3.2. 移殖的方法

3.2.1. 調查與鑑定服務內容

如文字所述，此步驟是必要的。嚴謹的管理者知道每部伺服器的主要作用，但該等作用經常改變，有經驗的使用者偶而會安裝 “狂野” 的服務。知道他們的存在至少可以決定處理的方式，而不是胡亂地刪除它們。

For this purpose, it is wise to inform your users of the project before migrating the server. To involve them in the project, it may be useful to install the most common free software programs on their desktops prior to migration, which they will come across again after the migration to Debian; LibreOffice and the Mozilla suite are the best examples here.

3.2.1.1. 網路與程序

nmap 工具 (在同名套件中) 可以在未登錄的前提下，快速地經由網路連結機器辨識網際網路服務。在另部機器鍵入命令連結至同個網路：

$ nmap mirwiz
Starting Nmap 7.80 ( https://nmap.org ) at 2021-04-29 14:41 CEST
Nmap scan report for mirwiz (192.168.1.104)
Host is up (0.00062s latency).
Not shown: 992 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
25/tcp   open  smtp
80/tcp   open  http
111/tcp  open  rpcbind
139/tcp  open  netbios-ssn
445/tcp  open  microsoft-ds
5666/tcp open  nrpe
9999/tcp open  abyss

Nmap done: 1 IP address (1 host up) scanned in 0.06 seconds

If the server is a Unix machine offering shell accounts to users, it is interesting to determine if processes are executed in the background in the absence of their owner. The command ps auxw displays a list of all processes with their user identity. By checking this information against the output of the who or w commands, which give a list of logged in users, it is possible to identify rogue or undeclared servers or programs running in the background. Looking at crontabs (tables listing automatic actions scheduled by users) will often provide interesting information on functions fulfilled by the server (a complete explanation of cron is available in 節 9.7, “以 cron 和 atd 使用排定的工作”).

任何狀況下，都該先備份您的伺服器：使用者報告問題時，就能復原它。

3.2.2. 備份組態

保留所有設備的備份供昇級後伺服器的參考。至少應備份組態檔。

Unix 機器的組態檔，通常在 /etc/ 資料夾內，有時放在 /usr/local/ 的次資料夾裡。若從原始碼開始安裝程式而不是由套件安裝，組態檔就會放在前述的次資料夾內。偶而，還可在 /opt/ 找到組態檔。

在資料管理服務 (如資料庫) 時，強烈建議以標準格式匯出的資料容易被新軟體接受。通常是文字格式，也可能是從資料庫以 SQL 下載，或從 LDAP 伺服器下載 LDIF 檔案。

圖形 3.2. 備份資料庫

每個伺服器都不一樣，不能詳述所有個案。比較各軟體的文件辨認匯出 (即，再匯入) 的方式以及需要人工處理的部份。此書處理 Linux 伺服器程式的主要組態。

3.2.3. 接手現有的 Debian 伺服器

先分析正在執行 Debian 的機器，才能有效地接管維護工作。

第一個查看的檔案是 /etc/debian_version，通常包括 Debian 系統的版本編號 (它是 base-files 套件的一部份)。若以 代碼/sid 方式呈現，表示此系統從該代碼版本取得的最新版套件 (測試版或不穩定版)。

apt-show-versions 程式 (from the Debian package of the same name) 檢查安裝的套件並辨識可用的版本。aptitude 以表單的方式，做同樣的工作。

查看 /etc/apt/sources.list 檔案 (以及 /etc/apt/sources.list.d/ 資料夾) 可看到已安裝 Debian 套件的來源。若出現不明來源，管理員可能選擇重新安裝電腦系統確保其軟體與 Debian 相容。

The sources.list file is often a good indicator: the majority of administrators keep, at least in comments, the list of APT sources that were previously used. But you should not forget that sources used in the past might have been deleted, and that some random packages grabbed on the Internet might have been manually installed (with the help of the dpkg command). In this case, the machine is misleading in its appearance of being a “standard” Debian system. This is why you should pay attention to any indication that will give away the presence of external packages (appearance of deb files in unusual directories, package version numbers with a special suffix indicating that it originated from outside the Debian project, such as ubuntu or lmde, etc.).

同樣的，分析 /usr/local/ 資料夾的內容，其目的是收錄編譯後與手動安裝後的程式。列出以此方式安裝的軟體清單，指出一個問題，為什麼不使用 Debian 對應的套件。

QUICK LOOK cruft/cruft-ng, debsums, and apt-show-versions

The cruft and cruft-ng packages propose to list the available files that are not owned by any package. They have some filters (more or less effective, and more or less up to date) to avoid reporting some legitimate files (files generated by Debian packages, or generated configuration files not managed by dpkg, etc.).

Be careful to not blindly delete everything that cruft and cruft-ng might list!

The debsums package allows to check the MD5 hashsum of each file installed by a package against a reference hashsum and can help to determine, which files might have been altered (see TIP Finding changed files). Be aware that created files (files generated by Debian packages, or generated configuration files not managed by dpkg, etc.) are not subject to this check.

The apt-show-versions package provides a tool to check for installed packages without a package source and can help to determine third party packages (see 節 6.7.3.1, “Packages removed from the Debian Archive”).

3.2.4. 安裝 Debian

知道當前伺服器的必要資訊後，就可以關閉它並開始安裝 Debian。

依照電腦的架構，選擇適當的版本。近幾年的 PC，很可能是 amd64 (稍舊的是 i386)。其他的情況，則依照安裝的舊系統來判斷。

表格 3.1 is not intended to be exhaustive, but may be helpful. Note that it lists Debian architectures which are no longer supported in the current stable release. In any case, the original documentation for the computer is the most reliable source to find this information.

表格 3.1. 作業系統與架構對照表

作業系統	架構
DEC Unix (OSF/1)	alpha, mipsel
HP Unix	ia64, hppa
IBM AIX	powerpc
Irix	mips
OS X	amd64, powerpc, i386
z/OS, MVS	s390x, s390
Solaris, SunOS	sparc, i386, m68k
Ultrix	mips
VMS	alpha
Windows 95/98/ME	i386
Windows NT/2000	i386, alpha, ia64, mipsel
Windows XP / Windows Server 2008	i386, amd64, ia64
Windows RT	armel, armhf, arm64
Windows Vista / Windows 7-8-10	i386, amd64

3.2.5. 安裝與組態選定的服務

Once Debian is installed, we need to individually install and configure each of the services that this computer must host. The new configuration must take into consideration the prior one in order to ensure a smooth transition. All the information collected in the first two steps will be useful to successfully complete this part.

圖形 3.3. 安裝指定的服務

全面進入此練習前，強烈建議您閱讀本書其他部份。才能夠較精細地瞭解對預期服務的組態方式。