Linux Tutorial

Here’s a quick guide to using a Linux server for sharing files over a local network with Windows clients. The guide refers to a server system with Ubuntu Linux 7.10 desktop version, then with a graphical interface.

Linux is fully compatible with the mechanism of sharing files and printers in Windows. To function as a file server for Windows clients using a module called Samba, a name which incorporates the initials of the SMB (Server Message Block) developed by Microsoft. The first thing to do to create a Linux file server, then, is just install the two modules with samba and smbfs apt-get or Synaptic (sudo apt-get install samba smbfs).

Immediately after you have to define which users can connect to Samba and set their access permissions. Users must be defined in Samba necessarily associated with users defined on your Linux system, even though they may have different user names and passwords. For example, if the user exists in Ubuntu filippo (password = foo), you can create a Samba user with the same credentials or with different credentials, as filippo_stampa (password = bar). Once created the association, the user will inherit the permissions of the Samba in Ubuntu defined.

Start by adding the user (or users) are defined on the server to the Samba user with the command sudo smbpasswd-a userserver and set the password you will use to authenticate Samba. Then define the association between the user and the Ubuntu Samba: run the command sudo gedit /etc/samba/smbusers, will open the gedit text editor with a blank file (unless you’ve already done previously the procedure). Now enter the following line:

user_ubuntu = "user_samba"

that defines the association between the two user names (do not forget the quotes to the Samba user). Save the file and exit Gedit. Here we tell Samba to use people who have called for authentication on the network. Before you edit the configuration file of Samba to make it a gauge safety backup with the command sudo cp /etc/samba/smb.conf/etc/ samba/smb.conf.backup. Then open the file with sudo gedit /etc/samba/smb.conf and find the following line:

; security = user

Change it this way:

security = user
username map = /etc/samba/smbusers

Remember to remove the comma before the word security. At the end you must restart Samba to make the settings take effect. To do this use the command sudo /etc/init.d/samba restart.

Once the configuration you can define folders to be shared using the Gnome graphical interface, and particularly the Shared Folders dialog box, which is located in System/Administration/Shared Folders. Remember to be folders for which users have permission to read and write.

We recommend that you create, for each user, a network folder inside his home, something like /home/user_ubuntu/shared. To share a folder with multiple users can use the following commands to create and set the appropriate permissions:

sudo mkdir /home/group
sudo chmod 777 /home/group

Remember also, in the configuration panel of the shared folders, to remove the Read Only check the item to grant write permissions on that folder.

When finished, verify the proper functioning of sharing: open a Windows computer in a Windows Explorer window and type in the address bar, the string “\\192.168.0.200” where 192.168.0.200 is the IP address of your server (you of course replace the address with the address of your server). If you have not already done so, you should configure the server with a fixed or reserved IP address within your subnet.

If you typed the address correctly, Windows will ask for credentials for the connection (in this case are the credentials defined in the list of users of Samba, which as said may be different from those of the users of Ubuntu) and then will show shared folders. If something does not work, check all the steps you have done and try to restart Samba with the command mentioned earlier.

This article explains how to get consistent installation of a Linux-based Samba file server, to shares the administer through access to users who belong to groups of systems, managed in a recognizable form.

Users, although in effect part of the system, will permit access only via the CIFS protocol, managed by Microsoft Windows machines.

Installing SAMBA

The procedure refers to the Ubuntu Server operating system 10.4, and the last stable release available in it for the free software project Samba, version 3.4.7.

The installation for Ubuntu and Debian systems, can be carried out as usual:

apt-get install samba

while in systems using rpm and yum command will instead be:

yum install samba

Before any step is to save the original Samba configuration file:

cd /etc/samba
mv smb.conf smb.conf.org

in the article from a completely empty file, to point out how you can set a few parameters to be operational in the shortest possible time.

SAMBA (global settings)

The configurations are described are designed to ensure that the person with whom you are working within the system is “root“. Through your favorite editor, you can create a new smb.conf file:

sudo su -
vi /etc/samba/smb.conf

Within which must be set the following parameters:

[global]
   security = user
   workgroup = NETWORK.LOCAL
   server string = %h server (Samba, Ubuntu) 
 
   wins support = yes 
   dns proxy = no 
 
   log file = /var/log/samba/log.%m 
   max log size = 1000 
   syslog = 0 
 
   encrypt passwords = true 
   passdb backend = tdbsam
 
   directory mask = 2770 
   create mask = 0660

Configurations indicate that the server is standalone (security = user), ie not connected to centralized authentication systems. The server is part of the working group “NETWORK.LOCAL” (workgroup option, which will be modified to reflect your network settings for Microsoft Windows) and will function as a WINS server (wins support = yes) to handle name resolution Microsoft Windows to the network, but not control, however, the names doing dns queries on the server system (dns proxy = no).

