7.2. Debian Post-Boot (Base) Configuration

After booting, you will be prompted to complete the configuration of your basic system, and then to select what additional packages you wish to install. The application which guides you through this process is called base-config. Its concept is very similar to the debian-installer from the first stage. Indeed, base-config consists of a number of specialized components, where each component handles one configuration task, contains “hidden menu in the background” and also uses the same navigation system.

If you wish to re-run the base-config at any point after installation is complete, as root run base-config.

7.2.1. Configuring Your Time Zone

You will first be prompted to configure your time zone. After selecting local vs. GMT hardware clock setting, you will be shown a set of likely timezones based on your location. Select your timezone, or Other for a longer list.

7.2.2. Setting Up Users And Passwords

7.2.2.1. Set the Root Password

The root account is also called the super-user; it is a login that bypasses all security protection on your system. The root account should only be used to perform system administration, and only used for as short a time as possible.

Any password you create should contain at least 6 characters, and should contain both upper- and lower-case characters, as well as punctuation characters. Take extra care when setting your root password, since it is such a powerful account. Avoid dictionary words or use of any personal information which could be guessed.

If anyone ever tells you they need your root password, be extremely wary. You should normally never give your root password out, unless you are administering a machine with more than one system administrator.

7.2.2.2. Create an Ordinary User

The system will ask you whether you wish to create an ordinary user account at this point. This account should be your main personal log-in. You should not use the root account for daily use or as your personal login.

Why not? Well, one reason to avoid using root's privileges is that it is very easy to do irreparable damage as root. Another reason is that you might be tricked into running a Trojan-horse program — that is a program that takes advantage of your super-user powers to compromise the security of your system behind your back. Any good book on Unix system administration will cover this topic in more detail — consider reading one if it is new to you.

You will first be prompted for the user's full name. Then you'll be asked for a name for the user account; generally your first name or something similar will suffice and indeed will be the default. Finally, you will be prompted for a password for this account.

If at any point after installation you would like to create another account, use the adduser command.

7.2.3. Setting Up PPP

If your computer is not connected to a network, you will next be asked whether you wish to install the rest of the system using PPP.

If you do choose to configure PPP at this point, a program named pppconfig will be run. This program helps you configure your PPP connection. Make sure, when it asks you for the name of your dialup connection, that you name it provider.

Hopefully, the pppconfig program will walk you through a pain-free PPP connection setup. However, if it does not work for you, see below for detailed instructions.

In order to setup PPP, you'll need to know the basics of file viewing and editing in GNU/Linux. To view files, you should use more, and zmore for compressed files with a .gz extension. For example, to view README.debian.gz, type zmore README.debian.gz. The base system comes with an editor named nano, which is very simple to use, but does not have a lot of features. You will probably want to install more full-featured editors and viewers later, such as jed, nvi, less, and emacs.

Edit /etc/ppp/peers/provider and replace /dev/modem with /dev/ttyS# where # stands for the number of your serial port. In Linux, serial ports are counted from 0; your first serial port is /dev/ttyS0 under Linux. The next step is to edit /etc/chatscripts/provider and insert your provider's phone number, your user-name and password. Please do not delete the “\q” that precedes the password. It hides the password from appearing in your log files.

Many providers use PAP or CHAP for login sequence instead of text mode authentication. Others use both. If your provider requires PAP or CHAP, you'll need to follow a different procedure. Comment out everything below the dialing string (the one that starts with “ATDT”) in /etc/chatscripts/provider, modify /etc/ppp/peers/provider as described above, and add user name where name stands for your user-name for the provider you are trying to connect to. Next, edit /etc/ppp/pap-secrets or /etc/ppp/chap-secrets and enter your password there.

You will also need to edit /etc/resolv.conf and add your provider's name server (DNS) IP addresses. The lines in /etc/resolv.conf are in the following format: nameserver xxx.xxx.xxx.xxx where the xs stand for numbers in your IP address. Optionally, you could add the usepeerdns option to the /etc/ppp/peers/provider file, which will enable automatic choosing of appropriate DNS servers, using settings the remote host usually provides.

Unless your provider has a login sequence different from the majority of ISPs, you are done! Start the PPP connection by typing pon as root, and monitor the process using plog command. To disconnect, use poff, again, as root.

Read /usr/share/doc/ppp/README.Debian.gz file for more information on using PPP on Debian.

For static SLIP connections, you will need to add the slattach command (from the net-tools package) into /etc/init.d/network. Dynamic SLIP will require the gnudip package.

7.2.4. Configuring APT

The main means that people use to install packages on their system is via a program called apt-get, from the apt package.[4] APT must be configured, however, so that it knows where to retrieve packages from. The helper application which assists in this task is called apt-setup.

The next step in your configuration process is to tell APT where other Debian packages can be found. Note that you can re-run this tool at any point after installation by running apt-setup, or by manually editing /etc/apt/sources.list.

If an official CD-ROM is in the drive at this point, then that CD-ROM should automatically be configured as an apt source without prompting. You will notice this because you will see the CD-ROM being scanned.

For users without an official CD-ROM, you will be offered an array of choices for how Debian packages are accessed: FTP, HTTP, CD-ROM, or a local file system.

