Venus 1.0 install and setup Skolelinux/Debian-edu notes, last worked on at 29th August 2004 Klaus Ade Johnstad Norway,Oslo, Kampen Copyright ? 2002, 2003, 2004 Klaus Ade Johnstad This document is licensed under GNU General Public License ------------------------------------------------------------------------------- Table of Contents Preface 1. Where to get help, and how[id=help] 1.1. Maillists belonging to the Skolelinux/Debian-edu-project[id=maillists] 1.2. IRC chatchannel Skolelinux/Debian-edu[id=irc] 1.3. Invite a Skolelinux/Debian-edu knowledgeable person into your computer.[id=sshtunnel] 1.4. Permanent backdoor into a Skolelinux/Debian-edu machine with an SSH tunnel [id=backdoor] 1.5. More in-depth Linux documentation[id=linuxdoc] 1.5.1. Sk ne Sj lland Linux User Group, Friheden til at skrive b ger[id =sslug] 1.5.2. The Linux Documentation Project [id=tldp] 1.5.3. Manuals for OpenOffice.org[id=OOdoc] 1.5.4. LTSP, Linux Thinclient Server Project(LTSP)[id=ltspdoc] 2. Getting the "right" hardware[id=hardware] 2.1. Firewall/router[id=coyote] 2.2. Mainserver[id=mainserver] 2.3. Thinclient server[id=ltspserver] 2.4. Thinclient[id=thinclient] 2.5. Workstation[id=workstation] 2.6. Laptop[id=laptop] 3. Firewall/router for Skolelinux/Debian-edu 3.1. Hardware[id=coyotehardware] 3.1.1. Latest version of Coyote Linux 3.2. Placement of firewall/router in the Skolelinux/Debian-edu network?[id= coyoteplacement] 3.3. Creation of Coyote Linux floppy[id=makefloppy] 3.3.1. Creation of Coyote Linux floppy on a Windows machine[id=clwin] 3.4. Upgrade to newer versions of Coyote Linux[id=clupgrade] 3.5. Coyote Linux bootup[id=clboot] 3.6. Coyote Linux commandline login[id=cllogin] 3.7. Coyote Linux webadministrator[id=clgui] 3.8. Login via SSH[id=clssh] 3.9. Useful commands in Coyote Linux[id=clcommands] 3.10. Coyote Linux as a ordinary dhcp-server in a non-Skolelinux/Debian-edu network. 3.11. Coyote Linux and different ISP[id=clisp] 3.12. Supported networkcard and drivermodules used.[id=clmodules] 3.12.1. Supported networkcard and drivermodules used. 3.12.2. The special case of 3com 509 ISA networkcard 3.13. Further information about Coyote Linux[id=clinfo] 4. Skolelinux/Debian-edu instal[id=installation] 4.1. Nettverksarkitektur[id=architecture] 4.2. Preparing the machine to boot from cdrom[id=bios] 4.3. Short description of the profiles in Skolelinux/Debian-edu[id= profiles] 5. first stage of Skolelinux/Debian-edu instal 5.1. Where to get the Skolelinux/Debian-edu cdrom[id=getcdrom] 5.1.1. Download the Skolelinux/Debian-edu cdrom[id=downloadcd] 5.2. First stage[id=firststage] 6. Second stage of Skolelinux/Debian-edu install[id=secondstage] 6.1. Second stage 6.1.1. Something went wrong... 6.1.2. Turn off, or reboot the machine 7. Something went wrong.. 7.1. Doesn't the videocard function? 8. Fine-tuning[id=finetuning] 8.1. The famous commandline[id=cli] 8.1.1. Shell/Terminal[id=shell] 8.2. Howto edit system configurationfile[id=kedit] 8.3. more or less[id=moreless] 8.4. Install a kernel with support for upto 4GB ram and multi processors. [id=smp] 8.5. Change the size of the lvm-partitions[id=lvmresize] 8.5.1. Resize partition /usr[id=lvm-usr] 8.5.2. Resize /skole/tjener/home0[id=lvm-home0] 8.5.3. Resize /skole/backup[id=lvm-backup] 8.5.4. Resize /var[id=lvm-var] 8.5.5. Resize /var/opt/ltsp/swapfiles[id=lvm-swapfiles] 8.5.6. swap[id=lvm-swap] 8.5.7. Add a new volume(lv)[id=newlv] 8.5.8. Adding a new disk to lvm in Skolelinux/Debian-edu 8.6. Edit host netgroups 8.6.1. The netgroup module 8.6.2. Adding hosts to a netgroup 8.6.3. Saving changes 8.6.4. Adding a new netgroup 8.6.5. Adding a subgroup 8.6.6. Deleting a netgroup 8.6.7. Removing hosts from a netgroup 8.6.8. Removing a subgroup 8.7. Thinclient setup 8.7.1. Lage oppstartsdiskett for vanlige (ikke PXE-kort) nettverkskort 8.7.2. Universaloppstartsdiskett, passer for 30 forskjellige nettverskkort. 8.7.3. L se tynnklienter med MAC-adresse til et IP-nummer. 8.7.4. Spesialtilpassing av tynnklienter 8.8. Virker nettverkskortene? 8.9. Administrasjon av pakker. 8.9.1. Oppdater databasen med info om tilgjengelige pakker. 8.9.2. Oppgradere samtlige installere pakker til en nyere versjon 8.9.3. Oversikt over hvilke pakker som er installert 8.9.4. Lete etter en bestemt pakke 8.9.5. Vise tilgjengelig informasjon om en pakke. 8.9.6. Installere en pakke 8.9.7. Fjerne en installert pakke 8.9.8. Installer en helt bestemt versjon av en pakke 8.9.9. Installere en pakke ved hjelp av dpkg 8.9.10. Lete igjennom filer som installeres fra en bestemt pakke 8.9.11. Finne hvilken pakke en fil kommer fra 8.9.12. Eget lokalt speil med deb-pakker. 8.10. Kvotesystem p harddiskplass 8.10.1. Stoppe fila .xsession-error fra fylle hele harddisken 9. Services out-of-the-box in Skolelinux/Debian-edu 10. Tynnklienter 10.1. Legge til en skriver, p en tynnklient 10.2. Muliggj re bruk av diskett p en tynnklient 10.2.1. Bruk av MToolsFM 10.2.2. .mtoolsrc b de p tynnklient og arbeidsstasjon 10.3. Muliggj re bruk av USB-penn p en tynnklient 10.3.1. Feilmelding av typen mtools_skip_check=1 10.4. Lyd p tynnklienter 11. Spesialtilpassning for dine brukere 11.1. Bestemme hvilke kataloger brukerene skal ha 11.2. Bestemme hvordan programmenyen skal se ut. 11.3. Automatisk start av program ved innlogging. 11.4. Beskjed til alle ved p logging. 11.4.1. Beskjed til en bestemt bruker ved p logging. 11.5. Gi beskjed til alle brukere som er p logget 11.6. Automatisk innlogging av en bruker 11.6.1. Automatisk utfylling av brukernavn i innlogginsboksen 11.7. Sette opp skrivebord, menylinjer, osv likt for alle n r brukeren blir opprettet. 11.7.1. Kicker, nederste menylinje 11.7.2. Ikoner p skrivebordet, bakgrunnen 12. Daglig drift av Skolelinux/Debian-edu nettverket med Webmin 12.1. Passordet til Webmin 12.2. Backup 12.2.1. Sammenligne forskjellige versjoner av samme fil 12.2.2. Egen dedikert backupserver 12.2.3. slbackup fra kommandolinja 12.2.4. Loggfilene til slbackup 12.3. wlus - Webmin Ldap User Simple 12.3.1. Endring av brukerens passord 12.3.2. Bytte av en brukers passord fra kommandolinjen 12.3.3. Bytte ldap-admin passordet 12.3.4. Direkte redigering av filene i LDAP-databasen. 12.3.5. Hvordan starte med en ny "frisk" LDAP-database? 13. Konfigurasjon/bruk av de mest brukte program. 13.1. webmin 13.2. OpenOffice.org 13.2.1. F rste og andre gangs start av OOo 13.2.2. Personlig innstilling av OOo 13.2.3. Bruk av OOo 13.2.4. Eksport direkte til PDF-format 13.3. Kmail 13.3.1. Bruk av KMail 13.3.2. Automatisk start og henting av epost ved innlogging. 13.4. Konqueror, filbehandler 13.5. KSirc 13.6. kpackage 13.7. gimp 13.8. Opera 13.9. Mozilla 13.9.1. Acrobat Reader som plugin i Mozilla/Konqueror 13.9.2. Legge inn plugin for se NRK-tv og andre filmsnutter p nett. 13.9.3. Macromedia Flash Player plugin i Mozilla 13.10. kstars 13.11. kgeo 14. Nyttige program som ikke f lger med p Skolelinux/Debian-edu cd'en 14.1. Acrobat reader 14.2. Mplayer A. Integration of other Linux distributions into Skolelinux/Debian-edu with ldap and autofs B. S ml s integrering av av Mac OS X maskiner C. Softwareraid i Skolelinux/Debian-edu D. KDE3.X i Skolelinux/Debian-edu D.1. KDE3.X i Skolelinux/Debian-edu D.1.1. KDE3.2 i Skolelinux/Debian-edu D.2. KDE3.1 p tynnklientene E. Kompilering av egne program F. Egen oppstartslogo p tynnklientene G. Ekstra eksternt tilbeh r G.1. Digitalt fotokamera G.2. Digitalt videokamera G.3. Skanner G.4. Leselist G.5. CD/DVD G.5.1. CD-brenner G.5.2. cd-brenner, metode#2 G.5.3. DVD-spiller G.6. USB-penn G.6.1. G.7. Smarttech Touchboard G.7.1. SmartBoard ikoner for brukerene H. Diverse "hjemmelagde" l sninger H.1. Laste ned nye versjoner av Skolelinux/Debian-edu cd, p en smart m te ved hjelp av rsync H.2. Hindre at brukere logger seg p flere tynnklienter samtidig. H.2.1. Kaste ut en bruker H.3. S rge for at alle prosesser/program virkelig avsluttes ved utlogging. H.4. Legg ut ikoner p bakgrunnen til flere brukere samtidig. I. Andre "geniale" Linux distribusjoner I.1. Sn frix I.2. Knoppix I.3. BBC I.4. SLAX I.5. tomsrtbt I.6. Freeduc, Live CD-ROM of free software for schools J. Diverse kjekke sm scripts J.1. Sm scripts J.1.1. Fjerne kommentarlinjer J.1.2. Foreta endringer i flere filer samtidig. K. Contribute to this document and Skolelinux/Debian-edu[id=contribute] K.1. Translate K.2. Test Skolelinux/Debian-edu on your computer with an emulator, qemu K.3. Screenshots L. install_without_autopartkit.txt[id=withoutautopartkit] M. GNU Free Documentation License M.1. PREAMBLE M.2. APPLICABILITY AND DEFINITIONS M.3. VERBATIM COPYING M.4. COPYING IN QUANTITY M.5. MODIFICATIONS M.6. COMBINING DOCUMENTS M.7. COLLECTIONS OF DOCUMENTS M.8. AGGREGATION WITH INDEPENDENT WORKS M.9. TRANSLATION M.10. TERMINATION M.11. FUTURE REVISIONS OF THIS LICENSE M.12. How to use this License for your documents List of Tables 3-1. The different names used in the networkcards in Coyote Linux List of Figures 3-1. Overview of placement of firewall/router in Skolelinux/Debian-edu 3-2. Download the sourcefiles for Windows. 3-3. Windows can't find necessary dll 3-4. Coyote Linux Windows creator welcome-image 3-5. Local network setup 3-6. Set a password on the Coyote Linux floppy 3-7. Syslog server 3-8. Internet connection type 3-9. Static IP-configuration 3-10. Do not enable the Coyote Linux DHCP-server! 3-11. Choose drivermodules for your networkcards. 3-12. Create disk 3-13. Coyote Linux starting up 3-14. Generating dss-keys. 3-15. Coyote Linux login 3-16. Coyote Linux Menu 3-17. Changing password 3-18. Coyote Linux webadministrator 3-19. Coyote Linux Main Menu 5-1. Skolelinux/Debian-edu startup from cd 5-2. Choose language 5-3. Installation of Udeb-packages. 5-4. Inforation about the different "profilene" 5-5. The different profiles in Skolelinux/Debian-edu 5-6. Loading necessary drivermodules. 5-7. Warning! The contents of all your harddrives will be erased! 5-8. The last packages, the kernel and the bootloader GRUB is installed. 5-9. Last preparation for secondstage install. 6-1. Skolelinux/Debian-edu starting from harddrive with GRUB [17] 6-2. Skolelinux/Debian-edu boot in progress 6-3. The root-password 6-4. Note that you will not be able to see the password as you type it. 6-5. Installation of packages in the secondstage. 6-6. Installation is complete, the necessary reboot 6-7. Installation is complete, no KDM 6-8. Installation is complete, KDM 7-1. Textbased login 8-1. Overview of netgroups 8-2. Adding hosts to a netgroup 8-3. New hosts added to the netgroup 8-4. Changes are saved 8-5. Adding a new netgroup 8-6. New group added 8-7. Adding a subgroup 8-8. Subgroup added 10-1. MToolsFM oppstartsbilde 10-2. Valgmuligheter 11-1. kschoolmenu, start 11-2. kschoolmenu, add meny 11-3. Beskjed til alle p loggede 11-4. kicker 12-1. Webmin servers 12-2. slbackup, general 12-3. slbackup, backup details 12-4. slbackup, backup details, client 12-5. slbackup, backup details, server 12-6. slbackup, restore 12-7. slbackup, restored files 12-8. slbackup, Maintenance 12-9. slbackup, SSH keys 12-10. mgdiff 12-11. Webmin loggin 12-12. WLUS velkomstskjerm 12-13. Konfigurasjon av WLUS 12-14. Ny bruker 12-15. Resultat av Ny Bruker 12-16. Fileimport filen 12-17. Fileimport 12-18. Import av brukere fra fil. 12-19. Resultat av filimport 12-20. Oversikt over registrerte brukere 12-21. 12-22. Disable Login 12-23. Nektede brukere 12-24. Oppheving av nektet p loging. 12-25. kdepasswd, gammelt passord 12-26. kdepasswd, nytt passord 12-27. kdepasswd, vellykket. 12-28. kdepasswd, for langt passord 13-1. OOo, ekstern adressebok 13-2. OOo, registrering 13-3. OOo, innstillinger 13-4. OOo, eksterne programmer 13-5. OOo, verkt ylinjer 13-6. Print direkte til pdf-format 13-7. KMail ikonet 13-8. KMail oppstartsbilde 13-9. KMail Identitet 13-10. KMail Nettverk 13-11. KMail Ny konto, pop3 13-12. KMail Ny konto, imap 13-13. KMail, bekreft f r sending 13-14. KMail, Sikkerhetsinnstillinger 13-15. KMail, Forskjellige innstillinger 13-16. KMail, menylinje 13-17. KMail, ny epost 13-18. KMail, epostmenylinje 13-19. KMail, mappe-menylinje 13-20. Filbehandler, hjem ikon ------------------------------------------------------------------------------- Preface This document is written mainly because nobody else did it, and because it had to be done. This document is NOT a general Linuxbook, it is not a document about Linux, but about Skolelinux/Debian-edu, you must supplement reading this document with material from Section 1.5. Warning You use this document at your own risk, it is to be considered at constant work-in-progress. +-----------------------------------------------------------------------------+ | The strategy behind writing this document[id=excuse] | | | | This document contains a rather large amount of screenshots, simply because | | I like to write according to the saying "A picture can say more than a 1000 | | words. | +-----------------------------------------------------------------------------+ +-----------------------------------------------------------------------------+ | Placeholder for fixme[id=fixme] | | | | This in is here to avoid errors refeing to id=fixme during compilation of | | sgml-files, will be removed later | +-----------------------------------------------------------------------------+ Warning Contribute to this document. I don't intend, not do I have the time, to maintain this document alone, please read the chapter on how to contribute, by translating, fixing typos, codecleanup, etc ------------------------------------------------------------------------------- Chapter 1. Where to get help, and how[id=help] 1.1. Maillists belonging to the Skolelinux/Debian-edu-project[id=maillists] Sometimes when you are really stuck, and have no idea how to solve your problem, or maybe you don't even know how to formulate your problem, then it can be very comforting to know that there are several maillists out there dedicated to helping you. There are different maillists out there, targeted at different types of users, and in different languages. Have a look at the webpage http:// developer.skolelinux.no/mailinglister.html Have a look at Section 13.3 for help on setting up and configuring the mailclient KMail. ------------------------------------------------------------------------------- 1.2. IRC chatchannel Skolelinux/Debian-edu[id=irc] Another place to get help is via IRC, channel: #skolelinux (IRCnet (irc.pvv.ntnu.no, irc.ifi.uio.no, irc.uib.no)). At the moment this one is for Norwegian-speakers only. Have a look at Section 13.5 for help on setting up and configuring the IRC-client KSirc. ------------------------------------------------------------------------------- 1.3. Invite a Skolelinux/Debian-edu knowledgeable person into your computer.[id =sshtunnel] As long as your Skolelinux/Debian-edu computer has network connection, it possible for someone else to remotely login to your computer with SSH and help you. First you need to create a user. Refer to Section 12.3 for creating one. In the following I assume that this newly created user for this purpose has the username sshhelp. On the machine where your helping hand is logged in, you must also be able to login. Your helping hand must supply you with a username for this purpose, I will assume this username is helper. If the person that is going to help you is logged into a machine with the IP number 193.217.148.238, then you use the command ssh 193.217.148.238 -R 2100:localhost:22 -l helper to setup and start an SSH tunnel on port 2100. Your helping hand can use this SSH tunnel to log into your Skolelinux/Debian-edu machine and help you. Now after you have started the SSH tunnel with the command above, your helper will be able to login to your machine with this command issued on his machine ssh -l sshhelp -p 2100 localhost Please have a look at the manual page for SSH,man ssh, or write man:ssh in the adress field in the browser/filemanager Konqueror, especially so that you understand the different options used in the commands above ------------------------------------------------------------------------------- 1.4. Permanent backdoor into a Skolelinux/Debian-edu machine with an SSH tunnel [id=backdoor] There are places where the one in charge of the network is not you, and where this someone who is in charge of the network has blocked incoming SSH connections. If we could login to our server from anywhere then our life as administrator would be very comfortable indeed. To overcome such showstoppers in the network, we have in Skolelinux/Debian-edu included a script, that sets up an SSH tunnel, similar to the one in Section 1.3, but with an added feature; no need for a helper on the other side, the script handles this for us. This script is located in the package debian-edu-config and once this package is installed, the script is found in /etc/init.d/open-backdoor. This script needs some information from you to run correctly: RPORT=this is the port that you will be using on the remote machine that you use. RHOST=this is the DNS name, or IP number to the remote machine that you use. RUSER=this is the username on the remote machine that you use. If we take the values from Section 1.3, the script will look like this: RPORT=2100 RHOST=193.217.148.238 RUSER=help When you have supplied the necessary parameters RPORT, RHOST and RUSER, you need to setup and configure the necessary SSH keys for the script, so that the script can setup the SSH tunnel automatically for you, without the intervention by the helping in hand in Section 1.3. You must login in as the user root on the machine where the backdoor-script is running; this can be a Server, Workstation or Thin-client server, your choice. Then you must run the command ssh-keygen -t dsa When asked for a passphrase, just leave that empty. After you have generated the SSH keys, you must make sure to transfer the public part of this key to the machine on the outside, and on this machine place it in the file .ssh/ authorized_keys. Make sure you do this in a safe way, not via a Hotmail account. The best would be to use the SSH equivalent scp. You achieve this with the commands From the machine with the backdoor-script running, where you just generated the SSH keys, issue the command scp -p /root/.ssh/id_dsa.pub RUSER@RHOST:~RUSER Then login to the remote machine, and issue the command cat id_dsa.pub >> ~/.ssh/authorized_keys chmod 600 ~/.ssh/authorized_keys Now you should be able to start the backdoor script with the command /etc/ init.d/open-backdoor start , and with the command ssh -l RUSER -p RPORT localhost you should be able to login from the remote machine to your Skolelinux/ Debian-edu machine, very comfortable. +-----------------------------------------------------------------------------+ | In above commands you must replace the values for RPORT, RUSER and RHOST | | with those that apply to your situation. | +-----------------------------------------------------------------------------+ Tip Now is definitely the time to brush up your knowledge on scp, man scp or write man:scp in the address field in Konqueror. Warning (man-in-the-middle attack)! If you have a backdoor script running on many different Skolelinux/Debian-edu machines, then you will experience a frequent warning when trying to login to localhost @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is ba:bc:68:4c:0b:72:4b:89:d3:04:00:c3:ab:8b:b8:98. Please contact your system administrator. Add correct host key in /home/klausade/.ssh/known_hosts to get rid of this message. Offending key in /home/klausade/.ssh/known_hosts:2 RSA host key for localhost has changed and you have requested strict checking. Host key verification failed This is nothing to get scared about. It just means that you must delete (in this case line 2) the line in the file /home/klausade/.ssh/known_hosts containing localhost ------------------------------------------------------------------------------- 1.5. More in-depth Linux documentation[id=linuxdoc] There is an enormous amount of written material about every aspect concerning Linux and GNU. Online you'll find full in-depth books with +1000 pages, and shorter 1/2 DIN A4 pages. Your local bookstore should probably have at least 100 Linux relevant book titles available. ------------------------------------------------------------------------------- 1.5.1. Sk ne Sj lland Linux User Group, Friheden til at skrive b ger[id=sslug] This is a Danish Linux User Group,(LUG - Linux User Group). They have about 1830 pages of very well-written Linux documentation- all in Danish. All of these pages can be downloaded or read online in various formats, such as html, ps, pdf, Palm Pilot. These pages are organised into 15 different books, all available from Sk ne Sj lland Linux User Group ------------------------------------------------------------------------------- 1.5.2. The Linux Documentation Project [id=tldp] More in-depth books and guides are located in "The Linux Documentation Project"- all in English,as well as other languages. The Linux Documentation Project Tip A lot of already available documentation is ready to be installed on your Skolelinux/Debian-edu machine. Have a look at what is available with apt-cache search ldp and also apt-cache search documentation|more scroll down the list with the spacebar, and install what you find interesting with the command apt-get install packagename if I want to install the package doc-linux-html I would issue the command apt-get install doc-linux-html look at section FIXME ------------------------------------------------------------------------------- 1.5.3. Manuals for OpenOffice.org[id=OOdoc] The Norwegian Board of Education (L ringssenteret) have published small handy manuals, in Norwegian for the different components in OpenOffice.org, such as Writer, Impress, Calc, Draw and the HTML-editor. These manuals can be downloaded individually, or together (211 pages), from L ringssenteret's webpage at OpenOffice usermanual Tip This kind of OpenOffice material also exists in your language ------------------------------------------------------------------------------- 1.5.4. LTSP, Linux Thinclient Server Project(LTSP)[id=ltspdoc] The cornerstone to a well-functioning Skolelinux/Debian-edu is the Thin-client. In order to get these thin-clients running smoothly, there is a good piece of documentation written, which is already translated to several languages, Linux Terminal Server Project ------------------------------------------------------------------------------- Chapter 2. Getting the "right" hardware[id=hardware] +-----------------------------------------------------------------------------+ | Skolelinux/Debian-edu friendly suppliers | | | | There exists suppliers of new and used hardware, tested with and sold | | preinstalled with Skolelinux/Debian-edu. This means that you for a small | | amount of money, can save a lot of time fiddling with incompatible | | hardware, and spend more time on improving Skolelinux/Debian-edu | +-----------------------------------------------------------------------------+ ------------------------------------------------------------------------------- 2.1. Firewall/router[id=coyote] Short summary on things you need to create a Coyote Linux firewall/router for Skolelinux/Debian-edu. * An old used computer, anything from Pentium 75MHz CPU and upward, with 16 MB of RAM and more, no need for a harddrive or CDROM [1]. * Two networkcards, they can be be of type ISA or PCI, a mix is possible, 10MBit or 100Mbit, support for 1Gbit should be there. Any type of networkcard supported by the Linux kernel is usable, but since there is no automatic detection of what kind of networkcard you are using, you must specify yourself when creating the Coyote Linux-floppy what drivers you networkcard uses [2] , this means that it might be a bit troublesome to use no-name networkcards. Personally I prefer to use networkcards from the manufacturer 3COM, as almost all pci networkcards from them use the module 3c59x Short list of networkcards I use with success in my Coyote Linux machines, and the corresponding drivermodule: 1. 3com509 Module:3c509 2. 3com900 Module:3c59x 3. Intel Ethernet Pro 100 Module:eepro100 4. 3com590 Module:3c59x 5. RTL8139 Module:8139cp or 8139too * 2 floppy, preferably new and unused. * 1 crossed networkcable to connect Coyote Linux via the LAN-networkcard to the Skolelinux/Debian-edu eth0 networkcard[3] * A machine with a floppydrive and Internet connection, to download Coyote Linux, this can either be a Linux-machine, or a windows-machine, Coyote Linux sourcefiles exist for Linux and Windows, both produces a workable Coyote Linux floppy The procedure for making this Coyote Linux floppy is almost similar on Linux and Windows, expect it's a commandline script in Linux and a click& point thing i Windows. * Download a copy of Coyote Linux, from coyotelinux.com, look in the section Downloads, then look in Coyote Linux - Floppy Firewall What you are looking for exist in mainly two versions, on for Linux,( Linux Floppy Creator Scripts),and the other other one for Windows, ( Coyote Linux Windows Disk Creator), choose the one that suits you best, the resulting floppy will be the same. Warning The hardware specifications listed here is based on my own experience, your mileage may vary. ------------------------------------------------------------------------------- 2.2. Mainserver[id=mainserver] The function of this profile is further described in Section 4.3 The hardware specification for this profile depends mainly on how many users you have. * You should opt for SCSI-disks, or SATA, only use IDE-disk in small networks with few users. The size of the disk (or the RAID) is dictated by how many users you have, and how much space you give each of them, see FIXMESection 8.10 * A networkcard of good quality, 100Mbit or 1000Mbit * The CPU doesn't need to be very fast, about 500-1000MHz should do fine, this profile is mainly a fileserver-profile. * 256MB-512MB ram should be enough. Warning The hardware specifications listed here is based on my own experience, your mileage may vary. ------------------------------------------------------------------------------- 2.3. Thinclient server[id=ltspserver] The function of this profile is further described in FIXME Section 4.3 The most important, absolute important is plenty of high quality ECC ram. * The amount of ram you need depends on how many thinclients you have, and the pattern of use, see FIXME the sidebar Placeholder for fixme[id=fixme]. The rule of thumb says 64-124MB ram on the thinclientserver for each thinclient you have. and about 256 MB for the server itself. For about 40-50 thinclients 4GB of ram is sufficient, which is also the maximum amount of ram that ready-compiled Linux kernel for Skolelinux/Debian-edu supports, see FIXME Section 8.4 how to install a kernel with support for upto 4GB of ram and multiprocessor(SMP). If you have more than 4GB of ram in your server, then you must compile your own kernel with support for that, that is not (yet) the scope of this document, but the clue is to have in your kernel config file CONFIG_HIGHMEM64G=Y * You definetly want to have two processors, that way one user can start a heavy process, such as Gimp, and lock up one cpu, and there will still be one easily available for the other users on the system. It's not crucial to have the fastest cpu available on the marked, having two is more important. * On a machine with the profile thinclientserver installed, no userdata/ home-directories will be saved, all userdata will be nfs-mounted[4] from the machine with the profile mainserver. The need for large disk on this machine is not present, unless you choose to also use it as an external backup-machine, see FIXME the sidebar Placeholder for fixme[id=fixme]. 9 GB disk is enough for such a machine, but they should be SCSI, because of heavy load with many thinclients. * You must have two networkcards, of good quality. One card (eth0) will go back to the Mainserver to get home-directories, the other (eth1) will go to the thinclientswitch Warning Remember that each thinclient uses about 2 Mbit of network bandwidth, which means that on a 100 Mbit network, you can't have more than about 50 thinclients, if you need more than that, you must get more thinclientservers, or invest in 1Gbit network, I would choose more thinclientservers. Warning The hardware specifications listed here is based on my own experience, your mileage may vary. ------------------------------------------------------------------------------- 2.4. Thinclient[id=thinclient] The function of this profile is further described in Section 4.3 * You need a machine with a videocard that is possible to configure automatically, otherwise you must manually configure the videocard by hand. You do not want to use an old onboard ISA-based videocard, they are just trouble. * You want to have a networkcard that is capable of so called PXE-boot, then you need not to make any bootfloppies for the thinclient, which is a bothersome thing. Bootfloppies are bothersome to create, and they get lost, and you need them every time you boot the thinclient. With PXE-card it's just plug&play, you turn on the machine, and that's it. PXE-networkcards do cost a little bit more than normal networkcards, but it's worth it, definetly. +-------------------------------------------------------------------------+ | My experience says.... | | | | I've too often seen that the money one saves on not buying | | PXE-networkcard, are wasted many times when trying to get ordinary | | networkcards working in thinclients. As a minimum I recommend that you | | buy a couple of those, just to test, and to use when you just want to | | get a thinclient up and running quickly. | +-------------------------------------------------------------------------+ If you don't have PXE-networkcards, you must create bootfloppies for your cards. You should first have a look at Section 8.7.2, that is a kind of universal bootfloppy, with support for the 30 most common networkcards, if this one doesn't work with your networkcard, then you visit rom-o-matic.com and follow the online instructions there for making bootfloppies. * You need minimum 32MB ram[5] in the thinclient. In newer versions of Skolelinux/Debian-edu, present in Venus 1.0, there is the possibility to use swap over NFS to the thinclient, this is done automatically if you add the MAC-address of your thinclient in /etc/dhcp3/dhcpd-skolelinux.conf. Have a look at Section 8.7.3 * You don't need processor faster than 100MHz.[6] * There is absolutely no need for a harddrive, it just makes noise and generates heat, and uses uneccasary power. Remove it, or disable it physically. * Floppydrive if you want to use it in the thinclient, see FIXME Section 10.2 * Connector for USB if you want to use it in the thinclient, see FIXME Section 10.3 * PCI soundcard if you want to use sound on you thinclient, only advisable if you have enough bandwidth available, sound consumes plenty of bandwidth, see FIXME Section 10.4 Warning Plenty of people have wanted, and tried to get the cdrom to work in a thinclient, but without success. If you have managed to get it to work, please let me know. ------------------------------------------------------------------------------- 2.5. Workstation[id=workstation] The function of this profile is further described in Section 4.3 The hardware requirement for this profile all depends on what you have available, for what this machine is intended to be used as, and how fast you want the machine to do things. Unlike the other serverprofiles like Mainserver and Thinclientserver, this profile is mainly to be used by one user at a time, so making a "bad" hardwarechoice will only affect one user. You will need a harddrive with the minimum size of about 1700MB plus 4 times the amount of ram in the machine. There is no need for a big harddrive in this machine, unless you plan to use it as a external backupserver FIXME the sidebar Placeholder for fixme[id=fixme]. If you do have a realy big harddrive in this machine, and maybe would like to put it to good use, you could add another lv to the machine, and use it to save big files such as video, images, iso-images, see Section 8.5.7 Tip If you have a rather small harddrive, but plenty of ram, maybe as much as 940MB, then the swap partition alone would end up being almost 2GB big, if you think this is to much, then you can lower the amount of ram that the installer sees by booting with the option Press F1 for help, or Enter to boot:linux mem=64m when you install Skolelinux/Debian-edu, this way the installer only sees 64 MB of ram, and will only make a 128MB big swap-partition, see Figure 5-1. It is only during first stage of installation that this low amount of ram is seen by the system, later all available ram is visible and in use, but maybe you need to install a HIGHMEM-enabled kernel, see Section 8.4 Tip It's also possible during install to decide what sizes the automatic partitioning shall make, have a look in directory /etc/autopartkit/ during install, use ALT-F2 and the editor nano to edit those files. Note that this is for advanced users. ------------------------------------------------------------------------------- 2.6. Laptop[id=laptop] HOW TO INSTALL SKOLELINUX ON A LAPTOP ------------------------------------- Author: Finn-Arne Johansen faj@bzz.no This Document is released under the GNU General Public License, version 2. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL'. $Id: newdriftbok.en.txt,v 1.4 2004/09/08 20:55:35 cobaco Exp $ Introduction ----------- This HOWTO is based on the work done at the Ulsrud School, Oslo Norway, to support laptops with an ordinary network interface card (for cabled LANs) and a wireless network interface card wireless LAN (WLAN). These laptops will sometimes be connected (at school), sometimes not (e.g. on the move or at home). Accordingly, there will also be a need to synchronize user files between laptops and the server installation at school, both to have a "canonical" place where files are store and to have the assurance of backup applying to files residing on the Skolelinux mainserver ('tjener'). An installation is needed, that will handle these different scenarios and aspects. In addition, efficient cloning of the (first) installation is needed for maintaining large numbers of identical and identically installed laptops. The System Imager software has been deployed for this purpose. What to install on Laptops -------------------------- Install Skolelinux Standalone Disk Usage and Dual Boot ------------------------ If you want to have an OS on your laptop besides Skolelinux (dual boot), you could either: - Setup Skolelinux first, and use the rest of the disk for the other OS. - Install the other OS first, and leave room for Skolelinux. Skolelinux Standalone will use upto 5 GB + 2x memory size of diskspace, the rest is left unpartitioned. The installer sets up the rest of the disk as a logical volume, so you might use cfdisk to change the partitioning. At least Win98 wants to have a primary partition. If you install e.g. Win98 first, set aside at least 1GB for a / (root) partition for Skolelinux and at least 256 for swap. To support home directories also during a reinstall, we add a separate home partition, and mount it under /home Setting up X ------------ Often there is a problem with the X-server on newer laptops. After Skolelinux included XFree86 version 4.2, it should not be that much trouble. If you still experience trouble, try using either the framebuffer driver or the vesa driver. I've used fbdev, but then I get a poor video rate when playing DVDs. I think I've seen better performance when using vesa mode, but I'm not sure. For the vesa driver, I have used this XF86Config: ## Start of /etc/X11/XF86Config ## Section "Files" FontPath "unix/:7100" # local font server FontPath "/usr/lib/X11/fonts/misc" FontPath "/usr/lib/X11/fonts/cyrillic" FontPath "/usr/lib/X11/fonts/100dpi/:unscaled" FontPath "/usr/lib/X11/fonts/75dpi/:unscaled" FontPath "/usr/lib/X11/fonts/Type1" FontPath "/usr/lib/X11/fonts/Speedo" FontPath "/usr/lib/X11/fonts/100dpi" FontPath "/usr/lib/X11/fonts/75dpi" EndSection Section "Module" Load "GLcore" Load "bitmap" Load "dbe" Load "ddc" Load "dri" Load "extmod" Load "freetype" Load "glx" Load "int10" Load "record" Load "speedo" Load "type1" Load "vbe" EndSection Section "InputDevice" Identifier "Generic Keyboard" Driver "keyboard" Option "CoreKeyboard" Option "XkbRules" "xfree86" Option "XkbModel" "pc104" Option "XkbLayout" "no" EndSection Section "InputDevice" Identifier "Configured Mouse" Driver "mouse" Option "CorePointer" Option "Device" "/dev/psaux" Option "Protocol" "PS/2" Option "Emulate3Buttons" "true" EndSection Section "InputDevice" Identifier "Generic Mouse" Driver "mouse" Option "SendCoreEvents" "true" Option "Device" "/dev/input/mice" Option "Protocol" "ImPS/2" Option "Emulate3Buttons" "true" EndSection Section "Device" Identifier "Vesa display driver" Driver "vesa" EndSection Section "Monitor" Identifier "Xdebc Monitor" EndSection Section "Screen" Identifier "Default Screen" Device "Vesa Display Driver" Monitor "Xdebc Monitor" DefaultDepth 16 SubSection "Display" Depth 16 EndSubSection EndSection Section "ServerLayout" Identifier "Default Layout" Screen "Default Screen" InputDevice "Generic Keyboard" InputDevice "Configured Mouse" InputDevice "Generic Mouse" EndSection Section "DRI" Mode 0666 EndSection ## End of /etc/X11/XF86Config ## To use fbdev: - First set the kernel to use framebuffer. This is done in the file /boot/grub/menu.lst. - Edit the line # kopt=root=/dev/hda1 ro to become # kopt=root=/dev/hda1 ro vga=7xx where vga=788 for 800x600x16 vga=789 for 800x600x24 vga=791 for 1024x768x16 vga=792 for 1024x768x24 Remember to upgrade the real grub menu afterwards by running update-grub - Then reconfigure X by running dpkg-reconfigure xserver-xfree86 Use the driver "fbdev", and choose the same resolution and depth as you did with the kernel. I've had some cards that, although there should be enough memory to run in 1024x768x24 mode, are not able to run with more then a 1024x768x16 resolution. Warning: In my experience dpkg-reconfigure/xdebconfigurator is sometimes unable to modify the configuration file /etc/X11/XF86Config-4 - I don't know exactly why. Also turning off and on the Option "UseFBDev" can help solving the problem with an Xserver that will not start Network Setup ------------- If you have a laptop with an onboard NIC, and you start it without the cable plugged in, the computer will likely "hang" for a while (trying to configure the network), then time out. To fix this you need to edit the file /etc/network/interfaces, and comment out the line auto eth0 The situation is similar if you have a pcmcia card (even with the cable plugged in), because the pcmcia card is not brought up until after the network is brought up. Commenting out the "auto eth0" line will also help in this case. To make the machine "automagically" enable the network card whenever a cable is plugged in, I recommend using ifplugd: - Added the following line to your apt sources in /etc/apt/sources.list deb http://ftp.skolelinux.no/skolelinux woody-test local - Install the ifplugd package apt-get update && apt-get install ifplugd - Do remember to comment out the "deb http:// ..." line afterwards, and do apt-get update If you have a WLAN card, you should also add a line iface eth1 inet dhcp to the /etc/network/interfaces file. Even here, any line "auto eth1" should be commented out (if it exists). Ifplugd can handle WLAN as well (and normally would). But we have included a script called start-wlan that will take up wlan only if there is no LAN connected. If you want to copy a lot of data switched 100MBit gives much better bandwidth, than a crowded 11Mbit WLAN with collisions and packet loss. On Ulsrud we needed to make the machine halt each time (not reboot directly). To achieve this, manipulate the script for run level 6: ( cd /etc/rc6.d ; mv S90reboot D90reboot ; ln -sf ../init.d/halt S90halt ) The parentheses are part of the command, don't drop them. We want apm/acpi working: - First try with apm modprobe apm If apm is not supported on your laptop, try with acpi: - You will have to add "acpi=on" to the kernel boot line in /boot/grub/menu.lst - You should also add the following lines to your /etc/modules: battery ac button fan processor thermal Be aware, I have had problems with acpi. The most recent I remember was a laptop that crashes when I load the modules "processor" and "thermal" klaptopdaemon is nice to monitor the battery status. On Ulsrud we added a newer kde: deb http://download.kde.org/stable/3.2/Debian stable main apt-get update && apt-get install kdebase (Cf. previous remarks on commenting out such apt sources after use.) And for k3b, a nice GUI for burning CDs: deb http://www.planet-moll.de/debian woody main apt-get update && apt-get install k3b (Ditto.) How to multiply the Installation on Several Machines (here Laptops) ------------------------------------------------------------------- Before starting, you should decide on a machine for the role of "image server". This could be the Skolelinux main server ('tjener') or some other machine (with its own software, not a thin client) and sufficient disk space. (On Ulsrud we have used the backup server as an images server. While writing this - at a different location - I am testing with a main server ('tjener') as image server.) On Ulsrud we have used System Imager to do identical software installation on identical machines, in particular laptops. But the version in Skolelinux (woody) does not handle Grub that well. Therefor we fetched System Imager from: deb http://download.systemimager.org/debian stable main Actually, the packages from this location is the same packages that are in unstable. I have rebuilt them, on sarge, and added support for Cardbus network card (32bit pcmcia). The packages are available from: deb http://ftp.skolelinux.no/ ~finnarne/systemimager/ This apt source must be set up both on the image server and the original client, cf. 'apt-get install ...' commands below.) On the image server you need to have some storage available for system imager, so maybe before you install System Imager, do (assuming LVM support) lvcreate -L 2G -n lv_sysimg vg_data Format the logical volume/partition mkfs -t ext3 /dev/vg_data/lv_sysimg If you have installed system imager already, you must copy what is in your original /var/lib/systemimager to your new /var/lib/systemimager. E.g.: mount /dev/vg_data/lv_sysimg /mnt cp -a /var/lib/systemimager/* /mnt rm -rf /var/lib/systemimager/* umount /mnt If you have not installed system imager, just create the new mount point mkdir /var/lib/systemimager In either case, add a line to /etc/fstab /dev/vg_data/lv_sysimg /var/lib/systemimager ext3 defaults 0 2 and mount the new logical volume/partition mount /var/lib/systemimager If you have not installed system imager on the server already, install by apt-get update apt-get install systemimager-server systemimager-boot-i386-standard or if you want the homebrew version with support for cardbus: apt-get update apt-get install systemimager-server systemimager-boot-i386-skolelinux On the client install by apt-get update && apt-get install systemimager-client To create bootable CD's, you need to install mkisofs (and cdrecord on the machine were you have cdrecord) apt-get install mkisofs To boot the clients using pxe, you need to have syslinux and a tftp-daemon installed: apt-get install syslinux tftpd-hpa Now remember to comment out the system imager apt-source on both the server and client. :-) On the client, turn off devfs. The change is done /etc/default/devfsd, followed by a reboot On the client run prepareclient --server On the image server run getimage --golden-client --image When the image is done, I select that this is a replicant, meaning do not mess with the network settings on this image. Usually I do not want to run the addclient utility. We can now do some tuning of the newly created image, located in /var/lib/systemimager/images//. Do a chroot /var/lib/systemimager/images/ You are then actually inside the client image. Now tune: - First, activate devfsd, by editing /etc/default/devfsd - Second remove the old logs (they are from the first installed client anyway): find /var/log/ -type f | xargs rm Then edit what should be updated whenever you update a client after it is installed, by editing the file /etc/systemimager/updateclient.local.exclude, and add the lines /etc/passwd /etc/shadow /etc/group /etc/ssh/ssh_host_*key* Then remove the host keys from /etc/ssh/ rm /etc/ssh/ssh_host_*key* and edit /etc/init.d/ssh to create the keys on startup. Add these lines # Create ssh keys if they do not not exists if [ ! -f /etc/ssh/ssh_host_dsa_key ] ; then dpkg-reconfigure -pcritical ssh fi just before the line echo -n "Starting OpenBSD Secure Shell server: sshd" You are done working inside your image (effected by the chroot command), and you may exit from the image. Now create your boot medium. It is possible to use pxe, cdrom, or floppy based boot. Since, at Ulsrud, we are installing on laptops, some of them do not have pxe possibility, and none of them have floppies - we chose cdrom boot Create your image with mkautoinstallcd --out-file systimg-boot.img The only available choice is standard flavour. Now burn the image onto a CD. Before you reboot your client you have to tell which image you want to install. Normally this is set up using the addclients script, but systemimager will then mess up your dhcp/dns/hosts setup in a way incompatible with Skolelinux. While installing to clients, systemimager will look for a script named /var/lib/systemimager/scripts/.sh If it does not find this script, it will remove the trailing numbers of the hostname, and then take the remaining and add .master. That means that if you use the backbone to install upon, it will first look for dhcp.sh and then dhcp.master If you use a thin client network to set this up, you will instead get "tk".sh or just tk.master (The setup at Ulsrud is slightly different, but I think the above should work on a thin client net as well. At Ulsrud we just activated the thin client network on the backup server - by editing /etc/network/interfaces, and running dhcpd on eth1) Then do a ln -s .master /var/lib/systemimager/scripts/dhcp.master Now you may boot your first machine to be "imaged" on the newly created CD, and sit back. Setting up the Next Laptop Type with System Imager: --------------------------------------------------- Now if you have chosen to go for the vesa driver, and 386 kernel, you may install the same image on the next type laptop. But if you have a "native" driver for X, and maybe a different processor type (lets say change from PIII to AMD), then you may want to customize the second image a bit. Then you might choose to install by from scratch again. But you could also install by using system imager, then boot using the 386 kernel thats there already, maybe in Single user mode, and reconfigure to make it fit the changes. Then you could go on with creating a new image the same way as the previous. But then , if you have 5 images, each taking up 2 GB, that would eat 10 GB out of your server. not a big deal you may think, but your server either needs this space for backup (remember to have 3x the space used on main server for backup). or this is your main server, where you use SCSI drives. SCSI drives are not cheap :( So what you do, is that you, on the machine where you store your images, you do a cd /var/lib/systemimager/images cp -al first_image second_image This will create a new directory tree for you second image, but all the files will be the same as the first image. So you only need extra space for the directories. then you prepare the client as you did with the previous, do a getimage, specifying the new client as golden -client, and "second-image" as the image. The scripts the politely ask if you want to upgrade, and it will go about, creating the necessary new files. Since rsync is used, the old files will still remain within first_image, the new files within second_image, and files common to both will be shared. Additional Info on System Imager: --------------------------------- There are even some packages available to make it possible to use multicast. We have not tested those, and they might not be installable in Skolelinux (woody). Synchronizing User Files ------------------------ In a scenario where laptops are sometimes connected to the Skolelinux installation at school, sometimes not, there will be a need to synchronize user files. Here follows one way of doing this. Installation ------------ Install the package unison on the main server ('tjener'): apt-get update && apt-get install unison and the package unison-gtk on the laptops: apt-get update && apt-get install unison-gtk (For the laptops, this should be done while creating the 'first' image for laptops, cf. above.) Also, on the laptop, create in /etc/skel/ a directory sync, and in the Desktop create an entry "Synchronize". This will the command for the "Synchronize" entry is unison-gtk sync ssh://tjener/sync Also, create a directory 'sync' in each user's home directory (~/sync). Working with files ------------------ Users should consider their home directory on the Skolelinux mainserver 'tjener' (and directories below) the "canonical" place where files are stored. (and also have the assurance of backup applying to files residing on 'tjener'). Now all you have to remember is to save all your work that you want to have on the laptop and on the main server, in the "sync" folder. And before you leave school, remember to Synchronize, and the same when you get back home. Note In here should the file from /dokumentasjon/installing_SL_to_a_laptop.txt be parsed. The file should probably be be in sgml, and included like netgroups.en.sgml Now it's parsed according to http://www.sagehill.net/docbookxsl/ ProgramListings.html [7] ------------------------------------------------------------------------------- Chapter 3. Firewall/router for Skolelinux/Debian-edu 3.1. Hardware[id=coyotehardware] Short summary of needed hardware for making Coyote Linux for Skolelinux/ Debian-edu: Note Should parse the contents somehow from Section 2.1, should be no need to write the same thing twice. ------------------------------------------------------------------------------- 3.1.1. Latest version of Coyote Linux Coyote Linux is a product that undergoes continuously development, with several new releases each year. At the moment, date=22.7.2004, the latest stable version of Coyote Linux is 2.11. This document is written while version 2.06 was stable, but there shouldn't be any major differences. ------------------------------------------------------------------------------- 3.2. Placement of firewall/router in the Skolelinux/Debian-edu network?[id= coyoteplacement] Note Although I keep mentioning the neccesarry firewall/router and Coyote Linux in the same sentences, it doesn't mean that you must use Coyote Linux for this purpose. You can use a dedicated router from any commercial manufacturer you like, or something similar to Coyote Linux like FloppyFirewall, Gibraltar. It's just that I personally prefer Coyote Linux. You must just remember that whatever you use for firewall/router, it must be configured like A The firewall/router has a defined role in the Skolelinux/Debian-edu network, without it, the Skolelinux/Debian-edu will not function optimal. Coyote Linux has two networkcards, both having different roles. One networkcard is to be connected to the existing network, so that it get's Internet connection, this network interfaces is in Coyote Linux called WAN, eth1, Internet. The other card, which is to be connected to your Skolelinux/ Debian-edu network is called LAN. eth0, LAN network, this card is connected either directly to the Skolelinux/Debian-edu mainserver with a crossed cable (for small networks), or via a switch constructing the so called 10.0.2/ 23-backbone network. Warning Don't mix the different roles of eth0 and eth1 in Coyote Linux and Skolelinux/Debian-edu Figure 3-1. Overview of placement of firewall/router in Skolelinux/Debian-edu [diagram] Similar diagram with overview of complete Skolelinux/Debian-edu network is available in Section 4.1 Note FIXME, should be translated. ------------------------------------------------------------------------------- 3.3. Creation of Coyote Linux floppy[id=makefloppy] +-----------------------------------------------------------------------------+ | I will briefly outline this procedure on a Windows machine in Section 3.3.1 | +-----------------------------------------------------------------------------+ Basic configuration of the firewall/router * Regardless if you choose to create the Coyote Linux floppy on a Linux or windows-machine, the following configuration must be used, this also apply to other firewall/router than Coyote Linux A. local network interface: IP Address: 10.0.2.1 Netmask: 255.255.254.0 Broadcast: 10.0.3.255 Network: 10.0.2.0 B. Install the Big Pond login software? [y/n]:n Press "n" I think this is some extrastuff you need if you happen to get net access from the provider Big Pond, but I'm not realy sure. Anybody knows? C. Do you want to enable the coyote DHCP server [y/n]: n Press "n" Warning Since Skolelinux/Debian-edu already have a dhcp-server running, you must disable the dhcp-server on your firewall/router, and on other machines you might integrate in the Skolelinux/ Debian-edu-network. Having two dhcp-servers on the same network usually doesn't work very well. 1. After you have downloaded the Coyote Linux sourcefiles, you need to unpack them, you must be superuser root to unpack. tar zvxf coyote-2.06.tar.gz cd coyote ./makefloppysh Note If a new version of Coyote Linux exists at the time you read this, then you must replace the version 2.06 in the commands above with the version-number you have downloaded. 2. When creating the Coyote Linux on a Linux machine, this is the questions asked, and the answers you should give: a. Coyote floppy builder script v2.9 Please choose the desired capacity for the created floppy: 1) 1.44Mb (Safest and most reliable but may lack space needed for some options) 2) 1.68Mb (Good reliability with extra space) - recommended 3) 1.72Mb (Most space but may not work on all systems or with all diskettes) Enter selection:2 Choose here what is recommended 1.68Mb b. Please select the processor type in the destination Coyote Linux system: Choose 2) 486dx or better (has a math co-processor) if you use a relatively new machine, newer that 486, if you choose wrong here you machine will not boot. Note This question isn't present in newer versions of Coyote Linux, since the support for machines without a math co-processor has been removed c. Please select the type of Internet connection that your system uses. 1) Standard Ethernet Connection 2) PPP over Ethernet Connection 3) PPP Dialup Connection Enter Selection: Here you would normally choose option 1) d. Configuring system for Ethernet based Internet connection. By default, Coyote uses the following settings for the local network interface: IP Address: 192.168.0.1 Netmask: 255.255.255.0 Broadcast: 192.168.0.255 Network: 192.168.0.0 Would you like to change these settings? [Y/N]: y Enter local IP Address [192.168.0.1]: 10.0.2.1 Enter local Netmask [255.255.255.0]: 255.255.254.0 Enter local Broadcast [192.168.0.255]: 10.0.3.255 Enter local network number [192.168.0.0]: 10.0.2.0 These network setting for the local network must be changed, see A e. Does your Internet connection get its IP via DHCP? [y/n]: Answer yes(y) or no(n), according to you network configuration. If you do not get ip via DHCP, you need to fill in some information: Please enter the information for your static IP configuration Internet IP Address: Internet Subnet Mask [255.255.255.0]: Internet Broadcast [Enter = Default]: Internet Gateway Address: Domain Name: DNS Server 1: DNS Server 2 (optional): f. Enter your DHCP hostname: Normally you can leave this one blank g. Install the Big Pond login software? [y/n]: I think this is some extrastuff you need if you happen to get net-access from the provider Big Pond, but I'm not realy sure. Anybody knows? h. Do you want to enable the coyote DHCP server? [y/n]: n Here you must answer n ! i. If you don't know what a DMZ is, just answer NO You you like to configure a De-Militarized Zone? [Y/N]: n Here can press just n j. You now need to specify the module name and parameters for your network cards. If you are using PCI or EISA cards, leave the IO and IRQ lines blank. Enter the module name for you local network card: This is the tricky part, knowing what kind of drivermodules to use for your networkcards, even knowing what kind of networkcards you have is sometimes difficult. Have a look at Section 3.12 for an overview of available drivermodules, remember to not use the ending .o when writing what drivermodule to use. I prefer newer cards from 3COM they mostly all use the drivermodule 3c59x. k. Syslog server address: This you can leave blank. Note It should be possible to use the Skolelinux/Debian-edu mainserver as Syslog server, but I haven't tried this yet. The address to use would then be 10.0.2.2 3. You must now insert a floppy in the machine, remember to turn the write protection off. Creation of floppy will take a few minutes. ------------------------------------------------------------------------------- 3.3.1. Creation of Coyote Linux floppy on a Windows machine[id=clwin] If you create the floppy on a Windows machine, it's mostly the same procedure as on Linux. Figure 3-2. Download the sourcefiles for Windows. [clWin01] Figure 3-3. Windows can't find necessary dll [clWin05] This error appears when you click on the wrong Coyote Linux exe-file. Figure 3-4. Coyote Linux Windows creator welcome-image [clWin07] Here you just press Next Figure 3-5. Local network setup [clWin09] Her you must fill in the necessary network information, see A Filling in the correct values for IP-address and Netmask will make Coyote Linux correctly calculate the values for Broadcast address and Network address Figure 3-6. Set a password on the Coyote Linux floppy [clWin10] Without this password you can't logon your Coyote Linux machine later, see Section 3.6 Figure 3-7. Syslog server [clWin11] Just leave this blank, or have a look at 2.k Figure 3-8. Internet connection type [clWin12] Choose what is most appropriate for you. If you get a DHCP assigned address, then you likely will not need give any more information about your connection. Figure 3-9. Static IP-configuration [clWin13] \ If you have a static address, then fill in the appropriate values here. Figure 3-10. Do not enable the Coyote Linux DHCP-server! [clWin14] \ Do not enable the Coyote Linux dhcp server, there is already one running at the mainserver Figure 3-11. Choose drivermodules for your networkcards. [clWin15] Drag and drop to choose the correct networkcards in your Coyote Linux machine. Figure 3-12. Create disk [clWin16] Place a floppy in the floppydrive, and press Next. ------------------------------------------------------------------------------- 3.4. Upgrade to newer versions of Coyote Linux[id=clupgrade] Note This chapter should be moved to after the introductions to available commands in Coyote Linux Coyote Linux is a product that is in active development and maintenance, just like Skolelinux/Debian-edu. That means that new version are released quit often, with new features and security fixes, and especially because of the security fixes, you should always use the latest stable version of Coyote Linux Since Coyote Linux runs solely from floppy, there is no system per se to upgrade, you must create a totally new floppy, like in Section 3.3. But to make this process as easy as possible, there is some simple thing to keep in mind. 1. Finding out what kind of networkcards you have. If you have forgotten, and didn't write it down somewhere, what kind of networkcards you use, then you can use the command lsmod to list all loaded drivermodules that is in use, maybe that way you'll remember what kind of networkcards you have. coyote# lsmod Module Size Used by 3c509 7732 2 ip_nat_quake3 1768 0 (unused) ip_nat_mms 2608 0 (unused) ip_nat_h323 2060 0 (unused) ip_nat_amanda 876 0 (unused) ip_nat_irc 1904 0 (unused) ip_nat_ftp 2384 0 (unused) ip_conntrack_quake3 1848 1 ip_conntrack_mms 2704 1 ip_conntrack_h323 2065 1 ip_conntrack_egg 2280 0 (unused) ip_conntrack_amanda 1488 1 ip_conntrack_irc 2672 1 ip_conntrack_ftp 3440 1 In this listing of loaded modules you see that it's the networkcard 3com509 that is in use, twice. For a list of supported modules, look in Section 3.12 The best would probably be to write down somewhere what networkcards you use in the machine. 2. What kind of portforwarding do you have? Information about your portforwarding rules, if you have made any, is in the file /etc/coyote/portforwards coyote# more /etc/coyote/portforwards port Y 10.0.2.2 tcp 2333 22 # Example - Secondary SSH ------------------------------------------------------------------------------- 3.5. Coyote Linux bootup[id=clboot] +-----------------------------------------------------------------------------+ | There is two networkcard in your Coyote Linux, one (LAN) is connected to | | the Skolelinux/Debian-edu server, either directly with a crossed cable, or | | via a switch, the other (WAN) is your network connection. Sometimes it can | | be a bit difficult to determine which of your networkcards is which, | | especially if they both are of the same brand. The procedure I use to | | determine which card is what, is to use a crossed cable and connect it to | | the networkcard in the Skolelinux/Debian-edu mainserver. First I start the | | Coyote Linux without any cable in the networkcards, then I use the crossed | | cable to connect Coyote Linux with the Skolelinux/Debian-edu mainserver, | | then I log into the mainserver and try to ping the Coyote Linux machine | | with the command ping 10.0.2.1 or alternatively try to ping the mainserver | | from Coyote Linux with the command logged in at Coyote Linux ping 10.0.2.2, | | when you get a answer, like | | | | 64 bytes from 10.0.2.1: icmp_seq=1 ttl=64 time=1.84 ms | | | | , then you have found the networkcard on the Coyote Linux that is to be | | labeld as LAN, then we know that the other networkcard is WAN. This | | procedure will only work as long as you have managed to configure the LAN | | networkcard properly, as indicated during boot by the line | | | | LAN network: UP | | | | Note It's normal that you see | | | | WAN network: down | | | | at this point, since you booted without any cables in the | | networkcards. | | | | Once you have determined which networkcard has what role, then you reboot | | with all the cables connected. | +-----------------------------------------------------------------------------+ +-----------------------------------------------------------------------------+ | Different names used for the networkcards[id=clnicnames] | | | | The two networkcards are being called different things in Coyote Linux, a | | bit confusing and inconsecvent, here is an overview: | | | | Table 3-1. The different names used in the networkcards in Coyote Linux | | | | +-----------------------------------------------------------------------+ | | |This one goes to the existing network |Internet |eth1|WAN| | | |--------------------------------------------------+-----------+----+---| | | |This one goes to the Skolelinux/Debian-edu network|LAN network|eth0|LAN| | | +-----------------------------------------------------------------------+ | +-----------------------------------------------------------------------------+ Boot your Coyote Linux, make sure the Coyote Linux floppy is in the floppydrive, and that the machine has been configured in BIOS to boot from floppy. Figure 3-13. Coyote Linux starting up [coyoteimag] Generating dss-keys, this will take several minutes on a slow system. Figure 3-14. Generating dss-keys. [coyoteimag] If all went well, you will see the Coyote Linux textbased login screen. You will recognise that all went well when you see the magic words LAN network: UP WAN network: UP In the screenshot used here both networkcards are defect. FIXME, replace with a screenshot where networkcards work. Figure 3-15. Coyote Linux login [coyoteimag] Q: It appears that the networkcard (LAN) that is going to the Skolelinux/ Debian-edu network is not working: DOWN Q: It appears that the networkcard (WAN) that is going to the Internet is not working: DOWN Q: I have tried several different drivermodules for my networkcards, but I still haven't found the correct driver. Q: It appears that the networkcard (LAN) that is going to the Skolelinux/ Debian-edu network is not working: DOWN A: If you have configured your networkcard accordingly to A but still it's not working, then it might be that you have chosen the wrong drivermodule for your networkcard Q: It appears that the networkcard (WAN) that is going to the Internet is not working: DOWN A: There is two obvious reason why the WAN networkcard is not; UP: 1. You are trying to connect with the wrong Internet connection type. Have a look again at 2.c If you have a connection where you get DHCP, and not static, then there must be a physical connection with a networkcable between Coyote Linux and the connection. 2. You have chosen the wrong drivermodule for this networkcard. You could try to login to Coyote Linux and then first choose q) to get out of the Coyote Linux menu, then issue the command dmesg|more use SPACE to page. Look for reference to eth0 and eth1, look at the sidebar Different names used for the networkcards[id=clnicnames] for a reminder of what eth0 and eth1 means. There usually is a indicator there as to what the problem is. Q: I have tried several different drivermodules for my networkcards, but I still haven't found the correct driver. A: Have you had a look at this webpage containing info about networkcard and corresponding drivermodules for Coyote Linux? http://www.dalantech.com/ ubbthreads/showflat.php?Cat=&Board=unix&Number=32746&page=0&view=collapsed&sb=5 &o=&fpart=1 ------------------------------------------------------------------------------- 3.6. Coyote Linux commandline login[id=cllogin] You can now login at the commandline, with the username root, and empty password. which is the only user available in Coyote Linux. The first thing you must do is to set a root-password for your Coyote Linux[8] Note If you don't set any password on your Coyote Linux, then anybody can gain access to it by going to the address http://10.0.2.1:8180 Warning You must set a root-password, also called system-password, immediately for Coyote Linux! coyote login: root This what you see when login to Coyote Linux the Menu; Figure 3-16. Coyote Linux Menu [coyoteimag] The first thing you must do, is change the root-password, choose 2) Change system password, do so by writing 2 then press Enter Figure 3-17. Changing password [coyoteimag] You choose a password, minimum 5 characters, maximum 8 characters, this you type twice.Be aware that there is no output at the screen when you type the password, incase someone looks you over the shoulder. Password changed. Updating webadmin password... Press enter to return to system menu. If this is the feedback you get from Coyote Linux, then you have successfully changed the root-password. Since Coyote Linux runs from floppy, and store everything in ram, which is lost when you reboot Coyote Linux, you must save this new password to the floppy, do this by choosing w) Write configuration to disk Your new password is saved to the Coyote Linux floppy when you see this: Backup script complete. Press ENTER to return to menu. All changes you have made to Coyote Linux, is now saved to the floppy. You can now reboot Coyote Linux, and you will see that the new password is in use, you can reboot Coyote Linux by pressing the on/off-button on your Coyote Linux machine, or choose r) Reboot system from the Coyote Linux Menu. If you have managed to get both networkcards working, and Coyote Linux have network connection, then you don't need to login at the commandline anymore, in the future you can you your webbrowser to login to Coyote Linux, look at Section 3.7 When choosing q) quit you will end up at the commandline in Coyote Linux if you need to go back to the Coyote Linux Menu, then write menu and press Enter. See Section 3.9 for a list of a few useful commands you can use from the commandline in Coyote Linux ------------------------------------------------------------------------------- 3.7. Coyote Linux webadministrator[id=clgui] Coyote Linux has a nice and well functioning webadministrator, that lets you perform almost all day-to-day operations. Point your webbrowser to the address http://10.0.2.1:8180 At this address you will be met by the Coyote Linux webadministrator, click on the link, and the write in the username root and the password you made, refer to Figure 3-16 Figure 3-18. Coyote Linux webadministrator [coyoteimag] All options and choices are done in the Main Menu to the left. Figure 3-19. Coyote Linux Main Menu [coyoteimag] i. Show configuration Choosing this will give you a status of your networkcards, what ip they have, uptime of Coyote Linux, load and such. ii. LAN configuration Her you have the option of changing the configuration of the LAN networkcard, the one that goes to the Skolelinux/Debian-edu network. Warning Don't change anything here! Doing so will severely reduce the performance of your Skolelinux/Debian-edu network. Note FIXME Should parse the contents of change_ip_setup in here, later. Leave the values as they are, refer to A. iii. Internet configuration Here you have the chance of changing the values of your WAN networkcard, the one that goes to Internet. If you get a new ISP, and go from getting Internet connection from DHCP to static, then here is the place to change that kind of information, no need to create a new Coyote Linux floppy from scratch. See 2.c iv. DHCP configuration This gives you the chance to configure the DHCP-server that comes with Coyote Linux. Warning Do not enable the dhcp-server in Coyote Linux! Refer to 2.h v. Administrative Configurations Her you can enable/disable services such as DNS, SSH, webadmin. vi. Optional Configs Here you can change things such as ntp-server (external machine that keeps a accurate time, I use the value Remote Time Server:ntp.uio.no, and Time Zone: CET to keep the clock in my Coyote Linux accurate. It should be possible to use mainserver as ntp-server. vii. Port Forwarding Here you can change, and enable portforwarding on Coyote Linux. This is a very practical and neat feature in a Skolelinux/Debian-edu network. Since Coyote Linux stops and block most connections, even passing ssh, it's nice to be able to use portforwarding and that way still get passed Coyote Linux with incoming ssh-connection to the Skolelinux/Debian-edu network. With this portforwarding rule Yes TCP Any 22 10.0.2.2 22 No SSH straight into Mainserver all ssh-connections coming to Coyote Linux will be redirected to the Skolelinux/Debian-edu mainserver, if this is advisable in your network, you must decide. viii. Firewall Configuration Here you can setup and configure the firewall rules in Coyote Linux. There is plenty of ready-made rules that you can use as examples. ix. System password Here you can change the root-password, also known as system-password in Coyote Linux, just like you did from the commandline in Section 3.6. x. Configuration file This is the file that contains all your configurations. xi. Backup configuration If you have made any changes in Coyote Linux, then you must remember to write them to floppy, by choosing this Main Menu item, otherwise your changes are gone when you reboot Coyote Linux. There is a red warning at the bottom of the screen whenever you have made changes to Coyote Linux without having them written to the floppy. xii. Reboot system When you need to reboot Coyote Linux, you can do so from this Main Menu item, you will have to reconfirm this option. Are you sure you want to reboot the system? ------------------------------------------------------------------------------- 3.8. Login via SSH[id=clssh] Sometimes it might be necessary to login to Coyote Linux, but there is no webbrowser available, or you prefer to use the commandline, then you use ssh to connect to Coyote Linux. If you are logged in at a machine in the Skolelinux/Debian-edu network, then you use ssh -l root 10.0.2.1 to login to Coyote Linux If you are outside of the Skolelinux/Debian-edu network, you must replace the value 10.0.2.1 with the appropriate value as seen for networkcard WAN in i, in this case it would be ssh -l root 192.168.1.10 You will be met by almost the same choices as when logged into the Coyote Linux webadministrator, but presented in a text-based menu. Coyote Linux Gateway -- Configuration Menu 1) Edit main configuration file 2) Change system password 3) Edit rc.local script file 4) Custom firewall rules file 5) Edit firewall configuration 6) Edit port forward configuration c) Show running configuration f) Reload firewall r) Reboot system w) Write configuration to disk q) quit e) Exit ---------------------------------------------------------------------------- Selection: You have almost the same options as when logged into the Coyote Linux webadministrator, see Section 3.7 for a brief description of the different choices. When choosing q) quit you will end up at the commandline in Coyote Linux if you need to go back to the Coyote Linux Menu, then write menu and press Enter. If you see this when trying to login to Coyote Linux: klaus@tjener:~$ ssh 10.0.2.1 -l root @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY! Someone could be eavesdropping on you right now (man-in-the-middle attack)! It is also possible that the RSA host key has just been changed. The fingerprint for the RSA key sent by the remote host is 34:b7:a3:9b:06:4c:e2:30:1b:0d:03:45:7b:22:b7:dd. Please contact your system administrator. Add correct host key in /skole/tjener/home0/klaus/.ssh/known_hosts to get rid of this message. Offending key in /skole/tjener/home0/klaus/.ssh/known_hosts:27 RSA host key for 10.0.2.1 has changed and you have requested strict checking. Host key verification failed. Then is most likely is because you have previously logged into a different machine with the ip-address 10.0.2.1, or you have changed a networkcard in Coyote Linux, or it is realy a (man-in-the-middle attack. The solution is to remove the offending key, in this case it's line number 27, in file /skole/ tjener/home0/klaus/.ssh/known_hosts. ------------------------------------------------------------------------------- 3.9. Useful commands in Coyote Linux[id=clcommands] Useful commands in Coyote Linux. * ping Useful to find out if the network is working. This command will see if there is any connection to Skolelinux/Debian-edu mainserver coyote# ping -c5 10.0.2.2 PING 10.0.2.2 (10.0.2.2): 56 data bytes 64 bytes from 10.0.2.2: icmp_seq=0 ttl=64 time=0.9 ms 64 bytes from 10.0.2.2: icmp_seq=1 ttl=64 time=0.5 ms * coyote#uptime This command gives you the time Coyote Linux has been running since last boot. coyote# uptime 2:37pm up 80 days, 7:55, load average: 0.00, 0.00, 0.00 * coyote#dmesg This command prints the information that the Linux kernel have found on your machine, things such as amount of ram, cpu, networkcards. If the output from dmesg is to much for the size of your screen, then you can pipe the output to the pager more, and use Space to read it all, dmesg|more * coyote#ifconfig Shows verbose information about your networkcards. coyote# ifconfig eth0 Link encap:Ethernet HWaddr 00:50:DA:43:7A:E9 inet addr:10.0.2.1 Bcast:10.0.3.255 Mask:255.255.254.