Linux: Debian 7 on a Dell Inspiron 530

Debian logo



This page contains a description of the installation and customisation of Debian 7.4 "Wheezy" on my Dell Inspiron 530 desktop computer which is used as server, router and production machine. Historically, this is a follow-up to my Fedora 14 page and it has been superseded by the move to a new computer. - As usual, this document has been "anonymised" in a few places; in particular IP addresses have been replaced by XXX or YYY.

Why Debian?

In spring 2014 I moved most of my computers to Debian.

The key reason for changing from Fedora to Debian was the longevity of the system: My computers are tools that I use every day for my business. I do not want to waste time with frequent upgrades of the entire system ... but Fedora issues a new release every 6 months, which meant that my trusty Fedora 14 installation reached its official end-of-life already in 2011-12-08, i.e. just one year after its release. Too short for a production system.

For quite a while, I have been searching for and playing with alternatives. My key requirements, in a nutshell:

Up to 2013, I had acquired most of my "productive" Linux experience on RedHat-based systems, namely Fedora and RHEL. It was thus obvious that I considered Scientific Linux and the very similar CentOS (which I discarded due to its different scope). Appealing were both its known-to-me structure and its unusual long support: the 6.x releases are expected to be supported until 2020. Indeed I have installed such systems for my clients, both as server and as enterprise desktops - however, a few packages that I need daily were not available in SL6 (jpilot, glabels). Albeit one can usually compile "missing" packages from the related Fedora source packages (the software that comes with SL 6.5 is close to Fedora 14 or 15), I wanted a more recent system.

Thus, after some tests, I decided to switch to Debian, offering a lifecycle of 3 to 4 years between major releases, and an "upgrade while running" philosophy. My learning curve was steep since the system structure and administration are quite different from Redhat-based systems. Note that I did not say "difficult", just "different" ;-)


The computer is still the same: My Dell Inspiron 530 with Intel E4500 Core Duo 2.20 GHz processor with 800 MHz FSB, 3 GB RAM, 320 GB Seagate ST3320620AS harddisk (SATA 3.0 Gb/s, cache 16 MBytes, 7200 rpm), a DVD burner HL-DT-ST Model DVD+-RW GSA-H73N (HLDS Inc.), a Teac 19-in-1 media card reader, Intel 3100 onboard graphics and a Dell E228WFP 22" widescreen display.

Since it is a server and router for my home network, it is equipped with a second network card. The machine has performed flawlessly under Linux right from its acquisition in early 2008: first came Fedora 8 for about 1.5 years, followed by Fedora 11 and then Fedora 14 between 2010-11 and 2014-02. The move to Debian took place in early 2014, but I replaced the computer in summer 2014 due to its age.

Installing and fine-tuning Debian 7.4

Easy !

Today, installing Linux is plug-and-play. A common Linux desktop PC is fully installed and operational in less than 2 hours.

In this case, however, I went a slower path since I wanted a minimal server-with-KDE install (cf. Debian Wiki and Philip Reimer) In addition, the machine is configured as a router which implied some particular steps.

This does not mean that it took a long time - from inserting the install CD to an operational router and firewall it took barely 1 hour!


If you have another Linux system running that uses the same partitions (e.g. /home), be aware that the installer will re-format some partitions (at least the new system's root, usually also the swap partition). This may lead to changed signatures, impeding an eventual reboot of the "other" OS:

Base install:
Router and firewall

The initial installation was performed from the Debian 7.4 64-bit "netinstall" CD. Using a custom disk layout, I simply installed Debian over the "old" Fedora 11 partition that was available on this system, keeping Fedora 14 intact:

Partition Type Filesystem Label mount point Comment
/dev/sda1 primary vfat DellUtility /mnt/dell Dell Utilities from factory install, left unchanged.
/dev/sda2 primary 20 GB ext4 F14 /mnt/f14 This was the root filesystem of Fedora 14. Will be used when updating the system in the future.
/dev/sda3 primary 20 GB ext4 Debian / This is the root filesystem of Debian.
/dev/sda4 extended       This holds the following partitions.
/dev/sda5 logical 60 GB ext4 home /home Home directories.
/dev/sda6 logical 120 GB ext4 share /mnt/share Local NFS export. Music, images, etc.
/dev/sda7 logical 5 GB swap swap swap Swap space.
/dev/sda8 logical 80 GB ext4 vbox /mnt/vbox VirtualBox files.

