Debian Administration Training Course

Debian Distribution

What is Debian?

• Selecting the appropriate Debian version
• Accessing Debian support and assistance
• Engaging with the Debian community

Console fundamentals

• Understanding the shell prompt
• Navigating the shell prompt within the X environment
• Managing the root account and root shell prompt (utilizing su, sudo, and running programs as root under X)
• Employing GUI system administration tools
• Utilizing virtual consoles
• Exiting the command prompt
• Properly shutting down the system
• Restoring a functional console
• Recommended additional packages for newcomers
• Creating an extra user account
• Configuring sudo

The filesystem

• Filesystem permissions
• Controlling permissions for newly created files: umask
• Managing permissions for user groups (group)
• Understanding timestamps
• Working with links
• Using named pipes (FIFOs)
• Implementing sockets
• Handling device files
• Working with special device files
• Utilizing procfs and sysfs

Midnight Commander (MC)

• Customizing MC
• Launching MC
• Navigating the file manager in MC
• Applying command-line techniques in MC
• Using the internal editor in MC
• Utilizing the internal viewer in MC
• Configuring auto-start features of MC
• Accessing MC's FTP virtual filesystem

The basic Unix-like work environment

• Using the login shell
• Customizing bash
• Utilizing special keystrokes
• Operating the pager
• Setting a default text editor
• Exiting vim
• Recording shell activities
• Executing basic Unix commands

The simple shell command

• Command execution and environment variables
• The "$LANG" variable
• The "$PATH" variable
• The "$HOME" variable
• Understanding command line options
• Using shell glob patterns
• Interpreting the return value of the command
• Executing typical command sequences and shell redirection
• Creating command aliases

Unix-like text processing

• Utilizing Unix text tools
• Mastering regular expressions
• Applying replacement expressions
• Performing global substitution with regular expressions
• Extracting data from text file tables
• Writing script snippets for piping commands

Debian package management

Debian package management prerequisites

• Configuring packages
• Implementing basic precautions
• Managing the lifecycle of perpetual upgrades
• Understanding Debian archive basics
• Handling package dependencies
• Understanding the event flow of package management
• Responding to initial package management issues

Basic package management operations

• Comparing apt-get/apt-cache with aptitude
• Performing basic package management operations via the command line
• Using aptitude interactively
• Utilizing key bindings in aptitude
• Navigating package views in aptitude
• Employing search method options with aptitude
• Using the aptitude regex formula
• Resolving dependencies with aptitude
• Reviewing package activity logs

Examples of aptitude operations

• Listing packages using regex matching on package names
• Browsing using regex matching
• Permanently purging removed packages
• Organizing auto/manual install status
• Performing a system-wide upgrade

Advanced package management operations

• Executing advanced package management operations via the command line
• Verifying installed package files
• Implementing safeguards for package problems
• Searching package metadata

Debian package management internals

• Understanding archive metadata
• Analyzing the top-level "Release" file and authenticity
• Examining archive-level "Release" files
• Fetching metadata for packages
• Understanding package state for APT
• Understanding package state for aptitude
• Managing local copies of fetched packages
• Decoding Debian package file names
• Using the dpkg command
• Utilizing the update-alternative command
• Using the dpkg-statoverride command
• Using the dpkg-divert command

Recovery from a broken system

• Addressing incompatibility with old user configurations
• Handling different packages with overlapping files
• Fixing broken package scripts
• Performing rescue operations with the dpkg command
• Recovering package selection data

Tips for package management

• Selecting Debian packages
• Managing packages from mixed archive sources
• Adjusting candidate versions
• Handling updates and backports
• Automating package downloads and upgrades
• LIMITing download bandwidth for APT
• Performing emergency downgrades
• Identifying who uploaded a package
• Utilizing the equivs package
• Porting packages to the stable system
• Configuring a proxy server for APT
• Using a small public package archive
• Recording and copying system configurations
• Converting or installing alien binary packages
• Extracting packages without dpkg
• Exploring further reading on package management

The system initialization

• Overview of the boot strap process
• Understanding BIOS, boot loaders, and the mini-Debian system
• The meaning of runlevels
• Configuring runlevels
• Examples of runlevel management
• Default parameters for each init script
• Configuring the hostname
• Filesystem configuration during boot
• Initializing network interfaces
• Initializing network services
• Managing system messages
• Managing kernel messages
• Understanding the udev system
• Initializing kernel modules

Authentication and Security

• Standard Unix authentication
• Managing account and password information
• Creating strong passwords
• Generating encrypted passwords
• Understanding PAM and NSS
• Configuration files accessed by PAM and NSS
• Implementing modern centralized system management
• Understanding "Why GNU su does not support the wheel group"
• Enforcing stricter password rules
• Configuring other access controls
• Using sudo
• Implementing SELinux and Apparmor
• Restricting access to specific server services
• Ensuring authentication security
• Transmitting secure passwords over the Internet
• Utilizing Secure Shell
• Applying extra security measures for Internet connectivity
• Securing the root password