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:27541711 errors:0 dropped:0 overruns:0 frame:0 TX packets:34408201 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:4029268333 (3842.6 MiB) TX bytes:2039998168 (1945.4 MiB) Interrupt:14 Base address:0x8000 eth1 Link encap:Ethernet HWaddr 00:90:27:74:66:3B inet addr:193.116.174.121 Bcast:193.156.179.127 Mask:255.255.255.128 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:34739492 errors:0 dropped:0 overruns:0 frame:0 TX packets:25470323 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:2060262113 (1964.8 MiB) TX bytes:3837976022 (3660.1 MiB) Interrupt:12 Base address:0x1000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:83 errors:0 dropped:0 overruns:0 frame:0 TX packets:83 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:9112 (8.8 kiB) TX bytes:9112 (8.8 kiB) * coyote#lsmod This command list loaded drivermodules, useful to see which drivermodules is used by the networkcards. coyote# lsmod Module Size Used by eepro100 17516 1 3c59x 24408 1 mii 1852 0 [eepro100] ip_nat_quake3 1608 0 (unused) ip_nat_mms 2448 0 (unused) ip_nat_h323 2044 0 (unused) ip_nat_amanda 1020 0 (unused) In this listing you'll see that the networkcard drivermodules Intel pro100 and 3com series 3c59x which includes 3c590, 3c595, 3c900, 3c905 is loaded.. see Section 3.12 * coyote#route * coyote#traceroute Useful to trace the route a networkpacket is taking, nice to use to find out where the problem realy lies. * coyote#showcfg Another command that gives information about the state of the networkcards. Coyote running configuration display utility. Internet up (eth1): YES Local network up (eth0): YES ---------------Internet configuration------------ IP Address 193.156.172.101 (DHCP Assigned) Netmask 255.255.255.128 Gateway 193.116.172.1 ---------------Local configuration--------------- IP Address 10.0.2.1 Netmask 255.255.254.0 Broadcast 10.0.3.255 ---------------Resolver configuration------------ domain holmlia.gs.oslo.no nameserver 193.156.192.40 nameserver 193.156.192.50 ------------------------------------------------- 2:52pm up 80 days, 8:09, load average: 0.00, 0.00, 0.00 * coyote#free Use this command to see how much ram you have in the machine, and how much is used. This machine has 32M with ram. coyote# free total used free shared buffers Mem: 30860 6004 24856 0 0 Swap: 0 0 0 Total: 30860 6004 24856 * coyote#menu This commands starts the Coyote Linux Menu Coyote Linux Gateway -- Configuration Menu 1) Edit main configuration file 2) Change system password 3) Edit rc.local script file 4) Custom firewall rules file 5) Edit firewall configuration 6) Edit port forward configuration c) Show running configuration f) Reload firewall r) Reboot system w) Write configuration to disk ------------------------------------------------------------------------------- 3.10. Coyote Linux as a ordinary dhcp-server in a non-Skolelinux/Debian-edu network. Coyote Linux is a perfect candidate if you just need a dhcp-server for your network, regardless of what kind of machines you have in your network, Linux, Windows or MAc. The only thing you have to configure different, is to enable the dhcp-server, see 2.h Short summary on making a Coyote Linux dhcp-server: Coyote Linux as an ordinary DHCP-server * Remember to answer Yes to the question Do you want to enable the coyote DHCP server [y/n]: * Once you have your Coyote Linux dhcp-server running, you probably need to use a different address to login to it, if you didn't change the default LAN configuration: Configuring system for Ethernet based Internet connection. By default, Coyote uses the following settings for the local network interface: IP Address: 192.168.0.1 Netmask: 255.255.255.0 Broadcast: 192.168.0.255 Network: 192.168.0.0 Would you like to change these settings? [Y/N]: n then you'll have to use the address 192.168.0.1 instead of 10.0.2.1 when login to the Coyote Linux webadministrator, see Section 3.7 and Section 3.8 The new addresses is in this case: + ssh -l root 192.168.0.1 + http://192.168.0.1:8180 ------------------------------------------------------------------------------- 3.11. Coyote Linux and different ISP[id=clisp] Note I have not yet encountered any ISP that didn't work with Coyote Linux, please tell me if you know of one. This is list of ISP I know work well with Coyote Linux * Nextgentel, Norway * Tele2 ADSL Privat, Norway * Tele2 ADSL Bedrift, Norway * UPC Chello Classis, Norway * Utdanningsetaten i Oslo (Not yet tested on InnsIKT-skoler) Due to a strange network policy at Utdanningsetaten i Oslo, you must do the following changes at your mainserver: In the file /etc/bind/named.conf change the following stanza: // forwarders { // By special request from the good people inside Skoleetaten i // Oslo: // 193.156.192.40; // 193.156.192.50; // Skoleetaten i Oslo end of block // 0.0.0.0; // }; change it to forwarders { // By special request from the good people inside Skoleetaten i // Oslo: 193.156.192.40; 193.156.192.50; // Skoleetaten i Oslo end of block // 0.0.0.0; }; That means removing the comment-slashes in front of forwarders. If you don't do this, you will experience failure reaching the Internet due to DNS problems, and some BSD-network guy at Utdanningsetaten will bite your head of. After you have done this change in /etc/bind/named.conf, you must restart bind, with /etc/init.d/bind9 restart [9] * Telenor ADSL, Norway * H yskolen i Oslo You must do the same bind-changes as with Utdanningsetaten i Oslo,/etc/bind /named.conf ------------------------------------------------------------------------------- 3.12. Supported networkcard and drivermodules used.[id=clmodules] 3.12.1. Supported networkcard and drivermodules used. This is the list of drivermodules included with Coyote Linux, all the drivermodules for networkcards are also listed. tjener:/home/klaus/coyote/data/kernel/drivers# ls 3c501.o ewrk3.o ne.o 3c503.o fealnx.o ni5010.o 3c505.o hp100.o ni52.o 3c507.o hp.o ni65.o 3c509.o hp-plus.o pcnet32.o 3c515.o ip_conntrack_amanda.o ppp_async.o 3c59x.o ip_conntrack_egg.o ppp_deflate.o 8139cp.o ip_conntrack_ftp.o ppp_generic.o 8139too.o ip_conntrack_h323.o pppoe.o 82596.o ip_conntrack_irc.o pppox.o 8390.o ip_conntrack_mms.o ppp_synctty.o ac3200.o ip_conntrack_quake3.o sch_htb.o amd8111e.o ip_conntrack_rtsp.o sch_ingress.o at1700.o ip_conntrack_talk.o sch_sfq.o b44.o ip_conntrack_tftp.o sis900.o bsd_comp.o ip_nat_amanda.o slhc.o cls_fw.o ip_nat_cuseeme.o smc9194.o cls_u32.o ip_nat_ftp.o smc-ultra.o cs89x0.o ip_nat_h323.o softdog.o de4x5.o ip_nat_irc.o starfire.o depca.o ip_nat_mms.o sundance.o dgrs.o ip_nat_quake3.o tlan.o dmfe.o ip_nat_rtsp.o tulip.o e100.o ip_nat_talk.o typhoon.o e2100.o ip_nat_tftp.o via-rhine.o eepro100.o lance.o wd.o eepro.o lp486e.o winbond-840.o eexpress.o mii.o zlib_deflate.o epic100.o natsemi.o zlib_inflate.o eth16i.o ne2k-pci.o ------------------------------------------------------------------------------- 3.12.2. The special case of 3com 509 ISA networkcard This is a very popular networkcard, my Coyote Linux has two of them, both produced i 1989, and running continuously for about 3 years in my Coyote Linux. Once you have managed to get them running, they will probably run for a long time, it's just a bit difficult sometimes to get them running. They are of type ISA, which means their IO, IRQ and such must be configured by hand, no automatic, which can be quit a challenge, especially if you use two of them in a machine. The IO and IRQ on these cards must be configured with a old DOS-configuration program, that can be a bit hard to find these days. This DOS-configuration program is called 3c5x9cfg.exe, and you use it like this; 1. Boot the machine into DOS, either MD-DOS or Freedos, or any other DOS variant.Using a W95 or W98 boot-floppy is one way of doing it. 2. Once the machine is in DOS, insert the floppy with the program 3c5x9cfg.exe, and run it by typing 3c5x9cfg.exe on the DOS commandline. 3. Once 3c5x9cfg.exe is started, then with each of your 3c509 networkcard, configure them with the option auto Note There has been reports of problems with two 3c509 in the same machine when one of the card is of type combo, a type of card with several different connectors. It's possible to find 3c5x9cfg.exe here: Ruprecht-Karls-Universit t Heidelberg ------------------------------------------------------------------------------- 3.13. Further information about Coyote Linux[id=clinfo] * Coyote Linux homepage * Coyote Linux userforum, high activity * Coyote Linux, FAQ, choose 2.x - General * Another FAQ by Todd VerBeek ------------------------------------------------------------------------------- Chapter 4. Skolelinux/Debian-edu instal[id=installation] +-----------------------------------------------------------------------------+ | keyboard layout | | | | FIXME Should add a keyboard map here The installation of Skolelinux/ | | Debian-edu is purely textbased, no use of mouse. [10] This means that all | | choices are marked and done with the keyboard only. I remind you of the | | placement of the keys used during install, and their purpose. | | | | 1. SPACE, is the very long key at the bottom of the keyboard. During | | install this is used to mark a choice. | | | | 2. ENTER, is the big key to the right at the keyboard, used during install | | to execute your choice. It's sometimes referee to as RETURN | | | | 3. TAB is to the left on your keyboard, normally it is abed to two arrows, | | pointing in each direction, it used during install to jump between | | different menu choices in the installer. | | | | 4. BACKSPACE, is not used during install, but it's nice to know where it | | is. It's normally placed above ENTER, it normally has a picture of a | | rubber with a X inside. | +-----------------------------------------------------------------------------+ The installation of the different Skolelinux/Debian-edu profiles, mainserver, Thinclientserver and workstation are almost identical during first and second stage in installation. Note I will not go into details about the last two available profiles in Skolelinux/Debian-edu,standalone and standalone-extras. They are not realy part of the Skolelinux/Debian-edu network, but meant for home-use. First you need to make sure the machine is able to boot from the cdrom. ------------------------------------------------------------------------------- 4.1. Nettverksarkitektur[id=architecture] Note This section should be it's own chapter, with plenty of diagrams. The intro by pere should be used in the preface. This is based on http://developer.skolelinux.no/arkitektur/arkitektur.html ------------------------------------------------------------------------------- 4.2. Preparing the machine to boot from cdrom[id=bios] It might be that your machine already is configured to boot from cdrom, start your machine with the Skolelinux/Debian-edu cd in the cdrom. If what you then see is similar to the screenshot in Figure 5-1, then you can skip straight to Section 5.2, otherwise read further here. If your machine has the option in BIOS to boot from cdrom, then setting cdrom as the first bootoption in BIOS might help, later when the first stage of installation is over, you should change is back, so that the machine will boot from the harddrive. You will normally see when you turn the computer on how to enter the BIOS, it's usually one of the keybuttons F1, INS, F10 or maybe DEL, refer to your manual, or the supplier of the computer if you aren't able to get the machine to boot from the cdrom. Another option, when the machine will not boot directly from cdrom, or you can't gain access to the BIOS, is to use SBM(Smart Boot Manager). This is a floppy that you boot from, and there you should be able to choose to boot from the cdrom. On the Skolelinux/Debian-edu cd SBM is included, have a look in the dircetory install on the cd. There you will find a file called sbm.bin, this you transfer to a floppy using the utility rawrite on Windows, you'll find rawrite in the directory install aswell. Have a look at the file awrite2.txt for further info about rawrite Warning Do not try to simply copy sbm.bin to a floppy, that will not work, you have to use the utility rawrite For further information about what SBM is, you should read the file README.sbm, you'll find that file in the directory install aswell If you have a running Linux system, then you mount your cd, and transfer sbm.bin with the command dd if=/cdrom/install/sbm.bin of=/dev/fd0 Maybe you nead to change the mountpoint used for your cdrom, and possibly also for the floppy. ------------------------------------------------------------------------------- 4.3. Short description of the profiles in Skolelinux/Debian-edu[id=profiles] Note The profile description you see during install, like in Figure 5-4 comes from the file src/debian-edu-install/debian/debian-edu-install.templates at alioth.debian.org +-----------------------------------------------------------------------------+ | GUI | | | | You will repeatedy see references to GUI and Graphical User Interface, in | | short that means a computer mode where you can use the mouse to point and | | click, the oposit of a GUI mode, is the pure commandline. This is a very | | short explanation of GUI. | +-----------------------------------------------------------------------------+ Short summary of the different profiles in Skolelinux/Debian-edu, and how they can be combined. 1. Mainserver Warning All Skolelinux/Debian-edu networks must have one, and only one machine with this profile installed. You can combine this with workstation or thinclientserver if you like. Every Skolelinux network needs one, and only one machine running the 'Main-Server' profile. This machine provides the (network)services (mainly file/network and LDAP), so without this machine the network does not work. Since this machine will hold all data files it will need a lot of harddisk space. Installing this option solely results in a machine without a Graphical User Interface(=GUI), if you want a GUI you'll need include the workstation profile or thinclientserver [11] 2. Workstation Machines running the 'Workstation' profile are normal machines. Users logging on a workstation are authenticated by the machine running the mainsserver profile, and have their documents and personal settings stored in home directories on the machine running the mainserver profile. If you want access to peripherals such as cd/dvd-players/burners, digital cameras, scanner, then this is the profile you want to install 3. Thinclientserver Machines running the thinclientserver profile are able to accept thinclient connections. This profile also includes the workstation profile. To prevent network congestion machines running this profile need to have two network cards. All three profiles named so far, mainserver, workstation and thinclientserver, can be installed on the same machine. This profile also includes the profile workstation 4. Mainserver+Thinclientserver(including workstation) This combination of profiles, also called Combi-profile, makes it possible to setup a complet Skolelinux/Debian-edu network with Workstations and thinclients using only one server. This is an acceptable solution if you only intend to run a small Skolelinux/Debian-edu network, maybe about 10-15 thinclients and a few workstation. For bigger installation this is definetly not advicable. 5. Mainserver+Workstation This combination of profiles mainly gives you a mainserver with a GUI. If you don't like the idea of administrating your mainserver from the commandline, then this is the combination you should choose. 6. Note This two profile, standalone and standalone-extras is not a part of the Skolelinux/Debian-edu network, for this reason I will not deal with these profiles in this document, yet. Standalone and Standalone-Extras The two profiles Standalone and Standalone-Extras cannot be installed on the same machine together with any of the profiles mainserver, workstation and thinclientserver The 'Standalone' profile is experimental and not yet functioning. Machines running the 'Standalone' profile are meant to be run outside the Skolelinux /Debian-edu network (e.g. in the homes of pupils and teachers) as a standalone machine. The 'Standalone-Extras' profile is complementary to the 'Standalone' profile, providing extra programs for it. ------------------------------------------------------------------------------- Chapter 5. first stage of Skolelinux/Debian-edu instal 5.1. Where to get the Skolelinux/Debian-edu cdrom[id=getcdrom] There is basically two ways of getting the Skolelinux/Debian-edu cdrom; either you download it yourself, or you get someone else to do it for you. ------------------------------------------------------------------------------- 5.1.1. Download the Skolelinux/Debian-edu cdrom[id=downloadcd] The most recent stable Skolelinux/Debian-edu should be at ftp:// ftp.skolelinux.no/skolelinux-cd/skolelinux-i386-current.iso Further information about where to download the cd, and what version is the latest stable can be found at http://www.skolelinux.org/portal/get_started/ download/document_view ------------------------------------------------------------------------------- 5.2. First stage[id=firststage] The installation of Skolelinux/Debian-edu is divided into two stages, refered to as firststage and secondstage. The first stage starts when the machine boots from the Skolelinux/Debian-edu cd, and ends at the first reboot. The second stage starts when the machine boots from GRUB, and ends when the installation is finnished and the machine reboots for all services to properly restart. It's in second stage that you type the root-password. firststage usually last about 10 minutes on a relatively fast machine, while secondstage last a bit more, about 15-45 minutes. The different steps in the firststage of installation 1. Power up your machine, make sure it is able to boot from the cdrom, see Section 4.2. If your machine is able to boot from cdrom, then you will be met by this picture: Figure 5-1. Skolelinux/Debian-edu startup from cd [SLX1] [12] It's not that much do do here, other than pressing Enter[13] +-----------------------------------------------------------------------------+ | "Expert" installation[id=expert] | | | | It's possible to choose a less automatic installation, by booting with the | | option | | | | Press F1 for help, or Enter to boot:linux DEBCONF_PRIORITY=medium | | | | From Skolelinux/Debian-edu version RC3 it should be possible to just write | | | | Press F1 for help, or Enter to boot: expert | | | | instead. | | | | Note Note that the keyboard layout at this stage is set to US, that means | | that the buttons might be placed differently than you are used to. The | | =-sign is placed at the button to the left of the BACKSPACE, and the | | +-button is placed at ctrl+= and the underscore _-button is placed at | | the second button to the left of BACKSPACE combined with ctrl. FIXME, | | I realy need a US-keyboard layout. | +-----------------------------------------------------------------------------+ Figure 5-2. Choose language [SLX3] Here you must choose what language you want to use during installation, this language will be the pre-selected language for the all users. This doesn't exclude any of the other available and supported languages in Skolelinux/ Debian-edu. If you later want to change the default pre-selected language, have a look at the files /etc/environment, /etc/kde2/system.kdeglobals and /etc/X11/ XF86Config-4, and the command update-locale-config. The command man update-locale-config will give you more information about this command, and supported languages.[14] Notice in this screenshot to the right the #-sign, this indicates that there is more text available, but that it's not possible to display all in one screen, use the arrow up/down or PageDown and PageUp buttons to scroll through the whole text. At this point in the installation it's possible to jump to a Virtual Terminal (VT) with the keycombination ALT+Arrow left/right or ALT+F1,F2,F3,F4. On F2 you have a VT where you can edit files during install. +-----------------------------------------------------------------------------+ | Loading of drivermodules in VT#2 | | | | Sometimes it's necessary to manually load drivermodules during installation | | in order to get certain hardware working, such as for certain Compaq/HP | | raidcontrollers, cciss and some 3ware controllers, 3w-xxxx. You reach this | | VT by pressing ALT-F2 | +-----------------------------------------------------------------------------+ Figure 5-3. Installation of Udeb-packages. [SLX4] The necessary udeb-packages will be installed.[15] A progressbar will keep you informed about the progress. Figure 5-4. Inforation about the different "profilene" [SLX5] +-----------------------------------------------------------------------------+ | If you know that the partitions that the automatic partitioningtool will | | make are to small, and you don't want to fiddle with resizing them | | afterwards, look at Section 8.5.2, or if you like the installer to create | | some extra lvm-partitions for you, then you can in VT#2 use the editor nano | | and change the partitiontable before you choose which profiles to install, | | the files are located in the directory /etc/autopartkit | +-----------------------------------------------------------------------------+ Figure 5-5. The different profiles in Skolelinux/Debian-edu [SLX7] Have a look at Section 4.3 for a short description of the different profiles. Have a look at the sidebar keyboard layout for a brief explanation of the different keyboard buttons used during installation. You choose which profiles you want to install by placing a mark in front of the wanted profile by using the SPACEBAR to place the mark. To navigate between the different fields, you use TAB, and when you are done, move to OK and install by pressing ENTER. If your harddrive is not recognised, then maybe you need to manually load the drivermodule for your harddrive, scsi-controller or your raid-controller, do this in VT#2 Figure 5-6. Loading necessary drivermodules. [SLX11] After you have chosen what profile to instal, the necessary packages are installed, hopefully you have chosen only hardware that works out-of-the-box with Skolelinux/Debian-edu. Figure 5-7. Warning! The contents of all your harddrives will be erased! [SLX12] Warning Everything you have on your harddrives will be deleted when installing Skolelinux/Debian-edu, don't try to avoid it. Skolelinux/Debian-edu will not easily co-exist together with any other operative-system.[16] To keep on with the installation, you must choose Yes. Figure 5-8. The last packages, the kernel and the bootloader GRUB is installed. [SLX16] The last packages will be installed, the Linux kernel and the bootloader GRUB. You now have a working minimalistic Debian system installed. Figure 5-9. Last preparation for secondstage install. [SLX17] Make sure that the cd is not in the cdrom when you restart the machine, if you forget to remove it, the installation will start again. Note The first stage of Skolelinux/Debian-edu installation is now over. Note In future versions of Skolelinux/Debian-edu the installation will end with the copying of relevant logfiles made during install to a floppy, if you have a floppydrive, and if have a floppy available. If something went wrong during install, you can then easily forward these logfiles to Skolelinux/Debian-edu knowledgeable persons, see Chapter 1. The floppy must be dos-formated. ------------------------------------------------------------------------------- Chapter 6. Second stage of Skolelinux/Debian-edu install[id=secondstage] 6.1. Second stage The installation of Skolelinux/Debian-edu is divided into two stages, refered to as firststage and secondstage. The first stage starts when the machine boots from the Skolelinux/Debian-edu cd, and ends at the first reboot. The second stage starts when the machine boots from GRUB, and ends when the installation is finished and the machine reboots for all services to properly restart. It's in second stage that you type the root-password. firststage usually last about 10 minutes on a relatively fast machine, while secondstage last a bit more, about 15-45 minutes. Note The secondstage of the Skolelinux/Debian-edu installation starts now. Figure 6-1. Skolelinux/Debian-edu starting from harddrive with GRUB [17] [SLX18] Notice the countdown in the last line in this screenshot. GRUB is configured to automatically boot Skolelinux/Debian-edu after 5 seconds (in this concrete screenshot the counter has reached 4 seconds). The countdown can be stopped by pressing one of the arrow buttons, they are also used to choose which of the available Linux kernels you want to boot. The automatic boot of is very handy for unattended booting of the system. In the GRUB configurationfile, /boot/grub/menu.lst you can choose to change the default value for the countdown, the appearance of the GRUB menu, the name of the different kernels to boot, set a password, etc. In this screenshot you have two boot choices. Debian GNU/Linux, kernel 2.4.22-1-386 Debian GNU/Linux, kernel 2.4.22-1-386 (recovery mode) You choose by highlighting the kernel you want to boot, move between the different kernels with the arrow up/down buttons, and boot the wanted kernel by pressing enter. Usually you would just boot the default kernel without doing any active choices, that is the line that does not contain (recovery mode). The line containing (recovery mode) is used when you need to either do some repair or maintenance to the system, like when you need to resize the lv-partition /usr. When booting with the option (recovery mode) only a few basic services is started, no GUI. Booting with (recovery mode) is the same as Runlevel 1, which also can be reached from the commandline by typing init 1 See man init. +-----------------------------------------------------------------------------+ | Passwordprotect Grub | | | | If you have a workstation, or a laptop that many users have access to, then | | it is advisable to set a password on GRUB, so that the users can't easily | | boot different unwanted kernels, or do mischief with the machine. By | | changing some options in the file /boot/grub/menu.lst you can tighten up | | the security when booting the machine. You can disable the possibility to | | boot the option (recovery mode), and also refuse your users access to the | | GRUB commandline, unless they have the GRUB-password.FIXME, add examples | | from menu.lst | | | | See man grub-md5-crypt for howto encrypt a password in MD5 format | +-----------------------------------------------------------------------------+ Warning Passwordprotect your BIOS. Remember to also put a password on your BIOS, so that it's not possible to change the bootorder and boot from floppy or cdrom, only from the harddrive. Warning Is your server placed in a public room? If you have placed your server, against all sane advice, in a room with public access where everybody has physical access to the machine, then I advice you to immediately set a password on GRUB. grub-md5-crypt tjener:~#grub-md5-crypt Password: Retype password: $1$xZBDT0$8uoCO9XQGpBeXKnhUoU5A This encrypted password is now ready for use in /bot/grub/menu.lst To set a password on GRUB, you open the file /boot/grub/menu.lst with your favourite editor, and add the options password and lock in appropriate places, like: password --md5 $1$xZBDT0$8uoCO9XQGpBeXKnhUoU5A title Debian GNU/Linux, kernel 2.4.26-1-386 root (hd0,0) kernel /boot/vmlinuz-2.4.26-1-386 root=/dev/hda1 ro initrd /boot/initrd.img-2.4.26-1-386 savedefault boot title Debian GNU/Linux, kernel 2.4.26-1-386 (recovery mode) lock root (hd0,0) kernel /boot/vmlinuz-2.4.26-1-386 root=/dev/hda1 ro single initrd /boot/initrd.img-2.4.26-1-386 savedefault boot In this example it's not possible to boot other kernels than the normal kernel, starting the GRUB commandline is also not possible, without first providing the password, of course not in encrypted form. Remember to put appropriate access rights on the file /boot/grub/ menu.lst so that ordinary users can't read it, chmod 600 /boot/grub/menu.lst Figure 6-2. Skolelinux/Debian-edu boot in progress [SLX19] During bootup of Skolelinux/Debian-edu you will see a lot of seemingly cryptic messages scrolling by on your screen, all this is useful messages from the Linux kernel.[18] Note more or less When you want to view the contents of textfiles, such as system configurations, then the programs more and less, so called pagers is useful. Have a look at Section 8.3, or just man more man less Warning Remember to insert the cd. Figure 6-3. The root-password [SLX20] The password you are about to create, is the famous root-password. With this password you are able to do anything. Please read carefully the information provided on-screen. +-----------------------------------------------------------------------------+ | | | Note This text is from skolelinux/src/rebuilds/shadow/debian/po | | | | Before proceeding, you need to set a password for 'root', the system | | administrative account. The root password shouldn't be easy to guess, and | | it shouldn't be a word found in the dictionary, or a word that could be | | easily associated with you, like your middle name. A good password will | | contain a mixture of letters, numbers and punctuation and will be changed | | at regular intervals. The root password is changed by running the 'passwd' | | program as root. | | | | Why such caution? The root account doesn't have the restrictions that | | normal user accounts have. A malicious or unqualified user with root access | | can have disastrous results. | | | | Note that you will not be able to see the password as you type it. | | | | Please enter the same root password again to verify you have typed it | | correctly. | +-----------------------------------------------------------------------------+ Figure 6-4. Note that you will not be able to see the password as you type it. [SLX21X] Note that you will not be able to see the password as you type it. You must type it twice, the same both times. If you do it wrong, you get a new chance. +-----------------------------------------------------------------------------+ | Change the root-password | | | | The root-password can be changed from the commandline with the command | | passwd when you are logged in as root, you can also use the graphical tool | | kdepasswd found in K-menu->Tools->Change Password if you have a GUI on your | | machine, see Section 12.3.1 for more info. Have a look at Section 12.1 for | | howto change the other administrative password, ldap-administrator. | +-----------------------------------------------------------------------------+ Figure 6-5. Installation of packages in the secondstage. [SLX23] After you have created the root-password, the installation of packages in the secondstage starts, remember to insert the cd in the cdromdrive, you will be prompted to do so if you have forgotten it. The rest of the install takes about 15-45 minutes, depending how fast your machine is. Note You may now leave the machine, and take a deserved brake. Have a refreshing drink. The installation will complete without any further input need from you. It's now possible to login as user root in one of the VT by typing ALT-F2, or ALT-F3 and poke around the system a bit. Figure 6-6. Installation is complete, the necessary reboot [SLX22] After the install is complete, a reboot is necessary in oder to restart all services such as ldap, dhcp, etc. See services for a list of services that works out-of-the-box with Skolelinux/Debian-edu. Figure 6-7. Installation is complete, no KDM [SLX22] If you have chosen to install only the profile mainserver, with no GUI, then you will also have no KDM, just a textbased login Figure 6-8. Installation is complete, KDM [SLX25] If you have chosen to install a machine that includes one of the profiles workstation or ltspserver, then you will be meet by the kdm Here you login with Username: root Password: You can use TAB to move between the fields Username and Password, and then press Enter to login, instead of using the mouse. ------------------------------------------------------------------------------- 6.1.1. Something went wrong... Sometimes something goes wrong during installation, the most frequent error is the failure to automatically configure the videocard when you have chosen to install a machine that includes one of the profiles workstation or ltspserver All that happens during install is logged to the file /var/log/installer.log, there is also plenty useful information logged to the files in /var/log/ debian-installer, when you need help with a problem that has occurred during install, these files is very handy to have ready for diagnosing the problem. Always include instaler.log in your bugreports, see Chapter 1 for getting help. Note See the chapter Something went wrong... for further common failures that occur during install ------------------------------------------------------------------------------- 6.1.2. Turn off, or reboot the machine If your videocard was correctly automatic configured, and you have a nice blue kdm loginscreen, then you can from there reboot and shutdown your machine when you choose Turn off, then you can choose to reboot or turn of your machine. Note This is luckily not an option in the kdm that is present on the thinclients, otherwise anybody could reboot/shutdown the server. If you have a machine installed only with the profile mainserver, then you have to login to reboot/shutdown the machine, like in Figure 6-7, then you login as user root, then you can shutdown your machine with either of the commands halt, init 0, shutdown and reboot with reboot or init 6 If your machine stops with the message on the screen "Power Down" when you want to turn it of, you could try to see if loading the module apm helps, be warned that not all servers like the module apm, especially machines with more processors. Run the command modprobe apm, if the machine doesn't complain, and the machine now turns itself completely off, then you can permanently add the module by running the program modconf from the commandline modconf Then enter the line kernel/arch/i386/kernel and there choose apm. Now it should turn itself off completely. Warning Just remember that not all machines like apm, and why do you want to turn of your server anyway? ------------------------------------------------------------------------------- Chapter 7. Something went wrong.. 