|Historical||Using Knoppix||Network addressing|
|General information||Debian information||Local network design|
|Further information||Installing Debian||Local project|
|Distributions||What now?||Main site home page|
This is not intended to be more than a few notes for information, and it is important to read the latest full instructions provided for your microprocessor group on the official Debian website http://www.debian.org. together with information about other installation methods, known problems and work-arounds, (see "errata" and the Release Notes). There is additional more detailed information in http://www.debian.org/doc/manuals/debian-handbook/
The installation process is designed to automatically configure as much as possible yet allow for personal preferences, a wide range of hardware, and a huge range of possible uses.
There are general guides and HOWTOs which are not specific to Debian at The Linux Documentation Project, http://www.tldp.org
It is possible to view the installation log later, but you may wish to make paper notes as you proceed. Installation pages may carry important information for possible reconfiguration. You may wish to treat your first installation as just a test, to be repeated fairly soon afterwards, perhaps selecting a different desktop to try. The installer is modular, and may be available complete at the start of the process, or various components may be obtained via a network connection during the installation.
A new installer was designed for Debian 3.1 "Sarge" which was easier to use than that provided with the previous 3.0 "Potato". Textual information and instructions are shown on screen. Later versions are provided with each Debian release. It is still under development, and the installer development team request an installation report for all attempts at installation, whether failed or successful, using the facility provided which can add details of the hardware involved.
There are several ways to start the installation, including a facility to start an installation from within a running Microsoft system, a "live" image with a specific desktop version or a small "netinst" CD/DVD/USB image plus a network or internet "mirror" server, or the first of a full set of installation BD's or DVD's if you do not have a convenient fast internet connection. The BIOS provided with the computer may allow booting from USB.
Debian installers are provided for many different processor types, including the 32-bit x86 AMD/Intel compatibles, and 64-bit AMD/Intel compatibles which use pairs of 32-bit units on the same chip, while the multi-arch "netinst" can be used to install both 32-bit and 64-bit versions.
The 64-bit version also carries facilities to run 32-bit software.
Installation information is normally supplied on the installation medium and can be read by opening, not running, the installer medium from any operating system.
Although it is usually possible to upgrade an earlier distribution of Debian to the next, the effective limit may be reached when later versions require more RAM than can be installed in older hardware.
The initial base system is now so large that it will not fit on a single CD with all possible basic options. Alternative versions are available for use from a USB memory or an installation from an internet mirror site or a local network server. The choice of netinst images includes a multi-arch version containing software required for both "amd64" 64-bit and "i386" 32-bit systems (although the Linux kernel no longer provides software for 386 or 486 processors, so the 32-bit version is often referred to as "x86")
Images can be downloaded either as complete direct ISO images, assembled from a torrent data stream, or built from a "jigdo" (jigsaw downloader) skeleton file plus the individual software packages. The jigdo system is preferred because there are many more software mirror sites providing individual packages than those that are able to provide the full range of ISO images.
If you intend to install Debian on to more than one computer, software is available to build and maintain an up-to-date local partial mirror of the software. There are several mirror sites that provide either complete ISO images or the individual software packages, while the facilities to assemble and verify images are available using ftp or http from cdimage.debian.org/cdimage/ which may be re-organised and re-named as get.debian.org. The software is protected by digital signatures to ensure that it is neither corrupted nor out of date when used. The main mirrors are updated several times per day, and a file may be rejected even if the package has not been updated recently but the digital signature is not up to date.
The software supplied as part of a full set of disks is arranged in priority order, most requested first. Disk images are supplied as complete ISO images, to be copied direct to disk as ISO images and not as files within a filing system. The disk images must be downloaded as unchanged binary data files, not text or "Word" files which could be changed by your operating system during the download. You are given the option to supply information about the packages you choose via an anonymous automatic process which will help the developers identify current trends.
