Debian Tips

Changing the Hostname

Basically /etc/hostname must contain only the host name, not the fully qualified domain name.

How the domain name is determined varies according to your setup (getting it either from a DNS service or from /etc/hosts). See man hostname for details, but often it'll be read from /etc/hosts which has an entry that includes the fully qualified domain name, either for 127.0.0.1 or for the static IP address if you have one. It seems to need to be the first entry for the particular IP address, e.g.

$ head -n 2 /etc/hosts
82.71.196.65 www.mydomain.com www
127.0.0.1 localhost localhost.localdomain

or if only local interface, (but not very sure about this) or what to do if using DHCP:

$ head -n 1 /etc/hosts
127.0.0.1 www.mydomain.com www localhost localhost.localdomain

The hostname is now maintainedon Debian using systemd, specifically the hostnamectl command (see man hostnamectl). E.g.

$ sudo hostnamectl set-hostname www

Edit /etc/hosts to use the new hostname.

To check that all is correct:

$ hostnamectl hostname
www
$ hostname
www

$ hostname --fqdn
www.mydomain.com

See also http://www.debian.org/doc/manuals/reference/ch-gateway.en.html

Re-create Host SSH Keys

$ ssh-keygen -A

See https://serverfault.com/questions/471327/how-to-change-a-ssh-host-key

Package Management

Specifying the interface and priority

Run the following to change either the interface you wish to use during package installs or the level of configuration questions you are prompted for.

  • dpkg-reconfigure debconf

The defaults are usually 'Dialog' and 'medium'

Reinstalling

Extract from http://lists.debian.org/debian-user/2004/10/msg01103.html

<quote>
The following command will reinstall all packages on your system:

COLUMNS=200 dpkg -l | awk '/^ii/ {print $2}' | xargs apt-get --reinstall install
</quote>

Reboot Required Notifications

Install the update-notifier-common package.

The presence of the file /var/lib/update-notifier/updates-available indicates that updates are available.

The presence of the file /var/run/reboot-required indicates the system needs rebooting after an update.

Running /usr/lib/update-notifier/apt-check --human-readable outputs a summary of the number of packages that can be updated.

Running /usr/lib/update-notifier/update-motd-reboot-required indicates whether a reboot is required.

Finding Obsolete Packages

$ apt-show-versions | egrep -v -e uptodate

See https://lists.debian.org/debian-user/2015/01/msg00358.html for more information.

Package Versions

  • apt-show-versions | grep /testing

Package Priority

The following shows which package the apt mechanism is choosing

  • apt-cache policy mypackage

To show the priority of each source

  • apt-cache policy

For example:

cat /etc/apt/sources.list

deb http://security.debian.org/ stable/updates main contrib non-free
deb http://ftp.uk.debian.org/debian/ sarge main contrib non-free
deb http://ftp.uk.debian.org/debian-non-US sarge/non-US main contrib non-free
deb http://ftp.uk.debian.org/debian/ etch main
deb http://volatile.debian.net/debian-volatile sarge/volatile main contrib non-free

cat /etc/apt/apt.conf

APT
{
    Default-Release "stable";
    Clean-Installed "false";
    Get
    {
        List-Cleanup "true";
    };
};

Note: the 'Default-Release' statement gives that source a priority of '990'

$ cat /etc/apt/preferences
Package: *
Pin: release o=volatile.debian.net,a=sarge,l=debian-volatile
Pin-Priority: 999

Package: *
Pin: release a=testing,o=Debian
Pin-Priority: -10

Pinning a Specific Version

$cat /etc/apt/preferences
Package: linux-image-2.6.32-5-686
Pin: version 2.6.32-39squeeze1
Pin-Priority: 990

Use a Pin-Priority of 1000 to stop a version being replaced. Use 1001 to force a downgrade of a package (see Downgrading below.

To revert to an older version of an installed package, it may be necessary to uninstall the package and install the older package using dpkg, before the pin-priority is properly displayed by apt-cache policy e.g.

$ cat /etc/apt/preferences.d/01_firefox
Package: firefox
Pin: version 46.0.1-1~bpo80+1
Pin-Priority: 990

Package: firefox-l10n-en-gb
Pin: version 46.0.1-1~bpo80+1
Pin-Priority: 990

$ apt-cache policy firefox
firefox:
  Installed: 47.0-1~bpo80+1
  Candidate: 47.0-1~bpo80+1
  Package pin: (not found)
  Version table:
 *** 47.0-1~bpo80+1 990
        500 http://mozilla.debian.net/ jessie-backports/firefox-release i386 Packages
        100 /var/lib/dpkg/status

$ sudo apt-get remove firefox

$ cd /var/cache/apt/archive
$ sudo dpkg -i firefox_46.0.1-1~bpo80+1_i386.deb firefox-l10n-en-gb_46.0.1-1~bpo80+1_all.deb 

$ apt-cache policy firefox firefox-l10n-en-gb
firefox:
  Installed: 46.0.1-1~bpo80+1
  Candidate: 46.0.1-1~bpo80+1
  Package pin: 46.0.1-1~bpo80+1
  Version table:
     47.0-1~bpo80+1 990
        500 http://mozilla.debian.net/ jessie-backports/firefox-release i386 Packages
 *** 46.0.1-1~bpo80+1 990
        100 /var/lib/dpkg/status
firefox-l10n-en-gb:
  Installed: 46.0.1-1~bpo80+1
  Candidate: 46.0.1-1~bpo80+1
  Package pin: 46.0.1-1~bpo80+1
  Version table:
     47.0-1~bpo80+1 990
        500 http://mozilla.debian.net/ jessie-backports/firefox-release i386 Packages
 *** 46.0.1-1~bpo80+1 990
        100 /var/lib/dpkg/status

See also How to keep specific versions of packages installed (complex)

Downgrading

To downgrade from testing to stable

Set up your /etc/apt/preferences as follows:

    Package: *
    Pin: release a=stable
    Pin-Priority: 1001

    Package: *
    Pin: release a=testing
    Pin-Priority: 60

    Package: *
    Pin: release a=unstable
    Pin-Priority: 50

You also might need to temporarily remove APT::Default-Release "stable" from /etc/apt/apt.conf as it seems to prevent downgrading

Then run

# apt-get --dry-run dist-upgrade

Remove the --dry-run option once it all looks OK.

Use

$ apt-show-versions | grep /testing

To find any remaining packages. Some packages are risky to downgrade, e.g. libc6, so don't worry if not absolutely everything downgrades. For further hints on removing packages that fail to downgrade:

See also Downgrading report from testing to stable

-- Frank Dean - 16 Mar 2007

To downgrade a specific package version:

    Package: openssl
    Pin: version 0.9.8o-4squeeze13
    Pin-Priority: 1001

    Package: libssl0.9.8
    Pin: version 0.9.8o-4squeeze13
    Pin-Priority: 1001

-- Frank Dean - 15 Feb 2013

Removing packages with broken scripts

The install/remove scripts are all under /var/lib/dpkg/info/ named by their package.

If you can't fix the script, you can have it ignore errors by removing the '-e' flag to #!/bin/sh or comment out the 'set -e' line in the script.

See http://www.debian-administration.org/articles/251

-- Frank Dean - 20 Mar 2007

List of removed packages with configuration files

Use the grep-status tool from the dctrl-tools package:

$ grep-status -n -sPackage -FStatus config-files

-- Frank Dean - 19 Mar 2011

Repository

http://www.debian.org/doc/manuals/repository-howto/repository-howto

Updating packages from ISO CD/DVD image

  1. Create an entry in /etc/fstab to mount the ISO image as a loop device:

    # cat << EOF >>/etc/fstab
    /tmp/debian-6.0.3-i386-DVD-1.iso /media/apt iso9660 ro,loop=/dev/loop0,noauto 0 0
    EOF
    

    Note: The mount point must be /media/apt as apt-cdrom in Debian 6.0 (Squeeze) seems to ignore any other, even when using the -d paramater or specifying Acquire::cdrom::mount "/mnt/iso" etc. However, with Debian 5.0 (Lenny) it is sufficient to simply use apt-cdrom -d=/media/apt add

  2. Mount the ISO image

    # mount /media/apt
    
  3. Edit /etc/apt/sources.list and add an entry for the ISO file

    deb file:///media/apt squeeze main contrib
    
  4. Update the package list

    # apt-get update
    

Sometimes it is necessary to start with a fresh CD list. If so, delete /var/lib/apt/cdroms.list.

