Devil-Linux, the trident is just to toast marshmallows, honest!

Introduction

What You Need (Hardware)

Why Devil-Linux?

Example Usage

Download and Create

Devil-Linux Setup Program

Login with Putty

Hard Disk Setup: 1 disk

Hard Disk Setup: RAID1 (2 disks)

Setup Logical Volumes

Setting up Samba

Adding Samba Users

Saving Your Changes

Logging

Outgoing Mails

Printing

Adding a User

Upgrading Devil-Linux

Configuration Backup

Networking

Notes on Apache2

Miscellaneous Notes

Credits & Links

Windows XP Pro­fessional File Sharing

Visit Our Sponsors

Devil-Linux, the trident is just to toast marshmallows, honest!

share iconFree'n'Easy Windows File Server - Network Drive Storage with Devil-Linux & Samba

Instructions for a noob or newbie to set up Devil-Linux with particular focus on creating a fileserver for network storage via a network drive / nas drive for Windows computers - by using Samba. Includes basic setup, LVM, RAID and Samba configuration, outgoing email setup, and various other tweaks and tips. Last updated on Mon Feb 03 2014 2:28 PM.

Introduction

If you want to share files between Windows PCs in a small office or in the home, there are several ways to do it:

  1. Use Windows built-in file-sharing. Sharing folders with Windows can work fine but it is limited - for instance to 10 concurrent connections for Windows XP Professional and to 5 for Windows XP Home. Of course Windows Server overcomes these limits, but at a price, and with vast complexity. If you are trying to share folders and files on a Windows XP Professional computer and have hit problems, you may find help by following the instructions below about Windows XP Professional Folder & File Sharing.
  2. Buy a proprietary shared hard drive - try googling 'network storage', 'network drive', 'nas drive' for some cheap NAS/multimedia drive solutions. Having a proprietary product may give you comfort that things won't go wrong or at least that if they do the manufacturer will help you sort it. This feeling is not always justified.
  3. Set up a Samba fileserver - it is free and easy and it provides fast and stable shared folders for an almost unlimited number of users. If you have a suitable old computer to hand even the hardware is free, and following these instructions it won't take long to set up. Also you can configure it to use RAID1, which means you use two hard disks - if one fails, you don't lose any data. Manufacturers admit that all hard disks will fail eventually. As the film Armageddon puts it: 'It happened before, it will happen again. The only question is: when?'

So this page focuses on setting up a Samba fileserver, running under an operating system or OS called Devil-Linux. Devil-Linux (often shortened to 'DL') is a distribution of GNU/Linux (or 'distro', popular distros include Debian, Ubuntu, Centos, Slackware...) designed to run from USB drive or a CD, with configuration held on USB drive or floppy disk. It is text-based with no gui ('graphical user interface' i.e. pretty screens like Windows), but don't let this put you off: it is simple to get going and there is very little to go wrong. Although originally intended for firewall/router setup, Devil-Linux works well as a file server, which is the implementation considered here: Samba, in a Windows workgroup environment, with high security not a consideration. I do not cover here the use of Samba at the heart of a Windows Server Domain - a Primary Domain Controller, or indeed Samba as any part of a Windows domain; but the setup here would provide a good starting point if you wanted to do this later. A further advantage of Devil-Linux over many other Linux distros is that because it boots from USB or CD, Raid and Logical Volume Management (LVM) can be implemented on hard disk(s) very easily.

Of course as often with Linux it is all free, which is nice, and you can use old hardware so that might be effectively free too. Once you have got as far as 'Login with Putty' below you don't even need a keyboard or a screen as you can control the Devil-Linux computer remotely by logging in.

And don't worry about the name, there is nothing sinister about Devil-Linux, you are not about to be taken over by dark forces.

I've tried to make these instructions as easy as possible, but even so they are probably best if you have some experience with Windows. They are aimed at Linux newbies and are intended to be self-contained, but you can get help about a linux command by typing at the Devil-Linux command line man [command] e.g. man fdisk for information about the fdisk command (use cursor up/down and pageup/pagedown keys to move around the manual info and type q to quit when you are done). You can also google for 'linux cheat sheet' and find some one page summaries of common linux commands. A great many things are common to different flavours ('distros') of Linux.

Text for you to type is shown like this, and I have generally assumed that you realise you need to press Enter or Return at the end of each line. As you might expect there are a number of links to other resources on the internet, but there are also some pseudo-links like this (distinguished by the colour and the dash underline) - if you hover your cursor over these you will seem some additional explanatory (non-critical) information.

You can also refer to the Devil-Linux home page and documentation and you can subscribe to the Devil-Linux discussion mailing list which will allow you to ask specific questions and get answers from the real experts - but this should only be used for issues specific to Devil-Linux.

Devil-Linux can do lots more than just acting as a free'n'easy Windows fileserver, of course - we are just scratching the surface here.

These instructions are written for Devil-Linux version 1.6, and you may have problems if you try to follow them with earlier versions.

Of course all of this info is provided strictly without warranty of any kind - it's free so what do you expect! If you have problems, send me an email.

What You Need (Hardware)

Why choose Devil-Linux as a distro?

Devil-Linux: The Pros

Devil-Linux: The Cons

Devil-Linux: Example Usage

DL can do most things that any Linux server system can do. But to be more specific here is an example list, far from complete:

Download Devil-Linux and Create Boot Media

From your Windows machine, download Devil-Linux 1.6 (or later) from the Devil-Linux FTP Download Site, making sure you select a suitable release for your hardware (usually you will want the most recent file ending -i686-server.tar.bz2 in the releases folder, unless your machine has a very old or Pentium M processor which does not support PAE). Open the downloaded file with the excellent and free 7-Zip Program Manager, then open the tar file inside it (this takes a few minutes) and then continue opening folders inside 7-Zip until you see a large bootcd.iso file and some others. Extract these files to a suitable temporary folder.