7.1. Doesn't the videocard function? If you see a black screen with white text, like this: Figure 7-1. Textbased login [SLX22] and not something like in Figure 6-8, despite having installed one of the profiles workstation or ltspserver, then something went wrong with the configuration of your videocard. It might help trying to manually reconfigure the videocard with the command dpkg-reconfigure xserver-xfree86 and answer yes to the questions asked. FIXME: a list of the questions asked during reconfigure and xfree86 should maybe be presented here? If you still experience problems with your videocard, then have a look at Section 2.6, and maybe you should consider installing a backported version of XFree86 4.3, not sure where that is available. If you just need to change the depth and resolution, then you can open the file /etc/X11/XF86Config-4 with a editor like kdesu kwrite and edit the lines corresponding to the depth you wish to have DefaultDepth 16 and the lines SubSection "Display" Depth 16 Modes "1024x768" "800x600" "640x480" +-----------------------------------------------------------------------------+ | If you aren't able to resolve your problem with the videocard within a few | | minutes, then I advice you get a new videocard that has better Linux | | support, unless it's a laptop, in which case getting another videocard | | isn't so easy. | +-----------------------------------------------------------------------------+ ------------------------------------------------------------------------------- Chapter 8. Fine-tuning[id=finetuning] 8.1. The famous commandline[id=cli] ------------------------------------------------------------------------------- 8.1.1. Shell/Terminal[id=shell] ------------------------------------------------------------------------------- 8.2. Howto edit system configurationfile[id=kedit] It's often nice to be able to edit system configurationfiles, like with grub or autopartit or bothersome videocard. For this purpose you need a tool, a texteditor. We do not use things such as bold, underline or fancy fonts in these files, so for this purpose we don't need a huge fancy application. There is already several such applications installed with your Skolelinux/Debian-edu system, some is commandline based, (vi, vim), while others have a graphical interface, like KEdit, emacs Tip Everybody should learn to use the commandline based editor vi/vim sooner or later, rather sooner. For starters, try using KEdit, you'll find it in K-menu->Texteditors->Text editor You should also try vi, vim, you find vim in K-menu->Texteditors->Debian->Vim, just follow the on-screen instructions. Warning Be warned, vi, vim are rather difficult to use in the beginning, but it's worth the effort in the long run. If you are logged in a ordinary user, maybe on a thinclient, and need to edit some systemfiles as root-user, then you could use the program kdesu and start the editor inside kdesu like this kdesu kwrite that way you run the editor with as the superuser root, of course after you have written the root-password. ------------------------------------------------------------------------------- 8.3. more or less[id=moreless] Sometimes when you issue a command, like dpkg -l or try to view a file in a Virtual Terminal or in a shell, the output is to much for one screendisplay. You could then "pipe" it through one of the applications more or less, like this dpkg -l|more and use the Spacebar to display the next screen, and q to quit. ------------------------------------------------------------------------------- 8.4. Install a kernel with support for upto 4GB ram and multi processors.[id= smp] Due to limited amount of space available on one cd, there is only one Linux kernel available on the Skolelinux/Debian-edu cd, the Linux kernel chosen is based on the lowest common denominator, which means that it should work on most kind of hardware, not only newer servers with plenty of ram and multi processors, such a kernel you must download and install afterward, which thanks to the genius package system of Debian, is very easy. Have a look at Section 8.9 for a more detailed description of apt-get and dpkg. The clueword to look for when you want a Linux kernel with support for more ram than LOWMEM=940M and more than one cpu, is SMP, aka Symmetric Multi-Processors. This command from a shell, will list available Linux kernels, ready for installation: apt-cache search kernel-image|grep smp At the time of writing this returns: kernel-image-2.4.18-1-686-smp - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.16-686-smp - Linux kernel image 2.4.16 on PPro/Celeron/PII/PIII SMP. kernel-image-2.4.18-686-smp - Linux kernel image 2.4.18 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.20-686-smp - Linux kernel image 2.4.20 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.20-k7-smp - Linux kernel image for version 2.4.20 on AMD K7 SMP. kernel-image-2.4-686-smp - Linux kernel image for version 2.4 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4-k7-smp - Linux kernel image for version 2.4 on AMD K7 SMP. kernel-image-2.4.24-1-686-smp - Linux kernel image for version 2.4.24 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.24-1-k7-smp - Linux kernel image for version 2.4.24 on AMD K7 SMP. kernel-image-2.4.21-1-686-smp - Linux kernel image for version 2.4.21 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.21-1-k7-smp - Linux kernel image for version 2.4.21 on AMD K7 SMP. kernel-image-2.4.22-1-686-smp - Linux kernel image for version 2.4.22 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.22-1-k7-smp - Linux kernel image for version 2.4.22 on AMD K7 SMP. There is realy no reason not to choose the latest available kernel, in this case version 2.4.24. You are then left with the choices: kernel-image-2.4.24-1-686-smp - Linux kernel image for version 2.4.24 on PPro/Celeron/PII/PIII/PIV SMP. kernel-image-2.4.24-1-k7-smp - Linux kernel image for version 2.4.24 on AMD K7 SMP. You choose kernel-image-2.4.24-1-686-smp if you have a Intel processors (clueword is 686), and kernel-image-2.4.24-1-k7-smp if you have a AMD processors (clueword is k7). Once you know which kernel is the correct one for your machine, you install it with the command apt-get install kernel-image-2.4.24-1 Note Some prefer to first download the kernel, and then install it with manually with dpkg, see Section 8.9.9. apt-get install kernel-image-2.4.24-1-smp --download-only dpkg -i /var/cache/apt/archives/kernel-image-2.4.24-1-smp When you install the new kernel, you might see something like this: S tter kernel-image-2.4.24-1-k7 (2.4.24-3) op... You are attempting to install a kernel version that is the same as the version you are currently running (version 2.4.24-1-k7). The modules list is quite likely to have been changed, and the modules dependency file /lib/modules/2.4.24-1-k7/modules.dep needs to be re-built. It can not be built correctly right now, since the module list for the running kernel are likely to be different from the kernel installed. I am creating a new modules.dep file, but that may not be correct. It shall be regenerated correctly at next reboot. I repeat: you have to reboot in order for the modules file to be created correctly. Until you reboot, it may be impossible to load some modules. Reboot as soon as this install is finished (Do not reboot right now, since you may not be able to boot back up until installation is over, but boot immediately after). I can not stress that too much. You need to reboot soon. Please Hit return to continue. Here there is nothing else to do, but hit Return to continue. +-----------------------------------------------------------------------------+ | You need to reboot | | | | In order for the the newly installed kernel to be taken in use, you must | | reboot. | | | | Note This is the only time you ever need to reboot your Skolelinux/ | | Debian-edu machine, when installing other programs, there is no need | | for a reboot, only when installing a new kernel. | +-----------------------------------------------------------------------------+ After you have installed a smp-enabled kernel, and have rebooted your machine, you can use these commands to see if the newly installed kernel sees all of your processors and ram; free cat /proc/cpuinfo ------------------------------------------------------------------------------- 8.5. Change the size of the lvm-partitions[id=lvmresize] Tip You should definetly supplement this short introduction to lvm with the full in-depth documentation on lvm available from The Linux Documentation Project under the link LVM-HOWTO There is at the moment 6 partitions[19] of type lvm in Skolelinux/Debian-edu, they are grouped in two different vg's, vg_system and vg_data: 1. /usr, see Section 8.5.1 2. /skole/tjener/home0, see Section 8.5.2 3. /skole/backup, see Section 8.5.3 4. /var, see Section 8.5.4 5. /var/opt/ltsp/swapfiles, see Section 8.5.5 6. swap ------------------------------------------------------------------------------- 8.5.1. Resize partition /usr[id=lvm-usr] This lv belongs to vg_system, and it's present in the profiles mainserver, workstation and thinclientserver. All installed program is placed in this partition. If this partition is full, you can't add new packages to the system. The resizing of this partition is a bit tricky. 1. The tricky part with resizing this partition, is that you have to umount a partition that you are using, kind of like sawing of a treebranch that you are sitting on, but we manage by using a neat small trick; switching to the shell ash. First you need to bring the machine down to runlevel 1, then you switch to the shell ash. First you need to tell all your users that they have to logout, otherwise they will be forcefully loged out, then do init 1 from the commandline 2. The machine is now in runlevel 1, login as user root, switch to another shell exec /bin/ash You will recognise that you are using a different shell by the prompt, which looks like: \h:w\$. If you make a typo in the shell ash, you have to start writing the command all over again, the Backspace and arrow buttons doesn't work here, start all over with Ctrl-C 3. First we notice the current size of /usr before we change it df -h /usr Filesystem Size Used Avail Use% Mounted on /dev/vg_system/lv_usr 1.0G 400M 600M 40% /usr 4. Then have a look how much free space it is in vg_system vgdisplay /dev/vg_system Look for a line like: Free PE / Size 175 / 5.47 GB 5. Then we umount the partition umount /usr 6. Then to be on the safe side, we do a check of the filesystem fsck -yf /dev/vg_system/lv_usr [20] 7. If you found when checking the space available in vg_system something like vgdisplay /dev/vg_system Free PE / Size 175 / 5.47 GB Then you have 5.47GB free space that you can use to extend lv_usr If you want to increase the size with 1GB, then this is the command: e2fsadm -L +1G /dev/vg_system/lv_usr If you want to increase the size with 100MB, then this is the command: e2fsadm -L +100M /dev/vg_system/lv_usr If you want to decrease the size with 250MB, then this is the command: e2fsadm -L -250M /dev/vg_system/lv_usr Due to the bug [21] Watch for this pattern when resizing: resize2fs 1.27 (8-Mar-2002) Begin pass 1 (max = 2564) Extending the inode table XXXXXXXXXXXXXXXXXXXXXXXXXXX Begin pass 2 (max = 160) Relocating blocks XXXXXXXXXXXXXXXXXXXXXXXXXXX Begin pass 3 (max = 52) Scanning inode table XXXXXXXXXXXXXXXXXXXXXXXXXXX Begin pass 5 (max = 9) Moving inode table XXXXXXXXXXXXXXXXXXXXXXXXXXX 8. If you do not see on your screen a long line of uppercase X, like this: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX when you resize a partition, then something went wrong If something went wrong, you could try to mount, and the umount the partition again, and then try to resize it again, but do not try to resize it with the same amount as last time. Warning If you have to resize your partition a second time, because the first try failed, then you should try to resize it with only 32M, because it will "remember" the size you tried to resize it with the first time, and will will use that value in addition to the amount you specify the second time. So, if you failed resizing the first time with +1200M, and try again with +1200M, the net effect will be +2400M, probably not what you wanted. If you try with +32M in the second try, then the net effect will be +1232M, which is probably close to what you wanted. 9. If the resize was successful, then you can mount the partition with mount /usr, then you check the new size of the partition with df -h /usr,in this case it should look something like: Filesystem Size Used Avail Use% Mounted on /dev/vg_system/lv_usr 2.0G 400M 1.6G 20% /usr 10. Now you can restart the machine with init 6, and your users can logon. ------------------------------------------------------------------------------- 8.5.1.1. Problems and solutions Q: When I try to umount a partition., it fails with the error "device busy" Q: I have resized the partition, but I can't see any difference in the size. Q: After I have mounted the partition, and the machine is starting up again from runlevel 1, it hangs with the message NFS..... Q: When I try to umount a partition., it fails with the error "device busy" A: This is most likely due to the fact that a user, or a program is using the partition. If you are trying to umount /skole/tjener/home0, then maybe not all your users have logged out. If you are trying to umount /var, then you must first umount the partition /var/opt/ltsp/swapfiles. If the device still is busy, then if possible, try to bring the machine down to runlevel 1, init 1 . Q: I have resized the partition, but I can't see any difference in the size. A: This might be bug #439, the solution is to remember to check and repair the filesystem before your try to change it, fsck -fy, then you try a second time to resize the partition, but don\t try to change it with more than 32M, use e2fsadm -L +32M. Q: After I have mounted the partition, and the machine is starting up again from runlevel 1, it hangs with the message NFS..... A: The only solution I know of, is to restart the machine hard, that means on/ off with the powerbutton. This problem could have been avoided if you had used init 6, or reboot after you had resized the partition in runlevel 1, and not just used exit. ------------------------------------------------------------------------------- 8.5.2. Resize /skole/tjener/home0[id=lvm-home0] This lv belongs to vg_data, and it's only present in the profile mainserver This is the partition where the users homedirectories resides. The resize of /skole/tjener/home0resize is done pretty much the same way as with /usr, as a matter of fact it's much easier, since this doesn't involve changing to runlevel 1 or changing the shell.I'll briefly mention the relevant commands, see resize /usr for more info. 1. Login as root, and tell all your users they must logout. 2. Check the current size of your partition,df -h /skole/tjener/home0 3. Umount the partition, umount /skole/tjener/home0 4. Check and repair the filesystem, fsck -fy /skole/tjener/home0 5. Check the amount off available space in the volumegroup,vgdisplay /dev/ vg_data. You could also use pvscan. 6. Resize the partition, in this example it's increased with 400M, e2fsadm -L +400M /dev/vg_data/lv_home0 7. Mount the partition, mount /skole/tjener/home0 8. Check the new size of the partition, df -h /skole/tjener/home0 9. If you do not see any change in the size, then the resize probably wasn't successful, have a look at /usr Section 8.5.1, and the Problems and Solutions ------------------------------------------------------------------------------- 8.5.3. Resize /skole/backup[id=lvm-backup] This lv belongs to vg_data, and it's only present in the profile mainserver This is the default partition used for placing the backups made and administrated with the Skolelinux/Debian-edu developed Webmin-module slbackup. Resize of this partition is very similar to the resize of /skole/tjener/home0, see Section 8.5.2, it belongs to the same vg-group, vg_data. If you want to increase /skole/backup with 600MB, the command would be umount /skole/backup e2fsadm -L +600M /dev/vg_data/lv_backup mount /skole/backup ------------------------------------------------------------------------------- 8.5.4. Resize /var[id=lvm-var] This lv belongs to vg_system, and it's present in the profiles mainserver and thinclientserver. The resize of this partition is done in a similar way as the resize of /usr, expect you don't need to switch to another shell. But you must remember to umount the partition /var/opt/ltsp/swapfiles if this is done a machine with the profile Thinclientserver installed, see swapfiles If you want to increase /var with 400MB, the command would be e2fsadm -L +400M /dev/vg_system/lv_var ------------------------------------------------------------------------------- 8.5.5. Resize /var/opt/ltsp/swapfiles[id=lvm-swapfiles] This lv belongs to vg_system, and it's only present in the profile thinclientserver This partition contains the swapfiles for the thinclients, these swapfiles are each of size 32MB [22][23] This partition is resized similar to /skole/tjener/home0. A resonable size of this partition would be 32M times number of thinclients you plan to have. If you try to boot more thinclients with swapfiles than you have space in /var/opt/ltsp/swapfiles, then the thinclient will not boot. These swapfiles will be placed in /var/opt/ltsp/swapfiles, with the filename ltsp010.swap, ltsp011.swap,ltsp012.swap. If yoy delete these swapfiles, they will be created again next time the thinclient boots. If you want to increase /var/opt/ltsp/swapfiles with 600MB, the command would be e2fsadm -L +600M /dev/vg_system/lv_ltsp_swap ------------------------------------------------------------------------------- 8.5.6. swap[id=lvm-swap] This lv belongs to vg_system, and it's present in the profiles mainserver, workstation and thinclientserver. ------------------------------------------------------------------------------- 8.5.7. Add a new volume(lv)[id=newlv] For things such as video and picture, and users that need extra filespace, you might need to create a new volume. Let's pretend we need a volume for our videofotage. Let us name it video, and place it in vg_data as /dev/vg_data/ lv_video, and mount it at /skole/video Firt we need to find out how much space we have available in vg_data vgdisplay /dev/vg_data or maybe there is more space in vg_system vgdisplay /dev/vg_system Another option that displays the same kind of inromation is pvscan We must create the mountpoint /skole/video mkdir /skole/video Then we create the new volume lvcreate -L 2G -n lv_video vg_data In this example the size is 2GB, have a look at lvm-home0 for howto resize this. Then we need to make a filesystem mke2fs -j /dev/vg_data/lv_video Then add this new partitioin , using your favourite texteditor, to /etc/fstab, use your favourite texteditor, otherwise this new partition won't be mounted atutnmatically at boot. In our example you add this line add the end of /etc/ fstab /dev/vg_data/lv_video /skole/video ext3 defaults 0 2 Now you test your new partitoion, mount it by hand with mount /skole/video, have a look at the size with df -h /skole/video ------------------------------------------------------------------------------- 8.5.7.1. Add the new volume to autofs[id=newlvmautofs] Warning This has not yet been testet with the new ldap schemas that comes with Skolelinux/Debian-edu 1.0 Skolelinux/Debian-edu uses autofs to export partitions to machines that might need them, workstation and thinclientserver needs to be able to mount the users home-directories, so if you have made anohter home-partition, maybe /skole/ tjener/home1 and /skole/tjener/home2 then you must make sure that they are also exported along with /skole/tjener/home0 via auofs to the needed machines. The necessary information lies in the LDAP-database, so we must add this new information the LDAP-database. This is easiest done with adding this new information to a file, and then add the contents of this file to our LDAP-database. Lets call this file /root/video.ldif, with this contents: dn: cn=video,ou=tjener,ou=skole,ou=Automount,dc=skole,dc=skolelinux,dc=no objectClass: top objectClass: automount cn: video automountInformation: -rw,rsize=8192,wsize=8192,intr tjener:/skole/video description: /skole/video mount point This is the info that we wan't to add, like this: /etc/init.d/slapd stop /etc/init.d/nscd stop slapadd -l /root/video.ldif /etc/init.d/slapd start /etc/init.d/nscd start I tillegg m denne partisjonen legges til i fila for eksportering, legg til f lgende linje i fila /etc/exports /skole/video @allhosts(rw) 10.0.2.0/255.255.254.0(rw)[24] Deretter m du kj re exportfs -ra ------------------------------------------------------------------------------- 8.5.8. Adding a new disk to lvm in Skolelinux/Debian-edu This is a short recepy, additional details comes at a later date 1. Hook up the new disk to the system, in this example it becomes /dev/hdb, and we wan't to add it to the volume group vg_data 2. pvscan 3. df -h 4. pvcreate /dev/hdb 5. Check with pvscan what the devfs-path to you new disc is vgextend vg_data /dev/ide/host0/bus0/target1/disc 6. To remove the disk again from the vg-group, umount all partitions, and then do a vgreduce vg_data /dev/ide/host0/bus0/target1/disc ------------------------------------------------------------------------------- 8.6. Edit host netgroups A "host netgroup" (hence "netgroup") can be compared to a guest list when you are inviting somebody to a party. You have made the guest list to avoid unwanted guests, for instance crooks. In a computer network, the guests are a bit different. They are "Internet hosts", e.g. printers, thin client servers or workstations. If these hosts are on the guest list, they are welcome to do their task on the network. If they are not, they are automaticly kept out by the door-keeper. A netgroup thus keeps track of the guests, or "hosts" in "Internet lingo". It can also keep track of other netgroups, and this adds to simplified administration of e.g. access to the Internet or to a file server. It is much easier to administrate groups of hosts than stating every single host everywhere. You have to use netgroups correctly to avoid extra administration. It is useless to have for example a netgroup named "workstation-hosts" with 250 different hosts in it. It is better to use sub groups. The workstations could be grouped into "computerlab01-hosts", "computerlab02-hosts" and "teachers-hosts", and these could be subgroups to another netgroup named "workstation-hosts". In the future skolelinux will probably use netgroups for other various tasks. Today they are used to prevent unwanted guests to the file server. ------------------------------------------------------------------------------- 8.6.1. The netgroup module To edit netgroups, you have to use Webmin. The module is named "Edit host netgroups" and is found under the "System"-tab. Figure 8-1. Overview of netgroups [netgroups_] On a newly installed Skolelinux-tjener, the following netgroups are added: ltsp-server-hosts All the thin client servers in the network. printer-hosts All the printers in the network. server-hosts All the servers in the network. This is primarily "tjener", but if you move e.g. the backup service to another host, add that host here. workstation-hosts All the groups containing workstations, or all the workstations in a small network. all-hosts This group contains no hosts, but all other netgroups. Important Naming conventions Note how all the netgroup names end with "-hosts". This is to make it easier to distinct netgroups from other groups where it should become necessary. We suggest you use the same naming convention. ------------------------------------------------------------------------------- 8.6.2. Adding hosts to a netgroup In the overview, clik on the netgroup you want to make changes to. A new window appears, showing hosts, sub groups and netgroups available to add as sub groups and an area for adding new hosts. Figure 8-2. Adding hosts to a netgroup [netgroups_] Enter the name on a line of its own for every host you want to add to the netgroup. If you check the "Verify validity of hosts"-box, every hostname will be tested and only those valid will be added. Note that this may slow down the process. If you check the "Make sure the hostnames can be used by the file server"-box, every hostname will be tested and only those usable to the file server will be added. Note that this may slow down the process. Click on "Add" to add the entered hosts to the netgroup. You will see the same page, now with the new hosts in the list. Figure 8-3. New hosts added to the netgroup [netgroups_] Click on "Back" when you are finnished editing the netgroup. Remember to save your changes. ------------------------------------------------------------------------------- 8.6.3. Saving changes Return to the overview when you are finnished making your changes. Notice the actions in the action queue. When you are done, enter your LDAP-password and click on "Execute actions". The changes are sent to the catalogue server, and you get a new window showing the replies from the server. For every successfull action, the server replies "Success". You can remove actions you regret or made by mistake. Select the actions you want to remove from the queue and click on "Delete selected actions". Actions depending on those removed will not be executed. If you for example remove the action "Add netgroup 'computerlab01-hosts'", the action "Add host(s) (dhcp123, dhcp124, dhcp125)" will not be executed. Figure 8-4. Changes are saved [netgroups_] ------------------------------------------------------------------------------- 8.6.4. Adding a new netgroup Enter the name of the new netgroup in the "Name of group"-textfield in the "New group"-area and click on "Create group". The name has to be between 9 and 40 characters and contain only alphanumeric characters and hyphens. Figure 8-5. Adding a new netgroup [netgroups_] The new netgroup is now listed together with the other groups. Figure 8-6. New group added [netgroups_] ------------------------------------------------------------------------------- 8.6.5. Adding a subgroup In the overview, click on the group you want to add subgroups to. If you want to add "computerlab01-hosts" as a subgroup to "workstation-hosts", click on "workstation-hosts". Figure 8-7. Adding a subgroup [netgroups_] Select the group you want to add as a sub group and click on "Add selected groups". The sub groups are now listed as a sub group. Figure 8-8. Subgroup added [netgroups_] Remember to save your changes. ------------------------------------------------------------------------------- 8.6.6. Deleting a netgroup In the overview, select the netgroups you want to remove and click on "Delete selected groups". Remember to save your changes. ------------------------------------------------------------------------------- 8.6.7. Removing hosts from a netgroup In the overview, click on the group you want to change. Select the hosts you want to remove and click on "Remove selected hosts". Remember to save your changes. ------------------------------------------------------------------------------- 8.6.8. Removing a subgroup In the overview, click on the group you want to change. Select the sub groups you want to remove and click on "Remove selected sub groups". Remember to save your changes. ------------------------------------------------------------------------------- 8.7. Thinclient setup Each thin client has a wide range of options that can be changed on a individual thinclient basis. * Videocard * PXE-networkcard or regualr networkcard * Will it act as a printserver? * Serial, PS/2 , USB or scrollmouse? * Will you enable the floppydrive, or use USB-pendrives? All these options are spesified in the file /opt/ltsp/i386/etc/lts.conf, men dine tynnklienter m v re l st mot en IP-adresse i fila /etc/dhcp3/ dhcpd-skolelinux.conf[25] ------------------------------------------------------------------------------- 8.7.1. Lage oppstartsdiskett for vanlige (ikke PXE-kort) nettverkskort Jeg anbefaler bruk av PXE-nettverkskort, men hvis det ikke er mulig, s m man bruke vanlige nettverkskort og oppstartsdisketter. Disse diskettene finner du ferdig lagdd og klare til nedlasting fra nettstedet rom-o-matic.com, i skrivende stund er det versjon 5.0.11 som anbefales. Det er to ting du skal gj re: * Finne riktig ROM i forhold til det nettverkskortet du har, listen over tilgjengelige ROM er lang som et vondt r (hint PXE). * Overf re denne ROM til en diskett, med kommandoen, som root cat eb-5.0.11-3c905-tpo.lzdsk>/dev/fd0 ------------------------------------------------------------------------------- 8.7.2. Universaloppstartsdiskett, passer for 30 forskjellige nettverskkort. Det finnes en diskett som st tter omtrent 30 forskjellige typer nettverskkort, med denne disketten s er sannsynligheten stor for at du slipper fikle med finne ut hva slags nettverskort du har. Disketten er en del av prosjektet Thinstation, der skal du laste ned "Universal boot floppy". Filen du laster ned heter BootDisk522b.zip, denne kan pakkes ut p Windows med et zip-verkt y, eller p Skolelinux/Debian-edu ved trykke p den, eller med kommandoen unzip BootDisk522b.zip, da vil du se noe slikt som klaus@tjener:$ unzip BootDisk522b.zip Archive: BootDisk522b.zip inflating: rawrite2.exe inflating: ebnet522.dsk inflating: Readme.txt I fila Readme.txt finner du detaljert informasjon om hvordan denne universaldisketten er lagd, samt hvordan du lager den selv. Som root lager du den med kommandoen cp ebnet522.dsk /dev/fd0 ------------------------------------------------------------------------------- 8.7.3. L se tynnklienter med MAC-adresse til et IP-nummer. For at du skal kunne spesialtilpasse dine forskjellige tynnklienter, s m du kunne identifisere dem, skille dem fra hverandre. Dette gj res ved hjelp av tynnklientens nettverkskort og den unike MAC-adressen alle nettverskkort har. De fleste nettverkskort har MAC-adressen p skrevet et eller annet sted, men ikke alle, det st r da ofte noe s nt som 0000864A585A, eller 00-00-86-4A-58-5A, eller 00:00:86:4A:58:5A, dette er tall i 16-talls systemet. Hvis det ikke st r noe p kortet, s kan du ta en titt i fila /var/log/syslog, der vil tynnklientens MAC-adresse bli registert n r den fors ker starte. Samtidig som tynnklienten starter, s kan du se p hva som blir logget med kommandoen tail -f /var/log/syslog da vil du se noe som Jan 4 19:04:44 tjener dhcpd-2.2.x: DHCPDISCOVER from 00:00:86:4a:58:5a via eth1 Jan 4 19:04:44 tjener dhcpd-2.2.x: DHCPOFFER on 192.168.0.201 to 00:00:86:4a:58:5a via eth1 Jan 4 19:04:45 tjener dhcpd-2.2.x: DHCPREQUEST for 192.168.0.201 from 00:00:86:4a:58:5a via eth1 Jan 4 19:04:45 tjener dhcpd-2.2.x: DHCPACK on 192.168.0.201 to 00:00:86:4a:58:5a via eth1 her ser du MAC-adressen, samt hvilket IP-nummer denne tynnkliente f r. N som du vet hva MAC-adressen er, s kan du skrive den inn i fila /etc/dhcp3/ dhcpd-skolelinux.conf, f.eks host ltsp010 { hardware ethernet 00:00:86:4a:58:5a; fixed-address 192.168.0.10; #filename "/tftpboot/lts/vmlinuz-2.4.19-ltsp-1"; filename "/tftpboot/lts/pxelinux.0"; #option option-128 e4:45:74:68:00:00; #option option-129 "NIC=3c509"; } Etter at du n har skrevet inn MAC-adresse, s m du restarte dhcp-serveren, det gj res med kommandoen /etc/init.d/dhcp3-server restart [26] I dette tilfellet har jeg bestemt meg for at tynnklienten med MAC-adresse 00:00:86:4a:58:5a skal hete ltsp010 og da ha ip-nummer 192.168.0.10. Navnene ltspXXX kan ikke endres til noe annet, f.eks rom203. Det vil ikke virke. Husk at et "#" foran en linje i fila /etc/dhcp3/dhcpd-skolelinux.conf betyr at denne linja er en kommentar. Her har jeg satt et kommentartegn foran linja #filename "/tftpboot/lts/vmlinuz-2.4.19-ltsp-1"; mens det foran linja filename "/tftpboot/lts/pxelinux.0"; ikke er et kommentartegn. Det betyr at denne tynnklienten har et nettverkskort av typen PXE, og derfor skal ha oppstartbildet pxelinux.0, hvis det ikke hadde v rt et PXE-nettverkskort, men et helt vanlig kort som trenger en etherboot oppstartsdiskett, se Section 2.4, s trenger den oppstartsbildet vmlinuz-2.4.19-ltsp-1 Andre valg du kan gj re for hver enkelt tynnklient i denne fila er aktivere (dvs fjerne kommentartegnet) foran option option-128 e4:45:74:68:00:00; option option-129 "NIC=3c509"; hvis og bare hvis du har et 3com509 ISA-nettverkskort i din tynnklient. ------------------------------------------------------------------------------- 8.7.4. Spesialtilpassing av tynnklienter I fila /opt/ltsp/i386/etc/lts.conf har man muligheten til spesialtilpasse hver enkelt tynnklient, men ogs gj re tilpasninger som gjelder alle p en gang. Her nsker jeg gj re oppmerksom p at det allerede finnes et stort dokument, oversatt til norsk av Ragnar Wisl ff, som tar for seg hvordan man setter opp tynnklienter, ltsp.org se i menyen Documentation. Jeg nevner i korte trekk de viktigste endringer man kan gj re i /opt/ltsp/i386/ etc/lts.conf, og anbefaler alle lese dokumentasjonen som finnes p http:// www.ltsp.org ------------------------------------------------------------------------------- 8.7.4.1. Printer tilkoblet tynnklient For spesifisere at du har en printer tilkoblet p parallellporten p en tynnklient, m f lgende linjer legges til i /opt/ltsp/i386/etc/lts.conf : [ltsp050] PRINTER_0_DEVICE =/dev/lp0 PRINTER_0_TYPE =P bytt ut ltsp050 med det korrekte navnet p din tynnklient. Se avsnitt Section 10.1. ------------------------------------------------------------------------------- 8.7.4.2. Seriel mus Legg til f lgende i /opt/ltsp/i386/etc/lts.conf hvis du har en serielmus (kobles til COM-port) [ltsp051] X_MOUSE_PROTOCOL = "Microsoft" X_MOUSE_DEVICE = "/dev/ttyS0" X_MOUSE_RESOLUTION = 400 X_MOUSE_BUTTONS = 2 X_MOUSE_EMULATE3BTN = Y ------------------------------------------------------------------------------- 8.7.4.3. Optisk mus med usb og hjul Legg til disse linjene i lts.conf X_MOUSE_PROTOCOL = "imps/2" X_MOUSE_DEVICE = "/dev/input/mice" RCFILE_01 = "usbdev" Lag i tillegg et skrip som du lagrer som /opt/ltsp/i386/etc/rc.d/usbdev med dette innholdet #!