stevepedwards.com/DebianAdmin linux mint IT admin tips info

New Mint 17.2 Rafaela Install – Beginner’s Base Functionality Setups?

http://www.linuxmint.com/download.php

32 or 64 bits .isos

Once the install has been done and rebooted into, there are many steps that can left out from the OLD main page Wheezy example, as Mint is so much more functional "out of the box".

There is no need to set up samba immediately to copy network files TO the PC for example, as Mint is already network aware on a shared Win7 and Win8 PC network, with just the admin print share showing for the Mint Dell531 PC when clicked, so you can copy net files you have access to, to your home directory that you have write rights to, for example:

This is great for beginners, as it means no dealing with a daunting /etc/samba/smb.conf file just to get some network access started – streaming a video using Banshee from a share for example.

The first thing though, is that the file system is owned by root, so to create a shared folder accessible by many different users, you need to change its attributes.

As root, you need to create a folder, say /Share:

mkdir /Share/

Now set its permissions recursively (just to be sure all later subfolders are also accessible) for User, Group and Others (UGO) to 777 - but BEWARE - on a public network, permissions set at 777 are world writeable so completely insecure - but on a firewalled home network it should be ok to start, it is the easiest way (for now - but research file permissions by reading my free Mint Course PDFs)

http://www.stevepedwards.com/DebianAdmin/tutuors-linux-mint-introduction-course-material-60/

to get you sharing safely and understanding how to set permissions and accounts securely.

If you are new to Linux and just need to get things done now:

chmod -R 777 /Share/

Now you can see the attributes of the main directory (d) are read, write, exe for all 3 groups:

ls -als /Share/

4 drwxrwxrwx 3 root root 4096 Jul 2 19:15 .

Root user and root group still own it but now my user – stevee – can copy files to it from the Win PCs via the Desktop, after I show the Network folder on my desktop, using the GUI switches via Menu/Preferences/Desktop:

Now the Share folder can be written to locally, so files can be copied to it from other net shares my user – stevee - has access to - even though it is not shared on the network yet - using copy and paste, or drag, even though I am not root when logged into my desktop, and I don't own the folder:

Once copied, the subfolder and files are visible:

Now the subfolder also shows with rwx attributes also, but belongs to root, but the files belong to me:

ls -als /Share/MintDownloads/

total 3131904

4 drwxrwxrwx 2 stevee stevee 4096 Jul 2 18:46 .

4 drwxrwxrwx 3 root root 4096 Jul 2 19:15 ..

25316 -rwxrwxrwx 1 stevee stevee 25921630 Jun 26 20:07 cav-linux_1.1.268025-1_amd64.deb

47092 -rwxrwxrwx 1 stevee stevee 48218554 Apr 18 2014 google-chrome-stable_current_amd64.deb

1464324 -rwxrwxrwx 1 stevee stevee 1499463680 Jul 2 10:49 linuxmint-17.2-cinnamon-32bit.iso

1593092 -rwxrwxrwx 1 stevee stevee 1631322112 Jul 2 11:35 linuxmint-17.2-cinnamon-64bit.iso

2072 -rwxrwxrwx 1 stevee stevee 2119958 Apr 19 2014 TLCL-13.07.pdf

So how am I showing this via VNC, as some may have noticed, and are there any changes from the Wheezy install or prior Mint examples to get this VNC set up?

SSH still has to be installed before the x11vnc connection can be made via Windows Tightvnc, and Mint is sensible enough to explain how if you don't know, with a simple cmd line info addition that other distros should have done decades ago.

