m23 logo

m23 is a free software distribution system licensed under the GPL, which installs and administers clients with

m23 is controlled via webbrowser. The installation of a new m23 client is done in only three steps and the integration of existing clients is possible, too. Group functions and mass installation tools make managing a vast number of clients comfortable. Client backup and server backup are included to avoid data loss. With the integrated virtualisation software, m23 can create and manage virtual m23 clients, that run on real m23 clients or the m23 server. Scripts and software packages (for installation on the clients) can be created directly from the m23 web interface.

Read more>>


m23 features

Administration via webbrowser

The entire administration is done via webbrowser and is possible from all computers having access to the m23 server via network. The installation of additional administration software is not necessary. A remote access to the m23 server via PDA or laptop is easily possible. Authentification and SSL encryption secure the communication and prevent undesirable access.

Three steps to your complete client

Installing a client with m23 is rather simple. Only three steps are required for a completely installed client.

1. Adding the client
Screenshot: Add client

First, you need to enter some values for the client. These are, for example, the network settings (IP, networkmask, etc.), user name and password or the name of an LDAP server that manages your user accounts.

2. Partitioning, formatting and installation of the operating system
Screenshot: Client partitioning and formatting

All clients can be partitioned and formatted individually. The resulting partitions can be used for the installation of the operating system, the creation of software RAIDs, for data storage or as swap space. The installation will start after the selection of the operating system.

3. Installation of additional software
Screenshot: add more packages

You can install additional software packages in the last (optional) step.

Integration of existing clients into m23

Existing Debian-based systems (Debian, Ubuntu, Kubuntu, Xubuntu) can be assimilated into the m23 system easily and are then administered like a normal client that was installed with m23. Only the specification of the client's name, its IP or hostname and the root password are required. The client, which is to be integrated, is then scanned and its hardware information and the status of installed packages are transmitted to the m23 server.

Group functions

You will like the convenient group functions if you have a big amount of clients that need to install new software or if other routine jobs need to be done. E.g. a new software package can be installed on all clients or be removed from all clients of a group. In addition, an update or a client recovery can be accomplished on all group members.

Mass installation

The mass installation tools are handy, if you need to install a big amount of clients with similar requirements (and maybe different hardware). The mass installation is done in three steps.

1. Creation of a defined client
Screenshot: Define client model

A model client, that holds the basic settings (such as the default gateway or the group name), is defined (but not installed). The real clients are to be derived from this defined client. The defined client gets a partitioning and formatting for its virtual harddrive (as well as rules what to do if the real harddrives are differing in size or type), the operation system and appropriate software packages.

2. Choosing the parameter generator options
Screenshot: Select generation method for parameters

Now you have to choose which of the settings, that can or have to be different on each client, shall be kept (e.g. user name), generated automatically (e.g. client name) or read from a file or entered by hand (e.g. MAC address). The partitioning of the virtual harddisk will be adjusted on client deployment.

3. Final review of the client parameters
Screenshot: Review generated parameters

In this last step you see all the parameters and values of all clients in a table and you can change the values by hand. It is possible to change the number of clients, too. Automatically generated client parameters will be calculated in the required amount or existing clients will be removed.

Client features

Operating systems

m23 supports:

m23 supports Debian, Ubuntu, Kubuntu, Xubuntu, Fedora, Linux Mint, elementary OS, CentOS and openSUSE. The choice of the Linux distribution is a matter of taste and a question of the functional range. m23 gives the administrator the chance to choose the right distribution for each client individually which can be installed automatically. m23 allows to manages all clients via the same m23 administration interface, no matter which distribution is installed.

Free partitioning and formatting

In addition to the automatic partitioning and formatting, m23 supports individual harddrive setups. The resulting partitions can be used for the operating system, to store data and for swapping. The m23 interface includes all necessary functions for deleting, adding and formatting of partitions and for assigning them to mountpoints, installation or swap usage. In addition, it is possible to reuse the existing partition layout for the installation.

Support for software RAIDs

Partitions or entire harddrives can be combined into software RAIDs. m23 supports the RAID levels 0, 1, 4, 5, 6 and 10. These RAID levels have advantages and disadvantages in relation to speed increase and data reliability. RAIDs can be used like normal partitions to install operating systems to or to use them as swap or storage space. You can install the Linux kernel and its modules on a separate (non-RAID) partition to be able to install an operating system on all possible RAID levels.

User management with LDAP

User accounts can be managed with a central LDAP server. This increases the ease of use in environments with many clients and a lot of users. The OpenLDAP server is shipped with the m23 server and can be administered via the highly integrated phpLDAPadmin. m23 can use existing LDAP entries for new m23 clients or add extra entries on adding an m23 client.

