Grow with Linux

Linux Terminal Server Project

The Linux Terminal Server Project adds thin client support to Linux servers. LTSP is a flexible, cost effective solution that is empowering schools, businesses, and organizations all over the world to easily install and deploy thin clients.

New thin clients and legacy PCs alike can be used to browse the web, send e-mail, create documents, and run other desktop applications. LTSP not only improves Total Cost of Ownership (TCO), but more importantly, provides increased value over traditional computing solutions. LTSP workstations can run applications from Linux and Windows servers. Linux based thin clients have proven to be extremely reliable because tampering and viruses are virtually non-existent.

Here discuss about a remote booting structure as an example;

Server Side

Minimum requirement;
RAM = 2GB
HDD = 40GB
If choose IDE hard disk, can support maximum 10 clients, if hard disk is SATA can go upto maximum 25 clients and for SCSI hard drive can support maximum of 60 clients from one server.

Software needed
dhcp = Clent communication.
tftpd = Kernel file transfer protocol.
portmap = Port open software.
nfs-kernel-server = Network file Server.
xdmcp = For GUI.
libwww-perl = Library File.
LTSP = Linux Terminal Server Project Software (write it on a CD)

#apt-get install dhcp tftpd portmap xdmcp libwww-perl

after this mount CD-rom;
#mount /cdrom
#cd /cdrom
#cd ltsp-utils

Copy the file to root for installation;
#cp itsp-utils-0.25-0.tgz /root

Go to the location;
#cd /root

Unzip the copied the file;
#gzip-cd ltsp-utils-0.25.0.tgz | tarx
#cd /root/itsp-utils
#ls -l

Here we can see install.sh file, for installation;
#./install.sh
Once installation finish go to;
#ltspadmin

We enter the admin page of LTSP. Here do some basic configuration;

Install / update ltsp-utils package (enter). If error shows go to second option otherwise straight to option 3.
Configure the installer options.
Configure LTSP.

location://path where the file which copied from CD-rom.
Directory (enter)
Proxy (enter)
none (enter)
Choose C (configure manually) after that,
default runlevel (2)
DHCP (y)
TFTP (enable)
Portmap (enable)
NFS (enable)
XDMCP (enable)

disable graphical login (n)
add entries to /etc/hosts (y)
create /etc/host allow entries (y)
Do you want to create a default its-conf file (y)

Press 'A' to select all,

Press 'Q' to install.

#cd /etc

#cp dhcpd.conf dhcpd.old

#cp dhcpd.conf.sample dhcpd.conf

#nano dhcpd.conf

#dns-update-style (if not, comment it)

#if substring

#file name /tft

#else {

host ws 050 {

hardware ethernet 'mac id of the client pc';

fixed-address 192.168.0.3;

filename "/tftphost/lts/vmlinuz-2.6.17-ltsp-1"

#nano /etc/inetd.conf

$lin.tftpd/ (delete the rest of line)

Here we need to choose second terminal login with root power, for that use CTRL+ALT+F2, because we need to set IP address permanently and also change linux kernel.

#nano /etc/interface

iface eth1 inet static

address 192.168.0.1

netmask 255.255.255.0

network 192.168.0.0

broadcast 192.168.1.255

#cd

#cd /tftpboot/lts change the linux kernel image to net bootable linux image.

Restart the process by manually;

#etc/init.d/dhcp3-server restart

#etc/init.d/openbsd-inetd restart

#etc/initd/portmap restart

#etc/init.d/nfs-kernel-server restart

#etc/init.d/gdm restart

Restart the server by #init 6.

Client Side

Minimum Requirement;

Motherboard = P100

RAM = 64mb

Network Interface Card

BOOTROM (27C128, 27C256), purchase from local market and can program using eprom programmer in every city computers service person can help.

Network File System

The NFS enables sharing of filesystems among computers. NFS is almost transparent to user and is stateless, meaning no information is lost when NFS server crashes.

