Beruflich Dokumente
Kultur Dokumente
Debian 5
Basic Server
Administration
Step By Step Guide
(With Illustration)
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
http://zcomby-server2008.blogspot.com/
Acknowledgments
No book is written alone. Instead, there is a wealth of people working behind the scenes to help
make a book the best possible. Im grateful for the hard work put in behind the scenes by
several people. Ruslan, Kharizan, Hj. Shukri, Fadhlina, Zuraida, Kak Ramlah, Kak Zulaikha,
Danial, Zainatul and Azhar Pixma, all provided a significant amount of work that helped produce
this book. Im grateful to each of them.
Zulfadli has developed several video training courses for People Trust Council (Majlis Amanah
Rakyat) and has written and co-authored several other technical books. He has a passion for
teaching and enjoys sharing knowledge in the classroom as much as he does through books.
Zulfadli lives with his wife and four children in Ipoh, Perak, but on most weekends they cant be
found because they always travel. Hes found that configuring networks is a piece of cake
compared to building a good house and happy family, but he hasnt given up yet.
Table Of Contents
Title
Page
Exercise 1
Exercise 2
39
Exercise 3
Network Configuration
43
Exercise 4
User Management
57
Exercise 5
83
Exercise 6
Process Management
91
Exercise 7
100
Exercise 8
115
Exercise 9
138
Exercise 10
156
Exercise 11
167
Exercise 12
Disk Quotas
175
Table Of Contents
Title
Page
Exercise 13
188
Exercise 14
199
Exercise 1
Installing
Linux
Debian 5
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
Figure 2 : Language
5. Press ENTER key to continue.
Figure 4 : Region.
9. Press ENTER key to continue.
Figure 5 : Country.
11. Press ENTER key to continue.
12. Select American English as your keyboard layout (Figure 6).
14. Wait until the Network Auto-configuration process completed. If the result is fail, just
press Enter to continue (Figure 7).
10
Figure 9 : Hostname.
18. Press ENTER key to continue.
19. In this exercise I used myserverSN.com as domain name. Replace SN with your station
number (Figure 10).
11
21. Wait until the disks and all other hardware detection process complete (Figure 11).
12
24. Select your hard disk (normally labeled as sda). In this exercise I used SCSI hard disk
(Figure 13).
26. Select Yes when you are asked to create new empty partition (Figure 14).
13
14
15
32. Enter the size for /boot partition. Normally around 70150 MB. Lets put 150 MB (Figure 17)
36. Select Beginning for location of the new partition (Figure 19)
16
40. Select /boot as mount point for the partition (Figure 21)
17
18
19
49. Enter the size for swap partition. Normally 2 x physical RAM. Now Im using 1 GB RAM,
so my Swap = 2 GB (Figure 26)
53. Select Beginning for location of the new partition (Figure 28)
20
21
22
23
66. 5 GB is the minimum space required for graphical installation complete with xWindows.
But I recommended 10 GB. So, enter 10 GB for the size of root partition. (Figure 35)
70. Select Beginning for location of the new partition (Figure 37)
24
25
26
27
83. This is the last partition well create, so put all the remaining size as home partition
(Figure 44).
85. Select /home as mount point for the partition (Figure 45)
28
29
89. Select Finish partitioning and write changes to disk (Figure 48)
91. Select Yes to confirm writing the changes to disk (Figure 49)
30
93. Now the setup wizard start formatting all the partitions you created (Figure 50).
94. After finish formatting partitions, the setup wizard start installing the base system (Figure 51).
95. You need to set a password for root, the system administrative account. A good
password will contain a mixture of letters, numbers and punctuation and should be
changed at regular intervals. In this exercise, I will use Pr@ctice as my root password
(Figure 52).
31
97. The setup wizard will ask you to re-enter the root password again for verification. Just
enter the same password again Pr@ctice (Figure 53).
99. Linux setup wizard will ask you to create user account for you to use instead of the root
account for non-administrative activities. Here I create new user name as Second
Admin. You also can enter your real name as a new user (Figure 54).
32
101.
I set the username for Second Admin as admin2. You can enter any name, but
remember, the username should start with lower-case letter, and can be followed by
any combination of numbers and more lower-case letters (Figure 55).
103.
User password. I use 3xerci5e as the password for this user different from the root
password (Figure 56).
