HowTos for general administration
The Getting Started and DebianEdu/Documentation/Etch/Maintainance chapters describe how to get started with Debian Edu and how to do the basic maintainance work. The howtos in this chapter are already "advanced" tips and tricks.
HowTos for general administration
- Installing single service machines for spreading the load from main-server
- Tracking /etc/ using the svk version control system
- Resize Partitions
- Using volatile.debian.org
- Using backports
- Access to skolelinux server from outside a firewall
- Creating a folder in all users home directory
- Easy access to USB and CDROM
- HowTos from wiki.debian.org
Installing single service machines for spreading the load from main-server
- barebone install using debian-edu-expert
- install the packages for the service
- configure the service
- disable the service on main-server
- update dns on main-server
Tracking /etc/ using the svk version control system
With the introduction of the debian-edu-etc-svk script in Debian Edu, all files in /etc/ are tracked using svk as a version control system. This make it possible to see when a file added, changed and removed, as well as what was changed if the file is a text file. The svk repository is stored in ~root/.svk/.
This feature is activated automatically in the Etch based version of Debian Edu, and all changes done during installation are registered. Changes in /etc/ are committed every hour.
List of useful commands:
debian-edu-etc-svk diff debian-edu-etc-svk log debian-edu-etc-svk status debian-edu-etc-svk commit debian-edu-etc-svk ignore
In a freshly installed system try this to see all changes done since the system was installed:
debian-edu-etc-svk diff -r6 | less
To see the list of changes done in /etc/, use this command:
debian-edu-etc-svk log | less
Here check revision numbers by date and time, Then to see all changes done since revision N say:
debian-edu-etc-svk diff -rN | less
To see the changes done to a specific file between specific revisions, specify the file and both revisions:
debian-edu-etc-svk diff -r46 -r64 /etc/resolv.conf | less
To revert a change, use the diff command to look at the change, and edit the file to undo the change, or use a command like this to do it automatically:
( cd /etc && debian-edu-etc-svk diff -r6 /etc/resolv.conf | patch -p1 -R )
To manually commit a file, because you don't want to wait up to an hour:
debian-edu-etc-svk commit /etc/resolv.conf
If you don't want a specific file to be tracked in svk, you can tell to ignore it. But this is rarely useful
debian-edu-etc-svk ignore /etc/path/to/file/to/be/ignored
For those who upgraded from sarge/woody
/etc in svk was introduced with the etch based release of Debian Edu. If you installed your system prior to this, you need to initialize svk once with the following command run as root:
This adds all files in /etc to svk and also activates the hourly commit cronjob.
Most partitions in Debian Edu are logical LVM volumes. Only the /boot/ partition is not. With the Debian/Etch release of Debian Edu, it is possible to extend partitions while they are mounted. This is a feature of the Linux kernel since version 2.6.10. Shrinking partitions still need to happen while the partition is unmounted.
It is a good idea to avoid creating very large partitions, as large partitions will take a long time to restore from backup if the need should arise, and file system check take a very long time for large partitions. A good limit can be 20 GiB. It is better, if possible, to create several smaller partitions than one very large one.
To make it easier to extend full partitions, the debian-edu-fsautoresize script is provided. When invoked, it reads the configuration from /usr/share/debian-edu-config/fsautoresizetab, /site/etc/fsautoresizetab and /etc/fsautoresizetab, and based on the rules provided in these files propose to extend partitions with too little free space. Without any arguments, it will only write the commands needed to extend the file system, and the argument -n is needed to actually extend the file systems.
Logical Volume Management
Logical Volume Management (LVM) enables resizing the partitions while they are mounted and in use. You can learn more about LVM in the LVM HowTo.
To extend a logical volume manually you simply tell the lvextend command how large you want it to grow to.
For example, to extend home0 to 30GB you use the following commands:
lvextend -L30G /dev/vg_system/skole+tjener+home0 resize2fs /dev/vg_system/skole+tjener+home0
Since volatile.debian.org is a relatively new service, introduced with Debian Etch, it's not enabled on default installations.
What is debian-volatile?