Network File System (NFS) is a distributed file system protocol originally developed by Sun Microsystems in 1984 allowing a user on a client computer to access files over a network in a manner similar to how local storage is accessed. NFS, like many other protocols, builds on the Open Network Computing Remote Procedure Call (ONC RPC) system. The Network File System is an open standard defined in RFCs, allowing anyone to implement the protocol.

The NFS protocol has been remarkably stable over time. Sun used V1 only for in house experimental purpose. When development team added substantial changes to V1, they release it as V2.

V2 of the protocol originally operated only over UDP.
V3 eliminates this bottleneck with a coherency scheme that permits asynchronous writes. V3 is always capable of interoperating with V2.
V4 is becoming more stable and is shipping with some versions of Linux. It requires a 2.601 kernel or greater and needs to be manually turned on in the kernel.

Server Side NFS.
A server is said to export a directory when it makes the directory available for use by other machines. On a NFS server, both mountd and nfsd should start when the system boots and both should remain running as long as the system is up. mountd and nfsd share a single access control database that tells which filesystems should be exported and which clients may mount them. On most systems /etc/exports is the canonical human readable list of exported directories.
NFS server startup script.

#apt-get install nfs-kernel-server
         or
#apt-get install nfs-common
The /etc/exports file enumerates the filesystems export through NFS and the clients that may access each of them. Whitespace separates the filesystem from the list of clients and each client is followed immediately by a parenthesized list of comma seperated options.
#nano /etc/exports
On the last part add the client details with access privilege;
/home                            *.growwithlinux.com (rw,sync)
/home/admin    (noaccess)
(allow hosts in the growwithlinux.com domain to access all the contents of /home through mounting expect for /home/admin. The absence of a client name on the second line means that the option applies to all hosts).

Command export options;

ro	:	Read-only.
rw	:	Reading and writing.
rw=list	:	Read mostly. List enumerates the hosts allowed to mount for writing.
root_squash	:	Maps UID 0 and GID 0 to the values specified by anonuid and anongid.
no_root_squash	:	Allow normal access by root.
all_squash	:	Maps all UIDs and GIDs to their anonymous versions.
anonuid=xxx	:	Specifies the UID to which remote roots should squashed.
anongid=xxx	:	Specifies the GID to which remote roots should squashed.
secure	:	Requiers remote access to originate at a privileged port.
insecure	:	Allow remote access from any port.
noacess	:	Prevents access to this directory.
wdelay	:	Delays writes in hopes of coalescing multiple updates.
no_wdelay	:	Writes data to disk as soon as possible.
async	:	Makes server reply to write requests before actual disk write.
nohide	:	Reveals filesystems mounted within exported file tree.
hide	:	Hide filesystems mounted within exported file tree.
subtree_check	:	Verifies that each requested file is within an exported subtree.
no_subtree_check	:	Verifies only that file requests refer to an exported filesystem.
secure_locks	:	Requires authorization for all lock requests.
insecure_locks	:	Specifies less stringent locking criteria.
auth_nlm	:	Synonym for secure_locks.
no_auth_nlm	:	Synonym for insecure_locks.

#exportfs -a For updating the exports file.

Client Side NFS.
NFS filesystems are mounted in much the same way as local disk filesystems. Before an NFS filesystem can be mounted, it must be properly exported. To verify that a server has properly exported its filesystems from the client's perspective,
#showmount -e {server name or ipaddress}
If the showmount returns an error or an empty list, check that all necessary processes are running in the server (portmap, mountd,nfsd,statd and lockd).