33
105.
The setup wizard will ask you to re-enter the password again for verification. Just
enter the same password again 3xerci5e (Figure 57).
107.
After finish creating user account, your installation DVD will be scanned and you
have the option to scan additional CDs or DVDs for use by the package manager
(apt). Just select NO for the answer because we only use Debian DVD disc 1 only
(Figure 58).
34
109.
Now the setup wizard ask to use a network mirror for installation process, just select
NO for the answer because we only using DVD installation (Figure 59).
111.
Just select NO as the answer for the package usage survey question (Figure 60).
35
113.
Software selection. Select all software package except Laptop. Laptop package
only used if you installing the Debian on the laptop. Use spacebar key to select or
unselect package (Figure 61).
115.
Samba Server.
We will configure the Samba server later. Press ENTER key to continue (Figure 62).
36
116.
Select NO as the answer because we will modify the smd.conf file later (Figure 63).
118.
Wait until the software installation process complete. This may take 30 60 minute
depending on your system performance (Figure 64).
119.
Install the GRUB boot loader to the master boot record? Just select Yes as the
answer (Figure 65).
37
121.
38
Exercise 2
System
Configuration
(Initial Configuration)
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
39
1. Log on to the server as admin2 [user account you create earlier] (Figure 67).
40
EXERCISE 2.1
41
8. In the Time and Date Settings window, you can change your time zone, time and date
(Figure 71).
42
Exercise 3
Network
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
43
Configuring network.
In this section, youll learn how to configure network for your server using GUI (Graphical User
Interface).
There are four(4) files you have to configure to setup your network,
/etc/network/interfaces
/etc/resolv.conf
/etc/hostname
/etc/hosts
But if you configure network using GUI, the system will automatically configure all those files for
you.
1. Launch Network Manager. Click System Administration Network (Figure 72).
44
2. If the Granted permissions without asking for password window appear, tick the Do not
display this message again and click the Close button. (Figure 73).
45
Connection Setting
5. Uncheck the Enable roaming mode box (Figure 75).
46
7. Now set your server IP address, and ensure that you are using a static IP address. For
this exercise, Im using number 21 as my server station number (Figure 77).
Tips:
Connection Settings.
Configuration
: Static IP address
IP address
: 192.168.2.SN
Subnet mask
: 255.255.255.0
Gateway address
: 192.168.2.ISIP
47
Setting up Host
9. Select the General tab. Make sure the host setting are corrects (Figure 78).
Tips:
Host Settings.
Host name
: debianserver SN
(server name)
Domain name
: myserverSN.com
48
12. Later you will set your server as DNS server, so enter your Server IP address and press
ENTER (Figure 80).
49
14. Enter your Domain name and press ENTER (Figure 82).
50
Save setting
15. Click the Save button [icon = hard disk with green arrow] (Figure 83).
51
52
53
54
Testing Network.
22. Make sure the network cable is plugged. Try ping to another PC in your network using
the following command:
# ping another PC IP address
e.g.:
# ping 192.168.2.22
Enter IP address of the other PC in your network after the ping command and press
ENTER (Figure 89).
55
25. Vim will open the network configuration file (Figure 91).
56
Exercise 4
User
Management
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
57
58
5. After you enter the root password, the Terminal will return with new line ending with
character # (Figure 96).
59
EXERCISE 4.2
zul
Password
comby
Full Name
Zul Zcomby
Room Number
207
Work Phone
05-6884401
Home Phone
Other
019-6581079
60
9. When new user created, the system automatically create home directory for the user. By
default, the home directory for new user are created under the /home directory.
You can check the new user home directory by using the following command:
# cd /home
# ls
61
10. Now create the user Ocah Blue, Ahmad Akmal, Aliuddin and MdSaad.
# adduser ocah
Logon Name
ocah
Password
ocah
Full Name
Ocah Blue
Room Number
214
Work Phone
05-6884401
Home Phone
Other
019-6681079
Figure 100 : Ocah Blue information.
# adduser akmal
Logon Name
akmal
Password
akmal
Full Name
Ahmad Akmal
Room Number
205
Work Phone
05-6884401
Home Phone
Other
050327-02-0077
ali
Password
ali
Full Name
Aliuddin
Room Number
208
Work Phone
05-6884401
Home Phone
Other
080627-02-0033
Figure 102 : Aliuddin information.
