HowTos for general administration

The Getting Started and DebianEdu/Documentation/Etch/Maintainance chapters describe how to get started with Debian Edu and how to do the basic maintainance work. The howtos in this chapter are already "advanced" tips and tricks.

Installing single service machines for spreading the load from main-server

Tracking /etc/ using the svk version control system

With the introduction of the debian-edu-etc-svk script in Debian Edu, all files in /etc/ are tracked using svk as a version control system. This make it possible to see when a file added, changed and removed, as well as what was changed if the file is a text file. The svk repository is stored in ~root/.svk/.

This feature is activated automatically in the Etch based version of Debian Edu, and all changes done during installation are registered. Changes in /etc/ are committed every hour.

List of useful commands:

 debian-edu-etc-svk diff
 debian-edu-etc-svk log
 debian-edu-etc-svk status
 debian-edu-etc-svk commit
 debian-edu-etc-svk ignore

Usage examples

In a freshly installed system try this to see all changes done since the system was installed:

debian-edu-etc-svk diff -r6 | less

To see the list of changes done in /etc/, use this command:

debian-edu-etc-svk log | less

Here check revision numbers by date and time, Then to see all changes done since revision N say:

debian-edu-etc-svk diff -rN | less

To see the changes done to a specific file between specific revisions, specify the file and both revisions:

debian-edu-etc-svk diff -r46 -r64 /etc/resolv.conf | less

To revert a change, use the diff command to look at the change, and edit the file to undo the change, or use a command like this to do it automatically:

( cd /etc && debian-edu-etc-svk diff -r6 /etc/resolv.conf | patch -p1 -R )

To manually commit a file, because you don't want to wait up to an hour:

debian-edu-etc-svk commit /etc/resolv.conf

If you don't want a specific file to be tracked in svk, you can tell to ignore it. But this is rarely useful :)

debian-edu-etc-svk ignore /etc/path/to/file/to/be/ignored

For those who upgraded from sarge/woody

/etc in svk was introduced with the etch based release of Debian Edu. If you installed your system prior to this, you need to initialize svk once with the following command run as root:

debian-edu-etc-svk init

This adds all files in /etc to svk and also activates the hourly commit cronjob.

Resize Partitions

Most partitions in Debian Edu are logical LVM volumes. Only the /boot/ partition is not. With the Debian/Etch release of Debian Edu, it is possible to extend partitions while they are mounted. This is a feature of the Linux kernel since version 2.6.10. Shrinking partitions still need to happen while the partition is unmounted.

It is a good idea to avoid creating very large partitions, as large partitions will take a long time to restore from backup if the need should arise, and file system check take a very long time for large partitions. A good limit can be 20 GiB. It is better, if possible, to create several smaller partitions than one very large one.

To make it easier to extend full partitions, the debian-edu-fsautoresize script is provided. When invoked, it reads the configuration from /usr/share/debian-edu-config/fsautoresizetab, /site/etc/fsautoresizetab and /etc/fsautoresizetab, and based on the rules provided in these files propose to extend partitions with too little free space. Without any arguments, it will only write the commands needed to extend the file system, and the argument -n is needed to actually extend the file systems.

Logical Volume Management

Logical Volume Management (LVM) enables resizing the partitions while they are mounted and in use. You can learn more about LVM in the LVM HowTo.

To extend a logical volume manually you simply tell the lvextend command how large you want it to grow to.

For example, to extend home0 to 30GB you use the following commands:

lvextend -L30G /dev/vg_system/skole+tjener+home0
resize2fs /dev/vg_system/skole+tjener+home0

Using volatile.debian.org

Since volatile.debian.org is a relatively new service, introduced with Debian Etch, it's not enabled on default installations.

What is debian-volatile?

Quoting from the webpage:

How to use volatile

Since the volatile archive key is included in the debian-archive-keyring package, which is installed by default, you do not have to add this key manually to roots keyring anymore. Just add the following line to /etc/apt/sources.list:

deb http://volatile.debian.org/debian-volatile etch/volatile main

And run aptitude update && aptitude upgrade.

Using backports

You are running Debian Edu, because you prefer the stability of Debian Edu. It runs great, there is just one problem: sometimes software is a little bit more outdated as you like. This is where backports step in.

Backports are recompiled packages from Debian testing (mostly) and Debian unstable (in a few cases only, e.g. security updates), so they will run without new libraries (wherever it is possible) on a stable Debian distribution like Debian Edu. We recommend you to pick out single backports which fit your needs, and not to use all backports available there. Please follow the instructions on Backports to use these backports.

You can either use aptitude -t etch-backports install <packagename> to install or update packages once, or you can configure a package to be always installed from backports though /etc/apt/preferences which is described in the instructions.

The second variant has the advantage, that updates to backports are installed automatically when they are available. With the first variant you need to update manually.

Java

apt-get install sun-java5-plugin sun-java5-jre sun-java5-fonts

Access to skolelinux server from outside a firewall

A boot script open-backdoor is provided in the debian-edu-config package to "break out" from behind a firewall. It is useful for system administrators responsible for several Debian Edu installations. It set up an SSH tunnel to another machine, allowing ssh login from the outside of the firewall.

To enable it, create a ssh key without a password, create a user on a remote host to use for ssh login, copy the public key into ~/.ssh/authorized_keys for the remote user used for and specify the login information in /etc/default/backdoor.

Content of /etc/default/backdoor should be similar to this:

RHOST=admin.example.net
RPORT=1234
RUSER=backdoor

Creating a folder in all users home directory

With this script the administrator can create a folder in each users home directory and set access permissions and Ownership.

In the example shown below with group=teachers and permissions=2770 a user can hand in an assignment by saving the file to the folder "assignments" where teachers are given write access to be able to make comments.

home_path="/skole/tjener/home0";
 shared_folder="assignments";
 permissions="2770";
 created_dir=0;
        for home in $(ls $home_path);do
        . if [ ! -d "$home_path/$home/$shared_folder" ]; then
        . mkdir $home_path/$home/$shared_folder
        chmod $permissions $home_path/$home/$shared_folder
. #set the right owner and group
  #"username" = "group name" = "folder name"
        user=$home
        group=teachers
        chown $user:$group $home_path/$home/$shared_folder
        ((created_dir+=1))
 else
  . echo -e "the folder $home_path/$home/$shared_folder already exists.\n"
 . fi
done
echo "$created_dir folders has been created"

Easy access to USB and CDROM

When users insert a usb or cdrom into a ?ThinClient there is no popup window like they are used to from their usual Desktop. Instead they have to browse to the /media/$user folder. This is too difficult for non experienced users.

With the following script the symlink "Media" is created for all users in the home folder for easy access to USB-keys, CDROM or whatever media is connected to the thin client.

home_path="/skole/tjener/home0"; shared_folder="Media"; permissions="775"; created_dir=0;
for home in $(ls $home_path); do
  if [ ! -d "$home_path/$home/$shared_folder" ]; then
    ln -s /media/$home $home_path/$home/$shared_folder ((created_dir+=1))
  else
    echo -e "the folder $home_path/$home/$shared_folder already exists.\n"
  fi
done
echo "$created_dir folders has been created"

HowTos from wiki.debian.org

The HowTos from http://wiki.debian.org/DebianEdu/HowTo/ are either user- or developer-specific. Let's move the user-specific HowTos over here (and delete them over there)! (But first ask the authors (see the history of those pages to find them) if they are fine with moving the howto and putting it under the GPL.)

CategoryPermalink