Some computer hardware such as for wireless networking may need non-free drivers that require an End User Licensing Agreement (EULA), while other hardware, including graphics units, may only partially work with free open source drivers. Debian does not officially support hardware that requires non-free hardware drivers or firmware. Driver software can be downloaded from a commercial source and copied via another device such as a USB stick. You may find the required non-free firmware, or a modified version of the installer including non-free firmware, for download using ftp or http from cdimage.debian.org/cdimage/unofficial/non-free/
The standard installer does offer an option to allow or deny the installation of some non-free software after the base system is installed, and the file /etc/apt/sources.list will show whether the contrib(uted) and/or non-free options are available together with the main distribution. This selection will be available if the /etc/apt/sources.list lines finish with "main contrib non-free" instead of just "main".
You may need to refer to the documentation supplied with your computer for BIOS access and configuration. Recent computers may have "boot protection" enabled to force booting only from the hard disk, which may need to be disabled directly or using an installed Microsoft system before setting the "boot order" to give priority to your chosen installation method. As a last resort there may be a pair of pins on the motherboard which will set the BIOS to manufacturer defaults when shorted, or simply remove the battery for a few seconds, then reset to your own requirements.
Apple computers may only allow booting from a CD or DVD if the Alt key is held down as the computer is powered.
Unix compatible operating systems are happy with the CMOS clock set for UTC, (winter Greenwich Mean Time), and will correct for local time differences. It should be adjusted in the BIOS setup before beginning the installation so that all files are created with the correct date and timestamp. Recent versions of the installer may pause for some time as the battery maintained clock is corrected to match a reference clock via the internet. Microsoft may change the BIOS setting to suit local times, and possibly fall over as it does.
The Linux kernel will fully utilise any available RAM, and will normally make better use of it than the BIOS, so if possible do not allow the BIOS to set aside RAM for special uses such as video buffer. If you are not using a dual-boot system with Microsoft, do not allocate fixed areas of reserved memory for BIOS cache or video data, edit the BIOS and leave that job to the kernel. Linux does look at the BIOS information, but runs its own tests and ignores some of the BIOS settings. Linux does not use the BIOS once it is running, so do not load the BIOS into RAM.
Some "errors" found during BIOS checks could be ignored, while others should result in an immediate halt. For example you may wish to run a dedicated server without a keyboard, using remote access or a USB keyboard only when required.
Note that damage to a USB connector, or connecting a PS/2 keyboard or PS/2 mouse after the computer is powered, can short out the 5volt power supply and destroy your computer. These connectors may be powered from the standby section of the power supply, and are only safe when the mains power is completely removed.
Some motherboards offer BIOS selection of SATA disk support as either "emulation mode" which may cause problems, or "raw". You may need to make other selections, such as IDE "legacy mode". There is a list of known hardware problems in the "errata" section at the end of the Debian installation instructions. Laptop computers have more proprietary hardware, and are known to have more problems than normal boxes.
The BIOS backup battery may need to be replaced if settings are not retained.
Many hard disks have known faulty sectors replaced by alternatives located elsewhere. Every seek operation can take 1000 times the normal sector read time, so can cause problems for time-critical applications.
Specially designed disks are available for multimedia, video, and security applications that do not have replacement sectors well out of sequence, and care should be taken that the disk content is not fragmented in use.
Beware that manufacturers have been cutting costs on some hard disks by using "shingled magnetic recording" where multiple tracks are overlapped, leaving very narrow effective tracks, and must be (re-)recorded together as a complete block. This can result in slower effective write speeds, and possible disaster when a disk is part of a RAID set.
Hardware RAID controllers may use different disk formats, even between apparently identical versions, so the RAID array may be unreadable if the controller fails. If a computer motherboard fails while running software RAID, the rest of the system can usually be transferred to another motherboard with just minor adjustments. Genuine hardware RAID controllers are very expensive, and most have a battery backup so that there is no chance of data corruption if there is a computer power problem while writing to disk. Many cheaper varieties are really hardware connection systems which require the main processor to do all the work, possibly under the control of an on-board BIOS. They are as close to real hardware RAID systems as WINmodems are to genuine hardware modems.