The system will record a log for each machine that will connect (log file = /var/log/samba/log.%m), the log can not exceed one megabyte in size (max log size = 1000). Furthermore, no information will be recorded in the file /var/log/syslog (syslog = 0), the log file on the system generally. All information relating to the execution of the daemon will be available in the file /var/log/samba/log.smbd.

The authentication system encrypts the password (encrypt passwords) and use the backend tdbsam (passdb backend option), or the local database.

The last two options listed define the mask through which will create the directory (directory mask = 2770) and files (create mask = 0660). The directory will then be created with permissions to read, write and execute for the owner and group, while all others will be inaccessible. The files will be created with the same permissions except execution.

Additional details of how to create folders is to have the setgid bit (http://it.wikipedia.org/wiki/Setuid_e_setgid) which requires the group membership of the parent folder for all files and folders created in his inside. This means that anyone who belongs to the parent folder of the group can create files and folders inside it, these files and folders belong to the group’s parent folder. In this way the access permissions for specific groups defined folders govern all access.

Configure a group

Each access group will be appointed as follows:

groupadd samba_rwx_Amministrazione

The criterion by which the groups are created and named can be obtained by dividing the name by the characters “_” (underscore), where “samba” indicates that the group is inherent in the samba service, “rwx” indicates the type of access that can be precisely “rwx” (read and write permissions) or “rx” (read), and “Directors” means the share name that refers to the group.

Adding a consumer

Each user created in the system which will be referred to the service samba, samba will have as primary group, with the ID “999″, created with the following command:

groupadd -g 999 samba

In this way, the separation of the areas will be operating as well as configured in the system, also clearly visible.

To add a consumer system, the steps are therefore as follows:

Run the command:

    useradd -g samba -s /bin/false -d "Utente di test" user1
    

Where user1 is the name by which the user will have access to the shares. User1 is assigned to the primary group “samba” (samba-g), a login shell so that nothing can never log into the system (-s/bin/false) and a brief description of users (-d usually first and last name, or indicative of a function performed).
The user created is then added to the local database SAMBA through this command:

    smbpasswd -a user1
    

indicating the chosen password twice, which can also be omitted in case you decide (it is always advisable to insert a).

The user is then added to one of the groups available. Add users to the group is possible with the following command:

    adduser user1 samba_rwx_Amministrazione

To control which users belong to the group by typing the following command:

cat /etc/group | grep "samba_rwx_Amministrazione"
samba_rwx_Amministrazione:user1,user2,user3

While a single user to control which groups it belongs, but the command would be:

# groups user1
user1 : samba samba_rwx_Amministrazione

Adding a Share

Each share refers to a local path, in the case described is created a folder / share:

mkdir /share

below which all shared folders are created:

# mkdir /share/Amministrazione
# chgrp samba_rwx_Amministrazione /share/Amministrazione
# chmod 2770 /share/Amministrazione

These operations will be performed for each new share is created and can be summarized as follows:

Actual creation of the folder;
Assignment to the folder created group;
Setting the setgid permission (see above) use the newly created folder;

The shares will be defined in the configuration file smb.conf in line with global statements in a format similar to the following:

[Amministrazione] 
comment = Amministrazione 
read only = no 
write list = @samba_rwx_Amministrazione
read list = 
path = /share/Amministrazione

The code shown here defines a share called “Administration” to which access can write to the directory “/share/Administration” only users belonging to the group “samba_rwx_Amministrazione“.

Therefore, to add a share will be sufficient to execute the creation and allocation of permits as described above and insert the file /etc/samba/smb.conf a statement following the pattern shown:

[]
comment = 
read list = @ 
path = 
If access is decided only in read-only or write, you can omit the lines for (read list and write list) by the statement.
Activation of the configurations
To apply the new configurations, the service needs to be recharged SAMBA:
service smbd reload
From now on you can use any Microsoft Windows machine to test the actual success of the configurations set.
Notes
As described to configure Samba so that it can interact with Microsoft Windows client or server as if it were a Microsoft file and print server.
 And 'possible to change the configuration so that it acts as a Samba Primary Domain Controller (PDC), Backup Domain Controller or take part in an Active Directory domain.
Then waiting to test the wonders of the announced Samba 4, which will face an internal motor to match the efficiency and capabilities of Microsoft Active Directory, it is clear that it is already possible to lay SAMBA production areas of various kinds, with success, and without licensing costs.

