stevepedwards.com/DebianAdmin linux mint IT admin tips info

Mint’s Default Key Net Files After First Install, Reboot and Update and Windows Pings

After a first reboot, an upgrade and adding my main site Wheezy page line Apps I always require:

apt-get update

apt-get upgrade

apt-get install ssh nmap vim automake autoconf module-assistant apache2 x11vnc nbtscan locate libnss-winbind winbind

First, the Mint PC is visible on the net by Windows and vice versa:

The Vigor is my ADSL router, which has Samba enabled, so is visible also:

Now you can get DellMint's and VIGORs IPs from a Win ping:

Windows NETBIOS provides this name to IP translation for a ping, not Samba at present, as I show later.

Now I can set up PuTTY with a name also, as names work from Windows:

Great, now I'm in via SSH, not using an IP:

Now for the Desktop via x11vnc:

stevee@DellMint ~ $ x11vnc -auth guess

Now via TightVNC from Win also with the name:

Mint also sees PCs by name and can access Winshares and its own print$:

So, can it ping names like Windows? No. It has no equal of NETBIOS at install. The VIGOR router has DHCP but no name to IP table for it to ask, only MAC to IP - i.e. no DNS function. Some routers do of course, so you may get name info from it for local pings.

stevee@DellMint ~ $ ping AMDA8

ping: unknown host AMDA8

Mint can see names via SMB though:

stevee@DellMint ~ $ smbtree

Enter stevee's password:

WORKGROUP

\\VIGOR Vigor Samba Server

\\DELLMINT DellMint server (Samba, Linux Mint)

\\DELLMINT\print$ Printer Drivers

\\DELLMINT\IPC$ IPC Service (DellMint server (Samba, Linux Mint))

\\AMDA8

\\AMDA8\Share

\\AMDA8\print$ Printer Drivers

\\AMDA8\Olivetti d-Copia 5200MF KX test share on Steves laptop

\\AMDA8\IPC$ Remote IPC

\\AMDA8\D$ Default share

\\AMDA8\C$ Default share

\\AMDA8\ADMIN$ Remote Admin

\\AMDA8\5200mfPrinterDriversXP_Vista_7 (x64)

Mint can resolve names to IPs with nmblookup:

stevee@DellMint ~ $ nmblookup -S WORKGROUP

192.168.1.11 WORKGROUP<00>

Looking up status of 192.168.1.11

DELLMINT <00> - B <ACTIVE>

DELLMINT <03> - B <ACTIVE>

DELLMINT <20> - B <ACTIVE>

..__MSBROWSE__. <01> - <GROUP> B <ACTIVE>

WORKGROUP <00> - <GROUP> B <ACTIVE>

WORKGROUP <1d> - B <ACTIVE>

WORKGROUP <1e> - <GROUP> B <ACTIVE>

MAC Address = 00-00-00-00-00-00

192.168.1.16 WORKGROUP<00>

Looking up status of 192.168.1.16

AMDA8 <00> - M <ACTIVE>

WORKGROUP <00> - <GROUP> M <ACTIVE>

AMDA8 <20> - M <ACTIVE>

WORKGROUP <1e> - <GROUP> M <ACTIVE>

MAC Address = 38-63-BB-CA-CF-2C

Same for nbtscan:

stevee@DellMint ~ $
nbtscan 192.168.1.1-254/24

Doing NBT name scan for addresses from 192.168.1.1-254/24

IP address NetBIOS Name Server User MAC address

------------------------------------------------------------------------------

192.168.1.11 DELLMINT <server> DELLMINT 00:00:00:00:00:00

192.168.1.16 AMDA8 <server> <unknown> 38:63:bb:ca:cf:2c

192.168.1.1 VIGOR <server> VIGOR 00:00:00:00:00:00

Just to clarify WAN access from Mint, via the router 192.168.1.1 is correct.

stevee@DellMint ~ $ route

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0

192.168.1.0 * 255.255.255.0 U 1 0 0 eth0

All this so far, with no need for smbpasswd or pdbedit. But seeing shares is one thing, doing things with them is another.