Hard disks are sometimes sold with a huge solid state cache memory which can make a relatively slow disk appear fast. Unfortunately they sometimes delay and attempt to combine several writes to the main disk, possibly resulting in file corruption. Reduce the risk by delaying file closures, and pause for a few seconds before computer shutdown, to force a final write.
Some disks are designed to lower their spin rate when idling, but may fail early because of repeated spin-up cycles.
A wireless link to the computer may break during an installation or software update, so if possible use a direct cable connection, even if only temporary for the duration of the installation, unless you are using an installation that is completely based on removable media. The installer will still try to obtain any recent updates via the internet, so it is best to provide a connection if possible.
There are several installation methods available, including "Live" ISO images using various standard desktops which can be downloaded and burnt to DVDs, providing simple views of different desktops for comparison, or using a minimal "netinst" installer copied to a CD or USB plus a network or internet connection to a Debian "mirror", or a full CD or DVD set with alternative versions of CD 1 for different desktops. It is also possible to do a remote installation over a network.
Automatic hardware recognition is used to search for anything it can configure, so if possible make all connections to your network, modem, printer, etc, before starting the installation.
The installer is designed to quickly load a minimal basic system, and ask the minimum number of critical configuration questions, using general Debian defaults where possible. The downside of this is that more features may be left in a safe state, or effectively disabled, leaving the administrator to read the full installation instructions, release notes, errata, and other documentation, and then complete the configuration.
Many users will require more control over the installation and configuration process, and choosing the network installer "expert" mode will enable lower importance (medium or low priority) questions and choices. Standard installer modules to match the hardware found are loaded automatically, although additional modules are offered in "expert" mode in case of unexpected problems.
If multiple machines are to be loaded with a similar configuration, the installer can be modified with "pre-seed" instructions to enable easy duplication.
A workstation "desktop" with window manager is not essential for a computer designed to be used only as a server, and would require some resources from the host computer, although an administrator may find it useful. A simple text terminal, possibly accessed via a network, may well be sufficient and faster.
The default minimal installation does not include any X-windows graphical user interface nor any window manager, although options include Gnome, Mate based on earlier Gnome versions, KDE, and lightweight systems such as lxde and xfce. Each is supplied with numerous additional packages, giving a complete "desktop environment".
Other desktops, tasks, and packages can be added later using "apt-get install", "tasksel", or "aptitude" from the Debian distribution.
You may need details about the hardware provided with your computer, but most will be found automatically by the installer. You can either accept options suggested by the installer or specify your own requirements such as for disk partitions.
The DOS Master Boot Record (MBR) system offers up to four main partitions on a recording medium such as magnetic or solid state disks up to about 2TB, but it is not the only one available. The GPT system is acceptable to most recent operating systems, including Microsoft. It places a link from the default space used by the MBR system to a larger space which can handle many partitions on huge (almost unlimited) devices. The DOS system requires one partition to be labelled as bootable, while GPT will boot itself initially and then offer to start any available operating system.
Individual partitions are then formatted as required, although Linux formats may not be usable by Microsoft.
The kernel will look for at least one specially formatted swap partition which has at least twice as much memory as there is computer RAM. It is now common to find huge amounts of RAM fitted, so there is a tendency to provide less swap partition space, although this may result in unexpected problems later.
Some directories such as user /home directories contain both visible, and "hidden" directories with names that begin with a ".", and any may contain configuration details only relevant to the current installation, as well as files and data which could be moved to space on server directories. Links can then be provided both from the original locations, and any future installations, with the old data retained on the server directories.
You can separate some software, variable data, user, and other categories of data, into multiple partitions on multiple disks for reliability, security, or convenience. For example a user could try to download a huge file, or a sudden deluge of junk emails may fill a partition dedicated to storing mail, without blocking the rest of the system.
If there is sufficient space you can choose to leave previous partitions, or format new unused partitions reserved for a later installation, which will then be able to access partitions created during the earlier installation without loss of their original contents. Most of the original partitions can continue to be used with the later installation with their original names, although I call the original / partition something like /oldroots in the later installation, and the unchanged original installation could still be offered for booting as required.
