Auswahlen, wie unter der Anmeldung im Coyote Linux Webinterface. Unter „Coyote Linux Web Administrator“ finden Sie eine kurze Erläuterung der unterschiedlichen Auswahlen.

Wenn Sie q) quit wählen, gelangen Sie in die Coyote Linux Kommandozeile. Wenn Sie zurück in das Coyote Linux Menü gelangen möchten, geben Sie menu ein und drücken Sie Enter.

Wenn Sie bei der Anmeldung am Coyote Linux System folgendes sehen:

klaus@tjener:~$ ssh 10.0.2.1 -l root
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
34:b7:a3:9b:06:4c:e2:30:1b:0d:03:45:7b:22:b7:dd.
Please contact your system administrator.
Add correct host key in /skole/tjener/home0/klaus/.ssh/known_hosts to get rid of this message.
Offending key in /skole/tjener/home0/klaus/.ssh/known_hosts:27
RSA host key for 10.0.2.1 has changed and you have requested strict checking.
Host key verification failed.

Dann ist das wahrscheinlich, das Sie sich vorher an einem anderen Rechner mit der IP-Adresse 10.0.2.1 angemeldet haben, oder Sie änderten eine Netzwerkkarte unter Coyote Linux, oder es handelt sich tatsächlich um einen sogenannten " man-in-the-middle" Angriff. Die Lösung ist, das Sie den entsprechenden Schlüssel löschen, in diesem Fall unter Zeile 27 der Datei /skole/tjener/home0/klaus/.ssh/known_hosts.

Coyote Linux ist eine perfekte Wahl, wenn Sie einen DHCP-Server für Ihr Netzwerk benötigen, welcher Art Ihre Rechner im Netzwerk auch sind, egal ob Linux, Windows oder Mac.

Das einzige, was Sie anders zu konfigurieren haben ist das Aktivieren des DHCP-Servers. Siehe h

Eine kurze Zusammenfassung einen Coyote Linux DHCP-Server aufzusetzen:

Dies ist eine Liste der ISP's die unter Coyote Linux funktionieren:

Dieser Abschnitt basiert auf http://developer.skolelinux.no/arkitektur/arkitektur.html

Möglicherweise ist Ihr Computer bereits so eingestellt, dass er von CD-ROM bootet. Starten Sie Ihren Rechner einfach mit der Skolelinux/Debian-edu CD im CD-ROM Laufwerk.

Wenn Sie dann etwas sehen, dass wie dieser Screenshot aussieht Abbildung 5.1, „Starting up Skolelinux/Debian-edu from the CD“, können Sie einfach zum Abschnitt „First Stage[id=firststage]“ vorblättern; sonst lesen Sie einfach weiter.

Wenn Ihr Rechner eine Option im BIOS hat, um von CD-ROM zu booten, wählen Sie die Einstellung, dass zuerst von CD gestartet wird. Nachdem die Installation vollständig abgelaufen ist, können Sie diese Einstellung wieder ändern.

Normalerweise, wird der Computer beim Start eine Meldung ausgeben, die Ihnen erklärt, wie Sie ins BIOS gelangen. Meistens geschieht dies durch drücken einer Taste, etwa F1, INS, F10 or vielleicht auch DEL. Im Zweifelsfall konsultieren Sie das Handbuch des Computerherstellers oder das Handbuch Ihres Mainboards.

Wenn Sie keine Möglichkeit haben über das BIOS einzustellen, dass von CD-ROM gebootet werden soll, benutzen Sie SBM (Smart Boot Manager). Wenn Sie von der SBM Diskette starten, sollten Sie die Option angezeigt bekommen, von CD-ROM zu starten. SBM ist auf der Skolelinux/Debian-edu CD enthalten. Sie finden das Programm im Verzeichnis install auf der CD. Die Datei heisst sbm.bin. Kopieren Sie diese Datei mit Hilfe des Programms rawrite auf eine leere Diskette. Unter Windows finden Sie rawrite ebenfalls im Verzeichnis install. Lesen Sie die Textdatei awrite2.txt, um weitere Informationen zu rawrite zu erhalten.

Um weitere Informationen über SBM zu erhalten, sollten Sie die Textdatei README.sbm lesen, die Sie ebenfalls im Verzeichnis install finden.

Wenn Sie bereits ein Linux System benutzen, mounten Sie die CD und kopieren Sie die Datei sbm.bin mit dem Befehl

Möglicherweise lauten die Namen der Mountpoints für CD-ROM und Diskettenlaufwerk bei Ihnen anders.

There are basically two ways of getting the Skolelinux/Debian-edu CD-ROM. Either you download it yourself, or you get someone else to do it for you.

The installation of Skolelinux/Debian-edu is divided into two stages, referred to as firststage and secondstage. The first stage starts when the machine boots from the Skolelinux/Debian-edu CD, and ends with the first reboot. The second stage starts when the machine boots from GRUB, and ends when the installation is finished and the machine reboots for all services to properly restart. It's during the second stage that you type the root password.

firststage usually lasts about 10 minutes on a relatively fast machine, while secondstage lasts a bit more, about 15-45 minutes.

Abbildung 5.1. Starting up Skolelinux/Debian-edu from the CD

^[12]

There's not that much to do here, other than pressing Enter^[13]

Abbildung 5.2. Choosing Language

Here you must choose the language you want to use during installation. This language will be the pre-selected language for the all users. This doesn't exclude the use of any of the other available and supported languages in Skolelinux/Debian-edu. If you later want to change the default pre-selected language, have a look at the files /etc/environment, /etc/kde2/system.kdeglobals and /etc/X11/XF86Config-4, and the command update-locale-config. The command man update-locale-config will give you more information about this command, and supported languages.^[14]

Notice to the right in this screenshot the #-sign. This indicates that there is more text available, but that it's not possible to display all of it in one screen. Use the arrow up/down or PageDown and PageUp keys to scroll through the whole text.

At this point in the installation it's possible to jump to a Virtual Terminal(VT) with the key combination ALT+Arrow left/right or ALT+F1,F2,F3,F4. On F2 you have a VT where you can edit files during installation.

Abbildung 5.3. Installation of Udeb-Packages

The necessary udeb-packages will be installed.^[15] A progress bar will keep you informed about the progress.

Abbildung 5.4. Information about the Various "Profiles"

Abbildung 5.5. The Various Profiles in Skolelinux/Debian-edu

Have a look at „Eine kurze Beschreibung der Profile in Skolelinux/Debian-edu“ for a short description of the various profiles.

Have a look at Tastaturbelegung for a brief explanation of the different keyboard keys used during installation.

You choose the profiles you want to install by placing a mark in front of the desired profile by using the SPACEBAR to place the mark. To navigate between the different fields, you use TAB, and when you are done, move to OK and install by pressing ENTER.

If your hard drive is not recognised, then you may need to manually load the driver module for your hard drive, SCSI-controller or your RAID-controller; do this in VT#2

Abbildung 5.6. Loading Necessary Driver Modules

After you have chosen which profile to install, the necessary packages are installed. Hopefully, you have only chosen hardware that works out-of-the-box with Skolelinux/Debian-edu.

Abbildung 5.7. Warning! The contents of all your hard drives will be erased!

To continue with the installation, you must choose Yes.

Abbildung 5.8. Installation of the Final Packages, the Kernel and the Bootloader GRUB

The final packages (the Linux kernel and the bootloader GRUB)will now be installed. You now have a working minimalistic Debian system installed.

Abbildung 5.9. Final Preparation for Second Stage Installation

Make sure that the CD is not in the CD-ROM when you restart the machine. If you forget to remove it, the installation will start all over again.

The installation of Skolelinux/Debian-edu is divided into two stages, referred to as firststage and secondstage. The first stage starts when the machine boots from the Skolelinux/Debian-edu CD, and ends at the first reboot. The second stage starts when the machine boots from GRUB, and ends when the installation is finished and the machine reboots for all services to properly restart. It's in second stage that you type the root password.

firststage usually lasts about 10 minutes on a relatively fast machine, while secondstage lasts a bit more, about 15-45 minutes.

Abbildung 6.1. Starting Skolelinux/Debian-edu from the Hard Drive with GRUB ^[17]

Notice the countdown in the last line in this screenshot. GRUB is configured to automatically boot Skolelinux/Debian-edu after 5 seconds (in this concrete screenshot the counter has reached 4 seconds). The countdown can be stopped by pressing one of the arrow keys. The arrow keys are also used to choose which of the available Linux kernels you want to boot. The automatic boot is very handy for booting the system unattended.

