|
← Revision 9 as of 2003-01-17 18:43:11
Size: 6801
Comment:
|
← Revision 10 as of 2003-01-19 18:01:03 →
Size: 6365
Comment:
|
| Deletions are marked like this. | Additions are marked like this. |
| Line 69: | Line 69: |
|
cd /usr/local/nocat/bin/iptables wget http://www.beattie-home.net/beattie/PersonalTelcoProject/throttle-cbqsfq.fw wget http://www.beattie-home.net/beattie/PersonalTelcoProject/throttle-htbsfq.fw |
|
| Line 164: | Line 168: |
|
#mkdir /var/lib/modules/2.4.2 #cd /lib/modules/2.4.20 #mv modules.dep /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.dep . #mv modules.generic_string /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.generic_string . #mv modules.ieee1394map /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.ieee1394map . #mv modules.isapnpmap /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.isapnpmap . #mv modules.parportmap /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.parportmap . #mv modules.pcimap /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.pcimap . #mv modules.pnpbiosmap /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.pnpbiosmap . #mv modules.usbmap /var/lib/modules/2.4.2 #ln -s /var/lib/modules/2.4.2.modules.usbmap . # #cd / |
edit /etc/modules add the following lines to the end of the file: sch_sfq sch_cbq sch_red sch_htb sch_tbf sch_ingress sch_prio |
Install debian:
Requires a system with a network connection and an internet connection.
Partition Hard Disk
hda1 200MB / Bootable
hda2 128mb swap
hda3 16MB /altvar
hda6 - /u
Install Kernal and Driver Modules
Configure Device Driver Modules (network interface)
Configure Network
use the appropriate values for the local situation
if installing via serial port Edit Kernel Boot Parameters
"console=tty0 console=ttyS0,9600n8"
Install Base System
network
Make System Bootable
Install LILO in the MBR
Put All In Menu
Reboot System
Configure the System
set hardware clock to GMT
Select System V Style time zones
PST8PDT
MD5 Passwords-yes
Shadow Passwords-yes
Set Password for root
Add User ptp, PTP Admin Account
do not remove pcmcia packages
do not use PPP to install system
chose apt method-http
Use non-US software-yes
Use non-free software-no
Select a country-US
choose debian mirror-whatever
proxy information per local requirements
wait....
Another apt source-no
Use security updates-yes
Run tasksel-no
Run dselect-no
exim config-5
login Prompt...login as root (I hope you remember the password you set)
cd /root
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/hostap-modules-2.4.20-ptp-0.1_2002.09.12-2+2.4.20-ptp-0.1+ptp.0.1_i386.deb
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/kernel-image-2.4.20-ptp-0.1_ptp.0.1_i386.deb
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/ptp-nocat.deb
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/hostap_cs.conf
dpkg --install kernel-image-2.4.20-ptp-0.1_ptp.0.1_i386.deb
dpkg --install hostap-modules-2.4.20-ptp-0.1_2002.09.12-2+2.4.20-ptp-0.1+ptp.0.1_i386.deb
dpkg --install ptp-nocat.deb
cd /usr/local/nocat/bin/iptables
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/throttle-cbqsfq.fw
wget http://www.beattie-home.net/beattie/PersonalTelcoProject/throttle-htbsfq.fw
dpkg --purge ppp pppconfig pppoe pppoeconf telnet tasksel manpages fdutils groff-base info man-db
rm -rf /etc/chatscripts /etc/ppp
rm -rf /lib/modules/2.2.20 /boot/*2.2.20*
#rm -rf /usr/share/locale /usr/share/doc /usr/share/man
apt-get install wget wireless-tools snmpd ssh iproute dhcp dnsmasq grub ssmtp perl-modules devfsd ntp netsaint-plugins sudo
all defaults except:
