Alpine linux network manager

Configure Networking

This page will assist you in setting up networking on Alpine Linux.

Contents

Setting System Hostname

To set the system hostname:

echo «shortname» > /etc/hostname

Then, to activate the change:

hostname -F /etc/hostname

If you’re using IPv6, you should also add the following special IPv6 addresses to your /etc/hosts file:

For a static IP configuration, it’s common to also add the machine’s hostname you just set (above) to the /etc/hosts file.

Here’s an IPv4 example:

And here’s an IPv6 example:

Configuring DNS

For a static IP address and static nameservers, use one of the following examples.

For IPv4 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Google’s Public DNS servers.

For IPv6 nameservers, edit your /etc/resolv.conf file to look like this:
The following example uses Hurricane Electric’s public DNS server.

You can also use Hurricane Electric’s public IPv4 DNS server:

Enabling IPv6 (Optional)

If you use IPv6, do the following to enable IPv6 now and at each boot:

modprobe ipv6 echo «ipv6» >> /etc/modules

Interface Configuration

Loopback Configuration (Required)

To configure loopback, add the following to a new file /etc/network/interfaces :

The above works to set up the IPv4 loopback address (127.0.0.1), and the IPv6 loopback address ( ::1 ) — if you enabled IPv6.

Wireless Configuration

Ethernet Configuration

For the following Ethernet configuration examples, we will assume that you are using Ethernet device eth0 .

Initial Configuration

Add the following to the file /etc/network/interfaces , above any IP configuration for eth0 :

IPv4 DHCP Configuration

Add the following to the file /etc/network/interfaces , below the auto eth0 definition:

By default, the busybox DHCP client (udhcpc) requests a static set of options from the DHCP server. If you need to extend this set, you can do so by setting some additional command line options for the DHCP client, via the udhcpc_opts in your interface configuration. The following example requests domain-search option:

For a complete list of command line options for udhcpc, see this document.

IPv4 Static Address Configuration

Add the following to the file /etc/network/interfaces , below the auto eth0 definition:

Since Alpine 3.13 must be:

Additional IP addresses

Since Alpine 3.13 must be:

IPv6 Stateless Autoconfiguration

Add the following to the file /etc/network/interfaces , below the auto eth0 definition:

IPv6 Static Address Configuration

Add the following to the file /etc/network/interfaces , below the auto eth0 definition:

Since Alpine Linux 3.13 must be as:

Example: Dual-Stack Configuration

This example shows a dual-stack configuration.

Take care since Alpine 3.13 must be as:

Firewalling with iptables and ip6tables

Install iptables/ip6tables

apk add iptables

apk add ip6tables

• To install the man pages for iptables and ip6tables:

apk add iptables-doc

Configure iptables/ip6tables

Save Firewall Rules

For iptables

Set iptables to start on reboot

rc-update add iptables

For ip6tables

Set ip6tables to start on reboot

rc-update add ip6tables

Activating Changes and Testing Connectivity

Changes made to /etc/network/interfaces can be activated by running:

If you did not get any errors, you can now test that networking is configured properly by attempting to ping out:

For an IPv6 traceroute ( traceroute6 ), you will first need to install the iputils package:

apk add iputils

Then run traceroute6 :

Additional Utilities

iproute2

You may wish to install the ‘iproute2’ package (note that this will also install iptables if not yet installed)

apk add iproute2

This provides the ‘ss’ command which is IMHO a ‘better’ version of netstat.

Show listening tcp ports:

Show listening tcp ports and associated processes:

Show listening and established tcp connections:

Show socket usage summary:

Show more options:

drill

You may also wish to install ‘drill’ (it will also install the ‘ldns’ package) which is a superior (IMHO) replacement for nslookup and dig etc:

Then use it as you would for dig:

drill alpinelinux.org @8.8.8.8

To perform a reverse lookup (get a name from an IP) use the following syntax:

drill -x 8.8.8.8 @208.67.222.222

Related articles

You may also wish to review the following network related articles:

Источник

Connecting to a wireless access point

This document describes how to set up a wireless network connection with WPA encryption.