/bin/sh echo "USB Mouse Support..." insmod usbcore insmod usb-uhci insmod input insmod mousedev insmod usbmouse echo "USB Keyboard Support..." insmod keybdev insmod usbkbd ------------------------------------------------------------------------------- 8.7.4.4. Hjulmus Legg til f lgende i /opt/ltsp/i386/etc/lts.conf hvis du har en scrollmus [ltsp052] X_MOUSE_PROTOCOL = "IMPS/2" det er ikke sikkert at dette vil gj re at hjulet virker, kan hende at dette f r musa de til g helt berserk. ------------------------------------------------------------------------------- 8.7.4.5. Diskettstasjon Legg til f lgende i /opt/ltsp/i386/etc/lts.conf hvis nsker bruke diskettstasjonen p denne tynnklienten [ltsp053] RCFILE_01=floppyd se avsnit Section 10.2 for mer info. ------------------------------------------------------------------------------- 8.7.4.6. Skjermkort driver Noen skjermkort lar seg ikke konfigurere automatisk, dette gjelder spesielt eldre skjermkort. Det kan da ofte v re n dvendig m tte spesifikt angi hvilken skjermkortdriver som skal benyttes, noen ganger er det ogs n dvendig spesifisere at en eldre versjon av XFree86 skal brukes. F.eks s m man bruke en eldre versjon av XFree86 p maskiner av typen Compaq Deskpro 4000, for denne typen skjermkort m vi legge til f lgende linjer i /opt/ltsp/i386/etc/lts.conf [ltsp054] XSERVER=XF86_SVGA ------------------------------------------------------------------------------- 8.7.4.7. Skjermoppl sning Det er noen ganger nskelig bruke en annen oppl sning enn 1024x768 som er standard p tynnklienter. Det er ikke alle skjermkort som klarer en slik oppl sning, det ser ogs litt rart ut p 14" og 15" skjermer, der passer 800x600 mye bedre. Disse linjene i /opt/ltsp/i386/etc/lts.conf gj re dette mulig [ltsp060] X_MODE_0=800x600 ------------------------------------------------------------------------------- 8.8. Virker nettverkskortene? Med kommandoen ifconfig vil du se tilstanden p nettverkskortene. Tip Denne kommandoen er ogs grei bruke for finne ut hvilken ip-addresse en maskin har, samt hvilken MAC-addresse den har (det som heter "HWaddr"). En annen m te sammle inn MAC-adresser p er ta en titt p syslog-fila samtidig som maskinen du nsker finne MAC-adressen til starter opp, da er det bare klippe og lime. Bruk kommandoen, som root, tail -f /var/log/syslog da vil du se noe slikt som Jun 2 22:52:28 tjener dhcpd-2.2.x: DHCPDISCOVER from 00:02:b3:8f:66:76 via eth1 Jun 2 22:52:28 tjener dhcpd-2.2.x: DHCPOFFER on 192.168.0.13 to 00:02:53:8f:66:76 via eth1 Jun 2 22:52:29 tjener dhcpd-2.2.x: DHCPREQUEST for 192.168.0.13 from 00:02:53:8f:66:76 via eth1 Jun 2 22:52:29 tjener dhcpd-2.2.x: DHCPACK on 192.168.0.13 to 00:02:53:8f:66:76 via eth1 Bruk Ctrl-C for avbryte. tjener:~# ifconfig eth0 Link encap:Ethernet HWaddr 00:04:75:81:AA:78 inet addr:10.0.2.2 Bcast:10.0.3.255 Mask:255.255.254.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:27892 errors:0 dropped:0 overruns:0 frame:0 TX packets:26194 errors:0 dropped:0 overruns:0 carrier:0 collisions:5 txqueuelen:100 RX bytes:23495725 (22.4 MiB) TX bytes:2810447 (2.6 MiB) Interrupt:11 Base address:0xdc00 eth1 Link encap:Ethernet HWaddr 00:04:75:81:AA:FD inet addr:192.168.0.254 Bcast:192.168.0.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1976176 errors:0 dropped:0 overruns:26 frame:0 TX packets:2271670 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:100 RX bytes:486381910 (463.8 MiB) TX bytes:1131449472 (1.0 GiB) Interrupt:10 Base address:0xe000 lo Link encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 UP LOOPBACK RUNNING MTU:16436 Metric:1 RX packets:44174 errors:0 dropped:0 overruns:0 frame:0 TX packets:44174 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:11789085 (11.2 MiB) TX bytes:11789085 (11.2 MiB) Hvis det du ser ligner p det over, men s kommer du allikevel ikke p nett, s kan det komme av at du m gj re noe med DNS-oppsettet ditt. Ta en titt p avsnitt i dokumentasjonen p Coyote Linux, Section 3.11. ------------------------------------------------------------------------------- 8.9. Administrasjon av pakker. For installere pakker, s trenger vi definere fra hvor vi nsker hente dem, hvor er v rt pakke-reservoar. Vi definerer v rt pakke-reservoar i fila /etc/apt/sources.list +-----------------------------------------------------------------------------+ | Formatet p linjene i denne fila f lger en helt bestemt syntaks. Hvis du | | skriver en linja feil, s vil du f en ganske grei feilmelding n r du fors | | ker oppdatere databasen over tilgjengelige pakker, den vil gi klar | | beskjed om hvilken linja i fila som er feil. | | | | I denne fila s signaliserer man ved hjelp av et nummertegn "#" p | | begynnelsen av linja at dette er en kommentar, dvs denne linja "hoppes" det | | over. Denne m ten "kommentere ut" er typisk i de fleste | | konfigurasjonsfiler i Linux, andre varianter er ";" og "//". | +-----------------------------------------------------------------------------+ Vi kan jobbe med administrasjonen av pakker enten via kommandolinja, eller ved hjelp av en eller annen grafisk applikasjon, som f.eks KPackage Section 13.6, eller Webmin Section 13.1 En rask introduksjon til bruken av kommandolinja for jobbe med administrasjonen av pakker gies i dette avsnittet. deb ftp://ftp.skolelinux.no/debian/ woody main contrib non-free deb ftp://ftp.skolelinux.no/debian-non-US/ woody/non-US main contrib non-free deb ftp://ftp.skolelinux.no/skolelinux/ woody local Disse linjene inneholder info om fra hvor vi vil hente v re pakker. Hvis man legger inn nye linjer i denne fila, s m man oppdatere databasen som inneholder info om hva som er tilgjengelig. Se Chapter 14 for andre linjer man kan legge inn og hente pakker fra. ------------------------------------------------------------------------------- 8.9.1. Oppdater databasen med info om tilgjengelige pakker. Utvalget av tilgjengelige pakker endrer seg hele tiden, det kommer nye pakker, pakker kommer i nyere versjoner osv. Det er derfor n dvendig s rge for at databasen som inneholder informasjonen om pakkene hele tiden er ajour. Det gj res med kommandoen apt-get update Gj r det til en god vane alltid kj re denne kommandoen f r du oppgradere eller legger inn nye pakker. ------------------------------------------------------------------------------- 8.9.2. Oppgradere samtlige installere pakker til en nyere versjon +-----------------------------------------------------------------------------+ | Noen ganger s vil du se en endringdmelding(Changelog) som gjelder de | | pakkene du er i ferd med installere/oppgradere, som f.eks | | | | kdeaddons (4:3.1.0-4) unstable; urgency=low | | | | * Rebuilt against libvorbis0a (closes: #184713). | | * Removed alpha compile flags. | | * Fresh admin/ sync. | | | | -- Ben Burton Sun, 16 Mar 2003 16:00:19 +1100 | | | | kdeaddons (4:3.1.0-2) unstable; urgency=low | | | | * First KDE3 upload to debian! | | * Applied Ewald Snel's patch for xine support. | | * Rolled the epoch to aid upgrades from the unofficial repository on | | ftp.kde.org.. *sigh* | | : | | | | Bruk "Space"-knappen p tastaturet for bla deg frem til slutten p | | meldingen, da st r det | | | | quanta (1:3.0pr1-1) unstable; urgency=low | | | | * New upstream release. | | * Built for KDE3. | | | | -- Ben Burton Wed, 4 Sep 2002 10:36:12 +1000 | | | | (END) | | | | Trykk s p "q"-knappen, for Quit, da vil du se | | | | Fetched 60.2MB in 11m24s (87.9kB/s) | | Reading changelogs... Done | | apt-listchanges: Do you want to continue? [Y/n]? | | | | For fortsette m du trykke p "Y", for Yes. | +-----------------------------------------------------------------------------+ Samtlige pakker som allerede finnes installert, lar seg oppgradere til en eventuelt nyere versjon med kommandoen apt-get upgrade Warning Noen ganger kan det v re veldig kjekt vite hva som faktisk kommer til skje f r man starter en oppgradering av alle installerte pakker, kan hende passer det ikke der og da starte nedlastingen av flere store pakker, kanskje kan det vente til det er mer b ndbredde ledig. Ved f rst kj re apt-get upgrade -s s vil ingenting skje, da simuleres en oppgradering. Hvis det kommer frem for mye info p skjermen, s kan du pr ve apt-get upgrade -s|more Hvis det ser greit ut, s tar du bort "-s" Det s kalte pipe-tegnet, "|" befinner seg (som oftest) rett under tastene F1 og ESC p tastaturet. ------------------------------------------------------------------------------- 8.9.3. Oversikt over hvilke pakker som er installert Oversikt over installerte pakker f r du med dpkg -l|more v r klar over at de to f rste bokstavene indikerer hva slags tilstand pakken befinner seg i, "ii" betyr at den er fult installert. ------------------------------------------------------------------------------- 8.9.4. Lete etter en bestemt pakke Hvis du ikke husker navnet p en pakke, s kan du s ke gjennom databasen med apt-cache search hvis det kommer for mye frem p skjermen s kan du pr ve apt-cache search |more Krokodilletegnene, < og > skal ikke brukes, det er kun her i eksempelet at de brukes. ------------------------------------------------------------------------------- 8.9.5. Vise tilgjengelig informasjon om en pakke. Kommandoene apt-cache showpkg og apt-cache policy vil gi deg detaljert info om pakken. ------------------------------------------------------------------------------- 8.9.6. Installere en pakke N r vi har funnet den pakken vi nsker installere, s gj res det med apt-get install Hvis du nsker se hva som skjer n r du installere, s kan du simulere en installasjon f rst med apt-get install -s ------------------------------------------------------------------------------- 8.9.7. Fjerne en installert pakke For finne den aktuelle pakken vi nsker fjerne, s bruk de tidligere nevnte kommandoene for finne navnet p pakken N r vi vet hva pakken heter, s fjernes den enkelt med kommandoen apt-get remove Hvis du nsker se hva som skjer n r du fjerner pakken, s kan du simulere fjerningen f rst med apt-get remove -s ------------------------------------------------------------------------------- 8.9.8. Installer en helt bestemt versjon av en pakke N r man installerer en pakke med kommandoen apt-get install s vil automatisk nyeste versjon bli installert, men noen ganger nsker man kanskje ikke den nyeste versjonen, men en litt eldre versjon. apt-get install =eldre_versjons_nummer Hvis jeg synes at en eldre versjon av backup modulen i Webmin er bedre, s vil jeg ved kj re apt-cache showpkg webmin-slbackup f en oversikt over tilgjengelige versjoner tjener:~# apt-cache showpkg webmin-slbackup Package: webmin-slbackup Versions: 0.0.7-1(/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody_local_binary-i386_Packages) (/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody-test_local_binary-i386_Packages) (/var/lib/dpkg/status) 0.0.6-1(/var/lib/apt/lists/ftp.skolelinux.no_skolelinux_dists_woody-test_local_binary-i386_Packages) Reverse Depends: education-main-server,webmin-slbackup task-skolelinux-server,webmin-slbackup Dependencies: 0.0.7-1 - webmin (0 (null)) perl (0 (null)) libcgi-application-perl (0 (null)) libhtml-template-perl (0 (null)) libexpect-perl (2 1.15) slbackup (2 0.0.5-1) 0.0.6-1 - webmin (0 (null)) perl (0 (null)) libcgi-application-perl (0 (null)) libhtml-template-perl (0 (null)) libexpect-perl (2 1.15) slbackup (2 0.0.5-1) Provides: 0.0.7-1 - 0.0.6-1 - Reverse Provides: Her ser man at den finnes tilgjengelig i to versjoner,0.0.6-1 og 0.0.7-1. Hvis jeg nsker installere versjon 0.0.6-1, s gj res det med kommandoen apt-get install webmin-slbackup=0.0.6-1 ------------------------------------------------------------------------------- 8.9.9. Installere en pakke ved hjelp av dpkg Noen ganger s vil man laste ned en pakke manuelt fra et sted, f.eks fra hjemmesiden til Opera, da f r man en s kalt .deb-pakke liggende p sitt hjemmeomr de. For installere den, bruker man dpkg -i hvis du f rst nsker simulere s kj rer du dpkg --no-act -i ------------------------------------------------------------------------------- 8.9.10. Lete igjennom filer som installeres fra en bestemt pakke Noen ganger er det kjekt vite hvilke filer som kommer fra en bestemt pakke, du f r en oversikt med dpkg -L ------------------------------------------------------------------------------- 8.9.11. Finne hvilken pakke en fil kommer fra Hvis du nsker vite fra hvilken pakke en bestemt fil kommer fra, s vil dpkg -S hjelpe deg med det. ------------------------------------------------------------------------------- 8.9.11.1. Pakke ut filer fra en pakke, uten installere den. Det kan hende at du har ved en feil slettet en viktig systemfil, og at du kanskje ikke har backup av den den, hva da? Hvis du med kommandoen dpkg -S vet fra hvilken pakke denne filen opprinnelig kom fra, s kan du pakke ut denne pakken, og s f tilbake den manglende systemfilen. F rst m du f tak i den aktuelle .deb-pakken, n r du har gjort det s kan du f.eks plassere den i katalogen /tmp, deretter pakker du ut filene som ligger i den med kommandoen dpkg -X /tmp da vil den opprette n dvendige kataloger i /tmp og plassere filene den. Warning Pakk aldri ut pakken direkte i /-katalogen! ------------------------------------------------------------------------------- 8.9.12. Eget lokalt speil med deb-pakker. Det finnes enkelte pakker jeg ofte installerer, og som jeg noen ganger skulle nske jeg hadde sluppet m tte hente fra Internett hver gang, selv om apt-get gj r det installere fra nettet veldig behagelig, s kan nok dessverre ikke apt-get ke hastigheten p min internett-forbindelse. Men, jeg kan bruke apt-get til lage mitt eget speil av de pakkene jeg har lastet ned, slik at jeg i fremtiden n r jeg neste gang vil installere disse pakkene, s vil apt-get hente pakkene som jeg allerede har lastet ned, det g r fort. mkdir /var/www/dpkg cp /var/cache/apt/archives/*.deb /var/www/dpkg cd /var/www/ dpkg-scanpackages dpkg /dev/null | gzip -9c > dpkg/Packages.gz Deretter m en ny linje i /etc/apt/sources.list legges til deb file:///var/www dpkg/ Deretter m du som vanlig kj r en apt-get update for oppdatere din pakkedatabase. ------------------------------------------------------------------------------- 8.10. Kvotesystem p harddiskplass * F rst m vi installere de n dvendige pakkene, om vi ikke allerede har dem installert. apt-get install quota quotatool * Deretter m vi muliggj re bruk av kvoter p den nskede partisjonen, m da f rst legge inn en linje i fila /etc/fstab. Gj r dette for partisjonen / skole/tjener/home0 /dev/vg_data/lv_home0 /skole/tjener/home0 ext3 defaults,usrquota,grpquota 0 2 med flaggene 'usrquota' og 'grpquota' s har vi n muliggjort bruk av brukerkvoter og gruppekvoter p partisjonen /skole/tjener/home0, for at dette skal tre i kraft m partisjonen umountes og s mountes, evt du rebooter maskinen. * S m vi lage databasene som inneholder info om kvotene: touch /skole/tjener/home0/quota.user touch /skole/tjener/home0/quota.group chmod 600 /skole/tjener/home0/quota.user chmod 600 /skole/tjener/home0/quota.group Deretter sjekker du at quota.user og quota.group er tomme f r databasene initialiseres: ls -lh /skole/tjener/home0/quota* skal gi at quota.user og quota.group har null st rrelse. Deretter initialiseres databasene med kommandoen quotacheck -avug deretter sjekker du at databasene ikke lenger er null i st rrelse ls -lh /skole/tjener/home0/quota* * S skrur vi p kvotene: quotaon -a * S m vi sette kvoter p noen brukere. edquota -u klaus tar oss inn i en vi-basert kvoteeditor der setter vi opp kvoten slik vi vil ha den for klaus, hvis vi synes at dette er slik vi vil ha det for alle v re brukere, s kan vi bruke kvotest rrelsen til klaus som mal for de andre brukerene. N r dette er gjort, s sjekker vi hvordan tilstanden p diskkvotene n er, repquota /skole/tjener/home0 gir da tjener:~# repquota /skole/tjener/home0 *** Report for user quotas on device /dev/vg_data/lv_home0 Block grace time: 7days; Inode grace time: 7days Block limits File limits User used soft hard grace used soft hard grace ---------------------------------------------------------------------- root -- 1198381 0 0 12832 0 0 daemon -- 4 0 0 5 0 0 bin -- 1 0 0 1 0 0 man -- 1000 0 0 28 0 0 lp -- 81 0 0 198 0 0 mail -- 5233 0 0 444 0 0 news -- 1 0 0 1 0 0 proxy -- 126788 0 0 4722 0 0 junkbust -- 5 0 0 3 0 0 klaus -- 1993 1500 2000 268 0 0 test16 -- 5 0 0 4 0 0 test15 -- 5 0 0 4 0 0 test14 -- 5 0 0 4 0 0 test13 -- 5 0 0 4 0 0 Her har brukeren klaus en softlimit p 1.5MB og en hardlimit p 2MB. * Hvis vi har en liste med brukernavn i fila Liste_Med_Brukernavn.txt p formen jan janak janne s kan vi gi alle disse samme kvotest rrelse som klaus med kommandoen for x in `cat Liste_Med_Brukernavn.txt `;do edquota -p klaus $x;done Hvis vi n ser p hvordan tilstanden p kvotene er, s skal vi se at alle brukerene har f tt samme kvote som klaus tjener:~# repquota /skole/tjener/home0 *** Report for user quotas on device /dev/vg_data/lv_home0 Block grace time: 7days; Inode grace time: 7days Block limits File limits User used soft hard grace used soft hard grace ---------------------------------------------------------------------- root -- 1198381 0 0 12832 0 0 daemon -- 4 0 0 5 0 0 bin -- 1 0 0 1 0 0 man -- 1000 0 0 28 0 0 lp -- 81 0 0 198 0 0 mail -- 5233 0 0 444 0 0 news -- 1 0 0 1 0 0 proxy -- 126788 0 0 4722 0 0 junkbust -- 5 0 0 3 0 0 klaus +- 1993 1500 2000 268 0 0 test16 -- 5 1500 2000 4 0 0 test15 -- 5 1500 2000 4 0 0 test14 -- 5 1500 2000 4 0 0 test13 -- 5 1500 2000 4 0 0 Hvis du bruker LDAP s kan du kjapt skaffe deg en liste over dine brukere med kommandoen getent passwd|grep home0|cut -d":" -f1>Liste_Med_Brukernavn.txt sjekk at Liste_Med_Brukernavn.txt er slik du vil ha den. * Aktuelle kommandoer for l re seg mere om diskkvoter for brukere og grupper er + man edquota + man quota + man quotacheck + man quotaoff + man quotaon + man quotastats + man quotatool + man repquota ------------------------------------------------------------------------------- 8.10.1. Stoppe fila .xsession-error fra fylle hele harddisken Det hender noen ganger at et program "sl r seg vrang" og begynner skrive enorme mengder med feilmeldinger til fila .xsession-errors p brukerens hjemmeomr de. Noen program, spesielt GIMP har den egenskap at det er istand til p noen f minutter lage en s stor .xsession-erros at hele harddisken blir full, med det resultat at alt slutter virke, da m root-brukeren inn p Hovedtjeneren og f rst finne denne fila, deretter slette den. Dette er ikke spesielt trivelig, eller nskelig i en skolehverdag. Derfor, selv om en slik feilmeldingsfil som .xessions-errors sikkert er nyttig ha for diagnostisere problemer, s er den mer til ugang i skolehverdagen, derfor velger vi velge bort denne egenskapen, det gj r vi ved omdirigere alle meldinger som ellers ville ha blitt skrevet til denne fila, rett til s ppleb ta /dev/null. Ved endre p noen linjer i fila /etc/X11/Xsession, sett et kommentartegn(#) foran disse linjene, p denne m ten: #ERRFILE=$HOME/.xsession-errors # ## attempt to create an error file; abort if we cannot #if touch $ERRFILE 2> /dev/null && [ -w $ERRFILE ]; then # chmod 600 "$ERRFILE" #elif ERRFILE=$(tempfile 2> /dev/null); then # if ! ln -sf "$ERRFILE" "${TMPDIR:=/tmp}/xsession-$USER"; then # message "Xsession: unable to symlink \"$TMPDIR/xsession-$USER\" to" \ # "\"$ERRFILE\"." # fi #else # errormsg "Xsession: unable to create X session log/error file. Aborting." #fi # #exec > "$ERRFILE" 2>&1 Og sett inn disse to linjene istdedenfor: errfile="/dev/null" exec > "$errfile" 2>&1 N trenger du ikke v re redd for at .xsession-errors vil fylle opp hele harddisken din. ------------------------------------------------------------------------------- Chapter 9. Services out-of-the-box in Skolelinux/Debian-edu ------------------------------------------------------------------------------- Chapter 10. Tynnklienter 10.1. Legge til en skriver, p en tynnklient Warning F r du pr ver legge til en skriver i Skolelinux/Debian-edu, egentlig b r du faktisk gj re det f r du kj per en skriver, s sjekk p sidene til linuxprinting.org om din skriver er st ttet ut-av-boksen med Linux. Hvis din skriver er klassifisert som "paperweight", s kast den, eller bruk den som d rstopper. Oppskrift, sette opp skriver p tynnklient * Plugg i printeren i tynnklienten, jeg bruker i mitt eksempel en printer p parallellporten, derfor '/dev/lp0' * Legg inn denne tynnklientens MAC-adresse i Webmin, f.eks som ltsp050. * G inn i /opt/ltsp/i386/etc/lts/lts.conf, og legg til disse linjene [ltsp050] PRINTER_0_DEVICE =/dev/lp0 PRINTER_0_TYPE =P Hvis denne tynnklienten trenger andre konfigurasjonslinjer i tillegg, s legg dem til her, kanskje dens skjermkort ikke lar seg autodetektere osv. * G inn i K-meny->Kontrollsenter->system->utskrifts-styrer og trykk p "tryllestav"-ikonet for legge til en printer. Velg "Nettverksprinter(tcp) " ved valg av bakgrunnsoppl sning. Trykk OK (eller er det neste?) * Trykk p knappen "innstillinger". der hvor det st r 10.2.0, skriver du 192.168.0 istedenfor, hvis den henger p en tynnklient, la de andre verdiene v re som de er. Trykk OK. Trykk s p knappen "let", den vil da lete etter din printer, det tar ca 30-60 sekunder. I den store ramma til venstre vil da informasjon om den tynnklienten som har en printer koblet til dukke opp, velg den, og resten med valg av printer og driver er da ganske greit, h per jeg :-) * Man kan oppleve ved utskrift av "Test-side" at printeren reagerer, men allikevel ikke vil skrive, da kan det v re at printeren er stilt inn p for h y oppl sning, fors k da f rst med 150 ppt. ------------------------------------------------------------------------------- 10.2. Muliggj re bruk av diskett p en tynnklient +-----------------------------------------------------------------------------+ | Nylig har det blitt lagd pakker for Skolelinux/Debian-edu som gj r det | | lettere sette opp bruk av usb-penner og disketter p tynnklienter. | | | | apt-get install ltsp-usb ltsp-floppy | | | | da trenger du ikke laste ned ltsp_floppy. | +-----------------------------------------------------------------------------+ Hent pakken ltsp_floppy fra http://prdownloads.sourceforge.net/ltsp pakk den ut og kj r install-scriptet. Deretter legger du inn linja RCFILE_01 = floppyd i fila /opt/ltsp/i386/etc/lts.conf for hver tynnklient du vil ha floppyaccsess p , eller legg den under [Default] hvis du vil at alle skal ha det. Dette er et eksempel hvor alle tynnklienter har mulighet for lokal bruk av diskettstasjon. [Default] SERVER = 192.168.0.254 XSERVER = auto X_MOUSE_PROTOCOL = "PS/2" X_MOUSE_DEVICE = "/dev/psaux" X_MOUSE_RESOLUTION = 400 X_MOUSE_BUTTONS = 3 USE_XFS = Y XkbLayout = no SEARCH_DOMAIN = intern X_MOUSE_EMULATE3BTN = Y LOCAL_APPS = N RUNLEVEL = 5 RCFILE_01 = floppyd Du trenger en fil p hjemmeomr dene til alle som skal kunne bruke diskett p tynnklientene, fila skal hete .mtoolsrc, merk deg punktumet i filnavnet. Fila skal inneholde linja drive a: file="$DISPLAY" remote 1.44m mformat_only For at du skal kunne gi alle dine brukere denne fila uten at du m gj re for mye arbeid, anbefaler jeg f lgende oppskrift, som root lager du denne fila, og lagrer den p /tmp. Deretter gj r du f lgende: for dir in /skole/tjener/home0/*; do cp /tmp/.mtoolsrc $dir/; chown --reference =$dir $dir/.mtoolsrc; done Da skal alle mapper som ligger p /skole/tjener/home0 ha f tt fila .mtoolsrc, pluss at eierskapet p fila settes likt den som eier mappen, ellers hadde fila v rt eid av root. Husk ogs gj re f lgende endringer i fila /etc/devfs/perms, forandre linja (fra 0660 til 0666) REGISTER ^floppy/.* PERMISSIONS root.floppy 0660 til REGISTER ^floppy/.* PERMISSIONS root.floppy 0666 Som grafisk program anbefaler jeg MToolsFM, apt-get install mtoolsfm. Det finnes andre, som f.eks Konqueror, men den har noen sm bugs forbundet med floppy p tynnklienter. Ulempen med ha en slik .mtoolsrc fil liggende p hjemmeomr det, er at man da ikke helt uten videre f r tilgang til floppy fra Hovedtjener og Arbeidsstasjoner. Jeg har kun tynnklienter, s jeg har ikke sett p en l sning p det, men det burde ikke v re vanskelig l se dette.(Se avsnitt Section 10.2.2) ------------------------------------------------------------------------------- 10.2.1. Bruk av MToolsFM MToolsFM finner du i menyen under K-meny->verkt y->Debian Figure 10-1. MToolsFM oppstartsbilde [SLX32] Dette er bilde som m ter deg n r du starter MToolsFM, husk ha en diskett i diskettstasjonen n r du starter MToolsFM. MToolsFM har to vinduer, vanligvis viser det ene vinduet innholdet p disketten (a:), og det andre innholdet p harddisken(Harddisk). I dette eksempelet er vinduet til venstre innholdet p disketten, og vinduet til h yre innholdet p harddisken. Man kan selv velge hva som skal v re hva ved benytte seg av funksjonen for bytte, denne finne oppe i hj rnene. Man markerer den filen man nsker jobbe med ved venstreklikke p filnavnet, da blir den markert, og man bruker s knappene for flytte filer frem og tilbake, disse knappene befinner seg midt i mellom vinduene, og er merket med "Copy". Ved h yreklikke p filnavn/katalognavn s f r man opp flere valg. Figure 10-2. Valgmuligheter [SLX34] ------------------------------------------------------------------------------- 10.2.2. .mtoolsrc b de p tynnklient og arbeidsstasjon Ved hjelp av et lite triks. S rg for at alle brukere som skal kunne bruke diskett p b de tynnklienter, og arbeidsstasjoner har denne fila floppycheck.sh i Autostart-katalogen, .kde/ Autostart, se avsnitt Section 10.2 og Section H.4 Denn fila floppycheck.sh skal se slik ut #!/bin/bash CLIENT=`echo $DISPLAY | tr 0-9 "-" | sed -e s/-.*//` if [ $CLIENT = "ltsp" ]; then echo 'drive a: file="$DISPLAY" remote 1.44m mformat_only' > ~/.mtoolsrc else echo 'drive a: file="/dev/floppy/0" 1.44m mformat_only' > ~/.mtoolsrc fi Det dette scriptet gj r er lage en ny versjon av .mtoolsrc basert p hva slags maskin brukeren logger seg p , tynnklient eller arbeidsstasjon. Husk gj re dette scriptet kj rbart med chmod 755 .kde/Autostart/floppycheck.sh ------------------------------------------------------------------------------- 10.3. Muliggj re bruk av USB-penn p en tynnklient +-----------------------------------------------------------------------------+ | Nylig har det blitt lagd pakker for Skolelinux/Debian-edu som gj r det | | lettere sette opp bruk av usb-penner og disketter p tynnklienter. | | | | apt-get install ltsp-usb ltsp-floppy | | | | da trenger du ikke laste ned ltsp_floppy. | +-----------------------------------------------------------------------------+ Det l nner seg s rge for at den aktuelle tynnklienten f r de n dvendige drivermoduler lastet, legg til disse linjene i /opt/ltsp/i386/etc/lts.conf [ltsp043] MODULE_01 = "usb-uhci" MODULE_02 = "usb-storage" MODULE_03 = "sd_mod" RCFILE_02 = usbpen s rg for at filen du n lager heter det samme som den i linja over med RCFILE_02, du m ha floppyd lagt inn som fra Section 10.2, deretter kan du modifisere floppyd s den passer for USB-penner. cp /opt/ltsp/i386/etc/rc.d/floppyd /opt/ltsp/i386/etc/rc.d/usbpen Dette er innholdet i min /opt/ltsp/i386/etc/rc.d/usbpen #!/bin/bash # # First, since floppyd runs as nobody, make /tmp world accessible. # chmod 777 /tmp # # Second, probe for the floppy # modprobe usb-storage insmod usb-storage # # Third, make the floppy world accessible. # mknod /dev/sda b 8 0 mknod /dev/sda1 b 8 1 chmod 666 /dev/sd* # # Finally, start floppyd. # floppyd -d /dev/sda1 Litt avhengig av hva slags type USB-penn du har, s kan det hende at du m bytte ut floppyd -d /dev/sda1 med floppyd -d /dev/sda, dvs uten "1"-tallet. Hvis du har SCSI-harddisker, s pleier de v re /dev/sda1, da m du sjekke / var/log/syslog for mer info om hvilken device din USB-penn bruker. Se Section G.6 for hvordan dette er mulig p en vanlig Hovedtjener, Arbeidsstasjon eller Tynnklientjener. ------------------------------------------------------------------------------- 10.3.1. Feilmelding av typen mtools_skip_check=1 Med noen typer usb-penner vil du se en feilmelding av typen Total number of sectors not a multiple of sectors per track! Add mtools_skip_check=1 to your .mtoolsrc file to skip this test Du kan da enten legge til denne linja "mtools_skip_check=1" i fila .mtoolsrc, eller legge denne linja i den globale konfigurasjonsfila til mtools, /etc/ mtoolsfm.conf ------------------------------------------------------------------------------- 10.4. Lyd p tynnklienter Javisst!. Sitter og h rer p NRK P3 p en tynnklient akkurat n . Begyn med laste ned pakken ltsp_sound ------------------------------------------------------------------------------- Chapter 11. Spesialtilpassning for dine brukere Det finnes mange ting du kan gj re for dine brukere, slik at deres opplevelse av jobbe med en Skolelinux/Debian-edu-maskin blir overlegen alt de kjenner fra f r, tro meg. ------------------------------------------------------------------------------- 11.1. Bestemme hvilke kataloger brukerene skal ha I utgangspunktet f r alle dine brukere to kataloger opprettet n r de blir opprettet drwxrwx--- klaus klaus priv drwxrwxr-x klaus klaus pub dvs en katalog som er pen for alle se i, pub og en som er lukket for andre priv. Hvis du ikke er komfortabel med ideen om at dine brukere skal forst meningen med en lukket (priv) og en pen katalog (pub) p sitt hjemmeomr det, s kan du selv endre p dette. Du kan enten l se katalogene p toppniv etter at brukerene er opprettet chmod 700 /skole/tjener/home0/*, eller pne dem litt chmod 711 /skole/tjener/home0/* Hvis du nsker at dine brukere skal f flere kataloger lagd n r de opprettes, f.eks katalogene matematikk, norsk, tysk, fransk, s kan dette ordnes ved endre litt p fila /usr/share/webmin/ldap-users/createhomedir, ved legge til disse linjene: # Lag katalog relatert til faget matematikk mkdir "$homedir/matematikk" chmod 0770 "$homedir/matematikk" # Lag katalog relatert til faget norsk mkdir "$homedir/norsk" chmod 0770 "$homedir/norsk" # Lag katalog relatert til faget tysk mkdir "$homedir/tysk" chmod 0770 "$homedir/tysk" # Lag katalog relatert til faget fransk mkdir "$homedir/fransk" chmod 0770 "$homedir/fransk" ------------------------------------------------------------------------------- 11.2. Bestemme hvordan programmenyen skal se ut. Vi har et lite "luksusproblem" i Skolelinux/Debian-edu, vi har ikke for f program installert, men for mange. Mange av programmene er ikke n dvendige for alle brukerene, de er bare i veien og bidrar til gj re ting uoversiktlig. Heldigvis finnes det m ter avgj re hvordan menyen til en bestemt gruppe av brukere skal se ut. Det finnes et program i Skolelinux/Debian-edu som gj r denne jobben for oss p en enkel m te, det heter kschoolmenu, og du finner det i menyen under K-meny->Preferanser->System->Tilpassede K-menyer Tip Du kan ogs starte kschoolmenu fra kommandolinja med kommandoen kcmshell kschoolmenu Lage tilpassede menyer. * Start kschoolmenu, lag dine forskjellige menyer, og kall dem f.eks meny1, meny2, kurs * Lag dine meny-grupper med brukeradm-verkt yet i Webmin, kall dem f.eks meny1, meny2, osv. * Legg inn de brukerene du vil at skal f de forskjellige tilpassede menyene du har lagd. Hvis du vil at f.eks bruker perhan skal ha menyen som du har kalt meny1, s legger du inn perhan i gruppa som heter meny1. Se Section 12.3 for hvordan man oppretter grupper og brukere. Resultatet blir liggende i /var/lib/kschoolmenu, den kan du hvis du nsker ogs redigere for h nd. Hvis du har flere maskiner, og nsker ha denne samme menyen p dem alle, s er en rask m te f det til kopiere filene fra /var/ lib/kschoolmenu Figure 11-1. kschoolmenu, start [19-45] Dette er kschoolmenu slik den m ter deg n r du har startet den. Du ser to vinduer, i det til venstre ser du utvalget av program du kan ha i menyen, og til h yre ser du menyen som du holder p lage. Mellom dem ser du to piler, disse brukes for flytte program til/fra menyen din. Figure 11-2. kschoolmenu, add meny [18-45] Her velger du hva denne menyen skal hete, i dette tilfellet heter den meny1, husk at du m lage en gruppe med samme navn, og legge alle de aktuelle brukerene inn i denne gruppen for at de skal f denne menyen, se Section 12.3 for hvordan dette lettest gj res. ------------------------------------------------------------------------------- 11.3. Automatisk start av program ved innlogging. Det er enkelte program som dine brukere sikkert bruker hver eneste gang de logger seg p , kanskje flere. Da er det greit slippe starte disse manuelt, og heller la dem starte automatisk ved innlogging. Dette gj res ved kopiere inn snarveien til programmet inn i katalogen .kde/Autostart som ligger p brukerens hjemmeomr de. En lett m te f tak i disse snarveiene p er f rst "dra" dem fra K-menyen ved holde venstre museknapp inne og s "slippe" dem p bakgrunnen, og da velge "Kopier hit". Da har du en s kalt snarveifil liggende i katalogen Desktop, disse kopierer du s inn i katalogen .kde/Autostart, da vil disse programmene automatisk starte n r brukeren logger inn. ------------------------------------------------------------------------------- 11.4. Beskjed til alle ved p logging. Det finnes et program, xmotd - message-of-the-day browser som gj r det mulig vise frem innholdet i en fil n r en bruker logger seg p systemet, dette kan v re nyttig n r du f.eks nsker informere om en ny skriver, planlagt nedetid osv. Hvis du ikke har xmotd installert, s m du installere dette apt-get install xmotd Deretter m du muliggj re xmotd til vise en fil n r brukeren logger seg p . Legg til disse linjene i fila /etc/X11/Xsession xmotd -popdown 25 -geometry 500x500 /usr/local/motd \ -xrm "*title.label: Dagens beskjed" -always Dette vil da vise innholdet av fila /usr/local/motd n r en bruker logger seg p . -popdown 25 betyr at meldingen forsvinner etter 25 sekunder, mens -always betyr at meldingen skal vises hver gang brukeren logger seg p . Ta en titt p manualsiden til xmotd for en beskrivelse av de andre valgene, fra kommandolinja man xmotd ------------------------------------------------------------------------------- 11.4.1. Beskjed til en bestemt bruker ved p logging. Det er noen ganger n dvendig& nskelig gi en bestemt bruker en beskjed ved innlogging, f.eks n r brukeren har brukt mye plass p harddisken. Dette gj res ved legge til noen linjer i fila /etc/X11/Xsession if [ -e "/usr/local/beskjed/$USER" ]; then exec /usr/X11R6/bin/xmessage -file /usr/local/beskjed/$USER & fi Ved lage en fil ved navn klaus s vil denne fila bli vist n r brukeren klaus logger seg p . ------------------------------------------------------------------------------- 11.5. Gi beskjed til alle brukere som er p logget Hvis du har en maskin hvor du har installert b de Hovedtjener og tynnklienttjener, s kan du med et lite perl-script gi alle dine p loggede brukere en beskjed. #!/usr/bin/perl -w if (@ARGV != 3){ print "Bruk:\n\txwall.pl s keord tid beskjed\n"; print "\t s keord er det ordet du s ker p \n"; print "\t tid er den tiden i sekunder du vil at beskjeden skal v re synlig\n"; print "\t beskjed er beskjeden, b r skrives mellom anf rselstegn\n"; exit (1); } $SIG{CHLD}="IGNORE"; # in the unlikely event a child exits before the parent my ($procmatch, $timeout, $message) = ($ARGV[0],$ARGV[1],$ARGV[2]); foreach $pid (split /\s/,`/bin/pidof $procmatch`) { my ($display, $xauthority, $homedir); foreach $envvar (split /\00/,`cat /proc/$pid/environ`){ if ($envvar=~/DISPLAY=(.*)/){ $display = $1; } } foreach $var (split /\n/, `cat /proc/$pid/status`){ if ($var =~ /Uid:\s+?(\d*?)\s+?/) { my @uid = getpwuid($1); $homedir = $uid[7]; } } if ($display){ if (fork() == 0) { $ENV{DISPLAY}=$display; $ENV{XAUTHORITY}="$homedir/.Xauthority"; exec("xmessage -center -timeout $timeout '$message'"); } } } Dette scriptet lagres da som xwall.pl og brukes p f lgende m te perl xwall.pl alarmd 10 "Hei denne meldingen ser dere i 10 sekunder" Det som noen ganger kan v re litt kinkig er finne en prosesses som kan brukes som s keord som dekker samtlige p loggede brukere, jeg har gof erfaring med bruke prosessen alarmd som s keord. Pr v ps auxw|grep alarm s vil du se om dette passer som s keord for deg. Figure 11-3. Beskjed til alle p loggede [xwall] ------------------------------------------------------------------------------- 11.6. Automatisk innlogging av en bruker Warning Dette er ikke sikkerhetsmessig lurt, men veldig kjekt f.eks hvis du har et Skolelinux/Debian-edu nettverk hjemme, og du er eneste bruker. V r klar over at denne brukeren blir logget rett inn uten at det blir spurt om passord. Det er mulig automatisk logge inn en bestemt bruker p en bestemt tynnklient n r den blir skrudd p . Det gj res i file /etc/kde2/kdm/kdmrc, der legges f lgende linjer til: [X-ltsp010:0-Core] AutoLoginEnable=true AutoLoginUser=klaus Her blir brukeren klaus automatisk logget inn p tynnklient ltsp010 n r den blir skrudd p . For at dette skal virke s m du l se MAC-adressen til ip-nummeret. [X-ltsp058:0-Core] AutoLoginEnable=true AutoLoginUser=susanna Her blir brukeren susanna automatisk logget inn p tynnklient ltsp058. +-----------------------------------------------------------------------------+ | Avansert bruk av autoinnlogging | | | | Muligheten til logge inn presoner uten m tte taste inn brukernavn og | | passord er veldig kjekt n r man skal stressteste en Skolelinux/Debian-edu | | installasjon, ved lage en rekke testbrukere som man setter opp med | | autoinnlogging, s kan man f et overblikk over hvordan systemet oppf rer | | seg med mange brukere innlogget samtidig, hvis man kombinerer dette med | | automatisk start, se Section 11.3 av flere tyngre applikasjoner som f.eks | | gimp, OpenOffice, Mozilla, kstars s vil testen bli enda mere realistisk. | +-----------------------------------------------------------------------------+ ------------------------------------------------------------------------------- 11.6.1. Automatisk utfylling av brukernavn i innlogginsboksen Hvis du har en tynnklient plassert et sted for alltid den ene samme personen logger p , f.eks inne p et kontor, s er det kanskje greit for denne brukeren slippe skrive inn sitt brukernavn, bare sitt passord. Ved legge til f lgende linjer i fila /etc/kde2/kdm/kdmrc [X-ltsp059:0-Greeter] PreselectUser=Default DefaultUser=perbart S vil tynnklient ltsp059 ha ferdig utfylt perbart som brukernavn, det eneste brukeren da m skrive inn er sitt brukernavn. Hvis en annen bruker enn perbart vil bruke denne tynnklienten, s lar det seg enkelt gj re ved at perbart fjernes fra innlogginsboksen til fordel for denne andre brukerens brukernavn. ------------------------------------------------------------------------------- 11.7. Sette opp skrivebord, menylinjer, osv likt for alle n r brukeren blir opprettet. Noen synes kanskje at utseende p "skrivebordet" som f lger med Skolelinux/ Debian-edu ikke er helt optimalt. Kanskje nsker du at alle brukerene skal ha et annet bakgrunnsbilde, andre ikoner p skrivebordet, andre ikoner p meny- og verkt ylinjer i KDE. Da hadde det jo v rt kjekt om dette kunne ordnes slik at alt dette ble gjort en-gang-for-alle, p en enkel m te. Hemmeligheten ligger i plassere de filene du vil at alle brukere skal f n r de opprettes, i korrekt katalog, i dette tilfellet s er det katalogen /etc/ skel. Hvis dine brukere allerede eksistere s se Section 10.2 og Section H.4. Alt som plasseres i katalogen /etc/skel blir kopiert til brukerens hjemmeomr de n r brukeren opprettes. F.eks hvis en fil test.txt plasseres der, s vil den bli lagt p hjemmeomr det med riktige rettigheter og eierskap. Det vi nsker er at alle i utgangspunktet skal f et forh ndsdefinert oppsett av bakgrunn, skrivebord, menylinje osv i KDE. M ten dette gj res p er lage en mal-bruker, kall denne brukeren f.eks mal, se Section 12.3 for hvordan en bruker opprettes. Logg inn som denne brukeren, sett s opp ting p den m ten du vil ha det, og kopier s katalogen som inneholder alle relevante KDE konfigurasjons filer inn i /etc/skel. KDE konfigurasjons filene ligger i katalogenene under .kde Lag f rst katalogen /etc/skel/.kde med mkdir /etc/skel/.kde, kopier s med kommandoen cp -ar /skole/tjener/home0/mal/.kde/* /etc/skel/.kde Alt du ser i ditt KDE skrivebordsmilj er en innstilling i en eller annen KDE konfigurasjonsfil. F.eks s er egenskapane til bakgrunnssnarveiene dine bestemt i fila Desktop/et-eller-annet.desktop, f.eks er dette et utdrag av innholdet i snarveien til OpenOffice.org Writer [Desktop Entry] Comment= Exec=/usr/bin/oowriter Icon=ooo_writer.xpm Name=OpenOffice.org Writer ServiceTypes= Type=Application her sees det tydelig hvordan man kan endre egenskaper som filbane til der hvor programmet ligger, hva slags bilde som skal brukes som ikon osv. ------------------------------------------------------------------------------- 11.7.1. Kicker, nederste menylinje Figure 11-4. kicker [41-45] En annen viktig katalog for slike KDE konfigurasjonsfiler er .kde/share/config, her ligger omtrent alle konfigurasjonfilene til KDE programmer, den kjekkeste vite noe om er fila .kde/share/config/kickerrc som bestemmer hvordan menylinja nederst i ditt skjermbilde skal se ut. ------------------------------------------------------------------------------- 11.7.2. Ikoner p skrivebordet, bakgrunnen Hva som ligger p skrivebordet av ikoner og andre typer snarveier, bestemmes av hva som ligger i katalogen Desktop. Alt som legges i katalogen /etc/skel/ Desktop havner derfor p skrivebordet til alle nye brukere. Kopier snarveier som du nsker at alle skal ha inn i denne katalogen, se Section H.4 for hvordan slike .desktop-filer kopieres. ------------------------------------------------------------------------------- Chapter 12. Daglig drift av Skolelinux/Debian-edu nettverket med Webmin 12.1. Passordet til Webmin Under installasjonen av Skolelinux/Debian-edu, se Figure 6-4 s blir du bedt om oppgi du et passord. Dette passordet er utgangspunktet for 2 forskjellige passord, et av dem bruker du n r du logger deg p Webmin, samtidig som det ogs er root-passordet og det andre er LDAP-passordet. For endre root/ Webmin-passordet, kan du enten bruke kommandolinje og kommandoen passwd eller programmet kdepasswd, det finner du i K-meny->Verkt y->Bytt passord. ------------------------------------------------------------------------------- 12.2. Backup Det er inkludert en backup modul i Webmin, den finner du under fanen "Servers" og "Skolelinux Backup", eller https://tjener.intern:10000/slbackup Figure 12-1. Webmin servers [01-45] Dette er stedet i Webmin hvor du finner slbackup. Figure 12-2. slbackup, general [02-45] slbackup har 5 operasjonsmoduser; * General, Figure 12-2 * Backup details, Figure 12-3 * Restore, Figure 12-6 * Maintenance, Figure 12-8 * SSH keys, Figure 12-9 Figure 12-3. slbackup, backup details [03-45] Her angir du n r (klokkeslett) du nsker at backup skal finne sted, det vil da skje hver dag til det tidspunktet. +-----------------------------------------------------------------------------+ | slbackup expert-tips | | | | Det g r an sette slbackup til ta backup oftere enn en gang per dag, det | | gj res ved endre /etc/cron.d/slbackup. | +-----------------------------------------------------------------------------+ Figure 12-4. slbackup, backup details, client [04-45] Her konfigurer du hvilke maskiner du nsker ta backup av. Du spesifiserer den aktuelle ip-adressen, samt hvilke kataloger du nsker ta backup av, du setter her ogs hvor lenge du skal ta vare p backupen. Figure 12-5. slbackup, backup details, server [05-45] Her setter du opp hvordan maskinen som skal utf re backup skal oppf re seg. Det viktigste her er hvor backupen skal legges. I utgangspunktet er lvm-partisjonen /skole/backup valgt som backup-partisjon, se avsnitt Section 8.5.3. Men det er ingenting i veien for at du setter inn en ekstra harddisk, og kj rer backup til denne istedenfor. Den observante leser vil legge merke til at vi plasserer backupen p samme harddisk som vi tar backup av. Dumt? Det gir mening hvis vi tar backup som en ektraservice ovenfor brukerene, de har det med slette feil fil. Det er selvsagt dumt legge backupen p den samme harddisken som vi tar backup av hvis harddisken g r i stykker, da er det lurere sette opp en maskin med profilen Arbeidsstasjon, se Section 2.5, og p den sette inn noen skikkelig store harddisker, og velge i slbackup at backupen skal plasseres eksternt. Figure 12-6. slbackup, restore [06-45] Hva godt er vel et backupverkt y hvis man ikke kan hente tilbake filer som har blitt slettet? Ved velge "Restore" f r man muligheten til velge fra hvilken maskin man nsker hente ut fra, samt hvilken fil eller hel katalog man nsker hente ut, man kan ogs velge hente ut alt som er tatt backup av p den aktuelle maskinen. Figure 12-7. slbackup, restored files [11-45] N r du har valgt fra hvilken maskin du nsker hente ut din backup, s vil du f ytterligere flere valg, blant annet kan du velge fra hvilken dato/ klokkeslett du nsker hente ut din backup, du kan ogs velge hvor du vil ha dem plassert, i utgangspunktet s plasseres de i katalogen /tmp/. At filene som hentes ut blir plassert i katalogen /tmp/ er lurt. Alt som plassers i denne katalogen blir slettet n r maskinen rebooter, dessuten det plassere dem der, i denne midlertidige katalogen forhindrer at du ved et uhell overskriver feil filer. Etter at du har hentet ut de filene du trenger, s m du g inn i denne katalogen, /tmp/, og med en filbehandler, se Section 13.4, hente ut de filene du nsker. Figure 12-8. slbackup, Maintenance [12-45] Ved velge "maintenance" f r du muligheten til slette gammel backup som du ikke lenger har bruk for, eller plass til. Figure 12-9. slbackup, SSH keys [13-45] For at du skal kunne ta backup over nett fra andre maskiner, uten hver gang bli spurt om et passord, s blir istedenfor SSH satt opp p en slik m te at du kun skriver inn passordet en gang. ------------------------------------------------------------------------------- 12.2.1. Sammenligne forskjellige versjoner av samme fil Hvis du har " delagt" formatet p en fil, f.eks /etc/dhcp3/dhcpd-skolelinux, men vet at du har en backup av denne fila som er i orden, da kan du bruke et av flere program for sammenligne de forskjellige versjonene. Hvis du har valgt restore, s vil den gamle versjonen av fila /etc/dhcp3/dhcpd-skolelinux bli plassert i katalogen /tmp//etc/dhcp3/dhcpd-skolelinux. Det f lger med et kommandolinjebasert program for se p forskjellen mellom filer, det heter diff, og brukes p denne m ten diff /tmp//etc/dhcp3/dhcpd-skolelinux /etc/dhcp3/dhcpd-skolelinux Jeg har i dette eksempelet to versjoner av fila dhcpd-skolelinux, den ene inneholder en feil, den mangler to }-parenteser. Dette er resultatet av kj re kommandoen diff p de to filene: klaus@tjener:~$ diff /etc/dhcp3/dhcpd-skolelinux.conf /tmp/tjener/etc/dhcp3/dhcpd-skolelinux.conf 217c217 < } --- > 225c225 < } --- > Heldigvis finnes det ogs andre program som gj r samme jobben, et av dem mgdiff kan installeres med apt-get install mgdiff se Section 8.9 for hvordan man legger inn nye pakker. mgdiff har et grafisk grensesnitt(GUI). Hvis jeg starter mgdiff og pner de to filene i dette programmet, se er det dette jeg ser: Figure 12-10. mgdiff [mgdiff] ------------------------------------------------------------------------------- 12.2.2. Egen dedikert backupserver Warning Det er egentlig ikke meningen at slbackup skal brukes p denne m ten. Dette gj r du p eget ansvar. Ved f.eks sette opp en maskin med profilen "Arbeidsstasjon", Section 2.5, og p denne legge inn Webmin og slbackup, s kan man rask sette opp en meget brukervennlig og kraftig backup-maskin. apt-get install slbackup webmin-slbackup Dette kombinert med lage et eget backup-volum, se Section 8.5.7, er en fin m te hele tiden backup av filer. Ved legge til flere clienter, se Figure 12-3, ved fylle inn ip-nummeret til den maskinen du nsker ta backup av, f.eks s er ip-nummeret til "Hovedserveren" 10.0.2.2 V r klar over at det ta backup over nettverket kan ta lang tid, det b r derfor gj res utenom kontortid/skoletid. ------------------------------------------------------------------------------- 12.2.3. slbackup fra kommandolinja Det finnes kommandoer som kan kj res fra kommandolinja, s slipper man starte en Webmin og en nettleser. Liste tidspunkt det finnes backup fra (lokalt og eksternt): rdiff-backup --list-increments /skole/backup/tjener rdiff-backup --list-increments backup.intern::/skole/backup/tjener Liste filer i en gitt backup ('--list-at-time now' gir siste): rdiff-backup --list-at-time 2004-02-22T01:30:02-04:00 /skole/backup/tjener/etc/ltsp/ Restore filer fra en gitt tid ('--restore-as-of now' gir siste): rdiff-backup --restore-as-of 2004-02-22T01:30:02-04:00 /skole/backup/tjener/etc/dhcpd.conf /tmp/dhcpd.conf ------------------------------------------------------------------------------- 12.2.4. Loggfilene til slbackup slbackup logger til fila /var/log/slbackup/slbackup.log. Der logges informasjon om n r backup sist ble utf rt, hvor mye som ble endret osv --------------[ Session statistics ]-------------- StartTime 1086202803.00 (Wed Jun 2 21:00:03 2004) EndTime 1086204514.88 (Wed Jun 2 21:28:34 2004) ElapsedTime 1711.88 (28 minutes 31.88 seconds) SourceFiles 56607 SourceFileSize 1625082476 (1.51 GB) MirrorFiles 41244 MirrorFileSize 1060012665 (1011 MB) NewFiles 15372 NewFileSize 564463215 (538 MB) DeletedFiles 9 DeletedFileSize 65488 (64.0 KB) ChangedFiles 344 ChangedSourceSize 667575185 (637 MB) ChangedMirrorSize 666903101 (636 MB) IncrementFiles 15725 IncrementFileSize 1936873 (1.85 MB) TotalDestinationSizeChange 567006684 (541 MB) Errors 0 -------------------------------------------------- Jun 02 21:28:36 - Successfully finished backing up client tjener Jun 02 21:28:36 - Finished slbackup. Det kan l nne seg en gang i blant ta en titt p denne fila, sjekke at du har "Successfully finished backing up" ------------------------------------------------------------------------------- 12.3. wlus - Webmin Ldap User Simple Det har eksistert flere systemer for brukerinformasjon og administrasjon i Skolelinux/Debian-edu, men n bruker vi LDAP og verkt yet WLUS, og ikke /etc/ passwd og tilh rende kommandoer som adduser, useradd, etc. For f tilgang til Webmin, s pek din favoritt nettleser til adressen https:/ /tjener .intern:10000/ldap-users du kan bruke hvilken som helst nettleser, du kan ogs koble opp en Mac-maskin og gj re det derifra. Figure 12-11. Webmin loggin [wlus01] Det f rste som m ter deg er en dialogboks hvor du m logge deg p som brukeren root, med det passordet du lagde under installasjonen, se Figure 6-4 Figure 12-12. WLUS velkomstskjerm [wlus03] Etter at du har logget deg p Webmin vil du s f opp denne velkomstskjermen til WLUS (Den er i dette dokumentet forel pig p engelsk, men det blir i disse dager oversatt til norsk). Ettersom vi ikke har lagt til noen brukere, s er det mest naturlig for oss velge "New User(s)". Men f r vi gj r det s kan det kanskje v re nskelig tilpasse WLUS v re behov. Figure 12-13. Konfigurasjon av WLUS [wlus04] Ved g inn p "Module Config" s kan vi endre p hvor strenge vi skal v re med hvordan passordet skal v re, samt hvor vi nsker at brukerenes hjemmeomr der skal ligge, pluss andre ting. N r du er ferdig med dine endringer, s trykker du p "Save". N burde vi v re klare til lage nye brukere, det f rste vi burde gj re er lage oss en test-bruker. En bruker vi bruker som mal-bruker for sette opp ting n yaktig slik vi vil ha det for alle v re brukere, ta en titt p Chapter 11 Figure 12-14. Ny bruker [wlus16] N burde vi v re klare til lage nye brukere, det f rste vi burde gj re er lage oss en test-bruker. En bruker vi bruker som mal-bruker for sette opp ting n yaktig slik vi vil ha det for alle v re brukere, ta en titt p Chapter 11Det finnes to forskjellige m ter legge inn nye brukere p , enten en om gangen, eller en hel haug via en s kalt semikolonseparertfil(;). Ved trykke p "New User(s)" s f r man opp en ganske lang side, p toppen er det mulighet for legge inn en og en bruker manuelt ved oppgi for/etternavn, samt passord om nskelig. Litt lengre ned p siden finnes muligheten for legge til flere bruker i en sleng fra fil, s kalt "Add users from file" N r vi legger til en bruker p denne m ten, s blir brukernavnet bestemt av datamskinen, om nskelig ogs passordet, men det kan overstyrers ved merke av for "Common password - Yes" og s oppgi et nsket passord. Husk ogs p velge hva slags rolle den nye brukeren skal ha. Figure 12-15. Resultat av Ny Bruker [wlus17] N r nye brukere har blitt lagd med WLUS, s kvitteres det med informasjon om navn, brukernavn og passord, lagd p en slik m te at det lett kan klippes ut og gis til brukeren. Figure 12-16. Fileimport filen [wlus15] Det er ogs mulig legge inn en hel klasse med brukere, eller en hel skole. Ved benytte oss av den andre m ten legge til brukere p , nemlig fra en s kalt semikolonseparert fil. Formatet p denne filen er forskjellige felt adskilt med et semikolon. Denne filen kan man lage ved eksportere til en semikolonseparert fil fra skolens database over elever som g r der, eller ved eksporter fra OpenOffice/Excel, eller bruker en vanlig simpel tekstredigerer som K-meny->Tekstredigerere->Tekst redigerer Figure 12-17. Fileimport [wlus07] For bruke filimportfunksjonen s m du bla deg ned til slutten av siden, der finner du en dialogboks for filopplasting. Finn din fil med de semikolonseparerte brukerene. N r du har funnet den, s velger du "Add users from file" Figure 12-18. Import av brukere fra fil. [wlus08] N r man har hentet inn fila med brukerene, s vil de forskjellige semikolonseparerte feltene bli listet i forskjellige kolonner, p toppen av hver kolonne velger man hvilken funksjon de forskjellige feltene skal ha, som et minimun m man ha fornavn og etternavn. Figure 12-19. Resultat av filimport [wlus09] N r man legger til brukere fra fil, s kommer det frem en fin oversikt over de nye brukerenes brukernavn og passord, lagd p en slik m te at de lett kan skrives ut og deles ut til brukeren. Figure 12-20. Oversikt over registrerte brukere [wlus10] Ved trykke p knappen "Search" uten spesifisere en s kestreng, s vil man f frem en oversikt over samtlige brukere som er registert. Ved trykke p "User Data" s f r man muligheten til endre p passordet til denne brukeren, samt andre ting som f.eks navnet til brukeren. Du kan ogs velge flytte brukerens hjemmeomr de, men du m da selv s rge for at filene ogs blir flyttet, det gj r ikke WLUS Figure 12-21. [wlus11] Figure 12-22. Disable Login [wlus12] Med brukere p systemet, s kommer det frem noen ekstra valgmuligheter, slik som "Delete user" og "Disable Login" Ved sette et kryss foran en bruker, og velge f.eks "Disable Login" s vil denne brukeren bli nektet logge seg p . Figure 12-23. Nektede brukere [wlus13] Resultatet av ha valgt "Disable Login" er at det n st r et fint r dt kryss p denne brukeren. Figure 12-24. Oppheving av nektet p loging. [wlus14] Ved sette et kryss foran brukeren og velge "Enable Login" s vil det igjen dukke opp et gr nt kryss foran brukeren, og brukeren kan igjen logge seg p . ------------------------------------------------------------------------------- 12.3.1. Endring av brukerens passord Brukerene kan selv endre sine passord, s lenge de har et som virker. Ved starte programet kdepasswd som de finner i K-meny->Verkt y->Bytt Passord De kan selvsagt ogs bruke kommandoen passwd fra kommandolinja. Figure 12-25. kdepasswd, gammelt passord [kdepasswd1] Her skrives inn det gamle passordet, dvs det brukeren brukte for logge seg p . Merk at hvis dette skrives feil, s vil kdepasswd-programet "henge", logg ut /inn for l se dette. Figure 12-26. kdepasswd, nytt passord [kdepasswd2] Her skal man taste inn det nskede nye passordet, merk at dette m v re p 6,7 eller 8 tegn, ikke f rre eller flere. Figure 12-27. kdepasswd, vellykket. [kdepasswd4] Hvis alt har g tt som det skal, s vil denne meldingen dukke opp. Figure 12-28. kdepasswd, for langt passord [kdepasswd3] Hvis det tastes inn et passord som er lengre enn 8 tegn, s vil du f beskjed om at det har blitt kuttet av, dvs det er kun de 8 f rste som brukes. ------------------------------------------------------------------------------- 12.3.2. Bytte av en brukers passord fra kommandolinjen Du kan bytte passord for en bruker fra kommandolinja om du kjenner brukernavnet. /usr/share/debian-edu-config/tools/passwd brukernavn Da vil du bli bedt om taste et nytt passord 2 ganger, og til slutt m du taste ldap-administrator-passordet ------------------------------------------------------------------------------- 12.3.3. Bytte ldap-admin passordet For kunne gj re endringer i LDAP, som f.eks legge til brukere, bytte passord osv, s m man oppgi et passord, det s kalte ldap-admin passordet. Dette passordet lages underveis i installasjonen, se Figure 6-4. Dette passordet er et av 3 administrative passord, de andre to er webmin-passordet, se Section 12.1 og root-passordet, se Figure 6-4. LDAP-admin passordet byttes fra kommandolinja med denne kommandoen /usr/share/debian-edu-config/tools/passwd admin Da blir du bedt om oppgi den nye passordet du nsker ha 2 ganger, samt bedt om taste inn det gamle. /usr/share/debian-edu-config/tools/passwd admin Enter new password for user admin: Reenter new password: Enter bind password: ------------------------------------------------------------------------------- 12.3.4. Direkte redigering av filene i LDAP-databasen. Ved utf re kommandoen slapcat -l /root/bruker.ldif s vil man f en fil i rein tekst som inneholder LDAP-databasen, i dette tilfellet s ligger dette i fila /root/bruker.ldif, dette er en s kalt ldif-fil, derfor filendelsen "ldif". Det kan l nne seg stoppe slapd LDAP demonen, f r man henter ut denne ldif-filen, det gj res i s fall med kommandoen, samt stoppe nscd (Name Service Cache Daemon) /etc/init.d/slapd stop /etc/init.d/nscd stop V r klar over at n r slapd er stoppet s kan ingen logge seg p , da m den f rst startes igjen /etc/init.d/slapd start /etc/init.d/nscd start Denne fila /root/bruker.ldif kan du redigere ved hjelp av din favoritt teksteditor, f.eks kedit Section 8.2 I denne fila kan du forandre p brukernavn, hjemmeomr der, grupper osv, det samme som n r du bruker brukeradministrasjonsmodulen i Webmin, Section 12.3, fordelen med en slik ldif-fil er at du kan endre p flere ting p en gang. Det er ogs denne fila du bruker hvis du en gang m reinstallere og vil bruke de samme brukernavn og passord om igjen, litt kjedelig m tte dele ut 1000 nye brukernavn og passord. ------------------------------------------------------------------------------- 12.3.4.1. Legge inn den gamle LDAP-databasen i en ny installasjon Noen ganger m man bare reinstallere, for minske ulempen for brukere s er det fint for dem slippe f nye passord og brukernavn. Hvis du har en aktuell ldif-fil fra LDAP, s kan du legge denne inn i den nye installasjonen, og dine brukere vil kunne fortsette bruke sine gamle brukernavn og passord. Oppskrift p videref ring av LDAP database * P den gamle serveren, f r du reinstallerer s tar du ut en ldif-fil fra LDAP, /etc/init/slapd stop slapcat -l /root/bruker.ldif Husk at n r slapd er stoppet s kan ingen logge seg p . * Flytt denne fila, /root/bruker.ldif, over til den nye installasjonen, enten via en USB-penn, eller p en CD. * F r du kan legge inn den gamle LDAP-databasen ved hjelp av din bruker.ldif, s m du fjerne den som allerede ligger der. Databasefilene ligger i /var/ lib/ldap, en grei m te fjerne dem p er flytte dem vekk til en annen katalog, i tilfelle du trenger dem siden. mkdir /root/dbb /etc/init/slapd stop /etc/init.d/nscd stop mv /var/lib/ldap/* /root/dbb slapadd -l bruker.ldif /etc/init/slapd start /etc/init.d/nscd start N skal det g ann bruke de gamle brukernavnene og passordene, husk at det er det gamle Webmin-root passordet som brukes. ------------------------------------------------------------------------------- 12.3.5. Hvordan starte med en ny "frisk" LDAP-database? Noen ganger kommer man i den situasjonen at noen har eksperimentert litt for mye med diverse konfigurasjoner, kanskje s mye at det enkleste hadde v rt reinstallere. Hvis det skjer med LDAP, s finnes det en enklere m te "begynne fra start" enn reinstallere hele systemet. Det vi kan gj re er slette den LDAP-databasen vi har som ikke lenger funkerer slik vi nsker, og deretter legge inn en ny og ubrukt, i samme tilstand som den var rett etter installasjonen, dette inneb rer at alle dine n v rende brukere vil bli slettet. Det f rste du b r gj re er ta en kopi av den LDAP-databasen du har n , uansett om den virker eller ikke. * Stopp slapd-demonen og nscd /etc/init.d/slapd stop /etc/init.d/nscd stop * Ta kopi av den gamle LDAP-databasen, dvs lag en s kalt ldfi-fil slapcat -l /root/ldap.old.ldif * Fjern den gamle LDAP-databasen mkdir /root/dbb.old mv /var/lib/ldap/* /root/dbb.old * deretter kan du legge inn en ny rein LDAP-database med ldap-debian-edu-install [27] * Fjern hjemmeomr dene til de brukerene du nettopp har kastet ut, 'rm -rf' sletter hele katalogen, uten sp rre. V r forsiktig! rm -rf /skole/tjener/home/bruker1 rm -rf /skole/tjener/home/bruker2 osv V r klar over at du n sletter disse hjemmeomr dene for godt, hvis du senere skulle angre deg, s l nner det seg ta backup f r du sletter dem, se Section 12.2 * Hvis dette ikke funker, s kan du legge inn den gamle LDAP-databasen igjen /etc/init.d/slapd stop /etc/init.d/nscd stop mkdir /root/dbb2.old mv /var/lib/ldap/* /root/dbb2.old slapadd -l /root/ldap.old.ldif /etc/init.d/slapd start /etc/init.d/nscd start * Det l nner seg engang i blant ta en kopi av LDAP-databasen, slapcat -l /root/ldap.DagensDato.ldif ------------------------------------------------------------------------------- Chapter 13. Konfigurasjon/bruk av de mest brukte program. ------------------------------------------------------------------------------- 13.1. webmin Webmin er stedet hvor du med din nettleser kan styre hele Skolelinux/ Debian-edu. Du finner webmin ved peke din nettleser til https://tjener.intern:10000 ------------------------------------------------------------------------------- 13.2. OpenOffice.org Dere finner OOo i K-meny->OpenOffice.org->OpenOffice.org Writer Tip OOo kan ogs startes fra kommandolinja med kommandoen oowriter. ------------------------------------------------------------------------------- 13.2.1. F rste og andre gangs start av OOo Figure 13-1. OOo, ekstern adressebok [SLX47] F rste gang dere starter OOo s vil den sp rre dere hva slags ekstern adressebok dere har, her kan dere trygt velge "Avbryt" Figure 13-2. OOo, registrering [SLX50] Andre gang dere starter OOo s vil den sp rre dere om dere vil registrere dere som brukere av OOo, her kan dere for enkelthetens skyld velge "Registrer aldri" ------------------------------------------------------------------------------- 13.2.2. Personlig innstilling av OOo Det f rste som l nner seg er sette opp OOo p den m ten som du selv foretrekker. OOo har et hav av forskjellige innstillinger, alt fra farge p knappene, til hva de forskjellige knappene gj r n r du trykker p dem. Alle disse innstillingene ligger under Verkt y->Innstillinger. Figure 13-3. OOo, innstillinger [SLX48] Det f rste jeg pleier gj re er endre st rrelsen p knappene, jeg foretrekker store knapper, dette valget finner du under OpenOffice.org->Vis-> Store knapper Mens du er inne i innstillinger, ta en titt p de andre mulighetene du har, blant annet sette opp KMail som ditt epost program, nsket nettleser, dette gj res under OpenOffice.org->Eksterne programmer Figure 13-4. OOo, eksterne programmer [SLX51] Det er flere nyttige ting du kan gj re her, f.eks under OpenOffice.org->Last inn/lagre->Generelt s har du muligheten til sette opp OOo slik at den alltid lagrer et dokument i enten OOo-formatet, eller i et annet format, f.eks Microsoft Word 97/2000/XP OOo har 3 menylinjer, den til venstre kalles "Hovedverkt ylinje", den aller verste (den som inneholder skriver-symbolet) kalles "Funksjonslinje", men den under der igjen (den som har understreking og kursiv) kalles "Objektlinje" ------------------------------------------------------------------------------- 13.2.3. Bruk av OOo Figure 13-5. OOo, verkt ylinjer [SLX49X] ------------------------------------------------------------------------------- 13.2.4. Eksport direkte til PDF-format Det er ofte kjekt kunne produsere noe skriftelig for andre, uten at de skal ha muligheten til endre p innholdet, det er ogs hyggelig kunne sende fra seg et dokument uten m tte forvente at mottageren har OpenOffice eller MS Word. Formatet som muligj r dette er pdf. I kommende versjon av OpenOffice, versjon 1.1, s er muligheten for konvertere til pdf-formatet gjort mulig ved trykke p en knapp, slik som her: Figure 13-6. Print direkte til pdf-format [OOopdf] Mens vi venter p at versjon 1.1 skal komme inn i Skolelinux/Debian-edu p bokm l/nynorsk, s m vi n ye oss med den gamle metoden for konvertere til pdf, nemlig ved sette opp en "pdf-skriver". Start OpenOffice.org Printer Administration, velg Ny Skriver, s Koble til PDF-konvertering, velg s Standarddriveren, marker s den lange linjen som inneholder /usr/bin/gs, velg deg en m lkatalog, f.eks pdf, husk at denne katalogen m eksistere, det er hit pdf-filene du eksporter havner. Deretter setter du et navn p denne skriveren, det som foresl s i utgangspunktet er greit. ------------------------------------------------------------------------------- 13.2.4.1. PDF-konvertering til alle. Hvis du n finner ut at alle dine brukere skal f tilgang til en slik PDF-konverterer, uten at de m tr kkle seg gjennom en slik lang og omstendig konfigurasjon, s kan du gj re det for dem. Start med logge deg inn som en eksempel-bruker, her kaller vi han test, hvis din heter noe annet, s m du bytte ut test med det brukernavnet du bruker. Konfigurer og sett opp en pdf-konverterer, med m lkatalog lik pdf. resultatet av dette blir en ny OpenOffice-konfigurasjonsfil, plassert i /skole/tjener/home0/test/.openoffice/ 1.0.2/user/psprint/psprint.conf, innholdet i denne fila er [PDF-konvertering] Printer=SGENPRT/PDF-konvertering DefaultPrinter=0 Location= Comment= Command=/usr/bin/gs -q -dNOPAUSE -sDEVICE=pdfwrite -sOutputFile="(OUTFILE)" - Features=pdf=/skole/tjener/home0/test/pdf Copies=1 Scale=0 Orientation=Portrait PSLevel=0 ColorDevice=0 ColorDepth=24 MarginAdjust=0,0,0,0 PPD_PageSize=A4 PerformFontSubstitution=true SubstFont_Arial=Helvetica SubstFont_Times New Roman=Times SubstFont_Cumberland=Courier SubstFont_Timmons=Times SubstFont_Helmet=Helvetica SubstFont_Thorndale=Times SubstFont_Albany=Helvetica SubstFont_Courier New=Courier Hvis alle dine brukere hadde hatt denne file liggende, s ville de automatisk f tt opp denne skriveren i oversiktet over tilgjengelige skrivere, men husk at m lkatalogen m reflektere den aktuelle brukeren. Du kan enten "dele" ut denne fila til alle dine brukere ved hjelp av et par enkle skripts, eller du kan da en titt p filene som ligger i katalogen /usr/ lib/openoffice/share, det er mulig endre disse etter dine behov, men det l nner det seg gj re f r dine brukere starter OpenOffice f rste gang. Her vil jeg isteden vise de kommandoene jeg nylug brukte for sette opp pdf-konvertering for alle mine brukere, automatisk. Etter ha f rst satt opp denne pdf-konvetereren for min bruker test, s kopiere jeg den reulterende fila til alle mine brukere: for dir in /skole/tjener/home0/*;do cp /skole/tjener/home0/test/.openoffice/ 1.0.2/user/psprint/psprint.conf $dir/.openoffice/1.0.2/user/psprint/ psprint.conf;chown --reference=$dir $dir/.openoffice/1.0.2/user/psprint/ psprint.conf;done N r dette er gjort s vil alle dine brukere f en ny skriver i listen over tilgjengelige skrivere n r de fors ker skrive ut fra OpenOffice, merk deg at de m ha starter OpenOffice en gang f rst, ellers har de ikke de n dvendige katalogene p sitt hjemmeomr de. Deretter m du bytte ut referansen til test -brukeren som finnes i fila. cd /skole/tjener/home0 for dir in *;do perl -pi.bak -e "s/test/$dir/" $dir/.openoffice/1.0.2/user/ psprint/psprint.conf;chown --reference=$dir $dir/.openoffice/1.0.2/user/psprint /psprint.conf;done N burde alle dine brukere ha en pdf-konverterer, samt ha katalogen pdf som m lkatalog, merk at dette kun gjelder brukere som en eller annen gang allerede har startet OpenOffice. Det eneste som mangler n , er at de alle har katalogen pdf. for dir in /skole/tjener/home0/*;do mkdir $dir/pdf;chown --reference=$dir $dir/ pdf;done Merkat det her ligger mange muligheter for morsome ting som f.eks s rge for at alle brukere f r katalogen pdf opprettet n r brukeren opprettes i Webmin, samt andre spennede ting som at de alle f r denne pdf-konvertereren automatisk satt opp n r de starter OpenOffice f rste gang, se Section 11.1,men mer om det en annen gang. ------------------------------------------------------------------------------- 13.3. Kmail Figure 13-7. KMail ikonet [kmail] Dere finner KMail i K-meny->Internet->KMail Tip Dere kan ogs f frem K-meny ved trykke p ALT+F1 Det f rste som m ter dere er dette skjermbilde: Figure 13-8. KMail oppstartsbilde [SLX35] Det f rste vi m gj re er sette opp KMail slik at vi kan sende og motta epost. Dette gj res ved g inn i Innstillinger->Oppsett av KMail... Her f r vi opp en rekke menyvalg til venstre, vi begynner med "Identitet" Figure 13-9. KMail Identitet [SLX36] Her fyller vi inn korrekt info i feltene Navn, Organisasjon, Epostadresse, Svaradresse og om nskelig Signatur. Figure 13-10. KMail Nettverk [SLX37] S m vi klargj re KMail for sending og mottaking av epost. G inn i valget Nettverk. Litt avhengig av hvordan din internettleverand r videresender din mail, f.eks SMTP, s m du velge sendmail, eller fylle ut navnet p din SMTP-tjener. Figure 13-11. KMail Ny konto, pop3 [SLX38] Deretter m du legge til en konto, slik at du kan hente din mail. Dette gj r du ved velge Innkommende e-post->Legg til... Her fyller du inn riktig info p Navn (hva du selv nsker kalle denne kontoen), Brukernavn, Passord, Vert, Port (er som oftest 110). Det som viktig ta stilling til her, er hvorvidt man nsker at passordet skal lagres i en fil (i klartekst), eller om man ikke nsker det, og da m taste inn passordet hver gang man henter epost, det siste er det sikreste, og ofte anbefale. Det neste man m ta stilling til er hvorvidt man nsker kun hente en kopi av eposten, eller hente eposten og s slette den fra tjeneren, hvis man velger den f rste (ikke slette) s vil tjeneren fylles opp med epost, selv om du sletter den lokalt i KMail. Figure 13-12. KMail Ny konto, imap [SLX42] En annen type konto er imap. Her m du ogs fylle inn riktig info p Navn (hva du selv nsker kalle denne kontoen), Brukernavn, Passord, Vert, Port (er som oftest 143), hvis det er uklar hva de forskjellige feltene betyr, s kan du trykke p "hjelp" for f opp utfyllende hjelpetekster. Figure 13-13. KMail, bekreft f r sending [SLX39] Hvis man nsker m tte bekrefte f r man sender en mail, s settes det et kryss i denne boksen. Du vil da m tte bekrefte at du virkelig vil sende mailen, noe som ofte kan v re kjekt hvis man tilfeldigvis kommer borti Send-knappen. Figure 13-14. KMail, Sikkerhetsinnstillinger [SLX40] Ofte f r man epost i form av en html-fil (som ikke h rer hjemme andre steder enn p Internett), typisk fra Outlook. Disse er filene inneb rer en viss sikkerhetsrisiko, men velge foretrekke ren tekst fremfor HTML kan noen ganger v re litt brysomt, med et kryss her blir det lettere se p bilder som sendes som epost. Figure 13-15. KMail, Forskjellige innstillinger [SLX41] Her har man muligheten til velge t mme papirkurven n r KMail avsluttes, eller holde den under en viss grense. Man kan her ogs velge f en kjekk melodi avspilt n r man f r epost. ------------------------------------------------------------------------------- 13.3.1. Bruk av KMail Figure 13-16. KMail, menylinje [SLX43] Her er noen av knappene inaktive, det ser man ved at de er litt svakere, og det g r ikke an klikke p dem, det er fordi de ikke gir noen mening i denne situasjonen. De som er aktive og er tydelig, gir mening. Ved trykke p bildet av en postkasse med en bl pil som peker nedover, s vil man hente epost fra epost-tjeneren. Ved trykke p bildet av et blankt ark, s starer man skrive en ny epost. Figure 13-17. KMail, ny epost [SLX45] Ved trykke p det blanke arket, eller g inn i menyen Melding->Ny melding... s vil man f opp en annen menylinje. Det viktigste her er bildet av en binders, ved trykke p den s pnes filbehandleren, og man kan da velge legge ved en fil som et vedlegg. Binders symboliserer vedlegg. Det andre viktige her er bildet av en konvolutt med en bl pil som peker oppover, ved trykke p den s vil man sende eposten avg rde. Figure 13-18. KMail, epostmenylinje [SLX45X] Figure 13-19. KMail, mappe-menylinje [SLX46] ------------------------------------------------------------------------------- 