Ubuntu 8: Difference between revisions

From CSLLabWiki
Jump to navigation Jump to search
Line 97: Line 97:


=== Configuring LDAP Authentication ===
=== Configuring LDAP Authentication ===
* First we need to get GDM (the graphical login) and its dependencies installed so..
# apt-get install gdm
# apt-get install auth-client-config libpam-ldap libnss-ldap ldap-auth-client ldap-auth-config
# apt-get install auth-client-config libpam-ldap libnss-ldap ldap-auth-client ldap-auth-config
## LDAP server Uniform Resource Identifier: ldap://10.20.3.8
## LDAP server Uniform Resource Identifier: ldap://10.20.3.8
Line 112: Line 116:
## BASE dc=cs,dc=transy,dc=edu
## BASE dc=cs,dc=transy,dc=edu
## URI ldap://10.20.3.8
## URI ldap://10.20.3.8
# Edit /etc/auth-client-config/profile.d/transy
<code><pre>
[openldap]
nss_passwd=passwd: ldap files
nss_group=group: ldap files
nss_shadow=shadow: ldap files
pam_auth=auth      required    pam_env.so
        auth      sufficient  pam_unix.so likeauth nullok
        auth      sufficient  pam_ldap.so use_first_pass
        auth      required    pam_deny.so
pam_account=account    sufficient  pam_unix.so
        account    sufficient  pam_ldap.so
        account    required    pam_deny.so
pam_password=password  sufficient  pam_unix.so nullok md5 shadow use_authtok
        password  sufficient  pam_ldap.so use_first_pass
        password  required    pam_deny.so
pam_session=session    required    pam_limits.so
        session    required    pam_unix.so
        session    optional    pam_ldap.so
</pre></code>
# auth-client-config -a -p transy
# Add the following line near the very top of /etc/pam.d/gdm AND /etc/pam.d/login
<code>
auth    optional        pam_group.so
<code>

Revision as of 23:26, 2 September 2009

Installation and Configuration

Installation i386 (32-bit)

  1. Download and burn the latest Ubuntu Server-Edition LTS ISO for i386 (8.04.3 used for these instructions)
  2. Boot from CD

Installation x86_64 (64-bit)

  1. Download and burn the latest Ubuntu Server-Edition LTS ISO for x86_64 (amd64) (8.04.3 used for these instructions)
  2. Boot from CD


Installation (both 32 and 64 bit)

  1. Select "English"
  2. Select "Install Ubuntu Server"
  3. Select "English"
  4. Select "United States"
  5. Detect keyboard layout -> NO
  6. Select "USA"
  7. Select "USA"
  8. !!! It will now attempt to use DHCP.. cancel this or select "Go Back" on the following screen
  9. Select "Configure network manually"
    1. Enter the IP address of the workstation. Ex: 10.20.3.15
    2. Enter the Netmask of "255.255.255.0"
    3. Enter the Gateway of "10.20.3.1"
    4. Enter the Nameservers "10.20.70.16 10.20.70.17"
  10. Hostname: Set the FQDN of the machine as the hostname. Ex: clarke.cs.transy.edu
  11. Select "Eastern" time zone

Partitioning (Single Disk)

  1. Select the "Manual" method
  2. Use the arrow keys to highlight the disk (usually sda) and press enter
  3. Confirm the dialog to create a new empty partition table.
  4. Select the "FREE SPACE" and press enter.
  5. Create the following partitions:
    1. (TotalSpace - 2 GB), primary, mountpoint: /, use as: ext3, options: bootable
    2. 2 GB, logical, use as: swap
  6. Select "Finish Partitioning" and write the changes to disk

Partitioning (Software RAID 1)

Finish Up

  1. Full name for new user: lab
  2. Username for your account: lab
  3. Password: lab (this user will be deleted later)
  4. Verify Password
  5. Leave the HTTP proxy box empty and select "Continue"
  6. Note: If it freezes "Scanning the mirror" unplug and replug the ethernet cable once.
  7. Software to install: Select "OpenSSH server" and select "Continue"
  8. The system will finish configuring and ask you to "Continue" before it reboots.