It has previously been possible to install a new Linux on to any suitable space available on an existing computer system, with each disk labelled according to the order used by the BIOS to search for resources. This had the disadvantage that if the order was changed, perhaps because another disk was added or a USB device was left connected during the initial boot, disk partitions could be mislabelled. Partitions are listed in /etc/fstab in the installed system.
Starting with debian "squeeze" each disk partition, including the swap partition, will be given a unique label when it is formatted to be used for identification. Disks can then be moved or replaced without those changes affecting other devices. This resolves one problem but adds another because even any disk partition which does not have an existing unique label may be given one, which could affect an existing installation, especially if there are any shared partitions which could be re-labelled. It can be an advantage to make older partitions available to the new installation, under new names if necessary, but without re-formatting or changing the partition contents, and any references to shared partitions which have been re-labelled can then be accessed from the latest installation and the /etc/fstab edited to suit. If a new installation does change labels and does have access to the original it should be possible to edit the original file system list to match using the later system.
Software RAID (Redundant Array of Inexpensive Disks to provide more reliable or faster disk storage across similar partitions on multiple disks) is available, including 0 (striped data across multiple disks to increase the effective access speed), 1 (mirrored partitions for data security), and 5 (striped across several disks giving additional data security with data recovery after a disk failure, but at a cost of increased processor load). Unused hot spare disks can be added.
There are now other possible problems due to the inability of the BIOS to access modern high capacity disks, with a common workaround using larger data block sizes. Linux can use hard disks much larger than could be handled by the BIOS of earlier computers, but the BIOS is important for starting the boot procedure. A re-boot error message towards the end of the boot start up could indicate a BIOS access problem.
It used to be possible to get round the problem with a small /boot partition (suggested between 20 and 100 MBytes) at the start of the disk where it is totally within the area accessible by the BIOS.
Another method is to fit a small bootable disk in the Primary Master position and a much larger second disk. If this causes the BIOS to hang, mark that position as empty/not installed and let the installer find the disk.
The GRand Unified Bootloader grub, and the completely re-written grub2, which are replacing the older LInux LOader LILO, are designed to be installed in the first few sectors of the disk, known as the Master Boot Record, mbr, with additional files in the / directory, but without a separate /boot partition. The / partition should contain all the directories required for booting.
If the hard disk is later required to be used only for Microsoft, the original mbr can be restored using the Microsoft facility fdisk\mbr.
Whole disc encryption may soon become a legal requirement for business use, especially when holding customer data. Encryption is an available option, but formatting will take a very long time because the entire disc will be encrypted, including the empty space, so that there is no obvious difference between occupied and empty space. Access will only be possible using the correct key. Consider perhaps daily backups, each to a different destination in rotation, if possible in separate physical locations.
Disks greater than about 2 TB require more address information than possible using a 32-bit computer and the standard MSDOS style Master Boot Record (MBR) and partitions, and are not usable. Recent computers can use the GPT partition system, UEFI boot procedures, and more recent disk formats designed to handle much larger disks. The installer should detect this and offer an alternative set of options.
The UEFI boot layout will include an additional small UEFI boot partition. You can select Manual partition layout in Expert mode, check what Guided partitioning would offer, then step back and make your own decisions.
Please check the current information regarding upgrades from grub to grub2 if there has been a previous installation.
The boot facility based on grub may be able to boot from a simple software RAID1 partition, but may have problems booting from other software RAID systems, or LVM within RAID, so you may need a separate / partition, which could be on either software RAID1, or a simple non-RAID partition and perhaps a backup copy on another disk. I try to leave an unused formatted but empty partition for a future installation, labelled something like /next, and keep as much as possible on a server partition, perhaps labelled /srv, to be shared with the later installation, with links or symlinks from both as required.
If the disk is DOS formatted the first partition required for booting should be labelled as bootable while formatting, (this will be automatically set when UEFI booting is selected).