13.3.2. Automatisk start og henting av epost ved innlogging. Det er mulig sette opp KDE til starte KMail automatisk, samt hente epost, n r man logger seg p . Dette gj res ved kopiere snarveien til KMail inn i .kde /Autostart, se avsnitt Section 11.3 Ved endre litt p snarveisfila KMail.desktop, s kan man f KMail til ogs sjekke epost n r den startes. Fila KMail.desktopinneholder en linje som sier noe om med hva slags opsjoner KMail skal startes Exec=kmail -caption "%c" %i %m Ved endre denne til Exec=kmail -caption "%c" %i %m -check s vil den automatisk sjekke mail. ------------------------------------------------------------------------------- 13.4. Konqueror, filbehandler Dere finner filbehandleren i K-meny->Hjemmekatalog Din hjemmekatalog er den delen av harddisken hvor dine filer ligger lagret, symbolet for din hjemmekatalog er bildet av et hus. Filbandleren er faktisk en nettleser ved navn Konqueror, men i n v rende versjon s egner den seg ikke spesielt bra som nettleser, mens den er en fremragende filbehandler. Figure 13-20. Filbehandler, hjem ikon [SLX52] Noe jeg syns er kjekt er "se" hva det er som er i mine filer, ved g inn i Vis->Forh ndsvisning og der sette en hake foran f.eks "bilder", s vil ting bli litt mer oversiktlig. Nye kataloger/mapper lages ved h yreklikke et sted i bakgrunnen i filbehandleren, da f r man opp en meny, i den velger man da "Lag ny" og "katalog". Hvis man vil flytte en fil inn i en katalog, s kan man enten simpelthen "dra" den bort til den aktuelle katalogen ved holde venstre museknapp inne, og slippe den oppi katalogen, eller man kan h yreklikke p filen og velge Klipp ut, deretter g inn i den aktuelle katalogen og der velge Lim inn Noen ganger kan det v re kjekt ha en oversikt over innholdet i to forskjellige kataloger samtidig, dette er mulig ved velge Vindu->Delt visning venstre/h yre. Da kan man lett flytte filer p en oversiktlig m te mellom kataloger. ------------------------------------------------------------------------------- 13.5. KSirc ------------------------------------------------------------------------------- 13.6. kpackage denne b r linkes inn i avsnittene om installasjon og vedlikehold av pakker ------------------------------------------------------------------------------- 13.7. gimp Det hender ganske ofte at Gimp g r "berserk" og tar alt av prosessorkraft og tilgjengelig minne p maskinen, noe som er ganske kjedelig n r det g r ut over en hel skoleklasse, her b r en liten bit om kpm legges inn ------------------------------------------------------------------------------- 13.8. Opera ------------------------------------------------------------------------------- 13.9. Mozilla Den versjonen av Mozilla som offisielt f lger med Debian Woody/Skolelinux er versjon 1.0, den lar seg installere med kommandoen apt-get install mozilla Denne versjonen er litt gammel, det vil i enkelte tilfeller v re fordelaktig ha en nyere versjon installert, siste aktuelle verjson er 1.6. Ved midlertidig legge til linja deb http://www.backports.org/debian stable mozilla i fila /etc/apt/sources.list, deretter oppdaterer du, og kj rer apt-get install mozilla ------------------------------------------------------------------------------- 13.9.1. Acrobat Reader som plugin i Mozilla/Konqueror Ved ha linja deb ftp://ftp.nerim.net/debian-marillat/ stable main i /etc/apt/sources.list s vil du med kommandoen apt-get install acroread-plugin legge inn en plugin som starter Acrobat Reader n r du ser p en pdf-fil med Mozilla. ------------------------------------------------------------------------------- 13.9.2. Legge inn plugin for se NRK-tv og andre filmsnutter p nett. Du trenger legge inn avspilleren mplayer f rst, deretter legger du inn en s kalt plugin som starter mplayer i nettleseren n r det trengs. mplayer legger du inn ved se p avsnittet Section 14.2. Pluginen heter mplayerplug-in og kan lastes ned fra mplayerplug-in. Etter at du har lastet ned fila, s m du pakke den ut, og kompilere den selv. Alt dette st r forklart p nettsiden, men jeg gjentar det her. tar -xzvf mplayerplug-in-1.2.tar.gz cd mplayerplug-in ./configure make cp mplayerplug-in.so /usr/lib/mozilla/plugins Deretter m du starte Mozilla p nytt. Det kan hende at aktuelle versjonen av mplayerplug-in ikke er 1.2, men en annen, da m du bytte ut 1.2 med det aktuelle versjonsnummeret. ------------------------------------------------------------------------------- 13.9.3. Macromedia Flash Player plugin i Mozilla Denne pakken kommer fra samme sted som mplayer og Acrobat Reader, nemlig ftp.nerim.net, s rg for at denne linja er aktiv i fila /etc/apt/sources.list. Deretter er det bare installere denne med apt-get install flashplayer-mozilla ------------------------------------------------------------------------------- 13.10. kstars ------------------------------------------------------------------------------- 13.11. kgeo ------------------------------------------------------------------------------- Chapter 14. Nyttige program som ikke f lger med p Skolelinux/Debian-edu cd'en ------------------------------------------------------------------------------- 14.1. Acrobat reader Ved legge til linja deb ftp://ftp.nerim.net/debian-marillat/ stable main i fila /etc/apt/sources.list med din favoritt tekstredigerer, se Section 8.2, og deretter oppdatere databasen, s vil du med din favoritt pakkebehandler, se Section 8.9 eller Section 13.6 kunne installere Acrobat Reader De aktuelle pakkene installere er da tjener:~# apt-cache search acrobat acroread - Adobe Acrobat Reader: Portable Document Format file viewer acroread-debian-files - Debian specific parts of Adobe Acrobat Reader acroread-plugin - Adobe Acrobat(R) Reader plugin for mozilla / konqueror Disse kan da installeres med apt-get install acroread acroread-debian-files acroread-plugin ------------------------------------------------------------------------------- 14.2. Mplayer Dette er en suveren multimediaavspiller, med den kan du spille dvd, avi, mpeg, vmw, osv Dette programmet f lger ikke med Skolelinux/Debian-edu, det m lastes ned, for muliggj re dette m f lgende linje legges til i fila /etc/apt/sources.list deb ftp://ftp.nerim.net/debian-marillat/ stable main deretter er det bare legge det inn med kommandoen apt-get update apt-get install mplayer Du kan selvsagt ogs bruke din favoritt pakkebehandler, som f.eks Section 13.6, eller Section 13.1 ------------------------------------------------------------------------------- Appendix A. Integration of other Linux distributions into Skolelinux/Debian-edu with ldap and autofs This is short notes made during holidays Ok, here comes a unpolished howto-workaround, getting a Knoppix workstation to authenticate against the Skolelinux ldap, with autofs. Someone should try to make this work with suse, fedore, mandrake and many more. [to get ldap working] [1] apt-get install libnss-ldap libpam-ldap nscd [2] Then copy from a working Skolelinux Workstation the files /etc/nsswitch.conf /etc/libnss-ldap.conf /etc/nscd.conf and all the files from /etc/pam.d/ [to get autofs working] To get autofs working I first tried all I could think about, probably I did one thing to much, but it's working, but it is very unpolished. [1] apt-get install autofs-ldap ldap-utils libldap2 libnss-ldap libpam-ldap [2] Remove /etc/auto.master Copy from a working Skolelinux Workstation the files /etc/default/autofs [3] Copy from a working Skolelinux Workstation /etc/init.d/autofs and then rerun update-rc.d -f autofs defaults 20 [4] Copy from a working Skolelinux Workstation all the files in /etc/ldap/schema [5] Probably also copied from a working Skolelinux Workstation the file /etc/pam_ldap.conf ------------------------------------------------------------------------------- Appendix B. S ml s integrering av av Mac OS X maskiner Det finnes noen m l i L97 som lettest lar seg oppfylle ved hjelp av en Mac OS X maskiner, spesielt innen Kunst og H ndverk. Det er derfor kjekt om slike maskiner kan integreres i det vrige Skolelinux/Debian-edunettverket, samme passord/brukernavn og hjemmomr de. Jeg brukte IKT-driftsh ndbok for Skolelinux som utgangspunkt, med f lgende endringer: * P Skolelinux/Debian-edu Hovedtjeneren la jeg ikke inn insecure i exportsfila /etc/exports * For f automount til funke s lagde jeg denne fila p Mac'en { "name" = ( "mounts" ); CHILDREN = ( { "opts" = ( "-P" ); "name" = ( "tjener:/skole/tjener/home0" ); "type" = ( "nfs" ); "dir" = ( "/skole/tjener/home0" ); } ) } og kalte den mounts_table. Kj r s sudo niload -r /mounts . < mounts_table ------------------------------------------------------------------------------- Appendix C. Softwareraid i Skolelinux/Debian-edu Warning Dette kan lett g galt, med tap av alt du har p diskene! Du er advart! DETTE VIKER IKKE HELT OPTIMALT. Dette er en kjap og "upolert" oppskrift for software raid i Skolelinux/ Debian-edu * Trenger installere denne pakken apt-get install mdadm * For kunne partisjonere den ledige disken, s m smartsuit f rst stoppes /etc/init.d/smartsuite stop * Hvis du tidligere har hatt software raid p diskene, s kan du fjerne superblock med mdadm --zero-superblock /dev/hd{a,c}{1,5,6} sfdisk -d /dev/hda | sed 's/Id=83/Id=fd/g ; s/Id=8e/Id=fd/g' | sfdisk /dev/ hdc * echo 'DEV /dev/sd* /dev/hd*' > /etc/mdadm/mdadm.conf * mdadm --create /dev/md/1 --level=1 --raid-disks=2 missing /dev/hdc1 mdadm --create /dev/md/5 --level=1 --raid-disks=2 missing /dev/hdc5 mdadm --create /dev/md/6 --level=1 --raid-disks=2 missing /dev/hdc6 mdadm -E -s | grep ARRAY >> /etc/mdadm/mdadm.conf * pvcreate /dev/md5 -ff vgscan pvcreate /dev/md6 -ff vgscan * vgcreate vg_md_system /dev/md/6 vgcreate vg_md_data /dev/md/5 * Ta maskinen ned i runlevel 1, men behold ssh s vi kan gj re dette remote for ALL in $(ls /etc/rc1.d/K* | grep -v ssh) ; do $ALL stop ; done for ALL in $(ls /etc/rc2.d/S* | grep -v ssh) ; do $ALL stop ; done * mkfs.ext3 /dev/md/1 ; mount /dev/md/1 /mnt ; cp -ax / /mnt vgdisplay -v | grep -E "^LV Name|^LV Size" vgdisplay -v | grep -E "^LV Name|^LV Size" LV Name /dev/vg_data/lv_home0 LV Size 416 MB LV Name /dev/vg_data/lv_backup LV Size 512 MB LV Name /dev/vg_system/lv_swap LV Size 96 MB LV Name /dev/vg_system/lv_var LV Size 160 MB LV Name /dev/vg_system/lv_usr LV Size 448 MB Pass her p at st rrelsene stemmer overens med det vgdisplay -v gir og det du bruker med lvcreate lvcreate vg_md_data -n lv_home0 -L 416M lvcreate vg_md_data -n lv_backup -L 512M lvcreate vg_md_system -n lv_swap -L 96M lvcreate vg_md_system -n lv_var -L 160M lvcreate vg_md_system -n lv_usr -L 448M * umount /mnt ; mkfs.ext3 /dev/md/1 ; mount /dev/md/1 /mnt ; cp -ax / /mnt for ALL in /dev/vg_md*/lv_* ; do mkfs.ext3 $ALL; done mkswap /dev/vg_md_system/lv_swap * sed s/vg_/vg_md_/ /etc/fstab | sed s/[hs]da1/md1/ > /mnt/etc/fstab cp /mnt/etc/fstab /root mount | grep "^/dev/vg_" | sed s/vg_/vg_md_/ | while read DEV NULL MOUNT NULL ; do mount $DEV /mnt$MOUNT ; done cp -a /usr /var /skole /mnt * cd /mnt/dev ; /sbin/MAKEDEV std sda sdb hda hdb hdc hdd hde hdf hdg hdh md console sed s:DELAY=0:DELAY=5: /etc/mkinitrd/mkinitrd.conf > /mnt/etc/mkinitrd/ mkinitrd.conf mkinitrd -o /mnt/boot/initrd.img-$(uname -r) -r /dev/md1 rm /mnt/vmlinuz* /mnt/initrd.img* cd /mnt/boot ; ln -s vmlinuz-$(uname -r) vmlinuz ; ln -s initrd.img-$(uname -r) initrd.img echo -e "\ntitle Raid\nroot (hd1,0)\nkernel /boot/vmlinuz root=/dev/md1 ro\ ninitrd /boot/initrd.img\nboot" >> /boot/grub/menu.lst Husk velge "Raid" i GRUB menyen n r du booter, eller du kan sette at "Raid" skal v re Default boot-opsjon. * REBOOT * fdisk -l /dev/hdc Partisjoner /dev/hda akkurat slik som /dev/hdc er partisjonert. tjener:~# fdisk /dev/hda The number of cylinders for this disk is set to 4092. There is nothing wrong with that, but this is larger than 1024, and could in certain setups cause problems with: 1) software that runs at boot time (e.g., old versions of LILO) 2) booting and partitioning software from other OSs (e.g., DOS FDISK, OS/2 FDISK) Command (m for help): t Partition number (1-6): 1 Hex code (type L to list codes): fd Changed system type of partition 1 to fd (Linux raid autodetect) Command (m for help): t Partition number (1-6): 5 Hex code (type L to list codes): fd Changed system type of partition 5 to fd (Linux raid autodetect) Command (m for help): t Partition number (1-6): 6 Hex code (type L to list codes): fd Changed system type of partition 6 to fd (Linux raid autodetect) Command (m for help): p Disk /dev/hda: 16 heads, 63 sectors, 4092 cylinders Units = cylinders of 1008 * 512 bytes Device Boot Start End Blocks Id System /dev/hda1 * 1 271 136552+ fd Linux raid autodetect /dev/hda2 272 4092 1925784 f Win95 Ext'd (LBA) /dev/hda5 272 2497 1121872+ fd Linux raid autodetect /dev/hda6 2498 4009 762016+ fd Linux raid autodetect Command (m for help): w The partition table has been altered! Calling ioctl() to re-read partition table. WARNING: Re-reading the partition table failed with error 16: Enheten eller ressursen opptatt. The kernel still uses the old table. The new table will be used at the next reboot. Syncing disks. tjener:~# mdadm /dev/md/1 --add /dev/hda1 cat /proc/mdstat mkinitrd -o /boot/initrd.img-$(uname -r) -r /dev/md1 REBOOT mdadm /dev/md/5 --add /dev/hda5 mdadm /dev/md/6 --add /dev/hda6 fikse /boot/grub/menu.lst title Skolelinux/Woody root (hd0,0) kernel /boot/vmlinuz root=/dev/md1 ro initrd /boot/initrd.img savedefault boot [husk grub ser diskene i rekkef lge, med 0 som f rste] echo -e 'root (hd1,0)\nsetup (hd0)' | grub --batch echo -e 'root (hd0,0)\nsetup (hd0)' | grub --batch vgrename vg_md_data vg_data vgrename vg_md_system vg_system sed s/vg_md_/vg_/ /etc/fstab > /etc/fstab2 && mv /etc/fstab2 /etc/fstab REBOOT * * N kan du nappe ut en av diskene og se hva som skjer. ------------------------------------------------------------------------------- Appendix D. KDE3.X i Skolelinux/Debian-edu Warning Husk at det er KDE2 som gjelder i Skolelinux/Debian-edu, bruker du KDE3 s er du p egen h nd. ------------------------------------------------------------------------------- D.1. KDE3.X i Skolelinux/Debian-edu For KDE3.1 inn i Skolelinux/Debian-edu m en linje legges til i /etc/apt/ sources.list, se Section 8.9 deb http://download.kde.org/stable/3.1.5/Debian stable main Deretter kj res apt-get update apt-get install kdebase F ikke panikk n r du ser at en hel haug med pakker kommer til bli fjernet, det er helt normal at det skjer n r du pr ver legge inn kde3 i Skolelinux/ Debian-edu, husk dette er ikke anbefale. tjener:~# apt-get install kdebase Reading Package Lists... Done Building Dependency Tree... Done The following extra packages will be installed: ark artsbuilder efax enscript gv kalarm kappfinder kate kbabel kcalc kcharselect kcontrol kcron kdebase-bin kdebase-data kdebase-kio-plugins kdelibs-bin kdelibs-data kdelibs4 kdepasswd kdepim-libs kdeprint kdesktop kdewallpapers kdf kdict kdm kedit kfind kfloppy kgeo kghostview khelpcenter kicker kiconedit klipper kmail kmenuedit kmid kmidi kmix kmplot knode knotes konq-plugins konqueror konqueror-nsplugins konsole korganizer kpackage kpager kpaint kpersonalizer kruler kscd kscreensaver ksirc ksmserver ksnapshot ksplash kstars ksysguard ksysguardd ktip ktouch kview kwin libart-2.0-2 libarts1 libartsc0 libasound1 libdb4.0 libglib2.0-0 libkdenetwork2 libkonq4 libmad0 libmimelib1 libpng3 libqt3-mt libsensors1 noatun noatun-plugins poster psutils quanta timidity The following packages will be REMOVED: education-thin-client-server education-workstation kbear kchart kdebase-crypto kdebase-doc kdebase-libs kdelibs3 kdelibs3-bin kdelibs3-crypto kdelibs3-cups kformula kio-fish kivio klogic koffice koffice-libs kontour koshell kpm kpresenter krecord kschoolmenu kspread kugar kword libarts libarts-mpeglib libkdenetwork1 libkmid libkonq3 noteedit timidity-patches The following NEW packages will be installed: efax enscript gv kalarm kappfinder kcontrol kdebase-bin kdebase-data kdebase-kio-plugins kdelibs-bin kdelibs-data kdelibs4 kdeprint kdesktop khelpcenter kicker klipper kmenuedit konqueror-nsplugins kpager kpersonalizer ksmserver ksplash ksysguard ksysguardd ktip kwin libart-2.0-2 libarts1 libartsc0 libasound1 libdb4.0 libglib2.0-0 libkdenetwork2 libkonq4 libmad0 libpng3 libqt3-mt libsensors1 poster psutils timidity 45 packages upgraded, 42 newly installed, 33 to remove and 37 not upgraded. Need to get 60.2MB of archives. After unpacking 1927kB will be freed. Do you want to continue? [Y/n] ------------------------------------------------------------------------------- D.1.1. KDE3.2 i Skolelinux/Debian-edu For KDE3.2 inn i Skolelinux/Debian-edu m en linje legges til i /etc/apt/ sources.list, se Section 8.9 deb http://download.kde.org/stable/3.2/Debian stable main Deretter kj res apt-get update apt-get install kdebase Kanskje er en apt-get dist-upgrade ogs n dvendig ------------------------------------------------------------------------------- D.2. KDE3.1 p tynnklientene For at tynnklienter skal virke s m f lgende endres: I fila /etc/kde3/kdm/ kdmrc [Xdmcp] Enable=true Willing=/etc/kde3/kdm/Xwilling Xaccess=/etc/kde3/kdm/Xaccess i fila /etc/kde3/kdm/Xaccess * #any host can get a login window ------------------------------------------------------------------------------- Appendix E. Kompilering av egne program ------------------------------------------------------------------------------- Appendix F. Egen oppstartslogo p tynnklientene N r tynnklientene booter s ser du en hel haug med "krytiske" meldinger fyke over skjermen, s nn trenger det ikke v re. For tynnklienter som booter med oppstartsdiskett s kan man lage sin egen oppstartslogo, dvs du f r opp et bilde, f.eks av deg selv, med en liten forl psindikator. Dette er den beste metoden for l re elevene at de ikke skal skru av tynnklientene :-) * http://www.kernel.org/pub/linux/kernel/v2.4/linux-2.4.18.tar.gz * http://umn.dl.sourceforge.net/sourceforge/ltsp/ ltsp_initrd_kit-3.0.4-i386.tgz * http://telia.dl.sourceforge.net/sourceforge/etherboot/mknbi-1.2.tar.gz * http://www.ltsp.org/contrib/lpp-2.4.18.patch.bz2 * mv linux-2.4.18.tar.gz /tmp cd /tmp * tar zvxf linux-2.4.18.tar.gz * mv linux linux-2.4.18-ltsp * mv ltsp_initrd_kit-3.0.4-i386.tgz /tmp cd /tmp * tar zxvf ltsp_initrd_kit-3.0.4-i386.tgz Dette som root. * cd ltsp_initrd_kit * mv config-2.4.18-ltsp-1 /tmp/linux-2.4.18-ltsp * cd /tmp/linux-2.4.18-ltsp/ mv config-2.4.18-ltsp-1 .config * cd /tmp tar zvxf mknbi-1.2.tar.gz * cd mknbi-1.2 make make install Dette installerer til /usr/local/ * bzip2 -d ~klaus/lpp/lpp-2.4.18.patch.bz2 cd /tmp/linux-2.4.18-ltsp * cp /home/klaus/lpp/lpp-2.4.18.patch /tmp/linux-2.4.18-ltsp/ patch -p1 < lpp-2.4.18.patch * make xconfig Load configuration from file. In the pop-up box, type .config Click on Console Drivers -> Frame Buffer Support. y option for Enable Linux Progress Patch (EXPERIMENTAL) y option for Virtual Frame Buffer Support (Only for Testing!) * cd /tmp tar zxvf /tmp/custom_logo.tar.gz cd /tmp/cd boot_logo ./boot_logo kde-logo.pcx linux_logo.h cp linux_logo.h /tmp/linux-2.4.18-ltsp/include/linux/ cp fbprogress.h /tmp/linux-2.4.18-ltsp/drivers/video/ * cd /tmp/linux-2.4.18-ltsp make dep && make bzImage && make modules && make modules_install * cd /tmp/ltsp_initrd_kit/ ./buildk tjener:/tmp/ltsp_initrd_kit# ./buildk You can prepare a kernel for the following type of workstation: 1 - PCI/ISA network card 2 - PCMCIA (laptop) network card Enter option (1-2) [2]: 1 Kernel source directory [/usr/src/linux-2.4.18-ltsp]: /tmp/linux-2.4.18-ltsp * mkdir /tftpboot/lts/lpp cp *2.4.18* /tftpboot/lts/lpp/ * mkdir /opt/ltsp/i386/lib/modules/linux-2.4.18-ltsp cp -ar /lib/modules/2.4.18/* /opt/ltsp/i386/lib/modules/linux-2.4.18-ltsp * ------------------------------------------------------------------------------- Appendix G. Ekstra eksternt tilbeh r G.1. Digitalt fotokamera ------------------------------------------------------------------------------- G.2. Digitalt videokamera ------------------------------------------------------------------------------- G.3. Skanner ------------------------------------------------------------------------------- G.4. Leselist ------------------------------------------------------------------------------- G.5. CD/DVD ------------------------------------------------------------------------------- G.5.1. CD-brenner Hvis man f.eks har lastet ned en ny versjon av Skolelinux/Debian-edu og nsker f denne over p en cd, s er det greit kunne gj re det p en maskin med Skolelinux/Debian-edu Det f rste du m gj re er finne ut "hvor" cdbrenneren din befinner seg, kommandoen dmesg|grep hd kan gi en pekepinne p dette, se etter noe som ligner p dette hdc: CD-RW CRX100E, ATAPI CD/DVD-ROM drive Her er det hdc som er plasseringen av cdbrenneren Cdbrennerens plassering m angis i GRUB, se Figure 6-1 s rg for at oppstartslinja du bruker i GRUB inneholder plasseringen til cdbrenneren, slik som dette kernel /boot/vmlinuz-2.4.24-1-k7 root=/dev/hda1 ro hdc=ide-scsi Det viktige her er hdc=ide-scsi, dette gj res i fila /boot/grub/menu.lst Deretter m vi legge til noen linjer i fila /etc/modules.conf, legg til disse linjene p slutten av fila, pass p at plasseringen stemmer med din maskin # SCSI Emulation alias scd0 sr_mod # load sr_mod upon access of scd0 alias scsi_hostadapter ide-scsi # SCSI hostadapter emulation options ide-cd ignore=hdc # if /dev/hdc is your CD-Writer ignore=hdc Hvis du ogs nsker bruke cdspilleren p vanlig m te, s m du bytte ut /dev/ hdc med /dev/sr0, se p kommandoen hwinfo --cdrom for mer info. ------------------------------------------------------------------------------- G.5.2. cd-brenner, metode#2 Legg inn som f rste linjer i fila /etc/modules ide-scsi sg sr_mod samt korrekt hdc=ide-scsi i /boot/grub/menu.lst ------------------------------------------------------------------------------- G.5.3. DVD-spiller For kunne spille krypterte dvd-filmer, s trengs noen ekstra pakker, legg til denne linja i /etc/apt/sources.list deb http://download.videolan.org/pub/videolan/debian woody main deretter en apt-get update og s en apt-get install libdvdcss2. Som dvd-spiller kan jeg anbefale xine-ui, apt-get install xine-ui ------------------------------------------------------------------------------- G.6. USB-penn Det finnes flere typer USB-penner, de oppf rer seg litt ulikt. USB-penn oppskrift * mkdir /mnt/usbpenn * Legg til denne linja i fila /etc/fstab /dev/sda1 /mnt/usbpenn vfat user,noauto 0 0 * Noen usb-penner trenger en annen linje (sda1 istedenfor sda) /dev/sda /mnt/usbpenn vfat user,noauto 0 0 * USB-pennen kan n mountes fra kommando linja med mount /mnt/usbpenn Dette kan gj res slik at man mounter/umounter ved trykke p et ikon Se Section 10.3 for hvordan dette er mulig f til p en tynnklient. ------------------------------------------------------------------------------- G.6.1. ------------------------------------------------------------------------------- G.7. Smarttech Touchboard Et touchboard er en stor trykksensitiv tavle, som samme med en videokanon gj r det mulig st oppe "ved tavla" trykke og skrive p den, omtrent som av vanlig tavle. Warning Jeg har kun erfaring med tilkobling via PS/2 (Mus), og ikke USB. Hvis ditt Smartboard tilkobles til datamaskinen med USB, s kan det hende at denne oppskriften ikke vil v re til hjelp for deg. Ta da sporenstreks kontakt med forhandeler/import r og klag din n d. For f Smarttech Touchboard til fungere m SMART Board software lastes ned og installeres. Siste aktuelle versjon er SMART Board software version 8.0.0, den lastes ned fra smarttech.com, der tilbys det versjoner for Red Hat Linux 7.1 or higher, Mandrake Linux 9.1 og SuSE Linux 8.2 (alle disse versjonene er identiske) ingen versjon alts for Debian, eller Skolelinux/Debian-edu. Heldigvis s fungere denne ogs for Skolelinux/Debian-edu ut-av-boksen. Programmet som lastes ned heter Linux_SMART_Board_Software.bin, for installere det m det gj res kj rbart chmod 755 Linux_SMART_Board_Software.bin Deretter kan du installere det med ./Linux_SMART_Board_Software.bin Det er mulig at den vil klage over at du ikke har pakken libstdc++2.9-glibc2.1 installert, installer den med apt-get install libstdc++2.9-glibc2.1 Tavlen kobles som oftest til datamaskinen via seriellporten, /dev/tts/0 rettighetene p denne porten er i utgangspunktet klaus@tjener:~/SLX/slx$ stat /dev/tts/0 File: "/dev/tts/0" Size: 0 Blocks: 0 IO Block: 1024 Character Device Device: 6h/6d Inode: 347 Links: 1 Device type: 4,40 Access: (0660/crw-rw----) Uid: ( 0/ root) Gid: ( 20/ dialout) Access: Thu Jan 1 01:00:00 1970 Modify: Wed Feb 4 16:00:48 2004 Change: Wed Feb 4 15:56:32 2004 dvs at vanlige brukere ikke f r brukt denne. En enkel midlertidig l sning, blir borte ved restart av maskinen, er chmod 0666 /dev/tts/0, hvis du nsker gj re denne endringen permament, s m du endre p en linje i fila /etc/devfs/perms Ved endre denne linja REGISTER ^(tts|cua)/[^/]*$ PERMISSIONS root.dialout 0660 til REGISTER ^(tts|cua)/[^/]*$ PERMISSIONS root.dialout 0666 s vil seriellporten v re tilgjengelig for alle. Hvis du ikke er komfortabel med at absolutt alle kan bruke seriellporten, s kan du opprette en gruppe og s legge inn de brukerene som skal kunne bruke SMARTBoard inn i denne gruppa. ------------------------------------------------------------------------------- G.7.1. SmartBoard ikoner for brukerene N som SmartBoard driveren er lagt inn, og riktige rettigheter er satt p seriellutgangen, s mangler vi bare et kjekt lite ikon som brukerene kan klikke p . Vi trenger to filer for at brukerene skal kunne starte Smartboard p en grei m te, et ikon p bakgrunnen dems, samt et lite script sentralt p maskinen. S rg for at de brukerene som skal kunne bruke Smartboard har denne fila liggende i Desktop katalogen p sitt hjemmeomr de, kall fila Smartboard.desktop med dette innholdet: [Desktop Entry] Comment=Smartboard Comment[nb]=Smartboard Encoding=UTF-8 Exec=/usr/local/bin/smartboard.sh GenericName=Smartboard GenericName[nb]=Smartboard Icon=/usr/bin/SMARTBoard/lib/pixmaps/board256.xpm MimeType= Name=SMartBoard Name[nb]=SMartBoard Path= ServiceTypes= SwallowExec= SwallowTitle=Smartboard Terminal=false TerminalOptions= Type=Application X-KDE-SubstituteUID=false X-KDE-Username= Dessuten trengs dette skriptet, som blir kalt fra Smartboard.desktop, hvis du plasserer dette skriptet et annet sted en /usr/local/bin/smartboard.sh s m du endre dette ogs i Smartboard.desktop, dette er innholdet i fila /usr/local/bin /smartboard.sh #!/bin/bash #Lagres som /usr/local/bin/smartboard.sh export SBOARD_INSTALL_PATH=/usr/bin/SMARTBoard export PATH=$SBOARD_INSTALL_PATH/bin:$PATH export BROWSER=konqueror if [ "$LD_LIBRARY_PATH" ]; then export LD_LIBRARY_PATH=/usr/X11R6/lib:$LD_LIBRARY_PATH:$SBOARD_INSTALL_PATH/lib else export LD_LIBRARY_PATH=/usr/X11R6/lib:$SBOARD_INSTALL_PATH/lib fi if [ "$XFILESEARCHPATH" ]; then export XFILESEARCHPATH=/usr/X11R6/lib/locale/%L/%T/%N%S:/usr/X11R6/lib/%T/%N%S:$XFILESEARCHPATH:$SBOARD_INSTALL_PATH/lib/%T/%N%S else export XFILESEARCHPATH=/usr/X11R6/lib/locale/%L/%T/%N%S:/usr/X11R6/lib/%T/%N%S:$SBOARD_INSTALL_PATH/lib/%T/%N%S fi eval exec /usr/bin/SMARTBoard/bin/SMARTService ------------------------------------------------------------------------------- Appendix H. Diverse "hjemmelagde" l sninger ------------------------------------------------------------------------------- H.1. Laste ned nye versjoner av Skolelinux/Debian-edu cd, p en smart m te ved hjelp av rsync Det kommer stadig vekk nye versjoner av Skolelinux/Debian-edu cd'en, spesielt n i tiden f r versjon 1.0, noen ganger kommer det en ny versjon nesten ukentlig. En hel cd er p omtrent 650MB, noe som p en normal ADSL linje tar 2-3 timer laste ned, enda lengre tid p ISDN. Hvis man hele tiden vil ha den nyeste versjon av Skolelinux/Debian-edu cd'en, s m man enten lasten den ned selv, eller f noen andre til laste ned og brenne den. Hvis man velger laste den ned selv, s finnes det et program som gj r det mulig ta utgangspunkt i en eksisterende cd man allerede har lastet ned, og bare laste ned forskjellen mellom den cd'en man allerede har og den nye, p den m ten kan man laste ned f.eks pr44 p kort tid hvis man har pr43, selv p ISDN. Kommandoen som gj r dette mulig er rsync --no-whole-file \--progress -vv --stats \developer.skolelinux.no::skolelinux-cd/skolelinux-i386-pr44.iso \/ skole/tjener/home0/iso/skolelinux-i386-pr44.iso Tip Dette er en eneste lang linje . Det som her skjer er at den lokale fila /skole/tjener/home0/iso/ skolelinux-i386-pr44.iso "oppdateres" slik at den blir identisk med fila skolelinux-i386-pr44.iso som ligger p ftp-serveren til Skolelinux. Men f r du gj r dette, m du ha en lokal kopi p din datamaskin som du nsker oppdatere, i mitt eksempel heter denne kopien skolelinux-i386-pr44.iso og ligger i katalogen /skole/tjener/home0/iso/, hvis din lokale kopi heter noe annet, og ligger i en annen katalog, s m du huske p ta hensyn til dette n r du utf rer rsync-kommandoen. Du lurer sikkert p hvorfor jeg oppgraderer den lokale fila skolelinux-i386-pr44.iso men en lik fil hos Skolelinux? Det er fordi min lokale fil skolelinux-i386-pr44.iso egentlig er en skolelinux-i386-pr43.iso, men med et annet navn. Oppskrift for oppgradering med rsync. * F rst m du installere pakken rsync, apt-get install rsync * Jeg har en cd liggende med skolelinux-i386-pr43.iso, den nsker jeg oppgradere til en nyere versjon, f.eks pr44. Det f rste jeg m gj re er kopiere det som ligger p cd'en over p min harddisk, f rst sett cd'en inn i cdspilleren, s mount /cdrom * Sjekk at cd'en er mountet med df -h, se etter linja /dev/cdrom 692M 692M 0 100% /cdrom * Deretter kopierer du den gamle versjonen fra cd'en over til din harddisk med kommandoen dd if=/dev/cdrom of=/skole/tjener/home0/iso/skolelinux-i386-pr44.iso bytt ut pr44 med den nye nskede versjonen * Deretter er det bare utf re rsync-kommandoen. * Hvis alt er som det skal, s vil du n se f lgende p skjermen: klaus@tjener:/skole/tjener/home0/iso$ rsync --no-whole-file \--progress -vv --stats \developer.skolelinux.no::skolelinux-cd/skolelinux-i386-pr44.iso \/skole/tjener/home0/iso/skolelinux-i386-pr44.iso opening tcp connection to developer.skolelinux.no port 873 /skole/tjener/home0/iso/woody-i386-1.raw 679182336 100% 1.96MB/s 0:05:30 rsync[1396] (receiver) heap statistics: arena: 115288 (bytes from sbrk) ordblks: 2 (chunks not in use) smblks: 0 hblks: 0 (chunks from mmap) hblkhd: 0 (bytes from mmap) usmblks: 0 fsmblks: 0 uordblks: 101336 (bytes used) fordblks: 13952 (bytes free) keepcost: 13904 (bytes in releasable chunk) Number of files: 1 Number of files transferred: 1 Total file size: 679182336 bytes Total transferred file size: 679182336 bytes Literal data: 21512192 bytes Matched data: 657670144 bytes File list size: 35 Total bytes written: 248397 Total bytes read: 16827778 wrote 248397 bytes read 16827778 bytes 42007.81 bytes/sec total size is 679182336 speedup is 39.77 Warning Pass p at du har minst 650MB ledig plass n r du laster ned ved hjelp av rsync, dette fordi rsync lager en midlertig fil mens den laster ned, denne filen vokser og blir like stor som cd. N r nedlastingen er ferdig s slettes denne midlertidige filen. ------------------------------------------------------------------------------- H.2. Hindre at brukere logger seg p flere tynnklienter samtidig. Det kan v re et skikkelig brysom lite problem n r en bruker logger seg p flere tynnklienter samtidig, f.eks hvis han pr ver forandre bakgrunnsbilde p begge stedene. L sningen er sette opp en liten test i det en bruker logger seg p , for sjekke om han allerede er logget p , hvis han er det, s f r han ikke logget seg p p nytt. Scriptet som muliggj r, eller egentlig umuliggj r flere innlogginger samtidig, ligger i fila /etc/X11/Xsession.d/10skolelinux-one-login-per-host, der ligger ogs instruksjoner for hvordan dette scriptet skal startes; det startes ved lage en s kalt "flagg-fil" med kommandoen tjener:~# touch /etc/skolelinux/limit-logins Dette er innholdet i den aktuelle fila som gj r jobben med hindre at en bruker logger seg p flere tynnklienter samtidig. more /etc/X11/Xsession.d/10skolelinux-one-login-per-host #!/bin/sh # Make sure a given user do not log into the same computer twice. # When this is done on an LTSP server, the KDE configuration is likely # to be destroyed. # # debug=1 log() { if [ "$debug" ] ; then echo "$@" fi } limit_logins() { num=1 numps=0 u=$LOGNAME # Do not try to limit the root user if [ "$u" != "root" ] ; then num=`who | cut -d" " -f1 | grep "^$LOGNAME\$" | wc -l` fi log "Found $num connections for user $LOGNAME" if [ "$num" -gt 1 ] ; then numps=`ps -eu "$LOGNAME" | grep -v -e sleep -e COMMAND|wc -l` num=`expr $numps + 1` fi if [ $num -gt 1 ] ; then xmessage -buttons greit:0 -timeout 30 -center \ "Du f r IKKE lov til logge p flere enn _en_ maskin omgangen!" exit 1 fi } # Only enable this if the flag file exists. When the code is tested # and found to work fine, we can enable it for everyone. [pere 2003-02-21] # To enable this script you must create an empty file with the command # touch /etc/skolelinux/limit-logins # [klaus 2003-09-06] if [ -f /etc/skolelinux/limit-logins ] ; then limit_logins fi ------------------------------------------------------------------------------- H.2.1. Kaste ut en bruker Noen ganger er det nskelig kunne kaste ut en bruker, dette lille scriptet s rger for det. #!/bin/sh # Lagres f.eks som #/usr/local/bin/ut #Husk chmod 755 /usr/local/bin/ut #Brukes p denne m ten #'ut brukernavn' # script for kaste ut en bruker # if [ $1 != "root" ] then for i in $(pgrep -u $1) do kill -9 $i done else clear echo "Kan ikke kaste ut root." fi Scriptet brukes p denne m ten, for kaste ut brukeren klaus, ut klaus ------------------------------------------------------------------------------- H.3. S rge for at alle prosesser/program virkelig avsluttes ved utlogging. Det er skikkelig brysom at OpenOffice ofte henger igjen n r den avsluttes, selv etter at brukeren har logget seg ut. Det ser ut som om det avslutte OpenOffice ved trykke p "krysset" oppe i h yre hj rnet, ikke gj r jobben skikkelig. Det som skjer hvis OpenOffice henger igjen, er at den kanskje/ofte ikke lar seg starte neste gang brukeren logger seg inn. Det finnes en m te s rge for at alle prosesser virkelig blir skikkelig avsluttet n r en bruker logger seg ut. S rge for at alle prosesser avsluttes * Dette er scriptet som gj r jobben, kall det f.eks avslutt.sh: #!/bin/bash # License: GPL #klaus@skolelinux.no #Dette skriptet lagres f.eks p /usr/local/bin/avslutt.sh #husk chmod 755 /usr/local/bin/avslutt.sh KILL=/usr/bin/pkill # root lar vi gj re som han vil [ -x $KILL ] || exit [ "$1" -a "$1" != "root" ] || exit # f rst er vi h flige $KILL -u $1 #s venter vi 5 sekunder sleep 5s #s tar vi skikkelig kverken p dem $KILL -9 -u $1 * Plasser dette scriptet i f.eks katalogen /usr/local/bin/ * S rg for at dette scriptet blir kj rt hver gang brukeren logger ut ved legge til denne linja /usr/local/bin/avslutt.sh $USER i fila /etc/kde2/kdm/Xreset * Husk gj re scriptet kj rbart med kommandoen chmod 755 /usr/local/bin/avslutt.sh Dette scriptet vil n s rge for at alle prosesser til en bruker virkelig blir avsluttet n r han logger ut, unntatt prosessene til root. ------------------------------------------------------------------------------- H.4. Legg ut ikoner p bakgrunnen til flere brukere samtidig. Mer info om ikoner p bakgrunnen og menylinjer, se Chapter 11 Noen ganger kan det v re kjekt at alle brukerene har et ikon p sin bakgrunn. Hvis du har 1000 brukere, s er enda kjekkere hvis du kan legge dette ikonet ut til alle brukerene i en fei. Alle snarveier er egentlig en fil. Disse filene ligger i katalogen Desktop p brukerenes hjemmeomr de, f.eks s heter fila som representerer snarveien til nettleseren Mozilla Mozilla_Navigator.desktop, innholdet i den fila begynner slik: [Desktop Entry] Type=Application Exec=mozilla Name=Mozilla Navigator Comment=Mozilla Navigator Icon=/usr/share/pixmaps/mozilla.xpm Her er info om hvor programmet ligger installert, hva slags ikon som brukes og annen info. Hvis du nsker f.eks at alle skal ha ikonet til OpenOffice.org p bakgrunnen som en snarvei (fila heter i dette tilfellet textdoc.desktop), s gj r du f lgende som root: En fil spredd til alle brukere p en gang. * Du m f rst legge denne snarveien manuelt ut p bakgrunnen til en bruker, f.eks til brukeren "test", den vil da ligge i katalogen /skole/tjener/home0 /test/Desktop/textdoc.desktop. * Det neste du gj r er lage et script som gj r f lgende: 1. Kopierer denne textdoc.desktop inn i alle dine brukeres Desktop-katalog. 