Contents

Install necessary drivers and software

First make sure your wireless drivers are loaded properly. (if you are using a Broadcom chipset, see the section at the bottom of this post.)

Install wireless-tools and wpa_supplicant , which are probably available to be installed in the base setup.

apk add wireless-tools wpa_supplicant

Manual Configuration

List your available network interfaces. If you don’t see any wireless interfaces (e.g. wlan0 ), you probably need to load and/or install drivers/firmware.

Bring up the desired interface.

ip link set wlan0 up

Use the interface to scan for wireless access points. Make sure the ESSID you want to connect to appears here.

iwlist wlan0 scanning

Associate the interface with desired ESSID.

iwconfig wlan0 essid ExampleWifi

Sanity check: the interface should be configured with ESSID:»ExampleWifi» .

Create a wpa_supplicant configuration stanza for the wireless access point.

wpa_passphrase ‘ExampleWifi’ ‘ExampleWifiPassword’ > /etc/wpa_supplicant/wpa_supplicant.conf

(Access point not broadcasting its SSID requires additional line scan_ssid=1 in the file wpa_supplicant.conf )

Start wpa_supplicant in the foreground to make sure the connection succeeds.

wpa_supplicant -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf

If all is well, run it as a daemon in the background by setting the -B option.

wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant/wpa_supplicant.conf

Configure the interface with an IP address.

Sanity check: the interface should have an inet address.

ip addr show wlan0

Automatic Configuration on System Boot

Add a stanza for the desired interface (e.g. wlan0 ) to /etc/network/interfaces :

Make sure /etc/wpa_supplicant/wpa_supplicant.conf is the correct configuration for the wireless access point you want to connect to.

Bring the interface down.

ifconfig wlan0 down

Manually start wpa_supplicant.

If all is well (confirm with the sanity checks in Manual Configuration), configure wpa_supplicant to start automatically on boot.

rc-update add wpa_supplicant boot

Launching udhcpc through wpa_cli actions

With the above configuration, udhcpc will only run once at boot. If the Wifi isn’t available then, or the network changes in between, it needs to be notified. This is done through the wpa_cli action script in /etc/wpa_supplicant/wpa_cli.sh

Automatic Reconnection when WIFI signal is lost

To enable automatic reconnection when wifi signal is lost add these to config:

Contents of /etc/wpa_supplicant/wpa_supplicant.conf

rc-update add wpa_cli boot

Broadcom Wi-Fi Chipset Users

The Broadcom chipset is quite popular among older computers. You will need to compile the firmware manually for this chipset as it is not included.

You can check if you have a Broadcom chipset by using dmesg:

dmesg | grep Broadcom

First install the SDK and Git:

apk add alpine-sdk git

Then git clone aports from git.alpinelinux.org.

Change your directory to aports/non-free/b43-firmware, then build it.

Install the generated packge file (it will be in

/packages/) — make sure to pass —allow-untrusted

apk add —allow-untrusted

Now we need fwcutter, which is executed from the firmware package:

apk add b43-fwcutter b43-firmware

Now you need to use modprobe so the device will show up:

To automate this on startup add it to /etc/modules:

Источник

Post Installation Recommendations

Now that your installation of Alpine Linux is up and running, you can start working with it. The following sections will provide a list of general recommendations to ease your interactive experience — they are all optional. The remaining sections will describe how to use (on a user level) various Alpine-native solutions, such as the package manager, firewall, and so on.

Creating a Normal User

Now that you are up and running, you will want a normal, non-root user to perform most daily tasks with. You can either use the built-in busybox utility adduser , or the utility available in the shadow package named useradd .

Here are examples for creating a user (named «john» and «jane» respectively) using the utilities adduser and useradd respectively.

1

Both the -h /home/john and -s /bin/ash sections may be optional. However, it is recommended to specify both, as the defaults may not be desirable.

1

The options are, as in the previous example, optional. However, they are still highly recommended, as shown.