62
# adduser saad
Logon Name
saad
Password
masuri
Full Name
Md Saad
Room Number
210
Work Phone
05-5272372
Home Phone
Other
Figure 103 : Md Saad information.
63
12. Click Log Out button to logout the server. (Figure 105).
64
65
EXERCISE 4.3
66
18. After you enter the root password, the Terminal will return with new line ending with
character # (Figure 111).
19. Use the passwd command to change Md Saad password as following and press
ENTER (Figure 112).
# passwd saad
67
20. Enter new password for Md Saads as 123456 and press ENTER (Figure 113).
68
69
70
EXERCISE 4.4
Deleting user.
28. Login to the server as admin2 and 3xerci5e as password (Figure 120).
71
31. To remove or delete user account youll use deluser command. This command will
remove a user from the system.
By default, deluser command will remove the user without removing the home directory,
the mail spool or any other files on the system owned by the user.
The --remove-all-files option must be added if you want to remove user including all
files and directories on the system owned by the user
Now delete user Md Saad from the system including all files and directories on the
system owned by him using the following command (Figure 123):
# deluser --remove-all-files saad
72
73
EXERCISE 4.5
Creating Group.
In this exercise youll create three (3) groups, Sem1, Sem2 and Sem3. You also will assign user
to those groups.
35. Login to the server as admin2 and 3xerci5e as password (Figure 126).
74
75
39. Every time new group created, the system will store the group record in /etc/group file.
Enter the following command to view list of group created in your system (Figure 130):
# cat /etc/group
76
41. To confirm user zul are added as member of Sem3 group, check the /etc/group file.
Enter the following command to view list of group and it members created in your system
(Figure 132):
# cat /etc/group
42. Now set group for Ocah, Akmal and Ali according to table below (Figure 133):
User
Group
ocah
Sem3
akmal
Sem2
ali
Sem1
Figure 133 : Group table.
77
EXERCISE 4.6
Creating Folder.
In this exercise youll create new directory called practice and change the ownership of the
directory.
43. To create directory practice, enter the following command (Figure 134):
# mkdir practice
78
EXERCISE 4.7
Changing group ownership
45. Enter the following command to change the group ownership of the practice directory
from root group to Sem3 group (Figure 136).
# chgrp Sem3 practice
79
EXERCISE 4.8
Changing files or directories ownership
47. Use the following command to change directory practice owner from root to zul (Figure
138):
# chown zul practice
80
EXERCISE 4.9
Deleting a group.
49. First create new group Sem4, Sem5 and Sem6; use the following command (Figure
140).
# groupadd Sem4
# groupadd Sem5
# groupadd Sem6
81
51. Now youll delete Sem6 group. Use the following command to delete Sem6 group
(Figure 142):
# groupdel Sem6
52. Check the /etc/group file to confirm the Sem6 group are successfully deleted (Figure
143).
# cat /etc/group
82
Exercise 5
Printer
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
83
84
85
86
Setting up printer.
7. In this exercise the printer IP address is set to 192.168.2.24, enter the printer IP address
in the Host: box (Figure 150).
87
12. Select your printer model. In this exercise, Im using HP Color Laserjet CP1510n
printer.
If your printer models are not listed, select the nearest model. So, I select Color
Laserjet cp1515n because this is the nearest model (Figure 152).
88
17. Enter some text. Type whatever you want (Figure 155).
89
90
Exercise 6
Process
Management
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
91
92
4. Display and monitor all the active processes running on your server is the easiest way to
understand the process.
ps command are used to displays information about a selection of the active processes.
Use the following command to display information of the current process running on your
server (Figure 161):
# ps -aux | more
Explanations
Users start the process.
Process ID
%CPU
%MEM
VSZ
RSS
TTY
93
STAT
START
TIME
COMMAND
Process status.
When the process start.
CPU time usage by the process.
Commands start the process.
Figure 162 : Process Table
94
EXERCISE 6.2
Using Process command.
6. Use the following command to display process using by the current user (Figure 163):
# ps -u
95
8. To display process use by all users, use the following command (Figure 165):
# ps -au
96
EXERCISE 6.3
Stopping a Process.
Sometimes you face with the hang application. You have to terminate the application
through manual way. To terminate the process, you have to know the process IDs.
