Tag Archives: debian

CTRL-ALT-DEL: Debian on Desktop

I run debian+gnome on a VMware desktop. One of the annoying things is when I press CTRL-ALT-DEL to lock Windows (the hosting OS), the guest OS picks it up and I come back to a powered down VM.

Google results will tell you that disabling it in /etc/inittab or gconf-edit will do the trick. That’s just not the case.

You need to go to system > preferences > keyboard shortcuts and disable it there.

This completely disables it.

Debian NAS

I wanted a centralized home storage system that could feed all my other toys. Data stored on this will include MySQL datafiles, our MP3 collection, website directories and all our receipts printed out in PDF format (Yay! CutePDF) among other things. And so the fun began…

I did some test installs of various “turnkey” solutions such as Openfiler.

Openfiler just didn’t seem stable enough. Arrays would claim to have faulty drives and start rebuilding the arrays at the strangest times. Only to find out, via 3rd party tools, that the drive was fine. The web interface was ok but I would have organized it differently. Minus that, Openfiler has a lot of potential.

In the end, for what I wanted, it was easier to do a netinstall of Debian and add the things I needed.

Started with this: Debian RAID

Changes:
Raid5 first
Raid1 with leftovers
Flat filesystem
Swap on Raid5

Problems:
Bad mainboard
Bad harddrive
BIOS truncation of HD hardware address forcing me to "find" the bootdisk manually.

Hardware:
ECS RS482-M754 w/ AMD Sempron 3200+ (Bundled)
4x Seagate Barracuda 7200.10 ST3250620AS 250GB
2x AllComponents 512MB 184-Pin SDRAM DDR 400

The mainboard had problems POSTing but I couldn't really determine if it was board, memory or CPU, so it (board, memory and processor) was replaced with:

MSI K9AGM2-L AM2 AMD 690V Micro ATX
AMD Sempron 64 3400+ Manila 1.8GHz Socket 754
2x Kingston 512MB 240-Pin SDRAM DDR2 800

Ended up having a dodgey harddrive too. Awaiting the RMA return. But that didn't stop the project, it's just running without a spare at the moment.

NFS with assigned ports: Securing NFS

This is used for our websites' files and MP3 collection. The MP3's are accessed internally via Jinzora and accessed via laptops, HTPC's etc.

Samba:
9 times out of 10, we're accessing the NAS interactively from laptops running windows. I didn't really look for a site that explained how to setup Samba on Debian. Just knit picked around google until my shares were up and running.

AoE for database files: AoE on Debian

First, the above URL is not quite complete, it's missing a few steps, which I have outlined below.

There are some security risks one should be aware of when implementing AoE. One item is the ability to X-mount an AoE LUN on another server causing corruption and all sorts of other nastiness. I've heard there are certain implementations that allow MAC filter and other security mechanisms to make this more secure. But in the end, you will still be shipping data in the clear over the wire.

I decided the ease of use were worth the risks.

Given that data files were going to live on the AoE devices, I wanted some extensive, longterm testing. I kept the originals and did some link chicanery for the test.

As I stated earlier, the AoE How-To linked is not complete but still makes a decent starting point. Below is a quick step-by-step.

Keep in mind the initiator is the "client" and the target is the "server". These are Debian specific instructions.

Initiator:
Install the client tools
apt-get install aoe-tools

Create the /dev structure
aoe-mkdevs /dev/etherd

Target:
apt-get install vblade

Create a device to export
lvcreate -n myAoE --size 10g my_vg0

Export device in userland for testing
vblade 0 1 eth1 /dev/my_vg0/myAoE &

Initiator:
aoe-discover

List AoE devices
aoe-stat

Create filesystem on device
mkfs.ext3 /dev/etherd/e0.1

Mount our new AoE device
mount /dev/etherd/e0.1 /data

And there you have it. In the end, I have 500GB of usable space in the first array. This includes a spare. All told, $415 delivered from NewEgg.

Next, I will be adding 4x 500GB drives for another array. At the current prices, you just can't beat the $ per GB.

Debian: Email Server Build

Another semi-how-to for my old email server build.