NFS for storing home directories

An NFS server for storing the user's home directories is a good supplement to an existing LDAP server. Using an NFS server simplifies the making of backups dramatically in contrast to a lot of clients storing the home directories on local harddrives. As a benefit of this combination the user has the alternative to log in into any client and find her or his own desktop and files.

Software packages

Thousands of software packages like office packages, graphic tools, server applications or games can be installed via the webinterface. Software installation or removal jobs are carried out at boot time or while the client is in normal use.

Software choice in different distributions

The Linux distributions that are installable with m23 offer a large variety of free software, which can be installed easily. In addition to the package sources recommended by m23 other package sources can be added to install software from other suppliers.

Package dependency check

You can check if the removal or installation of software will be sucessful before the actual process. The administration interface gives a warning message, e.g. if a package can not be installed due to unsolved dependencies.

Automatic software package caching


Software packages are downloaded from the internet to keep them up-to-date. The packages are then cached to ensure that every package is downloaded only once. If a certain package is installed a second time, the package will be installed from the cache. In case that a new version of the package exists, the latest package will first be downloaded and stored in the cache. On your m23 server this job is done by the proxy cache Squid.

Pool builder for building package sources

Package source architect

The pool builder makes it possible to combine software packages from different media (CD, DVD, internet) on the m23 server and convert them to a package source. These package sources can be used to install clients. This can be done without an internet connection or if the internet connection is rather slow. It is possible, too, to add selfmade packages to the pool.

Graphical desktops

Support for:

The m23 clients can be installed as workstation with the graphical user interfaces KDE, Gnome, XFce, LXDE and pure X11 or as a server without graphical subsystem. In most server setups, the server doesn't need a user interface because most of the server software runs in text mode. If you choose the Ubuntu distribution you can also install Unity, for Linux Mint Mate or Cinnamon and for Kubuntu "Kubuntu desktop" (KDE based), and for elementary OS, there is the Pantheon desktop.

Imaging: Installation using image files

An image file of a partition or entire harddisk can be used to install other clients. These image files are taken from installed clients with all their software packages and settings. The creation of these image files is included in the m23 administration interface for your comfort. Image files can be compressed to save storage space and bandwidth on rollout. An image file can be used to install any number of clients. After the end of the transfer, the client will be adjusted like a client that was installed from software packages. This is done on Debian, Ubuntu, Kubuntu and Xubuntu clients. These "image clients" can be managed like "normal clients" with m23, this includes software installation and other administrative tasks.

Client backup


Personal data and additional settings can be backupped and restored with the integrated software BackupPC. This is necessary for all personal data which is not handled by m23.

Client recovery

A client can be reinstalled with excactly the same software selection and configuration as it was installed with m23 before. This is done with the recovery feature directly from the m23 interface. The recovery includes the complete installation with partitioning and formatting. All settings done with m23 will be restored. Manual changes need a recovery from a backup medium.

Rescue system

The m23 rescue system is a minimal Linux environment that can be booted on the clients via the network. You can use it for on-location maintenance or via an SSH console. The administrator has full access to the client and can do all administrative work. Additional tools (e.g. the client log) support the administrator with his/her fault analysis.

Client virtualisation


The free virtualisation solution VirtualBox OSE is now (optional) part of m23 and can be installed directly on the m23 server as well as on the managed m23 clients. Required for virtualisation is a current Debian system (Debian Lenny or Squeeze). Virtual m23 clients which act on the network just like normal m23 clients are managed via the m23 server as usual. These virtual clients can be partitioned and formatted like a normal PC and of course the operating system and additional software can be installed as well.

VirtualBox OSE packages are available for 32 and 64 bit machines, that can be installed directly via the m23 web interface on the m23 clients. These m23 clients are virtualisation hosts for virtual m23 clients after the installation. Virtualisation may be useful to use the existing ressources of your computers better (e.g. office PCs that usually wait for user input most of the time or on a web server).

Screenshot: Installation on a virtual client

You can check the usage of harddisk and memory on the virtualisation host in the "VM creation dialog" before you create a new virtual m23 client. So you can take care not to assign too much harddisk space or memory to the VM. The newly created VM runs through the usual 3-step-setup after the creation is done.

Virtual m23 clients can run in graphical mode or without visible output. A modified VNC server was integrated for the graphical output to replace the VRDP feature of the non-free VirtualBox edition. It can be used to access the virtual clients from the boot on and allows to engage if problems occur. The VNC session contains the VirtualBox window with the running virtual m23 client and is based on the lightweight window manager flwm. An analog clock, a terminal and a button to shut down the session together with the VirtualBox machine are visible too.

Improve m23

The m23 interface and the entire m23 system can be improved with extra functions.

