Linked by Og Maciel on Tue 25th Jan 2005 20:24 UTC
In my never ending search for the ultimate challenge, I decided to remove Gentoo Linux from my trusty laptop and install something else that wasn't as resource starving. Thus, Debian was selected.
Permalink for comment
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
from my debian laptop experiences:
INSTALL:
apm
* if ACPI doesn't work and/or your system is older, use apm
cpufreqd
*(manual and automatic adjusting of cpu speed)
gnome cpufreqd applet
* interface to above
go to /usr/bin as root and chmod +s cpufreq-selector (now you can change speeds by clicking on icon in gnome-panel)
laptop-mode-tools
* controls spindown of hard disks and cpu speed on/off battery
laptop-net
* auto configures networking when you plug in cable, disables when you unplug;
tpb (for thinkpads)
xosd
add nvram to /etc/modules (for thinkpads, maybe others)
* these add on-screen display and operation for laptop control buttons
if suspend doesn't work, add scripts in /etc/apm/suspend.d and resume.d to stop and restart alsa and pcmcia services which can interfere with suspend. It's easy... just copy an existing script and tweak it.
firestarter
* easy to use firewall - you can allow incoming connections by clicking on them or setting policies; I added it to the networking script to start/stop when networking did
ssh
* don't use ftp or telnet, use ssh for secure communications!
CONFIGURE:
change /etc/syslog.conf and reroute everything to /dev/tty8 instead of log files --> reduces disk activity and you can see stuff by pressing CTRL-ALT-F8
change /etc/hdparm.conf and add dma, 32bit, multisector and umask settings to your hard drive
change /etc/fstab and add noatime to all writeable media in the options section (ie. rw,user,noatime) These prevents your hard disk from writing access time on each file you read
change /dev/inittab and comment out all but the first two of the six console ttys... saves RAM
move /etc/exim4 DISABLED_exim4 and /etc/inetd DISABLED_inetd as these are probably useless services on a notebook
SECURITY
* prevent outside use of portmap
edit /etc/default/portmap to listen only to localhost
but keep it around for famd which automatically updates your file browser contents when they change
* not allow root login on consoles
mv /etc/securetty to DISABLED_securetty and touch and empty version; this forces you to login as a regular user and su to root
* not allow ssh root login
make sure you install and use ssh for communicating remotely to/from your notebook
edit /etc/ssh/sshd_config to remove rootlogin... again this means you must ssh in as a regular user and su to root
* remove linux info and warn off people
change /etc/issue to a prohibition on unauthorized use and email address for loss/theft. These file is displayed on consoles
* install nmap and run it to probe ports
you should have many other than cups, instant messenger, mail, portmap, etc.
It's a shame so many of these OSNEWS articles are superficial how-to-install things. There's a lot more useful stuff to do.