Course Outline

Debian Distribution

What is Debian?

  • Choosing Debian version
  • Debian support and help
  • Debian community

Console basics

  • The shell prompt
  • The shell prompt under X
  • The root account and root shell prompt (su, sudo, running programs as root under X)
  • GUI system administration tools
  • Virtual consoles
  • How to leave the command prompt
  • How to shut down the system
  • Recovering a sane console
  • Additional package suggestions for the newbie
  • An extra user account
  • sudo configuration

The filesystem

  • Filesystem permissions
  • Control of permissions for newly created files: umask
  • Permissions for groups of users (group)
  • Timestamps
  • Links
  • Named pipes (FIFOs)
  • Sockets
  • Device files
  • Special device files
  • procfs and sysfs

Midnight Commander (MC)

  • Customization of MC
  • Starting MC
  • File manager in MC
  • Command-line tricks in MC
  • The internal editor in MC
  • The internal viewer in MC
  • Auto-start features of MC
  • FTP virtual filesystem of MC

The basic Unix-like work environment

  • The login shell
  • Customizing bash
  • Special key strokes
  • The pager
  • Setting a default text editor
  • How to quit vim
  • Recording the shell activities
  • Basic Unix commands

The simple shell command

  • Command execution and environment variable
  • "$LANG" variable
  • "$PATH" variable
  • "$HOME" variable
  • Command line options
  • Shell glob
  • Return value of the command
  • Typical command sequences and shell redirection
  • Command alias

Unix-like text processing

  • Unix text tools
  • Regular expressions
  • Replacement expressions
  • Global substitution with regular expressions
  • Extracting data from text file table
  • Script snippets for piping commands

Debian package management

Debian package management prerequisites

  • Package configuration
  • Basic precautions
  • Life with eternal upgrades
  • Debian archive basics
  • Package dependencies
  • The event flow of the package management
  • First response to package management troubles

Basic package management operations

  • apt-get/apt-cachevs.aptitude
  • Basic package management operations with the commandline
  • Interactive use of aptitude
  • Key bindings of aptitude
  • Package views under aptitude
  • Search method options with aptitude
  • The aptitude regex formula
  • Dependency resolution of aptitude
  • Package activity logs

Examples of aptitude operations

  • Listing packages with regex matching on package names
  • Browsing with the regex matching
  • Purging removed packages for good
  • Tidying auto/manual install status
  • System wide upgrade

Advanced package management operations

  • Advanced package management operations with commandline
  • Verification of installed package files
  • Safeguarding for package problems
  • Searching on the package metadata

Debian package management internals

  • Archive metadata
  • Top level "Release" file and authenticity
  • Archive level "Release" files
  • Fetching of the metadata for the package
  • The package state for APT
  • The package state for aptitude
  • Local copies of the fetched packages
  • Debian package file names
  • The dpkg command
  • The update-alternative command
  • The dpkg-statoverride command
  • The dpkg-divert command

Recovery from a broken system

  • Incompatibility with old user configuration
  • Different packages with overlapped files
  • Fixing broken package script
  • Rescue with the dpkg command
  • Recovering package selection data

Tips for the package management

  • How to pick Debian packages
  • Packages from mixed source of archives
  • Tweaking candidate version
  • Updates and Backports
  • Automatic download and upgrade of packages
  • Limiting download bandwidth for APT
  • Emergency downgrading
  • Who uploaded the package?
  • The equivs package
  • Porting a package to the stable system
  • Proxy server for APT
  • Small public package archive
  • Recording and copying system configuration
  • Converting or installing an alien binary package
  • Extracting package without dpkg
  • More readings for the package management

The system initialization

  • An overview of the boot strap process
  • BIOS, boot loader, mini-Debian system
  • The meaning of the runlevel
  • The configuration of the runlevel
  • The runlevel management example
  • The default parameter for each init script
  • The hostname
  • The filesystem
  • Network interface initialization
  • Network service initialization
  • The system message
  • The kernel message
  • The udev system
  • The kernel module initialization

Authentication and Security

  • Normal Unix authentication
  • Managing account and password information
  • Good password
  • Creating encrypted password
  • PAM and NSS
  • Configuration files accessed by the PAM and NSS
  • The modern centralized system management
  • "Why GNU su does not support the wheel group"
  • Stricter password rule
  • Other access controls
  • sudo
  • SELinux, Apparmor
  • Restricting access to some server services
  • Security of authentication
  • Secure password over the Internet
  • Secure Shell
  • Extra security measures for the Internet
  • Securing the root password

