Download the book in PDF format  
  Last update: 2012-11-16  Size: 4.5M



  Contents

1. Requirements

SMS.Native.CD requirements:

Any Pentium class processor 500MHz or AMD K2 and above will do, as for the RAM you will need at least 128MB (256MB recommended). You can install it on a 486 machine with 128MB RAM too, but you need to choose huge or hugel7 kernel while booting SMS install disk.

SMS.Live.CD requirements:

To boot into Live mode any Pentium class processor 500MHz or AMD K2 and above will do, as for the RAM you will need at least 128MB (256MB recommended). Booting in a slow computer with 128MB might output error with clamav-milter (needs to increase the time for loading), after you install it on disk there will be no such problem.

Don’t forget that it’s a server , put a descent machine on it.

2. Installation

2.1 SMS.Live.CD Installation:

Boot with SMS.LiveCD, login with username: root and password: toor, type ‘sms-text-installer’ and follow the instructions. After the sms-text-installer finishes, reboot and use ‘netconfig’ command to configure your server’s hostname and domain.

Note: Installing SMS from SMS.LiveCD is NOT recommended.

2.2 SMS.Native.CD Installation:

Video Tutorial

2.2.1 Choose Kernel

- At boot promt select your kernel from a choice of four kernels and press enter:

1. hugesmp.s Default SMS Kernel very similar to Slackware’s kernel.

2. huge.s Default SMS Kernel for i486 and better machines.

3. hugel7.s Same as hugev.s but with Layer 7 support patch.

4. memtest Test your memory for errors with memtest utility.

2.2.2 Partition hard drives

- Select your keyboard map and login as root.

- Before you run setup you must create your partitions with “cfdisk”.

- For a list of partitions type

root@sms:~# cat /proc/partitions

or

root@sms:~# fdisk -l

- To partition for example “/dev/sda” type

root@sms:~# cfdisk /dev/sda

Create a boot partition 100MB in size and mark it bootable.

Create a swap partition, usually twice your RAM, but 2GB is enough.

Create the root (/) partition, at least 4GB in size.

You can create optional partitions for mount points such as /home or /usr/local.

Write the partition table to disk and exit.

2.2.3 Setup.

You are now ready to type “setup” and set your swap partitions

Choose you swap partitions

Just swapon your swap partition.

No need to check for bad blocks.

Choose your root partition and format it.

Choose your boot partition and format it as ext2 or ext3.

Assign the mount point

You should see something like that.

Choose your source media and follow the instructions.

Select series of software to install. By default DEVEL series is off, if you want to select it navigate to it and press “space”

The recommended setup mode is FULL where 2.7GB+ software is installed, including DEVEL series Xorg server and KDE 3.5.10.

When setup finish installing packages, it will ask you to choose a kernel.

All kernels are already installed, you just have to choose from which kernel your system will boot. Huge kernels has all the serious stuff already built-in, their purpose is for installing and recovering SMS, but they are great for beginners too.

More experience users can use generic kernels. In some cases you might need an initial ram disk image (intird.gz) with

filesystem or ide/sata controllers modules. generic kernels have built in support for ext2. ext3, ext4, jfs filesystems, so if you aren’t using reiserfs most likely you will not have to use an initrd.gz after all.

The installer offers you to create a bootable usb stick for booting your system, if you want one just plug a usb stick and press create, or press skip to continue to install the Linux Loader (LiLo).

Lilo configuration has two options.

The first is SMS lilo installer which automatically install lilo on your chosen partitions, and second it’s Slackware’s lilo installer where you can create your lilo.conf from scratch.

Network configuration will use ‘netconfig’ script to alter your server’s configuration to your new hostname & domain, including dovecot, postfix, httpd, sasl, squirrelmail, phpldapadmin except openldap. To be able to configure openldap, “/usr/libexec/slapd“ must be running, so either you configure your system and on first boot you import

sms.ldif with the command

ldapadd -f /etc/openldap/sms.ldif -x -D cn=Manager,dc=yourhostname,dc=yourdomain -w toor

or skip network configuration and upon reboot use “netconfig-lcd” to configure your <hostname.domain>.

Continue with the installer, selecting services that start at boot, custom screen fonts, time zone setup, default window manager for X and finally setting your root account password.

Exit the installer and reboot to your newly installed system.

2.3 SMS LVM Setup Installation:

Video Tutorial


Assuming you already create your partition map with cfdisk, something like

/dev/sda1 * 1 12 96358+ 83 Linux

/dev/sda2 13 1957 15623212+ 83 Linux

/dev/sda3 1958 2088 1052257+ 82 Linux swap

where sda2 used for lvm setup.

1. Create physical volume

pvcreate /dev/sda2

2. Create Volume Group with name sms

vgcreate sms /dev/sda2

3. Create Logical Volume for root partition

lvcreate -L 8G -n root sms

4. Create Logical Volume for home partition with remaining space

lvcreate -l 100%FREE -n home sms

5. Scan disks for Logical Volume Groups

vgscan --mknodes

6. Activate Logical Volume Groups

vgchange -ay

Start setup and choose your swap partition as usual, and choose as root partition /dev/sms/root and

for home /dev/sms/home and finally choose as boot partition /dev/sda1.

Ignore partition /dev/sda2 and continue with setup.

When it’s time to choose a kernel choose a generic one, since huge kernels complains with initrd images, although they may work just fine.

When setup finish don’t reboot your server, as lilo is not installed.

You need to chroot to your newly system

chroot /mnt

And edit /etc/lilo.conf to something like

LBA32

boot = /dev/sda

prompt

timeout = 30

compact

change-rules

reset

vga = 791

image = /boot/vmlinuz

root = /dev/sms/root

label = SMS

initrd = /boot/initrd.gz

read-only

The most important is to create the initrd image with

mkinitrd -c -k 2.6.35.7-smp -m ext4 -f ext4 -r /dev/sms/root -L

Where

-c clears /boot/initrd-tree and create a new one

-k your kernel

-m your modules (-m ext3,ext4,reiserfs)

-f root filesystem

-r root partition

-L add support for LVM in initrd.

SMS generic kernels have built in support for ext2 ext3 ext4 and jfs.

run lilo and ignore the warnings.

exit and reboot your server.

2.3.1 Resizing LVM partitions.

To increase the size of a Logical Volume, let’s say /home directory

/dev/mapper/sms-home 1.5G 36M 1.4G 3% /home

Assuming you have the appropriate space, check with vgdisplay <vgroupname>

root@sms:~# vgdisplay sms|grep Free

Free PE / Size 75 / 400.00 MiB

And continue with the command lvresize

root@sms:~# lvresize -L 1.6G /dev/sms/home

Rounding up size to full physical extent 1.60 GiB

Extending logical volume home to 1.60 GiB

Logical volume home successfully resized

Now Logical Volume is resized but not filesystem, in our case ext4. To resize the filesystem use resize2fs.

root@sms:~# resize2fs -p /dev/sms/home

resize2fs 1.41.11 (14-Mar-2010)

Filesystem at /dev/sms/home is mounted on /home; on-line resizing required

old desc_blocks = 1, new_desc_blocks = 1

Performing an on-line resize of /dev/sms/home to 419840 (4k) blocks.

The filesystem on /dev/sms/home is now 419840 blocks long.

So now our /home increased by 100MB

/dev/mapper/sms-home 1.6G 36M 1.5G 3% /home

To decrease a Logical Volume you need first to unmount the partition, in our case /home.

root@sms:~# umount /home/

Optional you can use e2fsck to check the integrity of the filesystem.

Resize the filesystem with resize2fs like.

root@sms:~# resize2fs /dev/sms/home 1400M

resize2fs 1.41.11 (14-Mar-2010)

Resizing the filesystem on /dev/sms/home to 358400 (4k) blocks.

The filesystem on /dev/sms/home is now 358400 blocks long.

And continue with lvresize command.

root@sms:~# lvresize -L 1.4G /dev/sms/home

Rounding up size to full physical extent 1.40 GiB

WARNING: Reducing active logical volume to 1.40 GiB

THIS MAY DESTROY YOUR DATA (filesystem etc.)

Do you really want to reduce home? [y/n]: y

Reducing logical volume home to 1.40 GiB

Logical volume home successfully resized

So our home decreased by 200MB.

root@sms:~# mount /home/

/dev/mapper/sms-home 1.4G 36M 1.3G 3% /home

Resize filesystem tools.

resize2fs - ext2/ext3/ext4 file system resizer

resize_reiserfs - resizer tool for the ReiserFS filesystem

xfs_growfs, xfs - expand an XFS filesystem ( xfs don’t support decrease)

jfs has a built-in feature in kernel’s JFS driver for resizing partitions, but to increase only, not to

decrease.

2.3.2 Resizing LVM partitions (Webmin).

You can use Webmin to resize LVM partitions quite easily by navigating at

Webmin -> Hardware -> Logical Volume Management

To resize a volume you need to unmount it first from

Webmin -> System -> Disk and Network Filesystems

Select /home click on Unmount and press save.

Now that you unmounted home, navigate to Logical Volume Management and decrease or decrease the partition

2.4 SMS RAID Setup Installation:

Video Tutorial


Here’s a quick summary of the more common RAID levels:

- RAID 0: Requires 2 drives, can use more. Offers no redundancy, but improves performance by “striping”, or interleaving, data between all drives. This RAID level does not help protect your data at all. If you lose one drive, all of your data will be lost.

- RAID 1: Requires 2 drives, can use more. Offers data redundancy by mirroring data across all drives. This RAID level is the simplest way to protect your data, but is not the most space-efficient method. For example, if you use 3 drives in a RAID 1 array, you gain redundancy, but you still have only 1 disk’s worth of space available for use.

- RAID 5: Requires 3 drives, can use more. Offers data redundancy by storing parity data on each drive. Exactly one disk’s worth of space will be used to hold parity data, so while this RAID level is heaviest on the CPU, it is also the most space efficient way of protecting your data. For example, if you use 5 drives to create a RAID 5 array, you will only lose 1 disk’s worth of space (unlike RAID 1), so you will end up with 4 disk’s worth of space available for use. While simple to setup, this level is not quite as straightforward as setting up RAID 1.