See http://ubuntuforums.org/archive/index.php/t-35807.html

Disabling Beeps

Disabling Beep on Shutdown

Debian 6.0 (Squeeze) has introduced an annoying beep from the PC Speaker on shutdown. Debian 7.0 (Wheezy) has included another module that also needs disabling (snd_pcsp). All PC Speaker noise can be disabled by removing the modules from the kernel.

$ sudo modprobe -r pcspkr
$ sudo modprobe -r snd_pcsp

Adding it to the module blacklist stops it being reloaded in the future. Append the following to /etc/modprobe.d/blacklist.conf

# Stop annoying beep on shutdown by disabling pc speaker
blacklist pcspkr
blacklist snd_pcsp

-- Frank Dean - 27 Feb 2011

Disable Beep in Firefox

  1. Enter about:config in Firefox address bar
  2. Search for accessibility.typeaheadfind.enablesound
  3. Set the value to false
  4. Restart Firefox

Ref: http://superuser.com/questions/787378/firefox-how-to-turn-off-beep-on-error

-- Frank Dean - 9 Jan 2016

Disable Beep in Emacs

Add (setq visible-bell 1) to your .emacs file.

Ref: http://www.emacswiki.org/emacs/AlarmBell

-- Frank Dean - 9 Jan 2016

Disable Beep in X11

e.g. xpdf beeps if you try to page beyond the last page

    $ xset b off

Chkrootkit

False reports of LKM Trojan

http://lists.debian.org/debian-user/2004/03/msg00282.html

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=222179

Logcheck

The 'Security Events' section of the report is handled a little differently to the other sections. Regular expressions in files under /etc/logcheck/violations.d/ cause entries to be included in the 'Security Events' section. To exclude some specific cases from the report, add exclusion regular expressions in files named /etc/logcheck/violations.ignore.d/logcheck-XXXX where XXX is the basename of the corresponding file in /etc/logcheck/violations.d/.

E.g. /etc/logcheck/violations.d/sudo contains expressions where matches are included in the report. /etc/logcheck/violations.ignore.d/logcheck-sudo includes expressions that will be excluded. Note: that the filenames must adopt this naming convention to be included. Other files not following that pattern are ignored.

-- Frank Dean - 14 Aug 2023

Producing and using website statistics

http://www.debian-administration.org/articles/85

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341308

Automount with Gnome

Make sure Gnome is set to automount devices. Desktop | Preferences | Removable Drives and Media

Add your user name to the plugdev group

  • grep plugdev /etc/group
  • sudo adduser me plugdev

Logout and log back in and automounting should be working!

System Services

The default Debian run-level is 2. To change the default run-level, edit the initdefault entry in the /etc/inittab file. E.g. To change to run-level 3, set initdefault as follows:

id:3:initdefault:

See RunLevel in the Debian Wiki for more information.

Changing Default Services

Debian 6.0 (Squeeze) introduced a new method of starting services. See LSBInitScripts DependencyBasedBoot.

Legacy support remains for the old style of booting. The insserv utility issues a warning where the default start and stop values specified in the /etc/init.d/xxxx script are inconsistent with the legacy method of creating symbolic links in /etc/rc.x directories. Install the sysv-rc-conf package and run the sysv-rc-conf command-line utility as root to change the legacy symbolic links. Then run insserv again to check that the links are consistent. E.g.

$ sudoedit /etc/init.d/apache2
$ sudo sysv-rc-conf
$ sudo insserve apache2

Debian 8 (Jessie) introduced using systemd for starting and managing services.

  • Default systemd init is defined as a symbolic link usually at either /lib/systemd/system/default or /etc/systemd/system/default the latter taking precedence.

Boot command line

To see how the system was booted:

    $ cat /proc/cmdline

Update Alternatives

Debian uses a system to set a system wide default for some programs. Note that some desktop managers may have their own way of settings these interactively via the menu. Additionally, some applications may set their own defaults when they launch other applications. E.g. ClawsMail.