Once your user has been created, if the utility you used has not asked you to set a password, you should do so now, using passwd foo , where «foo» is the username in question.

Granting Your User Administrative Access

Sometimes, you’ll want to do something that does require administrative powers. While you may switch to a different tty and log in as root, this is often inconvenient. You may gain root privileges ad-hoc using either the built-in busybox utility su , or the common external utility sudo , available in the package named the same way. sudo , unlike su , will require additional configuration. The visudo utility that comes with it allows you to safely edit the sudoers file which configures it. The difference between sudo and su comes down to which side the permissions come from — su allows you to temporarily log-in as another user (and thus requires that you enter the password of the user you wish to log in as), while sudo allows you to perform commands (including login shells) as the target user, assuming the configuration gives you that right (meaning that your password is the one used for authentication). Here are examples on how to use su , and how to configure and use sudo (in a shortened form) respectively:

12

-l means to run a login shell.

A mere — implies -l , and if no user is mentioned, root is implied — this is equivalent to the example in

12345

Sudo is not installed by default.

By default, sudo only provides permissions to root. This translates as «people in the group wheel are allowed to perform any command, as any user, and any group.»

The wheel group mentioned above is the common «administrator» group, and since we’re using it, we need to add our user to said group.

You may need to log out and log back in for the group listing to update. sudo -i is the equivalent of su — otherwise.

This will run «command with arguments» as the default sudo user — root.

Getting a Graphical Environment

Most people will often want something more than just a raw tty. This section describes how to get a supported graphical interface, as well as some additional notes (for example, how to use a different type of GUI).

You should not follow this if your system is intended to be used as a server, gateway, or similar device — those do not and should not require graphical interfaces. You can see the section acf if you absolutely require something more visual.

First, it is necessary to prepare the system — drivers are built into the linux kernel, but they are not accessible to the X Server — the windowing system provider. On most hardware, you can do this quickly by running setup-xorg-base . This will automatically detect what kind of gpu is installed, and install the appropriate xorg driver accelerator.

If this does not work for you, or you encounter other issues, as per usual, feel free to ask for help in the official support channels.

Once that is done, you can install the recommended and supported graphical setup by installing (and thus running) apk add alpine-desktop . This will install several system-related utilities, as well as the lxdm Desktop Manager and xfce4 Desktop Environment. In case you want a different DE or DM, you should install those now.

Once this is done, you should enable your chosen Desktop Manager as a service. For lxdm this looks like so: rc-update add lxdm and rc-service lxdm start . The first one makes it start on boot, and the last one will start it up immediately.

Copyright © 2019 Alpine Linux Development Team. All rights reserved.

Источник

Semi-Automatic Installation

If you’re here, it’s because you want to install alpine semi-automatically, or because you ran into issues (whether in scope or otherwise) with setup-alpine . Either way, this section of the handbook describes, step by step, how to get a system up and running. In this section you will find the usage of the various setup-* utilities, as well as explanations as to what they do.

Keyboard Layout

Keyboard layout is controlled by the loadkmap service file. In /etc/conf.d/loadkmap a variable ( KEYMAP ) is defined. The file named in this variable is the keymap that will be loaded.

The various keymaps are available in the package kbd-bkeymaps , and are located in /usr/share/bkeymaps . Inside that directory, are multiple directories with the global categories for keymaps (e.g us and ca for United States and Canada respectively). Within those directories are the local variants of each keymap category. For example, to have the common keyboard type, you would use /usr/share/bkeymaps/us/us.bmap.gz .

One easy way to select the keymap is by using setup-keymap . Simply running it will make it go over various available keymaps, prompt you for which one you want to use, and then configure loadkmap for you. It will also remove the kbd-bkeymaps package after choosing the keymap and copying it into a different directory. Alternatively, if you already know what keymap you want (for example, the us/us.bmap.gz from before), you can pass that information to setup-keymap .