For example, if you type sshd, Mint tells you it's not installed, but what command to use to do it:

Dell531 stevee # sshd

The program 'sshd' is currently not installed. You can install it by typing:

apt-get install openssh-server

then:

Dell531 stevee # sshd

sshd re-exec requires execution with an absolute path

Dell531 stevee # locate sshd

/etc/pam.d/sshd

/etc/ssh/sshd_config

/etc/systemd/system/sshd.service

/usr/lib/tmpfiles.d/sshd.conf

/usr/sbin/sshd

/usr/share/doc/openssh-client/examples/sshd_config

/usr/share/man/man5/sshd_config.5.gz

/usr/share/man/man8/sshd.8.gz

/var/lib/systemd/deb-systemd-helper-enabled/sshd.service

Dell531 stevee # /usr/sbin/sshd

Fantastic! How much user frustration and lost research time could have been averted years ago by this info? It does the same for available but possibly unknown (to the user) or forgotten exact package names, a with apt-get using Tab completion, AND switch completion (Wow!) for progs like rsync --progress:

Dell531 MintDownloads # apt-get install gpart[TAB KEY]

gpart gparted

Ok, so the SSH server daemon is running, so let's install ssh and test it by connecting to myself:

apt-get install ssh

ssh stevee@127.0.0.1

The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.

ECDSA key fingerprint is 0b:19:07:af:d5:42:21:a0:a8:4d:8d:a8:7d:28:be:a9.

Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added '127.0.0.1' (ECDSA) to the list of known hosts.

stevee@127.0.0.1's password:

Welcome to Linux Mint 17.2 Rafaela (GNU/Linux 3.16.0-38-generic x86_64)

Let's see the sockets showing open:

Dell531 stevee # netstat | grep ssh

tcp 0 0 localhost:ssh localhost:44192 ESTABLISHED

tcp 0 0 localhost:44192 localhost:ssh ESTABLISHED

Fine, SSH is working locally, so now a connection can be tried from Windows via PuTTy:

Install x11vnc, possibly find the correct authority if it drops when setting the X authority for stevee's X Desktop session:

apt-get install x11vnc

x11vnc –findauth

xauth: file /root/.Xauthority does not exist

XAUTHORITY=/var/lib/mdm/:0.Xauth

x11vnc -auth /home/stevee/.Xauthority -display :0



If that does not work I find this always does:

x11vnc -auth guess

If that SSH connection stays open, then open TightVNC in Win, and connect via port 5900:



If you connect from another linux box instead of Windows, then use:

xtightvncviewer servername

Now, it's time to get full network shares set up using samba and creating a share in the /etc/samba/smb.conf file. You have to be root to write to this file. If not you get:

So as root:

apt-get install vim

to edit and add:

[homes]

comment = Home Directories

browseable = 1

read only = 0

create mask = 0755

directory mask = 0755

valid users = %S

[Share]

path = /Share

writeable = yes

browseable = yes

Also, I never noticed before, but as soon as you activate a setting in the smb.conf file, it is active on the net share, before you save smb.conf, so you don't have to restart samba after. Because of valid users = %S, you need to log on to the share:

BUT – you can't yet – you have to have a samba password for your user e.g. stevee:

sudo smbpasswd -a stevee
[sudo] password for stevee:
New SMB password:
Retype new SMB password:

Immediate access after pword entry:

So, what's in the folder that I copied from the Win PCs to the new install that is standard for my personal setup nowadays? Comodo AV and Google Chrome.

I've covered Comodo recently, and both these Apps are .deb packages (Debian) so can be installed with:

dpkg -i google-chrome-stable_current_amd64.deb

google-chrome-stable depends on libcurl3; however:

Package libcurl3 is not installed.

apt-get install libcurl3

That's the main aspects of immediate functionality I always personally need above most else on a linux box;

CAV, SSH/PuTTY access, VNC, Chrome Browser for gmail, and Samba for netshares.

Most other useful Apps I used to have to install manually are already in Mint by default e.g.:

AV viewers like Banshee,VLC; DVD burner like Brasero, Libre Office, and other nice GUIs. Only Gparted, as a really useful disk partitioner is missing, for my personal preference and historical use mileage – its saved my bacon many times when fixing Windows installations. It goes in the Apps list once installed by apt-get anyway.

The GUI package updater makes admin tasks for the cmd line novice easy:

So, what's left of my usual installs? Apache as a local webserver; MySQL, and "PHP search and replace" to be able to run my WordPress sites locally mainly. See that Post.