Let’s get back on ssh, I think this is maybe the third or the fourth article of ssh, one of my favorite tools on a Linux server, and that many times is not used or configured properly.

In this small guide will show you some configuration to make your ssh server a little ‘more secure from the most common attacks.

In particular I will show you the configurations for the server ssh openssh which is more common and used in all Linux distributions, but as a small suggestion, if you are using a VPS and want to save some ‘memory dropbear look also, is a viable alternative to openssh and saves some space in your RAM.

For Debian and Ubuntu (but also for other distributions) is the configuration file in /etc/ssh/sshd_config and end of all the changes you must restart the ssh daemon.

1 – Disable root access

I always thought that the direct connection to the root account is a bad habit, because

• Forwards already know the user name, so they just find out the password
• If your account has violated all your machine is FUBAR
• If more than 1 person administering the car is better to use sudo to keep track of who does things.

So, to disable the direct connection of root to set this option:

PermitRootLogin no

2 – Enable only certain users or groups

Probably the car only a few users need access via ssh, if you can just use the directive:

AllowUsers username

This option may be followed by a list of user names, separated by spaces. If specified, access is allowed only for user names that match one of the names mentioned. * and ? " Can be used as wildcards in names. or if you want to manage access through a group you can use another option:

AllowGroups groups

As above, this option may be followed by a list of group names, separated by spaces. If specified, access is allowed only to users whose primary group or secondary group corresponds to one of the names. “*” And “?” Can be used as wildcards in names.

2 These guidelines are very useful because we do not need to worry about the products and during the installation to create a new account, perhaps with a weak password.

3 – Change the standard port

Another safety rule is to change the default port, ie 22, since most of the automated tools perform attacks Brute Force or Dictionary Attacks precisely on this port.

It ‘best to use a port above 1024, because the tools used to scan the first 1024 ports, say for example 2222.

Directive and change it then we put instead of 22 2222:

Port 2222

Now to connect to tuoserver.com with your ssh client you must specify the port, this is easily done by adding the-p option to the client openssh:

ssh-p 2222 yourserver.com

Conclusions

And that’s all, as you can see these are really 3 simple steps, but will make the server more secure against common attacks.

Upgrading cvs.gentoo.org

Introduction

In the first article on LVM, I explained the concepts behind LVM. Now is the time to put into action what we saw on LVM. In this article, we will set up LVM on the official Gentoo Linux cvs server, cvs.gentoo.org. Although cvs.gentoo.org has only one hard drive, the flexibility of LVM also an incredible improvement over classical techniques of static partitioning. Will show all the steps of the process of converting to LVM, so that those interested can make a similar transition on one of their machines.

Note: As the implementing LVM is a big change for the system (which involves the creation of new partitions and other potentially hazardous actions) may be a good idea to perform a full system backup before starting the journey. If you do not intend to make a backup, the author hopes that the car used in the experiments is intended and does not contain important data. It is important to note that the author has never encountered any problems in the transition to LVM, but it is always better to be prepared in case something goes wrong.

Without the necessary prerequisites, you can proceed. Before starting the conversion process, was made an update to cvs.gentoo.org were used so that the following packages. The moment has been made the transition to LVM, these were the latest versions available (see Resources later in this article):

• Linux kernel 2.4.1-ac19
• LVM 0.9.1_beta5
• reiserfs-utils 3.6.25

To start, the hard drive. cvs.gentoo.org has a good hard drive new IBM 45 GB in it, however, when it was installed Gentoo Linux on cvs, were partitioned only about 10 gigabytes of hard disk, leaving the remaining 35 GB for future partitions. These are some little tricks that the user needs when not using LVM: left parts of the disk is not partitioned is a rough but effective way to allow for future expansions. However, LVM, there is a better approach.

The space problem

In the past few weeks, it was noted that the root ReiserFS partition had become slowly filling up, as you can see from this printed df:

Code 1.1: Free space running out

Filesystem           1k-blocks      Used Available Use% Mounted on
/dev/hda3              9765200   6989312   2775888  72% /
tmpfs                   269052         0    269052   0% /dev/shm

In fact, a root partition filled to 72% is not exactly a crisis, but not a great situation. ReiserFS, like many other file systems, performance degrades gradually fills it, and it was only a matter of time, before the root filesystem was completely full, and his performance would suffer a meltdown.