You will now create the boot system disk for DL. Note that this is (normally) separate from the configuration medium; DL stores your specific system configuration in a single compressed file and usually this is placed on a separate USB drive partition. So you have 2 choices:

  1. If you want to boot Devil-Linux from CD, you need to burn bootcd.iso to a new CD. If you don't already have a program for burning ISO images to CD, I recommend the free ISO Recorder (but make sure to use the correct version for your operating system, it may not work with versions later than XP or Server 2003). With ISO Recorder installed, just locate the bootcd.iso file, right-click and choose 'Copy Image to CD'. If you are using other software note that you do not just copy bootcd.iso to a disk; with Nero Express 6, for instance, choose 'Disc Image or Saved Project', in the dialog under 'Files of type', select 'Image Files (*.nrg, *.iso, *.cue), then locate the bootcd.iso file. (Alternative instructions in the Devil-Linux documentation here.)
  2. If you want to boot DL from USB, locate the file 'install-on-usb.exe' which is the one with a Devil-Linux icon. Your USB drive must be at least 512MB in size with expendable contents. You also need 7-Zip, but hopefully this is already installed. Just drag and drop your USB drive onto install-on-usb.exe to start the process.
    Devil-Linux install-on-usb.exe example screen
    The install program offers three choices for the configuration: if you are going to use a different media for holding your configuration data I recommend you go for option '1' (clean installation), otherwise choose option '3' (remote-boot configuration), which makes it easier at the start.

Next, unless you are booting from USB drive and want to use just this one drive for both boot file and your configuration data, you need to format the media that will hold your configuration data - a[nother] USB flash drive [preferred] or a floppy disk. Insert it and make sure it is blank and formatted: you can do this in Windows by opening 'My Computer', right-clicking on the disk icon for this inserted drive (being careful to select the correct drive!) and choosing 'Format'. Use File System 'FAT32'. Don't choose to create a system disk, and for a floppy disk never choose 'Quick Format' (because this skips the physical checking of the disk which is particularly important for a floppy disk). Click 'Start' and wait till it's done. You are now ready to start up your DL machine!

Devil-Linux Setup Program (System Configurator)

Go to your target hardware, which should already have one or (preferably) two hard disks installed. With your newly-created [CD and your] USB drive[s] (and/or floppy disk) inserted, boot the machine. If it does not boot up into Devil-Linux then you may need to alter the BIOS settings to force the USB or CD to boot first (the boot device being the one onto which you placed bootcd.iso). Sometimes pressing F8 or ESC at boot time allows you to select the boot device, otherwise you can enter the BIOS settings by pressing 'DEL' - or 'F1' or some other key specified on the screen - as the computer boots, then choose 'Advanced Setup'.

The boot process will look something like this:

Devil-Linux Booting

During the boot process you may be asked if you really want to load DL without configuration media - answer y to this. After booting Devil-Linux may prompt to create a new configuration on the USB or floppy drive, you should answer y to this.

After the first boot has completed, login by typing root at the prompt, then (as always) press Enter, then normally there is no password on first boot so just press Enter again. If however you chose the USB remote-boot configuration there is a password 'devil', and you can immediately login with Putty (then come back and complete this section).

After successfully logging in you will see a prompt thus:

root@Devil:~ #

Type setup (and press Enter) to start the Devil-Linux System Configurator (or 'setup' as it is more generally known):

Devil-Linux Setup Program

You move around using the cursor (arrow) keys, the TAB key, or with your mouse, and press the space bar to select a service. Here you provide some basic information, select the various services (run by daemons) that you want to load and have running when the machine starts up, and set the network options. The initial menu options, and how to set them, are:

Basic

HOSTNAME (whatever you like e.g. DL1)
DOMAIN (I set this to our local workgroup name but to be honest I don't know if this matters)
TIMEZONE (e.g. Europe/London)
KEYBOARD (e.g. 'uk')
The other options can all be left to their defaults.

Services

Required services are:
SAMBA (this is the service which provides the shared folders for your Windows network)
SSHD (to enable Putty login)
MDADM_MONITOR (if you plan to use a RAID hard-disk array, which is recommended)

Recommended services (which however you could add later) are:
BEEP (beeps when system has completed booting, selected by default)
CRON (allows you to run programs at preset regular times - like 'Scheduled Tasks' in Windows)
GPM (allows you to use mouse with remote login i.e. with Putty)
NTPD (time synchronization)
POSTFIX (mail server)
WATCHDOG (will reboot the server if it seems to have stopped working)

Possible additional services (which you could add later) are:
ROUTING (enabled by default, I am not sure what this does and I don't have it enabled)
SASLAUTHD (required if you need Postfix to send outgoing emails with authentication through a relay host - see below)
APACHE2 (webserver)
MYSQL (database, needed with APACHE2 for some website implementations and makes this a LAMP system)
VSFTPD (for ftp access e.g. with Filezilla)
XINETD (for Swat, which allows you to control Samba through a web interface, but it is not covered in this guide)

Net

Usually all you need to do is to select NET / 1NIC, set MODULE to 'autoselect' and set UseDHCP to 'Yes' (leaving OPTMOD, IP and NETMASK blank, and DHCPSERVER set at 'No'). DL should recognise your ethernet network adapter at boot time and then obtain an IP address from the DHCP server already on your LAN. There's usually no need to set 2NIC or 3NIC.

Other

Setup NTP, MySQL or HTTP (Apache2). NTP is worth setting up: find and enter the address of a time server near you. If you want to use MySQL server, it is very important that you change the default location for the database (--datadir=/var/mysql) to a permanent medium that will not be lost on reboot (e.g. --datadir=/home/mysql). (If you are just starting out, this permanent location on your hard disk will not yet exist, so you might want to make a note to come back and do this later.)