Example we configure a client side where mount point is /mntfldr, for server ip address 95.10.28.4
First create a mount point in client by;
#mkdir /mntfldr

Mount the filesystem in client side by editing fstab or by manual mount;
#mount -t nfs rw,bg,intr,hard 95.10.28.4:/home /mntfldr
                     or
#nano /etc/fstab
Add the following details to the file;
<file system>            <mount point>      <type>            <options>                      <dump> <pass>
95.10.28.4/home        /mntfldr                  nfs          user,auto,rw,bg,intr,hard          0              1

The flags like rw,bg are standard, but must makesure in server and client side must give same permissions;
Common flag options;

ro	:	Read-only.
rw	:	Reading and writing.
bg	:	If the mount fails keeps trying it in the background and continues with other mount requests.
hard	:	If a server goes down, causes operations that try to access it to block until the server comes backup.
soft	:	If a server goes down, causes operations that try to access it to fail and return an error.
intr	:	Allow users to interrupt blocked operations.
nointr	:	Doesnot allow user interrupts.
retrans=n	:	Specifies the number of times to repeat a request before returning.
timeo=n	:	Sets the timeout period (second) for requests.
rsize=n	:	Sets the read buffer size in bytes.
wsize=n	:	Sets the write buffer size in bytes.
tcp / udp	:	Select the transport protocol.

Statistic.
The nfsstat command displays various statistics kept by NFS system;
#nfsstat -s Shows statistics for NFS server process.
#nfsstat - c Shows information related to client side operations.

Windows Interoperability

Linux and Microsoft Windows, leading operating systems can assist each other in many ways. Windows applications can run from Linux desktop or access a Linux server's printers and files. Linux applications can display their user interfaces on a Window desktop. Both platforms have their strengths and they can be made to work together. Windows is a popular and featureful desktop platform, capable of bridging the gap between the user and the network cable coming out of the wall. Linux on the other hand, is a reliable and scalable infrastructure platform.

Virtual Network Computing.

In the late 1990's a few people at AT&T Labs, developed a system for remote desktop access called VNC. The VNC proto col dosen't deal with individual applications. Instead it creates a complete virtual desktop as a unit. Under VNC, a special X11 server runs on the central machine and a viewer application is used to access that server. The Linux VNC server implementation is essentially a graphic adaptor emulator that plugs into X.Org X Window server. Running a vncserver from Linux account creates a new virtual desktop that runs in the self-contained world of the Linux machine.

Windows Remote Desktop Protocol.

After Windows 2000 server, every Windows box has the technical ability to provide graphical remote access to several users at the same time. The remote access component called Remote Desktop and it uses a protocol called the Remote Desktop Protocol to communicate between client and server. RDP even allows local printer and disk resources to be forwarded to the remote Windows session.

Running Windows and Windows-Like Application.
Virtual Machine is a software based, fictive computer. Virtual machines may be based on specifications of a hypothetical computer or emulate the computer architecture and functions of a real world computer. Regardless of the host operating system, can install operating systems into one of Virtual Machines. Virtual Machines licenses had been both commercial and open source code.
Wine is an another option, which it implements the Windows programming API in the Linux environment, allowing to run Windows application directly on top of Linux and X. Instead of simulating internal Windows logic like a virtual machine or emulator, Wine translates Windows API calls into POSIX calls on-the-fly, eliminating the performance and memory penalties of other methods and allowing to cleanly integrate Windows applications into desktop.

Dual Booting.
Since many operating systems run on PCs, it is fairly common practice to setup a machine to be able to boot several different systems. For that once the operating systems installed then reconfigure the GRUB. For installation please visit Debian for Desktop.

Sharing Files with SAMBA.
Samba is a free software re-implementation of the SMB/CIFS networking protocol. Samba provides file and print services of various Microsoft Windows clients and can integrate with a Windows Server domain. Its provides a stable industrial-strength mechanism for integrating Windows machine into a Linux network. Only need to install one package on the server, no special software is needed on the windows side. Most of the Samba's functionality is implemented by two daemons; smbd and nmbd. smbd implements file and print services as well as authentication and authorization and nmbd provides the other major CIFS components; name resolution and service announcement.

#apt-get install samba
On all systems, need to edit the smb.conf file (#nano /etc/samba/smb.conf) to tell samba how it should behave. In this file specify the directories and printers that should be shared, access rights and samba's general operational parameters.

