Ubuntu
From NA-Wiki
Contents |
Ubuntu @ NA
The installation process is divided into two stages. The first stage contains nessicary steps which you need to do to have your system compliant to the KTH policy.
Username and hostname
Don't use your username @ NADA.KTH.SE as your username during the installation. Instead use "ubuntu-user" as your local username.
When asked for hostname use the fully qualified hostname of the computer, i.e., something like naXY.nada.kth.se according to the label on your machine.
Partitioning the system
This is what it should look like.
Partition the system like this:
100 MB /boot 2000 MB swap 8000 MB /var/cache 20000 MB / 20000 MB /home 20000 MB /NOBACKUP
Reboot into the system
Now shutdown from the Live installation CD and eject the CD. After that reboot into the new fresh installed Ubuntu 7.04 system.
You will get a update manager request to update. This is very important: Always update your computer each day when new updates are available
Setup root access
Enable local root account by open a terminal and typing
sudo su - passwd
sudo su - will change user into root (the system administrator account). Then you enable the root account by setting a password. Don't pick a too simple password
Now reboot your computer for all effects to take effect. This is very important and later steps depend on it.
X.org
First off, install the proprietary NVIDIA drivers. Enable then from the System/Administration/Restricted Drivers Manager menu item.
Note: If you have a widescreen monitor (NA2007 PC), then follow the instructions below, otherwise the default xorg.conf just works.
When enabled you will be instructed to reboot. Do that after you have installed the new xorg.conf file according to the instructions below.
We need to change the /etc/X11/xorg.conf file according to
https://bugs.launchpad.net/ubuntu/+source/xresprobe/+bug/63551
Get the proper xorg.conf here
Install it with:
sudo wget -O /etc/X11/xorg.conf http://na37.nada.kth.se/restricted/ubuntu/xorg.conf
Installing OpenAFS
It is very important that your kernel is upgraded before you do this. Ubuntu kernel 2.6.20-15 is broken and cannot work together with OpenAFS
Open up a terminal and do the following:
sudo apt-get install build-essential module-assistant openafs-modules-source sudo m-a build openafs sudo m-a install openafs
Install the OpenAFS configuration files:
sudo wget http://na37.nada.kth.se/restricted/ubuntu/openafs_conf.tar -O /tmp/openafs_conf.tar sudo tar xfPv /tmp/openafs_conf.tar
Now install the OpenAFS client (press ENTER on questions):
sudo apt-get install openafs-client
Verify that your /etc/openafs/afs.conf.client looks like this:
AFS_CLIENT=true AFS_AFSDB=true AFS_CRYPT=false AFS_DYNROOT=false AFS_FAKESTAT=true
Now you only have to restart the client:
sudo /etc/init.d/openafs-client restart
Attach:openafs_conf.tar
Technical Note:
Systemgruppen uses: -afsdb -dynroot -fakestat -stat 4000 -dcache 4000 -daemons 6 -volumes 256 -files 50000
From Ubuntu configuration (old documentation):
# cache < 128MB $SMALL # 128MB < cache < 512MB $MEDIUM # 512MB < cache < 1GB $LARGE # 1GB < cache < 2GB $XLARGE # 2GB < cache $XXLARGE # # You can override that default behavior by setting OPTIONS below. XXLARGE="-chunksize 20 -files 80000 -dcache 10000 -stat 15000 -daemons 6 -volumes 500" XLARGE="-chunksize 20 -files 50000 -dcache 10000 -stat 15000 -daemons 5 -volumes 250" LARGE="-chunksize 18 -files 25000 -dcache 10000 -stat 15000 -daemons 5 -volumes 200" MEDIUM="-chunksize 18 -files 10000 -dcache 5000 -stat 7500 -daemons 3 -volumes 200" SMALL="-chunksize 18 -files 2500 -dcache 2000 -stat 3000 -daemons 2 -volumes 200"
Kerberos
Open up a terminal and do the following:
sudo apt-get install heimdal-clients{,-x} sudo wget http://na37.nada.kth.se/restricted/ubuntu/krb5.conf -O /etc/krb5.conf
Important Kerberos commands
kauth - Kerberos authentication. ktelnet - Kerberos Telnet. The telnet binary is not wrapped as in Redhat. kftp - Kerberos FTP client. rxtelnet - Ktelnet with X11 tunneling.
See the man page of each command for further details.
Installing Kerberos behind NAT in your home
Add this section to the krb5.conf file attached to this page.
[appdefaults] no-addresses = true proxibable = true
You might also want to add renewable = true and forwardable = true.
You must also add your domain to the [domain_realm] section
[domain_realm] ubuntu-user-desktop = NADA.KTH.SE ...
Attach:krb5.conf
PAM (Pluggable Authentication Modules)
http://www.kernel.org/pub/linux/libs/pam/
Install passwd and group files
Download the file purify.sh and run it:
wget http://na37.nada.kth.se/restricted/ubuntu/purify.sh -O /tmp/purify.sh chmod +x /tmp/purify.sh sudo /tmp/purify.sh
Now the users and groups from the NADA.KTH.SE domain is merged into the local files.