1. Prepare disks for RAID 1 Array (clone /dev/sda to /dev/sdb)

sfdisk -d /dev/sda | sfdisk /dev/sdb

2. Create RAID 1 Array for root partition

mdadm --create /dev/md0 --level 1 --raid-devices 2 /dev/sda1 /dev/sdb1

3. Create RAID 1 Array for swap partition

mdadm --create /dev/md1 --level 1 --raid-devices 2 /dev/sda2 /dev/sdb2

4. Setup swap area

mkswap /dev/md1

5. Create RAID 5 Array for home partition

mdadm --create /dev/md2 --level 5 --raid-devices 3 /dev/sdc /dev/sdd /dev/sde

Start setup and choose as swap partition /dev/md1, choose as root partition /dev/md0, for home /dev/md2.

Ignore partition /dev/sd[ab]1 /dev/sd[ab]2 and continue with setup.

When it’s time to choose a kernel choose a generic one, since huge kernels complains with initrd images, although they may work just fine.

When setup finish don’t reboot your server, as lilo is not installed.

You need to chroot to your newly system

chroot /mnt

And edit /etc/lilo.conf to something like

append=”root=/dev/md0”

raid-extra-boot = mbr-only

LBA32

boot = /dev/md0

prompt

timeout = 30

compact

change-rules

reset

vga = 791

image = /boot/vmlinuz

root = /dev/md0

label = SMS

initrd = /boot/initrd.gz

read-only

The most important is to create the initrd image with

mkinitrd -c -k 2.6.35.7-smp -m ext4 -f ext4 -r /dev/md0 -R

Where

-c clears /boot/initrd-tree and create a new one

-k your kernel

-m your modules (-m ext3,ext4,reiserfs you might need a controller)

-f root filesystem

-r root partition

-R add support for RAID in initrd.

SMS generic kernels have built in support for ext2 ext3 ext4 and jfs.

run lilo and ignore the warnings.

exit and reboot your server.

2.4.1 Using a huge kernel:

You can use a huge kernel without an initrd.bz if you like, but to recognize raid arrays at boot you need to edit

/etc/rc.d/rc.S and add between udev and lvm

progressbar 10

# Re-assemble RAID volumes:

/sbin/mdadm -As

And final type to add your arrays in mdadm.conf

mdadm -Es >> /etc/mdadm.conf

2.4.2 Notification of degraded arrays:

You can add in your /etc/rc.d/rc.local

/sbin/mdadm -Ff /dev/md[0-9] -i /var/run/mdadm.pid

So by adding your mail address in /etc/mdadm.conf, you will be notified when arrays get degraded. Or you can have it all in one line

/sbin/mdadm -Ff /dev/md[0-9] -i /var/run/mdadm.pid -m root@locahost

2.5 Upgrading SMS:

Video Tutorial

Upgrading SMS it’s not so difficult or dangerous as it may sound.

In order to upgrade SMS to latest version, most of the times requires to put you machine into single user mode level. Specifically when there is a new glibc or kernel, but it never hurts switching to single user mode every time we upgrade. You can switch to single user mode by editing /etc/inittab and change

id:3:initdefault: to id:1:initdefault:

you can also do

sed -e “s,id:3:initdefault:,id:1:initdefault:,g” -i /etc/inittab

Or a more direct approach is to press [tab] at lilo prompt and enter:

boot: sms 1

The upgrade procedure is quite simple


1. Put your machine in single user mode

2. Upgrade pkgtools and glibc-solibs before other packages

3. Use upgradepkg --install-new for the rest.

4. Fix your *.new config files under /etc, some of them need attention

5. Update your initrd (if you use one).

5. Don’t forget to run lilo

6. Return your machine to multi-user mode


Reboot your machine and mount SMS.Native.CD

mount /dev/sr0 /mnt/cdrom

and upgrade first glibc packages from slackware/a slackware/l

upgradepkg /mnt/cdrom/slackware/{a,l}/glibc*

Tip: If your version is too old and you get errors you need to upgrade pkgtools, xz and tar from slackware/a.

Continue upgrading the rest of the packages with

upgradepkg --install-new /mnt/cdrom/slackware/{a,ap,d,l,n}/*.t?z

If you have install devel series or x-kde-addon you can upgrade them too as well.

Once you finish upgrading packages restore /etc/inittab run level to multi-user mode

sed -e “s,id:1:initdefault:,id:3:initdefault:,g” -i /etc/inittab

In this stage you need to take care all the *.new files placed in /etc and sub directories, especially system startup scripts /etc/rc.d/rc.S /etc/rc.d/rc.M. If you are upgrading from a quite older SMS version you might want to look for applications changes e.g dovecot-1.x has it’s configs in /etc/dovecot while dovecot-2.x has them in /etc/dovecot

Once you finish with all *.new files.

Type ‘lilo’ and reboot.

2.6 Installing SMS.LiveCD to USB.

To install SMS.Live.CD ti your USB stick, just copy the contents of the ISO (boot, sms) to your usb stick and run “boot/bootinst.sh” for linux or “boot/bootinst.bat” for windows.

3. Configuration

3.1 Default passwords.

Basic setups are already being done and Superb Mini Server is ready out of the box...

Default Passwords are:

root account password is toor

administrator account password is toor

Webmin Login: admin : admin (https://[yoursmsserver]:10000)

TorrentFlux Login: admin : admin (http://[yoursmsserver]/tflux)

Samba Shares are:

Samba @ SMS path=/var/smb/samba/ (Read/write to everyone)

Faxes path=/var/spool/hylafax/recvg/ (Read/write to everyone)

TorrentFlux Downloads path=/var/smb/tflux_downloads/ (Read/write to everyone)

Placed under Workgroup = WORKGROUP

FTP Accounts are:

webftp:webftp path=/srv/httpd/htdocs/ (Read)

ftpuser:ftpuser path=/var/ftp/ (Read/write)

WebERP demo account is: demo : weberp (http://[yoursmsserver]/webERP)

PHPLdapAdmin: toor (http://[yoursmsserver]/phpldapadmin)

AvantFax: admin : password (http://[yoursmsserver]/avantfax)

3.2 Securing and optimizing your server.

Well you install SMS and all working as you should. What’s next?

Either your server will be online or in a local network you should secure you server, from unauthorized access.

3.2.1 Local accounts.

First action is to change the default passwords for root and administrator user.

Just type “passwd youruser” e.g. “passwd administrator”

Do the same for ftp users.

Tip: Always use complex passwords, and when adding users for mail or ftp and you are not going to use them for shell login always disable the shell e.g /bin/false or /dev/null

To change account passwords from webmin navigate to

Webmin->System->Users and Groups

Select your user and alter password.

3.2.2 MySQL.

Another mandatory action is to add a password to mysql root user, by default mysql has no root password.

To do that type “mysql -u root mysql”and set password with the command

mysql> set password for root@localhost=password(‘yourpasword’);

To set a root password from webmin navigate to

Webmin->Servers->MySQL Database Server->User Permissions

And change password for root and for other users as well if you want.

Tip: Don’t forget to change credentials in web apps configuration files when you alter other users.

3.2.3 Webmin.

Webmin needs your attention too, since it has the power to alter your system.

Change the password of admin user and select the networks that allowed to have access to it, you can also change the port which listen to(default :10000.)

To change login password navigate at

Webmin->Webmin Users->admin

and change it’s password.

To change or restrict access to webmin, navigate at

Webmin->Webmin Configuration->Ports and Addresses

and alter Port number.

Webmin->Webmin Configuration->IP Access Control

to restrict access.

3.2.4 Web Applications.

If you finished with local users, it’s time to handle the web applications

TorrentFlux

WebERP

PhpLDAPAdmin

PHPMyAdmin

HTTP access (.htaccess .htpasswd)

If you are not using any of the above delete their folders or disable their login.

If you have install applications from /extra such as avantfax do the same.

3.2.5 Samba.

Increasing security you can change samba security from share to user so a login will required for accessing the shares, and add

hosts allow = 192.168.1. 127. 10.0.0.

for restricting outside networks for accessing your samba shares.

3.2.6 OpenLDAP.

Openldap needs a change of password too.

Just type “slappasswd” enter your password, copy/paste your password in slapd.conf e.g.

rootpw {SSHA}CMsEaYBDv2oO0TVpeCr0cwQVfTBm8/pJ

Don’t forget to change the password for ldap entries too (by default all are “toor” )

cn=Manager

cn=dovecot

cn=postfix

uid=administrator

To change passwords, login in phpldapadmin (http://<yourserver>/phpldapadmin) and you should see

all the entries listed. Selecting one will show you info about

entry and a field named password.

Enter your new password and select it’s encryption from the

drop down list, for instance SSHA, and press the “Update Object”

button. It will ask you to confirm changes, press once again the

“Update Object” button for changes to apply.

3.2.7 Services.

You have changed all the passwords by now and you server it’s secure, what about speeding and lighten our server.

For doing that you must disable the services you are not using e.g mail server or fax server or print services.

There are startup scripts run by system like rc.S and rc.M when starting, rc.6 upon shutdown or reboot, rc.K when starting in single user mode, and rc.4 when the system runs in graphical run level (KDM or XDM).

All services have a startup script placed under /etc/rc.d/ named usually like rc.<name of the service>.

To disable a service make the startup script not executable by changing it’s permissions.

e.g. “chmod -x /etc/rc.d/rc.script”

In some cases such as hylafax disabling the service it’s not enough.

For disabling Hylafax do:

chmod -x /etc/rc.d/rc.hylafax

remove or comment faxgetty dialup line in /etc/inittab manually or with

sed -e ‘s/d1:12345:respawn:/#d1:12345:respawn:/g’ -i /etc/inittab

Remove hylafax cronjobs from /etc/cron.hourly & /etc/cron.daily.

Reboot your server.

For Disabling Mail System do:

chmod -x /etc/rc.d/{rc.postfix,rc.spamd,rc.mailscanner,rc.clamav,rc.dovecot,rc.saslauthd,rc.sqlgrey}

To disable openldap do:

chmod -x /etc/rc.d/rc.openldap

To disable proftpd (ftp server) do:

chmod -x /etc/rc.d/rc.proftpd

To disable CUPS (print server) do:

chmod -x /etc/rc.d/rc.cups

For disabling Samba do:

chmod -x /etc/rc.d/rc.samba

For disabling webserver (HTTPD) do:

chmod -x /etc/rc.d/rc.httpd

For disabling mysql do:

chmod -x /etc/rc.d/rc.mysql

For disabling SSH server do:

chmod -x /etc/rc.d/rc.sshd

For disabling AFP server do:

chmod -x /etc/rc.d/rc.atalk

For disabling fail2ban server (not recommended) do:

chmod -x /etc/rc.d/rc.fail2ban

Tip: For enabling/disabling services you can use “pkgtool” script, select to rerun installation scripts and select services.

You can also switch from SMS’s advance mail server configuration to plain mail server (sendmail) using “sms-chooseMTA.sh” script. The script will switch mailserver from postfix to sendmail and vice versa.

For doing it manual just do

chmod -x /etc/rc.d/rc.postfix

chmod +x /etc/rc.d/rc.sendmail

cp /usr/sbin/sendmail /usr/sbin.sendmail.postfix

cp /usr/sbin/sendmail.original /usr/sbin.sendmail

postfix stop

/etc/rc.d/rc.sendmail start

3.3 Configuring X.

There are three ways to configure X Window system. The first is by a fully automated way through ‘xconf’ script.

All you have to do is to type “xconf”, and start “startx” to start KDE.

The second way is Slackware’s semi-automated way through “xorgsetup” command. Once you type “xorgsetup”

you will be guided through a few steps configuration windows.

The third way is by typing “xorgconfig”, a menu driven frontend with more detailed configuration, but you probably never need to run it. Once you finish with X config run “startx” to launch KDE.

4. Adding and Removing packages.

SMS uses Slackware’s package management ( pkgtools ).

To install packages use‘installpkg’

installpkg package.tgz

To upgrade an existing package use ‘upgradepkg’

upgradepkg package.tgz

If the upgrade package has a different name you can use

upgradepkg oldpackage.tgz%newpackage.tgz

To remove a package use ‘removepkg’, all installed packages have an entry in /var/log/packages/.

removepkg /var/log/packages/package

4.1 Installing SMS extra packages.

To install development packages mount SMS.Native.CD-Install.iso or download ‘slackware/devel’ directory from http://sms.it-ccs.com/isos/SMS-Current/ and do

installpkg slackware/devel/*.tgz

or you can use the tagfile and do

cd slackware/devel/

./install-packages

To install a bootsplash kernel, just do

installpkg extra/bootsplash_kernels/bootsplash-kernel.tgz

open /etc/lilo.conf and uncomment the following lines or add them if missing

append = “splash = verbose”

initrd = /boot/initrd.splash ( under label= SMS )

and run ‘lilo’ for changes to apply.

If you want to install a generic-bootsplash kernel you have to create an initrd image with your modules e.g.

mkinitrd -c -k 2.6.37.6-smp -m reiserfs -f reiserfs -r /dev/sda1

copy your bootsplash in initrd-tree and recreate the intitrd.gz

cp /boot/initrd.splash /boot/initrd-tree/; mkinitrd;

open /etc/lilo.conf and uncomment the following lines or add them if missing

append = “splash = verbose”

initrd = /boot/initrd.gz ( under label= SMS )

and run ‘lilo’ for changes to apply.

4.2 slapt-get.

Another way for installing, removing, upgrading packages in SMS, is slapt-get. To use slapt-get run

slapt-get --add-keys (to install GPG key, you only need to do that once)

slapt-get -u (to update list of packages, default from http://sms.it-ccs.com/SMS-Current)

slapt-get -i <name of packages> (to install a package)

slapt-get --remove <name of packages> (to remove a package)

slapt-get --available (to get a list of available packages and a mark wether they are installed or not)

slapt-get --upgrade (to upgrade all installed packages)

slapt-get --install-set <series> ( to install a set of series e.g. devel)

slapt-get --ignore-excludes (To install excluded packages specified in /etc/slapt-get/slapt-getrc)

Tip: To install devel series with slapt-get you must add “--ignore-excludes” as kernel-* packages are excluded by default.

4.3 Compile from source.

If an application you want is not available as a package, you can build it from source. To be able to compile apps you must have a full install of SMS or at least devel series.

There are sites that provide slackware packages such as slacky.eu, and linuxpackages.net. If you don’t find your package on any site look for a slackbuild. Slackbuild is a script that will build your package from source to a slackware package. You can search for slackbuilds at slackbuilds.org or google for it.

Assuming there isn’t a slackbuild for your package, download the source of your application and read it’s documentation about building your package from source. Usually the source tarball contains a README and an INSTALL file with all the info you want for building it from source or even creating your slackbuild.

Once you untar your source, by running “./configure --help” you will get a full list of build options.

Slackware’s build options that should be always the same are

./configure --prefix=/usr \

--sysconfdir=/etc \

--libdir=/usr/lib64 \ (if you are building a package in SMS64)

--localstatedir=/var \

--build=$ARCH-slackware-linux (where $ARCH is i486 or i686 or x86_64)

Also CFLAGS and CXXFLAGS , depending on your ARCH ( output of `arch`) should be

-O2 -march=i486 -mtune=i686 (arch i486)

-O2 -march=i686 -mtune=i686 (arch i686)

-02 -fPIC (arch x86_64)

So a configure command for i486 architecture should look like

CFLAGS=”-O2 -march=i486 -mtune=i686” \

CXXFLAGS=”-O2 -march=i486 -mtune=i686” \

./configure --prefix=/usr \

--sysconfdir=/etc \

--libdir=/usr/lib \

--localstatedir=/var \

--build=i486-slackware-linux \

--your options ...

And a configure command for x86_64 architecture should look like

CFLAGS=”-02 -fPIC ” \

CXXFLAGS=”-02 -fPIC \

./configure --prefix=/usr \

--sysconfdir=/etc \

--libdir=/usr/lib64 \

--localstatedir=/var \

--build=x86_64-slackware-linux \

--your options ...

Once the configure finish without errors, type “make” to start building your package. If all goes well and there are no errors your app is ready for installation. It’s wise to create packages so you don’t mess up you system.

To create the package you must install your app to a folder. To do that create a folder (e.g. /tmp/pkg) and run

make install DESTDIR=/tmp/pkg

Navigate to /tmp/pkg (cd /tmp/pkg) and use “makepkg” to create a slackware package with the command.

makepkg -l y -c n -p /root/{appname}-{version}-{arch}-{buildnumber}.txz

You package is ready for installation in your root directory, and you can install it with “installpkg”

installpkg /root/ {appname}-{version}-{arch}-{buildnumber}.txz

Tip: You can alternative try slapt-src (http://software.jaos.org/#slapt-src) a utility to make querying, retrieving, and building slackbuilds for slackware.

5. Using Superb Mini Server.

5.1 SMS Live CD.

SMS.LiveCD ‘s purpose is for testing and demonstrating SMS’s features, although it includes a text installer, it’s NOT recommended for installing SMS. Upon booting you will get a prompt to select the mode you want to boot.

Boot modes are:

Boot From Hard Disk:

Don’t boot from SMS at all, but boot from hard disk (device 0x80).

Run SMS:

Run SMS normally with all servers enabled.

SMS Copy To RAM:

Run SMS the same like above, but first copy all data to RAM to get huge speed (needs >512MB)

SMS Light:

Run SMS with all servers disabled.

SMS PXE Server:

Run SMS normally, but run a PXE server at the same time. This will allow you to boot SMS on other computers over network.

SMS Cluster Master Node:

Run SMS as a Computational Cluster Master node, it will create user cluster and export it’s home directory via nfs. It will start a PXE boot server for booting slave nodes.

Run Memtest utility:

Don’t start SMS at all, but rather run the MemTest utility to diagnose your computer’s RAM for possible errors

Boot modes use boot parameters (also known as cheatcodes) to affect the boot process. For instance boot mode

“SMS Light” use cheatcode ‘light’, or boot mode “SMS Copy To RAM” use cheatcode ‘copy2ram’. By pressing

TAB over a selection you will see the command line with all the options.

5.1.1 SMS.LiveCD boot parameters (cheatcodes).

What are the boot parameters?

Boot parameters (also known as cheatcodes) are used to affect the booting process of SMS.

Some of them are common for all Linuxes, others are specific for SMS only.

How to use boot parameters?

Choose your desired menu entry and hit Tab key, which will allow you to edit the command line.

Write your desired boot argument at the end of command line.

For instance boot mode “SMS PXE Server” has the following command line (/proc/cmdline).

/boot/vmlinuz APPEND vga=791 initrd=/boot/initrd.gz ramdisk_size=8888 root=/dev/ram0 rw pxeboot

So by adding boot parameter ‘light’ in the above command line, will start a PXE boot server with all the services

disabled, and by additionally adding ‘ssh’ will enable SSH server only.

Available boot parameters (cheatcodes)

nocd => Don’t mount any cdroms at all during the boot process.

nohd => Don’t mount any harddisks at all.

nodma => Disable DMA for all CD-ROMs and disks.

toram => Copy all files (all required and optional modules) to RAM.

copy2ram => Copy all files (all required and optional modules) to RAM.

light => Disable all services.

pxeboot => Enable PXE Boot Server.

clmaster => Enable Cluster master node.

smb => Enable samba file server.

nosmb => Disable samba file server.

afp => Enable AFP server.

ssh => Enable sshd server.

nossh => Disable sshd server.

ftp => Enable FTP server.

noftp => Disable FTP server.

httpd => Enable httpd web server.

nohttpd => Disable httpd web server.

ldap => Enable OpenLDAP server.

noldap => Disable OpenLDAP server.

mysql => Enable MySQL server.

nomysql => Disable MySQL server.

cups => Enable Print server.

nocups => Disable Print server.

mail => Enable SMS Mail server.

nomail => Disable SMS Mail server.

fax => Enable Fax server (hylafax).

nofax => Disable Fax server (hylafax)

debug => Enable debug mode (and start bash several times during the boot) hit Ctrl+D to continue booting.

from=path => Load SMS data from different place instead of the boot device.(from=/dev/sda1/SMS.LiveCD.iso)

changes=/path/ => Tell SMS to use a device, a file or a directory for storing changes.

changes=/sms/smssave.dat

changes=/dev/sda2/file.dat

changes=/dev/sda3/

5.2 Network configuration.

If you have a DHCP server enabled in your local network ,SMS will acquire an IP address automatically. In the case where a DHCP server isn’t available and you need to configure your ethernet cards automatically, first check if your ethernet cards are automatically detected by checking /proc/net/dev or by running ‘ifconfig’

root@sms:~# grep eth /proc/net/dev

eth0: 3484894 6598 0 0 0 0 0 0 109113 1621 0 0 0 0 0 0

root@sms:~# ifconfig eth0

eth0 Link encap:Ethernet HWaddr 08:00:27:D8:0A:66

inet6 addr: fe80::a00:27ff:fed8:a66/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:6663 errors:0 dropped:0 overruns:0 frame:0

TX packets:1640 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:3489162 (3.3 Mb) TX bytes:110703 (108.1 Kb)

Slackware configures Ethernet interfaces through /etc/rc.d/rc.inet1.conf. So by changing rc.inet1.conf to

# Config information for eth0:

IPADDR[0]=”192.168.2.11”

NETMASK[0]=”255.255.255..0”

USE_DHCP[0]=””

DHCP_HOSTNAME[0]=””

# Default gateway IP address:

GATEWAY=”192.168.2.1”

For changes to apply run

root@sms:~# ifconfig eth0 down

root@sms:~# /etc/rc.d/rc.inet1

root@sms:~# ifconfig eth0

eth0 Link encap:Ethernet HWaddr 08:00:27:D8:0A:66

inet addr:192.168.2.11 Bcast:192.168.2.255 Mask:255.255.255.0

inet6 addr: fe80::a00:27ff:fed8:a66/64 Scope:Link

UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1

RX packets:8506 errors:0 dropped:0 overruns:0 frame:0

TX packets:2110 errors:0 dropped:0 overruns:0 carrier:0

collisions:0 txqueuelen:1000

RX bytes:3612599 (3.4 Mb) TX bytes:164526 (160.6 Kb)

DNS servers are listed in /etc/resolv.conf. To manually add name servers edit /etc/resolv.conf and enter e.g.

nameserver 192.168.2.1

nameserver 208.67.222.222

nameserver 208.67.220.220

Antoher way to configure manually your eth0 is by using ‘ifconfig’ like

root@sms:~# ifconfig eth0 192.168.2.11 netmask 255.255.255.0 broadcast 192.168.2.255

The same way you can add virtual network interfaces like

root@sms:~# ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255

If you want virtual interfaces to automatically start at boot place an entry in /erc/rc.d/rc.local like:

/sbin/ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0 broadcast 192.168.1.255

5.3 Basic linux commands.

To get help about unix commands use the ‘man’ command to read manual pages, like “man ls” or use ‘--help’ like

“ls ---help” , or if a command is built in like ‘cd’ use “help cd”.

5.3.1 ls

This command lists files in a directory. Windows and DOS users will notice its similarity to the dir command. By itself, ls(1) will list the files in the current directory. To see what’s in your root directory, you could run:

root@sms:~# ls /

bin/ boot/ dev/ etc/ home/ lib/ mnt/ opt/ proc/ root/ sbin/ srv/ sys/ tmp/ usr/ var/

Directories get a slash at the end of the name, executable files get an asterisk at the end of the name, and so on.

ls can also be used to get other statistics on files. For example, to see the creation dates, owners, and permissions, you would look at a long listing:

root@sms:~# ls -lh /

total 4.0K

drwxr-xr-x 2 root root 2.6K Apr 23 16:18 bin/

drwxr-xr-x 6 root root 4.0K Apr 27 20:39 boot/

drwxr-xr-x 15 root root 5.3K Jun 19 13:35 dev/

drwxr-xr-x 79 root root 300 Jun 19 13:35 etc/

drwxr-xr-x 4 root root 47 Feb 28 06:03 home/

drwxr-xr-x 7 root root 60 Apr 25 14:03 lib/

drwxr-xr-x 4 root root 80 Jun 19 2011 mnt/

drwxr-xr-x 3 root root 74 Apr 23 16:17 opt/

dr-xr-xr-x 116 root root 0 Jun 19 2011 proc/

drwx--x--- 6 root root 139 Oct 6 1997 root/

drwxr-xr-x 2 root root 4.4K May 12 2010 sbin/

drwxr-xr-x 2 root root 39 Apr 8 2007 srv/

drwxr-xr-x 13 root root 0 Jun 19 2011 sys/

drwxrwxrwt 5 root root 100 Jun 19 13:35 tmp/

drwxr-xr-x 27 root root 80 Mar 25 12:29 usr/

drwxr-xr-x 36 root root 200 Apr 25 14:03 var/

Suppose you want to get a listing of the hidden files in a directory. This command will do just that:

root@sms:~# ls -a

./ ../ .bash_history .cpan/ .gnupg/ .hplip.conf .kde/ .rnd .spamassassin/

Files beginning with a period (called dot files) are hidden when you run ls.

You will only see them if you pass the -a option. There are many more options that can be found in the manual page. Don’t forget that you can combine options that you pass to ls.

5.3.2 cd

The cd command is used to change working directories. You simply type cd followed by the path name to change to. Here are some examples:

root@sms:/# cd /var/smb/

root@sms:/var/smb# cd smb

-bash: cd: smb: No such file or directory

root@sms:/var/smb# ls

samba/ tflux_downloads/

root@sms:/var/smb# cd samba/

root@sms:/var/smb/samba# pwd

/var/smb/samba

5.3.3 pwd

The pwd command is used to show your current location (parrent working dir). To use the pwd command just type pwd. For example:

root@sms:~# cd /boot/

root@sms:/boot# pwd

/boot

root@sms:/boot# cd /tmp/

root@sms:/tmp# pwd

/tmp

5.3.4 less

Pager utilities are useful for reading long outputs (through pipe) or files in a terminal for instance try

ls -lha /usr/bin/ | less

or opening a file with

less README.txt

Use the arrows up/down and page up/page down to scroll the output, press Q to quit.

5.3.5 cat

cat is short for “concatenate”. It was originally designed to merge text files into one, but can be used for many other purposes. To merge two or more files into one, you simply list the files after the cat command and then redirect the new output to a file. cat works with standard input and standard output, so you have to use the shell redirection characters. For example:

cat file1 file2 file3 > bigfile

One can also use cat to display files. Many people cat text files through the more or less commands, like this:

cat file1 | less

That will display the file1 file and pipe it through the less command so that you only get one screen at a time. Another common use for cat is copying files. You can copy any file around with cat, like this:

cat /bin/bash > ~/mybash

The /bin/bash program is copied to your home directory and named mybash.

cat has many uses and the ones discussed here are just a few. Since cat makes extensive use of standard input and standard output, it is ideal for use in shell scripts or part of other complex commands.

5.3.6 echo

The echo(1) command displays the specified text on the screen. You specify the string to display after the echo command. By default echo will display the string and print a newline character after it.

You can pass the -n option to suppress the printing of the newline. The -e option will cause echo to search for escape characters in the string and execute them.

5.3.7 touch

touch(1) is used to change the timestamp on a file. You can change access timestamps and modification timestamps with this command. If the file specified does not exist, touch will create a zero length file with the name specified.

5.3.8 mkdir rmdir

mkdir(1) will create a new directory. You simply specify the directory to create when you run mkdir. This example creates the ‘newfolder’ directory in the current directory.

root@sms:~# mkdir newfolder

The -p option will tell mkdir to make any parent directories. For instance the command “mkdir /root/new/new2”

will fail if /root/new doesn’t exist but with the -p option it will create /root/new first and then /root/new/new2.

root@sms:~# mkdir /root/new/new1

mkdir: cannot create directory `/root/new/new1’: No such file or directory

root@sms:~# mkdir -p /root/new/new1

root@sms:~# ls /root/new/

new1/

Exactly the opposite way rmdir works. To remove a dir use rmdir and to remove the dir and parent directories you pass the -p option.

Tip: be vary careful when using “rmdir -p” as you may harm your system.

5.3.9 cp

cp(1) copies files. DOS users will notice its similarity to the copy command. There are many options for cp , so you should have a look at the man page before using it. Basic usage for a simple file copy

cp file /tmp/ or cp file /tmp/file2

To copy a directory

cp -r /root/new /tmp/ (copy directory new to /tmp)

5.3.10 mv

mv(1) moves files and directories from one place to another, but can be used to rename files or directories as well.

mv file /tmp/ (move file to /tmp)

mv file1 file2 (rename file1 to file2

5.3.11 rm

rm(1) removes files and directory trees. DOS users will notice the similarity to both the del and deltree

commands. rm can be very dangerous if you do not watch yourself.

rm file1 (delete file1)

rm -f file1 (force the deletion of file1)

rm -r /root/new/ (delete the directory /root/new/)

5.3.12 ln

ln(1) is used to create links between files. These links can be either hard links or soft (symbolic) links by passing the -s option.

ln -s /var/smb/samba ~/samba (create a symlink of /var/smb/samba to our home directory)

5.3.13 grep

grep is used to for searching files or output for a pattern and return it.

root@sms:~# grep “192.168.2.11” /etc/rc.d/rc.inet1.conf

IPADDR[0]=”192.168.2.11”

or

root@sms:~# ps aux|grep sshd

root 3308 0.0 0.2 4208 1012 ? Ss 14:18 0:00 /usr/sbin/sshd

grep has a lot of powerful options, use “grep --help” or “man grep” to find them.

5.3.14 find

The find(1) command allows the user to search the filesystem with a rich collection of search predicates.

Users may specify a search with filename wildcards, ranges of modification or creation times, or other advanced properties.

root@sms:~# find /var/ -name samba

/var/spool/samba

/var/cache/samba

/var/log/samba

/var/smb/samba

5.3.15 which, whereis

which is usually used to locate a program quickly. It just searches your PATH and returns the first instance it finds and the directory path to it.

whereis(1) command works similar to which, but can also search for man pages and source files.

root@sms:~# which grep

/usr/bin/grep

5.3.16 ps

ps is like activity monitor in OS X or task manager in Windows, it list all the running processes. For instance if we want to check if smbd process is running we can type:

root@sms:~# ps aux|grep smbd

root 4305 1.0 0.7 17992 3680 ? Ss 18:17 0:00 /usr/sbin/smbd -D

root 4307 0.0 0.2 17992 1196 ? S 18:17 0:00 /usr/sbin/smbd -D

More info on how ps works and what are those numbers in man pages.

In the output above we hold that a smbd runs with pids 4305, 4307.

5.3.17 kill

On occasion, programs misbehave and you’ll need to put them back in line. The program for this kind of administration is called kill(1), and it can be used for manipulating processes in several ways. The most obvious use of kill is to kill off a process. You’ll need to do this if a program has run away and is using up lots of system resources, or if you’re just sick of it running. In order to kill off a process, you’ll need to know its PID or its name. To get the PID, use the ps command as was discussed in the last section. For example, to kill off process 4747, you’d issue the following:

root@sms:~# kill 4747

Note that you’ll have to be the owner of the process in order to kill it. This is a security feature. If you were allowed to kill off processes started by other users, it would be possible to do all sorts of malicious things. Of course, root can kill off any process on the system.

There’s another variety of the kill command called killall(1). This program does exactly what it says: it kills all the running processes that have a certain name. If you wanted to kill off all the running vim processes, you could type the following command:

root@sms:~# killall vim

Sometimes a regular kill doesn’t get the job done. Certain processes will not die with a kill. You’ll need to use a more potent form. If that pesky PID 4747 wasn’t responding to your kill request, you could do the following:

root@sms:~# kill -9 4747

That will almost certainly cause process 4747 to die. You can do the same thing with killall. What this is doing is sending a different signal to the process. A regular kill sends a SIGTERM (terminate) signal to the process, which tells it to finish what it’s doing, clean up, and exit. kill -9 sends a SIGKILL (kill) signal to the process, which essentially drops it. The process is not allowed to clean-up, and sometimes bad things like data corruption could occur by killing something with a SIGKILL. There’s a whole list of signals at your disposal. You can get a listing of signals by typing the following:

root@sms:~# kill -l

1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP

6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1

11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM

16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP

21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ

26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR

31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3

38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8

43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13

48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12

53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7

58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2

63) SIGRTMAX-1 64) SIGRTMAX

5.3.18 nano

nano is a small, friendly editor, plain and easy to use, as easy as typing “nano file”. If ‘file’ exist will open it for editing, if not exist it will create it. Basic nano commands are

Ctrl+G or F1 Help

Ctrl+O or F3 Save changes

Ctrl+X or F2 Exit nano and ask you to save if changes not saved.

Ctrl+W or F6 Search for a string

Ctrl+K or F9 Cut lines

Ctrl+U or F10 Uncut lines into current line.

5.3.19 vi

vi(1) is the standard Unix text editing program, and a powerful text editor. Comparing to nano it’s more

complicated with various modes and a lot of commands. Mastering vi isn’t an easy goal but if you do, you would not regret it. On the other hand if you don’t want to learn vi, you must at least know a few basic keystrokes to be able to edit and save a file. In the old days vi was used, and still used, to edit /etc/group /etc/passwd and

/etc/sudoers with vigr, vipw and visudo, as a security measure, but now days you can edit them with nano, it wouldn’t make a difference. Many applications though tend to use vi for editing their configuration files, such as Oracle’s Grid Engine. To open /tmp/file1 just type “vi /tmp/file1”, same as nano if the file exist it will open it for

editing, if not will create it. Once you open the file with vi you will notice that you can enter any data. To be able to edit the file you have to switch to “insert mode” by typing “I”. Once you are in “ insert mode” edit the file and press the escape button (Esc) to return to command mode. To save the file type “:wq” if you don’t want to save the

file type “:q!”, to open a file from vi type “:e /tmp/file1”. Lets see an example:

vi test (Open file test in our parent directory with vi)

press “i” (Enter insert mode and edit file test)

press “Esc” (Return to command mode)

type “:wq” (Save and Exit vi)

type “:q!” (Exit vi and discard changes)

5.3.20 mount, umount

Mounting devices is quite easy, using the “mount” command. All you need to do is provide the device you want to mount and the mount point. Most of the situations are automatically detected so you don’t have to enter any other parameter. So to mount CD-ROM to /mnt/sr0 (mount point must exist) just type:

mount /dev/sr0 /mnt/sr0

By issuing the command “mount” you will get all mount devices, this is the output of SMS.LiveCD.

root@sms:~# mount

aufs on / type aufs (rw,relatime,si=679f0722,nowarn_perm)

proc on /proc type proc (rw)

sysfs on /sys type sysfs (rw)

tmpfs on /dev/shm type tmpfs (rw)

/dev/sr0 on /mnt/sr0 type iso9660 (ro,noatime)

Now there are situations where you need to enter more options, like mounting an ISO image, like:

mount -t iso9660 -o loop /mnt/sda1/SMS.LiveCD.iso /mnt/iso

You will notice there are several mount specific commands like:

mount.cifs mount.fuse mount.lowntfs-3g mount.nfs mount.ntfs-3g mount.smbfs

So if you want to mount an NTFS partition with read-write permissions you can also use mount.ntfs-3g.

To unmount a device just use “umount” command following the device or mount point:

umount /mn/iso (Anything that mounted in /mnt/iso will unmounted)

umount /dev/sr0 (Unmount CD-ROM)

5.3.21 adduser

The easiest way to manage users and groups is with the supplied scripts and programs. Slackware includes the programs adduser, userdel(8), chfn(1), chsh(1), and passwd(1) for dealing with users. The commands groupadd(8), groupdel(8), and groupmod(8) are for dealing with groups. With the exception of chfn, chsh, and passwd, these programs are generally only run as root, and are therefore located in /usr/sbin. chfn, chsh, and passwd can be run by anyone, and are located in /usr/bin.

Users can be added with the adduser program. We’ll start out by going through the whole procedure, showing all the questions that are asked and a brief description of what everything means. The default answer is in the brackets, and can be chosen for almost all the questions, unless you really want to change something.

root@sms:~# adduser

Login name for new user []: angel

This is the name that the user will use to login. Traditionally, login names are eight characters or fewer, and all lowercase characters. (You may use more than eight characters, or use digits, but avoid doing so unless you have a fairly important reason.)

You can also provide the login name as an argument on the command line:

root@sms:~# adduser angel

In either case, after providing the login name, adduser will prompt for the user ID:

User ID (‘UID’) [ defaults to next available ]:

The user ID (UID) is how ownerships are really determined in Linux. Each user has a unique number, starting at 1000 in Slackware. You can pick a UID for the new user, or you can just let adduser assign the user the next free one. All users are placed into the users group by default. You might want to place the new user into a different group, but it is not recommended unless you know what you’re doing.

Initial group [users]:

This question allows you to place the new user into additional groups. It is possible for a user to be in several groups at the same time.

Additional UNIX groups:

Users can belong to additional UNIX groups on the system.

For local users using graphical desktop login managers such

as XDM/KDM, users may need to be members of additional groups

to access the full functionality of removable media devices.

* Security implications *

Please be aware that by adding users to additional groups may

potentially give access to the removable media of other users.

If you are creating a new user for remote shell access only,

users do not need to belong to any additional groups as standard,

so you may press ENTER at the next prompt.

Press ENTER to continue without adding any additional groups

Or press the UP arrow key to add/select/edit additional groups

: audio cdrom floppy plugdev video power netdev

Home directories default to being placed under /home. If you run a very large system, it’s possible that you have moved the home directories to a different location (or to many locations). This step allows you to specify where the user’s home directory will be.

Home directory [ /home/angel ]

bash is the default shell for Slackware Linux, and will be fine for most people, but if this is a virtual user you should change shell to /bin/false.

Shell [ /bin/bash ]

Accounts can be set up to expire on a specified date. By default, there is no expiration date.

Expiry date (YYYY-MM-DD) []:

If you entered something incorrectly, you should hit Control+C and start over. Otherwise, you can hit enter and the account will be made.

Login name.......: angel

UID..............: [ Next available ]

Initial group....: users

Additional groups: audio,cdrom,floppy,plugdev,video,power,netdev

Home directory...: /home/angel

Shell............: /bin/bash

Expiry date......: [ Never ]

This is it... if you want to bail out, hit Control-C. Otherwise, press

ENTER to go ahead and make the account.

Optionally you can enter additional information about the user. You don’t have to enter any of this if you don’t want to, and the user can change it at any time using chfn

Creating new account...

Changing the user information for angel

Enter the new value, or press return for the default

Full Name []:

Room Number []:

Work Phone []:

Home Phone []:

Other []:

Next you will have to choose a password for the user you just created.

Changing password for angel

Enter the new password (minimum of 5, maximum of 127 characters)

Please use a combination of upper and lower case letters and numbers.

New password:

Re-enter new password:

Password changed.

Account setup complete.

Tip: Having a secure password is the first line of defence against getting cracked. You do not want to have an easily guessed password, because that makes it easier for someone to break into your system. Ideally, a secure password would be a random string of characters, including upper and lowercase letters, numbers, and random characters.

Another way of adding users is with “useradd” command

root@sms:~# useradd -G users,power,netdev,cdrom -m -d /home/elmo -s bin/bash elmo

Or if you want to create users with no shell or home directory

root@sms:~# useradd -d /dev/null -s /bin/false elmo

To add or change password for users use “passwd” command.

root@sms:~# passwd angel

Changing password for angel

Enter the new password (minimum of 5, maximum of 127 characters)

Please use a combination of upper and lower case letters and numbers.

New password:

Re-enter new password:

Password changed.

