Here I explain how to set up a mirror for Debian an Ubuntu repositories, on a Debian server. The steps explained next can be found on other sites, except how to deal with the repository’s keyrings. For instance, on the Ubuntu’s tutorial they explain how to install the keyrings assuming the server you are installing the mirror has Ubuntu running, but what if it’s running on a Debian server?

Installing debmirror

As I mentioned, I used debmirror for mirroring both distros. There are other programs, like apt-cacher, but I chose debmirror because I wanted to mirror all Debian and Ubuntu repos. So, in order to install debmirror just type the following as root:

aptitude install debmirror

Installing the keyrings

Now it’s time for installing the repositories’ keyrings. Because I wanted a mirror for Debian and other for Ubuntu, I had to download both keyrings packages and import the keyrings from them:

Debian

To install the keyrings for Debian’s repos the latest debian-archive-keyrings must be downloaded, for instance from testing:

# wget http://ftp.us.debian.org/debian/pool/main/d/debian-archive-keyring/debian-archive-keyring_2012.4_all.deb

Then the package’s content must be extracted in the root’s home directory:

# dpkg-deb -x debian-archive-keyring_2012.4_all.deb ~

And finally import the keyrings:

# gpg --no-default-keyring --keyring /home/repo/keyrings/debian/trustedkeys.gpg --import /root/usr/share/keyrings/debian-archive-keyring.gpg
 gpg: keyring `/home/repo/keyrings/debian/trustedkeys.gpg' created
 gpg: key B98321F9: public key "Squeeze Stable Release Key " imported
 gpg: key 473041FA: public key "Debian Archive Automatic Signing Key (6.0/squeeze) " imported
 gpg: key 65FFB764: public key "Wheezy Stable Release Key " imported
 gpg: key 46925553: public key "Debian Archive Automatic Signing Key (7.0/wheezy) " imported
 gpg: Total number processed: 4
 gpg: imported: 4 (RSA: 4)
 gpg: no ultimately trusted keys found

Ubuntu

On Ubuntu I did something similar. I downloaded the latest ubuntu-keyring package up-to-date, from quantal’s repos:

# wget http://pa.archive.ubuntu.com/ubuntu/pool/main/u/ubuntu-keyring/ubuntu-keyring_2012.05.19_all.deb

Then I proceed to extract the package content in the root’s home directory and import the keyrinngs:

# dpkg-deb -x ubuntu-keyring_2012.05.19_all.deb ~

# gpg --no-default-keyring --keyring /home/repo/keyrings/ubuntu/trustedkeys.gpg --import /root/usr/share/keyrings/ubuntu-archive-keyring.gpg

gpg: keyring `/home/repo/keyrings/ubuntu/trustedkeys.gpg' created
 gpg: key 437D05B5: public key "Ubuntu Archive Automatic Signing Key " imported
 gpg: key FBB75451: public key "Ubuntu CD Image Automatic Signing Key " imported
 gpg: key C0B21F32: public key "Ubuntu Archive Automatic Signing Key (2012) " imported
 gpg: key EFE21092: public key "Ubuntu CD Image Automatic Signing Key (2012) " imported
 gpg: Total number processed: 4
 gpg: imported: 4 (RSA: 2)
 gpg: no ultimately trusted keys found

The debmirror script

On Ubuntu

The script is an adaptation of the the one at Ubuntu’s documentation, I saved as /home/repo/scripts/debian.sh with the following values:

#!/bin/sh

# Don't touch the user's keyring, have our own instead
export GNUPGHOME=/home/repo/keyrings/ubuntu

# Architecture. For Ubuntu can be i386, powerpc or amd64.
arch=i386,amd64

# Minimum Ubuntu system requires main, restricted
# Section (One of the following - main/restricted/universe/multiverse).
section=main,multiverse,universe,restricted

# Release of the system (Quantal, Precise, etc)
release=quantal,quantal-security,quantal-updates,quantal-backports,precise,precise-security,precise-updates,precise-backports

# Server name, minus the protocol and the path at the end
server=us.archive.ubuntu.com

# Path from the main server, so http://my.web.server/$dir, Server dependant
inPath=/ubuntu

# Protocol to use for transfer (http, ftp, hftp, rsync)
proto=http

# Directory to store the mirror in
outPath=/home/repo/mirrors/ubuntu

# Start script

debmirror       -a $arch \
                --no-source \
                --md5sums \
                --progress \
                --passive \
                --verbose \
                -s $section \
                -h $server \
                -d $release \
                -r $inPath \
                -e $proto \

