Many laptop-wielding officers in the corporate world use laptops as Internet access devices, switching to a desktop when they enter their cubicles every morning. Their laptops do not contain all their work related data. Such laptops are more like expensive toys. Some people use laptops exclusively, but have sharply reduced features and functionality when out of office. These people use their laptops as network-enabled desktops when in office, and access data on back-end servers on the office LAN. But when they leave office, their laptops lose all connectivity to back-end data and become little more than expensive email checking and browsing terminals. These people consider even this to be useful, because they at least get to check their email. But this is a very sad way to use a laptop.

What we need

The main idea behind a useful laptop is, or should be: full power and features when disconnected. You should be able to do everything on your disconnected standalone laptop that you could do at office, and ideally you should not even know when you are connected and when you are not. Your office servers should become merely a backup data storage service.

Such a laptop must fulfil the following conditions:

• It must have a work environment which includes all tools that I need to make me work efficiently. (Simple things like a shell prompt and VI are a must, for instance.)
  
• It must allow me to access all data that I normally need to access, from the laptop's local hard disk, when I am disconnected and sitting in one corner of the Himalayas, busily working. (This includes all files of my home directory, all email messages, and all Usenet postings.) If a laptop does not allow me to work when disconnected, it's perhaps better to shift to a desktop computer. And if I need to change my way of working when I'm connected versus when disconnected, again I'd rather shift to a desktop.
  
• I must never need to close applications for months at a time. (It must hibernate and wake up without having to shut down the OS.)
  
• It must be able reconfigure itself for different network environments, either with a single command or by auto-sensing its environment.
  
• It must be totally painless to back up.
  

For me, this translates to the following:

• It must run an operating system which allows you to be productive. Any mature flavour of Unix, with a full suite of GNU tools, a recent version of X Window, Firefox, LaTeX, and some other applications, will do well. Since Ubuntu is a well-regarded and well-integrated desktop Linux distro, this seems to be a good choice.
  
• It must keep a copy of all information that I need to do my work on its local hard disk. My home directory must be on this laptop.
  
• It must have a handy way for me to backup its entire contents onto a back-end server with one command, which, once correctly set up, can be run by anyone who knows how to run a command. Its default options must do a complete backup of all new and changed data.
  
• It must allow me to send emails from my favourite mail client even when it is not connected anywhere.... it must have a local MTA and a local outgoing mail queue which will get pushed out transparently whenever I connect to a suitable network or server.
  
• It must give me an IMAP mail interface, so that I can keep all my messages in IMAP folders and then switch from one mail client to another at will, without losing any of my messages.
  
• It must have a single command which allows me to set up all subsystems for working in each typical work environment, e.g. at home, at office, and on the Big Bad Internet.
  
• It must pull in emails transparently and automatically whenever I am connected to my mail server. It must do so without my having to start or stop the feature, and it must deliver all messages to my local inbox on the laptop's /var/spool/mail area (or equivalent).
  
• Whatever it does for emails, it must do for Usenet news too. It must run a local NNTP server with a local copy of all messages, both incoming and outgoing. And it must synchronise with an upstream NNTP server transparently whenever it detects connectivity.
  

How to get there

The following things must be set up on a laptop, often in the order given:

• Install Windows: This is the first thing you have to do, before you do anything with Linux. Most laptops come with Windows pre-installed; some save you the cost of Windows and expect you to install a pirated copy anyway. In both cases, you will have to install a legal copy of Windows. There are 1% situations where Windows is needed, and if your laptop does not have Windows running on native hardware, you can get completely stuck.

Note: Not all users will need a Windows instance on raw hardware. Many users use Windows purely for running MS PowerPoint. For such users, the virtual machine with Windows (described below) will be adequate, and this Windows installation step described here can be skipped. Ask the user and use your judgement.

Even laptops with pre-installed Windows will need their Windows re-installed, because the partitions usually will need resizing.

You may need to get yourself a copy of a Windows installable CD, and this must be an original Microsoft CD, not a second-source copy. Copies usually contain pirated versions which are usually buggy and broken, and won't work with online activation and upgrades from Microsoft. Don't risk it.

Modern laptops do not provide you a CD with Windows; they install Windows on a protected portion of their HDD and you can install from that partition. This partition will need to be unprotected and made available for useful data. (You can always install Windows from a CD; there is no need to lock up a couple of GB of disk space on the HDD for a recovery image.) Unprotecting this partition usually needs a BIOS setting change.

