Debian

From Segfault
Jump to: navigation, search

Postinstall

Static network configuration

$ cat /etc/network/interfaces 
auto lo eth0

iface lo inet loopback
 
iface eth0 inet static
      address 192.168.0.3
      netmask 255.255.255.0
      gateway 192.168.0.1
  
iface eth0 inet6 static
      address 2001:1234:0:1::15
      netmask 64
      gateway 2001:1234:0:1::1

$ cat /etc/resolv.conf 
nameserver 192.168.0.1
nameserver 2001:1234:0:1::1
domain example.com
search example.com

WiFi

wpa_supplicant

In Debian, interfaces(5) understands several wireless-options. However, we could also point to a configuration file (wpa-conf) where these options are saved:

$ chmod 0600 /etc/network/interfaces
$ cat /etc/network/interfaces
[...]
iface wlan0 inet static
       address         192.168.0.4
       netmask         255.255.255.0
#      wpa-driver      wired             # 802.1x in a wired network
#      wpa-driver      wext              # CONFIG_CFG80211_WEXT must be enabled
       wpa-driver      nl80211           # CONFIG_CFG80211      must be enabled
       wpa-conf        /etc/wpa_supplicant/wpa_supplicant.conf
#      wpa-ssid        "xxx"
#      wpa-psk         "yyy"
#      wpa-key-mgmgt   WPA-PSK
#      wpa-group       CCMP
#      wpa-pairwise    CCMP
#      wpa-proto       WPA2
#      wpa-ap-scan     0
#      post-up         /usr/sbin/service rng-tools restart
#      pre-down        /usr/sbin/service rng-tools stop

Note that almost all wpa- options are commented out, only wpa-driver and wpa-conf are active! The wpa_supplicant.conf(5) would look like this:

$ chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf
$ cat /etc/wpa_supplicant/wpa_supplicant.conf
ctrl_interface=/var/run/wpa_supplicant
ctrl_interface_group=netdev

network={
	disabled=1
 	    ssid="network-1"
	     psk="yyy"
	   proto=WPA2
	key_mgmt=WPA-PSK
	pairwise=CCMP
	   group=CCMP
}

network={
	disabled=0
	    ssid="network-2"
	     psk="zzz"
	   proto=WPA2
	key_mgmt=WPA-PSK
	pairwise=CCMP
	   group=CCMP
}

iwlwifi

The iwlwifi[1][2] wireless network driver needs (as many others do) the right firmware[3] to run:

$ sudo apt-get install firmware-iwlwifi
$ sudo modprobe iwlwifi
$ sudo dmesg
[...]
[  706.616181] iwlwifi 0000:04:00.0: setting latency timer to 64
[  706.616238] iwlwifi 0000:04:00.0: pci_resource_len = 0x00002000
[  706.616241] iwlwifi 0000:04:00.0: pci_resource_base = ffffc90005420000
[  706.616245] iwlwifi 0000:04:00.0: HW Revision ID = 0xC4
[  706.616388] iwlwifi 0000:04:00.0: irq 45 for MSI/MSI-X
[  706.616474] iwlwifi 0000:04:00.0: Detected 2000 Series 2x2 BGN/BT, REV=0xC8
[  706.616587] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[  706.633216] iwlwifi 0000:04:00.0: device EEPROM VER=0x81c, CALIB=0x6
[  706.633220] iwlwifi 0000:04:00.0: Device SKU: 0X150
[  706.633224] iwlwifi 0000:04:00.0: Valid Tx ant: 0X3, Valid Rx ant: 0X3
[  706.633263] iwlwifi 0000:04:00.0: Tunable channels: 13 802.11bg, 0 802.11a channels
[  706.638487] iwlwifi 0000:04:00.0: firmware: agent loaded iwlwifi-2030-6.ucode into memory
[  706.638497] iwlwifi 0000:04:00.0: loaded firmware version 18.168.6.1
[  706.639027] Registered led device: phy1-led
[  706.648866] ieee80211 phy1: Selected rate control algorithm 'iwl-agn-rs'
[  706.670796] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[  706.678436] iwlwifi 0000:04:00.0: Radio type=0x2-0x0-0x0
[  706.939926] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[  706.947551] iwlwifi 0000:04:00.0: Radio type=0x2-0x0-0x0

sources.list

deb http://http.debian.net/debian/               jessie                   main contrib non-free
deb http://http.debian.net/debian/               jessie-updates           main contrib non-free
deb http://http.debian.net/debian/               jessie-proposed-updates  main contrib non-free
deb http://security.debian.org/                  jessie/updates           main contrib non-free
# deb http://http.debian.net/debian-backports    jessie-backports         main contrib non-free
# deb http://cdn.debian.net/debian/              experimental             main
# deb http://archive.debian.org/debian/          potato                   main contrib non-free

