Archive for the ‘Linux Debian’ Category

vnstat

Thursday, November 18th, 2010

vnStat is a wonderful tool that will allow you to grab traffic information from you network interfaces.

From its homepage…

vnStat is a console-based network traffic monitor for Linux and BSD that keeps a log of network traffic for the selected interface(s). It uses the network interface statistics provided by the kernel as information source. This means that vnStat won’t actually be sniffing any traffic and also ensures light use of system resources. However, in Linux at least a 2.2 series kernel is required.

(more…)

How to disable IPv6 in Debian

Thursday, April 23rd, 2009

I’ve recently installed a new LDAP server on Debian Lenny and I wanted to disable IPv6 as it is unnecessary for me in this moment. With netstat I checked the listening processes:

netstat -tunlp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 2226/slapd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2215/sshd
tcp6 0 0 :::389 :::* LISTEN 2226/slapd
tcp6 0 0 :::22 :::* LISTEN 2215/sshd

and lsmod showed something like this:

Module Size Used by
ipv6 235364 12
...

So, to disable IPv6 I changed /etc/modprobe.d/aliases:
...
# alias net-pf-10 ipv6
# Disable ipv6
alias net-pf-10 off
alias ipv6 off
...

I also disabled these lines in /etc/hosts to avoid confusions:

...
## The following lines are desirable for IPv6 capable hosts
#::1 localhost ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts

Finally I restarted the server.

shutdown -r now

Now the situation is like this:

netstat -tunlp

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:389 0.0.0.0:* LISTEN 2233/slapd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2216/sshd

lsmod|grep ipv6

...

No IPv6.

15th birthday of the Debian project

Saturday, August 16th, 2008

On 16 August 1993 Ian Murdock issued the first announcement of the Debian Project on comp.os.linux.development. Since then Debian has established itself as one of the most stable Linux distros and commited to the FOSS.

More info:

System stats with saidar

Sunday, April 6th, 2008

saidar is a top like tool. It provides a curses based interface for viewing system statistics such as network I/O, disk I/O, CPU, memory and more. The core of the functionality is provided by the libstatgrab library:

libstatgrab is a library that provides cross platform access to statistics about the system on which it's run. It's written in C and presents a selection of useful interfaces which can be used to access key system statistics. The current list of statistics includes CPU usage, memory utilisation, disk usage, process counts, network traffic, disk I/O, and more.

On a Debian system install the package as usual:

apt-get install saidar

and then run:

saidar

Saidar in action

Debian: record boot messages

Sunday, April 6th, 2008

Debian allows you to record boot messages by means of the bootlogd daemon. According to man pages:

Bootlogd runs in the background and copies all strings sent to the /dev/console device to a logfile. If the logfile is not accessible, the messages will be kept in memory until it is.

This feature is not enabled by default. Edit /etc/default/bootlogd and modify it to enable recording of boot messages:

# Run bootlogd at startup ?
BOOTLOGD_ENABLE=Yes

Now bootlogd will start sending boot messages to /var/log/boot.

Debian apt-file

Sunday, January 27th, 2008

According to man pages:

apt-file is a command line tool for searching packages for the APT packaging system.

So let’s proceed:

apt-get install apt-file

apt-file update

The first command will install apt-file and the second command will fetch the content of the packages from the repositories specified in /etc/apt/sources.list and will resynchronize the contents from the sources.

Now give it a try:

apt-file -v search /usr/sbin/postfix

D: got ‘deb http://192.168.1.2:9999/debian/ etch main contrib non-free’
D: kept ‘deb http://192.168.1.2:9999/debian/ etch main contrib non-free’
D: regexp: ^(.*?usr/sbin/postfix[^s]*)s+(S+)s*$
D: Search in /var/cache/apt/apt-file/192.168.1 .2_debian_dists_etch_Contents-i386.gz

postfix: usr/sbin/postfix
postfix-policyd: usr/sbin/postfix-policyd
postfix-policyd: usr/sbin/postfix-policyd-cleanup

Note that you can get similar information by typing this:

dpkg -S /usr/sbin/postfix

postfix: /usr/sbin/postfix

The difference, however, is that apt-file provides information even if the package is not installed or was uninstalled.

