Debian Administration Training Course

Debian Distribution

What is Debian?

• Selecting the appropriate Debian version
• Accessing Debian support and assistance
• Engaging with the Debian community

Console basics

• Understanding the shell prompt
• Using the shell prompt under X
• Managing the root account and root shell prompt (su, sudo, running programs as root under X)
• Leveraging GUI system administration tools for government
• Utilizing virtual consoles for government operations
• Exiting the command prompt
• Properly shutting down the system
• Recovering a functional console
• Suggested additional packages for new users in government settings
• Creating an extra user account for enhanced security and accountability
• Configuring sudo for granular control and logging

The filesystem

• Understanding filesystem permissions for secure data management
• Controlling permissions for newly created files: umask
• Managing permissions for groups of users (group)
• Working with timestamps in the filesystem
• Utilizing links for efficient file referencing
• Using named pipes (FIFOs) for inter-process communication
• Leveraging sockets for networked applications
• Managing device files for hardware integration
• Handling special device files for advanced functionalities
• Exploring procfs and sysfs for system monitoring and configuration

Midnight Commander (MC)

• Customizing Midnight Commander for personalized workflows
• Starting Midnight Commander efficiently
• Using the file manager features in MC
• Utilizing command-line tricks within MC
• Leveraging the internal editor in MC for quick edits
• Using the internal viewer in MC for file inspection
• Configuring auto-start features of MC for streamlined use
• Accessing the FTP virtual filesystem in MC for remote file management

The basic Unix-like work environment

• Understanding the login shell for secure and efficient sessions
• Customizing bash for personalized command-line experiences
• Utilizing special key strokes for enhanced productivity
• Using the pager for navigating through large outputs
• Setting a default text editor for consistent use
• Exiting vim correctly for data integrity
• Recording shell activities for audit and troubleshooting
• Mastery of basic Unix commands for effective system management

The simple shell command

• Executing commands and managing environment variables
• Configuring the "$LANG" variable for internationalization
• Setting the "$PATH" variable for executable location
• Defining the "$HOME" variable for user-specific configurations
• Using command line options for flexible execution
• Leveraging shell globbing for file pattern matching
• Understanding the return value of commands for error handling
• Executing typical command sequences and using shell redirection for data processing
• Creating command aliases for efficiency and consistency

Unix-like text processing

• Utilizing Unix text tools for data manipulation
• Applying regular expressions for pattern matching
• Using replacement expressions for text transformation
• Performing global substitution with regular expressions for batch editing
• Extracting data from structured text files for analysis
• Writing script snippets for chaining commands together

Debian package management

Debian package management prerequisites

• Configuring package settings for optimal performance
• Taking basic precautions to ensure system stability
• Managing continuous upgrades for up-to-date systems
• Understanding the basics of Debian archives
• Navigating package dependencies for seamless installation
• Following the event flow of package management processes
• Responding effectively to package management issues

Basic package management operations

• Comparing apt-get/apt-cache with aptitude for government use
• Performing basic package management operations using the command line
• Interactively using aptitude for detailed control
• Leveraging key bindings in aptitude for efficient navigation
• Exploring package views under aptitude for comprehensive oversight
• Using search method options with aptitude for precise queries
• Utilizing the aptitude regex formula for advanced searches
• Understanding dependency resolution in aptitude for conflict management
• Reviewing package activity logs for audit and troubleshooting

Examples of aptitude operations

• List packages using regex matching on package names
• Browse with regex matching for targeted searches
• Purge removed packages to free up space
• Tidy auto/manual install status for clarity
• Perform a system-wide upgrade for current software versions

Advanced package management operations

• Executing advanced package management operations with the command line
• Verifying installed package files for integrity and security
• Implementing safeguards against package problems
• Searching on package metadata for detailed information

Debian package management internals

• Understanding archive metadata for comprehensive system knowledge
• Verifying the authenticity of top-level "Release" files
• Exploring archive level "Release" files for in-depth analysis
• Fetching metadata for packages to ensure up-to-date information
• Managing the package state for APT and aptitude for consistent operations
• Storing local copies of fetched packages for reliability
• Interpreting Debian package file names for clear identification
• Utilizing the dpkg command for low-level package management
• Using the update-alternative command for managing system defaults
• Leveraging the dpkg-statoverride command for advanced permissions
• Applying the dpkg-divert command for custom configurations

Recovery from a broken system

• Addressing incompatibility with old user configuration for smooth transitions
• Handling different packages with overlapping files to avoid conflicts
• Fixing broken package scripts for system stability
• Rescuing the system using the dpkg command for emergency repairs
• Recovering package selection data for consistent state management