In the GRUB configuration file, /boot/grub/menu.lst you can choose to change the default value for the countdown, the appearance of the GRUB menu, the name of the different kernels to boot, set a password, etc.

In this screenshot you have two boot choices.

Debian GNU/Linux, kernel 2.4.22-1-386 
Debian GNU/Linux, kernel 2.4.22-1-386 (recovery mode)

You choose by highlighting the kernel you want to boot, move between the different kernels with the arrow up/down keys, and boot the wanted kernel by pressing enter.

Usually you would just boot the default kernel without making any active choices, that is the line that does not contain (recovery mode). The line containing (recovery mode) is used when you need to either do some repair or maintenance on the system, like when you need to resize the lv-partition /usr. When booting with the option (recovery mode) only a few basic services is started, no GUI. Booting with (recovery mode) is the same as Runlevel 1, which also can be reached from the command line by typing init 1 See man init.

password --md5 $1$xZBDT0$8uoCO9XQGpBeXKnhUoU5A
title           Debian GNU/Linux, kernel 2.4.26-1-386
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.26-1-386 root=/dev/hda1 ro
initrd          /boot/initrd.img-2.4.26-1-386
savedefault
boot


title           Debian GNU/Linux, kernel 2.4.26-1-386 (recovery mode)
lock
root            (hd0,0)
kernel          /boot/vmlinuz-2.4.26-1-386 root=/dev/hda1 ro single
initrd          /boot/initrd.img-2.4.26-1-386
savedefault
boot

Abbildung 6.2. Skolelinux/Debian-edu Boot in Progress

While booting Skolelinux/Debian-edu you will see a lot of seemingly cryptic messages scrolling by on your screen. These are useful messages from the Linux kernel.^[18]

Abbildung 6.3. The Root Password

The password you are about to create, is the famous root password. With this password you will be able to do anything. Please read carefully the information provided on-screen.

Abbildung 6.4. Password not Visible When you Type it

Note that you will not be able to see the password as you type it. You must type it twice, the same both times. If you do it wrong, you get another chance.

Abbildung 6.5. Installation of Packages in the Second Stage

After you have created the root password, the installation of packages in the second stage starts. Remember to insert the CD in the CD-ROM drive- you will be prompted to do so if you have forgotten. The rest of the installation takes about 15-45 minutes, depending how fast your machine is.

It's now possible to login as user root in one of the VT by typing ALT-F2, or ALT-F3 and poke around the system a bit.

Abbildung 6.6. Installation is Complete- the Necessary Reboot

After the installation is complete, a reboot is necessary in order to restart all services such as LDAP, DHCP, etc. See services for a list of services that works out-of-the-box with Skolelinux/Debian-edu.

Abbildung 6.7. Installation is Complete- no KDM

If you have chosen to install only the profile mainserver, with no GUI, then you will also have no KDM, just a text-based login.

Abbildung 6.8. Installation is Complete- KDM

If you have chosen to install a machine that includes one of the profiles workstation or ltspserver, then you will be met by the kdm

Here you login with

Username: root
Password:

You can use TAB to move between the fields Username and Password, and then press Enter to login, instead of using the mouse.

If you see a black screen with white text, like this:

Abbildung 7.1. Text-based Login

and not something like in Abbildung 6.8, „Installation is Complete- KDM“, despite having installed one of the profiles workstation or ltspserver, then something went wrong with the configuration of your video card. It might help trying to manually reconfigure the video card with the command

and answer the questions.

Once you are done with dpkg-reconfigure, you should see something like

Wrote X server configuration to /etc/X11/XF86Config-4.

It might help to know something about what kind of video card you have in your computer, the command lspci is helpful:

tjener:~# lspci
00:00.0 Host bridge: Intel Corp. 82440MX I/O Controller (rev 01)
00:00.1 Multimedia audio controller: Intel Corp. 82440MX AC'97 Audio Controller
00:02.0 VGA compatible controller: Silicon Motion, Inc. SM710 LynxEM (rev a3)
00:07.0 ISA bridge: Intel Corp. 82440MX PCI to ISA Bridge (rev 01)
00:07.1 IDE interface: Intel Corp. 82440MX EIDE Controller
00:07.2 USB Controller: Intel Corp. 82440MX USB Universal Host Controller
00:07.3 Bridge: Intel Corp. 82440MX Power Management Controller
00:0a.0 CardBus bridge: Ricoh Co Ltd RL5c476 II (rev 80)
00:0a.1 CardBus bridge: Ricoh Co Ltd RL5c476 II (rev 80)

Here you notice that I have a Silicon Motion video card. If you need more info from lspci then try lspci -vn. Maybe you need to pipe it through more or less, like lspci -vn|more

FIXME: a list of the questions asked during reconfiguration and xfree86 should maybe be presented here?

If you still experience problems with your video card, then have a look at „Laptop“. Perhaps you should consider installing a backported version of XFree86 4.3; not sure where that is available.

If you just need to change the depth and resolution, then you can open the file /etc/X11/XF86Config-4 with a editor from the command line like

and edit the lines corresponding to the depth you wish to have

DefaultDepth     16

and the lines

SubSection "Display"
                Depth     16
                Modes    "1024x768" "800x600" "640x480"

As with most other common operating systems, almost all of your day-to-day tasks can be carried out with the mouse by click-and-point. In addition to that, you can use the famous command line to do them as well. Why would you want to use the command line? Well, it's faster, you have more control over what is going on behind the buttons, so it's an alternative.

It's often nice to be able to edit system configuration files, like with grub or autopartit or bothersome videocard. For this purpose you need a tool, a text editor. We do not use things such as bold, underline or fancy fonts in these files, so for this purpose we don't need a huge fancy application. There are already several such applications installed with your Skolelinux/Debian-edu system. Someof these are command line based, (vi, vim), while others have a graphical interface, like KEdit and emacs

For starters, try using KEdit, you'll find it in K-menu->Text editors->Text editor

You should also try vi, vim. You find vim in K-menu->Text editors->Debian->Vim, just follow the on-screen instructions.

If you are logged in as an ordinary user, say on a thin client, and need to edit some system files as root-user, then you can use the program kdesu and start the editor inside kdesu like this

that way you can run the editor as the superuser root (of course after you have written the root-password).

Sometimes when you issue a command, such as dpkg -l or try to view a file in a Virtual Terminal or in a shell, the output is too much for one screen display. You could then "pipe" it through one of the applications more or less, like this

and use the Spacebar to display the next screen, and q to quit.

The pipe is a key ( | ) on the keyboard that has two vertical lines one above the other. It often looks like a one full vertical line. On the US qwerty keyboard this symbol is usually found on the same key as the backslash key (to the left of the RETURN key). On the Norwegian keyboard it's usually found on the key below F1

Due to the limited amount of space available on one CD, there is only one Linux kernel available on the Skolelinux/Debian-edu CD. So, the Linux kernel chosen is based on the lowest common denominator, which means that it should work on most kinds of hardware.

You find out what kind of kernel you are running at the moment with the command uname -a, use this command later to verify that you have changed to a different kernel, if you choose to do so.

If you want a kernel for the newer servers with plenty of RAM and multi-processors, you must download and install it afterward, which thanks to the genius package system of Debian, is very easy to do.

Have a look at „Administration of Packages“ for a more detailed description of apt-get and dpkg.

The keyword to look for when you want a Linux kernel with support for more RAM than LOWMEM=940M and more than one CPU, is SMP, aka Symmetric Multi-Processors. This command issued from a shell, will list available Linux kernels, ready for installation:

At the time this is being written, this returns:

kernel-image-2.4.18-1-686-smp - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.4.16-686-smp - Linux kernel image 2.4.16 on PPro/Celeron/PII/PIII SMP.
kernel-image-2.4.18-686-smp - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.4-686-smp - Linux kernel image for version 2.4 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.4-k7-smp - Linux kernel image for version 2.4 on AMD K7 SMP.
kernel-image-2.4.26-1-686-smp - Linux kernel image for version 2.4.26 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.4.26-1-k7-smp - Linux kernel image for version 2.4.26 on AMD K7 SMP.

There is really no reason not to choose the latest available kernel, in this case, version 2.4.26. You are then left with the following choices:

kernel-image-2.4.26-1-686-smp - Linux kernel image for version 2.4.24 on PPro/Celeron/PII/PIII/PIV SMP.
kernel-image-2.4.26-1-k7-smp - Linux kernel image for version 2.4.24 on AMD K7 SMP.

