self help arrow DEBIAN arrow File server
NEW PC's
SECURITY
BROADBAND
DEBIAN
Setting up a Debian based file server

These notes cover the installation of Debian on either Intel or Mac G4 servers and configuring them to provide file and print services to Windows, MacOSX and Linux client PCs. Additional backup servers configured to automatically copy user data overnight to a separate machine can be located remotely and accessed via a VPN.

The notes are based on actual installations undertaken on behalf of our clients both with and without a RAID set-up. '[...]' denotes instructions specific to setting up software RAID1 on a pair of SATA drives and may be ignored if you aren't setting up a RAID configuration and have an ATA/IDE hard disk as opposed to SATA disks. Most of the installation is downloaded from the internet and therefore a broadband connection is required.

Hardware configuration (1)

  • Intel Desktop Board D865PERL
  • SCOM 32Bit 10/100 PCI NIC
  • 512MB 184Pin 2.5V 400MHZ ORIG
  • HDD Plus 9 80gb 7200 ATA133 IDE
  • 2 X Plus 9 120gb 7200 SATA150 8MB
  • Ge Force fx5500 8x agp 128mb
  • Dual Processor 4 3.2GHz 478 800 FSB
  • NEC ND3500 4 X Dual Layer Black

Hardware configuration (2)

  • PowerMac G4 AGP Graphics
  • Dual 450MHz cpu
  • 896MB memory
  • ATI Rage 128 PF/PRO AGP 4x TMDS
  • Maxtor 30GB ATA disk
  • Seagate Barracuda 120GB disk
  • HITACHI DVD-ROM GD-7000
  • UniNorth GMAC (Sun GEM) (NIC)

Installation

  • Download sarge.netinst.iso from: http://www.debian.org/CD/netinst/
  • Burn the .iso image on to a CD (Track At Once)
  • Place the installer CD in the CD/DVD ROM drive and at the boot prompt either hit return [or type in 'expert26' for SATA and RAID modules to be loaded for the installation].
  • It is worth having to hand some details about your PC. In Windows you can download and run Belarc Advisor to get information about the basic hardware on your computer. (It also provides some of the registration keys/details for your Windows software). Alternatively, most of the 'Live CDs' contain utilities to explore your system.
  • Install Debian/GNU Linux [with RAID configuration where appropriate, creating one RAID partition, /dev/md0], create admin and root users
  • Install aptitude (as root):
  • # apt-get install aptitude
  • Use aptitude to install the following packages:
  • sudo, rsync, vim, gpm, lynx, samba, lshw, vrms, ntpdate,
  • and remove surplus packages:
  • dhcp-client, telnet, PPP
  • give your self 'sudo' privileges

Setup RAID configuration

NB. For the G4, Rich Johnson, the maintainer of the "autoboot" utility, pointed me in the right direction here...

/proc/pmu/options contains the following variable: server_mode=0

Setting that variable to "1" (echo 'server_mode=1' > /proc/pmu/options) allows the Mac to restart automatically after a power failure.

  • Set default umask 002 or 007 in /etc/login.defs
  • Reset static IP address in /etc/network/interfaces unless already done at install
  • Set mtu to 1460:
  • $ sudo ifconfig eth0 mtu 1460

Backup server:

  • # sudo mkfs.ext3 /dev/md0
  • # sudo mkdir /root/backup
  • # sudo chown :staff /root/backup
  • # sudo chmod -R 2755 /root/backup
  • Edit /etc/fstab to include:
/dev/md0 /root/backup ext3 defaults 0 2
- where md0 is the backup partition/disk -
  • Mount backup
  • # sudo mount -a
  • Create users and groups
  • adduser(s) to groups

File server:

  • Check /etc/fstab also includes:
/dev/md0 /home ext3 defaults 0 2
(where md0 is the backup partition/disk)
  • Create users and groups ; adduser(s) to groups
  • Create shared directories
  • Prepare a directory hierarchy for group use, do the following as root:
  • # chgrp -R $group $dir
  • # find $dir -type d -print0 | xargs -0 chmod 2770
  • (You can use mode 2775, depending on needs for further information see 'man chmod' and google on Linux permissions)
  • # sudo find $dir -type f -print0 | xargs -0 chmod 660
  • (likewise, you may also use mode 664...)
  • An alternative to the above is:
  • # sudo find $dir -type f -print0 | xargs -0 chmod g=u,o=-rwx
  • This will clear permissions for others and set group permissions to the user permissions. This will preserve executable permissions.
  • Give yourself membership of the various groups to test permissions, ownership, etc.

For both servers:

Automatic data backup

On file server:

  • To ensure rsync runs as daemon, edit /etc/inetd.conf:
  • rsync stream tcp nowait root /usr/bin/rsync rsyncd --daemon
  • Restart inetd as root:
  • # /etc/init.d/inetd restart
  • Create /etc/rsyncd.conf file:
  • [rsync]
  • path = /home
  • use chroot = no
  • max connections = 4
  • auth users = root
  • hosts allow = x.x.x.x (backup server IP address)
  • secrets file = /etc/.rs_sec
  • uid = root
  • gid = root
  • Create /etc/.rs_sec:
  • root:rootpasswd
  • $ sudo chmod 600 /etc/.rs_sec

On Backup server:

  • Create /etc/.rs_pass file:
  • rootpasswd
  • # chmod 600 /etc/.rs_pass
  • Create /root/rsync.monthly.sh
  • #!/bin/bash
  • # This script is called monthly from cron to move the monthly backups up a # level
  • # The full paths of the programs used in this script
  • rm=/bin/rm
  • mv=/bin/mv
  • rm -rf /root/backup/snapshot/month.6
  • mv /root/backup/snapshot/month.5 /root/backup/snapshot/month.6
  • mv /root/backup/snapshot/month.4 /root/backup/snapshot/month.5
  • mv /root/backup/snapshot/month.3 /root/backup/snapshot/month.4
  • mv /root/backup/snapshot/month.2 /root/backup/snapshot/month.3
  • mv /root/backup/snapshot/month.1 /root/backup/snapshot/month.2
  • mv /root/backup/snapshot/week.4 /root/backup/snapshot/month.1
  • Create /root/rsync.weekly.sh
  • #!/bin/bash
  • # This script is called weekly from cron to move the weekly backups up a level
  • # The full paths of the programs used in this script
  • rm=/bin/rm
  • mv=/bin/mv
  • rm -rf /root/backup/snapshot/week.4
  • mv /root/backup/snapshot/week.3 /root/backup/snapshot/week.4
  • mv /root/backup/snapshot/week.2 /root/backup/snapshot/week.3
  • mv /root/backup/snapshot/week.1 /root/backup/snapshot/week.2
  • mv /root/backup/snapshot/day.6 /root/backup/snapshot/week.1
  • Create /root/rsync.daily.sh:
  • #!/bin/bash
  • # This script is called daily from cron to perform overnight backups
  • # The full paths of the programs used in this script
  • mv=/bin/mv
  • cp=/bin/cp
  • rsync=/usr/bin/rsync
  • # Good rsync options for backups.
  • rsync_opts="-av --delete"
  • # The name of the file containing the rsync connection password
  • password="--password-file=/etc/.rs_pass"
  • # Move all other backups up a level. Copy previous backup to /backup/daily.
  • # Backup FileServer according to the [rsync] sections of the rsyncd.conf files
  • # on FileServer. Use the password given in /etc/.rs_pass. Dump any output and
  • # error messages to /var/rsync/FileServer
  • mv /root/backup/snapshot/day.5 /root/backup/snapshot/day.6
  • mv /root/backup/snapshot/day.4 /root/backup/snapshot/day.5
  • mv /root/backup/snapshot/day.3 /root/backup/snapshot/day.4
  • mv /root/backup/snapshot/day.2 /root/backup/snapshot/day.3
  • mv /root/backup/snapshot/day.1 /root/backup/snapshot/day.2
  • cp -al /root/backup/home /root/backup/snapshot/day.1
  • $rsync $rsync_opts $password FileServer::rsync \
  • /root/backup/home/ > /var/rsync/FileServer
  • NOTE:
  • *"FileServer" must be in /etc/hosts on Backup Server
  • ** Make sure /root/backup/home/ and /var/rsync exist with correct permissions
  • $ mkdir /root/backup/home
  • $ mkdir /var/rsync
  • $ chmod 700 /root/rsync.daily.sh (do same for weekly and monthly scripts)
  • add File Server to /etc/hosts
  • Cronjob for Auto backup and snapshot rotation:
  • 20 23 1 * * /root/rsync.monthly.sh > /dev/null
  • 25 23 * * 7 /root/rsync.weekly.sh > /dev/null
  • 30 23 * * * /root/rsync.daily.sh > /dev/null
  • The above will do daily backups at 23:30 each night and Saturday's backup will be stored as the next weekly backup. On the 1st of each month the oldest weekly backup will become the next monthly back up.

Printers

  • Install cupsys cupsys-bsd cupsys-client foomatic-bin gs-esp a2ps See: http://excess.org/docs/linux_windows_printing.html
  • Adduser [authorised users] to lpadmin group
  • $ lynx localhost:631/admin # to add/configure printer
  • edit /etc/samba/smb.conf
  • # sudo /etc/init.d/samba restart # to share printers
  • If relocating the machines, once installed. After installation edit /etc/rsyncd.conf for changed IPaddress/Domain

Print off the following:

  • /boot/grub/menu.lst or /etc/yaboot.conf
  • /etc/fstab
  • Partition map
  • output of $ df -h
  • output of $ uname -r
  • lspci
  • lshw

On File server:

  • /etc/rsyncd.conf

On Backup server:

  • /root/rsync.daily.sh

Install back up Operating system on each PC depending on space etc.

Whilst not strictly necessary (you can rescue boot the system using a 'Live CD') it is very useful to have a backup system should any problems arise.

 

Clive Menzies - (updated following an 'etch RC1' install) January 2007