rtfd/docs/public/debian/system/system.rst

.. todo::

 * /etc/motd

Choices
=======

have up-to-date mirrors available
---------------------------------

.. todo:: sync mirrors
.. todo:: check mirrors

critical base packages
----------------------

 +-----------+--------------------------------------------------+
 | locales   | to get localization binaries for system messages |
 +-----------+--------------------------------------------------+
 | apt-utils | otherwise packages configuration gets delayed    |
 +-----------+--------------------------------------------------+
 | dialog    | to have user interaction possible with APT       |
 +-----------+--------------------------------------------------+

decide the desired type of system
---------------------------------

* will the system run
  * 64 bits?
  * 32 bits?
  * both?
* will the system be run by
  * a physical machine?
  * a virtual machine?
  * a container?
  * a container inside a virtual machine?
* will the system be stored
  * read-write, as a file system on a dedicated partition?
  * read-only, as a single file loaded in RAM at boot time?

Install required tools
======================

 ============== ========================================
 debootstrap    generate a minimal base file system
 squashfs-tools archive or unarchive a file system image
 ============== ========================================

 .. code:: shell

  apt install debootstrap squashfs-tools

Create a base file hierarchy
============================

prepare the system's directory
------------------------------

* become root

.. code:: shell

 su

* make root directory

.. code:: shell

 mkdir '/squashfs-root'

generate the minimal base
-------------------------

.. code:: shell

 debootstrap \
 --arch 'amd64' \
 --variant 'minbase' \
 --include 'locales,apt-utils,dialog' \
 'bullseye' \
 '/squashfs-root' \
 'https://deb.debian.org/debian'

Configure preinstalled packages
===============================

apt
---

configuration
^^^^^^^^^^^^^

* /etc/apt/apt.conf

 Acquire::AllowInsecureRepositories False;
 Acquire::AllowWeakRepositories False;
 Acquire::AllowDowngradeToInsecureRepositories False;
 Acquire::Check-Valid-Until False;
 APT::Install-Recommends False;
 APT::Install-Suggests False;
 APT::Get::Show-Versions True;
 Dir::Etc::SourceParts "";
 Dpkg::Progress True;

preferences
^^^^^^^^^^^

* /etc/apt/preferences

.. todo:: preferences

sources
^^^^^^^

* /etc/apt/sources.list

::

 deb [arch=amd64] https://deb.debian.org/debian bullseye main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian bullseye-backports main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian bullseye-updates main contrib non-free
 deb [arch=amd64] https://deb.debian.org/debian-security bullseye-security main contrib non-free

locales
-------

define default locale
^^^^^^^^^^^^^^^^^^^^^

* /etc/default/locale

::

 LANG='en_US.UTF-8'
 LANGUAGE='en_US:en'
 LC_CTYPE='fr_FR.UTF-8'
 LC_NUMERIC='fr_FR.UTF-8'
 LC_TIME='fr_FR.UTF-8'
 LC_COLLATE='fr_FR.UTF-8'
 LC_MONETARY='fr_FR.UTF-8'
 LC_MESSAGES='en_US.UTF-8'
 LC_PAPER='fr_FR.UTF-8'
 LC_NAME='fr_FR.UTF-8'
 LC_ADDRESS='fr_FR.UTF-8'
 LC_TELEPHONE='fr_FR.UTF-8'
 LC_MEASUREMENT='fr_FR.UTF-8'
 LC_IDENTIFICATION='fr_FR.UTF-8'

define locales to generate
^^^^^^^^^^^^^^^^^^^^^^^^^^

* /etc/locale.gen

::

 en_US.UTF-8 UTF-8
 fr_FR.UTF-8 UTF-8

generate locales
^^^^^^^^^^^^^^^^

.. code:: shell

 locale-gen

[configure command shell](../bash/index.md)
-------------------------------------------

redefine hostname
-----------------

* /etc/hostname

::

 hostname

provide known file systems
--------------------------

* /etc/fstab

RAM volume for temporary files

::

 tmpfs /tmp tmpfs auto,mode=1777 0 0

Install additional packages
===========================

switch into context
-------------------

.. code:: shell

 for f in 'dev' 'dev/pts' 'proc' 'sys' ; do
     mount --bind "/${f}" "/squashfs-root/${f}"
 done
 chroot '/squashfs-root'

console-setup
-------------

define default keyboard layouts
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

* /etc/default/keyboard

::