During the installation, I de-select "Desktop" and select ssh server, file server (this installs both NFS and Samba), print server (CUPS) and standard system utilities. This initial installation was finished in barely 16 min; upon reboot we log in on the console:

apt-get install vim

Then, edit /etc/vim/vimrc and un-comment syntax on.

Edit /etc/apt/sources.list. Remove the entry for the Debian CD, then add non-free contrib at the end of the first 4 entries.

apt-get update
apt-get install firmware-linux* mc ntpdate acpi-support sysv-rc-conf hwinfo ethtool

Copy the existing shares and their mount points:

mkdir /mnt/f14 /mnt/vbox/ /mnt/share /mnt/dell 
grep /mnt/vbox/ /mnt/f14/etc/fstab >> /etc/fstab
grep /mnt/share /mnt/f14/etc/fstab >> /etc/fstab
grep /mnt/dell/ /mnt/f14/etc/fstab >> /etc/fstab


Now comes the tricky part: This system has two network cards - and we need to avoid that the cards be assigned in arbitrary order. In my case, the card connected to my ISP was automatically assigned as eth0 during installation but I want this to be eth1 on the production system - simply because all my computers have the internal network on eth0.

The key is to edit /etc/udev/rules.d/70-persistent-net.rules and to adjust (only!) the value of the NAME= key as needed. You can check the assignment with ethtool -i ethX && ethtool -P ethX; on my system this can be resumed as follows:

Edit /etc/network/interfaces and assign the way the two cards are operated. At the same time, this is where the firewall is launched:

# The loopback network interface
auto lo
iface lo inet loopback
# activate the firewall 
pre-up iptables-restore < /etc/network/iptables.rules 
# The primary (internal) network interface
auto eth0
allow-hotplug eth0
iface eth0 inet static
  address 192.168.xx.yy
  broadcast 192.168.xx.255
  # do NOT set any gateway here!

# the external network card
auto eth1
allow-hotplug eth1
iface eth1 inet dhcp

Copy existing firewall rules: cp /mnt/f14/etc/sysconfig/iptables /etc/network/iptables.rules


Edit etc/sysctl.conf and activate routing by un-commenting the line net.ipv4.ip_forward=1. At the same occasion, you may want to insert kernel.sysrq=1.

For the DHCP server, I switched from dhcpd to dnmasq: apt-get install dnsmasq, then edit /etc/dnsmasq.conf:

log-queries                                    # these go into /var/log/daemon.log 
#dhcp-leasefile=/var/lib/misc/dnsmasq.leases   # I keep the default


At this point, the router functionality should be established and your machines on the internal network should be able to access Internet again. Test if DNS is working, e.g.:

dig @localhost
nslookup localhost
nslookup dh.localnet

Please note that NetworkManager and /etc/network/interfaces interfere with each other:


Customize sshd rather restrictive; some key entries in /etc/ssh/sshd_config are:

Protocol 2
PermitRootLogin no
PermitEmptyPasswords no
PasswordAuthentication yes
Banner /etc/
AllowUsers xxx

Copy some NFS-related files from the existing system, adjust as needed:

cat /mnt/f14/etc/hosts >> /etc/hosts && vim /etc/hosts
cp /mnt/f14/etc/hosts.allow /etc/hosts.allow
cp /mnt/f14/etc/hosts.deny /etc/hosts.deny
cat /mnt/f14/etc/exports >> /etc/exports && vim /etc/exports 

Copy fonts:

cp /mnt/f14/usr/share/fonts/msttcorefonts/* /usr/local/share/fonts/
fc-cache /usr/local/share/fonts/

# a simpler alternative:
apt-get install ttf-mscorefonts-installer
apt-get install ttf-liberation

Copy existing samba configuration:

cd /etc/samba/
mv smb.conf smb.conf.orig
cp /mnt/f14/etc/samba/smb.conf .
/etc/init.d/samba restart

The CUPS printing system provides also the traditional lpr functionality, so we set the default printer (as user):

lpstat -p -d         # see which printers are available
lpoptions -d HPLJ5   # set default printer

Note: I did not restart/reload services here since we're going to reboot later anyway.


