Ubuntu 18 Instructions (in progress): Difference between revisions

From CSLLabWiki
Jump to navigation Jump to search
Line 95: Line 95:
         password  required    pam_deny.so
         password  required    pam_deny.so
pam_session=session    required    pam_limits.so
pam_session=session    required    pam_limits.so
         session    required    pam_unix.so apt-get install nfs-common
         session    required    pam_unix.so
         session    optional    pam_ldap.so
         session    optional    pam_ldap.so



Revision as of 17:39, 18 January 2019

Installation

NONE OF THIS IS VALID YET!!!!!

You will be using the Ubuntu 18.04.3 Server install disc.

WARNING: The pre-packaged installer does not handle RAID well. GParted does. If partitioning is necessary, try it on live and use GParted to partition prior to installing using the below steps.

1. Select "English"

2. Select "Install Ubuntu Server"

3. Select obvious choices

4. When network setup comes, select manual

  a.  subnet 10.20.3.0/24
  b.  ip     whatever
  c.  gateway 10.20.3.1
  d.  nameservers 10.20.70.16, 10.20.70.17

5. Your name: Lab - Pick a username: lab - Password: qazzaq - Do not encrypt home folder.

Restart now.

Configuration

Setting up root SSH

- sudo vi /etc/ssh/sshd_config

- change PermitRootLogin yes

- sudo service ssh restart


Removing the 'lab' generic account and changing root password

- sudo passwd

- exit

- from a different machine, ssh root@ipaddress

- userdel lab

- rm -rf /home/lab

Update / Upgrade

  • apt-get update
  • apt-get upgrade
  • apt-get dist-upgrade

LDAP / KDM

  • apt-get install aptitude lightdm ubuntu-desktop kubuntu-desktop plasma-desktop
  • apt-get install auth-client-config libpam-ldap libnss-ldap ldap-auth-client ldap-auth-config
    • LDAP server Uniform Resource Identifier: ldap://10.20.3.8
    • Distinguished name of the search base: dc=cs,dc=transy,dc=edu
    • LDAP version to use: 3
    • Make local root Database admin: NO
    • Does the LDAP database require login?: NO
  • Edit /etc/ldap.conf and change / check the following values:
    • host 10.20.3.8
    • base dc=cs,dc=transy,dc=edu (should be set already)
    • uri ldap://10.20.3.8 (should be set already)
    • bind_policy soft
  • Edit /etc/ldap/ldap.conf
    • BASE dc=cs,dc=transy,dc=edu
    • URI ldap://10.20.3.8


  • Edit /etc/auth-client-config/profile.d/transy
[transy]
nss_passwd=passwd: compat ldap 
nss_group=group: compat ldap
nss_shadow=shadow: compat ldap
nss_netgroup=netgroup: compat ldap
pam_auth=auth       required     pam_env.so
        auth       sufficient   pam_unix.so likeauth nullok
        auth       sufficient   pam_ldap.so use_first_pass
        auth       required     pam_deny.so
pam_account=account    sufficient   pam_unix.so
        account    sufficient   pam_ldap.so
        account    required     pam_deny.so
pam_password=password   sufficient   pam_unix.so nullok md5 shadow use_authtok
        password   sufficient   pam_ldap.so use_first_pass
        password   required     pam_deny.so
pam_session=session    required     pam_limits.so
        session    required     pam_unix.so
        session    optional     pam_ldap.so

  • auth-client-config -a -p transy
  • Add the following line near the very top of /etc/pam.d/lightdm AND /etc/pam.d/login
auth    optional        pam_group.so
  • Add the following to the BOTTOM of /etc/security/group.conf:
# This will force all users that logon into these groups
login;*;*;Al0000-2400;cdrom,floppy,plugdev,audio,dip
#kdm;*;*;Al0000-2400;cdrom,floppy,plugdev,audio,dip,video
#gdm;*;*;Al0000-2400;cdrom,floppy,plugdev,audio,dip,video
lightdm;*;*;Al0000-2400;cdrom,floppy,plugdev,audio,dip,video
  • Test LDAP authentication - if "id USERNAME" returns with info about the user... all is good. (Maybe)
root@clarke:~# id kmoorman
uid=1129(kmoorman) gid=110(faculty) groups=110(faculty),800(camp),2100(linux)
  • Make sure you can log-in via KDM! See Potential Pitfalls.

