Overview
This is a comprehensive training course for administering Debian GNU/Linux operating system.
It is always delivered on the current version of Debian.
Course Outline
Debian Distribution
What is Debian?
- Choosing Debian version
- Debian support and help
- Debian community
Console basics
- The shell prompt
- The shell prompt under X
- The root account and root shell prompt (su, sudo, running programs as root under X)
- GUI system administration tools
- Virtual consoles
- How to leave the command prompt
- How to shut down the system
- Recovering a sane console
- Additional package suggestions for the newbie
- An extra user account
- sudo configuration
The filesystem
- Filesystem permissions
- Control of permissions for newly created files: umask
- Permissions for groups of users (group)
- Timestamps
- Links
- Named pipes (FIFOs)
- Sockets
- Device files
- Special device files
- procfs and sysfs
Midnight Commander (MC)
- Customization of MC
- Starting MC
- File manager in MC
- Command-line tricks in MC
- The internal editor in MC
- The internal viewer in MC
- Auto-start features of MC
- FTP virtual filesystem of MC
The basic Unix-like work environment
- The login shell
- Customizing bash
- Special key strokes
- The pager
- Setting a default text editor
- How to quit vim
- Recording the shell activities
- Basic Unix commands
The simple shell command
- Command execution and environment variable
- “$LANG” variable
- “$PATH” variable
- “$HOME” variable
- Command line options
- Shell glob
- Return value of the command
- Typical command sequences and shell redirection
- Command alias
Unix-like text processing
- Unix text tools
- Regular expressions
- Replacement expressions
- Global substitution with regular expressions
- Extracting data from text file table
- Script snippets for piping commands
Debian package management
Debian package management prerequisites
- Package configuration
- Basic precautions
- Life with eternal upgrades
- Debian archive basics
- Package dependencies
- The event flow of the package management
- First response to package management troubles
Basic package management operations
- apt-get/apt-cachevs.aptitude
- Basic package management operations with the commandline
- Interactive use of aptitude
- Key bindings of aptitude
- Package views under aptitude
- Search method options with aptitude
- The aptitude regex formula
- Dependency resolution of aptitude
- Package activity logs
Examples of aptitude operations
- Listing packages with regex matching on package names
- Browsing with the regex matching
- Purging removed packages for good
- Tidying auto/manual install status
- System wide upgrade
Advanced package management operations
- Advanced package management operations with commandline
- Verification of installed package files
- Safeguarding for package problems
- Searching on the package metadata
Debian package management internals
- Archive metadata
- Top level “Release” file and authenticity
- Archive level “Release” files
- Fetching of the metadata for the package
- The package state for APT
- The package state for aptitude
- Local copies of the fetched packages
- Debian package file names
- The dpkg command
- The update-alternative command
- The dpkg-statoverride command
- The dpkg-divert command
Recovery from a broken system
- Incompatibility with old user configuration
- Different packages with overlapped files
- Fixing broken package script
- Rescue with the dpkg command
- Recovering package selection data
Tips for the package management
- How to pick Debian packages
- Packages from mixed source of archives
- Tweaking candidate version
- Updates and Backports
- Automatic download and upgrade of packages
- Limiting download bandwidth for APT
- Emergency downgrading
- Who uploaded the package?