Package management in Debian

Friday, February 24th, 2006

I use Debian since a while and i must say that i consider that it is the simpler distribution that i know. Well you can ever become some difficulties to install some drivers from proprietary stuff or new brand hardware but once you have your system running, believe me it is the simplest for maintaining, installing and removing in your system. And dpkg/apt are not least in the last assumption.

The first front-end at which you will stick is dselect, which is a menu based program.

I will not be extended with it because it is simple. What you need to know is that you can update the list of available packages with update, you can select which of them you will install with select. In this option, you go out of the help (going out of the help is the more tricky part) with the space bar (ubuntu like i thing it is with “enter”).

You can look for a package named for example firebird tipping “/fire” (without quote), and it will look for the first in the list named fire-something package and typing “n” you go through this list. Of course it is better typping “firebird”. If you want to select for installing you tip “+” (“-” for deinstalling) and dselect present you the list of conflicting, recommended … packages that you can choose with the same +- method (you go out of the list by typing enter). Once you’re satisfied, you tip “enter” and it go through the install process.

dselect is easy, not always the more flexible but the more secure and stable you can dream about. But let me present you the second soft of the debian classical tools collection: DPKG.

dpkg is a command line based tool. You can save the list of the installed packages on your system with:

dpkg –get-selections > selections.dpkg

Don’t be so shy and edit this text file. If you want to recover the state of your package selections you type:

dpkg –set-selections (no description available)
pn lynx-cur-wrapp (no description available)
un lynx-ssl (no description available)

and if you wish to know all the files that install or simply modify the installation of a package:

dpkg -L lynx

/.
/usr
/usr/bin
/usr/bin/lynx.stable
/usr/share
/usr/share/man
/usr/share/man/man1
/usr/share/man/man1/lynx.1.gz

/etc
/etc/lynx.cfg

You want the information on a package (lynx for example)?

dpkg -p lynx

Package: lynx
Priority: optional
Section: web
Installed-Size: 4292
Maintainer: James Troup
Architecture: i386

Description: Text-mode WWW Browser
Lynx is a fully-featured World Wide Web (WWW) client for users
running cursor-addressable, character-cell display devices (e.g.,

That is what a look at /var/lib/dpkg/available will give you after a painful search.

The status of the package can be found with:

dpkg -s lynx

Imagine that you find a strange file in you system (bad news…), and you want to make sure which package it comes from:

dpkg -S /etc/lynx.cfg

lynx: /etc/lynx.cfg

And you can run again the pre-installation process thanks to:

dpkg-reconfigure xserver-xfree86

It will replay the pre/post install script at wich you can take a look at /var/lib/dpkg/info/. For example, we had in my company a problem with bacula director’s instalation because there was a mistake in /var/lib/dpkg/info/bacula-director-mysql.postinst. We had this faultly line:

MYSQL_PSWD_STRING=”-p”$MYSQL_ROOT_PASSWORD”"

So the given root password was never the one bacula use to connect to mysql as root, we had to transform in:

MYSQL_PSWD_STRING=”-p $MYSQL_ROOT_PASSWORD”

(without the escaped quote)

Of course we have tried to reach the packager. But that’s not all folks. Now comes the bestpart: <i>apt</i>. You do not have to download the lynx_2.8.5-sarge1_i386.deb and after install with dpkg -i. No! Just lauch your branded 16k modem to become the line up and type:

apt-get install lynx

You have heard about a new security update, retrieve it with…

apt-get update

Same effect as…

dselect upgrade

…with:

apt-get upgrade

If you wish to look into the code:

apt-get source lynx

And all the magic stuff is controlled through /etc/apt/sources.list.

deb file:///cdrom/ sarge main
deb http://ftp.de.debian.org/debian/ sarge main non-free contrib
deb-src http://ftp.de.debian.org/debian/ sarge main non-free contrib
deb http://security.debian.org/ sarge/updates main contrib non-free

Or better with a mirror:

deb http://ftp.rediris.es/debian/ stable main non-free contrib
deb-src http://ftp.rediris.es/debian/ stable main non-free contrib

Or the best, an apt-proxy which proxies your downloads (karkoma, will you write an apt-proxy article, don’t you?):

deb http://aptserv.dmz:9999/debian/ sarge main non-free contrib
deb-src http://aptserv.dmz:9999/debian sarge main non-free contrib
deb http://aptserv.dmz:9999/debian-volatile sarge/volatile main
deb http://aptserv.dmz:9999/security/ sarge/updates main contrib non-free

