Table of Contents for
Running Linux, 5th Edition

Version ebook / Retour

Cover image for bash Cookbook, 2nd Edition Running Linux, 5th Edition by Matt Welsh Published by O'Reilly Media, Inc., 2005
  1. Cover
  2. Running Linux, 5th Edition
  3. Preface
  4. Organization of This Book
  5. Conventions Used in This Book
  6. Using Code Examples
  7. How to Contact Us
  8. Safari® Enabled
  9. Acknowledgments
  10. I. Enjoying and Being Productive on Linux
  11. 1. Introduction to Linux
  12. 1.1. About This Book
  13. 1.2. Who’s Using Linux?
  14. 1.3. System Features
  15. 1.4. About Linux’s Copyright
  16. 1.5. Open Source and the Philosophy of Linux
  17. 1.6. Sources of Linux Information
  18. 1.7. Getting Help
  19. 2. Preinstallation and Installation
  20. 2.1. Distributions of Linux
  21. 2.2. Preparing to Install Linux
  22. 2.3. Post-Installation Procedures
  23. 2.4. Running into Trouble
  24. 3. Desktop Environments
  25. 3.1. Why Use a Graphical Desktop?
  26. 3.2. The K Desktop Environment
  27. 3.3. KDE Applications
  28. 3.4. The GNOME Desktop Environment
  29. 3.5. GNOME Applications
  30. 4. Basic Unix Commands and Concepts
  31. 4.1. Logging In
  32. 4.2. Setting a Password
  33. 4.3. Virtual Consoles
  34. 4.4. Popular Commands
  35. 4.5. Shells
  36. 4.6. Useful Keys and How to Get Them to Work
  37. 4.7. Typing Shortcuts
  38. 4.8. Filename Expansion
  39. 4.9. Saving Your Output
  40. 4.10. What Is a Command?
  41. 4.11. Putting a Command in the Background
  42. 4.12. Remote Logins and Command Execution
  43. 4.13. Manual Pages
  44. 4.14. Startup Files
  45. 4.15. Important Directories
  46. 4.16. Basic Text Editing
  47. 4.17. Advanced Shells and Shell Scripting
  48. 5. Web Browsers and Instant Messaging
  49. 5.1. The World Wide Web
  50. 5.2. Instant Messaging
  51. 6. Electronic Mail Clients
  52. 6.1. Using KMail
  53. 6.2. Using Mozilla Mail & News
  54. 6.3. Getting the Mail to Your Computer with fetchmail
  55. 6.4. OpenPGP Encryption with GnuPG
  56. 7. Games
  57. 7.1. Gaming
  58. 7.2. Quake III
  59. 7.3. Return to Castle Wolfenstein
  60. 7.4. Unreal Tournament 2004
  61. 7.5. Emulators
  62. 7.6. Frozen Bubble
  63. 7.7. Tux Racer
  64. 8. Office Suites and Personal Productivity
  65. 8.1. Using OpenOffice
  66. 8.2. KOffice
  67. 8.3. Other Word Processors
  68. 8.4. Synching PDAs
  69. 8.5. Groupware
  70. 8.6. Managing Your Finances
  71. 9. Multimedia
  72. 9.1. Multimedia Concepts
  73. 9.2. Kernel and Driver Issues
  74. 9.3. Embedded and Other Multimedia Devices
  75. 9.4. Desktop Environments
  76. 9.5. Windows Compatibility
  77. 9.6. Multimedia Applications
  78. 9.7. Multimedia Toolkits and Development Environments
  79. 9.8. Solutions to Common Problems
  80. 9.9. References
  81. II. System Administration
  82. 10. System Administration Basics
  83. 10.1. Maintaining the System
  84. 10.2. Managing Filesystems
  85. 10.3. Managing Swap Space
  86. 10.4. The /proc Filesystem
  87. 10.5. Device Files
  88. 10.6. Scheduling Recurring Jobs Using cron
  89. 10.7. Executing Jobs Once
  90. 10.8. Managing System Logs
  91. 10.9. Processes
  92. 10.10. Programs That Serve You
  93. 11. Managing Users, Groups, and Permissions
  94. 11.1. Managing User Accounts
  95. 11.2. File Ownership and Permissions