2. S rge for at rettighetene p denne fila blir korrekte, dvs at den blir satt til eies av brukeren selv, og ikke av root. * #!/bin/sh #Lagres som f.eks spre-desktop #brukes som f lger ./spre-desktop sti-til- nsked.desktop #husk gj re scriptet kj rbart med chmod 755 spre-desktop #Hvis dine brukere ligger et annet sted en rett p home0, s m du #endre variabelen HOMEDIRS under for reflektere dette. #Hvis dine hjemmeomr der ligger i forskjellige kataloger p #/skole/tjener/home0, f.eks/skole/tjener/home0/2004-A, #s legger du til flere i HOMEDIRS ved adskille dem med mellomrom. #F.eks HOMEDIRS="/skole/tjener/home0/2004-B /skole/tjener/home0/2004-A" # HOMEDIRS="/skole/tjener/home0" # # Hvis det finnes en "Desktop"-katalog, s kopierer vi inn i den. copykde () { if [ -d $U/Desktop ] then cp -a "$FILE" $U/Desktop DEST="`basename \"$FILE\"`" chown --reference=$U/ $U/Desktop/"$DEST" fi } while [ $# -gt 0 ] do FILE="$1" if [ -f "$FILE" ] then # finner alle mappene under /home for H in $HOMEDIRS do USERLIST="`ls -ad $H/*`" if [ "$USERLIST" ] then # for hver bruker for U in $USERLIST do copykde done fi done fi shift done Dette scriptet kan du f.eks lagre p hjemmeomr det til root. I eksempelet her med fila textdoc.desktop som ligger hos brukeren test, s vil kommandoen som kopierer denne fila til alle dine brukere bli: ./spre-desktop /skole/tjener/home0/test/Desktop/textdoc.desktop ------------------------------------------------------------------------------- Appendix I. Andre "geniale" Linux distribusjoner I.1. Sn frix Dette er en versjon av Knoppix, se Section I.2, lagd av Conrad Newton, conrad.newton@broadpark.no. Denne cd'en kan lastes ned fra ftp.skolelinux.no/skolelinux/knoppixes/snofrix. Tidligere het denne cd'en "NordisKids" Dette er det Conrad Newton selv sier om Sn frix: For those of you familiar with other Linux/Knoppix based CDs, it can perhaps best be summarized by saying that NordisKids lives at the intersection point of Morphix Gamer, Freeduc, and the OpenCD. In plain language, this means that the CD contains lots of games, lots of educational software, as well as Windows installers of Norwegian OpenOffice.org 1.1 and Norwegian Mozilla 1.5. The making of this CD is an unashamed attempt to win popularity for Linux! I call it "NordisKids", because like NordisKnoppix it will eventually support all the languages of the Nordic region. For the time being, it only exists in Norwegian language, and only on this website. I hope to have versions ready for the other Nordic languages before too long. But before then, I need your feedback. The focus group is children (hence the "Kids"), because they are usually less reluctant than adults to try something new. My hope is that they will start by playing games (Question: how did YOU get into computers?), and then discover that the CD contains other interesting/useful software. The CD is likely to be interesting to teachers as well. ------------------------------------------------------------------------------- I.2. Knoppix Dette er nok den mest popul re av alle inne generen "live-cd" Den kan lastes ned fra hjemmesiden, knoppix.org ------------------------------------------------------------------------------- I.3. BBC Dette er en s kalt "business card", dvs den er p 50MB og passer p slike sm visittkort cd'er. Egner seg som et verkt y for raskt f et Linux system inn p datamaskin, den kan da lett nettes. BBC kan lastes ned fra http://www.lnx-bbc.org/ ------------------------------------------------------------------------------- I.4. SLAX SLAX er en "lice-CD" som bygger p Linux distribusjone Slackware. SLAX er en relativ liten cd, omtrent 190MB, og inneholder ikke annet en KDE3.2, der finner du alt du trenger for brenne cd/dvd, s lenge du har en ekstra cdrom i maskinen din. ------------------------------------------------------------------------------- I.5. tomsrtbt Dette er en liten med kraftig en-diskett Linux-distribusjon, den egner seg veldig godt for kjapt og enkelt teste om en datamaskin virker, hva slag deler som sitter i den (skjermkort, prosessor, ram, harddisk osv). Det er lettvint f denne maskinen p nett ved hjelp av tomsrtbt. Den lastes ned fra http://www.toms.net/rb/ ------------------------------------------------------------------------------- I.6. Freeduc, Live CD-ROM of free software for schools Dette er nok en "lice-CD", med fokus p pedagogisk programvare. Hjemmesiden til Freeduc er http://www.ofset.org/freeduc-cd/ Den kan lastes ned fra http://prdownloads.sourceforge.net/ofset/ freeduc-cd-1.4.1.iso?download ------------------------------------------------------------------------------- Appendix J. Diverse kjekke sm scripts J.1. Sm scripts ------------------------------------------------------------------------------- J.1.1. Fjerne kommentarlinjer De fleste systemfiler er fulle av utkommenterte liner, dvs linjer med et # -nummertegn foran, dette er linjer som ikke det taes hensyn til. Noen ganger er vi ikke interessert i se p disse, kun de linjene som gjelder. Kommandoen egrep -v '^#|^$' vil filtrere bort disse kommentarlinjene ved visning, de blir ikke fjernet fra selve fila. ------------------------------------------------------------------------------- J.1.2. Foreta endringer i flere filer samtidig. Noen ganger har man behov for foreta den samme endringen i flere forskjellige filer, f.eks i konfigurasjonsfiler til dine brukere. Enten kan du da pne dem en etter en, og bruke hele dagen p den jobben, eller du kan bruke en fin kombinasjon av Perl og skallskripting. F lgende lille snutt vil bytte ut forekomsten av kde2 med kde3 i alle filer som har filendelsen .txt for F in *.txt; do perl -pi.bak -e 's/kde2/kde3/g' $F;done Det fine med denne kommandoen er at orginalfilen ikke blir skrevet over eller slettet, men den f r en ekstra endelse, nemlig .txt.bak, det er kjekt hvis det viser seg at din endring ikke var riktig allikevel, men du har vel backup uansett?, se Section 8.5.3 ------------------------------------------------------------------------------- Appendix K. Contribute to this document and Skolelinux/Debian-edu[id= contribute] K.1. Translate Once I'm done with the rewrite and crude translation to English, the tools sgml2xml and poxml will be used so that this file easily can be translated to any language Sun Aug 1 10:02:31 CEST 2004 At the moment I'm translation without a spellcheker, and without looking back at how my English actually sounds, this is a draft. There is plans to get a nativ English speaking person to fix my poorly English, you should probably not start to translate this document into your language before that is done. The id= tags in the titles will be removed when I'm done with the rewrite, they are there so that I can better organise the layout of the doument, the FIXME-notes will also be fixed, later. ------------------------------------------------------------------------------- K.2. Test Skolelinux/Debian-edu on your computer with an emulator, qemu Get latest version from http://fabrice.bellard.free.fr/qemu/, at the time of writing that is 0.6.0 Unpack, and create a disk that is big enough, dd of=/tmp/disk1 bs=1024 seek=600000 count=0 Will create a 6GB disk, the funny thing is that this size is not "real" before you start filling it up inside qemu, that means you can actually create a bigger qemu-disk than yoy physical disk. Before you create the qemu-disk, you can check your available space with df -h and do the same after you have created a 6BG qemu-disk, you will see the same space is available. The space is not used before you start installing something into qemu, very nice. Either download a iso-image to you harddrive, /usr/local/bin/qemu -m 128 -boot d -cdrom /tmp/skolelinux-i386-release-1.0.iso -hda /tmp/disk1 this will start a Skolelinux/Debian-edu install with 128MB ram onto qemu-disk / tmp/disk, if you are going to try a Thinclient install, you will need two networkcards in your qemu, add the option -nics 2 Once you are done with firststage in qemu, you need to start secondstage with /usr/local/bin/qemu -m 128 -cdrom /tmp/skolelinux-i386-release-1.0.iso -hda / tmp/disk1 otherwise it will not boot from the harddrive, but from the cdrom again. ------------------------------------------------------------------------------- K.3. Screenshots ------------------------------------------------------------------------------- Appendix L. install_without_autopartkit.txt[id=withoutautopartkit] [clWin11] HOW TO INSTALL SKOLELINUX WITHOUT USING AUTOPARTKIT --------------------------------------------------- Author: Finn-Arne Johansen faj@bzz.no This Document is released under the GNU General Public License, version 2. On Debian GNU/Linux systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL'. $Id: newdriftbok.en.txt,v 1.4 2004/09/08 20:55:35 cobaco Exp $ Disclaimer ---------- The Author takes no responsibility whatsoever if folowing this howto breaks your existing installation, your leg, burns down your house, or make you loose your jobb Introduction ----------- This HOWTO is based on the work done at the BzzWare AS, to have a Skolelinux installation on a machine were there already exist other installation, both of GNU Linux and propriatary OS The target Audience for this HOWTO should have some experience with GNU Linux and should know the basics of partitions and mountpoint. Partitions ---------- The Machine were this installation was performed, already had one Debian Sarge installation, one Windows 2000, one Windows XP, and one Skolelinux standalone installation. The Standalone installation was sacrificed and instead a Combined server (Main+LTSP) was performed instead. the partition schema is as follows root@fajx300:~# sfdisk -uM -l Disk /dev/hda: 7296 cylinders, 255 heads, 63 sectors/track Units = mebibytes of 1048576 bytes, blocks of 1024 bytes, counting from 0 Device Boot Start End MiB #blocks Id System /dev/hda1 0+ 478- 479- 489951 83 Linux /dev/hda2 * 478+ 5247- 4770- 4883760 7 HPFS/NTFS /dev/hda3 5247+ 10017- 4770- 4883760 7 HPFS/NTFS /dev/hda4 10017+ 57231- 47215- 48347617+ f W95 Ext'd (LBA) /dev/hda5 10017+ 14786- 4770- 4883728+ 83 Linux /dev/hda6 14786+ 57231- 42446- 43463826 8e Linux LVM /dev/hda1 is the Debian Sarge root partition /dev/hda2 is for Win2k /dev/hda3 is for WinXP /dev/hda5 was the old standalone instllation /dev/hda6 is LVM, with swap, /usr /home, /var and other partitions for the Debian Sarge installation First stage of installation --------------------------- Boot of the CD, enter "expert" on the "boot:" prompt Choose your language, country and keyboard to your preferences. Detect and mount CD. My CDROM is USB based, so I needed to choose usbstorage (automatically detected) I do not need PCCard services on my laptop Load installation components eject load cdrom load installer lvm-cfg Choose Skolelinux Profile: For this excersize i choose Main and Thin-client-server Remember that you either need a Main server on your network, or you may install a standalone Detect Hardware I choose ide-detect, generic and ide-disk, but I guess you can go with the default, which loads a lot of modules, and i think generates a lot of questions LVM usage: If you want to use LVM partitions you have to switch to the second Console: Alt+F2 modprobe lvm-mod vgscan vgchange -ay Alt+F1 to get back again Partition a Harddrive You are sent to a cfdisk session, were you may create partitions if you want to, But I did not need to. I think you have to reboot if you have already loaded the lvm-module, and prepared to use LVM Configure and Mount I choose my /dev/hda5 for root, and nothing else. After installation is done i find that there is used 1.7G, and I have 2.8G left on a 5G partition. I think you should prepare at least 2560MB on that partition. you may look at the files under /etc/autopartkit when you have booted from the CD to see how much space you actually need. Use Ext2 for filesystem for the root partition, since Skolelinux 1.0 will convert ext2 into ext3 later. make a note on how you did setup your partitions, you need it later. Install Base system Continue with installation, but when you get to the point were the installation ask you which kernel to install, you need to do some work on the second console Select Kernel Since you are doing things manually, you need to create your /etc/fstab on the target Switch to the second console again (Alt+F2) then I did: echo "/dev/hda5 / ext2 defaults 0 1 proc /proc proc defaults 0 0 none /tmp tmpfs defaults 0 0 /dev/cdrom /cdrom iso9660 noauto,users,ro 0 0" >> /target/etc/fstab Remember once again to use ext2, and not ext3 for the filesystems. Switch back to "kernel select" with Alt+F1 install the only availible kernel "kernel-image-2.4.26-1-386" Finish installation The installer will try to install Grub, but if you like me, dont want to destroy your carefully crafted Grub setup, then do install grub on the same partition as you are installing on (for me that means /dev/hda5) when done, please reboot If you did not install grub on the Master Boot Record (/dev/hda), then you may have to to some magic to boot from your new instalation when Your old grub menu show up, please press "C" to do a command line grub boot. I have to enter the following on the grub-prompt: root (hd0,4) kernel /vmlinuz root=/dev/hda5 ro initrd /initrd.img boot Your milage may vary ------------------------------------------------------------------------------- Appendix M. GNU Free Documentation License Version 1.1, March 2000 Copyright (C) 2000 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. ------------------------------------------------------------------------------- M.1. PREAMBLE The purpose of this License is to make a manual, textbook, or other written document "free" in the sense of freedom: to assure everyone the effective freedom to copy and redistribute it, with or without modifying it, either commercially or noncommercially. Secondarily, this License preserves for the author and publisher a way to get credit for their work, while not being considered responsible for modifications made by others. This License is a kind of "copyleft", which means that derivative works of the document must themselves be free in the same sense. It complements the GNU General Public License, which is a copyleft license designed for free software. We have designed this License in order to use it for manuals for free software, because free software needs free documentation: a free program should come with manuals providing the same freedoms that the software does. But this License is not limited to software manuals; it can be used for any textual work, regardless of subject matter or whether it is published as a printed book. We recommend this License principally for works whose purpose is instruction or reference. ------------------------------------------------------------------------------- M.2. APPLICABILITY AND DEFINITIONS This License applies to any manual or other work that contains a notice placed by the copyright holder saying it can be distributed under the terms of this License. The "Document", below, refers to any such manual or work. Any member of the public is a licensee, and is addressed as "you". A "Modified Version" of the Document means any work containing the Document or a portion of it, either copied verbatim, or with modifications and/or translated into another language. A "Secondary Section" is a named appendix or a front-matter section of the Document that deals exclusively with the relationship of the publishers or authors of the Document to the Document's overall subject (or to related matters) and contains nothing that could fall directly within that overall subject. (For example, if the Document is in part a textbook of mathematics, a Secondary Section may not explain any mathematics.) The relationship could be a matter of historical connection with the subject or with related matters, or of legal, commercial, philosophical, ethical or political position regarding them. The "Invariant Sections" are certain Secondary Sections whose titles are designated, as being those of Invariant Sections, in the notice that says that the Document is released under this License. The "Cover Texts" are certain short passages of text that are listed, as Front-Cover Texts or Back-Cover Texts, in the notice that says that the Document is released under this License. A "Transparent" copy of the Document means a machine-readable copy, represented in a format whose specification is available to the general public, whose contents can be viewed and edited directly and straightforwardly with generic text editors or (for images composed of pixels) generic paint programs or (for drawings) some widely available drawing editor, and that is suitable for input to text formatters or for automatic translation to a variety of formats suitable for input to text formatters. A copy made in an otherwise Transparent file format whose markup has been designed to thwart or discourage subsequent modification by readers is not Transparent. A copy that is not "Transparent" is called "Opaque". Examples of suitable formats for Transparent copies include plain ASCII without markup, Texinfo input format, LaTeX input format, SGML or XML using a publicly available DTD, and standard-conforming simple HTML designed for human modification. Opaque formats include PostScript, PDF, proprietary formats that can be read and edited only by proprietary word processors, SGML or XML for which the DTD and/or processing tools are not generally available, and the machine-generated HTML produced by some word processors for output purposes only. The "Title Page" means, for a printed book, the title page itself, plus such following pages as are needed to hold, legibly, the material this License requires to appear in the title page. For works in formats which do not have any title page as such, "Title Page" means the text near the most prominent appearance of the work's title, preceding the beginning of the body of the text. ------------------------------------------------------------------------------- M.3. VERBATIM COPYING You may copy and distribute the Document in any medium, either commercially or noncommercially, provided that this License, the copyright notices, and the license notice saying this License applies to the Document are reproduced in all copies, and that you add no other conditions whatsoever to those of this License. You may not use technical measures to obstruct or control the reading or further copying of the copies you make or distribute. However, you may accept compensation in exchange for copies. If you distribute a large enough number of copies you must also follow the conditions in section 3. You may also lend copies, under the same conditions stated above, and you may publicly display copies. ------------------------------------------------------------------------------- M.4. COPYING IN QUANTITY If you publish printed copies of the Document numbering more than 100, and the Document's license notice requires Cover Texts, you must enclose the copies in covers that carry, clearly and legibly, all these Cover Texts: Front-Cover Texts on the front cover, and Back-Cover Texts on the back cover. Both covers must also clearly and legibly identify you as the publisher of these copies. The front cover must present the full title with all words of the title equally prominent and visible. You may add other material on the covers in addition. Copying with changes limited to the covers, as long as they preserve the title of the Document and satisfy these conditions, can be treated as verbatim copying in other respects. If the required texts for either cover are too voluminous to fit legibly, you should put the first ones listed (as many as fit reasonably) on the actual cover, and continue the rest onto adjacent pages. If you publish or distribute Opaque copies of the Document numbering more than 100, you must either include a machine-readable Transparent copy along with each Opaque copy, or state in or with each Opaque copy a publicly-accessible computer-network location containing a complete Transparent copy of the Document, free of added material, which the general network-using public has access to download anonymously at no charge using public-standard network protocols. If you use the latter option, you must take reasonably prudent steps, when you begin distribution of Opaque copies in quantity, to ensure that this Transparent copy will remain thus accessible at the stated location until at least one year after the last time you distribute an Opaque copy (directly or through your agents or retailers) of that edition to the public. It is requested, but not required, that you contact the authors of the Document well before redistributing any large number of copies, to give them a chance to provide you with an updated version of the Document. ------------------------------------------------------------------------------- M.5. MODIFICATIONS You may copy and distribute a Modified Version of the Document under the conditions of sections 2 and 3 above, provided that you release the Modified Version under precisely this License, with the Modified Version filling the role of the Document, thus licensing distribution and modification of the Modified Version to whoever possesses a copy of it. In addition, you must do these things in the Modified Version: A. Use in the Title Page (and on the covers, if any) a title distinct from that of the Document, and from those of previous versions (which should, if there were any, be listed in the History section of the Document). You may use the same title as a previous version if the original publisher of that version gives permission. B. List on the Title Page, as authors, one or more persons or entities responsible for authorship of the modifications in the Modified Version, together with at least five of the principal authors of the Document (all of its principal authors, if it has less than five). C. State on the Title page the name of the publisher of the Modified Version, as the publisher. D. Preserve all the copyright notices of the Document. E. Add an appropriate copyright notice for your modifications adjacent to the other copyright notices. F. Include, immediately after the copyright notices, a license notice giving the public permission to use the Modified Version under the terms of this License, in the form shown in the Addendum below. G. Preserve in that license notice the full lists of Invariant Sections and required Cover Texts given in the Document's license notice. H. Include an unaltered copy of this License. I. Preserve the section entitled "History", and its title, and add to it an item stating at least the title, year, new authors, and publisher of the Modified Version as given on the Title Page. If there is no section entitled "History" in the Document, create one stating the title, year, authors, and publisher of the Document as given on its Title Page, then add an item describing the Modified Version as stated in the previous sentence. J. Preserve the network location, if any, given in the Document for public access to a Transparent copy of the Document, and likewise the network locations given in the Document for previous versions it was based on. These may be placed in the "History" section. You may omit a network location for a work that was published at least four years before the Document itself, or if the original publisher of the version it refers to gives permission. K. In any section entitled "Acknowledgements" or "Dedications", preserve the section's title, and preserve in the section all the substance and tone of each of the contributor acknowledgements and/or dedications given therein. L. Preserve all the Invariant Sections of the Document, unaltered in their text and in their titles. Section numbers or the equivalent are not considered part of the section titles. M. Delete any section entitled "Endorsements". Such a section may not be included in the Modified Version. N. Do not retitle any existing section as "Endorsements" or to conflict in title with any Invariant Section. If the Modified Version includes new front-matter sections or appendices that qualify as Secondary Sections and contain no material copied from the Document, you may at your option designate some or all of these sections as invariant. To do this, add their titles to the list of Invariant Sections in the Modified Version's license notice. These titles must be distinct from any other section titles. You may add a section entitled "Endorsements", provided it contains nothing but endorsements of your Modified Version by various parties--for example, statements of peer review or that the text has been approved by an organization as the authoritative definition of a standard. You may add a passage of up to five words as a Front-Cover Text, and a passage of up to 25 words as a Back-Cover Text, to the end of the list of Cover Texts in the Modified Version. Only one passage of Front-Cover Text and one of Back-Cover Text may be added by (or through arrangements made by) any one entity. If the Document already includes a cover text for the same cover, previously added by you or by arrangement made by the same entity you are acting on behalf of, you may not add another; but you may replace the old one, on explicit permission from the previous publisher that added the old one. The author(s) and publisher(s) of the Document do not by this License give permission to use their names for publicity for or to assert or imply endorsement of any Modified Version. ------------------------------------------------------------------------------- M.6. COMBINING DOCUMENTS You may combine the Document with other documents released under this License, under the terms defined in section 4 above for modified versions, provided that you include in the combination all of the Invariant Sections of all of the original documents, unmodified, and list them all as Invariant Sections of your combined work in its license notice. The combined work need only contain one copy of this License, and multiple identical Invariant Sections may be replaced with a single copy. If there are multiple Invariant Sections with the same name but different contents, make the title of each such section unique by adding at the end of it, in parentheses, the name of the original author or publisher of that section if known, or else a unique number. Make the same adjustment to the section titles in the list of Invariant Sections in the license notice of the combined work. In the combination, you must combine any sections entitled "History" in the various original documents, forming one section entitled "History"; likewise combine any sections entitled "Acknowledgements", and any sections entitled "Dedications". You must delete all sections entitled "Endorsements." ------------------------------------------------------------------------------- M.7. COLLECTIONS OF DOCUMENTS You may make a collection consisting of the Document and other documents released under this License, and replace the individual copies of this License in the various documents with a single copy that is included in the collection, provided that you follow the rules of this License for verbatim copying of each of the documents in all other respects. You may extract a single document from such a collection, and distribute it individually under this License, provided you insert a copy of this License into the extracted document, and follow this License in all other respects regarding verbatim copying of that document. ------------------------------------------------------------------------------- M.8. AGGREGATION WITH INDEPENDENT WORKS A compilation of the Document or its derivatives with other separate and independent documents or works, in or on a volume of a storage or distribution medium, does not as a whole count as a Modified Version of the Document, provided no compilation copyright is claimed for the compilation. Such a compilation is called an "aggregate", and this License does not apply to the other self-contained works thus compiled with the Document, on account of their being thus compiled, if they are not themselves derivative works of the Document. If the Cover Text requirement of section 3 is applicable to these copies of the Document, then if the Document is less than one quarter of the entire aggregate, the Document's Cover Texts may be placed on covers that surround only the Document within the aggregate. Otherwise they must appear on covers around the whole aggregate. ------------------------------------------------------------------------------- M.9. TRANSLATION Translation is considered a kind of modification, so you may distribute translations of the Document under the terms of section 4. Replacing Invariant Sections with translations requires special permission from their copyright holders, but you may include translations of some or all Invariant Sections in addition to the original versions of these Invariant Sections. You may include a translation of this License provided that you also include the original English version of this License. In case of a disagreement between the translation and the original English version of this License, the original English version will prevail. ------------------------------------------------------------------------------- M.10. TERMINATION You may not copy, modify, sublicense, or distribute the Document except as expressly provided for under this License. Any other attempt to copy, modify, sublicense or distribute the Document is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. ------------------------------------------------------------------------------- M.11. FUTURE REVISIONS OF THIS LICENSE The Free Software Foundation may publish new, revised versions of the GNU Free Documentation License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. See http://www.gnu.org/copyleft/. Each version of the License is given a distinguishing version number. If the Document specifies that a particular numbered version of this License "or any later version" applies to it, you have the option of following the terms and conditions either of that specified version or of any later version that has been published (not as a draft) by the Free Software Foundation. If the Document does not specify a version number of this License, you may choose any version ever published (not as a draft) by the Free Software Foundation. ------------------------------------------------------------------------------- M.12. How to use this License for your documents To use this License in a document you have written, include a copy of the License in the document and put the following copyright and license notices just after the title page: Copyright (c) YEAR YOUR NAME. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.1 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST. A copy of the license is included in the section entitled "GNU Free Documentation License". If you have no Invariant Sections, write "with no Invariant Sections" instead of saying which ones are invariant. If you have no Front-Cover Texts, write "no Front-Cover Texts" instead of "Front-Cover Texts being LIST"; likewise for Back-Cover Texts. If your document contains nontrivial examples of program code, we recommend releasing these examples in parallel under your choice of free software license, such as the GNU General Public License, to permit their use in free software. Notes [1] This is the hardware need with Coyote Linux version 2.06, there is however plans in the future to drop support for machines without math co-processor, which will raise the minimum specification in the cpu to something in the neighbourhood of Pentium 133 MHz. There is also plans to move from system run only from floppy, to system where Coyote Linux is installed on the harddrive. These new features will most likely come with version 3.0 of Coyote Linux. 22.7.2004 seems the support for machines without a math-Co-processor was removed with version 2.11 [2] This might change when moving to version 3.0 of Coyote Linux, more available space on a harddrive gives room for more automation and tools. [3] This assumes a small Skolelinux/Debian-edu network with only one machine on the 10.0.2/23-backbone network, for bigger installation this crossed cable is replaced with a straight cable conectedt to a switch, refer to network map at FIXME the sidebar Placeholder for fixme[id=fixme] [4] In coming versions of Skolelinux/Debian-edu will will try to implement AFS instead of NFS, Andrew File System, [5] It's possible in theory to get it to work with as little as 12MB of ram, it's not advisable, it goes rather slow. [6] At the moment we use ltsp3 in Skolelinux/Debian-edu, with the newer ltsp4 that we might in the future use (although we might opt for lessdisks instead of ltsp in the future) there is an easy option to use the thinclient in a so called half-thin way, with programs running from the harddrive on the thinclient itself, then naturally you need both a harddrive and a fast cpu. [7] In Skolelinux/Debian-edu versions prior to Pre Release PR47 we had a rather old version of Xfree86, now we include the backported version 4.2.1, if you had problems with the videocard in your laptop with earlier versions of Skolelinux/Debian-edu, you should see if the Xfree86 4.2.1 is better for you. [8] If you made the Coyote Linux floppy on Windows, then you have already set a root-password, and you don't need to do so now, but you must use this password to login to Coyote Linux. [9] Earlier versions of Skolelinux/Debian-edu used a older version of bind, the restart-script was then placed in /etc/init.d/bind restart [10] Maybe someone in the future will add the possibility to play Solitaire during install [11] See the sidebar GUI for a short explanation on GUI. [12] In versions of Skolelinux/Debian-edu prior ro RC3, the bootup screen was different, now it includes the Skolelinux logo. [13] You might want to reduce the amount of ram visible to the installer, see Section 2.5 [14] Regardless of what kind of language you use during installation, your users can choose another language, French, German, English, Spanish etc. [15] Often programs are called packages. [16] For the brave ond foolish, there is always a way, have a look at install_without_autopartkit.txt [17] GRUB is the bootloader used in Skolelinux/Debian-edu, another often used bootloader is LILO, which you can choose to install if you have chosen a expert installation method, or later when the installation of Skolelinux/ Debian-edu is finished. [18] You can find the contents of this messages with the command dmesg, and by looking in the files /var/log/dmesg, /var/log/daemon.log. [19] There has been discussions to add further partitions, like one for /var/ log/squid [20] This check and repair is also done as a part of the resize process by the command e2fsadm, but it's better to be on the safe side. [21] http://bugs.skolelinux.no/show_bug.cgi?id=439, you need to be a bit careful when resizing partitions. [22] The thinclients must have their mac-address locked to an ip-address in / etc/dhcp3/dhcpd-skolelinux in order to get a swapfile. [23] The size of these swapfiles, and wheter they are enabled or not, is defined in /opt/ltsp/i386/etc/lts.conf, look for the lines SWAPFILE_SIZE= 32m and USE_NFS_SWAP = [24] Fra Skolelinux/Debian-edu pr47 m alle maskiner du nsker eksporte til v re medlem av en nettgruppe, se Section 8.6, linja vil da se slik ut / skole/video @ltsp-server-hosts(rw) @workstation-hosts(rw) @server-hosts (rw) [25] I tidligere versjoner av Skolelinux/Debian-edu, f r pr47, ble en eldre versjon av dhcp brukt, da l konfigurasjonsfilene under /etc/ dhcpd-skolelinux.conf [26] I tidligere versjoner av Skolelinux/Debian-edu, f r pr47, ble en eldre versjon av dhcp brukt, da l dette skriptet under /etc/init.d/dhcp restart [27] I tidligere versjoner av Skolelinux/Debian-edu het denne kommandoen ldap-skolelinux-install