Note the debian-volatile: this is for the highly upgraded packages like clamav, dcc,…

Another file that can be quite useful is /etc/apt/apt.conf. For example if you have an http proxy for going out in internet you will add in this file:

Acquire::http::Proxy “http://proxy.yourcompany:3128″;;

Or you can simply set the http_proxy=http://proxy.yourcompany:3128 in your environment). In the precedent case of the apt-proxy, if you have an http_proxy and of course you don’t want to proxy your apt-proxy you can control it by adding in this file:

Acquire
{
http
{
Proxy::no_proxy=comm.dmz;
}
}

Or add no_proxy=http://aptserv.dmz:9999 in your environment). Note that you have two syntaxes (the first one is the old one and the second one is the new). Don’t be confused with upgrade and update: update is when the source-list has been changed to synchronize the list of the mirrors and upgrade is to synchronize the list of the new availables packages.

One good tool in case of problems with apt is apt-config. dump> will dump for you your configuration with all the parameters (the defaults too):

$ apt-config dump
APT “”;
APT::Architecture “i386″;
APT::Build-Essential “”;

DPkg::Pre-Install-Pkgs:: “/usr/sbin/dpkg-preconfigure –apt || true”;
Acquire “”;
Acquire::http “”;

Caution! When you upgrade to a new distribution of debian (it occurs once every two years more or less, that could be the only criticism of debian), change your source-list, perform an apt-get update, an apt-get upgrade and after that an apt-get dist-upgrade.

One last word. Comes aptitude, a new tool (there is a lot of graphical tools that i don’t know…). but for sarge it seems to me that the old ones do a better works (i must take a closer look…).

Enjoy Debian without moderation…

Debian deborphan

Wednesday, February 8th, 2006

As you install packages in your Debian system it is possible that you end up with a bunch of packages that are not needed. These are orphaned packages, packages that are not required by another package. To handle this situation you have the deborphan utility. From the man pages:

deborphan finds packages that have no packages depending on them. The default operation is to search only within the libs and oldlibs sections to hunt down unused libraries.

To install deborphan proceed as usual:

apt-get install deborphan

Now to see orphaned packages simply type…

deborphan

Note that it will not remove the packages listed, it will simply list packages that should be removed. If you want to definitely remove the package…

deborphan | xargs apt-get –purge remove -y

An advice: be carefull to first check what packages are to be removed to avoid potential mistakes of deborphan. For more information take a look at man pages.

DNS cache with DJBDNS for Debian

Sunday, January 8th, 2006

In order to inaugurate this new Debian section here we go with an easy and quick way to setup your own DNS cache. So let’s go!

A DNS caching resolver performs the function of caching answers to previous queries so that there is no need to repeatedly query for the same information. Setting up such a thing with djbdns is a trivial task. Proceed as follows:

NOTE: This instructions assume Debian Sarge but I guess this is not much different with other Debians.

apt-get install daemontools-installer djbdns-installer ucspi-tcp-src

Then build the packages following the instructions provided by APT (build-daemontool, build-djbdns, etc…).

Once installed proceed with the configuration:

dnscache-conf dnscache dnslog /etc/dnscache
ln -s /etc/dnscache /service
sleep 5
svstat /service/dnscache

Now edit your resolver configuration file to look like this:

nameserver 127.0.0.1

I have had some problems with the init script that Debian Sarge installed (note that I’ve created the files in /etc/dnscache), so I modified a couple of lines and now looks like this:

…..
start)
echo -n “Starting djbdns: ”
#for i in `ls -d /var/lib/svscan/dnscache* /var/lib/svscan/tinydns* /var/lib/svscan/axfrdns* 2>/dev/null`; do
for i in `ls -d /service/dnscache* 2>/dev/null`; do
…..
stop)
echo -n “Stopping djbdns: ”
#for i in `ls -d /var/lib/svscan/dnscache* /var/lib/svscan/tinydns* /var/lib/svscan/axfrdns* 2>/dev/null`; do
for i in `ls -d /service/dnscache* 2>/dev/null`; do
…..

That’s all folks!

References: