[Techtalk] How do I build a Linux Blackbox?

Wed Jul 30 13:08:39 EST 2003

On 30 Jul 2003, Elizabeth Barham wrote:

>    I did something similar in that my firwall is a 486 with a 120 MB
> hard disk drive. Essentially, I used debian and installed a minimum
> set of utilities (no gcc, etc); just don't use 'tasksel' which is sort
> of an easy install frontend, use dselect.

Telling someone to use dselect sounds to me like a good way to put them
off debian for life.

I have rarely come across a worse user interface.

Just go through tasksel, and select nothing else to install, or if you
wish just select a few basics.

Once you're at the command prompt on a basic install then you can set to
work using apt to install things

>    The install application, apt-get, works very well

apt-get is just a single thing.

apt as a whole is a set of utilities that provides a front end to dpkg,
the commands you will use most often are called apt-get and apt-cache.

You can set up a series of "sources" to obtain packages from in
/etc/apt/sources.list, you can find a list of mirrors to use for this on
www.debian.org.

To make sure that you have the latest package lists, use "apt-get update"

To look for a particular package, use "apt-cache search $thing"

To find more details about a particular package, use "apt-cache show
$thing", for more technical details substitute "showpkg" for "show"

Once you've selected a package to install. use "apt-get install $package"
To remove an installed package, use "apt-get remove $package"

By and large apt is smart enough to stop you from doing anything that
would completely screw up your machine :)

There are many many more commands, either ask about them or read the
friendly manual :)

> and its possible to check for new versions of iptables or any other
> package on the system. When it finds a newer version, it simply
> downloads it and installs it.

It is possible to bring all the installed packages up to date with a
simple "apt-get update" followed by "apt-get upgrade" (I usually use the
-u option for this command).  Sometimes you may wish to use "apt-get
dist-upgrade" instead of "apt-get upgrade".  A dist-upgrade will allow apt
to be more intelligent about handling conflicts caused by changing
dependencies.  It will remove less important packages that conflict with
others to get the most complete upgrade of the most important packages.  
This is most useful when upgrading between releases, eg from potato to
woody.

>    One thing I did do was delete most of the documentation, such as
> the man pages and files in /usr/share/doc, which freed up a lot of
> space.

Should you do this, for some reason, you can put back missing files with
"apt-get install --reinstall $package".

You can obtain a list of installed packages with "dpkg -l" and you can
search for which package contains a particular file with "dpkg -S
$filename".

One last thing you should be aware of is that debian keeps a cache of the
packages it downloads in /var/cache/apt/archives/ .  This can get very big
:)

You can remove all packages from it in one go with "apt-get clean", or you
can remove all packages that are no longer installed with "apt-get
autoclean", this is particularly useful for removing old packages that
have been upgraded for example.

I've barely skimmed the surface with this, but it should be good enough to
tide things over, and remember to read the friendly manuals :)

Ask if you get stuck :)

Maria