The MDK (m23 Development Kit) is a powerful environment to adjust m23 to your needs. E.g. you can create your own m23 server installation CD or build new network boot images with new modules.

Using the m23 extension halfSister, the ambitious administrator can easily make his or her favourite Linux distribution installable with m23, like it was already done with CentOS, openSUSE and Fedora.

Server features

How does it work?

m23 differentiates between servers and clients. An m23 server is used for software deployment and the management of the clients. Computers which are administered by the m23 server are the clients.

Diagram of m23 hierarchy

The client is booted over the network during the installation of the operating system. It is possible to start the client with a bootrom on its network card, with a boot disk or with a boot CD. The client's hardware is detected and set up. The gathered hardware and partition information is sent to the m23 server. Afterwards, this information is shown in the m23 administration interface. Now the administrator has to choose how to partition and format the client. Other settings include e.g. the distribution to be installed on the client.

Server backup

Server backup

The server backup function stores the m23 server with all its data at given points in time. The backups contain all information necessary to restore the whole m23 server functionality. Multiple points in time can be selected for this purpose. GPG encrypted backup files can be transferred to external servers automatically.

A GPG key management was integrated into the m23 webinterface, too. After a data fault the restore script will first install an "empty" m23 server and use the backup to bring it into a previously saved state. A short guide showing the restoring steps can be printed out directly from the m23 web interface (and should be before an emergency occurs!).

Variable firewall

A variable firewall makes sure that only safe values will be handed to the database. This should prevent SQL injection attacs.

IP manager

The IP management allows you to connect network settings to a MAC address, so that the necessary values are sent to the respective device via DHCP. Aside from this direct assignment, IP ranges can be defined, within which the IPs can be assigned dynamically (e.g. to notebooks). Specific settings (e.g. client name, MAC address) or specific IP ranges can now be blocked, so m23 cannot wrongly use these for m23 clients.

Copyright and usage notice for this text

You are allowed to use this text entirely, partly or in a modified form (e.g. for a press article or for product description in CD shops).

Creative Commons License: CC-BY-2.0

This text is licensed under the Creative Commons Attribution 2.0 License.

And of course we would be very happy, if we got a copy of your article or a URL where to find it ;-)


Chemnitzer Linux-Tage 2017

We are happy to be part of the Chemnitzer Linux-Tagen (21.3. und 22.3.) with an m23 booth for the second time :-)

At our booth, we will demonstrate m23 (live) on virtual machines and will be answering all your questions and be available for technical discussions. So if you always wanted to know why your enterprise / organisation etc. really needs to use m23, visit us at our booth ;-)
If our booth is big enough (tbd), we will also bring our Tux Droid Quiz (video), which allows you to demonstrate your vast knowledge about Linux, m23 and penguins.
And it may just be that we also bring m23 rock 17.2 (eg. with support for Debian 9) :-)

Don't miss our tombola with t-shirts sponsored by getDigital.

Workshop: Inkscape für Einsteiger


On Saturday, March 11 2017, you can take advantage of participating in Maren's workshop "Inkscape für Einsteiger" (Inkscape for beginners). As there is only a limited number of seats available, you should hurry to reserve yours! ;-) Reservation deadline is on March, 8th 2017.
Further info (room, needed previous knowledge etc.) and the reservation form can be found at Inkscape für Einsteiger.

Have fun - and hope to see you soon in Chemnitz!


From this version on, m23 supports the installation of clients with Linux Mint 18 Sarah and Linux Mint 18.1 Serena. As usual, there are a couple of desktop environments included. The new functionality for comparing the package status allows for a quick overview of packages installed on clients. Of course, this release also includes a couple of changes and other improvements.

Linux Mint 18 Sarah

Cinnamon on Linux Mint 18
Cinnamon on Linux Mint 18

For your m23 clients with Linux Mint 18, you will have the choice among these four preconfigured graphical desktop environments: KDE, Mate, Cinnamon and Xfce. Mate and Cinnamon are currently available on Linux Mint 18.1 clients. The new release contains a set of new or updated programs. The full range of functionality of m23 is now available for Linux Mint 18 / 18.1, too.

Fortunately, the adaptations needed for adding the new Linux Mint release were rather small, which is why this m23 version is available rather shortly after the release of the previous version. Contrary to Linux Mint 17.x (where there were issues with the configuration), the VirtualBox guest additions are now installed and configured automatically, when a client with Linux Mint 18 / 18.1 is running inside VirtualBox. The KDE version of Linux Mint now uses the login dialog provided by SDDM.

Compare package status

Compare package status
Compare package status

In the new dialog "compare package status", which was requested by a client, you can now compare the packages of two client systems.

