Debian 5 Server Update 28-10-2012

Linux
Debian 5
Basic Server
Administration
Step By Step Guide
(With Illustration)
By
Zulfadli Bin Mohd Saad
Computer Engineering Technology (Networking)
Department of Electronic
MARA Vocational Institute, Lumut, Perak.
http://zcomby-server2008.blogspot.com/
To my loving wife of more than 11 years, who continues to provide me love

and encouragement even when I dont deserve it.
Acknowledgments
No book is written alone. Instead, there is a wealth of people working behind the scenes to help
make a book the best possible. Im grateful for the hard work put in behind the scenes by
several people. Ruslan, Kharizan, Hj. Shukri, Fadhlina, Zuraida, Kak Ramlah, Kak Zulaikha,
Danial, Zainatul and Azhar Pixma, all provided a significant amount of work that helped produce
this book. Im grateful to each of them.
About the Author

Zulfadli Mohd Saad has been teaching Microsoft networking concepts since the DOS days and
has been teaching a myriad of other topics since many years before then. Hes been a Malaysia
Skills Competition Coach for trade IT PC/Network Support since 2003 and holds many other
certifications, including Certified Ethical Hacker, National Industrial Specialist (IT02-00
Information & Communication Technology), National Industrial Specialist Instructor (IT02-00
Information & Communication Technology), Certificate of Excellent MySkills-ASEAN 2009 (IT
PC/Network Support), Diploma of Excellent MySkills 2008 (IT PC/Network Support), Bronze
Medal MySkills 2010 (IT PC/Network Support) and Bronze Medal MARA Innovation & Invention
Competition 2012 (Windows Server 2008 Training Kit).
Zulfadli has developed several video training courses for People Trust Council (Majlis Amanah
Rakyat) and has written and co-authored several other technical books. He has a passion for
teaching and enjoys sharing knowledge in the classroom as much as he does through books.
He currently works full-time on a government contract providing a wide array of technical

training to government personnel in support of a network operations support center. He
moonlights as an adjunct instructor at a local college (MARA Vocational Institute) teaching
Network System Administration courses.
Zulfadli lives with his wife and four children in Ipoh, Perak, but on most weekends they cant be
found because they always travel. Hes found that configuring networks is a piece of cake
compared to building a good house and happy family, but he hasnt given up yet.
Table Of Contents
Title
Page
Exercise 1
Installing Linux Debian 5
Exercise 2
System Configuration (Initial Configuration)
39
Exercise 3
Network Configuration
43
Exercise 4
User Management
57
Exercise 5
Printer Installation and Configuration
83
Exercise 6
Process Management
91
Exercise 7
Domain (BIND) Installation and

Configuration
100
Exercise 8
FTP Server Installation and Configuration
115
Exercise 9
Apache Web Server Installation and

Configuration
138
Exercise 10
DHCP Installation and Configuration
156
Exercise 11
Installing and Configuring Samba
167
Exercise 12
Disk Quotas
175
Table Of Contents
Title
Page
Exercise 13
Squid Installation and Configuration
188
Exercise 14
Routing Server Installation and

Configuration
199
Exercise 1
Installing
Linux
Debian 5
By
Exercise 1 : Installing Linux Debian 5

1. Boot-up your PC using Debian DVD.
2. Select Install from the Installer boot menu (Figure 1).
Figure 1 : Installer boot menu

3. Press ENTER key to continue.
4. Select English as language to use for the installation process (Figure 2).
Figure 2 : Language
6. Select other for a country, territory or area (Figure 3).
Figure 3 : country, territory or area

8. Select Asia as you region (Figure 4).
Figure 4 : Region.
10. Select Malaysia as your country (Figure 5).
Figure 5 : Country.
12. Select American English as your keyboard layout (Figure 6).
Figure 6 : Keyboard layout.

14. Wait until the Network Auto-configuration process completed. If the result is fail, just
press Enter to continue (Figure 7).
Figure 7 : Network auto-configuration process.

15. Select Do not configure the network at this time (Figure 8).
Figure 8 : Network configuration method.
10
17. Hostname for the system.

In this exercise, my station number is 21. So, I used hostname debianserver21
(debianserverSN) as my hostname (Figure 9).
Note : SN = Station number
Figure 9 : Hostname.
19. In this exercise I used myserverSN.com as domain name. Replace SN with your station
number (Figure 10).
Figure 10 : Domain name.

11
21. Wait until the disks and all other hardware detection process complete (Figure 11).
Figure 11 : Disks and all other hardware detection process

22. Select Manual for the partitioning method (Figure 12).
Figure 12 : Partitioning method.

12
24. Select your hard disk (normally labeled as sda). In this exercise I used SCSI hard disk
(Figure 13).
Figure 13 : Partition disks.

26. Select Yes when you are asked to create new empty partition (Figure 14).
Figure 14 : Partition disks - Yes.

13
To install Linux, we need to create minimum 2 partitions:

a) Swap
This partition use for virtual memory (2 x physical RAM).
b) / = root
Where Debian is installed.
Recommended another partition to be created:
c) /boot
This partition to store boot loader and must set as Primary partition.
d) /home
This partition to store all your files.
Benefits of using separate partitions

Put simply, keeping directories that tend to fill up separate from directories needed by the
system to function safeguards the system against a crash. If /home and /boot were both on
the same partition, they would share the same HDD resources. When /home fills up, the
operating system would not be able to allocate storage to other important system functions that
need /boot.
Another plus is that you can format one partition and keep the data on another. You can reinstall
your operating system without losing data on the /home partition. Also, in the case of a partial
HDD failure, your chances of saving data is increased.
Other partitions you can create:

/var
This partition contains spool directories such as those for mail and printing. In
addition, it contains the error log directory. If your machine is a server and
develops a chronic error, those messages can fill the partition. Server computers
ought to have /var in a different partition than /.
/usr
This is where most executable binaries go. In addition, the kernel source tree
goes here, and much documentation.
/tmp
Some programs write temporary data files here. Usually, they are quite small.
However, if you run computationally intensive jobs, like science or engineering
applications, hundreds of megabytes could be required for brief periods of time.
In this case, keep /tmp in a different partition than /.
14
Creating Boot Partition.

28. Select FREE SPACE of your hard disk (Figure 15)
Figure 15 : Partition disks Free Space.

30. Select Create a new partition (Figure 16)
Figure 16 : Partition disks Create new partition.

15
32. Enter the size for /boot partition. Normally around 70150 MB. Lets put 150 MB (Figure 17)
Figure 17 : Partition disks New partition size.

34. Select Primary for partition type (Figure 18)
Figure 18 : Partition disks - Primary.

36. Select Beginning for location of the new partition (Figure 19)
Figure 19 : Partition disks Beginning.

16
38. Select Mount point (Figure 20)
Figure 20 : Partition disks Mount point.

40. Select /boot as mount point for the partition (Figure 21)
Figure 21 : Partition disks - /boot

17
42. Select Done setting up the partition (Figure 22)
Figure 22 : Partition disks - Done

44. Now your boot partition are created (Figure 23)
Figure 23 : Partition disks
18
Creating Swap Partition.

Figure 24 : Partition disks Free space.


19
49. Enter the size for swap partition. Normally 2 x physical RAM. Now Im using 1 GB RAM,
so my Swap = 2 GB (Figure 26)

51. Select Logical for partition type (Figure 27)
Figure 27 : Partition disks Logical.


20
55. Select Use as : (Figure 29)
Figure 29 : Partition disks Use as.

57. Select Swap area (Figure 30)
Figure 30 : Partition disks Swap area.

21
Figure 31 : Partition disks Done

61. Now your swap partition are created (Figure 32)
22
Creating Root Partition.



23
66. 5 GB is the minimum space required for graphical installation complete with xWindows.
But I recommended 10 GB. So, enter 10 GB for the size of root partition. (Figure 35)

68. Select Primary for partition type (Figure 36)
Figure 36 : Partition disks - Primary.


24
72. Select Mount point (Figure 38)
Figure 38 : Partition disks Mount point.

74. Select / as mount point for the partition (Figure 39)
Figure 39 : Partition disks - /

25

78. Now your root partition are created (Figure 41)
26
Creating /home Partition.



27
83. This is the last partition well create, so put all the remaining size as home partition
(Figure 44).

85. Select /home as mount point for the partition (Figure 45)
Figure 45 : Partition disks - /home
28

88. Now your root partition are created (Figure 47)
29
89. Select Finish partitioning and write changes to disk (Figure 48)
Figure 48 : Partition disks Finish.

91. Select Yes to confirm writing the changes to disk (Figure 49)
Figure 49 : Partition disks Confirmation.

30
93. Now the setup wizard start formatting all the partitions you created (Figure 50).
Figure 50 : Formatting Partition.
94. After finish formatting partitions, the setup wizard start installing the base system (Figure 51).
Figure 51 : Installing the base system.
95. You need to set a password for root, the system administrative account. A good
password will contain a mixture of letters, numbers and punctuation and should be
changed at regular intervals. In this exercise, I will use Pr@ctice as my root password
(Figure 52).
Figure 52 : Set root password.