 XKBMODEL='pc105'
 XKBLAYOUT='fr,fr'
 XKBVARIANT='oss,bepo'
 XKBOPTIONS='terminate:ctrl_alt_bksp'
 BACKSPACE='guess'

define root password
--------------------

.. code:: shell

 passwd

user, guest, sudo
-----------------

.. code:: shell

 apt-get install sudo

 useradd -s /bin/bash user
 mkdir /home/user
 chown user: /home/user
 adduser user sudo

 useradd -s /bin/bash guest
 chown guest: /home/guest

authentications: passwords, SSH keys
------------------------------------

.. todo:: files

upgrade system
--------------

* in any case :

.. code:: shell

 apt-get update
 apt-get upgrade

* if needed by backported packages :

.. code:: shell

 apt-get dist-upgrade

apply system type elements
--------------------------

================= ==================================================
systemd-sysv      sans quoi le système ne démarrera pas complètement
linux-image-amd64 s’il ne s’agit pas d’un conteneur
live-boot         si à destination de boot live
================= ==================================================

.. code:: shell

 apt-get install --target-release 'bullseye-backports' 'linux-image-amd64'

.. code:: shell

 apt-get install 'live-boot'

----

initialization settings
-----------------------

.. code:: shell

 apt-get install --target-release 'bullseye-backports' 'systemd-sysv'

* /etc/sysctl.conf

Espace mémoire maximum allouable (à augmenter si hébergement de conteneurs)  
Pourcentage de RAM disponible avant utilisation de la partition d’échange  

.. code:: ini

 vm.max_map_count=1048576
 vm.swappiness=0

install useful packages
-----------------------

.. code:: shell

 apt-get install \
 bash-completion \
 lxc \
 less nano vim \
 pciutils usbutils \
 python3 \
 squashfs-tools

.. code:: shell

 apt-get install \
 --target-release 'bullseye-backports' \
 debootstrap

install other packages
----------------------

[Choix de paquets commentés](packages.md)

.. code:: shell

 apt-get install "package1" …
 apt-get install -t stretch-backports "package1" …

properly switch back from context
---------------------------------

* empty APT's cache

.. code:: shell

 apt-get clean

* exit the environment

.. code:: shell

 exit

* untie links to host system

.. code:: shell

 for f in 'sys' 'proc' 'dev/pts' 'dev' ; do
     umount --lazy "/squashfs-root/${f}"
 done

clean up commands history
-------------------------

* root/.bash_history

Configure installed packages
============================

.. todo:: files

Archive prepared file system
============================

.. code:: shell

 mksquashfs \
 '/squashfs-root' \
 'filesystem.squashfs' \
 -noappend \
 -b '1m' \
 -comp 'zstd' \
 -Xcompression-level 22
system/h1 2018-01-14 20:08:01 +00:00			`.. todo::`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`* /etc/motd`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Choices`
			`=======`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`have up-to-date mirrors available`
			`---------------------------------`
system/md 2018-01-14 19:58:14 +00:00
debian/mirrors 2019-12-15 23:08:26 +00:00			`.. todo:: sync mirrors`
			`.. todo:: check mirrors`
system/md 2018-01-14 19:58:14 +00:00
debian/critical 2019-08-03 13:48:05 +00:00			`critical base packages`
			`----------------------`
system/md 2018-01-14 19:58:14 +00:00
debian/critical 2019-08-03 13:48:05 +00:00			`+-----------+--------------------------------------------------+`
			`\| locales \| to get localization binaries for system messages \|`
			`+-----------+--------------------------------------------------+`
			`\| apt-utils \| otherwise packages configuration gets delayed \|`
			`+-----------+--------------------------------------------------+`
			`\| dialog \| to have user interaction possible with APT \|`
			`+-----------+--------------------------------------------------+`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`decide the desired type of system`
			`---------------------------------`
system/md 2018-01-14 19:58:14 +00:00
debian/fixes 2021-12-04 17:57:21 +00:00			`* will the system run`
			`* 64 bits?`
			`* 32 bits?`
			`* both?`
			`* will the system be run by`
			`* a physical machine?`
			`* a virtual machine?`
			`* a container?`
			`* a container inside a virtual machine?`
			`* will the system be stored`
			`* read-write, as a file system on a dedicated partition?`
			`* read-only, as a single file loaded in RAM at boot time?`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Install required tools`
			`======================`
system/md 2018-01-14 19:58:14 +00:00
tools 2019-08-03 14:05:49 +00:00			`============== ========================================`
			`debootstrap generate a minimal base file system`
			`squashfs-tools archive or unarchive a file system image`
			`============== ========================================`
system/md 2018-01-14 19:58:14 +00:00
tools 2019-08-03 14:05:49 +00:00			`.. code:: shell`
deb/rst 2018-05-10 10:54:35 +00:00
tools 2019-08-03 14:05:49 +00:00			`apt install debootstrap squashfs-tools`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Create a base file hierarchy`
			`============================`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`prepare the system's directory`
			`------------------------------`
system/md 2018-01-14 19:58:14 +00:00
debian/translate 2019-12-15 10:52:11 +00:00			`* become root`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`su`

apt,fixes 2021-12-05 10:10:33 +00:00			`* make root directory`

deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`mkdir '/squashfs-root'`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`generate the minimal base`
			`-------------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`debootstrap \`
debian/fixes 2021-12-04 17:57:21 +00:00			`--arch 'amd64' \`
			`--variant 'minbase' \`
			`--include 'locales,apt-utils,dialog' \`
			`'bullseye' \`
			`'/squashfs-root' \`
			`'https://deb.debian.org/debian'`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Configure preinstalled packages`
			`===============================`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`apt`
			`---`

			`configuration`
			`^^^^^^^^^^^^^`

			`* /etc/apt/apt.conf`

			`Acquire::AllowInsecureRepositories False;`
			`Acquire::AllowWeakRepositories False;`
			`Acquire::AllowDowngradeToInsecureRepositories False;`
			`Acquire::Check-Valid-Until False;`
			`APT::Install-Recommends False;`
			`APT::Install-Suggests False;`
			`APT::Get::Show-Versions True;`
			`Dir::Etc::SourceParts "";`
			`Dpkg::Progress True;`

			`preferences`
			`^^^^^^^^^^^`

			`* /etc/apt/preferences`

			`.. todo:: preferences`

			`sources`
			`^^^^^^^`

			`* /etc/apt/sources.list`

			`::`

			`deb [arch=amd64] https://deb.debian.org/debian bullseye main contrib non-free`
			`deb [arch=amd64] https://deb.debian.org/debian bullseye-backports main contrib non-free`
			`deb [arch=amd64] https://deb.debian.org/debian bullseye-updates main contrib non-free`
			`deb [arch=amd64] https://deb.debian.org/debian-security bullseye-security main contrib non-free`

locales,console-setup 2021-12-04 18:45:38 +00:00			`locales`
			`-------`

debian/fixes 2021-12-04 17:57:21 +00:00			`define default locale`
locales,console-setup 2021-12-04 18:45:38 +00:00			`^^^^^^^^^^^^^^^^^^^^^`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* /etc/default/locale`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`::`

debian/fixes 2021-12-04 17:57:21 +00:00			`LANG='en_US.UTF-8'`
			`LANGUAGE='en_US:en'`
			`LC_CTYPE='fr_FR.UTF-8'`
			`LC_NUMERIC='fr_FR.UTF-8'`
			`LC_TIME='fr_FR.UTF-8'`
			`LC_COLLATE='fr_FR.UTF-8'`
			`LC_MONETARY='fr_FR.UTF-8'`
			`LC_MESSAGES='en_US.UTF-8'`
			`LC_PAPER='fr_FR.UTF-8'`
			`LC_NAME='fr_FR.UTF-8'`
			`LC_ADDRESS='fr_FR.UTF-8'`
			`LC_TELEPHONE='fr_FR.UTF-8'`
			`LC_MEASUREMENT='fr_FR.UTF-8'`
			`LC_IDENTIFICATION='fr_FR.UTF-8'`

			`define locales to generate`
locales,console-setup 2021-12-04 18:45:38 +00:00			`^^^^^^^^^^^^^^^^^^^^^^^^^^`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* /etc/locale.gen`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`::`

			`en_US.UTF-8 UTF-8`
			`fr_FR.UTF-8 UTF-8`
system/md 2018-01-14 19:58:14 +00:00
debian/fixes 2021-12-04 17:57:21 +00:00			`generate locales`
locales,console-setup 2021-12-04 18:45:38 +00:00			`^^^^^^^^^^^^^^^^`
debian/fixes 2021-12-04 17:57:21 +00:00
			`.. code:: shell`

			`locale-gen`

system/h2 2018-01-14 22:08:42 +00:00			`[configure command shell](../bash/index.md)`
			`-------------------------------------------`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`redefine hostname`
			`-----------------`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* /etc/hostname`

			`::`
deb/rst 2018-05-10 10:54:35 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`hostname`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`provide known file systems`
			`--------------------------`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* /etc/fstab`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`RAM volume for temporary files`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`::`

			`tmpfs /tmp tmpfs auto,mode=1777 0 0`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Install additional packages`
			`===========================`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`switch into context`
			`-------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`for f in 'dev' 'dev/pts' 'proc' 'sys' ; do`
			`mount --bind "/${f}" "/squashfs-root/${f}"`
			`done`
			`chroot '/squashfs-root'`
deb/rst 2018-05-10 10:54:35 +00:00
locales,console-setup 2021-12-04 18:45:38 +00:00			`console-setup`
			`-------------`