The overall layout can not be changed after creating the RAID devices, although the recent mdadm RAID controller is able to make some changes to existing systems, but each RAID device can be further subdivided into partitions and formatted as just another device.
Select and confirm the partitions to be used for RAID, then configure the software RAID, before making other choices.
Recent installers may be able to remove unwanted RAID or LVM partitions, but if really necessary they can be deleted by copying /dev/zero to the entire disk using dd (but first ensure that the correct disk is selected and that there are no hidden recovery partitions):
dd if=/dev/zero of=/dev/sd??
Note that this requires administrator (root) permissions, and could take a very long time, with no progress information displayed until final completion. This can be done using a computer running from a Knoppix DVD.
Logical Volume Management (LVM) can be used to combine multiple small partitions into larger units, adding more LVM partitions as required. This can work well, but any errors found when the computer is restarted can prevent access to all the linked partitions in a group. Both RAID and normal areas can be divided into LVM partitions before they are finally configured for use.
It can take some time and effort, but it may be possible to recover files from damaged discs using software such as "testdisk" on a working system.
If data security is important, perhaps also consider a UPS to provide reliable power, with automated shutdown when the battery is low. Network UPS Tools (nut) can act as either a master server directly connected to the UPS controls, or a slave running on a computer which is also powered by the UPS, or simply to providing remote monitoring.
Check the Release Notes and Errata for known, but rare, hardware problems.
An example is that hardware differences allow some systems to work much faster if Direct Memory Access (DMA) is enabled for all drives, but this can cause problems with some older drives, and can prevent access to a CDROM. The work-around suggested in the errata can be used.
If hdx is the relevant drive, normally between hda and hdd (now often called sdx, sda to sdd)
Another problem, again involving loss of access to the CD, was solved using a hint from the errata and problems section. It suggested that I change to the second text screen using Alt+F2 to view dmesg using
dmesg | more
Towards the end of the file it reported an Interrupt Request (IRQ) problem and sugested that I should restart the installation including the command "irqpoll". It worked, and the installation completed without any other problems.
The installer will walk you through stage by stage, and in most cases the defaults shown will be reasonable.
Installation is controlled from the first of several virtual text terminals, with others providing information and commands if needed. Switch between them using Alt+F1, Alt+F2, etc. You will sometimes need to use the Tab key to move between items on screen, or choose several items from a list using the Space key to toggle selections. The installation log file can be viewed on the fourth terminal/console Alt+F4.
Any choices you make are saved to RAM at first, and the installation can be halted using the Escape key before the point of no return. Nothing is written to your hard disc until you confirm your disk formatting choices.
Read all the instructions provided on each page, and be aware that some pages do not display a slider at the side but may be unable to display all available options unless you scroll down using the keyboard arrow keys.
You may see a "continue" "OK" or "close" option on screen, but it may not be active until you highlight it using the Tab key.
The first page shows a number of installation options, some linking to other pages. Scroll down to ensure that there are no further options on each page, explore the various options, then go back to choose how to start the installation. The installation process will start when you select a line that does not have a link to another page, and then press Return to start the installation. The installer will search for any other operating system present on the computer and make it available before it exits.
You may need the following details:
Language (British English?)
Location (Europe? UK? London?)
You have a choice of Locales, with different language character sets and text coding options such as 7, 8, 16 bit. First a choice of standard default, and then any additional options, including two alternative English-GB versions and many others.
Keyboard type (Standard PC?) Note that damage to a USB connector, or connecting a PS/2 keyboard or PS/2 mouse after the computer is powered, can short out the 5volt power supply and even destroy your computer. These connectors are usually powered from the standby section of the power supply to enable booting from a keyboard, and are only totally safe when the mains power is completely removed.
Keyboard layout. There are both UK (with " above the 2) and US (with @ above the 2) standard keyboards available in the UK. Linux and other Unix compatibles use the \ | and / characters which are not always available.
The installer will search for a CD ROM drive or USB memory, then attempt to load more installer components. All those normally required will be collected automatically, although others will be offered in case of unexpected problems.