9. Use the following command to display process IDs (Figure 166)
# ps -aux
97
Signal
Statement
Explanation
HUP or SIGHUP
INT or SIGINT
KILL or SIGKILL
15
TERM or SIGTERM
98
11. You also can display the active process by using Top utility. Top will display the process
in real time. You can terminate or close Top utility by pressing q key.
Enter the following command to display process in the real time (Figure 168):
# top
99
Exercise 7
Domain
(BIND)
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
100
101
If the utility is missing you can install it using the following command but make sure your
Debian DVD are inserted in the DVD drive:
# apt-get install bind9
102
5. To declare Search Domain and Domain Name Server, you have to edit the resolv.conf
file and insert 3 line below:
domain myserver SN.com
search myserver SN.com
nameserver 192.168.2.SN
103
What it Does
Searches for the text entered. The search starts from the
cursor's position.
Opens the file named.
Quits vim without saving.
Saves open file
Starts command mode.
Redo an action that was undone.
Moves the cursor one character to the left.
Starts insert mode.
Move the cursor down to the next line.
Moves the cursor up to the next line.
Moves the cursor one character to the right.
Pastes to the clipboard.
Starts over writing.
Undo last action.
Deletes the character at the cursor.
Moves the current word to the clipboard.
Moves the current line to the clipboard.
6. Press i to start insert mode and enter the line below (Figure 174):
domain myserver SN.com
search myserver SN.com
nameserver 192.168.2.SN
Figure 174 : Terminal - Declare Search Domain and Domain Name Server
104
105
EXERCISE 7.3
Declare Forward and Reverse zone file location
9. To declare Forward and Reverse zone file location, you have to edit the
named.conf.local file. Execute the following command to edit named.conf.local file
(Figure 176):
# vim /etc/bind/named.conf.local
10. Press i to start insert mode and enter the line below (Figure 177):
zone "myserverSN.com" {
type master;
file "/etc/bind/myserverSN.com.db";
};
zone "SN.2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/myserverSN.com.arpa";
};
Note: SN = Station number.
Figure 177 : Terminal - declare Forward and Reverse zone file location
106
107
EXERCISE 7.4
Declare Hosts
13. To declare hosts, you have to edit the hosts file. Execute the following command to edit
hosts file (Figure 179):
# vim /etc/hosts
14. Press i to start insert mode and enter the line below (Figure 180):
127.0.0.1
192.168.2.SN
localhost
debianserverSN.myserverSN.com debianserverSN
108
109
EXERCISE 7.5
Create Forward zone
17. In previous exercise you have declare myserverSN.com.db as your forward zone file.
To create Forward zone file, execute the following command (Figure 182):
# touch /etc/bind/myserverSN.com.db
18. Now edit your Forward zone file, execute the following command to edit (Figure 183):
# vim /etc/bind/myserverSN.com.db
19. Press i to start insert mode and enter the line below (Figure 184):
$TTL 3D
myserverSN.com.
myserverSN.com.
myserverSN.com.
110
Definition
List your administrative configuration for your domain.
List the DNS server for your domain.
Domain name for IP address mapping.
Use by mail server in your domain.
111
EXERCISE 7.6
Create Reverse zone
22. In previous exercise you have declare myserverSN.com.arpa as your reverse zone file.
To create Reverse zone file, execute the following command (Figure 186):
# touch /etc/bind/myserverSN.com.arpa
23. Now edit your Reverse zone file, execute the following command to edit (Figure 187):
# vim /etc/bind/myserverSN.com.arpa
$TTL 3D
SN.2.168.192.in-addr.arpa. IN SOA debianserverSN.myserverSN.com. root.myserverSN.com. (
2011030401
--> serial number; base on date
24H
--> refresh time
12H
--> retry
1W
--> expiry
1H )
-->minimum TTL
SN.2.168.192.in-addr.arpa. IN NS debianserverSN.myserverSN.com.
SN.2.168.192.in-addr.arpa. IN PTR myserverSN.com.
112
27. Restart service. Execute the following command to restart Bind service (Figure 190):
# /etc/init.d/bind9 restart
113
EXERCISE 7.7
Test DNS server
28. Testing Forward zone. Execute the following command to test Forward zone (Figure
191):
# nslookup myserverSN.com
Note: SN = Station Number.