Let's install the X environment. I went for a clean, minimalist KDE environment:

apt-get install avahi-utils upower desktop-base
apt-get install --no-install-recommends xorg kdm kde-workspace konsole virtuoso-minimal 

Enable Alt-Ctrl-Backspace to kill X server. This needs to be done AFTER X is set up; the setting we want is on the very last screen:

dpkg-reconfigure keyboard-configuration 

Limit the available language packs. Here, be careful to select the languages you want to keep! Generally I select the generic language plus the UTF-8 variant, e.g. de and then dialects such as de_DE.UTF-8 and de_CH.UTF-8 :

apt-get install localepurge

KDE Base

Install KDE and related applications. The first command will install some packages needed for clean integration of KDE applications:

apt-get install kde-plasma-desktop kdeplasma-addons plasma-widget-folderview \
        kde-config-gtk-style kwin-style-qtcurve kde-style-qtcurve gtk2-engines-qtcurve 
apt-get install dolphin okular apper kmix konqueror konq-plugins kate kompare kmail knode kinfocenter\
        kcalc ksnapshot kcharselect kaddressbook kdeadmin kdirstat kmenuedit kfind kgpg kwalletmanager

Albeit it is technically not necessary, I usually reboot the system here so that I can continue working in an X environment. You could simply run startx, too ;-)


Continue to install applications and utilities. You could put all this on one line of course:

apt-get install lyx tex4ht glabels unison-gtk jpilot pilot-link akonadi-kde-resource-googledata
apt-get install enchant aspell-fr aspell-de hunspell-en-us hunspell-fr hunspell-de-de hunspell-de-ch 
apt-get install rsync gftp sitecopy bluefish tidy dos2unix ark rar unrar nmap bum filelight conky   
apt-get install k3b kde-config-cddb gimp inkscape python-lxml gwenview kipi-plugins digikam hugin autopano-sift-c  
apt-get install cups-pdf cups-driver-gutenprint gimp-gutenprint pdftk qpdf pdfmod khelpcenter4 gnuplot-x11  
apt-get install iceweasel deluge subversion lynx curl amarok easytag gpsbabel qlandkartegt sharutils

LibreOffice 4 is not in the repositories for Wheezy, so we need a trick (but please read the next section before you do this, you may want to change your mind!):

echo -e "\n# Backports for recent version of LibreOffice" >> /etc/apt/sources.list
echo "deb wheezy-backports main" >> /etc/apt/sources.list
apt-get update
apt-get -t wheezy-backports install libreoffice libreoffice-kde libreoffice-help-en-us libreoffice-presenter-console 

However, I encountered a few issues with this version - mainly crashes during merge operations. I decided to roll back to the previous version, LibreOffice

# remove or comment the entry in /etc/apt/sources.list
apt-get remove libreoffice-core     # this will remove a lot more but it saves typing ;-)
apt-get autoremove                  # clean up
apt-get install libreoffice libreoffice-kde libreoffice-help-en-us libreoffice-presenter-console

If you want to install the advanced Grammar Checker LanguageTool (through the Extension Manager), you need to change from Java 6 to Java 7. I did this using apper, changing all files with openjdk-6-xxx against their counterpart with openjdk-7-xxx ... and it turned out that a apt-get remove openjdk-6-* is enough to remove the old and install the new version automagically :-)


echo -e "\n# Multimedia" >> /etc/apt/sources.list
echo "deb wheezy main non-free" >> /etc/apt/sources.list
apt-get update
apt-get install deb-multimedia-keyring
apt-get update
apt-get upgrade
apt-get install libdvdcss2 flashplugin-nonfree w64codecs lame

Make sure you do not have the following on the system:

apt-get remove network-manager
apt-get remove dirmngr # removes kdepim 
apt-get remove winbind

log files

On production machines I like to have a quick look at the key logfiles (e.g. using conky). Of course the default permission for these files is rather restrictive ... yet I do not want to log in as root just to have read access. On the other hand, I don't want to grant access to these files to all users in my group.