The full details of how the computer will connect to and access the internet and any local networks may be found automatically using DHCP, or you can provide the information manually, including IP address, gateway, nameservers, etc. There are international rules which govern the names and addresses used in networking, and there are a few brief notes about networking and TCP-IP addressing in network~addressing but you may wish to refer to The Linux Documentation Project Network Administrators Guide. The safest, most secure, option is to specify the fixed DNS servers provided by your ISP as it will reduce the chances of DNS poisoning.
Computer name (what you intend to call the box)
Network "domain name" (the name of your local area computer network, or if it is to be the only computer, your allocated internet address, unless it is supplied automatically via DHCP). This could be configured later if left blank.
The TCP-IP fixed numerical address, unless allocated by DHCP on connection.
Your ISP should supply any information required to access a DNS server. IPv6 is not yet generally available in the UK, although the installer can use either IPv4 or IPv6, and both are accepted on the installed system. See The Linux Documentation Project Linux+IPv6-HOWTO
Other possibilities include
other DNS servers for emergency use are 220.127.116.11 18.104.22.168 and 22.214.171.124
You will need to provide secure passwords for the system administrator, known as root, and ordinary users. Many distributions require between 6 and 8 characters, with a mixture of upper and lower case letters and numerals; some punctuation marks may also be accepted, but not the delete or backspace keys which continue to perform as normal, and should not be dictionary words in any human language or anything that can be easily guessed. Passwords should be replaced at frequent intervals, and whenever there is any suspicion about security problems. Lifetimes for passwords can be configured later.
User names do not usually contain upper case (capital) letters, while one that begins with a numeral can cause unexpected problems.
Each user will be allocated a numerical uid, and the same user and uid combination should be valid throughout a local network. The first user created by the installation procedure is assumed to be the ordinary username of the owner or administrator, and will be given a standard uid and membership to some standard groups, while other users must be allocated group memberships by the administrator (root), editing /etc/group using vigr with reference to the defaults allocated to the first, but only as required to allow selected users access to necessary facilities.
Additional users can be created later using adduser and will normally be allocated the next available UID, although that can be specified using
adduser --uid nnn username
Debian may direct some important notifications to the first user. The administrator can remove a user later using deluser, but any links and the related home directory will need to be removed manually by the administrator (root).
Note that root is not allowed to log in to the graphical user interface (GUI, X-windows) by default for security reasons, but a normal user can acquire administrator status in a "virtual terminal", see the manual pages "man su" or "man sudo".
The Linux default setting for the internal computer clock is GMT = Coordinated Universal Time, UTC, modified in software with a local time zone offset.
The installer will search for disks to partition and use, listing the current configuration. Several partitioning standards are available, and a suggested method may be highlighted. It will offer help or guidance as well as full manual control. Move the cursor to any line and select Enter to modify the settings.
The original MBR layout can only create up to four Primary partitions on a single disk, so other partitioning systems such as GPT may be suggested. Your choice will depend on disc size and the expected total number of partitions.
You can select Guided partitioning to view what is suggested, then go back, choose your own Manual layout, and complete the formatting. An existing swap partition will be reformatted, and its UUID changed, although other existing partitions can be reused without reformatting if required. Partition names and configuration details will be saved in the file /etc/fstab. The /etc/fstab from any existing operating systems will need to be edited later to enable access to reformatted partitions.
You reach the point of no return when you are required to confirm your partitioning choices as existing data will be lost during formatting.
Most software will work from its default location, although it could be relocated, and any files produced will be placed as configured.
Other software will dump its output in the current working directory. In this case, you will need to ensure that your current working directory is where you need to place the result (using cd).
The following is a typical Unix compatible main directory structure, to include all files required during the initial boot within the / partition. Beware that some computer manufacturers place a small partition at the beginning of the first hard disc containing configuration and maintenance facilities which should not be removed, and may need to be copied to any replacement disc.