Network setup

The basic network infrastructure

• Configuring the domain name
• Resolving hostnames
• Naming network interfaces
• Defining the LAN network address range
• Configuring network device support

Modern network configuration for desktops

• Using GUI network configuration tools

Low-level network configuration

• Executing Iproute2 commands
• Safely performing low-level network operations

Network optimization

• Determining the optimal MTU
• Setting the MTU
• Optimizing WAN TCP

Netfilter infrastructure

Network applications

The mail system

• Basics of modern mail services
• Strategies for workstation mail configuration

Mail transport agent (MTA) and Mail user agent (MUA)

• Overview of exim4
• Basic MUA: Mutt

Mail delivery agent (MDA) with filters

• Configuring maildrop
• Configuring procmail
• Redelivering mbox contents

POP3/IMAP4 server

The remote access server and utility (SSH)

• SSH fundamentals
• Configuring port forwarding for SMTP/POP3 tunneling
• Connecting without remote passwords
• Managing incompatible SSH clients
• Setting up ssh-agent
• Shutting down remote systems via SSH
• Troubleshooting SSH

Other network application servers

Other network application clients

Diagnosing system daemons

The X Window System

• Setting up the desktop environment
• Understanding the server/client relationship
• Configuring the X server
• Starting the X Window System
• Starting an X session with gdm
• Customizing the X session (classic method)
• Customizing the X session (new method)
• Connecting a remote X client via SSH
• Securing X terminals over the Internet
• Utilizing X applications
• Using X office applications
• Using X utility applications

System tips

The screen program

• Use cases for screen(1)
• Key bindings for the screen command

Data recording and presentation

• Understanding the log daemon
• Using log analyzers
• Cleanly recording shell activities
• Customizing text data display
• Customizing time and date display
• Using colorized shell echo
• Using colorized commands
• Recording editor activities for complex repetitions
• Recording the graphic image of an X application
• Recording changes in configuration files

Data storage tips

• Configuring disk partitions
• Accessing partitions using UUID
• Configuring filesystems
• Creating and checking filesystem integrity
• Optimizing filesystems via mount options
• Optimizing filesystems via superblock
• Optimizing hard disks
• Using SMART to predict hard disk failure
• Expanding usable storage space via LVM
• Expanding usable storage space by mounting another partition
• Expanding usable storage space using symlinks
• Expanding usable storage space using aufs

Data encryption tips

• Encrypting removable disks with dm-crypt/LUKS
• Encrypting swap partitions with dm-crypt
• Automatically encrypting files with eCryptfs
• Automatically mounting eCryptfs

Monitoring, controlling, and starting program activities

• Timing a process
• Managing scheduling priority
• Using the ps command
• Using the top command
• Listing files opened by a process
• Tracing program activities
• Identifying processes using files or sockets
• Repeating a command at constant intervals
• Repeating a command over a loop of files
• Starting a program from the GUI
• Customizing programs to be started
• Killing a process
• Scheduling tasks once
• Scheduling tasks regularly
• Using the Alt-SysRq key

System maintenance tips

• Identifying users on the system
• Notifying all users
• Identifying hardware
• Configuring hardware
• Managing system and hardware time
• Configuring the terminal
• Understanding the sound infrastructure
• Disabling the screen saver
• Disabling beep sounds
• Monitoring memory usage
• Performing system security and integrity checks

The kernel

• Configuring kernel parameters
• Understanding kernel headers
• Compiling the kernel and related modules
• Compiling kernel source: Debian standard method
• Compiling module source: Debian standard method
• Utilizing non-free hardware drivers

Virtualized system

• Using virtualization tools
• Following the virtualization workflow
• Mounting virtual disk image files
• Using chroot systems
• Managing multiple desktop systems

Data management

Sharing, copying, and archiving

• Using archive and compression tools
• Using copy and synchronization tools
• Idioms for archiving
• Idioms for copying
• Idioms for file selection
• Backup and recovery strategies
• Utilizing backup utility suites
• Example script for system backup
• Script for data backup
• Managing removable storage devices
• Sharing data via the network
• Using archive media

The binary data

• Viewing and editing binary data
• Manipulating files without mounting the disk
• Ensuring data redundancy
• Data file recovery and forensic analysis
• Splitting large files into smaller ones
• Clearing file contents
• Creating dummy files
• Erasing an entire hard disk
• Erasing unused areas of a hard disk
• Undeleting deleted but still open files
• Searching all hardlinks
• Understanding invisible disk space consumption

Data security infrastructure

• Managing keys for GnuPG (signing and encrypting)
• Generating MD5 sums