You can choose kernel-image-2.4.26-1-686-smp if you have a Intel processors (keyword is 686). If you have an AMD processor (keyword is k7) you can choose kernel-image-2.4.26-1-k7-smp.

Once you know which kernel is the correct one for your machine, you can install it with the command

When you install the new kernel, you may see something like this:

Sætter kernel-image-2.4.26-1-k7 (2.4.24-3) op...

 You are attempting to install a kernel version that is the same as
 the version you are currently running (version 2.4.26-1-k7). The modules
 list is quite likely to have been changed, and the modules dependency
 file /lib/modules/2.4.26-1-k7/modules.dep needs to be re-built. It can
 not be built correctly right now, since the module list for the
 running kernel are likely to be different from the kernel installed.
 I am creating a new modules.dep file, but that may not be
 correct. It shall be regenerated correctly at next reboot.

 I repeat: you have to reboot in order for the modules file to be
 created correctly. Until you reboot, it may be impossible to load
 some modules. Reboot as soon as this installation is finished (Do not
 reboot right now, since you may not be able to boot back up until
 installation is over, but boot immediately after). I cannot stress
 that too much. You need to reboot soon.

Please Hit return to continue.
	

Here there is nothing else to do but hit Return to continue.

After you have installed a SMP-enabled kernel, and have rebooted your machine, you can use these commands to see if the newly installed kernel sees all of your processors and RAM;

At the moment, there are 7 partitions^[19] of the lvm type in Skolelinux/Debian-edu. They are grouped in two different vg's, vg_system and vg_data:

NFS.....

device is busy

umount: /var/spool/squid: device is busy

# cache_dir ufs /var/spool/squid 100 16 256

/dev/vg_data/lv_video  /skole/video          ext3    defaults                0       2

dn: cn=video,ou=tjener,ou=skole,ou=Automount,dc=skole,dc=skolelinux,dc=no
objectClass: top
objectClass: automount
cn: video
automountInformation: -rw,rsize=8192,wsize=8192,intr tjener:/skole/video
description: /skole/video mount point

	      /skole/video @allhosts(rw) 10.0.2.0/255.255.254.0(rw)[]
	    

A "host netgroup" (hence "netgroup") can be compared to a guest list when you are inviting people to a party. You have made the guest list to avoid unwanted guests, for instance crooks. In a computer network, the guests are a bit different. They are "Internet hosts", e.g. printers, thin client servers or workstations. If these hosts are on the guest list, they are welcome to do their task on the network. If they are not, they are automatically kept out by the doorkeeper.

A netgroup thus keeps track of the guests, or "hosts" in "Internet lingo". It can also keep track of other netgroups, and this simplifies administration of, for example, access to the Internet or to a file server. It is much easier to administer groups of hosts than specifying every single host everywhere.

You have to use netgroups correctly to avoid extra administration. For example, it is useless to have a netgroup named "workstation-hosts" with 250 different hosts in it. It is better to use subgroups. The workstations could be grouped into "computerlab01-hosts", "computerlab02-hosts" and "teachers-hosts", and these could be subgroups to another netgroup named "workstation-hosts".

In the future, Skolelinux will probably use netgroups for various other tasks. Today they are used to prevent access of unwanted guests to the file server.

The Netgroup Module

To edit netgroups, you have to use Webmin. The module is named "Edit host netgroups" and is found under the "System"-tab.

Abbildung 8.1. Overview of Netgroups

On a newly installed Skolelinux server, the following netgroups are added:

ltsp-server-hosts

All of the thin client servers in the network

printer-hosts

All of the printers in the network

server-hosts

All of the servers in the network. This is primarily "tjener", but if you move, for example, the backup service to another host, add that host here.

workstation-hosts

All of the groups containing workstations, or all of the workstations in a small network

all-hosts

This group contains no individual hosts, but all of the other netgroups.

Naming conventions

Note that all of the netgroup names end with "-hosts". This is to make it easier to distinguish netgroups from other groups whenever necessary. We suggest you use the same naming convention.

Adding Hosts to a Netgroup

In the overview, click on the netgroup you want to change. A new window appears, showing hosts, subgroups and netgroups available to add as subgroups and an area for adding new hosts.

Abbildung 8.2. Adding Hosts to a Netgroup

Enter the name on a line of its own for every host you want to add to the netgroup.

If you check the "Verify validity of hosts" box, every hostname will be tested but only valid ones will be added. Note: this may slow down the process.

If you check the "Make sure the hostnames can be used by the file server" box, every hostname will be tested but only those usable to the file server will be added. Note: this may slow down the process.

Click on "Add" to add the entered hosts to the netgroup. You will see the same page, now with the new hosts in the list.

Abbildung 8.3. New hosts Added to the Netgroup

Click on "Back" when you are finished editing the netgroup. Remember to save your changes.

Saving Changes

Return to the overview when you are finished making your changes. Notice the actions in the action queue. When you are done, enter your LDAP-password and click on "Execute actions". The changes are sent to the catalogue server, and you get a new window showing the replies from the server. For every successful action, the server replies "Success".

You can remove actions you regret or made by mistake. Select the actions you want to remove from the queue and click on "Delete selected actions". Actions depending on those removed will not be executed. If you remove, for example, the action "Add netgroup 'computerlab01-hosts'", then the action "Add host(s) (dhcp123, dhcp124, dhcp125)" will not be executed.

Abbildung 8.4. Changes are Saved

Adding a New Netgroup

Enter the name of the new netgroup in the "Name of group" text field in the "New group"-area and click on "Create group". The name has to be between 9 and 40 characters and contain only alphanumeric characters and hyphens.

Abbildung 8.5. Adding a New Netgroup

The new netgroup is now listed together with the other groups.

Abbildung 8.6. New group added

Adding a Subgroup

In the overview, click on the group to which you want to add subgroups. If you want to add "computerlab01-hosts" as a subgroup to "workstation-hosts", click on "workstation-hosts".

Abbildung 8.7. Adding a Subgroup

Select the group you want to add as a subgroup and click on "Add selected groups". The subgroups are now listed as a subgroup.

Abbildung 8.8. Subgroup Added

Remember to save your changes.

Each thin client has a wide range of options that can be changed on an individual thin client basis.

All these options are specified in the file /opt/ltsp/i386/etc/lts.conf, but you need to assign each Thin Client a static IP address. You do this by adding the MAC address of the Netzwerkkarte in your Thin Client, all done in the file /etc/dhcp3/dhcpd-skolelinux.conf^[25]There is also a Webmin module for this operation, https://tjener.intern:10000/dhcpd3/index.cgi

host ltsp010 {
        hardware ethernet     00:00:00:00:00:00;
        fixed-address         ltsp010;
        #filename              "/tftpboot/lts/vmlinuz-2.4.19-ltsp-1";
        filename              "/tftpboot/lts/pxelinux.0";
        #option option-128     e4:45:74:68:00:00;
        #option option-129     "NIC=3c509";
    }

host static00 {
       hardware ethernet 00:00:00:00:00:00;
       fixed-address static00;
    }

host printer00 {
       hardware ethernet 00:00:00:00:00:00;
       fixed-address printer00;
    }

group {
    host ltspserver00 {
       hardware ethernet 00:00:00:00:00:00;
       fixed-address ltspserver00;
    }

klaus@tjener:$ unzip BootDisk522b.zip
Archive:  BootDisk522b.zip
  inflating: rawrite2.exe
  inflating: ebnet522.dsk
  inflating: Readme.txt
	  

Jan  4 19:04:44 tjener dhcpd-2.2.x: DHCPDISCOVER from 00:00:86:4a:58:5a via eth1
Jan  4 19:04:44 tjener dhcpd-2.2.x: DHCPOFFER on 192.168.0.201 to 00:00:86:4a:58:5a via eth1
Jan  4 19:04:45 tjener dhcpd-2.2.x: DHCPREQUEST for 192.168.0.201 from 00:00:86:4a:58:5a via eth1
Jan  4 19:04:45 tjener dhcpd-2.2.x: DHCPACK on 192.168.0.201 to 00:00:86:4a:58:5a via eth1

host ltsp010 {
        hardware ethernet     00:00:86:4a:58:5a;
        fixed-address         192.168.0.10;
	#filename              "/tftpboot/lts/vmlinuz-2.4.19-ltsp-1";
        filename              "/tftpboot/lts/pxelinux.0";
        #option option-128     e4:45:74:68:00:00;
        #option option-129     "NIC=3c509";
    }

#filename              "/tftpboot/lts/vmlinuz-2.4.19-ltsp-1";

filename              "/tftpboot/lts/pxelinux.0";

option option-128     e4:45:74:68:00:00;
option option-129     "NIC=3c509";
	  

[ltsp050]
PRINTER_0_DEVICE =/dev/lp0
PRINTER_0_TYPE   =P

[ltsp051]
X_MOUSE_PROTOCOL    = "Microsoft"
X_MOUSE_DEVICE      = "/dev/ttyS0"
X_MOUSE_RESOLUTION  = 400
X_MOUSE_BUTTONS     = 2
X_MOUSE_EMULATE3BTN = Y

X_MOUSE_PROTOCOL  = "imps/2"
X_MOUSE_DEVICE    = "/dev/input/mice"
RCFILE_01               = "usbdev"
	    

#!/bin/sh
echo "USB Mouse Support..."
insmod usbcore
insmod usb-uhci
insmod input
insmod mousedev
insmod usbmouse
echo "USB Keyboard Support..."
insmod keybdev
insmod usbkbd

[ltsp052]
X_MOUSE_PROTOCOL   = "IMPS/2"

[ltsp053]
RCFILE_01=floppyd

[ltsp054]
XSERVER=XF86_SVGA

[ltsp060]
X_MODE_0=800x600

With the command

you can see the current condition of the network cards.

Jun  2 22:52:28 tjener dhcpd-2.2.x: DHCPDISCOVER from 00:02:b3:8f:66:76 via eth1
Jun  2 22:52:28 tjener dhcpd-2.2.x: DHCPOFFER on 192.168.0.13 to 00:02:53:8f:66:76 via eth1
Jun  2 22:52:29 tjener dhcpd-2.2.x: DHCPREQUEST for 192.168.0.13 from 00:02:53:8f:66:76 via eth1
Jun  2 22:52:29 tjener dhcpd-2.2.x: DHCPACK on 192.168.0.13 to 00:02:53:8f:66:76 via eth1

tjener:~# ifconfig
eth0      Link encap:Ethernet  HWaddr 00:04:75:81:AA:78
          inet addr:10.0.2.2  Bcast:10.0.3.255  Mask:255.255.254.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:27892 errors:0 dropped:0 overruns:0 frame:0
          TX packets:26194 errors:0 dropped:0 overruns:0 carrier:0
          collisions:5 txqueuelen:100
          RX bytes:23495725 (22.4 MiB)  TX bytes:2810447 (2.6 MiB)
          Interrupt:11 Base address:0xdc00

eth1      Link encap:Ethernet  HWaddr 00:04:75:81:AA:FD
          inet addr:192.168.0.254  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:1976176 errors:0 dropped:0 overruns:26 frame:0
          TX packets:2271670 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:486381910 (463.8 MiB)  TX bytes:1131449472 (1.0 GiB)
          Interrupt:10 Base address:0xe000

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:44174 errors:0 dropped:0 overruns:0 frame:0
          TX packets:44174 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:11789085 (11.2 MiB)  TX bytes:11789085 (11.2 MiB)

If what you see is similar to the above, but you still can't get on the net, then you may have to do something with your DNS-setup. Have a look at this section in the documentaton about Coyote Linux, „Coyote Linux und unterschiedliche Internet Service Provider ISP“.

In order to install packages, you need to define where you want to get them from, where our package reservoir is.

You define your package reservoir in the file /etc/apt/sources.list

You can either work with package administration via the command line or with the help of a graphical application such as KPackage „kpackage“, or Webmin „Webmin“

A quick introduction to the use of the command line for working with packaqe administration is given in this section.

deb ftp://ftp.skolelinux.no/debian/ woody main contrib non-free
deb ftp://ftp.skolelinux.no/debian-non-US/ woody/non-US main contrib non-free
deb ftp://ftp.skolelinux.no/skolelinux/ woody local

These lines contain information about where you can get your packaqes.

If you add new lines to this file, then you have to update the database that contains information about what is available.

See Kapitel 14, Useful Programs that are not Included on the Skolelinux/Debian-edu CD for other lines that you can add as sources for packages.

kdeaddons (4:3.1.0-4) unstable; urgency=low

  * Rebuilt against libvorbis0a (closes: #184713).
  * Removed alpha compile flags.
  * Fresh admin/ sync.

 -- Ben Burton <bab@debian.org>  Sun, 16 Mar 2003 16:00:19 +1100

kdeaddons (4:3.1.0-2) unstable; urgency=low

  * First KDE3 upload to debian!
  * Applied Ewald Snel's patch for xine support.
  * Rolled the epoch to aid upgrades from the unofficial repository on
    ftp.kde.org.. *sigh*
:

quanta (1:3.0pr1-1) unstable; urgency=low

  * New upstream release.
  * Built for KDE3.

 -- Ben Burton <benb@acm.org>  Wed,  4 Sep 2002 10:36:12 +1000

(END)

Fetched 60.2MB in 11m24s (87.9kB/s)
Reading changelogs... Done
apt-listchanges: Do you want to continue? [Y/n]?

tjener:~# apt-cache showpkg webmin-slbackup
Package: webmin-slbackup
Versions:
0.0.7-1(/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody_local_binary-i386_Packages)
(/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody-test_local_binary-i386_Packages)
(/var/lib/dpkg/status)
0.0.6-1(/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody-test_local_binary-i386_Packages)

Reverse Depends:
  education-main-server,webmin-slbackup
  task-skolelinux-server,webmin-slbackup
Dependencies:
0.0.7-1 - webmin (0 (null)) perl (0 (null)) libcgi-application-perl (0 (null)) 
libhtml-template-perl (0 (null)) libexpect-perl (2 1.15) slbackup (2 0.0.5-1)
0.0.6-1 - webmin (0 (null)) perl (0 (null)) libcgi-application-perl (0 (null)) 
libhtml-template-perl (0 (null)) libexpect-perl (2 1.15) slbackup (2 0.0.5-1)
Provides:
0.0.7-1 -
0.0.6-1 -
Reverse Provides:

deb file:///var/www dpkg/

Get package ltsp_floppy from http://prdownloads.sourceforge.net/ltsp unpack it and run the installation script. After that, use a text editor to add this line RCFILE_01 = floppyd to the file /opt/ltsp/i386/etc/lts.conf for each thin client you want to have floppy access, or add it to [Default] if you want all of them to have it. This is an example which gives all thin clients the capability of using the local floppy drive.

[Default]
        SERVER             = 192.168.0.254
        XSERVER            = auto
        X_MOUSE_PROTOCOL   = "PS/2"
        X_MOUSE_DEVICE     = "/dev/psaux"
        X_MOUSE_RESOLUTION = 400
        X_MOUSE_BUTTONS    = 3
        USE_XFS            = Y
        XkbLayout          = no
        SEARCH_DOMAIN      = intern
        X_MOUSE_EMULATE3BTN = Y
        LOCAL_APPS         = N
        RUNLEVEL           = 5
RCFILE_01 = floppyd

You need a file in the home directory for each user you want to be able to use diskettes with a thin client. The file should be named .mtoolsrc. Note the full stop in the file name. The file should contain the line

drive a: file="$DISPLAY" remote 1.44m mformat_only

If you want to give all of your users this file without doing a lot of work, I recommend that you follow the following instructions. As root, create the above-mentioned file, and save it in /tmp. Then do the following:

When that's done, then all of the folders in /skole/tjener/home0 will have got the file .mtoolsrc, and the ownership of the file will be the same at the one who owns the folder, otherwise the folder would be owned by root.

Remember to make the following changes in the file /etc/devfs/perms; change the line (fra 0660 til 0666)

REGISTER ^floppy/.*         PERMISSIONS root.floppy 0660

til

REGISTER ^floppy/.*         PERMISSIONS root.floppy 0666

I recommend the graphical program MToolsFM, apt-get install mtoolsfm. There are others, such as Konqueror, but they have some small bugs connected with the use of floppy drives with thin clients. The disadvantage with having the file .mtoolsrc in the home directory, is that you can't just get ready access to the floppy drive from the main server or workstations. I only have thin clients so I haven't looked for a solution to this, but it shouldn't be difficult to find one. (See section „.mtoolsrcBoth for Thin Client and Workstation“)

Using MToolsFM

You find MToolsFM in the menu under K-menu->verktøy->Debian

Abbildung 10.1. MToolsFM Startup Screenshot

This is the picture that you see when you start MToolsFM. Remember to have a diskette in the floppy drive when you start MToolsFM.