With Linux supporting ACL (access Control Lists), the solution is as simple and as elegant as it can get: Use ACL to grant selective access on a per-file and per-user basis. The following cronjob allows user joe to read two of the log files (to be run as a cronjob, due to log file rotation)

11 * * * * root setfacl -m user:joe:r-- /var/log/messages /var/log/daemon.log


As usual, almost everything worked right out of the box:

Debian Wheezy on Laptops


I'm using Debian on most of my computers; this includes laptops. Both machines mentioned below have been used under Fedora 14, too; the installation of Debain Wheezy was performed along the same lines as described above and went mostly seamless. Specific points are listed below; a few generic comments and hints:

Lenovo IdeaPad S12

I'm using a Lenovo IdeaPad S12 as main laptop. Comments and hints:

Fujitsu Lifebook 8020D

I have a Fujitsu Lifebook 8020D as backup laptop. Comments and hints:

Citrix Receiver


For certain applications (e.g. a consulting mandate that requires accessing the client's data remotely) I use Citrix Receiver, which is essentially a terminal client to a Microsoft Windows server. The software is not Open Source but is available free of charge on the manufacturer's website, section "Downloads", product "Citrix Receiver".

Citrix Receiver 64-bit

The installation of Citrix Receiver on 64-bit Debian Wheezy is not straightforward since the 64-bit package is broken; we need to rebuild it. What follows is a mixture of an Ubuntu HowTo and the Debian Wiki:

apt-get install lib32z1 libxp6:i386 libsm6:i386 libxmu6:i386 libxinerama1:i386 \
        libglib2.0-0:i386 libxft2:i386 libgtk2.0-0:i386 libc6-i386 lib32asound2 

# as user 
cd /tmp
dpkg-deb -x icaclient_13.0.0.256735_amd64.deb ica_temp/
dpkg-deb --control icaclient_13.0.0.256735_amd64.deb ica_temp/DEBIAN
vim ica_temp/DEBIAN/control      # remove the dependencies for ia32-libs and ndiswrapper
dpkg -b ica_temp icaclient-modified.deb

# as root
dpkg -i icaclient-modified.deb

# ... and copy the certificate:
cp /mnt/f14/opt/Citrix/ICAClient/keystore/cacerts/PCA-3G5.pem /opt/Citrix/ICAClient/keystore/cacerts/

Upon first launch, an application launched inside a Citrix session may ask to "open with..." - if this happens, simply select (always open with) /opt/Citrix/ICAClient/ Done!

Citrix Receiver 32-bit

Installing Citrix receiver for i386 on 32-bit Debian Wheezy is straightforward:

apt-get install libxerces-c3.1 libcurl3
dpkg -i icaclient_13.0.0.256735_i386.deb

# ... and copy the certificate:
cp /mnt/f14/opt/Citrix/ICAClient/keystore/cacerts/PCA-3G5.pem /opt/Citrix/ICAClient/keystore/cacerts/



I use VirtualBox to run an instance of Microsoft Windows as "guest" inside the Linux system. For details, please refer to my GPS software page.

Installation in Debian Wheezy is straightforward. Pulseaudio is not needed for KDE but will be required to provide sound to VirtualBox:

apt-get install virtualbox virtualbox-guest-additions pulseaudio
usermod -a -G vboxusers joe

To enable USB support you will be requested to download and install a module from the Virtualbox website; the process is self-explaining.

Video Issues

The only problem I observed is that videos don't play correctly inside the Virtualbox environment ... all you see is a white square. This did not happen in my previous installations on the same machine, and it is independent from the architecture (tried this with i386 and amd64 on the same computer hardware).

As a workaround, I can start the guest in headless mode (VBoxManage startvm "Windows" --type headless) and use a remote desktop connection (rdp, e.g. krdc). I have to use headless mode - as soon as I have the guest in a "normal" mode and connect via rdp, the display won't work.

Update: It turned out that I have to disable 2D acceleration of the Windows guest. The 3D acceleration can be left enabled!