I recently had cause to try out some distributions, and thought I'd
share some of my experiences.
First I tried Progeny RC2. My experience is that it is probably more
for very modern hardware (large disks, reasonable RAM, all PCI,
no ISA).
Progeny uses Parted as the partition editor, and Grub as the
boot loader.
The first few problems I encountered were with Parted. I didn't
actually know this, as Progeny hides all the details behind a nice
looking screen.
As the installtion seemed to be going nowhere, I tried the 'expert
do-it-yourself mode'. With Progeny, my impression is this is actually
harder than a standard Debian install.
Under expert mode, I ran Parted per the text instructions.
Parted barfed at the small drive I had (150 Meg). After a little
email with the Parted author (gotta love Free software), basically
I was able to continue ignoring erroneous warnings.
At this stage, I swapped to a larger disk.
Parted can also format partitions. The version with Progeny couldn't
do this properly, seemingly running out of memory on my 16Meg RAM
system.
However, I was able to partition using the Parted boot disk, which
is available on the parted site.
The next step is to get GRUB installed and going. GRUB is a souped
up lilo, an OS manager.
This is quite an all singing-dancing beast. I was a little worried
by this statement on the GRUB FAQ:
14. Why doesn't Linux (FreeBSD, NetBSD, etc.) become
Multiboot-compliant?
Please ask the maintainers. If all free kernels were
Multiboot-compliant, the world would be an utopia...
(Hey everybody else, do it *my* way).
It took me a little while to get this configured the way
Progeny wants (a / and a /home partition) and with secondary
boot loading all correct. The details are a little scetchy, but
they are all there.
After this, things could have progressed well, until the dreaded
'scanning for devices'. As soon as I saw this I knew I was in trouble.
I had an ISA sound card and ISA ne ethernet clone. Sure enough, my
system hung.
At that point, I bailed out, figuring Progeny could be a really, really
great thing *if* you have reasonably modern hardware.
-------------------------------------------------------
Undaunted, I tried a standard Debian install on the same system.
In contrast this went quite well. I planned to use boot diskettes
and a net install.
I had one small hiccup, in that the net install requires a driver
diskette, but this has to be used with the rescue/root images
that are specific to 'compact'. There are generic rescue/root
diskettes but these don't go with the compact driver diskette.
This wasn't a big deal, as I sort of suspected something like this,
even though it wasn't spelt out in large letters.
The install went very well. The questions weren't overly technical.
(In contrast to Progeny's Parted, which I find a bit confusing - but
remember a normal Progeny installer would never even see Parted)
For modules installation, I knew I had to enter my ne clone
io address. I always get this wrong, forgetting the 0x. But
no! There on the dialog screen was the clear instruction to put
the io=0xXXX.
I actually didn't complete installing. The conections would time out.
However, I am fairly convinced my motherboard is dodgy (I wanted
confirmation. Running windows won't confirm your hardware is broken, since
you can't be sure which is more broken :)
(Problem could be in PCI/ISA bridge).
Even a crash during package configuration could be worked around, by
poking around the Debian installer.
This looks to be the way to go when I replace my motherboard.
I never felt out of control with Debian. It told me what it
was doing, what to do next, what it would require.
------------------------------------------------------
As a further interlude to my normal life, the power went down the
other day.
I have a router attached to my cable modem. I use a floppy based
disto for this. I use an old 486, I think someone threw it out.
I used a disto called 'coyote'. I haven't kept up with firewall
administration for quite some time, and I've sort of lost confidence
in configuring all this by hand. I suppose some small tweaking
of stuff from the Linux Router Project would not be that hard.
Perhaps others can comment?
Unfortunately because I leave the diskette in the drive, all
kinds of crap gets in and the machine wouldn't reboot first time.
After pulling the system and diskette drive apart and defluffing,
I was able to get things going again, but it's obvious this is
simply going to happen again next time.
This particular box has a disk drive. I happend to see an announcement
on freshmeat for 'smoothwall'.
This looks extremely slick. The principals claim it has been on magazine
CD's and I can well believe it.
I was able to install this using a floppy and a http server on another
system (the router has no CD drive).
I only had two problems. I always forget to add the 0x to the io address
when configuring ethernet cards!
The second is that the optus login/dhcp system requires a specific
hostname. I believe this is the same for @home in the US.
This was no more than a small edit to the startup script to include
something like -h `hostname` on the dhcp command line.
Smoothwall is actually something I could recommend to someone who
only knows the rudiments of TCP/IP firewalling.
It has three possible interfaces RED (the world), GREEN (behind
the firewall) and a possible ORANGE (DMZ, where you might have
mail and http server).
It has the dnrd (dns relayer) set up. Web based logs and stats (only
available on the GREEN interface). SSH and FTP can be enabled on the RED
interface. I didn't see a standard option to put SSH on a non standard
port.
I have been looking for a system to give to my brother for his
firewalling, this could well be it.
I guess trusting a standard disto like this to do security is a bit
oxymoronic. However, if the damage cost is on a par with the full
learning cost to configure all from scratch, what option does
the average bunny have?
It's all a matter of trust, how far does it extend?
I am looking forward to Crossfire's talk next month when he explains
ipchains in detail.
Please feel free to comment on any of my assumptions / conclusions
etc.
Jamie
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug
