Debian
Postinstall
Static network configuration
$ cat /etc/network/interfaces auto lo eth0 iface lo inet loopback iface eth0 inet static address 192.168.0.3 netmask 255.255.255.0 gateway 192.168.0.1 iface eth0 inet6 static address 2001:1234:0:1::15 netmask 64 gateway 2001:1234:0:1::1 $ cat /etc/resolv.conf nameserver 192.168.0.1 nameserver 2001:1234:0:1::1 domain example.com search example.com
WiFi
wpa_supplicant
In Debian, interfaces(5) understands several wireless-options. However, we could also point to a configuration file (wpa-conf
) where these options are saved:
$ chmod 0600 /etc/network/interfaces $ cat /etc/network/interfaces [...] iface wlan0 inet static address 192.168.0.4 netmask 255.255.255.0 # wpa-driver wired # 802.1x in a wired network # wpa-driver wext # CONFIG_CFG80211_WEXT must be enabled wpa-driver nl80211 # CONFIG_CFG80211 must be enabled wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf # wpa-ssid "xxx" # wpa-psk "yyy" # wpa-key-mgmgt WPA-PSK # wpa-group CCMP # wpa-pairwise CCMP # wpa-proto WPA2 # wpa-ap-scan 0 # post-up /usr/sbin/service rng-tools restart # pre-down /usr/sbin/service rng-tools stop
Note that almost all wpa-
options are commented out, only wpa-driver
and wpa-conf
are active! The wpa_supplicant.conf(5) would look like this:
$ chmod 0600 /etc/wpa_supplicant/wpa_supplicant.conf $ cat /etc/wpa_supplicant/wpa_supplicant.conf ctrl_interface=/var/run/wpa_supplicant ctrl_interface_group=netdev network={ disabled=1 ssid="network-1" psk="yyy" proto=WPA2 key_mgmt=WPA-PSK pairwise=CCMP group=CCMP } network={ disabled=0 ssid="network-2" psk="zzz" proto=WPA2 key_mgmt=WPA-PSK pairwise=CCMP group=CCMP }
iwlwifi
The iwlwifi[1][2] wireless network driver needs (as many others do) the right firmware[3] to run:
$ sudo apt-get install firmware-iwlwifi
$ sudo modprobe iwlwifi
$ sudo dmesg
[...]
[ 706.616181] iwlwifi 0000:04:00.0: setting latency timer to 64
[ 706.616238] iwlwifi 0000:04:00.0: pci_resource_len = 0x00002000
[ 706.616241] iwlwifi 0000:04:00.0: pci_resource_base = ffffc90005420000
[ 706.616245] iwlwifi 0000:04:00.0: HW Revision ID = 0xC4
[ 706.616388] iwlwifi 0000:04:00.0: irq 45 for MSI/MSI-X
[ 706.616474] iwlwifi 0000:04:00.0: Detected 2000 Series 2x2 BGN/BT, REV=0xC8
[ 706.616587] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[ 706.633216] iwlwifi 0000:04:00.0: device EEPROM VER=0x81c, CALIB=0x6
[ 706.633220] iwlwifi 0000:04:00.0: Device SKU: 0X150
[ 706.633224] iwlwifi 0000:04:00.0: Valid Tx ant: 0X3, Valid Rx ant: 0X3
[ 706.633263] iwlwifi 0000:04:00.0: Tunable channels: 13 802.11bg, 0 802.11a channels
[ 706.638487] iwlwifi 0000:04:00.0: firmware: agent loaded iwlwifi-2030-6.ucode into memory
[ 706.638497] iwlwifi 0000:04:00.0: loaded firmware version 18.168.6.1
[ 706.639027] Registered led device: phy1-led
[ 706.648866] ieee80211 phy1: Selected rate control algorithm 'iwl-agn-rs'
[ 706.670796] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[ 706.678436] iwlwifi 0000:04:00.0: Radio type=0x2-0x0-0x0
[ 706.939926] iwlwifi 0000:04:00.0: L1 Enabled; Disabling L0S
[ 706.947551] iwlwifi 0000:04:00.0: Radio type=0x2-0x0-0x0
sources.list
deb https://deb.debian.org/debian/ stable main contrib non-free deb https://deb.debian.org/debian/ stable-updates main contrib non-free deb https://deb.debian.org/debian-security/ stable/updates main contrib non-free # deb https://deb.debian.org/debian/ stable-proposed-updates main contrib non-free # deb https://deb.debian.org/debian/ stable-backports main contrib non-free # deb https://deb.debian.org/debian/ experimental main contrib non-free # deb http://archive.debian.org/debian/ potato main contrib non-free
Valid sections are:
- main - must comply with the DFSG and must not require a package outside of main
- contrib - must comply with the DFSG
- non-free - are not compliant with the DFSG
Notes:
- DebianGeoMirror -
cdn.debian.net
has been marked deprecated. - SourcesList
Packages
Install missing packages:
apt-get install acl apt-listchanges atop attr autossh bc bzip2 ca-certificates curl deborphan debsums git haveged s-nail htop iftop iotop irqbalance ksh less libpam-tmpdir lsof mlocate netcat-openbsd openssh-server p7zip-full pbzip2 pigz pv pwgen rsync screen sharutils smartmontools strace sudo sysstat vim vnstat whois zsh
For x86 based systems:
firmware-iwlwifi i7z intel-microcode mcelog memtest86+ msr-tools
For desktop systems:
chromium flashplugin-nonfree gedit gnome-core gnome-themes gnome-tweak-tool icedove enigmail firefox libcanberra-gtk-module xul-ext-https-everywhere xul-ext-noscript xul-ext-refcontrol libreoffice-calc libreoffice-writer pidgin pidgin-otr rdesktop sox xtightvncviewer ekiga
Remove old kernel versions:[4]
apt-get -V purge $(dpkg -l | awk '/linux-(headers|image)-[0-9]/ {print $2}' | grep -v $(uname -r | cut -d- -f1,2))
Gnome 3
To make Gnome 3 usable[5] again, we're using a few extenions:
- system-monitor
- Quit Button - D'oh!