Who gets mail for userids < 1000? "nodes"
name of mail hub? "mail.personaltelco.net"
What domain to masquerade as? "personaltelco.net"
select time server -
Overwrite /etc/ntp.conf - yes
edit /etc/default/dnsmasq
add line 'DNSMASQ_INTERFACE="wlan0"'
rm /etc/rc[0-6].d/*dhcp /etc/rc[0-6].d/*dnsmasq
edit /etc/inittab
at the end of the file, add:
dh:2345:respawn:/usr/sbin/dhcpd -d -q wlan0
dn:2345:respawn:/usr/sbin/dnsmasq -d -i wlan0
nc:2345:respawn:/usr/local/nocat/bin/gateway -d
edit /usr/local/nocat/nocat.conf
set the LocalNetworkAddress
cp hostap_cs.conf /etc/pcmcia/hostap_cs.conf
(see hostap.txt)
(see dhcp.txt)
grub-install /dev/hda
update-grub
"Could not find /boot/grub/menu.lst file. Would you like one generated for you? (y/N)" - yes
<edit /boot/grub/menu.lst>
(if serial)
following the line: "default 0"
add:
## serial console
serial --unit=0 --speed=9600 --parity=no
terminal --timeout=10 serial console
(if building for a disk based system)
change: "default 0" to "default saved"
to the line "# kopt=root=/dev/hda1 ro"
(if serial)
add " console=tty0 console=ttyS0,9600n8"
update-grub #again
reboot
# now we try to make root read-only
edit /root/.profile
to the PATH line add ":/root/bin"
create file /root/bin/remountrw
---------- start ------------
#! /bin/sh
# The following is to track the actions of admins, not catch crackers
(echo root filesystem remounted RW;hostname;who)| \
/usr/bin/mail -s "Security Notice remountrw" root
/bin/mount -o remount,rw,noatime /
---------- end ------------
create file /root/bin/remountro
---------- start ------------
#! /bin/sh
/bin/mount -o remount,ro /
---------- end ------------
create file /root/bin/mountu
---------- start ------------
#! /bin/sh
mount /u && exit
# mount failed, rebuild the filesystem
mkfs.ext3 /dev/hda4
mount /u && (cd / ; tar xzf /etc/u.tgz) && exit
logger -p user.alert "rebuild of /u failed"
---------- end ------------
chmod 755 /root/bin/remountro /root/bin/remountrw /root/bin/mountu
rm /etc/mtab
ln -s /proc/mounts /etc/mtab
edit /etc/init.d/modutils
comment out 4 lines starting with "[ -e /sbin/depmod ] || exit 0"
edit /etc/modules
add the following lines to the end of the file:
sch_sfq
sch_cbq
sch_red
sch_htb
sch_tbf
sch_ingress
sch_prio
rm -rf /tmp
ln -s /var/tmp /tmp
mkdir -p /altvar/local/etc/network
mv /etc/network/ifstate /altvar/local/etc/network
ln -s /var/local/etc/network/ifstate /etc/network/ifstate
mv /etc/resolv.conf /altvar/local/etc/resolv.conf
ln -s /var/local/etc/resolv.conf /etc/resolv.conf
# make package info persistent
mkdir -p /etc/var/lib
cp -a /var/lib/dpkg /etc/var/lib/dpkg
rm -rf /var/lib/dpkg
ln -s /etc/var/lib/dpkg /var/lib/dpkg
cp -a /var/lib/apt /etc/var/lib/apt
rm -rf /var/lib/apt
ln -s /etc/var/lib/apt /var/lib/apt
# create /var template
cd /
rm var/cache/debconf/* var/cache/apt/* var/cache/apt/archives/*.deb
rm -rf var/spool/exim var/log/exim
mkdir foo
tar czf - var | ( cd foo; tar xzvf - )
rm /foo/var/run/* /foo/var/run/sshd/* /foo/var/log/* /foo/var/log/ksymoops/* /foo/var/log/news/*
rm /foo/var/log/ntpstats/*
mkdir -p /foo/var/local/etc/network
cp /dev/null /foo/var/local/etc/resolv.conf
tar czvf /etc/var.tgz var
rm -rf foo
edit /etc/fstab
in the line for "/", change "errors=remount-ro" to "ro"
add the lines:
"/dev/hda3 /var ext2 defaults 0 0"
"/dev/hda4 /u ext3 defaults,noauto 0 0"
edit /etc/init.d/mountall.sh
following the line "mount -avt nonfs,nosmbfs,noncpfs,noproc" add the
line:
tar -xz -C / -f /etc/var.tgz
reboot into single user
/root/bin/remountrw
rm -rf /var
mkdir /var
reboot--- BrianBeattie