You must partition the HDD first with the Windows installer, and create a primary partition where the Windows system will go. This will become C:. Format this in NTFS, and keep perhaps 5-7GB for this. Format another partition, anything between 2-5GB, as VFAT file system. This will become D:. Keep the rest of the HDD unused and unpartitioned. Then install Windows on the C:, doing a quick format for both C: and D:. The reason to have two Windows partitions is because (i) the Windows system area is best kept in an NTFS partition which is secure and robust and does not corrupt easily, and (ii) the user data is best kept in a VFAT partition, because that can be read from and written to by a Linux system. (Linux can't yet write reliably into NTFS partitions.)

If you have an 80GB HDD, then after Windows installation, you will have about 70GB left over for Linux.

During the installation of Windows, you will be asked to give the login usernames for the initial set of users. Create two users. One should be called "root", and the other should be given the same login name as the Intranet ID of the Linux user who will use this laptop. In other words, if Akshay Wankhede will use this laptop, and his Linux user ID is "akshay", then the second Windows user should be "akshay". After you complete the installation and reboot into Windows from the HDD, go to the Control Panel, select "Users", and change the attributes and rights of the user, such that "root" has full administrator privileges, and "akshay" has limited privileges. Henceforth, for all non-system tasks, login as "akshay", not as "root".

After Windows is installed, connect to the Internet and activate the copy of Windows using online activation. This is mandatory; do not omit this. If you got a copy of Windows pre-installed on your laptop from the manufacturer, then you will have a CoA (Certificate of Authenticity) sticker with a hologram stuck to the bottom of the laptop. Use the Product Key printed on it (a 25-character string) to activate your Windows installation. If your laptop did not come with Windows pre-installed, then you will have to get the Product Key from the Windows packet in which you purchased the CD.

After activation, go to the Microsoft Update section of www.microsoft.com using Internet Explorer and no other browser and fetch and install all the mandatory and some of the optional updates for your installation from the Microsoft site. Switch on auto-updates.

Set up printing on Windows, with the printer drivers for the strange and proprietary inkjet printers available to you in the office. One of the key reasons to use Windows on raw hardware is to be able to print to strange special-purpose USB-connected printers.

If you have a legal copy of MS Office, do not install here. You will almost certainly not need to use MS Office on the raw-hardware Windows instance; you can set it up on the virtual machine with Windows which you will install later (see below). This goes for most of the normal applications like graphics applications and page composition apps --- do them in the virtual machine if possible.

Install Firefox for Windows so that if you ever need to browse from Windows, you will not use the insecure bundled browser. (There is only one reason to regularly use IE --- getting Microsoft updates.) Also install any anti-virus software if you have any. If not, install Grisoft's AVG anti-virus: it is free and adequate.

Install Linux: Installing Ubuntu from a live CD is not a difficult task currently. Alternately, the modern commercial Linux enterprise desktop distributions are also very easy to install. You will have to remember only one thing: you will start by partitioning the HDD, but you will keep the Windows partitions very carefully untouched. You will make partitions in the rest of the HDD. The following partitions are recommended:

• A / partition, about 5-6 GB. This will contain everything including /opt and /usr.
  
• A swap partition. This should not be less than 1GB; modern laptops need 1GB RAM itself, and swap should as a rule be at least as big as RAM.
  
• A /var partition. This should be for the rest of the hard disk.
  

After installation, move /home to /var/home and create a softlink from /home to /var/home. Once this is done, all the user data and all fast-changing data, including email spools, IMAP mailboxes, and Usenet article storage, will be under /var. Use either ext3 or reiserfs for all Linux partitions, not ext2.

Note: If you want your laptop to hibernate safely using the built-in ACPI-based suspend facility of the Ubuntu kernels, then the system state will be saved to the swap partition. This will need to contain the full RAM contents and perhaps some kernel meta-information. Therefore, with modern pre-built Ubuntu kernels, it's important to have swap space at least 25% larger than your total RAM. This was not an issue with the older swsusp2. That implementation used to apply LZW or GZIP compressors to the system state while saving it, so the swap space used used to be considerably less than the total system RAM. This is called progress.

Modern Linux distros will automatically set up the boot loader to show a menu and give you dual-boot options, once the installer detects a Windows partition pre-existing on the HDD.