On Debian

For Debian I used other parameters and save it as /home/repo/scripts/debian.sh with this values:

#!/bin/sh

# Don't touch the user's keyring, have our own instead
export GNUPGHOME=/home/repo/keyrings/debian

# Architecture (i386, powerpc, amd64, etc.)
arch=i386,amd64

# Section (main,contrib,non-free)
section=main,contrib,non-free

# Release of the system (squeeze,lenny,stable,testing,etc)
release=squeeze

# Server name, minus the protocol and the path at the end
server=ftp.us.debian.org

# Path from the main server, so http://my.web.server/$dir, Server dependant
inPath=/debian

# Protocol to use for transfer (http, ftp, hftp, rsync)
proto=http

# Directory to store the mirror in
outPath=/home/repo/mirrors/debian

# Start script

debmirror       -a $arch \
                --no-source \
		--md5sums \
		--progress \
		--passive \
		--verbose \
                -s $section \
                -h $server \
                -d $release \
                -r $inPath \
                -e $proto \
                $outPath

Note: On both cases you have to make the scripts executable, check the connection with the chosen servers and check if you have enough space available for hosting the mirrors.

Scheduled job (crontab)

Once the scripts are working, you can create a cron for keep the mirrors synced. For example, to run he scripts at midnight every day you can put the following in the /etc/crontab:

0 0 * * *    root    /home/repo/scripts/debian.sh
0 0 * * *    root    /home/repo/scripts/ubuntu.sh

Publishing the mirrrors

I published the mirror via http with Apache, the web server:

aptitude install apache2

By default on Debian, Apache uses /var/www as root directory. Thus in order to set the mirrors just make the symbolic links to that directory:

# ln -s /home/repo/mirrors/ubuntu /var/www/
# ln -s /home/repo/mirrors/debian /var/www/

Setting the clients

On the client side, you have to edit the /etc/apt/sources.list file according to the Linux version used on the client.

On Ubuntu

For Ubuntu precise (12.04) you have to put something like this in the /etc/apt/sources.list file:

deb http://192.168.1.1/ubuntu/ precise main restricted universe multiverse
deb http://192.168.1.1/ubuntu/ precise-updates main restricted universe multiverse
deb http://192.168.1.1/ubuntu/ precise-backports main restricted universe multiverse
deb http://192.168.1.1/ubuntu/ precise-security main restricted universe multiverse

In this case the IP addresses 192.168.1.1 belongs to the server hosting the mirrors, which were published via http with Apache. Change to other IP or a DNS entry according to your configuration.

On Debian

For Debian Squeeze you must have the following in your /etc/apt/sources.list:

deb http://192.168.1.1/debian squeeze main contrib non-free
deb http://192.168.1.1/debian-security squeeze/updates main contrib non-free

For both cases after doing these changes you have to update the package list:

aptitude update

Once the package list has been updated you can use those repositories.

I’m sure you were thinking I was tell you: install Debian!…but no, this time I’m going to be more condescend thus I’m going to give you a tip. After installing Ubuntu one thing you can do to feel you are using Debian is open a terminal and type this:

sudo apt-get install aptitude
sudo aptitude update

Now you will be using the Debian’s default console package management .

But what are the differences between aptitude and apt-get / apt-cache?

That doubt was already commented on this article aptitude vs. apt-get

User password vs. root password

Another thing you can do is to assign a password to root

sudo passwd root

After this you can log in as root and forget about sudo, in addition you will separating the installing user from the real system administrator role.

I have an apt-cacher server at home for caching Debian and Ubuntu repos, and the same PC has cron-apt for downloading Debian packages daily, the idea is to have the packages ready to download whenever I want to update them. On the other hand, my sister has a netbook with Ubuntu, but due to cron-apt is set to download only those packages from the distro it’s running by default, in this case Debian, when my sister’s netbook is updated she can’t take advantage of the cache because she has to wait until all packages are downloaded.