1

this will copy and use /usr/share/bkeymaps/us/us.bmap.gz

Hostname

Your hostname is the name of your computer. It is important that hostnames on your local area network be unique. If you need recommendations as to what to make your hostname, you can refer to RFC 1178.

The primary hostname setting is whatever the contents of /etc/hostname are. However, there are some common restrictions as to what it should or shouldn’t be (also listed in the RFC mentioned above). As such, you can use setup-hostname to make the process safer. You can either invoke it with no arguments to be prompted, or you can run it with an argument to set your hostname.

For example, if you want your hostname to be «alpine», you might run it like so:

1

sets the machine’s hostname to «alpine»

Note, however, that this will not populate /etc/hosts — your local hardcoded DNS cache. If you want to accelerate some loopback operations, you can modify that file too. For example, if you were to set your hostname to «alpine», with no particular domain for your network (if you have one of those, you likely do not need these instructions), your /etc/hosts file could look like so:

With that done, you should apply the hostname using either rc-service hostname restart or /etc/init.d/hostname restart .

Networking

Before you configure the rest of the system, you should set up networking. This will allow you, for instance, to fetch bootloaders, configure sshd (to continue this setup from the comfort of a different, graphically-enabled machine), and other such desirable features.

Configure Wireless Networking

If your system does not have an ethernet port (or connection) available, you will need to set up wireless connectivity. It is strongly recommended that you try to avoid this.

However, in the scenario that you have no choice, before you can configure the network, you must establish a connection to it.

To do so, it is recommended that you use the setup-interfaces utility. In it, you should select your wireless interface when prompted (it will usually be called something like wlan0 ) and answer the questions (for more details on that, see the next section).

This will not persist across a reboot. However, if you wish to continue using a similar method, you may use rc-update add wpa_supplicant boot . It is still recommended to get a more complete solution, such as wpa_cli. You can find guides around various wireless networking management solutions (including wpa_cli and NetworkManager) over on the wiki.

In most cases, you will want to use DHCP. If you are on a professional network, or have a common home router, you very likely have it available. It is also very common on networks in general. DHCP will allocate an IP address to your system, give it a nameserver for DNS queries, and will generally greatly decrease the amount of work required. For a typical DHCP setup, you can set it up quickly by running setup-interfaces -a (the «a» stands for «auto»).

Do not do this if you are using a wireless network.

In case this doesn’t work (or you’re on a wireless network), you may need to run it without the «a» flag. In such a scenario, the script will ask you questions about your network topology, that you can answer.

Static IP

In some cases, your network will not have DHCP available. In that scenario, you will need to edit /etc/network/interfaces and /etc/resolv.conf on your own. If you ran setup-interfaces , it will have asked you if you want to do any manual editing of the network configuration. You may answer yes there, or simply edit both files manually.

The default (DHCP-style) /etc/network/interfaces file will look something like this:

To specify your own network details, you will need to find the following details:

The address your system should have (it must not be taken yet)

The gateway address

The network subnet mask (in most networks, this is 255.255.255.0 )

You should be able to ask your network administrator for most of these. In this example, we have determines that your system should have the IP 192.168.0.147 , the gateway is at 192.168.0.1 and the subnet mask is 255.255.255.0 . In that scenario, the /etc/network/interfaces file should look like so:

If you did not end up using DHCP, you will also need to set up DNS. This is done by editing the /etc/resolv.conf file. In most cases, you can use 1.1.1.1 , 8.8.8.8 or 9.9.9.9 as your DNS server. Often, your router will also provide one for use. In case of confusion, you can also ask your network administrator.

Here is an example /etc/resolv.conf file, that uses both the 1.1.1.1 and 8.8.8.8 nameservers.

Alternatively, you can use the setup-dns script.

Currently, setup-dns asks for a domain name . Feel free to leave the answer blank, as it is optional.

Applying Configuration

Once all of the above is accounted for, you can now start the networking configuration. This is done by running rc-service networking start . If desired, you can also set it to load during boot, using rc-update add networking boot .