Note: For Debian and Ubuntu users, it may not be a good idea to create a separate partition called /var. This needs to be tested. The reason is that these Linux flavours believe in using tmpfs file systems for /var/run and /var/lock and when they mount these two file systems, they assume that the parent directory, i.e. /var, will be available. There is some problem in the order in which the HDD partitions are mounted, and therefore the point at which /var/run and /var/lock are mounted is before the point at which other partitions (including /var) are mounted. Therefore, if your /var is in a separate file system, the mounting of /var/run and /var/lock fails, and a whole host of daemons start giving all sorts of errors because they can't find these essential directories.

For Debian-based systems, I have found it better to keep /var on the root file system, but mount the extra file system on /hda8 or some such partition. In this way, there is no problem with the mounting of /var/run and /var/lock. And once the system is booting from the HDD stably, I move /home to /hda8/home, /var/spool to /hda8/spool, and /var/tmp to /hda8/tmp. Then I create softlinks from the original locations of these directories to their current locations. Once this is done, the disk usage of /var becomes very minimal and static, and the bulk of the variable content moves to /hda8.

After Ubuntu is installed, reboot from the hard disk, connect to the Internet with a fast (i.e. not analog dialup) connection, and do the following as root:

apt-get update

apt-get dist-upgrade

and immediately reboot a second time.

You will almost certainly find it useful to read the attached document, "Debian and Ubuntu for SuSE Linux Users", unless you are very familiar with Ubuntu v6.10.

Config flipper: There should be a program which changes all relevant aspects of the laptop's network configuration depending on the environment in which the user wants to work. I have found that there are at least three different environments where a laptop can be used:

• The "home turf" or office LAN: here the laptop can have a fixed pre-decided IP address and a known default gateway
  
• Standalone mode: this is where the laptop is ready to connect to the Internet using a dialup connection or work standalone at the user's whim.
  
• DHCP environment: this could be in a home or a guest's office LAN environment, or in an airport or hotel lobby, where there is a DHCP service running. In that environment, merely flipping to the "dhcp" environment should fire a DHCP client daemon on the laptop, broadcast a DHCP request, fetch a response, and configure its IP address, default route, etc, as per the DHCP environment. Flipping to any other environment should check for a running DHCP client daemon and kill it. A running DHCP client can otherwise mess around with static IP settings.
  

To do this configuration flipping, there should be a single command which takes the environment as a single commandline parameter, e.g.

$ sudo laptopenv office

or

$ sudo laptopenv dhcp

and so on. This laptopenv script should reconfigure and restart all necessary daemons including MTA, DNS server, etc. It can also initiate one-shot background processing jobs automatically, e.g. an automatic Usenet sync process whenever you connect to the "office" environment.

Check out ifplugd to see if you can set up auto-configuration of your network interface when you plug in your LAN cable to your laptop.

Remember that modern config-flippers have to handle two network interfaces, not one. There's the wired LAN and there's the Wi-fi interface. Both will never be active at the same time (other than some weird work environments). Therefore, your config-flipping will have to bring down and bring up the appropriate interfaces. For instance, there could be two home settings; one for wi-fi access to the home LAN, and the other for wired access. (I use both at home. Wi-fi routers cost less than Rs.3000 today.)

As examples, two versions of the file /etc/network/interfaces have been attached below. One, called interfaces-office.txt, works for my office environment where a static IP address is assigned for my laptop. The other, called interfaces-dhcp.txt, works for a typical home LAN or "guest" LAN environment, where the IP address and default gateway comes from DHCP. The office-LAN configuration file has one flaw: it does not set the default route. This must be corrected after reading the manpage for the interfaces file. There are probably other bugs; every line in both files needs to be examined carefully.

SSH to office server: My home directory on my office compute server should have my SSH keys, and my laptop should allow me to do a key-based login to my office home directory by typing in my SSH passphrase. Once this is set up, I can do an rsync over SSH from my laptop to my office compute server, and do other SSH-based tasks.

The ssh-agent program needs to be set up on the laptop so that it starts automatically once when I login the first time, and all subsequent SSH connections can then be done without my typing in my passphrases.

DNS: There should be a local DNS server running on the laptop. When the laptop is connected to the office LAN, then this DNS server should work as a forwarding-cacheing server, and pick up DNS responses from the office DNS server. This will allow it to get DNS lookups for all the office internal server names. When the laptop is out of office, the DNS server should work as a purely cacheing server, without any forwarding. The local /etc/resolv.conf will always point to 127.0.0.1. The DHCP client configuration will be set up to always prepend 127.0.0.1 to the list of imported DNS servers when it overwrites /etc/resolv.conf.

Home backup: The home directory and emails should be backed up to a back-end server using a single command. This command should use rsync over SSH to transfer the entire email folder tree and homedir directory tree to a backend server. The ssh-agent setup will make this possible without typing any passphrases.

Outgoing email: The laptop must run a local MTA (Sendmail) which must handle both incoming and outgoing email flow. The user must configure his mail client to connect to "localhost" as the outgoing email server. On the local host, the Sendmail process must push out outgoing mails over the network link. Sendmail must have the intelligence to know that only the local user (the laptop's owner) has a local mailbox on the localhost; all other email addresses of the local domain must be pushed out. For instance, if my email address is "shuvam@merce.co.in", then only "shuvam@merce.co.in" must be delivered locally; all other users@merce.co.in must be pushed out.

The Sendmail config may change when config is flipped using "laptopenv". In the office environment, Sendmail may push outgoing email out to the local mail server. In other environments, Sendmail may push email out directly to an external mail relay or to the final recipient email servers (always a dicey idea, since many recipient mail servers nowadays do not accept email coming from a dynamically allocated IP address). Hence, it is a good idea to use an outgoing UUCP queue to send mail out from the laptop to Starcom's public server. This will require setting up of a UUCP queue.

Incoming email: The laptop must receive incoming email transparently and automatically whenever it detects that it is connected to the upstream mail server.

Mail flow can be over either POP3 or UUCP-over-TCP. The latter is preferred because of its ability to handle large mails over flaky connections. Depending on the protocol, either Fetchmail or UUCP will pull the mails in, and will deliver to local Sendmail. This Sendmail must deliver the mails to Cyrus IMAP.
A local Cyrus IMAP server must run on the laptop, and must receive incoming mails using LMTP and store them in my local inbox. I should be able to create mail folders using my mail client and file my messages in those IMAP folders as I usually do on any IMAP server.

CVS: There must be a CVS setup on the laptop, so that I can check out subtrees from the main office CVS repositories directly on my laptop. This local CVS must connect to the office CVS server using SSH. This setup will need the setting up of an SSH tunnel. This tunnel can be set up using a script. Whenever I need to use CVS, I will run this script first, and then use normal CVS commands as if I am accessing a local CVS store. My CVS programs will connect over this SSH tunnel to the back-end compute server and check in and check out files.

Needless to say, this will only work while in the "office" environment, unless we can set up incoming SSH tunnels from the Internet to our compute servers securely.

Usenet: A local Leafnode server will have to be set up to pull a full set of newsgroups from the office NNTP server to the laptop's local hard disk. This will allow local reading and posting of Usenet news articles. This Leafnode server will synchronise with the upstream NNTP server once an hour. This synchronising can be switched on and off depending on the current laptop environment. However, in all environments, the user will get to see his own NNTP repository, since it will be served to him locally.

Dialup Internet access: A Reliance cellphone with a USB data cable will need to be set up for dial-up Internet access. After setup, this connection can be established by just running pppd call reliance. A wrapper script should be written which does this and then starts a slow (5-second interval) ping process to the other end of the P-to-P connection. This ping helps to keep traffic moving on the dial up link, because Reliance puts the connection to sleep if there is more than a few tens of seconds of idle time on the link.

Once this wrapper script is ready, a Gnome applet can be tied to it, so that one click on an icon on the panel can set up the connection and keep the ping running. Closing the window will terminate the script and automatically terminate the pppd connection.

Virtual Windows machine: It is very rare to need to run Windows on raw hardware. (When it's needed, it's absolutely unavoidable, and you need a raw Windows bootable system for those occasions.) Almost all the requirements for Windows are for running some Windows applications, like MS Office. For those situations, shutting down Linux and booting into Windows is very disruptive, therefore a virtual Windows environment should be set up to run under Linux.

This can be done by setting up VMWare under Linux (host OS) and install Windows on it (guest OS). Install all the necessary applications into this virtual machine. Therefore, this virtual machine may need 5GB or more of disk space, depending on how many applications of what size you need to install.

Since modern laptops can be assumed to have 1GB RAM, the VMWare virtual machine must be configured to use 512MB RAM. (A smaller virtual machine may not perform satisfactorily with modern MS Windows and large applications.) Create a virtual disk for it of the appropriate size; this will become the C: of the virtual machine. On Linux, this entire virtual machine, with its virtual disk, will appear to be a large Linux file of the same size as the virtual C:. Therefore, this will be a single file of 5-6GB. Keep this and other VMWare config files in /var/virtual/, a special directory you create for this purpose.