31
97. The setup wizard will ask you to re-enter the root password again for verification. Just
enter the same password again Pr@ctice (Figure 53).
Figure 53 : Verify root password

99. Linux setup wizard will ask you to create user account for you to use instead of the root
account for non-administrative activities. Here I create new user name as Second
Admin. You also can enter your real name as a new user (Figure 54).
Figure 54 : Create new user account.

32
101.
I set the username for Second Admin as admin2. You can enter any name, but
remember, the username should start with lower-case letter, and can be followed by
any combination of numbers and more lower-case letters (Figure 55).
Figure 55 : Create new user account - username.

102.
Press ENTER key to continue.
103.
User password. I use 3xerci5e as the password for this user different from the root
password (Figure 56).
Figure 56 : Create new user account password.

104.
33
105.
The setup wizard will ask you to re-enter the password again for verification. Just
enter the same password again 3xerci5e (Figure 57).
Figure 57 : Create new user account password verification.

106.
107.
After finish creating user account, your installation DVD will be scanned and you
have the option to scan additional CDs or DVDs for use by the package manager
(apt). Just select NO for the answer because we only use Debian DVD disc 1 only
(Figure 58).
Figure 58 : Scan DVD option.

108.
34
109.
Now the setup wizard ask to use a network mirror for installation process, just select
NO for the answer because we only using DVD installation (Figure 59).
Figure 59 : Use network mirror option.

110.
111.
Just select NO as the answer for the package usage survey question (Figure 60).
Figure 60 : Package usage survey.

112.
35
113.
Software selection. Select all software package except Laptop. Laptop package
only used if you installing the Debian on the laptop. Use spacebar key to select or
unselect package (Figure 61).
Figure 61 : Software selection.

114.
115.
Samba Server.
We will configure the Samba server later. Press ENTER key to continue (Figure 62).
Figure 62 : Samba Server Workgroup/Domain name.
36
116.
Select NO as the answer because we will modify the smd.conf file later (Figure 63).
Figure 63 : Samba Server smd.conf

117.
118.
Wait until the software installation process complete. This may take 30 60 minute
depending on your system performance (Figure 64).
Figure 64 : Software installation process.
119.
Install the GRUB boot loader to the master boot record? Just select Yes as the
answer (Figure 65).
Figure 65 : Install the GRUB boot loader.

120.
37
121.
Installation complete. Remove the installation DVD (Figure 66).
Figure 66 : Installation complete.

122.

Now your system will reboot.
Congratulation! You have finish install the Debian Server.
38
Exercise 2
System
Configuration
(Initial Configuration)
By
39
Exercise 2 : System Configuration (Initial Configuration)
1. Log on to the server as admin2 [user account you create earlier] (Figure 67).
Figure 67 : First time login.

2. Press ENTER button to continue.
3. Enter the password 3xerci5e for admin2 (Figure 68).
Figure 68 : User password.

40
EXERCISE 2.1
Setting Time Zone

In this section, youll learn how to setup time zone for your server.
5. Right-click at the right hand top corner of the desktop (on the date and time) and select
Adjust Date & Time (Figure 69).
Figure 69 : Adjust Date & Time.

6. If the system asks you for the administrative password, just enter the root password you
created earlier - Pr@ctice (Figure 70).
Figure 70 : Administrative password.

41
8. In the Time and Date Settings window, you can change your time zone, time and date
(Figure 71).
Figure 71 : Time and Date Settings.

9. After finish configure your time and date, click the Close button to close the window.
42
Exercise 3
Network
Configuration
By
43
Exercise 3 : Network Configuration

EXERCISE 3.1
Configuring network.
In this section, youll learn how to configure network for your server using GUI (Graphical User
Interface).
There are four(4) files you have to configure to setup your network,
/etc/network/interfaces
/etc/resolv.conf
/etc/hostname
/etc/hosts
But if you configure network using GUI, the system will automatically configure all those files for
you.
1. Launch Network Manager. Click System Administration Network (Figure 72).
Figure 72 : Launch Network Manager.
44
2. If the Granted permissions without asking for password window appear, tick the Do not
display this message again and click the Close button. (Figure 73).
Figure 73 : Granted permissions without asking for password window.

3. Select Wired connection (Figure 74).
Figure 74 : Network settings Connections.

4. Click Properties button.
45
Connection Setting
5. Uncheck the Enable roaming mode box (Figure 75).
Figure 75 : eth Properties.

6. Select Static IP address for Configuration: option (Figure 76).
Figure 76 : eth Properties - Configuration.
46
7. Now set your server IP address, and ensure that you are using a static IP address. For
this exercise, Im using number 21 as my server station number (Figure 77).
Tips:
Connection Settings.
Configuration
: Static IP address
IP address
: 192.168.2.SN
Subnet mask
: 255.255.255.0
Gateway address
: 192.168.2.ISIP
(server station number)
(internet server IP address)
Note: SN = station number
Figure 77 : eth Properties Static IP address.

8. Click OK button to continue.
47
Setting up Host
9. Select the General tab. Make sure the host setting are corrects (Figure 78).
Tips:
Host Settings.
Host name
: debianserver SN
(server name)
Domain name
: myserverSN.com
(DNS server name)
Note: SN = station number
Figure 78 : Network Settings General.
48
Setting up DNS server

10. Click the DNS tab (Figure 78).
11. Click the Add button (Figure 79).
Figure 79 : Network Settings DNS.
12. Later you will set your server as DNS server, so enter your Server IP address and press
ENTER (Figure 80).
Figure 80 : Network Settings DNS Servers.
49
Setting up Search Domains

13. Under Search Domains section, click the Add button (Figure 81).
Figure 81 : Network Settings DNS.
14. Enter your Domain name and press ENTER (Figure 82).
Figure 82 : Network Settings Domain name.
50
Save setting
15. Click the Save button [icon = hard disk with green arrow] (Figure 83).
Figure 83 : Network Settings Save.

16. Enter /etc/network/interfaces in "Location name:" box. This is the network
configuration file location (Figure 84).
Figure 84 : Save location.

17. Click Save button to save.
51
18. Click Close button to exit Network Manager (Figure 85).
Figure 85 : Network Settings.

Restating Network Service
19. Launch Root Terminal. Application Accessories Root Terminal (Figure 86).
Figure 86 : Launch Root Terminal.
52
20. Restart network service.

Enter the following command and press ENTER:
# /etc/init.d/networking restart
Wait until you get the line said Reconfiguring network interfaces done (Figure 87).
If not, try restarting your network service again. If still error restarting your network
service, try rebooting your system by typing the following command:
# reboot
and press ENTER.
After reboot, login back to your Server and open Terminal as root. Try restarting your
network service again.
Figure 87 : Terminal - Restart network service.
53
Checking Network Configuration.

21. To check network card IP address, use the following command and press ENTER
(Figure 88).
# ifconfig
Figure 88 : Terminal ifconfig.
54
Testing Network.
22. Make sure the network cable is plugged. Try ping to another PC in your network using
the following command:
# ping another PC IP address
e.g.:
# ping 192.168.2.22
Enter IP address of the other PC in your network after the ping command and press
ENTER (Figure 89).
Figure 89 : Terminal ping.

23. Press CTRL + C to terminate the ping process.
55
View network configuration

24. To view a configuration files, we use vim. Vim is a text editor that upwards compatible to
vi. It can be used to edit all kinds of plain text. It is especially useful for editing programs.
To view your network configuration, enter the following command in the Terminal and
press ENTER (Figure 90).
# vim /etc/network/interfaces
Figure 90 : Terminal interfaces.
25. Vim will open the network configuration file (Figure 91).
Figure 91 : Terminal Network configuration file.

All the network settings you created earlier are using GUI. There are two way to
configure the network, using GUI and text editor to edit configuration file.
If you want to configure the configuration file, you have to remember all the script in the
figure above. I prefer using GUI, its easier and faster (Figure 91).
26. Close the Terminal (Figure 91).
56
Exercise 4
User
Management
By
57
Exercise 4 : User Management

EXERCISE 4.1
Changing to Super User.

In this section, youll learn how to manage user account in your server.
1. Launch Terminal. Application Accessories Terminal (Figure 92).
Figure 92 : Launch Terminal.

2. There are two type of user, normal user and administrative user root.
When you launch Terminal, you can identify your privilege either normal user or root by
looking at the last character near the cursor (Figure 93).
$ = you are normal user.
# = you are root. Administrative privilege.
Figure 93 : Terminal normal user and root.
58
Change from normal user to root.

3. Use su command to change from normal user to root. SU stand for Super User. In Linux
root is the Super User.
Enter su command in the Terminal and press ENTER (Figure 94).
# su
Figure 94 : Terminal su.
4. Enter the root password and press ENTER.

Note: the password you enter are invisible (Figure 95).
Figure 95 : Terminal su password.
5. After you enter the root password, the Terminal will return with new line ending with
character # (Figure 96).
Figure 96 : Terminal su privilege.
59
EXERCISE 4.2
Creating a Normal User Account.

In this exercise you will create five(5) normal user account; Zul, Ocah, Akmal, Ali and Saad.
adduser is the command youll use to create new user account. adduser command add users
to the system according to command line options and configuration information in
/etc/adduser.conf.
Creating normal user zul
6. To create a normal user, enter the following command and press ENTER (Figure 97):
# adduser zul
Figure 97 : Terminal - adduser
7. Enter the following details for Zul Zcomby (Figure 98).