MToolsFM has two windows. Usually, one window shows the contents of the diskette(a:), and the other shows the contents of the hard drive. In this example, the window on the left shows the contents of the diskette while the window on the right shows the contents of the hard drive. YOu can choose yourself how you want it to be by using the function to chaange which you find up in the corner.

You mark the file you want to work on by clicking on the filename. When it has been marked, use the buttons to move the files back and forth. You find these buttons in between the two windows. They are labelled "Copy". By right clicking on filename/directoryname you can get other choices.

Abbildung 10.2. Possible Choices

#!/bin/bash
            CLIENT=`echo $DISPLAY | tr 0-9 "-" | sed -e s/-.*//`
            if [ $CLIENT = "ltsp" ]; then
              echo 'drive a: file="$DISPLAY" remote 1.44m mformat_only' >
            ~/.mtoolsrc
            else
              echo 'drive a: file="/dev/floppy/0" 1.44m mformat_only' >
            ~/.mtoolsrc
            fi
	  

It pays to make sure that the thin client in question has the necessary driver modules. Add these lines to /opt/ltsp/i386/etc/lts.conf

[ltsp043]
MODULE_01          = "usb-uhci"
MODULE_02          = "usb-storage"
MODULE_03          = "sd_mod"
RCFILE_02 = usbpen

Make sure that the file you now save is named the same as what is fiven in the line above with RCFILE_02, you must have floppyd set in as from „Making Possible the Use of Diskettes with a Thin Client“. After that you can modify floppyd so it works for USB-pendrives.

This is the contents of my file /opt/ltsp/i386/etc/rc.d/usbpen

#!/bin/bash

#
# First, since floppyd runs as nobody, make /tmp world accessible.
#

chmod 777 /tmp

#
# Second, probe for the floppy
#
modprobe usb-storage
insmod usb-storage

#
# Third, make the floppy world accessible.
#
mknod /dev/sda b 8 0
mknod /dev/sda1 b 8 1
chmod 666 /dev/sd*

#
# Finally, start floppyd.
#
floppyd -d /dev/sda1

Depending on what type of USB-pendrive you have, you may need to replace the file floppyd -d /dev/sda1 with floppyd -d /dev/sda, that is, without the number "1". If you have SCSI-hard drives, they are usually called /dev/sda1, so you need to check /var/log/syslog to get more information about which device to use for your USB-pendrive.

See „USB Pendrive“ for how it is possible on a regular main server, workstation or thin client.

Total number of sectors not a multiple of sectors per track!
Add mtools_skip_check=1 to your .mtoolsrc file to skip this test

Certainly!. I'm listening to NRK radio on a thin client right now.

Start by downloading the package ltsp_sound

To start with, every users get two directories created when the user is created

drwxrwx---        klaus klaus    priv
drwxrwxr-x        klaus klaus    pub

that is a directory that is open for everyone to view, pub and one that is closed to other users priv.

If you aren't comfortable with the idea that your users are supposed to understand the concept of a closed (priv) and an open directory (pub) in their home directories you can change this. You can either lock the directories at the top level after the users are created chmod 700 /skole/tjener/home0/*, or you can open them a little chmod 711 /skole/tjener/home0/*

If you want your users to have several directories from the start, for example the directories matematics, English, German, French, this can be done by changing a bit of the file /usr/share/webmin/ldap-users/createhomedir, by adding these lines:

# Make a directory related to the subject mathematics 
mkdir "$homedir/matematics"
chmod 0770 "$homedir/matematics"

# Make a dirctory related to the subject English
mkdir "$homedir/English"
chmod 0770 "$homedir/English"

# Make a directory related to the subject German
mkdir "$homedir/German"
chmod 0770 "$homedir/German"

# Make a directory related to the suject French
mkdir "$homedir/French"
chmod 0770 "$homedir/French"

We have a little "problem"- if you can call it that- with Skolelinux/Debian-edu: Rather than too few programs installed, we have far too many. Many of the programs are not necessary for all of the users. They only get in the way and make things cluttered.

Luckily there are ways to tailor the menu to specific groups of users. There is a program in Skolelinux/Debian-edu that does the whole job for us in a simple way. The program is called kschoolmenu, and you find it in the menu underK-menu->Preferences->System->Custom K menus

	    kcmshell kschoolmenu

The results are placed in the file /var/lib/kschoolmenu, which you can edit by hand if you want. If you have several machines and you want the same menu for all of them, a quick way to do this is to copy the files from /var/lib/kschoolmenu

Abbildung 11.1. Kschoolmenu, Start

This is kschoolmenu the way you see it when you have started it. You see 2 windows. In the left window you see a choice of programs that you can have in the menu. To the right you see the menu you are about to create. Between them you see 2 arrows which are used to move the program items to/from your menu.

Abbildung 11.2. Kschoolmenu, Add Menu

Here you choose what you want to name the menu, in this case it's called menu1, remember that you have to create a group with the same name and put all of the relevant users in that group so they can get the same menu, see „wlus - Webmin Ldap User Simple“ for how this can be easily done.

There are some programs that your users surely use every time they logon. So, it would be nice to be able to automatically start them up at login, insted of having to do it manually every time. This can be done by copying shortcuts to the program into the directory .kde/Autostart which is stored in the user's home directory.

An easy way to get a hold of these short cuts is to first "drag" them from the K-menu by holding down the left mouse button and then "releasing" them on the desktop background, choosing "Copy here". Then you have a so-called shortcut file in the directory Desktop. You copy this file into the directory .kde/Autostart, which will automatically start the program when the user logs on.

There is a program, xmotd - message-of-the-day browser that makes it possible to show the contents of a file when a user logs in to the system. This is useful, for example, when you want to give information about a new printer, planned down time, etc.

If you don't have xmotd installed, then you can install it with

Then you have to enable the program xmotd to be able to show a file when the user logs in.

Add these lines to the file /etc/X11/Xsession

xmotd  -popdown 25 -geometry 500x500 /usr/local/motd \
-xrm "*title.label: Today's Message"" -always
	

This will then show the contents of the file /usr/local/motd when the user logs in. -popdown 25 means that the message will disappear after 25 seconds, while -always means that the message will be shown every time a user logs in.

Have a look at the manual page for xmotd for a description of the other choices. You can view the manual page from the command line with the command man xmotd.

if [ -e "/usr/local/message/$USER" ]; then
exec /usr/X11R6/bin/xmessage -file /usr/local/message/$USER &
fi
	  

If you have a machine where you have installed both main server and thin client server, then you can use a little Perl script to give a message to all users that are logged on.

#!/usr/bin/perl -w

if (@ARGV != 3){
        print "Use:\n\txwall.pl keyword time message\n";
        print "\t keyword is the word you search with\n";
        print "\t time is the time in seconds you want the message to be visible\n";
        print "\t message is the message, should be written inside quotation marks\n";
        exit (1);
}

$SIG{CHLD}="IGNORE"; # in the unlikely event a child exits before the parent

my ($procmatch, $timeout, $message) = ($ARGV[0],$ARGV[1],$ARGV[2]);

foreach $pid (split /\s/,`/bin/pidof $procmatch`) {
        my ($display, $xauthority, $homedir);
        foreach $envvar (split /\00/,`cat /proc/$pid/environ`){
                if ($envvar=~/DISPLAY=(.*)/){ $display = $1; }
        }
        foreach $var (split /\n/, `cat /proc/$pid/status`){
                if ($var =~ /Uid:\s+?(\d*?)\s+?/) { my @uid = getpwuid($1); $homedir = $uid[7]; }
        }

        if ($display){
                if (fork() == 0) {
                        $ENV{DISPLAY}=$display; $ENV{XAUTHORITY}="$homedir/.Xauthority";
                        exec("xmessage -center -timeout $timeout '$message'");
                }
        }
}

This script is then saved as xwall.pl and used in the following manner

Sometimes it can be a bit tricky to find a process that can be used as a keyword that covers all logged in users. I have had good experience with using the process alarmd as a keyword. Try the command ps auxw|grep alarm then you will see if this keyword works for you.

Abbildung 11.3. Message to Everyone Logged in

It is possible to automatically log in a specific user on a specific thin client when it gets turned on. This is done in the file /etc/kde2/kdm/kdmrc, where the following lines are added:

[X-ltsp010:0-Core]
AutoLoginEnable=true
AutoLoginUser=klaus

Here the user klaus gets automatically logged in to the thin client ltsp010 when it gets turned on. In order for this to work, you need to lock the MAC address til the IP number.