= Global Settings =
Change the workgroup name similar to the workgroup of windows pc's in network. Also give the correct WINS or disable the wins server.

=Authentication=
By default 'security = user', change it to 'share' and uncomment the line. If user give need to create a samba user with help of command #smbpasswd -a {username}. Here username must be same as windows user name using to login windows pc, password must be different from the password for that user, otherwise system will be vulnerable.

=Share Definition=

If a printers section occurs in the configuration file, users are able to connect to any printer specified in the local host´s print cap file.
[printers]
           path = /usr/spool/public (where to store print files before printing)
           guest ok = yes (Everybody can use the printer)
           printable = yes (let samba know this share is a printer)
           browseable = yes (show printers to everyone looking)
           printing = LPRNG (tell samba about particular printing system)
(remove all semicolons).

A sample share for sharing your CD-ROM with others.
[cdrom]
   comment = Samba server's CD-ROM (the sharing folder name, cd-rom or any directory)
   read only = yes
   locking = no
   guest ok = yes
   writable = yes
   path = /cdrom (where this folder is mounted, eg; if sharing a directory named SOFTWARE, replace in this file all cd-rom to software and create a folder named software and give that location in path (path = /home/varun/desktop) make sure must mount the section for getting in windows or set in /etc/fstab.

(remove all semicolons).

For more details #man smb.conf

Electronic Mail Servers

Electronic mail, most commonly referred to as email or e-mail since 1993, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the same time, in common with instant messaging. Today's email systems are based on a store-and-forward model. Email servers accept, forward, deliver, and store messages. Neither the users nor their computers are required to be online simultaneously; they need connect only briefly, typically to an email server, for as long as it takes to send or receive messages.

Mail Systems.

In theory, a mail system consists of four distinct components;

A mail user agent (MUA) that lets user read and compose mail.
A mail transport agent (MTA) that routes messages among machines.
A delivery agent that places messages in a local message store, it is sometimes called a local delivery agent (LDA).
An optional access agent (AA) that connects the user agent to the message store (eg.. IMAP or POP protocol).

Mail User Agent

Email users employ a user agent to read and compose message. Email messages originally consisted only of text, but a standard known as Multipurpose Internet Mail Extensions (MIME) is now used to encoded text formats and attachments into email.

Mail Transport Agent.
A transport agent must accept mail from a user agent, understand the recipients addresses, and somehow get the mail to correct hosts for delivery. Most transport agents also act as message submission agents for the initial injection of new messages into the mail system. Transport agent speaks Simple Mail transfer Protocol (SMTP) or Extended SMTP. Several transport agents are available for UNIX and Linux systems, PMDF, Postfix, Sendmail, Smail, Qmail, Exim and Zmailer among others.

Delivery Agent.
A delivery agent accepts mail from a transport agent and actually delivers it to the appropriate local recipients. Mail can be delivered to a person, to a mailing list, to file, or even to a program.

Message Stores.
The message store is the spot on the local machine where email is stored. It used to be the directory /var/spool/mail or /var/mail, with mail being stored in files named after user's login names, but ISPs with millions of email clients are looking to other technologies for the message store (eg: Database).

Access Agents
Programs such as imapd and spop are access agents for PC, Mac or linux users whose mail is delivered to linux server and then downloaded with the Internet Message Access Protocol (IMAP) or the Post Office Protocol (POP) respectively.

The Anatomy of a Mail Message.

A mail Message has three distinct parts;

The envelope.
The headers.
The Body of the message.

The envelope determines where the message will be delivered or if the message can't be delivered to whom it should be returned. The envelope addresses generally agree with the From and TO lines of the header. The header record all kinds of information about the message, such as the date and time it was sent and the transport agents through which it passed on its journey. The body of the message is the actual content to be sent. It must consist of plain text.

The EXIM Mail System.