			`define default keyboard layouts`
			`^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^`

			`* /etc/default/keyboard`

			`::`

			`XKBMODEL='pc105'`
			`XKBLAYOUT='fr,fr'`
			`XKBVARIANT='oss,bepo'`
			`XKBOPTIONS='terminate:ctrl_alt_bksp'`
			`BACKSPACE='guess'`

system/h2 2018-01-14 22:08:42 +00:00			`define root password`
			`--------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`passwd`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`user, guest, sudo`
			`-----------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get install sudo`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`useradd -s /bin/bash user`
			`mkdir /home/user`
			`chown user: /home/user`
			`adduser user sudo`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`useradd -s /bin/bash guest`
			`chown guest: /home/guest`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`authentications: passwords, SSH keys`
			`------------------------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. todo:: files`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`upgrade system`
			`--------------`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* in any case :`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get update`
			`apt-get upgrade`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* if needed by backported packages :`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get dist-upgrade`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`apply system type elements`
			`--------------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`================= ==================================================`
apt,fixes 2021-12-05 10:10:33 +00:00			`systemd-sysv sans quoi le système ne démarrera pas complètement`
deb/rst 2018-05-10 10:54:35 +00:00			`linux-image-amd64 s’il ne s’agit pas d’un conteneur`
			`live-boot si à destination de boot live`
			`================= ==================================================`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

apt,fixes 2021-12-05 10:10:33 +00:00			`apt-get install --target-release 'bullseye-backports' 'linux-image-amd64'`

			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`apt-get install 'live-boot'`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`----`

			`initialization settings`
			`-----------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

apt,fixes 2021-12-05 10:10:33 +00:00			`apt-get install --target-release 'bullseye-backports' 'systemd-sysv'`
system/md 2018-01-14 19:58:14 +00:00
apt,fixes 2021-12-05 10:10:33 +00:00			`* /etc/sysctl.conf`
system/md 2018-01-14 19:58:14 +00:00
			`Espace mémoire maximum allouable (à augmenter si hébergement de conteneurs)`
			`Pourcentage de RAM disponible avant utilisation de la partition d’échange`

deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: ini`

			`vm.max_map_count=1048576`
			`vm.swappiness=0`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`install useful packages`
			`-----------------------`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get install \`
			`bash-completion \`
			`lxc \`
			`less nano vim \`
			`pciutils usbutils \`
			`python3 \`
debian/fixes 2021-12-04 17:57:21 +00:00			`squashfs-tools`
deb/rst 2018-05-10 10:54:35 +00:00
			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`apt-get install \`
			`--target-release 'bullseye-backports' \`
			`debootstrap`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`install other packages`
			`----------------------`
system/md 2018-01-14 19:58:14 +00:00
			`[Choix de paquets commentés](packages.md)`

deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get install "package1" …`
			`apt-get install -t stretch-backports "package1" …`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`properly switch back from context`
			`---------------------------------`
system/md 2018-01-14 19:58:14 +00:00
debian/fixes 2021-12-04 17:57:21 +00:00			`* empty APT's cache`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`apt-get clean`
system/md 2018-01-14 19:58:14 +00:00
debian/fixes 2021-12-04 17:57:21 +00:00			`* exit the environment`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

			`exit`
system/md 2018-01-14 19:58:14 +00:00
debian/fixes 2021-12-04 17:57:21 +00:00			`* untie links to host system`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`for f in 'sys' 'proc' 'dev/pts' 'dev' ; do`
			`umount --lazy "/squashfs-root/${f}"`
			`done`
system/md 2018-01-14 19:58:14 +00:00
system/h2 2018-01-14 22:08:42 +00:00			`clean up commands history`
			`-------------------------`
system/md 2018-01-14 19:58:14 +00:00
			`* root/.bash_history`

system/h1 2018-01-14 20:08:01 +00:00			`Configure installed packages`
			`============================`
system/md 2018-01-14 19:58:14 +00:00
deb/rst 2018-05-10 10:54:35 +00:00			`.. todo:: files`
system/md 2018-01-14 19:58:14 +00:00
system/h1 2018-01-14 20:08:01 +00:00			`Archive prepared file system`
			`============================`

			`.. code:: shell`

debian/fixes 2021-12-04 17:57:21 +00:00			`mksquashfs \`
			`'/squashfs-root' \`
			`'filesystem.squashfs' \`
debian/mksfs/noappend 2021-12-04 17:58:47 +00:00			`-noappend \`
debian/fixes 2021-12-04 17:57:21 +00:00			`-b '1m' \`
			`-comp 'zstd' \`
			`-Xcompression-level 22`