  96. 11.3. Changing the Owner, Group, and Permissions
  97. 12. Installing, Updating, and Compiling Programs
  98. 12.1. Upgrading Software
  99. 12.2. General Upgrade Procedure
  100. 12.3. Automated and Bulk Upgrades
  101. 12.4. Upgrading Software Not Provided in Packages
  102. 12.5. Archive and Compression Utilities
  103. 13. Networking
  104. 13.1. Networking with TCP/IP
  105. 13.2. Dial-Up PPP
  106. 13.3. PPP over ISDN
  107. 13.4. ADSL
  108. 13.5. Cable Modems
  109. 13.6. Network Diagnostics Tools
  110. 14. Printing
  111. 14.1. Printing
  112. 14.2. Managing Print Services
  113. 15. File Sharing
  114. 15.1. Sharing Files with Windows Systems (Samba)
  115. 15.2. NFS Configuration and NIS
  116. 16. The X Window System
  117. 16.1. A History of X
  118. 16.2. X Concepts
  119. 16.3. Hardware Requirements
  120. 16.4. Installing X.org
  121. 16.5. Configuring X.org
  122. 16.6. Running X
  123. 16.7. Running into Trouble
  124. 16.8. X and 3D
  125. 17. System Start and Shutdown
  126. 17.1. Booting the System
  127. 17.2. System Startup and Initialization
  128. 17.3. Single-User Mode
  129. 17.4. Shutting Down the System
  130. 17.5. A Graphical Runlevel Editor: KSysV
  131. 18. Configuring and Building the Kernel
  132. 18.1. Building a New Kernel
  133. 18.2. Loadable Device Drivers
  134. 18.3. Loading Modules Automatically
  135. 19. Text Editing
  136. 19.1. Editing Files Using vi
  137. 19.2. The (X)Emacs Editor
  138. 20. Text Processing
  139. 20.1. TeX and LaTeX
  140. 20.2. XML and DocBook
  141. 20.3. groff
  142. 20.4. Texinfo
  143. III. Programming
  144. 21. Programming Tools
  145. 21.1. Programming with gcc
  146. 21.2. Makefiles
  147. 21.3. Debugging with gdb
  148. 21.4. Useful Utilities for C Programmers
  149. 21.5. Using Perl
  150. 21.6. Java
  151. 21.7. Python
  152. 21.8. Other Languages
  153. 21.9. Introduction to OpenGL Programming
  154. 21.10. Integrated Development Environments
  155. 22. Running a Web Server
  156. 22.1. Configuring Your Own Web Server
  157. 23. Transporting and Handling Email Messages
  158. 23.1. The Postfix MTA
  159. 23.2. Procmail
  160. 23.3. Filtering Spam
  161. 24. Running an FTP Server
  162. 24.1. Introduction
  163. 24.2. Compiling and Installing
  164. 24.3. Running ProFTPD
  165. 24.4. Configuration
  166. IV. Network Services
  167. 25. Running Web Applications with MySQL and PHP
  168. 25.1. MySQL
  169. 25.2. PHP
  170. 25.3. The LAMP Server in Action
  171. 26. Running a Secure System
  172. 26.1. A Perspective on System Security
  173. 26.2. Initial Steps in Setting Up a Secure System
  174. 26.3. TCP Wrapper Configuration
  175. 26.4. Firewalls: Filtering IP Packets
  176. 26.5. SELinux
  177. 27. Backup and Recovery
  178. 27.1. Making Backups
  179. 27.2. What to Do in an Emergency
  180. 28. Heterogeneous Networking and Running Windows Programs
  181. 28.1. Sharing Partitions
  182. 28.2. Emulation and Virtual Operating Systems
  183. 28.3. Remote Desktop Access to Windows Programs
  184. 28.4. FreeNX: Linux as a Remote Desktop Server
  185. A. Sources of Linux Information
  186. A.1. Linux Documentation Project
  187. A.2. FTP Sites
  188. A.3. World Wide Web Sites
  189. About the Authors
  190. Colophon
  191. Copyright

PPP over ISDN

ISDN has offered convenient, high-speed data communications—at a price—for many years; it is particularly popular in Europe, where rates and marketing have been more favorable to its use than in the U.S. ISDN, which integrates data and regular voice transmission over a single line, offers both a faster connection setup and much better throughput than traditional modems.

ISDN lines can transfer 64 kbits per second. And unlike analog lines, they can achieve this speed all the time because their transmission does not depend on the vagaries of analog transmission with interference by various kinds of noise. A newer protocol called ADSL (Asynchronous Digital Subscriber Line) is upping the ante for fast data access over phone lines and is taking over from ISDN in many regions of the world.

In this section, we describe how to configure dial-up access to your Internet provider over an ISDN line. We cover only the most common style of connection, synchronous PPP, not the special mode called raw IP. Furthermore, this section discusses just internal ISDN boards, which require a kind of setup that’s different from the dial-up access covered in the previous section. To set up external ISDN devices, or the so-called ISDN modems (a term that is an oxymoron because there is no modulation and demodulation), you can use commands similar to those in the previous section because these devices present themselves to the computer and the operating system like a normal modem, albeit one that offers some additional commands, faster connection setup, and higher throughput.

If you want more information beyond what we present here, the source for all ISDN-related information for Linux is http://www.isdn4linux.de (despite this domain being registered in Germany, all the information here is in English).

In a way, setting up ISDN connections is much easier than setting up analog connections because many of the problems (bad lines, long connection setup times, and so on) simply cannot occur with digital lines. Once you dial the number, the connection is set up within milliseconds. But this can lead to problems. Because the connections are set up and shut down so fast, a misconfigured system that dials out again and again can cost you a fortune. This is even more problematic because with internal ISDN cards, you hear no clicking and whistling as you do with modems, and there are no lights that inform you that a connection has been made. You can check the status of your ISDN line with some simple programs, though.

Follow these two steps to set up dial-up PPP over ISDN:

  1. Configure your ISDN hardware.

  2. Configure and start the PPP daemon and change the routing table to use your ISDN line.

We cover those steps in the next sections.

Configuring Your ISDN Hardware

The first step involves making your ISDN board accessible to the kernel. As with any other hardware board, you need a device driver that is configured with the correct parameters for your board.

Linux supports a large number of ISDN hardware boards. We cannot cover every single board here, but the procedure is more or less the same for each one. Reading the documentation for your specific card in the directory Documentation/isdn in the Linux kernel sources will help you a lot if your board is not covered here.

We will concentrate here on boards that use the so-called HiSax driver. This device driver works with almost all cards that use the Siemens HSCX chipset (and thus with most passive cards available on the market today). That includes, for instance, the USR Sportster internal TA and the well-known Teles, ELSA, and Fritz boards. Other boards are similarly configured. Even some active cards are supported by Linux, including the well-known AVM B1 and the IBM Active 2000 ISDN card.

The first thing you need to do is configure the kernel so that it includes ISDN support. We advise you to compile everything ISDN-related as modules, especially while you are experimenting with setting it up. You will need the following modules:

  • ISDN support.

  • Support for synchronous PPP.

  • One device driver module for your hardware. If you pick the HiSax driver, you will also have to specify which specific brand of ISDN card you have and which ISDN protocol you want to use. The latter is almost certainly EURO/DSS1 in Europe—unless you live in Germany and have had your ISDN for a long time, in which case it might be 1TR6—and US NI1 in the U.S. If you live elsewhere, or are in doubt, ask your phone company.

Compile and install the modules as described in Chapter 18. Now you are ready to configure your ISDN hardware. Some distributions, such as SUSE, make setting up ISDN lines very easy and comfortable. We cover the hard way here in case your distribution is not so user-friendly, the automatic configuration does not work, or you simply want to know what is going on behind the scenes.

Now you need to load the device driver module using modprobe. This will automatically load the other modules as well. All the device driver modules accept a number of module parameters; the hisax module accepts, among others, the following:

id= boardid

Sets an identifier for the ISDN board. You can pick any name you like here, but you cannot have the same identifier for more than one board in your system.

type= boardtype

Specifies the exact board brand and type. For example, a value of 16 for boardtype selects the support for the USR Sportster internal TA. See Documentation/isdn/README.hisax in the kernel sources for the full list of board types.

protocol= protocoltype

Selects an ISDN subprotocol. Valid values for protocoltype are 1 for the old German 1TR6 protocol, 2 for the common EDSS1 (so-called Euro ISDN), and 3 for leased lines.

irq= irqno

Specifies the interrupt line to use. Not all boards need this.

io= addr

Specifies the I/O address to use. Not all boards need this. Some boards need two I/O addresses. In this case, the parameters to use are io0 and io1.