29. Testing Reverse zone. Execute the following command to test Reverse zone (Figure
192):
# nslookup 192.168.2.SN
Note: SN = Station Number.
114
Exercise 8
FTP Server
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
115
Anonymous
Authenticated
In the Anonymous mode, remote clients can access the FTP server by using the default user
account called "anonymous" or "ftp" and sending an email address as the password.
In the Authenticated mode a user must have an account and a password. User access to the
FTP server directories and files is dependent on the permissions defined for the account used at
login. As a general rule, the FTP daemon will hide the root directory of the FTP server and
change it to the FTP Home directory. This hides the rest of the file system from remote
sessions.
116
117
If the utility is missing you have to install it. To install vstpd, insert your Debian DVD
(disc 1) into your DVD drive and execute the following command (Figure 197):
118
By default, your FTP server is now successfully running but only anonymous FTP is allowed to
login and download from your FTP server.
5. After finish installing vsftpd package , the system automatically create home directory for
the FTP server. By default, the home directory for FTP server are created under the
/home directory.
You can check the FTP server home directory by execute the following command:
# cd /home
# ls
119
EXERCISE 8.2
Creating new file
6. Change to ftp home directory by executing the following command (Figure 200):
# cd /home/ftp
7. Create new file named ftptest.txt by using the following command (Figure 201):
# touch /home/ftp/ftptest.txt
8. Display contents of the ftp home directory by execute the following command (Figure
202):
# ls
120
EXERCISE 8.3
Configuring a Client Computer to test the FTP server.
Please refer to the following table for client configuration.
Name of This Computer
clientxpSN
Name of Organization
IKM
Client Workstation
Name of Installer
Administrator
Domain Name
TCP/IP Address
192.168.2.SN
255.255.255.0
TCP/IP Gateway
192.168.2.ServerNumber
192.168.2.ServerNumber
121
122
13. Now set your client (Windows XP) IP address, and ensure that you are using a static IP
address. For this exercise, Im using number 61 as my Windows XP client station
number (Figure 206)
IP address
: 192.168.2.SN
Subnet mask
: 255.255.255.0
Default gateway
: 192.168.2.ServerNumber
(server IP address)
123
124
EXERCISE 8.4
Test the FTP server using Microsoft Windows XP client.
Login to FTP server using command prompt
16. Launch Command Prompt. Click Start Run; key-in cmd in the Open: box and press
ENTER (Figure 208)
17. At the command prompt, execute the following command to login to FTP server (Figure
209):
ftp 192.168.2.FSN
Note: FSN = FTP server Station Number.
125
18. Youll be asking to enter the username. Key-in anonymous as username and just press
ENTER for password [NO password] (Figure 210).
19. Display contents of the FTP server by execute the following command (Figure 211):
# ls
126
127
128
129
EXERCISE 8.5
vsftpd FTP Server Configuration Allow local user to upload
27. Login to the server as admin2 and 3xerci5e as password (Figure 217).
130
By default, local system users are not allowed to login to FTP server. To change this
setting, you should uncomment the following line:
local_enable=YES
30. You can edit vsftpd configuration file using command below (Figure 220)
# vim /etc/vsftpd.conf
131
32. By default, users are allowed to download files from FTP server. They are not allowed to
upload files to FTP server. To change this setting, you should uncomment the following
line: (Figure 222)
write_enable=YES
33. If you want to allow user to used ASCII mode for downloading and uploading files,
uncomment the following line: (Figure 223)
ascii_upload_enable=YES
ascii_download_enable=YES
132
36. Restart service. Execute the following command to restart FTP service (Figure 225):
# /etc/init.d/vsftpd restart
133
134
39. The Log on box will appear. The FTP server ask for user name and password. Enter zul
as user name and comby as password (Figure 228).
135
136
45. Change to zul home directory by execute the following command (Figure 232):
# cd /home/zul
46. Display contents of the zul home directory by executing the following command (Figure
233):
# ls
137
Exercise 9
Apache Web
Server
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
138
Core development of the Apache Web server is performed by a group of about 20 volunteer
programmers, called the Apache Group. However, because the source code is freely available,
anyone can adapt the server for specific needs, and there is a large public library of Apache
add-ons. In many respects, development of Apache is similar to development of the Linux
operating system.
The original version of Apache was written for UNIX, but there are now versions that run under
OS/2, Windows and other platforms.