To see the various alternatives:

    $ sudo update-alternatives --get-selections

Change an alternative interactively with:

    $ sudo update-alternatives --config x-www-browser

To set a specific alternative, typically used from a script:

    $ sudo update-alternatives --set x-www-browser /usr/bin/iceweasel

To see all the possible targets for a link group:

    $ sudo update-alternatives --list editor

To see the current state of an alternative:

    $ sudo update-alternatives --display editor

To return the behaviour to automatic selection:

    $ sudo update-alternatives --auto editor

Default Editor

Administrators who wish to change the default editor for all users will have to update the alternatives system using:

Adminstrator can update the default editor with:

     # update-alternatives --config editor

Users should define the EDITOR environment variable by including the following lines in their profile:

     EDITOR=vi
     export EDITOR
     alias editor=$EDITOR

Default Web Browser

Use update-alternatives to change the default web browser.

    $ sudo update-alternatives --set x-www-browser /usr/bin/iceweasel

If you're using Gnome:

    $ sudo update-alternatives --set gnome-www-browser /usr/bin/iceweasel

Installing and building from source packages

http://www.uk.debian.org/doc/manuals/debian-faq/ch-pkg_basics.en.html#s-sourcepkgs

$ apt-get source foo
$ : Check for build dependencies
$ sudo apt-get build-dep foo

Use '--download-only' for the apt-get source command if you do not want the download to be unpacked.

To build, download the .dsc, .tar.gz and .diff.gz source files.

If they need extracting into a package subdirectory:

$ dpkg-source -x foo_version-revision.dsc

To compile the binary:

$ cd foo_version-revision
$ dpkg-buildpackage -rfakeroot -b

Add '-tc' to the dpkg-buildpackage command to clear the directory tree after the build completes, i.e.

$ cd foo_version-revision
$ dpkg-buildpackage -rfakeroot -b -tc

The deb package will be created in the directory above the build directory.

If can then be installed with:

# dpkg -i ../foo_version-revision_arch.deb

Extracting Debian Binary Package

$ dpkg-deb -x mypackage.deb target_dir

Fixing mpg123

Running mpg123 under Debian 5 (Lenny) results in the following error:

[module.c:110] error: Failed to open module alsa: file not found

See Bug #561857

Fix by running with a specified library path:

$ LD_LIBRARY_PATH=/usr/lib/mpg123 mpg123 myfile.mp3

or use mp3blaster instead ;-)

-- Frank Dean - 3 Apr 2010

NetworkManager

In Debian 6.0 (Squeeze), disabling 'wireless' in the network manager is forgotten when resuming from sleep, etc.

The simplest solution is to disable wireless using vendor specific methods, where possible. E.g. Lenovo T500 ThinkPad by pressing Fn-F5 combination until wireless indicator LED is extinguished.

-- Frank Dean - 10 Mar 2010

Wi-Fi Dropouts

Debian 6.0 (Squeeze) may frequently drop Wi-Fi connections with dmesg showing errors similar to deauthenticated from xx:xx:xx:xx:xx:xx: (Reason: 2). It seems disabling power management with sudo iwconfig <iface> power off fixes the issue.

-- Frank Dean - 21 Jul 2011

Flash Player

Install the flashplugin-nonfree package.

$ sudo update-flashplugin-nonfree --install --verbose

See also http://wiki.debian.org/FlashPlayer

Upgrading Flash Player

    $ sudo update-flashplugin-nonfree --install

Flash NPAPI Development for Linux Discontinued

Adobe announced in February 2012 that it will discontinue development of Flash Player for Linux, except for the Chrome browser. Security support for the version 11.2 will be provided for 5 years from its release.

Fonts

Chinese etc.

Install the following fonts:

xfonts-intl-chinese xfonts-intl-chinese-big xfonts-intl-japanese \ xfonts-intl-japanese-big xfonts-intl-asian xfonts-intl-arabic \ xfonts-intl-european ttf-arphic-bkai00mp ttf-arphic-bsmi00lp \ ttf-arphic-gbsn00lp ttf-arphic-gkai00mp ttf-arphic-ukai ttf-arphic-uming

I'm not sure these are all needed, but installing these packages worked for me.

