Wednesday, November 6, 2013

Configure apt-get to work from behind the proxy server

I have divided this tutorial in three parts.

In the first part we enable proxy authentication for all bash commands.
In the second part of this tutorial, I will describe the procedure for enabling proxy authentication for aptitude package manager or famously known as APT. 
The third part deals with bit of security and gives more insight of the chmod command. 

Part I: Edit bash.bashrc.

bash.bashrc is configuration file for the bash shell. There are lot of ways in which you can customize shell experience using this file. For editing bash.bashrc you need to be root. Run following command to open this file with root privileges

$ gksudo gedit
You will be asked to authenticate, enter password for the admin account. 
Now from gedit open /etc/bash.bashrc and add following lines at the end of this file

Export http_proxy = http://username:password@proxyserver:port/
Export https_proxy = http://username:password@proxyserver:port/
Export ftp_proxy = http://username:password@proxyserver:port/

where <username> is your username and <password> is your password. 
For example:

Export http_proxy = http://sumit:password@
Export https_proxy = http://sumit:password@
Export ftp_proxy = http://sumit:password@
Save this file. 

Part II: Edit apt.conf 

As you might have guessed, apt.conf is configuration file for APT. Once again run gedit in root mode

$ gksudo gedit

From /etc/apt/ open apt.conf file. 
[Depending on your Linux distribution this file may be absent in that directory, in which case you should create new file and save it as apt.conf in /etc/apt/ ].

Add following details to this file:

Acquire::http::proxy "http://username:password@proxyserver:port/";
Acquire::https::proxy "https://username:password@proxyserver:port/";
Acquire::socks::proxy "socks://username:password@proxyserver:port/";
This should get APT working on your system. But as you may have already noticed that these two files are stored as a plain text and anyone can open and read these files. To prevent this threat you can use chmod which stands for 'change mode'.

Part III: Understanding chmod command

Every file has three permissions to set, namely read, write and execute.
You can confirm the permissions set for bash.bashrc using following command

$ ls -l /etc/bash.bashrc | grep bash.bashrc

In this command ls lists all the files specified in the /etc/bash.bashrc directory.

The -l switch ensures that the every information of file is displayed on the terminal. Since list obtained by ls can be very long we pass [pipe] this output to another program grep which searches for specified text in the output. 

$ -rwx r-x r-x administrator administrator 2191 Oct 28 09:53 /etc/bash.bashrc
grep will change the color of matched text i.e. bash.bashrc in the output. 

First three underlined groups represent the permissions set associated with this file. First group i.e rwx in this case represents permissions for current user. Other two groups r-x  indicate that other users are allowed to read and execute this file but they are not allowed to write on this file. In ideal case other users should only be able to execute this file i.e. the permissions for this file should be set to -rwx --x --x. For this execute following command

$ chmod 711 /etc/bash.bashrc 
 Refer to this table before setting permissions

read write execute no. permissions
1    1     1       7   read, write, execute
1    1     0       6   read, write
1    0     1       5   read, execute
1    0     0       4   read 
0    1     1       3   write, execute
0    1     0       2   write
0    0     1       1   execute
0    0     0       0   no-permissions
It is very clear from the table that the number 711 sets read, write and execute for current user and only execute permission for all other users.
Confirm this using

$ ls -l /etc/bash.bashrc | grep bash.bashrc
You should get following result.

$ -rwx --x --x administrator administrator 2191 Oct 28 09:53 /etc/bash.bashrc

No comments:

Post a Comment