Category: Debian

Posted on

Installing VMware tools on Debian

Install VMware Tools on Debian 8

Please do note that this is a straight forward with no explanation since this is for my own reference. But, if this will help. I’m so glad.

#apt-get install binutils cpp gcc make psmisc linux-headers-$(uname -r)
#mount /dev/cdrom /mnt/cdrom
#tar -C /tmp -zxvf /mnt/cdrom/VMwareTools-x.x.x-x.tar.gz
#cd /tmp/vmware-tools-distrib
#./vmware-install.pl
#umount /mnt/cdrom

Install VMware Tools on Debian 6

– apt-get install linux-headers-$(uname -r)
– apt-get install gcc make
– sudo rm -rf /usr/lib/vmware-tools/libconf
– sudo rm -rf /usr/lib/vmware-tools/bin
– sudo mkdir /usr/lib64
./vmware-install.pl -default

Installing VMware Tools On Debian Lenny 5.0.2 With Gnome Desktop On ESX Server 3.5 Update 4

From time to time, installing VMware Tools on a Linux guest will cause you some grief. While there are lots of howto’s, usually they’re for VMware Workstation. Here’s one that works in Debian/Lenny 5.0.2 on ESX Server 3.5 Update 4.

Important: before making changes on the guest, create a snapshot on your ESX Server. This way you can revert the changes if you get something wrong.

1. Install required Debian packages

On the Debian guest, open a root terminal:

Applications -> Accessories -> Root Terminal

Note: if you’ve installed the openssh server, you can connect using a Putty/SSH client if you prefer.

Before running the VMware Tools installation script, we need to install a few Debian packages:

apt-get install binutils gcc-4.1-base make linux-headers-$(uname -r)

To allow the vmware-user daemon to start after the install and prevent it from failing thereafter, do the following:

ln -s /usr/lib/libexpat.so.1 /usr/lib/libexpat.so.0

2. Copy and extract the VMware Tools installation files to a local directory

On your Virtual Infrastructure Client, from the menu load the VMware Tools virtual CD:

Inventory -> Virtual Machine -> Install/Upgrade VMware Tools

(You should see a CD-ROM icon appear on your Debian desktop. Just ignore it.)

Create and/or navigate to a directory where you’d like to store the installation files (e.g., /var/installs), then extract the files:

mkdir /var/installs
cd /var/installs
tar zxvf /media/cdrom/VMwareTools-3.5.0-153875.tar.gz

Unmount the CD-ROM by canceling the VMware Tools Install/Upgrade on the VI-Client:

Inventory -> Virtual Machine -> End VMware Tools Install

Ignore the mount error on the Debian desktop by clicking ‘Close’ on the window that pops up.

3. Install VMware Tools

Important: if you are running a Putty/SSH session connected to the guest, at this point you must run the next three commands from a terminal session inside the guest, otherwise you’ll be disconnected by the installation script after it reinitializes the network. In Debian/Lenny, Applications -> Accessories -> Root Terminal.

The VMware Tools Install detects and uses the ‘CC’ environment variable so it knows which compiler to use. We must specify gcc-4.1:

export CC=/usr/bin/gcc-4.1

(If you make a mistake, you’ll be prompted during the install for the right file; no problem, just enter /usr/bin/gcc-4.1.)

Switch to the installation directory and run the installation script:

cd /var/installs/vmware-tools-distrib
./vmware-install.pl

Posted on

Debian Linux machines authenticating to a Microsoft Active Directory

I was trying to get my Debian Linux machines authenticating to a Microsoft Active Directory. There are a few howtos on this subject, but I had to merge them together to get it to work in a nice way on my Debian machine.

Therefor I wrote this little howto, so it should be easier for Debian users to get their Linux box authenticated on a Windows Active Directory.

There are some steps you’ve to follow to get it to work. There are some variables in this text, where you have use your own names or IP’s.

Well, let’s start!

Step 1

Install the needed packages by running the following command

# apt-get install krb5-config krb5-user krb5-doc winbind samba rdate

Step 2

Edit /etc/hosts so it looks like this:

## /etc/hosts

127.0.0.1 hostname.DOMAIN.LOCAL localhost hostname

Step 3

edit /etc/krb5.conf so it looks like this:

## /etc/krb5.conf

[logging]

default = FILE:/var/log/krb5.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log

[libdefaults]

default_realm = DOMAIN.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
clock_skew = 300
ticket_lifetime = 24h
forwardable = yes

[realms]

DOMAIN.LOCAL = {
kdc = hostname-of-your-domaincontroller.DOMAIN.LOCAL
admin_server = hostname-of-your-domaincontroller.DOMAIN.LOCAL
default_domain = DOMAIN.LOCAL
}

[domain_realm]

.kerberos.server = DOMAIN.LOCAL
.DOMAIN.LOCAL = DOMAIN.LOCAL

Step 4

Test connection to Active Directory by entering the following commands:

# kinit Administrator@DOMAIN.LOCAL

Step 5

check if the request for the Active Directory ticket was successful using the kinit command

# klist

The result of this command should be something like this:

Ticket cache: FILE:/tmp/krb5cc_0

Default principal: administrator@DOMAIN.LOCAL

Valid starting Expires Service principal

09/10/08 12:07:01 09/10/08 22:05:53 krbtgt/DOMAIN.LOCAL@DOMAIN.LOCAL

renew until 09/11/08 12:07:01

Step 6

Configure Samba by adjusting the Samba configuration file. Open /etc/samba/smb.conf and edit the file, so it looks like this:

## /etc/samba/smb.conf

[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
load printers = no
preferred master = no
local master = no
server string = fileserver
password server = ip-of-your-domaincontroller
encrypt passwords = yes
security = ADS
netbios name = hostname-of-your-linux-fileserver
client signing = Yes
dns proxy = No
wins server = ip-of-your-domaincontroller
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes

Step 7

Restart samba by entering the following command:

# /etc/init.d/samba restart

Now you’re ready to join the Active Directory.

