-
Notifications
You must be signed in to change notification settings - Fork 0
/
BasicSetup.tex
322 lines (265 loc) · 11.8 KB
/
BasicSetup.tex
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
%\documentclass[12pt,a4paper]{book}\usepackage{array}\usepackage{multirow}\newcolumntype{C}[1]{>{\centering\arraybackslash}p{#1}}\usepackage{multirow}\usepackage[utf8]{inputenc}\usepackage[T1]{fontenc}\usepackage{lmodern}\usepackage{hyperref}\usepackage{graphicx}\usepackage[english, frenchb]{babel}\usepackage{listings} \lstdefinestyle{customstyle}{basicstyle=\footnotesize,breakatwhitespace=false,breaklines=true,captionpos=b,keepspaces=true,tabsize=4,frame=single,moredelim=[is][\underbar]{_}{_}}\lstset{style=customstyle}\usepackage{menukeys}\begin{document}\tableofcontents
\chapter{Basic setup}
\section{Change language}
There are no default languages selected in ArchLinux but the keyboard map is set to
qwerty\footnote{Most common layout for keyboards} at the beginning. To choose
your language you have to complete two steps and then the system will be able to
use it for characters encoding and some softwares as \texttt{nano}.
\subsection{Enable yours}
Before choosing yours it is necessary to enable it in \texttt{/etc/locale.gen}
file with \texttt{locale} tools.
You will need to use \texttt{nano} to edit the configuration file -- \keys{\ctrl
+ W} can help you to search -- and remove \og\#\fg{} before the language you want
to enable (fr\_FR.UTF-8 for example), to save your changes press \keys{\ctrl + X}.
\\
\begin{lstlisting}[language=bash,caption=Enable your language]
$ locale # Current language settings
# Edit the /etc/locale.gen file
$ nano /etc/locale.gen
$ locale-gen # Update available languages
$ locale -a # See available languages
\end{lstlisting}
\subsection{Change your settings}
The second step is to set the language and configure your keyboard map.
Notice that you will have to logout for the system to take into account
changes you made in language setup.
\\
\begin{lstlisting}[language=bash,caption=Change language settings]
$ localectl status
System Locale: n/a # System language
VC Keymap: n/a # Virtual console
X11 Layout: n/a # Graphic interface
# Change system language (choose enabled one)
$ localectl set-locale LANG=fr_FR.UTF-8
# List of keymaps, choose the one you want "fr-pc" for example
$ localectl list-keymaps
# Change settings
# no-convert not update VC with X11 and vice versa
$ localectl set-keymap --no-convert fr-pc # VC Keymap
$ localectl set-x11-keymap --no-convert fr-pc # X11 Layout
# Logout to apply changes
$ exit
\end{lstlisting}
\section{Configure wifi connexion}
\subsection{Check your dongle}
The first thing you can do is checking if your dongle has been recognized by
the system and can be used.
\begin{lstlisting}[language=bash,caption=Check wifi device]
$ ifconfig -a wlan # All wireless interfaces (also disabled)
\end{lstlisting}
There are a lot of ways to connect your RPi to a network using a wifi dongle
but all of them requires to install a package before -- wifi-menu needs
dialog, iw and wpa\_supplicant are not installed -- so it is necessary to
use an ethernet wire to install them.
\newpage
\begin{lstlisting}[language=bash,caption=Install wireless dependencies]
# pacman is the package manager in ArchLinux
# -S install a new package
#
# dialog to get wifi-menu interface
# wpa_supplicant for wireless network protected with wpa keys
#
$ pacman -S dialog wpa_supplicant
\end{lstlisting}
\subsection{Searching the internet}
Once you installed all the packages -- synonym for software -- that wifi-menu
needed to run you can launch it with \og{}\texttt{wifi-menu}\fg{} command.
\begin{figure}[h]
\centering
\includegraphics[scale=0.3]{images/WifiMenu.png}
\caption{wifi-menu interface}
\label{figure:WifiMenu}
\end{figure}
Then, select your network -- with \keys{\arrowkeyup} and \keys{\arrowkeydown} --
, type your password (if required) and you will be connected to your wireless
network.