Tips for the package management

• Selecting appropriate Debian packages for government operations
• Managing packages from mixed sources of archives for flexibility
• Tweaking candidate version for specific requirements
• Implementing updates and backports for enhanced functionality
• Automatically downloading and upgrading packages for continuous improvement
• Limiting download bandwidth for APT to optimize network resources
• Performing emergency downgrading when necessary
• Identifying who uploaded a package for accountability
• Using the equivs package for custom dependencies
• Porting a package to the stable system for reliability
• Configuring a proxy server for APT for secure and efficient downloads
• Maintaining a small public package archive for internal use
• Recording and copying system configuration for backup and replication
• Converting or installing an alien binary package for compatibility
• Extracting package contents without dpkg for detailed inspection
• Exploring additional resources for in-depth package management knowledge

The system initialization

• An overview of the boot process for government systems
• Understanding BIOS, boot loaders, and mini-Debian systems
• Interpreting the meaning of runlevels for controlled operations
• Configuring runlevels for specific use cases in government
• Managing runlevel configurations with practical examples
• Setting default parameters for each init script for consistent behavior
• Configuring the hostname for network identification
• Managing the filesystem for optimal performance and security
• Initializing network interfaces for connectivity
• Starting network services for system functionality
• Reviewing system messages for diagnostic purposes
• Monitoring kernel messages for low-level insights
• Utilizing the udev system for dynamic device management
• Initializing kernel modules for hardware support

Authentication and Security

• Implementing normal Unix authentication for secure access
• Managing account and password information for government systems
• Creating strong passwords for enhanced security
• Generating encrypted passwords for data protection
• Leveraging PAM and NSS for integrated authentication and name services
• Configuring files accessed by PAM and NSS for secure operations
• Exploring modern centralized system management for scalable solutions
• Understanding why GNU su does not support the wheel group for security reasons
• Implementing stricter password rules for government compliance
• Applying other access controls for granular permissions
• Using sudo for delegated administrative tasks
• Deploying SELinux and AppArmor for advanced security measures
• Restricting access to server services for enhanced protection
• Ensuring the security of authentication processes for government systems
• Securing passwords over the Internet for remote access
• Utilizing Secure Shell (SSH) for encrypted connections
• Implementing extra security measures for Internet-facing systems
• Securing the root password for ultimate system control

Network setup

The basic network infrastructure

• Managing domain names for government networks
• Configuring hostname resolution for reliable communication
• Naming network interfaces for clear identification
• Selecting the appropriate network address range for LANs
• Supporting various network devices for comprehensive connectivity

The modern network configuration for desktop

• Using GUI network configuration tools for user-friendly setup

The low level network configuration

• Leveraging iproute2 commands for advanced network management
• Performing safe low-level network operations for system stability

Network optimization

• Finding the optimal MTU for efficient data transmission
• Setting the MTU for improved performance
• Optimizing WAN TCP settings for long-distance communication

Netfilter infrastructure

Network applications

The mail system

• Basics of modern mail services for government operations
• Configuring the mail system for workstations in government settings

Mail transport agent (MTA) and Mail user agent (MUA)

• Overview of exim4 for reliable mail transport
• Using Mutt as a basic MUA for efficient email management

Mail delivery agent (MDA) with filter

• Configuring maildrop for rule-based filtering
• Setting up procmail for advanced email processing
• Redelivering mbox contents for data recovery and organization

POP3/IMAP4 server

The remote access server and utility (SSH)

• Basics of SSH for secure remote access
• Using port forwarding for SMTP/POP3 tunneling for secure email communication
• Connecting without remote passwords for enhanced security
• Dealing with alien SSH clients for compatibility
• Setting up ssh-agent for key management
• Shutting down the remote system via SSH for administrative tasks
• Troubleshooting SSH connections for reliability

Other network application servers

Other network application clients

The diagnosis of the system daemons

The X Window System

• Setting up a desktop environment for government use
• Understanding the server/client relationship in X for efficient design
• Managing the X server for graphical applications
• Starting the X Window System for user sessions
• Using gdm to start X sessions for secure logins
• Customizing the X session using classic methods for personalized workflows
• Adopting new methods for customizing the X session for modern requirements
• Connecting a remote X client via SSH for secure access
• Ensuring secure X terminal connections over the Internet for government operations
• Leveraging X applications for various tasks
• Utilizing X office applications for productivity
• Using X utility applications for system management