1. Partition harddrive:
/boot 150MB Primary hda1 bootable
/ 3000MB Logical hda5
/var 15000MB Logical hda6
/home 6000MB Logical hda7
swap 1024MB Primary hda3 end of drive
/usr Balance Logical hda8

2. Activate swap partition
3. Initialize / first, then the rest (all partitions ext3)
4. Install kernel
5. Configure network
6. Install base system via http
7. Make system bootable
a. Install lilo into the MBR
b. Put all entries into menu
8. Reboot system
9. Remove pcmcia packages
10. Cancel out of all package managers (tasksel and apt)
11. No configuration of email system (exim)
12. Edit /etc/apt/sources.list to run Sarge:
deb http://debian.mirrors.pair.com sarge main non-free contrib
deb http://ftp.uk.debian.org/debian-non-US sarge/non-US main non-free contrib
deb http://security.debian.org/ sarge/updates main contrib non-free
13. apt-get update
14. apt-get dist-upgrade (may have to run multiple times)
15. apt-get install dhcp3-server (use config in cvs)
16. apt-get install bind9 (use namedb files in cvs)
17. apt-get install apache-common (use config in cvs)
18. apt-get install postfix-tls postfix-mysql
a. Internet with smarthost
b. mail.mchsi.com (for relaying)
c. noc@tekengine.net (added to aliases)
19. Configure postfix main.cf
a. useradd virtual (same uid/gid list in main.cf)
b. mkdir /var/virtual (chmod 750, chown virtual)
c. copy virtual dir to current server
d. copy mysql* files to /etc/postfix (use files in cvs)
e. /etc/init.d/postfix restart
f. mailq to check queue status
20. apt-get install libsasl2-modules libsasl2-modules-mysql
a. configure main.cf (check cvs)
b. copy smtpd.conf to /etc/postfix/sasl (file in cvs)
21. Test connectivity
a. telnet mercury 25
b. send email using client on LAN
22. apt-get install amavisd-new clamav-daemon spamassassin
a. accept defaults
23. apt-get install courier-imap-ssl courier-authmysql courier-pop-ssl
a. edit authdaemon
b. edit authmysql
c. /etc/init.d/courier-authdaemon
24. Edit amavis conf file to desired thresholds
25. Edit master.cf and main.cf to use amavisd

conf files:
/etc/courier/authmysqlsrc
/etc/postfix/mysql*
/etc/postfix/sasl/smtpd.conf
squirrelmail config

Database Server Build

More for my records than anyone elses. Still someone may find some use for this information.

I started off by doing a standard network install of Debian Woody. After that I installed ssh and got to work.

Before doing anything else, I create a “poor man’s” disk mirror. This probably isn’t the best solution but it works for my needs. The first thing we need to do here is take a look at the current partition info:

venus:/# df | grep ^/dev
/dev/hde2 1999804 100580 1899224 6% /
/dev/hde1 999868 42036 957832 5% /boot
/dev/hde5 4000088 163476 3836612 5% /usr
/dev/hde6 999868 32840 967028 4% /tmp
/dev/hde7 4000088 37680 3962408 1% /home
/dev/hde8 16028688 198940 15829748 2% /var

The easiest way I have found to mirror the partition structure is using sfdisk.

venus:~# sfdisk -d /dev/hde | sfdisk /dev/hdg

sfdisk sends quite a bit of information to STDOUT, but the important data looks something like this:

Device Boot Start End #sectors Id System
/dev/hdg1 * 63 1999871 1999809 83 Linux
/dev/hdg2 1999872 5999615 3999744 83 Linux
/dev/hdg3 56058912 60058655 3999744 82 Linux swap
/dev/hdg4 5999616 56058911 50059296 5 Extended
/dev/hdg5 5999679 14000111 8000433 83 Linux
/dev/hdg6 14000175 15999983 1999809 83 Linux
/dev/hdg7 16000047 24000479 8000433 83 Linux
/dev/hdg8 24000543 56058911 32058369 83 Linux
Successfully wrote the new partition table

Re-reading the partition table …

The reiserfs filesystem was used, so reiserfsprogs is needed:

venus:/# apt-get install reiserfsprogs
venus:/# mkfs.reiserfs /dev/hdg2 (all the way through /dev/hdg8 from above)
Created a directory structure for mount points.
Mounted all the hdg filesystems.

