|
|
| Line 1: |
Line 1: |
| | {{RightTOC}} | | {{RightTOC}} |
| | | | |
| − | The (local) network is an additional choice to install Slackware from when your hardware has this capability. Installing from the local network is particularly fast and is a good choice when playing around with the installation. This page explains how to configure a Slackware server for this usage. It was inspired by the [http://alien.slackbook.org/dokuwiki/doku.php?id=slackware:pxe AlienBob's blog page] on the same topic. To install Slackware over the network we need :
| + | == Firefox == |
| | | | |
| − | * A service to download the Slackware files during the Slackware setup. HTTP, FTP, or NFS can be used. In the example below we show how to use the NFS and FTP services included with Slackware.
| + | [http://www.mozilla.com Firefox] is included in the Slackware distribution. New versions are regularly made available thru the [http://www.slackware.com/security/ Security Advisories] Slackware page. Install using updatepkg : |
| − | * A service implementing the TFTP protocol. TFTP is used to effectively download the bootstrap code from the server identified. We will use the TFTP protocol included with Slackware.
| |
| | | | |
| − | * A service implementing the BOOTP protocol. BOOTP is used by the PXE firmware to identify on the network a server to download the bootloader code from. The DHCP server included with the Slackware distribution has this capability.
| + | # updatepkg mozilla-firefox-45.4.0esr-x86_64-1_slack14.2.txz |
| | | | |
| − | == Configuring NFS == | + | == Flashplayer == |
| | | | |
| − | NFS is SUN's Network File System. It is fast and can be used as a mount point, but depending on configuration may be unsecure and must be used locally only. Also, it uses some random port numbers that need to be fixed if firewalling. The directories used are defined in '''/etc/exports'''. Copy the content of the slackware DVD to a directory, for instance '''/var/pub/slackware64-14.2''', then edit /etc/exports as below. '''ro''' means read-only, '''sync''' makes sure that no asynchronous requests are made, '''insecure''' affords using different NFS ports from other NFS implementations, '''all_squash''' maps all uids and gids to the anonymous user for public access, '''no_subtree_check''' improves reliability in some circumstances. See '''man exports''' for more details.
| + | It is not exactly the right time to install Flashplayer as it is in the process to be decommissioned from all browsers to be replaced by '''HTML5'''. If you nevertheless want to inststall it, get it from [https://get2.adobe.com/flashplayer/ Adobe]. The libflashplayer.so library must be made executable and copied to the '''browser/plugins''' directory of firefox, and the usr directory content copied to /. |
| | | | |
| − | # mkdir /mnt/dvd | + | # mkdir /usr/local/flashplayer_11 |
| − | # mkdir /var/pub/slackware64-15.0 | + | # tar -C /usr/local/flashplayer_11 -xvf install_flash_player_11_linux.x86_64.tar.gz |
| − | # mount -o loop slackware64-15.0-install-dvd.iso /mnt/dvd | + | # cd /usr/local/flashplayer_11 |
| − | # cp -a /mnt/dvd/slackware64/* /var/pub/slackware64-15.0/ | + | # chmod a+x libflashplayer.so |
| | + | # mkdir /usr/lib64/firefox-x.y.z.t/browser/plugins |
| | + | # cp libflashplayer.so /usr/lib64/firefox-x.y.z.t/browser/plugins |
| | + | # cp -R usr / |
| | | | |
| − | # See exports(5) for a description.
| + | == Stellarium == |
| − | # This file contains a list of all directories exported to other computers.
| |
| − | # It is used by rpc.nfsd and rpc.mountd.
| |
| − |
| |
| − | /var/pub 192.168.0.1/24(ro,sync,insecure,all_squash,no_subtree_check)
| |
| − | | |
| − | The NFS server is launched using '''/etc/rc.d/rc.nfsd'''. Make this script executable so as to use it on every boot. You can also '''start''' it to test it immediately. The NFS client is launched using '''/etc/rc.d/rc.rpc''' and affords using NFS mount points from other NFS servers. Make this script executable if you want to use it and have it started on every reboot. This can be handy to cross-test NFS machines. Otherwise it should not be necessary.