The following additional directories would be available in a typical system, and could be located within the main / partition, or placed in separate partitions for convenience, speed, or extra security, (for example to avoid problems with a full directory if a user tries to save a very large amount of data, or a sudden deluge of junk emails fills the mail INBOX).
Others can be added manually.
Files or directories listed may only be a symbolic link (symlink) to the real one located somewhere else. This allows the current agreed standard position to be changed, while older packages can still find the correct files without having to know that they have been moved. Some files may be found in any one of several common locations, which will be listed in search order in a default configuration file.
Putting some directories in separate partitions away from the main / directory may be a good idea, but you may not know in advance how much space to allocate for each one. The simple Debian installation suggests a single / partition plus swap but it does not show individual partition free space problems until the complete disc is full. It is possible to move a complete partition to a spare location to be (sym)linked back to the original location. The space actually taken in a running system can be displayed using the command du.
Another option is to create small partitions, perhaps leaving some spare space or another disc available, and then allocate them using the Logical Volume Manager, LVM, to the various named partitions. Additional unallocated space from any hard disc can be added later to extend the existing partitions. Note that all the sections allocated to a particular use must be present before access is possible, and that may rely on all relevant discs being available in full working condition, although each could be part of a RAID array.
There are filesystem checking and disaster recovery tools for the standard extended file system version 2, and a journal can be added which records the intention to, and completion of, write operations which assists this (it is then called extended version 3, e3fs instead of e2fs). The e3fs, and later e4fs, give greater file security, but the multiple writes can cause problems with streaming multimedia such as audio and video.
The partitioner screen display will show a number of options, move the highlight to any option and select return to enter the configuration dialogue for that option. Partitions to be used for a RAID system must be marked as "use for RAID", then you will be able to configure the multiple disc MD system. Any partition, including any within a software RAID partition, can then be configured as LVM, before finally selecting the format options for each partition.
Start by creating the main partitions, including any to be used as RAID devices or Swap space. Partitions can be created but left unallocated, (although to prevent error messages they should be formatted if they are to be included in the list of partitions in the new system), while existing partitions can remain as they are.
Next save the RAID configuration linking the various partitions, then each RAID group can be further partitioned or formatted as required.
Mark any partitions to be used for LVM, then configure the mount point and intended use of each partition, select those to be formatted or left with existing data, and the bootable partition (normally "/").
It is possible to encrypt entire partitions for maximum security, although this will require additional processor power. It will take a very long time to write encrypted zero bytes to the entire partition so that it is not easy to see where or how much real data is held.
The Debian Base system can be installed once formatting is completed.
You will be offered a kernel that matches the installed microprocessor. The standard kernels supplied are suitable for use with multiple processors, and the default shown will normally be correct. If in doubt, assume an older, simpler type and rely on a more extensive kernel to provide any replacement facilities required. Systems using less than 32-bit commands are no longer provided.
You will also be asked whether you wish to install all generic hardware driver modules to match the kernel, so that changed hardware will probably work immediately, or only those which match the installed hardware to save disk space.
Permission will be requested to send brief anonymous details of your choices of additional software to help the developers determine current trends, although the default is no.
You can accept or reject the option to allow non-free software to be offered for installation, and you will be offered a choice of several standard tasks, such as fileserver, mailserver, nameserver, webserver, database, and/or workstation with desktop window manager.
You may be asked for configuration choices, but most software will be installed with standard Debian defaults.
Default locations for GRUB installation will be offered, then it will be configured to boot any of the installations found on the computer, with the new system listed first.
The clock setting will be checked before the installation is tidied up, the computer shut down, and then restarted.
The current hardware is identified and logged during each boot process to confirm the facilities available, and messages about hardware quirks may appear on screen, although they do not necessarily indicate a fault condition. The administrator can view logs saved to /var/log/ or "pipe" the entire start-up message into more (or less) to show one screenful at a time
dmesg | more
It is possible to replace failed hardware, and the correct replacement software will be used if it is available.