Network setup

The basic network infrastructure

  • The domain name
  • The hostname resolution
  • The network interface name
  • The network address range for the LAN
  • The network device support

The modern network configuration for desktop

  • GUI network configuration tools

The low level network configuration

  • Iproute2 commands
  • Safe low level network operations

Network optimization

  • Finding optimal MTU
  • Setting MTU
  • WAN TCP optimization

Netfilter infrastructure

Network applications

The mail system

  • Modern mail service basics
  • The mail configuration strategy for workstation

Mail transport agent (MTA) and Mail user agent (MUA)

  • Overview of exim4
  • Basic MUA- Mutt

Mail delivery agent (MDA) with filter

  • maildrop configuration
  • procmail configuration
  • Redeliver mbox contents

POP3/IMAP4 server

The remote access server and utility (SSH)

  • Basics of SSH
  • Port forwarding for SMTP/POP3 tunneling
  • Connecting without remote passwords
  • Dealing with alien SSH clients
  • Setting up ssh-agent
  • How to shut down the remote system on SSH
  • Troubleshooting SSH

Other network application servers

Other network application clients

The diagnosis of the system daemons

The X Window System

  • Setting up desktop environment
  • The server/client relationship
  • The X server
  • Starting the X Window System
  • Starting X session with gdm
  • Customizing the X session (classic method)
  • Customizing the X session (new method)
  • Connecting a remote X client via SSH
  • Secure X terminal via the Internet
  • X applications
  • X office applications
  • X utility applications

System tips

The screen program

  • The use scenario for screen(1)
  • Key bindings for the screen command

Data recording and presentation

  • The log daemon
  • Log analyzer
  • Recording the shell activities cleanly
  • Customized display of text data
  • Customized display of time and date
  • Colorized shell echo
  • Colorized commands
  • Recording the editor activities for complex repeats
  • Recording the graphic image of an X application
  • Recording changes in configuration files

Data storage tips

  • Disk partition configuration
  • Accessing partition using UUID
  • Filesystem configuration
  • Filesystem creation and integrity check
  • Optimization of filesystem by mount options
  • Optimization of filesystem via superblock
  • Optimization of hard disk
  • Using SMART to predict hard disk failure
  • Expansion of usable storage space via LVM
  • Expansion of usable storage space by mounting another partition
  • Expansion of usable storage space using symlink
  • Expansion of usable storage space using aufs

Data encryption tips

  • Removable disk encryption with dm-crypt/LUKS
  • Encrypted swap partition with dm-crypt
  • Automatically encrypting files with eCryptfs
  • Automatically mounting eCryptfs

Monitoring, controlling, and starting program activities

  • Timing a process
  • The scheduling priority
  • The ps command
  • The top command
  • Listing files opened by a process
  • Tracing program activities
  • Identification of processes using files or sockets
  • Repeating a command with a constant interval
  • Repeating a command looping over files
  • Starting a program from GUI
  • Customizing program to be started
  • Killing a process
  • Scheduling tasks once
  • Scheduling tasks regularly
  • Alt-SysRq key

System maintenance tips

  • Who is on the system?
  • Warning everyone
  • Hardware identification
  • Hardware configuration
  • System and hardware time
  • The terminal configuration
  • The sound infrastructure
  • Disabling the screen saver
  • Disabling beep sounds
  • Memory usage
  • System security and integrity check

The kernel

  • Kernel parameters
  • Kernel headers
  • Compiling the kernel and related modules
  • Compiling the kernel source: Debian standard method
  • Compiling the module source: Debian standard method
  • Non-free hardware drivers

Virtualized system

  • Virtualization tools
  • Virtualization work flow
  • Mounting the virtual disk image file
  • Chroot system
  • Multiple desktop systems

Data management

Sharing, copying, and archiving

  • Archive and compression tools
  • Copy and synchronization tools
  • Idioms for the archive
  • Idioms for the copy
  • Idioms for the selection of files
  • Backup and recovery
  • Backup utility suites
  • An example script for the system backup
  • A copy script for the data backup
  • Removable storage device
  • Sharing data via network
  • Archive media

The binary data

  • Viewing and editing binary data
  • Manipulating files without mounting disk
  • Data redundancy
  • Data file recovery and forensic analysis
  • Splitting a large file into small files
  • Clearing file contents
  • Dummy files
  • Erasing an entire hard disk
  • Erasing unused area of a hard disk
  • Undeleting deleted but still open files
  • Searching all hardlinks
  • Invisible disk space consumption

Data security infrastructure

  • Key management for GnuPG (signing and encrypting)
  • The MD5 sum
 35 Hours

Number of participants


Price per participant

Upcoming Courses