Check out my first novel, midnight's simulacra!

Debian Unstable

From dankwiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Update 2019-03-30: wow, this page sure is out of date! My next install is going to be Arch anyway. It's been a fantastic 20 years, Debian, and I'm happy to write you a letter of recommendation.

Installing Sid

  • Acquire the daily businesscard ISO.
    • These won't work from time to time, especially when base packages are being upgraded (the installer will expect a version which is no longer available)
  • Prepare external firmware, if necessary
  • Boot the ISO, selecting an Expert install

Post-install

sudo

  • Install sudo. Edit /etc/sudoers (using visudo) to allow the sudo group to run all commands without a password:

%sudo ALL=(ALL:ALL) NOPASSWD:ALL

  • Add user account to sudo group

debconf

  • dpkg-reconfigure debconf, set minimum priority to Low
  • dpkg-reconfigure -a, reconfiguring all debconf questions

boot process

  • Edit /etc/default/rcS, enabling FSCKFIX, VERBOSE, RAMRUN, RAMLOCK
  • Edit /etc/default/grub, removing "quiet" from GRUB_CMDLINE_LINUX_DEFAULT
    • Rerun update-grub
  • Ensure LABEL or UUID directives are being used in /etc/fstab
    • If not, retrieve them using blkid, and replace the /dev references
  • Install mcelog. Edit /etc/default/mcelog, adding "--syslog_error" to DAEMON_OPTS.
  • Install mingetty. Open /etc/inittab and convert 'getty 38400' to 'mingetty'.

networking-related

  • Install ntpd. Edit /etc/default/ntp, changing NTPD_OPTS to '-g -x'.
    • This allows the clock to be arbitrarily set once (presumably on startup), without slew delay
  • Unless the machine is intended as a mail server, set up a smarthost with ssmtp, purging Postfix/Exim
  • Install openssh-server. Disable password-based authentication (use only keys).
    • Debian already ships OpenSSH configured to use Protocol 2 only.
    • Optionally disable reverse DNS lookups: UseDNS no
    • Optionally disable password-based auth: PasswordAuthentication no
  • Add iptables rules to /etc/network/interfaces
    • Filter unused RFC 1938 addresses via the RAW table and ipset
    • Filter INVALID and UNKNOWN states via the INPUT table (if appropriate) (requires connection tracking)
  • Enable IPv4 and IPv6 forwarding, if appropriate, in /etc/sysctl.conf:
    • net.ipv4.ip_forward=1
    • net.ipv6.conf.all.forwarding=1 (note: disables Stateless Address Autoconfiguration!)

Multiuser

  • Clone my home directory from https://github.com/dankamongmen/dankhome.git
  • Set a color for the local machine in .pcolor
    • This is based on the binary bin/color, and hooks to PS1 in .bashrc
  • Install compiz and gdm3.
  • If SSH keys will be homed on this (hopefully local) machine...
    • Install libpam-ssh, and configure it
    • Recently, this can be done entirely inside of debconf -- no editing of PAM configs by hand
  • Remove info and install pinfo
  • FIXME plenty more..

External Applications

Perforce

  • Grab the amd64 Perforce binaries
  • Unpack the P4V tarball to local/
  • Update the local/ symlink: ln -sf abspath local/p4
  • Set up the p4 command line utility: chmod 775 p4 and mv p4 local/p4/bin

Flash

  • So long as there's no native 64-bit Linux client, you can either...
    • Use the GNU Gnash plugin, which works kinda
    • Use the 32-bit player with nspluginwrapper, from Debian Multimedia

Debian Multimedia

Retrieved from "https://nick-black.com/dankwiki/index.php?title=Debian_Unstable&oldid=5953"