| |
| − | | |
| − | # chmod u+x /etc/rc.d/rc.nfsd
| |
| − | # chmod u+x /etc/rc.d/rc.rpc
| |
| − | | |
| − | == Configuring FTP == | |
| − | | |
| − | As SSH affords encrypted authentication and transfers, FTP will be used on our site only for anonymous public downloads. FTP uses fixed port numbers so it is easy to firewall, but it is much slower than NFS. Slackware includes two FTPs : ProFTPd and vsFTP. We will use the latter. Using vsFTP requires very little configuration : setting the home directory of the ftp user to where we want our files to be downloaded from, uncommenting the correct '''ftp''' line in '''/etc/inetd.conf''' and '''/etc/rc.d/rc.inetd restart''', updating the firewall rules. For more details '''man vsftpd.conf'''.
| |
| − |
| |
| − | # usermod --home /var/pub ftp
| |
| − | . . .
| |
| − | # Very Secure File Transfer Protocol (FTP) server.
| |
| − | ftp stream tcp nowait root /usr/sbin/tcpd vsftpd
| |
| − | . . .
| |
| − | # /etc/rc.d/rc.inetd restart
| |
| − | . . .
| |
| − | # services on local network FTP BOOTP HTTP NNTP IMAP HTTPS SUBMIT VNC VOIP
| |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 20 -m state --state NEW -s 192.168.0.0/24
| |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 21 -m state --state NEW -s 192.168.0.0/24
| |
| − | | |
| − | == Configuring TFTPBOOT ==
| |
| − | | |
| − | TFTP is the trivial ftp protocol (for use on a local network). Let's create the '''tftp bootp''' file structure under the default '''/tftpboot''' directory. The directory where we store the bootloader files is '''/tftpboot/slackware64-15.0''' :
| |
| − | | |
| − | # mkdir /tftpboot
| |
| − | # mkdir /tftpboot/slackware64-15.0
| |
| − | # mkdir /tftpboot/slackware64-15.0/pxelinux.cfg
| |
| − | # mount -o loop slackware64-15.0-install-dvd.iso /mnt/dvd
| |
| − | # cp /usr/share/syslinux/pxelinux.0 /tftpboot/slackware64-15.0/
| |
| − | # cp /mnt/dvd/isolinux/message.txt /tftpboot/slackware64-15.0/
| |
| − | # cp /mnt/dvd/isolinux/f2.txt /tftpboot/slackware64-15.0/
| |
| − | # cp -a /mnt/dvd/kernels /tftpboot/slackware64-15.0/
| |
| − | # cp /mnt/dvd/usb-and-pxe-installers/pxelinux.cfg_default /tftpboot/slackware64-15.0/pxelinux.cfg/default
| |
| − | # cp /mnt/dvd/isolinux/initrd.img /tftpboot/slackware64-15.0/
| |
| − | # umount /mnt/dvd
| |
| − | | |
| − | Tftpboot is handled by '''inetd'''. To activate it, uncomment the tftp line in '''/etc/inetd.conf''' then '''/etc/rc.d/rc.inetd restart''' or reboot.
| |
| − | | |
| − | tftp dgram udp wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot -r blksize
| |
| − | | |
| − | == Configuring DHCP ==
| |
| − | | |
| − | We configure '''/etc/dhcpd.conf''' as follows. Our subnet is '''192.168.0.0''', our network mask '''255.255.255.0''', our IP address is '''192.168.0.1''', our router address '''192.168.0.254'''. The IP DHCP range is '''192.168.0.3''' to '''192.168.0.253'''. For more details on other configuration possbilities, '''man dhcpd.conf'''.
| |
| − | | |
| − | # dhcpd.conf
| |
| − | #
| |
| − | # Configuration file for ISC dhcpd (see 'man dhcpd.conf')
| |
| − |
| |
| − | # If this DHCP server is the official DHCP server for the local
| |
| − | # network, the authoritative directive should be uncommented.