After the initial installation, you may be presented with a plain text virtual terminal or an X-windows screen. Try the command "startx" if an installed X-windows system does not start automatically. You can move between virtual terminal screens using typically Alt+F1 to Alt+F6, with typically Alt+F7 going to the x-window graphical display if available, while you may need to use Ctrl+Alt+F1 to Ctrl+Alt+F6 to switch from a graphical screen to a text terminal. Any active processes should continue in each case, and you can return to them later.
Before you go any further it may be wise to save a backup of the entire /etc directory that contains the majority of configuration files. You can find the total size by logging in as the administrator "root" and using
du -s /etc
then copy the entire directory using something like
cp -R /etc /etc-original
and do something similar for all other packages as they are added. I mark all changes made within /etc by adding very obvious comments, which can help when I need to make further changes, or decide to make a similar installation to another computer later.
Beware that a later installation will probably include updated configuration files, so old versions could be compared line by line but should not be simply re-used.
Once the initial installation has been completed, the file /etc/apt/sources.list should be checked to ensure that the correct list of original Debian and other mirror sites is included. The Debian website provides security and other important updates for installed systems, and should be checked frequently.
If you wish to add other software I suggest you use the search facility on the Packages page of the Debian website to find relevant suggestions.
The default command-line package maintenance system is "apt". You may wish to update the list of available packages by running
see "man apt" for full instructions.
I use the installation and maintenance facility "aptitude" which runs in a text virtual terminal but gives the appearance of a graphical display. It is quick and easy to use, with simple commands and on-screen help. It may not be installed by default, but there may be other similar packages such as synaptic.
Standard commands in aptitude include
There are several email systems available, although none may be installed by default.
Exim4, which used to be installed by default, is designed as a secure 24/7 mail transport system capable of providing everything required even for a huge organisation. It receives, checks, sorts, and delivers emails ready for the user's own email handler. Debian offers either a -lite version, or a -heavy version with facilities for adding spamassassin and anti-virus packages, and either can be configured to provide a range of options. You will need to know whether the computer is normally stand-alone, totally isolated, or has a permanent connection to any other system. It may send and receive all emails direct via SMTP, but many email connections go via a smarthost or mail exchange, usually one provided by the ISP. The computer can itself also act as a smarthost or mail gateway for others. You may wish to handle all local emails on a specific mailserver computer. SpamAssassin or antivirus can be configured to reject junk before the SMTP "Received" confirmation is sent. Run
The initial basic configuration is saved in /etc/exim4/update-exim4.conf.conf with additional configuration options in /etc/exim4.conf.template, or you can edit the split configuration files in /etc/exim4/conf.d.
A default installation of exim4-light may default to local mail only, a lower priority installation may not install any mail handler by default, leaving the full choice of system to you, or you can upgrade it to exim4-heavy to provide the full range of options.
If you have a DMZ provided by a firewall and a separate secure network you can have a mail gateway in the DMZ plus a mail server in the protected area, both running exim4-heavy. The gateway will notify the server (known as a hubbed host) that there is an email incoming and check that the recipient is known to the server. At this time the server has no way of checking the incoming email but it can send a local-rcpt-callout request back to the gateway to security check the sender and the email contents before accepting and forwarding the email. Spamassassin can check the email against internet reference sites, and clam anti-virus maintains a list of known problems, so that the email can be refused instead of accepted. The SA-exim version of spamassassin can even delay sending a refusal for a long time, which can be a problem for well-known senders of junk emails.
You may need to install and configure a separate mail collection system such as fetchmail after the initial installation if you need to collect mail from a server using a protocol such as POP3 or IMAP.
There are many packages available related to email, and you may wish to add something like Dovecot plus advanced security and authorization facilities to build a comprehensive mailserver.
Debian version 9, codename stretch, introduced another management layer called systemd. The first problem I discovered was that packages may be configured to start immediately by default but do not, although they can be started manually. They require to be enabled by systemd using the command
systemctl enable servicename
There various manual pages available,
What do I do now?
Return to foss index
Return to Chrisbell home page