For example, the following command loads the HiSax driver for use with a Teles 16.3 board, Euro ISDN, IO address 0x280, and IRQ line 10 (a very common case):

    tigger # modprobe hisax type=3 protocol=2 io=0x280 irq=10

Please see Documentation/isdn/README.HiSax or the equivalent file for your hardware for more information.

This module is not much of a talker; if there is no output from the modprobe command, it is likely that everything went well. You might also want to check your system log at /var/log/messages. You should see a few lines starting with HiSax: (or the name of the driver you are using); the final line should be

    HiSax: module installed

If the module did not load, you will most likely also find the answer in /var/log/messages. The most common problem is that the IRQ or I/O address was wrong or that you selected the wrong card type. If all else fails, and you have Windows installed on the same machine, boot up Windows and check what it reports for the IRQ and I/O address lines. Sometimes, it helps to take a look in /proc/ioports and in /proc/interrupts to see if the HiSax chipset has the right I/O port and the right interrupt assigned.

You should do one more check before you jump to the next section, and this check involves calling yourself. This can work because, with ISDN, you always have two phone lines at your disposal. Thus, one line will be used for the outgoing “phone call,” and the other line will be used for the incoming one.

In order to have the ISDN subsystem report what is going on with your phone lines, you will need to configure it to be more verbose than it is by default. You do this by means of three utility programs that are all part of the isdn4k-utils package that you can find at your friendly Linux FTP server around the corner.

The isdn4k-utils package contains, among other things, the three utilities hisaxctrl for configuring the device driver, isdnctrl for configuring the higher levels of the ISDN subsystem, and isdnlog, a very useful tool that logs everything happening on your ISDN lines. Although you can use hisactrl and isdnctrl without any configuration, you will need to provide a small configuration file for isdnlog. For now, we will content ourselves with a quick solution, but once your ISDN connection is up and running, you will want to configure isdnlog to see where your money is going. So for now, copy one of the sample configuration files contained in the isdnlog package to /etc/isdn/isdn.conf. You will need to edit at least the following lines:

COUNTRYCODE=

Add your phone country code here—for example, 1 for the U.S. and Canada, 44 for the United Kingdom, 46 for Sweden, and so on.

AREAPREFIX=

If the area codes in your country are prefixed by a fixed digit, put this in here. The prefix is 0 for most European countries, 9 for Finland, and nothing for the U.S., Denmark, and Norway.

AREACODE=

Put your area code in here. If you have specified an AREAPREFIX in the last step, don’t repeat that here. For example, Stockholm, Sweden, has the area code 08. You put 0 into AREAPREFIX and 8 into AREACODE.

Once you have set this up, execute the following commands to make your ISDN system more verbose:

    tigger # /sbin/hisaxctrl boardid 1 4
    tigger # /sbin/isdnctrl verbose 3
    tigger #/sbin/lsdnlog /dev/isdnctrl0 &

If you are using a driver other than HiSax, you might need to use a different command. For example, for the PCBit driver, the command pcbitctl is available in the isdn4k-utils package.

Now you can go ahead and phone yourself. You should try all your MSNs (multiple subscriber numbers, which are your ISDN phone numbers) to see that the board can detect all of them. During or after each call, check /var/log/messages. You should see lines like the following:

    Mar 16 18:34:22 tigger kernel: isdn_net: call from 4107123455,1,0 -> 123456
    Mar 16 18:34:33 tigger kernel: isdn_net: Service-Indicator not 7, ignored

This shows that the kernel has detected a voice call (the service indicator is 0) from the phone number 123455 in the area with the area code (0)4107 to the MSN 123456.

Note how the number called is specified, because you will need this information later. The number is sent with the area code in some phone networks, but without the area code in others. Anyway, congratulations if you have come this far. Your ISDN hardware is now correctly configured.