LoginPW

Here you set the password for the 'root' user - please use a serious password that you will not forget but no one else will guess - you have to type it twice. In any case you must set a password of some kind before you will be allowed to login with Putty (see below).

Config

Here you save the changes - very important! (equivalent to typing save-config -q on the command line)

Exit

Exit after you have saved your changes. It warns you again about saving changes!

After saving the changes and exiting from Setup back to the prompt, type reboot. Whenever possible you should reboot this way rather than cutting the power or pressing the reset switch.

Login with Putty

After rebooting and logging in, and assuming your network adapter is now working, you can find out the ip address of the Devil-Linux machine by typing ifconfig -a eth0 - the IP address is the 4 numbers separated by periods that appear after 'inet addr:' e.g. 192.168.1.13. Provided you set a password and have enabled service sshd (see above), you can now login with Putty from any Windows machine on the network. Run Putty on the Windows machine, put the Devil-Linux machine's IP address in as the host name, ensure 'SSH' is selected and click 'Open'. Type root as the username and then when prompted the password that you have set. Using Putty (or another SSH client) has two advantages:

From now on the only time you will need local access to your DL machine is when you are upgrading the operating system.

If you want to login from a Linux machine, just open a terminal window and type ssh root@[ip-of-Devil-Linux-machine] (but as a Linux user you knew that already didn't you?)

To end your putty or ssh session, just type exit. This is better than just closing the Putty window which leaves an open but irretrievable session running on the DL machine.

Hard Disk Setup: 1 hard disk

This is not normally the recommended approach, but is suitable if you are running DL as a virtual machine (VM), or you already have hardware raid, or you only have one hard disk available. Or maybe you really can't be bothered with software raid. Otherwise, you should use software raid and instead of following this section, follow the section below.

Be sure that you are happy to lose any data currently on the hard disk! You will now create one Linux LVM partition, these instructions assume this will be on the first partition (hda1) on the first IDE hard disk (hda) but it will work for other partitions or other hard disks, provided you alter the instructions hereafter appropriately, and are careful!

OK, so how do you know how the hard disk is described by Linux? You refer to hardware devices in Linux as /dev/[device], and for each hard disk the device has a 3 letter name (e.g. /dev/hda); each partition on that drive is described by the drive name followed by a partition number (e.g. /dev/hda1). IDE PATA drives are named /dev/hd[a-d] e.g. /dev/hdb; SATA, SCSI or USB drives are named sd? e.g. /dev/sdb. For more information see here.

You find out how the drives on your system are denominated by typing

fdisk -l /dev/[hs]d? 2>&-|sed -n 's/^Disk \(.*[GT]B\),.*s$/\1/p'

which shows all large disk devices so you can work out which is the hard disk you want to use. (Remember you can copy this command line text from this page and right-click in Putty to paste it in as a command.)

We now partition the disk with fdisk (there is also a more user-friendly and generally better partitioning utility called cfdisk but it refuses to work with some USB disks). So let's assume that you are going to use hda - the IDE primary master hard disk. Type:

fdisk /dev/hda

Now type m (and press Enter) to see the instructions which are, in brief:

p - to see the existing partition table
d - to delete any existing partitions
n - to create a new partition
q - quit without saving changes
t - to set the partition type
w - to write your changes and resync the disk

So typically you would:

[If you get a warning message at this point it is advisable to reboot, in which case you should first type save-config -q to save your configuration, then type reboot.]

Having created the partition (hda1 in the example above) that can be used by LVM (Logical Volume Manager), you need to create an LVM physical volume ('PV') on the physical partition that you just made, and then inside this PV you create an LVM volume group ('VG') called 'devil-linux':

# create physical volume (LVM2 format)
pvcreate /dev/hda1
# create volume group 'devil-linux'
vgcreate devil-linux /dev/hda1
# ignore any messages like '/dev/cdrom: open failed: Read-only file system'

(Note that any text after hash '#' is just comment.) Now continue to set up the logical volumes below.

Hard Disk Setup: Using Software RAID1 with 2 hard disks

If you are just using one disk, or you have and want to use hardware raid, you don't need to (and shouldn't) follow this section! But otherwise this approach is recommended over the approach in the previous section. Compared with a single drive, a dual-drive software Raid1 system dramatically improves the security of your data by guarding against a single hard drive failure - and it is faster for reading data. If you are using SATA (or SCSI or USB) drives it is also possible to 'hot swap' drives: this is not possible with IDE PATA drives because of the hardware architecture, and its use is beyond the scope of this article.

For further detail, you may wish to refer to the Devil-Linux html instructions (which also come with the distribution) on setting up Software Raid. Devil-Linux, like most Linux distros, uses the mdadm software raid tool. There are different levels of Raid. I use Raid 1 (mirrored disks) which provides security against failure because you have 2 disks holding the info instead of one, and is also faster than a single disk for reading. Raid 0 (striped disks) is faster for reading and writing but provides worse security than no Raid at all so I don't advise it! The other commonly used Raid levels are Raid5 (striped disks with parity) and Raid10 (striped and mirrored disks) (also called Raid1+0), but I haven't tried them, and these higher Raid levels are intended for bigger setups with multiple disks.

Raid is good, but it is not a backup system and you must backup your data. My solution for this is TimeDicer. OK that's the end of the sermon, let's move on...

Be sure that you are happy to lose any info currently on both hard disks!

You need to check which hardware devices are actually to be the components of your raid device:

fdisk -l /dev/[hs]d? 2>&-|sed -n 's/^Disk \(.*[GT]B\),.*s$/\1/p'

shows all large disk devices so you can work out which are the right ones. (Remember you can copy this command line text from this page and right-click in Putty to paste it in as a command.)