| |
| − | authoritative;
| |
| − | ddns-update-style none;
| |
| − |
| |
| − | # Allow bootp requests
| |
| − | allow bootp;
| |
| − |
| |
| − | # Point to the TFTP server:
| |
| − | next-server 192.168.0.1;
| |
| − |
| |
| − | # Default lease is 1 week (604800 sec.)
| |
| − | default-lease-time 604800;
| |
| − | # Max lease is 4 weeks (2419200 sec.)
| |
| − | max-lease-time 2419200;
| |
| − |
| |
| − | subnet 192.168.0.0 netmask 255.255.255.0 {
| |
| − | option domain-name "studioware.com";
| |
| − | option broadcast-address 192.168.0.255;
| |
| − | option subnet-mask 255.255.255.0;
| |
| − | option domain-name-servers 192.168.0.1;
| |
| − | option routers 192.168.0.254;
| |
| − | range dynamic-bootp 192.168.0.3 192.168.0.253;
| |
| − | use-host-decl-names on;
| |
| − | if substring (option vendor-class-identifier, 0, 9) = "PXEClient" {
| |
| − | filename "/slackware64-14.2/pxelinux.0";
| |
| − | }
| |
| − | }
| |
| | | | |
| − | Next is to create a script '''/etc/rc.d/rc.dhcpd''' to launch dhcp. Our bridged interface is '''br0''' :
| + | [http://www.stellarium.org/fr/ Stellarium] is a nice planetary software. For Slackware 14.2 get source of version 0.12.6 from the [https://sourceforge.net/projects/stellarium/files/Stellarium-sources/ download] page and install using the instructions on the [http://www.stellarium.org/wiki/index.php/Compilation_on_Linux Compilation on Linux] wiki page : |
| | | | |
| − | #!/bin/sh | + | # tar -C /usr/local -xvf stellarium-0.12.6.tar.gz |
| − | #
| + | # cd /usr/local |
| − | # /etc/rc.d/rc.dhcpd | + | # chown -R root:root stellarium-0.12.6 |
| − | # This shell script takes care of starting and stopping | + | # cd stellarium-0.12.6 |
| − | # the ISC DHCPD service
| + | # mkdir -p builds/unix |
| − | #
| + | # cd builds/unix |
| − |
| + | # cmake ../.. |
| − | # Put the command line options here that you want to pass to dhcpd:
| + | # make |
| − | DHCPD_OPTIONS="-q '''br0'''"
| + | # make install |
| − | | |
| − | [ -x /usr/sbin/dhcpd ] || exit 0
| |
| − | | |
| − | [ -f /etc/dhcpd.conf ] || exit 0
| |
| − | | |
| − | start() { | |
| − | # Start daemons.
| |
| − | echo -n "Starting dhcpd: /usr/sbin/dhcpd $DHCPD_OPTIONS "
| |
| − | /usr/sbin/dhcpd $DHCPD_OPTIONS
| |
| − | echo
| |
| − | }
| |
| − | stop() {
| |
| − | # Stop daemons.
| |
| − | echo -n "Shutting down dhcpd: "
| |
| − | killall -TERM dhcpd
| |
| − | echo
| |
| − | }
| |
| − | status() {
| |
| − | PIDS=$(pidof dhcpd)
| |
| − | if [ "$PIDS" == "" ]; then
| |
| − | echo "dhcpd is not running!"
| |
| − | else
| |
| − | echo "dhcpd is running at pid(s) ${PIDS}."
| |
| − | fi
| |
| − | }
| |
| − | restart() {
| |
| − | stop
| |
| − | start
| |
| − | }
| |
| − | | |
| − | # See how we were called. | |
| − | case "$1" in
| |
| − | start)
| |
| − | start
| |
| − | ;;
| |
| − | stop)
| |
| − | stop
| |
| − | ;;
| |
| − | restart)
| |
| − | stop
| |
| − | start
| |
| − | ;;
| |
| − | status)
| |
| − | status
| |
| − | ;;
| |
| − | *)
| |
| − | echo "Usage: $0 {start|stop|status|restart}"
| |
| − | ;;
| |
| − | esac
| |
| − |
| |
| − | exit 0
| |
| | | | |
| − | Next is to make '''/etc/rc.d/rc.dhcpd''' executable, launch it from '''/etc/rc.d/rc.local''' and stop it from '''/etc/rc.d/rc.local_shutdown''' :
| + | == Thunderbird == |
| | | | |
| − | # chmod u+x rc.dhcpd
| + | [http://www.mozillamessaging.com Thunderbird] is included in the Slackware distribution. New versions are regularly made available thru the [http://www.slackware.com/security/ Security Advisories] Slackware page. Install using updatepkg : |
| − | . . .