Timezone

Unless you live in the GMT timezone, you may be interested in having your device know where you (or it) is located, time-wise. On musl, the timezone is defined by the TZ environment variable, which should either mention a POSIX-style timezone, directly point at a file, or have a standard Area/SubArea definition, which must be found under /usr/share/zoneinfo , /share/zoneinfo or /etc/zoneinfo .

You can get /usr/share/zoneinfo by installing the tzdata package. You can see the available Areas by looking that directory, and the available SubAreas by looking into your chosen Area’s directory. Once chosen, you may either keep the package installed, or you may copy your chosen file into /etc/zoneinfo .

It is recommended that you keep the package installed.

For example, if your chosen area is America/New_York , you would run this:

Finally, you will need to add the TZ environment variable to your system. You can do this by running the following, with the same timezone example:

1

This step is primarily here to propagate the new setting to your current session.

Alternatively, you may use setup-timezone , which will copy the file over for you.

setup-timezone , as it is now, will not set up the TZ environment variable. It will instead pretend the timezone data is a localtime-style file. This is a technical difference, that you likely do not need to worry about, but due to this difference it is recommended that you perform this step entirely by hand.

Repositories

If you want to be able to install packages, you’re going to want to have some repositories. By default, your boot medium will come with a built-in repository that is on the boot medium itself. However, now that you have networking, you may wish to install packages outside the relatively small pool available on the boot medium. Repositories for the package manager ( apk ) are configured in a file named /etc/apk/repositories , and valid signing keys are located under /etc/apk/keys/ . Your boot medium should come with valid pre-configured keys, but no external repositories. Currently, you can see the list of available mirrors and their status over at mirrors.alpinelinux.org.

Do not worry about the lack of «https» in the mirrors — all packages are signed, so as long as you do not add any untrustworthy keys, your package manager will refuse to install any illegitimate packages.

Here is an example /etc/apk/repositories file, that uses all stable repositories from the primary mirror of the latest release version:

Assuming your network configuration is done, you may also use the setup-apkrepos utility, which will fetch a list of valid repositories, and give you a choice between them (and options such as «random»).

Root Password

At this point, you should set up a root password. This is easy to do — simply run passwd and follow the prompts.

You will not see your own typing — this is normal, it is obscured to stop people from being able to peek at your screen, even if just to see the number of characters in your passwords.

SSH is very convenient to have — it means you can be in the comfort of your terminal emulator, rather than a raw getty (the full-screen emulator that shows up when booting up an alpine install medium). Now that we have networking, we can set up an ssh daemon.

There are currently two primary secure shell daemons available — openssh and dropbear. The latter is more simple, but has its own (incompatible) key format, and can only be configured through command line arguments — as such, it is not recommended for beginners. You can install either one using apk add name , where name is either «dropbear» or «openssh» respectively. After that, you may want to start it, and possibly enable it — using rc-service openssh start and rc-update add openssh respectively.

By default, you cannot use SSH to log in as root using a password.

Note that this can also be done for you by the setup-sshd utility — it will ask you which one you would like, install, start and enable it for you.

It may be useful to make sure that your clock is correct. This can be achieved by using an NTP daemon. Some of the common ones are chronyd and openntpd . You can install them by using apk add name , where name is the desired daemon. After that, you may want to start it, and possibly enable it — using rc-service name start and rc-update add name respectively.

Currently, chronyd is bugged. The bug in question is mostly cosmetic, but it may be alarming to a new user. As such, temporarily, it is recommended that you use the setup-ntp script and pick busybox .

Note that this can also be done for you by the setup-ntp utility — it will ask you which one you would like, install, start and enable it for you.

Partitioning Your Disk

setup-disk

The setup-disk utility can do the rest of this work for you. It will make a partition table on your hard drive, partition it as per a specification, format the partitions with filesystems, set up the base system, and install the bootloader. This section describes how to use it, as well as the various tweakables.

As it is currently, setup-disk should work for typical single-disk non-UEFI setups. If the defaults seem acceptable to you, feel free to use it. However, in other cases, it is recommended that you at least consider doing this (admittedly difficult) section of the installation by hand.

setup-disk also supports non-disk installations. These are not covered in this handbook.