It was therefore decided to remedy the problem by using LVM to create a new logical volume out of the 35 GB of unpartitioned space that is currently at the end of the hard drive. Thus was created a filesystem on this volume and have been moved a good part of the contents of /dev/hda3 on it.

If the reader is going to make a similar transition on one of their machines, the first thing they need is to find a part of your root filesystem suitable to move a logical volume. For the author, the choice was easy: the tree under /home occupied about 5.7 GB. Moving /home/home, the root filesystem should probably be roughly around 20% of its capacity, a situation very promising.

The beginning of a solution

To begin the conversion, was added to the first partition the unused space at the end of the disk drive. Using cfdisk, you created a 35 GB partition (/dev/hda5) and set the type of that partition to 8E (the type for the official LVM). After this change, the partition table was as follows:

Code Listing 1.2: The new partition table

# sfdisk -l
Disk /dev/hda: 89355 cylinders, 16 heads, 63 sectors/track
Units = cylinders of 516096 bytes, blocks of 1024 bytes, counting from 0
   Device Boot Start     End   #cyls   #blocks   Id  System
/dev/hda1   *      0+    247     248-   124960+  83  Linux
/dev/hda2        248     743     496    249984   82  Linux swap
/dev/hda3        744   20119   19376   9765504   83  Linux
/dev/hda4      20120   89354   69235  34894440    5  Extended
/dev/hda5      20120+  89354   69235- 34894408+  8e  Linux LVM

From the time that there was an empty partition of 35 GB, it was possible to proceed with its initialization for use with LVM. The steps are: first, initialization of the 35 gigabytes as a physical volume, thus creating a volume group using the above-mentioned physical volume, and finally, allocation of some entity in the volume group, thus going to create a logical volume that should contain the new file system and host all the files located at /home.

To begin the process, we used the pvcreate command to initialize /dev/hda5 as a physical volume:

Code Listing 1.3: Creating the physical volume

# pvcreate /dev/hda5
pvcreate -- physical volume "/dev/hda5" successfully created

pvcreate in this case sets up a special area of ​​”management” on /dev/hda5, called VGDA (volume group descriptor area). LVM uses this to keep track of how physical entities are allocated, among other things.

The next step is to create the volume group and add /dev/hda5 to this group. The volume group should function as a pool of entities (parts of blocks of memory). Once you create the volume group, logical volumes can be created many as you want. In this case, it was decided that the volume group should be called “main”:

Code Listing 1.4: Creating the volume group

# vgcreate main /dev/hda5
vgcreate -- INFO: using default physical extent size 4 MB
vgcreate -- INFO: maximum logical volume size is 255.99 Gigabyte
vgcreate -- doing automatic backup of volume group "main"
vgcreate -- volume group "main" successfully created and activated

The vgcreate command does a couple of things. In addition to creating the volume group “main”, also imposes a /dev/hda5 entities to use 4 MB, the default size for the entities. This means that each logical volume that will be created by the specific volume group can be expanded and reduced by increments of 4 MB.

Because of the limitations of the kernel, the size of the entity determines the maximum size that a logical volume can take. As you can see from the above example, a size of 4 MB per entity imposes a restriction on the logical volume size of 256 gigabytes, which is a logical volume size to be easily reached if you add components to its high-capacity group volume. If there is a possibility that the volumes end up by becoming larger than 256 GB apiece, it is advisable to specify a larger size for use at the time of vgcreate. The size of the entity may vary freely between 8 MB and 512 MB, and must always be a multiple of two. Increasing the size of the entities above the 4 MB, the maximum size for physical volumes will be scaled accordingly, up to a maximum of 1 petabyte (even when the current limit in the real world is equal to 2 terabytes on x86 systems). For example, to create a volume group with a magnitude equal to 32 megabytes in size, must be typed:

Code Listing 1.5: Setting a larger scale for

# vgcreate -s 32M main /dev/hda5

32 MB is a good size for size, since a granularity of 32 MB is still manageable and brings the maximum size for logical volume to 2 terabytes startup. Once the volume group is created, you can view the information by typing vgdisplay:

Code Listing 1.6: Review the information volume

# vgdisplay
--- Volume group ---
VG Name               main
VG Access             read/write
VG Status             available/resizable
VG #                  0
MAX LV                256
Cur LV                0
Open LV               0
MAX LV Size           255.99 GB
Max PV                256
Cur PV                1
Act PV                1
VG Size               33.28 GB
PE Size               4 MB
Total PE              8519
Alloc PE / Size       0 / 0
Free  PE / Size       8519 / 33.28 GB
VG UUID               2qC2H2-iA8s-qW6F-cwXx-JVIh-I6VC-VVCGmn

Now that the volume group is ready, you can create a logical volume. In the specific case was initially decided to make it equal to 8 gigabytes in size and call it “lv_home”

Code Listing 1.7: Creating the logical volume

# lvcreate -L8G -nlv_home main
lvcreate -- doing automatic backup of "main"
lvcreate -- logical volume "/dev/main/lv_home" successfully created

So, you created a filesystem on the volume:

Code Listing 1.8: Creating the filesystem

# mkreiserfs /dev/main/lv_home

   Block size 4096 bytes
   Block count 2097152
   Used blocks 8275
           Journal - 8192 blocks (18-8209), journal header is in block 8210
           Bitmaps: 17, 32768, 65536, 98304, 131072, 163840,
           196608, 229376, 262144, 294912, 327680, 360448,
           393216, 425984, 458752, 491520, 524288, 557056,
           589824, 622592, 655360, 688128, 720896, 753664,
           786432, 819200, 851968, 884736, 917504, 950272,
           983040, 1015808, 1048576, 1081344, 1114112,
           1146880, 1179648, 1212416, 1245184, 1277952,
           1310720, 1343488, 1376256, 1409024, 1441792,
           1474560, 1507328, 1540096, 1572864, 1605632,
           1638400, 1671168, 1703936, 1736704, 1769472,
           1802240, 1835008, 1867776, 1900544, 1933312,
           1966080, 1998848, 2031616, 2064384
   Root block 8211
Hash function "r5"
ATTENTION: ALL DATA WILL BE LOST ON '/dev/main/lv_home'! (y/n)y
journal size 8192 (from 18)
Initializing journal - 0%....20%....40%....60%....80%....100%
Syncing..done.

Once you create the filesystem can be mounted on /mnt/newhome:

Code Listing 1.9: Mount the new volume

# mkdir /mnt/newhome
# mount /dev/main/lv_home /mnt/newhome
# df
Filesystem           1k-blocks      Used Available Use% Mounted on
/dev/hda3              9765200   6989840   2775360  72% /
tmpfs                   291388         0    291388   0% /dev/shm
/dev/main/lv_home      8388348     32840   8355508   1% /mnt/newhome

How was it possible to see before, everything is almost ready to copy over all data to /home. Before you begin, it is better to go to runlevel 1 to ensure that no user or process wants to access or modify files in /home as they are copied:

Code Listing 1.10: Switch to runlevel 1

# init 1

At this point, it begins copying files:

Code Listing 1.11: Copying files to new folder

# cp -avx /home/* /mnt/newhome

In such case, the copy was completed in about ten minutes. So, was made a backup copy of the original folder /home/home.old, in case something went wrong while copying. It was then created a new mount point, and remounted the new home on /home:

Code Listing 1.12: The new mount point

# cd /
# mv home home.old
# mkdir home
# umount /mnt/newhome
# mount /dev/main/lv_home /home

Now, it’s time to fine-tune the server so that the new /home partition will be available whenever the machine is started. First of all, must be modified /etc/fstab to include the /home:

Code Listing 1.13: Editing fstab

#fs                 mountpoint       type         opts          dump/pass
/dev/hda3           /                reiserfs     defaults      1 1
/dev/main/lv_home   /home            reiserfs     defaults      2 2
/dev/hda2           none             swap         sw            0 0
/dev/hda1           /boot            reiserfs     noauto        0 0
/dev/cdrom          /mnt/cdrom       iso9660      noauto,ro     0 0
proc                /proc            proc         defaults      0 0
none                /dev/pts         devpts       mode=620      0 0
tmpfs               /dev/shm         tmpfs        defaults      0 0

Then, go make minor changes to the initialization scripts. This is achieved by modifying the boot script “checkroot” so the following command can be executed immediately after the root partition was remounted read /write:

Code Listing 1.14: Editing the Startup Script

/sbin/vgscan
/sbin/vgchange -a y

Still, the script must be modified to unmount filesystems at shutdown is called, so the following command can be executed immediately after all filesystems have been removed:

Code Listing 1.15: Edit the script shutdown

/sbin/vgchange -a n

Once you complete these steps, just reboot the machine, and note with pleasure that everything works perfectly. After a day or more without any problem, can be canceled /home.old to free up some ‘space on the root filesystem. The transition to LVM is successful.