\newpage
\section{Create yourself}
\subsection{Simple user}\label{subsec:SimpleUser}
The default username and password for ArchLinux are \texttt{root/root}, this
user got all right on the system it means he can do anything -- even break the
system -- so it is not recommanded to use it.
However, you should change this default password for security purposes and only
use your new account.
\\
\begin{lstlisting}[language=bash,caption=Create a new user called jeremy]
$ passwd root # Changes root password (for security)
$ useradd -m jeremy # Creates user jeremy and his home folder
$ passwd jeremy # Changes jeremy password
\end{lstlisting}
Now we have a new user account for everydays usage. You can see all users on
your system with \og{}\texttt{cat /etc/passwd}\fg{} which will display the
content of the config file for users.
\subsection{Very important user}
It is possible to specify user rights with \texttt{visudo} command, the general syntax for one user is
the following \og{}\texttt{username machine=(targetuser) commands}\fg{},
let's look at some details:
\begin{description}
\item[username] name you gave to \texttt{useradd} command
\item[machine] machine on where rights are applied, ALL in general
\item[target user] user that we takes the rights
\item[command] allowed commands separated with one coma -- no spaces --,
use exclamation mark for banned commands
\end{description}
\texttt{visudo} is the command which prevent you from blocking the system with
bad changes in the config file \texttt{/etc/sudoers}. The default text editor
used by \texttt{visudo} is \texttt{vim} but before we used \texttt{nano} so to
keep using it you have tell it to the system.
\newpage
\begin{lstlisting}[language=bash,caption=Specify user rights]
$ pacman -S sudo # visudo is inside
# For this session set nano as default editor
# EDITOR is an environement variable
$ export EDITOR=/usr/bin/nano
# To check your changes, use echo which print a message
# in the console and variable with "$" before
$ echo $EDITOR
# Add your account rights after root
# for example "jeremy ALL=(ALL) ALL"
$ visudo
\end{lstlisting}
Now you are a regular user with root permissions but some commands requires
to be root -- as making changes in systems files -- so if a command want not
works you can try to add \texttt{sudo} before.
\\\\
By doing this the system will ask
you for your password -- even if you are logged -- to get root permissions
temporarily.
\begin{lstlisting}[language=bash,caption=sudo command usage]
# Logged as jeremy (regular user)
$ visudo
visudo: /etc/sudoers: Permission denied
$ sudo visudo # Launches visudo with root rights
\end{lstlisting}
This example shows you that \texttt{visudo} command requires to be root so if
you are logged with a regular account you can not use it. Instead of logout and
login with root user -- remember do not use this account -- just add
\texttt{sudo} before your command.
\section{System update and timezone}
As I said before -- in ArchLinux presentation\ref{section:ArchVsRaspbian}--, the
system updates are based on rolling system principle. Therefore, you can update
your system at anytime without reboot.
\begin{lstlisting}[language=bash,caption=Update ArchLinux]
# S: synchronize packages list
# y: force refresh
# u: upgrade all outdated packages
$ pacman -Syu
\end{lstlisting}
Each time you get a new device (smartphone, PC, ..) you have to set your timezone
to have your system on time. It is much important on a server especially for
logs feeds by your services.
\begin{lstlisting}[language=bash,caption=Set your timezone]
# Current timezone
$ timedatectl status
# List available timezones
# Can add "| grep Eur" to limit result
# Only lines which contains "Eur" are displayed
#
$ timedatectl list-timezones
# Set your timezone (Europe/Paris for example)
# You must be root (use sudo)
$ timedatectl set-timezone Europe/Paris
\end{lstlisting}
\section{Setup remote connexion}
If you want to keep working with your regular computer on the RPi -- without two
screens and two keyboards -- it possible to setup a remote connexion with
\texttt{ssh}\footnote{Remote secure shell access}.