Setting Up Synchronous PPP

Setting up the PPP daemon again involves several substeps. On Linux, the ISDN board is treated like a network interface that you have to configure with special commands. In addition, you need to specify the username and password that your ISP has assigned you. When everything is configured, you start up the ipppd daemon, which lurks in the background until a connection request is made.

First, let’s configure the “network interface.” This involves a number of commands that most system administrators simply put into a script that they store in a file, such as /sbin/pppon. Here is a sample file that you can modify to your needs:

    /sbin/isdnctrl addif ippp0
    /sbin/isdnctrl addphone ippp0 out 0123456789
    /sbin/isdnctrl dialmax ippp0 2
    /sbin/isdnctrl eaz ippp0 123456
    /sbin/isdnctrl huptimeout ippp0 100
    /sbin/isdnctrl l2_prot ippp0 hdlc
    /sbin/isdnctrl l3_prot ippp0 trans
    /sbin/isdnctrl encap ippp0 syncppp
    /sbin/ifconfig ippp0 1.1.1.1 pointopoint 123.45.67.89 metric 1

Let’s go through these commands one by one.

isdnctrl addif ippp0

Tells the kernel that a new ISDN interface with the name ippp0 will be used. Always use names starting with ippp.

isdnctrl addphone ippp0 out 0123456789

Tells the ISDN interface which phone number to use. This is the phone number that you use to dial up your provider. If you have used analog dial-up so far, check with your provider, because the phone number for ISDN access could be different.

isdnctrl dialmax ippp0 2

Specifies how many times the kernel should dial if the connection could not be established, before giving up.

isdnctrl eaz ippp0 123456

Specifies one of your own MSNs. This is very important—without this, not much will work. In case your provider verifies your access via your phone number, make sure you specify here the MSN that you have registered with your provider.

isdnctrl huptimeout ippp0 100

Specifies the number of seconds that the line can be idle before the kernel closes the connection (specified by the last number in this command). This is optional, but can save you a lot of money if you do not have a flat phone rate. Thus, if you forget to shut down the connection yourself, the kernel will do that for you.

isdnctrl l2_prot ippp0 hdlc

Specifies the layer 2 protocol to use. Possible values here are hdlc, x75i, x75ui, and x75bui. Most providers use hdlc. When in doubt, ask your provider.

isdnctrl l3_prot ippp0 trans

Specifies the layer 3 protocol to use (the l in the option is the letter L). Currently, only trans is available.

isdnctrl encap ippp0 syncppp

Specifies the encapsulation to use. A number of values are possible here, but if you want to use synchronous PPP (or your provider demands that), you have to specify syncppp here. Another not-so-uncommon value is rawip. But since this provides only very weak authentication facilities, few providers still use it, even though it gives slightly better throughput because it requires less overhead.

ifconfig ippp0 1.1.1.1 pointopoint 123.45.67.89 metric 1

Creates the new network interface. If your IP address is not assigned dynamically (as is the case with most dial-up connections), you need to specify your IP address instead of the 1.1.1.1 here. Also, you need to change the 123.45.67.89 to the IP address of your provider’s dial-up server.

If you want, you can also reverse the setup by creating a script that shuts down the interfaces and so on. For example, it would use the isdnctrl delif command. But such a script is not strictly necessary, unless you want to disable all dialing at runtime.

Phew! But we are not finished yet. Next, you need to configure the ipppd daemon, which you do in the file /etc/ppp/ioptions. You can also have a configuration file specific to each ipppd daemon, but that is necessary only if you want to be able to use different ISDN connections—that is, if you have multiple dial-up accounts.

The following is an ioptions file that is generic enough to work with most providers. It does not give maximum throughput but is quite stable. If you want to optimize it, ask your provider about the possible settings and read the manual page for ipppd(8):

    debug
    /dev/ippp0
    user yourusername
    name yourusername
    mru 1500
    mtu 1500
    ipcp-accept-local
    ipcp-accept-remote
    noipdefault
    -vj -vjccomp -ac -pc -bsdcomp
    defaultroute

You have to change only two things here: change yourusername in the third and fourth lines to the username that your provider has assigned you for connecting to its system. We won’t go through all the options here; see the manual page when in doubt.

ISDN access requires the same security as an analog modem. See "PAP and CHAP,” earlier in this chapter, for directions on setting up your pap-secrets or chap-secrets file as required by your service provider.