Configuration (via SSH)

  • This section is done via SSH as a convenience for installing multiple systems.. but can be done from the keyboard.
  1. ssh lab@HOST.cs.transy.edu
  2. sudo su -
  3. passwd root (set the current root password)
  4. exit
  5. exit
  1. ssh root@HOST.cs.transy.edu
  2. userdel lab
  3. rm -rf /home/lab
  4. Transfer or enter the following into /etc/apt/sources.list:
  • 32-bit:
deb http://babbage.cs.transy.edu/ubuntu-i386/ hardy main restricted universe multiverse
deb http://babbage.cs.transy.edu/ubuntu-i386/ hardy-updates main restricted universe multiverse
deb http://babbage.cs.transy.edu/ubuntu-i386/ hardy-security main restricted universe multiverse

#deb http://babbage.cs.transy.edu/ubuntu-i386/ hardy-backports main restricted universe multiverse
#deb http://babbage.cs.transy.edu/ubuntu-i386/ hardy-proposed main restricted universe multivers
  • 64-bit:
deb http://babbage.cs.transy.edu/ubuntu-amd64/ hardy main restricted universe multiverse
deb http://babbage.cs.transy.edu/ubuntu-amd64/ hardy-updates main restricted universe multiverse
deb http://babbage.cs.transy.edu/ubuntu-amd64/ hardy-security main restricted universe multiverse

#deb http://babbage.cs.transy.edu/ubuntu-amd64/ hardy-backports main restricted universe multiverse
#deb http://babbage.cs.transy.edu/ubuntu-amd64/ hardy-proposed main restricted universe multivers
  1. apt-get update
  2. apt-get upgrade
  3. apt-get dist-upgrade

Switch to Generic Kernel

  • Since the Ubuntu kernels have virtualization built in which is not compatible with nvidia drivers. Even after this is resolved, it is still nice to run the official kernel.org generic sources. Very compatible.
  1. uname -a
  2. apt-get install linux-image-generic linux-doc-2.6.XX linux-source-2.6.XX (replace XX with the sub-version output from uname)
  3. apt-get remove linux-image-2.6.XX-YY-server --purge (again XX from uname)
  • REBOOT!
  1. ssh root@HOST.cs.transy.edu

Configuring LDAP Authentication

  • First we need to get GDM (the graphical login) and its dependencies installed so..
  1. apt-get install gdm
  1. apt-get install auth-client-config libpam-ldap libnss-ldap ldap-auth-client ldap-auth-config
    1. LDAP server Uniform Resource Identifier: ldap://10.20.3.8
    2. Distinguished name of the search base: dc=cs,dc=transy,dc=edu
    3. LDAP version to use: 3
    4. Make local root Database admin: NO
    5. Does the LDAP database require login?: NO
  1. Edit /etc/ldap.conf and change the following values:
    1. host 10.20.3.8
    2. base dc=cs,dc=transy,dc=edu
    3. uri ldap://10.20.3.8
  1. Edit /etc/ldap/ldap.conf
    1. BASE dc=cs,dc=transy,dc=edu
    2. URI ldap://10.20.3.8
  1. Edit /etc/auth-client-config/profile.d/transy
[openldap]
nss_passwd=passwd: ldap files
nss_group=group: ldap files
nss_shadow=shadow: ldap files
pam_auth=auth       required     pam_env.so
        auth       sufficient   pam_unix.so likeauth nullok
        auth       sufficient   pam_ldap.so use_first_pass
        auth       required     pam_deny.so
pam_account=account    sufficient   pam_unix.so
        account    sufficient   pam_ldap.so
        account    required     pam_deny.so
pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok
        password   sufficient   pam_ldap.so use_first_pass
        password   required     pam_deny.so
pam_session=session    required     pam_limits.so
        session    required     pam_unix.so
        session    optional     pam_ldap.so
  1. auth-client-config -a -p transy
  2. Add the following line near the very top of /etc/pam.d/gdm AND /etc/pam.d/login

auth optional pam_group.so

Retrieved from "http://www.cs.transy.edu/wiki/index.php?title=Ubuntu_8&oldid=201"