This setup is ok for an isolated home, single user network, but what about mixed Win/Lin user environments with multiple users accessing (reading, writing, executing or deleting) each others shares/files (or not!) and retaining ownership through understanding file security permissions? That's a later Post....(now here):

http://www.stevepedwards.com/DebianAdmin/tutuors-linux-mint-introduction-course-material-60/

If your Mint PC is struggling with name resolution, check what name it can read or not with:

arp -a
Acer1 (192.168.1.11) at 00:16:d4:5c:7a:95 [ether] on eth0
MintPC100 (192.168.1.13) at 00:12:3f:cc:55:c0 [ether] on eth0
? (192.168.1.1) at 00:50:7f:e6:d1:b8 [ether] on eth0

Just for now, if you want to find some PC names and get some netPC names to IP address resolution working (also install and read about winbind and it's libs; the /etc/nsswitch.conf file, and it's "wins" line on the main page to ping by PC name):

nmblookup Dell531
192.168.1.12 Dell531<00>

For multiple PCs:

nmblookup MintPC100 Dell531 Acer1 >> /etc/hosts

This puts the IPs and names into the /etc/hosts file, but remove the <00> :

vi /etc/hosts

27.0.0.1 localhost
127.0.1.1 Dell531

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
192.168.1.11 Acer1
192.168.1.13 MintPC100
192.168.1.12 Dell531

Now you should be able to ping by name:

ping MintPC100
PING MintPC100 (192.168.1.13) 56(84) bytes of data.
64 bytes from MintPC100 (192.168.1.13): icmp_seq=1 ttl=64 time=0.171 ms
64 bytes from MintPC100 (192.168.1.13): icmp_seq=2 ttl=64 time=0.157 ms

Also try:

smbtree

Enter root's password:
WORKGROUP
\\VIGOR Vigor Samba Server
\\MINTPC100 MintPC100 server (Samba, Linux Mint)
\\MINTPC100\homes Home Directories
\\MINTPC100\print$ Printer Drivers
\\MINTPC100\Storebird
\\MINTPC100\IPC$ IPC Service (MintPC100 server (Samba, Linux Mint))
\\DELL531 Dell531 server (Samba, Linux Mint)
\\DELL531\Lexmark-2600-Series Lexmark 2600 Series
\\DELL531\homes Home Directories
\\DELL531\print$ Printer Drivers
\\DELL531\Share
\\DELL531\Quadra
\\DELL531\IPC$ IPC Service (Dell531 server (Samba, Linux Mint))
\\ACER1 Acer1

This does not mean these names are being resolved to IPs though, unless in the hosts file. Once in, you should be able to smb mount shares by name instead of ip address:

Dell531 stevee # mount -t cifs //MintPC100/Storebird /MintPC100/ -o user=stevee
Password for stevee@//MintPC100/Storebird:

*******
Dell531 stevee # ls /MintPC100/
Chrome College CV Files MintDownloads SwitchCommunity www

Between these two commands you should be able to tell what has not been broadcast/propagated yet e.g. for an "invisible" newly rebooted Dell:

MintPC100 stevee # arp -a
? (192.168.1.10) at 00:1a:a0:5d:1d:ad [ether] on eth0
Acer1 (192.168.1.11) at 00:16:d4:5c:7a:95 [ether] on eth0
VIGOR.router (192.168.1.1) at 00:50:7f:e6:d1:b8 [ether] on eth0
Dell531 (192.168.1.12) at <incomplete> on eth0

The local PC (MintPC100) doesn't know its own name yet, or the Dell's MAC addr!

This could be the routers fault too - check it has relevant names in its arp/dhcp tables:

DraytekARP.jpg

Or, best yet

stevee@hpmint ~ $ nbtscan 192.168.1.2-20
Doing NBT name scan for addresses from 192.168.1.2-20

IP address NetBIOS Name Server User MAC address
------------------------------------------------------------------------------
192.168.1.6 HPMINT <server> HPMINT 00:00:00:00:00:00
192.168.1.4 DELLMINT <server> DELLMINT 00:00:00:00:00:00
192.168.1.3 PIBLANC <server> PIBLANC 00:00:00:00:00:00
192.168.1.10 PINOIR <server> PINOIR 00:00:00:00:00:00
192.168.1.7 AMDA8 <server> AMDA8 00:00:00:00:00:00

 

Comments are closed.

Post Navigation