5.3.22 chmod, chown

The filesystem stores ownership information for each file and directory on the system. This includes what user and group own a particular file. We can easily change the file owners with the chown(1) (which means “change owner”) and chgrp(1) (which means “change group”) commands. To change the file owner to daemon, we would use chown:

root@sms:~# chown daemon /usr/bin/wc

To change the group owner to “root”, we would use chgrp:

root@sms:~# chgrp root /usr/bin/wc

We can also use chown to specify the user and group owners for a file:

root@sms:~# chown daemon:root /usr/bin/wc

Permissions are the other important part of the multiuser aspects of the filesystem. With these, you can change who can read, write, and execute files. The permission information is stored as four octal digits, each specifying a different set of permissions. There are owner permissions, group permissions, and world permissions. The fourth octal digit is used to store special information such as set user ID, set group ID, and the sticky bit. The octal values assigned to the permission modes are (they also have letters associated with them that are displayed by programs such as ls and can be used by chmod):

Permission Type Octal Value Letter Value

“sticky” bit 1 t

set user ID 4 s

set group ID 2 s

read 4 r

write 2 w

execute 1 x

You add the octal values for each permission group. For example, if you want the group permissions to be “read” and “write”, you would use “6” in the group portion of the permission information. To set special permissions with chmod, add the numbers together and place them in the first column. For example, to make it set user ID and set group ID, we use 6 as the first column:

root@sms:~# chmod 6755 /tmp/example

If the octal values confuse you, you can use letters with chmod. The permission groups are represented as:

Owner u

Group g

World o

All of the above a

Some people prefer the letters over the numbers. Either way will result in the same set of permissions.

The octal format is often faster, and the one you see most often used in shell scripts. Sometimes the letters are more powerful however. For example, there’s no easy way to change one group of permissions while preserving the other groups on files and directories when using the octal format. This is trivial with the letters.

root@sms:~# ls -l

total 0

-rwxr-xr-x 1 root root 0 Jun 21 18:10 file1*

-rwxr-x--- 1 root root 0 Jun 21 18:10 file2*

----r-xr-x 1 root root 0 Jun 21 18:10 file3*

root@sms:~# chmod g-rxw file?

root@sms:~# ls -l

total 0

-rwx---r-x 1 root root 0 Jun 22 13:03 file1*

-rwx------ 1 root root 0 Jun 22 13:03 file2*

-------r-x 1 root root 0 Jun 22 13:03 file3*

Those are some basic commands, to get you started, some of the were took from slackbook.org, you might want to get into something more detailed and complete, like “Linux Complete Command Reference”.

5.4 Samba (SMB) Configuration.

SMB (for Server Message Block) is a descendant of the older NetBIOS protocol that was initially used by IBM in their LAN Manager product. Microsoft has always been fairly interested in NetBIOS and it’s successors (NetBEUI, SMB and CIFS). The Samba project has existed since 1991, when it was originally written to link an IBM PC running NetBIOS with a Unix server. These days, SMB is the preferred method for sharing file and print services over a network for virtually the entire civilized world because Windows supports it.

Samba’s start up script is /etc/rc.d/rc.samba. To start it, you have to make it executable and start it with

/etc/rc.d/rc.samba start

Samba by default is enabled so you don’t have to do all that, but if for a reason you want to restart the service do:

/etc/rc.d/rc.samba restart

Samba’s configuration file is /etc/samba/smb.conf. The default configuration of SMS is:

[global]

log file = /var/log/samba.%m

ldap ssl = No

restrict anonymous = no

domain master = no

public = yes

server string = SMS Samba Server

max protocol = NT1

workgroup = WORKGROUP

acl compatibility = winnt

server signing = Auto

security = share

preferred master = no

max log size = 50

# This option is important for security. It allows you to restrict

# connections to machines which are on your local network. The

# following example restricts access to two C class networks and

# the “loopback” interface. For more examples of the syntax see

# the smb.conf man page

; hosts allow = 192.168.1. 192.168.2. 127.

[Samba @ SMS]

path = /var/smb/samba/

read only = no

[FAXES]

path = /var/spool/hylafax/recvq/

read only = no

[TorrentFlux Downloads]

path = /var/smb/tflux_downloads/

read only = no

Default security level is share, which means all guests allowed and have read-write permissions to all our share that indicate “read only = no”

To add a share just add it to smb.conf as

[name of the share]

path=<path to our shared directory>

read only = < yes or no>

... other options

To test your configuration just run “testparm” and check the output. For a full list of options for smb.conf use “man smb.conf”, also check /etc/samba/smb.conf-sample.

To change our security from share to user, so share prompt for username and password, change

security = share to security = user

And add our users with

root@sms:~# smbpasswd -a angel

New SMB password:

Retype new SMB password:

Added user angel.

It’s important to note that a given username must already exist in the /etc/passwd file. Now when try to connect

to SMB shares from a windows machine you will get a promt to enter username and password.

5.5 FTP (proftpd) configuration.

The easiest way of configuring proftpd is by using gproftpd already available in x-kde-addon package. If you made a full installation of SMS, all you have to do is start KDE with “startx”.

In Servers tab you can set your FTP info and configuration variables

In Users tab you can add/delete edit users. To edit or delete a user, just select the user and edit his fields and press apply or press delete to delete the user. To add a user fill up his fields like username password directory and set the attributes, by clicking the boxes and press Add.

By clicking activate you enable the FTP server, Deactivate or Shutdown disable FTP server, Apply, apply changes to FTP server, Help has a few notes about adding users and directories, that you should read.

Tip: Proftpd can start as a standalone server or as an inetd, by editing /etc/inetd.conf.

5.5.1 FTP (vsftpd) configuration.

Superb Mini Server comes with a second FTP server to choose, called vsftpd (Very Secure FTP Daemon). To activated it, you need to edit /etc/inetd.conf and uncomment the line

# Very Secure File Transfer Protocol (FTP) server.

ftp stream tcp nowait root /usr/sbin/tcpd vsftpd

stop proftpd (/etc/rc.d/rc.proftpd stop) and restart inetd server (Internet super-server daemon).

root@sms:~# /etc/rc.d/rc.inetd restart

Starting Internet super-server daemon: /usr/sbin/inetd

By default vsftpd allow anonymous logins, to change that edit /etc/vsftpd.conf and change

anonymous_enable=YES to anonymous_enable=NO

and to allow local users uncomment the line

# Uncomment this to allow local users to log in.

local_enable=YES

Some other good options you should consider are

# Uncomment this to enable any form of FTP write command.

write_enable=YES

# You may change the default value for timing out an idle session.

idle_session_timeout=600

# You may change the default value for timing out a data connection.

data_connection_timeout=120

# You may fully customise the login banner string:

ftpd_banner=Welcome to SMS FTP service.

# You may specify an explicit list of local users to chroot() to their home

# directory. If chroot_local_user is YES, then this list becomes a list of

# users to NOT chroot().

chroot_local_user=NO

chroot_list_enable=YES

# (default follows)

chroot_list_file=/etc/vsftpd.chroot_list

check_shell=NO

userlist_enable=YES

userlist_deny=NO

userlist_file=/etc/vsftpd.user_list

Create a file called /etc/vsftpd.chroot_list and /etc/vsftpd.user_list and add your users.

root@sms:~# cat /etc/vsftpd.chroot_list

administrator

root@sms:~# cat /etc/vsftpd.user_list

administrator

You can create users with no shell and create their home dir like:

root@sms:~# useradd -d /var/ftp/test -s /bin/false test

root@sms:~# mkdir -p /var/ftp/test

root@sms:~# chown -R test /var/ftp/test/

root@sms:~# passwd test

And finally add user test to /etc/vsftpd.chroot_list and /etc/vsftpd.user_list

Tip: If you don’t want to start vsftpd through inetd you can change in /etc/vsftpd.conf

Listen=NO to Listen=YES

and you can start vsftpd with

vsftpd &

5.6 Sharing a Printer through Samba (CUPS + SMB).

Login to CUPS interface (https://youserver:631/admin) and add your printer, either by pressing the button

Find New Printers” or by pressing “Add Printer”. Once you have install a printer in our case was

HP845c HP Deskjet 845c HP Deskjet 845c hpijs, 3.10.5 Idle

Download windows drivers from http://cups.org/windows/software.php untar them with

tar xvjf cups-windows-6.0-source.tar.bz2

cd cups-windows-6.0

make install

You will also need to copy in /usr/share/cups/drivers, Microsoft Postscript drivers from a Windows XP machine localed in C:\WINDOWS\system32\spool\drivers\w32x86\3

ps5ui.dll

pscript.hlp

pscript.ntf

pscript5.dll

you need to edit /etc/samba/smb.conf and add under [global]

load printers = yes

printing = cups

printcap name = /etc/printcap

printer = HP845c

Temporally you need to switch security to user

Securtity = share to Security = user

and add shares for printer and drivers.

[printers]

comment = All Printers

path = /var/spool/samba

browseable = yes

public = yes

guest ok = yes

printable = yes

printer admin = root

[print$]

comment = Printer Drivers

path = /usr/share/cups/drivers

browseable = yes

guest ok = yes

read only = yes

write list = root

run “smbpasswd -a root” and after run “cupsaddsmb” script to add the windows drivers. A simple output will be

root@sms:/usr/share/cups/drivers# cupsaddsmb -a

Password for root required to access localhost via SAMBA:

Now you can switch your security back to share.