Logon Name
zul
Password
comby
Full Name
Zul Zcomby
Room Number
207
Work Phone
05-6884401
Home Phone
Other
019-6581079
60
Figure 98 : Terminal adduser.

8. Press Y when the system ask for confirmation about the information and press ENTER.
9. When new user created, the system automatically create home directory for the user. By
default, the home directory for new user are created under the /home directory.
You can check the new user home directory by using the following command:
# cd /home
# ls
Figure 99 : Terminal - user /home directory.

You can see there are new directories named zul under /home directory (Figure 99).
61
10. Now create the user Ocah Blue, Ahmad Akmal, Aliuddin and MdSaad.
# adduser ocah
Logon Name
ocah
Password
ocah
Full Name
Ocah Blue
Room Number
214
Work Phone
05-6884401
Home Phone
Other
019-6681079
Figure 100 : Ocah Blue information.
# adduser akmal
Logon Name
akmal
Password
akmal
Full Name
Ahmad Akmal
Room Number
205
Work Phone
05-6884401
Home Phone
Other
050327-02-0077
Figure 101 : Ahmad Akmal information.

# adduser ali
Logon Name
ali
Password
ali
Full Name
Aliuddin
Room Number
208
Work Phone
05-6884401
Home Phone
Other
080627-02-0033
Figure 102 : Aliuddin information.
62
# adduser saad
Logon Name
saad
Password
masuri
Full Name
Md Saad
Room Number
210
Work Phone
05-5272372
Home Phone
Other
Figure 103 : Md Saad information.
63
Testing new user.

11. Logout the server. Click System Log Out admin2 (Figure 104).
Figure 104 : Logout
12. Click Log Out button to logout the server. (Figure 105).
Figure 105 : Logout system.

13. Now try login as Md Saads. Enter the username as saad (Figure 106).
Figure 106 : User Login
64
14. Enter masuri as the password (Figure 107).
Figure 107 : User login password.
Can you login?

Of course you can login. It should be no problem.
65
EXERCISE 4.3
Changing user password.

Change from normal user to root.

16. You must remember, only super user can manage users account. Enter su command in
the Terminal and press ENTER to change to super user (Figure 109).
# su
Figure 109 : Terminal su.
66
17. Enter the root password and press ENTER.

Note: the password you enter are invisible (Figure 110).
Figure 110 : Terminal su password.
18. After you enter the root password, the Terminal will return with new line ending with
character # (Figure 111).
Figure 111 : Terminal su privilege.
19. Use the passwd command to change Md Saad password as following and press
ENTER (Figure 112).
# passwd saad
Figure 112 : Change Md Saads password.
67
20. Enter new password for Md Saads as 123456 and press ENTER (Figure 113).
Figure 113 : Md Saad new password.

21. Retype Md Saads new password (Figure 114).
Figure 114 : Retype Md Saad new password.

22. Now the password for Md Saads are successfully updated (Figure 115).
Figure 115 : Password successfully updated.
68
Testing new password.

23. Logout the server. Click System Log Out saad (Figure 116).
Figure 116 : Logout

24. Click Log Out button to logout the server. (Figure 117).
Figure 117 : Logout system.

25. Now try login as Md Saads. Enter the username as saad (Figure 118).
69
26. Enter 123456 as the password (Figure 119).
Can you login?

Of course you can login. It should be no problem.
27. Logout the server.
70
EXERCISE 4.4
Deleting user.
28. Login to the server as admin2 and 3xerci5e as password (Figure 120).
Figure 120 : User login.


30. Change to Super User su (Figure 122).
Figure 122 : Super User privilege.
71
31. To remove or delete user account youll use deluser command. This command will
remove a user from the system.
By default, deluser command will remove the user without removing the home directory,
the mail spool or any other files on the system owned by the user.
The --remove-all-files option must be added if you want to remove user including all
files and directories on the system owned by the user
Now delete user Md Saad from the system including all files and directories on the
system owned by him using the following command (Figure 123):
# deluser --remove-all-files saad
Figure 123 : Delete user.

32. Logout the server.
72
Users delete confirmation.

33. Login as Md Saads. Enter the username as saad (Figure 124).

34. Enter 123456 as the password (Figure 125).
Can you login? Why?

No! You cant login as saad because Md Saad accounts are deleted.
73
EXERCISE 4.5
Creating Group.
In this exercise youll create three (3) groups, Sem1, Sem2 and Sem3. You also will assign user
to those groups.

74
Create new group

To create new group youll use groupadd command. This command creates a new group
account using the values specified on the command line plus the default values from the
system. The new group will be entered into the system files as needed
38. To create new group Sem1, Sem2 and Sem3; use the following command (Figure 129).
# groupadd Sem1
# groupadd Sem2
# groupadd Sem3
Figure 129 : Terminal groupadd.
75
39. Every time new group created, the system will store the group record in /etc/group file.
Enter the following command to view list of group created in your system (Figure 130):
# cat /etc/group
Figure 130 : Terminal - /etc/group
Add user to a group.

40. Now you will assign Zul Zcomby as Sem3 group member. Enter the following command
(Figure 131):
# usermod G Sem3 zul
Figure 131 : Terminal - usermod
76
41. To confirm user zul are added as member of Sem3 group, check the /etc/group file.
Enter the following command to view list of group and it members created in your system
(Figure 132):
# cat /etc/group
42. Now set group for Ocah, Akmal and Ali according to table below (Figure 133):
User
Group
ocah
Sem3
akmal
Sem2
ali
Sem1
Figure 133 : Group table.
77
EXERCISE 4.6
Creating Folder.
In this exercise youll create new directory called practice and change the ownership of the
directory.
43. To create directory practice, enter the following command (Figure 134):
# mkdir practice
Figure 134 : Terminal - make directory.
View directories/files permission and ownership.

44. Use ls -l command to view directories and files permission and ownership (Figure 135).
# ls -l
Figure 135 : Terminal list directory contents

You can notify that the practice directory is a member of the root group.
Every files and directories have the groups that have permission to read or open it. Its
also called group ownership.
78
EXERCISE 4.7
Changing group ownership
45. Enter the following command to change the group ownership of the practice directory
from root group to Sem3 group (Figure 136).
# chgrp Sem3 practice
Figure 136 : Terminal change directory group owner

# ls -l
79
EXERCISE 4.8
Changing files or directories ownership
47. Use the following command to change directory practice owner from root to zul (Figure
138):
# chown zul practice
Figure 138 : Terminal change directory owner

# ls -l
80
EXERCISE 4.9
Deleting a group.
49. First create new group Sem4, Sem5 and Sem6; use the following command (Figure
140).
# groupadd Sem4
# groupadd Sem5
# groupadd Sem6
Figure 140 : Terminal groupadd.

50. To confirm all the groups are successfully created, check the /etc/group file.
Enter the following command to view list of group and it members created in your system
(Figure 141):
# cat /etc/group
81
51. Now youll delete Sem6 group. Use the following command to delete Sem6 group
(Figure 142):
# groupdel Sem6
Figure 142 : Terminal - groupdel
52. Check the /etc/group file to confirm the Sem6 group are successfully deleted (Figure
143).
# cat /etc/group

Notice that Sem6 group is not listed in the /etc/group file.
53. Now delete group Sem4 and Sem5.
54. Logoff the server.
82
Exercise 5
Printer
Installation
and
Configuration
By
83
Exercise 5 : Printer Installation and Configuration

EXERCISE 5.1
Installing network printer.

In this section, youll learn how to network printer in your server.

84

4. Launch Printer Manager. System Administration Printing (Figure 147).
Figure 147 : Launch Printer Manager
85
5. Click New button (Figure 148).
Figure 148 : Printer Manager

6. Select AppSocket/HP JetDirect (Figure 149).
Figure 149 : Printer Manager New Printer
86
Setting up printer.
7. In this exercise the printer IP address is set to 192.168.2.24, enter the printer IP address
in the Host: box (Figure 150).
Figure 150 : Printer Manager Location of the network printer

8. Make sure Port number: is set to 9100 (Figure 150).
9. Click Forward button to continue (Figure 150).
10. Select printer brand [example: if you are using HP Color Laserjet CP1510n, select HP
from the list] (Figure 151).
Figure 151 : Printer Manager printer brand

87
12. Select your printer model. In this exercise, Im using HP Color Laserjet CP1510n
printer.
If your printer models are not listed, select the nearest model. So, I select Color
Laserjet cp1515n because this is the nearest model (Figure 152).
Figure 152 : Printer Manager Printer model

14. Enter Printer Name (use short name, e.g.: HPColor1510n). Description and Location
section are optional (Figure 153).
Figure 153 : Printer Manager Printer name

15. Click Apply button to continue (Figure 153).
88
Test the Printer.

16. Open Text Editor. Click Applications Accessories Text Editor (Figure 154).
Figure 154 : Launch Text Editor
17. Enter some text. Type whatever you want (Figure 155).
Figure 155 : Text Editor
89
18. Print the document. Click File Print (Figure 156).
Figure 156 : Launch Print Manager
19. Select your network printer (Figure 157).
Figure 157 : Print Manager

20. Click Print button to start printing (Figure 157).
21. Close all program and logout server.
90
Exercise 6
Process
Management
By
91
Exercise 6 : Process Management

EXERCISE 6.1
Understand the process.
In this section, youll learn how to analyze process in your server. This knowledge can help you
to troubleshoot your server problem.