Valid https://www.debian.org/doc/debian-policy/#archive-areas sections] are:

  • main - must comply with the DFSG and must not require a package outside of main
  • contrib - must comply with the DFSG
  • non-free - are not compliant with the DFSG

Notes:

Packages

Install missing packages:

apt-get install acl apt-file apt-listchanges atop attr autossh bc bzip2 ca-certificates chrony cryptsetup curl deborphan devscripts debsums ecryptfs-utils git-core haveged s-nail htop iftop iotop irqbalance ksh less libpam-tmpdir lsof mlocate moreutils netcat-openbsd openssh-server openvpn p7zip-full pbzip2 pigz pv pwgen pxz rsync screen sharutils smartmontools ssmtp strace subversion sudo sysstat thermald vim vnstat whois zsh

For x86 based systems:

firmware-iwlwifi i7z intel-microcode mcelog memtest86+ msr-tools

For desktop systems:

chromium flashplugin-nonfree gedit gnome-core gnome-themes gnome-tweak-tool icedove enigmail firefox libcanberra-gtk-module xul-ext-https-everywhere xul-ext-noscript xul-ext-refcontrol libreoffice-calc libreoffice-writer pidgin pidgin-otr rdesktop sox xtightvncviewer ekiga


Remove old kernel versions:

apt-get -V purge $(dpkg -l | awk '/linux-(headers|image)-[0-9]/ {print $2}' | grep -v `uname -r | cut -d- -f1,2`)

Gnome 3

To make Gnome 3 usable[4] again, we're using a few extenions:

We'll also install GNOME Tweak Tool to have a bit more control over how Gnome 3 behaves.

SMTP

Instead of installing a full blown MTA on a client machine, we'll install an SMTP client[6] to forward all mail to a smarthost, no mail is handled locally. In our case, we'll go with ssmtp[7]

sudo apt-get install ssmtp

After ssmtp is configured, /etc/ssmtp/ssmtp.conf should look like this:

root=postmaster
mailhub=mail.example.org
hostname=thismachine.example.org
FromLineOverride=NO

Upgrading

Let's say we want to upgrade from Squeeze (6.0) to Wheezy (7.0). First we update the package lists:

sed 's/squeeze/wheezy/' -i /etc/apt/sources.list
apt-get update

The manual suggests to try a minimal upgrade first, followed by upgrading the kernel and udev:

apt-get install linux-image-ARCH
apt-get install udev

And finally the dist-upgrade:

apt-get -V dist-upgrade
apt-get clean
deborphan --guess-all

See also dpkg.old

Downgrading

Not sure why someone wants this, but here we go, downgrading from squeeze (6.0) to Lenny (5.0):

$ sed 's|http\.debian\.net|archive.debian.org|;s|squeeze|lenny|' -i /etc/apt/sources.list
$ cat /etc/apt/sources.list
deb http://archive.debian.org/debian/            lenny                   main
deb http://archive.debian.org/debian/            lenny-updates           main
deb http://security.debian.org/                  lenny/updates           main

apt-get update && apt-get -V dist-upgrade && apt-get clean && deborphan --guess-all

Note: this utilizes archive.debian.org!

Backports

backports.debian.org has quite a few backports to the always-too-old stable release of our beloved Debian GNU/Linux distribution. They advise us to add this to /etc/apt/sources.list:

deb http://http.debian.net/debian/      jessie-backports         main contrib non-free

Let's pin a few packages from the backports repository:

$ cat /etc/apt/preferences.d/backports.pref 
Package: linux-libc-dev linux-image-amd64 linux-headers-amd64 linux-base linux-perf

Pin: release a=jessie-backports
Pin-Priority: 1000

Execute "apt-get update" to update the package lists. However, since we're using GPG-signed Release files, apt-get might whine about:

W: GPG error: http://backports.debian.org/ lenny-backports Release: The following signatures couldn't be
   verified because the public key is not available: NO_PUBKEY EA8E8B2116BA136C
W: You may want to run apt-get update to correct these problems

We have to receive and import the correct key:

gpg --keyserver pgpkeys.pca.dfn.de --recv-keys EA8E8B2116BA136C
gpg --armor --export EA8E8B2116BA136C | apt-key add -

Now apt-get update should run fine.

Links

References