A verbose output should look like that:

root@sms:/usr/share/cups/drivers# cupsaddsmb -a -v

Password for root required to access localhost via SAMBA:

Running command: smbclient //localhost/print$ -N -A /tmp/04a024e104f8e -c ‘mkdir W32X86;put /tmp/04a024e1a868c W32X86/HP845c.ppd;put /usr/share/cups/drivers/ps5ui.dll W32X86/ps5ui.dll;put /usr/share/cups/drivers/pscript.hlp W32X86/pscript.hlp;put /usr/share/cups/drivers/pscript.ntf W32X86/pscript.ntf;put /usr/share/cups/drivers/pscript5.dll W32X86/pscript5.dll’

Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.6]

NT_STATUS_OBJECT_NAME_COLLISION making remote directory \W32X86

putting file /tmp/04a024e1a868c as \W32X86/HP845c.ppd (2014.0 kb/s) (average 2014.1 kb/s)

putting file /usr/share/cups/drivers/ps5ui.dll as \W32X86/ps5ui.dll (20699.9 kb/s) (average 16962.8 kb/s)

putting file /usr/share/cups/drivers/pscript.hlp as \W32X86/pscript.hlp (5085.4 kb/s) (average 15883.1 kb/s)

putting file /usr/share/cups/drivers/pscript.ntf as \W32X86/pscript.ntf (25312.7 kb/s) (average 19910.3 kb/s)

putting file /usr/share/cups/drivers/pscript5.dll as \W32X86/pscript5.dll (21982.1 kb/s) (average 20378.2 kb/s)

Running command: smbclient //localhost/print$ -N -A /tmp/04a024e104f8e -c ‘put /usr/share/cups/drivers/cups6.ini W32X86/cups6.ini;put /usr/share/cups/drivers/cupsps6.dll W32X86/cupsps6.dll;put /usr/share/cups/drivers/cupsui6.dll W32X86/cupsui6.dll’

Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.5.6]

putting file /usr/share/cups/drivers/cups6.ini as \W32X86/cups6.ini (14.1 kb/s) (average 14.1 kb/s)

putting file /usr/share/cups/drivers/cupsps6.dll as \W32X86/cupsps6.dll (3068.3 kb/s) (average 1371.5 kb/s)

putting file /usr/share/cups/drivers/cupsui6.dll as \W32X86/cupsui6.dll (2670.3 kb/s) (average 1835.4 kb/s)

Running command: rpcclient localhost -N -A /tmp/04a024e104f8e -c ‘adddriver “Windows NT x86” “HP845c:pscript5.dll:HP845c.ppd:ps5ui.dll:pscript.hlp:NULL:RAW:pscript5.dll,HP845c.ppd,ps5ui.dll,pscript.hlp,pscript.ntf,cups6.ini,cupsps6.dll,cupsui6.dll”’

Printer Driver HP845c successfully installed.

Running command: rpcclient localhost -N -A /tmp/04a024e104f8e -c ‘setdriver HP845c HP845c’

Successfully set HP845c to driver HP845c.

So when browsing from a Windows machine you should see

Now by double click the printer, the driver will automatically installed. If the driver can’t be found, such as if your machine is running Windows 7, windows will ask you for the driver, so you can point where the driver is or you can put it in an SMB share and navigate to there and install the printer.

5.7 Network File System (NFS).

To configure NFS you need to edit /etc/exports and add your shares, for instance:

/var/smb/samba/ *(rw,async,all_squash,no_subtree_check)

/var/smb/movies/ *(rw,async,all_squash,no_subtree_check)

/var/spool/hylafax/recvq/ faxmachine(async,all_squash,no_subtree_check)

By typing “man exports” you get the manual page for exports, that tells you what options you should use for exports. The asterisk tells to allow all workstations, a quick legend for our example

rw Allow both read and write requests on this NFS volume.

async This option allows the NFS server to violate the NFS protocol and reply to

requests before any changes made by that request have been committed to stable

storage (e.g. disc drive).

no_subtree_check

This option disables subtree checking, which has mild security implications, but

can improve reliability in some circumstances.

If a subdirectory of a filesystem is exported, but the whole filesystem isn’t then

whenever a NFS request arrives, the server must check not only that the accessed

file is in the appropriate filesystem (which is easy) but also that it is in the

exported tree (which is harder). This check is called the subtree_check.

all_squash Map all uids and gids to the anonymous user.

To start NFS you need to make executable /etc/rc.d/rc.nfsd and /etc/rc.d/rc.rpc and start them.

root@sms:~# chmod +x /etc/rc.d/{rc.rpc,rc.nfsd}

root@sms:~# /etc/rc.d/rc.rpc start

Starting RPC portmapper: /sbin/rpc.portmap

Starting RPC NSM (Network Status Monitor): /sbin/rpc.statd

root@sms:~# /etc/rc.d/rc.nfsd start

Starting NFS server daemons:

/usr/sbin/exportfs -r

/usr/sbin/rpc.rquotad

/usr/sbin/rpc.nfsd 8

/usr/sbin/rpc.mountd

You can also export a directory directly from the command line on the server by using the exportfs command as follows:

exportfs -o rw,no_root_squash *:/var/smb/samba

And you can get you exports info by typing “exportfs”

root@sms:~# exportfs

/var/smb/samba <world>

/var/smb/movies

<world>

/var/spool/hylafax/recvq

<world>

Tip: You can use webmin to config NFS at Webmin ->Networking -> NFS Exports.

5.8 DNS setup with BIND (Webmin).

There is a good wiki available at

http://doxfer.webmin.com/Webmin/BINDDNSServer#Introduction_to_the_Domain_Name

We are going to cover the basics with few words.

5.8.1 Creating a new master zone

A master zone is one for which your DNS server is the authoritative source of information. A single zone may be hosted by multiple servers, but only one is the master - all the rest are slaves. If you want to add a new master zone to your server’s configuration, the steps to follow are :

1. Decide on a name for the new zone, such as example.com or internal. If this is going to be Internet domain that will be visible to other everyone in the world, the domain name must not have been registered by anyone else yet. However, you cannot normally register it yourself until your DNS server has been set up to host it.

2. On the module’s main page, click on the Create a new master zone link below the table of existing zones. This will take you to the page shown in the image below for entering the details of the new zone.

3. If this is to be a forward zone like example.com or foo.com.au, leave the Zone type field set to Forward. However, if it is a reverse zone for looking up hostnames from IP addresses, set the field to Reverse.

4. In the Domain name / Network field, enter the name of the zone without any trailing dot. For a reverse zone, just enter the network address like 192.168.1. Webmin will automatically convert this to the in-addr.arpa format for you when the domain is created.

5. The Records file field controls where the configuration file containing the zone’s records is stored. If you leave it set to Automatic, the filename will be determined automatically based on the module’s configuration and the directory setting in the named.conf file. This is usually the best option, as it will result in the records file being created in the same directory as any existing zones, such as /var/named. However, if you de-select the Automatic option and enter a filename instead, all records for the zone will be written to that file. If you enter the name of an existing file, it will be overwritten when the domain is created.

6. In the Master server field, enter the full domain name of the master DNS server for this zone. This must be the canonical name of your system, such as server.example.com, not a short name like server. This server (and the values from the next

7. fields) are used to create the new zone’s SOA record.

8. In the Email address field, enter the address of the person responsible for this zone. You can use the @ symbol in the address, which Webmin will automatically convert to a dot for inclusion in the SOA record.

9. The Refresh time field determines how often secondary servers should check with this master server for updates to the zone. The default is reasonable, but you may want to increase it for zones that rarely change, or decrease it for those that are frequently updated.

10. The Transfer retry time field determines how long a secondary server should wait after a failed zone transfer before trying again.

11. The Expiry time field controls the maximum amount of time that a secondary DNS server for the zone should cache records for before re-transferring them from the master.

12. The Default time-to-live field determines the TTL of records in the zone that do not have one set explicitly.

13. Click the Create button at the bottom of the page. As long as the form has been filled in correctly and the zone does not already exist on your server, you will be taken to a page for adding new records to the zone.

14. Return to the module’s main page which will now include an icon for your new zone, and click the Apply Changes button at the bottom to activate it.

Once you press create you will see something like

5.8.2 Record Types.

Address (A): An Address records associates an IP address with a hostname. Any system that you want to be able to connect to via HTTP, telnet or some other protocol using its hostname must have an address record so that clients can look up its IP

Name Sever (NS): Records of this type defines a name server that is responsible for a zone. Every zone must have at least one Name Server record for itself, and may have additional records that specify the DNS servers responsible for subdomains.

Name Alias (CNAME): This type of record creates an additional name for an existing Address or Reverse Address record.

Mail Server (MX): Mail Server records tell mail delivery programs like Sendmail and Postfix, which system to contact when delivering mail to a domain or host.

Host Information (HINFO): Records of this type are used to record information about the hardware and operating system of a particular host.

Text (TXT): A Text record associates an arbitrary message of some kind with a name.

Well Known Service (WKS): A record of this type associates a hostname, port and protocol with a name.

Responsible Person (PR): This type of record is used for specifying the person or group responsible for a particular host.

Location (LOC): Location records are used to specify the physical location in latitude and longitude of a host.

Service Address (SRV): Records of this type are used to associate a domain name, service name and protocol with a particular host.

5.8.3 Adding Records

MX record must have an A record. Every time you press “Apply Configuration” always look at /var/log/syslog for BIND errors. If there is an error in your zone, it will not load.

And taking a look to our config you will see:

root@sms:~# cat /var/named/sms.localdomain.hosts

$ttl 38400

sms.localdomain. IN SOA server.sms.localdomain. root.sms.localdomain. (

1309543705

10800

3600

604800

38400 )

sms.localdomain. IN NS server.sms.localdomain.

ns.sms.localdomain. IN A 192.168.254.81

sms.localdomain. IN NS ns2.sms.localdomain.

workstation.sms.localdomain. IN A 192.168.254.122

server.sms.localdomain. IN A 192.168.254.81

www.sms.localdomain. IN CNAME sms.localdomain.

ftp.sms.localdomain. IN CNAME sms.localdomain.

mail.sms.localdomain. IN A 192.168.254.12

server.sms.localdomain IN A 192.168.254.81

ns2.sms.localdomain. IN A 192.168.254.81

sms.localdomain. IN MX 10 mail.sms.localdomain.

To test if everything it’s working open a terminal and type “dig sms.localdomain” or “dig sms.localdomain mx”v

5.8.4 DHCP Server (Webmin).

Now that you setup DNS, you need a DHCP server. Webmin has friendly interface for that at

Webmin -> Servers -> DHCP Server

Click on “Add new subnet” and enter subnet, netmask and DHCP range for leases. You can change lease time if you want, default is 1 day (1440), the values must be in seconds. When you done press “Save”

You can add additional options, by pressing “Edit Client Options”. When you done return to subnet list and start

DHCP server.

And this is, how your config (/etc/dhcpd.conf) looks.

# sms.localdomain

subnet 192.168.254.0 netmask 255.255.255.0 {

option domain-name “sms.localdomain”;

range 192.168.254.101 192.168.254.199;

option routers 192.168.254.254;

option domain-name-servers 192.168.254.81;

option subnet-mask 255.255.255.0;

}

5.9 DNS setup with DNSMasq.

Although BIND is a powerfull DNS server, sometimes, requires high skills, making it quite a pain to a beginner.