92
4. Display and monitor all the active processes running on your server is the easiest way to
understand the process.
ps command are used to displays information about a selection of the active processes.
Use the following command to display information of the current process running on your
server (Figure 161):
# ps -aux | more
Figure 161 : Terminal - process

Table below explain the definition of every column for the process above:
Column
USER
PID
Explanations
Users start the process.
Process ID
%CPU
Percentage of CPU usage by the process.
%MEM
Percentage of memory usage by the process.
VSZ
Virtual memory size use by the process.
RSS
Memory physical size use by the process.
TTY
Terminal use by the process.
93
STAT
START
TIME
COMMAND
Process status.
When the process start.
CPU time usage by the process.
Commands start the process.
Figure 162 : Process Table
5. Press Ctrl + C key to exit or to go back to command prompt.
94
EXERCISE 6.2
Using Process command.
6. Use the following command to display process using by the current user (Figure 163):
# ps -u
Figure 163 : Terminal - process using by the current user
7. How to display process use by admin2?

Use the following command to display process use by admin2 (Figure 164):
# ps -au | grep admin2
Figure 164 : Terminal - process use by admin2
95
8. To display process use by all users, use the following command (Figure 165):
# ps -au
Figure 165 : Terminal - display process use by all users
96
EXERCISE 6.3
Stopping a Process.
Sometimes you face with the hang application. You have to terminate the application
through manual way. To terminate the process, you have to know the process IDs.
9. Use the following command to display process IDs (Figure 166)
# ps -aux
Figure 166 : Terminal - display process IDs
97
10. Now try to terminate the bash process start by admin2.

Use one of the following commands to terminate the bash process (Figure 167):
# kill 5503
or
# kill -9 5503
or
# kill -SIGKILL 5503
Signal
Statement
Explanation
HUP or SIGHUP
Reload the process.

Also called Clean Shut Down and Restart.
INT or SIGINT
KILL or SIGKILL
15
TERM or SIGTERM
Terminate the process.

Same as Ctrl + C
Order the operating system to terminate the
process without waiting the process
terminates itself.
Order the process to terminate by its
application and exit immediately.
Figure 167 : Process Table
98
11. You also can display the active process by using Top utility. Top will display the process
in real time. You can terminate or close Top utility by pressing q key.
Enter the following command to display process in the real time (Figure 168):
# top
Figure 168 : Terminal - top utility

12. Press q key to close top utility.
13. Close all program and logout server.
99
Exercise 7
Domain
(BIND)
Installation
and
Configuration
By
100
Exercise 7 : Domain (BIND) Installation and Configuration

In this section, youll learn how to implement a domain name server for your network. Domain
Name System (DNS) or Bind (name use in Linux system) provides a standard method for
associating names with numeric Internet addresses. This makes it possible for users to refer to
network computers by using easy-to-remember names instead of a long series numbers.
The first step is required to ensure that you are using a static IP address and that the DNS
settings on the computer have been correctly configured. Make sure you have hook up your PC
to the network and you are using a static IP address before you start.

101

EXERCISE 7.1
Check installation package.

4. You can check whether you have the Bind administration utility installed by executing the
following command (Figure 172):
# dpkg -l bind9
Figure 172 : Terminal Package checking
If the utility is missing you can install it using the following command but make sure your
Debian DVD are inserted in the DVD drive:
# apt-get install bind9
102
Lets configure Bind. To configure Bind you need to edit 3 files:

/etc/resolv.conf
/etc/bind/named.conf.local
/etc/hosts
---> Declare Search Domain and Domain Name Server

---> Declare Forward and Reverse zone file location
---> Declare host
create 2 new files:

/etc/bind/myserverSN.com.db
/etc/bind/myserverSN.com.arpa
---> Create Forward zone file

---> Create Reverse zone file
Note: SN Station number.

EXERCISE 7.2
Declare Search Domain and Domain Name Server
5. To declare Search Domain and Domain Name Server, you have to edit the resolv.conf
file and insert 3 line below:
domain myserver SN.com
search myserver SN.com
nameserver 192.168.2.SN
---> Your domain name

---> Your search domain name
---> Your domain IP address
Note: SN Station number.

You will use vim to edit resolv.conf file. Vim is a text editor that is upwards compatible
to vi. It can be used to edit all kinds of plain text. It is especially useful for editing
programs.
Execute the following command to edit resolv.conf (Figure 173):

# vim /etc/resolv.conf
Figure 173 : Terminal edit resolv.conf
103
Basic vim Commands

Key Strokes
/ text
: file
:q
:w
Esc
^r
h
i
j
k
l
p
R
u
x
yw
yy
What it Does
Searches for the text entered. The search starts from the
cursor's position.
Opens the file named.
Quits vim without saving.
Saves open file
Starts command mode.
Redo an action that was undone.
Moves the cursor one character to the left.
Starts insert mode.
Move the cursor down to the next line.
Moves the cursor up to the next line.
Moves the cursor one character to the right.
Pastes to the clipboard.
Starts over writing.
Undo last action.
Deletes the character at the cursor.
Moves the current word to the clipboard.
Moves the current line to the clipboard.
6. Press i to start insert mode and enter the line below (Figure 174):
domain myserver SN.com
search myserver SN.com
nameserver 192.168.2.SN
---> Your domain name

---> Your search domain name
---> Your domain IP address
Note: SN = Station number.
Figure 174 : Terminal - Declare Search Domain and Domain Name Server
104
7. Press ESC to exit insert mode.
8. Press :wq to save and exit vim (Figure 175)
Figure 175 : Terminal save and exit vim.
105
EXERCISE 7.3
Declare Forward and Reverse zone file location
9. To declare Forward and Reverse zone file location, you have to edit the
named.conf.local file. Execute the following command to edit named.conf.local file
(Figure 176):
# vim /etc/bind/named.conf.local
Figure 176 : Terminal edit named.conf.local file
zone "myserverSN.com" {
type master;
file "/etc/bind/myserverSN.com.db";
};
zone "SN.2.168.192.in-addr.arpa" {
type master;
file "/etc/bind/myserverSN.com.arpa";
};
Figure 177 : Terminal - declare Forward and Reverse zone file location
106
107
EXERCISE 7.4
Declare Hosts
13. To declare hosts, you have to edit the hosts file. Execute the following command to edit
hosts file (Figure 179):
# vim /etc/hosts
Figure 179 : Terminal edit hosts file
127.0.0.1
192.168.2.SN
localhost
debianserverSN.myserverSN.com debianserverSN
Figure 180 : Terminal - declare hosts

108
109
EXERCISE 7.5
Create Forward zone
17. In previous exercise you have declare myserverSN.com.db as your forward zone file.
To create Forward zone file, execute the following command (Figure 182):
# touch /etc/bind/myserverSN.com.db
Figure 182 : Terminal create Forward zone file
18. Now edit your Forward zone file, execute the following command to edit (Figure 183):
# vim /etc/bind/myserverSN.com.db
Figure 183 : Terminal edit Forward zone file
$TTL 3D
myserverSN.com.
myserverSN.com.
myserverSN.com.
IN SOA debianserverSN.myserverSN.com. root.myserverSN.com. (

2011030401
--> serial number; base on date
24H
--> refresh time
12H
--> retry
1W
--> expiry
1H )
-->minimum TTL
IN NS debianserverSN.myserverSN.com.
IN A
192.168.2.SN

Use spacebar for single spacing only. For width spacing between words use Tab.
110
Figure 184 : Terminal - Forward zone
Zone files definitions.

Record
SOA
NS
A
MX
Definition
List your administrative configuration for your domain.
List the DNS server for your domain.
Domain name for IP address mapping.
Use by mail server in your domain.
111
EXERCISE 7.6
Create Reverse zone
22. In previous exercise you have declare myserverSN.com.arpa as your reverse zone file.
To create Reverse zone file, execute the following command (Figure 186):
# touch /etc/bind/myserverSN.com.arpa
Figure 186 : Terminal create Reverse zone file
23. Now edit your Reverse zone file, execute the following command to edit (Figure 187):
# vim /etc/bind/myserverSN.com.arpa
Figure 187 : Terminal edit Reverse zone file

$TTL 3D
SN.2.168.192.in-addr.arpa. IN SOA debianserverSN.myserverSN.com. root.myserverSN.com. (
2011030401
--> serial number; base on date
24H
--> refresh time
12H
--> retry
1W
--> expiry
1H )
-->minimum TTL
SN.2.168.192.in-addr.arpa. IN NS debianserverSN.myserverSN.com.
SN.2.168.192.in-addr.arpa. IN PTR myserverSN.com.