Filesystems

  • apt-get install nfs-common
  • mkdir /classes
  • mkdir /labdata
  • Edit /etc/fstab

Add:


# NFS Filesystems
10.20.3.8:/data/exportfs/home           /home           nfs     defaults,rw
10.20.3.8:/data/exportfs/classes        /classes        nfs     defaults,rw
10.20.3.8:/data/exportfs/labdata        /labdata        nfs     defaults,rw
  • Log-in to Babbage
  • edit /etc/exports
  • exportfs -a
  • exit
  • ssh root@IP
  • mount -a
  • Ensure the NFS filesystems loaded with "ls /home" "ls /classes" "ls /labdata"

Software

apt-get install amarok mplayer firefox thunderbird blackbox fluxbox gimp blender vim emacs xemacs21 nano gedit nedit jedit gcc php perl ruby irb python audacity pidgin gdb xfce4 vlc swi-prolog gdm htop screen mutt eclipse libxi-dev libxmu-dev spim tk make ant xorg k3b kubuntu-desktop ubuntu-desktop mesa-utils flashplugin-nonfree alsa-utils lbreakout2 subversion subversion-tools patch libsvn-perl python-subversion g++ gcc build-essential libxi-dev libxmu-dev mysql-client clisp lynx lbreakout2 csh mesa-utils dia-common git libappindicator1 libindicator7 suckless-tools virtualbox

  • Graphical menus:
    • No configuration
  • Install chrome
wget https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
dpkg -i google-chrome-stable_current_amd64.deb
  • Install Makerware
apt-add-repository http://downloads.makerbot.com/makerware/ubuntu
wget http://downloads.makerbot.com/makerware/ubuntu/dev@makerbot.com.gpg.key
apt-key add dev@makerbot.com.gpg.key
apt-add-repository ppa:fkrull/deadsnakes
apt-get update
apt-get install makerware

Printing (CUPS)

Printer Info:

Name: Starkweather
Host: starkweather.cs.transy.edu
IP: 10.20.3.6
Model: HP Color Laserjet 4500N
Trays: 1

Name: Watson
Host: watson.cs.transy.edu
IP: 10.20.3.7
Model: Lexmark T642 (B&W)
Trays: 1

starkweather

  • hp-setup -i 10.20.3.6
  • Print Queue Name: starkweather
  • Yes

Location: Turing Lab

Additional Information: HP Color Laserjet Pro 400

watson

  • scp 10.20.3.8:/root/keep/Lexmark* .
  • lpadmin -p watson -v socket://10.20.3.7:9100 -L "TURING Lab" -D "Lexmark T642" -P ./Lexmark-T642-Postscript.ppd -E
  • Set watson as default printer
    • lpadmin -d watson

Hosts

  • Add these entries to /etc/hosts
    • Be sure to remove the original line in /etc/hosts for that host (no duplicates, please)
# Servers
10.20.3.4	hollerith.cs.transy.edu	hollerith
10.20.3.9	kay.cs.transy.edu	kay
10.20.3.8	babbage.cs.transy.edu	babbage

# Workstations
## SGI
10.20.3.5	sammett.cs.transy.edu	sammett

## Mac Minis
10.20.3.13	holberton.cs.transy.edu	holberton
10.20.3.30	morello.cs.transy.edu	morello
10.20.3.19	hoover.cs.transy.edu	hoover
10.20.3.29	bartik.cs.transy.edu	bartik
10.20.3.3	calvin.cs.transy.edu	calvin
10.20.3.47	lamarr.cs.transy.edu 	lamarr	
10.20.3.48	spence.cs.transy.edu	spence	

## Linux
10.20.3.15	burks.cs.transy.edu	burks
10.20.3.14	clarke.cs.transy.edu	clarke
10.20.3.25	fox.cs.transy.edu	fox
10.20.3.23	garrett.cs.transy.edu	garrett
10.20.3.21	granville.cs.transy.edu	granville
10.20.3.11	hopper.cs.transy.edu	hopper
10.20.3.12	lovelace.cs.transy.edu	lovelace
10.20.3.28	winters.cs.transy.edu	winters
10.20.3.26	forsythe.cs.transy.edu	forsythe
10.20.3.42	goldstine.cs.transy.edu goldstine	
10.20.3.43      lichterman.cs.transy.edu lichterman
10.20.3.45      antonelli.cs.transy.edu antonelli
10.20.3.46	mayer.cs.transy.edu	mayer 

## Mac
10.20.3.20      borg.cs.transy.edu  	borg 

# Other
10.20.3.22	bonnie.cs.transy.edu	bonnie

# Color HP Laser Printer
10.20.3.6       starkweather.cs.transy.edu starkweather

# B&W Lexmark Laser Printer
10.20.3.7       watson.cs.transy.edu watson

At Boot

  • update-rc.d -f apache2 remove
  • update-rc.d -f apparmor remove
  • Edit /etc/rc.local - add echo "2147483648" > /proc/sys/kernel/shmmax

Remove Shutdown

  • While logged in as root:
  • mv /sbin/shutdown /sbin/shutoff
  • The computer will now be unable to shut down except for the power button and calling the shutoff file like this:
  • shutoff -h now