You should know that it's perfectly acceptable to have a number of different APT sources, even for the same Debian archive. apt-get will automatically pick the package with the highest version number given all the available versions. Or, for instance, if you have both an HTTP and a CD-ROM APT source, apt-get should automatically use the local CD-ROM when possible, and only resort to HTTP if a newer version is available there. However, it is not a good idea to add unnecessary APT sources, since this will tend to slow down the process of checking the network archives for new versions.

7.2.4.1. Configuring Network Package Sources

If you plan on installing the rest of your system via the network, the most common option is to select the http source. The ftp source is also acceptable, but tends to be a little slower making connections.

The next step during the configuration of network packages sources is to tell apt-setup which country you live in. This configures which of the official Debian Internet mirror network you connect to. Depending on which country you select, you will be given a list of possible machines. Its generally fine to pick the one on the top of the list, but any of them should work.

If you are installing via HTTP, you will be asked to configure your proxy server. This is sometimes required by people behind firewalls, on corporate networks, etc.

Finally, your new network package source will be tested. If all goes well, you will be prompted whether you want to do it all over again with another network source.

7.2.5. Package Installation

Next you will be offered a number of pre-rolled software configurations offered by Debian. You could always choose, package by package, what you want to install on your new machine. This is the purpose of the aptitude program, described below. But this can be a long task with around 12250 packages available in Debian!

So, you have the ability to choose tasks first, and then add on more individual packages later. These tasks loosely represent a number of different jobs or things you want to do with your computer, such as “desktop environment”, “web server”, or “print server”. [5]

If you do want to choose what to install on a package by package basis, select the “manual package selection” in tasksel.

Once you've selected your tasks, select Ok. At this point, aptitude will install the packages you've selected. Note, even if you did not select any tasks at all, any standard, important, or required priority packages that are not yet present on your system will be installed. This functionality is the same as running tasksel -s at the command line, and currently involves a download of about 37M of archives. You will be shown the number of packages to be installed, and how many kilobytes of packages, if any, need to be downloaded.

Of the 12250 packages available in Debian, only a small minority are covered by tasks offered in the Task Installer. To see information on more packages, either use apt-cache search search-string for some given search string (see the apt-cache(8) man page), or run aptitude as described below.

7.2.5.1. Advanced Package Selection with aptitude

Aptitude is a modern program for managing packages. aptitude allows you to select individual packages, set of packages matching given criteria (for advanced users), or whole tasks.

The most basic keybindings are:

Key Action
Up, Down Move selection up or down.
Enter Open/collapse/activate item.
+ Mark package for installation.
- Mark package for removal.
d Show package dependencies.
g Actually download/install/remove packages.
q Quit current view.
F10 Activate menu.

For more commands see the online help under the ? key.

7.2.6. Prompts During Software Installation

Each package you selected with tasksel or aptitude is downloaded, unpacked and then installed in turn by the apt-get and dpkg programs. If a particular program needs more information from the user, it will prompt you during this process. You might also want to keep an eye on the output during the process, to watch for any installation errors (although you will be asked to acknowledge errors which prevented a package's installation).

7.2.7. Configuring Your Mail Transport Agent

Today, email is a very important part of many people's life, so it's no surprise Debian lets you configure your mail system right as a part of the installation process. The standard mail transport agent in Debian is exim4, which is relatively small, flexible, and easy to learn.

You may ask if this is needed even if your computer is not connected to any network. The short answer is: Yes. The longer explanation: Some system utilities (like cron, quota, aide, …) may send you important notices via email.

So on the first screen you will be presented with several common mail scenarios. Choose the one that most closely resembles your needs:

internet site

Your system is connected to a network and your mail is sent and received directly using SMTP. On the following screens you will be asked a few basic questions, like your machine's mail name, or a list of domains for which you accept or relay mail.

mail sent by smarthost

In this scenario is your outgoing mail forwarded to another machine, called a “smarthost”, which does the actual job for you. Smarthost also usually stores incoming mail addresed to your computer, so you don't need to be permanently online. That also means you have to download your mail from the smarthost via programs like fetchmail. This option is suitable for dial-up users.

local delivery only

Your system is not on a network and mail is sent or received only between local users. Even if you don't plan to send any messages, this option is highly recommended, because some system utilities may send you various alerts from time to time (e.g. beloved “Disk quota exceeded”). This option is also convenient for new users, because it doesn't ask any further questions.

no configuration at this time

Choose this if you are absolutely convinced you know what you are doing. This will leave you with an unconfigured mail system — until you configure it, you won't be able to send or receive any mail and you may miss some important messages from your system utilities.

If none of these scenarios suits your needs, or if you need a finer setup, you will need to edit configuration files under the /etc/exim4 directory after the installation is complete. More information about exim4 may be found under /usr/share/doc/exim4.



[4] Note that the actual program that installs packages is called dpkg. However, this package is more of a low-level tool. apt-get will invoke dpkg as appropriate; it is a higher-level too, however, because it knows to install other packages which are required for the package you're trying to install, as well as how to retrieve the package from your CD, the network, or wherever.

[5] You should know that to present this list, base-config is merely invoking the tasksel program. For manual package selection, the aptitude program is being run. Any of these can be run at any time after installation to install (or remove) more packages. If you are looking for a specific single package, after installation is complete, simply run apt-get install package, where package is the name of the package you are looking for.