Quoting from the webpage:
- Some packages aim at fast moving targets, such as spam filtering and virus scanning, and even when using updated data patterns, they do not really work for the full time of a stable release. The main goal of volatile is allowing system administrators to update their systems in a nice, consistent way, without getting the drawbacks of using unstable, even without getting the drawbacks for the selected packages. So debian-volatile will only contain changes to stable programs that are necessary to keep them functional.
How to use volatile
Since the volatile archive key is included in the debian-archive-keyring package, which is installed by default, you do not have to add this key manually to roots keyring anymore. Just add the following line to /etc/apt/sources.list:
deb http://volatile.debian.org/debian-volatile etch/volatile main
And run aptitude update && aptitude upgrade.
You are running Debian Edu, because you prefer the stability of Debian Edu. It runs great, there is just one problem: sometimes software is a little bit more outdated as you like. This is where backports step in.
Backports are recompiled packages from Debian testing (mostly) and Debian unstable (in a few cases only, e.g. security updates), so they will run without new libraries (wherever it is possible) on a stable Debian distribution like Debian Edu. We recommend you to pick out single backports which fit your needs, and not to use all backports available there. Please follow the instructions on Backports to use these backports.
You can either use aptitude -t etch-backports install <packagename> to install or update packages once, or you can configure a package to be always installed from backports though /etc/apt/preferences which is described in the instructions.
The second variant has the advantage, that updates to backports are installed automatically when they are available. With the first variant you need to update manually.
apt-get install sun-java5-plugin sun-java5-jre sun-java5-fonts
Access to skolelinux server from outside a firewall
A boot script open-backdoor is provided in the debian-edu-config package to "break out" from behind a firewall. It is useful for system administrators responsible for several Debian Edu installations. It set up an SSH tunnel to another machine, allowing ssh login from the outside of the firewall.
To enable it, create a ssh key without a password, create a user on a remote host to use for ssh login, copy the public key into ~/.ssh/authorized_keys for the remote user used for and specify the login information in /etc/default/backdoor.
Content of /etc/default/backdoor should be similar to this:
RHOST=admin.example.net RPORT=1234 RUSER=backdoor
Creating a folder in all users home directory
With this script the administrator can create a folder in each users home directory and set access permissions and Ownership.
In the example shown below with group=teachers and permissions=2770 a user can hand in an assignment by saving the file to the folder "assignments" where teachers are given write access to be able to make comments.
home_path="/skole/tjener/home0"; shared_folder="assignments"; permissions="2770"; created_dir=0; for home in $(ls $home_path);do . if [ ! -d "$home_path/$home/$shared_folder" ]; then . mkdir $home_path/$home/$shared_folder chmod $permissions $home_path/$home/$shared_folder . #set the right owner and group #"username" = "group name" = "folder name" user=$home group=teachers chown $user:$group $home_path/$home/$shared_folder ((created_dir+=1)) else . echo -e "the folder $home_path/$home/$shared_folder already exists.\n" . fi done echo "$created_dir folders has been created"
Easy access to USB and CDROM
When users insert a usb or cdrom into a ThinClient there is no popup window like they are used to from their usual Desktop. Instead they have to browse to the /media/$user folder. This is too difficult for non experienced users.
With the following script the symlink "Media" is created for all users in the home folder for easy access to USB-keys, CDROM or whatever media is connected to the thin client.
home_path="/skole/tjener/home0"; shared_folder="Media"; permissions="775"; created_dir=0; for home in $(ls $home_path); do if [ ! -d "$home_path/$home/$shared_folder" ]; then ln -s /media/$home $home_path/$home/$shared_folder ((created_dir+=1)) else echo -e "the folder $home_path/$home/$shared_folder already exists.\n" fi done echo "$created_dir folders has been created"
HowTos from wiki.debian.org
The HowTos from http://wiki.debian.org/DebianEdu/HowTo/ are either user- or developer-specific. Let's move the user-specific HowTos over here (and delete them over there)! (But first ask the authors (see the history of those pages to find them) if they are fine with moving the howto and putting it under the GPL.)