This is a rough recipe to install a clean Debian GNU/Linux system which includes NoCatAuth and all of the necessary software to turn a NewCloneArmyBox (or, actually, any spare machine with two network interfaces) into a powerful node.
This document was originally based on a set of rough notes taken by JeffWillard and DarrinEden during a couple of installations in a lab environment, directed by KeeganQuinn, and has since been heavily edited and updated by KeeganQuinn and others.
This process is now considered obsolete; see UsingBuilderHowTo for information on a more automated process based on these steps.
After the Base Installation
After working through base-config, you are left at a login: prompt. Log in with the root account you created, then install some basic system software:
apt-get install lynx ssh sudo ssmtp
You will want to add additional user accounts with the 'adduser' command, and give yourself or other users superuser access with the 'visudo' command.
At this point, it is safe to remove the console and CD-ROM drive from the machine, and continue the configuration "headless." This is often useful if you are configuring a batch of machines at one time.
You'll want to get a couple of packages to get started.
- 'grub' - GRUB is a bootloader; it replaces LILO. GRUB is a little smarter about dealing with multiple kernels and failure scenarios.
- 'wget' - a simple commandline tool for downloading files via HTTP or FTP.
apt-get install grub wget
Next, install a configuration file which will be recognized by the Debian kernel packages:
cd /etc wget http://svn.personaltelco.net/svn/ptp/system/trunk/node/net/kernel-img.conf
cd /etc/apt rm -f sources.list wget http://svn.personaltelco.net/svn/ptp/system/trunk/node/net/sources.list apt-get update
At this point, we're ready to install all of the necessary packages.
'kernel-image-2.4.18-1-k6' (replace -k6 with the appropriate subarchitecture, on non-NewCloneArmyBox hardware) is a full-featured Debian-supported kernel, to replace the one placed by the installer.
- 'snmpd' is the NET SNMP daemon, used for remote monitoring. Not required.
- 'dhcp' is the ISC DHCP server, used for handing out IP address to local clients.
'nocatauth-gateway' is the NoCatAuth captive portal gateway software.
- 'aide' is the Advanced Intrusion Detection Environment, used to verify system integrity. Not required.
- 'less' is a pager - I personally consider it superior to 'more' and very nice to have around. Not required.
- 'dnsmasq' is a caching-only DNS server.
apt-get install kernel-image-2.4.18-1-k6 snmpd dhcp nocatauth-gateway aide less dnsmasq apt-get clean
There, that wasn't so bad, was it?
Now, we can remove some unnecessary things. Of them, only lilo is potentially harmful if kept around.
dpkg -P lilo libpcre3 libident libldap2 libsasl7 setserial base-config \ manpages man-db groff-base modconf tasksel pppconfig pppoeconf pppoe \ ppp gettext-base syslinux nano ed info libpcap0
Last, but certainly not least, we need to GRUB set up, and clean out the remnants of LILO and the original installer kernel.
rm /vmlinuz /vmlinuz.old /boot/boot.* /boot/map /boot/*-bf2.4 rmdir /cdrom /initrd /lost+found /mnt /opt rm -rf /lib/modules/2.4.18-bf2.4 grub-install /dev/hda # (sometimes this is required twice) update-grub # (enter 'y' at the prompt) vi /boot/grub/menu.list # (change hd0,0 to hd0,1 and hda1 to hda2) update-grub
Finally, you will need to configure any secondary network interfaces, the DHCP server, and NoCatAuth. The relevant configuration files are usually /etc/modules, /etc/network/interfaces, /etc/dhcpd.conf, /etc/nocatauth/gateway/nocat.conf, /etc/default/dhcp, and /etc/default/nocatauth-gateway.
The values you need to change vary between installations, but the relevant configuration files are fairly self-explanitory. Personal Telco also provides all of our working configuration files on the web as examples: http://svn.personaltelco.net/svn/ptp/system/trunk/node
Good luck, and have fun!
- Why wouldn't this just be installed once, then imaged?
For the most part, it probably can be. See UsingBuilderHowTo for a much more automated approach.
- Feed a user a fish, one meal. Teach a user to fish, you have someone who can supply fish. Having this methodology around for people to read and use for installs helps spread the knowing in ways imaging or ghosting does not.