Locally I can copy files to the Mint PC from a net share, as expected due to my local user permissions - files on a NAS box to a local USB share - Quadra - that is owned by user stevee:

DellMint stevee # ls -als /media/stevee/Quadra/

4 drwx------ 1 stevee stevee 4096 Dec 8 2013 ZG3_VidTS

So, what is default network access to the Mint PC from Windows then? Win can view the share as stated, but to access it there is security:

Even though the drive and share permissions are for local user ownership (rwx------ 1 stevee stevee ), and full access respectively in smb.conf:

[Quadra]

path = /media/stevee/Quadra

writeable = 1

browseable = 1

create mask = 0777

directory mask = 0777

I cannot access this shared directory with the equivalent user account from Windows or another Mint PC, as the same passwords don't work. I haven't added stevee as an smbuser yet.

This is also the same for the network access on the local Mint PC:

The local password does not work for the workgroup or shares as expected.

Adding a user and same smbpasswd for stevee (or different if you want, for net access for the same user), by root:

DellMint stevee # smbpasswd -a stevee

New SMB password:

Retype new SMB password:

Added user stevee.

Entering the same password and trying now gains access:

What about Win access for the user with the same password that didn't work before? Same, straight in:

So, Samba is working fine at install, with no need for pdbedit, or the old style "security = user" in smb.conf after all.

Also, I can rename and delete files.

That's the basics of network user access at default install. What permissions you set on a share locally and for smb.conf net access users are up to you.

So, what file system setting defaults are allowing this networking to happen at this point?

vi /etc/network/interfaces

# interfaces(5) file used by ifup(8) and ifdown(8)

auto lo

iface lo inet loopback

Note: no need for specific "iface eth0 dhcp/manual" lines etc. any more.

vi /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)

# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

nameserver 127.0.1.1

Note: no need for specific dns server lines etc. any more e.g. 8.8.8.8 for google DNS

stevee@DellMint ~ $ nslookup 8.8.8.8

Server: 127.0.1.1

Address: 127.0.1.1#53

Non-authoritative answer:

8.8.8.8.in-addr.arpa name = google-public-dns-a.google.com.

vi /etc/host.conf

# The "order" line is only used by old versions of the C library.

order hosts,bind

multi on

Presumably, multi means multicast here, and the hosts file is checked first before broadcast requests.

vi /etc/hosts

127.0.0.1 localhost

127.0.1.1 DellMint

# The following lines are desirable for IPv6 capable hosts

::1 ip6-localhost ip6-loopback

fe00::0 ip6-localnet

ff00::0 ip6-mcastprefix

ff02::1 ip6-allnodes

ff02::2 ip6-allrouters

This is why a localhost ping will always work, if the TCP stack works, the local PC is defined by names, and it seems IP v6 is implemented for networks.

Multicast addresses in IPv6 have the prefix ff00::/8.

The hex number FE00 converts to 65024 in Decimal.

The hex number FF00 converts to 65280 in Decimal.

FF01:0:0:0:0:0:0:1    All Nodes Address

FF01:0:0:0:0:0:0:2    All Routers Address

http://www.iana.org/assignments/ipv6-multicast-addresses/ipv6-multicast-addresses.xhtml

vi /etc/hostname

DellMint

Just the PC name in here. Change it and reboot if you like.

vi /etc/nsswitch.conf

# /etc/nsswitch.conf

# Example configuration of GNU Name Service Switch functionality.

# If you have the `glibc-doc-reference' and `info' packages installed, try:

# `info libc "Name Service Switch"' for information about this file.

passwd: compat

group: compat

shadow: compat

hosts: files wins mdns4_minimal [NOTFOUND=return] dns

networks: files

protocols: db files

services: db files

ethers: db files

rpc: db files

netgroup: nis

http://www.howtogeek.com/167190/how-and-why-to-assign-the-.local-domain-to-your-raspberry-pi/

"Conversely, the .local domain, has been officially reserved as a Special-Use Domain Name (SUDN) specifically for the purpose of internal network usage. It will never be configured as a FQDN and as such your custom local names will never conflict with existing external addresses (e.g. howtogeek.local).

The secret sauce that makes the entire local DNS resolution system work is known as Multicast Domain Name Service (mDNS). Confusingly, there are actually two implementations of mDNS floating a."round, one by Apple and one by Microsoft. The mDNS implementation created by Apple is what undergirds their popular Bonjour local network discovery service. The implementation by Microsoft is known as Link-local Multicast Name Resolution (LLMNR). The Microsoft implementation was never widely adopted thanks to its failure to adhere to various standards and a security risk related to which domains could be captured for local use

This may be why linux PCs can't ping Win PCs: different implementation of mDNS - until you add the "wins" part to the nsswitch hosts line?