| |
| − | # start dhcpd
| |
| − | if [ -x /etc/rc.d/rc.dhcpd ]; then
| |
| − | /etc/rc.d/rc.dhcpd start
| |
| − | fi
| |
| − | . . .
| |
| − | # stop dhcpd
| |
| − | if [ -x /etc/rc.d/rc.dhcpd ]; then
| |
| − | /etc/rc.d/rc.dhcpd stop
| |
| − | fi
| |
| | | | |
| − | == Firewalling NFS ==
| + | # updatepkg mozilla-thunderbird-45.3.0-x86_64-1_slack14.2.txz |
| | | | |
| − | Refer to [[IPTables]] for an introduction on packet filtering. NFS uses some random ports by defaults, that we need to fix if we want to be able to do proper packet filtering. To be precise, NFS uses sunrpc/111 and nfsd/2049, and random port numbers are used by other NFS daemons but it is possible to specify alternative port numbers on the command line or in the '''/etc/services''' file, to which we add :
| + | == VirtualBox == |
| | | | |
| − | rpc.nfs-cb 32764/tcp # RPC nfs callback
| + | [http://www.virtualbox.org VirtualBox] is a virtualization software by Sun, now Oracle. VirtualBox is incredibly simple to install and use. The VirtualBox virtual machines can be shared between Linux and Windows, and are very comfortable to use, thanks to smooth mouse moves and the possibility to resize windows (after installing appropriate drivers in the client virtual machines). [http://www.virtualbox.org/wiki/Downloads Downlad] from one of the All distributions link, give execution rights and run. That's it. The software is installed in /opt/VirtualBox. An icon Oracle VM VirtualBox is created on the System menu of KDE. |
| − | rpc.nfs-cb 32764/udp # RPC nfs callback
| |
| − | status 32765/udp # NFS status (listen)
| |
| − | status 32765/tcp # NFS status (listen)
| |
| − | status 32766/udp # NFS status (send)
| |
| − | status 32766/tcp # NFS status (send)
| |
| − | mountd 32767/udp # NFS mountd
| |
| − | mountd 32767/tcp # NFS mountd
| |
| − | lockd 32768/udp # NFS lock daemon/manager
| |
| − | lockd 32768/tcp # NFS lock daemon/manager
| |
| − | rquotad 32769/udp # NFS rquotad
| |
| − | rquotad 32769/tcp # NFS rquotad
| |
| | | | |
| − | The '''/etc/rc.d/rc.nfsd''' and '''/etc/rc.d/rc.rpc''' scripts are modified to specify port numbers on the command lines :
| + | <u>Note</u>: VirtualBox is incompatible with Xen. |
| | | | |
| − | if [ -x /usr/sbin/rpc.rquotad ]; then
| + | == Wallpapers == |
| − | echo " /usr/sbin/rpc.rquotad '''-p 32769'''"
| |
| − | /usr/sbin/rpc.rquotad '''-p 32769'''
| |
| − | fi
| |
| − |
| |
| − | if [ -x /usr/sbin/rpc.mountd ]; then
| |
| − | echo " /usr/sbin/rpc.mountd '''-p 32767'''"
| |
| − | /usr/sbin/rpc.mountd '''-p 32767'''
| |
| − | fi
| |
| − |
| |
| − | if ! ps axc | grep -q rpc.statd ; then
| |
| − | echo "Starting RPC NSM (Network Status Monitor): /sbin/rpc.statd '''-p 32765 -o 32766'''"
| |
| − | /sbin/rpc.statd '''-p 32765 -o 32766'''
| |
| − | fi
| |
| − | | |
| − | To make the lock daemon listen on port '''32768''' only and set the nfs callback port to '''32764''' we need to create file '''/etc/sysctl.d/nfs.conf''' :
| |
| | | | |
| − | fs.nfs.nlm_udpport=32768
| + | That's not software ;-) but getting many nice wallpapers affords running a presentation to change images regularly. We have found [http://wall.alphacoders.com Abyss] a good source. |
| − | fs.nfs.nlm_tcpport=32768
| |
| − | fs.nfs.nfs_callback_tcpport=32764
| |
| | | | |
| − | Last BOOTP and the NFS ports must be added to '''/etc/rc.d/rc.firewall''' :
| + | == Wireshark == |
| | | | |
| − | # by default no local traffic is allowed for network 192.168.0.0/24 on br0 interface