The solution is to make cron-apt download Ubuntu packages. Let’s see how to do it…

Adding Ubuntu repos to cron-apt

In order  to add the Ubuntu repos you have to edit the /etc/cron-apt/config file in the following line:

OPTIONS="-o quiet=1 -o Dir::Etc::SourceList=/etc/apt/sources.list.ubuntu10"

Where the  /etc/apt/sources.list.ubuntu10 file must have the Ubuntu repos definitions. In my case, it’s the apt-cacher server:

deb http://192.168.2.100:3142/ubuntu/ lucid main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid-updates main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid universe
deb http://192.168.2.100:3142/ubuntu/ lucid-updates universe
deb http://192.168.2.100:3142/ubuntu/ lucid multiverse
deb http://192.168.2.100:3142/ubuntu/ lucid-updates multiverse
deb http://192.168.2.100:3142/ubuntu/ lucid-security main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid-security universe
deb http://192.168.2.100:3142/ubuntu/ lucid-security multiverse

Ubuntu public keys

You also have to set the public keys, otherwise apt-cacher will send a email with a message like this one:

W: GPG error: http://192.168.2.100 lucid Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 40976EAF437D05B5

In order to download and install the public key you have to do the following steps:

gpg --recv-keys 40976EAF437D05B5
gpg --export --armo 40976EAF437D05B5 | apt-key add -

Now next time I update my sister netbook, many of the packages will be ready to download from the local network at home!!

Reference

• Adding Ubuntu Repositories

I’ve already mentioned the advantage of using a cached repository like apt-cacher. Okay, it’s true that all packages will be available when upgrading applications, but only if somebody had already downloaded them. It would be great to have something that automatically downloads those packages for you, so when you upgrade from any computer within the network those applications will already be in apt-cacher.

Installing

In order to install cron-apt just type this in a terminal as root:

aptitude install cron-apt

Setting

You have to define a running frequency of cron-apt in the /etc/cron.d/cron-apt file. There you must define at what time it will be performed, using crontab format. For example:

# Every night at 1 o'clock
0 1 * * * root test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt

Then you have to set some variables in the /etc/cron-apt/config fild, according to your needs. For instance, I changed the package manager from apt-get to aptitude, the mail address, and how often I will be warned:

# APTCOMMAND=/usr/bin/apt-get
APTCOMMAND=/usr/bin/aptitude
# APTCOMMAND

Check out the whole file if you want to change any behavior, or just let it has it comes.

Actions

By default cron-apt is set to download the package list and then download the updates. In the /etc/cron-apt/action.d/0-update you will find this:

update -o quiet=2

And the /etc/cron-apt/action.d/3-download file has this:

dist-upgrade -d -y -o APT::Get::Show-Upgraded=true

You can change this values according to your needs, for instance for an unattended upgrade. You can also use the examples provided by the packages in the /usr/share/doc/cron-apt/examples/ directory.

The new netbook architecture comes with a Intel GMA 3150 graphic card, which it’s not supported completely by the kernel because it doesn’t show any information in the /sys/class/backlight directory. This means you won’t be able to adjust your LCD brightness with the function keys (ACPI), or use any plugin for that matter, or set the brightness with third-party applications such as laptop-mode-tools.

I did a research on Internet and I found a solution to the brightness adjustment problem, which consist in setting the value to the PCI device on the bus directly, as shown here:

setpci -s 00:02.0 f4.b=55

Where 00:02.0 is the PCI id on the bus,  and  55 is a hexadecimal value between 0 and FF, which modifies the display’s brightness.

In order to konw which device id to write on,  you can query the PCI bus:

mundungus:~# lspci
00:00.0 Host bridge: Intel Corporation N10 Family DMI Bridge
00:02.0 VGA compatible controller: Intel Corporation N10 Family Integrated Graphics Controller
00:02.1 Display controller: Intel Corporation N10 Family Integrated Graphics Controller
00:1b.0 Audio device: Intel Corporation N10/ICH 7 Family High Definition Audio Controller (rev 02)
00:1c.0 PCI bridge: Intel Corporation N10/ICH 7 Family PCI Express Port 1 (rev 02)

As you cans see the device id for the graphic card on the PCI bus is 00:02.0.

Setting  laptop-mode-tools

Commonly laptop-mode-tools writes on a file into the /sys/class/backlight directory,  as I wrote in previous post, but in this case you have to put the following into the /etc/laptop-mode/conf.d/lcd-brightness.conf file:

BATT_BRIGHTNESS_COMMAND="setpci -s 00:02.0 f4.b=55"
LM_AC_BRIGHTNESS_COMMAND="setpci -s 00:02.0 f4.b=77"
NOLM_AC_BRIGHTNESS_COMMAND="setpci -s 00:02.0 f4.b=77"
BRIGHTNESS_OUTPUT="/dev/null"

Notice you have to set the variable BRIGHTNESS_OUTPUT withe the value /dev/null, otherwise it won’t run properly.