The beauty of LVM

While the transition to LVM you can not define trivial, once the transition is complete, managing filesystems becomes tremendously easier. For example, the author decided to resize your logical volume on /home, adding about 2 gigabytes of additional space at the end of the file system. First, additional capacity has added to its logical volume “lv_home“, and then used the program resize_reiserfs to expand the filesystem so that he could use this additional capacity. Here are two commands that allow this:

Code 1.16: Use additional space

# lvextend -L+2G /dev/main/lv_home
# resize_reiserfs -f /dev/main/lv_home

In about a second, the filesystem on /home has been expanded to 2 GB, surprisingly, there was no need to reboot, go to runlevel 1, or even unmount /home to resize. Everything continued to work as he had done before. How cool is that? Following is the current state of the filesystem, after the operation:

Code 1.17: space on the filesystem

# df
Filesystem           1k-blocks      Used Available Use% Mounted on
/dev/hda3              9765200   1413340   8351860  15% /
/dev/main/lv_home     10485436   5609836   4875600  54% /home

You can find out how LVM can actually make the job of an administrator much easier. In the future, there is the hope of being able to move additional parts of the root filesystem on LVM, and eventually convert the root file system within a logical volume on LVM.

A little ‘are coming to me once all components of the new server. Now only lacks a hard drive and then I can install the operating system (Debian GNU / Linux). On this occasion also arranged for a piece of my workstation since I added the last album, last year, I never had the opportunity to configure the best partitions.

The CPU I chose for the server supports Intel® VT and this is making me look into the option to virtualize some service.

This server will have to perform several tasks:

• IMAP Mail Server
• Web server for development
• Backup servers

Dovecot: IMAP mail server with Debian

To manage electronic correspondence will continue to rely on Dovecot. This is an open source IMAP and POP3 servers by high standards of security, very fast and fully compliant IMAP (source), in contrast to many other IMAP servers such as Courier-IMAP and Cyrus (both open source) or Zimbra, Gmail or MS Exchange that are not completely standard and does not fully meet my needs.

Dovecot, finally, in addition to the excellent technical features is also easy to configure.

How to install and configure Dovecot with Debian

The installation is very fast, as most of the software on Debian. Just the classic:

apt-get install dovecot-imapd

to have the program installed on your system (less than ten megabytes if I remember correctly).

The next step is to configure the IMAP server by changing a few lines in the configuration file /etc/dovecot/dovecot.conf to specify the protocol that you want to use and the path to, in my case:

protocols = imap imaps

and

mail_location = maildir:~/Maildir

At this point, if you do not need special configurations, the IMAP server will be configured.

How do I send and receive mail with Debian server?

However there are two more pieces to complete the setup of email on the server: we also need an MTA (mail transfer agent) and a service to retrieve email from various accounts I have.

I chose Postfix as MTA for many years: it is a stable, secure and efficient. The configuration in the case of a small server is pretty straightforward, although at first glance it might seem otherwise.

To download the emails using fetchmail instead (along with SpamAssassin). Here too a classic and functional solution.

Web server with Debian development

The server, in addition to managing email, also serves to build web applications, to implement and test the products without having to install software “server” on the workstation and, especially, not to be bound to a single machine for development.

Apache and MySQL are therefore the logical choice for this type of activity.

The process of installing and configuring Apache and MySQL on Debian is very easy. With apt-get the packages are installed in minutes and very few are enough to set up operations: MySQL is configured via a wizard during installation and Apache only needs some things in the configuration files.

Backup servers, Debian and Rsync.

The third and last task of the server is to make copies of data storage, document and archive projects. As far as the backups are very demanding and, thanks to the new server, the data will be even more secure thanks to an additional backup made with a small RAID.

The disks in the RAID will be used to back up the backup, although I consider the current backup of RAID as a backup system ...

To make backups using rsync. Although I chose this software because it combines ease of use with high performance. Rsync the data through the workstation and server are periodically copied to disks dedicated to backups.

Virtualize or not to virtualize?

With the new server I would get a more reliable and safer than the old one, which however is still doing its job nicely. Virtualize some services could be very useful to separate the functions related to the development of mail handling.

The host system may look to make backups and allow the execution of the two guest systems, the mail server and web server for personal development. Before making the final setup I will still make a little ‘test to monitor the performance of this configuration.