This should be replaced by LDAP but even Systemgruppen are using this "hack" today. A change is coming soon according to ragge.
You need to change in /etc/group and replace ubuntu-user with your login name.
After you have done that, please remove the ubuntu-user by typing,
sudo deluser ubuntu-user
Setup PAM login
sudo apt-get install libpam-openafs-session
Change login scripts
Download gdm and install it into /etc/pam.d/gdm
su mv /etc/pam.d/gdm /etc/pam.d/gdm.orig wget http://na37.nada.kth.se/restricted/ubuntu/gdm -O /etc/pam.d/gdm
and apply the same thing to sudo and gnome-screensaver. We need to be careful now
su cd /etc/pam.d mv sudo sudo.orig cp gdm sudo mv gnome-screensaver gnome-screensaver.orig cp gdm gnome-screensaver mv ssh ssh.orig cp gdm ssh
Finish up
Now restart your computer and try and login as your NADA.KTH.SE user!
Notes:
There might be some other systems which also needs to be enabled under /etc/pam.d
Printers
Put this file in/etc/cups/
and then restart the server:
sudo /etc/init.d/cupsys restart
Install mail is simple! Just type
sudo apt-get install postfix mailx
choose satellite system and just press enter when asked other questions, but don't select any relay host (remove smtp.nada.kth.se)
Change /etc/mailname to say: nada.kth.se
Change /etc/aliases such that,
# Added by installer for initial user root: na-hacks@csc.kth.se, YOUR-USER-NAME@csc.kth.se
Important: Replace YORU-USER-NAME@csc.kth.se with your own e-mail address!
Finally, do as root
newalises /etc/init.d/postfix restart
Automatic upgrades
First install the following
apt-get install cron-apt wget -O /etc/cron-apt/config http://na37.nada.kth.se/restricted/ubuntu/cron-apt/config wget -O /etc/apt/security.sources.list http://na37.nada.kth.se/restricted/ubuntu/cron-apt/security.sources.list
When you are on vacation
Remove the -d flag from /etc/cron-apt/action.d/3-download and put an automatic reboot in /etc/cron.d/cron-apt like:
0 4 * * * root test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt && /sbin/reboot
When you are back from the vacation remove the reboot statement from above and the -d switch from the action.d directory.
Modules
su mkdir -p /pkg/modules ln -s /afs/nada.kth.se/pkg/modules/* /pkg/modules
Create a file /etc/csh.modules containing the following:
# /etc/csh.modules ------------------------------------------------------ source /pkg/modules/default/init/tcsh if ( $SHLVL == 1 ) then setenv MANPATH `manpath -g` if ( -r $HOME/.modules ) then source $HOME/.modules endif endif
The "hack" for manpath is due to this "feature" in the man command. Finally add to the top of /etc/csh.cshrc a line
source /etc/csh.modules
Note: Based on the function of /etc/profile.d/nada-always.csh
Non essential changes (for now)
Installing Matlab
sudo mkdir -p /pkg/matlab sudo rsync -avPz /afs/nada.kth.se/pkg/matlab/r2007a /pkg/matlab sudo ln -s /pkg/matlab/r2007a/bin/matlab /usr/local/bin
Then add /usr/local/bin to your local search path. For instance by adding
setenv PATH /usr/local/bin:${PATH}
in your .login file.
Installing Mathematica
sudo mkdir -p /pkg/mathematica/5.2 sudo rsync -avPz /afs/nada.kth.se/pkg/mathematica/5.2/os/ /pkg/mathematica/5.2/ sudo rm -rf /pkg/mathematica/5.2/bin sudo ln -s /pkg/mathematica/5.2/Executables/* /usr/local/bin
And as usual you must add /usr/local/bin to your PATH. See the installation instructions for Matlab.
Open SSH
First install theopenssh-serverpackage. Then get the instructions howto verify the finger print and install the key in
/root/.ssh/authorized_keyssuch that
rootcan login from any other Ubuntu machine.
You are not allowed to directly install to /root/.ssh/authorized_keys without first verifying the finger print!
If you fail to do so you might be causing a security breach
The fingerprint and instructions is on a paper in room 4520 to the left of the white-board.
Furthermore, ssh needs to be changed in /etc/pam.d by
cd /etc/pam.d sudo mv ssh ssh.orig sudo cp gdm ssh
Emacs
After the installation, install emacs
sudo apt-get install emacs emacs-goodies-el
emacs-goodies-el contains Matlab support and much more.
Swedish dictionary for ispell
sudo apt-get install aspell-sv
Don't forget to turn on syntax highlighting and parenthesis matching modes!
LaTeX
We want texlive (not the old tetex packages)
sudo apt-get install texlive
Some packages (such as psfig and algorithm) are not in that distribution. To get them install texlive-generic-extra.