Options and Settings

setup-disk is configured through command line arguments, as well as environment variables. In most cases, if you want setup-disk to do all the work for you, you should not need to specify anything beyond -m sys , as in setup-disk -m sys . This is an incomplete listing — it lacks anything mentioning non-disk installations, as well as anything overly complex (such as automatic lvm/raid). If you need those, head over to the manual or developer pages.

The filesystem to use on /boot , defaults to ext4, also allows ext2, ext3, (flat) btrfs, xfs and vfat (required on UEFI).

Bootloader to use. Defaults to syslinux, but also allows using grub, unless UEFI is used, in which case grub is required.

The size of /boot .

The type of partition table to use. Defaults to dos, but also allows using gpt, unless UEFI is used, in which case gpt is required.

The filesystem to use on / , defaults to ext4, also allows ext2, ext3, (flat) btrfs and xfs.

Enable this to force using UEFI.

The disk mode to use — you want -m sys .

Operate more quietly.

Specify the size of the swap partition.

Operate more verbosely.

The mounted root to install to.

Any missing information will be queried from you by setup-disk , so only change the above beyond -m if you explicitly want to override the defaults/questions.

In the scenario where the bootloader installation causes problems, see the sections that follow.

Parted

Parted is GNU’s PARTition EDitor. It is a very useful tool that’s capable of performing partition editing of various sorts — including the ones we’re interested in, both programmatically and interactively. Because of this, that is the utility we will be using in this section. Begin by installing it, using apk add parted .

This is also the part of the handbook in which you must determine whether you need (or want) to use UEFI. This decision will be left up to you, but you can determine whether or not you are currently booted using UEFI by checking if the /sys/firmware/efi folder exists. In case this is difficult, you may use the following snippet to get a direct answer:

Once you have decided, you must also choose the non-booting-related partitions you want to have (as the boot method will determine how the prior go). For beginners, making a big root partition is recommended, and that is what will be used in the examples that follow. If you know that you want something different, you should also know how to modify the examples.

We thus end up with 3 common options: — BIOS installation on an MS-DOS partition table — BIOS installation on a GPT partition table — UEFI installation on a GPT partition table

Other options exist, but they are for more advanced users. Using MS-DOS for the BIOS installation is more trivial, but comes with some limitations (only 4 partitions, maximum disk size of 2 TB), so both options are covered. It is also assumed that your disk is sufficiently large, that small losses (e.g making the ESP 1 GB) are not relevant for ease of installation. «Sufficiently large», in this case, is anywhere at or above 32 GB in total. If your disk is smaller, you are likely on a specialized device, and should either follow the automatic installation method mentioned previously, or perform a tmpfs-based install (which is not covered in this handbook). The following sections cover each of those options, so feel free to skip to the one chosen.

Also note that you may notice «swap» partitions mentioned as a flag. «swap» is not actually a flag, but a filesystem type. It is a pagefile, meant to supplement your system memory. It is recommended to make it up to 2x the size of your physical ram, but can be considered optional.

One of swap’s common uses is the suspend-to-disk feature, often called «hibernation», which requires enough swap space to function.

In the following sections, you will see code such as this:

12

This is a shortcut/alias. The primary thing to worry about is /dev/sda — this must be the device you want to use for the installation.

Parted supports both interactive and non-interactive commands. This is the equivalent to running parted -a optimal /dev/sda , then entering mklabel msdos into the prompt, or entering mklabel into the prompt, and answering msdos to the incoming question. The specifics as to how you perform the below are up to you.

BIOS + MS-DOS

Under a BIOS setup with an MS-DOS partition table, we can only have 4 primary partitions, and are limited to 2TB disks. Extended partitions are outside of the scope of this handbook. Under BIOS+MS-DOS, we can use the MBR for installing the bootloader, so we only need to worry about the actual data partitions. Here is an example partitioning scheme:

Источник