- Alternative Status Menu
- Panel World Clock
- Remove Accessibility - Remove the accessibility button from the top panel.
- AlternateTab - Substitute Alt-Tab with a window based switcher that does not group by application.[6]
We'll also install GNOME Tweak Tool to have a bit more control over how Gnome 3 behaves.
Enable drag-and-drop:[7]
gsettings set org.gnome.nautilus.preferences use-experimental-views false
SMTP
Instead of installing a full blown MTA on a client machine, we'll install an SMTP client[8] to forward all mail to a smarthost, no mail is handled locally. In our case, we'll go with ssmtp[9]
sudo apt-get install ssmtp
After ssmtp
is configured, /etc/ssmtp/ssmtp.conf
should look like this:
root=postmaster mailhub=mail.example.org hostname=thismachine.example.org FromLineOverride=NO
Upgrading
Let's say we want to upgrade from Squeeze (6.0) to Wheezy (7.0). First we update the package lists:
sed 's/squeeze/wheezy/' -i /etc/apt/sources.list apt-get update
The manual suggests to try a minimal upgrade first, followed by upgrading the kernel and udev:
apt-get install linux-image-ARCH apt-get install udev
And finally the dist-upgrade:
apt-get -V dist-upgrade apt-get clean deborphan --guess-all
See also dpkg.old
Downgrading
Not sure why someone wants this, but here we go, downgrading from squeeze (6.0) to Lenny (5.0):
$ sed 's|http\.debian\.net|archive.debian.org|;s|squeeze|lenny|' -i /etc/apt/sources.list $ cat /etc/apt/sources.list deb http://archive.debian.org/debian/ lenny main deb http://archive.debian.org/debian/ lenny-updates main deb http://security.debian.org/ lenny/updates main apt-get update && apt-get -V dist-upgrade && apt-get clean && deborphan --guess-all
Note: this utilizes archive.debian.org!
Backports
backports.debian.org has quite a few backports to the always-too-old stable release of our beloved Debian GNU/Linux distribution. They advise us to add this to /etc/apt/sources.list
:
deb http://http.debian.net/debian/ jessie-backports main contrib non-free
Let's pin a few packages from the backports repository:
$ cat /etc/apt/preferences.d/backports.pref Package: linux-libc-dev linux-image-amd64 linux-headers-amd64 linux-base linux-perf Pin: release a=jessie-backports Pin-Priority: 1000
Execute "apt-get update"
to update the package lists. However, since we're using GPG-signed Release files, apt-get
might whine about:
W: GPG error: http://backports.debian.org/ lenny-backports Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY EA8E8B2116BA136C W: You may want to run apt-get update to correct these problems
We have to receive and import the correct key:
gpg --keyserver pgpkeys.pca.dfn.de --recv-keys EA8E8B2116BA136C gpg --armor --export EA8E8B2116BA136C | apt-key add -
Now apt-get update
should run fine.
Links
- Bugs
- Kickstart
- Debian Releases
- Rebuilding official Debian kernel packages
- DebianKernelCustomCompilation
- INVOKE-RC.D (/usr/sbin/invoke-rc.d) interface
- tracker.debian.org/pkg/linux
References
- ↑ Linux wireless: iwlwifi
- ↑ Intel Wireless WiFi Link, Wireless-N, Advanced-N, Ultimate-N devices
- ↑ firmware-iwlwifi (non-free)
- ↑ purge-old-kernels (why this is part of the byobu package is unknown)
- ↑ Any gnome3 knowledgeable people out here?
- ↑ How to prevent Gnome-shell's Alt+Tab from grouping windows from similar apps?
- ↑ Drag and drop not working inside Nautilus on Ubuntu 17.10
- ↑ Msmtp: An SMTP client
- ↑ sSMTP - Simple SMTP