-- Frank Dean - 30 Mar 2011

Video Drivers

http://pkg-xorg.alioth.debian.org/faq/general.html

http://pkg-xorg.alioth.debian.org/reference/squeeze-backports.html

http://backports.debian.org/

Installing from within Windows

There is a utility called win32-loader.exe that provides the facility to download Debian installers and seamlessly reboot into them.

See http://lists.debian.org/debian-devel-announce/2011/12/msg00001.html

-- Frank Dean - 10 Jan 2012

ssh-agent

When using ssh-add and you get an error like:

Could not open a connection to your authentication agent.

Run the following command so that the current shell knows where to find ssh-agent

eval "$(ssh-agent)"

http://unix.stackexchange.com/questions/48863/ssh-add-complains-could-not-open-a-connection-to-your-authentication-agent/48868#48868

-- Frank Dean - 27 Feb 2014

Locale and UTF-8

Note. The Debian Wiki for Locale states:

"Using LC_ALL is strongly discouraged as it overrides everything. Please use it only when testing and never set it in a startup file."

Trouble-shooting

  1. rsyslogd0: action 'action 19' resumed (module 'builtin:ompipe') errors in syslog file

    Comment out the following lines at the end of /etc/rsyslog.conf:

    daemon.*;mail.*;\
    news.err;\
    *.=debug;*.=info;\
    *.=notice;*.=warn       |/dev/xconsole
    

    Then restart the rsyslog service:

    $ sudo systemctl restart rsyslog.service
    

    See:

    -- Frank Dean - 11 Mar 2017

  2. ntpd[nnn]: receive: Unexpected origin timestamp 0x... does not match aorg 0000000000.00000000 from xxx.xxx.xxx.xxx xmt 0x...

    It seems these messages are intended to be informational, rather than reporting a significant issue.

    See https://www.suse.com/support/kb/doc/?id=7017645

    -- Frank Dean - 8-Feb-2020

  3. ntpd[nnn]: leapsecond file ('/usr/share/zoneinfo/leap-seconds.list'): will expire in less than 28 days

    As indicated, caused by /usr/share/zoneinfo/leap-seconds.list expiring soon. This file belongs to the tzdata package and perhaps should have been updated by the Debian maintainer before becoming so close to the expiry date.

    Normally, the updated tzdata package is provided before the actual expiry date and is updated in the usual way by running apt-get update && apt-get upgrade.

    There is an update-leap utility in the ntp package, but it is reported as quite buggy, so it is now probably easier to use curl or a similar utility to fetch it. The update leap script fetches the leap second file from IETF but fetching that file downloads it with the contents simply set to ietf.org is no longer serving this file.

    It now seems best to download the file from the International Earth Rotation Service.

    Create a backup of the current leap-seconds.list and update:

    $ sudo cp /usr/share/zoneinfo/leap-seconds.list /usr/share/zoneinfo/leap-seconds.list~
    $ cd ~/Downloads
    $ curl -LO https://hpiers.obspm.fr/iers/bul/bulc/ntp/leap-seconds.list
    $ cat leap-seconds.list | grep -Ei '(^[^#]|expires)'
    $ sudo cp leap-seconds.list /usr/share/zoneinfo/leap-seconds.list
    

    Restart the ntp service:

    $ sudo systemctl restart ntp.service
    $ sudo journalctl -u ntp.service -g leap-second -n 40
    

    -- Frank Dean - 05-Dec-2023

Vagrant Boxes

Vagrant is an open-source software product for creating and maintaining virtual software environments for development.

Debian Vagrant boxes are listed here.

-- Frank Dean - 13 Apr 2022

Wake on Lan

The following packages contain scripts to assist with wake-on-lan devices:

$ apt-cache search -n '(wakeonlan|etherwake)'
etherwake - tool to send magic Wake-on-LAN packets
wakeonlan - Sends 'magic packets' to wake-on-LAN enabled ethernet adapters

Building Custom Kernel

See Building a custom kernel from Debian kernel source


-- Frank Dean - 15 Dec 2004

Related Topics: AptitudeTips, CreatingRescuePartition, DebianLive, GnomeTips, JigdoTips, LinuxHintsAndTips, LxdeTips, OpenLDAP, SystemVStartupScripts, UbuntuTips