The name is a tribute to the Native American Apache Indian tribe, a tribe well known for its
endurance and skill in warfare. A common misunderstanding is that it was called Apache
because it was developed from existing NCSA code plus various patches, hence the name a
patchy server, or Apache server.
139
140
EXERCISE 9.1
Check installation package.
4. You can check whether you have the apache2 administration utility installed by
executing the following command (Figure 237):
# dpkg -l apache2
If the utility is missing you have to install it. To install apache2, insert your
Debian DVD (disc 1) into your DVD drive and execute the following command
(Figure 238):
# apt-get install apache2
141
4.2.
4.3.
142
Exercise 9.2
By default, the default web server directories are located at /var/www.
Lets say I want to change the default web server directories to /home/pubweb. And I also want
to set my own webpage as first page of the web server. The first page using default.htm as the
page file name.
Changing default web server directories
5. First you have to create a new directory name pubweb in the /home directory. Use the
following command to create new directory (Figure 241):
# mkdir /home/pubweb
143
7. Press i to start insert mode and change default web folder from /var/www/ to
/home/pubweb / (Figure 243):
144
145
146
147
20. Restart apache service by execute the following command (Figure 253):
# /etc/init.d/apache2 restart
148
24. Enter your Web server address in the Address box and press ENTER. My Web server
address is http://192.168.2.21 or you also can enter as http://myserver21.com (Figure
255).
149
Exercise 9.3
150
28. Web server port configurations are store in the ports.conf and 000-default file. Execute
the following command to edit the ports.conf file (Figure 259):
# vim /etc/apache2/ports.conf
151
152
33. Press i to start insert mode and change the default VirtualHost port from 80 to 8080
(Figure 263):
153
36. Restart apache service by execute the following command (Figure 265):
# /etc/init.d/apache2 restart
154
40. Enter your Web server address in the Address box and press ENTER. My Web server
address is http://192.168.2.21.
You webpage appear in the browser? YES NO
If NO, why?
Because the web port has changed from port 80 to port 8080. If you enter only web
address without port extension, the browser will refer to the port 80.
41. Enter the web address with port number to view your webpage, e.g.
http://192.168.2.SN:8080 (Figure 267).
Note: SN = Station number.
155
Exercise 10
DHCP
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
156
DHCP is useful for fast delivery of client network configuration. When configuring the client
system, the administrator can choose DHCP and not have to enter an IP address, netmask,
gateway, or DNS servers. The client retrieves this information from the DHCP server. DHCP is
also useful if an administrator wants to change the IP addresses of a large number of systems.
Instead of reconfiguring all the systems, he can just edit one DHCP configuration file on the
server for the new set of IP address. If the DNS servers for an organization changes, the
changes are made on the DHCP server, not on the DHCP clients. Once the network is restarted
on the clients (or the clients are rebooted), the changes will take effect.
Furthermore, if a laptop or any type of mobile computer is configured for DHCP, it can be moved
from office to office without being reconfigured as long as each office has a DHCP server that
allows it to connect to the network.
157
158
EXERCISE 10.1
Check installation package.
4. You can check whether you have the dhcp administration utility installed by executing
the following command (Figure 271):
# dpkg -l dhcp3-server
159
EXERCISE 10.2
Configuring DHCP server - Using address pool method.
In this exercise:a. Let's say, your domain is myserverSN.com
b. Your DHCP rage from 128 to 247 (20 client).
c. Your server IP address is 192.168.2. SN
d. Your subnet-mask is 255.255.255.0
Note: SN = Station number.
6. Execute the following command to edit dhcp configuration file (Figure 273):
# vim /etc/dhcp3/dhcpd.conf
160
8. Go to the last line of the page, and add the following script (Figure 275):
# Domain name
option domain-name "myserverSN.com";
option domain-name-servers myserverSN.com;
default-lease-time 600;
max-lease-time 7200;
# Example DHCP range from 128 to 247
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.128 192.168.2.247;
option routers 192.168.2.SN;
option broadcast-address 192.168.2.255;
option subnet-mask 255.255.255.0;
}
Note: SN = Station number.
161
11. Restart apache service by execute the following command (Figure 277):
# /etc/init.d/dhcp3-server restart
162
163
18. Now ensure that your client are using an automatic IP address (Figure 281)
164
22. Launch Command Prompt. Click Start Run; key-in cmd in the Open: box and press
ENTER (Figure 283).