The Raid1 device that we will create will have a size that is the smaller of the two devices on which it is based, so it is logical to use two physical drives that are the same size. Anyway, let us assume that after looking through the list you are clear that you are using /dev/sdb and /dev/sdd as the two drives for the Raid1 device. Do:

fdisk /dev/sdb

You can review the command options for fdisk by pressing m, then Enter. Look at the existing partition table (p, then Enter), delete any existing partitions (d, then Enter), create a new partition (n, then Enter), set the type of this partition to da [non-fs-data] (t, then Enter), and lastly write the changes (w, then Enter). Then do the same for /dev/sdd i.e. starting with fdisk /dev/sdd. So you have created primary partitions /dev/sdb1 and /dev/sdd1. You now create the Raid1 device /dev/md0 thus:

mdadm -C /dev/md0 -l raid1 -n 2 /dev/sdb1 /dev/sdd1

You don't need to worry about a warning message saying 'mdadm: Note: this array has metadata at the start and may not be suitable as a boot device. If you plan to store '/boot' on this device please ensure that your boot-loader understands md/v1.x metadata, or use --metadata=0.90 Continue creating array?' - you can answer 'y' because this isn't going to be a boot device. [If you get a different error or warning message at this point you might have to reboot; sometimes after reconfiguring the disks they are not properly recognised until reboot, in which case you should first type save-config -q to save your configuration, then type reboot.]

Once you have run the above command successfully, type:

cat /proc/mdstat

to show the new [raid1] personality which at this stage will be resyncing or may be synced '[UU]'. Time to save the configuration thus:

mdadm --detail --scan>>/etc/mdadm.conf
save-config -q

Now create the new LVM2 Physical Volume at /dev/md0:

pvcreate /dev/md0

Now create a Volume Group called 'devil-linux' which will lie over the Physical Volume. At boot-time the OS, through LVM - the 'Logical Volume Manager' - will automatically mount certain named logical volumes inside the volume group 'devil-linux':

vgcreate devil-linux /dev/md0
# ignore any messages like '/dev/cdrom: open failed: Read-only file system'

(Note that any text after hash '#' is just comment.) You should make sure that you have selected MDADM_MONITOR in setup as a service, because this will give you warning (mailing to root) if there are any problems. That's really the point - if one disk fails you want to know about it so you can fix it before the second one goes. Once you have Postfix correctly configured you can test whether the monitoring would work in a case of a real problem by trying the following:

mdadm --monitor --mail=root --scan -1 -t

This creates an email test message which you should receive. The information about md0 should include '[UU]' to indicate that both drives are okay. If Postfix is not yet set up, remember to come back and test this later - it's important!

Now continue to set up the LVM logical volumes below.

Set up Logical Volumes

Once you have your LVM Volume Group called 'devil-linux', use the scripts below (and the one important line in between them) to create and then format the logical volumes within this group. With Putty, you can just copy the script from here and paste it in (right click in the Putty window). Lines starting with hashes are just comments. This script assumes that the hard disk is at least 6G in size. For a list of LVM-related commands see here. If you want more information about auto-mounted LVs in Devil-Linux see here.

# Script 1: Create Logical Volumes

# swap is created as a continuous space with -C y option
lvcreate -L 1G -n swap devil-linux -C y

# log will be auto-mounted at /var/log
lvcreate -L 1G -n log devil-linux

# data will be auto-mounted at /var/data
lvcreate -L 1G -n data devil-linux

# opt will be auto-mounted at /opt - good place to install programs
lvcreate -L 1G -n opt devil-linux

echo "Free space remaining for home LV: `vgs --noheadings|awk '{print toupper($NF)}'`"

Now you have created all the Logical Volumes except 'home', which is the big one you want for Samba. The size for this cannot be greater than is shown at the end of the previous script. It's good to leave space for many reasons such as for later expansion of existing LVs or creation of new LVs, or for LVM snapshots, which are great for making backups. So assuming we have say 148G free, we might leave 20G unused and do the following:

# home will later be auto-mounted at /home
lvcreate -L 128G -n home devil-linux

Now you need to format the Logical Volumes and the script below does this:

# Script 2: Format Logical Volumes
mkswap /dev/devil-linux/swap
# For small LVs it is more economical to use ext2|ext3.
mke2fs -j /dev/devil-linux/log
mke2fs -j /dev/devil-linux/data
mke2fs -j /dev/devil-linux/opt
# Ext4 is the best choice for large volumes
mkfs.ext4 /dev/devil-linux/home
# Finalize & save configuration
vgscan
save-config -q
#
# Now you should reboot. Type reboot and press Enter.

As the script suggests, you should now reboot the computer by typing reboot. After rebooting, you can check your filesystems with df -H - or for a clearer appearance: df -HP|sed 's/ on$/_on/'|column -t. Among other entries you should see the /opt, /home, /log and /data mountpoints which you just created. Some mounts start with /shm, but you don't normally need to type this to access these filesystems - for instance log can be reached at /var/log.

Setting Up Samba

We start by creating the folder(s) inside /home which will be made visible on your network by Samba; we will create /home/ourdocs, but you can use any name you like:

# create directory to be shared using Samba
mkdir -p /home/ourdocs

Now you need to edit or replace /etc/samba/smb.conf, using nano, a full screen editor. Unlike more traditional linux text-screen editors such as vi or vim, nano is user-friendly, and instructions are available by typing CTRL+G (CTRL+X exits back to the document, and CTRL+X from the document exits to the command prompt, after giving you a chance to save any changes).

So, do:

# save default configuration file
mv /etc/samba/smb.conf /etc/samba/smb.conf.default
nano /etc/samba/smb.conf

You now have Nano open with the new (empty) smb.conf document. Into this you can put the text below, which gives a very simple (albeit insecure) Samba setup, by copying it and then pasting it into Putty (right-click). You can change the workgroup to the name of your Windows workgroup and the server string to some more meaningful name if you like. The 'ourdocs' folder will be open (browseable, readable, writeable) to all computers and users on your network, and any files deleted from it will be put in its Recycle Bin. There are lots of other configuration possibilities for smb.conf which you can explore later. Some of the configuration options below have hover-over text which you can read for more information if you want.

# smb.conf configuration
[global]
workgroup = MY_WORKGROUP
server string = Samba Server
guest account = someone
map to guest = bad user
log file = /home/ourdocs/%m-samba.log
max log size = 50
passdb backend = smbpasswd
dns proxy = no
[ourdocs]
path = /home/ourdocs
read only = No
create mask = 0770
force create mode = 0770
directory mask = 0770
force directory mode = 0770
guest ok = Yes
vfs objects = recycle
recycle:repository = Recycle Bin
recycle:versions = Yes
recycle:touch = Yes

Press CTRL+X (to exit Nano) then y to write the new file and exit.

After creating this file, you need to create a generic samba user 'someone', so at the command line do:

# create linux user 'someone'
useradd -g users -s /bin/false someone
# create samba user 'someone', press enter twice for blank password
smbpasswd -a someone
# change ownership of any existing files in the share
chown -R someone: /home/ourdocs
# change permissions of any existing files in the share
chmod -R 0770 /home/ourdocs

One last thing that is good to do is to add a reference to your own machine's HOSTNAME to your /etc/hosts file if it is not already there, this may not be necessary in all scenarios but I need it and so do some others. This does it in one line:

echo "`ifconfig|sed -n '/^eth/{N;s/.*inet addr:\([0-9.]*\).*/\1/p}'` $HOSTNAME">>/etc/hosts

Remember to save changes to the configuration:

save-config -q

Now Windows computers in the workgroup can access the /home/ourdocs directory - when they attempt access they are treated as guest 'someone' and in Windows Explorer the folder will appears as 'ourdocs' off a computer called 'Samba Server', obviously you can change these in the above text to be anything you like.

You can check the status of Samba (which computers are connected and which files are locked) with the command smbstatus. Another command line tool you can investigate at your leisure is smbclient, which enables this server to make connections to folders that have been shared on Windows computers on your network, or to shared printers.

Adding Samba Users

There is no need to add any more samba users if you are happy for all machines on your local lan or workgroup to have the same access rights to your samba folder(s). But if you want user-related restrictions you can create specific users and give them different permissions. Substituting the username that you want in place of 'someone' (normally you use their Windows login name), run the same commands as above (useradd, smbpasswd), which first create a linux user in the 'users' group, and then create a matching samba user - entering their local Windows password when smbpasswd requests it. You can then create a different share with more limited permissions, for instance only allowing selected users, so for instance you could create a share called 'hr' (human resources) by creating a folder with mkdir /home/hr and adding to smb.conf the following lines:

[hr]
path = /home/hr
valid users = david jane
read only = No
force create mode = 0770
force directory mode = 0770

If these users have previously connected to the Samba Server (before you created these specific unix and samba user identities), then you may have to recreate the links to the server in Windows to force their machines to give up their previous login as 'someone' and connect with their new user identity.

Note that users created in this way will only be able to access your Samba Server via samba, they cannot log in directly, whether by ssh (putty) or at the terminal. If you want them to have access to the machine as linux users, see here.

Logging with Syslog-ng

DL uses syslog-ng to log error and information messages for your system at /var/log/messages. You can view the last 300 (say) lines of the log file at any time by typing tail -n 300 /var/log/messages|less (use PageUp/PageDown keys to move around and q to quit).

Outgoing Mails: Setting up Postfix

It's really important that your new server can send outgoing emails to you, so that it can warn you about problems, usually via a cron job. First you need to have enabled postfix as a service in setup (above). To redirect all cron job outputs and all local emails to your own email address just do nano /etc/crontab and add or modify a MAILTO= line thus: MAILTO="my@emailaddress.com".

This should work 'out of the box', but it's better if you can set a more sensible 'From:' outgoing email address than 'root@Samba.localdomain'. To do this you need to reconfigure postfix a little:

  1. Type nano /etc/postfix/main.cf and add a line at the end: smtp_generic_maps = hash:/etc/postfix/generic (which tells postfix to map outgoing (smtp) email addresses according to the data in 'generic').
  2. Type nano /etc/postfix/generic and add a line: root dl@mydomain.com, substituting your preferred email address for 'dl@mydomain.com' - this will appear as the 'From:' address for outgoing emails
  3. Rebuild generic.db with postmap /etc/postfix/generic
  4. Type nano /etc/aliases and add a line: root: my@emailaddress.com (the email address being your own email address at which you can receive mails) - this ensures that any local mails on this machine which would go to root are instead redirected to you (for instance, messages from mdadm about problems with your raid configuration)
  5. Rebuild the database with newaliases
  6. Reload postfix with postfix reload - if this tells you that postfix is not running you can start it now with /etc/init.d/postfix start - and remember to add it as a service in setup if you want it to be loaded automatically in future.
  7. Save the new configuration with save-config -q

Testing Postfix

You can test the configuration at the command line by typing echo test|mail -s "Test" me@myemailaddress.com. If you don't receive the email, or you see an error message, try restarting postfix with /etc/init.d/postfix restart, or type postfix check which may give you more information about what is wrong with your settings, and look at your syslog (see above - e.g. cat /var/log/messages | grep postfix, or if this doesn't work, cat /dev/vcs10 | grep postfix) [Note: /dev/vcs10 is the cache of tty10, which is default output for syslog-ng in Devil-Linux, but it doesn't hold messages for very long - see above.]

You should also try echo test message|sendmail root and make sure you receive the resulting message. This tests that messages to 'root' (e.g. from mdadm) will reach you.

Relaying Emails with Postfix with/without authentication

If you need to relay your emails through an open smtp mail server (for instance, to prevent outgoing emails being blocked as spam by other mail servers) add the line relayhost = mail.ispserver.com to /etc/postfix/main.cf, then do postfix reload. If the relaying server requires authentication for your outgoing emails then ensure you have SASLAUTHD as well as POSTFIX loaded at setup (you can start saslauthd manually with /etc/init.d/saslauthd start) and follow these instructions (copied from here):

  1. Type nano /etc/postfix/sasl_passwd to set up a passwords file as follows:
    mail.ispserver.com username:password
    (substituting your own relayhost, username and password, of course), exit (CTRL+X) and save the file (y)
  2. Type chown root:root /etc/postfix/sasl_passwd; chmod 600 /etc/postfix/sasl_passwd to change the ownership and permissions on this file
  3. Type postmap /etc/postfix/sasl_passwd to load the password information from this file into the database
  4. Do nano /etc/postfix/main.cf, find the INTERNET OR INTRANET section and add or change lines as follows:
relayhost = mail.ispserver.com (i.e. your relayhost)
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options =

Now exit and save the file, then type postfix reload, and test (see above)

Printing with Devil-Linux and Samba

You can set up a local (or even a remote network) printer in DL and then have Samba make it available to the Windows machines on your network. Here's an example of a very simple setup for a parallel or USB printer.

First you need to edit the printcap file, this lays out the printers your DL machine has on it. Type nano -w /etc/printcap. Now for a parallel printer paste:

# Common configuration information
.common:sd=/home/spool/lpd/%P
  :sh:mx=0:force_localhost
 
# lp0 - open a device
p0|aliasforlp0:cm=Parallel Port Printer:tc=.common:lp=/dev/lpt0:

Or for a USB printer paste:

# Common configuration information
.common:sd=/home/spool/lpd/%P
  :sh:mx=0:force_localhost
 
# lp0 - open a device
p0|aliasforlp0:cm=Parallel Port Printer:tc=.common:lp=/dev/usb/lp0:

In theory you can support as many printers as you want or need. To do so, just copy the last 2 lines and change the aliasforlp0 to a unique name and lp=/dev/usb/lp0: to the device of your choice.

Next we need to set up the lpd.conf. Type nano -w /etc/lpd/lpd.conf and paste this:

# Purpose: always print banner, ignore lpr -h option
# default ab@ (FLAG off)
# Purpose: query accounting server when connected
# default achk@ (FLAG off)
# Purpose: accounting at end (see also af, la, ar, as)
# default ae=jobend $H $n $P $k $b $t (STRING)
# Purpose: name of accounting file (see also la, ar)
# default af=acct (STRING)
 
# Purpose: use long job number (0 - 999999) when a job is submitted
# default longnumber@ (FLAG off)
longnumber

Now we need to setup the permissions file. Type nano -w /etc/lpd/lpd.perms and paste this:

ACCEPT SERVICE=C SERVER REMOTEUSER=root,papowell
ACCEPT SERVICE=C LPC=lpd,status,printcap
REJECT SERVICE=C
ACCEPT SERVICE=M SAMEHOST SAMEUSER
ACCEPT SERVICE=M SERVER REMOTEUSER=root
REJECT SERVICE=M
DEFAULT ACCEPT

I think you can modify this one to allow you to add users, however I've not messed about with it too much as it seems to work ok with this configuration.

Now if you're using a Parallel Printer, sometimes DL doesn't pick up the printer on its own. To see if the printer is seen type ls /dev/lp*. If your printer (i.e. lp0) isn't listed you need to type mknod /dev/lpt0 c 6 0. If you're using a USB printer DL should create the node automatically. To check, you can type ls /dev/usb/lp*.

Now we need to check the config for errors. Fortunately there is a command to do this for us. Just type checkpc -f. You may get an error about host names. If so type nano -w /etc/hosts and add your server's name and address to this file. Once you've done that and saved the file, just run checkpc -f again.

Now we need to start the printer daemons so type the following:

lpd
lpc lpd
lpq -a

The last one shows the print queue, If all has gone right it should show your printer. Next you need to edit your samba configuration file (where you've set the shares up). Type nano -w /etc/samba/smb.conf and add the following:

[printer1]
printable = yes
printer = lp0
printing = BSD
path = /home/z-shares
print command = /usr/bin/lpr -b -P%p -r %s
lpq command = /usr/bin/lpq -P%p
lprm command = /usr/bin/lprm -P%p %j
min print space = 2000
#
# CAUTION! this does not apply to win95/98/ME
# it tells winNT/2K/XP clients to use a local
# printer driver
 
# stops the "access denied" in windows when trying to view
# print queue
use client driver = yes

The last file to edit is lpd.conf. Type nano -w /etc/lpd.conf and add the following line:

done_jobs=0

This will get rid of the long list of completed jobs that windows would otherwise display for days afterwards.

Remember to finish up with a save-config -q and hopefully it should work. You may find upon a reboot that the printer may not start properly. If so, just add

lpd
lpc lpd
lpq -a

to a script and run it after a reboot to reinitialize the printer.

Adding a User to Devil-Linux

The process for adding a user to Samba is explained above, but if you want to create a new user under Linux who will be able to log in to your DL machine, you can do it as shown here. The 'passwd' command will request you to provide a login password for the user:

useradd -g users -s /bin/bash newusername
mkdir /home/newusername
passwd newusername save-config -q

I have also created a script for adding ftp users for website uploading/manipulation, for use with vsftpd.

Upgrading Devil-Linux System (CD or USB)

The first and critical thing to do before upgrading is to save your existing configuration: save-config -q

For a CD upgrade you burn a new CD with the upgraded operating system (see instructions near the top), and reboot your server with the new CD. Because you can't change the CD while DL is running, it is probably best to use poweroff and then restart the machine manually and change the CD as the machine restarts. In any case you will need local access to the machine at this point - you will not be able to login remotely until you have been through the upgrade instructions on the local console. Remember to resave your configuration once you are happy with it!

For USB upgrade (including migrating from CD to USB) you plug in an unused USB drive (at least 512MB), it should be automatically recognised by the system. Now identify which device this is (sda, sdb, sdc or sdd) by doing fdisk -l /dev/sd* | grep ^Disk. Make sure it isn't the current boot device which is shown (with partition number) by cat /shm/DL_DEVICE. I'll call the unused USB drive sdb here, and in fact it is quite likely to be sdb in your case. Navigate your prompt to a suitable temporary download directory e.g. cd /home/ourdocs, then download a new Devil-Linux distribution from a download site e.g. (all one line)

curl ftp://ftp.devil-linux.org/pub/releases/devil-linux-<version>-i686-server.tar.bz2|tar xj

Then cd to the newly-created subdirectory and run the ./install-on-usb script. Specify 1 (do not press Enter!) to use SysLinux, bootcd.iso for the DL ISO source, /dev/sdb (substituting a-d for b as appropriate) for the device name of disk device that will be written to, y for partitioning: format the chosen destination drive by creating a New Primary partition of at least 500MB with type 0B (W95 FAT32) and make it bootable - I suggest you use most (but not quite all) of the available space for this partition (which, if you ever move the USB drive to a Windows machine, is available to Windows). If you want to store the configuration on the same media the best way is to put it in a separate second partition, so create a second partition using the rest of the drive (1MB should be plenty though) and with the (default) Linux type. Finally write the changes and quit from cfdisk. Now you are asked for the partition name of the disk device that will receive the ISO image - type /dev/sdb1 (if b is the drive letter and 1 is the partition number), then for the preloaded configuration file just leave it blank (press Enter), and to copy the existing live configuration to your new second partition (if you are doing this), type y. After passing the final two warnings the script will run.

Now ensure that no one is using your machine (the command smbstatus will show which files if any are locked by Samba and allow you to work out who is locking them), then poweroff the system, remove the old USB operating system drive or CD, and restart the machine which will load the new release. You will need local access to the machine at this point - you will not be able to login remotely. You should follow the instructions on screen and remember to resave your configuration once you are happy with it. You can then delete the download directory tree.

Comparing Configuration After Upgrade

After you have upgraded Devil-Linux your configuration files (at /etc/) may be a little out of date, because applications (e.g. MySQL, Apache, Samba) will have been updated and their standard configuration options might change. Although this may not be a concern initially, over time this can become a problem. You might wish to look at my utility 'dl-config-compare.sh' which can tell you which files in your configuration are mismatched with the default configuration files, and help you spot those differences that could become a problem.

Configuration Backup

Your system configuration is stored in file etc-mods.tar.bz2. You can use the following command to save a copy of this critical file to a shared folder on hard drive, the file will have the date and time of the backup and so you can keep multiple copies:
save-config -o>"/path/$(date +%Y-%m-%d-%H-%M-%S) v`cat /DEVIL-LINUX` `cat /shm/DL_CONFIG_FILE`"
You should (separately) backup this shared folder to another computer, so if all else fails you can recover the file. Change the 'path' to point to the suitable shared folder on your system. Ideally, run this as a crontab job - say daily.

I also recommend that you create a cron job to run config-save -q>/dev/null weekly or even daily, that way if you have made changes and forgotten to do save-config -q they will still hopefully get saved before the next power outage.

Networking - Under the Hood

If you change your networking hardware, the network configuration will probably not work 'out of the box'. Type ifconfig -a, the interface that is not working (e.g. 'eth1') will have no 'inet addr:' line. This is probably because the old hardware network interface has been preserved as eth0 (for instance) and the new hardware interface is presently eth1 which is not configured in Devil-Linux. To clear the previous 'history' of network interfaces, do rm /etc/udev/rules.d/70-persistent-net.rules and then save-config -q and reboot. Now do ifconfig to see if you have an external inet addr (probably beginning with 192.168). If you still have problems, the lspci command will show you what the hardware is, you may need to know what is the appropriately named driver for that network card - for instance, the driver for a BCM4401 card is called b44 - so (in this case) try modprobe b44 and see if your card now functions.

The files which control how Devil-Linux starts networking are at /etc/sysconfig/nic/ and are named ifcfg-ethn (where n is a number from 0 up). These files are used by the /etc/init.d/network script, and depend upon (and refer to) the hardware devices already identified in the machine - and listed in /etc/udev/rules.d/70-persistent-net.rules. Files in /etc/sysconfig/nic/ ending '.sample' or beginning with '~' are ignored, files named ifcfg-vlann are used for vlans, ifcfg-bondn for bonding interfaces and ifcfg-brn for bridge interfaces. Normally these files are created / altered by the Devil-Linux setup program but you can manipulate them directly. For instance, if you previously configured eth1 and no longer have it, you can delete /etc/sysconfig/nic/ifcfg-eth1, or you will always see an error message at boot time as Devil-Linux tries and fails to set up this interface. (This is because the Devil-Linux setup program does not provide any way to delete a network interface.)

For further information about configuration of ethernet interfaces see the LinuxFromScratch page here (Devil-Linux is based on LinuxFromScratch or 'LFS').

Notes on Apache 2

There is extensive documentation on Apache; here are just a few notes (for my own reference to be honest) on some quirks I have encountered:

  1. The configuration file httpd.conf is located in /etc/apache2
  2. To restart Apache 'gracefully' i.e. minimising the risk of breaking current processes (the nearest thing to a 'reload') do apachectl graceful
  3. Using VirtualHosts: the address given in the VirtualHost line must match exactly the address given in the NameVirtualServer line and must match the name in the ServerName line (probably higher above). In particular, if ServerName is a specific IP (say ServerName 192.168.1.3:80) then you cannot use * for NameVirtualServer or for VirtualHost.
  4. Remember that as well as specifying the VirtualHosts information you must also ensure that there are Directory settings for the directories for these VirtualHosts.
  5. You can use Apache as a proxy server (so that you can have more than one web server behind a firewall) by using the directives ProxyPass and ProxyPassReverse - see Apache Virtual Hosts documentation for how to do this. Note that the use of ProxyPreserveHostOn is needed if the end server has to have the called url in order to determine the correct action (e.g. if it too is using name-based virtual hosts.) However using 'ProxyPreserveHost On' on the proxy server conflicts (I think) with having 'UseCanonicalName On' on the end server. If this is on then ProxyPreserveHost should not be used (or should be set to off).
  6. If using password protected folders with Apache, to find the password text for .htpasswd (or equivalent) file, run (from Devil-Linux prompt): htpasswd -nbd your_unm your_pwd. Enter the text that is output on the command line as a line in the file (usually called .htpasswd) which is located somewhere not accessible by web clients (usually the apache root folder). Then in the password-protected folder you place a file called .htaccess which should contain the following (suitably modified for the location of your htpasswd file):
    AuthUserFile /home/ourdocs/www/.htpasswd
    AuthName "Please enter your name and password"
    AuthType Basic
    Require valid-user
  7. If your php code does not run, consider that PHP settings are defined by /etc/php.ini. The default setting for recognising the start of php code is 'short_open_tag = Off' which means that <? will not start php, you need <?php. For legacy PHP code you may need to set 'short_open_tag = On' in /etc/php.ini which changes this behaviour.

Miscellaneous Notes

Credits & Links

These instructions were written by Dominic. I now use Windows and Linux but this page was originally written as I discovered things in Devil-Linux, hence its bias towards users coming from a Windows background. It has been greatly updated since. Chris Grove contributed the section about printing from Devil-Linux.

My thanks to the arch-demons of Devil-Linux: Heiko Zuerker ('Old Nick' himself?), Bruce Smith, Serge Leschinsky and all those who make and maintain Devil-Linux - no blame attaches to any of them for any mistakes you may find here. If you have found any part of these instructions helpful, or not, please let me know.

Thanks also to others who have helped me through the devil-linux-discuss@lists.sourceforge.net mailing list. And all those who contributed to the Linux software used in this setup.

See my other pages:


share iconWindows XP logoWindows XP Professional Folder & File Sharing

This is even simpler than setting up a Samba fileserver with Devil-Linux (well it is actually a *lot* simpler). Normally you can just follow the instructions in Windows Help (search for 'shared folders'), and it works. But Microsoft did not really want you to use Windows XP computers for file sharing (they want you to buy Windows Server) so there are some catches.

Catch A

Even though you have file & printer sharing installed in Windows XP, and have shared some folders, they may not be visible on the network unless some settings on the server (file-sharing) computer have been altered as follows (this works for XP Professional only):

Go to Control Panel/Performance And Maintenance/Adminstrative Tools:

  1. Computer Management: System Tools/Local Users and Groups/Users:
    Double-click on Guest and uncheck 'account is disabled'
  2. Local Security Policy: Security Settings/Local Policies
    1: User Rights Assignment - Deny Access to This Computer - remove 'Guest'.
    2: Security Options - Accounts: Guest Account Status - enabled

OK so this has reduced security of course, but all computers on the network should now be able to see those shared folders.

Catch B

Bear in mind that this is limited by design to 10 concurrent connections (there is a limit of 5 connections for Windows XP Home) (and also bear in mind that in some situations one computer may have two (or more?) simultaneous connections to your shared folder). If you want to be confident that you can have practically unlimited connections you should look at the Devil-Linux / Samba solution above.

Catch C

For some purposes you may not have full access to the shares you have created because the logon will be as 'Guest'. To give full access (with further adverse security implications, of course, but I assume you are not worried about those), you need to go to the Local Security Policy: Security Settings/Local Policies (as above) and find policy 'Network access: Sharing and security model for local accounts' and change this to 'Classic - local users authenticate as themselves'. You then need to create a user in Computer Management, make it a member of 'Administrators' group and give it a password. From the remote computer you can now log on to this 'server' and enter the username and password (they should be remembered after the first time) and you will have full access (because you are logged on now as this user and a member of Administrators group). I have found this to be necessary in rare cases for some software (1Safe Echo) - normally it isn't required.

For more information about how to configure file sharing in Windows XP see this article by Microsoft, and for an article (also by them) about client, service, and program incompatibilities that may occur when you modify security settings and user rights assignments, see here.


Visit our Sponsors

If you found this helpful, please visit the good guys who make this webpage possible!

Garden of Eden Bulgaria Garden of Eden, Bulgaria - the most luxurious development on the Black Sea with eight pools, three restaurants, apartments, five star hotel and sandy beach. Fabulous location, design & facilities mean the holiday of a lifetime and, for owners, secure, enhanced rental income and a ready secondary market. No wonder it's selling fast...
View from Ascot Hotel BŁyŁkadaAscot Hotel BŁyŁkada, Istanbul, Turkey - BŁyŁkada is the largest of the Princes’ Islands, an escape from the crowded metropolis, where life moves at a slower pace with no cars or traffic. Ascot Hotel is its new landmark boutique destination, a short ferry trip from mainland Istanbul, and just a few minutes walk or phaeton ride from the harbour, with restaurant, bar & private pool. 22 en­suite guestrooms with balconies offer elegant stylish accommodation and best of all, a comfortable bed for a perfect night's repose. It”s the ideal place to relax, recharge, and from which to explore the beauty and history of the island.
Ascot House Istanbul - Duplex Apartment BedroomAscot House Sultanahmet, Istanbul, Turkey - Located in the heart of the old city of Istanbul, close to such world heritage sites as the Blue Mosque, Ayia Sofia and the Topkapi Palace, Ascot House is a lavishly-furnished house of 5 apartments offering opulent Ottoman style with every modern convenience. Available for stays of 3 nights or more, it is the perfect base for exploring this amazing city.