Use spacebar for single spacing only. For width spacing between words use Tab.
112
Figure 188 : Terminal - Reverse zone
27. Restart service. Execute the following command to restart Bind service (Figure 190):
# /etc/init.d/bind9 restart
Figure 190 : Terminal Restart Bind service.
113
EXERCISE 7.7
Test DNS server
28. Testing Forward zone. Execute the following command to test Forward zone (Figure
191):
# nslookup myserverSN.com
Note: SN = Station Number.
Figure 191 : Terminal Testing Forward zone.
29. Testing Reverse zone. Execute the following command to test Reverse zone (Figure
192):
# nslookup 192.168.2.SN
Note: SN = Station Number.
Figure 192 : Terminal Testing Reverse zone.
30. Logoff the server.
114
Exercise 8
FTP Server
Installation
and
Configuration
By
115
Exercise 8 : FTP Server Installation and Configuration

File Transfer Protocol (FTP) is a TCP protocol for uploading and downloading files between
computers. FTP works on a client/server model. The server component is called an FTP
daemon. It continuously listens for FTP requests from remote clients. When a request is
received, it manages the login and sets up the connection. For the duration of the session it
executes any of commands sent by the FTP client.
Access to an FTP server can be managed in two ways:
Anonymous
Authenticated
In the Anonymous mode, remote clients can access the FTP server by using the default user
account called "anonymous" or "ftp" and sending an email address as the password.
In the Authenticated mode a user must have an account and a password. User access to the
FTP server directories and files is dependent on the permissions defined for the account used at
login. As a general rule, the FTP daemon will hide the root directory of the FTP server and
change it to the FTP Home directory. This hides the rest of the file system from remote
sessions.
116


EXERCISE 8.1
vsftpd is an FTP daemon available in Debian. It is easy to install, setup and maintain.
4. You can check whether you have the vsftpd administration utility installed by executing
the following command (Figure 196):
# dpkg -l vsftpd
117
vsftpd FTP Server Installation

(dont do step 4.1 & 4.2 if your vftpd package already installed)
4.1.
If the utility is missing you have to install it. To install vstpd, insert your Debian DVD
(disc 1) into your DVD drive and execute the following command (Figure 197):
# apt-get install vsftpd
Figure 197 : Terminal Installing package.

4.2.
Press Y key to continue (Figure 198).
118
By default, your FTP server is now successfully running but only anonymous FTP is allowed to
login and download from your FTP server.
5. After finish installing vsftpd package , the system automatically create home directory for
the FTP server. By default, the home directory for FTP server are created under the
/home directory.
You can check the FTP server home directory by execute the following command:
# cd /home
# ls
Figure 199 : Terminal - user /home directory.

You can see there are new directories named ftp under /home directory (Figure 199).
119
EXERCISE 8.2
Creating new file
6. Change to ftp home directory by executing the following command (Figure 200):
# cd /home/ftp
Figure 200 : Terminal ftp home directory.
7. Create new file named ftptest.txt by using the following command (Figure 201):
# touch /home/ftp/ftptest.txt
Figure 201 : Terminal Creating new file.
8. Display contents of the ftp home directory by execute the following command (Figure
202):
# ls
Figure 202 : Terminal Display directory contents.

You can see there are new file named ftptest.txt under /home/ftp directory (Figure
202).
120
EXERCISE 8.3
Configuring a Client Computer to test the FTP server.
Please refer to the following table for client configuration.
Name of This Computer
clientxpSN
Name of Organization
IKM
Role of This Computer
Client Workstation
Name of Installer
Administrator
Domain Name
same domain name as you did for the Server
TCP/IP Address
192.168.2.SN
TCP/IP Subnet mask
255.255.255.0
TCP/IP Gateway
192.168.2.ServerNumber
Preferred DNS server
192.168.2.ServerNumber
Note : SN = Station Number

Use the same domain name as you did for the Server.
121
9. Launch Network Connections application program. Click Start All Programs

Accessories Communications Network Connections (Figure 203)
Figure 203 : Launch Network Connections

10. Right click Local Area Connection (Figure 204).
Figure 204 : Local Area Connection

11. Select Properties (Figure 204).
122
12. Double click Internet Protocol (TCP/IP) (Figure 205)
Figure 205 : Local Area Connection Properties
13. Now set your client (Windows XP) IP address, and ensure that you are using a static IP
address. For this exercise, Im using number 61 as my Windows XP client station
number (Figure 206)
Use the following IP address:
IP address
: 192.168.2.SN
(client station number)
Subnet mask
: 255.255.255.0
Default gateway
: 192.168.2.ServerNumber
(server IP address)
Use the following DNS server address:

Preferred DNS server
Alternate DNS server
: 192 . 168 . 2 . ServerNumber

: ___ . ___ . ___ . ___
123
(1st server IP address)

(2nd server IP address)
Figure 206 : Internet Protocol (TCP/IP) Properties

14. Click OK button (Figure 207)

15. Click OK button (Figure 207) and close all remaining windows.
124
EXERCISE 8.4
Test the FTP server using Microsoft Windows XP client.
Login to FTP server using command prompt
16. Launch Command Prompt. Click Start Run; key-in cmd in the Open: box and press
ENTER (Figure 208)
Figure 208 : Launch command prompt.
17. At the command prompt, execute the following command to login to FTP server (Figure
209):
ftp 192.168.2.FSN
Note: FSN = FTP server Station Number.
and press ENTER.
Figure 209 : Login to FTP server.
125
18. Youll be asking to enter the username. Key-in anonymous as username and just press
ENTER for password [NO password] (Figure 210).
Figure 210 : Login to FTP server - successful
19. Display contents of the FTP server by execute the following command (Figure 211):
# ls
Figure 2 : Login to FTP server display contents.

20. Use command bye to logout from the FTP server (Figure 212).
# bye
Figure 212 : Logout from FTP server.
126
Login to FTP server using Internet Explorer

21. Launch Internet Explorer. Click Start Internet (Figure 213).
Figure 213 : Launch Internet Explorer.

22. Enter your FTP server address in the Address box. My FTP server address is
ftp://192.168.2.21 (Figure 214).
127
23. Click Go button (Figure 215)
Figure 215 : Login to FTP server successful.

You can see there is a file named ftptest.txt listed in the ftp directory. Now you are
successfully login to the FTP server as anonymous user or in other word as guest
(Figure 202).
24. Use Windows explorer to access the C:\Windows\Web\Wallpaper sub-folder.
25. Click on the file Azul.bmp and drag and drop it into the FTP Site window (Figure 216).
Figure 216 : Upload files to FTP Server.
128
Could you paste the file? YES NO

If NO, why?
Of course you cant paste any files into the FTP server directory because you not
configure the FTP server to allow anonymous user to upload files to the server.
By default, the anonymous users are not allowed to upload files to FTP server. To
change this setting, you should uncomment the following line in the vsftpd configuration
file:
anon_upload_enable=YES
The vsftpd configuration files are store in the vsftpd.conf file. But I not recommend you
to allow anonymous user to have permission to upload file to the FTP server. Its very
dangerous to the server security.
26. Close all error messages appeared.
129
EXERCISE 8.5
vsftpd FTP Server Configuration Allow local user to upload


130
By default, local system users are not allowed to login to FTP server. To change this
setting, you should uncomment the following line:
local_enable=YES
30. You can edit vsftpd configuration file using command below (Figure 220)
# vim /etc/vsftpd.conf
Figure 220 : Terminal edit vsftpd.conf file.

31. Press i to start insert mode and uncomment the following line by deleting the # symbol at
the beginning of the line (Figure 221):
local_enable=YES
and change line
anonymous_enable=YES to anonymous_enable=NO
to disable anonymous user.
Figure 221 : FTP server - allow local user login
131
32. By default, users are allowed to download files from FTP server. They are not allowed to
upload files to FTP server. To change this setting, you should uncomment the following
line: (Figure 222)
write_enable=YES
Figure 222 : FTP server allow all user write.
33. If you want to allow user to used ASCII mode for downloading and uploading files,
uncomment the following line: (Figure 223)
ascii_upload_enable=YES
ascii_download_enable=YES
Figure 223 : FTP server allow ASCII mode.

132
36. Restart service. Execute the following command to restart FTP service (Figure 225):
# /etc/init.d/vsftpd restart
Figure 225 : Terminal Restart FTP service.
133
Test user upload using Internet Explorer

37. Go to Client PC. Launch Internet Explorer. Click Start Internet (Figure 226).

38. Enter your FTP server address in the Address box and press ENTER. My FTP server
address is ftp://192.168.2.21 or you also can enter as ftp://myserver21.com (Figure
227).
134
39. The Log on box will appear. The FTP server ask for user name and password. Enter zul
as user name and comby as password (Figure 228).
Figure 228 : Login to FTP server user account.

40. Click Log On button to continue (Figure 228).
41. Use Windows explorer to access the C:\Windows\Web\Wallpaper sub-folder.
42. Click on the file Azul.bmp and drag and drop it into the FTP Site window (Figure 229).
Figure 229 : Upload files to FTP Server.
135
Could you upload the file? YES NO

Now sure you can upload the file into the FTP server directory. There are should be no
problem anymore.
Checking the user directory.
Back to Debian server.