DHClient.conf is an interesting file I haven't looked at before, which would give linux all it needs if the appropriate servers existed.

vi /etc/dhcp/dhclient.conf

option rfc3442-classless-static-routes code 121 = array of unsigned integer 8;

request subnet-mask, broadcast-address, time-offset, routers,

domain-name, domain-name-servers, domain-search, host-name,

dhcp6.name-servers, dhcp6.domain-search,

netbios-name-servers, netbios-scope, interface-mtu,

rfc3442-classless-static-routes, ntp-servers,

dhcp6.fqdn, dhcp6.sntp-servers;

So what ties all this together? Seems it's the avahi-daemon:

stevee@DellMint ~ $ service avahi-daemon status

avahi-daemon start/running, process 835

man avahi-daemon

DESCRIPTION

The Avahi mDNS/DNS-SD daemon implements Apple's Zeroconf architecture

(also known as "Rendezvous" or "Bonjour"). The daemon registers local

IP addresses and static services using mDNS/DNS-SD and provides two IPC

APIs for local programs to make use of the mDNS record cache the avahi-

daemon maintains. First there is the so called "simple protocol" which

is used exclusively by avahi-dnsconfd (a daemon which configures uni-

cast DNS servers using server info published via mDNS) and nss-mdns (a

libc NSS plugin, providing name resolution via mDNS). Finally there is

the D-Bus interface which provides a rich object oriented interface to

D-Bus enabled applications.

Upon startup avahi-daemon interprets its configuration file

/etc/avahi/avahi-daemon.conf and reads XML fragments from

/etc/avahi/services/*.service which may define static DNS-SD services.


If you enable publish-resolv-conf-dns-servers in avahi-daemon.conf the

file /etc/resolv.conf will be read, too.

So, unless you enable publish-resolv-conf-dns-servers, any required info in /etc/resolv.conf won't be read anyway it seems. So far, that's just the relatively useless self as a nameserver 127.0.1.1. Consequently, /etc/resolv.conf can be ignored by the user in Mint as data is overwritten anyway.

My second Mint PC seems to have "acquired" my ISPs DNS and placed it here though, maybe since other packages have been added like winbind?:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)

# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN

nameserver 212.159.6.9

nameserver 212.159.6.10

stevee@MintPC100 ~ $ nslookup 212.159.6.9

Server: 212.159.6.9

Address: 212.159.6.9#53

Non-authoritative answer:

9.6.159.212.in-addr.arpa name = cdns01.plus.net.

So, looks like the correct setup of Avahi is key, so what can be tweaked - if anything - to make Mint ping names? Can it browse your workgroup as its main domain for example, or alter the default suffix? The main defaults are:

DellMint stevee # cat /etc/avahi/avahi-daemon.conf

# This file is part of avahi.

# avahi is free software; you can redistribute it and/or modify it

# under the terms of the GNU Lesser General Public License as

# published by the Free Software Foundation; either version 2 of the

# License, or (at your option) any later version.

# avahi is distributed in the hope that it will be useful, but WITHOUT

# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY

# or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public

# License for more details.

# You should have received a copy of the GNU Lesser General Public

# License along with avahi; if not, write to the Free Software

# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307

# USA.

# See avahi-daemon.conf(5) for more information on this configuration

# file!

[server]

#host-name=foo

#domain-name=local

#browse-domains=0pointer.de, zeroconf.org

use-ipv4=yes

use-ipv6=yes

#allow-interfaces=eth0

#deny-interfaces=eth1

#check-response-ttl=no

#use-iff-running=no

#enable-dbus=yes

#disallow-other-stacks=no

#allow-point-to-point=no

#cache-entries-max=4096

#clients-max=4096

#objects-per-client-max=1024

#entries-per-entry-group-max=32

ratelimit-interval-usec=1000000

ratelimit-burst=1000

[wide-area]

enable-wide-area=yes

[publish]

#disable-publishing=no

#disable-user-service-publishing=no

#add-service-cookie=no

#publish-addresses=yes

#publish-hinfo=yes

#publish-workstation=yes

#publish-domain=yes

#publish-dns-servers=192.168.50.1, 192.168.50.2

#publish-resolv-conf-dns-servers=yes

#publish-aaaa-on-ipv4=yes

#publish-a-on-ipv6=no

[reflector]

#enable-reflector=no

#reflect-ipv=no

[rlimits]

#rlimit-as=

rlimit-core=0

rlimit-data=4194304

rlimit-fsize=0

rlimit-nofile=768

rlimit-stack=4194304

rlimit-nproc=3

Looks like you could change a few things in there to suit you requirements.

man avahi-daemon.conf

It defaults to .local suffix when the domain is left commented out:

" domain-name= Set the default domain name avahi-daemon tries to register

its host name and services on the LAN in. If omitted defaults to

".local"."