- The equivs package
- Porting a package to the stable system
- Proxy server for APT
- Small public package archive
- Recording and copying system configuration
- Converting or installing an alien binary package
- Extracting package without dpkg
- More readings for the package management
The system initialization
- An overview of the boot strap process
- BIOS, boot loader, mini-Debian system
- The meaning of the runlevel
- The configuration of the runlevel
- The runlevel management example
- The default parameter for each init script
- The hostname
- The filesystem
- Network interface initialization
- Network service initialization
- The system message
- The kernel message
- The udev system
- The kernel module initialization
Authentication and Security
- Normal Unix authentication
- Managing account and password information
- Good password
- Creating encrypted password
- PAM and NSS
- Configuration files accessed by the PAM and NSS
- The modern centralized system management
- “Why GNU su does not support the wheel group”
- Stricter password rule
- Other access controls
- sudo
- SELinux, Apparmor
- Restricting access to some server services
- Security of authentication
- Secure password over the Internet
- Secure Shell
- Extra security measures for the Internet
- Securing the root password
Network setup
The basic network infrastructure
- The domain name
- The hostname resolution
- The network interface name
- The network address range for the LAN
- The network device support
The modern network configuration for desktop
- GUI network configuration tools
The low level network configuration
- Iproute2 commands
- Safe low level network operations
Network optimization
- Finding optimal MTU
- Setting MTU
- WAN TCP optimization
Netfilter infrastructure
Network applications
The mail system
- Modern mail service basics
- The mail configuration strategy for workstation
Mail transport agent (MTA) and Mail user agent (MUA)
- Overview of exim4
- Basic MUA- Mutt
Mail delivery agent (MDA) with filter
- maildrop configuration
- procmail configuration
- Redeliver mbox contents
POP3/IMAP4 server
The remote access server and utility (SSH)
- Basics of SSH
- Port forwarding for SMTP/POP3 tunneling
- Connecting without remote passwords
- Dealing with alien SSH clients
- Setting up ssh-agent
- How to shut down the remote system on SSH
- Troubleshooting SSH
Other network application servers
Other network application clients
The diagnosis of the system daemons
The X Window System
- Setting up desktop environment
- The server/client relationship
- The X server
- Starting the X Window System
- Starting X session with gdm
- Customizing the X session (classic method)
- Customizing the X session (new method)
- Connecting a remote X client via SSH
- Secure X terminal via the Internet
- X applications
- X office applications
- X utility applications
System tips
The screen program
- The use scenario for screen(1)
- Key bindings for the screen command
Data recording and presentation
- The log daemon
- Log analyzer
- Recording the shell activities cleanly
- Customized display of text data
- Customized display of time and date
- Colorized shell echo
- Colorized commands
- Recording the editor activities for complex repeats
- Recording the graphic image of an X application
- Recording changes in configuration files
Data storage tips
- Disk partition configuration
- Accessing partition using UUID
- Filesystem configuration
- Filesystem creation and integrity check
- Optimization of filesystem by mount options
- Optimization of filesystem via superblock
- Optimization of hard disk
- Using SMART to predict hard disk failure
- Expansion of usable storage space via LVM
- Expansion of usable storage space by mounting another partition
- Expansion of usable storage space using symlink
- Expansion of usable storage space using aufs
Data encryption tips
- Removable disk encryption with dm-crypt/LUKS
- Encrypted swap partition with dm-crypt
- Automatically encrypting files with eCryptfs
- Automatically mounting eCryptfs
Monitoring, controlling, and starting program activities
- Timing a process
- The scheduling priority
- The ps command
- The top command
- Listing files opened by a process
- Tracing program activities
- Identification of processes using files or sockets
- Repeating a command with a constant interval
- Repeating a command looping over files
- Starting a program from GUI
- Customizing program to be started
- Killing a process
- Scheduling tasks once
- Scheduling tasks regularly
- Alt-SysRq key
System maintenance tips
- Who is on the system?
- Warning everyone
- Hardware identification
- Hardware configuration
- System and hardware time
- The terminal configuration
- The sound infrastructure
- Disabling the screen saver
- Disabling beep sounds
- Memory usage
- System security and integrity check
The kernel
- Kernel parameters
- Kernel headers
- Compiling the kernel and related modules
- Compiling the kernel source: Debian standard method
- Compiling the module source: Debian standard method
- Non-free hardware drivers
Virtualized system
- Virtualization tools
- Virtualization work flow
- Mounting the virtual disk image file
- Chroot system
- Multiple desktop systems
Data management
Sharing, copying, and archiving
- Archive and compression tools
- Copy and synchronization tools
- Idioms for the archive
- Idioms for the copy
- Idioms for the selection of files
- Backup and recovery
- Backup utility suites
- An example script for the system backup
- A copy script for the data backup
- Removable storage device
- Sharing data via network
- Archive media
The binary data
- Viewing and editing binary data
- Manipulating files without mounting disk
- Data redundancy
- Data file recovery and forensic analysis
- Splitting a large file into small files
- Clearing file contents
- Dummy files
- Erasing an entire hard disk
- Erasing unused area of a hard disk
- Undeleting deleted but still open files
- Searching all hardlinks
- Invisible disk space consumption
Data security infrastructure
- Key management for GnuPG (signing and encrypting)
- The MD5 sum