136
45. Change to zul home directory by execute the following command (Figure 232):
# cd /home/zul
Figure 232 : Terminal changing home directory
46. Display contents of the zul home directory by executing the following command (Figure
233):
# ls
Figure 233 : Partition

You can see there is a file named Azul.jpg listed in the zul home directory.
47. Log off your server.
137
Exercise 9
Apache Web
Server
Installation
and
Configuration
By
138
Exercise 9 : Apache Web Server Installation and Configuration

Often referred to as simply Apache, a public-domain open source Web server developed by a
loosely-knit group of programmers. The first version of Apache, based on the NCSA httpd Web
server, was developed in 1995.
Core development of the Apache Web server is performed by a group of about 20 volunteer
programmers, called the Apache Group. However, because the source code is freely available,
anyone can adapt the server for specific needs, and there is a large public library of Apache
add-ons. In many respects, development of Apache is similar to development of the Linux
operating system.
The original version of Apache was written for UNIX, but there are now versions that run under
OS/2, Windows and other platforms.
The name is a tribute to the Native American Apache Indian tribe, a tribe well known for its
endurance and skill in warfare. A common misunderstanding is that it was called Apache
because it was developed from existing NCSA code plus various patches, hence the name a
patchy server, or Apache server.
139

140
EXERCISE 9.1
4. You can check whether you have the apache2 administration utility installed by
executing the following command (Figure 237):
# dpkg -l apache2

Apache2 Installation
4.1.
If the utility is missing you have to install it. To install apache2, insert your
Debian DVD (disc 1) into your DVD drive and execute the following command
(Figure 238):
# apt-get install apache2
141
4.2.
4.3.
142
Exercise 9.2
By default, the default web server directories are located at /var/www.
Lets say I want to change the default web server directories to /home/pubweb. And I also want
to set my own webpage as first page of the web server. The first page using default.htm as the
page file name.
Changing default web server directories
5. First you have to create a new directory name pubweb in the /home directory. Use the
following command to create new directory (Figure 241):
# mkdir /home/pubweb
Figure 241 : Terminal Create new directory.

6. Now edit the web server configuration file 000-default. Execute the following
command to edit 000-default file (Figure 242):
# vim /etc/apache2/sites-enabled/000-default
Figure 242 : Terminal - edit the web server configuration file.
143
7. Press i to start insert mode and change default web folder from /var/www/ to
/home/pubweb / (Figure 243):
Figure 243 : Terminal - Change default web folder

144

10. Restart apache service by execute the following command (Figure 245):
# /etc/init.d/apache2 restart
Figure 245 : Terminal Restart service.

Creating default.htm file.
11. Now youll create default.htm file as the first page of the web server. The first page will
display your name, station number and country. Execute the following command to start
create your default.htm file (Figure 246):
# vim /home/pubweb/default.htm
Figure 246 : Terminal create default.htm file.

12. Press i to start insert mode and key-in the following text into the file (Figure 247):
<html>
<head>
<title>New Web Site</title>
</head>
<body>
<p><h1 align="center">Welcome To My New Web Site</h1>
<h3 align="right">Hosted by My Web Server <font color="#FF0000"> your
domain</font></h3></p>
<p>your name</p>
<p>your station number</p>
<p>your country</p>
</body>
</html>
145
Figure 247 : Terminal edit default.htm file.


146
Adding default.htm into the first page file name list.

16. Now youll adding default.htm into the first page file name list in the web server by
execute the following command (Figure 250):
# vim /etc/apache2/mods-available/dir.conf
Figure 250 : Terminal edit dir.conf file.

17. Press i to start insert mode and add default.htm at the end of the DirectoryIndex line
(Figure 251):
Figure 251 : Terminal add default.htm as web server first page.

147

21. Log off the server.
Test the new Web Server on Client Site.

22. Log on to the client computer as Administrator.
148
24. Enter your Web server address in the Address box and press ENTER. My Web server
address is http://192.168.2.21 or you also can enter as http://myserver21.com (Figure
255).
Figure 255 : Testing Web server.
149
Exercise 9.3
Changing default port 80 to 8080

The purpose of doing this is because of security. Maybe the web was created for intranet
users only. By doing this, the server administrator can prevent the internet user from
browsing the intranet web.

150
28. Web server port configurations are store in the ports.conf and 000-default file. Execute
the following command to edit the ports.conf file (Figure 259):
# vim /etc/apache2/ports.conf
Figure 259 : Terminal edit ports.conf file.

29. Press i to start insert mode and change default port from 80 to 8080 (Figure 260):
Figure 260 : Terminal change default port
151

32. Now edit the web server configuration file 000-default. Execute the following
command to edit 000-default file (Figure 262):
# vim /etc/apache2/sites-enabled/000-default
Figure 262 : Terminal - edit the web server configuration file.
152
33. Press i to start insert mode and change the default VirtualHost port from 80 to 8080
(Figure 263):
Figure 263 : Terminal - Change default VirtualHost

153

37. Log off the server.
Test the new Web Server on Client Site.

154
40. Enter your Web server address in the Address box and press ENTER. My Web server
address is http://192.168.2.21.
You webpage appear in the browser? YES NO
If NO, why?
Because the web port has changed from port 80 to port 8080. If you enter only web
address without port extension, the browser will refer to the port 80.
41. Enter the web address with port number to view your webpage, e.g.
http://192.168.2.SN:8080 (Figure 267).
Figure 267 : Testing Web server
42. Log off client computer.
155
Exercise 10
DHCP
Installation
and
Configuration
By
156
Exercise 10 : DHCP Installation and Configuration

Dynamic Host Configuration Protocol (DHCP) is network protocol for automatically assigning
TCP/IP information to client machines. Each DHCP client connects to the centrally-located
DHCP server which returns that client's network configuration including IP address, gateway,
and DNS servers.
DHCP is useful for fast delivery of client network configuration. When configuring the client
system, the administrator can choose DHCP and not have to enter an IP address, netmask,
gateway, or DNS servers. The client retrieves this information from the DHCP server. DHCP is
also useful if an administrator wants to change the IP addresses of a large number of systems.
Instead of reconfiguring all the systems, he can just edit one DHCP configuration file on the
server for the new set of IP address. If the DNS servers for an organization changes, the
changes are made on the DHCP server, not on the DHCP clients. Once the network is restarted
on the clients (or the clients are rebooted), the changes will take effect.
Furthermore, if a laptop or any type of mobile computer is configured for DHCP, it can be moved
from office to office without being reconfigured as long as each office has a DHCP server that
allows it to connect to the network.
157

158
EXERCISE 10.1
4. You can check whether you have the dhcp administration utility installed by executing
# dpkg -l dhcp3-server

DHCP server Installation
5. If the utility is missing you have to install it. To install dhcp3 server, insert your Debian
DVD (disc 1) into your DVD drive and execute the following command (Figure 272):
# apt-get install dhcp3-server
Note: Just select OK if system ask any question during installation.
159
EXERCISE 10.2
Configuring DHCP server - Using address pool method.
In this exercise:a. Let's say, your domain is myserverSN.com
b. Your DHCP rage from 128 to 247 (20 client).
c. Your server IP address is 192.168.2. SN
d. Your subnet-mask is 255.255.255.0
6. Execute the following command to edit dhcp configuration file (Figure 273):
# vim /etc/dhcp3/dhcpd.conf
Figure 273 : Terminal edit dhcp configuration file.

7. Press i to start insert mode and comment the following line by adding the # at the
beginning of the line (Figure 274):
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
Figure 274 : Terminal Disable unwanted script.
160
8. Go to the last line of the page, and add the following script (Figure 275):
# Domain name
option domain-name "myserverSN.com";
option domain-name-servers myserverSN.com;
default-lease-time 600;
max-lease-time 7200;
# Example DHCP range from 128 to 247
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.128 192.168.2.247;
option routers 192.168.2.SN;
option broadcast-address 192.168.2.255;
option subnet-mask 255.255.255.0;
}
Figure 275 : Terminal DHCP range

161
# /etc/init.d/dhcp3-server restart
12. Log off server.
162
Test the DHCP Server

14. Launch Network Connections application program. Click Start All Programs
Accessories Communications Network Connections (Figure 278)
Figure 278 : Launch Network Connections

15. Right click Local Area Connection (Figure 279).
Figure 279 : Local Area Connection

16. Select Properties (Figure 279).
163
17. Double click Internet Protocol (TCP/IP) (Figure 280)
18. Now ensure that your client are using an automatic IP address (Figure 281)
Figure 281 : Internet Protocol (TCP/IP) Properties

19. Click OK button (Figure 281)
164
20. Click OK button (Figure 282).

21. Close all remaining windows.
22. Launch Command Prompt. Click Start Run; key-in cmd in the Open: box and press
ENTER (Figure 283).
Figure 283 : Launch Command Prompt
165
23. Check your client IP address by entering the following command (Figure 284):
Ipconfig
Figure 284 : Check your client IP address.

Now your client computers are set to obtain an IP address automatically from DHCP
server. So you can see the IP address has changed accordingly to the IP range you
have set in the DHCP server configuration file earlier.
24. Log off client computer.
166
Exercise 11
Installing and
Configuring
Samba
By
167
Exercise 11 : Installing and Configuring Samba

Samba is a suite of Unix applications that speak the SMB (Server Message Block) protocol.
Many operating systems, including Windows and OS/2, use SMB to perform client-server
networking. By supporting this protocol, Samba allows Unix servers to get in on the action,
communicating with the same networking protocol as Microsoft Windows products.