That is why you can ping another Mint PC with this suffix, but not without it.

DellMint stevee # ping MintPC100

ping: unknown host MintPC100

DellMint stevee # ping MintPC100.local

PING MintPC100.local (192.168.1.11) 56(84) bytes of data.

64 bytes from 192.168.1.11: icmp_seq=1 ttl=64 time=5.62 ms

This suffix still doesn't work with Win PCs though.

DellMint stevee # ping AMDA8.local

ping: unknown host AMDA8.local

So, can you remove the default and set no suffix? No:

[server]

#host-name=foo

domain-name=

What about an alternative? .WORKGROUP

No.

With all the rest working OK, what is PING reliant on that makes it unable to resolve names on the local net? It works for the WAN, so is it whether a local DNS server is running or not?:

stevee@DellMint ~ $ ping bbc.co.uk

PING bbc.co.uk (212.58.244.20) 56(84) bytes of data.

64 bytes from fmt-vip71.telhc.bbc.co.uk (212.58.244.20): icmp_seq=1 ttl=56 time=29.3 ms

Anything in man regarding DNS? Nope...but some info on general use.

man ping

When using ping for fault isolation, it should first be run on the

local host, to verify that the local network interface is up and run-

ning. Then, hosts and gateways further and further away should be

``pinged''. Round-trip times and packet loss statistics are computed.

If duplicate packets are received, they are not included in the packet

loss calculation, although the round trip time of these packets is used

in calculating the minimum/average/maximum round-trip time numbers.

When the specified number of packets have been sent (and received) or

if the program is terminated with a SIGINT, a brief summary is dis-

played. Shorter current statistics can be obtained without termination

of process with signal SIGQUIT.

If ping does not receive any reply packets at all it will exit with

code 1. If a packet count and deadline are both specified, and fewer

than count packets are received by the time the deadline has arrived,

it will also exit with code 1. On other error it exits with code 2.

Otherwise it exits with code 0. This makes it possible to use the exit

code to see if a host is alive or not.

This program is intended for use in network testing, measurement and

management. Because of the load it can impose on the network, it is

unwise to use ping during normal operations or from automated scripts.

Traceroute and tracepath fail for the same local server reasons, but traceroute is blocked by many ISPs externally for security reasons:

stevee@DellMint ~ $ traceroute6 AMDA8

traceroute: unknown host AMDA8

stevee@DellMint ~ $ traceroute6 bbc.co.uk

traceroute: unknown host bbc.co.uk

DellMint stevee # tracepath6 AMDA8

getaddrinfo: Name or service not known

But, tracepath works externally:

stevee@DellMint ~ $ tracepath bbc.co.uk

1?: [LOCALHOST] pmtu 1500

1: 192.168.1.1 0.453ms

1: 192.168.1.1 0.424ms

2: lo0.13.central13.ptn-bng01.plus.net 36.904ms

3: irb.13.ptw-cr01.plus.net 40.641ms

Yay! I finally found how to get Lin to ping Win PCs:

https://www.zulius.com/how-to/resolve-windows-netbios-names-from-linux/

You need winbind AND libnss-winbind AND add the wins line in /etc/nsswitch.conf:

DellMint stevee # ping AMDA8

ping: unknown host AMDA8

DellMint stevee # apt-get install libnss-winbind winbind

DellMint stevee # ping AMDA8

ping: unknown host AMDA8

vi /etc/nsswitch.conf

hosts: files wins mdns4_minimal [NOTFOUND=return] dns

MintPC100 stevee #
ping AMDA8

PING AMDA8 (192.168.1.16) 56(84) bytes of data.

64 bytes from 192.168.1.16: icmp_seq=1 ttl=128 time=0.377 ms

Comments are closed.

Post Navigation