\\\\
On the system there are many programs as \texttt{ssh} or web server launched
in background. These programs are regularly started at system startup and
are called \emph{daemons} or \emph{services}.
\\\\
Before trying to connect to your Raspberry you should check if \texttt{sshd}
-- for ssh daemon -- is running.
\begin{lstlisting}[language=bash,caption=Check service state]
$ systemctl status sshd # Check service state
# If sshd is not running, launch it
$ systemctl start sshd # Start service
# If after a reboot it is not started
# It can be disabled
$ systemctl enable sshd # Enable service
\end{lstlisting}
Now that sshd is running, you will be able to connect to it remotely from any
other system. Here is a list of the methods you should use depending on your own
machine:
\begin{description}
\item[Linux and OSX] Use the build-in terminal
\item[Windows] PuTTY\footnote{SSH client available on
\href{https://www.putty.org}{putty.org}} is the most used
tool for this kind of work
\end{description}
\begin{figure}[h]
\centering
\includegraphics[scale=0.6]{images/PuttyConnect.png}
\caption{PuTTY connexion interface}
\label{figure:WifiMenu}
\end{figure}
\label{theme:ip}
Whathever the system you are using, two informations are necessery to perform
an ssh connexion : remote account -- created in section \ref{subsec:SimpleUser}
-- and remote machine IP or domain name.
\\\\
In the case you did not have domain name for your RPi\ref{theme:dns}, you can only
use it's IP address. The \texttt{ifconfig} command will help you to get this
address but be carefull about how your RPi is connected to your network: ethX
means wired and wlanX is wireless.
\begin{lstlisting}[language=bash,caption=SSH with command line]
# On your RPi
# ifconfig (interface configurator): list interfaces
# Here the IP address of my RPi is 192.168.0.23
#
$ ifconfig
eth0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
...
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
...
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.23 netmask 255.255.255.0 broadcast 192.168.0.255
...
# On your Remote PC
# Format: username@IP (or domain)
$ ssh [email protected] # Initiate ssh connexion
[email protected]'s password: # Type your account password
$ exit # Stop ssh connexion and go back to local terminal
\end{lstlisting}
\section{Remote access to your files}
If you want to manage your server files from a remote computer you can use
FTP\footnote{FTP for File Transfer Protocol} which will be a service on your
RPi.
\\\\
There are a lot of ways to add an FTP access to your server and I choose to use
\emph{vsftpd} -- for very secure ftp daemon -- a secure solution to our problem.
With this protocol you can connect yourself to the server as an anonymous user
-- no username and no password -- or you can use your account on the server.
\\\\
In my configuration, I enabled access to logged users only but feel free to
enable anonymous access (think about security).
\begin{lstlisting}[language=bash,caption=VsFTPd setup]
$ pacman -S vsftpd # Install package
# Change settings in /etc/vsftpd.conf
$ nano /etc/vsftpd.conf
# Enable anonymous access uncomment
anonymous_enable=YES
anon_upload_enable=YES
anon_mkdir_write_enable=YES
# Enable logged users access uncomment
local_enable=YES
write_enable=YES
local_umask=022
# Enable and start service
$ systemctl enable vsftpd
$ systemctl start vsftpd
\end{lstlisting}
Your FTP server is running, it is time for remote connexion. The most used
multiplatform tool is FileZilla an FTP client with a graphic interface but some
Windows users like WinSCP.
\begin{figure}[h]
\centering
\includegraphics[scale=0.4]{images/FileZillaConnect.png}
\caption{FileZilla connexion interface}
\label{figure:WifiMenu}
\end{figure}
As for SSH connexion you need your RPi IP address (or domain name, see
\ref{theme:ip}) and your account informations -- username and password -- if you
did not enabled anonymous access to your server.
%\end{document}