- ZeroShell is available in the livecd and compact flash version for embedded devices. However, is it possible to install it on a hard disk?
At present ZeroShell does not offer an installation procedure and therefore cannot be installed directly on a hard disk. However, if you want to start the system from an IDE hard disk, you can copy the image for compact flash on this disk. The copy must occur at device level, independent of the filesystem, for example with the Unix command
gunzip -c ZeroShell-1.0.beta1-CompactFlash512.1.img.gz > /dev/hdx
where /dev/hdx is the block device that corresponds to the disk. Please note that this operation is destructive and will cancel all the data and operating systems of each partition on the disk.
Once copied, for ZeroShell to boot, the hard disk will have to be connected to the Master connector of the Primary IDE.
- How can I permanently configure ZeroShell and save information on users, hosts, X.509 certificates, system logs and other objects on the LDAP and Kerberos v5?
To permanently save data and configurations you must create and activate a database by using the web interface in the section [Setup] -> [Storage]. Obviously, this operation assumes the presence of a storage device such as an IDE or SATA or SCSI disk or a USB device such as Flash Disk. Currently, FireWire devices are not supported.
A database can be copied online on another disk or backup and restore can occur via the web interface: this is useful, since a database can therefore be moved from a physical server to another without the need for reconfiguration. It is also a quick solution to faults or the migration of services towards updated hardware.
- Can the database be stored on a partition which already has another operating system installed on it?
ZeroShell supports the filesystems ext2, ext3, reiserfs and fat32. Therefore, all partitions formatted with one of these filesystem and with at least 32Mbytes of space available can host the ZeroShell database. Please note that ext3 and reiserfs implement journaling of the changes and are therefore more robust than ext2 and fat32 in case the system unexpectedly shuts down or crashes.
- What happens if excess syslog server activity causes a full disk on the partition hosting the database?
ZeroShell automatically disables the syslog server if the partition hosting the database reaches 90% of use. In this case there is an alert on both the console and graphic interface.
- During the database creation phase, other than the admin password and IP address of one of the Ethernet interfaces, I must specify the Kerberos v5 realm and the LDAP base. I don’t need a KDC Kerberos and a LDAP server. What should I do?
ZeroShell, for internal use, requires a Kerberos 5 server and a LDAP server. If you don’t need to provide these services on your network use the Kerberos realm EXAMPLE.COM and LDAP base dc=example,dc=com.
- If instead of the live cd version of ZeroShell, I use the version for Compact Flash, must I have a further storage device to store the database?
The image for a 512MB compact flash uses around 100MB to store the system and the remaining 400MB are available to store the database. Therefore, if this space is sufficient to store all the information on the users and services of your network, no further device is necessary for storage. Remember that the syslog server can also accept the remote host logs and catalogues and archives the logs in the database. It is therefore appropriate to size the partition containing the database so it doesn’t lose syslog server functionality when a disk is full.
- I would like to upgrade to the latest ZeroShell release, but I am afraid I have to reconfigure everything. Are there any risks?
No. The new ZeroShell releases are backwards compatible with the databases created using the previous versions. Yet, if in the future and under any circumstances it is not possible to comply with this rule it will be made known using a well emphasised note of incompatibility in the download section.
- I would like to increase my server reliability with a configuration of fault tolerance disks. Can ZeroShell manage mirroring or distribution parity via RAID 5?
In general, RAID controllers present volumes obtained by combining a set of disks as if they were one unique SCSI disk. In this case, ZeroShell has no problem reading and writing on this type of RAID hardware. Obviously, for the above to be implemented, the controller must be among those supported directly by the Linux kernel, as for example the 3ware for PATA and SATA disks and Smart Array 5i/6i mounted on HP Proliant servers for Ultra SCSI 160/320 disks.
Instead, if a RAID controller is not used and you wish to create RAID software, then you must remember that the current releases of ZeroShell don’t offer this possibility because they don’t manage md (multiple devices).
- How can I start ZeroShell from Compact Flash?
You must download the ZeroShell-1.0.x-CompactFlash512.img.gz file from https://www.zeroshell.org/download/ and after having unzipped it with Gunzip make a copy of the image on a 512MB or greater compact flash. Assuming you have a Linux machine and you have an adapter for USB compact flash which is seen from the system as a block device /dev/sdc, you can use the following root user commands:
dd < ZeroShell-1.0.x-CompactFlash512.img > /dev/sdc
BE CAREFUL when using the dd command. If you select the wrong device and mistakenly write on the disk instead of the CF, you will destroy all the data present. To understand which device corresponds to your CF/USB adaptor, after connecting, use the dmesg command.