Now we have got our things together and can start having fun! First run the ipppd daemon:

    tigger # /sbin/ipppd pidfile /var/run/ipppd.ippp0.pid file /etc/ppp/ioptions &

The ipppd daemon will now wait for connection requests. Since we have not configured it yet to automatically make a connection, we have to manually trigger the connection. You do this with the following command:

    tigger # isdnctrl dial ippp0

You should now check /var/log/messages. There should be lots of messages that start with ipppd. The last of those messages should contain the words local IP address and remote IP address together with the IP addresses. Once you find those messages, you are done. Because we have used the defaultroute option previously, the kernel has set up the default route to use the ISDN connection, and you should now be able to access the wide, wide world of the Internet. Start by pinging your provider’s IP address. Once you are done and want to shut down the connection, enter

    tigger # isdnctrl hangup ippp0

If you have a flat rate with your ISP, then you can set the huptimeout to 0, and you will stay online all the time without ever hanging up. Of course, this is nice to have, but remember that most ISPs reset the connection after 24 hours, and if you have a dynamic IP address, you will possibly be assigned another IP address every 24 hours.

And If It Does Not Work?

If you have no connection even though your hardware was successfully recognized and you have set up everything as described here, /var/log/messages is again your friend. It is very likely that you will find the cause of the error there, even though it might be buried a bit.

The most common error is specifying the password or the username incorrectly. You know that you have a problem with the authentication if you see a line such as:

    PAP authentication failed

or

    CHAP authentication failed

in the logfile. Check your chap-secrects or pap-secrets file very carefully. Your provider might also be able to see from its logfiles where exactly the authentication went wrong.

Of course, your provider might not support synchronous PPP as described here, even though most providers do nowadays. If this is the case, ask your provider for exact settings.

If it still does not work, ask your provider. A good ISP has a phone support line and can help you connect your Linux box. If your provider tells you that it “only supports Windows,” it’s time to switch. Many Linux-friendly providers are out there. Often the support staff is using Linux and can help you even though the provider’s official policy is not to support Linux.

If for some reason you are stuck with an uncooperative provider, try finding other customers of this provider who also use Linux. Setting up your connection in nonstandard cases means fiddling with the options and parameters of the ISDN subsystem in the kernel and the ipppd daemon, and if somebody else has already found out what to do, you don’t have to.

Where to Go from Here?

Once your ISDN connection works and you can access the Internet, you might want to set up some conveniences or other customizations. Here are some suggestions:

  • Make ipppd dial your remote site automatically. You can do this by setting the default route to the ippp0 device like this:

        /sbin/route add default netmask 0.0.0.0 ippp0

    Now, whenever the kernel needs to send an IP packet to an IP address for which it has no specific route configured, it will trigger the ipppd daemon to build a connection. Use this only if you have also specified the huptimeout option of the ISDN subsystem; otherwise, you could pay a fortune to your telephone company (unless you have a flat rate).

    Since some programs try to build up Internet connections from time to time (Netscape is one of those candidates), setting this up can be dangerous for your wallet. If you use this, make sure to check the state of the connection often (as described later in this section).

  • Try tools that monitor your ISDN connection. The isdn4k-utils package contains a number of those tools, including the command-line tools imon and imontty and X-based tools.

  • Configure isdnlog to log exactly what you need, and use isdnrep to get detailed reports about the usage of your ISDN line. This works not only for calls to and from computer systems, but also for calls to other ISDN-enabled devices such as phones and fax machines. There is only one caveat: your ISDN board cannot capture outgoing phone numbers for connections being set up by other devices. Most telephone companies provide a service, though, that echoes this phone number back to you and thus lets the ISDN subsystem pick it up. This service is often available for free or for a nominal fee. Ask your telephone company.

  • For the truly adventurous: experiment with Multilink-PPP. As you know, with ISDN you have at least two lines. If you need extra-high capacity, why not use both? That’s what Multilink-PPP does. To use this, you need to turn on the Support generic MP option during kernel configuration, and read the files Documentation/isdn/README.syncppp and Documentation/isdn/syncppp.FAQ in the kernel sources for hints on how to do this. Of course, your provider has to support this, too.