venus:/# mount | grep ^/dev
/dev/hde2 on / type reiserfs (rw)
/dev/hde1 on /boot type reiserfs (rw)
/dev/hde5 on /usr type reiserfs (rw)
/dev/hde6 on /tmp type reiserfs (rw)
/dev/hde7 on /home type reiserfs (rw)
/dev/hde8 on /var type reiserfs (rw)
/dev/hdg2 on /SYSMIRROR/root type reiserfs (rw)
/dev/hdg1 on /SYSMIRROR/boot type reiserfs (rw)
/dev/hdg5 on /SYSMIRROR/usr type reiserfs (rw)
/dev/hdg6 on /SYSMIRROR/tmp type reiserfs (rw)
/dev/hdg7 on /SYSMIRROR/home type reiserfs (rw)
/dev/hdg8 on /SYSMIRROR/var type reiserfs (rw)

Created a system mirroring script and tested it:

venus:/SYSMIRROR# cat /usr/local/bin/sysmirror.sh
#!/bin/sh
cp -aux / /SYSMIRROR/root
cp -aux /boot/* /SYSMIRROR/boot
cp -aux /usr/* /SYSMIRROR/usr
cp -aux /tmp/* /SYSMIRROR/tmp
cp -aux /home/* /SYSMIRROR/home
cp -aux /var/* /SYSMIRROR/var
touch /var/log/sysmirror

After testing was completed, /etc/fstab was updated with the filesystems.

/dev/hde2 / reiserfs defaults 0 0
/dev/hde3 none swap sw 0 0
proc /proc proc defaults 0 0
/dev/fd0 /floppy auto user,noauto 0 0
/dev/cdrom /cdrom iso9660 ro,user,noauto 0 0
/dev/hde1 /boot reiserfs defaults 0 0
/dev/hde5 /usr reiserfs defaults 0 0
/dev/hde6 /tmp reiserfs defaults 0 0
/dev/hde7 /home reiserfs defaults 0 0
/dev/hde8 /var reiserfs defaults 0 0

/dev/hdg2 /SYSMIRROR/root reiserfs defaults 0 0
/dev/hdg1 /SYSMIRROR/boot reiserfs defaults 0 0
/dev/hdg5 /SYSMIRROR/usr reiserfs defaults 0 0
/dev/hdg6 /SYSMIRROR/tmp reiserfs defaults 0 0
/dev/hdg7 /SYSMIRROR/home reiserfs defaults 0 0
/dev/hdg8 /SYSMIRROR/var reiserfs defaults 0 0

reboot

Added crontab entry for the mirroring:

venus:~# crontab -l
#####
# Hourly entries
#####
00 * * * * /usr/local/bin/sysmirror.sh > /dev/null 2>&1

Updated /etc/apt/sources.list to move to Sarge

deb http://mirrors.kernel.org/debian/ sarge main non-free contrib
deb-src http://mirrors.kernel.org/debian/ sarge main non-free contrib
deb http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
deb-src http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
deb http://security.debian.org/ sarge/updates main contrib non-free

apt-get update
apt-get upgrade
apt-get dist-upgrade

Installed the following deb packages:

smp kernel
mysql
ntp-refclock
bind9
ssmtp
host

Created directory structure for NFS mount points and system backup:
Kludged a script together to backup over the network:

venus:~# cat /usr/local/bin/nfsmirror.sh
#!/bin/sh
mount 10.1.1.1:/DATA/backup /DATA
cp -aux / /DATA/venus/root
cp -aux /boot/* /DATA/venus/boot
cp -aux /home/* /DATA/venus/home
cp -aux /usr/* /DATA/venus/usr
cp -aux /var/* /DATA/venus/var
cp -aux /tmp/* /DATA/venus/tmp
touch /var/log/nfsmirror
umount /DATA

Added cron entry to backup entire system to the NFS mount once per day:

venus:~# crontab -l
#####
# Hourly entries
#####
00 * * * * /usr/local/bin/sysmirror.sh > /dev/null 2>&1

#####
# Daily entries
#####
30 00 * * * /usr/local/bin/nfsmirror.sh > /dev/null 2>&1

Installed mysqlbu.pl script.
Edited to fit environment.
Added cron entry to backup all databases once per hour, just prior to hourly system mirror:

#####
# Hourly entries
#####
00 * * * * /usr/local/bin/sysmirror.sh > /dev/null 2>&1
45 * * * * /usr/local/bin/mysqlbu.pl > /dev/null 2>&1

#####
# Daily entries
#####
30 00 * * * /usr/local/bin/nfsmirror.sh > /dev/null 2>&1