Step 8

Join the local domain / Active Directory by entering the following command:

# net ads join -U administrator

You will be asked to enter the Active Directory Administrator password. When the commandline doesn’t return a value, your connection to the Active Directory is set up.

Step 9

Get the list of domainusers:

# wbinfo -u

Step 10

Get the list of domain groups:

# wbinfo -g

Step 11

Check your Samba configuration:

# testparm -v

Step 12

Edit /etc/nsswitch.conf by making it look like this:

/etc/nsswitch.conf

passwd:     compat winbind
shadow:     compat winbind
group:       compat winbind

Step 13

Create a home directory for each domain in /home

# mkdir /home/DOMAIN

And you’re done! Your Linux box should now be working fine, using your Windows domaincontroller for authentication.

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Extra configuration/feature

It’s possible to change your Active Directory password using the passwd command. This can be helpful for people who like using the terminal. Also, Linux applications that use passwd for changing passwords will be able to change your AD password.

This feature can be enabled by editing /etc/pam.d/passwd and /etc/pam.d/passwd. Make sure the files looks like this:

## /etc/pam.d/passwd

password    sufficient     pam_winbind.so
password    required      pam_unix.so

## /etc/pam.d/passwd

password    sufficient    pam_winbind.so
password    required     pam_unix.so

auth           include      system-auth
account      include      system-auth
password    include      system-auth

Do you have a question, a problem or a feature? Don’t hesitate to drop me a line or post a
commen.

Posted on

quota in debian

Limiting your users use of disk space with quotas

When you run a multi-user system it’s possible for a single user to unduly hog the system, by filling their home directory with a lot of files, and filling a disk so that other users have no space of their own. Quotas are a system of preventing this. It’s possible to setup limits on the amount of space a single user, or a single group, can use.

Using quotas on Debian is very straight forward as the Debian kernel packages all have quota support compiled in.

There are two ways to use quotas:

  • Per user
  • Per group

When using per-user quotas you are effectively giving a limit on how much disk space the specific user may consume. In the case of per-group quotas you’re giving a limit on the total disk usage of all members in that group combined.

Generally I find it much more useful to apply quotas on a per-user basis, as this way you dont have to work out which member of a group is consuming all the space.

To setup quota usage on your system you’ll need to do three things:

  • Mount your filesystems with quota support
  • Install the quota software
  • Configure your limits

Quota support is enabled as the filesystems are mounted, and so it must be specified in the options section of your /etc/fstab file.

Specifying the quota options is as simple as adding usrquota for per-user quota, or grpquota for per-group quotes in the options column.

For example this first entry without quotas:

/dev/hda1       /home       ext2    defaults           1       1

Would become the following with per-user quotas enabled:

/dev/hda1       /home       ext2    defaults,usrquota  1       1

Once this has been added you can remount the partition by rebooting, and install the software. This will setup the partitions to be mounted with quota support enabled, however you haven’t enabled them for the running system.

To change the options run:

mount -o remount,usrquota /home

(Repeat for any other filesystems you wish to modify).

You will also need to load the quota kernel module, and cause that to be loaded at boot time. You can do that by running:

modprobe quota_v2
echo 'quota_v2' >> /etc/modules

The quota system has a notion of a soft limit and a hard limit. A soft limit is a limit which the user can live with for a while (by default 7 days). A hard limit is a limit which cannot be crossed ever.

These limits are recorded inside special files which we need to create for each filesystem which is being used with quotas.

Continuing with our example of /home we would create one file for group quotas and one file for user quotas:

touch /home/aquota.user
touch /home/aquota.group
chmod 600 /home/aquota.user /home/aquota.group

Now we’re ready to install the software.

apt-get install quota quotatool

As you installed the software you will have been prompted to see if you wish to email your users when their quotas are exceeded, this is their soft limit.

If you don’t reboot you’ll need to turn on the quota system by running:

quotacheck -vagum

To set the soft limits to 200Mb and the hard limit to 250Mb for a user called skx you would run:

quotatool -u skx -bq 200M -l '250 Mb' /home

A cronjob will run every day to check and warn them if they exceed their soft quota (if you said ‘Yes’ to the email notification question when the packages were installed), and the user will be informed immediately if they exceed their hard quota:

skx@undecided:~/Articles$ mkdir f
mkdir: cannot create directory `f': Disk quota exceeded
skx@undecided:~/Articles$

The system administrator can see what the disk and quota usage is like by invoking:

repquota /home

If ever you wish to remove a quota for a user simply set their hard and soft limits to ‘0’.