References

• [ubuntu netbook remix] No brightness adjustment on samsun n210 (Intel GMA 3150)
• Saving power with laptop-mode-tools

I sold my Lenovo IdeaPad S10 to upgrade it to a Lenovo IdeaPad S10-3. As it happened with my sister’s S10-2 netbook, the partitions scheme looks like the ones shown above: A small partition (I assume to boot Windows), a 100 GB partition for Windows 7, another partition with 30 GB for backups, and 150 GB of rescue and driver for Windows.

Because my disk is mine, I decided to erase the two last partitions (I backup-ed  its content first) and change the size of Windows 7 partition in order to make room for two Linux (Debian and Ubuntu), another partition for 1 GB of swap, and the remaining for /home, as is shown in the following picture:

Collateral damage

The only side effect is that some applications supplied by Lenovo, like the OneKey Recovey, won’t work properly because the partitions had been deleted.  The solutions is to make the rescue disks before erase those partitions, or live with those partitions but resizing them to make room (this what’s I did on my sister’s netbook, a Lenovo S10-2).

Warning

Before resizing the Windows partition you better defragment the disk. You should also check that Windows 7 boots properly after resizing the partition, if not you can recovery it by using one of those partitions provided by Lenovo. I did the mistake of erasing them, so I had to borrow a Windows 7 recovery disk, because I  didn’t want to wait for a recovery disc shipped from USA.

Interfaz del Software Center

Some people yelled: what the heck is doing Debian by including Ubuntu Software Center in its repositories? The true is, like it or not, this package is available with the name Software Center, and I have to admit it’s an option for installing software, even more easier than Synaptic does. But it’s not only a graphical interface for installing packages, sol let’s install it and see what else it has to offer.

Installing Software Center

In a terminal you can type the following:

aptitude install software-center

This will install Software Center and its compounds.

Software Center

In order to use Software Center, which is depicted in the above image, you must got to Applications > System > Software Center:

From there you can search, instal and uninstall applications in the system as you would do from a terminal or graphically in Synaptic, but in a really easy way.

Update Manager

The Update Manager notifies users about new updates, the same way Ubuntu does.

This can be really useful for helping out forgetful people to keep their system up to date (from example if they use Debian testing).

Software Sources

You can also set the system’s repositories from the Software Sources utility. In my case I have some internal repositories with apt-cacher in my local network, which appear in the Third-Party Software Tab:

This application in the end just modifies the /etc/apt/sources.list file or the files in the /etc/apt/sources.list.d folder.

Compatibility with aptitude

My big concern was if this application would integrate with aptitude, I mean, if it were capable of uninstall unused dependency packages of a particular application. So far I’ve tested and it appears so!!

I have already set an internal mirror on Debian to avoid downloading the same packages twice, and I did the same thing by adding the VirtualBox’s repo, so it lets me save bandwidth and time because all updated packages will be available on that internal mirror.

Now I installed Ubuntu Netbook Edition on my sister’s netbook and she told me that sometimes the updates can last so long, because her Internet connection is from a USB modem,  and at some times it could be a nightmare to browse the net and update the system at the same time. Therefore, I decided to add the Ubuntu repo to my internal mirror, as is shown in the above picture.

Setting the Ubuntu repo in apt-cacher

In order to set the Ubuntu’s repository, edit the /etc/apt-cacher/apt-cacher.conf file. Find the path_map parameter and add the following:

path_map = debian http://ftp.us.debian.org/debian/ ; multimedia http://www.debian-multimedia.org ; virtualbox http://download.virtualbox.org/virtualbox/debian ; ubuntu http://ve.archive.ubuntu.com/ubuntu/

Setting up the Ubuntu clients

On the Ubuntu PCs you have to edit the /etc/apt/sources.list, commenting all its content and adding the following lines:

deb http://192.168.2.100:3142/ubuntu/ lucid main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid-updates main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid universe
deb http://192.168.2.100:3142/ubuntu/ lucid-updates universe
deb http://192.168.2.100:3142/ubuntu/ lucid multiverse
deb http://192.168.2.100:3142/ubuntu/ lucid-updates multiverse
deb http://192.168.2.100:3142/ubuntu/ lucid-security main restricted
deb http://192.168.2.100:3142/ubuntu/ lucid-security universe
deb http://192.168.2.100:3142/ubuntu/ lucid-security multiverse

Note: I also commented the deb-src repos because I know my sister won’t need them but if you do, adapt them using your internal mirror’s IP address.

As a final step, update the package list and upgrade the system from a terminal:

aptitude update
aptitude safe-upgrade

Or use the graphical package manager to do the same.