EXIM was written in 1995 by Philip Hazel of the University of Cambridge and is distributed under GNU GPL. EXIM4 was released in 2002 and is currently the version distributed with Debian. Some Separate commands in EXIM performs specific mail functions.
exim -bq Shows the mail queue.
exim -bS Batched SMTP connection.
exim -q Runs the mail queue.

EXIM Configuration.
Exim contains three logical pieces; directors, routers and transports. Directors hale the local address (address inside the home domain). Routers handle remote addresses and Transport do the actual delivery.

EXIM4 system is configured through an elaborate collection of configuration files that lives in /etc/exim4/conf.d. After any modification for one of these files, must run the update-exim4.conf command, which then creates /var/lib/exim4/config.autogenerated. The config.autogenerated file is used by EXIM at run time.

The EXIM configuration files are well documented, with comments preceding each variables to describe what the variable does. Some part of EXIM run set user ID upon execution to root, therefore, it's particularly important to stay updated on security patches. EXIM define administrative users who are allowed to initiate queue runs. The SMTP verify command (VRFY) is allowed by default. EXIM must be sent the sign up signal with the kill command when its config file changes. It typically logs to files in the /var/log/exim4 directory but can also use syslog. EXIM permits forwarding of outgoing mail to a smart host and filtering of inbound mail at both the host and user levels. It supports virtual domains and has a retry database. EXIM includes recognition of alias and forwarding loops and sensible handling of them.

For configuring basic EXIM4 server;

#apt-get install exim4

# nano /etc/exim4/update-exim4.conf.conf Go to last 13 lines.
dc_eximconfig_configtype='local' Locol means locol host, to make it a send out server put that to 'internet'
dc_other_hostnames='debian' Here have to give all the domain names separate with a colon (:) (if got a webserver or DNS) or for mail server just give mail.growwithlinux.blogspot.com
dc_local_interfaces='127.0.0.1 ; ::1' Here have to give ip addresses for all the sites separate with a colon (:) or just the ip address of mail server.

eg:
dc_eximconfig_configtype='internet'
dc_other_hostnames='www.example.com: games.example.com: mail.example.com'
dc_local_interfaces='128.10.12.2: 128.10.12.3: 128.10.12.4'
dc_readhost=''
dc_relay_domains=''
dc_minimaldns='false'
dc_relay_nets=''
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'
Relaying is a process of a Domain send mail with help of another Domain, eg; if a company name example.com got a mail server and it's sister company named ask.com only have a web-sever, the ask.com can send the mail user@ask.com via example.com's mail server for that need to activate relay in example.com's mail server.

dc_eximconfig_configtype='internet'
dc_other_hostnames='www.example.com: games.example.com: mail.example.com'
dc_local_interfaces='128.10.12.2: 128.10.12.3: 128.10.12.4'
dc_readhost=''
dc_relay_domains='www.ask.com: games.ask.com: mail.ask.com'
dc_minimaldns='false'
dc_relay_nets='172.20.10.3: 172.20.10.4: 172.20.10.4'
dc_smarthost=''
CFILEMODE='644'
dc_use_split_config='false'
dc_hide_mailname=''
dc_mailname_in_oh='true'
dc_localdelivery='mail_spool'

After setting above file need to save the file and need to define hostname and mailname of that server.
#nano /etc/hostname Give the correct host name (www.example.com)
#nano /etc/mailname Give the correct mail name (mail.example.com).

Restart the EXIM by
#/etc/init.d/exim4 restart

If the relay also set in mail server the two domains must communicate for that must give details of each other DNS details. For that login to other domain using;
#sftp {other domain ip address}
>{password}

#cd /etc/bind On other domains bind location (ask.com)
#lcd /etc/bind On own domain bind location (examples.com)

#put examples.* Put all the examples servers bind file in ask servers bind file
#get ask.* Get all the ask servers bind file in example servers bind file

Restart the services.

If there want to be any any changes in conf.d files in exim4, visit the links along with the directory name.
acl
auth
main
retry
rewrite
router
transport