[X-ltsp058:0-Core]
AutoLoginEnable=true
AutoLoginUser=susanna

In this case, the user susanna gets automatically logged in on the thin client ltsp058.

[X-ltsp059:0-Greeter]
PreselectUser=Default
DefaultUser=perbart
	  

There are some people who think that the appearance of the "desktop" which accompanies Skolelinux/Debian-edu is not totally optimal. Maybe you would like to give all of your users another background picture, other icons on the desktop, other icons on the K menu and taskbar in KDE. It would be great if that could be done in such a way that everyting was done onace and for all in a simple fashion.

The secret lies in placing the files that you want all of your users to get when each user is created, in the correct directory, in this case in the directory named /etc/skel. If your users already exist then see „Making Possible the Use of Diskettes with a Thin Client“ og „Placing Desktop Icons for Several Users Simultaneously“.

Everything that is placed in the directory /etc/skel will get copied to the users home directory when the user is created. For example, if a file test.txt is placed there, then it will be put in the home directory with the correct permissions and ownership.

What we want is for everyone from the start should get a predefined setup of background, desktop, K menu, etc in KDE. The way this is done i to make a user which serves as a template. Call this user, for example, template, see „wlus - Webmin Ldap User Simple“ to find out how to create a user. Now log in as this user and set up thing the way you want them to be. Then copy the directory that contains all of the relevant KDE configuration files into /etc/skel. You find the KDE configuration files in the directories under .kde

First create the directory /etc/skel/.kde with the command mkdir /etc/skel/.kde, then do the copying with the command cp -ar /skole/tjener/home0/mal/.kde/* /etc/skel/.kde

Everything you see in your KDE desktop environment is a setting in one or another KDE configuration file. For example, the attributes for your shortcut icons are covered in the file Desktop/something-or-other.desktop. The following is part of the contents in the shortcut for OpenOffice.org Writer

[Desktop Entry]
Comment=
Exec=/usr/bin/oowriter
Icon=ooo_writer.xpm
Name=OpenOffice.org Writer
ServiceTypes=
Type=Application

Here you can see clearly how you can make changes to attributes such as the file path to where the program is stored, what kind of picture that is to be used for the icon, etc.

Kicker, nederste menylinje

Abbildung 11.4. kicker

Another important directory for KDE configuration files is .kde/share/config. This is where you find almost all of the configuration files for KDE programs. The niftiest one to know about is the file .kde/share/config/kickerrc which determines the appearance of the panel at the bottom of your screen.

During the installation of Skolelinux/Debian-edu, see Abbildung 6.4, „Password not Visible When you Type it“ you were asked to set a password. This password is the basis for 2 different passwords; one of them you use to login to Webmin, at the same time it is also the root password. The other is the LDAP password. To change the root/Webmin password, you can either use the command line and the command passwd or you can use the program kdepasswd, which you find in K-menu->Utilities->Change Password.

There is a backup module included in Webmin. You find it under the tab "Servers" and "Skolelinux Backup", or https://tjener.intern:10000/slbackup

Abbildung 12.1. Webmin Servers

This is the place in Webmin where you find slbackup.

Abbildung 12.2. Slbackup, General

Slbackup has 5 modes of operation;

Abbildung 12.3. Slbackup, Backup Details

This is where you set the time that you want the backup to be done, which will then take place at that time every day.

Abbildung 12.4. Slbackup, Backup Details, Backup Clients

Here you configure which machine you want to backup. You specify the IP address, together with the directories that you want to backup, and how long you want to keep a copy of the backup.

Abbildung 12.5. Slbackup, Backup Details, Backup Server

Here you set up the details for the machine that is going to do the backup. The most important detail is where the backup is going to be stored. The default backup partition is the LVM partition /skole/backup, see section „Resizing /skole/backup[id=lvm-backup]“. But there is nothing to stop you from setting in an extra hard drive and storing your backup there instead.

If you are observant, you may have noticed that we place the backup on the same hard drive as the one we take backup of. Stupid? Not so, if we take backups as an extra service for our users in case they accidentally delete a file. It is, of course, stupid to store your backup on the same hard drive if the purpose is to guard against a drive getting broken. Then it is wiser to set up a machine with a workstation profile, see „Workstation“, and install some really large capacity hard drives and use slbackup to make the backup external- making that machine your backup server.

Abbildung 12.6. Slbackup, Restore

What good is it to a backup utility, if you can't put the files back that have been deleted? By choosing "Restore" you have the possibility to choose which machine you want to get the files from, as well as which file or entire directory you want to get. You can also use everything that you have taken a backup of on the machine in question.

Abbildung 12.7. Slbackup, Restored Files

When you have chosen which machine you want to get the backup from, then you will get to make several more choices, among which the date/time you want to restore the backup, where you want the files to be placed. To start with, it's wise to use the directory /tmp/<macinename>.

It's smart to place the files being restored in the directory /tmp/<machinename>. Everything that is stored in this directory gets deleted when the machine reboots. In addition, by placing the files there, in this temporary directory, you make sure that you don't accidentally write over the wrong files (when you replace an old file with a new one that has the same name). After you have taken out the files that you need to restore, then you must go into this directory, /tmp/<machinename>, and use a file manager, see „Konqueror, File Manager“, to get out the files that you want.

Abbildung 12.8. Slbackup, Maintenance

By choosing "maintenance" you get the possibility to delete old backups that you no longer have any use for, or place for.

Abbildung 12.9. Slbackup, SSH Keys

In order to be able to take a backup over the network from other machines, without being asked each time for a password, SSH has been set up in such a way so that you only type in the password once.

Comparison of Various Versions of the Same File

If you have "destroyed" the format of a file, for example /etc/dhcp3/dhcpd-skolelinux, but you know that you have a backup of that file which is good, then you can use on of several programs to compare the varous versions of that file. If you have chosen to restore, then the old version of the file /etc/dhcp3/dhcpd-skolelinux will be placed in the directory /tmp/<machinename>/etc/dhcp3/dhcpd-skolelinux. A command-line based program is included to do a comparison of the files. The program is called diff, and is used in this fashion

diff /tmp/<machinename>/etc/dhcp3/dhcpd-skolelinux /etc/dhcp3/dhcpd-skolelinux

In this example, I have two examples of the file dhcpd-skolelinux, There is an error in one of them- it lacks two }-parentheses. This is the result of running the command diff with these two files:

klaus@tjener:~$ diff /etc/dhcp3/dhcpd-skolelinux.conf /tmp/tjener/etc/dhcp3/dhcpd-skolelinux.conf
217c217
<     }
---
>
225c225
<     }
---
>

Fortunately there are also other programs that do the same job. One of them mgdiff can be installed with

apt-get install mgdiff

see „Administration of Packages“ for how to add new packages. mgdiff has a graphical interface (GUI). If I start mgdiff and open the two files in this program, this is what I see:

Abbildung 12.10. Mgdiff

Liste tidspunkt det finnes backup fra (lokalt og eksternt):
 rdiff-backup --list-increments /skole/backup/tjener
 rdiff-backup --list-increments backup.intern::/skole/backup/tjener

Liste filer i en gitt backup ('--list-at-time now' gir siste):
 rdiff-backup --list-at-time 2004-02-22T01:30:02-04:00 /skole/backup/tjener/etc/ltsp/

Restore filer fra en gitt tid ('--restore-as-of now' gir siste):
 rdiff-backup --restore-as-of 2004-02-22T01:30:02-04:00 /skole/backup/tjener/etc/dhcpd.conf /tmp/dhcpd.conf

--------------[ Session statistics ]--------------
StartTime 1086202803.00 (Wed Jun  2 21:00:03 2004)
EndTime 1086204514.88 (Wed Jun  2 21:28:34 2004)
ElapsedTime 1711.88 (28 minutes 31.88 seconds)
SourceFiles 56607
SourceFileSize 1625082476 (1.51 GB)
MirrorFiles 41244
MirrorFileSize 1060012665 (1011 MB)
NewFiles 15372
NewFileSize 564463215 (538 MB)
DeletedFiles 9
DeletedFileSize 65488 (64.0 KB)
ChangedFiles 344
ChangedSourceSize 667575185 (637 MB)
ChangedMirrorSize 666903101 (636 MB)
IncrementFiles 15725
IncrementFileSize 1936873 (1.85 MB)
TotalDestinationSizeChange 567006684 (541 MB)
Errors 0
--------------------------------------------------

Jun 02 21:28:36 - Successfully finished backing up client tjener
Jun 02 21:28:36 - Finished slbackup.