The comparison takes package names, version numbers and the packages' installation status into account. This allows you to see if packages have a history on both clients, and if their version number and installation status match. Differences are highlighted by color in the resulting table. The functionality can not only compare two clients directly, but can also make use of files that contain the package status of a client. Thus, it's possible to compare between two clients, two package status files, or a client and a package status file. The package status file can be created in the client control center.

This and that

The Editing functions of the m23 API have been extended by a function to comment out all lines that contain a specific key word. From this version on, the m23 package, when installed or updated, will execute the script /m23/bin/postinstHook.sh, if the file is available. This feature is especially useful when used together with m23customPatch, to make sure that your changes will be available after an update of your m23 server.
Upon installing a new client, two new tests now check if the base system archive was downloaded and unpacked to the client successfully. If this isn't the case, the client will not proceed with the installation and instead will commuicate a critical status to the m23 server.
New help texts now mention a script that will remove the m23-specific configurations (e.g. package proxy in APT) from a former client system after removal of the client. The source code that generates an error message about another DHCP server in the network, which is displayed in the m23 web interface, is now enclosed in a deletable m23customPatch region, so you can remove the message in your m23 environment, if needed.
During Integration of existant, Debian-based systems, the release name of the distro will now be detected more reliably and will be sent to the m23 server. If no GPG key is selected, a warning will be shown on pages that (optionally) use the key, telling you that, without a key, signature and encryption functionalities will not not available.

Downloads / Update

The latest version is available as an update via the m23 interface, via APT (Note: package source server for packages specific to m23 is now "deb http://m23inst.goos-habermann.de ./", configure as is described in the installation guide.), as ISO file to create an m23 server installation medium, as preinstalled virtual machine or as image file for RaspberryPi (the latter three are available in the download section).


Some m23 servers seem to be unable to install or update m23 from the package repository on the SourceForge mirrors currently. The error is shows as "Hash Sum mismatch" during apt-get update. A new repository was created to solve the problem.

Edit the /etc/apt/sources.list on your m23 server, if you get this error too. Delete all lines containing sourceforge.net. Add a new line with deb http://m23inst.goos-habermann.de ./ at the end of the file.
Update the package index via apt-get update. For an update use the command apt-get dist-upgrade. For installation of m23 use apt-get install m23.


The latest version of m23 comes with a new option to sign local package sources (including GPG key management), new configuration settings for an m23 server that is using a proxy and a new command line tool that allows users to modify the m23 source code in predefined locations. This release also includes a bunch of smaller changes and fixes.

Signing Package Sources

To enable the installation of m23 clients using a fixed set of packages, or to allow for a setup without internet connection, it has already been possible to set up local package sources on the m23 server for a long time. What's new is that these can now be signed, to protect them from being tampered with. The m23 interface now provides a dialog for managing your GPG keys and an option to add a signature in the package source architect and the package architect dialogs. The public key of the GPG key that was used for the signature will be imported to the m23 clients to allow them to verify the package authenticity.

System-wide Proxy Settings

System proxy dialog
System proxy dialog

In the case of running an m23 server behind a proxy server, it was previously necessary to change the settings in different places in order to allow the m23 server to work as usual. Now there is a quick an easy option to configure a proxy server system-wide, and to activate / deactivate using it, available in the m23 interface. The proxy settings from this dialog will be used for all apt and wget calls, for accessing the internet from the m23 api and for the squid proxy that caches client packages.

Modifying the Source Code with m23customPatch

With the m23customPatch tool, users can modify the m23 source code in predefined places. The modifiable code regions are marked as being deletable / modifiable. With the help of a corresponding m23customPatch file, it is, for example, now possible to exchange the logo in the m23 web interface.

This and That

During the installation of the client base system, the package apt-transport-https will now be included, to enable access to package sources using HTTPS. A new option for client recovery allows to merge multiple identical client jobs into one. Client groups can now have a description associated with them. The m23 api was extended by functions for writing and reading the key-value database for client parameters. The modular m23 command line tool can now also be used to create, delete or list admin accounts for the m23 web interface. Instead of a (possibly insecure) DSA SSH key, the m23 server will now create an 8k RSA SSH key when it is being installed.


Upon integration of an existing client, m23 no longer waits for the download of a non-existant base system archive to finish. The function HELPER_xargsRecursive, which is, for example, used to split package lists, now takes all elements into account. For packages that are being downloaded into a local package source, the file names will now be adapted, so they only contain valid characters. The bash code that writes m23fetchjob works correctly now and ASSI_prepareClient no longer calls a non-existant function.

Downloads / Update

The latest version is available as an update via the m23 interface, via APT (Note: the package sources server for packages specific to m23 is now"heanet.dl.sourceforge.net", setup as described in the installation guide), as ISO file for the creation of a bootable medium, as preinstalled virtual machine or as image file for RaspberryPi (the latter three can be found in the download section).