165
23. Check your client IP address by entering the following command (Figure 284):
Ipconfig
166
Exercise 11
Installing and
Configuring
Samba
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
167
168
169
EXERCISE 11.1
Check installation package.
4. You can check whether you have the samba administration utility installed by executing
the following command (Figure 288):
# dpkg -l samba
170
EXERCISE 11.2
In this exercise you will:
a. share stkm directory with Microsoft Windows.
Preparing directories.
Create directory and set directory permission.
5. Use the following command to create stkm directory inside /home (Figure 290):
# mkdir /home/stkm
6. Execute the following command to give user full access authority (Figure 292):
# chmod -R 777 /home/stkm
171
172
13. Restart samba service by execute the following command (Figure 296):
# /etc/init.d/samba restart
173
16. Windows Explorer will open the Debian server network sharing resource (Figure 298).
174
Exercise 12
Disk Quotas
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
175
Per user
Per group
When using per-user quotas you are effectively giving a limit on how much disk space the
specific user may consume. In the case of per-group quotas you're giving a limit on the total
disk usage of all members in that group combined.
Generally I find it much more useful to apply quotas on a per-user basis, as this way you dont
have to work out which member of a group is consuming all the space.
To setup quota usage on your system you'll need to do three things:
176
EXERCISE 12.1
177
178
Configuring Quotas
Now you need to tell the system which filesystems should be controlled by the quota system. To
do this, you need to edit the /etc/fstab file and add the "usrquota" and/or "grpquota" options to
the relevant lines (depend where the /home directories are mounted). In this exercise, our
/home directory are mounted on /home partition.
6. Execute the following command to edit fstab file (Figure 304):
# vim /etc/fstab
179
The quota system has a notion of a soft limit and a hard limit. A soft limit is a limit which
the user can live with for a while (by default 7 days). A hard limit is a limit which cannot
be crossed ever.
A hard limit is the quota that each user's or group's disk usage cannot exceed. The
operating system will prevent a user or group from exceeding its hard limit quota, as
though the hard drive simply ran out of storage space. It is normal for a system
admin to set a hard limit that is a little higher than the soft limit to provide some
breathing room when a user or group needs to save a file before eliminating excess
files that cause the quota limited directory to overrun its soft limit. One reason
something like this might be needed, for instance, is for copying, modifying, and
testing a file before deleting the copy.
A soft limit is the quota to which each user's or group's disk usage should be limited
for day to day operations. The soft limit can be exceeded temporarily, as described
above under the hard limit explanation, but after a short period of time the soft limit
will be enforced by disabling the user account if the user's directory is not brought
within standards of soft limit quota compliance. Enabling the account again will
require action by the system administrator.
The grace period setting determines how long someone has to bring storage use
within standards for soft limit quota compliance. For instance, a setting of seven days
gives a user seven days, after first exceeding the soft limit, to bring disk usage in the
quota configured directory below the soft limit again before the user account is
disabled. On most systems, seven days will be the default grace period, though the
system admin can configure the grace period for a longer or shorter time if desired.
These limits are recorded inside special files which we need to create for each file
system which is being used with quotas.
180
10. Continuing with our example of /home, we would create one file for user quotas. Execute
the following command to create the file (Figure 307):
# touch /home/aquota.user /home/aquota.group
# chmod 600 /home/aquota.user /home/aquota.group
11. Execute the following command to enable partition to mount with quota support (Figure
308).
# mount -o remount /home
12. Now insert Debian Disc 2 into your DVD drive and install the quotatool by execute the
following command (Figure 309).
# apt-get install quotatool
181
13. When each quota-enabled file system is remounted, the system is now capable of
working with disk quotas. However, the file system itself is not yet ready to support
quotas. To do this, you must first run quotacheck.
The quotacheck command examines quota-enabled file systems, building a table of the
current disk usage for each one.
This table is then used to update the operating systems copy of disk usage. In addition,
the file systems disk quota files are updated (or created, if they do not already exist).
Execute the following command to examine quota-enabled file systems (Figure 310):
# quotacheck -vagum
The system will took a few minute to scanning your hard disk. Be patient.