168
169
EXERCISE 11.1
4. You can check whether you have the samba administration utility installed by executing
# dpkg -l samba

Samba server Installation
If the utility is missing you have to install it. To install Samba server, insert your Debian
DVD (disc 1) into your DVD drive and execute the following command (Figure 289):
# apt-get install samba
Note: If system asks any question during installation, just presses Y and ENTER.
170
EXERCISE 11.2
In this exercise you will:
a. share stkm directory with Microsoft Windows.
Preparing directories.
Create directory and set directory permission.
5. Use the following command to create stkm directory inside /home (Figure 290):
# mkdir /home/stkm
Figure 290 : Terminal create directory.
6. Execute the following command to give user full access authority (Figure 292):
# chmod -R 777 /home/stkm
Figure 291 : Terminal change directory permission.

Configure Samba configuration file
7. Execute the following command to edit samba configuration file (Figure 292):
# vim /etc/samba/smb.conf
Figure 292 : Terminal - edit samba configuration file.

8.
Press i to start insert mode.
171
Set Samba security

Note: security = share / user / server
(security = share; no need smbpassword)
9. Go to Authentication section and add the following script to make the share directory
readable and no samba password required (Figure 293):
security = share
Figure 293 : Terminal Samba security.
Add samba directory sharing.

10. Go to last line of the page and add the following script to share directory stkm with Ms.
Windows (Figure 294):
[stkm]
comment = STKM share folder
path = /home/stkm
browseable = yes
writeable = yes
public = yes
Figure 294 : Terminal Setting share directory.
172
13. Restart samba service by execute the following command (Figure 296):
# /etc/init.d/samba restart
173
Test Samba server.

14. Go to client PC. Launch Command Prompt. Click Start Run.
15. Key-in your server IP address in the Open: box and press ENTER (Figure 297).
Figure 297 : Launch open server network sharing.
16. Windows Explorer will open the Debian server network sharing resource (Figure 298).
Figure 298 : Terminal
17. Double-click the stkm directory.

Can you browse the directory? YES NO
If NO, check your samba configuration. Maybe something missing in your samba
configuration.
18. Log off client.
174
Exercise 12
Disk Quotas
By
175
Exercise 12 : Disk Quotas

When you run a multi-user system it's possible for a single user to the system, by filling their
home directory with a lot of files, and filling a disk so that other users have no space of their
own. Quotas are a system of preventing this. It's possible to setup limits on the amount of space
a single user, or a single group, can use.
Using quotas on Debian is very easy as the Debian kernel packages all have quote support
compiled in.
There are two ways to use quotas:
Per user
Per group
When using per-user quotas you are effectively giving a limit on how much disk space the
specific user may consume. In the case of per-group quotas you're giving a limit on the total
disk usage of all members in that group combined.
Generally I find it much more useful to apply quotas on a per-user basis, as this way you dont
have to work out which member of a group is consuming all the space.
To setup quota usage on your system you'll need to do three things:
Mount your file systems with quota support

Install the quota software
Configure your limits
176

EXERCISE 12.1
177

4. You can check whether you have the quota administration utility installed by executing
# dpkg -l quota

Disk quota Installation
5. If the utility is missing you have to install it. To install quota, insert your Debian DVD
(disc 1) into your DVD drive and execute the following command (Figure 303):
# apt-get install quota

EXERCISE 12.2
178
Configuring Quotas
Now you need to tell the system which filesystems should be controlled by the quota system. To
do this, you need to edit the /etc/fstab file and add the "usrquota" and/or "grpquota" options to
the relevant lines (depend where the /home directories are mounted). In this exercise, our
/home directory are mounted on /home partition.
6. Execute the following command to edit fstab file (Figure 304):
# vim /etc/fstab
Figure 304 : Terminal - edit the fstab file.

7. Press i to start insert mode and add usrquota and grpquota option (Figure 305):
Figure 305 : Terminal - Add usrquota.

179
The quota system has a notion of a soft limit and a hard limit. A soft limit is a limit which
the user can live with for a while (by default 7 days). A hard limit is a limit which cannot
be crossed ever.
A hard limit is the quota that each user's or group's disk usage cannot exceed. The
operating system will prevent a user or group from exceeding its hard limit quota, as
though the hard drive simply ran out of storage space. It is normal for a system
admin to set a hard limit that is a little higher than the soft limit to provide some
breathing room when a user or group needs to save a file before eliminating excess
files that cause the quota limited directory to overrun its soft limit. One reason
something like this might be needed, for instance, is for copying, modifying, and
testing a file before deleting the copy.
A soft limit is the quota to which each user's or group's disk usage should be limited
for day to day operations. The soft limit can be exceeded temporarily, as described
above under the hard limit explanation, but after a short period of time the soft limit
will be enforced by disabling the user account if the user's directory is not brought
within standards of soft limit quota compliance. Enabling the account again will
require action by the system administrator.
The grace period setting determines how long someone has to bring storage use
within standards for soft limit quota compliance. For instance, a setting of seven days
gives a user seven days, after first exceeding the soft limit, to bring disk usage in the
quota configured directory below the soft limit again before the user account is
disabled. On most systems, seven days will be the default grace period, though the
system admin can configure the grace period for a longer or shorter time if desired.
These limits are recorded inside special files which we need to create for each file
system which is being used with quotas.
180
10. Continuing with our example of /home, we would create one file for user quotas. Execute
the following command to create the file (Figure 307):
# touch /home/aquota.user /home/aquota.group
# chmod 600 /home/aquota.user /home/aquota.group
Figure 307 : Terminal create file.
11. Execute the following command to enable partition to mount with quota support (Figure
308).
# mount -o remount /home
Figure 308 : Terminal remount partition.
12. Now insert Debian Disc 2 into your DVD drive and install the quotatool by execute the
following command (Figure 309).
# apt-get install quotatool
Figure 309 : Terminal install quotatool.
181
13. When each quota-enabled file system is remounted, the system is now capable of
working with disk quotas. However, the file system itself is not yet ready to support
quotas. To do this, you must first run quotacheck.
The quotacheck command examines quota-enabled file systems, building a table of the
current disk usage for each one.
This table is then used to update the operating systems copy of disk usage. In addition,
the file systems disk quota files are updated (or created, if they do not already exist).
Execute the following command to examine quota-enabled file systems (Figure 310):
# quotacheck -vagum
The system will took a few minute to scanning your hard disk. Be patient.
Figure 310 : Terminal turn on the quota system.
(-a) Check all quota-enabled, locally-mounted file systems

(-v) Display status information as the quota check proceeds
(-u) Check user disk quota information
(-g) Check group disk quota information
(-m) Dont try to remount file system read-only
182
14. Now you need to run quotaon command. quotaon announces to the system that disk
quotas should be enabled on one or more file systems. On the quota system by execute
the following command (Figure 311).
# quotaon -avug
Figure 311 : Terminal turn on the quota system.

(-a) Force all file systems in /etc/fstab to have their quotas disabled
(-v) Display a message for each file system affected
(-u) Manipulate user quotas
(-g) Manipulate group quotas
183
EXERCISE 12.3
Set per-user quota.
15. To set the soft limits to 20MB and the hard limit to 25MB for a user called ali you would
run the following command (Figure 312).
# quotatool -u ali -bq 20MB -l '25MB' /home
Figure 312 : Terminal set quota for ali.

16. To display disk usage and limit for ali, run the following command (Figure 313).
# quota -u ali
Figure 313 : Terminal display disk usage and limit

17. To display disk usage and limit for ali, zul, ocah and akmal, run the following command
(Figure 314).
# quota -u ali zul ocah akmal
Figure 314 : Terminal display disk usage and limit.

You can see that only ali have disk usage and limit stat, other users are reported none.
184
18. The -p option allows you to duplicate the settings of one user to another user. For
instance, to use the same settings for user "akmal" that you set for user "ali", you would
execute the following command (Figure 315):
# edquota -p ali -u akmal
Figure 315 : Terminal duplicate quota setting.

19. To display quota report for ali, zul, ocah and akmal, run the following command (Figure
316).
# quota -u ali zul ocah akmal

You can see that ali and akmal have same disk usage and limit stat, but other users are
reported none.
185
EXERCISE 12.4
Set per-group quota.
20. To set the soft limits to 10MB and the hard limit to 12MB for a group called stkm you
would run the following command (Figure 317):
# quotatool -g Sem3 -bq 10MB -l '12MB' /home
Figure 317 : Terminal set quota for Sem3 group.
21. To display quota report for Sem3 group, run the following command (Figure 318):
# quota -g Sem3
186
22. The system administrator can see what the disk and quota usage by invoking the
following command (Figure 319):
# repquota /home
Note:
a. If ever you wish to remove a quota for a user simply set their hard and soft
limits to '0'.
b. To restart quota service simply execute the following command:
# /etc/init.d/quota restart
187
Exercise 13
Squid
Installation
and
Configuration
By
188
Exercise 13 : Squid Installation and Configuration

Squid is a fully-featured HTTP/1.0 proxy which is almost (but not quite - were getting there!)
HTTP/1.1 compliant. Squid offers a rich access control, authorization and logging environment
to develop web proxy and content serving applications.