System tips

The screen program

• Scenarios for using screen(1) for session management
• Key bindings for the screen command for efficient navigation

Data recording and presentation

• Configuring the log daemon for comprehensive logging
• Using a log analyzer for insightful data review
• Recording shell activities cleanly for audit trails
• Customizing text data display for clarity
• Displaying time and date in customized formats
• Colorizing shell echo for better visibility
• Colorizing commands for improved readability
• Recording editor activities for complex repeats
• Capturing graphic images of X applications for documentation
• Tracking changes in configuration files for version control

Data storage tips

• Configuring disk partitions for optimal performance and security
• Accessing partitions using UUID for consistent identification
• Setting up filesystem configurations for reliability
• Creating and checking the integrity of filesystems for data protection
• Optimizing filesystems with mount options for enhanced performance
• Tuning filesystem parameters via superblock for advanced optimization
• Optimizing hard disk performance for faster operations
• Using SMART to predict and prevent hard disk failures
• Expanding usable storage space using LVM for flexible management
• Multiplying storage by mounting another partition for additional capacity
• Extending storage with symlinks for efficient data organization
• Utilizing aufs for advanced file system layering

Data encryption tips

• Encrypting removable disks with dm-crypt/LUKS for secure data transport
• Securing swap partitions with dm-crypt for enhanced security
• Automatically encrypting files with eCryptfs for transparent protection
• Setting up automatic mounting of eCryptfs for seamless access

Monitoring, controlling, and starting program activities

• Measuring process timing for performance analysis
• Adjusting the scheduling priority for resource management
• Using the ps command for process monitoring
• Leveraging the top command for real-time system insights
• Listing files opened by a process for security and troubleshooting
• Tracing program activities for detailed diagnostics
• Identifying processes using files or sockets for system management
• Repeating commands at regular intervals for automated tasks
• Looping over files with repeating commands for batch processing
• Starting programs from the GUI for user-friendly execution
• Customizing program startup parameters for tailored use
• Killing processes for system maintenance and troubleshooting
• Scheduling one-time tasks for periodic execution
• Scheduling regular tasks for ongoing management
• Using the Alt-SysRq key for emergency system control

System maintenance tips

• Determining who is on the system for security and accountability
• Issuing warnings to all users for coordinated actions
• Identifying hardware components for configuration and troubleshooting
• Configuring hardware settings for optimal performance
• Synchronizing system and hardware time for accurate operations
• Adjusting terminal configurations for user preferences
• Managing the sound infrastructure for enhanced user experience
• Disabling screen savers for continuous operation
• Muting beep sounds for a quieter environment
• Monitoring memory usage for system health
• Performing system and hardware integrity checks for security

The kernel

• Configuring kernel parameters for customized performance
• Installing kernel headers for module development
• Compiling the kernel and related modules for specialized requirements
• Following the Debian standard method for compiling the kernel source
• Using the Debian standard method for compiling module sources
• Handling non-free hardware drivers for broad compatibility

Virtualized system

• Selecting virtualization tools for government use
• Implementing a virtualization workflow for efficient resource management
• Mounting virtual disk image files for data access
• Using chroot systems for isolated environments
• Managing multiple desktop systems for diverse user needs

Data management

Sharing, copying, and archiving

• Utilizing archive and compression tools for efficient data storage
• Leveraging copy and synchronization tools for consistent data distribution
• Applying idioms for effective archiving practices
• Using idioms for efficient file copying in government operations
• Selecting files with specific criteria for targeted management
• Implementing backup and recovery strategies for data protection
• Exploring backup utility suites for comprehensive solutions
• Creating an example script for system backups for automated processes
• Writing a copy script for data backups for reliable replication
• Managing removable storage devices for flexible data handling
• Sharing data via network for collaborative environments
• Selecting appropriate archive media for long-term storage

The binary data

• Viewing and editing binary data for specialized tasks
• Manipulating files without mounting disks for secure operations
• Implementing data redundancy for fault tolerance
• Performing data file recovery and forensic analysis for incident response
• Splitting large files into smaller parts for easier management
• Clearing file contents securely for data erasure
• Creating dummy files for testing and development
• Erasing an entire hard disk for complete data removal
• Erasing unused areas of a hard disk to free up space
• Undeleting deleted but still open files for data recovery
• Searching for all hardlinks for comprehensive file tracking
• Identifying invisible disk space consumption for efficient storage management

Data security infrastructure

• Managing keys for GnuPG (signing and encrypting) for secure communications
• Using the MD5 sum for data integrity verification