| + | [http://www.wireshark.org Wireshark] is a Network protocol analyzer. Install as below : |
| − | # iptables -A INPUT -i br0 -s 192.168.0.0/24 -d 192.168.0.0/24 -j ACCEPT
| |
| − | # iptables -A OUTPUT -o br0 -s 192.168.0.0/24 -d 192.168.0.0/24 -j ACCEPT
| |
| − |
| |
| − | # BOOTP
| |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 69 -s 192.168.0.0/24
| |
| | | | |
| − | # NFS ports | + | # tar -C /usr/local -xvf wireshark-x.y.tar.gz |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 111 -s 192.168.0.0/24
| + | # cd /usr/local/ |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 111 -m state --state NEW -s 192.168.0.0/24 | + | # chown -R root:root wireshark-x.y.z |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 2049 -s 192.168.0.0/24 | + | # chmod -R o-w wireshark-x.y.z |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 2049 -m state --state NEW -s 192.168.0.0/24 | + | # cd wireshark-x.y.z |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32764 -s 192.168.0.0/24 | + | # ./configure --help | less |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32764 -m state --state NEW -s 192.168.0.0/24 | + | # ./configure --libdir=/usr/local/lib64 --mandir=/usr/local/man --with-ssl --disable-ipv6 |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32765 -s 192.168.0.0/24
| + | # make |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32765 -m state --state NEW -s 192.168.0.0/24 | + | # make install |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32766 -s 192.168.0.0/24
| + | # make clean |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32766 -m state --state NEW -s 192.168.0.0/24
| + | # ldconfig |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32767 -s 192.168.0.0/24
| + | # wireshark |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32767 -m state --state NEW -s 192.168.0.0/24
| |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32768 -s 192.168.0.0/24
| |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32768 -m state --state NEW -s 192.168.0.0/24 | |
| − | iptables -A INPUT -p udp -j ACCEPT --dport 32769 -s 192.168.0.0/24 | |
| − | iptables -A INPUT -p tcp -j ACCEPT --dport 32769 -m state --state NEW -s 192.168.0.0/24 | |
| − | | |
| − | == Slackware setup ==
| |
| − | | |
| − | A few pieces of advice to make your Slackware setup from network easier :
| |
| − | | |
| − | * For some reason Slackare might use an interface other than eth0. Just move the cable to the right slot or update (or remove) /etc/udev/rules.d/70-persistent-net.rules.
| |
| − | | |
| − | * Slackware network setup uses NFS version 3 meaning that directory paths are absolute.
| |
| − | | |
| − | * The FTP directory paths are instead relative to the ftp user home directory.
| |
| | | | |
| | <br/> | | <br/> |
| | | | |
| − | {{pFoot|[[Managing partitions]]|[[Main Page]]|[[Installing Slackware]]}} | + | {{pFoot|[[OwnCloud]]|[[Main Page]]|}} |
It is not exactly the right time to install Flashplayer as it is in the process to be decommissioned from all browsers to be replaced by HTML5. If you nevertheless want to inststall it, get it from Adobe. The libflashplayer.so library must be made executable and copied to the browser/plugins directory of firefox, and the usr directory content copied to /.
That's not software ;-) but getting many nice wallpapers affords running a presentation to change images regularly. We have found Abyss a good source.