182
14. Now you need to run quotaon command. quotaon announces to the system that disk
quotas should be enabled on one or more file systems. On the quota system by execute
the following command (Figure 311).
# quotaon -avug
183
EXERCISE 12.3
Set per-user quota.
15. To set the soft limits to 20MB and the hard limit to 25MB for a user called ali you would
run the following command (Figure 312).
# quotatool -u ali -bq 20MB -l '25MB' /home
184
18. The -p option allows you to duplicate the settings of one user to another user. For
instance, to use the same settings for user "akmal" that you set for user "ali", you would
execute the following command (Figure 315):
# edquota -p ali -u akmal
185
EXERCISE 12.4
Set per-group quota.
20. To set the soft limits to 10MB and the hard limit to 12MB for a group called stkm you
would run the following command (Figure 317):
# quotatool -g Sem3 -bq 10MB -l '12MB' /home
21. To display quota report for Sem3 group, run the following command (Figure 318):
# quota -g Sem3
186
22. The system administrator can see what the disk and quota usage by invoking the
following command (Figure 319):
# repquota /home
Note:
a. If ever you wish to remove a quota for a user simply set their hard and soft
limits to '0'.
b. To restart quota service simply execute the following command:
# /etc/init.d/quota restart
187
Exercise 13
Squid
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
188
189
EXERCISE 13.1
Install Squid Package
4. Install Squid package by execute the following command (Figure 323):
# apt-get install squid
Note: If system asks any question during installation, just presses Y and ENTER.
190
EXERCISE 13.2
Configure Squid (deny all http access)
5. First, backup the default configuration file for Squid and make a new one.
Note: The default configuration file is a good file to at least glance through. If you want
to do a more advanced configuration than this walkthrough does, you will want to read it.
The easiest ways to duplicate or backup a file is using copy command. Use the
following command to create backup for squid.conf (Figure 324):
# cp /etc/squid/squid.conf
/etc/squid/squid.conf_default
191
6.2.
6.3.
7.2.
192
7.3.
Select Connections tab and click LAN Settings button (Figure 328)
193
7.5.
Enter your proxy server IP address (192.168.2.SN) and your proxy port number
(normally using port: 3128) (Figure 329).
7.7.
7.8.
Click OK button.
7.9.
194
195
EXERCISE 13.3
Configure Squid (allow all http access)
9.2.
9.3.
Change the parameter http_access deny all to http_access allow all (Figure
3321) :
196
9.4.
9.5.
9.6.
10.2. Launch Internet Explorer browser. Click Start All Programs Internet
Explorer (Figure 334).
197
10.3.
What happen?
Its should be no problem anymore. Your browser will display the web site (Figure
335).
198
Exercise 14
Routing
Server
Installation
and
Configuration
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
199
Static routing involves manually adding IP routes to the system's routing table, and this is
usually done by manipulating the routing table with the route command. Static routing enjoys
many advantages over dynamic routing, such as simplicity of implementation on smaller
networks, predictability (the routing table is always computed in advance, and thus the route is
precisely the same each time it used), and low overhead on other routers and network links due
to the lack of a dynamic routing protocol. However, static routing does present some
disadvantages as well. For example, static routing is limited to small networks and does not
scale well. Static routing also fails completely to adapt to network outages and failures along the
route due to the fixed nature of the route.
Dynamic Routing depends on large networks with multiple possible IP routes from a source to a
destination and makes use of special routing protocols, such as the Router Information Protocol
(RIP), which handle the automatic adjustments in routing tables that make dynamic routing
possible. Dynamic routing has several advantages over static routing, such as superior
scalability and the ability to adapt to failures and outages along network routes. Additionally,
there is less manual configuration of the routing tables, since routers learn from one another
about their existence and available routes. This trait also eliminates the possibility of introducing
mistakes in the routing tables via human error. Dynamic routing is not perfect, however, and
presents disadvantages such as heightened complexity and additional network overhead from
router communications, which does not immediately benefit the end users, but still consumes
network bandwidth.
200
201
Exercise 14.1
Adding static route
Adding static route in Debian is not too hard. Its just a matter of changing the configuration file.
Perhaps you already know what is the network routing you want to define.
To do this in Debian we need to change the network configuration file.
202
203
References:
Debian -- Documentation
www.debian.org/doc/
Debian doc-central
www.togaware.com/linux/survivor/Debian_doc_central.html
204