User Tools

Site Tools


Linux core

Currently the Hannibal is developed, tested and supported on the Debian GNU/Linux 4.0 (a.k.a. Etch) platform. We assume a minimal installation of the operating system as a foundation to be present. Just install the base system. Don't add additional packages via tasksel, dselect and / or aptitude at the moment. You could use a separate machine per module or use a virtualization tool. As we chose Xen as our preferred virtualization solution, some of our own considerations and documentation regarding Xen are included at the Xen section of this wiki.

Start with just some basic Debian repositories. By default we'll only use 'main', 'contrib' and the security-repositories. Our example of /etc/apt/sources.list is localized for The Netherlands. You can choose an appropriate mirror from

deb etch main contrib
deb stable/updates main contrib

If your server is intended to compile software and/or to (re)build Debian packages, you might want to add some source repositories as described at the Hannibal Development-server howto.

Now you can update/upgrade your system to the current state of Debian stable.

apt-get update
apt-get dist-upgrade -fu 

We usually install these tools for system administration on a base system:

apt-get install ssh less vim hdparm make chkrootkit sudo tcpdump nmap iptraf dsniff \
               dnsutils iproute ntpdate sysstat tcpstat mc file bzip2 links wget rsync \
               lsof xinetd eject screen fping arping ipcalc ngrep traceroute mtr strace \
               ltrace netcat netselect discover

If you already have a working LDAP-enviroment for user authentication and you want to configure your new machine to make use of it, read the Hannibal documentation on howto turn a server into a LDAP-client.


Most Hannibal modules may co-exist happily together on one machine. However, we use one virtual machine for every single module and we advise you to do so too! In our experience separation per module gains flexibility and scalability that will prove very valuable at your daily work as a sysadmin, only at the cost of some overhead in resources.

Integration of separate modules might be possible, however this is not supported and there are some known problems. For instance, the Fedora Directory Server requires the apache2-mpm-worker package, which conflicts with packages as libapache2-mod-php5 (which requires another version of Apache)…so you have been warned!

IP-number plan

We use one IP-address per host and an IP per service. This allows easier migration of services if necessary. The administration of IP-addresses will be much easier if you use a tool like IPplan! Visit the website at

Hannibal IP-number plan:            router/gateway            dom0-1 (Xen-host)            dom0-2 (Xen-host)           ns1           ldap1           smtp      (mta)           imap/pop  (e-mail store)           fileserver           ca           databaseserver           vpnserver           webserver           xdm           http-proxy           ntp           calendar server (reserved)           syslog (logging server)           systemmonitor (nagios/centreon)           dev (development server)           jabber (irc)           asterisk (reserved)           ns2           ldap2      <hosts>      <dhcp-range>
hannibal/operatingsystem.txt · Last modified: 2008/06/26 08:52 by Olivier Brugman