This is where dnsmasq comes, to save the day. Dnsmasq is a lightweight, easy to configure DNS forwarder, DHCP and TFTP server. It is designed to provide DNS and, optionally, DHCP and TFTP to a small network. Dnsmasq has an outdated webmin module at http://home.pacific.net.au/~magnecor/modules.html if someone wants to try it, hopefully SMS might include it, in feature builds.

5.9.1 Configuration.

Configuration of dnsmasq lies in /etc/dnsmasq.conf. Configuration file is well commented so take a look at it.

First thing is to configure the interface that our DNS will listen to, for instance, if your server is also an internet router, you might don’t want to have a DNS server on your external interface. If you don’t configure any interface, dnsmasq will listen to all available interfaces. If you want multiple interfaces just repeat the line.

interface=eth0

interface=wlan0

If you want to exclude one interface only use

except-interface=eth1

To configure the DHCP range of leases to clients enter the values for interface (optional), IP range, netmask and lease time separated by comma.

dhcp-range=192.168.254.101,192.168.254.199,255.255.255.0,24h

or if you have multiple networks

dhcp-range=eth0,192.168.254.101,192.168.254.199,255.255.255.0,24h

dhcp-range=wlan0,192.168.1.101,192.168.1.199,255.255.255.0,6h

If you want dnsmasq to provide only DNS service on an interface, then use the following line to disable DHCP on it.

no-dhcp-interface=eth2

You can pass additional dhcp options like specify router, ntp server e.t.c

dhcp-option=option:router,192.168.254.254

dhcp-option=option:ntp-server,192.168.0.4,10.10.0.5

To test configuration you can run “dnsmasq --test”.

root@sms:~# dnsmasq --test

dnsmasq: syntax check OK.

5.9.2 Start/Stop dnsmasq.

The start up script of DNSMasq located at /etc/rc.d/rc.dnsmasq, and if it’s executable, SMS will start it

automatically upon boot. Don’t forget though to disable BIND since you can’t have two dns servers binding on the same address:port. To start/stop dnsmasq do:

/etc/rc.d/rc.dnsmasq start

5.9.3 One line execute.

You can also start dnsmasq manually , overriding the configuration file, passing all the options in one line

command, like:

dnsmasq --interface=eth0 --dhcp-range=eth0,192.168.254.101,192.168.254,24h --log-dhcp

--dhcp-option=option:router,192.168.254.254 --keep-in-foreground

Tip: dnsmasq although it’s light and easy to configure is a powerful DNS server, so you should look at it’s

documentation, for mastering it’s power.

5.10 Netatalk (AFP).

Netatalk is a freely-available Open Source AFP fileserver. It also provides a kernel level implementation of the AppleTalk Protocol Suite. A *NIX/*BSD system running Netatalk is capable of serving many Macintosh clients simultaneously as an AppleShare file server (AFP), AppleTalk router, *NIX/*BSD print server, and for accessing AppleTalk printers via Printer Access Protocol (PAP).

By default AFP in SMS is disabled, which means the start up script (/etc/rc.d/rc.atalk) is not executable. To make it executable use “chmod”.

chmod +x /etc/rc.d/rc.atalk

Configuration files are well commented. and the files you mostly need to change are

/etc/netatalk/AppleVolumes.default

/etc/netatalk/afpd.conf

Default share in SMS are /var/afp/shares but you can change that in /etc/netatalk/AppleVolumes.default

just enter <path> <name of share> <options>

/var/afp/shares “AFP @ SMS” (a simple guest volume)

/var/afp/shares “AFP @ SMS” allow:user cnidsceme:cdb options:usedots,upriv (an advance user volume)

By passing the option “tm” enables TimeMachine support for shared volume.

var/afp/shares “AFP @ SMS” allow:user cnidsceme:cdb options:usedots,upriv,tm

If you want to share home directories add a tilde , like

~

To change afp daemon options, edit /etc/netatalk/afpd.conf accordingly e.g.

“Guest Volume” -uamlist uams_guest.so -loginmesg “Welcome guest!” (a guest volume)

“User Volume” -uamlist uams_clrtxt.so -port 12000 ( a user volume listen on TCP port 12000)

SMS by default load guest and user libraries so can use it as is, or remove guest libraries.

- -transall -uamlist uams_guest.so,uams_clrtxt.so,uams_dhx.so,uams_dhx2.so -nosavepassword

To start/stop netatalk use the start up script provided.

/etc/rc.d/rc.atalk start

5.10.1 Webmin module.

To configure AFP you can use Webmin, although it’s module it’s a bit confusing.

To access netatalk module navigate at

Webmin -> Servers -> Netatalk Apple File/Print Services.

To create a share click on “Create New File Share” or edit existing. You will notice that tm (TimeMachine) is missing, you can add it manually, by editing /etc/netatalk/AppleVolumes.default.

To configure afpd through webmin just click on button “Servers”, and either create or edit one.

5.10.2 Installing Avahi daemons.

Avahi is a free zeroconf implementation, including a system for multicast DNS/DNS-SD service discovery on a local network via the mDNS/DNS-SD protocol suite. This enables you to plug your laptop or computer into a network and instantly be able to view other people who you can chat with, find printers to print to or find files being shared. Compatible technology is found in Apple MacOS X (branded Bonjour and sometimes Zeroconf).

Avahi is available as an extra package and you will found it in SMS.Native.CD-Extra.iso, under

/extra/packages/avahi. To install download packages, or mount iso and use “installpkg” to install them.

You can additionally use “slapt-get“ to install them automatically by typing:

slapt-get -i avahi imlib2 libdaemon nss-mdns

To start avahi daemons start the startup scripts in /etc/rc.d/

/etc/rc.d/rc.avahidaemon start

/etc/rc.d/rc.avahidnsconfd start

You can place an entry of the above in /etc/rc.d/rc.local to automatically start at boot.

To enable a service rename service.tmpl to service and vice-versa to disable it e.g. rename

/etc/avahi/services/afp.service.tmpl to /etc/avahi/services/afp.service

afp.service it’s an xml document and looks like

<?xml version=”1.0” standalone=’no’?><!--*-nxml-*-->

<!DOCTYPE service-group SYSTEM “avahi-service.dtd”>

<service-group>

<name replace-wildcards=”yes”>%h</name>

<service>

<type>_afpovertcp._tcp</type>

<port>548</port>

</service>

<service>

<type>_device-info._tcp</type>

<port>0</port>

<txt-record>model=Xserve</txt-record>

</service>

</service-group>

By default SMS looks like an Xserve,

but you can change the icon by simple altering

<txt-record>model=Xserve</txt-record>

for instance you can put instead of Xserve

PowerBook

PowerMac

Macmini

iMac

MacBook

MacBookPro

MacBookAir

MacPro

AppleTV1,1

AirPort

and you can specify even the model e.g. iMac3,1 is not the same as iMac7,1 and so on.

SMS services for avahi are

afp.service.tmpl

cups.service.tmpl

http.service

nfs.service.tmpl

rfb.service.tmpl

smb.service

By default http and smb service are enable, but since you are using AFP it’s proper to disable smb.

Tip: If you enable vnc in SMS and enable rfb.service

you will get the “Share Screen” button option on your Macs.

5.11 Managing Users (Webmin).

We already know how to add a user with “adduser” script, let’s see how to create a user through Webmin. To manage users and groups in webmin, navigate to Webmin -> System -> Users and Groups, and you will see all users and groups your system has. To create a user click on “Create a new user” and fill the appropriate fields like

username, real name and password. UID, home directory, and shell, you can leave them as default, unless you want your user to don’t have a shell (no login), or you want a home directory other than /home , or not having a directory at all. In the password field, choose Normal Password, and webmin will encrypt it for you.

When you finish press “Create” to create your user.

To delete a user, select one or more users and press “Delete Selected Users”.

To edit a user just click on a user and edit it’s fields, like password UID e.t.c. You can also change passwords for users at Webmin -> System -> Change Passwords, by clicking on a user and setting a new password.

5.12 Fax server.

SMS comes with hylafax configured in ttyS0 (serial port 1), but you can change or add more modems.

To configure hylafax the proper way is to run “faxsetup”. You will get a lot of output and series of questions that you can pass, by pressing enter to the default options.

Next you need to run “faxaddmodem” to add your modems. You need to stop hylafax server before running “faxaddmodem” though. So do a

/etc/rc.d/rc.hylafax stop

and run faxaddmodem, after you supply serial port you need to answer a few questions about your fax line

details like, country code, telephone number e.t.c.

Tip: add 655 and above permissions to receive mode so avantfax be able to grap the messages

root@sms:~# faxaddmodem

Serial port that modem is connected to []? ttyS0

Ok, time to setup a configuration file for the modem. The manual

page config(5F) may be useful during this process. Also be aware

that at any time you can safely interrupt this procedure.

Reading scheduler config file /var/spool/hylafax/etc/config.

No existing configuration, let’s do this from scratch.

Country code [0030]?

....

when you finish run

faxmodem ttyS0

to initiate the sending, and

/etc/rc.d/rc.hylafax start

to start the faxserver, and by typing faxstat you should see:

HylaFAX scheduler on sms.org: Running

Modem ttyS0 (<your number>): idle

If you don’t see the above try to reboot so changes will take affect or try

/usr/sbin/faxgetty /dev/ttyS0

By now your hylafax server it’s ready to receive and send faxes. To add users use the “faxadduser” command.

root@sms:~# faxadduser angel

5.12.1 AvantFax.

To install avantfax manual with “installpkg”, or use “slapt-get -i avantfax”. The install script will do the rest for you. You will be asked for mysql’s root password, if you did not add a password just press enter or if you have a password enter it at the prompt.

Avantfax database has default settings

user:avantfax

pass:d58fe49

After installation completes go to http:/[yourserver]/avantfax/ and login.

username: admin

password: password

After you choose you password go to admin panel (http://[yourserver]/avantfax/admin/admin.php)

and choose from scroll down menu Configure -> modems, and set

device: ttyS0 (notice we add it without /dev/ttyS0 and mind the caps)

alias: your alias

contact: your email ( mail should be registered in users config to be accepted)

well that’s was it, you are now ready to start enjoy your fax server...