Once Windows is installed on this virtual machine, activate it in the usual way, or get a pre-configured, pre-activated VMWare virtual machine image from someone else who has already done this. Configure it with its own IP address, so that it can talk to the host Linux system over its Ethernet interface. This IP address must be from the same subnet as the one for the host Linux system, to eliminate routing complications. Create a user on this virtual Windows system with the same name as the login-name you use for yourself on the Linux system.

Install SAMBA on the laptop's Linux system, and configure it to allow incoming connections only from the virtual VMWare machine's IP address. Export

• your home directory
  
• /var/warehouse
  
• the Windows D: (VFAT partition) you had set up when setting up Windows
  

over Samba, and allow connections from the virtual Windows system to them. Also configure Samba-based printer redirection to whatever Linux printers you set up (see below) from Windows.

Test that when your base Linux system is connected to the Internet, you should be able to fire up the Windows virtual machine and access the Internet, download MS Update patches, etc. You should see the correct date, in terms of local time, in both Windows virtual machine and the base Linux OS.

Install all relevant Windows applications like MS Office on this virtual machine, not necessarily on the raw Windows installation on the Windows NTFS partition done earlier. This Windows instance will be used more frequently than the native one.

Printing: Set up printing from Linux. This is easy in modern Linuxen, using CUPS. Ensure that the browser-based admin UI for CUPS works correctly, and allows you to change configuration of printers. Set default paper size to A4 if it's set to US Letter.

Applications: Set up Adobe Acrobat. This may need some special entries in /etc/apt/sources.list for Ubuntu; the native Acrobat distribution from adobe.com may not work easily. Also download a reasonable set of plugins for the browser and ensure that they all work correctly. This includes at least the Flash plug-in, a Java VM, and if possible, a player for Realaudio and Realvideo streams.

A list of Ubuntu packages has been attached with this note. This list gives the exact names of Ubuntu 6.10 packages which are recommended to make a basic Ubuntu laptop into a multi-purpose full-functional one. It includes most of the common applications, but does not include the libraries needed to play back Win32 video file formats (e.g. AVI, WMA) or CSS-encrypted DVDs. Those will have to be enabled by downloading special Debian packages.

The package list can be installed in a single shot by using:

apt-get install `cat UBUNTU-PACKAGE-LIST.txt` (note backquotes)

System clock: Set the hardware clock to run on UTC. Set the timezone to India, and ensure that the clock is displayed correctly. Set up the NTP server on the laptop to synchronise with servers in pool.ntp.org. Read about pool.ntp.org and how to use this pool.

Security precautions: Set up some kind of firewalling on the Linux system to ensure that incoming connections are not permitted to any port other than for SSH. This will be useful protection for periods when you will dial out from the Linux system directly to the Internet.

What we will get out of it

Suppose you bring your laptop to the office, plug in the Ethernet patch cord, wake it up from hibernation and set laptopenv office. This will automatically tell the laptop that it's online and it will transparently begin fetching mails, synchronising NNTP articles, and so on. You do not pay attention to your email or Usenet news articles, but get to work on your software development activities.

After a couple of hours, you may need to leave for a meeting. You do a laptopenv home, hibernate it, and walk out with it. Later, in a hotel lobby, you open your laptop, read your emails, and reply to them, at leisure, without any network connectivity; your mails are already sitting in your system Inbox. You use your favourite mail client and VI to write your emails, without having to use sucky browser-based mail front-ends. You know that these mails will reach their destination whenever you connect to the Internet, either through your office or over some dialup or DHCP link. If you need to connect to the Net, you plug in your Reliance CDMA cellphone to the USB port and click on one icon on the Gnome panel, and it connects automatically. Once this happens, you know that all queued outgoing emails will be pushed out in a few minutes and any new incoming mails will come in. You don't have to watch this happen or run any command; you can simply browse the Net while this happens in the background.

And all the data and email that you keep on your laptop can get backed up to the office server using an incremental backup process. On my laptop, I backup a few GB of data this way, but a typical day's incremental backup takes less than 10 seconds.

This is the only sensible way to use a laptop, I feel, after having seen and used laptops of my own and other people since 1999.

Attachment	Size
UBUNTU-PACKAGE-LIST.txt	662 bytes
debian-for-suse-users.pdf	219.53 KB
interfaces-office.txt	659 bytes
interfaces-dhcp.txt	730 bytes