Figure 322 : Super User privilege
189
EXERCISE 13.1
Install Squid Package
4. Install Squid package by execute the following command (Figure 323):
# apt-get install squid
Note: If system asks any question during installation, just presses Y and ENTER.
Figure 323 : Terminal Installing Package
190
EXERCISE 13.2
Configure Squid (deny all http access)
5. First, backup the default configuration file for Squid and make a new one.
Note: The default configuration file is a good file to at least glance through. If you want
to do a more advanced configuration than this walkthrough does, you will want to read it.
The easiest ways to duplicate or backup a file is using copy command. Use the
following command to create backup for squid.conf (Figure 324):
# cp /etc/squid/squid.conf
/etc/squid/squid.conf_default
Figure 324 : Terminal Backup squid.conf
6. Open the /etc/squid/squid.conf file by using the following command :

# vim /etc/squid/squid.conf
6.1.

Find the following parameter (Figure 325) :
Figure 325 : Terminal edit squid.conf

This parameter will block all user from accessing internet.
191
6.2.
Press ESC to exit insert mode.
6.3.
Press :wq to save and exit vim
7. Test the Squid configuration.

7.1.
Go to client PC and log in as Administrator.
7.2.
Launch Internet Explorer browser. Click Start All Programs Internet

Explorer (Figure 326).
Figure 326 : Launch Internet Explorer
192
7.3.
On Internet Explorer; open Internet Options. Click Tools Internet Options

(Figure 327).
Figure 327 : Open Internet Options

7.4.
Select Connections tab and click LAN Settings button (Figure 328)
Figure 328 : Open LAN Settings
193
7.5.
Tick the option
Use a proxy server for .. VPN connections) (Figure 329).
Figure 329 : LAN Settings

7.6.
Enter your proxy server IP address (192.168.2.SN) and your proxy port number
(normally using port: 3128) (Figure 329).
7.7.
Click OK button (Figure 329).
7.8.
Click OK button.
7.9.
On the Internet Explorer, enter your web URL (http://myserverSN.com:8080).

What happen?
It will display Error, The request URL cannot be retrieved (Figure 330).
194
Figure 330 : Testing Squid on client browser
195
EXERCISE 13.3
Configure Squid (allow all http access)
8. Go back to the server.

9. Open the /etc/squid/squid.conf file by using the following command :
# vim /etc/squid/squid.conf
9.1.
9.2.
Find the following parameter (Figure 331) :
9.3.
Change the parameter http_access deny all to http_access allow all (Figure
3321) :

This parameter will allow all users to accessing internet.
196
9.4.
Press ESC to exit insert mode.
9.5.
Press :wq to save and exit vim
9.6.
Restart squid service by execute the following command (Figure 333):

# /etc/init.d/squid restart
10. Test the Squid configuration.

10.1.
Go to client PC and log in as Administrator.
10.2. Launch Internet Explorer browser. Click Start All Programs Internet
Explorer (Figure 334).
Figure 334 : Launch Internet Explorer
197
10.3.
On the Internet Explorer, enter your web URL (http://myserverSN.com:8080).
What happen?
Its should be no problem anymore. Your browser will display the web site (Figure
335).
Figure 335 : Testing Squid on client browser
198
Exercise 14
Routing
Server
Installation
and
Configuration
By
199
Exercise 14 : Routing Server Installation and Configuration

IP Routing
IP routing is a means of specifying and discovering paths in a TCP/IP network along which
network data may be sent. Routing uses a set of routing tables to direct the forwarding of
network data packets from their source to the destination, often via many intermediary network
nodes known as routers. IP Routing is the principal mode of path discovery on the Internet.
There are two primary forms of IP Routing: Static Routing and Dynamic Routing.
Static routing involves manually adding IP routes to the system's routing table, and this is
usually done by manipulating the routing table with the route command. Static routing enjoys
many advantages over dynamic routing, such as simplicity of implementation on smaller
networks, predictability (the routing table is always computed in advance, and thus the route is
precisely the same each time it used), and low overhead on other routers and network links due
to the lack of a dynamic routing protocol. However, static routing does present some
disadvantages as well. For example, static routing is limited to small networks and does not
scale well. Static routing also fails completely to adapt to network outages and failures along the
route due to the fixed nature of the route.
Dynamic Routing depends on large networks with multiple possible IP routes from a source to a
destination and makes use of special routing protocols, such as the Router Information Protocol
(RIP), which handle the automatic adjustments in routing tables that make dynamic routing
possible. Dynamic routing has several advantages over static routing, such as superior
scalability and the ability to adapt to failures and outages along network routes. Additionally,
there is less manual configuration of the routing tables, since routers learn from one another
about their existence and available routes. This trait also eliminates the possibility of introducing
mistakes in the routing tables via human error. Dynamic routing is not perfect, however, and
presents disadvantages such as heightened complexity and additional network overhead from
router communications, which does not immediately benefit the end users, but still consumes
network bandwidth.
200


Figure 338 : Super User privilege
201
Exercise 14.1
Adding static route
Adding static route in Debian is not too hard. Its just a matter of changing the configuration file.
Perhaps you already know what is the network routing you want to define.
To do this in Debian we need to change the network configuration file.
4. View routing iptables configuration (Figure 339).

# iptables -t nat -L
Figure 339 : Terminal - View routing iptables configuration
5. Add NAT routing to iptables (Figure 340).

# iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
Figure 340 : Terminal - Add NAT routing to iptables
202
6. Enable IP forwarding in the iptables (Figure 341).

# iptables -P FORWARD ACCEPT
Figure 341 : Terminal - Enable IP forwarding in the iptables
7. Save the iptables configuration (Figure 342).

# /sbin/iptables-save
Figure 342 : Terminal - Save the iptables configuration
8. View routing iptables configuration (Figure 343).

# iptables -t nat -L
203
Figure 343 : Terminal - View routing iptables configuration
References:
Debian -- Documentation
www.debian.org/doc/
Debian doc-central
www.togaware.com/linux/survivor/Debian_doc_central.html
Debian GNU/Linux: The Complete Documentation - L0T3K

www.l0t3k.org/linux/docs/debian/
Masquerading Made Simple HOWTO

www.ibiblio.org/pub/linux/.../Masquerading-Simple-HOWTO.html
Redirecting network traffic to a new - Debian/Ubuntu Tips & Tricks

www.debuntu.org/how-to-redirecting-network-traffic-a-new-ip-using...
Linux Proxy Server - About Debian Linux Guide

www.aboutdebian.com/proxy.htm
Linux Proxy Server - About Debian Linux Guide

www.aboutdebian.com/proxy.htm
Setting up a simple Debian gateway

www.debian-administration.org/articles/23
204

Debian 5 Server Update 28-10-2012

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Debian 5 Server Update 28-10-2012

Hochgeladen von

Copyright:

Verfügbare Formate

Linux

To my loving wife of more than 11 years, who continues to provide me love

About the Author

He currently works full-time on a government contract providing a wide array of technical

Installing Linux Debian 5

System Configuration (Initial Configuration)

Printer Installation and Configuration

Domain (BIND) Installation and

FTP Server Installation and Configuration

Apache Web Server Installation and

DHCP Installation and Configuration

Installing and Configuring Samba

Squid Installation and Configuration

Routing Server Installation and

Exercise 1 : Installing Linux Debian 5

Figure 1 : Installer boot menu

6. Select other for a country, territory or area (Figure 3).

Figure 3 : country, territory or area

10. Select Malaysia as your country (Figure 5).

Figure 6 : Keyboard layout.

Figure 7 : Network auto-configuration process.

Figure 8 : Network configuration method.

16. Press ENTER key to continue.

17. Hostname for the system.

Figure 10 : Domain name.

Figure 11 : Disks and all other hardware detection process

Figure 12 : Partitioning method.

Figure 13 : Partition disks.

Figure 14 : Partition disks - Yes.

To install Linux, we need to create minimum 2 partitions:

Benefits of using separate partitions

Other partitions you can create:

Creating Boot Partition.

Figure 15 : Partition disks Free Space.

30. Select Create a new partition (Figure 16)

Figure 16 : Partition disks Create new partition.

Figure 17 : Partition disks New partition size.

34. Select Primary for partition type (Figure 18)

Figure 18 : Partition disks - Primary.

Figure 19 : Partition disks Beginning.

38. Select Mount point (Figure 20)

Figure 20 : Partition disks Mount point.

Figure 21 : Partition disks - /boot

42. Select Done setting up the partition (Figure 22)

Figure 22 : Partition disks - Done

44. Now your boot partition are created (Figure 23)

Figure 23 : Partition disks

Creating Swap Partition.

Figure 24 : Partition disks Free space.

47. Select Create a new partition (Figure 25)

Figure 25 : Partition disks Create new partition.

Figure 26 : Partition disks New partition size.

51. Select Logical for partition type (Figure 27)

Figure 27 : Partition disks Logical.

Figure 28 : Partition disks Beginning.

55. Select Use as : (Figure 29)

Figure 29 : Partition disks Use as.

57. Select Swap area (Figure 30)

Figure 30 : Partition disks Swap area.

59. Select Done setting up the partition (Figure 31)

Figure 31 : Partition disks Done

61. Now your swap partition are created (Figure 32)

Figure 32 : Partition disks

Creating Root Partition.