There are several systems for user information and administration in Skolelinux/Debian-edu, but now we use LDAP and the utility WLUS, and not /etc/passwd and its accompanying commands such as adduser, useradd, etc.

To get access to Webmin, point your favourite web browser to the address https://tjener .intern:10000/ldap-users You can use any web browser you want, you can also connect a Mac machine and run it from there.

Abbildung 12.11. Webmin Login

The first thing you see is a dialogue box where you log yourself in as the user root, with the password you created during installation, see Abbildung 6.4, „Password not Visible When you Type it“

Abbildung 12.12. Welcome Screen- Webmin LDAP User Simple (WLUS)

After you have logged in to Webmin you will see this welcome screen for WLUS.

Because we haven't added any users yet, it would be natural for us to choose "New User(s)". But before we do that, we may want to adapt WLUS to our needs.

Abbildung 12.13. Configuration of WLUS

By clicking on "Module Config" we can change how strict we want our password policy to be, as well as where we want to put our users' home directories, plus other things. When you are done making your changes, click on "Save". Then you are ready to create new users. The first thing you need to do is make a test user. This is a user that functions as a template for setting up things exactly the way you want it to be for all of your users. Have a look at Kapitel 11, Special Adaptations for your Users

Abbildung 12.14. New User

Now you should be ready to create new users. The first thing you should do is to create a test user. This is a user that you use as a template for setting up things exactly the way you want things to be for all of your users. Have a look at Kapitel 11, Special Adaptations for your UsersThere are two different ways to add new users, either one at a time, or a whole bunch at once using a so-called semicolon-separated file(;). By clicking on "New User(s)" you get up a rather long page. At the top is the possibility to add users manually one by one, by providing first/last name, together with password, if desired. A little farther down the page, you find the possibility to add several users at once, "Add users from file"

When you add a user in this way, the computer provides the username, and if you want, the password as well. But you can override this by ticking "Common password - Yes" and then typing in the password you want.

Remember to also choose what kind of role you want the new user to have.

Abbildung 12.15. Result of New User

When new users have been added using WLUS, you get a receipt with information about name, username and password, in a format that makes it easy to print it out, clip it up and give it to the user.

Abbildung 12.16. Importing the File

It is also possible to add an entire class of users, or even a whole school. By using the other way of adding users, that is the so-called semicolon-separated file.

This file is formatted with the different fields separated by a semicolon. You can create this file by exporting it to a semicolon-separated file from the school's database of attending pupils, or by exporting from OpenOffice/Excel, or by using a regular, simple text editor such as K-menu->Editors->Text Editor

Abbildung 12.17. File Import

In order to use the file import function, you have to scroll down to the bottom of the page where you find a dialogue box for adding users from file. Click on browse to find your file with the semicolon-separated users. When you have found that file, click on "Add users from file"

Abbildung 12.18. Importing Users from File

When you have got the file with the users, you will see the different semicolon-separated items listed in different columns. At the top of each column you choose the name for its content; as a minimum you should have first name and last name.

Abbildung 12.19. Result of File Import

When you add users from file, you get a nice list of the new users' usernames and passwords, in a format that is easy to print out and distribute to the user.

Abbildung 12.20. List of Registered Users

By clicking on "Search" without filling in the search field, you get a list of all users who are registered. By clicking on "User Data" you get the possibility of changing the password for that user, as well as other things such as the name of the user. If you want, you can also choose to move the users home directory, but you will need to personally move the files in question since this is not done by WLUS.

Abbildung 12.21.

Abbildung 12.22. Disable Login

When users are on the system, there are some extra possibilities to choose, such as "Delete user" and "Disable Login"

By putting a cross in front of a user, and choosing for example "Disable Login" that user will not be allowed to login.

Abbildung 12.23. Excluded Users

The result of having chosen "Disable Login" is seen as a fine red cross for that user.

Abbildung 12.24. Re-enabling Login

By putting a cross in front of the user and clicking on "Enable Login" you will see a green cross reappear in front of that user. The user can login again.

Changing the User's Password

The users can change their own password, as long as they have one that works. By starting the program kdepasswd which they can find in K-menu->Utilities->Change Password

Of course, they can also use the command passwd from the command line.

Abbildung 12.25. Kdepasswd, Old Password

This is where you type in the old password, that is, the one that the user used to login. Note: if this is written incorrectly, then the kdepasswd program will "freeze". log out/in to solve this.

Abbildung 12.26. Kdepasswd, New Password

This is where you type in the new password, Note: this must be 6,7 or 8 characters, neither more nor less.

Abbildung 12.27. Kdepasswd, Successful

If everything goes the way it should, then this message will pop up.

Abbildung 12.28. Kdepasswd, Too Long Password

If you type in a password that is longer than 8 characters, you will get a message that the password has been truncated, that is only the first 8 characters have been used.

/usr/share/debian-edu-config/tools/passwd admin
Enter new password for user admin: 
Reenter new password: 
Enter bind password:

Webmin is the place where you can control all of Skolelinux/Debian-edu with your web browser.

You find Webmin by pointing your web browser to https://tjener.intern:10000

You find OOo in K-menu->OpenOffice.org->OpenOffice.org Writer

Starting OOo the First and Second Time

Abbildung 13.1. OOo, External Address Book

The first time you start OOo it will ask you what kind of external address book you have. Here you can safely choose "Cancel"

Abbildung 13.2. OOo, Registration

The second time you start up OOo, it will ask you if you want to register as a user of OOo. For the sake of simplicity, you can choose "Never register"

Personal Configuration of OOo

It pays to first configure OOo according to your own preference. OOo has an enormous number of various configurations, everything from the colour of the buttons to what the different buttons do when you click on them.

You find all of these configurations under Tools->Options.

Abbildung 13.3. OOo, Options

The first thing I usually do is change the size of the buttons. I prefer large buttons. You find this choice under OpenOffice.org->View->Large buttons

While you are there in Options, have a look at the other options that you have. You can set up Kmail as your email program, your preferred web browser. This is done under OpenOffice.org->External programs

Abbildung 13.4. OOo, External Programs

There are several useful things you can do here, for example under OpenOffice.org->Load/Save->General you have the opportunity to set up OOo so that it always saves a document in either OOo-format, or in another format such as Microsoft Word 97/2000/XP

OOo has 3 toolbars. The one on the left is called the "Main Toolbar". The one at the top (the one that has the printer icon) is called the "Function Bar". The one that is under that (the one that has underlining and italics) is called the "Object Bar"

Using OOo

Abbildung 13.5. OOo, Toolbars

Exporting Directly to PDF-format

It's often great to be able to produce a text for others, without giving them the possibility to change the contents. It's also nice to be able to send a document without worrying about whether the person receiving it has OpenOffice.org or MS Word. The format that makes this possible is pdf. In the next version of OpenOffice.org, version 1.1, it's possible to convert to pdf-format just by clicking on a button, like this:

Abbildung 13.6. Printing Directly to pdf-Format

While you wait for version 1.1 in Skolelinux/Debian-edu you'll just have to use the old method for converting to PDF, that is, by setting up a "PDF printer".

Start OpenOffice.org Printer Administration, choose New Printer. Now select Connect a PDF converter. Click on Next. Now choose the default driver and again click on Next. Mark the long line that contains /usr/bin/gs, and then choose a target directory such as pdf. Remember that this directory must exist, because this is where your exported pdf files end up. Then you give a name to this printer- the suggested name is fine.

PDF-Conversion for All

If you find out that all of your users need access to a PDF converter, without having to go through a long and complicated process of configuration, you can do it for them. Start by logging yourself in as a test user, referred to here as test. If yours is called something else, then you must replace the name test with the username that you use. Configure and set up a pdf-converter, with the target directory as pdf. The result of this will be a new OpenOffice configuration file, placed in /skole/tjener/home0/test/.openoffice/1.0.2/user/psprint/psprint.conf. The contents of this file is

[PDF-konvertering]
Printer=SGENPRT/PDF-konvertering
DefaultPrinter=0
Location=
Comment=
Command=/usr/bin/gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile="(OUTFILE)" -
Features=pdf=/skole/tjener/home0/test/pdf
Copies=1
Scale=0
Orientation=Portrait
PSLevel=0
ColorDevice=0
ColorDepth=24
MarginAdjust=0,0,0,0
PPD_PageSize=A4
PerformFontSubstitution=true
SubstFont_Arial=Helvetica
SubstFont_Times New Roman=Times
SubstFont_Cumberland=Courier
SubstFont_Timmons=Times
SubstFont_Helmet=Helvetica
SubstFont_Thorndale=Times
SubstFont_Albany=Helvetica
SubstFont_Courier New=Courier

If all of your users had had this file, then they would automatically see this printer in the list of installed printers, but temember that the target directory must reflect the user in question.

You can either "share" this file for all of your users with the help of a couple of simple scripts, or you can have a look at the files that are in the directory /usr/lib/openoffice/share. It's possible to change these according to your needs, but it pays to do this prior to the first time your users start up OpenOffice.org.

Instead, I will show you the commands I just used to automatically set up pdf-conversion for all of my users.

After having first set up the pdf-converter for my user test, I copy the resulting file over to all of my users:

for dir in /skole/tjener/home0/*;do cp /skole/tjener/home0/test/.openoffice/1.0.2/user/psprint/psprint.conf $dir/.openoffice/1.0.2/user/psprint/psprint.conf;chown --reference=$dir $dir/.openoffice/1.0.2/user/psprint/psprint.conf;done

When this has been done, all of my users will get a new printer in the list of accessbile printers when they try to print out from OpenOffice. Please note that they have to first start up OpenOffice or else they won't have the necesary directories in their home directory. After that you must replace the reference to the test user that is found in the file.

cd /skole/tjener/home0
for dir in *;do perl -pi.bak -e "s/test/$dir/" $dir/.openoffice/1.0.2/user/psprint/psprint.conf;chown --reference=$dir $dir/.openoffice/1.0.2/user/psprint/psprint.conf;done

Now all of your users should have a pdf-converter, as well as the directory pdf as a target directory. Please note that this only concerns users who have already started up OpenOffice. The only thing that is missing now is that they all have the directory pdf.

for dir in /skole/tjener/home0/*;do mkdir $dir/pdf;chown --reference=$dir $dir/pdf;done

Please note that there are many possibilities for fun things such as ensuring that all users get the directory pdf set up when the user is created in Webmin, as well as other exciting things such as everyone getting this pdf-converter automatically set up when they start OpenOffice the first time. See „Deciding Which Directories the Users Should Have“, but more about this another time.

Abbildung 13.7. KMail Icon

You find KMail under K-menu->Internet->KMail

The first thing you see is this:

Abbildung 13.8. KMail Startup Screen

The first thing you do is to set up KMail so that you can send and receive email. Go to the menu line and click on Settings->Configure KMail...

Here you get a list of menu choices on the left. Let's start with "Identity"

Abbildung 13.9. KMail Identity

This is where you fill in correct information in the fields Name, Organization, Email Address, Reply-To Addressand, if desired, Signature.

Abbildung 13.10. KMail Network

Next you have to make KMail ready for sending and receiving email. Click on Network. This depends a bit on how your Internet provider handles your mail, for example SMTP, then you must choose sendmail, or fill out the name of your SMTP-server.

Abbildung 13.11. KMail New Account, Pop3

Next, you must add an account so that you can get your mail. You do this by going to Incoming Mail and clicking on Add...

This is where you fill in correct information about Name (that is, what you yourself want to call this account), Username, Password, Host, Port (which is most often 110).

It's important to decide here whether you want the password to be saved in a file (as clear text), or if you don't want that, which means that the password will have to be typed in every time someone gets their email. The later is the most secure and most often recommended. The next thing you have to consider is if you want people to be able to only get a copy of the email or get their email and have it deleted form the server. If you make the first choice (not deleting the email) then the server will get filled up with email, even if you delete it locally in KMail.

Abbildung 13.12. KMail New Account, IMAP

IMAP is another type of account. Here you must fill in correct information about Name (what you yourself want to call the account), Username, Password, Host, Port (which is most often 143). If you aren't sure what the different fields mean, you can click on "hjelp" to get an explanation.

Abbildung 13.13. KMail, Confirm Before Send

If you want to require confirmation before sending an email, put a cross in this box. You will then have to confirm that you really want to send an email, which can be a good thing if you just happen to accidentally hit the Send button.

Abbildung 13.14. KMail, Security Settings

People often get emails in the form of an HTML-file (which is not used any other place than on the Internet), typically from Outlook. There is a certain degree of security risk involved with these files; but by choosing clear text over HTML it can sometimes make things a bit cumbersome. By putting a cross here, it's easier to look at pictures that are sent as email.

Abbildung 13.15. KMail, Miscellaneous Settings

Here you have the possiblity of choosing to empty the trash when you exit KMail, or to keep trash size below a set mimit. You can also choose a nice melody to be played when you get an email.

Using KMail

Abbildung 13.16. KMail, Menu Line

Some of the buttons here are inactive. You can see that they are a lighter shade and you can't click on them because they won't accomplish anything in that particular situation. The buttons that are active and clearly presented are functional. By clicking on the picture of a mailbox with a blue arrow pointing down, you will get email from your mail server. by clicking on the picture with a blank piece of paper you can start to compose a new email.

Abbildung 13.17. KMail, New Email

By clicking on the blank piece of paper or going in to the menu Message->New Message... another window will appear with a different toolbar. The most important thing here is the picture of a paper clip. By clicking on that, you open up the file manager where you can choose a file to attach as an attachment. The paper clip symbolises an attachment. The other important item here is the picture of an envelope with a blue arrow pointing up. By clicking on that you send off the email.

Abbildung 13.18. KMail, Email Toolbar

Abbildung 13.19. KMail, Folder Toolbar

Exec=kmail -caption "%c" %i %m

Exec=kmail -caption "%c" %i %m -check

You find the file manager in K-menu->Home Directory

Your home directory is that part of the hard drive where your files are stored. The symbol for your home directory is a house.

The file manager is, in fact, a web browser called Konqueror. In its current version, Konquerer is not a very good web browser. However, it does function great as a file manager.

Abbildung 13.20. File Manager, Home Icon

I think it's nice to "see" what I've got in my files, by going to the menuView->Preview and by clicking on, for example, "Images",then you can see things a bit more clearly.

You can create new directories/folders by right-clicking somewhere in the background of the file manager. Then a menu pops up where you then choose "Create New" and "Directory". If you want to move a file into another directory, then you can simply "drag" it over to the directory in question by holding the left mouse button down while moving the file over to the directory, then releasing the button when you are over the directory. Alternatively, you can press the right mouse button (that is, right-click) on the file you want to move and a menu pops up. Click on Cut, then find the directory you want to move the file to, right-click on that directory and another menu pops up. Choose Paste and the file is transferred.

Sometimes it's good to be able to see the contents of two directories simultaneously. You can make this happen by choosing Window->Split View Left/Right. Then you can easily move files in a clear manner between directories.

There should be a link here to the sections about installation and maintenance of packages.

It often happens that Gimp goes "crazy" and grabs all of power from the processor and the available memory from the machine, which is a bit of a problem when it affects an entire school class, so a little bit about kpm should be put in here

The version of Mozilla that officially accompanies Debian Woody/Skolelinux is version 1.0. This can be installed with the command

This version is a bit old, so in some cases it may be worthwhile to install a newer version. The latest version is 1.6. By using a text editor to temporarily add the line

deb http://www.backports.org/debian stable mozilla

to the file /etc/apt/sources.list, and then updating the database, you can then install the program with the command

deb ftp://ftp.nerim.net/debian-marillat/ stable main
	  

By using your favourite text editor to add the line

deb ftp://ftp.nerim.net/debian-marillat/ stable main

to the file /etc/apt/sources.list, see „How to Edit System Configuration Files[id=kedit]“, and then updating the database, you can then use your favourite package manager (see „Administration of Packages“ or „kpackage“) to install Acrobat Reader

These are the necessary packages to install

tjener:~# apt-cache search acrobat
acroread - Adobe Acrobat Reader: Portable Document Format file viewer
acroread-debian-files - Debian specific parts of Adobe Acrobat Reader
acroread-plugin - Adobe Acrobat(R) Reader plugin for mozilla / konqueror

These can be installed with the command

This is a super multimedia player, which you can use to play DVD, AVI, MPEG, WMV, etc.

This program is not included with Skolelinux/Debian-edu; it must be downloaded. To do this, you have to add the following line to the file /etc/apt/sources.list

deb ftp://ftp.nerim.net/debian-marillat/ stable main

and then complete the installation process with the command

apt-get update

apt-get install mplayer

Of course, you can use your favourite package manage instead, such as „kpackage“, or „Webmin“